Support systemwide probe firing, more tracers by adding a USDT probe to libstapsdt for probe firing #32
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
By adding a USDT probe for stapsdt-created probe firings, we can
enable tools and tracers that understand USDT but do not support
tracing in the dynamically-created shared library, allowing them
to catch dynamic probe firings. For example, using libbpf, we could
write a BPF program as follows:
SEC("usdt//usr/lib/libstapsdt.so:stapsdt:probe")
int BPF_USDT(args, const char *provider, const char *probename,
const char *str, int val)
{
__bpf_printk("%s/%s fired\n", provider, probename);
__bpf_printk("got %s, %d args\n", str, val);
return 0;
}
When attached to the stapsdt:probe in /usr/lib/libstapsdt.so
as above, we can trace events system-wide.
For example, with the above BPF program attached - and running
the example.py from python stapsdt, we see:
$ cat /sys/kernel/debug/tracing/trace_pipe
python3-496195 [003] ...11 345760.365976: bpf_trace_printk: pythonapp/firstProbe fired
python3-496195 [003] ...11 345760.365979: bpf_trace_printk: got My little probe, 42 args
And we will see firings across all processes that utilize
libstapsdt.
Is-enabled support is added via a semaphore for the stapsdt
probe - if the semaphore has a value > 0, it is being traced
and all probes should be considered enabled.
Signed-off-by: Alan Maguire <alan.maguire@oracle.com>
...and provide a BPF C example of tracing using it. Signed-off-by: Alan Maguire <alan.maguire@oracle.com>
|
@mmarchini sorry not sure if I should tag specific folks to request review of the above? I'm not seeing a way to edit the PR to add reviewers. |
|
@dalehamel @mmarchini hi folks, wondering if anyone has any suggestions on the above? the wider aim is to make libstapsdt-based probes available to more tracers, and to libbpf-based BPF programs. thanks! |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
By adding a USDT probe for probe firing to libstapsdt itself, we allow all tracers (which do not already know how to get access to the memfd-based dynamic libraries that libstapsdt creates) that have USDT support to trace dynamic probe firings originating from libstapsdt.so. By tracing stapsdt/probe in libstapsdt.so, such tracers can see dynamic probe firings and critically also see them systemwide. The probe is an 8-argument USDT probe; first two args are provider/probe name, remainder are arguments (zeroed out if unset). A consumer looking for a particular probe firing can use the provider/probe names to distinguish it.
Patch 1 adds the support in stapsdt-probe.c. Is-enabled support is via the stapsdt probe semaphore, which manages
reference count for us.
Patch 2 adds to the README describing the probe and how to trace with it.