Re: kprobe fault handling

["Frank Ch. Eigler" <fche at redhat dot com>]

Hi -

> > Those kernel functions are similarly unsafe (for purposes of
> > systemtap), since they can sleep (wait while page faults are being
> > serviced).  
>
> I started this whole thread to explain that my tests were now
> showing that was indeed the case.

Why was that news, given my repeated warning to this effect?

> However that was due to an easily fixed bug in the fault handler.

Perhaps so, but:

> You can't deem high-level functions unsafe to use because a bug in a
> lower-level routine temporarily made them that way.

Temporarily?  And it's not just that routine.  The larger problem is
sleeping/rescheduling/locking, not just faulting.  This lesson made an
earlier appearance with printk.

> > This is why Roland went out of his way to collect
> > alternatives in loc2c-runtime.h.  This was explained at the time.
> 
> IIRC, he explained to you why using __get_user_asm was safe. That is the
> same function used by copy_from_user and get_user. 

It may be that even those are not sufficiently safe (i.e., not
stressed enough on pessimistic cases such as valid user addresses that
are paged out).  Or maybe they are used just differently enough to
have made them work.  How much analysis went into your variant, beyond
bypassing the might_sleep warning?

- FChE