174fe6c29SRuslan Bukin /*
2*85f87cf4SRuslan Bukin * Copyright (c) 2016-2019, Intel Corporation
374fe6c29SRuslan Bukin *
474fe6c29SRuslan Bukin * Redistribution and use in source and binary forms, with or without
574fe6c29SRuslan Bukin * modification, are permitted provided that the following conditions are met:
674fe6c29SRuslan Bukin *
774fe6c29SRuslan Bukin * * Redistributions of source code must retain the above copyright notice,
874fe6c29SRuslan Bukin * this list of conditions and the following disclaimer.
974fe6c29SRuslan Bukin * * Redistributions in binary form must reproduce the above copyright notice,
1074fe6c29SRuslan Bukin * this list of conditions and the following disclaimer in the documentation
1174fe6c29SRuslan Bukin * and/or other materials provided with the distribution.
1274fe6c29SRuslan Bukin * * Neither the name of Intel Corporation nor the names of its contributors
1374fe6c29SRuslan Bukin * may be used to endorse or promote products derived from this software
1474fe6c29SRuslan Bukin * without specific prior written permission.
1574fe6c29SRuslan Bukin *
1674fe6c29SRuslan Bukin * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
1774fe6c29SRuslan Bukin * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
1874fe6c29SRuslan Bukin * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
1974fe6c29SRuslan Bukin * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE
2074fe6c29SRuslan Bukin * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
2174fe6c29SRuslan Bukin * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
2274fe6c29SRuslan Bukin * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
2374fe6c29SRuslan Bukin * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
2474fe6c29SRuslan Bukin * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
2574fe6c29SRuslan Bukin * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
2674fe6c29SRuslan Bukin * POSSIBILITY OF SUCH DAMAGE.
2774fe6c29SRuslan Bukin */
2874fe6c29SRuslan Bukin
2974fe6c29SRuslan Bukin #include "pt_insn.h"
3074fe6c29SRuslan Bukin #include "pt_ild.h"
3174fe6c29SRuslan Bukin #include "pt_image.h"
3274fe6c29SRuslan Bukin #include "pt_compiler.h"
3374fe6c29SRuslan Bukin
3474fe6c29SRuslan Bukin #include "intel-pt.h"
3574fe6c29SRuslan Bukin
3674fe6c29SRuslan Bukin
pt_insn_changes_cpl(const struct pt_insn * insn,const struct pt_insn_ext * iext)3774fe6c29SRuslan Bukin int pt_insn_changes_cpl(const struct pt_insn *insn,
3874fe6c29SRuslan Bukin const struct pt_insn_ext *iext)
3974fe6c29SRuslan Bukin {
4074fe6c29SRuslan Bukin (void) insn;
4174fe6c29SRuslan Bukin
4274fe6c29SRuslan Bukin if (!iext)
4374fe6c29SRuslan Bukin return 0;
4474fe6c29SRuslan Bukin
4574fe6c29SRuslan Bukin switch (iext->iclass) {
4674fe6c29SRuslan Bukin default:
4774fe6c29SRuslan Bukin return 0;
4874fe6c29SRuslan Bukin
4974fe6c29SRuslan Bukin case PTI_INST_INT:
5074fe6c29SRuslan Bukin case PTI_INST_INT3:
5174fe6c29SRuslan Bukin case PTI_INST_INT1:
5274fe6c29SRuslan Bukin case PTI_INST_INTO:
5374fe6c29SRuslan Bukin case PTI_INST_IRET:
5474fe6c29SRuslan Bukin case PTI_INST_SYSCALL:
5574fe6c29SRuslan Bukin case PTI_INST_SYSENTER:
5674fe6c29SRuslan Bukin case PTI_INST_SYSEXIT:
5774fe6c29SRuslan Bukin case PTI_INST_SYSRET:
5874fe6c29SRuslan Bukin return 1;
5974fe6c29SRuslan Bukin }
6074fe6c29SRuslan Bukin }
6174fe6c29SRuslan Bukin
pt_insn_changes_cr3(const struct pt_insn * insn,const struct pt_insn_ext * iext)6274fe6c29SRuslan Bukin int pt_insn_changes_cr3(const struct pt_insn *insn,
6374fe6c29SRuslan Bukin const struct pt_insn_ext *iext)
6474fe6c29SRuslan Bukin {
6574fe6c29SRuslan Bukin (void) insn;
6674fe6c29SRuslan Bukin
6774fe6c29SRuslan Bukin if (!iext)
6874fe6c29SRuslan Bukin return 0;
6974fe6c29SRuslan Bukin
7074fe6c29SRuslan Bukin switch (iext->iclass) {
7174fe6c29SRuslan Bukin default:
7274fe6c29SRuslan Bukin return 0;
7374fe6c29SRuslan Bukin
7474fe6c29SRuslan Bukin case PTI_INST_MOV_CR3:
7574fe6c29SRuslan Bukin return 1;
7674fe6c29SRuslan Bukin }
7774fe6c29SRuslan Bukin }
7874fe6c29SRuslan Bukin
pt_insn_is_branch(const struct pt_insn * insn,const struct pt_insn_ext * iext)7974fe6c29SRuslan Bukin int pt_insn_is_branch(const struct pt_insn *insn,
8074fe6c29SRuslan Bukin const struct pt_insn_ext *iext)
8174fe6c29SRuslan Bukin {
8274fe6c29SRuslan Bukin (void) iext;
8374fe6c29SRuslan Bukin
8474fe6c29SRuslan Bukin if (!insn)
8574fe6c29SRuslan Bukin return 0;
8674fe6c29SRuslan Bukin
8774fe6c29SRuslan Bukin switch (insn->iclass) {
8874fe6c29SRuslan Bukin default:
8974fe6c29SRuslan Bukin return 0;
9074fe6c29SRuslan Bukin
9174fe6c29SRuslan Bukin case ptic_call:
9274fe6c29SRuslan Bukin case ptic_return:
9374fe6c29SRuslan Bukin case ptic_jump:
9474fe6c29SRuslan Bukin case ptic_cond_jump:
9574fe6c29SRuslan Bukin case ptic_far_call:
9674fe6c29SRuslan Bukin case ptic_far_return:
9774fe6c29SRuslan Bukin case ptic_far_jump:
9874fe6c29SRuslan Bukin return 1;
9974fe6c29SRuslan Bukin }
10074fe6c29SRuslan Bukin }
10174fe6c29SRuslan Bukin
pt_insn_is_far_branch(const struct pt_insn * insn,const struct pt_insn_ext * iext)10274fe6c29SRuslan Bukin int pt_insn_is_far_branch(const struct pt_insn *insn,
10374fe6c29SRuslan Bukin const struct pt_insn_ext *iext)
10474fe6c29SRuslan Bukin {
10574fe6c29SRuslan Bukin (void) iext;
10674fe6c29SRuslan Bukin
10774fe6c29SRuslan Bukin if (!insn)
10874fe6c29SRuslan Bukin return 0;
10974fe6c29SRuslan Bukin
11074fe6c29SRuslan Bukin switch (insn->iclass) {
11174fe6c29SRuslan Bukin default:
11274fe6c29SRuslan Bukin return 0;
11374fe6c29SRuslan Bukin
11474fe6c29SRuslan Bukin case ptic_far_call:
11574fe6c29SRuslan Bukin case ptic_far_return:
11674fe6c29SRuslan Bukin case ptic_far_jump:
11774fe6c29SRuslan Bukin return 1;
11874fe6c29SRuslan Bukin }
11974fe6c29SRuslan Bukin }
12074fe6c29SRuslan Bukin
pt_insn_binds_to_pip(const struct pt_insn * insn,const struct pt_insn_ext * iext)12174fe6c29SRuslan Bukin int pt_insn_binds_to_pip(const struct pt_insn *insn,
12274fe6c29SRuslan Bukin const struct pt_insn_ext *iext)
12374fe6c29SRuslan Bukin {
12474fe6c29SRuslan Bukin if (!iext)
12574fe6c29SRuslan Bukin return 0;
12674fe6c29SRuslan Bukin
12774fe6c29SRuslan Bukin switch (iext->iclass) {
12874fe6c29SRuslan Bukin default:
12974fe6c29SRuslan Bukin return pt_insn_is_far_branch(insn, iext);
13074fe6c29SRuslan Bukin
13174fe6c29SRuslan Bukin case PTI_INST_MOV_CR3:
13274fe6c29SRuslan Bukin case PTI_INST_VMLAUNCH:
13374fe6c29SRuslan Bukin case PTI_INST_VMRESUME:
13474fe6c29SRuslan Bukin return 1;
13574fe6c29SRuslan Bukin }
13674fe6c29SRuslan Bukin }
13774fe6c29SRuslan Bukin
pt_insn_binds_to_vmcs(const struct pt_insn * insn,const struct pt_insn_ext * iext)13874fe6c29SRuslan Bukin int pt_insn_binds_to_vmcs(const struct pt_insn *insn,
13974fe6c29SRuslan Bukin const struct pt_insn_ext *iext)
14074fe6c29SRuslan Bukin {
14174fe6c29SRuslan Bukin if (!iext)
14274fe6c29SRuslan Bukin return 0;
14374fe6c29SRuslan Bukin
14474fe6c29SRuslan Bukin switch (iext->iclass) {
14574fe6c29SRuslan Bukin default:
14674fe6c29SRuslan Bukin return pt_insn_is_far_branch(insn, iext);
14774fe6c29SRuslan Bukin
14874fe6c29SRuslan Bukin case PTI_INST_VMPTRLD:
14974fe6c29SRuslan Bukin case PTI_INST_VMLAUNCH:
15074fe6c29SRuslan Bukin case PTI_INST_VMRESUME:
15174fe6c29SRuslan Bukin return 1;
15274fe6c29SRuslan Bukin }
15374fe6c29SRuslan Bukin }
15474fe6c29SRuslan Bukin
pt_insn_is_ptwrite(const struct pt_insn * insn,const struct pt_insn_ext * iext)15574fe6c29SRuslan Bukin int pt_insn_is_ptwrite(const struct pt_insn *insn,
15674fe6c29SRuslan Bukin const struct pt_insn_ext *iext)
15774fe6c29SRuslan Bukin {
15874fe6c29SRuslan Bukin (void) iext;
15974fe6c29SRuslan Bukin
16074fe6c29SRuslan Bukin if (!insn)
16174fe6c29SRuslan Bukin return 0;
16274fe6c29SRuslan Bukin
16374fe6c29SRuslan Bukin switch (insn->iclass) {
16474fe6c29SRuslan Bukin default:
16574fe6c29SRuslan Bukin return 0;
16674fe6c29SRuslan Bukin
16774fe6c29SRuslan Bukin case ptic_ptwrite:
16874fe6c29SRuslan Bukin return 1;
16974fe6c29SRuslan Bukin }
17074fe6c29SRuslan Bukin }
17174fe6c29SRuslan Bukin
pt_insn_next_ip(uint64_t * pip,const struct pt_insn * insn,const struct pt_insn_ext * iext)17274fe6c29SRuslan Bukin int pt_insn_next_ip(uint64_t *pip, const struct pt_insn *insn,
17374fe6c29SRuslan Bukin const struct pt_insn_ext *iext)
17474fe6c29SRuslan Bukin {
17574fe6c29SRuslan Bukin uint64_t ip;
17674fe6c29SRuslan Bukin
17774fe6c29SRuslan Bukin if (!insn || !iext)
17874fe6c29SRuslan Bukin return -pte_internal;
17974fe6c29SRuslan Bukin
18074fe6c29SRuslan Bukin ip = insn->ip + insn->size;
18174fe6c29SRuslan Bukin
18274fe6c29SRuslan Bukin switch (insn->iclass) {
18374fe6c29SRuslan Bukin case ptic_ptwrite:
18474fe6c29SRuslan Bukin case ptic_other:
18574fe6c29SRuslan Bukin break;
18674fe6c29SRuslan Bukin
18774fe6c29SRuslan Bukin case ptic_call:
18874fe6c29SRuslan Bukin case ptic_jump:
18974fe6c29SRuslan Bukin if (iext->variant.branch.is_direct) {
190*85f87cf4SRuslan Bukin ip += (uint64_t) (int64_t)
191*85f87cf4SRuslan Bukin iext->variant.branch.displacement;
19274fe6c29SRuslan Bukin break;
19374fe6c29SRuslan Bukin }
19474fe6c29SRuslan Bukin
19574fe6c29SRuslan Bukin fallthrough;
19674fe6c29SRuslan Bukin default:
19774fe6c29SRuslan Bukin return -pte_bad_query;
19874fe6c29SRuslan Bukin
19974fe6c29SRuslan Bukin case ptic_error:
20074fe6c29SRuslan Bukin return -pte_bad_insn;
20174fe6c29SRuslan Bukin }
20274fe6c29SRuslan Bukin
20374fe6c29SRuslan Bukin if (pip)
20474fe6c29SRuslan Bukin *pip = ip;
20574fe6c29SRuslan Bukin
20674fe6c29SRuslan Bukin return 0;
20774fe6c29SRuslan Bukin }
20874fe6c29SRuslan Bukin
20974fe6c29SRuslan Bukin /* Retry decoding an instruction after a preceding decode error.
21074fe6c29SRuslan Bukin *
21174fe6c29SRuslan Bukin * Instruction length decode typically fails due to 'not enough
21274fe6c29SRuslan Bukin * bytes'.
21374fe6c29SRuslan Bukin *
21474fe6c29SRuslan Bukin * This may be caused by partial updates of text sections
21574fe6c29SRuslan Bukin * represented via new image sections overlapping the original
21674fe6c29SRuslan Bukin * text section's image section. We stop reading memory at the
21774fe6c29SRuslan Bukin * end of the section so we do not read the full instruction if
21874fe6c29SRuslan Bukin * parts of it have been overwritten by the update.
21974fe6c29SRuslan Bukin *
22074fe6c29SRuslan Bukin * Try to read the remaining bytes and decode the instruction again. If we
22174fe6c29SRuslan Bukin * succeed, set @insn->truncated to indicate that the instruction is truncated
22274fe6c29SRuslan Bukin * in @insn->isid.
22374fe6c29SRuslan Bukin *
22474fe6c29SRuslan Bukin * Returns zero on success, a negative error code otherwise.
22574fe6c29SRuslan Bukin * Returns -pte_bad_insn if the instruction could not be decoded.
22674fe6c29SRuslan Bukin */
pt_insn_decode_retry(struct pt_insn * insn,struct pt_insn_ext * iext,struct pt_image * image,const struct pt_asid * asid)22774fe6c29SRuslan Bukin static int pt_insn_decode_retry(struct pt_insn *insn, struct pt_insn_ext *iext,
22874fe6c29SRuslan Bukin struct pt_image *image,
22974fe6c29SRuslan Bukin const struct pt_asid *asid)
23074fe6c29SRuslan Bukin {
23174fe6c29SRuslan Bukin int size, errcode, isid;
23274fe6c29SRuslan Bukin uint8_t isize, remaining;
23374fe6c29SRuslan Bukin
23474fe6c29SRuslan Bukin if (!insn)
23574fe6c29SRuslan Bukin return -pte_internal;
23674fe6c29SRuslan Bukin
23774fe6c29SRuslan Bukin isize = insn->size;
23874fe6c29SRuslan Bukin remaining = sizeof(insn->raw) - isize;
23974fe6c29SRuslan Bukin
24074fe6c29SRuslan Bukin /* We failed for real if we already read the maximum number of bytes for
24174fe6c29SRuslan Bukin * an instruction.
24274fe6c29SRuslan Bukin */
24374fe6c29SRuslan Bukin if (!remaining)
24474fe6c29SRuslan Bukin return -pte_bad_insn;
24574fe6c29SRuslan Bukin
24674fe6c29SRuslan Bukin /* Read the remaining bytes from the image. */
24774fe6c29SRuslan Bukin size = pt_image_read(image, &isid, &insn->raw[isize], remaining, asid,
24874fe6c29SRuslan Bukin insn->ip + isize);
24974fe6c29SRuslan Bukin if (size <= 0) {
25074fe6c29SRuslan Bukin /* We should have gotten an error if we were not able to read at
25174fe6c29SRuslan Bukin * least one byte. Check this to guarantee termination.
25274fe6c29SRuslan Bukin */
25374fe6c29SRuslan Bukin if (!size)
25474fe6c29SRuslan Bukin return -pte_internal;
25574fe6c29SRuslan Bukin
25674fe6c29SRuslan Bukin /* Preserve the original error if there are no more bytes. */
25774fe6c29SRuslan Bukin if (size == -pte_nomap)
25874fe6c29SRuslan Bukin size = -pte_bad_insn;
25974fe6c29SRuslan Bukin
26074fe6c29SRuslan Bukin return size;
26174fe6c29SRuslan Bukin }
26274fe6c29SRuslan Bukin
26374fe6c29SRuslan Bukin /* Add the newly read bytes to the instruction's size. */
26474fe6c29SRuslan Bukin insn->size += (uint8_t) size;
26574fe6c29SRuslan Bukin
26674fe6c29SRuslan Bukin /* Store the new size to avoid infinite recursion in case instruction
26774fe6c29SRuslan Bukin * decode fails after length decode, which would set @insn->size to the
26874fe6c29SRuslan Bukin * actual length.
26974fe6c29SRuslan Bukin */
27074fe6c29SRuslan Bukin size = insn->size;
27174fe6c29SRuslan Bukin
27274fe6c29SRuslan Bukin /* Try to decode the instruction again.
27374fe6c29SRuslan Bukin *
27474fe6c29SRuslan Bukin * If we fail again, we recursively retry again until we either fail to
27574fe6c29SRuslan Bukin * read more bytes or reach the maximum number of bytes for an
27674fe6c29SRuslan Bukin * instruction.
27774fe6c29SRuslan Bukin */
27874fe6c29SRuslan Bukin errcode = pt_ild_decode(insn, iext);
27974fe6c29SRuslan Bukin if (errcode < 0) {
28074fe6c29SRuslan Bukin if (errcode != -pte_bad_insn)
28174fe6c29SRuslan Bukin return errcode;
28274fe6c29SRuslan Bukin
28374fe6c29SRuslan Bukin /* If instruction length decode already determined the size,
28474fe6c29SRuslan Bukin * there's no point in reading more bytes.
28574fe6c29SRuslan Bukin */
28674fe6c29SRuslan Bukin if (insn->size != (uint8_t) size)
28774fe6c29SRuslan Bukin return errcode;
28874fe6c29SRuslan Bukin
28974fe6c29SRuslan Bukin return pt_insn_decode_retry(insn, iext, image, asid);
29074fe6c29SRuslan Bukin }
29174fe6c29SRuslan Bukin
29274fe6c29SRuslan Bukin /* We succeeded this time, so the instruction crosses image section
29374fe6c29SRuslan Bukin * boundaries.
29474fe6c29SRuslan Bukin *
29574fe6c29SRuslan Bukin * This poses the question which isid to use for the instruction.
29674fe6c29SRuslan Bukin *
29774fe6c29SRuslan Bukin * To reconstruct exactly this instruction at a later time, we'd need to
29874fe6c29SRuslan Bukin * store all isids involved together with the number of bytes read for
29974fe6c29SRuslan Bukin * each isid. Since @insn already provides the exact bytes for this
30074fe6c29SRuslan Bukin * instruction, we assume that the isid will be used solely for source
30174fe6c29SRuslan Bukin * correlation. In this case, it should refer to the first byte of the
30274fe6c29SRuslan Bukin * instruction - as it already does.
30374fe6c29SRuslan Bukin */
30474fe6c29SRuslan Bukin insn->truncated = 1;
30574fe6c29SRuslan Bukin
30674fe6c29SRuslan Bukin return errcode;
30774fe6c29SRuslan Bukin }
30874fe6c29SRuslan Bukin
pt_insn_decode(struct pt_insn * insn,struct pt_insn_ext * iext,struct pt_image * image,const struct pt_asid * asid)30974fe6c29SRuslan Bukin int pt_insn_decode(struct pt_insn *insn, struct pt_insn_ext *iext,
31074fe6c29SRuslan Bukin struct pt_image *image, const struct pt_asid *asid)
31174fe6c29SRuslan Bukin {
31274fe6c29SRuslan Bukin int size, errcode;
31374fe6c29SRuslan Bukin
31474fe6c29SRuslan Bukin if (!insn)
31574fe6c29SRuslan Bukin return -pte_internal;
31674fe6c29SRuslan Bukin
31774fe6c29SRuslan Bukin /* Read the memory at the current IP in the current address space. */
31874fe6c29SRuslan Bukin size = pt_image_read(image, &insn->isid, insn->raw, sizeof(insn->raw),
31974fe6c29SRuslan Bukin asid, insn->ip);
32074fe6c29SRuslan Bukin if (size < 0)
32174fe6c29SRuslan Bukin return size;
32274fe6c29SRuslan Bukin
32374fe6c29SRuslan Bukin /* We initialize @insn->size to the maximal possible size. It will be
32474fe6c29SRuslan Bukin * set to the actual size during instruction decode.
32574fe6c29SRuslan Bukin */
32674fe6c29SRuslan Bukin insn->size = (uint8_t) size;
32774fe6c29SRuslan Bukin
32874fe6c29SRuslan Bukin errcode = pt_ild_decode(insn, iext);
32974fe6c29SRuslan Bukin if (errcode < 0) {
33074fe6c29SRuslan Bukin if (errcode != -pte_bad_insn)
33174fe6c29SRuslan Bukin return errcode;
33274fe6c29SRuslan Bukin
33374fe6c29SRuslan Bukin /* If instruction length decode already determined the size,
33474fe6c29SRuslan Bukin * there's no point in reading more bytes.
33574fe6c29SRuslan Bukin */
33674fe6c29SRuslan Bukin if (insn->size != (uint8_t) size)
33774fe6c29SRuslan Bukin return errcode;
33874fe6c29SRuslan Bukin
33974fe6c29SRuslan Bukin return pt_insn_decode_retry(insn, iext, image, asid);
34074fe6c29SRuslan Bukin }
34174fe6c29SRuslan Bukin
34274fe6c29SRuslan Bukin return errcode;
34374fe6c29SRuslan Bukin }
34474fe6c29SRuslan Bukin
pt_insn_range_is_contiguous(uint64_t begin,uint64_t end,enum pt_exec_mode mode,struct pt_image * image,const struct pt_asid * asid,size_t steps)34574fe6c29SRuslan Bukin int pt_insn_range_is_contiguous(uint64_t begin, uint64_t end,
34674fe6c29SRuslan Bukin enum pt_exec_mode mode, struct pt_image *image,
34774fe6c29SRuslan Bukin const struct pt_asid *asid, size_t steps)
34874fe6c29SRuslan Bukin {
34974fe6c29SRuslan Bukin struct pt_insn_ext iext;
35074fe6c29SRuslan Bukin struct pt_insn insn;
35174fe6c29SRuslan Bukin
35274fe6c29SRuslan Bukin memset(&insn, 0, sizeof(insn));
35374fe6c29SRuslan Bukin
35474fe6c29SRuslan Bukin insn.mode = mode;
35574fe6c29SRuslan Bukin insn.ip = begin;
35674fe6c29SRuslan Bukin
35774fe6c29SRuslan Bukin while (insn.ip != end) {
35874fe6c29SRuslan Bukin int errcode;
35974fe6c29SRuslan Bukin
36074fe6c29SRuslan Bukin if (!steps--)
36174fe6c29SRuslan Bukin return 0;
36274fe6c29SRuslan Bukin
36374fe6c29SRuslan Bukin errcode = pt_insn_decode(&insn, &iext, image, asid);
36474fe6c29SRuslan Bukin if (errcode < 0)
36574fe6c29SRuslan Bukin return errcode;
36674fe6c29SRuslan Bukin
36774fe6c29SRuslan Bukin errcode = pt_insn_next_ip(&insn.ip, &insn, &iext);
36874fe6c29SRuslan Bukin if (errcode < 0)
36974fe6c29SRuslan Bukin return errcode;
37074fe6c29SRuslan Bukin }
37174fe6c29SRuslan Bukin
37274fe6c29SRuslan Bukin return 1;
37374fe6c29SRuslan Bukin }
374