1. 05 Oct, 2016 2 commits
  2. 04 Oct, 2016 7 commits
    • Brendan Gregg's avatar
      update tools map (#727) · 6e60fbc8
      Brendan Gregg authored
      6e60fbc8
    • Brendan Gregg's avatar
      tcptop (#726) · 60393ea5
      Brendan Gregg authored
      60393ea5
    • Sasha Goldshtein's avatar
      trace: Initialize USDT arguments to 0 before reading (#725) · b6db17f5
      Sasha Goldshtein authored
      Fixes #722, in which a USDT probe that has more than
      one location and the type of the argument is a string
      caused trace to potentially access an uninitialized
      stack variable, thereby not passing BPF program
      verification at load time.
      b6db17f5
    • Sasha Goldshtein's avatar
      argdist, trace: Native tracepoint support (#724) · 376ae5c0
      Sasha Goldshtein authored
      * Remove tracepoint.py
      
      The `Tracepoint` class which implements the necessary
      support for the tracepoint kprobe-based hack is no
      longer needed and can be removed.
      
      * argdist: Native tracepoint support
      
      This commit migrates argdist to use the native bcc/BPF
      tracepoint support instead of the hackish kprobe-
      based approach. The resulting programs are cleaner
      and likely more efficient.
      
      As a result of this change, there is a slight API
      change in how argdist is used with tracepoints. To
      access fields from the tracepoint structure, the user
      is expected to use `args->field` directly. This
      leverages most of the built-in bcc support for
      generating the tracepoint probe function.
      
      * trace: Native tracepoint support
      
      This commit migrates trace to use the native bcc/BPF
      tracepoint support instead of the hackish kprobe-
      based approach. The resulting programs are cleaner
      and likely more efficient.
      
      As with argdist, users are now expected to use the
      `args` structure pointer to access the tracepoint's
      arguments.
      
      For example:
      
      ```
      trace 't:irq:irq_handler_entry (args->irq != 27) "irq %d", args->irq'
      ```
      376ae5c0
    • Sasha Goldshtein's avatar
      argdist: Cumulative mode (-c) (#719) · d2f4762a
      Sasha Goldshtein authored
      By default, argdist now clears the histograms or freq
      count maps after each display interval. The new `-c`
      option enables cumulative mode, where maps are not
      cleared at each interval. This fixes #718.
      d2f4762a
    • Sasha Goldshtein's avatar
      trace: Print USDT arg helpers in verbose mode (#723) · f733cacf
      Sasha Goldshtein authored
      When verbose mode is enabled, ask all USDT helper
      objects to print out the argument helper functions,
      which help retrieve the argument values for each
      individual probe location. This can be useful for
      debugging probes; the helper functions are part of
      the loaded BPF program, so they need to be printed
      in verbose mode.
      f733cacf
    • Sasha Goldshtein's avatar
      argdist, trace: Support naked executable names in probes (#720) · ec679711
      Sasha Goldshtein authored
      Fixes the error message from `BPF._find_exe` which would
      occur if argdist or trace had a naked executable name
      not qualified with a path, such as:
      
      ```
      trace 'r:bash:readline "%s", retval'
      ```
      
      This is now supported again.
      ec679711
  3. 03 Oct, 2016 1 commit
  4. 01 Oct, 2016 1 commit
  5. 30 Sep, 2016 3 commits
  6. 28 Sep, 2016 2 commits
  7. 27 Sep, 2016 2 commits
    • Marco Leogrande's avatar
      Fix or hide a few warnings (#695) · d19e0cb0
      Marco Leogrande authored
      * Flag ${LLVM_INCLUDE_DIRS} as a system include directory
      
      g++ supports a -isystem switch, that can be used to mark a given
      directory as a system include directory. Warnings generated by system
      include directories are ignored by default.
      
      This commit hides a long list of warnings, like the following one,
      generated by llvm header files included from ${LLVM_INCLUDE_DIRS}:
      
       /usr/lib/llvm-3.7/include/clang/AST/APValue.h:373:44: warning:
         dereferencing type-punned pointer will break strict-aliasing rules [-Wstrict-aliasing]
      Signed-off-by: default avatarMarco Leogrande <marcol@plumgrid.com>
      
      * Fix 'defined but not used' warning
      
      Remove unused function from the USDT probes test.
      
      The warning was:
      
       tests/cc/test_usdt_probes.cc:59:15: warning:
         ‘size_t countsubs(const string&, const string&)’ defined but not used [-Wunused-function]
      Signed-off-by: default avatarMarco Leogrande <marcol@plumgrid.com>
      d19e0cb0
    • Sasha Goldshtein's avatar
      Fix argdist, trace, tplist to use the libbcc USDT support (#698) · 69e361ac
      Sasha Goldshtein authored
      * Allow argdist to enable USDT probes without a pid
      
      The current code would only pass the pid to the USDT
      class, thereby not allowing USDT probes to be enabled
      from the binary path only. If the probe doesn't have
      a semaphore, it can actually be enabled for all
      processes in a uniform fashion -- which is now
      supported.
      
      * Reintroduce USDT support into tplist
      
      To print USDT probe information, tplist needs an API
      to return the probe data, including the number of
      arguments and locations for each probe. This commit
      introduces this API, called bcc_usdt_foreach, and
      invokes it from the revised tplist implementation.
      
      Although the result is not 100% identical to the
      original tplist, which could also print the probe
      argument information, this is not strictly required
      for users of the argdist and trace tools, which is
      why it was omitted for now.
      
      * Fix trace.py tracepoint support
      
      Somehow, the import of the Perf class was omitted
      from tracepoint.py, which would cause failures when
      trace enables kernel tracepoints.
      
      * trace: Native bcc USDT support
      
      trace now works again by using the new bcc USDT support
      instead of the home-grown Python USDT parser. This
      required an additional change in the BPF Python API
      to allow multiple USDT context objects to be passed to
      the constructor in order to support multiple USDT
      probes in a single invocation of trace. Otherwise, the
      USDT-related code in trace was greatly simplified, and
      uses the `bpf_usdt_readarg` macros to obtain probe
      argument values.
      
      One minor inconvenience that was introduced in the bcc
      USDT API is that USDT probes with multiple locations
      that reside in a shared object *must* have a pid
      specified to enable, even if they don't have an
      associated semaphore. The reason is that the bcc USDT
      code figures out which location invoked the probe by
      inspecting `ctx->ip`, which, for shared objects, can
      only be determined when the specific process context is
      available to figure out where the shared object was
      loaded. This limitation did not previously exist,
      because instead of looking at `ctx->ip`, the Python
      USDT reader generated separate code for each probe
      location with an incrementing identifier. It's not a
      very big deal because it only means that some probes
      can't be enabled without specifying a process id, which
      is almost always desired anyway for USDT probes.
      
      argdist has not yet been retrofitted with support for
      multiple USDT probes, and needs to be updated in a
      separate commit.
      
      * argdist: Support multiple USDT probes
      
      argdist now supports multiple USDT probes, as it did
      before the transition to the native bcc USDT support.
      This requires aggregating the USDT objects from each
      probe and passing them together to the BPF constructor
      when the probes are initialized and attached.
      
      Also add a more descriptive exception message to the
      USDT class when it fails to enable a probe.
      69e361ac
  8. 26 Sep, 2016 4 commits
  9. 25 Sep, 2016 1 commit
  10. 16 Sep, 2016 2 commits
    • Brendan Gregg's avatar
      Merge pull request #689 from chantra/tcpconnect_port · 0c8c179f
      Brendan Gregg authored
      [tcpconnect] filter traced connection based on destination ports
      0c8c179f
    • chantra's avatar
      [tcpconnect] filter traced connection based on destination ports · 52938058
      chantra authored
      Test:
      While running:
      while [ 1 ]; do nc -w 1 100.127.0.1 80; nc -w 1 100.127.0.1 81; done
      
      root@vagrant:/mnt/bcc# ./tools/tcpconnect.py
      PID    COMM         IP SADDR            DADDR            DPORT
      19978  nc           4  10.0.2.15        100.127.0.1      80
      19979  nc           4  10.0.2.15        100.127.0.1      81
      19980  nc           4  10.0.2.15        100.127.0.1      80
      19981  nc           4  10.0.2.15        100.127.0.1      81
      root@vagrant:/mnt/bcc# ./tools/tcpconnect.py  -P 80
      PID    COMM         IP SADDR            DADDR            DPORT
      19987  nc           4  10.0.2.15        100.127.0.1      80
      19989  nc           4  10.0.2.15        100.127.0.1      80
      19991  nc           4  10.0.2.15        100.127.0.1      80
      19993  nc           4  10.0.2.15        100.127.0.1      80
      19995  nc           4  10.0.2.15        100.127.0.1      80
      root@vagrant:/mnt/bcc# ./tools/tcpconnect.py  -P 80,81
      PID    COMM         IP SADDR            DADDR            DPORT
      8725   nc           4  10.0.2.15        100.127.0.1      80
      8726   nc           4  10.0.2.15        100.127.0.1      81
      8727   nc           4  10.0.2.15        100.127.0.1      80
      8728   nc           4  10.0.2.15        100.127.0.1      81
      8729   nc           4  10.0.2.15        100.127.0.1      80
      
      Fixes #681
      52938058
  11. 14 Sep, 2016 1 commit
  12. 12 Sep, 2016 1 commit
    • davidefdl's avatar
      Fix bpf log buffer for large bpf program: (#680) · 2dece10a
      davidefdl authored
      Use tempfile module to create a temp file
      
      Fix some review input
      
      Fix style check
      
      Style
      
      Style check
      
      Remove builtin module from python test to run fedora ctest
      
      Let the program calling bpf_prog_load to handle the log buffer
      
      Check max instruction before the syscall. Fix other review comment
      2dece10a
  13. 11 Sep, 2016 2 commits
  14. 10 Sep, 2016 2 commits
  15. 09 Sep, 2016 2 commits
  16. 08 Sep, 2016 2 commits
  17. 30 Aug, 2016 1 commit
  18. 29 Aug, 2016 1 commit
  19. 25 Aug, 2016 1 commit
  20. 24 Aug, 2016 2 commits