diff --git a/demo/bcc.py b/demo/bcc.py deleted file mode 100644 index f9f4d28..0000000 --- a/demo/bcc.py +++ /dev/null @@ -1,46 +0,0 @@ -from __future__ import print_function -from bcc import BPF -from bcc.utils import printb - -# load BPF program -b = BPF(text=""" -#include - -BPF_HASH(last); - -int do_trace(struct pt_regs *ctx) { - u64 ts, *tsp, delta, key = 0; - - // attempt to read stored timestamp - tsp = last.lookup(&key); - if (tsp != NULL) { - delta = bpf_ktime_get_ns() - *tsp; - if (delta < 1000000000) { - // output if time is less than 1 second - bpf_trace_printk("%d\\n", delta / 1000000); - } - last.delete(&key); - } - - // update stored timestamp - ts = bpf_ktime_get_ns(); - last.update(&key, &ts); - return 0; -} -""") - -b.attach_kprobe(event=b.get_syscall_fnname("sync"), fn_name="do_trace") -print("Tracing for quick sync's... Ctrl-C to end") - -# TODO -# format output -start = 0 -while 1: - try: - (task, pid, cpu, flags, ts, ms) = b.trace_fields() - if start == 0: - start = ts - ts = ts - start - printb(b"At time %.2f s: multiple syncs detected, last %s ms ago" % (ts, ms)) - except KeyboardInterrupt: - exit() diff --git a/demo/clone-matplotlib.ipynb b/examples/clone-matplotlib.ipynb similarity index 100% rename from demo/clone-matplotlib.ipynb rename to examples/clone-matplotlib.ipynb diff --git a/examples/execve3.py b/examples/execve3.py index f636a34..510d6fa 100644 --- a/examples/execve3.py +++ b/examples/execve3.py @@ -10,18 +10,10 @@ from ctypes import c_void_p, c_int64, c_int32, c_uint64 def last() -> HashMap: return HashMap(key=c_uint64, value=c_uint64, max_entries=3) - -@bpf -@section("tracepoint/syscalls/sys_enter_execve") -def hello(ctx: c_void_p) -> c_int32: - print("entered") - print("multi constant support") - return c_int32(0) - - @bpf @section("tracepoint/syscalls/sys_exit_execve") def hello_again(ctx: c_void_p) -> c_int64: + print("multi constant support") print("exited") key = 0 delta = 0 @@ -45,11 +37,9 @@ def hello_again(ctx: c_void_p) -> c_int64: return c_int64(0) - @bpf @bpfglobal def LICENSE() -> str: return "GPL" - compile() diff --git a/examples/execve4.py b/examples/execve4.py index 9c44b1f..be900e4 100644 --- a/examples/execve4.py +++ b/examples/execve4.py @@ -10,7 +10,6 @@ from ctypes import c_void_p, c_int64, c_int32, c_uint64 def last() -> HashMap: return HashMap(key=c_uint64, value=c_uint64, max_entries=3) - @bpf @section("blk_start_request") def trace_start(ctx: c_void_p) -> c_int32: diff --git a/examples/hello_world.py b/examples/hello_world.py deleted file mode 100644 index 742da67..0000000 --- a/examples/hello_world.py +++ /dev/null @@ -1,15 +0,0 @@ -# This is what it is going to look like -# pylint: disable-all# type: ignore -from pythonbpf.decorators import tracepoint, syscalls, bpfglobal, bpf -from ctypes import c_void_p, c_int32 - -@bpf -@tracepoint(syscalls.sys_clone) -def trace_clone(ctx: c_void_p) -> c_int32: - print("Hello, World!") - return c_int32(0) - -@bpf -@bpfglobal -def LICENSE() -> str: - return "GPL" diff --git a/demo/pybpf0.py b/examples/pybpf0.py similarity index 100% rename from demo/pybpf0.py rename to examples/pybpf0.py diff --git a/demo/pybpf1.py b/examples/pybpf1.py similarity index 100% rename from demo/pybpf1.py rename to examples/pybpf1.py diff --git a/demo/pybpf2.py b/examples/pybpf2.py similarity index 100% rename from demo/pybpf2.py rename to examples/pybpf2.py diff --git a/demo/pybpf3.py b/examples/pybpf3.py similarity index 100% rename from demo/pybpf3.py rename to examples/pybpf3.py diff --git a/demo/pybpf4.py b/examples/pybpf4.py similarity index 100% rename from demo/pybpf4.py rename to examples/pybpf4.py