- 31 Dec, 2018 3 commits
-
-
Adam Jensen authored
* Add BPFtrace::extract_func_symbols_from_path function * Refactor to add find_wildcard_matches overload that takes an istream * Prepare find_wildcard_matches usage for u(ret)probe types * Add support for wildcard matches with uprobe and uretprobe types * Update add_probes_uprobe_wildcard test * Add test for uprobe wildcard match * Mention uprobe wildcard in readme * Add uprobe support to codegen * Clean up whitespace * Add TODO comment to remove objdump dependency
-
Brendan Gregg authored
Improve build times of codegen tests, fix build-time exhaustion of virtual memory
-
Brendan Gregg authored
Bad zero
-
- 30 Dec, 2018 3 commits
-
-
Brendan Gregg authored
Search PATH for executables when running commands
-
Birch-san authored
-
Daniel Xu authored
This makes it easier for the user to run commands. Specifying abosolute paths to a binary was kind of a pain in the rear.
-
- 29 Dec, 2018 1 commit
-
-
Alex Birch authored
gather codegen tests into a single compilation unit, for faster build perf (see https://github.com/iovisor/bpftrace/issues/229)
-
- 28 Dec, 2018 4 commits
-
-
Brendan Gregg authored
Better non-root error
-
Brendan Gregg authored
Add -c CMD option
-
Daniel Xu authored
This patch adds a command running option to bpftrace. The user can now run something like: ./bpftrace -e '...' -c 'sleep 5' which is a convenience wrapper around something like: sleep 5 & ./bpfrace -e '...' -p `pidof sleep` `-c` is better because it: * ensures a tighter tracing range around CMD (ie we trace less of the system while it is not running CMD) * makes bpftrace exit (which is convenient) when CMD terminates * previously, it was not possible to get a full trace of CMDs execution and have bpftrace exit upon CMD termination Test Plan: Trivial successful example: ``` $ sudo ./build/src/bpftrace -e 'tracepoint:syscalls:sys_enter_nanosleep { printf("%s nanoslept\n", comm); }' -c '/bin/sleep 1' [sudo] password for dlxu: chdir(/lib/modules/4.19.8-200.fc28.x86_64/build): No such file or directory Attaching 1 probe... sleep nanoslept splunkd nanoslept webrtc_audio_mo nanoslept gnome-terminal- nanoslept webrtc_audio_mo nanoslept gnome-terminal- nanoslept gnome-terminal- nanoslept gnome-terminal- nanoslept gnome-terminal- nanoslept gnome-terminal- nanoslept gnome-terminal- nanoslept gnome-terminal- nanoslept gnome-terminal- nanoslept gnome-terminal- nanoslept gnome-terminal- nanoslept $ ``` Ambigous executable: ``` $ sudo ./build/src/bpftrace -e 'tracepoint:syscalls:sys_enter_nanosleep { printf("%s nanoslept\n", comm); }' -c 'sleep 1' chdir(/lib/modules/4.19.8-200.fc28.x86_64/build): No such file or directory Attaching 1 probe... execve: No such file or directory Failed to spawn child=sleep 1 splunkd nanoslept $ ``` This closes #253
-
williangaspar authored
-
- 27 Dec, 2018 4 commits
-
-
Brendan Gregg authored
Normalize bpftrace(8) man page
-
Daniel Xu authored
This patch normalizes parts of the man page to be in line with the rest.
-
-
Daniel Xu authored
If the user provides a specific PID to trace, it doesn't really make sense to keep running if the tracee terminates. This patch makes bpftrace exit cleanly if the tracee terminates. I spent quite a bit of time thinking about the generic problem of figuring out when an arbitrary pid terminates. After some experiments, here is what I've learned: * wait(2) and waitpid(2) can only wait on child processes (duh) * epoll(2) does not support procfs (or other pseudo filesystems) * inotify does not support procfs either b/c procfs changes are not made through the filesystem (by another userspace entity) * ptrace with PTRACE_SEIZE might work but might have extra overhead on the tracee * the netlink interface for process state changes seems a bit overkill * the only sane solution (AFAICT) is to poll /proc/PID/ for changes Thus, I've made some minor changes to the main event loop to support polling procfs. Test Plan: Make sure non-pid-specific tracing still works: ``` $ sudo ./build/src/bpftrace -e 'uretprobe:/bin/bash:readline { printf("read a line\n"); }' [sudo] password for dlxu: Attaching 1 probe... read a line read a line read a line read a line read a line read a line read a line read a line ^C ``` Verify pid-specific tracing (ie usdt) exits on tracee termination: ``` // in window 1 $ ./python -q // in window 2 $ sudo ~/dev/bpftrace/build/src/bpftrace -p $(pidof python) -e 'usdt:/home/dlxu/dev/cpython/python:function__entry { printf("%s %s\n", str(arg0), str(arg1)) }' [sudo] password for dlxu: Attaching 1 probe... <stdin> <module> // in window 1 >>> print('wow') wow >>> // verify bpftrace has exited in window 2 ```
-
- 26 Dec, 2018 1 commit
-
-
Brendan Gregg authored
[tests] Fix codegen tests for LLVM 5, 6 and 7
-
- 25 Dec, 2018 3 commits
-
-
Brendan Gregg authored
bpftrace adaptations of several iovisor/bcc tcp*.py tools
-
Dale Hamel authored
-
Dale Hamel authored
-
- 24 Dec, 2018 2 commits
-
-
Brendan Gregg authored
Extract LINUX_VERSION_CODE from running kernel via vDSO.
-
Matheus Marchini authored
Fedora 27 and LLVM 5 are EOL, which means they won't receive new updates (not even security patches). As such, there's no reason to keep testing those platforms/dependencies in our CI, and removing them will reduce our CI complexity as well as unbreak our CI. Also, static builds are broken for some time (https://github.com/iovisor/bpftrace/issues/266), and keeping them in our CI will only prevent collaborators from keeping the CI healthy. We should push for Ubuntu/Debian/Fedora static builds instead of relying on alpine for it. For now, mark alpine static build as "allow to fail" on Travis.
-
- 22 Dec, 2018 1 commit
-
-
David Wilson authored
This method reuses a stable interface provided for glibc, avoids runtime header file parsing or regexes, and the vDSO structure should remain stable over time. Fall back to the compile time constant if search fails.
-
- 21 Dec, 2018 4 commits
-
-
Matheus Marchini authored
-
Matheus Marchini authored
-
Matheus Marchini authored
-
Brendan Gregg authored
Initial inet_ntop implementation
-
- 20 Dec, 2018 2 commits
-
-
Matheus Marchini authored
Use LLVM_VERSION_MAJOR checks to make codegen tests work on LLVM 5, 6 and 7.
-
Dale Hamel authored
-
- 17 Dec, 2018 1 commit
-
-
Augusto Caringi authored
The 'bpftrace -l' command (without any search expression) should also list the tracepoints, in the same way of 'bpftrace -l '*''.
-
- 22 Nov, 2018 4 commits
-
-
Dale Hamel authored
-
Dale Hamel authored
-
Jon Haslam authored
This change ensures that any maps using the count(), sum(), avg(), min(), max(), stats(), hist() or lhist() builtins can be zero'd without hanging the bpftrace process or with generating garbage data in the map. Special attention is drawn to the changes here in the min_value() function. I have changed it so that it what you'd expect with signed quantities. However, I feel the propoer fix would be to change the BPF generation for the min() function so that it works with 64 bit values correctly and remove the need for conversion of the stored value.
-
Jon Haslam authored
-
- 21 Nov, 2018 2 commits
-
-
Brendan Gregg authored
Fix random small typos and mistakes in man pages
-
Augusto Caringi authored
-
- 18 Nov, 2018 4 commits
-
-
Brendan Gregg authored
Fix possible crash on exit due to wrong vector size (#201)
-
Brendan Gregg authored
Document unroll
-
Brendan Gregg authored
Add fedora package install instructions to INSTALL.md
-
Augusto Caringi authored
-
- 16 Nov, 2018 1 commit
-
-
Augusto Caringi authored
On method BPFtrace::find_empty_key() size of 'value' vector (value_size) must be multiplied by ncpus_ when map.type_.type == Type::lhist otherwise bpf syscall (BPF_MAP_LOOKUP_ELEM) will write out of bounds thus corrupting the heap.
-