linuxdebug/tools/testing/selftests/bpf/progs/pyperf.h

// SPDX-License-Identifier: GPL-2.0
// Copyright (c) 2019 Facebook
#include <linux/sched.h>
#include <linux/ptrace.h>
#include <stdint.h>
#include <stddef.h>
#include <stdbool.h>
#include <linux/bpf.h>
#include <bpf/bpf_helpers.h>

#define FUNCTION_NAME_LEN 64
#define FILE_NAME_LEN 128
#define TASK_COMM_LEN 16

typedef struct {
	int PyThreadState_frame;
	int PyThreadState_thread;
	int PyFrameObject_back;
	int PyFrameObject_code;
	int PyFrameObject_lineno;
	int PyCodeObject_filename;
	int PyCodeObject_name;
	int String_data;
	int String_size;
} OffsetConfig;

typedef struct {
	uintptr_t current_state_addr;
	uintptr_t tls_key_addr;
	OffsetConfig offsets;
	bool use_tls;
} PidData;

typedef struct {
	uint32_t success;
} Stats;

typedef struct {
	char name[FUNCTION_NAME_LEN];
	char file[FILE_NAME_LEN];
} Symbol;

typedef struct {
	uint32_t pid;
	uint32_t tid;
	char comm[TASK_COMM_LEN];
	int32_t kernel_stack_id;
	int32_t user_stack_id;
	bool thread_current;
	bool pthread_match;
	bool stack_complete;
	int16_t stack_len;
	int32_t stack[STACK_MAX_LEN];

	int has_meta;
	int metadata;
	char dummy_safeguard;
} Event;


typedef int pid_t;

typedef struct {
	void* f_back; // PyFrameObject.f_back, previous frame
	void* f_code; // PyFrameObject.f_code, pointer to PyCodeObject
	void* co_filename; // PyCodeObject.co_filename
	void* co_name; // PyCodeObject.co_name
} FrameData;

#ifdef SUBPROGS
__noinline
#else
__always_inline
#endif
static void *get_thread_state(void *tls_base, PidData *pidData)
{
	void* thread_state;
	int key;

	bpf_probe_read_user(&key, sizeof(key), (void*)(long)pidData->tls_key_addr);
	bpf_probe_read_user(&thread_state, sizeof(thread_state),
			    tls_base + 0x310 + key * 0x10 + 0x08);
	return thread_state;
}

static __always_inline bool get_frame_data(void *frame_ptr, PidData *pidData,
					   FrameData *frame, Symbol *symbol)
{
	// read data from PyFrameObject
	bpf_probe_read_user(&frame->f_back,
			    sizeof(frame->f_back),
			    frame_ptr + pidData->offsets.PyFrameObject_back);
	bpf_probe_read_user(&frame->f_code,
			    sizeof(frame->f_code),
			    frame_ptr + pidData->offsets.PyFrameObject_code);

	// read data from PyCodeObject
	if (!frame->f_code)
		return false;
	bpf_probe_read_user(&frame->co_filename,
			    sizeof(frame->co_filename),
			    frame->f_code + pidData->offsets.PyCodeObject_filename);
	bpf_probe_read_user(&frame->co_name,
			    sizeof(frame->co_name),
			    frame->f_code + pidData->offsets.PyCodeObject_name);
	// read actual names into symbol
	if (frame->co_filename)
		bpf_probe_read_user_str(&symbol->file,
					sizeof(symbol->file),
					frame->co_filename +
					pidData->offsets.String_data);
	if (frame->co_name)
		bpf_probe_read_user_str(&symbol->name,
					sizeof(symbol->name),
					frame->co_name +
					pidData->offsets.String_data);
	return true;
}

struct {
	__uint(type, BPF_MAP_TYPE_HASH);
	__uint(max_entries, 1);
	__type(key, int);
	__type(value, PidData);
} pidmap SEC(".maps");

struct {
	__uint(type, BPF_MAP_TYPE_HASH);
	__uint(max_entries, 1);
	__type(key, int);
	__type(value, Event);
} eventmap SEC(".maps");

struct {
	__uint(type, BPF_MAP_TYPE_HASH);
	__uint(max_entries, 1);
	__type(key, Symbol);
	__type(value, int);
} symbolmap SEC(".maps");

struct {
	__uint(type, BPF_MAP_TYPE_ARRAY);
	__uint(max_entries, 1);
	__type(key, int);
	__type(value, Stats);
} statsmap SEC(".maps");

struct {
	__uint(type, BPF_MAP_TYPE_PERF_EVENT_ARRAY);
	__uint(max_entries, 32);
	__uint(key_size, sizeof(int));
	__uint(value_size, sizeof(int));
} perfmap SEC(".maps");

struct {
	__uint(type, BPF_MAP_TYPE_STACK_TRACE);
	__uint(max_entries, 1000);
	__uint(key_size, sizeof(int));
	__uint(value_size, sizeof(long long) * 127);
} stackmap SEC(".maps");

#ifdef USE_BPF_LOOP
struct process_frame_ctx {
	int cur_cpu;
	int32_t *symbol_counter;
	void *frame_ptr;
	FrameData *frame;
	PidData *pidData;
	Symbol *sym;
	Event *event;
	bool done;
};

static int process_frame_callback(__u32 i, struct process_frame_ctx *ctx)
{
	int zero = 0;
	void *frame_ptr = ctx->frame_ptr;
	PidData *pidData = ctx->pidData;
	FrameData *frame = ctx->frame;
	int32_t *symbol_counter = ctx->symbol_counter;
	int cur_cpu = ctx->cur_cpu;
	Event *event = ctx->event;
	Symbol *sym = ctx->sym;

	if (frame_ptr && get_frame_data(frame_ptr, pidData, frame, sym)) {
		int32_t new_symbol_id = *symbol_counter * 64 + cur_cpu;
		int32_t *symbol_id = bpf_map_lookup_elem(&symbolmap, sym);

		if (!symbol_id) {
			bpf_map_update_elem(&symbolmap, sym, &zero, 0);
			symbol_id = bpf_map_lookup_elem(&symbolmap, sym);
			if (!symbol_id) {
				ctx->done = true;
				return 1;
			}
		}
		if (*symbol_id == new_symbol_id)
			(*symbol_counter)++;

		barrier_var(i);
		if (i >= STACK_MAX_LEN)
			return 1;

		event->stack[i] = *symbol_id;

		event->stack_len = i + 1;
		frame_ptr = frame->f_back;
	}
	return 0;
}
#endif /* USE_BPF_LOOP */

#ifdef GLOBAL_FUNC
__noinline
#elif defined(SUBPROGS)
static __noinline
#else
static __always_inline
#endif
int __on_event(struct bpf_raw_tracepoint_args *ctx)
{
	uint64_t pid_tgid = bpf_get_current_pid_tgid();
	pid_t pid = (pid_t)(pid_tgid >> 32);
	PidData* pidData = bpf_map_lookup_elem(&pidmap, &pid);
	if (!pidData)
		return 0;

	int zero = 0;
	Event* event = bpf_map_lookup_elem(&eventmap, &zero);
	if (!event)
		return 0;

	event->pid = pid;

	event->tid = (pid_t)pid_tgid;
	bpf_get_current_comm(&event->comm, sizeof(event->comm));

	event->user_stack_id = bpf_get_stackid(ctx, &stackmap, BPF_F_USER_STACK);
	event->kernel_stack_id = bpf_get_stackid(ctx, &stackmap, 0);

	void* thread_state_current = (void*)0;
	bpf_probe_read_user(&thread_state_current,
			    sizeof(thread_state_current),
			    (void*)(long)pidData->current_state_addr);

	struct task_struct* task = (struct task_struct*)bpf_get_current_task();
	void* tls_base = (void*)task;

	void* thread_state = pidData->use_tls ? get_thread_state(tls_base, pidData)
		: thread_state_current;
	event->thread_current = thread_state == thread_state_current;

	if (pidData->use_tls) {
		uint64_t pthread_created;
		uint64_t pthread_self;
		bpf_probe_read_user(&pthread_self, sizeof(pthread_self),
				    tls_base + 0x10);

		bpf_probe_read_user(&pthread_created,
				    sizeof(pthread_created),
				    thread_state +
				    pidData->offsets.PyThreadState_thread);
		event->pthread_match = pthread_created == pthread_self;
	} else {
		event->pthread_match = 1;
	}

	if (event->pthread_match || !pidData->use_tls) {
		void* frame_ptr;
		FrameData frame;
		Symbol sym = {};
		int cur_cpu = bpf_get_smp_processor_id();

		bpf_probe_read_user(&frame_ptr,
				    sizeof(frame_ptr),
				    thread_state +
				    pidData->offsets.PyThreadState_frame);

		int32_t* symbol_counter = bpf_map_lookup_elem(&symbolmap, &sym);
		if (symbol_counter == NULL)
			return 0;
#ifdef USE_BPF_LOOP
	struct process_frame_ctx ctx = {
		.cur_cpu = cur_cpu,
		.symbol_counter = symbol_counter,
		.frame_ptr = frame_ptr,
		.frame = &frame,
		.pidData = pidData,
		.sym = &sym,
		.event = event,
	};

	bpf_loop(STACK_MAX_LEN, process_frame_callback, &ctx, 0);
	if (ctx.done)
		return 0;
#else
#ifdef NO_UNROLL
#pragma clang loop unroll(disable)
#else
#ifdef UNROLL_COUNT
#pragma clang loop unroll_count(UNROLL_COUNT)
#else
#pragma clang loop unroll(full)
#endif
#endif /* NO_UNROLL */
		/* Unwind python stack */
		for (int i = 0; i < STACK_MAX_LEN; ++i) {
			if (frame_ptr && get_frame_data(frame_ptr, pidData, &frame, &sym)) {
				int32_t new_symbol_id = *symbol_counter * 64 + cur_cpu;
				int32_t *symbol_id = bpf_map_lookup_elem(&symbolmap, &sym);
				if (!symbol_id) {
					bpf_map_update_elem(&symbolmap, &sym, &zero, 0);
					symbol_id = bpf_map_lookup_elem(&symbolmap, &sym);
					if (!symbol_id)
						return 0;
				}
				if (*symbol_id == new_symbol_id)
					(*symbol_counter)++;
				event->stack[i] = *symbol_id;
				event->stack_len = i + 1;
				frame_ptr = frame.f_back;
			}
		}
#endif /* USE_BPF_LOOP */
		event->stack_complete = frame_ptr == NULL;
	} else {
		event->stack_complete = 1;
	}

	Stats* stats = bpf_map_lookup_elem(&statsmap, &zero);
	if (stats)
		stats->success++;

	event->has_meta = 0;
	bpf_perf_event_output(ctx, &perfmap, 0, event, offsetof(Event, metadata));
	return 0;
}

SEC("raw_tracepoint/kfree_skb")
int on_event(struct bpf_raw_tracepoint_args* ctx)
{
	int i, ret = 0;
	ret |= __on_event(ctx);
	ret |= __on_event(ctx);
	ret |= __on_event(ctx);
	ret |= __on_event(ctx);
	ret |= __on_event(ctx);
	return ret;
}

char _license[] SEC("license") = "GPL";
null pointer error 2024-07-16 15:50:57 +02:00			`// SPDX-License-Identifier: GPL-2.0`
			`// Copyright (c) 2019 Facebook`
			`#include <linux/sched.h>`
			`#include <linux/ptrace.h>`
			`#include <stdint.h>`
			`#include <stddef.h>`
			`#include <stdbool.h>`
			`#include <linux/bpf.h>`
			`#include <bpf/bpf_helpers.h>`

			`#define FUNCTION_NAME_LEN 64`
			`#define FILE_NAME_LEN 128`
			`#define TASK_COMM_LEN 16`

			`typedef struct {`
			`int PyThreadState_frame;`
			`int PyThreadState_thread;`
			`int PyFrameObject_back;`
			`int PyFrameObject_code;`
			`int PyFrameObject_lineno;`
			`int PyCodeObject_filename;`
			`int PyCodeObject_name;`
			`int String_data;`
			`int String_size;`
			`} OffsetConfig;`

			`typedef struct {`
			`uintptr_t current_state_addr;`
			`uintptr_t tls_key_addr;`
			`OffsetConfig offsets;`
			`bool use_tls;`
			`} PidData;`

			`typedef struct {`
			`uint32_t success;`
			`} Stats;`

			`typedef struct {`
			`char name[FUNCTION_NAME_LEN];`
			`char file[FILE_NAME_LEN];`
			`} Symbol;`

			`typedef struct {`
			`uint32_t pid;`
			`uint32_t tid;`
			`char comm[TASK_COMM_LEN];`
			`int32_t kernel_stack_id;`
			`int32_t user_stack_id;`
			`bool thread_current;`
			`bool pthread_match;`
			`bool stack_complete;`
			`int16_t stack_len;`
			`int32_t stack[STACK_MAX_LEN];`

			`int has_meta;`
			`int metadata;`
			`char dummy_safeguard;`
			`} Event;`


			`typedef int pid_t;`

			`typedef struct {`
			`void* f_back; // PyFrameObject.f_back, previous frame`
			`void* f_code; // PyFrameObject.f_code, pointer to PyCodeObject`
			`void* co_filename; // PyCodeObject.co_filename`
			`void* co_name; // PyCodeObject.co_name`
			`} FrameData;`

			`#ifdef SUBPROGS`
			`__noinline`
			`#else`
			`__always_inline`
			`#endif`
			`static void get_thread_state(void tls_base, PidData *pidData)`
			`{`
			`void* thread_state;`
			`int key;`

			`bpf_probe_read_user(&key, sizeof(key), (void*)(long)pidData->tls_key_addr);`
			`bpf_probe_read_user(&thread_state, sizeof(thread_state),`
			`tls_base + 0x310 + key * 0x10 + 0x08);`
			`return thread_state;`
			`}`

			`static __always_inline bool get_frame_data(void frame_ptr, PidData pidData,`
			`FrameData frame, Symbol symbol)`
			`{`
			`// read data from PyFrameObject`
			`bpf_probe_read_user(&frame->f_back,`
			`sizeof(frame->f_back),`
			`frame_ptr + pidData->offsets.PyFrameObject_back);`
			`bpf_probe_read_user(&frame->f_code,`
			`sizeof(frame->f_code),`
			`frame_ptr + pidData->offsets.PyFrameObject_code);`

			`// read data from PyCodeObject`
			`if (!frame->f_code)`
			`return false;`
			`bpf_probe_read_user(&frame->co_filename,`
			`sizeof(frame->co_filename),`
			`frame->f_code + pidData->offsets.PyCodeObject_filename);`
			`bpf_probe_read_user(&frame->co_name,`
			`sizeof(frame->co_name),`
			`frame->f_code + pidData->offsets.PyCodeObject_name);`
			`// read actual names into symbol`
			`if (frame->co_filename)`
			`bpf_probe_read_user_str(&symbol->file,`
			`sizeof(symbol->file),`
			`frame->co_filename +`
			`pidData->offsets.String_data);`
			`if (frame->co_name)`
			`bpf_probe_read_user_str(&symbol->name,`
			`sizeof(symbol->name),`
			`frame->co_name +`
			`pidData->offsets.String_data);`
			`return true;`
			`}`

			`struct {`
			`__uint(type, BPF_MAP_TYPE_HASH);`
			`__uint(max_entries, 1);`
			`__type(key, int);`
			`__type(value, PidData);`
			`} pidmap SEC(".maps");`

			`struct {`
			`__uint(type, BPF_MAP_TYPE_HASH);`
			`__uint(max_entries, 1);`
			`__type(key, int);`
			`__type(value, Event);`
			`} eventmap SEC(".maps");`

			`struct {`
			`__uint(type, BPF_MAP_TYPE_HASH);`
			`__uint(max_entries, 1);`
			`__type(key, Symbol);`
			`__type(value, int);`
			`} symbolmap SEC(".maps");`

			`struct {`
			`__uint(type, BPF_MAP_TYPE_ARRAY);`
			`__uint(max_entries, 1);`
			`__type(key, int);`
			`__type(value, Stats);`
			`} statsmap SEC(".maps");`

			`struct {`
			`__uint(type, BPF_MAP_TYPE_PERF_EVENT_ARRAY);`
			`__uint(max_entries, 32);`
			`__uint(key_size, sizeof(int));`
			`__uint(value_size, sizeof(int));`
			`} perfmap SEC(".maps");`

			`struct {`
			`__uint(type, BPF_MAP_TYPE_STACK_TRACE);`
			`__uint(max_entries, 1000);`
			`__uint(key_size, sizeof(int));`
			`__uint(value_size, sizeof(long long) * 127);`
			`} stackmap SEC(".maps");`

			`#ifdef USE_BPF_LOOP`
			`struct process_frame_ctx {`
			`int cur_cpu;`
			`int32_t *symbol_counter;`
			`void *frame_ptr;`
			`FrameData *frame;`
			`PidData *pidData;`
			`Symbol *sym;`
			`Event *event;`
			`bool done;`
			`};`

			`static int process_frame_callback(__u32 i, struct process_frame_ctx *ctx)`
			`{`
			`int zero = 0;`
			`void *frame_ptr = ctx->frame_ptr;`
			`PidData *pidData = ctx->pidData;`
			`FrameData *frame = ctx->frame;`
			`int32_t *symbol_counter = ctx->symbol_counter;`
			`int cur_cpu = ctx->cur_cpu;`
			`Event *event = ctx->event;`
			`Symbol *sym = ctx->sym;`

			`if (frame_ptr && get_frame_data(frame_ptr, pidData, frame, sym)) {`
			`int32_t new_symbol_id = symbol_counter 64 + cur_cpu;`
			`int32_t *symbol_id = bpf_map_lookup_elem(&symbolmap, sym);`

			`if (!symbol_id) {`
			`bpf_map_update_elem(&symbolmap, sym, &zero, 0);`
			`symbol_id = bpf_map_lookup_elem(&symbolmap, sym);`
			`if (!symbol_id) {`
			`ctx->done = true;`
			`return 1;`
			`}`
			`}`
			`if (*symbol_id == new_symbol_id)`
			`(*symbol_counter)++;`

			`barrier_var(i);`
			`if (i >= STACK_MAX_LEN)`
			`return 1;`

			`event->stack[i] = *symbol_id;`

			`event->stack_len = i + 1;`
			`frame_ptr = frame->f_back;`
			`}`
			`return 0;`
			`}`
			`#endif /* USE_BPF_LOOP */`

			`#ifdef GLOBAL_FUNC`
			`__noinline`
			`#elif defined(SUBPROGS)`
			`static __noinline`
			`#else`
			`static __always_inline`
			`#endif`
			`int __on_event(struct bpf_raw_tracepoint_args *ctx)`
			`{`
			`uint64_t pid_tgid = bpf_get_current_pid_tgid();`
			`pid_t pid = (pid_t)(pid_tgid >> 32);`
			`PidData* pidData = bpf_map_lookup_elem(&pidmap, &pid);`
			`if (!pidData)`
			`return 0;`

			`int zero = 0;`
			`Event* event = bpf_map_lookup_elem(&eventmap, &zero);`
			`if (!event)`
			`return 0;`

			`event->pid = pid;`

			`event->tid = (pid_t)pid_tgid;`
			`bpf_get_current_comm(&event->comm, sizeof(event->comm));`

			`event->user_stack_id = bpf_get_stackid(ctx, &stackmap, BPF_F_USER_STACK);`
			`event->kernel_stack_id = bpf_get_stackid(ctx, &stackmap, 0);`

			`void* thread_state_current = (void*)0;`
			`bpf_probe_read_user(&thread_state_current,`
			`sizeof(thread_state_current),`
			`(void*)(long)pidData->current_state_addr);`

			`struct task_struct* task = (struct task_struct*)bpf_get_current_task();`
			`void* tls_base = (void*)task;`

			`void* thread_state = pidData->use_tls ? get_thread_state(tls_base, pidData)`
			`: thread_state_current;`
			`event->thread_current = thread_state == thread_state_current;`

			`if (pidData->use_tls) {`
			`uint64_t pthread_created;`
			`uint64_t pthread_self;`
			`bpf_probe_read_user(&pthread_self, sizeof(pthread_self),`
			`tls_base + 0x10);`

			`bpf_probe_read_user(&pthread_created,`
			`sizeof(pthread_created),`
			`thread_state +`
			`pidData->offsets.PyThreadState_thread);`
			`event->pthread_match = pthread_created == pthread_self;`
			`} else {`
			`event->pthread_match = 1;`
			`}`

			`if (event->pthread_match \|\| !pidData->use_tls) {`
			`void* frame_ptr;`
			`FrameData frame;`
			`Symbol sym = {};`
			`int cur_cpu = bpf_get_smp_processor_id();`

			`bpf_probe_read_user(&frame_ptr,`
			`sizeof(frame_ptr),`
			`thread_state +`
			`pidData->offsets.PyThreadState_frame);`

			`int32_t* symbol_counter = bpf_map_lookup_elem(&symbolmap, &sym);`
			`if (symbol_counter == NULL)`
			`return 0;`
			`#ifdef USE_BPF_LOOP`
			`struct process_frame_ctx ctx = {`
			`.cur_cpu = cur_cpu,`
			`.symbol_counter = symbol_counter,`
			`.frame_ptr = frame_ptr,`
			`.frame = &frame,`
			`.pidData = pidData,`
			`.sym = &sym,`
			`.event = event,`
			`};`

			`bpf_loop(STACK_MAX_LEN, process_frame_callback, &ctx, 0);`
			`if (ctx.done)`
			`return 0;`
			`#else`
			`#ifdef NO_UNROLL`
			`#pragma clang loop unroll(disable)`
			`#else`
			`#ifdef UNROLL_COUNT`
			`#pragma clang loop unroll_count(UNROLL_COUNT)`
			`#else`
			`#pragma clang loop unroll(full)`
			`#endif`
			`#endif /* NO_UNROLL */`
			`/* Unwind python stack */`
			`for (int i = 0; i < STACK_MAX_LEN; ++i) {`
			`if (frame_ptr && get_frame_data(frame_ptr, pidData, &frame, &sym)) {`
			`int32_t new_symbol_id = symbol_counter 64 + cur_cpu;`
			`int32_t *symbol_id = bpf_map_lookup_elem(&symbolmap, &sym);`
			`if (!symbol_id) {`
			`bpf_map_update_elem(&symbolmap, &sym, &zero, 0);`
			`symbol_id = bpf_map_lookup_elem(&symbolmap, &sym);`
			`if (!symbol_id)`
			`return 0;`
			`}`
			`if (*symbol_id == new_symbol_id)`
			`(*symbol_counter)++;`
			`event->stack[i] = *symbol_id;`
			`event->stack_len = i + 1;`
			`frame_ptr = frame.f_back;`
			`}`
			`}`
			`#endif /* USE_BPF_LOOP */`
			`event->stack_complete = frame_ptr == NULL;`
			`} else {`
			`event->stack_complete = 1;`
			`}`

			`Stats* stats = bpf_map_lookup_elem(&statsmap, &zero);`
			`if (stats)`
			`stats->success++;`

			`event->has_meta = 0;`
			`bpf_perf_event_output(ctx, &perfmap, 0, event, offsetof(Event, metadata));`
			`return 0;`
			`}`

			`SEC("raw_tracepoint/kfree_skb")`
			`int on_event(struct bpf_raw_tracepoint_args* ctx)`
			`{`
			`int i, ret = 0;`
			`ret \|= __on_event(ctx);`
			`ret \|= __on_event(ctx);`
			`ret \|= __on_event(ctx);`
			`ret \|= __on_event(ctx);`
			`ret \|= __on_event(ctx);`
			`return ret;`
			`}`

			`char _license[] SEC("license") = "GPL";`