1. 11 Oct, 2017 3 commits
  2. 10 Oct, 2017 2 commits
  3. 08 Oct, 2017 2 commits
    • Paul Chaignon's avatar
      Fix segfault with enumerations · f7f873a2
      Paul Chaignon authored
      When serializing map types to JSON, if it encounters an enumeration,
      the rewriter goes into an infinite loop until it segfaults.  This fix
      properly serializes enumerations in the same way unions and structs
      are.
      
          enum a {
            CHOICE_A,
            CHOICE_B,
          };
          BPF_HASH(m, u32, enum a);
      
      is serialized as:
      
          ["a", ["CHOICE_A","CHOICE_B"], "enum"]
      f7f873a2
    • yonghong-song's avatar
      Merge pull request #1382 from palmtenor/vdso · 54a5b4d1
      yonghong-song authored
      Support resolve vDSO symbols
      54a5b4d1
  4. 07 Oct, 2017 4 commits
  5. 06 Oct, 2017 4 commits
  6. 05 Oct, 2017 4 commits
  7. 04 Oct, 2017 3 commits
    • yonghong-song's avatar
      Merge pull request #1374 from pbhole/dns_matching1 · 782b34f0
      yonghong-song authored
       examples:dns_matching: make it work as a DNS sniffer
      782b34f0
    • Prashant Bhole's avatar
      examples:dns_matching: accept args from user · b2b9133f
      Prashant Bhole authored
      Accepts arguments from user. This change makes it slightly more
      interactive. usage is show with -h option, so no extra documentation
      required for understanding the usage.
      b2b9133f
    • Prashant Bhole's avatar
      examples:dns_matching: make it work as DNS sniffer · af83f6ff
      Prashant Bhole authored
      Reason:
      The intention of initial version of this example was to provide
      a loop-uprolling example and expected functionality was to drop
      DNS packets requesting the DNS name contained in the map.
         But the functionality doesn't work as exepected because the
      BPF program attached to the raw socket only filters the packets
      received by the python program.
      
      With these modifications, it still serves as a loop-unrolling
      example, with slightly different functionality.
      
      Inverted return values of bpf program. It keeps the packet if the
      name in DNS packet is also exists in the map. All other packets
      are dropped.
      Python program is modified to read packets from raw socket.
      DNS data from the packet is parsed and printed using dnslib library.
      af83f6ff
  8. 03 Oct, 2017 2 commits
    • yonghong-song's avatar
      Merge pull request #1365 from sandip4n/add-usdt-ppc64 · 422db709
      yonghong-song authored
      Add basic USDT support for powerpc64
      422db709
    • Yonghong Song's avatar
      add debug option to dump asm insns embedded with source · 91837cac
      Yonghong Song authored
      The patch adds a new debug option "DEBUG_SOURCE = 8" to
      dump insns embedded with source. In C++ API, users
      can change BPF constructor "flag" value to enable debug output.
      In Python API, users can change "debug" value to enable
      debug output. For example, for python test program test_usdt.py,
      the debug output looks like below:
      
      ......
      Disassembly of section .bpf.fn.do_trace1:
      do_trace1:
      ; int do_trace1(struct pt_regs *ctx) { // Line 110
         0:   bf 16 00 00 00 00 00 00         r6 = r1
         1:   b7 01 00 00 00 00 00 00         r1 = 0
      ; struct probe_result_t1 result = {}; // Line 111
         2:   7b 1a f0 ff 00 00 00 00         *(u64 *)(r10 - 16) = r1
      ; switch(ctx->ip) { // Line   5
         3:   79 61 80 00 00 00 00 00         r1 = *(u64 *)(r6 + 128)
         4:   15 01 04 00 d7 06 40 00         if r1 == 4196055 goto 4
         5:   55 01 06 00 ce 06 40 00         if r1 != 4196046 goto 6
      ; case 0x4006ceULL: *((int8_t *)dest) = ctx->ax; __asm__ __volatile__("": : :"memory"); return 0; // Line   6
         6:   79 61 50 00 00 00 00 00         r1 = *(u64 *)(r6 + 80)
      ......
      
      For asm insns, byte code is also dumped out (similar to objdump).
      For source codes, only lines in the module file are printed (as expected).
      The line number is added at the end of source code, which is
      especially helpful for inlined functions.
      
      This functionality is only in llvm 6.x (the trunk version), which
      provides an public interface to create a dwarf context based on
      a set of in-memory debug sections. llvm 5.x also provides
      such a public interface in a different way, and this patch
      does not support it in bcc yet. llvm 4.x and lower do not
      have such a public interface and hence will not be supported
      in bcc.
      
      In this patch, the debug output only goes to stderr.
      A subsequent patch will dump the per-function output into
      <BCC_PROG_TAG_DIR>/bpf_prog_<tag>/ if it is available.
      Signed-off-by: default avatarYonghong Song <yhs@fb.com>
      91837cac
  9. 02 Oct, 2017 1 commit
  10. 01 Oct, 2017 1 commit
  11. 29 Sep, 2017 1 commit
    • Paul Chaignon's avatar
      Traces external pointers in parenthesized expressions · c5ca2a67
      Paul Chaignon authored
      Partially reverts 80667b7b, "Fix unary operator handling of probe
      reads with parens", keeping the test case. With 4c6ecb46,
      "Restrict rewrite of unary operators to dereference operator," only
      dereferences are rewritten, removing the need for the previous fix.
      
      Reverting 80667b7b allows bcc to rewrite more dereferences, as
      highlighted in the new test case.
      c5ca2a67
  12. 28 Sep, 2017 3 commits
  13. 27 Sep, 2017 1 commit
  14. 26 Sep, 2017 8 commits
  15. 25 Sep, 2017 1 commit