archive mirror
 help / color / mirror / Atom feed
From: Miroslav Benes <>
To: Mark Rutland <>
Cc:, Jiri Kosina <>,
	Joe Lawrence <>,
	Jonathan Corbet <>,
	Josh Poimboeuf <>,
	Mark Brown <>, Petr Mladek <>,,
Subject: Re: [PATCH] Documentation: livepatch: document reliable stacktrace
Date: Thu, 29 Oct 2020 11:04:48 +0100 (CET)	[thread overview]
Message-ID: <> (raw)
In-Reply-To: <>


On Fri, 23 Oct 2020, Mark Rutland wrote:

> Add documentation for reliable stacktrace. This is intended to describe
> the semantics and to be an aid for implementing architecture support for

thanks a lot for doing the work!

> Unwinding is a subtle area, and architectures vary greatly in both
> implementation and the set of concerns that affect them, so I've tried
> to avoid making this too specific to any given architecture. I've used
> examples from both x86_64 and arm64 to explain corner cases in more
> detail, but I've tried to keep the descriptions sufficient for those who
> are unfamiliar with the particular architecture.

Yes, I think it is a good approach. We can always add more details later, 
but it would probably cause more confusion for those unfamiliar.

> I've tried to give rationale for all the recommendations/requirements,
> since that makes it easier to spot nearby issues, or when a check
> happens to catch a few things at once. I believe what I have written is
> sound, but as some of this was reverse-engineered I may have missed
> things worth noting.
> I've made a few assumptions about preferred behaviour, notably:
> * If you can reliably unwind through exceptions, you should (as x86_64
>   does).

Yes, it does. I think (and Josh will correct me if I am wrong here), that 
even at the beginning the intention was to improve the reliability of 
unwinding in general. Both x86_64 and s390x are the case. _reliable() 
interface only takes an advantage of that. As you pointed out in the 
document, unwinding through exceptions is not necessary. It can be 
reported as unreliable and we can deal with that later. But it is always 
better to do it if possible.

powerpc is an exception to the approach, because it implements its 
_reliable() API from the scratch.

> * It's fine to omit ftrace_return_to_handler and other return
>   trampolines so long as these are not subject to patching and the
>   original return address is reported. Most architectures do this for
>   ftrace_return_handler, but not other return trampolines.

Yes. Patching a trampoline is not something I can imagine, so that should 
not be a problem. But one never knows and we may run into a problem here 
easily. I don't remember if we even audited all the trampolines. And new 
ones are introduced all the time.

> * For cases where link register unreliability could result in duplicate
>   entries in the trace or an inverted trace, I've assumed this should be
>   treated as unreliable. This specific case shouldn't matter to
>   livepatching, but I assume that that we want a reliable trace to have
>   the correct order.



  parent reply	other threads:[~2020-10-29 10:04 UTC|newest]

Thread overview: 13+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2020-10-23 15:35 [PATCH] Documentation: livepatch: document reliable stacktrace Mark Rutland
2020-10-27 11:16 ` Petr Mladek
2020-10-29 10:04 ` Miroslav Benes [this message]
2021-01-13 16:57 Mark Brown
2021-01-13 19:33 ` Josh Poimboeuf
2021-01-13 20:23   ` Mark Brown
2021-01-13 22:25     ` Josh Poimboeuf
2021-01-14 18:10       ` Mark Rutland
2021-01-15  0:03         ` Josh Poimboeuf
2021-01-14 11:54   ` Mark Rutland
2021-01-14 14:36     ` Josh Poimboeuf
2021-01-14 17:49       ` Mark Rutland
2021-01-14 20:03         ` Josh Poimboeuf

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \ \ \ \ \ \ \ \ \ \ \ \ \

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).