Reuse the fd_clone() API to associate kcov descriptors (KD) with a file
descriptor. Each fd (/dev/kcov) can be reused for a single LWP.
Add new ATF regression tests and cleanup existing code there. All tests
pass.
Refresh the kcov(4) man page documentation.
Developed with help from <maxv>.
Transform original tests into new ones:
- fork_singalmasked
- fork_singalignored
- vfork_singalmasked
- vfork_singalignored
- vforkdone_singalmasked
- vforkdone_singalignored
All the signalignored ones pass, the remaining ones of them fail.
- Reorder it, to match the CPU encoding. This is the universal order,
also used by Qemu. Drop the seg_to_nvmm[] tables.
- Compress it. This divides its size by two.
- Rename some of its fields, to better match the x86 spec. Also, take S
out of Type, this was a NetBSD-ism that was likely confusing to other
people.
New macros prefer 64-bit atomic operations whenever accessible.
As a fallback they use volatile move operations that are not known
to have negative effect in KCOV even if interrupted in the middle of
operation.
Enable kcov_basic and kcov_thread tests on targets without
__HAVE_ATOMIC64_OPS.
Restrict the 64-bit atomics to ports defining __HAVE_ATOMIC64_OPS.
Using 64-bit atomics is still good for i586 fuzzing, but the tests are
build for earlier CPUs. This makes this code to be disabled in i386 builds.
There is a similar situation with few other ports that offer 64-bit atomics
in certain CPU models and ABIs.
The KCOV driver implements collection of code coverage inside the kernel.
It can be enabled on a per process basis from userland, allowing the kernel
program counter to be collected during syscalls triggered by the same
process.
The device is oriented towards kernel fuzzers, in particular syzkaller.
Currently the only supported coverage type is -fsanitize-coverage=trace-pc.
The KCOV driver was initially developed in Linux. A driver based on the
same concept was then implemented in FreeBSD and OpenBSD.
Documentation is borrowed from OpenBSD and ATF tests from FreeBSD.
This patch has been prepared by Siddharth Muralee, improved by <maxv>
and polished by myself before importing into the mainline tree.
All ATF tests pass.
New tests:
- unrelated_tracer_sees_signalmasked_crash_trap
- unrelated_tracer_sees_signalmasked_crash_segv
- unrelated_tracer_sees_signalmasked_crash_ill
- unrelated_tracer_sees_signalmasked_crash_fpe
- unrelated_tracer_sees_signalmasked_crash_bus
- unrelated_tracer_sees_signalignored_crash_trap
- unrelated_tracer_sees_signalignored_crash_segv
- unrelated_tracer_sees_signalignored_crash_ill
- unrelated_tracer_sees_signalignored_crash_fpe
- unrelated_tracer_sees_signalignored_crash_bus
All these tests are failing with the current kernel.
Add traceme_vfork_signalmasked_crash and traceme_vfork_signalignored_crash
tests for crash signals (SIGTRAP, SIGSEGV, SIGILL, SIGFPE, SIGBUS).
These new scenario assert that signal masked/ignored are delivered to
vfork(2)ed child.
All tests pass.
Check whether sigignore is not reset on a trapsignal under a debugger.
The expected behavior is to not reset it. A side effect of resetting
signal mask is noticable especially with a software/hardware breakpoint
that changes state of a process.
Mark these tests as failing.
Check whether signal mask is not reset on a trapsignal under a debugger.
The expected behavior is to not reset it. A side effect of resetting
signal mask is noticable especially with a software/hardware breakpoint
that changes state of a process.
Mark these tests as failing.
Fix the kernel pty driver to report closed slave via master's kevent
EVFILT_READ. This behavior matches the behavior for pipes, is
consistent with how FreeBSD implements it and is relied upon by LLDB's
main loop implementation.
Includes feedback by kre and kamil (from tech-kern), commit approved
by kamil.
New tests verify that crashes (from trap signals) are delivered to tracer
regardless of the signal masking or signal ignoring option enabled in the
traced child.
All tests pass.
In close future these tests will obtain additional asserts.
Verify that ignoring (with SIG_IGN) in tracee
does not stop tracer from catching this raised signal.
Cover crash signals and already covered ones in other tests.
All tests pass.
Add new tests traceme_raisesignal_masked[1-8].
New tests to verify that masking (with SIG_BLOCK) signal in tracee
stops tracer from catching this raised signal. Masked crash signals are
invisible to tracer as well.
All tests pass.
Verify correct behavior of crash signals (SIGTRAP, SIGBUS, SIGILL, SIGFPE,
SIGSEGV) in existing test scenarios:
- traceme_raise
- traceme_sendsignal_handle
- traceme_sendsignal_masked
- traceme_sendsignal_ignored
- traceme_sendsignal_simple
- traceme_vfork_raise
These tests verify signals out of the context of CPU trap. These new tests
will help to retain expected behavior in future changes in semantics of
the trapsignals in the kernel.
New tests:
- trace_thread1
- trace_thread2
- trace_thread3
- trace_thread4
These tests verify _lwp_create(2) and _lwp_exit(2) events. They are
currently skipped as not reliable.
The siginfo group of ptrace(2) tests has been replaced with new individual
tests or merged into existing ones. This is the last siginfo* test that
has been renamed.
New name: traceme_exec.
Drop test siginfo1 as duplicated with earlier tests.
Rework and rename siginfo2 and siginfo3 into a single test body.
New tests:
- siginfo_set_unmodified (replaces siginfo2)
- siginfo_set_faked (replaces siginfo3)
All new tests pass.
There were tested few scenarios with native _lwp_create(2) functions, using
this interface is not needed and it's easier to manage tests with
high-level pthread(3) API.
Rewrite original lwpinfo1 and lwpinfo2 tests into 8 new tests:
- traceme_lwpinfo0 (0 spawned additional threads)
- traceme_lwpinfo1 (1 spawned additional thread)
- traceme_lwpinfo2 (2 spawned additional threads)
- traceme_lwpinfo3 (3 spawned additional threads)
- attach_lwpinfo0 (0 spawned additional threads)
- attach_lwpinfo1 (1 spawned additional thread)
- attach_lwpinfo2 (2 spawned additional threads)
- attach_lwpinfo3 (3 spawned additional threads)
These tests verify primarily the PT_LWPINFO interface.
Build the t_ptrace_wait* tests with -pthread.
All tests pass.
Drop original scenario of kill1 (PT_CONTINUE(SIGKILL)) as it duplicates
traceme_sendsignal_simple1.
New kill tests:
- kill1: ptrace(PT_KILL) (previously kill2)
- kill2: kill(SIGKILL)
- kill3: killpg(SIGKILL)
All kill* tests share the same function body.
All tests pass.
This change deduplicates the code and puts all the test into shared
function body.
No functional change except ranaming tests regs* to access_regs* and
fpregs* to access_fpregs*.