- 04 Oct, 2016 4 commits
-
-
Sasha Goldshtein authored
* Remove tracepoint.py The `Tracepoint` class which implements the necessary support for the tracepoint kprobe-based hack is no longer needed and can be removed. * argdist: Native tracepoint support This commit migrates argdist to use the native bcc/BPF tracepoint support instead of the hackish kprobe- based approach. The resulting programs are cleaner and likely more efficient. As a result of this change, there is a slight API change in how argdist is used with tracepoints. To access fields from the tracepoint structure, the user is expected to use `args->field` directly. This leverages most of the built-in bcc support for generating the tracepoint probe function. * trace: Native tracepoint support This commit migrates trace to use the native bcc/BPF tracepoint support instead of the hackish kprobe- based approach. The resulting programs are cleaner and likely more efficient. As with argdist, users are now expected to use the `args` structure pointer to access the tracepoint's arguments. For example: ``` trace 't:irq:irq_handler_entry (args->irq != 27) "irq %d", args->irq' ```
-
Sasha Goldshtein authored
By default, argdist now clears the histograms or freq count maps after each display interval. The new `-c` option enables cumulative mode, where maps are not cleared at each interval. This fixes #718.
-
Sasha Goldshtein authored
When verbose mode is enabled, ask all USDT helper objects to print out the argument helper functions, which help retrieve the argument values for each individual probe location. This can be useful for debugging probes; the helper functions are part of the loaded BPF program, so they need to be printed in verbose mode.
-
Sasha Goldshtein authored
Fixes the error message from `BPF._find_exe` which would occur if argdist or trace had a naked executable name not qualified with a path, such as: ``` trace 'r:bash:readline "%s", retval' ``` This is now supported again.
-
- 03 Oct, 2016 1 commit
-
-
Quentin Monnet authored
Following brendangregg's suggestion (https://github.com/iovisor/bcc/pull/577#issuecomment-251052371), this commit replaces the former list with a new one: more features are listed, along with commit ids and references (but no comments detailing the features, though).
-
- 01 Oct, 2016 1 commit
-
-
zaafar authored
wasn't working for kernel ver less than 4.5.
-
- 30 Sep, 2016 3 commits
- 28 Sep, 2016 2 commits
-
-
Teng Qin authored
-
Marco Leogrande authored
If LLVM_INCLUDE_DIRS includes multiple directories, separated by semicolon, the string would be incorrectly propagated all the way down to the shell, that would interpret such semicolon as a command separator. E.g. we would have: c++ ... -isystem /w/llvm/include;/w/llvm/bld/include ... Instead, we need to parse the string as a CMake list (that are defined as strings composed by semicolon-separated tokens) and build a string in the form: c++ ... -isystem /w/llvm/include -isystem /w/llvm/bld/include ... This bug was introduced in d19e0cb0. This commit fixes #707. Signed-off-by: Marco Leogrande <marcol@plumgrid.com>
-
- 27 Sep, 2016 2 commits
-
-
Marco Leogrande authored
* Flag ${LLVM_INCLUDE_DIRS} as a system include directory g++ supports a -isystem switch, that can be used to mark a given directory as a system include directory. Warnings generated by system include directories are ignored by default. This commit hides a long list of warnings, like the following one, generated by llvm header files included from ${LLVM_INCLUDE_DIRS}: /usr/lib/llvm-3.7/include/clang/AST/APValue.h:373:44: warning: dereferencing type-punned pointer will break strict-aliasing rules [-Wstrict-aliasing] Signed-off-by: Marco Leogrande <marcol@plumgrid.com> * Fix 'defined but not used' warning Remove unused function from the USDT probes test. The warning was: tests/cc/test_usdt_probes.cc:59:15: warning: ‘size_t countsubs(const string&, const string&)’ defined but not used [-Wunused-function] Signed-off-by: Marco Leogrande <marcol@plumgrid.com>
-
Sasha Goldshtein authored
* Allow argdist to enable USDT probes without a pid The current code would only pass the pid to the USDT class, thereby not allowing USDT probes to be enabled from the binary path only. If the probe doesn't have a semaphore, it can actually be enabled for all processes in a uniform fashion -- which is now supported. * Reintroduce USDT support into tplist To print USDT probe information, tplist needs an API to return the probe data, including the number of arguments and locations for each probe. This commit introduces this API, called bcc_usdt_foreach, and invokes it from the revised tplist implementation. Although the result is not 100% identical to the original tplist, which could also print the probe argument information, this is not strictly required for users of the argdist and trace tools, which is why it was omitted for now. * Fix trace.py tracepoint support Somehow, the import of the Perf class was omitted from tracepoint.py, which would cause failures when trace enables kernel tracepoints. * trace: Native bcc USDT support trace now works again by using the new bcc USDT support instead of the home-grown Python USDT parser. This required an additional change in the BPF Python API to allow multiple USDT context objects to be passed to the constructor in order to support multiple USDT probes in a single invocation of trace. Otherwise, the USDT-related code in trace was greatly simplified, and uses the `bpf_usdt_readarg` macros to obtain probe argument values. One minor inconvenience that was introduced in the bcc USDT API is that USDT probes with multiple locations that reside in a shared object *must* have a pid specified to enable, even if they don't have an associated semaphore. The reason is that the bcc USDT code figures out which location invoked the probe by inspecting `ctx->ip`, which, for shared objects, can only be determined when the specific process context is available to figure out where the shared object was loaded. This limitation did not previously exist, because instead of looking at `ctx->ip`, the Python USDT reader generated separate code for each probe location with an incrementing identifier. It's not a very big deal because it only means that some probes can't be enabled without specifying a process id, which is almost always desired anyway for USDT probes. argdist has not yet been retrofitted with support for multiple USDT probes, and needs to be updated in a separate commit. * argdist: Support multiple USDT probes argdist now supports multiple USDT probes, as it did before the transition to the native bcc USDT support. This requires aggregating the USDT objects from each probe and passing them together to the BPF constructor when the probes are initialized and attached. Also add a more descriptive exception message to the USDT class when it fails to enable a probe.
-
- 26 Sep, 2016 4 commits
-
-
Marco Leogrande authored
This is similar in spirit to what was done in PR #677 to fix the problem reported in #609. filelife.py is now converted to use the right struct field. Signed-off-by: Marco Leogrande <marcol@plumgrid.com>
-
Glauber Costa authored
There are situations, specially when using non-folded mode, where we are interested only in very high latencies that happen due to blocking. While we can certainly filter out the very small ones out of the output, it is a lot more convenient to do this from the tool itself, as it would be difficult from an external filter to do this in one pass. But if we are to discard unused measurements, we can do even better: we can change the bpf code itself not to grab those traces, and gain a bit of efficiency in scenarios in which we are only concerned about peak latencies. This scheme can be easily extended to also allow a maximum cap in the latencies we are interested in. After this patch is applied, the options -m and -M can be used to set those limits respectively. Fixes: #588
-
Jörg Thalheim authored
-
Taekho Nam authored
-
- 16 Sep, 2016 2 commits
-
-
Brendan Gregg authored
[tcpconnect] filter traced connection based on destination ports
-
chantra authored
Test: While running: while [ 1 ]; do nc -w 1 100.127.0.1 80; nc -w 1 100.127.0.1 81; done root@vagrant:/mnt/bcc# ./tools/tcpconnect.py PID COMM IP SADDR DADDR DPORT 19978 nc 4 10.0.2.15 100.127.0.1 80 19979 nc 4 10.0.2.15 100.127.0.1 81 19980 nc 4 10.0.2.15 100.127.0.1 80 19981 nc 4 10.0.2.15 100.127.0.1 81 root@vagrant:/mnt/bcc# ./tools/tcpconnect.py -P 80 PID COMM IP SADDR DADDR DPORT 19987 nc 4 10.0.2.15 100.127.0.1 80 19989 nc 4 10.0.2.15 100.127.0.1 80 19991 nc 4 10.0.2.15 100.127.0.1 80 19993 nc 4 10.0.2.15 100.127.0.1 80 19995 nc 4 10.0.2.15 100.127.0.1 80 root@vagrant:/mnt/bcc# ./tools/tcpconnect.py -P 80,81 PID COMM IP SADDR DADDR DPORT 8725 nc 4 10.0.2.15 100.127.0.1 80 8726 nc 4 10.0.2.15 100.127.0.1 81 8727 nc 4 10.0.2.15 100.127.0.1 80 8728 nc 4 10.0.2.15 100.127.0.1 81 8729 nc 4 10.0.2.15 100.127.0.1 80 Fixes #681
-
- 14 Sep, 2016 1 commit
-
-
Brendan Gregg authored
* add new tool: capable * refactor a little, remove extra bpf_get_current_pid_tgid()
-
- 12 Sep, 2016 1 commit
-
-
davidefdl authored
Use tempfile module to create a temp file Fix some review input Fix style check Style Style check Remove builtin module from python test to run fedora ctest Let the program calling bpf_prog_load to handle the log buffer Check max instruction before the syscall. Fix other review comment
-
- 11 Sep, 2016 2 commits
-
-
Brendan Gregg authored
minor cleanup + process partial name matching
-
KarimAllah Ahmed authored
Signed-off-by: KarimAllah Ahmed <karim.allah.ahmed@gmail.com>
-
- 10 Sep, 2016 2 commits
-
-
KarimAllah Ahmed authored
Signed-off-by: KarimAllah Ahmed <karim.allah.ahmed@gmail.com>
-
KarimAllah Ahmed authored
... since they are unused. Signed-off-by: KarimAllah Ahmed <karim.allah.ahmed@gmail.com>
-
- 09 Sep, 2016 2 commits
-
-
Brenden Blanco authored
Prepare debian changelog for v0.2.0 tag
-
Brenden Blanco authored
Signed-off-by: Brenden Blanco <bblanco@plumgrid.com>
-
- 08 Sep, 2016 2 commits
-
-
Brendan Gregg authored
examples: fix indentation in tracing/tcpv4connect
-
Iago López Galeiras authored
Python doesn't like mixing spaces and tabs.
-
- 30 Aug, 2016 1 commit
-
-
Brendan Gregg authored
fileslower: use de->d_name.name, add filtering
-
- 29 Aug, 2016 1 commit
-
-
Mark Drayton authored
-
- 25 Aug, 2016 1 commit
-
-
Brenden Blanco authored
fix biosnoop after kernel change
-
- 24 Aug, 2016 5 commits
-
-
Brendan Gregg authored
-
Brendan Gregg authored
offcputime improvements: use less RAM, add PID/TID support
-
Mark Drayton authored
-
Brenden Blanco authored
Add perf_submit_skb
-
Martin KaFai Lau authored
For BPF_PROG_TYPE_SCHED_CLS/ACT, the upstream kernel has recently added a feature to efficiently output skb + meta data: commit 555c8a8623a3 ("bpf: avoid stack copy and use skb ctx for event output") This patch adds perf_submit_skb to BPF_PERF_OUTPUT macro. It takes an extra u32 argument. perf_submit_skb will then be expanded to bpf_perf_event_output properly to consider the newly added u32 argument as the skb's len. Other than the above described changes, perf_submit_skb is almost a carbon copy of the perf_submit except the removal of the 'string name' variable since I cannot find a specific use of it. Note that the 3rd param type of bpf_perf_event_output has also been changed from u32 to u64. Added a sample program tc_perf_event.py. Here is how the output looks like: [root@arch-fb-vm1 networking]# ./tc_perf_event.py Try: "ping -6 ff02::1%me" CPU SRC IP DST IP Magic 0 fe80::982f:5dff:fec1:e52b ff02::1 0xfaceb00c 0 fe80::982f:5dff:fec1:e52b ff02::1 0xfaceb00c 0 fe80::982f:5dff:fec1:e52b ff02::1 0xfaceb00c 1 fe80::982f:5dff:fec1:e52b ff02::1 0xfaceb00c 1 fe80::982f:5dff:fec1:e52b ff02::1 0xfaceb00c 1 fe80::982f:5dff:fec1:e52b ff02::1 0xfaceb00c
-
- 21 Aug, 2016 1 commit
-
-
Brendan Gregg authored
Minor adjustments to the documentation
-
- 20 Aug, 2016 2 commits
-
-
Paul Chaignon authored
-
Paul Chaignon authored
Fix a few typos Add missing link Reword update() description sentence
-