From f73d5cad4e9aa5baa0a763a76cf4516721d29b2a Mon Sep 17 00:00:00 2001
From: Dave Brolley <brolley@redhat.com>
Date: Wed, 13 Jan 2010 15:07:52 -0500
Subject: Test newline characters as part of fuzzing argument strings.

---
 testsuite/systemtap.server/server_args.exp | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/testsuite/systemtap.server/server_args.exp b/testsuite/systemtap.server/server_args.exp
index 015026e7..f30b8b5f 100644
--- a/testsuite/systemtap.server/server_args.exp
+++ b/testsuite/systemtap.server/server_args.exp
@@ -20,6 +20,7 @@ proc stap_direct_and_with_client {stap stap_client options} {
     # recursively passes it to the tcl interpreter. Special
     # characters need to be quoted.
     regsub -all "\[\"\\\\;\]" $options {\\\0} options
+    regsub -all "\[\n\]" $options {\\n} options
 
     verbose -log "eval exec $stap $options"
     catch {eval exec $stap $options} res_stap
@@ -140,7 +141,7 @@ foreach options $previously_fixed {
 # Check that running systemtap with the client/server generates output
 # comparable to running stap directly.
 set dangerous_options [list "-I" "-R" "-e" "-B" "-D" "-c"]
-set argchars "0123456789;*'=-\\\" abcdefghijklmnopqrstuvwxyz"
+set argchars "0123456789;*'=-\\\"\n abcdefghijklmnopqrstuvwxyz"
 
 for {set i 0} {$i < $iterations} {incr i} {
     verbose -log "Iteration $i"
-- 
cgit 


From 500e8104647413aa7f1cb0278dbcd0c57d6f1786 Mon Sep 17 00:00:00 2001
From: David Smith <dsmith@redhat.com>
Date: Wed, 13 Jan 2010 14:13:15 -0600
Subject: PR 11167 fixed by adding compat_sys_sigaction to the
 syscall.sigaction32 probe.

* tapset/syscalls2.stp (syscall.sigaction32): Added
  kernel.function("compat_sys_sigaction").
  (syscall.sigaction32.return): Ditto.
---
 tapset/syscalls2.stp | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/tapset/syscalls2.stp b/tapset/syscalls2.stp
index 8f4e1b8a..4fa7bac3 100644
--- a/tapset/syscalls2.stp
+++ b/tapset/syscalls2.stp
@@ -2457,7 +2457,8 @@ probe syscall.sigaction.return = kernel.function("sys_sigaction").return ?
 	name = "sigaction"
 	retstr = returnstr(1)
 }
-probe syscall.sigaction32 = kernel.function("sys32_sigaction").call ?
+probe syscall.sigaction32 = kernel.function("sys32_sigaction").call ?,
+			    kernel.function("compat_sys_sigaction").call ?
 {
 	name = "sigaction"
 	sig = $sig
@@ -2465,7 +2466,8 @@ probe syscall.sigaction32 = kernel.function("sys32_sigaction").call ?
 	oact_uaddr = $oact
 	argstr = sprintf("%s, {%s}, %p", _signal_name($sig), _struct_old_sigaction32_u($act), $oact)
 }
-probe syscall.sigaction32.return = kernel.function("sys32_sigaction").return ?
+probe syscall.sigaction32.return = kernel.function("sys32_sigaction").return ?,
+				   kernel.function("compat_sys_sigaction").return ?
 {
 	name = "sigaction"
 	retstr = returnstr(1)
-- 
cgit 


From 4732f8a465430d9c3775f83ec8d11028ebd3eddd Mon Sep 17 00:00:00 2001
From: "Frank Ch. Eigler" <fche@elastic.org>
Date: Wed, 13 Jan 2010 16:35:48 -0500
Subject: build fix: rhbz55060: stdlib.h vs sys/wait.h __WAIT_STATUS conflicts

---
 doc/SystemTap_Tapset_Reference/docproc.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/doc/SystemTap_Tapset_Reference/docproc.c b/doc/SystemTap_Tapset_Reference/docproc.c
index 35bdc68b..840d1df7 100644
--- a/doc/SystemTap_Tapset_Reference/docproc.c
+++ b/doc/SystemTap_Tapset_Reference/docproc.c
@@ -35,13 +35,13 @@
  */
 
 #include <stdio.h>
-#include <stdlib.h>
 #include <string.h>
 #include <ctype.h>
 #include <unistd.h>
 #include <limits.h>
-#include <sys/types.h>
 #include <sys/wait.h>
+#include <sys/types.h>
+#include <stdlib.h>
 
 /* exitstatus is used to keep track of any failing calls to kernel-doc,
  * but execution continues. */
-- 
cgit 


From 3c5b8e2b99a772e3d19d6c4bf26b3a06037523a4 Mon Sep 17 00:00:00 2001
From: Stan Cox <scox@redhat.com>
Date: Wed, 13 Jan 2010 22:26:10 -0500
Subject: Use __access_process_vm_noflush for static user semaphore decrement.

* access_process_vm (__access_process_vm_noflush): New
* tapsets.cxx (uprobe_derived_probe_group::emit_module_exit):  Use it.
* translate.cxx (translate_pass):  Declare it.
---
 runtime/access_process_vm.h | 57 ++++++++++++++++++++++++++++++++++++++++++---
 tapsets.cxx                 |  4 ++--
 translate.cxx               |  1 +
 3 files changed, 57 insertions(+), 5 deletions(-)

diff --git a/runtime/access_process_vm.h b/runtime/access_process_vm.h
index 70489d48..eda160e9 100644
--- a/runtime/access_process_vm.h
+++ b/runtime/access_process_vm.h
@@ -5,7 +5,17 @@
  */
 #include <linux/pagemap.h>
 #include <asm/cacheflush.h>
-static int __access_process_vm(struct task_struct *tsk, unsigned long addr, void *buf, int len, int write)
+
+static int
+__access_process_vm_(struct task_struct *tsk, unsigned long addr, void *buf,
+		     int len, int write,
+		     void (*writer)(struct vm_area_struct *vma,
+				    struct page *page, unsigned long vaddr,
+				    void *dst, void *src, int len),
+		     void (*reader)(struct vm_area_struct *vma,
+				    struct page *page, unsigned long vaddr,
+				    void *dst, void *src, int len)
+)
 {
 	struct mm_struct *mm;
 	struct vm_area_struct *vma;
@@ -34,11 +44,11 @@ static int __access_process_vm(struct task_struct *tsk, unsigned long addr, void
 
 		maddr = kmap(page);
 		if (write) {
-			copy_to_user_page(vma, page, addr,
+			writer(vma, page, addr,
 					  maddr + offset, buf, bytes);
 			set_page_dirty_lock(page);
 		} else {
-			copy_from_user_page(vma, page, addr,
+			reader(vma, page, addr,
 					    buf, maddr + offset, bytes);
 		}
 		kunmap(page);
@@ -52,3 +62,44 @@ static int __access_process_vm(struct task_struct *tsk, unsigned long addr, void
 
 	return buf - old_buf;
 }
+
+static void
+copy_to_user_page_ (struct vm_area_struct *vma, struct page *page, unsigned long vaddr,
+		   void *dst, void *src, int len)
+{
+  copy_to_user_page (vma, page, vaddr, dst, src, len);
+}
+
+static void
+copy_from_user_page_ (struct vm_area_struct *vma, struct page *page, unsigned long vaddr,
+		      void *dst, void *src, int len)
+{
+  copy_from_user_page (vma, page, vaddr, dst, src, len);
+}
+
+static int __access_process_vm(struct task_struct *tsk, unsigned long addr, void *buf, int len, int write)
+{
+  return __access_process_vm_(tsk, addr, buf, len, write, copy_to_user_page_, copy_from_user_page_);
+}
+
+/*  This simpler version does not flush the caches.  */
+
+static void
+copy_to_user_page_noflush (struct vm_area_struct *vma, struct page *page, unsigned long vaddr,
+		   void *dst, void *src, int len)
+{
+  memcpy (dst, src, len);
+}
+
+static void
+copy_from_user_page_noflush (struct vm_area_struct *vma, struct page *page, unsigned long vaddr,
+		   void *dst, void *src, int len)
+{
+  memcpy (dst, src, len);
+}
+
+static int __access_process_vm_noflush(struct task_struct *tsk, unsigned long addr, void *buf, int len, int write)
+{
+  return __access_process_vm_(tsk, addr, buf, len, write, copy_to_user_page_noflush, copy_from_user_page_noflush);
+}
+
diff --git a/tapsets.cxx b/tapsets.cxx
index 4b6305b2..83c626df 100644
--- a/tapsets.cxx
+++ b/tapsets.cxx
@@ -5146,12 +5146,12 @@ uprobe_derived_probe_group::emit_module_exit (systemtap_session& s)
   s.op->newline() << "#endif /* 2.6.31 */";
 
   s.op->newline() << "if (tsk) {"; // just in case the thing exited while we weren't watching
-  s.op->newline(1) << "if (get_user (sdt_semaphore, (unsigned short __user*) sup->sdt_sem_address) == 0) {";
+  s.op->newline(1) << "if (__access_process_vm_noflush(tsk, sup->sdt_sem_address, &sdt_semaphore, sizeof(sdt_semaphore), 0)) {";
   s.op->newline(1) << "sdt_semaphore --;";
   s.op->newline() << "#ifdef DEBUG_UPROBES";
   s.op->newline() << "_stp_dbug (__FUNCTION__,__LINE__, \"-semaphore %#x @ %#lx\\n\", sdt_semaphore, sup->sdt_sem_address);";
   s.op->newline() << "#endif";
-  s.op->newline() << "put_user (sdt_semaphore, (unsigned short __user*) sup->sdt_sem_address);";
+  s.op->newline() << "__access_process_vm_noflush(tsk, sup->sdt_sem_address, &sdt_semaphore, sizeof(sdt_semaphore), 1);";
   s.op->newline(-1) << "}";
   // XXX: need to analyze possibility of race condition
   s.op->newline(-1) << "}";
diff --git a/translate.cxx b/translate.cxx
index 88e69a66..81b8bef5 100644
--- a/translate.cxx
+++ b/translate.cxx
@@ -5238,6 +5238,7 @@ translate_pass (systemtap_session& s)
       s.op->newline() << "#include <linux/version.h>";
       // s.op->newline() << "#include <linux/compile.h>";
       s.op->newline() << "#include \"loc2c-runtime.h\" ";
+      s.op->newline() << "#include \"access_process_vm.h\" ";
 
       s.up->emit_common_header (); // context etc.
 
-- 
cgit