1 /* $NetBSD: dtrace_subr.c,v 1.2 2010/02/21 01:46:33 darran Exp $ */ 2 3 /* 4 * CDDL HEADER START 5 * 6 * The contents of this file are subject to the terms of the 7 * Common Development and Distribution License, Version 1.0 only 8 * (the "License"). You may not use this file except in compliance 9 * with the License. 10 * 11 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE 12 * or http://www.opensolaris.org/os/licensing. 13 * See the License for the specific language governing permissions 14 * and limitations under the License. 15 * 16 * When distributing Covered Code, include this CDDL HEADER in each 17 * file and include the License file at usr/src/OPENSOLARIS.LICENSE. 18 * If applicable, add the following below this CDDL HEADER, with the 19 * fields enclosed by brackets "[]" replaced with your own identifying 20 * information: Portions Copyright [yyyy] [name of copyright owner] 21 * 22 * CDDL HEADER END 23 * 24 * $FreeBSD: src/sys/cddl/dev/dtrace/i386/dtrace_subr.c,v 1.3.2.1 2009/08/03 08:13:06 kensmith Exp $ 25 * 26 */ 27 /* 28 * Copyright 2005 Sun Microsystems, Inc. All rights reserved. 29 * Use is subject to license terms. 30 */ 31 32 #include <sys/param.h> 33 #include <sys/systm.h> 34 #include <sys/types.h> 35 #include <sys/kernel.h> 36 #include <sys/malloc.h> 37 #include <sys/kmem.h> 38 #include <sys/xcall.h> 39 #include <sys/cpu.h> 40 #include <sys/cpuvar.h> 41 //#include <sys/smp.h> 42 #include <sys/dtrace_impl.h> 43 #include <sys/dtrace_bsd.h> 44 #include <machine/cpu.h> 45 #include <machine/clock.h> 46 #include <machine/frame.h> 47 #include <uvm/uvm_pglist.h> 48 #include <uvm/uvm_prot.h> 49 #include <uvm/uvm_pmap.h> 50 51 extern uintptr_t kernelbase; 52 extern uintptr_t dtrace_in_probe_addr; 53 extern int dtrace_in_probe; 54 55 int dtrace_invop(uintptr_t, uintptr_t *, uintptr_t); 56 57 typedef struct dtrace_invop_hdlr { 58 int (*dtih_func)(uintptr_t, uintptr_t *, uintptr_t); 59 struct dtrace_invop_hdlr *dtih_next; 60 } dtrace_invop_hdlr_t; 61 62 dtrace_invop_hdlr_t *dtrace_invop_hdlr; 63 64 int 65 dtrace_invop(uintptr_t addr, uintptr_t *stack, uintptr_t eax) 66 { 67 dtrace_invop_hdlr_t *hdlr; 68 int rval; 69 70 for (hdlr = dtrace_invop_hdlr; hdlr != NULL; hdlr = hdlr->dtih_next) 71 if ((rval = hdlr->dtih_func(addr, stack, eax)) != 0) 72 return (rval); 73 74 return (0); 75 } 76 77 void 78 dtrace_invop_add(int (*func)(uintptr_t, uintptr_t *, uintptr_t)) 79 { 80 dtrace_invop_hdlr_t *hdlr; 81 82 hdlr = kmem_alloc(sizeof (dtrace_invop_hdlr_t), KM_SLEEP); 83 hdlr->dtih_func = func; 84 hdlr->dtih_next = dtrace_invop_hdlr; 85 dtrace_invop_hdlr = hdlr; 86 } 87 88 void 89 dtrace_invop_remove(int (*func)(uintptr_t, uintptr_t *, uintptr_t)) 90 { 91 dtrace_invop_hdlr_t *hdlr = dtrace_invop_hdlr, *prev = NULL; 92 93 for (;;) { 94 if (hdlr == NULL) 95 panic("attempt to remove non-existent invop handler"); 96 97 if (hdlr->dtih_func == func) 98 break; 99 100 prev = hdlr; 101 hdlr = hdlr->dtih_next; 102 } 103 104 if (prev == NULL) { 105 ASSERT(dtrace_invop_hdlr == hdlr); 106 dtrace_invop_hdlr = hdlr->dtih_next; 107 } else { 108 ASSERT(dtrace_invop_hdlr != hdlr); 109 prev->dtih_next = hdlr->dtih_next; 110 } 111 112 kmem_free(hdlr, 0); 113 } 114 115 void 116 dtrace_toxic_ranges(void (*func)(uintptr_t base, uintptr_t limit)) 117 { 118 (*func)(0, kernelbase); 119 } 120 121 static void 122 xcall_func(void *arg0, void *arg1) 123 { 124 dtrace_xcall_t func = arg0; 125 126 (*func)(arg1); 127 } 128 129 void 130 dtrace_xcall(processorid_t cpu, dtrace_xcall_t func, void *arg) 131 { 132 uint64_t where; 133 134 if (cpu == DTRACE_CPUALL) { 135 where = xc_broadcast(0, xcall_func, func, arg); 136 } else { 137 struct cpu_info *cinfo = cpu_lookup(cpu); 138 139 KASSERT(cinfo != NULL); 140 where = xc_unicast(0, xcall_func, func, arg, cinfo); 141 } 142 xc_wait(where); 143 144 /* XXX Q. Do we really need the other cpus to wait also? 145 * (see solaris:xc_sync()) 146 */ 147 } 148 149 static void 150 dtrace_sync_func(void) 151 { 152 } 153 154 void 155 dtrace_sync(void) 156 { 157 dtrace_xcall(DTRACE_CPUALL, (dtrace_xcall_t)dtrace_sync_func, NULL); 158 } 159 160 #ifdef notyet 161 int (*dtrace_fasttrap_probe_ptr)(struct regs *); 162 int (*dtrace_pid_probe_ptr)(struct regs *); 163 int (*dtrace_return_probe_ptr)(struct regs *); 164 165 void 166 dtrace_user_probe(struct regs *rp, caddr_t addr, processorid_t cpuid) 167 { 168 krwlock_t *rwp; 169 proc_t *p = curproc; 170 extern void trap(struct regs *, caddr_t, processorid_t); 171 172 if (USERMODE(rp->r_cs) || (rp->r_ps & PS_VM)) { 173 if (curthread->t_cred != p->p_cred) { 174 cred_t *oldcred = curthread->t_cred; 175 /* 176 * DTrace accesses t_cred in probe context. t_cred 177 * must always be either NULL, or point to a valid, 178 * allocated cred structure. 179 */ 180 curthread->t_cred = crgetcred(); 181 crfree(oldcred); 182 } 183 } 184 185 if (rp->r_trapno == T_DTRACE_RET) { 186 uint8_t step = curthread->t_dtrace_step; 187 uint8_t ret = curthread->t_dtrace_ret; 188 uintptr_t npc = curthread->t_dtrace_npc; 189 190 if (curthread->t_dtrace_ast) { 191 aston(curthread); 192 curthread->t_sig_check = 1; 193 } 194 195 /* 196 * Clear all user tracing flags. 197 */ 198 curthread->t_dtrace_ft = 0; 199 200 /* 201 * If we weren't expecting to take a return probe trap, kill 202 * the process as though it had just executed an unassigned 203 * trap instruction. 204 */ 205 if (step == 0) { 206 tsignal(curthread, SIGILL); 207 return; 208 } 209 210 /* 211 * If we hit this trap unrelated to a return probe, we're 212 * just here to reset the AST flag since we deferred a signal 213 * until after we logically single-stepped the instruction we 214 * copied out. 215 */ 216 if (ret == 0) { 217 rp->r_pc = npc; 218 return; 219 } 220 221 /* 222 * We need to wait until after we've called the 223 * dtrace_return_probe_ptr function pointer to set %pc. 224 */ 225 rwp = &CPU->cpu_ft_lock; 226 rw_enter(rwp, RW_READER); 227 if (dtrace_return_probe_ptr != NULL) 228 (void) (*dtrace_return_probe_ptr)(rp); 229 rw_exit(rwp); 230 rp->r_pc = npc; 231 232 } else if (rp->r_trapno == T_DTRACE_PROBE) { 233 rwp = &CPU->cpu_ft_lock; 234 rw_enter(rwp, RW_READER); 235 if (dtrace_fasttrap_probe_ptr != NULL) 236 (void) (*dtrace_fasttrap_probe_ptr)(rp); 237 rw_exit(rwp); 238 239 } else if (rp->r_trapno == T_BPTFLT) { 240 uint8_t instr; 241 rwp = &CPU->cpu_ft_lock; 242 243 /* 244 * The DTrace fasttrap provider uses the breakpoint trap 245 * (int 3). We let DTrace take the first crack at handling 246 * this trap; if it's not a probe that DTrace knowns about, 247 * we call into the trap() routine to handle it like a 248 * breakpoint placed by a conventional debugger. 249 */ 250 rw_enter(rwp, RW_READER); 251 if (dtrace_pid_probe_ptr != NULL && 252 (*dtrace_pid_probe_ptr)(rp) == 0) { 253 rw_exit(rwp); 254 return; 255 } 256 rw_exit(rwp); 257 258 /* 259 * If the instruction that caused the breakpoint trap doesn't 260 * look like an int 3 anymore, it may be that this tracepoint 261 * was removed just after the user thread executed it. In 262 * that case, return to user land to retry the instuction. 263 */ 264 if (fuword8((void *)(rp->r_pc - 1), &instr) == 0 && 265 instr != FASTTRAP_INSTR) { 266 rp->r_pc--; 267 return; 268 } 269 270 trap(rp, addr, cpuid); 271 272 } else { 273 trap(rp, addr, cpuid); 274 } 275 } 276 277 void 278 dtrace_safe_synchronous_signal(void) 279 { 280 kthread_t *t = curthread; 281 struct regs *rp = lwptoregs(ttolwp(t)); 282 size_t isz = t->t_dtrace_npc - t->t_dtrace_pc; 283 284 ASSERT(t->t_dtrace_on); 285 286 /* 287 * If we're not in the range of scratch addresses, we're not actually 288 * tracing user instructions so turn off the flags. If the instruction 289 * we copied out caused a synchonous trap, reset the pc back to its 290 * original value and turn off the flags. 291 */ 292 if (rp->r_pc < t->t_dtrace_scrpc || 293 rp->r_pc > t->t_dtrace_astpc + isz) { 294 t->t_dtrace_ft = 0; 295 } else if (rp->r_pc == t->t_dtrace_scrpc || 296 rp->r_pc == t->t_dtrace_astpc) { 297 rp->r_pc = t->t_dtrace_pc; 298 t->t_dtrace_ft = 0; 299 } 300 } 301 302 int 303 dtrace_safe_defer_signal(void) 304 { 305 kthread_t *t = curthread; 306 struct regs *rp = lwptoregs(ttolwp(t)); 307 size_t isz = t->t_dtrace_npc - t->t_dtrace_pc; 308 309 ASSERT(t->t_dtrace_on); 310 311 /* 312 * If we're not in the range of scratch addresses, we're not actually 313 * tracing user instructions so turn off the flags. 314 */ 315 if (rp->r_pc < t->t_dtrace_scrpc || 316 rp->r_pc > t->t_dtrace_astpc + isz) { 317 t->t_dtrace_ft = 0; 318 return (0); 319 } 320 321 /* 322 * If we've executed the original instruction, but haven't performed 323 * the jmp back to t->t_dtrace_npc or the clean up of any registers 324 * used to emulate %rip-relative instructions in 64-bit mode, do that 325 * here and take the signal right away. We detect this condition by 326 * seeing if the program counter is the range [scrpc + isz, astpc). 327 */ 328 if (t->t_dtrace_astpc - rp->r_pc < 329 t->t_dtrace_astpc - t->t_dtrace_scrpc - isz) { 330 #ifdef __amd64 331 /* 332 * If there is a scratch register and we're on the 333 * instruction immediately after the modified instruction, 334 * restore the value of that scratch register. 335 */ 336 if (t->t_dtrace_reg != 0 && 337 rp->r_pc == t->t_dtrace_scrpc + isz) { 338 switch (t->t_dtrace_reg) { 339 case REG_RAX: 340 rp->r_rax = t->t_dtrace_regv; 341 break; 342 case REG_RCX: 343 rp->r_rcx = t->t_dtrace_regv; 344 break; 345 case REG_R8: 346 rp->r_r8 = t->t_dtrace_regv; 347 break; 348 case REG_R9: 349 rp->r_r9 = t->t_dtrace_regv; 350 break; 351 } 352 } 353 #endif 354 rp->r_pc = t->t_dtrace_npc; 355 t->t_dtrace_ft = 0; 356 return (0); 357 } 358 359 /* 360 * Otherwise, make sure we'll return to the kernel after executing 361 * the copied out instruction and defer the signal. 362 */ 363 if (!t->t_dtrace_step) { 364 ASSERT(rp->r_pc < t->t_dtrace_astpc); 365 rp->r_pc += t->t_dtrace_astpc - t->t_dtrace_scrpc; 366 t->t_dtrace_step = 1; 367 } 368 369 t->t_dtrace_ast = 1; 370 371 return (1); 372 } 373 #endif 374 375 static int64_t tgt_cpu_tsc; 376 static int64_t hst_cpu_tsc; 377 static int64_t tsc_skew[MAXCPUS]; 378 static uint64_t nsec_scale; 379 380 /* See below for the explanation of this macro. */ 381 #define SCALE_SHIFT 28 382 383 static __inline uint64_t 384 dtrace_rdtsc(void) 385 { 386 uint64_t rv; 387 388 __asm __volatile("rdtsc" : "=A" (rv)); 389 return (rv); 390 } 391 392 static void 393 dtrace_gethrtime_init_sync(void *arg) 394 { 395 #ifdef CHECK_SYNC 396 /* 397 * Delay this function from returning on one 398 * of the CPUs to check that the synchronisation 399 * works. 400 */ 401 uintptr_t cpu = (uintptr_t) arg; 402 403 if (cpu == curcpu) { 404 int i; 405 for (i = 0; i < 1000000000; i++) 406 tgt_cpu_tsc = dtrace_rdtsc(); 407 tgt_cpu_tsc = 0; 408 } 409 #endif 410 } 411 412 static void 413 dtrace_gethrtime_init_cpu(void *arg) 414 { 415 uintptr_t cpu = (uintptr_t) arg; 416 417 if (cpu == cpu_number()) 418 tgt_cpu_tsc = dtrace_rdtsc(); 419 else 420 hst_cpu_tsc = dtrace_rdtsc(); 421 } 422 423 void 424 dtrace_gethrtime_init(void *arg) 425 { 426 uint64_t tsc_f; 427 CPU_INFO_ITERATOR cpuind; 428 struct cpu_info *cinfo = curcpu(); 429 cpuid_t cur_cpuid = cpu_number(); /* current cpu id */ 430 431 /* 432 * Get TSC frequency known at this moment. 433 * This should be constant if TSC is invariant. 434 * Otherwise tick->time conversion will be inaccurate, but 435 * will preserve monotonic property of TSC. 436 */ 437 tsc_f = cpu_frequency(cinfo); 438 439 /* 440 * The following line checks that nsec_scale calculated below 441 * doesn't overflow 32-bit unsigned integer, so that it can multiply 442 * another 32-bit integer without overflowing 64-bit. 443 * Thus minimum supported TSC frequency is 62.5MHz. 444 */ 445 //KASSERT(tsc_f > (NANOSEC >> (32 - SCALE_SHIFT)), ("TSC frequency is too low")); 446 KASSERT(tsc_f > (NANOSEC >> (32 - SCALE_SHIFT))); 447 448 /* 449 * We scale up NANOSEC/tsc_f ratio to preserve as much precision 450 * as possible. 451 * 2^28 factor was chosen quite arbitrarily from practical 452 * considerations: 453 * - it supports TSC frequencies as low as 62.5MHz (see above); 454 * - it provides quite good precision (e < 0.01%) up to THz 455 * (terahertz) values; 456 */ 457 nsec_scale = ((uint64_t)NANOSEC << SCALE_SHIFT) / tsc_f; 458 459 /* The current CPU is the reference one. */ 460 tsc_skew[cur_cpuid] = 0; 461 462 for (CPU_INFO_FOREACH(cpuind, cinfo)) { 463 /* use skew relative to cpu 0 */ 464 tsc_skew[cpu_index(cinfo)] = cinfo->ci_data.cpu_cc_skew; 465 } 466 467 /* Already handled in x86/tsc.c for ci_data.cpu_cc_skew */ 468 #if 0 469 for (i = 0; i <= mp_maxid; i++) { 470 if (i == curcpu) 471 continue; 472 473 if (pcpu_find(i) == NULL) 474 continue; 475 476 map = 0; 477 map |= (1 << curcpu); 478 map |= (1 << i); 479 480 smp_rendezvous_cpus(map, dtrace_gethrtime_init_sync, 481 dtrace_gethrtime_init_cpu, 482 smp_no_rendevous_barrier, (void *)(uintptr_t) i); 483 484 tsc_skew[i] = tgt_cpu_tsc - hst_cpu_tsc; 485 } 486 #endif 487 } 488 489 /* 490 * DTrace needs a high resolution time function which can 491 * be called from a probe context and guaranteed not to have 492 * instrumented with probes itself. 493 * 494 * Returns nanoseconds since boot. 495 */ 496 uint64_t 497 dtrace_gethrtime() 498 { 499 uint64_t tsc; 500 uint32_t lo; 501 uint32_t hi; 502 503 /* 504 * We split TSC value into lower and higher 32-bit halves and separately 505 * scale them with nsec_scale, then we scale them down by 2^28 506 * (see nsec_scale calculations) taking into account 32-bit shift of 507 * the higher half and finally add. 508 */ 509 tsc = dtrace_rdtsc() + tsc_skew[cpu_number()]; 510 lo = tsc; 511 hi = tsc >> 32; 512 return (((lo * nsec_scale) >> SCALE_SHIFT) + 513 ((hi * nsec_scale) << (32 - SCALE_SHIFT))); 514 } 515 516 uint64_t 517 dtrace_gethrestime(void) 518 { 519 printf("%s(%d): XXX\n",__func__,__LINE__); 520 return (0); 521 } 522 523 /* Function to handle DTrace traps during probes. See i386/i386/trap.c */ 524 int 525 dtrace_trap(struct trapframe *frame, u_int type) 526 { 527 cpuid_t cpuid = cpu_number(); /* current cpu id */ 528 529 /* 530 * A trap can occur while DTrace executes a probe. Before 531 * executing the probe, DTrace blocks re-scheduling and sets 532 * a flag in it's per-cpu flags to indicate that it doesn't 533 * want to fault. On returning from the the probe, the no-fault 534 * flag is cleared and finally re-scheduling is enabled. 535 * 536 * Check if DTrace has enabled 'no-fault' mode: 537 * 538 */ 539 if ((cpu_core[cpuid].cpuc_dtrace_flags & CPU_DTRACE_NOFAULT) != 0) { 540 /* 541 * There are only a couple of trap types that are expected. 542 * All the rest will be handled in the usual way. 543 */ 544 switch (type) { 545 /* General protection fault. */ 546 case T_PROTFLT: 547 /* Flag an illegal operation. */ 548 cpu_core[cpuid].cpuc_dtrace_flags |= CPU_DTRACE_ILLOP; 549 550 /* 551 * Offset the instruction pointer to the instruction 552 * following the one causing the fault. 553 */ 554 frame->tf_eip += dtrace_instr_size((u_char *) frame->tf_eip); 555 return (1); 556 /* Page fault. */ 557 case T_PAGEFLT: 558 /* Flag a bad address. */ 559 cpu_core[cpuid].cpuc_dtrace_flags |= CPU_DTRACE_BADADDR; 560 cpu_core[cpuid].cpuc_dtrace_illval = rcr2(); 561 562 /* 563 * Offset the instruction pointer to the instruction 564 * following the one causing the fault. 565 */ 566 frame->tf_eip += dtrace_instr_size((u_char *) frame->tf_eip); 567 return (1); 568 default: 569 /* Handle all other traps in the usual way. */ 570 break; 571 } 572 } 573 574 /* Handle the trap in the usual way. */ 575 return (0); 576 } 577