systemtap 4.7 release
From: Frank Ch. Eigler
Date: Mon May 02 2022 - 14:23:55 EST
The SystemTap team announces release 4.7
Enhancements to this release include: a new stap-profile-annotate
tool, a new --sign-module module signing option, -d is now implied for
processes specified with -c/-x
= Where to get it
https://sourceware.org/systemtap/ - our project page
https://sourceware.org/systemtap/ftp/releases/
https://koji.fedoraproject.org/koji/packageinfo?packageID=615
git tag release-4.7 (commit 0c335a75a789ff44b514e567d458881e15cc283d)
There have been over 105 commits since the last release.
There have been 17+ bugs fixed / features added since the last release.
= SystemTap frontend (stap) changes
- Regular expressions may now include non capturing groups, e.g.
(abc) matches abc and \1 expands to abc.
(?:abc) matches abc but does no grouping.
- Validate sprintf precision parameter. Check for case where a
precision=-1 sentinel value got interpreted as UINT_MAX.
- The -d option is now implied for -c/-x. The symbol and unwind
information for processes specified with -c/-x is now included.
- Avoid a dtrace race condition when generating the same file. This can
occur when different targets happen to map to the same file.
= SystemTap backend changes
- Set default per-cpu buffer size (stap -s) to 16MB and repair -b bulk-mode
operation and performance.
- Fix runtime VMA-tracking timing to give symbol info to early-process probes.
- Improve synchronization when multiple stap modules are being loaded.
- Add the --sign-module option to enable users to mok sign their own modules
e.g. stap --sign-module -e 'SCRIPT'
will sign the module, assuming there is a common systemtap mok key.
- Add stap-profile-annotate tool, which combines systemtap and
debuginfod to annotate source code with system-wide profiling statistics.
- Continue probing without doing liveness analysis for situations
where liveness analysis does not succeed.
= SystemTap tapset changes
- Add probes for python function entry and python function return.
- Attempt userspace string access if kernel access fails for some $variables$.
- Support the memfd_secret and faccessat2 syscalls and update support for
the sched_getattr, setns, sigpending, vmsplice, adjtimex syscalls.
- Correct nfs-related tapsets for more context variable accesses.
= SystemTap sample scripts
- All 180+ examples can be found at https://sourceware.org/systemtap/examples/
- New sample scripts:
security-band-aids/cve-2021-4034.stp
security-band-aids/cve-2021-4155.stp
Historical emergency security band-aid scripts for example purposes only
= Examples of tested kernel versions
2.6.32 (RHEL6 x86_64, i686)
3.10.0 (RHEL7 x86_64)
4.15.0 (Ubuntu 18.04 x86_64)
4.18.0 (RHEL8 x86_64, aarch64, ppc64le, s390x)
5.14.0 (CentOS Stream release 9 x86_64 / aarch64 / ppc64le)
5.14.16 (Fedora 34 x86_64)
5.16.14 (Fedora 35 x86_64)
5.17.3 (Fedora 36 x86_64)
5.18-rc (Fedora rawhide x86_64)
= Known issues with this release
- There are intermittent buffer transmission failures for high-trace-rate
scripts. Bulk mode (stap -b) helps. (PR29108)
- There are known issues on kernel 5.10+ after adapting to set_fs()
removal, with some memory accesses that previously returned valid data
instead returning -EFAULT (see PR26811).
= Contributors for this release
Sultan Alsawaf, *Marco Benatto, Martin Cermak, Di Chen, William Cohen, Stan Cox,
Frank Ch. Eigler, *Dann Frazier, Serhei Makarov, Aaron Merey, *Noah Sanci,
*Jonathan Wakely
Special thanks to new contributors, marked with '*' above.
Thanks to Stan Cox for assembling these notes.
= Bugs fixed for this release <https://sourceware.org/PR#####>
26184 fullpath_struct_file does not handle struct dentry on 5.6.19-300.fc32.x86_64
28394 Systemtap 4.6 on Centos 8.4/4.18 kernel died in nfsd-trace example
28418 Add support for new syscall memfd_secret
28557 unable to probe function in kernel module (xfs:xfs_ilock &others?)
28633 examples/io/iostat-scsi.stp needs porting for kernel 5.16.0-0.rc2
28634 ioscheduler.stp broken with new kernel 5.16.0-0.rc2
28767 Unable to run script on Ubuntu 20.04
28778 printf() generated code causes GCC errors
28781 make -c/-x imply -d
28788 consider low-security stap-server-less secureboot mode
28790 Replace deprecated C++98 constructs with lambdas
28804 reduce default buffer sizes on small memory machines
28830 GCC 12 warnings
28923 dtrace predictable temp file causes race
28974 runtime event misordering between vma tracker and probe triggering
29076 user_string_quoted() doesn't properly generate strings in .rodata on x86_64
28958 Current git + RHEL (4.18.0) has 3 working NFSd examples, and one broken.
29028 Linux 5.18.0 kernels changed struct kretprobe_instance member fields
29094 rpm_finder.cxx build broken by rpm-4.18.0-0.alpha1 moving rpmFreeCrypto