Be stricter on which functions we can probe with FBT. We now only check the

first instruction to see if it's either a pushm with lr, or a sub with sp.
The former is the common case, with the latter used with va_args.

This removes 12 probes. These are all hand-written assembly, with a few C
functions with no stack usage.

Submitted by:	Howard Su <howard0su@gmail.com>
Differential Revision:	https://reviews.freebsd.org/D4419

1 files changed, 13 insertions, 5 deletions

diff --git a/sys/cddl/dev/fbt/arm/fbt_isa.c b/sys/cddl/dev/fbt/arm/fbt_isa.c
index c3b6fca..0e948dd 100644
--- a/sys/cddl/dev/fbt/arm/fbt_isa.c
+++ b/sys/cddl/dev/fbt/arm/fbt_isa.c
@@ -35,6 +35,7 @@
 #include <sys/param.h>
 
 #include <sys/dtrace.h>
+#include <machine/stack.h>
 #include <machine/trap.h>
 
 #include "fbt.h"
@@ -42,6 +43,7 @@
 #define	FBT_PUSHM		0xe92d0000
 #define	FBT_POPM		0xe8bd0000
 #define	FBT_JUMP		0xea000000
+#define	FBT_SUBSP		0xe24dd000
 
 #define	FBT_ENTRY	"entry"
 #define	FBT_RETURN	"return"
@@ -111,12 +113,18 @@ fbt_provide_module_function(linker_file_t lf, int symindx,
 	instr = (uint32_t *)symval->value;
 	limit = (uint32_t *)(symval->value + symval->size);
 
-	for (; instr < limit; instr++)
-		if ((*instr & 0xffff0000) == FBT_PUSHM &&
-		    (*instr & 0x4000) != 0)
-			break;
+	/*
+	 * va_arg functions has first instruction of
+	 * sub sp, sp, #?
+	 */
+	if ((*instr & 0xfffff000) == FBT_SUBSP)
+		instr++;
 
-	if (instr >= limit)
+	/*
+	 * check if insn is a pushm with LR
+	 */
+	if ((*instr & 0xffff0000) != FBT_PUSHM ||
+	    (*instr & (1 << LR)) == 0)
 		return (0);
 
 	fbt = malloc(sizeof (fbt_probe_t), M_FBT, M_WAITOK | M_ZERO);