Create a consumer daemon trace chunk registry on launch
A trace chunk registry is needed by the consumer daemon since there is
no concrete representation of a tracing session object in those
processes.
The trace chunk registry allows the consumer daemon to match
newly-created streams to their current trace chunk. This integration
is performed in a follow-up commit.
Add the trace chunk and trace chunk registry interfaces
A trace chunk is a set of stream files. It maps to the user-visible
concept of "trace archive chunks" produced following a tracing session
rotation.
The concept of a "chunk" is introduced to make it possible to
associate a group of stream files together, store common
properties (e.g. the epoch, base path, list of files, credentials,
etc.), and perform an action once all files have been closed/released.
The "trace chunk" interface is to be used by the session, consumer,
and relay daemons in different ways, through the OWNER or USER roles.
The lttng_dynamic_pointer_array, lttng_dynamic_array, and optional
utils are added since they are used by the trace chunk implementation.
time_to_iso8601_str() formats a Unix timestamp to an ISO 8601
compatible string. For now, the only ISO 8601 time format used
in LTTng-tools is the "YYYYmmddTHHMMSS+HHMM" form used by the
session rotation feature.
Since ISO 8601 allows many formats, this functions may need to be
renamed at some point.
Maintain a channel-per-session_id hash table in the consumers
Add and maintain an hash table indexed by `session_id` that allows the
consumer daemons to perform actions on a set of channels belonging to
a given session.
This hash table holds no ownership of the channels; it is merely an
"index" to the existing set of channels maintained in the channel_ht.
Implement a "move" method (akin to C++'s move semantics) which allows
the transfer of the contents/ownership of a stack-allocated directory
handle to another object.
A moved directory handle must no longer be used after the "move"
operation. The original moved handle is invalidated in the hope
of catching erroneous uses of this API quickly.
This method allows the duplication of a directory handle to
existing storage. It duplicates the underlying directory file
descriptor or path, depending on the configured implementation.
There are no users of the bitfield.h header. It was previously
used to list syscalls from a kernel channel in 834978fd, but
this function was removed in 9897fbc9.
The MAGIC_VALUE macro is only defined when the build is configured
in epoll mode. This value should be defined unconditionally as it
is used in both poll and epoll test modes.
lttng_list_sessions() returns a "fatal error" code when
lttng_ctl_ask_sessiond() returns 0. This was interpreted as the
control socket being shutdown unexpectedly. However, it is
(more often) caused by no sessions being available. Given that, it
makes more sense to report that no sessions are available.
More clean-up/refactoring would be needed to report unexpected socket
shutdowns.
Jonathan Rajotte [Thu, 23 May 2019 18:02:26 +0000 (14:02 -0400)]
Fix: python binding: expose domain buffer type
On enable_channel the domain buffer type is used to create a temporary
channel. This currently fail for kernel channel since the buffer type is
not exposed at the binding level and default to LTTNG_BUFFER_PER_PID.
Channel for the kernel domain can only be created in LTTNG_BUFFER_GLOBAL
mode.
Exposing the buffer type also allow userpsace channel to use the per uid
buffering scheme.
The current bindings are in a rough state. This is to at least get them
to work with kernel domain.
Signed-off-by: Jonathan Rajotte <jonathan.rajotte-julien@efficios.com> Signed-off-by: Jérémie Galarneau <jeremie.galarneau@efficios.com>
Modify LTTNG_POLL_GETNB to provide compatibility with the epoll flavor.
Since it is only used after a lttng_poll_wait call with no modification
(add, del, mod) between, this change does not modify the behaviour in
its current usage while ensuring similar API behavior between
compatibility layer implementations.
Fix: directory handle credentials parameter is not const
There is no reason for the "as user" operations on a directory
handle not to take the credentials as a const parameter. Not
passing credentials as const makes their ownership ambiguous
and makes it harder to write const-correct code.
Running the test suite under a Yocto musl build resulted in musl
coredump due to double freeing.
We get the following backtraces:
0 a_crash () at ./arch/x86_64/atomic_arch.h:108
1 unmap_chunk (self=<optimized out>) at src/malloc/malloc.c:515
2 free (p=<optimized out>) at src/malloc/malloc.c:526
3 0x00007f46d9dc3849 in __getgrent_a (f=f@entry=0x7f46d9d1f7e0, gr=gr@entry=0x7f46d9e24460 <gr>, line=line@entry=0x7f46d9e26058 <line>, size=size@entry=0x7f46d92db550, mem=mem@entry=0x7f46d9e26050 <mem>, nmem=nmem@entry=0x7f46d92db558, res=0x7f46d92db548) at src/passwd/getgrent_a.c:45
4 0x00007f46d9dc2e6b in __getgr_a (name=0x487242 "tracing", gid=gid@entry=0, gr=gr@entry=0x7f46d9e24460 <gr>, buf=buf@entry=0x7f46d9e26058 <line>, size=size@entry=0x7f46d92db550, mem=mem@entry=0x7f46d9e26050 <mem>, nmem=0x7f46d92db558, res=0x7f46d92db548) at src/passwd/getgr_a.c:30
5 0x00007f46d9dc3733 in getgrnam (name=<optimized out>) at src/passwd/getgrent.c:37
6 0x0000000000460b29 in utils_get_group_id (name=<optimized out>) at ../../../lttng-tools-2.10.6/src/common/utils.c:1241
7 0x000000000044ee69 in thread_manage_health (data=<optimized out>) at ../../../../lttng-tools-2.10.6/src/bin/lttng-sessiond/main.c:4115
8 0x00007f46d9de1541 in start (p=<optimized out>) at src/thread/pthread_create.c:195
9 0x00007f46d9dee661 in __clone () at src/thread/x86_64/clone.s:22
From another run:
0 a_crash () at ./arch/x86_64/atomic_arch.h:108
1 unmap_chunk (self=<optimized out>) at src/malloc/malloc.c:515
2 free (p=<optimized out>) at src/malloc/malloc.c:526
3 0x00007f5abc210849 in __getgrent_a (f=f@entry=0x7f5abc2733e0, gr=gr@entry=0x7f5abc271460 <gr>, line=line@entry=0x7f5abc273058 <line>, size=size@entry=0x7f5abaef5510, mem=mem@entry=0x7f5abc273050 <mem>, nmem=nmem@entry=0x7f5abaef5518, res=0x7f5abaef5508) at src/passwd/getgrent_a.c:45
4 0x00007f5abc20fe6b in __getgr_a (name=0x487242 "tracing", gid=gid@entry=0, gr=gr@entry=0x7f5abc271460 <gr>, buf=buf@entry=0x7f5abc273058 <line>, size=size@entry=0x7f5abaef5510, mem=mem@entry=0x7f5abc273050 <mem>, nmem=0x7f5abaef5518, res=0x7f5abaef5508) at src/passwd/getgr_a.c:30
5 0x00007f5abc210733 in getgrnam (name=<optimized out>) at src/passwd/getgrent.c:37
6 0x0000000000460b29 in utils_get_group_id (name=<optimized out>) at ../../../lttng-tools-2.10.6/src/common/utils.c:1241
7 0x000000000042dee4 in notification_channel_socket_create () at ../../../../lttng-tools-2.10.6/src/bin/lttng-sessiond/notification-thread.c:238
8 init_thread_state (state=0x7f5abaef5560, handle=0x7f5abbf9be40) at ../../../../lttng-tools-2.10.6/src/bin/lttng-sessiond/notification-thread.c:375
9 thread_notification (data=0x7f5abbf9be40) at ../../../../lttng-tools-2.10.6/src/bin/lttng-sessiond/notification-thread.c:495
10 0x00007f5abc22e541 in start (p=<optimized out>) at src/thread/pthread_create.c:195
11 0x00007f5abc23b661 in __clone () at src/thread/x86_64/clone.s:22
The problem was easily reproducible (~6 crash on ~300 runs). A prototype fix
using mutex around the getgrnam yielded no crash in over 1000 runs. This
patch yielded the same results as the prototype fix.
Unfortunately we cannot rely on a mutex in liblttng-ctl since we cannot
enforce the locking for the application using the lib.
Use getgrnam_r instead.
The previous implementation of utils_get_group_id returned the gid of
the root group (0) on error/not found. lttng_check_tracing_group needs
to know if an error/not found occured, returning the root group is not
enough. We now return the gid via the passed parameter. The caller is
responsible for either defaulting to the root group or propagating the
error.
We also do not want to warn when used in liblttng-ctl context. We might
want to move the warning elsewhere in the future. For now, pass a bool
if we need to warn or not.
Signed-off-by: Jonathan Rajotte <jonathan.rajotte-julien@efficios.com> Signed-off-by: Jérémie Galarneau <jeremie.galarneau@efficios.com>
The debugging logging macros (e.g. DBG()) are used as printf in the
lttng-tools source files. The printf() implementation does not alter the
errno value, so the fact that log_add_time() (through clock_gettime())
can alter errno is unexpected. For instance, adding a logging statement
for debugging purposes within a function for which errno is expected to
stay unchanged on return will change the behavior between execution with
-vvv and non-verbose.
The relayd stream beacon_ts_end field is expected to have the value
-1ULL when unset (no beacon has been received since last index).
However, the initial state is wrong. It is left at the value 0, which
indicates that a live beacon has indeed been received (which is untrue),
which in turn causes a live beacon with ctf_stream_id of -1ULL to be
sent to babeltrace, which does not expect it, and fails.
This issue can be triggered with the following scenario:
1) create live session
2) setup UST per-uid buffers tracing
3) start tracing, without any active traced application
4) hook with babeltrace live client to view the trace
5) run a traced application
Step 5) will cause the babeltrace live client to receive a stream_id of
-1ULL, and error out.
Michael Jeanson [Tue, 16 Apr 2019 20:43:47 +0000 (16:43 -0400)]
Update the ac_define_dir macro from the autoconf archive
This macro was removed many years ago from the archive because it crosses
the boundary between configure and make time variables. For the moment
update it to the latest released version.
Signed-off-by: Michael Jeanson <mjeanson@efficios.com> Signed-off-by: Jérémie Galarneau <jeremie.galarneau@efficios.com>
Fix: relayd not spawned on default-url live session creation
b178f53e9 introduced a regression that causes the lttng client to
not spawn a relay daemon automatically when a live session is
created using the default url parameters.
This fix re-introduces an equivalent check to restore the
previous behaviour.
Reported-by: Francis Deslauriers <francis.deslauriers@efficios.com> Signed-off-by: Jérémie Galarneau <jeremie.galarneau@efficios.com>
The lttng_directory_handle allows its user to keep a handle to
a directory and to create subdirectories relative to it.
On platforms implementing POSIX.2008, a directory file descriptor
is used to maintain a handle to an existing directory and used
in conjunction with mkdirat() to create subdirectories.
Derelict platforms (such as Solaris 10) use an alternative
implementation which carries the location of the root directory
and builds subdirectory paths on creation.
The existing mkdir utils are re-implemented using this new
interface (using the special AT_FDCWD file descriptor value, when
applicable) to limit code duplication.
The implementation of the directory handle and its users is
automatically selected based on the presence of the dirfd() function,
but can also be explicitly chosen using the --enable/disable-dirfd
configuration option.
Fix tests: NULL pointer dereference in ust channel unit tests
The test_create_ust_channel() test case erroneously checks for
a NULL session instead of a channel. This can result in a
NULL pointer dereference on failure to create a ust channel.
The scope of usess is reduced to prevent similar mistakes in the
future. Moving 'dom' has made it obvious that this variable is
unused. Hence, it is removed.
Fix tests: NULL pointer dereference in ltt_session unit tests
The check for a NULL kernel session must be skipped when
the session_find_by_name() fails to find a session else a NULL
pointer dereference will occur.
Generate session name and default output on sessiond's end
The lttng client currently generates the default session name and
output parameters. This has, over time, resulted in a number of
problems. Notably, it is possible for scripts to create session
too quickly using automatically-generated session names that would
clash since the session's creation timestamp is the only variable part
of a session "automatic" name. Hence, sessions created in the same
second would clash and result in spurious session creation failures.
More importantly, generating session names and outputs on the client
end makes it impossible to reliably differentiate output locations that
were automatically generated vs. those that were explicitly provided.
This causes destinations to be "opaque" to the LTTng daemons as
the subdir, session name, and session's creation timestamp are all
"cooked" as part of the output destination path/subdir. Keeping these
path components separate will make it easier to implement output path
configurations that allow the grouping of session outputs by name, by
host, etc.
Since a session's creation time is used as part of its shm-path, an
accessor to the session's creation time is added to the public API:
lttng_session_get_creation_time(). This creation time attribute can be
accessed when an lttng_session structure is created using the session
listing API.
Note that existing session creation functions are preserved to
maintain the binary compatibility with existing liblttng-ctl users.
The session creation functions are reimplemented on top of this
newly-introduced API. The only function for which compatibility is
dropped is the hidden _lttng_create_session_ext().
Overhaul of path separation
---
Not generating paths on the client-end has uncovered a number
of problems in the path handling of the session daemon, especially
when a network output was used. A lot of code presumed that a
network session would be created with a URL containing a sub-directory
of the form "session_name-timestamp". While this is true for
remote sessions created by the lttng client, a sub-directory is
not required when liblttng-ctl is used directly.
Hence, this commit ensures that session directories are split
as base path, chunk directory, domain directory, application
directory.
A number of changes in this fix ensure that a session's base path
contains everything up to the "session" path element _or_ up to
the user-specified output directory.
For example, creating a local session using default output settings,
the session base output is:
/home/user/lttng-traces/session-timestamp
Creating a remote session using default output settings, the session
base output path is:
/hostname/session-timestamp/
Using custom output directories, whether locally or remotely, causes
the session base path to be set to that custom output directory.
For example, using a local output path of /tmp/my_path will result
in a session base path of the form:
/tmp/my_path
Whereas creating a session with a network output of
net://localhost/my_path will result in a session base path of the
form:
/hostname/my_path
Another problematic element is the subdir of the kernel_session
and ust_session consumer output which in different scenarios
contained chunk names and arbitrary parts of the path hierarchy.
The consumer output subdir has been renamed to 'domain_subdir'
and now only ever contains: "kernel/", "ust/", or "".
Finally, the chunk_path session attribute only contains the name
of the current chunk directory being produced.
Move completed trace archive chunks to an "archives" sub-folder
Users have expressed the desire to read all completed trace archive
chunks at once. Initialy, the requirement called for users to wait,
using the notification API, for chunks to be made available following
the completion of a rotation. Upon the reception of a rotation
completion notification, which contains the chunk's location, it would
be possible to safely consume the resulting trace archive chunk.
Given that using the notification API was deemed too complex for
certain users, it was decided that the creation of a folder of the
form "<start-time>-<end-time>-<idx>" must guarantee the readability
of its contents. This guarantee is currently not honored for the first
trace archive chunk. This is a known bug which will be addressed
before the release.
This requirement has evolved and it must now be possible for users to
point a reader to a session output directory, after an arbitrary
number of rotations, to consume all completed trace archive chunks
while tracing is ongoing.
To make this possible (and reliable), a reader must have a way to
infer which trace archive chunks are still being produced, and which
have been completed so as to not attempt to consume a trace that
is still being produced.
First, a quick refresher on the hierachy of a session output path.
Before a rotation occurs, a session output path has the following
hierarchy:
my_trace
|__ust
|__[...]
|__kernel
|__[...]
And, after four completed rotations:
my_trace
|__<start-time>-<end-time>-0 <--- completed trace archive chunk
|__<start-time>-<end-time>-1
|__<start-time>-<end-time>-2
|__<start-time>-<end-time>-3
|__<start-time>-4 <--- trace archive being produced
As a consequence of this behaviour, it is not possible to safely point
a CTF reader to a trace output directory without a special
configuration option that would indicate that the reader should ignore
the usual lttng hierarchy ('ust' and 'kernel'). Indeed, it is not
possible to distinguish a completed trace from a trace being produced
before the completion of the first rotation of a session.
Moreover, relying on the format of the name of trace archive chunks to
infer their completeness is awfully restrictive in terms of our
ability to alter the trace archive chunk directory format in the
future.
This format is also not part of any CTF specification document meaning
that implementing this logic in a reference CTF
implementation (babeltrace) is ill-advised. It would be unexpected for
a reader to fail to read a trace simply because it is stored in a
directory of the form <ISO8601-timestamp>-<integer>, which is a
valid trace output directory.
Hence, this commit changes the hierarchy of the trace output directory
so that completed (and safe to read) trace archive chunks are stored
in an "archives" sub-folder under the tracing session output
directory. This results in the following trace output directory
hierarchy:
Pointing to the "archives" directory requires no LTTng-specific logic
to be implemented in the reader(s) to achieve the users' requirement.
It does require that users wait for the presence of an "archives"
directory in the trace output path.
Reference shell code is provided to implement such a check:
"""
if [ -d ${trace_output_path}/archives ]; then
# invoke reader
fi
"""
Given that a user would have to wait for a first completed chunk to
appear or ensure (in whichever way) that a rotation has occured before
consuming trace archive chunks, this alternative does not seem more
complex.
Fix: lttng_rotate_session does not handle socket close
lttng_ctl_ask_sessiond may return 0 if the sessiond process is killed
or if its client socket is closed unexpectedly. This causes
lttng_rotate_session to assume a rotation command reply has
been received, resulting in a NULL pointer dereference later on.
libcommon's time-handling utilities are used by liblttng-ctl.
Like other symbols of libcommon, they must be marked as hidden
to prevent them from being exported as part of the liblttng-ctl
interface.
Fix: command reply message is leaked for variable-len replies
Commands which return a variable-length payload re-setup the
command context using setup_lttng_msg() (and its wrappers).
In doing so, the lttcomm_lttng_msg structure (plus its trailing
variable-length payload) are re-allocated. However, the previous
instance of lttcomm_lttng_msg is leaked.
This is solved by free()-ing the original lttcomm_lttng_msg when
setup_lttng_msg() is used. When it is only used once, a NULL
pointer will be free'd without any effect.
Yannick Lamarre [Tue, 26 Mar 2019 19:53:06 +0000 (15:53 -0400)]
Fix: Properly sanitize input parameter
The lttng client uses the sizeof the containing buffer, defined as
LTTNG_SYMBOL_NAME_LEN, for input string sanitation instead of libc defined
macro NAME_MAX. lttng-enable_channel improperly verified user input
and wrongly discarded valid input in case NAME_MAX was less than the
sizeof the containing buffer for the channel's name.
This patch also fixes potential buffer overflow caused by an improperly
bounded strcpy in the case where NAME_MAX would have been greater than
LTTNG_SYMBOL_NAME_LEN.
Yannick Lamarre [Fri, 22 Feb 2019 19:33:38 +0000 (14:33 -0500)]
Enforce DL_LIBS value instead of hard coded -ldl
Generated makefiles would ignore DL_LIBS value selected by configure
script and use the hard coded value -ldl. Generated makefiles will
now use DL_LIBS.
Yannick Lamarre [Fri, 22 Feb 2019 19:33:37 +0000 (14:33 -0500)]
Fix: Add POPT_CFLAGS to lttng_CFLAGS
The generated makefile was ignoring POPT_CFLAGS when compiling
lttng, but was adding POPT_LIBS to lttng_LDADD. With this commit,
make now honors both settings for applications and tests.
Fix: consumer snapshot: handle unsigned long overflow
Comparing the consumed iterator and the produced position without
using a difference generates an empty snapshot when the iterator is
before unsigned long overflow and the produced position is after
unsigned long overflow.
Fix: no-output sessions do not enforce snapshot constraints
A number of scenarios can lead to failures to record snapshots when a
session is created as "no-output" (not snapshot) and has snapshot
outputs added later-on.
These changes prevent a user from adding snapshot outputs after the
creation of a kernel channel that makes use of the 'splice' output
type since those do not allow the capture of snapshots.
Moreover, the output type of kernel channels is overriden when a
snapshot output is present in a session to behave like a snapshot
session would.
Fix: wrong error code returned by kernel_snapshot_record()
On snapshot error, kernel_snapshot_record() can return
LTTNG_ERR_KERN_CONSUMER_FAIL which means that the kernel consumer
daemon failed to launch. In this path, the appropriate error to
return is LTTNG_ERR_KERN_META_FAIL.
Clarify incorrect channel output type logging message
Recording a snapshot is only supported for channels that have
an "mmap" output type. Add the channel's name and an explanation
of the error in the consumer daemon's log as the channel's
'output' integral representation is of limited use.
Docs: clarify the meaning of the snapshot_mode flag in ltt_session
The snapshot_mode flag of an ltt_session only affects the default
channel creation attributes. It is not used to prevent the
modification of snapshot outputs.
Since a snapshot session is necessarily in "no-output" mode, it
is redundant to check for this flag in rotation-related commands.
The new output omits the output location in parentheses, doesn't
print the "Trace path" line if no output is specified, and
uses the generic "output" terminology rather than "path".
Docs: document the format of the lttng_session path member
Document that the path returned through a session listing operation
is not a path nor standard URL. While a UNIX path will be returned
when a session is configured to trace locally, a liblttng-ctl user
should not expect this field to contain a valid URL when a network
streaming (or live) output destination is configured. The "path"
field will hold a custom-formatted string describing the output.
This is arguably unexepected, but since this is currently the only
way to obtain the destination of an existing session, this format
will not be changed to preserve compatiblity with existing tools
which could rely on this format.
A description of the formating used by the session daemon is
added as part of this patch.
Fix: missing include can cause structures to not be packed
A number of files declaring "packed" structures (using the LTTNG_PACKED
macro) do not include common/macros.h, which defines this macro.
This results in structures being used in their "unpacked" form, or
under both packed and unpacked forms, depending on the other files
included at the point of definition and use of these structures.
It is unclear which of the users of these structures were actually
affected by the bug. Most of these structures are used for IPC
over a UNIX socket. In these cases, it is reasonable to assume that
lttng-tools will be rebuilt completely to take this change into
account.
However, the structures declared in common/sessiond-comm/relayd.h are
more worrying as they are part of the relay daemon's network protocol.
Fortunately, adding the following directive to
common/sessiond-comm/relayd.h confirms that the header is included
transitively where those structures are used.
> #ifndef LTTNG_PACKED
> #error Not defined!
> #endif
Instances of this issue were found using the following script.
for file in $(ag -l LTTNG_PACKED); do
ag "#include \<common/macros\.h\>" -l ${file} > /dev/null
if [ $? -ne 0 ]; then
echo "Missing include in" $file
fi
done
Running this script produces the following output (annotated):
Missing include in include/lttng/channel-internal.h
Missing include in include/lttng/condition/buffer-usage-internal.h
Missing include in include/lttng/condition/session-consumed-size-internal.h
Missing include in include/lttng/condition/session-rotation-internal.h
Missing include in src/common/sessiond-comm/sessiond-comm.h
Missing include in src/common/sessiond-comm/relayd.h
Missing include in src/common/sessiond-comm/agent.h
> LTTNG_PACKED mentioned in comments
Missing include in src/common/optional.h
> Unneeded.
Missing include in src/common/macros.h
> lttng-ust-abi.h defines its own version of LTTNG_PACKED
> and is included by lttng-ust-ctl.h
Missing include in src/bin/lttng-sessiond/lttng-ust-ctl.h
Missing include in src/bin/lttng-sessiond/lttng-ust-abi.h
Missing include in src/lib/lttng-ctl/filter/filter-bytecode.h
> False positives (not source files)
Missing include in packed.sh
Missing include in ChangeLog
Fix: lttng_uri structure must be packed as it is used for IPC
The lttng_create_session commands send lttng_uri structures over
a UNIX socket. As such, the structure must be packed to preclude
the inclusion of any padding.
Moreover, the 'in_port_t' is replaced by uint16_t and PATH_MAX
is replaced by LTTNG_PATH_MAX to prevent conflicts if both ends
of the IPC are not build with the same toolchain/definitions.
Fix: release reference to ltt_session on error instead of free()
Since ltt_session objects within the session daemon are now
reference counted, it is more appropriate to release a reference
on error rather than calling free() directly in session_create().
The session_release() function also performs additional that can
be needed in some of the error paths of session_create().
Fix relayd: session leaked on communication error during creation
A relay_session object can be leaked if the relay daemon fails
to reply to the RELAYD_CREATE_SESSION command.
Since the relay daemon's peer can't know the session's id, the
session will never be referenced in the future. Moreover, the
session will never be tied to the connection(s) in order to bound
its lifetime.
Prevent channel buffer allocation larger than memory
Background
==========
Until recently (before lttng-modules commit 1f0ab1e) it was possible to
trigger an Out-Of-Memory crash by creating a kernel channel buffer
larger than the currently usable memory on the system. The following
commands was triggering the issue on my laptop:
lttng create
lttng enable-channel -k --subbuf-size=100G --num-subbuf=1 chan0
The lttng-modules commit 1f0ab1e adds a verification based on an
estimate to prevent this from happening. Since this kernel tracer sanity
check is based on an estimate, it would safer to do a similar check on
the session daemon side.
Approach
========
Verify that there is enough memory available on the system to do all the
allocations needed to enable the channel. If the available memory is
insufficient for the buffer allocation, return an error to the user
without trying to allocate the buffers.
Use the `/proc/meminfo` procfile to get an estimate of the current size
of available memory (using `MemAvailable`). The `MemAvailable` field was
added in the Linux kernel 3.14, so if it's absent, fallback to verifying
that the requested buffer is smaller than the physical memory on the
system.
Compute the size of the requested buffers using the following equation:
requested_memory = number_subbuffer * size_subbuffer * number_cpu
The following error is returned to the command line user:
lttng enable-channel -k --subbuf-size=100G --num-subbuf=1 chan0
Error: Channel chan0: Not enough memory (session auto-20181121-161146)
Side effect
===========
This patch has the interesting side effect to alerting the user with an
error that buffer allocation has failed because of memory availability
in both --kernel and --userspace channel creation.
Drawback
========
The fallback check on older kernels is imperfect and is only to prevent
obvious user errors.
Note
====
In the future, there might be a need for a way to deactivate this check
(by using an environment variable) if a case arises where
`/proc/meminfo` doesn't accurately reflect the state of memory for a
particular use case.
Signed-off-by: Francis Deslauriers <francis.deslauriers@efficios.com>
A consumer management thread can be launched successsfully and yet
still report an error encoutered during its initialization. If
such an error occurs, the cleanup function is invoked explicitly
in the error path and will be called again when the last reference
to the thread is released.
Fix: don't destroy the sockets if the snapshot was successful
Missing a goto to skip the error condition that was destroying the
relayd sockets even if a snapshot was successful. We want to keep them
open to reuse them for the next snapshots.
Jonathan Rajotte [Wed, 16 Jan 2019 18:38:57 +0000 (13:38 -0500)]
Fix: run-as thread deadlock on itself in restart error path
The deadlock was found using this backtrace
Thread 5:
0 __lll_lock_wait () at ../sysdeps/unix/sysv/linux/x86_64/lowlevellock.S:135
1 0x00007efc6b650023 in __GI___pthread_mutex_lock (mutex=mutex@entry=0x55fc37128400 <worker_lock>) at ../nptl/pthread_mutex_lock.c:78
2 0x000055fc36efbe05 in run_as_destroy_worker () at runas.c:1233
3 0x000055fc36efc2e7 in run_as_restart_worker (worker=<optimized out>) at runas.c:998
4 run_as (cmd=cmd@entry=RUN_AS_UNLINK, data=data@entry=0x7efc5b7fa630, ret_value=ret_value@entry=0x7efc5b7fa510, uid=uid@entry=1000, gid=gid@entry=1000) at runas.c:1033
5 0x000055fc36efc9ce in run_as_unlink (path=path@entry=0x7efc5b7fb690 "/home/joraj/lttng-traces/auto-20190116-111518/20190116T111729-0500-33/kernel/index/channel0_3.idx", uid=uid@entry=1000, gid=gid@entry=1000) at runas.c :1120
6 0x000055fc36ef7feb in utils_unlink_stream_file (path_name=path_name@entry=0x7efc5b7fc7e0 "/home/joraj/lttng-traces/auto-20190116-111518/20190116T111729-0500-33/kernel/index", file_name=file_name@entry=0x7efc500085d4 "channel0_3", size=size@entry=0, count=count@entry=0, uid=uid@entry=1000, gid=gid@entry=1000, suffix=0x55fc36f19b26 ".idx") at utils.c:929
7 0x000055fc36f01d4e in lttng_index_file_create (path_name=path_name@entry=0x7efc500087a0 "/home/joraj/lttng-traces/auto-20190116-111518/20190116T111729-0500-33/kernel", stream_name=stream_name@entry=0x7efc500085d4 "channel0_3", uid=1000, gid=1000, size=0, count=0, major=1, minor=1) at index.c:79
8 0x000055fc36ed9475 in rotate_local_stream (ctx=<optimized out>, stream=0x7efc50008460) at consumer.c:4105
9 0x000055fc36ed98b5 in lttng_consumer_rotate_stream (ctx=ctx@entry=0x55fc37428d80, stream=stream@entry=0x7efc50008460, rotated=rotated@entry=0x7efc5b7fdb27) at consumer.c:4181
10 0x000055fc36ee354e in lttng_kconsumer_read_subbuffer (stream=stream@entry=0x7efc50008460, ctx=ctx@entry=0x55fc37428d80, rotated=rotated@entry=0x7efc5b7fdb27) at kernel-consumer.c:1740
11 0x000055fc36ed7a30 in lttng_consumer_read_subbuffer (stream=0x7efc50008460, ctx=0x55fc37428d80) at consumer.c:3383
12 0x000055fc36ed4b74 in consumer_thread_data_poll (data=0x55fc37428d80) at consumer.c:2751
13 0x00007efc6b64d6db in start_thread (arg=0x7efc5b7fe700) at pthread_create.c:463
14 0x00007efc6af6488f in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:95
The owner of the lock is itself:
print worker_lock.__data.__owner
$2 = 25725
thread find 25725
Thread 5 has target id 'Thread 0x7efc5b7fe700 (LWP 25725)'
The worker_lock is first taken in frame #4: run_as runas.c:1033
pthread_mutex_lock(&worker_lock);
if (use_clone()) {
...
/*
* If the worker thread crashed the errno is set to EIO. we log
* the error and start a new worker process.
*/
if (ret == -1 && saved_errno == EIO) {
DBG("Socket closed unexpectedly... "
"Restarting the worker process");
-> ret = run_as_restart_worker(global_worker);
if (ret == -1) {
ERR("Failed to restart worker process.");
goto err;
}
Solution
========
Create run_as_restart_worker_no_lock which does not to take the lock on
execution.
Use run_as_restart_worker_no_lock at the run_as error path call site.
Use run_as_restart_worker_no_lock inside run_as_restart_worker while
holding the worker lock to provide identical behaviour to other call sites.
Signed-off-by: Jonathan Rajotte <jonathan.rajotte-julien@efficios.com> Signed-off-by: Jérémie Galarneau <jeremie.galarneau@efficios.com>
Fix: missing rcu read locking in trigger "unregister all" command
While the notification subsystem all runs within a single thread,
the iteration over the triggers hash table must be protected using
the RCU read-side lock since the RCU worker may resize the hash
table while the iteration is performed.
Fix: leak of filter bytecode and expression on agent event re-enable
The agent subsystem does not properly assume the clean-up of an
event's filter bytecode and expression when a previously disabled
event is re-enabled.
This change ensures that the ownership of both the filter bytecode
and expression is assumed by the agent subsystem and discarded
when a matching event is found.
Steps to reproduce the leak:
$ lttng create
$ lttng enable-event --python allo --filter 'a[42] == 241'
$ lttng disable-event --python allo
$ lttng enable-event --python allo --filter 'a[42] == 241'
Fix: leak of lttng-consumerd global HTs in run-as worker
All resources allocated by the consumerd before the launch
of the run-as worker process are leaked since the run-as process
is only fork()'ed (the original process image is preserved).
Moving the launch of the worker earlier in the initialization
of the consumerd works around this problem.
Fix: leak of sessiond configuration on launch of run-as worker
The run-as worker is spawned through fork() without using
exec*(). This means that any resource allocated by the session
daemon before the launch of the run-as worker will be leaked in
the run-as worker's process.
A callback is added to the run_as launch interface to allow users
a chance to clean-up after the fork occurs. This mechanism is
fragile as it may not always be easy (or possible) to track all
such resources in the future. This makes a strong argument for using a
new process image (through exec*()) and forego any such problem at
some point.
The lttng-consumerd from a similar (and more severe) problem with its
own run-as worker. A fix adressing the consumerd's problem follows.
projects / lttng-tools.git / log
