Before Linux kernel commit 4e57a4ddf6b0 ("ARM: 9107/1: syscall: always
store thread_info->abi_syscall") (in v5.15), on Arm, the syscall number
in /proc/<pid>/syscall is unreliable unless the process is being traced.
fork_and_sigwait() relies on this to detect when the created process has
scheduled out for good. Instead, we can have the created process raise
SIGSTOP and wait for it to be stopped. This is simpler and also doesn't
require us to care about the sigwait syscall numbers. While we're
reworking it, let's also consolidate it with fork_and_call().
test_task_state_to_char() can't use the new function because it wants
the function to sleep, then stop, then die, but it's easy enough to
open-code that one special case.
Signed-off-by: Omar Sandoval <osandov@osandov.com>
elfutils commit c1c1c06e30f0 ("libebl: Add ebl_func_addr_mask plus ARM
backend implementation.") has a bug that I haven't gotten around to
fixing: it masks the least significant bit of all symbol values, not
just function symbol values. This breaks the get_kconfig() helper: if
the kernel_config_data_end symbol value is odd, then the length of the
compressed config data is truncated by one byte and gzip decompression
fails. Disable the test on Arm until we get it fixed.
Signed-off-by: Omar Sandoval <osandov@osandov.com>
The drgn_test module build started failing on Linux 4.9 on AArch64 again
(maybe because of the new config options?). Add more arch/arm headers
that were being referenced from arch/arm64.
Signed-off-by: Omar Sandoval <osandov@osandov.com>
A few older kernel versions are missing the .debug_frame section because
the compiler is generating .eh_frame instead, only for it to get
discarded by the linker script. Backport a patch to disable .eh_frame
generation to the kernel versions that we care about.
Signed-off-by: Omar Sandoval <osandov@osandov.com>
If an exception is raised after QEMU is started, then the
subprocess.Popen context manager waits for the QEMU process to exit,
which it likely never will. If vmtest.vm gets killed with SIGTERM, the
QEMU process continues running. Fix both of these issues by terminating
the QEMU process if there is an exception and adding a signal handler
for SIGTERM to exit gracefully.
Signed-off-by: Omar Sandoval <osandov@osandov.com>
It can be confusing and misleading to see a FaultError for a strange
address that is actually physical.
Signed-off-by: Omar Sandoval <osandov@osandov.com>
Like fork_and_sigwait(), but returns the called function's return value,
and only waits for the function to return, not sigwait.
Signed-off-by: Omar Sandoval <osandov@osandov.com>
In this mode, we print the paths of the referenced files. Now that we
have multiple "checks" we're doing, also add an option to enable or
disable specific checks.
Signed-off-by: Omar Sandoval <osandov@osandov.com>
Apparently the kernel starts the init process with stdin and stdout set
to /dev/console, which cannot be a controlling tty, which is required
for stuff like Ctrl-C and shell job control to work. This can apparently
be worked around with setsid -c; see
https://github.com/systemd/systemd/issues/1431#issuecomment-393347607.
Signed-off-by: Omar Sandoval <osandov@osandov.com>
CONFIG_UPROBE_EVENTS was called CONFIG_UPROBE_EVENT before Linux 4.11.
Also enable CONFIG_DNOTIFY, CONFIG_FANOTIFY, and CONFIG_PERF_EVENTS
explicitly for the future.
Signed-off-by: Omar Sandoval <osandov@osandov.com>
I ran into plists in the swap code, but they're also used in the
real-time scheduler and futexes. The helpers are trivial wrappers around
the list helpers.
Signed-off-by: Omar Sandoval <osandov@osandov.com>
I missed this option in commit 45a2f32379 ("vmtest.config: enable
config options for upcoming tool"). Also alphabetize the options
properly.
Signed-off-by: Omar Sandoval <osandov@osandov.com>
With #361 and #385 fixed, we can build on Python 3.13. Since it's still
in alpha, there could be new breakages, but at least we'll catch them
promptly.
Signed-off-by: Omar Sandoval <osandov@osandov.com>
Python 3.13.0a4 added a new public function, PyLong_AsNativeBytes(), to
replace the private _PyLong_AsByteArray(). It also modified the
signature of _PyLong_AsByteArray(). Let's use PyLong_AsNativeBytes()
when it's available. (PyLong_AsNativeBytes() also has the exact overflow
behavior we wanted, so it's a win-win.)
Closes#385.
Signed-off-by: Omar Sandoval <osandov@osandov.com>
My elfutils patches to support .dwp files were just merged and included
in release 0.191. libdw does all of the heavy lifting, we just need to
apply the section offsets when we parse DWARF ourselves. We still need
to support older versions of elfutils, so add a stub.
Closes#317.
Signed-off-by: Omar Sandoval <osandov@osandov.com>
Type units don't have a skeleton unit, so we need to walk over all of
the units in the split DWARF file to find them. Instead of doing this in
a second pass, rework drgn_dwarf_index_read_cus(): instead of
substituting skeleton units with their respective split units, call
drgn_dwarf_index_read_cus() recursively on the split DWARF file.
Signed-off-by: Omar Sandoval <osandov@osandov.com>
My team and I have investigated many issues that turned out to be caused
by a stray reference to a file or filesystem, either by user error or
due to a kernel bug. Userspace tools like lsof and fuser can't find all
of these. This adds a drgn-based tool similar to lsof/fuser. This
initial version only checks the basics: file descriptors, task working
directories, task root directories, task executables, and VMAs. Upcoming
changes will check additional, more obscure places.
Signed-off-by: Omar Sandoval <osandov@osandov.com>
Now that we enable CONFIG_VIRTIO_BLK in our kconfig, there's no need to
use a loop device. Configure a virtio-blk device in vmtest.vm so that
the block helper tests have a disk to test with.
Signed-off-by: Omar Sandoval <osandov@osandov.com>
Add the tools directory to the mypy pre-commit configuration.
bpf_inspect.py has a bunch of mypy errors, so we'll opt it out for now.
Signed-off-by: Omar Sandoval <osandov@osandov.com>
_follow_mount(), used by path_lookup(), was also affected by the
mnt_list change in 6.8. We can sidestep it by using the mount's list of
children mounts instead.
Signed-off-by: Omar Sandoval <osandov@osandov.com>
Starting with kernel v6.8 the mnt_list int struct mnt_namespace git
converted to a rb-tree.
Reflect this change in drgn's for_each_mount() helper.
Signed-off-by: Johannes Thumshirn <johannes.thumshirn@wdc.com>
The list of children for a dentry was changed to an hlist with different
field names for both the anchor and entries.
Signed-off-by: Omar Sandoval <osandov@osandov.com>
It's not uncommon to need to catch FaultError in the CLI. Josef Bacik
complained that he often forgets to import it when he needs it, so let's
do it by default.
Signed-off-by: Omar Sandoval <osandov@osandov.com>
It's nice running without root/sudo, and it's also nice not needing to
enable an extra repository to install Docker.
Signed-off-by: Omar Sandoval <osandov@osandov.com>
_PyDict_GetItemIdWithError() and _PyDict_SetItemId() have
straightforward replacements, so no need to fight this upstream.
Closes#361.
Signed-off-by: Omar Sandoval <osandov@osandov.com>
We never free drgn_type::template_parameters.
Fixes: 352c31e1ac ("Add support for C++ template parameters")
Signed-off-by: Omar Sandoval <osandov@osandov.com>
In tag-based KASAN modes, TCR_EL1.TBI1 is enabled, which causes the
top 8 bits of virtual addresses to be ignored for address translation
purposes. Do the same when reading from memory. There is no harm in doing
so unconditionally, as the architecture does not support >56 bit VA sizes.
Signed-off-by: Peter Collingbourne <pcc@google.com>
This function is useful when you only have a list of PCs
and not the full stack trace, for example when working with
the stack depot.
Signed-off-by: Peter Collingbourne <pcc@google.com>