CSE2410 Fall 2014 Bounce

/* Copyright Joyent, Inc. and other Node contributors. All rights reserved.

 *

 * Permission is hereby granted, free of charge, to any person obtaining a copy

 * of this software and associated documentation files (the "Software"), to

 * deal in the Software without restriction, including without limitation the

 * rights to use, copy, modify, merge, publish, distribute, sublicense, and/or

 * sell copies of the Software, and to permit persons to whom the Software is

 * furnished to do so, subject to the following conditions:

 *

 * The above copyright notice and this permission notice shall be included in

 * all copies or substantial portions of the Software.

 *

 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR

 * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,

 * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE

 * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER

 * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING

 * FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS

 * IN THE SOFTWARE.

 */

/*

 * mdb(1M) module for debugging the V8 JavaScript engine.  This implementation

 * makes heavy use of metadata defined in the V8 binary for inspecting in-memory

 * structures.  Canned configurations can be manually loaded for V8 binaries

 * that predate this metadata.  See mdb_v8_cfg.c for details.

 */

/*

 * We hard-code our MDB_API_VERSION to be 3 to allow this module to be

 * compiled on systems with higher version numbers, but still allow the

 * resulting binary object to be used on older systems.  (We do not make use

 * of functionality present in versions later than 3.)  This is particularly

 * important for mdb_v8 because (1) it's used in particular to debug

 * application-level software and (2) it has a history of rapid evolution.

 */

#define        MDB_API_VERSION                3

#include <sys/mdb_modapi.h>

#include <assert.h>

#include <ctype.h>

#include <stdarg.h>

#include <stdio.h>

#include <string.h>

#include <libproc.h>

#include <sys/avl.h>

#include <alloca.h>

#include "v8dbg.h"

#include "v8cfg.h"

#define        offsetof(s, m)        ((size_t)(&(((s *)0)->m)))

/*

 * The "v8_class" and "v8_field" structures describe the C++ classes used to

 * represent V8 heap objects.

 */

typedef struct v8_class {

        struct v8_class *v8c_next;        /* list linkage */

        struct v8_class *v8c_parent;        /* parent class (inheritance) */

        struct v8_field *v8c_fields;        /* array of class fields */

        size_t                v8c_start;        /* offset of first class field */

        size_t                v8c_end;        /* offset of first subclass field */

        char                v8c_name[64];        /* heap object class name */

} v8_class_t;

typedef struct v8_field {

        struct v8_field        *v8f_next;        /* list linkage */

        ssize_t                v8f_offset;        /* field offset */

        char                 v8f_name[64];        /* field name */

        boolean_t        v8f_isbyte;        /* 1-byte int field */

        boolean_t        v8f_isstr;        /* NUL-terminated string */

} v8_field_t;

/*

 * Similarly, the "v8_enum" structure describes an enum from V8.

 */

typedef struct {

        char         v8e_name[64];

        uint_t        v8e_value;

} v8_enum_t;

/*

 * During configuration, the dmod updates these globals with the actual set of

 * classes, types, and frame types based on the debug metadata.

 */

static v8_class_t        *v8_classes;

static v8_enum_t        v8_types[128];

static int                 v8_next_type;

static v8_enum_t         v8_frametypes[16];

static int                 v8_next_frametype;

static int                v8_silent;

/*

 * The following constants describe offsets from the frame pointer that are used

 * to inspect each stack frame.  They're initialized from the debug metadata.

 */

static ssize_t        V8_OFF_FP_CONTEXT;

static ssize_t        V8_OFF_FP_MARKER;

static ssize_t        V8_OFF_FP_FUNCTION;

static ssize_t        V8_OFF_FP_ARGS;

/*

 * The following constants are used by macros defined in heap-dbg-common.h to

 * examine the types of various V8 heap objects.  In general, the macros should

 * be preferred to using the constants directly.  The values of these constants

 * are initialized from the debug metadata.

 */

static intptr_t        V8_FirstNonstringType;

static intptr_t        V8_IsNotStringMask;

static intptr_t        V8_StringTag;

static intptr_t        V8_NotStringTag;

static intptr_t        V8_StringEncodingMask;

static intptr_t        V8_TwoByteStringTag;

static intptr_t        V8_AsciiStringTag;

static intptr_t        V8_StringRepresentationMask;

static intptr_t        V8_SeqStringTag;

static intptr_t        V8_ConsStringTag;

static intptr_t        V8_ExternalStringTag;

static intptr_t        V8_FailureTag;

static intptr_t        V8_FailureTagMask;

static intptr_t        V8_HeapObjectTag;

static intptr_t        V8_HeapObjectTagMask;

static intptr_t        V8_SmiTag;

static intptr_t        V8_SmiTagMask;

static intptr_t        V8_SmiValueShift;

static intptr_t        V8_SmiShiftSize;

static intptr_t        V8_PointerSizeLog2;

static intptr_t        V8_ISSHARED_SHIFT;

static intptr_t        V8_DICT_SHIFT;

static intptr_t        V8_DICT_PREFIX_SIZE;

static intptr_t        V8_DICT_ENTRY_SIZE;

static intptr_t        V8_DICT_START_INDEX;

static intptr_t        V8_PROP_IDX_CONTENT;

static intptr_t        V8_PROP_IDX_FIRST;

static intptr_t        V8_PROP_TYPE_FIELD;

static intptr_t        V8_PROP_FIRST_PHANTOM;

static intptr_t        V8_PROP_TYPE_MASK;

static intptr_t        V8_PROP_DESC_KEY;

static intptr_t        V8_PROP_DESC_DETAILS;

static intptr_t        V8_PROP_DESC_VALUE;

static intptr_t        V8_PROP_DESC_SIZE;

static intptr_t        V8_TRANSITIONS_IDX_DESC;

static intptr_t V8_TYPE_JSOBJECT = -1;

static intptr_t V8_TYPE_JSARRAY = -1;

static intptr_t V8_TYPE_FIXEDARRAY = -1;

/*

 * Although we have this information in v8_classes, the following offsets are

 * defined explicitly because they're used directly in code below.

 */

static ssize_t V8_OFF_CODE_INSTRUCTION_SIZE;

static ssize_t V8_OFF_CODE_INSTRUCTION_START;

static ssize_t V8_OFF_CONSSTRING_FIRST;

static ssize_t V8_OFF_CONSSTRING_SECOND;

static ssize_t V8_OFF_EXTERNALSTRING_RESOURCE;

static ssize_t V8_OFF_FIXEDARRAY_DATA;

static ssize_t V8_OFF_FIXEDARRAY_LENGTH;

static ssize_t V8_OFF_HEAPNUMBER_VALUE;

static ssize_t V8_OFF_HEAPOBJECT_MAP;

static ssize_t V8_OFF_JSARRAY_LENGTH;

static ssize_t V8_OFF_JSDATE_VALUE;

static ssize_t V8_OFF_JSFUNCTION_SHARED;

static ssize_t V8_OFF_JSOBJECT_ELEMENTS;

static ssize_t V8_OFF_JSOBJECT_PROPERTIES;

static ssize_t V8_OFF_MAP_CONSTRUCTOR;

static ssize_t V8_OFF_MAP_INOBJECT_PROPERTIES;

static ssize_t V8_OFF_MAP_INSTANCE_ATTRIBUTES;

static ssize_t V8_OFF_MAP_INSTANCE_DESCRIPTORS;

static ssize_t V8_OFF_MAP_INSTANCE_SIZE;

static ssize_t V8_OFF_MAP_BIT_FIELD3;

static ssize_t V8_OFF_MAP_TRANSITIONS;

static ssize_t V8_OFF_ODDBALL_TO_STRING;

static ssize_t V8_OFF_SCRIPT_LINE_ENDS;

static ssize_t V8_OFF_SCRIPT_NAME;

static ssize_t V8_OFF_SEQASCIISTR_CHARS;

static ssize_t V8_OFF_SEQONEBYTESTR_CHARS;

static ssize_t V8_OFF_SHAREDFUNCTIONINFO_CODE;

static ssize_t V8_OFF_SHAREDFUNCTIONINFO_FUNCTION_TOKEN_POSITION;

static ssize_t V8_OFF_SHAREDFUNCTIONINFO_INFERRED_NAME;

static ssize_t V8_OFF_SHAREDFUNCTIONINFO_LENGTH;

static ssize_t V8_OFF_SHAREDFUNCTIONINFO_SCRIPT;

static ssize_t V8_OFF_SHAREDFUNCTIONINFO_NAME;

static ssize_t V8_OFF_STRING_LENGTH;

#define        NODE_OFF_EXTSTR_DATA                0x4        /* see node_string.h */

#define        V8_CONSTANT_OPTIONAL                1

#define        V8_CONSTANT_HASFALLBACK                2

#define        V8_CONSTANT_MAJORSHIFT                3

#define        V8_CONSTANT_MAJORMASK                ((1 << 4) - 1)

#define        V8_CONSTANT_MAJOR(flags)        \

        (((flags) >> V8_CONSTANT_MAJORSHIFT) & V8_CONSTANT_MAJORMASK)

#define        V8_CONSTANT_MINORSHIFT                7

#define        V8_CONSTANT_MINORMASK                ((1 << 9) - 1)

#define        V8_CONSTANT_MINOR(flags)        \

        (((flags) >> V8_CONSTANT_MINORSHIFT) & V8_CONSTANT_MINORMASK)

#define        V8_CONSTANT_FALLBACK(maj, min) \

        (V8_CONSTANT_OPTIONAL | V8_CONSTANT_HASFALLBACK | \

        ((maj) << V8_CONSTANT_MAJORSHIFT) | ((min) << V8_CONSTANT_MINORSHIFT))

/*

 * Table of constants used directly by this file.

 */

typedef struct v8_constant {

        intptr_t        *v8c_valp;

        const char        *v8c_symbol;

        uint32_t        v8c_flags;

        intptr_t        v8c_fallback;

} v8_constant_t;

static v8_constant_t v8_constants[] = {

        { &V8_OFF_FP_CONTEXT,                "v8dbg_off_fp_context"                },

        { &V8_OFF_FP_FUNCTION,                "v8dbg_off_fp_function"                },

        { &V8_OFF_FP_MARKER,                "v8dbg_off_fp_marker"                },

        { &V8_OFF_FP_ARGS,                "v8dbg_off_fp_args"                },

        { &V8_FirstNonstringType,        "v8dbg_FirstNonstringType"        },

        { &V8_IsNotStringMask,                "v8dbg_IsNotStringMask"                },

        { &V8_StringTag,                "v8dbg_StringTag"                },

        { &V8_NotStringTag,                "v8dbg_NotStringTag"                },

        { &V8_StringEncodingMask,        "v8dbg_StringEncodingMask"        },

        { &V8_TwoByteStringTag,                "v8dbg_TwoByteStringTag"        },

        { &V8_AsciiStringTag,                "v8dbg_AsciiStringTag"                },

        { &V8_StringRepresentationMask,        "v8dbg_StringRepresentationMask" },

        { &V8_SeqStringTag,                "v8dbg_SeqStringTag"                },

        { &V8_ConsStringTag,                "v8dbg_ConsStringTag"                },

        { &V8_ExternalStringTag,        "v8dbg_ExternalStringTag"        },

        { &V8_FailureTag,                "v8dbg_FailureTag"                },

        { &V8_FailureTagMask,                "v8dbg_FailureTagMask"                },

        { &V8_HeapObjectTag,                "v8dbg_HeapObjectTag"                },

        { &V8_HeapObjectTagMask,        "v8dbg_HeapObjectTagMask"        },

        { &V8_SmiTag,                        "v8dbg_SmiTag"                        },

        { &V8_SmiTagMask,                "v8dbg_SmiTagMask"                },

        { &V8_SmiValueShift,                "v8dbg_SmiValueShift"                },

        { &V8_SmiShiftSize,                "v8dbg_SmiShiftSize",

#ifdef _LP64

            V8_CONSTANT_FALLBACK(0, 0), 31 },

#else

            V8_CONSTANT_FALLBACK(0, 0), 0 },

#endif

        { &V8_PointerSizeLog2,                "v8dbg_PointerSizeLog2"                },

        { &V8_DICT_SHIFT,                "v8dbg_dict_shift",

            V8_CONSTANT_FALLBACK(3, 13), 24 },

        { &V8_DICT_PREFIX_SIZE,                "v8dbg_dict_prefix_size",

            V8_CONSTANT_FALLBACK(3, 11), 2 },

        { &V8_DICT_ENTRY_SIZE,                "v8dbg_dict_entry_size",

            V8_CONSTANT_FALLBACK(3, 11), 3 },

        { &V8_DICT_START_INDEX,                "v8dbg_dict_start_index",

            V8_CONSTANT_FALLBACK(3, 11), 3 },

        { &V8_ISSHARED_SHIFT,                "v8dbg_isshared_shift",

            V8_CONSTANT_FALLBACK(3, 11), 0 },

        { &V8_PROP_IDX_FIRST,                "v8dbg_prop_idx_first"                },

        { &V8_PROP_TYPE_FIELD,                "v8dbg_prop_type_field"                },

        { &V8_PROP_FIRST_PHANTOM,        "v8dbg_prop_type_first_phantom"        },

        { &V8_PROP_TYPE_MASK,                "v8dbg_prop_type_mask"                },

        { &V8_PROP_IDX_CONTENT,                "v8dbg_prop_idx_content",

            V8_CONSTANT_OPTIONAL },

        { &V8_PROP_DESC_KEY,                "v8dbg_prop_desc_key",

            V8_CONSTANT_FALLBACK(0, 0), 0 },

        { &V8_PROP_DESC_DETAILS,        "v8dbg_prop_desc_details",

            V8_CONSTANT_FALLBACK(0, 0), 1 },

        { &V8_PROP_DESC_VALUE,                "v8dbg_prop_desc_value",

            V8_CONSTANT_FALLBACK(0, 0), 2 },

        { &V8_PROP_DESC_SIZE,                "v8dbg_prop_desc_size",

            V8_CONSTANT_FALLBACK(0, 0), 3 },

        { &V8_TRANSITIONS_IDX_DESC,        "v8dbg_transitions_idx_descriptors",

            V8_CONSTANT_OPTIONAL },

};

static int v8_nconstants = sizeof (v8_constants) / sizeof (v8_constants[0]);

typedef struct v8_offset {

        ssize_t                *v8o_valp;

        const char        *v8o_class;

        const char        *v8o_member;

        boolean_t        v8o_optional;

} v8_offset_t;

static v8_offset_t v8_offsets[] = {

        { &V8_OFF_CODE_INSTRUCTION_SIZE,

            "Code", "instruction_size" },

        { &V8_OFF_CODE_INSTRUCTION_START,

            "Code", "instruction_start" },

        { &V8_OFF_CONSSTRING_FIRST,

            "ConsString", "first" },

        { &V8_OFF_CONSSTRING_SECOND,

            "ConsString", "second" },

        { &V8_OFF_EXTERNALSTRING_RESOURCE,

            "ExternalString", "resource" },

        { &V8_OFF_FIXEDARRAY_DATA,

            "FixedArray", "data" },

        { &V8_OFF_FIXEDARRAY_LENGTH,

            "FixedArray", "length" },

        { &V8_OFF_HEAPNUMBER_VALUE,

            "HeapNumber", "value" },

        { &V8_OFF_HEAPOBJECT_MAP,

            "HeapObject", "map" },

        { &V8_OFF_JSARRAY_LENGTH,

            "JSArray", "length" },

        { &V8_OFF_JSDATE_VALUE,

            "JSDate", "value", B_TRUE },

        { &V8_OFF_JSFUNCTION_SHARED,

            "JSFunction", "shared" },

        { &V8_OFF_JSOBJECT_ELEMENTS,

            "JSObject", "elements" },

        { &V8_OFF_JSOBJECT_PROPERTIES,

            "JSObject", "properties" },

        { &V8_OFF_MAP_CONSTRUCTOR,

            "Map", "constructor" },

        { &V8_OFF_MAP_INOBJECT_PROPERTIES,

            "Map", "inobject_properties" },

        { &V8_OFF_MAP_INSTANCE_ATTRIBUTES,

            "Map", "instance_attributes" },

        { &V8_OFF_MAP_INSTANCE_DESCRIPTORS,

            "Map", "instance_descriptors", B_TRUE },

        { &V8_OFF_MAP_TRANSITIONS,

            "Map", "transitions", B_TRUE },

        { &V8_OFF_MAP_INSTANCE_SIZE,

            "Map", "instance_size" },

        { &V8_OFF_MAP_BIT_FIELD3,

            "Map", "bit_field3", B_TRUE },

        { &V8_OFF_ODDBALL_TO_STRING,

            "Oddball", "to_string" },

        { &V8_OFF_SCRIPT_LINE_ENDS,

            "Script", "line_ends" },

        { &V8_OFF_SCRIPT_NAME,

            "Script", "name" },

        { &V8_OFF_SEQASCIISTR_CHARS,

            "SeqAsciiString", "chars", B_TRUE },

        { &V8_OFF_SEQONEBYTESTR_CHARS,

            "SeqOneByteString", "chars", B_TRUE },

        { &V8_OFF_SHAREDFUNCTIONINFO_CODE,

            "SharedFunctionInfo", "code" },

        { &V8_OFF_SHAREDFUNCTIONINFO_FUNCTION_TOKEN_POSITION,

            "SharedFunctionInfo", "function_token_position" },

        { &V8_OFF_SHAREDFUNCTIONINFO_INFERRED_NAME,

            "SharedFunctionInfo", "inferred_name" },

        { &V8_OFF_SHAREDFUNCTIONINFO_LENGTH,

            "SharedFunctionInfo", "length" },

        { &V8_OFF_SHAREDFUNCTIONINFO_NAME,

            "SharedFunctionInfo", "name" },

        { &V8_OFF_SHAREDFUNCTIONINFO_SCRIPT,

            "SharedFunctionInfo", "script" },

        { &V8_OFF_STRING_LENGTH,

            "String", "length" },

};

static int v8_noffsets = sizeof (v8_offsets) / sizeof (v8_offsets[0]);

static uintptr_t v8_major;

static uintptr_t v8_minor;

static uintptr_t v8_build;

static uintptr_t v8_patch;

static int autoconf_iter_symbol(mdb_symbol_t *, void *);

static v8_class_t *conf_class_findcreate(const char *);

static v8_field_t *conf_field_create(v8_class_t *, const char *, size_t);

static char *conf_next_part(char *, char *);

static int conf_update_parent(const char *);

static int conf_update_field(v8_cfg_t *, const char *);

static int conf_update_enum(v8_cfg_t *, const char *, const char *,

    v8_enum_t *);

static int conf_update_type(v8_cfg_t *, const char *);

static int conf_update_frametype(v8_cfg_t *, const char *);

static void conf_class_compute_offsets(v8_class_t *);

static int read_typebyte(uint8_t *, uintptr_t);

static int heap_offset(const char *, const char *, ssize_t *);

/*

 * Invoked when this dmod is initially loaded to load the set of classes, enums,

 * and other constants from the metadata in the target binary.

 */

static int

autoconfigure(v8_cfg_t *cfgp)

{

        v8_class_t *clp;

        v8_enum_t *ep;

        struct v8_constant *cnp;

        int ii;

        int failed = 0;

        assert(v8_classes == NULL);

        /*

         * Iterate all global symbols looking for metadata.

         */

        if (cfgp->v8cfg_iter(cfgp, autoconf_iter_symbol, cfgp) != 0) {

                mdb_warn("failed to autoconfigure V8 support\n");

                return (-1);

        }

        /*

         * By now we've configured all of the classes so we can update the

         * "start" and "end" fields in each class with information from its

         * parent class.

         */

        for (clp = v8_classes; clp != NULL; clp = clp->v8c_next) {

                if (clp->v8c_end != (size_t)-1)

                        continue;

                conf_class_compute_offsets(clp);

        };

        /*

         * Load various constants used directly in the module.

         */

        for (ii = 0; ii < v8_nconstants; ii++) {

                cnp = &v8_constants[ii];

                if (cfgp->v8cfg_readsym(cfgp,

                    cnp->v8c_symbol, cnp->v8c_valp) != -1) {

                        continue;

                }

                if (!(cnp->v8c_flags & V8_CONSTANT_OPTIONAL)) {

                        mdb_warn("failed to read \"%s\"", cnp->v8c_symbol);

                        failed++;

                        continue;

                }

                if (!(cnp->v8c_flags & V8_CONSTANT_HASFALLBACK) ||

                    v8_major < V8_CONSTANT_MAJOR(cnp->v8c_flags) ||

                    (v8_major == V8_CONSTANT_MAJOR(cnp->v8c_flags) &&

                    v8_minor < V8_CONSTANT_MINOR(cnp->v8c_flags))) {

                        *cnp->v8c_valp = -1;

                        continue;

                }

                /*

                 * We have a fallback -- and we know that the version satisfies

                 * the fallback's version constraints; use the fallback value.

                 */

                *cnp->v8c_valp = cnp->v8c_fallback;

        }

        /*

         * Load type values for well-known classes that we use a lot.

         */

        for (ep = v8_types; ep->v8e_name[0] != '\0'; ep++) {

                if (strcmp(ep->v8e_name, "JSObject") == 0)

                        V8_TYPE_JSOBJECT = ep->v8e_value;

                if (strcmp(ep->v8e_name, "JSArray") == 0)

                        V8_TYPE_JSARRAY = ep->v8e_value;

                if (strcmp(ep->v8e_name, "FixedArray") == 0)

                        V8_TYPE_FIXEDARRAY = ep->v8e_value;

        }

        if (V8_TYPE_JSOBJECT == -1) {

                mdb_warn("couldn't find JSObject type\n");

                failed++;

        }

        if (V8_TYPE_JSARRAY == -1) {

                mdb_warn("couldn't find JSArray type\n");

                failed++;

        }

        if (V8_TYPE_FIXEDARRAY == -1) {

                mdb_warn("couldn't find FixedArray type\n");

                failed++;

        }

        /*

         * Finally, load various class offsets.

         */

        for (ii = 0; ii < v8_noffsets; ii++) {

                struct v8_offset *offp = &v8_offsets[ii];

                const char *klass = offp->v8o_class;

again:

                if (heap_offset(klass, offp->v8o_member, offp->v8o_valp) == 0)

                        continue;

                if (strcmp(klass, "FixedArray") == 0) {

                        /*

                         * The V8 included in node v0.6 uses a FixedArrayBase

                         * class to contain the "length" field, while the one

                         * in v0.4 has no such base class and stores the field

                         * directly in FixedArray; if we failed to derive

                         * the offset from FixedArray, try FixedArrayBase.

                         */

                        klass = "FixedArrayBase";

                        goto again;

                }

                if (offp->v8o_optional) {

                        *offp->v8o_valp = -1;

                        continue;

                }

                mdb_warn("couldn't find class \"%s\", field \"%s\"\n",

                    offp->v8o_class, offp->v8o_member);

                failed++;

        }

        if (!((V8_OFF_SEQASCIISTR_CHARS != -1) ^

            (V8_OFF_SEQONEBYTESTR_CHARS != -1))) {

                mdb_warn("expected exactly one of SeqAsciiString and "

                    "SeqOneByteString to be defined\n");

                failed++;

        }

        if (V8_OFF_SEQONEBYTESTR_CHARS != -1)

                V8_OFF_SEQASCIISTR_CHARS = V8_OFF_SEQONEBYTESTR_CHARS;

        return (failed ? -1 : 0);

}

/* ARGSUSED */

static int

autoconf_iter_symbol(mdb_symbol_t *symp, void *arg)

{

        v8_cfg_t *cfgp = arg;

        if (strncmp(symp->sym_name, "v8dbg_parent_",

            sizeof ("v8dbg_parent_") - 1) == 0)

                return (conf_update_parent(symp->sym_name));

        if (strncmp(symp->sym_name, "v8dbg_class_",

            sizeof ("v8dbg_class_") - 1) == 0)

                return (conf_update_field(cfgp, symp->sym_name));

        if (strncmp(symp->sym_name, "v8dbg_type_",

            sizeof ("v8dbg_type_") - 1) == 0)

                return (conf_update_type(cfgp, symp->sym_name));

        if (strncmp(symp->sym_name, "v8dbg_frametype_",

            sizeof ("v8dbg_frametype_") - 1) == 0)

                return (conf_update_frametype(cfgp, symp->sym_name));

        return (0);

}

/*

 * Extracts the next field of a string whose fields are separated by "__" (as

 * the V8 metadata symbols are).

 */

static char *

conf_next_part(char *buf, char *start)

{

        char *pp;

        if ((pp = strstr(start, "__")) == NULL) {

                mdb_warn("malformed symbol name: %s\n", buf);

                return (NULL);

        }

        *pp = '\0';

        return (pp + sizeof ("__") - 1);

}

static v8_class_t *

conf_class_findcreate(const char *name)

{

        v8_class_t *clp, *iclp, *prev = NULL;

        int cmp;

        for (iclp = v8_classes; iclp != NULL; iclp = iclp->v8c_next) {

                if ((cmp = strcmp(iclp->v8c_name, name)) == 0)

                        return (iclp);

                if (cmp > 0)

                        break;

                prev = iclp;

        }

        if ((clp = mdb_zalloc(sizeof (*clp), UM_NOSLEEP)) == NULL)

                return (NULL);

        (void) strlcpy(clp->v8c_name, name, sizeof (clp->v8c_name));

        clp->v8c_end = (size_t)-1;

        clp->v8c_next = iclp;

        if (prev != NULL) {

                prev->v8c_next = clp;

        } else {

                v8_classes = clp;

        }

        return (clp);

}

static v8_field_t *

conf_field_create(v8_class_t *clp, const char *name, size_t offset)

{

        v8_field_t *flp, *iflp;

        if ((flp = mdb_zalloc(sizeof (*flp), UM_NOSLEEP)) == NULL)

                return (NULL);

        (void) strlcpy(flp->v8f_name, name, sizeof (flp->v8f_name));

        flp->v8f_offset = offset;

        if (clp->v8c_fields == NULL || clp->v8c_fields->v8f_offset > offset) {

                flp->v8f_next = clp->v8c_fields;

                clp->v8c_fields = flp;

                return (flp);

        }

        for (iflp = clp->v8c_fields; iflp->v8f_next != NULL;

            iflp = iflp->v8f_next) {

                if (iflp->v8f_next->v8f_offset > offset)

                        break;

        }

        flp->v8f_next = iflp->v8f_next;

        iflp->v8f_next = flp;

        return (flp);

}

/*

 * Given a "v8dbg_parent_X__Y", symbol, update the parent of class X to class Y.

 * Note that neither class necessarily exists already.

 */

static int

conf_update_parent(const char *symbol)

{

        char *pp, *qq;

        char buf[128];

        v8_class_t *clp, *pclp;

        (void) strlcpy(buf, symbol, sizeof (buf));

        pp = buf + sizeof ("v8dbg_parent_") - 1;

        qq = conf_next_part(buf, pp);

        if (qq == NULL)

                return (-1);

        clp = conf_class_findcreate(pp);

        pclp = conf_class_findcreate(qq);

        if (clp == NULL || pclp == NULL) {

                mdb_warn("mdb_v8: out of memory\n");

                return (-1);

        }

        clp->v8c_parent = pclp;

        return (0);

}

/*

 * Given a "v8dbg_class_CLASS__FIELD__TYPE", symbol, save field "FIELD" into

 * class CLASS with the offset described by the symbol.  Note that CLASS does

 * not necessarily exist already.

 */

static int

conf_update_field(v8_cfg_t *cfgp, const char *symbol)

{

        v8_class_t *clp;

        v8_field_t *flp;

        intptr_t offset;

        char *pp, *qq, *tt;

        char buf[128];

        (void) strlcpy(buf, symbol, sizeof (buf));

        pp = buf + sizeof ("v8dbg_class_") - 1;

        qq = conf_next_part(buf, pp);

        if (qq == NULL || (tt = conf_next_part(buf, qq)) == NULL)

                return (-1);

        if (cfgp->v8cfg_readsym(cfgp, symbol, &offset) == -1) {

                mdb_warn("failed to read symbol \"%s\"", symbol);

                return (-1);

        }

        if ((clp = conf_class_findcreate(pp)) == NULL ||

            (flp = conf_field_create(clp, qq, (size_t)offset)) == NULL)

                return (-1);

        if (strcmp(tt, "int") == 0)

                flp->v8f_isbyte = B_TRUE;

        if (strcmp(tt, "char") == 0)

                flp->v8f_isstr = B_TRUE;

        return (0);

}

static int

conf_update_enum(v8_cfg_t *cfgp, const char *symbol, const char *name,

    v8_enum_t *enp)

{

        intptr_t value;

        if (cfgp->v8cfg_readsym(cfgp, symbol, &value) == -1) {

                mdb_warn("failed to read symbol \"%s\"", symbol);

                return (-1);

        }

        enp->v8e_value = (int)value;

        (void) strlcpy(enp->v8e_name, name, sizeof (enp->v8e_name));

        return (0);

}

/*

 * Given a "v8dbg_type_TYPENAME" constant, save the type name in v8_types.  Note

 * that this enum has multiple integer values with the same string label.

 */

static int

conf_update_type(v8_cfg_t *cfgp, const char *symbol)

{

        char *klass;

        v8_enum_t *enp;

        char buf[128];

        if (v8_next_type > sizeof (v8_types) / sizeof (v8_types[0])) {

                mdb_warn("too many V8 types\n");

                return (-1);

        }

        (void) strlcpy(buf, symbol, sizeof (buf));

        klass = buf + sizeof ("v8dbg_type_") - 1;

        if (conf_next_part(buf, klass) == NULL)

                return (-1);

        enp = &v8_types[v8_next_type++];

        return (conf_update_enum(cfgp, symbol, klass, enp));

}

/*

 * Given a "v8dbg_frametype_TYPENAME" constant, save the frame type in

 * v8_frametypes.

 */

static int

conf_update_frametype(v8_cfg_t *cfgp, const char *symbol)

{

        const char *frametype;

        v8_enum_t *enp;

        if (v8_next_frametype >

            sizeof (v8_frametypes) / sizeof (v8_frametypes[0])) {

                mdb_warn("too many V8 frame types\n");

                return (-1);

        }

        enp = &v8_frametypes[v8_next_frametype++];

        frametype = symbol + sizeof ("v8dbg_frametype_") - 1;

        return (conf_update_enum(cfgp, symbol, frametype, enp));

}

/*

 * Now that all classes have been loaded, update the "start" and "end" fields of

 * each class based on the values of its parent class.

 */

static void

conf_class_compute_offsets(v8_class_t *clp)

{

        v8_field_t *flp;

        assert(clp->v8c_start == 0);

        assert(clp->v8c_end == (size_t)-1);

        if (clp->v8c_parent != NULL) {

                if (clp->v8c_parent->v8c_end == (size_t)-1)

                        conf_class_compute_offsets(clp->v8c_parent);

                clp->v8c_start = clp->v8c_parent->v8c_end;

        }

        if (clp->v8c_fields == NULL) {

                clp->v8c_end = clp->v8c_start;

                return;

        }

        for (flp = clp->v8c_fields; flp->v8f_next != NULL; flp = flp->v8f_next)

                ;

        if (flp == NULL)

                clp->v8c_end = clp->v8c_start;

        else

                clp->v8c_end = flp->v8f_offset + sizeof (uintptr_t);

}

/*

 * Utility functions

 */

#define        JSSTR_NONE                0

#define        JSSTR_NUDE                JSSTR_NONE

#define        JSSTR_VERBOSE                0x1

#define        JSSTR_QUOTED                0x2

static int jsstr_print(uintptr_t, uint_t, char **, size_t *);

static boolean_t jsobj_is_undefined(uintptr_t addr);

static const char *

enum_lookup_str(v8_enum_t *enums, int val, const char *dflt)

{

        v8_enum_t *ep;

        for (ep = enums; ep->v8e_name[0] != '\0'; ep++) {

                if (ep->v8e_value == val)

                        return (ep->v8e_name);

        }

        return (dflt);

}

static void

enum_print(v8_enum_t *enums)

{

        v8_enum_t *itp;

        for (itp = enums; itp->v8e_name[0] != '\0'; itp++)

                mdb_printf("%-30s = 0x%02x\n", itp->v8e_name, itp->v8e_value);

}

/*

 * b[v]snprintf behave like [v]snprintf(3c), except that they update the buffer

 * and length arguments based on how much buffer space is used by the operation.

 * This makes it much easier to combine multiple calls in sequence without

 * worrying about buffer overflow.

 */

static size_t

bvsnprintf(char **bufp, size_t *buflenp, const char *format, va_list alist)

{

        size_t rv, len;

        if (*buflenp == 0)

                return (vsnprintf(NULL, 0, format, alist));

        rv = vsnprintf(*bufp, *buflenp, format, alist);

        len = MIN(rv, *buflenp);

        *buflenp -= len;

        *bufp += len;

        return (len);

}

static size_t

bsnprintf(char **bufp, size_t *buflenp, const char *format, ...)

{

        va_list alist;

        size_t rv;

        va_start(alist, format);

        rv = bvsnprintf(bufp, buflenp, format, alist);

        va_end(alist);

        return (rv);

}

static void

v8_warn(const char *format, ...)

{

        char buf[512];

        va_list alist;

        int len;

        if (v8_silent)

                return;

        va_start(alist, format);

        (void) vsnprintf(buf, sizeof (buf), format, alist);

        va_end(alist);

        /*

         * This is made slightly annoying because we need to effectively

         * preserve the original format string to allow for mdb to use the

         * new-line at the end to indicate that strerror should be elided.

         */

        if ((len = strlen(format)) > 0 && format[len - 1] == '\n') {

                buf[strlen(buf) - 1] = '\0';

                mdb_warn("%s\n", buf);

        } else {

                mdb_warn("%s", buf);

        }

}

/*

 * Returns in "offp" the offset of field "field" in C++ class "klass".

 */

static int

heap_offset(const char *klass, const char *field, ssize_t *offp)

{

        v8_class_t *clp;

        v8_field_t *flp;

        for (clp = v8_classes; clp != NULL; clp = clp->v8c_next) {

                if (strcmp(klass, clp->v8c_name) == 0)

                        break;

        }

        if (clp == NULL)

                return (-1);

        for (flp = clp->v8c_fields; flp != NULL; flp = flp->v8f_next) {

                if (strcmp(field, flp->v8f_name) == 0)

                        break;

        }

        if (flp == NULL)

                return (-1);

        *offp = V8_OFF_HEAP(flp->v8f_offset);

        return (0);

}

/*

 * Assuming "addr" is an instance of the C++ heap class "klass", read into *valp

 * the pointer-sized value of field "field".

 */

static int

read_heap_ptr(uintptr_t *valp, uintptr_t addr, ssize_t off)

{

        if (mdb_vread(valp, sizeof (*valp), addr + off) == -1) {

                v8_warn("failed to read offset %d from %p", off, addr);

                return (-1);

        }

        return (0);

}

/*

 * Like read_heap_ptr, but assume the field is an SMI and store the actual value

 * into *valp rather than the encoded representation.

 */

static int

read_heap_smi(uintptr_t *valp, uintptr_t addr, ssize_t off)

{

        if (read_heap_ptr(valp, addr, off) != 0)

                return (-1);

        if (!V8_IS_SMI(*valp)) {

                v8_warn("expected SMI, got %p\n", *valp);

                return (-1);

        }

        *valp = V8_SMI_VALUE(*valp);

        return (0);

}

static int

read_heap_double(double *valp, uintptr_t addr, ssize_t off)

{

        if (mdb_vread(valp, sizeof (*valp), addr + off) == -1) {

                v8_warn("failed to read heap value at %p", addr + off);

                return (-1);

        }

        return (0);

}

/*

 * Assuming "addr" refers to a FixedArray, return a newly-allocated array

 * representing its contents.

 */

static int

read_heap_array(uintptr_t addr, uintptr_t **retp, size_t *lenp, int flags)

{

        uint8_t type;

        uintptr_t len;

        if (!V8_IS_HEAPOBJECT(addr))

                return (-1);

        if (read_typebyte(&type, addr) != 0)

                return (-1);

        if (type != V8_TYPE_FIXEDARRAY)

                return (-1);

        if (read_heap_smi(&len, addr, V8_OFF_FIXEDARRAY_LENGTH) != 0)

                return (-1);

        *lenp = len;

        if (len == 0) {

                *retp = NULL;

                return (0);

        }

        if ((*retp = mdb_zalloc(len * sizeof (uintptr_t), flags)) == NULL)

                return (-1);

        if (mdb_vread(*retp, len * sizeof (uintptr_t),

            addr + V8_OFF_FIXEDARRAY_DATA) == -1) {

                if (!(flags & UM_GC))

                        mdb_free(*retp, len * sizeof (uintptr_t));

                return (-1);

        }

        return (0);

}

static int

read_heap_byte(uint8_t *valp, uintptr_t addr, ssize_t off)

{

        if (mdb_vread(valp, sizeof (*valp), addr + off) == -1) {

                v8_warn("failed to read heap value at %p", addr + off);

                return (-1);

        }

        return (0);

}

/*

 * Given a heap object, returns in *valp the byte describing the type of the

 * object.  This is shorthand for first retrieving the Map at the start of the

 * heap object and then retrieving the type byte from the Map object.

 */

static int

read_typebyte(uint8_t *valp, uintptr_t addr)

{

        uintptr_t mapaddr;

        ssize_t off = V8_OFF_HEAPOBJECT_MAP;

        if (mdb_vread(&mapaddr, sizeof (mapaddr), addr + off) == -1) {

                v8_warn("failed to read type of %p", addr);

                return (-1);

        }

        if (!V8_IS_HEAPOBJECT(mapaddr)) {

                v8_warn("object map is not a heap object\n");

                return (-1);

        }

        if (read_heap_byte(valp, mapaddr, V8_OFF_MAP_INSTANCE_ATTRIBUTES) == -1)

                return (-1);

        return (0);

}

/*

 * Given a heap object, returns in *valp the size of the object.  For

 * variable-size objects, returns an undefined value.

 */

static int

read_size(size_t *valp, uintptr_t addr)

{

        uintptr_t mapaddr;

        uint8_t size;

        if (read_heap_ptr(&mapaddr, addr, V8_OFF_HEAPOBJECT_MAP) != 0)

                return (-1);

        if (!V8_IS_HEAPOBJECT(mapaddr)) {

                v8_warn("heap object map is not itself a heap object\n");

                return (-1);

        }

        if (read_heap_byte(&size, mapaddr, V8_OFF_MAP_INSTANCE_SIZE) != 0)

                return (-1);

        *valp = size << V8_PointerSizeLog2;

        return (0);

}

/*

 * Assuming "addr" refers to a FixedArray that is implementing a

 * StringDictionary, iterate over its contents calling the specified function

 * with key and value.

 */

static int

read_heap_dict(uintptr_t addr,

    int (*func)(const char *, uintptr_t, void *), void *arg)

{

        uint8_t type;

        uintptr_t len;

        char buf[512];

        char *bufp;

        int rval = -1;

        uintptr_t *dict, ndict, i;

        const char *typename;

        if (read_heap_array(addr, &dict, &ndict, UM_SLEEP) != 0)

                return (-1);

        if (V8_DICT_ENTRY_SIZE < 2) {

                v8_warn("dictionary entry size (%d) is too small for a "

                    "key and value\n", V8_DICT_ENTRY_SIZE);

                goto out;

        }

        for (i = V8_DICT_START_INDEX + V8_DICT_PREFIX_SIZE; i < ndict;

            i += V8_DICT_ENTRY_SIZE) {

                /*

                 * The layout here is key, value, details. (This is hardcoded

                 * in Dictionary<Shape, Key>::SetEntry().)

                 */

                if (jsobj_is_undefined(dict[i]))

                        continue;

                if (read_typebyte(&type, dict[i]) != 0)

                        goto out;

                typename = enum_lookup_str(v8_types, type, NULL);

                if (typename != NULL && strcmp(typename, "Oddball") == 0) {

                        /*

                         * In some cases, the key can (apparently) be a hole;

                         * assume that any Oddball in the key field falls into

                         * this case and skip over it.

                         */

                        continue;

                }

                if (!V8_TYPE_STRING(type))

                        goto out;

                bufp = buf;

                len = sizeof (buf);

                if (jsstr_print(dict[i], JSSTR_NUDE, &bufp, &len) != 0)

                        goto out;

                if (func(buf, dict[i + 1], arg) == -1)

                        goto out;

        }

        rval = 0;

out:

        mdb_free(dict, ndict * sizeof (uintptr_t));

        return (rval);

}

/*

 * Returns in "buf" a description of the type of "addr" suitable for printing.

 */

static int

obj_jstype(uintptr_t addr, char **bufp, size_t *lenp, uint8_t *typep)

{

        uint8_t typebyte;

        uintptr_t strptr;

        const char *typename;

        if (V8_IS_FAILURE(addr)) {

                if (typep)

                        *typep = 0;

                (void) bsnprintf(bufp, lenp, "'Failure' object");

                return (0);

        }

        if (V8_IS_SMI(addr)) {

                if (typep)

                        *typep = 0;

                (void) bsnprintf(bufp, lenp, "SMI: value = %d",

                    V8_SMI_VALUE(addr));

                return (0);

        }

        if (read_typebyte(&typebyte, addr) != 0)

                return (-1);

        if (typep)

                *typep = typebyte;

        typename = enum_lookup_str(v8_types, typebyte, "<unknown>");

        (void) bsnprintf(bufp, lenp, typename);

        if (strcmp(typename, "Oddball") == 0) {

                if (read_heap_ptr(&strptr, addr,

                    V8_OFF_ODDBALL_TO_STRING) != -1) {

                        (void) bsnprintf(bufp, lenp, ": \"");

                        (void) jsstr_print(strptr, JSSTR_NUDE, bufp, lenp);

                        (void) bsnprintf(bufp, lenp, "\"");

                }

        }

        return (0);

}

/*

 * Print out the fields of the given object that come from the given class.

 */

static int

obj_print_fields(uintptr_t baddr, v8_class_t *clp)

{

        v8_field_t *flp;

        uintptr_t addr, value;

        int rv;

        char *bufp;

        size_t len;

        uint8_t type;

        char buf[256];

        for (flp = clp->v8c_fields; flp != NULL; flp = flp->v8f_next) {

                bufp = buf;

                len = sizeof (buf);

                addr = baddr + V8_OFF_HEAP(flp->v8f_offset);

                if (flp->v8f_isstr) {

                        if (mdb_readstr(buf, sizeof (buf), addr) == -1) {

                                mdb_printf("%p %s (unreadable)\n",

                                    addr, flp->v8f_name);

                                continue;

                        }

                        mdb_printf("%p %s = \"%s\"\n",

                            addr, flp->v8f_name, buf);

                        continue;

                }

                if (flp->v8f_isbyte) {

                        uint8_t sv;

                        if (mdb_vread(&sv, sizeof (sv), addr) == -1) {

                                mdb_printf("%p %s (unreadable)\n",

                                    addr, flp->v8f_name);

                                continue;

                        }

                        mdb_printf("%p %s = 0x%x\n", addr, flp->v8f_name, sv);

                        continue;

                }

                rv = mdb_vread((void *)&value, sizeof (value), addr);

                if (rv != sizeof (value) ||

                    obj_jstype(value, &bufp, &len, &type) != 0) {

                        mdb_printf("%p %s (unreadable)\n", addr, flp->v8f_name);

                        continue;

                }

                if (type != 0 && V8_TYPE_STRING(type)) {

                        (void) bsnprintf(&bufp, &len, ": ");

                        (void) jsstr_print(value, JSSTR_QUOTED, &bufp, &len);

                }

                mdb_printf("%p %s = %p (%s)\n", addr, flp->v8f_name, value,