Open Tropicao opened 5 months ago
What do you mean by "is still composed of multiple kind of leaks"?
Also, I agree we can improve this, but knowing how to compute the address in a module is useful, so it would be nice to keep it somehow.
What do you mean by "is still composed of multiple kind of leaks"?
I mean: keeping multiple sources of leaks so trainees still have to investigate enough to get rid of leaks (we have currently three different leak "sources" in the lab)
Also, I agree we can improve this, but knowing how to compute the address in a module is useful, so it would be nice to keep it somehow.
Hmmm, indeed it is a nice knowledge to have. My main concern is that during training, I see that participants use quite a lot of time and get confused by this part, not really managing to get a clear picture of the process (and even with hints in the labs instructions), at the expense of the rest of the labs. But maybe it is more of a personal experience/personal feeling, and the issue is more around total volume for the kernel lab then ?
What do you mean by "is still composed of multiple kind of leaks"?
I mean: keeping multiple sources of leaks so trainees still have to investigate enough to get rid of leaks (we have currently three different leak "sources" in the lab)
OK, got it. I agree on this.
Also, I agree we can improve this, but knowing how to compute the address in a module is useful, so it would be nice to keep it somehow.
Hmmm, indeed it is a nice knowledge to have. My main concern is that during training, I see that participants use quite a lot of time and get confused by this part, not really managing to get a clear picture of the process (and even with hints in the labs instructions), at the expense of the rest of the labs. But maybe it is more of a personal experience/personal feeling, and the issue is more around total volume for the kernel lab then ?
I cannot comment about onsite trainings as I haven't done any so far, so I trust you.
About the kernel lab size, I agree it is very long and intensive. What about just splitting it? One lab after each section? It think it would help both having some "variation" in the trainings and in have better "brain locality" between the lecture content and the corresponding lab.
Current kmemleak lab often leads trainees to get lost in details unrelated to the key point of the lab, because of the place of the leak: it can be detected by kmemleak only after module removal, and so symbols are not present anymore in the report :
It is still possible to get the relevant info out of the raw address:
/proc/modules
), substract it to raw address from the report, and feed the result tofaddr2line
While it works, those steps are an additional burden for trainees and add confusion to the initial topic.
A better way to handle this would be to ensure that the leak we are searching for