Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Make bpftrace work #28

Merged
merged 7 commits into from
Oct 15, 2023
Merged

Make bpftrace work #28

merged 7 commits into from
Oct 15, 2023

Conversation

Officeyutong
Copy link
Contributor

@Officeyutong Officeyutong commented Oct 13, 2023
edited
Loading

Did lots of things, which make bpftrace work under bpftime.

At least the following trace will work:

  • bpftrace -e 'tracepoint:syscalls:sys_enter_clock_nanosleep { printf("PID %d sleeping...\n", pid); }'
  • bpftrace -e 'tracepoint:raw_syscalls:sys_enter { @[comm] = count(); }'

Updates

  • per cpu array/hash map
  • global syscall tracepoints (hook the enter and exit of all syscalls, tracepoint/raw_syscalls/sys_{enter,exit})
  • Splitted map lookup/update/delete for bpf helper and syscall. per cpu maps behaves differently when being examined from kernel and userspace
  • helper ringbuf_output
  • atomic operations support for ubpf and llvmjit. Newer bpftrace used this

Usage

a. Console1:

root@mnfe-pve:~/bpftime# bpftime load -- /root/bpftrace/build/src/bpftrace -e 'tracepoint:raw_syscalls:sys_enter { @[comm] = count(); }'
[2023-10-14 23:36:25.519] [info] manager constructed
[2023-10-14 23:36:25.608] [info] Initialize syscall server
[2023-10-14 23:36:25][info][1763968] Global shm constructed. global_shm_open_type 0 for bpftime_maps_shm
[2023-10-14 23:36:25][info][1763968] Enabling helper groups ffi, kernel, shm_map by default
[2023-10-14 23:36:25][info][1763968] bpftime-syscall-server started
Attaching 1 probe...

b.Console2 (or more):

bpftime start -s /bin/ls
bpftime start -s /bin/pwd
bpftime start -s /bin/whoami

c. Press Ctrl + C in console1

Attaching 1 probe...
^C

@[pwd]: 5
@[ls]: 19
@[whoami]: 24
INFO: Global shm destructed

@Officeyutong Officeyutong marked this pull request as ready for review October 14, 2023 19:09
@yunwei37 yunwei37 merged commit d98a8ac into eunomia-bpf:master Oct 15, 2023
6 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@yunwei37 yunwei37 yunwei37 approved these changes

Assignees
No one assigned
Labels
size/XXL
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@Officeyutong @yunwei37