drzaeus77
commented
8 years ago Oops, obvious syntax issue. However, the second issue is there because this func is only exported to networking programs.
Open goldshtn opened 8 years ago
drzaeus77
commented
8 years ago Oops, obvious syntax issue. However, the second issue is there because this func is only exported to networking programs.
goldshtn
commented
8 years ago Oh. Is there any particular reason for that?
4ast
commented
8 years ago it's not exposed to tracing, because there was no use case for it yet. could you describe how you want to use it?
goldshtn
commented
8 years ago Well, for the trace tool, it could be useful if the user could do something like ($random & 7 == 0) to sample traces. It could be done by looking at the time stamp too, I guess.
goldshtn
commented
8 years ago @4ast So, do you think it will be exposed to tracing programs in the future, or do you not see this use case as compelling?
4ast
commented
8 years ago I would like to see a real use case when random sampling is actually needed. Do you want to prepare and test a kernel patch?
goldshtn
commented
8 years ago I've never done it, but I'm willing to learn. Is there some kind of Kernel Patches for Dummies that you recommend?
Regarding a test case, @brendangregg - what do you think?
4ast
commented
8 years ago the real use case came up. When we're doing sampling in kprobes and tracepoints it's often useful not to process every event and instead randomly drop most of them. arraymap counter can be used as token but random is easier to use. timestamp doesn't have entropy when there are lots of events. So pretty much what @goldshtn said. We just faced the issue on our own :)
pchaigno
commented
7 years ago Fixed with 8937bd80fce6.
It seems that
bpf_get_prandom_u32is declared as au32 *in the headers. That's due to missing parens.Also, after fixing the signature, a BPF program that uses this function doesn't pass verification. I get the following error: