Your kernel needs to be built with the following options:
```
...
...
@@ -19,43 +28,11 @@ To use some BPFtrace features, minimum kernel versions are required:
# Building BPFtrace
## Native build process
### Requirements
- A C++ compiler
- CMake
- Flex
- Bison
- LLVM & Clang 5.0 (or 6.0) development packages
- LibElf
### Compilation
See previous requirements, and specific targets in the sections that follow (Ubuntu, Docker).
```
git clone https://github.com/iovisor/bpftrace
mkdir -p bpftrace/build
cd bpftrace/build
cmake -DCMAKE_BUILD_TYPE=Debug ../
make
```
By default bpftrace will be built as a dynamically linked executable. If a statically linked executable would be preferred and your system has the required libraries installed, the CMake option `-DSTATIC_LINKING:BOOL=ON` can be used. Building bpftrace using the Docker method below will always result in a statically linked executable.
The latest versions of BCC and Google Test will be downloaded on each build. To speed up builds and only download their sources on the first run, use the CMake option `-DOFFLINE_BUILDS:BOOL=ON`.
To test that the build works, you can try running the test suite, and a one-liner:
```
./tests/bpftrace_test
./src/bpftrace -e 'kprobe:do_nanosleep { printf("sleep by %s\n", comm); }'
```
## Ubuntu
The llvm/clang packages that are currently available for Ubuntu have an issue, so we'll use the ones from llvm.org for now. The build instructions are:
You'll want the newest kernel possible (see kernel requirements), eg, by using Ubuntu 18.04 LTS (Bionic Beaver) or newer.
The llvm/clang packages that are currently available for Ubuntu have an issue (see [#76](https://github.com/iovisor/bpftrace/issues/76)), so we'll use the ones from llvm.org for now. The build instructions are:
```
# see https://apt.llvm.org/ for the following archive signature:
mkdir build; cd build; cmake -DCMAKE_BUILD_TYPE=DEBUG ..
make -j8
make install
```
The bpftrace binary will be in src/bpftrace under the build directory.
The bpftrace binary will be in installed in /usr/local/bin/bpftrace, and tools in /usr/local/share/bpftrace/tools. You can change the install location using an argument to cmake, where the default is `-DCMAKE_INSTALL_PREFIX=/usr/local`.
## Using Docker
...
...
@@ -94,3 +72,38 @@ There are some more fine-grained options if you find yourself building BPFtrace
-`./build-release.sh` - builds BPFtrace in a release configuration (requires `./build-docker-image.sh` to have already been run)
`./build.sh` is equivalent to `./build-docker-image.sh && ./build-release.sh`
## Generic build process
Use specific OS build sections listed earlier if available (Ubuntu, Docker).
### Requirements
- A C++ compiler
- CMake
- Flex
- Bison
- LLVM & Clang 5.0 (or 6.0) development packages
- LibElf
- Kernel requirements described earlier
### Compilation
```
git clone https://github.com/iovisor/bpftrace
mkdir -p bpftrace/build
cd bpftrace/build
cmake -DCMAKE_BUILD_TYPE=Debug ../
make
```
By default bpftrace will be built as a dynamically linked executable. If a statically linked executable would be preferred and your system has the required libraries installed, the CMake option `-DSTATIC_LINKING:BOOL=ON` can be used. Building bpftrace using the Docker method below will always result in a statically linked executable.
The latest versions of BCC and Google Test will be downloaded on each build. To speed up builds and only download their sources on the first run, use the CMake option `-DOFFLINE_BUILDS:BOOL=ON`.
To test that the build works, you can try running the test suite, and a one-liner:
```
./tests/bpftrace_test
./src/bpftrace -e 'kprobe:do_nanosleep { printf("sleep by %s\n", comm); }'
BPFtrace is a high-level tracing language for Linux enhanced Berkeley Packet Filter (eBPF) available in recent Linux kernels (4.x). BPFtrace uses LLVM as a backend to compile scripts to BPF-bytecode and makes use of [BCC](https://github.com/iovisor/bcc) for interacting with the Linux BPF system, as well as existing Linux tracing capabilities: kernel dynamic tracing (kprobes), user-level dynamic tracing (uprobes), and tracepoints. The BPFtrace language is inspired by awk and C, and predecessor tracers such as DTrace and SystemTap. BPFtrace was created by [Alastair Robertson](https://github.com/ajor).
For instructions on building BPFtrace, see [INSTALL.md](INSTALL.md). There is also a [Reference Guide](docs/reference_guide.md) and [One-Liner Tutorial](docs/tutorial_one_liners.md).
To learn more about BPFtrace, see the [Reference Guide](docs/reference_guide.md) and [One-Liner Tutorial](docs/tutorial_one_liners.md).
## Install
For build and install instructions, see [INSTALL.md](INSTALL.md).