Re: [PATCH -tip v4 0/6] kprobes: introduce NOKPROBE_SYMBOL() and fixes crash bugs

From: Frank Ch. Eigler
Date: Fri Dec 06 2013 - 20:33:37 EST

Next message: Chen-Yu Tsai: "Re: [PATCH 07/10] ARM: dts: sun7i: cubietruck: Enable the GMAC"
Previous message: John Stultz: "[PATCH] my first attempt at reworking bigadjust for nohz"
In reply to: Masami Hiramatsu: "Re: [PATCH -tip v4 0/6] kprobes: introduce NOKPROBE_SYMBOL() andfixes crash bugs"
Next in thread: Masami Hiramatsu: "Re: [PATCH -tip v4 0/6] kprobes: introduce NOKPROBE_SYMBOL() andfixes crash bugs"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Hi -

On Sat, Dec 07, 2013 at 08:19:13AM +0900, Masami Hiramatsu wrote:

> [...]
> > Would you plan to limit kprobes (or just the perf-probe frontend) to
> > only function-entries also?

> Exactly, yes :). Currently I have a patch for kprobe-tracer
> implementation (not only for perf-probe, but doesn't limit kprobes
> itself).

Interesting option. It sounds like a restrictive expedient that could
result in kprobes never being made sufficiently robust.

> > If not, and if intra-function statement-granularity kprobes remain
> > allowed within a function-granularity whitelist, then you might
> > still have those "quantitative" problems.

> Yes, but as far as I've tested, the performance overhead is not
> high, especially as far as putting kprobes at the entry of those
> functions because of ftrace-based optimization.

(Would that also make CONFIG_KPROBE_EVENT require KPROBES_ON_FTRACE?)

> > Even worse, kprobes robustness problems can bite even with a small
> > whitelist, unless you can test the countless subset selections
> > cartesian-product the aggrevating factors (like other tracing
> > facilities being in use at the same time, limited memory, high irq
> > rates, debugging sessions, architectures, whatever).
>
> And also, what script will run on each probe, right? :)

In the perf-probe world, the closest analogue could be varying the
contextual data that's being extracted (stack traces, parameters, ...).

> >> [...] For the long term solution, I think we can introduce some
> >> kind of performance gatekeeper as systemtap does. Counting the
> >> miss-hit rate per second and if it go over a threshold, disable next
> >> miss-hit (or most miss-hit) probe (as OOM killer does).
> >
> > That would make sense, but again it would not help deal with kprobes
> > robustness (in the kernel-crashing rather than kernel-slowdown sense).
>
> Why would you think so? Is there any hidden path for calling kprobes
> mechanism?? The kernel crash problem just comes from bugs, not the
> quantitative issue.

I don't think we're disagreeing. A performance-gatekeeper in
perf-probe or nearby would be useful (and manage the kprobe-quantity
problem). It would not be sufficient to prevent the kernel-crashing
bugs.

- FChE
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Chen-Yu Tsai: "Re: [PATCH 07/10] ARM: dts: sun7i: cubietruck: Enable the GMAC"
Previous message: John Stultz: "[PATCH] my first attempt at reworking bigadjust for nohz"
In reply to: Masami Hiramatsu: "Re: [PATCH -tip v4 0/6] kprobes: introduce NOKPROBE_SYMBOL() andfixes crash bugs"
Next in thread: Masami Hiramatsu: "Re: [PATCH -tip v4 0/6] kprobes: introduce NOKPROBE_SYMBOL() andfixes crash bugs"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]