SystemTap release 4.8

From: Serhei Makarov
Date: Thu Nov 03 2022 - 18:02:03 EST

Next message: Philipp Hortmann: "Re: [PATCH][next] staging: rtl8192e: rtl819x_HTProc: make arrays const and one static"
Previous message: Ian Rogers: "Re: [PATCH v1 6/7] perf trace: 5sec fix libbpf 1.0+ compatibility"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

The SystemTap team announces release 4.8

Enhancements to this release include: kernel runtime improvements
on multi-CPU systems, python3 tapset support through python3.11,
tapset and template script for cve livepatching, bpf backend
embedded-code assembler improvements

= Where to get it

https://sourceware.org/systemtap/ - our project page
https://sourceware.org/systemtap/ftp/releases/
https://koji.fedoraproject.org/koji/packageinfo?packageID=615
git tag release-4.8 (commit b176afb2e49119ef844d193d27b0752a6d84fe8f)

There have been over 95 commits since the last release.
There have been 10+ bugs fixed / features added since the last release.

= SystemTap backend changes

- The kernel runtime now uses much less memory when the number of
"possible CPUs" are way more than the online ones. For example,
VMWare guests usually have 128 "possible CPUs" while fewer
CPUs are actually present or online in the guest system.

- The memory allocation size is now irrelevant to the value of
NR_CPUS of the current kernel. It is only subject to the number
of "possible CPUs" or "online CPUs".

- CPU hotplug is supported to the extent that there won't be any
kernel panics or memory corruptions.

= SystemTap frontend (stap) changes

- DWARF-related probes (.function, .statement) now merge DWARF and
non-DWARF symbol-table based matches, rather than being either-or.

- The bpf backend's embedded-code assembler has been improved to
support more conventional assembly syntax with named opcodes. The
opcode names are based on the iovisor bpf-docs documentation at
https://github.com/iovisor/bpf-docs/blob/master/eBPF.md

= SystemTap tapset changes

- A template cve band-aid script is now included, which demonstrates
how to use a new 'livepatch.stp' tapset to standardize activation,
interactive control, and monitoring of systemtap cve band-aids.

- The python3 tapset was extended to support python3 3.9, 3.10, and 3.11.
See stapprobes(3stap) for further details on probing python functions.

- New tapsets:

livepatch.stp
The new tapset for creating security band-aid scripts.

= SystemTap sample scripts

- All 180+ examples can be found at https://sourceware.org/systemtap/examples/

- New sample scripts:

general/pyexample.stp
Combined version of the py2example.stp and py3example.stp sample scripts.

security-band-aids/security-bandaid-template.stp
The new template for creating security band-aid scripts.

security-band-aids/cve-2016-0728-templatized.stp
security-band-aids/cve-2018-6485-templatized.stp
Example band-aid scripts based on the new template, for historical purposes only.

= Examples of tested kernel versions

2.6.32 (RHEL6 x86_64, i686)
4.18.0 (RHEL8 + CentOS Stream 8 x86_64, aarch64, ppc64le, s390x)
5.14.0 (RHEL9 + CentOS Stream 9 x86_64, aarch64, ppc64le, s390x)
5.19.9 (Fedora 35 x86_64)
5.19.16 (Fedora 36,37 x86_64)
6.0.0-rc5, 6.1.0-rc2, 6.1.0-rc3 (Fedora rawhide x86_64)

= Known issues with this release

- There are intermittent buffer transmission failures for high-trace-rate
scripts. Bulk mode (stap -b) helps. (see PR29108)

- There are known issues on kernel 5.10+ after adapting to set_fs()
removal, with some memory accesses that previously returned valid data
instead returning -EFAULT. (see PR26811)

= Contributors for this release

Sultan Alsawaf, Lumir Balhar*, Martin Cermak, William Cohen, Stan Cox,
Frank Ch. Eigler, Ryan Goldberg*, Serhei Makarov, Noah Sanci,
yaowenbin*, Yichun Zhang (agentzh)

Special thanks to new contributors, marked with '*' above.

= Bugs fixed for this release <https://sourceware.org/PR#####>

29676 wildcard function/symbol expansion inconsistent in debuginfo vs nondebuginfo cases
29246 sdt probes can fail inside a c++ method
27728 at_*.exp regressions (from bunsen data)
27730 abort.exp minor regressions (from bunsen data)
28634 ioscheduler.stp broken with new kernel 5.16.0-0.rc2
29037 Systemtap unable to find struct bitfield members for gcc11 compiled code
29507 update sample python interface tapset to rely on @cast auto context
29570 Standardized template stap script for security band-aids
29577 NULL pointer dereference in kernel tracepoint int3 execution
29661 default --rlimit-as is too small
29668 The make rpm target broken

Next message: Philipp Hortmann: "Re: [PATCH][next] staging: rtl8192e: rtl819x_HTProc: make arrays const and one static"
Previous message: Ian Rogers: "Re: [PATCH v1 6/7] perf trace: 5sec fix libbpf 1.0+ compatibility"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]