#include <string.h>
#include <pexpert/pexpert.h>
+extern int panic_on_exception_triage;
+
unsigned long c_thr_exc_raise = 0;
unsigned long c_thr_exc_raise_state = 0;
unsigned long c_thr_exc_raise_state_id = 0;
struct exception_action *excp,
lck_mtx_t *mutex);
+static kern_return_t
+check_exc_receiver_dependency(
+ exception_type_t exception,
+ struct exception_action *excp,
+ lck_mtx_t *mutex);
+
#ifdef MACH_BSD
kern_return_t bsd_exception(
exception_type_t exception,
* Save work if we are terminating.
* Just go back to our AST handler.
*/
- if (!thread->active)
+ if (!thread->active && !thread->inspection)
return KERN_SUCCESS;
/*
state, state_cnt,
state, &state_cnt);
}
- if (kr == MACH_MSG_SUCCESS)
+ if (kr == MACH_MSG_SUCCESS && exception != EXC_CORPSE_NOTIFY)
kr = thread_setstatus(thread, flavor,
(thread_state_t)state,
state_cnt);
state, state_cnt,
state, &state_cnt);
}
- if (kr == MACH_MSG_SUCCESS)
+ if (kr == MACH_MSG_SUCCESS && exception != EXC_CORPSE_NOTIFY)
kr = thread_setstatus(thread, flavor,
(thread_state_t)state,
state_cnt);
}
/*
- * Routine: exception
+ * Routine: check_exc_receiver_dependency
+ * Purpose:
+ * Verify that the port destined for receiving this exception is not
+ * on the current task. This would cause hang in kernel for
+ * EXC_CRASH primarily. Note: If port is transferred
+ * between check and delivery then deadlock may happen.
+ *
+ * Conditions:
+ * Nothing locked and no resources held.
+ * Called from an exception context.
+ * Returns:
+ * KERN_SUCCESS if its ok to send exception message.
+ */
+kern_return_t
+check_exc_receiver_dependency(
+ exception_type_t exception,
+ struct exception_action *excp,
+ lck_mtx_t *mutex)
+{
+ kern_return_t retval = KERN_SUCCESS;
+
+ if (excp == NULL || exception != EXC_CRASH)
+ return retval;
+
+ task_t task = current_task();
+ lck_mtx_lock(mutex);
+ ipc_port_t xport = excp[exception].port;
+ if ( IP_VALID(xport)
+ && ip_active(xport)
+ && task->itk_space == xport->ip_receiver)
+ retval = KERN_FAILURE;
+ lck_mtx_unlock(mutex);
+ return retval;
+}
+
+/*
+ * Routine: exception_triage
* Purpose:
* The current thread caught an exception.
* We make an up-call to the thread's exception server.
* thread_exception_return and thread_kdb_return
* are possible.
* Returns:
- * Doesn't return.
+ * KERN_SUCCESS if exception is handled by any of the handlers.
*/
-void
+kern_return_t
exception_triage(
exception_type_t exception,
mach_exception_data_t code,
task_t task;
host_priv_t host_priv;
lck_mtx_t *mutex;
- kern_return_t kr;
+ kern_return_t kr = KERN_FAILURE;
assert(exception != EXC_RPC_ALERT);
+ /*
+ * If this behavior has been requested by the the kernel
+ * (due to the boot environment), we should panic if we
+ * enter this function. This is intended as a debugging
+ * aid; it should allow us to debug why we caught an
+ * exception in environments where debugging is especially
+ * difficult.
+ */
+ if (panic_on_exception_triage) {
+ panic("called exception_triage when it was forbidden by the boot environment");
+ }
+
thread = current_thread();
/*
* Try to raise the exception at the activation level.
*/
mutex = &thread->mutex;
- kr = exception_deliver(thread, exception, code, codeCnt, thread->exc_actions, mutex);
- if (kr == KERN_SUCCESS || kr == MACH_RCV_PORT_DIED)
- goto out;
+ if (KERN_SUCCESS == check_exc_receiver_dependency(exception, thread->exc_actions, mutex))
+ {
+ kr = exception_deliver(thread, exception, code, codeCnt, thread->exc_actions, mutex);
+ if (kr == KERN_SUCCESS || kr == MACH_RCV_PORT_DIED)
+ goto out;
+ }
/*
* Maybe the task level will handle it.
*/
task = current_task();
mutex = &task->lock;
- kr = exception_deliver(thread, exception, code, codeCnt, task->exc_actions, mutex);
- if (kr == KERN_SUCCESS || kr == MACH_RCV_PORT_DIED)
- goto out;
+ if (KERN_SUCCESS == check_exc_receiver_dependency(exception, task->exc_actions, mutex))
+ {
+ kr = exception_deliver(thread, exception, code, codeCnt, task->exc_actions, mutex);
+ if (kr == KERN_SUCCESS || kr == MACH_RCV_PORT_DIED)
+ goto out;
+ }
/*
* How about at the host level?
*/
host_priv = host_priv_self();
mutex = &host_priv->lock;
- kr = exception_deliver(thread, exception, code, codeCnt, host_priv->exc_actions, mutex);
- if (kr == KERN_SUCCESS || kr == MACH_RCV_PORT_DIED)
- goto out;
-
- /*
- * Nobody handled it, terminate the task.
- */
-
- (void) task_terminate(task);
+
+ if (KERN_SUCCESS == check_exc_receiver_dependency(exception, host_priv->exc_actions, mutex))
+ {
+ kr = exception_deliver(thread, exception, code, codeCnt, host_priv->exc_actions, mutex);
+ if (kr == KERN_SUCCESS || kr == MACH_RCV_PORT_DIED)
+ goto out;
+ }
out:
if ((exception != EXC_CRASH) && (exception != EXC_RESOURCE) &&
- (exception != EXC_GUARD))
+ (exception != EXC_GUARD) && (exception != EXC_CORPSE_NOTIFY))
thread_exception_return();
- return;
+ return kr;
}
kern_return_t
{
mach_exception_data_type_t code[EXCEPTION_CODE_MAX];
wait_interrupt_t wsave;
+ kern_return_t kr = KERN_SUCCESS;
code[0] = exccode;
code[1] = excsubcode;
wsave = thread_interrupt_level(THREAD_UNINT);
- exception_triage(exception, code, EXCEPTION_CODE_MAX);
+ kr = exception_triage(exception, code, EXCEPTION_CODE_MAX);
(void) thread_interrupt_level(wsave);
- return (KERN_SUCCESS);
+ return kr;
}
projects / apple / xnu.git / blobdiff