Stan Cox [Wed, 17 Nov 2010 16:57:04 +0000 (11:57 -0500)]
Add user_{int8,int16,uint16,int32,uint32,int64}.
* conversions.stp (STP_GET_USER): New. Use it to define...
(user_{int{8,16,32,64},uint{16,32}}) New. Names derive from types.h.
(user_char,user_short,user_int): Use STP_GET_USER.
* tapsets.cxx (uprobe_var_expanding_visitor::visit_target_symbol):
Use user_intN tapsets.
* sdt_types.c (unsigned_short_int_var,unsigned_int_var): New
* sdt_types.stp (unsigned_short_int_var,unsigned_int_var): New
We would like to thank Tavis Ormandy for reporting this issue.
* runtime/staprun/staprun.c (enable_uprobes): Don't run /sbin/modprobe
directly, since it takes more inputs than we have tried to sanitize.
(remove_module): Call init_ctl_channel on putative stap module name,
to check that it's our own stap module.
(init_staprun): Do remove/retry via remove_module rather than
underchecked delete_module(2).
* runtime/staprun/ctl.c (init_ctl_channel): Check ownership of
.ctl files, to preclude manipulation of some other stapusr member's modules.
* runtime/staprun/Makefile.am, systemtap.spec: Install staprun as
mode 04110, group stapusr.
* README.security, runtime/staprun/staprun.8: Note new stapdev/stapusr
joint requirements.
Josh Stone [Tue, 16 Nov 2010 21:20:53 +0000 (13:20 -0800)]
Add a fallback for kernels not exporting add_timer_on
Commit 3fd1c49 regressed for kernels which don't EXPORT add_timer_on.
* buildrun.cxx (compile_pass): Test for add_timer_on's export.
* runtime/time.c (_stp_init_time, __stp_init_time): Restore the
IPI-add_timer as a fallback.
Josh Stone [Tue, 16 Nov 2010 02:08:58 +0000 (18:08 -0800)]
PR11735: Hash ldd/vdso unwindsym_modules too
* translate.cxx (prepare_symbol_data): Do add_unwindsym_ldd/vdso here.
(prepare_translate_pass): Call above, and placeholder for the future.
* main.cxx (passes_0_4): Call prepare_translate_pass before checking the
cache, so we have more complete unwindsym_modules.
Josh Stone [Sat, 13 Nov 2010 01:14:52 +0000 (17:14 -0800)]
uprobes: Clean up after vfork-exec
When a vfork'ed thread execs, we don't want to remove the probes from
the vfork parent, but we still need to clean up the thread associations.
Otherwise, the newly-execed process won't have the right accounting for
its SSOL area.
* runtime/uprobes2/uprobes.c (uprobe_report_exec): Clean up thread info
when a vfork'ed task execs.
* runtime/uprobes/uprobes.c (uprobe_report_exec): Ditto.
Josh Stone [Thu, 11 Nov 2010 21:11:50 +0000 (13:11 -0800)]
PR12164: Emit kprobes-sdt goo only when needed
This stuff is only used for apps compiled with EXPERIMENTAL_KPROBE_SDT,
so we don't need it most of the time.
* runtime/kprobes-common.c (stap_kprobe_process_found,
stap_kprobe_mmap_found): Only create #ifdef KPROBES_TASK_FINDER.
* tapsets.cxx (dwarf_derived_probe::join_group): Only enable_task_finder
in the session if a semaphore is present.
(dwarf_derived_probe_group::enroll): Remember if any has_semaphores.
(dwarf_derived_probe_group::emit_module_decls): Predicate sdt and
task_finder code on has_semaphores.
(dwarf_derived_probe_group::emit_module_init): Ditto.
(dwarf_derived_probe_group::emit_module_exit): Ditto.
* runtime/staprun/staprun.c (send_a_relocation): Don't
complain about overlong names, except if very verbose.
Triple-check null termination of surviving strings.
PR11811: warn on missing unwind info with 'stap -d FOO'
* unwind.c (unwind_frame): Demote common warnings to dbug_unwind messages.
(unwind): Print a warning for unwind operations foiled by modules that
did not have pre-uploaded unwind data.
* buildrun.cxx (compile_pass): Check for exported __module_text_address.
Extend the print_*backtrace symbol names with the full path
of the user-space ELF module, not just the basename. This
requires saving a char[] copy in the __stp_tf_vma_entry
structure instead of a char* pointing into a dentry.d_name.
-DTASK_FINDER_VMA_ENTRY_PATHLEN governs copy length.
* runtime/task_finder_vma.c (__stp_tf_vma_entry): Change
char*name -> char[]path field. Update manipulating
functions accordingly.
* runtime/vma.c (_stp_vma_mmap_cb): Pass mmpath to tf-vma table
if available.
* testsuite/systemtap.context/usymbols.exp: Update for expected
full path in output string.
* NEWS: Mention change.
* runtime/sym.h (_STP_SYM_MODULE_BASENAME): New flag.
(_STP_SYM_SIMPLE): Include it.
* runtime/sym.c (_stp_snprint_addr): Process it.
Stan Cox [Sat, 6 Nov 2010 03:02:39 +0000 (23:02 -0400)]
Add build id support for user modules.
* sym.c (_stp_build_id_check): New. Moved the build id check code from
_stp_module_check and changed...
(_stp_module_check): to use it.
(_stp_usermodule_check): New. This is called from the
task manager callback stap_uprobe_change_plus for the process found and
mmap found cases.
* translate.cxx (dump_unwindsyms): Don't stop if it isn't a kernel module.
Set build_id_vaddr for user modules. Output module->build_id_offset as an
absolute address.
PR12195: pass user-space timezone at script startup
* runtime/transport/transpot_msgs.h: Declare STP_TZINFO message type.
* runtime/staprun/staprun.c (send_tzinfo): New function to send time zone
at startup.
* runtime/transport/control.c (_stp_ctl_write_cmd): Allow this message.
* runtime/transport/transport.c (_stp_handle_tzinfo): New function to
process this message and declare various globals.
* tapset/tzinfo.stp: New tapset to access those globals.
* testsuite/buildok/timestamp-embedded.stp: Extend test.
* NEWS: Mention tz_ctime().
* doc/SystemTap_Tapset_Reference/tapsets.tmpl: Extract docs from new tapset.
Josh Stone [Fri, 5 Nov 2010 21:45:59 +0000 (14:45 -0700)]
Make pfiles kneel before the frame-size overlord
In socket_optname, there's an optname_entries mapping array. On 64-bit,
each item is 24 bytes, so with 14 entries that's 336 bytes. That
doesn't need to be on the stack -- static const it is.
Josh Stone [Fri, 5 Nov 2010 19:16:22 +0000 (12:16 -0700)]
PR10821: Remove large stack variables from the unwinder
We tend to use the percpu CONTEXT as a pre-allocated stack, so add the
large unwinder variable there too.
* runtime/unwind.c (unwind, unwind_frame): Use an unwind_context
parameter for the larger data needed.
* runtime/stack-$arch.c (__stp_stack_print): Add the unwind_context
parameter, and use it for the x86 versions with a dwarf unwinder.
* runtime/stack.c (_stp_stack_print, _stp_stack_sprint): Add the
unwind_context parameter and pass it along.
* translate.cxx (c_unparser::emit_common_header): Add unwind_context the
the global CONTEXT when we NEED_UNWIND_DATA.
* tapset/context-unwind.stp (*backtrace): Use CONTEXT->uwcontext.
* tapset/ucontext-unwind.stp (*backtrace): Use CONTEXT->uwcontext.
* buildrun.cxx (compile_pass): Tighten the frame warning to 256 bytes.
David Smith [Thu, 4 Nov 2010 21:30:09 +0000 (16:30 -0500)]
Updated memory.stp, rpc.stp, task.stp, and vfs.stp for 2.6.36.
* tapset/memory.stp (vm.oom_kill): Added oom_kill_process().
* tapset/rpc.stp (sunrpc.clnt.call_sync): Updated for 2.6.36.
(sunrpc.clnt.call_async): Ditto.
* tapset/task.stp (task_gid): Updated for 2.6.36 by defining and using
task_gid().
(task_egid): Updated for 2.6.36 by defining and using task_egid().
* tapset/vfs.stp (_vfs.block_prepare_write): Update for 2.6.36 by using
__block_write_begin() as an alternative to __block_prepare_write().
(_vfs.block_write_begin): Updated for 2.6.36.
Josh Stone [Thu, 4 Nov 2010 02:27:54 +0000 (19:27 -0700)]
Test that uprobes supports "rep ret"
We've made a special case in uprobes to support this sequence, since it
does occur in normal gcc output, so make sure of that. At the same
time, test that we reject other prefixes like "repnz ret", even though
we might be able to support them after more analysis.
Josh Stone [Wed, 3 Nov 2010 17:34:39 +0000 (10:34 -0700)]
uprobes: Fix post_ssout handling of "rep ret" on x86
That odd sequence is apparently used to coerce better behavior from the
branch predictor on AMD K8. GCC does this, so we need to be prepared to
deal with it.
In uprobe_post_ssout, most instructions just need a relative %ip fixup
after single-stepping out-of-line. A few are special though, either
because their new %ip is not relative, or because their return address
on the stack needs that relative SSOL adjustment, or even both. This
oddball "rep ret" is such a case, but we were missing the proper fixup
due to the unexpected prefix.
This patch moves that ip-fixup decoding to the validation phase in
setup_uprobe_post_ssout, saving the flags UPFIX_RETURN and UPFIX_ABS_IP
as needed. In this same step, we reject probing these instructions if
they have a prefix, as we haven't determined the correct behavior for
them. For "rep ret" we make an explicit exception, since we know that
behaves just like a bare "ret".
Josh Stone [Tue, 2 Nov 2010 21:01:23 +0000 (14:01 -0700)]
Improve gettimeofday stability
These are a few tweaks to improve the stability of our gettimeofday
startup and shutdown. Hopefully this helps with PR10651 and PR12182,
but that's not been confirmed yet.
* runtime/runtime.h: Don't include time.c here.
* translate.cxx (c_unparser::emit_common_header): Include time.c here,
only if NEEDed (so we also ensure init/kill_time will be called).
(c_unparser::emit_module_init): Change to STAP_SESSION_STOPPED for the
final cleanup efforts, especially for time.c to wrap up.
(c_unparser::emit_module_exit): Ditto.
* runtime/time.c (__stp_time_timer_callback): Use the session_state
instead of stp_timer_reregister, and continue until STOPPED.
(__stp_init_time): Don't add_timer from the IPI.
(_stp_init_time): Instead, add_timer_on each cpu here.
The kmodule.stp test case could evoke a double-free of module-info
structs, since these were shared pointers, and not managed by GC.
Oh yeah, what GC, in the year 2010.
* dwflpp.cxx (dwflpp dtor): Don't delete shared mod_info ptr.
(module_cache dtor): New function.
* dwflpp.h: Declare.
* tapsets.cxx (delete_session_module_cache): New function.
(several::build_no_more): Call it.
(dwarf_build_no_more): Use delete_map<> template.
David Smith [Mon, 1 Nov 2010 20:37:23 +0000 (15:37 -0500)]
Improved fork/vfork tests for RHEL5.
* testsuite/systemtap.clone/dtrace_fork_exec.exp: Improve output string to
handle parent/child execution order differences.
* testsuite/systemtap.clone/dtrace_vfork_parent.c: Added include files to
avoid compile error on RHEL5.
* testsuite/systemtap.clone/dtrace_vfork_parent.c: Ditto.
David Smith [Mon, 1 Nov 2010 20:32:57 +0000 (15:32 -0500)]
Improve handling of vfork'ed processes for uprobes version 1.
* runtime/uprobes/uprobes.c (insert_bkpt): Don't log EEXIST errors (since
systemtap inserts duplicate probes).
(uprobe_report_exec): Only cleanup if this is the last thread. Without
this change, vfork'ed processes doing an exec weren't handled correctly.
Frank Ch. Eigler [Thu, 28 Oct 2010 22:42:35 +0000 (18:42 -0400)]
PR12169: fix tokenize()
* tapset/tokenize.stp: New file for tokenize(). Use per-context statics.
* doc/SystemTap_Tapset_Reference/tapsets.tmpl: Pull it into new docs.
* tapset/string.stp: Remove old tokenize() code.
* translate.cxx (emit_common_header): Add STAP_NEED_CONTEXT_TOKENIZE bits.
(translate_pass): Emit global %{ %} embeds before context definition.
Frank Ch. Eigler [Thu, 28 Oct 2010 17:31:26 +0000 (13:31 -0400)]
tracepoints: restore access to include/trace/event/* points w/o debuginfo
An earlier commit impeded access to kernel tracepoints that are
defined in the proper header files, but lacking the debuginfo
for the backup searching widget to work.
* tapsets.cxx (tracepoint_derived_probe_group::emit_module_decls):
Remove "include/" substring from header files.
David Smith [Thu, 28 Oct 2010 15:36:39 +0000 (10:36 -0500)]
Improve handling of vfork'ed processes.
* runtime/uprobes2/uprobes.c (insert_bkpt): Don't log EEXIST errors (since
systemtap inserts duplicate probes).
(uprobe_report_exec): Only cleanup if this is the last thread. Without
this change, vfork'ed processes doing an exec weren't handled correctly.
Josh Stone [Wed, 27 Oct 2010 20:12:08 +0000 (13:12 -0700)]
Don't treat hashed numbers like strings
Valgrind noted that we were reading uninitialized memory in __GI_strlen,
and I tracked this down to our treating a number value as a char buffer,
leading to "parm_stream << [&number]". Since it isn't a NULL-terminated
buffer, this runs away on the stack.
* hash.cxx (hash::add): Change all the numeric variants to a template,
which lets operator<< figure the right thing for parm_stream, and then
pass the raw value to mdfour.
PR6456: support wildcards in process("/bin/*") probes
* tapsets.cxx (dwarf_builder::build): For process probes, detect
and expand glob patterns via synthetic aliases.
* util.* (contains_glob_chars): New function.
* tapsets.cxx (tracepoint_builder::init_dw): Throw error if glob(3) failed.
Josh Stone [Thu, 21 Oct 2010 02:37:30 +0000 (19:37 -0700)]
A few further pfiles tweaks
- Handle device numbers that are (0,0).
- Add kreads on a few __retvalue assignments.
- Add kreads for getting sock->ops.
- Remove kreads from socket functions that are using the stack.
Josh Stone [Wed, 20 Oct 2010 23:47:55 +0000 (16:47 -0700)]
Build SDT's derived_loc more precisely
This refactors how the derived_loc is created, in a way that I think
will get better results. For example, the kprobe variant doesn't have
to try and delete components that don't apply. Also, the provider
component is now wildcard-expanded for probe listing.
* tapsets.cxx (sdt_query::convert_location): Build up components for
derived_loc from scratch, rather than trying to rewrite a copy.
Josh Stone [Wed, 20 Oct 2010 22:03:49 +0000 (15:03 -0700)]
PR12137: Separate the .stapsdt.base logic from probe asm
This splits the SDT probes into two __asm__ statements, one for the
probe itself, and the other for logic to prepare the .stapsdt.base
section. This avoids having a string literal that is too long for
-pedantic compilation (max length 509).
* includes/sys/sdt.h: Define _SDT_ASM_BASE for .stapsdt.base logic,
separate from _SDT_ASM_BODY, and add to _SDT_PROBE and STAP_PROBE_ASM.
Frank Ch. Eigler [Wed, 20 Oct 2010 15:27:59 +0000 (11:27 -0400)]
PR10745: access hidden kernel tracepoints
A bunch of kernel tracepoints have been declared outside the conventional
include/linux/trace/* hierarchy, and left in the source tree only. By
searching the source tree with some additional glob patterns, we can find
them and generate debuginfo the usual way. On Fedora/RHEL, this means
looking through debuginfo to find the DW_AT_comp_dir (compilation source
directory), which is something like /usr/src/debug/kernels/FOO/BAR/.
Nearly all tracepoints appear now accessible under RHEL6/F13 era kernels:
% ls -1 /sys/kernel/debug/tracing/events/*/*/id |
cut -f8 -d/ | egrep -v 'sys_(enter|exit)' |
while read tp
do
stap -L 'kernel.trace("'$tp'")' || echo no $tp
done
reports no "no"s. Note that syscall tracepoints are treated specially
in the kernel; stap sees only a single sys_enter / sys_exit pair, thus
the egrep -v above.
* session.h (kernel_source_tree): New field.
* buildrun.cxx (compile_pass, make_tracequery): Add EXTRA_CFLAGS += -I....
(make_tracequery): Squish repeated TRACE_INCLUDE_PATH defines.
* tapsets.cxx (tracepoint_derived_probe ctor): Relax conventions
on tracepoint header file name.
(tracepoint_extra_headers): Renamed to ...
(tracepoint_extra_decls): New function. Include struct/type forward
decls as needed.
(emit_module_decls): Use new decl list style.
(tracepoint_builder::init_dw): Search kernel source tree also for
tracepoint headers.
Josh Stone [Tue, 19 Oct 2010 19:20:24 +0000 (12:20 -0700)]
PR12121: distinguish struct/typedef homonyms
For example:
typedef struct foo foo;
foo x;
This kind of "repeated" typedef used to cause bad things for us if the
struct definition is not in the current CU. When resolving $x->bar, we
start at the typedef-foo and dereference to the struct-foo. That's just
a declaration, so we use declaration_resolve to look for the struct
definition. But since we were looking by the name "foo" only, we would
find the typedef again, getting us nowhere.
The fixed code does declaration_resolve on "struct foo" in the global cache,
so in this case we won't find anything locally, and thus we continue looking
in other CUs. If the definition isn't found elsewhere, we're stuck anyway.
* dwflpp.cxx (dwflpp::global_alias_caching_callback): Cache type names
with a relevant prefix: struct, union, etc. Classes are normalized to
be "struct" too, as that's a very blurry line.
(dwflpp::declaration_resolve(die)): New variant to resolve a specific
die -- used so we know what exact prefix we should look for.
* parse.cxx (parser::parse_target_symbol): Don't strip the prefix from
@cast types anymore, so the user can be precise about what they want.
* tapsets.cxx (dwarf_cast_query::handle_query_module): Normalize "class"
to "struct". If the user provides a bare name that fails to resolve,
then try it again with the various prefixes.
* testsuite/systemtap.base/unresolved-struct-typedef.*: New test.
Dave Brolley [Mon, 18 Oct 2010 16:17:55 +0000 (12:17 -0400)]
PR 11442: Tests for adding/revoking trust as a module signer.
These tests alter the state of the trusted signer database which is
in the install tree, and thus should not be run when the test suite
is invoked as root. The related tests which depend on these tests
are still run, but are marked as XFAIL in this situation.
Lukas Berk [Thu, 14 Oct 2010 21:07:28 +0000 (17:07 -0400)]
pr 11554 further documentation to the SYSTEMTAP_DEBUGINFO_PATH; where it looks for vmlinux, how to set it, and more information about debuginfo for user-space applications.
Dave Brolley [Wed, 13 Oct 2010 20:17:00 +0000 (16:17 -0400)]
PR 11922: Still need to resolve host names discovered using avahi.
SSL requires that the client's connection be set up with an expected DNS name
which must match one of the names on the server's certificate. This is
the only protection from 'man in the middle' attacks. The server generates
it certificate to contain its own host name. <name>.local as returned by
avahi must be resolved in attaempt to match what's on the certificate.