1. 04 Jan, 2019 1 commit
    • Peter Sanford's avatar
      Fix use after free and leak in get_arg_values · 74f2b9e4
      Peter Sanford authored
      Previously get_arg_values was returning a vector of uint64_t values
      that could be passed directly to printf(3). For string values
      get_arg_values was returning a pointer to a char*. For some cases it
      was attempting to handle freeing the char* memory via a stack
      allocated std::vector. Unfortunately, this was stack allocated in
      get_arg_values so the char* data would get freed before it was used in
      the subsequent call to printf().
      
      In other cases get_arg_values was not freeing char* values and was
      leaking memory (probe, stack, and ustack).
      
      get_arg_values() now returns a vector of objects of type IPrintable
      instead of uint64_t values. Each object has a method .value() that
      returns the uint64_t value usable by printf(). For strings this allows
      us to keep around the original std::string until after we've called
      printf(), so we don't need to strdup() anymore.
      
      Fixes #194
      74f2b9e4
  2. 03 Jan, 2019 3 commits
  3. 02 Jan, 2019 13 commits
  4. 01 Jan, 2019 2 commits
  5. 31 Dec, 2018 4 commits
  6. 30 Dec, 2018 4 commits
  7. 29 Dec, 2018 1 commit
  8. 28 Dec, 2018 4 commits
    • Brendan Gregg's avatar
      Merge pull request #295 from iovisor/non_root · 9e608df7
      Brendan Gregg authored
      Better non-root error
      9e608df7
    • Brendan Gregg's avatar
      Merge pull request #297 from danobi/cmd_runner · e89957ff
      Brendan Gregg authored
      Add -c CMD option
      e89957ff
    • Daniel Xu's avatar
      Add -c CMD option · a3086a88
      Daniel Xu authored
      This patch adds a command running option to bpftrace. The user can now
      run something like:
      
          ./bpftrace -e '...' -c 'sleep 5'
      
      which is a convenience wrapper around something like:
      
          sleep 5 & ./bpfrace -e '...' -p `pidof sleep`
      
      `-c` is better because it:
      * ensures a tighter tracing range around CMD (ie we trace less of the
      system while it is not running CMD)
      * makes bpftrace exit (which is convenient) when CMD terminates
          * previously, it was not possible to get a full trace of CMDs
          execution and have bpftrace exit upon CMD termination
      
      Test Plan:
      Trivial successful example:
      ```
      $ sudo ./build/src/bpftrace -e 'tracepoint:syscalls:sys_enter_nanosleep
      { printf("%s nanoslept\n", comm); }' -c '/bin/sleep 1'
      [sudo] password for dlxu:
      chdir(/lib/modules/4.19.8-200.fc28.x86_64/build): No such file or
      directory
      Attaching 1 probe...
      sleep nanoslept
      splunkd nanoslept
      webrtc_audio_mo nanoslept
      gnome-terminal- nanoslept
      webrtc_audio_mo nanoslept
      gnome-terminal- nanoslept
      gnome-terminal- nanoslept
      gnome-terminal- nanoslept
      gnome-terminal- nanoslept
      gnome-terminal- nanoslept
      gnome-terminal- nanoslept
      gnome-terminal- nanoslept
      gnome-terminal- nanoslept
      gnome-terminal- nanoslept
      gnome-terminal- nanoslept
      
      $
      ```
      
      Ambigous executable:
      ```
      $ sudo ./build/src/bpftrace -e 'tracepoint:syscalls:sys_enter_nanosleep
      { printf("%s nanoslept\n", comm); }' -c 'sleep 1'
      chdir(/lib/modules/4.19.8-200.fc28.x86_64/build): No such file or
      directory
      Attaching 1 probe...
      execve: No such file or directory
      Failed to spawn child=sleep 1
      splunkd nanoslept
      
      $
      ```
      
      This closes #253
      a3086a88
    • williangaspar's avatar
      allow help to be printed · 22dc8d45
      williangaspar authored
      22dc8d45
  9. 27 Dec, 2018 4 commits
    • Brendan Gregg's avatar
      Merge pull request #296 from danobi/man_page_grammer · d33e6f03
      Brendan Gregg authored
      Normalize bpftrace(8) man page
      d33e6f03
    • Daniel Xu's avatar
      Normalize bpftrace(8) man page · 5cb72f7d
      Daniel Xu authored
      This patch normalizes parts of the man page to be in line with the rest.
      5cb72f7d
    • williangaspar's avatar
      99dd7733
    • Daniel Xu's avatar
      Terminate bpftrace when traced PID terminates · 54909d3e
      Daniel Xu authored
      If the user provides a specific PID to trace, it doesn't really make
      sense to keep running if the tracee terminates. This patch makes
      bpftrace exit cleanly if the tracee terminates.
      
      I spent quite a bit of time thinking about the generic problem of
      figuring out when an arbitrary pid terminates. After some experiments,
      here is what I've learned:
      * wait(2) and waitpid(2) can only wait on child processes (duh)
      * epoll(2) does not support procfs (or other pseudo filesystems)
      * inotify does not support procfs either b/c procfs changes are not made
      through the filesystem (by another userspace entity)
      * ptrace with PTRACE_SEIZE might work but might have extra overhead on
      the tracee
      * the netlink interface for process state changes seems a bit overkill
      * the only sane solution (AFAICT) is to poll /proc/PID/ for changes
      
      Thus, I've made some minor changes to the main event loop to support
      polling procfs.
      
      Test Plan:
      Make sure non-pid-specific tracing still works:
      ```
      $ sudo ./build/src/bpftrace -e 'uretprobe:/bin/bash:readline { printf("read a line\n"); }'
      [sudo] password for dlxu:
      Attaching 1 probe...
      read a line
      read a line
      read a line
      read a line
      read a line
      read a line
      read a line
      read a line
      ^C
      
      ```
      
      Verify pid-specific tracing (ie usdt) exits on tracee termination:
      ```
      // in window 1
      $ ./python -q
      
      // in window 2
      $ sudo ~/dev/bpftrace/build/src/bpftrace -p $(pidof python) -e 'usdt:/home/dlxu/dev/cpython/python:function__entry { printf("%s %s\n", str(arg0), str(arg1)) }'
      [sudo] password for dlxu:
      Attaching 1 probe...
      <stdin> <module>
      
      // in window 1
      >>> print('wow')
      wow
      >>>
      
      // verify bpftrace has exited in window 2
      
      ```
      54909d3e
  10. 26 Dec, 2018 1 commit
  11. 25 Dec, 2018 3 commits