xref: /titanic_50/usr/src/lib/libdtrace/common/dt_consume.c (revision 7ddc9b1afd18f260b9fb78ec7732facd91769131)
1 /*
2  * CDDL HEADER START
3  *
4  * The contents of this file are subject to the terms of the
5  * Common Development and Distribution License (the "License").
6  * You may not use this file except in compliance with the License.
7  *
8  * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
9  * or http://www.opensolaris.org/os/licensing.
10  * See the License for the specific language governing permissions
11  * and limitations under the License.
12  *
13  * When distributing Covered Code, include this CDDL HEADER in each
14  * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
15  * If applicable, add the following below this CDDL HEADER, with the
16  * fields enclosed by brackets "[]" replaced with your own identifying
17  * information: Portions Copyright [yyyy] [name of copyright owner]
18  *
19  * CDDL HEADER END
20  */
21 /*
22  * Copyright 2008 Sun Microsystems, Inc.  All rights reserved.
23  * Use is subject to license terms.
24  */
25 
26 #pragma ident	"%Z%%M%	%I%	%E% SMI"
27 
28 #include <stdlib.h>
29 #include <strings.h>
30 #include <errno.h>
31 #include <unistd.h>
32 #include <limits.h>
33 #include <assert.h>
34 #include <ctype.h>
35 #include <alloca.h>
36 #include <dt_impl.h>
37 
38 #define	DT_MASK_LO 0x00000000FFFFFFFFULL
39 
40 /*
41  * We declare this here because (1) we need it and (2) we want to avoid a
42  * dependency on libm in libdtrace.
43  */
44 static long double
45 dt_fabsl(long double x)
46 {
47 	if (x < 0)
48 		return (-x);
49 
50 	return (x);
51 }
52 
53 /*
54  * 128-bit arithmetic functions needed to support the stddev() aggregating
55  * action.
56  */
57 static int
58 dt_gt_128(uint64_t *a, uint64_t *b)
59 {
60 	return (a[1] > b[1] || (a[1] == b[1] && a[0] > b[0]));
61 }
62 
63 static int
64 dt_ge_128(uint64_t *a, uint64_t *b)
65 {
66 	return (a[1] > b[1] || (a[1] == b[1] && a[0] >= b[0]));
67 }
68 
69 static int
70 dt_le_128(uint64_t *a, uint64_t *b)
71 {
72 	return (a[1] < b[1] || (a[1] == b[1] && a[0] <= b[0]));
73 }
74 
75 /*
76  * Shift the 128-bit value in a by b. If b is positive, shift left.
77  * If b is negative, shift right.
78  */
79 static void
80 dt_shift_128(uint64_t *a, int b)
81 {
82 	uint64_t mask;
83 
84 	if (b == 0)
85 		return;
86 
87 	if (b < 0) {
88 		b = -b;
89 		if (b >= 64) {
90 			a[0] = a[1] >> (b - 64);
91 			a[1] = 0;
92 		} else {
93 			a[0] >>= b;
94 			mask = 1LL << (64 - b);
95 			mask -= 1;
96 			a[0] |= ((a[1] & mask) << (64 - b));
97 			a[1] >>= b;
98 		}
99 	} else {
100 		if (b >= 64) {
101 			a[1] = a[0] << (b - 64);
102 			a[0] = 0;
103 		} else {
104 			a[1] <<= b;
105 			mask = a[0] >> (64 - b);
106 			a[1] |= mask;
107 			a[0] <<= b;
108 		}
109 	}
110 }
111 
112 static int
113 dt_nbits_128(uint64_t *a)
114 {
115 	int nbits = 0;
116 	uint64_t tmp[2];
117 	uint64_t zero[2] = { 0, 0 };
118 
119 	tmp[0] = a[0];
120 	tmp[1] = a[1];
121 
122 	dt_shift_128(tmp, -1);
123 	while (dt_gt_128(tmp, zero)) {
124 		dt_shift_128(tmp, -1);
125 		nbits++;
126 	}
127 
128 	return (nbits);
129 }
130 
131 static void
132 dt_subtract_128(uint64_t *minuend, uint64_t *subtrahend, uint64_t *difference)
133 {
134 	uint64_t result[2];
135 
136 	result[0] = minuend[0] - subtrahend[0];
137 	result[1] = minuend[1] - subtrahend[1] -
138 	    (minuend[0] < subtrahend[0] ? 1 : 0);
139 
140 	difference[0] = result[0];
141 	difference[1] = result[1];
142 }
143 
144 static void
145 dt_add_128(uint64_t *addend1, uint64_t *addend2, uint64_t *sum)
146 {
147 	uint64_t result[2];
148 
149 	result[0] = addend1[0] + addend2[0];
150 	result[1] = addend1[1] + addend2[1] +
151 	    (result[0] < addend1[0] || result[0] < addend2[0] ? 1 : 0);
152 
153 	sum[0] = result[0];
154 	sum[1] = result[1];
155 }
156 
157 /*
158  * The basic idea is to break the 2 64-bit values into 4 32-bit values,
159  * use native multiplication on those, and then re-combine into the
160  * resulting 128-bit value.
161  *
162  * (hi1 << 32 + lo1) * (hi2 << 32 + lo2) =
163  *     hi1 * hi2 << 64 +
164  *     hi1 * lo2 << 32 +
165  *     hi2 * lo1 << 32 +
166  *     lo1 * lo2
167  */
168 static void
169 dt_multiply_128(uint64_t factor1, uint64_t factor2, uint64_t *product)
170 {
171 	uint64_t hi1, hi2, lo1, lo2;
172 	uint64_t tmp[2];
173 
174 	hi1 = factor1 >> 32;
175 	hi2 = factor2 >> 32;
176 
177 	lo1 = factor1 & DT_MASK_LO;
178 	lo2 = factor2 & DT_MASK_LO;
179 
180 	product[0] = lo1 * lo2;
181 	product[1] = hi1 * hi2;
182 
183 	tmp[0] = hi1 * lo2;
184 	tmp[1] = 0;
185 	dt_shift_128(tmp, 32);
186 	dt_add_128(product, tmp, product);
187 
188 	tmp[0] = hi2 * lo1;
189 	tmp[1] = 0;
190 	dt_shift_128(tmp, 32);
191 	dt_add_128(product, tmp, product);
192 }
193 
194 /*
195  * This is long-hand division.
196  *
197  * We initialize subtrahend by shifting divisor left as far as possible. We
198  * loop, comparing subtrahend to dividend:  if subtrahend is smaller, we
199  * subtract and set the appropriate bit in the result.  We then shift
200  * subtrahend right by one bit for the next comparison.
201  */
202 static void
203 dt_divide_128(uint64_t *dividend, uint64_t divisor, uint64_t *quotient)
204 {
205 	uint64_t result[2] = { 0, 0 };
206 	uint64_t remainder[2];
207 	uint64_t subtrahend[2];
208 	uint64_t divisor_128[2];
209 	uint64_t mask[2] = { 1, 0 };
210 	int log = 0;
211 
212 	assert(divisor != 0);
213 
214 	divisor_128[0] = divisor;
215 	divisor_128[1] = 0;
216 
217 	remainder[0] = dividend[0];
218 	remainder[1] = dividend[1];
219 
220 	subtrahend[0] = divisor;
221 	subtrahend[1] = 0;
222 
223 	while (divisor > 0) {
224 		log++;
225 		divisor >>= 1;
226 	}
227 
228 	dt_shift_128(subtrahend, 128 - log);
229 	dt_shift_128(mask, 128 - log);
230 
231 	while (dt_ge_128(remainder, divisor_128)) {
232 		if (dt_ge_128(remainder, subtrahend)) {
233 			dt_subtract_128(remainder, subtrahend, remainder);
234 			result[0] |= mask[0];
235 			result[1] |= mask[1];
236 		}
237 
238 		dt_shift_128(subtrahend, -1);
239 		dt_shift_128(mask, -1);
240 	}
241 
242 	quotient[0] = result[0];
243 	quotient[1] = result[1];
244 }
245 
246 /*
247  * This is the long-hand method of calculating a square root.
248  * The algorithm is as follows:
249  *
250  * 1. Group the digits by 2 from the right.
251  * 2. Over the leftmost group, find the largest single-digit number
252  *    whose square is less than that group.
253  * 3. Subtract the result of the previous step (2 or 4, depending) and
254  *    bring down the next two-digit group.
255  * 4. For the result R we have so far, find the largest single-digit number
256  *    x such that 2 * R * 10 * x + x^2 is less than the result from step 3.
257  *    (Note that this is doubling R and performing a decimal left-shift by 1
258  *    and searching for the appropriate decimal to fill the one's place.)
259  *    The value x is the next digit in the square root.
260  * Repeat steps 3 and 4 until the desired precision is reached.  (We're
261  * dealing with integers, so the above is sufficient.)
262  *
263  * In decimal, the square root of 582,734 would be calculated as so:
264  *
265  *     __7__6__3
266  *    | 58 27 34
267  *     -49       (7^2 == 49 => 7 is the first digit in the square root)
268  *      --
269  *       9 27    (Subtract and bring down the next group.)
270  * 146   8 76    (2 * 7 * 10 * 6 + 6^2 == 876 => 6 is the next digit in
271  *      -----     the square root)
272  *         51 34 (Subtract and bring down the next group.)
273  * 1523    45 69 (2 * 76 * 10 * 3 + 3^2 == 4569 => 3 is the next digit in
274  *         -----  the square root)
275  *          5 65 (remainder)
276  *
277  * The above algorithm applies similarly in binary, but note that the
278  * only possible non-zero value for x in step 4 is 1, so step 4 becomes a
279  * simple decision: is 2 * R * 2 * 1 + 1^2 (aka R << 2 + 1) less than the
280  * preceding difference?
281  *
282  * In binary, the square root of 11011011 would be calculated as so:
283  *
284  *     __1__1__1__0
285  *    | 11 01 10 11
286  *      01          (0 << 2 + 1 == 1 < 11 => this bit is 1)
287  *      --
288  *      10 01 10 11
289  * 101   1 01       (1 << 2 + 1 == 101 < 1001 => next bit is 1)
290  *      -----
291  *       1 00 10 11
292  * 1101    11 01    (11 << 2 + 1 == 1101 < 10010 => next bit is 1)
293  *       -------
294  *          1 01 11
295  * 11101    1 11 01 (111 << 2 + 1 == 11101 > 10111 => last bit is 0)
296  *
297  */
298 static uint64_t
299 dt_sqrt_128(uint64_t *square)
300 {
301 	uint64_t result[2] = { 0, 0 };
302 	uint64_t diff[2] = { 0, 0 };
303 	uint64_t one[2] = { 1, 0 };
304 	uint64_t next_pair[2];
305 	uint64_t next_try[2];
306 	uint64_t bit_pairs, pair_shift;
307 	int i;
308 
309 	bit_pairs = dt_nbits_128(square) / 2;
310 	pair_shift = bit_pairs * 2;
311 
312 	for (i = 0; i <= bit_pairs; i++) {
313 		/*
314 		 * Bring down the next pair of bits.
315 		 */
316 		next_pair[0] = square[0];
317 		next_pair[1] = square[1];
318 		dt_shift_128(next_pair, -pair_shift);
319 		next_pair[0] &= 0x3;
320 		next_pair[1] = 0;
321 
322 		dt_shift_128(diff, 2);
323 		dt_add_128(diff, next_pair, diff);
324 
325 		/*
326 		 * next_try = R << 2 + 1
327 		 */
328 		next_try[0] = result[0];
329 		next_try[1] = result[1];
330 		dt_shift_128(next_try, 2);
331 		dt_add_128(next_try, one, next_try);
332 
333 		if (dt_le_128(next_try, diff)) {
334 			dt_subtract_128(diff, next_try, diff);
335 			dt_shift_128(result, 1);
336 			dt_add_128(result, one, result);
337 		} else {
338 			dt_shift_128(result, 1);
339 		}
340 
341 		pair_shift -= 2;
342 	}
343 
344 	assert(result[1] == 0);
345 
346 	return (result[0]);
347 }
348 
349 uint64_t
350 dt_stddev(uint64_t *data, uint64_t normal)
351 {
352 	uint64_t avg_of_squares[2];
353 	uint64_t square_of_avg[2];
354 	int64_t norm_avg;
355 	uint64_t diff[2];
356 
357 	/*
358 	 * The standard approximation for standard deviation is
359 	 * sqrt(average(x**2) - average(x)**2), i.e. the square root
360 	 * of the average of the squares minus the square of the average.
361 	 */
362 	dt_divide_128(data + 2, normal, avg_of_squares);
363 	dt_divide_128(avg_of_squares, data[0], avg_of_squares);
364 
365 	norm_avg = (int64_t)data[1] / (int64_t)normal / (int64_t)data[0];
366 
367 	if (norm_avg < 0)
368 		norm_avg = -norm_avg;
369 
370 	dt_multiply_128((uint64_t)norm_avg, (uint64_t)norm_avg, square_of_avg);
371 
372 	dt_subtract_128(avg_of_squares, square_of_avg, diff);
373 
374 	return (dt_sqrt_128(diff));
375 }
376 
377 static int
378 dt_flowindent(dtrace_hdl_t *dtp, dtrace_probedata_t *data, dtrace_epid_t last,
379     dtrace_bufdesc_t *buf, size_t offs)
380 {
381 	dtrace_probedesc_t *pd = data->dtpda_pdesc, *npd;
382 	dtrace_eprobedesc_t *epd = data->dtpda_edesc, *nepd;
383 	char *p = pd->dtpd_provider, *n = pd->dtpd_name, *sub;
384 	dtrace_flowkind_t flow = DTRACEFLOW_NONE;
385 	const char *str = NULL;
386 	static const char *e_str[2] = { " -> ", " => " };
387 	static const char *r_str[2] = { " <- ", " <= " };
388 	static const char *ent = "entry", *ret = "return";
389 	static int entlen = 0, retlen = 0;
390 	dtrace_epid_t next, id = epd->dtepd_epid;
391 	int rval;
392 
393 	if (entlen == 0) {
394 		assert(retlen == 0);
395 		entlen = strlen(ent);
396 		retlen = strlen(ret);
397 	}
398 
399 	/*
400 	 * If the name of the probe is "entry" or ends with "-entry", we
401 	 * treat it as an entry; if it is "return" or ends with "-return",
402 	 * we treat it as a return.  (This allows application-provided probes
403 	 * like "method-entry" or "function-entry" to participate in flow
404 	 * indentation -- without accidentally misinterpreting popular probe
405 	 * names like "carpentry", "gentry" or "Coventry".)
406 	 */
407 	if ((sub = strstr(n, ent)) != NULL && sub[entlen] == '\0' &&
408 	    (sub == n || sub[-1] == '-')) {
409 		flow = DTRACEFLOW_ENTRY;
410 		str = e_str[strcmp(p, "syscall") == 0];
411 	} else if ((sub = strstr(n, ret)) != NULL && sub[retlen] == '\0' &&
412 	    (sub == n || sub[-1] == '-')) {
413 		flow = DTRACEFLOW_RETURN;
414 		str = r_str[strcmp(p, "syscall") == 0];
415 	}
416 
417 	/*
418 	 * If we're going to indent this, we need to check the ID of our last
419 	 * call.  If we're looking at the same probe ID but a different EPID,
420 	 * we _don't_ want to indent.  (Yes, there are some minor holes in
421 	 * this scheme -- it's a heuristic.)
422 	 */
423 	if (flow == DTRACEFLOW_ENTRY) {
424 		if ((last != DTRACE_EPIDNONE && id != last &&
425 		    pd->dtpd_id == dtp->dt_pdesc[last]->dtpd_id))
426 			flow = DTRACEFLOW_NONE;
427 	}
428 
429 	/*
430 	 * If we're going to unindent this, it's more difficult to see if
431 	 * we don't actually want to unindent it -- we need to look at the
432 	 * _next_ EPID.
433 	 */
434 	if (flow == DTRACEFLOW_RETURN) {
435 		offs += epd->dtepd_size;
436 
437 		do {
438 			if (offs >= buf->dtbd_size) {
439 				/*
440 				 * We're at the end -- maybe.  If the oldest
441 				 * record is non-zero, we need to wrap.
442 				 */
443 				if (buf->dtbd_oldest != 0) {
444 					offs = 0;
445 				} else {
446 					goto out;
447 				}
448 			}
449 
450 			next = *(uint32_t *)((uintptr_t)buf->dtbd_data + offs);
451 
452 			if (next == DTRACE_EPIDNONE)
453 				offs += sizeof (id);
454 		} while (next == DTRACE_EPIDNONE);
455 
456 		if ((rval = dt_epid_lookup(dtp, next, &nepd, &npd)) != 0)
457 			return (rval);
458 
459 		if (next != id && npd->dtpd_id == pd->dtpd_id)
460 			flow = DTRACEFLOW_NONE;
461 	}
462 
463 out:
464 	if (flow == DTRACEFLOW_ENTRY || flow == DTRACEFLOW_RETURN) {
465 		data->dtpda_prefix = str;
466 	} else {
467 		data->dtpda_prefix = "| ";
468 	}
469 
470 	if (flow == DTRACEFLOW_RETURN && data->dtpda_indent > 0)
471 		data->dtpda_indent -= 2;
472 
473 	data->dtpda_flow = flow;
474 
475 	return (0);
476 }
477 
478 static int
479 dt_nullprobe()
480 {
481 	return (DTRACE_CONSUME_THIS);
482 }
483 
484 static int
485 dt_nullrec()
486 {
487 	return (DTRACE_CONSUME_NEXT);
488 }
489 
490 int
491 dt_print_quantline(dtrace_hdl_t *dtp, FILE *fp, int64_t val,
492     uint64_t normal, long double total, char positives, char negatives)
493 {
494 	long double f;
495 	uint_t depth, len = 40;
496 
497 	const char *ats = "@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@";
498 	const char *spaces = "                                        ";
499 
500 	assert(strlen(ats) == len && strlen(spaces) == len);
501 	assert(!(total == 0 && (positives || negatives)));
502 	assert(!(val < 0 && !negatives));
503 	assert(!(val > 0 && !positives));
504 	assert(!(val != 0 && total == 0));
505 
506 	if (!negatives) {
507 		if (positives) {
508 			f = (dt_fabsl((long double)val) * len) / total;
509 			depth = (uint_t)(f + 0.5);
510 		} else {
511 			depth = 0;
512 		}
513 
514 		return (dt_printf(dtp, fp, "|%s%s %-9lld\n", ats + len - depth,
515 		    spaces + depth, (long long)val / normal));
516 	}
517 
518 	if (!positives) {
519 		f = (dt_fabsl((long double)val) * len) / total;
520 		depth = (uint_t)(f + 0.5);
521 
522 		return (dt_printf(dtp, fp, "%s%s| %-9lld\n", spaces + depth,
523 		    ats + len - depth, (long long)val / normal));
524 	}
525 
526 	/*
527 	 * If we're here, we have both positive and negative bucket values.
528 	 * To express this graphically, we're going to generate both positive
529 	 * and negative bars separated by a centerline.  These bars are half
530 	 * the size of normal quantize()/lquantize() bars, so we divide the
531 	 * length in half before calculating the bar length.
532 	 */
533 	len /= 2;
534 	ats = &ats[len];
535 	spaces = &spaces[len];
536 
537 	f = (dt_fabsl((long double)val) * len) / total;
538 	depth = (uint_t)(f + 0.5);
539 
540 	if (val <= 0) {
541 		return (dt_printf(dtp, fp, "%s%s|%*s %-9lld\n", spaces + depth,
542 		    ats + len - depth, len, "", (long long)val / normal));
543 	} else {
544 		return (dt_printf(dtp, fp, "%20s|%s%s %-9lld\n", "",
545 		    ats + len - depth, spaces + depth,
546 		    (long long)val / normal));
547 	}
548 }
549 
550 int
551 dt_print_quantize(dtrace_hdl_t *dtp, FILE *fp, const void *addr,
552     size_t size, uint64_t normal)
553 {
554 	const int64_t *data = addr;
555 	int i, first_bin = 0, last_bin = DTRACE_QUANTIZE_NBUCKETS - 1;
556 	long double total = 0;
557 	char positives = 0, negatives = 0;
558 
559 	if (size != DTRACE_QUANTIZE_NBUCKETS * sizeof (uint64_t))
560 		return (dt_set_errno(dtp, EDT_DMISMATCH));
561 
562 	while (first_bin < DTRACE_QUANTIZE_NBUCKETS - 1 && data[first_bin] == 0)
563 		first_bin++;
564 
565 	if (first_bin == DTRACE_QUANTIZE_NBUCKETS - 1) {
566 		/*
567 		 * There isn't any data.  This is possible if (and only if)
568 		 * negative increment values have been used.  In this case,
569 		 * we'll print the buckets around 0.
570 		 */
571 		first_bin = DTRACE_QUANTIZE_ZEROBUCKET - 1;
572 		last_bin = DTRACE_QUANTIZE_ZEROBUCKET + 1;
573 	} else {
574 		if (first_bin > 0)
575 			first_bin--;
576 
577 		while (last_bin > 0 && data[last_bin] == 0)
578 			last_bin--;
579 
580 		if (last_bin < DTRACE_QUANTIZE_NBUCKETS - 1)
581 			last_bin++;
582 	}
583 
584 	for (i = first_bin; i <= last_bin; i++) {
585 		positives |= (data[i] > 0);
586 		negatives |= (data[i] < 0);
587 		total += dt_fabsl((long double)data[i]);
588 	}
589 
590 	if (dt_printf(dtp, fp, "\n%16s %41s %-9s\n", "value",
591 	    "------------- Distribution -------------", "count") < 0)
592 		return (-1);
593 
594 	for (i = first_bin; i <= last_bin; i++) {
595 		if (dt_printf(dtp, fp, "%16lld ",
596 		    (long long)DTRACE_QUANTIZE_BUCKETVAL(i)) < 0)
597 			return (-1);
598 
599 		if (dt_print_quantline(dtp, fp, data[i], normal, total,
600 		    positives, negatives) < 0)
601 			return (-1);
602 	}
603 
604 	return (0);
605 }
606 
607 int
608 dt_print_lquantize(dtrace_hdl_t *dtp, FILE *fp, const void *addr,
609     size_t size, uint64_t normal)
610 {
611 	const int64_t *data = addr;
612 	int i, first_bin, last_bin, base;
613 	uint64_t arg;
614 	long double total = 0;
615 	uint16_t step, levels;
616 	char positives = 0, negatives = 0;
617 
618 	if (size < sizeof (uint64_t))
619 		return (dt_set_errno(dtp, EDT_DMISMATCH));
620 
621 	arg = *data++;
622 	size -= sizeof (uint64_t);
623 
624 	base = DTRACE_LQUANTIZE_BASE(arg);
625 	step = DTRACE_LQUANTIZE_STEP(arg);
626 	levels = DTRACE_LQUANTIZE_LEVELS(arg);
627 
628 	first_bin = 0;
629 	last_bin = levels + 1;
630 
631 	if (size != sizeof (uint64_t) * (levels + 2))
632 		return (dt_set_errno(dtp, EDT_DMISMATCH));
633 
634 	while (first_bin <= levels + 1 && data[first_bin] == 0)
635 		first_bin++;
636 
637 	if (first_bin > levels + 1) {
638 		first_bin = 0;
639 		last_bin = 2;
640 	} else {
641 		if (first_bin > 0)
642 			first_bin--;
643 
644 		while (last_bin > 0 && data[last_bin] == 0)
645 			last_bin--;
646 
647 		if (last_bin < levels + 1)
648 			last_bin++;
649 	}
650 
651 	for (i = first_bin; i <= last_bin; i++) {
652 		positives |= (data[i] > 0);
653 		negatives |= (data[i] < 0);
654 		total += dt_fabsl((long double)data[i]);
655 	}
656 
657 	if (dt_printf(dtp, fp, "\n%16s %41s %-9s\n", "value",
658 	    "------------- Distribution -------------", "count") < 0)
659 		return (-1);
660 
661 	for (i = first_bin; i <= last_bin; i++) {
662 		char c[32];
663 		int err;
664 
665 		if (i == 0) {
666 			(void) snprintf(c, sizeof (c), "< %d",
667 			    base / (uint32_t)normal);
668 			err = dt_printf(dtp, fp, "%16s ", c);
669 		} else if (i == levels + 1) {
670 			(void) snprintf(c, sizeof (c), ">= %d",
671 			    base + (levels * step));
672 			err = dt_printf(dtp, fp, "%16s ", c);
673 		} else {
674 			err = dt_printf(dtp, fp, "%16d ",
675 			    base + (i - 1) * step);
676 		}
677 
678 		if (err < 0 || dt_print_quantline(dtp, fp, data[i], normal,
679 		    total, positives, negatives) < 0)
680 			return (-1);
681 	}
682 
683 	return (0);
684 }
685 
686 /*ARGSUSED*/
687 static int
688 dt_print_average(dtrace_hdl_t *dtp, FILE *fp, caddr_t addr,
689     size_t size, uint64_t normal)
690 {
691 	/* LINTED - alignment */
692 	int64_t *data = (int64_t *)addr;
693 
694 	return (dt_printf(dtp, fp, " %16lld", data[0] ?
695 	    (long long)(data[1] / (int64_t)normal / data[0]) : 0));
696 }
697 
698 /*ARGSUSED*/
699 static int
700 dt_print_stddev(dtrace_hdl_t *dtp, FILE *fp, caddr_t addr,
701     size_t size, uint64_t normal)
702 {
703 	/* LINTED - alignment */
704 	uint64_t *data = (uint64_t *)addr;
705 
706 	return (dt_printf(dtp, fp, " %16llu", data[0] ?
707 	    (unsigned long long) dt_stddev(data, normal) : 0));
708 }
709 
710 /*ARGSUSED*/
711 int
712 dt_print_bytes(dtrace_hdl_t *dtp, FILE *fp, caddr_t addr,
713     size_t nbytes, int width, int quiet)
714 {
715 	/*
716 	 * If the byte stream is a series of printable characters, followed by
717 	 * a terminating byte, we print it out as a string.  Otherwise, we
718 	 * assume that it's something else and just print the bytes.
719 	 */
720 	int i, j, margin = 5;
721 	char *c = (char *)addr;
722 
723 	if (nbytes == 0)
724 		return (0);
725 
726 	if (dtp->dt_options[DTRACEOPT_RAWBYTES] != DTRACEOPT_UNSET)
727 		goto raw;
728 
729 	for (i = 0; i < nbytes; i++) {
730 		/*
731 		 * We define a "printable character" to be one for which
732 		 * isprint(3C) returns non-zero, isspace(3C) returns non-zero,
733 		 * or a character which is either backspace or the bell.
734 		 * Backspace and the bell are regrettably special because
735 		 * they fail the first two tests -- and yet they are entirely
736 		 * printable.  These are the only two control characters that
737 		 * have meaning for the terminal and for which isprint(3C) and
738 		 * isspace(3C) return 0.
739 		 */
740 		if (isprint(c[i]) || isspace(c[i]) ||
741 		    c[i] == '\b' || c[i] == '\a')
742 			continue;
743 
744 		if (c[i] == '\0' && i > 0) {
745 			/*
746 			 * This looks like it might be a string.  Before we
747 			 * assume that it is indeed a string, check the
748 			 * remainder of the byte range; if it contains
749 			 * additional non-nul characters, we'll assume that
750 			 * it's a binary stream that just happens to look like
751 			 * a string, and we'll print out the individual bytes.
752 			 */
753 			for (j = i + 1; j < nbytes; j++) {
754 				if (c[j] != '\0')
755 					break;
756 			}
757 
758 			if (j != nbytes)
759 				break;
760 
761 			if (quiet)
762 				return (dt_printf(dtp, fp, "%s", c));
763 			else
764 				return (dt_printf(dtp, fp, "  %-*s", width, c));
765 		}
766 
767 		break;
768 	}
769 
770 	if (i == nbytes) {
771 		/*
772 		 * The byte range is all printable characters, but there is
773 		 * no trailing nul byte.  We'll assume that it's a string and
774 		 * print it as such.
775 		 */
776 		char *s = alloca(nbytes + 1);
777 		bcopy(c, s, nbytes);
778 		s[nbytes] = '\0';
779 		return (dt_printf(dtp, fp, "  %-*s", width, s));
780 	}
781 
782 raw:
783 	if (dt_printf(dtp, fp, "\n%*s      ", margin, "") < 0)
784 		return (-1);
785 
786 	for (i = 0; i < 16; i++)
787 		if (dt_printf(dtp, fp, "  %c", "0123456789abcdef"[i]) < 0)
788 			return (-1);
789 
790 	if (dt_printf(dtp, fp, "  0123456789abcdef\n") < 0)
791 		return (-1);
792 
793 
794 	for (i = 0; i < nbytes; i += 16) {
795 		if (dt_printf(dtp, fp, "%*s%5x:", margin, "", i) < 0)
796 			return (-1);
797 
798 		for (j = i; j < i + 16 && j < nbytes; j++) {
799 			if (dt_printf(dtp, fp, " %02x", (uchar_t)c[j]) < 0)
800 				return (-1);
801 		}
802 
803 		while (j++ % 16) {
804 			if (dt_printf(dtp, fp, "   ") < 0)
805 				return (-1);
806 		}
807 
808 		if (dt_printf(dtp, fp, "  ") < 0)
809 			return (-1);
810 
811 		for (j = i; j < i + 16 && j < nbytes; j++) {
812 			if (dt_printf(dtp, fp, "%c",
813 			    c[j] < ' ' || c[j] > '~' ? '.' : c[j]) < 0)
814 				return (-1);
815 		}
816 
817 		if (dt_printf(dtp, fp, "\n") < 0)
818 			return (-1);
819 	}
820 
821 	return (0);
822 }
823 
824 int
825 dt_print_stack(dtrace_hdl_t *dtp, FILE *fp, const char *format,
826     caddr_t addr, int depth, int size)
827 {
828 	dtrace_syminfo_t dts;
829 	GElf_Sym sym;
830 	int i, indent;
831 	char c[PATH_MAX * 2];
832 	uint64_t pc;
833 
834 	if (dt_printf(dtp, fp, "\n") < 0)
835 		return (-1);
836 
837 	if (format == NULL)
838 		format = "%s";
839 
840 	if (dtp->dt_options[DTRACEOPT_STACKINDENT] != DTRACEOPT_UNSET)
841 		indent = (int)dtp->dt_options[DTRACEOPT_STACKINDENT];
842 	else
843 		indent = _dtrace_stkindent;
844 
845 	for (i = 0; i < depth; i++) {
846 		switch (size) {
847 		case sizeof (uint32_t):
848 			/* LINTED - alignment */
849 			pc = *((uint32_t *)addr);
850 			break;
851 
852 		case sizeof (uint64_t):
853 			/* LINTED - alignment */
854 			pc = *((uint64_t *)addr);
855 			break;
856 
857 		default:
858 			return (dt_set_errno(dtp, EDT_BADSTACKPC));
859 		}
860 
861 		if (pc == NULL)
862 			break;
863 
864 		addr += size;
865 
866 		if (dt_printf(dtp, fp, "%*s", indent, "") < 0)
867 			return (-1);
868 
869 		if (dtrace_lookup_by_addr(dtp, pc, &sym, &dts) == 0) {
870 			if (pc > sym.st_value) {
871 				(void) snprintf(c, sizeof (c), "%s`%s+0x%llx",
872 				    dts.dts_object, dts.dts_name,
873 				    pc - sym.st_value);
874 			} else {
875 				(void) snprintf(c, sizeof (c), "%s`%s",
876 				    dts.dts_object, dts.dts_name);
877 			}
878 		} else {
879 			/*
880 			 * We'll repeat the lookup, but this time we'll specify
881 			 * a NULL GElf_Sym -- indicating that we're only
882 			 * interested in the containing module.
883 			 */
884 			if (dtrace_lookup_by_addr(dtp, pc, NULL, &dts) == 0) {
885 				(void) snprintf(c, sizeof (c), "%s`0x%llx",
886 				    dts.dts_object, pc);
887 			} else {
888 				(void) snprintf(c, sizeof (c), "0x%llx", pc);
889 			}
890 		}
891 
892 		if (dt_printf(dtp, fp, format, c) < 0)
893 			return (-1);
894 
895 		if (dt_printf(dtp, fp, "\n") < 0)
896 			return (-1);
897 	}
898 
899 	return (0);
900 }
901 
902 int
903 dt_print_ustack(dtrace_hdl_t *dtp, FILE *fp, const char *format,
904     caddr_t addr, uint64_t arg)
905 {
906 	/* LINTED - alignment */
907 	uint64_t *pc = (uint64_t *)addr;
908 	uint32_t depth = DTRACE_USTACK_NFRAMES(arg);
909 	uint32_t strsize = DTRACE_USTACK_STRSIZE(arg);
910 	const char *strbase = addr + (depth + 1) * sizeof (uint64_t);
911 	const char *str = strsize ? strbase : NULL;
912 	int err = 0;
913 
914 	char name[PATH_MAX], objname[PATH_MAX], c[PATH_MAX * 2];
915 	struct ps_prochandle *P;
916 	GElf_Sym sym;
917 	int i, indent;
918 	pid_t pid;
919 
920 	if (depth == 0)
921 		return (0);
922 
923 	pid = (pid_t)*pc++;
924 
925 	if (dt_printf(dtp, fp, "\n") < 0)
926 		return (-1);
927 
928 	if (format == NULL)
929 		format = "%s";
930 
931 	if (dtp->dt_options[DTRACEOPT_STACKINDENT] != DTRACEOPT_UNSET)
932 		indent = (int)dtp->dt_options[DTRACEOPT_STACKINDENT];
933 	else
934 		indent = _dtrace_stkindent;
935 
936 	/*
937 	 * Ultimately, we need to add an entry point in the library vector for
938 	 * determining <symbol, offset> from <pid, address>.  For now, if
939 	 * this is a vector open, we just print the raw address or string.
940 	 */
941 	if (dtp->dt_vector == NULL)
942 		P = dt_proc_grab(dtp, pid, PGRAB_RDONLY | PGRAB_FORCE, 0);
943 	else
944 		P = NULL;
945 
946 	if (P != NULL)
947 		dt_proc_lock(dtp, P); /* lock handle while we perform lookups */
948 
949 	for (i = 0; i < depth && pc[i] != NULL; i++) {
950 		const prmap_t *map;
951 
952 		if ((err = dt_printf(dtp, fp, "%*s", indent, "")) < 0)
953 			break;
954 
955 		if (P != NULL && Plookup_by_addr(P, pc[i],
956 		    name, sizeof (name), &sym) == 0) {
957 			(void) Pobjname(P, pc[i], objname, sizeof (objname));
958 
959 			if (pc[i] > sym.st_value) {
960 				(void) snprintf(c, sizeof (c),
961 				    "%s`%s+0x%llx", dt_basename(objname), name,
962 				    (u_longlong_t)(pc[i] - sym.st_value));
963 			} else {
964 				(void) snprintf(c, sizeof (c),
965 				    "%s`%s", dt_basename(objname), name);
966 			}
967 		} else if (str != NULL && str[0] != '\0' && str[0] != '@' &&
968 		    (P != NULL && ((map = Paddr_to_map(P, pc[i])) == NULL ||
969 		    (map->pr_mflags & MA_WRITE)))) {
970 			/*
971 			 * If the current string pointer in the string table
972 			 * does not point to an empty string _and_ the program
973 			 * counter falls in a writable region, we'll use the
974 			 * string from the string table instead of the raw
975 			 * address.  This last condition is necessary because
976 			 * some (broken) ustack helpers will return a string
977 			 * even for a program counter that they can't
978 			 * identify.  If we have a string for a program
979 			 * counter that falls in a segment that isn't
980 			 * writable, we assume that we have fallen into this
981 			 * case and we refuse to use the string.
982 			 */
983 			(void) snprintf(c, sizeof (c), "%s", str);
984 		} else {
985 			if (P != NULL && Pobjname(P, pc[i], objname,
986 			    sizeof (objname)) != NULL) {
987 				(void) snprintf(c, sizeof (c), "%s`0x%llx",
988 				    dt_basename(objname), (u_longlong_t)pc[i]);
989 			} else {
990 				(void) snprintf(c, sizeof (c), "0x%llx",
991 				    (u_longlong_t)pc[i]);
992 			}
993 		}
994 
995 		if ((err = dt_printf(dtp, fp, format, c)) < 0)
996 			break;
997 
998 		if ((err = dt_printf(dtp, fp, "\n")) < 0)
999 			break;
1000 
1001 		if (str != NULL && str[0] == '@') {
1002 			/*
1003 			 * If the first character of the string is an "at" sign,
1004 			 * then the string is inferred to be an annotation --
1005 			 * and it is printed out beneath the frame and offset
1006 			 * with brackets.
1007 			 */
1008 			if ((err = dt_printf(dtp, fp, "%*s", indent, "")) < 0)
1009 				break;
1010 
1011 			(void) snprintf(c, sizeof (c), "  [ %s ]", &str[1]);
1012 
1013 			if ((err = dt_printf(dtp, fp, format, c)) < 0)
1014 				break;
1015 
1016 			if ((err = dt_printf(dtp, fp, "\n")) < 0)
1017 				break;
1018 		}
1019 
1020 		if (str != NULL) {
1021 			str += strlen(str) + 1;
1022 			if (str - strbase >= strsize)
1023 				str = NULL;
1024 		}
1025 	}
1026 
1027 	if (P != NULL) {
1028 		dt_proc_unlock(dtp, P);
1029 		dt_proc_release(dtp, P);
1030 	}
1031 
1032 	return (err);
1033 }
1034 
1035 static int
1036 dt_print_usym(dtrace_hdl_t *dtp, FILE *fp, caddr_t addr, dtrace_actkind_t act)
1037 {
1038 	/* LINTED - alignment */
1039 	uint64_t pid = ((uint64_t *)addr)[0];
1040 	/* LINTED - alignment */
1041 	uint64_t pc = ((uint64_t *)addr)[1];
1042 	const char *format = "  %-50s";
1043 	char *s;
1044 	int n, len = 256;
1045 
1046 	if (act == DTRACEACT_USYM && dtp->dt_vector == NULL) {
1047 		struct ps_prochandle *P;
1048 
1049 		if ((P = dt_proc_grab(dtp, pid,
1050 		    PGRAB_RDONLY | PGRAB_FORCE, 0)) != NULL) {
1051 			GElf_Sym sym;
1052 
1053 			dt_proc_lock(dtp, P);
1054 
1055 			if (Plookup_by_addr(P, pc, NULL, 0, &sym) == 0)
1056 				pc = sym.st_value;
1057 
1058 			dt_proc_unlock(dtp, P);
1059 			dt_proc_release(dtp, P);
1060 		}
1061 	}
1062 
1063 	do {
1064 		n = len;
1065 		s = alloca(n);
1066 	} while ((len = dtrace_uaddr2str(dtp, pid, pc, s, n)) >= n);
1067 
1068 	return (dt_printf(dtp, fp, format, s));
1069 }
1070 
1071 int
1072 dt_print_umod(dtrace_hdl_t *dtp, FILE *fp, const char *format, caddr_t addr)
1073 {
1074 	/* LINTED - alignment */
1075 	uint64_t pid = ((uint64_t *)addr)[0];
1076 	/* LINTED - alignment */
1077 	uint64_t pc = ((uint64_t *)addr)[1];
1078 	int err = 0;
1079 
1080 	char objname[PATH_MAX], c[PATH_MAX * 2];
1081 	struct ps_prochandle *P;
1082 
1083 	if (format == NULL)
1084 		format = "  %-50s";
1085 
1086 	/*
1087 	 * See the comment in dt_print_ustack() for the rationale for
1088 	 * printing raw addresses in the vectored case.
1089 	 */
1090 	if (dtp->dt_vector == NULL)
1091 		P = dt_proc_grab(dtp, pid, PGRAB_RDONLY | PGRAB_FORCE, 0);
1092 	else
1093 		P = NULL;
1094 
1095 	if (P != NULL)
1096 		dt_proc_lock(dtp, P); /* lock handle while we perform lookups */
1097 
1098 	if (P != NULL && Pobjname(P, pc, objname, sizeof (objname)) != NULL) {
1099 		(void) snprintf(c, sizeof (c), "%s", dt_basename(objname));
1100 	} else {
1101 		(void) snprintf(c, sizeof (c), "0x%llx", (u_longlong_t)pc);
1102 	}
1103 
1104 	err = dt_printf(dtp, fp, format, c);
1105 
1106 	if (P != NULL) {
1107 		dt_proc_unlock(dtp, P);
1108 		dt_proc_release(dtp, P);
1109 	}
1110 
1111 	return (err);
1112 }
1113 
1114 static int
1115 dt_print_sym(dtrace_hdl_t *dtp, FILE *fp, const char *format, caddr_t addr)
1116 {
1117 	/* LINTED - alignment */
1118 	uint64_t pc = *((uint64_t *)addr);
1119 	dtrace_syminfo_t dts;
1120 	GElf_Sym sym;
1121 	char c[PATH_MAX * 2];
1122 
1123 	if (format == NULL)
1124 		format = "  %-50s";
1125 
1126 	if (dtrace_lookup_by_addr(dtp, pc, &sym, &dts) == 0) {
1127 		(void) snprintf(c, sizeof (c), "%s`%s",
1128 		    dts.dts_object, dts.dts_name);
1129 	} else {
1130 		/*
1131 		 * We'll repeat the lookup, but this time we'll specify a
1132 		 * NULL GElf_Sym -- indicating that we're only interested in
1133 		 * the containing module.
1134 		 */
1135 		if (dtrace_lookup_by_addr(dtp, pc, NULL, &dts) == 0) {
1136 			(void) snprintf(c, sizeof (c), "%s`0x%llx",
1137 			    dts.dts_object, (u_longlong_t)pc);
1138 		} else {
1139 			(void) snprintf(c, sizeof (c), "0x%llx",
1140 			    (u_longlong_t)pc);
1141 		}
1142 	}
1143 
1144 	if (dt_printf(dtp, fp, format, c) < 0)
1145 		return (-1);
1146 
1147 	return (0);
1148 }
1149 
1150 int
1151 dt_print_mod(dtrace_hdl_t *dtp, FILE *fp, const char *format, caddr_t addr)
1152 {
1153 	/* LINTED - alignment */
1154 	uint64_t pc = *((uint64_t *)addr);
1155 	dtrace_syminfo_t dts;
1156 	char c[PATH_MAX * 2];
1157 
1158 	if (format == NULL)
1159 		format = "  %-50s";
1160 
1161 	if (dtrace_lookup_by_addr(dtp, pc, NULL, &dts) == 0) {
1162 		(void) snprintf(c, sizeof (c), "%s", dts.dts_object);
1163 	} else {
1164 		(void) snprintf(c, sizeof (c), "0x%llx", (u_longlong_t)pc);
1165 	}
1166 
1167 	if (dt_printf(dtp, fp, format, c) < 0)
1168 		return (-1);
1169 
1170 	return (0);
1171 }
1172 
1173 typedef struct dt_normal {
1174 	dtrace_aggvarid_t dtnd_id;
1175 	uint64_t dtnd_normal;
1176 } dt_normal_t;
1177 
1178 static int
1179 dt_normalize_agg(const dtrace_aggdata_t *aggdata, void *arg)
1180 {
1181 	dt_normal_t *normal = arg;
1182 	dtrace_aggdesc_t *agg = aggdata->dtada_desc;
1183 	dtrace_aggvarid_t id = normal->dtnd_id;
1184 
1185 	if (agg->dtagd_nrecs == 0)
1186 		return (DTRACE_AGGWALK_NEXT);
1187 
1188 	if (agg->dtagd_varid != id)
1189 		return (DTRACE_AGGWALK_NEXT);
1190 
1191 	((dtrace_aggdata_t *)aggdata)->dtada_normal = normal->dtnd_normal;
1192 	return (DTRACE_AGGWALK_NORMALIZE);
1193 }
1194 
1195 static int
1196 dt_normalize(dtrace_hdl_t *dtp, caddr_t base, dtrace_recdesc_t *rec)
1197 {
1198 	dt_normal_t normal;
1199 	caddr_t addr;
1200 
1201 	/*
1202 	 * We (should) have two records:  the aggregation ID followed by the
1203 	 * normalization value.
1204 	 */
1205 	addr = base + rec->dtrd_offset;
1206 
1207 	if (rec->dtrd_size != sizeof (dtrace_aggvarid_t))
1208 		return (dt_set_errno(dtp, EDT_BADNORMAL));
1209 
1210 	/* LINTED - alignment */
1211 	normal.dtnd_id = *((dtrace_aggvarid_t *)addr);
1212 	rec++;
1213 
1214 	if (rec->dtrd_action != DTRACEACT_LIBACT)
1215 		return (dt_set_errno(dtp, EDT_BADNORMAL));
1216 
1217 	if (rec->dtrd_arg != DT_ACT_NORMALIZE)
1218 		return (dt_set_errno(dtp, EDT_BADNORMAL));
1219 
1220 	addr = base + rec->dtrd_offset;
1221 
1222 	switch (rec->dtrd_size) {
1223 	case sizeof (uint64_t):
1224 		/* LINTED - alignment */
1225 		normal.dtnd_normal = *((uint64_t *)addr);
1226 		break;
1227 	case sizeof (uint32_t):
1228 		/* LINTED - alignment */
1229 		normal.dtnd_normal = *((uint32_t *)addr);
1230 		break;
1231 	case sizeof (uint16_t):
1232 		/* LINTED - alignment */
1233 		normal.dtnd_normal = *((uint16_t *)addr);
1234 		break;
1235 	case sizeof (uint8_t):
1236 		normal.dtnd_normal = *((uint8_t *)addr);
1237 		break;
1238 	default:
1239 		return (dt_set_errno(dtp, EDT_BADNORMAL));
1240 	}
1241 
1242 	(void) dtrace_aggregate_walk(dtp, dt_normalize_agg, &normal);
1243 
1244 	return (0);
1245 }
1246 
1247 static int
1248 dt_denormalize_agg(const dtrace_aggdata_t *aggdata, void *arg)
1249 {
1250 	dtrace_aggdesc_t *agg = aggdata->dtada_desc;
1251 	dtrace_aggvarid_t id = *((dtrace_aggvarid_t *)arg);
1252 
1253 	if (agg->dtagd_nrecs == 0)
1254 		return (DTRACE_AGGWALK_NEXT);
1255 
1256 	if (agg->dtagd_varid != id)
1257 		return (DTRACE_AGGWALK_NEXT);
1258 
1259 	return (DTRACE_AGGWALK_DENORMALIZE);
1260 }
1261 
1262 static int
1263 dt_clear_agg(const dtrace_aggdata_t *aggdata, void *arg)
1264 {
1265 	dtrace_aggdesc_t *agg = aggdata->dtada_desc;
1266 	dtrace_aggvarid_t id = *((dtrace_aggvarid_t *)arg);
1267 
1268 	if (agg->dtagd_nrecs == 0)
1269 		return (DTRACE_AGGWALK_NEXT);
1270 
1271 	if (agg->dtagd_varid != id)
1272 		return (DTRACE_AGGWALK_NEXT);
1273 
1274 	return (DTRACE_AGGWALK_CLEAR);
1275 }
1276 
1277 typedef struct dt_trunc {
1278 	dtrace_aggvarid_t dttd_id;
1279 	uint64_t dttd_remaining;
1280 } dt_trunc_t;
1281 
1282 static int
1283 dt_trunc_agg(const dtrace_aggdata_t *aggdata, void *arg)
1284 {
1285 	dt_trunc_t *trunc = arg;
1286 	dtrace_aggdesc_t *agg = aggdata->dtada_desc;
1287 	dtrace_aggvarid_t id = trunc->dttd_id;
1288 
1289 	if (agg->dtagd_nrecs == 0)
1290 		return (DTRACE_AGGWALK_NEXT);
1291 
1292 	if (agg->dtagd_varid != id)
1293 		return (DTRACE_AGGWALK_NEXT);
1294 
1295 	if (trunc->dttd_remaining == 0)
1296 		return (DTRACE_AGGWALK_REMOVE);
1297 
1298 	trunc->dttd_remaining--;
1299 	return (DTRACE_AGGWALK_NEXT);
1300 }
1301 
1302 static int
1303 dt_trunc(dtrace_hdl_t *dtp, caddr_t base, dtrace_recdesc_t *rec)
1304 {
1305 	dt_trunc_t trunc;
1306 	caddr_t addr;
1307 	int64_t remaining;
1308 	int (*func)(dtrace_hdl_t *, dtrace_aggregate_f *, void *);
1309 
1310 	/*
1311 	 * We (should) have two records:  the aggregation ID followed by the
1312 	 * number of aggregation entries after which the aggregation is to be
1313 	 * truncated.
1314 	 */
1315 	addr = base + rec->dtrd_offset;
1316 
1317 	if (rec->dtrd_size != sizeof (dtrace_aggvarid_t))
1318 		return (dt_set_errno(dtp, EDT_BADTRUNC));
1319 
1320 	/* LINTED - alignment */
1321 	trunc.dttd_id = *((dtrace_aggvarid_t *)addr);
1322 	rec++;
1323 
1324 	if (rec->dtrd_action != DTRACEACT_LIBACT)
1325 		return (dt_set_errno(dtp, EDT_BADTRUNC));
1326 
1327 	if (rec->dtrd_arg != DT_ACT_TRUNC)
1328 		return (dt_set_errno(dtp, EDT_BADTRUNC));
1329 
1330 	addr = base + rec->dtrd_offset;
1331 
1332 	switch (rec->dtrd_size) {
1333 	case sizeof (uint64_t):
1334 		/* LINTED - alignment */
1335 		remaining = *((int64_t *)addr);
1336 		break;
1337 	case sizeof (uint32_t):
1338 		/* LINTED - alignment */
1339 		remaining = *((int32_t *)addr);
1340 		break;
1341 	case sizeof (uint16_t):
1342 		/* LINTED - alignment */
1343 		remaining = *((int16_t *)addr);
1344 		break;
1345 	case sizeof (uint8_t):
1346 		remaining = *((int8_t *)addr);
1347 		break;
1348 	default:
1349 		return (dt_set_errno(dtp, EDT_BADNORMAL));
1350 	}
1351 
1352 	if (remaining < 0) {
1353 		func = dtrace_aggregate_walk_valsorted;
1354 		remaining = -remaining;
1355 	} else {
1356 		func = dtrace_aggregate_walk_valrevsorted;
1357 	}
1358 
1359 	assert(remaining >= 0);
1360 	trunc.dttd_remaining = remaining;
1361 
1362 	(void) func(dtp, dt_trunc_agg, &trunc);
1363 
1364 	return (0);
1365 }
1366 
1367 static int
1368 dt_print_datum(dtrace_hdl_t *dtp, FILE *fp, dtrace_recdesc_t *rec,
1369     caddr_t addr, size_t size, uint64_t normal)
1370 {
1371 	int err;
1372 	dtrace_actkind_t act = rec->dtrd_action;
1373 
1374 	switch (act) {
1375 	case DTRACEACT_STACK:
1376 		return (dt_print_stack(dtp, fp, NULL, addr,
1377 		    rec->dtrd_arg, rec->dtrd_size / rec->dtrd_arg));
1378 
1379 	case DTRACEACT_USTACK:
1380 	case DTRACEACT_JSTACK:
1381 		return (dt_print_ustack(dtp, fp, NULL, addr, rec->dtrd_arg));
1382 
1383 	case DTRACEACT_USYM:
1384 	case DTRACEACT_UADDR:
1385 		return (dt_print_usym(dtp, fp, addr, act));
1386 
1387 	case DTRACEACT_UMOD:
1388 		return (dt_print_umod(dtp, fp, NULL, addr));
1389 
1390 	case DTRACEACT_SYM:
1391 		return (dt_print_sym(dtp, fp, NULL, addr));
1392 
1393 	case DTRACEACT_MOD:
1394 		return (dt_print_mod(dtp, fp, NULL, addr));
1395 
1396 	case DTRACEAGG_QUANTIZE:
1397 		return (dt_print_quantize(dtp, fp, addr, size, normal));
1398 
1399 	case DTRACEAGG_LQUANTIZE:
1400 		return (dt_print_lquantize(dtp, fp, addr, size, normal));
1401 
1402 	case DTRACEAGG_AVG:
1403 		return (dt_print_average(dtp, fp, addr, size, normal));
1404 
1405 	case DTRACEAGG_STDDEV:
1406 		return (dt_print_stddev(dtp, fp, addr, size, normal));
1407 
1408 	default:
1409 		break;
1410 	}
1411 
1412 	switch (size) {
1413 	case sizeof (uint64_t):
1414 		err = dt_printf(dtp, fp, " %16lld",
1415 		    /* LINTED - alignment */
1416 		    (long long)*((uint64_t *)addr) / normal);
1417 		break;
1418 	case sizeof (uint32_t):
1419 		/* LINTED - alignment */
1420 		err = dt_printf(dtp, fp, " %8d", *((uint32_t *)addr) /
1421 		    (uint32_t)normal);
1422 		break;
1423 	case sizeof (uint16_t):
1424 		/* LINTED - alignment */
1425 		err = dt_printf(dtp, fp, " %5d", *((uint16_t *)addr) /
1426 		    (uint32_t)normal);
1427 		break;
1428 	case sizeof (uint8_t):
1429 		err = dt_printf(dtp, fp, " %3d", *((uint8_t *)addr) /
1430 		    (uint32_t)normal);
1431 		break;
1432 	default:
1433 		err = dt_print_bytes(dtp, fp, addr, size, 50, 0);
1434 		break;
1435 	}
1436 
1437 	return (err);
1438 }
1439 
1440 int
1441 dt_print_aggs(const dtrace_aggdata_t **aggsdata, int naggvars, void *arg)
1442 {
1443 	int i, aggact = 0;
1444 	dt_print_aggdata_t *pd = arg;
1445 	const dtrace_aggdata_t *aggdata = aggsdata[0];
1446 	dtrace_aggdesc_t *agg = aggdata->dtada_desc;
1447 	FILE *fp = pd->dtpa_fp;
1448 	dtrace_hdl_t *dtp = pd->dtpa_dtp;
1449 	dtrace_recdesc_t *rec;
1450 	dtrace_actkind_t act;
1451 	caddr_t addr;
1452 	size_t size;
1453 
1454 	/*
1455 	 * Iterate over each record description in the key, printing the traced
1456 	 * data, skipping the first datum (the tuple member created by the
1457 	 * compiler).
1458 	 */
1459 	for (i = 1; i < agg->dtagd_nrecs; i++) {
1460 		rec = &agg->dtagd_rec[i];
1461 		act = rec->dtrd_action;
1462 		addr = aggdata->dtada_data + rec->dtrd_offset;
1463 		size = rec->dtrd_size;
1464 
1465 		if (DTRACEACT_ISAGG(act)) {
1466 			aggact = i;
1467 			break;
1468 		}
1469 
1470 		if (dt_print_datum(dtp, fp, rec, addr, size, 1) < 0)
1471 			return (-1);
1472 
1473 		if (dt_buffered_flush(dtp, NULL, rec, aggdata,
1474 		    DTRACE_BUFDATA_AGGKEY) < 0)
1475 			return (-1);
1476 	}
1477 
1478 	assert(aggact != 0);
1479 
1480 	for (i = (naggvars == 1 ? 0 : 1); i < naggvars; i++) {
1481 		uint64_t normal;
1482 
1483 		aggdata = aggsdata[i];
1484 		agg = aggdata->dtada_desc;
1485 		rec = &agg->dtagd_rec[aggact];
1486 		act = rec->dtrd_action;
1487 		addr = aggdata->dtada_data + rec->dtrd_offset;
1488 		size = rec->dtrd_size;
1489 
1490 		assert(DTRACEACT_ISAGG(act));
1491 		normal = aggdata->dtada_normal;
1492 
1493 		if (dt_print_datum(dtp, fp, rec, addr, size, normal) < 0)
1494 			return (-1);
1495 
1496 		if (dt_buffered_flush(dtp, NULL, rec, aggdata,
1497 		    DTRACE_BUFDATA_AGGVAL) < 0)
1498 			return (-1);
1499 
1500 		if (!pd->dtpa_allunprint)
1501 			agg->dtagd_flags |= DTRACE_AGD_PRINTED;
1502 	}
1503 
1504 	if (dt_printf(dtp, fp, "\n") < 0)
1505 		return (-1);
1506 
1507 	if (dt_buffered_flush(dtp, NULL, NULL, aggdata,
1508 	    DTRACE_BUFDATA_AGGFORMAT | DTRACE_BUFDATA_AGGLAST) < 0)
1509 		return (-1);
1510 
1511 	return (0);
1512 }
1513 
1514 int
1515 dt_print_agg(const dtrace_aggdata_t *aggdata, void *arg)
1516 {
1517 	dt_print_aggdata_t *pd = arg;
1518 	dtrace_aggdesc_t *agg = aggdata->dtada_desc;
1519 	dtrace_aggvarid_t aggvarid = pd->dtpa_id;
1520 
1521 	if (pd->dtpa_allunprint) {
1522 		if (agg->dtagd_flags & DTRACE_AGD_PRINTED)
1523 			return (0);
1524 	} else {
1525 		/*
1526 		 * If we're not printing all unprinted aggregations, then the
1527 		 * aggregation variable ID denotes a specific aggregation
1528 		 * variable that we should print -- skip any other aggregations
1529 		 * that we encounter.
1530 		 */
1531 		if (agg->dtagd_nrecs == 0)
1532 			return (0);
1533 
1534 		if (aggvarid != agg->dtagd_varid)
1535 			return (0);
1536 	}
1537 
1538 	return (dt_print_aggs(&aggdata, 1, arg));
1539 }
1540 
1541 int
1542 dt_setopt(dtrace_hdl_t *dtp, const dtrace_probedata_t *data,
1543     const char *option, const char *value)
1544 {
1545 	int len, rval;
1546 	char *msg;
1547 	const char *errstr;
1548 	dtrace_setoptdata_t optdata;
1549 
1550 	bzero(&optdata, sizeof (optdata));
1551 	(void) dtrace_getopt(dtp, option, &optdata.dtsda_oldval);
1552 
1553 	if (dtrace_setopt(dtp, option, value) == 0) {
1554 		(void) dtrace_getopt(dtp, option, &optdata.dtsda_newval);
1555 		optdata.dtsda_probe = data;
1556 		optdata.dtsda_option = option;
1557 		optdata.dtsda_handle = dtp;
1558 
1559 		if ((rval = dt_handle_setopt(dtp, &optdata)) != 0)
1560 			return (rval);
1561 
1562 		return (0);
1563 	}
1564 
1565 	errstr = dtrace_errmsg(dtp, dtrace_errno(dtp));
1566 	len = strlen(option) + strlen(value) + strlen(errstr) + 80;
1567 	msg = alloca(len);
1568 
1569 	(void) snprintf(msg, len, "couldn't set option \"%s\" to \"%s\": %s\n",
1570 	    option, value, errstr);
1571 
1572 	if ((rval = dt_handle_liberr(dtp, data, msg)) == 0)
1573 		return (0);
1574 
1575 	return (rval);
1576 }
1577 
1578 static int
1579 dt_consume_cpu(dtrace_hdl_t *dtp, FILE *fp, int cpu, dtrace_bufdesc_t *buf,
1580     dtrace_consume_probe_f *efunc, dtrace_consume_rec_f *rfunc, void *arg)
1581 {
1582 	dtrace_epid_t id;
1583 	size_t offs, start = buf->dtbd_oldest, end = buf->dtbd_size;
1584 	int flow = (dtp->dt_options[DTRACEOPT_FLOWINDENT] != DTRACEOPT_UNSET);
1585 	int quiet = (dtp->dt_options[DTRACEOPT_QUIET] != DTRACEOPT_UNSET);
1586 	int rval, i, n;
1587 	dtrace_epid_t last = DTRACE_EPIDNONE;
1588 	dtrace_probedata_t data;
1589 	uint64_t drops;
1590 	caddr_t addr;
1591 
1592 	bzero(&data, sizeof (data));
1593 	data.dtpda_handle = dtp;
1594 	data.dtpda_cpu = cpu;
1595 
1596 again:
1597 	for (offs = start; offs < end; ) {
1598 		dtrace_eprobedesc_t *epd;
1599 
1600 		/*
1601 		 * We're guaranteed to have an ID.
1602 		 */
1603 		id = *(uint32_t *)((uintptr_t)buf->dtbd_data + offs);
1604 
1605 		if (id == DTRACE_EPIDNONE) {
1606 			/*
1607 			 * This is filler to assure proper alignment of the
1608 			 * next record; we simply ignore it.
1609 			 */
1610 			offs += sizeof (id);
1611 			continue;
1612 		}
1613 
1614 		if ((rval = dt_epid_lookup(dtp, id, &data.dtpda_edesc,
1615 		    &data.dtpda_pdesc)) != 0)
1616 			return (rval);
1617 
1618 		epd = data.dtpda_edesc;
1619 		data.dtpda_data = buf->dtbd_data + offs;
1620 
1621 		if (data.dtpda_edesc->dtepd_uarg != DT_ECB_DEFAULT) {
1622 			rval = dt_handle(dtp, &data);
1623 
1624 			if (rval == DTRACE_CONSUME_NEXT)
1625 				goto nextepid;
1626 
1627 			if (rval == DTRACE_CONSUME_ERROR)
1628 				return (-1);
1629 		}
1630 
1631 		if (flow)
1632 			(void) dt_flowindent(dtp, &data, last, buf, offs);
1633 
1634 		rval = (*efunc)(&data, arg);
1635 
1636 		if (flow) {
1637 			if (data.dtpda_flow == DTRACEFLOW_ENTRY)
1638 				data.dtpda_indent += 2;
1639 		}
1640 
1641 		if (rval == DTRACE_CONSUME_NEXT)
1642 			goto nextepid;
1643 
1644 		if (rval == DTRACE_CONSUME_ABORT)
1645 			return (dt_set_errno(dtp, EDT_DIRABORT));
1646 
1647 		if (rval != DTRACE_CONSUME_THIS)
1648 			return (dt_set_errno(dtp, EDT_BADRVAL));
1649 
1650 		for (i = 0; i < epd->dtepd_nrecs; i++) {
1651 			dtrace_recdesc_t *rec = &epd->dtepd_rec[i];
1652 			dtrace_actkind_t act = rec->dtrd_action;
1653 
1654 			data.dtpda_data = buf->dtbd_data + offs +
1655 			    rec->dtrd_offset;
1656 			addr = data.dtpda_data;
1657 
1658 			if (act == DTRACEACT_LIBACT) {
1659 				uint64_t arg = rec->dtrd_arg;
1660 				dtrace_aggvarid_t id;
1661 
1662 				switch (arg) {
1663 				case DT_ACT_CLEAR:
1664 					/* LINTED - alignment */
1665 					id = *((dtrace_aggvarid_t *)addr);
1666 					(void) dtrace_aggregate_walk(dtp,
1667 					    dt_clear_agg, &id);
1668 					continue;
1669 
1670 				case DT_ACT_DENORMALIZE:
1671 					/* LINTED - alignment */
1672 					id = *((dtrace_aggvarid_t *)addr);
1673 					(void) dtrace_aggregate_walk(dtp,
1674 					    dt_denormalize_agg, &id);
1675 					continue;
1676 
1677 				case DT_ACT_FTRUNCATE:
1678 					if (fp == NULL)
1679 						continue;
1680 
1681 					(void) fflush(fp);
1682 					(void) ftruncate(fileno(fp), 0);
1683 					(void) fseeko(fp, 0, SEEK_SET);
1684 					continue;
1685 
1686 				case DT_ACT_NORMALIZE:
1687 					if (i == epd->dtepd_nrecs - 1)
1688 						return (dt_set_errno(dtp,
1689 						    EDT_BADNORMAL));
1690 
1691 					if (dt_normalize(dtp,
1692 					    buf->dtbd_data + offs, rec) != 0)
1693 						return (-1);
1694 
1695 					i++;
1696 					continue;
1697 
1698 				case DT_ACT_SETOPT: {
1699 					uint64_t *opts = dtp->dt_options;
1700 					dtrace_recdesc_t *valrec;
1701 					uint32_t valsize;
1702 					caddr_t val;
1703 					int rv;
1704 
1705 					if (i == epd->dtepd_nrecs - 1) {
1706 						return (dt_set_errno(dtp,
1707 						    EDT_BADSETOPT));
1708 					}
1709 
1710 					valrec = &epd->dtepd_rec[++i];
1711 					valsize = valrec->dtrd_size;
1712 
1713 					if (valrec->dtrd_action != act ||
1714 					    valrec->dtrd_arg != arg) {
1715 						return (dt_set_errno(dtp,
1716 						    EDT_BADSETOPT));
1717 					}
1718 
1719 					if (valsize > sizeof (uint64_t)) {
1720 						val = buf->dtbd_data + offs +
1721 						    valrec->dtrd_offset;
1722 					} else {
1723 						val = "1";
1724 					}
1725 
1726 					rv = dt_setopt(dtp, &data, addr, val);
1727 
1728 					if (rv != 0)
1729 						return (-1);
1730 
1731 					flow = (opts[DTRACEOPT_FLOWINDENT] !=
1732 					    DTRACEOPT_UNSET);
1733 					quiet = (opts[DTRACEOPT_QUIET] !=
1734 					    DTRACEOPT_UNSET);
1735 
1736 					continue;
1737 				}
1738 
1739 				case DT_ACT_TRUNC:
1740 					if (i == epd->dtepd_nrecs - 1)
1741 						return (dt_set_errno(dtp,
1742 						    EDT_BADTRUNC));
1743 
1744 					if (dt_trunc(dtp,
1745 					    buf->dtbd_data + offs, rec) != 0)
1746 						return (-1);
1747 
1748 					i++;
1749 					continue;
1750 
1751 				default:
1752 					continue;
1753 				}
1754 			}
1755 
1756 			rval = (*rfunc)(&data, rec, arg);
1757 
1758 			if (rval == DTRACE_CONSUME_NEXT)
1759 				continue;
1760 
1761 			if (rval == DTRACE_CONSUME_ABORT)
1762 				return (dt_set_errno(dtp, EDT_DIRABORT));
1763 
1764 			if (rval != DTRACE_CONSUME_THIS)
1765 				return (dt_set_errno(dtp, EDT_BADRVAL));
1766 
1767 			if (act == DTRACEACT_STACK) {
1768 				int depth = rec->dtrd_arg;
1769 
1770 				if (dt_print_stack(dtp, fp, NULL, addr, depth,
1771 				    rec->dtrd_size / depth) < 0)
1772 					return (-1);
1773 				goto nextrec;
1774 			}
1775 
1776 			if (act == DTRACEACT_USTACK ||
1777 			    act == DTRACEACT_JSTACK) {
1778 				if (dt_print_ustack(dtp, fp, NULL,
1779 				    addr, rec->dtrd_arg) < 0)
1780 					return (-1);
1781 				goto nextrec;
1782 			}
1783 
1784 			if (act == DTRACEACT_SYM) {
1785 				if (dt_print_sym(dtp, fp, NULL, addr) < 0)
1786 					return (-1);
1787 				goto nextrec;
1788 			}
1789 
1790 			if (act == DTRACEACT_MOD) {
1791 				if (dt_print_mod(dtp, fp, NULL, addr) < 0)
1792 					return (-1);
1793 				goto nextrec;
1794 			}
1795 
1796 			if (act == DTRACEACT_USYM || act == DTRACEACT_UADDR) {
1797 				if (dt_print_usym(dtp, fp, addr, act) < 0)
1798 					return (-1);
1799 				goto nextrec;
1800 			}
1801 
1802 			if (act == DTRACEACT_UMOD) {
1803 				if (dt_print_umod(dtp, fp, NULL, addr) < 0)
1804 					return (-1);
1805 				goto nextrec;
1806 			}
1807 
1808 			if (DTRACEACT_ISPRINTFLIKE(act)) {
1809 				void *fmtdata;
1810 				int (*func)(dtrace_hdl_t *, FILE *, void *,
1811 				    const dtrace_probedata_t *,
1812 				    const dtrace_recdesc_t *, uint_t,
1813 				    const void *buf, size_t);
1814 
1815 				if ((fmtdata = dt_format_lookup(dtp,
1816 				    rec->dtrd_format)) == NULL)
1817 					goto nofmt;
1818 
1819 				switch (act) {
1820 				case DTRACEACT_PRINTF:
1821 					func = dtrace_fprintf;
1822 					break;
1823 				case DTRACEACT_PRINTA:
1824 					func = dtrace_fprinta;
1825 					break;
1826 				case DTRACEACT_SYSTEM:
1827 					func = dtrace_system;
1828 					break;
1829 				case DTRACEACT_FREOPEN:
1830 					func = dtrace_freopen;
1831 					break;
1832 				}
1833 
1834 				n = (*func)(dtp, fp, fmtdata, &data,
1835 				    rec, epd->dtepd_nrecs - i,
1836 				    (uchar_t *)buf->dtbd_data + offs,
1837 				    buf->dtbd_size - offs);
1838 
1839 				if (n < 0)
1840 					return (-1); /* errno is set for us */
1841 
1842 				if (n > 0)
1843 					i += n - 1;
1844 				goto nextrec;
1845 			}
1846 
1847 nofmt:
1848 			if (act == DTRACEACT_PRINTA) {
1849 				dt_print_aggdata_t pd;
1850 				dtrace_aggvarid_t *aggvars;
1851 				int j, naggvars = 0;
1852 				size_t size = ((epd->dtepd_nrecs - i) *
1853 				    sizeof (dtrace_aggvarid_t));
1854 
1855 				if ((aggvars = dt_alloc(dtp, size)) == NULL)
1856 					return (-1);
1857 
1858 				/*
1859 				 * This might be a printa() with multiple
1860 				 * aggregation variables.  We need to scan
1861 				 * forward through the records until we find
1862 				 * a record from a different statement.
1863 				 */
1864 				for (j = i; j < epd->dtepd_nrecs; j++) {
1865 					dtrace_recdesc_t *nrec;
1866 					caddr_t naddr;
1867 
1868 					nrec = &epd->dtepd_rec[j];
1869 
1870 					if (nrec->dtrd_uarg != rec->dtrd_uarg)
1871 						break;
1872 
1873 					if (nrec->dtrd_action != act) {
1874 						return (dt_set_errno(dtp,
1875 						    EDT_BADAGG));
1876 					}
1877 
1878 					naddr = buf->dtbd_data + offs +
1879 					    nrec->dtrd_offset;
1880 
1881 					aggvars[naggvars++] =
1882 					    /* LINTED - alignment */
1883 					    *((dtrace_aggvarid_t *)naddr);
1884 				}
1885 
1886 				i = j - 1;
1887 				bzero(&pd, sizeof (pd));
1888 				pd.dtpa_dtp = dtp;
1889 				pd.dtpa_fp = fp;
1890 
1891 				assert(naggvars >= 1);
1892 
1893 				if (naggvars == 1) {
1894 					pd.dtpa_id = aggvars[0];
1895 					dt_free(dtp, aggvars);
1896 
1897 					if (dt_printf(dtp, fp, "\n") < 0 ||
1898 					    dtrace_aggregate_walk_sorted(dtp,
1899 					    dt_print_agg, &pd) < 0)
1900 						return (-1);
1901 					goto nextrec;
1902 				}
1903 
1904 				if (dt_printf(dtp, fp, "\n") < 0 ||
1905 				    dtrace_aggregate_walk_joined(dtp, aggvars,
1906 				    naggvars, dt_print_aggs, &pd) < 0) {
1907 					dt_free(dtp, aggvars);
1908 					return (-1);
1909 				}
1910 
1911 				dt_free(dtp, aggvars);
1912 				goto nextrec;
1913 			}
1914 
1915 			switch (rec->dtrd_size) {
1916 			case sizeof (uint64_t):
1917 				n = dt_printf(dtp, fp,
1918 				    quiet ? "%lld" : " %16lld",
1919 				    /* LINTED - alignment */
1920 				    *((unsigned long long *)addr));
1921 				break;
1922 			case sizeof (uint32_t):
1923 				n = dt_printf(dtp, fp, quiet ? "%d" : " %8d",
1924 				    /* LINTED - alignment */
1925 				    *((uint32_t *)addr));
1926 				break;
1927 			case sizeof (uint16_t):
1928 				n = dt_printf(dtp, fp, quiet ? "%d" : " %5d",
1929 				    /* LINTED - alignment */
1930 				    *((uint16_t *)addr));
1931 				break;
1932 			case sizeof (uint8_t):
1933 				n = dt_printf(dtp, fp, quiet ? "%d" : " %3d",
1934 				    *((uint8_t *)addr));
1935 				break;
1936 			default:
1937 				n = dt_print_bytes(dtp, fp, addr,
1938 				    rec->dtrd_size, 33, quiet);
1939 				break;
1940 			}
1941 
1942 			if (n < 0)
1943 				return (-1); /* errno is set for us */
1944 
1945 nextrec:
1946 			if (dt_buffered_flush(dtp, &data, rec, NULL, 0) < 0)
1947 				return (-1); /* errno is set for us */
1948 		}
1949 
1950 		/*
1951 		 * Call the record callback with a NULL record to indicate
1952 		 * that we're done processing this EPID.
1953 		 */
1954 		rval = (*rfunc)(&data, NULL, arg);
1955 nextepid:
1956 		offs += epd->dtepd_size;
1957 		last = id;
1958 	}
1959 
1960 	if (buf->dtbd_oldest != 0 && start == buf->dtbd_oldest) {
1961 		end = buf->dtbd_oldest;
1962 		start = 0;
1963 		goto again;
1964 	}
1965 
1966 	if ((drops = buf->dtbd_drops) == 0)
1967 		return (0);
1968 
1969 	/*
1970 	 * Explicitly zero the drops to prevent us from processing them again.
1971 	 */
1972 	buf->dtbd_drops = 0;
1973 
1974 	return (dt_handle_cpudrop(dtp, cpu, DTRACEDROP_PRINCIPAL, drops));
1975 }
1976 
1977 typedef struct dt_begin {
1978 	dtrace_consume_probe_f *dtbgn_probefunc;
1979 	dtrace_consume_rec_f *dtbgn_recfunc;
1980 	void *dtbgn_arg;
1981 	dtrace_handle_err_f *dtbgn_errhdlr;
1982 	void *dtbgn_errarg;
1983 	int dtbgn_beginonly;
1984 } dt_begin_t;
1985 
1986 static int
1987 dt_consume_begin_probe(const dtrace_probedata_t *data, void *arg)
1988 {
1989 	dt_begin_t *begin = (dt_begin_t *)arg;
1990 	dtrace_probedesc_t *pd = data->dtpda_pdesc;
1991 
1992 	int r1 = (strcmp(pd->dtpd_provider, "dtrace") == 0);
1993 	int r2 = (strcmp(pd->dtpd_name, "BEGIN") == 0);
1994 
1995 	if (begin->dtbgn_beginonly) {
1996 		if (!(r1 && r2))
1997 			return (DTRACE_CONSUME_NEXT);
1998 	} else {
1999 		if (r1 && r2)
2000 			return (DTRACE_CONSUME_NEXT);
2001 	}
2002 
2003 	/*
2004 	 * We have a record that we're interested in.  Now call the underlying
2005 	 * probe function...
2006 	 */
2007 	return (begin->dtbgn_probefunc(data, begin->dtbgn_arg));
2008 }
2009 
2010 static int
2011 dt_consume_begin_record(const dtrace_probedata_t *data,
2012     const dtrace_recdesc_t *rec, void *arg)
2013 {
2014 	dt_begin_t *begin = (dt_begin_t *)arg;
2015 
2016 	return (begin->dtbgn_recfunc(data, rec, begin->dtbgn_arg));
2017 }
2018 
2019 static int
2020 dt_consume_begin_error(const dtrace_errdata_t *data, void *arg)
2021 {
2022 	dt_begin_t *begin = (dt_begin_t *)arg;
2023 	dtrace_probedesc_t *pd = data->dteda_pdesc;
2024 
2025 	int r1 = (strcmp(pd->dtpd_provider, "dtrace") == 0);
2026 	int r2 = (strcmp(pd->dtpd_name, "BEGIN") == 0);
2027 
2028 	if (begin->dtbgn_beginonly) {
2029 		if (!(r1 && r2))
2030 			return (DTRACE_HANDLE_OK);
2031 	} else {
2032 		if (r1 && r2)
2033 			return (DTRACE_HANDLE_OK);
2034 	}
2035 
2036 	return (begin->dtbgn_errhdlr(data, begin->dtbgn_errarg));
2037 }
2038 
2039 static int
2040 dt_consume_begin(dtrace_hdl_t *dtp, FILE *fp, dtrace_bufdesc_t *buf,
2041     dtrace_consume_probe_f *pf, dtrace_consume_rec_f *rf, void *arg)
2042 {
2043 	/*
2044 	 * There's this idea that the BEGIN probe should be processed before
2045 	 * everything else, and that the END probe should be processed after
2046 	 * anything else.  In the common case, this is pretty easy to deal
2047 	 * with.  However, a situation may arise where the BEGIN enabling and
2048 	 * END enabling are on the same CPU, and some enabling in the middle
2049 	 * occurred on a different CPU.  To deal with this (blech!) we need to
2050 	 * consume the BEGIN buffer up until the end of the BEGIN probe, and
2051 	 * then set it aside.  We will then process every other CPU, and then
2052 	 * we'll return to the BEGIN CPU and process the rest of the data
2053 	 * (which will inevitably include the END probe, if any).  Making this
2054 	 * even more complicated (!) is the library's ERROR enabling.  Because
2055 	 * this enabling is processed before we even get into the consume call
2056 	 * back, any ERROR firing would result in the library's ERROR enabling
2057 	 * being processed twice -- once in our first pass (for BEGIN probes),
2058 	 * and again in our second pass (for everything but BEGIN probes).  To
2059 	 * deal with this, we interpose on the ERROR handler to assure that we
2060 	 * only process ERROR enablings induced by BEGIN enablings in the
2061 	 * first pass, and that we only process ERROR enablings _not_ induced
2062 	 * by BEGIN enablings in the second pass.
2063 	 */
2064 	dt_begin_t begin;
2065 	processorid_t cpu = dtp->dt_beganon;
2066 	dtrace_bufdesc_t nbuf;
2067 	int rval, i;
2068 	static int max_ncpus;
2069 	dtrace_optval_t size;
2070 
2071 	dtp->dt_beganon = -1;
2072 
2073 	if (dt_ioctl(dtp, DTRACEIOC_BUFSNAP, buf) == -1) {
2074 		/*
2075 		 * We really don't expect this to fail, but it is at least
2076 		 * technically possible for this to fail with ENOENT.  In this
2077 		 * case, we just drive on...
2078 		 */
2079 		if (errno == ENOENT)
2080 			return (0);
2081 
2082 		return (dt_set_errno(dtp, errno));
2083 	}
2084 
2085 	if (!dtp->dt_stopped || buf->dtbd_cpu != dtp->dt_endedon) {
2086 		/*
2087 		 * This is the simple case.  We're either not stopped, or if
2088 		 * we are, we actually processed any END probes on another
2089 		 * CPU.  We can simply consume this buffer and return.
2090 		 */
2091 		return (dt_consume_cpu(dtp, fp, cpu, buf, pf, rf, arg));
2092 	}
2093 
2094 	begin.dtbgn_probefunc = pf;
2095 	begin.dtbgn_recfunc = rf;
2096 	begin.dtbgn_arg = arg;
2097 	begin.dtbgn_beginonly = 1;
2098 
2099 	/*
2100 	 * We need to interpose on the ERROR handler to be sure that we
2101 	 * only process ERRORs induced by BEGIN.
2102 	 */
2103 	begin.dtbgn_errhdlr = dtp->dt_errhdlr;
2104 	begin.dtbgn_errarg = dtp->dt_errarg;
2105 	dtp->dt_errhdlr = dt_consume_begin_error;
2106 	dtp->dt_errarg = &begin;
2107 
2108 	rval = dt_consume_cpu(dtp, fp, cpu, buf, dt_consume_begin_probe,
2109 	    dt_consume_begin_record, &begin);
2110 
2111 	dtp->dt_errhdlr = begin.dtbgn_errhdlr;
2112 	dtp->dt_errarg = begin.dtbgn_errarg;
2113 
2114 	if (rval != 0)
2115 		return (rval);
2116 
2117 	/*
2118 	 * Now allocate a new buffer.  We'll use this to deal with every other
2119 	 * CPU.
2120 	 */
2121 	bzero(&nbuf, sizeof (dtrace_bufdesc_t));
2122 	(void) dtrace_getopt(dtp, "bufsize", &size);
2123 	if ((nbuf.dtbd_data = malloc(size)) == NULL)
2124 		return (dt_set_errno(dtp, EDT_NOMEM));
2125 
2126 	if (max_ncpus == 0)
2127 		max_ncpus = dt_sysconf(dtp, _SC_CPUID_MAX) + 1;
2128 
2129 	for (i = 0; i < max_ncpus; i++) {
2130 		nbuf.dtbd_cpu = i;
2131 
2132 		if (i == cpu)
2133 			continue;
2134 
2135 		if (dt_ioctl(dtp, DTRACEIOC_BUFSNAP, &nbuf) == -1) {
2136 			/*
2137 			 * If we failed with ENOENT, it may be because the
2138 			 * CPU was unconfigured -- this is okay.  Any other
2139 			 * error, however, is unexpected.
2140 			 */
2141 			if (errno == ENOENT)
2142 				continue;
2143 
2144 			free(nbuf.dtbd_data);
2145 
2146 			return (dt_set_errno(dtp, errno));
2147 		}
2148 
2149 		if ((rval = dt_consume_cpu(dtp, fp,
2150 		    i, &nbuf, pf, rf, arg)) != 0) {
2151 			free(nbuf.dtbd_data);
2152 			return (rval);
2153 		}
2154 	}
2155 
2156 	free(nbuf.dtbd_data);
2157 
2158 	/*
2159 	 * Okay -- we're done with the other buffers.  Now we want to
2160 	 * reconsume the first buffer -- but this time we're looking for
2161 	 * everything _but_ BEGIN.  And of course, in order to only consume
2162 	 * those ERRORs _not_ associated with BEGIN, we need to reinstall our
2163 	 * ERROR interposition function...
2164 	 */
2165 	begin.dtbgn_beginonly = 0;
2166 
2167 	assert(begin.dtbgn_errhdlr == dtp->dt_errhdlr);
2168 	assert(begin.dtbgn_errarg == dtp->dt_errarg);
2169 	dtp->dt_errhdlr = dt_consume_begin_error;
2170 	dtp->dt_errarg = &begin;
2171 
2172 	rval = dt_consume_cpu(dtp, fp, cpu, buf, dt_consume_begin_probe,
2173 	    dt_consume_begin_record, &begin);
2174 
2175 	dtp->dt_errhdlr = begin.dtbgn_errhdlr;
2176 	dtp->dt_errarg = begin.dtbgn_errarg;
2177 
2178 	return (rval);
2179 }
2180 
2181 int
2182 dtrace_consume(dtrace_hdl_t *dtp, FILE *fp,
2183     dtrace_consume_probe_f *pf, dtrace_consume_rec_f *rf, void *arg)
2184 {
2185 	dtrace_bufdesc_t *buf = &dtp->dt_buf;
2186 	dtrace_optval_t size;
2187 	static int max_ncpus;
2188 	int i, rval;
2189 	dtrace_optval_t interval = dtp->dt_options[DTRACEOPT_SWITCHRATE];
2190 	hrtime_t now = gethrtime();
2191 
2192 	if (dtp->dt_lastswitch != 0) {
2193 		if (now - dtp->dt_lastswitch < interval)
2194 			return (0);
2195 
2196 		dtp->dt_lastswitch += interval;
2197 	} else {
2198 		dtp->dt_lastswitch = now;
2199 	}
2200 
2201 	if (!dtp->dt_active)
2202 		return (dt_set_errno(dtp, EINVAL));
2203 
2204 	if (max_ncpus == 0)
2205 		max_ncpus = dt_sysconf(dtp, _SC_CPUID_MAX) + 1;
2206 
2207 	if (pf == NULL)
2208 		pf = (dtrace_consume_probe_f *)dt_nullprobe;
2209 
2210 	if (rf == NULL)
2211 		rf = (dtrace_consume_rec_f *)dt_nullrec;
2212 
2213 	if (buf->dtbd_data == NULL) {
2214 		(void) dtrace_getopt(dtp, "bufsize", &size);
2215 		if ((buf->dtbd_data = malloc(size)) == NULL)
2216 			return (dt_set_errno(dtp, EDT_NOMEM));
2217 
2218 		buf->dtbd_size = size;
2219 	}
2220 
2221 	/*
2222 	 * If we have just begun, we want to first process the CPU that
2223 	 * executed the BEGIN probe (if any).
2224 	 */
2225 	if (dtp->dt_active && dtp->dt_beganon != -1) {
2226 		buf->dtbd_cpu = dtp->dt_beganon;
2227 		if ((rval = dt_consume_begin(dtp, fp, buf, pf, rf, arg)) != 0)
2228 			return (rval);
2229 	}
2230 
2231 	for (i = 0; i < max_ncpus; i++) {
2232 		buf->dtbd_cpu = i;
2233 
2234 		/*
2235 		 * If we have stopped, we want to process the CPU on which the
2236 		 * END probe was processed only _after_ we have processed
2237 		 * everything else.
2238 		 */
2239 		if (dtp->dt_stopped && (i == dtp->dt_endedon))
2240 			continue;
2241 
2242 		if (dt_ioctl(dtp, DTRACEIOC_BUFSNAP, buf) == -1) {
2243 			/*
2244 			 * If we failed with ENOENT, it may be because the
2245 			 * CPU was unconfigured -- this is okay.  Any other
2246 			 * error, however, is unexpected.
2247 			 */
2248 			if (errno == ENOENT)
2249 				continue;
2250 
2251 			return (dt_set_errno(dtp, errno));
2252 		}
2253 
2254 		if ((rval = dt_consume_cpu(dtp, fp, i, buf, pf, rf, arg)) != 0)
2255 			return (rval);
2256 	}
2257 
2258 	if (!dtp->dt_stopped)
2259 		return (0);
2260 
2261 	buf->dtbd_cpu = dtp->dt_endedon;
2262 
2263 	if (dt_ioctl(dtp, DTRACEIOC_BUFSNAP, buf) == -1) {
2264 		/*
2265 		 * This _really_ shouldn't fail, but it is strictly speaking
2266 		 * possible for this to return ENOENT if the CPU that called
2267 		 * the END enabling somehow managed to become unconfigured.
2268 		 * It's unclear how the user can possibly expect anything
2269 		 * rational to happen in this case -- the state has been thrown
2270 		 * out along with the unconfigured CPU -- so we'll just drive
2271 		 * on...
2272 		 */
2273 		if (errno == ENOENT)
2274 			return (0);
2275 
2276 		return (dt_set_errno(dtp, errno));
2277 	}
2278 
2279 	return (dt_consume_cpu(dtp, fp, dtp->dt_endedon, buf, pf, rf, arg));
2280 }
2281