]>
Commit | Line | Data |
---|---|---|
9e0b1b53 | 1 | * What's new in version 3.1, PRERELEASE |
6b2b2bef | 2 | |
e8b46a9e FL |
3 | - Tapsets containing process probes may now be placed in the special |
4 | $prefix/share/systemtap/tapset/PATH/ directory to have their process parameter | |
5 | prefixed with the location of the tapset. For example, | |
6 | ||
7 | process("foo").function("NAME") expands to process("/usr/bin/foo").function("NAME") | |
8 | when placed in $prefix/share/systemtap/tapset/PATH/usr/bin/ | |
9 | ||
aa52cbb3 FL |
10 | - Netfilter tapsets now provide variables data_hex and data_str to display packet |
11 | contents in hexadecimal and ASCII respectively. | |
12 | ||
0a7eb12d MC |
13 | - Translator now accepts new @const() operator for convenient expressing |
14 | constants in tapset code, or guru-mode scripts. See stap(1) for details. | |
15 | ||
5d27641e FL |
16 | - New -T option allows the script to be terminated after a specified number |
17 | of seconds. This is a shortcut for adding the probe, timer {exit()}. | |
18 | ||
8093ef39 MC |
19 | - New installcheck-parallel testsuite feature allows running the tests in |
20 | parallel in order to save time. See testsuite/README for details. | |
6b2b2bef | 21 | |
ef8e3dae CS |
22 | - New tapset functions set_user_string(), set_user_string_n(), set_user_long() |
23 | set_user_int(), set_user_short(), set_user_char() and set_user_pointer() to | |
24 | write a value of specified type directly to a user space address. | |
25 | ||
957dc5c3 CS |
26 | - New tapset functions user_buffer_quoted(), user_buffer_quoted_error(), |
27 | kernel_buffer_quoted(), and kernel_buffer_quoted_error() to print a | |
28 | buffer of an exact length. These functions can handle '\0' characters | |
29 | as well. | |
30 | ||
6b2b2bef | 31 | * What's new in version 3.0, 2016-03-27 |
191ede01 | 32 | |
f534c269 FCE |
33 | - The new experimental "interactive" mode, specified by "stap -i", |
34 | drops you into a command-line prompt where you can build up a script, | |
35 | run it, edit it, run it again, etc. Type "help" for a list of commands. | |
36 | ||
37 | - New experimental --monitor[=INTERVAL] option similar to unix "top". This | |
38 | allows users to see statistics about the running module(uptime, module name, | |
39 | invoker uid, memory sizes, global variables, and the current probe list | |
40 | along with their statistics). | |
41 | ||
42 | An interface is also provided to allow control over the running | |
43 | module(resetting global variables, sorting the list of probes, deactivating | |
44 | and reactivating probes). | |
45 | ||
9a38b89c | 46 | - The performance of associative arrays have been dramatically |
f534c269 | 47 | improved, especially for densely filled tables and for multiple |
9a38b89c FCE |
48 | indexes. The hash tables behind these arrays is now sized as a |
49 | function of the array maximum size with an optional MAPHASHBIAS | |
50 | space/time tradeoff knob. | |
51 | ||
36fa6eb3 FCE |
52 | - Add macros @prints to print a scalar aggregate variable, @prints[1-9] |
53 | to print an array aggregate (of given index-arity), formatted similarly | |
54 | to the automatic printing of written-only global variables. | |
55 | ||
56 | global a, b | |
57 | probe oneshot { a <<< 1; b[tid()] <<< 2 } | |
58 | probe end { @prints(a); @prints1(b) } | |
59 | ||
7b5b30a8 FL |
60 | - Functions may now be overloaded during module runtime using the "next" |
61 | statement in script functions and STAP_NEXT macro for embedded-C functions. | |
62 | They may also be overloaded by number of parameters during compile time. | |
63 | For example, | |
64 | ||
65 | Runtime overloading: | |
c0d0d623 FL |
66 | function f() { if (condition) next; print("first function") } |
67 | function f() %{ STAP_NEXT; print("second function") %} | |
68 | function f() { print("third function") } | |
7b5b30a8 | 69 | |
c0d0d623 FL |
70 | For the given functions above, a functioncall f(), will execute the body of the |
71 | third function if condition evaluates to true and print "third function". | |
72 | Note that the second function is unconditionally nexted. | |
7b5b30a8 FL |
73 | |
74 | Parameter overloading: | |
c0d0d623 FL |
75 | function g() { print("first function") } |
76 | function g(x) { print("second function") } | |
77 | g() -> "first function" | |
78 | g(1) -> "second function" | |
79 | ||
80 | Note that runtime overloading does not occur in the above example as the number | |
81 | of parameters of the functions differ. The use of a next statement inside a function | |
82 | while no more overloads remain will trigger a runtime exception. The function | |
83 | candidates are selected at compile time and is determined by the number of arguments | |
84 | provided for the functioncall. | |
7b5b30a8 | 85 | |
24ef0e88 | 86 | - Add Czech version of manual pages. |
9fcf867f | 87 | |
40ae3a75 AJ |
88 | - The stap compile server will log the stap client's options that are passed |
89 | to the server. The options that get logged on the server will include the | |
90 | script name or the -e script, depending on which is used by the client. | |
91 | ||
0af18f5a FL |
92 | - Embedded-C functions and blocks may now access script level global variables |
93 | using the STAP_GLOBAL_GET_* and STAP_GLOBAL_SET_* macros. | |
94 | ||
95 | To read or write the script global var, the /* pragma:read:var */ or | |
96 | /* pragma:write:var */ marker must be placed in the embedded-C function or block. | |
97 | The written type must match the type inferred at script level. | |
98 | ||
99 | Scalars: | |
100 | STAP_GLOBAL_SET_var(STAP_GLOBAL_GET_var()+1) -> increments script global var by 1 | |
101 | STAP_GLOBAL_SET_var("hello") | |
102 | ||
103 | Associative arrays: | |
104 | STAP_GLOBAL_GET_var(index-1, ..., index-n) | |
105 | STAP_GLOBAL_SET_var(index-1, ..., index-n, new value) | |
106 | ||
380d759b FL |
107 | - Probe point brace expansion is now supported to improve brevity in |
108 | specifying probe points. For example, | |
109 | ||
110 | process.{function("a"), function("b").{call,return}} | |
111 | => process.function("a"), process.function("b").call, process.function("b").return | |
112 | ||
113 | process.{function("*").callees,plt}? | |
114 | => process.function("*").callees?, process.plt? | |
115 | ||
116 | {kernel,module("nfs")}.function("nfs*")! | |
117 | => kernel.function("nfs*")!, module("nfs").function("nfs*")! | |
118 | ||
b113d360 FL |
119 | - Profiling timers at arbitrary frequencies are now provided and perf probes |
120 | now support a frequency field as an alternative to sampling counts. | |
07c818a0 FL |
121 | |
122 | probe timer.profile.freq.hz(N) | |
b113d360 | 123 | probe perf.type(N).config(M).hz(X) |
07c818a0 FL |
124 | |
125 | The specified frequency is only accurate up to around 100hz. You may | |
126 | need to provide a higher value to achieve the desired rate. | |
127 | ||
38bf68a8 MC |
128 | - Added support for private global variables and private functions. The scope |
129 | of these is limited to the tapset file they are defined in (PR19136). | |
130 | ||
9fcf867f FCE |
131 | - New tapset function string_quoted() to quote and \-escape general strings. |
132 | String $context variables that are pretty-printed are now processed with | |
133 | such a quotation engine, falling back to a 0x%x (hex pointer) on errors. | |
1254cb0c | 134 | |
c88409ef MC |
135 | - Functions get_mmap_args() and get_32mmap_args() got deprecated. |
136 | ||
7009f2f7 | 137 | * What's new in version 2.9, 2015-10-08 |
f59f4f63 | 138 | |
7b65c066 FL |
139 | - SystemTap now uses symbols from /proc/kallsyms when kernel debuginfo is not |
140 | available. | |
141 | ||
30833b32 MC |
142 | - New --prologue-searching[=WHEN] option has been added to stap with '-P' being |
143 | its short counterpart. Using --prologue-searching=never turns prologue | |
144 | searching deliberately off working around issue of int_arg() returning wrong | |
145 | value when a 32-bit userspace binary having debug info is being probed with | |
146 | active prologue searching (PR18649). | |
147 | ||
eb73b74a MC |
148 | - The powerpc variant of nd_syscall.compat_sysctl got deprecated on favor of |
149 | nd_syscall.sysctl32. This aligns the nd_syscall to its respective syscall and | |
150 | to ia64/s390/x86_64 variants too. | |
151 | ||
247e2766 FL |
152 | - New tapset function assert(expression, msg) has been added. |
153 | ||
69e6920d FL |
154 | - Embedded-C functions may now use the new STAP_PRINTF(fmt, ...) |
155 | macro for output. | |
156 | ||
a11f34b0 FCE |
157 | - New tapset functions fullname_struct_path and fullname_struct_nameidata |
158 | resolve full path names from internal kernel struct pointers. | |
159 | ||
93f70a9a FL |
160 | - New tapset functions arch_bytes() and uarch_bytes() to obtain address size |
161 | for kernel and user space respectively. | |
162 | ||
7cb93423 FL |
163 | - New tapset function switch_file() allows control over rotation |
164 | of output files. | |
165 | ||
0ca3688f MC |
166 | - The [nd_]syscall tapset got autodocumented. Related paragraph got added to PDF |
167 | and HTML tapset reference. Also a new tapset::syscall 3stap man page got added. | |
b2074863 | 168 | |
b2ee3eeb FCE |
169 | - Embedded-C functions with parameter arity-0 can now be marked with |
170 | the /* stable */ /* pure */ pragmas, if (roughly speaking) the | |
171 | function is side-effect-free and idempotent. The translator may | |
172 | execute these speculatively and have their results memoized. This | |
173 | lets probes with multiple calls to such functions run faster. | |
a51cbbf0 | 174 | |
b2ee3eeb FCE |
175 | Context variable ($foo) getter functions (in non-guru mode), and |
176 | numerous tapset functions are now marked as /* stable */ /* pure */. | |
177 | Several example scripts have been modified to eschew explicit | |
178 | memoization. | |
a51cbbf0 | 179 | |
f0e06c0d FL |
180 | - Callee probe points now support '.return' and '.call' suffix. |
181 | For example, | |
182 | ||
183 | process("proc").function("foo").callee("bar").return | |
184 | ||
185 | will fire upon returning from bar when called by foo. | |
186 | ||
187 | process("proc").function("foo").callee("bar").call | |
188 | ||
189 | will only fire for non-inlined callees. | |
190 | ||
ed891cf3 MC |
191 | - The following tapset variables and functions are deprecated in |
192 | version 2.9: | |
193 | - The '__int32_compat' library macro got deprecated in favor of | |
194 | new '__compat_long' library macro. | |
a7396f63 MC |
195 | - The 'uargs' convenience variable of the 'seccomp' syscall probe |
196 | got deprecated in favor of new 'uargs_uaddr' variable. | |
ed891cf3 | 197 | |
faa053ee | 198 | - SystemTap has reduced its memory consumption by using interned_strings (a |
7a922f72 AJ |
199 | wrapper for boost::string_ref) in place of std::string instances. The change |
200 | is to reduce the number of duplicate strings created by replacing them with | |
201 | interned_strings which act like pointers to existing strings. | |
202 | ||
203 | For the implementation of interned_string, see stringtable.h | |
204 | ||
08dc7182 | 205 | * What's new in version 2.8, 2015-06-17 |
9a399080 | 206 | |
b976611a AJ |
207 | - SystemTap has improved support for probing golang programs. Work has been |
208 | done to be able to handle DWARF information, reporting file names, line | |
209 | numbers, and column numbers, and tolerance of odd characters in symbol names. | |
210 | ||
211 | - The function::*, probe::* and new macro::* man pages cross-references the | |
212 | enclosing tapset::* man page. For example: | |
213 | ||
214 | function::pn(3stap) mentions tapset::pn(3stap) in the SEE ALSO section | |
215 | ||
216 | - New stapref(1) man page provides a reference for the scripting language. The | |
217 | stapref page contains an overview of the features available in the language, | |
218 | such as keywords, data types, operators and more. | |
219 | ||
220 | - The @task macro performs the very common @cast to a task_struct. | |
221 | ||
222 | The embedded-C bodies of task_current() and pid2task() are now wrapped | |
223 | by @task, which gives them a debuginfo type on the return value. With | |
224 | autocast type propagation, this removes the need for any explicit @cast | |
225 | in many places. | |
226 | ||
227 | Other places which take untyped task pointers as parameters, for | |
228 | instance, now use @task as well to simplify their code. | |
229 | ||
2be83613 AJ |
230 | - New namespace-aware tapset functions [task_]ns_*() and ia new option |
231 | --target-namespaces=PID to denote a target set of namespaces corresponding to | |
232 | the PID's namespaces. The namespace-aware tapsets will return values | |
233 | relative to the target namespaces if specified, or the stap process' namespaces. | |
234 | ||
8d025d70 FCE |
235 | - Netfilter probes now attempt to decode Spanning Tree Protocol packets |
236 | into local variables: probe netfilter.bridge.*, br_* variables, | |
237 | stp_dump.stp sample script. | |
76bde0fb | 238 | |
c7ec299c FCE |
239 | - Colorization of error string tokens is made more robust, especially |
240 | in presence of $N/@N substitution. | |
241 | ||
97fca116 MC |
242 | - The following tapset variables and functions are deprecated in |
243 | version 2.8: | |
bf952a76 DS |
244 | - The 'hostname_uaddr' variable in the syscall.setdomainname and |
245 | nd_syscall.setdomainname probe aliases have been deprecated in | |
246 | favor of the new 'domainname_uaddr' variable. | |
247 | - The 'fd' and 'fd_str' variables in the syscall.execveat and | |
248 | nd_syscall.execveat probe aliases have been deprecated in favor of | |
249 | the new 'dirfd' and 'dirfd_str' variables. | |
97fca116 | 250 | |
c86582b2 | 251 | * What's new in version 2.7, 2015-02-18 |
e4542435 | 252 | |
bf38b31c FCE |
253 | - Some systemtap sample scripts are now identified with the "_best" keyword, |
254 | because they are generally useful or educational. They are now promoted | |
255 | within the generated index files. | |
256 | ||
89538c0b FCE |
257 | - Passing strings to and from functions has become faster due to optimization |
258 | (passing some strings by reference instead of by value/copy). It may | |
259 | be disabled by using the unoptimize flag (-u). | |
260 | ||
261 | To make embedded-C functions eligible for the same optimization, use the pragma | |
262 | /* unmodified-fnargs */ to indicate that the function body will not modify | |
263 | the function arguments. Remember to use MAXSTRINGLEN for string length, | |
264 | rather than sizeof(string_arg) (which might now be a pointer). | |
b5f388f2 | 265 | |
562e0475 JL |
266 | - SystemTap now allows .function probes to be specified by their full function |
267 | name, file, and declaration line number. Use the .statement probe to probe a | |
268 | specific line number. | |
269 | ||
a7a4e25a JL |
270 | - Tracepoint probes can now also be specified by the target subsystem. For |
271 | example, the following are all supported: | |
272 | ||
273 | probe kernel.trace("sched:sched_switch") --> probe sched_switch found in the | |
274 | sched subsystem | |
275 | probe kernel.trace("sched:*") --> probe all tracepoints in sched subsystem | |
276 | ||
277 | As a result, tapset functions such as pn() will now return a different string | |
278 | than before. To retain the previous behaviour, use '--compatible=2.6'. | |
279 | ||
3e257ca3 DS |
280 | - The following functions are deprecated in release 2.7: |
281 | - _adjtx_mode_str(), _statfs_f_type_str(), _waitid_opt_str(), | |
282 | _internal_wait_opt_str(), and _epoll_events_str(). | |
283 | ||
26a113c4 AJ |
284 | - New tapset functions [u]symfileline(), [u]symfile() and [u]symline() will |
285 | return a string containing the specified portion of the filename:linenumber | |
286 | match from a given address. | |
287 | ||
288 | Using these functions may result in large generated modules from stored | |
289 | address->file:line information. | |
290 | ||
547f446e | 291 | * What's new in version 2.6, 2014-09-05 |
bbcb49f1 | 292 | |
28bcb1f5 JL |
293 | - SystemTap now supports on-the-fly arming/disarming of certain probe types: |
294 | kprobes, uprobes, and timer.*s(NUM) probes. For example, this probe | |
295 | ||
296 | probe kernel.function("vfs_read") if (i > 4) { ... } | |
297 | ||
298 | will automatically register/unregister the associated kprobe on vfs_read | |
94fe8dd0 FCE |
299 | whenever the value of the condition changes (as some probe handler |
300 | modifies 'i'). This allows us to avoid probe overhead when we're not | |
301 | interested. If the arming capability is not relevant/useful, nest the | |
302 | condition in the normal probe handler: | |
28bcb1f5 | 303 | |
94fe8dd0 | 304 | probe kernel.function("vfs_read") { if (i > 4) { ... } } |
28bcb1f5 | 305 | |
5e758862 FCE |
306 | - statement("*@file:NNN").nearest probes now available to let systemtap |
307 | translate probe to nearest probe-able line to one given if necessary | |
308 | ||
2e96714f SC |
309 | - process("PATH").library("PATH").plt("NAME").return probes are now supported. |
310 | ||
019b136a JL |
311 | - SystemTap now supports SDT probes with operands that refer to symbols. |
312 | ||
9d38cfdf JL |
313 | - While in listing mode (-l/-L), probes printed are now more consistent |
314 | and precise. | |
315 | ||
9d4e206f JL |
316 | - Statement probes now support enumerated linenos to probe discontiguous |
317 | linenos using the form: | |
318 | ||
319 | process.statement("foo@file.c:3,5-7,9") | |
320 | ||
05e1f80d AJ |
321 | - Statement counting is now suppressed in the generated c code for probes that |
322 | are non-recursive and loop-free. Statement counting can be turned back on in | |
323 | unoptimize mode (-u). | |
324 | ||
f0062f0a | 325 | - SystemTap now asserts that the PID provided for a process probe corresponds |
e4542435 | 326 | to a running process. |
f0062f0a AJ |
327 | |
328 | - DWARF process probes can be bound to a specific process using the form: | |
329 | ||
330 | process(PID).function("*") | |
331 | ||
37c610c5 AJ |
332 | - SystemTap now accepts additional scripts through the new -E SCRIPT option. |
333 | There still needs to be a main script specified through -e or file in order | |
334 | to provide an additional script. This makes it feasible to have scripts in | |
e6e7c331 | 335 | the $HOME/.systemtap/rc file. For example: |
37c610c5 AJ |
336 | |
337 | -E 'probe begin, end, error { log("systemtap script " . pn()) }' | |
e6e7c331 | 338 | -E 'probe timer.s(30) { error ("timeout") } |
37c610c5 | 339 | |
e6e7c331 | 340 | The -E SCRIPT option can also be used in listing mode (-l/-L), such that |
37c610c5 AJ |
341 | probe points for the additional scripts will not listed, but other parts of |
342 | the script are still available, such as macros or aliases. | |
343 | ||
27702aa7 AJ |
344 | - SystemTap now supports array slicing within foreach loop conditions, delete |
345 | statements and membership tests. Wildcards are represented by "*". Examples | |
346 | of the expressions are: | |
347 | ||
348 | foreach ([a,b,c] in val[*,2,*]) | |
349 | delete val[*, 2, *] | |
350 | [*, 2, *] in val | |
351 | ||
d34535b6 JS |
352 | - Integer expressions which are derived from DWARF values, like context $vars, |
353 | @cast, and @var, will now carry that type information into subsequent reads. | |
354 | Such expressions can now use "->" and "[]" operators, as can local variables | |
355 | which were assigned such values. | |
356 | ||
357 | foo = $param->foo; printf("x:%d y:%d\n", foo->x, foo->y) | |
358 | printf("my value is %d\n", ($type == 42 ? $foo : $bar)->value) | |
359 | printf("my parent pid is %d\n", task_parent(task_current())->tgid) | |
360 | ||
bbcb49f1 | 361 | * What's new in version 2.5, 2014-04-30 |
69bd8cc1 | 362 | |
de607e9a LB |
363 | - Systemtap now supports backtracing through its own, invoking module. |
364 | ||
365 | - Java probes now support backtracing using the print_java_backtrace() | |
366 | and sprint_java_backtrace() functions. | |
367 | ||
7b51754b JL |
368 | - Statement probes (e.g. process.statement) are now faster to resolve, |
369 | more precise, and work better with inlined functions. | |
370 | ||
bf8a9682 JL |
371 | - New switches have been added to help inspect the contents of installed |
372 | library files: | |
373 | ||
93a05601 | 374 | stap --dump-functions --> list all library functions and their args |
bf8a9682 JL |
375 | stap --dump-probe-aliases --> list all library probe aliases |
376 | ||
2dd920e3 FCE |
377 | - The heuristic algorithms used to search for function-prologue |
378 | endings were improved, to cover more optimization (or | |
379 | lack-of-optimization, or incorrect-debuginfo) cases. These | |
380 | heuristics are necessary to find $context parameters for some | |
381 | function-call/entry probes. We recommend programs be built with | |
382 | CFLAGS+=-grecord-gcc-switches to feed information to the heuristics. | |
383 | ||
3598d11a FCE |
384 | - The stap --use-server option now more correctly supports address:port |
385 | type parametrization, for manual use in the absence of avahi. | |
386 | ||
2dd920e3 FCE |
387 | - A new probe alias "oneshot" allows a single quick script fragment to run, |
388 | then exit. | |
817c5088 FCE |
389 | |
390 | - The argv tapset now merges translate-time and run-time positional | |
391 | arguments, so all of these work: | |
392 | ||
393 | stap -e 'probe oneshot {println(argv[1]," ",argv[2])}' hello world | |
2dd920e3 FCE |
394 | |
395 | stap -e 'probe oneshot {println(argv[1]," ",argv[2])}' \ | |
396 | -G argv_1=hello -G argv_2=world | |
397 | ||
817c5088 FCE |
398 | staprun hello.ko argv_1=hello argv_2=world |
399 | ||
1fd9dd40 LB |
400 | - SystemTap now falls back on the symbol table for probing |
401 | functions in processes if the debuginfo is not available. | |
402 | ||
ad13deea FCE |
403 | - SystemTap now supports a %( guru_mode == 0 /* or 1 */ %) |
404 | conditional for making dual-use scripts. | |
405 | ||
ac19c040 FCE |
406 | - SystemTap now supports UEFI/SecureBoot systems, via |
407 | machine-owner-keys maintained by a trusted stap-server on the | |
408 | network. (Key enrollment requires a one-time reboot and BIOS | |
409 | conversation.) | |
d7765ae8 | 410 | https://sourceware.org/systemtap/wiki/SecureBoot |
ac19c040 | 411 | |
3644d75b JL |
412 | - SystemTap now reports more accurate and succinct errors on type |
413 | mismatches. | |
414 | ||
be59b114 FCE |
415 | - Embedded-C functions may use STAP_RETURN(value) instead of the |
416 | more wordy STAP_RETVALUE assignment followed by a "goto out". | |
417 | The macro supports numeric or string values as appropriate. | |
aa9bec70 | 418 | STAP_ERROR(...) is available to return with a (catchable) error. |
be59b114 | 419 | |
ecd711df FCE |
420 | - Some struct-sockaddr fields are now individually decoded for |
421 | socket-related syscalls: | |
422 | probe syscall.connect { println (uaddr_af, ":", uaddr_ip) } | |
423 | ||
30711698 JL |
424 | - The documentation for the SystemTap initscript service and the |
425 | SystemTap compile-server service have been completely converted from | |
426 | README files to man pages (see systemtap(8) and stap-server(8)). | |
8f97c4c3 | 427 | |
f6def2d7 | 428 | - SystemTap is now capable of inserting modules early during the boot |
8f97c4c3 JL |
429 | process on dracut-based systems. See the 'onboot' command in |
430 | systemtap(8) for more information. | |
f6def2d7 | 431 | |
587ba6fd JL |
432 | - DWARF probes can now use the '.callee[s]' variants, which allow more |
433 | precise function probing. For example, the probe point | |
434 | ||
435 | process("myproc").function("foo").callee("bar") | |
436 | ||
437 | will fire upon entering bar() from foo(). A '.callees' probe will | |
074c54b6 JL |
438 | instead place probes on all callees of foo(). |
439 | Note that this also means that probe point wildcards should be used | |
440 | with more care. For example, use signal.*.return rather than | |
441 | signal.*.*, which would also match '.callees'. See stapprobes(3stap) | |
442 | for more info. This feature requires at least GCC 4.7. | |
587ba6fd | 443 | |
bb4a77c1 JL |
444 | - A few new functions in the task_time tapsets, as well as a new tapset |
445 | function task_ancestry(), which prints out the parentage of a process. | |
446 | ||
447 | - The kprocess.exec probe has been updated to use syscall.execve, which | |
f1753911 JL |
448 | allows access to the new process' arguments (through the new 'argstr' |
449 | or 'args' variables) as well as giving better support across kernel | |
450 | versions. Note also that the 'filename' variable now holds the | |
451 | filename (quoted), or the address (unquoted) if it couldn't be | |
452 | retrieved. | |
bb4a77c1 | 453 | |
3ca300df JL |
454 | - The [s]println() function can now be called without any arguments to |
455 | simply print a newline. | |
456 | ||
e90006d7 JL |
457 | - Suggestions are now provided when markers could not be resolved. For |
458 | example, process("stap").mark("benchmart") will suggest 'benchmark'. | |
459 | ||
6667be37 JL |
460 | - SystemTap colors can now be turned off by simply setting |
461 | SYSTEMTAP_COLORS to be empty, rather than having to make it invalid. | |
462 | ||
2aee1644 | 463 | - There is a new context tapset function, pnlabel(), which returns the |
887d4fe1 JL |
464 | name of the label which fired. |
465 | ||
46259973 DS |
466 | - The following tapset variables and functions are deprecated in |
467 | release 2.5: | |
61846467 DS |
468 | - The 'clone_flags', 'stack_start', 'stack_size', |
469 | 'parent_tid_uaddr', and 'child_tid_uaddr' variables in the | |
470 | 'syscall.fork' and 'nd_syscall.fork' probe aliases. | |
46259973 DS |
471 | - The '_sendflags_str()' and '_recvflags_str()' functions have been |
472 | deprecated in favor of the new '_msg_flags_str()' function. | |
3fafd4b1 DS |
473 | - The 'flags' and 'flags_str' variables in the 'syscall.accept' and |
474 | 'nd_syscall.accept' probe alias. | |
ed85f25a DS |
475 | - The 'first', 'second', and 'uptr_uaddr' variables in the |
476 | 'syscall.compat_sys_shmctl', and 'nd_syscall.compat_sys_shmctl' | |
477 | probe aliases have been deprecated in favor of the new 'shmid', | |
478 | 'cmd', and 'buf_uaddr' variables. | |
61846467 | 479 | |
69bd8cc1 | 480 | * What's new in version 2.4, 2013-11-06 |
5033017a | 481 | |
0dc15c72 JL |
482 | - Better suggestions are given in many of the semantic errors in which |
483 | alternatives are provided. Additionally, suggestions are now provided | |
484 | when plt and trace probes could not be resolved. For example, | |
485 | kernel.trace("sched_siwtch") will suggest 'sched_switch'. | |
486 | ||
268cb671 JL |
487 | - SystemTap is now smarter about error reporting. Errors from the same |
488 | source are considered duplicates and suppressed. A message is | |
489 | displayed on exit if any errors/warnings were suppressed. | |
490 | ||
c1cb76c5 FCE |
491 | - Statistics aggregate typed objects are now implemented locklessly, |
492 | if the translator finds that they are only ever read (using the | |
493 | foreach / @count / etc. constructs) in a probe-begin/end/error. | |
494 | ||
fe14f21a JL |
495 | - SystemTap now supports probing inside virtual machines using the |
496 | libvirt and unix schemes, e.g. | |
497 | ||
498 | stap -ve 'probe timer.s(1) { printf("hello!\n") }' \ | |
499 | --remote=libvirt://MyVirtualMachine | |
500 | ||
501 | Virtual machines managed by libvirt can be prepared using stapvirt. | |
502 | See stapvirt(1) and the --remote option in stap(1) for more details. | |
fe14f21a | 503 | |
c5810d31 LB |
504 | - Systemtap now checks for and uses (when available) the .gnu_debugdata |
505 | section which contains a subset of debuginfo, useful for backtraces | |
506 | and function probing | |
507 | ||
f1b60d36 DS |
508 | - SystemTap map variables are now allocated with vmalloc() instead of |
509 | with kmalloc(), which should cause memory to be less fragmented. | |
510 | ||
94eb87d1 DS |
511 | - Although SystemTap itself requires elfutils 0.148+, staprun only |
512 | requires elfutils 0.142+, which could be useful with the | |
513 | '--disable-translator' configure switch. | |
5033017a | 514 | |
710f5084 FCE |
515 | - Under FIPS mode (/proc/sys/crypto/fips_enabled=1), staprun will |
516 | refuse to load systemtap modules (since these are not normally | |
517 | signed with the kernel's build-time keys). This protection may | |
518 | be suppressed with the $STAP_FIPS_OVERRIDE environment variable. | |
519 | ||
bbd7c635 FCE |
520 | - The stap-server client & server code now enable all SSL/TLS |
521 | ciphers rather than just the "export" subset. | |
522 | ||
f9ae3416 DS |
523 | - For systems with in-kernel utrace, 'process.end' and 'thread.end' |
524 | probes will hit before the target's parent process is notified of | |
525 | the target's death. This matches the behavior of newer kernels | |
526 | without in-kernel utrace. | |
527 | ||
5033017a | 528 | * What's new in version 2.3, 2013-07-25 |
9b1480fe | 529 | |
0ba56fe9 FCE |
530 | - More context-accessing functions throw systemtap exceptions upon a |
531 | failure, whereas in previous versions they might return non-error | |
532 | sentinel values like "" or "<unknown>". Use try { } / catch { } | |
533 | around these, or new wrapper functions such as user_string_{n_}quoted() | |
534 | that internally absorb exceptions. | |
535 | ||
269cd0ae LB |
536 | - java("org.my.MyApp") probes are now restricted to pre-existing jvm pid's with |
537 | a listing in jps -l output to avoid recursive calls | |
538 | ||
2f80feee FCE |
539 | - The tapset [nd_]syscall.semop parameter tsops_uaddr is renamed sops_uaddr for |
540 | consistency with [nd_]syscall.semtimedop. | |
9b1480fe | 541 | |
0db12495 FCE |
542 | - The udp.stp tapset adds some ip-address/port variables. |
543 | ||
f2087e43 FCE |
544 | - A new guru-mode-only tapset function raise() is available to send signals |
545 | to the current task. | |
546 | ||
05890217 SM |
547 | - Support for the standard Posix ERE named character classes has been |
548 | added to the regexp engine, e.g. [:digit:], [:alpha:], ... | |
549 | ||
550 | - A substantial internal overhaul of the regexp engine has resulted in | |
551 | correct behaviour on further obscure edge cases. The regexp engine | |
552 | now implements the ERE standard and correctly passes the testsuite | |
553 | for the glibc regexp engine (minus portions corresponding to | |
554 | unimplemented features -- i.e. subexpression capture and reuse). | |
555 | ||
8d609ccd JL |
556 | - Alternative functions are now suggested when function probes could not be |
557 | resolved. For example, kernel.function("vfs_reads") will suggest vfs_read. | |
558 | Other probes for which suggestions are made are module.function, | |
559 | process.function, and process.library.function. | |
560 | ||
561 | - Has life been a bit bland lately? Want to spice things up? Why not write a | |
562 | few faulty probes and feast your eyes upon the myriad of colours adorning | |
563 | your terminal as SystemTap softly whispers in your ear... 'parse error'. | |
564 | Search for '--color' in 'man stap' for more info. | |
565 | ||
1022de3a | 566 | - The following tapset functions are deprecated in release 2.3: |
b53b2931 DS |
567 | 'stap_NFS_CLIENT', '__getfh_inode', '_success_check', |
568 | '_sock_prot_num', '_sock_fam_num', '_sock_state_num', | |
569 | '_sock_type_num', and '_sock_flags_num'. | |
1022de3a | 570 | |
e4bf97f8 | 571 | * What's new in version 2.2.1, 2013-05-16 |
3745457b | 572 | * What's new in version 2.2, 2013-05-14 |
762e53a4 | 573 | |
030772fa FCE |
574 | - Experimental support has been added for probing Java methods using |
575 | Byteman 2.0 as a backend. Java method probes can target method entries, | |
576 | returns, or specific statements in the method as specified by line number. | |
f313c59e | 577 | |
296dbeb1 FCE |
578 | probe java("org.my.MyApp").class("^java.lang.Object").method("foo(int)") |
579 | { println($$parms) } | |
f313c59e SM |
580 | |
581 | See java/README for information on how to set up Java/Byteman | |
296dbeb1 | 582 | functionality. Set env STAPBM_VERBOSE=yes for more tracing. |
f313c59e | 583 | |
e4bf97f8 FCE |
584 | - The stap -l output and pn() tapset function's return value may be slightly |
585 | different for complicated web of wildcarded/aliased probes. | |
d885563b | 586 | |
3d0dc3b0 | 587 | - The dyninst backend has improved in several aspects: |
030772fa | 588 | |
3d0dc3b0 SM |
589 | - Setting custom values for global variables is now supported, both |
590 | with -G when compiling a script, and from the stapdyn command line | |
591 | when loading a precompiled module. | |
592 | ||
030772fa FCE |
593 | - A high-performance shared-memory-based transport is used for |
594 | trace data. | |
595 | ||
6086ea14 SM |
596 | - A systemd service file and tmpfile have been added to allow |
597 | systemtap-server to be managed natively by systemd. | |
598 | ||
40abf3c7 SM |
599 | - Due to the removal of register_timer_hook in recent kernels, the |
600 | behaviour of timer.profile has been changed slightly. This probe is | |
601 | now an alias which uses the old mechanism where possible, but falls | |
030772fa FCE |
602 | back to perf.sw.cpu_clock or another mechanism when the kernel timer |
603 | hook is not available. | |
40abf3c7 SM |
604 | |
605 | To require the kernel timer hook mechanism in your script, use | |
606 | timer.profile.tick instead of timer.profile. | |
607 | ||
030772fa | 608 | - The following tapset variables are deprecated in release 2.2: |
3131aa44 DS |
609 | - The 'origin' variables in the 'generic.fop.llseek', |
610 | 'generic.fop.llseek.return', and 'nfs.fop.llseek' probes. The | |
a2785cec DS |
611 | 'origin' variable has been replaced by the 'whence' variable. |
612 | - The 'page_index' variable in the 'vfs.block_sync_page' and | |
613 | 'vfs.buffer_migrate_page' probe aliases. | |
614 | - The 'write_from' and 'write_upto' variables in the | |
615 | '_vfs.block_prepare_write' and '_vfs.block_prepare_write.return' | |
616 | probe aliases. | |
2ab1a2ff DS |
617 | - The 'regs' variable in the 'syscall.sigaltstack', |
618 | 'nd_syscall.sigaltstack', 'syscall.fork', and 'nd_syscall.fork' | |
619 | probe aliases. | |
40fbf66a DS |
620 | - The 'first', 'second', 'third', and 'uptr_uaddr' variables in the |
621 | 'syscall.compat_sys_shmat' and 'nd_syscall.compat_sys_shmat' probe | |
622 | aliases. | |
a2785cec | 623 | |
2f80feee | 624 | - The following tapset functions are deprecated in release 2.2: |
a2785cec | 625 | 'ppos_pos', '_dev_minor', and '_dev_major' |
3131aa44 | 626 | |
19c127dd DS |
627 | - The folowing tapset functions used to return error strings instead |
628 | of raising an error. The original behavior is deprecated in release | |
629 | 2.2. | |
630 | ||
631 | 'ctime', 'probemod', 'modname' | |
632 | ||
addec813 | 633 | * What's new in version 2.1, 2013-02-13 |
03f593dc | 634 | |
edcf7e40 FCE |
635 | - EMACS and VIM editor modes for systemtap source files are included / updated. |
636 | ||
c901d0d8 FCE |
637 | - The translator now eliminates duplicate tapset files between its |
638 | preferred directory (as configured during the build with --prefix=/ | |
639 | or specified with the -I /path option), and files it may find under | |
640 | $XDG_DATA_DIRS. This should eliminate a class of conflicts between | |
641 | parallel system- and hand-built systemtap installations. | |
642 | ||
011d4404 FCE |
643 | - The translator accepts a --suppress-time-limits option, which defeats |
644 | time-related constraints, to allows probe handlers to run for indefinite | |
645 | periods. It requires the guru mode (-g) flag to work. Add the earlier | |
646 | --suppress-handler-errors flag for a gung-ho "just-keep-going" attitude. | |
647 | ||
3689db05 SC |
648 | - Perf event probes may now be read on demand. The counter probe is |
649 | defined using the counter-name part: | |
650 | probe perf.type(0).config(0).counter("NAME"). The counter is | |
651 | read in a user space probe using @perf("NAME"), e.g. | |
652 | process("PROCESS").statement("func@file") {stat <<< @perf("NAME")} | |
653 | ||
6a8fe809 SC |
654 | - Perf event probes may now be bound to a specific task using the |
655 | process-name part: probe perf.type(0).config(0).process("NAME") { } | |
656 | If the probed process name is not specified, then it is inferred | |
657 | from the -c CMD argument. | |
658 | ||
c1a136b7 SM |
659 | - Some error messages and warnings now refer to additional information |
660 | that is found in man pages. These are generally named | |
473c67cd FCE |
661 | error::FOO or warning::BAR (in the 7stap man page section) |
662 | and may be read via | |
663 | % man error::FOO | |
a3309329 | 664 | % man warning::BAR |
a55a284c | 665 | |
9717d7c6 JS |
666 | - The dyninst backend has improved in several aspects: |
667 | - The runtime now allows much more concurrency when probing multithreaded | |
668 | processes, and will also follow probes across forks. | |
669 | - Several new probe types are now supported, including timers, function | |
670 | return, and process.begin/end and process.thread.begin/end. | |
671 | - Semaphores for SDT probes are now set properly. | |
672 | - Attaching to existing processes with -x PID now works. | |
a55a284c | 673 | |
64ed3e15 | 674 | - The foreach looping construct can now sort aggregate arrays by the user's |
2712766d | 675 | choice of aggregating function. Previously, @count was implied. e.g.: |
a3309329 | 676 | foreach ([x,y] in array @sum +) { println(@sum(array[x,y])) } |
2712766d | 677 | |
84dca268 SM |
678 | - Proof of concept support for regular expression matching has been added: |
679 | if ("aqqqqqb" =~ "q*b") { ... } | |
680 | if ("abc" !~ "q*b") { ... } | |
681 | ||
682 | The eventual aim is to support roughly the same functionality as | |
683 | the POSIX Extended Regular Expressions implemented by glibc. | |
684 | Currently missing features include extraction of the matched string | |
685 | and subexpressions, and named character classes ([:alpha:], [:digit:], &c). | |
686 | ||
9511bd7c SM |
687 | Special thanks go to the re2c project, whose public domain code this |
688 | functionality has been based on. For more info on re2c, see: | |
689 | http://sourceforge.net/projects/re2c/ | |
690 | ||
99076643 DS |
691 | - The folowing tapset variables are deprecated in release 2.1 and will |
692 | be removed in release 2.2: | |
693 | - The 'send2queue' variable in the 'signal.send' probe. | |
694 | - The 'oldset_addr' and 'regs' variables in the 'signal.handle' probe. | |
695 | ||
696 | - The following tapset probes are deprecated in release 2.1 and will | |
697 | be removed in release 2.2: | |
698 | - signal.send.return | |
699 | - signal.handle.return | |
700 | ||
a63381cc | 701 | * What's new in version 2.0, 2012-10-09 |
4c4adc41 | 702 | |
45f98a0e JS |
703 | - Systemtap includes a new prototype backend, which uses Dyninst to instrument |
704 | a user's own processes at runtime. This backend does not use kernel modules, | |
705 | and does not require root privileges, but is restricted with respect to the | |
706 | kinds of probes and other constructs that a script may use. | |
707 | ||
8ff439fa | 708 | Users from source should configure --with-dyninst and install a |
1f631bc0 FCE |
709 | fresh dyninst snapshot such as that in Fedora rawhide. It may be |
710 | necessary to disable conflicting selinux checks; systemtap will advise. | |
8ff439fa | 711 | |
5dc0297f SM |
712 | Select this new backend with the new stap option --runtime=dyninst |
713 | and a -c target process, along with normal options. (-x target | |
714 | processes are not supported in this prototype version.) For example: | |
45f98a0e | 715 | |
712b1054 | 716 | stap --runtime=dyninst -c 'stap -l begin' \ |
45f98a0e JS |
717 | -e 'probe process.function("main") { println("hi from dyninst!") }' |
718 | ||
2df0c56c SM |
719 | - To aid diagnosis, when a kernel panic occurs systemtap now uses |
720 | the panic_notifier_list facility to dump a summary of its trace | |
721 | buffers to the serial console. | |
722 | ||
48ac1e74 SM |
723 | - The systemtap preprocessor now has a simple macro facility as follows: |
724 | ||
725 | @define add(a,b) %( ((@a)+(@b)) %) | |
726 | @define probegin(x) %( | |
727 | probe begin { | |
728 | @x | |
729 | } | |
730 | %) | |
731 | ||
732 | @probegin( foo = @add(40, 2); print(foo) ) | |
733 | ||
734 | Macros defined in the user script and regular tapset .stp files are | |
735 | local to the file. To get around this, the tapset library can define | |
736 | globally visible 'library macros' inside .stpm files. (A .stpm file | |
737 | must contain a series of @define directives and nothing else.) | |
738 | ||
739 | The status of the feature is experimental; semantics of macroexpansion | |
740 | may change (unlikely) or expand in the future. | |
741 | ||
b96d48c7 SM |
742 | - Systemtap probe aliases may be used with additional suffixes |
743 | attached. The suffixes are passed on to the underlying probe | |
744 | point(s) as shown below: | |
745 | ||
746 | probe foo = bar, baz { } | |
747 | probe foo.subfoo.option("gronk") { } | |
748 | // expands to: bar.subfoo.option("gronk"), baz.subfoo.option("gronk") | |
749 | ||
750 | In practical terms, this allows us to specify additional options to | |
751 | certain tapset probe aliases, by writing e.g. | |
752 | probe syscall.open.return.maxactive(5) { ... } | |
753 | ||
5dc0297f SM |
754 | - To support the possibility of separate kernel and dyninst backends, |
755 | the tapsets have been reorganized into separate folders according to | |
756 | backend. Thus kernel-specific tapsets are located under linux/, the | |
757 | dyninst-specific ones under dyninst/ | |
758 | ||
136b6516 SM |
759 | - The backtrace/unwind tapsets have been expanded to allow random |
760 | access to individual elements of the backtrace. (A caching mechanism | |
761 | ensures that the backtrace computation run at most once for each | |
762 | time a probe fires, regardless of how many times or what order the | |
763 | query functions are called in.) New tapset functions are: | |
764 | stack/ustack - return n'th element of backtrace | |
765 | callers/ucallers - return first n elements of backtrace | |
766 | print_syms/print_usyms - print full information on a list of symbols | |
767 | sprint_syms/sprint_usyms - as above, but return info as a string | |
136b6516 | 768 | |
0588d227 SM |
769 | The following existing functions have been superseded by print_syms() |
770 | et al.; new scripts are recommended to avoid using them: | |
771 | print_stack() | |
772 | print_ustack() | |
773 | sprint_stack() | |
774 | sprint_ustack() | |
775 | ||
7334c68f SM |
776 | - The probefunc() tapset function is now myproc-unprivileged, and can |
777 | now be used in unprivileged scripts for such things as profiling in | |
778 | userspace programs. For instance, try running | |
779 | systemtap.examples/general/para-callgraph.stp in unprivileged mode | |
1c02dc11 FCE |
780 | with a stapusr-permitted probe. The previous implementation of |
781 | probefunc() is available with "stap --compatible=1.8". | |
7334c68f | 782 | |
56b2a82b | 783 | - Preprocessor conditional to vary code based on script privilege level: |
068f404a SM |
784 | unprivileged -- %( systemtap_privilege == "stapusr" %? ... %) |
785 | privileged -- %( systemtap_privilege != "stapusr" %? ... %) | |
786 | or, alternately %( systemtap_privilege == "stapsys" | |
787 | || systemtap_privilege == "stapdev" %? ... %) | |
a95196ce | 788 | |
e104b317 SM |
789 | - To ease migration to the embedded-C locals syntax introduced in 1.8 |
790 | (namely, STAP_ARG_* and STAP_RETVALUE), the old syntax can now be | |
791 | re-enabled on a per-function basis using the /* unmangled */ pragma: | |
792 | ||
793 | function add_foo:long(a:long, b:long) %{ /* unmangled */ | |
794 | THIS->__retvalue = THIS->a + STAP_ARG_b; | |
795 | %} | |
796 | ||
797 | Note that both the old and the new syntax may be used in an | |
798 | /* unmangled */ function. Functions not marked /* unmangled */ | |
799 | can only use the new syntax. | |
800 | ||
59826bda SM |
801 | - Adjacent string literals are now glued together irrespective of |
802 | intervening whitespace or comments: | |
803 | "foo " "bar" --> "foo bar" | |
804 | "foo " /* comment */ "bar" --> "foo bar" | |
805 | Previously, the first pair of literals would be glued correctly, | |
806 | while the second would cause a syntax error. | |
4c4adc41 FCE |
807 | |
808 | * What's new in version 1.8, 2012-06-17 | |
d92a4cfe | 809 | |
09a4c96a FCE |
810 | - staprun accepts a -T timeout option to allow less frequent wake-ups |
811 | to poll for low-throughput output from scripts. | |
812 | ||
e8474d2a FCE |
813 | - When invoked by systemtap, the kbuild $PATH environment is sanitized |
814 | (prefixed with /usr/bin:/bin:) in an attempt to exclude compilers | |
815 | other than the one the kernel was presumed built with. | |
816 | ||
5650ca76 JS |
817 | - Printf formats can now use "%#c" to escape non-printing characters. |
818 | ||
bee54239 FCE |
819 | - Pretty-printed bitfields use integers and chars use escaped formatting |
820 | for printing. | |
821 | ||
0ec2c5bf DB |
822 | - The systemtap compile-server and client now support IPv6 networks. |
823 | - IPv6 addresses may now be specified on the --use-server option and will | |
824 | be displayed by --list-servers, if the avahi-daemon service is running and | |
825 | has IPv6 enabled. | |
826 | - Automatic server selection will automatically choose IPv4 or IPv6 servers | |
827 | according to the normal server selection criteria when avahi-daemon is | |
828 | running. One is not preferred over the other. | |
829 | - The compile-server will automatically listen on IPv6 addresses, if | |
830 | available. | |
831 | - To enable IPv6 in avahi-daemon, ensure that /etc/avahi/avahi-daemon.conf | |
832 | contains an active "use-ipv6=yes" line. After adding this line run | |
833 | "service avahi-daemon restart" to activate IPv6 support. | |
834 | - See man stap(1) for details on how to use IPv6 addresses with the | |
835 | --use-server option. | |
836 | ||
2a885a4a | 837 | - Support for DWARF4 .debug_types sections (for executables and shared |
bb5eb709 FCE |
838 | libraries compiled with recent GCC's -gdwarf-4 / -fdebug-types-section). |
839 | PR12997. SystemTap now requires elfutils 0.148+, full .debug_types support | |
2a885a4a MW |
840 | depends on elfutils 0.154+. |
841 | ||
051ca2a8 FCE |
842 | - Systemtap modules are somewhat smaller & faster to compile. Their |
843 | debuginfo is now suppressed by default; use -B CONFIG_DEBUG_INFO=y to | |
844 | re-enable. | |
845 | ||
179a00c3 MW |
846 | - @var now an alternative language syntax for accessing DWARF variables |
847 | in uprobe and kprobe handlers (process, kernel, module). @var("somevar") | |
848 | can be used where $somevar can be used. The @var syntax also makes it | |
849 | possible to access non-local, global compile unit (CU) variables by | |
850 | specifying the CU source file as follows @var("somevar@some/src/file.c"). | |
851 | This will provide the target variable value of global "somevar" as defined | |
852 | in the source file "some/src/file.c". The @var syntax combines with all | |
853 | normal features of DWARF target variables like @defined(), @entry(), | |
854 | [N] array indexing, field access through ->, taking the address with | |
bee54239 | 855 | the & prefix and shallow or deep pretty printing with a $ or $$ suffix. |
179a00c3 | 856 | |
3a850315 CM |
857 | - Stap now has resource limit options: |
858 | --rlimit-as=NUM | |
859 | --rlimit-cpu=NUM | |
860 | --rlimit-nproc=NUM | |
861 | --rlimit-stack=NUM | |
862 | --rlimit-fsize=NUM | |
863 | All resource limiting has been moved from the compile server to stap | |
864 | itself. When running the server as "stap-server", default resource | |
865 | limit values are specified in ~stap-server/.systemtap/rc. | |
866 | ||
39c3481b FCE |
867 | - Bug CVE-2012-0875 (kernel panic when processing malformed DWARF unwind data) |
868 | is fixed. | |
869 | ||
0ec2c5bf | 870 | - The systemtap compile-server now supports multiple concurrent connections. |
e57c26ea | 871 | Specify the desired maximum number of concurrent connections with |
288d19f2 FCE |
872 | the new stap-server/stap-serverd --max-threads option. Specify a |
873 | value of '0' to tell the server not to spawn any new threads (handle | |
874 | all connections serially in the main thread). The default value is | |
875 | the number of processor cores on the host. | |
d92a4cfe | 876 | |
96f244c0 DS |
877 | - The following tapset functions are deprecated in release 1.8 and will be |
878 | removed in release 1.9: | |
879 | daddr_to_string() | |
880 | ||
021b3251 SM |
881 | - SystemTap now mangles local variables to avoid collisions with C |
882 | headers included by tapsets. This required a change in how | |
883 | embedded-C functions access local parameters and the return value slot. | |
884 | ||
885 | Instead of THIS->foo in an embedded-C function, please use the newly | |
886 | defined macro STAP_ARG_foo (substitute the actual name of the | |
887 | argument for 'foo'); instead of THIS->__retvalue, use the newly | |
888 | defined STAP_RETVALUE. All of the tapsets and test cases have been | |
889 | adapted to use this new notation. | |
890 | ||
891 | If you need to run code which uses the old THIS-> notation, run stap | |
892 | with the --compatible=1.7 option. | |
893 | ||
2f295355 FCE |
894 | - There is updated support for user-space probing against kernels >= |
895 | 3.5, which have no utrace but do have the newer inode-uprobes work | |
896 | by Srikar Dronamraju and colleagues. For kernels < 3.5, the | |
897 | following 3 sets of kernel patches would need to be backported to | |
898 | your kernel to use this preliminary user-space probing support: | |
899 | ||
900 | - inode-uprobes patches: | |
901 | - 2b144498350860b6ee9dc57ff27a93ad488de5dc | |
902 | - 7b2d81d48a2d8e37efb6ce7b4d5ef58822b30d89 | |
903 | - a5f4374a9610fd7286c2164d4e680436727eff71 | |
904 | - 04a3d984d32e47983770d314cdb4e4d8f38fccb7 | |
905 | - 96379f60075c75b261328aa7830ef8aa158247ac | |
906 | - 3ff54efdfaace9e9b2b7c1959a865be6b91de96c | |
907 | - 35aa621b5ab9d08767f7bc8d209b696df281d715 | |
908 | - 900771a483ef28915a48066d7895d8252315607a | |
909 | - e3343e6a2819ff5d0dfc4bb5c9fb7f9a4d04da73 | |
910 | - exec tracepoint kernel patch: | |
911 | - 4ff16c25e2cc48cbe6956e356c38a25ac063a64d | |
912 | - task_work_add kernel patches: | |
913 | - e73f8959af0439d114847eab5a8a5ce48f1217c4 | |
914 | - 4d1d61a6b203d957777d73fcebf19d90b038b5b2 | |
915 | - 413cd3d9abeaef590e5ce00564f7a443165db238 | |
916 | - dea649b8ac1861107c5d91e1a71121434fc64193 | |
917 | - f23ca335462e3c84f13270b9e65f83936068ec2c | |
918 | ||
83bd2699 | 919 | * What's new in version 1.7, 2012-02-01 |
94d406fc | 920 | |
7cd37b1a CM |
921 | - Map inserting and deleting is now significantly faster due to |
922 | improved hashing and larger hash tables. The hashes are also | |
923 | now randomized to provide better protection against deliberate | |
924 | collision attacks. | |
925 | ||
83bd2699 FCE |
926 | - Formatted printing is faster by compiling the formatting directives |
927 | to C code rather than interpreting at run time. | |
928 | ||
222e16ed | 929 | - Systemtap loads extra command line options from $SYSTEMTAP_DIR/rc |
83bd2699 FCE |
930 | ($HOME/.systemtap/rc by default) before the normal argc/argv. This |
931 | may be useful to activate site options such as --use-server or | |
932 | --download-debuginfo or --modinfo. | |
933 | ||
934 | - The stap-server has seen many improvements, and is no longer considered | |
935 | experimental. | |
222e16ed | 936 | |
071de8a6 DB |
937 | - The stap-server service (initscript) now supports four new options: |
938 | -D MACRO[=VALUE] | |
e7148436 DB |
939 | --log LOGFILE |
940 | --port PORT-NUMBER | |
941 | --SSL CERT-DATABASE | |
071de8a6 DB |
942 | These allow the specification of macro definitions to be passed to stap |
943 | by the server, the location of the log file, network port number and | |
e7148436 DB |
944 | NSS certificate database location respectively. These options are also |
945 | supported within individual server configuration files. See stap-server | |
83bd2699 FCE |
946 | and initscript/README.stap-server for details. The stap-server is no |
947 | longer activated by default. | |
e7148436 | 948 | |
4bda987e SC |
949 | - process("PATH").[library("PATH")].function("NAME").exported probes are now |
950 | supported to filter function() to only exported instances. | |
951 | ||
f026be3f FCE |
952 | - The translator supports a new --suppress-handler-errors option, which |
953 | causes most runtime errors to be turned into quiet skipped probes. This | |
954 | also disables the MAXERRORS and MAXSKIPPED limits. | |
955 | ||
83bd2699 FCE |
956 | - Translator warnings have been standardized and controlled by the -w / -W |
957 | flags. | |
958 | ||
633e5ca7 FCE |
959 | - The translator supports a new --modinfo NAME=VALUE option to emit additional |
960 | MODULE_INFO(n,v) macros into the generated code. | |
961 | ||
c2537ee6 MW |
962 | - There is no more fixed maximum number of VMA pages that will be tracked |
963 | at runtime. This reduces memory use for those scripts that don't need any, | |
964 | or only limited target process VMA tracking and allows easier system | |
965 | wide probes inspecting shared library variables and/or user backtraces. | |
966 | stap will now silently ignore -DTASK_FINDER_VMA_ENTRY_ITEMS. | |
967 | ||
9c910acd FCE |
968 | - The tapset functions remote_id() and remote_uri() identify the member of a |
969 | swarm of "stap --remote FOO --remote BAR baz.stp" concurrent executions. | |
970 | ||
494582b7 DB |
971 | - Systemtap now supports a new privilege level and group, "stapsys", which |
972 | is equivalent to the privilege afforded by membership in the group "stapdev", | |
973 | except that guru mode (-g) functionality may not be used. To support this, a | |
974 | new option, --privilege=[stapusr|stapsys|stapdev] has been added. | |
975 | --privilege=stapusr is equivalent to specifying the existing --unprivileged | |
976 | option. --privilege=stapdev is the default. See man stap(1) for details. | |
977 | ||
01a7cf86 FCE |
978 | - Scripts that use kernel.trace("...") probes compile much faster. |
979 | ||
83bd2699 FCE |
980 | - The systemtap module cache is cleaned less frequently, governed by the |
981 | number of seconds in the $SYSTEMTAP_DIR/cache/cache_clean_interval_s file. | |
982 | ||
88e39987 JS |
983 | - SDT can now define up to 12 arguments in a probe point. |
984 | ||
f1ca50cd FCE |
985 | - Parse errors no longer generate a cascade of false errors. Instead, a |
986 | parse error skips the rest of the current probe or function, and resumes | |
987 | at the next one. This should generate fewer and better messages. | |
988 | ||
b4520557 CM |
989 | - Global array wrapping is now supported for both associative and statistics typed |
990 | arrays using the '%' character to signify a wrapped array. For example, | |
991 | 'global foo%[100]' would allow the array 'foo' to be wrapped if more than 100 | |
992 | elements are inserted. | |
993 | ||
4bda987e SC |
994 | - process("PATH").library("PATH").plt("NAME") probes are now supported. |
995 | Wildcards are supported in the plt-name part, to refer to any function in the | |
996 | program linkage table which matches the glob pattern and the rest of the | |
997 | probe point. | |
4d0fcb93 | 998 | |
b82d77b4 DB |
999 | - A new option, --dump-probe-types, will dump a list of supported probe types. |
1000 | If --unprivileged is also specified, the list will be limited to probe types | |
1001 | which are available to unprivileged users. | |
1002 | ||
d70b339b CM |
1003 | - Systemtap can now automatically download the required debuginfo |
1004 | using abrt. The --download-debuginfo[=OPTION] can be used to | |
1005 | control this feature. Possible values are: 'yes', 'no', 'ask', | |
1006 | and a positive number representing the timeout desired. The | |
1007 | default behavior is to not automatically download the debuginfo. | |
1008 | ||
83bd2699 FCE |
1009 | - The translator has better support for probing C++ applications by |
1010 | better undertanding of compilation units, nested types, templates, | |
1011 | as used in probe point and @cast constructs. | |
1012 | ||
70e85f76 FCE |
1013 | - On 2.6.29+ kernels, systemtap can now probe kernel modules that |
1014 | arrive and/or depart during the run-time of a session. This allows | |
83bd2699 | 1015 | probing of device driver initialization functions, which had formerly been |
70e85f76 FCE |
1016 | blacklisted. |
1017 | ||
83bd2699 FCE |
1018 | - New tapset functions for cpu_clock and local_clock access were added. |
1019 | ||
1020 | - There is some limited preliminary support for user-space probing | |
2f295355 | 1021 | against kernels such as linux-next, which have no utrace but do have |
83bd2699 FCE |
1022 | the newer inode-uprobes work by Srikar Dronamraju and colleagues. |
1023 | ||
6dd0e124 FCE |
1024 | - The following probe types are deprecated in release 1.7 and will be |
1025 | removed in release 1.8: | |
440d9b00 DB |
1026 | kernel.function(number).inline |
1027 | module(string).function(number).inline | |
1028 | process.function(number).inline | |
1029 | process.library(string).function(number).inline | |
1030 | process(string).function(number).inline | |
1031 | process(string).library(string).function(number).inline | |
1032 | ||
6dd0e124 FCE |
1033 | - The systemtap-grapher is deprecated in release 1.7 and will be removed in |
1034 | release 1.8. | |
1035 | ||
af3e4f87 MW |
1036 | - The task_backtrace() tapset function was deprecated in 1.6 and has been |
1037 | removed in 1.7. | |
1038 | ||
1039 | - MAXBACKTRACE did work in earlier releases, but has now been documented | |
1040 | in the stap 1 manual page. | |
1041 | ||
1042 | - New tapset function probe_type(). Returns a short string describing | |
1043 | the low level probe handler type for the current probe point. | |
1044 | ||
1045 | - Both unwind and symbol data is now only collected and emitted for | |
1046 | scripts actually using backtracing or function/data symbols. | |
1047 | Tapset functions are marked with /* pragma:symbols */ or | |
1048 | /* pragma:unwind */ to indicate they need the specific data. | |
1049 | ||
1050 | - Kernel backtraces can now be generated for non-pt_regs probe context | |
1051 | if the kernel support dump_trace(). This enables backtraces from | |
1052 | certain timer probes and tracepoints. | |
1053 | ||
1054 | - ubacktrace() should now also work for some kernel probes on x86 which can | |
1055 | use the dwarf unwinder to recover the user registers to provide | |
1056 | more accurate user backtraces. | |
1057 | ||
1058 | - For s390x the systemtap runtime now properly splits kernel and user | |
1059 | addresses (which are in separate address spaces on that architecture) | |
1060 | which enable user space introspection. | |
1061 | ||
1062 | - ppc and s390x now supports user backtraces through the DWARF unwinder. | |
1063 | ||
1064 | - ppc now handles function descriptors as symbol names correctly. | |
1065 | ||
1066 | - arm support kernel backtraces through the DWARF unwinder. | |
1067 | ||
1068 | - arm now have a uprobes port which enables user probes. This still | |
1069 | requires some kernel patches (user_regsets and tracehook support for | |
1070 | arm). | |
1071 | ||
9369982e DS |
1072 | - Starting in release 1.7, these old variables will be deprecated: |
1073 | - The 'pid' variable in the 'kprocess.release' probe has been | |
1074 | deprecated in favor of the new 'released_pid' variable. | |
1075 | - The 'args' variable in the | |
1076 | '_sunrpc.clnt.create_client.rpc_new_client_inline' probe has been | |
1077 | deprecated in favor of the new internal-only '__args' variable. | |
2cf25147 | 1078 | |
567f504d DS |
1079 | - Experimental support for recent kernels without utrace has been |
1080 | added for the following probe types: | |
1081 | ||
1082 | process(PID).begin | |
1083 | process("PATH").begin | |
1084 | process.begin | |
1085 | process(PID).thread.begin | |
1086 | process("PATH").thread.begin | |
1087 | process.thread.begin | |
1088 | process(PID).end | |
1089 | process("PATH").end | |
1090 | process.end | |
1091 | process(PID).thread.end | |
1092 | process("PATH").thread.end | |
1093 | process.thread.end | |
1094 | process(PID).syscall | |
1095 | process("PATH").syscall | |
1096 | process.syscall | |
1097 | process(PID).syscall.return | |
1098 | process("PATH").syscall.return | |
1099 | process.syscall.return | |
1100 | ||
83bd2699 FCE |
1101 | - staprun disables kprobe-optimizations in recent kernels, as problems |
1102 | were found. (PR13193) | |
1103 | ||
a7ebbe13 | 1104 | * What's new in version 1.6, 2011-07-25 |
358771db | 1105 | |
304d73b1 FCE |
1106 | - Security fixes for CVE-2011-2503: read instead of mmap to load modules, |
1107 | CVE-2011-2502: Don't allow path-based auth for uprobes | |
1108 | ||
5b314cd0 DB |
1109 | - The systemtap compile-server no longer uses the -k option when calling the |
1110 | translator (stap). As a result, the server will now take advantage of the | |
1111 | module cache when compiling the same script more than once. You may observe | |
1112 | an improvement in the performance of the server in this situation. | |
1113 | ||
1114 | - The systemtap compile-server and client now each check the version of the | |
1115 | other, allowing both to adapt when communicating with a down-level | |
1116 | counterpart. As a result, all version of the client can communicate | |
1117 | with all versions of the server and vice-versa. Client will prefer newer | |
1118 | servers when selecting a server automatically. | |
1119 | ||
fb12b1e0 WC |
1120 | - SystemTap has improved support for the ARM architecture. The |
1121 | kread() and kwrite() operations for ARM were corrected allowing many | |
1122 | of the tapsets probes and function to work properly on the ARM | |
1123 | architecture. | |
1124 | ||
0497872a CM |
1125 | - Staprun can now rename the module to a unique name with the '-R' option before |
1126 | inserting it. Systemtap itself will also call staprun with '-R' by default. | |
1127 | This allows the same module to be inserted more than once, without conflicting | |
1128 | duplicate names. | |
1129 | ||
abc330b6 LB |
1130 | - Systemtap error messages now provide feedback when staprun or any other |
1131 | process fails to launch. This also specifically covers when the user | |
1132 | doesn't have the proper permissions to launch staprun. | |
1133 | ||
c523a015 LB |
1134 | - Systemtap will now map - to _ in module names. Previously, |
1135 | stap -L 'module("i2c-core").function("*")' would be empty. It now returns | |
1136 | a list had stap -L 'module("i2c_core").function("*") been specified. | |
1137 | ||
ee3fbc52 FCE |
1138 | - Systemtap now fills in missing process names to probe points, to |
1139 | avoid having to name them twice twice: | |
1140 | % stap -e 'probe process("a.out").function("*") {}' -c 'a.out ...' | |
1141 | Now the probed process name is inferred from the -c CMD argument. | |
1142 | % stap -e 'probe process.function("*") {}' -c 'a.out ...' | |
6d5d594e | 1143 | |
5a195cd5 LB |
1144 | - stap -L 'process("PATH").syscall' will now list context variables |
1145 | ||
e050d62f MW |
1146 | - Depends on elfutils 0.142+. |
1147 | ||
20ab10df MW |
1148 | - Deprecated task_backtrace:string (task:long). This function will go |
1149 | away after 1.6. Please run your scripts with stap --check-version. | |
1150 | ||
a64d8b13 | 1151 | * What's new in version 1.5, 2011-05-23 |
5dbcdbd6 | 1152 | |
304d73b1 FCE |
1153 | - Security fixes for CVE-2011-1781, CVE-2011-1769: correct DW_OP_{mod,div} |
1154 | division-by-zero bug | |
1155 | ||
5dbcdbd6 DB |
1156 | - The compile server and its related tools (stap-gen-ert, stap-authorize-cert, |
1157 | stap-sign-module) have been re-implemented in C++. Previously, these | |
1158 | components were a mix of bash scripts and C code. These changes should be | |
1159 | transparent to the end user with the exception of NSS certificate database | |
1160 | password prompting (see below). The old implementation would prompt more | |
1161 | than once for the same password in some situations. | |
1162 | ||
eb521ae6 LB |
1163 | - eventcount.stp now allows for event counting in the format of |
1164 | 'stap eventcount.stp process.end syscall.* ...', and also reports | |
1165 | corresponding event tid's. | |
6e0c15da | 1166 | |
d1d13a8b SC |
1167 | - Systemtap checks that the build-id of the module being probed matches the |
1168 | build-id saved in the systemtap module. Invoking systemtap with | |
1169 | -DSTP_NO_BUILDID_CHECK will bypass this build-id runtime verification. See | |
1170 | man ld(1) for info on --build-id. | |
1171 | ||
276c6712 LB |
1172 | - stapio will now report if a child process has an abnormal exit along with |
1173 | the associated status or signal. | |
1174 | ||
710a2a45 SC |
1175 | - Compiler optimization may sometimes result in systemtap not being able to |
1176 | access a user-space probe argument. Compiling the application with | |
1177 | -DSTAP_SDT_ARG_CONSTRAINT=nr will force the argument to be an immediate or | |
1178 | register value which should enable systemtap to access the argument. | |
1179 | ||
2a990836 LB |
1180 | - GNU Gettext has now been intergrated with systemtap. Our translation |
1181 | page can be found at http://www.transifex.net/projects/p/systemtap/ . | |
1182 | "make update-po" will generate the necessary files to use translated | |
1183 | messages. Please refer to the po/README file for more info and | |
1184 | please consider contributing to this I18N effort! | |
1185 | ||
bf8e91d0 JS |
1186 | - The new addr() function returns the probe's instruction pointer. |
1187 | ||
b73a1293 SC |
1188 | - process("...").library("...") probes are now supported. Wildcards |
1189 | are supported in the library-name part, to refer to any shared | |
1190 | library that is required by process-name, which matches the glob | |
1191 | pattern and the rest of the probe point. | |
1192 | ||
b9d64db6 JS |
1193 | - The "--remote USER@HOST" functionality can now be specified multiple times |
1194 | to fan out on multiple targets. If the targets have distinct kernel and | |
1195 | architecture configurations, stap will automatically build the script | |
1196 | appropriately for each one. This option is also no longer considered | |
1197 | experimental. | |
1198 | ||
e96e9380 DB |
1199 | - The NSS certificate database generated for use by the compile server is now |
1200 | generated with no password. Previously, a random password was generated and | |
1201 | used to access the database. This change should be transparent to most users. | |
1202 | However, if you are prompted for a password when using systemtap, then | |
1203 | running $libexecdir/stap-gen-cert should correct the problem. | |
1204 | ||
798cba32 FCE |
1205 | - The timestamp tapset includes jiffies() and HZ() for lightweight approximate |
1206 | timekeeping. | |
1207 | ||
4ce43c59 FCE |
1208 | - A powerful new command line option --version has been added. |
1209 | ||
c2807b0b SC |
1210 | - process.mark now supports $$parms for reading probe parameters. |
1211 | ||
cc28ec4f FCE |
1212 | - A new command line option, --use-server-on-error[=yes|no] is available |
1213 | for stap. It instructs stap to retry compilation of a script using a | |
1214 | compile server if it fails on the local host. The default setting | |
1215 | is 'no'. | |
ce286ff0 | 1216 | |
1114c4f2 DB |
1217 | - The following deprecated tools have been removed: |
1218 | stap-client | |
1219 | stap-authorize-server-cert | |
1220 | stap-authorize-signing-cert | |
1221 | stap-find-or-start-server | |
1222 | stap-find-servers | |
1223 | Use the --use-server, --trust-server and --list-servers options of stap | |
cc28ec4f | 1224 | instead. |
6e0c15da | 1225 | |
c36cb86a | 1226 | * What's new in version 1.4, 2011-01-17 |
051bc1a0 | 1227 | |
304d73b1 FCE |
1228 | - Security fixes for CVE-2010-4170, CVE-2010-4171: staprun module |
1229 | loading/unloading | |
1230 | ||
02f44009 DB |
1231 | - A new /* myproc-unprivileged */ marker is now available for embedded C |
1232 | code and and expressions. Like the /* unprivileged */ marker, it makes | |
1233 | the code or expression available for use in unprivileged mode (see | |
1234 | --unprivileged). However, it also automatically adds a call to | |
1235 | assert_is_myproc() to the code or expression, thus, making it available | |
1236 | to the unprivileged user only if the target of the current probe is within | |
1237 | the user's own process. | |
1238 | ||
e37d61db FCE |
1239 | - The experimental "--remote USER@HOST" option will run pass 5 on a given |
1240 | ssh host, after building locally (or with --use-server) for that target. | |
6eb5c1a1 | 1241 | |
8358a79c FCE |
1242 | - Warning messages from the script may now be suppressed with the stap |
1243 | and/or staprun -w option. By default, duplicate warning messages are | |
1244 | suppressed (up to a certain limit). With stap --vp 00002 and above, | |
1245 | the duplicate elimination is defeated. | |
1246 | ||
35f71b69 FCE |
1247 | - The print_ubacktrace and usym* functions attempt to print the full |
1248 | path of the user-space binaries' paths, instead of just the basename. | |
1249 | The maximum saved path length is set by -DTASK_FINDER_VMA_ENTRY_PATHLEN, | |
121d2e8f FCE |
1250 | default 64. Warning messages are produced if unwinding fails due to |
1251 | a missing 'stap -d MODULE' option, providing preloaded unwind data. | |
35f71b69 | 1252 | |
d62c7736 FCE |
1253 | - The new tz_ctime() tapset function prints times in the local time zone. |
1254 | ||
685087ea FCE |
1255 | - More kernel tracepoints are accessible to the kernel.trace("...") mechanism, |
1256 | if kernel source trees or debuginfo are available. These formerly "hidden" | |
1257 | tracepoints are those that are declared somewhere other than the usual | |
1258 | include/linux/trace/ headers, such as xfs and kvm. | |
1259 | ||
c480f651 FCE |
1260 | - debuginfo-based process("...").function/.statement/.mark probes support |
1261 | wildcards in the process-name part, to refer to any executable files that | |
1262 | match the glob pattern and the rest of the probe point. | |
c3c5e2eb | 1263 | |
a1e3433a LB |
1264 | - The -t option now displays information per probe-point rather than a summary |
1265 | for each probe. It also now shows the derivation chain for each probe-point. | |
d1eef011 | 1266 | |
6a46f4fb FCE |
1267 | - A rewrite of the sys/sdt.h header file provides zero-cost startup (few or |
1268 | no ELF relocations) for the debuginfo-less near-zero-cost runtime probes. | |
1269 | Binaries compiled with earlier sdt.h versions remain supported. The | |
1270 | stap -L (listing) option now lists parameters for sys/sdt.h markers. | |
1271 | ||
0dd4c6e7 DB |
1272 | - The implementation of the integrated compile-server client has been |
1273 | extended. | |
0dd4c6e7 DB |
1274 | o --use-server now accepts an argument representing a particular server and |
1275 | may be specified more than once. | |
1276 | o --list-servers now accepts an expanded range of arguments. | |
c3c5e2eb FCE |
1277 | o a new --trust-servers option has been added to stap to replace several |
1278 | old certificate-management scripts. | |
219868f8 DB |
1279 | o The following tools are now deprecated and will be removed in release 1.5: |
1280 | stap-client | |
1281 | stap-authorize-server-cert | |
1282 | stap-authorize-signing-cert | |
1283 | stap-find-or-start-server | |
1284 | stap-find-servers | |
1285 | See man stap(1) for complete details. | |
1286 | ||
1287 | - The compile-server now returns the uprobes.ko to the client when it is | |
1288 | required by the script being compiled. The integrated compile-server client | |
1289 | now makes it available to be loaded by staprun. The old (deprecated) | |
1290 | stap-client does not do this. | |
0dd4c6e7 | 1291 | |
d1bcbe71 RH |
1292 | - process probes with scripts as the target are recognized by stap and the |
1293 | interpreter would be selected for probing. | |
1294 | ||
8dc503b6 FCE |
1295 | - Starting in release 1.5, these old variables/functions will be deprecated |
1296 | and will only be available when the '--compatible=1.4' flag is used: | |
1297 | ||
d1eef011 DS |
1298 | - In the 'syscall.add_key' probe, the 'description_auddr' variable |
1299 | has been deprecated in favor of the new 'description_uaddr' | |
1300 | variable. | |
1301 | - In the 'syscall.fgetxattr', 'syscall.fsetxattr', | |
1302 | 'syscall.getxattr', 'syscall.lgetxattr', and | |
1303 | 'syscall.lremovexattr' probes, the 'name2' variable has been | |
1304 | deprecated in favor of the new 'name_str' variable. | |
89e2abb1 DS |
1305 | - In the 'nd_syscall.accept' probe the 'flag_str' variable |
1306 | has been deprecated in favor of the new 'flags_str' variable. | |
1307 | - In the 'nd_syscall.dup' probe the 'old_fd' variable has been | |
1308 | deprecated in favor of the new 'oldfd' variable. | |
1309 | - In the 'nd_syscall.fgetxattr', 'nd_syscall.fremovexattr', | |
1310 | 'nd_syscall.fsetxattr', 'nd_syscall.getxattr', and | |
1311 | 'nd_syscall.lremovexattr' probes, the 'name2' variable has been | |
1312 | deprecated in favor of the new 'name_str' variable. | |
8dc503b6 FCE |
1313 | - The tapset alias 'nd_syscall.compat_pselect7a' was misnamed. It should |
1314 | have been 'nd_syscall.compat_pselect7' (without the trailing 'a'). | |
1315 | - The tapset function 'cpuid' is deprecated in favor of the better known | |
1316 | 'cpu'. | |
b149489c DS |
1317 | - In the i386 'syscall.sigaltstack' probe, the 'ussp' variable has |
1318 | been deprecated in favor of the new 'uss_uaddr' variable. | |
1319 | - In the ia64 'syscall.sigaltstack' probe, the 'ss_uaddr' and | |
1320 | 'oss_uaddr' variables have been deprecated in favor of the new | |
1321 | 'uss_uaddr' and 'uoss_uaddr' variables. | |
1322 | - The powerpc tapset alias 'syscall.compat_sysctl' was deprecated | |
1323 | and renamed 'syscall.sysctl32'. | |
1324 | - In the x86_64 'syscall.sigaltstack' probe, the 'regs_uaddr' | |
1325 | variable has been deprecated in favor of the new 'regs' variable. | |
89e2abb1 | 1326 | |
4432f146 | 1327 | * What's new in version 1.3, 2010-07-21 |
649260f3 | 1328 | |
c9b524b2 JS |
1329 | - The uprobes kernel module now has about half the overhead when probing |
1330 | NOPs, which is particularly relevant for sdt.h markers. | |
1331 | ||
866b7fea FCE |
1332 | - New stap option -G VAR=VALUE allows overriding global variables |
1333 | by passing the settings to staprun as module options. | |
bb25d08f | 1334 | |
b352f4b0 DS |
1335 | - The tapset alias 'syscall.compat_pselect7a' was misnamed. It should |
1336 | have been 'syscall.compat_pselect7' (without the trailing 'a'). | |
70032df1 DS |
1337 | Starting in release 1.4, the old name will be deprecated and |
1338 | will only be available when the '--compatible=1.3' flag is used. | |
b352f4b0 | 1339 | |
279aece5 FCE |
1340 | - A new procfs parameter .umask(UMASK) which provides modification of |
1341 | file permissions using the proper umask value. Default file | |
1342 | permissions for a read probe are 0400, 0200 for a write probe, and | |
1343 | 0600 for a file with a read and write probe. | |
1344 | ||
49db4869 MW |
1345 | - It is now possible in some situations to use print_ubacktrace() to |
1346 | get a user space stack trace from a kernel probe point. e.g. for | |
1347 | user backtraces when there is a pagefault: | |
1348 | $ stap -d /bin/sort --ldd -e 'probe vm.pagefault { | |
1349 | if (pid() == target()) { | |
1350 | printf("pagefault @0x%x\n", address); print_ubacktrace(); | |
1351 | } }' -c /bin/sort | |
1352 | [...] | |
1353 | pagefault @0x7fea0595fa70 | |
1354 | 0x000000384f07f958 : __GI_strcmp+0x12b8/0x1440 [libc-2.12.so] | |
1355 | 0x000000384f02824e : __gconv_lookup_cache+0xee/0x5a0 [libc-2.12.so] | |
1356 | 0x000000384f021092 : __gconv_find_transform+0x92/0x2cf [libc-2.12.so] | |
1357 | 0x000000384f094896 : __wcsmbs_load_conv+0x106/0x2b0 [libc-2.12.so] | |
1358 | 0x000000384f08bd90 : mbrtowc+0x1b0/0x1c0 [libc-2.12.so] | |
1359 | 0x0000000000404199 : ismbblank+0x39/0x90 [sort] | |
1360 | 0x0000000000404a4f : inittables_mb+0xef/0x290 [sort] | |
1361 | 0x0000000000406934 : main+0x174/0x2510 [sort] | |
1362 | 0x000000384f01ec5d : __libc_start_main+0xfd/0x1d0 [libc-2.12.so] | |
1363 | 0x0000000000402509 : _start+0x29/0x2c [sort] | |
1364 | [...] | |
1365 | ||
1366 | - New tapset functions to get a string representation of a stack trace: | |
1367 | sprint_[u]backtrace() and sprint_[u]stack(). | |
1368 | ||
1369 | - New tapset function to get the module (shared library) name for a | |
1370 | user space address umodname:string(long). The module name will now | |
1371 | also be in the output of usymdata() and in backtrace addresses even | |
1372 | when they were not given with -d at the command line. | |
1373 | ||
1374 | - Kernel backtraces are now much faster (replaced a linear search | |
1375 | with a binary search). | |
1376 | ||
eb3a0eee | 1377 | - A new integrated compile-server client is now available as part of stap. |
1e7630bf | 1378 | |
eb3a0eee DB |
1379 | o 'stap --use-server ...' is equivalent to 'stap-client ...' |
1380 | o 'stap --list-servers' is equivalent to 'stap-find-servers' | |
1381 | o 'stap --list-servers=online' is equivalent to 'stap-find-servers --all' | |
1e7630bf DB |
1382 | o stap-client and its related tools will soon be deprecated. |
1383 | o the nss-devel and avahi-devel packages are required for building stap with | |
1384 | the integrated client (checked during configuration). | |
1385 | o nss and avahi are required to run the integrated client. | |
1386 | ||
8cc799a5 JS |
1387 | - A new operator @entry is available for automatically saving an expression |
1388 | at entry time for use in a .return probe. | |
1389 | probe foo.return { println(get_cycles() - @entry(get_cycles())) } | |
1390 | ||
34af38db JS |
1391 | - Probe $target variables and @cast() can now use a suffix to print complex |
1392 | data types as strings. Use a single '$' for a shallow view, or '$$' for a | |
1393 | deeper view that includes nested types. For example, with fs_struct: | |
1394 | $fs$ : "{.users=%i, .lock={...}, .umask=%i, | |
1395 | .in_exec=%i, .root={...}, .pwd={...}}" | |
1396 | $fs$$ : "{.users=%i, .lock={.raw_lock={.lock=%u}}, .umask=%i, .in_exec=%i, | |
1397 | .root={.mnt=%p, .dentry=%p}, .pwd={.mnt=%p, .dentry=%p}}" | |
1398 | ||
a794dbeb FCE |
1399 | - The <sys/sdt.h> user-space markers no longer default to an implicit |
1400 | MARKER_NAME_ENABLED() semaphore check for each marker. To check for | |
1401 | enabled markers use a .d declaration file, then: | |
1402 | if (MARKER_NAME_ENABLED()) MARKER_NAME() | |
954b1d89 | 1403 | |
ef428667 FCE |
1404 | - Hyphenated <sys/sdt.h> marker names such as process(...).mark("foo-bar") |
1405 | are now accepted in scripts. They are mapped to the double-underscore | |
1406 | form ("foo__bar"). | |
1407 | ||
279aece5 FCE |
1408 | - More robust <sys/sdt.h> user-space markers support is included. For |
1409 | some platforms (x86*, ppc*), this can let systemtap probe the markers | |
1410 | without debuginfo. This implementation also supports preserving | |
a794dbeb FCE |
1411 | the "provider" name associated with a marker: |
1412 | probe process("foo").provider("bar").mark("baz") to match | |
1413 | STAP_PROBE<n>(bar, baz <...>) | |
279aece5 FCE |
1414 | (Compile with -DSTAP_SDT_V1 to revert to the previous implementation. |
1415 | Systemtap supports pre-existing or new binaries using them.) | |
f83336a5 | 1416 | |
7d902887 FCE |
1417 | - Embedded-C may be used within expressions as values, when in guru mode: |
1418 | num = %{ LINUX_VERSION_CODE %} // int64_t | |
1419 | name = %{ /* string */ THIS_MODULE->name %} // const char* | |
1420 | printf ("%s %x\n", name, num) | |
1421 | The usual /* pure */, /* unprivileged */, and /* guru */ markers may be used | |
1422 | as with embedded-C functions. | |
1423 | ||
38105915 | 1424 | - By default the systemtap-runtime RPM builds now include a shared |
114fbea7 | 1425 | library, staplog.so, that allows crash to extract systemtap data from |
38105915 WC |
1426 | a vmcore image. |
1427 | ||
9747ca47 JS |
1428 | - Iterating with "foreach" can now explicitly save the value for the loop. |
1429 | foreach(v = [i,j] in array) | |
1430 | printf("array[%d,%s] = %d\n", i, j, v /* array[i,j] */) | |
1431 | ||
ef06c938 FCE |
1432 | - The new "--ldd" option automatically adds any additional shared |
1433 | libraries needed by probed or -d-listed userspace binaries to the -d | |
e19ae9a8 FCE |
1434 | list, to enable symbolic backtracing through them. Similarly, the |
1435 | new "--all-modules" option automatically adds any currently loaded | |
1436 | kernel modules (listed in /proc/modules) to the -d list. | |
ef06c938 | 1437 | |
b2c904c0 JS |
1438 | - A new family of set_kernel_* functions make it easier for gurus to write |
1439 | new values at arbitrary memory addresses. | |
1440 | ||
649260f3 JS |
1441 | - Probe wildcards can now use '**' to cross the '.' separator. |
1442 | $ stap -l 'sys**open' | |
1443 | syscall.mq_open | |
1444 | syscall.open | |
1445 | ||
13c4a0b0 FCE |
1446 | - Backward compatibility flags (--compatible=VERSION, and matching |
1447 | script preprocessing predicate %( systemtap_v CMP "version" %) | |
1448 | and a deprecation policy are being introduced, in case future | |
1449 | tapset/language changes break valid scripts. | |
1450 | ||
4432f146 | 1451 | * What's new in version 1.2, 2010-03-22 |
489e3d51 | 1452 | |
f33e9151 FCE |
1453 | - Prototype support for "perf events", where the kernel supports the |
1454 | 2.6.33 in-kernel API. Probe points may refer to low-level | |
1455 | perf_event_attr type/config numbers, or to a number of aliases | |
1456 | defined in the new perf.stp tapset: | |
1457 | probe perf.sw.cpu_clock, perf.type(0).config(4) { } | |
1458 | ||
da9e11bd JS |
1459 | - Type-casting can now use multiple headers to resolve codependencies. |
1460 | @cast(task, "task_struct", | |
1461 | "kernel<linux/sched.h><linux/fs_struct.h>")->fs->umask | |
1462 | ||
9039b639 FCE |
1463 | - Tapset-related man pages have been renamed. 'man -k 3stap' should show |
1464 | the installed list, which due to prefixing should no longer collide over | |
1465 | ordinary system functions. | |
1466 | ||
985adad3 | 1467 | - User space marker arguments no longer use volatile if the version of gcc, |
03a74626 | 1468 | which must be at least 4.5.0, supports richer DWARF debuginfo. Use cflags |
87d85b96 FCE |
1469 | -DSTAP_SDT_VOLATILE=volatile or -DSTAP_SDT_VOLATILE= when building |
1470 | the sys/sdt.h application to override this one way or another. | |
103c7c8d | 1471 | |
f4fe2e93 FCE |
1472 | - A new construct for error handling is available. It is similar to c++ |
1473 | exception catching, using try and catch as new keywords. Within a handler | |
1474 | or function, the following is valid and may be nested: | |
1475 | try { /* arbitrary statements */ } | |
1476 | catch (er) { /* e.g. println("caught error ", er) */ } | |
1477 | ||
57a56e00 FCE |
1478 | - A new command line flag '-W' forces systemtap to abort translation of |
1479 | a script if any warnings are produced. It is similar to gcc's -Werror. | |
1480 | (If '-w' is also supplied to suppress warnings, it wins.) | |
1481 | ||
30263a73 FCE |
1482 | - A new predicate @defined is available for testing whether a |
1483 | particular $variable/expression is resolvable at translate time: | |
1484 | probe foo { if (@defined($bar)) log ("$bar is available here") } | |
1485 | ||
489e3d51 FCE |
1486 | - Adjacent string literals are glued together, making this |
1487 | construct valid: | |
1488 | probe process("/usr" @1 "/bin").function("*") { ... } | |
1489 | ||
15b2e969 FCE |
1490 | - In order to limit potential impact from future security problems, |
1491 | the stap-server process does not permit its being launched as root. | |
1492 | ||
489e3d51 FCE |
1493 | - On recent kernels, for some architectures/configurations, hardware |
1494 | breakpoint probes are supported. The probe point syntax is: | |
1495 | ||
1496 | probe kernel.data(ADDRESS).write | |
1497 | probe kernel.data(ADDRESS).length(LEN).write | |
1498 | probe kernel.data("SYMBOL_NAME").write | |
dd225250 | 1499 | |
4432f146 | 1500 | * What's new in version 1.1, 2010-01-15 |
450718c9 | 1501 | |
d5d6f6f1 RD |
1502 | - New tracepoint based tapset for memory subsystem. |
1503 | ||
bcdf36b1 FCE |
1504 | - The loading of signed modules by staprun is no longer allowed for |
1505 | ordinary, unprivileged users. This means that only root, members of | |
de23650e | 1506 | the group 'stapdev' and members of the group 'stapusr' can load |
bcdf36b1 FCE |
1507 | systemtap modules using staprun, stap or stap-client. The minimum |
1508 | privilege required to run arbitrary --unprivileged scripts is now | |
de23650e | 1509 | 'stapusr' membership. |
bcdf36b1 FCE |
1510 | |
1511 | - The stap-server initscript is available. This initscript allows you | |
1512 | to start systemtap compile servers as a system service and to manage | |
1513 | these servers as a group or individually. The stap-server initscript | |
1514 | is installed by the systemtap-server rpm. The build directory for | |
1515 | the uprobes module (/usr/share/systemtap/runtime/uprobes) is made | |
1516 | writable by the 'stap-server' group. All of the files generated when | |
1517 | building the uprobes module, including the digital signature, are | |
1518 | also writable by members of stap-server. | |
d2c9f522 | 1519 | |
5807ac64 DB |
1520 | See initscript/README.stap-server for details. |
1521 | ||
b515db67 WH |
1522 | - Some of the compile server client, server and certificate management |
1523 | tools have been moved from $bindir to $libexecdir/systemtap. | |
0f4e0b6f DB |
1524 | You should use the new stap-server script or the stap-server initscript |
1525 | for server management where possible. The stap-server script provides the same | |
1526 | functionality as the stap-server initscript except that the servers are | |
1527 | run by the invoking user by default as opposed to servers started by the | |
1528 | stap-server initscript which are run by the user stap-server | |
1529 | by default. See stap-server(8) for more information. | |
1530 | ||
1531 | You may continue to use these tools by adding $libexecdir/systemtap to | |
1532 | your path. You would need to do this, for example, if you are not root, | |
1533 | you want to start a compile server and you are not running systemtap from a | |
1534 | private installation. In this case you still need to use stap-start-server. | |
1535 | ||
0710d850 DS |
1536 | - Any diagnostic output line that starts with "ERROR", as in |
1537 | error("foo"), will promote a "Pass 5: run failed", and the return | |
1538 | code is 1. | |
b49f69f3 | 1539 | |
2e526dab FCE |
1540 | - Systemtap now warns about global variables being referenced from other |
1541 | script files. This aims to protect against unintended local-vs-global | |
1542 | namespace collisions such as: | |
1543 | ||
1544 | % cat some_tapset.stp | |
1545 | probe baz.one = bar { foo = $foo; bar = $bar } | |
1546 | % cat end_user_script.stp | |
1547 | global foo # intended to be private variable | |
1548 | probe timer.s(1) { foo ++ } | |
1549 | probe baz.* { println(foo, pp()) } | |
1550 | % stap end_user_script.stp | |
1551 | WARNING: cross-file global variable reference to foo from some_tapset.stp | |
1552 | ||
561079c8 FCE |
1553 | - Preprocessor conditional for kernel configuration testing: |
1554 | %( CONFIG_foo == "y" %? ... %) | |
1555 | ||
450718c9 FCE |
1556 | - ftrace(msg:string) tapset function to send strings to the system-wide |
1557 | ftrace ring-buffer (if any). | |
1558 | ||
6e2d1162 MW |
1559 | - Better support for richer DWARF debuginfo output from GCC 4.5 |
1560 | (variable tracking assignments). Kernel modules are now always resolved | |
1561 | against all their dependencies to find any info referring to missing | |
1562 | symbols. DW_AT_const_value is now supported when no DW_AT_location | |
1563 | is available. | |
1564 | ||
4432f146 | 1565 | * What's new in verson 1.0, 2009-09-22 |
f07c3b68 | 1566 | |
23c0a2b3 JS |
1567 | - process().mark() probes now use an enabling semaphore to reduce the |
1568 | computation overhead of dormant probes. | |
1569 | ||
bb2b3e3b JS |
1570 | - The function spec for dwarf probes now supports C++ scopes, so you can |
1571 | limit the probes to specific namespaces or classes. Multiple scopes | |
1572 | can be specified, and they will be matched progressively outward. | |
1573 | probe process("foo").function("std::vector<*>::*") { } | |
1574 | probe process("foo").function("::global_function") { } | |
1575 | ||
4b2cdd06 JS |
1576 | - It is now possible to cross-compile systemtap scripts for foreign |
1577 | architectures, using the new '-a ARCH' and '-B OPT=VALUE' flags. | |
1578 | For example, put arm-linux-gcc etc. into your $PATH, and point | |
1579 | systemtap at the target kernel build tree with: | |
1580 | stap -a arm -B CROSS_COMPILE=arm-linux- -r /build/tree [...] | |
1581 | The -B option is passed to kbuild make. -r identifies the already | |
1582 | configured/built kernel tree and -a its architecture (kbuild ARCH=...). | |
1583 | Systemtap will infer -p4. | |
1584 | ||
ba01c24c | 1585 | - Cross compilation using the systemtap client and server |
742b8971 JS |
1586 | - stap-start-server now accepts the -r, -R, -I, -B and -a options in |
1587 | order to start a cross compiling server. The server will correctly | |
1588 | advertise itself with respect to the kernel release and architecture | |
1589 | that it compiles for. | |
1590 | - When specified on stap-client, the -r and -a options will be | |
1591 | considered when searching for a suitable server. | |
ba01c24c | 1592 | |
742b8971 | 1593 | - When using the systemtap client and server udp port 5353 must be open |
de23650e | 1594 | in your firewall in order for the client to find servers using |
742b8971 JS |
1595 | avahi-browse. Also the systemtap server will choose a random port in |
1596 | the range 1024-63999 for accepting ssl connections. | |
902d0d67 | 1597 | |
500bc85c | 1598 | - Support for unprivileged users: |
f6efd18a MW |
1599 | *********************************************************************** |
1600 | * WARNING!!!!!!!!!! * | |
1601 | * This feature is EXPERIMENTAL at this time and should be used with * | |
1602 | * care. This feature allows systemtap kernel modules to be loaded by * | |
1603 | * unprivileged users. The user interface and restrictions will change * | |
1604 | * as this feature evolves. * | |
1605 | *********************************************************************** | |
742b8971 JS |
1606 | - Systemtap modules generated from scripts which use a restricted |
1607 | subset of the features available may be loaded by staprun for | |
1608 | unprivileged users. Previously, staprun would load modules only for | |
1609 | root or for members of the groups stapdev and stapusr. | |
f6efd18a MW |
1610 | - Using the --unprivileged option on stap enables translation-time |
1611 | checking for use by unprivileged users (see restrictions below). | |
1612 | - All modules deemed suitable for use by unprivileged users will be | |
ba01c24c | 1613 | signed by the systemtap server when --unprivileged is specified on |
742b8971 JS |
1614 | stap-client. See module signing in release 0.9.8 and stap-server in |
1615 | release 0.9 below. | |
f6efd18a MW |
1616 | - Modules signed by trusted signers (servers) and verified by staprun |
1617 | will be loaded by staprun regardless of the user's privilege level. | |
1618 | - The system administrator asserts the trustworthiness of a signer | |
1619 | (server) by running stap-authorize-signing-cert <cert-file> as root, | |
ba01c24c | 1620 | where the <cert-file> can be found in |
742b8971 JS |
1621 | ~<user>/.systemtap/ssl/server/stap.cert for servers started by |
1622 | ordinary users and in $sysconfdir/systemtap/ssl/server/stap.cert for | |
1623 | servers started by root. | |
1624 | - Restrictions are intentionally strict at this time and may be | |
1625 | relaxed in the future: | |
500bc85c | 1626 | - probe points are restricted to: |
20ab90b5 DB |
1627 | begin, begin(n), end, end(n), error, error(n), never, |
1628 | timer.{jiffies,s,sec,ms,msec,us,usec,ns,nsec}(n)*, timer.hz(n), | |
742b8971 | 1629 | process.* (for processes owned by the user). |
b232fab3 | 1630 | - use of embedded C code is not allowed. |
ba01c24c DB |
1631 | - use of tapset functions is restricted. |
1632 | - some tapset functions may not be used at all. A message will be | |
1633 | generated at module compilation time. | |
742b8971 JS |
1634 | - some actions by allowed tapset functions may only be performed |
1635 | in the context of the user's own process. A runtime fault will | |
1636 | occur in these situations, for example, direct memory access. | |
1637 | - The is_myproc() tapset function has been provided so that | |
1638 | tapset writers for unprivileged users can check that the | |
1639 | context is of the users own process before attempting these | |
1640 | actions. | |
500bc85c | 1641 | - accessing the kernel memory space is not allowed. |
ba01c24c DB |
1642 | - The following command line options may not be used by stap-client |
1643 | -g, -I, -D, -R, -B | |
1644 | - The following environment variables are ignored by stap-client: | |
500bc85c DB |
1645 | SYSTEMTAP_RUNTIME, SYSTEMTAP_TAPSET, SYSTEMTAP_DEBUGINFO_PATH |
1646 | - nss and nss-tools are required to use this feature. | |
1647 | ||
bc7cd435 MH |
1648 | - Support output file switching by SIGUSR2. Users can command running |
1649 | stapio to switch output file by sending SIGUSR2. | |
1650 | ||
8faf4a73 DB |
1651 | - Memory consumption for scripts involving many uprobes has been |
1652 | dramatically reduced. | |
1653 | ||
1654 | - The preprocessor now supports || and && in the conditions. | |
f6efd18a | 1655 | e.g. %( arch == "x86_64" || arch == "ia64" %: ... %) |
8faf4a73 | 1656 | |
8faf4a73 DB |
1657 | - The systemtap notion of "architecture" now matches the kernel's, rather |
1658 | than that of "uname -m". This means that 32-bit i386 family are all | |
1659 | known as "i386" rather than "i386" or "i686"; "ppc64" as "powerpc"; | |
1660 | "s390x" as "s390", and so on. This is consistent between the new | |
1661 | "-a ARCH" flag and the script-level %( arch ... %) conditional. | |
1662 | ||
1663 | - It is now possible to define multiple probe aliases with the same name. | |
1664 | A probe will expand to all matching aliases. | |
742b8971 JS |
1665 | probe foo = bar { } |
1666 | probe foo = baz { } | |
1667 | probe foo { } # expands twice, once to bar and once to baz | |
8faf4a73 | 1668 | |
96fb769c DS |
1669 | - A new experimental transport mechanism, using ftrace's ring_buffer, |
1670 | has been added. This may become the default transport mechanism in | |
1671 | future versions of systemtap. To test this new transport mechanism, | |
1672 | define 'STP_USE_RING_BUFFER'. | |
1673 | ||
f6efd18a MW |
1674 | - Support for recognizing DW_OP_{stack,implicit}_value DWARF expressions |
1675 | as emitted by GCC 4.5. | |
c61807d2 | 1676 | |
4432f146 | 1677 | * What's new in version 0.9.9, 2009-08-04 |
f07c3b68 FCE |
1678 | |
1679 | - Systemwide kernel .function.return (kretprobe) maxactive defaults may | |
1680 | be overridden with the -DKRETACTIVE=nnn parameter. | |
1681 | ||
76ff718a FCE |
1682 | - Translation pass 2 is significantly faster by avoiding unnecessary |
1683 | searching through a kernel build/module directory tree. | |
1684 | ||
230a1203 MW |
1685 | - When compiled against elfutils 0.142 systemtap now handles the new |
1686 | DW_OP_call_frame_CFA generated by by GCC. | |
1687 | ||
1688 | - uprobes and ustack() are more robust when used on applications that | |
1689 | depend on prelinked/separate debuginfo shared libraries. | |
1690 | ||
1691 | - User space PROBE marks are not always found with or without separate | |
1692 | debuginfo. The .probes section itself is now always put in the main | |
de23650e WH |
1693 | elf file and marked as allocated. When building pic code the section |
1694 | is marked writable. The selinux memory check problems seen with | |
1695 | programs using STAP_PROBES is fixed. | |
230a1203 MW |
1696 | |
1697 | - statement() probes can now override "address not at start of statement" | |
1698 | errors in guru mode. They also provide alternative addresses to use | |
1699 | in non-guru mode. | |
1700 | ||
da01fcc6 JS |
1701 | - The stapgraph application can generate graphs of data and events |
1702 | emitted by systemtap scripts in real time. Run "stapgraph | |
79bd71a1 TM |
1703 | testsuite/systemtap.examples/general/grapher.stp" for an example of |
1704 | graphing the system load average and keyboard events. | |
1705 | ||
da01fcc6 JS |
1706 | - Dwarf probes now show parameters and local variables in the verbose |
1707 | listing mode (-L). | |
1708 | ||
1709 | - Symbol aliases are now resolved to their canonical dwarf names. For | |
1710 | example, probing "malloc" in libc resolves to "__libc_malloc". | |
1711 | ||
1712 | - The syntax for dereferencing $target variables and @cast() gained new | |
1713 | capabilities: | |
1714 | - Array indexes can now be arbitrary numeric expressions. | |
1715 | - Array subscripts are now supported on pointer types. | |
1716 | - An '&' operator before a @cast or $target returns the address of the | |
1717 | final component, especially useful for nested structures. | |
1718 | ||
1719 | - For reading all probe variables, kernel.mark now supports $$vars and | |
1720 | $$parms, and process.syscall now supports $$vars. | |
1721 | ||
1722 | - The SNMP tapset provides probes and functions for many network | |
1723 | statistics. See stapprobes.snmp(3stap) for more details. | |
1724 | ||
1725 | - The dentry tapset provides functions to map kernel VFS directory entries | |
1726 | to file or full path names: d_path(), d_name() and reverse_path_walk(). | |
1727 | ||
1728 | - SystemTap now has userspace markers in its own binaries, and the stap | |
1729 | tapset provides the available probepoints and local variables. | |
1730 | ||
1731 | - Miscellaneous new tapset functions: | |
1732 | - pgrp() returns the process group ID of the current process | |
1733 | - str_replace() performs string replacement | |
1734 | ||
4432f146 | 1735 | * What's new in version 0.9.8, 2009-06-11 |
c3e80cab | 1736 | |
849d6546 JS |
1737 | - Miscellaneous new tapset functions: |
1738 | - sid() returns the session ID of the current process | |
1739 | - stringat() indexes a single character from a string. | |
1740 | ||
1741 | - Using %M in print formats for hex dumps can now print entire buffers, | |
1742 | instead of just small numbers. | |
1743 | ||
6766808e JS |
1744 | - Dwarfless syscalls: The nd_syscalls tapset is now available to probe |
1745 | system calls without requiring kernel debugging information. All of | |
1746 | the same probepoints in the normal syscalls tapset are available with | |
1747 | an "nd_" prefix, e.g. syscall.open becomes nd_syscall.open. Most | |
1748 | syscall arguments are also available by name in nd_syscalls. | |
1749 | ||
87c589a9 | 1750 | - Module signing: If the appropriate nss libraries are available on your |
b232fab3 | 1751 | system, stap-server will sign each compiled module using a self-generated |
87c589a9 JS |
1752 | certificate. This is the first step toward extending authority to |
1753 | load certain modules to unprivileged users. For now, if the system | |
1754 | administrator adds a certificate to a database of trusted signers | |
1755 | (stap-authorize-signing-cert), modules signed using that certificate | |
1756 | will be verified by staprun against tampering. Otherwise, you should | |
1757 | notice no difference in the operation of stap or staprun. | |
c3e80cab | 1758 | |
4432f146 | 1759 | * What's new in version 0.9.7, 2009-04-23 |
dcfd7fed | 1760 | |
cff7feda JS |
1761 | - @cast can now determine its type information using an explicit header |
1762 | specification. For example: | |
1763 | @cast(tv, "timeval", "<sys/time.h>")->tv_sec | |
1764 | @cast(task, "task_struct", "kernel<linux/sched.h>")->tgid | |
1765 | ||
1f65cc4f JS |
1766 | - The overlapping process.* tapsets are now separated. Those probe points |
1767 | documented in stapprobes(3stap) remain the same. Those that were formerly | |
1768 | in stapprobes.process(3stap) have been renamed to kprocess, to reflect | |
1769 | their kernel perspective on processes. | |
1770 | ||
dcfd7fed FCE |
1771 | - The --skip-badvars option now also suppresses run-time error |
1772 | messages that would otherwise result from erroneous memory accesses. | |
1773 | Such accesses can originate from $context expressions fueled by | |
1774 | erroneous debug data, or by kernel_{long,string,...}() tapset calls. | |
1775 | ||
94c3c803 AM |
1776 | - New probes kprobe.function(FUNCTION) and kprobe.function(FUNCTION).return |
1777 | for dwarfless probing. These postpone function address resolution to | |
1778 | run-time and use the kprobe symbol-resolution mechanism. | |
1779 | Probing of absolute statements can be done using the | |
1780 | kprobe.statement(ADDRESS).absolute construct. | |
1781 | ||
819ec23d MW |
1782 | - EXPERIMENTAL support for user process unwinding. A new collection of |
1783 | tapset functions have been added to handle user space backtraces from | |
1784 | probe points that support them (currently process and timer probes - | |
1785 | for timer probes test whether or not in user space first with the | |
1786 | already existing user_mode() function). The new tapset functions are: | |
1787 | uaddr - User space address of current running task. | |
1788 | usymname - Return the symbol of an address in the current task. | |
1789 | usymdata - Return the symbol and module offset of an address. | |
1790 | print_ustack - Print out stack for the current task from string. | |
1791 | print_ubacktrace - Print stack back trace for current task. | |
1792 | ubacktrace - Hex backtrace of current task stack. | |
1793 | Please read http://sourceware.org/ml/systemtap/2009-q2/msg00364.html | |
1794 | on the current restrictions and possible changes in the future and | |
1795 | give feedback if you want to influence future developments. | |
1796 | ||
4432f146 | 1797 | * What's new in version 0.9.5, 2009-03-27 |
944e2486 | 1798 | |
891e4fb2 JS |
1799 | - New probes process().insn and process().insn.block that allows |
1800 | inspection of the process after each instruction or block of | |
1801 | instructions executed. So to count the total number of instructions | |
1802 | a process executes during a run do something like: | |
1803 | $ stap -e 'global steps; probe process("/bin/ls").insn {steps++} | |
1804 | probe end {printf("Total instructions: %d\n", steps);}' \ | |
1805 | -c /bin/ls | |
1806 | This feature can slow down execution of a process somewhat. | |
83dd1a8e | 1807 | |
891e4fb2 JS |
1808 | - Systemtap probes and function man pages extracted from the tapsets |
1809 | are now available under 3stap. To show the page for probe vm.pagefault | |
1810 | or the stap function pexecname do: | |
1811 | $ man 3stap vm.pagefault | |
1812 | $ man 3stap pexecname | |
8e9d6257 | 1813 | |
b1a4288c JS |
1814 | - Kernel tracepoints are now supported for probing predefined kernel |
1815 | events without any debuginfo. Tracepoints incur less overhead than | |
1816 | kprobes, and context parameters are available with full type | |
1817 | information. Any kernel 2.6.28 and later should have defined | |
1818 | tracepoints. Try the following to see what's available: | |
1819 | $ stap -L 'kernel.trace("*")' | |
1820 | ||
ccd65d4a JS |
1821 | - Typecasting with @cast now supports modules search paths, which is |
1822 | useful in case there are multiple places where the type definition | |
1823 | may be found. For example: | |
1824 | @cast(sdev, "scsi_device", "kernel:scsi_mod")->sdev_state | |
1825 | ||
701c41be MH |
1826 | - On-file flight recorder is supported. It allows stap to record huge |
1827 | trace log on the disk and to run in background. | |
1828 | Passing -F option with -o option runs stap in background mode. In this | |
1829 | mode, staprun is detached from console, and stap itself shows staprun's | |
1830 | pid and exits. | |
1831 | Specifying the max size and the max number of log files are also available | |
1832 | by passing -S option. This option has one or two arguments seperated by | |
1833 | a comma. The first argument is the max size of a log file in MB. If the | |
1834 | size of a log file exceeds it, stap switches to the next log file | |
1835 | automatically. The second is how many files are kept on the disk. If the | |
1836 | number of log files exceeds it, the oldest log file is removed | |
1837 | automatically. The second argument can be omitted. | |
1838 | ||
1839 | For example, this will record output on log files each of them is smaller | |
1840 | than 1024MB and keep last 3 logs, in background. | |
1841 | % stap -F -o /tmp/staplog -S 1024,3 script.stp | |
1842 | ||
e2ae0696 LR |
1843 | - In guru mode (-g), the kernel probing blacklist is disabled, leaving |
1844 | only a subset - the kernel's own internal kprobe blacklist - to attempt | |
1845 | to filter out areas unsafe to probe. The differences may be enough to | |
1846 | probe more interrupt handlers. | |
1847 | ||
3bd0d4df | 1848 | - Variables unavailable in current context may be skipped by setting a |
947d86f9 FCE |
1849 | session level flag with command line option --skip-badvars now available. |
1850 | This replaces any dwarf $variable expressions that could not be resolved | |
1851 | with literal numeric zeros, along with a warning message. | |
3bd0d4df | 1852 | |
59fde7cc MW |
1853 | - Both kernel markers and kernel tracepoint support argument listing |
1854 | through stap -L 'kernel.mark("*")' or stap -L 'kernel.trace("*")' | |
1855 | ||
1856 | - Users can use -DINTERRUPTIBLE=0 to prevent interrupt reentrancy in | |
1857 | their script, at the cost of a bit more overhead to toggle the | |
1858 | interrupt mask. | |
1859 | ||
1860 | - Added reentrancy debugging. If stap is run with the arguments | |
1861 | "-t -DDEBUG_REENTRANCY", additional warnings will be printed for | |
1862 | every reentrancy event, including the probe points of the | |
1863 | resident and interloper probes. | |
1864 | ||
387a7a57 MW |
1865 | - Default to --disable-pie for configure. |
1866 | Use --enable-pie to turn it back on. | |
1867 | ||
1868 | - Improved sdt.h compatibility and test suite for static dtrace | |
1869 | compatible user space markers. | |
1870 | ||
1871 | - Some architectures now use syscall wrappers (HAVE_SYSCALL_WRAPPERS). | |
1872 | The syscall tapset has been enhanced to take care of the syscall | |
1873 | wrappers in this release. | |
1874 | ||
1875 | - Security fix for CVE-2009-0784: stapusr module-path checking race. | |
1876 | ||
4432f146 | 1877 | * What's new in version 0.9, 2009-02-19 |
6b2ad26c | 1878 | |
60ea9291 JS |
1879 | - Typecasting is now supported using the @cast operator. A script can |
1880 | define a pointer type for a "long" value, and then access type members | |
1881 | using the same syntax as with $target variables. For example, this will | |
1882 | retrieve the parent pid from a kernel task_struct: | |
1883 | @cast(pointer, "task_struct", "kernel")->parent->pid | |
1884 | ||
76d146ad MW |
1885 | - process().mark() probes are now possible to trace static user space |
1886 | markers put in programs with the STAP_PROBE macro using the new | |
1887 | sys/sdt.h include file. This also provides dtrace compatible markers | |
1888 | through DTRACE_PROBE and an associated python 'dtrace' script that | |
1889 | can be used in builds based on dtrace that need dtrace -h or -G | |
1890 | functionality. | |
1891 | ||
62c977f5 MW |
1892 | - For those that really want to run stap from the build tree there is |
1893 | now the 'run-stap' script in the top-level build directory that sets | |
1894 | up the SYSTEMTAP_TAPSET, SYSTEMTAP_RUNTIME, SYSTEMTAP_STAPRUN, and | |
1895 | SYSTEMTAP_STAPIO environment variables (installing systemtap, in a | |
1896 | local prefix, is still recommended for common use). | |
1897 | ||
1898 | - Systemtap now comes with a new Beginners Guide that walks the user | |
1899 | through their first steps setting up stap, understanding how it all | |
2a321362 MW |
1900 | works, introduces some useful scripts and describes some common |
1901 | pitfalls. It isn't created by default since it needs a Publican | |
1902 | setup, but full build instructions can be found in the wiki: | |
1903 | http://sourceware.org/systemtap/wiki/PublicanQuikHowto | |
1904 | An online version can be found at: | |
1905 | http://sourceware.org/systemtap/SystemTap_Beginners_Guide.pdf | |
1906 | ||
3ad1e1ee MW |
1907 | - Standard tapsets included with Systemtap were modified to include |
1908 | extractable documentation information based on the kernel-doc | |
1909 | infrastructure. When configured --enabled-docs a HTML and PDF | |
1910 | version of the Tapset Reference Manual is produced explaining probes | |
1911 | defined in each tapset. | |
1912 | ||
9e494cbb DB |
1913 | - The systemtap client and compile server are now available. |
1914 | These allow you to compile a systemtap module on a host other than | |
1915 | the one which it will be run, providing the client and server | |
1916 | are compatible. Other than using a server for passes 1 through | |
1917 | 4, the client behaves like the 'stap' front end itself. This | |
1918 | means, among other things, that the client will automatically | |
1919 | load the resulting module on the local host unless -p[1234] | |
c8bf931d | 1920 | was specified. See stap-server(8) for more details. |
9e494cbb | 1921 | The client/server now use SSL for network connection security and |
6288515e DB |
1922 | for signing. |
1923 | ||
1924 | The systemtap client and server are prototypes only. Interfaces, options | |
1925 | and usage may change at any time. | |
9e494cbb | 1926 | |
592470cd SC |
1927 | - function("func").label("label") probes are now supported to allow matching |
1928 | the label of a function. | |
1929 | ||
9a8d8be3 MH |
1930 | - Systemtap initscript is available. This initscript allows you to run |
1931 | systemtap scripts as system services (in flight recorder mode) and | |
1932 | control those scripts individually. | |
e2a741be | 1933 | See README.systemtap for details. |
9a8d8be3 | 1934 | |
b5e66ada FCE |
1935 | - The stap "-r DIR" option may be used to identify a hand-made kernel |
1936 | build directory. The tool determines the appropriate release string | |
1937 | automatically from the directory. | |
7471ea1f | 1938 | |
453edad1 | 1939 | - Serious problems associated with user-space probing in shared libraries |
592470cd | 1940 | were corrected, making it now possible to experiment with probe shared |
7d091090 FCE |
1941 | libraries. Assuming dwarf debugging information is installed, use this |
1942 | twist on the normal syntax: | |
1943 | ||
1944 | probe process("/lib64/libc-2.8.so").function("....") { ... } | |
1945 | ||
1946 | This would probe all threads that call into that library. Running | |
1947 | "stap -c CMD" or "stap -x PID" naturally restricts this to the target | |
453edad1 | 1948 | command+descendants only. $$vars etc. may be used. |
7d091090 FCE |
1949 | |
1950 | - For scripts that sometimes terminate with excessive "skipped" probes, | |
1951 | rerunning the script with "-t" (timing) will print more details about | |
1952 | the skippage reasons. | |
1953 | ||
fd2aeae9 FCE |
1954 | - Symbol tables and unwind (backtracing) data support were formerly |
1955 | compiled in for all probed modules as identified by the script | |
1956 | (kernel; module("name"); process("file")) plus those listed by the | |
1957 | stap "-d BINARY" option. Now, this data is included only if the systemtap | |
1958 | script uses tapset functions like probefunc() or backtrace() that require | |
1959 | such information. This shrinks the probe modules considerably for the rest. | |
1960 | ||
e0b4e89d | 1961 | - Per-pass verbosity control is available with the new "--vp {N}+" option. |
fd2aeae9 FCE |
1962 | "stap --vp 040" adds 4 units of -v verbosity only to pass 2. This is useful |
1963 | for diagnosing errors from one pass without excessive verbosity from others. | |
e0b4e89d | 1964 | |
5c4dcbfb FCE |
1965 | - Most probe handlers now run with interrupts enabled, for improved |
1966 | system responsiveness and less probing overhead. This may result | |
1967 | in more skipped probes, for example if a reentrant probe handler | |
fd2aeae9 FCE |
1968 | is attempted from within an interrupt handler. It may also make the |
1969 | systemtap overload detection facility more likely to be triggered, as | |
1970 | interrupt handlers' run time would be included in the self-assessed | |
1971 | overhead of running probe handlers. | |
6b2ad26c | 1972 | |
4432f146 | 1973 | * What's new in version 0.8, 2008-11-13 |
cfaa068c | 1974 | |
2f9f9366 FCE |
1975 | - Cache limiting is now available. If the compiled module cache size is |
1976 | over a limit specified in the $SYSTEMTAP_DIR/cache/cache_mb_limit file, | |
1977 | some old cache entries will be unlinked. See man stap(1) for more. | |
1978 | ||
57b2fd2b RA |
1979 | - Error and warning messages are now followed by source context displaying |
1980 | the erroneous line/s and a handy '^' in the following line pointing to the | |
1981 | appropriate column. | |
1982 | ||
23433b34 EB |
1983 | - A bug reporting tool "stap-report" is now available which will quickly |
1984 | retrieve much of the information requested here: | |
1985 | http://sourceware.org/systemtap/wiki/HowToReportBugs | |
1986 | ||
25a63204 FCE |
1987 | - The translator can resolve members of anonymous structs / unions: |
1988 | given struct { int foo; struct { int bar; }; } *p; | |
1989 | this now works: $p->bar | |
1990 | ||
2fa2a091 NT |
1991 | - The stap "-F" flag activates "flight recorder" mode, which consists of |
1992 | translating the given script as usual, but implicitly launching it into | |
1993 | the background with staprun's existing "-L" (launch) option. A user | |
1994 | can later reattach to the module with "staprun -A MODULENAME". | |
1995 | ||
6270adc1 MH |
1996 | - Additional context variables are available on user-space syscall probes. |
1997 | - $argN ($arg1, $arg2, ... $arg6) in process(PATH_OR_PID).syscall | |
1998 | gives you the argument of the system call. | |
5d67b47c MH |
1999 | - $return in process(PATH_OR_PID).syscall.return gives you the return |
2000 | value of the system call. | |
6270adc1 | 2001 | |
cec7293b | 2002 | - Target process mode (stap -c CMD or -x PID) now implicitly restricts all |
094b05c7 | 2003 | "process.*" probes to the given child process. (It does not affect |
34f2e0b9 FCE |
2004 | kernel.* or other probe types.) The CMD string is normally run directly, |
2005 | rather than via a /bin/sh -c subshell, since then utrace/uprobe probes | |
2006 | receive a fairly "clean" event stream. If metacharacters like | |
2007 | redirection operators were present in CMD, then "sh -c CMD" is still | |
2008 | used, and utrace/uprobe probes will receive events from the shell. | |
cec7293b FCE |
2009 | |
2010 | % stap -e 'probe process.syscall, process.end { | |
2011 | printf("%s %d %s\n", execname(), pid(), pp())}'\ | |
2012 | -c ls | |
2013 | ls 2323 process.syscall | |
2014 | ls 2323 process.syscall | |
2015 | ls 2323 process.end | |
2016 | ||
1044139f FCE |
2017 | - Probe listing mode is improved: "-L" lists available script-level variables |
2018 | ||
2019 | % stap -L 'syscall.*open*' | |
2020 | syscall.mq_open name:string name_uaddr:long filename:string mode:long u_attr_uaddr:long oflag:long argstr:string | |
2021 | syscall.open name:string filename:string flags:long mode:long argstr:string | |
2022 | syscall.openat name:string filename:string flags:long mode:long argstr:string | |
2023 | ||
e070cc9c FCE |
2024 | - All user-space-related probes support $PATH-resolved executable |
2025 | names, so | |
2026 | ||
2027 | probe process("ls").syscall {} | |
2028 | probe process("./a.out").syscall {} | |
2029 | ||
2030 | work now, instead of just | |
2031 | ||
2032 | probe process("/bin/ls").syscall {} | |
2033 | probe process("/my/directory/a.out").syscall {} | |
2034 | ||
2035 | - Prototype symbolic user-space probing support: | |
2036 | ||
2037 | # stap -e 'probe process("ls").function("*").call { | |
2038 | log (probefunc()." ".$$parms) | |
2039 | }' \ | |
2040 | -c 'ls -l' | |
2041 | ||
2042 | This requires: | |
2043 | - debugging information for the named program | |
2044 | - a version of utrace in the kernel that is compatible with the "uprobes" | |
2045 | kernel module prototype. This includes RHEL5 and older Fedora, but not | |
2046 | yet current lkml-track utrace; a "pass 4a"-time build failure means | |
2047 | your system cannot use this yet. | |
2048 | ||
cd221ed4 | 2049 | - Global variables which are written to but never read are now |
e070cc9c | 2050 | automatically displayed when the session does a shutdown. For example: |
5d954165 | 2051 | |
e070cc9c FCE |
2052 | global running_tasks |
2053 | probe timer.profile {running_tasks[pid(),tid()] = execname()} | |
5d954165 | 2054 | probe timer.ms(8000) {exit()} |
cd221ed4 | 2055 | |
a93f0b31 SC |
2056 | - A formatted string representation of the variables, parameters, or local |
2057 | variables at a probe point is now supported via the special $$vars, | |
a43ba433 FCE |
2058 | $$parms, and $$locals context variables, which expand to a string |
2059 | containing a list "var1=0xdead var2=0xbeef var3=?". (Here, var3 exists | |
2060 | but is for some reason unavailable.) In return probes only, $$return | |
fd574705 | 2061 | expands to an empty string for a void function, or "return=0xf00". |
a93f0b31 | 2062 | |
e10599ff | 2063 | |
4432f146 | 2064 | * What's new in version 0.7, 2008-07-15 |
c2af6f02 | 2065 | |
99a5f9cf SC |
2066 | - .statement("func@file:*") and .statement("func@file:M-N") probes are now |
2067 | supported to allow matching a range of lines in a function. This allows | |
2068 | tracing the execution of a function. | |
2069 | ||
14a75801 FCE |
2070 | - Scripts relying on probe point wildcards like "syscall.*" that expand |
2071 | to distinct kprobes are processed significantly faster than before. | |
2072 | ||
d57671d3 FCE |
2073 | - The vector of script command line arguments is available in a |
2074 | tapset-provided global array argv[]. It is indexed 1 ... argc, | |
2075 | another global. This can substitute for of preprocessor | |
2076 | directives @NNN that fail at parse time if there are not | |
2077 | enough arguments. | |
2078 | ||
2079 | printf("argv: %s %s %s", argv[1], argv[2], argv[3]) | |
2080 | ||
1bd128a3 SC |
2081 | - .statement("func@file+line") probes are now supported to allow a |
2082 | match relative to the entry of the function incremented by line | |
2083 | number. This allows using the same systemtap script if the rest | |
2084 | of the file.c source only changes slightly. | |
2085 | ||
16442b90 FCE |
2086 | - A probe listing mode is available. |
2087 | % stap -l vm.* | |
2088 | vm.brk | |
2089 | vm.mmap | |
2090 | vm.munmap | |
2091 | vm.oom_kill | |
2092 | vm.pagefault | |
2093 | vm.write_shared | |
2094 | ||
159cb109 DS |
2095 | - More user-space probe types are added: |
2096 | ||
dd078c96 DS |
2097 | probe process(PID).begin { } |
2098 | probe process("PATH").begin { } | |
2099 | probe process(PID).thread.begin { } | |
2100 | probe process("PATH").thread.begin { } | |
2101 | probe process(PID).end { } | |
2102 | probe process("PATH").end { } | |
2103 | probe process(PID).thread.end { } | |
2104 | probe process("PATH").thread.end { } | |
159cb109 DS |
2105 | probe process(PID).syscall { } |
2106 | probe process("PATH").syscall { } | |
2107 | probe process(PID).syscall.return { } | |
2108 | probe process("PATH").syscall.return { } | |
16442b90 | 2109 | |
c3799d72 AM |
2110 | - Globals now accept ; terminators |
2111 | ||
2112 | global odds, evens; | |
2113 | global little[10], big[5]; | |
2114 | ||
4432f146 | 2115 | * What's new in version 0.6, 2007-12-15 |
62802575 FCE |
2116 | |
2117 | - A copy of the systemtap tutorial and language reference guide | |
2118 | are now included. | |
683b62c0 | 2119 | |
34201621 DB |
2120 | - There is a new format specifier, %m, for the printf family of |
2121 | functions. It functions like %s, except that it does not stop when | |
2122 | a nul ('\0') byte is encountered. The number of bytes output is | |
2123 | determined by the precision specifier. The default precision is 1. | |
2124 | For example: | |
2125 | ||
2126 | printf ("%m", "My String") // prints one character: M | |
2127 | printf ("%.5", myString) // prints 5 bytes beginning at the start | |
2128 | // of myString | |
2129 | ||
2130 | - The %b format specifier for the printf family of functions has been enhanced | |
2131 | as follows: | |
2132 | ||
2133 | 1) When the width and precision are both unspecified, the default is %8.8b. | |
2134 | 2) When only one of the width or precision is specified, the other defaults | |
2135 | to the same value. For example, %4b == %.4b == %4.4b | |
2136 | 3) Nul ('\0') bytes are used for field width padding. For example, | |
2137 | ||
2138 | printf ("%b", 0x1111deadbeef2222) // prints all eight bytes | |
2139 | printf ("%4.2b", 0xdeadbeef) // prints \0\0\xbe\xef | |
2140 | ||
2141 | - Dynamic width and precision are now supported for all printf family format | |
2142 | specifiers. For example: | |
2143 | ||
2144 | four = 4 | |
2145 | two = 2 | |
2146 | printf ("%*.*b", four, two, 0xdeadbbeef) // prints \0\0\xbe\xef | |
2147 | printf ("%*d", four, two) // prints <space><space><space>2 | |
2148 | ||
7a468d68 | 2149 | - Preprocessor conditional expressions can now include wildcard style |
e070cc9c | 2150 | matches on kernel versions. |
7a468d68 FCE |
2151 | %( kernel_vr != "*xen" %? foo %: bar %) |
2152 | ||
1ada6f08 FCE |
2153 | - Prototype support for user-space probing is showing some progress. |
2154 | No symbolic notations are supported yet (so no probing by function names, | |
2155 | file names, process names, and no access to $context variables), but at | |
2156 | least it's something: | |
2157 | ||
2158 | probe process(PID).statement(ADDRESS).absolute { } | |
2159 | ||
2160 | This will set a uprobe on the given process-id and given virtual address. | |
2161 | The proble handler runs in kernel-space as usual, and can generally use | |
2162 | existing tapset functions. | |
2163 | ||
149eaccd MH |
2164 | - Crash utility can retrieve systemtap's relay buffer from a kernel dump |
2165 | image by using staplog which is a crash extension module. To use this | |
2166 | feature, type commands as below from crash(8)'s command line: | |
2167 | ||
2168 | crash> extend staplog.so | |
2169 | crash> help systemtaplog | |
2170 | ||
2171 | Then, you can see more precise help message. | |
2172 | ||
2173 | - You can share a relay buffer amoung several scripts and merge outputs from | |
2174 | several scripts by using "-DRELAY_HOST" and "-DRELAY_GUEST" options. | |
2175 | For example: | |
2176 | ||
2177 | # run a host script | |
2178 | % stap -ve 'probe begin{}' -o merged.out -DRELAY_HOST & | |
2179 | # wait until starting the host. | |
2180 | % stap -ve 'probe begin{print("hello ");exit()}' -DRELAY_GUEST | |
2181 | % stap -ve 'probe begin{print("world\n");exit()}' -DRELAY_GUEST | |
2182 | ||
2183 | Then, you'll see "hello world" in merged.out. | |
2184 | ||
dfd11cc3 MH |
2185 | - You can add a conditional statement for each probe point or aliase, which |
2186 | is evaluated when the probe point is hit. If the condition is false, the | |
2187 | whole probe body(including aliases) is skipped. For example: | |
2188 | ||
2189 | global switch = 0; | |
2190 | probe syscall.* if (switch) { ... } | |
2191 | probe procfs.write {switch = strtol($value,10)} /* enable/disable ctrl */ | |
2192 | ||
a9e8f7e0 FCE |
2193 | - Systemtap will warn you if your script contains unused variables or |
2194 | functions. This is helpful in case of misspelled variables. If it | |
2195 | doth protest too much, turn it off with "stap -w ...". | |
2196 | ||
683b62c0 FCE |
2197 | - You can add error-handling probes to a script, which are run if a |
2198 | script was stopped due to errors. In such a case, "end" probes are | |
2199 | not run, but "error" ones are. | |
2200 | ||
2201 | probe error { println ("oops, errors encountered; here's a report anyway") | |
2202 | foreach (coin in mint) { println (coin) } } | |
98aab489 | 2203 | |
d898100a FCE |
2204 | - In a related twist, one may list probe points in order of preference, |
2205 | and mark any of them as "sufficient" beyond just "optional". Probe | |
2206 | point sequence expansion stops if a sufficient-marked probe point has a hit. | |
2207 | This is useful for probes on functions that may be in a module (CONFIG_FOO=m) | |
2208 | or may have been compiled into the kernel (CONFIG_FOO=y), but we don't know | |
2209 | which. Instead of | |
2210 | ||
2211 | probe module("sd").function("sd_init_command") ? , | |
2212 | kernel.function("sd_init_command") ? { ... } | |
2213 | ||
2214 | which might match neither, now one can write this: | |
2215 | ||
2216 | probe module("sd").function("sd_init_command") ! , /* <-- note excl. mark */ | |
2217 | kernel.function("sd_init_command") { ... } | |
2218 | ||
98aab489 | 2219 | - New security model. To install a systemtap kernel module, a user |
fedd4090 FCE |
2220 | must be one of the following: the root user; a member of the |
2221 | 'stapdev' group; or a member of the 'stapusr' group. Members of the | |
2222 | stapusr group can only use modules located in the | |
2223 | /lib/modules/VERSION/systemtap directory (where VERSION is the | |
2224 | output of "uname -r"). | |
2225 | ||
2226 | - .statement("...@file:line") probes now apply heuristics to allow an | |
2227 | approximate match for the line number. This works similarly to gdb, | |
2228 | where a breakpoint placed on an empty source line is automatically | |
2229 | moved to the next statement. A silly bug that made many $target | |
2230 | variables inaccessible to .statement() probes was also fixed. | |
98aab489 | 2231 | |
6d4a0530 FCE |
2232 | - LKET has been retired. Please let us know on <systemtap@sourceware.org> |
2233 | if you have been a user of the tapset/tools, so we can help you find | |
2234 | another way. | |
2235 | ||
4fcb4393 FCE |
2236 | - New families of printing functions println() and printd() have been added. |
2237 | println() is like print() but adds a newline at the end; | |
2238 | printd() is like a sequence of print()s, with a specified field delimiter. | |
2239 | ||
4432f146 | 2240 | * What's new since version 0.5.14?, 2007-07-03 |
db6f191e | 2241 | |
3f99432c FCE |
2242 | - The way in which command line arguments for scripts are substituted has |
2243 | changed. Previously, $1 etc. would interpret the corresponding command | |
2244 | line argument as an numeric literal, and @1 as a string literal. Now, | |
2245 | the command line arguments are pasted uninterpreted wherever $1 etc. | |
2246 | appears at the beginning of a token. @1 is similar, but is quoted as | |
2247 | a string. This change does not modify old scripts, but has the effect | |
2248 | of permitting substitution of arbitrary token sequences. | |
2249 | ||
2250 | # This worked before, and still does: | |
2251 | % stap -e 'probe timer.s($1) {}' 5 | |
2252 | # Now this also works: | |
2253 | % stap -e 'probe syscall.$1 {log(@1)}' open | |
2254 | # This won't crash, just signal a recursion error: | |
2255 | % stap -e '$1' '$1' | |
2256 | # As before, $1... is recognized only at the beginning of a token | |
2257 | % stap -e 'probe begin {foo$1=5}' | |
db6f191e | 2258 | |
4432f146 | 2259 | * What's new since version 0.5.13?, 2007-03-26 |
8438f752 | 2260 | |
b8da0ad1 FCE |
2261 | - The way in which systemtap resolves function/inline probes has changed: |
2262 | .function(...) - now refers to all functions, inlined or not | |
2263 | .inline(...) - is deprecated, use instead: | |
2264 | .function(...).inline - filters function() to only inlined instances | |
2265 | .function(...).call - filters function() to only non-inlined instances | |
2266 | .function(...).return - as before, but now pairs best with .function().call | |
2267 | .statement() is unchanged. | |
8438f752 | 2268 | |
4432f146 | 2269 | * What's new since version 0.5.12?, 2007-01-01 |
9abec538 FCE |
2270 | |
2271 | - When running in -p4 (compile-only) mode, the compiled .ko file name | |
2272 | is printed on standard output. | |
2273 | ||
dcc4fec4 FCE |
2274 | - An array element with a null value such as zero or an empty string |
2275 | is now preserved, and will show up in a "foreach" loop or "in" test. | |
2276 | To delete such an element, the scripts needs to use an explicit | |
2277 | "delete array[idx]" statement rather than something like "array[idx]=0". | |
2278 | ||
44f75386 FCE |
2279 | - The new "-P" option controls whether prologue searching heuristics |
2280 | will be activated for function probes. This was needed to get correct | |
2281 | debugging information (dwarf location list) data for $target variables. | |
2282 | Modern compilers (gcc 4.1+) tend not to need this heuristic, so it is | |
2283 | no longer default. A new configure flag (--enable-prologues) restores | |
2284 | it as a default setting, and is appropriate for older compilers (gcc 3.*). | |
9abec538 | 2285 | |
74525094 FCE |
2286 | - Each systemtap module prints a one-line message to the kernel informational |
2287 | log when it starts. This line identifies the translator version, base | |
2288 | address of the probe module, a broken-down memory consumption estimate, and | |
2289 | the total number of probes. This is meant as a debugging / auditing aid. | |
2290 | ||
29fdb4e4 DS |
2291 | - Begin/end probes are run with interrupts enabled (but with |
2292 | preemption disabled). This will allow begin/end probes to be | |
2293 | longer, to support generating longer reports. | |
74525094 | 2294 | |
37ebca01 FCE |
2295 | - The numeric forms of kernel.statement() and kernel.function() probe points |
2296 | are now interpreted as relocatable values - treated as relative to the | |
2297 | _stext symbol in that kernel binary. Since some modern kernel images | |
2298 | are relocated to a different virtual address at startup, such addresses | |
2299 | may shift up or down when actually inserted into a running kernel. | |
2300 | ||
2301 | kernel.statement(0xdeadbeef): validated, interpreted relative to _stext, | |
2302 | may map to 0xceadbeef at run time. | |
2303 | ||
2304 | In order to specify unrelocated addresses, use the new ".absolute" | |
2305 | probe point suffix for such numeric addresses. These are only | |
2306 | allowed in guru mode, and provide access to no $target variables. | |
2307 | They don't use debugging information at all, actually. | |
2308 | ||
2309 | kernel.statement(0xfeedface).absolute: raw, unvalidated, guru mode only | |
2310 | ||
4432f146 | 2311 | * What's new since version 0.5.10?, 2006-10-19 |
7ad9d4f5 FCE |
2312 | |
2313 | - Offline processing of debugging information, enabling general | |
2314 | cross-compilation of probe scripts to remote hosts, without | |
2315 | requiring identical module/memory layout. This slows down | |
2316 | compilation/translation somewhat. | |
2317 | ||
2318 | - Kernel symbol table data is loaded by staprun at startup time | |
2319 | rather than compiled into the module. | |
2320 | ||
2321 | - Support the "limit" keyword for foreach iterations: | |
2322 | foreach ([x,y] in ary limit 5) { ... } | |
2323 | This implicitly exits after the fifth iteration. It also enables | |
2324 | more efficient key/value sorting. | |
2325 | ||
2326 | - Support the "maxactive" keyword for return probes: | |
2327 | probe kernel.function("sdfsdf").maxactive(848) { ... } | |
2328 | This allows up to 848 concurrently outstanding entries to | |
2329 | the sdfsdf function before one returns. The default maxactive | |
2330 | number is smaller, and can result in missed return probes. | |
2331 | ||
2332 | - Support accessing of saved function arguments from within | |
2333 | return probes. These values are saved by a synthesized | |
2334 | function-entry probe. | |
2335 | ||
2336 | - Add substantial version/architecture checking in compiled probes to | |
2337 | assert correct installation of debugging information and correct | |
2338 | execution on a compatible kernel. | |
2339 | ||
2340 | - Add probe-time checking for sufficient free stack space when probe | |
2341 | handlers are invoked, as a safety improvement. | |
2342 | ||
2343 | - Add an optional numeric parameter for begin/end probe specifications, | |
e070cc9c | 2344 | to order their execution. |
7ad9d4f5 FCE |
2345 | probe begin(10) { } /* comes after */ probe begin(-10) {} |
2346 | ||
2347 | - Add an optional array size declaration, which is handy for very small | |
2348 | or very large ones. | |
e070cc9c | 2349 | global little[5], big[20000] |
7ad9d4f5 FCE |
2350 | |
2351 | - Include some example scripts along with the documentation. | |
2352 | ||
2353 | - Change the start-time allocation of probe memory to avoid causing OOM | |
2354 | situations, and to abort cleanly if free kernel memory is short. | |
2355 | ||
2356 | - Automatically use the kernel DWARF unwinder, if present, for stack | |
2357 | tracebacks. | |
2358 | ||
2359 | - Many minor bug fixes, performance, tapset, and error message | |
2360 | improvements. |