Gitiles
Code Review Sign In
gerrit-public.fairphone.software / platform / external / bcc / 51d62d36bd072530a238ac147a61b631fdc44659^! / . / tools / opensnoop.py
commit51d62d36bd072530a238ac147a61b631fdc44659[log] [tgz]
authorXiaozhou Liu <liuxiaozhou@bytedance.com>Fri Feb 15 13:03:05 2019 +0800
committeryonghong-song <ys114321@gmail.com>Thu Feb 14 21:03:05 2019 -0800
tree6beeb040bb91d95efbbcc4d7feeb4bda438a6221
parent75a1f3d051138dbc00a67d17ddad938c83f13f00 [diff] [blame]
tools: remove redundant Python event data structure definitions (#2204)

Simplify code following #2198 (https://github.com/iovisor/bcc/pull/2198).

Some tools are not touched: mountsnoop.py, trace.py, lib/*.py, old/*.py.
diff --git a/tools/opensnoop.py b/tools/opensnoop.py
index 55db352..4ffedfa 100755
--- a/tools/opensnoop.py
+++ b/tools/opensnoop.py

@@ -19,7 +19,6 @@
 from bcc import ArgString, BPF
 from bcc.utils import printb
 import argparse
-import ctypes as ct
 from datetime import datetime, timedelta
 import os
 
@@ -182,20 +181,6 @@
 b.attach_kprobe(event="do_sys_open", fn_name="trace_entry")
 b.attach_kretprobe(event="do_sys_open", fn_name="trace_return")
 
-TASK_COMM_LEN = 16    # linux/sched.h
-NAME_MAX = 255        # linux/limits.h
-
-class Data(ct.Structure):
-    _fields_ = [
-        ("id", ct.c_ulonglong),
-        ("ts", ct.c_ulonglong),
-        ("uid", ct.c_uint32),
-        ("ret", ct.c_int),
-        ("comm", ct.c_char * TASK_COMM_LEN),
-        ("fname", ct.c_char * NAME_MAX),
-        ("flags", ct.c_int),
-    ]
-
 initial_ts = 0
 
 # header
@@ -211,7 +196,7 @@
 
 # process event
 def print_event(cpu, data, size):
-    event = ct.cast(data, ct.POINTER(Data)).contents
+    event = b["events"].event(data)
     global initial_ts
 
     # split return value into FD and errno columns