[mirror_ubuntu-bionic-kernel.git] / kernel / panic.c

/*
 *  linux/kernel/panic.c
 *
 *  Copyright (C) 1991, 1992  Linus Torvalds
 */

/*
 * This function is used through-out the kernel (including mm and fs)
 * to indicate a major problem.
 */
#include <linux/debug_locks.h>
#include <linux/interrupt.h>
#include <linux/kmsg_dump.h>
#include <linux/kallsyms.h>
#include <linux/notifier.h>
#include <linux/module.h>
#include <linux/random.h>
#include <linux/ftrace.h>
#include <linux/reboot.h>
#include <linux/delay.h>
#include <linux/kexec.h>
#include <linux/sched.h>
#include <linux/sysrq.h>
#include <linux/init.h>
#include <linux/nmi.h>
#include <linux/console.h>

#define PANIC_TIMER_STEP 100
#define PANIC_BLINK_SPD 18

int panic_on_oops = CONFIG_PANIC_ON_OOPS_VALUE;
static unsigned long tainted_mask;
static int pause_on_oops;
static int pause_on_oops_flag;
static DEFINE_SPINLOCK(pause_on_oops_lock);
bool crash_kexec_post_notifiers;
int panic_on_warn __read_mostly;

int panic_timeout = CONFIG_PANIC_TIMEOUT;
EXPORT_SYMBOL_GPL(panic_timeout);

ATOMIC_NOTIFIER_HEAD(panic_notifier_list);

EXPORT_SYMBOL(panic_notifier_list);

static long no_blink(int state)
{
	return 0;
}

/* Returns how long it waited in ms */
long (*panic_blink)(int state);
EXPORT_SYMBOL(panic_blink);

/*
 * Stop ourself in panic -- architecture code may override this
 */
void __weak panic_smp_self_stop(void)
{
	while (1)
		cpu_relax();
}

atomic_t panic_cpu = ATOMIC_INIT(PANIC_CPU_INVALID);

/**
 *	panic - halt the system
 *	@fmt: The text string to print
 *
 *	Display a message, then perform cleanups.
 *
 *	This function never returns.
 */
void panic(const char *fmt, ...)
{
	static char buf[1024];
	va_list args;
	long i, i_next = 0;
	int state = 0;
	int old_cpu, this_cpu;

	/*
	 * Disable local interrupts. This will prevent panic_smp_self_stop
	 * from deadlocking the first cpu that invokes the panic, since
	 * there is nothing to prevent an interrupt handler (that runs
	 * after setting panic_cpu) from invoking panic() again.
	 */
	local_irq_disable();

	/*
	 * It's possible to come here directly from a panic-assertion and
	 * not have preempt disabled. Some functions called from here want
	 * preempt to be disabled. No point enabling it later though...
	 *
	 * Only one CPU is allowed to execute the panic code from here. For
	 * multiple parallel invocations of panic, all other CPUs either
	 * stop themself or will wait until they are stopped by the 1st CPU
	 * with smp_send_stop().
	 *
	 * `old_cpu == PANIC_CPU_INVALID' means this is the 1st CPU which
	 * comes here, so go ahead.
	 * `old_cpu == this_cpu' means we came from nmi_panic() which sets
	 * panic_cpu to this CPU.  In this case, this is also the 1st CPU.
	 */
	this_cpu = raw_smp_processor_id();
	old_cpu  = atomic_cmpxchg(&panic_cpu, PANIC_CPU_INVALID, this_cpu);

	if (old_cpu != PANIC_CPU_INVALID && old_cpu != this_cpu)
		panic_smp_self_stop();

	console_verbose();
	bust_spinlocks(1);
	va_start(args, fmt);
	vsnprintf(buf, sizeof(buf), fmt, args);
	va_end(args);
	pr_emerg("Kernel panic - not syncing: %s\n", buf);
#ifdef CONFIG_DEBUG_BUGVERBOSE
	/*
	 * Avoid nested stack-dumping if a panic occurs during oops processing
	 */
	if (!test_taint(TAINT_DIE) && oops_in_progress <= 1)
		dump_stack();
#endif

	/*
	 * If we have crashed and we have a crash kernel loaded let it handle
	 * everything else.
	 * If we want to run this after calling panic_notifiers, pass
	 * the "crash_kexec_post_notifiers" option to the kernel.
	 */
	if (!crash_kexec_post_notifiers)
		crash_kexec(NULL);

	/*
	 * Note smp_send_stop is the usual smp shutdown function, which
	 * unfortunately means it may not be hardened to work in a panic
	 * situation.
	 */
	smp_send_stop();

	/*
	 * Run any panic handlers, including those that might need to
	 * add information to the kmsg dump output.
	 */
	atomic_notifier_call_chain(&panic_notifier_list, 0, buf);

	kmsg_dump(KMSG_DUMP_PANIC);

	/*
	 * If you doubt kdump always works fine in any situation,
	 * "crash_kexec_post_notifiers" offers you a chance to run
	 * panic_notifiers and dumping kmsg before kdump.
	 * Note: since some panic_notifiers can make crashed kernel
	 * more unstable, it can increase risks of the kdump failure too.
	 */
	if (crash_kexec_post_notifiers)
		crash_kexec(NULL);

	bust_spinlocks(0);

	/*
	 * We may have ended up stopping the CPU holding the lock (in
	 * smp_send_stop()) while still having some valuable data in the console
	 * buffer.  Try to acquire the lock then release it regardless of the
	 * result.  The release will also print the buffers out.  Locks debug
	 * should be disabled to avoid reporting bad unlock balance when
	 * panic() is not being callled from OOPS.
	 */
	debug_locks_off();
	console_trylock();
	console_unlock();

	if (!panic_blink)
		panic_blink = no_blink;

	if (panic_timeout > 0) {
		/*
		 * Delay timeout seconds before rebooting the machine.
		 * We can't use the "normal" timers since we just panicked.
		 */
		pr_emerg("Rebooting in %d seconds..", panic_timeout);

		for (i = 0; i < panic_timeout * 1000; i += PANIC_TIMER_STEP) {
			touch_nmi_watchdog();
			if (i >= i_next) {
				i += panic_blink(state ^= 1);
				i_next = i + 3600 / PANIC_BLINK_SPD;
			}
			mdelay(PANIC_TIMER_STEP);
		}
	}
	if (panic_timeout != 0) {
		/*
		 * This will not be a clean reboot, with everything
		 * shutting down.  But if there is a chance of
		 * rebooting the system it will be rebooted.
		 */
		emergency_restart();
	}
#ifdef __sparc__
	{
		extern int stop_a_enabled;
		/* Make sure the user can actually press Stop-A (L1-A) */
		stop_a_enabled = 1;
		pr_emerg("Press Stop-A (L1-A) to return to the boot prom\n");
	}
#endif
#if defined(CONFIG_S390)
	{
		unsigned long caller;

		caller = (unsigned long)__builtin_return_address(0);
		disabled_wait(caller);
	}
#endif
	pr_emerg("---[ end Kernel panic - not syncing: %s\n", buf);
	local_irq_enable();
	for (i = 0; ; i += PANIC_TIMER_STEP) {
		touch_softlockup_watchdog();
		if (i >= i_next) {
			i += panic_blink(state ^= 1);
			i_next = i + 3600 / PANIC_BLINK_SPD;
		}
		mdelay(PANIC_TIMER_STEP);
	}
}

EXPORT_SYMBOL(panic);


struct tnt {
	u8	bit;
	char	true;
	char	false;
};

static const struct tnt tnts[] = {
	{ TAINT_PROPRIETARY_MODULE,	'P', 'G' },
	{ TAINT_FORCED_MODULE,		'F', ' ' },
	{ TAINT_CPU_OUT_OF_SPEC,	'S', ' ' },
	{ TAINT_FORCED_RMMOD,		'R', ' ' },
	{ TAINT_MACHINE_CHECK,		'M', ' ' },
	{ TAINT_BAD_PAGE,		'B', ' ' },
	{ TAINT_USER,			'U', ' ' },
	{ TAINT_DIE,			'D', ' ' },
	{ TAINT_OVERRIDDEN_ACPI_TABLE,	'A', ' ' },
	{ TAINT_WARN,			'W', ' ' },
	{ TAINT_CRAP,			'C', ' ' },
	{ TAINT_FIRMWARE_WORKAROUND,	'I', ' ' },
	{ TAINT_OOT_MODULE,		'O', ' ' },
	{ TAINT_UNSIGNED_MODULE,	'E', ' ' },
	{ TAINT_SOFTLOCKUP,		'L', ' ' },
	{ TAINT_LIVEPATCH,		'K', ' ' },
};

/**
 *	print_tainted - return a string to represent the kernel taint state.
 *
 *  'P' - Proprietary module has been loaded.
 *  'F' - Module has been forcibly loaded.
 *  'S' - SMP with CPUs not designed for SMP.
 *  'R' - User forced a module unload.
 *  'M' - System experienced a machine check exception.
 *  'B' - System has hit bad_page.
 *  'U' - Userspace-defined naughtiness.
 *  'D' - Kernel has oopsed before
 *  'A' - ACPI table overridden.
 *  'W' - Taint on warning.
 *  'C' - modules from drivers/staging are loaded.
 *  'I' - Working around severe firmware bug.
 *  'O' - Out-of-tree module has been loaded.
 *  'E' - Unsigned module has been loaded.
 *  'L' - A soft lockup has previously occurred.
 *  'K' - Kernel has been live patched.
 *
 *	The string is overwritten by the next call to print_tainted().
 */
const char *print_tainted(void)
{
	static char buf[ARRAY_SIZE(tnts) + sizeof("Tainted: ")];

	if (tainted_mask) {
		char *s;
		int i;

		s = buf + sprintf(buf, "Tainted: ");
		for (i = 0; i < ARRAY_SIZE(tnts); i++) {
			const struct tnt *t = &tnts[i];
			*s++ = test_bit(t->bit, &tainted_mask) ?
					t->true : t->false;
		}
		*s = 0;
	} else
		snprintf(buf, sizeof(buf), "Not tainted");

	return buf;
}

int test_taint(unsigned flag)
{
	return test_bit(flag, &tainted_mask);
}
EXPORT_SYMBOL(test_taint);

unsigned long get_taint(void)
{
	return tainted_mask;
}

/**
 * add_taint: add a taint flag if not already set.
 * @flag: one of the TAINT_* constants.
 * @lockdep_ok: whether lock debugging is still OK.
 *
 * If something bad has gone wrong, you'll want @lockdebug_ok = false, but for
 * some notewortht-but-not-corrupting cases, it can be set to true.
 */
void add_taint(unsigned flag, enum lockdep_ok lockdep_ok)
{
	if (lockdep_ok == LOCKDEP_NOW_UNRELIABLE && __debug_locks_off())
		pr_warn("Disabling lock debugging due to kernel taint\n");

	set_bit(flag, &tainted_mask);
}
EXPORT_SYMBOL(add_taint);

static void spin_msec(int msecs)
{
	int i;

	for (i = 0; i < msecs; i++) {
		touch_nmi_watchdog();
		mdelay(1);
	}
}

/*
 * It just happens that oops_enter() and oops_exit() are identically
 * implemented...
 */
static void do_oops_enter_exit(void)
{
	unsigned long flags;
	static int spin_counter;

	if (!pause_on_oops)
		return;

	spin_lock_irqsave(&pause_on_oops_lock, flags);
	if (pause_on_oops_flag == 0) {
		/* This CPU may now print the oops message */
		pause_on_oops_flag = 1;
	} else {
		/* We need to stall this CPU */
		if (!spin_counter) {
			/* This CPU gets to do the counting */
			spin_counter = pause_on_oops;
			do {
				spin_unlock(&pause_on_oops_lock);
				spin_msec(MSEC_PER_SEC);
				spin_lock(&pause_on_oops_lock);
			} while (--spin_counter);
			pause_on_oops_flag = 0;
		} else {
			/* This CPU waits for a different one */
			while (spin_counter) {
				spin_unlock(&pause_on_oops_lock);
				spin_msec(1);
				spin_lock(&pause_on_oops_lock);
			}
		}
	}
	spin_unlock_irqrestore(&pause_on_oops_lock, flags);
}

/*
 * Return true if the calling CPU is allowed to print oops-related info.
 * This is a bit racy..
 */
int oops_may_print(void)
{
	return pause_on_oops_flag == 0;
}

/*
 * Called when the architecture enters its oops handler, before it prints
 * anything.  If this is the first CPU to oops, and it's oopsing the first
 * time then let it proceed.
 *
 * This is all enabled by the pause_on_oops kernel boot option.  We do all
 * this to ensure that oopses don't scroll off the screen.  It has the
 * side-effect of preventing later-oopsing CPUs from mucking up the display,
 * too.
 *
 * It turns out that the CPU which is allowed to print ends up pausing for
 * the right duration, whereas all the other CPUs pause for twice as long:
 * once in oops_enter(), once in oops_exit().
 */
void oops_enter(void)
{
	tracing_off();
	/* can't trust the integrity of the kernel anymore: */
	debug_locks_off();
	do_oops_enter_exit();
}

/*
 * 64-bit random ID for oopses:
 */
static u64 oops_id;

static int init_oops_id(void)
{
	if (!oops_id)
		get_random_bytes(&oops_id, sizeof(oops_id));
	else
		oops_id++;

	return 0;
}
late_initcall(init_oops_id);

void print_oops_end_marker(void)
{
	init_oops_id();
	pr_warn("---[ end trace %016llx ]---\n", (unsigned long long)oops_id);
}

/*
 * Called when the architecture exits its oops handler, after printing
 * everything.
 */
void oops_exit(void)
{
	do_oops_enter_exit();
	print_oops_end_marker();
	kmsg_dump(KMSG_DUMP_OOPS);
}

#ifdef WANT_WARN_ON_SLOWPATH
struct slowpath_args {
	const char *fmt;
	va_list args;
};

static void warn_slowpath_common(const char *file, int line, void *caller,
				 unsigned taint, struct slowpath_args *args)
{
	disable_trace_on_warning();

	pr_warn("------------[ cut here ]------------\n");
	pr_warn("WARNING: CPU: %d PID: %d at %s:%d %pS()\n",
		raw_smp_processor_id(), current->pid, file, line, caller);

	if (args)
		vprintk(args->fmt, args->args);

	if (panic_on_warn) {
		/*
		 * This thread may hit another WARN() in the panic path.
		 * Resetting this prevents additional WARN() from panicking the
		 * system on this thread.  Other threads are blocked by the
		 * panic_mutex in panic().
		 */
		panic_on_warn = 0;
		panic("panic_on_warn set ...\n");
	}

	print_modules();
	dump_stack();
	print_oops_end_marker();
	/* Just a warning, don't kill lockdep. */
	add_taint(taint, LOCKDEP_STILL_OK);
}

void warn_slowpath_fmt(const char *file, int line, const char *fmt, ...)
{
	struct slowpath_args args;

	args.fmt = fmt;
	va_start(args.args, fmt);
	warn_slowpath_common(file, line, __builtin_return_address(0),
			     TAINT_WARN, &args);
	va_end(args.args);
}
EXPORT_SYMBOL(warn_slowpath_fmt);

void warn_slowpath_fmt_taint(const char *file, int line,
			     unsigned taint, const char *fmt, ...)
{
	struct slowpath_args args;

	args.fmt = fmt;
	va_start(args.args, fmt);
	warn_slowpath_common(file, line, __builtin_return_address(0),
			     taint, &args);
	va_end(args.args);
}
EXPORT_SYMBOL(warn_slowpath_fmt_taint);

void warn_slowpath_null(const char *file, int line)
{
	warn_slowpath_common(file, line, __builtin_return_address(0),
			     TAINT_WARN, NULL);
}
EXPORT_SYMBOL(warn_slowpath_null);
#endif

#ifdef CONFIG_CC_STACKPROTECTOR

/*
 * Called when gcc's -fstack-protector feature is used, and
 * gcc detects corruption of the on-stack canary value
 */
__visible void __stack_chk_fail(void)
{
	panic("stack-protector: Kernel stack is corrupted in: %p\n",
		__builtin_return_address(0));
}
EXPORT_SYMBOL(__stack_chk_fail);

#endif

core_param(panic, panic_timeout, int, 0644);
core_param(pause_on_oops, pause_on_oops, int, 0644);
core_param(panic_on_warn, panic_on_warn, int, 0644);

static int __init setup_crash_kexec_post_notifiers(char *s)
{
	crash_kexec_post_notifiers = true;
	return 0;
}
early_param("crash_kexec_post_notifiers", setup_crash_kexec_post_notifiers);

static int __init oops_setup(char *s)
{
	if (!s)
		return -EINVAL;
	if (!strcmp(s, "panic"))
		panic_on_oops = 1;
	return 0;
}
early_param("oops", oops_setup);
Commit	Line	Data
1da177e4 LT	1	/*
	2	* linux/kernel/panic.c
	3	*
	4	* Copyright (C) 1991, 1992 Linus Torvalds
	5	*/
	6
	7	/*
	8	* This function is used through-out the kernel (including mm and fs)
	9	* to indicate a major problem.
	10	*/
c95dbf27 IM	11	#include <linux/debug_locks.h>
c95dbf27 IM	12	#include <linux/interrupt.h>
456b565c	13	#include <linux/kmsg_dump.h>
c95dbf27 IM	14	#include <linux/kallsyms.h>
c95dbf27 IM	15	#include <linux/notifier.h>
1da177e4	16	#include <linux/module.h>
c95dbf27	17	#include <linux/random.h>
de7edd31	18	#include <linux/ftrace.h>
1da177e4	19	#include <linux/reboot.h>
c95dbf27 IM	20	#include <linux/delay.h>
	21	#include <linux/kexec.h>
	22	#include <linux/sched.h>
1da177e4	23	#include <linux/sysrq.h>
c95dbf27	24	#include <linux/init.h>
1da177e4	25	#include <linux/nmi.h>
08d78658	26	#include <linux/console.h>
1da177e4	27
c7ff0d9c TS	28	#define PANIC_TIMER_STEP 100
	29	#define PANIC_BLINK_SPD 18
	30
2a01bb38	31	int panic_on_oops = CONFIG_PANIC_ON_OOPS_VALUE;
25ddbb18	32	static unsigned long tainted_mask;
dd287796 AM	33	static int pause_on_oops;
	34	static int pause_on_oops_flag;
	35	static DEFINE_SPINLOCK(pause_on_oops_lock);
5375b708	36	bool crash_kexec_post_notifiers;
9e3961a0	37	int panic_on_warn __read_mostly;
1da177e4	38
5800dc3c	39	int panic_timeout = CONFIG_PANIC_TIMEOUT;
81e88fdc	40	EXPORT_SYMBOL_GPL(panic_timeout);
1da177e4	41
e041c683	42	ATOMIC_NOTIFIER_HEAD(panic_notifier_list);
1da177e4 LT	43
	44	EXPORT_SYMBOL(panic_notifier_list);
	45
c7ff0d9c	46	static long no_blink(int state)
8aeee85a	47	{
c7ff0d9c	48	return 0;
8aeee85a AB	49	}
8aeee85a AB	50
c7ff0d9c TS	51	/* Returns how long it waited in ms */
	52	long (*panic_blink)(int state);
	53	EXPORT_SYMBOL(panic_blink);
	54
93e13a36 MH	55	/*
	56	* Stop ourself in panic -- architecture code may override this
	57	*/
	58	void __weak panic_smp_self_stop(void)
	59	{
	60	while (1)
	61	cpu_relax();
	62	}
	63
1717f209 HK	64	atomic_t panic_cpu = ATOMIC_INIT(PANIC_CPU_INVALID);
1717f209 HK	65
1da177e4 LT	66	/**
	67	* panic - halt the system
	68	* @fmt: The text string to print
	69	*
	70	* Display a message, then perform cleanups.
	71	*
	72	* This function never returns.
	73	*/
9402c95f	74	void panic(const char *fmt, ...)
1da177e4	75	{
1da177e4 LT	76	static char buf[1024];
1da177e4 LT	77	va_list args;
c7ff0d9c TS	78	long i, i_next = 0;
c7ff0d9c TS	79	int state = 0;
1717f209	80	int old_cpu, this_cpu;
1da177e4	81
190320c3 VM	82	/*
	83	* Disable local interrupts. This will prevent panic_smp_self_stop
	84	* from deadlocking the first cpu that invokes the panic, since
	85	* there is nothing to prevent an interrupt handler (that runs
1717f209	86	* after setting panic_cpu) from invoking panic() again.
190320c3 VM	87	*/
	88	local_irq_disable();
	89
dc009d92	90	/*
c95dbf27 IM	91	* It's possible to come here directly from a panic-assertion and
c95dbf27 IM	92	* not have preempt disabled. Some functions called from here want
dc009d92	93	* preempt to be disabled. No point enabling it later though...
93e13a36 MH	94	*
	95	* Only one CPU is allowed to execute the panic code from here. For
	96	* multiple parallel invocations of panic, all other CPUs either
	97	* stop themself or will wait until they are stopped by the 1st CPU
	98	* with smp_send_stop().
1717f209 HK	99	*
	100	* `old_cpu == PANIC_CPU_INVALID' means this is the 1st CPU which
	101	* comes here, so go ahead.
	102	* `old_cpu == this_cpu' means we came from nmi_panic() which sets
	103	* panic_cpu to this CPU. In this case, this is also the 1st CPU.
dc009d92	104	*/
1717f209 HK	105	this_cpu = raw_smp_processor_id();
	106	old_cpu = atomic_cmpxchg(&panic_cpu, PANIC_CPU_INVALID, this_cpu);
	107
	108	if (old_cpu != PANIC_CPU_INVALID && old_cpu != this_cpu)
93e13a36	109	panic_smp_self_stop();
dc009d92	110
5b530fc1	111	console_verbose();
1da177e4 LT	112	bust_spinlocks(1);
	113	va_start(args, fmt);
	114	vsnprintf(buf, sizeof(buf), fmt, args);
	115	va_end(args);
d7c0847f	116	pr_emerg("Kernel panic - not syncing: %s\n", buf);
5cb27301	117	#ifdef CONFIG_DEBUG_BUGVERBOSE
6e6f0a1f AK	118	/*
	119	* Avoid nested stack-dumping if a panic occurs during oops processing
	120	*/
026ee1f6	121	if (!test_taint(TAINT_DIE) && oops_in_progress <= 1)
6e6f0a1f	122	dump_stack();
5cb27301	123	#endif
1da177e4	124
dc009d92 EB	125	/*
	126	* If we have crashed and we have a crash kernel loaded let it handle
	127	* everything else.
f06e5153 MH	128	* If we want to run this after calling panic_notifiers, pass
f06e5153 MH	129	* the "crash_kexec_post_notifiers" option to the kernel.
dc009d92	130	*/
f06e5153 MH	131	if (!crash_kexec_post_notifiers)
f06e5153 MH	132	crash_kexec(NULL);
dc009d92	133
dc009d92 EB	134	/*
	135	* Note smp_send_stop is the usual smp shutdown function, which
	136	* unfortunately means it may not be hardened to work in a panic
	137	* situation.
	138	*/
1da177e4	139	smp_send_stop();
1da177e4	140
6723734c KC	141	/*
	142	* Run any panic handlers, including those that might need to
	143	* add information to the kmsg dump output.
	144	*/
e041c683	145	atomic_notifier_call_chain(&panic_notifier_list, 0, buf);
1da177e4	146
6723734c KC	147	kmsg_dump(KMSG_DUMP_PANIC);
6723734c KC	148
f06e5153 MH	149	/*
	150	* If you doubt kdump always works fine in any situation,
	151	* "crash_kexec_post_notifiers" offers you a chance to run
	152	* panic_notifiers and dumping kmsg before kdump.
	153	* Note: since some panic_notifiers can make crashed kernel
	154	* more unstable, it can increase risks of the kdump failure too.
	155	*/
f45d85ff HD	156	if (crash_kexec_post_notifiers)
f45d85ff HD	157	crash_kexec(NULL);
f06e5153	158
d014e889 AK	159	bust_spinlocks(0);
d014e889 AK	160
08d78658 VK	161	/*
	162	* We may have ended up stopping the CPU holding the lock (in
	163	* smp_send_stop()) while still having some valuable data in the console
	164	* buffer. Try to acquire the lock then release it regardless of the
7625b3a0 VK	165	* result. The release will also print the buffers out. Locks debug
	166	* should be disabled to avoid reporting bad unlock balance when
	167	* panic() is not being callled from OOPS.
08d78658	168	*/
7625b3a0	169	debug_locks_off();
08d78658 VK	170	console_trylock();
	171	console_unlock();
	172
c7ff0d9c TS	173	if (!panic_blink)
	174	panic_blink = no_blink;
	175
dc009d92	176	if (panic_timeout > 0) {
1da177e4	177	/*
c95dbf27 IM	178	* Delay timeout seconds before rebooting the machine.
	179	* We can't use the "normal" timers since we just panicked.
	180	*/
d7c0847f	181	pr_emerg("Rebooting in %d seconds..", panic_timeout);
c95dbf27	182
c7ff0d9c	183	for (i = 0; i < panic_timeout * 1000; i += PANIC_TIMER_STEP) {
1da177e4	184	touch_nmi_watchdog();
c7ff0d9c TS	185	if (i >= i_next) {
	186	i += panic_blink(state ^= 1);
	187	i_next = i + 3600 / PANIC_BLINK_SPD;
	188	}
	189	mdelay(PANIC_TIMER_STEP);
1da177e4	190	}
4302fbc8 HD	191	}
4302fbc8 HD	192	if (panic_timeout != 0) {
c95dbf27 IM	193	/*
	194	* This will not be a clean reboot, with everything
	195	* shutting down. But if there is a chance of
	196	* rebooting the system it will be rebooted.
1da177e4	197	*/
2f048ea8	198	emergency_restart();
1da177e4 LT	199	}
	200	#ifdef __sparc__
	201	{
	202	extern int stop_a_enabled;
a271c241	203	/* Make sure the user can actually press Stop-A (L1-A) */
1da177e4	204	stop_a_enabled = 1;
d7c0847f	205	pr_emerg("Press Stop-A (L1-A) to return to the boot prom\n");
1da177e4 LT	206	}
1da177e4 LT	207	#endif
347a8dc3	208	#if defined(CONFIG_S390)
c95dbf27 IM	209	{
	210	unsigned long caller;
	211
	212	caller = (unsigned long)__builtin_return_address(0);
	213	disabled_wait(caller);
	214	}
1da177e4	215	#endif
d7c0847f	216	pr_emerg("---[ end Kernel panic - not syncing: %s\n", buf);
1da177e4	217	local_irq_enable();
c7ff0d9c	218	for (i = 0; ; i += PANIC_TIMER_STEP) {
c22db941	219	touch_softlockup_watchdog();
c7ff0d9c TS	220	if (i >= i_next) {
	221	i += panic_blink(state ^= 1);
	222	i_next = i + 3600 / PANIC_BLINK_SPD;
	223	}
	224	mdelay(PANIC_TIMER_STEP);
1da177e4 LT	225	}
	226	}
	227
	228	EXPORT_SYMBOL(panic);
	229
c277e63f	230
25ddbb18	231	struct tnt {
c95dbf27 IM	232	u8 bit;
	233	char true;
	234	char false;
25ddbb18 AK	235	};
	236
	237	static const struct tnt tnts[] = {
c95dbf27 IM	238	{ TAINT_PROPRIETARY_MODULE, 'P', 'G' },
c95dbf27 IM	239	{ TAINT_FORCED_MODULE, 'F', ' ' },
8c90487c	240	{ TAINT_CPU_OUT_OF_SPEC, 'S', ' ' },
c95dbf27 IM	241	{ TAINT_FORCED_RMMOD, 'R', ' ' },
	242	{ TAINT_MACHINE_CHECK, 'M', ' ' },
	243	{ TAINT_BAD_PAGE, 'B', ' ' },
	244	{ TAINT_USER, 'U', ' ' },
	245	{ TAINT_DIE, 'D', ' ' },
	246	{ TAINT_OVERRIDDEN_ACPI_TABLE, 'A', ' ' },
	247	{ TAINT_WARN, 'W', ' ' },
	248	{ TAINT_CRAP, 'C', ' ' },
92946bc7	249	{ TAINT_FIRMWARE_WORKAROUND, 'I', ' ' },
2449b8ba	250	{ TAINT_OOT_MODULE, 'O', ' ' },
57673c2b	251	{ TAINT_UNSIGNED_MODULE, 'E', ' ' },
69361eef	252	{ TAINT_SOFTLOCKUP, 'L', ' ' },
c5f45465	253	{ TAINT_LIVEPATCH, 'K', ' ' },
25ddbb18 AK	254	};
25ddbb18 AK	255
1da177e4 LT	256	/**
	257	* print_tainted - return a string to represent the kernel taint state.
	258	*
	259	* 'P' - Proprietary module has been loaded.
	260	* 'F' - Module has been forcibly loaded.
	261	* 'S' - SMP with CPUs not designed for SMP.
	262	* 'R' - User forced a module unload.
9aa5e993	263	* 'M' - System experienced a machine check exception.
1da177e4	264	* 'B' - System has hit bad_page.
34f5a398	265	* 'U' - Userspace-defined naughtiness.
a8005992	266	* 'D' - Kernel has oopsed before
95b570c9 NH	267	* 'A' - ACPI table overridden.
95b570c9 NH	268	* 'W' - Taint on warning.
061b1bd3	269	* 'C' - modules from drivers/staging are loaded.
92946bc7	270	* 'I' - Working around severe firmware bug.
2449b8ba	271	* 'O' - Out-of-tree module has been loaded.
57673c2b	272	* 'E' - Unsigned module has been loaded.
bc53a3f4	273	* 'L' - A soft lockup has previously occurred.
c5f45465	274	* 'K' - Kernel has been live patched.
1da177e4	275	*
fe002a41	276	* The string is overwritten by the next call to print_tainted().
1da177e4	277	*/
1da177e4 LT	278	const char *print_tainted(void)
1da177e4 LT	279	{
01284764	280	static char buf[ARRAY_SIZE(tnts) + sizeof("Tainted: ")];
25ddbb18 AK	281
	282	if (tainted_mask) {
	283	char *s;
	284	int i;
	285
	286	s = buf + sprintf(buf, "Tainted: ");
	287	for (i = 0; i < ARRAY_SIZE(tnts); i++) {
	288	const struct tnt *t = &tnts[i];
	289	*s++ = test_bit(t->bit, &tainted_mask) ?
	290	t->true : t->false;
	291	}
	292	*s = 0;
	293	} else
1da177e4	294	snprintf(buf, sizeof(buf), "Not tainted");
c95dbf27 IM	295
c95dbf27 IM	296	return buf;
1da177e4 LT	297	}
1da177e4 LT	298
25ddbb18	299	int test_taint(unsigned flag)
1da177e4	300	{
25ddbb18 AK	301	return test_bit(flag, &tainted_mask);
	302	}
	303	EXPORT_SYMBOL(test_taint);
	304
	305	unsigned long get_taint(void)
	306	{
	307	return tainted_mask;
1da177e4	308	}
dd287796	309
373d4d09 RR	310	/**
	311	* add_taint: add a taint flag if not already set.
	312	* @flag: one of the TAINT_* constants.
	313	* @lockdep_ok: whether lock debugging is still OK.
	314	*
	315	* If something bad has gone wrong, you'll want @lockdebug_ok = false, but for
	316	* some notewortht-but-not-corrupting cases, it can be set to true.
	317	*/
	318	void add_taint(unsigned flag, enum lockdep_ok lockdep_ok)
dd287796	319	{
373d4d09	320	if (lockdep_ok == LOCKDEP_NOW_UNRELIABLE && __debug_locks_off())
d7c0847f	321	pr_warn("Disabling lock debugging due to kernel taint\n");
9eeba613	322
25ddbb18	323	set_bit(flag, &tainted_mask);
dd287796	324	}
1da177e4	325	EXPORT_SYMBOL(add_taint);
dd287796 AM	326
	327	static void spin_msec(int msecs)
	328	{
	329	int i;
	330
	331	for (i = 0; i < msecs; i++) {
	332	touch_nmi_watchdog();
	333	mdelay(1);
	334	}
	335	}
	336
	337	/*
	338	* It just happens that oops_enter() and oops_exit() are identically
	339	* implemented...
	340	*/
	341	static void do_oops_enter_exit(void)
	342	{
	343	unsigned long flags;
	344	static int spin_counter;
	345
	346	if (!pause_on_oops)
	347	return;
	348
	349	spin_lock_irqsave(&pause_on_oops_lock, flags);
	350	if (pause_on_oops_flag == 0) {
	351	/* This CPU may now print the oops message */
	352	pause_on_oops_flag = 1;
	353	} else {
	354	/* We need to stall this CPU */
	355	if (!spin_counter) {
	356	/* This CPU gets to do the counting */
	357	spin_counter = pause_on_oops;
	358	do {
	359	spin_unlock(&pause_on_oops_lock);
	360	spin_msec(MSEC_PER_SEC);
	361	spin_lock(&pause_on_oops_lock);
	362	} while (--spin_counter);
	363	pause_on_oops_flag = 0;
	364	} else {
	365	/* This CPU waits for a different one */
	366	while (spin_counter) {
	367	spin_unlock(&pause_on_oops_lock);
	368	spin_msec(1);
	369	spin_lock(&pause_on_oops_lock);
	370	}
	371	}
	372	}
	373	spin_unlock_irqrestore(&pause_on_oops_lock, flags);
	374	}
	375
	376	/*
c95dbf27 IM	377	* Return true if the calling CPU is allowed to print oops-related info.
c95dbf27 IM	378	* This is a bit racy..
dd287796 AM	379	*/
	380	int oops_may_print(void)
	381	{
	382	return pause_on_oops_flag == 0;
	383	}
	384
	385	/*
	386	* Called when the architecture enters its oops handler, before it prints
c95dbf27 IM	387	* anything. If this is the first CPU to oops, and it's oopsing the first
c95dbf27 IM	388	* time then let it proceed.
dd287796	389	*
c95dbf27 IM	390	* This is all enabled by the pause_on_oops kernel boot option. We do all
	391	* this to ensure that oopses don't scroll off the screen. It has the
	392	* side-effect of preventing later-oopsing CPUs from mucking up the display,
	393	* too.
dd287796	394	*
c95dbf27 IM	395	* It turns out that the CPU which is allowed to print ends up pausing for
	396	* the right duration, whereas all the other CPUs pause for twice as long:
	397	* once in oops_enter(), once in oops_exit().
dd287796 AM	398	*/
	399	void oops_enter(void)
	400	{
bdff7870	401	tracing_off();
c95dbf27 IM	402	/* can't trust the integrity of the kernel anymore: */
c95dbf27 IM	403	debug_locks_off();
dd287796 AM	404	do_oops_enter_exit();
	405	}
	406
2c3b20e9 AV	407	/*
	408	* 64-bit random ID for oopses:
	409	*/
	410	static u64 oops_id;
	411
	412	static int init_oops_id(void)
	413	{
	414	if (!oops_id)
	415	get_random_bytes(&oops_id, sizeof(oops_id));
d6624f99 AV	416	else
d6624f99 AV	417	oops_id++;
2c3b20e9 AV	418
	419	return 0;
	420	}
	421	late_initcall(init_oops_id);
	422
863a6049	423	void print_oops_end_marker(void)
71c33911 AV	424	{
71c33911 AV	425	init_oops_id();
d7c0847f	426	pr_warn("---[ end trace %016llx ]---\n", (unsigned long long)oops_id);
71c33911 AV	427	}
71c33911 AV	428
dd287796 AM	429	/*
	430	* Called when the architecture exits its oops handler, after printing
	431	* everything.
	432	*/
	433	void oops_exit(void)
	434	{
	435	do_oops_enter_exit();
71c33911	436	print_oops_end_marker();
456b565c	437	kmsg_dump(KMSG_DUMP_OOPS);
dd287796	438	}
3162f751	439
79b4cc5e	440	#ifdef WANT_WARN_ON_SLOWPATH
0f6f49a8 LT	441	struct slowpath_args {
0f6f49a8 LT	442	const char *fmt;
a8f18b90	443	va_list args;
0f6f49a8	444	};
bd89bb29	445
b2be0527 BH	446	static void warn_slowpath_common(const char file, int line, void caller,
b2be0527 BH	447	unsigned taint, struct slowpath_args *args)
0f6f49a8	448	{
de7edd31 SRRH	449	disable_trace_on_warning();
de7edd31 SRRH	450
dcb6b452 AT	451	pr_warn("------------[ cut here ]------------\n");
	452	pr_warn("WARNING: CPU: %d PID: %d at %s:%d %pS()\n",
	453	raw_smp_processor_id(), current->pid, file, line, caller);
74853dba	454
0f6f49a8 LT	455	if (args)
0f6f49a8 LT	456	vprintk(args->fmt, args->args);
a8f18b90	457
9e3961a0 PB	458	if (panic_on_warn) {
	459	/*
	460	* This thread may hit another WARN() in the panic path.
	461	* Resetting this prevents additional WARN() from panicking the
	462	* system on this thread. Other threads are blocked by the
	463	* panic_mutex in panic().
	464	*/
	465	panic_on_warn = 0;
	466	panic("panic_on_warn set ...\n");
	467	}
	468
a8f18b90 AV	469	print_modules();
	470	dump_stack();
	471	print_oops_end_marker();
373d4d09 RR	472	/* Just a warning, don't kill lockdep. */
373d4d09 RR	473	add_taint(taint, LOCKDEP_STILL_OK);
a8f18b90	474	}
0f6f49a8 LT	475
	476	void warn_slowpath_fmt(const char file, int line, const char fmt, ...)
	477	{
	478	struct slowpath_args args;
	479
	480	args.fmt = fmt;
	481	va_start(args.args, fmt);
b2be0527 BH	482	warn_slowpath_common(file, line, __builtin_return_address(0),
b2be0527 BH	483	TAINT_WARN, &args);
0f6f49a8 LT	484	va_end(args.args);
0f6f49a8 LT	485	}
57adc4d2 AK	486	EXPORT_SYMBOL(warn_slowpath_fmt);
57adc4d2 AK	487
b2be0527 BH	488	void warn_slowpath_fmt_taint(const char *file, int line,
	489	unsigned taint, const char *fmt, ...)
	490	{
	491	struct slowpath_args args;
	492
	493	args.fmt = fmt;
	494	va_start(args.args, fmt);
	495	warn_slowpath_common(file, line, __builtin_return_address(0),
	496	taint, &args);
	497	va_end(args.args);
	498	}
	499	EXPORT_SYMBOL(warn_slowpath_fmt_taint);
	500
57adc4d2 AK	501	void warn_slowpath_null(const char *file, int line)
57adc4d2 AK	502	{
b2be0527 BH	503	warn_slowpath_common(file, line, __builtin_return_address(0),
b2be0527 BH	504	TAINT_WARN, NULL);
57adc4d2 AK	505	}
57adc4d2 AK	506	EXPORT_SYMBOL(warn_slowpath_null);
79b4cc5e AV	507	#endif
79b4cc5e AV	508
3162f751	509	#ifdef CONFIG_CC_STACKPROTECTOR
54371a43	510
3162f751 AV	511	/*
	512	* Called when gcc's -fstack-protector feature is used, and
	513	* gcc detects corruption of the on-stack canary value
	514	*/
a7330c99	515	__visible void __stack_chk_fail(void)
3162f751	516	{
517a92c4 IM	517	panic("stack-protector: Kernel stack is corrupted in: %p\n",
517a92c4 IM	518	__builtin_return_address(0));
3162f751 AV	519	}
3162f751 AV	520	EXPORT_SYMBOL(__stack_chk_fail);
54371a43	521
3162f751	522	#endif
f44dd164 RR	523
	524	core_param(panic, panic_timeout, int, 0644);
	525	core_param(pause_on_oops, pause_on_oops, int, 0644);
9e3961a0	526	core_param(panic_on_warn, panic_on_warn, int, 0644);
d404ab0a	527
f06e5153 MH	528	static int __init setup_crash_kexec_post_notifiers(char *s)
	529	{
	530	crash_kexec_post_notifiers = true;
	531	return 0;
	532	}
	533	early_param("crash_kexec_post_notifiers", setup_crash_kexec_post_notifiers);
	534
d404ab0a OH	535	static int __init oops_setup(char *s)
	536	{
	537	if (!s)
	538	return -EINVAL;
	539	if (!strcmp(s, "panic"))
	540	panic_on_oops = 1;
	541	return 0;
	542	}
	543	early_param("oops", oops_setup);