Search icon CANCEL
Subscription
0
Cart icon
Your Cart (0 item)
Close icon
You have no products in your basket yet
Arrow left icon
Explore Products
Best Sellers
New Releases
Books
Videos
Audiobooks
Learning Hub
Newsletter Hub
Free Learning
Arrow right icon
timer SALE ENDS IN
0 Days
:
00 Hours
:
00 Minutes
:
00 Seconds

bpftrace, a DTrace like tool for Linux now open source

Save for later
  • 2 min read
  • 09 Oct 2018

article-image

bpftrace is a DTrace like tool for troubleshooting kernel problems. It was created about a year ago by Alastair Robertson and the GitHub repository was made public recently. It has plenty of features to relate it to DTrace 2.0.

bpftrace


bpftrace is an open source high level tracing tool which allows analyzing systems. It is now more competent and built for modern extended Berkeley Packet Filter (eBPF). eBPF is a part of the Linux kernel and is popular in systems engineering.

Robertson recently developed struct support, and applied it to tracepoints. Struct support was also applied to kprobes.

bpftrace uses existing Linux kernel facilities like eBPF, kprobes, uprobes, tracepoints, and perf_events. It also uses bcc libraries. bpftrace uses a lex/yacc parser internally to convert programs into abstract syntax tree (AST). Then llvm intermediate representation actions are done and finally, then BPF is done.

bpftrace-a-dtrace-like-tool-for-linux-now-open-source-img-0

Source: GitHub

Unlock access to the largest independent learning library in Tech for FREE!
Get unlimited access to 7500+ expert-authored eBooks and video courses covering every tech area you can think of.
Renews at AU $24.99/month. Cancel anytime


bpftrace and DTrace


bpftrace is a higher-level front end for custom ad-hoc tracing. It can play a similar role as DTrace. There are some things eBPF can do and DTrace can't, one of them being the ability to save and retrieve stack traces as variables.

Brendan Gregg, one of the contributors of bpftrace states in his blog: “We've been adding bpftrace features as we need them, not just because DTrace had them. I can think of over a dozen things that DTrace can do that bpftrace currently cannot, including custom aggregation printing, shell arguments, translators, sizeof(), speculative tracing, and forced panics.

A one-liner tutorial and reference guide is available on GitHub for learning bpftrace.

For more details and trying bpftrace head on to the GitHub repository and Brendan Gregg’s blog.

NVTOP: An htop like monitoring tool for NVIDIA GPUs on Linux

LLVM 7.0.0 released with improved optimization and new tools for monitoring

Xamarin Test Cloud for API Monitoring [Tutorial]