xref: /illumos-gate/usr/src/common/ctf/ctf_create.c (revision 16b76d3cb933ff92018a2a75594449010192eacb)
1 /*
2  * CDDL HEADER START
3  *
4  * The contents of this file are subject to the terms of the
5  * Common Development and Distribution License, Version 1.0 only
6  * (the "License").  You may not use this file except in compliance
7  * with the License.
8  *
9  * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
10  * or http://www.opensolaris.org/os/licensing.
11  * See the License for the specific language governing permissions
12  * and limitations under the License.
13  *
14  * When distributing Covered Code, include this CDDL HEADER in each
15  * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
16  * If applicable, add the following below this CDDL HEADER, with the
17  * fields enclosed by brackets "[]" replaced with your own identifying
18  * information: Portions Copyright [yyyy] [name of copyright owner]
19  *
20  * CDDL HEADER END
21  */
22 
23 /*
24  * Copyright 2006 Sun Microsystems, Inc.  All rights reserved.
25  * Use is subject to license terms.
26  */
27 /*
28  * Copyright 2020 Joyent, Inc.
29  * Copyright 2020 OmniOS Community Edition (OmniOSce) Association.
30  */
31 
32 #include <sys/sysmacros.h>
33 #include <sys/param.h>
34 #include <sys/mman.h>
35 #include <ctf_impl.h>
36 #include <sys/debug.h>
37 
38 /*
39  * SSIZE_MAX is not available in the kernel, so we define it here rather than
40  * accidentally inject into headers where it's not wanted.
41  */
42 #ifndef SSIZE_MAX
43 #define	SSIZE_MAX (LONG_MAX)
44 #endif
45 
46 /*
47  * This static string is used as the template for initially populating a
48  * dynamic container's string table.  We always store \0 in the first byte,
49  * and we use the generic string "PARENT" to mark this container's parent
50  * if one is associated with the container using ctf_import().
51  */
52 static const char _CTF_STRTAB_TEMPLATE[] = "\0PARENT";
53 
54 /*
55  * To create an empty CTF container, we just declare a zeroed header and call
56  * ctf_bufopen() on it.  If ctf_bufopen succeeds, we mark the new container r/w
57  * and initialize the dynamic members.  We set dtstrlen to 1 to reserve the
58  * first byte of the string table for a \0 byte, and we start assigning type
59  * IDs at 1 because type ID 0 is used as a sentinel.
60  */
61 ctf_file_t *
62 ctf_create(int *errp)
63 {
64 	static const ctf_header_t hdr = { { CTF_MAGIC, CTF_VERSION, 0 } };
65 
66 	const ulong_t hashlen = 128;
67 	ctf_dtdef_t **hash = ctf_alloc(hashlen * sizeof (ctf_dtdef_t *));
68 	ctf_sect_t cts;
69 	ctf_file_t *fp;
70 
71 	if (hash == NULL)
72 		return (ctf_set_open_errno(errp, EAGAIN));
73 
74 	cts.cts_name = _CTF_SECTION;
75 	cts.cts_type = SHT_PROGBITS;
76 	cts.cts_flags = 0;
77 	cts.cts_data = &hdr;
78 	cts.cts_size = sizeof (hdr);
79 	cts.cts_entsize = 1;
80 	cts.cts_offset = 0;
81 
82 	if ((fp = ctf_bufopen(&cts, NULL, NULL, errp)) == NULL) {
83 		ctf_free(hash, hashlen * sizeof (ctf_dtdef_t *));
84 		return (NULL);
85 	}
86 
87 	fp->ctf_flags |= LCTF_RDWR;
88 	fp->ctf_dthashlen = hashlen;
89 	bzero(hash, hashlen * sizeof (ctf_dtdef_t *));
90 	fp->ctf_dthash = hash;
91 	fp->ctf_dtstrlen = sizeof (_CTF_STRTAB_TEMPLATE);
92 	fp->ctf_dtnextid = 1;
93 	fp->ctf_dtoldid = 0;
94 
95 	return (fp);
96 }
97 
98 ctf_file_t *
99 ctf_fdcreate(int fd, int *errp)
100 {
101 	ctf_file_t *fp;
102 	static const ctf_header_t hdr = { { CTF_MAGIC, CTF_VERSION, 0 } };
103 
104 	const ulong_t hashlen = 128;
105 	ctf_dtdef_t **hash;
106 	ctf_sect_t cts;
107 
108 	if (fd == -1)
109 		return (ctf_create(errp));
110 
111 	hash = ctf_alloc(hashlen * sizeof (ctf_dtdef_t *));
112 
113 	if (hash == NULL)
114 		return (ctf_set_open_errno(errp, EAGAIN));
115 
116 	cts.cts_name = _CTF_SECTION;
117 	cts.cts_type = SHT_PROGBITS;
118 	cts.cts_flags = 0;
119 	cts.cts_data = &hdr;
120 	cts.cts_size = sizeof (hdr);
121 	cts.cts_entsize = 1;
122 	cts.cts_offset = 0;
123 
124 	if ((fp = ctf_fdcreate_int(fd, errp, &cts)) == NULL) {
125 		ctf_free(hash, hashlen * sizeof (ctf_dtdef_t *));
126 		return (NULL);
127 	}
128 
129 	fp->ctf_flags |= LCTF_RDWR;
130 	fp->ctf_dthashlen = hashlen;
131 	bzero(hash, hashlen * sizeof (ctf_dtdef_t *));
132 	fp->ctf_dthash = hash;
133 	fp->ctf_dtstrlen = sizeof (_CTF_STRTAB_TEMPLATE);
134 	fp->ctf_dtnextid = 1;
135 	fp->ctf_dtoldid = 0;
136 
137 	return (fp);
138 }
139 
140 static uchar_t *
141 ctf_copy_smembers(ctf_dtdef_t *dtd, uint_t soff, uchar_t *t)
142 {
143 	ctf_dmdef_t *dmd = ctf_list_next(&dtd->dtd_u.dtu_members);
144 	ctf_member_t ctm;
145 
146 	for (; dmd != NULL; dmd = ctf_list_next(dmd)) {
147 		if (dmd->dmd_name) {
148 			ctm.ctm_name = soff;
149 			soff += strlen(dmd->dmd_name) + 1;
150 		} else
151 			ctm.ctm_name = 0;
152 
153 		ctm.ctm_type = (ushort_t)dmd->dmd_type;
154 		ctm.ctm_offset = (ushort_t)dmd->dmd_offset;
155 
156 		bcopy(&ctm, t, sizeof (ctm));
157 		t += sizeof (ctm);
158 	}
159 
160 	return (t);
161 }
162 
163 static uchar_t *
164 ctf_copy_lmembers(ctf_dtdef_t *dtd, uint_t soff, uchar_t *t)
165 {
166 	ctf_dmdef_t *dmd = ctf_list_next(&dtd->dtd_u.dtu_members);
167 	ctf_lmember_t ctlm;
168 
169 	for (; dmd != NULL; dmd = ctf_list_next(dmd)) {
170 		if (dmd->dmd_name) {
171 			ctlm.ctlm_name = soff;
172 			soff += strlen(dmd->dmd_name) + 1;
173 		} else
174 			ctlm.ctlm_name = 0;
175 
176 		ctlm.ctlm_type = (ushort_t)dmd->dmd_type;
177 		ctlm.ctlm_pad = 0;
178 		ctlm.ctlm_offsethi = CTF_OFFSET_TO_LMEMHI(dmd->dmd_offset);
179 		ctlm.ctlm_offsetlo = CTF_OFFSET_TO_LMEMLO(dmd->dmd_offset);
180 
181 		bcopy(&ctlm, t, sizeof (ctlm));
182 		t += sizeof (ctlm);
183 	}
184 
185 	return (t);
186 }
187 
188 static uchar_t *
189 ctf_copy_emembers(ctf_dtdef_t *dtd, uint_t soff, uchar_t *t)
190 {
191 	ctf_dmdef_t *dmd = ctf_list_next(&dtd->dtd_u.dtu_members);
192 	ctf_enum_t cte;
193 
194 	for (; dmd != NULL; dmd = ctf_list_next(dmd)) {
195 		cte.cte_name = soff;
196 		cte.cte_value = dmd->dmd_value;
197 		soff += strlen(dmd->dmd_name) + 1;
198 		bcopy(&cte, t, sizeof (cte));
199 		t += sizeof (cte);
200 	}
201 
202 	return (t);
203 }
204 
205 static uchar_t *
206 ctf_copy_membnames(ctf_dtdef_t *dtd, uchar_t *s)
207 {
208 	ctf_dmdef_t *dmd = ctf_list_next(&dtd->dtd_u.dtu_members);
209 	size_t len;
210 
211 	for (; dmd != NULL; dmd = ctf_list_next(dmd)) {
212 		if (dmd->dmd_name == NULL)
213 			continue; /* skip anonymous members */
214 		len = strlen(dmd->dmd_name) + 1;
215 		bcopy(dmd->dmd_name, s, len);
216 		s += len;
217 	}
218 
219 	return (s);
220 }
221 
222 /*
223  * Only types of dyanmic CTF containers contain reference counts. These
224  * containers are marked RD/WR. Because of that we basically make this a no-op
225  * for compatability with non-dynamic CTF sections. This is also a no-op for
226  * types which are not dynamic types. It is the responsibility of the caller to
227  * make sure it is a valid type. We help that caller out on debug builds.
228  *
229  * Note that the reference counts are not maintained for types that are not
230  * within this container. In other words if we have a type in a parent, that
231  * will not have its reference count increased. On the flip side, the parent
232  * will not be allowed to remove dynamic types if it has children.
233  */
234 static void
235 ctf_ref_inc(ctf_file_t *fp, ctf_id_t tid)
236 {
237 	ctf_dtdef_t *dtd = ctf_dtd_lookup(fp, tid);
238 
239 	if (dtd == NULL)
240 		return;
241 
242 	if (!(fp->ctf_flags & LCTF_RDWR))
243 		return;
244 
245 	dtd->dtd_ref++;
246 }
247 
248 /*
249  * Just as with ctf_ref_inc, this is a no-op on non-writeable containers and the
250  * caller should ensure that this is already a valid type.
251  */
252 static void
253 ctf_ref_dec(ctf_file_t *fp, ctf_id_t tid)
254 {
255 	ctf_dtdef_t *dtd = ctf_dtd_lookup(fp, tid);
256 
257 	if (dtd == NULL)
258 		return;
259 
260 	if (!(fp->ctf_flags & LCTF_RDWR))
261 		return;
262 
263 	ASSERT(dtd->dtd_ref >= 1);
264 	dtd->dtd_ref--;
265 }
266 
267 /*
268  * If the specified CTF container is writable and has been modified, reload
269  * this container with the updated type definitions.  In order to make this
270  * code and the rest of libctf as simple as possible, we perform updates by
271  * taking the dynamic type definitions and creating an in-memory CTF file
272  * containing the definitions, and then call ctf_bufopen() on it.  This not
273  * only leverages ctf_bufopen(), but also avoids having to bifurcate the rest
274  * of the library code with different lookup paths for static and dynamic
275  * type definitions.  We are therefore optimizing greatly for lookup over
276  * update, which we assume will be an uncommon operation.  We perform one
277  * extra trick here for the benefit of callers and to keep our code simple:
278  * ctf_bufopen() will return a new ctf_file_t, but we want to keep the fp
279  * constant for the caller, so after ctf_bufopen() returns, we use bcopy to
280  * swap the interior of the old and new ctf_file_t's, and then free the old.
281  *
282  * Note that the lists of dynamic types stays around and the resulting container
283  * is still writeable. Furthermore, the reference counts that are on the dtd's
284  * are still valid.
285  */
286 int
287 ctf_update(ctf_file_t *fp)
288 {
289 	ctf_file_t ofp, *nfp;
290 	ctf_header_t hdr, *bhdr;
291 	ctf_dtdef_t *dtd;
292 	ctf_dsdef_t *dsd;
293 	ctf_dldef_t *dld;
294 	ctf_sect_t cts, *symp, *strp;
295 
296 	uchar_t *s, *s0, *t;
297 	ctf_lblent_t *label;
298 	uint16_t *obj, *func;
299 	size_t size, objsize, funcsize, labelsize, plen;
300 	void *buf;
301 	int err;
302 	ulong_t i;
303 	const char *plabel;
304 	const char *sname;
305 
306 	uintptr_t symbase = (uintptr_t)fp->ctf_symtab.cts_data;
307 	uintptr_t strbase = (uintptr_t)fp->ctf_strtab.cts_data;
308 
309 	if (!(fp->ctf_flags & LCTF_RDWR))
310 		return (ctf_set_errno(fp, ECTF_RDONLY));
311 
312 	if (!(fp->ctf_flags & LCTF_DIRTY))
313 		return (0); /* no update required */
314 
315 	/*
316 	 * Fill in an initial CTF header.  We will leave the label, object,
317 	 * and function sections empty and only output a header, type section,
318 	 * and string table.  The type section begins at a 4-byte aligned
319 	 * boundary past the CTF header itself (at relative offset zero).
320 	 */
321 	bzero(&hdr, sizeof (hdr));
322 	hdr.cth_magic = CTF_MAGIC;
323 	hdr.cth_version = CTF_VERSION;
324 
325 	if (fp->ctf_flags & LCTF_CHILD) {
326 		if (fp->ctf_parname == NULL) {
327 			plen = 0;
328 			hdr.cth_parname = 1; /* i.e. _CTF_STRTAB_TEMPLATE[1] */
329 			plabel = NULL;
330 		} else {
331 			plen = strlen(fp->ctf_parname) + 1;
332 			plabel = ctf_label_topmost(fp->ctf_parent);
333 		}
334 	} else {
335 		plabel = NULL;
336 		plen = 0;
337 	}
338 
339 	/*
340 	 * Iterate over the labels that we have.
341 	 */
342 	for (labelsize = 0, dld = ctf_list_next(&fp->ctf_dldefs);
343 	    dld != NULL; dld = ctf_list_next(dld))
344 		labelsize += sizeof (ctf_lblent_t);
345 
346 	/*
347 	 * Iterate through the dynamic type definition list and compute the
348 	 * size of the CTF type section we will need to generate.
349 	 */
350 	for (size = 0, dtd = ctf_list_next(&fp->ctf_dtdefs);
351 	    dtd != NULL; dtd = ctf_list_next(dtd)) {
352 
353 		uint_t kind = CTF_INFO_KIND(dtd->dtd_data.ctt_info);
354 		uint_t vlen = CTF_INFO_VLEN(dtd->dtd_data.ctt_info);
355 
356 		if (dtd->dtd_data.ctt_size != CTF_LSIZE_SENT)
357 			size += sizeof (ctf_stype_t);
358 		else
359 			size += sizeof (ctf_type_t);
360 
361 		switch (kind) {
362 		case CTF_K_INTEGER:
363 		case CTF_K_FLOAT:
364 			size += sizeof (uint_t);
365 			break;
366 		case CTF_K_ARRAY:
367 			size += sizeof (ctf_array_t);
368 			break;
369 		case CTF_K_FUNCTION:
370 			size += sizeof (ushort_t) * (vlen + (vlen & 1));
371 			break;
372 		case CTF_K_STRUCT:
373 		case CTF_K_UNION:
374 			if (dtd->dtd_data.ctt_size < CTF_LSTRUCT_THRESH)
375 				size += sizeof (ctf_member_t) * vlen;
376 			else
377 				size += sizeof (ctf_lmember_t) * vlen;
378 			break;
379 		case CTF_K_ENUM:
380 			size += sizeof (ctf_enum_t) * vlen;
381 			break;
382 		}
383 	}
384 
385 	/*
386 	 * An entry for each object must exist in the data section. However, if
387 	 * the symbol is SHN_UNDEF, then it is skipped. For objects, the storage
388 	 * is just the size of the 2-byte id. For functions it's always 2 bytes,
389 	 * plus 2 bytes per argument and the return type.
390 	 */
391 	dsd = ctf_list_next(&fp->ctf_dsdefs);
392 	for (objsize = 0, funcsize = 0, i = 0; i < fp->ctf_nsyms; i++) {
393 		int type;
394 
395 		if (fp->ctf_symtab.cts_entsize == sizeof (Elf32_Sym)) {
396 			const Elf32_Sym *symp = (Elf32_Sym *)symbase + i;
397 
398 			type = ELF32_ST_TYPE(symp->st_info);
399 			if (ctf_sym_valid(strbase, type, symp->st_shndx,
400 			    symp->st_value, symp->st_name) == B_FALSE)
401 				continue;
402 		} else {
403 			const Elf64_Sym *symp = (Elf64_Sym *)symbase + i;
404 
405 			type = ELF64_ST_TYPE(symp->st_info);
406 			if (ctf_sym_valid(strbase, type, symp->st_shndx,
407 			    symp->st_value, symp->st_name) == B_FALSE)
408 				continue;
409 		}
410 
411 		while (dsd != NULL && i > dsd->dsd_symidx)
412 			dsd = ctf_list_next(dsd);
413 		if (type == STT_OBJECT) {
414 			objsize += sizeof (uint16_t);
415 		} else {
416 			/* Every function has a uint16_t info no matter what */
417 			if (dsd == NULL || i < dsd->dsd_symidx) {
418 				funcsize += sizeof (uint16_t);
419 			} else {
420 				funcsize += sizeof (uint16_t) *
421 				    (dsd->dsd_nargs + 2);
422 			}
423 		}
424 	}
425 
426 	/*
427 	 * The objtoff and funcoffset must be 2-byte aligned. We're guaranteed
428 	 * that this is always true for the objtoff because labels are always 8
429 	 * bytes large. Similarly, because objects are always two bytes of data,
430 	 * this will always be true for funcoff.
431 	 */
432 	hdr.cth_objtoff = hdr.cth_lbloff + labelsize;
433 	hdr.cth_funcoff = hdr.cth_objtoff + objsize;
434 
435 	/*
436 	 * The type offset must be 4 byte aligned.
437 	 */
438 	hdr.cth_typeoff = hdr.cth_funcoff + funcsize;
439 	if (hdr.cth_typeoff & 3)
440 		hdr.cth_typeoff += 4 - (hdr.cth_typeoff & 3);
441 	ASSERT((hdr.cth_typeoff & 3) == 0);
442 
443 	/*
444 	 * Fill in the string table offset and size, compute the size of the
445 	 * entire CTF buffer we need, and then allocate a new buffer and
446 	 * bcopy the finished header to the start of the buffer.
447 	 */
448 	hdr.cth_stroff = hdr.cth_typeoff + size;
449 	hdr.cth_strlen = fp->ctf_dtstrlen + plen;
450 	size = sizeof (ctf_header_t) + hdr.cth_stroff + hdr.cth_strlen;
451 	ctf_dprintf("lbloff: %u\nobjtoff: %u\nfuncoff: %u\n"
452 	    "typeoff: %u\nstroff: %u\nstrlen: %u\n",
453 	    hdr.cth_lbloff, hdr.cth_objtoff, hdr.cth_funcoff,
454 	    hdr.cth_typeoff, hdr.cth_stroff, hdr.cth_strlen);
455 
456 	if ((buf = ctf_data_alloc(size)) == MAP_FAILED)
457 		return (ctf_set_errno(fp, EAGAIN));
458 
459 	bcopy(&hdr, buf, sizeof (ctf_header_t));
460 	bhdr = buf;
461 	label = (ctf_lblent_t *)((uintptr_t)buf + sizeof (ctf_header_t));
462 	t = (uchar_t *)buf + sizeof (ctf_header_t) + hdr.cth_typeoff;
463 	s = s0 = (uchar_t *)buf + sizeof (ctf_header_t) + hdr.cth_stroff;
464 	obj = (uint16_t *)((uintptr_t)buf + sizeof (ctf_header_t) +
465 	    hdr.cth_objtoff);
466 	func = (uint16_t *)((uintptr_t)buf + sizeof (ctf_header_t) +
467 	    hdr.cth_funcoff);
468 
469 	bcopy(_CTF_STRTAB_TEMPLATE, s, sizeof (_CTF_STRTAB_TEMPLATE));
470 	s += sizeof (_CTF_STRTAB_TEMPLATE);
471 
472 	/*
473 	 * We have an actual parent name and we're a child container, therefore
474 	 * we should make sure to note our parent's name here.
475 	 */
476 	if (plen != 0) {
477 		VERIFY(s + plen - s0 <= hdr.cth_strlen);
478 		bcopy(fp->ctf_parname, s, plen);
479 		bhdr->cth_parname = s - s0;
480 		s += plen;
481 	}
482 
483 	/*
484 	 * First pass over the labels and copy them out.
485 	 */
486 	for (dld = ctf_list_next(&fp->ctf_dldefs); dld != NULL;
487 	    dld = ctf_list_next(dld), label++) {
488 		size_t len = strlen(dld->dld_name) + 1;
489 
490 		VERIFY(s + len - s0 <= hdr.cth_strlen);
491 		bcopy(dld->dld_name, s, len);
492 		label->ctl_typeidx = dld->dld_type;
493 		label->ctl_label = s - s0;
494 		s += len;
495 
496 		if (plabel != NULL && strcmp(plabel, dld->dld_name) == 0)
497 			bhdr->cth_parlabel = label->ctl_label;
498 	}
499 
500 	/*
501 	 * We now take a final lap through the dynamic type definition list and
502 	 * copy the appropriate type records and strings to the output buffer.
503 	 */
504 	for (dtd = ctf_list_next(&fp->ctf_dtdefs);
505 	    dtd != NULL; dtd = ctf_list_next(dtd)) {
506 
507 		uint_t kind = CTF_INFO_KIND(dtd->dtd_data.ctt_info);
508 		uint_t vlen = CTF_INFO_VLEN(dtd->dtd_data.ctt_info);
509 
510 		ctf_array_t cta;
511 		uint_t encoding;
512 		size_t len;
513 
514 		if (dtd->dtd_name != NULL) {
515 			dtd->dtd_data.ctt_name = (uint_t)(s - s0);
516 			len = strlen(dtd->dtd_name) + 1;
517 			VERIFY(s + len - s0 <= hdr.cth_strlen);
518 			bcopy(dtd->dtd_name, s, len);
519 			s += len;
520 		} else
521 			dtd->dtd_data.ctt_name = 0;
522 
523 		if (dtd->dtd_data.ctt_size != CTF_LSIZE_SENT)
524 			len = sizeof (ctf_stype_t);
525 		else
526 			len = sizeof (ctf_type_t);
527 
528 		bcopy(&dtd->dtd_data, t, len);
529 		t += len;
530 
531 		switch (kind) {
532 		case CTF_K_INTEGER:
533 		case CTF_K_FLOAT:
534 			if (kind == CTF_K_INTEGER) {
535 				encoding = CTF_INT_DATA(
536 				    dtd->dtd_u.dtu_enc.cte_format,
537 				    dtd->dtd_u.dtu_enc.cte_offset,
538 				    dtd->dtd_u.dtu_enc.cte_bits);
539 			} else {
540 				encoding = CTF_FP_DATA(
541 				    dtd->dtd_u.dtu_enc.cte_format,
542 				    dtd->dtd_u.dtu_enc.cte_offset,
543 				    dtd->dtd_u.dtu_enc.cte_bits);
544 			}
545 			bcopy(&encoding, t, sizeof (encoding));
546 			t += sizeof (encoding);
547 			break;
548 
549 		case CTF_K_ARRAY:
550 			cta.cta_contents = (ushort_t)
551 			    dtd->dtd_u.dtu_arr.ctr_contents;
552 			cta.cta_index = (ushort_t)
553 			    dtd->dtd_u.dtu_arr.ctr_index;
554 			cta.cta_nelems = dtd->dtd_u.dtu_arr.ctr_nelems;
555 			bcopy(&cta, t, sizeof (cta));
556 			t += sizeof (cta);
557 			break;
558 
559 		case CTF_K_FUNCTION: {
560 			ushort_t *argv = (ushort_t *)(uintptr_t)t;
561 			uint_t argc;
562 
563 			for (argc = 0; argc < vlen; argc++)
564 				*argv++ = (ushort_t)dtd->dtd_u.dtu_argv[argc];
565 
566 			if (vlen & 1)
567 				*argv++ = 0; /* pad to 4-byte boundary */
568 
569 			t = (uchar_t *)argv;
570 			break;
571 		}
572 
573 		case CTF_K_STRUCT:
574 		case CTF_K_UNION:
575 			if (dtd->dtd_data.ctt_size < CTF_LSTRUCT_THRESH)
576 				t = ctf_copy_smembers(dtd, (uint_t)(s - s0), t);
577 			else
578 				t = ctf_copy_lmembers(dtd, (uint_t)(s - s0), t);
579 			s = ctf_copy_membnames(dtd, s);
580 			break;
581 
582 		case CTF_K_ENUM:
583 			t = ctf_copy_emembers(dtd, (uint_t)(s - s0), t);
584 			s = ctf_copy_membnames(dtd, s);
585 			break;
586 		}
587 	}
588 
589 	/*
590 	 * Now we fill in our dynamic data and function sections. We use the
591 	 * same criteria as above, but also consult the dsd list.
592 	 */
593 	dsd = ctf_list_next(&fp->ctf_dsdefs);
594 	for (i = 0; i < fp->ctf_nsyms; i++) {
595 		int type;
596 		if (fp->ctf_symtab.cts_entsize == sizeof (Elf32_Sym)) {
597 			const Elf32_Sym *symp = (Elf32_Sym *)symbase + i;
598 			type = ELF32_ST_TYPE(symp->st_info);
599 
600 			if (ctf_sym_valid(strbase, type, symp->st_shndx,
601 			    symp->st_value, symp->st_name) == B_FALSE)
602 				continue;
603 		} else {
604 			const Elf64_Sym *symp = (Elf64_Sym *)symbase + i;
605 			type = ELF64_ST_TYPE(symp->st_info);
606 			if (ctf_sym_valid(strbase, type, symp->st_shndx,
607 			    symp->st_value, symp->st_name) == B_FALSE)
608 				continue;
609 		}
610 
611 		while (dsd != NULL && i > dsd->dsd_symidx) {
612 			dsd = ctf_list_next(dsd);
613 		}
614 		if (type == STT_OBJECT) {
615 			if (dsd == NULL || i < dsd->dsd_symidx) {
616 				*obj = 0;
617 			} else {
618 				*obj = dsd->dsd_tid;
619 			}
620 			obj++;
621 			VERIFY((uintptr_t)obj <= (uintptr_t)func);
622 		} else {
623 			if (dsd == NULL || i < dsd->dsd_symidx) {
624 				ushort_t data = CTF_TYPE_INFO(CTF_K_UNKNOWN,
625 				    0, 0);
626 				*func = data;
627 				func++;
628 			} else {
629 				int j;
630 				ushort_t data = CTF_TYPE_INFO(CTF_K_FUNCTION, 0,
631 				    dsd->dsd_nargs);
632 
633 				*func = data;
634 				func++;
635 				*func = dsd->dsd_tid;
636 				func++;
637 				for (j = 0; j < dsd->dsd_nargs; j++)
638 					func[j] = dsd->dsd_argc[j];
639 				func += dsd->dsd_nargs;
640 			}
641 		}
642 	}
643 
644 	/*
645 	 * Finally, we are ready to ctf_bufopen() the new container.  If this
646 	 * is successful, we then switch nfp and fp and free the old container.
647 	 */
648 	ctf_data_protect(buf, size);
649 	cts.cts_name = _CTF_SECTION;
650 	cts.cts_type = SHT_PROGBITS;
651 	cts.cts_flags = 0;
652 	cts.cts_data = buf;
653 	cts.cts_size = size;
654 	cts.cts_entsize = 1;
655 	cts.cts_offset = 0;
656 
657 	if (fp->ctf_nsyms == 0) {
658 		symp = NULL;
659 		strp = NULL;
660 	} else {
661 		symp = &fp->ctf_symtab;
662 		strp = &fp->ctf_strtab;
663 	}
664 
665 	if ((nfp = ctf_bufopen(&cts, symp, strp, &err)) == NULL) {
666 		ctf_data_free(buf, size);
667 		return (ctf_set_errno(fp, err));
668 	}
669 
670 	(void) ctf_setmodel(nfp, ctf_getmodel(fp));
671 	(void) ctf_import(nfp, fp->ctf_parent);
672 
673 	nfp->ctf_refcnt = fp->ctf_refcnt;
674 	nfp->ctf_flags |= fp->ctf_flags & ~LCTF_DIRTY;
675 	nfp->ctf_flags |= LCTF_FREE;
676 	nfp->ctf_dthash = fp->ctf_dthash;
677 	nfp->ctf_dthashlen = fp->ctf_dthashlen;
678 	nfp->ctf_dtdefs = fp->ctf_dtdefs;
679 	nfp->ctf_dsdefs = fp->ctf_dsdefs;
680 	nfp->ctf_dldefs = fp->ctf_dldefs;
681 	nfp->ctf_dtstrlen = fp->ctf_dtstrlen;
682 	nfp->ctf_dtnextid = fp->ctf_dtnextid;
683 	nfp->ctf_dtoldid = fp->ctf_dtnextid - 1;
684 	nfp->ctf_specific = fp->ctf_specific;
685 
686 	fp->ctf_dthash = NULL;
687 	fp->ctf_dthashlen = 0;
688 	bzero(&fp->ctf_dtdefs, sizeof (ctf_list_t));
689 	bzero(&fp->ctf_dsdefs, sizeof (ctf_list_t));
690 	bzero(&fp->ctf_dldefs, sizeof (ctf_list_t));
691 
692 	/*
693 	 * Because the various containers share the data sections, we don't want
694 	 * to have ctf_close free it all. However, the name of the section is in
695 	 * fact unique to the ctf_sect_t. Thus we save the names of the symbol
696 	 * and string sections around the bzero() and restore them afterwards,
697 	 * ensuring that we don't result in a memory leak.
698 	 */
699 	sname = fp->ctf_symtab.cts_name;
700 	bzero(&fp->ctf_symtab, sizeof (ctf_sect_t));
701 	fp->ctf_symtab.cts_name = sname;
702 
703 	sname = fp->ctf_strtab.cts_name;
704 	bzero(&fp->ctf_strtab, sizeof (ctf_sect_t));
705 	fp->ctf_strtab.cts_name = sname;
706 
707 	bcopy(fp, &ofp, sizeof (ctf_file_t));
708 	bcopy(nfp, fp, sizeof (ctf_file_t));
709 	bcopy(&ofp, nfp, sizeof (ctf_file_t));
710 
711 	/*
712 	 * Initialize the ctf_lookup_by_name top-level dictionary.  We keep an
713 	 * array of type name prefixes and the corresponding ctf_hash to use.
714 	 * NOTE: This code must be kept in sync with the code in ctf_bufopen().
715 	 */
716 	fp->ctf_lookups[0].ctl_hash = &fp->ctf_structs;
717 	fp->ctf_lookups[1].ctl_hash = &fp->ctf_unions;
718 	fp->ctf_lookups[2].ctl_hash = &fp->ctf_enums;
719 	fp->ctf_lookups[3].ctl_hash = &fp->ctf_names;
720 
721 	nfp->ctf_refcnt = 1; /* force nfp to be freed */
722 	ctf_close(nfp);
723 
724 	return (0);
725 }
726 
727 void
728 ctf_dtd_insert(ctf_file_t *fp, ctf_dtdef_t *dtd)
729 {
730 	ulong_t h = dtd->dtd_type & (fp->ctf_dthashlen - 1);
731 
732 	dtd->dtd_hash = fp->ctf_dthash[h];
733 	fp->ctf_dthash[h] = dtd;
734 	ctf_list_append(&fp->ctf_dtdefs, dtd);
735 }
736 
737 void
738 ctf_dtd_delete(ctf_file_t *fp, ctf_dtdef_t *dtd)
739 {
740 	ulong_t h = dtd->dtd_type & (fp->ctf_dthashlen - 1);
741 	ctf_dtdef_t *p, **q = &fp->ctf_dthash[h];
742 	ctf_dmdef_t *dmd, *nmd;
743 	size_t len;
744 	int kind, i;
745 
746 	for (p = *q; p != NULL; p = p->dtd_hash) {
747 		if (p != dtd)
748 			q = &p->dtd_hash;
749 		else
750 			break;
751 	}
752 
753 	if (p != NULL)
754 		*q = p->dtd_hash;
755 
756 	kind = CTF_INFO_KIND(dtd->dtd_data.ctt_info);
757 	switch (kind) {
758 	case CTF_K_STRUCT:
759 	case CTF_K_UNION:
760 	case CTF_K_ENUM:
761 		for (dmd = ctf_list_next(&dtd->dtd_u.dtu_members);
762 		    dmd != NULL; dmd = nmd) {
763 			if (dmd->dmd_name != NULL) {
764 				len = strlen(dmd->dmd_name) + 1;
765 				ctf_free(dmd->dmd_name, len);
766 				fp->ctf_dtstrlen -= len;
767 			}
768 			if (kind != CTF_K_ENUM)
769 				ctf_ref_dec(fp, dmd->dmd_type);
770 			nmd = ctf_list_next(dmd);
771 			ctf_free(dmd, sizeof (ctf_dmdef_t));
772 		}
773 		break;
774 	case CTF_K_FUNCTION:
775 		ctf_ref_dec(fp, dtd->dtd_data.ctt_type);
776 		for (i = 0; i < CTF_INFO_VLEN(dtd->dtd_data.ctt_info); i++)
777 			if (dtd->dtd_u.dtu_argv[i] != 0)
778 				ctf_ref_dec(fp, dtd->dtd_u.dtu_argv[i]);
779 		ctf_free(dtd->dtd_u.dtu_argv, sizeof (ctf_id_t) *
780 		    CTF_INFO_VLEN(dtd->dtd_data.ctt_info));
781 		break;
782 	case CTF_K_ARRAY:
783 		ctf_ref_dec(fp, dtd->dtd_u.dtu_arr.ctr_contents);
784 		ctf_ref_dec(fp, dtd->dtd_u.dtu_arr.ctr_index);
785 		break;
786 	case CTF_K_TYPEDEF:
787 		ctf_ref_dec(fp, dtd->dtd_data.ctt_type);
788 		break;
789 	case CTF_K_POINTER:
790 	case CTF_K_VOLATILE:
791 	case CTF_K_CONST:
792 	case CTF_K_RESTRICT:
793 		ctf_ref_dec(fp, dtd->dtd_data.ctt_type);
794 		break;
795 	}
796 
797 	if (dtd->dtd_name) {
798 		len = strlen(dtd->dtd_name) + 1;
799 		ctf_free(dtd->dtd_name, len);
800 		fp->ctf_dtstrlen -= len;
801 	}
802 
803 	ctf_list_delete(&fp->ctf_dtdefs, dtd);
804 	ctf_free(dtd, sizeof (ctf_dtdef_t));
805 }
806 
807 ctf_dtdef_t *
808 ctf_dtd_lookup(ctf_file_t *fp, ctf_id_t type)
809 {
810 	ulong_t h = type & (fp->ctf_dthashlen - 1);
811 	ctf_dtdef_t *dtd;
812 
813 	if (fp->ctf_dthash == NULL)
814 		return (NULL);
815 
816 	for (dtd = fp->ctf_dthash[h]; dtd != NULL; dtd = dtd->dtd_hash) {
817 		if (dtd->dtd_type == type)
818 			break;
819 	}
820 
821 	return (dtd);
822 }
823 
824 ctf_dsdef_t *
825 ctf_dsd_lookup(ctf_file_t *fp, ulong_t idx)
826 {
827 	ctf_dsdef_t *dsd;
828 
829 	for (dsd = ctf_list_next(&fp->ctf_dsdefs); dsd != NULL;
830 	    dsd = ctf_list_next(dsd)) {
831 		if (dsd->dsd_symidx == idx)
832 			return (dsd);
833 	}
834 
835 	return (NULL);
836 }
837 
838 /*
839  * We order the ctf_dsdef_t by symbol index to make things better for updates.
840  */
841 void
842 ctf_dsd_insert(ctf_file_t *fp, ctf_dsdef_t *dsd)
843 {
844 	ctf_dsdef_t *i;
845 
846 	for (i = ctf_list_next(&fp->ctf_dsdefs); i != NULL;
847 	    i = ctf_list_next(i)) {
848 		if (i->dsd_symidx > dsd->dsd_symidx)
849 			break;
850 	}
851 
852 	if (i == NULL) {
853 		ctf_list_append(&fp->ctf_dsdefs, dsd);
854 		return;
855 	}
856 
857 	ctf_list_insert_before(&fp->ctf_dsdefs, i, dsd);
858 }
859 
860 /* ARGSUSED */
861 void
862 ctf_dsd_delete(ctf_file_t *fp, ctf_dsdef_t *dsd)
863 {
864 	if (dsd->dsd_nargs > 0)
865 		ctf_free(dsd->dsd_argc,
866 		    sizeof (ctf_id_t) * dsd->dsd_nargs);
867 	ctf_list_delete(&fp->ctf_dsdefs, dsd);
868 	ctf_free(dsd, sizeof (ctf_dsdef_t));
869 }
870 
871 ctf_dldef_t *
872 ctf_dld_lookup(ctf_file_t *fp, const char *name)
873 {
874 	ctf_dldef_t *dld;
875 
876 	for (dld = ctf_list_next(&fp->ctf_dldefs); dld != NULL;
877 	    dld = ctf_list_next(dld)) {
878 		if (strcmp(name, dld->dld_name) == 0)
879 			return (dld);
880 	}
881 
882 	return (NULL);
883 }
884 
885 void
886 ctf_dld_insert(ctf_file_t *fp, ctf_dldef_t *dld, uint_t pos)
887 {
888 	ctf_dldef_t *l;
889 
890 	if (pos == 0) {
891 		ctf_list_prepend(&fp->ctf_dldefs, dld);
892 		return;
893 	}
894 
895 	for (l = ctf_list_next(&fp->ctf_dldefs); pos != 0 && dld != NULL;
896 	    l = ctf_list_next(l), pos--)
897 		;
898 
899 	if (l == NULL)
900 		ctf_list_append(&fp->ctf_dldefs, dld);
901 	else
902 		ctf_list_insert_before(&fp->ctf_dsdefs, l, dld);
903 }
904 
905 void
906 ctf_dld_delete(ctf_file_t *fp, ctf_dldef_t *dld)
907 {
908 	ctf_list_delete(&fp->ctf_dldefs, dld);
909 
910 	if (dld->dld_name != NULL) {
911 		size_t len = strlen(dld->dld_name) + 1;
912 		ctf_free(dld->dld_name, len);
913 		fp->ctf_dtstrlen -= len;
914 	}
915 
916 	ctf_free(dld, sizeof (ctf_dldef_t));
917 }
918 
919 /*
920  * Discard all of the dynamic type definitions that have been added to the
921  * container since the last call to ctf_update().  We locate such types by
922  * scanning the list and deleting elements that have type IDs greater than
923  * ctf_dtoldid, which is set by ctf_update(), above. Note that to work properly
924  * with our reference counting schemes, we must delete the dynamic list in
925  * reverse.
926  */
927 int
928 ctf_discard(ctf_file_t *fp)
929 {
930 	ctf_dtdef_t *dtd, *ntd;
931 
932 	if (!(fp->ctf_flags & LCTF_RDWR))
933 		return (ctf_set_errno(fp, ECTF_RDONLY));
934 
935 	if (!(fp->ctf_flags & LCTF_DIRTY))
936 		return (0); /* no update required */
937 
938 	for (dtd = ctf_list_prev(&fp->ctf_dtdefs); dtd != NULL; dtd = ntd) {
939 		ntd = ctf_list_prev(dtd);
940 		if (dtd->dtd_type <= fp->ctf_dtoldid)
941 			continue; /* skip types that have been committed */
942 
943 		ctf_dtd_delete(fp, dtd);
944 	}
945 
946 	fp->ctf_dtnextid = fp->ctf_dtoldid + 1;
947 	fp->ctf_flags &= ~LCTF_DIRTY;
948 
949 	return (0);
950 }
951 
952 static ctf_id_t
953 ctf_add_generic(ctf_file_t *fp, uint_t flag, const char *name, ctf_dtdef_t **rp)
954 {
955 	ctf_dtdef_t *dtd;
956 	ctf_id_t type;
957 	char *s = NULL;
958 
959 	if (flag != CTF_ADD_NONROOT && flag != CTF_ADD_ROOT)
960 		return (ctf_set_errno(fp, EINVAL));
961 
962 	if (!(fp->ctf_flags & LCTF_RDWR))
963 		return (ctf_set_errno(fp, ECTF_RDONLY));
964 
965 	if (CTF_INDEX_TO_TYPE(fp->ctf_dtnextid, 1) > CTF_MAX_TYPE)
966 		return (ctf_set_errno(fp, ECTF_FULL));
967 
968 	if ((dtd = ctf_alloc(sizeof (ctf_dtdef_t))) == NULL)
969 		return (ctf_set_errno(fp, EAGAIN));
970 
971 	if (name != NULL && (s = ctf_strdup(name)) == NULL) {
972 		ctf_free(dtd, sizeof (ctf_dtdef_t));
973 		return (ctf_set_errno(fp, EAGAIN));
974 	}
975 
976 	type = fp->ctf_dtnextid++;
977 	type = CTF_INDEX_TO_TYPE(type, (fp->ctf_flags & LCTF_CHILD));
978 
979 	bzero(dtd, sizeof (ctf_dtdef_t));
980 	dtd->dtd_name = s;
981 	dtd->dtd_type = type;
982 
983 	if (s != NULL)
984 		fp->ctf_dtstrlen += strlen(s) + 1;
985 
986 	ctf_dtd_insert(fp, dtd);
987 	fp->ctf_flags |= LCTF_DIRTY;
988 
989 	*rp = dtd;
990 	return (type);
991 }
992 
993 ctf_id_t
994 ctf_add_encoded(ctf_file_t *fp, uint_t flag,
995     const char *name, const ctf_encoding_t *ep, uint_t kind)
996 {
997 	ctf_dtdef_t *dtd;
998 	ctf_id_t type;
999 
1000 	if (ep == NULL)
1001 		return (ctf_set_errno(fp, EINVAL));
1002 
1003 	if ((type = ctf_add_generic(fp, flag, name, &dtd)) == CTF_ERR)
1004 		return (CTF_ERR); /* errno is set for us */
1005 
1006 	dtd->dtd_data.ctt_info = CTF_TYPE_INFO(kind, flag, 0);
1007 
1008 	/*
1009 	 * If the type's size is not an even number of bytes, then we should
1010 	 * round up the type size to the nearest byte.
1011 	 */
1012 	dtd->dtd_data.ctt_size = ep->cte_bits / NBBY;
1013 	if ((ep->cte_bits % NBBY) != 0)
1014 		dtd->dtd_data.ctt_size++;
1015 	dtd->dtd_u.dtu_enc = *ep;
1016 
1017 	return (type);
1018 }
1019 
1020 ctf_id_t
1021 ctf_add_reftype(ctf_file_t *fp, uint_t flag,
1022     const char *name, ctf_id_t ref, uint_t kind)
1023 {
1024 	ctf_dtdef_t *dtd;
1025 	ctf_id_t type;
1026 
1027 	if (ref == CTF_ERR || ref < 0 || ref > CTF_MAX_TYPE)
1028 		return (ctf_set_errno(fp, EINVAL));
1029 
1030 	if ((type = ctf_add_generic(fp, flag, name, &dtd)) == CTF_ERR)
1031 		return (CTF_ERR); /* errno is set for us */
1032 
1033 	ctf_ref_inc(fp, ref);
1034 
1035 	dtd->dtd_data.ctt_info = CTF_TYPE_INFO(kind, flag, 0);
1036 	dtd->dtd_data.ctt_type = (ushort_t)ref;
1037 
1038 	return (type);
1039 }
1040 
1041 ctf_id_t
1042 ctf_add_integer(ctf_file_t *fp, uint_t flag,
1043     const char *name, const ctf_encoding_t *ep)
1044 {
1045 	return (ctf_add_encoded(fp, flag, name, ep, CTF_K_INTEGER));
1046 }
1047 
1048 ctf_id_t
1049 ctf_add_float(ctf_file_t *fp, uint_t flag,
1050     const char *name, const ctf_encoding_t *ep)
1051 {
1052 	return (ctf_add_encoded(fp, flag, name, ep, CTF_K_FLOAT));
1053 }
1054 
1055 ctf_id_t
1056 ctf_add_pointer(ctf_file_t *fp, uint_t flag, const char *name, ctf_id_t ref)
1057 {
1058 	return (ctf_add_reftype(fp, flag, name, ref, CTF_K_POINTER));
1059 }
1060 
1061 ctf_id_t
1062 ctf_add_array(ctf_file_t *fp, uint_t flag, const ctf_arinfo_t *arp)
1063 {
1064 	ctf_dtdef_t *dtd;
1065 	ctf_id_t type;
1066 	ctf_file_t *fpd;
1067 
1068 	if (arp == NULL)
1069 		return (ctf_set_errno(fp, EINVAL));
1070 
1071 	fpd = fp;
1072 	if (ctf_lookup_by_id(&fpd, arp->ctr_contents) == NULL &&
1073 	    ctf_dtd_lookup(fp, arp->ctr_contents) == NULL) {
1074 		ctf_dprintf("bad contents for array: %ld\n",
1075 		    arp->ctr_contents);
1076 		return (ctf_set_errno(fp, ECTF_BADID));
1077 	}
1078 
1079 	fpd = fp;
1080 	if (ctf_lookup_by_id(&fpd, arp->ctr_index) == NULL &&
1081 	    ctf_dtd_lookup(fp, arp->ctr_index) == NULL) {
1082 		ctf_dprintf("bad index for array: %ld\n", arp->ctr_index);
1083 		return (ctf_set_errno(fp, ECTF_BADID));
1084 	}
1085 
1086 	if ((type = ctf_add_generic(fp, flag, NULL, &dtd)) == CTF_ERR)
1087 		return (CTF_ERR); /* errno is set for us */
1088 
1089 	dtd->dtd_data.ctt_info = CTF_TYPE_INFO(CTF_K_ARRAY, flag, 0);
1090 	dtd->dtd_data.ctt_size = 0;
1091 	dtd->dtd_u.dtu_arr = *arp;
1092 	ctf_ref_inc(fp, arp->ctr_contents);
1093 	ctf_ref_inc(fp, arp->ctr_index);
1094 
1095 	return (type);
1096 }
1097 
1098 int
1099 ctf_set_array(ctf_file_t *fp, ctf_id_t type, const ctf_arinfo_t *arp)
1100 {
1101 	ctf_file_t *fpd;
1102 	ctf_dtdef_t *dtd = ctf_dtd_lookup(fp, type);
1103 
1104 	if (!(fp->ctf_flags & LCTF_RDWR))
1105 		return (ctf_set_errno(fp, ECTF_RDONLY));
1106 
1107 	if (dtd == NULL || CTF_INFO_KIND(dtd->dtd_data.ctt_info) != CTF_K_ARRAY)
1108 		return (ctf_set_errno(fp, ECTF_BADID));
1109 
1110 	fpd = fp;
1111 	if (ctf_lookup_by_id(&fpd, arp->ctr_contents) == NULL &&
1112 	    ctf_dtd_lookup(fp, arp->ctr_contents) == NULL)
1113 		return (ctf_set_errno(fp, ECTF_BADID));
1114 
1115 	fpd = fp;
1116 	if (ctf_lookup_by_id(&fpd, arp->ctr_index) == NULL &&
1117 	    ctf_dtd_lookup(fp, arp->ctr_index) == NULL)
1118 		return (ctf_set_errno(fp, ECTF_BADID));
1119 
1120 	ctf_ref_dec(fp, dtd->dtd_u.dtu_arr.ctr_contents);
1121 	ctf_ref_dec(fp, dtd->dtd_u.dtu_arr.ctr_index);
1122 	fp->ctf_flags |= LCTF_DIRTY;
1123 	dtd->dtd_u.dtu_arr = *arp;
1124 	ctf_ref_inc(fp, arp->ctr_contents);
1125 	ctf_ref_inc(fp, arp->ctr_index);
1126 
1127 	return (0);
1128 }
1129 
1130 ctf_id_t
1131 ctf_add_funcptr(ctf_file_t *fp, uint_t flag,
1132     const ctf_funcinfo_t *ctc, const ctf_id_t *argv)
1133 {
1134 	ctf_dtdef_t *dtd;
1135 	ctf_id_t type;
1136 	uint_t vlen;
1137 	int i;
1138 	ctf_id_t *vdat = NULL;
1139 	ctf_file_t *fpd;
1140 
1141 	if (ctc == NULL || (ctc->ctc_flags & ~CTF_FUNC_VARARG) != 0 ||
1142 	    (ctc->ctc_argc != 0 && argv == NULL))
1143 		return (ctf_set_errno(fp, EINVAL));
1144 
1145 	vlen = ctc->ctc_argc;
1146 	if (ctc->ctc_flags & CTF_FUNC_VARARG)
1147 		vlen++; /* add trailing zero to indicate varargs (see below) */
1148 
1149 	if (vlen > CTF_MAX_VLEN)
1150 		return (ctf_set_errno(fp, EOVERFLOW));
1151 
1152 	fpd = fp;
1153 	if (ctf_lookup_by_id(&fpd, ctc->ctc_return) == NULL &&
1154 	    ctf_dtd_lookup(fp, ctc->ctc_return) == NULL)
1155 		return (ctf_set_errno(fp, ECTF_BADID));
1156 
1157 	for (i = 0; i < ctc->ctc_argc; i++) {
1158 		fpd = fp;
1159 		if (ctf_lookup_by_id(&fpd, argv[i]) == NULL &&
1160 		    ctf_dtd_lookup(fp, argv[i]) == NULL)
1161 			return (ctf_set_errno(fp, ECTF_BADID));
1162 	}
1163 
1164 	if (vlen != 0 && (vdat = ctf_alloc(sizeof (ctf_id_t) * vlen)) == NULL)
1165 		return (ctf_set_errno(fp, EAGAIN));
1166 
1167 	if ((type = ctf_add_generic(fp, flag, NULL, &dtd)) == CTF_ERR) {
1168 		ctf_free(vdat, sizeof (ctf_id_t) * vlen);
1169 		return (CTF_ERR); /* errno is set for us */
1170 	}
1171 
1172 	dtd->dtd_data.ctt_info = CTF_TYPE_INFO(CTF_K_FUNCTION, flag, vlen);
1173 	dtd->dtd_data.ctt_type = (ushort_t)ctc->ctc_return;
1174 
1175 	ctf_ref_inc(fp, ctc->ctc_return);
1176 	for (i = 0; i < ctc->ctc_argc; i++)
1177 		ctf_ref_inc(fp, argv[i]);
1178 
1179 	bcopy(argv, vdat, sizeof (ctf_id_t) * ctc->ctc_argc);
1180 	if (ctc->ctc_flags & CTF_FUNC_VARARG)
1181 		vdat[vlen - 1] = 0; /* add trailing zero to indicate varargs */
1182 	dtd->dtd_u.dtu_argv = vdat;
1183 
1184 	return (type);
1185 }
1186 
1187 ctf_id_t
1188 ctf_add_struct(ctf_file_t *fp, uint_t flag, const char *name)
1189 {
1190 	ctf_hash_t *hp = &fp->ctf_structs;
1191 	ctf_helem_t *hep = NULL;
1192 	ctf_dtdef_t *dtd = NULL;
1193 	ctf_id_t type = CTF_ERR;
1194 
1195 	if (name != NULL)
1196 		hep = ctf_hash_lookup(hp, fp, name, strlen(name));
1197 
1198 	if (hep != NULL && ctf_type_kind(fp, hep->h_type) == CTF_K_FORWARD) {
1199 		type = hep->h_type;
1200 		dtd = ctf_dtd_lookup(fp, type);
1201 		if (CTF_INFO_KIND(dtd->dtd_data.ctt_info) != CTF_K_FORWARD)
1202 			dtd = NULL;
1203 	}
1204 
1205 	if (dtd == NULL) {
1206 		type = ctf_add_generic(fp, flag, name, &dtd);
1207 		if (type == CTF_ERR)
1208 			return (CTF_ERR); /* errno is set for us */
1209 	}
1210 
1211 	VERIFY(type != CTF_ERR);
1212 	dtd->dtd_data.ctt_info = CTF_TYPE_INFO(CTF_K_STRUCT, flag, 0);
1213 	dtd->dtd_data.ctt_size = 0;
1214 
1215 	/*
1216 	 * Always dirty in case we modified a forward.
1217 	 */
1218 	fp->ctf_flags |= LCTF_DIRTY;
1219 
1220 	return (type);
1221 }
1222 
1223 ctf_id_t
1224 ctf_add_union(ctf_file_t *fp, uint_t flag, const char *name)
1225 {
1226 	ctf_hash_t *hp = &fp->ctf_unions;
1227 	ctf_helem_t *hep = NULL;
1228 	ctf_dtdef_t *dtd = NULL;
1229 	ctf_id_t type = CTF_ERR;
1230 
1231 	if (name != NULL)
1232 		hep = ctf_hash_lookup(hp, fp, name, strlen(name));
1233 
1234 	if (hep != NULL && ctf_type_kind(fp, hep->h_type) == CTF_K_FORWARD) {
1235 		type = hep->h_type;
1236 		dtd = ctf_dtd_lookup(fp, type);
1237 		if (CTF_INFO_KIND(dtd->dtd_data.ctt_info) != CTF_K_FORWARD)
1238 			dtd = NULL;
1239 	}
1240 
1241 	if (dtd == NULL) {
1242 		type = ctf_add_generic(fp, flag, name, &dtd);
1243 		if (type == CTF_ERR)
1244 			return (CTF_ERR); /* errno is set for us */
1245 	}
1246 
1247 	VERIFY(type != CTF_ERR);
1248 	dtd->dtd_data.ctt_info = CTF_TYPE_INFO(CTF_K_UNION, flag, 0);
1249 	dtd->dtd_data.ctt_size = 0;
1250 
1251 	/*
1252 	 * Always dirty in case we modified a forward.
1253 	 */
1254 	fp->ctf_flags |= LCTF_DIRTY;
1255 
1256 	return (type);
1257 }
1258 
1259 /*
1260  * If size is 0, we use the standard integer size. This is almost always the
1261  * case, except for packed enums.
1262  */
1263 ctf_id_t
1264 ctf_add_enum(ctf_file_t *fp, uint_t flag, const char *name, size_t size)
1265 {
1266 	ctf_hash_t *hp = &fp->ctf_enums;
1267 	ctf_helem_t *hep = NULL;
1268 	ctf_dtdef_t *dtd = NULL;
1269 	ctf_id_t type = CTF_ERR;
1270 
1271 	/* Check we could return something valid in ctf_type_size. */
1272 	if (size > SSIZE_MAX)
1273 		return (ctf_set_errno(fp, EINVAL));
1274 
1275 	if (name != NULL)
1276 		hep = ctf_hash_lookup(hp, fp, name, strlen(name));
1277 
1278 	if (hep != NULL && ctf_type_kind(fp, hep->h_type) == CTF_K_FORWARD) {
1279 		type = hep->h_type;
1280 		dtd = ctf_dtd_lookup(fp, type);
1281 		if (CTF_INFO_KIND(dtd->dtd_data.ctt_info) != CTF_K_FORWARD)
1282 			dtd = NULL;
1283 	}
1284 
1285 	if (dtd == NULL) {
1286 		type = ctf_add_generic(fp, flag, name, &dtd);
1287 		if (type == CTF_ERR)
1288 			return (CTF_ERR); /* errno is set for us */
1289 	}
1290 
1291 	VERIFY(type != CTF_ERR);
1292 	dtd->dtd_data.ctt_info = CTF_TYPE_INFO(CTF_K_ENUM, flag, 0);
1293 
1294 	ctf_set_ctt_size(&dtd->dtd_data, size == 0 ?
1295 	    fp->ctf_dmodel->ctd_int : size);
1296 
1297 	/*
1298 	 * Always dirty in case we modified a forward.
1299 	 */
1300 	fp->ctf_flags |= LCTF_DIRTY;
1301 
1302 	return (type);
1303 }
1304 
1305 ctf_id_t
1306 ctf_add_forward(ctf_file_t *fp, uint_t flag, const char *name, uint_t kind)
1307 {
1308 	ctf_hash_t *hp;
1309 	ctf_helem_t *hep;
1310 	ctf_dtdef_t *dtd;
1311 	ctf_id_t type;
1312 
1313 	switch (kind) {
1314 	case CTF_K_STRUCT:
1315 		hp = &fp->ctf_structs;
1316 		break;
1317 	case CTF_K_UNION:
1318 		hp = &fp->ctf_unions;
1319 		break;
1320 	case CTF_K_ENUM:
1321 		hp = &fp->ctf_enums;
1322 		break;
1323 	default:
1324 		return (ctf_set_errno(fp, ECTF_NOTSUE));
1325 	}
1326 
1327 	/*
1328 	 * If the type is already defined or exists as a forward tag, just
1329 	 * return the ctf_id_t of the existing definition.
1330 	 */
1331 	if (name != NULL && (hep = ctf_hash_lookup(hp,
1332 	    fp, name, strlen(name))) != NULL)
1333 		return (hep->h_type);
1334 
1335 	if ((type = ctf_add_generic(fp, flag, name, &dtd)) == CTF_ERR)
1336 		return (CTF_ERR); /* errno is set for us */
1337 
1338 	dtd->dtd_data.ctt_info = CTF_TYPE_INFO(CTF_K_FORWARD, flag, 0);
1339 	dtd->dtd_data.ctt_type = kind;
1340 
1341 	return (type);
1342 }
1343 
1344 ctf_id_t
1345 ctf_add_typedef(ctf_file_t *fp, uint_t flag, const char *name, ctf_id_t ref)
1346 {
1347 	ctf_dtdef_t *dtd;
1348 	ctf_id_t type;
1349 	ctf_file_t *fpd;
1350 
1351 	fpd = fp;
1352 	if (ref == CTF_ERR || (ctf_lookup_by_id(&fpd, ref) == NULL &&
1353 	    ctf_dtd_lookup(fp, ref) == NULL))
1354 		return (ctf_set_errno(fp, EINVAL));
1355 
1356 	if ((type = ctf_add_generic(fp, flag, name, &dtd)) == CTF_ERR)
1357 		return (CTF_ERR); /* errno is set for us */
1358 
1359 	dtd->dtd_data.ctt_info = CTF_TYPE_INFO(CTF_K_TYPEDEF, flag, 0);
1360 	dtd->dtd_data.ctt_type = (ushort_t)ref;
1361 	ctf_ref_inc(fp, ref);
1362 
1363 	return (type);
1364 }
1365 
1366 ctf_id_t
1367 ctf_add_volatile(ctf_file_t *fp, uint_t flag, const char *name, ctf_id_t ref)
1368 {
1369 	return (ctf_add_reftype(fp, flag, name, ref, CTF_K_VOLATILE));
1370 }
1371 
1372 ctf_id_t
1373 ctf_add_const(ctf_file_t *fp, uint_t flag, const char *name, ctf_id_t ref)
1374 {
1375 	return (ctf_add_reftype(fp, flag, name, ref, CTF_K_CONST));
1376 }
1377 
1378 ctf_id_t
1379 ctf_add_restrict(ctf_file_t *fp, uint_t flag, const char *name, ctf_id_t ref)
1380 {
1381 	return (ctf_add_reftype(fp, flag, name, ref, CTF_K_RESTRICT));
1382 }
1383 
1384 int
1385 ctf_add_enumerator(ctf_file_t *fp, ctf_id_t enid, const char *name, int value)
1386 {
1387 	ctf_dtdef_t *dtd = ctf_dtd_lookup(fp, enid);
1388 	ctf_dmdef_t *dmd;
1389 
1390 	uint_t kind, vlen, root;
1391 	char *s;
1392 
1393 	if (name == NULL)
1394 		return (ctf_set_errno(fp, EINVAL));
1395 
1396 	if (!(fp->ctf_flags & LCTF_RDWR))
1397 		return (ctf_set_errno(fp, ECTF_RDONLY));
1398 
1399 	if (dtd == NULL)
1400 		return (ctf_set_errno(fp, ECTF_BADID));
1401 
1402 	kind = CTF_INFO_KIND(dtd->dtd_data.ctt_info);
1403 	root = CTF_INFO_ISROOT(dtd->dtd_data.ctt_info);
1404 	vlen = CTF_INFO_VLEN(dtd->dtd_data.ctt_info);
1405 
1406 	if (kind != CTF_K_ENUM)
1407 		return (ctf_set_errno(fp, ECTF_NOTENUM));
1408 
1409 	if (vlen == CTF_MAX_VLEN)
1410 		return (ctf_set_errno(fp, ECTF_DTFULL));
1411 
1412 	for (dmd = ctf_list_next(&dtd->dtd_u.dtu_members);
1413 	    dmd != NULL; dmd = ctf_list_next(dmd)) {
1414 		if (strcmp(dmd->dmd_name, name) == 0) {
1415 			ctf_dprintf("encountered duplicate member %s\n", name);
1416 			return (ctf_set_errno(fp, ECTF_DUPMEMBER));
1417 		}
1418 	}
1419 
1420 	if ((dmd = ctf_alloc(sizeof (ctf_dmdef_t))) == NULL)
1421 		return (ctf_set_errno(fp, EAGAIN));
1422 
1423 	if ((s = ctf_strdup(name)) == NULL) {
1424 		ctf_free(dmd, sizeof (ctf_dmdef_t));
1425 		return (ctf_set_errno(fp, EAGAIN));
1426 	}
1427 
1428 	dmd->dmd_name = s;
1429 	dmd->dmd_type = CTF_ERR;
1430 	dmd->dmd_offset = 0;
1431 	dmd->dmd_value = value;
1432 
1433 	dtd->dtd_data.ctt_info = CTF_TYPE_INFO(kind, root, vlen + 1);
1434 	ctf_list_append(&dtd->dtd_u.dtu_members, dmd);
1435 
1436 	fp->ctf_dtstrlen += strlen(s) + 1;
1437 	fp->ctf_flags |= LCTF_DIRTY;
1438 
1439 	return (0);
1440 }
1441 
1442 int
1443 ctf_add_member(ctf_file_t *fp, ctf_id_t souid, const char *name, ctf_id_t type,
1444     ulong_t offset)
1445 {
1446 	ctf_dtdef_t *dtd = ctf_dtd_lookup(fp, souid);
1447 	ctf_dmdef_t *dmd;
1448 
1449 	ulong_t mbitsz;
1450 	ssize_t msize, malign, ssize;
1451 	uint_t kind, vlen, root;
1452 	int mkind;
1453 	char *s = NULL;
1454 
1455 	if (!(fp->ctf_flags & LCTF_RDWR))
1456 		return (ctf_set_errno(fp, ECTF_RDONLY));
1457 
1458 	if (dtd == NULL)
1459 		return (ctf_set_errno(fp, ECTF_BADID));
1460 
1461 	kind = CTF_INFO_KIND(dtd->dtd_data.ctt_info);
1462 	root = CTF_INFO_ISROOT(dtd->dtd_data.ctt_info);
1463 	vlen = CTF_INFO_VLEN(dtd->dtd_data.ctt_info);
1464 
1465 	if (kind != CTF_K_STRUCT && kind != CTF_K_UNION)
1466 		return (ctf_set_errno(fp, ECTF_NOTSOU));
1467 
1468 	if (vlen == CTF_MAX_VLEN)
1469 		return (ctf_set_errno(fp, ECTF_DTFULL));
1470 
1471 	/*
1472 	 * Structures may have members which are anonymous. If they have two of
1473 	 * these, then the duplicate member detection would find it due to the
1474 	 * string of "", so we skip it.
1475 	 */
1476 	if (name != NULL && *name != '\0') {
1477 		for (dmd = ctf_list_next(&dtd->dtd_u.dtu_members);
1478 		    dmd != NULL; dmd = ctf_list_next(dmd)) {
1479 			if (dmd->dmd_name != NULL &&
1480 			    strcmp(dmd->dmd_name, name) == 0) {
1481 				return (ctf_set_errno(fp, ECTF_DUPMEMBER));
1482 			}
1483 		}
1484 	}
1485 
1486 	if ((msize = ctf_type_size(fp, type)) == CTF_ERR ||
1487 	    (malign = ctf_type_align(fp, type)) == CTF_ERR ||
1488 	    (mkind = ctf_type_kind(fp, type)) == CTF_ERR)
1489 		return (CTF_ERR); /* errno is set for us */
1490 
1491 	/*
1492 	 * ctf_type_size returns sizes in bytes. However, for bitfields, that
1493 	 * means that it may misrepresent and actually rounds it up to a power
1494 	 * of two and store that in bytes. So instead we have to get the
1495 	 * Integers encoding and rely on that.
1496 	 */
1497 	if (mkind == CTF_K_INTEGER) {
1498 		ctf_encoding_t e;
1499 
1500 		if (ctf_type_encoding(fp, type, &e) == CTF_ERR)
1501 			return (CTF_ERR); /* errno is set for us */
1502 		mbitsz = e.cte_bits;
1503 	} else if (mkind == CTF_K_FORWARD) {
1504 		/*
1505 		 * This is a rather rare case. In general one cannot add a
1506 		 * forward to a structure. However, the CTF tools traditionally
1507 		 * tried to add a forward to the struct cpu as the last member.
1508 		 * Therefore, if we find one here, we're going to verify the
1509 		 * size and make sure it's zero. It's certainly odd, but that's
1510 		 * life.
1511 		 *
1512 		 * Further, if it's not an absolute position being specified,
1513 		 * then we refuse to add it.
1514 		 */
1515 		if (offset == ULONG_MAX)
1516 			return (ctf_set_errno(fp, EINVAL));
1517 		VERIFY(msize == 0);
1518 		mbitsz = msize;
1519 	} else {
1520 		mbitsz = msize * 8;
1521 	}
1522 
1523 	if ((dmd = ctf_alloc(sizeof (ctf_dmdef_t))) == NULL)
1524 		return (ctf_set_errno(fp, EAGAIN));
1525 
1526 	if (name != NULL && (s = ctf_strdup(name)) == NULL) {
1527 		ctf_free(dmd, sizeof (ctf_dmdef_t));
1528 		return (ctf_set_errno(fp, EAGAIN));
1529 	}
1530 
1531 	dmd->dmd_name = s;
1532 	dmd->dmd_type = type;
1533 	dmd->dmd_value = -1;
1534 
1535 	if (kind == CTF_K_STRUCT && vlen != 0) {
1536 		ctf_dmdef_t *lmd = ctf_list_prev(&dtd->dtd_u.dtu_members);
1537 		ctf_id_t ltype = ctf_type_resolve(fp, lmd->dmd_type);
1538 		size_t off;
1539 
1540 		if (offset == ULONG_MAX) {
1541 			ctf_encoding_t linfo;
1542 			ssize_t lsize;
1543 
1544 			off = lmd->dmd_offset;
1545 			if (ctf_type_encoding(fp, ltype, &linfo) != CTF_ERR)
1546 				off += linfo.cte_bits;
1547 			else if ((lsize = ctf_type_size(fp, ltype)) != CTF_ERR)
1548 				off += lsize * NBBY;
1549 
1550 			/*
1551 			 * Round up the offset of the end of the last member to
1552 			 * the next byte boundary, convert 'off' to bytes, and
1553 			 * then round it up again to the next multiple of the
1554 			 * alignment required by the new member.  Finally,
1555 			 * convert back to bits and store the result in
1556 			 * dmd_offset.  Technically we could do more efficient
1557 			 * packing if the new member is a bit-field, but we're
1558 			 * the "compiler" and ANSI says we can do as we choose.
1559 			 */
1560 			off = roundup(off, NBBY) / NBBY;
1561 			off = roundup(off, MAX(malign, 1));
1562 			dmd->dmd_offset = off * NBBY;
1563 			ssize = off + msize;
1564 		} else {
1565 			dmd->dmd_offset = offset;
1566 			ssize = (offset + mbitsz) / NBBY;
1567 		}
1568 	} else {
1569 		dmd->dmd_offset = 0;
1570 		ssize = ctf_get_ctt_size(fp, &dtd->dtd_data, NULL, NULL);
1571 		ssize = MAX(ssize, msize);
1572 	}
1573 
1574 	ctf_set_ctt_size(&dtd->dtd_data, ssize);
1575 
1576 	dtd->dtd_data.ctt_info = CTF_TYPE_INFO(kind, root, vlen + 1);
1577 	ctf_list_append(&dtd->dtd_u.dtu_members, dmd);
1578 
1579 	if (s != NULL)
1580 		fp->ctf_dtstrlen += strlen(s) + 1;
1581 
1582 	ctf_ref_inc(fp, type);
1583 	fp->ctf_flags |= LCTF_DIRTY;
1584 	return (0);
1585 }
1586 
1587 /*
1588  * This removes a type from the dynamic section. This will fail if the type is
1589  * referenced by another type. Note that the CTF ID is never reused currently by
1590  * CTF. Note that if this container is a parent container then we just outright
1591  * refuse to remove the type. There currently is no notion of searching for the
1592  * ctf_dtdef_t in parent containers. If there is, then this constraint could
1593  * become finer grained.
1594  */
1595 int
1596 ctf_delete_type(ctf_file_t *fp, ctf_id_t type)
1597 {
1598 	ctf_file_t *fpd;
1599 	ctf_dtdef_t *dtd = ctf_dtd_lookup(fp, type);
1600 
1601 	if (!(fp->ctf_flags & LCTF_RDWR))
1602 		return (ctf_set_errno(fp, ECTF_RDONLY));
1603 
1604 	/*
1605 	 * We want to give as useful an errno as possible. That means that we
1606 	 * want to distinguish between a type which does not exist and one for
1607 	 * which the type is not dynamic.
1608 	 */
1609 	fpd = fp;
1610 	if (ctf_lookup_by_id(&fpd, type) == NULL &&
1611 	    ctf_dtd_lookup(fp, type) == NULL)
1612 		return (CTF_ERR); /* errno is set for us */
1613 
1614 	if (dtd == NULL)
1615 		return (ctf_set_errno(fp, ECTF_NOTDYN));
1616 
1617 	if (dtd->dtd_ref != 0 || fp->ctf_refcnt > 1)
1618 		return (ctf_set_errno(fp, ECTF_REFERENCED));
1619 
1620 	ctf_dtd_delete(fp, dtd);
1621 	fp->ctf_flags |= LCTF_DIRTY;
1622 	return (0);
1623 }
1624 
1625 static int
1626 enumcmp(const char *name, int value, void *arg)
1627 {
1628 	ctf_bundle_t *ctb = arg;
1629 	int bvalue;
1630 
1631 	return (ctf_enum_value(ctb->ctb_file, ctb->ctb_type,
1632 	    name, &bvalue) == CTF_ERR || value != bvalue);
1633 }
1634 
1635 static int
1636 enumadd(const char *name, int value, void *arg)
1637 {
1638 	ctf_bundle_t *ctb = arg;
1639 
1640 	return (ctf_add_enumerator(ctb->ctb_file, ctb->ctb_type,
1641 	    name, value) == CTF_ERR);
1642 }
1643 
1644 /*ARGSUSED*/
1645 static int
1646 membcmp(const char *name, ctf_id_t type, ulong_t offset, void *arg)
1647 {
1648 	ctf_bundle_t *ctb = arg;
1649 	ctf_membinfo_t ctm;
1650 
1651 	return (ctf_member_info(ctb->ctb_file, ctb->ctb_type,
1652 	    name, &ctm) == CTF_ERR || ctm.ctm_offset != offset);
1653 }
1654 
1655 static int
1656 membadd(const char *name, ctf_id_t type, ulong_t offset, void *arg)
1657 {
1658 	ctf_bundle_t *ctb = arg;
1659 	ctf_dmdef_t *dmd;
1660 	char *s = NULL;
1661 
1662 	if ((dmd = ctf_alloc(sizeof (ctf_dmdef_t))) == NULL)
1663 		return (ctf_set_errno(ctb->ctb_file, EAGAIN));
1664 
1665 	if (name != NULL && (s = ctf_strdup(name)) == NULL) {
1666 		ctf_free(dmd, sizeof (ctf_dmdef_t));
1667 		return (ctf_set_errno(ctb->ctb_file, EAGAIN));
1668 	}
1669 
1670 	/*
1671 	 * For now, dmd_type is copied as the src_fp's type; it is reset to an
1672 	 * equivalent dst_fp type by a final loop in ctf_add_type(), below.
1673 	 */
1674 	dmd->dmd_name = s;
1675 	dmd->dmd_type = type;
1676 	dmd->dmd_offset = offset;
1677 	dmd->dmd_value = -1;
1678 
1679 	ctf_list_append(&ctb->ctb_dtd->dtd_u.dtu_members, dmd);
1680 
1681 	if (s != NULL)
1682 		ctb->ctb_file->ctf_dtstrlen += strlen(s) + 1;
1683 
1684 	ctb->ctb_file->ctf_flags |= LCTF_DIRTY;
1685 	return (0);
1686 }
1687 
1688 /*
1689  * The ctf_add_type routine is used to copy a type from a source CTF container
1690  * to a dynamic destination container.  This routine operates recursively by
1691  * following the source type's links and embedded member types.  If the
1692  * destination container already contains a named type which has the same
1693  * attributes, then we succeed and return this type but no changes occur.
1694  */
1695 ctf_id_t
1696 ctf_add_type(ctf_file_t *dst_fp, ctf_file_t *src_fp, ctf_id_t src_type)
1697 {
1698 	ctf_id_t dst_type = CTF_ERR;
1699 	uint_t dst_kind = CTF_K_UNKNOWN;
1700 
1701 	const ctf_type_t *tp;
1702 	const char *name;
1703 	uint_t kind, flag, vlen;
1704 
1705 	ctf_bundle_t src, dst;
1706 	ctf_encoding_t src_en, dst_en;
1707 	ctf_arinfo_t src_ar, dst_ar;
1708 
1709 	ctf_dtdef_t *dtd;
1710 	ctf_funcinfo_t ctc;
1711 
1712 	ctf_hash_t *hp;
1713 	ctf_helem_t *hep;
1714 
1715 	if (dst_fp == src_fp)
1716 		return (src_type);
1717 
1718 	if (!(dst_fp->ctf_flags & LCTF_RDWR))
1719 		return (ctf_set_errno(dst_fp, ECTF_RDONLY));
1720 
1721 	if ((tp = ctf_lookup_by_id(&src_fp, src_type)) == NULL)
1722 		return (ctf_set_errno(dst_fp, ctf_errno(src_fp)));
1723 
1724 	name = ctf_strptr(src_fp, tp->ctt_name);
1725 	kind = LCTF_INFO_KIND(src_fp, tp->ctt_info);
1726 	flag = LCTF_INFO_ROOT(src_fp, tp->ctt_info);
1727 	vlen = LCTF_INFO_VLEN(src_fp, tp->ctt_info);
1728 
1729 	switch (kind) {
1730 	case CTF_K_STRUCT:
1731 		hp = &dst_fp->ctf_structs;
1732 		break;
1733 	case CTF_K_UNION:
1734 		hp = &dst_fp->ctf_unions;
1735 		break;
1736 	case CTF_K_ENUM:
1737 		hp = &dst_fp->ctf_enums;
1738 		break;
1739 	default:
1740 		hp = &dst_fp->ctf_names;
1741 		break;
1742 	}
1743 
1744 	/*
1745 	 * If the source type has a name and is a root type (visible at the
1746 	 * top-level scope), lookup the name in the destination container and
1747 	 * verify that it is of the same kind before we do anything else.
1748 	 */
1749 	if ((flag & CTF_ADD_ROOT) && name[0] != '\0' &&
1750 	    (hep = ctf_hash_lookup(hp, dst_fp, name, strlen(name))) != NULL) {
1751 		dst_type = (ctf_id_t)hep->h_type;
1752 		dst_kind = ctf_type_kind(dst_fp, dst_type);
1753 	}
1754 
1755 	/*
1756 	 * If an identically named dst_type exists, fail with ECTF_CONFLICT
1757 	 * unless dst_type is a forward declaration and src_type is a struct,
1758 	 * union, or enum (i.e. the definition of the previous forward decl).
1759 	 */
1760 	if (dst_type != CTF_ERR && dst_kind != kind && (
1761 	    dst_kind != CTF_K_FORWARD || (kind != CTF_K_ENUM &&
1762 	    kind != CTF_K_STRUCT && kind != CTF_K_UNION)))
1763 		return (ctf_set_errno(dst_fp, ECTF_CONFLICT));
1764 
1765 	/*
1766 	 * If the non-empty name was not found in the appropriate hash, search
1767 	 * the list of pending dynamic definitions that are not yet committed.
1768 	 * If a matching name and kind are found, assume this is the type that
1769 	 * we are looking for.  This is necessary to permit ctf_add_type() to
1770 	 * operate recursively on entities such as a struct that contains a
1771 	 * pointer member that refers to the same struct type.
1772 	 */
1773 	if (dst_type == CTF_ERR && name[0] != '\0') {
1774 		for (dtd = ctf_list_prev(&dst_fp->ctf_dtdefs); dtd != NULL &&
1775 		    dtd->dtd_type > dst_fp->ctf_dtoldid;
1776 		    dtd = ctf_list_prev(dtd)) {
1777 			if (CTF_INFO_KIND(dtd->dtd_data.ctt_info) == kind &&
1778 			    dtd->dtd_name != NULL &&
1779 			    strcmp(dtd->dtd_name, name) == 0)
1780 				return (dtd->dtd_type);
1781 		}
1782 	}
1783 
1784 	src.ctb_file = src_fp;
1785 	src.ctb_type = src_type;
1786 	src.ctb_dtd = NULL;
1787 
1788 	dst.ctb_file = dst_fp;
1789 	dst.ctb_type = dst_type;
1790 	dst.ctb_dtd = NULL;
1791 
1792 	/*
1793 	 * Now perform kind-specific processing.  If dst_type is CTF_ERR, then
1794 	 * we add a new type with the same properties as src_type to dst_fp.
1795 	 * If dst_type is not CTF_ERR, then we verify that dst_type has the
1796 	 * same attributes as src_type.  We recurse for embedded references.
1797 	 */
1798 	switch (kind) {
1799 	case CTF_K_INTEGER:
1800 	case CTF_K_FLOAT:
1801 		if (ctf_type_encoding(src_fp, src_type, &src_en) != 0)
1802 			return (ctf_set_errno(dst_fp, ctf_errno(src_fp)));
1803 
1804 		if (dst_type != CTF_ERR) {
1805 			if (ctf_type_encoding(dst_fp, dst_type, &dst_en) != 0)
1806 				return (CTF_ERR); /* errno is set for us */
1807 
1808 			if (bcmp(&src_en, &dst_en, sizeof (ctf_encoding_t)))
1809 				return (ctf_set_errno(dst_fp, ECTF_CONFLICT));
1810 
1811 		} else if (kind == CTF_K_INTEGER) {
1812 			dst_type = ctf_add_integer(dst_fp, flag, name, &src_en);
1813 		} else
1814 			dst_type = ctf_add_float(dst_fp, flag, name, &src_en);
1815 		break;
1816 
1817 	case CTF_K_POINTER:
1818 	case CTF_K_VOLATILE:
1819 	case CTF_K_CONST:
1820 	case CTF_K_RESTRICT:
1821 		src_type = ctf_type_reference(src_fp, src_type);
1822 		src_type = ctf_add_type(dst_fp, src_fp, src_type);
1823 
1824 		if (src_type == CTF_ERR)
1825 			return (CTF_ERR); /* errno is set for us */
1826 
1827 		dst_type = ctf_add_reftype(dst_fp, flag, NULL, src_type, kind);
1828 		break;
1829 
1830 	case CTF_K_ARRAY:
1831 		if (ctf_array_info(src_fp, src_type, &src_ar) == CTF_ERR)
1832 			return (ctf_set_errno(dst_fp, ctf_errno(src_fp)));
1833 
1834 		src_ar.ctr_contents =
1835 		    ctf_add_type(dst_fp, src_fp, src_ar.ctr_contents);
1836 		src_ar.ctr_index =
1837 		    ctf_add_type(dst_fp, src_fp, src_ar.ctr_index);
1838 		src_ar.ctr_nelems = src_ar.ctr_nelems;
1839 
1840 		if (src_ar.ctr_contents == CTF_ERR ||
1841 		    src_ar.ctr_index == CTF_ERR)
1842 			return (CTF_ERR); /* errno is set for us */
1843 
1844 		if (dst_type != CTF_ERR) {
1845 			if (ctf_array_info(dst_fp, dst_type, &dst_ar) != 0)
1846 				return (CTF_ERR); /* errno is set for us */
1847 
1848 			if (bcmp(&src_ar, &dst_ar, sizeof (ctf_arinfo_t)))
1849 				return (ctf_set_errno(dst_fp, ECTF_CONFLICT));
1850 		} else
1851 			dst_type = ctf_add_array(dst_fp, flag, &src_ar);
1852 		break;
1853 
1854 	case CTF_K_FUNCTION:
1855 		ctc.ctc_return = ctf_add_type(dst_fp, src_fp, tp->ctt_type);
1856 		ctc.ctc_argc = 0;
1857 		ctc.ctc_flags = 0;
1858 
1859 		if (ctc.ctc_return == CTF_ERR)
1860 			return (CTF_ERR); /* errno is set for us */
1861 
1862 		dst_type = ctf_add_funcptr(dst_fp, flag, &ctc, NULL);
1863 		break;
1864 
1865 	case CTF_K_STRUCT:
1866 	case CTF_K_UNION: {
1867 		ctf_dmdef_t *dmd;
1868 		int errs = 0;
1869 
1870 		/*
1871 		 * Technically to match a struct or union we need to check both
1872 		 * ways (src members vs. dst, dst members vs. src) but we make
1873 		 * this more optimal by only checking src vs. dst and comparing
1874 		 * the total size of the structure (which we must do anyway)
1875 		 * which covers the possibility of dst members not in src.
1876 		 * This optimization can be defeated for unions, but is so
1877 		 * pathological as to render it irrelevant for our purposes.
1878 		 */
1879 		if (dst_type != CTF_ERR && dst_kind != CTF_K_FORWARD) {
1880 			if (ctf_type_size(src_fp, src_type) !=
1881 			    ctf_type_size(dst_fp, dst_type))
1882 				return (ctf_set_errno(dst_fp, ECTF_CONFLICT));
1883 
1884 			if (ctf_member_iter(src_fp, src_type, membcmp, &dst))
1885 				return (ctf_set_errno(dst_fp, ECTF_CONFLICT));
1886 
1887 			break;
1888 		}
1889 
1890 		/*
1891 		 * Unlike the other cases, copying structs and unions is done
1892 		 * manually so as to avoid repeated lookups in ctf_add_member
1893 		 * and to ensure the exact same member offsets as in src_type.
1894 		 */
1895 		dst_type = ctf_add_generic(dst_fp, flag, name, &dtd);
1896 		if (dst_type == CTF_ERR)
1897 			return (CTF_ERR); /* errno is set for us */
1898 
1899 		dst.ctb_type = dst_type;
1900 		dst.ctb_dtd = dtd;
1901 
1902 		if (ctf_member_iter(src_fp, src_type, membadd, &dst) != 0)
1903 			errs++; /* increment errs and fail at bottom of case */
1904 
1905 		ctf_set_ctt_size(&dtd->dtd_data,
1906 		    ctf_type_size(src_fp, src_type));
1907 
1908 		dtd->dtd_data.ctt_info = CTF_TYPE_INFO(kind, flag, vlen);
1909 
1910 		/*
1911 		 * Make a final pass through the members changing each dmd_type
1912 		 * (a src_fp type) to an equivalent type in dst_fp.  We pass
1913 		 * through all members, leaving any that fail set to CTF_ERR.
1914 		 */
1915 		for (dmd = ctf_list_next(&dtd->dtd_u.dtu_members);
1916 		    dmd != NULL; dmd = ctf_list_next(dmd)) {
1917 			if ((dmd->dmd_type = ctf_add_type(dst_fp, src_fp,
1918 			    dmd->dmd_type)) == CTF_ERR)
1919 				errs++;
1920 		}
1921 
1922 		if (errs)
1923 			return (CTF_ERR); /* errno is set for us */
1924 
1925 		/*
1926 		 * Now that we know that we can't fail, we go through and bump
1927 		 * all the reference counts on the member types.
1928 		 */
1929 		for (dmd = ctf_list_next(&dtd->dtd_u.dtu_members);
1930 		    dmd != NULL; dmd = ctf_list_next(dmd))
1931 			ctf_ref_inc(dst_fp, dmd->dmd_type);
1932 		break;
1933 	}
1934 
1935 	case CTF_K_ENUM:
1936 		if (dst_type != CTF_ERR && dst_kind != CTF_K_FORWARD) {
1937 			if (ctf_enum_iter(src_fp, src_type, enumcmp, &dst) ||
1938 			    ctf_enum_iter(dst_fp, dst_type, enumcmp, &src))
1939 				return (ctf_set_errno(dst_fp, ECTF_CONFLICT));
1940 		} else {
1941 			ssize_t size = ctf_type_size(src_fp, src_type);
1942 
1943 			if (size == CTF_ERR)
1944 				return (CTF_ERR); /* errno is set for us */
1945 
1946 			dst_type = ctf_add_enum(dst_fp, flag, name, size);
1947 			if ((dst.ctb_type = dst_type) == CTF_ERR ||
1948 			    ctf_enum_iter(src_fp, src_type, enumadd, &dst))
1949 				return (CTF_ERR); /* errno is set for us */
1950 		}
1951 		break;
1952 
1953 	case CTF_K_FORWARD:
1954 		if (dst_type == CTF_ERR) {
1955 			dst_type = ctf_add_forward(dst_fp,
1956 			    flag, name, CTF_K_STRUCT); /* assume STRUCT */
1957 		}
1958 		break;
1959 
1960 	case CTF_K_TYPEDEF:
1961 		src_type = ctf_type_reference(src_fp, src_type);
1962 		src_type = ctf_add_type(dst_fp, src_fp, src_type);
1963 
1964 		if (src_type == CTF_ERR)
1965 			return (CTF_ERR); /* errno is set for us */
1966 
1967 		/*
1968 		 * If dst_type is not CTF_ERR at this point, we should check if
1969 		 * ctf_type_reference(dst_fp, dst_type) != src_type and if so
1970 		 * fail with ECTF_CONFLICT.  However, this causes problems with
1971 		 * <sys/types.h> typedefs that vary based on things like if
1972 		 * _ILP32x then pid_t is int otherwise long.  We therefore omit
1973 		 * this check and assume that if the identically named typedef
1974 		 * already exists in dst_fp, it is correct or equivalent.
1975 		 */
1976 		if (dst_type == CTF_ERR) {
1977 			dst_type = ctf_add_typedef(dst_fp, flag,
1978 			    name, src_type);
1979 		}
1980 		break;
1981 
1982 	default:
1983 		return (ctf_set_errno(dst_fp, ECTF_CORRUPT));
1984 	}
1985 
1986 	return (dst_type);
1987 }
1988 
1989 int
1990 ctf_add_function(ctf_file_t *fp, ulong_t idx, const ctf_funcinfo_t *fip,
1991     const ctf_id_t *argc)
1992 {
1993 	int i;
1994 	ctf_dsdef_t *dsd;
1995 	ctf_file_t *afp;
1996 	uintptr_t symbase = (uintptr_t)fp->ctf_symtab.cts_data;
1997 
1998 	if (!(fp->ctf_flags & LCTF_RDWR))
1999 		return (ctf_set_errno(fp, ECTF_RDONLY));
2000 
2001 	if (ctf_dsd_lookup(fp, idx) != NULL)
2002 		return (ctf_set_errno(fp, ECTF_CONFLICT));
2003 
2004 	if (symbase == (uintptr_t)NULL)
2005 		return (ctf_set_errno(fp, ECTF_STRTAB));
2006 
2007 	if (idx > fp->ctf_nsyms)
2008 		return (ctf_set_errno(fp, ECTF_NOTDATA));
2009 
2010 	if (fp->ctf_symtab.cts_entsize == sizeof (Elf32_Sym)) {
2011 		const Elf32_Sym *symp = (Elf32_Sym *)symbase + idx;
2012 		if (ELF32_ST_TYPE(symp->st_info) != STT_FUNC)
2013 			return (ctf_set_errno(fp, ECTF_NOTFUNC));
2014 	} else {
2015 		const Elf64_Sym *symp = (Elf64_Sym *)symbase + idx;
2016 		if (ELF64_ST_TYPE(symp->st_info) != STT_FUNC)
2017 			return (ctf_set_errno(fp, ECTF_NOTFUNC));
2018 	}
2019 
2020 	afp = fp;
2021 	if (ctf_lookup_by_id(&afp, fip->ctc_return) == NULL)
2022 		return (CTF_ERR); /* errno is set for us */
2023 
2024 	for (i = 0; i < fip->ctc_argc; i++) {
2025 		afp = fp;
2026 		if (ctf_lookup_by_id(&afp, argc[i]) == NULL)
2027 			return (CTF_ERR); /* errno is set for us */
2028 	}
2029 
2030 	dsd = ctf_alloc(sizeof (ctf_dsdef_t));
2031 	if (dsd == NULL)
2032 		return (ctf_set_errno(fp, ENOMEM));
2033 	dsd->dsd_nargs = fip->ctc_argc;
2034 	if (fip->ctc_flags & CTF_FUNC_VARARG)
2035 		dsd->dsd_nargs++;
2036 	if (dsd->dsd_nargs != 0) {
2037 		dsd->dsd_argc = ctf_alloc(sizeof (ctf_id_t) * dsd->dsd_nargs);
2038 		if (dsd->dsd_argc == NULL) {
2039 			ctf_free(dsd, sizeof (ctf_dsdef_t));
2040 			return (ctf_set_errno(fp, ENOMEM));
2041 		}
2042 		bcopy(argc, dsd->dsd_argc, sizeof (ctf_id_t) * fip->ctc_argc);
2043 		if (fip->ctc_flags & CTF_FUNC_VARARG)
2044 			dsd->dsd_argc[fip->ctc_argc] = 0;
2045 	}
2046 	dsd->dsd_symidx = idx;
2047 	dsd->dsd_tid = fip->ctc_return;
2048 
2049 	ctf_dsd_insert(fp, dsd);
2050 	fp->ctf_flags |= LCTF_DIRTY;
2051 
2052 	return (0);
2053 }
2054 
2055 int
2056 ctf_add_object(ctf_file_t *fp, ulong_t idx, ctf_id_t type)
2057 {
2058 	ctf_dsdef_t *dsd;
2059 	ctf_file_t *afp;
2060 	uintptr_t symbase = (uintptr_t)fp->ctf_symtab.cts_data;
2061 
2062 	if (!(fp->ctf_flags & LCTF_RDWR))
2063 		return (ctf_set_errno(fp, ECTF_RDONLY));
2064 
2065 	if (!(fp->ctf_flags & LCTF_RDWR))
2066 		return (ctf_set_errno(fp, ECTF_RDONLY));
2067 
2068 	if (ctf_dsd_lookup(fp, idx) != NULL)
2069 		return (ctf_set_errno(fp, ECTF_CONFLICT));
2070 
2071 	if (symbase == (uintptr_t)NULL)
2072 		return (ctf_set_errno(fp, ECTF_STRTAB));
2073 
2074 	if (idx > fp->ctf_nsyms)
2075 		return (ctf_set_errno(fp, ECTF_NOTDATA));
2076 
2077 	if (fp->ctf_symtab.cts_entsize == sizeof (Elf32_Sym)) {
2078 		const Elf32_Sym *symp = (Elf32_Sym *)symbase + idx;
2079 		if (ELF32_ST_TYPE(symp->st_info) != STT_OBJECT)
2080 			return (ctf_set_errno(fp, ECTF_NOTDATA));
2081 	} else {
2082 		const Elf64_Sym *symp = (Elf64_Sym *)symbase + idx;
2083 		if (ELF64_ST_TYPE(symp->st_info) != STT_OBJECT)
2084 			return (ctf_set_errno(fp, ECTF_NOTDATA));
2085 	}
2086 
2087 	afp = fp;
2088 	if (ctf_lookup_by_id(&afp, type) == NULL)
2089 		return (CTF_ERR); /* errno is set for us */
2090 
2091 	dsd = ctf_alloc(sizeof (ctf_dsdef_t));
2092 	if (dsd == NULL)
2093 		return (ctf_set_errno(fp, ENOMEM));
2094 	dsd->dsd_symidx = idx;
2095 	dsd->dsd_tid = type;
2096 	dsd->dsd_argc = NULL;
2097 
2098 	ctf_dsd_insert(fp, dsd);
2099 	fp->ctf_flags |= LCTF_DIRTY;
2100 
2101 	return (0);
2102 }
2103 
2104 void
2105 ctf_dataptr(ctf_file_t *fp, const void **addrp, size_t *sizep)
2106 {
2107 	if (addrp != NULL)
2108 		*addrp = fp->ctf_base;
2109 	if (sizep != NULL)
2110 		*sizep = fp->ctf_size;
2111 }
2112 
2113 int
2114 ctf_add_label(ctf_file_t *fp, const char *name, ctf_id_t type, uint_t position)
2115 {
2116 	ctf_file_t *fpd;
2117 	ctf_dldef_t *dld;
2118 
2119 	if (name == NULL)
2120 		return (ctf_set_errno(fp, EINVAL));
2121 
2122 	if (!(fp->ctf_flags & LCTF_RDWR))
2123 		return (ctf_set_errno(fp, ECTF_RDONLY));
2124 
2125 	fpd = fp;
2126 	if (type != 0 && ctf_lookup_by_id(&fpd, type) == NULL)
2127 		return (CTF_ERR); /* errno is set for us */
2128 
2129 	if (type != 0 && (fp->ctf_flags & LCTF_CHILD) &&
2130 	    CTF_TYPE_ISPARENT(type))
2131 		return (ctf_set_errno(fp, ECTF_NOPARENT));
2132 
2133 	if (ctf_dld_lookup(fp, name) != NULL)
2134 		return (ctf_set_errno(fp, ECTF_LABELEXISTS));
2135 
2136 	if ((dld = ctf_alloc(sizeof (ctf_dldef_t))) == NULL)
2137 		return (ctf_set_errno(fp, EAGAIN));
2138 
2139 	if ((dld->dld_name = ctf_strdup(name)) == NULL) {
2140 		ctf_free(dld, sizeof (ctf_dldef_t));
2141 		return (ctf_set_errno(fp, EAGAIN));
2142 	}
2143 
2144 	ctf_dprintf("adding label %s, %ld\n", name, type);
2145 	dld->dld_type = type;
2146 	fp->ctf_dtstrlen += strlen(name) + 1;
2147 	ctf_dld_insert(fp, dld, position);
2148 	fp->ctf_flags |= LCTF_DIRTY;
2149 
2150 	return (0);
2151 }
2152 
2153 /*
2154  * Update the size of a structure or union. Note that we don't allow this to
2155  * shrink the size of a struct or union, only to increase it. This is useful for
2156  * cases when you have a structure whose actual size is larger than the sum of
2157  * its members due to padding for natural alignment.
2158  */
2159 int
2160 ctf_set_size(ctf_file_t *fp, ctf_id_t id, const ulong_t newsz)
2161 {
2162 	ctf_dtdef_t *dtd = ctf_dtd_lookup(fp, id);
2163 	uint_t kind;
2164 	size_t oldsz;
2165 
2166 	if (!(fp->ctf_flags & LCTF_RDWR))
2167 		return (ctf_set_errno(fp, ECTF_RDONLY));
2168 
2169 	if (dtd == NULL)
2170 		return (ctf_set_errno(fp, ECTF_BADID));
2171 
2172 	kind = CTF_INFO_KIND(dtd->dtd_data.ctt_info);
2173 
2174 	if (kind != CTF_K_STRUCT && kind != CTF_K_UNION)
2175 		return (ctf_set_errno(fp, ECTF_NOTSOU));
2176 
2177 	if ((oldsz = dtd->dtd_data.ctt_size) == CTF_LSIZE_SENT)
2178 		oldsz = CTF_TYPE_LSIZE(&dtd->dtd_data);
2179 
2180 	if (newsz < oldsz)
2181 		return (ctf_set_errno(fp, EINVAL));
2182 
2183 	ctf_set_ctt_size(&dtd->dtd_data, newsz);
2184 
2185 	fp->ctf_flags |= LCTF_DIRTY;
2186 	return (0);
2187 }
2188 
2189 int
2190 ctf_set_root(ctf_file_t *fp, ctf_id_t id, const boolean_t vis)
2191 {
2192 	ctf_dtdef_t *dtd = ctf_dtd_lookup(fp, id);
2193 	uint_t kind, vlen;
2194 
2195 	if (!(fp->ctf_flags & LCTF_RDWR))
2196 		return (ctf_set_errno(fp, ECTF_RDONLY));
2197 
2198 	if (dtd == NULL)
2199 		return (ctf_set_errno(fp, ECTF_BADID));
2200 
2201 	kind = CTF_INFO_KIND(dtd->dtd_data.ctt_info);
2202 	vlen = CTF_INFO_VLEN(dtd->dtd_data.ctt_info);
2203 
2204 	dtd->dtd_data.ctt_info = CTF_TYPE_INFO(kind, vis, vlen);
2205 	return (0);
2206 }
2207