git.lttng.org Git - lttng-tools.git/log

consumer: fix: possible unaligned access in packed structure

Fix the warnings that unaligned pointers can be passed as parameters
emitted when sampling buffer statistics.

Signed-off-by: Jérémie Galarneau <jeremie.galarneau@efficios.com>

inet: fix: possible unaligned access in packed structure (inet/inet6)

Fix the warnings that unaligned pointers can be passed as parameters
emitted when building inet.c and inet6.c.

Signed-off-by: Jérémie Galarneau <jeremie.galarneau@efficios.com>

consumer: fix: unaligned accesses to index fields

The ctf_index structure, being part of the ABI, is explicitly packed
using the LTTNG_PACKED macro. However, populating it by using pointers
to its members is not acceptable as it may cause the ust and kernel
tracer APIs to populate write their return values using unaligned
pointers.

Use automatic storage variables to fetch the various index fields and
populate the index at-once using a compound literal.

Signed-off-by: Jérémie Galarneau <jeremie.galarneau@efficios.com>

lttng: fix: potential 0-length allocation in pid list parsing

Check that count is > 0 before allocating pid list. This would
only happen after a prior error, but check it anyway.

Signed-off-by: Jérémie Galarneau <jeremie.galarneau@efficios.com>

Tests: fix: uninitialized session_id used on list_sessions failure

Stop live test when list_sessions() fails since the session_id used
further on would be uninitialized.

Signed-off-by: Jérémie Galarneau <jeremie.galarneau@efficios.com>

Tests: fix: uninitialized values passed to close() on error

The fds array is not initialized resulting in uninitialized file
descriptors being passed to close() when an error is encountered in
the epoll-setting loop.

Signed-off-by: Jérémie Galarneau <jeremie.galarneau@efficios.com>

lttng-ctl: fix: lttng_data_pending confuses communication status

lttng_ctl_ask_sessiond can return a positive value even though it
failed to receive the variable length payload of a session message
reply. In this case, lttng_ctl_ask_sessiond ends up calling into
lttng_ctl_ask_sessiond_fds_varlen() which will return the (negated)
error code returned by the session daemon if it was not LTTNG_OK.

The peer could return anything here, which lttng_data_pending will end
up interpreting as the length of the variable data that was received.

In this case, if the sessiond returns '-1', '1' will be returned to
lttng_data_pending, which it will interpret as being the length of the
'data_pending' byte flag. It will then dereference 'pending', which is
NULL, and (most likely) crash.

Check for NULL on top of checking for the return code. This
communication layer needs love as much as it needs a bulldozer.

Signed-off-by: Jérémie Galarneau <jeremie.galarneau@efficios.com>

Fix typo in regenerate statedump test util

Signed-off-by: Geneviève Bastien <gbastien+lttng@versatic.net>
Signed-off-by: Jérémie Galarneau <jeremie.galarneau@efficios.com>

Fix: metadata stream is not marked as quiescent after packet commit

When a metadata stream's wait fd is hung-up or enters an error state,
it is checked for quiescence in lttng_ustconsumer_on_stream_hangup().

If the stream is not quiescent, the current packet is closed through
the flush_buffer operation.

Currently, all commits to metadata streams are done on a packet
basis. The various code paths using the commit_one_metadata_packet
helper all perform a flush directly after the commit. Performing this
flush leaves the stream in a "quiescent" state, but does not mark it
as such.

This results in an extraneous flush being performed in the err/hup
handler, which leaves an empty packet to be consumed. This packet is
then consumed during the execution of the err/hup handler.

This bug results in an empty packet being appended to metadata
streams. This packet is typically ignored by readers, but the fact
that it is written at the time of the destruction of a session
violates the immutability guarantee of the session stop
command. Moreover, following the introduction of trace chunks, this
results in the stream attempting to serialize the empty buffer to its
output file _after_ its trace chunk has been closed, causing an
assertion to hit.

Hence, this fix performs the buffer flush and sets the stream as
quiescent directly in commit_one_metadata_packet().

Signed-off-by: Jérémie Galarneau <jeremie.galarneau@efficios.com>

Remove unused bitfield.h header

There are no users of the bitfield.h header. It was previously
used to list syscalls from a kernel channel in 834978fd, but
this function was removed in 9897fbc9.

Signed-off-by: Jérémie Galarneau <jeremie.galarneau@efficios.com>

Fix: sessiond: fs.protected_regular sysctl breaks app registration

I observed that userspace tracing no longer worked when an
instrumented application (linked against liblttng-ust) was launched
before the session daemon.

While investigating this, I noticed that the shm_open() of
'/lttng-ust-wait-8' failed with EACCES. As the permissions on the
'/dev/shm' directory and the file itself should have allowed the
session daemon to open the shm, this pointed to a change in kernel
behaviour.

Moreover, it appeared that this could only be reproduced on my
system (running Arch Linux) and not on other systems.

It turns out that Linux 4.19 introduces a new protected_regular sysctl
to allow the mitigation of a class of TOCTOU security issues related
to the creation of files and FIFOs in sticky directories.

When this sysctl is not set to '0', it specifically blocks the way the
session daemon attempts to open the app notification shm that an
application has already created.

To quote a comment added in linux's fs/namei.c as part of 30aba6656f:

```
Block an O_CREAT open of a FIFO (or a regular file) when:
  - sysctl_protected_fifos (or sysctl_protected_regular) is enabled
  - the file already exists
  - we are in a sticky directory
  - we don't own the file
  - the owner of the directory doesn't own the file
  - the directory is world writable
```

While the concerns that led to the inclusion of this patch are valid,
the risks that are being mitigated do not apply to the session
daemon's and instrumented application's use of this shm. This shm is
only used to wake-up applications and get them to attempt to connect
to the session daemon's application socket. The application socket is
the part that is security sensitive. At worst, an attacker controlling
this shm could wake up the UST thread in applications which would then
attempt to connect to the session daemon.

Unfortunately (for us, at least), systemd v241+ sets the
protected_regular sysctl to 1 by default (see systemd commit
27325875), causing the open of the shm by the session daemon to fail.

Introduce a fall-back to attempt a shm_open without the O_CREAT flag
when opening it with 'O_RDWR | O_CREAT' fails. The comments detail the
reason why those attempts are made in that specific order.

Signed-off-by: Jérémie Galarneau <jeremie.galarneau@efficios.com>

Fix: lttng-crash: detect truncated files

Detect truncated files which size is smaller than the ring buffer
header.

This can be caused by a situation where sessiond is killed with SIGKILL
while doing a metadata regenerate command.

Without this fix, lttng-crash is killed with a "Bus error" when
encountering a truncated file.

Fixes: #1166
Signed-off-by: Mathieu Desnoyers <mathieu.desnoyers@efficios.com>
Signed-off-by: Jérémie Galarneau <jeremie.galarneau@efficios.com>

Fix: use newly created event filter for condition check

The following commit introduced a regression while
fixing the filter and filter_expression ownership.

commit b0a23296344e57bd2e48e62ec2d7e0d8a38661bb
Author: Jérémie Galarneau <jeremie.galarneau@efficios.com>
Date:   Sat Jan 12 14:53:56 2019 -0500

    Fix: leak of filter bytecode and expression on agent event re-enable

    The agent subsystem does not properly assume the clean-up of an
    event's filter bytecode and expression when a previously disabled
    event is re-enabled.

    This change ensures that the ownership of both the filter bytecode
    and expression is assumed by the agent subsystem and discarded
    when a matching event is found.

    Steps to reproduce the leak:
    $ lttng create
    $ lttng enable-event --python allo --filter 'a[42] == 241'
    $ lttng disable-event --python allo
    $ lttng enable-event --python allo --filter 'a[42] == 241'

Signed-off-by: Jérémie Galarneau <jeremie.galarneau@efficios.com>
Setting the "filter" object to NULL prevents the call to
add_filter_app_ctx when needed.

We use the filter from the newly created event to
perform the check and the call to add_filter_app_ctx.

Fixes coverity #1399733

Signed-off-by: Jonathan Rajotte <jonathan.rajotte-julien@efficios.com>
Signed-off-by: Jérémie Galarneau <jeremie.galarneau@efficios.com>

Fix: namespace our gettid wrapper

Since glibc 2.30, a gettid wrapper was added that conflicts with our
static declaration. Namespace our wrapper so there is no conflict,
we'll add support for the glibc provided wrapper in a further commit.

Signed-off-by: Michael Jeanson <mjeanson@efficios.com>
Signed-off-by: Jérémie Galarneau <jeremie.galarneau@efficios.com>

Fix: check for lttng modules presence before testing

Signed-off-by: Jonathan Rajotte <jonathan.rajotte-julien@efficios.com>
Signed-off-by: Jérémie Galarneau <jeremie.galarneau@efficios.com>

Fix: test_crash: don't kill first app twice

Signed-off-by: Mathieu Desnoyers <mathieu.desnoyers@efficios.com>
Signed-off-by: Jérémie Galarneau <jeremie.galarneau@efficios.com>

Cleanup: test: don't stop relayd twice

Signed-off-by: Mathieu Desnoyers <mathieu.desnoyers@efficios.com>
Acked-by: Jonathan Rajotte <jonathan.rajotte-julien@efficios.com>
Signed-off-by: Jérémie Galarneau <jeremie.galarneau@efficios.com>

Fix: test: utils.sh: exit from process on full_cleanup

Signed-off-by: Mathieu Desnoyers <mathieu.desnoyers@efficios.com>
Signed-off-by: Jérémie Galarneau <jeremie.galarneau@efficios.com>

Fix: utils.sh: handle SIGPIPE

perl prove closes its child pipes before giving it a chance to execute
the signal trap handler. This means the child will not be able to
complete execution of the trap handler if that handler writes to stdout
or stderr.

Work-around this situation by redirecting stdin, stdout, and stderr
to /dev/null if a SIGPIPE is caught.

Signed-off-by: Mathieu Desnoyers <mathieu.desnoyers@efficios.com>
Signed-off-by: Jérémie Galarneau <jeremie.galarneau@efficios.com>

Fix: tests: error handling in high throughput limits test (v2)

Each individual call to "tc" should be checked for error, else we
may fail to catch specific tc errors caused, for instance, by a
kernel configuration that only contains some of the required
class modules.

Also, invoke the utils.sh full_cleanup function from the script-specific
interrupt_cleanup trap handler rather than try to perform stopping
of relayd and sessiond within the script.

Signed-off-by: Mathieu Desnoyers <mathieu.desnoyers@efficios.com>
Signed-off-by: Jérémie Galarneau <jeremie.galarneau@efficios.com>

Improve handling of test SIGTERM/SIGINT (v2)

The current state of signal handling for test scripts is: on
SIGTERM/SIGINT of the tests (e.g. a CTRL-C on the console), session
daemon and relay daemon are killed with SIGKILL, thus leaking all their
resources, and leaving lttng kernel modules loaded.

Revamp the "stop" functions to take a signal number and a timeout
as optional parameters. The default signal number is SIGTERM.

The full_cleanup trap handler now tries to nicely kill relayd and
sessiond (if they are present) with SIGTERM, and wait up to the
user-configurable LTTNG_TEST_TEARDOWN_TIMEOUT environment variable
(which has a default of 60s). Then, if there are still either relayd,
sessiond, or consumerd present, it will SIGKILL them and wait for
them to vanish. If it had to kill sessiond with SIGKILL, it will
also explicitly try to unload the lttng modules with modprobe.

This approach is inspired from sysv init script shutdown behavior.

Signed-off-by: Mathieu Desnoyers <mathieu.desnoyers@efficios.com>
Signed-off-by: Jérémie Galarneau <jeremie.galarneau@efficios.com>

Fix: check validity of a stream before invoking ust flush command

At the time ustctl_flush_buffer is called the ustream object might have
already been freed on lttng-ust side.

This can happen following a lttng_consumer_cleanup_relayd and concurrent
consumer flush command (lttng stop).

The chain of events goes as follows.

An error on communication with lttng-relayd occurs.
lttng_consumer_cleanup_relayd flags the streams for deletion
(CONSUMER_ENDPOINT_INACTIVE). validate_endpoint_status_data_stream calls
consumer_del_stream.

At the same time the hash table of streams is iterated over in the
flush_channel function following a stop command. The loop is iterating on
a given stream. The current thread is unscheduled before taking the stream
lock.

In the initial thread, the same stream is the current iteration of
cds_lfht_for_each_entry in validate_endpoint_status_data_stream.

consumer_del_stream is called on it. The stream lock is acquired, and
destroy_close_stream is called. lttng_ustconsumer_del_stream is eventually
called and at this point the ustream is freed.

Going back to the iteration in flush_channel. The current stream is still
valid from the point of view of the iteration, ustctl_flush_buffer is then
called on a freed ustream object.

This can lead to unknown behaviour since there is no validation on the
lttng-ust side. The underlying memory of the ustream object is garbage at
this point.

To prevent such scenario, we check for the presence of the node in the
hash table via cds_lfht_is_node_deleted while holding the stream lock.
This is valid because the stream destruction removes the node from
the hash table and frees the ustream object with the stream lock held.

This duplicate similar "validation" check of the stream object. [1][2]

[1] src/common/consumer/consumer.c:consumer_close_channel_streams
[2] src/common/ust-consumer/ust-consumer.c:close_metadata

This issue can be reproduced by the following scenario:

    Modify flush_channel to sleep (i.e 10s) before acquiring the lock on
    a stream.

    Modify lttng-ust ustctl_destroy_stream to set the
    ring_buffer_clock_read callback to NULL.
      Note: An assert on !cds_lfht_is_node_deleted in flush channel
      after acquiring the lock can provide the same information. We are
      modifying the callback to simulate the original backtrace from our
      customer.

    lttng-relayd
    lttng-sessiond
    lttng create --live
    lttng enable-event -u -a
    lttng start
    Start some applications to generate data.
    lttng stop
      The stop command force a flush of the channel/streams.
    pkill -9 lttng-relayd
    Expect assert or segfault

The original customer backtrace:

  0  lib_ring_buffer_try_switch_slow (handle=<optimized out>, tsc=<synthetic pointer>, offsets=0x3fffa9b76c80, chan=0x3fff98006e90, buf=<optimized out>,
     mode=<optimized out>) at /usr/src/debug/lttng-ust/2.9.1/git/libringbuffer/ring_buffer_frontend.c:1834
  1  lib_ring_buffer_switch_slow (buf=0x3fff98016b40, mode=<optimized out>, handle=0x3fff98017670)
     at /usr/src/debug/lttng-ust/2.9.1/git/libringbuffer/ring_buffer_frontend.c:1952
  2  0x00003fffac680940 in ustctl_flush_buffer (stream=<optimized out>, producer_active=<optimized out>)
     at /usr/src/debug/lttng-ust/2.9.1/git/liblttng-ust-ctl/ustctl.c:1568
  3  0x0000000010031bc8 in flush_channel (chan_key=<optimized out>) at ust-consumer.c:772
  4  lttng_ustconsumer_recv_cmd (ctx=<optimized out>, sock=<optimized out>, consumer_sockpoll=<optimized out>) at ust-consumer.c:1651
  5  0x000000001000de50 in lttng_consumer_recv_cmd (ctx=<optimized out>, sock=<optimized out>, consumer_sockpoll=<optimized out>) at consumer.c:2011
  6  0x0000000010014208 in consumer_thread_sessiond_poll (data=0x10079430) at consumer.c:3192
  7  0x00003fffac608b30 in start_thread (arg=0x3fffa9b7bdb0) at pthread_create.c:462
  8  0x00003fffac530d0c in .__clone () at ../sysdeps/unix/sysv/linux/powerpc/powerpc64/clone.S:96

Reviewed-by: Mathieu Desnoyers <mathieu.desnoyers@efficios.com>
Signed-off-by: Jonathan Rajotte <jonathan.rajotte-julien@efficios.com>
Signed-off-by: Jérémie Galarneau <jeremie.galarneau@efficios.com>

Fix: initialize syscall table when kernel tracer is lazily initialized

How to reproduce:

start lttng-sessiond while lttng-modules are not installed, then install
lttng-modules. Then issue "lttng list --syscall -k". It will show an
empty syscall list because the system call list has not been
initialized.

Signed-off-by: Mathieu Desnoyers <mathieu.desnoyers@efficios.com>
Signed-off-by: Jérémie Galarneau <jeremie.galarneau@efficios.com>

Update version to v2.10.7

Signed-off-by: Jérémie Galarneau <jeremie.galarneau@efficios.com>

Update base test for binding

This test is not run for now as it is not part of the test suite.

Use a temporary directory to store trace.
Split in 2 test suite, one for ust and the other for kernel.
Partially fix formatting.

Signed-off-by: Jonathan Rajotte <jonathan.rajotte-julien@efficios.com>
Signed-off-by: Jérémie Galarneau <jeremie.galarneau@efficios.com>

Fix: python binding: expose domain buffer type

On enable_channel the domain buffer type is used to create a temporary
channel. This currently fail for kernel channel since the buffer type is
not exposed at the binding level and default to LTTNG_BUFFER_PER_PID.
Channel for the kernel domain can only be created in LTTNG_BUFFER_GLOBAL
mode.

Exposing the buffer type also allow userpsace channel to use the per uid
buffering scheme.

The current bindings are in a rough state. This is to at least get them
to work with kernel domain.

Signed-off-by: Jonathan Rajotte <jonathan.rajotte-julien@efficios.com>
Signed-off-by: Jérémie Galarneau <jeremie.galarneau@efficios.com>

Fix: lttng_poll_mod calls compat_(e)poll_add

lttng_poll_mod should call compat_(e)poll_mod.

Signed-off-by: Yannick Lamarre <ylamarre@efficios.com>
Signed-off-by: Jérémie Galarneau <jeremie.galarneau@efficios.com>

Fix: getgrnam is not MT-Safe, use getgrnam_r

Running the test suite under a Yocto musl build resulted in musl
coredump due to double freeing.

We get the following backtraces:

0  a_crash () at ./arch/x86_64/atomic_arch.h:108
1  unmap_chunk (self=<optimized out>) at src/malloc/malloc.c:515
2  free (p=<optimized out>) at src/malloc/malloc.c:526
3  0x00007f46d9dc3849 in __getgrent_a (f=f@entry=0x7f46d9d1f7e0, gr=gr@entry=0x7f46d9e24460 <gr>, line=line@entry=0x7f46d9e26058 <line>, size=size@entry=0x7f46d92db550, mem=mem@entry=0x7f46d9e26050 <mem>, nmem=nmem@entry=0x7f46d92db558, res=0x7f46d92db548) at src/passwd/getgrent_a.c:45
4  0x00007f46d9dc2e6b in __getgr_a (name=0x487242 "tracing", gid=gid@entry=0, gr=gr@entry=0x7f46d9e24460 <gr>, buf=buf@entry=0x7f46d9e26058 <line>, size=size@entry=0x7f46d92db550, mem=mem@entry=0x7f46d9e26050 <mem>, nmem=0x7f46d92db558, res=0x7f46d92db548) at src/passwd/getgr_a.c:30
5  0x00007f46d9dc3733 in getgrnam (name=<optimized out>) at src/passwd/getgrent.c:37
6  0x0000000000460b29 in utils_get_group_id (name=<optimized out>) at ../../../lttng-tools-2.10.6/src/common/utils.c:1241
7  0x000000000044ee69 in thread_manage_health (data=<optimized out>) at ../../../../lttng-tools-2.10.6/src/bin/lttng-sessiond/main.c:4115
8  0x00007f46d9de1541 in start (p=<optimized out>) at src/thread/pthread_create.c:195
9  0x00007f46d9dee661 in __clone () at src/thread/x86_64/clone.s:22

From another run:

0  a_crash () at ./arch/x86_64/atomic_arch.h:108
1  unmap_chunk (self=<optimized out>) at src/malloc/malloc.c:515
2  free (p=<optimized out>) at src/malloc/malloc.c:526
3  0x00007f5abc210849 in __getgrent_a (f=f@entry=0x7f5abc2733e0, gr=gr@entry=0x7f5abc271460 <gr>, line=line@entry=0x7f5abc273058 <line>, size=size@entry=0x7f5abaef5510, mem=mem@entry=0x7f5abc273050 <mem>, nmem=nmem@entry=0x7f5abaef5518, res=0x7f5abaef5508) at src/passwd/getgrent_a.c:45
4  0x00007f5abc20fe6b in __getgr_a (name=0x487242 "tracing", gid=gid@entry=0, gr=gr@entry=0x7f5abc271460 <gr>, buf=buf@entry=0x7f5abc273058 <line>, size=size@entry=0x7f5abaef5510, mem=mem@entry=0x7f5abc273050 <mem>, nmem=0x7f5abaef5518, res=0x7f5abaef5508) at src/passwd/getgr_a.c:30
5  0x00007f5abc210733 in getgrnam (name=<optimized out>) at src/passwd/getgrent.c:37
6  0x0000000000460b29 in utils_get_group_id (name=<optimized out>) at ../../../lttng-tools-2.10.6/src/common/utils.c:1241
7  0x000000000042dee4 in notification_channel_socket_create () at ../../../../lttng-tools-2.10.6/src/bin/lttng-sessiond/notification-thread.c:238
8  init_thread_state (state=0x7f5abaef5560, handle=0x7f5abbf9be40) at ../../../../lttng-tools-2.10.6/src/bin/lttng-sessiond/notification-thread.c:375
9  thread_notification (data=0x7f5abbf9be40) at ../../../../lttng-tools-2.10.6/src/bin/lttng-sessiond/notification-thread.c:495
10 0x00007f5abc22e541 in start (p=<optimized out>) at src/thread/pthread_create.c:195
11 0x00007f5abc23b661 in __clone () at src/thread/x86_64/clone.s:22

The problem was easily reproducible (~6 crash on ~300 runs). A prototype fix
using mutex around the getgrnam yielded no crash in over 1000 runs. This
patch yielded the same results as the prototype fix.

Unfortunately we cannot rely on a mutex in liblttng-ctl since we cannot
enforce the locking for the application using the lib.

Use getgrnam_r instead.

The previous implementation of utils_get_group_id returned the gid of
the root group (0) on error/not found. lttng_check_tracing_group needs
to know if an error/not found occured, returning the root group is not
enough. We now return the gid via the passed parameter. The caller is
responsible for either defaulting to the root group or propagating the
error.

We also do not want to warn when used in liblttng-ctl context. We might
want to move the warning elsewhere in the future. For now, pass a bool
if we need to warn or not.

Signed-off-by: Jonathan Rajotte <jonathan.rajotte-julien@efficios.com>
Signed-off-by: Jérémie Galarneau <jeremie.galarneau@efficios.com>

Fix: logging: log_add_time() save/restore errno

The debugging logging macros (e.g. DBG()) are used as printf in the
lttng-tools source files. The printf() implementation does not alter the
errno value, so the fact that log_add_time() (through clock_gettime())
can alter errno is unexpected. For instance, adding a logging statement
for debugging purposes within a function for which errno is expected to
stay unchanged on return will change the behavior between execution with
-vvv and non-verbose.

Signed-off-by: Mathieu Desnoyers <mathieu.desnoyers@efficios.com>
Signed-off-by: Jérémie Galarneau <jeremie.galarneau@efficios.com>

Fix relayd: initialize beacon to -1ULL

The relayd stream beacon_ts_end field is expected to have the value
-1ULL when unset (no beacon has been received since last index).

However, the initial state is wrong. It is left at the value 0, which
indicates that a live beacon has indeed been received (which is untrue),
which in turn causes a live beacon with ctf_stream_id of -1ULL to be
sent to babeltrace, which does not expect it, and fails.

This issue can be triggered with the following scenario:

1) create live session
2) setup UST per-uid buffers tracing
3) start tracing, without any active traced application
4) hook with babeltrace live client to view the trace
5) run a traced application

Step 5) will cause the babeltrace live client to receive a stream_id of
-1ULL, and error out.

Signed-off-by: Mathieu Desnoyers <mathieu.desnoyers@efficios.com>
Signed-off-by: Jérémie Galarneau <jeremie.galarneau@efficios.com>

Fix: relayd: handling of lttng_read errors >= 0

errno is only set when lttng_read returns a negative value. Else, we
need to print a ERR() statement rather than use PERROR().

Signed-off-by: Mathieu Desnoyers <mathieu.desnoyers@efficios.com>
Signed-off-by: Jérémie Galarneau <jeremie.galarneau@efficios.com>

Fix tests: NULL pointer dereference in ust channel unit tests

The test_create_ust_channel() test case erroneously checks for
a NULL session instead of a channel. This can result in a
NULL pointer dereference on failure to create a ust channel.

The scope of usess is reduced to prevent similar mistakes in the
future. Moving 'dom' has made it obvious that this variable is
unused. Hence, it is removed.

Signed-off-by: Jérémie Galarneau <jeremie.galarneau@efficios.com>

Fix tests: NULL pointer dereference in ltt_ust_context unit tests

The check for the expected context's type must be skipped when
trace_ust_create_context() fails. Otherwise, a NULL pointer
dereference will occur.

Signed-off-by: Jérémie Galarneau <jeremie.galarneau@efficios.com>

Log the wait-shm's path on shm_open failure

Signed-off-by: Jérémie Galarneau <jeremie.galarneau@efficios.com>

Tests: use modprobe to test for the presence of lttng-modules

Signed-off-by: Jonathan Rajotte <jonathan.rajotte-julien@efficios.com>
Signed-off-by: Jérémie Galarneau <jeremie.galarneau@efficios.com>

Fix: skip test when ust doesn't have perf support

Signed-off-by: Michael Jeanson <mjeanson@efficios.com>
Signed-off-by: Jérémie Galarneau <jeremie.galarneau@efficios.com>

Tests: check for lttng-modules presence

Signed-off-by: Jonathan Rajotte <jonathan.rajotte-julien@efficios.com>
Signed-off-by: Jérémie Galarneau <jeremie.galarneau@efficios.com>

Fix: Properly sanitize input parameter

The lttng client uses the sizeof the containing buffer, defined as
LTTNG_SYMBOL_NAME_LEN, for input string sanitation instead of libc defined
macro NAME_MAX. lttng-enable_channel improperly verified user input
and wrongly discarded valid input in case NAME_MAX was less than the
sizeof the containing buffer for the channel's name.
This patch also fixes potential buffer overflow caused by an improperly
bounded strcpy in the case where NAME_MAX would have been greater than
LTTNG_SYMBOL_NAME_LEN.

Signed-off-by: Yannick Lamarre <ylamarre@efficios.com>
Signed-off-by: Jérémie Galarneau <jeremie.galarneau@efficios.com>

Fix tests: link libpause_consumer on liblttng-ctl

This preload test library uses symbols from liblttng-ctl which are
resolved when preloaded by GLIBC but not by MUSL.

Signed-off-by: Michael Jeanson <mjeanson@efficios.com>
Signed-off-by: Jérémie Galarneau <jeremie.galarneau@efficios.com>

tap-driver.sh: flush stdout after each test result

This is useful in a CI system where stdout is fully buffered and you
look at the console output to see which test is hanging.

Signed-off-by: Michael Jeanson <mjeanson@efficios.com>
Signed-off-by: Jérémie Galarneau <jeremie.galarneau@efficios.com>

Fix tests: snapshot size validation failure runs too many test cases

The snapshot max size test is reported as both passing and failing
when the test case fails.

Signed-off-by: Jérémie Galarneau <jeremie.galarneau@efficios.com>

Fix tests: the tree origin can be a symlink itself

Problem:

The base tree is defined as "/tmp/.....XXXXXX".
On systems where "/tmp/" is itself a symlink utils_expand_path will
expand the tree origin itself.

For example on a base core-image-minimal Yocto build /tmp is a symlink
to "/var/tmp", which is a symlink to "/var/volatile".

utils_expand_path will return something like this for the symlink test:
"/var/volative/.....XXXXXX/...." which is the valid result.

Solution:

Simply use realpath on the tree_origin and use this path to perform the
test validation.

This work was performed in the effort to support yocto fully and be able
to run the test suite to detect problem as early as possible.

Signed-off-by: Jonathan Rajotte <jonathan.rajotte-julien@efficios.com>
Signed-off-by: Jérémie Galarneau <jeremie.galarneau@efficios.com>

Fix tests: skip test_getcpu_override on single core systems

There is no value in performing this test on single-core system
since the only valid value for the cpu field is 0.

This test currently fails on single-core systems (i.e yocto runqemu)
on the test_getcpu_override_fail test case.

Signed-off-by: Jonathan Rajotte <jonathan.rajotte-julien@efficios.com>
Signed-off-by: Jérémie Galarneau <jeremie.galarneau@efficios.com>

Fix: Add POPT_CFLAGS to lttng_CFLAGS

The generated makefile was ignoring POPT_CFLAGS when compiling
lttng, but was adding POPT_LIBS to lttng_LDADD. With this commit,
make now honors both settings for applications and tests.

Fixes: #1165
Signed-off-by: Yannick Lamarre <ylamarre@efficios.com>
Signed-off-by: Jérémie Galarneau <jeremie.galarneau@efficios.com>

Fix: consumer snapshot: handle unsigned long overflow

Comparing the consumed iterator and the produced position without
using a difference generates an empty snapshot when the iterator is
before unsigned long overflow and the produced position is after
unsigned long overflow.

This applies to both UST and kernel consumers.

Signed-off-by: Mathieu Desnoyers <mathieu.desnoyers@efficios.com>
Signed-off-by: Jérémie Galarneau <jeremie.galarneau@efficios.com>

Fix: wrong error code returned by kernel_snapshot_record()

On snapshot error, kernel_snapshot_record() can return
LTTNG_ERR_KERN_CONSUMER_FAIL which means that the kernel consumer
daemon failed to launch. In this path, the appropriate error to
return is LTTNG_ERR_KERN_META_FAIL.

Signed-off-by: Jérémie Galarneau <jeremie.galarneau@efficios.com>

Docs: document the format of the lttng_session path member

Document that the path returned through a session listing operation
is not a path nor standard URL. While a UNIX path will be returned
when a session is configured to trace locally, a liblttng-ctl user
should not expect this field to contain a valid URL when a network
streaming (or live) output destination is configured. The "path"
field will hold a custom-formatted string describing the output.

This is arguably unexepected, but since this is currently the only
way to obtain the destination of an existing session, this format
will not be changed to preserve compatiblity with existing tools
which could rely on this format.

A description of the formating used by the session daemon is
added as part of this patch.

Signed-off-by: Jérémie Galarneau <jeremie.galarneau@efficios.com>

Fix: check illegal combinations of ctrl-url/data-url/ouput/set-url

The lttng CLI must check for illegal combinations of the
--ctrl-url, --data-url, --set-url, and --output options.

The following combinations are mutually exclusive:
  1) --set-url
  2) --ctrl-url + --data-url
  3) --output

Combining these incompatible options resulted in unhelpful
generic error messages since the error is catched a lot farther
than it should.

Signed-off-by: Jérémie Galarneau <jeremie.galarneau@efficios.com>

Remove duplicate check for dlopen

Signed-off-by: Michael Jeanson <mjeanson@efficios.com>
Signed-off-by: Jérémie Galarneau <jeremie.galarneau@efficios.com>

Tests: take multiple snapshots in streaming mode

Signed-off-by: Jonathan Rajotte <jonathan.rajotte-julien@efficios.com>
Signed-off-by: Jérémie Galarneau <jeremie.galarneau@efficios.com>

Fix: don't destroy the sockets if the snapshot was successful

Missing a goto to skip the error condition that was destroying the
relayd sockets even if a snapshot was successful. We want to keep them
open to reuse them for the next snapshots.

This is verbatim from the fix 1371fc1228461eb532118280e67ab3e9de015757

It is also the same fix.

Signed-off-by: Jonathan Rajotte <jonathan.rajotte-julien@efficios.com>
Signed-off-by: Jérémie Galarneau <jeremie.galarneau@efficios.com>

Fix: missing rcu read locking in trigger "unregister all" command

While the notification subsystem all runs within a single thread,
the iteration over the triggers hash table must be protected using
the RCU read-side lock since the RCU worker may resize the hash
table while the iteration is performed.

Signed-off-by: Jérémie Galarneau <jeremie.galarneau@efficios.com>

Fix: notification thread: RCU-safe reclaim of hash table nodes

Adapted from master branch commit 83b934ad.

Signed-off-by: Jérémie Galarneau <jeremie.galarneau@efficios.com>

Update version to v2.10.6

Signed-off-by: Jérémie Galarneau <jeremie.galarneau@efficios.com>

Fix: worker structure is leaked in run_as process

The run_as structure (handle) is allocated and initialized before
the fork() that spawns the run_as process. Currently, that structure
is only cleaned-up on the parent's end.

This fix performs the clean-up on the worker's side as well.

Signed-off-by: Jérémie Galarneau <jeremie.galarneau@efficios.com>

Fix: only free trace_path when it is dynamically allocated

Signed-off-by: Jérémie Galarneau <jeremie.galarneau@efficios.com>

Fix: leak of filter bytecode and expression on agent event re-enable

The agent subsystem does not properly assume the clean-up of an
event's filter bytecode and expression when a previously disabled
event is re-enabled.

This change ensures that the ownership of both the filter bytecode
and expression is assumed by the agent subsystem and discarded
when a matching event is found.

Steps to reproduce the leak:
$ lttng create
$ lttng enable-event --python allo --filter 'a[42] == 241'
$ lttng disable-event --python allo
$ lttng enable-event --python allo --filter 'a[42] == 241'

Signed-off-by: Jérémie Galarneau <jeremie.galarneau@efficios.com>

Test fix: python logging test spams its output

A set -x/+x pair was erroneously committed as part of the
test_python_logging test script which causes the test to be
unnecessarily verbose.

Signed-off-by: Jérémie Galarneau <jeremie.galarneau@efficios.com>

Fix: leak of rundir config string

Signed-off-by: Jérémie Galarneau <jeremie.galarneau@efficios.com>

Fix: do not repurpose iterator while it is being used

The hash table iteration uses an iterator that needs to stay valid for
the next loop. Using that same iterator variable in a nested lookup in a
different hash table leads to segmentation fault.

This is a 2.10-specific instance of the issue affecting
bind_trigger_to_matching_channels() which was found in the
master and 2.11 branches. This one affects
handle_notification_thread_command_register_trigger().

Signed-off-by: Mathieu Desnoyers <mathieu.desnoyers@efficios.com>
Signed-off-by: Jérémie Galarneau <jeremie.galarneau@efficios.com>

Fix: run_command_wait() handle partial write

Use lttng_write() to handle partial writes (writing less than the
requested amount of bytes) as well as ret = -1, errno = EINTR.

Signed-off-by: Mathieu Desnoyers <mathieu.desnoyers@efficios.com>
Signed-off-by: Jérémie Galarneau <jeremie.galarneau@efficios.com>

Fix: tests: test_crash should start sessions

test_crash expects side-effects of directory creation to happen while
tracing is still stopped. In preparation for changing that behavior,
ensure that tracing is started when those side-effects are expected.

Signed-off-by: Mathieu Desnoyers <mathieu.desnoyers@efficios.com>
Signed-off-by: Jérémie Galarneau <jeremie.galarneau@efficios.com>

Add *.exe to gitignore for Cygwin

Signed-off-by: Michael Jeanson <mjeanson@efficios.com>
Signed-off-by: Jérémie Galarneau <jeremie.galarneau@efficios.com>

Fix: warning 'fd' may be used uninitialized

Initialize fd to invalid '-1' and remove unnecessary file_opened.

Signed-off-by: Michael Jeanson <mjeanson@efficios.com>
Signed-off-by: Jérémie Galarneau <jeremie.galarneau@efficios.com>

Fix: max_t/min_t macros are missing cast on input

The semantic expected from max_t and min_t is to perform the max/min
comparison in the type provided as first parameter.

Cast the input parameters to the proper type before comparing them,
rather than after. There is no more need to cast the result of the
expression now that both inputs are cast to the right type.

Signed-off-by: Mathieu Desnoyers <mathieu.desnoyers@efficios.com>
Signed-off-by: Jérémie Galarneau <jeremie.galarneau@efficios.com>

Fix: Connect timeout arithmetic in inet/inet6 (v4)

The nanoseconds part of the timespec struct time_a is not always
bigger than time_b since it wraps around each second.

Use 64-bit arithmetic to compute the difference.

Merge/move duplicated code into utils.c.

This function is really doing two things. Split it into
timespec_to_ms() and timespec_abs_diff().

Signed-off-by: Mathieu Desnoyers <mathieu.desnoyers@efficios.com>
Signed-off-by: Jérémie Galarneau <jeremie.galarneau@efficios.com>

Fix: create_channel_per_pid: remove channel on error

The notification system of the session daemon tracks the lifetime
of per-pid buffers (in effect, channel keys) using two hooks:
- the successful completion of create_channel_per_pid()
- the deletion of the channel from an application's registry

Multiple error paths in create_channel_per_pid() can leave a channel
in an app's registry without notifying the notification system of its
existence.

When the channel is finally cleaned-up, the channel deletion hook will
inform the notification system that the channel should be deleted,
resulting in an error as that channel was previously unknown.

This fix ensures we remove the application's channel from its registry
on error (with the notify parameter set to 'false'), thus ensuring
that the notification system never tracks the incomplete channel.

Signed-off-by: Mathieu Desnoyers <mathieu.desnoyers@efficios.com>
Signed-off-by: Jérémie Galarneau <jeremie.galarneau@efficios.com>

Fix: channel errors on local stress-tests

On local stress-tests with per-pid buffers, error paths triggered
when trying to create a channel on an application already going away
end up tiggering the channel destruction with "-1" socket parameter.
This function attempts to send a notification of channel destruction
(erroneously) and attempts to sum counters into a channel object which
may not have been populated yet.

Therefore, don't perform those side-effects when invoked from error path
caused by channel creation error.

Signed-off-by: Mathieu Desnoyers <mathieu.desnoyers@efficios.com>
Signed-off-by: Jérémie Galarneau <jeremie.galarneau@efficios.com>

Fix: channel_ust_create: remove channel on agent error

Signed-off-by: Mathieu Desnoyers <mathieu.desnoyers@efficios.com>
Signed-off-by: Jérémie Galarneau <jeremie.galarneau@efficios.com>

Always choose large event header for UST channels

UST can receive the session start command before all probe provider
library constructors have completed running, therefore finding less
events than eventually enabled within the process. Moreover, with
per-uid buffers, many processes end up registering events into shared
buffers. Therefore, the guess based on number of events from the first
process to use the buffer is incorrect.

Considering that we typically have applications with more than 30
events, we will modify the session daemon so it selects the "large"
header type independently of the number of events.

Signed-off-by: Mathieu Desnoyers <mathieu.desnoyers@efficios.com>
Signed-off-by: Jérémie Galarneau <jeremie.galarneau@efficios.com>

Remove unnecessary check of output parameter

It is not necessary to check for `_notification != NULL` as it
is done at the beginning of the function. Moreover, it confuses
Coverity which warns that `notification` will be leaked if the
output parameter is NULL.

Signed-off-by: Jérémie Galarneau <jeremie.galarneau@efficios.com>

Fix: perform local data pending before checking data pending with relayd

Performing the data pending check in two phases, local and network,
reduces the total number network operations needed.

Doing the local check first enable early return in cases where data is
still pending locally.

Signed-off-by: Jonathan Rajotte <jonathan.rajotte-julien@efficios.com>
Signed-off-by: Jérémie Galarneau <jeremie.galarneau@efficios.com>

Fix: double put on error path

Let relay_index_try_flush be responsible for the self-reference put on
error path.

Code flow of relay_index_try_flush is a bit tricky but the only error
flow (via relay_index_file_write) will always mark the index as flushed
and perform the self-reference put.

Signed-off-by: Jonathan Rajotte <jonathan.rajotte-julien@efficios.com>
Signed-off-by: Jérémie Galarneau <jeremie.galarneau@efficios.com>

Fix: holding the stream lock does not equate to having data pending

The live timer can hold the stream lock while sending empty beacon. An
empty beacon does not mean that data is still pending for the stream.

Signed-off-by: Jonathan Rajotte <jonathan.rajotte-julien@efficios.com>
Signed-off-by: Jérémie Galarneau <jeremie.galarneau@efficios.com>

Fix: skip uid registry when metadata key is 0

A value of zero for the metadata key indicate that metadata was never
created/pushed to the consumer.

This can occur in scenario were a tracker is present since metadata
might never be created/pushed.

Signed-off-by: Jonathan Rajotte <jonathan.rajotte-julien@efficios.com>
Signed-off-by: Jérémie Galarneau <jeremie.galarneau@efficios.com>

Docs: document the meaning of a ust app channel key set to 0

Signed-off-by: Jérémie Galarneau <jeremie.galarneau@efficios.com>

Fix: acquire stream lock during kernel metadata snapshot

The stream lock is not taken when interacting with the kernel
metadata stream that is created at the time a snapshot is taken.

This was noticed while reviewing the code for an unrelated reason,
so there is no known problem caused by this. Nevertheless, this
is incorrect as the stream is globally visible in the consumer.

Moreover, the stream was not cleaned-up which can cause a leak
whenever a metadata snapshot fails.

Signed-off-by: Jérémie Galarneau <jeremie.galarneau@efficios.com>
Signed-off-by: Jonathan Rajotte <jonathan.rajotte-julien@efficios.com>

Fix: skip closed session on viewer listing

There is no value in listing a closed session. A viewer cannot hook
itself to a closed session in live mode and the session is about to be
removed from the sessions hash table.

Signed-off-by: Jonathan Rajotte <jonathan.rajotte-julien@efficios.com>
Signed-off-by: Jérémie Galarneau <jeremie.galarneau@efficios.com>

Fix: use LTTNG_VIEWER_ATTACH_UNK to report a closed session

LTTNG_VIEWER_NEW_STREAMS_HUP is not a valid error number for the
LTTNG_VIEWER_ATTACH_SESSION command. This result in erroneous error
reporting on the client side.

Signed-off-by: Jonathan Rajotte <jonathan.rajotte-julien@efficios.com>
Signed-off-by: Jérémie Galarneau <jeremie.galarneau@efficios.com>

Doc: withinin -> within

Signed-off-by: Jonathan Rajotte <jonathan.rajotte-julien@efficios.com>
Signed-off-by: Jérémie Galarneau <jeremie.galarneau@efficios.com>

Fix: perform relayd socket pair cleanup on control socket error

A reference to the local context for the socket pair is used to "force" an
evaluation of the data and metadata streams since we changed the endpoint
status. This imitates what is currently done for the data socket.

This prevents hitting network timeouts multiple times in a row when an
error occurs. For now, there is no mechanism for retry hence
"terminating" all communication make sense and prevent unwanted delays
on operation.

Signed-off-by: Jonathan Rajotte <jonathan.rajotte-julien@efficios.com>
Signed-off-by: Jérémie Galarneau <jeremie.galarneau@efficios.com>

Fix: relayd control socket mutex is not destroyed

Signed-off-by: Jérémie Galarneau <jeremie.galarneau@efficios.com>

Tests: do not bound test app iterations when in background mode

On systems with a high number of CPUs and slow disk, taking snapshots
can take a long time. When running a long regression test, the tests
sometimes outlive the test application.

The test application then exits since the required number of
iterations was completed
(NR_ITER=2000000).

Set the iterations parameter to -1 to ensure the application keeps
producing events for the duration of the test.

Signed-off-by: Jonathan Rajotte <jonathan.rajotte-julien@efficios.com>
Signed-off-by: Jérémie Galarneau <jeremie.galarneau@efficios.com>

Tests: add missing rotation and autoload tests to check target

Signed-off-by: Jérémie Galarneau <jeremie.galarneau@efficios.com>

Tests: remove temporary folder

Signed-off-by: Jonathan Rajotte <jonathan.rajotte-julien@efficios.com>
Signed-off-by: Jérémie Galarneau <jeremie.galarneau@efficios.com>

Tests: remove mi result files when done

Signed-off-by: Jonathan Rajotte <jonathan.rajotte-julien@efficios.com>
Signed-off-by: Jérémie Galarneau <jeremie.galarneau@efficios.com>

Tests: Remove unused set +x

Signed-off-by: Jonathan Rajotte <jonathan.rajotte-julien@efficios.com>
Signed-off-by: Jérémie Galarneau <jeremie.galarneau@efficios.com>

Tests: Kill relayd after sessiond to ensure a clean tear down

Signed-off-by: Jonathan Rajotte <jonathan.rajotte-julien@efficios.com>
Signed-off-by: Jérémie Galarneau <jeremie.galarneau@efficios.com>

Tests: Remove unused variable

Signed-off-by: Jonathan Rajotte <jonathan.rajotte-julien@efficios.com>
Signed-off-by: Jérémie Galarneau <jeremie.galarneau@efficios.com>

Tests: Use stop relayd from utils.sh

Signed-off-by: Jonathan Rajotte <jonathan.rajotte-julien@efficios.com>
Signed-off-by: Jérémie Galarneau <jeremie.galarneau@efficios.com>

Tests: remove declaration already present in utils.sh

Signed-off-by: Jonathan Rajotte <jonathan.rajotte-julien@efficios.com>
Signed-off-by: Jérémie Galarneau <jeremie.galarneau@efficios.com>

Fix: incorrect error message on regenerate missing argument

Signed-off-by: Jérémie Galarneau <jeremie.galarneau@efficios.com>

Fix: incorrect error message on metadata missing argument

Signed-off-by: Jérémie Galarneau <jeremie.galarneau@efficios.com>

Fix: snapshot command mishandles missing arguments

The snapshot command does not print explicit errors when
arguments are missing. This commit introduces more error
reporting and ensures that lttng_error_code and cmd_error_code
values are not freely mixed.

Signed-off-by: Jérémie Galarneau <jeremie.galarneau@efficios.com>

Fix: potential use of NULL path in stat() use

Signed-off-by: Jérémie Galarneau <jeremie.galarneau@efficios.com>

Fix: passing null to closedir() on error

Signed-off-by: Jérémie Galarneau <jeremie.galarneau@efficios.com>

Fix: unchecked access to pids array

Signed-off-by: Jérémie Galarneau <jeremie.galarneau@efficios.com>

Fix: returned pids may be uninitialized

Signed-off-by: Jérémie Galarneau <jeremie.galarneau@efficios.com>

Fix: lttng-save command producing wrong XML fields

Saving a session configuration with a probe or a function event would
generate a XML file considered invalid by the lttng-load command.

This is due to the fact that for a probe event lttng-save would the
following xml event type field:
<type>KPROBE</type>
but lttng-load command would be expecting the following field:
<type>PROBE</type>.

As a fix, the lttng-save command now rightfully outputs the PROBE field.
Given that this usecase never worked, changing the field is not a
breaking change.

Also, the save command was wrongfully using FUNCTION xml event type for
the LTTNG_KERNEL_FUNCTION event type when it is in fact the
FUNCTION_ENTRY xml event type.

Signed-off-by: Francis Deslauriers <francis.deslauriers@efficios.com>
Signed-off-by: Jérémie Galarneau <jeremie.galarneau@efficios.com>

Fix: memory is not zeroed on first set_capacity

Signed-off-by: Jérémie Galarneau <jeremie.galarneau@efficios.com>