MSVSphere Packaging Team
11 months ago
parent
6faf7e72d3
commit
d8441ada6e
@ -1 +1 @@
|
||||
SOURCES/systemtap-4.9.tar.gz
|
||||
SOURCES/systemtap-5.0.tar.gz
|
||||
|
||||
@ -1 +1 @@
|
||||
7ba2ad579a5ba66ccfd36ad6df0896c9e136f9e9 SOURCES/systemtap-4.9.tar.gz
|
||||
f44f1853ddd462ac97b2c7c4b3a9434440d9d9c2 SOURCES/systemtap-5.0.tar.gz
|
||||
|
||||
@ -0,0 +1,59 @@
|
||||
commit 0fef0bd60ff4b359a32da52262855dfe82fe51ae
|
||||
gpg: Signature made Tue 14 Nov 2023 03:20:12 PM EST
|
||||
gpg: using RSA key 4B35DCD2EA45C4E0783135BC8094BE9C9F4696A1
|
||||
gpg: Can't check signature: No public key
|
||||
Author: Yichun Zhang (agentzh) <yichun@openresty.com>
|
||||
Date: Fri Nov 10 21:51:56 2023 -0800
|
||||
|
||||
PR31051: memory and uprobe leaks in early uprobe registraton code when errors happen
|
||||
|
||||
diff --git a/runtime/linux/uprobes-inode.c b/runtime/linux/uprobes-inode.c
|
||||
index 997f4528d..289cce00b 100644
|
||||
--- a/runtime/linux/uprobes-inode.c
|
||||
+++ b/runtime/linux/uprobes-inode.c
|
||||
@@ -529,6 +529,16 @@ stapiu_init(struct stapiu_consumer *consumers, size_t nconsumers)
|
||||
}
|
||||
|
||||
if (unlikely(ret != 0)) {
|
||||
+ for ( ;; ) {
|
||||
+ struct stapiu_consumer *c = &consumers[i];
|
||||
+ // protect against conceivable stapiu_refresh() at same time
|
||||
+ mutex_lock(& c->consumer_lock);
|
||||
+ stapiu_consumer_unreg(c);
|
||||
+ mutex_unlock(& c->consumer_lock);
|
||||
+ if (i == 0)
|
||||
+ break;
|
||||
+ i--;
|
||||
+ }
|
||||
return ret;
|
||||
}
|
||||
|
||||
@@ -545,7 +555,27 @@ stapiu_init(struct stapiu_consumer *consumers, size_t nconsumers)
|
||||
break;
|
||||
}
|
||||
}
|
||||
- return ret;
|
||||
+
|
||||
+ if (unlikely(ret != 0)) {
|
||||
+ int j;
|
||||
+ for (j = 0; j < nconsumers; ++j) {
|
||||
+ struct stapiu_consumer *c = &consumers[j];
|
||||
+ // protect against conceivable stapiu_refresh() at same time
|
||||
+ mutex_lock(& c->consumer_lock);
|
||||
+ stapiu_consumer_unreg(c);
|
||||
+ mutex_unlock(& c->consumer_lock);
|
||||
+ }
|
||||
+ for ( ;; ) {
|
||||
+ struct stapiu_consumer *c = &consumers[i];
|
||||
+ stap_cleanup_task_finder_target(&c->finder);
|
||||
+ if (i == 0)
|
||||
+ break;
|
||||
+ i--;
|
||||
+ }
|
||||
+ return ret;
|
||||
+ }
|
||||
+
|
||||
+ return 0;
|
||||
}
|
||||
|
||||
|
||||
@ -0,0 +1,147 @@
|
||||
commit b84a5e8c2c5a857c0790a71df7824259a95131cf
|
||||
Author: William Cohen <wcohen@redhat.com>
|
||||
Date: Mon Dec 4 11:28:10 2023 -0500
|
||||
|
||||
PR31074: Ensure that the set_kernel_string* functions limit their writes
|
||||
|
||||
Both the set_kernel_string and set_kernel_string_n function use the
|
||||
underlying _stp_store_deref_string_ function to write strings. There
|
||||
were two issues with the this function:
|
||||
|
||||
1) wrote MAXSTRINGLEN bytes even if string was shorter
|
||||
2) null write at end could spill past end of buffer
|
||||
|
||||
The first issue was addressed by stopping to write once a null
|
||||
character is encountered. The second issue is a side effect of C
|
||||
implicit promotion of character constants to ints and was addressed by
|
||||
explicitlying casting the character constants as a char.
|
||||
|
||||
The pr31074.exp test was added to verify that the write length are
|
||||
limited to string length and the null write does not go beyond the end
|
||||
of the buffer.
|
||||
|
||||
diff --git a/runtime/linux/loc2c-runtime.h b/runtime/linux/loc2c-runtime.h
|
||||
index 68fbe2ab6..663360293 100644
|
||||
--- a/runtime/linux/loc2c-runtime.h
|
||||
+++ b/runtime/linux/loc2c-runtime.h
|
||||
@@ -1007,11 +1007,14 @@ static inline int _stp_store_deref_string_(char *src, void *addr, size_t len,
|
||||
{
|
||||
for (i = 0; i < len - 1; ++i)
|
||||
{
|
||||
+ if (*src == '\0')
|
||||
+ break;
|
||||
err = __stp_put_either(*src++, (u8 *)addr + i, seg);
|
||||
if (err)
|
||||
goto out;
|
||||
}
|
||||
- err = __stp_put_either('\0', (u8 *)addr + i, seg);
|
||||
+ /* PR31074: cast (char) '\0' to make sure right size */
|
||||
+ err = __stp_put_either((char) '\0', (u8 *)addr + i, seg);
|
||||
}
|
||||
|
||||
out:
|
||||
diff --git a/testsuite/systemtap.base/pr31074.exp b/testsuite/systemtap.base/pr31074.exp
|
||||
new file mode 100644
|
||||
index 000000000..5b382b789
|
||||
--- /dev/null
|
||||
+++ b/testsuite/systemtap.base/pr31074.exp
|
||||
@@ -0,0 +1,5 @@
|
||||
+# Check that the set_kernel_* functions work correctly.
|
||||
+
|
||||
+set test "pr31074"
|
||||
+
|
||||
+stap_run $test no_load $all_pass_string -g $srcdir/$subdir/$test.stp
|
||||
diff --git a/testsuite/systemtap.base/pr31074.stp b/testsuite/systemtap.base/pr31074.stp
|
||||
new file mode 100644
|
||||
index 000000000..930c276b5
|
||||
--- /dev/null
|
||||
+++ b/testsuite/systemtap.base/pr31074.stp
|
||||
@@ -0,0 +1,88 @@
|
||||
+/*
|
||||
+ * pr31074.stp
|
||||
+ *
|
||||
+ * Check that the set_kernel_string function work correctly.
|
||||
+ */
|
||||
+
|
||||
+probe begin { println("systemtap starting probe") }
|
||||
+probe end { println("systemtap ending probe") }
|
||||
+
|
||||
+global errors = 0
|
||||
+
|
||||
+function assert_string(test, expected, value)
|
||||
+{
|
||||
+ if (value == expected)
|
||||
+ return 1
|
||||
+ printf("systemtap test failure - %s: expected \"%s\", got \"%s\"\n",
|
||||
+ test, expected, value)
|
||||
+ errors++
|
||||
+ return 0
|
||||
+}
|
||||
+
|
||||
+function assert_not_reached(test)
|
||||
+{
|
||||
+ printf("systemtap test failure - %s: missing exception\n", test)
|
||||
+ errors++
|
||||
+}
|
||||
+
|
||||
+function assert_buffer_untouched(test, addr)
|
||||
+{
|
||||
+ if (!buffer_42(addr)) {
|
||||
+ printf("systemtap test failure - %s: buffer overwritten\n", test)
|
||||
+ errors++
|
||||
+ }
|
||||
+}
|
||||
+
|
||||
+
|
||||
+probe end(1)
|
||||
+{
|
||||
+ test = "set_kernel_string"
|
||||
+ addr3 = get_buffer3()
|
||||
+ addr2 = get_buffer2()
|
||||
+ if (assert_string(test, "", kernel_string(addr2))) {
|
||||
+ set_kernel_string(addr2, "bar")
|
||||
+ assert_string(test, "bar", kernel_string(addr2))
|
||||
+ }
|
||||
+ addr1 = get_buffer1()
|
||||
+ if (assert_string(test, "", kernel_string(addr1))) {
|
||||
+ set_kernel_string(addr1, "foo")
|
||||
+ assert_string(test, "foo", kernel_string(addr1))
|
||||
+ }
|
||||
+ /* now check to make sure that "bar" has not been overwritten */
|
||||
+ assert_string("no null overrun", "bar", kernel_string(addr2))
|
||||
+ assert_buffer_untouched("no overrun", addr3)
|
||||
+ if (!errors)
|
||||
+ println("systemtap test success")
|
||||
+}
|
||||
+
|
||||
+%{
|
||||
+ static char buffer_x[4+4+MAXSTRINGLEN];
|
||||
+%}
|
||||
+
|
||||
+function get_buffer1:long () %{
|
||||
+ static char *buffer1 = &(buffer_x[0]);
|
||||
+ memset(buffer1, 0, 4);
|
||||
+ STAP_RETVALUE = (long)buffer1;
|
||||
+%}
|
||||
+
|
||||
+function get_buffer2:long () %{
|
||||
+ static char *buffer2 = &(buffer_x[4]);
|
||||
+ memset(buffer2, 0, 4);
|
||||
+ STAP_RETVALUE = (long)buffer2;
|
||||
+%}
|
||||
+
|
||||
+function get_buffer3:long () %{
|
||||
+ static char *buffer3 = &(buffer_x[8]);
|
||||
+ memset(buffer3, 42, MAXSTRINGLEN);
|
||||
+ STAP_RETVALUE = (long)buffer3;
|
||||
+%}
|
||||
+
|
||||
+function buffer_42:long (addr:long) %{
|
||||
+ int i;
|
||||
+ char *buffer3 = (char *)STAP_ARG_addr;
|
||||
+ STAP_RETVALUE = 1;
|
||||
+ for(i=0; i< MAXSTRINGLEN; ++i){
|
||||
+ if (buffer3[i] != 42)
|
||||
+ STAP_RETVALUE = 0;
|
||||
+ }
|
||||
+%}
|
||||
File diff suppressed because it is too large
Load Diff
@ -1,99 +0,0 @@
|
||||
commit 9839db5514a29cf4f58b3de8cc6155088be6d061
|
||||
gpg: Signature made Sat 12 Aug 2023 02:49:26 PM EDT
|
||||
gpg: using RSA key 5D38116FA4D3A7CC77E378D37E83610126DCC2E8
|
||||
gpg: Good signature from "Frank Ch. Eigler <fche@elastic.org>" [full]
|
||||
Author: Frank Ch. Eigler <fche@redhat.com>
|
||||
Date: Sat Aug 12 14:28:44 2023 -0400
|
||||
|
||||
PR30749: correct stap --sign-module timing
|
||||
|
||||
Previous code signed the temp directory copy, after it had already
|
||||
been copied into the cache -- so the signature never made it to a
|
||||
permanent artifact.
|
||||
|
||||
If the module was being fetched from the cache from a previous build
|
||||
run, a sign (re)attempt will still be done. This may not be
|
||||
necessary, but shouldn't be harmful.
|
||||
|
||||
Reported-By: Renaud Métrich <rmetrich@redhat.com>
|
||||
|
||||
diff --git a/main.cxx b/main.cxx
|
||||
index 06adb66ad..9f695cbd8 100644
|
||||
--- a/main.cxx
|
||||
+++ b/main.cxx
|
||||
@@ -1190,8 +1190,10 @@ passes_0_4 (systemtap_session &s)
|
||||
s.mok_fingerprints.clear();
|
||||
s.mok_fingerprints.push_back(mok_fingerprint);
|
||||
}
|
||||
- rc =
|
||||
- sign_module (s.tmpdir, s.module_filename(), s.mok_fingerprints, mok_path, s.kernel_build_tree);
|
||||
+ if (s.verbose)
|
||||
+ clog << _F("Signing %s with mok key %s", s.module_filename().c_str(), mok_path.c_str())
|
||||
+ << endl;
|
||||
+ rc = sign_module (s.tmpdir, s.module_filename(), s.mok_fingerprints, mok_path, s.kernel_build_tree);
|
||||
}
|
||||
#endif
|
||||
|
||||
@@ -1310,8 +1312,30 @@ passes_0_4 (systemtap_session &s)
|
||||
if (! s.use_script_cache && s.last_pass <= 4)
|
||||
s.save_module = true;
|
||||
|
||||
+#if HAVE_NSS
|
||||
+ // PR30749
|
||||
+ if (!rc && s.module_sign_given)
|
||||
+ {
|
||||
+ // when run on client as --sign-module, mok fingerprints are result of mokutil -l
|
||||
+ // when run from server as --sign-module=PATH, mok fingerprint is given by PATH
|
||||
+ string mok_path;
|
||||
+ if (!s.module_sign_mok_path.empty())
|
||||
+ {
|
||||
+ string mok_fingerprint;
|
||||
+ split_path (s.module_sign_mok_path, mok_path, mok_fingerprint);
|
||||
+ s.mok_fingerprints.clear();
|
||||
+ s.mok_fingerprints.push_back(mok_fingerprint);
|
||||
+ }
|
||||
+
|
||||
+ if (s.verbose)
|
||||
+ clog << _F("Signing %s with mok key %s", s.module_filename().c_str(), mok_path.c_str())
|
||||
+ << endl;
|
||||
+ rc = sign_module (s.tmpdir, s.module_filename(), s.mok_fingerprints, mok_path, s.kernel_build_tree);
|
||||
+ }
|
||||
+#endif
|
||||
+
|
||||
// Copy module to the current directory.
|
||||
- if (s.save_module && !pending_interrupts)
|
||||
+ if (!rc && s.save_module && !pending_interrupts)
|
||||
{
|
||||
string module_src_path = s.tmpdir + "/" + s.module_filename();
|
||||
string module_dest_path = s.module_filename();
|
||||
@@ -1327,29 +1351,11 @@ passes_0_4 (systemtap_session &s)
|
||||
}
|
||||
}
|
||||
|
||||
-#if HAVE_NSS
|
||||
- if (s.module_sign_given)
|
||||
- {
|
||||
- // when run on client as --sign-module, mok fingerprints are result of mokutil -l
|
||||
- // when run from server as --sign-module=PATH, mok fingerprint is given by PATH
|
||||
- string mok_path;
|
||||
- if (!s.module_sign_mok_path.empty())
|
||||
- {
|
||||
- string mok_fingerprint;
|
||||
- split_path (s.module_sign_mok_path, mok_path, mok_fingerprint);
|
||||
- s.mok_fingerprints.clear();
|
||||
- s.mok_fingerprints.push_back(mok_fingerprint);
|
||||
- }
|
||||
-
|
||||
- rc = sign_module (s.tmpdir, s.module_filename(), s.mok_fingerprints, mok_path, s.kernel_build_tree);
|
||||
- }
|
||||
-#endif
|
||||
-
|
||||
PROBE1(stap, pass4__end, &s);
|
||||
|
||||
return rc;
|
||||
}
|
||||
-
|
||||
+
|
||||
int
|
||||
pass_5 (systemtap_session &s, vector<remote*> targets)
|
||||
{
|
||||
@ -1,24 +0,0 @@
|
||||
commit ead30c04c7157fec194c0f6d81e5c51c99bf25cf
|
||||
gpg: Signature made Wed 24 May 2023 10:23:54 AM EDT
|
||||
gpg: using RSA key 5D38116FA4D3A7CC77E378D37E83610126DCC2E8
|
||||
gpg: Good signature from "Frank Ch. Eigler <fche@elastic.org>" [full]
|
||||
Author: Frank Ch. Eigler <fche@redhat.com>
|
||||
Date: Wed May 24 10:22:08 2023 -0400
|
||||
|
||||
PR30484: stap-report: scrape less of /sys /proc
|
||||
|
||||
Mainly: avoid process/busy parts like /proc/$pid.
|
||||
|
||||
diff --git a/stap-report b/stap-report
|
||||
index 217ddf840..3b3a1a258 100755
|
||||
--- a/stap-report
|
||||
+++ b/stap-report
|
||||
@@ -105,7 +105,7 @@ elif [ -f /var/log/packages ]; then
|
||||
run "cat /var/log/packages | egrep 'systemtap|elfutils|kernel|gcc|dyninst|java|byteman|avahi|nss|nspr|dejagnu' | sort -k9"
|
||||
fi
|
||||
run "egrep 'PROBE|RANDOMIZE|RELOC|TRACE|MARKER|KALLSYM|_DEBUG_|LOCKDEP|LOCKING|MODULE|FENTRY|_SIG|BPF' /lib/modules/`uname -r`/build/.config | grep -v not.set | sort | fmt -w 80"
|
||||
-run "find /debugfs /proc /sys /dev /sys/kernel/debug -type f -path '*kprobe*' -o -path '*yama*' 2>/dev/null | xargs grep -H ."
|
||||
+run "find /debugfs /proc/sys /sys/kernel /dev -type f -path '*kprobe*' -o -path '*yama*' 2>/dev/null | xargs grep -H ."
|
||||
run "lsmod"
|
||||
run "avahi-browse -r -t _stap._tcp"
|
||||
run "ifconfig -a"
|
||||
@ -1,64 +0,0 @@
|
||||
commit ab0c5c25509600b7c9cecc9e10baebc984082b50
|
||||
gpg: Signature made Fri 12 May 2023 11:18:18 AM EDT
|
||||
gpg: using RSA key 5D38116FA4D3A7CC77E378D37E83610126DCC2E8
|
||||
gpg: Good signature from "Frank Ch. Eigler <fche@elastic.org>" [full]
|
||||
Author: Frank Ch. Eigler <fche@redhat.com>
|
||||
Date: Fri May 12 11:13:45 2023 -0400
|
||||
|
||||
PR30442: failing optional statement probes should not trigger pass2 exceptions
|
||||
|
||||
In tapsets.cxx, query_cu() and query_module() aggressively caught &
|
||||
sess-print_error'd semantic_errors from subsidiary call sites. They
|
||||
are unaware of whether the probe in question is being resolved within
|
||||
an optional (? or !) context. Instead of this, they now simply let
|
||||
the exceptions propagate out to derive_probes() or similar, which does
|
||||
know whether exceptions are errors in that context. That means
|
||||
exceptions can propagate through elfutils iteration machinery too,
|
||||
perhaps risking C level memory leaks, but so be it.
|
||||
|
||||
This fix goes well beyond statement probes per se, but hand-testing
|
||||
and the testsuite appear not to show regressions related to this.
|
||||
|
||||
Added semok/badstmt.exp to test.
|
||||
|
||||
diff --git a/tapsets.cxx b/tapsets.cxx
|
||||
index 859160bc5..7b7107371 100644
|
||||
--- a/tapsets.cxx
|
||||
+++ b/tapsets.cxx
|
||||
@@ -2453,8 +2453,9 @@ query_cu (Dwarf_Die * cudie, dwarf_query * q)
|
||||
}
|
||||
catch (const semantic_error& e)
|
||||
{
|
||||
- q->sess.print_error (e);
|
||||
- return DWARF_CB_ABORT;
|
||||
+ // q->sess.print_error (e);
|
||||
+ throw;
|
||||
+ // return DWARF_CB_ABORT;
|
||||
}
|
||||
}
|
||||
|
||||
@@ -2696,8 +2697,9 @@ query_module (Dwfl_Module *mod,
|
||||
}
|
||||
catch (const semantic_error& e)
|
||||
{
|
||||
- q->sess.print_error (e);
|
||||
- return DWARF_CB_ABORT;
|
||||
+ // q->sess.print_error (e);
|
||||
+ // return DWARF_CB_ABORT;
|
||||
+ throw;
|
||||
}
|
||||
}
|
||||
|
||||
diff --git a/testsuite/semok/stmtbad.stp b/testsuite/semok/stmtbad.stp
|
||||
new file mode 100755
|
||||
index 000000000..06780790a
|
||||
--- /dev/null
|
||||
+++ b/testsuite/semok/stmtbad.stp
|
||||
@@ -0,0 +1,7 @@
|
||||
+#! /bin/sh
|
||||
+
|
||||
+exec stap -v -p2 -e 'probe oneshot {log("nothing") }
|
||||
+ probe process.statement("main@*:1")? { log("yo") }' -c stap
|
||||
+
|
||||
+# The optional misaddressed statement probe should let stap still
|
||||
+# succeed with the oneshot probe.
|
||||
Loading…
Reference in new issue