DLPX-96702 Update delphix/bcc to be current with upstream iovisor/bcc#20
Open
tonynguien wants to merge 1179 commits intodevelopfrom
Open
DLPX-96702 Update delphix/bcc to be current with upstream iovisor/bcc#20tonynguien wants to merge 1179 commits intodevelopfrom
tonynguien wants to merge 1179 commits intodevelopfrom
Conversation
…unt(2)
Since kernel 5.1, fsopen,fsmount,fsconfig,move_mount syscalls were introduced
(see links [1][2][3][4]). Then the mountsnoop tracking mount system call is
not enough. This submission adds support for the above syscalls.
A tracking example:
$ sudo ./mountsnoop.py
COMM PID TID MNT_NS CALL
fsmount 12373 12373 4026531841 fsopen("ext4", 0x0) = 5
fsmount 12373 12373 4026531841 fsconfig(5, FSCONFIG_SET_FLAG, "rw", "", 0) = 0
fsmount 12373 12373 4026531841 fsconfig(5, FSCONFIG_SET_STRING, "source", "/dev/loop0", 0) = 0
fsmount 12373 12373 4026531841 fsconfig(5, FSCONFIG_CMD_CREATE, "", "", 0) = 0
fsmount 12373 12373 4026531841 fsmount(5, 0x0, MOUNT_ATTR_RDONLY) = 6
fsmount 12373 12373 4026531841 move_mount(6, "", AT_FDCWD, "./tmp-dir/", MOVE_MOUNT_F_EMPTY_PATH) = 0
fsmount 12373 12373 4026531841 umount("./tmp-dir/", 0x0) = 0
In the above test, the C program is more complicated, so I will not show it
here, but a test example is given in the link [5].
[1] kernel commit 24dcb3d90a1f ("vfs: syscall: Add fsopen() to prepare for superblock creation")
v5.1-rc1-5-g24dcb3d90a1f
[2] kernel commit ecdab150fddb ("vfs: syscall: Add fsconfig() for configuring and managing a context")
v5.1-rc1-7-gecdab150fddb
[3] kernel commit 93766fbd2696 ("vfs: syscall: Add fsmount() to create a mount for a superblock")
v5.1-rc1-8-g93766fbd2696
[4] kernel commit 2db154b3ea8e ("vfs: syscall: Add move_mount(2) to move mounts around")
v5.1-rc1-2-g2db154b3ea8e
[5] https://github.com/torvalds/linux/blob/master/samples/vfs/test-fsmount.c
Signed-off-by: Rong Tao <rongtao@cestc.cn>
Signed-off-by: Jiang Guirong <rtoax@foxmail.com>
Currently, the -s option only supports tracing one signal. Now, if we enable the -s option to support a comma-separated list of signals, it will make monitoring more convenient. Signed-off-by: Tang Yizhou <yizhou.tang@shopee.com>
On WSL2 with the kernel 6.4.8, `biolatency.py` and `biolatency.py -Q` did not work.
In this case, the kernel kprobe functions were inlined and `block:block_io_{start|done}`
tracepoints were missing, thus no condition was matched.
This fix adds support for `block:block_bio_queue` and `block:block_rq_complete` tracepoints,
corresponding to the blktrace Q event (Queue) and C event (Complete) respectively. Now
`biolatency.py` and the `-Q` option are compatible with the kernel.
Signed-off-by: LPY <wasdjkl233@gmail.com>
Add optional flags for BPF_TABLE_SHARED.
Added -f option to display output in folded format for conversion to flame
graphs.
This is a test example.
# ./profile -f
test-strlen-abc;__libc_start_main;main;a;b;strlen 34
test-strlen-abc;__libc_start_main;main;a;b;strlen 28
test-strlen-abc;__libc_start_main;main;a;b;strlen 15
test-strlen-abc;__libc_start_main;main;a;b;strlen 12
test-strlen-abc;__libc_start_main;main;a;b;strlen 11
test-strlen-abc;__libc_start_main;main;a;b;strlen 9
test-strlen-abc;__libc_start_main;main;a;b;strlen 5
Print stacktrace line by line in stead of in the same line in order to similar to other stack trace output.
Fix a doc typo.
Add fsync(),fdatasync(),syncfs(),sync_file_range(),msync() syscalls to
trace. For example:
$ sudo ./syncsnoop.py
TIME(s) COMM CALL
1173253.856512000 worker fdatasync
1173260.193706000 sync sync
1173261.478894000 syncfs syncfs
1173264.231075000 fsync fsync
1173264.297788000 fsync fdatasync
1173284.063700000 worker fdatasync
1173288.229822000 mkfs.ext4 fsync
1173304.818227000 worker fdatasync
1173315.065319000 journal-offline fsync
Signed-off-by: Rong Tao <rongtao@cestc.cn>
… riscv64
On Debian12 riscv64, the kernel never has asm/errno.h for riscv64, we
do not include usdt.bpf.h could solve this problem.
$ make
...
BPF javagc.bpf.o
In file included from javagc.bpf.c:6:
In file included from /home/rongtao/bcc/libbpf-tools/.output/bpf/usdt.bpf.h:6:
/usr/include/linux/errno.h:1:10: fatal error: 'asm/errno.h' file not found
#include <asm/errno.h>
^~~~~~~~~~~~~
1 error generated.
make: *** [Makefile:204: /home/rongtao/bcc/libbpf-tools/.output/javagc.bpf.o] Error 1
Signed-off-by: Rong Tao <rongtao@cestc.cn>
tools/killsnoop supports a signal list(47d7263), it's reasonable to support the same feature in libbpf-tools/sigsnoop. Signed-off-by: Dantezy <zhangyet@gmail.com>
Add fsync(),fdatasync(),syncfs(),sync_file_range(),msync() syscalls to
trace. For example:
$ sudo ./syncsnoop
TIME(s) COMM CALL
7348.355957031 aria2c fsync
7350.032226562 ThreadPoolForeg fdatasync
Signed-off-by: Rong Tao <rongtao@cestc.cn>
Signed-off-by: Jiang Guirong <rtoax@foxmail.com>
The upstream linux commit[1] implemented syscall wrappers. Currently
get_syscall_prefix returns unmatched prefix.
The syscall wrappers generates three functions for each system call,
one of them is __riscv_<compat_>sys_<name>.
So here it can be processed like x86/arm64.
[1] 08d0ce30e0e4 ("riscv: Implement syscall wrappers")
Signed-off-by: Chen Pei <cp0613@linux.alibaba.com>
Print starting message like python version does But not implement to print thread_context and stack_context Python version starting message $ sudo python3 ./offcputime.py Tracing off-CPU time (us) of all threads by user + kernel stack... Hit Ctrl-C to end. $ sudo python3 ./offcputime.py 30 Tracing off-CPU time (us) of all threads by user + kernel stack for 30 secs. libbpf-tools version(with this patch) starting message $ sudo ./offcputime Tracing off-CPU time (us)... Hit Ctrl-C to end. $ sudo ./offcputime 30 Tracing off-CPU time (us) for 30 secs.
* Extend `bcc_proc` API. Allow to limit search to specific pid. - Also extend the Python binding with the same goal. - The API changes are backwards-compatible. - Also added a couple of boundary checks for `memcpy`
* Support for kernel up to 6.9. * Add support for bcachefs to fsdist and fsslower tools * libbpf tool update: memleak, syncsnoop, numamove, syscount, vfsstat, tcptop, capable, syncsnoop, sigsnoop, etc. * bcc tool update: biolatency, biosnoop, biotop, vfsstat, kvmexit, sslsniff, swapin, etc. * build: Remove llvm-dev dependency from libbcc * build: Remove dependency on LLVM header from libbcc packages * usdt: Fix bare register dereference on aarch64 * Extend `bcc_proc` API which allows to limit search to specific pid * Fix several flaky tests. * doc update, other bug fixes and tools improvement. Signed-off-by: Yonghong Song <yonghong.song@linux.dev>
The program should be prompted to start running:
$ sudo ./futexctn
Summarize futex contention latency, hit ctrl-c to exit
Signed-off-by: Rong Tao <rongtao@cestc.cn>
Remove the case where print_stacktrace is called even when syms is null.
…option
Add additional information and change format of backtrace
- add symbol base offset, dso name, dso base offset
- symbol and dso info is included if it's available in target binary
- changed format:
ADDR [SYMBOL+OFFSET] (MODULE+OFFSET)
before:
# ./profile
clocksource_watchdog
call_timer_fn
run_timer_softirq
__softirqentry_text_start
irq_exit_rcu
sysvec_apic_timer_interrupt
asm_sysvec_apic_timer_interrupt
strlen
b
a
main
__libc_start_main
- test-strlen-abc (26209)
1
After:
# ./profile -v
0xffffffff8111f594 clocksource_watchdog+0xd4
0xffffffff81117454 call_timer_fn+0x24
0xffffffff81117de4 run_timer_softirq+0x444
0xffffffff81dd3493 __softirqentry_text_start+0xd3
0xffffffff8108143c irq_exit_rcu+0x6c
0xffffffff81dc738e sysvec_apic_timer_interrupt+0x3e
0xffffffff81e00d46 asm_sysvec_apic_timer_interrupt+0x16
0x00007f71fc0f8bc6 strlen+0x106 (/lib/x86_64-linux-gnu/libc-2.19.so+0x88bc6)
0x0000560e13e006e1 b+0x9 (/root/es/test_utils/test-strlen-abc+0x6e1)
0x0000560e13e006d3 a+0x9 (/root/es/test_utils/test-strlen-abc+0x6d3)
0x0000560e13e00755 main+0x14 (/root/es/test_utils/test-strlen-abc+0x755)
0x00007f71fc091ec5 __libc_start_main+0xf5 (/lib/x86_64-linux-gnu/libc-2.19.so+0x21ec5)
- test-strlen-abc (26209)
1
Include symbol base offset in the kernel stack trace to accurately pinpoint
the location of function calls.
The offset is commonly used in various debugging tools, including those for
the Linux kernel.
Before:
# ./wakeuptime.py
target: kworker/u8:3
ffffffffc0215f96 bpf_prog_6deef7357e7b4530_sd_fw_ingress
ffffffff928e925d bpf_trace_run1
ffffffff9274d7d9 __bpf_trace_sched_wakeup_template
ffffffff9274611b __traceiter_sched_wakeup
ffffffff9275e2c1 ttwu_do_activate
ffffffff9275e4f1 sched_ttwu_pending
ffffffff92827fb3 __flush_smp_call_function_queue
ffffffff92828b3a flush_smp_call_function_queue
ffffffff9277d5a7 do_idle
ffffffff9277d80a cpu_startup_entry
ffffffff926a7349 start_secondary
ffffffff92600279 secondary_startup_64_no_verify
waker: swapper/3
1508198
After:
# ./wakeuptime.py
target: kworker/u8:0
ffffffffc0215f9a bpf_prog_6deef7357e7b4530_sd_fw_ingress+0xfaf6
ffffffff928e925d bpf_trace_run1+0x4d
ffffffff9274d7d9 __bpf_trace_sched_wakeup_template+0x9
ffffffff9274611b __traceiter_sched_wakeup+0x2b
ffffffff9275e2c1 ttwu_do_activate+0x131
ffffffff9275e4f1 sched_ttwu_pending+0xf1
ffffffff92827fb3 __flush_smp_call_function_queue+0x143
ffffffff92828b3a flush_smp_call_function_queue+0x3a
ffffffff9277d5a7 do_idle+0xb7
ffffffff9277d80a cpu_startup_entry+0x2a
ffffffff926a7349 start_secondary+0x129
ffffffff92600279 secondary_startup_64_no_verify+0x184
waker: swapper/2
247368
Signed-off-by: zhangzikang01 <zhangzikang@kylinos.cn>
In kernel commit b951aaff5035 ("mm: enable page allocation tagging") [1], add
_noprof suffix to filemap_alloc_folio.
Link: torvalds/linux@b951aaf [1]
Signed-off-by: Rong Tao <rongtao@cestc.cn>
Print shmctl command:
$ sudo ./shmsnoop.py
PID COMM SYS RET ARGs
16413 writer SHMGET 31 key: 0xd2032983, size: 4194304, shmflg: 0x3a4 (IPC_CREAT|0644)
16413 writer SHMAT 7f7f572b8000 shmid: 0x31, shmaddr: 0x0, shmflg: 0x0
16413 writer SHMDT 0 shmaddr: 0x7f7f572b8000
16418 reader SHMGET 31 key: 0xd2032983, size: 4194304, shmflg: 0x1a4 (0644)
16418 reader SHMAT 7f28e81a4000 shmid: 0x31, shmaddr: 0x0, shmflg: 0x0
16418 reader SHMDT 0 shmaddr: 0x7f28e81a4000
16418 reader SHMCTL 0 shmid: 0x31, cmd: 0 (IPC_RMID), buf: 0x0
^^^^^^^^^^
Signed-off-by: Rong Tao <rongtao@cestc.cn>
This PR accounts for the rename/refactor of the following functions
__do_page_cache_readahead -> do_page_cache_ra -> page_cache_ra_order by torvalds/linux@8238287eadb2 and torvalds/linux@56a4d67c264e
__page_cache_alloc -> filemap_alloc_folio -> filemap_alloc_folio_noprof by torvalds/linux@bb3c579e25e5 and torvalds/linux@b951aaff5035.
Inspired by the perf-top command, the offcputime tool is
enhanced to support tracking multiple processes and threads.
$ man perf-top
-p <pid>, --pid=<pid>
Profile events on existing Process ID (comma separated list).
-t <tid>, --tid=<tid>
Profile events on existing thread ID (comma separated list).
Before:
$ offcputime -h
optional arguments:
-p PID, --pid PID trace this PID only
-t TID, --tid TID trace this TID only
examples:
./offcputime -p 185 # only trace threads for PID 185
./offcputime -t 188 # only trace thread 188
After:
$ offcputime -h
optional arguments:
-p PID, --pid PID trace these PIDs only, comma separated list
-t TID, --tid TID trace these TIDs only, comma separated list
examples:
./offcputime -p 185,175,165 # only trace threads for PID 185,175,165
./offcputime -t 188,120,134 # only trace threads 188,120,134
Signed-off-by: Yingming Mao <maoyingming@baidu.com>
Reviewed-by: Shuo Li <lishuo02@baidu.com>
The upstream commit llvm/llvm-project#82240 introduced a func signature change for func getFileLineInfoForAddress(). Add proper change to accommodate llvm20 need for additional func arguments.
Upstream patch llvm/llvm-project#107008 makes cpu=v3 as the default. Previously cpu=v1 as the default for bcc. Let us mark cpu=v1 explicitly for bcc for now to keep it backword compatible.
cpudist.py supports run in pid namespace
The top upstream libbpf commit is
commit afb8b17bc50b0b7606ad4ea468cbc9f5aede8dae (HEAD -> master, origin/master, origin/HEAD)
Author: Andrii Nakryiko <andrii@kernel.org>
Date: Mon Dec 15 10:30:36 2025 -0800
sync: latest libbpf changes from kernel
The top upstream blazesym commit is
commit 30b803d861e6609f2ca3e84a3e7e0eb2c41ef5bb (HEAD -> main, origin/main, origin/HEAD)
Author: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Date: Wed Jan 14 14:05:06 2026 +0000
build(deps): bump zip from 7.0.0 to 7.1.0
The top upstream bpftool commit is
commit ad5d76e5c6b622e5ed05fecfa68029bae949d408
Author: Quentin Monnet <qmo@kernel.org>
Date: Wed Dec 17 02:08:51 2025 +0000
sync: Pull latest bpftool changes from kernel
* Support for kernel up to 6.18
* New Tools
tools/softirqslower: New tool to trace slow software interrupt handlers (#5356)
* Enhanced Functionality
libbpf-tools/opensnoop: Added full-path support with `-F` option (#5323, #5333)
libbpf-tools/filelife: Added full-path support (#5347, ab8e061)
libbpf-tools: Introduced path helpers (ab8e061)
libbpf-tools/trace_helpers: Added str_loadavg() and str_timestamp() common functions (694de9f)
libbpf-tools/filetop: Added directory filter capability (#5300)
libbpf-tools/runqslower: Added `-c` option to filter by process name prefix (673911c)
libbpf-tools/runqlat: Dynamically size pid/pidns histogram map (#5342)
libbpf-tools/fsdist, fsslower: Added support for fuse filesystem (9691c56)
libbpf-tools/tcptop: Major refactoring using fentry/fexit for better performance (75bb73a, e2c7917, d786eaa, da3a474)
tools/opensnoop: Added full-path support with `-F` option (#5334, #5339)
tools/kvmexit: Added AMD processor support and parallel post-processing (13a4e5a, c2af2ee)
tools/offwaketime: Added raw tracepoint support to reduce overhead (380ee01)
Python uprobe API: Added functionality to detach all uprobes for a binary (#5325)
Python API: Added support for executing a program and tracing it (#5362)
* Bug Fixes
libbpf-tools/filelife: Fixed wrong full-path handling (#5347)
libbpf-tools/filelife: Fixed problem when using perf-buffer (ec8415b)
libbpf-tools/funclatency: Delete the element from the `starts` map after it has been used (06ce134)
libbpf-tools/offcputime: Fixed min/max_block_ns unit conversion error (#5327, d507a53)
libbpf-tools/syncsnoop: Added support for sync_file_range2 and arm_sync_file_range() (4287921)
libbpf-tools/ksnoop: Fixed two invalid access to map value (#5361)
libbpf-tools/klockstat: Allows kprobe fallback to work with lock debugging (#5359)
libbpf-tools/biotop: Fixed segmentation fault with musl libc build (52d2d09)
libbpf-tools/syscall_helpers, Python BCC: Updated syscall list (add file_getattr/file_setattr) (b63d7e3, a9c6650)
tools/tcpaccept: Fixed on recent kernels (c208d0e)
tools/tcpconnect: Fixed iov field for DNS with Linux>=6.4 (#5382)
tools/javaobjnew: Use MIN macro instead of min function (fb8910a)
tools/biolatency, biosnoop, biotop: Use TRACEPOINT_PROBE() for tracepoints (#5366)
Various tools: Don't use the old bpf_probe_read() helper (1cc15c3)
CC: Support versioned SONAME in shared library resolution (beb1fe4, c351210)
Python TCP: Added state2str() and applied to tools (bfa05d2)
s390 architecture: Prevent invalid mem access when reading PAGE_OFFSET (d8595ee)
* Build & Test Fixes
Fixed build failure with clang21 (#5369)
Fixed build for LLVM 23 by avoiding deprecated TargetRegistry overloads (#5401)
ci: Make version.cmake handle shallow clone (2232b7e)
ci: Various test fixes for proper CI operation (blk probes, rss_stat, kmalloc, btrfs/f2fs) (a499181, c338547, 6b7dd5d, ea5cf83)
tests: Added coverage for versioned SONAME resolution (c351210)
Removed luajit options to ensure no errors (26eaf13)
* Doc update, other bug fixes and tools improvement
This commit completes the synchronization required after updating the libbpf submodule to commit afb8b17bc50b0b7606ad4ea468cbc9f5aede8dae in commit f820b82.
…sync The libbpf update uses __LINUX_BPF_H__ guard, causing duplicate inclusions in BCC's pipeline. Revert to _UAPI__ prefix for now to restore test stability.
…(30b803d) Sync libbpf-tools with blazesym @30b803d861e6609f and migrate integration from the old Rust FFI API to the new native C API. - Makefile: switch to using updated blazesym C library and header (libblazesym_c.a and blazesym/capi/include/blazesym.h) - Migrate tools: futexctn, opensnoop, memleak to use new API and print file:line symbol info where available.
* Bug Fixes
Sync BCC with libbpf submodule update (afb8b17) (#5455, #5460)
libbpf-tools: Sync blazesym submodule and migrate tools to new C API (#5458)
This adds new listns and a missing uprobe sycall to x86 and a few extra missing non x86 syscalls.
The compile error is caused by a type mismatch between u64 and `unsigned long long`. This patch explicitly casts the `samples` variable to `unsigned long long` to resolve the issue #5332.
tonynguien
force-pushed
the
dlpx/pr/tonynguien/5047efc9-172e-480b-80ce-86a59c7935e7
branch
2 times, most recently
from
7d9fde5 to
d6a634e
Compare
tonynguien
changed the title
tonynguien
force-pushed
the
dlpx/pr/tonynguien/5047efc9-172e-480b-80ce-86a59c7935e7
branch
from
d6a634e to
6f3d96e
Compare
![mend-for-github-com[bot]](https://avatars.githubusercontent.com/in/30796?s=60&v=4){kind=small}
| if (sscanf(filename, "libc-%f.so", &version) == 1 || | ||
| sscanf(filename, "libc.so.%f", &version) == 1) { | ||
| if (target_pid == 0) { | ||
| memcpy(path, buf, strlen(buf)); |
Contributor
There was a problem hiding this comment.
Mend Code Security Check
New finding (1 of 10)
The Mend Code Security Check of your branch failed because of a Buffer Overflow finding in this line.
| Severity | Vulnerability Type | CWE | File | Data Flows | Detected |
|---|---|---|---|---|---|
 High | Buffer Overflow | 1 | 2026-02-27 09:59pm | ||
| |||||
| if (mapnamelen >= PATH_MAX) { | ||
| fprintf(stderr, "Found mapped library path is too long\n"); | ||
| break; | ||
| } | ||
| found = true; |
Contributor
There was a problem hiding this comment.
Mend Code Security Check
New finding (2 of 10)
The Mend Code Security Check of your branch failed because of a Buffer Overflow finding in this line.
| Severity | Vulnerability Type | CWE | File | Data Flows | Detected |
|---|---|---|---|---|---|
| High | Buffer Overflow | 1 | 2026-02-27 09:59pm | ||
| |||||
| goto cleanup; | ||
| } | ||
|
|
||
| n = snprintf(buf, buf_len, "loadavg: %s", avg); |
Contributor
There was a problem hiding this comment.
Mend Code Security Check
New finding (3 of 10)
The Mend Code Security Check of your branch failed because of a Buffer Overflow finding in this line.
| Severity | Vulnerability Type | CWE | File | Data Flows | Detected |
|---|---|---|---|---|---|
| High | Buffer Overflow | 1 | 2026-02-27 09:59pm | ||
| |||||
| memcpy(path, buf, strlen(buf)); | ||
| } else { | ||
| snprintf(proc_path, sizeof(proc_path), "/proc/%d/root%s", target_pid, buf); | ||
| memcpy(path, proc_path, strlen(proc_path)); |
Contributor
There was a problem hiding this comment.
Mend Code Security Check
New finding (5 of 10)
The Mend Code Security Check of your branch failed because of a Out of Buffer Bounds Write finding in this line.
| Severity | Vulnerability Type | CWE | File | Data Flows | Detected |
|---|---|---|---|---|---|
| High | Out of Buffer Bounds Write | 1 | 2026-02-27 09:59pm | ||
| |||||
| if (target_pid == 0) { | ||
| memcpy(path, buf, strlen(buf)); | ||
| } else { | ||
| snprintf(proc_path, sizeof(proc_path), "/proc/%d/root%s", target_pid, buf); |
Contributor
There was a problem hiding this comment.
Mend Code Security Check
New finding (6 of 10)
The Mend Code Security Check of your branch failed because of a Out of Buffer Bounds Write finding in this line.
| Severity | Vulnerability Type | CWE | File | Data Flows | Detected |
|---|---|---|---|---|---|
| High | Out of Buffer Bounds Write | 1 | 2026-02-27 09:59pm | ||
| |||||
| @@ -1026,7 +1225,7 @@ static int create_probe_event(char *buf, const char *ev_name, | |||
| char ev_alias[256]; | |||
| bool is_kprobe = strncmp("kprobe", event_type, 6) == 0; | |||
|
|
|||
| snprintf(buf, PATH_MAX, "/sys/kernel/debug/tracing/%s_events", event_type); | |||
| snprintf(buf, PATH_MAX, "%s/%s_events", get_tracefs_path(), event_type); | |||
Contributor
There was a problem hiding this comment.
Mend Code Security Check
New finding (7 of 10)
The Mend Code Security Check of your branch failed because of a Path/Directory Traversal finding in this line.
| Severity | Vulnerability Type | CWE | File | Data Flows | Detected |
|---|---|---|---|---|---|
| High | Path/Directory Traversal | 1 | 2026-02-27 09:59pm | ||
| |||||
| struct bcc_zip_entry entry; | ||
| int fd = -1; | ||
|
|
||
| fd = open(path, O_RDONLY); |
Contributor
There was a problem hiding this comment.
Mend Code Security Check
New finding (8 of 10)
The Mend Code Security Check of your branch failed because of a Path/Directory Traversal finding in this line.
| Severity | Vulnerability Type | CWE | File | Data Flows | Detected |
|---|---|---|---|---|---|
| High | Path/Directory Traversal | 1 | 2026-02-27 09:59pm | ||
| |||||
| return "Missing api argument" | ||
|
|
||
| # On expected connection to http://api.ipify.org the output here should be the server's public IP | ||
| server_ip = requests.get(api).content.decode() |
Contributor
There was a problem hiding this comment.
Mend Code Security Check
New finding (9 of 10)
The Mend Code Security Check of your branch failed because of a Server Side Request Forgery finding in this line.
| Severity | Vulnerability Type | CWE | File | Data Flows | Detected |
|---|---|---|---|---|---|
| High | Server Side Request Forgery | 1 | 2026-02-27 10:00pm | ||
| |||||
| return NULL; | ||
| } | ||
|
|
||
| char *result = malloc(strlen(path) + entry.name_length + 3); |
Contributor
There was a problem hiding this comment.
Mend Code Security Check
New finding (10 of 10)
The Mend Code Security Check of your branch failed because of a Uncontrolled Memory Allocation finding in this line.
| Severity | Vulnerability Type | CWE | File | Data Flows | Detected |
|---|---|---|---|---|---|
 Low | Uncontrolled Memory Allocation | 1 | 2026-02-27 09:59pm | ||
| |||||
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
20 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Problem
estat commands with zfs headers are failing, i.e. estat zio | zil | zpl | zvol | nfs-by-client | metaslab-alloc, see https://perforce.atlassian.net/browse/DLPX-96293.
The problem is Ubuntu bpfcc-tools and related packages the two years old, version 0.29, and support up to the 6.8 kernel (the main Ubuntu 24.04). Our images are running 6.14 kernel thus we get below forward declaration error
Solution
The solution is to build our own bcc packages which is what we did prior to the upgrade to 24.04 LTS.
The delphix/bcc is a couple years out of date so this PR merges with latest upstream iovisor/bcc and adds minor changes to properly build and rename Debian packages so they can cleanly replace Ubuntu bpfcc packages.
This change has a dependency on delphix/linux-pkg#389 which re-enables bcc build in linux-pkg.
Open question: How do we deal with MEND Security errors? Should I include those suggested changes into this PR or suppress the errors and fix them in another PR to keep the commit history cleaner?
Testing Done
Successful build against the delphix/bcc with merge changes.
BCC programs run successfully
Some estat commands are still failing though that will be separately tracked/addressed with https://perforce.atlassian.net/browse/DLPX-96701