From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <systemtap-return-26162-listarch-systemtap=sources.redhat.com@sourceware.org>
Received: (qmail 63626 invoked by alias); 11 Aug 2018 15:37:26 -0000
Mailing-List: contact systemtap-help@sourceware.org; run by ezmlm
Precedence: bulk
List-Id: <systemtap.sourceware.org>
List-Subscribe: <mailto:systemtap-subscribe@sourceware.org>
List-Post: <mailto:systemtap@sourceware.org>
List-Help: <mailto:systemtap-help@sourceware.org>, <http://sourceware.org/lists.html#faqs>
Sender: systemtap-owner@sourceware.org
Received: (qmail 63617 invoked by uid 89); 11 Aug 2018 15:37:26 -0000
Authentication-Results: sourceware.org; auth=none
X-Spam-SWARE-Status: No, score=-1.9 required=5.0 tests=BAYES_00,SPF_HELO_PASS autolearn=ham version=3.3.2 spammy=handlers
X-HELO: mx1.redhat.com
Received: from mx1.redhat.com (HELO mx1.redhat.com) (209.132.183.28) by sourceware.org (qpsmtpd/0.93/v0.84-503-g423c35a) with ESMTP; Sat, 11 Aug 2018 15:37:25 +0000
Received: from smtp.corp.redhat.com (int-mx10.intmail.prod.int.phx2.redhat.com [10.5.11.25])	(using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits))	(No client certificate requested)	by mx1.redhat.com (Postfix) with ESMTPS id 1A50A369CC;	Sat, 11 Aug 2018 15:37:24 +0000 (UTC)
Received: from redhat.com (ovpn-116-85.phx2.redhat.com [10.3.116.85])	by smtp.corp.redhat.com (Postfix) with ESMTPS id DAFF72010CA4;	Sat, 11 Aug 2018 15:37:23 +0000 (UTC)
Received: from fche by redhat.com with local (Exim 4.90_1)	(envelope-from <fche@redhat.com>)	id 1foVxC-000529-8R; Sat, 11 Aug 2018 11:37:22 -0400
Date: Sat, 11 Aug 2018 15:37:00 -0000
From: "Frank Ch. Eigler" <fche@redhat.com>
To: Arkady <arkady.miasnikov@gmail.com>
Cc: David Smith <dsmith@redhat.com>, systemtap <systemtap@sourceware.org>
Subject: Re: Unsafe mode for probes
Message-ID: <20180811153722.GB9446@redhat.com>
References: <CANA-60pZa0RFLvjF6g7h-Ltb+W2pafBvwH53gPNSmcb4mQUkmw@mail.gmail.com> <CAKFOr-Z26bbBNwFSoyLaFpvD+QbS1Bi=eQLimoo=-22fyZH==Q@mail.gmail.com> <CANA-60owZN-ksNwHRNc4BwesinQBqyxn2R20g8OuHwgBP7hADQ@mail.gmail.com> <87h8k3tibs.fsf@redhat.com> <CANA-60oC_VLcMgpv3_ZT_ohMtybRYpSgCnRjunVZ2oX+-HYo0A@mail.gmail.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <CANA-60oC_VLcMgpv3_ZT_ohMtybRYpSgCnRjunVZ2oX+-HYo0A@mail.gmail.com>
User-Agent: Mutt/1.5.21 (2010-09-15)
X-SW-Source: 2018-q3/txt/msg00096.txt.bz2

Hi -

> "a proper context structure allocation for temporary values" is
> one of the things I would like to wrap into a stable API, and
> do not enforce it.

But a context is not an optional safety check sort of thing.  It is
the place where all the runtime per-probe-execution data is, including
error flags, temporaries, self-monitoring counters, printing buffers,
all kinds of stuff.  We can probably make it smaller for probe
handlers that are trivially simple.  But code just won't compile/run
with no context.

> "Unsafe" means that the stack safety is up to the author.
> For example, if I hook only entry points of the system calls I
> want the freedom to inject custom C code.

Maybe "raw" would be a better name then: a probe handler that
is bound to use self-contained embedded-C only (thus can't print,
deal with stap globals, etc.).  Even providing $context vars
would be tricky.

- FChE