1 /*
2 * CDDL HEADER START
3 *
4 * The contents of this file are subject to the terms of the
5 * Common Development and Distribution License (the "License").
6 * You may not use this file except in compliance with the License.
7 *
8 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
9 * or http://www.opensolaris.org/os/licensing.
10 * See the License for the specific language governing permissions
11 * and limitations under the License.
12 *
13 * When distributing Covered Code, include this CDDL HEADER in each
14 * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
15 * If applicable, add the following below this CDDL HEADER, with the
16 * fields enclosed by brackets "[]" replaced with your own identifying
17 * information: Portions Copyright [yyyy] [name of copyright owner]
18 *
19 * CDDL HEADER END
20 */
21
22 /*
23 * Copyright 2009 Sun Microsystems, Inc. All rights reserved.
24 * Use is subject to license terms.
25 */
26
27 #include <sys/dtrace_impl.h>
28 #include <sys/atomic.h>
29 #include <sys/model.h>
30 #include <sys/frame.h>
31 #include <sys/stack.h>
32 #include <sys/machpcb.h>
33 #include <sys/procfs_isa.h>
34 #include <sys/cmn_err.h>
35 #include <sys/sysmacros.h>
36
37 #define DTRACE_FMT3OP3_MASK 0x81000000
38 #define DTRACE_FMT3OP3 0x80000000
39 #define DTRACE_FMT3RS1_SHIFT 14
40 #define DTRACE_FMT3RD_SHIFT 25
41 #define DTRACE_DISP22_SHIFT 10
42 #define DTRACE_RMASK 0x1f
43 #define DTRACE_REG_L0 16
44 #define DTRACE_REG_O7 15
45 #define DTRACE_REG_I0 24
46 #define DTRACE_REG_I6 30
47 #define DTRACE_RET 0x81c7e008
48 #define DTRACE_RETL 0x81c3e008
49 #define DTRACE_SAVE_MASK 0xc1f80000
50 #define DTRACE_SAVE 0x81e00000
51 #define DTRACE_RESTORE 0x81e80000
52 #define DTRACE_CALL_MASK 0xc0000000
53 #define DTRACE_CALL 0x40000000
54 #define DTRACE_JMPL_MASK 0x81f80000
55 #define DTRACE_JMPL 0x81c00000
56 #define DTRACE_BA_MASK 0xdfc00000
57 #define DTRACE_BA 0x10800000
58 #define DTRACE_BA_MAX 10
59
60 extern int dtrace_getupcstack_top(uint64_t *, int, uintptr_t *);
61 extern int dtrace_getustackdepth_top(uintptr_t *);
62 extern ulong_t dtrace_getreg_win(uint_t, uint_t);
63 extern void dtrace_putreg_win(uint_t, ulong_t);
64 extern int dtrace_fish(int, int, uintptr_t *);
65
66 int dtrace_ustackdepth_max = 2048;
67
68 /*
69 * This is similar in principle to getpcstack(), but there are several marked
70 * differences in implementation:
71 *
72 * (a) dtrace_getpcstack() is called from probe context. Thus, the call
73 * to flush_windows() from getpcstack() is a call to the probe-safe
74 * equivalent here.
75 *
76 * (b) dtrace_getpcstack() is willing to sacrifice some performance to get
77 * a correct stack. While consumers of getpcstack() are largely
78 * subsystem-specific in-kernel debugging facilities, DTrace consumers
79 * are arbitrary user-level analysis tools; dtrace_getpcstack() must
80 * deliver as correct a stack as possible. Details on the issues
81 * surrounding stack correctness are found below.
82 *
83 * (c) dtrace_getpcstack() _always_ fills in pcstack_limit pc_t's -- filling
84 * in the difference between the stack depth and pcstack_limit with NULLs.
85 * Due to this behavior dtrace_getpcstack() returns void.
86 *
87 * (d) dtrace_getpcstack() takes a third parameter, aframes, that
88 * denotes the number of _artificial frames_ on the bottom of the
89 * stack. An artificial frame is one induced by the provider; all
90 * artificial frames are stripped off before frames are stored to
91 * pcstack.
92 *
93 * (e) dtrace_getpcstack() takes a fourth parameter, pc, that indicates
94 * an interrupted program counter (if any). This should be a non-NULL
95 * value if and only if the hit probe is unanchored. (Anchored probes
96 * don't fire through an interrupt source.) This parameter is used to
97 * assure (b), above.
98 */
99 void
dtrace_getpcstack(pc_t * pcstack,int pcstack_limit,int aframes,uint32_t * pc)100 dtrace_getpcstack(pc_t *pcstack, int pcstack_limit, int aframes, uint32_t *pc)
101 {
102 struct frame *fp, *nextfp, *minfp, *stacktop;
103 int depth = 0;
104 int on_intr, j = 0;
105 uint32_t i, r;
106
107 fp = (struct frame *)((caddr_t)dtrace_getfp() + STACK_BIAS);
108 dtrace_flush_windows();
109
110 if (pc != NULL) {
111 /*
112 * If we've been passed a non-NULL pc, we need to determine
113 * whether or not the specified program counter falls in a leaf
114 * function. If it falls within a leaf function, we know that
115 * %o7 is valid in its frame (and we can just drive on). If
116 * it's a non-leaf, however, we know that %o7 is garbage in the
117 * bottom frame. To trim this frame, we simply increment
118 * aframes and drop into the stack-walking loop.
119 *
120 * To quickly determine if the specified program counter is in
121 * a leaf function, we exploit the fact that leaf functions
122 * tend to be short and non-leaf functions tend to frequently
123 * perform operations that are only permitted in a non-leaf
124 * function (e.g., using the %i's or %l's; calling a function;
125 * performing a restore). We exploit these tendencies by
126 * simply scanning forward from the specified %pc -- if we see
127 * an operation only permitted in a non-leaf, we know we're in
128 * a non-leaf; if we see a retl, we know we're in a leaf.
129 * Fortunately, one need not perform anywhere near full
130 * disassembly to effectively determine the former: determining
131 * that an instruction is a format-3 instruction and decoding
132 * its rd and rs1 fields, for example, requires very little
133 * manipulation. Overall, this method of leaf determination
134 * performs quite well: on average, we only examine between
135 * 1.5 and 2.5 instructions before making the determination.
136 * (Outliers do exist, however; of note is the non-leaf
137 * function ip_sioctl_not_ours() which -- as of this writing --
138 * has a whopping 455 straight instructions that manipulate
139 * only %g's and %o's.)
140 */
141 int delay = 0, branches = 0, taken = 0;
142
143 if (depth < pcstack_limit)
144 pcstack[depth++] = (pc_t)(uintptr_t)pc;
145
146 /*
147 * Our heuristic is exactly that -- a heuristic -- and there
148 * exists a possibility that we could be either be vectored
149 * off into the weeds (by following a bogus branch) or could
150 * wander off the end of the function and off the end of a
151 * text mapping (by not following a conditional branch at the
152 * end of the function that is effectively always taken). So
153 * as a precautionary measure, we set the NOFAULT flag.
154 */
155 DTRACE_CPUFLAG_SET(CPU_DTRACE_NOFAULT);
156
157 for (;;) {
158 i = pc[j++];
159
160 if ((i & DTRACE_FMT3OP3_MASK) == DTRACE_FMT3OP3) {
161 /*
162 * This is a format-3 instruction. We can
163 * look at rd and rs1.
164 */
165 r = (i >> DTRACE_FMT3RS1_SHIFT) & DTRACE_RMASK;
166
167 if (r >= DTRACE_REG_L0)
168 goto nonleaf;
169
170 r = (i >> DTRACE_FMT3RD_SHIFT) & DTRACE_RMASK;
171
172 if (r >= DTRACE_REG_L0)
173 goto nonleaf;
174
175 if ((i & DTRACE_JMPL_MASK) == DTRACE_JMPL) {
176 delay = 1;
177 continue;
178 }
179
180 /*
181 * If we see explicit manipulation with %o7
182 * as a destination register, we know that
183 * %o7 is likely bogus -- and we treat this
184 * function as a non-leaf.
185 */
186 if (r == DTRACE_REG_O7) {
187 if (delay)
188 goto leaf;
189
190 i &= DTRACE_JMPL_MASK;
191
192 if (i == DTRACE_JMPL) {
193 delay = 1;
194 continue;
195 }
196
197 goto nonleaf;
198 }
199 } else {
200 /*
201 * If this is a call, it may or may not be
202 * a leaf; we need to check the delay slot.
203 */
204 if ((i & DTRACE_CALL_MASK) == DTRACE_CALL) {
205 delay = 1;
206 continue;
207 }
208
209 /*
210 * If we see a ret it's not a leaf; if we
211 * see a retl, it is a leaf.
212 */
213 if (i == DTRACE_RET)
214 goto nonleaf;
215
216 if (i == DTRACE_RETL)
217 goto leaf;
218
219 /*
220 * If this is a ba (annulled or not), then we
221 * need to actually follow the branch. No, we
222 * don't look at the delay slot -- hopefully
223 * anything that can be gleaned from the delay
224 * slot can also be gleaned from the branch
225 * target. To prevent ourselves from iterating
226 * infinitely, we clamp the number of branches
227 * that we'll follow, and we refuse to follow
228 * the same branch twice consecutively. In
229 * both cases, we abort by deciding that we're
230 * looking at a leaf. While in theory this
231 * could be wrong (we could be in the middle of
232 * a loop in a non-leaf that ends with a ba and
233 * only manipulates outputs and globals in the
234 * body of the loop -- therefore leading us to
235 * the wrong conclusion), this doesn't seem to
236 * crop up in practice. (Or rather, this
237 * condition could not be deliberately induced,
238 * despite concerted effort.)
239 */
240 if ((i & DTRACE_BA_MASK) == DTRACE_BA) {
241 if (++branches == DTRACE_BA_MAX ||
242 taken == j)
243 goto nonleaf;
244
245 taken = j;
246 j += ((int)(i << DTRACE_DISP22_SHIFT) >>
247 DTRACE_DISP22_SHIFT) - 1;
248 continue;
249 }
250
251 /*
252 * Finally, if it's a save, it should be
253 * treated as a leaf; if it's a restore it
254 * should not be treated as a leaf.
255 */
256 if ((i & DTRACE_SAVE_MASK) == DTRACE_SAVE)
257 goto leaf;
258
259 if ((i & DTRACE_SAVE_MASK) == DTRACE_RESTORE)
260 goto nonleaf;
261 }
262
263 if (delay) {
264 /*
265 * If this was a delay slot instruction and
266 * we didn't pick it up elsewhere, this is a
267 * non-leaf.
268 */
269 goto nonleaf;
270 }
271 }
272 nonleaf:
273 aframes++;
274 leaf:
275 DTRACE_CPUFLAG_CLEAR(CPU_DTRACE_NOFAULT);
276 }
277
278 if ((on_intr = CPU_ON_INTR(CPU)) != 0)
279 stacktop = (struct frame *)(CPU->cpu_intr_stack + SA(MINFRAME));
280 else
281 stacktop = (struct frame *)curthread->t_stk;
282 minfp = fp;
283
284 while (depth < pcstack_limit) {
285 nextfp = (struct frame *)((caddr_t)fp->fr_savfp + STACK_BIAS);
286 if (nextfp <= minfp || nextfp >= stacktop) {
287 if (!on_intr && nextfp == stacktop && aframes != 0) {
288 /*
289 * If we are exactly at the top of the stack
290 * with a non-zero number of artificial frames,
291 * it must be that the stack is filled with
292 * nothing _but_ artificial frames. In this
293 * case, we assert that this is so, zero
294 * pcstack, and return.
295 */
296 ASSERT(aframes == 1);
297 ASSERT(depth == 0);
298
299 while (depth < pcstack_limit)
300 pcstack[depth++] = NULL;
301 return;
302 }
303
304 if (on_intr) {
305 /*
306 * Hop from interrupt stack to thread stack.
307 */
308 stacktop = (struct frame *)curthread->t_stk;
309 minfp = (struct frame *)curthread->t_stkbase;
310
311 on_intr = 0;
312
313 if (nextfp > minfp && nextfp < stacktop)
314 continue;
315 } else {
316 /*
317 * High-level interrupts may occur when %sp is
318 * not necessarily contained in the stack
319 * bounds implied by %g7 -- interrupt thread
320 * management runs with %pil at DISP_LEVEL,
321 * and high-level interrupts may thus occur
322 * in windows when %sp and %g7 are not self-
323 * consistent. If we call dtrace_getpcstack()
324 * from a high-level interrupt that has occurred
325 * in such a window, we will fail the above test
326 * of nextfp against minfp/stacktop. If the
327 * high-level interrupt has in turn interrupted
328 * a non-passivated interrupt thread, we
329 * will execute the below code with non-zero
330 * aframes. We therefore want to assert that
331 * aframes is zero _or_ we are in a high-level
332 * interrupt -- but because cpu_intr_actv is
333 * updated with high-level interrupts enabled,
334 * we must reduce this to only asserting that
335 * %pil is greater than DISP_LEVEL.
336 */
337 ASSERT(aframes == 0 ||
338 dtrace_getipl() > DISP_LEVEL);
339 pcstack[depth++] = (pc_t)fp->fr_savpc;
340 }
341
342 while (depth < pcstack_limit)
343 pcstack[depth++] = NULL;
344 return;
345 }
346
347 if (aframes > 0) {
348 aframes--;
349 } else {
350 pcstack[depth++] = (pc_t)fp->fr_savpc;
351 }
352
353 fp = nextfp;
354 minfp = fp;
355 }
356 }
357
358 static int
dtrace_getustack_common(uint64_t * pcstack,int pcstack_limit,uintptr_t sp)359 dtrace_getustack_common(uint64_t *pcstack, int pcstack_limit, uintptr_t sp)
360 {
361 proc_t *p = curproc;
362 int ret = 0;
363 uintptr_t oldsp;
364 volatile uint16_t *flags =
365 (volatile uint16_t *)&cpu_core[CPU->cpu_id].cpuc_dtrace_flags;
366
367 ASSERT(pcstack == NULL || pcstack_limit > 0);
368 ASSERT(dtrace_ustackdepth_max > 0);
369
370 if (p->p_model == DATAMODEL_NATIVE) {
371 for (;;) {
372 struct frame *fr = (struct frame *)(sp + STACK_BIAS);
373 uintptr_t pc;
374
375 if (sp == 0 || fr == NULL ||
376 !IS_P2ALIGNED((uintptr_t)fr, STACK_ALIGN))
377 break;
378
379 oldsp = sp;
380
381 pc = dtrace_fulword(&fr->fr_savpc);
382 sp = dtrace_fulword(&fr->fr_savfp);
383
384 if (pc == 0)
385 break;
386
387 /*
388 * We limit the number of times we can go around this
389 * loop to account for a circular stack.
390 */
391 if (sp == oldsp || ret++ >= dtrace_ustackdepth_max) {
392 *flags |= CPU_DTRACE_BADSTACK;
393 cpu_core[CPU->cpu_id].cpuc_dtrace_illval = sp;
394 break;
395 }
396
397 if (pcstack != NULL) {
398 *pcstack++ = pc;
399 pcstack_limit--;
400 if (pcstack_limit == 0)
401 break;
402 }
403 }
404 } else {
405 /*
406 * Truncate the stack pointer to 32-bits as there may be
407 * garbage in the upper bits which would normally be ignored
408 * by the processor in 32-bit mode.
409 */
410 sp = (uint32_t)sp;
411
412 for (;;) {
413 struct frame32 *fr = (struct frame32 *)sp;
414 uint32_t pc;
415
416 if (sp == 0 ||
417 !IS_P2ALIGNED((uintptr_t)fr, STACK_ALIGN32))
418 break;
419
420 oldsp = sp;
421
422 pc = dtrace_fuword32(&fr->fr_savpc);
423 sp = dtrace_fuword32(&fr->fr_savfp);
424
425 if (pc == 0)
426 break;
427
428 if (sp == oldsp || ret++ >= dtrace_ustackdepth_max) {
429 *flags |= CPU_DTRACE_BADSTACK;
430 cpu_core[CPU->cpu_id].cpuc_dtrace_illval = sp;
431 break;
432 }
433
434 if (pcstack != NULL) {
435 *pcstack++ = pc;
436 pcstack_limit--;
437 if (pcstack_limit == 0)
438 break;
439 }
440 }
441 }
442
443 return (ret);
444 }
445
446 void
dtrace_getupcstack(uint64_t * pcstack,int pcstack_limit)447 dtrace_getupcstack(uint64_t *pcstack, int pcstack_limit)
448 {
449 klwp_t *lwp = ttolwp(curthread);
450 proc_t *p = curproc;
451 struct regs *rp;
452 uintptr_t sp;
453 int n;
454
455 ASSERT(DTRACE_CPUFLAG_ISSET(CPU_DTRACE_NOFAULT));
456
457 if (pcstack_limit <= 0)
458 return;
459
460 /*
461 * If there's no user context we still need to zero the stack.
462 */
463 if (lwp == NULL || p == NULL || (rp = lwp->lwp_regs) == NULL)
464 goto zero;
465
466 *pcstack++ = (uint64_t)p->p_pid;
467 pcstack_limit--;
468
469 if (pcstack_limit <= 0)
470 return;
471
472 *pcstack++ = (uint64_t)rp->r_pc;
473 pcstack_limit--;
474
475 if (pcstack_limit <= 0)
476 return;
477
478 if (DTRACE_CPUFLAG_ISSET(CPU_DTRACE_ENTRY)) {
479 *pcstack++ = (uint64_t)rp->r_o7;
480 pcstack_limit--;
481 if (pcstack_limit <= 0)
482 return;
483 }
484
485 sp = rp->r_sp;
486
487 n = dtrace_getupcstack_top(pcstack, pcstack_limit, &sp);
488 ASSERT(n >= 0);
489 ASSERT(n <= pcstack_limit);
490
491 pcstack += n;
492 pcstack_limit -= n;
493 if (pcstack_limit <= 0)
494 return;
495
496 n = dtrace_getustack_common(pcstack, pcstack_limit, sp);
497 ASSERT(n >= 0);
498 ASSERT(n <= pcstack_limit);
499
500 pcstack += n;
501 pcstack_limit -= n;
502
503 zero:
504 while (pcstack_limit-- > 0)
505 *pcstack++ = NULL;
506 }
507
508 int
dtrace_getustackdepth(void)509 dtrace_getustackdepth(void)
510 {
511 klwp_t *lwp = ttolwp(curthread);
512 proc_t *p = curproc;
513 struct regs *rp;
514 uintptr_t sp;
515 int n = 1;
516
517 if (lwp == NULL || p == NULL || (rp = lwp->lwp_regs) == NULL)
518 return (0);
519
520 if (DTRACE_CPUFLAG_ISSET(CPU_DTRACE_FAULT))
521 return (-1);
522
523 sp = rp->r_sp;
524
525 n += dtrace_getustackdepth_top(&sp);
526 n += dtrace_getustack_common(NULL, 0, sp);
527
528 /*
529 * Add one more to the stack depth if we're in an entry probe as long
530 * as the return address is non-NULL or there are additional frames
531 * beyond that NULL return address.
532 */
533 if (DTRACE_CPUFLAG_ISSET(CPU_DTRACE_ENTRY) &&
534 (rp->r_o7 != NULL || n != 1))
535 n++;
536
537 return (n);
538 }
539
540 void
dtrace_getufpstack(uint64_t * pcstack,uint64_t * fpstack,int pcstack_limit)541 dtrace_getufpstack(uint64_t *pcstack, uint64_t *fpstack, int pcstack_limit)
542 {
543 klwp_t *lwp = ttolwp(curthread);
544 proc_t *p = ttoproc(curthread);
545 struct regs *rp;
546 uintptr_t sp;
547
548 if (pcstack_limit <= 0)
549 return;
550
551 /*
552 * If there's no user context we still need to zero the stack.
553 */
554 if (lwp == NULL || p == NULL || (rp = lwp->lwp_regs) == NULL)
555 goto zero;
556
557 *pcstack++ = (uint64_t)p->p_pid;
558 pcstack_limit--;
559
560 if (pcstack_limit <= 0)
561 return;
562
563 if (DTRACE_CPUFLAG_ISSET(CPU_DTRACE_ENTRY)) {
564 *fpstack++ = 0;
565 *pcstack++ = (uint64_t)rp->r_pc;
566 pcstack_limit--;
567 if (pcstack_limit <= 0)
568 return;
569
570 *fpstack++ = (uint64_t)rp->r_sp;
571 *pcstack++ = (uint64_t)rp->r_o7;
572 pcstack_limit--;
573 } else {
574 *fpstack++ = (uint64_t)rp->r_sp;
575 *pcstack++ = (uint64_t)rp->r_pc;
576 pcstack_limit--;
577 }
578
579 if (pcstack_limit <= 0)
580 return;
581
582 sp = rp->r_sp;
583
584 dtrace_flush_user_windows();
585
586 if (p->p_model == DATAMODEL_NATIVE) {
587 while (pcstack_limit > 0) {
588 struct frame *fr = (struct frame *)(sp + STACK_BIAS);
589 uintptr_t pc;
590
591 if (sp == 0 || fr == NULL ||
592 ((uintptr_t)&fr->fr_savpc & 3) != 0 ||
593 ((uintptr_t)&fr->fr_savfp & 3) != 0)
594 break;
595
596 pc = dtrace_fulword(&fr->fr_savpc);
597 sp = dtrace_fulword(&fr->fr_savfp);
598
599 if (pc == 0)
600 break;
601
602 *fpstack++ = sp;
603 *pcstack++ = pc;
604 pcstack_limit--;
605 }
606 } else {
607 /*
608 * Truncate the stack pointer to 32-bits as there may be
609 * garbage in the upper bits which would normally be ignored
610 * by the processor in 32-bit mode.
611 */
612 sp = (uint32_t)sp;
613
614 while (pcstack_limit > 0) {
615 struct frame32 *fr = (struct frame32 *)sp;
616 uint32_t pc;
617
618 if (sp == 0 ||
619 ((uintptr_t)&fr->fr_savpc & 3) != 0 ||
620 ((uintptr_t)&fr->fr_savfp & 3) != 0)
621 break;
622
623 pc = dtrace_fuword32(&fr->fr_savpc);
624 sp = dtrace_fuword32(&fr->fr_savfp);
625
626 if (pc == 0)
627 break;
628
629 *fpstack++ = sp;
630 *pcstack++ = pc;
631 pcstack_limit--;
632 }
633 }
634
635 zero:
636 while (pcstack_limit-- > 0)
637 *pcstack++ = NULL;
638 }
639
640 uint64_t
dtrace_getarg(int arg,int aframes)641 dtrace_getarg(int arg, int aframes)
642 {
643 uintptr_t val;
644 struct frame *fp;
645 uint64_t rval;
646
647 /*
648 * Account for the fact that dtrace_getarg() consumes an additional
649 * stack frame.
650 */
651 aframes++;
652
653 if (arg < 6) {
654 if (dtrace_fish(aframes, DTRACE_REG_I0 + arg, &val) == 0)
655 return (val);
656 } else {
657 if (dtrace_fish(aframes, DTRACE_REG_I6, &val) == 0) {
658 /*
659 * We have a stack pointer; grab the argument.
660 */
661 fp = (struct frame *)(val + STACK_BIAS);
662
663 DTRACE_CPUFLAG_SET(CPU_DTRACE_NOFAULT);
664 rval = fp->fr_argx[arg - 6];
665 DTRACE_CPUFLAG_CLEAR(CPU_DTRACE_NOFAULT);
666
667 return (rval);
668 }
669 }
670
671 /*
672 * There are other ways to do this. But the slow, painful way works
673 * just fine. Because this requires some loads, we need to set
674 * CPU_DTRACE_NOFAULT to protect against looking for an argument that
675 * isn't there.
676 */
677 fp = (struct frame *)((caddr_t)dtrace_getfp() + STACK_BIAS);
678 dtrace_flush_windows();
679
680 DTRACE_CPUFLAG_SET(CPU_DTRACE_NOFAULT);
681
682 for (aframes -= 1; aframes; aframes--)
683 fp = (struct frame *)((caddr_t)fp->fr_savfp + STACK_BIAS);
684
685 if (arg < 6) {
686 rval = fp->fr_arg[arg];
687 } else {
688 fp = (struct frame *)((caddr_t)fp->fr_savfp + STACK_BIAS);
689 rval = fp->fr_argx[arg - 6];
690 }
691
692 DTRACE_CPUFLAG_CLEAR(CPU_DTRACE_NOFAULT);
693
694 return (rval);
695 }
696
697 int
dtrace_getstackdepth(int aframes)698 dtrace_getstackdepth(int aframes)
699 {
700 struct frame *fp, *nextfp, *minfp, *stacktop;
701 int depth = 0;
702 int on_intr;
703
704 fp = (struct frame *)((caddr_t)dtrace_getfp() + STACK_BIAS);
705 dtrace_flush_windows();
706
707 if ((on_intr = CPU_ON_INTR(CPU)) != 0)
708 stacktop = (struct frame *)CPU->cpu_intr_stack + SA(MINFRAME);
709 else
710 stacktop = (struct frame *)curthread->t_stk;
711 minfp = fp;
712
713 for (;;) {
714 nextfp = (struct frame *)((caddr_t)fp->fr_savfp + STACK_BIAS);
715 if (nextfp <= minfp || nextfp >= stacktop) {
716 if (on_intr) {
717 /*
718 * Hop from interrupt stack to thread stack.
719 */
720 stacktop = (struct frame *)curthread->t_stk;
721 minfp = (struct frame *)curthread->t_stkbase;
722 on_intr = 0;
723 continue;
724 }
725
726 return (++depth);
727 }
728
729 if (aframes > 0) {
730 aframes--;
731 } else {
732 depth++;
733 }
734
735 fp = nextfp;
736 minfp = fp;
737 }
738 }
739
740 /*
741 * This uses the same register numbering scheme as in sys/procfs_isa.h.
742 */
743 ulong_t
dtrace_getreg(struct regs * rp,uint_t reg)744 dtrace_getreg(struct regs *rp, uint_t reg)
745 {
746 ulong_t value;
747 uintptr_t fp;
748 struct machpcb *mpcb;
749
750 if (reg == R_G0)
751 return (0);
752
753 if (reg <= R_G7)
754 return ((&rp->r_g1)[reg - 1]);
755
756 if (reg > R_I7) {
757 switch (reg) {
758 case R_CCR:
759 return ((rp->r_tstate >> TSTATE_CCR_SHIFT) &
760 TSTATE_CCR_MASK);
761 case R_PC:
762 return (rp->r_pc);
763 case R_nPC:
764 return (rp->r_npc);
765 case R_Y:
766 return (rp->r_y);
767 case R_ASI:
768 return ((rp->r_tstate >> TSTATE_ASI_SHIFT) &
769 TSTATE_ASI_MASK);
770 case R_FPRS:
771 return (dtrace_getfprs());
772 default:
773 DTRACE_CPUFLAG_SET(CPU_DTRACE_ILLOP);
774 return (0);
775 }
776 }
777
778 /*
779 * We reach go to the fake restore case if the probe we hit was a pid
780 * return probe on a restore instruction. We partially emulate the
781 * restore in the kernel and then execute a simple restore
782 * instruction that we've secreted away to do the actual register
783 * window manipulation. We need to go one register window further
784 * down to get at the %ls, and %is and we need to treat %os like %is
785 * to pull them out of the topmost user frame.
786 */
787 if (DTRACE_CPUFLAG_ISSET(CPU_DTRACE_FAKERESTORE)) {
788 if (reg > R_O7)
789 goto fake_restore;
790 else
791 reg += R_I0 - R_O0;
792
793 } else if (reg <= R_O7) {
794 return ((&rp->r_g1)[reg - 1]);
795 }
796
797 if (dtrace_getotherwin() > 0)
798 return (dtrace_getreg_win(reg, 1));
799
800 mpcb = (struct machpcb *)((caddr_t)rp - REGOFF);
801
802 if (curproc->p_model == DATAMODEL_NATIVE) {
803 struct frame *fr = (void *)(rp->r_sp + STACK_BIAS);
804
805 if (mpcb->mpcb_wbcnt > 0) {
806 struct rwindow *rwin = (void *)mpcb->mpcb_wbuf;
807 int i = mpcb->mpcb_wbcnt;
808 do {
809 i--;
810 if ((long)mpcb->mpcb_spbuf[i] == rp->r_sp)
811 return (rwin[i].rw_local[reg - 16]);
812 } while (i > 0);
813 }
814
815 DTRACE_CPUFLAG_SET(CPU_DTRACE_NOFAULT);
816 value = dtrace_fulword(&fr->fr_local[reg - 16]);
817 DTRACE_CPUFLAG_CLEAR(CPU_DTRACE_NOFAULT);
818 } else {
819 struct frame32 *fr = (void *)(uintptr_t)(caddr32_t)rp->r_sp;
820
821 if (mpcb->mpcb_wbcnt > 0) {
822 struct rwindow32 *rwin = (void *)mpcb->mpcb_wbuf;
823 int i = mpcb->mpcb_wbcnt;
824 do {
825 i--;
826 if ((long)mpcb->mpcb_spbuf[i] == rp->r_sp)
827 return (rwin[i].rw_local[reg - 16]);
828 } while (i > 0);
829 }
830
831 DTRACE_CPUFLAG_SET(CPU_DTRACE_NOFAULT);
832 value = dtrace_fuword32(&fr->fr_local[reg - 16]);
833 DTRACE_CPUFLAG_CLEAR(CPU_DTRACE_NOFAULT);
834 }
835
836 return (value);
837
838 fake_restore:
839 ASSERT(R_L0 <= reg && reg <= R_I7);
840
841 /*
842 * We first look two user windows down to see if we can dig out
843 * the register we're looking for.
844 */
845 if (dtrace_getotherwin() > 1)
846 return (dtrace_getreg_win(reg, 2));
847
848 /*
849 * First we need to get the frame pointer and then we perform
850 * the same computation as in the non-fake-o-restore case.
851 */
852
853 mpcb = (struct machpcb *)((caddr_t)rp - REGOFF);
854
855 if (dtrace_getotherwin() > 0) {
856 fp = dtrace_getreg_win(R_FP, 1);
857 goto got_fp;
858 }
859
860 if (curproc->p_model == DATAMODEL_NATIVE) {
861 struct frame *fr = (void *)(rp->r_sp + STACK_BIAS);
862
863 if (mpcb->mpcb_wbcnt > 0) {
864 struct rwindow *rwin = (void *)mpcb->mpcb_wbuf;
865 int i = mpcb->mpcb_wbcnt;
866 do {
867 i--;
868 if ((long)mpcb->mpcb_spbuf[i] == rp->r_sp) {
869 fp = rwin[i].rw_fp;
870 goto got_fp;
871 }
872 } while (i > 0);
873 }
874
875 DTRACE_CPUFLAG_SET(CPU_DTRACE_NOFAULT);
876 fp = dtrace_fulword(&fr->fr_savfp);
877 DTRACE_CPUFLAG_CLEAR(CPU_DTRACE_NOFAULT);
878 if (cpu_core[CPU->cpu_id].cpuc_dtrace_flags & CPU_DTRACE_FAULT)
879 return (0);
880 } else {
881 struct frame32 *fr = (void *)(uintptr_t)(caddr32_t)rp->r_sp;
882
883 if (mpcb->mpcb_wbcnt > 0) {
884 struct rwindow32 *rwin = (void *)mpcb->mpcb_wbuf;
885 int i = mpcb->mpcb_wbcnt;
886 do {
887 i--;
888 if ((long)mpcb->mpcb_spbuf[i] == rp->r_sp) {
889 fp = rwin[i].rw_fp;
890 goto got_fp;
891 }
892 } while (i > 0);
893 }
894
895 DTRACE_CPUFLAG_SET(CPU_DTRACE_NOFAULT);
896 fp = dtrace_fuword32(&fr->fr_savfp);
897 DTRACE_CPUFLAG_CLEAR(CPU_DTRACE_NOFAULT);
898 if (cpu_core[CPU->cpu_id].cpuc_dtrace_flags & CPU_DTRACE_FAULT)
899 return (0);
900 }
901 got_fp:
902
903 if (curproc->p_model == DATAMODEL_NATIVE) {
904 struct frame *fr = (void *)(fp + STACK_BIAS);
905
906 if (mpcb->mpcb_wbcnt > 0) {
907 struct rwindow *rwin = (void *)mpcb->mpcb_wbuf;
908 int i = mpcb->mpcb_wbcnt;
909 do {
910 i--;
911 if ((long)mpcb->mpcb_spbuf[i] == fp)
912 return (rwin[i].rw_local[reg - 16]);
913 } while (i > 0);
914 }
915
916 DTRACE_CPUFLAG_SET(CPU_DTRACE_NOFAULT);
917 value = dtrace_fulword(&fr->fr_local[reg - 16]);
918 DTRACE_CPUFLAG_CLEAR(CPU_DTRACE_NOFAULT);
919 } else {
920 struct frame32 *fr = (void *)(uintptr_t)(caddr32_t)fp;
921
922 if (mpcb->mpcb_wbcnt > 0) {
923 struct rwindow32 *rwin = (void *)mpcb->mpcb_wbuf;
924 int i = mpcb->mpcb_wbcnt;
925 do {
926 i--;
927 if ((long)mpcb->mpcb_spbuf[i] == fp)
928 return (rwin[i].rw_local[reg - 16]);
929 } while (i > 0);
930 }
931
932 DTRACE_CPUFLAG_SET(CPU_DTRACE_NOFAULT);
933 value = dtrace_fuword32(&fr->fr_local[reg - 16]);
934 DTRACE_CPUFLAG_CLEAR(CPU_DTRACE_NOFAULT);
935 }
936
937 return (value);
938 }
939