From: Jinchao Wang <wangjinchao600@gmail.com>
To: Alexander Potapenko <glider@google.com>
Cc: Andrew Morton <akpm@linux-foundation.org>,
Masami Hiramatsu <mhiramat@kernel.org>,
Peter Zijlstra <peterz@infradead.org>,
Mike Rapoport <rppt@kernel.org>,
"Naveen N . Rao" <naveen@kernel.org>,
Andrey Ryabinin <ryabinin.a.a@gmail.com>,
Andrey Konovalov <andreyknvl@gmail.com>,
Dmitry Vyukov <dvyukov@google.com>,
Vincenzo Frascino <vincenzo.frascino@arm.com>,
kasan-dev@googlegroups.com,
"David S. Miller" <davem@davemloft.net>,
Steven Rostedt <rostedt@goodmis.org>,
Mathieu Desnoyers <mathieu.desnoyers@efficios.com>,
Ingo Molnar <mingo@redhat.com>,
Arnaldo Carvalho de Melo <acme@kernel.org>,
Namhyung Kim <namhyung@kernel.org>,
Mark Rutland <mark.rutland@arm.com>,
Alexander Shishkin <alexander.shishkin@linux.intel.com>,
Jiri Olsa <jolsa@kernel.org>, Ian Rogers <irogers@google.com>,
Adrian Hunter <adrian.hunter@intel.com>,
"Liang, Kan" <kan.liang@linux.intel.com>,
Thomas Gleixner <tglx@linutronix.de>,
Borislav Petkov <bp@alien8.de>,
Dave Hansen <dave.hansen@linux.intel.com>,
x86@kernel.org, "H. Peter Anvin" <hpa@zytor.com>,
linux-mm@kvack.org, linux-trace-kernel@vger.kernel.org,
linux-perf-users@vger.kernel.org, linux-kernel@vger.kernel.org
Subject: Re: [PATCH v3 00/19] mm/ksw: Introduce real-time Kernel Stack Watch debugging tool
Date: Fri, 12 Sep 2025 16:15:30 +0800 [thread overview]
Message-ID: <8c047b5f-f4c2-4795-8ceb-a556ac6647b2@gmail.com> (raw)
In-Reply-To: <CAG_fn=V5LUhQQeCo9cNBKX1ys3OivB49TuSeWoPN-MPT=YTG6g@mail.gmail.com>
On 9/12/25 14:41, Alexander Potapenko wrote:
> On Fri, Sep 12, 2025 at 7:51 AM Jinchao Wang <wangjinchao600@gmail.com> wrote:
>>
>> FYI: The current patchset contains lockdep issues due to the kprobe handler
>> running in NMI context. Please do not spend time reviewing this version.
>> Thanks.
>> --
>> Jinchao
>
> Hi Jinchao,
>
> In the next version, could you please elaborate more on the user
> workflow of this tool?
> It occurs to me that in order to detect the corruption the user has to
> know precisely in which function the corruption is happening, which is
> usually the hardest part.
>
Hi Alexander,
Thank you for the question. I agree with your observation about the
challenge of detecting stack corruption.
Stack corruption debugging typically involves three steps:
1. Detect the corruption
2. Find the root cause
3. Fix the issue
Your question addresses step 1, which is indeed a challenging
part. Currently, we have several approaches for detection:
- Compile with CONFIG_STACKPROTECTOR_STRONG to add stack canaries
and trigger __stack_chk_fail() on corruption
- Manual detection when local variables are unexpectedly modified
(though this is quite difficult in practice)
However, KStackWatch is specifically designed for step 2 rather than
step 1. Let me illustrate with a complex scenario:
In one actual case, the corruption path was:
- A calls B (the buggy function) through N1 call levels
- B stores its stack variable L1's address in P (through a global
variable or queue or list...)
- C (the victim) called by A through N2 levels, unexpectedly has a
canary or local variable L2 with the overlapping address with L1
- D uses P in a separate task (N3 call levels deep), which modifies
the value of L1, and L2 is corrupted
- C finds the corruption
The only clue might be identifying function D first, which then leads
us to B through P.
Key advantages of KStackWatch:
- Lightweight overhead that doesn't reduce reproduction probability
- Real-time capability to identify corruption exactly when it happens
- Precise location tracking of where corruptions occur
KStackWatch helps identify function D directly, bypassing the complex
call chains (N1, N2, N3) and intermediate functions. Once we locate D,
we can trace back through the corruption path and resolve the issue.
Does this clarify the tool's intended workflow?
--
Jinchao
prev parent reply other threads:[~2025-09-12 8:15 UTC|newest]
Thread overview: 25+ messages / expand[flat|nested] mbox.gz Atom feed top
2025-09-10 5:23 Jinchao Wang
2025-09-10 5:23 ` [PATCH v3 01/19] x86/hw_breakpoint: introduce arch_reinstall_hw_breakpoint() for atomic context Jinchao Wang
2025-09-11 0:46 ` Masami Hiramatsu
2025-09-11 1:01 ` Jinchao Wang
2025-09-10 5:23 ` [PATCH v3 02/19] HWBP: Add modify_wide_hw_breakpoint_local() API Jinchao Wang
2025-09-10 5:23 ` [PATCH v3 03/19] mm/ksw: add build system support Jinchao Wang
2025-09-10 5:23 ` [PATCH v3 04/19] mm/ksw: add ksw_config struct and parser Jinchao Wang
2025-09-10 5:23 ` [PATCH v3 05/19] mm/ksw: add /proc/kstackwatch interface Jinchao Wang
2025-09-10 5:23 ` [PATCH v3 06/19] mm/ksw: add HWBP pre-allocation Jinchao Wang
2025-09-10 5:23 ` [PATCH v3 07/19] mm/ksw: add atomic watch on/off operations Jinchao Wang
2025-09-10 5:23 ` [PATCH v3 08/19] mm/ksw: support CPU hotplug Jinchao Wang
2025-09-10 5:31 ` [PATCH v3 09/19] mm/ksw: add probe management helpers Jinchao Wang
2025-09-10 5:31 ` [PATCH v3 10/19] mm/ksw: resolve stack watch addr and len Jinchao Wang
2025-09-10 5:31 ` [PATCH v3 11/19] mm/ksw: add recursive depth tracking Jinchao Wang
2025-09-10 5:31 ` [PATCH v3 12/19] mm/ksw: manage start/stop of stack watching Jinchao Wang
2025-09-10 5:31 ` [PATCH v3 13/19] mm/ksw: add self-debug helpers Jinchao Wang
2025-09-10 5:31 ` [PATCH v3 14/19] mm/ksw: add test module Jinchao Wang
2025-09-10 5:31 ` [PATCH v3 15/19] mm/ksw: add stack overflow test Jinchao Wang
2025-09-10 5:31 ` [PATCH v3 16/19] mm/ksw: add silent corruption test case Jinchao Wang
2025-09-10 5:31 ` [PATCH v3 17/19] mm/ksw: add recursive stack corruption test Jinchao Wang
2025-09-10 5:31 ` [PATCH v3 18/19] tools/ksw: add test script Jinchao Wang
2025-09-10 5:31 ` [PATCH v3 19/19] docs: add KStackWatch document Jinchao Wang
2025-09-12 5:51 ` [PATCH v3 00/19] mm/ksw: Introduce real-time Kernel Stack Watch debugging tool Jinchao Wang
2025-09-12 6:41 ` Alexander Potapenko
2025-09-12 8:15 ` Jinchao Wang [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=8c047b5f-f4c2-4795-8ceb-a556ac6647b2@gmail.com \
--to=wangjinchao600@gmail.com \
--cc=acme@kernel.org \
--cc=adrian.hunter@intel.com \
--cc=akpm@linux-foundation.org \
--cc=alexander.shishkin@linux.intel.com \
--cc=andreyknvl@gmail.com \
--cc=bp@alien8.de \
--cc=dave.hansen@linux.intel.com \
--cc=davem@davemloft.net \
--cc=dvyukov@google.com \
--cc=glider@google.com \
--cc=hpa@zytor.com \
--cc=irogers@google.com \
--cc=jolsa@kernel.org \
--cc=kan.liang@linux.intel.com \
--cc=kasan-dev@googlegroups.com \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-mm@kvack.org \
--cc=linux-perf-users@vger.kernel.org \
--cc=linux-trace-kernel@vger.kernel.org \
--cc=mark.rutland@arm.com \
--cc=mathieu.desnoyers@efficios.com \
--cc=mhiramat@kernel.org \
--cc=mingo@redhat.com \
--cc=namhyung@kernel.org \
--cc=naveen@kernel.org \
--cc=peterz@infradead.org \
--cc=rostedt@goodmis.org \
--cc=rppt@kernel.org \
--cc=ryabinin.a.a@gmail.com \
--cc=tglx@linutronix.de \
--cc=vincenzo.frascino@arm.com \
--cc=x86@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox