1. 03 Oct, 2018 1 commit
    • Marek Vavruša's avatar
      lua: codegen tests, tracking inverse form of null guards, IPv6 header builtins (#1991) · d1791f0b
      Marek Vavruša authored
      * lua: eliding repetitive NULL checks, fixes for read types, luacheck
      
      This fixes verifier failures in some kernel versions that track whether
      a possible NULL pointer has been check (and shouldn't be checked twice).
      
      It also fixes accessing memory from maps with composite keys.
      
      It fixes a case when temporary variable is used in condition,
      and the body of the condition contains just an assignment from
      immediate value to a variable that existed before the condition, e.g.:
      
      ```
      local x = 1 -- Assign constant to 'x', it will be materialized here
      if skb.len > 0 then -- New BB, not possible to fold as condition isn't const
          x = 2 -- Assign constant, it failed to materialize here
      end -- End of BB
      -- Value of x is always 1
      ```
      
      The `bpf.socket()` support ljsyscall socket as first parameter, and
      fixes compatibility with newer ljsyscall (type name has changed).
      
      * reverse BPF_LD ntohl() semantics for <= 32bit loads as well
      
      The loads using traditional instructions always do ntohl():
      
      https://www.kernel.org/doc/Documentation/networking/filter.txt
      
      They are however needed to support reads not using `skb`, e.g. NET_OFF
      
      * proto: add builtins for traversing IPv6 header and extension headers
      
      The IPv6 header is fixed size (40B), but it may contain either
      extension header, or transport  protocol after it, so the caller
      must check the `next_header` field before traversing to determine
      which dissector to use to traverse it, e.g.:
      
      ```
      if ip6.next_header == 44 then
         ip6 = ip6.ip6_opt -- Skip fragment header
      end
      if ip6.next_header == c.ip.proto_tcp then
         local tcp = ip6.tcp -- Finally, TCP
      end
      ```
      
      * reverse ntohl() for indirect BPF_LD as well
      
      * lua: started codegen tests, direct skb support, bugfixes
      
      This starts adding compiler correctness tests for basic expressions,
      variable source tracking, and control flow.
      
      Added:
      * direct skb->data access (in addition to BPF_LDABS, BPF_LDIND)
      * loads and stores from skb->data and map value backed memory
      * unified variable source tracking (ptr_to_ctx, ptr_to_map[_or_null], ptr_to_skb, ptr_to_pkt, ptr_to_stack)
      * BPF constants introduced between 4.10-4.15
      * bpf.dump_string() to dump generated assembly (text) to string
      
      Fixes:
      * pointer nil check tracking
      * dissectors for map value backed memory
      * ljsyscall extensions when the version is too old
      * KPRI nil variables used in conditions
      * wrongly elided constant materialization on condition-less jumps
      * loads/stores from stack memory using variable offset
      
      * lua: track inverse null guards (if x ~= nil)
      
      The verifier prohibits pointer comparisons except the first NULL check,
      so both forms must be tracked, otherwise it will check for NULL twice
      and verifier will reject it.
      
      * lua: support cdata and constants larger than i32, fix shadowed variables
      
      This adds support for numeric cdata constants (either in program, or
      retrieved with GGET/UGET). Values larger than i32 are coerced into i64.
      
      This also fixes shadowing of variables, and fixes materialization of
      result of variable copy at the end of basic block.
      d1791f0b
  2. 01 Oct, 2018 1 commit
  3. 28 Sep, 2018 1 commit
    • Mauricio Vásquez's avatar
      Add support for shared tables (#1988) · 54e377d2
      Mauricio Vásquez authored
      Currently tables can be created in two modes:
      1. private to the ebpf program
      2. shared among all the ebpf programs created by the same user-space
      process
      
      This commit extends bcc allowing to create a table that is shared among
      a set of specific ebpf programs.
      This is useful when creating network functions that are composed
      by more than 1 ebpf program, a map is shared among all the programs of
      the network function but isolated from different instances of that
      function.
      Signed-off-by: default avatarMauricio Vasquez B <mauricio.vasquez@polito.it>
      54e377d2
  4. 27 Sep, 2018 1 commit
  5. 26 Sep, 2018 1 commit
  6. 25 Sep, 2018 1 commit
  7. 21 Sep, 2018 5 commits
  8. 20 Sep, 2018 1 commit
  9. 19 Sep, 2018 3 commits
    • Mark Drayton's avatar
      biolatency: Fix --disks bpf_probe_read() (#1980) · fc245dfe
      Mark Drayton authored
      bpf_probe_read()'s third argument is no longer rewritten. Instead, use a
      temporary variable (like #1973) to avoid a memory access error.
      
      Before:
      
      ```
      $ sudo biolatency -D 1
      bpf: Failed to load program: Permission denied
      0: (79) r1 = *(u64 *)(r1 +112)
      1: (7b) *(u64 *)(r10 -8) = r1
      [..]
      R1 invalid mem access 'inv'
      
      HINT: The invalid mem access 'inv' error can happen if you try to
      dereference memory without first using bpf_probe_read() to copy it to
      the BPF stack. Sometimes the bpf_probe_read is automatic by the bcc
      rewriter, other times you'll need to be explicit.
      ```
      
      After, works as expected.
      fc245dfe
    • yonghong-song's avatar
      support "long" and "unsigned long" type in trace.py (#1977) · f720257c
      yonghong-song authored
      Currently, trace.py does not support "long" and "unsigned long"
      types and it often caught users with a surprise and they are
      not sure what is the problem. For example, for kernel function:
        void blk_mq_delay_kick_requeue_list(struct request_queue *q, unsigned long msecs)
      The following
        $ sudo ./trace.py 'blk_mq_delay_kick_requeue_list(void *notused, unsigned long msecs) "msecs = %lu", msecs'
        list index out of range
      
      With this patch,
        $ sudo ./trace.py 'blk_mq_delay_kick_requeue_list(void *notused, unsigned long msecs) "msecs = %lu", msecs'
        PID     TID     COMM            FUNC             -
        ^C
        $ sudo ./trace.py 'blk_mq_delay_kick_requeue_list(void *notused, unsigned long msecs) "msecs = %ld", msecs'
        PID     TID     COMM            FUNC             -
        ^C
        $ sudo ./trace.py 'blk_mq_delay_kick_requeue_list(void *notused, unsigned long msecs) "msecs = %lx", msecs'
        PID     TID     COMM            FUNC             -
        ^C
        $
      Signed-off-by: default avatarYonghong Song <yhs@fb.com>
      f720257c
    • yonghong-song's avatar
      fix compilation error with latest llvm 8.0 trunk (#1976) · 72bb0d56
      yonghong-song authored
      In llvm/clang 8 trunk, the following commits
        https://reviews.llvm.org/rL339384
        https://reviews.llvm.org/rL339385
        https://reviews.llvm.org/rL339386
      renames getLocStart to getBeginLoc, and getLocEnd to getEndLoc.
      This caused bcc compilation error with llvm/clang 8.
      To avoid proliferation of #define's based on LLVM version numbers
      and similar logic for many different types,
      this patch fixed the issues by define macros in common
      frontend_action_common.h where macro definition is multi-versioned
      based on llvm version. The macro itself is used in
      {b,tp}_frontend_action.cc.
      
      clang 8 also introduced a new library dependency
        libclangAnalysis.a depends on libclangASTMatchers.a
      This patch fixed this issue as well.
      Signed-off-by: default avatarYonghong Song <yhs@fb.com>
      72bb0d56
  10. 18 Sep, 2018 1 commit
    • yonghong-song's avatar
      fix a trace.py problem (#1973) · 61484e17
      yonghong-song authored
      Currently, trace.py failed for the following command:
        $ sudo ./trace.py 'filename_lookup(int dfd, struct filename *name) "%s", name->name'
        ...
        0: (bf) r6 = r1
        1: (79) r7 = *(u64 *)(r6 +104)
        ...
        32: (15) if r1 == 0x0 goto pc+5
        R0=inv(id=0) R1=inv(id=0) R6=ctx(id=0,off=0,imm=0) R7=inv(id=0)
        R8=inv0 R10=fp0,call_-1 fp-8=0 fp-16=0 fp-24=0 fp-32=0 fp-40=0 fp-48=0 fp-56=0 fp-64=0 fp-72=0 fp-80=0
        33: (79) r3 = *(u64 *)(r7 +0)
        R7 invalid mem access 'inv'
      
      For string format argument, the trace.py generates the below code:
              if (name->name != 0) {
                      bpf_probe_read(&__data.v0, sizeof(__data.v0), (void *)name->name);
              }
      Right now, bcc skips the rewriter for the third argument of bpf_probe_read to avoid
      unnecessary nested bpf_probe_read and other potential issues.
      This causes name->name memory access not transformed with bpf_probe_read and hence
      the verifier complains.
      
      To fix the issue, this patch did the following transformation using an
      temporary variable to hold the src address:
              if (name->name != 0) {
                      void *__tmp = (void *)name->name;
                      bpf_probe_read(&__data.v0, sizeof(__data.v0), __tmp);
              }
      This way, rewriter can do the work properly.
      Signed-off-by: default avatarYonghong Song <yhs@fb.com>
      61484e17
  11. 13 Sep, 2018 2 commits
    • Nguyen Phuong An's avatar
      Fix syntax error in xdp_redirect_cpu.py (#1969) · 0cae0dd3
      Nguyen Phuong An authored
      Fix syntax error in xdp_redirect_cpu.py
      0cae0dd3
    • zlim's avatar
      Enable Ubuntu/arm64 deb packaging (#1968) · 17f797d9
      zlim authored
      * Bump ubuntu docker build to bionic
      
      Fixes build dependency for arm64
      Signed-off-by: default avatarZi Shen Lim <zlim.lnx@gmail.com>
      
      * Add Build-Depends: dh-python
      
      Fixes build dependency issue observed on bionic/arm64:
      
      dh: unable to load addon python3: Can't locate Debian/Debhelper/Sequence/python3.pm in @INC (you may need to install the Debian::Debhelper::Sequence::python3 module) (@INC contains: /etc/perl /usr/local/lib/aarch64-linux-gnu/perl/5.26.1 /usr/local/share/perl/5.26.1 /usr/lib/aarch64-linux-gnu/perl5/5.26 /usr/share/perl5 /usr/lib/aarch64-linux-gnu/perl/5.26 /usr/share/perl/5.26 /usr/local/lib/site_perl /usr/lib/aarch64-linux-gnu/perl-base) at (eval 9) line 1.
      BEGIN failed--compilation aborted at (eval 9) line 1.
      Signed-off-by: default avatarZi Shen Lim <zlim.lnx@gmail.com>
      
      * Enable arm64 deb packaging
      
      LLVM6.0 is minimum version required for arm64 build. [PR#1512]
      
      [PR#1512] https://github.com/iovisor/bcc/pull/1512Signed-off-by: default avatarZi Shen Lim <zlim.lnx@gmail.com>
      17f797d9
  12. 11 Sep, 2018 1 commit
  13. 10 Sep, 2018 2 commits
  14. 07 Sep, 2018 1 commit
  15. 05 Sep, 2018 1 commit
  16. 04 Sep, 2018 1 commit
  17. 02 Sep, 2018 1 commit
    • olsajiri's avatar
      tools: Skip backward time entries v2 (#1958) · fe26ca97
      olsajiri authored
      * tools: Skip backward time entries in xfsslower
      
      While using xfsslower on RHEL7 we occasionally get
      following screwed up latencies:
      
        # xfsslower
        Tracing XFS operations slower than 1 ms
        TIME     COMM           PID    T BYTES   OFF_KB   LAT(ms) FILENAME
        13:25:03 git            3385   R 62      4704     18446744073708.55 tmp_pack_bDUbwZ
        13:25:03 git            3385   S 0       0           3.05 tmp_idx_Kjb2bW
        ...
      
      The reason for this is that on RHEL7 it's possible to get backward
      timetamp with bpf_ktime_get_ns. This needs to be fixed, but meanwhile
      this fix makes sure the latencies with backward times are skipped.
      
      For the rest of the kernels this is just sanity fix with
      possibly just single compare instruction overhead.
      
      It's temporary workaround for #728.
      Signed-off-by: default avatarJiri Olsa <jolsa@kernel.org>
      
      * tools: Skip backward time entries in ext4dist
      
      While using ext4dist on RHEL7 we occasionally get
      following screwed up latencies:
      
        # ext4dist
        Tracing ext4 operation latency... Hit Ctrl-C to end.
        ^C
      
        operation = write
                     usecs                         : count     distribution
                         0 -> 1                    : 1134529   |********            |
                         2 -> 3                    : 2777582   |********************|
                         4 -> 7                    : 688014    |****                |
                         8 -> 15                   : 36160     |                    |
                        16 -> 31                   : 698       |                    |
                        32 -> 63                   : 6         |                    |
                        64 -> 127                  : 15        |                    |
                       128 -> 255                  : 7         |                    |
                       256 -> 511                  : 1         |                    |
                       512 -> 1023                 : 0         |                    |
                      1024 -> 2047                 : 0         |                    |
                      2048 -> 4095                 : 2         |                    |
                      4096 -> 8191                 : 1         |                    |
                      8192 -> 16383                : 5         |                    |
                     16384 -> 32767                : 0         |                    |
                     32768 -> 65535                : 0         |                    |
      
          9007199254740992 -> 18014398509481983    : 0         |                    |
         18014398509481984 -> 36028797018963967    : 1         |                    |
      
      The reason for this is that on RHEL7 it's possible to get backward
      timestamp with bpf_ktime_get_ns. This needs to be fixed, but meanwhile
      this fix makes sure the latencies with backward times are skipped.
      
      For the rest of the kernels this is just sanity fix with
      possibly just single compare instruction overhead.
      
      It's temporary workaround for #728.
      Signed-off-by: default avatarJiri Olsa <jolsa@kernel.org>
      fe26ca97
  18. 31 Aug, 2018 1 commit
  19. 30 Aug, 2018 1 commit
    • Filippos Giannakos's avatar
      Serialize python builds (#1951) · 19bdbfd2
      Filippos Giannakos authored
      Generating sdist for both python2 and python3 at the same time can fail
      as they both use the same temporary files.
      
      Make sure that we generate sdist for each `PYTHON_CMD` sequentially.
      19bdbfd2
  20. 28 Aug, 2018 3 commits
  21. 21 Aug, 2018 1 commit
    • muahao's avatar
      [tools/argdist.py] Fix a wrong place of help info (#1939) · 852e19be
      muahao authored
      argdist -H 'r::__vfs_read(void *file, void *buf, size_t count):size_t
      $entry(count):$latency > 1000000'
      is a wrong example which cann't excute success, because lack of ":" and cann't split field correctly.
      
      So, the right command is:
      
      argdist -H 'r::__vfs_read(void *file, void *buf, size_t count):size_t:
      $entry(count):$latency > 1000000'
      Signed-off-by: default avatarAhao Mu <muahao@linux.alibaba.com>
      852e19be
  22. 17 Aug, 2018 2 commits
  23. 16 Aug, 2018 2 commits
  24. 15 Aug, 2018 3 commits
    • Mike Day's avatar
      provide a parameter to suppress printing a new line at the end of the bytes (#1930) · 49d475f1
      Mike Day authored
      provide a parameter to suppress printing a new line at the end of the bytes.
      existing behavior is not changed.
      49d475f1
    • Teng Qin's avatar
      Merge pull request #1929 from iovisor/yhs_dev · ecfbc749
      Teng Qin authored
      fix a rewriter bug for array subscript
      ecfbc749
    • Yonghong Song's avatar
      fix a rewriter bug for array subscript · eb7b586d
      Yonghong Song authored
      additional fix for issue #1850
      
      for the below case in test_clang.py;
        int test(struct pt_regs *ctx, struct mm_struct *mm) {
            return mm->rss_stat.count[MM_ANONPAGES].counter;
        }
      
      the current rewriter generates:
        int test(struct pt_regs *ctx) {
         struct mm_struct *mm = ctx->di;
            return ({ typeof(atomic_long_t) _val;
                      __builtin_memset(&_val, 0, sizeof(_val));
                      bpf_probe_read(&_val,
                                     sizeof(_val),
                                     (u64)(&mm->rss_stat.count) + (MM_ANONPAGES));
                      _val; }).counter;
        }
      The third argument of bpf_probe_read() is incorrect.
      The correct third argument should be
         (u64)((&mm->rss_stat.count) + (MM_ANONPAGES))
      
      This patch fixed the issue by adding extra parenthesis for the
      outer u64 type casting.
      
        int test(struct pt_regs *ctx) {
         struct mm_struct *mm = ctx->di;
            return ({ typeof(atomic_long_t) _val;
                      __builtin_memset(&_val, 0, sizeof(_val));
                      bpf_probe_read(&_val,
                                     sizeof(_val),
                                     (u64)((&mm->rss_stat.count) + (MM_ANONPAGES)));
                      _val; }).counter;
        }
      Signed-off-by: default avatarYonghong Song <yhs@fb.com>
      eb7b586d
  25. 13 Aug, 2018 2 commits