Minor debian/control file updates
Added Debian - Source section to INSTALL.md

On 30 April 2016 Vicent Marti modified src/lua/CMakeLists.txt to
statically link libbcc into bcc-lua.  This causes one of the tests
in test/lua/test_standalone.sh to fail, and renders all of the tests
related to libbcc.so obsolete.

bcc: add support for lpm trie map type

Update installation instructions for FC24 and FC25

docs/kernel-versions: add reference to powerpc64 constant blinding support

... introduced in v4.9
Signed-off-by: Naveen N. Rao <naveen.n.rao@linux.vnet.ibm.com>

It turns out that for FC24 and FC25, there is a sufficiently recent
version of Clang in the official package sources, so we don't need
to fetch it from llvm.org using wget. Tested manually on a pair of
fresh FC24 and FC25 VMs, and confirmed that BCC builds and runs OK.

tools: add tool to detect potential deadlocks in running programs

switch bcc to use single instance per bcc process, fixed issue #940

instance dir is bcc_pid, fixed issue #940

docs: fix "BPF attached to sockets" commit link

docs: keep track of when prealloc of map elements were introduced

- Specify when `--binary` is needed (statically vs dynamically-linked
  binaries).

- Make `-h`, `_examples.txt`, and man page have concrete examples and
  be more user-friendly.

- Remove dependency on networkx. I did this by copying only the parts I needed
  from networkx, and adapting it to only use what I needed. These include:
  `DiGraph`, `strongly_connected_components`, `simple_cyles`

- Symbolize global and static mutexes. In order to do this, I subshell out to
  `subshell`. This isn't very efficient, but this only happens at the end of
  the program if a deadlock is found, so it's not too bad.

- `--verbose` mode to print graph statistics

- Make `--binary` flag optional. Not needed by default, However, this is needed
  on kernels without this recent kernel patch
  (https://lkml.org/lkml/2017/1/13/585, submitted 2 weeks ago): we can't attach
  a uprobe on a binary that has `:` in the path name. Instead, we can create a
  symlink without `:` in the path and pass that to the `--binary` argument
  instead.

Kernel v4.6-rc1~91^2~108^2~6
 commit 6c9059817432 ("bpf: pre-allocate hash map elements")

Introduced default preallocation of mem elements to solve a deadlock
(when kprobe'ing the memory allocator itself).

This change is also a performance enhancement.

The commit also introduced a map_flags on BPF_MAP_CREATE, which can disable
this preallocation again BPF_F_NO_PREALLOC.
Signed-off-by: Jesper Dangaard Brouer <brouer@redhat.com>

`deadlock_detector` is a new tool to detect potential deadlocks (lock order
inversions) in a running process. The program attaches uprobes on
`pthread_mutex_lock` and `pthread_mutex_unlock` to build a mutex wait directed
graph, and then looks for a cycle in this graph. This graph has the following
properties:

- Nodes in the graph represent mutexes.
- Edge (A, B) exists if there exists some thread T where lock(A) was called
  and lock(B) was called before unlock(A) was called.

If there is a cycle in this graph, this indicates that there is a lock order
inversion (potential deadlock). If the program finds a lock order inversion, the
program will dump the cycle of mutexes, dump the stack traces where each mutex
was acquired, and then exit.

The format of the output uses a similar output as ThreadSanitizer (See example:
https://github.com/google/sanitizers/wiki/ThreadSanitizerDeadlockDetector)

This program can only find potential deadlocks that occur while the program is
tracing the process. It cannot find deadlocks that may have occurred before the
program was attached to the process.

If the traced process has many mutexes and threads, this program will add a
very large overhead because every mutex lock/unlock and clone call will be
traced. This tool is meant for debugging only, and you should run this tool
only on programs where the slowdown is acceptable.

Note: This tool adds a dependency on `networkx` for the graph libraries
(building a directed graph and cycle detection).

Note: This tool does not work for shared mutexes or recursive mutexes.

For shared (read-write) mutexes, a deadlock requires a cycle in the wait
graph where at least one of the mutexes in the cycle is acquiring exclusive
(write) ownership.

For recursive mutexes, lock() is called multiple times on the same mutex.
However, there is no way to determine if a mutex is a recursive mutex
after the mutex has been created. As a result, this tool will not find
potential deadlocks that involve only one mutex.

Allow RPMS to be built on ppc64 and aarch64 by making luajit optional

Not all architectures have luajit supported.  The bcc configure and
build were already was set up to make the luajit dependent parts
optional.  The bcc.spec now makes the luajit dependent parts optional
too allowing Fedora 25 builds on ppc64, ppc64le, and aarch64.  This
change has been tested and allows the resulting srpm to build on the
Fedora koji build system for the newly added architectures.
Signed-off-by: William Cohen <wcohen@redhat.com>

Support for __data_loc tracepoint fields

`__data_loc` fields are dynamically sized by the kernel at
runtime. The field data follows the tracepoint structure entry,
and needs to be extracted in a special way. The `__data_loc` field
itself is a 32-bit value that consists of two 16-bit parts: the
high 16 bits are the length of the data, and the low 16 bits are
the offset of the data from the beginning of the tracepoint
structure. From a cursory look, there are >200 tracepoints in
recent kernels that have this kind of field.

This patch fixes `tp_frontend_action.cc` to recognize and emit
`__data_loc` fields correctly, as 32-bit opaque fields. Then, it
introduces two helper macros:

`TP_DATA_LOC_READ(dst, field)` reads from `args->field` by finding
the right offset and length and emitting the `bpf_probe_read`
required to fetch the data. This will only work with new kernels.

`TP_DATA_LOC_READ_CONST(dst, field, length)` takes a user-specified
length rather than finding it from `args->field`. This will work
on older kernels, where the BPF verifier doesn't allow non-constant
sizes to be passed to `bpf_probe_read`.

Handling multiple concurrent probe users.

powerpc: update the build triplet

The more commonly used triplet on ppc64le happens to be
powerpc64le-unknown-linux-gnu. The existing one causes problems in
certain build environments. Change this.

While at it, also include support for building on big endian.
Reported-by: Anton Blanchard <anton@samba.org>
Signed-off-by: Naveen N. Rao <naveen.n.rao@linux.vnet.ibm.com>

using static buf size in libbpf.c. for uprobe, set buf size to PATH_MAX