ashleydavies/trace_example.py

## trace_example.py
#! /usr/bin/env python

from bcc import BPF

b = BPF(text="""
BPF_PERCPU_ARRAY(call_count, int);

int kprobe__sys_clone() {
  int zero = 0;
  int one = 1;
  int two = 2;
  int three = 3;
  int *val_p = call_count.lookup(&zero);
  int *val_p_2 = call_count.lookup(&one);
  int *val_p_3 = call_count.lookup(&two);
  int *val_p_4 = call_count.lookup(&three);
  if (val_p != NULL && val_p_2 != NULL && val_p_3 != NULL && val_p_4 != NULL) {
    bpf_trace_printk("Total futex in: %d\\n", *val_p);
    bpf_trace_printk("Total futex out: %d\\n", *val_p_2);
    bpf_trace_printk("Total write in: %d\\n", *val_p_3);
    bpf_trace_printk("Total write out: %d\\n", *val_p_4);
  }
}

int kprobe__sys_write() {
  call_count.increment(2);
  return 0;
}

int kretprobe__sys_write() {
  call_count.increment(3);
  return 0;
}

int kprobe__sys_futex() {
  call_count.increment(0);
  return 0;
}

int kretprobe__sys_futex() {
  call_count.increment(1);
  return 0;
}
""")

b.trace_print()
	#! /usr/bin/env python

	from bcc import BPF

	b = BPF(text="""
	BPF_PERCPU_ARRAY(call_count, int);

	int kprobe__sys_clone() {
	int zero = 0;
	int one = 1;
	int two = 2;
	int three = 3;
	int *val_p = call_count.lookup(&zero);
	int *val_p_2 = call_count.lookup(&one);
	int *val_p_3 = call_count.lookup(&two);
	int *val_p_4 = call_count.lookup(&three);
	if (val_p != NULL && val_p_2 != NULL && val_p_3 != NULL && val_p_4 != NULL) {
	bpf_trace_printk("Total futex in: %d\\n", *val_p);
	bpf_trace_printk("Total futex out: %d\\n", *val_p_2);
	bpf_trace_printk("Total write in: %d\\n", *val_p_3);
	bpf_trace_printk("Total write out: %d\\n", *val_p_4);
	}
	}

	int kprobe__sys_write() {
	call_count.increment(2);
	return 0;
	}

	int kretprobe__sys_write() {
	call_count.increment(3);
	return 0;
	}

	int kprobe__sys_futex() {
	call_count.increment(0);
	return 0;
	}

	int kretprobe__sys_futex() {
	call_count.increment(1);
	return 0;
	}
	""")

	b.trace_print()