fluent-plugin-perf-tools 0.1.0

Sign up to get free protection for your applications and to get access to all the features.
Files changed (98) hide show
  1. checksums.yaml +7 -0
  2. data/.gitignore +15 -0
  3. data/.rubocop.yml +26 -0
  4. data/.ruby-version +1 -0
  5. data/CHANGELOG.md +5 -0
  6. data/CODE_OF_CONDUCT.md +84 -0
  7. data/Gemfile +5 -0
  8. data/LICENSE.txt +21 -0
  9. data/README.md +43 -0
  10. data/Rakefile +17 -0
  11. data/bin/console +15 -0
  12. data/bin/setup +8 -0
  13. data/fluent-plugin-perf-tools.gemspec +48 -0
  14. data/lib/fluent/plugin/in_perf_tools.rb +42 -0
  15. data/lib/fluent/plugin/perf_tools/cachestat.rb +65 -0
  16. data/lib/fluent/plugin/perf_tools/command.rb +30 -0
  17. data/lib/fluent/plugin/perf_tools/version.rb +9 -0
  18. data/lib/fluent/plugin/perf_tools.rb +11 -0
  19. data/perf-tools/LICENSE +339 -0
  20. data/perf-tools/README.md +205 -0
  21. data/perf-tools/bin/bitesize +1 -0
  22. data/perf-tools/bin/cachestat +1 -0
  23. data/perf-tools/bin/execsnoop +1 -0
  24. data/perf-tools/bin/funccount +1 -0
  25. data/perf-tools/bin/funcgraph +1 -0
  26. data/perf-tools/bin/funcslower +1 -0
  27. data/perf-tools/bin/functrace +1 -0
  28. data/perf-tools/bin/iolatency +1 -0
  29. data/perf-tools/bin/iosnoop +1 -0
  30. data/perf-tools/bin/killsnoop +1 -0
  31. data/perf-tools/bin/kprobe +1 -0
  32. data/perf-tools/bin/opensnoop +1 -0
  33. data/perf-tools/bin/perf-stat-hist +1 -0
  34. data/perf-tools/bin/reset-ftrace +1 -0
  35. data/perf-tools/bin/syscount +1 -0
  36. data/perf-tools/bin/tcpretrans +1 -0
  37. data/perf-tools/bin/tpoint +1 -0
  38. data/perf-tools/bin/uprobe +1 -0
  39. data/perf-tools/deprecated/README.md +1 -0
  40. data/perf-tools/deprecated/execsnoop-proc +150 -0
  41. data/perf-tools/deprecated/execsnoop-proc.8 +80 -0
  42. data/perf-tools/deprecated/execsnoop-proc_example.txt +46 -0
  43. data/perf-tools/disk/bitesize +175 -0
  44. data/perf-tools/examples/bitesize_example.txt +63 -0
  45. data/perf-tools/examples/cachestat_example.txt +58 -0
  46. data/perf-tools/examples/execsnoop_example.txt +153 -0
  47. data/perf-tools/examples/funccount_example.txt +126 -0
  48. data/perf-tools/examples/funcgraph_example.txt +2178 -0
  49. data/perf-tools/examples/funcslower_example.txt +110 -0
  50. data/perf-tools/examples/functrace_example.txt +341 -0
  51. data/perf-tools/examples/iolatency_example.txt +350 -0
  52. data/perf-tools/examples/iosnoop_example.txt +302 -0
  53. data/perf-tools/examples/killsnoop_example.txt +62 -0
  54. data/perf-tools/examples/kprobe_example.txt +379 -0
  55. data/perf-tools/examples/opensnoop_example.txt +47 -0
  56. data/perf-tools/examples/perf-stat-hist_example.txt +149 -0
  57. data/perf-tools/examples/reset-ftrace_example.txt +88 -0
  58. data/perf-tools/examples/syscount_example.txt +297 -0
  59. data/perf-tools/examples/tcpretrans_example.txt +93 -0
  60. data/perf-tools/examples/tpoint_example.txt +210 -0
  61. data/perf-tools/examples/uprobe_example.txt +321 -0
  62. data/perf-tools/execsnoop +292 -0
  63. data/perf-tools/fs/cachestat +167 -0
  64. data/perf-tools/images/perf-tools_2016.png +0 -0
  65. data/perf-tools/iolatency +296 -0
  66. data/perf-tools/iosnoop +296 -0
  67. data/perf-tools/kernel/funccount +146 -0
  68. data/perf-tools/kernel/funcgraph +259 -0
  69. data/perf-tools/kernel/funcslower +248 -0
  70. data/perf-tools/kernel/functrace +192 -0
  71. data/perf-tools/kernel/kprobe +270 -0
  72. data/perf-tools/killsnoop +263 -0
  73. data/perf-tools/man/man8/bitesize.8 +70 -0
  74. data/perf-tools/man/man8/cachestat.8 +111 -0
  75. data/perf-tools/man/man8/execsnoop.8 +104 -0
  76. data/perf-tools/man/man8/funccount.8 +76 -0
  77. data/perf-tools/man/man8/funcgraph.8 +166 -0
  78. data/perf-tools/man/man8/funcslower.8 +129 -0
  79. data/perf-tools/man/man8/functrace.8 +123 -0
  80. data/perf-tools/man/man8/iolatency.8 +116 -0
  81. data/perf-tools/man/man8/iosnoop.8 +169 -0
  82. data/perf-tools/man/man8/killsnoop.8 +100 -0
  83. data/perf-tools/man/man8/kprobe.8 +162 -0
  84. data/perf-tools/man/man8/opensnoop.8 +113 -0
  85. data/perf-tools/man/man8/perf-stat-hist.8 +111 -0
  86. data/perf-tools/man/man8/reset-ftrace.8 +49 -0
  87. data/perf-tools/man/man8/syscount.8 +96 -0
  88. data/perf-tools/man/man8/tcpretrans.8 +93 -0
  89. data/perf-tools/man/man8/tpoint.8 +140 -0
  90. data/perf-tools/man/man8/uprobe.8 +168 -0
  91. data/perf-tools/misc/perf-stat-hist +223 -0
  92. data/perf-tools/net/tcpretrans +311 -0
  93. data/perf-tools/opensnoop +280 -0
  94. data/perf-tools/syscount +192 -0
  95. data/perf-tools/system/tpoint +232 -0
  96. data/perf-tools/tools/reset-ftrace +123 -0
  97. data/perf-tools/user/uprobe +390 -0
  98. metadata +349 -0
@@ -0,0 +1,390 @@
1
+ #!/bin/bash
2
+ #
3
+ # uprobe - trace a given uprobe definition. User-level dynamic tracing.
4
+ # Written using Linux ftrace. Experimental.
5
+ #
6
+ # This will create, trace, then destroy a given uprobe definition. See
7
+ # Documentation/trace/uprobetrace.txt in the Linux kernel source for the
8
+ # syntax of a uprobe definition, and "uprobe -h" for examples. With this tool,
9
+ # the probe alias is optional (it will default to something meaningful).
10
+ #
11
+ # USAGE: ./uprobe [-FhHsv] [-d secs] [-p pid] [-L tid] {-l target |
12
+ # uprobe_definition [filter]}
13
+ #
14
+ # Run "uprobe -h" for full usage.
15
+ #
16
+ # WARNING: This uses dynamic tracing of user-level functions, using some
17
+ # relatively new kernel code. I have seen this cause target processes to fail,
18
+ # either entering endless spin loops or crashing on illegal instructions. I
19
+ # believe newer kernels (post 4.0) are relatively safer, but use caution. Test
20
+ # in a lab environment, and know what you are doing, before use.
21
+ #
22
+ # Use extreme caution with the raw address mode: eg, "p:libc:0xbf130". uprobe
23
+ # does not check for instruction alignment, so tracing the wrong address (eg,
24
+ # mid-way through a multi-byte instruction) will corrupt the target's memory.
25
+ # Other tracers (eg, perf_events with debuginfo) check alignment.
26
+ #
27
+ # Also beware of widespread tracing that interferes with the operation of the
28
+ # system, eg, tracing libc:malloc, which by-default will trace _all_ processes.
29
+ # Test in a lab environment before use.
30
+ #
31
+ # I wrote this because I kept testing different custom uprobes at the command
32
+ # line, and wanted a way to automate the steps. For generic user-level
33
+ # tracing, use perf_events directly.
34
+ #
35
+ # REQUIREMENTS: FTRACE and UPROBE CONFIG, which you may already have on recent
36
+ # kernel versions, file(1), ldconfig(8), objdump(1), and some version of awk.
37
+ # Also, currently only executes on Linux 4.0+ (see WARNING) unless -F is used.
38
+ #
39
+ # From perf-tools: https://github.com/brendangregg/perf-tools
40
+ #
41
+ # See the uprobe(8) man page (in perf-tools) for more info.
42
+ #
43
+ # COPYRIGHT: Copyright (c) 2015 Brendan Gregg.
44
+ #
45
+ # This program is free software; you can redistribute it and/or
46
+ # modify it under the terms of the GNU General Public License
47
+ # as published by the Free Software Foundation; either version 2
48
+ # of the License, or (at your option) any later version.
49
+ #
50
+ # This program is distributed in the hope that it will be useful,
51
+ # but WITHOUT ANY WARRANTY; without even the implied warranty of
52
+ # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
53
+ # GNU General Public License for more details.
54
+ #
55
+ # You should have received a copy of the GNU General Public License
56
+ # along with this program; if not, write to the Free Software Foundation,
57
+ # Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
58
+ #
59
+ # (http://www.gnu.org/copyleft/gpl.html)
60
+ #
61
+ # 27-Jul-2015 Brendan Gregg Created this.
62
+
63
+ ### default variables
64
+ tracing=/sys/kernel/debug/tracing
65
+ flock=/var/tmp/.ftrace-lock; wroteflock=0
66
+ opt_duration=0; duration=; opt_pid=0; pid=; opt_tid=0; tid=
67
+ opt_filter=0; filter=; opt_view=0; opt_headers=0; opt_stack=0; dmesg=2
68
+ debug=0; opt_force=0; opt_list=0; target=
69
+ PATH=$PATH:/usr/bin:/sbin # ensure we find objdump, ldconfig
70
+ trap ':' INT QUIT TERM PIPE HUP # sends execution to end tracing section
71
+
72
+ function usage {
73
+ cat <<-END >&2
74
+ USAGE: uprobe [-FhHsv] [-d secs] [-p PID] [-L TID] {-l target |
75
+ uprobe_definition [filter]}
76
+ -F # force. trace despite warnings.
77
+ -d seconds # trace duration, and use buffers
78
+ -l target # list functions from this executable
79
+ -p PID # PID to match on events
80
+ -L TID # thread id to match on events
81
+ -v # view format file (don't trace)
82
+ -H # include column headers
83
+ -s # show user stack traces
84
+ -h # this usage message
85
+
86
+ Note that these examples may need modification to match your kernel
87
+ version's function names and platform's register usage.
88
+ eg,
89
+ # trace readline() calls in all running "bash" executables:
90
+ uprobe p:bash:readline
91
+ # trace readline() with explicit executable path:
92
+ uprobe p:/bin/bash:readline
93
+ # trace the return of readline() with return value as a string:
94
+ uprobe 'r:bash:readline +0(\$retval):string'
95
+ # trace sleep() calls in all running libc shared libraries:
96
+ uprobe p:libc:sleep
97
+ # trace sleep() with register %di (x86):
98
+ uprobe 'p:libc:sleep %di'
99
+ # trace this address (use caution: must be instruction aligned):
100
+ uprobe p:libc:0xbf130
101
+ # trace gettimeofday() for PID 1182 only:
102
+ uprobe -p 1182 p:libc:gettimeofday
103
+ # trace the return of fopen() only when it returns NULL:
104
+ uprobe 'r:libc:fopen file=\$retval' 'file == 0'
105
+
106
+ See the man page and example file for more info.
107
+ END
108
+ exit
109
+ }
110
+
111
+ function warn {
112
+ if ! eval "$@"; then
113
+ echo >&2 "WARNING: command failed \"$@\""
114
+ fi
115
+ }
116
+
117
+ function end {
118
+ # disable tracing
119
+ echo 2>/dev/null
120
+ echo "Ending tracing..." 2>/dev/null
121
+ cd $tracing
122
+ warn "echo 0 > events/uprobes/$uname/enable"
123
+ if (( opt_filter )); then
124
+ warn "echo 0 > events/uprobes/$uname/filter"
125
+ fi
126
+ warn "echo -:$uname >> uprobe_events"
127
+ (( opt_stack )) && warn "echo 0 > options/userstacktrace"
128
+ warn "echo > trace"
129
+ (( wroteflock )) && warn "rm $flock"
130
+ }
131
+
132
+ function die {
133
+ echo >&2 "$@"
134
+ exit 1
135
+ }
136
+
137
+ function edie {
138
+ # die with a quiet end()
139
+ echo >&2 "$@"
140
+ exec >/dev/null 2>&1
141
+ end
142
+ exit 1
143
+ }
144
+
145
+ function set_path {
146
+ name=$1
147
+
148
+ path=$(which $name)
149
+ if [[ "$path" == "" ]]; then
150
+ path=$(ldconfig -v 2>/dev/null | awk -v lib=$name '
151
+ $1 ~ /:/ { sub(/:/, "", $1); path = $1 }
152
+ { sub(/\..*/, "", $1); }
153
+ $1 == lib { print path "/" $3 }')
154
+ if [[ "$path" == "" ]]; then
155
+ die "ERROR: segment \"$name\" ambiguous." \
156
+ "Program or library? Try a full path."
157
+ fi
158
+ fi
159
+
160
+ if [[ ! -x $path ]]; then
161
+ die "ERROR: resolved \"$name\" to \"$path\", but file missing"
162
+ fi
163
+ }
164
+
165
+ function set_addr {
166
+ path=$1
167
+ name=$2
168
+ sym=$3
169
+
170
+ [[ "$path" == "" ]] && die "ERROR: missing symbol path."
171
+ [[ "$sym" == "" ]] && die "ERROR: missing symbol for $path"
172
+
173
+ addr=$(objdump -tT $path | awk -v sym=$sym '
174
+ $NF == sym && $4 == ".text" { print $1; exit }')
175
+ [[ "$addr" == "" ]] && die "ERROR: missing symbol \"$sym\" in $path"
176
+ (( 0x$addr == 0 )) && die "ERROR: failed resolving \"$sym\" in $path." \
177
+ "Maybe it exists in a different target (eg, library)?"
178
+ addr=0x$( printf "%x" 0x$addr ) # strip leading zeros
179
+
180
+ type=$(file $path)
181
+ if [[ "$type" != *shared?object* ]]; then
182
+ # subtract the base mapping address. see Documentation/trace/
183
+ # uprobetracer.txt for background.
184
+ base=$(objdump -x $path | awk '
185
+ $1 == "LOAD" && $3 ~ /^[0x]*$/ { print $5 }')
186
+ [[ "$base" != 0x* ]] && die "ERROR: finding base load addr"\
187
+ "for $path."
188
+ addr=$(( addr - base ))
189
+ (( addr < 0 )) && die "ERROR: transposed address for $sym"\
190
+ "became negative: $addr"
191
+ addr=0x$( printf "%x" $addr)
192
+ fi
193
+ }
194
+
195
+ ### process options
196
+ while getopts Fd:hHl:p:L:sv opt
197
+ do
198
+ case $opt in
199
+ F) opt_force=1 ;;
200
+ d) opt_duration=1; duration=$OPTARG ;;
201
+ p) opt_pid=1; pid=$OPTARG ;;
202
+ L) opt_tid=1; tid=$OPTARG ;;
203
+ l) opt_list=1; target=$OPTARG ;;
204
+ H) opt_headers=1 ;;
205
+ s) opt_stack=1 ;;
206
+ v) opt_view=1 ;;
207
+ h|?) usage ;;
208
+ esac
209
+ done
210
+ shift $(( $OPTIND - 1 ))
211
+ uprobe=$1
212
+ shift
213
+ if (( $# )); then
214
+ opt_filter=1
215
+ filter=$1
216
+ fi
217
+
218
+ ### handle listing
219
+ [[ "$opt_list" == 1 && "$uprobe" != "" ]] && die "ERROR: -l takes a target only"
220
+ if (( opt_list )); then
221
+ if [[ "$target" != */* ]]; then
222
+ set_path $target
223
+ target=$path
224
+ fi
225
+ objdump -tT $target | awk '$4 == ".text" { print $NF }' | sort | uniq
226
+ exit
227
+ fi
228
+
229
+ ### check kernel version
230
+ ver=$(uname -r)
231
+ maj=${ver%%.*}
232
+ if (( opt_force == 0 && $maj < 4 )); then
233
+ cat <<-END >&2
234
+ ERROR: Kernel version >= 4.0 preferred (you have $ver). Aborting.
235
+
236
+ Background: uprobes were first added in 3.5. I've tested them on 3.13,
237
+ and found them unsafe, as they can crash or lock up processes, which can
238
+ effectively lock up the system. On 4.0, uprobes seem much safer. You
239
+ can use -F to force tracing, but you've been warned.
240
+ END
241
+ exit
242
+ fi
243
+
244
+ ### check command dependencies
245
+ for cmd in file objdump ldconfig awk; do
246
+ which $cmd > /dev/null
247
+ (( $? != 0 )) && die "ERROR: missing $cmd in \$PATH. $0 needs" \
248
+ "to use this command. Exiting."
249
+ done
250
+
251
+ ### option logic
252
+ [[ "$uprobe" == "" ]] && usage
253
+ (( opt_pid + opt_filter + opt_tid > 1 )) && \
254
+ die "ERROR: use at most one of -p, -L, or filter."
255
+ (( opt_duration && opt_view )) && die "ERROR: use either -d or -v."
256
+ if (( opt_pid )); then
257
+ # convert to filter
258
+ opt_filter=1
259
+ # ftrace common_pid is thread id from user's perspective
260
+ for tid in /proc/$pid/task/*; do
261
+ filter="$filter || common_pid == ${tid##*/}"
262
+ done
263
+ filter=${filter:3} # trim leading ' || ' (four characters)
264
+ fi
265
+ if (( opt_tid )); then
266
+ opt_filter=1
267
+ filter="common_pid == $tid"
268
+ fi
269
+ if [[ "$uprobe" != p:* && "$uprobe" != r:* ]]; then
270
+ echo >&2 "ERROR: invalid uprobe definition (should start with p: or r:)"
271
+ usage
272
+ fi
273
+ #
274
+ # Parse the following:
275
+ # p:bash:readline
276
+ # p:my bash:readline
277
+ # p:bash:readline %si
278
+ # r:bash:readline $ret
279
+ # p:my bash:readline %si
280
+ # p:bash:readline si=%si
281
+ # p:my bash:readline si=%si
282
+ # r:bash:readline cmd=+0($retval):string
283
+ # ... and all of the above with /bin/bash instead of bash
284
+ # ... and all of the above with libc:sleep instead of ...
285
+ # ... and all of the above with /lib/x86_64-linux-gnu/libc.so.6:sleep ...
286
+ # ... and all of the above with symbol addresses
287
+ # ... and examples from USAGE message
288
+ # The following code is not as complicated as it looks.
289
+ #
290
+ utype=${uprobe%%:*}
291
+ urest="${uprobe#*:} "
292
+ set -- $urest
293
+ if [[ $1 == *:* ]]; then
294
+ uname=; probe=$1; shift; uargs="$@"
295
+ else
296
+ [[ $2 != *:* ]] && die "ERROR: invalid probe. See usage (-h)."
297
+ uname=$1; probe=$2; shift 2; uargs="$@"
298
+ fi
299
+ path=$probe; path=${path%%:*}
300
+ addr=$probe; addr=${addr##*:}
301
+
302
+ # set seg and fix path (eg, seg=bash, path=/bin/bash)
303
+ if [[ $path == */* ]]; then
304
+ seg=${path##*/}
305
+ seg=${seg%%.*}
306
+ else
307
+ seg=$path
308
+ # determine path, eg, given "zsh" or "libc"
309
+ set_path $path
310
+ fi
311
+
312
+ # fix uname and addr (eg, uname=readline, addr=0x8db60)
313
+ if [[ "$addr" == 0x* ]]; then
314
+ # symbol unknown; default to seg+addr
315
+ [[ "$uname" == "" ]] && uname=${seg}_$addr
316
+ else
317
+ [[ "$uname" == "" ]] && uname=$addr
318
+ set_addr $path $seg $addr
319
+ fi
320
+
321
+ # construct uprobe
322
+ uprobe="$utype:$uname $path:$addr"
323
+ [[ "$uargs" != "" ]] && uprobe="$uprobe $uargs"
324
+
325
+ if (( debug )); then
326
+ echo "uname: \"$uname\", uprobe: \"$uprobe\""
327
+ fi
328
+
329
+ ### check permissions
330
+ cd $tracing || die "ERROR: accessing tracing. Root user? Kernel has FTRACE?
331
+ debugfs mounted? (mount -t debugfs debugfs /sys/kernel/debug)"
332
+
333
+ if (( !opt_view )); then
334
+ if (( opt_duration )); then
335
+ echo "Tracing uprobe $uname for $duration seconds (buffered)..."
336
+ else
337
+ echo "Tracing uprobe $uname ($uprobe). Ctrl-C to end."
338
+ fi
339
+ fi
340
+
341
+ ### ftrace lock
342
+ [[ -e $flock ]] && die "ERROR: ftrace may be in use by PID $(cat $flock) $flock"
343
+ echo $$ > $flock || die "ERROR: unable to write $flock."
344
+ wroteflock=1
345
+
346
+ ### setup and begin tracing
347
+ echo nop > current_tracer
348
+ if ! echo "$uprobe" >> uprobe_events; then
349
+ echo >&2 "ERROR: adding uprobe \"$uprobe\"."
350
+ if (( dmesg )); then
351
+ echo >&2 "Last $dmesg dmesg entries (might contain reason):"
352
+ dmesg | tail -$dmesg | sed 's/^/ /'
353
+ fi
354
+ edie "Exiting."
355
+ fi
356
+ if (( opt_view )); then
357
+ cat events/uprobes/$uname/format
358
+ edie ""
359
+ fi
360
+ if (( opt_filter )); then
361
+ if ! echo "$filter" > events/uprobes/$uname/filter; then
362
+ edie "ERROR: setting filter or -p. Exiting."
363
+ fi
364
+ fi
365
+ if (( opt_stack )); then
366
+ if ! echo 1 > options/userstacktrace; then
367
+ edie "ERROR: enabling stack traces (-s). Exiting"
368
+ fi
369
+ fi
370
+ if ! echo 1 > events/uprobes/$uname/enable; then
371
+ edie "ERROR: enabling uprobe $uname. Exiting."
372
+ fi
373
+
374
+ ### print trace buffer
375
+ warn "echo > trace"
376
+ if (( opt_duration )); then
377
+ sleep $duration
378
+ if (( opt_headers )); then
379
+ cat trace
380
+ else
381
+ grep -v '^#' trace
382
+ fi
383
+ else
384
+ # trace_pipe lack headers, so fetch them from trace
385
+ (( opt_headers )) && cat trace
386
+ cat trace_pipe
387
+ fi
388
+
389
+ ### end tracing
390
+ end