Colin King: High-level tracing with bpftrace

Planet Ubuntu - Thu, 11/22/2018 - 05:37
Bpftrace is a new high-level tracing language for Linux using the extended Berkeley packet filter (eBPF).  It is a very powerful and flexible tracing front-end that enables systems to be analyzed much like DTrace.

The bpftrace tool is now installable as a snap. From the command line one can install it and enable it to use system tracing as follows:

sudo snap install bpftrace
sudo snap connect bpftrace:system-trace

To illustrate the power of bpftrace, here are some simple one-liners:

# trace openat() system calls
sudo bpftrace -e 'tracepoint:syscalls:sys_enter_openat { printf("%d %s %s\n", pid, comm, str(args->filename)); }'
Attaching 1 probe...
1080 irqbalance /proc/interrupts
1080 irqbalance /proc/stat
2255 dmesg /etc/
2255 dmesg /lib/x86_64-linux-gnu/
2255 dmesg /lib/x86_64-linux-gnu/
2255 dmesg /lib/x86_64-linux-gnu/
2255 dmesg /lib/x86_64-linux-gnu/
2255 dmesg /usr/lib/locale/locale-archive
2255 dmesg /lib/terminfo/l/linux
2255 dmesg /home/king/.config/terminal-colors.d
2255 dmesg /etc/terminal-colors.d
2255 dmesg /dev/kmsg
2255 dmesg /usr/lib/x86_64-linux-gnu/gconv/gconv-modules.cache

# count system calls using tracepoints:
sudo bpftrace -e 'tracepoint:syscalls:sys_enter_* { @[probe] = count(); }'
@[tracepoint:syscalls:sys_enter_getsockname]: 1
@[tracepoint:syscalls:sys_enter_kill]: 1
@[tracepoint:syscalls:sys_enter_prctl]: 1
@[tracepoint:syscalls:sys_enter_epoll_wait]: 1
@[tracepoint:syscalls:sys_enter_signalfd4]: 2
@[tracepoint:syscalls:sys_enter_utimensat]: 2
@[tracepoint:syscalls:sys_enter_set_robust_list]: 2
@[tracepoint:syscalls:sys_enter_poll]: 2
@[tracepoint:syscalls:sys_enter_socket]: 3
@[tracepoint:syscalls:sys_enter_getrandom]: 3
@[tracepoint:syscalls:sys_enter_setsockopt]: 3

Note that it is recommended to use bpftrace with Linux 4.9 or higher.

The bpftrace github project page has an excellent README guide with some worked examples and is a very good place to start.  There is also a very useful reference guide and one-liner tutorial too.

If you have any useful btftrace one-liners, it would be great to share them. This is an amazingly powerful tool, and it would be interesting to see how it will be used.

Categories: Linux

Costales: Ubuntu Community Appreciation Day: Thanks Rudy (~cm-t)!

Planet Ubuntu - Tue, 11/20/2018 - 10:53
Today is the Ubuntu Appreciation Day in which we share our thanks to people in our community for making Ubuntu great.

This year, I want to thank you to Rudy (~cm-t)! Why? Because IMHO he is an incredible activist, helpful, funny, always with a smile. He prints passion in everything related to Ubuntu. A perfect example for everyone!

Thanks Rudy |o/
Categories: Linux

Rhonda D'Vine: TDOR 2018

Planet Ubuntu - Tue, 11/20/2018 - 03:11

Today is Transgender Day Of Remembrance. Today is a black day for trans people around the globe. We mourn the trans folks that aren't amongst us anymore due to hate crime violence against them. Reach out to the trans folks that are part of your life, that you know, ask them if they are in need of emotional support on this day. There are more trans folks getting killed for being trans than there are days in a year. Furthermost black trans women of color. If you feel strong enough you can read about it in this article.

Also, we are facing huge threats for our mere existence all over the world these days. If you follow any social media, check the hashtag #WontBeErased. The US government follows a path of Erasing Gender left and right, which also affects intersex people likewise and manifests the gender binary and gender separation even further, also hurting cis people. Now also in Ontario, Canada, gender identity gets erased, too. And Brazil, where next year's DebConf will be held, which already has the highest trans murders in the world, has elected Bolsonaro, a right wing extremist who is outspokenly gay antagonist and misogynist. And then there is Tanzania which started a hunt for LGBTIQ people. And those reports are only the tip of the iceberg. I definitely missed some other countries shit, like Ukraine (where next year's European Lesbian* Conference is taking place) or Austrian's government being right-winged and cutting the social system left and right so we are in need of Wieder Donnerstag (a weekly Thursday demonstration) again.

I'm currently drafting the announce mail to send out about the creation of the Debian Diversity Team which we finally formed. It is more important than ever to make it clear and visible that discrimination has no place within Debian, and that we in fact are a diverse community. I can understand the wish that it should focus on the visibility and welcoming aspects of the team, and especially to not make it look like it's a reaction to those world events. Which it isn't, this is in the works since two years now. And I totally agree with that. I just have a hard time to not add a solidarity message alongside mentioning that we are aware of the crap that's going on in the world and that we see your pain, and share it. So yes, the team has finally formed, but the announcement mail through debian-devel-announce about it is still pending. And we are in contact with the local team for next year's DebConf and following the news about Brazil to figure out how to make it as safe as possible for attendees, so that fear shouldn't be the guiding factor for you to not attend.

Stay strong, sending you hugs if wanted.

/personal | permanent link | Comments: 0 |

Categories: Linux

Stephen Kelly: Composing AST Matchers in clang-tidy

Planet Ubuntu - Tue, 11/20/2018 - 02:16

When creating clang-tidy checks, it is common to extract parts of AST Matcher expressions to local variables. I expanded on this in a previous blog.

auto nonAwesomeFunction = functionDecl( unless(matchesName("^::awesome_")) ); Finder->addMatcher( nonAwesomeFunction.bind("addAwesomePrefix") , this); Finder->addMatcher( callExpr(callee(nonAwesomeFunction)).bind("addAwesomePrefix") , this);

Use of such variables establishes an emergent extension API for re-use in the checks, or in multiple checks you create which share matcher requirements.

When attempting to match items inside a ForStmt for example, we might encounter the difference in the AST depending on whether braces are used or not.

#include <vector> void foo() { std::vector<int> vec; int c = 0; for (int i = 0; i < 100; ++i) vec.push_back(i); for (int i = 0; i < 100; ++i) { vec.push_back(i); } }

In this case, we wish to match the push_back method inside a ForStmt body. The body item might be a CompoundStmt or the CallExpr we wish to match. We can match both cases with the anyOf matcher.

auto pushbackcall = callExpr(callee(functionDecl(hasName("push_back")))); Finder->addMatcher( forStmt( hasBody(anyOf( pushbackcall.bind("port_call"), compoundStmt(has(pushbackcall.bind("port_call"))) )) ) , this);

Having to list the pushbackcall twice in the matcher is suboptimal. We ca do better by defining a new API function which we can use in AST Matcher expressions:

auto hasIgnoringBraces = [](auto const& Matcher) { return anyOf( Matcher, compoundStmt(has(Matcher)) ); };

With this in hand, we can simplify the original expression:

auto pushbackcall = callExpr(callee(functionDecl(hasName("push_back")))); Finder->addMatcher( forStmt( hasBody(hasIgnoringBraces( pushbackcall.bind("port_call") )) ) , this);

This pattern of defining AST Matcher API using a lambda function finds use in other contexts. For example, sometimes we want to find and bind to an AST node if it is present, ignoring its absense if is not present.

For example, consider wishing to match struct declarations and match a copy constructor if present:

struct A { }; struct B { B(B const&); };

We can match the AST with the anyOf() and anything() matchers.

Finder->addMatcher( cxxRecordDecl(anyOf( hasMethod(cxxConstructorDecl(isCopyConstructor()).bind("port_method")), anything() )).bind("port_record") , this);

This can be generalized into an optional() matcher:

auto optional = [](auto const& Matcher) { return anyOf( Matcher, anything() ); };

The anything() matcher matches, well, anything. It can also match nothing because of the fact that a matcher written inside another matcher matches itself.

That is, matchers such as

functionDecl(decl()) functionDecl(namedDecl()) functionDecl(functionDecl())

match ‘trivially’.

If a functionDecl() in fact binds to a method, then the derived type can be used in the matcher:


The optional matcher can be used as expected:

Finder->addMatcher( cxxRecordDecl( optional( hasMethod(cxxConstructorDecl(isCopyConstructor()).bind("port_method")) ) ).bind("port_record") , this);

Yet another problem writers of clang-tidy checks will find is that AST nodes CallExpr and CXXConstructExpr do not share a common base representing the ability to take expressions as arguments. This means that separate matchers are required for calls and constructions.

Again, we can solve this problem generically by creating a composition function:

auto callOrConstruct = [](auto const& Matcher) { return expr(anyOf( callExpr(Matcher), cxxConstructExpr(Matcher) )); };

which reads as ‘an Expression which is any of a call expression or a construct expression’.

It can be used in place of either in matcher expressions:

Finder->addMatcher( callOrConstruct( hasArgument(0, integerLiteral().bind("port_literal")) ) , this);

Creating composition functions like this is a very convenient way to simplify and create maintainable matchers in your clang-tidy checks. A recently published RFC on the topic of making clang-tidy checks easier to write proposes some other conveniences which can be implemented in this manner.

Categories: Linux

Stephen Michael Kellat: Hitting a Break Point

Planet Ubuntu - Mon, 11/19/2018 - 19:55

Well, I had a weekend off sick. The time has come to put things in motion. Health concerns pushed up my timetable for what was discussed prior.

I am seeking support to be able to undertake freelance work. The first project would be to finally close out the Outernet/Othernet research work to get it submitted. Beyond that there would be technical writing as well as making creative works. Some of that would involve creating “digital library” collections but also helping others create print works instead.

Who could I help/serve? Unfortunately we have plenty of small, underfunded groups in my town. The American Red Cross no longer maintains a local office and the Salvation Army has no staff presence locally. Our county-owned airport verges on financial collapse and multiple units of government have difficulty staying solvent. There are plenty of needs to cover as long as someone had independent financial backing.

Besides, I owe some edits of Xubuntu documentation too.

It isn’t like “going on disability” as it is called in American parlance is immediate let alone simple. One of two sets of paperwork has to eventually go into a cave in Pennsylvania for centralized processing. I wish I were kidding but that cave is located near Slippery Rock. Both processes are backlogged only 12-18 months at last report. For making a change in the short term, that doesn’t even exist as an option on the table.

That’s why I’m asking for support. I’ve grown tired of spending multiple days at work depressed. Showing physical symptoms of depression in the workplace isn’t good either especially when it results in me missing work. When you can’t help people who are in the throes of despair frequently by their own fault, how much more futile can it get?

I set the goal on Liberapay lower than what I get now. While it would be a pay cut, I’d still be able to pay the bills. It is time to move to doing something constructive for society instead of merely fueling the machinery of government. For as often as I get asked how I sleep at night, I want to move past the answer being “terribly”.

The relevant Liberapay page is here. Folks like Pepper & Carrot use it. If the goal can be initially met by December 7th, I would be ready for the potential budget snafu at work like the three we already had at the start of the year.

I just look forward to some day being able to talk about doing good things instead of having to be cryptic due to security restrictions.

Categories: Linux

The Fridge: Ubuntu Weekly Newsletter Issue 554

Planet Ubuntu - Mon, 11/19/2018 - 15:18

Welcome to the Ubuntu Weekly Newsletter, Issue 554 for the week of November 11 – 17, 2018. The full version of this issue is available here.

In this issue we cover:

The Ubuntu Weekly Newsletter is brought to you by:

  • Krytarik Raido
  • Bashing-om
  • Chris Guiver
  • Wild Man
  • And many others

If you have a story idea for the Weekly Newsletter, join the Ubuntu News Team mailing list and submit it. Ideas can also be added to the wiki!

Except where otherwise noted, this issue of the Ubuntu Weekly Newsletter is licensed under a Creative Commons Attribution ShareAlike 3.0 License

Categories: Linux


Subscribe to Bill's Place aggregator - Linux