trace_stack.c 15 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532533534535536537538539540541542543544545546547548549550551552553554555556557558559560561562563564565566567568569570571572573574575576577578579580581582
  1. // SPDX-License-Identifier: GPL-2.0
  2. /*
  3. * Copyright (C) 2008 Steven Rostedt <[email protected]>
  4. *
  5. */
  6. #include <linux/sched/task_stack.h>
  7. #include <linux/stacktrace.h>
  8. #include <linux/security.h>
  9. #include <linux/kallsyms.h>
  10. #include <linux/seq_file.h>
  11. #include <linux/spinlock.h>
  12. #include <linux/uaccess.h>
  13. #include <linux/ftrace.h>
  14. #include <linux/module.h>
  15. #include <linux/sysctl.h>
  16. #include <linux/init.h>
  17. #include <asm/setup.h>
  18. #include "trace.h"
  19. #define STACK_TRACE_ENTRIES 500
  20. static unsigned long stack_dump_trace[STACK_TRACE_ENTRIES];
  21. static unsigned stack_trace_index[STACK_TRACE_ENTRIES];
  22. static unsigned int stack_trace_nr_entries;
  23. static unsigned long stack_trace_max_size;
  24. static arch_spinlock_t stack_trace_max_lock =
  25. (arch_spinlock_t)__ARCH_SPIN_LOCK_UNLOCKED;
  26. DEFINE_PER_CPU(int, disable_stack_tracer);
  27. static DEFINE_MUTEX(stack_sysctl_mutex);
  28. int stack_tracer_enabled;
  29. static void print_max_stack(void)
  30. {
  31. long i;
  32. int size;
  33. pr_emerg(" Depth Size Location (%d entries)\n"
  34. " ----- ---- --------\n",
  35. stack_trace_nr_entries);
  36. for (i = 0; i < stack_trace_nr_entries; i++) {
  37. if (i + 1 == stack_trace_nr_entries)
  38. size = stack_trace_index[i];
  39. else
  40. size = stack_trace_index[i] - stack_trace_index[i+1];
  41. pr_emerg("%3ld) %8d %5d %pS\n", i, stack_trace_index[i],
  42. size, (void *)stack_dump_trace[i]);
  43. }
  44. }
  45. /*
  46. * The stack tracer looks for a maximum stack at each call from a function. It
  47. * registers a callback from ftrace, and in that callback it examines the stack
  48. * size. It determines the stack size from the variable passed in, which is the
  49. * address of a local variable in the stack_trace_call() callback function.
  50. * The stack size is calculated by the address of the local variable to the top
  51. * of the current stack. If that size is smaller than the currently saved max
  52. * stack size, nothing more is done.
  53. *
  54. * If the size of the stack is greater than the maximum recorded size, then the
  55. * following algorithm takes place.
  56. *
  57. * For architectures (like x86) that store the function's return address before
  58. * saving the function's local variables, the stack will look something like
  59. * this:
  60. *
  61. * [ top of stack ]
  62. * 0: sys call entry frame
  63. * 10: return addr to entry code
  64. * 11: start of sys_foo frame
  65. * 20: return addr to sys_foo
  66. * 21: start of kernel_func_bar frame
  67. * 30: return addr to kernel_func_bar
  68. * 31: [ do trace stack here ]
  69. *
  70. * The save_stack_trace() is called returning all the functions it finds in the
  71. * current stack. Which would be (from the bottom of the stack to the top):
  72. *
  73. * return addr to kernel_func_bar
  74. * return addr to sys_foo
  75. * return addr to entry code
  76. *
  77. * Now to figure out how much each of these functions' local variable size is,
  78. * a search of the stack is made to find these values. When a match is made, it
  79. * is added to the stack_dump_trace[] array. The offset into the stack is saved
  80. * in the stack_trace_index[] array. The above example would show:
  81. *
  82. * stack_dump_trace[] | stack_trace_index[]
  83. * ------------------ + -------------------
  84. * return addr to kernel_func_bar | 30
  85. * return addr to sys_foo | 20
  86. * return addr to entry | 10
  87. *
  88. * The print_max_stack() function above, uses these values to print the size of
  89. * each function's portion of the stack.
  90. *
  91. * for (i = 0; i < nr_entries; i++) {
  92. * size = i == nr_entries - 1 ? stack_trace_index[i] :
  93. * stack_trace_index[i] - stack_trace_index[i+1]
  94. * print "%d %d %d %s\n", i, stack_trace_index[i], size, stack_dump_trace[i]);
  95. * }
  96. *
  97. * The above shows
  98. *
  99. * depth size location
  100. * ----- ---- --------
  101. * 0 30 10 kernel_func_bar
  102. * 1 20 10 sys_foo
  103. * 2 10 10 entry code
  104. *
  105. * Now for architectures that might save the return address after the functions
  106. * local variables (saving the link register before calling nested functions),
  107. * this will cause the stack to look a little different:
  108. *
  109. * [ top of stack ]
  110. * 0: sys call entry frame
  111. * 10: start of sys_foo_frame
  112. * 19: return addr to entry code << lr saved before calling kernel_func_bar
  113. * 20: start of kernel_func_bar frame
  114. * 29: return addr to sys_foo_frame << lr saved before calling next function
  115. * 30: [ do trace stack here ]
  116. *
  117. * Although the functions returned by save_stack_trace() may be the same, the
  118. * placement in the stack will be different. Using the same algorithm as above
  119. * would yield:
  120. *
  121. * stack_dump_trace[] | stack_trace_index[]
  122. * ------------------ + -------------------
  123. * return addr to kernel_func_bar | 30
  124. * return addr to sys_foo | 29
  125. * return addr to entry | 19
  126. *
  127. * Where the mapping is off by one:
  128. *
  129. * kernel_func_bar stack frame size is 29 - 19 not 30 - 29!
  130. *
  131. * To fix this, if the architecture sets ARCH_RET_ADDR_AFTER_LOCAL_VARS the
  132. * values in stack_trace_index[] are shifted by one to and the number of
  133. * stack trace entries is decremented by one.
  134. *
  135. * stack_dump_trace[] | stack_trace_index[]
  136. * ------------------ + -------------------
  137. * return addr to kernel_func_bar | 29
  138. * return addr to sys_foo | 19
  139. *
  140. * Although the entry function is not displayed, the first function (sys_foo)
  141. * will still include the stack size of it.
  142. */
  143. static void check_stack(unsigned long ip, unsigned long *stack)
  144. {
  145. unsigned long this_size, flags; unsigned long *p, *top, *start;
  146. static int tracer_frame;
  147. int frame_size = READ_ONCE(tracer_frame);
  148. int i, x;
  149. this_size = ((unsigned long)stack) & (THREAD_SIZE-1);
  150. this_size = THREAD_SIZE - this_size;
  151. /* Remove the frame of the tracer */
  152. this_size -= frame_size;
  153. if (this_size <= stack_trace_max_size)
  154. return;
  155. /* we do not handle interrupt stacks yet */
  156. if (!object_is_on_stack(stack))
  157. return;
  158. /* Can't do this from NMI context (can cause deadlocks) */
  159. if (in_nmi())
  160. return;
  161. local_irq_save(flags);
  162. arch_spin_lock(&stack_trace_max_lock);
  163. /* In case another CPU set the tracer_frame on us */
  164. if (unlikely(!frame_size))
  165. this_size -= tracer_frame;
  166. /* a race could have already updated it */
  167. if (this_size <= stack_trace_max_size)
  168. goto out;
  169. stack_trace_max_size = this_size;
  170. stack_trace_nr_entries = stack_trace_save(stack_dump_trace,
  171. ARRAY_SIZE(stack_dump_trace) - 1,
  172. 0);
  173. /* Skip over the overhead of the stack tracer itself */
  174. for (i = 0; i < stack_trace_nr_entries; i++) {
  175. if (stack_dump_trace[i] == ip)
  176. break;
  177. }
  178. /*
  179. * Some archs may not have the passed in ip in the dump.
  180. * If that happens, we need to show everything.
  181. */
  182. if (i == stack_trace_nr_entries)
  183. i = 0;
  184. /*
  185. * Now find where in the stack these are.
  186. */
  187. x = 0;
  188. start = stack;
  189. top = (unsigned long *)
  190. (((unsigned long)start & ~(THREAD_SIZE-1)) + THREAD_SIZE);
  191. /*
  192. * Loop through all the entries. One of the entries may
  193. * for some reason be missed on the stack, so we may
  194. * have to account for them. If they are all there, this
  195. * loop will only happen once. This code only takes place
  196. * on a new max, so it is far from a fast path.
  197. */
  198. while (i < stack_trace_nr_entries) {
  199. int found = 0;
  200. stack_trace_index[x] = this_size;
  201. p = start;
  202. for (; p < top && i < stack_trace_nr_entries; p++) {
  203. /*
  204. * The READ_ONCE_NOCHECK is used to let KASAN know that
  205. * this is not a stack-out-of-bounds error.
  206. */
  207. if ((READ_ONCE_NOCHECK(*p)) == stack_dump_trace[i]) {
  208. stack_dump_trace[x] = stack_dump_trace[i++];
  209. this_size = stack_trace_index[x++] =
  210. (top - p) * sizeof(unsigned long);
  211. found = 1;
  212. /* Start the search from here */
  213. start = p + 1;
  214. /*
  215. * We do not want to show the overhead
  216. * of the stack tracer stack in the
  217. * max stack. If we haven't figured
  218. * out what that is, then figure it out
  219. * now.
  220. */
  221. if (unlikely(!tracer_frame)) {
  222. tracer_frame = (p - stack) *
  223. sizeof(unsigned long);
  224. stack_trace_max_size -= tracer_frame;
  225. }
  226. }
  227. }
  228. if (!found)
  229. i++;
  230. }
  231. #ifdef ARCH_FTRACE_SHIFT_STACK_TRACER
  232. /*
  233. * Some archs will store the link register before calling
  234. * nested functions. This means the saved return address
  235. * comes after the local storage, and we need to shift
  236. * for that.
  237. */
  238. if (x > 1) {
  239. memmove(&stack_trace_index[0], &stack_trace_index[1],
  240. sizeof(stack_trace_index[0]) * (x - 1));
  241. x--;
  242. }
  243. #endif
  244. stack_trace_nr_entries = x;
  245. if (task_stack_end_corrupted(current)) {
  246. print_max_stack();
  247. BUG();
  248. }
  249. out:
  250. arch_spin_unlock(&stack_trace_max_lock);
  251. local_irq_restore(flags);
  252. }
  253. /* Some archs may not define MCOUNT_INSN_SIZE */
  254. #ifndef MCOUNT_INSN_SIZE
  255. # define MCOUNT_INSN_SIZE 0
  256. #endif
  257. static void
  258. stack_trace_call(unsigned long ip, unsigned long parent_ip,
  259. struct ftrace_ops *op, struct ftrace_regs *fregs)
  260. {
  261. unsigned long stack;
  262. preempt_disable_notrace();
  263. /* no atomic needed, we only modify this variable by this cpu */
  264. __this_cpu_inc(disable_stack_tracer);
  265. if (__this_cpu_read(disable_stack_tracer) != 1)
  266. goto out;
  267. /* If rcu is not watching, then save stack trace can fail */
  268. if (!rcu_is_watching())
  269. goto out;
  270. ip += MCOUNT_INSN_SIZE;
  271. check_stack(ip, &stack);
  272. out:
  273. __this_cpu_dec(disable_stack_tracer);
  274. /* prevent recursion in schedule */
  275. preempt_enable_notrace();
  276. }
  277. static struct ftrace_ops trace_ops __read_mostly =
  278. {
  279. .func = stack_trace_call,
  280. };
  281. static ssize_t
  282. stack_max_size_read(struct file *filp, char __user *ubuf,
  283. size_t count, loff_t *ppos)
  284. {
  285. unsigned long *ptr = filp->private_data;
  286. char buf[64];
  287. int r;
  288. r = snprintf(buf, sizeof(buf), "%ld\n", *ptr);
  289. if (r > sizeof(buf))
  290. r = sizeof(buf);
  291. return simple_read_from_buffer(ubuf, count, ppos, buf, r);
  292. }
  293. static ssize_t
  294. stack_max_size_write(struct file *filp, const char __user *ubuf,
  295. size_t count, loff_t *ppos)
  296. {
  297. long *ptr = filp->private_data;
  298. unsigned long val, flags;
  299. int ret;
  300. ret = kstrtoul_from_user(ubuf, count, 10, &val);
  301. if (ret)
  302. return ret;
  303. local_irq_save(flags);
  304. /*
  305. * In case we trace inside arch_spin_lock() or after (NMI),
  306. * we will cause circular lock, so we also need to increase
  307. * the percpu disable_stack_tracer here.
  308. */
  309. __this_cpu_inc(disable_stack_tracer);
  310. arch_spin_lock(&stack_trace_max_lock);
  311. *ptr = val;
  312. arch_spin_unlock(&stack_trace_max_lock);
  313. __this_cpu_dec(disable_stack_tracer);
  314. local_irq_restore(flags);
  315. return count;
  316. }
  317. static const struct file_operations stack_max_size_fops = {
  318. .open = tracing_open_generic,
  319. .read = stack_max_size_read,
  320. .write = stack_max_size_write,
  321. .llseek = default_llseek,
  322. };
  323. static void *
  324. __next(struct seq_file *m, loff_t *pos)
  325. {
  326. long n = *pos - 1;
  327. if (n >= stack_trace_nr_entries)
  328. return NULL;
  329. m->private = (void *)n;
  330. return &m->private;
  331. }
  332. static void *
  333. t_next(struct seq_file *m, void *v, loff_t *pos)
  334. {
  335. (*pos)++;
  336. return __next(m, pos);
  337. }
  338. static void *t_start(struct seq_file *m, loff_t *pos)
  339. {
  340. local_irq_disable();
  341. __this_cpu_inc(disable_stack_tracer);
  342. arch_spin_lock(&stack_trace_max_lock);
  343. if (*pos == 0)
  344. return SEQ_START_TOKEN;
  345. return __next(m, pos);
  346. }
  347. static void t_stop(struct seq_file *m, void *p)
  348. {
  349. arch_spin_unlock(&stack_trace_max_lock);
  350. __this_cpu_dec(disable_stack_tracer);
  351. local_irq_enable();
  352. }
  353. static void trace_lookup_stack(struct seq_file *m, long i)
  354. {
  355. unsigned long addr = stack_dump_trace[i];
  356. seq_printf(m, "%pS\n", (void *)addr);
  357. }
  358. static void print_disabled(struct seq_file *m)
  359. {
  360. seq_puts(m, "#\n"
  361. "# Stack tracer disabled\n"
  362. "#\n"
  363. "# To enable the stack tracer, either add 'stacktrace' to the\n"
  364. "# kernel command line\n"
  365. "# or 'echo 1 > /proc/sys/kernel/stack_tracer_enabled'\n"
  366. "#\n");
  367. }
  368. static int t_show(struct seq_file *m, void *v)
  369. {
  370. long i;
  371. int size;
  372. if (v == SEQ_START_TOKEN) {
  373. seq_printf(m, " Depth Size Location"
  374. " (%d entries)\n"
  375. " ----- ---- --------\n",
  376. stack_trace_nr_entries);
  377. if (!stack_tracer_enabled && !stack_trace_max_size)
  378. print_disabled(m);
  379. return 0;
  380. }
  381. i = *(long *)v;
  382. if (i >= stack_trace_nr_entries)
  383. return 0;
  384. if (i + 1 == stack_trace_nr_entries)
  385. size = stack_trace_index[i];
  386. else
  387. size = stack_trace_index[i] - stack_trace_index[i+1];
  388. seq_printf(m, "%3ld) %8d %5d ", i, stack_trace_index[i], size);
  389. trace_lookup_stack(m, i);
  390. return 0;
  391. }
  392. static const struct seq_operations stack_trace_seq_ops = {
  393. .start = t_start,
  394. .next = t_next,
  395. .stop = t_stop,
  396. .show = t_show,
  397. };
  398. static int stack_trace_open(struct inode *inode, struct file *file)
  399. {
  400. int ret;
  401. ret = security_locked_down(LOCKDOWN_TRACEFS);
  402. if (ret)
  403. return ret;
  404. return seq_open(file, &stack_trace_seq_ops);
  405. }
  406. static const struct file_operations stack_trace_fops = {
  407. .open = stack_trace_open,
  408. .read = seq_read,
  409. .llseek = seq_lseek,
  410. .release = seq_release,
  411. };
  412. #ifdef CONFIG_DYNAMIC_FTRACE
  413. static int
  414. stack_trace_filter_open(struct inode *inode, struct file *file)
  415. {
  416. struct ftrace_ops *ops = inode->i_private;
  417. /* Checks for tracefs lockdown */
  418. return ftrace_regex_open(ops, FTRACE_ITER_FILTER,
  419. inode, file);
  420. }
  421. static const struct file_operations stack_trace_filter_fops = {
  422. .open = stack_trace_filter_open,
  423. .read = seq_read,
  424. .write = ftrace_filter_write,
  425. .llseek = tracing_lseek,
  426. .release = ftrace_regex_release,
  427. };
  428. #endif /* CONFIG_DYNAMIC_FTRACE */
  429. int
  430. stack_trace_sysctl(struct ctl_table *table, int write, void *buffer,
  431. size_t *lenp, loff_t *ppos)
  432. {
  433. int was_enabled;
  434. int ret;
  435. mutex_lock(&stack_sysctl_mutex);
  436. was_enabled = !!stack_tracer_enabled;
  437. ret = proc_dointvec(table, write, buffer, lenp, ppos);
  438. if (ret || !write || (was_enabled == !!stack_tracer_enabled))
  439. goto out;
  440. if (stack_tracer_enabled)
  441. register_ftrace_function(&trace_ops);
  442. else
  443. unregister_ftrace_function(&trace_ops);
  444. out:
  445. mutex_unlock(&stack_sysctl_mutex);
  446. return ret;
  447. }
  448. static char stack_trace_filter_buf[COMMAND_LINE_SIZE+1] __initdata;
  449. static __init int enable_stacktrace(char *str)
  450. {
  451. int len;
  452. if ((len = str_has_prefix(str, "_filter=")))
  453. strncpy(stack_trace_filter_buf, str + len, COMMAND_LINE_SIZE);
  454. stack_tracer_enabled = 1;
  455. return 1;
  456. }
  457. __setup("stacktrace", enable_stacktrace);
  458. static __init int stack_trace_init(void)
  459. {
  460. int ret;
  461. ret = tracing_init_dentry();
  462. if (ret)
  463. return 0;
  464. trace_create_file("stack_max_size", TRACE_MODE_WRITE, NULL,
  465. &stack_trace_max_size, &stack_max_size_fops);
  466. trace_create_file("stack_trace", TRACE_MODE_READ, NULL,
  467. NULL, &stack_trace_fops);
  468. #ifdef CONFIG_DYNAMIC_FTRACE
  469. trace_create_file("stack_trace_filter", TRACE_MODE_WRITE, NULL,
  470. &trace_ops, &stack_trace_filter_fops);
  471. #endif
  472. if (stack_trace_filter_buf[0])
  473. ftrace_set_early_filter(&trace_ops, stack_trace_filter_buf, 1);
  474. if (stack_tracer_enabled)
  475. register_ftrace_function(&trace_ops);
  476. return 0;
  477. }
  478. device_initcall(stack_trace_init);