Hi, Andrii Thanks for your comments :-) On 2020/5/28 下午2:36, Andrii Nakryiko wrote: [snip] >> --- > > I haven't looked through implementation thoroughly yet. But I have few > general remarks. > > This looks like a useful and generic tool. I think it will get most > attention and be most useful if it will be part of BCC tools. There is > already a set of generic tools that use libbpf and CO-RE, see [0]. It > feels like this belongs there. > > Some of the annoying parts (e.g., syscall name translation) is already > generalized as part of syscount tool PR (to be hopefully merged soon), > so you'll be able to save quite a lot of code with this. There is also > a common build infra that takes care of things like vmlinux.h, which > would provide definitions for all those xxx_args structs that you had > to manually define. > > With CO-RE, it also will allow to compile this tool once and run it on > many different kernels without recompilation. Please do take a look > and submit a PR there, it will be a good addition to the toolkit (and > will force you write a bit of README explaining use of this tool as > well ;). Aha, I used to think bcc only support python and cpp :-P I'll try to rework it and submit PR, I'm glad to know that you think this tool as a helpful one, we do solved some tough issue with it already. > > As for the code itself, I haven't gone through it much, but please > convert map definition syntax to BTF-defined one. The one you are > using is a legacy one. Thanks! > > [0] https://github.com/iovisor/bcc/tree/master/libbpf-tools Will check the example there :-) Regards, Michael Wang > >> samples/bpf/Makefile | 3 + >> samples/bpf/task_detector.h | 382 +++++++++++++++++++++++++++++++++++++++ >> samples/bpf/task_detector_kern.c | 329 +++++++++++++++++++++++++++++++++ >> samples/bpf/task_detector_user.c | 314 ++++++++++++++++++++++++++++++++ >> 4 files changed, 1028 insertions(+) >> create mode 100644 samples/bpf/task_detector.h >> create mode 100644 samples/bpf/task_detector_kern.c >> create mode 100644 samples/bpf/task_detector_user.c >> > > [...] >
