3

trace is one of the eBPF bcc toolkits.

In this example

Using the trace multi-tool to watch login requests, by instrumenting the pam library:

# trace 'pam:pam_start "%s: %s", arg1, arg2'
TIME     PID    COMM         FUNC             -
17:49:45 5558   sshd         pam_start        sshd: root
17:49:47 5662   sudo         pam_start        sudo: root
17:49:49 5727   login        pam_start        login: bgregg
Many tools have usage messages (-h), and all should have man pages and text files of example output in the bcc project.

Since trace can probe both user-level and kernel-level function activities(shown in the following figure), but tutorials are very limited!!!

enter image description here

Could anyone provide a step-by-step tutorial for hacking user-level program code, like the question in this post?

Goal: I want to probe function minor_collection_begin

pchaigno
  • 11,313
  • 2
  • 29
  • 54
skytree
  • 1,060
  • 2
  • 13
  • 38
  • 1
    Have you read http://blogs.microsoft.co.il/sasha/2016/03/31/probing-the-jvm-with-bpfbcc/ ? Basically the first hit for googling "bpf hotspot" – the8472 Jan 31 '18 at 19:00
  • 1
    @ the8472 Yes, I have. I watched his talk and read his slides. But there are some issues that I cannot solve. First, I use `JDK8` as my bootstrap JDK `build 1.8.0_144-b01` but there is no `$JAVA_HOME/tapset` folder and `.stp` files I also use `JDK9` for development by myself, but there is no .stp file neither. Second, `-XX:+ExtendedDTraceProbes` cannot be added for `JDK9`. I add it as a Java command option but JVM fails and cannot start. – skytree Jan 31 '18 at 19:38
  • @the8472 Also, `-XX:+ExtendedDTraceProbes` doesn't work for `JDK8`. – skytree Jan 31 '18 at 20:50
  • 1
    it depends what you mean by "JDK8" -> dtrace probes work for "openjdk8", but not "oracle jdk8". see https://github.com/iovisor/bcc/issues/866 / https://bugs.openjdk.java.net/browse/JDK-8173263 – ceeaspb Feb 03 '18 at 20:43
  • re. the lack of tapset from Sasha's blog. Are you running the redhat/fedora build of openjdk8? - the clue is he says "On my Fedora 22" - Redhat provides the tapsets so you have to be running on redhat or fedora to get the tapsets with the jdk build. see for example this email where someone asks about jdk9 and tapsets http://mail.openjdk.java.net/pipermail/hotspot-dev/2015-June/018834.html – ceeaspb Feb 03 '18 at 20:47

0 Answers0