Procmon is a Linux reimagining of the classic Procmon tool from the Sysinternals suite of tools for Windows. Procmon provides a convenient and efficient way for Linux developers to trace the syscall activity on the system.
License: MIT License
This is the source repository for https://docs.microsoft.com/sysinternals/
Please see CONTRIBUTING.md if you wish to contribute fixes or updates.
This project has adopted the Microsoft Open Source Code of Conduct. For more information see the Code of Conduct FAQ or contact [email protected] with any additional questions or comments.
![microsoft-github-operations[bot] avatar](https://avatars.githubusercontent.com/in/41902?v=4 "microsoft-github-operations[bot]")
Put packages somewhere on http://packages.microsoft.com/repos/
Was able to compile after installing these packages on Solus Linux:
sudo eopkg it -c system.devel
sudo eopkg install solbuild llvm-clang-devel cmake bison flex libelf-devel cmake
However procmon fails to start:
terminate called after throwing an instance of 'std::experimental::filesystem::v1::__cxx11::filesystem_error'
what(): filesystem error: directory iterator cannot open directory: No such file or directory [/sys/kernel/debug/tracing/events/syscalls]
Hi,
From the README.md:
Minimum OS:
Ubuntu 18.04 lts
Is there something specific to Ubuntu 18.04 LTS that makes Ubuntu the Minimum OS version? Is there a kernel version, feature or library requirement that can be defined here instead?
Please consider supporting Centos 7/8.
Provide instruction to build from source against Centos or binary (rpm) for this distribution.
Thanks.
Hi, just interested to know if there are any plans to port this project to macOS as well?
I know from experience the apple doesn't willing to provide descent unified API to acquire all process contents (no /proc library), and wrapping it with such tool would be greatly welcomed.
Procmon seems to target Ubuntu 18.04 and 20.04 exclusively. Some of us, like myself, are running shorter release cycle distros. I'm asking that support be added for these too.
Ebuild for gentoo should look something like this: https://github.com/Wonko7/w7-overlay/blob/procmon/sys-process/procmon/procmon-1.0.ebuild
This is how it fails, what am I missing?
[ 6%] Built target sqlite3-static
[ 18%] Built target bpf-static
[ 25%] Built target clang_frontend
[ 31%] Built target bcc-loader-static
[ 34%] Built target api-static
[ 40%] Built target usdt-static
[ 53%] Built target b_frontend
[ 75%] Built target bcc-static
[ 78%] Built target common-static
[ 81%] Building CXX object src/configuration/CMakeFiles/configuration-static.dir/procmon_configuration.cpp.o
In file included from /home/wjc/work/stuffs/ProcMon-for-Linux/src/configuration/procmon_configuration.h:16,
from /home/wjc/work/stuffs/ProcMon-for-Linux/src/configuration/procmon_configuration.cpp:4:
/home/wjc/work/stuffs/ProcMon-for-Linux/src/configuration/../storage/mock_storage_engine.h: In member function ‘virtual bool MockStorageEngine::Initialize(const std::vector<Event>&)’:
/home/wjc/work/stuffs/ProcMon-for-Linux/src/configuration/../storage/mock_storage_engine.h:25:67: warning: no return statement in function returning non-void [-Wreturn-type]
25 | bool Initialize(const std::vector<Event>& syscalls) override {};
| ^
/home/wjc/work/stuffs/ProcMon-for-Linux/src/configuration/../storage/mock_storage_engine.h: In member function ‘virtual std::vector<ITelemetry> MockStorageEngine::QueryByPidInTimespan(pid_t, double, double, const std::vector<Event>&)’:
/home/wjc/work/stuffs/ProcMon-for-Linux/src/configuration/../storage/mock_storage_engine.h:30:119: warning: no return statement in function returning non-void [-Wreturn-type]
30 | pid_t pid, double start_time = 0.0, double end_time = 0.0, const std::vector<Event>& syscalls = {}) override {};
| ^
In file included from /home/wjc/work/stuffs/ProcMon-for-Linux/src/configuration/procmon_configuration.h:16,
from /home/wjc/work/stuffs/ProcMon-for-Linux/src/configuration/procmon_configuration.cpp:4:
/home/wjc/work/stuffs/ProcMon-for-Linux/src/configuration/../storage/mock_storage_engine.h: In member function ‘virtual std::vector<ITelemetry> MockStorageEngine::QueryByPids(std::vector<int>, const std::vector<Event>&)’:
/home/wjc/work/stuffs/ProcMon-for-Linux/src/configuration/../storage/mock_storage_engine.h:32:128: warning: no return statement in function returning non-void [-Wreturn-type]
32 | virtual std::vector<MockTelemetry> QueryByPids(std::vector<pid_t> pids, const std::vector<Event>& syscalls = {}) override {};
| ^
/home/wjc/work/stuffs/ProcMon-for-Linux/src/configuration/../storage/mock_storage_engine.h: In member function ‘virtual std::vector<ITelemetry> MockStorageEngine::QueryByPidsInTimespan(std::vector<int>, double, double, const std::vector<Event>&)’:
/home/wjc/work/stuffs/ProcMon-for-Linux/src/configuration/../storage/mock_storage_engine.h:35:133: warning: no return statement in function returning non-void [-Wreturn-type]
35 | std::vector<pid_t> pids, double start_time = 0.0, double end_time = 0.0, const std::vector<Event>& syscalls = {}) override {};
| ^
/home/wjc/work/stuffs/ProcMon-for-Linux/src/configuration/../storage/mock_storage_engine.h: In member function ‘virtual std::vector<ITelemetry> MockStorageEngine::QueryByEventsinPage(std::vector<int>, uint, uint, ScreenConfiguration::sort, bool, const std::vector<Event>&)’:
/home/wjc/work/stuffs/ProcMon-for-Linux/src/configuration/../storage/mock_storage_engine.h:38:167: warning: no return statement in function returning non-void [-Wreturn-type]
38 | std::vector<pid_t> pids, uint pageNumber, uint eventsPerPage, ScreenConfiguration::sort orderBy, bool asc, const std::vector<Event>& syscalls = {}) override {};
| ^
/home/wjc/work/stuffs/ProcMon-for-Linux/src/configuration/../storage/mock_storage_engine.h: In member function ‘virtual std::vector<ITelemetry> MockStorageEngine::QueryByResultCodeInTimespan(int, double, double, const std::vector<Event>&)’:
/home/wjc/work/stuffs/ProcMon-for-Linux/src/configuration/../storage/mock_storage_engine.h:41:124: warning: no return statement in function returning non-void [-Wreturn-type]
41 | int resultCode, double start_time = 0.0, double end_time = 0.0, const std::vector<Event> &syscalls = {}) override {};
| ^
/home/wjc/work/stuffs/ProcMon-for-Linux/src/configuration/../storage/mock_storage_engine.h: In member function ‘virtual std::vector<ITelemetry> MockStorageEngine::QueryByFilteredEventsinPage(std::string, std::vector<int>, uint, uint, ScreenConfiguration::sort, bool, const std::vector<Event>&)’:
/home/wjc/work/stuffs/ProcMon-for-Linux/src/configuration/../storage/mock_storage_engine.h:44:187: warning: no return statement in function returning non-void [-Wreturn-type]
44 | std::string filter, std::vector<pid_t> pids, uint pageNumber, uint eventsPerPage, ScreenConfiguration::sort orderBy, bool asc, const std::vector<Event>& syscalls = {}) override {};
| ^
In file included from /home/wjc/work/stuffs/ProcMon-for-Linux/src/configuration/../storage/../display/screen_configuration.h:9,
from /home/wjc/work/stuffs/ProcMon-for-Linux/src/configuration/../storage/storage_engine.h:12,
from /home/wjc/work/stuffs/ProcMon-for-Linux/src/configuration/../storage/mock_storage_engine.h:12,
from /home/wjc/work/stuffs/ProcMon-for-Linux/src/configuration/procmon_configuration.h:16,
from /home/wjc/work/stuffs/ProcMon-for-Linux/src/configuration/procmon_configuration.cpp:4:
/usr/include/bcc/bcc_exception.h: At global scope:
/usr/include/bcc/bcc_exception.h:28:5: error: expected identifier before ‘(’ token
28 | OK = 0,
| ^~
/usr/include/bcc/bcc_exception.h:28:5: error: expected ‘}’ before ‘(’ token
In file included from /usr/include/bcc/BPFTable.h:29,
from /usr/include/bcc/BPF.h:25,
from /home/wjc/work/stuffs/ProcMon-for-Linux/src/configuration/../tracer/ebpf/ebpf_tracer_engine.h:6,
from /home/wjc/work/stuffs/ProcMon-for-Linux/src/configuration/procmon_configuration.h:21,
from /home/wjc/work/stuffs/ProcMon-for-Linux/src/configuration/procmon_configuration.cpp:4:
/usr/include/bcc/bcc_exception.h:26:19: note: to match this ‘{’
26 | enum class Code {
| ^
In file included from /home/wjc/work/stuffs/ProcMon-for-Linux/src/configuration/../storage/../display/screen_configuration.h:9,
from /home/wjc/work/stuffs/ProcMon-for-Linux/src/configuration/../storage/storage_engine.h:12,
from /home/wjc/work/stuffs/ProcMon-for-Linux/src/configuration/../storage/mock_storage_engine.h:12,
from /home/wjc/work/stuffs/ProcMon-for-Linux/src/configuration/procmon_configuration.h:16,
from /home/wjc/work/stuffs/ProcMon-for-Linux/src/configuration/procmon_configuration.cpp:4:
/usr/include/bcc/bcc_exception.h:28:5: error: expected unqualified-id before numeric constant
28 | OK = 0,
| ^~
/usr/include/bcc/bcc_exception.h:28:5: error: expected ‘)’ before numeric constant
/usr/include/bcc/bcc_exception.h:38:22: error: expected unqualified-id before numeric constant
38 | static StatusTuple OK() {
| ^~
/usr/include/bcc/bcc_exception.h:38:22: error: expected ‘)’ before numeric constant
In file included from /usr/include/bcc/BPFTable.h:29,
from /usr/include/bcc/BPF.h:25,
from /home/wjc/work/stuffs/ProcMon-for-Linux/src/configuration/../tracer/ebpf/ebpf_tracer_engine.h:6,
from /home/wjc/work/stuffs/ProcMon-for-Linux/src/configuration/procmon_configuration.h:21,
from /home/wjc/work/stuffs/ProcMon-for-Linux/src/configuration/procmon_configuration.cpp:4:
/usr/include/bcc/bcc_exception.h: In function ‘int ebpf::StatusTuple(int)’:
/usr/include/bcc/bcc_exception.h:42:26: error: only constructors take member initializers
42 | StatusTuple(int ret) : ret_(ret) {}
| ^~~~
/usr/include/bcc/bcc_exception.h: In function ‘int ebpf::StatusTuple(int, const char*)’:
/usr/include/bcc/bcc_exception.h:44:43: error: only constructors take member initializers
44 | StatusTuple(int ret, const char *msg) : ret_(ret), msg_(msg) {}
| ^~~~
/usr/include/bcc/bcc_exception.h: In function ‘int ebpf::StatusTuple(int, const string&)’:
/usr/include/bcc/bcc_exception.h:46:50: error: only constructors take member initializers
46 | StatusTuple(int ret, const std::string &msg) : ret_(ret), msg_(msg) {}
| ^~~~
/usr/include/bcc/bcc_exception.h: In function ‘int ebpf::StatusTuple(int, const char*, Args ...)’:
/usr/include/bcc/bcc_exception.h:49:57: error: only constructors take member initializers
49 | StatusTuple(int ret, const char *fmt, Args... args) : ret_(ret) {
| ^~~~
/usr/include/bcc/bcc_exception.h:52:5: error: ‘msg_’ was not declared in this scope
52 | msg_ = std::string(buf);
| ^~~~
/usr/include/bcc/bcc_exception.h: At global scope:
/usr/include/bcc/bcc_exception.h:55:14: error: expected constructor, destructor, or type conversion before ‘(’ token
55 | StatusTuple(Code code, const std::string &msg) : use_enum_code_(true), code_(code), msg_(msg) {}
| ^
/usr/include/bcc/bcc_exception.h: In function ‘void ebpf::append_msg(const string&)’:
/usr/include/bcc/bcc_exception.h:58:5: error: ‘msg_’ was not declared in this scope; did you mean ‘msg’?
58 | msg_ += msg;
| ^~~~
| msg
/usr/include/bcc/bcc_exception.h: At global scope:
/usr/include/bcc/bcc_exception.h:61:13: error: non-member function ‘bool ebpf::ok()’ cannot have cv-qualifier
61 | bool ok() const {
| ^~~~~
/usr/include/bcc/bcc_exception.h: In function ‘bool ebpf::ok()’:
/usr/include/bcc/bcc_exception.h:62:9: error: ‘use_enum_code_’ was not declared in this scope
62 | if (use_enum_code_) {
| ^~~~~~~~~~~~~~
/usr/include/bcc/bcc_exception.h:63:14: error: ‘code_’ was not declared in this scope; did you mean ‘mode_t’?
63 | return code_ == Code::OK;
| ^~~~~
| mode_t
/usr/include/bcc/bcc_exception.h:63:23: error: ‘Code’ has not been declared
63 | return code_ == Code::OK;
| ^~~~
In file included from /home/wjc/work/stuffs/ProcMon-for-Linux/src/configuration/../storage/../display/screen_configuration.h:9,
from /home/wjc/work/stuffs/ProcMon-for-Linux/src/configuration/../storage/storage_engine.h:12,
from /home/wjc/work/stuffs/ProcMon-for-Linux/src/configuration/../storage/mock_storage_engine.h:12,
from /home/wjc/work/stuffs/ProcMon-for-Linux/src/configuration/procmon_configuration.h:16,
from /home/wjc/work/stuffs/ProcMon-for-Linux/src/configuration/procmon_configuration.cpp:4:
/usr/include/bcc/bcc_exception.h:63:29: error: expected unqualified-id before ‘(’ token
63 | return code_ == Code::OK;
| ^~
In file included from /usr/include/bcc/BPFTable.h:29,
from /usr/include/bcc/BPF.h:25,
from /home/wjc/work/stuffs/ProcMon-for-Linux/src/configuration/../tracer/ebpf/ebpf_tracer_engine.h:6,
from /home/wjc/work/stuffs/ProcMon-for-Linux/src/configuration/procmon_configuration.h:21,
from /home/wjc/work/stuffs/ProcMon-for-Linux/src/configuration/procmon_configuration.cpp:4:
/usr/include/bcc/bcc_exception.h:65:12: error: ‘ret_’ was not declared in this scope
65 | return ret_ == 0;
| ^~~~
/usr/include/bcc/bcc_exception.h: At global scope:
/usr/include/bcc/bcc_exception.h:68:14: error: non-member function ‘int ebpf::code()’ cannot have cv-qualifier
68 | int code() const {
| ^~~~~
/usr/include/bcc/bcc_exception.h: In function ‘int ebpf::code()’:
/usr/include/bcc/bcc_exception.h:69:9: error: ‘use_enum_code_’ was not declared in this scope
69 | if (use_enum_code_) {
| ^~~~~~~~~~~~~~
/usr/include/bcc/bcc_exception.h:70:31: error: ‘code_’ was not declared in this scope; did you mean ‘code’?
70 | return static_cast<int>(code_);
| ^~~~~
| code
/usr/include/bcc/bcc_exception.h:72:12: error: ‘ret_’ was not declared in this scope
72 | return ret_;
| ^~~~
/usr/include/bcc/bcc_exception.h: At global scope:
/usr/include/bcc/bcc_exception.h:75:28: error: non-member function ‘const string& ebpf::msg()’ cannot have cv-qualifier
75 | const std::string& msg() const { return msg_; }
| ^~~~~
/usr/include/bcc/bcc_exception.h: In function ‘const string& ebpf::msg()’:
/usr/include/bcc/bcc_exception.h:75:43: error: ‘msg_’ was not declared in this scope; did you mean ‘msg’?
75 | const std::string& msg() const { return msg_; }
| ^~~~
| msg
/usr/include/bcc/bcc_exception.h: At global scope:
/usr/include/bcc/bcc_exception.h:77:1: error: expected unqualified-id before ‘private’
77 | private:
| ^~~~~~~
/usr/include/bcc/bcc_exception.h:81:3: error: ‘Code’ does not name a type; did you mean ‘code’?
81 | Code code_;
| ^~~~
| code
/usr/include/bcc/bcc_exception.h:104:1: error: ‘StatusTuple’ does not name a type
104 | DECLARE_ERROR(Unknown, UNKNOWN)
| ^~~~~~~~~~~~~
/usr/include/bcc/bcc_exception.h:104:1: error: ‘StatusTuple’ does not name a type
104 | DECLARE_ERROR(Unknown, UNKNOWN)
| ^~~~~~~~~~~~~
/usr/include/bcc/bcc_exception.h: In function ‘bool error::IsUnknown(const int&)’:
/usr/include/bcc/bcc_exception.h:104:1: error: request for member ‘code’ in ‘status’, which is of non-class type ‘const int’
104 | DECLARE_ERROR(Unknown, UNKNOWN)
| ^~~~~~~~~~~~~
/usr/include/bcc/bcc_exception.h:104:1: error: ‘UNKNOWN’ is not a member of ‘ebpf::StatusTuple::Code’
104 | DECLARE_ERROR(Unknown, UNKNOWN)
| ^~~~~~~~~~~~~
/usr/include/bcc/bcc_exception.h: At global scope:
/usr/include/bcc/bcc_exception.h:105:1: error: ‘StatusTuple’ does not name a type
105 | DECLARE_ERROR(InvalidArgument, INVALID_ARGUMENT)
| ^~~~~~~~~~~~~
/usr/include/bcc/bcc_exception.h:105:1: error: ‘StatusTuple’ does not name a type
105 | DECLARE_ERROR(InvalidArgument, INVALID_ARGUMENT)
| ^~~~~~~~~~~~~
/usr/include/bcc/bcc_exception.h: In function ‘bool error::IsInvalidArgument(const int&)’:
/usr/include/bcc/bcc_exception.h:105:1: error: request for member ‘code’ in ‘status’, which is of non-class type ‘const int’
105 | DECLARE_ERROR(InvalidArgument, INVALID_ARGUMENT)
| ^~~~~~~~~~~~~
/usr/include/bcc/bcc_exception.h:105:1: error: ‘INVALID_ARGUMENT’ is not a member of ‘ebpf::StatusTuple::Code’
105 | DECLARE_ERROR(InvalidArgument, INVALID_ARGUMENT)
| ^~~~~~~~~~~~~
/usr/include/bcc/bcc_exception.h: At global scope:
/usr/include/bcc/bcc_exception.h:106:1: error: ‘StatusTuple’ does not name a type
106 | DECLARE_ERROR(PermissionDenied, PERMISSION_DENIED)
| ^~~~~~~~~~~~~
/usr/include/bcc/bcc_exception.h:106:1: error: ‘StatusTuple’ does not name a type
106 | DECLARE_ERROR(PermissionDenied, PERMISSION_DENIED)
| ^~~~~~~~~~~~~
/usr/include/bcc/bcc_exception.h: In function ‘bool error::IsPermissionDenied(const int&)’:
/usr/include/bcc/bcc_exception.h:106:1: error: request for member ‘code’ in ‘status’, which is of non-class type ‘const int’
106 | DECLARE_ERROR(PermissionDenied, PERMISSION_DENIED)
| ^~~~~~~~~~~~~
/usr/include/bcc/bcc_exception.h:106:1: error: ‘PERMISSION_DENIED’ is not a member of ‘ebpf::StatusTuple::Code’
106 | DECLARE_ERROR(PermissionDenied, PERMISSION_DENIED)
| ^~~~~~~~~~~~~
/usr/include/bcc/bcc_exception.h: At global scope:
/usr/include/bcc/bcc_exception.h:107:1: error: ‘StatusTuple’ does not name a type
107 | DECLARE_ERROR(System, SYSTEM)
| ^~~~~~~~~~~~~
/usr/include/bcc/bcc_exception.h:107:1: error: ‘StatusTuple’ does not name a type
107 | DECLARE_ERROR(System, SYSTEM)
| ^~~~~~~~~~~~~
/usr/include/bcc/bcc_exception.h: In function ‘bool error::IsSystem(const int&)’:
/usr/include/bcc/bcc_exception.h:107:1: error: request for member ‘code’ in ‘status’, which is of non-class type ‘const int’
107 | DECLARE_ERROR(System, SYSTEM)
| ^~~~~~~~~~~~~
/usr/include/bcc/bcc_exception.h:107:1: error: ‘SYSTEM’ is not a member of ‘ebpf::StatusTuple::Code’
107 | DECLARE_ERROR(System, SYSTEM)
| ^~~~~~~~~~~~~
/usr/include/bcc/bcc_exception.h: At global scope:
/usr/include/bcc/bcc_exception.h:111:1: error: expected declaration before ‘}’ token
111 | } // namespace ebpf
| ^
In file included from /usr/include/bcc/table_storage.h:26,
from /usr/include/bcc/bpf_module.h:26,
from /usr/include/bcc/BPFTable.h:31,
from /usr/include/bcc/BPF.h:25,
from /home/wjc/work/stuffs/ProcMon-for-Linux/src/configuration/../tracer/ebpf/ebpf_tracer_engine.h:6,
from /home/wjc/work/stuffs/ProcMon-for-Linux/src/configuration/procmon_configuration.h:21,
from /home/wjc/work/stuffs/ProcMon-for-Linux/src/configuration/procmon_configuration.cpp:4:
/usr/include/bcc/table_desc.h:35:56: error: template argument 1 is invalid
35 | typedef std::function<StatusTuple(const char *, void *)> sscanf_fn;
| ^
/usr/include/bcc/table_desc.h:36:64: error: template argument 1 is invalid
36 | typedef std::function<StatusTuple(char *, size_t, const void *)> snprintf_fn;
| ^
In file included from /usr/include/bcc/BPFTable.h:31,
from /usr/include/bcc/BPF.h:25,
from /home/wjc/work/stuffs/ProcMon-for-Linux/src/configuration/../tracer/ebpf/ebpf_tracer_engine.h:6,
from /home/wjc/work/stuffs/ProcMon-for-Linux/src/configuration/procmon_configuration.h:21,
from /home/wjc/work/stuffs/ProcMon-for-Linux/src/configuration/procmon_configuration.cpp:4:
/usr/include/bcc/bpf_module.h:86:3: error: ‘StatusTuple’ does not name a type
86 | StatusTuple sscanf(std::string fn_name, const char *str, void *val);
| ^~~~~~~~~~~
/usr/include/bcc/bpf_module.h:87:3: error: ‘StatusTuple’ does not name a type
87 | StatusTuple snprintf(std::string fn_name, char *str, size_t sz,
| ^~~~~~~~~~~
In file included from /usr/include/bcc/BPF.h:25,
from /home/wjc/work/stuffs/ProcMon-for-Linux/src/configuration/../tracer/ebpf/ebpf_tracer_engine.h:6,
from /home/wjc/work/stuffs/ProcMon-for-Linux/src/configuration/procmon_configuration.h:21,
from /home/wjc/work/stuffs/ProcMon-for-Linux/src/configuration/procmon_configuration.cpp:4:
/usr/include/bcc/BPFTable.h:44:3: error: ‘StatusTuple’ does not name a type
44 | StatusTuple string_to_key(const std::string& key_str, KeyType* key) {
| ^~~~~~~~~~~
/usr/include/bcc/BPFTable.h:48:3: error: ‘StatusTuple’ does not name a type
48 | StatusTuple string_to_leaf(const std::string& value_str, ValueType* value) {
| ^~~~~~~~~~~
/usr/include/bcc/BPFTable.h:52:3: error: ‘StatusTuple’ does not name a type
52 | StatusTuple key_to_string(const KeyType* key, std::string& key_str) {
| ^~~~~~~~~~~
/usr/include/bcc/BPFTable.h:60:3: error: ‘StatusTuple’ does not name a type
60 | StatusTuple leaf_to_string(const ValueType* value, std::string& value_str) {
| ^~~~~~~~~~~
/usr/include/bcc/BPFTable.h:100:3: error: ‘StatusTuple’ does not name a type
100 | StatusTuple get_value(const std::string& key_str, std::string& value);
| ^~~~~~~~~~~
/usr/include/bcc/BPFTable.h:101:3: error: ‘StatusTuple’ does not name a type
101 | StatusTuple get_value(const std::string& key_str,
| ^~~~~~~~~~~
/usr/include/bcc/BPFTable.h:104:3: error: ‘StatusTuple’ does not name a type
104 | StatusTuple update_value(const std::string& key_str,
| ^~~~~~~~~~~
/usr/include/bcc/BPFTable.h:106:3: error: ‘StatusTuple’ does not name a type
106 | StatusTuple update_value(const std::string& key_str,
| ^~~~~~~~~~~
/usr/include/bcc/BPFTable.h:109:3: error: ‘StatusTuple’ does not name a type
109 | StatusTuple remove_value(const std::string& key_str);
| ^~~~~~~~~~~
/usr/include/bcc/BPFTable.h:111:3: error: ‘StatusTuple’ does not name a type
111 | StatusTuple clear_table_non_atomic();
| ^~~~~~~~~~~
/usr/include/bcc/BPFTable.h:112:3: error: ‘StatusTuple’ does not name a type
112 | StatusTuple get_table_offline(std::vector<std::pair<std::string, std::string>> &res);
| ^~~~~~~~~~~
/usr/include/bcc/BPFTable.h:137:11: error: ‘StatusTuple’ does not name a type
137 | virtual StatusTuple get_value(const int& index, ValueType& value) {
| ^~~~~~~~~~~
/usr/include/bcc/BPFTable.h:143:11: error: ‘StatusTuple’ does not name a type
143 | virtual StatusTuple update_value(const int& index, const ValueType& value) {
| ^~~~~~~~~~~
/usr/include/bcc/BPFTable.h:182:3: error: ‘StatusTuple’ does not name a type
182 | StatusTuple get_value(const int& index, std::vector<ValueType>& value) {
| ^~~~~~~~~~~
/usr/include/bcc/BPFTable.h:187:3: error: ‘StatusTuple’ does not name a type
187 | StatusTuple update_value(const int& index,
| ^~~~~~~~~~~
/usr/include/bcc/BPFTable.h:211:11: error: ‘StatusTuple’ does not name a type
211 | virtual StatusTuple get_value(const KeyType& key, ValueType& value) {
| ^~~~~~~~~~~
/usr/include/bcc/BPFTable.h:217:11: error: ‘StatusTuple’ does not name a type
217 | virtual StatusTuple update_value(const KeyType& key, const ValueType& value) {
| ^~~~~~~~~~~
/usr/include/bcc/BPFTable.h:224:11: error: ‘StatusTuple’ does not name a type
224 | virtual StatusTuple remove_value(const KeyType& key) {
| ^~~~~~~~~~~
/usr/include/bcc/BPFTable.h:258:3: error: ‘StatusTuple’ does not name a type
258 | StatusTuple clear_table_non_atomic() {
| ^~~~~~~~~~~
/usr/include/bcc/BPFTable.h: In member function ‘std::vector<std::pair<_T1, _T2> > ebpf::BPFHashTable<KeyType, ValueType>::get_table_offline()’:
/usr/include/bcc/BPFTable.h:241:16: error: expected ‘;’ before ‘r’
241 | StatusTuple r(0);
| ^~
| ;
/usr/include/bcc/BPFTable.h:241:21: error: statement cannot resolve address of overloaded function
241 | StatusTuple r(0);
| ^
/usr/include/bcc/BPFTable.h:247:7: error: ‘r’ was not declared in this scope
247 | r = get_value(cur, value);
| ^
/usr/include/bcc/BPFTable.h: At global scope:
/usr/include/bcc/BPFTable.h:284:3: error: ‘StatusTuple’ does not name a type
284 | StatusTuple get_value(const KeyType& key, std::vector<ValueType>& value) {
| ^~~~~~~~~~~
/usr/include/bcc/BPFTable.h:289:3: error: ‘StatusTuple’ does not name a type
289 | StatusTuple update_value(const KeyType& key,
| ^~~~~~~~~~~
/usr/include/bcc/BPFTable.h:348:3: error: ‘StatusTuple’ does not name a type
348 | StatusTuple open_all_cpu(perf_reader_raw_cb cb, perf_reader_lost_cb lost_cb,
| ^~~~~~~~~~~
/usr/include/bcc/BPFTable.h:350:3: error: ‘StatusTuple’ does not name a type
350 | StatusTuple close_all_cpu();
| ^~~~~~~~~~~
/usr/include/bcc/BPFTable.h:354:3: error: ‘StatusTuple’ does not name a type
354 | StatusTuple open_on_cpu(perf_reader_raw_cb cb, perf_reader_lost_cb lost_cb,
| ^~~~~~~~~~~
/usr/include/bcc/BPFTable.h:356:3: error: ‘StatusTuple’ does not name a type
356 | StatusTuple close_on_cpu(int cpu);
| ^~~~~~~~~~~
/usr/include/bcc/BPFTable.h:369:3: error: ‘StatusTuple’ does not name a type
369 | StatusTuple open_all_cpu(uint32_t type, uint64_t config);
| ^~~~~~~~~~~
/usr/include/bcc/BPFTable.h:370:3: error: ‘StatusTuple’ does not name a type
370 | StatusTuple close_all_cpu();
| ^~~~~~~~~~~
/usr/include/bcc/BPFTable.h:373:3: error: ‘StatusTuple’ does not name a type
373 | StatusTuple open_on_cpu(int cpu, uint32_t type, uint64_t config);
| ^~~~~~~~~~~
/usr/include/bcc/BPFTable.h:374:3: error: ‘StatusTuple’ does not name a type
374 | StatusTuple close_on_cpu(int cpu);
| ^~~~~~~~~~~
/usr/include/bcc/BPFTable.h:383:3: error: ‘StatusTuple’ does not name a type
383 | StatusTuple update_value(const int& index, const int& prog_fd);
| ^~~~~~~~~~~
/usr/include/bcc/BPFTable.h:384:3: error: ‘StatusTuple’ does not name a type
384 | StatusTuple remove_value(const int& index);
| ^~~~~~~~~~~
/usr/include/bcc/BPFTable.h:391:3: error: ‘StatusTuple’ does not name a type
391 | StatusTuple update_value(const int& index, const int& cgroup2_fd);
| ^~~~~~~~~~~
/usr/include/bcc/BPFTable.h:392:3: error: ‘StatusTuple’ does not name a type
392 | StatusTuple update_value(const int& index, const std::string& cgroup2_path);
| ^~~~~~~~~~~
/usr/include/bcc/BPFTable.h:393:3: error: ‘StatusTuple’ does not name a type
393 | StatusTuple remove_value(const int& index);
| ^~~~~~~~~~~
/usr/include/bcc/BPFTable.h:400:3: error: ‘StatusTuple’ does not name a type
400 | StatusTuple update_value(const int& index, const int& value);
| ^~~~~~~~~~~
/usr/include/bcc/BPFTable.h:401:3: error: ‘StatusTuple’ does not name a type
401 | StatusTuple get_value(const int& index, int& value);
| ^~~~~~~~~~~
/usr/include/bcc/BPFTable.h:402:3: error: ‘StatusTuple’ does not name a type
402 | StatusTuple remove_value(const int& index);
| ^~~~~~~~~~~
/usr/include/bcc/BPFTable.h:409:3: error: ‘StatusTuple’ does not name a type
409 | StatusTuple update_value(const int& index, const int& value);
| ^~~~~~~~~~~
/usr/include/bcc/BPFTable.h:410:3: error: ‘StatusTuple’ does not name a type
410 | StatusTuple get_value(const int& index, int& value);
| ^~~~~~~~~~~
/usr/include/bcc/BPFTable.h:411:3: error: ‘StatusTuple’ does not name a type
411 | StatusTuple remove_value(const int& index);
| ^~~~~~~~~~~
/usr/include/bcc/BPFTable.h:418:3: error: ‘StatusTuple’ does not name a type
418 | StatusTuple update_value(const int& index, const int& inner_map_fd);
| ^~~~~~~~~~~
/usr/include/bcc/BPFTable.h:419:3: error: ‘StatusTuple’ does not name a type
419 | StatusTuple remove_value(const int& index);
| ^~~~~~~~~~~
/usr/include/bcc/BPFTable.h:426:3: error: ‘StatusTuple’ does not name a type
426 | StatusTuple update_value(const int& index, const int& value);
| ^~~~~~~~~~~
/usr/include/bcc/BPFTable.h:427:3: error: ‘StatusTuple’ does not name a type
427 | StatusTuple remove_value(const int& index);
| ^~~~~~~~~~~
/usr/include/bcc/BPFTable.h:434:3: error: ‘StatusTuple’ does not name a type
434 | StatusTuple update_value(const int& key, const int& value);
| ^~~~~~~~~~~
/usr/include/bcc/BPFTable.h:435:3: error: ‘StatusTuple’ does not name a type
435 | StatusTuple remove_value(const int& key);
| ^~~~~~~~~~~
/usr/include/bcc/BPFTable.h:447:11: error: ‘StatusTuple’ does not name a type
447 | virtual StatusTuple get_value(const int& sock_fd, ValueType& value) {
| ^~~~~~~~~~~
/usr/include/bcc/BPFTable.h:453:11: error: ‘StatusTuple’ does not name a type
453 | virtual StatusTuple update_value(const int& sock_fd, const ValueType& value) {
| ^~~~~~~~~~~
/usr/include/bcc/BPFTable.h:460:11: error: ‘StatusTuple’ does not name a type
460 | virtual StatusTuple remove_value(const int& sock_fd) {
| ^~~~~~~~~~~
/usr/include/bcc/BPFTable.h:476:11: error: ‘StatusTuple’ does not name a type
476 | virtual StatusTuple get_value(struct bpf_cgroup_storage_key& key,
| ^~~~~~~~~~~
/usr/include/bcc/BPFTable.h:484:11: error: ‘StatusTuple’ does not name a type
484 | virtual StatusTuple update_value(struct bpf_cgroup_storage_key& key, const ValueType& value) {
| ^~~~~~~~~~~
/usr/include/bcc/BPFTable.h:505:11: error: ‘StatusTuple’ does not name a type
505 | virtual StatusTuple get_value(struct bpf_cgroup_storage_key& key,
| ^~~~~~~~~~~
/usr/include/bcc/BPFTable.h:514:11: error: ‘StatusTuple’ does not name a type
514 | virtual StatusTuple update_value(struct bpf_cgroup_storage_key& key,
| ^~~~~~~~~~~
In file included from /home/wjc/work/stuffs/ProcMon-for-Linux/src/configuration/../tracer/ebpf/ebpf_tracer_engine.h:6,
from /home/wjc/work/stuffs/ProcMon-for-Linux/src/configuration/procmon_configuration.h:21,
from /home/wjc/work/stuffs/ProcMon-for-Linux/src/configuration/procmon_configuration.cpp:4:
/usr/include/bcc/BPF.h:57:3: error: ‘StatusTuple’ does not name a type
57 | StatusTuple init(const std::string& bpf_program,
| ^~~~~~~~~~~
/usr/include/bcc/BPF.h:58:63: error: expected unqualified-id before ‘,’ token
58 | const std::vector<std::string>& cflags = {},
| ^
/usr/include/bcc/BPF.h:59:54: error: expected unqualified-id before ‘)’ token
59 | const std::vector<USDT>& usdt = {});
| ^
/usr/include/bcc/BPF.h:61:3: error: ‘StatusTuple’ does not name a type
61 | StatusTuple init_usdt(const USDT& usdt);
| ^~~~~~~~~~~
/usr/include/bcc/BPF.h:64:3: error: ‘StatusTuple’ does not name a type
64 | StatusTuple detach_all();
| ^~~~~~~~~~~
/usr/include/bcc/BPF.h:66:3: error: ‘StatusTuple’ does not name a type
66 | StatusTuple attach_kprobe(const std::string& kernel_func,
| ^~~~~~~~~~~
/usr/include/bcc/BPF.h:71:3: error: ‘StatusTuple’ does not name a type
71 | StatusTuple detach_kprobe(
| ^~~~~~~~~~~
/usr/include/bcc/BPF.h:75:3: error: ‘StatusTuple’ does not name a type
75 | StatusTuple attach_uprobe(const std::string& binary_path,
| ^~~~~~~~~~~
/usr/include/bcc/BPF.h:82:3: error: ‘StatusTuple’ does not name a type
82 | StatusTuple detach_uprobe(const std::string& binary_path,
| ^~~~~~~~~~~
/usr/include/bcc/BPF.h:87:3: error: ‘StatusTuple’ does not name a type
87 | StatusTuple attach_usdt(const USDT& usdt, pid_t pid = -1);
| ^~~~~~~~~~~
/usr/include/bcc/BPF.h:88:3: error: ‘StatusTuple’ does not name a type
88 | StatusTuple attach_usdt_all();
| ^~~~~~~~~~~
/usr/include/bcc/BPF.h:89:3: error: ‘StatusTuple’ does not name a type
89 | StatusTuple detach_usdt(const USDT& usdt, pid_t pid = -1);
| ^~~~~~~~~~~
/usr/include/bcc/BPF.h:90:3: error: ‘StatusTuple’ does not name a type
90 | StatusTuple detach_usdt_all();
| ^~~~~~~~~~~
/usr/include/bcc/BPF.h:92:3: error: ‘StatusTuple’ does not name a type
92 | StatusTuple attach_tracepoint(const std::string& tracepoint,
| ^~~~~~~~~~~
/usr/include/bcc/BPF.h:94:3: error: ‘StatusTuple’ does not name a type
94 | StatusTuple detach_tracepoint(const std::string& tracepoint);
| ^~~~~~~~~~~
/usr/include/bcc/BPF.h:96:3: error: ‘StatusTuple’ does not name a type
96 | StatusTuple attach_raw_tracepoint(const std::string& tracepoint,
| ^~~~~~~~~~~
/usr/include/bcc/BPF.h:98:3: error: ‘StatusTuple’ does not name a type
98 | StatusTuple detach_raw_tracepoint(const std::string& tracepoint);
| ^~~~~~~~~~~
/usr/include/bcc/BPF.h:100:3: error: ‘StatusTuple’ does not name a type
100 | StatusTuple attach_perf_event(uint32_t ev_type, uint32_t ev_config,
| ^~~~~~~~~~~
/usr/include/bcc/BPF.h:105:3: error: ‘StatusTuple’ does not name a type
105 | StatusTuple attach_perf_event_raw(void* perf_event_attr,
| ^~~~~~~~~~~
/usr/include/bcc/BPF.h:110:3: error: ‘StatusTuple’ does not name a type
110 | StatusTuple detach_perf_event(uint32_t ev_type, uint32_t ev_config);
| ^~~~~~~~~~~
/usr/include/bcc/BPF.h:111:3: error: ‘StatusTuple’ does not name a type
111 | StatusTuple detach_perf_event_raw(void* perf_event_attr);
| ^~~~~~~~~~~
/usr/include/bcc/BPF.h:210:3: error: ‘StatusTuple’ does not name a type
210 | StatusTuple open_perf_event(const std::string& name, uint32_t type,
| ^~~~~~~~~~~
/usr/include/bcc/BPF.h:213:3: error: ‘StatusTuple’ does not name a type
213 | StatusTuple close_perf_event(const std::string& name);
| ^~~~~~~~~~~
/usr/include/bcc/BPF.h:218:3: error: ‘StatusTuple’ does not name a type
218 | StatusTuple open_perf_buffer(const std::string& name, perf_reader_raw_cb cb,
| ^~~~~~~~~~~
/usr/include/bcc/BPF.h:223:3: error: ‘StatusTuple’ does not name a type
223 | StatusTuple close_perf_buffer(const std::string& name);
| ^~~~~~~~~~~
/usr/include/bcc/BPF.h:235:3: error: ‘StatusTuple’ does not name a type
235 | StatusTuple load_func(const std::string& func_name, enum bpf_prog_type type,
| ^~~~~~~~~~~
/usr/include/bcc/BPF.h:237:3: error: ‘StatusTuple’ does not name a type
237 | StatusTuple unload_func(const std::string& func_name);
| ^~~~~~~~~~~
/usr/include/bcc/BPF.h:239:3: error: ‘StatusTuple’ does not name a type
239 | StatusTuple attach_func(int prog_fd, int attachable_fd,
| ^~~~~~~~~~~
/usr/include/bcc/BPF.h:242:3: error: ‘StatusTuple’ does not name a type
242 | StatusTuple detach_func(int prog_fd, int attachable_fd,
| ^~~~~~~~~~~
/usr/include/bcc/BPF.h:253:3: error: ‘StatusTuple’ does not name a type
253 | StatusTuple attach_usdt_without_validation(const USDT& usdt, pid_t pid);
| ^~~~~~~~~~~
/usr/include/bcc/BPF.h:254:3: error: ‘StatusTuple’ does not name a type
254 | StatusTuple detach_usdt_without_validation(const USDT& usdt, pid_t pid);
| ^~~~~~~~~~~
/usr/include/bcc/BPF.h:256:3: error: ‘StatusTuple’ does not name a type
256 | StatusTuple detach_kprobe_event(const std::string& event, open_probe_t& attr);
| ^~~~~~~~~~~
/usr/include/bcc/BPF.h:257:3: error: ‘StatusTuple’ does not name a type
257 | StatusTuple detach_uprobe_event(const std::string& event, open_probe_t& attr);
| ^~~~~~~~~~~
/usr/include/bcc/BPF.h:258:3: error: ‘StatusTuple’ does not name a type
258 | StatusTuple detach_tracepoint_event(const std::string& tracepoint,
| ^~~~~~~~~~~
/usr/include/bcc/BPF.h:260:3: error: ‘StatusTuple’ does not name a type
260 | StatusTuple detach_raw_tracepoint_event(const std::string& tracepoint,
| ^~~~~~~~~~~
/usr/include/bcc/BPF.h:262:3: error: ‘StatusTuple’ does not name a type
262 | StatusTuple detach_perf_event_all_cpu(open_probe_t& attr);
| ^~~~~~~~~~~
/usr/include/bcc/BPF.h:292:3: error: ‘StatusTuple’ does not name a type
292 | StatusTuple check_binary_symbol(const std::string& binary_path,
| ^~~~~~~~~~~
/usr/include/bcc/BPF.h:339:3: error: ‘StatusTuple’ does not name a type
339 | StatusTuple init();
| ^~~~~~~~~~~
make[2]: *** [src/configuration/CMakeFiles/configuration-static.dir/build.make:83: src/configuration/CMakeFiles/configuration-static.dir/procmon_configuration.cpp.o] Error 1
make[1]: *** [CMakeFiles/Makefile2:2561: src/configuration/CMakeFiles/configuration-static.dir/all] Error 2
make: *** [Makefile:183: all] Error 2
When running on ubuntu 18.04 the tool doesn't show any information. I can see the main screen, but number of event is stuck at 0, even after a few minutes spent running other apps etc.
Minimum requirements list just ubuntu 18.04 but on my Ubuntu 18.04 machine the tool shows no information and when I quit I get this message on the terminal:
HINT: bpf_get_stack missing (added in Linux 4.18).
My PC is actually running 4.15 that is the default kernel release for ubuntu 18.04:
# lsb_release -a
No LSB modules are available.
Distributor ID: Ubuntu
Description: Ubuntu 18.04.4 LTS
Release: 18.04
Codename: bionic
# uname -a
Linux valterP52S 4.15.0-111-generic #112-Ubuntu SMP Thu Jul 9 20:32:34 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux
Here's the full output from the tool:
# sudo procmon
bpf: Failed to load program: Invalid argument
0: (bf) r8 = r1
1: (b7) r9 = 0
2: (63) *(u32 *)(r10 -8) = r9
3: (18) r1 = 0xffff956918a24200
5: (bf) r2 = r10
6: (07) r2 += -8
7: (85) call bpf_map_lookup_elem#1
8: (55) if r0 != 0x0 goto pc+1
R0=inv0 R8=ctx(id=0,off=0,imm=0) R9=inv0 R10=fp0
9: (05) goto pc+6
16: (85) call bpf_get_current_pid_tgid#14
17: (bf) r7 = r0
18: (7b) *(u64 *)(r10 -16) = r7
19: (b7) r1 = 0
20: (63) *(u32 *)(r10 -8) = r1
21: (18) r1 = 0xffff956856ac7000
23: (bf) r2 = r10
24: (07) r2 += -8
25: (85) call bpf_map_lookup_elem#1
26: (55) if r0 != 0x0 goto pc+1
R0=inv0 R7=inv(id=0) R8=ctx(id=0,off=0,imm=0) R9=inv0 R10=fp0
27: (05) goto pc+164
192: (79) r1 = *(u64 *)(r8 +8)
193: (63) *(u32 *)(r10 -20) = r1
194: (18) r1 = 0xffff956856ac5a00
196: (bf) r2 = r10
197: (07) r2 += -20
198: (85) call bpf_map_lookup_elem#1
199: (18) r9 = 0xffffffff
201: (15) if r0 == 0x0 goto pc+101
R0=map_value(id=0,off=0,ks=4,vs=728,imm=0) R7=inv(id=0) R8=ctx(id=0,off=0,imm=0) R9=inv4294967295 R10=fp0
202: (7b) *(u64 *)(r10 -32) = r0
203: (b7) r1 = 0
204: (63) *(u32 *)(r10 -24) = r1
205: (18) r1 = 0xffff956918a24800
207: (bf) r2 = r10
208: (07) r2 += -24
209: (85) call bpf_map_lookup_elem#1
210: (bf) r7 = r0
211: (18) r9 = 0xffffffff
213: (15) if r7 == 0x0 goto pc+89
R0=map_value(id=0,off=0,ks=4,vs=704,imm=0) R7=map_value(id=0,off=0,ks=4,vs=704,imm=0) R8=ctx(id=0,off=0,imm=0) R9=inv4294967295 R10=fp0 fp-32=map_value
214: (79) r1 = *(u64 *)(r10 -16)
215: (63) *(u32 *)(r7 +0) = r1
R0=map_value(id=0,off=0,ks=4,vs=704,imm=0) R1=inv(id=0) R7=map_value(id=0,off=0,ks=4,vs=704,imm=0) R8=ctx(id=0,off=0,imm=0) R9=inv4294967295 R10=fp0 fp-32=map_value
216: (61) r1 = *(u32 *)(r10 -20)
217: (63) *(u32 *)(r7 +4) = r1
R0=map_value(id=0,off=0,ks=4,vs=704,imm=0) R1=inv(id=0,umax_value=4294967295,var_off=(0x0; 0xffffffff)) R7=map_value(id=0,off=0,ks=4,vs=704,imm=0) R8=ctx(id=0,off=0,imm=0) R9=inv4294967295 R10=fp0 fp-32=map_value
218: (bf) r2 = r7
219: (07) r2 += 24
220: (bf) r1 = r8
221: (b7) r3 = 256
222: (b7) r4 = 256
223: (85) call unknown#67
invalid func unknown#67
HINT: bpf_get_stack missing (added in Linux 4.18).
Would be nice to be able to grep the output.
Adding a -o/--output option with different output formats (json, jsonc, none, table, tsv, yaml, yamlc) would be best.
procmon -f procmon_2020-07-23_01\:54\:51.db -o tsv | grep ssh
some distros already packaging clang 10 (checked fedora and arch) no longer
ship all the individual libclang*.so component libraries.
Instead, clang from 9.0 onwards provides a new lib, libclang-cpp.so, which
includes everything we need.
ref commit: iovisor/bcc@1599c2e#diff-af3b638bc2a3e6c650974192a53c7291
any chance to see and opensourced win version either ?
Would it be possible to use ProcMon, even if just a limited subset of features, without requiring sudo?
See title. Manually setting up the repo and trying to install on 20.04 results in:
# apt install procmon
Reading package lists... Done
Building dependency tree
Reading state information... Done
E: Unable to locate package procmon
This regex in src/tracer/ebpf/syscall_schema.h has exponential complexity due to the double + signs:
std::regex argFieldTypeName("(field:)([a-zA-Z0-9_\\s\\*]+)+(;)");
This caused ProcMon to hang on startup on my machine. The solution should be to remove the second +.
At first start error.
Ubuntu 18.04.4 LTS
Linux debian 4.15.0-111-generic
bpf: Failed to load program: Invalid argument
0: (bf) r8 = r1
1: (b7) r9 = 0
2: (63) *(u32 *)(r10 -8) = r9
3: (18) r1 = 0xffff970338795d00
5: (bf) r2 = r10
6: (07) r2 += -8
7: (85) call bpf_map_lookup_elem#1
8: (55) if r0 != 0x0 goto pc+1
R0=inv0 R8=ctx(id=0,off=0,imm=0) R9=inv0 R10=fp0
9: (05) goto pc+6
16: (85) call bpf_get_current_pid_tgid#14
17: (bf) r7 = r0
18: (7b) *(u64 *)(r10 -16) = r7
19: (b7) r1 = 0
20: (63) *(u32 *)(r10 -8) = r1
21: (18) r1 = 0xffff9700c8f1c800
23: (bf) r2 = r10
24: (07) r2 += -8
25: (85) call bpf_map_lookup_elem#1
26: (55) if r0 != 0x0 goto pc+1
R0=inv0 R7=inv(id=0) R8=ctx(id=0,off=0,imm=0) R9=inv0 R10=fp0
27: (05) goto pc+164
192: (79) r1 = *(u64 *)(r8 +8)
193: (63) *(u32 *)(r10 -20) = r1
194: (18) r1 = 0xffff9700c8f1f800
196: (bf) r2 = r10
197: (07) r2 += -20
198: (85) call bpf_map_lookup_elem#1
199: (18) r9 = 0xffffffff
201: (15) if r0 == 0x0 goto pc+101
R0=map_value(id=0,off=0,ks=4,vs=728,imm=0) R7=inv(id=0) R8=ctx(id=0,off=0,imm=0) R9=inv4294967295 R10=fp0
202: (7b) *(u64 *)(r10 -32) = r0
203: (b7) r1 = 0
204: (63) *(u32 *)(r10 -24) = r1
205: (18) r1 = 0xffff970338794a00
207: (bf) r2 = r10
208: (07) r2 += -24
209: (85) call bpf_map_lookup_elem#1
210: (bf) r7 = r0
211: (18) r9 = 0xffffffff
213: (15) if r7 == 0x0 goto pc+89
R0=map_value(id=0,off=0,ks=4,vs=704,imm=0) R7=map_value(id=0,off=0,ks=4,vs=704,imm=0) R8=ctx(id=0,off=0,imm=0) R9=inv4294967295 R10=fp0 fp-32=map_value
214: (79) r1 = *(u64 *)(r10 -16)
215: (63) *(u32 *)(r7 +0) = r1
R0=map_value(id=0,off=0,ks=4,vs=704,imm=0) R1=inv(id=0) R7=map_value(id=0,off=0,ks=4,vs=704,imm=0) R8=ctx(id=0,off=0,imm=0) R9=inv4294967295 R10=fp0 fp-32=map_value
216: (61) r1 = *(u32 *)(r10 -20)
217: (63) *(u32 *)(r7 +4) = r1
R0=map_value(id=0,off=0,ks=4,vs=704,imm=0) R1=inv(id=0,umax_value=4294967295,var_off=(0x0; 0xffffffff)) R7=map_value(id=0,off=0,ks=4,vs=704,imm=0) R8=ctx(id=0,off=0,imm=0) R9=inv4294967295 R10=fp0 fp-32=map_value
218: (bf) r2 = r7
219: (07) r2 += 24
220: (bf) r1 = r8
221: (b7) r3 = 256
222: (b7) r4 = 256
223: (85) call unknown#67
invalid func unknown#67
HINT: bpf_get_stack missing (added in Linux 4.18).
root@debian:/home/user# procmon -p 10,20
bpf: Failed to load program: Invalid argument
0: (bf) r8 = r1
1: (b7) r9 = 0
2: (63) *(u32 *)(r10 -8) = r9
3: (18) r1 = 0xffff970316a0cd00
5: (bf) r2 = r10
6: (07) r2 += -8
7: (85) call bpf_map_lookup_elem#1
8: (55) if r0 != 0x0 goto pc+1
R0=inv0 R8=ctx(id=0,off=0,imm=0) R9=inv0 R10=fp0
9: (05) goto pc+6
16: (85) call bpf_get_current_pid_tgid#14
17: (bf) r7 = r0
18: (7b) *(u64 *)(r10 -16) = r7
19: (b7) r1 = 0
20: (63) *(u32 *)(r10 -8) = r1
21: (18) r1 = 0xffff970338a38400
23: (bf) r2 = r10
24: (07) r2 += -8
25: (85) call bpf_map_lookup_elem#1
26: (55) if r0 != 0x0 goto pc+1
R0=inv0 R7=inv(id=0) R8=ctx(id=0,off=0,imm=0) R9=inv0 R10=fp0
27: (05) goto pc+164
192: (79) r1 = *(u64 *)(r8 +8)
193: (63) *(u32 *)(r10 -20) = r1
194: (18) r1 = 0xffff970338a3a000
196: (bf) r2 = r10
197: (07) r2 += -20
198: (85) call bpf_map_lookup_elem#1
199: (18) r9 = 0xffffffff
201: (15) if r0 == 0x0 goto pc+101
R0=map_value(id=0,off=0,ks=4,vs=728,imm=0) R7=inv(id=0) R8=ctx(id=0,off=0,imm=0) R9=inv4294967295 R10=fp0
202: (7b) *(u64 *)(r10 -32) = r0
203: (b7) r1 = 0
204: (63) *(u32 *)(r10 -24) = r1
205: (18) r1 = 0xffff970316a0db00
207: (bf) r2 = r10
208: (07) r2 += -24
209: (85) call bpf_map_lookup_elem#1
210: (bf) r7 = r0
211: (18) r9 = 0xffffffff
213: (15) if r7 == 0x0 goto pc+89
R0=map_value(id=0,off=0,ks=4,vs=704,imm=0) R7=map_value(id=0,off=0,ks=4,vs=704,imm=0) R8=ctx(id=0,off=0,imm=0) R9=inv4294967295 R10=fp0 fp-32=map_value
214: (79) r1 = *(u64 *)(r10 -16)
215: (63) *(u32 *)(r7 +0) = r1
R0=map_value(id=0,off=0,ks=4,vs=704,imm=0) R1=inv(id=0) R7=map_value(id=0,off=0,ks=4,vs=704,imm=0) R8=ctx(id=0,off=0,imm=0) R9=inv4294967295 R10=fp0 fp-32=map_value
216: (61) r1 = *(u32 *)(r10 -20)
217: (63) *(u32 *)(r7 +4) = r1
R0=map_value(id=0,off=0,ks=4,vs=704,imm=0) R1=inv(id=0,umax_value=4294967295,var_off=(0x0; 0xffffffff)) R7=map_value(id=0,off=0,ks=4,vs=704,imm=0) R8=ctx(id=0,off=0,imm=0) R9=inv4294967295 R10=fp0 fp-32=map_value
218: (bf) r2 = r7
219: (07) r2 += 24
220: (bf) r1 = r8
221: (b7) r3 = 256
222: (b7) r4 = 256
223: (85) call unknown#67
invalid func unknown#67
HINT: bpf_get_stack missing (added in Linux 4.18).
The build breaks completely, possibly due to some bcc incompatibilities.
First step
mkdir build
cd build
cmake ..
make
ended with errors
ProcMon-for-Linux/src/configuration/../tracer/ebpf/ebpf_tracer_engine.h:6:10: fatal error: bcc/BPF.h: No such file or directory
6 | #include <bcc/BPF.h>
| ^~~~~~~~~~~
Then I install libbpfcc-dev which provides this file. Now compilation fails at the loading stae:
[ 96%] Linking CXX executable procmon
/usr/bin/ld: /usr/bin/ld: DWARF error: could not find variable specification at offset 999e
/usr/bin/ld: DWARF error: could not find variable specification at offset 9a1a
.... many of these DWARF errors ...
src/tracer/libtracer-static.a(ebpf_tracer_engine.cpp.o): in function `ebpf::BPF::BPF(unsigned int, ebpf::TableStorage*, bool, std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> > const&, bool)':
/usr/include/bcc/BPF.h:56: undefined reference to `ebpf::BPFModule::BPFModule(unsigned int, ebpf::TableStorage*, bool, std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> > const&, bool, char const*)'
collect2: error: ld returned 1 exit status
Furthermore, the provided .deb file does not work due to missing and unavailable libraries (panel and ncurses.so.5).
Syscall numbers vary between different architectures, so tables like this won't be portable for arches other than x86_64.
These tables can be built by running a script like this during build time:
echo "#include <sys/syscall.h>" | \
cpp -dM | \
grep '^#define __NR_' | \
sed -r -n -e 's/^\#define[ \t]+__NR_([a-z0-9_]+)[ \t]+([0-9]+)(.*)/ [\2] = "\1",/p'Which will produce something like:
[247] = "waitid",
[75] = "fdatasync",
[245] = "mq_getsetattr",
[204] = "sched_getaffinity",
[42] = "connect",
[281] = "epoll_pwait",
[175] = "init_module",
[176] = "delete_module",
[258] = "mkdirat",
[130] = "rt_sigsuspend",
[257] = "openat",
(...)
(It can be easily tweaked to produce the inverted table, too.)
Calling cpp directly might not be the best thing to do, however, especially if you want to prepare this for cross-compilation. Should be possible to perform this pipeline mostly in CMake, though.
Host system is KDE neon 5.19 which is based on Ubuntu 18.04.4.
Running procmon with no arguments results in procman running but constantly consuming memory until there is none left.
Steps to repo:
sudo procmonThe number of "Total Events:" never stops increasing which makes me wonder if there's some sort of recursion or loop that is incorrectly calculating the number of events.
line 17 checks the effective uid, signalling it's ok to come from a set user id root environment. However, right under it there's a call to system(), which clearly signals this code has no business being used in such an environment.
On NixOS when running cmake there is no network access. I did not find a way to download the files before, and then give cmake a path to the downloaded files, to make it work under NixOS.
../src/display/event_formatter.cpp:144:30: error: variable-sized object may not be initialized
uint8_t buff[size] = {};
^~~~
../src/display/event_formatter.cpp:158:30: error: variable-sized object may not be initialized
uint8_t buff[size] = {};
^~~~
../src/display/event_formatter.cpp:175:23: error: variable-sized object may not be initialized
char buff[size] = {};
^~~~
The compiler is clang 12.0.0.
On the main page :
https://github.com/microsoft/ProcMon-for-Linux/
sudo apt-get -y install bison build-essential flex git libedit-dev
libllvm6.0 llvm-6.0-dev libclang-6.0-dev python zlib1g-dev libelf-dev
could also reference 'cmake'
I found that FetchContent_MakeAvailable isn't available on cmake 3.13.0 when I tried to make this project.
..
-- Latest recognized Git tag is -128-NOTFOUND
-- Git HEAD is ad86920331dda3315538ab0ee30fb24727aff82d
-- Revision is 128-NOTFOUND-ad869203
-- Found LLVM: /usr/lib/llvm-6.0/include 6.0.0
-- Using static-libstdc++
-- Found LuaJIT: /usr/lib/x86_64-linux-gnu/libluajit-5.1.a;/usr/lib/x86_64-linux-gnu/libdl.so;/usr/lib/x86_64-linux-gnu/libm.so
CMake Error at CMakeLists.txt:49 (FetchContent_MakeAvailable):
Unknown CMake command "FetchContent_MakeAvailable".
-- Configuring incomplete, errors occurred!
See also "/home/parallels/Procmon-for-Linux/build/CMakeFiles/CMakeOutput.log".
That command was introduced on cmake 3.14 according to its release note.
https://cmake.org/cmake/help/v3.14/release/3.14.html#modules
https://github.com/fmtlib/fmt :
{fmt} is an open-source formatting library for C++. It can be used as a safe and fast alternative to (s)printf and iostreams. This project makes considerable use of iostreams, therefore it's highly likely to hugely benefit from the addition of this library. To see example usage, take a look at the Windows Terminal repo.
In steps 2 & 3, the make fails because FlexLexer.h is missing.
There's a type mismatch here. On x64 platforms, where pointer size is greater than unsigned long, this will cause additional 4 bytes to be written after val on heap.
This should instead be:
int size = sizeof(unsigned long);
Best regards,
basically the tool does not work and the compile time is 17 minutes
-_- what a dissappointing time waste
stopping now [-ferror-limit=]
20 errors generated.
On Raspbian GNU/Linux 10 (buster) near the end of making bcc I get this message:
[ 95%] Building CXX object tests/cc/CMakeFiles/test_libbcc.dir/test_usdt_args.cc.o In file included from /home/pi/bcc/tests/cc/test_usdt_args.cc:19: /home/pi/bcc/tests/cc/test_usdt_args.cc: In function 'void ____C_A_T_C_H____T_E_S_T____55()': /home/pi/bcc/tests/cc/test_usdt_args.cc:67:14: error: 'parser' was not declared in this scope REQUIRE(!parser.parse(&arg));
After installing from
https://packages.microsoft.com/config/ubuntu/18.04/packages-microsoft-prod.deb
Running on wsl2 18.04 I get the following error;
~$ sudo procmon
terminate called after throwing an instance of 'std::experimental::filesystem::v1::__cxx11::filesystem_error'
what(): filesystem error: directory iterator cannot open directory: No such file or directory [/sys/kernel/debug/tracing/events/syscalls]
Aborted
Package ProcMon and make it available in the Debian package repositories.
I have installed the Debian package, but nothing is displayed and on the console I have:
In file included from /virtual/main.c:21:
In file included from include/linux/dcache.h:7:
In file included from include/linux/rculist.h:11:
In file included from include/linux/rcupdate.h:26:
In file included from include/linux/irqflags.h:16:
In file included from ./arch/x86/include/asm/irqflags.h:9:
In file included from ./arch/x86/include/asm/nospec-branch.h:314:
./arch/x86/include/asm/segment.h:266:2: error: expected '(' after 'asm'
alternative_io ("lsl %[seg],%[p]",
^
./arch/x86/include/asm/alternative.h:240:2: note: expanded from macro 'alternative_io'
asm_inline volatile (ALTERNATIVE(oldinstr, newinstr, feature) \
^
include/linux/compiler_types.h:210:24: note: expanded from macro 'asm_inline'
#define asm_inline asm __inline
^
In file included from /virtual/main.c:21:
In file included from include/linux/dcache.h:7:
In file included from include/linux/rculist.h:11:
In file included from include/linux/rcupdate.h:27:
In file included from include/linux/preempt.h:78:
In file included from ./arch/x86/include/asm/preempt.h:7:
In file included from include/linux/thread_info.h:38:
In file included from ./arch/x86/include/asm/thread_info.h:12:
In file included from ./arch/x86/include/asm/page.h:12:
./arch/x86/include/asm/page_64.h:49:2: error: expected '(' after 'asm'
alternative_call_2(clear_page_orig,
^
./arch/x86/include/asm/alternative.h:256:2: note: expanded from macro 'alternative_call_2'
asm_inline volatile (ALTERNATIVE_2("call %P[old]", "call %P[new1]", feature1,\
^
include/linux/compiler_types.h:210:24: note: expanded from macro 'asm_inline'
#define asm_inline asm __inline
^
In file included from /virtual/main.c:21:
In file included from include/linux/dcache.h:7:
In file included from include/linux/rculist.h:11:
In file included from include/linux/rcupdate.h:27:
In file included from include/linux/preempt.h:78:
In file included from ./arch/x86/include/asm/preempt.h:7:
In file included from include/linux/thread_info.h:38:
In file included from ./arch/x86/include/asm/thread_info.h:53:
In file included from ./arch/x86/include/asm/cpufeature.h:5:
In file included from ./arch/x86/include/asm/processor.h:24:
./arch/x86/include/asm/special_insns.h:205:2: error: expected '(' after 'asm'
alternative_io(".byte " __stringify(NOP_DS_PREFIX) "; clflush %P0",
^
./arch/x86/include/asm/alternative.h:240:2: note: expanded from macro 'alternative_io'
asm_inline volatile (ALTERNATIVE(oldinstr, newinstr, feature) \
^
include/linux/compiler_types.h:210:24: note: expanded from macro 'asm_inline'
#define asm_inline asm __inline
^
In file included from /virtual/main.c:21:
In file included from include/linux/dcache.h:7:
In file included from include/linux/rculist.h:11:
In file included from include/linux/rcupdate.h:27:
In file included from include/linux/preempt.h:78:
In file included from ./arch/x86/include/asm/preempt.h:7:
In file included from include/linux/thread_info.h:38:
In file included from ./arch/x86/include/asm/thread_info.h:53:
In file included from ./arch/x86/include/asm/cpufeature.h:5:
./arch/x86/include/asm/processor.h:795:2: error: expected '(' after 'asm'
alternative_input(BASE_PREFETCH, "prefetchnta %P1",
^
./arch/x86/include/asm/alternative.h:221:2: note: expanded from macro 'alternative_input'
asm_inline volatile (ALTERNATIVE(oldinstr, newinstr, feature) \
^
include/linux/compiler_types.h:210:24: note: expanded from macro 'asm_inline'
#define asm_inline asm __inline
^
In file included from /virtual/main.c:21:
In file included from include/linux/dcache.h:7:
In file included from include/linux/rculist.h:11:
In file included from include/linux/rcupdate.h:27:
In file included from include/linux/preempt.h:78:
In file included from ./arch/x86/include/asm/preempt.h:7:
In file included from include/linux/thread_info.h:38:
In file included from ./arch/x86/include/asm/thread_info.h:53:
In file included from ./arch/x86/include/asm/cpufeature.h:5:
./arch/x86/include/asm/processor.h:807:2: error: expected '(' after 'asm'
alternative_input(BASE_PREFETCH, "prefetchw %P1",
^
./arch/x86/include/asm/alternative.h:221:2: note: expanded from macro 'alternative_input'
asm_inline volatile (ALTERNATIVE(oldinstr, newinstr, feature) \
^
include/linux/compiler_types.h:210:24: note: expanded from macro 'asm_inline'
#define asm_inline asm __inline
^
In file included from /virtual/main.c:21:
In file included from include/linux/dcache.h:7:
In file included from include/linux/rculist.h:11:
In file included from include/linux/rcupdate.h:27:
In file included from include/linux/preempt.h:78:
In file included from ./arch/x86/include/asm/preempt.h:7:
include/linux/thread_info.h:134:2: error: expected '(' after 'asm'
WARN(1, "Buffer overflow detected (%d < %lu)!\n", size, count);
^
include/asm-generic/bug.h:124:3: note: expanded from macro 'WARN'
__WARN_printf(TAINT_WARN, format); \
^
include/asm-generic/bug.h:93:3: note: expanded from macro '__WARN_printf'
__WARN_FLAGS(BUGFLAG_NO_CUT_HERE | BUGFLAG_TAINT(taint));\
^
./arch/x86/include/asm/bug.h:79:2: note: expanded from macro '__WARN_FLAGS'
_BUG_FLAGS(ASM_UD2, BUGFLAG_WARNING|(flags)); \
^
./arch/x86/include/asm/bug.h:35:2: note: expanded from macro '_BUG_FLAGS'
asm_inline volatile("1:\t" ins "\n" \
^
include/linux/compiler_types.h:210:24: note: expanded from macro 'asm_inline'
#define asm_inline asm __inline
^
In file included from /virtual/main.c:21:
In file included from include/linux/dcache.h:7:
In file included from include/linux/rculist.h:11:
In file included from include/linux/rcupdate.h:27:
In file included from include/linux/preempt.h:78:
In file included from ./arch/x86/include/asm/preempt.h:7:
include/linux/thread_info.h:150:6: error: expected '(' after 'asm'
if (WARN_ON_ONCE(bytes > INT_MAX))
^
include/asm-generic/bug.h:98:3: note: expanded from macro 'WARN_ON_ONCE'
__WARN_FLAGS(BUGFLAG_ONCE | \
^
./arch/x86/include/asm/bug.h:79:2: note: expanded from macro '__WARN_FLAGS'
_BUG_FLAGS(ASM_UD2, BUGFLAG_WARNING|(flags)); \
^
./arch/x86/include/asm/bug.h:35:2: note: expanded from macro '_BUG_FLAGS'
asm_inline volatile("1:\t" ins "\n" \
^
include/linux/compiler_types.h:210:24: note: expanded from macro 'asm_inline'
#define asm_inline asm __inline
^
In file included from /virtual/main.c:21:
In file included from include/linux/dcache.h:7:
In file included from include/linux/rculist.h:11:
include/linux/rcupdate.h:893:2: error: expected '(' after 'asm'
WARN_ON_ONCE(func != (rcu_callback_t)~0L);
^
include/asm-generic/bug.h:98:3: note: expanded from macro 'WARN_ON_ONCE'
__WARN_FLAGS(BUGFLAG_ONCE | \
^
./arch/x86/include/asm/bug.h:79:2: note: expanded from macro '__WARN_FLAGS'
_BUG_FLAGS(ASM_UD2, BUGFLAG_WARNING|(flags)); \
^
./arch/x86/include/asm/bug.h:35:2: note: expanded from macro '_BUG_FLAGS'
asm_inline volatile("1:\t" ins "\n" \
^
include/linux/compiler_types.h:210:24: note: expanded from macro 'asm_inline'
#define asm_inline asm __inline
^
In file included from /virtual/main.c:23:
In file included from include/linux/fdtable.h:16:
In file included from include/linux/fs.h:15:
In file included from include/linux/radix-tree.h:18:
In file included from include/linux/xarray.h:14:
In file included from include/linux/gfp.h:6:
In file included from include/linux/mmzone.h:21:
In file included from include/linux/mm_types.h:14:
In file included from include/linux/uprobes.h:49:
In file included from ./arch/x86/include/asm/uprobes.h:13:
In file included from include/linux/notifier.h:16:
In file included from include/linux/srcu.h:21:
In file included from include/linux/workqueue.h:9:
In file included from include/linux/timer.h:6:
include/linux/ktime.h:171:2: error: expected '(' after 'asm'
WARN_ON(div < 0);
^
include/asm-generic/bug.h:115:3: note: expanded from macro 'WARN_ON'
__WARN(); \
^
include/asm-generic/bug.h:90:19: note: expanded from macro '__WARN'
#define __WARN() __WARN_FLAGS(BUGFLAG_TAINT(TAINT_WARN))
^
./arch/x86/include/asm/bug.h:79:2: note: expanded from macro '__WARN_FLAGS'
_BUG_FLAGS(ASM_UD2, BUGFLAG_WARNING|(flags)); \
^
./arch/x86/include/asm/bug.h:35:2: note: expanded from macro '_BUG_FLAGS'
asm_inline volatile("1:\t" ins "\n" \
^
include/linux/compiler_types.h:210:24: note: expanded from macro 'asm_inline'
#define asm_inline asm __inline
^
In file included from /virtual/main.c:23:
In file included from include/linux/fdtable.h:16:
In file included from include/linux/fs.h:15:
In file included from include/linux/radix-tree.h:18:
In file included from include/linux/xarray.h:14:
In file included from include/linux/gfp.h:6:
In file included from include/linux/mmzone.h:21:
In file included from include/linux/mm_types.h:14:
In file included from include/linux/uprobes.h:49:
In file included from ./arch/x86/include/asm/uprobes.h:13:
In file included from include/linux/notifier.h:16:
include/linux/srcu.h:179:2: error: expected '(' after 'asm'
WARN_ON_ONCE(idx & ~0x1);
^
include/asm-generic/bug.h:98:3: note: expanded from macro 'WARN_ON_ONCE'
__WARN_FLAGS(BUGFLAG_ONCE | \
^
./arch/x86/include/asm/bug.h:79:2: note: expanded from macro '__WARN_FLAGS'
_BUG_FLAGS(ASM_UD2, BUGFLAG_WARNING|(flags)); \
^
./arch/x86/include/asm/bug.h:35:2: note: expanded from macro '_BUG_FLAGS'
asm_inline volatile("1:\t" ins "\n" \
^
include/linux/compiler_types.h:210:24: note: expanded from macro 'asm_inline'
#define asm_inline asm __inline
^
In file included from /virtual/main.c:23:
In file included from include/linux/fdtable.h:16:
In file included from include/linux/fs.h:15:
In file included from include/linux/radix-tree.h:18:
In file included from include/linux/xarray.h:14:
In file included from include/linux/gfp.h:6:
In file included from include/linux/mmzone.h:22:
include/linux/page-flags.h:565:2: error: expected '(' after 'asm'
BUG_ON(!PageHead(page));
^
include/asm-generic/bug.h:62:57: note: expanded from macro 'BUG_ON'
#define BUG_ON(condition) do { if (unlikely(condition)) BUG(); } while (0)
^
./arch/x86/include/asm/bug.h:73:2: note: expanded from macro 'BUG'
_BUG_FLAGS(ASM_UD2, 0); \
^
./arch/x86/include/asm/bug.h:35:2: note: expanded from macro '_BUG_FLAGS'
asm_inline volatile("1:\t" ins "\n" \
^
include/linux/compiler_types.h:210:24: note: expanded from macro 'asm_inline'
#define asm_inline asm __inline
^
In file included from /virtual/main.c:23:
In file included from include/linux/fdtable.h:16:
In file included from include/linux/fs.h:15:
In file included from include/linux/radix-tree.h:18:
In file included from include/linux/xarray.h:14:
In file included from include/linux/gfp.h:6:
In file included from include/linux/mmzone.h:971:
In file included from ./arch/x86/include/asm/mmzone.h:5:
In file included from ./arch/x86/include/asm/mmzone_64.h:11:
In file included from ./arch/x86/include/asm/smp.h:13:
In file included from ./arch/x86/include/asm/apic.h:11:
In file included from ./arch/x86/include/asm/fixmap.h:190:
include/asm-generic/fixmap.h:38:2: error: expected '(' after 'asm'
BUG_ON(vaddr >= FIXADDR_TOP || vaddr < FIXADDR_START);
^
include/asm-generic/bug.h:62:57: note: expanded from macro 'BUG_ON'
#define BUG_ON(condition) do { if (unlikely(condition)) BUG(); } while (0)
^
./arch/x86/include/asm/bug.h:73:2: note: expanded from macro 'BUG'
_BUG_FLAGS(ASM_UD2, 0); \
^
./arch/x86/include/asm/bug.h:35:2: note: expanded from macro '_BUG_FLAGS'
asm_inline volatile("1:\t" ins "\n" \
^
include/linux/compiler_types.h:210:24: note: expanded from macro 'asm_inline'
#define asm_inline asm __inline
^
In file included from /virtual/main.c:23:
In file included from include/linux/fdtable.h:16:
In file included from include/linux/fs.h:15:
In file included from include/linux/radix-tree.h:18:
In file included from include/linux/xarray.h:14:
In file included from include/linux/gfp.h:6:
In file included from include/linux/mmzone.h:971:
In file included from ./arch/x86/include/asm/mmzone.h:5:
In file included from ./arch/x86/include/asm/mmzone_64.h:11:
In file included from ./arch/x86/include/asm/smp.h:13:
./arch/x86/include/asm/apic.h:107:2: error: expected '(' after 'asm'
alternative_io("movl %0, %P1", "xchgl %0, %P1", X86_BUG_11AP,
^
./arch/x86/include/asm/alternative.h:240:2: note: expanded from macro 'alternative_io'
asm_inline volatile (ALTERNATIVE(oldinstr, newinstr, feature) \
^
include/linux/compiler_types.h:210:24: note: expanded from macro 'asm_inline'
#define asm_inline asm __inline
^
In file included from /virtual/main.c:23:
In file included from include/linux/fdtable.h:16:
In file included from include/linux/fs.h:15:
In file included from include/linux/radix-tree.h:18:
include/linux/xarray.h:54:2: error: expected '(' after 'asm'
WARN_ON((long)v < 0);
^
include/asm-generic/bug.h:115:3: note: expanded from macro 'WARN_ON'
__WARN(); \
^
include/asm-generic/bug.h:90:19: note: expanded from macro '__WARN'
#define __WARN() __WARN_FLAGS(BUGFLAG_TAINT(TAINT_WARN))
^
./arch/x86/include/asm/bug.h:79:2: note: expanded from macro '__WARN_FLAGS'
_BUG_FLAGS(ASM_UD2, BUGFLAG_WARNING|(flags)); \
^
./arch/x86/include/asm/bug.h:35:2: note: expanded from macro '_BUG_FLAGS'
asm_inline volatile("1:\t" ins "\n" \
^
include/linux/compiler_types.h:210:24: note: expanded from macro 'asm_inline'
#define asm_inline asm __inline
^
In file included from /virtual/main.c:23:
In file included from include/linux/fdtable.h:16:
In file included from include/linux/fs.h:39:
In file included from include/linux/ioprio.h:7:
include/linux/iocontext.h:132:2: error: expected '(' after 'asm'
WARN_ON_ONCE(atomic_long_read(&ioc->refcount) <= 0);
^
include/asm-generic/bug.h:98:3: note: expanded from macro 'WARN_ON_ONCE'
__WARN_FLAGS(BUGFLAG_ONCE | \
^
./arch/x86/include/asm/bug.h:79:2: note: expanded from macro '__WARN_FLAGS'
_BUG_FLAGS(ASM_UD2, BUGFLAG_WARNING|(flags)); \
^
./arch/x86/include/asm/bug.h:35:2: note: expanded from macro '_BUG_FLAGS'
asm_inline volatile("1:\t" ins "\n" \
^
include/linux/compiler_types.h:210:24: note: expanded from macro 'asm_inline'
#define asm_inline asm __inline
^
In file included from /virtual/main.c:23:
In file included from include/linux/fdtable.h:16:
In file included from include/linux/fs.h:39:
In file included from include/linux/ioprio.h:7:
include/linux/iocontext.h:133:2: error: expected '(' after 'asm'
WARN_ON_ONCE(atomic_read(&ioc->active_ref) <= 0);
^
include/asm-generic/bug.h:98:3: note: expanded from macro 'WARN_ON_ONCE'
__WARN_FLAGS(BUGFLAG_ONCE | \
^
./arch/x86/include/asm/bug.h:79:2: note: expanded from macro '__WARN_FLAGS'
_BUG_FLAGS(ASM_UD2, BUGFLAG_WARNING|(flags)); \
^
./arch/x86/include/asm/bug.h:35:2: note: expanded from macro '_BUG_FLAGS'
asm_inline volatile("1:\t" ins "\n" \
^
include/linux/compiler_types.h:210:24: note: expanded from macro 'asm_inline'
#define asm_inline asm __inline
^
In file included from /virtual/main.c:23:
In file included from include/linux/fdtable.h:16:
In file included from include/linux/fs.h:39:
In file included from include/linux/ioprio.h:7:
include/linux/iocontext.h:142:2: error: expected '(' after 'asm'
WARN_ON_ONCE(atomic_read(&ioc->nr_tasks) <= 0);
^
include/asm-generic/bug.h:98:3: note: expanded from macro 'WARN_ON_ONCE'
__WARN_FLAGS(BUGFLAG_ONCE | \
^
./arch/x86/include/asm/bug.h:79:2: note: expanded from macro '__WARN_FLAGS'
_BUG_FLAGS(ASM_UD2, BUGFLAG_WARNING|(flags)); \
^
./arch/x86/include/asm/bug.h:35:2: note: expanded from macro '_BUG_FLAGS'
asm_inline volatile("1:\t" ins "\n" \
^
include/linux/compiler_types.h:210:24: note: expanded from macro 'asm_inline'
#define asm_inline asm __inline
^
In file included from /virtual/main.c:23:
In file included from include/linux/fdtable.h:16:
In file included from include/linux/fs.h:245:
include/linux/quota.h:114:3: error: expected '(' after 'asm'
BUG();
^
./arch/x86/include/asm/bug.h:73:2: note: expanded from macro 'BUG'
_BUG_FLAGS(ASM_UD2, 0); \
^
./arch/x86/include/asm/bug.h:35:2: note: expanded from macro '_BUG_FLAGS'
asm_inline volatile("1:\t" ins "\n" \
^
include/linux/compiler_types.h:210:24: note: expanded from macro 'asm_inline'
#define asm_inline asm __inline
^
In file included from /virtual/main.c:23:
In file included from include/linux/fdtable.h:16:
In file included from include/linux/fs.h:245:
include/linux/quota.h:141:3: error: expected '(' after 'asm'
BUG();
^
./arch/x86/include/asm/bug.h:73:2: note: expanded from macro 'BUG'
_BUG_FLAGS(ASM_UD2, 0); \
^
./arch/x86/include/asm/bug.h:35:2: note: expanded from macro '_BUG_FLAGS'
asm_inline volatile("1:\t" ins "\n" \
^
include/linux/compiler_types.h:210:24: note: expanded from macro 'asm_inline'
#define asm_inline asm __inline
^
fatal error: too many errors emitted, stopping now [-ferror-limit=]
20 errors generated.
libclang-cpp.so is a new shared object in clang-9.0.0 which
contains all the clang components in one library. Doing this will
save from having to update cmake when there is a new clang component
and may provide better performance in LTO builds of clang.
I expect that exception handling is usually supported by a C++ program. I wonder why your function “main” does not contain corresponding try and catch instructions so far.
How do you think about recommendations by Matthew Wilson in an article?
Would you like to adjust the implementation if you consider effects for uncaught/unhandled exceptions?
After cmake finished in both, bcc and procmon, I try to compile them, but both stop here:
/usr/include/c++/8/bits/stl_pair.h:208:12: note: ‘struct std::pair<void*, long unsigned int>’ declared here
struct pair
^~~~
Linking CXX static library libclang_frontend.a
Built target clang_frontend
make: *** [Makefile:163: all] Error 2
I have Ubuntu 18.10 with cmake 1.15
any chance to allow windows developer make use of command line version of procmon or library?
Tried installing from the deb package and compiling from source but when I run it I get the display screen but no events recorded. I know it's running because the function keys work.
Output below:
$ sudo ./procmon
In file included from /virtual/main.c:21:
In file included from include/linux/dcache.h:7:
In file included from include/linux/rculist.h:11:
In file included from include/linux/rcupdate.h:26:
In file included from include/linux/irqflags.h:16:
In file included from ./arch/x86/include/asm/irqflags.h:9:
In file included from ./arch/x86/include/asm/nospec-branch.h:314:
./arch/x86/include/asm/segment.h:266:2: error: expected '(' after 'asm'
alternative_io ("lsl %[seg],%[p]",
^
./arch/x86/include/asm/alternative.h:240:2: note: expanded from macro 'alternative_io'
asm_inline volatile (ALTERNATIVE(oldinstr, newinstr, feature)
^
include/linux/compiler_types.h:210:24: note: expanded from macro 'asm_inline'
#define asm_inline asm __inline
^
In file included from /virtual/main.c:21:
In file included from include/linux/dcache.h:7:
In file included from include/linux/rculist.h:11:
In file included from include/linux/rcupdate.h:27:
In file included from include/linux/preempt.h:78:
In file included from ./arch/x86/include/asm/preempt.h:7:
In file included from include/linux/thread_info.h:38:
In file included from ./arch/x86/include/asm/thread_info.h:12:
In file included from ./arch/x86/include/asm/page.h:12:
./arch/x86/include/asm/page_64.h:49:2: error: expected '(' after 'asm'
alternative_call_2(clear_page_orig,
^
./arch/x86/include/asm/alternative.h:256:2: note: expanded from macro 'alternative_call_2'
asm_inline volatile (ALTERNATIVE_2("call %P[old]", "call %P[new1]", feature1,
^
include/linux/compiler_types.h:210:24: note: expanded from macro 'asm_inline'
#define asm_inline asm __inline
^
In file included from /virtual/main.c:21:
In file included from include/linux/dcache.h:7:
In file included from include/linux/rculist.h:11:
In file included from include/linux/rcupdate.h:27:
In file included from include/linux/preempt.h:78:
In file included from ./arch/x86/include/asm/preempt.h:7:
In file included from include/linux/thread_info.h:38:
In file included from ./arch/x86/include/asm/thread_info.h:53:
In file included from ./arch/x86/include/asm/cpufeature.h:5:
In file included from ./arch/x86/include/asm/processor.h:24:
./arch/x86/include/asm/special_insns.h:205:2: error: expected '(' after 'asm'
alternative_io(".byte " __stringify(NOP_DS_PREFIX) "; clflush %P0",
^
./arch/x86/include/asm/alternative.h:240:2: note: expanded from macro 'alternative_io'
asm_inline volatile (ALTERNATIVE(oldinstr, newinstr, feature)
^
include/linux/compiler_types.h:210:24: note: expanded from macro 'asm_inline'
#define asm_inline asm __inline
^
In file included from /virtual/main.c:21:
In file included from include/linux/dcache.h:7:
In file included from include/linux/rculist.h:11:
In file included from include/linux/rcupdate.h:27:
In file included from include/linux/preempt.h:78:
In file included from ./arch/x86/include/asm/preempt.h:7:
In file included from include/linux/thread_info.h:38:
In file included from ./arch/x86/include/asm/thread_info.h:53:
In file included from ./arch/x86/include/asm/cpufeature.h:5:
./arch/x86/include/asm/processor.h:795:2: error: expected '(' after 'asm'
alternative_input(BASE_PREFETCH, "prefetchnta %P1",
^
./arch/x86/include/asm/alternative.h:221:2: note: expanded from macro 'alternative_input'
asm_inline volatile (ALTERNATIVE(oldinstr, newinstr, feature)
^
include/linux/compiler_types.h:210:24: note: expanded from macro 'asm_inline'
#define asm_inline asm __inline
^
In file included from /virtual/main.c:21:
In file included from include/linux/dcache.h:7:
In file included from include/linux/rculist.h:11:
In file included from include/linux/rcupdate.h:27:
In file included from include/linux/preempt.h:78:
In file included from ./arch/x86/include/asm/preempt.h:7:
In file included from include/linux/thread_info.h:38:
In file included from ./arch/x86/include/asm/thread_info.h:53:
In file included from ./arch/x86/include/asm/cpufeature.h:5:
./arch/x86/include/asm/processor.h:807:2: error: expected '(' after 'asm'
alternative_input(BASE_PREFETCH, "prefetchw %P1",
^
./arch/x86/include/asm/alternative.h:221:2: note: expanded from macro 'alternative_input'
asm_inline volatile (ALTERNATIVE(oldinstr, newinstr, feature)
^
include/linux/compiler_types.h:210:24: note: expanded from macro 'asm_inline'
#define asm_inline asm __inline
^
In file included from /virtual/main.c:21:
In file included from include/linux/dcache.h:7:
In file included from include/linux/rculist.h:11:
In file included from include/linux/rcupdate.h:27:
In file included from include/linux/preempt.h:78:
In file included from ./arch/x86/include/asm/preempt.h:7:
include/linux/thread_info.h:134:2: error: expected '(' after 'asm'
WARN(1, "Buffer overflow detected (%d < %lu)!\n", size, count);
^
include/asm-generic/bug.h:124:3: note: expanded from macro 'WARN'
__WARN_printf(TAINT_WARN, format);
^
include/asm-generic/bug.h:93:3: note: expanded from macro '__WARN_printf'
__WARN_FLAGS(BUGFLAG_NO_CUT_HERE | BUGFLAG_TAINT(taint));
^
./arch/x86/include/asm/bug.h:79:2: note: expanded from macro '__WARN_FLAGS'
_BUG_FLAGS(ASM_UD2, BUGFLAG_WARNING|(flags));
^
./arch/x86/include/asm/bug.h:35:2: note: expanded from macro '_BUG_FLAGS'
asm_inline volatile("1:\t" ins "\n"
^
include/linux/compiler_types.h:210:24: note: expanded from macro 'asm_inline'
#define asm_inline asm __inline
^
In file included from /virtual/main.c:21:
In file included from include/linux/dcache.h:7:
In file included from include/linux/rculist.h:11:
In file included from include/linux/rcupdate.h:27:
In file included from include/linux/preempt.h:78:
In file included from ./arch/x86/include/asm/preempt.h:7:
include/linux/thread_info.h:150:6: error: expected '(' after 'asm'
if (WARN_ON_ONCE(bytes > INT_MAX))
^
include/asm-generic/bug.h:98:3: note: expanded from macro 'WARN_ON_ONCE'
__WARN_FLAGS(BUGFLAG_ONCE |
^
./arch/x86/include/asm/bug.h:79:2: note: expanded from macro '__WARN_FLAGS'
_BUG_FLAGS(ASM_UD2, BUGFLAG_WARNING|(flags));
^
./arch/x86/include/asm/bug.h:35:2: note: expanded from macro '_BUG_FLAGS'
asm_inline volatile("1:\t" ins "\n"
^
include/linux/compiler_types.h:210:24: note: expanded from macro 'asm_inline'
#define asm_inline asm __inline
^
In file included from /virtual/main.c:21:
In file included from include/linux/dcache.h:7:
In file included from include/linux/rculist.h:11:
include/linux/rcupdate.h:893:2: error: expected '(' after 'asm'
WARN_ON_ONCE(func != (rcu_callback_t)~0L);
^
include/asm-generic/bug.h:98:3: note: expanded from macro 'WARN_ON_ONCE'
__WARN_FLAGS(BUGFLAG_ONCE |
^
./arch/x86/include/asm/bug.h:79:2: note: expanded from macro '__WARN_FLAGS'
_BUG_FLAGS(ASM_UD2, BUGFLAG_WARNING|(flags));
^
./arch/x86/include/asm/bug.h:35:2: note: expanded from macro '_BUG_FLAGS'
asm_inline volatile("1:\t" ins "\n"
^
include/linux/compiler_types.h:210:24: note: expanded from macro 'asm_inline'
#define asm_inline asm __inline
^
In file included from /virtual/main.c:23:
In file included from include/linux/fdtable.h:16:
In file included from include/linux/fs.h:15:
In file included from include/linux/radix-tree.h:18:
In file included from include/linux/xarray.h:14:
In file included from include/linux/gfp.h:6:
In file included from include/linux/mmzone.h:21:
In file included from include/linux/mm_types.h:14:
In file included from include/linux/uprobes.h:49:
In file included from ./arch/x86/include/asm/uprobes.h:13:
In file included from include/linux/notifier.h:16:
In file included from include/linux/srcu.h:21:
In file included from include/linux/workqueue.h:9:
In file included from include/linux/timer.h:6:
include/linux/ktime.h:171:2: error: expected '(' after 'asm'
WARN_ON(div < 0);
^
include/asm-generic/bug.h:115:3: note: expanded from macro 'WARN_ON'
__WARN();
^
include/asm-generic/bug.h:90:19: note: expanded from macro '__WARN'
#define __WARN() __WARN_FLAGS(BUGFLAG_TAINT(TAINT_WARN))
^
./arch/x86/include/asm/bug.h:79:2: note: expanded from macro '__WARN_FLAGS'
_BUG_FLAGS(ASM_UD2, BUGFLAG_WARNING|(flags));
^
./arch/x86/include/asm/bug.h:35:2: note: expanded from macro '_BUG_FLAGS'
asm_inline volatile("1:\t" ins "\n"
^
include/linux/compiler_types.h:210:24: note: expanded from macro 'asm_inline'
#define asm_inline asm __inline
^
In file included from /virtual/main.c:23:
In file included from include/linux/fdtable.h:16:
In file included from include/linux/fs.h:15:
In file included from include/linux/radix-tree.h:18:
In file included from include/linux/xarray.h:14:
In file included from include/linux/gfp.h:6:
In file included from include/linux/mmzone.h:21:
In file included from include/linux/mm_types.h:14:
In file included from include/linux/uprobes.h:49:
In file included from ./arch/x86/include/asm/uprobes.h:13:
In file included from include/linux/notifier.h:16:
include/linux/srcu.h:179:2: error: expected '(' after 'asm'
WARN_ON_ONCE(idx & ~0x1);
^
include/asm-generic/bug.h:98:3: note: expanded from macro 'WARN_ON_ONCE'
__WARN_FLAGS(BUGFLAG_ONCE |
^
./arch/x86/include/asm/bug.h:79:2: note: expanded from macro '__WARN_FLAGS'
_BUG_FLAGS(ASM_UD2, BUGFLAG_WARNING|(flags));
^
./arch/x86/include/asm/bug.h:35:2: note: expanded from macro '_BUG_FLAGS'
asm_inline volatile("1:\t" ins "\n"
^
include/linux/compiler_types.h:210:24: note: expanded from macro 'asm_inline'
#define asm_inline asm __inline
^
In file included from /virtual/main.c:23:
In file included from include/linux/fdtable.h:16:
In file included from include/linux/fs.h:15:
In file included from include/linux/radix-tree.h:18:
In file included from include/linux/xarray.h:14:
In file included from include/linux/gfp.h:6:
In file included from include/linux/mmzone.h:22:
include/linux/page-flags.h:565:2: error: expected '(' after 'asm'
BUG_ON(!PageHead(page));
^
include/asm-generic/bug.h:62:57: note: expanded from macro 'BUG_ON'
#define BUG_ON(condition) do { if (unlikely(condition)) BUG(); } while (0)
^
./arch/x86/include/asm/bug.h:73:2: note: expanded from macro 'BUG'
_BUG_FLAGS(ASM_UD2, 0);
^
./arch/x86/include/asm/bug.h:35:2: note: expanded from macro '_BUG_FLAGS'
asm_inline volatile("1:\t" ins "\n"
^
include/linux/compiler_types.h:210:24: note: expanded from macro 'asm_inline'
#define asm_inline asm __inline
^
In file included from /virtual/main.c:23:
In file included from include/linux/fdtable.h:16:
In file included from include/linux/fs.h:15:
In file included from include/linux/radix-tree.h:18:
In file included from include/linux/xarray.h:14:
In file included from include/linux/gfp.h:6:
In file included from include/linux/mmzone.h:973:
In file included from ./arch/x86/include/asm/mmzone.h:5:
In file included from ./arch/x86/include/asm/mmzone_64.h:11:
In file included from ./arch/x86/include/asm/smp.h:13:
In file included from ./arch/x86/include/asm/apic.h:11:
In file included from ./arch/x86/include/asm/fixmap.h:190:
include/asm-generic/fixmap.h:38:2: error: expected '(' after 'asm'
BUG_ON(vaddr >= FIXADDR_TOP || vaddr < FIXADDR_START);
^
include/asm-generic/bug.h:62:57: note: expanded from macro 'BUG_ON'
#define BUG_ON(condition) do { if (unlikely(condition)) BUG(); } while (0)
^
./arch/x86/include/asm/bug.h:73:2: note: expanded from macro 'BUG'
_BUG_FLAGS(ASM_UD2, 0);
^
./arch/x86/include/asm/bug.h:35:2: note: expanded from macro '_BUG_FLAGS'
asm_inline volatile("1:\t" ins "\n"
^
include/linux/compiler_types.h:210:24: note: expanded from macro 'asm_inline'
#define asm_inline asm __inline
^
In file included from /virtual/main.c:23:
In file included from include/linux/fdtable.h:16:
In file included from include/linux/fs.h:15:
In file included from include/linux/radix-tree.h:18:
In file included from include/linux/xarray.h:14:
In file included from include/linux/gfp.h:6:
In file included from include/linux/mmzone.h:973:
In file included from ./arch/x86/include/asm/mmzone.h:5:
In file included from ./arch/x86/include/asm/mmzone_64.h:11:
In file included from ./arch/x86/include/asm/smp.h:13:
./arch/x86/include/asm/apic.h:107:2: error: expected '(' after 'asm'
alternative_io("movl %0, %P1", "xchgl %0, %P1", X86_BUG_11AP,
^
./arch/x86/include/asm/alternative.h:240:2: note: expanded from macro 'alternative_io'
asm_inline volatile (ALTERNATIVE(oldinstr, newinstr, feature)
^
include/linux/compiler_types.h:210:24: note: expanded from macro 'asm_inline'
#define asm_inline asm __inline
^
In file included from /virtual/main.c:23:
In file included from include/linux/fdtable.h:16:
In file included from include/linux/fs.h:15:
In file included from include/linux/radix-tree.h:18:
include/linux/xarray.h:54:2: error: expected '(' after 'asm'
WARN_ON((long)v < 0);
^
include/asm-generic/bug.h:115:3: note: expanded from macro 'WARN_ON'
__WARN();
^
include/asm-generic/bug.h:90:19: note: expanded from macro '__WARN'
#define __WARN() __WARN_FLAGS(BUGFLAG_TAINT(TAINT_WARN))
^
./arch/x86/include/asm/bug.h:79:2: note: expanded from macro '__WARN_FLAGS'
_BUG_FLAGS(ASM_UD2, BUGFLAG_WARNING|(flags));
^
./arch/x86/include/asm/bug.h:35:2: note: expanded from macro '_BUG_FLAGS'
asm_inline volatile("1:\t" ins "\n"
^
include/linux/compiler_types.h:210:24: note: expanded from macro 'asm_inline'
#define asm_inline asm __inline
^
In file included from /virtual/main.c:23:
In file included from include/linux/fdtable.h:16:
In file included from include/linux/fs.h:39:
In file included from include/linux/ioprio.h:7:
include/linux/iocontext.h:132:2: error: expected '(' after 'asm'
WARN_ON_ONCE(atomic_long_read(&ioc->refcount) <= 0);
^
include/asm-generic/bug.h:98:3: note: expanded from macro 'WARN_ON_ONCE'
__WARN_FLAGS(BUGFLAG_ONCE |
^
./arch/x86/include/asm/bug.h:79:2: note: expanded from macro '__WARN_FLAGS'
_BUG_FLAGS(ASM_UD2, BUGFLAG_WARNING|(flags));
^
./arch/x86/include/asm/bug.h:35:2: note: expanded from macro '_BUG_FLAGS'
asm_inline volatile("1:\t" ins "\n"
^
include/linux/compiler_types.h:210:24: note: expanded from macro 'asm_inline'
#define asm_inline asm __inline
^
In file included from /virtual/main.c:23:
In file included from include/linux/fdtable.h:16:
In file included from include/linux/fs.h:39:
In file included from include/linux/ioprio.h:7:
include/linux/iocontext.h:133:2: error: expected '(' after 'asm'
WARN_ON_ONCE(atomic_read(&ioc->active_ref) <= 0);
^
include/asm-generic/bug.h:98:3: note: expanded from macro 'WARN_ON_ONCE'
__WARN_FLAGS(BUGFLAG_ONCE |
^
./arch/x86/include/asm/bug.h:79:2: note: expanded from macro '__WARN_FLAGS'
_BUG_FLAGS(ASM_UD2, BUGFLAG_WARNING|(flags));
^
./arch/x86/include/asm/bug.h:35:2: note: expanded from macro '_BUG_FLAGS'
asm_inline volatile("1:\t" ins "\n"
^
include/linux/compiler_types.h:210:24: note: expanded from macro 'asm_inline'
#define asm_inline asm __inline
^
In file included from /virtual/main.c:23:
In file included from include/linux/fdtable.h:16:
In file included from include/linux/fs.h:39:
In file included from include/linux/ioprio.h:7:
include/linux/iocontext.h:142:2: error: expected '(' after 'asm'
WARN_ON_ONCE(atomic_read(&ioc->nr_tasks) <= 0);
^
include/asm-generic/bug.h:98:3: note: expanded from macro 'WARN_ON_ONCE'
__WARN_FLAGS(BUGFLAG_ONCE |
^
./arch/x86/include/asm/bug.h:79:2: note: expanded from macro '__WARN_FLAGS'
_BUG_FLAGS(ASM_UD2, BUGFLAG_WARNING|(flags));
^
./arch/x86/include/asm/bug.h:35:2: note: expanded from macro '_BUG_FLAGS'
asm_inline volatile("1:\t" ins "\n"
^
include/linux/compiler_types.h:210:24: note: expanded from macro 'asm_inline'
#define asm_inline asm __inline
^
In file included from /virtual/main.c:23:
In file included from include/linux/fdtable.h:16:
In file included from include/linux/fs.h:245:
include/linux/quota.h:114:3: error: expected '(' after 'asm'
BUG();
^
./arch/x86/include/asm/bug.h:73:2: note: expanded from macro 'BUG'
_BUG_FLAGS(ASM_UD2, 0);
^
./arch/x86/include/asm/bug.h:35:2: note: expanded from macro '_BUG_FLAGS'
asm_inline volatile("1:\t" ins "\n"
^
include/linux/compiler_types.h:210:24: note: expanded from macro 'asm_inline'
#define asm_inline asm __inline
^
In file included from /virtual/main.c:23:
In file included from include/linux/fdtable.h:16:
In file included from include/linux/fs.h:245:
include/linux/quota.h:141:3: error: expected '(' after 'asm'
BUG();
^
./arch/x86/include/asm/bug.h:73:2: note: expanded from macro 'BUG'
_BUG_FLAGS(ASM_UD2, 0);
^
./arch/x86/include/asm/bug.h:35:2: note: expanded from macro '_BUG_FLAGS'
asm_inline volatile("1:\t" ins "\n"
^
include/linux/compiler_types.h:210:24: note: expanded from macro 'asm_inline'
#define asm_inline asm __inline
^
fatal error: too many errors emitted, stopping now [-ferror-limit=]
20 errors generated.
Please consider supporting Raspian OS.
Thx.
At the Moment Procmon for Linux does not work when I am trying to load a generated Procmon file from Windows.
Failed to load tracefile Logfile.PML with error: Failed to query DB for event countroot
What is going wrong here?
Is there something I can do?
Ubuntu I am having is 18.04 with uname -r = 4.18.0-15-generic
When I try to start this tool on Ubuntu 20.04 LTS it gives me errors, then opens the UI and then does nothing.
Output:
In file included from /virtual/main.c:21:
In file included from include/linux/dcache.h:7:
In file included from include/linux/rculist.h:11:
In file included from include/linux/rcupdate.h:26:
In file included from include/linux/irqflags.h:16:
In file included from ./arch/x86/include/asm/irqflags.h:9:
In file included from ./arch/x86/include/asm/nospec-branch.h:314:
./arch/x86/include/asm/segment.h:266:2: error: expected '(' after 'asm'
alternative_io ("lsl %[seg],%[p]",
^
./arch/x86/include/asm/alternative.h:240:2: note: expanded from macro 'alternative_io'
asm_inline volatile (ALTERNATIVE(oldinstr, newinstr, feature) \
^
include/linux/compiler_types.h:210:24: note: expanded from macro 'asm_inline'
#define asm_inline asm __inline
^
In file included from /virtual/main.c:21:
In file included from include/linux/dcache.h:7:
In file included from include/linux/rculist.h:11:
In file included from include/linux/rcupdate.h:27:
In file included from include/linux/preempt.h:78:
In file included from ./arch/x86/include/asm/preempt.h:7:
In file included from include/linux/thread_info.h:38:
In file included from ./arch/x86/include/asm/thread_info.h:12:
In file included from ./arch/x86/include/asm/page.h:12:
./arch/x86/include/asm/page_64.h:49:2: error: expected '(' after 'asm'
alternative_call_2(clear_page_orig,
^
./arch/x86/include/asm/alternative.h:256:2: note: expanded from macro 'alternative_call_2'
asm_inline volatile (ALTERNATIVE_2("call %P[old]", "call %P[new1]", feature1,\
^
include/linux/compiler_types.h:210:24: note: expanded from macro 'asm_inline'
#define asm_inline asm __inline
^
In file included from /virtual/main.c:21:
In file included from include/linux/dcache.h:7:
In file included from include/linux/rculist.h:11:
In file included from include/linux/rcupdate.h:27:
In file included from include/linux/preempt.h:78:
In file included from ./arch/x86/include/asm/preempt.h:7:
In file included from include/linux/thread_info.h:38:
In file included from ./arch/x86/include/asm/thread_info.h:53:
In file included from ./arch/x86/include/asm/cpufeature.h:5:
In file included from ./arch/x86/include/asm/processor.h:24:
./arch/x86/include/asm/special_insns.h:205:2: error: expected '(' after 'asm'
alternative_io(".byte " __stringify(NOP_DS_PREFIX) "; clflush %P0",
^
./arch/x86/include/asm/alternative.h:240:2: note: expanded from macro 'alternative_io'
asm_inline volatile (ALTERNATIVE(oldinstr, newinstr, feature) \
^
include/linux/compiler_types.h:210:24: note: expanded from macro 'asm_inline'
#define asm_inline asm __inline
^
In file included from /virtual/main.c:21:
In file included from include/linux/dcache.h:7:
In file included from include/linux/rculist.h:11:
In file included from include/linux/rcupdate.h:27:
In file included from include/linux/preempt.h:78:
In file included from ./arch/x86/include/asm/preempt.h:7:
In file included from include/linux/thread_info.h:38:
In file included from ./arch/x86/include/asm/thread_info.h:53:
In file included from ./arch/x86/include/asm/cpufeature.h:5:
./arch/x86/include/asm/processor.h:795:2: error: expected '(' after 'asm'
alternative_input(BASE_PREFETCH, "prefetchnta %P1",
^
./arch/x86/include/asm/alternative.h:221:2: note: expanded from macro 'alternative_input'
asm_inline volatile (ALTERNATIVE(oldinstr, newinstr, feature) \
^
include/linux/compiler_types.h:210:24: note: expanded from macro 'asm_inline'
#define asm_inline asm __inline
^
In file included from /virtual/main.c:21:
In file included from include/linux/dcache.h:7:
In file included from include/linux/rculist.h:11:
In file included from include/linux/rcupdate.h:27:
In file included from include/linux/preempt.h:78:
In file included from ./arch/x86/include/asm/preempt.h:7:
In file included from include/linux/thread_info.h:38:
In file included from ./arch/x86/include/asm/thread_info.h:53:
In file included from ./arch/x86/include/asm/cpufeature.h:5:
./arch/x86/include/asm/processor.h:807:2: error: expected '(' after 'asm'
alternative_input(BASE_PREFETCH, "prefetchw %P1",
^
./arch/x86/include/asm/alternative.h:221:2: note: expanded from macro 'alternative_input'
asm_inline volatile (ALTERNATIVE(oldinstr, newinstr, feature) \
^
include/linux/compiler_types.h:210:24: note: expanded from macro 'asm_inline'
#define asm_inline asm __inline
^
In file included from /virtual/main.c:21:
In file included from include/linux/dcache.h:7:
In file included from include/linux/rculist.h:11:
In file included from include/linux/rcupdate.h:27:
In file included from include/linux/preempt.h:78:
In file included from ./arch/x86/include/asm/preempt.h:7:
include/linux/thread_info.h:134:2: error: expected '(' after 'asm'
WARN(1, "Buffer overflow detected (%d < %lu)!\n", size, count);
^
include/asm-generic/bug.h:124:3: note: expanded from macro 'WARN'
__WARN_printf(TAINT_WARN, format); \
^
include/asm-generic/bug.h:93:3: note: expanded from macro '__WARN_printf'
__WARN_FLAGS(BUGFLAG_NO_CUT_HERE | BUGFLAG_TAINT(taint));\
^
./arch/x86/include/asm/bug.h:79:2: note: expanded from macro '__WARN_FLAGS'
_BUG_FLAGS(ASM_UD2, BUGFLAG_WARNING|(flags)); \
^
./arch/x86/include/asm/bug.h:35:2: note: expanded from macro '_BUG_FLAGS'
asm_inline volatile("1:\t" ins "\n" \
^
include/linux/compiler_types.h:210:24: note: expanded from macro 'asm_inline'
#define asm_inline asm __inline
^
In file included from /virtual/main.c:21:
In file included from include/linux/dcache.h:7:
In file included from include/linux/rculist.h:11:
In file included from include/linux/rcupdate.h:27:
In file included from include/linux/preempt.h:78:
In file included from ./arch/x86/include/asm/preempt.h:7:
include/linux/thread_info.h:150:6: error: expected '(' after 'asm'
if (WARN_ON_ONCE(bytes > INT_MAX))
^
include/asm-generic/bug.h:98:3: note: expanded from macro 'WARN_ON_ONCE'
__WARN_FLAGS(BUGFLAG_ONCE | \
^
./arch/x86/include/asm/bug.h:79:2: note: expanded from macro '__WARN_FLAGS'
_BUG_FLAGS(ASM_UD2, BUGFLAG_WARNING|(flags)); \
^
./arch/x86/include/asm/bug.h:35:2: note: expanded from macro '_BUG_FLAGS'
asm_inline volatile("1:\t" ins "\n" \
^
include/linux/compiler_types.h:210:24: note: expanded from macro 'asm_inline'
#define asm_inline asm __inline
^
In file included from /virtual/main.c:21:
In file included from include/linux/dcache.h:7:
In file included from include/linux/rculist.h:11:
include/linux/rcupdate.h:893:2: error: expected '(' after 'asm'
WARN_ON_ONCE(func != (rcu_callback_t)~0L);
^
include/asm-generic/bug.h:98:3: note: expanded from macro 'WARN_ON_ONCE'
__WARN_FLAGS(BUGFLAG_ONCE | \
^
./arch/x86/include/asm/bug.h:79:2: note: expanded from macro '__WARN_FLAGS'
_BUG_FLAGS(ASM_UD2, BUGFLAG_WARNING|(flags)); \
^
./arch/x86/include/asm/bug.h:35:2: note: expanded from macro '_BUG_FLAGS'
asm_inline volatile("1:\t" ins "\n" \
^
include/linux/compiler_types.h:210:24: note: expanded from macro 'asm_inline'
#define asm_inline asm __inline
^
In file included from /virtual/main.c:23:
In file included from include/linux/fdtable.h:16:
In file included from include/linux/fs.h:15:
In file included from include/linux/radix-tree.h:18:
In file included from include/linux/xarray.h:14:
In file included from include/linux/gfp.h:6:
In file included from include/linux/mmzone.h:21:
In file included from include/linux/mm_types.h:14:
In file included from include/linux/uprobes.h:49:
In file included from ./arch/x86/include/asm/uprobes.h:13:
In file included from include/linux/notifier.h:16:
In file included from include/linux/srcu.h:21:
In file included from include/linux/workqueue.h:9:
In file included from include/linux/timer.h:6:
include/linux/ktime.h:171:2: error: expected '(' after 'asm'
WARN_ON(div < 0);
^
include/asm-generic/bug.h:115:3: note: expanded from macro 'WARN_ON'
__WARN(); \
^
include/asm-generic/bug.h:90:19: note: expanded from macro '__WARN'
#define __WARN() __WARN_FLAGS(BUGFLAG_TAINT(TAINT_WARN))
^
./arch/x86/include/asm/bug.h:79:2: note: expanded from macro '__WARN_FLAGS'
_BUG_FLAGS(ASM_UD2, BUGFLAG_WARNING|(flags)); \
^
./arch/x86/include/asm/bug.h:35:2: note: expanded from macro '_BUG_FLAGS'
asm_inline volatile("1:\t" ins "\n" \
^
include/linux/compiler_types.h:210:24: note: expanded from macro 'asm_inline'
#define asm_inline asm __inline
^
In file included from /virtual/main.c:23:
In file included from include/linux/fdtable.h:16:
In file included from include/linux/fs.h:15:
In file included from include/linux/radix-tree.h:18:
In file included from include/linux/xarray.h:14:
In file included from include/linux/gfp.h:6:
In file included from include/linux/mmzone.h:21:
In file included from include/linux/mm_types.h:14:
In file included from include/linux/uprobes.h:49:
In file included from ./arch/x86/include/asm/uprobes.h:13:
In file included from include/linux/notifier.h:16:
include/linux/srcu.h:179:2: error: expected '(' after 'asm'
WARN_ON_ONCE(idx & ~0x1);
^
include/asm-generic/bug.h:98:3: note: expanded from macro 'WARN_ON_ONCE'
__WARN_FLAGS(BUGFLAG_ONCE | \
^
./arch/x86/include/asm/bug.h:79:2: note: expanded from macro '__WARN_FLAGS'
_BUG_FLAGS(ASM_UD2, BUGFLAG_WARNING|(flags)); \
^
./arch/x86/include/asm/bug.h:35:2: note: expanded from macro '_BUG_FLAGS'
asm_inline volatile("1:\t" ins "\n" \
^
include/linux/compiler_types.h:210:24: note: expanded from macro 'asm_inline'
#define asm_inline asm __inline
^
In file included from /virtual/main.c:23:
In file included from include/linux/fdtable.h:16:
In file included from include/linux/fs.h:15:
In file included from include/linux/radix-tree.h:18:
In file included from include/linux/xarray.h:14:
In file included from include/linux/gfp.h:6:
In file included from include/linux/mmzone.h:22:
include/linux/page-flags.h:565:2: error: expected '(' after 'asm'
BUG_ON(!PageHead(page));
^
include/asm-generic/bug.h:62:57: note: expanded from macro 'BUG_ON'
#define BUG_ON(condition) do { if (unlikely(condition)) BUG(); } while (0)
^
./arch/x86/include/asm/bug.h:73:2: note: expanded from macro 'BUG'
_BUG_FLAGS(ASM_UD2, 0); \
^
./arch/x86/include/asm/bug.h:35:2: note: expanded from macro '_BUG_FLAGS'
asm_inline volatile("1:\t" ins "\n" \
^
include/linux/compiler_types.h:210:24: note: expanded from macro 'asm_inline'
#define asm_inline asm __inline
^
In file included from /virtual/main.c:23:
In file included from include/linux/fdtable.h:16:
In file included from include/linux/fs.h:15:
In file included from include/linux/radix-tree.h:18:
In file included from include/linux/xarray.h:14:
In file included from include/linux/gfp.h:6:
In file included from include/linux/mmzone.h:971:
In file included from ./arch/x86/include/asm/mmzone.h:5:
In file included from ./arch/x86/include/asm/mmzone_64.h:11:
In file included from ./arch/x86/include/asm/smp.h:13:
In file included from ./arch/x86/include/asm/apic.h:11:
In file included from ./arch/x86/include/asm/fixmap.h:190:
include/asm-generic/fixmap.h:38:2: error: expected '(' after 'asm'
BUG_ON(vaddr >= FIXADDR_TOP || vaddr < FIXADDR_START);
^
include/asm-generic/bug.h:62:57: note: expanded from macro 'BUG_ON'
#define BUG_ON(condition) do { if (unlikely(condition)) BUG(); } while (0)
^
./arch/x86/include/asm/bug.h:73:2: note: expanded from macro 'BUG'
_BUG_FLAGS(ASM_UD2, 0); \
^
./arch/x86/include/asm/bug.h:35:2: note: expanded from macro '_BUG_FLAGS'
asm_inline volatile("1:\t" ins "\n" \
^
include/linux/compiler_types.h:210:24: note: expanded from macro 'asm_inline'
#define asm_inline asm __inline
^
In file included from /virtual/main.c:23:
In file included from include/linux/fdtable.h:16:
In file included from include/linux/fs.h:15:
In file included from include/linux/radix-tree.h:18:
In file included from include/linux/xarray.h:14:
In file included from include/linux/gfp.h:6:
In file included from include/linux/mmzone.h:971:
In file included from ./arch/x86/include/asm/mmzone.h:5:
In file included from ./arch/x86/include/asm/mmzone_64.h:11:
In file included from ./arch/x86/include/asm/smp.h:13:
./arch/x86/include/asm/apic.h:107:2: error: expected '(' after 'asm'
alternative_io("movl %0, %P1", "xchgl %0, %P1", X86_BUG_11AP,
^
./arch/x86/include/asm/alternative.h:240:2: note: expanded from macro 'alternative_io'
asm_inline volatile (ALTERNATIVE(oldinstr, newinstr, feature) \
^
include/linux/compiler_types.h:210:24: note: expanded from macro 'asm_inline'
#define asm_inline asm __inline
^
In file included from /virtual/main.c:23:
In file included from include/linux/fdtable.h:16:
In file included from include/linux/fs.h:15:
In file included from include/linux/radix-tree.h:18:
include/linux/xarray.h:54:2: error: expected '(' after 'asm'
WARN_ON((long)v < 0);
^
include/asm-generic/bug.h:115:3: note: expanded from macro 'WARN_ON'
__WARN(); \
^
include/asm-generic/bug.h:90:19: note: expanded from macro '__WARN'
#define __WARN() __WARN_FLAGS(BUGFLAG_TAINT(TAINT_WARN))
^
./arch/x86/include/asm/bug.h:79:2: note: expanded from macro '__WARN_FLAGS'
_BUG_FLAGS(ASM_UD2, BUGFLAG_WARNING|(flags)); \
^
./arch/x86/include/asm/bug.h:35:2: note: expanded from macro '_BUG_FLAGS'
asm_inline volatile("1:\t" ins "\n" \
^
include/linux/compiler_types.h:210:24: note: expanded from macro 'asm_inline'
#define asm_inline asm __inline
^
In file included from /virtual/main.c:23:
In file included from include/linux/fdtable.h:16:
In file included from include/linux/fs.h:39:
In file included from include/linux/ioprio.h:7:
include/linux/iocontext.h:132:2: error: expected '(' after 'asm'
WARN_ON_ONCE(atomic_long_read(&ioc->refcount) <= 0);
^
include/asm-generic/bug.h:98:3: note: expanded from macro 'WARN_ON_ONCE'
__WARN_FLAGS(BUGFLAG_ONCE | \
^
./arch/x86/include/asm/bug.h:79:2: note: expanded from macro '__WARN_FLAGS'
_BUG_FLAGS(ASM_UD2, BUGFLAG_WARNING|(flags)); \
^
./arch/x86/include/asm/bug.h:35:2: note: expanded from macro '_BUG_FLAGS'
asm_inline volatile("1:\t" ins "\n" \
^
include/linux/compiler_types.h:210:24: note: expanded from macro 'asm_inline'
#define asm_inline asm __inline
^
In file included from /virtual/main.c:23:
In file included from include/linux/fdtable.h:16:
In file included from include/linux/fs.h:39:
In file included from include/linux/ioprio.h:7:
include/linux/iocontext.h:133:2: error: expected '(' after 'asm'
WARN_ON_ONCE(atomic_read(&ioc->active_ref) <= 0);
^
include/asm-generic/bug.h:98:3: note: expanded from macro 'WARN_ON_ONCE'
__WARN_FLAGS(BUGFLAG_ONCE | \
^
./arch/x86/include/asm/bug.h:79:2: note: expanded from macro '__WARN_FLAGS'
_BUG_FLAGS(ASM_UD2, BUGFLAG_WARNING|(flags)); \
^
./arch/x86/include/asm/bug.h:35:2: note: expanded from macro '_BUG_FLAGS'
asm_inline volatile("1:\t" ins "\n" \
^
include/linux/compiler_types.h:210:24: note: expanded from macro 'asm_inline'
#define asm_inline asm __inline
^
In file included from /virtual/main.c:23:
In file included from include/linux/fdtable.h:16:
In file included from include/linux/fs.h:39:
In file included from include/linux/ioprio.h:7:
include/linux/iocontext.h:142:2: error: expected '(' after 'asm'
WARN_ON_ONCE(atomic_read(&ioc->nr_tasks) <= 0);
^
include/asm-generic/bug.h:98:3: note: expanded from macro 'WARN_ON_ONCE'
__WARN_FLAGS(BUGFLAG_ONCE | \
^
./arch/x86/include/asm/bug.h:79:2: note: expanded from macro '__WARN_FLAGS'
_BUG_FLAGS(ASM_UD2, BUGFLAG_WARNING|(flags)); \
^
./arch/x86/include/asm/bug.h:35:2: note: expanded from macro '_BUG_FLAGS'
asm_inline volatile("1:\t" ins "\n" \
^
include/linux/compiler_types.h:210:24: note: expanded from macro 'asm_inline'
#define asm_inline asm __inline
^
In file included from /virtual/main.c:23:
In file included from include/linux/fdtable.h:16:
In file included from include/linux/fs.h:245:
include/linux/quota.h:114:3: error: expected '(' after 'asm'
BUG();
^
./arch/x86/include/asm/bug.h:73:2: note: expanded from macro 'BUG'
_BUG_FLAGS(ASM_UD2, 0); \
^
./arch/x86/include/asm/bug.h:35:2: note: expanded from macro '_BUG_FLAGS'
asm_inline volatile("1:\t" ins "\n" \
^
include/linux/compiler_types.h:210:24: note: expanded from macro 'asm_inline'
#define asm_inline asm __inline
^
In file included from /virtual/main.c:23:
In file included from include/linux/fdtable.h:16:
In file included from include/linux/fs.h:245:
include/linux/quota.h:141:3: error: expected '(' after 'asm'
BUG();
^
./arch/x86/include/asm/bug.h:73:2: note: expanded from macro 'BUG'
_BUG_FLAGS(ASM_UD2, 0); \
^
./arch/x86/include/asm/bug.h:35:2: note: expanded from macro '_BUG_FLAGS'
asm_inline volatile("1:\t" ins "\n" \
^
include/linux/compiler_types.h:210:24: note: expanded from macro 'asm_inline'
#define asm_inline asm __inline
^
fatal error: too many errors emitted, stopping now [-ferror-limit=]
20 errors generated.
Version info:
procmon:
procmon_1.0.0-291_amd64.deb
lsb_release:
Distributor ID: Ubuntu
Description: Ubuntu 20.04 LTS
Release: 20.04
Codename: focal
uname:
Linux 5.4.0-40-generic #44-Ubuntu SMP Tue Jun 23 00:01:04 UTC 2020 x86_64 x86_64 GNU/Linux
Would you like to wrap any pointers with the class template “std::unique_ptr”?
Reproduced on up-to-date ubuntu 18.04 with 5.3.0-42-generic kernel, procmon installed from packages.microsoft.com.
I added procmon to AUR.
I added dependencies following your instructions. See PKGBUILD.
$ yay -S ncurses5-compat-libs bcc procmon
$ sudo procmon
procmon: /usr/lib/libpanel.so.5: version `NCURSES_5.0.19991023' not found (required by procmon)
procmon: /usr/lib/libncurses.so.5: version `NCURSES_5.0.19991023' not found (required by procmon)How to fix it?
yay -Ql ncurses5-compat-libs
ncurses5-compat-libs /usr/
ncurses5-compat-libs /usr/bin/
ncurses5-compat-libs /usr/bin/ncursesw5-config
ncurses5-compat-libs /usr/lib/
ncurses5-compat-libs /usr/lib/libform.so.5
ncurses5-compat-libs /usr/lib/libformw.so.5
ncurses5-compat-libs /usr/lib/libformw.so.5.9
ncurses5-compat-libs /usr/lib/libmenu.so.5
ncurses5-compat-libs /usr/lib/libmenuw.so.5
ncurses5-compat-libs /usr/lib/libmenuw.so.5.9
ncurses5-compat-libs /usr/lib/libncurses++.so.5
ncurses5-compat-libs /usr/lib/libncurses++w.so.5
ncurses5-compat-libs /usr/lib/libncurses++w.so.5.9
ncurses5-compat-libs /usr/lib/libncurses.so.5
ncurses5-compat-libs /usr/lib/libncursesw.so.5
ncurses5-compat-libs /usr/lib/libncursesw.so.5.9
ncurses5-compat-libs /usr/lib/libpanel.so.5
ncurses5-compat-libs /usr/lib/libpanelw.so.5
ncurses5-compat-libs /usr/lib/libpanelw.so.5.9
ncurses5-compat-libs /usr/lib/libtic.so.5
ncurses5-compat-libs /usr/lib/libtinfo.so.5
ncurses5-compat-libs /usr/share/
ncurses5-compat-libs /usr/share/licenses/
ncurses5-compat-libs /usr/share/licenses/ncurses5-compat-libs/
ncurses5-compat-libs /usr/share/licenses/ncurses5-compat-libs/LICENSE$ yay -Qi ncurses
Name : ncurses
Version : 6.2-1
Description : System V Release 4.0 curses emulation library
Architecture : x86_64
URL : https://invisible-island.net/ncurses/ncurses.html
Licenses : MIT
Groups : None
Provides : libncurses++w.so=6-64 libformw.so=6-64 libmenuw.so=6-64 libpanelw.so=6-64 libncursesw.so=6-64
Depends On : glibc gcc-libs
Optional Deps : None
Required By : asdf-vm aspell bash gdb gnugo gptfdisk guile guile2.0 htop lame less libcaca libcdio libedit libxml2 llvm-libs
nano openshadinglanguage pinentry procps-ng psmisc readline texinfo
Optional For : vlc
Conflicts With : None
Replaces : alacritty-terminfo
Installed Size : 3.55 MiB
Packager : Bartłomiej Piotrowski <[email protected]>
Build Date : Thu 13 Feb 2020 11:08:28 AM MSK
Install Date : Thu 23 Jul 2020 11:10:01 AM MSK
Install Reason : Installed as a dependency for another package
Install Script : No
Validated By : Signature`
root@ubuntu:~/Procmon-for-Linux/build# cmake ..
-- The C compiler identification is GNU 7.5.0
-- The CXX compiler identification is GNU 7.5.0
-- Detecting C compiler ABI info
-- Detecting C compiler ABI info - done
-- Check for working C compiler: /usr/bin/cc - skipped
-- Detecting C compile features
-- Detecting C compile features - done
-- Detecting CXX compiler ABI info
-- Detecting CXX compiler ABI info - done
-- Check for working CXX compiler: /usr/bin/c++ - skipped
-- Detecting CXX compile features
-- Detecting CXX compile features - done
-- Found Curses: /usr/lib/x86_64-linux-gnu/libcurses.so
CMake Deprecation Warning at build/_deps/bcc-src/CMakeLists.txt:3 (cmake_minimum_required):
Compatibility with CMake < 2.8.12 will be removed from a future version of
CMake.
Update the VERSION argument value or use a ... suffix to tell
CMake that the project does not need compatibility with older versions.
-- Latest recognized Git tag is -128-NOTFOUND
-- Git HEAD is b35d4cc
-- Revision is 128-NOTFOUND-b35d4cc5
-- Performing Test HAVE_NO_PIE_FLAG
-- Performing Test HAVE_NO_PIE_FLAG - Success
-- Performing Test HAVE_REALLOCARRAY_SUPPORT
-- Performing Test HAVE_REALLOCARRAY_SUPPORT - Success
-- Found LLVM: /usr/lib/llvm-6.0/include 6.0.0
-- Found BISON: /usr/bin/bison (found version "3.0.4")
-- Found FLEX: /usr/bin/flex (found version "2.6.4")
-- Found LibElf: /usr/lib/x86_64-linux-gnu/libelf.so
-- Performing Test ELF_GETSHDRSTRNDX
-- Performing Test ELF_GETSHDRSTRNDX - Success
-- Using static-libstdc++
-- Could NOT find LuaJIT (missing: LUAJIT_LIBRARIES LUAJIT_INCLUDE_DIR)
CMake Warning at build/_deps/bcc-src/tests/python/CMakeLists.txt:10 (message):
Recommended test program 'netperf' not found
CMake Warning at build/_deps/bcc-src/tests/python/CMakeLists.txt:16 (message):
Recommended test program 'iperf' or 'iperf3' not found
-- Configuring done
-- Generating done
-- Build files have been written to: /root/Procmon-for-Linux/build
root@ubuntu:~/Procmon-for-Linux/build# make
[ 0%] Building CXX object src/logging/CMakeFiles/logging-static.dir/easylogging++.cc.o
[ 3%] Linking CXX static library liblogging-static.a
[ 3%] Built target logging-static
[ 3%] Building C object CMakeFiles/sqlite3-static.dir/vendor/sqlite3/sqlite3.c.o
[ 6%] Linking C static library libsqlite3-static.a
[ 6%] Built target sqlite3-static
[ 6%] Building C object _deps/bcc-build/src/cc/CMakeFiles/bpf-static.dir/libbpf.c.o
[ 6%] Building C object _deps/bcc-build/src/cc/CMakeFiles/bpf-static.dir/perf_reader.c.o
[ 10%] Building C object _deps/bcc-build/src/cc/CMakeFiles/bpf-static.dir/libbpf/src/bpf.c.o
[ 10%] Building C object _deps/bcc-build/src/cc/CMakeFiles/bpf-static.dir/libbpf/src/bpf_prog_linfo.c.o
[ 10%] Building C object _deps/bcc-build/src/cc/CMakeFiles/bpf-static.dir/libbpf/src/btf.c.o
[ 13%] Building C object _deps/bcc-build/src/cc/CMakeFiles/bpf-static.dir/libbpf/src/btf_dump.c.o
[ 13%] Building C object _deps/bcc-build/src/cc/CMakeFiles/bpf-static.dir/libbpf/src/hashmap.c.o
[ 13%] Building C object _deps/bcc-build/src/cc/CMakeFiles/bpf-static.dir/libbpf/src/libbpf.c.o
[ 17%] Building C object _deps/bcc-build/src/cc/CMakeFiles/bpf-static.dir/libbpf/src/libbpf_errno.c.o
[ 17%] Building C object _deps/bcc-build/src/cc/CMakeFiles/bpf-static.dir/libbpf/src/libbpf_probes.c.o
[ 17%] Building C object _deps/bcc-build/src/cc/CMakeFiles/bpf-static.dir/libbpf/src/netlink.c.o
[ 20%] Building C object _deps/bcc-build/src/cc/CMakeFiles/bpf-static.dir/libbpf/src/nlattr.c.o
[ 20%] Building C object _deps/bcc-build/src/cc/CMakeFiles/bpf-static.dir/libbpf/src/ringbuf.c.o
[ 20%] Building C object _deps/bcc-build/src/cc/CMakeFiles/bpf-static.dir/libbpf/src/str_error.c.o
[ 24%] Building C object _deps/bcc-build/src/cc/CMakeFiles/bpf-static.dir/libbpf/src/xsk.c.o
[ 24%] Linking C static library libbcc_bpf.a
[ 24%] Built target bpf-static
[ 27%] Building CXX object _deps/bcc-build/src/cc/CMakeFiles/bcc-loader-static.dir/bcc_syms.cc.o
[ 27%] Building C object _deps/bcc-build/src/cc/CMakeFiles/bcc-loader-static.dir/bcc_elf.c.o
[ 27%] Building C object _deps/bcc-build/src/cc/CMakeFiles/bcc-loader-static.dir/bcc_perf_map.c.o
[ 31%] Building C object _deps/bcc-build/src/cc/CMakeFiles/bcc-loader-static.dir/bcc_proc.c.o
[ 31%] Building CXX object _deps/bcc-build/src/cc/CMakeFiles/bcc-loader-static.dir/common.cc.o
[ 31%] Linking CXX static library libbcc-loader-static.a
[ 31%] Built target bcc-loader-static
[ 31%] Building CXX object _deps/bcc-build/src/cc/frontends/clang/CMakeFiles/clang_frontend.dir/loader.cc.o
In file included from /usr/lib/llvm-6.0/include/clang/AST/RecursiveASTVisitor.h:24:0,
from /root/Procmon-for-Linux/build/_deps/bcc-src/src/cc/frontends/clang/b_frontend_action.h:23,
from /root/Procmon-for-Linux/build/_deps/bcc-src/src/cc/frontends/clang/loader.cc:57:
/usr/lib/llvm-6.0/include/clang/AST/DeclOpenMP.h:97:1: warning: multi-line comment [-Wcomment]
/// #pragma omp declare reduction (foo : int,float : omp_out += omp_in)
^
[ 31%] Building CXX object _deps/bcc-build/src/cc/frontends/clang/CMakeFiles/clang_frontend.dir/b_frontend_action.cc.o
In file included from /usr/lib/llvm-6.0/include/clang/AST/RecursiveASTVisitor.h:24:0,
from /root/Procmon-for-Linux/build/_deps/bcc-src/src/cc/frontends/clang/b_frontend_action.h:23,
from /root/Procmon-for-Linux/build/_deps/bcc-src/src/cc/frontends/clang/b_frontend_action.cc:31:
/usr/lib/llvm-6.0/include/clang/AST/DeclOpenMP.h:97:1: warning: multi-line comment [-Wcomment]
/// #pragma omp declare reduction (foo : int,float : omp_out += omp_in)
^
[ 34%] Building CXX object _deps/bcc-build/src/cc/frontends/clang/CMakeFiles/clang_frontend.dir/tp_frontend_action.cc.o
In file included from /usr/lib/llvm-6.0/include/clang/AST/RecursiveASTVisitor.h:24:0,
from /root/Procmon-for-Linux/build/_deps/bcc-src/src/cc/frontends/clang/tp_frontend_action.h:23,
from /root/Procmon-for-Linux/build/_deps/bcc-src/src/cc/frontends/clang/tp_frontend_action.cc:32:
/usr/lib/llvm-6.0/include/clang/AST/DeclOpenMP.h:97:1: warning: multi-line comment [-Wcomment]
/// #pragma omp declare reduction (foo : int,float : omp_out += omp_in)
^
[ 34%] Building CXX object _deps/bcc-build/src/cc/frontends/clang/CMakeFiles/clang_frontend.dir/kbuild_helper.cc.o
/root/Procmon-for-Linux/build/_deps/bcc-src/src/cc/frontends/clang/kbuild_helper.cc:80:3: warning: multi-line comment -Wcomment]
// USERINCLUDE :=
^
/root/Procmon-for-Linux/build/_deps/bcc-src/src/cc/frontends/clang/kbuild_helper.cc:89:3: warning: multi-line comment -Wcomment]
// LINUXINCLUDE :=
^
[ 34%] Building CXX object _deps/bcc-build/src/cc/frontends/clang/CMakeFiles/clang_frontend.dir///common.cc.o
[ 34%] Linking CXX static library libclang_frontend.a
[ 34%] Built target clang_frontend
[ 34%] Building CXX object _deps/bcc-build/src/cc/api/CMakeFiles/api-static.dir/BPF.cc.o
In file included from /root/Procmon-for-Linux/build/_deps/bcc-src/src/cc/api/BPF.cc:32:0:
/root/Procmon-for-Linux/build/_deps/bcc-src/src/cc/bcc_exception.h: In member function ‘ebpf::StatusTuple ebpf::BPF::detach_raw_tracepoint_event(const string&, ebpf::open_probe_t&)’:
/root/Procmon-for-Linux/build/_deps/bcc-src/src/cc/bcc_exception.h:24:7: warning: ‘_stp.ebpf::StatusTuple::code’ may be used uninitialized in this function [-Wmaybe-uninitialized]
class StatusTuple {
^~~~~~~~~~~
[ 37%] Building CXX object _deps/bcc-build/src/cc/api/CMakeFiles/api-static.dir/BPFTable.cc.o
[ 37%] Linking CXX static library libapi-static.a
[ 37%] Built target api-static
[ 37%] Building CXX object _deps/bcc-build/src/cc/usdt/CMakeFiles/usdt-static.dir/usdt_args.cc.o
[ 41%] Building CXX object _deps/bcc-build/src/cc/usdt/CMakeFiles/usdt-static.dir/usdt.cc.o
[ 41%] Linking CXX static library libusdt-static.a
[ 41%] Built target usdt-static
[ 41%] [BISON][Parser] Building parser with bison 3.0.4
parser.yy:19.9-17: warning: deprecated directive, use ‘%define api.namespace ebpf::cc’ [-Wdeprecated]
%define namespace "ebpf::cc"
^^^^^^^^^
parser.yy:19.9-17: warning: %define variable 'api.namespace' requires '{...}' values [-Wdeprecated]
%define namespace "ebpf::cc"
^^^^^^^^^
parser.yy:20.9-25: warning: %define variable 'parser_class_name' requires '{...}' values [-Wdeprecated]
%define parser_class_name "BisonParser"
^^^^^^^^^^^^^^^^^
[ 44%] [FLEX][Lexer] Building scanner with flex 2.6.4
lexer.ll:110: warning, -s option given but default rule can be matched
[ 44%] Building CXX object _deps/bcc-build/src/cc/frontends/b/CMakeFiles/b_frontend.dir/loader.cc.o
[ 44%] Building CXX object _deps/bcc-build/src/cc/frontends/b/CMakeFiles/b_frontend.dir/codegen_llvm.cc.o
[ 48%] Building CXX object _deps/bcc-build/src/cc/frontends/b/CMakeFiles/b_frontend.dir/node.cc.o
[ 48%] Building CXX object _deps/bcc-build/src/cc/frontends/b/CMakeFiles/b_frontend.dir/parser.cc.o
[ 48%] Building CXX object _deps/bcc-build/src/cc/frontends/b/CMakeFiles/b_frontend.dir/printer.cc.o
[ 48%] Building CXX object _deps/bcc-build/src/cc/frontends/b/CMakeFiles/b_frontend.dir/type_check.cc.o
[ 51%] Building CXX object _deps/bcc-build/src/cc/frontends/b/CMakeFiles/b_frontend.dir/parser.yy.cc.o
[ 51%] Building CXX object _deps/bcc-build/src/cc/frontends/b/CMakeFiles/b_frontend.dir/lexer.ll.cc.o
[ 51%] Linking CXX static library libb_frontend.a
[ 51%] Built target b_frontend
[ 51%] Building CXX object _deps/bcc-build/src/cc/CMakeFiles/bcc-static.dir/bcc_common.cc.o
[ 51%] Building CXX object _deps/bcc-build/src/cc/CMakeFiles/bcc-static.dir/bpf_module.cc.o
In file included from /usr/lib/llvm-6.0/include/clang/AST/RecursiveASTVisitor.h:24:0,
from /root/Procmon-for-Linux/build/_deps/bcc-src/src/cc/frontends/clang/b_frontend_action.h:23,
from /root/Procmon-for-Linux/build/_deps/bcc-src/src/cc/bpf_module.cc:43:
/usr/lib/llvm-6.0/include/clang/AST/DeclOpenMP.h:97:1: warning: multi-line comment [-Wcomment]
/// #pragma omp declare reduction (foo : int,float : omp_out += omp_in)
^
[ 55%] Building CXX object _deps/bcc-build/src/cc/CMakeFiles/bcc-static.dir/bcc_btf.cc.o
/root/Procmon-for-Linux/build/_deps/bcc-src/src/cc/bcc_btf.cc: In member function ‘int ebpf::BTF::get_btf_info(const char*, void**, unsigned int*, unsigned int*, void**, unsigned int*, unsigned int*)’:
/root/Procmon-for-Linux/build/_deps/bcc-src/src/cc/bcc_btf.cc:316:33: warning: ‘int btf_ext__reloc_func_info(const btf*, const btf_ext*, const char*, __u32, void**, __u32*)’ is deprecated: btf_ext__reloc_func_info was never meant as a public API and has wrong assumptions embedded in it; it will be removed in the future libbpf versions [-Wdeprecated-declarations]
func_info, func_info_cnt);
^
In file included from /root/Procmon-for-Linux/build/_deps/bcc-src/src/cc/bcc_libbpf_inc.h:9:0,
from /root/Procmon-for-Linux/build/_deps/bcc-src/src/cc/bcc_btf.cc:22:
/root/Procmon-for-Linux/build/_deps/bcc-src/src/cc/libbpf/src/btf.h:80:5: note: declared here
int btf_ext__reloc_func_info(const struct btf btf,
^~~~~~~~~~~~~~~~~~~~~~~~
/root/Procmon-for-Linux/build/_deps/bcc-src/src/cc/bcc_btf.cc:323:33: warning: ‘int btf_ext__reloc_line_info(const btf, const btf_ext*, const char*, __u32, void**, __u32*)’ is deprecated: btf_ext__reloc_line_info was never meant as a public API and has wrong assumptions embedded in it; it will be removed in the future libbpf versions [-Wdeprecated-declarations]
line_info, line_info_cnt);
^
In file included from /root/Procmon-for-Linux/build/_deps/bcc-src/src/cc/bcc_libbpf_inc.h:9:0,
from /root/Procmon-for-Linux/build/_deps/bcc-src/src/cc/bcc_btf.cc:22:
/root/Procmon-for-Linux/build/_deps/bcc-src/src/cc/libbpf/src/btf.h:85:5: note: declared here
int btf_ext__reloc_line_info(const struct btf *btf,
^~~~~~~~~~~~~~~~~~~~~~~~
[ 55%] Building CXX object _deps/bcc-build/src/cc/CMakeFiles/bcc-static.dir/exported_files.cc.o
[ 55%] Building CXX object _deps/bcc-build/src/cc/CMakeFiles/bcc-static.dir/bcc_debug.cc.o
[ 58%] Building CXX object _deps/bcc-build/src/cc/CMakeFiles/bcc-static.dir/bpf_module_rw_engine.cc.o
[ 58%] Building CXX object _deps/bcc-build/src/cc/CMakeFiles/bcc-static.dir/table_storage.cc.o
[ 58%] Building CXX object _deps/bcc-build/src/cc/CMakeFiles/bcc-static.dir/shared_table.cc.o
[ 62%] Building CXX object _deps/bcc-build/src/cc/CMakeFiles/bcc-static.dir/bpffs_table.cc.o
[ 62%] Building CXX object _deps/bcc-build/src/cc/CMakeFiles/bcc-static.dir/json_map_decl_visitor.cc.o
In file included from /usr/lib/llvm-6.0/include/clang/AST/RecursiveASTVisitor.h:24:0,
from /root/Procmon-for-Linux/build/_deps/bcc-src/src/cc/json_map_decl_visitor.cc:22:
/usr/lib/llvm-6.0/include/clang/AST/DeclOpenMP.h:97:1: warning: multi-line comment [-Wcomment]
/// #pragma omp declare reduction (foo : int,float : omp_out += omp_in)
^
[ 62%] Building CXX object _deps/bcc-build/src/cc/CMakeFiles/bcc-static.dir/common.cc.o
[ 65%] Building CXX object _deps/bcc-build/src/cc/CMakeFiles/bcc-static.dir/usdt/usdt.cc.o
[ 65%] Building CXX object _deps/bcc-build/src/cc/CMakeFiles/bcc-static.dir/usdt/usdt_args.cc.o
[ 65%] Building CXX object _deps/bcc-build/src/cc/CMakeFiles/bcc-static.dir/bcc_syms.cc.o
[ 65%] Building C object _deps/bcc-build/src/cc/CMakeFiles/bcc-static.dir/bcc_elf.c.o
[ 68%] Building C object _deps/bcc-build/src/cc/CMakeFiles/bcc-static.dir/bcc_perf_map.c.o
[ 68%] Building C object _deps/bcc-build/src/cc/CMakeFiles/bcc-static.dir/bcc_proc.c.o
[ 68%] Linking CXX static library libbcc.a
[ 68%] Built target bcc-static
[ 72%] Building CXX object src/common/CMakeFiles/common-static.dir/printable.cpp.o
[ 72%] Building CXX object src/common/CMakeFiles/common-static.dir/cli_utils.cpp.o
[ 72%] Linking CXX static library libcommon-static.a
[ 72%] Built target common-static
[ 75%] Building CXX object src/configuration/CMakeFiles/configuration-static.dir/procmon_configuration.cpp.o
In file included from /root/Procmon-for-Linux/build/_deps/bcc-src/src/cc/api/BPF.h:25:0,
from /root/Procmon-for-Linux/src/configuration/../tracer/ebpf/ebpf_tracer_engine.h:6,
from /root/Procmon-for-Linux/src/configuration/procmon_configuration.h:21,
from /root/Procmon-for-Linux/src/configuration/procmon_configuration.cpp:4:
/root/Procmon-for-Linux/build/_deps/bcc-src/src/cc/api/BPFTable.h: In constructor ‘ebpf::BPFQueueStackTable::BPFQueueStackTable(const ebpf::TableDesc&)’:
/root/Procmon-for-Linux/build/_deps/bcc-src/src/cc/api/BPFTable.h:169:22: error: ‘BPF_MAP_TYPE_QUEUE’ was not declared in this scope
if (desc.type != BPF_MAP_TYPE_QUEUE &&
^~~~~~~~~~~~~~~~~~
/root/Procmon-for-Linux/build/_deps/bcc-src/src/cc/api/BPFTable.h:169:22: note: suggested alternative: ‘BPF_MAP_TYPE_CPUMAP’
if (desc.type != BPF_MAP_TYPE_QUEUE &&
^~~~~~~~~~~~~~~~~~
BPF_MAP_TYPE_CPUMAP
/root/Procmon-for-Linux/build/_deps/bcc-src/src/cc/api/BPFTable.h:170:22: error: ‘BPF_MAP_TYPE_STACK’ was not declared in this scope
desc.type != BPF_MAP_TYPE_STACK)
^~~~~~~~~~~~~~~~~~
/root/Procmon-for-Linux/build/_deps/bcc-src/src/cc/api/BPFTable.h:170:22: note: suggested alternative: ‘BPF_MAP_TYPE_HASH’
desc.type != BPF_MAP_TYPE_STACK)
^~~~~~~~~~~~~~~~~~
BPF_MAP_TYPE_HASH
/root/Procmon-for-Linux/build/_deps/bcc-src/src/cc/api/BPFTable.h: At global scope:
/root/Procmon-for-Linux/build/_deps/bcc-src/src/cc/api/BPFTable.h:392:54: error: field ‘trace’ has incomplete type ‘bpf_stack_build_id [127]’
struct bpf_stack_build_id trace[BPF_MAX_STACK_DEPTH];
^
In file included from /root/Procmon-for-Linux/build/_deps/bcc-src/src/cc/api/BPFTable.h:30:0,
from /root/Procmon-for-Linux/build/_deps/bcc-src/src/cc/api/BPF.h:25,
from /root/Procmon-for-Linux/src/configuration/../tracer/ebpf/ebpf_tracer_engine.h:6,
from /root/Procmon-for-Linux/src/configuration/procmon_configuration.h:21,
from /root/Procmon-for-Linux/src/configuration/procmon_configuration.cpp:4:
/root/Procmon-for-Linux/build/_deps/bcc-src/src/cc/bcc_syms.h:81:38: note: forward declaration of ‘struct bpf_stack_build_id’
struct bpf_stack_build_id *trace,
^~~~~~~~~~~~~~~~~~
In file included from /root/Procmon-for-Linux/build/_deps/bcc-src/src/cc/api/BPF.h:25:0,
from /root/Procmon-for-Linux/src/configuration/../tracer/ebpf/ebpf_tracer_engine.h:6,
from /root/Procmon-for-Linux/src/configuration/procmon_configuration.h:21,
from /root/Procmon-for-Linux/src/configuration/procmon_configuration.cpp:4:
/root/Procmon-for-Linux/build/_deps/bcc-src/src/cc/api/BPFTable.h: In constructor ‘ebpf::BPFSkStorageTable::BPFSkStorageTable(const ebpf::TableDesc&)’:
/root/Procmon-for-Linux/build/_deps/bcc-src/src/cc/api/BPFTable.h:509:22: error: ‘BPF_MAP_TYPE_SK_STORAGE’ was not declared in this scope
if (desc.type != BPF_MAP_TYPE_SK_STORAGE)
^~~~~~~~~~~~~~~~~~~~~~~
/root/Procmon-for-Linux/build/_deps/bcc-src/src/cc/api/BPFTable.h:509:22: note: suggested alternative: ‘BPF_MAP_TYPE_STACK_TRACE’
if (desc.type != BPF_MAP_TYPE_SK_STORAGE)
^~~~~~~~~~~~~~~~~~~~~~~
BPF_MAP_TYPE_STACK_TRACE
/root/Procmon-for-Linux/build/_deps/bcc-src/src/cc/api/BPFTable.h: In constructor ‘ebpf::BPFCgStorageTable::BPFCgStorageTable(const ebpf::TableDesc&)’:
/root/Procmon-for-Linux/build/_deps/bcc-src/src/cc/api/BPFTable.h:538:22: error: ‘BPF_MAP_TYPE_CGROUP_STORAGE’ was not declared in this scope
if (desc.type != BPF_MAP_TYPE_CGROUP_STORAGE)
^~~~~~~~~~~~~~~~~~~~~~~~~~~
/root/Procmon-for-Linux/build/_deps/bcc-src/src/cc/api/BPFTable.h:538:22: note: suggested alternative: ‘BPF_MAP_TYPE_CGROUP_ARRAY’
if (desc.type != BPF_MAP_TYPE_CGROUP_STORAGE)
^~~~~~~~~~~~~~~~~~~~~~~~~~~
BPF_MAP_TYPE_CGROUP_ARRAY
/root/Procmon-for-Linux/build/_deps/bcc-src/src/cc/api/BPFTable.h: In constructor ‘ebpf::BPFPercpuCgStorageTable::BPFPercpuCgStorageTable(const ebpf::TableDesc&)’:
/root/Procmon-for-Linux/build/_deps/bcc-src/src/cc/api/BPFTable.h:564:22: error: ‘BPF_MAP_TYPE_PERCPU_CGROUP_STORAGE’ was not declared in this scope
if (desc.type != BPF_MAP_TYPE_PERCPU_CGROUP_STORAGE)
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
/root/Procmon-for-Linux/build/_deps/bcc-src/src/cc/api/BPFTable.h:564:22: note: suggested alternative: ‘BPF_MAP_TYPE_PERCPU_ARRAY’
if (desc.type != BPF_MAP_TYPE_PERCPU_CGROUP_STORAGE)
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
BPF_MAP_TYPE_PERCPU_ARRAY
src/configuration/CMakeFiles/configuration-static.dir/build.make:75: recipe for target 'src/configuration/CMakeFiles/configuration-static.dir/procmon_configuration.cpp.o' failed
make[2]: *** [src/configuration/CMakeFiles/configuration-static.dir/procmon_configuration.cpp.o] Error 1
CMakeFiles/Makefile2:2539: recipe for target 'src/configuration/CMakeFiles/configuration-static.dir/all' failed
make[1]: *** [src/configuration/CMakeFiles/configuration-static.dir/all] Error 2
Makefile:165: recipe for target 'all' failed
make: *** [all] Error 2
`
root@ubuntu:~/Procmon-for-Linux/build# cat /etc/os-release NAME="Ubuntu" VERSION="18.04.5 LTS (Bionic Beaver)" ID=ubuntu ID_LIKE=debian PRETTY_NAME="Ubuntu 18.04.5 LTS" VERSION_ID="18.04" HOME_URL="https://www.ubuntu.com/" SUPPORT_URL="https://help.ubuntu.com/" BUG_REPORT_URL="https://bugs.launchpad.net/ubuntu/" PRIVACY_POLICY_URL="https://www.ubuntu.com/legal/terms-and-policies/privacy-policy" VERSION_CODENAME=bionic UBUNTU_CODENAME=bionic
ProcMon Version: git clone https://github.com/Microsoft/Procmon-for-Linux
Would you like to replace more defines for constant values by enumerations to stress their relationships?
After installation on WSL2 :
uname -ar
Linux nadavbhp1 5.4.72-microsoft-standard-WSL2 #1 SMP Wed Oct 28 23:40:43 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux
sudo procmon
_terminate called after throwing an instance of 'std::experimental::filesystem::v1::_cxx11::filesystem_error'
what(): filesystem error: directory iterator cannot open directory: No such file or directory [/sys/kernel/debug/tracing/events/syscalls]
Aborted
Hello,
I'm glad to see that there is finally a concrete implementation of syscall hooking using eBPF. What do you think about adding static configurations to your solution in order to replace systems like Auditd ?
Thanks
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
Django
The Web framework for perfectionists with deadlines.
Laravel
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
Microsoft
Open source projects and samples from Microsoft.
Google
Google ❤️ Open Source for everyone.
Alibaba
Alibaba Open Source for everyone
D3
Data-Driven Documents codes.
Tencent
China tencent open source team.