Red Hat SummitChapter 7. Compiler and Tools
pcp rebased to version 3.11.8
The
Performance Co-Pilot application (PCP) has been upgraded to upstream version 3.11.81, which provides a number of bug fixes and enhancements over the previous version. Notable enhancements include:
- A new client tool
pcp2influxdbhas been added to allow export of performance metric values to theinfluxdbdatabase. - New client tools
pcp-mpstatandpcp-pidstathave been added to allow retrospective analysis of mpstat and pidstat values. - New performance metrics have been added for device mapper,
Cephdevices, cpusched cgroups, per-processor soft IRQs,buddyinfo,zoneinfo, shared memory,libvirt, same-page-sharing,lio,Redis, andDocker. - Additional performance metrics from several subsystems are now available for a variety of PCP analysis tools. (BZ#1423020)
systemtap rebased to version 3.1
The systemtap package has been upgraded to upstream version 3.1, which provides a number of bug fixes and enhancements over the previous version. Notable changes include:
- The probes for system calls no longer default to being based on
debuginfoinformation. - Support for probing
Pythonfunctions has been added. - Access to
Javafunction parameters has been made more uniform. - The performance of statistical aggregate variables has been improved.
- A new statistics operator
@variancehas been added. - More options for fetching and setting user-space values have been added.
- NFS monitoring has been improved with sample
valgrind rebased to version 3.12
The valgrind package has been upgraded to upstream version 3.12, which provides a number of bug fixes and enhancements over the previous version. Notable changes include:
- A new option
--ignore-range-below-sphas been added to the memcheck tool to ignore memory accesses below the stack pointer. This is a generic replacement for the now deprecated option--workaround-gcc296-bugs=yes. - The maximum number of callers in a suppression entry generated by the
--gen-suppressions=yesoption is now equal to the value given by the--num-callersoption. - The cost of instrumenting code blocks for the most common use case, the
memchecktool on the AMD64 and Intel 64 architectures, has been reduced. - Performance has been improved for debugging programs which discard a lot of instruction address ranges of 8KB or less.
- Support for IBM Power 9 (ISA 3.0) architecture has been added.
- Partial support for AMD FMA4 instructions has been added.
- Support for cryptographic and CRC instructions on the 64-bit ARM architecture version 8 has been added. (BZ#1391217)
New package: unitsofmeasurement
The unitsofmeasurement package enables expressing units of measurement in Java code. With the new API for units of measurement, handling of physical quantities is easier and less error-prone. The package's API is efficient in use of memory and resources. (BZ#1422263)
SSL/TLS certificate verification for HTTP clients is now enabled by default in the Python standard library
The default global setting for HTTP clients has been changed in the Python standard library to verify SSL/TLS certificates by default. Customers using the file-based configuration are not affected. For details, see https://access.redhat.com/articles/2039753. (BZ#1219110)
Support for %gemspec_add_dep and %gemspec_remove_dep has been added
This update adds support for the
%gemspec_add_dep and %gemspec_remove_dep macros. These macros allow easier adjustment of rubygem-* package dependencies. In addition, all current macros have been extended to improve support for pre-release version of packages. (BZ#1397390)
ipmitool rebased to version 1.8.18
The ipmitool package has been upgraded to upstream version 1.8.18, which provides a number of bug fixes and enhancements over the previous version. Notable changes include:
- The PEF user interface has been redesigned
- A new subcommand
lan6has been added for IP version 6 local area network parameters - Support for VITA-specific sensor types and events has been added
- Support for HMAC_MD5 and HMAC_SHA256 encryption has been added
- Support for checking PICMG extension 5.x has been added
- Support for USB medium as a new communication interface has been added
- The USB driver has been enabled by default for GNU Linux systems (BZ#1398658)
lshw updated for the little-endian variant of IBM Power
The lshw packages, which provide detailed information on the hardware configuration of a machine, have been updated for the little-endian variant of IBM Power System. (BZ#1368704)
perf now supports uncore events on Intel Xeon v5
With this update, Performance analysis tool for Linux (perf) has been updated to support uncore events on Intel Xeon v5 server CPU. These events provide additional performance monitoring information for advanced users. (BZ#1355919)
dmidecode updated
The dmidecode package has been updated to a later version, which provides several bug fixes and hardware enablement improvements. (BZ#1385884)
iSCSI now supports configuring the ALUA operation by using targetcli
With multiple paths from the initiator to a target, you can use Asymmetric Logical Unit Assignment (ALUA) to configure preferences for how to use the paths in a non-uniform, preferential way. The Linux-IO (LIO) kernel target has always supported this feature. With this update, you can use the
targetcli command shell to configure the ALUA operation. (BZ#1243410)
jansson rebased to version 2.10
The
jansson library has been updated to version 2.10, which provides several bug fixes and enhancements over the previous version. Notably, interfaces have been added to support the clevis, tang and jose applications. (BZ#1389805)
A new compatibility environmental variable for egrep and fgrep
In an earlier
grep rebase, the egrep and fgrep commands were replaced by grep -E and grep -F respectively. This change could affect customer scripts because only grep was shown in the outupt of the ps command. To prevent such problems, this update introduces a new compatibility environmental variable: GREP_LEGACY_EGREP_FGREP_PS. To preserve showing egrep and fgrep in ps output, set the variable to 1:
GREP_LEGACY_EGREP_FGREP_PS=1
(BZ#1297441)
lastcomm now supports the --pid option
The
lastcomm command now supports the --pid option. This option shows the process ID (PID) and parent-process ID (PPID) for each record if supported by the kernel. (BZ#1255183)
New package: perl-Perl4-CoreLibs
A new perl-Perl4-CoreLibs package is now available in the Base channel of Red Hat Enterprise Linux 7. This package contains libraries that were previously available in Perl 4 but were removed from Perl 5.16, which is distributed with Red Hat Enterprise Linux 7. In the previous release, these libraries were provided in a Perl subpackage through the Optional channel. (BZ#1366724)
tar now follows symlinks to directories when extracting from the archive
This update adds the
--keep-directory-symlink option to the tar command. This option changes the behavior of tar when it encounters a symlink with the same name as the directory that it is about to extract. By default, tar would first remove the symlink and then proceed extracting the directory. The --keep-directory-symlink option disables this behavior and instructs tar to follow symlinks to directories when extracting from the archive. (BZ#1350640)
The IO::Socket::SSL Perl module now supports restricting of TLS version
The
Net:SSLeay Perl module has been updated to support explicit specification of the TLS protocol versions 1.1 or 1.2 to improve security, and the IO::Socket::SSL module has been updated accordingly. When a new IO::Socket::SSL object is created, it is now possible to restrict the TLS version to 1.1 or 1.2 by setting the SSL_version option to TLSv1_1 or TLSv1_2 respectively. Alternatively, TLSv11 and TLSv12 can be used. Note that these values are case-sensitive. (BZ#1335035)
The Net:SSLeay Perl module now supports restricting of TLS version
The
Net:SSLeay Perl module has been updated to support explicit specification of the TLS protocol version, which can be used for improving security. To restrict TLS version to 1.1 or 1.2, set the Net::SSLeay::ssl_version variable to 11 or 12 respectively. (BZ#1335028)
wget now supports specification of the TLS protocol version
Previously, the
wget utility used the highest TLS protocol version 1.2 by default when connecting to a remote server. With this update, wget has been enhanced to allow the user to explicitly select the TLS protocol minor version by adding the --secure-protocol=TLSv1_1 or --secure-protocol=TLSv1_2 command-line options to the wget command. (BZ#1439811)
tcpdump rebased to version 4.9.0
The tcpdump package has been upgraded to upstream version 4.9.0, which provides a number of bug fixes and enhancements over the previous version. Notable changes include:
- Many security vulnerabilities have been fixed
- Numerous improvements have been made in the dissection of popular network protocols
- The default
snaplenfeature has been increased to 262144 bytes - The capture buffer has been enlarged to 4 MiB (BZ#1422473)
The option to set capture direction for tcpdump changed from -P to -Q
Previously, the
tcpdump utility in Red Hat Enterprise Linux used the -P option to set the capture direction, while the upstream version used -Q. The -Q option has been implemented and is now preferred. The -P option retains the previous function as an alias of -Q, but displays a warning. (BZ#1292056)
OpenJDK now supports SystemTap on the 64-bit ARM architecture
The
OpenJDK platform now supports introspection with the SystemTap instrumentation tool on the 64-bit ARM architecture. (BZ#1373986)
sos rebased to version 3.4
The sos package has been updated to upstream version 3.4, which provides a number of enhancements, new features, and bug fixes, including:
- New plug-ins have been added for
ceph_ansible,collectd,crypto,dracut,gnocchi,jars,nfsganesha,nodejs,npm,openstack_ansible,openstack_instack,openstack_manila,salt,saltmaster, andstorageconsole - API plug-in enhancements
- Internationalisation updates
- The networking plug-in no longer crashes when a network name contains the single quote character
' - The
foreman-debugplug-in is now run with a longer timeout to prevent incompleteforeman-debuginformation collected - Certain private SSL certificate files are no longer collected (BZ#1414879)
targetd rebased to version 0.8.6
The targetd packages have been upgraded to upstream version 0.8.6, which provides a number of bug fixes and enhancements over the previous version. Notably, the
targetd service now runs on either Python 2 or Python 3 run time, and the following APIs have been added: initiator_list, access_group_list, access_group_create, access_group_destroy, access_group_init_add, access_group_init_del, access_group_map_list, access_group_map_create, and access_group_map_destroy.
Notable bug fixes include:
targetdis now compliant with JSON-RPC response version 2.0.- the
export_createAPI can now be used to map the same LUN to multiple initiators. targetdnow ensures that SSL certificates are present at start-up. (BZ#1162381)
shim rebased to version 12-1
With this update, the shim package has been upgraded to upstream version 12-1, which provides a number of bug fixes and enhancements over the previous version. Notably, the support for 32-bit UEFI firmware and Extensible Firmware Interface (EFI) utilities has been added. (BZ#1310766)
rubygem-abrt rebased to version 0.3.0
The rubygem-abrt package has been rebased to version 0.3.0, which provides several bug fixes and enhancements over the previous version. Notably:
- The
Ruby ABRThandler now supportsuReports, automatic anonymous microreports. WithuReportsenabled, developers are promptly notified about application issues and are able to fix bugs and resolve problems faster. - Previously, when a
Rubyapplication was usingBundlerto manage its dependencies and an error occurred, an incorrect logic was used to load components of theRuby ABRThandler. Consequently, an unexpectedLoadReporterror was reported to the user instead of a properABRTreport. The loading logic has been fixed, and theRubyapplication errors are now correctly handled and reported usingABRT. (BZ#1418750)
New package: http-parser
The new http-parser package provides a utility for parsing HTTP messages. It parses both requests and responses. The parser is designed to be used in applications managing HTTP performance. It does not make any syscalls or allocations, it does not buffer data, and it can be interrupted at any time. Depending on your architecture, it only requires about 40 bytes of data per message stream. (BZ#1393819)
Intel and IBM POWER transactional memory support for all default POSIX mutexes
The default POSIX mutexes can be transparently substituted with Intel and IBM POWER transactional memory support, which significantly reduces the cost of lock acquisition. To enable transactional memory support for all default POSIX mutexes, set the
RHEL_GLIBC_TUNABLES=glibc.elision.enable environment variable to 1. As a result, performance of some applications can be improved.
Developers are advised to use profiling to decide whether enabling of this feature improves performance for their applications. (BZ#841653, BZ#731835)
glibc now supports group merging
The ability to merge group members from different Name Service modules has been added to
glibc. As a result, management of centralized user access control and group membership across multiple hosts is now easier. (BZ#1298975)
glibc now supports optimized string comparison functions on The IBM POWER9 architecture
The string comparison functions
strcmp and strncmp from the glibc library have been optimized for the IBM POWER9 architecture. (BZ#1320947)
Improved performance for dynamically loaded libraries using the Intel SSE, AVX and AVX512 features
Dynamic library loading has been updated for libraries using the Intel SSE, AVX, and AVX512 features. As a result, performance while loading these libraries has improved. Additionally, support for LD_AUDIT-style auditing has been added. (BZ#1421155)
elfutils rebased to version 0.168
The elfutils package has been upgraded to upstream version 0.168, which provides a number of bug fixes and enhancements:
- The option
--symbolsof theeu-readelfutility now allows selecting the section for displaying symbols. - New functions for the creation of ELF/DWARF string tables have been added to the
libdwlibrary. - The
DW_LANG_PL1constant has been changed toDW_LANG_PLI. The previous name is still accepted. - The return type of the
gelf_newehdrandgelf_newphdrfunctions from thelibelflibrary has been changed tovoid*for source compatibility with otherlibelfimplementations. This change retains binary compatibility on all platforms supported by Red Hat Enterprise Linux. (BZ#1400302)
bison rebased to version 3.0.4
The bison package has been upgraded to upstream version 3.0.4, which provides a number of bug fixes and enhancements:
- Endless diagnostics caused by caret errors have been fixed.
- The
-Werror=CATEGORYoption has been added to treat specified warnings as errors. The warnings do not have to be explicitly activated using the-Woption. - Many improvements in handling of precedence rules and useless rules.
Additionally, the following changes breaking backward compatibility have been introduced:
- The following features have been deprecated:
YYFAIL,YYLEX_PARAM,YYPARSE_PARAM,yystype,yyltype - Missing semicolons at the end of actions are no longer automatically added.
- To use Bison extensions with the
autoconfutility versions 2.69 and earlier, pass the option-Wno-yaccto(AM_)YFLAGS. (BZ#1306000)
The system default CA bundle has been set as default in the compiled-in default setting or configuration in Mutt
Previously, when connecting to a new system via TLS/SSL, the
Mutt email client required the user to save the certificate. With this update, the system Certificate Authority (CA) bundle is set in Mutt by default. As a result, Mutt now connects via SSL/TLS to hosts with a valid certificate without prompting the user to approve or reject the certificate. (BZ#1388511)
objdump mixed listing speed up
Previously, the BFD library for parsing DWARF debug information and locating source code was very slow. The BFD library is used by the
objdump tool. As a consequence, objdump became significantly slower when producing a mixed listing of source code and disassembly. Performance of the BFD library has been improved. As a result, producing a mixed listing with objdump is faster. (BZ#1366052)
ethtool support for human readable output from the fjes driver
The
ethtool utility has been enhanced to provide a human readable form of register dump output from the fjes driver. As a result, users of ethtool can inspect the Fujitsu Extended Socket Network Device driver more comfortably. (BZ#1402701)
ecj rebased to version 4.5.2
The ecj package has been upgraded to upstream version 4.5.2, which provides a number of bug fixes and enhancements over the previous version. Notably, support for features added to the Java language in version 8 has been completed. As a result, compilation of Java code using Java 8 features no longer fails. This includes cases where code not using Java 8 features referenced code using these features, such as system classes provided by the Java Runtime Environment. (BZ#1379855)
rhino rebased to version 1.7R5
The rhino package has been upgraded to upstream version 1.7R5, which provides a number of bug fixes and enhancements over the previous version. Notably, the former problem with an infinite loop while parsing regular expressions has been fixed. Applications using
Rhino that previously encountered this bug now function correctly. (BZ#1350331)
scap-security-guide and oscap-docker now support containers
The user can now use the
oscap-docker utility and the SCAP Security Guide to assess compliance of container or container image without encountering false positive results. Tests that make no sense in container context, such as partitioning, has been set to the not applicable value, and containers can be now scanned with a selected security policy. (BZ#1404392)
