4 * The contents of this file are subject to the terms of the
5 * Common Development and Distribution License (the "License").
6 * You may not use this file except in compliance with the License.
8 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
9 * or http://www.opensolaris.org/os/licensing.
10 * See the License for the specific language governing permissions
11 * and limitations under the License.
13 * When distributing Covered Code, include this CDDL HEADER in each
14 * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
15 * If applicable, add the following below this CDDL HEADER, with the
16 * fields enclosed by brackets "[]" replaced with your own identifying
17 * information: Portions Copyright [yyyy] [name of copyright owner]
22 * Copyright (c) 1990, 2010, Oracle and/or its affiliates. All rights reserved.
23 * Copyright 2017 Joyent, Inc.
27 * Mdb kernel support module. This module is loaded automatically when the
28 * kvm target is initialized. Any global functions declared here are exported
29 * for the resolution of symbols in subsequently loaded modules.
31 * WARNING: Do not assume that static variables in mdb_ks will be initialized
35 #include <mdb/mdb_target.h>
36 #include <mdb/mdb_param.h>
37 #include <mdb/mdb_modapi.h>
38 #include <mdb/mdb_ks.h>
40 #include <sys/types.h>
41 #include <sys/procfs.h>
44 #include <sys/autoconf.h>
45 #include <sys/machelf.h>
46 #include <sys/modctl.h>
47 #include <sys/hwconf.h>
49 #include <sys/fs/autofs.h>
50 #include <sys/ddi_impldefs.h>
51 #include <sys/refstr_impl.h>
52 #include <sys/cpuvar.h>
54 #include <sys/clock_impl.h>
58 #include <vm/seg_vn.h>
61 #define MDB_PATH_NELEM 256 /* Maximum path components */
63 typedef struct mdb_path
{
64 size_t mdp_nelem
; /* Number of components */
65 uint_t mdp_complete
; /* Path completely resolved? */
66 uintptr_t mdp_vnode
[MDB_PATH_NELEM
]; /* Array of vnode_t addresses */
67 char *mdp_name
[MDB_PATH_NELEM
]; /* Array of name components */
70 static int mdb_autonode2path(uintptr_t, mdb_path_t
*);
71 static int mdb_sprintpath(char *, size_t, mdb_path_t
*);
74 * Kernel parameters from <sys/param.h> which we keep in-core:
76 unsigned long _mdb_ks_pagesize
;
77 unsigned int _mdb_ks_pageshift
;
78 unsigned long _mdb_ks_pageoffset
;
79 unsigned long long _mdb_ks_pagemask
;
80 unsigned long _mdb_ks_mmu_pagesize
;
81 unsigned int _mdb_ks_mmu_pageshift
;
82 unsigned long _mdb_ks_mmu_pageoffset
;
83 unsigned long _mdb_ks_mmu_pagemask
;
84 uintptr_t _mdb_ks_kernelbase
;
85 uintptr_t _mdb_ks_userlimit
;
86 uintptr_t _mdb_ks_userlimit32
;
87 uintptr_t _mdb_ks_argsbase
;
88 unsigned long _mdb_ks_msg_bsize
;
89 unsigned long _mdb_ks_defaultstksz
;
91 int _mdb_ks_ncpu_log2
;
95 * In-core copy of DNLC information:
97 #define MDB_DNLC_HSIZE 1024
98 #define MDB_DNLC_HASH(vp) (((uintptr_t)(vp) >> 3) & (MDB_DNLC_HSIZE - 1))
99 #define MDB_DNLC_NCACHE_SZ(ncp) (sizeof (ncache_t) + (ncp)->namlen)
100 #define MDB_DNLC_MAX_RETRY 4
102 static ncache_t
**dnlc_hash
; /* mdbs hash array of dnlc entries */
105 * STREAMS queue registrations:
107 typedef struct mdb_qinfo
{
108 const mdb_qops_t
*qi_ops
; /* Address of ops vector */
109 uintptr_t qi_addr
; /* Address of qinit structure (key) */
110 struct mdb_qinfo
*qi_next
; /* Next qinfo in list */
113 static mdb_qinfo_t
*qi_head
; /* Head of qinfo chain */
116 * Device naming callback structure:
118 typedef struct nm_query
{
119 const char *nm_name
; /* Device driver name [in/out] */
120 major_t nm_major
; /* Device major number [in/out] */
121 ushort_t nm_found
; /* Did we find a match? [out] */
125 * Address-to-modctl callback structure:
127 typedef struct a2m_query
{
128 uintptr_t a2m_addr
; /* Virtual address [in] */
129 uintptr_t a2m_where
; /* Modctl address [out] */
133 * Segment-to-mdb_map callback structure:
136 struct seg_ops
*asm_segvn_ops
; /* Address of segvn ops [in] */
137 void (*asm_callback
)(const struct mdb_map
*, void *); /* Callb [in] */
138 void *asm_cbdata
; /* Callback data [in] */
144 ncache_t
*ncp
, *next
;
147 if (dnlc_hash
== NULL
) {
152 * Free up current dnlc entries
154 for (i
= 0; i
< MDB_DNLC_HSIZE
; i
++) {
155 for (ncp
= dnlc_hash
[i
]; ncp
; ncp
= next
) {
156 next
= ncp
->hash_next
;
157 mdb_free(ncp
, MDB_DNLC_NCACHE_SZ(ncp
));
160 mdb_free(dnlc_hash
, MDB_DNLC_HSIZE
* sizeof (ncache_t
*));
164 char bad_dnlc
[] = "inconsistent dnlc chain: %d, ncache va: %p"
165 " - continuing with the rest\n";
170 int i
; /* hash index */
172 int skip_bad_chains
= 0;
173 int nc_hashsz
; /* kernel hash array size */
174 uintptr_t nc_hash_addr
; /* kernel va of ncache hash array */
175 uintptr_t head
; /* kernel va of head of hash chain */
178 * If we've already cached the DNLC and we're looking at a dump,
179 * our cache is good forever, so don't bother re-loading.
181 if (dnlc_hash
&& mdb_prop_postmortem
) {
186 * For a core dump, retries wont help.
187 * Just print and skip any bad chains.
189 if (mdb_prop_postmortem
) {
193 if (retry_cnt
++ >= MDB_DNLC_MAX_RETRY
) {
195 * Give up retrying the rapidly changing dnlc.
196 * Just print and skip any bad chains
201 dnlc_free(); /* Free up the mdb hashed dnlc - if any */
204 * Although nc_hashsz and the location of nc_hash doesn't currently
205 * change, it may do in the future with a more dynamic dnlc.
206 * So always read these values afresh.
208 if (mdb_readvar(&nc_hashsz
, "nc_hashsz") == -1) {
209 mdb_warn("failed to read nc_hashsz");
212 if (mdb_readvar(&nc_hash_addr
, "nc_hash") == -1) {
213 mdb_warn("failed to read nc_hash");
218 * Allocate the mdb dnlc hash array
220 dnlc_hash
= mdb_zalloc(MDB_DNLC_HSIZE
* sizeof (ncache_t
*), UM_SLEEP
);
222 /* for each kernel hash chain */
223 for (i
= 0, head
= nc_hash_addr
; i
< nc_hashsz
;
224 i
++, head
+= sizeof (nc_hash_t
)) {
225 nc_hash_t nch
; /* kernel hash chain header */
226 ncache_t
*ncp
; /* name cache pointer */
227 int hash
; /* mdb hash value */
228 uintptr_t nc_va
; /* kernel va of next ncache */
229 uintptr_t ncprev_va
; /* kernel va of previous ncache */
230 int khash
; /* kernel dnlc hash value */
231 uchar_t namelen
; /* name length */
232 ncache_t nc
; /* name cache entry */
233 int nc_size
; /* size of a name cache entry */
236 * We read each element of the nc_hash array individually
237 * just before we process the entries in its chain. This is
238 * because the chain can change so rapidly on a running system.
240 if (mdb_vread(&nch
, sizeof (nc_hash_t
), head
) == -1) {
241 mdb_warn("failed to read nc_hash chain header %d", i
);
247 nc_va
= (uintptr_t)(nch
.hash_next
);
248 /* for each entry in the chain */
249 while (nc_va
!= head
) {
251 * The size of the ncache entries varies
252 * because the name is appended to the structure.
253 * So we read in the structure then re-read
254 * for the structure plus name.
256 if (mdb_vread(&nc
, sizeof (ncache_t
), nc_va
) == -1) {
257 if (skip_bad_chains
) {
258 mdb_warn(bad_dnlc
, i
, nc_va
);
263 nc_size
= MDB_DNLC_NCACHE_SZ(&nc
);
264 ncp
= mdb_alloc(nc_size
, UM_SLEEP
);
265 if (mdb_vread(ncp
, nc_size
- 1, nc_va
) == -1) {
266 mdb_free(ncp
, nc_size
);
267 if (skip_bad_chains
) {
268 mdb_warn(bad_dnlc
, i
, nc_va
);
275 * Check for chain consistency
277 if ((uintptr_t)ncp
->hash_prev
!= ncprev_va
) {
278 mdb_free(ncp
, nc_size
);
279 if (skip_bad_chains
) {
280 mdb_warn(bad_dnlc
, i
, nc_va
);
286 * Terminate the new name with a null.
287 * Note, we allowed space for this null when
288 * allocating space for the entry.
290 ncp
->name
[ncp
->namlen
] = '\0';
293 * Validate new entry by re-hashing using the
294 * kernel dnlc hash function and comparing the hash
296 DNLCHASH(ncp
->name
, ncp
->dp
, khash
, namelen
);
297 if ((namelen
!= ncp
->namlen
) ||
298 (khash
!= ncp
->hash
)) {
299 mdb_free(ncp
, nc_size
);
300 if (skip_bad_chains
) {
301 mdb_warn(bad_dnlc
, i
, nc_va
);
308 * Finally put the validated entry into the mdb
309 * hash chains. Reuse the kernel next hash field
310 * for the mdb hash chain pointer.
312 hash
= MDB_DNLC_HASH(ncp
->vp
);
314 nc_va
= (uintptr_t)(ncp
->hash_next
);
315 ncp
->hash_next
= dnlc_hash
[hash
];
316 dnlc_hash
[hash
] = ncp
;
324 dnlcdump(uintptr_t addr
, uint_t flags
, int argc
, const mdb_arg_t
*argv
)
329 if ((flags
& DCMD_ADDRSPEC
) || argc
!= 0)
332 if (dnlc_load() == -1)
335 mdb_printf("%<u>%-?s %-?s %-32s%</u>\n", "VP", "DVP", "NAME");
337 for (i
= 0; i
< MDB_DNLC_HSIZE
; i
++) {
338 for (ent
= dnlc_hash
[i
]; ent
!= NULL
; ent
= ent
->hash_next
) {
339 mdb_printf("%0?p %0?p %s\n",
340 ent
->vp
, ent
->dp
, ent
->name
);
348 mdb_sprintpath(char *buf
, size_t len
, mdb_path_t
*path
)
353 if (len
< sizeof ("/..."))
356 if (!path
->mdp_complete
) {
357 (void) strcpy(s
, "??");
360 if (path
->mdp_nelem
== 0)
364 if (path
->mdp_nelem
== 0) {
365 (void) strcpy(s
, "/");
369 for (i
= path
->mdp_nelem
- 1; i
>= 0; i
--) {
371 * Number of bytes left is the distance from where we
372 * are to the end, minus 2 for '/' and '\0'
374 ssize_t left
= (ssize_t
)(&buf
[len
] - s
) - 2;
380 (void) strncpy(s
, path
->mdp_name
[i
], left
);
384 if (left
< strlen(path
->mdp_name
[i
]))
389 (void) strcpy(&buf
[len
- 4], "...");
395 mdb_autonode2path(uintptr_t addr
, mdb_path_t
*path
)
405 * We want to look it up each time we access it since autofs could
406 * (in theory) be unloaded and reloaded.
408 if (mdb_lookup_by_name("auto_vnodeops", &sym
) != 0)
411 if (vn
.v_op
!= (struct vnodeops
*)(uintptr_t)sym
.st_value
)
414 addr
= (uintptr_t)vn
.v_data
;
416 if (mdb_vread(&vfs
, sizeof (vfs
), (uintptr_t)vn
.v_vfsp
) == -1 ||
417 mdb_vread(&fni
, sizeof (fni
), (uintptr_t)vfs
.vfs_data
) == -1 ||
418 mdb_vread(&vn
, sizeof (vn
), (uintptr_t)fni
.fi_rootvp
) == -1)
422 size_t elem
= path
->mdp_nelem
++;
423 char elemstr
[MAXNAMELEN
];
426 if (elem
== MDB_PATH_NELEM
) {
431 if (mdb_vread(&fn
, sizeof (fn
), addr
) != sizeof (fn
)) {
436 if (mdb_readstr(elemstr
, sizeof (elemstr
),
437 (uintptr_t)fn
.fn_name
) <= 0) {
438 (void) strcpy(elemstr
, "?");
441 c
= mdb_alloc(strlen(elemstr
) + 1, UM_SLEEP
| UM_GC
);
442 (void) strcpy(c
, elemstr
);
444 path
->mdp_vnode
[elem
] = (uintptr_t)fn
.fn_vnode
;
446 if (addr
== (uintptr_t)fn
.fn_parent
) {
447 path
->mdp_name
[elem
] = &c
[1];
448 path
->mdp_complete
= TRUE
;
452 if ((p
= strrchr(c
, '/')) != NULL
)
453 path
->mdp_name
[elem
] = p
+ 1;
455 path
->mdp_name
[elem
] = c
;
457 addr
= (uintptr_t)fn
.fn_parent
;
464 mdb_vnode2path(uintptr_t addr
, char *buf
, size_t buflen
)
472 * Check to see if we have a cached value for this vnode
474 if (mdb_vread(&vp
, sizeof (vp
), addr
) != -1 &&
476 mdb_readstr(buf
, buflen
, (uintptr_t)vp
.v_path
) != -1)
479 if (dnlc_load() == -1)
482 if (mdb_readvar(&rootdir
, "rootdir") == -1) {
483 mdb_warn("failed to read 'rootdir'");
487 bzero(&path
, sizeof (mdb_path_t
));
489 if ((addr
== (uintptr_t)NULL
) && (path
.mdp_nelem
== 0)) {
491 * 0 elems && complete tells sprintpath to just print "/"
493 path
.mdp_complete
= TRUE
;
497 if (addr
== rootdir
) {
498 path
.mdp_complete
= TRUE
;
502 for (ent
= dnlc_hash
[MDB_DNLC_HASH(addr
)]; ent
; ent
= ent
->hash_next
) {
503 if ((uintptr_t)ent
->vp
== addr
) {
504 if (strcmp(ent
->name
, "..") == 0 ||
505 strcmp(ent
->name
, ".") == 0)
508 path
.mdp_vnode
[path
.mdp_nelem
] = (uintptr_t)ent
->vp
;
509 path
.mdp_name
[path
.mdp_nelem
] = ent
->name
;
512 if (path
.mdp_nelem
== MDB_PATH_NELEM
) {
514 mdb_warn("path exceeded maximum expected "
519 addr
= (uintptr_t)ent
->dp
;
524 (void) mdb_autonode2path(addr
, &path
);
527 return (mdb_sprintpath(buf
, buflen
, &path
));
532 mdb_pid2proc(pid_t pid
, proc_t
*proc
)
534 int pid_hashsz
, hash
;
535 uintptr_t paddr
, pidhash
, procdir
;
538 if (mdb_readvar(&pidhash
, "pidhash") == -1)
541 if (mdb_readvar(&pid_hashsz
, "pid_hashsz") == -1)
544 if (mdb_readvar(&procdir
, "procdir") == -1)
547 hash
= pid
& (pid_hashsz
- 1);
549 if (mdb_vread(&paddr
, sizeof (paddr
),
550 pidhash
+ (hash
* sizeof (paddr
))) == -1)
553 while (paddr
!= (uintptr_t)NULL
) {
554 if (mdb_vread(&pidp
, sizeof (pidp
), paddr
) == -1)
557 if (pidp
.pid_id
== pid
) {
560 if (mdb_vread(&procp
, sizeof (procp
), procdir
+
561 (pidp
.pid_prslot
* sizeof (procp
))) == -1)
565 (void) mdb_vread(proc
, sizeof (proc_t
), procp
);
569 paddr
= (uintptr_t)pidp
.pid_link
;
575 mdb_cpu2cpuid(uintptr_t cpup
)
579 if (mdb_vread(&cpu
, sizeof (cpu_t
), cpup
) != sizeof (cpu_t
))
586 mdb_cpuset_find(uintptr_t cpusetp
)
589 size_t nr_words
= BT_BITOUL(NCPU
);
590 size_t sz
= nr_words
* sizeof (ulong_t
);
594 cpuset
= mdb_alloc(sz
, UM_SLEEP
);
596 if (mdb_vread((void *)cpuset
, sz
, cpusetp
) != sz
)
599 for (i
= 0; i
< nr_words
; i
++) {
603 for (j
= 0, m
= 1; j
< BT_NBIPUL
; j
++, m
<<= 1) {
605 cpu
= i
* BT_NBIPUL
+ j
;
612 mdb_free(cpuset
, sz
);
616 struct page_lookup_state
{
626 __page_lookup(uintptr_t addr
, const void *data
, void *private)
628 struct page_lookup_state
*state
= private;
629 const page_t
*page
= data
;
631 if ((uintptr_t)page
->p_vnode
!= state
->vnode
) {
632 mdb_warn("unexpected vnode pointer (got: %p, expected: %p)",
633 page
->p_vnode
, state
->vnode
);
637 if (page
->p_offset
!= state
->offset
)
645 mdb_page_lookup(uintptr_t vp
, uoff_t offset
)
647 uintptr_t addr
= vp
+ OFFSETOF(vnode_t
, v_object
.tree
);
648 struct page_lookup_state state
= {
653 if (mdb_pwalk("avl", __page_lookup
, &state
, addr
) != 0)
660 mdb_vtype2chr(vtype_t type
, mode_t mode
)
662 static const char vttab
[] = {
676 if (type
< 0 || type
>= sizeof (vttab
) / sizeof (vttab
[0]))
679 if (type
== VREG
&& (mode
& 0111) != 0)
682 return (vttab
[type
]);
692 pfn2page_cb(uintptr_t addr
, const struct memseg
*msp
, void *data
)
694 struct pfn2page
*p
= data
;
696 if (p
->pfn
>= msp
->pages_base
&& p
->pfn
< msp
->pages_end
) {
697 p
->pp
= msp
->pages
+ (p
->pfn
- msp
->pages_base
);
705 mdb_pfn2page(pfn_t pfn
)
713 if (mdb_walk("memseg", (mdb_walk_cb_t
)pfn2page_cb
, &arg
) == -1) {
714 mdb_warn("pfn2page: can't walk memsegs");
717 if (arg
.pp
== NULL
) {
718 mdb_warn("pfn2page: unable to find page_t for pfn %lx\n",
723 if (mdb_vread(&page
, sizeof (page_t
), (uintptr_t)arg
.pp
) == -1) {
724 mdb_warn("pfn2page: can't read page 0x%lx at %p", pfn
, arg
.pp
);
727 if (page
.p_pagenum
!= pfn
) {
728 mdb_warn("pfn2page: page_t 0x%p should have PFN 0x%lx, "
729 "but actually has 0x%lx\n", arg
.pp
, pfn
, page
.p_pagenum
);
733 return ((uintptr_t)arg
.pp
);
737 mdb_page2pfn(uintptr_t addr
)
741 if (mdb_vread(&page
, sizeof (page_t
), addr
) == -1) {
742 mdb_warn("pp2pfn: can't read page at %p", addr
);
743 return ((pfn_t
)(-1));
746 return (page
.p_pagenum
);
750 a2m_walk_modctl(uintptr_t addr
, const struct modctl
*m
, a2m_query_t
*a2m
)
754 if (m
->mod_mp
== NULL
)
757 if (mdb_vread(&mod
, sizeof (mod
), (uintptr_t)m
->mod_mp
) == -1) {
758 mdb_warn("couldn't read modctl %p's module", addr
);
762 if (a2m
->a2m_addr
>= (uintptr_t)mod
.text
&&
763 a2m
->a2m_addr
< (uintptr_t)mod
.text
+ mod
.text_size
)
766 if (a2m
->a2m_addr
>= (uintptr_t)mod
.data
&&
767 a2m
->a2m_addr
< (uintptr_t)mod
.data
+ mod
.data_size
)
773 a2m
->a2m_where
= addr
;
778 mdb_addr2modctl(uintptr_t addr
)
783 a2m
.a2m_where
= (uintptr_t)NULL
;
785 (void) mdb_walk("modctl", (mdb_walk_cb_t
)a2m_walk_modctl
, &a2m
);
786 return (a2m
.a2m_where
);
790 qi_lookup(uintptr_t qinit_addr
)
794 for (qip
= qi_head
; qip
!= NULL
; qip
= qip
->qi_next
) {
795 if (qip
->qi_addr
== qinit_addr
)
803 mdb_qops_install(const mdb_qops_t
*qops
, uintptr_t qinit_addr
)
805 mdb_qinfo_t
*qip
= qi_lookup(qinit_addr
);
812 qip
= mdb_alloc(sizeof (mdb_qinfo_t
), UM_SLEEP
);
815 qip
->qi_addr
= qinit_addr
;
816 qip
->qi_next
= qi_head
;
822 mdb_qops_remove(const mdb_qops_t
*qops
, uintptr_t qinit_addr
)
824 mdb_qinfo_t
*qip
, *p
= NULL
;
826 for (qip
= qi_head
; qip
!= NULL
; p
= qip
, qip
= qip
->qi_next
) {
827 if (qip
->qi_addr
== qinit_addr
&& qip
->qi_ops
== qops
) {
829 qi_head
= qip
->qi_next
;
831 p
->qi_next
= qip
->qi_next
;
832 mdb_free(qip
, sizeof (mdb_qinfo_t
));
839 mdb_qname(const queue_t
*q
, char *buf
, size_t nbytes
)
841 struct module_info mi
;
844 if (mdb_vread(&qi
, sizeof (qi
), (uintptr_t)q
->q_qinfo
) == -1) {
845 mdb_warn("failed to read qinit at %p", q
->q_qinfo
);
849 if (mdb_vread(&mi
, sizeof (mi
), (uintptr_t)qi
.qi_minfo
) == -1) {
850 mdb_warn("failed to read module_info at %p", qi
.qi_minfo
);
854 if (mdb_readstr(buf
, nbytes
, (uintptr_t)mi
.mi_idname
) <= 0) {
855 mdb_warn("failed to read mi_idname at %p", mi
.mi_idname
);
862 (void) mdb_snprintf(buf
, nbytes
, "???");
867 mdb_qinfo(const queue_t
*q
, char *buf
, size_t nbytes
)
869 mdb_qinfo_t
*qip
= qi_lookup((uintptr_t)q
->q_qinfo
);
873 qip
->qi_ops
->q_info(q
, buf
, nbytes
);
877 mdb_qrnext(const queue_t
*q
)
879 mdb_qinfo_t
*qip
= qi_lookup((uintptr_t)q
->q_qinfo
);
882 return (qip
->qi_ops
->q_rnext(q
));
884 return ((uintptr_t)NULL
);
888 mdb_qwnext(const queue_t
*q
)
890 mdb_qinfo_t
*qip
= qi_lookup((uintptr_t)q
->q_qinfo
);
893 return (qip
->qi_ops
->q_wnext(q
));
895 return ((uintptr_t)NULL
);
899 mdb_qrnext_default(const queue_t
*q
)
901 return ((uintptr_t)q
->q_next
);
905 mdb_qwnext_default(const queue_t
*q
)
907 return ((uintptr_t)q
->q_next
);
911 * The following three routines borrowed from modsubr.c
914 nm_hash(const char *name
)
919 for (c
= *name
++; c
; c
= *name
++)
922 return (hash
& MOD_BIND_HASHMASK
);
926 find_mbind(const char *name
, uintptr_t *hashtab
)
930 struct bind mb_local
;
931 char node_name
[MAXPATHLEN
+ 1];
933 hashndx
= nm_hash(name
);
934 mb
= hashtab
[hashndx
];
936 if (mdb_vread(&mb_local
, sizeof (mb_local
), mb
) == -1) {
937 mdb_warn("failed to read struct bind at %p", mb
);
938 return ((uintptr_t)NULL
);
940 if (mdb_readstr(node_name
, sizeof (node_name
),
941 (uintptr_t)mb_local
.b_name
) == -1) {
942 mdb_warn("failed to read node name string at %p",
944 return ((uintptr_t)NULL
);
947 if (strcmp(name
, node_name
) == 0)
950 mb
= (uintptr_t)mb_local
.b_next
;
956 mdb_name_to_major(const char *name
, major_t
*major
)
959 uintptr_t mb_hashtab
[MOD_BIND_HASHSIZE
];
960 struct bind mbind_local
;
963 if (mdb_readsym(mb_hashtab
, sizeof (mb_hashtab
), "mb_hashtab") == -1) {
964 mdb_warn("failed to read symbol 'mb_hashtab'");
968 if ((mbind
= find_mbind(name
, mb_hashtab
)) != (uintptr_t)NULL
) {
969 if (mdb_vread(&mbind_local
, sizeof (mbind_local
), mbind
) ==
971 mdb_warn("failed to read mbind struct at %p", mbind
);
975 *major
= (major_t
)mbind_local
.b_num
;
982 mdb_major_to_name(major_t major
)
984 static char name
[MODMAXNAMELEN
+ 1];
990 if (mdb_readvar(&devcnt
, "devcnt") == -1 || major
>= devcnt
||
991 mdb_readvar(&devnamesp
, "devnamesp") == -1)
994 if (mdb_vread(&dn
, sizeof (struct devnames
), devnamesp
+
995 major
* sizeof (struct devnames
)) != sizeof (struct devnames
))
998 if (mdb_readstr(name
, MODMAXNAMELEN
+ 1, (uintptr_t)dn
.dn_name
) == -1)
1001 return ((const char *)name
);
1005 * Return the name of the driver attached to the dip in drivername.
1008 mdb_devinfo2driver(uintptr_t dip_addr
, char *drivername
, size_t namebufsize
)
1010 struct dev_info devinfo
;
1011 char bind_name
[MAXPATHLEN
+ 1];
1013 const char *namestr
;
1016 if (mdb_vread(&devinfo
, sizeof (devinfo
), dip_addr
) == -1) {
1017 mdb_warn("failed to read devinfo at %p", dip_addr
);
1021 if (mdb_readstr(bind_name
, sizeof (bind_name
),
1022 (uintptr_t)devinfo
.devi_binding_name
) == -1) {
1023 mdb_warn("failed to read binding name at %p",
1024 devinfo
.devi_binding_name
);
1029 * Many->one relation: various names to one major number
1031 if (mdb_name_to_major(bind_name
, &major
) == -1) {
1032 mdb_warn("failed to translate bind name to major number\n");
1037 * One->one relation: one major number corresponds to one driver
1039 if ((namestr
= mdb_major_to_name(major
)) == NULL
) {
1040 (void) strncpy(drivername
, "???", namebufsize
);
1044 (void) strncpy(drivername
, namestr
, namebufsize
);
1049 * Find the name of the driver attached to this dip (if any), given:
1050 * - the address of a dip (in core)
1051 * - the NAME of the global pointer to the driver's i_ddi_soft_state struct
1052 * - pointer to a pointer to receive the address
1055 mdb_devinfo2statep(uintptr_t dip_addr
, char *soft_statep_name
,
1058 struct dev_info dev_info
;
1061 if (mdb_vread(&dev_info
, sizeof (dev_info
), dip_addr
) == -1) {
1062 mdb_warn("failed to read devinfo at %p", dip_addr
);
1066 return (mdb_get_soft_state_byname(soft_statep_name
,
1067 dev_info
.devi_instance
, statep
, NULL
, 0));
1071 * Returns a pointer to the top of the soft state struct for the instance
1072 * specified (in state_addr), given the address of the global soft state
1073 * pointer and size of the struct. Also fills in the buffer pointed to by
1074 * state_buf_p (if non-NULL) with the contents of the state struct.
1077 mdb_get_soft_state_byaddr(uintptr_t ssaddr
, uint_t instance
,
1078 uintptr_t *state_addr
, void *state_buf_p
, size_t sizeof_state
)
1080 struct i_ddi_soft_state ss
;
1084 if (mdb_vread(&ss
, sizeof (ss
), ssaddr
) == -1)
1087 if (instance
>= ss
.n_items
)
1090 if (mdb_vread(&statep
, sizeof (statep
), (uintptr_t)ss
.array
+
1091 (sizeof (statep
) * instance
)) == -1)
1094 if (state_addr
!= NULL
)
1095 *state_addr
= (uintptr_t)statep
;
1097 if (statep
== NULL
) {
1102 if (state_buf_p
!= NULL
) {
1104 /* Read the state struct into the buffer in local space. */
1105 if (mdb_vread(state_buf_p
, sizeof_state
,
1106 (uintptr_t)statep
) == -1)
1115 * Returns a pointer to the top of the soft state struct for the instance
1116 * specified (in state_addr), given the name of the global soft state pointer
1117 * and size of the struct. Also fills in the buffer pointed to by
1118 * state_buf_p (if non-NULL) with the contents of the state struct.
1121 mdb_get_soft_state_byname(char *softstatep_name
, uint_t instance
,
1122 uintptr_t *state_addr
, void *state_buf_p
, size_t sizeof_state
)
1126 if (mdb_readvar((void *)&ssaddr
, softstatep_name
) == -1)
1129 return (mdb_get_soft_state_byaddr(ssaddr
, instance
, state_addr
,
1130 state_buf_p
, sizeof_state
));
1133 static const mdb_dcmd_t dcmds
[] = {
1134 { "dnlc", NULL
, "print DNLC contents", dnlcdump
},
1138 static const mdb_modinfo_t modinfo
= { MDB_API_VERSION
, dcmds
};
1142 update_vars(void *arg
)
1144 (void) mdb_readvar(&_mdb_ks_pagesize
, "_pagesize");
1145 (void) mdb_readvar(&_mdb_ks_pageshift
, "_pageshift");
1146 (void) mdb_readvar(&_mdb_ks_pageoffset
, "_pageoffset");
1147 (void) mdb_readvar(&_mdb_ks_pagemask
, "_pagemask");
1148 (void) mdb_readvar(&_mdb_ks_mmu_pagesize
, "_mmu_pagesize");
1149 (void) mdb_readvar(&_mdb_ks_mmu_pageshift
, "_mmu_pageshift");
1150 (void) mdb_readvar(&_mdb_ks_mmu_pageoffset
, "_mmu_pageoffset");
1151 (void) mdb_readvar(&_mdb_ks_mmu_pagemask
, "_mmu_pagemask");
1152 (void) mdb_readvar(&_mdb_ks_kernelbase
, "_kernelbase");
1154 (void) mdb_readvar(&_mdb_ks_userlimit
, "_userlimit");
1155 (void) mdb_readvar(&_mdb_ks_userlimit32
, "_userlimit32");
1156 (void) mdb_readvar(&_mdb_ks_argsbase
, "_argsbase");
1157 (void) mdb_readvar(&_mdb_ks_msg_bsize
, "_msg_bsize");
1158 (void) mdb_readvar(&_mdb_ks_defaultstksz
, "_defaultstksz");
1159 (void) mdb_readvar(&_mdb_ks_ncpu
, "_ncpu");
1160 (void) mdb_readvar(&_mdb_ks_ncpu_log2
, "_ncpu_log2");
1161 (void) mdb_readvar(&_mdb_ks_ncpu_p2
, "_ncpu_p2");
1164 const mdb_modinfo_t
*
1168 * When used with mdb, mdb_ks is a separate dmod. With kmdb, however,
1169 * mdb_ks is compiled into the debugger module. kmdb cannot
1170 * automatically modunload itself when it exits. If it restarts after
1171 * debugger fault, static variables may not be initialized to zero.
1172 * They must be manually reinitialized here.
1177 mdb_callback_add(MDB_CALLBACK_STCHG
, update_vars
, NULL
);
1188 while (qi_head
!= NULL
) {
1189 mdb_qinfo_t
*qip
= qi_head
;
1190 qi_head
= qip
->qi_next
;
1191 mdb_free(qip
, sizeof (mdb_qinfo_t
));
1196 * Interface between MDB kproc target and mdb_ks. The kproc target relies
1197 * on looking up and invoking these functions in mdb_ks so that dependencies
1198 * on the current kernel implementation are isolated in mdb_ks.
1202 * Given the address of a proc_t, return the p.p_as pointer; return NULL
1203 * if we were unable to read a proc structure from the given address.
1206 mdb_kproc_as(uintptr_t proc_addr
)
1210 if (mdb_vread(&p
, sizeof (p
), proc_addr
) == sizeof (p
))
1211 return ((uintptr_t)p
.p_as
);
1213 return ((uintptr_t)NULL
);
1217 * Given the address of a proc_t, return the p.p_model value; return
1218 * PR_MODEL_UNKNOWN if we were unable to read a proc structure or if
1219 * the model value does not match one of the two known values.
1222 mdb_kproc_model(uintptr_t proc_addr
)
1226 if (mdb_vread(&p
, sizeof (p
), proc_addr
) == sizeof (p
)) {
1227 switch (p
.p_model
) {
1228 case DATAMODEL_ILP32
:
1229 return (PR_MODEL_ILP32
);
1230 case DATAMODEL_LP64
:
1231 return (PR_MODEL_LP64
);
1235 return (PR_MODEL_UNKNOWN
);
1239 * Callback function for walking process's segment list. For each segment,
1240 * we fill in an mdb_map_t describing its properties, and then invoke
1241 * the callback function provided by the kproc target.
1244 asmap_step(uintptr_t addr
, const struct seg
*seg
, asmap_arg_t
*asmp
)
1246 struct segvn_data svd
;
1249 if (seg
->s_ops
== asmp
->asm_segvn_ops
&& mdb_vread(&svd
,
1250 sizeof (svd
), (uintptr_t)seg
->s_data
) == sizeof (svd
)) {
1252 if (svd
.vp
!= NULL
) {
1253 if (mdb_vnode2path((uintptr_t)svd
.vp
, map
.map_name
,
1254 MDB_TGT_MAPSZ
) != 0) {
1255 (void) mdb_snprintf(map
.map_name
,
1256 MDB_TGT_MAPSZ
, "[ vnode %p ]", svd
.vp
);
1259 (void) strcpy(map
.map_name
, "[ anon ]");
1262 (void) mdb_snprintf(map
.map_name
, MDB_TGT_MAPSZ
,
1263 "[ seg %p ]", addr
);
1266 map
.map_base
= (uintptr_t)seg
->s_base
;
1267 map
.map_size
= seg
->s_size
;
1270 asmp
->asm_callback((const struct mdb_map
*)&map
, asmp
->asm_cbdata
);
1275 * Given a process address space, walk its segment list using the seg walker,
1276 * convert the segment data to an mdb_map_t, and pass this information
1277 * back to the kproc target via the given callback function.
1280 mdb_kproc_asiter(uintptr_t as
,
1281 void (*func
)(const struct mdb_map
*, void *), void *p
)
1286 arg
.asm_segvn_ops
= NULL
;
1287 arg
.asm_callback
= func
;
1290 if (mdb_lookup_by_name("segvn_ops", &sym
) == 0)
1291 arg
.asm_segvn_ops
= (struct seg_ops
*)(uintptr_t)sym
.st_value
;
1293 return (mdb_pwalk("seg", (mdb_walk_cb_t
)asmap_step
, &arg
, as
));
1297 * Copy the auxv array from the given process's u-area into the provided
1298 * buffer. If the buffer is NULL, only return the size of the auxv array
1299 * so the caller knows how much space will be required.
1302 mdb_kproc_auxv(uintptr_t proc
, auxv_t
*auxv
)
1307 if (mdb_vread(&p
, sizeof (p
), proc
) != sizeof (p
))
1310 bcopy(p
.p_user
.u_auxv
, auxv
,
1311 sizeof (auxv_t
) * __KERN_NAUXV_IMPL
);
1314 return (__KERN_NAUXV_IMPL
);
1318 * Given a process address, return the PID.
1321 mdb_kproc_pid(uintptr_t proc_addr
)
1326 if (mdb_vread(&p
, sizeof (p
), proc_addr
) == sizeof (p
) &&
1327 mdb_vread(&pid
, sizeof (pid
), (uintptr_t)p
.p_pidp
) == sizeof (pid
))
1328 return (pid
.pid_id
);
1334 * Interface between the MDB kvm target and mdb_ks. The kvm target relies
1335 * on looking up and invoking these functions in mdb_ks so that dependencies
1336 * on the current kernel implementation are isolated in mdb_ks.
1340 * Determine whether or not the thread that panicked the given kernel was a
1341 * kernel thread (panic_thread->t_procp == &p0).
1344 mdb_dump_print_content(dumphdr_t
*dh
, pid_t content
)
1352 (void) mdb_readvar(&expcont
, "dump_conflags");
1353 actcont
= dh
->dump_flags
& DF_CONTENT
;
1355 if (actcont
== DF_ALL
) {
1356 mdb_printf("dump content: all kernel and user pages\n");
1358 } else if (actcont
== DF_CURPROC
) {
1359 mdb_printf("dump content: kernel pages and pages from "
1364 mdb_printf("dump content: kernel pages only\n");
1365 if (!(expcont
& DF_CURPROC
))
1368 if (mdb_readvar(&pt
, "panic_thread") != sizeof (pt
) ||
1369 pt
== (uintptr_t)NULL
)
1370 goto kthreadpanic_err
;
1372 if (mdb_vread(&procp
, sizeof (procp
), pt
+ OFFSETOF(kthread_t
,
1373 t_procp
)) == -1 || procp
== (uintptr_t)NULL
)
1374 goto kthreadpanic_err
;
1376 if (mdb_lookup_by_name("p0", &sym
) != 0)
1377 goto kthreadpanic_err
;
1379 if (procp
== (uintptr_t)sym
.st_value
) {
1380 mdb_printf(" (curproc requested, but a kernel thread "
1383 mdb_printf(" (curproc requested, but the process that "
1384 "panicked could not be dumped)\n");
1390 mdb_printf(" (curproc requested, but the process that panicked could "
1395 * Determine the process that was saved in a `curproc' dump. This process will
1396 * be recorded as the first element in dump_pids[].
1399 mdb_dump_find_curproc(void)
1404 if (mdb_readvar(&pidp
, "dump_pids") == sizeof (pidp
) &&
1405 mdb_vread(&pid
, sizeof (pid
), pidp
) == sizeof (pid
) &&
1414 * Following three funcs extracted from sunddi.c
1418 * Return core address of root node of devinfo tree
1421 mdb_ddi_root_node(void)
1423 uintptr_t top_devinfo_addr
;
1425 /* return (top_devinfo); */
1426 if (mdb_readvar(&top_devinfo_addr
, "top_devinfo") == -1) {
1427 mdb_warn("failed to read top_devinfo");
1428 return ((uintptr_t)NULL
);
1430 return (top_devinfo_addr
);
1434 * Return the name of the devinfo node pointed at by 'dip_addr' in the buffer
1435 * pointed at by 'name.'
1437 * - dip_addr is a pointer to a dev_info struct in core.
1440 mdb_ddi_deviname(uintptr_t dip_addr
, char *name
, size_t name_size
)
1444 char *local_namep
= name
;
1445 size_t local_name_size
= name_size
;
1446 struct dev_info local_dip
;
1449 if (dip_addr
== mdb_ddi_root_node()) {
1450 if (name_size
< 1) {
1451 mdb_warn("failed to get node name: buf too small\n");
1459 if (name_size
< 2) {
1460 mdb_warn("failed to get node name: buf too small\n");
1465 *local_namep
++ = '/';
1466 *local_namep
= '\0';
1469 if (mdb_vread(&local_dip
, sizeof (struct dev_info
), dip_addr
) == -1) {
1470 mdb_warn("failed to read devinfo struct");
1473 length
= mdb_readstr(local_namep
, local_name_size
,
1474 (uintptr_t)local_dip
.devi_node_name
);
1476 mdb_warn("failed to read node name");
1479 local_namep
+= length
;
1480 local_name_size
-= length
;
1481 addrname
= (uintptr_t)local_dip
.devi_addr
;
1483 if (addrname
!= (uintptr_t)NULL
) {
1485 if (local_name_size
< 2) {
1486 mdb_warn("not enough room for node address string");
1489 *local_namep
++ = '@';
1490 *local_namep
= '\0';
1493 length
= mdb_readstr(local_namep
, local_name_size
, addrname
);
1495 mdb_warn("failed to read name");
1504 * Generate the full path under the /devices dir to the device entry.
1506 * dip is a pointer to a devinfo struct in core (not in local memory).
1509 mdb_ddi_pathname(uintptr_t dip_addr
, char *path
, size_t pathlen
)
1511 struct dev_info local_dip
;
1512 uintptr_t parent_dip
;
1517 if (dip_addr
== mdb_ddi_root_node()) {
1523 if (mdb_vread(&local_dip
, sizeof (struct dev_info
), dip_addr
) == -1) {
1524 mdb_warn("failed to read devinfo struct");
1527 parent_dip
= (uintptr_t)local_dip
.devi_parent
;
1528 (void) mdb_ddi_pathname(parent_dip
, path
, pathlen
);
1530 bp
= path
+ strlen(path
);
1531 buf_left
= pathlen
- strlen(path
);
1532 (void) mdb_ddi_deviname(dip_addr
, bp
, buf_left
);
1538 * Read in the string value of a refstr, which is appended to the end of
1542 mdb_read_refstr(uintptr_t refstr_addr
, char *str
, size_t nbytes
)
1544 struct refstr
*r
= (struct refstr
*)refstr_addr
;
1546 return (mdb_readstr(str
, nbytes
, (uintptr_t)r
->rs_string
));
1550 * Chase an mblk list by b_next and return the length.
1553 mdb_mblk_count(const mblk_t
*mb
)
1562 while (mb
->b_next
!= NULL
) {
1564 if (mdb_vread(&mblk
, sizeof (mblk
), (uintptr_t)mb
->b_next
) ==
1573 * Write the given MAC address as a printable string in the usual colon-
1574 * separated format. Assumes that buflen is at least 2.
1577 mdb_mac_addr(const uint8_t *addr
, size_t alen
, char *buf
, size_t buflen
)
1581 if (alen
== 0 || buflen
< 4) {
1582 (void) strcpy(buf
, "?");
1587 * If there are more MAC address bytes available, but we won't
1588 * have any room to print them, then add "..." to the string
1589 * instead. See below for the 'magic number' explanation.
1591 if ((alen
== 2 && buflen
< 6) || (alen
> 2 && buflen
< 7)) {
1592 (void) strcpy(buf
, "...");
1595 slen
= mdb_snprintf(buf
, buflen
, "%02x", *addr
++);
1602 * At this point, based on the first 'if' statement above,
1603 * either alen == 1 and buflen >= 3, or alen > 1 and
1604 * buflen >= 4. The first case leaves room for the final "xx"
1605 * number and trailing NUL byte. The second leaves room for at
1606 * least "...". Thus the apparently 'magic' numbers chosen for
1613 * Produce a string that represents a DLPI primitive, or NULL if no such string
1617 mdb_dlpi_prim(int prim
)
1620 case DL_INFO_REQ
: return ("DL_INFO_REQ");
1621 case DL_INFO_ACK
: return ("DL_INFO_ACK");
1622 case DL_ATTACH_REQ
: return ("DL_ATTACH_REQ");
1623 case DL_DETACH_REQ
: return ("DL_DETACH_REQ");
1624 case DL_BIND_REQ
: return ("DL_BIND_REQ");
1625 case DL_BIND_ACK
: return ("DL_BIND_ACK");
1626 case DL_UNBIND_REQ
: return ("DL_UNBIND_REQ");
1627 case DL_OK_ACK
: return ("DL_OK_ACK");
1628 case DL_ERROR_ACK
: return ("DL_ERROR_ACK");
1629 case DL_ENABMULTI_REQ
: return ("DL_ENABMULTI_REQ");
1630 case DL_DISABMULTI_REQ
: return ("DL_DISABMULTI_REQ");
1631 case DL_PROMISCON_REQ
: return ("DL_PROMISCON_REQ");
1632 case DL_PROMISCOFF_REQ
: return ("DL_PROMISCOFF_REQ");
1633 case DL_UNITDATA_REQ
: return ("DL_UNITDATA_REQ");
1634 case DL_UNITDATA_IND
: return ("DL_UNITDATA_IND");
1635 case DL_UDERROR_IND
: return ("DL_UDERROR_IND");
1636 case DL_PHYS_ADDR_REQ
: return ("DL_PHYS_ADDR_REQ");
1637 case DL_PHYS_ADDR_ACK
: return ("DL_PHYS_ADDR_ACK");
1638 case DL_SET_PHYS_ADDR_REQ
: return ("DL_SET_PHYS_ADDR_REQ");
1639 case DL_NOTIFY_REQ
: return ("DL_NOTIFY_REQ");
1640 case DL_NOTIFY_ACK
: return ("DL_NOTIFY_ACK");
1641 case DL_NOTIFY_IND
: return ("DL_NOTIFY_IND");
1642 case DL_NOTIFY_CONF
: return ("DL_NOTIFY_CONF");
1643 case DL_CAPABILITY_REQ
: return ("DL_CAPABILITY_REQ");
1644 case DL_CAPABILITY_ACK
: return ("DL_CAPABILITY_ACK");
1645 case DL_CONTROL_REQ
: return ("DL_CONTROL_REQ");
1646 case DL_CONTROL_ACK
: return ("DL_CONTROL_ACK");
1647 case DL_PASSIVE_REQ
: return ("DL_PASSIVE_REQ");
1648 default: return (NULL
);
1653 * mdb_gethrtime() returns the hires system time. This will be the timestamp at
1654 * which we dropped into, if called from, kmdb(1); the core dump's hires time
1655 * if inspecting one; or the running system's hires time if we're inspecting
1667 * We first check whether the lbolt info structure has been allocated
1668 * and initialized. If not, lbolt_hybrid will be pointing at
1671 if (mdb_lookup_by_name("lbolt_bootstrap", &sym
) == -1)
1674 if (mdb_readvar(&ptr
, "lbolt_hybrid") == -1)
1677 if (ptr
== (uintptr_t)sym
.st_value
)
1681 if (mdb_readvar(&ptr
, "lb_info") == -1)
1684 if (mdb_vread(&lbi
, sizeof (lbolt_info_t
), ptr
) !=
1685 sizeof (lbolt_info_t
))
1688 ts
= lbi
.lbi_debug_ts
;
1690 if (mdb_prop_postmortem
) {
1691 if (mdb_readvar(&ptr
, "lb_info") == -1)
1694 if (mdb_vread(&lbi
, sizeof (lbolt_info_t
), ptr
) !=
1695 sizeof (lbolt_info_t
))
1698 ts
= lbi
.lbi_debug_ts
;
1707 * mdb_get_lbolt() returns the number of clock ticks since system boot.
1708 * Depending on the context in which it's called, the value will be derived
1709 * from different sources per mdb_gethrtime(). If inspecting a panicked
1710 * system, the routine returns the 'panic_lbolt64' variable from the core file.
1721 if (mdb_readvar(&pl
, "panic_lbolt64") != -1 && pl
> 0)
1725 * mdb_gethrtime() will return zero if the lbolt info structure hasn't
1726 * been allocated and initialized yet, or if it fails to read it.
1728 if ((ts
= mdb_gethrtime()) <= 0)
1732 * Load the time spent in kmdb, if any.
1734 if (mdb_readvar(&ptr
, "lb_info") == -1)
1737 if (mdb_vread(&lbi
, sizeof (lbolt_info_t
), ptr
) !=
1738 sizeof (lbolt_info_t
))
1741 if (mdb_readvar(&nsec
, "nsec_per_tick") == -1 || nsec
== 0) {
1742 mdb_warn("failed to read 'nsec_per_tick'");
1746 return ((ts
/nsec
) - lbi
.lbi_debug_time
);