Create examples/tracing/undump.py examples text file (#3714)

Create examples/tracing/undump.py examples text file and update permission (+x) for undump.py.

diff --git a/README.md b/README.md
index e95532ba6022c39c224f10ebbc46ad1fbb063c95..076d127c5e423dd8f99126a4e357a9a44518a8b6 100644 (file)
--- a/README.md
+++ b/README.md
@@ -75,6 +75,7 @@ pair of .c and .py files, and some are directories of files.
 - examples/tracing/[task_switch.py](examples/tracing/task_switch.py): Count task switches with from and to PIDs.
 - examples/tracing/[tcpv4connect.py](examples/tracing/tcpv4connect.py): Trace TCP IPv4 active connections. [Examples](examples/tracing/tcpv4connect_example.txt).
 - examples/tracing/[trace_fields.py](examples/tracing/trace_fields.py): Simple example of printing fields from traced events.
+- examples/tracing/[undump.py](examples/tracing/undump.py): Dump UNIX socket packets. [Examples](examples/tracing/undump_example.txt)
 - examples/tracing/[urandomread.py](examples/tracing/urandomread.py): A kernel tracepoint example, which traces random:urandom_read. [Examples](examples/tracing/urandomread_example.txt).
 - examples/tracing/[vfsreadlat.py](examples/tracing/vfsreadlat.py) examples/tracing/[vfsreadlat.c](examples/tracing/vfsreadlat.c): VFS read latency distribution. [Examples](examples/tracing/vfsreadlat_example.txt).
 - examples/tracing/[kvm_hypercall.py](examples/tracing/kvm_hypercall.py): Conditional static kernel tracepoints for KVM entry, exit and hypercall [Examples](examples/tracing/kvm_hypercall.txt).

diff --git a/examples/tracing/undump.py b/examples/tracing/undump.py
old mode 100644 (file)
new mode 100755 (executable)

diff --git a/examples/tracing/undump_example.txt b/examples/tracing/undump_example.txt
new file mode 100644 (file)
index 0000000..1d72aa4
--- /dev/null
+++ b/examples/tracing/undump_example.txt
@@ -0,0 +1,39 @@
+Demonstrations of undump.py, the Linux eBPF/bcc version.
+
+This example trace the kernel function performing receive AP_UNIX socket
+packet. Some example output:
+
+Terminal 1, UNIX Socket Server:
+
+```
+$ nc -lU /var/tmp/dsocket
+# receive from Client
+Hello, World
+abcdefg
+```
+
+Terminal 2, UNIX socket Client:
+
+```
+$ nc -U /var/tmp/dsocket
+# Input some lines
+Hello, World
+abcdefg
+```
+
+Terminal 3, receive tracing:
+
+```
+$ sudo python undump.py -p 49264
+Tracing PID=49264 UNIX socket packets ... Hit Ctrl-C to end
+
+# Here print bytes of receive
+PID 49264 Recv 13 bytes
+   48 65 6c 6c 6f 2c 20 57 6f 72 6c 64 0a 
+PID 49264 Recv 8 bytes
+   61 62 63 64 65 66 67 0a
+```
+
+This output shows two packet received by PID 49264(nc -lU /var/tmp/dsocket),
+`Hello, World` will be parsed as `48 65 6c 6c 6f 2c 20 57 6f 72 6c 64 0a`, the
+`0a` is `Enter`. `abcdefg` will be parsed as `61 62 63 64 65 66 67 0a`.