1 /* 2 * CDDL HEADER START 3 * 4 * The contents of this file are subject to the terms of the 5 * Common Development and Distribution License (the "License"). 6 * You may not use this file except in compliance with the License. 7 * 8 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE 9 * or http://www.opensolaris.org/os/licensing. 10 * See the License for the specific language governing permissions 11 * and limitations under the License. 12 * 13 * When distributing Covered Code, include this CDDL HEADER in each 14 * file and include the License file at usr/src/OPENSOLARIS.LICENSE. 15 * If applicable, add the following below this CDDL HEADER, with the 16 * fields enclosed by brackets "[]" replaced with your own identifying 17 * information: Portions Copyright [yyyy] [name of copyright owner] 18 * 19 * CDDL HEADER END 20 */ 21 /* 22 * Copyright 2009 Sun Microsystems, Inc. All rights reserved. 23 * Use is subject to license terms. 24 * Copyright 2018, Joyent, Inc. 25 */ 26 27 #include <sys/stack.h> 28 #include <sys/regset.h> 29 #include <sys/frame.h> 30 #include <sys/sysmacros.h> 31 #include <sys/trap.h> 32 #include <sys/machelf.h> 33 34 #include <stdlib.h> 35 #include <unistd.h> 36 #include <sys/types.h> 37 #include <errno.h> 38 #include <string.h> 39 40 #include "Pcontrol.h" 41 #include "Pstack.h" 42 43 static uchar_t int_syscall_instr[] = { 0xCD, T_SYSCALLINT }; 44 45 const char * 46 Ppltdest(struct ps_prochandle *P, uintptr_t pltaddr) 47 { 48 map_info_t *mp = Paddr2mptr(P, pltaddr); 49 50 uintptr_t r_addr; 51 file_info_t *fp; 52 Elf32_Rel r; 53 size_t i; 54 55 if (mp == NULL || (fp = mp->map_file) == NULL || 56 fp->file_plt_base == 0 || 57 pltaddr - fp->file_plt_base >= fp->file_plt_size) { 58 errno = EINVAL; 59 return (NULL); 60 } 61 62 i = (pltaddr - fp->file_plt_base) / M_PLT_ENTSIZE - M_PLT_XNumber; 63 64 r_addr = fp->file_jmp_rel + i * sizeof (r); 65 66 if (Pread(P, &r, sizeof (r), r_addr) == sizeof (r) && 67 (i = ELF32_R_SYM(r.r_info)) < fp->file_dynsym.sym_symn) { 68 69 Elf_Data *data = fp->file_dynsym.sym_data_pri; 70 Elf32_Sym *symp = &(((Elf32_Sym *)data->d_buf)[i]); 71 72 return (fp->file_dynsym.sym_strs + symp->st_name); 73 } 74 75 return (NULL); 76 } 77 78 int 79 Pissyscall(struct ps_prochandle *P, uintptr_t addr) 80 { 81 uchar_t instr[16]; 82 83 if (Pread(P, instr, sizeof (int_syscall_instr), addr) != 84 sizeof (int_syscall_instr)) 85 return (0); 86 87 if (memcmp(instr, int_syscall_instr, sizeof (int_syscall_instr)) == 0) 88 return (1); 89 90 return (0); 91 } 92 93 int 94 Pissyscall_prev(struct ps_prochandle *P, uintptr_t addr, uintptr_t *dst) 95 { 96 int ret; 97 98 if (ret = Pissyscall(P, addr - sizeof (int_syscall_instr))) { 99 if (dst) 100 *dst = addr - sizeof (int_syscall_instr); 101 return (ret); 102 } 103 104 return (0); 105 } 106 107 /* ARGSUSED */ 108 int 109 Pissyscall_text(struct ps_prochandle *P, const void *buf, size_t buflen) 110 { 111 if (buflen < sizeof (int_syscall_instr)) 112 return (0); 113 114 if (memcmp(buf, int_syscall_instr, sizeof (int_syscall_instr)) == 0) 115 return (1); 116 117 return (0); 118 } 119 120 #define TR_ARG_MAX 6 /* Max args to print, same as SPARC */ 121 122 static boolean_t 123 argcount_ctf(struct ps_prochandle *P, long pc, uint_t *countp) 124 { 125 GElf_Sym sym; 126 ctf_file_t *ctfp; 127 ctf_funcinfo_t finfo; 128 prsyminfo_t si = { 0 }; 129 130 if (Pxlookup_by_addr(P, pc, NULL, 0, &sym, &si) != 0) 131 return (B_FALSE); 132 133 if ((ctfp = Paddr_to_ctf(P, pc)) == NULL) 134 return (B_FALSE); 135 136 if (ctf_func_info(ctfp, si.prs_id, &finfo) == CTF_ERR) 137 return (B_FALSE); 138 139 *countp = finfo.ctc_argc; 140 141 return (B_TRUE); 142 } 143 144 /* 145 * Given a return address, determine the likely number of arguments 146 * that were pushed on the stack prior to its execution. We do this by 147 * expecting that a typical call sequence consists of pushing arguments on 148 * the stack, executing a call instruction, and then performing an add 149 * on %esp to restore it to the value prior to pushing the arguments for 150 * the call. We attempt to detect such an add, and divide the addend 151 * by the size of a word to determine the number of pushed arguments. 152 * 153 * If we do not find such an add, this does not necessarily imply that the 154 * function took no arguments. It is not possible to reliably detect such a 155 * void function because hand-coded assembler does not always perform an add 156 * to %esp immediately after the "call" instruction (eg. _sys_call()). 157 * Because of this, we default to returning MIN(sz, TR_ARG_MAX) instead of 0 158 * in the absence of an add to %esp. 159 */ 160 static ulong_t 161 argcount(struct ps_prochandle *P, long pc, ssize_t sz) 162 { 163 uchar_t instr[6]; 164 ulong_t count, max; 165 166 max = MIN(sz / sizeof (long), TR_ARG_MAX); 167 168 /* 169 * Read the instruction at the return location. 170 */ 171 if (Pread(P, instr, sizeof (instr), pc) != sizeof (instr) || 172 instr[1] != 0xc4) 173 return (max); 174 175 switch (instr[0]) { 176 case 0x81: /* count is a longword */ 177 count = instr[2]+(instr[3]<<8)+(instr[4]<<16)+(instr[5]<<24); 178 break; 179 case 0x83: /* count is a byte */ 180 count = instr[2]; 181 break; 182 default: 183 return (max); 184 } 185 186 count /= sizeof (long); 187 return (MIN(count, max)); 188 } 189 190 static void 191 ucontext_n_to_prgregs(const ucontext_t *src, prgregset_t dst) 192 { 193 (void) memcpy(dst, src->uc_mcontext.gregs, sizeof (gregset_t)); 194 } 195 196 int 197 Pstack_iter(struct ps_prochandle *P, const prgregset_t regs, 198 proc_stack_f *func, void *arg) 199 { 200 prgreg_t *prevfp = NULL; 201 uint_t pfpsize = 0; 202 int nfp = 0; 203 struct { 204 long fp; 205 long pc; 206 long args[32]; 207 } frame; 208 uint_t argc; 209 ssize_t sz; 210 prgregset_t gregs; 211 prgreg_t fp, pfp; 212 prgreg_t pc, ctf_pc; 213 int rv; 214 215 /* 216 * Type definition for a structure corresponding to an IA32 217 * signal frame. Refer to the comments in Pstack.c for more info 218 */ 219 typedef struct { 220 long fp; 221 long pc; 222 int signo; 223 ucontext_t *ucp; 224 siginfo_t *sip; 225 } sf_t; 226 227 uclist_t ucl; 228 ucontext_t uc; 229 uintptr_t uc_addr; 230 231 init_uclist(&ucl, P); 232 (void) memcpy(gregs, regs, sizeof (gregs)); 233 234 fp = regs[R_FP]; 235 ctf_pc = pc = regs[R_PC]; 236 237 while (fp != 0 || pc != 0) { 238 if (stack_loop(fp, &prevfp, &nfp, &pfpsize)) 239 break; 240 241 if (fp != 0 && 242 (sz = Pread(P, &frame, sizeof (frame), (uintptr_t)fp) 243 >= (ssize_t)(2* sizeof (long)))) { 244 /* 245 * One more trick for signal frames: the kernel sets 246 * the return pc of the signal frame to 0xffffffff on 247 * Intel IA32, so argcount won't work. 248 */ 249 if (frame.pc != -1L) { 250 sz -= 2* sizeof (long); 251 if (argcount_ctf(P, ctf_pc, &argc)) { 252 argc = MIN(argc, 32); 253 } else { 254 argc = argcount(P, (long)frame.pc, sz); 255 } 256 } else 257 argc = 3; /* sighandler(signo, sip, ucp) */ 258 } else { 259 (void) memset(&frame, 0, sizeof (frame)); 260 argc = 0; 261 } 262 263 ctf_pc = frame.pc; 264 gregs[R_FP] = fp; 265 gregs[R_PC] = pc; 266 267 if ((rv = func(arg, gregs, argc, frame.args)) != 0) 268 break; 269 270 /* 271 * In order to allow iteration over java frames (which can have 272 * their own frame pointers), we allow the iterator to change 273 * the contents of gregs. If we detect a change, then we assume 274 * that the new values point to the next frame. 275 */ 276 if (gregs[R_FP] != fp || gregs[R_PC] != pc) { 277 fp = gregs[R_FP]; 278 pc = gregs[R_PC]; 279 continue; 280 } 281 282 pfp = fp; 283 fp = frame.fp; 284 pc = frame.pc; 285 286 if (find_uclink(&ucl, pfp + sizeof (sf_t))) 287 uc_addr = pfp + sizeof (sf_t); 288 else 289 uc_addr = NULL; 290 291 if (uc_addr != NULL && 292 Pread(P, &uc, sizeof (uc), uc_addr) == sizeof (uc)) { 293 294 ucontext_n_to_prgregs(&uc, gregs); 295 fp = gregs[R_FP]; 296 pc = gregs[R_PC]; 297 } 298 } 299 300 if (prevfp) 301 free(prevfp); 302 303 free_uclist(&ucl); 304 return (rv); 305 } 306 307 uintptr_t 308 Psyscall_setup(struct ps_prochandle *P, int nargs, int sysindex, uintptr_t sp) 309 { 310 sp -= sizeof (int) * (nargs+2); /* space for arg list + CALL parms */ 311 312 P->status.pr_lwp.pr_reg[EAX] = sysindex; 313 P->status.pr_lwp.pr_reg[R_SP] = sp; 314 P->status.pr_lwp.pr_reg[R_PC] = P->sysaddr; 315 316 return (sp); 317 } 318 319 int 320 Psyscall_copyinargs(struct ps_prochandle *P, int nargs, argdes_t *argp, 321 uintptr_t ap) 322 { 323 int32_t arglist[MAXARGS+2]; 324 int i; 325 argdes_t *adp; 326 327 for (i = 0, adp = argp; i < nargs; i++, adp++) 328 arglist[1 + i] = (int32_t)adp->arg_value; 329 330 arglist[0] = P->status.pr_lwp.pr_reg[R_PC]; 331 if (Pwrite(P, &arglist[0], sizeof (int) * (nargs+1), 332 (uintptr_t)ap) != sizeof (int) * (nargs+1)) 333 return (-1); 334 335 return (0); 336 } 337 338 int 339 Psyscall_copyoutargs(struct ps_prochandle *P, int nargs, argdes_t *argp, 340 uintptr_t ap) 341 { 342 uint32_t arglist[MAXARGS + 2]; 343 int i; 344 argdes_t *adp; 345 346 if (Pread(P, &arglist[0], sizeof (int) * (nargs+1), (uintptr_t)ap) 347 != sizeof (int) * (nargs+1)) 348 return (-1); 349 350 for (i = 0, adp = argp; i < nargs; i++, adp++) 351 adp->arg_value = arglist[i]; 352 353 return (0); 354 } 355