.`systemtap` scripts using guru mode now compile more quickly
The `systemtap` guru mode liveness analysis uses the `dyninst` library to parse binaries. Newer kernels enable mitigation code with `CONFIG_RETPOLINE=y`, replacing traditional RET instructions, with jumps to a thunk. As a consequence, binary analysis took a much longer time due to the liveness analysis needing to examine all additional edges of the control flow graph introduced by the jumps to the thunk.
With this update, `systemtap` disables liveness analysis when the kernel code is using thunks and, as a result, `systemtap` scripts using guru mode compile more quickly.
There is a workaround in systemtap that avoids this issue:
commit 71f89cccaf464c250c4497b7ec2a8e245b6704c4 (HEAD -> master, origin/master, origin/HEAD)
Author: Frank Ch. Eigler <fche>
Date: Wed Apr 19 11:23:16 2023 -0400
BZ2180328: disable pass-2 dyninst liveness analysis on CONFIG_RETPOLINE kernels
As a stopgap measure, ameliorate the dramatic dyninst analysis time
required to liveness-check $var assignments in kernels compiled with
retpolines. Just skip the effort (with a warning).
See also: https://github.com/dyninst/dyninst/issues/1305 .
This should be fixed by the rebase of systemtap. The reproducer runs in a reasonable amount of time using a systemtap that includes that patch:
$ sudo time stap -v -g fork.stp -c "./ssh.exp bz1028643 bbb" -o fork.stp.log
Pass 1: parsed user script and 504 library scripts using 358256virt/153728res/16940shr/138804data kb, in 250usr/30sys/292real ms.
WARNING: liveness analysis skipped on CONFIG_RETPOLINE kernel /usr/lib/debug/lib/modules/4.18.0-486.el8.x86_64/vmlinux: identifier '$return' at fork.stp:23:9
source: $return = -1
^
Pass 2: analyzed script: 1 probe, 2 functions, 0 embeds, 0 globals using 424420virt/221316res/18092shr/204968data kb, in 960usr/80sys/1039real ms.
Pass 3: using cached /root/.systemtap/cache/d0/stap_d0695e7c49ad338c333097e4c14796f6_1447.c
Pass 4: using cached /root/.systemtap/cache/d0/stap_d0695e7c49ad338c333097e4c14796f6_1447.ko
Pass 5: starting run.
spawn ssh -o ConnectTimeout=10 bz1028643@localhost pwd
Connection closed by ::1 port 22
Pass 5: run completed in 10usr/20sys/347real ms.
1.35user 0.15system 0:01.82elapsed 82%CPU (0avgtext+0avgdata 489836maxresident)k
0inputs+2776outputs (0major+58601minor)pagefaults 0swaps
There is a workaround in systemtap that avoids this issue: commit 71f89cccaf464c250c4497b7ec2a8e245b6704c4 (HEAD -> master, origin/master, origin/HEAD) Author: Frank Ch. Eigler <fche> Date: Wed Apr 19 11:23:16 2023 -0400 BZ2180328: disable pass-2 dyninst liveness analysis on CONFIG_RETPOLINE kernels As a stopgap measure, ameliorate the dramatic dyninst analysis time required to liveness-check $var assignments in kernels compiled with retpolines. Just skip the effort (with a warning). See also: https://github.com/dyninst/dyninst/issues/1305 . This should be fixed by the rebase of systemtap. The reproducer runs in a reasonable amount of time using a systemtap that includes that patch: $ sudo time stap -v -g fork.stp -c "./ssh.exp bz1028643 bbb" -o fork.stp.log Pass 1: parsed user script and 504 library scripts using 358256virt/153728res/16940shr/138804data kb, in 250usr/30sys/292real ms. WARNING: liveness analysis skipped on CONFIG_RETPOLINE kernel /usr/lib/debug/lib/modules/4.18.0-486.el8.x86_64/vmlinux: identifier '$return' at fork.stp:23:9 source: $return = -1 ^ Pass 2: analyzed script: 1 probe, 2 functions, 0 embeds, 0 globals using 424420virt/221316res/18092shr/204968data kb, in 960usr/80sys/1039real ms. Pass 3: using cached /root/.systemtap/cache/d0/stap_d0695e7c49ad338c333097e4c14796f6_1447.c Pass 4: using cached /root/.systemtap/cache/d0/stap_d0695e7c49ad338c333097e4c14796f6_1447.ko Pass 5: starting run. spawn ssh -o ConnectTimeout=10 bz1028643@localhost pwd Connection closed by ::1 port 22 Pass 5: run completed in 10usr/20sys/347real ms. 1.35user 0.15system 0:01.82elapsed 82%CPU (0avgtext+0avgdata 489836maxresident)k 0inputs+2776outputs (0major+58601minor)pagefaults 0swaps