1 #include <darwintest.h>
2 #include <darwintest_utils.h>
3 #include <darwintest_multiprocess.h>
4 #include <kern/debug.h>
5 #include <kern/kern_cdata.h>
6 #include <kern/block_hint.h>
9 #include <mach-o/dyld.h>
10 #include <mach-o/dyld_images.h>
11 #include <mach-o/dyld_priv.h>
12 #include <sys/syscall.h>
13 #include <sys/stackshot.h>
14 #include <uuid/uuid.h>
15 #include <servers/bootstrap.h>
16 #include <pthread/workqueue_private.h>
17 #include <dispatch/private.h>
21 T_META_NAMESPACE("xnu.stackshot"),
22 T_META_CHECK_LEAKS(false),
26 static const char *current_process_name(void);
27 static void verify_stackshot_sharedcache_layout(struct dyld_uuid_info_64 *uuids, uint32_t uuid_count);
28 static void parse_stackshot(uint64_t stackshot_parsing_flags, void *ssbuf, size_t sslen, NSDictionary *extra);
29 static void parse_thread_group_stackshot(void **sbuf, size_t sslen);
30 static uint64_t stackshot_timestamp(void *ssbuf, size_t sslen);
31 static void initialize_thread(void);
33 static uint64_t global_flags = 0;
35 #define DEFAULT_STACKSHOT_BUFFER_SIZE (1024 * 1024)
36 #define MAX_STACKSHOT_BUFFER_SIZE (6 * 1024 * 1024)
38 #define SRP_SERVICE_NAME "com.apple.xnu.test.stackshot.special_reply_port"
40 /* bit flags for parse_stackshot */
41 #define PARSE_STACKSHOT_DELTA 0x01
42 #define PARSE_STACKSHOT_ZOMBIE 0x02
43 #define PARSE_STACKSHOT_SHAREDCACHE_LAYOUT 0x04
44 #define PARSE_STACKSHOT_DISPATCH_QUEUE_LABEL 0x08
45 #define PARSE_STACKSHOT_TURNSTILEINFO 0x10
46 #define PARSE_STACKSHOT_POSTEXEC 0x20
47 #define PARSE_STACKSHOT_WAITINFO_CSEG 0x40
48 #define PARSE_STACKSHOT_WAITINFO_SRP 0x80
49 #define PARSE_STACKSHOT_TRANSLATED 0x100
50 #define PARSE_STACKSHOT_SHAREDCACHE_FLAGS 0x200
52 /* keys for 'extra' dictionary for parse_stackshot */
53 static const NSString* zombie_child_pid_key = @"zombie_child_pid"; // -> @(pid), required for PARSE_STACKSHOT_ZOMBIE
54 static const NSString* postexec_child_unique_pid_key = @"postexec_child_unique_pid"; // -> @(unique_pid), required for PARSE_STACKSHOT_POSTEXEC
55 static const NSString* cseg_expected_threadid_key = @"cseg_expected_threadid"; // -> @(tid), required for PARSE_STACKSHOT_WAITINFO_CSEG
56 static const NSString* srp_expected_threadid_key = @"srp_expected_threadid"; // -> @(tid), this or ..._pid required for PARSE_STACKSHOT_WAITINFO_SRP
57 static const NSString* srp_expected_pid_key = @"srp_expected_pid"; // -> @(pid), this or ..._threadid required for PARSE_STACKSHOT_WAITINFO_SRP
58 static const NSString* translated_child_pid_key = @"translated_child_pid"; // -> @(pid), required for PARSE_STACKSHOT_TRANSLATED
59 static const NSString* sharedcache_child_pid_key = @"sharedcache_child_pid"; // @(pid), required for PARSE_STACKSHOT_SHAREDCACHE_FLAGS
60 static const NSString* sharedcache_child_sameaddr_key = @"sharedcache_child_sameaddr"; // @(0 or 1), required for PARSE_STACKSHOT_SHAREDCACHE_FLAGS
62 #define TEST_STACKSHOT_QUEUE_LABEL "houston.we.had.a.problem"
63 #define TEST_STACKSHOT_QUEUE_LABEL_LENGTH sizeof(TEST_STACKSHOT_QUEUE_LABEL)
65 T_DECL(microstackshots, "test the microstackshot syscall")
68 unsigned int size = DEFAULT_STACKSHOT_BUFFER_SIZE;
72 T_QUIET; T_ASSERT_NOTNULL(buf, "allocated stackshot buffer");
74 #pragma clang diagnostic push
75 #pragma clang diagnostic ignored "-Wdeprecated-declarations"
76 int len = syscall(SYS_microstackshot, buf, size,
77 (uint32_t) STACKSHOT_GET_MICROSTACKSHOT);
78 #pragma clang diagnostic pop
80 T_SKIP("microstackshot syscall failed, likely not compiled with CONFIG_TELEMETRY");
82 if (len == -1 && errno == ENOSPC) {
83 /* syscall failed because buffer wasn't large enough, try again */
87 T_ASSERT_LE(size, (unsigned int)MAX_STACKSHOT_BUFFER_SIZE,
88 "growing stackshot buffer to sane size");
91 T_ASSERT_POSIX_SUCCESS(len, "called microstackshot syscall");
95 T_EXPECT_EQ(*(uint32_t *)buf,
96 (uint32_t)STACKSHOT_MICRO_SNAPSHOT_MAGIC,
97 "magic value for microstackshot matches");
107 bool maybe_unsupported;
109 uint64_t since_timestamp;
111 dt_stat_time_t timer;
115 quiet(struct scenario *scenario)
117 if (scenario->timer || scenario->quiet) {
123 take_stackshot(struct scenario *scenario, bool compress_ok, void (^cb)(void *buf, size_t size))
128 void *config = stackshot_config_create();
130 T_ASSERT_NOTNULL(config, "created stackshot config");
132 int ret = stackshot_config_set_flags(config, scenario->flags | global_flags);
134 T_ASSERT_POSIX_ZERO(ret, "set flags %#llx on stackshot config", scenario->flags);
136 if (scenario->size_hint > 0) {
137 ret = stackshot_config_set_size_hint(config, scenario->size_hint);
139 T_ASSERT_POSIX_ZERO(ret, "set size hint %" PRIu32 " on stackshot config",
140 scenario->size_hint);
143 if (scenario->target_pid > 0) {
144 ret = stackshot_config_set_pid(config, scenario->target_pid);
146 T_ASSERT_POSIX_ZERO(ret, "set target pid %d on stackshot config",
147 scenario->target_pid);
150 if (scenario->since_timestamp > 0) {
151 ret = stackshot_config_set_delta_timestamp(config, scenario->since_timestamp);
153 T_ASSERT_POSIX_ZERO(ret, "set since timestamp %" PRIu64 " on stackshot config",
154 scenario->since_timestamp);
157 int retries_remaining = 5;
160 uint64_t start_time = mach_absolute_time();
161 ret = stackshot_capture_with_config(config);
162 uint64_t end_time = mach_absolute_time();
164 if (scenario->should_fail) {
166 T_ASSERT_POSIX_ZERO(ret, "called stackshot_capture_with_config");
170 if (ret == EBUSY || ret == ETIMEDOUT) {
171 if (retries_remaining > 0) {
172 if (!scenario->timer) {
173 T_LOG("stackshot_capture_with_config failed with %s (%d), retrying",
180 T_ASSERT_POSIX_ZERO(ret,
181 "called stackshot_capture_with_config (no retries remaining)");
183 } else if ((ret == ENOTSUP) && scenario->maybe_unsupported) {
184 T_SKIP("kernel indicated this stackshot configuration is not supported");
187 T_ASSERT_POSIX_ZERO(ret, "called stackshot_capture_with_config");
190 if (scenario->timer) {
191 dt_stat_mach_time_add(scenario->timer, end_time - start_time);
193 void *buf = stackshot_config_get_stackshot_buffer(config);
194 size_t size = stackshot_config_get_stackshot_size(config);
195 if (scenario->name) {
196 char sspath[MAXPATHLEN];
197 strlcpy(sspath, scenario->name, sizeof(sspath));
198 strlcat(sspath, ".kcdata", sizeof(sspath));
199 T_QUIET; T_ASSERT_POSIX_ZERO(dt_resultfile(sspath, sizeof(sspath)),
200 "create result file path");
202 if (!scenario->quiet) {
203 T_LOG("writing stackshot to %s", sspath);
206 FILE *f = fopen(sspath, "w");
207 T_WITH_ERRNO; T_QUIET; T_ASSERT_NOTNULL(f,
208 "open stackshot output file");
210 size_t written = fwrite(buf, size, 1, f);
211 T_QUIET; T_ASSERT_POSIX_SUCCESS(written, "wrote stackshot to file");
217 if (global_flags == 0) {
218 T_LOG("Restarting test with compression");
219 global_flags |= STACKSHOT_DO_COMPRESS;
226 ret = stackshot_config_dealloc(config);
227 T_QUIET; T_EXPECT_POSIX_ZERO(ret, "deallocated stackshot config");
230 T_DECL(simple_compressed, "take a simple compressed stackshot")
232 struct scenario scenario = {
233 .name = "kcdata_compressed",
234 .flags = (STACKSHOT_DO_COMPRESS | STACKSHOT_SAVE_LOADINFO | STACKSHOT_THREAD_WAITINFO | STACKSHOT_GET_GLOBAL_MEM_STATS |
235 STACKSHOT_SAVE_IMP_DONATION_PIDS | STACKSHOT_KCDATA_FORMAT),
238 T_LOG("taking compressed kcdata stackshot");
239 take_stackshot(&scenario, true, ^(void *ssbuf, size_t sslen) {
240 parse_stackshot(0, ssbuf, sslen, nil);
244 T_DECL(panic_compressed, "take a compressed stackshot with the same flags as a panic stackshot")
246 uint64_t stackshot_flags = (STACKSHOT_SAVE_KEXT_LOADINFO |
247 STACKSHOT_SAVE_LOADINFO |
248 STACKSHOT_KCDATA_FORMAT |
249 STACKSHOT_ENABLE_BT_FAULTING |
250 STACKSHOT_ENABLE_UUID_FAULTING |
251 STACKSHOT_DO_COMPRESS |
252 STACKSHOT_NO_IO_STATS |
253 STACKSHOT_THREAD_WAITINFO |
255 STACKSHOT_COLLECT_SHAREDCACHE_LAYOUT |
257 STACKSHOT_DISABLE_LATENCY_INFO);
259 struct scenario scenario = {
260 .name = "kcdata_panic_compressed",
261 .flags = stackshot_flags,
264 T_LOG("taking compressed kcdata stackshot with panic flags");
265 take_stackshot(&scenario, true, ^(void *ssbuf, size_t sslen) {
266 parse_stackshot(0, ssbuf, sslen, nil);
270 T_DECL(kcdata, "test that kcdata stackshots can be taken and parsed")
272 struct scenario scenario = {
274 .flags = (STACKSHOT_SAVE_LOADINFO | STACKSHOT_GET_GLOBAL_MEM_STATS |
275 STACKSHOT_SAVE_IMP_DONATION_PIDS | STACKSHOT_KCDATA_FORMAT),
278 T_LOG("taking kcdata stackshot");
279 take_stackshot(&scenario, true, ^(void *ssbuf, size_t sslen) {
280 parse_stackshot(0, ssbuf, sslen, nil);
284 T_DECL(kcdata_faulting, "test that kcdata stackshots while faulting can be taken and parsed")
286 struct scenario scenario = {
288 .flags = (STACKSHOT_SAVE_LOADINFO | STACKSHOT_GET_GLOBAL_MEM_STATS
289 | STACKSHOT_SAVE_IMP_DONATION_PIDS | STACKSHOT_KCDATA_FORMAT
290 | STACKSHOT_ENABLE_BT_FAULTING | STACKSHOT_ENABLE_UUID_FAULTING),
293 T_LOG("taking faulting stackshot");
294 take_stackshot(&scenario, true, ^(void *ssbuf, size_t sslen) {
295 parse_stackshot(0, ssbuf, sslen, nil);
299 T_DECL(bad_flags, "test a poorly-formed stackshot syscall")
301 struct scenario scenario = {
302 .flags = STACKSHOT_SAVE_IN_KERNEL_BUFFER /* not allowed from user space */,
306 T_LOG("attempting to take stackshot with kernel-only flag");
307 take_stackshot(&scenario, true, ^(__unused void *ssbuf, __unused size_t sslen) {
308 T_ASSERT_FAIL("stackshot data callback called");
312 T_DECL(delta, "test delta stackshots")
314 struct scenario scenario = {
316 .flags = (STACKSHOT_SAVE_LOADINFO | STACKSHOT_GET_GLOBAL_MEM_STATS
317 | STACKSHOT_SAVE_IMP_DONATION_PIDS | STACKSHOT_KCDATA_FORMAT),
320 T_LOG("taking full stackshot");
321 take_stackshot(&scenario, false, ^(void *ssbuf, size_t sslen) {
322 uint64_t stackshot_time = stackshot_timestamp(ssbuf, sslen);
324 T_LOG("taking delta stackshot since time %" PRIu64, stackshot_time);
326 parse_stackshot(0, ssbuf, sslen, nil);
328 struct scenario delta_scenario = {
329 .flags = (STACKSHOT_SAVE_LOADINFO | STACKSHOT_GET_GLOBAL_MEM_STATS
330 | STACKSHOT_SAVE_IMP_DONATION_PIDS | STACKSHOT_KCDATA_FORMAT
331 | STACKSHOT_COLLECT_DELTA_SNAPSHOT),
332 .since_timestamp = stackshot_time
335 take_stackshot(&delta_scenario, false, ^(void *dssbuf, size_t dsslen) {
336 parse_stackshot(PARSE_STACKSHOT_DELTA, dssbuf, dsslen, nil);
341 T_DECL(shared_cache_layout, "test stackshot inclusion of shared cache layout")
343 struct scenario scenario = {
344 .name = "shared_cache_layout",
345 .flags = (STACKSHOT_SAVE_LOADINFO | STACKSHOT_GET_GLOBAL_MEM_STATS
346 | STACKSHOT_SAVE_IMP_DONATION_PIDS | STACKSHOT_KCDATA_FORMAT |
347 STACKSHOT_COLLECT_SHAREDCACHE_LAYOUT),
350 size_t shared_cache_length;
351 const void *cache_header = _dyld_get_shared_cache_range(&shared_cache_length);
352 if (cache_header == NULL) {
353 T_SKIP("Device not running with shared cache, skipping test...");
356 if (shared_cache_length == 0) {
357 T_SKIP("dyld reports that currently running shared cache has zero length");
360 T_LOG("taking stackshot with STACKSHOT_COLLECT_SHAREDCACHE_LAYOUT set");
361 take_stackshot(&scenario, true, ^(void *ssbuf, size_t sslen) {
362 parse_stackshot(PARSE_STACKSHOT_SHAREDCACHE_LAYOUT, ssbuf, sslen, nil);
366 T_DECL(stress, "test that taking stackshots for 60 seconds doesn't crash the system")
368 uint64_t max_diff_time = 60ULL /* seconds */ * 1000000000ULL;
371 struct scenario scenario = {
374 .flags = (STACKSHOT_KCDATA_FORMAT |
375 STACKSHOT_THREAD_WAITINFO |
376 STACKSHOT_SAVE_LOADINFO |
377 STACKSHOT_SAVE_KEXT_LOADINFO |
378 STACKSHOT_GET_GLOBAL_MEM_STATS |
379 STACKSHOT_SAVE_IMP_DONATION_PIDS |
380 STACKSHOT_COLLECT_SHAREDCACHE_LAYOUT |
381 STACKSHOT_THREAD_GROUP |
382 STACKSHOT_SAVE_JETSAM_COALITIONS |
387 start_time = clock_gettime_nsec_np(CLOCK_MONOTONIC);
388 while (clock_gettime_nsec_np(CLOCK_MONOTONIC) - start_time < max_diff_time) {
389 take_stackshot(&scenario, false, ^(void * __unused ssbuf,
390 size_t __unused sslen) {
395 /* Leave some time for the testing infrastructure to catch up */
402 T_DECL(dispatch_queue_label, "test that kcdata stackshots contain libdispatch queue labels")
404 struct scenario scenario = {
406 .flags = (STACKSHOT_GET_DQ | STACKSHOT_KCDATA_FORMAT),
408 dispatch_semaphore_t child_ready_sem, parent_done_sem;
412 T_SKIP("This test is flaky on watches: 51663346");
415 child_ready_sem = dispatch_semaphore_create(0);
416 T_QUIET; T_ASSERT_NOTNULL(child_ready_sem, "dqlabel child semaphore");
418 parent_done_sem = dispatch_semaphore_create(0);
419 T_QUIET; T_ASSERT_NOTNULL(parent_done_sem, "dqlabel parent semaphore");
421 dq = dispatch_queue_create(TEST_STACKSHOT_QUEUE_LABEL, NULL);
422 T_QUIET; T_ASSERT_NOTNULL(dq, "dispatch queue");
424 /* start the helper thread */
425 dispatch_async(dq, ^{
426 dispatch_semaphore_signal(child_ready_sem);
428 dispatch_semaphore_wait(parent_done_sem, DISPATCH_TIME_FOREVER);
431 /* block behind the child starting up */
432 dispatch_semaphore_wait(child_ready_sem, DISPATCH_TIME_FOREVER);
434 T_LOG("taking kcdata stackshot with libdispatch queue labels");
435 take_stackshot(&scenario, true, ^(void *ssbuf, size_t sslen) {
436 parse_stackshot(PARSE_STACKSHOT_DISPATCH_QUEUE_LABEL, ssbuf, sslen, nil);
439 dispatch_semaphore_signal(parent_done_sem);
442 #define CACHEADDR_ENV "STACKSHOT_TEST_DYLDADDR"
443 T_HELPER_DECL(spawn_reslide_child, "child process to spawn with alternate slide")
445 size_t shared_cache_len;
446 const void *addr, *prevaddr;
450 const char *cacheaddr_env = getenv(CACHEADDR_ENV);
451 T_QUIET; T_ASSERT_NOTNULL(cacheaddr_env, "getenv("CACHEADDR_ENV")");
454 v = strtoumax(cacheaddr_env, &endptr, 16); /* read hex value */
455 T_WITH_ERRNO; T_QUIET; T_ASSERT_NE(v, 0l, "getenv(%s) = \"%s\" should be a non-zero hex number", CACHEADDR_ENV, cacheaddr_env);
456 T_QUIET; T_ASSERT_EQ(*endptr, 0, "getenv(%s) = \"%s\" endptr \"%s\" should be empty", CACHEADDR_ENV, cacheaddr_env, endptr);
458 prevaddr = (const void *)v;
459 addr = _dyld_get_shared_cache_range(&shared_cache_len);
460 T_QUIET; T_ASSERT_NOTNULL(addr, "shared cache address");
462 T_QUIET; T_ASSERT_POSIX_SUCCESS(kill(getppid(), (addr == prevaddr) ? SIGUSR2 : SIGUSR1), "signaled parent to take stackshot");
464 (void) pause(); /* parent will kill -9 us */
468 T_DECL(shared_cache_flags, "tests stackshot's task_ss_flags for the shared cache")
470 posix_spawnattr_t attr;
473 __block bool child_same_addr = false;
475 uint32_t path_size = sizeof(path);
476 T_QUIET; T_ASSERT_POSIX_ZERO(_NSGetExecutablePath(path, &path_size), "_NSGetExecutablePath");
477 char *args[] = { path, "-n", "spawn_reslide_child", NULL };
479 size_t shared_cache_len;
482 dispatch_source_t child_diffsig_src, child_samesig_src;
483 dispatch_semaphore_t child_ready_sem = dispatch_semaphore_create(0);
484 T_QUIET; T_ASSERT_NOTNULL(child_ready_sem, "shared_cache child semaphore");
486 dispatch_queue_t signal_processing_q = dispatch_queue_create("signal processing queue", NULL);
487 T_QUIET; T_ASSERT_NOTNULL(signal_processing_q, "signal processing queue");
489 signal(SIGUSR1, SIG_IGN);
490 signal(SIGUSR2, SIG_IGN);
491 child_samesig_src = dispatch_source_create(DISPATCH_SOURCE_TYPE_SIGNAL, SIGUSR1, 0, signal_processing_q);
492 T_QUIET; T_ASSERT_NOTNULL(child_samesig_src, "dispatch_source_create (child_samesig_src)");
493 child_diffsig_src = dispatch_source_create(DISPATCH_SOURCE_TYPE_SIGNAL, SIGUSR2, 0, signal_processing_q);
494 T_QUIET; T_ASSERT_NOTNULL(child_diffsig_src, "dispatch_source_create (child_diffsig_src)");
496 /* child will signal us depending on if their addr is the same or different */
497 dispatch_source_set_event_handler(child_samesig_src, ^{ child_same_addr = false; dispatch_semaphore_signal(child_ready_sem); });
498 dispatch_source_set_event_handler(child_diffsig_src, ^{ child_same_addr = true; dispatch_semaphore_signal(child_ready_sem); });
499 dispatch_activate(child_samesig_src);
500 dispatch_activate(child_diffsig_src);
502 addr = _dyld_get_shared_cache_range(&shared_cache_len);
503 T_QUIET; T_ASSERT_NOTNULL(addr, "shared cache address");
505 T_QUIET; T_ASSERT_POSIX_SUCCESS(asprintf(&env_addr, "%p", addr), "asprintf of env_addr succeeded");
506 T_QUIET; T_ASSERT_POSIX_SUCCESS(setenv(CACHEADDR_ENV, env_addr, true), "setting "CACHEADDR_ENV" to %s", env_addr);
508 T_QUIET; T_ASSERT_POSIX_ZERO(posix_spawnattr_init(&attr), "posix_spawnattr_init");
509 T_QUIET; T_ASSERT_POSIX_ZERO(posix_spawnattr_setflags(&attr, _POSIX_SPAWN_RESLIDE), "posix_spawnattr_setflags");
510 int sp_ret = posix_spawn(&pid, path, NULL, &attr, args, environ);
511 T_ASSERT_POSIX_ZERO(sp_ret, "spawned process '%s' with PID %d", args[0], pid);
513 dispatch_semaphore_wait(child_ready_sem, DISPATCH_TIME_FOREVER);
514 T_LOG("received signal from child (%s), capturing stackshot", child_same_addr ? "same shared cache addr" : "different shared cache addr");
516 struct scenario scenario = {
517 .name = "shared_cache_flags",
518 .flags = (STACKSHOT_SAVE_LOADINFO | STACKSHOT_GET_GLOBAL_MEM_STATS
519 | STACKSHOT_COLLECT_SHAREDCACHE_LAYOUT
520 | STACKSHOT_SAVE_IMP_DONATION_PIDS | STACKSHOT_KCDATA_FORMAT),
523 take_stackshot(&scenario, false, ^( void *ssbuf, size_t sslen) {
525 /* First kill the child so we can reap it */
526 T_QUIET; T_ASSERT_POSIX_SUCCESS(kill(pid, SIGKILL), "killing spawned process");
527 T_QUIET; T_ASSERT_POSIX_SUCCESS(waitpid(pid, &status, 0), "waitpid on spawned child");
528 T_QUIET; T_ASSERT_EQ(!!WIFSIGNALED(status), 1, "waitpid status should be signalled");
529 T_QUIET; T_ASSERT_EQ(WTERMSIG(status), SIGKILL, "waitpid status should be SIGKILLed");
531 parse_stackshot(PARSE_STACKSHOT_SHAREDCACHE_FLAGS, ssbuf, sslen,
532 @{sharedcache_child_pid_key: @(pid), sharedcache_child_sameaddr_key: @(child_same_addr ? 1 : 0)});
536 static void *stuck_sysctl_thread(void *arg) {
538 dispatch_semaphore_t child_thread_started = *(dispatch_semaphore_t *)arg;
540 dispatch_semaphore_signal(child_thread_started);
541 T_ASSERT_POSIX_SUCCESS(sysctlbyname("kern.wedge_thread", NULL, NULL, &val, sizeof(val)), "wedge child thread");
546 T_HELPER_DECL(zombie_child, "child process to sample as a zombie")
549 dispatch_semaphore_t child_thread_started = dispatch_semaphore_create(0);
550 T_QUIET; T_ASSERT_NOTNULL(child_thread_started, "zombie child thread semaphore");
552 /* spawn another thread to get stuck in the kernel, then call exit() to become a zombie */
553 T_QUIET; T_ASSERT_POSIX_SUCCESS(pthread_create(&pthread, NULL, stuck_sysctl_thread, &child_thread_started), "pthread_create");
555 dispatch_semaphore_wait(child_thread_started, DISPATCH_TIME_FOREVER);
557 /* sleep for a bit in the hope of ensuring that the other thread has called the sysctl before we signal the parent */
559 T_ASSERT_POSIX_SUCCESS(kill(getppid(), SIGUSR1), "signaled parent to take stackshot");
564 T_DECL(zombie, "tests a stackshot of a zombie task with a thread stuck in the kernel")
567 uint32_t path_size = sizeof(path);
568 T_ASSERT_POSIX_ZERO(_NSGetExecutablePath(path, &path_size), "_NSGetExecutablePath");
569 char *args[] = { path, "-n", "zombie_child", NULL };
571 dispatch_source_t child_sig_src;
572 dispatch_semaphore_t child_ready_sem = dispatch_semaphore_create(0);
573 T_QUIET; T_ASSERT_NOTNULL(child_ready_sem, "zombie child semaphore");
575 dispatch_queue_t signal_processing_q = dispatch_queue_create("signal processing queue", NULL);
576 T_QUIET; T_ASSERT_NOTNULL(signal_processing_q, "signal processing queue");
580 T_LOG("spawning a child");
582 signal(SIGUSR1, SIG_IGN);
583 child_sig_src = dispatch_source_create(DISPATCH_SOURCE_TYPE_SIGNAL, SIGUSR1, 0, signal_processing_q);
584 T_QUIET; T_ASSERT_NOTNULL(child_sig_src, "dispatch_source_create (child_sig_src)");
586 dispatch_source_set_event_handler(child_sig_src, ^{ dispatch_semaphore_signal(child_ready_sem); });
587 dispatch_activate(child_sig_src);
589 int sp_ret = posix_spawn(&pid, args[0], NULL, NULL, args, NULL);
590 T_QUIET; T_ASSERT_POSIX_ZERO(sp_ret, "spawned process '%s' with PID %d", args[0], pid);
592 dispatch_semaphore_wait(child_ready_sem, DISPATCH_TIME_FOREVER);
594 T_LOG("received signal from child, capturing stackshot");
596 struct proc_bsdshortinfo bsdshortinfo;
597 int retval, iterations_to_wait = 10;
599 while (iterations_to_wait > 0) {
600 retval = proc_pidinfo(pid, PROC_PIDT_SHORTBSDINFO, 0, &bsdshortinfo, sizeof(bsdshortinfo));
601 if ((retval == 0) && errno == ESRCH) {
602 T_LOG("unable to find child using proc_pidinfo, assuming zombie");
606 T_QUIET; T_WITH_ERRNO; T_ASSERT_GT(retval, 0, "proc_pidinfo(PROC_PIDT_SHORTBSDINFO) returned a value > 0");
607 T_QUIET; T_ASSERT_EQ(retval, (int)sizeof(bsdshortinfo), "proc_pidinfo call for PROC_PIDT_SHORTBSDINFO returned expected size");
609 if (bsdshortinfo.pbsi_flags & PROC_FLAG_INEXIT) {
610 T_LOG("child proc info marked as in exit");
614 iterations_to_wait--;
615 if (iterations_to_wait == 0) {
617 * This will mark the test as failed but let it continue so we
618 * don't leave a process stuck in the kernel.
620 T_FAIL("unable to discover that child is marked as exiting");
623 /* Give the child a few more seconds to make it to exit */
627 /* Give the child some more time to make it through exit */
630 struct scenario scenario = {
632 .flags = (STACKSHOT_SAVE_LOADINFO | STACKSHOT_GET_GLOBAL_MEM_STATS
633 | STACKSHOT_SAVE_IMP_DONATION_PIDS | STACKSHOT_KCDATA_FORMAT),
636 take_stackshot(&scenario, false, ^( void *ssbuf, size_t sslen) {
637 /* First unwedge the child so we can reap it */
639 T_ASSERT_POSIX_SUCCESS(sysctlbyname("kern.unwedge_thread", NULL, NULL, &val, sizeof(val)), "unwedge child");
641 T_QUIET; T_ASSERT_POSIX_SUCCESS(waitpid(pid, &status, 0), "waitpid on zombie child");
643 parse_stackshot(PARSE_STACKSHOT_ZOMBIE, ssbuf, sslen, @{zombie_child_pid_key: @(pid)});
647 T_HELPER_DECL(exec_child_preexec, "child process pre-exec")
649 dispatch_queue_t signal_processing_q = dispatch_queue_create("signal processing queue", NULL);
650 T_QUIET; T_ASSERT_NOTNULL(signal_processing_q, "signal processing queue");
652 signal(SIGUSR1, SIG_IGN);
653 dispatch_source_t parent_sig_src = dispatch_source_create(DISPATCH_SOURCE_TYPE_SIGNAL, SIGUSR1, 0, signal_processing_q);
654 T_QUIET; T_ASSERT_NOTNULL(parent_sig_src, "dispatch_source_create (child_sig_src)");
655 dispatch_source_set_event_handler(parent_sig_src, ^{
657 // Parent took a timestamp then signaled us: exec into the next process
660 uint32_t path_size = sizeof(path);
661 T_QUIET; T_ASSERT_POSIX_ZERO(_NSGetExecutablePath(path, &path_size), "_NSGetExecutablePath");
662 char *args[] = { path, "-n", "exec_child_postexec", NULL };
664 T_QUIET; T_ASSERT_POSIX_ZERO(execve(args[0], args, NULL), "execing into exec_child_postexec");
666 dispatch_activate(parent_sig_src);
668 T_ASSERT_POSIX_SUCCESS(kill(getppid(), SIGUSR1), "signaled parent to take timestamp");
671 // Should never get here
672 T_FAIL("Received signal to exec from parent");
675 T_HELPER_DECL(exec_child_postexec, "child process post-exec to sample")
677 T_ASSERT_POSIX_SUCCESS(kill(getppid(), SIGUSR1), "signaled parent to take stackshot");
679 // Should never get here
680 T_FAIL("Killed by parent");
683 T_DECL(exec, "test getting full task snapshots for a task that execs")
686 uint32_t path_size = sizeof(path);
687 T_QUIET; T_ASSERT_POSIX_ZERO(_NSGetExecutablePath(path, &path_size), "_NSGetExecutablePath");
688 char *args[] = { path, "-n", "exec_child_preexec", NULL };
690 dispatch_source_t child_sig_src;
691 dispatch_semaphore_t child_ready_sem = dispatch_semaphore_create(0);
692 T_QUIET; T_ASSERT_NOTNULL(child_ready_sem, "exec child semaphore");
694 dispatch_queue_t signal_processing_q = dispatch_queue_create("signal processing queue", NULL);
695 T_QUIET; T_ASSERT_NOTNULL(signal_processing_q, "signal processing queue");
699 T_LOG("spawning a child");
701 signal(SIGUSR1, SIG_IGN);
702 child_sig_src = dispatch_source_create(DISPATCH_SOURCE_TYPE_SIGNAL, SIGUSR1, 0, signal_processing_q);
703 T_QUIET; T_ASSERT_NOTNULL(child_sig_src, "dispatch_source_create (child_sig_src)");
705 dispatch_source_set_event_handler(child_sig_src, ^{ dispatch_semaphore_signal(child_ready_sem); });
706 dispatch_activate(child_sig_src);
708 int sp_ret = posix_spawn(&pid, args[0], NULL, NULL, args, NULL);
709 T_QUIET; T_ASSERT_POSIX_ZERO(sp_ret, "spawned process '%s' with PID %d", args[0], pid);
711 dispatch_semaphore_wait(child_ready_sem, DISPATCH_TIME_FOREVER);
713 uint64_t start_time = mach_absolute_time();
715 struct proc_uniqidentifierinfo proc_info_data = { };
716 int retval = proc_pidinfo(getpid(), PROC_PIDUNIQIDENTIFIERINFO, 0, &proc_info_data, sizeof(proc_info_data));
717 T_QUIET; T_EXPECT_POSIX_SUCCESS(retval, "proc_pidinfo PROC_PIDUNIQIDENTIFIERINFO");
718 T_QUIET; T_ASSERT_EQ_INT(retval, (int) sizeof(proc_info_data), "proc_pidinfo PROC_PIDUNIQIDENTIFIERINFO returned data");
719 uint64_t unique_pid = proc_info_data.p_uniqueid;
721 T_LOG("received signal from pre-exec child, unique_pid is %llu, timestamp is %llu", unique_pid, start_time);
723 T_ASSERT_POSIX_SUCCESS(kill(pid, SIGUSR1), "signaled pre-exec child to exec");
725 dispatch_semaphore_wait(child_ready_sem, DISPATCH_TIME_FOREVER);
727 T_LOG("received signal from post-exec child, capturing stackshot");
729 struct scenario scenario = {
731 .flags = (STACKSHOT_SAVE_LOADINFO | STACKSHOT_GET_GLOBAL_MEM_STATS
732 | STACKSHOT_SAVE_IMP_DONATION_PIDS | STACKSHOT_KCDATA_FORMAT
733 | STACKSHOT_COLLECT_DELTA_SNAPSHOT),
734 .since_timestamp = start_time
737 take_stackshot(&scenario, false, ^( void *ssbuf, size_t sslen) {
740 T_ASSERT_POSIX_SUCCESS(kill(pid, SIGKILL), "kill post-exec child %d", pid);
741 T_ASSERT_POSIX_SUCCESS(waitpid(pid, &status, 0), "waitpid on post-exec child");
743 parse_stackshot(PARSE_STACKSHOT_POSTEXEC | PARSE_STACKSHOT_DELTA, ssbuf, sslen, @{postexec_child_unique_pid_key: @(unique_pid)});
748 get_user_promotion_basepri(void)
750 mach_msg_type_number_t count = THREAD_POLICY_STATE_COUNT;
751 struct thread_policy_state thread_policy;
752 boolean_t get_default = FALSE;
753 mach_port_t thread_port = pthread_mach_thread_np(pthread_self());
755 kern_return_t kr = thread_policy_get(thread_port, THREAD_POLICY_STATE,
756 (thread_policy_t)&thread_policy, &count, &get_default);
757 T_QUIET; T_ASSERT_MACH_SUCCESS(kr, "thread_policy_get");
758 return thread_policy.thps_user_promotion_basepri;
762 get_pri(thread_t thread_port)
766 thread_extended_info_data_t extended_info;
767 mach_msg_type_number_t count = THREAD_EXTENDED_INFO_COUNT;
768 kr = thread_info(thread_port, THREAD_EXTENDED_INFO,
769 (thread_info_t)&extended_info, &count);
771 T_QUIET; T_ASSERT_MACH_SUCCESS(kr, "thread_info");
773 return extended_info.pth_curpri;
777 T_DECL(turnstile_singlehop, "turnstile single hop test")
779 dispatch_queue_t dq1, dq2;
780 dispatch_semaphore_t sema_x;
781 dispatch_queue_attr_t dq1_attr, dq2_attr;
782 __block qos_class_t main_qos = 0;
783 __block int main_relpri = 0, main_relpri2 = 0, main_afterpri = 0;
784 struct scenario scenario = {
785 .name = "turnstile_singlehop",
786 .flags = (STACKSHOT_THREAD_WAITINFO | STACKSHOT_KCDATA_FORMAT),
788 dq1_attr = dispatch_queue_attr_make_with_qos_class(DISPATCH_QUEUE_SERIAL, QOS_CLASS_UTILITY, 0);
789 dq2_attr = dispatch_queue_attr_make_with_qos_class(DISPATCH_QUEUE_SERIAL, QOS_CLASS_USER_INITIATED, 0);
790 pthread_mutex_t lock_a = PTHREAD_MUTEX_INITIALIZER;
791 pthread_mutex_t lock_b = PTHREAD_MUTEX_INITIALIZER;
793 pthread_mutex_t *lockap = &lock_a, *lockbp = &lock_b;
795 dq1 = dispatch_queue_create("q1", dq1_attr);
796 dq2 = dispatch_queue_create("q2", dq2_attr);
797 sema_x = dispatch_semaphore_create(0);
799 pthread_mutex_lock(lockap);
800 dispatch_async(dq1, ^{
801 pthread_mutex_lock(lockbp);
802 T_ASSERT_POSIX_SUCCESS(pthread_get_qos_class_np(pthread_self(), &main_qos, &main_relpri), "get qos class");
803 T_LOG("The priority of q1 is %d\n", get_pri(mach_thread_self()));
804 dispatch_semaphore_signal(sema_x);
805 pthread_mutex_lock(lockap);
807 dispatch_semaphore_wait(sema_x, DISPATCH_TIME_FOREVER);
809 T_LOG("Async1 completed");
811 pthread_set_qos_class_self_np(QOS_CLASS_UTILITY, 0);
812 T_ASSERT_POSIX_SUCCESS(pthread_get_qos_class_np(pthread_self(), &main_qos, &main_relpri), "get qos class");
813 T_LOG("The priority of main is %d\n", get_pri(mach_thread_self()));
814 main_relpri = get_pri(mach_thread_self());
816 dispatch_async(dq2, ^{
817 T_ASSERT_POSIX_SUCCESS(pthread_get_qos_class_np(pthread_self(), &main_qos, &main_relpri2), "get qos class");
818 T_LOG("The priority of q2 is %d\n", get_pri(mach_thread_self()));
819 dispatch_semaphore_signal(sema_x);
820 pthread_mutex_lock(lockbp);
822 dispatch_semaphore_wait(sema_x, DISPATCH_TIME_FOREVER);
824 T_LOG("Async2 completed");
827 main_afterpri = (int) get_user_promotion_basepri();
828 if (main_relpri != main_afterpri) {
829 T_LOG("Success with promotion pri is %d", main_afterpri);
836 take_stackshot(&scenario, true, ^( void *ssbuf, size_t sslen) {
837 parse_stackshot(PARSE_STACKSHOT_TURNSTILEINFO, ssbuf, sslen, nil);
843 expect_instrs_cycles_in_stackshot(void *ssbuf, size_t sslen)
845 kcdata_iter_t iter = kcdata_iter(ssbuf, sslen);
847 bool in_task = false;
848 bool in_thread = false;
849 bool saw_instrs_cycles = false;
850 iter = kcdata_iter_next(iter);
852 KCDATA_ITER_FOREACH(iter) {
853 switch (kcdata_iter_type(iter)) {
854 case KCDATA_TYPE_CONTAINER_BEGIN:
855 switch (kcdata_iter_container_type(iter)) {
856 case STACKSHOT_KCCONTAINER_TASK:
858 saw_instrs_cycles = false;
861 case STACKSHOT_KCCONTAINER_THREAD:
863 saw_instrs_cycles = false;
871 case STACKSHOT_KCTYPE_INSTRS_CYCLES:
872 saw_instrs_cycles = true;
875 case KCDATA_TYPE_CONTAINER_END:
877 T_QUIET; T_EXPECT_TRUE(saw_instrs_cycles,
878 "saw instructions and cycles in thread");
880 } else if (in_task) {
881 T_QUIET; T_EXPECT_TRUE(saw_instrs_cycles,
882 "saw instructions and cycles in task");
893 skip_if_monotonic_unsupported(void)
896 size_t supported_size = sizeof(supported);
897 int ret = sysctlbyname("kern.monotonic.supported", &supported,
898 &supported_size, 0, 0);
899 if (ret < 0 || !supported) {
900 T_SKIP("monotonic is unsupported");
904 T_DECL(instrs_cycles, "test a getting instructions and cycles in stackshot")
906 skip_if_monotonic_unsupported();
908 struct scenario scenario = {
909 .name = "instrs-cycles",
910 .flags = (STACKSHOT_SAVE_LOADINFO | STACKSHOT_INSTRS_CYCLES
911 | STACKSHOT_KCDATA_FORMAT),
914 T_LOG("attempting to take stackshot with instructions and cycles");
915 take_stackshot(&scenario, false, ^(void *ssbuf, size_t sslen) {
916 parse_stackshot(0, ssbuf, sslen, nil);
917 expect_instrs_cycles_in_stackshot(ssbuf, sslen);
921 T_DECL(delta_instrs_cycles,
922 "test delta stackshots with instructions and cycles")
924 skip_if_monotonic_unsupported();
926 struct scenario scenario = {
927 .name = "delta-instrs-cycles",
928 .flags = (STACKSHOT_SAVE_LOADINFO | STACKSHOT_INSTRS_CYCLES
929 | STACKSHOT_KCDATA_FORMAT),
932 T_LOG("taking full stackshot");
933 take_stackshot(&scenario, false, ^(void *ssbuf, size_t sslen) {
934 uint64_t stackshot_time = stackshot_timestamp(ssbuf, sslen);
936 T_LOG("taking delta stackshot since time %" PRIu64, stackshot_time);
938 parse_stackshot(0, ssbuf, sslen, nil);
939 expect_instrs_cycles_in_stackshot(ssbuf, sslen);
941 struct scenario delta_scenario = {
942 .name = "delta-instrs-cycles-next",
943 .flags = (STACKSHOT_SAVE_LOADINFO | STACKSHOT_INSTRS_CYCLES
944 | STACKSHOT_KCDATA_FORMAT
945 | STACKSHOT_COLLECT_DELTA_SNAPSHOT),
946 .since_timestamp = stackshot_time,
949 take_stackshot(&delta_scenario, false, ^(void *dssbuf, size_t dsslen) {
950 parse_stackshot(PARSE_STACKSHOT_DELTA, dssbuf, dsslen, nil);
951 expect_instrs_cycles_in_stackshot(dssbuf, dsslen);
957 check_thread_groups_supported()
961 size_t supported_size = sizeof(supported);
962 err = sysctlbyname("kern.thread_groups_supported", &supported, &supported_size, NULL, 0);
964 if (err || !supported)
965 T_SKIP("thread groups not supported on this system");
968 T_DECL(thread_groups, "test getting thread groups in stackshot")
970 check_thread_groups_supported();
972 struct scenario scenario = {
973 .name = "thread-groups",
974 .flags = (STACKSHOT_SAVE_LOADINFO | STACKSHOT_THREAD_GROUP
975 | STACKSHOT_KCDATA_FORMAT),
978 T_LOG("attempting to take stackshot with thread group flag");
979 take_stackshot(&scenario, false, ^(void *ssbuf, size_t sslen) {
980 parse_thread_group_stackshot(ssbuf, sslen);
985 parse_page_table_asid_stackshot(void **ssbuf, size_t sslen)
987 bool seen_asid = false;
988 bool seen_page_table_snapshot = false;
989 kcdata_iter_t iter = kcdata_iter(ssbuf, sslen);
990 T_ASSERT_EQ(kcdata_iter_type(iter), KCDATA_BUFFER_BEGIN_STACKSHOT,
991 "buffer provided is a stackshot");
993 iter = kcdata_iter_next(iter);
994 KCDATA_ITER_FOREACH(iter) {
995 switch (kcdata_iter_type(iter)) {
996 case KCDATA_TYPE_ARRAY: {
998 T_ASSERT_TRUE(kcdata_iter_array_valid(iter),
999 "checked that array is valid");
1001 if (kcdata_iter_array_elem_type(iter) != STACKSHOT_KCTYPE_PAGE_TABLES) {
1005 T_ASSERT_FALSE(seen_page_table_snapshot, "check that we haven't yet seen a page table snapshot");
1006 seen_page_table_snapshot = true;
1008 T_ASSERT_EQ((size_t) kcdata_iter_array_elem_size(iter), sizeof(uint64_t),
1009 "check that each element of the pagetable dump is the expected size");
1011 uint64_t *pt_array = kcdata_iter_payload(iter);
1012 uint32_t elem_count = kcdata_iter_array_elem_count(iter);
1014 bool nonzero_tte = false;
1015 for (j = 0; j < elem_count;) {
1016 T_QUIET; T_ASSERT_LE(j + 4, elem_count, "check for valid page table segment header");
1017 uint64_t pa = pt_array[j];
1018 uint64_t num_entries = pt_array[j + 1];
1019 uint64_t start_va = pt_array[j + 2];
1020 uint64_t end_va = pt_array[j + 3];
1022 T_QUIET; T_ASSERT_NE(pa, (uint64_t) 0, "check that the pagetable physical address is non-zero");
1023 T_QUIET; T_ASSERT_EQ(pa % (num_entries * sizeof(uint64_t)), (uint64_t) 0, "check that the pagetable physical address is correctly aligned");
1024 T_QUIET; T_ASSERT_NE(num_entries, (uint64_t) 0, "check that a pagetable region has more than 0 entries");
1025 T_QUIET; T_ASSERT_LE(j + 4 + num_entries, (uint64_t) elem_count, "check for sufficient space in page table array");
1026 T_QUIET; T_ASSERT_GT(end_va, start_va, "check for valid VA bounds in page table segment header");
1028 for (uint32_t k = j + 4; k < (j + 4 + num_entries); ++k) {
1029 if (pt_array[k] != 0) {
1031 T_QUIET; T_ASSERT_EQ((pt_array[k] >> 48) & 0xf, (uint64_t) 0, "check that bits[48:51] of arm64 TTE are clear");
1032 // L0-L2 table and non-compressed L3 block entries should always have bit 1 set; assumes L0-L2 blocks will not be used outside the kernel
1033 bool table = ((pt_array[k] & 0x2) != 0);
1035 T_QUIET; T_ASSERT_NE(pt_array[k] & ((1ULL << 48) - 1) & ~((1ULL << 12) - 1), (uint64_t) 0, "check that arm64 TTE physical address is non-zero");
1036 } else { // should be a compressed PTE
1037 T_QUIET; T_ASSERT_NE(pt_array[k] & 0xC000000000000000ULL, (uint64_t) 0, "check that compressed PTE has at least one of bits [63:62] set");
1038 T_QUIET; T_ASSERT_EQ(pt_array[k] & ~0xC000000000000000ULL, (uint64_t) 0, "check that compressed PTE has no other bits besides [63:62] set");
1043 j += (4 + num_entries);
1045 T_ASSERT_TRUE(nonzero_tte, "check that we saw at least one non-empty TTE");
1046 T_ASSERT_EQ(j, elem_count, "check that page table dump size matches extent of last header");
1049 case STACKSHOT_KCTYPE_ASID: {
1050 T_ASSERT_FALSE(seen_asid, "check that we haven't yet seen an ASID");
1055 T_ASSERT_TRUE(seen_page_table_snapshot, "check that we have seen a page table snapshot");
1056 T_ASSERT_TRUE(seen_asid, "check that we have seen an ASID");
1059 T_DECL(dump_page_tables, "test stackshot page table dumping support")
1061 struct scenario scenario = {
1062 .name = "asid-page-tables",
1063 .flags = (STACKSHOT_KCDATA_FORMAT | STACKSHOT_ASID | STACKSHOT_PAGE_TABLES),
1064 .size_hint = (1ULL << 23), // 8 MB
1065 .target_pid = getpid(),
1066 .maybe_unsupported = true,
1069 T_LOG("attempting to take stackshot with ASID and page table flags");
1070 take_stackshot(&scenario, false, ^(void *ssbuf, size_t sslen) {
1071 parse_page_table_asid_stackshot(ssbuf, sslen);
1075 static void stackshot_verify_current_proc_uuid_info(void **ssbuf, size_t sslen, uint64_t expected_offset, const struct proc_uniqidentifierinfo *proc_info_data)
1077 const uuid_t *current_uuid = (const uuid_t *)(&proc_info_data->p_uuid);
1079 kcdata_iter_t iter = kcdata_iter(ssbuf, sslen);
1080 T_ASSERT_EQ(kcdata_iter_type(iter), KCDATA_BUFFER_BEGIN_STACKSHOT, "buffer provided is a stackshot");
1082 iter = kcdata_iter_next(iter);
1084 KCDATA_ITER_FOREACH(iter) {
1085 switch (kcdata_iter_type(iter)) {
1086 case KCDATA_TYPE_ARRAY: {
1087 T_QUIET; T_ASSERT_TRUE(kcdata_iter_array_valid(iter), "checked that array is valid");
1088 if (kcdata_iter_array_elem_type(iter) == KCDATA_TYPE_LIBRARY_LOADINFO64) {
1089 struct user64_dyld_uuid_info *info = (struct user64_dyld_uuid_info *) kcdata_iter_payload(iter);
1090 if (uuid_compare(*current_uuid, info->imageUUID) == 0) {
1091 T_ASSERT_EQ(expected_offset, info->imageLoadAddress, "found matching UUID with matching binary offset");
1094 } else if (kcdata_iter_array_elem_type(iter) == KCDATA_TYPE_LIBRARY_LOADINFO) {
1095 struct user32_dyld_uuid_info *info = (struct user32_dyld_uuid_info *) kcdata_iter_payload(iter);
1096 if (uuid_compare(*current_uuid, info->imageUUID) == 0) {
1097 T_ASSERT_EQ(expected_offset, ((uint64_t) info->imageLoadAddress), "found matching UUID with matching binary offset");
1108 T_FAIL("failed to find matching UUID in stackshot data");
1111 T_DECL(translated, "tests translated bit is set correctly")
1113 #if !(TARGET_OS_OSX && TARGET_CPU_ARM64)
1114 T_SKIP("Only valid on Apple silicon Macs")
1116 // Get path of stackshot_translated_child helper binary
1117 char path[PATH_MAX];
1118 uint32_t path_size = sizeof(path);
1119 T_QUIET; T_ASSERT_POSIX_ZERO(_NSGetExecutablePath(path, &path_size), "_NSGetExecutablePath");
1120 char* binary_name = strrchr(path, '/');
1121 if (binary_name) binary_name++;
1122 T_QUIET; T_ASSERT_NOTNULL(binary_name, "Find basename in path '%s'", path);
1123 strlcpy(binary_name, "stackshot_translated_child", path_size - (binary_name - path));
1124 char *args[] = { path, NULL };
1126 dispatch_source_t child_sig_src;
1127 dispatch_semaphore_t child_ready_sem = dispatch_semaphore_create(0);
1128 T_QUIET; T_ASSERT_NOTNULL(child_ready_sem, "exec child semaphore");
1130 dispatch_queue_t signal_processing_q = dispatch_queue_create("signal processing queue", NULL);
1131 T_QUIET; T_ASSERT_NOTNULL(signal_processing_q, "signal processing queue");
1133 signal(SIGUSR1, SIG_IGN);
1134 child_sig_src = dispatch_source_create(DISPATCH_SOURCE_TYPE_SIGNAL, SIGUSR1, 0, signal_processing_q);
1135 T_QUIET; T_ASSERT_NOTNULL(child_sig_src, "dispatch_source_create (child_sig_src)");
1137 dispatch_source_set_event_handler(child_sig_src, ^{ dispatch_semaphore_signal(child_ready_sem); });
1138 dispatch_activate(child_sig_src);
1142 T_LOG("spawning translated child");
1143 T_QUIET; T_ASSERT_POSIX_ZERO(posix_spawn(&pid, args[0], NULL, NULL, args, NULL), "spawned process '%s' with PID %d", args[0], pid);
1145 // Wait for the the child to spawn up
1146 dispatch_semaphore_wait(child_ready_sem, DISPATCH_TIME_FOREVER);
1148 // Make sure the child is running and is translated
1149 int mib[] = { CTL_KERN, KERN_PROC, KERN_PROC_PID, pid };
1150 struct kinfo_proc process_info;
1151 size_t bufsize = sizeof(process_info);
1152 T_QUIET; T_ASSERT_POSIX_SUCCESS(sysctl(mib, (unsigned)(sizeof(mib)/sizeof(int)), &process_info, &bufsize, NULL, 0), "get translated child process info");
1153 T_QUIET; T_ASSERT_GT(bufsize, (size_t)0, "process info is not empty");
1154 T_QUIET; T_ASSERT_TRUE((process_info.kp_proc.p_flag & P_TRANSLATED), "KERN_PROC_PID reports child is translated");
1156 T_LOG("capturing stackshot");
1158 struct scenario scenario = {
1159 .name = "translated",
1160 .flags = (STACKSHOT_SAVE_LOADINFO | STACKSHOT_GET_GLOBAL_MEM_STATS
1161 | STACKSHOT_SAVE_IMP_DONATION_PIDS | STACKSHOT_KCDATA_FORMAT),
1164 take_stackshot(&scenario, true, ^( void *ssbuf, size_t sslen) {
1165 parse_stackshot(PARSE_STACKSHOT_TRANSLATED, ssbuf, sslen, @{translated_child_pid_key: @(pid)});
1170 T_QUIET; T_ASSERT_POSIX_SUCCESS(kill(pid, SIGTERM), "kill translated child");
1171 T_QUIET; T_ASSERT_POSIX_SUCCESS(waitpid(pid, &status, 0), "waitpid on translated child");
1175 T_DECL(proc_uuid_info, "tests that the main binary UUID for a proc is always populated")
1177 struct proc_uniqidentifierinfo proc_info_data = { };
1178 mach_msg_type_number_t count;
1179 kern_return_t kernel_status;
1180 task_dyld_info_data_t task_dyld_info;
1181 struct dyld_all_image_infos *target_infos;
1183 bool found_image_in_image_infos = false;
1184 uint64_t expected_mach_header_offset = 0;
1186 /* Find the UUID of our main binary */
1187 retval = proc_pidinfo(getpid(), PROC_PIDUNIQIDENTIFIERINFO, 0, &proc_info_data, sizeof(proc_info_data));
1188 T_QUIET; T_EXPECT_POSIX_SUCCESS(retval, "proc_pidinfo PROC_PIDUNIQIDENTIFIERINFO");
1189 T_QUIET; T_ASSERT_EQ_INT(retval, (int) sizeof(proc_info_data), "proc_pidinfo PROC_PIDUNIQIDENTIFIERINFO returned data");
1191 uuid_string_t str = {};
1192 uuid_unparse(*(uuid_t*)&proc_info_data.p_uuid, str);
1193 T_LOG("Found current UUID is %s", str);
1195 /* Find the location of the dyld image info metadata */
1196 count = TASK_DYLD_INFO_COUNT;
1197 kernel_status = task_info(mach_task_self(), TASK_DYLD_INFO, (task_info_t)&task_dyld_info, &count);
1198 T_QUIET; T_ASSERT_EQ(kernel_status, KERN_SUCCESS, "retrieve task_info for TASK_DYLD_INFO");
1200 target_infos = (struct dyld_all_image_infos *)task_dyld_info.all_image_info_addr;
1202 /* Find our binary in the dyld image info array */
1203 for (int i = 0; i < (int) target_infos->uuidArrayCount; i++) {
1204 if (uuid_compare(target_infos->uuidArray[i].imageUUID, *(uuid_t*)&proc_info_data.p_uuid) == 0) {
1205 expected_mach_header_offset = (uint64_t) target_infos->uuidArray[i].imageLoadAddress;
1206 found_image_in_image_infos = true;
1210 T_ASSERT_TRUE(found_image_in_image_infos, "found binary image in dyld image info list");
1212 /* Overwrite the dyld image info data so the kernel has to fallback to the UUID stored in the proc structure */
1213 target_infos->uuidArrayCount = 0;
1215 struct scenario scenario = {
1216 .name = "proc_uuid_info",
1217 .flags = (STACKSHOT_SAVE_LOADINFO | STACKSHOT_KCDATA_FORMAT),
1218 .target_pid = getpid(),
1221 T_LOG("attempting to take stackshot for current PID");
1222 take_stackshot(&scenario, false, ^(void *ssbuf, size_t sslen) {
1223 stackshot_verify_current_proc_uuid_info(ssbuf, sslen, expected_mach_header_offset, &proc_info_data);
1227 T_DECL(cseg_waitinfo, "test that threads stuck in the compressor report correct waitinfo")
1229 struct scenario scenario = {
1230 .name = "cseg_waitinfo",
1232 .flags = (STACKSHOT_THREAD_WAITINFO | STACKSHOT_KCDATA_FORMAT),
1234 __block uint64_t thread_id = 0;
1236 dispatch_queue_t dq = dispatch_queue_create("com.apple.stackshot.cseg_waitinfo", NULL);
1237 dispatch_semaphore_t child_ok = dispatch_semaphore_create(0);
1239 dispatch_async(dq, ^{
1240 pthread_threadid_np(NULL, &thread_id);
1241 dispatch_semaphore_signal(child_ok);
1243 T_ASSERT_POSIX_SUCCESS(sysctlbyname("kern.cseg_wedge_thread", NULL, NULL, &val, sizeof(val)), "wedge child thread");
1246 dispatch_semaphore_wait(child_ok, DISPATCH_TIME_FOREVER);
1249 T_LOG("taking stackshot");
1250 take_stackshot(&scenario, false, ^(void *ssbuf, size_t sslen) {
1252 T_ASSERT_POSIX_SUCCESS(sysctlbyname("kern.cseg_unwedge_thread", NULL, NULL, &val, sizeof(val)), "unwedge child thread");
1253 parse_stackshot(PARSE_STACKSHOT_WAITINFO_CSEG, ssbuf, sslen, @{cseg_expected_threadid_key: @(thread_id)});
1259 mach_port_t send_port,
1260 mach_port_t reply_port,
1261 mach_port_t msg_port)
1263 kern_return_t ret = 0;
1266 mach_msg_header_t header;
1267 mach_msg_body_t body;
1268 mach_msg_port_descriptor_t port_descriptor;
1270 struct test_msg send_msg = {
1272 .msgh_remote_port = send_port,
1273 .msgh_local_port = reply_port,
1274 .msgh_bits = MACH_MSGH_BITS_SET(MACH_MSG_TYPE_COPY_SEND,
1275 reply_port ? MACH_MSG_TYPE_MAKE_SEND_ONCE : 0,
1276 MACH_MSG_TYPE_MOVE_SEND,
1277 MACH_MSGH_BITS_COMPLEX),
1279 .msgh_size = sizeof(send_msg),
1282 .msgh_descriptor_count = 1,
1284 .port_descriptor = {
1286 .disposition = MACH_MSG_TYPE_MOVE_RECEIVE,
1287 .type = MACH_MSG_PORT_DESCRIPTOR,
1291 if (msg_port == MACH_PORT_NULL) {
1292 send_msg.body.msgh_descriptor_count = 0;
1295 ret = mach_msg(&(send_msg.header),
1298 MACH_SEND_OVERRIDE |
1299 (reply_port ? MACH_SEND_SYNC_OVERRIDE : 0),
1300 send_msg.header.msgh_size,
1306 T_ASSERT_MACH_SUCCESS(ret, "client mach_msg");
1309 T_HELPER_DECL(srp_client,
1310 "Client used for the special_reply_port test")
1312 pid_t ppid = getppid();
1313 dispatch_semaphore_t can_continue = dispatch_semaphore_create(0);
1314 dispatch_queue_t dq = dispatch_queue_create("client_signalqueue", NULL);
1315 dispatch_source_t sig_src;
1317 mach_msg_return_t mr;
1318 mach_port_t service_port;
1319 mach_port_t conn_port;
1320 mach_port_t special_reply_port;
1321 mach_port_options_t opts = {
1322 .flags = MPO_INSERT_SEND_RIGHT,
1325 signal(SIGUSR1, SIG_IGN);
1326 sig_src = dispatch_source_create(DISPATCH_SOURCE_TYPE_SIGNAL, SIGUSR1, 0, dq);
1328 dispatch_source_set_event_handler(sig_src, ^{
1329 dispatch_semaphore_signal(can_continue);
1331 dispatch_activate(sig_src);
1333 /* lookup the mach service port for the parent */
1334 kern_return_t kr = bootstrap_look_up(bootstrap_port,
1335 SRP_SERVICE_NAME, &service_port);
1336 T_QUIET; T_ASSERT_MACH_SUCCESS(kr, "client bootstrap_look_up");
1338 /* create the send-once right (special reply port) and message to send to the server */
1339 kr = mach_port_construct(mach_task_self(), &opts, 0ull, &conn_port);
1340 T_QUIET; T_ASSERT_MACH_SUCCESS(kr, "mach_port_construct");
1342 special_reply_port = thread_get_special_reply_port();
1343 T_QUIET; T_ASSERT_TRUE(MACH_PORT_VALID(special_reply_port), "get_thread_special_reply_port");
1345 /* send the message with the special reply port */
1346 srp_send(service_port, special_reply_port, conn_port);
1348 /* signal the parent to continue */
1349 kill(ppid, SIGUSR1);
1352 mach_msg_header_t header;
1353 mach_msg_body_t body;
1354 mach_msg_port_descriptor_t port_descriptor;
1358 .msgh_remote_port = MACH_PORT_NULL,
1359 .msgh_local_port = special_reply_port,
1360 .msgh_size = sizeof(rcv_msg),
1364 /* wait on the reply from the parent (that we will never receive) */
1365 mr = mach_msg(&(rcv_msg.header),
1366 (MACH_RCV_MSG | MACH_RCV_SYNC_WAIT),
1368 rcv_msg.header.msgh_size,
1370 MACH_MSG_TIMEOUT_NONE,
1373 /* not expected to execute as parent will SIGKILL client... */
1374 T_LOG("client process exiting after sending message to parent (server)");
1377 enum srp_test_type {
1378 SRP_TEST_THREAD, /* expect waiter on current thread */
1379 SRP_TEST_PID, /* expect waiter on current PID */
1380 SRP_TEST_EITHER, /* waiter could be on either */
1384 check_srp_test(const char *name, enum srp_test_type ty)
1386 struct scenario scenario = {
1389 .flags = (STACKSHOT_THREAD_WAITINFO | STACKSHOT_KCDATA_FORMAT),
1391 uint64_t thread_id = 0;
1392 pthread_threadid_np(NULL, &thread_id);
1393 if (ty == SRP_TEST_THREAD) {
1394 take_stackshot(&scenario, false, ^(void *ssbuf, size_t sslen) {
1395 parse_stackshot(PARSE_STACKSHOT_WAITINFO_SRP, ssbuf, sslen,
1396 @{srp_expected_threadid_key: @(thread_id)});
1398 } else if (ty == SRP_TEST_PID) {
1399 take_stackshot(&scenario, false, ^(void *ssbuf, size_t sslen) {
1400 parse_stackshot(PARSE_STACKSHOT_WAITINFO_SRP, ssbuf, sslen,
1401 @{srp_expected_pid_key: @(getpid())});
1404 take_stackshot(&scenario, false, ^(void *ssbuf, size_t sslen) {
1405 parse_stackshot(PARSE_STACKSHOT_WAITINFO_SRP, ssbuf, sslen,
1406 @{srp_expected_pid_key: @(getpid()), srp_expected_threadid_key: @(thread_id)});
1414 * Tests the stackshot wait info plumbing for synchronous IPC that doesn't use kevent on the server.
1416 * (part 1): tests the scenario where a client sends a request that includes a special reply port
1417 * to a server that doesn't receive the message and doesn't copy the send-once right
1418 * into its address space as a result. for this case the special reply port is enqueued
1419 * in a port and we check which task has that receive right and use that info. (rdar://60440338)
1420 * (part 2): tests the scenario where a client sends a request that includes a special reply port
1421 * to a server that receives the message and copies in the send-once right, but doesn't
1422 * reply to the client. for this case the special reply port is copied out and the kernel
1423 * stashes the info about which task copied out the send once right. (rdar://60440592)
1424 * (part 3): tests the same as part 2, but uses kevents, which allow for
1425 * priority inheritance
1427 T_DECL(special_reply_port, "test that tasks using special reply ports have correct waitinfo")
1429 dispatch_semaphore_t can_continue = dispatch_semaphore_create(0);
1430 dispatch_queue_t dq = dispatch_queue_create("signalqueue", NULL);
1431 dispatch_queue_t machdq = dispatch_queue_create("machqueue", NULL);
1432 dispatch_source_t sig_src;
1433 char path[PATH_MAX];
1434 uint32_t path_size = sizeof(path);
1435 T_ASSERT_POSIX_ZERO(_NSGetExecutablePath(path, &path_size), "_NSGetExecutablePath");
1436 char *client_args[] = { path, "-n", "srp_client", NULL };
1442 /* setup the signal handler in the parent (server) */
1443 T_LOG("setup sig handlers");
1444 signal(SIGUSR1, SIG_IGN);
1445 sig_src = dispatch_source_create(DISPATCH_SOURCE_TYPE_SIGNAL, SIGUSR1, 0, dq);
1447 dispatch_source_set_event_handler(sig_src, ^{
1448 dispatch_semaphore_signal(can_continue);
1450 dispatch_activate(sig_src);
1452 /* register with the mach service name so the client can lookup and send a message to the parent (server) */
1453 T_LOG("Server about to check in");
1454 kr = bootstrap_check_in(bootstrap_port, SRP_SERVICE_NAME, &port);
1455 T_ASSERT_MACH_SUCCESS(kr, "server bootstrap_check_in");
1457 T_LOG("Launching client");
1458 sp_ret = posix_spawn(&client_pid, client_args[0], NULL, NULL, client_args, NULL);
1459 T_QUIET; T_ASSERT_POSIX_ZERO(sp_ret, "spawned process '%s' with PID %d", client_args[0], client_pid);
1460 T_LOG("Spawned client as PID %d", client_pid);
1462 dispatch_semaphore_wait(can_continue, DISPATCH_TIME_FOREVER);
1463 T_LOG("Ready to take stackshot, but waiting 1s for the coast to clear");
1466 * can_continue indicates the client has signaled us, but we want to make
1467 * sure they've actually blocked sending their mach message. It's cheesy, but
1468 * sleep() works for this.
1473 * take the stackshot without calling receive to verify that the stackshot wait
1474 * info shows our (the server) thread for the scenario where the server has yet to
1475 * receive the message.
1477 T_LOG("Taking stackshot for part 1 coverage");
1478 check_srp_test("srp", SRP_TEST_THREAD);
1481 * receive the message from the client (which should copy the send once right into
1482 * our address space).
1485 mach_msg_header_t header;
1486 mach_msg_body_t body;
1487 mach_msg_port_descriptor_t port_descriptor;
1491 .msgh_remote_port = MACH_PORT_NULL,
1492 .msgh_local_port = port,
1493 .msgh_size = sizeof(rcv_msg),
1497 T_LOG("server: starting sync receive\n");
1499 mach_msg_return_t mr;
1500 mr = mach_msg(&(rcv_msg.header),
1501 (MACH_RCV_MSG | MACH_RCV_TIMEOUT),
1507 T_QUIET; T_ASSERT_MACH_SUCCESS(mr, "mach_msg() recieve of message from client");
1510 * take the stackshot to verify that the stackshot wait info shows our (the server) PID
1511 * for the scenario where the server has received the message and copied in the send-once right.
1513 T_LOG("Taking stackshot for part 2 coverage");
1514 check_srp_test("srp", SRP_TEST_PID);
1516 /* cleanup - kill the client */
1517 T_ASSERT_POSIX_SUCCESS(kill(client_pid, SIGKILL), "killing client");
1518 T_ASSERT_POSIX_SUCCESS(waitpid(client_pid, NULL, 0), "waiting for the client to exit");
1520 // do it again, but using kevents
1521 T_LOG("Launching client");
1522 sp_ret = posix_spawn(&client_pid, client_args[0], NULL, NULL, client_args, NULL);
1523 T_QUIET; T_ASSERT_POSIX_ZERO(sp_ret, "spawned process '%s' with PID %d", client_args[0], client_pid);
1524 T_LOG("Spawned client as PID %d", client_pid);
1526 dispatch_semaphore_wait(can_continue, DISPATCH_TIME_FOREVER);
1527 T_LOG("Ready to take stackshot, but waiting 1s for the coast to clear");
1530 * can_continue indicates the client has signaled us, but we want to make
1531 * sure they've actually blocked sending their mach message. It's cheesy, but
1532 * sleep() works for this.
1536 dispatch_mach_t dispatch_mach = dispatch_mach_create(SRP_SERVICE_NAME, machdq,
1537 ^(dispatch_mach_reason_t reason,
1538 dispatch_mach_msg_t message,
1539 mach_error_t error __unused) {
1541 case DISPATCH_MACH_MESSAGE_RECEIVED: {
1543 mach_msg_header_t *msg __unused = dispatch_mach_msg_get_msg(message, &size);
1544 T_LOG("server: recieved %ld byte message", size);
1545 check_srp_test("turnstile_port_thread", SRP_TEST_THREAD);
1546 T_LOG("server: letting client go");
1547 // drop the message on the ground, we'll kill the client later
1548 dispatch_semaphore_signal(can_continue);
1556 dispatch_mach_connect(dispatch_mach, port, MACH_PORT_NULL, NULL);
1558 dispatch_semaphore_wait(can_continue, DISPATCH_TIME_FOREVER);
1560 /* cleanup - kill the client */
1561 T_ASSERT_POSIX_SUCCESS(kill(client_pid, SIGKILL), "killing client");
1562 T_ASSERT_POSIX_SUCCESS(waitpid(client_pid, NULL, 0), "waiting for the client to exit");
1565 #pragma mark performance tests
1567 #define SHOULD_REUSE_SIZE_HINT 0x01
1568 #define SHOULD_USE_DELTA 0x02
1569 #define SHOULD_TARGET_SELF 0x04
1572 stackshot_perf(unsigned int options)
1574 struct scenario scenario = {
1575 .flags = (STACKSHOT_SAVE_LOADINFO | STACKSHOT_GET_GLOBAL_MEM_STATS
1576 | STACKSHOT_SAVE_IMP_DONATION_PIDS | STACKSHOT_KCDATA_FORMAT),
1579 dt_stat_t size = dt_stat_create("bytes", "size");
1580 dt_stat_time_t duration = dt_stat_time_create("duration");
1581 scenario.timer = duration;
1583 if (options & SHOULD_TARGET_SELF) {
1584 scenario.target_pid = getpid();
1587 while (!dt_stat_stable(duration) || !dt_stat_stable(size)) {
1588 __block uint64_t last_time = 0;
1589 __block uint32_t size_hint = 0;
1590 take_stackshot(&scenario, false, ^(void *ssbuf, size_t sslen) {
1591 dt_stat_add(size, (double)sslen);
1592 last_time = stackshot_timestamp(ssbuf, sslen);
1593 size_hint = (uint32_t)sslen;
1595 if (options & SHOULD_USE_DELTA) {
1596 scenario.since_timestamp = last_time;
1597 scenario.flags |= STACKSHOT_COLLECT_DELTA_SNAPSHOT;
1599 if (options & SHOULD_REUSE_SIZE_HINT) {
1600 scenario.size_hint = size_hint;
1604 dt_stat_finalize(duration);
1605 dt_stat_finalize(size);
1609 stackshot_flag_perf_noclobber(uint64_t flag, char *flagname)
1611 struct scenario scenario = {
1613 .flags = (flag | STACKSHOT_KCDATA_FORMAT),
1616 dt_stat_t duration = dt_stat_create("nanoseconds per thread", "%s_duration", flagname);
1617 dt_stat_t size = dt_stat_create("bytes per thread", "%s_size", flagname);
1618 T_LOG("Testing \"%s\" = 0x%" PRIx64, flagname, flag);
1620 while (!dt_stat_stable(duration) || !dt_stat_stable(size)) {
1621 take_stackshot(&scenario, false, ^(void *ssbuf, size_t sslen) {
1622 kcdata_iter_t iter = kcdata_iter(ssbuf, sslen);
1623 unsigned long no_threads = 0;
1624 mach_timebase_info_data_t timebase = {0, 0};
1625 uint64_t stackshot_duration = 0;
1627 T_QUIET; T_ASSERT_EQ(kcdata_iter_type(iter), KCDATA_BUFFER_BEGIN_STACKSHOT, "stackshot buffer");
1629 KCDATA_ITER_FOREACH(iter) {
1630 switch(kcdata_iter_type(iter)) {
1631 case STACKSHOT_KCTYPE_THREAD_SNAPSHOT: {
1636 case STACKSHOT_KCTYPE_STACKSHOT_DURATION: {
1637 struct stackshot_duration *ssd = kcdata_iter_payload(iter);
1638 stackshot_duration = ssd->stackshot_duration;
1642 case KCDATA_TYPE_TIMEBASE: {
1644 mach_timebase_info_data_t *tb = kcdata_iter_payload(iter);
1645 memcpy(&timebase, tb, sizeof(timebase));
1651 T_QUIET; T_ASSERT_EQ(found, 0x7, "found everything needed");
1653 uint64_t ns = (stackshot_duration * timebase.numer) / timebase.denom;
1654 uint64_t per_thread_ns = ns / no_threads;
1655 uint64_t per_thread_size = sslen / no_threads;
1657 dt_stat_add(duration, per_thread_ns);
1658 dt_stat_add(size, per_thread_size);
1662 dt_stat_finalize(duration);
1663 dt_stat_finalize(size);
1667 stackshot_flag_perf(uint64_t flag, char *flagname)
1670 * STACKSHOT_NO_IO_STATS disables data collection, so set it for
1671 * more accurate perfdata collection.
1673 flag |= STACKSHOT_NO_IO_STATS;
1675 stackshot_flag_perf_noclobber(flag, flagname);
1679 T_DECL(flag_perf, "test stackshot performance with different flags set", T_META_TAG_PERF)
1681 stackshot_flag_perf_noclobber(STACKSHOT_NO_IO_STATS, "baseline");
1682 stackshot_flag_perf_noclobber(0, "io_stats");
1684 stackshot_flag_perf(STACKSHOT_THREAD_WAITINFO, "thread_waitinfo");
1685 stackshot_flag_perf(STACKSHOT_GET_DQ, "get_dq");
1686 stackshot_flag_perf(STACKSHOT_SAVE_LOADINFO, "save_loadinfo");
1687 stackshot_flag_perf(STACKSHOT_GET_GLOBAL_MEM_STATS, "get_global_mem_stats");
1688 stackshot_flag_perf(STACKSHOT_SAVE_KEXT_LOADINFO, "save_kext_loadinfo");
1689 stackshot_flag_perf(STACKSHOT_SAVE_IMP_DONATION_PIDS, "save_imp_donation_pids");
1690 stackshot_flag_perf(STACKSHOT_ENABLE_BT_FAULTING, "enable_bt_faulting");
1691 stackshot_flag_perf(STACKSHOT_COLLECT_SHAREDCACHE_LAYOUT, "collect_sharedcache_layout");
1692 stackshot_flag_perf(STACKSHOT_ENABLE_UUID_FAULTING, "enable_uuid_faulting");
1693 stackshot_flag_perf(STACKSHOT_THREAD_GROUP, "thread_group");
1694 stackshot_flag_perf(STACKSHOT_SAVE_JETSAM_COALITIONS, "save_jetsam_coalitions");
1695 stackshot_flag_perf(STACKSHOT_INSTRS_CYCLES, "instrs_cycles");
1696 stackshot_flag_perf(STACKSHOT_ASID, "asid");
1699 T_DECL(perf_no_size_hint, "test stackshot performance with no size hint",
1705 T_DECL(perf_size_hint, "test stackshot performance with size hint",
1708 stackshot_perf(SHOULD_REUSE_SIZE_HINT);
1711 T_DECL(perf_process, "test stackshot performance targeted at process",
1714 stackshot_perf(SHOULD_REUSE_SIZE_HINT | SHOULD_TARGET_SELF);
1717 T_DECL(perf_delta, "test delta stackshot performance",
1720 stackshot_perf(SHOULD_REUSE_SIZE_HINT | SHOULD_USE_DELTA);
1723 T_DECL(perf_delta_process, "test delta stackshot performance targeted at a process",
1726 stackshot_perf(SHOULD_REUSE_SIZE_HINT | SHOULD_USE_DELTA | SHOULD_TARGET_SELF);
1730 stackshot_timestamp(void *ssbuf, size_t sslen)
1732 kcdata_iter_t iter = kcdata_iter(ssbuf, sslen);
1734 uint32_t type = kcdata_iter_type(iter);
1735 if (type != KCDATA_BUFFER_BEGIN_STACKSHOT && type != KCDATA_BUFFER_BEGIN_DELTA_STACKSHOT) {
1736 T_ASSERT_FAIL("invalid kcdata type %u", kcdata_iter_type(iter));
1739 iter = kcdata_iter_find_type(iter, KCDATA_TYPE_MACH_ABSOLUTE_TIME);
1741 T_ASSERT_TRUE(kcdata_iter_valid(iter), "timestamp found in stackshot");
1743 return *(uint64_t *)kcdata_iter_payload(iter);
1746 #define TEST_THREAD_NAME "stackshot_test_thread"
1749 parse_thread_group_stackshot(void **ssbuf, size_t sslen)
1751 bool seen_thread_group_snapshot = false;
1752 kcdata_iter_t iter = kcdata_iter(ssbuf, sslen);
1753 T_ASSERT_EQ(kcdata_iter_type(iter), KCDATA_BUFFER_BEGIN_STACKSHOT,
1754 "buffer provided is a stackshot");
1756 NSMutableSet *thread_groups = [[NSMutableSet alloc] init];
1758 iter = kcdata_iter_next(iter);
1759 KCDATA_ITER_FOREACH(iter) {
1760 switch (kcdata_iter_type(iter)) {
1761 case KCDATA_TYPE_ARRAY: {
1763 T_ASSERT_TRUE(kcdata_iter_array_valid(iter),
1764 "checked that array is valid");
1766 if (kcdata_iter_array_elem_type(iter) != STACKSHOT_KCTYPE_THREAD_GROUP_SNAPSHOT) {
1770 seen_thread_group_snapshot = true;
1772 if (kcdata_iter_array_elem_size(iter) >= sizeof(struct thread_group_snapshot_v2)) {
1773 struct thread_group_snapshot_v2 *tgs_array = kcdata_iter_payload(iter);
1774 for (uint32_t j = 0; j < kcdata_iter_array_elem_count(iter); j++) {
1775 struct thread_group_snapshot_v2 *tgs = tgs_array + j;
1776 [thread_groups addObject:@(tgs->tgs_id)];
1781 struct thread_group_snapshot *tgs_array = kcdata_iter_payload(iter);
1782 for (uint32_t j = 0; j < kcdata_iter_array_elem_count(iter); j++) {
1783 struct thread_group_snapshot *tgs = tgs_array + j;
1784 [thread_groups addObject:@(tgs->tgs_id)];
1791 KCDATA_ITER_FOREACH(iter) {
1792 NSError *error = nil;
1794 switch (kcdata_iter_type(iter)) {
1796 case KCDATA_TYPE_CONTAINER_BEGIN: {
1798 T_ASSERT_TRUE(kcdata_iter_container_valid(iter),
1799 "checked that container is valid");
1801 if (kcdata_iter_container_type(iter) != STACKSHOT_KCCONTAINER_THREAD) {
1805 NSDictionary *container = parseKCDataContainer(&iter, &error);
1806 T_QUIET; T_ASSERT_NOTNULL(container, "parsed container from stackshot");
1807 T_QUIET; T_ASSERT_NULL(error, "error unset after parsing container");
1809 int tg = [container[@"thread_snapshots"][@"thread_group"] intValue];
1811 T_ASSERT_TRUE([thread_groups containsObject:@(tg)], "check that the thread group the thread is in exists");
1818 T_ASSERT_TRUE(seen_thread_group_snapshot, "check that we have seen a thread group snapshot");
1822 verify_stackshot_sharedcache_layout(struct dyld_uuid_info_64 *uuids, uint32_t uuid_count)
1824 uuid_t cur_shared_cache_uuid;
1825 __block uint32_t lib_index = 0, libs_found = 0;
1827 _dyld_get_shared_cache_uuid(cur_shared_cache_uuid);
1828 int result = dyld_shared_cache_iterate_text(cur_shared_cache_uuid, ^(const dyld_shared_cache_dylib_text_info* info) {
1829 T_QUIET; T_ASSERT_LT(lib_index, uuid_count, "dyld_shared_cache_iterate_text exceeded number of libraries returned by kernel");
1832 struct dyld_uuid_info_64 *cur_stackshot_uuid_entry = &uuids[lib_index];
1833 T_QUIET; T_ASSERT_EQ(memcmp(info->dylibUuid, cur_stackshot_uuid_entry->imageUUID, sizeof(info->dylibUuid)), 0,
1834 "dyld returned UUID doesn't match kernel returned UUID");
1835 T_QUIET; T_ASSERT_EQ(info->loadAddressUnslid, cur_stackshot_uuid_entry->imageLoadAddress,
1836 "dyld returned load address doesn't match kernel returned load address");
1840 T_ASSERT_EQ(result, 0, "iterate shared cache layout");
1841 T_ASSERT_EQ(libs_found, uuid_count, "dyld iterator returned same number of libraries as kernel");
1843 T_LOG("verified %d libraries from dyld shared cache", libs_found);
1847 check_shared_cache_uuid(uuid_t imageUUID)
1849 static uuid_t shared_cache_uuid;
1850 static dispatch_once_t read_shared_cache_uuid;
1852 dispatch_once(&read_shared_cache_uuid, ^{
1854 T_ASSERT_TRUE(_dyld_get_shared_cache_uuid(shared_cache_uuid), "retrieve current shared cache UUID");
1856 T_QUIET; T_ASSERT_EQ(uuid_compare(shared_cache_uuid, imageUUID), 0,
1857 "dyld returned UUID doesn't match kernel returned UUID for system shared cache");
1861 * extra dictionary contains data relevant for the given flags:
1862 * PARSE_STACKSHOT_ZOMBIE: zombie_child_pid_key -> @(pid)
1863 * PARSE_STACKSHOT_POSTEXEC: postexec_child_unique_pid_key -> @(unique_pid)
1866 parse_stackshot(uint64_t stackshot_parsing_flags, void *ssbuf, size_t sslen, NSDictionary *extra)
1868 bool delta = (stackshot_parsing_flags & PARSE_STACKSHOT_DELTA);
1869 bool expect_sharedcache_child = (stackshot_parsing_flags & PARSE_STACKSHOT_SHAREDCACHE_FLAGS);
1870 bool expect_zombie_child = (stackshot_parsing_flags & PARSE_STACKSHOT_ZOMBIE);
1871 bool expect_postexec_child = (stackshot_parsing_flags & PARSE_STACKSHOT_POSTEXEC);
1872 bool expect_cseg_waitinfo = (stackshot_parsing_flags & PARSE_STACKSHOT_WAITINFO_CSEG);
1873 bool expect_translated_child = (stackshot_parsing_flags & PARSE_STACKSHOT_TRANSLATED);
1874 bool expect_shared_cache_layout = false;
1875 bool expect_shared_cache_uuid = !delta;
1876 bool expect_dispatch_queue_label = (stackshot_parsing_flags & PARSE_STACKSHOT_DISPATCH_QUEUE_LABEL);
1877 bool expect_turnstile_lock = (stackshot_parsing_flags & PARSE_STACKSHOT_TURNSTILEINFO);
1878 bool expect_srp_waitinfo = (stackshot_parsing_flags & PARSE_STACKSHOT_WAITINFO_SRP);
1879 bool found_zombie_child = false, found_postexec_child = false, found_shared_cache_layout = false, found_shared_cache_uuid = false;
1880 bool found_translated_child = false;
1881 bool found_dispatch_queue_label = false, found_turnstile_lock = false;
1882 bool found_cseg_waitinfo = false, found_srp_waitinfo = false;
1883 bool found_sharedcache_child = false, found_sharedcache_badflags = false, found_sharedcache_self = false;
1884 uint64_t srp_expected_threadid = 0;
1885 pid_t zombie_child_pid = -1, srp_expected_pid = -1, sharedcache_child_pid = -1;
1886 pid_t translated_child_pid = -1;
1887 bool sharedcache_child_sameaddr = false;
1888 uint64_t postexec_child_unique_pid = 0, cseg_expected_threadid = 0;
1889 uint64_t sharedcache_child_flags = 0, sharedcache_self_flags = 0;
1890 char *inflatedBufferBase = NULL;
1892 if (expect_shared_cache_uuid) {
1893 uuid_t shared_cache_uuid;
1894 if (!_dyld_get_shared_cache_uuid(shared_cache_uuid)) {
1895 T_LOG("Skipping verifying shared cache UUID in stackshot data because not running with a shared cache");
1896 expect_shared_cache_uuid = false;
1900 if (stackshot_parsing_flags & PARSE_STACKSHOT_SHAREDCACHE_LAYOUT) {
1901 size_t shared_cache_length = 0;
1902 const void *cache_header = _dyld_get_shared_cache_range(&shared_cache_length);
1903 T_QUIET; T_ASSERT_NOTNULL(cache_header, "current process running with shared cache");
1904 T_QUIET; T_ASSERT_GT(shared_cache_length, sizeof(struct _dyld_cache_header), "valid shared cache length populated by _dyld_get_shared_cache_range");
1906 if (_dyld_shared_cache_is_locally_built()) {
1907 T_LOG("device running with locally built shared cache, expect shared cache layout");
1908 expect_shared_cache_layout = true;
1910 T_LOG("device running with B&I built shared-cache, no shared cache layout expected");
1914 if (expect_sharedcache_child) {
1915 NSNumber* pid_num = extra[sharedcache_child_pid_key];
1916 NSNumber* sameaddr_num = extra[sharedcache_child_sameaddr_key];
1917 T_QUIET; T_ASSERT_NOTNULL(pid_num, "sharedcache child pid provided");
1918 T_QUIET; T_ASSERT_NOTNULL(sameaddr_num, "sharedcache child addrsame provided");
1919 sharedcache_child_pid = [pid_num intValue];
1920 T_QUIET; T_ASSERT_GT(sharedcache_child_pid, 0, "sharedcache child pid greater than zero");
1921 sharedcache_child_sameaddr = [sameaddr_num intValue];
1922 T_QUIET; T_ASSERT_GE([sameaddr_num intValue], 0, "sharedcache child sameaddr is boolean (0 or 1)");
1923 T_QUIET; T_ASSERT_LE([sameaddr_num intValue], 1, "sharedcache child sameaddr is boolean (0 or 1)");
1925 if (expect_zombie_child) {
1926 NSNumber* pid_num = extra[zombie_child_pid_key];
1927 T_QUIET; T_ASSERT_NOTNULL(pid_num, "zombie child pid provided");
1928 zombie_child_pid = [pid_num intValue];
1929 T_QUIET; T_ASSERT_GT(zombie_child_pid, 0, "zombie child pid greater than zero");
1932 if (expect_postexec_child) {
1933 NSNumber* unique_pid_num = extra[postexec_child_unique_pid_key];
1934 T_QUIET; T_ASSERT_NOTNULL(unique_pid_num, "postexec child unique pid provided");
1935 postexec_child_unique_pid = [unique_pid_num unsignedLongLongValue];
1936 T_QUIET; T_ASSERT_GT(postexec_child_unique_pid, 0ull, "postexec child unique pid greater than zero");
1939 if (expect_cseg_waitinfo) {
1940 NSNumber* tid_num = extra[cseg_expected_threadid_key];
1941 T_QUIET; T_ASSERT_NOTNULL(tid_num, "cseg's expected thread id provided");
1942 cseg_expected_threadid = tid_num.unsignedLongValue;
1943 T_QUIET; T_ASSERT_GT(cseg_expected_threadid, UINT64_C(0), "compressor segment thread is present");
1946 if (expect_srp_waitinfo) {
1947 NSNumber* threadid_num = extra[srp_expected_threadid_key];
1948 NSNumber* pid_num = extra[srp_expected_pid_key];
1949 T_QUIET; T_ASSERT_TRUE(threadid_num != nil || pid_num != nil, "expected SRP threadid or pid");
1950 if (threadid_num != nil) {
1951 srp_expected_threadid = [threadid_num unsignedLongLongValue];
1952 T_QUIET; T_ASSERT_GT(srp_expected_threadid, 0ull, "srp_expected_threadid greater than zero");
1954 if (pid_num != nil) {
1955 srp_expected_pid = [pid_num intValue];
1956 T_QUIET; T_ASSERT_GT(srp_expected_pid, 0, "srp_expected_pid greater than zero");
1958 T_LOG("looking for SRP pid: %d threadid: %llu", srp_expected_pid, srp_expected_threadid);
1961 if (expect_translated_child) {
1962 NSNumber* pid_num = extra[translated_child_pid_key];
1963 T_QUIET; T_ASSERT_NOTNULL(pid_num, "translated child pid provided");
1964 translated_child_pid = [pid_num intValue];
1965 T_QUIET; T_ASSERT_GT(translated_child_pid, 0, "translated child pid greater than zero");
1968 kcdata_iter_t iter = kcdata_iter(ssbuf, sslen);
1970 T_ASSERT_EQ(kcdata_iter_type(iter), KCDATA_BUFFER_BEGIN_DELTA_STACKSHOT,
1971 "buffer provided is a delta stackshot");
1973 iter = kcdata_iter_next(iter);
1975 if (kcdata_iter_type(iter) != KCDATA_BUFFER_BEGIN_COMPRESSED) {
1976 T_ASSERT_EQ(kcdata_iter_type(iter), KCDATA_BUFFER_BEGIN_STACKSHOT,
1977 "buffer provided is a stackshot");
1979 iter = kcdata_iter_next(iter);
1981 /* we are dealing with a compressed buffer */
1982 iter = kcdata_iter_next(iter);
1983 uint64_t compression_type = 0, totalout = 0, totalin = 0;
1987 for (int i = 0; i < 3; i ++) {
1988 kcdata_iter_get_data_with_desc(iter, &desc, (void **)&data, NULL);
1989 if (strcmp(desc, "kcd_c_type") == 0) {
1990 compression_type = *data;
1991 } else if (strcmp(desc, "kcd_c_totalout") == 0){
1993 } else if (strcmp(desc, "kcd_c_totalin") == 0){
1997 iter = kcdata_iter_next(iter);
2000 T_ASSERT_EQ(compression_type, UINT64_C(1), "zlib compression is used");
2001 T_ASSERT_GT(totalout, UINT64_C(0), "successfully gathered how long the compressed buffer is");
2002 T_ASSERT_GT(totalin, UINT64_C(0), "successfully gathered how long the uncompressed buffer will be at least");
2004 /* progress to the next kcdata item */
2005 T_ASSERT_EQ(kcdata_iter_type(iter), KCDATA_BUFFER_BEGIN_STACKSHOT, "compressed stackshot found");
2007 char *bufferBase = kcdata_iter_payload(iter);
2010 * zlib is used, allocate a buffer based on the metadata, plus
2011 * extra scratch space (+12.5%) in case totalin was inconsistent
2013 size_t inflatedBufferSize = totalin + (totalin >> 3);
2014 inflatedBufferBase = malloc(inflatedBufferSize);
2015 T_QUIET; T_WITH_ERRNO; T_ASSERT_NOTNULL(inflatedBufferBase, "allocated temporary output buffer");
2018 memset(&zs, 0, sizeof(zs));
2019 T_QUIET; T_ASSERT_EQ(inflateInit(&zs), Z_OK, "inflateInit OK");
2020 zs.next_in = (unsigned char *)bufferBase;
2021 T_QUIET; T_ASSERT_LE(totalout, (uint64_t)UINT_MAX, "stackshot is not too large");
2022 zs.avail_in = (uInt)totalout;
2023 zs.next_out = (unsigned char *)inflatedBufferBase;
2024 T_QUIET; T_ASSERT_LE(inflatedBufferSize, (size_t)UINT_MAX, "output region is not too large");
2025 zs.avail_out = (uInt)inflatedBufferSize;
2026 T_ASSERT_EQ(inflate(&zs, Z_FINISH), Z_STREAM_END, "inflated buffer");
2029 T_ASSERT_EQ((uint64_t)zs.total_out, totalin, "expected number of bytes inflated");
2031 /* copy the data after the compressed area */
2032 T_QUIET; T_ASSERT_GE((void *)bufferBase, ssbuf,
2033 "base of compressed stackshot is after the returned stackshot buffer");
2034 size_t header_size = (size_t)(bufferBase - (char *)ssbuf);
2035 size_t data_after_compressed_size = sslen - totalout - header_size;
2036 T_QUIET; T_ASSERT_LE(data_after_compressed_size,
2037 inflatedBufferSize - zs.total_out,
2038 "footer fits in the buffer");
2039 memcpy(inflatedBufferBase + zs.total_out,
2040 bufferBase + totalout,
2041 data_after_compressed_size);
2043 iter = kcdata_iter(inflatedBufferBase, inflatedBufferSize);
2047 KCDATA_ITER_FOREACH(iter) {
2048 NSError *error = nil;
2050 switch (kcdata_iter_type(iter)) {
2051 case KCDATA_TYPE_ARRAY: {
2053 T_ASSERT_TRUE(kcdata_iter_array_valid(iter),
2054 "checked that array is valid");
2056 NSMutableDictionary *array = parseKCDataArray(iter, &error);
2057 T_QUIET; T_ASSERT_NOTNULL(array, "parsed array from stackshot");
2058 T_QUIET; T_ASSERT_NULL(error, "error unset after parsing array");
2060 if (kcdata_iter_array_elem_type(iter) == STACKSHOT_KCTYPE_SYS_SHAREDCACHE_LAYOUT) {
2061 struct dyld_uuid_info_64 *shared_cache_uuids = kcdata_iter_payload(iter);
2062 uint32_t uuid_count = kcdata_iter_array_elem_count(iter);
2063 T_ASSERT_NOTNULL(shared_cache_uuids, "parsed shared cache layout array");
2064 T_ASSERT_GT(uuid_count, 0, "returned valid number of UUIDs from shared cache");
2065 verify_stackshot_sharedcache_layout(shared_cache_uuids, uuid_count);
2066 found_shared_cache_layout = true;
2072 case KCDATA_TYPE_CONTAINER_BEGIN: {
2074 T_ASSERT_TRUE(kcdata_iter_container_valid(iter),
2075 "checked that container is valid");
2077 if (kcdata_iter_container_type(iter) != STACKSHOT_KCCONTAINER_TASK) {
2081 NSDictionary *container = parseKCDataContainer(&iter, &error);
2082 T_QUIET; T_ASSERT_NOTNULL(container, "parsed container from stackshot");
2083 T_QUIET; T_ASSERT_NULL(error, "error unset after parsing container");
2085 NSDictionary* task_snapshot = container[@"task_snapshots"][@"task_snapshot"];
2086 NSDictionary* task_delta_snapshot = container[@"task_snapshots"][@"task_delta_snapshot"];
2088 T_QUIET; T_ASSERT_TRUE(!!task_snapshot != !!task_delta_snapshot, "Either task_snapshot xor task_delta_snapshot provided");
2090 if (expect_dispatch_queue_label && !found_dispatch_queue_label) {
2091 for (id thread_key in container[@"task_snapshots"][@"thread_snapshots"]) {
2092 NSMutableDictionary *thread = container[@"task_snapshots"][@"thread_snapshots"][thread_key];
2093 NSString *dql = thread[@"dispatch_queue_label"];
2095 if ([dql isEqualToString:@TEST_STACKSHOT_QUEUE_LABEL]) {
2096 found_dispatch_queue_label = true;
2102 if (expect_postexec_child && !found_postexec_child) {
2103 if (task_snapshot) {
2104 uint64_t unique_pid = [task_snapshot[@"ts_unique_pid"] unsignedLongLongValue];
2105 if (unique_pid == postexec_child_unique_pid) {
2106 found_postexec_child = true;
2108 T_PASS("post-exec child %llu has a task snapshot", postexec_child_unique_pid);
2114 if (task_delta_snapshot) {
2115 uint64_t unique_pid = [task_delta_snapshot[@"tds_unique_pid"] unsignedLongLongValue];
2116 if (unique_pid == postexec_child_unique_pid) {
2117 found_postexec_child = true;
2119 T_FAIL("post-exec child %llu shouldn't have a delta task snapshot", postexec_child_unique_pid);
2126 if (!task_snapshot) {
2130 int pid = [task_snapshot[@"ts_pid"] intValue];
2132 if (pid && expect_shared_cache_uuid && !found_shared_cache_uuid) {
2133 id ptr = container[@"task_snapshots"][@"shared_cache_dyld_load_info"];
2135 id uuid = ptr[@"imageUUID"];
2138 for (unsigned int i = 0; i < 16; i ++) {
2139 NSNumber *uuidByte = uuid[i];
2140 uuid_p[i] = (uint8_t)uuidByte.charValue;
2143 check_shared_cache_uuid(uuid_p);
2145 uint64_t baseAddress = (uint64_t)((NSNumber *)ptr[@"imageSlidBaseAddress"]).longLongValue;
2146 uint64_t firstMapping = (uint64_t)((NSNumber *)ptr[@"sharedCacheSlidFirstMapping"]).longLongValue;
2148 T_ASSERT_LE(baseAddress, firstMapping,
2149 "in per-task shared_cache_dyld_load_info, "
2150 "baseAddress <= firstMapping");
2151 T_ASSERT_GE(baseAddress + (1ull << 29), firstMapping,
2152 "in per-task shared_cache_dyld_load_info, "
2153 "baseAddress + 512meg >= firstMapping");
2155 size_t shared_cache_len;
2156 const void *addr = _dyld_get_shared_cache_range(&shared_cache_len);
2157 T_ASSERT_EQ((uint64_t)addr, firstMapping,
2158 "SlidFirstMapping should match shared_cache_range");
2161 * check_shared_cache_uuid() will assert on failure, so if
2162 * we get here, then we have found the shared cache UUID
2165 found_shared_cache_uuid = true;
2168 if (expect_sharedcache_child) {
2169 uint64_t task_flags = [task_snapshot[@"ts_ss_flags"] unsignedLongLongValue];
2170 uint64_t sharedregion_flags = (task_flags & (kTaskSharedRegionNone | kTaskSharedRegionSystem | kTaskSharedRegionOther));
2171 id sharedregion_info = container[@"task_snapshots"][@"shared_cache_dyld_load_info"];
2172 if (!found_sharedcache_badflags) {
2173 T_QUIET; T_ASSERT_NE(sharedregion_flags, 0ll, "one of the kTaskSharedRegion flags should be set on all tasks");
2174 bool multiple = (sharedregion_flags & (sharedregion_flags - 1)) != 0;
2175 T_QUIET; T_ASSERT_FALSE(multiple, "only one kTaskSharedRegion flag should be set on each task");
2176 found_sharedcache_badflags = (sharedregion_flags == 0 || multiple);
2179 T_ASSERT_EQ(sharedregion_flags, (uint64_t)kTaskSharedRegionNone, "Kernel proc (pid 0) should have no shared region");
2180 } else if (pid == sharedcache_child_pid) {
2181 found_sharedcache_child = true;
2182 sharedcache_child_flags = sharedregion_flags;
2183 } else if (pid == getpid()) {
2184 found_sharedcache_self = true;
2185 sharedcache_self_flags = sharedregion_flags;
2187 if (sharedregion_flags == kTaskSharedRegionOther && !(task_flags & kTaskSharedRegionInfoUnavailable)) {
2188 T_QUIET; T_ASSERT_NOTNULL(sharedregion_info, "kTaskSharedRegionOther should have a shared_cache_dyld_load_info struct");
2190 T_QUIET; T_ASSERT_NULL(sharedregion_info, "expect no shared_cache_dyld_load_info struct");
2193 if (expect_zombie_child && (pid == zombie_child_pid)) {
2194 found_zombie_child = true;
2196 uint64_t task_flags = [task_snapshot[@"ts_ss_flags"] unsignedLongLongValue];
2197 T_ASSERT_TRUE((task_flags & kTerminatedSnapshot) == kTerminatedSnapshot, "child zombie marked as terminated");
2202 if (expect_translated_child && (pid == translated_child_pid)) {
2203 found_translated_child = true;
2205 uint64_t task_flags = [task_snapshot[@"ts_ss_flags"] unsignedLongLongValue];
2206 T_EXPECT_BITS_SET(task_flags, kTaskIsTranslated, "child marked as translated");
2211 if (expect_cseg_waitinfo) {
2212 NSArray *winfos = container[@"task_snapshots"][@"thread_waitinfo"];
2214 for (id i in winfos) {
2215 NSNumber *waitType = i[@"wait_type"];
2216 NSNumber *owner = i[@"owner"];
2217 if (waitType.intValue == kThreadWaitCompressor &&
2218 owner.unsignedLongValue == cseg_expected_threadid) {
2219 found_cseg_waitinfo = true;
2225 if (expect_srp_waitinfo) {
2226 NSArray *tinfos = container[@"task_snapshots"][@"thread_turnstileinfo"];
2227 NSArray *winfos = container[@"task_snapshots"][@"thread_waitinfo"];
2228 for (id i in tinfos) {
2229 if (!found_srp_waitinfo) {
2230 bool found_thread = false;
2231 bool found_pid = false;
2232 if (([i[@"turnstile_flags"] intValue] & STACKSHOT_TURNSTILE_STATUS_THREAD) &&
2233 [i[@"turnstile_context"] unsignedLongLongValue] == srp_expected_threadid &&
2234 srp_expected_threadid != 0) {
2235 found_thread = true;
2237 if (([i[@"turnstile_flags"] intValue] & STACKSHOT_TURNSTILE_STATUS_BLOCKED_ON_TASK) &&
2238 [i[@"turnstile_context"] intValue] == srp_expected_pid &&
2239 srp_expected_pid != -1) {
2242 if (found_pid || found_thread) {
2243 T_LOG("found SRP %s %lld waiter: %d", (found_thread ? "thread" : "pid"),
2244 [i[@"turnstile_context"] unsignedLongLongValue], [i[@"waiter"] intValue]);
2245 /* we found something that is blocking the correct threadid */
2246 for (id j in winfos) {
2247 if ([j[@"waiter"] intValue] == [i[@"waiter"] intValue] &&
2248 [j[@"wait_type"] intValue] == kThreadWaitPortReceive) {
2249 found_srp_waitinfo = true;
2254 if (found_srp_waitinfo) {
2262 if (pid != getpid()) {
2266 T_EXPECT_EQ_STR(current_process_name(),
2267 [task_snapshot[@"ts_p_comm"] UTF8String],
2268 "current process name matches in stackshot");
2270 uint64_t task_flags = [task_snapshot[@"ts_ss_flags"] unsignedLongLongValue];
2271 T_ASSERT_BITS_NOTSET(task_flags, kTerminatedSnapshot, "current process not marked as terminated");
2272 T_ASSERT_BITS_NOTSET(task_flags, kTaskIsTranslated, "current process not marked as translated");
2275 T_EXPECT_LE(pid, [task_snapshot[@"ts_unique_pid"] intValue],
2276 "unique pid is greater than pid");
2278 NSDictionary* task_cpu_architecture = container[@"task_snapshots"][@"task_cpu_architecture"];
2279 T_QUIET; T_ASSERT_NOTNULL(task_cpu_architecture[@"cputype"], "have cputype");
2280 T_QUIET; T_ASSERT_NOTNULL(task_cpu_architecture[@"cpusubtype"], "have cputype");
2281 int cputype = [task_cpu_architecture[@"cputype"] intValue];
2282 int cpusubtype = [task_cpu_architecture[@"cpusubtype"] intValue];
2284 struct proc_archinfo archinfo;
2285 int retval = proc_pidinfo(pid, PROC_PIDARCHINFO, 0, &archinfo, sizeof(archinfo));
2286 T_QUIET; T_WITH_ERRNO; T_ASSERT_GT(retval, 0, "proc_pidinfo(PROC_PIDARCHINFO) returned a value > 0");
2287 T_QUIET; T_ASSERT_EQ(retval, (int)sizeof(struct proc_archinfo), "proc_pidinfo call for PROC_PIDARCHINFO returned expected size");
2288 T_QUIET; T_EXPECT_EQ(cputype, archinfo.p_cputype, "cpu type is correct");
2289 T_QUIET; T_EXPECT_EQ(cpusubtype, archinfo.p_cpusubtype, "cpu subtype is correct");
2291 bool found_main_thread = false;
2292 uint64_t main_thread_id = -1ULL;
2293 bool found_null_kernel_frame = false;
2294 for (id thread_key in container[@"task_snapshots"][@"thread_snapshots"]) {
2295 NSMutableDictionary *thread = container[@"task_snapshots"][@"thread_snapshots"][thread_key];
2296 NSDictionary *thread_snap = thread[@"thread_snapshot"];
2298 T_QUIET; T_EXPECT_GT([thread_snap[@"ths_thread_id"] intValue], 0,
2299 "thread ID of thread in current task is valid");
2300 T_QUIET; T_EXPECT_GT([thread_snap[@"ths_base_priority"] intValue], 0,
2301 "base priority of thread in current task is valid");
2302 T_QUIET; T_EXPECT_GT([thread_snap[@"ths_sched_priority"] intValue], 0,
2303 "scheduling priority of thread in current task is valid");
2305 NSString *pth_name = thread[@"pth_name"];
2306 if (pth_name != nil && [pth_name isEqualToString:@TEST_THREAD_NAME]) {
2307 found_main_thread = true;
2308 main_thread_id = [thread_snap[@"ths_thread_id"] unsignedLongLongValue];
2310 T_QUIET; T_EXPECT_GT([thread_snap[@"ths_total_syscalls"] intValue], 0,
2311 "total syscalls of current thread is valid");
2313 NSDictionary *cpu_times = thread[@"cpu_times"];
2314 T_EXPECT_GE([cpu_times[@"runnable_time"] intValue],
2315 [cpu_times[@"system_time"] intValue] +
2316 [cpu_times[@"user_time"] intValue],
2317 "runnable time of current thread is valid");
2319 if (!found_null_kernel_frame) {
2320 for (NSNumber *frame in thread[@"kernel_frames"]) {
2321 if (frame.unsignedLongValue == 0) {
2322 found_null_kernel_frame = true;
2328 T_EXPECT_TRUE(found_main_thread, "found main thread for current task in stackshot");
2329 T_EXPECT_FALSE(found_null_kernel_frame, "should not see any NULL kernel frames");
2331 if (expect_turnstile_lock && !found_turnstile_lock) {
2332 NSArray *tsinfos = container[@"task_snapshots"][@"thread_turnstileinfo"];
2334 for (id i in tsinfos) {
2335 if ([i[@"turnstile_context"] unsignedLongLongValue] == main_thread_id) {
2336 found_turnstile_lock = true;
2343 case STACKSHOT_KCTYPE_SHAREDCACHE_LOADINFO: {
2344 struct dyld_shared_cache_loadinfo *payload = kcdata_iter_payload(iter);
2345 T_ASSERT_EQ((size_t)kcdata_iter_size(iter), sizeof(*payload), "valid dyld_shared_cache_loadinfo struct");
2347 check_shared_cache_uuid(payload->sharedCacheUUID);
2349 T_ASSERT_LE(payload->sharedCacheUnreliableSlidBaseAddress,
2350 payload->sharedCacheSlidFirstMapping,
2351 "SlidBaseAddress <= SlidFirstMapping");
2352 T_ASSERT_GE(payload->sharedCacheUnreliableSlidBaseAddress + (1ull << 29),
2353 payload->sharedCacheSlidFirstMapping,
2354 "SlidFirstMapping should be within 512megs of SlidBaseAddress");
2356 size_t shared_cache_len;
2357 const void *addr = _dyld_get_shared_cache_range(&shared_cache_len);
2358 T_ASSERT_EQ((uint64_t)addr, payload->sharedCacheSlidFirstMapping,
2359 "SlidFirstMapping should match shared_cache_range");
2362 * check_shared_cache_uuid() asserts on failure, so we must have
2363 * found the shared cache UUID to be correct.
2365 found_shared_cache_uuid = true;
2371 if (expect_sharedcache_child) {
2372 T_QUIET; T_ASSERT_TRUE(found_sharedcache_child, "found sharedcache child in kcdata");
2373 T_QUIET; T_ASSERT_TRUE(found_sharedcache_self, "found self in kcdata");
2374 if (found_sharedcache_child && found_sharedcache_self) {
2375 T_QUIET; T_ASSERT_NE(sharedcache_child_flags, (uint64_t)kTaskSharedRegionNone, "sharedcache child should have shared region");
2376 T_QUIET; T_ASSERT_NE(sharedcache_self_flags, (uint64_t)kTaskSharedRegionNone, "sharedcache: self should have shared region");
2377 if (sharedcache_self_flags == kTaskSharedRegionSystem && !sharedcache_child_sameaddr) {
2378 /* If we're in the system shared region, and the child has a different address, child must have an Other shared region */
2379 T_ASSERT_EQ(sharedcache_child_flags, (uint64_t)kTaskSharedRegionOther,
2380 "sharedcache child should have Other shared region");
2384 if (expect_zombie_child) {
2385 T_QUIET; T_ASSERT_TRUE(found_zombie_child, "found zombie child in kcdata");
2388 if (expect_postexec_child) {
2389 T_QUIET; T_ASSERT_TRUE(found_postexec_child, "found post-exec child in kcdata");
2392 if (expect_translated_child) {
2393 T_QUIET; T_ASSERT_TRUE(found_translated_child, "found translated child in kcdata");
2396 if (expect_shared_cache_layout) {
2397 T_QUIET; T_ASSERT_TRUE(found_shared_cache_layout, "shared cache layout found in kcdata");
2400 if (expect_shared_cache_uuid) {
2401 T_QUIET; T_ASSERT_TRUE(found_shared_cache_uuid, "shared cache UUID found in kcdata");
2404 if (expect_dispatch_queue_label) {
2405 T_QUIET; T_ASSERT_TRUE(found_dispatch_queue_label, "dispatch queue label found in kcdata");
2408 if (expect_turnstile_lock) {
2409 T_QUIET; T_ASSERT_TRUE(found_turnstile_lock, "found expected deadlock");
2412 if (expect_cseg_waitinfo) {
2413 T_QUIET; T_ASSERT_TRUE(found_cseg_waitinfo, "found c_seg waitinfo");
2416 if (expect_srp_waitinfo) {
2417 T_QUIET; T_ASSERT_TRUE(found_srp_waitinfo, "found special reply port waitinfo");
2420 T_ASSERT_FALSE(KCDATA_ITER_FOREACH_FAILED(iter), "successfully iterated kcdata");
2422 free(inflatedBufferBase);
2426 current_process_name(void)
2428 static char name[64];
2431 int ret = proc_name(getpid(), name, sizeof(name));
2433 T_ASSERT_POSIX_SUCCESS(ret, "proc_name failed for current process");
2440 initialize_thread(void)
2442 int ret = pthread_setname_np(TEST_THREAD_NAME);
2444 T_ASSERT_POSIX_ZERO(ret, "set thread name to %s", TEST_THREAD_NAME);
projects / apple / xnu.git / blob