Skip to content

USDT probes #327

New issue
New issue
Closed
Closed
USDT probes#327
Labels
prio:high
@brendangregg

Description

@brendangregg
brendangregg
opened on Jan 29, 2016

User-level statically defined tracing probes have been placed in various applications and runtimes, including Java, Node.js, MySQL, and PostgreSQL. These allow API-stable scripts to be written, that do not depend on tracing raw user-level functions (uprobes).

As an example of hacking in USDT tracing using ftrace, see: http://www.brendangregg.com/blog/2015-07-03/hacking-linux-usdt-ftrace.html . The unpublished script I referred to is: https://gist.github.com/brendangregg/f1b3d09c14088522065b

For a simple example to trace:

1. Create tick-dtrace.d:
provider tick {
        probe loop(int);
}

#pragma D attributes Evolving/Evolving/ISA provider node provider
#pragma D attributes Private/Private/Unknown provider node module
#pragma D attributes Private/Private/Unknown provider node function
#pragma D attributes Private/Private/ISA provider node name
#pragma D attributes Evolving/Evolving/ISA provider node args
2. Then create an object file:
# apt-get install -y systemtap-sdt-dev        # adds "dtrace"
# dtrace -G -s tick-dtrace.d -o tick-dtrace.o
3. Create the target program, tick-main.c:
#include <stdio.h>
#include <unistd.h>
/* from systemtap-sdt */
#include <sys/sdt.h>

int
main(int argc, char *argv[])
{
        int i;

        for (i = 0; i < 5; i++) {
                DTRACE_PROBE1(tick, loop, i);
                printf("hi: %d\n", i);
                sleep(1);
        }

        return (0);
}
4. Compile tick-main:
gcc -c tick-main.c
gcc -o tick tick-main.o tick-dtrace.o
5. Check it has USDT probes:
readelf -n tick

Notes at offset 0x0000021c with length 0x00000020:
  Owner                 Data size       Description
  GNU                  0x00000010       NT_GNU_ABI_TAG (ABI version tag)
    OS: Linux, ABI: 2.6.35

Notes at offset 0x0000023c with length 0x00000024:
  Owner                 Data size       Description
  GNU                  0x00000014       NT_GNU_BUILD_ID (unique build ID bitstring)
    Build ID: 2b94c0e7c684a001a34d685c862b33aa51ff7672

Notes at offset 0x00000a08 with length 0x00000044:
  Owner                 Data size       Description
  stapsdt              0x0000002e       NT_STAPSDT (SystemTap probe descriptors)
    Provider: tick
    Name: loop
    Location: 0x0000000000400558, Base: 0x0000000000400628, Semaphore: 0x0000000000000000
    Arguments: -4@-4(%rbp)

See NT_STAPSDT etc.

This is a basic probe. There is another type, isenabled, which I discussed in the blog post, and requires a semaphore to activate.

Metadata

Metadata

Assignees

No one assigned

    Labels

    prio:high

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions