lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <alpine.LRH.2.20.2106241339140.27231@Diego>
Date:   Thu, 24 Jun 2021 13:44:43 +0200 (CEST)
From:   Michael Petlan <mpetlan@...hat.com>
To:     Namhyung Kim <namhyung@...nel.org>
cc:     Jiri Olsa <jolsa@...hat.com>,
        Arnaldo Carvalho de Melo <acme@...nel.org>,
        Ian Rogers <irogers@...gle.com>,
        lkml <linux-kernel@...r.kernel.org>,
        Peter Zijlstra <a.p.zijlstra@...llo.nl>,
        Ingo Molnar <mingo@...nel.org>,
        Mark Rutland <mark.rutland@....com>,
        Alexander Shishkin <alexander.shishkin@...ux.intel.com>,
        Riccardo Mancini <rickyman7@...il.com>
Subject: Re: [RFC 00/10] perf: Add build id parsing fault detection/fix

On Wed, 23 Jun 2021, Namhyung Kim wrote:
> Hi Jiri,
> 
> Thanks for your work!
> 
> On Tue, Jun 22, 2021 at 2:19 PM Jiri Olsa <jolsa@...hat.com> wrote:
> >
> > On Tue, Jun 22, 2021 at 03:14:04PM -0300, Arnaldo Carvalho de Melo wrote:
> > > Em Tue, Jun 22, 2021 at 10:47:54AM -0700, Ian Rogers escreveu:
> > > > On Tue, Jun 22, 2021 at 10:39 AM Arnaldo Carvalho de Melo
> > > > <acme@...nel.org> wrote:
> > > > >
> > > > > Em Tue, Jun 22, 2021 at 05:39:08PM +0200, Jiri Olsa escreveu:
> > > > > > hi,
> > > > > > this *RFC* patchset adds support to detect faults during
> > > > > > mmap2's build id parsing and a way to fix such maps in
> > > > > > generated perf.data.
> > > > > >
> > > > > > It adds support to record build id faults count for session
> > > > > > and store it in perf.data and perf inject support to find
> > > > > > these maps and reads build ids for them in user space.
> > > > >
> > > > > > It's probably best explained by the workflow:
> > > > > >
> > > > > >   Record data with --buildid-mmap option:
> > > > > >
> > > > > >     # perf record --buildid-mmap ...
> > > > > >     ...
> > > > > >     [ perf record: Woken up 1 times to write data ]
> > > > > >     [ perf record: Failed to parse 4 build ids]
> > > > > >     [ perf record: Captured and wrote 0.008 MB perf.data ]
> > > > > >
> > > > > >   Check if there's any build id fault reported:
> > > > > >
> > > > > >     # perf report --header-only
> > > > > >     ...
> > > > > >     # build id mmap stats: FAULTS 4, LOST 0, NOT FIXED
> > > > > >
> > > > > >   There is, check the stats:
> > > > > >
> > > > > >     # perf report --stat
> > > > > >
> > > > > >     Aggregated stats:
> > > > > >              TOTAL events:        104
> > > > > >                       ....
> > > > > >            BUILD_ID fails:          4  (14.3%)
> > > > > >
> > > > > >   Yep, let's fix it:
> > > > > >
> > > > > >     # perf inject --buildid-mmap2 -i perf.data -o perf-fixed.data
> > > > >
> > > > > Can we make it possible to automate this with --fixup-buildids or a
> > > > > perfconfig 'record' knob?
> > > > >
> > > > > This would entail requesting that build-ids that _fail_ be sent to the
> > > > > side-band thread we have in 'perf record', this way we wouldn't have to
> > > > > traverse the whole perf.data file, be it with 'perf-record' at the end
> > > > > of a session with faulty build ids, or in a similar fashion using 'perf
> > > > > inject' as you suggest.
> > > > >
> > > > > I even think that we can have all these modes and let the user to decide
> > > > > how important is this for them and how convenient they want the whole
> > > > > process to be.
> >
> > right, that might be good to decide first.. because as I said,
> > I never hit faulted build id, so it probably needs the special
> > setup you guys are using.. could you try on your setup and check
> > how many faulted build ids you see?
> 
> Did you check data mmaps?  It might be easy to get faults
> from data files and we don't know if it's an ELF or not
> before reading the ELF header in the first page.

Hi. Long ago, I have noticed samples pointing to purely data files,
such as if the program execution was sampled just in the middle of
them. However, these files couldn't certainly contain any executable
code... It was quite hard to reproduce this.

Maybe what Namhyung says might have been a culprit for it? Just an
idea...

Michael
> 
> I'm not sure if we can limit it to exec mappings, there might
> be data-only DSOs and we may want to symbolize them too.
> 
> Thanks,
> Namhyung
> 
> 

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ