[linux-2.6-block.git] / kernel / panic.c

/*
 *  linux/kernel/panic.c
 *
 *  Copyright (C) 1991, 1992  Linus Torvalds
 */

/*
 * This function is used through-out the kernel (including mm and fs)
 * to indicate a major problem.
 */
#include <linux/debug_locks.h>
#include <linux/interrupt.h>
#include <linux/kmsg_dump.h>
#include <linux/kallsyms.h>
#include <linux/notifier.h>
#include <linux/module.h>
#include <linux/random.h>
#include <linux/ftrace.h>
#include <linux/reboot.h>
#include <linux/delay.h>
#include <linux/kexec.h>
#include <linux/sched.h>
#include <linux/sysrq.h>
#include <linux/init.h>
#include <linux/nmi.h>
#include <linux/console.h>
#include <linux/bug.h>

#define PANIC_TIMER_STEP 100
#define PANIC_BLINK_SPD 18

int panic_on_oops = CONFIG_PANIC_ON_OOPS_VALUE;
static unsigned long tainted_mask;
static int pause_on_oops;
static int pause_on_oops_flag;
static DEFINE_SPINLOCK(pause_on_oops_lock);
bool crash_kexec_post_notifiers;
int panic_on_warn __read_mostly;

int panic_timeout = CONFIG_PANIC_TIMEOUT;
EXPORT_SYMBOL_GPL(panic_timeout);

ATOMIC_NOTIFIER_HEAD(panic_notifier_list);

EXPORT_SYMBOL(panic_notifier_list);

static long no_blink(int state)
{
	return 0;
}

/* Returns how long it waited in ms */
long (*panic_blink)(int state);
EXPORT_SYMBOL(panic_blink);

/*
 * Stop ourself in panic -- architecture code may override this
 */
void __weak panic_smp_self_stop(void)
{
	while (1)
		cpu_relax();
}

/*
 * Stop ourselves in NMI context if another CPU has already panicked. Arch code
 * may override this to prepare for crash dumping, e.g. save regs info.
 */
void __weak nmi_panic_self_stop(struct pt_regs *regs)
{
	panic_smp_self_stop();
}

atomic_t panic_cpu = ATOMIC_INIT(PANIC_CPU_INVALID);

/*
 * A variant of panic() called from NMI context. We return if we've already
 * panicked on this CPU. If another CPU already panicked, loop in
 * nmi_panic_self_stop() which can provide architecture dependent code such
 * as saving register state for crash dump.
 */
void nmi_panic(struct pt_regs *regs, const char *msg)
{
	int old_cpu, cpu;

	cpu = raw_smp_processor_id();
	old_cpu = atomic_cmpxchg(&panic_cpu, PANIC_CPU_INVALID, cpu);

	if (old_cpu == PANIC_CPU_INVALID)
		panic("%s", msg);
	else if (old_cpu != cpu)
		nmi_panic_self_stop(regs);
}
EXPORT_SYMBOL(nmi_panic);

/**
 *	panic - halt the system
 *	@fmt: The text string to print
 *
 *	Display a message, then perform cleanups.
 *
 *	This function never returns.
 */
void panic(const char *fmt, ...)
{
	static char buf[1024];
	va_list args;
	long i, i_next = 0;
	int state = 0;
	int old_cpu, this_cpu;

	/*
	 * Disable local interrupts. This will prevent panic_smp_self_stop
	 * from deadlocking the first cpu that invokes the panic, since
	 * there is nothing to prevent an interrupt handler (that runs
	 * after setting panic_cpu) from invoking panic() again.
	 */
	local_irq_disable();

	/*
	 * It's possible to come here directly from a panic-assertion and
	 * not have preempt disabled. Some functions called from here want
	 * preempt to be disabled. No point enabling it later though...
	 *
	 * Only one CPU is allowed to execute the panic code from here. For
	 * multiple parallel invocations of panic, all other CPUs either
	 * stop themself or will wait until they are stopped by the 1st CPU
	 * with smp_send_stop().
	 *
	 * `old_cpu == PANIC_CPU_INVALID' means this is the 1st CPU which
	 * comes here, so go ahead.
	 * `old_cpu == this_cpu' means we came from nmi_panic() which sets
	 * panic_cpu to this CPU.  In this case, this is also the 1st CPU.
	 */
	this_cpu = raw_smp_processor_id();
	old_cpu  = atomic_cmpxchg(&panic_cpu, PANIC_CPU_INVALID, this_cpu);

	if (old_cpu != PANIC_CPU_INVALID && old_cpu != this_cpu)
		panic_smp_self_stop();

	console_verbose();
	bust_spinlocks(1);
	va_start(args, fmt);
	vsnprintf(buf, sizeof(buf), fmt, args);
	va_end(args);
	pr_emerg("Kernel panic - not syncing: %s\n", buf);
#ifdef CONFIG_DEBUG_BUGVERBOSE
	/*
	 * Avoid nested stack-dumping if a panic occurs during oops processing
	 */
	if (!test_taint(TAINT_DIE) && oops_in_progress <= 1)
		dump_stack();
#endif

	/*
	 * If we have crashed and we have a crash kernel loaded let it handle
	 * everything else.
	 * If we want to run this after calling panic_notifiers, pass
	 * the "crash_kexec_post_notifiers" option to the kernel.
	 *
	 * Bypass the panic_cpu check and call __crash_kexec directly.
	 */
	if (!crash_kexec_post_notifiers) {
		printk_nmi_flush_on_panic();
		__crash_kexec(NULL);
	}

	/*
	 * Note smp_send_stop is the usual smp shutdown function, which
	 * unfortunately means it may not be hardened to work in a panic
	 * situation.
	 */
	smp_send_stop();

	/*
	 * Run any panic handlers, including those that might need to
	 * add information to the kmsg dump output.
	 */
	atomic_notifier_call_chain(&panic_notifier_list, 0, buf);

	/* Call flush even twice. It tries harder with a single online CPU */
	printk_nmi_flush_on_panic();
	kmsg_dump(KMSG_DUMP_PANIC);

	/*
	 * If you doubt kdump always works fine in any situation,
	 * "crash_kexec_post_notifiers" offers you a chance to run
	 * panic_notifiers and dumping kmsg before kdump.
	 * Note: since some panic_notifiers can make crashed kernel
	 * more unstable, it can increase risks of the kdump failure too.
	 *
	 * Bypass the panic_cpu check and call __crash_kexec directly.
	 */
	if (crash_kexec_post_notifiers)
		__crash_kexec(NULL);

	bust_spinlocks(0);

	/*
	 * We may have ended up stopping the CPU holding the lock (in
	 * smp_send_stop()) while still having some valuable data in the console
	 * buffer.  Try to acquire the lock then release it regardless of the
	 * result.  The release will also print the buffers out.  Locks debug
	 * should be disabled to avoid reporting bad unlock balance when
	 * panic() is not being callled from OOPS.
	 */
	debug_locks_off();
	console_flush_on_panic();

	if (!panic_blink)
		panic_blink = no_blink;

	if (panic_timeout > 0) {
		/*
		 * Delay timeout seconds before rebooting the machine.
		 * We can't use the "normal" timers since we just panicked.
		 */
		pr_emerg("Rebooting in %d seconds..", panic_timeout);

		for (i = 0; i < panic_timeout * 1000; i += PANIC_TIMER_STEP) {
			touch_nmi_watchdog();
			if (i >= i_next) {
				i += panic_blink(state ^= 1);
				i_next = i + 3600 / PANIC_BLINK_SPD;
			}
			mdelay(PANIC_TIMER_STEP);
		}
	}
	if (panic_timeout != 0) {
		/*
		 * This will not be a clean reboot, with everything
		 * shutting down.  But if there is a chance of
		 * rebooting the system it will be rebooted.
		 */
		emergency_restart();
	}
#ifdef __sparc__
	{
		extern int stop_a_enabled;
		/* Make sure the user can actually press Stop-A (L1-A) */
		stop_a_enabled = 1;
		pr_emerg("Press Stop-A (L1-A) to return to the boot prom\n");
	}
#endif
#if defined(CONFIG_S390)
	{
		unsigned long caller;

		caller = (unsigned long)__builtin_return_address(0);
		disabled_wait(caller);
	}
#endif
	pr_emerg("---[ end Kernel panic - not syncing: %s\n", buf);
	local_irq_enable();
	for (i = 0; ; i += PANIC_TIMER_STEP) {
		touch_softlockup_watchdog();
		if (i >= i_next) {
			i += panic_blink(state ^= 1);
			i_next = i + 3600 / PANIC_BLINK_SPD;
		}
		mdelay(PANIC_TIMER_STEP);
	}
}

EXPORT_SYMBOL(panic);


struct tnt {
	u8	bit;
	char	true;
	char	false;
};

static const struct tnt tnts[] = {
	{ TAINT_PROPRIETARY_MODULE,	'P', 'G' },
	{ TAINT_FORCED_MODULE,		'F', ' ' },
	{ TAINT_CPU_OUT_OF_SPEC,	'S', ' ' },
	{ TAINT_FORCED_RMMOD,		'R', ' ' },
	{ TAINT_MACHINE_CHECK,		'M', ' ' },
	{ TAINT_BAD_PAGE,		'B', ' ' },
	{ TAINT_USER,			'U', ' ' },
	{ TAINT_DIE,			'D', ' ' },
	{ TAINT_OVERRIDDEN_ACPI_TABLE,	'A', ' ' },
	{ TAINT_WARN,			'W', ' ' },
	{ TAINT_CRAP,			'C', ' ' },
	{ TAINT_FIRMWARE_WORKAROUND,	'I', ' ' },
	{ TAINT_OOT_MODULE,		'O', ' ' },
	{ TAINT_UNSIGNED_MODULE,	'E', ' ' },
	{ TAINT_SOFTLOCKUP,		'L', ' ' },
	{ TAINT_LIVEPATCH,		'K', ' ' },
};

/**
 *	print_tainted - return a string to represent the kernel taint state.
 *
 *  'P' - Proprietary module has been loaded.
 *  'F' - Module has been forcibly loaded.
 *  'S' - SMP with CPUs not designed for SMP.
 *  'R' - User forced a module unload.
 *  'M' - System experienced a machine check exception.
 *  'B' - System has hit bad_page.
 *  'U' - Userspace-defined naughtiness.
 *  'D' - Kernel has oopsed before
 *  'A' - ACPI table overridden.
 *  'W' - Taint on warning.
 *  'C' - modules from drivers/staging are loaded.
 *  'I' - Working around severe firmware bug.
 *  'O' - Out-of-tree module has been loaded.
 *  'E' - Unsigned module has been loaded.
 *  'L' - A soft lockup has previously occurred.
 *  'K' - Kernel has been live patched.
 *
 *	The string is overwritten by the next call to print_tainted().
 */
const char *print_tainted(void)
{
	static char buf[ARRAY_SIZE(tnts) + sizeof("Tainted: ")];

	if (tainted_mask) {
		char *s;
		int i;

		s = buf + sprintf(buf, "Tainted: ");
		for (i = 0; i < ARRAY_SIZE(tnts); i++) {
			const struct tnt *t = &tnts[i];
			*s++ = test_bit(t->bit, &tainted_mask) ?
					t->true : t->false;
		}
		*s = 0;
	} else
		snprintf(buf, sizeof(buf), "Not tainted");

	return buf;
}

int test_taint(unsigned flag)
{
	return test_bit(flag, &tainted_mask);
}
EXPORT_SYMBOL(test_taint);

unsigned long get_taint(void)
{
	return tainted_mask;
}

/**
 * add_taint: add a taint flag if not already set.
 * @flag: one of the TAINT_* constants.
 * @lockdep_ok: whether lock debugging is still OK.
 *
 * If something bad has gone wrong, you'll want @lockdebug_ok = false, but for
 * some notewortht-but-not-corrupting cases, it can be set to true.
 */
void add_taint(unsigned flag, enum lockdep_ok lockdep_ok)
{
	if (lockdep_ok == LOCKDEP_NOW_UNRELIABLE && __debug_locks_off())
		pr_warn("Disabling lock debugging due to kernel taint\n");

	set_bit(flag, &tainted_mask);
}
EXPORT_SYMBOL(add_taint);

static void spin_msec(int msecs)
{
	int i;

	for (i = 0; i < msecs; i++) {
		touch_nmi_watchdog();
		mdelay(1);
	}
}

/*
 * It just happens that oops_enter() and oops_exit() are identically
 * implemented...
 */
static void do_oops_enter_exit(void)
{
	unsigned long flags;
	static int spin_counter;

	if (!pause_on_oops)
		return;

	spin_lock_irqsave(&pause_on_oops_lock, flags);
	if (pause_on_oops_flag == 0) {
		/* This CPU may now print the oops message */
		pause_on_oops_flag = 1;
	} else {
		/* We need to stall this CPU */
		if (!spin_counter) {
			/* This CPU gets to do the counting */
			spin_counter = pause_on_oops;
			do {
				spin_unlock(&pause_on_oops_lock);
				spin_msec(MSEC_PER_SEC);
				spin_lock(&pause_on_oops_lock);
			} while (--spin_counter);
			pause_on_oops_flag = 0;
		} else {
			/* This CPU waits for a different one */
			while (spin_counter) {
				spin_unlock(&pause_on_oops_lock);
				spin_msec(1);
				spin_lock(&pause_on_oops_lock);
			}
		}
	}
	spin_unlock_irqrestore(&pause_on_oops_lock, flags);
}

/*
 * Return true if the calling CPU is allowed to print oops-related info.
 * This is a bit racy..
 */
int oops_may_print(void)
{
	return pause_on_oops_flag == 0;
}

/*
 * Called when the architecture enters its oops handler, before it prints
 * anything.  If this is the first CPU to oops, and it's oopsing the first
 * time then let it proceed.
 *
 * This is all enabled by the pause_on_oops kernel boot option.  We do all
 * this to ensure that oopses don't scroll off the screen.  It has the
 * side-effect of preventing later-oopsing CPUs from mucking up the display,
 * too.
 *
 * It turns out that the CPU which is allowed to print ends up pausing for
 * the right duration, whereas all the other CPUs pause for twice as long:
 * once in oops_enter(), once in oops_exit().
 */
void oops_enter(void)
{
	tracing_off();
	/* can't trust the integrity of the kernel anymore: */
	debug_locks_off();
	do_oops_enter_exit();
}

/*
 * 64-bit random ID for oopses:
 */
static u64 oops_id;

static int init_oops_id(void)
{
	if (!oops_id)
		get_random_bytes(&oops_id, sizeof(oops_id));
	else
		oops_id++;

	return 0;
}
late_initcall(init_oops_id);

void print_oops_end_marker(void)
{
	init_oops_id();
	pr_warn("---[ end trace %016llx ]---\n", (unsigned long long)oops_id);
}

/*
 * Called when the architecture exits its oops handler, after printing
 * everything.
 */
void oops_exit(void)
{
	do_oops_enter_exit();
	print_oops_end_marker();
	kmsg_dump(KMSG_DUMP_OOPS);
}

struct warn_args {
	const char *fmt;
	va_list args;
};

void __warn(const char *file, int line, void *caller, unsigned taint,
	    struct pt_regs *regs, struct warn_args *args)
{
	disable_trace_on_warning();

	pr_warn("------------[ cut here ]------------\n");

	if (file)
		pr_warn("WARNING: CPU: %d PID: %d at %s:%d %pS\n",
			raw_smp_processor_id(), current->pid, file, line,
			caller);
	else
		pr_warn("WARNING: CPU: %d PID: %d at %pS\n",
			raw_smp_processor_id(), current->pid, caller);

	if (args)
		vprintk(args->fmt, args->args);

	if (panic_on_warn) {
		/*
		 * This thread may hit another WARN() in the panic path.
		 * Resetting this prevents additional WARN() from panicking the
		 * system on this thread.  Other threads are blocked by the
		 * panic_mutex in panic().
		 */
		panic_on_warn = 0;
		panic("panic_on_warn set ...\n");
	}

	print_modules();

	if (regs)
		show_regs(regs);
	else
		dump_stack();

	print_oops_end_marker();

	/* Just a warning, don't kill lockdep. */
	add_taint(taint, LOCKDEP_STILL_OK);
}

#ifdef WANT_WARN_ON_SLOWPATH
void warn_slowpath_fmt(const char *file, int line, const char *fmt, ...)
{
	struct warn_args args;

	args.fmt = fmt;
	va_start(args.args, fmt);
	__warn(file, line, __builtin_return_address(0), TAINT_WARN, NULL,
	       &args);
	va_end(args.args);
}
EXPORT_SYMBOL(warn_slowpath_fmt);

void warn_slowpath_fmt_taint(const char *file, int line,
			     unsigned taint, const char *fmt, ...)
{
	struct warn_args args;

	args.fmt = fmt;
	va_start(args.args, fmt);
	__warn(file, line, __builtin_return_address(0), taint, NULL, &args);
	va_end(args.args);
}
EXPORT_SYMBOL(warn_slowpath_fmt_taint);

void warn_slowpath_null(const char *file, int line)
{
	__warn(file, line, __builtin_return_address(0), TAINT_WARN, NULL, NULL);
}
EXPORT_SYMBOL(warn_slowpath_null);
#endif

#ifdef CONFIG_CC_STACKPROTECTOR

/*
 * Called when gcc's -fstack-protector feature is used, and
 * gcc detects corruption of the on-stack canary value
 */
__visible void __stack_chk_fail(void)
{
	panic("stack-protector: Kernel stack is corrupted in: %p\n",
		__builtin_return_address(0));
}
EXPORT_SYMBOL(__stack_chk_fail);

#endif

core_param(panic, panic_timeout, int, 0644);
core_param(pause_on_oops, pause_on_oops, int, 0644);
core_param(panic_on_warn, panic_on_warn, int, 0644);

static int __init setup_crash_kexec_post_notifiers(char *s)
{
	crash_kexec_post_notifiers = true;
	return 0;
}
early_param("crash_kexec_post_notifiers", setup_crash_kexec_post_notifiers);

static int __init oops_setup(char *s)
{
	if (!s)
		return -EINVAL;
	if (!strcmp(s, "panic"))
		panic_on_oops = 1;
	return 0;
}
early_param("oops", oops_setup);
Commit	Line	Data
1da177e4 LT	1	/*
	2	* linux/kernel/panic.c
	3	*
	4	* Copyright (C) 1991, 1992 Linus Torvalds
	5	*/
	6
	7	/*
	8	* This function is used through-out the kernel (including mm and fs)
	9	* to indicate a major problem.
	10	*/
c95dbf27 IM	11	#include <linux/debug_locks.h>
c95dbf27 IM	12	#include <linux/interrupt.h>
456b565c	13	#include <linux/kmsg_dump.h>
c95dbf27 IM	14	#include <linux/kallsyms.h>
c95dbf27 IM	15	#include <linux/notifier.h>
1da177e4	16	#include <linux/module.h>
c95dbf27	17	#include <linux/random.h>
de7edd31	18	#include <linux/ftrace.h>
1da177e4	19	#include <linux/reboot.h>
c95dbf27 IM	20	#include <linux/delay.h>
	21	#include <linux/kexec.h>
	22	#include <linux/sched.h>
1da177e4	23	#include <linux/sysrq.h>
c95dbf27	24	#include <linux/init.h>
1da177e4	25	#include <linux/nmi.h>
08d78658	26	#include <linux/console.h>
2553b67a	27	#include <linux/bug.h>
1da177e4	28
c7ff0d9c TS	29	#define PANIC_TIMER_STEP 100
	30	#define PANIC_BLINK_SPD 18
	31
2a01bb38	32	int panic_on_oops = CONFIG_PANIC_ON_OOPS_VALUE;
25ddbb18	33	static unsigned long tainted_mask;
dd287796 AM	34	static int pause_on_oops;
	35	static int pause_on_oops_flag;
	36	static DEFINE_SPINLOCK(pause_on_oops_lock);
5375b708	37	bool crash_kexec_post_notifiers;
9e3961a0	38	int panic_on_warn __read_mostly;
1da177e4	39
5800dc3c	40	int panic_timeout = CONFIG_PANIC_TIMEOUT;
81e88fdc	41	EXPORT_SYMBOL_GPL(panic_timeout);
1da177e4	42
e041c683	43	ATOMIC_NOTIFIER_HEAD(panic_notifier_list);
1da177e4 LT	44
	45	EXPORT_SYMBOL(panic_notifier_list);
	46
c7ff0d9c	47	static long no_blink(int state)
8aeee85a	48	{
c7ff0d9c	49	return 0;
8aeee85a AB	50	}
8aeee85a AB	51
c7ff0d9c TS	52	/* Returns how long it waited in ms */
	53	long (*panic_blink)(int state);
	54	EXPORT_SYMBOL(panic_blink);
	55
93e13a36 MH	56	/*
	57	* Stop ourself in panic -- architecture code may override this
	58	*/
	59	void __weak panic_smp_self_stop(void)
	60	{
	61	while (1)
	62	cpu_relax();
	63	}
	64
58c5661f HK	65	/*
	66	* Stop ourselves in NMI context if another CPU has already panicked. Arch code
	67	* may override this to prepare for crash dumping, e.g. save regs info.
	68	*/
	69	void __weak nmi_panic_self_stop(struct pt_regs *regs)
	70	{
	71	panic_smp_self_stop();
	72	}
	73
1717f209 HK	74	atomic_t panic_cpu = ATOMIC_INIT(PANIC_CPU_INVALID);
1717f209 HK	75
ebc41f20 HK	76	/*
	77	* A variant of panic() called from NMI context. We return if we've already
	78	* panicked on this CPU. If another CPU already panicked, loop in
	79	* nmi_panic_self_stop() which can provide architecture dependent code such
	80	* as saving register state for crash dump.
	81	*/
	82	void nmi_panic(struct pt_regs regs, const char msg)
	83	{
	84	int old_cpu, cpu;
	85
	86	cpu = raw_smp_processor_id();
	87	old_cpu = atomic_cmpxchg(&panic_cpu, PANIC_CPU_INVALID, cpu);
	88
	89	if (old_cpu == PANIC_CPU_INVALID)
	90	panic("%s", msg);
	91	else if (old_cpu != cpu)
	92	nmi_panic_self_stop(regs);
	93	}
	94	EXPORT_SYMBOL(nmi_panic);
	95
1da177e4 LT	96	/**
	97	* panic - halt the system
	98	* @fmt: The text string to print
	99	*
	100	* Display a message, then perform cleanups.
	101	*
	102	* This function never returns.
	103	*/
9402c95f	104	void panic(const char *fmt, ...)
1da177e4	105	{
1da177e4 LT	106	static char buf[1024];
1da177e4 LT	107	va_list args;
c7ff0d9c TS	108	long i, i_next = 0;
c7ff0d9c TS	109	int state = 0;
1717f209	110	int old_cpu, this_cpu;
1da177e4	111
190320c3 VM	112	/*
	113	* Disable local interrupts. This will prevent panic_smp_self_stop
	114	* from deadlocking the first cpu that invokes the panic, since
	115	* there is nothing to prevent an interrupt handler (that runs
1717f209	116	* after setting panic_cpu) from invoking panic() again.
190320c3 VM	117	*/
	118	local_irq_disable();
	119
dc009d92	120	/*
c95dbf27 IM	121	* It's possible to come here directly from a panic-assertion and
c95dbf27 IM	122	* not have preempt disabled. Some functions called from here want
dc009d92	123	* preempt to be disabled. No point enabling it later though...
93e13a36 MH	124	*
	125	* Only one CPU is allowed to execute the panic code from here. For
	126	* multiple parallel invocations of panic, all other CPUs either
	127	* stop themself or will wait until they are stopped by the 1st CPU
	128	* with smp_send_stop().
1717f209 HK	129	*
	130	* `old_cpu == PANIC_CPU_INVALID' means this is the 1st CPU which
	131	* comes here, so go ahead.
	132	* `old_cpu == this_cpu' means we came from nmi_panic() which sets
	133	* panic_cpu to this CPU. In this case, this is also the 1st CPU.
dc009d92	134	*/
1717f209 HK	135	this_cpu = raw_smp_processor_id();
	136	old_cpu = atomic_cmpxchg(&panic_cpu, PANIC_CPU_INVALID, this_cpu);
	137
	138	if (old_cpu != PANIC_CPU_INVALID && old_cpu != this_cpu)
93e13a36	139	panic_smp_self_stop();
dc009d92	140
5b530fc1	141	console_verbose();
1da177e4 LT	142	bust_spinlocks(1);
	143	va_start(args, fmt);
	144	vsnprintf(buf, sizeof(buf), fmt, args);
	145	va_end(args);
d7c0847f	146	pr_emerg("Kernel panic - not syncing: %s\n", buf);
5cb27301	147	#ifdef CONFIG_DEBUG_BUGVERBOSE
6e6f0a1f AK	148	/*
	149	* Avoid nested stack-dumping if a panic occurs during oops processing
	150	*/
026ee1f6	151	if (!test_taint(TAINT_DIE) && oops_in_progress <= 1)
6e6f0a1f	152	dump_stack();
5cb27301	153	#endif
1da177e4	154
dc009d92 EB	155	/*
	156	* If we have crashed and we have a crash kernel loaded let it handle
	157	* everything else.
f06e5153 MH	158	* If we want to run this after calling panic_notifiers, pass
f06e5153 MH	159	* the "crash_kexec_post_notifiers" option to the kernel.
7bbee5ca HK	160	*
7bbee5ca HK	161	* Bypass the panic_cpu check and call __crash_kexec directly.
dc009d92	162	*/
cf9b1106 PM	163	if (!crash_kexec_post_notifiers) {
cf9b1106 PM	164	printk_nmi_flush_on_panic();
7bbee5ca	165	__crash_kexec(NULL);
cf9b1106	166	}
dc009d92	167
dc009d92 EB	168	/*
	169	* Note smp_send_stop is the usual smp shutdown function, which
	170	* unfortunately means it may not be hardened to work in a panic
	171	* situation.
	172	*/
1da177e4	173	smp_send_stop();
1da177e4	174
6723734c KC	175	/*
	176	* Run any panic handlers, including those that might need to
	177	* add information to the kmsg dump output.
	178	*/
e041c683	179	atomic_notifier_call_chain(&panic_notifier_list, 0, buf);
1da177e4	180
cf9b1106 PM	181	/* Call flush even twice. It tries harder with a single online CPU */
cf9b1106 PM	182	printk_nmi_flush_on_panic();
6723734c KC	183	kmsg_dump(KMSG_DUMP_PANIC);
6723734c KC	184
f06e5153 MH	185	/*
	186	* If you doubt kdump always works fine in any situation,
	187	* "crash_kexec_post_notifiers" offers you a chance to run
	188	* panic_notifiers and dumping kmsg before kdump.
	189	* Note: since some panic_notifiers can make crashed kernel
	190	* more unstable, it can increase risks of the kdump failure too.
7bbee5ca HK	191	*
7bbee5ca HK	192	* Bypass the panic_cpu check and call __crash_kexec directly.
f06e5153	193	*/
f45d85ff	194	if (crash_kexec_post_notifiers)
7bbee5ca	195	__crash_kexec(NULL);
f06e5153	196
d014e889 AK	197	bust_spinlocks(0);
d014e889 AK	198
08d78658 VK	199	/*
	200	* We may have ended up stopping the CPU holding the lock (in
	201	* smp_send_stop()) while still having some valuable data in the console
	202	* buffer. Try to acquire the lock then release it regardless of the
7625b3a0 VK	203	* result. The release will also print the buffers out. Locks debug
	204	* should be disabled to avoid reporting bad unlock balance when
	205	* panic() is not being callled from OOPS.
08d78658	206	*/
7625b3a0	207	debug_locks_off();
8d91f8b1	208	console_flush_on_panic();
08d78658	209
c7ff0d9c TS	210	if (!panic_blink)
	211	panic_blink = no_blink;
	212
dc009d92	213	if (panic_timeout > 0) {
1da177e4	214	/*
c95dbf27 IM	215	* Delay timeout seconds before rebooting the machine.
	216	* We can't use the "normal" timers since we just panicked.
	217	*/
d7c0847f	218	pr_emerg("Rebooting in %d seconds..", panic_timeout);
c95dbf27	219
c7ff0d9c	220	for (i = 0; i < panic_timeout * 1000; i += PANIC_TIMER_STEP) {
1da177e4	221	touch_nmi_watchdog();
c7ff0d9c TS	222	if (i >= i_next) {
	223	i += panic_blink(state ^= 1);
	224	i_next = i + 3600 / PANIC_BLINK_SPD;
	225	}
	226	mdelay(PANIC_TIMER_STEP);
1da177e4	227	}
4302fbc8 HD	228	}
4302fbc8 HD	229	if (panic_timeout != 0) {
c95dbf27 IM	230	/*
	231	* This will not be a clean reboot, with everything
	232	* shutting down. But if there is a chance of
	233	* rebooting the system it will be rebooted.
1da177e4	234	*/
2f048ea8	235	emergency_restart();
1da177e4 LT	236	}
	237	#ifdef __sparc__
	238	{
	239	extern int stop_a_enabled;
a271c241	240	/* Make sure the user can actually press Stop-A (L1-A) */
1da177e4	241	stop_a_enabled = 1;
d7c0847f	242	pr_emerg("Press Stop-A (L1-A) to return to the boot prom\n");
1da177e4 LT	243	}
1da177e4 LT	244	#endif
347a8dc3	245	#if defined(CONFIG_S390)
c95dbf27 IM	246	{
	247	unsigned long caller;
	248
	249	caller = (unsigned long)__builtin_return_address(0);
	250	disabled_wait(caller);
	251	}
1da177e4	252	#endif
d7c0847f	253	pr_emerg("---[ end Kernel panic - not syncing: %s\n", buf);
1da177e4	254	local_irq_enable();
c7ff0d9c	255	for (i = 0; ; i += PANIC_TIMER_STEP) {
c22db941	256	touch_softlockup_watchdog();
c7ff0d9c TS	257	if (i >= i_next) {
	258	i += panic_blink(state ^= 1);
	259	i_next = i + 3600 / PANIC_BLINK_SPD;
	260	}
	261	mdelay(PANIC_TIMER_STEP);
1da177e4 LT	262	}
	263	}
	264
	265	EXPORT_SYMBOL(panic);
	266
c277e63f	267
25ddbb18	268	struct tnt {
c95dbf27 IM	269	u8 bit;
	270	char true;
	271	char false;
25ddbb18 AK	272	};
	273
	274	static const struct tnt tnts[] = {
c95dbf27 IM	275	{ TAINT_PROPRIETARY_MODULE, 'P', 'G' },
c95dbf27 IM	276	{ TAINT_FORCED_MODULE, 'F', ' ' },
8c90487c	277	{ TAINT_CPU_OUT_OF_SPEC, 'S', ' ' },
c95dbf27 IM	278	{ TAINT_FORCED_RMMOD, 'R', ' ' },
	279	{ TAINT_MACHINE_CHECK, 'M', ' ' },
	280	{ TAINT_BAD_PAGE, 'B', ' ' },
	281	{ TAINT_USER, 'U', ' ' },
	282	{ TAINT_DIE, 'D', ' ' },
	283	{ TAINT_OVERRIDDEN_ACPI_TABLE, 'A', ' ' },
	284	{ TAINT_WARN, 'W', ' ' },
	285	{ TAINT_CRAP, 'C', ' ' },
92946bc7	286	{ TAINT_FIRMWARE_WORKAROUND, 'I', ' ' },
2449b8ba	287	{ TAINT_OOT_MODULE, 'O', ' ' },
57673c2b	288	{ TAINT_UNSIGNED_MODULE, 'E', ' ' },
69361eef	289	{ TAINT_SOFTLOCKUP, 'L', ' ' },
c5f45465	290	{ TAINT_LIVEPATCH, 'K', ' ' },
25ddbb18 AK	291	};
25ddbb18 AK	292
1da177e4 LT	293	/**
	294	* print_tainted - return a string to represent the kernel taint state.
	295	*
	296	* 'P' - Proprietary module has been loaded.
	297	* 'F' - Module has been forcibly loaded.
	298	* 'S' - SMP with CPUs not designed for SMP.
	299	* 'R' - User forced a module unload.
9aa5e993	300	* 'M' - System experienced a machine check exception.
1da177e4	301	* 'B' - System has hit bad_page.
34f5a398	302	* 'U' - Userspace-defined naughtiness.
a8005992	303	* 'D' - Kernel has oopsed before
95b570c9 NH	304	* 'A' - ACPI table overridden.
95b570c9 NH	305	* 'W' - Taint on warning.
061b1bd3	306	* 'C' - modules from drivers/staging are loaded.
92946bc7	307	* 'I' - Working around severe firmware bug.
2449b8ba	308	* 'O' - Out-of-tree module has been loaded.
57673c2b	309	* 'E' - Unsigned module has been loaded.
bc53a3f4	310	* 'L' - A soft lockup has previously occurred.
c5f45465	311	* 'K' - Kernel has been live patched.
1da177e4	312	*
fe002a41	313	* The string is overwritten by the next call to print_tainted().
1da177e4	314	*/
1da177e4 LT	315	const char *print_tainted(void)
1da177e4 LT	316	{
01284764	317	static char buf[ARRAY_SIZE(tnts) + sizeof("Tainted: ")];
25ddbb18 AK	318
	319	if (tainted_mask) {
	320	char *s;
	321	int i;
	322
	323	s = buf + sprintf(buf, "Tainted: ");
	324	for (i = 0; i < ARRAY_SIZE(tnts); i++) {
	325	const struct tnt *t = &tnts[i];
	326	*s++ = test_bit(t->bit, &tainted_mask) ?
	327	t->true : t->false;
	328	}
	329	*s = 0;
	330	} else
1da177e4	331	snprintf(buf, sizeof(buf), "Not tainted");
c95dbf27 IM	332
c95dbf27 IM	333	return buf;
1da177e4 LT	334	}
1da177e4 LT	335
25ddbb18	336	int test_taint(unsigned flag)
1da177e4	337	{
25ddbb18 AK	338	return test_bit(flag, &tainted_mask);
	339	}
	340	EXPORT_SYMBOL(test_taint);
	341
	342	unsigned long get_taint(void)
	343	{
	344	return tainted_mask;
1da177e4	345	}
dd287796	346
373d4d09 RR	347	/**
	348	* add_taint: add a taint flag if not already set.
	349	* @flag: one of the TAINT_* constants.
	350	* @lockdep_ok: whether lock debugging is still OK.
	351	*
	352	* If something bad has gone wrong, you'll want @lockdebug_ok = false, but for
	353	* some notewortht-but-not-corrupting cases, it can be set to true.
	354	*/
	355	void add_taint(unsigned flag, enum lockdep_ok lockdep_ok)
dd287796	356	{
373d4d09	357	if (lockdep_ok == LOCKDEP_NOW_UNRELIABLE && __debug_locks_off())
d7c0847f	358	pr_warn("Disabling lock debugging due to kernel taint\n");
9eeba613	359
25ddbb18	360	set_bit(flag, &tainted_mask);
dd287796	361	}
1da177e4	362	EXPORT_SYMBOL(add_taint);
dd287796 AM	363
	364	static void spin_msec(int msecs)
	365	{
	366	int i;
	367
	368	for (i = 0; i < msecs; i++) {
	369	touch_nmi_watchdog();
	370	mdelay(1);
	371	}
	372	}
	373
	374	/*
	375	* It just happens that oops_enter() and oops_exit() are identically
	376	* implemented...
	377	*/
	378	static void do_oops_enter_exit(void)
	379	{
	380	unsigned long flags;
	381	static int spin_counter;
	382
	383	if (!pause_on_oops)
	384	return;
	385
	386	spin_lock_irqsave(&pause_on_oops_lock, flags);
	387	if (pause_on_oops_flag == 0) {
	388	/* This CPU may now print the oops message */
	389	pause_on_oops_flag = 1;
	390	} else {
	391	/* We need to stall this CPU */
	392	if (!spin_counter) {
	393	/* This CPU gets to do the counting */
	394	spin_counter = pause_on_oops;
	395	do {
	396	spin_unlock(&pause_on_oops_lock);
	397	spin_msec(MSEC_PER_SEC);
	398	spin_lock(&pause_on_oops_lock);
	399	} while (--spin_counter);
	400	pause_on_oops_flag = 0;
	401	} else {
	402	/* This CPU waits for a different one */
	403	while (spin_counter) {
	404	spin_unlock(&pause_on_oops_lock);
	405	spin_msec(1);
	406	spin_lock(&pause_on_oops_lock);
	407	}
	408	}
	409	}
	410	spin_unlock_irqrestore(&pause_on_oops_lock, flags);
	411	}
	412
	413	/*
c95dbf27 IM	414	* Return true if the calling CPU is allowed to print oops-related info.
c95dbf27 IM	415	* This is a bit racy..
dd287796 AM	416	*/
	417	int oops_may_print(void)
	418	{
	419	return pause_on_oops_flag == 0;
	420	}
	421
	422	/*
	423	* Called when the architecture enters its oops handler, before it prints
c95dbf27 IM	424	* anything. If this is the first CPU to oops, and it's oopsing the first
c95dbf27 IM	425	* time then let it proceed.
dd287796	426	*
c95dbf27 IM	427	* This is all enabled by the pause_on_oops kernel boot option. We do all
	428	* this to ensure that oopses don't scroll off the screen. It has the
	429	* side-effect of preventing later-oopsing CPUs from mucking up the display,
	430	* too.
dd287796	431	*
c95dbf27 IM	432	* It turns out that the CPU which is allowed to print ends up pausing for
	433	* the right duration, whereas all the other CPUs pause for twice as long:
	434	* once in oops_enter(), once in oops_exit().
dd287796 AM	435	*/
	436	void oops_enter(void)
	437	{
bdff7870	438	tracing_off();
c95dbf27 IM	439	/* can't trust the integrity of the kernel anymore: */
c95dbf27 IM	440	debug_locks_off();
dd287796 AM	441	do_oops_enter_exit();
	442	}
	443
2c3b20e9 AV	444	/*
	445	* 64-bit random ID for oopses:
	446	*/
	447	static u64 oops_id;
	448
	449	static int init_oops_id(void)
	450	{
	451	if (!oops_id)
	452	get_random_bytes(&oops_id, sizeof(oops_id));
d6624f99 AV	453	else
d6624f99 AV	454	oops_id++;
2c3b20e9 AV	455
	456	return 0;
	457	}
	458	late_initcall(init_oops_id);
	459
863a6049	460	void print_oops_end_marker(void)
71c33911 AV	461	{
71c33911 AV	462	init_oops_id();
d7c0847f	463	pr_warn("---[ end trace %016llx ]---\n", (unsigned long long)oops_id);
71c33911 AV	464	}
71c33911 AV	465
dd287796 AM	466	/*
	467	* Called when the architecture exits its oops handler, after printing
	468	* everything.
	469	*/
	470	void oops_exit(void)
	471	{
	472	do_oops_enter_exit();
71c33911	473	print_oops_end_marker();
456b565c	474	kmsg_dump(KMSG_DUMP_OOPS);
dd287796	475	}
3162f751	476
2553b67a	477	struct warn_args {
0f6f49a8	478	const char *fmt;
a8f18b90	479	va_list args;
0f6f49a8	480	};
bd89bb29	481
2553b67a JP	482	void __warn(const char file, int line, void caller, unsigned taint,
2553b67a JP	483	struct pt_regs regs, struct warn_args args)
0f6f49a8	484	{
de7edd31 SRRH	485	disable_trace_on_warning();
de7edd31 SRRH	486
dcb6b452	487	pr_warn("------------[ cut here ]------------\n");
2553b67a JP	488
	489	if (file)
	490	pr_warn("WARNING: CPU: %d PID: %d at %s:%d %pS\n",
	491	raw_smp_processor_id(), current->pid, file, line,
	492	caller);
	493	else
	494	pr_warn("WARNING: CPU: %d PID: %d at %pS\n",
	495	raw_smp_processor_id(), current->pid, caller);
74853dba	496
0f6f49a8 LT	497	if (args)
0f6f49a8 LT	498	vprintk(args->fmt, args->args);
a8f18b90	499
9e3961a0 PB	500	if (panic_on_warn) {
	501	/*
	502	* This thread may hit another WARN() in the panic path.
	503	* Resetting this prevents additional WARN() from panicking the
	504	* system on this thread. Other threads are blocked by the
	505	* panic_mutex in panic().
	506	*/
	507	panic_on_warn = 0;
	508	panic("panic_on_warn set ...\n");
	509	}
	510
a8f18b90	511	print_modules();
2553b67a JP	512
	513	if (regs)
	514	show_regs(regs);
	515	else
	516	dump_stack();
	517
a8f18b90	518	print_oops_end_marker();
2553b67a	519
373d4d09 RR	520	/* Just a warning, don't kill lockdep. */
373d4d09 RR	521	add_taint(taint, LOCKDEP_STILL_OK);
a8f18b90	522	}
0f6f49a8	523
2553b67a	524	#ifdef WANT_WARN_ON_SLOWPATH
0f6f49a8 LT	525	void warn_slowpath_fmt(const char file, int line, const char fmt, ...)
0f6f49a8 LT	526	{
2553b67a	527	struct warn_args args;
0f6f49a8 LT	528
	529	args.fmt = fmt;
	530	va_start(args.args, fmt);
2553b67a JP	531	__warn(file, line, __builtin_return_address(0), TAINT_WARN, NULL,
2553b67a JP	532	&args);
0f6f49a8 LT	533	va_end(args.args);
0f6f49a8 LT	534	}
57adc4d2 AK	535	EXPORT_SYMBOL(warn_slowpath_fmt);
57adc4d2 AK	536
b2be0527 BH	537	void warn_slowpath_fmt_taint(const char *file, int line,
	538	unsigned taint, const char *fmt, ...)
	539	{
2553b67a	540	struct warn_args args;
b2be0527 BH	541
	542	args.fmt = fmt;
	543	va_start(args.args, fmt);
2553b67a	544	__warn(file, line, __builtin_return_address(0), taint, NULL, &args);
b2be0527 BH	545	va_end(args.args);
	546	}
	547	EXPORT_SYMBOL(warn_slowpath_fmt_taint);
	548
57adc4d2 AK	549	void warn_slowpath_null(const char *file, int line)
57adc4d2 AK	550	{
2553b67a	551	__warn(file, line, __builtin_return_address(0), TAINT_WARN, NULL, NULL);
57adc4d2 AK	552	}
57adc4d2 AK	553	EXPORT_SYMBOL(warn_slowpath_null);
79b4cc5e AV	554	#endif
79b4cc5e AV	555
3162f751	556	#ifdef CONFIG_CC_STACKPROTECTOR
54371a43	557
3162f751 AV	558	/*
	559	* Called when gcc's -fstack-protector feature is used, and
	560	* gcc detects corruption of the on-stack canary value
	561	*/
a7330c99	562	__visible void __stack_chk_fail(void)
3162f751	563	{
517a92c4 IM	564	panic("stack-protector: Kernel stack is corrupted in: %p\n",
517a92c4 IM	565	__builtin_return_address(0));
3162f751 AV	566	}
3162f751 AV	567	EXPORT_SYMBOL(__stack_chk_fail);
54371a43	568
3162f751	569	#endif
f44dd164 RR	570
	571	core_param(panic, panic_timeout, int, 0644);
	572	core_param(pause_on_oops, pause_on_oops, int, 0644);
9e3961a0	573	core_param(panic_on_warn, panic_on_warn, int, 0644);
d404ab0a	574
f06e5153 MH	575	static int __init setup_crash_kexec_post_notifiers(char *s)
	576	{
	577	crash_kexec_post_notifiers = true;
	578	return 0;
	579	}
	580	early_param("crash_kexec_post_notifiers", setup_crash_kexec_post_notifiers);
	581
d404ab0a OH	582	static int __init oops_setup(char *s)
	583	{
	584	if (!s)
	585	return -EINVAL;
	586	if (!strcmp(s, "panic"))
	587	panic_on_oops = 1;
	588	return 0;
	589	}
	590	early_param("oops", oops_setup);