| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Fri, 20 Apr 2012 11:54:28 +0200 From: Peter Zijlstra <a.p.zijlstra@...llo.nl> To: Yanmin Zhang <yanmin_zhang@...ux.intel.com> Cc: Cong Wang <xiyou.wangcong@...il.com>, "Tu, Xiaobing" <xiaobing.tu@...el.com>, Lin Ming <mlin@...pku.edu.cn>, "akpm@...ux-foundation.org" <akpm@...ux-foundation.org>, "mingo@...e.hu" <mingo@...e.hu>, "rusty@...tcorp.com.au" <rusty@...tcorp.com.au>, "linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>, "rostedt@...dmis.org" <rostedt@...dmis.org>, "Zuo, Jiao" <jiao.zuo@...el.com> Subject: Re: [RFC 1/2] kernel patch for dump user space stack tool On Thu, 2012-04-19 at 13:17 +0800, Yanmin Zhang wrote: > 1) We could collect the HEX-format call chain data and /proc/XXX/maps > of all the processes quickly, then parse them either after rebooting, or > after the issue is reported. It could catch the scene just at the time point > when the error happens. Our experiments shows the tool could collect the data > of all processes within 200ms. No you can't, ever heard of address space randomization? > 2) The new tool won't stop the processes and have less impact on them. > Considering a scenario of performance bottleneck investigation, statistics collection > shouldn't have big impact on running processes. Maybe.. on these tiny systems you're working on most tasks will not be runnable anyway since you only have 1 (maybe 2) cpus and what's running is your dumper process, so most everything isn't runnable, attaching and dumping stack of all tasks isn't really much more expensive than this. the open/read/close you do on the proc files, along with the readdir etc.. are system-calls just like the ptrace alternative. > 3) It could support both i386 and x86-64. I tried pstack and it doesn't work > with x86-64. Yeah, and you'll need to extend it to ARM/MIPS/etc.. whereas there is plenty of userspace around that can already work on all those platforms -- if pstack cannot its weird, I'd think it would use all the regular binutils muck that already supports all the platforms. > 4) It follows /proc/XXX/stack interface and it's easy to use it. Uhm, not so very much, see your ASLR issue. Furthermore it requires all userspace be build with framepointers enabled -- which I think would be a good thing anyway -- but with which reality seems to disagree. -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists