4ast [Mon, 12 Oct 2015 18:51:53 +0000 (11:51 -0700)]
Merge pull request #268 from iovisor/bblanco_dev
Fixes for deb/rpm packaging
Brenden Blanco [Mon, 12 Oct 2015 18:13:48 +0000 (11:13 -0700)]
Fixes for deb/rpm packaging
These fixes are manually included in the released 0.1.7 packages, but
will help with future builds.
Signed-off-by: Brenden Blanco <bblanco@plumgrid.com>
4ast [Mon, 12 Oct 2015 16:59:13 +0000 (09:59 -0700)]
Merge pull request #267 from iovisor/bblanco_dev
Update tag to v0.1.7
Brenden Blanco [Mon, 12 Oct 2015 16:31:03 +0000 (09:31 -0700)]
Update tag to v0.1.7
Signed-off-by: Brenden Blanco <bblanco@plumgrid.com>
Brenden Blanco [Mon, 12 Oct 2015 16:45:03 +0000 (09:45 -0700)]
Merge pull request #265 from iovisor/yhs_dev
handle return value in kretprobe handler for tcpv4connect
Brenden Blanco [Thu, 8 Oct 2015 17:10:29 +0000 (10:10 -0700)]
Merge pull request #264 from iovisor/yhs_dev
Fix an uninitialized variable access in test_clang
Yonghong Song [Wed, 7 Oct 2015 15:59:42 +0000 (08:59 -0700)]
handle return value in kretprobe handler for tcpv4connect
Signed-off-by: Yonghong Song <yhs@plumgrid.com>
Yonghong Song [Wed, 7 Oct 2015 12:16:15 +0000 (05:16 -0700)]
Fix an uninitialized variable access in test_clang
Signed-off-by: Yonghong Song <yhs@plumgrid.com>
4ast [Tue, 6 Oct 2015 21:16:08 +0000 (14:16 -0700)]
Merge pull request #262 from iovisor/bblanco_dev
Make KeyboardInterrupt catch more aggressive
Brenden Blanco [Tue, 6 Oct 2015 21:08:03 +0000 (14:08 -0700)]
Make KeyboardInterrupt catch more aggressive
Fixes: #186
Signed-off-by: Brenden Blanco <bblanco@plumgrid.com>
4ast [Tue, 6 Oct 2015 20:01:49 +0000 (13:01 -0700)]
Merge pull request #261 from iovisor/bblanco_dev
Fixes for table indexing and clear()
Brenden Blanco [Tue, 6 Oct 2015 19:12:42 +0000 (12:12 -0700)]
Avoid infinite loops in BPF.Table destructor
In the case that python process tries to clear() a table object while
the bpf program is still running and doing lookup_or_init, the python
clean() routine will race with the bpf program (and bpf will win in the
case of frequent kprobe hits) causing a hang. Instead, first get the
full list of keys and then delete them rather than rely on the default
popitem implementation.
Fixes: #233
Signed-off-by: Brenden Blanco <bblanco@plumgrid.com>
Brenden Blanco [Tue, 6 Oct 2015 19:05:25 +0000 (12:05 -0700)]
Support iterating from a 0-filled table key
In the case that 0-filled keys are valid in the table, the previous
algorithm did not properly iterate.
The API of the bpf_get_next_key routine is such that the iteration
over a map should start with an invalid key. When a 0 key is valid, this
causes iteration to start anywhere inside the hash table, skipping some
entries. So, add logic to the Iter object to test if the init key is
invalid. If otherwise, try a few alternatives until an invalid key is
found. If none found, raise an exception.
Also adds a test for indexing arrays from 0, which nows works with this
too.
Fixes: #260
Signed-off-by: Brenden Blanco <bblanco@plumgrid.com>
4ast [Thu, 1 Oct 2015 19:01:10 +0000 (12:01 -0700)]
Merge pull request #259 from iovisor/bblanco_dev
Don't treat fundamentally typed args as needing probe_read
Brenden Blanco [Thu, 1 Oct 2015 18:18:07 +0000 (11:18 -0700)]
Don't treat fundamentally typed args as needing probe_read
The rewriter was aggressively parsing PoD types as requiring probe_read
and poisoning other decls when those arguments were used.
Signed-off-by: Brenden Blanco <bblanco@plumgrid.com>
yonghong-song [Tue, 29 Sep 2015 21:19:23 +0000 (14:19 -0700)]
Merge pull request #257 from iovisor/bblanco_dev
Mask function calls from influencing probe_read
Brenden Blanco [Tue, 29 Sep 2015 20:44:19 +0000 (13:44 -0700)]
Mask function calls from influencing probe_read
Calls to functions were propagating the needs_probe state, causing map
values to require a probe_read improperly. Although there may be a use
case for this, generally it will not be needed and should be solved
differently.
Fixes: #256
Signed-off-by: Brenden Blanco <bblanco@plumgrid.com>
4ast [Mon, 28 Sep 2015 18:46:06 +0000 (11:46 -0700)]
Merge pull request #255 from iovisor/bblanco_dev
Add ability to consume perf events in python
Brenden Blanco [Mon, 28 Sep 2015 18:35:26 +0000 (11:35 -0700)]
Add check for fd < 0 in perf_reader_free
Signed-off-by: Brenden Blanco <bblanco@plumgrid.com>
Brenden Blanco [Fri, 25 Sep 2015 20:58:30 +0000 (13:58 -0700)]
Add ability to consume perf events in python
This adds the ability to consume perf events in libbpf/python using the
ring buffer. For now, this is the only way to get access to the function
call graph. Only kernel functions are supported.
It does this by introducing a new set of libbpf helper functions that
can open the perf fd, mmap it, and poll over the events as they are
submitted by the kernel. This allow for faster event processing than
trace_printks, but has not been tested.
The functionality is disabled by default, the user can enable it by
passing a non-empty cb parameter into the BPF constructor. That cb
function will be invoked for each event that is read from the buffer.
Buffers are per-fd, so each event is distinct as well as separated from
other processes that may be running simultaneously.
The initial test case uses this functionality to build a histogram of
events keyed by the callchain.
Signed-off-by: Brenden Blanco <bblanco@plumgrid.com>
Brenden Blanco [Sun, 27 Sep 2015 03:19:54 +0000 (23:19 -0400)]
Merge pull request #254 from brendangregg/master
tcpv4connect
Brendan Gregg [Sat, 26 Sep 2015 00:01:17 +0000 (17:01 -0700)]
tcpv4connect
Brenden Blanco [Fri, 25 Sep 2015 21:05:59 +0000 (17:05 -0400)]
Merge pull request #252 from iovisor/bblanco_dev
Add custom formatter function to print_log2_hist
Brenden Blanco [Fri, 25 Sep 2015 20:57:18 +0000 (13:57 -0700)]
Add custom formatter function to print_log2_hist
Fixes: #251
Signed-off-by: Brenden Blanco <bblanco@plumgrid.com>
Brenden Blanco [Fri, 25 Sep 2015 20:34:49 +0000 (16:34 -0400)]
Merge pull request #250 from brendangregg/master
begin using new histogram breakdowns feature
Brendan Gregg [Fri, 25 Sep 2015 20:20:16 +0000 (13:20 -0700)]
biolatency -D
Brendan Gregg [Fri, 25 Sep 2015 19:47:53 +0000 (12:47 -0700)]
funclatency -F
Brenden Blanco [Fri, 25 Sep 2015 18:22:57 +0000 (14:22 -0400)]
Merge pull request #249 from brendangregg/master
use BPF_HISTOGRAM and num_open_kprobes
Brendan Gregg [Fri, 25 Sep 2015 18:17:00 +0000 (11:17 -0700)]
tidy up: delete value after use
Brendan Gregg [Fri, 25 Sep 2015 18:16:33 +0000 (11:16 -0700)]
use new num_open_kprobes() function
Brendan Gregg [Fri, 25 Sep 2015 18:07:35 +0000 (11:07 -0700)]
improve comments for prime example
Brendan Gregg [Fri, 25 Sep 2015 18:07:23 +0000 (11:07 -0700)]
use BPF_HISTOGRAM
Brenden Blanco [Fri, 25 Sep 2015 15:54:15 +0000 (11:54 -0400)]
Merge pull request #248 from tuxology/open_probes
Helper to get open k[ret]probes. Fixes #236
Suchakra Sharma [Fri, 25 Sep 2015 15:45:06 +0000 (11:45 -0400)]
A more suitable function mame
Suchakra Sharma [Fri, 25 Sep 2015 15:37:03 +0000 (11:37 -0400)]
Merge branch 'master' into open_probes
Suchakra Sharma [Fri, 25 Sep 2015 15:24:12 +0000 (11:24 -0400)]
Helper to get open k[ret]probes. Fixes #236
Brenden Blanco [Thu, 24 Sep 2015 21:45:49 +0000 (17:45 -0400)]
Merge pull request #247 from iovisor/bblanco_dev
Add BPF_HISTOGRAM type and print support
Brenden Blanco [Thu, 24 Sep 2015 21:11:19 +0000 (14:11 -0700)]
Add support for char[N] as a histogram key
Signed-off-by: Brenden Blanco <bblanco@plumgrid.com>
Brenden Blanco [Thu, 24 Sep 2015 04:36:05 +0000 (21:36 -0700)]
Add BPF_HISTOGRAM type and print support
This adds support for a specialized histogram type, which underneath
maps to an array or a hash table, depending on key type. With no
arguments, it takes on the type `u64 table[64];`. The other current
supported key type is `struct { int32|int64 bucket; int32|int64 slot }`.
To print these automatically, print_log2_hist is underneath split into
two types of printouts, one which prints the single histogram, and
another which prints a histogram for each unique `bucket` value.
See test_histogram.py for examples.
Fixes: #144
Signed-off-by: Brenden Blanco <bblanco@plumgrid.com>
Brenden Blanco [Thu, 24 Sep 2015 13:52:08 +0000 (06:52 -0700)]
Add pointer dereference support to probe_read
Allows things like:
```c
int kprobe__foo(struct pt_regs *ctx, u64 *ptr) {
bpf_trace_printk("%lx\n", *ptr);
```
Signed-off-by: Brenden Blanco <bblanco@plumgrid.com>
Brenden Blanco [Thu, 24 Sep 2015 21:41:33 +0000 (17:41 -0400)]
Merge pull request #230 from mbudiu-bfn/master
Initial implementation of P4->ebpf compiler.
Mihai Budiu [Thu, 24 Sep 2015 21:35:12 +0000 (14:35 -0700)]
initial prototype P4->EBPF compiler
Brenden Blanco [Thu, 24 Sep 2015 18:31:39 +0000 (14:31 -0400)]
Merge pull request #246 from tuxology/master
Add contribution section
Suchakra Sharma [Thu, 24 Sep 2015 18:27:46 +0000 (14:27 -0400)]
Formatting suggestions
Suchakra Sharma [Thu, 24 Sep 2015 17:16:26 +0000 (13:16 -0400)]
Add contribution section
4ast [Wed, 23 Sep 2015 15:00:59 +0000 (08:00 -0700)]
Merge pull request #244 from iovisor/bblanco_dev
Use GNUInstallDirs for LIBDIR variable
Brenden Blanco [Wed, 23 Sep 2015 14:23:35 +0000 (07:23 -0700)]
Use GNUInstallDirs for LIBDIR variable
This should be supported in older versions of cmake, but haven't
explicitly tested those.
Fixes: #243
Signed-off-by: Brenden Blanco <bblanco@plumgrid.com>
Brenden Blanco [Mon, 21 Sep 2015 22:59:07 +0000 (15:59 -0700)]
Merge pull request #241 from brendangregg/master
biolatency, funclatency, and bpf_log2l usage
Brendan Gregg [Mon, 21 Sep 2015 22:52:01 +0000 (15:52 -0700)]
Merge remote-tracking branch 'upstream/master'
Brendan Gregg [Mon, 21 Sep 2015 22:51:11 +0000 (15:51 -0700)]
biolatency
Brendan Gregg [Mon, 21 Sep 2015 22:49:21 +0000 (15:49 -0700)]
funclatency
Brendan Gregg [Mon, 21 Sep 2015 22:46:36 +0000 (15:46 -0700)]
use bpf_log2l helper
Brenden Blanco [Mon, 21 Sep 2015 22:44:14 +0000 (15:44 -0700)]
Merge pull request #240 from brendangregg/master
add bpf_log2 functions
Brendan Gregg [Mon, 21 Sep 2015 22:39:46 +0000 (15:39 -0700)]
add bpf_log2 functions
Brenden Blanco [Mon, 21 Sep 2015 19:28:16 +0000 (12:28 -0700)]
Merge pull request #238 from brendangregg/master
killsnoop and some minor fixes
Brendan Gregg [Mon, 21 Sep 2015 18:59:42 +0000 (11:59 -0700)]
killsnoop
Brendan Gregg [Mon, 21 Sep 2015 18:58:16 +0000 (11:58 -0700)]
some simplifications
Brendan Gregg [Mon, 21 Sep 2015 18:55:52 +0000 (11:55 -0700)]
variable name typo
Brendan Gregg [Mon, 21 Sep 2015 18:52:52 +0000 (11:52 -0700)]
man page missing syntax
Brendan Gregg [Mon, 21 Sep 2015 18:52:21 +0000 (11:52 -0700)]
remove vfs copy-n-paste extras
Brendan Gregg [Mon, 21 Sep 2015 18:51:03 +0000 (11:51 -0700)]
add dynamic tracing warning
Brendan Gregg [Mon, 21 Sep 2015 18:50:29 +0000 (11:50 -0700)]
update kernel version
Brenden Blanco [Fri, 18 Sep 2015 12:18:40 +0000 (05:18 -0700)]
Merge pull request #229 from brendangregg/master
opensnoop
Brendan Gregg [Fri, 18 Sep 2015 04:52:52 +0000 (21:52 -0700)]
opensnoop
4ast [Thu, 17 Sep 2015 21:35:34 +0000 (14:35 -0700)]
Merge pull request #228 from iovisor/bblanco_dev
Add a better test case for nested probe reads
Brenden Blanco [Thu, 17 Sep 2015 21:23:34 +0000 (14:23 -0700)]
Add a better test case for nested probe reads
Signed-off-by: Brenden Blanco <bblanco@plumgrid.com>
4ast [Thu, 17 Sep 2015 20:50:42 +0000 (13:50 -0700)]
Merge pull request #227 from iovisor/bblanco_dev
Add support for static helper functions
Brenden Blanco [Wed, 16 Sep 2015 21:59:35 +0000 (14:59 -0700)]
Add support for static helper functions
This adds support for static helper functions that can be reused. It is
not necessary to include pt_regs in the helper functions, even though
external pointers may be dereferenced. Arguments in the helpers can also
be reordered.
Signed-off-by: Brenden Blanco <bblanco@plumgrid.com>
Brenden Blanco [Wed, 16 Sep 2015 22:33:17 +0000 (15:33 -0700)]
Merge pull request #223 from brendangregg/master
add biosnoop to README
Brendan Gregg [Wed, 16 Sep 2015 22:30:07 +0000 (15:30 -0700)]
add biosnoop to README
Brenden Blanco [Wed, 16 Sep 2015 22:24:04 +0000 (15:24 -0700)]
Merge pull request #222 from brendangregg/master
biosnoop and disk updates
Brendan Gregg [Wed, 16 Sep 2015 22:19:03 +0000 (15:19 -0700)]
fix comment
Brendan Gregg [Wed, 16 Sep 2015 22:12:55 +0000 (15:12 -0700)]
accomodate mq block device I/O
Brendan Gregg [Wed, 16 Sep 2015 22:09:04 +0000 (15:09 -0700)]
biosnoop for block device I/O
4ast [Wed, 16 Sep 2015 21:11:35 +0000 (14:11 -0700)]
Merge pull request #221 from iovisor/bblanco_dev
Fix probe reads on char[] types
Brenden Blanco [Wed, 16 Sep 2015 21:06:06 +0000 (14:06 -0700)]
Fix probe reads on char[] types
It is easy enough to wrap the type in a typeof(), otherwise the rewriter
would need to do a deeper parsing of the type information to place it
properly next to the variable name.
Fixes: #219
Signed-off-by: Brenden Blanco <bblanco@plumgrid.com>
4ast [Tue, 15 Sep 2015 23:04:09 +0000 (16:04 -0700)]
Merge pull request #218 from iovisor/bblanco_dev
Translate multiple pointer dereference into bpr_probe_read
Brenden Blanco [Tue, 15 Sep 2015 22:46:26 +0000 (15:46 -0700)]
Translate multiple pointer dereference into bpr_probe_read
This commit adds support for multiple consecutive and nested pointer
dereference of function arguments that should be converted to
bpf_probe_read. The logic works by marking variables as needing a
probe_read if they come from the register argument, and then applying
this property transitively.
Supported syntax:
```
int trace_entry(struct pt_regs *ctx, struct file *file) {
struct vfsmount *mnt = file->f_path.mnt;
struct super_block *k = mnt->mnt_sb;
const char *name = file->f_path.dentry->d_name.name;
```
Not supported: probe reads from map leaves, probe reads after explicit casts.
Fixes: #188
Signed-off-by: Brenden Blanco <bblanco@plumgrid.com>
Brenden Blanco [Tue, 15 Sep 2015 17:38:50 +0000 (10:38 -0700)]
Merge pull request #210 from rlane/ebpf-method
add ebpf method to retrieve bytecode
Rich Lane [Tue, 15 Sep 2015 00:21:39 +0000 (17:21 -0700)]
add test for dump_func method
Rich Lane [Mon, 14 Sep 2015 20:17:45 +0000 (13:17 -0700)]
rename ebpf method to dump_func
Rich Lane [Sun, 13 Sep 2015 05:31:52 +0000 (22:31 -0700)]
add ebpf method to retrieve bytecode
This is useful if you want to use bcc as a compiler without running the
program.
Brenden Blanco [Tue, 15 Sep 2015 02:47:26 +0000 (19:47 -0700)]
Merge pull request #211 from affansyed/master
updated mainline version to support bridge
affansyed [Mon, 14 Sep 2015 05:52:53 +0000 (10:52 +0500)]
Merge branch 'master' into master
4ast [Sun, 13 Sep 2015 23:42:11 +0000 (16:42 -0700)]
Merge pull request #214 from iovisor/bblanco_dev
Change test_xlate1 to use act_bpf instead of cls_bpf
Brenden Blanco [Fri, 11 Sep 2015 16:27:45 +0000 (09:27 -0700)]
Change test_xlate1 to use act_bpf instead of cls_bpf
Support for act_bpf is available for testing in
https://github.com/drzaeus77/pyroute2
Signed-off-by: Brenden Blanco <bblanco@plumgrid.com>
affansyed [Sun, 13 Sep 2015 14:44:18 +0000 (19:44 +0500)]
Merge branch 'master' into master
4ast [Sat, 12 Sep 2015 00:19:34 +0000 (17:19 -0700)]
Merge pull request #208 from iovisor/bblanco_dev2
Don't include git tag in .so suffix
Brenden Blanco [Fri, 11 Sep 2015 23:36:00 +0000 (16:36 -0700)]
Don't include git tag in .so suffix
The git hash was being include in the shared library name. This leads to
polution of the /usr/lib directory. Instead, just use the latest tag in
the library suffix.
As a developer, you will need to clean up the /usr/lib/libbcc* files
whenever a new tag is created.
Fixes: #207
Signed-off-by: Brenden Blanco <bblanco@plumgrid.com>
Brenden Blanco [Fri, 11 Sep 2015 16:40:28 +0000 (09:40 -0700)]
Merge pull request #206 from iovisor/yhs_dev
sync readme hello_world.py example with actual implementation
Yonghong Song [Fri, 11 Sep 2015 02:05:58 +0000 (19:05 -0700)]
sync readme hello_world.py example with actual implementation
Signed-off-by: Yonghong Song <yhs@plumgrid.com>
4ast [Fri, 11 Sep 2015 01:00:36 +0000 (18:00 -0700)]
Merge pull request #205 from iovisor/bblanco_dev
Add clang command line invocation to debug=0x4
Brenden Blanco [Fri, 11 Sep 2015 00:55:38 +0000 (17:55 -0700)]
Add clang command line invocation to debug=0x4
This adds the command line arguments of clang to debug flag 0x4 in the
clang frontend.
Signed-off-by: Brenden Blanco <bblanco@plumgrid.com>
Brenden Blanco [Thu, 10 Sep 2015 23:48:57 +0000 (16:48 -0700)]
Merge pull request #204 from brendangregg/master
some README rework
Brendan Gregg [Thu, 10 Sep 2015 23:46:12 +0000 (16:46 -0700)]
copy-n-paste error
Brendan Gregg [Thu, 10 Sep 2015 21:50:02 +0000 (14:50 -0700)]
more trim
Brendan Gregg [Thu, 10 Sep 2015 21:48:48 +0000 (14:48 -0700)]
trim to fit word wrap
Brendan Gregg [Thu, 10 Sep 2015 21:46:52 +0000 (14:46 -0700)]
some rework
Brenden Blanco [Thu, 10 Sep 2015 20:47:35 +0000 (13:47 -0700)]
Merge pull request #202 from brendangregg/master
funccount and BPF_HASH updates
Brendan Gregg [Thu, 10 Sep 2015 20:43:34 +0000 (13:43 -0700)]
shorten syncsnoop example