Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Allow running bpftrace with an optional command #253

Closed
mmarchini opened this issue Nov 14, 2018 · 2 comments · Fixed by #297
Closed

Allow running bpftrace with an optional command #253

mmarchini opened this issue Nov 14, 2018 · 2 comments · Fixed by #297
Assignees
@danobi

Comments

@mmarchini
Copy link
Contributor

Running bpftrace with an optional command is useful when tracing an application in development environments and you want to trace only a specific process since it started. We could either receive the pid of the process as an argument (also related to #18), or it could filter the probe as if -p PID was given.

For example: sudo ./bpftrace -e 'kprobe:do_nanosleep { printf("[%d] tick\n", pid); }' -c "sleep 10s".
@danobi
Copy link
Member

danobi commented Dec 10, 2018

There's another use case that someone wants at FB that would be similar to this. We want to exit bpftrace when $PID terminates. I'll assign this to myself but feel free to boot me if you need it done faster.

@danobi danobi self-assigned this Dec 10, 2018
@danobi
Copy link
Member

danobi commented Dec 26, 2018

#294 lays down some supporting changes for this feature

@danobi danobi mentioned this issue Dec 28, 2018
Merged
danobi added a commit to danobi/bpftrace that referenced this issue Dec 28, 2018
@danobi
Add -c CMD option
a3086a8 
This patch adds a command running option to bpftrace. The user can now
run something like:

    ./bpftrace -e '...' -c 'sleep 5'

which is a convenience wrapper around something like:

    sleep 5 & ./bpfrace -e '...' -p `pidof sleep`

`-c` is better because it:
* ensures a tighter tracing range around CMD (ie we trace less of the
system while it is not running CMD)
* makes bpftrace exit (which is convenient) when CMD terminates
    * previously, it was not possible to get a full trace of CMDs
    execution and have bpftrace exit upon CMD termination

Test Plan:
Trivial successful example:
```
$ sudo ./build/src/bpftrace -e 'tracepoint:syscalls:sys_enter_nanosleep
{ printf("%s nanoslept\n", comm); }' -c '/bin/sleep 1'
[sudo] password for dlxu:
chdir(/lib/modules/4.19.8-200.fc28.x86_64/build): No such file or
directory
Attaching 1 probe...
sleep nanoslept
splunkd nanoslept
webrtc_audio_mo nanoslept
gnome-terminal- nanoslept
webrtc_audio_mo nanoslept
gnome-terminal- nanoslept
gnome-terminal- nanoslept
gnome-terminal- nanoslept
gnome-terminal- nanoslept
gnome-terminal- nanoslept
gnome-terminal- nanoslept
gnome-terminal- nanoslept
gnome-terminal- nanoslept
gnome-terminal- nanoslept
gnome-terminal- nanoslept

$
```

Ambigous executable:
```
$ sudo ./build/src/bpftrace -e 'tracepoint:syscalls:sys_enter_nanosleep
{ printf("%s nanoslept\n", comm); }' -c 'sleep 1'
chdir(/lib/modules/4.19.8-200.fc28.x86_64/build): No such file or
directory
Attaching 1 probe...
execve: No such file or directory
Failed to spawn child=sleep 1
splunkd nanoslept

$
```

This closes bpftrace#253
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@danobi danobi

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Add -c CMD option danobi/bpftrace
2 participants
@danobi @mmarchini