1/* 2 * Copyright (c) 2013-2019, Intel Corporation 3 * 4 * Redistribution and use in source and binary forms, with or without 5 * modification, are permitted provided that the following conditions are met: 6 * 7 * * Redistributions of source code must retain the above copyright notice, 8 * this list of conditions and the following disclaimer. 9 * * Redistributions in binary form must reproduce the above copyright notice, 10 * this list of conditions and the following disclaimer in the documentation 11 * and/or other materials provided with the distribution. 12 * * Neither the name of Intel Corporation nor the names of its contributors 13 * may be used to endorse or promote products derived from this software 14 * without specific prior written permission. 15 * 16 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" 17 * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 18 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 19 * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE 20 * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR 21 * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF 22 * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS 23 * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN 24 * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 25 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE 26 * POSSIBILITY OF SUCH DAMAGE. 27 */ 28 29#ifndef INTEL_PT_H 30#define INTEL_PT_H 31 32#include <stdint.h> 33#include <string.h> 34 35#ifdef __cplusplus 36extern "C" { 37#endif 38 39 40/* Intel(R) Processor Trace (Intel PT) decoder library. 41 * 42 * This file is logically structured into the following sections: 43 * 44 * - Version 45 * - Errors 46 * - Configuration 47 * - Packet encoder / decoder 48 * - Query decoder 49 * - Traced image 50 * - Instruction flow decoder 51 * - Block decoder 52 */ 53 54 55 56struct pt_encoder; 57struct pt_packet_decoder; 58struct pt_query_decoder; 59struct pt_insn_decoder; 60struct pt_block_decoder; 61 62 63 64/* A macro to mark functions as exported. */ 65#ifndef pt_export 66# if defined(__GNUC__) 67# define pt_export __attribute__((visibility("default"))) 68# elif defined(_MSC_VER) 69# define pt_export __declspec(dllimport) 70# else 71# error "unknown compiler" 72# endif 73#endif 74 75 76 77/* Version. */ 78 79 80/** The header version. */ 81#define LIBIPT_VERSION_MAJOR ${PT_VERSION_MAJOR} 82#define LIBIPT_VERSION_MINOR ${PT_VERSION_MINOR} 83#define LIBIPT_VERSION_PATCH ${PT_VERSION_PATCH} 84 85#define LIBIPT_VERSION ((LIBIPT_VERSION_MAJOR << 8) + LIBIPT_VERSION_MINOR) 86 87 88/** The library version. */ 89struct pt_version { 90 /** Major version number. */ 91 uint8_t major; 92 93 /** Minor version number. */ 94 uint8_t minor; 95 96 /** Patch level. */ 97 uint16_t patch; 98 99 /** Build number. */ 100 uint32_t build; 101 102 /** Version extension. */ 103 const char *ext; 104}; 105 106 107/** Return the library version. */ 108extern pt_export struct pt_version pt_library_version(void); 109 110 111 112/* Errors. */ 113 114 115 116/** Error codes. */ 117enum pt_error_code { 118 /* No error. Everything is OK. */ 119 pte_ok, 120 121 /* Internal decoder error. */ 122 pte_internal, 123 124 /* Invalid argument. */ 125 pte_invalid, 126 127 /* Decoder out of sync. */ 128 pte_nosync, 129 130 /* Unknown opcode. */ 131 pte_bad_opc, 132 133 /* Unknown payload. */ 134 pte_bad_packet, 135 136 /* Unexpected packet context. */ 137 pte_bad_context, 138 139 /* Decoder reached end of trace stream. */ 140 pte_eos, 141 142 /* No packet matching the query to be found. */ 143 pte_bad_query, 144 145 /* Decoder out of memory. */ 146 pte_nomem, 147 148 /* Bad configuration. */ 149 pte_bad_config, 150 151 /* There is no IP. */ 152 pte_noip, 153 154 /* The IP has been suppressed. */ 155 pte_ip_suppressed, 156 157 /* There is no memory mapped at the requested address. */ 158 pte_nomap, 159 160 /* An instruction could not be decoded. */ 161 pte_bad_insn, 162 163 /* No wall-clock time is available. */ 164 pte_no_time, 165 166 /* No core:bus ratio available. */ 167 pte_no_cbr, 168 169 /* Bad traced image. */ 170 pte_bad_image, 171 172 /* A locking error. */ 173 pte_bad_lock, 174 175 /* The requested feature is not supported. */ 176 pte_not_supported, 177 178 /* The return address stack is empty. */ 179 pte_retstack_empty, 180 181 /* A compressed return is not indicated correctly by a taken branch. */ 182 pte_bad_retcomp, 183 184 /* The current decoder state does not match the state in the trace. */ 185 pte_bad_status_update, 186 187 /* The trace did not contain an expected enabled event. */ 188 pte_no_enable, 189 190 /* An event was ignored. */ 191 pte_event_ignored, 192 193 /* Something overflowed. */ 194 pte_overflow, 195 196 /* A file handling error. */ 197 pte_bad_file, 198 199 /* Unknown cpu. */ 200 pte_bad_cpu 201}; 202 203 204/** Decode a function return value into an pt_error_code. */ 205static inline enum pt_error_code pt_errcode(int status) 206{ 207 return (status >= 0) ? pte_ok : (enum pt_error_code) -status; 208} 209 210/** Return a human readable error string. */ 211extern pt_export const char *pt_errstr(enum pt_error_code); 212 213 214 215/* Configuration. */ 216 217 218 219/** A cpu vendor. */ 220enum pt_cpu_vendor { 221 pcv_unknown, 222 pcv_intel 223}; 224 225/** A cpu identifier. */ 226struct pt_cpu { 227 /** The cpu vendor. */ 228 enum pt_cpu_vendor vendor; 229 230 /** The cpu family. */ 231 uint16_t family; 232 233 /** The cpu model. */ 234 uint8_t model; 235 236 /** The stepping. */ 237 uint8_t stepping; 238}; 239 240/** A collection of Intel PT errata. */ 241struct pt_errata { 242 /** BDM70: Intel(R) Processor Trace PSB+ Packets May Contain 243 * Unexpected Packets. 244 * 245 * Same as: SKD024, SKL021, KBL021. 246 * 247 * Some Intel Processor Trace packets should be issued only between 248 * TIP.PGE and TIP.PGD packets. Due to this erratum, when a TIP.PGE 249 * packet is generated it may be preceded by a PSB+ that incorrectly 250 * includes FUP and MODE.Exec packets. 251 */ 252 uint32_t bdm70:1; 253 254 /** BDM64: An Incorrect LBR or Intel(R) Processor Trace Packet May Be 255 * Recorded Following a Transactional Abort. 256 * 257 * Use of Intel(R) Transactional Synchronization Extensions (Intel(R) 258 * TSX) may result in a transactional abort. If an abort occurs 259 * immediately following a branch instruction, an incorrect branch 260 * target may be logged in an LBR (Last Branch Record) or in an Intel(R) 261 * Processor Trace (Intel(R) PT) packet before the LBR or Intel PT 262 * packet produced by the abort. 263 */ 264 uint32_t bdm64:1; 265 266 /** SKD007: Intel(R) PT Buffer Overflow May Result in Incorrect Packets. 267 * 268 * Same as: SKL049, KBL041. 269 * 270 * Under complex micro-architectural conditions, an Intel PT (Processor 271 * Trace) OVF (Overflow) packet may be issued after the first byte of a 272 * multi-byte CYC (Cycle Count) packet, instead of any remaining bytes 273 * of the CYC. 274 */ 275 uint32_t skd007:1; 276 277 /** SKD022: VM Entry That Clears TraceEn May Generate a FUP. 278 * 279 * Same as: SKL024, KBL023. 280 * 281 * If VM entry clears Intel(R) PT (Intel Processor Trace) 282 * IA32_RTIT_CTL.TraceEn (MSR 570H, bit 0) while PacketEn is 1 then a 283 * FUP (Flow Update Packet) will precede the TIP.PGD (Target IP Packet, 284 * Packet Generation Disable). VM entry can clear TraceEn if the 285 * VM-entry MSR-load area includes an entry for the IA32_RTIT_CTL MSR. 286 */ 287 uint32_t skd022:1; 288 289 /** SKD010: Intel(R) PT FUP May be Dropped After OVF. 290 * 291 * Same as: SKD014, SKL033, KBL030. 292 * 293 * Some Intel PT (Intel Processor Trace) OVF (Overflow) packets may not 294 * be followed by a FUP (Flow Update Packet) or TIP.PGE (Target IP 295 * Packet, Packet Generation Enable). 296 */ 297 uint32_t skd010:1; 298 299 /** SKL014: Intel(R) PT TIP.PGD May Not Have Target IP Payload. 300 * 301 * Same as: KBL014. 302 * 303 * When Intel PT (Intel Processor Trace) is enabled and a direct 304 * unconditional branch clears IA32_RTIT_STATUS.FilterEn (MSR 571H, bit 305 * 0), due to this erratum, the resulting TIP.PGD (Target IP Packet, 306 * Packet Generation Disable) may not have an IP payload with the target 307 * IP. 308 */ 309 uint32_t skl014:1; 310 311 /** APL12: Intel(R) PT OVF May Be Followed By An Unexpected FUP Packet. 312 * 313 * Certain Intel PT (Processor Trace) packets including FUPs (Flow 314 * Update Packets), should be issued only between TIP.PGE (Target IP 315 * Packet - Packet Generaton Enable) and TIP.PGD (Target IP Packet - 316 * Packet Generation Disable) packets. When outside a TIP.PGE/TIP.PGD 317 * pair, as a result of IA32_RTIT_STATUS.FilterEn[0] (MSR 571H) being 318 * cleared, an OVF (Overflow) packet may be unexpectedly followed by a 319 * FUP. 320 */ 321 uint32_t apl12:1; 322 323 /** APL11: Intel(R) PT OVF Pakcet May Be Followed by TIP.PGD Packet 324 * 325 * If Intel PT (Processor Trace) encounters an internal buffer overflow 326 * and generates an OVF (Overflow) packet just as IA32_RTIT_CTL (MSR 327 * 570H) bit 0 (TraceEn) is cleared, or during a far transfer that 328 * causes IA32_RTIT_STATUS.ContextEn[1] (MSR 571H) to be cleared, the 329 * OVF may be followed by a TIP.PGD (Target Instruction Pointer - Packet 330 * Generation Disable) packet. 331 */ 332 uint32_t apl11:1; 333 334 /** SKL168: Intel(R) PT CYC Packets Can be Dropped When Immediately 335 * Preceding PSB 336 * 337 * Due to a rare microarchitectural condition, generation of an Intel 338 * PT (Processor Trace) PSB (Packet Stream Boundary) packet can cause a 339 * single CYC (Cycle Count) packet, possibly along with an associated 340 * MTC (Mini Time Counter) packet, to be dropped. 341 */ 342 uint32_t skl168:1; 343 344 /* Reserve a few bytes for the future. */ 345 uint32_t reserved[15]; 346}; 347 348/** A collection of decoder-specific configuration flags. */ 349struct pt_conf_flags { 350 /** The decoder variant. */ 351 union { 352 /** Flags for the block decoder. */ 353 struct { 354 /** End a block after a call instruction. */ 355 uint32_t end_on_call:1; 356 357 /** Enable tick events for timing updates. */ 358 uint32_t enable_tick_events:1; 359 360 /** End a block after a jump instruction. */ 361 uint32_t end_on_jump:1; 362 363 /** Preserve timing calibration on overflow. */ 364 uint32_t keep_tcal_on_ovf:1; 365 } block; 366 367 /** Flags for the instruction flow decoder. */ 368 struct { 369 /** Enable tick events for timing updates. */ 370 uint32_t enable_tick_events:1; 371 372 /** Preserve timing calibration on overflow. */ 373 uint32_t keep_tcal_on_ovf:1; 374 } insn; 375 376 /** Flags for the query decoder. */ 377 struct { 378 /** Preserve timing calibration on overflow. */ 379 uint32_t keep_tcal_on_ovf:1; 380 } query; 381 382 /* Reserve a few bytes for future extensions. */ 383 uint32_t reserved[4]; 384 } variant; 385}; 386 387/** The address filter configuration. */ 388struct pt_conf_addr_filter { 389 /** The address filter configuration. 390 * 391 * This corresponds to the respective fields in IA32_RTIT_CTL MSR. 392 */ 393 union { 394 uint64_t addr_cfg; 395 396 struct { 397 uint32_t addr0_cfg:4; 398 uint32_t addr1_cfg:4; 399 uint32_t addr2_cfg:4; 400 uint32_t addr3_cfg:4; 401 } ctl; 402 } config; 403 404 /** The address ranges configuration. 405 * 406 * This corresponds to the IA32_RTIT_ADDRn_A/B MSRs. 407 */ 408 uint64_t addr0_a; 409 uint64_t addr0_b; 410 uint64_t addr1_a; 411 uint64_t addr1_b; 412 uint64_t addr2_a; 413 uint64_t addr2_b; 414 uint64_t addr3_a; 415 uint64_t addr3_b; 416 417 /* Reserve some space. */ 418 uint64_t reserved[8]; 419}; 420 421/** An unknown packet. */ 422struct pt_packet_unknown; 423 424/** An Intel PT decoder configuration. 425 */ 426struct pt_config { 427 /** The size of the config structure in bytes. */ 428 size_t size; 429 430 /** The trace buffer begin address. */ 431 uint8_t *begin; 432 433 /** The trace buffer end address. */ 434 uint8_t *end; 435 436 /** An optional callback for handling unknown packets. 437 * 438 * If \@callback is not NULL, it is called for any unknown opcode. 439 */ 440 struct { 441 /** The callback function. 442 * 443 * It shall decode the packet at \@pos into \@unknown. 444 * It shall return the number of bytes read upon success. 445 * It shall return a negative pt_error_code otherwise. 446 * The below context is passed as \@context. 447 */ 448 int (*callback)(struct pt_packet_unknown *unknown, 449 const struct pt_config *config, 450 const uint8_t *pos, void *context); 451 452 /** The user-defined context for this configuration. */ 453 void *context; 454 } decode; 455 456 /** The cpu on which Intel PT has been recorded. */ 457 struct pt_cpu cpu; 458 459 /** The errata to apply when encoding or decoding Intel PT. */ 460 struct pt_errata errata; 461 462 /* The CTC frequency. 463 * 464 * This is only required if MTC packets have been enabled in 465 * IA32_RTIT_CTRL.MTCEn. 466 */ 467 uint32_t cpuid_0x15_eax, cpuid_0x15_ebx; 468 469 /* The MTC frequency as defined in IA32_RTIT_CTL.MTCFreq. 470 * 471 * This is only required if MTC packets have been enabled in 472 * IA32_RTIT_CTRL.MTCEn. 473 */ 474 uint8_t mtc_freq; 475 476 /* The nominal frequency as defined in MSR_PLATFORM_INFO[15:8]. 477 * 478 * This is only required if CYC packets have been enabled in 479 * IA32_RTIT_CTRL.CYCEn. 480 * 481 * If zero, timing calibration will only be able to use MTC and CYC 482 * packets. 483 * 484 * If not zero, timing calibration will also be able to use CBR 485 * packets. 486 */ 487 uint8_t nom_freq; 488 489 /** A collection of decoder-specific flags. */ 490 struct pt_conf_flags flags; 491 492 /** The address filter configuration. */ 493 struct pt_conf_addr_filter addr_filter; 494}; 495 496 497/** Zero-initialize an Intel PT configuration. */ 498static inline void pt_config_init(struct pt_config *config) 499{ 500 memset(config, 0, sizeof(*config)); 501 502 config->size = sizeof(*config); 503} 504 505/** Determine errata for a given cpu. 506 * 507 * Updates \@errata based on \@cpu. 508 * 509 * Returns 0 on success, a negative error code otherwise. 510 * Returns -pte_invalid if \@errata or \@cpu is NULL. 511 * Returns -pte_bad_cpu if \@cpu is not known. 512 */ 513extern pt_export int pt_cpu_errata(struct pt_errata *errata, 514 const struct pt_cpu *cpu); 515 516 517 518/* Packet encoder / decoder. */ 519 520 521 522/** Intel PT packet types. */ 523enum pt_packet_type { 524 /* An invalid packet. */ 525 ppt_invalid, 526 527 /* A packet decodable by the optional decoder callback. */ 528 ppt_unknown, 529 530 /* Actual packets supported by this library. */ 531 ppt_pad, 532 ppt_psb, 533 ppt_psbend, 534 ppt_fup, 535 ppt_tip, 536 ppt_tip_pge, 537 ppt_tip_pgd, 538 ppt_tnt_8, 539 ppt_tnt_64, 540 ppt_mode, 541 ppt_pip, 542 ppt_vmcs, 543 ppt_cbr, 544 ppt_tsc, 545 ppt_tma, 546 ppt_mtc, 547 ppt_cyc, 548 ppt_stop, 549 ppt_ovf, 550 ppt_mnt, 551 ppt_exstop, 552 ppt_mwait, 553 ppt_pwre, 554 ppt_pwrx, 555 ppt_ptw 556}; 557 558/** The IP compression. */ 559enum pt_ip_compression { 560 /* The bits encode the payload size and the encoding scheme. 561 * 562 * No payload. The IP has been suppressed. 563 */ 564 pt_ipc_suppressed = 0x0, 565 566 /* Payload: 16 bits. Update last IP. */ 567 pt_ipc_update_16 = 0x01, 568 569 /* Payload: 32 bits. Update last IP. */ 570 pt_ipc_update_32 = 0x02, 571 572 /* Payload: 48 bits. Sign extend to full address. */ 573 pt_ipc_sext_48 = 0x03, 574 575 /* Payload: 48 bits. Update last IP. */ 576 pt_ipc_update_48 = 0x04, 577 578 /* Payload: 64 bits. Full address. */ 579 pt_ipc_full = 0x06 580}; 581 582/** An execution mode. */ 583enum pt_exec_mode { 584 ptem_unknown, 585 ptem_16bit, 586 ptem_32bit, 587 ptem_64bit 588}; 589 590/** Mode packet leaves. */ 591enum pt_mode_leaf { 592 pt_mol_exec = 0x00, 593 pt_mol_tsx = 0x20 594}; 595 596/** A TNT-8 or TNT-64 packet. */ 597struct pt_packet_tnt { 598 /** TNT payload bit size. */ 599 uint8_t bit_size; 600 601 /** TNT payload excluding stop bit. */ 602 uint64_t payload; 603}; 604 605/** A packet with IP payload. */ 606struct pt_packet_ip { 607 /** IP compression. */ 608 enum pt_ip_compression ipc; 609 610 /** Zero-extended payload ip. */ 611 uint64_t ip; 612}; 613 614/** A mode.exec packet. */ 615struct pt_packet_mode_exec { 616 /** The mode.exec csl bit. */ 617 uint32_t csl:1; 618 619 /** The mode.exec csd bit. */ 620 uint32_t csd:1; 621}; 622 623static inline enum pt_exec_mode 624pt_get_exec_mode(const struct pt_packet_mode_exec *packet) 625{ 626 if (packet->csl) 627 return packet->csd ? ptem_unknown : ptem_64bit; 628 else 629 return packet->csd ? ptem_32bit : ptem_16bit; 630} 631 632static inline struct pt_packet_mode_exec 633pt_set_exec_mode(enum pt_exec_mode mode) 634{ 635 struct pt_packet_mode_exec packet; 636 637 switch (mode) { 638 default: 639 packet.csl = 1; 640 packet.csd = 1; 641 break; 642 643 case ptem_64bit: 644 packet.csl = 1; 645 packet.csd = 0; 646 break; 647 648 case ptem_32bit: 649 packet.csl = 0; 650 packet.csd = 1; 651 break; 652 653 case ptem_16bit: 654 packet.csl = 0; 655 packet.csd = 0; 656 break; 657 } 658 659 return packet; 660} 661 662/** A mode.tsx packet. */ 663struct pt_packet_mode_tsx { 664 /** The mode.tsx intx bit. */ 665 uint32_t intx:1; 666 667 /** The mode.tsx abrt bit. */ 668 uint32_t abrt:1; 669}; 670 671/** A mode packet. */ 672struct pt_packet_mode { 673 /** Mode leaf. */ 674 enum pt_mode_leaf leaf; 675 676 /** Mode bits. */ 677 union { 678 /** Packet: mode.exec. */ 679 struct pt_packet_mode_exec exec; 680 681 /** Packet: mode.tsx. */ 682 struct pt_packet_mode_tsx tsx; 683 } bits; 684}; 685 686/** A PIP packet. */ 687struct pt_packet_pip { 688 /** The CR3 value. */ 689 uint64_t cr3; 690 691 /** The non-root bit. */ 692 uint32_t nr:1; 693}; 694 695/** A TSC packet. */ 696struct pt_packet_tsc { 697 /** The TSC value. */ 698 uint64_t tsc; 699}; 700 701/** A CBR packet. */ 702struct pt_packet_cbr { 703 /** The core/bus cycle ratio. */ 704 uint8_t ratio; 705}; 706 707/** A TMA packet. */ 708struct pt_packet_tma { 709 /** The crystal clock tick counter value. */ 710 uint16_t ctc; 711 712 /** The fast counter value. */ 713 uint16_t fc; 714}; 715 716/** A MTC packet. */ 717struct pt_packet_mtc { 718 /** The crystal clock tick counter value. */ 719 uint8_t ctc; 720}; 721 722/** A CYC packet. */ 723struct pt_packet_cyc { 724 /** The cycle counter value. */ 725 uint64_t value; 726}; 727 728/** A VMCS packet. */ 729struct pt_packet_vmcs { 730 /* The VMCS Base Address (i.e. the shifted payload). */ 731 uint64_t base; 732}; 733 734/** A MNT packet. */ 735struct pt_packet_mnt { 736 /** The raw payload. */ 737 uint64_t payload; 738}; 739 740/** A EXSTOP packet. */ 741struct pt_packet_exstop { 742 /** A flag specifying the binding of the packet: 743 * 744 * set: binds to the next FUP. 745 * clear: standalone. 746 */ 747 uint32_t ip:1; 748}; 749 750/** A MWAIT packet. */ 751struct pt_packet_mwait { 752 /** The MWAIT hints (EAX). */ 753 uint32_t hints; 754 755 /** The MWAIT extensions (ECX). */ 756 uint32_t ext; 757}; 758 759/** A PWRE packet. */ 760struct pt_packet_pwre { 761 /** The resolved thread C-state. */ 762 uint8_t state; 763 764 /** The resolved thread sub C-state. */ 765 uint8_t sub_state; 766 767 /** A flag indicating whether the C-state entry was initiated by h/w. */ 768 uint32_t hw:1; 769}; 770 771/** A PWRX packet. */ 772struct pt_packet_pwrx { 773 /** The core C-state at the time of the wake. */ 774 uint8_t last; 775 776 /** The deepest core C-state achieved during sleep. */ 777 uint8_t deepest; 778 779 /** The wake reason: 780 * 781 * - due to external interrupt received. 782 */ 783 uint32_t interrupt:1; 784 785 /** - due to store to monitored address. */ 786 uint32_t store:1; 787 788 /** - due to h/w autonomous condition such as HDC. */ 789 uint32_t autonomous:1; 790}; 791 792/** A PTW packet. */ 793struct pt_packet_ptw { 794 /** The raw payload. */ 795 uint64_t payload; 796 797 /** The payload size as encoded in the packet. */ 798 uint8_t plc; 799 800 /** A flag saying whether a FUP is following PTW that provides 801 * the IP of the corresponding PTWRITE instruction. 802 */ 803 uint32_t ip:1; 804}; 805 806static inline int pt_ptw_size(uint8_t plc) 807{ 808 switch (plc) { 809 case 0: 810 return 4; 811 812 case 1: 813 return 8; 814 815 case 2: 816 case 3: 817 return -pte_bad_packet; 818 } 819 820 return -pte_internal; 821} 822 823/** An unknown packet decodable by the optional decoder callback. */ 824struct pt_packet_unknown { 825 /** Pointer to the raw packet bytes. */ 826 const uint8_t *packet; 827 828 /** Optional pointer to a user-defined structure. */ 829 void *priv; 830}; 831 832/** An Intel PT packet. */ 833struct pt_packet { 834 /** The type of the packet. 835 * 836 * This also determines the \@payload field. 837 */ 838 enum pt_packet_type type; 839 840 /** The size of the packet including opcode and payload. */ 841 uint8_t size; 842 843 /** Packet specific data. */ 844 union { 845 /** Packets: pad, ovf, psb, psbend, stop - no payload. */ 846 847 /** Packet: tnt-8, tnt-64. */ 848 struct pt_packet_tnt tnt; 849 850 /** Packet: tip, fup, tip.pge, tip.pgd. */ 851 struct pt_packet_ip ip; 852 853 /** Packet: mode. */ 854 struct pt_packet_mode mode; 855 856 /** Packet: pip. */ 857 struct pt_packet_pip pip; 858 859 /** Packet: tsc. */ 860 struct pt_packet_tsc tsc; 861 862 /** Packet: cbr. */ 863 struct pt_packet_cbr cbr; 864 865 /** Packet: tma. */ 866 struct pt_packet_tma tma; 867 868 /** Packet: mtc. */ 869 struct pt_packet_mtc mtc; 870 871 /** Packet: cyc. */ 872 struct pt_packet_cyc cyc; 873 874 /** Packet: vmcs. */ 875 struct pt_packet_vmcs vmcs; 876 877 /** Packet: mnt. */ 878 struct pt_packet_mnt mnt; 879 880 /** Packet: exstop. */ 881 struct pt_packet_exstop exstop; 882 883 /** Packet: mwait. */ 884 struct pt_packet_mwait mwait; 885 886 /** Packet: pwre. */ 887 struct pt_packet_pwre pwre; 888 889 /** Packet: pwrx. */ 890 struct pt_packet_pwrx pwrx; 891 892 /** Packet: ptw. */ 893 struct pt_packet_ptw ptw; 894 895 /** Packet: unknown. */ 896 struct pt_packet_unknown unknown; 897 } payload; 898}; 899 900 901 902/* Packet encoder. */ 903 904 905 906/** Allocate an Intel PT packet encoder. 907 * 908 * The encoder will work on the buffer defined in \@config, it shall contain 909 * raw trace data and remain valid for the lifetime of the encoder. 910 * 911 * The encoder starts at the beginning of the trace buffer. 912 */ 913extern pt_export struct pt_encoder * 914pt_alloc_encoder(const struct pt_config *config); 915 916/** Free an Intel PT packet encoder. 917 * 918 * The \@encoder must not be used after a successful return. 919 */ 920extern pt_export void pt_free_encoder(struct pt_encoder *encoder); 921 922/** Hard set synchronization point of an Intel PT packet encoder. 923 * 924 * Synchronize \@encoder to \@offset within the trace buffer. 925 * 926 * Returns zero on success, a negative error code otherwise. 927 * 928 * Returns -pte_eos if the given offset is behind the end of the trace buffer. 929 * Returns -pte_invalid if \@encoder is NULL. 930 */ 931extern pt_export int pt_enc_sync_set(struct pt_encoder *encoder, 932 uint64_t offset); 933 934/** Get the current packet encoder position. 935 * 936 * Fills the current \@encoder position into \@offset. 937 * 938 * This is useful for reporting errors. 939 * 940 * Returns zero on success, a negative error code otherwise. 941 * 942 * Returns -pte_invalid if \@encoder or \@offset is NULL. 943 */ 944extern pt_export int pt_enc_get_offset(const struct pt_encoder *encoder, 945 uint64_t *offset); 946 947/* Return a pointer to \@encoder's configuration. 948 * 949 * Returns a non-null pointer on success, NULL if \@encoder is NULL. 950 */ 951extern pt_export const struct pt_config * 952pt_enc_get_config(const struct pt_encoder *encoder); 953 954/** Encode an Intel PT packet. 955 * 956 * Writes \@packet at \@encoder's current position in the Intel PT buffer and 957 * advances the \@encoder beyond the written packet. 958 * 959 * The \@packet.size field is ignored. 960 * 961 * In case of errors, the \@encoder is not advanced and nothing is written 962 * into the Intel PT buffer. 963 * 964 * Returns the number of bytes written on success, a negative error code 965 * otherwise. 966 * 967 * Returns -pte_bad_opc if \@packet.type is not known. 968 * Returns -pte_bad_packet if \@packet's payload is invalid. 969 * Returns -pte_eos if \@encoder reached the end of the Intel PT buffer. 970 * Returns -pte_invalid if \@encoder or \@packet is NULL. 971 */ 972extern pt_export int pt_enc_next(struct pt_encoder *encoder, 973 const struct pt_packet *packet); 974 975 976 977/* Packet decoder. */ 978 979 980 981/** Allocate an Intel PT packet decoder. 982 * 983 * The decoder will work on the buffer defined in \@config, it shall contain 984 * raw trace data and remain valid for the lifetime of the decoder. 985 * 986 * The decoder needs to be synchronized before it can be used. 987 */ 988extern pt_export struct pt_packet_decoder * 989pt_pkt_alloc_decoder(const struct pt_config *config); 990 991/** Free an Intel PT packet decoder. 992 * 993 * The \@decoder must not be used after a successful return. 994 */ 995extern pt_export void pt_pkt_free_decoder(struct pt_packet_decoder *decoder); 996 997/** Synchronize an Intel PT packet decoder. 998 * 999 * Search for the next synchronization point in forward or backward direction. 1000 * 1001 * If \@decoder has not been synchronized, yet, the search is started at the 1002 * beginning of the trace buffer in case of forward synchronization and at the 1003 * end of the trace buffer in case of backward synchronization. 1004 * 1005 * Returns zero or a positive value on success, a negative error code otherwise. 1006 * 1007 * Returns -pte_eos if no further synchronization point is found. 1008 * Returns -pte_invalid if \@decoder is NULL. 1009 */ 1010extern pt_export int pt_pkt_sync_forward(struct pt_packet_decoder *decoder); 1011extern pt_export int pt_pkt_sync_backward(struct pt_packet_decoder *decoder); 1012 1013/** Hard set synchronization point of an Intel PT decoder. 1014 * 1015 * Synchronize \@decoder to \@offset within the trace buffer. 1016 * 1017 * Returns zero on success, a negative error code otherwise. 1018 * 1019 * Returns -pte_eos if the given offset is behind the end of the trace buffer. 1020 * Returns -pte_invalid if \@decoder is NULL. 1021 */ 1022extern pt_export int pt_pkt_sync_set(struct pt_packet_decoder *decoder, 1023 uint64_t offset); 1024 1025/** Get the current decoder position. 1026 * 1027 * Fills the current \@decoder position into \@offset. 1028 * 1029 * This is useful for reporting errors. 1030 * 1031 * Returns zero on success, a negative error code otherwise. 1032 * 1033 * Returns -pte_invalid if \@decoder or \@offset is NULL. 1034 * Returns -pte_nosync if \@decoder is out of sync. 1035 */ 1036extern pt_export int pt_pkt_get_offset(const struct pt_packet_decoder *decoder, 1037 uint64_t *offset); 1038 1039/** Get the position of the last synchronization point. 1040 * 1041 * Fills the last synchronization position into \@offset. 1042 * 1043 * This is useful when splitting a trace stream for parallel decoding. 1044 * 1045 * Returns zero on success, a negative error code otherwise. 1046 * 1047 * Returns -pte_invalid if \@decoder or \@offset is NULL. 1048 * Returns -pte_nosync if \@decoder is out of sync. 1049 */ 1050extern pt_export int 1051pt_pkt_get_sync_offset(const struct pt_packet_decoder *decoder, 1052 uint64_t *offset); 1053 1054/* Return a pointer to \@decoder's configuration. 1055 * 1056 * Returns a non-null pointer on success, NULL if \@decoder is NULL. 1057 */ 1058extern pt_export const struct pt_config * 1059pt_pkt_get_config(const struct pt_packet_decoder *decoder); 1060 1061/** Decode the next packet and advance the decoder. 1062 * 1063 * Decodes the packet at \@decoder's current position into \@packet and 1064 * adjusts the \@decoder's position by the number of bytes the packet had 1065 * consumed. 1066 * 1067 * The \@size argument must be set to sizeof(struct pt_packet). 1068 * 1069 * Returns the number of bytes consumed on success, a negative error code 1070 * otherwise. 1071 * 1072 * Returns -pte_bad_opc if the packet is unknown. 1073 * Returns -pte_bad_packet if an unknown packet payload is encountered. 1074 * Returns -pte_eos if \@decoder reached the end of the Intel PT buffer. 1075 * Returns -pte_invalid if \@decoder or \@packet is NULL. 1076 * Returns -pte_nosync if \@decoder is out of sync. 1077 */ 1078extern pt_export int pt_pkt_next(struct pt_packet_decoder *decoder, 1079 struct pt_packet *packet, size_t size); 1080 1081 1082 1083/* Query decoder. */ 1084 1085 1086 1087/** Decoder status flags. */ 1088enum pt_status_flag { 1089 /** There is an event pending. */ 1090 pts_event_pending = 1 << 0, 1091 1092 /** The address has been suppressed. */ 1093 pts_ip_suppressed = 1 << 1, 1094 1095 /** There is no more trace data available. */ 1096 pts_eos = 1 << 2 1097}; 1098 1099/** Event types. */ 1100enum pt_event_type { 1101 /* Tracing has been enabled/disabled. */ 1102 ptev_enabled, 1103 ptev_disabled, 1104 1105 /* Tracing has been disabled asynchronously. */ 1106 ptev_async_disabled, 1107 1108 /* An asynchronous branch, e.g. interrupt. */ 1109 ptev_async_branch, 1110 1111 /* A synchronous paging event. */ 1112 ptev_paging, 1113 1114 /* An asynchronous paging event. */ 1115 ptev_async_paging, 1116 1117 /* Trace overflow. */ 1118 ptev_overflow, 1119 1120 /* An execution mode change. */ 1121 ptev_exec_mode, 1122 1123 /* A transactional execution state change. */ 1124 ptev_tsx, 1125 1126 /* Trace Stop. */ 1127 ptev_stop, 1128 1129 /* A synchronous vmcs event. */ 1130 ptev_vmcs, 1131 1132 /* An asynchronous vmcs event. */ 1133 ptev_async_vmcs, 1134 1135 /* Execution has stopped. */ 1136 ptev_exstop, 1137 1138 /* An MWAIT operation completed. */ 1139 ptev_mwait, 1140 1141 /* A power state was entered. */ 1142 ptev_pwre, 1143 1144 /* A power state was exited. */ 1145 ptev_pwrx, 1146 1147 /* A PTWRITE event. */ 1148 ptev_ptwrite, 1149 1150 /* A timing event. */ 1151 ptev_tick, 1152 1153 /* A core:bus ratio event. */ 1154 ptev_cbr, 1155 1156 /* A maintenance event. */ 1157 ptev_mnt 1158}; 1159 1160/** An event. */ 1161struct pt_event { 1162 /** The type of the event. */ 1163 enum pt_event_type type; 1164 1165 /** A flag indicating that the event IP has been suppressed. */ 1166 uint32_t ip_suppressed:1; 1167 1168 /** A flag indicating that the event is for status update. */ 1169 uint32_t status_update:1; 1170 1171 /** A flag indicating that the event has timing information. */ 1172 uint32_t has_tsc:1; 1173 1174 /** The time stamp count of the event. 1175 * 1176 * This field is only valid if \@has_tsc is set. 1177 */ 1178 uint64_t tsc; 1179 1180 /** The number of lost mtc and cyc packets. 1181 * 1182 * This gives an idea about the quality of the \@tsc. The more packets 1183 * were dropped, the less precise timing is. 1184 */ 1185 uint32_t lost_mtc; 1186 uint32_t lost_cyc; 1187 1188 /* Reserved space for future extensions. */ 1189 uint64_t reserved[2]; 1190 1191 /** Event specific data. */ 1192 union { 1193 /** Event: enabled. */ 1194 struct { 1195 /** The address at which tracing resumes. */ 1196 uint64_t ip; 1197 1198 /** A flag indicating that tracing resumes from the IP 1199 * at which tracing had been disabled before. 1200 */ 1201 uint32_t resumed:1; 1202 } enabled; 1203 1204 /** Event: disabled. */ 1205 struct { 1206 /** The destination of the first branch inside a 1207 * filtered area. 1208 * 1209 * This field is not valid if \@ip_suppressed is set. 1210 */ 1211 uint64_t ip; 1212 1213 /* The exact source ip needs to be determined using 1214 * disassembly and the filter configuration. 1215 */ 1216 } disabled; 1217 1218 /** Event: async disabled. */ 1219 struct { 1220 /** The source address of the asynchronous branch that 1221 * disabled tracing. 1222 */ 1223 uint64_t at; 1224 1225 /** The destination of the first branch inside a 1226 * filtered area. 1227 * 1228 * This field is not valid if \@ip_suppressed is set. 1229 */ 1230 uint64_t ip; 1231 } async_disabled; 1232 1233 /** Event: async branch. */ 1234 struct { 1235 /** The branch source address. */ 1236 uint64_t from; 1237 1238 /** The branch destination address. 1239 * 1240 * This field is not valid if \@ip_suppressed is set. 1241 */ 1242 uint64_t to; 1243 } async_branch; 1244 1245 /** Event: paging. */ 1246 struct { 1247 /** The updated CR3 value. 1248 * 1249 * The lower 5 bit have been zeroed out. 1250 * The upper bits have been zeroed out depending on the 1251 * maximum possible address. 1252 */ 1253 uint64_t cr3; 1254 1255 /** A flag indicating whether the cpu is operating in 1256 * vmx non-root (guest) mode. 1257 */ 1258 uint32_t non_root:1; 1259 1260 /* The address at which the event is effective is 1261 * obvious from the disassembly. 1262 */ 1263 } paging; 1264 1265 /** Event: async paging. */ 1266 struct { 1267 /** The updated CR3 value. 1268 * 1269 * The lower 5 bit have been zeroed out. 1270 * The upper bits have been zeroed out depending on the 1271 * maximum possible address. 1272 */ 1273 uint64_t cr3; 1274 1275 /** A flag indicating whether the cpu is operating in 1276 * vmx non-root (guest) mode. 1277 */ 1278 uint32_t non_root:1; 1279 1280 /** The address at which the event is effective. */ 1281 uint64_t ip; 1282 } async_paging; 1283 1284 /** Event: overflow. */ 1285 struct { 1286 /** The address at which tracing resumes after overflow. 1287 * 1288 * This field is not valid, if ip_suppressed is set. 1289 * In this case, the overflow resolved while tracing 1290 * was disabled. 1291 */ 1292 uint64_t ip; 1293 } overflow; 1294 1295 /** Event: exec mode. */ 1296 struct { 1297 /** The execution mode. */ 1298 enum pt_exec_mode mode; 1299 1300 /** The address at which the event is effective. */ 1301 uint64_t ip; 1302 } exec_mode; 1303 1304 /** Event: tsx. */ 1305 struct { 1306 /** The address at which the event is effective. 1307 * 1308 * This field is not valid if \@ip_suppressed is set. 1309 */ 1310 uint64_t ip; 1311 1312 /** A flag indicating speculative execution mode. */ 1313 uint32_t speculative:1; 1314 1315 /** A flag indicating speculative execution aborts. */ 1316 uint32_t aborted:1; 1317 } tsx; 1318 1319 /** Event: vmcs. */ 1320 struct { 1321 /** The VMCS base address. 1322 * 1323 * The address is zero-extended with the lower 12 bits 1324 * all zero. 1325 */ 1326 uint64_t base; 1327 1328 /* The new VMCS base address should be stored and 1329 * applied on subsequent VM entries. 1330 */ 1331 } vmcs; 1332 1333 /** Event: async vmcs. */ 1334 struct { 1335 /** The VMCS base address. 1336 * 1337 * The address is zero-extended with the lower 12 bits 1338 * all zero. 1339 */ 1340 uint64_t base; 1341 1342 /** The address at which the event is effective. */ 1343 uint64_t ip; 1344 1345 /* An async paging event that binds to the same IP 1346 * will always succeed this async vmcs event. 1347 */ 1348 } async_vmcs; 1349 1350 /** Event: execution stopped. */ 1351 struct { 1352 /** The address at which execution has stopped. This is 1353 * the last instruction that did not complete. 1354 * 1355 * This field is not valid, if \@ip_suppressed is set. 1356 */ 1357 uint64_t ip; 1358 } exstop; 1359 1360 /** Event: mwait. */ 1361 struct { 1362 /** The address of the instruction causing the mwait. 1363 * 1364 * This field is not valid, if \@ip_suppressed is set. 1365 */ 1366 uint64_t ip; 1367 1368 /** The mwait hints (eax). 1369 * 1370 * Reserved bits are undefined. 1371 */ 1372 uint32_t hints; 1373 1374 /** The mwait extensions (ecx). 1375 * 1376 * Reserved bits are undefined. 1377 */ 1378 uint32_t ext; 1379 } mwait; 1380 1381 /** Event: power state entry. */ 1382 struct { 1383 /** The resolved thread C-state. */ 1384 uint8_t state; 1385 1386 /** The resolved thread sub C-state. */ 1387 uint8_t sub_state; 1388 1389 /** A flag indicating whether the C-state entry was 1390 * initiated by h/w. 1391 */ 1392 uint32_t hw:1; 1393 } pwre; 1394 1395 /** Event: power state exit. */ 1396 struct { 1397 /** The core C-state at the time of the wake. */ 1398 uint8_t last; 1399 1400 /** The deepest core C-state achieved during sleep. */ 1401 uint8_t deepest; 1402 1403 /** The wake reason: 1404 * 1405 * - due to external interrupt received. 1406 */ 1407 uint32_t interrupt:1; 1408 1409 /** - due to store to monitored address. */ 1410 uint32_t store:1; 1411 1412 /** - due to h/w autonomous condition such as HDC. */ 1413 uint32_t autonomous:1; 1414 } pwrx; 1415 1416 /** Event: ptwrite. */ 1417 struct { 1418 /** The address of the ptwrite instruction. 1419 * 1420 * This field is not valid, if \@ip_suppressed is set. 1421 * 1422 * In this case, the address is obvious from the 1423 * disassembly. 1424 */ 1425 uint64_t ip; 1426 1427 /** The size of the below \@payload in bytes. */ 1428 uint8_t size; 1429 1430 /** The ptwrite payload. */ 1431 uint64_t payload; 1432 } ptwrite; 1433 1434 /** Event: tick. */ 1435 struct { 1436 /** The instruction address near which the tick occured. 1437 * 1438 * A timestamp can sometimes be attributed directly to 1439 * an instruction (e.g. to an indirect branch that 1440 * receives CYC + TIP) and sometimes not (e.g. MTC). 1441 * 1442 * This field is not valid, if \@ip_suppressed is set. 1443 */ 1444 uint64_t ip; 1445 } tick; 1446 1447 /** Event: cbr. */ 1448 struct { 1449 /** The core:bus ratio. */ 1450 uint16_t ratio; 1451 } cbr; 1452 1453 /** Event: mnt. */ 1454 struct { 1455 /** The raw payload. */ 1456 uint64_t payload; 1457 } mnt; 1458 } variant; 1459}; 1460 1461 1462/** Allocate an Intel PT query decoder. 1463 * 1464 * The decoder will work on the buffer defined in \@config, it shall contain 1465 * raw trace data and remain valid for the lifetime of the decoder. 1466 * 1467 * The decoder needs to be synchronized before it can be used. 1468 */ 1469extern pt_export struct pt_query_decoder * 1470pt_qry_alloc_decoder(const struct pt_config *config); 1471 1472/** Free an Intel PT query decoder. 1473 * 1474 * The \@decoder must not be used after a successful return. 1475 */ 1476extern pt_export void pt_qry_free_decoder(struct pt_query_decoder *decoder); 1477 1478/** Synchronize an Intel PT query decoder. 1479 * 1480 * Search for the next synchronization point in forward or backward direction. 1481 * 1482 * If \@decoder has not been synchronized, yet, the search is started at the 1483 * beginning of the trace buffer in case of forward synchronization and at the 1484 * end of the trace buffer in case of backward synchronization. 1485 * 1486 * If \@ip is not NULL, set it to last ip. 1487 * 1488 * Returns a non-negative pt_status_flag bit-vector on success, a negative error 1489 * code otherwise. 1490 * 1491 * Returns -pte_bad_opc if an unknown packet is encountered. 1492 * Returns -pte_bad_packet if an unknown packet payload is encountered. 1493 * Returns -pte_eos if no further synchronization point is found. 1494 * Returns -pte_invalid if \@decoder is NULL. 1495 */ 1496extern pt_export int pt_qry_sync_forward(struct pt_query_decoder *decoder, 1497 uint64_t *ip); 1498extern pt_export int pt_qry_sync_backward(struct pt_query_decoder *decoder, 1499 uint64_t *ip); 1500 1501/** Manually synchronize an Intel PT query decoder. 1502 * 1503 * Synchronize \@decoder on the syncpoint at \@offset. There must be a PSB 1504 * packet at \@offset. 1505 * 1506 * If \@ip is not NULL, set it to last ip. 1507 * 1508 * Returns a non-negative pt_status_flag bit-vector on success, a negative error 1509 * code otherwise. 1510 * 1511 * Returns -pte_bad_opc if an unknown packet is encountered. 1512 * Returns -pte_bad_packet if an unknown packet payload is encountered. 1513 * Returns -pte_eos if \@offset lies outside of \@decoder's trace buffer. 1514 * Returns -pte_eos if \@decoder reaches the end of its trace buffer. 1515 * Returns -pte_invalid if \@decoder is NULL. 1516 * Returns -pte_nosync if there is no syncpoint at \@offset. 1517 */ 1518extern pt_export int pt_qry_sync_set(struct pt_query_decoder *decoder, 1519 uint64_t *ip, uint64_t offset); 1520 1521/** Get the current decoder position. 1522 * 1523 * Fills the current \@decoder position into \@offset. 1524 * 1525 * This is useful for reporting errors. 1526 * 1527 * Returns zero on success, a negative error code otherwise. 1528 * 1529 * Returns -pte_invalid if \@decoder or \@offset is NULL. 1530 * Returns -pte_nosync if \@decoder is out of sync. 1531 */ 1532extern pt_export int pt_qry_get_offset(const struct pt_query_decoder *decoder, 1533 uint64_t *offset); 1534 1535/** Get the position of the last synchronization point. 1536 * 1537 * Fills the last synchronization position into \@offset. 1538 * 1539 * This is useful for splitting a trace stream for parallel decoding. 1540 * 1541 * Returns zero on success, a negative error code otherwise. 1542 * 1543 * Returns -pte_invalid if \@decoder or \@offset is NULL. 1544 * Returns -pte_nosync if \@decoder is out of sync. 1545 */ 1546extern pt_export int 1547pt_qry_get_sync_offset(const struct pt_query_decoder *decoder, 1548 uint64_t *offset); 1549 1550/* Return a pointer to \@decoder's configuration. 1551 * 1552 * Returns a non-null pointer on success, NULL if \@decoder is NULL. 1553 */ 1554extern pt_export const struct pt_config * 1555pt_qry_get_config(const struct pt_query_decoder *decoder); 1556 1557/** Query whether the next unconditional branch has been taken. 1558 * 1559 * On success, provides 1 (taken) or 0 (not taken) in \@taken for the next 1560 * conditional branch and updates \@decoder. 1561 * 1562 * Returns a non-negative pt_status_flag bit-vector on success, a negative error 1563 * code otherwise. 1564 * 1565 * Returns -pte_bad_opc if an unknown packet is encountered. 1566 * Returns -pte_bad_packet if an unknown packet payload is encountered. 1567 * Returns -pte_bad_query if no conditional branch is found. 1568 * Returns -pte_eos if decoding reached the end of the Intel PT buffer. 1569 * Returns -pte_invalid if \@decoder or \@taken is NULL. 1570 * Returns -pte_nosync if \@decoder is out of sync. 1571 */ 1572extern pt_export int pt_qry_cond_branch(struct pt_query_decoder *decoder, 1573 int *taken); 1574 1575/** Get the next indirect branch destination. 1576 * 1577 * On success, provides the linear destination address of the next indirect 1578 * branch in \@ip and updates \@decoder. 1579 * 1580 * Returns a non-negative pt_status_flag bit-vector on success, a negative error 1581 * code otherwise. 1582 * 1583 * Returns -pte_bad_opc if an unknown packet is encountered. 1584 * Returns -pte_bad_packet if an unknown packet payload is encountered. 1585 * Returns -pte_bad_query if no indirect branch is found. 1586 * Returns -pte_eos if decoding reached the end of the Intel PT buffer. 1587 * Returns -pte_invalid if \@decoder or \@ip is NULL. 1588 * Returns -pte_nosync if \@decoder is out of sync. 1589 */ 1590extern pt_export int pt_qry_indirect_branch(struct pt_query_decoder *decoder, 1591 uint64_t *ip); 1592 1593/** Query the next pending event. 1594 * 1595 * On success, provides the next event \@event and updates \@decoder. 1596 * 1597 * The \@size argument must be set to sizeof(struct pt_event). 1598 * 1599 * Returns a non-negative pt_status_flag bit-vector on success, a negative error 1600 * code otherwise. 1601 * 1602 * Returns -pte_bad_opc if an unknown packet is encountered. 1603 * Returns -pte_bad_packet if an unknown packet payload is encountered. 1604 * Returns -pte_bad_query if no event is found. 1605 * Returns -pte_eos if decoding reached the end of the Intel PT buffer. 1606 * Returns -pte_invalid if \@decoder or \@event is NULL. 1607 * Returns -pte_invalid if \@size is too small. 1608 * Returns -pte_nosync if \@decoder is out of sync. 1609 */ 1610extern pt_export int pt_qry_event(struct pt_query_decoder *decoder, 1611 struct pt_event *event, size_t size); 1612 1613/** Query the current time. 1614 * 1615 * On success, provides the time at the last query in \@time. 1616 * 1617 * The time is similar to what a rdtsc instruction would return. Depending 1618 * on the configuration, the time may not be fully accurate. If TSC is not 1619 * enabled, the time is relative to the last synchronization and can't be used 1620 * to correlate with other TSC-based time sources. In this case, -pte_no_time 1621 * is returned and the relative time is provided in \@time. 1622 * 1623 * Some timing-related packets may need to be dropped (mostly due to missing 1624 * calibration or incomplete configuration). To get an idea about the quality 1625 * of the estimated time, we record the number of dropped MTC and CYC packets. 1626 * 1627 * If \@lost_mtc is not NULL, set it to the number of lost MTC packets. 1628 * If \@lost_cyc is not NULL, set it to the number of lost CYC packets. 1629 * 1630 * Returns zero on success, a negative error code otherwise. 1631 * 1632 * Returns -pte_invalid if \@decoder or \@time is NULL. 1633 * Returns -pte_no_time if there has not been a TSC packet. 1634 */ 1635extern pt_export int pt_qry_time(struct pt_query_decoder *decoder, 1636 uint64_t *time, uint32_t *lost_mtc, 1637 uint32_t *lost_cyc); 1638 1639/** Return the current core bus ratio. 1640 * 1641 * On success, provides the current core:bus ratio in \@cbr. The ratio is 1642 * defined as core cycles per bus clock cycle. 1643 * 1644 * Returns zero on success, a negative error code otherwise. 1645 * 1646 * Returns -pte_invalid if \@decoder or \@cbr is NULL. 1647 * Returns -pte_no_cbr if there has not been a CBR packet. 1648 */ 1649extern pt_export int pt_qry_core_bus_ratio(struct pt_query_decoder *decoder, 1650 uint32_t *cbr); 1651 1652 1653 1654/* Traced image. */ 1655 1656 1657 1658/** An Intel PT address space identifier. 1659 * 1660 * This identifies a particular address space when adding file sections or 1661 * when reading memory. 1662 */ 1663struct pt_asid { 1664 /** The size of this object - set to sizeof(struct pt_asid). */ 1665 size_t size; 1666 1667 /** The CR3 value. */ 1668 uint64_t cr3; 1669 1670 /** The VMCS Base address. */ 1671 uint64_t vmcs; 1672}; 1673 1674/** An unknown CR3 value to be used for pt_asid objects. */ 1675static const uint64_t pt_asid_no_cr3 = 0xffffffffffffffffull; 1676 1677/** An unknown VMCS Base value to be used for pt_asid objects. */ 1678static const uint64_t pt_asid_no_vmcs = 0xffffffffffffffffull; 1679 1680/** Initialize an address space identifier. */ 1681static inline void pt_asid_init(struct pt_asid *asid) 1682{ 1683 asid->size = sizeof(*asid); 1684 asid->cr3 = pt_asid_no_cr3; 1685 asid->vmcs = pt_asid_no_vmcs; 1686} 1687 1688 1689/** A cache of traced image sections. */ 1690struct pt_image_section_cache; 1691 1692/** Allocate a traced memory image section cache. 1693 * 1694 * An optional \@name may be given to the cache. The name string is copied. 1695 * 1696 * Returns a new traced memory image section cache on success, NULL otherwise. 1697 */ 1698extern pt_export struct pt_image_section_cache * 1699pt_iscache_alloc(const char *name); 1700 1701/** Free a traced memory image section cache. 1702 * 1703 * The \@iscache must have been allocated with pt_iscache_alloc(). 1704 * The \@iscache must not be used after a successful return. 1705 */ 1706extern pt_export void pt_iscache_free(struct pt_image_section_cache *iscache); 1707 1708/** Set the image section cache limit. 1709 * 1710 * Set the limit for a section cache in bytes. A non-zero limit will keep the 1711 * least recently used sections mapped until the limit is reached. A limit of 1712 * zero disables caching. 1713 * 1714 * Returns zero on success, a negative pt_error_code otherwise. 1715 * Returns -pte_invalid if \@iscache is NULL. 1716 */ 1717extern pt_export int 1718pt_iscache_set_limit(struct pt_image_section_cache *iscache, uint64_t limit); 1719 1720/** Get the image section cache name. 1721 * 1722 * Returns a pointer to \@iscache's name or NULL if there is no name. 1723 */ 1724extern pt_export const char * 1725pt_iscache_name(const struct pt_image_section_cache *iscache); 1726 1727/** Add a new file section to the traced memory image section cache. 1728 * 1729 * Adds a new section consisting of \@size bytes starting at \@offset in 1730 * \@filename loaded at the virtual address \@vaddr if \@iscache does not 1731 * already contain such a section. 1732 * 1733 * Returns an image section identifier (isid) uniquely identifying that section 1734 * in \@iscache. 1735 * 1736 * The section is silently truncated to match the size of \@filename. 1737 * 1738 * Returns a positive isid on success, a negative error code otherwise. 1739 * 1740 * Returns -pte_invalid if \@iscache or \@filename is NULL. 1741 * Returns -pte_invalid if \@offset is too big. 1742 */ 1743extern pt_export int pt_iscache_add_file(struct pt_image_section_cache *iscache, 1744 const char *filename, uint64_t offset, 1745 uint64_t size, uint64_t vaddr); 1746 1747/** Read memory from a cached file section 1748 * 1749 * Reads \@size bytes of memory starting at virtual address \@vaddr in the 1750 * section identified by \@isid in \@iscache into \@buffer. 1751 * 1752 * The caller is responsible for allocating a \@buffer of at least \@size bytes. 1753 * 1754 * The read request may be truncated if it crosses section boundaries or if 1755 * \@size is getting too big. We support reading at least 4Kbyte in one chunk 1756 * unless the read would cross a section boundary. 1757 * 1758 * Returns the number of bytes read on success, a negative error code otherwise. 1759 * 1760 * Returns -pte_invalid if \@iscache or \@buffer is NULL. 1761 * Returns -pte_invalid if \@size is zero. 1762 * Returns -pte_nomap if \@vaddr is not contained in section \@isid. 1763 * Returns -pte_bad_image if \@iscache does not contain \@isid. 1764 */ 1765extern pt_export int pt_iscache_read(struct pt_image_section_cache *iscache, 1766 uint8_t *buffer, uint64_t size, int isid, 1767 uint64_t vaddr); 1768 1769/** The traced memory image. */ 1770struct pt_image; 1771 1772 1773/** Allocate a traced memory image. 1774 * 1775 * An optional \@name may be given to the image. The name string is copied. 1776 * 1777 * Returns a new traced memory image on success, NULL otherwise. 1778 */ 1779extern pt_export struct pt_image *pt_image_alloc(const char *name); 1780 1781/** Free a traced memory image. 1782 * 1783 * The \@image must have been allocated with pt_image_alloc(). 1784 * The \@image must not be used after a successful return. 1785 */ 1786extern pt_export void pt_image_free(struct pt_image *image); 1787 1788/** Get the image name. 1789 * 1790 * Returns a pointer to \@image's name or NULL if there is no name. 1791 */ 1792extern pt_export const char *pt_image_name(const struct pt_image *image); 1793 1794/** Add a new file section to the traced memory image. 1795 * 1796 * Adds \@size bytes starting at \@offset in \@filename. The section is 1797 * loaded at the virtual address \@vaddr in the address space \@asid. 1798 * 1799 * The \@asid may be NULL or (partially) invalid. In that case only the valid 1800 * fields are considered when comparing with other address-spaces. Use this 1801 * when tracing a single process or when adding sections to all processes. 1802 * 1803 * The section is silently truncated to match the size of \@filename. 1804 * 1805 * Existing sections that would overlap with the new section will be shrunk 1806 * or split. 1807 * 1808 * Returns zero on success, a negative error code otherwise. 1809 * 1810 * Returns -pte_invalid if \@image or \@filename is NULL. 1811 * Returns -pte_invalid if \@offset is too big. 1812 */ 1813extern pt_export int pt_image_add_file(struct pt_image *image, 1814 const char *filename, uint64_t offset, 1815 uint64_t size, 1816 const struct pt_asid *asid, 1817 uint64_t vaddr); 1818 1819/** Add a section from an image section cache. 1820 * 1821 * Add the section from \@iscache identified by \@isid in address space \@asid. 1822 * 1823 * Existing sections that would overlap with the new section will be shrunk 1824 * or split. 1825 * 1826 * Returns zero on success, a negative error code otherwise. 1827 * Returns -pte_invalid if \@image or \@iscache is NULL. 1828 * Returns -pte_bad_image if \@iscache does not contain \@isid. 1829 */ 1830extern pt_export int pt_image_add_cached(struct pt_image *image, 1831 struct pt_image_section_cache *iscache, 1832 int isid, const struct pt_asid *asid); 1833 1834/** Copy an image. 1835 * 1836 * Adds all sections from \@src to \@image. Sections that could not be added 1837 * will be ignored. 1838 * 1839 * Returns the number of ignored sections on success, a negative error code 1840 * otherwise. 1841 * 1842 * Returns -pte_invalid if \@image or \@src is NULL. 1843 */ 1844extern pt_export int pt_image_copy(struct pt_image *image, 1845 const struct pt_image *src); 1846 1847/** Remove all sections loaded from a file. 1848 * 1849 * Removes all sections loaded from \@filename from the address space \@asid. 1850 * Specify the same \@asid that was used for adding sections from \@filename. 1851 * 1852 * Returns the number of removed sections on success, a negative error code 1853 * otherwise. 1854 * 1855 * Returns -pte_invalid if \@image or \@filename is NULL. 1856 */ 1857extern pt_export int pt_image_remove_by_filename(struct pt_image *image, 1858 const char *filename, 1859 const struct pt_asid *asid); 1860 1861/** Remove all sections loaded into an address space. 1862 * 1863 * Removes all sections loaded into \@asid. Specify the same \@asid that was 1864 * used for adding sections. 1865 * 1866 * Returns the number of removed sections on success, a negative error code 1867 * otherwise. 1868 * 1869 * Returns -pte_invalid if \@image is NULL. 1870 */ 1871extern pt_export int pt_image_remove_by_asid(struct pt_image *image, 1872 const struct pt_asid *asid); 1873 1874/** A read memory callback function. 1875 * 1876 * It shall read \@size bytes of memory from address space \@asid starting 1877 * at \@ip into \@buffer. 1878 * 1879 * It shall return the number of bytes read on success. 1880 * It shall return a negative pt_error_code otherwise. 1881 */ 1882typedef int (read_memory_callback_t)(uint8_t *buffer, size_t size, 1883 const struct pt_asid *asid, 1884 uint64_t ip, void *context); 1885 1886/** Set the memory callback for the traced memory image. 1887 * 1888 * Sets \@callback for reading memory. The callback is used for addresses 1889 * that are not found in file sections. The \@context argument is passed 1890 * to \@callback on each use. 1891 * 1892 * There can only be one callback at any time. A subsequent call will replace 1893 * the previous callback. If \@callback is NULL, the callback is removed. 1894 * 1895 * Returns -pte_invalid if \@image is NULL. 1896 */ 1897extern pt_export int pt_image_set_callback(struct pt_image *image, 1898 read_memory_callback_t *callback, 1899 void *context); 1900 1901 1902 1903/* Instruction flow decoder. */ 1904 1905 1906 1907/** The instruction class. 1908 * 1909 * We provide only a very coarse classification suitable for reconstructing 1910 * the execution flow. 1911 */ 1912enum pt_insn_class { 1913 /* The instruction could not be classified. */ 1914 ptic_error, 1915 1916 /* The instruction is something not listed below. */ 1917 ptic_other, 1918 1919 /* The instruction is a near (function) call. */ 1920 ptic_call, 1921 1922 /* The instruction is a near (function) return. */ 1923 ptic_return, 1924 1925 /* The instruction is a near unconditional jump. */ 1926 ptic_jump, 1927 1928 /* The instruction is a near conditional jump. */ 1929 ptic_cond_jump, 1930 1931 /* The instruction is a call-like far transfer. 1932 * E.g. SYSCALL, SYSENTER, or FAR CALL. 1933 */ 1934 ptic_far_call, 1935 1936 /* The instruction is a return-like far transfer. 1937 * E.g. SYSRET, SYSEXIT, IRET, or FAR RET. 1938 */ 1939 ptic_far_return, 1940 1941 /* The instruction is a jump-like far transfer. 1942 * E.g. FAR JMP. 1943 */ 1944 ptic_far_jump, 1945 1946 /* The instruction is a PTWRITE. */ 1947 ptic_ptwrite 1948}; 1949 1950/** The maximal size of an instruction. */ 1951enum { 1952 pt_max_insn_size = 15 1953}; 1954 1955/** A single traced instruction. */ 1956struct pt_insn { 1957 /** The virtual address in its process. */ 1958 uint64_t ip; 1959 1960 /** The image section identifier for the section containing this 1961 * instruction. 1962 * 1963 * A value of zero means that the section did not have an identifier. 1964 * The section was not added via an image section cache or the memory 1965 * was read via the read memory callback. 1966 */ 1967 int isid; 1968 1969 /** The execution mode. */ 1970 enum pt_exec_mode mode; 1971 1972 /** A coarse classification. */ 1973 enum pt_insn_class iclass; 1974 1975 /** The raw bytes. */ 1976 uint8_t raw[pt_max_insn_size]; 1977 1978 /** The size in bytes. */ 1979 uint8_t size; 1980 1981 /** A collection of flags giving additional information: 1982 * 1983 * - the instruction was executed speculatively. 1984 */ 1985 uint32_t speculative:1; 1986 1987 /** - this instruction is truncated in its image section. 1988 * 1989 * It starts in the image section identified by \@isid and continues 1990 * in one or more other sections. 1991 */ 1992 uint32_t truncated:1; 1993}; 1994 1995 1996/** Allocate an Intel PT instruction flow decoder. 1997 * 1998 * The decoder will work on the buffer defined in \@config, it shall contain 1999 * raw trace data and remain valid for the lifetime of the decoder. 2000 * 2001 * The decoder needs to be synchronized before it can be used. 2002 */ 2003extern pt_export struct pt_insn_decoder * 2004pt_insn_alloc_decoder(const struct pt_config *config); 2005 2006/** Free an Intel PT instruction flow decoder. 2007 * 2008 * This will destroy the decoder's default image. 2009 * 2010 * The \@decoder must not be used after a successful return. 2011 */ 2012extern pt_export void pt_insn_free_decoder(struct pt_insn_decoder *decoder); 2013 2014/** Synchronize an Intel PT instruction flow decoder. 2015 * 2016 * Search for the next synchronization point in forward or backward direction. 2017 * 2018 * If \@decoder has not been synchronized, yet, the search is started at the 2019 * beginning of the trace buffer in case of forward synchronization and at the 2020 * end of the trace buffer in case of backward synchronization. 2021 * 2022 * Returns zero or a positive value on success, a negative error code otherwise. 2023 * 2024 * Returns -pte_bad_opc if an unknown packet is encountered. 2025 * Returns -pte_bad_packet if an unknown packet payload is encountered. 2026 * Returns -pte_eos if no further synchronization point is found. 2027 * Returns -pte_invalid if \@decoder is NULL. 2028 */ 2029extern pt_export int pt_insn_sync_forward(struct pt_insn_decoder *decoder); 2030extern pt_export int pt_insn_sync_backward(struct pt_insn_decoder *decoder); 2031 2032/** Manually synchronize an Intel PT instruction flow decoder. 2033 * 2034 * Synchronize \@decoder on the syncpoint at \@offset. There must be a PSB 2035 * packet at \@offset. 2036 * 2037 * Returns zero or a positive value on success, a negative error code otherwise. 2038 * 2039 * Returns -pte_bad_opc if an unknown packet is encountered. 2040 * Returns -pte_bad_packet if an unknown packet payload is encountered. 2041 * Returns -pte_eos if \@offset lies outside of \@decoder's trace buffer. 2042 * Returns -pte_eos if \@decoder reaches the end of its trace buffer. 2043 * Returns -pte_invalid if \@decoder is NULL. 2044 * Returns -pte_nosync if there is no syncpoint at \@offset. 2045 */ 2046extern pt_export int pt_insn_sync_set(struct pt_insn_decoder *decoder, 2047 uint64_t offset); 2048 2049/** Get the current decoder position. 2050 * 2051 * Fills the current \@decoder position into \@offset. 2052 * 2053 * This is useful for reporting errors. 2054 * 2055 * Returns zero on success, a negative error code otherwise. 2056 * 2057 * Returns -pte_invalid if \@decoder or \@offset is NULL. 2058 * Returns -pte_nosync if \@decoder is out of sync. 2059 */ 2060extern pt_export int pt_insn_get_offset(const struct pt_insn_decoder *decoder, 2061 uint64_t *offset); 2062 2063/** Get the position of the last synchronization point. 2064 * 2065 * Fills the last synchronization position into \@offset. 2066 * 2067 * Returns zero on success, a negative error code otherwise. 2068 * 2069 * Returns -pte_invalid if \@decoder or \@offset is NULL. 2070 * Returns -pte_nosync if \@decoder is out of sync. 2071 */ 2072extern pt_export int 2073pt_insn_get_sync_offset(const struct pt_insn_decoder *decoder, 2074 uint64_t *offset); 2075 2076/** Get the traced image. 2077 * 2078 * The returned image may be modified as long as no decoder that uses this 2079 * image is running. 2080 * 2081 * Returns a pointer to the traced image the decoder uses for reading memory. 2082 * Returns NULL if \@decoder is NULL. 2083 */ 2084extern pt_export struct pt_image * 2085pt_insn_get_image(struct pt_insn_decoder *decoder); 2086 2087/** Set the traced image. 2088 * 2089 * Sets the image that \@decoder uses for reading memory to \@image. If \@image 2090 * is NULL, sets the image to \@decoder's default image. 2091 * 2092 * Only one image can be active at any time. 2093 * 2094 * Returns zero on success, a negative error code otherwise. 2095 * Return -pte_invalid if \@decoder is NULL. 2096 */ 2097extern pt_export int pt_insn_set_image(struct pt_insn_decoder *decoder, 2098 struct pt_image *image); 2099 2100/* Return a pointer to \@decoder's configuration. 2101 * 2102 * Returns a non-null pointer on success, NULL if \@decoder is NULL. 2103 */ 2104extern pt_export const struct pt_config * 2105pt_insn_get_config(const struct pt_insn_decoder *decoder); 2106 2107/** Return the current time. 2108 * 2109 * On success, provides the time at the last preceding timing packet in \@time. 2110 * 2111 * The time is similar to what a rdtsc instruction would return. Depending 2112 * on the configuration, the time may not be fully accurate. If TSC is not 2113 * enabled, the time is relative to the last synchronization and can't be used 2114 * to correlate with other TSC-based time sources. In this case, -pte_no_time 2115 * is returned and the relative time is provided in \@time. 2116 * 2117 * Some timing-related packets may need to be dropped (mostly due to missing 2118 * calibration or incomplete configuration). To get an idea about the quality 2119 * of the estimated time, we record the number of dropped MTC and CYC packets. 2120 * 2121 * If \@lost_mtc is not NULL, set it to the number of lost MTC packets. 2122 * If \@lost_cyc is not NULL, set it to the number of lost CYC packets. 2123 * 2124 * Returns zero on success, a negative error code otherwise. 2125 * 2126 * Returns -pte_invalid if \@decoder or \@time is NULL. 2127 * Returns -pte_no_time if there has not been a TSC packet. 2128 */ 2129extern pt_export int pt_insn_time(struct pt_insn_decoder *decoder, 2130 uint64_t *time, uint32_t *lost_mtc, 2131 uint32_t *lost_cyc); 2132 2133/** Return the current core bus ratio. 2134 * 2135 * On success, provides the current core:bus ratio in \@cbr. The ratio is 2136 * defined as core cycles per bus clock cycle. 2137 * 2138 * Returns zero on success, a negative error code otherwise. 2139 * 2140 * Returns -pte_invalid if \@decoder or \@cbr is NULL. 2141 * Returns -pte_no_cbr if there has not been a CBR packet. 2142 */ 2143extern pt_export int pt_insn_core_bus_ratio(struct pt_insn_decoder *decoder, 2144 uint32_t *cbr); 2145 2146/** Return the current address space identifier. 2147 * 2148 * On success, provides the current address space identifier in \@asid. 2149 * 2150 * The \@size argument must be set to sizeof(struct pt_asid). At most \@size 2151 * bytes will be copied and \@asid->size will be set to the actual size of the 2152 * provided address space identifier. 2153 * 2154 * Returns zero on success, a negative error code otherwise. 2155 * 2156 * Returns -pte_invalid if \@decoder or \@asid is NULL. 2157 */ 2158extern pt_export int pt_insn_asid(const struct pt_insn_decoder *decoder, 2159 struct pt_asid *asid, size_t size); 2160 2161/** Determine the next instruction. 2162 * 2163 * On success, provides the next instruction in execution order in \@insn. 2164 * 2165 * The \@size argument must be set to sizeof(struct pt_insn). 2166 * 2167 * Returns a non-negative pt_status_flag bit-vector on success, a negative error 2168 * code otherwise. 2169 * 2170 * Returns pts_eos to indicate the end of the trace stream. Subsequent calls 2171 * to pt_insn_next() will continue to return pts_eos until trace is required 2172 * to determine the next instruction. 2173 * 2174 * Returns -pte_bad_context if the decoder encountered an unexpected packet. 2175 * Returns -pte_bad_opc if the decoder encountered unknown packets. 2176 * Returns -pte_bad_packet if the decoder encountered unknown packet payloads. 2177 * Returns -pte_bad_query if the decoder got out of sync. 2178 * Returns -pte_eos if decoding reached the end of the Intel PT buffer. 2179 * Returns -pte_invalid if \@decoder or \@insn is NULL. 2180 * Returns -pte_nomap if the memory at the instruction address can't be read. 2181 * Returns -pte_nosync if \@decoder is out of sync. 2182 */ 2183extern pt_export int pt_insn_next(struct pt_insn_decoder *decoder, 2184 struct pt_insn *insn, size_t size); 2185 2186/** Get the next pending event. 2187 * 2188 * On success, provides the next event in \@event and updates \@decoder. 2189 * 2190 * The \@size argument must be set to sizeof(struct pt_event). 2191 * 2192 * Returns a non-negative pt_status_flag bit-vector on success, a negative error 2193 * code otherwise. 2194 * 2195 * Returns -pte_bad_query if there is no event. 2196 * Returns -pte_invalid if \@decoder or \@event is NULL. 2197 * Returns -pte_invalid if \@size is too small. 2198 */ 2199extern pt_export int pt_insn_event(struct pt_insn_decoder *decoder, 2200 struct pt_event *event, size_t size); 2201 2202 2203 2204/* Block decoder. */ 2205 2206 2207 2208/** A block of instructions. 2209 * 2210 * Instructions in this block are executed sequentially but are not necessarily 2211 * contiguous in memory. Users are expected to follow direct branches. 2212 */ 2213struct pt_block { 2214 /** The IP of the first instruction in this block. */ 2215 uint64_t ip; 2216 2217 /** The IP of the last instruction in this block. 2218 * 2219 * This can be used for error-detection. 2220 */ 2221 uint64_t end_ip; 2222 2223 /** The image section that contains the instructions in this block. 2224 * 2225 * A value of zero means that the section did not have an identifier. 2226 * The section was not added via an image section cache or the memory 2227 * was read via the read memory callback. 2228 */ 2229 int isid; 2230 2231 /** The execution mode for all instructions in this block. */ 2232 enum pt_exec_mode mode; 2233 2234 /** The instruction class for the last instruction in this block. 2235 * 2236 * This field may be set to ptic_error to indicate that the instruction 2237 * class is not available. The block decoder may choose to not provide 2238 * the instruction class in some cases for performance reasons. 2239 */ 2240 enum pt_insn_class iclass; 2241 2242 /** The number of instructions in this block. */ 2243 uint16_t ninsn; 2244 2245 /** The raw bytes of the last instruction in this block in case the 2246 * instruction does not fit entirely into this block's section. 2247 * 2248 * This field is only valid if \@truncated is set. 2249 */ 2250 uint8_t raw[pt_max_insn_size]; 2251 2252 /** The size of the last instruction in this block in bytes. 2253 * 2254 * This field is only valid if \@truncated is set. 2255 */ 2256 uint8_t size; 2257 2258 /** A collection of flags giving additional information about the 2259 * instructions in this block. 2260 * 2261 * - all instructions in this block were executed speculatively. 2262 */ 2263 uint32_t speculative:1; 2264 2265 /** - the last instruction in this block is truncated. 2266 * 2267 * It starts in this block's section but continues in one or more 2268 * other sections depending on how fragmented the memory image is. 2269 * 2270 * The raw bytes for the last instruction are provided in \@raw and 2271 * its size in \@size in this case. 2272 */ 2273 uint32_t truncated:1; 2274}; 2275 2276/** Allocate an Intel PT block decoder. 2277 * 2278 * The decoder will work on the buffer defined in \@config, it shall contain 2279 * raw trace data and remain valid for the lifetime of the decoder. 2280 * 2281 * The decoder needs to be synchronized before it can be used. 2282 */ 2283extern pt_export struct pt_block_decoder * 2284pt_blk_alloc_decoder(const struct pt_config *config); 2285 2286/** Free an Intel PT block decoder. 2287 * 2288 * This will destroy the decoder's default image. 2289 * 2290 * The \@decoder must not be used after a successful return. 2291 */ 2292extern pt_export void pt_blk_free_decoder(struct pt_block_decoder *decoder); 2293 2294/** Synchronize an Intel PT block decoder. 2295 * 2296 * Search for the next synchronization point in forward or backward direction. 2297 * 2298 * If \@decoder has not been synchronized, yet, the search is started at the 2299 * beginning of the trace buffer in case of forward synchronization and at the 2300 * end of the trace buffer in case of backward synchronization. 2301 * 2302 * Returns zero or a positive value on success, a negative error code otherwise. 2303 * 2304 * Returns -pte_bad_opc if an unknown packet is encountered. 2305 * Returns -pte_bad_packet if an unknown packet payload is encountered. 2306 * Returns -pte_eos if no further synchronization point is found. 2307 * Returns -pte_invalid if \@decoder is NULL. 2308 */ 2309extern pt_export int pt_blk_sync_forward(struct pt_block_decoder *decoder); 2310extern pt_export int pt_blk_sync_backward(struct pt_block_decoder *decoder); 2311 2312/** Manually synchronize an Intel PT block decoder. 2313 * 2314 * Synchronize \@decoder on the syncpoint at \@offset. There must be a PSB 2315 * packet at \@offset. 2316 * 2317 * Returns zero or a positive value on success, a negative error code otherwise. 2318 * 2319 * Returns -pte_bad_opc if an unknown packet is encountered. 2320 * Returns -pte_bad_packet if an unknown packet payload is encountered. 2321 * Returns -pte_eos if \@offset lies outside of \@decoder's trace buffer. 2322 * Returns -pte_eos if \@decoder reaches the end of its trace buffer. 2323 * Returns -pte_invalid if \@decoder is NULL. 2324 * Returns -pte_nosync if there is no syncpoint at \@offset. 2325 */ 2326extern pt_export int pt_blk_sync_set(struct pt_block_decoder *decoder, 2327 uint64_t offset); 2328 2329/** Get the current decoder position. 2330 * 2331 * Fills the current \@decoder position into \@offset. 2332 * 2333 * This is useful for reporting errors. 2334 * 2335 * Returns zero on success, a negative error code otherwise. 2336 * 2337 * Returns -pte_invalid if \@decoder or \@offset is NULL. 2338 * Returns -pte_nosync if \@decoder is out of sync. 2339 */ 2340extern pt_export int pt_blk_get_offset(const struct pt_block_decoder *decoder, 2341 uint64_t *offset); 2342 2343/** Get the position of the last synchronization point. 2344 * 2345 * Fills the last synchronization position into \@offset. 2346 * 2347 * Returns zero on success, a negative error code otherwise. 2348 * 2349 * Returns -pte_invalid if \@decoder or \@offset is NULL. 2350 * Returns -pte_nosync if \@decoder is out of sync. 2351 */ 2352extern pt_export int 2353pt_blk_get_sync_offset(const struct pt_block_decoder *decoder, 2354 uint64_t *offset); 2355 2356/** Get the traced image. 2357 * 2358 * The returned image may be modified as long as \@decoder is not running. 2359 * 2360 * Returns a pointer to the traced image \@decoder uses for reading memory. 2361 * Returns NULL if \@decoder is NULL. 2362 */ 2363extern pt_export struct pt_image * 2364pt_blk_get_image(struct pt_block_decoder *decoder); 2365 2366/** Set the traced image. 2367 * 2368 * Sets the image that \@decoder uses for reading memory to \@image. If \@image 2369 * is NULL, sets the image to \@decoder's default image. 2370 * 2371 * Only one image can be active at any time. 2372 * 2373 * Returns zero on success, a negative error code otherwise. 2374 * Return -pte_invalid if \@decoder is NULL. 2375 */ 2376extern pt_export int pt_blk_set_image(struct pt_block_decoder *decoder, 2377 struct pt_image *image); 2378 2379/* Return a pointer to \@decoder's configuration. 2380 * 2381 * Returns a non-null pointer on success, NULL if \@decoder is NULL. 2382 */ 2383extern pt_export const struct pt_config * 2384pt_blk_get_config(const struct pt_block_decoder *decoder); 2385 2386/** Return the current time. 2387 * 2388 * On success, provides the time at the last preceding timing packet in \@time. 2389 * 2390 * The time is similar to what a rdtsc instruction would return. Depending 2391 * on the configuration, the time may not be fully accurate. If TSC is not 2392 * enabled, the time is relative to the last synchronization and can't be used 2393 * to correlate with other TSC-based time sources. In this case, -pte_no_time 2394 * is returned and the relative time is provided in \@time. 2395 * 2396 * Some timing-related packets may need to be dropped (mostly due to missing 2397 * calibration or incomplete configuration). To get an idea about the quality 2398 * of the estimated time, we record the number of dropped MTC and CYC packets. 2399 * 2400 * If \@lost_mtc is not NULL, set it to the number of lost MTC packets. 2401 * If \@lost_cyc is not NULL, set it to the number of lost CYC packets. 2402 * 2403 * Returns zero on success, a negative error code otherwise. 2404 * 2405 * Returns -pte_invalid if \@decoder or \@time is NULL. 2406 * Returns -pte_no_time if there has not been a TSC packet. 2407 */ 2408extern pt_export int pt_blk_time(struct pt_block_decoder *decoder, 2409 uint64_t *time, uint32_t *lost_mtc, 2410 uint32_t *lost_cyc); 2411 2412/** Return the current core bus ratio. 2413 * 2414 * On success, provides the current core:bus ratio in \@cbr. The ratio is 2415 * defined as core cycles per bus clock cycle. 2416 * 2417 * Returns zero on success, a negative error code otherwise. 2418 * 2419 * Returns -pte_invalid if \@decoder or \@cbr is NULL. 2420 * Returns -pte_no_cbr if there has not been a CBR packet. 2421 */ 2422extern pt_export int pt_blk_core_bus_ratio(struct pt_block_decoder *decoder, 2423 uint32_t *cbr); 2424 2425/** Return the current address space identifier. 2426 * 2427 * On success, provides the current address space identifier in \@asid. 2428 * 2429 * The \@size argument must be set to sizeof(struct pt_asid). At most \@size 2430 * bytes will be copied and \@asid->size will be set to the actual size of the 2431 * provided address space identifier. 2432 * 2433 * Returns zero on success, a negative error code otherwise. 2434 * 2435 * Returns -pte_invalid if \@decoder or \@asid is NULL. 2436 */ 2437extern pt_export int pt_blk_asid(const struct pt_block_decoder *decoder, 2438 struct pt_asid *asid, size_t size); 2439 2440/** Determine the next block of instructions. 2441 * 2442 * On success, provides the next block of instructions in execution order in 2443 * \@block. 2444 * 2445 * The \@size argument must be set to sizeof(struct pt_block). 2446 * 2447 * Returns a non-negative pt_status_flag bit-vector on success, a negative error 2448 * code otherwise. 2449 * 2450 * Returns pts_eos to indicate the end of the trace stream. Subsequent calls 2451 * to pt_block_next() will continue to return pts_eos until trace is required 2452 * to determine the next instruction. 2453 * 2454 * Returns -pte_bad_context if the decoder encountered an unexpected packet. 2455 * Returns -pte_bad_opc if the decoder encountered unknown packets. 2456 * Returns -pte_bad_packet if the decoder encountered unknown packet payloads. 2457 * Returns -pte_bad_query if the decoder got out of sync. 2458 * Returns -pte_eos if decoding reached the end of the Intel PT buffer. 2459 * Returns -pte_invalid if \@decoder or \@block is NULL. 2460 * Returns -pte_nomap if the memory at the instruction address can't be read. 2461 * Returns -pte_nosync if \@decoder is out of sync. 2462 */ 2463extern pt_export int pt_blk_next(struct pt_block_decoder *decoder, 2464 struct pt_block *block, size_t size); 2465 2466/** Get the next pending event. 2467 * 2468 * On success, provides the next event in \@event and updates \@decoder. 2469 * 2470 * The \@size argument must be set to sizeof(struct pt_event). 2471 * 2472 * Returns a non-negative pt_status_flag bit-vector on success, a negative error 2473 * code otherwise. 2474 * 2475 * Returns -pte_bad_query if there is no event. 2476 * Returns -pte_invalid if \@decoder or \@event is NULL. 2477 * Returns -pte_invalid if \@size is too small. 2478 */ 2479extern pt_export int pt_blk_event(struct pt_block_decoder *decoder, 2480 struct pt_event *event, size_t size); 2481 2482#ifdef __cplusplus 2483} 2484#endif 2485 2486#endif /* INTEL_PT_H */ 2487