| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Mon, 14 Mar 2011 16:30:28 -0700 From: Andrew Morton <akpm@...ux-foundation.org> To: Srikar Dronamraju <srikar@...ux.vnet.ibm.com> Cc: Peter Zijlstra <peterz@...radead.org>, Ingo Molnar <mingo@...e.hu>, Steven Rostedt <rostedt@...dmis.org>, Linux-mm <linux-mm@...ck.org>, Arnaldo Carvalho de Melo <acme@...radead.org>, Linus Torvalds <torvalds@...ux-foundation.org>, Masami Hiramatsu <masami.hiramatsu.pt@...achi.com>, Christoph Hellwig <hch@...radead.org>, Ananth N Mavinakayanahalli <ananth@...ibm.com>, Andi Kleen <andi@...stfloor.org>, Oleg Nesterov <oleg@...hat.com>, Jim Keniston <jkenisto@...ux.vnet.ibm.com>, Roland McGrath <roland@...k.frob.com>, SystemTap <systemtap@...rces.redhat.com>, LKML <linux-kernel@...r.kernel.org>, "Paul E. McKenney" <paulmck@...ux.vnet.ibm.com> Subject: Re: [PATCH v2 2.6.38-rc8-tip 0/20] 0: Inode based uprobes On Mon, 14 Mar 2011 19:04:03 +0530 Srikar Dronamraju <srikar@...ux.vnet.ibm.com> wrote: > Advantages of uprobes over conventional debugging include: > > 1. Non-disruptive. > Unlike current ptrace based mechanisms, uprobes tracing wouldnt > involve signals, stopping threads and context switching between the > tracer and tracee. > > 2. Much better handling of multithreaded programs because of XOL. > Current ptrace based mechanisms use single stepping inline, i.e they > copy back the original instruction on hitting a breakpoint. In such > mechanisms tracers have to stop all the threads on a breakpoint hit or > tracers will not be able to handle all hits to the location of > interest. Uprobes uses execution out of line, where the instruction to > be traced is analysed at the time of breakpoint insertion and a copy > of instruction is stored at a different location. On breakpoint hit, > uprobes jumps to that copied location and singlesteps the same > instruction and does the necessary fixups post singlestepping. > > 3. Multiple tracers for an application. > Multiple uprobes based tracer could work in unison to trace an > application. There could one tracer that could be interested in > generic events for a particular set of process. While there could be > another tracer that is just interested in one specific event of a > particular process thats part of the previous set of process. > > 4. Corelating events from kernels and userspace. > Uprobes could be used with other tools like kprobes, tracepoints or as > part of higher level tools like perf to give a consolidated set of > events from kernel and userspace. In future we could look at a single > backtrace showing application, library and kernel calls. How do you envisage these features actually get used? For example, will gdb be modified? Will other debuggers be modified or written? IOW, I'm trying to get an understanding of how you expect this feature will actually become useful to end users - the kernel patch is only part of the story. -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists