drgn 0.0.29

This is a small release fixing the call_function(), write_memory(), and write_object() helpers in drgn.helpers.experimental.kmodify for kernels with CONFIG_MODVERSIONS=y.

drgn 0.0.28

New features:

• The drgn.helpers.experimental.kmodify module was added. It provides helpers for modifying the running kernel, including calling arbitrary functions (call_function()) and writing to memory (write_memory(), write_object()).
• Virtual address translation and stack trace support for 32-bit Arm were added.
• The drgn.implicit_convert() function was added. It converts an object to a type using C's implicit conversion rules (i.e., the rules used when assigning to a variable without an explicit cast).
• The drgn.alignof() function was added. It returns the alignment requirement of a type.
• The drgn.helpers.linux.module module was added. It provides helpers for looking up and inspecting Linux kernel modules: address_to_module(), find_module(), for_each_module(), module_address_regions(), and module_percpu_region(). Contributed by Stephen Brennan.
• The drgn.helpers.linux.sched.task_thread_info() helper was added. It returns the struct thread_info * for a given struct task_struct *.
• The drgn.helpers.linux.fs.d_path() helper can now return an absolute path given only a dentry. Contributed by Stephen Brennan.
• drgn.Thread now has a name attribute. Contributed by Ryan Wilson.
• tools/fsrefs.py gained a new mode for finding what is using the filesystem on a given block device.
• Linux 6.11 and 6.12 are now supported.
  • tools/fsrefs.py was updated to handle changes to uprobes in Linux 6.12.
• Virtual address translation on AArch64 now supports Armv8.7 FEAT_LPA2 (52-bit virtual addresses with 4k or 16k pages, added in Linux 6.9).
• Absent objects with void type can now be printed instead of raising a TypeError.

Bug fixes:

• The drgn.cast() function was fixed to allow casting anything to a void type.
• The drgn.cast() function's handling of casting to bool was fixed to convert to 0 or 1 instead of truncating to 8 bits.
• The bool() operator was fixed to return False for array objects with address 0 (which is possible with weak symbols).
• The bool() operator was fixed to allow passing a function object instead of raising a TypeError.
• Functions that have both out-of-line and inline instances now have their address properly reported instead of being returned as absent objects.
• Virtual address translation support on s390x was fixed to handle the virtual/physical address split in Linux 6.10.
• Virtual address translation support on AArch64 was fixed to handle the fallback from 52- to 48- or 47-bit virtual addresses with 4k or 16k pages if the hardware doesn't support FEAT_LPA2.
• The drgn.helpers.common.memory.identify_address() helper was fixed to not fail on kernels using the SLOB allocator. Contributed by Stephen Brennan.
• The drgn.helpers.common.memory.identify_address() helper was fixed to properly identify vmap allocations on kernels not using vmap stacks.
• The type annotation for drgn.Object.from_bytes_() was fixed to accept buffer types other than bytes.
• A build script was fixed to work on POSIX (non-Bash) shells. Contributed by Sam James.

API changes:

• The struct, union, class, and enum keywords are now omitted when formatting a C++ type name.
• The bit_offset and bit_field_size parameters of drgn.Object.from_bytes_() were fixed to be keyword-only as intended. They were previously annotated as keyword-only but were accepted positionally at runtime.

Documentation:

• Gentoo installation instructions were added. Contributed by Sam James.
• Positional-only parameters are now documented (using the standard / syntax).
• Helpers that depend on virtual address translation support now document that dependency, including the ways it can fail.
• Stale documentation referring to complex types, which are not implemented, was removed.

contrib directory:

• contrib/bpf_inspect.py can now show maps and subprograms used by a BPF program. Contributed by Leon Hwang.
• contrib/bpf_inspect.py was fixed to work on Python < 3.12. Contributed by Stephen Brennan.
• contrib/slabinfo.py was added. It dumps slab allocator statistics similar to /proc/slabinfo. Contributed by Kuan-Ying Lee.
• contrib/vmallocinfo.py was added. It dumps vmalloc information similar to /proc/vmallocinfo. Contributed by Kuan-Ying Lee.
• contrib/btrfs_print_fs_uuids_cache.py was added. It prints Btrfs's internal list of filesystem UUIDs. Contributed by Srivathsa Dara.
• contrib/dm_crypt_key.py was updated to handle Linux < 6.7.

Internal:

• Some code was moved to a new, top-level Python package, _drgn_util.

drgn 0.0.27

This release adds a few helpers, more pluggability for finding types, objects, and symbols, lots of new or improved scripts in contrib, and other improvements and bug fixes.

New features:

• The print_annotated_memory() helper was added to drgn.helpers.common.memory. It dumps a region of memory and annotates values that can be identified.
• The identify_address() helper in drgn.helpers.common.memory can now identify Linux kernel vmap addresses and vmap kernel stacks.
• The member_at_offset() helper was added to drgn.helpers.common.type. It returns the name of the member at an offset in a type.
• The bdev_partno() helper was added to drgn.helpers.linux.block. It returns the partition number of a block device.
• More flexible APIs for naming, reordering, and disabling type and object finders were added.
• An API for registering custom symbol finders was added. Contributed by Stephen Brennan.
• Support for Linux 6.9 and 6.10 was added.
  • The drgn.helpers.linux.stackdepot.stack_depot_fetch() helper was updated for Linux 6.9 (and 6.8.5).
  • The drgn.helpers.linux.block.for_each_disk() and drgn.helpers.linux.mm.PageSlab() helpers were updated for Linux 6.10.
• The VMCOREINFO metadata for a kernel core dump can now be manually overridden through the Python API or the CLI. Contributed by Stephen Brennan.
• x86-64 kernel core dumps without virtual memory information can now be read. Contributed by Stephen Brennan and Illia Ostapyshyn.
• RISC-V kdump-compressed core dumps are now recognized as RISC-V when compiled with libkdumpfile 0.5.4 or newer. Contributed by Stephen Brennan.

Bug fixes:

• A case where drgn would fail to get the value of a local variable in an inlined function (usually when it had been spilled to the stack) was fixed.
• Stack traces from kernel core dumps with missing (offline or unresponsive) CPUs were fixed.
• Missing exception throws were added for some internal allocation failure checks in the drgn Python bindings.

contrib directory:

• contrib/search_kernel_memory.py was added. It searches all of kernel RAM for a given byte string.
• contrib/gcore.py was added. It can extract a core dump of a running process without stopping it, or of a process from a kernel core dump.
• contrib/btrfs_tree.py was substantially improved with new helpers and support for almost all Btrfs item types.
• contrib/negdentdelete.py was added. It frees negative dentries. Contributed by Stephen Brennan.
• contrib/bpf_inspect.py was updated to work on Linux 6.4 and later, gained a new command to list BPF links, gained an interactive mode, and added more detailed information. Contributed by Leon Hwang.
• contrib/irq.py was updated to work on Linux 6.5 and later. Contributed by Imran Khan.
• contrib/lsmod.py was updated to work on Linux 6.4 and later.

Internal:

• libdrgn's internal hash table implementation was optimized to use slightly less memory.
• Unit tests were added for a lot of libdrgn internals.
• Stephen Brennan fixed an issue with builds for free-threaded Python.
• Michel Lind enabled Packit builds for CentOS Stream 9.

drgn 0.0.26

This release adds several helpers, support for DWARF package files, the fsrefs.py tool, and a few other improvements and bug fixes.

New features:

• The print_dmesg() helper was added to drgn.helpers.linux.printk. It is a shortcut for printing the contents of the kernel log buffer.
• The idr_for_each_entry() helper was added to drgn.helpers.linux.idr.
• Helpers for the Linux kernel's plist (priority-sorted list) data structure were added in drgn.helpers.linux.plist. Plists are used by futexes, real-time scheduling classes, and swap.
• The stack_depot_fetch() helper was added in drgn.helpers.linux.stackdepot. It gets a stack trace from the stack depot, which is used by KASAN and other debugging tools in the kernel to store unique stack traces. Contributed by Peter Collingbourne.
• drgn.Program.stack_trace_from_pcs() was added. It creates a drgn.StackTrace from a list of program counters. Contributed by Peter Collingbourne.
• Support for Linux 6.8 was added.
  • The for_each_mount() and path_lookup() helpers from drgn.helpers.linux.fs were updated for Linux 6.8. The for_each_mount() update was contributed by Johannes Thumshirn.
• DWARF package (.dwp) files are now supported when built with elfutils >= 0.191.
• drgn.reinterpret() can now be used for primitive scalar values (but you usually want drgn.cast()).
• drgn now transparently supports reading from pointers using AArch64's Top Byte Ignore (TBI) feature. Contributed by Peter Collingbourne.

Bug fixes:

• The print_annotated_stack() helper from drgn.helpers.common.stack was made more robust against corrupted stack traces.
• A memory leak when handling types with C++ template parameters was fixed.
• Types from type units from split DWARF files can now be searched by name.

Other improvements:

• drgn.FaultError is now imported in the CLI by default.
• drgn.FaultErrors caused by invalid physical addresses will now indicate that the address was physical.
• Build errors when compiling against Python 3.13 alpha 4 were fixed.

Tools:

• tools/fsrefs.py was added. It searches for everything in the kernel referencing a file or filesystem.

contrib directory:

• contrib/btrfs_orphan_subvolumes.py was added. It looks for Btrfs subvolumes that have been deleted but not yet cleaned up.
• contrib/dm_crypt_key.py was added. It reads the master key of a dm-crypt device from kernel memory (currently only if the encryption mode is aes-xts-plain64).

drgn 0.0.25

This release adds some usability improvements, lots of new helpers, fixes for stack traces from exotic core dumps, and more.

New features:

• The prog argument can now be omitted from most function calls in the CLI. Library users can configure the same behavior with drgn.set_default_prog() and drgn.get_default_prog().
• drgn.stack_trace() was added as a shortcut for drgn.Program.stack_trace().
• drgn can now be run against the live kernel as a non-root user. It uses sudo to open /proc/kcore. Contributed by Stephen Brennan.
• Helpers for the Linux kernel's maple tree data structure were added in drgn.helpers.linux.maple.
• vma_find() and for_each_vma() helpers were added to drgn.helpers.linux.mm. They look up or iterate over virtual memory areas in an address space, respectively.
• Helpers for Linux kernel wait queues were added in drgn.helpers.linux.wait. Contributed by Imran Khan.
• The drgn.helpers.linux.cpumask.cpumask_to_cpulist() helper was added. It converts a struct cpumask * to a CPU list string. Contributed by Imran Khan.
• cpu_online_mask(), cpu_possible_mask(), and cpu_present_mask() helpers were added to drgn.helpers.linux.cpumask.
• Support for Linux 6.6 and 6.7 was added.
  • The drgn.helpers.linux.mm.compound_order() helper was updated for Linux 6.6.
  • The drgn.Program.threads() iterator was updated for Linux 6.7.
• The drgn.helpers.linux.slab helpers were updated to handle kernels with CONFIG_SLUB_TINY enabled.
• The compound page helpers in drgn.helpers.linux.mm were updated to handle the RHEL 7 kernel. Contributed by Oleksandr Natalenko.
• Virtual address translation support was added for ppc64. Contributed by Sourabh Jain.
• drgn now supports the flattened kdump format when built with libkdumpfile support. Contributed by Petr Tesarik.
• drgn.Program.set_core_dump() and drgn.program_from_core_dump() now accept a file descriptor. Contributed by Stephen Brennan.

Backwards-incompatible changes:

• The allow_negative parameter of drgn.helpers.linux.fs.path_lookup(), and the src, dst, and fstype parameters of drgn.helpers.linux.fs.for_each_mount() and drgn.helpers.linux.fs.print_mounts() are all now keyword-only. This was necessary to allow omitting the prog argument without ambiguity.
• Type hints are no longer supported for Python 3.6 and Python 3.7. Those Python versions are still supported at runtime.

Bug fixes:

• Stack traces were fixed for core dumps from QEMU's dump-guest-memory command, ppc64 vmcores on Linux 6.5+ (and recent stable kernels), and s390x vmcores.
• Type annotations and documentation for drgn.Program.add_type_finder() and drgn.Program.add_object_finder() were corrected. Contributed by Stephen Brennan.
• Relocations for 32-bit Arm and x86 were fixed to use drgn's own implementation as intended instead of libdwfl's. This is mainly a performance improvement.

Other improvements:

• The cmdline() and environ() helpers in drgn.helpers.linux.mm now return None for kernel threads instead of raising an exception. Contributed by Peter Collingbourne.
• AArch64 virtual address translation was optimized to only read the minimum amount of page table data. Contributed by Peter Collingbourne.
• The warning when debugging symbols are not found now includes a link to the drgn documentation for how to get debugging symbols. Contributed by Alex Gartrell.
• The documentation for C operator equivalents was improved.

contrib directory:

• contrib/find_struct_file.py was added. It looks for references to a struct file *.
• contrib/stack_trace_call_fault.py was added. It manually unwinds a stack trace from a call to an invalid address on x86-64.
• contrib/irq.py was added. It prints out IRQs, their affinities, and statistics. Contributed by Imran Khan.
• contrib/vmmap.py was updated to work on Linux 6.1+.

drgn 0.0.24

This release adds a few helpers, performance improvements, more C++ lookup support, split DWARF object file support, bug fixes, and more.

New features:

• The drgn.helpers.linux.sched.cpu_curr() helper was added. It returns the task running on a CPU.
• The drgn.helpers.linux.list.list_count_nodes() helper was added. It returns the length of a list.
• The drgn.helpers.linux.net.netdev_priv() helper was added. It returns the private data of a network device.
• The drgn.helpers.linux.net.skb_shinfo() helper was added. It returns the shared info for a socket buffer.
• The Linux kernel's VMCOREINFO can now be accessed with prog["VMCOREINFO"]. Contributed by Stephen Brennan.
• The class/struct/union/enum keyword is no longer required for C++ type lookups. E.g., prog.type("Foo") will find class Foo or struct Foo, etc.
• Nested classes/structures/unions in C++ can now be looked up with drgn.Program.type() (e.g., prog.type("Foo::Bar")).
• C++ methods can now be looked up with drgn.Program.function() or drgn.Program[] (e.g., prog.function("Foo::method") or prog["Foo::method"]).
• Split DWARF object (.dwo) files are now supported when built with elfutils >= 0.171. (Split DWARF package files (.dwp) are not yet supported.)

Bug fixes:

• An ".orc_unwind_ip is not sufficiently aligned" error when getting a stack trace was fixed. This only happens on x86-64 when the stack contains a function written in assembly from a kernel module. This was a regression in drgn 0.0.23.
• Storing and printing integers larger than 64 bits was implemented. Most notably, this fixes printing struct task_struct on ARM64.
• Local variable lookups that used to fail with "unknown DWARF expression opcode 0xf3" or "unknown DWARF expression opcode 0xa3" are now returned as absent instead. It may be possible to recover a value for some of these in the future.
• drgn.Program.crashed_thread() was fixed for s390x. Previously it would return the wrong thread.
• A segfault if the definition of main() couldn't be found in a userspace program was fixed.
• When an incomplete type is found (e.g., pointed to by a structure member), resolving it to the complete type no longer checks whether the name may be ambiguous based on the paths of the files that defined it. This sometimes caused such lookups to spuriously fail in the presence of out of tree Linux kernel modules and other similar situations that caused the same file to have multiple paths. Unfortunately, this means that if there really are multiple types with the same name, the wrong one may be used, but it can be manually casted.
• Looking up the definition of a nested incomplete type in C++ was fixed.
• drgn.Object.to_bytes_() of a bit field was fixed to not return stray bits.
• Creating a structure value with a 32-bit float member (e.g., Object(prog, "struct foo", value={"f": 1.0})) on a big-endian host was fixed.
• The drgn.helpers.linux.printk helpers were fixed to work reliably on kernels between v3.18 and v4.15 with BPF enabled (due to a global variable name conflict).
• Error messages about debugging information now have a path instead of (null).

Other improvements:

• Support for Linux 6.5 was tested; no changes were required.
• Stack tracing was made almost twice as fast thanks to an internal optimization in function lookups. Contributed by Thierry Treyer.
• Indexing debugging information when it is loaded (either at startup or manually) was reimplemented.
  • It now uses less memory (~30% less) and starts up much faster (~3x as fast) for large C++ applications.
  • It no longer uses hyperthreads by default, which uses fewer system resources and results in up to 2x faster startup for the Linux kernel.
  • It may use slightly (~10%) more memory for the Linux kernel.
• The Python GIL is now released while loading debugging information.
• NULL function pointer calls can now be unwound in stack traces on x86-64. Contributed by JP Kobryn.
• The drgn.helpers.linux.printk helpers now work on RHEL 7 (Linux kernel 3.10). Contributed by Oleksandr Natalenko.
• Vmcores in the makedumpfile flattened format are now detected and diagnosed with instructions for how to convert to a format supported by drgn. Contributed by Stephen Brennan.
• drgn now logs using the standard Python logging module to a logger named "drgn".

contrib directory:

• contrib/ps.py was extended with many more options. Contributed by Jay Patel, Sourabh Jain, Aditya Gupta, and Piyush Sachdeva.
• contrib/ptdrgn.py was added. It runs drgn in ptpython. Contributed by Stephen Brennan.

Documentation:

• Supported architectures and kernel versions are now documented.
• Thread-safety requirements are now documented.
• Guidelines for contributing Linux kernel helpers were added.

Internals:

• drgn now uses the __attribute__((__cleanup__)) extension in GCC/Clang for resource cleanup.
• The internal generic vector implementation was reworked.
• drgn now uses the system's elf.h header instead of its own copy.
• Experimental scripts for building root filesystems and testing different architectures were added to vmtest.
• More checks were added to pre-commit.

drgn 0.0.23

This release adds helpers all over the place, Linux 6.3 and 6.4 support, Python 3.12 support, full s390x support, bug fixes, and lots of new scripts in contrib.

New features:

• follow_page(), follow_pfn(), and follow_phys() helpers were added to drgn.helpers.linux.mm. These translate an arbitrary virtual address in an address space.
• vmalloc_to_page() and vmalloc_to_pfn() helpers were added to drgn.helpers.linux.mm. These translate a vmalloc/vmap address.
• The drgn.helpers.linux.mm.totalram_pages() helper was added. It returns the number of pages of RAM. Contributed by Martin Liška.
• The drgn.helpers.linux.sched.loadavg() helper was added. It returns the load average as a tuple. Contributed by Martin Liška.
• The drgn.helpers.common.format.number_in_binary_units() helper was added. It formats a number as a human-readable size (e.g., 2G, 1.5M).
• drgn.cli.run_interactive() was added. It can be used to embed drgn's interactive mode in other applications. Contributed by Stephen Brennan.
• The jiffies variable in the Linux kernel is now handled specially so that it can be accessed on all kernel versions and architectures.
• Virtual address translation was implemented for s390x. Contributed by Sven Schnelle.
• The page_to_pfn(), page_to_phys(), pfn_to_page(), and phys_to_page() helpers in drgn.helpers.linux.mm now work on architectures using CONFIG_FLATMEM (e.g., Arm and i386).
• Types can now be looked up in C++ namespaces. Contributed by Kevin Svetlitski.
• drgn will now use GNU-style compressed sections (.zdebug_*) when available.

Bug fixes:

• A crash when constructing objects on Python 3.12 was fixed. Contributed by Stephen Brennan.
• A bug that caused the ORC stack unwinder to stop prematurely or return the wrong result for IRQ stacks was fixed.
• drgn.Program.crashed_thread() was fixed for non-x86 architectures. Previously it always returned the thread on CPU 0.
• drgn.helpers.linux.fs.for_each_file() now handles tasks with NULL files (e.g., zombie tasks). Contributed by Stephen Brennan.
• The drgn.helpers.linux.cgroup.sock_cgroup_ptr() helper was fixed to work on Linux 5.15 and newer. Contributed by Martin Liška.
• The drgn.helpers.linux.slab helpers were fixed to handle older stable kernels without the patch "slub: improve bit diffusion for freelist ptr obfuscation". Contributed by Stephen Brennan.
• The slab_object_info() and find_containing_slab_cache() helpers in drgn.helpers.linux.slab were fixed to ignore high memory.
• A workaround for weird DWARF generated by GCC for zero-length arrays in C++ was added. Contributed by Jay Kamat.
• A memory leak in an error case when pretty-printing compound (structure/class/union) objects was fixed. Contributed by Kevin Svetlitski.

contrib directory:

• contrib/btrfs_tree.py and contrib/btrfs_tree_mod_log.py were added. They contain work-in-progress helpers for Btrfs data structures. Contributed by Boris Burkov.
• contrib/dump_btrfs_bgs.py was added. It prints information about block groups in a Btrfs filesystem. Contributed by Johannes Thumshirn.
• contrib/kcore_list.py was added. It prints the list of memory regions registered in /proc/kcore.
• contrib/kernel_sys.py was added. It prints system information similar to the crash sys command. Contributed by Martin Liška.
• contrib/mount.py was added. It prints a mount table similar to the crash mount command. Contributed by Martin Liška.
• contrib/platform_drivers.py was added. It prints all registered platform drivers.
• contrib/vmmap.py was added. It prints information about memory mappings in a process, similar to /proc/$pid/maps. Note that it only works up to Linux 6.0. Contributed by Martin Liška.
• contrib/vmstat.py was added. It prints information about kernel memory usage. Contributed by Martin Liška.
• contrib/ps.py was extended to print thread state, whether a thread is a kernel thread, and memory statistics. Contributed by Martin Liška.
• contrib/fs_inodes.py was fixed to to handle inodes without a path. Contributed by Martin Liška.
• contrib/lsmod.py was fixed to have identical output to lsmod(8). Contributed by Martin Liška.
• contrib/tcp_sock.py was fixed to work on Linux 4.9 and newer. Contributed by Martin Liška.

Other improvements:

• Support for Linux 6.3 and 6.4 was added.
  • The compound_order() and compound_nr() helpers in drgn.helpers.linux.mm were updated for Linux 6.3.
  • ORC unwinder support was updated for Linux 6.3 and 6.4.
  • Kernel module detection was updated for Linux 6.4. Contributed by Ido Schimmel.
  • The for_each_disk() and for_each_partition() helpers in drgn.helpers.linux.block were updated for Linux 6.4.
• The drgn.helpers.linux.idr helpers were extended to work with kernels older than 4.11. Contributed by Imran Khan.
• Documentation was added for special objects that drgn exposes for the Linux kernel. Contributed by Stephen Brennan.
• The example in the documentation for add_memory_segment() was fixed. Contributed by Timothée Cocault.
• Immutable attributes were marked with Final in type stubs. Contributed by Kevin Svetlitski.

Internals:

• setup.py no longer uses distutils (as long as setuptools is new enough).
• Documentation was added for drgn's internal page table iterator interface.
• The virtual machine testing framework now supports AArch64, ppc64, s390x, and Arm. These are not tested automatically yet.
• The virtual machine testing framework now uses compilers from https://mirrors.kernel.org/pub/tools/crosstool/.
• The virtual machine testing framework now limits the number of CPUs to 8 to avoid OOMs. Contributed by Martin Liška.
• The pull request CI now only tests the oldest and latest stable Python versions, with the ability to opt into testing all supported versions. Contributed by Stephen Brennan.

drgn 0.0.22

This release adds new stack trace features, lots of helpers (especially for memory management), partial s390x support, C++ improvements, important bug fixes, and more. It is also the first release licensed under the LGPLv2.1+.

Miscellaneous:

• drgn is now licensed as LGPLv2.1+ instead of GPLv3+. The goal of the more permissive license is to encourage building tools on top of drgn (like Object Introspection).
• The contrib directory was added as a place to share scripts with minimal requirements. This also replaces the examples directory.
• Support for Linux 4.4 (which has been EOL since February 2022) is no longer being actively tested. Most of drgn will continue to work on Linux 4.4 for the time being, but it is likely to stop working soon. The oldest kernel version officially supported by drgn is now 4.9.

New features:

• The StackFrame.locals() method was added. It lists all of the arguments and local variables in the scope of a stack frame. Contributed by Stephen Brennan.
• The StackFrame.sp attribute was added. This is a generic way to get the stack pointer of a stack frame on any architecture.
• Helpers for XArrays were added in drgn.helpers.linux.xarray: xa_load(), xa_for_each(), xa_is_value(), xa_to_value(), and xa_is_zero().
• The drgn.helpers.linux.slab.get_slab_aliases() helper was added. It identifies which slab caches are merged. Contributed by Stephen Brennan.
• The drgn.helpers.linux.slab.slab_object_info() helper was added. It returns what slab cache a pointer is from, its offset from the beginning of the slab object, and whether it is allocated or free.
• The drgn.helpers.common.memory.identify_address() helper now includes additional information for slab addresses: the offset from the beginning of the slab object and whether it is allocated or free.
• The drgn.helpers.common.stack.print_annotated_stack() helper was added. It prints the contents of stack memory in a stack trace, annotating each word that can be identified as an address. Contributed by Nhat Pham.
• Support for Linux kernel modules and stack unwinding on s390x was added. Contributed by Sven Schnelle.
• Partial support for looking up types with C++ template arguments was added. For now, the arguments must be spelled exactly as the compiler spells them in the debug info. Contributed by Kevin Svetlitski.
• Parsing debug info for C++ template parameter packs was added. Contributed by Alastair Robertson.

Bug fixes:

• A bug that caused stack unwinding to fail when an executable contained .eh_frame but its DWARF information was in a separate file was fixed.
• A bug that caused x86-64 stack unwinding without call frame information to stop on a function with a frame pointer if its caller doesn't use frame pointers was fixed. This affected, for example, BPF programs in a Linux kernel using ORC.
• Linux kernel stack unwinding on ppc64 was fixed for kernel versions newer than 5.10 or older than 4.20.
• The CLI's interactive mode was fixed to allow importing modules from the current directory.
• Missing type annotations required for len(StackTrace) and iter(StackTrace) were added. Contributed by Nhat Pham.
• A potential segfault (not encountered in practice) when parsing invalid DWARF information for an enum type was fixed.
• Leaks in error cases of Program.type() and Program.object() were fixed.
• The drgn.helpers.common.memory.identify_address() helper was fixed to gracefully handle architectures that we haven't implemented virtual address translation for.
• Parsing of DWARF pointer types without a size was fixed to default to the DWARF unit's address size instead of the program's default size.
• Lookups of type names beginning with size_t or ptrdiff_t were fixed to look up the full name and not those prefixes.

Other improvements:

• Linux kernel support was tested up to Linux 6.2-rc2.
• Python support was tested up to Python 3.11.
• The CLI warning for missing debug info was made more prominent.
• The CLI now prints nicer error messages for common errors like running without root permissions.
• Documentation for the drgn.helpers.linux.mm.for_each_page() helper was improved to mention how FaultError should be handled.
• drgn can now be built against a libc without qsort_r() (e.g., musl < 1.2.3). Contributed by Boris Burkov.

Internals:

• Various tests for kconfig helpers, radix tree helpers, and stack traces were added or improved.
• Tracking of executable and debug info files was separated from libdwfl more.
• Documentation for new architecture support was expanded.

drgn 0.0.21

This release adds lots of new helpers and fixes some important bugs.

New features:

• Helpers for lockless linked lists in the Linux kernel were added: drgn.helpers.linux.llist. Contributed by Imran Khan.
• A helper to find the slab cache that a virtual address came from was added: drgn.helpers.linux.slab.find_containing_slab_cache(). Contributed by Nhat Pham.
• A drgn.helpers.common package was created to contain helpers that can be used with any program (which may have program-specific additional behavior).
• A helper to identify an arbitrary address (e.g., as a symbol or slab object) was added: drgn.helpers.common.memory.identify_address(). Contributed by Nhat Pham.
• PageFoo() helpers to check various struct page flags were added to drgn.helpers.linux.mm.
• Helpers for working with compound pages were added to drgn.helpers.linux.mm: compound_head(), compound_nr(), compound_order(), and page_size().
• A helper to get the CPU that a task last ran on was added: drgn.helpers.linux.sched.task_cpu().
• Automatic pretty-printing in IPython/Jupyter of drgn.Object, drgn.Type, drgn.StackTrace, and drgn.StackFrame was added. Contributed by Shung-Hsi Yu.
• drgn.StackTrace.prog was added as a way to get the program that a stack trace came from.

Bug fixes:

• Getting stack traces from a kernel core dump of threads that were running at the time of the crash was fixed for Linux < 4.9 and >= 5.16.
• drgn.helpers.linux.per_cpu() and per_cpu_ptr() were fixed to work for per-CPU variables defined in kernel modules.
• Reading from pages that were excluded by makedumpfile was changed to return zeroes instead of raising a FaultError. This is unfortunately necessary because we cannot distinguish between pages that were excluded because their contents were zero and pages that were excluded for other reasons. Contributed by Glen McCready.
• A segfault when looking for a variable in a stack frame caused by strange debug symbols emitted by Clang in certain situations was fixed.
• A reference leak every time a FaultError is raised inside of drgn was fixed.
• A use after free when setting an object from a part of itself in libdrgn was fixed. The Python interface is not affected.
• The recommendation for how to get VMCOREINFO in QEMU guest memory dumps was fixed to suggest the correct Linux kernel configuration options.
• A spelling error in a DWARF parsing error message was fixed. Contributed by Michel Alexandre Salim.

API changes:

• escape_ascii_character(), escape_ascii_string(), decode_flags(), and decode_enum_type_flags() were moved from drgn.helpers to drgn.helpers.common.format.
• enum_type_to_class() was moved from drgn.helpers to drgn.helpers.common.type.

Documentation:

• openSUSE installation instructions were added.
• libkdumpfile installation instructions were updated to reflect that it is now packaged on some Linux distributions.
• Python type signatures are now formatted more concisely in the documentation.
• Overloaded helpers are now documented more concisely.
• Various small editorial and formatting issues were fixed.

Other improvements:

• Linux kernel support was tested up to Linux 6.0.
• drgn.helpers.linux.bpf.cgroup_bpf_prog_for_each() was updated to work on Linux 6.0.

Internals:

• Some racy stack tracing unit tests were fixed.
• Linux kernel memory management helper unit tests were enabled on AArch64.
• The VM testing setup no longer depends on BusyBox.
• -Wimplicit-fallthrough was enabled for builds.
• A syscall number table and normalized machine name were added to util.py
  for use in test cases and the VM testing setup.
• Some renaming was done to prepare for the upcoming module API.
• The libdrgn-internal string_builder API was improved.

drgn 0.0.20

This release adds full AArch64 (ARM64) support, a few more helpers, and other small fixes and improvements.

New features:

• Stack traces were implemented for AArch64.
• Virtual address translation was implemented for AArch64.
• Additional registers are now available for the initial stack frame on x86-64: rflags, es, cs, ss, ds, fs, gs, fs.base, gs.base.
• The lr register is now available for stack frames on ppc64.
• A helper for looking up cgroups by path was added:drgn.helpers.linux.cgroup.cgroup_get_from_path().
• A helper for walking kernfs paths was added: drgn.helpers.linux.kernfs.kernfs_walk().
• Helpers for translating to and from physical addresses were added to drgn.helpers.linux.mm: PFN_PHYS(), PHYS_PFN(), page_to_phys(), phys_to_page(), phys_to_virt(), virt_to_phys().
• Helpers for iterating BTF objects and BPF links were added to drgn.helpers.linux.bpf: bpf_btf_for_each() and bpf_link_for_each(). Contributed by Quentin Monnet.
• Support for UTF character types (e.g., char8_t, char16_t, char32_t) was added. Contributed by Kevin Svetlitski.
• Support for floating-point reference objects other than 32 or 64 bits was added (values are still not implemented). Contributed by Kevin Svetlitski.

Bug fixes:

• drgn -s/--symbols (and the underlying drgn.Program.load_debug_info()) now works for kernel module debug info files generated by objcopy --only-keep-debug instead of failing with an error.
• drgn.helpers.linux.slab.slab_cache_for_each_allocated_object() was fixed when CONFIG_SLAB_FREELIST_HARDENED is enabled.
• drgn.helpers.linux.slab.slab_cache_for_each_allocated_object() was fixed when using the SLAB allocator on kernels before v5.17.
• The drgn.helpers.linux.slab.slab_cache_is_merged() helper is now properly added to drgn.helpers.linux.slab.__all__ so that it is included in drgn.helpers.linux and automatically imported in the CLI.
• The cgroup_bpf_prog_for_each() and cgroup_bpf_prog_for_each_effective() helpers in drgn.helpers.linux.bpf were fixed to support kernels back to v4.10.
• The CLI was fixed to add the current directory to sys.path when running in script mode. Contributed by Logan Gunthorpe.
• Missing documentation was added for the validate_rbtree() and validate_rbtree_inorder_for_each_entry() validators in drgn.helpers.linux.rbtree.
• An optimization to coalesce virtual address reads (used for vmcore reads and the access_process_vm() and access_remote_vm() helpers in drgn.helpers.linux.mm) was fixed. Previously, the optimization was skipped when it should be used and in rare situations could be used when it shouldn't have been, causing incorrect reads.
• A bug when a virtual address read straddles the non-canonical address range on x86-64 was fixed.
• Fallback stack unwinding on ppc64 when debugging information is not available was fixed.
• Reading registers from stack traces with a different byte order was fixed to swap the byte order.
• Automatic lookup of incomplete types was fixed when the type is in a C++ namespace. Contributed by Jay Kamat.

Other improvements:

• Linux kernel support was tested up to Linux v5.19-rc8.
• The address range of kernel modules is now determined more efficiently.
• The bpf_map_for_each() and bpf_prog_for_each() helpers in drgn.helpers.linux.bpf were made slightly more efficient by avoiding redundant type lookups.
• drgn will now detect a QEMU memory dump without VMCOREINFO and suggest how to get a dump that drgn can use.

Internal:

• The format for defining architecture registers was changed from a custom language to Python.
• The address/struct page translation helpers in drgn.helpers.linux.mm were made mostly architecture-agnostic.
• The unit tests for the address/struct page translation helpers in drgn.helpers.linux.mm were made more thorough.
• Unit tests were added for the BPF helpers.