use new tracepoint support (iovisor#608)

mwesolowski · Jul 12, 2016 · a4159da · a4159da
1 parent 7452080
commit a4159da
Show file tree

Hide file tree

Showing 2 changed files with 59 additions and 21 deletions.
diff --git a/examples/tracing/urandomread-explicit.py b/examples/tracing/urandomread-explicit.py
@@ -0,0 +1,52 @@
+#!/usr/bin/python
+#
+# urandomread-explicit Example of instrumenting a kernel tracepoint.
+# For Linux, uses BCC, BPF. Embedded C.
+#
+# This is an older example of instrumenting a tracepoint, which defines
+# the argument struct and makes an explicit call to attach_tracepoint().
+# See urandomread for a newer version that uses TRACEPOINT_PROBE().
+#
+# REQUIRES: Linux 4.7+ (BPF_PROG_TYPE_TRACEPOINT support).
+#
+# Test by running this, then in another shell, run:
+# dd if=/dev/urandom of=/dev/null bs=1k count=5
+#
+# Copyright 2016 Netflix, Inc.
+# Licensed under the Apache License, Version 2.0 (the "License")
+
+from __future__ import print_function
+from bcc import BPF
+
+# define BPF program
+bpf_text = """
+#include <uapi/linux/ptrace.h>
+
+struct urandom_read_args {
+ // from /sys/kernel/debug/tracing/events/random/urandom_read/format
+ u64 __unused__;
+ u32 got_bits;
+ u32 pool_left;
+ u32 input_left;
+};
+
+int printarg(struct urandom_read_args *args) {
+ bpf_trace_printk("%d\\n", args->got_bits);
+ return 0;
+};
+"""
+
+# load BPF program
+b = BPF(text=bpf_text)
+b.attach_tracepoint("random:urandom_read", "printarg")
+
+# header
+print("%-18s %-16s %-6s %s" % ("TIME(s)", "COMM", "PID", "GOTBITS"))
+
+# format output
+while 1:
+ try:
+ (task, pid, cpu, flags, ts, msg) = b.trace_fields()
+ except ValueError:
+ continue
+ print("%-18.9f %-16s %-6d %s" % (ts, task, pid, msg))
diff --git a/examples/tracing/urandomread.py b/examples/tracing/urandomread.py
@@ -1,7 +1,7 @@
 #!/usr/bin/python
 #
-# tracepoint Example of instrumenting a kernel tracepoint.
-# For Linux, uses BCC, BPF. Embedded C.
+# urandomread Example of instrumenting a kernel tracepoint.
+#  For Linux, uses BCC, BPF. Embedded C.
 #
 # REQUIRES: Linux 4.7+ (BPF_PROG_TYPE_TRACEPOINT support).
 #
@@ -14,28 +14,14 @@
 from __future__ import print_function
 from bcc import BPF
 
-# define BPF program
-bpf_text = """
-#include <uapi/linux/ptrace.h>
-
-struct urandom_read_args {
- // from /sys/kernel/debug/tracing/events/random/urandom_read/format
- // this may be automatically generated in a future bcc version
- u64 __unused__;
- u32 got_bits;
- u32 pool_left;
- u32 input_left;
-};
-
-int printarg(struct urandom_read_args *args) {
+# load BPF program
+b = BPF(text="""
+TRACEPOINT_PROBE(random, urandom_read) {
+ // args is from /sys/kernel/debug/tracing/events/random/urandom_read/format
  bpf_trace_printk("%d\\n", args->got_bits);
  return 0;
 };
-"""
-
-# load BPF program
-b = BPF(text=bpf_text)
-b.attach_tracepoint("random:urandom_read", "printarg")
+""")
 
 # header
 print("%-18s %-16s %-6s %s" % ("TIME(s)", "COMM", "PID", "GOTBITS"))