Martin Cermak [Fri, 9 Aug 2024 05:40:43 +0000 (07:40 +0200)]
RHEL-52491: NSS 3.101.0 compatibility
After NSS rebased to 3.101.0, systemtap stopped being able to grant
trust to stap-server: https://issues.redhat.com/browse/RHEL-52491 .
This patch fixes it.
Previous version of this test was painfully verbose. New code
runs stap under "-u" unoptimized mode to compute the backtraces
(to verify non-corruption of memory during those ops), but does
not actually print them any more.
Martin Cermak [Fri, 26 Jul 2024 08:53:59 +0000 (10:53 +0200)]
Generate DWARF for python HelperSDT (refix)
Refix commit 4e8058f38d7f2ec2040d43ddcfddff5217e89423 by letting
CFLAGS propagate to python/setup.py through the Makefile, instead
of passing the flag explicitly. Suggested by Miro Hroncok in
https://issues.redhat.com/browse/RHEL-43481 .
Martin Cermak [Thu, 25 Jul 2024 14:15:53 +0000 (16:15 +0200)]
Generate DWARF for HelperSDT/_HelperSDT*.so
Python Extension Flags Reduction effort [1] dropped GCC -g switch
from the build and linker flags (CFLAGS and LDFLAGS) saved internally
in the Python interpreter for use by distutils and other build systems.
For systemtap this means that the expected debugging symbols weren't
generated for the Helper SDT python module, e.g.:
/usr/lib/debug/usr/lib64/python3.12/site-packages/HelperSDT/_HelperSDT.\
cpython-312-x86_64-linux-gnu.so-5.1-7.el10.x86_64.debug
in systemtap-runtime-python3-debuginfo ... is missing debugging symbols.
To generate the needed debugging symbols, the -g switch needs to be
passed explicitly to the Helper SDT gen script via extra_compile_args.
New sdt-dtrace subpackage for dtrace tool (rhbz#2296275)
This is phase one of the approved self-contained change:
https://fedoraproject.org/wiki/Changes/Separate_dtrace_package
Phase two will be to switch all packages that need the dtrace tool
to the new systemtap-sdt-drace and then we can remove
the requirement from systemtap-sdt-devel package.
William Cohen [Tue, 2 Jul 2024 02:55:43 +0000 (22:55 -0400)]
Update tty.stp tapset for Linux 6.1 and newer
The buildok/tty-detailed.stp test was failing on Linux kernels 6.1 and
newer. The tty.stp tapset was updated to address:
- the n_tty_read() $buf argument becoming $kbuf
(Linux git commit 3b830a9c34d5897be)
- removal of the magic field from tty_struct
(Linux git commit 7a4e0d2c7fb8e28bb)
William Cohen [Mon, 1 Jul 2024 21:06:46 +0000 (17:06 -0400)]
Allow buildok/twentyseven.stp to work on kernels with inlined do_execve()
A earlier systemtap git commit 35ea394c93d3 disabled
buildok/twentyseven.stp probing of inlined versions of do_execve()
because the arguments being used were not available on Linux 4.11
kernels for the inlined version. However, on newer x86_64 Fedora 39
systems the compiler is optimizing the Linux kernel 6.9.7 kernel code
so only the inlined version of do_execve() exists. Loosening the
tewentyseven.stp probe to probe both inlined and non-inlined versions
of do_execve() to allow the test to work on newer systems.
William Cohen [Mon, 1 Jul 2024 20:46:48 +0000 (16:46 -0400)]
Update scheduler.stp tapset to work with newer Linux kernels
The buildok/scheduler-detailed.stp was failing due to a number
of changes in the Linux kernel. The scheduler.stp tapset
has been updated to address those Linux kernel changes:
William Cohen [Fri, 28 Jun 2024 21:06:24 +0000 (17:06 -0400)]
Update nfsderrno.stp to work with Linux 6.10
The NFSERR_OPNOTSUPP error is not a valid NFS described
by any RFC and has been removed from the Linux 6.10
kernels by git commit 939cb14d51a. For the Linux 6.10
kernels just make sure it is set to the value previously
used by earlier kernels for compatibility.
William Cohen [Fri, 28 Jun 2024 18:52:16 +0000 (14:52 -0400)]
Update pmap_agg_overflow.stp to work with Linux 6.10 kernels
The Linux kernel renamed scheduler_tick() to sched_tick()
in git commit 86dd6c04ef9f213e. Adjusted pmap_agg_overflow.stp
to allow the use of either name.
William Cohen [Fri, 28 Jun 2024 15:59:28 +0000 (11:59 -0400)]
Update list of semok tests that do not work with the Dyninst backend
There were a couple of newer semok tests that use kernel specific
probes and/or tapset functions that will not build with the Dyninst
backend. Those are now marked to be KFAIL to accurately reflect
the test results we expect.
William Cohen [Fri, 28 Jun 2024 15:54:15 +0000 (11:54 -0400)]
Update list of buildok tests that do not work with the Dyninst backend
There were a number of newer buildok tests that use kernel specific
probes and/or tapset functions that will not build with the Dyninst
backend. Those are now marked to be KFAIL to accurately reflect
the test results we expect.
William Cohen [Wed, 26 Jun 2024 20:55:23 +0000 (16:55 -0400)]
Update ioblock.stp tapset for Linux 5.11 and newer kernels
The Linux 5.11 kernels removed the $q argument from a number of block
io tracepoints. The tapset has been adjusted to obtain the $q
information via alternative means. The newer kernels have also
removed the bi_phys_segments field from the struct bio (Linux kernel
git commit 14ccb66b3f585). The ioblock.stp tapset now uses the
bi_vcnt field as an approximate representation of that value.
William Cohen [Tue, 25 Jun 2024 02:52:32 +0000 (22:52 -0400)]
Update dev.stp tapset for Linux 6.10
Linux 6.10 changes how the partition number is stored in struct block_device.
Linux kernel git commit 1116b9fa15c097 puts the partition number in the lower
8 bits of the __bd_flags and uses an accessor function to obtain it. The
dev.stp tapset has been adjusted to work with this newer data structure.
William Cohen [Wed, 5 Jun 2024 23:39:28 +0000 (07:39 +0800)]
RISCV registers.stp tapset updated to eliminate -Werror=missing-prototypes error
A number of systemtap scripts running on RISCV would get errors
messages about no previous prototype for
'_stp_regs_get_kernel_stack_nth_addr'. The RISCV registers.stp
tapset has been adjusted to eliminate those errors.
tonyj@suse.de [Tue, 18 Jun 2024 16:52:15 +0000 (09:52 -0700)]
sym.c: fix module_kallsyms_on_each_symbol not exported
module_kallsyms_on_each_symbol has never been exported (as noted by 33fae2d0107f ("This one seems simply like a non-export").
If kallsyms_on_each_symbol is exported (a revert of upstream in our
SLES case) then '!defined(STAPCONF_KALLSYMS_ON_EACH_SYMBOL_EXPORTED)'
is false and the local definition of module_kallsyms_on_each_symbol is
skipped.
This results in:
ERROR: modpost: "module_kallsyms_on_each_symbol" undefined!
Fixes: 33fae2d0107fb6166b4eac3fdffd277829849ab0 Signed-off-by: Tony Jones <tonyj@suse.de>
William Cohen [Wed, 5 Jun 2024 19:38:54 +0000 (15:38 -0400)]
Disable liveness analysis for kernels with CONFIG_MITIGATION_RETPOLINE=y
The upstream linux git commit aefb2f2e619b6c334bc renames
CONFIG_RETPOLINE to CONFIG_MITIGATION_RETPOLINE. The systemtap
code needs to look for CONFIG_MITIGATION_RETPOLINE setting in addition
to CONFIG_RETPOLINE and disable the liveness analysis if either one
is set.
William Cohen [Tue, 4 Jun 2024 13:46:41 +0000 (09:46 -0400)]
Address changes in Linux 6.10 /include/linux/vmalloc.h
Upstream linux kernel git commit 88ae5fb755b0d contains a number of
changes in /include/linux/vmalloc.h that affect vmalloc, vmalloc_node,
and vzalloc_node definitions. These are no longer functions but
macros and cannot be found in the list of symbols exported by the
kernel. Support for vzalloc, vmalloc_node, and vzalloc_node has been
in kernels since Linux 2.6.37. Given that systemtap requires Linux
3.10 or newer there is no longer a need to check for the existence of
these functions or provide local versions of them.
William Cohen [Mon, 3 Jun 2024 19:46:49 +0000 (15:46 -0400)]
Avoid -Werror=empty-body errors from runtime/linux/uprobes-inode.c
Newer linux kernel compiles are being built with -Werror=empty-body.
For some modules generated runtime/linux/uprobes-inode.c is pulled in
and will get error messages like the following:
In file included from /tmp/stapGIM4O9/stap_ded21c54fce18c6570a8930d823aca3a_10928_src.c:2439:
/home/wcohen/systemtap_write/install/share/systemtap/runtime/linux/uprobes-inode.c: In function 'stapiu_change_semaphore_plus':
/home/wcohen/systemtap_write/install/share/systemtap/runtime/linux/uprobes-inode.c:795:5: error: suggest braces around empty body in an 'else' statement [-Werror=empty-body]
795 | ; // already unlocked
| ^
cc1: all warnings being treated as errors
Added "{}" in the appropriate location to indicate to the compiler
that this is intentional.
William Cohen [Mon, 3 Jun 2024 18:40:04 +0000 (14:40 -0400)]
Avoid -Werror=old-style-declaration for stap_probes array in generated kernel modules
With newer linux kernels additional compilers checks are being done
and will get error messages like the following for the generated
module:
/tmp/stapuundLy/stap_2755fca707746de04395c85872aae4b8_1753_src.c:111:1: error: 'static' is not at beginning of declaration [-Werror=old-style-declaration]
111 | } static stap_probes[];
| ^
cc1: all warnings being treated as errors
Tweaked the code generation in translate.cxx to output the static
stap_probes array in a form that is agreeable to newer kernel builds.
William Cohen [Thu, 9 May 2024 15:20:36 +0000 (11:20 -0400)]
PR31699: Eliminate kernel UBSAN messages
Fedora 39 linux 6.8.8 and recent rawhide kernels enabled UBSAN
(Undefined Behavior Sanity) checks. The systemtap map runtime would
get UBSAN array-index-out-of-bounds checks in the dmesg output because
the dynamically allocated MAP struct is variable sized and did not
have the proper attribute describing the size of the member at the end
of the struct. A similar fix to struct addr_map was also made.
William Cohen [Mon, 6 May 2024 15:36:42 +0000 (11:36 -0400)]
Support kernels that backported kallsym functions from newer linux kernels
Some Linux distributions may have backported
module_kallsyms_on_each_symbol and kallsyms_on_each_symbol functions
from newer linux kernels. In these situations checking the kernel
version would not detect the proper arguments for these functions.
Systemtap now has a couple of autoconf tests to determine what
arguments should be used for these functions.
Suppress -Wdangling-pointer for a construct that appears valid, but
one particular GCC snapshot version complains about.
In constructor ‘symresolution_info::symresolution_info(systemtap_session&, bool)’,
inlined from ‘int semantic_pass_symbols(systemtap_session&)’ at ../systemtap/elaborate.cxx:1872:28:
../systemtap/elaborate.cxx:2659:21: error: storing the address of local variable ‘sym’ in ‘*s.systemtap_session::symbol_resolver’ [-Werror=dangling-pointer=]
2659 | s.symbol_resolver = this; // save resolver for early PR25841 function resolution
| ~~~~~~~~~~~~~~~~~~^~~~~~
../systemtap/elaborate.cxx: In function ‘int semantic_pass_symbols(systemtap_session&)’:
../systemtap/elaborate.cxx:1872:22: note: ‘sym’ declared here
1872 | symresolution_info sym (s);
| ^~~
../systemtap/elaborate.cxx:1870:43: note: ‘s’ declared here
1870 | semantic_pass_symbols (systemtap_session& s)
| ~~~~~~~~~~~~~~~~~~~^
cc1plus: all warnings being treated as errors
William Cohen [Fri, 26 Apr 2024 15:20:27 +0000 (11:20 -0400)]
PR31597: Allow time for data in buffers to be read out before shutdown
On SystemTap scripts using the -c <command> option some data was
dropped from the output. This was observed with sporadic failures of
the *syscall.exp tests. The process of shutting down the transport
layer moving data from the kernel- to user-space was not allowing time
for data to be completely drained from the buffers. A delay has been
added in the shutdown process to provided the needed time to drain the
buffers.
Martin Cermak [Fri, 26 Apr 2024 15:09:45 +0000 (17:09 +0200)]
PR30321 Privilege separation if invoked as root
Provide new command line switch 'stap --build-as' that allows for
running passes 1-4 under an unprivileged user. In case this switch
is specified, systemtap forks and runs passes 1-4 under the specified
user. At the RPM install time a new user 'stapunpriv' is created, and
can be used with 'stap --build-as=stapunpriv'. If '--build-as' isn't
specified, systemtap behaves the traditional way, no forking happens.
This commit is a preparatory step. Further work is supposed to happen
so that the privilege separation brings a true improvement from the
security perspective.
Error: attempt to subscript container with out-of-bounds index 1, but
container only holds 1 elements.
Objects involved in the operation:
sequence "this" @ 0x7fffffff8e70 {
type = std::debug::vector<bool, std::allocator<bool> >;
}
This is caused by an incorrectly sized vector in
c_unparser::visit_functioncall. Fix this by ensuring that
the vector cp_args has a size equal to the number of arguments
of the functioncall being visited.
loc2stap.cxx: Add partial support for DW_OP_bra in DWARF location lists
Add support for DW_OP_bra when operand is non-negative. Previously
systemtap would quit probe translation if DW_OP_bra was seen in a
DWARF location list.
Tested manually on RHEL 8.9 with kernel 4.18.0-513.24.1.el8_9.x86_64.
Scripts containing a vfs.read probe require DW_OP_bra support when
run with this kernel.
Support for DW_OP_bra negative operands continues to be deferred due
to lack of use as well as being more complex to implement.
William Cohen [Tue, 23 Apr 2024 16:11:54 +0000 (12:11 -0400)]
Update the include files with exit reasons in kvm_service_time.stp
The Linux git commit af170c5061dd moved the location of the include
files with the SMV_EXIT_* and EXIT_REASON_* defines from
linux/arch/x86/include/asm to linux/arc/x86/include/uapi/asm. The
kvm_service_time.stp has been updated to print out the current include
files names so a user of the kvm_service_time.stp example script has
an easier time mapping the exit reason numbers reported to the
defines.
William Cohen [Wed, 17 Apr 2024 14:08:52 +0000 (10:08 -0400)]
Make probing NFSD V2 probe points optional in buildok/nfsd-detailed.stp test
Newer kernels have removed NFSD V2 suport (CONFIG_NFSD_V2 is not set).
The nfsd.proc2.* probes need to be made optional as those probe
points are not available.
William Cohen [Wed, 17 Apr 2024 13:48:40 +0000 (09:48 -0400)]
Update the nfs.stp tapset for NFS folio support
The addition of folio support to NFS in the Linux kernel has changed
some of the functions that are available for NFS operations. Probes
for those new functions (nfs_read_folio and nfs_readahead) were added.
The nfs tapset has to be a bit more flexible in which functions are
available and the probes are optional to allow wildcards to continue
to work. The way count were obtained for nfs.fop.read_iter and
nfs.fop.write operations were also updated.
William Cohen [Fri, 19 Apr 2024 13:58:10 +0000 (09:58 -0400)]
Use different kernel code to exercise functioncallcount.stp example
Switching the functioncallcount.stp example from counting functions in
the memory management subsystem ("*@mm/*.c") to counting functions in
the file system ("*@fs/*.c"). On some machines such as ppc64 and
arm64 wholesale probing all the functions in memory managent subsystem
has been problematic.
William Cohen [Tue, 16 Apr 2024 16:46:39 +0000 (12:46 -0400)]
Avoid redefinition of S390 PSW_ADDR_AMODE and PSW_ADDR_INSN in newer kernels
Only define PSW_ADDR_AMODE and PSW_ADDR_INSN if they are undefined.
The following Linux kernel git commit (b8af5999779d1) moved the definition of
PSW_ADDR_AMODE and PSW_ADDR_INSN from arch/s390/include/uapi/asm/ptrace.h
to arch/s390/include/asm/ptrace.h causing an error as both runtime/regs.h and
arch/s390/include/asm/ptrace.h headers were defining them:
Author: Heiko Carstens <hca@linux.ibm.com> 2023-06-21 07:35:43
Committer: Alexander Gordeev <agordeev@linux.ibm.com> 2023-07-03 05:19:39
Parent: 6376402841e1fa6f1c5b7604abc9c746a84c715a (s390/ptrace: remove PSW_DEFAULT_KEY from uapi)
Child: b378a982614360686f45c3e6b63fd5d1acd02d08 (s390: include linux/io.h instead of asm/io.h)
Branches: master, remotes/origin/master
Follows: v6.4
Precedes: v6.5-rc1
s390/ptrace: make all psw related defines also available for asm
Use the _AC() macro to make all psw related defines also available for
assembler files.
Acked-by: Alexander Gordeev <agordeev@linux.ibm.com> Signed-off-by: Heiko Carstens <hca@linux.ibm.com> Signed-off-by: Alexander Gordeev <agordeev@linux.ibm.com>
William Cohen [Wed, 3 Apr 2024 17:51:27 +0000 (13:51 -0400)]
Update nfsd.stp tapset to work with Linux 6.1 and newer kernels
The kernel git commit 0cfb0c4228a5c8e2 uses the
DEFINE_PROC_SHOW_ATTRIBUTE macro which creates another function
nfsd_open() in fs/nfsd/stats.c in addition to nfsd_open() in
fs/nfsd/vfs.c. This new function has a completely different purpose
and different set of arguments than the original. When the nfsd.stp
tapset tries to instrument this new nfsd_open() it cannot find the
expected arguments. Systemtap scripts probing the nfsd_open()
function such as the nfsd-recent.stp example failed to build as a
result. The tapset now restricts the probing to
nfsd_open@fs/nfsd/vfs.c, the original nfsd_open() function.
William Cohen [Sun, 31 Mar 2024 00:56:36 +0000 (20:56 -0400)]
Update memory.stp tapset to allow the vm.tracepoints.stp example to work
Due to kernel git commits 71baba4b92dc1 (renaming __GFP_WAIT to
__GFP_RECLAIM) and 2c1d697fb8ba6 (changing the kmem_cache_alloc
tracepoint arguments) the memory.stp tapset needed some adjustments to
enable the SystemTap tracepoints.stp example to continue to work with
newer kernels.
William Cohen [Fri, 29 Mar 2024 18:28:21 +0000 (14:28 -0400)]
Adjust hugepage_cow_delays.stp to work with newer kernels
Kernel git commit c0e8150e144b6 changed the function handling the
copy-on-write operations for hugepages from copy_user_huge_page to
copy_user_large_folio. Made hugepage_cow_delays.stp use the new
function name when it is available.
William Cohen [Fri, 22 Mar 2024 14:29:49 +0000 (10:29 -0400)]
PR31500: Never allow probing of kernel __init or __kprobes functions
When guru mode was used it was possble to get systemtap to instrument
kernel functions marked with __init or __kprobes. By the time that
systemtap instrumentation is being loaded a kernel __init marked
functions has already run and may be in a section of memory that has
been freed up. At best this probe will never trigger. At worst the
registration of the probe will cause a memory fault causing the
process to be killed. Also probes shouldn't be allowed on __kprobes
functions as a rule.
William Cohen [Wed, 20 Mar 2024 14:24:53 +0000 (10:24 -0400)]
Remove unneeded guru mode option from poll_map.exp
Guru mode should only be used when it is really needed to allow the
systemtap script change program state or disable some safety check or
black list exclusions. With guru mode enabled on a particular machine
this test would attempt to probe
kernel.function("vfs_caches_init").call, an initialization function on
a page that would would later freed. The script would get page fault
when attempting to install the kprobe for this function.
William Cohen [Tue, 19 Mar 2024 20:09:52 +0000 (16:09 -0400)]
Allow systemtap --target-namespace=PID option to work with Intel IBT
On Intel systemtap with IBT the systemtap runtime code to implement
--target-namespace=PID would cause a trap to occur. The runtime
indirect calls are now properly wrapped and will execute without issue
on machines supporting Intel IBT.
There are other things that objtool is doing in addition to checking
user accesses and disabling objtool with newer RHEL9
5.14.0-428.el9.x86_64 causes the system to reboot when setting up some
tracepoint probes (PR30472).
William Cohen [Thu, 7 Mar 2024 18:44:06 +0000 (13:44 -0500)]
PR30716: Turn off objtool warnings on systemtap instrumentation modules
The previous approaches to turning off the objtool warnings did not
work for x86_64 RHEL9. The systemtap generated code is not on the
whitelist to use certain kernel functions. The additional objtool
warning output mentioning the systemtap code using those functions
with UACCESS enabled caused a number of the tests in the testsuite to
fail. The generated Makefile now includes a line to turn off running
objtool on the systemtap generated module and eliminates those
warnings.
William Cohen [Mon, 4 Mar 2024 21:27:18 +0000 (16:27 -0500)]
PR31117: Correct handling of transport layer allocated memory
The _stp_print_flush() code was not correct. There are four possible
ranges of values compared to the header size (hlen)
_stp_data_write_reserve() could return when beginning to write out
log:
<0 unable to allocate any space
<hlen pad out the allocated space and try another allocation
==hlen just enough space for the initial header
>hlen write out the header and some portion of log
The case where the space allocated was equal size of the header
(==hlen) was not handled correctly. In the cases where there was only
enough room to write the header the _stp_transport_failures variable
was incremented and none of the log data was written out. The correct
course of action in these cases would be to write the header out in
the allocated space and start looping to write the rest of the log
data.
William Cohen [Wed, 28 Feb 2024 15:43:51 +0000 (10:43 -0500)]
PR31404: Make tracepoint queries work with gcc14
The Fedora rawhide Linux 6.8 kernels are built with gcc14 and include
-Wmissing-prototypes in the CFLAGS options. When building the
kernel modules to query the available tracepoints errors occur
resulting in kernel tracepoints being found. The fix is to
include a function declaration before the function definition
in the DECLARE_TRACE macro.
William Cohen [Tue, 20 Feb 2024 14:22:34 +0000 (09:22 -0500)]
Get SHM_* flag defines from the appropriate include file for Linux 6.8 kernels
Linux git commit bc46ef3cea3d6f6 removed the include/uapi/linux/shm.h
from include/linux/shm.h. For the newer Linux 6.8 kernels need to get
SHM_* defines directly from include/uapi/linux/shm.h.
William Cohen [Thu, 15 Feb 2024 20:01:53 +0000 (15:01 -0500)]
PR19360: Correct lwtools fslatency-nd.stp and fsslower-nd.stp
Reviewed examples to ensure that the entry value for a function
argument is used for function return probes. Found that
__vfs_write.return probes aliases were missing ".return" and needed an
@entry() for the argument fetch in fslatency-nd.stp and
fsslower-nd.stp.
William Cohen [Wed, 14 Feb 2024 14:33:30 +0000 (09:33 -0500)]
PR31373: Deal with the removal of strlcpy() from linux 6.8
The Linux 6.8 kernels removed strlcpy() with git commit d26270061a in
January 2024. All the kernel's strlcpy() uses were converted to
strscpy(). Systemtap needed to do the same. This is implemented in
systemtap with a strlcpy macro in the runtime that translates the
strscpy() return value into the equivalent strlcpy() value.
William Cohen [Mon, 5 Feb 2024 19:37:18 +0000 (14:37 -0500)]
Update the aux_syscall.stp tapset to directly include <uapi/linux/wait.h>
The linux kernel git commit 6dfeff09d5ad33190 removes the include for
<uapi/linux/wait.h> from <linux/wait.h>. The kernel has had
<uapi/linux/wait.h> header for over a dozen years (kernel git commit 607ca46e97a1b65) and systemtap should just use that directly. The
downside of this change is that systemtap will require a Linux 3.7 or
newer kernel.
William Cohen [Thu, 1 Feb 2024 18:31:43 +0000 (13:31 -0500)]
Fix tast_start_time for newer kernels
Kernel git commit cf25e24db61cc9d renames real_start_time member of
the task_struct to start_boottime. The task_start_time function needs
to be adjusted to handle this new name.
a) fopen@@GLIBC_2.2.5 exists in the updated symtab
b) fopen does not exist in the updated symtab
This PR is to add a version info padding when symbol cannot be found in
the updated symtab, so systemap can support searching symbol aliases like
this:
$ stap -L 'process("/lib64/libc.so.6").function("fopen")'
# And with wildcard, like this
$ stap -L 'process("/lib64/libc.so.6").function("fo*en")'
git://sourceware.org / systemtap.git / log