{"payload":{"feedbackUrl":"https://github.com/orgs/community/discussions/53140","repo":{"id":478235569,"defaultBranch":"main","name":"parca-agent","ownerLogin":"javierhonduco","currentUserCanPush":false,"isFork":true,"isEmpty":false,"createdAt":"2022-04-05T17:35:56.000Z","ownerAvatar":"https://avatars.githubusercontent.com/u/959128?v=4","public":true,"private":false,"isOrgOwned":false},"refInfo":{"name":"","listCacheKey":"v0:1694534449.0","currentOid":""},"activityList":{"items":[{"before":"c6d24574173e93a55fb5a77907cd41803485264c","after":null,"ref":"refs/heads/fix-unwinder-metrics","pushedAt":"2023-09-12T16:00:49.000Z","pushType":"branch_deletion","commitsCount":0,"pusher":{"login":"javierhonduco","name":"Javier Honduvilla Coto","path":"/javierhonduco","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/959128?s=80&v=4"}},{"before":"603e2dcfd54528c60ed18e36ff1182b5f2d4819f","after":"c6d24574173e93a55fb5a77907cd41803485264c","ref":"refs/heads/fix-unwinder-metrics","pushedAt":"2023-09-12T15:10:54.000Z","pushType":"force_push","commitsCount":0,"pusher":{"login":"javierhonduco","name":"Javier Honduvilla Coto","path":"/javierhonduco","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/959128?s=80&v=4"},"commit":{"message":"pkg/profiler: Fix unwinder metrics\n\nCurrently the unwinder metrics are not being updated and remain zero\nthroughout profiling. The error in question:\n\n```\nreadPerCpuCounter failed\" error=\"get count values: failed to lookup value 0xc002720a40 in map percpu_stats: invalid argument\n```\n\nWas due to a mismatch of the structure in C and Go. In particular the\n`ErrorJitUnwindingMachinery` field only existed in Go, causing the read\nto fail as there were 8 extra bytes that were not expected.\n\nAdditionally, some other field was in the wrong position, which would\nhave caused wrong data had the read succeed.\n\nIn the future we will fix this with a more automated binding generation.\nWe have evaluated some options here but we weren't satisfied with the\noutcomes so far, but this is something we really want to tackle once we\nhave the bandwidth.\n\nTest Plan\n=========\n\nTested locally, it works. I've added some integration tests which is not\nfully done yet, because I can't seem to figure out why the counters\naren't bumped during tests. Will fix this later on.\n\n```\n[javierhonduco@fedora parca-agent]$ curl --silent http://localhost:7071/metrics | grep native | grep dwarf\nparca_agent_native_unwinder_samples_total{unwinder=\"dwarf\"} 8\nparca_agent_native_unwinder_success_total{unwinder=\"dwarf\"} 8\nparca_agent_native_unwinder_success_total{unwinder=\"dwarf_reach_bottom\"} 8\nparca_agent_native_unwinder_success_total{unwinder=\"dwarf_to_jit\"} 0\nparca_agent_native_unwinder_success_total{unwinder=\"jit_to_dwarf\"} 0\n```","shortMessageHtmlLink":"pkg/profiler: Fix unwinder metrics"}},{"before":"3bba3bf22db777011bf35859cffbc361f0fa147f","after":"603e2dcfd54528c60ed18e36ff1182b5f2d4819f","ref":"refs/heads/fix-unwinder-metrics","pushedAt":"2023-09-12T15:10:23.000Z","pushType":"force_push","commitsCount":0,"pusher":{"login":"javierhonduco","name":"Javier Honduvilla Coto","path":"/javierhonduco","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/959128?s=80&v=4"},"commit":{"message":"pkg/profiler: Fix unwinder metrics\n\nCurrently the unwinder metrics are not being updated and remain zero\nthroughout profiling. The error in question:\n\n```\nreadPerCpuCounter failed\" error=\"get count values: failed to lookup value 0xc002720a40 in map percpu_stats: invalid argument\n```\n\nWas due to a mismatch of the structure in C and Go. In particular the\n`ErrorJitUnwindingMachinery` field only existed in Go, causing the read\nto fail as there were 8 extra bytes that were not expected.\n\nAdditionally, some other field was in the wrong position, which would\nhave caused wrong data had the read succeed.\n\nIn the future we will fix this with a more automated binding generation.\nWe have evaluated some options here but we weren't satisfied with the\noutcomes so far, but this is something we really want to tackle once we\nhave the bandwidth.\n\nTest Plan\n=========\n\nTested locally, it works. I've added some integration tests which is not\nfully done yet, because I can't seem to figure out why the counters\naren't bumped during tests. Will fix this later on.\n\n```\n[javierhonduco@fedora parca-agent]$ curl --silent http://localhost:7071/metrics | grep native | grep dwarf\nparca_agent_native_unwinder_samples_total{unwinder=\"dwarf\"} 8\nparca_agent_native_unwinder_success_total{unwinder=\"dwarf\"} 8\nparca_agent_native_unwinder_success_total{unwinder=\"dwarf_reach_bottom\"} 8\nparca_agent_native_unwinder_success_total{unwinder=\"dwarf_to_jit\"} 0\nparca_agent_native_unwinder_success_total{unwinder=\"jit_to_dwarf\"} 0\n```","shortMessageHtmlLink":"pkg/profiler: Fix unwinder metrics"}},{"before":"caeb8537860d191cdc5b3882547102a55dcb2c61","after":"3bba3bf22db777011bf35859cffbc361f0fa147f","ref":"refs/heads/fix-unwinder-metrics","pushedAt":"2023-09-12T15:10:03.000Z","pushType":"force_push","commitsCount":0,"pusher":{"login":"javierhonduco","name":"Javier Honduvilla Coto","path":"/javierhonduco","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/959128?s=80&v=4"},"commit":{"message":"pkg/profiler: Fix unwinder metrics\n\nCurrently the unwinder metrics are not being updated and remain zero\nthroughout profiling. The error in question:\n\n```\nreadPerCpuCounter failed\" error=\"get count values: failed to lookup value 0xc002720a40 in map percpu_stats: invalid argument\n```\n\nWas due to a mismatch of the structure in C and Go. In particular the\n`ErrorJitUnwindingMachinery` field only existed in Go, causing the read\nto fail as there were 8 extra bytes that were not expected.\n\nAdditionally, some other field was in the wrong position, which would\nhave caused wrong data had the read succeed.\n\nIn the future we will fix this with a more automated binding generation.\nWe have evaluated some options here but we weren't satisfied with the\noutcomes so far, but this is something we really want to tackle once we\nhave the bandwidth.\n\nTest Plan\n=========\n\nTested locally, it works. I've added some integration tests which is not\nfully done yet, because I can't seem to figure out why the counters\naren't bumped during tests. Will fix this later on.\n\n```\n[javierhonduco@fedora parca-agent]$ curl --silent http://localhost:7071/metrics | grep native | grep dwarf\nparca_agent_native_unwinder_samples_total{unwinder=\"dwarf\"} 8\nparca_agent_native_unwinder_success_total{unwinder=\"dwarf\"} 8\nparca_agent_native_unwinder_success_total{unwinder=\"dwarf_reach_bottom\"} 8\nparca_agent_native_unwinder_success_total{unwinder=\"dwarf_to_jit\"} 0\nparca_agent_native_unwinder_success_total{unwinder=\"jit_to_dwarf\"} 0\n```","shortMessageHtmlLink":"pkg/profiler: Fix unwinder metrics"}},{"before":"5c323f0dcb6de6b1ce6731c580e6812937489b81","after":"caeb8537860d191cdc5b3882547102a55dcb2c61","ref":"refs/heads/fix-unwinder-metrics","pushedAt":"2023-09-12T15:09:53.000Z","pushType":"force_push","commitsCount":0,"pusher":{"login":"javierhonduco","name":"Javier Honduvilla Coto","path":"/javierhonduco","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/959128?s=80&v=4"},"commit":{"message":"pkg/profiler: Fix unwinder metrics\n\nCurrently the unwinder metrics are not being updated and remain zero\nthroughout profiling. The error in question:\n\n```\nreadPerCpuCounter failed\" error=\"get count values: failed to lookup value 0xc002720a40 in map percpu_stats: invalid argument\n```\n\nWas due to a mismatch of the structure in C and Go. In particular the\n`ErrorJitUnwindingMachinery` field only existed in Go, causing the read\nto fail as there were 8 extra bytes that were not expected.\n\nAdditionally, some other field was in the wrong position, which would\nhave caused wrong data had the read succeed.\n\nIn the future we will fix this with a more automated binding generation.\nWe have evaluated some options here but we weren't satisfied with the\noutcomes so far, but this is something we really want to tackle once we\nhave the bandwidth.\n\nTest Plan\n=========\n\nTested locally, it works. I've added some integration tests which is not\nfully done yet, because I can't seem to figure out why the counters\naren't bumped during tests. Will fix this later on.\n\n```\n[javierhonduco@fedora parca-agent]$ curl --silent http://localhost:7071/metrics | grep native | grep dwarf\nparca_agent_native_unwinder_samples_total{unwinder=\"dwarf\"} 8\nparca_agent_native_unwinder_success_total{unwinder=\"dwarf\"} 8\nparca_agent_native_unwinder_success_total{unwinder=\"dwarf_reach_bottom\"} 8\nparca_agent_native_unwinder_success_total{unwinder=\"dwarf_to_jit\"} 0\nparca_agent_native_unwinder_success_total{unwinder=\"jit_to_dwarf\"} 0\n```","shortMessageHtmlLink":"pkg/profiler: Fix unwinder metrics"}},{"before":null,"after":"5c323f0dcb6de6b1ce6731c580e6812937489b81","ref":"refs/heads/fix-unwinder-metrics","pushedAt":"2023-09-12T15:09:46.000Z","pushType":"branch_creation","commitsCount":0,"pusher":{"login":"javierhonduco","name":"Javier Honduvilla Coto","path":"/javierhonduco","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/959128?s=80&v=4"},"commit":{"message":"pkg/profiler: Fix unwinder metrics\n\nCurrently the unwinder metrics are not being updated and remain zero\nthroughout profiling. The error in question:\n\n```\nreadPerCpuCounter failed\" error=\"get count values: failed to lookup value 0xc002720a40 in map percpu_stats: invalid argument\n```\n\nWas due to a mismatch of the structure in C and Go. In particular the\n`ErrorJitUnwindingMachinery` field only existed in Go, causing the read\nto fail as there were 8 extra bytes that were not expected.\n\nAdditionally, some other field was in the wrong position, which would\nhave caused wrong data had the read succeed.\n\nIn the future we will fix this with a more automated binding generation.\nWe have evaluated some options here but we weren't satisfied with the\noutcomes so far, but this is something we really want to tackle once we\nhave the bandwidth.\n\nTest Plan\n=========\n\nTested locally, it works. I've added some integration tests which is not\nfully done yet, because I can't seem to figure out why the counters\naren't bumped during tests. Will fix this later on.\n\n```\n[javierhonduco@fedora parca-agent]$ curl --silent http://localhost:7071/metrics | grep native | grep dwarf\nparca_agent_native_unwinder_samples_total{unwinder=\"dwarf\"} 8\nparca_agent_native_unwinder_success_total{unwinder=\"dwarf\"} 8\nparca_agent_native_unwinder_success_total{unwinder=\"dwarf_reach_bottom\"} 8\nparca_agent_native_unwinder_success_total{unwinder=\"dwarf_to_jit\"} 0\nparca_agent_native_unwinder_success_total{unwinder=\"jit_to_dwarf\"} 0\n```","shortMessageHtmlLink":"pkg/profiler: Fix unwinder metrics"}},{"before":"82e36d0baf0ad959224fdf2dd3535d3e97848595","after":null,"ref":"refs/heads/root-namespace-detector","pushedAt":"2023-09-11T11:49:33.000Z","pushType":"branch_deletion","commitsCount":0,"pusher":{"login":"javierhonduco","name":"Javier Honduvilla Coto","path":"/javierhonduco","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/959128?s=80&v=4"}},{"before":"ccbca809fa7450e90ef56b41cceb3e79447518b2","after":"82e36d0baf0ad959224fdf2dd3535d3e97848595","ref":"refs/heads/root-namespace-detector","pushedAt":"2023-09-11T10:45:01.000Z","pushType":"force_push","commitsCount":0,"pusher":{"login":"javierhonduco","name":"Javier Honduvilla Coto","path":"/javierhonduco","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/959128?s=80&v=4"},"commit":{"message":"Detect the agent running in a non-root PID namespace\n\nIn Linux resources such as users, processes, mounts, time, etc. can be\nisolated with namespaces [0]. They are used in tamden with cgroups to implement\nresource control in containers.\n\nBoth namespaces and cgroups are conceptually a hierarchy, where the first\nnamespace is the root of the tree and the common ancestor for all the\nother slices of the machine.\n\nThe Agent requires to be run in the 'root' (this has nothing to do with\npermissions or users, necessarily) PID namespace, where all the other\nprocesses for every single namespace can be queried.\n\nWhile the kernel does not provide a facility for this check, this commit\naims to bring a reliable check to see whether we are inside\nof a PID namespace or not. It does it with a BPF program that retrieves\nthe pid of the Agent and then we compare it with the pid that the OS\ngives us in userspace via `getpid(2)`. As the BPF program always gives\nthe PID from the PoV of the root PID namespace, we can tell if we are in\nthe root namespace or not.\n\nThis uses code from this PoC [1].\n\nTest Plan\n=========\n\n**running the Agent normally, in the root PID namespace**\n\n```\n[root@fedora parca-agent]# dist/parca-agent\n[works]\n```\n\n**under a non-root PID namespace**\n\n```\n[javierhonduco@fedora parca-agent]$ sudo unshare --fork --pid --mount-proc\n[root@fedora parca-agent]# dist/parca-agent\nooooooooo.                                                  .o.                                            .\n`888   `Y88.                                               .888.                                         .o8\n 888   .d88'  .oooo.   oooo d8b  .ooooo.   .oooo.         .8\"888.      .oooooooo  .ooooo.  ooo. .oo.   .o888oo\n 888ooo88P'  `P  )88b  `888\"\"8P d88' `\"Y8 `P  )88b       .8' `888.    888' `88b  d88' `88b `888P\"Y88b    888\n 888          .oP\"888   888     888        .oP\"888      .88ooo8888.   888   888  888ooo888  888   888    888\n 888         d8(  888   888     888   .o8 d8(  888     .8'     `888.  `88bod8P'  888    .o  888   888    888 .\no888o        `Y888\"\"8o d888b    `Y8bod8P' `Y888\"\"8o   o88o     o8888o `8oooooo.  `Y8bod8P' o888o o888o   \"888\"\n                                                                      d\"     YD\n                                                                      \"Y88888P'\n\nlevel=info name=parca-agent ts=2023-09-07T10:42:25.892675407Z caller=main.go:345 msg=\"maxprocs: Leaving GOMAXPROCS=12: CPU quota undefined\"\nlevel=error name=parca-agent ts=2023-09-07T10:42:25.925707031Z caller=main.go:374 msg=\"the agent must be run in the 'root' PID namespace\"\n```\n\n[0]: https://man7.org/linux/man-pages/man7/namespaces.7.html\n[1]: https://github.com/javierhonduco/am-i-contained/tree/main","shortMessageHtmlLink":"Detect the agent running in a non-root PID namespace"}},{"before":"b84c804a9645e753524e0f7aa42da656370f8602","after":"ccbca809fa7450e90ef56b41cceb3e79447518b2","ref":"refs/heads/root-namespace-detector","pushedAt":"2023-09-11T10:34:41.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"javierhonduco","name":"Javier Honduvilla Coto","path":"/javierhonduco","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/959128?s=80&v=4"},"commit":{"message":"tmate","shortMessageHtmlLink":"tmate"}},{"before":"5fc526fdac707e2327575b94593216ba88be8484","after":"b84c804a9645e753524e0f7aa42da656370f8602","ref":"refs/heads/root-namespace-detector","pushedAt":"2023-09-11T10:26:51.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"javierhonduco","name":"Javier Honduvilla Coto","path":"/javierhonduco","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/959128?s=80&v=4"},"commit":{"message":"fixes","shortMessageHtmlLink":"fixes"}},{"before":"d7198b66dd56b7efdf000ac5c82edc4106b0f34c","after":"5fc526fdac707e2327575b94593216ba88be8484","ref":"refs/heads/root-namespace-detector","pushedAt":"2023-09-11T10:17:57.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"pre-commit-ci-lite[bot]","name":null,"path":"/apps/pre-commit-ci-lite","primaryAvatarUrl":"https://avatars.githubusercontent.com/in/257897?s=80&v=4"},"commit":{"message":"[pre-commit.ci lite] apply automatic fixes","shortMessageHtmlLink":"[pre-commit.ci lite] apply automatic fixes"}},{"before":"b246f67fc2d1471e42239138f5eaf1ff233f4f02","after":"d7198b66dd56b7efdf000ac5c82edc4106b0f34c","ref":"refs/heads/root-namespace-detector","pushedAt":"2023-09-11T10:13:19.000Z","pushType":"force_push","commitsCount":0,"pusher":{"login":"javierhonduco","name":"Javier Honduvilla Coto","path":"/javierhonduco","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/959128?s=80&v=4"},"commit":{"message":"Detect the agent running in a non-root PID namespace\n\nIn Linux resources such as users, processes, mounts, time, etc. can be\nisolated with namespaces [0]. They are used in tamden with cgroups to implement\nresource control in containers.\n\nBoth namespaces and cgroups are conceptually a hierarchy, where the first\nnamespace is the root of the tree and the common ancestor for all the\nother slices of the machine.\n\nThe Agent requires to be run in the 'root' (this has nothing to do with\npermissions or users, necessarily) PID namespace, where all the other\nprocesses for every single namespace can be queried.\n\nWhile the kernel does not provide a facility for this check, this commit\naims to bring a reliable check to see whether we are inside\nof a PID namespace or not. It does it with a BPF program that retrieves\nthe pid of the Agent and then we compare it with the pid that the OS\ngives us in userspace via `getpid(2)`. As the BPF program always gives\nthe PID from the PoV of the root PID namespace, we can tell if we are in\nthe root namespace or not.\n\nThis uses code from this PoC [1].\n\nTest Plan\n=========\n\n**running the Agent normally, in the root PID namespace**\n\n```\n[root@fedora parca-agent]# dist/parca-agent\n[works]\n```\n\n**under a non-root PID namespace**\n\n```\n[javierhonduco@fedora parca-agent]$ sudo unshare --fork --pid --mount-proc\n[root@fedora parca-agent]# dist/parca-agent\nooooooooo.                                                  .o.                                            .\n`888   `Y88.                                               .888.                                         .o8\n 888   .d88'  .oooo.   oooo d8b  .ooooo.   .oooo.         .8\"888.      .oooooooo  .ooooo.  ooo. .oo.   .o888oo\n 888ooo88P'  `P  )88b  `888\"\"8P d88' `\"Y8 `P  )88b       .8' `888.    888' `88b  d88' `88b `888P\"Y88b    888\n 888          .oP\"888   888     888        .oP\"888      .88ooo8888.   888   888  888ooo888  888   888    888\n 888         d8(  888   888     888   .o8 d8(  888     .8'     `888.  `88bod8P'  888    .o  888   888    888 .\no888o        `Y888\"\"8o d888b    `Y8bod8P' `Y888\"\"8o   o88o     o8888o `8oooooo.  `Y8bod8P' o888o o888o   \"888\"\n                                                                      d\"     YD\n                                                                      \"Y88888P'\n\nlevel=info name=parca-agent ts=2023-09-07T10:42:25.892675407Z caller=main.go:345 msg=\"maxprocs: Leaving GOMAXPROCS=12: CPU quota undefined\"\nlevel=error name=parca-agent ts=2023-09-07T10:42:25.925707031Z caller=main.go:374 msg=\"the agent must be run in the 'root' PID namespace\"\n```\n\n[0]: https://man7.org/linux/man-pages/man7/namespaces.7.html\n[1]: https://github.com/javierhonduco/am-i-contained/tree/main","shortMessageHtmlLink":"Detect the agent running in a non-root PID namespace"}},{"before":"313cd9d426717a653d1d9fbd971134bf83ede336","after":"b246f67fc2d1471e42239138f5eaf1ff233f4f02","ref":"refs/heads/root-namespace-detector","pushedAt":"2023-09-11T10:12:58.000Z","pushType":"force_push","commitsCount":0,"pusher":{"login":"javierhonduco","name":"Javier Honduvilla Coto","path":"/javierhonduco","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/959128?s=80&v=4"},"commit":{"message":"Detect the agent running in a non-root PID namespace\n\nIn Linux resources such as users, processes, mounts, time, etc. can be\nisolated with namespaces [0]. They are used in tamden with cgroups to implement\nresource control in containers.\n\nBoth namespaces and cgroups are conceptually a hierarchy, where the first\nnamespace is the root of the tree and the common ancestor for all the\nother slices of the machine.\n\nThe Agent requires to be run in the 'root' (this has nothing to do with\npermissions or users, necessarily) PID namespace, where all the other\nprocesses for every single namespace can be queried.\n\nWhile the kernel does not provide a facility for this check, this commit\naims to bring a reliable check to see whether we are inside\nof a PID namespace or not. It does it with a BPF program that retrieves\nthe pid of the Agent and then we compare it with the pid that the OS\ngives us in userspace via `getpid(2)`. As the BPF program always gives\nthe PID from the PoV of the root PID namespace, we can tell if we are in\nthe root namespace or not.\n\nThis uses code from this PoC [1].\n\nTest Plan\n=========\n\n**running the Agent normally, in the root PID namespace**\n\n```\n[root@fedora parca-agent]# dist/parca-agent\n[works]\n```\n\n**under a non-root PID namespace**\n\n```\n[javierhonduco@fedora parca-agent]$ sudo unshare --fork --pid --mount-proc\n[root@fedora parca-agent]# dist/parca-agent\nooooooooo.                                                  .o.                                            .\n`888   `Y88.                                               .888.                                         .o8\n 888   .d88'  .oooo.   oooo d8b  .ooooo.   .oooo.         .8\"888.      .oooooooo  .ooooo.  ooo. .oo.   .o888oo\n 888ooo88P'  `P  )88b  `888\"\"8P d88' `\"Y8 `P  )88b       .8' `888.    888' `88b  d88' `88b `888P\"Y88b    888\n 888          .oP\"888   888     888        .oP\"888      .88ooo8888.   888   888  888ooo888  888   888    888\n 888         d8(  888   888     888   .o8 d8(  888     .8'     `888.  `88bod8P'  888    .o  888   888    888 .\no888o        `Y888\"\"8o d888b    `Y8bod8P' `Y888\"\"8o   o88o     o8888o `8oooooo.  `Y8bod8P' o888o o888o   \"888\"\n                                                                      d\"     YD\n                                                                      \"Y88888P'\n\nlevel=info name=parca-agent ts=2023-09-07T10:42:25.892675407Z caller=main.go:345 msg=\"maxprocs: Leaving GOMAXPROCS=12: CPU quota undefined\"\nlevel=error name=parca-agent ts=2023-09-07T10:42:25.925707031Z caller=main.go:374 msg=\"the agent must be run in the 'root' PID namespace\"\n```\n\n[0]: https://man7.org/linux/man-pages/man7/namespaces.7.html\n[1]: https://github.com/javierhonduco/am-i-contained/tree/main","shortMessageHtmlLink":"Detect the agent running in a non-root PID namespace"}},{"before":"24c8bd0bb7a8c44cc23885a558decf950d2170fb","after":"313cd9d426717a653d1d9fbd971134bf83ede336","ref":"refs/heads/root-namespace-detector","pushedAt":"2023-09-11T08:45:14.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"pre-commit-ci-lite[bot]","name":null,"path":"/apps/pre-commit-ci-lite","primaryAvatarUrl":"https://avatars.githubusercontent.com/in/257897?s=80&v=4"},"commit":{"message":"[pre-commit.ci lite] apply automatic fixes","shortMessageHtmlLink":"[pre-commit.ci lite] apply automatic fixes"}},{"before":"2cf19aeb960c61fc2de168d88d6eb201f03f828d","after":"24c8bd0bb7a8c44cc23885a558decf950d2170fb","ref":"refs/heads/root-namespace-detector","pushedAt":"2023-09-11T08:40:24.000Z","pushType":"force_push","commitsCount":0,"pusher":{"login":"javierhonduco","name":"Javier Honduvilla Coto","path":"/javierhonduco","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/959128?s=80&v=4"},"commit":{"message":"Detect the agent running in a non-root PID namespace\n\nIn Linux resources such as users, processes, mounts, time, etc. can be\nisolated with namespaces [0]. They are used in tamden with cgroups to implement\nresource control in containers.\n\nBoth namespaces and cgroups are conceptually a hierarchy, where the first\nnamespace is the root of the tree and the common ancestor for all the\nother slices of the machine.\n\nThe Agent requires to be run in the 'root' (this has nothing to do with\npermissions or users, necessarily) PID namespace, where all the other\nprocesses for every single namespace can be queried.\n\nWhile the kernel does not provide a facility for this check, this commit\naims to bring a reliable check to see whether we are inside\nof a PID namespace or not. It does it with a BPF program that retrieves\nthe pid of the Agent and then we compare it with the pid that the OS\ngives us in userspace via `getpid(2)`. As the BPF program always gives\nthe PID from the PoV of the root PID namespace, we can tell if we are in\nthe root namespace or not.\n\nThis uses code from this PoC [1].\n\nTest Plan\n=========\n\n**running the Agent normally, in the root PID namespace**\n\n```\n[root@fedora parca-agent]# dist/parca-agent\n[works]\n```\n\n**under a non-root PID namespace**\n\n```\n[javierhonduco@fedora parca-agent]$ sudo unshare --fork --pid --mount-proc\n[root@fedora parca-agent]# dist/parca-agent\nooooooooo.                                                  .o.                                            .\n`888   `Y88.                                               .888.                                         .o8\n 888   .d88'  .oooo.   oooo d8b  .ooooo.   .oooo.         .8\"888.      .oooooooo  .ooooo.  ooo. .oo.   .o888oo\n 888ooo88P'  `P  )88b  `888\"\"8P d88' `\"Y8 `P  )88b       .8' `888.    888' `88b  d88' `88b `888P\"Y88b    888\n 888          .oP\"888   888     888        .oP\"888      .88ooo8888.   888   888  888ooo888  888   888    888\n 888         d8(  888   888     888   .o8 d8(  888     .8'     `888.  `88bod8P'  888    .o  888   888    888 .\no888o        `Y888\"\"8o d888b    `Y8bod8P' `Y888\"\"8o   o88o     o8888o `8oooooo.  `Y8bod8P' o888o o888o   \"888\"\n                                                                      d\"     YD\n                                                                      \"Y88888P'\n\nlevel=info name=parca-agent ts=2023-09-07T10:42:25.892675407Z caller=main.go:345 msg=\"maxprocs: Leaving GOMAXPROCS=12: CPU quota undefined\"\nlevel=error name=parca-agent ts=2023-09-07T10:42:25.925707031Z caller=main.go:374 msg=\"the agent must be run in the 'root' PID namespace\"\n```\n\n[0]: https://man7.org/linux/man-pages/man7/namespaces.7.html\n[1]: https://github.com/javierhonduco/am-i-contained/tree/main","shortMessageHtmlLink":"Detect the agent running in a non-root PID namespace"}},{"before":"732c216b05f4cc85899e053dcc481a70dd5c6706","after":"2cf19aeb960c61fc2de168d88d6eb201f03f828d","ref":"refs/heads/root-namespace-detector","pushedAt":"2023-09-07T12:28:37.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"pre-commit-ci-lite[bot]","name":null,"path":"/apps/pre-commit-ci-lite","primaryAvatarUrl":"https://avatars.githubusercontent.com/in/257897?s=80&v=4"},"commit":{"message":"[pre-commit.ci lite] apply automatic fixes","shortMessageHtmlLink":"[pre-commit.ci lite] apply automatic fixes"}},{"before":"db521999193a8ceaba6524d1a28324edda642663","after":"732c216b05f4cc85899e053dcc481a70dd5c6706","ref":"refs/heads/root-namespace-detector","pushedAt":"2023-09-07T12:17:56.000Z","pushType":"force_push","commitsCount":0,"pusher":{"login":"javierhonduco","name":"Javier Honduvilla Coto","path":"/javierhonduco","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/959128?s=80&v=4"},"commit":{"message":"Detect the agent running in a non-root PID namespace\n\nIn Linux resources such as users, processes, mounts, time, etc. can be\nisolated with namespaces [0]. They are used in tamden with cgroups to implement\nresource control in containers.\n\nBoth namespaces and cgroups are conceptually a hierarchy, where the first\nnamespace is the root of the tree and the common ancestor for all the\nother slices of the machine.\n\nThe Agent requires to be run in the 'root' (this has nothing to do with\npermissions or users, necessarily) PID namespace, where all the other\nprocesses for every single namespace can be queried.\n\nWhile the kernel does not provide a facility for this check, this commit\naims to bring a reliable check to see whether we are inside\nof a PID namespace or not. It does it with a BPF program that retrieves\nthe pid of the Agent and then we compare it with the pid that the OS\ngives us in userspace via `getpid(2)`. As the BPF program always gives\nthe PID from the PoV of the root PID namespace, we can tell if we are in\nthe root namespace or not.\n\nThis uses code from this PoC [1].\n\nTest Plan\n=========\n\n**running the Agent normally, in the root PID namespace**\n\n```\n[root@fedora parca-agent]# dist/parca-agent\n[works]\n```\n\n**under a non-root PID namespace**\n\n```\n[javierhonduco@fedora parca-agent]$ sudo unshare --fork --pid --mount-proc\n[root@fedora parca-agent]# dist/parca-agent\nooooooooo.                                                  .o.                                            .\n`888   `Y88.                                               .888.                                         .o8\n 888   .d88'  .oooo.   oooo d8b  .ooooo.   .oooo.         .8\"888.      .oooooooo  .ooooo.  ooo. .oo.   .o888oo\n 888ooo88P'  `P  )88b  `888\"\"8P d88' `\"Y8 `P  )88b       .8' `888.    888' `88b  d88' `88b `888P\"Y88b    888\n 888          .oP\"888   888     888        .oP\"888      .88ooo8888.   888   888  888ooo888  888   888    888\n 888         d8(  888   888     888   .o8 d8(  888     .8'     `888.  `88bod8P'  888    .o  888   888    888 .\no888o        `Y888\"\"8o d888b    `Y8bod8P' `Y888\"\"8o   o88o     o8888o `8oooooo.  `Y8bod8P' o888o o888o   \"888\"\n                                                                      d\"     YD\n                                                                      \"Y88888P'\n\nlevel=info name=parca-agent ts=2023-09-07T10:42:25.892675407Z caller=main.go:345 msg=\"maxprocs: Leaving GOMAXPROCS=12: CPU quota undefined\"\nlevel=error name=parca-agent ts=2023-09-07T10:42:25.925707031Z caller=main.go:374 msg=\"the agent must be run in the 'root' PID namespace\"\n```\n\n[0]: https://man7.org/linux/man-pages/man7/namespaces.7.html\n[1]: https://github.com/javierhonduco/am-i-contained/tree/main","shortMessageHtmlLink":"Detect the agent running in a non-root PID namespace"}},{"before":"cabe9fd56a920025487e4aac0a410508c6befc9e","after":"db521999193a8ceaba6524d1a28324edda642663","ref":"refs/heads/root-namespace-detector","pushedAt":"2023-09-07T10:57:08.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"pre-commit-ci-lite[bot]","name":null,"path":"/apps/pre-commit-ci-lite","primaryAvatarUrl":"https://avatars.githubusercontent.com/in/257897?s=80&v=4"},"commit":{"message":"[pre-commit.ci lite] apply automatic fixes","shortMessageHtmlLink":"[pre-commit.ci lite] apply automatic fixes"}},{"before":"9fc9c0d73c7e5024ba57da76350c6578d240f2dc","after":"cabe9fd56a920025487e4aac0a410508c6befc9e","ref":"refs/heads/root-namespace-detector","pushedAt":"2023-09-07T10:46:13.000Z","pushType":"force_push","commitsCount":0,"pusher":{"login":"javierhonduco","name":"Javier Honduvilla Coto","path":"/javierhonduco","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/959128?s=80&v=4"},"commit":{"message":"Detect the agent running in a non-root PID namespace\n\nIn Linux resources such as users, processes, mounts, time, etc. can be\nisolated with namespaces [0]. They are used in tamden with cgroups to implement\nresource control in containers.\n\nBoth namespaces and cgroups are conceptually a hierarchy, where the first\nnamespace is the root of the tree and the common ancestor for all the\nother slices of the machine.\n\nThe Agent requires to be run in the 'root' (this has nothing to do with\npermissions or users, necessarily) PID namespace, where all the other\nprocesses for every single namespace can be queried.\n\nWhile the kernel does not provide a facility for this check, this commit\naims to bring a reliable check to see whether we are inside\nof a PID namespace or not. It does it with a BPF program that retrieves\nthe pid of the Agent and then we compare it with the pid that the OS\ngives us in userspace via `getpid(2)`. As the BPF program always gives\nthe PID from the PoV of the root PID namespace, we can tell if we are in\nthe root namespace or not.\n\nThis uses code from this PoC [1].\n\nTest Plan\n=========\n\n**running the Agent normally, in the root PID namespace**\n\n```\n[root@fedora parca-agent]# dist/parca-agent\n[works]\n```\n\n**under a non-root PID namespace**\n\n```\n[javierhonduco@fedora parca-agent]$ sudo unshare --fork --pid --mount-proc\n[root@fedora parca-agent]# dist/parca-agent\nooooooooo.                                                  .o.                                            .\n`888   `Y88.                                               .888.                                         .o8\n 888   .d88'  .oooo.   oooo d8b  .ooooo.   .oooo.         .8\"888.      .oooooooo  .ooooo.  ooo. .oo.   .o888oo\n 888ooo88P'  `P  )88b  `888\"\"8P d88' `\"Y8 `P  )88b       .8' `888.    888' `88b  d88' `88b `888P\"Y88b    888\n 888          .oP\"888   888     888        .oP\"888      .88ooo8888.   888   888  888ooo888  888   888    888\n 888         d8(  888   888     888   .o8 d8(  888     .8'     `888.  `88bod8P'  888    .o  888   888    888 .\no888o        `Y888\"\"8o d888b    `Y8bod8P' `Y888\"\"8o   o88o     o8888o `8oooooo.  `Y8bod8P' o888o o888o   \"888\"\n                                                                      d\"     YD\n                                                                      \"Y88888P'\n\nlevel=info name=parca-agent ts=2023-09-07T10:42:25.892675407Z caller=main.go:345 msg=\"maxprocs: Leaving GOMAXPROCS=12: CPU quota undefined\"\nlevel=error name=parca-agent ts=2023-09-07T10:42:25.925707031Z caller=main.go:374 msg=\"the agent must be run in the 'root' PID namespace\"\n```\n\n[0]: https://man7.org/linux/man-pages/man7/namespaces.7.html\n[1]: https://github.com/javierhonduco/am-i-contained/tree/main","shortMessageHtmlLink":"Detect the agent running in a non-root PID namespace"}},{"before":null,"after":"9fc9c0d73c7e5024ba57da76350c6578d240f2dc","ref":"refs/heads/root-namespace-detector","pushedAt":"2023-09-07T09:23:05.000Z","pushType":"branch_creation","commitsCount":0,"pusher":{"login":"javierhonduco","name":"Javier Honduvilla Coto","path":"/javierhonduco","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/959128?s=80&v=4"},"commit":{"message":"wip","shortMessageHtmlLink":"wip"}},{"before":null,"after":"fbc2c00779df9984cc2603957620c1a38c250ab0","ref":"refs/heads/unify-native-stacks","pushedAt":"2023-09-07T08:22:09.000Z","pushType":"branch_creation","commitsCount":0,"pusher":{"login":"javierhonduco","name":"Javier Honduvilla Coto","path":"/javierhonduco","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/959128?s=80&v=4"},"commit":{"message":"wip","shortMessageHtmlLink":"wip"}},{"before":"f19df8187103963d087f5bf656001b188e3b4a87","after":null,"ref":"refs/heads/add-rbperf-v0","pushedAt":"2023-08-30T08:01:33.000Z","pushType":"branch_deletion","commitsCount":0,"pusher":{"login":"javierhonduco","name":"Javier Honduvilla Coto","path":"/javierhonduco","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/959128?s=80&v=4"}},{"before":"097e077322293cb5823c48e08fda9feb6f8e5c37","after":"f19df8187103963d087f5bf656001b188e3b4a87","ref":"refs/heads/add-rbperf-v0","pushedAt":"2023-08-29T18:33:45.000Z","pushType":"push","commitsCount":4,"pusher":{"login":"kakkoyun","name":"Kemal Akkoyun","path":"/kakkoyun","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/536449?s=80&v=4"},"commit":{"message":"Merge branch 'main' into add-rbperf-v0","shortMessageHtmlLink":"Merge branch 'main' into add-rbperf-v0"}},{"before":"effbee3ca336ceeb6327be7090407114e424efb4","after":"097e077322293cb5823c48e08fda9feb6f8e5c37","ref":"refs/heads/add-rbperf-v0","pushedAt":"2023-08-29T17:39:54.000Z","pushType":"push","commitsCount":4,"pusher":{"login":"kakkoyun","name":"Kemal Akkoyun","path":"/kakkoyun","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/536449?s=80&v=4"},"commit":{"message":"Merge branch 'main' into add-rbperf-v0","shortMessageHtmlLink":"Merge branch 'main' into add-rbperf-v0"}},{"before":null,"after":"36bab21eaca538e3d6ab6c38750c41460eb6125e","ref":"refs/heads/wip-data-race-issues","pushedAt":"2023-08-29T13:40:30.000Z","pushType":"branch_creation","commitsCount":0,"pusher":{"login":"javierhonduco","name":"Javier Honduvilla Coto","path":"/javierhonduco","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/959128?s=80&v=4"},"commit":{"message":"@nocommit: minimal changes to remove race condition\n\nHighly WIP. Needs more testing and perhaps having per-cache mutex.","shortMessageHtmlLink":"<a class=\"user-mention notranslate\" data-hovercard-type=\"user\" data-hovercard-url=\"/users/nocommit/hovercard\" data-octo-click=\"hovercard-link-click\" data-octo-dimensions=\"link_type:self\" href=\"https://github.com/nocommit\">@nocommit</a>: minimal changes to remove race condition"}},{"before":"a366b3fd9fac0361caca442241840c72a3189165","after":"effbee3ca336ceeb6327be7090407114e424efb4","ref":"refs/heads/add-rbperf-v0","pushedAt":"2023-08-29T13:13:55.000Z","pushType":"push","commitsCount":5,"pusher":{"login":"javierhonduco","name":"Javier Honduvilla Coto","path":"/javierhonduco","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/959128?s=80&v=4"},"commit":{"message":"Merge branch 'main' into add-rbperf-v0","shortMessageHtmlLink":"Merge branch 'main' into add-rbperf-v0"}},{"before":"a1babf1b5a1848475d1aed0fb07af287ab40e9df","after":"a366b3fd9fac0361caca442241840c72a3189165","ref":"refs/heads/add-rbperf-v0","pushedAt":"2023-08-29T13:04:51.000Z","pushType":"force_push","commitsCount":0,"pusher":{"login":"javierhonduco","name":"Javier Honduvilla Coto","path":"/javierhonduco","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/959128?s=80&v=4"},"commit":{"message":"Add initial Ruby support\n\nThis commit adds initial Ruby support by integrating rbperf's unwinder\nand adapting it to this Agent.\n\nThere is more work to do, but in the spirit of keeping this commit a bit\nmore contained, right now:\n- only Ruby 3.0.4 is supported;\n- no focus on efficiency;\n- missing clean-ups (such as clearing the interpreter stack maps);\n- the Ruby stack is fetched even if the Ruby thread is sleeping as long\n  as the native stack is on-CPU. This shows up confusingly as the Ruby stack in\nmany native stacks that aren't actually running the Ruby code;\n- there are no integration tests, this will change soon;\n\nAll the shortcomings above, and then some, will be addressed in\nforthcoming commits.\n\nArchitecture\n============\n\nThe current BPF unwinding architecture as well as the changes that this\ncommit makes can be seen here: https://excalidraw.com/#json=E-W6lSLZ8rTOcri7HZdAl,4AjIUmb-olsQkdbwCqyxqg\n\nTest Plan\n=========\n\nAll current tests pass +\n\nSigned-off-by: Francisco Javier Honduvilla Coto <javierhonduco@gmail.com>","shortMessageHtmlLink":"Add initial Ruby support"}},{"before":"7a63e3b44d642cc3579515a50b6fd96211beac6f","after":"a1babf1b5a1848475d1aed0fb07af287ab40e9df","ref":"refs/heads/add-rbperf-v0","pushedAt":"2023-08-29T13:03:43.000Z","pushType":"force_push","commitsCount":0,"pusher":{"login":"javierhonduco","name":"Javier Honduvilla Coto","path":"/javierhonduco","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/959128?s=80&v=4"},"commit":{"message":"Add initial Ruby support\n\nThis commit adds initial Ruby support by integrating rbperf's unwinder\nand adapting it to this Agent.\n\nThere is more work to do, but in the spirit of keeping this commit a bit\nmore contained, right now:\n- only Ruby 3.0.4 is supported;\n- no focus on efficiency;\n- missing clean-ups (such as clearing the interpreter stack maps);\n- the Ruby stack is fetched even if the Ruby thread is sleeping as long\n  as the native stack is on-CPU. This shows up confusingly as the Ruby stack in\nmany native stacks that aren't actually running the Ruby code;\n- there are no integration tests, this will change soon;\n\nAll the shortcomings above, and then some, will be addressed in\nforthcoming commits.\n\nArchitecture\n============\n\nThe current BPF unwinding architecture as well as the changes that this\ncommit makes can be seen here: https://excalidraw.com/#json=E-W6lSLZ8rTOcri7HZdAl,4AjIUmb-olsQkdbwCqyxqg\n\nTest Plan\n=========\n\nAll current tests pass +\n\nSigned-off-by: Francisco Javier Honduvilla Coto <javierhonduco@gmail.com>","shortMessageHtmlLink":"Add initial Ruby support"}},{"before":"147cc10d5ed29899724b93655bcc94dd6c6986c0","after":"7a63e3b44d642cc3579515a50b6fd96211beac6f","ref":"refs/heads/add-rbperf-v0","pushedAt":"2023-08-29T09:58:33.000Z","pushType":"force_push","commitsCount":0,"pusher":{"login":"javierhonduco","name":"Javier Honduvilla Coto","path":"/javierhonduco","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/959128?s=80&v=4"},"commit":{"message":"Add initial Ruby support\n\nThis commit adds initial Ruby support by integrating rbperf's unwinder\nand adapting it to this Agent.\n\nThere is more work to do, but in the spirit of keeping this commit a bit\nmore contained, right now:\n- only Ruby 3.0.4 is supported;\n- no focus on efficiency;\n- missing clean-ups (such as clearing the interpreter stack maps);\n- the Ruby stack is fetched even if the Ruby thread is sleeping as long\n  as the native stack is on-CPU. This shows up confusingly as the Ruby stack in\nmany native stacks that aren't actually running the Ruby code;\n- there are no integration tests, this will change soon;\n\nAll the shortcomings above, and then some, will be addressed in\nforthcoming commits.\n\nArchitecture\n============\n\nThe current BPF unwinding architecture as well as the changes that this\ncommit makes can be seen here: https://excalidraw.com/#json=E-W6lSLZ8rTOcri7HZdAl,4AjIUmb-olsQkdbwCqyxqg\n\nTest Plan\n=========\n\nAll current tests pass +\n\nSigned-off-by: Francisco Javier Honduvilla Coto <javierhonduco@gmail.com>","shortMessageHtmlLink":"Add initial Ruby support"}},{"before":"bb5e1b955cfcd4229f5a79e2dc4c6d8c183bcc9b","after":"147cc10d5ed29899724b93655bcc94dd6c6986c0","ref":"refs/heads/add-rbperf-v0","pushedAt":"2023-08-29T09:50:16.000Z","pushType":"force_push","commitsCount":0,"pusher":{"login":"javierhonduco","name":"Javier Honduvilla Coto","path":"/javierhonduco","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/959128?s=80&v=4"},"commit":{"message":"Add initial Ruby support\n\nThis commit adds initial Ruby support by integrating rbperf's unwinder\nand adapting it to this Agent.\n\nThere is more work to do, but in the spirit of keeping this commit a bit\nmore contained, right now:\n- only Ruby 3.0.4 is supported;\n- no focus on efficiency;\n- missing clean-ups (such as clearing the interpreter stack maps);\n- the Ruby stack is fetched even if the Ruby thread is sleeping as long\n  as the native stack is on-CPU. This shows up confusingly as the Ruby stack in\nmany native stacks that aren't actually running the Ruby code;\n- there are no integration tests, this will change soon;\n\nAll the shortcomings above, and then some, will be addressed in\nforthcoming commits.\n\nArchitecture\n============\n\nThe current BPF unwinding architecture as well as the changes that this\ncommit makes can be seen here: https://excalidraw.com/#json=E-W6lSLZ8rTOcri7HZdAl,4AjIUmb-olsQkdbwCqyxqg\n\nTest Plan\n=========\n\nAll current tests pass +\n\nSigned-off-by: Francisco Javier Honduvilla Coto <javierhonduco@gmail.com>","shortMessageHtmlLink":"Add initial Ruby support"}}],"hasNextPage":true,"hasPreviousPage":false,"activityType":"all","actor":null,"timePeriod":"all","sort":"DESC","perPage":30,"cursor":"djE6ks8AAAADfvJNGwA","startCursor":null,"endCursor":null}},"title":"Activity · javierhonduco/parca-agent"}