- 03 Oct, 2018 1 commit
-
-
Marek Vavruša authored
* lua: eliding repetitive NULL checks, fixes for read types, luacheck This fixes verifier failures in some kernel versions that track whether a possible NULL pointer has been check (and shouldn't be checked twice). It also fixes accessing memory from maps with composite keys. It fixes a case when temporary variable is used in condition, and the body of the condition contains just an assignment from immediate value to a variable that existed before the condition, e.g.: ``` local x = 1 -- Assign constant to 'x', it will be materialized here if skb.len > 0 then -- New BB, not possible to fold as condition isn't const x = 2 -- Assign constant, it failed to materialize here end -- End of BB -- Value of x is always 1 ``` The `bpf.socket()` support ljsyscall socket as first parameter, and fixes compatibility with newer ljsyscall (type name has changed). * reverse BPF_LD ntohl() semantics for <= 32bit loads as well The loads using traditional instructions always do ntohl(): https://www.kernel.org/doc/Documentation/networking/filter.txt They are however needed to support reads not using `skb`, e.g. NET_OFF * proto: add builtins for traversing IPv6 header and extension headers The IPv6 header is fixed size (40B), but it may contain either extension header, or transport protocol after it, so the caller must check the `next_header` field before traversing to determine which dissector to use to traverse it, e.g.: ``` if ip6.next_header == 44 then ip6 = ip6.ip6_opt -- Skip fragment header end if ip6.next_header == c.ip.proto_tcp then local tcp = ip6.tcp -- Finally, TCP end ``` * reverse ntohl() for indirect BPF_LD as well * lua: started codegen tests, direct skb support, bugfixes This starts adding compiler correctness tests for basic expressions, variable source tracking, and control flow. Added: * direct skb->data access (in addition to BPF_LDABS, BPF_LDIND) * loads and stores from skb->data and map value backed memory * unified variable source tracking (ptr_to_ctx, ptr_to_map[_or_null], ptr_to_skb, ptr_to_pkt, ptr_to_stack) * BPF constants introduced between 4.10-4.15 * bpf.dump_string() to dump generated assembly (text) to string Fixes: * pointer nil check tracking * dissectors for map value backed memory * ljsyscall extensions when the version is too old * KPRI nil variables used in conditions * wrongly elided constant materialization on condition-less jumps * loads/stores from stack memory using variable offset * lua: track inverse null guards (if x ~= nil) The verifier prohibits pointer comparisons except the first NULL check, so both forms must be tracked, otherwise it will check for NULL twice and verifier will reject it. * lua: support cdata and constants larger than i32, fix shadowed variables This adds support for numeric cdata constants (either in program, or retrieved with GGET/UGET). Values larger than i32 are coerced into i64. This also fixes shadowing of variables, and fixes materialization of result of variable copy at the end of basic block.
-
- 01 Oct, 2018 1 commit
-
-
Bora M. Alper authored
Update INSTALL.md to include Ubuntu Bionic (18.04)
-
- 28 Sep, 2018 1 commit
-
-
Mauricio Vásquez authored
Currently tables can be created in two modes: 1. private to the ebpf program 2. shared among all the ebpf programs created by the same user-space process This commit extends bcc allowing to create a table that is shared among a set of specific ebpf programs. This is useful when creating network functions that are composed by more than 1 ebpf program, a map is shared among all the programs of the network function but isolated from different instances of that function. Signed-off-by: Mauricio Vasquez B <mauricio.vasquez@polito.it>
-
- 27 Sep, 2018 1 commit
-
-
Mauricio Vásquez authored
After https://github.com/iovisor/bcc/pull/1826 version.py is generated by cmake in order to have the __version__ define in the module. The previous approach of installing the python module created a link between the src and the "build" folder, hence the version.py was actually created in the scr folder, this caused some git noise. This comit solves that problem by copying files instead of creating a link, then the version.py file is only created in the "build" dir. Signed-off-by: Mauricio Vasquez B <mauriciovasquezbernal@gmail.com>
-
- 26 Sep, 2018 1 commit
-
-
Marko Myllynen authored
Use argparse in cachestat, add --ebpf support. Add --ebpf support for u* tools, finalize language sorting. Remove sole --ebpf string on usage line in tcpsubnet.
-
- 25 Sep, 2018 1 commit
-
-
Teng Qin authored
Add #include to libbpf.h for base types.
-
- 21 Sep, 2018 5 commits
-
-
Michael Bolin authored
-
bolinfest authored
Note this allows us to eliminate the `bpf_ktime_get_ns()` call from `trace_entry()`.
-
Teng Qin authored
prevent array subscript expression if base/index is not rewritable
-
Yonghong Song authored
The following command failed: trace.py -U 'r::_do_fork (retval == -11) "%llu", ((struct task_struct *)bpf_get_current_task())->signal->rlim[RLIMIT_NPROC].rlim_cur' as rewriter generates code like __data.v0 = (unsigned long long)((struct task_struct *)bpf_get_current_task())->signal->rlim[RLIMIT_NPROC))); _val; }).rlim_cur; Let us prevent rewriting if either base or index is not rewritable and this fixed the issue. Signed-off-by: Yonghong Song <yhs@fb.com>
-
Mauricio Vásquez authored
get_offline_table is missing in the BPFTable class. Add it and some test cases. Signed-off-by: Mauricio Vasquez B <mauricio.vasquez@polito.it>
-
- 20 Sep, 2018 1 commit
-
-
Sebastiano Miano authored
Adds the support for the DEVMAP in the C++ APIs, which was missing in #1810
-
- 19 Sep, 2018 3 commits
-
-
Mark Drayton authored
bpf_probe_read()'s third argument is no longer rewritten. Instead, use a temporary variable (like #1973) to avoid a memory access error. Before: ``` $ sudo biolatency -D 1 bpf: Failed to load program: Permission denied 0: (79) r1 = *(u64 *)(r1 +112) 1: (7b) *(u64 *)(r10 -8) = r1 [..] R1 invalid mem access 'inv' HINT: The invalid mem access 'inv' error can happen if you try to dereference memory without first using bpf_probe_read() to copy it to the BPF stack. Sometimes the bpf_probe_read is automatic by the bcc rewriter, other times you'll need to be explicit. ``` After, works as expected.
-
yonghong-song authored
Currently, trace.py does not support "long" and "unsigned long" types and it often caught users with a surprise and they are not sure what is the problem. For example, for kernel function: void blk_mq_delay_kick_requeue_list(struct request_queue *q, unsigned long msecs) The following $ sudo ./trace.py 'blk_mq_delay_kick_requeue_list(void *notused, unsigned long msecs) "msecs = %lu", msecs' list index out of range With this patch, $ sudo ./trace.py 'blk_mq_delay_kick_requeue_list(void *notused, unsigned long msecs) "msecs = %lu", msecs' PID TID COMM FUNC - ^C $ sudo ./trace.py 'blk_mq_delay_kick_requeue_list(void *notused, unsigned long msecs) "msecs = %ld", msecs' PID TID COMM FUNC - ^C $ sudo ./trace.py 'blk_mq_delay_kick_requeue_list(void *notused, unsigned long msecs) "msecs = %lx", msecs' PID TID COMM FUNC - ^C $ Signed-off-by: Yonghong Song <yhs@fb.com>
-
yonghong-song authored
In llvm/clang 8 trunk, the following commits https://reviews.llvm.org/rL339384 https://reviews.llvm.org/rL339385 https://reviews.llvm.org/rL339386 renames getLocStart to getBeginLoc, and getLocEnd to getEndLoc. This caused bcc compilation error with llvm/clang 8. To avoid proliferation of #define's based on LLVM version numbers and similar logic for many different types, this patch fixed the issues by define macros in common frontend_action_common.h where macro definition is multi-versioned based on llvm version. The macro itself is used in {b,tp}_frontend_action.cc. clang 8 also introduced a new library dependency libclangAnalysis.a depends on libclangASTMatchers.a This patch fixed this issue as well. Signed-off-by: Yonghong Song <yhs@fb.com>
-
- 18 Sep, 2018 1 commit
-
-
yonghong-song authored
Currently, trace.py failed for the following command: $ sudo ./trace.py 'filename_lookup(int dfd, struct filename *name) "%s", name->name' ... 0: (bf) r6 = r1 1: (79) r7 = *(u64 *)(r6 +104) ... 32: (15) if r1 == 0x0 goto pc+5 R0=inv(id=0) R1=inv(id=0) R6=ctx(id=0,off=0,imm=0) R7=inv(id=0) R8=inv0 R10=fp0,call_-1 fp-8=0 fp-16=0 fp-24=0 fp-32=0 fp-40=0 fp-48=0 fp-56=0 fp-64=0 fp-72=0 fp-80=0 33: (79) r3 = *(u64 *)(r7 +0) R7 invalid mem access 'inv' For string format argument, the trace.py generates the below code: if (name->name != 0) { bpf_probe_read(&__data.v0, sizeof(__data.v0), (void *)name->name); } Right now, bcc skips the rewriter for the third argument of bpf_probe_read to avoid unnecessary nested bpf_probe_read and other potential issues. This causes name->name memory access not transformed with bpf_probe_read and hence the verifier complains. To fix the issue, this patch did the following transformation using an temporary variable to hold the src address: if (name->name != 0) { void *__tmp = (void *)name->name; bpf_probe_read(&__data.v0, sizeof(__data.v0), __tmp); } This way, rewriter can do the work properly. Signed-off-by: Yonghong Song <yhs@fb.com>
-
- 13 Sep, 2018 2 commits
-
-
Nguyen Phuong An authored
Fix syntax error in xdp_redirect_cpu.py
-
zlim authored
* Bump ubuntu docker build to bionic Fixes build dependency for arm64 Signed-off-by: Zi Shen Lim <zlim.lnx@gmail.com> * Add Build-Depends: dh-python Fixes build dependency issue observed on bionic/arm64: dh: unable to load addon python3: Can't locate Debian/Debhelper/Sequence/python3.pm in @INC (you may need to install the Debian::Debhelper::Sequence::python3 module) (@INC contains: /etc/perl /usr/local/lib/aarch64-linux-gnu/perl/5.26.1 /usr/local/share/perl/5.26.1 /usr/lib/aarch64-linux-gnu/perl5/5.26 /usr/share/perl5 /usr/lib/aarch64-linux-gnu/perl/5.26 /usr/share/perl/5.26 /usr/local/lib/site_perl /usr/lib/aarch64-linux-gnu/perl-base) at (eval 9) line 1. BEGIN failed--compilation aborted at (eval 9) line 1. Signed-off-by: Zi Shen Lim <zlim.lnx@gmail.com> * Enable arm64 deb packaging LLVM6.0 is minimum version required for arm64 build. [PR#1512] [PR#1512] https://github.com/iovisor/bcc/pull/1512Signed-off-by: Zi Shen Lim <zlim.lnx@gmail.com>
-
- 11 Sep, 2018 1 commit
-
-
Marko Myllynen authored
Finish the conversion started with commit 36ce1124. Minor tweaks to make the tools consistent within themselves.
-
- 10 Sep, 2018 2 commits
-
-
Teng Qin authored
tcpretrans: use user-space PID displayed to the user
-
Marko Myllynen authored
PID collected in tcpretrans' trace_event() is displayed under the label of "PID" to the user so it would seem more appropriate to use TGID as PID not kernel's PID.
-
- 07 Sep, 2018 1 commit
-
-
Teng Qin authored
* Small fix on C++ USDT implementation Fix an logging error, and small optimization on initialization * Add move constructor to C++ USDT instance
-
- 05 Sep, 2018 1 commit
-
-
Brenden Blanco authored
debian changelog for v0.7.0 tag
-
- 04 Sep, 2018 1 commit
-
-
Marko Myllynen authored
Sort language entries while at it.
-
- 02 Sep, 2018 1 commit
-
-
olsajiri authored
* tools: Skip backward time entries in xfsslower While using xfsslower on RHEL7 we occasionally get following screwed up latencies: # xfsslower Tracing XFS operations slower than 1 ms TIME COMM PID T BYTES OFF_KB LAT(ms) FILENAME 13:25:03 git 3385 R 62 4704 18446744073708.55 tmp_pack_bDUbwZ 13:25:03 git 3385 S 0 0 3.05 tmp_idx_Kjb2bW ... The reason for this is that on RHEL7 it's possible to get backward timetamp with bpf_ktime_get_ns. This needs to be fixed, but meanwhile this fix makes sure the latencies with backward times are skipped. For the rest of the kernels this is just sanity fix with possibly just single compare instruction overhead. It's temporary workaround for #728. Signed-off-by: Jiri Olsa <jolsa@kernel.org> * tools: Skip backward time entries in ext4dist While using ext4dist on RHEL7 we occasionally get following screwed up latencies: # ext4dist Tracing ext4 operation latency... Hit Ctrl-C to end. ^C operation = write usecs : count distribution 0 -> 1 : 1134529 |******** | 2 -> 3 : 2777582 |********************| 4 -> 7 : 688014 |**** | 8 -> 15 : 36160 | | 16 -> 31 : 698 | | 32 -> 63 : 6 | | 64 -> 127 : 15 | | 128 -> 255 : 7 | | 256 -> 511 : 1 | | 512 -> 1023 : 0 | | 1024 -> 2047 : 0 | | 2048 -> 4095 : 2 | | 4096 -> 8191 : 1 | | 8192 -> 16383 : 5 | | 16384 -> 32767 : 0 | | 32768 -> 65535 : 0 | | 9007199254740992 -> 18014398509481983 : 0 | | 18014398509481984 -> 36028797018963967 : 1 | | The reason for this is that on RHEL7 it's possible to get backward timestamp with bpf_ktime_get_ns. This needs to be fixed, but meanwhile this fix makes sure the latencies with backward times are skipped. For the rest of the kernels this is just sanity fix with possibly just single compare instruction overhead. It's temporary workaround for #728. Signed-off-by: Jiri Olsa <jolsa@kernel.org>
-
- 31 Aug, 2018 1 commit
-
-
Pascal Loth authored
fix a typo
-
- 30 Aug, 2018 1 commit
-
-
Filippos Giannakos authored
Generating sdist for both python2 and python3 at the same time can fail as they both use the same temporary files. Make sure that we generate sdist for each `PYTHON_CMD` sequentially.
-
- 28 Aug, 2018 3 commits
-
-
Allan McAleavy authored
Added in RHEL 7.6 Beta information
-
yonghong-song authored
The poll iteration count 10 sometimes not big enough. Now let us increase to 100 iterations, but will bail out if the expected data have received. Hopefully this will fix flakiness of this test. Signed-off-by: Yonghong Song <yhs@fb.com>
-
Smita Koralahalli Channabasappa authored
* copy oomkill.py to old/oomkill.py * update oomkill * Update test_tools_smoke.py
-
- 21 Aug, 2018 1 commit
-
-
muahao authored
argdist -H 'r::__vfs_read(void *file, void *buf, size_t count):size_t $entry(count):$latency > 1000000' is a wrong example which cann't excute success, because lack of ":" and cann't split field correctly. So, the right command is: argdist -H 'r::__vfs_read(void *file, void *buf, size_t count):size_t: $entry(count):$latency > 1000000' Signed-off-by: Ahao Mu <muahao@linux.alibaba.com>
-
- 17 Aug, 2018 2 commits
-
-
Marko Myllynen authored
Fix unsiggned typo introduced in tp_frontend_action.cc
-
yonghong-song authored
all program types, map types and helpers are added based on latest net-next. Signed-off-by: Yonghong Song <yhs@fb.com>
-
- 16 Aug, 2018 2 commits
-
-
Joe Yin authored
make types appropriate for ipaddr/protocol etc.
-
muahao authored
It's useful to know each syscall's total latency in that period, but not the latency of the last time in that period. Signed-off-by: Ahao Mu <muahao@linux.alibaba.com>
-
- 15 Aug, 2018 3 commits
-
-
Mike Day authored
provide a parameter to suppress printing a new line at the end of the bytes. existing behavior is not changed.
-
Teng Qin authored
fix a rewriter bug for array subscript
-
Yonghong Song authored
additional fix for issue #1850 for the below case in test_clang.py; int test(struct pt_regs *ctx, struct mm_struct *mm) { return mm->rss_stat.count[MM_ANONPAGES].counter; } the current rewriter generates: int test(struct pt_regs *ctx) { struct mm_struct *mm = ctx->di; return ({ typeof(atomic_long_t) _val; __builtin_memset(&_val, 0, sizeof(_val)); bpf_probe_read(&_val, sizeof(_val), (u64)(&mm->rss_stat.count) + (MM_ANONPAGES)); _val; }).counter; } The third argument of bpf_probe_read() is incorrect. The correct third argument should be (u64)((&mm->rss_stat.count) + (MM_ANONPAGES)) This patch fixed the issue by adding extra parenthesis for the outer u64 type casting. int test(struct pt_regs *ctx) { struct mm_struct *mm = ctx->di; return ({ typeof(atomic_long_t) _val; __builtin_memset(&_val, 0, sizeof(_val)); bpf_probe_read(&_val, sizeof(_val), (u64)((&mm->rss_stat.count) + (MM_ANONPAGES))); _val; }).counter; } Signed-off-by: Yonghong Song <yhs@fb.com>
-
- 13 Aug, 2018 2 commits
-
-
yonghong-song authored
LLVM commit https://reviews.llvm.org/D49741 removed function DEARFContext::getCompileUnitAtIndex() and caused the bcc compilation failure. Change usage of getCompileUnitAtIndex() to the one recommended in the above llvm commit. Signed-off-by: Yonghong Song <yhs@fb.com>
-
yonghong-song authored
fix #1921 For newer kernels, bcc tries to fd based kuprobe attachment. In fd based kprobe attachment, config1: for symbol config2: for symbol offset In python API attach_kretprobe, the offset value is not set in lib.bpf_attach_kprobe and hence it will be a random value and eventually causing kretprobe attachment failure. This is not an issue for old debugfs based attachment as the offset will not be used if it is a retprobe. Signed-off-by: Yonghong Song <yhs@fb.com>
-