02 Feb 2023

feedFedora People

Richard W.M. Jones: Fedora now has frame pointers

Fedora now has frame pointers. I don't want to dwell on the how of this, it was a somewhat controversial decision and you can read all about it here. But I do want to say a bit about the why, and how it makes performance analysis so much easier.

Recently we've been looking at a performance problem in qemu. To try to understand this I've been looking at FlameGraphs all day, like this one:

<figure class="wp-block-image size-large"></figure>

FlameGraphs rely on the Linux tool perf being able to collect stack traces. The stack traces start in the kernel and go up through userspace often for dozens or even hundreds of frames. They must be collected quickly (my 1 minute long trace has nearly half a million samples) and accurately.

Perf (or actually I think it's some component of the kernel) has various methods to unwind the stack. It can use frame pointers, kernel ORC information or DWARF debug information. The thing is that DWARF unwinding (the only userspace option that doesn't use frame pointers) is really unreliable. In fact it has such serious problems that it's not that usable at all.

For example, here is a broken stack trace from Fedora 37 (with full debuginfo installed):

<figure class="wp-block-image size-large"></figure>

Notice that we go from the qemu-img program, through an "[unknown]" frame, into zlib's inflate.

In the same trace we get completely detached frames too (which are wrong):

<figure class="wp-block-image size-large"></figure>

Upgrading zlib to F38 (with frame pointers) shows what this should look like:

<figure class="wp-block-image size-large"></figure>

Another common problem with lack of frame pointers can be seen in this trace from Fedora 37:

<figure class="wp-block-image size-large"></figure>

It looks like it might be OK, until you compare it to the same workload using Fedora 38 libraries:

<figure class="wp-block-image size-large"></figure>

Look at those beautiful towering peaks! What seems to be happening (I don't know why) is that stack traces start in the wrong place when you don't have frame pointers (note that FlameGraphs show stack traces upside down, with the starting point in the kernel shown at the top). Also if you look closely you'll notice missed frames in the first one, like the "direct" call to __libc_action which actually goes through an intermediate frame.

Before Fedora 38 the only way to get good stack traces was to recompile your software and all of its dependencies with frame pointers, a massive pain in the neck and a major barrier to entry when investigating performance problems.

With Fedora 38, it's simply a matter of using the regular libraries, installing debuginfo if you want (it does still add detail), and you can start using perf straight away by following Brendan Gregg's tutorials.

02 Feb 2023 7:33pm GMT

Fedora Community Blog: Outreachy Summer’23: Call for Projects and Mentors!

The Fedora Project is participating in the upcoming round of Outreachy. We need more project ideas and mentors! The last day to propose a project or to apply as a general mentor is February 24, 2023, at 4pm UTC.

Outreachy provides a unique opportunity for underrepresented groups to gain valuable experience in open-source and gain access to a supportive community of mentors and peers. By participating in this program, the Fedora community can help create a more diverse and inclusive tech community.

If you have a project idea for the upcoming round of Outreachy, please open a ticket in the mentored projects repository. You can also volunteer to be a mentor for a project that's not yours. As a supporting mentor, you will guide interns through the completion of the project.

A good project proposal makes all the difference. It saves time for both the mentors and the applicants.

What makes a good project proposal

The Mentored Projects Coordinators will review your ideas and help you prep your project proposal to be submitted to Outreachy.

How to participate

Project Mentor

Signing up as a mentor is a commitment. Before signing up, please consider the following

Please read through the mentor-faq page from Outreachy.

General Mentor

We are also looking for general mentors for the facilitation of proper communication of feedback and evaluation with the interns working on the selected projects.

Submit your proposals

Please submit your project ideas and mentorship availability as soon as possible. The last date for project idea submission is February 24, 2023

Mentoring can be a fulfilling pursuit. It is a great opportunity to contribute to the community and shape the future of Fedora by mentoring a talented intern who will work on your project. Don't miss out on this exciting opportunity to make a difference in the Fedora community and the tech industry as a whole. Together, we can make the open-source community even more diverse and inclusive.

The post Outreachy Summer'23: Call for Projects and Mentors! appeared first on Fedora Community Blog.

02 Feb 2023 4:51pm GMT

Matthew Garrett: Blocking free API access to Twitter doesn't stop abuse

In one week from now, Twitter will block free API access. This prevents anyone who has written interesting bot accounts, integrations, or tooling from accessing Twitter without paying for it. A whole number of fascinating accounts will cease functioning, people will no longer be able to use tools that interact with Twitter, and anyone using a free service to do things like find Twitter mutuals who have moved to Mastodon or to cross-post between Twitter and other services will be blocked.

There's a cynical interpretation to this, which is that despite firing 75% of the workforce Twitter is still not profitable and Elon is desperate to not have Twitter go bust and also not to have to tank even more of his Tesla stock to achieve that. But let's go with the less cynical interpretation, which is that API access to Twitter is something that enables bot accounts that make things worse for everyone. Except, well, why would a hostile bot account do that?

To interact with an API you generally need to present some sort of authentication token to the API to prove that you're allowed to access it. It's easy enough to restrict issuance of those tokens to people who pay for the service. But, uh, how do the apps work? They need to be able to communicate with the service to tell it to post tweets, retrieve them, and so on. And the simple answer to that is that they use some hardcoded authentication tokens. And while registering for an API token yourself identifies that you're not using an official client, using the tokens embedded in the clients makes it look like you are. If you want to make it look like you're a human, you're already using tokens ripped out of the official clients.

The Twitter client API keys are widely known. Anyone who's pretending to be a human is using those already and will be unaffected by the shutdown of the free API tier. Services like movetodon.org do get blocked. This isn't an anti-abuse choice. It's one that makes it harder to move to other services. It's one that blocks a bunch of the integrations and accounts that bring value to the platform. It's one that hurts people who follow the rules, without hurting the ones who don't. This isn't an anti-abuse choice, it's about trying to consolidate control of the platform.

comment count unavailable comments

02 Feb 2023 10:21am GMT