]>
Commit | Line | Data |
---|---|---|
c3e80cab FCE |
1 | * What's new |
2 | ||
7c4e9d57 DB |
3 | - Module signing: If the appropriate nss libraries are available on your system, |
4 | stap will sign each compiled module using a self-generated certificate. | |
5 | This is the first step toward extending authority to load certain modules to | |
6 | unprivileged users. For now, if the system administrator adds a certificate | |
7 | to a database of trusted signers (stap-authorize-signing-cert), modules signed | |
8 | using that certificate will be verified by staprun against tampering. | |
9 | Otherwise, you should notice no difference in the operation of stap or staprun. | |
c3e80cab | 10 | |
9b055ab2 | 11 | * What's new in version 0.9.7 |
dcfd7fed | 12 | |
cff7feda JS |
13 | - @cast can now determine its type information using an explicit header |
14 | specification. For example: | |
15 | @cast(tv, "timeval", "<sys/time.h>")->tv_sec | |
16 | @cast(task, "task_struct", "kernel<linux/sched.h>")->tgid | |
17 | ||
1f65cc4f JS |
18 | - The overlapping process.* tapsets are now separated. Those probe points |
19 | documented in stapprobes(3stap) remain the same. Those that were formerly | |
20 | in stapprobes.process(3stap) have been renamed to kprocess, to reflect | |
21 | their kernel perspective on processes. | |
22 | ||
dcfd7fed FCE |
23 | - The --skip-badvars option now also suppresses run-time error |
24 | messages that would otherwise result from erroneous memory accesses. | |
25 | Such accesses can originate from $context expressions fueled by | |
26 | erroneous debug data, or by kernel_{long,string,...}() tapset calls. | |
27 | ||
94c3c803 AM |
28 | - New probes kprobe.function(FUNCTION) and kprobe.function(FUNCTION).return |
29 | for dwarfless probing. These postpone function address resolution to | |
30 | run-time and use the kprobe symbol-resolution mechanism. | |
31 | Probing of absolute statements can be done using the | |
32 | kprobe.statement(ADDRESS).absolute construct. | |
33 | ||
819ec23d MW |
34 | - EXPERIMENTAL support for user process unwinding. A new collection of |
35 | tapset functions have been added to handle user space backtraces from | |
36 | probe points that support them (currently process and timer probes - | |
37 | for timer probes test whether or not in user space first with the | |
38 | already existing user_mode() function). The new tapset functions are: | |
39 | uaddr - User space address of current running task. | |
40 | usymname - Return the symbol of an address in the current task. | |
41 | usymdata - Return the symbol and module offset of an address. | |
42 | print_ustack - Print out stack for the current task from string. | |
43 | print_ubacktrace - Print stack back trace for current task. | |
44 | ubacktrace - Hex backtrace of current task stack. | |
45 | Please read http://sourceware.org/ml/systemtap/2009-q2/msg00364.html | |
46 | on the current restrictions and possible changes in the future and | |
47 | give feedback if you want to influence future developments. | |
48 | ||
27aba29a | 49 | * What's new in version 0.9.5 |
944e2486 | 50 | |
891e4fb2 JS |
51 | - New probes process().insn and process().insn.block that allows |
52 | inspection of the process after each instruction or block of | |
53 | instructions executed. So to count the total number of instructions | |
54 | a process executes during a run do something like: | |
55 | $ stap -e 'global steps; probe process("/bin/ls").insn {steps++} | |
56 | probe end {printf("Total instructions: %d\n", steps);}' \ | |
57 | -c /bin/ls | |
58 | This feature can slow down execution of a process somewhat. | |
83dd1a8e | 59 | |
891e4fb2 JS |
60 | - Systemtap probes and function man pages extracted from the tapsets |
61 | are now available under 3stap. To show the page for probe vm.pagefault | |
62 | or the stap function pexecname do: | |
63 | $ man 3stap vm.pagefault | |
64 | $ man 3stap pexecname | |
8e9d6257 | 65 | |
b1a4288c JS |
66 | - Kernel tracepoints are now supported for probing predefined kernel |
67 | events without any debuginfo. Tracepoints incur less overhead than | |
68 | kprobes, and context parameters are available with full type | |
69 | information. Any kernel 2.6.28 and later should have defined | |
70 | tracepoints. Try the following to see what's available: | |
71 | $ stap -L 'kernel.trace("*")' | |
72 | ||
ccd65d4a JS |
73 | - Typecasting with @cast now supports modules search paths, which is |
74 | useful in case there are multiple places where the type definition | |
75 | may be found. For example: | |
76 | @cast(sdev, "scsi_device", "kernel:scsi_mod")->sdev_state | |
77 | ||
701c41be MH |
78 | - On-file flight recorder is supported. It allows stap to record huge |
79 | trace log on the disk and to run in background. | |
80 | Passing -F option with -o option runs stap in background mode. In this | |
81 | mode, staprun is detached from console, and stap itself shows staprun's | |
82 | pid and exits. | |
83 | Specifying the max size and the max number of log files are also available | |
84 | by passing -S option. This option has one or two arguments seperated by | |
85 | a comma. The first argument is the max size of a log file in MB. If the | |
86 | size of a log file exceeds it, stap switches to the next log file | |
87 | automatically. The second is how many files are kept on the disk. If the | |
88 | number of log files exceeds it, the oldest log file is removed | |
89 | automatically. The second argument can be omitted. | |
90 | ||
91 | For example, this will record output on log files each of them is smaller | |
92 | than 1024MB and keep last 3 logs, in background. | |
93 | % stap -F -o /tmp/staplog -S 1024,3 script.stp | |
94 | ||
e2ae0696 LR |
95 | - In guru mode (-g), the kernel probing blacklist is disabled, leaving |
96 | only a subset - the kernel's own internal kprobe blacklist - to attempt | |
97 | to filter out areas unsafe to probe. The differences may be enough to | |
98 | probe more interrupt handlers. | |
99 | ||
3bd0d4df | 100 | - Variables unavailable in current context may be skipped by setting a |
947d86f9 FCE |
101 | session level flag with command line option --skip-badvars now available. |
102 | This replaces any dwarf $variable expressions that could not be resolved | |
103 | with literal numeric zeros, along with a warning message. | |
3bd0d4df | 104 | |
59fde7cc MW |
105 | - Both kernel markers and kernel tracepoint support argument listing |
106 | through stap -L 'kernel.mark("*")' or stap -L 'kernel.trace("*")' | |
107 | ||
108 | - Users can use -DINTERRUPTIBLE=0 to prevent interrupt reentrancy in | |
109 | their script, at the cost of a bit more overhead to toggle the | |
110 | interrupt mask. | |
111 | ||
112 | - Added reentrancy debugging. If stap is run with the arguments | |
113 | "-t -DDEBUG_REENTRANCY", additional warnings will be printed for | |
114 | every reentrancy event, including the probe points of the | |
115 | resident and interloper probes. | |
116 | ||
387a7a57 MW |
117 | - Default to --disable-pie for configure. |
118 | Use --enable-pie to turn it back on. | |
119 | ||
120 | - Improved sdt.h compatibility and test suite for static dtrace | |
121 | compatible user space markers. | |
122 | ||
123 | - Some architectures now use syscall wrappers (HAVE_SYSCALL_WRAPPERS). | |
124 | The syscall tapset has been enhanced to take care of the syscall | |
125 | wrappers in this release. | |
126 | ||
127 | - Security fix for CVE-2009-0784: stapusr module-path checking race. | |
128 | ||
c8bf931d | 129 | * What's new in version 0.9 |
6b2ad26c | 130 | |
60ea9291 JS |
131 | - Typecasting is now supported using the @cast operator. A script can |
132 | define a pointer type for a "long" value, and then access type members | |
133 | using the same syntax as with $target variables. For example, this will | |
134 | retrieve the parent pid from a kernel task_struct: | |
135 | @cast(pointer, "task_struct", "kernel")->parent->pid | |
136 | ||
76d146ad MW |
137 | - process().mark() probes are now possible to trace static user space |
138 | markers put in programs with the STAP_PROBE macro using the new | |
139 | sys/sdt.h include file. This also provides dtrace compatible markers | |
140 | through DTRACE_PROBE and an associated python 'dtrace' script that | |
141 | can be used in builds based on dtrace that need dtrace -h or -G | |
142 | functionality. | |
143 | ||
62c977f5 MW |
144 | - For those that really want to run stap from the build tree there is |
145 | now the 'run-stap' script in the top-level build directory that sets | |
146 | up the SYSTEMTAP_TAPSET, SYSTEMTAP_RUNTIME, SYSTEMTAP_STAPRUN, and | |
147 | SYSTEMTAP_STAPIO environment variables (installing systemtap, in a | |
148 | local prefix, is still recommended for common use). | |
149 | ||
150 | - Systemtap now comes with a new Beginners Guide that walks the user | |
151 | through their first steps setting up stap, understanding how it all | |
2a321362 MW |
152 | works, introduces some useful scripts and describes some common |
153 | pitfalls. It isn't created by default since it needs a Publican | |
154 | setup, but full build instructions can be found in the wiki: | |
155 | http://sourceware.org/systemtap/wiki/PublicanQuikHowto | |
156 | An online version can be found at: | |
157 | http://sourceware.org/systemtap/SystemTap_Beginners_Guide.pdf | |
158 | ||
3ad1e1ee MW |
159 | - Standard tapsets included with Systemtap were modified to include |
160 | extractable documentation information based on the kernel-doc | |
161 | infrastructure. When configured --enabled-docs a HTML and PDF | |
162 | version of the Tapset Reference Manual is produced explaining probes | |
163 | defined in each tapset. | |
164 | ||
9e494cbb DB |
165 | - The systemtap client and compile server are now available. |
166 | These allow you to compile a systemtap module on a host other than | |
167 | the one which it will be run, providing the client and server | |
168 | are compatible. Other than using a server for passes 1 through | |
169 | 4, the client behaves like the 'stap' front end itself. This | |
170 | means, among other things, that the client will automatically | |
171 | load the resulting module on the local host unless -p[1234] | |
c8bf931d | 172 | was specified. See stap-server(8) for more details. |
9e494cbb | 173 | The client/server now use SSL for network connection security and |
6288515e DB |
174 | for signing. |
175 | ||
176 | The systemtap client and server are prototypes only. Interfaces, options | |
177 | and usage may change at any time. | |
9e494cbb | 178 | |
592470cd SC |
179 | - function("func").label("label") probes are now supported to allow matching |
180 | the label of a function. | |
181 | ||
9a8d8be3 MH |
182 | - Systemtap initscript is available. This initscript allows you to run |
183 | systemtap scripts as system services (in flight recorder mode) and | |
184 | control those scripts individually. | |
185 | See README.initscript for details. | |
186 | ||
b5e66ada FCE |
187 | - The stap "-r DIR" option may be used to identify a hand-made kernel |
188 | build directory. The tool determines the appropriate release string | |
189 | automatically from the directory. | |
7471ea1f | 190 | |
453edad1 | 191 | - Serious problems associated with user-space probing in shared libraries |
592470cd | 192 | were corrected, making it now possible to experiment with probe shared |
7d091090 FCE |
193 | libraries. Assuming dwarf debugging information is installed, use this |
194 | twist on the normal syntax: | |
195 | ||
196 | probe process("/lib64/libc-2.8.so").function("....") { ... } | |
197 | ||
198 | This would probe all threads that call into that library. Running | |
199 | "stap -c CMD" or "stap -x PID" naturally restricts this to the target | |
453edad1 | 200 | command+descendants only. $$vars etc. may be used. |
7d091090 FCE |
201 | |
202 | - For scripts that sometimes terminate with excessive "skipped" probes, | |
203 | rerunning the script with "-t" (timing) will print more details about | |
204 | the skippage reasons. | |
205 | ||
fd2aeae9 FCE |
206 | - Symbol tables and unwind (backtracing) data support were formerly |
207 | compiled in for all probed modules as identified by the script | |
208 | (kernel; module("name"); process("file")) plus those listed by the | |
209 | stap "-d BINARY" option. Now, this data is included only if the systemtap | |
210 | script uses tapset functions like probefunc() or backtrace() that require | |
211 | such information. This shrinks the probe modules considerably for the rest. | |
212 | ||
e0b4e89d | 213 | - Per-pass verbosity control is available with the new "--vp {N}+" option. |
fd2aeae9 FCE |
214 | "stap --vp 040" adds 4 units of -v verbosity only to pass 2. This is useful |
215 | for diagnosing errors from one pass without excessive verbosity from others. | |
e0b4e89d | 216 | |
5c4dcbfb FCE |
217 | - Most probe handlers now run with interrupts enabled, for improved |
218 | system responsiveness and less probing overhead. This may result | |
219 | in more skipped probes, for example if a reentrant probe handler | |
fd2aeae9 FCE |
220 | is attempted from within an interrupt handler. It may also make the |
221 | systemtap overload detection facility more likely to be triggered, as | |
222 | interrupt handlers' run time would be included in the self-assessed | |
223 | overhead of running probe handlers. | |
6b2ad26c | 224 | |
5879aacc | 225 | * What's new in version 0.8 |
cfaa068c | 226 | |
2f9f9366 FCE |
227 | - Cache limiting is now available. If the compiled module cache size is |
228 | over a limit specified in the $SYSTEMTAP_DIR/cache/cache_mb_limit file, | |
229 | some old cache entries will be unlinked. See man stap(1) for more. | |
230 | ||
57b2fd2b RA |
231 | - Error and warning messages are now followed by source context displaying |
232 | the erroneous line/s and a handy '^' in the following line pointing to the | |
233 | appropriate column. | |
234 | ||
23433b34 EB |
235 | - A bug reporting tool "stap-report" is now available which will quickly |
236 | retrieve much of the information requested here: | |
237 | http://sourceware.org/systemtap/wiki/HowToReportBugs | |
238 | ||
25a63204 FCE |
239 | - The translator can resolve members of anonymous structs / unions: |
240 | given struct { int foo; struct { int bar; }; } *p; | |
241 | this now works: $p->bar | |
242 | ||
2fa2a091 NT |
243 | - The stap "-F" flag activates "flight recorder" mode, which consists of |
244 | translating the given script as usual, but implicitly launching it into | |
245 | the background with staprun's existing "-L" (launch) option. A user | |
246 | can later reattach to the module with "staprun -A MODULENAME". | |
247 | ||
6270adc1 MH |
248 | - Additional context variables are available on user-space syscall probes. |
249 | - $argN ($arg1, $arg2, ... $arg6) in process(PATH_OR_PID).syscall | |
250 | gives you the argument of the system call. | |
5d67b47c MH |
251 | - $return in process(PATH_OR_PID).syscall.return gives you the return |
252 | value of the system call. | |
6270adc1 | 253 | |
cec7293b | 254 | - Target process mode (stap -c CMD or -x PID) now implicitly restricts all |
094b05c7 | 255 | "process.*" probes to the given child process. (It does not affect |
34f2e0b9 FCE |
256 | kernel.* or other probe types.) The CMD string is normally run directly, |
257 | rather than via a /bin/sh -c subshell, since then utrace/uprobe probes | |
258 | receive a fairly "clean" event stream. If metacharacters like | |
259 | redirection operators were present in CMD, then "sh -c CMD" is still | |
260 | used, and utrace/uprobe probes will receive events from the shell. | |
cec7293b FCE |
261 | |
262 | % stap -e 'probe process.syscall, process.end { | |
263 | printf("%s %d %s\n", execname(), pid(), pp())}'\ | |
264 | -c ls | |
265 | ls 2323 process.syscall | |
266 | ls 2323 process.syscall | |
267 | ls 2323 process.end | |
268 | ||
1044139f FCE |
269 | - Probe listing mode is improved: "-L" lists available script-level variables |
270 | ||
271 | % stap -L 'syscall.*open*' | |
272 | syscall.mq_open name:string name_uaddr:long filename:string mode:long u_attr_uaddr:long oflag:long argstr:string | |
273 | syscall.open name:string filename:string flags:long mode:long argstr:string | |
274 | syscall.openat name:string filename:string flags:long mode:long argstr:string | |
275 | ||
e070cc9c FCE |
276 | - All user-space-related probes support $PATH-resolved executable |
277 | names, so | |
278 | ||
279 | probe process("ls").syscall {} | |
280 | probe process("./a.out").syscall {} | |
281 | ||
282 | work now, instead of just | |
283 | ||
284 | probe process("/bin/ls").syscall {} | |
285 | probe process("/my/directory/a.out").syscall {} | |
286 | ||
287 | - Prototype symbolic user-space probing support: | |
288 | ||
289 | # stap -e 'probe process("ls").function("*").call { | |
290 | log (probefunc()." ".$$parms) | |
291 | }' \ | |
292 | -c 'ls -l' | |
293 | ||
294 | This requires: | |
295 | - debugging information for the named program | |
296 | - a version of utrace in the kernel that is compatible with the "uprobes" | |
297 | kernel module prototype. This includes RHEL5 and older Fedora, but not | |
298 | yet current lkml-track utrace; a "pass 4a"-time build failure means | |
299 | your system cannot use this yet. | |
300 | ||
cd221ed4 | 301 | - Global variables which are written to but never read are now |
e070cc9c | 302 | automatically displayed when the session does a shutdown. For example: |
5d954165 | 303 | |
e070cc9c FCE |
304 | global running_tasks |
305 | probe timer.profile {running_tasks[pid(),tid()] = execname()} | |
5d954165 | 306 | probe timer.ms(8000) {exit()} |
cd221ed4 | 307 | |
a93f0b31 SC |
308 | - A formatted string representation of the variables, parameters, or local |
309 | variables at a probe point is now supported via the special $$vars, | |
a43ba433 FCE |
310 | $$parms, and $$locals context variables, which expand to a string |
311 | containing a list "var1=0xdead var2=0xbeef var3=?". (Here, var3 exists | |
312 | but is for some reason unavailable.) In return probes only, $$return | |
fd574705 | 313 | expands to an empty string for a void function, or "return=0xf00". |
a93f0b31 | 314 | |
e10599ff | 315 | |
c2af6f02 FCE |
316 | * What's new in version 0.7 |
317 | ||
99a5f9cf SC |
318 | - .statement("func@file:*") and .statement("func@file:M-N") probes are now |
319 | supported to allow matching a range of lines in a function. This allows | |
320 | tracing the execution of a function. | |
321 | ||
14a75801 FCE |
322 | - Scripts relying on probe point wildcards like "syscall.*" that expand |
323 | to distinct kprobes are processed significantly faster than before. | |
324 | ||
d57671d3 FCE |
325 | - The vector of script command line arguments is available in a |
326 | tapset-provided global array argv[]. It is indexed 1 ... argc, | |
327 | another global. This can substitute for of preprocessor | |
328 | directives @NNN that fail at parse time if there are not | |
329 | enough arguments. | |
330 | ||
331 | printf("argv: %s %s %s", argv[1], argv[2], argv[3]) | |
332 | ||
1bd128a3 SC |
333 | - .statement("func@file+line") probes are now supported to allow a |
334 | match relative to the entry of the function incremented by line | |
335 | number. This allows using the same systemtap script if the rest | |
336 | of the file.c source only changes slightly. | |
337 | ||
16442b90 FCE |
338 | - A probe listing mode is available. |
339 | % stap -l vm.* | |
340 | vm.brk | |
341 | vm.mmap | |
342 | vm.munmap | |
343 | vm.oom_kill | |
344 | vm.pagefault | |
345 | vm.write_shared | |
346 | ||
159cb109 DS |
347 | - More user-space probe types are added: |
348 | ||
dd078c96 DS |
349 | probe process(PID).begin { } |
350 | probe process("PATH").begin { } | |
351 | probe process(PID).thread.begin { } | |
352 | probe process("PATH").thread.begin { } | |
353 | probe process(PID).end { } | |
354 | probe process("PATH").end { } | |
355 | probe process(PID).thread.end { } | |
356 | probe process("PATH").thread.end { } | |
159cb109 DS |
357 | probe process(PID).syscall { } |
358 | probe process("PATH").syscall { } | |
359 | probe process(PID).syscall.return { } | |
360 | probe process("PATH").syscall.return { } | |
16442b90 | 361 | |
c3799d72 AM |
362 | - Globals now accept ; terminators |
363 | ||
364 | global odds, evens; | |
365 | global little[10], big[5]; | |
366 | ||
62802575 FCE |
367 | * What's new in version 0.6 |
368 | ||
369 | - A copy of the systemtap tutorial and language reference guide | |
370 | are now included. | |
683b62c0 | 371 | |
34201621 DB |
372 | - There is a new format specifier, %m, for the printf family of |
373 | functions. It functions like %s, except that it does not stop when | |
374 | a nul ('\0') byte is encountered. The number of bytes output is | |
375 | determined by the precision specifier. The default precision is 1. | |
376 | For example: | |
377 | ||
378 | printf ("%m", "My String") // prints one character: M | |
379 | printf ("%.5", myString) // prints 5 bytes beginning at the start | |
380 | // of myString | |
381 | ||
382 | - The %b format specifier for the printf family of functions has been enhanced | |
383 | as follows: | |
384 | ||
385 | 1) When the width and precision are both unspecified, the default is %8.8b. | |
386 | 2) When only one of the width or precision is specified, the other defaults | |
387 | to the same value. For example, %4b == %.4b == %4.4b | |
388 | 3) Nul ('\0') bytes are used for field width padding. For example, | |
389 | ||
390 | printf ("%b", 0x1111deadbeef2222) // prints all eight bytes | |
391 | printf ("%4.2b", 0xdeadbeef) // prints \0\0\xbe\xef | |
392 | ||
393 | - Dynamic width and precision are now supported for all printf family format | |
394 | specifiers. For example: | |
395 | ||
396 | four = 4 | |
397 | two = 2 | |
398 | printf ("%*.*b", four, two, 0xdeadbbeef) // prints \0\0\xbe\xef | |
399 | printf ("%*d", four, two) // prints <space><space><space>2 | |
400 | ||
7a468d68 | 401 | - Preprocessor conditional expressions can now include wildcard style |
e070cc9c | 402 | matches on kernel versions. |
7a468d68 FCE |
403 | %( kernel_vr != "*xen" %? foo %: bar %) |
404 | ||
1ada6f08 FCE |
405 | - Prototype support for user-space probing is showing some progress. |
406 | No symbolic notations are supported yet (so no probing by function names, | |
407 | file names, process names, and no access to $context variables), but at | |
408 | least it's something: | |
409 | ||
410 | probe process(PID).statement(ADDRESS).absolute { } | |
411 | ||
412 | This will set a uprobe on the given process-id and given virtual address. | |
413 | The proble handler runs in kernel-space as usual, and can generally use | |
414 | existing tapset functions. | |
415 | ||
149eaccd MH |
416 | - Crash utility can retrieve systemtap's relay buffer from a kernel dump |
417 | image by using staplog which is a crash extension module. To use this | |
418 | feature, type commands as below from crash(8)'s command line: | |
419 | ||
420 | crash> extend staplog.so | |
421 | crash> help systemtaplog | |
422 | ||
423 | Then, you can see more precise help message. | |
424 | ||
425 | - You can share a relay buffer amoung several scripts and merge outputs from | |
426 | several scripts by using "-DRELAY_HOST" and "-DRELAY_GUEST" options. | |
427 | For example: | |
428 | ||
429 | # run a host script | |
430 | % stap -ve 'probe begin{}' -o merged.out -DRELAY_HOST & | |
431 | # wait until starting the host. | |
432 | % stap -ve 'probe begin{print("hello ");exit()}' -DRELAY_GUEST | |
433 | % stap -ve 'probe begin{print("world\n");exit()}' -DRELAY_GUEST | |
434 | ||
435 | Then, you'll see "hello world" in merged.out. | |
436 | ||
dfd11cc3 MH |
437 | - You can add a conditional statement for each probe point or aliase, which |
438 | is evaluated when the probe point is hit. If the condition is false, the | |
439 | whole probe body(including aliases) is skipped. For example: | |
440 | ||
441 | global switch = 0; | |
442 | probe syscall.* if (switch) { ... } | |
443 | probe procfs.write {switch = strtol($value,10)} /* enable/disable ctrl */ | |
444 | ||
a9e8f7e0 FCE |
445 | - Systemtap will warn you if your script contains unused variables or |
446 | functions. This is helpful in case of misspelled variables. If it | |
447 | doth protest too much, turn it off with "stap -w ...". | |
448 | ||
683b62c0 FCE |
449 | - You can add error-handling probes to a script, which are run if a |
450 | script was stopped due to errors. In such a case, "end" probes are | |
451 | not run, but "error" ones are. | |
452 | ||
453 | probe error { println ("oops, errors encountered; here's a report anyway") | |
454 | foreach (coin in mint) { println (coin) } } | |
98aab489 | 455 | |
d898100a FCE |
456 | - In a related twist, one may list probe points in order of preference, |
457 | and mark any of them as "sufficient" beyond just "optional". Probe | |
458 | point sequence expansion stops if a sufficient-marked probe point has a hit. | |
459 | This is useful for probes on functions that may be in a module (CONFIG_FOO=m) | |
460 | or may have been compiled into the kernel (CONFIG_FOO=y), but we don't know | |
461 | which. Instead of | |
462 | ||
463 | probe module("sd").function("sd_init_command") ? , | |
464 | kernel.function("sd_init_command") ? { ... } | |
465 | ||
466 | which might match neither, now one can write this: | |
467 | ||
468 | probe module("sd").function("sd_init_command") ! , /* <-- note excl. mark */ | |
469 | kernel.function("sd_init_command") { ... } | |
470 | ||
98aab489 | 471 | - New security model. To install a systemtap kernel module, a user |
fedd4090 FCE |
472 | must be one of the following: the root user; a member of the |
473 | 'stapdev' group; or a member of the 'stapusr' group. Members of the | |
474 | stapusr group can only use modules located in the | |
475 | /lib/modules/VERSION/systemtap directory (where VERSION is the | |
476 | output of "uname -r"). | |
477 | ||
478 | - .statement("...@file:line") probes now apply heuristics to allow an | |
479 | approximate match for the line number. This works similarly to gdb, | |
480 | where a breakpoint placed on an empty source line is automatically | |
481 | moved to the next statement. A silly bug that made many $target | |
482 | variables inaccessible to .statement() probes was also fixed. | |
98aab489 | 483 | |
6d4a0530 FCE |
484 | - LKET has been retired. Please let us know on <systemtap@sourceware.org> |
485 | if you have been a user of the tapset/tools, so we can help you find | |
486 | another way. | |
487 | ||
4fcb4393 FCE |
488 | - New families of printing functions println() and printd() have been added. |
489 | println() is like print() but adds a newline at the end; | |
490 | printd() is like a sequence of print()s, with a specified field delimiter. | |
491 | ||
db6f191e FCE |
492 | * What's new since version 0.5.14? |
493 | ||
3f99432c FCE |
494 | - The way in which command line arguments for scripts are substituted has |
495 | changed. Previously, $1 etc. would interpret the corresponding command | |
496 | line argument as an numeric literal, and @1 as a string literal. Now, | |
497 | the command line arguments are pasted uninterpreted wherever $1 etc. | |
498 | appears at the beginning of a token. @1 is similar, but is quoted as | |
499 | a string. This change does not modify old scripts, but has the effect | |
500 | of permitting substitution of arbitrary token sequences. | |
501 | ||
502 | # This worked before, and still does: | |
503 | % stap -e 'probe timer.s($1) {}' 5 | |
504 | # Now this also works: | |
505 | % stap -e 'probe syscall.$1 {log(@1)}' open | |
506 | # This won't crash, just signal a recursion error: | |
507 | % stap -e '$1' '$1' | |
508 | # As before, $1... is recognized only at the beginning of a token | |
509 | % stap -e 'probe begin {foo$1=5}' | |
db6f191e | 510 | |
8438f752 FCE |
511 | * What's new since version 0.5.13? |
512 | ||
b8da0ad1 FCE |
513 | - The way in which systemtap resolves function/inline probes has changed: |
514 | .function(...) - now refers to all functions, inlined or not | |
515 | .inline(...) - is deprecated, use instead: | |
516 | .function(...).inline - filters function() to only inlined instances | |
517 | .function(...).call - filters function() to only non-inlined instances | |
518 | .function(...).return - as before, but now pairs best with .function().call | |
519 | .statement() is unchanged. | |
8438f752 | 520 | |
9abec538 FCE |
521 | * What's new since version 0.5.12? |
522 | ||
523 | - When running in -p4 (compile-only) mode, the compiled .ko file name | |
524 | is printed on standard output. | |
525 | ||
dcc4fec4 FCE |
526 | - An array element with a null value such as zero or an empty string |
527 | is now preserved, and will show up in a "foreach" loop or "in" test. | |
528 | To delete such an element, the scripts needs to use an explicit | |
529 | "delete array[idx]" statement rather than something like "array[idx]=0". | |
530 | ||
44f75386 FCE |
531 | - The new "-P" option controls whether prologue searching heuristics |
532 | will be activated for function probes. This was needed to get correct | |
533 | debugging information (dwarf location list) data for $target variables. | |
534 | Modern compilers (gcc 4.1+) tend not to need this heuristic, so it is | |
535 | no longer default. A new configure flag (--enable-prologues) restores | |
536 | it as a default setting, and is appropriate for older compilers (gcc 3.*). | |
9abec538 | 537 | |
74525094 FCE |
538 | - Each systemtap module prints a one-line message to the kernel informational |
539 | log when it starts. This line identifies the translator version, base | |
540 | address of the probe module, a broken-down memory consumption estimate, and | |
541 | the total number of probes. This is meant as a debugging / auditing aid. | |
542 | ||
29fdb4e4 DS |
543 | - Begin/end probes are run with interrupts enabled (but with |
544 | preemption disabled). This will allow begin/end probes to be | |
545 | longer, to support generating longer reports. | |
74525094 | 546 | |
37ebca01 FCE |
547 | - The numeric forms of kernel.statement() and kernel.function() probe points |
548 | are now interpreted as relocatable values - treated as relative to the | |
549 | _stext symbol in that kernel binary. Since some modern kernel images | |
550 | are relocated to a different virtual address at startup, such addresses | |
551 | may shift up or down when actually inserted into a running kernel. | |
552 | ||
553 | kernel.statement(0xdeadbeef): validated, interpreted relative to _stext, | |
554 | may map to 0xceadbeef at run time. | |
555 | ||
556 | In order to specify unrelocated addresses, use the new ".absolute" | |
557 | probe point suffix for such numeric addresses. These are only | |
558 | allowed in guru mode, and provide access to no $target variables. | |
559 | They don't use debugging information at all, actually. | |
560 | ||
561 | kernel.statement(0xfeedface).absolute: raw, unvalidated, guru mode only | |
562 | ||
7ad9d4f5 FCE |
563 | * What's new since version 0.5.10? |
564 | ||
565 | - Offline processing of debugging information, enabling general | |
566 | cross-compilation of probe scripts to remote hosts, without | |
567 | requiring identical module/memory layout. This slows down | |
568 | compilation/translation somewhat. | |
569 | ||
570 | - Kernel symbol table data is loaded by staprun at startup time | |
571 | rather than compiled into the module. | |
572 | ||
573 | - Support the "limit" keyword for foreach iterations: | |
574 | foreach ([x,y] in ary limit 5) { ... } | |
575 | This implicitly exits after the fifth iteration. It also enables | |
576 | more efficient key/value sorting. | |
577 | ||
578 | - Support the "maxactive" keyword for return probes: | |
579 | probe kernel.function("sdfsdf").maxactive(848) { ... } | |
580 | This allows up to 848 concurrently outstanding entries to | |
581 | the sdfsdf function before one returns. The default maxactive | |
582 | number is smaller, and can result in missed return probes. | |
583 | ||
584 | - Support accessing of saved function arguments from within | |
585 | return probes. These values are saved by a synthesized | |
586 | function-entry probe. | |
587 | ||
588 | - Add substantial version/architecture checking in compiled probes to | |
589 | assert correct installation of debugging information and correct | |
590 | execution on a compatible kernel. | |
591 | ||
592 | - Add probe-time checking for sufficient free stack space when probe | |
593 | handlers are invoked, as a safety improvement. | |
594 | ||
595 | - Add an optional numeric parameter for begin/end probe specifications, | |
e070cc9c | 596 | to order their execution. |
7ad9d4f5 FCE |
597 | probe begin(10) { } /* comes after */ probe begin(-10) {} |
598 | ||
599 | - Add an optional array size declaration, which is handy for very small | |
600 | or very large ones. | |
e070cc9c | 601 | global little[5], big[20000] |
7ad9d4f5 FCE |
602 | |
603 | - Include some example scripts along with the documentation. | |
604 | ||
605 | - Change the start-time allocation of probe memory to avoid causing OOM | |
606 | situations, and to abort cleanly if free kernel memory is short. | |
607 | ||
608 | - Automatically use the kernel DWARF unwinder, if present, for stack | |
609 | tracebacks. | |
610 | ||
611 | - Many minor bug fixes, performance, tapset, and error message | |
612 | improvements. |