While running some examples from samples/bpf I noticed that bpf_printk output is prepended with some extra information, e.g. :
telnet-470 [001] .N.. 419421.045894: 0x00000001: BPF command: 2
BPF command: 2 is actual string passed to bpf_printk in the bpf program, but what is the rest? I assume this comes from kernel's JIT ?
Where can I look closer what those bits mean? Thanks.
In your example:
telnet-470 [001] .N.. 419421.045894: 0x00000001: BPF command: 2
telnet is your current task's name.470 is your current task's PID.001 is the CPU number on which the task is running..N.., each character refers to a set of options (whether irqs are enabled, scheduling options, whether hard/softirqs are running, level of preempt_disabled respectively). N means that TIF_NEED_RESCHED and PREEMPT_NEED_RESCHED are set.419421.045894 is a timestamp.0x00000001 is a fake value used by BPF for the ip register.BPF command: 2 is your message.The bpf_trace_printk helper calls trace_printk, whose format is detailed in the documentation for ftrace (Output format section). The fake ip value is commented in the original commit for the bpf_trace_printk helper.
As Qeole mentioned below, this format had nothing to do with the JIT compiler (or the eBPF infrastructure for that matter) and eBPF helpers don't need to be JIT compiled as they're already compiled as part of the kernel's source code.
ftrace globally? Also, I read that bpf_trace_printk() produces output in /sys/kernel/ I'm seeing the output of on console as well as in /sys/kernel/debug/tracing/trace_pipe but I also see it on the console. How do I limit it only in sysfs? –
Dishonor © 2022 - 2024 — McMap. All rights reserved.
bpf_trace_printk()is a helper, so it's not JITted anyway (instead it's compiled as part of the kernel, and called from the eBPF program, whether it's interpreted or JITted). @pchaignon You mind if I reuse the details you provide for the doc about helpers I'm working on? – Lebbie