[Bug tapsets/15197] New: syscall.fork/nd_syscall.fork broken on rawhide kernels

[Bug tapsets/15197] New: syscall.fork/nd_syscall.fork broken on rawhide kernels

[dsmith at redhat dot com]

http://sourceware.org/bugzilla/show_bug.cgi?id=15197

             Bug #: 15197
           Summary: syscall.fork/nd_syscall.fork broken on rawhide kernels
           Product: systemtap
           Version: unspecified
            Status: NEW
          Severity: normal
          Priority: P2
         Component: tapsets
        AssignedTo: systemtap@sourceware.org
        ReportedBy: dsmith@redhat.com
    Classification: Unclassified


Because of the following kernel change, the 'regs' parameter was removed from
the do_fork kernel function.

====
commit 9977d9b379cb77e0f67bd6f4563618106e58e11d
Merge: cf4af01 541880d
Author: Linus Torvalds <torvalds@linux-foundation.org>
Date:   Wed Dec 12 12:22:13 2012 -0800

    Merge branch 'for-linus' of
git://git.kernel.org/pub/scm/linux/kernel/git/viro/signal

    Pull big execve/kernel_thread/fork unification series from Al Viro:
     "All architectures are converted to new model.  Quite a bit of that
      stuff is actually shared with architecture trees; in such cases it's
      literally shared branch pulled by both, not a cherry-pick.

      A lot of ugliness and black magic is gone (-3KLoC total in this one):

       - kernel_thread()/kernel_execve()/sys_execve() redesign.

         We don't do syscalls from kernel anymore for either kernel_thread()
         or kernel_execve():

         kernel_thread() is essentially clone(2) with callback run before we
         return to userland, the callbacks either never return or do
         successful do_execve() before returning.

         kernel_execve() is a wrapper for do_execve() - it doesn't need to
         do transition to user mode anymore.

         As a result kernel_thread() and kernel_execve() are
         arch-independent now - they live in kernel/fork.c and fs/exec.c
         resp.  sys_execve() is also in fs/exec.c and it's completely
         architecture-independent.

       - daemonize() is gone, along with its parts in fs/*.c

       - struct pt_regs * is no longer passed to do_fork/copy_process/
         copy_thread/do_execve/search_binary_handler/->load_binary/do_coredump.

       - sys_fork()/sys_vfork()/sys_clone() unified; some architectures
         still need wrappers (ones with callee-saved registers not saved in
         pt_regs on syscall entry), but the main part of those suckers is in
         kernel/fork.c now."
====

Handling the change correctly has some interesting wrinkles. Besides just
providing 'regs' as a convenience variable, the 'syscall.fork' probe alias
looks at 'regs' to determine if this is really a fork_kernel_thread, fork,
vfork, or clone call.

In addition, the nd_syscall.fork probe alias won't know if the 'regs' variable
is there or not. A kernel version check might be needed here.

We may need to probe at at different point to solve this correctly.

-- 
Configure bugmail: http://sourceware.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.

[Bug tapsets/15197] syscall.fork/nd_syscall.fork broken on rawhide kernels

[dsmith at redhat dot com]

http://sourceware.org/bugzilla/show_bug.cgi?id=15197

David Smith <dsmith at redhat dot com> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
             Status|NEW                         |RESOLVED
         Resolution|                            |FIXED

--- Comment #1 from David Smith <dsmith at redhat dot com> 2013-02-27 17:41:07 UTC ---
Fixed in commit 2ab1a2f.

-- 
Configure bugmail: http://sourceware.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.