Print this page
OS-1576 Sundry uninitialised variables
Reviewed by: Robert Mustacchi <rm@joyent.com>
| Split |
Close |
| Expand all |
| Collapse all |
--- old/usr/src/cmd/mdb/common/modules/v8/mdb_v8.c
+++ new/usr/src/cmd/mdb/common/modules/v8/mdb_v8.c
1 1 /*
2 2 * CDDL HEADER START
3 3 *
4 4 * The contents of this file are subject to the terms of the
5 5 * Common Development and Distribution License (the "License").
6 6 * You may not use this file except in compliance with the License.
7 7 *
8 8 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
9 9 * or http://www.opensolaris.org/os/licensing.
10 10 * See the License for the specific language governing permissions
11 11 * and limitations under the License.
12 12 *
13 13 * When distributing Covered Code, include this CDDL HEADER in each
14 14 * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
15 15 * If applicable, add the following below this CDDL HEADER, with the
16 16 * fields enclosed by brackets "[]" replaced with your own identifying
17 17 * information: Portions Copyright [yyyy] [name of copyright owner]
18 18 *
19 19 * CDDL HEADER END
20 20 */
21 21 /*
22 22 * Copyright (c) 2012, Joyent, Inc. All rights reserved.
23 23 */
24 24
25 25 /*
26 26 * mdb(1M) module for debugging the V8 JavaScript engine. This implementation
27 27 * makes heavy use of metadata defined in the V8 binary for inspecting in-memory
28 28 * structures. Canned configurations can be manually loaded for V8 binaries
29 29 * that predate this metadata. See mdb_v8_cfg.c for details.
30 30 */
31 31
32 32 #include <sys/mdb_modapi.h>
33 33 #include <assert.h>
34 34 #include <ctype.h>
35 35 #include <stdarg.h>
36 36 #include <stdio.h>
37 37 #include <string.h>
38 38 #include <libproc.h>
39 39 #include <sys/avl.h>
40 40
41 41 #include "v8dbg.h"
42 42 #include "v8cfg.h"
43 43
44 44 #define offsetof(s, m) ((size_t)(&(((s *)0)->m)))
45 45
46 46 /*
47 47 * The "v8_class" and "v8_field" structures describe the C++ classes used to
48 48 * represent V8 heap objects.
49 49 */
50 50 typedef struct v8_class {
51 51 struct v8_class *v8c_next; /* list linkage */
52 52 struct v8_class *v8c_parent; /* parent class (inheritance) */
53 53 struct v8_field *v8c_fields; /* array of class fields */
54 54 size_t v8c_start; /* offset of first class field */
55 55 size_t v8c_end; /* offset of first subclass field */
56 56 char v8c_name[64]; /* heap object class name */
57 57 } v8_class_t;
58 58
59 59 typedef struct v8_field {
60 60 struct v8_field *v8f_next; /* list linkage */
61 61 ssize_t v8f_offset; /* field offset */
62 62 char v8f_name[64]; /* field name */
63 63 boolean_t v8f_isbyte; /* 1-byte int field */
64 64 } v8_field_t;
65 65
66 66 /*
67 67 * Similarly, the "v8_enum" structure describes an enum from V8.
68 68 */
69 69 typedef struct {
70 70 char v8e_name[64];
71 71 uint_t v8e_value;
72 72 } v8_enum_t;
73 73
74 74 /*
75 75 * During configuration, the dmod updates these globals with the actual set of
76 76 * classes, types, and frame types based on the debug metadata.
77 77 */
78 78 static v8_class_t *v8_classes;
79 79
80 80 static v8_enum_t v8_types[128];
81 81 static int v8_next_type;
82 82
83 83 static v8_enum_t v8_frametypes[16];
84 84 static int v8_next_frametype;
85 85
86 86 static int v8_silent;
87 87
88 88 /*
89 89 * The following constants describe offsets from the frame pointer that are used
90 90 * to inspect each stack frame. They're initialized from the debug metadata.
91 91 */
92 92 static ssize_t V8_OFF_FP_CONTEXT;
93 93 static ssize_t V8_OFF_FP_MARKER;
94 94 static ssize_t V8_OFF_FP_FUNCTION;
95 95 static ssize_t V8_OFF_FP_ARGS;
96 96
97 97 /*
98 98 * The following constants are used by macros defined in heap-dbg-common.h to
99 99 * examine the types of various V8 heap objects. In general, the macros should
100 100 * be preferred to using the constants directly. The values of these constants
101 101 * are initialized from the debug metadata.
102 102 */
103 103 static intptr_t V8_FirstNonstringType;
104 104 static intptr_t V8_IsNotStringMask;
105 105 static intptr_t V8_StringTag;
106 106 static intptr_t V8_NotStringTag;
107 107 static intptr_t V8_StringEncodingMask;
108 108 static intptr_t V8_TwoByteStringTag;
109 109 static intptr_t V8_AsciiStringTag;
110 110 static intptr_t V8_StringRepresentationMask;
111 111 static intptr_t V8_SeqStringTag;
112 112 static intptr_t V8_ConsStringTag;
113 113 static intptr_t V8_ExternalStringTag;
114 114 static intptr_t V8_FailureTag;
115 115 static intptr_t V8_FailureTagMask;
116 116 static intptr_t V8_HeapObjectTag;
117 117 static intptr_t V8_HeapObjectTagMask;
118 118 static intptr_t V8_SmiTag;
119 119 static intptr_t V8_SmiTagMask;
120 120 static intptr_t V8_SmiValueShift;
121 121 static intptr_t V8_PointerSizeLog2;
122 122
123 123 static intptr_t V8_PROP_IDX_CONTENT;
124 124 static intptr_t V8_PROP_IDX_FIRST;
125 125 static intptr_t V8_PROP_TYPE_FIELD;
126 126 static intptr_t V8_PROP_FIRST_PHANTOM;
127 127 static intptr_t V8_PROP_TYPE_MASK;
128 128 static intptr_t V8_PROP_DESC_KEY;
129 129 static intptr_t V8_PROP_DESC_DETAILS;
130 130 static intptr_t V8_PROP_DESC_VALUE;
131 131 static intptr_t V8_PROP_DESC_SIZE;
132 132 static intptr_t V8_TRANSITIONS_IDX_DESC;
133 133
134 134 static intptr_t V8_TYPE_JSOBJECT = -1;
135 135 static intptr_t V8_TYPE_FIXEDARRAY = -1;
136 136
137 137 /*
138 138 * Although we have this information in v8_classes, the following offsets are
139 139 * defined explicitly because they're used directly in code below.
140 140 */
141 141 static ssize_t V8_OFF_CODE_INSTRUCTION_SIZE;
142 142 static ssize_t V8_OFF_CODE_INSTRUCTION_START;
143 143 static ssize_t V8_OFF_CONSSTRING_FIRST;
144 144 static ssize_t V8_OFF_CONSSTRING_SECOND;
145 145 static ssize_t V8_OFF_EXTERNALSTRING_RESOURCE;
146 146 static ssize_t V8_OFF_FIXEDARRAY_DATA;
147 147 static ssize_t V8_OFF_FIXEDARRAY_LENGTH;
148 148 static ssize_t V8_OFF_HEAPNUMBER_VALUE;
149 149 static ssize_t V8_OFF_HEAPOBJECT_MAP;
150 150 static ssize_t V8_OFF_JSFUNCTION_SHARED;
151 151 static ssize_t V8_OFF_JSOBJECT_ELEMENTS;
152 152 static ssize_t V8_OFF_JSOBJECT_PROPERTIES;
153 153 static ssize_t V8_OFF_MAP_CONSTRUCTOR;
154 154 static ssize_t V8_OFF_MAP_INOBJECT_PROPERTIES;
155 155 static ssize_t V8_OFF_MAP_INSTANCE_ATTRIBUTES;
156 156 static ssize_t V8_OFF_MAP_INSTANCE_DESCRIPTORS;
157 157 static ssize_t V8_OFF_MAP_INSTANCE_SIZE;
158 158 static ssize_t V8_OFF_MAP_TRANSITIONS;
159 159 static ssize_t V8_OFF_ODDBALL_TO_STRING;
160 160 static ssize_t V8_OFF_SCRIPT_LINE_ENDS;
161 161 static ssize_t V8_OFF_SCRIPT_NAME;
162 162 static ssize_t V8_OFF_SEQASCIISTR_CHARS;
163 163 static ssize_t V8_OFF_SHAREDFUNCTIONINFO_CODE;
164 164 static ssize_t V8_OFF_SHAREDFUNCTIONINFO_FUNCTION_TOKEN_POSITION;
165 165 static ssize_t V8_OFF_SHAREDFUNCTIONINFO_INFERRED_NAME;
166 166 static ssize_t V8_OFF_SHAREDFUNCTIONINFO_LENGTH;
167 167 static ssize_t V8_OFF_SHAREDFUNCTIONINFO_SCRIPT;
168 168 static ssize_t V8_OFF_SHAREDFUNCTIONINFO_NAME;
169 169 static ssize_t V8_OFF_STRING_LENGTH;
170 170
171 171 #define NODE_OFF_EXTSTR_DATA 0x4 /* see node_string.h */
172 172
173 173 /*
174 174 * Table of constants used directly by this file.
175 175 */
176 176 typedef struct v8_constant {
177 177 intptr_t *v8c_valp;
178 178 const char *v8c_symbol;
179 179 } v8_constant_t;
180 180
181 181 static v8_constant_t v8_constants[] = {
182 182 { &V8_OFF_FP_CONTEXT, "v8dbg_off_fp_context" },
183 183 { &V8_OFF_FP_FUNCTION, "v8dbg_off_fp_function" },
184 184 { &V8_OFF_FP_MARKER, "v8dbg_off_fp_marker" },
185 185 { &V8_OFF_FP_ARGS, "v8dbg_off_fp_args" },
186 186
187 187 { &V8_FirstNonstringType, "v8dbg_FirstNonstringType" },
188 188 { &V8_IsNotStringMask, "v8dbg_IsNotStringMask" },
189 189 { &V8_StringTag, "v8dbg_StringTag" },
190 190 { &V8_NotStringTag, "v8dbg_NotStringTag" },
191 191 { &V8_StringEncodingMask, "v8dbg_StringEncodingMask" },
192 192 { &V8_TwoByteStringTag, "v8dbg_TwoByteStringTag" },
193 193 { &V8_AsciiStringTag, "v8dbg_AsciiStringTag" },
194 194 { &V8_StringRepresentationMask, "v8dbg_StringRepresentationMask" },
195 195 { &V8_SeqStringTag, "v8dbg_SeqStringTag" },
196 196 { &V8_ConsStringTag, "v8dbg_ConsStringTag" },
197 197 { &V8_ExternalStringTag, "v8dbg_ExternalStringTag" },
198 198 { &V8_FailureTag, "v8dbg_FailureTag" },
199 199 { &V8_FailureTagMask, "v8dbg_FailureTagMask" },
200 200 { &V8_HeapObjectTag, "v8dbg_HeapObjectTag" },
201 201 { &V8_HeapObjectTagMask, "v8dbg_HeapObjectTagMask" },
202 202 { &V8_SmiTag, "v8dbg_SmiTag" },
203 203 { &V8_SmiTagMask, "v8dbg_SmiTagMask" },
204 204 { &V8_SmiValueShift, "v8dbg_SmiValueShift" },
205 205 { &V8_PointerSizeLog2, "v8dbg_PointerSizeLog2" },
206 206
207 207 { &V8_PROP_IDX_FIRST, "v8dbg_prop_idx_first" },
208 208 { &V8_PROP_TYPE_FIELD, "v8dbg_prop_type_field" },
209 209 { &V8_PROP_FIRST_PHANTOM, "v8dbg_prop_type_first_phantom" },
210 210 { &V8_PROP_TYPE_MASK, "v8dbg_prop_type_mask" },
211 211 };
212 212
213 213 static int v8_nconstants = sizeof (v8_constants) / sizeof (v8_constants[0]);
214 214
215 215 /*
216 216 * Some constants are -- for a variety of reasons -- optional.
217 217 */
218 218 static v8_constant_t v8_optionals[] = {
219 219 { &V8_PROP_IDX_CONTENT, "v8dbg_prop_idx_content" },
220 220 { &V8_PROP_DESC_KEY, "v8dbg_prop_desc_key" },
221 221 { &V8_PROP_DESC_DETAILS, "v8dbg_prop_desc_details" },
222 222 { &V8_PROP_DESC_VALUE, "v8dbg_prop_desc_value" },
223 223 { &V8_PROP_DESC_SIZE, "v8dbg_prop_desc_size" },
224 224 { &V8_TRANSITIONS_IDX_DESC, "v8dbg_transitions_idx_descriptors" }
225 225 };
226 226
227 227 static int v8_noptionals = sizeof (v8_optionals) / sizeof (v8_optionals[0]);
228 228
229 229 typedef struct v8_offset {
230 230 ssize_t *v8o_valp;
231 231 const char *v8o_class;
232 232 const char *v8o_member;
233 233 boolean_t v8o_optional;
234 234 } v8_offset_t;
235 235
236 236 static v8_offset_t v8_offsets[] = {
237 237 { &V8_OFF_CODE_INSTRUCTION_SIZE,
238 238 "Code", "instruction_size" },
239 239 { &V8_OFF_CODE_INSTRUCTION_START,
240 240 "Code", "instruction_start" },
241 241 { &V8_OFF_CONSSTRING_FIRST,
242 242 "ConsString", "first" },
243 243 { &V8_OFF_CONSSTRING_SECOND,
244 244 "ConsString", "second" },
245 245 { &V8_OFF_EXTERNALSTRING_RESOURCE,
246 246 "ExternalString", "resource" },
247 247 { &V8_OFF_FIXEDARRAY_DATA,
248 248 "FixedArray", "data" },
249 249 { &V8_OFF_FIXEDARRAY_LENGTH,
250 250 "FixedArray", "length" },
251 251 { &V8_OFF_HEAPNUMBER_VALUE,
252 252 "HeapNumber", "value" },
253 253 { &V8_OFF_HEAPOBJECT_MAP,
254 254 "HeapObject", "map" },
255 255 { &V8_OFF_JSFUNCTION_SHARED,
256 256 "JSFunction", "shared" },
257 257 { &V8_OFF_JSOBJECT_ELEMENTS,
258 258 "JSObject", "elements" },
259 259 { &V8_OFF_JSOBJECT_PROPERTIES,
260 260 "JSObject", "properties" },
261 261 { &V8_OFF_MAP_CONSTRUCTOR,
262 262 "Map", "constructor" },
263 263 { &V8_OFF_MAP_INOBJECT_PROPERTIES,
264 264 "Map", "inobject_properties" },
265 265 { &V8_OFF_MAP_INSTANCE_ATTRIBUTES,
266 266 "Map", "instance_attributes" },
267 267 { &V8_OFF_MAP_INSTANCE_DESCRIPTORS,
268 268 "Map", "instance_descriptors", B_TRUE },
269 269 { &V8_OFF_MAP_TRANSITIONS,
270 270 "Map", "transitions", B_TRUE },
271 271 { &V8_OFF_MAP_INSTANCE_SIZE,
272 272 "Map", "instance_size" },
273 273 { &V8_OFF_ODDBALL_TO_STRING,
274 274 "Oddball", "to_string" },
275 275 { &V8_OFF_SCRIPT_LINE_ENDS,
276 276 "Script", "line_ends" },
277 277 { &V8_OFF_SCRIPT_NAME,
278 278 "Script", "name" },
279 279 { &V8_OFF_SEQASCIISTR_CHARS,
280 280 "SeqAsciiString", "chars" },
281 281 { &V8_OFF_SHAREDFUNCTIONINFO_CODE,
282 282 "SharedFunctionInfo", "code" },
283 283 { &V8_OFF_SHAREDFUNCTIONINFO_FUNCTION_TOKEN_POSITION,
284 284 "SharedFunctionInfo", "function_token_position" },
285 285 { &V8_OFF_SHAREDFUNCTIONINFO_INFERRED_NAME,
286 286 "SharedFunctionInfo", "inferred_name" },
287 287 { &V8_OFF_SHAREDFUNCTIONINFO_LENGTH,
288 288 "SharedFunctionInfo", "length" },
289 289 { &V8_OFF_SHAREDFUNCTIONINFO_NAME,
290 290 "SharedFunctionInfo", "name" },
291 291 { &V8_OFF_SHAREDFUNCTIONINFO_SCRIPT,
292 292 "SharedFunctionInfo", "script" },
293 293 { &V8_OFF_STRING_LENGTH,
294 294 "String", "length" },
295 295 };
296 296
297 297 static int v8_noffsets = sizeof (v8_offsets) / sizeof (v8_offsets[0]);
298 298
299 299 static int autoconf_iter_symbol(mdb_symbol_t *, void *);
300 300 static v8_class_t *conf_class_findcreate(const char *);
301 301 static v8_field_t *conf_field_create(v8_class_t *, const char *, size_t);
302 302 static char *conf_next_part(char *, char *);
303 303 static int conf_update_parent(const char *);
304 304 static int conf_update_field(v8_cfg_t *, const char *);
305 305 static int conf_update_enum(v8_cfg_t *, const char *, const char *,
306 306 v8_enum_t *);
307 307 static int conf_update_type(v8_cfg_t *, const char *);
308 308 static int conf_update_frametype(v8_cfg_t *, const char *);
309 309 static void conf_class_compute_offsets(v8_class_t *);
310 310
311 311 static int read_typebyte(uint8_t *, uintptr_t);
312 312 static int heap_offset(const char *, const char *, ssize_t *);
313 313
314 314 /*
315 315 * Invoked when this dmod is initially loaded to load the set of classes, enums,
316 316 * and other constants from the metadata in the target binary.
317 317 */
318 318 static int
319 319 autoconfigure(v8_cfg_t *cfgp)
320 320 {
321 321 v8_class_t *clp;
322 322 v8_enum_t *ep;
323 323 struct v8_constant *cnp;
324 324 int ii;
325 325 int failed = 0;
326 326
327 327 assert(v8_classes == NULL);
328 328
329 329 /*
330 330 * Iterate all global symbols looking for metadata.
331 331 */
332 332 if (cfgp->v8cfg_iter(cfgp, autoconf_iter_symbol, cfgp) != 0) {
333 333 mdb_warn("failed to autoconfigure V8 support\n");
334 334 return (-1);
335 335 }
336 336
337 337 /*
338 338 * By now we've configured all of the classes so we can update the
339 339 * "start" and "end" fields in each class with information from its
340 340 * parent class.
341 341 */
342 342 for (clp = v8_classes; clp != NULL; clp = clp->v8c_next) {
343 343 if (clp->v8c_end != (size_t)-1)
344 344 continue;
345 345
346 346 conf_class_compute_offsets(clp);
347 347 };
348 348
349 349 /*
350 350 * Load various constants used directly in the module.
351 351 */
352 352 for (ii = 0; ii < v8_nconstants; ii++) {
353 353 cnp = &v8_constants[ii];
354 354
355 355 if (cfgp->v8cfg_readsym(cfgp, cnp->v8c_symbol,
356 356 cnp->v8c_valp) == -1) {
357 357 mdb_warn("failed to read \"%s\"", cnp->v8c_symbol);
358 358 failed++;
359 359 }
360 360 }
361 361
362 362 /*
363 363 * Load optional constants; if we fail to load an optional constant,
364 364 * we'll set its value to be -1.
365 365 */
366 366 for (ii = 0; ii < v8_noptionals; ii++) {
367 367 cnp = &v8_optionals[ii];
368 368
369 369 if (cfgp->v8cfg_readsym(cfgp, cnp->v8c_symbol,
370 370 cnp->v8c_valp) == -1) {
371 371 *cnp->v8c_valp = -1;
372 372 }
373 373 }
374 374
375 375 /*
376 376 * We need to do some cleanup here: there are versions of node (in
377 377 * particular, early v0.8 releases) in which v8dbg_prop_idx_content had
378 378 * been removed but the descriptor variables had not yet been added;
379 379 * we'll fill those in now with what we know those values to be.
380 380 */
381 381 if (V8_PROP_IDX_CONTENT == -1 && V8_PROP_DESC_SIZE == -1) {
382 382 V8_PROP_DESC_KEY = 0;
383 383 V8_PROP_DESC_DETAILS = 1;
384 384 V8_PROP_DESC_VALUE = 2;
385 385 V8_PROP_DESC_SIZE = 3;
386 386 }
387 387
388 388 /*
389 389 * Load type values for well-known classes that we use a lot.
390 390 */
391 391 for (ep = v8_types; ep->v8e_name[0] != '\0'; ep++) {
392 392 if (strcmp(ep->v8e_name, "JSObject") == 0)
393 393 V8_TYPE_JSOBJECT = ep->v8e_value;
394 394
395 395 if (strcmp(ep->v8e_name, "FixedArray") == 0)
396 396 V8_TYPE_FIXEDARRAY = ep->v8e_value;
397 397 }
398 398
399 399 if (V8_TYPE_JSOBJECT == -1 || V8_TYPE_FIXEDARRAY == -1) {
400 400 mdb_warn("couldn't find %s type\n",
401 401 V8_TYPE_JSOBJECT == -1 ? "JSObject" : "FixedArray");
402 402 failed++;
403 403 }
404 404
405 405 /*
406 406 * Finally, load various class offsets.
407 407 */
408 408 for (ii = 0; ii < v8_noffsets; ii++) {
409 409 struct v8_offset *offp = &v8_offsets[ii];
410 410 const char *klass = offp->v8o_class;
411 411
412 412 again:
413 413 if (heap_offset(klass, offp->v8o_member, offp->v8o_valp) == 0)
414 414 continue;
415 415
416 416 if (strcmp(klass, "FixedArray") == 0) {
417 417 /*
418 418 * The V8 included in node v0.6 uses a FixedArrayBase
419 419 * class to contain the "length" field, while the one
420 420 * in v0.4 has no such base class and stores the field
421 421 * directly in FixedArray; if we failed to derive
422 422 * the offset from FixedArray, try FixedArrayBase.
423 423 */
424 424 klass = "FixedArrayBase";
425 425 goto again;
426 426 }
427 427
428 428 if (offp->v8o_optional) {
429 429 *offp->v8o_valp = -1;
430 430 continue;
431 431 }
432 432
433 433 mdb_warn("couldn't find class \"%s\", field \"%s\"\n",
434 434 offp->v8o_class, offp->v8o_member);
435 435 failed++;
436 436 }
437 437
438 438 return (failed ? -1 : 0);
439 439 }
440 440
441 441 /* ARGSUSED */
442 442 static int
443 443 autoconf_iter_symbol(mdb_symbol_t *symp, void *arg)
444 444 {
445 445 v8_cfg_t *cfgp = arg;
446 446
447 447 if (strncmp(symp->sym_name, "v8dbg_parent_",
448 448 sizeof ("v8dbg_parent_") - 1) == 0)
449 449 return (conf_update_parent(symp->sym_name));
450 450
451 451 if (strncmp(symp->sym_name, "v8dbg_class_",
452 452 sizeof ("v8dbg_class_") - 1) == 0)
453 453 return (conf_update_field(cfgp, symp->sym_name));
454 454
455 455 if (strncmp(symp->sym_name, "v8dbg_type_",
456 456 sizeof ("v8dbg_type_") - 1) == 0)
457 457 return (conf_update_type(cfgp, symp->sym_name));
458 458
459 459 if (strncmp(symp->sym_name, "v8dbg_frametype_",
460 460 sizeof ("v8dbg_frametype_") - 1) == 0)
461 461 return (conf_update_frametype(cfgp, symp->sym_name));
462 462
463 463 return (0);
464 464 }
465 465
466 466 /*
467 467 * Extracts the next field of a string whose fields are separated by "__" (as
468 468 * the V8 metadata symbols are).
469 469 */
470 470 static char *
471 471 conf_next_part(char *buf, char *start)
472 472 {
473 473 char *pp;
474 474
475 475 if ((pp = strstr(start, "__")) == NULL) {
476 476 mdb_warn("malformed symbol name: %s\n", buf);
477 477 return (NULL);
478 478 }
479 479
480 480 *pp = '\0';
481 481 return (pp + sizeof ("__") - 1);
482 482 }
483 483
484 484 static v8_class_t *
485 485 conf_class_findcreate(const char *name)
486 486 {
487 487 v8_class_t *clp, *iclp, *prev = NULL;
488 488 int cmp;
489 489
490 490 for (iclp = v8_classes; iclp != NULL; iclp = iclp->v8c_next) {
491 491 if ((cmp = strcmp(iclp->v8c_name, name)) == 0)
492 492 return (iclp);
493 493
494 494 if (cmp > 0)
495 495 break;
496 496
497 497 prev = iclp;
498 498 }
499 499
500 500 if ((clp = mdb_zalloc(sizeof (*clp), UM_NOSLEEP)) == NULL)
501 501 return (NULL);
502 502
503 503 (void) strlcpy(clp->v8c_name, name, sizeof (clp->v8c_name));
504 504 clp->v8c_end = (size_t)-1;
505 505 clp->v8c_next = iclp;
506 506
507 507 if (prev != NULL) {
508 508 prev->v8c_next = clp;
509 509 } else {
510 510 v8_classes = clp;
511 511 }
512 512
513 513 return (clp);
514 514 }
515 515
516 516 static v8_field_t *
517 517 conf_field_create(v8_class_t *clp, const char *name, size_t offset)
518 518 {
519 519 v8_field_t *flp, *iflp;
520 520
521 521 if ((flp = mdb_zalloc(sizeof (*flp), UM_NOSLEEP)) == NULL)
522 522 return (NULL);
523 523
524 524 (void) strlcpy(flp->v8f_name, name, sizeof (flp->v8f_name));
525 525 flp->v8f_offset = offset;
526 526
527 527 if (clp->v8c_fields == NULL || clp->v8c_fields->v8f_offset > offset) {
528 528 flp->v8f_next = clp->v8c_fields;
529 529 clp->v8c_fields = flp;
530 530 return (flp);
531 531 }
532 532
533 533 for (iflp = clp->v8c_fields; iflp->v8f_next != NULL;
534 534 iflp = iflp->v8f_next) {
535 535 if (iflp->v8f_next->v8f_offset > offset)
536 536 break;
537 537 }
538 538
539 539 flp->v8f_next = iflp->v8f_next;
540 540 iflp->v8f_next = flp;
541 541 return (flp);
542 542 }
543 543
544 544 /*
545 545 * Given a "v8dbg_parent_X__Y", symbol, update the parent of class X to class Y.
546 546 * Note that neither class necessarily exists already.
547 547 */
548 548 static int
549 549 conf_update_parent(const char *symbol)
550 550 {
551 551 char *pp, *qq;
552 552 char buf[128];
553 553 v8_class_t *clp, *pclp;
554 554
555 555 (void) strlcpy(buf, symbol, sizeof (buf));
556 556 pp = buf + sizeof ("v8dbg_parent_") - 1;
557 557 qq = conf_next_part(buf, pp);
558 558
559 559 if (qq == NULL)
560 560 return (-1);
561 561
562 562 clp = conf_class_findcreate(pp);
563 563 pclp = conf_class_findcreate(qq);
564 564
565 565 if (clp == NULL || pclp == NULL) {
566 566 mdb_warn("mdb_v8: out of memory\n");
567 567 return (-1);
568 568 }
569 569
570 570 clp->v8c_parent = pclp;
571 571 return (0);
572 572 }
573 573
574 574 /*
575 575 * Given a "v8dbg_class_CLASS__FIELD__TYPE", symbol, save field "FIELD" into
576 576 * class CLASS with the offset described by the symbol. Note that CLASS does
577 577 * not necessarily exist already.
578 578 */
579 579 static int
580 580 conf_update_field(v8_cfg_t *cfgp, const char *symbol)
581 581 {
582 582 v8_class_t *clp;
583 583 v8_field_t *flp;
584 584 intptr_t offset;
585 585 char *pp, *qq, *tt;
586 586 char buf[128];
587 587
588 588 (void) strlcpy(buf, symbol, sizeof (buf));
589 589
590 590 pp = buf + sizeof ("v8dbg_class_") - 1;
591 591 qq = conf_next_part(buf, pp);
592 592
593 593 if (qq == NULL || (tt = conf_next_part(buf, qq)) == NULL)
594 594 return (-1);
595 595
596 596 if (cfgp->v8cfg_readsym(cfgp, symbol, &offset) == -1) {
597 597 mdb_warn("failed to read symbol \"%s\"", symbol);
598 598 return (-1);
599 599 }
600 600
601 601 if ((clp = conf_class_findcreate(pp)) == NULL ||
602 602 (flp = conf_field_create(clp, qq, (size_t)offset)) == NULL)
603 603 return (-1);
604 604
605 605 if (strcmp(tt, "int") == 0)
606 606 flp->v8f_isbyte = B_TRUE;
607 607
608 608 return (0);
609 609 }
610 610
611 611 static int
612 612 conf_update_enum(v8_cfg_t *cfgp, const char *symbol, const char *name,
613 613 v8_enum_t *enp)
614 614 {
615 615 intptr_t value;
616 616
617 617 if (cfgp->v8cfg_readsym(cfgp, symbol, &value) == -1) {
618 618 mdb_warn("failed to read symbol \"%s\"", symbol);
619 619 return (-1);
620 620 }
621 621
622 622 enp->v8e_value = (int)value;
623 623 (void) strlcpy(enp->v8e_name, name, sizeof (enp->v8e_name));
624 624 return (0);
625 625 }
626 626
627 627 /*
628 628 * Given a "v8dbg_type_TYPENAME" constant, save the type name in v8_types. Note
629 629 * that this enum has multiple integer values with the same string label.
630 630 */
631 631 static int
632 632 conf_update_type(v8_cfg_t *cfgp, const char *symbol)
633 633 {
634 634 char *klass;
635 635 v8_enum_t *enp;
636 636 char buf[128];
637 637
638 638 if (v8_next_type > sizeof (v8_types) / sizeof (v8_types[0])) {
639 639 mdb_warn("too many V8 types\n");
640 640 return (-1);
641 641 }
642 642
643 643 (void) strlcpy(buf, symbol, sizeof (buf));
644 644
645 645 klass = buf + sizeof ("v8dbg_type_") - 1;
646 646 if (conf_next_part(buf, klass) == NULL)
647 647 return (-1);
648 648
649 649 enp = &v8_types[v8_next_type++];
650 650 return (conf_update_enum(cfgp, symbol, klass, enp));
651 651 }
652 652
653 653 /*
654 654 * Given a "v8dbg_frametype_TYPENAME" constant, save the frame type in
655 655 * v8_frametypes.
656 656 */
657 657 static int
658 658 conf_update_frametype(v8_cfg_t *cfgp, const char *symbol)
659 659 {
660 660 const char *frametype;
661 661 v8_enum_t *enp;
662 662
663 663 if (v8_next_frametype >
664 664 sizeof (v8_frametypes) / sizeof (v8_frametypes[0])) {
665 665 mdb_warn("too many V8 frame types\n");
666 666 return (-1);
667 667 }
668 668
669 669 enp = &v8_frametypes[v8_next_frametype++];
670 670 frametype = symbol + sizeof ("v8dbg_frametype_") - 1;
671 671 return (conf_update_enum(cfgp, symbol, frametype, enp));
672 672 }
673 673
674 674 /*
675 675 * Now that all classes have been loaded, update the "start" and "end" fields of
676 676 * each class based on the values of its parent class.
677 677 */
678 678 static void
679 679 conf_class_compute_offsets(v8_class_t *clp)
680 680 {
681 681 v8_field_t *flp;
682 682
683 683 assert(clp->v8c_start == 0);
684 684 assert(clp->v8c_end == (size_t)-1);
685 685
686 686 if (clp->v8c_parent != NULL) {
687 687 if (clp->v8c_parent->v8c_end == (size_t)-1)
688 688 conf_class_compute_offsets(clp->v8c_parent);
689 689
690 690 clp->v8c_start = clp->v8c_parent->v8c_end;
691 691 }
692 692
693 693 if (clp->v8c_fields == NULL) {
694 694 clp->v8c_end = clp->v8c_start;
695 695 return;
696 696 }
697 697
698 698 for (flp = clp->v8c_fields; flp->v8f_next != NULL; flp = flp->v8f_next)
699 699 ;
700 700
701 701 if (flp == NULL)
702 702 clp->v8c_end = clp->v8c_start;
703 703 else
704 704 clp->v8c_end = flp->v8f_offset + sizeof (uintptr_t);
705 705 }
706 706
707 707 /*
708 708 * Utility functions
709 709 */
710 710 static int jsstr_print(uintptr_t, boolean_t, char **, size_t *);
711 711
712 712 static const char *
713 713 enum_lookup_str(v8_enum_t *enums, int val, const char *dflt)
714 714 {
715 715 v8_enum_t *ep;
716 716
717 717 for (ep = enums; ep->v8e_name[0] != '\0'; ep++) {
718 718 if (ep->v8e_value == val)
719 719 return (ep->v8e_name);
720 720 }
721 721
722 722 return (dflt);
723 723 }
724 724
725 725 static void
726 726 enum_print(v8_enum_t *enums)
727 727 {
728 728 v8_enum_t *itp;
729 729
730 730 for (itp = enums; itp->v8e_name[0] != '\0'; itp++)
731 731 mdb_printf("%-30s = 0x%02x\n", itp->v8e_name, itp->v8e_value);
732 732 }
733 733
734 734 /*
735 735 * b[v]snprintf behave like [v]snprintf(3c), except that they update the buffer
736 736 * and length arguments based on how much buffer space is used by the operation.
737 737 * This makes it much easier to combine multiple calls in sequence without
738 738 * worrying about buffer overflow.
739 739 */
740 740 static size_t
741 741 bvsnprintf(char **bufp, size_t *buflenp, const char *format, va_list alist)
742 742 {
743 743 size_t rv, len;
744 744
745 745 if (*buflenp == 0)
746 746 return (vsnprintf(NULL, 0, format, alist));
747 747
748 748 rv = vsnprintf(*bufp, *buflenp, format, alist);
749 749
750 750 len = MIN(rv, *buflenp);
751 751 *buflenp -= len;
752 752 *bufp += len;
753 753
754 754 return (len);
755 755 }
756 756
757 757 static size_t
758 758 bsnprintf(char **bufp, size_t *buflenp, const char *format, ...)
759 759 {
760 760 va_list alist;
761 761 size_t rv;
762 762
763 763 va_start(alist, format);
764 764 rv = bvsnprintf(bufp, buflenp, format, alist);
765 765 va_end(alist);
766 766
767 767 return (rv);
768 768 }
769 769
770 770 static void
771 771 v8_warn(const char *format, ...)
772 772 {
773 773 char buf[512];
774 774 va_list alist;
775 775 int len;
776 776
777 777 if (v8_silent)
778 778 return;
779 779
780 780 va_start(alist, format);
781 781 (void) vsnprintf(buf, sizeof (buf), format, alist);
782 782 va_end(alist);
783 783
784 784 /*
785 785 * This is made slightly annoying because we need to effectively
786 786 * preserve the original format string to allow for mdb to use the
787 787 * new-line at the end to indicate that strerror should be elided.
788 788 */
789 789 if ((len = strlen(format)) > 0 && format[len - 1] == '\n') {
790 790 buf[strlen(buf) - 1] = '\0';
791 791 mdb_warn("%s\n", buf);
792 792 } else {
793 793 mdb_warn("%s", buf);
794 794 }
795 795 }
796 796
797 797 /*
798 798 * Returns in "offp" the offset of field "field" in C++ class "klass".
799 799 */
800 800 static int
801 801 heap_offset(const char *klass, const char *field, ssize_t *offp)
802 802 {
803 803 v8_class_t *clp;
804 804 v8_field_t *flp;
805 805
806 806 for (clp = v8_classes; clp != NULL; clp = clp->v8c_next) {
807 807 if (strcmp(klass, clp->v8c_name) == 0)
808 808 break;
809 809 }
810 810
811 811 if (clp == NULL)
812 812 return (-1);
813 813
814 814 for (flp = clp->v8c_fields; flp != NULL; flp = flp->v8f_next) {
815 815 if (strcmp(field, flp->v8f_name) == 0)
816 816 break;
817 817 }
818 818
819 819 if (flp == NULL)
820 820 return (-1);
821 821
822 822 *offp = V8_OFF_HEAP(flp->v8f_offset);
823 823 return (0);
824 824 }
825 825
826 826 /*
827 827 * Assuming "addr" is an instance of the C++ heap class "klass", read into *valp
828 828 * the pointer-sized value of field "field".
829 829 */
830 830 static int
831 831 read_heap_ptr(uintptr_t *valp, uintptr_t addr, ssize_t off)
832 832 {
833 833 if (mdb_vread(valp, sizeof (*valp), addr + off) == -1) {
834 834 v8_warn("failed to read offset %d from %p", off, addr);
835 835 return (-1);
836 836 }
837 837
838 838 return (0);
839 839 }
840 840
841 841 /*
842 842 * Like read_heap_ptr, but assume the field is an SMI and store the actual value
843 843 * into *valp rather than the encoded representation.
844 844 */
845 845 static int
846 846 read_heap_smi(uintptr_t *valp, uintptr_t addr, ssize_t off)
847 847 {
848 848 if (read_heap_ptr(valp, addr, off) != 0)
849 849 return (-1);
850 850
851 851 if (!V8_IS_SMI(*valp)) {
852 852 v8_warn("expected SMI, got %p\n", *valp);
853 853 return (-1);
854 854 }
855 855
856 856 *valp = V8_SMI_VALUE(*valp);
857 857
858 858 return (0);
859 859 }
860 860
861 861 static int
862 862 read_heap_double(double *valp, uintptr_t addr, ssize_t off)
863 863 {
864 864 if (mdb_vread(valp, sizeof (*valp), addr + off) == -1) {
865 865 v8_warn("failed to read heap value at %p", addr + off);
866 866 return (-1);
867 867 }
868 868
869 869 return (0);
870 870 }
871 871
872 872 /*
873 873 * Assuming "addr" refers to a FixedArray, return a newly-allocated array
874 874 * representing its contents.
875 875 */
876 876 static int
877 877 read_heap_array(uintptr_t addr, uintptr_t **retp, size_t *lenp, int flags)
878 878 {
879 879 uint8_t type;
880 880 uintptr_t len;
881 881
882 882 if (!V8_IS_HEAPOBJECT(addr))
883 883 return (-1);
884 884
885 885 if (read_typebyte(&type, addr) != 0)
886 886 return (-1);
887 887
888 888 if (type != V8_TYPE_FIXEDARRAY)
889 889 return (-1);
890 890
891 891 if (read_heap_smi(&len, addr, V8_OFF_FIXEDARRAY_LENGTH) != 0)
892 892 return (-1);
893 893
894 894 *lenp = len;
895 895
896 896 if (len == 0) {
897 897 *retp = NULL;
898 898 return (0);
899 899 }
900 900
901 901 if ((*retp = mdb_zalloc(len * sizeof (uintptr_t), flags)) == NULL)
902 902 return (-1);
903 903
904 904 if (mdb_vread(*retp, len * sizeof (uintptr_t),
905 905 addr + V8_OFF_FIXEDARRAY_DATA) == -1) {
906 906 if (flags != UM_GC)
907 907 mdb_free(*retp, len * sizeof (uintptr_t));
908 908
909 909 return (-1);
910 910 }
911 911
912 912 return (0);
913 913 }
914 914
915 915 static int
916 916 read_heap_byte(uint8_t *valp, uintptr_t addr, ssize_t off)
917 917 {
918 918 if (mdb_vread(valp, sizeof (*valp), addr + off) == -1) {
919 919 v8_warn("failed to read heap value at %p", addr + off);
920 920 return (-1);
921 921 }
922 922
923 923 return (0);
924 924 }
925 925
926 926 /*
927 927 * Given a heap object, returns in *valp the byte describing the type of the
928 928 * object. This is shorthand for first retrieving the Map at the start of the
929 929 * heap object and then retrieving the type byte from the Map object.
930 930 */
931 931 static int
932 932 read_typebyte(uint8_t *valp, uintptr_t addr)
933 933 {
934 934 uintptr_t mapaddr;
935 935 ssize_t off = V8_OFF_HEAPOBJECT_MAP;
936 936
937 937 if (mdb_vread(&mapaddr, sizeof (mapaddr), addr + off) == -1) {
938 938 v8_warn("failed to read type of %p", addr);
939 939 return (-1);
940 940 }
941 941
942 942 if (!V8_IS_HEAPOBJECT(mapaddr)) {
943 943 v8_warn("object map is not a heap object\n");
944 944 return (-1);
945 945 }
946 946
947 947 if (read_heap_byte(valp, mapaddr, V8_OFF_MAP_INSTANCE_ATTRIBUTES) == -1)
948 948 return (-1);
949 949
950 950 return (0);
951 951 }
952 952
953 953 /*
954 954 * Given a heap object, returns in *valp the size of the object. For
955 955 * variable-size objects, returns an undefined value.
956 956 */
957 957 static int
958 958 read_size(size_t *valp, uintptr_t addr)
959 959 {
960 960 uintptr_t mapaddr;
961 961 uint8_t size;
962 962
963 963 if (read_heap_ptr(&mapaddr, addr, V8_OFF_HEAPOBJECT_MAP) != 0)
964 964 return (-1);
965 965
966 966 if (!V8_IS_HEAPOBJECT(mapaddr)) {
967 967 v8_warn("heap object map is not itself a heap object\n");
968 968 return (-1);
969 969 }
970 970
971 971 if (read_heap_byte(&size, mapaddr, V8_OFF_MAP_INSTANCE_SIZE) != 0)
972 972 return (-1);
973 973
974 974 *valp = size << V8_PointerSizeLog2;
975 975 return (0);
976 976 }
977 977
978 978 /*
979 979 * Returns in "buf" a description of the type of "addr" suitable for printing.
980 980 */
981 981 static int
982 982 obj_jstype(uintptr_t addr, char **bufp, size_t *lenp, uint8_t *typep)
983 983 {
984 984 uint8_t typebyte;
985 985 uintptr_t strptr;
986 986 const char *typename;
987 987
988 988 if (V8_IS_FAILURE(addr)) {
989 989 if (typep)
990 990 *typep = 0;
991 991 (void) bsnprintf(bufp, lenp, "'Failure' object");
992 992 return (0);
993 993 }
994 994
995 995 if (V8_IS_SMI(addr)) {
996 996 if (typep)
997 997 *typep = 0;
998 998 (void) bsnprintf(bufp, lenp, "SMI: value = %d",
999 999 V8_SMI_VALUE(addr));
1000 1000 return (0);
1001 1001 }
1002 1002
1003 1003 if (read_typebyte(&typebyte, addr) != 0)
1004 1004 return (-1);
1005 1005
1006 1006 if (typep)
1007 1007 *typep = typebyte;
1008 1008
1009 1009 typename = enum_lookup_str(v8_types, typebyte, "<unknown>");
1010 1010 (void) bsnprintf(bufp, lenp, typename);
1011 1011
1012 1012 if (strcmp(typename, "Oddball") == 0) {
1013 1013 if (read_heap_ptr(&strptr, addr,
1014 1014 V8_OFF_ODDBALL_TO_STRING) != -1) {
1015 1015 (void) bsnprintf(bufp, lenp, ": \"");
1016 1016 (void) jsstr_print(strptr, B_FALSE, bufp, lenp);
1017 1017 (void) bsnprintf(bufp, lenp, "\"");
1018 1018 }
1019 1019 }
1020 1020
1021 1021 return (0);
1022 1022 }
1023 1023
1024 1024 /*
1025 1025 * Print out the fields of the given object that come from the given class.
1026 1026 */
1027 1027 static int
1028 1028 obj_print_fields(uintptr_t baddr, v8_class_t *clp)
1029 1029 {
1030 1030 v8_field_t *flp;
1031 1031 uintptr_t addr, value;
1032 1032 int rv;
1033 1033 char *bufp;
1034 1034 size_t len;
1035 1035 uint8_t type;
1036 1036 char buf[256];
1037 1037
1038 1038 for (flp = clp->v8c_fields; flp != NULL; flp = flp->v8f_next) {
1039 1039 bufp = buf;
1040 1040 len = sizeof (buf);
1041 1041
1042 1042 addr = baddr + V8_OFF_HEAP(flp->v8f_offset);
1043 1043
1044 1044 if (flp->v8f_isbyte) {
1045 1045 uint8_t sv;
1046 1046 if (mdb_vread(&sv, sizeof (sv), addr) == -1) {
1047 1047 mdb_printf("%p %s (unreadable)\n",
1048 1048 addr, flp->v8f_name);
1049 1049 continue;
1050 1050 }
1051 1051
1052 1052 mdb_printf("%p %s = 0x%x\n", addr, flp->v8f_name, sv);
1053 1053 continue;
1054 1054 }
1055 1055
1056 1056 rv = mdb_vread((void *)&value, sizeof (value), addr);
1057 1057
1058 1058 if (rv != sizeof (value) ||
1059 1059 obj_jstype(value, &bufp, &len, &type) != 0) {
1060 1060 mdb_printf("%p %s (unreadable)\n", addr, flp->v8f_name);
1061 1061 continue;
1062 1062 }
1063 1063
1064 1064 if (type != 0 && V8_TYPE_STRING(type)) {
1065 1065 (void) bsnprintf(&bufp, &len, ": \"");
1066 1066 (void) jsstr_print(value, B_FALSE, &bufp, &len);
1067 1067 (void) bsnprintf(&bufp, &len, "\"");
1068 1068 }
1069 1069
1070 1070 mdb_printf("%p %s = %p (%s)\n", addr, flp->v8f_name, value,
1071 1071 buf);
1072 1072 }
1073 1073
1074 1074 return (DCMD_OK);
1075 1075 }
1076 1076
1077 1077 /*
1078 1078 * Print out all fields of the given object, starting with the root of the class
1079 1079 * hierarchy and working down the most specific type.
1080 1080 */
1081 1081 static int
1082 1082 obj_print_class(uintptr_t addr, v8_class_t *clp)
1083 1083 {
1084 1084 int rv = 0;
1085 1085
1086 1086 /*
1087 1087 * If we have no fields, we just print a simple inheritance hierarchy.
1088 1088 * If we have fields but our parent doesn't, our header includes the
1089 1089 * inheritance hierarchy.
1090 1090 */
1091 1091 if (clp->v8c_end == 0) {
1092 1092 mdb_printf("%s ", clp->v8c_name);
1093 1093
1094 1094 if (clp->v8c_parent != NULL) {
1095 1095 mdb_printf("< ");
1096 1096 (void) obj_print_class(addr, clp->v8c_parent);
1097 1097 }
1098 1098
1099 1099 return (0);
1100 1100 }
1101 1101
1102 1102 mdb_printf("%p %s", addr, clp->v8c_name);
1103 1103
1104 1104 if (clp->v8c_start == 0 && clp->v8c_parent != NULL) {
1105 1105 mdb_printf(" < ");
1106 1106 (void) obj_print_class(addr, clp->v8c_parent);
1107 1107 }
1108 1108
1109 1109 mdb_printf(" {\n");
1110 1110 (void) mdb_inc_indent(4);
1111 1111
1112 1112 if (clp->v8c_start > 0 && clp->v8c_parent != NULL)
1113 1113 rv = obj_print_class(addr, clp->v8c_parent);
1114 1114
1115 1115 rv |= obj_print_fields(addr, clp);
1116 1116 (void) mdb_dec_indent(4);
1117 1117 mdb_printf("}\n");
1118 1118
1119 1119 return (rv);
1120 1120 }
1121 1121
1122 1122 /*
1123 1123 * Print the ASCII string for the given ASCII JS string, expanding ConsStrings
1124 1124 * and ExternalStrings as needed.
1125 1125 */
1126 1126 static int jsstr_print_seq(uintptr_t, boolean_t, char **, size_t *);
1127 1127 static int jsstr_print_cons(uintptr_t, boolean_t, char **, size_t *);
1128 1128 static int jsstr_print_external(uintptr_t, boolean_t, char **, size_t *);
1129 1129
1130 1130 static int
1131 1131 jsstr_print(uintptr_t addr, boolean_t verbose, char **bufp, size_t *lenp)
1132 1132 {
1133 1133 uint8_t typebyte;
1134 1134 int err = 0;
1135 1135 char *lbufp;
1136 1136 size_t llen;
1137 1137 char buf[64];
1138 1138
1139 1139 if (read_typebyte(&typebyte, addr) != 0)
1140 1140 return (0);
1141 1141
1142 1142 if (!V8_TYPE_STRING(typebyte)) {
1143 1143 (void) bsnprintf(bufp, lenp, "<not a string>");
1144 1144 return (0);
1145 1145 }
1146 1146
1147 1147 if (!V8_STRENC_ASCII(typebyte)) {
1148 1148 (void) bsnprintf(bufp, lenp, "<two-byte string>");
1149 1149 return (0);
1150 1150 }
1151 1151
1152 1152 if (verbose) {
1153 1153 lbufp = buf;
1154 1154 llen = sizeof (buf);
1155 1155 (void) obj_jstype(addr, &lbufp, &llen, NULL);
1156 1156 mdb_printf("%s\n", buf);
1157 1157 (void) mdb_inc_indent(4);
1158 1158 }
1159 1159
1160 1160 if (V8_STRREP_SEQ(typebyte))
1161 1161 err = jsstr_print_seq(addr, verbose, bufp, lenp);
1162 1162 else if (V8_STRREP_CONS(typebyte))
1163 1163 err = jsstr_print_cons(addr, verbose, bufp, lenp);
1164 1164 else if (V8_STRREP_EXT(typebyte))
1165 1165 err = jsstr_print_external(addr, verbose, bufp, lenp);
1166 1166 else {
1167 1167 (void) bsnprintf(bufp, lenp, "<unknown string type>");
1168 1168 err = -1;
1169 1169 }
1170 1170
1171 1171 if (verbose)
1172 1172 (void) mdb_dec_indent(4);
1173 1173
1174 1174 return (err);
1175 1175 }
1176 1176
1177 1177 static int
1178 1178 jsstr_print_seq(uintptr_t addr, boolean_t verbose, char **bufp, size_t *lenp)
1179 1179 {
1180 1180 uintptr_t len, rlen;
1181 1181 char buf[256];
1182 1182
1183 1183 if (read_heap_smi(&len, addr, V8_OFF_STRING_LENGTH) != 0)
1184 1184 return (-1);
1185 1185
1186 1186 rlen = len <= sizeof (buf) - 1 ? len : sizeof (buf) - sizeof ("[...]");
1187 1187
1188 1188 if (verbose)
1189 1189 mdb_printf("length: %d, will read: %d\n", len, rlen);
1190 1190
1191 1191 buf[0] = '\0';
1192 1192
1193 1193 if (rlen > 0 && mdb_readstr(buf, rlen + 1,
1194 1194 addr + V8_OFF_SEQASCIISTR_CHARS) == -1) {
1195 1195 v8_warn("failed to read SeqString data");
1196 1196 return (-1);
1197 1197 }
1198 1198
1199 1199 if (rlen != len)
1200 1200 (void) strlcat(buf, "[...]", sizeof (buf));
1201 1201
1202 1202 if (verbose)
1203 1203 mdb_printf("value: \"%s\"\n", buf);
1204 1204
1205 1205 (void) bsnprintf(bufp, lenp, "%s", buf);
1206 1206 return (0);
1207 1207 }
1208 1208
1209 1209 static int
1210 1210 jsstr_print_cons(uintptr_t addr, boolean_t verbose, char **bufp, size_t *lenp)
1211 1211 {
1212 1212 uintptr_t ptr1, ptr2;
1213 1213
1214 1214 if (read_heap_ptr(&ptr1, addr, V8_OFF_CONSSTRING_FIRST) != 0 ||
1215 1215 read_heap_ptr(&ptr2, addr, V8_OFF_CONSSTRING_SECOND) != 0)
1216 1216 return (-1);
1217 1217
1218 1218 if (verbose) {
1219 1219 mdb_printf("ptr1: %p\n", ptr1);
1220 1220 mdb_printf("ptr2: %p\n", ptr2);
1221 1221 }
1222 1222
1223 1223 if (jsstr_print(ptr1, verbose, bufp, lenp) != 0)
1224 1224 return (-1);
1225 1225
1226 1226 return (jsstr_print(ptr2, verbose, bufp, lenp));
1227 1227 }
1228 1228
1229 1229 static int
1230 1230 jsstr_print_external(uintptr_t addr, boolean_t verbose, char **bufp,
1231 1231 size_t *lenp)
1232 1232 {
1233 1233 uintptr_t ptr1, ptr2;
1234 1234 char buf[256];
1235 1235
1236 1236 if (verbose)
1237 1237 mdb_printf("assuming Node.js string\n");
1238 1238
1239 1239 if (read_heap_ptr(&ptr1, addr, V8_OFF_EXTERNALSTRING_RESOURCE) != 0)
1240 1240 return (-1);
1241 1241
1242 1242 if (mdb_vread(&ptr2, sizeof (ptr2),
1243 1243 ptr1 + NODE_OFF_EXTSTR_DATA) == -1) {
1244 1244 v8_warn("failed to read node external pointer: %p",
1245 1245 ptr1 + NODE_OFF_EXTSTR_DATA);
1246 1246 return (-1);
1247 1247 }
1248 1248
1249 1249 if (mdb_readstr(buf, sizeof (buf), ptr2) == -1) {
1250 1250 v8_warn("failed to read ExternalString data");
1251 1251 return (-1);
1252 1252 }
1253 1253
1254 1254 if (buf[0] != '\0' && !isascii(buf[0])) {
1255 1255 v8_warn("failed to read ExternalString ascii data\n");
1256 1256 return (-1);
1257 1257 }
1258 1258
1259 1259 (void) bsnprintf(bufp, lenp, "%s", buf);
1260 1260 return (0);
1261 1261 }
1262 1262
1263 1263 /*
1264 1264 * Returns true if the given address refers to the "undefined" object. Returns
1265 1265 * false on failure (since we shouldn't fail on the actual "undefined" value).
1266 1266 */
1267 1267 static boolean_t
1268 1268 jsobj_is_undefined(uintptr_t addr)
1269 1269 {
1270 1270 uint8_t type;
1271 1271 uintptr_t strptr;
1272 1272 const char *typename;
1273 1273 char buf[16];
1274 1274 char *bufp = buf;
1275 1275 size_t len = sizeof (buf);
1276 1276
1277 1277 v8_silent++;
1278 1278
1279 1279 if (read_typebyte(&type, addr) != 0) {
1280 1280 v8_silent--;
1281 1281 return (B_FALSE);
1282 1282 }
1283 1283
1284 1284 v8_silent--;
1285 1285
1286 1286 typename = enum_lookup_str(v8_types, type, "<unknown>");
1287 1287 if (strcmp(typename, "Oddball") != 0)
1288 1288 return (B_FALSE);
1289 1289
1290 1290 if (read_heap_ptr(&strptr, addr, V8_OFF_ODDBALL_TO_STRING) == -1)
1291 1291 return (B_FALSE);
1292 1292
1293 1293 if (jsstr_print(strptr, B_FALSE, &bufp, &len) != 0)
1294 1294 return (B_FALSE);
1295 1295
1296 1296 return (strcmp(buf, "undefined") == 0);
1297 1297 }
1298 1298
1299 1299 static int
1300 1300 jsobj_properties(uintptr_t addr,
1301 1301 int (*func)(const char *, uintptr_t, void *), void *arg)
1302 1302 {
1303 1303 uintptr_t ptr, map;
1304 1304 uintptr_t *props = NULL, *descs = NULL, *content = NULL, *trans;
1305 1305 size_t size, nprops, ndescs, ncontent, ntrans;
1306 1306 ssize_t ii, rndescs;
1307 1307 uint8_t type, ninprops;
1308 1308 int rval = -1;
1309 1309 size_t ps = sizeof (uintptr_t);
1310 1310 ssize_t off;
1311 1311
1312 1312 /*
1313 1313 * Objects have either "fast" properties represented with a FixedArray
1314 1314 * or slow properties represented with a Dictionary. We only support
1315 1315 * the former, so we check that up front.
1316 1316 */
1317 1317 if (mdb_vread(&ptr, ps, addr + V8_OFF_JSOBJECT_PROPERTIES) == -1)
1318 1318 return (-1);
1319 1319
1320 1320 if (read_typebyte(&type, ptr) != 0)
1321 1321 return (-1);
1322 1322
1323 1323 if (type != V8_TYPE_FIXEDARRAY)
1324 1324 return (func(NULL, 0, arg));
1325 1325
1326 1326 if (read_heap_array(ptr, &props, &nprops, UM_SLEEP) != 0)
1327 1327 return (-1);
1328 1328
1329 1329 /*
1330 1330 * To iterate the properties, we need to examine the instance
1331 1331 * descriptors of the associated Map object. Depending on the version
1332 1332 * of V8, this might be found directly from the map -- or indirectly
1333 1333 * via the transitions array.
1334 1334 */
1335 1335 if (mdb_vread(&map, ps, addr + V8_OFF_HEAPOBJECT_MAP) == -1)
1336 1336 goto err;
1337 1337
1338 1338 if ((off = V8_OFF_MAP_INSTANCE_DESCRIPTORS) == -1) {
1339 1339 if (V8_OFF_MAP_TRANSITIONS == -1 ||
1340 1340 V8_TRANSITIONS_IDX_DESC == -1 ||
1341 1341 V8_PROP_IDX_CONTENT != -1) {
1342 1342 mdb_warn("missing instance_descriptors, but did "
1343 1343 "not find expected transitions array metadata; "
1344 1344 "cannot read properties\n");
1345 1345 goto err;
1346 1346 }
1347 1347
1348 1348 off = V8_OFF_MAP_TRANSITIONS;
1349 1349 }
1350 1350
1351 1351 if (mdb_vread(&ptr, ps, map + off) == -1)
1352 1352 goto err;
1353 1353
1354 1354 if (V8_OFF_MAP_TRANSITIONS != -1) {
1355 1355 if (read_heap_array(ptr, &trans, &ntrans, UM_SLEEP) != 0)
1356 1356 goto err;
1357 1357
1358 1358 ptr = trans[V8_TRANSITIONS_IDX_DESC];
1359 1359 mdb_free(trans, ntrans * sizeof (uintptr_t));
1360 1360 }
1361 1361
1362 1362 if (read_heap_array(ptr, &descs, &ndescs, UM_SLEEP) != 0)
1363 1363 goto err;
1364 1364
1365 1365 if (read_size(&size, addr) != 0)
1366 1366 size = 0;
1367 1367
1368 1368 if (mdb_vread(&ninprops, 1, map + V8_OFF_MAP_INOBJECT_PROPERTIES) == -1)
1369 1369 goto err;
1370 1370
1371 1371 if (V8_PROP_IDX_CONTENT != -1 && V8_PROP_IDX_CONTENT < ndescs &&
1372 1372 read_heap_array(descs[V8_PROP_IDX_CONTENT], &content,
1373 1373 &ncontent, UM_SLEEP) != 0)
1374 1374 goto err;
1375 1375
1376 1376 if ((V8_PROP_IDX_CONTENT == -1 && V8_PROP_DESC_SIZE == -1) ||
1377 1377 (V8_PROP_IDX_CONTENT != -1 && V8_PROP_DESC_SIZE != -1)) {
1378 1378 /*
1379 1379 * Exactly one of these must be set; if they're both unset or
1380 1380 * both set (that is, if the -- ahem -- logical xor of being
1381 1381 * set evaluates to false), we have a misconfiguration.
1382 1382 */
1383 1383 mdb_warn("v8dbg_prop_idx_content (%ld) is inconsistent with "
1384 1384 "v8dbg_prop_desc_size (%ld); cannot read properties\n",
1385 1385 V8_PROP_IDX_CONTENT, V8_PROP_DESC_SIZE);
1386 1386 goto err;
1387 1387 }
1388 1388
1389 1389 if (V8_PROP_IDX_CONTENT == -1) {
1390 1390 /*
1391 1391 * On node v0.8 and later, the content is not stored in an
1392 1392 * orthogonal FixedArray, but rather with the descriptors.
1393 1393 */
1394 1394 content = descs;
1395 1395 ncontent = ndescs;
1396 1396 rndescs = ndescs > V8_PROP_IDX_FIRST ?
1397 1397 (ndescs - V8_PROP_IDX_FIRST) / V8_PROP_DESC_SIZE : 0;
1398 1398 } else {
1399 1399 rndescs = ndescs - V8_PROP_IDX_FIRST;
1400 1400 }
1401 1401
1402 1402 for (ii = 0; ii < rndescs; ii++) {
1403 1403 uintptr_t keyidx, validx, detidx, baseidx;
1404 1404 char buf[1024];
1405 1405 intptr_t val;
1406 1406 uint_t len = sizeof (buf);
1407 1407 char *c = buf;
1408 1408
1409 1409 if (V8_PROP_IDX_CONTENT != -1) {
1410 1410 /*
1411 1411 * In node versions prior to v0.8, this was hardcoded
1412 1412 * in the V8 implementation, so we hardcode it here
1413 1413 * as well.
1414 1414 */
1415 1415 keyidx = ii + V8_PROP_IDX_FIRST;
1416 1416 validx = ii << 1;
1417 1417 detidx = (ii << 1) + 1;
1418 1418 } else {
1419 1419 baseidx = V8_PROP_IDX_FIRST + (ii * V8_PROP_DESC_SIZE);
1420 1420 keyidx = baseidx + V8_PROP_DESC_KEY;
1421 1421 validx = baseidx + V8_PROP_DESC_VALUE;
1422 1422 detidx = baseidx + V8_PROP_DESC_DETAILS;
1423 1423 }
1424 1424
1425 1425 if (detidx >= ncontent) {
1426 1426 v8_warn("property descriptor %d: detidx (%d) "
1427 1427 "out of bounds for content array (length %d)\n",
1428 1428 ii, detidx, ncontent);
1429 1429 continue;
1430 1430 }
1431 1431
1432 1432 if (content != descs && !V8_DESC_ISFIELD(content[detidx]))
1433 1433 continue;
1434 1434
1435 1435 if (keyidx >= ndescs) {
1436 1436 v8_warn("property descriptor %d: keyidx (%d) "
1437 1437 "out of bounds for descriptor array (length %d)\n",
1438 1438 ii, keyidx, ndescs);
1439 1439 continue;
1440 1440 }
1441 1441
1442 1442 if (jsstr_print(descs[keyidx], B_FALSE, &c, &len) != 0)
1443 1443 continue;
1444 1444
1445 1445 val = (intptr_t)content[validx];
1446 1446
1447 1447 if (!V8_IS_SMI(val)) {
1448 1448 v8_warn("property descriptor %d: value index value "
1449 1449 "is not an SMI: %p\n", ii, val);
1450 1450 continue;
1451 1451 }
1452 1452
1453 1453 val = V8_SMI_VALUE(val) - ninprops;
1454 1454
1455 1455 if (val < 0) {
1456 1456 /* property is stored directly in the object */
1457 1457 if (mdb_vread(&ptr, sizeof (ptr), addr + V8_OFF_HEAP(
1458 1458 size + val * sizeof (uintptr_t))) == -1) {
1459 1459 v8_warn("failed to read in-object "
1460 1460 "property at %p\n", addr + V8_OFF_HEAP(
1461 1461 size + val * sizeof (uintptr_t)));
1462 1462 continue;
1463 1463 }
1464 1464 } else {
1465 1465 /* property should be in "props" array */
1466 1466 if (val >= nprops) {
1467 1467 v8_warn("property descriptor %d: value index "
1468 1468 "value (%d) out of bounds (%d)\n", ii, val,
1469 1469 nprops);
1470 1470 continue;
1471 1471 }
1472 1472
1473 1473 ptr = props[val];
1474 1474 }
1475 1475
1476 1476 if (func(buf, ptr, arg) != 0)
1477 1477 goto err;
1478 1478 }
1479 1479
1480 1480 rval = 0;
1481 1481 err:
1482 1482 if (props != NULL)
1483 1483 mdb_free(props, nprops * sizeof (uintptr_t));
1484 1484
1485 1485 if (descs != NULL)
1486 1486 mdb_free(descs, ndescs * sizeof (uintptr_t));
1487 1487
1488 1488 if (content != NULL && V8_PROP_IDX_CONTENT != -1)
1489 1489 mdb_free(content, ncontent * sizeof (uintptr_t));
1490 1490
1491 1491 return (rval);
|
↓ open down ↓ |
1491 lines elided |
↑ open up ↑ |
1492 1492 }
1493 1493
1494 1494 /*
1495 1495 * Given the line endings table in "lendsp", computes the line number for the
1496 1496 * given token position and print the result into "buf". If "lendsp" is
1497 1497 * undefined, prints the token position instead.
1498 1498 */
1499 1499 static int
1500 1500 jsfunc_lineno(uintptr_t lendsp, uintptr_t tokpos, char *buf, size_t buflen)
1501 1501 {
1502 - uintptr_t size, bufsz, lower, upper, ii;
1502 + uintptr_t size, bufsz, lower, upper, ii = 0;
1503 1503 uintptr_t *data;
1504 1504
1505 1505 if (jsobj_is_undefined(lendsp)) {
1506 1506 /*
1507 1507 * The token position is an SMI, but it comes in as its raw
1508 1508 * value so we can more easily compare it to values in the line
1509 1509 * endings table. If we're just printing the position directly,
1510 1510 * we must convert it here.
1511 1511 */
1512 1512 mdb_snprintf(buf, buflen, "position %d", V8_SMI_VALUE(tokpos));
1513 1513 return (0);
1514 1514 }
1515 1515
1516 1516 if (read_heap_smi(&size, lendsp, V8_OFF_FIXEDARRAY_LENGTH) != 0)
1517 1517 return (-1);
1518 1518
1519 1519 bufsz = size * sizeof (data[0]);
1520 1520
1521 1521 if ((data = mdb_alloc(bufsz, UM_NOSLEEP)) == NULL) {
1522 1522 v8_warn("failed to alloc %d bytes for FixedArray data", bufsz);
1523 1523 return (-1);
1524 1524 }
1525 1525
1526 1526 if (mdb_vread(data, bufsz, lendsp + V8_OFF_FIXEDARRAY_DATA) != bufsz) {
1527 1527 v8_warn("failed to read FixedArray data");
1528 1528 mdb_free(data, bufsz);
1529 1529 return (-1);
1530 1530 }
1531 1531
1532 1532 lower = 0;
1533 1533 upper = size - 1;
1534 1534
1535 1535 if (tokpos > data[upper]) {
1536 1536 (void) strlcpy(buf, "position out of range", buflen);
1537 1537 mdb_free(data, bufsz);
1538 1538 return (0);
1539 1539 }
1540 1540
1541 1541 if (tokpos <= data[0]) {
1542 1542 (void) strlcpy(buf, "line 1", buflen);
1543 1543 mdb_free(data, bufsz);
1544 1544 return (0);
1545 1545 }
1546 1546
1547 1547 while (upper >= 1) {
1548 1548 ii = (lower + upper) >> 1;
1549 1549 if (tokpos > data[ii])
1550 1550 lower = ii + 1;
1551 1551 else if (tokpos <= data[ii - 1])
1552 1552 upper = ii - 1;
1553 1553 else
1554 1554 break;
1555 1555 }
1556 1556
1557 1557 (void) mdb_snprintf(buf, buflen, "line %d", ii + 1);
1558 1558 mdb_free(data, bufsz);
1559 1559 return (0);
1560 1560 }
1561 1561
1562 1562 /*
1563 1563 * Given a SharedFunctionInfo object, prints into bufp a name of the function
1564 1564 * suitable for printing. This function attempts to infer a name for anonymous
1565 1565 * functions.
1566 1566 */
1567 1567 static int
1568 1568 jsfunc_name(uintptr_t funcinfop, char **bufp, size_t *lenp)
1569 1569 {
1570 1570 uintptr_t ptrp;
1571 1571 char *bufs = *bufp;
1572 1572
1573 1573 if (read_heap_ptr(&ptrp, funcinfop,
1574 1574 V8_OFF_SHAREDFUNCTIONINFO_NAME) != 0 ||
1575 1575 jsstr_print(ptrp, B_FALSE, bufp, lenp) != 0)
1576 1576 return (-1);
1577 1577
1578 1578 if (*bufp != bufs)
1579 1579 return (0);
1580 1580
1581 1581 if (read_heap_ptr(&ptrp, funcinfop,
1582 1582 V8_OFF_SHAREDFUNCTIONINFO_INFERRED_NAME) != 0) {
1583 1583 (void) bsnprintf(bufp, lenp, "<anonymous>");
1584 1584 return (0);
1585 1585 }
1586 1586
1587 1587 (void) bsnprintf(bufp, lenp, "<anonymous> (as ");
1588 1588 bufs = *bufp;
1589 1589
1590 1590 if (jsstr_print(ptrp, B_FALSE, bufp, lenp) != 0)
1591 1591 return (-1);
1592 1592
1593 1593 if (*bufp == bufs)
1594 1594 (void) bsnprintf(bufp, lenp, "<anon>");
1595 1595
1596 1596 (void) bsnprintf(bufp, lenp, ")");
1597 1597
1598 1598 return (0);
1599 1599 }
1600 1600
1601 1601 /*
1602 1602 * JavaScript-level object printing
1603 1603 */
1604 1604 typedef struct jsobj_print {
1605 1605 char **jsop_bufp;
1606 1606 size_t *jsop_lenp;
1607 1607 int jsop_indent;
1608 1608 uint64_t jsop_depth;
1609 1609 boolean_t jsop_printaddr;
1610 1610 int jsop_nprops;
1611 1611 } jsobj_print_t;
1612 1612
1613 1613 static int jsobj_print_number(uintptr_t, jsobj_print_t *);
1614 1614 static int jsobj_print_oddball(uintptr_t, jsobj_print_t *);
1615 1615 static int jsobj_print_jsobject(uintptr_t, jsobj_print_t *);
1616 1616 static int jsobj_print_jsarray(uintptr_t, jsobj_print_t *);
1617 1617 static int jsobj_print_jsfunction(uintptr_t, jsobj_print_t *);
1618 1618
1619 1619 static int
1620 1620 jsobj_print(uintptr_t addr, jsobj_print_t *jsop)
1621 1621 {
1622 1622 uint8_t type;
1623 1623 const char *klass;
1624 1624 char **bufp = jsop->jsop_bufp;
1625 1625 size_t *lenp = jsop->jsop_lenp;
1626 1626
1627 1627 const struct {
1628 1628 char *name;
1629 1629 int (*func)(uintptr_t, jsobj_print_t *);
1630 1630 } table[] = {
1631 1631 { "HeapNumber", jsobj_print_number },
1632 1632 { "Oddball", jsobj_print_oddball },
1633 1633 { "JSObject", jsobj_print_jsobject },
1634 1634 { "JSArray", jsobj_print_jsarray },
1635 1635 { "JSFunction", jsobj_print_jsfunction },
1636 1636 { NULL }
1637 1637 }, *ent;
1638 1638
1639 1639 if (jsop->jsop_printaddr)
1640 1640 (void) bsnprintf(bufp, lenp, "%p: ", addr);
1641 1641
1642 1642 if (V8_IS_SMI(addr)) {
1643 1643 (void) bsnprintf(bufp, lenp, "%d", V8_SMI_VALUE(addr));
1644 1644 return (0);
1645 1645 }
1646 1646
1647 1647 if (!V8_IS_HEAPOBJECT(addr)) {
1648 1648 v8_warn("not a heap object: %p\n", addr);
1649 1649 return (-1);
1650 1650 }
1651 1651
1652 1652 if (read_typebyte(&type, addr) != 0)
1653 1653 return (-1);
1654 1654
1655 1655 if (V8_TYPE_STRING(type))
1656 1656 return (jsstr_print(addr, B_FALSE, bufp, lenp));
1657 1657
1658 1658 klass = enum_lookup_str(v8_types, type, "<unknown>");
1659 1659
1660 1660 for (ent = &table[0]; ent->name != NULL; ent++) {
1661 1661 if (strcmp(klass, ent->name) == 0)
1662 1662 return (ent->func(addr, jsop));
1663 1663 }
1664 1664
1665 1665 v8_warn("unknown JavaScript object type \"%s\"\n", klass);
1666 1666 return (-1);
1667 1667 }
1668 1668
1669 1669 static int
1670 1670 jsobj_print_number(uintptr_t addr, jsobj_print_t *jsop)
1671 1671 {
1672 1672 char **bufp = jsop->jsop_bufp;
1673 1673 size_t *lenp = jsop->jsop_lenp;
1674 1674 double numval;
1675 1675
1676 1676 if (read_heap_double(&numval, addr, V8_OFF_HEAPNUMBER_VALUE) == -1)
1677 1677 return (-1);
1678 1678
1679 1679 if (numval == (long long)numval)
1680 1680 (void) bsnprintf(bufp, lenp, "%lld", (long long)numval);
1681 1681 else
1682 1682 (void) bsnprintf(bufp, lenp, "%e", numval);
1683 1683
1684 1684 return (0);
1685 1685 }
1686 1686
1687 1687 static int
1688 1688 jsobj_print_oddball(uintptr_t addr, jsobj_print_t *jsop)
1689 1689 {
1690 1690 char **bufp = jsop->jsop_bufp;
1691 1691 size_t *lenp = jsop->jsop_lenp;
1692 1692 uintptr_t strptr;
1693 1693
1694 1694 if (read_heap_ptr(&strptr, addr, V8_OFF_ODDBALL_TO_STRING) != 0)
1695 1695 return (-1);
1696 1696
1697 1697 return (jsstr_print(strptr, B_FALSE, bufp, lenp));
1698 1698 }
1699 1699
1700 1700 static int
1701 1701 jsobj_print_prop(const char *desc, uintptr_t val, void *arg)
1702 1702 {
1703 1703 jsobj_print_t *jsop = arg, descend;
1704 1704 char **bufp = jsop->jsop_bufp;
1705 1705 size_t *lenp = jsop->jsop_lenp;
1706 1706
1707 1707 if (desc == NULL) {
1708 1708 jsop->jsop_nprops = -1;
1709 1709 return (0);
1710 1710 }
1711 1711
1712 1712 (void) bsnprintf(bufp, lenp, "%s\n%*s%s: ", jsop->jsop_nprops == 0 ?
1713 1713 "{" : "", jsop->jsop_indent + 4, "", desc);
1714 1714
1715 1715 descend = *jsop;
1716 1716 descend.jsop_depth--;
1717 1717 descend.jsop_indent += 4;
1718 1718
1719 1719 (void) jsobj_print(val, &descend);
1720 1720 (void) bsnprintf(bufp, lenp, ",");
1721 1721
1722 1722 jsop->jsop_nprops++;
1723 1723
1724 1724 return (0);
1725 1725 }
1726 1726
1727 1727 static int
1728 1728 jsobj_print_jsobject(uintptr_t addr, jsobj_print_t *jsop)
1729 1729 {
1730 1730 char **bufp = jsop->jsop_bufp;
1731 1731 size_t *lenp = jsop->jsop_lenp;
1732 1732
1733 1733 if (jsop->jsop_depth == 0) {
1734 1734 (void) bsnprintf(bufp, lenp, "[...]");
1735 1735 return (0);
1736 1736 }
1737 1737
1738 1738 jsop->jsop_nprops = 0;
1739 1739
1740 1740 if (jsobj_properties(addr, jsobj_print_prop, jsop) != 0)
1741 1741 return (-1);
1742 1742
1743 1743 if (jsop->jsop_nprops > 0) {
1744 1744 (void) bsnprintf(bufp, lenp, "\n%*s", jsop->jsop_indent, "");
1745 1745 } else if (jsop->jsop_nprops == 0) {
1746 1746 (void) bsnprintf(bufp, lenp, "{");
1747 1747 } else {
1748 1748 (void) bsnprintf(bufp, lenp, "{ /* unknown property */ ");
1749 1749 }
1750 1750
1751 1751 (void) bsnprintf(bufp, lenp, "}");
1752 1752
1753 1753 return (0);
1754 1754 }
1755 1755
1756 1756 static int
1757 1757 jsobj_print_jsarray(uintptr_t addr, jsobj_print_t *jsop)
1758 1758 {
1759 1759 char **bufp = jsop->jsop_bufp;
1760 1760 size_t *lenp = jsop->jsop_lenp;
1761 1761 int indent = jsop->jsop_indent;
1762 1762 jsobj_print_t descend;
1763 1763 uintptr_t ptr;
1764 1764 uintptr_t *elts;
1765 1765 size_t ii, len;
1766 1766
1767 1767 if (jsop->jsop_depth == 0) {
1768 1768 (void) bsnprintf(bufp, lenp, "[...]");
1769 1769 return (0);
1770 1770 }
1771 1771
1772 1772 if (read_heap_ptr(&ptr, addr, V8_OFF_JSOBJECT_ELEMENTS) != 0 ||
1773 1773 read_heap_array(ptr, &elts, &len, UM_GC) != 0)
1774 1774 return (-1);
1775 1775
1776 1776 if (len == 0) {
1777 1777 (void) bsnprintf(bufp, lenp, "[]");
1778 1778 return (0);
1779 1779 }
1780 1780
1781 1781 descend = *jsop;
1782 1782 descend.jsop_depth--;
1783 1783 descend.jsop_indent += 4;
1784 1784
1785 1785 if (len == 1) {
1786 1786 (void) bsnprintf(bufp, lenp, "[ ");
1787 1787 (void) jsobj_print(elts[0], &descend);
1788 1788 (void) bsnprintf(bufp, lenp, " ]");
1789 1789 return (0);
1790 1790 }
1791 1791
1792 1792 (void) bsnprintf(bufp, lenp, "[\n");
1793 1793
1794 1794 for (ii = 0; ii < len; ii++) {
1795 1795 (void) bsnprintf(bufp, lenp, "%*s", indent + 4, "");
1796 1796 (void) jsobj_print(elts[ii], &descend);
1797 1797 (void) bsnprintf(bufp, lenp, ",\n");
1798 1798 }
1799 1799
1800 1800 (void) bsnprintf(bufp, lenp, "%*s", indent, "");
1801 1801 (void) bsnprintf(bufp, lenp, "]");
1802 1802
1803 1803 return (0);
1804 1804 }
1805 1805
1806 1806 static int
1807 1807 jsobj_print_jsfunction(uintptr_t addr, jsobj_print_t *jsop)
1808 1808 {
1809 1809 char **bufp = jsop->jsop_bufp;
1810 1810 size_t *lenp = jsop->jsop_lenp;
1811 1811 uintptr_t shared;
1812 1812
1813 1813 if (read_heap_ptr(&shared, addr, V8_OFF_JSFUNCTION_SHARED) != 0)
1814 1814 return (-1);
1815 1815
1816 1816 (void) bsnprintf(bufp, lenp, "function ");
1817 1817 return (jsfunc_name(shared, bufp, lenp) != 0);
1818 1818 }
1819 1819
1820 1820 /*
1821 1821 * dcmd implementations
1822 1822 */
1823 1823
1824 1824 /* ARGSUSED */
1825 1825 static int
1826 1826 dcmd_v8classes(uintptr_t addr, uint_t flags, int argc, const mdb_arg_t *argv)
1827 1827 {
1828 1828 v8_class_t *clp;
1829 1829
1830 1830 for (clp = v8_classes; clp != NULL; clp = clp->v8c_next)
1831 1831 mdb_printf("%s\n", clp->v8c_name);
1832 1832
1833 1833 return (DCMD_OK);
1834 1834 }
1835 1835
1836 1836 static int
1837 1837 do_v8code(uintptr_t addr, boolean_t opt_d)
1838 1838 {
1839 1839 uintptr_t instrlen;
1840 1840 ssize_t instroff = V8_OFF_CODE_INSTRUCTION_START;
1841 1841
1842 1842 if (read_heap_ptr(&instrlen, addr, V8_OFF_CODE_INSTRUCTION_SIZE) != 0)
1843 1843 return (DCMD_ERR);
1844 1844
1845 1845 mdb_printf("code: %p\n", addr);
1846 1846 mdb_printf("instructions: [%p, %p)\n", addr + instroff,
1847 1847 addr + instroff + instrlen);
1848 1848
1849 1849 if (!opt_d)
1850 1850 return (DCMD_OK);
1851 1851
1852 1852 mdb_set_dot(addr + instroff);
1853 1853
1854 1854 do {
1855 1855 (void) mdb_inc_indent(8); /* gets reset by mdb_eval() */
1856 1856
1857 1857 /*
1858 1858 * This is absolutely awful. We want to disassemble the above
1859 1859 * range of instructions. Because we don't know how many there
1860 1860 * are, we can't use "::dis". We resort to evaluating "./i",
1861 1861 * but then we need to advance "." by the size of the
1862 1862 * instruction just printed. The only way to do that is by
1863 1863 * printing out "+", but we don't want that to show up, so we
1864 1864 * redirect it to /dev/null.
1865 1865 */
1866 1866 if (mdb_eval("/i") != 0 ||
1867 1867 mdb_eval("+=p ! cat > /dev/null") != 0) {
1868 1868 (void) mdb_dec_indent(8);
1869 1869 v8_warn("failed to disassemble at %p", mdb_get_dot());
1870 1870 return (DCMD_ERR);
1871 1871 }
1872 1872 } while (mdb_get_dot() < addr + instroff + instrlen);
1873 1873
1874 1874 (void) mdb_dec_indent(8);
1875 1875 return (DCMD_OK);
1876 1876 }
1877 1877
1878 1878 /* ARGSUSED */
1879 1879 static int
1880 1880 dcmd_v8code(uintptr_t addr, uint_t flags, int argc, const mdb_arg_t *argv)
1881 1881 {
1882 1882 boolean_t opt_d = B_FALSE;
1883 1883
1884 1884 if (mdb_getopts(argc, argv, 'd', MDB_OPT_SETBITS, B_TRUE, &opt_d,
1885 1885 NULL) != argc)
1886 1886 return (DCMD_USAGE);
1887 1887
1888 1888 return (do_v8code(addr, opt_d));
1889 1889 }
1890 1890
1891 1891 /* ARGSUSED */
1892 1892 static int
1893 1893 dcmd_v8function(uintptr_t addr, uint_t flags, int argc, const mdb_arg_t *argv)
1894 1894 {
1895 1895 uint8_t type;
1896 1896 uintptr_t funcinfop, scriptp, lendsp, tokpos, namep, codep;
1897 1897 char *bufp;
1898 1898 uint_t len;
1899 1899 boolean_t opt_d = B_FALSE;
1900 1900 char buf[512];
1901 1901
1902 1902 if (mdb_getopts(argc, argv, 'd', MDB_OPT_SETBITS, B_TRUE, &opt_d,
1903 1903 NULL) != argc)
1904 1904 return (DCMD_USAGE);
1905 1905
1906 1906 if (read_typebyte(&type, addr) != 0)
1907 1907 return (DCMD_ERR);
1908 1908
1909 1909 if (strcmp(enum_lookup_str(v8_types, type, ""), "JSFunction") != 0) {
1910 1910 v8_warn("%p is not an instance of JSFunction\n", addr);
1911 1911 return (DCMD_ERR);
1912 1912 }
1913 1913
1914 1914 if (read_heap_ptr(&funcinfop, addr, V8_OFF_JSFUNCTION_SHARED) != 0 ||
1915 1915 read_heap_ptr(&tokpos, funcinfop,
1916 1916 V8_OFF_SHAREDFUNCTIONINFO_FUNCTION_TOKEN_POSITION) != 0 ||
1917 1917 read_heap_ptr(&scriptp, funcinfop,
1918 1918 V8_OFF_SHAREDFUNCTIONINFO_SCRIPT) != 0 ||
1919 1919 read_heap_ptr(&namep, scriptp, V8_OFF_SCRIPT_NAME) != 0 ||
1920 1920 read_heap_ptr(&lendsp, scriptp, V8_OFF_SCRIPT_LINE_ENDS) != 0)
1921 1921 return (DCMD_ERR);
1922 1922
1923 1923 bufp = buf;
1924 1924 len = sizeof (buf);
1925 1925 if (jsfunc_name(funcinfop, &bufp, &len) != 0)
1926 1926 return (DCMD_ERR);
1927 1927
1928 1928 mdb_printf("%p: JSFunction: %s\n", addr, buf);
1929 1929
1930 1930 bufp = buf;
1931 1931 len = sizeof (buf);
1932 1932 mdb_printf("defined at ");
1933 1933
1934 1934 if (jsstr_print(namep, B_FALSE, &bufp, &len) == 0)
1935 1935 mdb_printf("%s ", buf);
1936 1936
1937 1937 if (jsfunc_lineno(lendsp, tokpos, buf, sizeof (buf)) == 0)
1938 1938 mdb_printf("%s", buf);
1939 1939
1940 1940 mdb_printf("\n");
1941 1941
1942 1942 if (read_heap_ptr(&codep,
1943 1943 funcinfop, V8_OFF_SHAREDFUNCTIONINFO_CODE) != 0)
1944 1944 return (DCMD_ERR);
1945 1945
1946 1946 return (do_v8code(codep, opt_d));
1947 1947 }
1948 1948
1949 1949 /* ARGSUSED */
1950 1950 static int
1951 1951 dcmd_v8frametypes(uintptr_t addr, uint_t flags, int argc, const mdb_arg_t *argv)
1952 1952 {
1953 1953 enum_print(v8_frametypes);
1954 1954 return (DCMD_OK);
1955 1955 }
1956 1956
1957 1957 static void
1958 1958 dcmd_v8print_help(void)
1959 1959 {
1960 1960 mdb_printf(
1961 1961 "Prints out \".\" (a V8 heap object) as an instance of its C++\n"
1962 1962 "class. With no arguments, the appropriate class is detected\n"
1963 1963 "automatically. The 'class' argument overrides this to print an\n"
1964 1964 "object as an instance of the given class. The list of known\n"
1965 1965 "classes can be viewed with ::jsclasses.");
1966 1966 }
1967 1967
1968 1968 /* ARGSUSED */
1969 1969 static int
1970 1970 dcmd_v8print(uintptr_t addr, uint_t flags, int argc, const mdb_arg_t *argv)
1971 1971 {
1972 1972 const char *rqclass;
1973 1973 v8_class_t *clp;
1974 1974 char *bufp;
1975 1975 size_t len;
1976 1976 uint8_t type;
1977 1977 char buf[256];
1978 1978
1979 1979 if (argc < 1) {
1980 1980 /*
1981 1981 * If no type was specified, determine it automatically.
1982 1982 */
1983 1983 bufp = buf;
1984 1984 len = sizeof (buf);
1985 1985 if (obj_jstype(addr, &bufp, &len, &type) != 0)
1986 1986 return (DCMD_ERR);
1987 1987
1988 1988 if (type == 0) {
1989 1989 /* For SMI or Failure, just print out the type. */
1990 1990 mdb_printf("%s\n", buf);
1991 1991 return (DCMD_OK);
1992 1992 }
1993 1993
1994 1994 if ((rqclass = enum_lookup_str(v8_types, type, NULL)) == NULL) {
1995 1995 v8_warn("object has unknown type\n");
1996 1996 return (DCMD_ERR);
1997 1997 }
1998 1998 } else {
1999 1999 if (argv[0].a_type != MDB_TYPE_STRING)
2000 2000 return (DCMD_USAGE);
2001 2001
2002 2002 rqclass = argv[0].a_un.a_str;
2003 2003 }
2004 2004
2005 2005 for (clp = v8_classes; clp != NULL; clp = clp->v8c_next) {
2006 2006 if (strcmp(rqclass, clp->v8c_name) == 0)
2007 2007 break;
2008 2008 }
2009 2009
2010 2010 if (clp == NULL) {
2011 2011 v8_warn("unknown class '%s'\n", rqclass);
2012 2012 return (DCMD_USAGE);
2013 2013 }
2014 2014
2015 2015 return (obj_print_class(addr, clp));
2016 2016 }
2017 2017
2018 2018 /* ARGSUSED */
2019 2019 static int
2020 2020 dcmd_v8type(uintptr_t addr, uint_t flags, int argc, const mdb_arg_t *argv)
2021 2021 {
2022 2022 char buf[64];
2023 2023 char *bufp = buf;
2024 2024 size_t len = sizeof (buf);
2025 2025
2026 2026 if (obj_jstype(addr, &bufp, &len, NULL) != 0)
2027 2027 return (DCMD_ERR);
2028 2028
2029 2029 mdb_printf("0x%p: %s\n", addr, buf);
2030 2030 return (DCMD_OK);
2031 2031 }
2032 2032
2033 2033 /* ARGSUSED */
2034 2034 static int
2035 2035 dcmd_v8types(uintptr_t addr, uint_t flags, int argc, const mdb_arg_t *argv)
2036 2036 {
2037 2037 enum_print(v8_types);
2038 2038 return (DCMD_OK);
2039 2039 }
2040 2040
2041 2041 static int
2042 2042 load_current_context(uintptr_t *fpp, uintptr_t *raddrp)
2043 2043 {
2044 2044 mdb_reg_t regfp, regip;
2045 2045
2046 2046 if (mdb_getareg(1, "ebp", ®fp) != 0 ||
2047 2047 mdb_getareg(1, "eip", ®ip) != 0) {
2048 2048 v8_warn("failed to load current context");
2049 2049 return (-1);
2050 2050 }
2051 2051
2052 2052 if (fpp != NULL)
2053 2053 *fpp = (uintptr_t)regfp;
2054 2054
2055 2055 if (raddrp != NULL)
2056 2056 *raddrp = (uintptr_t)regip;
2057 2057
2058 2058 return (0);
2059 2059 }
2060 2060
2061 2061 static int
2062 2062 do_jsframe_special(uintptr_t fptr, uintptr_t raddr)
2063 2063 {
2064 2064 uintptr_t ftype;
2065 2065 const char *ftypename;
2066 2066
2067 2067 /*
2068 2068 * First see if this looks like a native frame rather than a JavaScript
2069 2069 * frame. We check this by asking MDB to print the return address
2070 2070 * symbolically. If that works, we assume this was NOT a V8 frame,
2071 2071 * since those are never in the symbol table.
2072 2072 */
2073 2073 if (mdb_snprintf(NULL, 0, "%A", raddr) > 1) {
2074 2074 mdb_printf("%p %a\n", fptr, raddr);
2075 2075 return (0);
2076 2076 }
2077 2077
2078 2078 /*
2079 2079 * Figure out what kind of frame this is using the same algorithm as
2080 2080 * V8's ComputeType function. First, look for an ArgumentsAdaptorFrame.
2081 2081 */
2082 2082 if (mdb_vread(&ftype, sizeof (ftype), fptr + V8_OFF_FP_CONTEXT) != -1 &&
2083 2083 V8_IS_SMI(ftype) &&
2084 2084 (ftypename = enum_lookup_str(v8_frametypes, V8_SMI_VALUE(ftype),
2085 2085 NULL)) != NULL && strstr(ftypename, "ArgumentsAdaptor") != NULL) {
2086 2086 mdb_printf("%p %a <%s>\n", fptr, raddr, ftypename);
2087 2087 return (0);
2088 2088 }
2089 2089
2090 2090 /*
2091 2091 * Other special frame types are indicated by a marker.
2092 2092 */
2093 2093 if (mdb_vread(&ftype, sizeof (ftype), fptr + V8_OFF_FP_MARKER) != -1 &&
2094 2094 V8_IS_SMI(ftype)) {
2095 2095 ftypename = enum_lookup_str(v8_frametypes, V8_SMI_VALUE(ftype),
2096 2096 NULL);
2097 2097
2098 2098 if (ftypename != NULL)
2099 2099 mdb_printf("%p %a <%s>\n", fptr, raddr, ftypename);
2100 2100 else
2101 2101 mdb_printf("%p %a\n", fptr, raddr);
2102 2102
2103 2103 return (0);
2104 2104 }
2105 2105
2106 2106 return (-1);
2107 2107 }
2108 2108
2109 2109 static int
2110 2110 do_jsframe(uintptr_t fptr, uintptr_t raddr, boolean_t verbose)
2111 2111 {
2112 2112 uintptr_t funcp, funcinfop, tokpos, scriptp, lendsp, ptrp;
2113 2113 uintptr_t ii, nargs;
2114 2114 const char *typename;
2115 2115 char *bufp;
2116 2116 size_t len;
2117 2117 uint8_t type;
2118 2118 char buf[256];
2119 2119
2120 2120 /*
2121 2121 * Check for non-JavaScript frames first.
2122 2122 */
2123 2123 if (do_jsframe_special(fptr, raddr) == 0)
2124 2124 return (DCMD_OK);
2125 2125
2126 2126 /*
2127 2127 * At this point we assume we're looking at a JavaScript frame. As with
2128 2128 * native frames, fish the address out of the parent frame.
2129 2129 */
2130 2130 if (mdb_vread(&funcp, sizeof (funcp),
2131 2131 fptr + V8_OFF_FP_FUNCTION) == -1) {
2132 2132 v8_warn("failed to read stack at %p",
2133 2133 fptr + V8_OFF_FP_FUNCTION);
2134 2134 return (DCMD_ERR);
2135 2135 }
2136 2136
2137 2137 /*
2138 2138 * Check if this thing is really a JSFunction at all. For some frames,
2139 2139 * it's a Code object, presumably indicating some internal frame.
2140 2140 */
2141 2141 v8_silent++;
2142 2142
2143 2143 if (read_typebyte(&type, funcp) != 0 ||
2144 2144 (typename = enum_lookup_str(v8_types, type, NULL)) == NULL) {
2145 2145 v8_silent--;
2146 2146 mdb_printf("%p %a\n", fptr, raddr);
2147 2147 return (DCMD_OK);
2148 2148 }
2149 2149
2150 2150 v8_silent--;
2151 2151
2152 2152 if (strcmp("Code", typename) == 0) {
2153 2153 mdb_printf("%p %a internal (Code: %p)\n", fptr, raddr, funcp);
2154 2154 return (DCMD_OK);
2155 2155 }
2156 2156
2157 2157 if (strcmp("JSFunction", typename) != 0) {
2158 2158 mdb_printf("%p %a unknown (%s: %p)", fptr, raddr, typename,
2159 2159 funcp);
2160 2160 return (DCMD_OK);
2161 2161 }
2162 2162
2163 2163 if (read_heap_ptr(&funcinfop, funcp, V8_OFF_JSFUNCTION_SHARED) != 0)
2164 2164 return (DCMD_ERR);
2165 2165
2166 2166 bufp = buf;
2167 2167 len = sizeof (buf);
2168 2168 if (jsfunc_name(funcinfop, &bufp, &len) != 0)
2169 2169 return (DCMD_ERR);
2170 2170
2171 2171 mdb_printf("%p %a %s (%p)\n", fptr, raddr, buf, funcp);
2172 2172
2173 2173 if (!verbose)
2174 2174 return (DCMD_OK);
2175 2175
2176 2176 /*
2177 2177 * Although the token position is technically an SMI, we're going to
2178 2178 * byte-compare it to other SMI values so we don't want decode it here.
2179 2179 */
2180 2180 if (read_heap_ptr(&tokpos, funcinfop,
2181 2181 V8_OFF_SHAREDFUNCTIONINFO_FUNCTION_TOKEN_POSITION) != 0)
2182 2182 return (DCMD_ERR);
2183 2183
2184 2184 if (read_heap_ptr(&scriptp, funcinfop,
2185 2185 V8_OFF_SHAREDFUNCTIONINFO_SCRIPT) != 0)
2186 2186 return (DCMD_ERR);
2187 2187
2188 2188 if (read_heap_ptr(&ptrp, scriptp, V8_OFF_SCRIPT_NAME) != 0)
2189 2189 return (DCMD_ERR);
2190 2190
2191 2191 bufp = buf;
2192 2192 len = sizeof (buf);
2193 2193 (void) jsstr_print(ptrp, B_FALSE, &bufp, &len);
2194 2194
2195 2195 (void) mdb_inc_indent(4);
2196 2196 mdb_printf("file: %s\n", buf);
2197 2197
2198 2198 if (read_heap_ptr(&lendsp, scriptp, V8_OFF_SCRIPT_LINE_ENDS) != 0)
2199 2199 return (DCMD_ERR);
2200 2200
2201 2201 (void) jsfunc_lineno(lendsp, tokpos, buf, sizeof (buf));
2202 2202
2203 2203 mdb_printf("posn: %s\n", buf);
2204 2204
2205 2205 if (read_heap_smi(&nargs, funcinfop,
2206 2206 V8_OFF_SHAREDFUNCTIONINFO_LENGTH) == 0) {
2207 2207 for (ii = 0; ii < nargs; ii++) {
2208 2208 uintptr_t argptr;
2209 2209
2210 2210 if (mdb_vread(&argptr, sizeof (argptr),
2211 2211 fptr + V8_OFF_FP_ARGS + (nargs - ii - 1) *
2212 2212 sizeof (uintptr_t)) == -1)
2213 2213 continue;
2214 2214
2215 2215 bufp = buf;
2216 2216 len = sizeof (buf);
2217 2217 (void) obj_jstype(argptr, &bufp, &len, NULL);
2218 2218
2219 2219 mdb_printf("arg%d: %p (%s)\n", (ii + 1), argptr, buf);
2220 2220 }
2221 2221 }
2222 2222
2223 2223 (void) mdb_dec_indent(4);
2224 2224
2225 2225 return (DCMD_OK);
2226 2226 }
2227 2227
2228 2228 typedef struct findjsobjects_prop {
2229 2229 struct findjsobjects_prop *fjsp_next;
2230 2230 char fjsp_desc[1];
2231 2231 } findjsobjects_prop_t;
2232 2232
2233 2233 typedef struct findjsobjects_instance {
2234 2234 uintptr_t fjsi_addr;
2235 2235 struct findjsobjects_instance *fjsi_next;
2236 2236 } findjsobjects_instance_t;
2237 2237
2238 2238 typedef struct findjsobjects_obj {
2239 2239 findjsobjects_prop_t *fjso_props;
2240 2240 findjsobjects_prop_t *fjso_last;
2241 2241 int fjso_nprops;
2242 2242 findjsobjects_instance_t fjso_instances;
2243 2243 int fjso_ninstances;
2244 2244 avl_node_t fjso_node;
2245 2245 struct findjsobjects_obj *fjso_next;
2246 2246 } findjsobjects_obj_t;
2247 2247
2248 2248 typedef struct findjsobjects_stats {
2249 2249 int fjss_heapobjs;
2250 2250 int fjss_jsobjs;
2251 2251 int fjss_objects;
2252 2252 int fjss_uniques;
2253 2253 } findjsobjects_stats_t;
2254 2254
2255 2255 typedef struct findjsobjects_state {
2256 2256 uintptr_t fjs_addr;
2257 2257 uintptr_t fjs_size;
2258 2258 boolean_t fjs_verbose;
2259 2259 boolean_t fjs_brk;
2260 2260 boolean_t fjs_initialized;
2261 2261 uintptr_t fjs_referent;
2262 2262 boolean_t fjs_referred;
2263 2263 avl_tree_t fjs_tree;
2264 2264 findjsobjects_obj_t *fjs_current;
2265 2265 findjsobjects_obj_t *fjs_objects;
2266 2266 findjsobjects_stats_t fjs_stats;
2267 2267 } findjsobjects_state_t;
2268 2268
2269 2269 findjsobjects_obj_t *
2270 2270 findjsobjects_alloc(uintptr_t addr)
2271 2271 {
2272 2272 findjsobjects_obj_t *obj;
2273 2273
2274 2274 obj = mdb_zalloc(sizeof (findjsobjects_obj_t), UM_SLEEP);
2275 2275 obj->fjso_instances.fjsi_addr = addr;
2276 2276 obj->fjso_ninstances = 1;
2277 2277
2278 2278 return (obj);
2279 2279 }
2280 2280
2281 2281 void
2282 2282 findjsobjects_free(findjsobjects_obj_t *obj)
2283 2283 {
2284 2284 findjsobjects_prop_t *prop, *next;
2285 2285
2286 2286 for (prop = obj->fjso_props; prop != NULL; prop = next) {
2287 2287 next = prop->fjsp_next;
2288 2288 mdb_free(prop, sizeof (findjsobjects_prop_t) +
2289 2289 strlen(prop->fjsp_desc));
2290 2290 }
2291 2291
2292 2292 mdb_free(obj, sizeof (findjsobjects_obj_t));
2293 2293 }
2294 2294
2295 2295 int
2296 2296 findjsobjects_cmp(findjsobjects_obj_t *lhs, findjsobjects_obj_t *rhs)
2297 2297 {
2298 2298 findjsobjects_prop_t *lprop, *rprop;
2299 2299 int rv;
2300 2300
2301 2301 lprop = lhs->fjso_props;
2302 2302 rprop = rhs->fjso_props;
2303 2303
2304 2304 for (;;) {
2305 2305 if (lprop == NULL || rprop == NULL)
2306 2306 return (lprop != NULL ? 1 : rprop != NULL ? -1 : 0);
2307 2307
2308 2308 if ((rv = strcmp(lprop->fjsp_desc, rprop->fjsp_desc)) != 0)
2309 2309 return (rv > 0 ? 1 : -1);
2310 2310
2311 2311 lprop = lprop->fjsp_next;
2312 2312 rprop = rprop->fjsp_next;
2313 2313 }
2314 2314 }
2315 2315
2316 2316 int
2317 2317 findjsobjects_cmp_ninstances(const void *l, const void *r)
2318 2318 {
2319 2319 findjsobjects_obj_t *lhs = *((findjsobjects_obj_t **)l);
2320 2320 findjsobjects_obj_t *rhs = *((findjsobjects_obj_t **)r);
2321 2321
2322 2322 if (lhs->fjso_ninstances < rhs->fjso_ninstances)
2323 2323 return (-1);
2324 2324
2325 2325 if (lhs->fjso_ninstances > rhs->fjso_ninstances)
2326 2326 return (1);
2327 2327
2328 2328 if (lhs->fjso_nprops < rhs->fjso_nprops)
2329 2329 return (-1);
2330 2330
2331 2331 if (lhs->fjso_nprops > rhs->fjso_nprops)
2332 2332 return (1);
2333 2333
2334 2334 return (0);
2335 2335 }
2336 2336
2337 2337 /*ARGSUSED*/
2338 2338 int
2339 2339 findjsobjects_prop(const char *desc, uintptr_t val, void *arg)
2340 2340 {
2341 2341 findjsobjects_state_t *fjs = arg;
2342 2342 findjsobjects_obj_t *current = fjs->fjs_current;
2343 2343 findjsobjects_prop_t *prop;
2344 2344
2345 2345 if (desc == NULL)
2346 2346 desc = "<unknown>";
2347 2347
2348 2348 prop = mdb_zalloc(sizeof (findjsobjects_prop_t) +
2349 2349 strlen(desc), UM_SLEEP);
2350 2350
2351 2351 strcpy(prop->fjsp_desc, desc);
2352 2352
2353 2353 if (current->fjso_last != NULL) {
2354 2354 current->fjso_last->fjsp_next = prop;
2355 2355 } else {
2356 2356 current->fjso_props = prop;
2357 2357 }
2358 2358
2359 2359 current->fjso_last = prop;
2360 2360 current->fjso_nprops++;
2361 2361
2362 2362 return (0);
2363 2363 }
2364 2364
2365 2365 int
2366 2366 findjsobjects_range(findjsobjects_state_t *fjs, uintptr_t addr, uintptr_t size)
2367 2367 {
2368 2368 uintptr_t limit;
2369 2369 findjsobjects_stats_t *stats = &fjs->fjs_stats;
2370 2370 uint8_t type;
2371 2371 int jsobject = V8_TYPE_JSOBJECT;
2372 2372
2373 2373
2374 2374 for (limit = addr + size; addr < limit; addr++) {
2375 2375 findjsobjects_instance_t *inst;
2376 2376 findjsobjects_obj_t *obj;
2377 2377 avl_index_t where;
2378 2378
2379 2379 if (V8_IS_SMI(addr))
2380 2380 continue;
2381 2381
2382 2382 if (!V8_IS_HEAPOBJECT(addr))
2383 2383 continue;
2384 2384
2385 2385 stats->fjss_heapobjs++;
2386 2386
2387 2387 if (read_typebyte(&type, addr) == -1)
2388 2388 continue;
2389 2389
2390 2390 if (type != jsobject)
2391 2391 continue;
2392 2392
2393 2393 stats->fjss_jsobjs++;
2394 2394
2395 2395 fjs->fjs_current = findjsobjects_alloc(addr);
2396 2396
2397 2397 if (jsobj_properties(addr, findjsobjects_prop, fjs) != 0) {
2398 2398 findjsobjects_free(fjs->fjs_current);
2399 2399 fjs->fjs_current = NULL;
2400 2400 continue;
2401 2401 }
2402 2402
2403 2403 /*
2404 2404 * Now determine if we already have an object matching our
2405 2405 * properties. If we don't, we'll add our new object; if we
2406 2406 * do we'll merely enqeuue our instance.
2407 2407 */
2408 2408 obj = avl_find(&fjs->fjs_tree, fjs->fjs_current, &where);
2409 2409 stats->fjss_objects++;
2410 2410
2411 2411 if (obj == NULL) {
2412 2412 avl_add(&fjs->fjs_tree, fjs->fjs_current);
2413 2413 fjs->fjs_current->fjso_next = fjs->fjs_objects;
2414 2414 fjs->fjs_objects = fjs->fjs_current;
2415 2415 fjs->fjs_current = NULL;
2416 2416 stats->fjss_uniques++;
2417 2417 continue;
2418 2418 }
2419 2419
2420 2420 findjsobjects_free(fjs->fjs_current);
2421 2421 fjs->fjs_current = NULL;
2422 2422
2423 2423 inst = mdb_alloc(sizeof (findjsobjects_instance_t), UM_SLEEP);
2424 2424 inst->fjsi_addr = addr;
2425 2425 inst->fjsi_next = obj->fjso_instances.fjsi_next;
2426 2426 obj->fjso_instances.fjsi_next = inst;
2427 2427 obj->fjso_ninstances++;
2428 2428 }
2429 2429
2430 2430 return (0);
2431 2431 }
2432 2432
2433 2433 static int
2434 2434 findjsobjects_mapping(findjsobjects_state_t *fjs, const prmap_t *pmp,
2435 2435 const char *name)
2436 2436 {
2437 2437 if (name != NULL && !(fjs->fjs_brk && (pmp->pr_mflags & MA_BREAK)))
2438 2438 return (0);
2439 2439
2440 2440 if (fjs->fjs_addr != NULL && (fjs->fjs_addr < pmp->pr_vaddr ||
2441 2441 fjs->fjs_addr >= pmp->pr_vaddr + pmp->pr_size))
2442 2442 return (0);
2443 2443
2444 2444 return (findjsobjects_range(fjs, pmp->pr_vaddr, pmp->pr_size));
2445 2445 }
2446 2446
2447 2447 static int
2448 2448 findjsobjects_references_prop(const char *desc, uintptr_t val, void *arg)
2449 2449 {
2450 2450 findjsobjects_state_t *fjs = arg;
2451 2451
2452 2452 if (val == fjs->fjs_referent) {
2453 2453 mdb_printf("%p referred to by %p.%s\n", fjs->fjs_referent,
2454 2454 fjs->fjs_addr, desc);
2455 2455 fjs->fjs_referred = B_TRUE;
2456 2456 return (0);
2457 2457 }
2458 2458
2459 2459 return (0);
2460 2460 }
2461 2461
2462 2462 static void
2463 2463 findjsobjects_references(findjsobjects_state_t *fjs, uintptr_t addr)
2464 2464 {
2465 2465 findjsobjects_instance_t *inst;
2466 2466 findjsobjects_obj_t *obj;
2467 2467
2468 2468 fjs->fjs_referent = addr;
2469 2469 fjs->fjs_referred = B_FALSE;
2470 2470
2471 2471 v8_silent++;
2472 2472
2473 2473 for (obj = fjs->fjs_objects; obj != NULL; obj = obj->fjso_next) {
2474 2474 for (inst = &obj->fjso_instances;
2475 2475 inst != NULL; inst = inst->fjsi_next) {
2476 2476 fjs->fjs_addr = inst->fjsi_addr;
2477 2477 (void) jsobj_properties(inst->fjsi_addr,
2478 2478 findjsobjects_references_prop, fjs);
2479 2479 }
2480 2480 }
2481 2481
2482 2482 v8_silent--;
2483 2483
2484 2484 if (!fjs->fjs_referred)
2485 2485 mdb_printf("%p is not referred to by a known object.\n", addr);
2486 2486
2487 2487 fjs->fjs_addr = NULL;
2488 2488 }
2489 2489
2490 2490 static char *
2491 2491 findjsobjects_constructor(findjsobjects_obj_t *obj)
2492 2492 {
2493 2493 static char buf[80];
2494 2494 char *bufp = buf, *rval = NULL;
2495 2495 unsigned int len = sizeof (buf);
2496 2496 uintptr_t map, funcinfop;
2497 2497 uintptr_t addr = obj->fjso_instances.fjsi_addr;
2498 2498 uint8_t type;
2499 2499
2500 2500 v8_silent++;
2501 2501
2502 2502 if (read_heap_ptr(&map, addr, V8_OFF_HEAPOBJECT_MAP) != 0 ||
2503 2503 read_heap_ptr(&addr, map, V8_OFF_MAP_CONSTRUCTOR) != 0)
2504 2504 goto out;
2505 2505
2506 2506 if (read_typebyte(&type, addr) != 0)
2507 2507 goto out;
2508 2508
2509 2509 if (strcmp(enum_lookup_str(v8_types, type, ""), "JSFunction") != 0)
2510 2510 goto out;
2511 2511
2512 2512 if (read_heap_ptr(&funcinfop, addr, V8_OFF_JSFUNCTION_SHARED) != 0)
2513 2513 goto out;
2514 2514
2515 2515 if (jsfunc_name(funcinfop, &bufp, &len) != 0)
2516 2516 goto out;
2517 2517
2518 2518 rval = buf;
2519 2519 out:
2520 2520 v8_silent--;
2521 2521
2522 2522 return (rval);
2523 2523 }
2524 2524
2525 2525 static void
2526 2526 findjsobjects_print(findjsobjects_obj_t *obj)
2527 2527 {
2528 2528 int col = 17 + (sizeof (uintptr_t) * 2) + strlen("..."), len;
2529 2529 uintptr_t addr = obj->fjso_instances.fjsi_addr;
2530 2530 char *buf = findjsobjects_constructor(obj);
2531 2531 findjsobjects_prop_t *prop;
2532 2532
2533 2533 mdb_printf("%?p %8d %6d ",
2534 2534 addr, obj->fjso_ninstances, obj->fjso_nprops);
2535 2535
2536 2536 if (buf != NULL) {
2537 2537 mdb_printf("%s: ", buf);
2538 2538 col += strlen(buf) + 2;
2539 2539 }
2540 2540
2541 2541 for (prop = obj->fjso_props; prop != NULL; prop = prop->fjsp_next) {
2542 2542 if (col + (len = strlen(prop->fjsp_desc) + 2) < 80) {
2543 2543 mdb_printf("%s%s", prop->fjsp_desc,
2544 2544 prop->fjsp_next != NULL ? ", " : "");
2545 2545 col += len;
2546 2546 } else {
2547 2547 mdb_printf("...");
2548 2548 break;
2549 2549 }
2550 2550 }
2551 2551
2552 2552 mdb_printf("\n", col);
2553 2553 }
2554 2554
2555 2555 static void
2556 2556 dcmd_findjsobjects_help(void)
2557 2557 {
2558 2558 mdb_printf("%s\n\n",
2559 2559 "Finds all JavaScript objects in the V8 heap via brute force iteration over\n"
2560 2560 "all mapped anonymous memory. (This can take up to several minutes on large\n"
2561 2561 "dumps.) The output consists of representative objects, the number of\n"
2562 2562 "instances of that object and the number of properties on the object --\n"
2563 2563 "followed by the constructor and first few properties of the objects. Once\n"
2564 2564 "run, subsequent calls to ::findjsobjects use cached data. If provided an\n"
2565 2565 "address (and in the absence of -r, described below), ::findjsobjects treats\n"
2566 2566 "the address as that of a representative object, and emits all instances of\n"
2567 2567 "that object (that is, all objects that have a matching property signature).");
2568 2568
2569 2569 mdb_dec_indent(2);
2570 2570 mdb_printf("%<b>OPTIONS%</b>\n");
2571 2571 mdb_inc_indent(2);
2572 2572
2573 2573 mdb_printf("%s\n",
2574 2574 " -b Include the heap denoted by the brk(2) (normally excluded)\n"
2575 2575 " -c cons Display representative objects with the specified constructor\n"
2576 2576 " -p prop Display representative objects that have the specified property\n"
2577 2577 " -r Find references to the specified object\n"
2578 2578 " -v Provide verbose statistics\n");
2579 2579 }
2580 2580
2581 2581 static int
2582 2582 dcmd_findjsobjects(uintptr_t addr,
2583 2583 uint_t flags, int argc, const mdb_arg_t *argv)
2584 2584 {
2585 2585 static findjsobjects_state_t fjs;
2586 2586 static findjsobjects_stats_t *stats = &fjs.fjs_stats;
2587 2587 findjsobjects_obj_t *obj;
2588 2588 findjsobjects_prop_t *prop;
2589 2589 struct ps_prochandle *Pr;
2590 2590 boolean_t references = B_FALSE;
2591 2591 const char *propname = NULL;
2592 2592 const char *constructor = NULL;
2593 2593
2594 2594 fjs.fjs_verbose = B_FALSE;
2595 2595 fjs.fjs_brk = B_FALSE;
2596 2596
2597 2597 if (mdb_getopts(argc, argv,
2598 2598 'b', MDB_OPT_SETBITS, B_TRUE, &fjs.fjs_brk,
2599 2599 'c', MDB_OPT_STR, &constructor,
2600 2600 'p', MDB_OPT_STR, &propname,
2601 2601 'r', MDB_OPT_SETBITS, B_TRUE, &references,
2602 2602 'v', MDB_OPT_SETBITS, B_TRUE, &fjs.fjs_verbose,
2603 2603 NULL) != argc)
2604 2604 return (DCMD_USAGE);
2605 2605
2606 2606 if (!fjs.fjs_initialized) {
2607 2607 avl_create(&fjs.fjs_tree,
2608 2608 (int(*)(const void *, const void *))findjsobjects_cmp,
2609 2609 sizeof (findjsobjects_obj_t),
2610 2610 offsetof(findjsobjects_obj_t, fjso_node));
2611 2611 fjs.fjs_initialized = B_TRUE;
2612 2612 }
2613 2613
2614 2614 if (avl_is_empty(&fjs.fjs_tree)) {
2615 2615 findjsobjects_obj_t **sorted;
2616 2616 int nobjs, i;
2617 2617 hrtime_t start = gethrtime();
2618 2618
2619 2619 if (mdb_get_xdata("pshandle", &Pr, sizeof (Pr)) == -1) {
2620 2620 mdb_warn("couldn't read pshandle xdata");
2621 2621 return (DCMD_ERR);
2622 2622 }
2623 2623
2624 2624 v8_silent++;
2625 2625
2626 2626 if (Pmapping_iter(Pr,
2627 2627 (proc_map_f *)findjsobjects_mapping, &fjs) != 0) {
2628 2628 v8_silent--;
2629 2629 return (DCMD_ERR);
2630 2630 }
2631 2631
2632 2632 nobjs = avl_numnodes(&fjs.fjs_tree);
2633 2633
2634 2634 /*
2635 2635 * We have the objects -- now sort them.
2636 2636 */
2637 2637 sorted = mdb_alloc(nobjs * sizeof (void *), UM_GC);
2638 2638
2639 2639 for (obj = fjs.fjs_objects, i = 0; obj != NULL;
2640 2640 obj = obj->fjso_next, i++) {
2641 2641 sorted[i] = obj;
2642 2642 }
2643 2643
2644 2644 qsort(sorted, avl_numnodes(&fjs.fjs_tree), sizeof (void *),
2645 2645 findjsobjects_cmp_ninstances);
2646 2646
2647 2647 for (i = 1, fjs.fjs_objects = sorted[0]; i < nobjs; i++)
2648 2648 sorted[i - 1]->fjso_next = sorted[i];
2649 2649
2650 2650 sorted[nobjs - 1]->fjso_next = NULL;
2651 2651
2652 2652 v8_silent--;
2653 2653
2654 2654 if (fjs.fjs_verbose) {
2655 2655 const char *f = "findjsobjects: %30s => %d\n";
2656 2656 int elapsed = (int)((gethrtime() - start) / NANOSEC);
2657 2657
2658 2658 mdb_printf(f, "elapsed time (seconds)", elapsed);
2659 2659 mdb_printf(f, "heap objects", stats->fjss_heapobjs);
2660 2660 mdb_printf(f, "JavaScript objects", stats->fjss_jsobjs);
2661 2661 mdb_printf(f, "processed objects", stats->fjss_objects);
2662 2662 mdb_printf(f, "unique objects", stats->fjss_uniques);
2663 2663 }
2664 2664 }
2665 2665
2666 2666 if (propname != NULL) {
2667 2667 if (flags & DCMD_ADDRSPEC) {
2668 2668 mdb_warn("cannot specify an object when "
2669 2669 "specifying a property name\n");
2670 2670 return (DCMD_ERR);
2671 2671 }
2672 2672
2673 2673 if (constructor != NULL) {
2674 2674 mdb_warn("cannot specify both a property name "
2675 2675 "and a constructor\n");
2676 2676 return (DCMD_ERR);
2677 2677 }
2678 2678
2679 2679 for (obj = fjs.fjs_objects; obj != NULL; obj = obj->fjso_next) {
2680 2680 for (prop = obj->fjso_props; prop != NULL;
2681 2681 prop = prop->fjsp_next) {
2682 2682 if (strcmp(prop->fjsp_desc, propname) == 0)
2683 2683 break;
2684 2684 }
2685 2685
2686 2686 if (prop == NULL)
2687 2687 continue;
2688 2688
2689 2689 mdb_printf("%p\n", obj->fjso_instances.fjsi_addr);
2690 2690 }
2691 2691
2692 2692 return (DCMD_OK);
2693 2693 }
2694 2694
2695 2695 if (constructor != NULL) {
2696 2696 if (flags & DCMD_ADDRSPEC) {
2697 2697 mdb_warn("cannot specify an object when "
2698 2698 "specifying a constructor\n");
2699 2699 return (DCMD_ERR);
2700 2700 }
2701 2701
2702 2702 for (obj = fjs.fjs_objects; obj != NULL; obj = obj->fjso_next) {
2703 2703 char *cons = findjsobjects_constructor(obj);
2704 2704
2705 2705 if (cons == NULL || strcmp(constructor, cons) != 0)
2706 2706 continue;
2707 2707
2708 2708 mdb_printf("%p\n", obj->fjso_instances.fjsi_addr);
2709 2709 }
2710 2710
2711 2711 return (DCMD_OK);
2712 2712 }
2713 2713
2714 2714 if (references && !(flags & DCMD_ADDRSPEC)) {
2715 2715 mdb_warn("must specify an object to find references\n");
2716 2716 return (DCMD_ERR);
2717 2717 }
2718 2718
2719 2719 if (flags & DCMD_ADDRSPEC) {
2720 2720 /*
2721 2721 * If we've been passed an address, we're either looking for
2722 2722 * similar objects or for references (if -r has been set).
2723 2723 */
2724 2724 if (references) {
2725 2725 findjsobjects_references(&fjs, addr);
2726 2726 return (DCMD_OK);
2727 2727 }
2728 2728
2729 2729 for (obj = fjs.fjs_objects; obj != NULL; obj = obj->fjso_next) {
2730 2730 findjsobjects_instance_t *inst, *h;
2731 2731
2732 2732 h = &obj->fjso_instances;
2733 2733
2734 2734 for (inst = h; inst != NULL; inst = inst->fjsi_next) {
2735 2735 if (inst->fjsi_addr == addr)
2736 2736 break;
2737 2737 }
2738 2738
2739 2739 if (inst == NULL)
2740 2740 continue;
2741 2741
2742 2742 for (inst = h; inst != NULL; inst = inst->fjsi_next)
2743 2743 mdb_printf("%p\n", inst->fjsi_addr);
2744 2744
2745 2745 return (DCMD_OK);
2746 2746 }
2747 2747
2748 2748 mdb_warn("%p is not a valid object\n", addr);
2749 2749 return (DCMD_ERR);
2750 2750 }
2751 2751
2752 2752 mdb_printf("%-?s %8s %6s %s\n", "OBJECT",
2753 2753 "#OBJECTS", "#PROPS", "CONSTRUCTOR: PROPS");
2754 2754
2755 2755 for (obj = fjs.fjs_objects; obj != NULL; obj = obj->fjso_next)
2756 2756 findjsobjects_print(obj);
2757 2757
2758 2758 return (DCMD_OK);
2759 2759 }
2760 2760
2761 2761 /* ARGSUSED */
2762 2762 static int
2763 2763 dcmd_jsframe(uintptr_t addr, uint_t flags, int argc, const mdb_arg_t *argv)
2764 2764 {
2765 2765 uintptr_t fptr, raddr;
2766 2766 boolean_t opt_v = B_FALSE, opt_i = B_FALSE;
2767 2767
2768 2768 if (mdb_getopts(argc, argv, 'v', MDB_OPT_SETBITS, B_TRUE, &opt_v,
2769 2769 'i', MDB_OPT_SETBITS, B_TRUE, &opt_i, NULL) != argc)
2770 2770 return (DCMD_USAGE);
2771 2771
2772 2772 /*
2773 2773 * As with $C, we assume we are given a *pointer* to the frame pointer
2774 2774 * for a frame, rather than the actual frame pointer for the frame of
2775 2775 * interest. This is needed to show the instruction pointer, which is
2776 2776 * actually stored with the next frame. For debugging, this can be
2777 2777 * overridden with the "-i" option (for "immediate").
2778 2778 */
2779 2779 if (opt_i)
2780 2780 return (do_jsframe(addr, 0, opt_v));
2781 2781
2782 2782 if (mdb_vread(&raddr, sizeof (raddr),
2783 2783 addr + sizeof (uintptr_t)) == -1) {
2784 2784 mdb_warn("failed to read return address from %p",
2785 2785 addr + sizeof (uintptr_t));
2786 2786 return (DCMD_ERR);
2787 2787 }
2788 2788
2789 2789 if (mdb_vread(&fptr, sizeof (fptr), addr) == -1) {
2790 2790 mdb_warn("failed to read frame pointer from %p", addr);
2791 2791 return (DCMD_ERR);
2792 2792 }
2793 2793
2794 2794 if (fptr == NULL)
2795 2795 return (DCMD_OK);
2796 2796
2797 2797 return (do_jsframe(fptr, raddr, opt_v));
2798 2798 }
2799 2799
2800 2800 /* ARGSUSED */
2801 2801 static int
2802 2802 dcmd_jsprint(uintptr_t addr, uint_t flags, int argc, const mdb_arg_t *argv)
2803 2803 {
2804 2804 char *buf, *bufp;
2805 2805 size_t bufsz = 262144, len = bufsz;
2806 2806 jsobj_print_t jsop;
2807 2807 int rv;
2808 2808
2809 2809 bzero(&jsop, sizeof (jsop));
2810 2810 jsop.jsop_depth = 2;
2811 2811 jsop.jsop_printaddr = B_FALSE;
2812 2812
2813 2813 if (mdb_getopts(argc, argv,
2814 2814 'a', MDB_OPT_SETBITS, B_TRUE, &jsop.jsop_printaddr,
2815 2815 'd', MDB_OPT_UINT64, &jsop.jsop_depth, NULL) != argc)
2816 2816 return (DCMD_USAGE);
2817 2817
2818 2818 if ((buf = bufp = mdb_zalloc(bufsz, UM_NOSLEEP)) == NULL)
2819 2819 return (DCMD_ERR);
2820 2820
2821 2821 jsop.jsop_bufp = &bufp;
2822 2822 jsop.jsop_lenp = &len;
2823 2823
2824 2824 rv = jsobj_print(addr, &jsop);
2825 2825 (void) mdb_printf("%s\n", buf);
2826 2826 mdb_free(buf, bufsz);
|
↓ open down ↓ |
1314 lines elided |
↑ open up ↑ |
2827 2827 return (rv == 0 ? DCMD_OK : DCMD_ERR);
2828 2828 }
2829 2829
2830 2830 /* ARGSUSED */
2831 2831 static int
2832 2832 dcmd_v8field(uintptr_t addr, uint_t flags, int argc, const mdb_arg_t *argv)
2833 2833 {
2834 2834 v8_class_t *clp;
2835 2835 v8_field_t *flp;
2836 2836 const char *klass, *field;
2837 - uintptr_t offset;
2837 + uintptr_t offset = 0;
2838 2838
2839 2839 /*
2840 2840 * We may be invoked with either two arguments (class and field name) or
2841 2841 * three (an offset to save).
2842 2842 */
2843 2843 if (argc != 2 && argc != 3)
2844 2844 return (DCMD_USAGE);
2845 2845
2846 2846 if (argv[0].a_type != MDB_TYPE_STRING ||
2847 2847 argv[1].a_type != MDB_TYPE_STRING)
2848 2848 return (DCMD_USAGE);
2849 2849
2850 2850 klass = argv[0].a_un.a_str;
2851 2851 field = argv[1].a_un.a_str;
2852 2852
2853 2853 if (argc == 3) {
2854 2854 if (argv[2].a_type != MDB_TYPE_STRING)
2855 2855 return (DCMD_USAGE);
2856 2856
2857 2857 offset = mdb_strtoull(argv[2].a_un.a_str);
2858 2858 }
2859 2859
2860 2860 for (clp = v8_classes; clp != NULL; clp = clp->v8c_next)
2861 2861 if (strcmp(clp->v8c_name, klass) == 0)
2862 2862 break;
2863 2863
2864 2864 if (clp == NULL) {
2865 2865 (void) mdb_printf("error: no such class: \"%s\"", klass);
2866 2866 return (DCMD_ERR);
2867 2867 }
2868 2868
2869 2869 for (flp = clp->v8c_fields; flp != NULL; flp = flp->v8f_next)
2870 2870 if (strcmp(field, flp->v8f_name) == 0)
2871 2871 break;
2872 2872
2873 2873 if (flp == NULL) {
2874 2874 if (argc == 2) {
2875 2875 mdb_printf("error: no such field in class \"%s\": "
2876 2876 "\"%s\"", klass, field);
2877 2877 return (DCMD_ERR);
2878 2878 }
2879 2879
2880 2880 flp = conf_field_create(clp, field, offset);
2881 2881 if (flp == NULL) {
2882 2882 mdb_warn("failed to create field");
2883 2883 return (DCMD_ERR);
2884 2884 }
2885 2885 } else if (argc == 3) {
2886 2886 flp->v8f_offset = offset;
2887 2887 }
2888 2888
2889 2889 mdb_printf("%s::%s at offset 0x%x\n", klass, field, flp->v8f_offset);
2890 2890 return (DCMD_OK);
2891 2891 }
2892 2892
2893 2893 /* ARGSUSED */
2894 2894 static int
2895 2895 dcmd_v8array(uintptr_t addr, uint_t flags, int argc, const mdb_arg_t *argv)
2896 2896 {
2897 2897 uint8_t type;
2898 2898 uintptr_t *array;
2899 2899 size_t ii, len;
2900 2900
2901 2901 if (read_typebyte(&type, addr) != 0)
2902 2902 return (DCMD_ERR);
2903 2903
2904 2904 if (type != V8_TYPE_FIXEDARRAY) {
2905 2905 mdb_warn("%p is not an instance of FixedArray\n", addr);
2906 2906 return (DCMD_ERR);
2907 2907 }
2908 2908
2909 2909 if (read_heap_array(addr, &array, &len, UM_GC) != 0)
2910 2910 return (DCMD_ERR);
2911 2911
2912 2912 for (ii = 0; ii < len; ii++)
2913 2913 mdb_printf("%p\n", array[ii]);
2914 2914
2915 2915 return (DCMD_OK);
2916 2916 }
2917 2917
2918 2918 /* ARGSUSED */
2919 2919 static int
2920 2920 dcmd_jsstack(uintptr_t addr, uint_t flags, int argc, const mdb_arg_t *argv)
2921 2921 {
2922 2922 uintptr_t raddr;
2923 2923 boolean_t opt_v;
2924 2924
2925 2925 if (mdb_getopts(argc, argv, 'v', MDB_OPT_SETBITS, B_TRUE, &opt_v,
2926 2926 NULL) != argc)
2927 2927 return (DCMD_USAGE);
2928 2928
2929 2929 /*
2930 2930 * The "::jsframe" walker iterates the valid frame pointers, but the
2931 2931 * "::jsframe" dcmd looks at the frame after the one it was given, so we
2932 2932 * have to explicitly examine the top frame here.
2933 2933 */
2934 2934 if (!(flags & DCMD_ADDRSPEC)) {
2935 2935 if (load_current_context(&addr, &raddr) != 0 ||
2936 2936 do_jsframe(addr, raddr, opt_v) != 0)
2937 2937 return (DCMD_ERR);
2938 2938 }
2939 2939
2940 2940 if (mdb_pwalk_dcmd("jsframe", "jsframe", argc, argv, addr) == -1)
2941 2941 return (DCMD_ERR);
2942 2942
2943 2943 return (DCMD_OK);
2944 2944 }
2945 2945
2946 2946 /* ARGSUSED */
2947 2947 static int
2948 2948 dcmd_v8str(uintptr_t addr, uint_t flags, int argc, const mdb_arg_t *argv)
2949 2949 {
2950 2950 boolean_t opt_v = B_FALSE;
2951 2951 char buf[256];
2952 2952 char *bufp;
2953 2953 size_t len;
2954 2954
2955 2955 if (mdb_getopts(argc, argv, 'v', MDB_OPT_SETBITS, B_TRUE, &opt_v,
2956 2956 NULL) != argc)
2957 2957 return (DCMD_USAGE);
2958 2958
2959 2959 bufp = buf;
2960 2960 len = sizeof (buf);
2961 2961 if (jsstr_print(addr, opt_v, &bufp, &len) != 0)
2962 2962 return (DCMD_ERR);
2963 2963
2964 2964 mdb_printf("%s\n", buf);
2965 2965 return (DCMD_OK);
2966 2966 }
2967 2967
2968 2968 static void
2969 2969 dcmd_v8load_help(void)
2970 2970 {
2971 2971 v8_cfg_t *cfp, **cfgpp;
2972 2972
2973 2973 mdb_printf(
2974 2974 "To traverse in-memory V8 structures, the V8 dmod requires\n"
2975 2975 "configuration that describes the layout of various V8 structures\n"
2976 2976 "in memory. Normally, this information is pulled from metadata\n"
2977 2977 "in the target binary. However, it's possible to use the module\n"
2978 2978 "with a binary not built with metadata by loading one of the\n"
2979 2979 "canned configurations.\n\n");
2980 2980
2981 2981 mdb_printf("Available configurations:\n");
2982 2982
2983 2983 (void) mdb_inc_indent(4);
2984 2984
2985 2985 for (cfgpp = v8_cfgs; *cfgpp != NULL; cfgpp++) {
2986 2986 cfp = *cfgpp;
|
↓ open down ↓ |
139 lines elided |
↑ open up ↑ |
2987 2987 mdb_printf("%-10s %s\n", cfp->v8cfg_name, cfp->v8cfg_label);
2988 2988 }
2989 2989
2990 2990 (void) mdb_dec_indent(4);
2991 2991 }
2992 2992
2993 2993 /* ARGSUSED */
2994 2994 static int
2995 2995 dcmd_v8load(uintptr_t addr, uint_t flags, int argc, const mdb_arg_t *argv)
2996 2996 {
2997 - v8_cfg_t *cfgp, **cfgpp;
2997 + v8_cfg_t *cfgp = NULL, **cfgpp;
2998 2998
2999 2999 if (v8_classes != NULL) {
3000 3000 mdb_warn("v8 module already configured\n");
3001 3001 return (DCMD_ERR);
3002 3002 }
3003 3003
3004 3004 if (argc < 1 || argv->a_type != MDB_TYPE_STRING)
3005 3005 return (DCMD_USAGE);
3006 3006
3007 3007 for (cfgpp = v8_cfgs; *cfgpp != NULL; cfgpp++) {
3008 3008 cfgp = *cfgpp;
3009 3009 if (strcmp(argv->a_un.a_str, cfgp->v8cfg_name) == 0)
3010 3010 break;
3011 3011 }
3012 3012
3013 - if (cfgp->v8cfg_name == NULL) {
3013 + if (cfgp == NULL || cfgp->v8cfg_name == NULL) {
3014 3014 mdb_warn("unknown configuration: \"%s\"\n", argv->a_un.a_str);
3015 3015 return (DCMD_ERR);
3016 3016 }
3017 3017
3018 3018 if (autoconfigure(cfgp) == -1) {
3019 3019 mdb_warn("autoconfigure failed\n");
3020 3020 return (DCMD_ERR);
3021 3021 }
3022 3022
3023 3023 mdb_printf("V8 dmod configured based on %s\n", cfgp->v8cfg_name);
3024 3024 return (DCMD_OK);
3025 3025 }
3026 3026
3027 3027 static int
3028 3028 walk_jsframes_init(mdb_walk_state_t *wsp)
3029 3029 {
3030 3030 if (wsp->walk_addr != NULL)
3031 3031 return (WALK_NEXT);
3032 3032
3033 3033 if (load_current_context(&wsp->walk_addr, NULL) != 0)
3034 3034 return (WALK_ERR);
3035 3035
3036 3036 return (WALK_NEXT);
3037 3037 }
3038 3038
3039 3039 static int
3040 3040 walk_jsframes_step(mdb_walk_state_t *wsp)
3041 3041 {
3042 3042 uintptr_t addr, next;
3043 3043 int rv;
3044 3044
3045 3045 addr = wsp->walk_addr;
3046 3046 rv = wsp->walk_callback(wsp->walk_addr, NULL, wsp->walk_cbdata);
3047 3047
3048 3048 if (rv != WALK_NEXT)
3049 3049 return (rv);
3050 3050
3051 3051 if (mdb_vread(&next, sizeof (next), addr) == -1)
3052 3052 return (WALK_ERR);
3053 3053
3054 3054 if (next == NULL)
3055 3055 return (WALK_DONE);
3056 3056
3057 3057 wsp->walk_addr = next;
3058 3058 return (WALK_NEXT);
3059 3059 }
3060 3060
3061 3061 /*
3062 3062 * MDB linkage
3063 3063 */
3064 3064
3065 3065 static const mdb_dcmd_t v8_mdb_dcmds[] = {
3066 3066 /*
3067 3067 * Commands to inspect JavaScript-level state
3068 3068 */
3069 3069 { "jsframe", ":[-v]", "summarize a JavaScript stack frame",
3070 3070 dcmd_jsframe },
3071 3071 { "jsprint", ":[-a] [-d depth]", "print a JavaScript object",
3072 3072 dcmd_jsprint },
3073 3073 { "jsstack", "[-v]", "print a JavaScript stacktrace",
3074 3074 dcmd_jsstack },
3075 3075 { "findjsobjects", "?[-vb] [-r | -c cons | -p prop]", "find JavaScript "
3076 3076 "objects", dcmd_findjsobjects, dcmd_findjsobjects_help },
3077 3077
3078 3078 /*
3079 3079 * Commands to inspect V8-level state
3080 3080 */
3081 3081 { "v8array", ":", "print elements of a V8 FixedArray",
3082 3082 dcmd_v8array },
3083 3083 { "v8classes", NULL, "list known V8 heap object C++ classes",
3084 3084 dcmd_v8classes },
3085 3085 { "v8code", ":[-d]", "print information about a V8 Code object",
3086 3086 dcmd_v8code },
3087 3087 { "v8field", "classname fieldname offset",
3088 3088 "manually add a field to a given class", dcmd_v8field },
3089 3089 { "v8function", ":[-d]", "print JSFunction object details",
3090 3090 dcmd_v8function },
3091 3091 { "v8load", "version", "load canned config for a specific V8 version",
3092 3092 dcmd_v8load, dcmd_v8load_help },
3093 3093 { "v8frametypes", NULL, "list known V8 frame types",
3094 3094 dcmd_v8frametypes },
3095 3095 { "v8print", ":[class]", "print a V8 heap object",
3096 3096 dcmd_v8print, dcmd_v8print_help },
3097 3097 { "v8str", ":[-v]", "print the contents of a V8 string",
3098 3098 dcmd_v8str },
3099 3099 { "v8type", ":", "print the type of a V8 heap object",
3100 3100 dcmd_v8type },
3101 3101 { "v8types", NULL, "list known V8 heap object types",
3102 3102 dcmd_v8types },
3103 3103
3104 3104 { NULL }
3105 3105 };
3106 3106
3107 3107 static const mdb_walker_t v8_mdb_walkers[] = {
3108 3108 { "jsframe", "walk V8 JavaScript stack frames",
3109 3109 walk_jsframes_init, walk_jsframes_step },
3110 3110 { NULL }
3111 3111 };
3112 3112
3113 3113 static mdb_modinfo_t v8_mdb = { MDB_API_VERSION, v8_mdb_dcmds, v8_mdb_walkers };
3114 3114
3115 3115 static void
3116 3116 configure(void)
3117 3117 {
3118 3118 uintptr_t v8major, v8minor, v8build, v8patch;
3119 3119 GElf_Sym sym;
3120 3120
3121 3121 if (mdb_readsym(&v8major, sizeof (v8major),
3122 3122 "_ZN2v88internal7Version6major_E") == -1 ||
3123 3123 mdb_readsym(&v8minor, sizeof (v8minor),
3124 3124 "_ZN2v88internal7Version6minor_E") == -1 ||
3125 3125 mdb_readsym(&v8build, sizeof (v8build),
3126 3126 "_ZN2v88internal7Version6build_E") == -1 ||
3127 3127 mdb_readsym(&v8patch, sizeof (v8patch),
3128 3128 "_ZN2v88internal7Version6patch_E") == -1) {
3129 3129 mdb_warn("failed to determine V8 version");
3130 3130 return;
3131 3131 }
3132 3132
3133 3133 mdb_printf("V8 version: %d.%d.%d.%d\n", v8major, v8minor, v8build,
3134 3134 v8patch);
3135 3135
3136 3136 /*
3137 3137 * First look for debug metadata embedded within the binary, which may
3138 3138 * be present in recent V8 versions built with postmortem metadata.
3139 3139 */
3140 3140 if (mdb_lookup_by_name("v8dbg_SmiTag", &sym) == 0) {
3141 3141 if (autoconfigure(&v8_cfg_target) != 0) {
3142 3142 mdb_warn("failed to autoconfigure from target; "
3143 3143 "commands may have incorrect results!\n");
3144 3144 } else {
3145 3145 mdb_printf("Autoconfigured V8 support from target\n");
3146 3146 }
3147 3147
3148 3148 return;
3149 3149 }
3150 3150
3151 3151 if (v8major == 3 && v8minor == 1 && v8build == 8 &&
3152 3152 autoconfigure(&v8_cfg_04) == 0) {
3153 3153 mdb_printf("Configured V8 support based on node v0.4\n");
3154 3154 return;
3155 3155 }
3156 3156
3157 3157 if (v8major == 3 && v8minor == 6 && v8build == 6 &&
3158 3158 autoconfigure(&v8_cfg_06) == 0) {
3159 3159 mdb_printf("Configured V8 support based on node v0.6\n");
3160 3160 return;
3161 3161 }
3162 3162
3163 3163 mdb_printf("mdb_v8: target has no debug metadata and no existing "
3164 3164 "config found\n");
3165 3165 }
3166 3166
3167 3167 static void
3168 3168 enable_demangling(void)
3169 3169 {
3170 3170 const char *symname = "_ZN2v88internal7Version6major_E";
3171 3171 GElf_Sym sym;
3172 3172 char buf[64];
3173 3173
3174 3174 /*
3175 3175 * Try to determine whether C++ symbol demangling has been enabled. If
3176 3176 * not, enable it.
3177 3177 */
3178 3178 if (mdb_lookup_by_name("_ZN2v88internal7Version6major_E", &sym) != 0)
3179 3179 return;
3180 3180
3181 3181 (void) mdb_snprintf(buf, sizeof (buf), "%a", sym.st_value);
3182 3182 if (strstr(buf, symname) != NULL)
3183 3183 (void) mdb_eval("$G");
3184 3184 }
3185 3185
3186 3186 const mdb_modinfo_t *
3187 3187 _mdb_init(void)
3188 3188 {
3189 3189 configure();
3190 3190 enable_demangling();
3191 3191 return (&v8_mdb);
3192 3192 }
|
↓ open down ↓ |
169 lines elided |
↑ open up ↑ |
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX