Bug 655904

Summary: hang/crash on massive kprobing
Product: [Fedora] Fedora Reporter: Frank Ch. Eigler <fche>
Component: kernelAssignee: Kernel Maintainer List <kernel-maint>
Status: CLOSED UPSTREAM QA Contact: Fedora Extras Quality Assurance <extras-qa>
Severity: medium Docs Contact:
Priority: low    
Version: 19CC: ananth, dougsland, gansalmon, itamar, jforbes, jonathan, kernel-maint, madhu.chinakonda, moli
Target Milestone: ---   
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
: 655908 (view as bug list) Environment:
Last Closed: 2013-04-05 12:35:24 EDT Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---
Bug Depends On:    
Bug Blocks: 831833, 655908    

Description Frank Ch. Eigler 2010-11-22 11:52:28 EST
A longstanding problem in the linux kernel has been its failure to protect
itself against massive kprobe sessions, such as with systemtap scripts such as:

   probe kernel.function("*") {}

The important thing to note is that systemtap is not required to show
this problem.  "perf probe" can do it, as can the following recipe, which
builds an absolutely minimal kprobes-using kernel module, and applies it
to function entry points (as gleamed form /proc/kallsyms).  (With systemtap,
we can easily place probes into the bodies of functions too, and of course
that crashes even "harder", but let's leave that till later.)

  git clone git://sourceware.org/git/systemtap.git
  cd systemtap/scripts/kprobes_test
  sh gen_code_all.sh
  insmod kprobe_module.ko

There may be multiple causes, such as inadequate __kprobes markup, or
exception handling, or unknown factors.

See also

Comment 1 Chuck Ebbert 2010-12-09 10:53:05 EST
That's http://sourceware.org/bugzilla/show_bug.cgi?id=2725
Comment 2 Frank Ch. Eigler 2013-01-29 13:35:26 EST
(Still affects kernel 3.8.0-0.rc4.git5.1

# stap -e 'probe kernel.function("*").call {}' -c 'sleep 1'

restarts my x86-64 vm.)
Comment 3 Fedora End Of Life 2013-04-03 14:43:38 EDT
This bug appears to have been reported against 'rawhide' during the Fedora 19 development cycle.
Changing version to '19'.

(As we did not run this process for some time, it could affect also pre-Fedora 19 development
cycle bugs. We are very sorry. It will help us with cleanup during Fedora 19 End Of Life. Thank you.)

More information and reason for this action is here:
Comment 4 Justin M. Forbes 2013-04-05 12:35:24 EDT
This really needs to be reported and handled upstream