- 11 Jul, 2018 1 commit
-
-
Mauricio Vasquez B authored
Use get_value() instead of lookup() as the value as in the case of percpu tables the ValueType is an std::vector that has to be resized before performing the lookup function. Add also some testing for it. Solves https://github.com/iovisor/bcc/issues/1860Signed-off-by: Mauricio Vasquez B <mauricio.vasquez@polito.it>
-
- 10 Jul, 2018 6 commits
-
-
4ast authored
debian: add llvm6.0 as possible dependency
-
4ast authored
Mention perf as universal counting tool in llcstat
-
4ast authored
Improve Python autoload syscall name handling
-
4ast authored
Added new footer.h header where BPF_LICENSE is set if not defined
-
4ast authored
Rewrite array accesses
-
4ast authored
Fix license recognition on GitHub.com
-
- 09 Jul, 2018 1 commit
-
-
Brenden Blanco authored
In recent Ubuntu, llvm 6 is available. Use that as control file dependency option.
-
- 08 Jul, 2018 1 commit
-
-
Ivan Babrou authored
Closes #1757.
-
- 06 Jul, 2018 1 commit
-
-
Teng Qin authored
-
- 02 Jul, 2018 1 commit
-
-
Brendan Gregg authored
tools: remove unnecessary calls to bpf_probe_read
-
- 01 Jul, 2018 2 commits
-
-
Paul Chaignon authored
The second file with the license information, COPYRIGHT.txt, contains the same information as LICENSE.txt, expect for the license's text. However, it prevents Licensee, the tool used by GitHub to detect licenses, from working properly as it doesn't know which file to take into account.
-
Paul Chaignon authored
Most of these calls have been rendered useless by a9f96c02 ("Recognize context member dereferences despite array accesses (#1828)").
-
- 28 Jun, 2018 3 commits
-
-
Paul Chaignon authored
-
Paul Chaignon authored
-
Paul Chaignon authored
Stops at any array accesses on external pointers and tries to rewrite both the array access and the member dereference if any, in one shot. With this commit, the following C code is rewritten properly into a single bpf_probe_read call. int test(struct pt_regs *ctx, const struct qstr *name) { return name->name[1]; } Based on Yonghong Song's code.
-
- 27 Jun, 2018 3 commits
-
-
Joe Yin authored
switch some fields from u64 to their natural size u32/u16
-
Oriol Arcas authored
Signed-off-by: Oriol Arcas <oriol@starflownetworks.com>
-
Joe Yin authored
based on kernel version, different kernel functions are kprobed.
-
- 26 Jun, 2018 3 commits
-
-
Lakshmipathi authored
Ensure dnf point to correct package name.
-
Teng Qin authored
* Add interface to Probe's getargs call This commit allows the Probe instance to generate argument for arbitary probe function * Refactor C++ USDT implementation This commit makes C++ USDT implementation uses the common USDT::Context and USDT::Probe logic * Add test case for C++ USDT API * Improve FollyRequestContextSwitch example
-
yonghong-song authored
Fix issue #1853. Commit 7c489469 ("adjust tracepoint field type based on size") tried to fix the tracepoint format descrepancy between declared type and actual size is 8. The type has to be promoted to match the size. The commit introduced a bug if the field is an array. For exmaple, block:block_rq_complete tracepoint has field rwbs: field:char rwbs[8]; offset:32; size:8; signed:1; The current implementation will incorrectly translate it into s64 rwbs[8]; since it considers the type is "char". This patch fixed this issue by checking the field name and if it is an array, rewriting will be skipped. Signed-off-by: Yonghong Song <yhs@fb.com>
-
- 25 Jun, 2018 2 commits
-
-
Jürgen Hötzel authored
Leftover from #986.
-
Ivan Babrou authored
* Strict version dependencies for debian packages, closes #1770 * Use correct description for libbcc-examples debian package
-
- 22 Jun, 2018 2 commits
-
-
yonghong-song authored
Fix issue #1845. The verbose output of argdist.py is broken. The bpf.open_uprobes/open_kprobes have been replaced by bpf.uprobe_fds/kprobe_fds. Fix the argdist.py and add "-v" to the argdist.py test in test_tools_smoke.py. Signed-off-by: Yonghong Song <yhs@fb.com>
-
Jürgen Hötzel authored
Leftover from #986.
-
- 21 Jun, 2018 5 commits
-
-
Daniel Zozin authored
KeyboardInterrupt exception is not handled anymore. It will be propagated and handled by the caller.
-
Oriol Arcas authored
Signed-off-by: Oriol Arcas <oriol@starflownetworks.com>
-
Oriol Arcas authored
Signed-off-by: Oriol Arcas <oriol@starflownetworks.com>
-
Oriol Arcas authored
Signed-off-by: Oriol Arcas <oriol@starflownetworks.com>
-
Joe Yin authored
implement tracepoint based probing for tcpaccept.py.
-
- 20 Jun, 2018 1 commit
-
-
Oriol Arcas authored
The helpers.h header specifies the BPF program license as 'GPL'. However, other GPL-compatible licenses are possible (e.g., Dual BSD/GPL) or even proprietary licenses (e.g., cachetop can run with a proprietary license). With this commit, the user can specify a BPF_LICENSE macro in the source code: #define BPF_LICENSE Custom license Note it supports multiple words and the absence of quotes. If the BPF doesn't have a GPL-compatible license and it uses any GPL-only helpers, the kernel will reject it with: cannot call GPL only function from proprietary program If no license is specified, it will fall back to GPL (the current behavior before this commit) so that the BCC tools and examples remain usable. Updated the documentation with BPF_LICENSE description, licensing error description, and licenses for each helper. Signed-off-by: Oriol Arcas <oriol@starflownetworks.com>
-
- 19 Jun, 2018 2 commits
-
-
Joel authored
While changing the stack_id to be signed, I accidentally screwed the check for an invalid stack_id. Some reason I didn't catch this even in my tests. This patch fixes the issue (thanks Erick Reyes for reporting). By the way, one weirdness I see is invalid stack_id is printed as -17 when I print it in python. When I do bpf_trace_printk, I get these ids: root@localhost:/# cat /d/tracing/trace_pipe <idle>-0 [003] .n.3 942.100225: : sid: 15 <idle>-0 [002] .n.3 943.140393: : sid: 15 kworker/3:3-1798 [003] ...3 943.422768: : sid: 6 kworker/3:3-1798 [003] ...3 943.423419: : sid: 6 kworker/3:3-1798 [003] ...3 943.423967: : sid: 6 BootAnimation-650 [003] .n.3 949.840268: : sid: 8 <idle>-0 [003] .n.3 952.360226: : sid: 15 <idle>-0 [000] ...3 953.100116: : sid: 11 Binder:571_3-1469 [000] .n.3 953.513328: : sid: 3 <idle>-0 [003] .n.3 954.760215: : sid: 15 Binder:571_3-1469 [000] ...3 955.460271: : sid: 18446744073709551599 <idle>-0 [003] .n.3 957.420275: : sid: 15 irq/296-cs35l36-662 [000] ...3 958.422890: : sid: 5 kworker/1:3-1729 [001] ...3 960.485247: : sid: 18446744073709551599 kworker/1:3-1729 [001] ...3 960.485888: : sid: 18446744073709551599 As an equivalent, when I do a print of the stack_id from the python code, I get: stack_id 15 stack_id 15 stack_id 6 stack_id 6 stack_id 6 stack_id 8 stack_id 15 stack_id 11 stack_id 3 stack_id 15 stack_id -17 stack_id 15 stack_id 5 stack_id -17 stack_id -17 This isn't a big deal since the valid stack_ids match, but still 1.8446744e+19 is -1 in 64-bit speak. So I do find that odd. Reported-by: Erick Reyes <erickreyes@google.com> Signed-off-by: Joel Fernandes (Google) <joel@joelfernandes.org>
-
Joel authored
This tool detects code sections in the kernel where IRQs or preemption are disabled for a user-specified amount of time. Requires a kernel built with CONFIG_DEBUG_PREEMPT and CONFIG_PREEMPTIRQ_EVENTS. Signed-off-by: Joel Fernandes <joel@joelfernandes.org>
-
- 18 Jun, 2018 1 commit
-
-
Joe Yin authored
fix socket protocol reading
-
- 17 Jun, 2018 3 commits
-
-
yonghong-song authored
* Fix external pointer propagation in nested dereferences and fix the count of indirections for addrof of member dereferences (&A->b). In nested dereferences, a dereference of an external pointer may give a new external pointer. For example, if A is an external pointer, then *A and A->b should also be considered as external pointers when appropriate (e.g., in **A or *(A->b)). In addition, a member dereference is a dereference, so we need to count it when counting the number of indirections in ProbeChecker. If we don't, *(&A->b) won't be rewritten correctly as &A->b will be considered a pointer to an external pointer. * Tests for the count of indirections in nested dereferences
-
yonghong-song authored
Fix issue #1830. After the rewrite, the code approximately becomes &({type _val; bpf_probe_read(&_val, sizeof(_val), &(p->m)); _val) Firstly the rewriting is really unnecessary, and secondly the compilation will fail since the addressOf cannot take address of the rvalue _val. C standard, however, allows the addressOf operand array subscript expression, e.g., &({type _val; bpf_probe_read(&_val, sizeof(_val), &(p->m)); _val)[0] This patch intends to fix the problem by avoiding the rewriting in the first place of addrressOf simple member expression. It still permits addressOf the array subscript expression. Signed-off-by: Yonghong Song <yhs@fb.com>
-
Paul Chaignon authored
* Fix nested rewrites dereferences When the rewriter meets a dereference of a member dereference it fails to properly rewrite them into calls to bpf_probe_read. The reason is that Clang is unable to track the position of rewritten text, but we can accommodate this by inserting text around the dereference instead of completely rewriting it. We are already doing that for member dereference, but not for simple dereference. * Test for the rewrite of nested dereferences
-
- 14 Jun, 2018 2 commits
-
-
Paul Chaignon authored
* Skip instead of bailing out if MemberExpr is not rewritable * Recognize context member dereferences despite array accesses For example, the rewriter should recognize, in the following, that prev is an external pointer retrieved from the context pointer, despite the access to the second element of the args array. struct task_struct *prev = (struct task_struct *)ctx->args[1]; The same could be done for the translation of member dereferences to bpf_probe_read calls, but that would be a little bit more complex (to retrieve the correct base) and there's currently no tool that would benefit from it. * Test for the recognition of ext ptrs from context array * tools: remove unnecessary bpf_probe_read calls 5d656bc7 made this calls unnecessary.
-
Andreas Gerstmayr authored
add __version__ attribute to bcc module
-