Re: [iovisor-dev] How to use USDT probes without having to pass the pid of the traced program?

Just checked python (built from source with --with-dtrace) USDT semaphores: [yhs@localhost bin]$ nm python3 | grep semaphore 008eb52c d python_function__entry_semaphore 008eb52e d python_function__return_semaphore 008eb53c d python_gc__done_semaphore 008eb53a d

Re: [iovisor-dev] How to use USDT probes without having to pass the pid of the traced program?

yep. uprobe is always 'int 3' so far, since kernel needs to take control. we can add something like writing arbitrary value as long as that address is in the file and accessed via inode. If semaphore is in bss then kernel changes would be required. I hope we can try such approach without changing

Re: [iovisor-dev] How to use USDT probes without having to pass the pid of the traced program?

You’re saying that the uprobe installation will replace the semaphore value with something non-zero? Is that guaranteed? If using “int 3” then probably yes but if using an optimized jump? And will it work on non-x86? > On Jan 17, 2018, at 17:05, Alexei Starovoitov

Re: [iovisor-dev] How to use USDT probes without having to pass the pid of the traced program?

I think it should be possible to abuse uprobe kernel logic to flip the semaphore value. Instead of writing into /proc/pid/mem we can uprobe on that exact location. Though it's not text, but data section. It may work ? On Wed, Jan 17, 2018 at 8:57 AM, Sasha Goldshtein via iovisor-dev

Re: [iovisor-dev] How to use USDT probes without having to pass the pid of the traced program?

Not sure I understand your proposal re the kernel setting the semaphore. Anyway, yes, the semaphore concept and implementation goes back to SystemTap SDT which is basically DTrace probes. > On Jan 17, 2018, at 16:55, Kiran T wrote: > > Is this because this is tied to

Re: [iovisor-dev] How to use USDT probes without having to pass the pid of the traced program?

Is this because this is tied to DTRACE abi? Perhaps another elf note or comment could be implemented, so this semaphore is set on binary load itself by the kernel? Again thinking out loud :) Thanks, Kiran On Tue, Jan 16, 2018 at 8:51 PM, Sasha Goldshtein wrote: > Enabling

Re: [iovisor-dev] How to use USDT probes without having to pass the pid of the traced program?

Enabling semaphore-enabled probes system-wide requires poking the semaphore’s memory in each process, I’m afraid. We can come up with some implementation that would hook new process creation and try to enable the semaphore when the relevant library gets loaded, but it sounds a bit fragile. It

Re: [iovisor-dev] How to use USDT probes without having to pass the pid of the traced program?

Please note that some USDT probes have an associated "semaphore", which is really just a memory location that the probed code checks before actually invoking the probe. You cannot enable USDT probes that have a semaphore system-wide, without a process ID, because the semaphore location has to be

Re: [iovisor-dev] How to use USDT probes without having to pass the pid of the traced program?

Kiran, Yes, tracing through USDT without PID should work. You can just remove "-p" parameter and give a try. Please try latest bcc as it fixed a few bugs. Let us know if you hit any issues. Yonghong On Mon, Jan 15, 2018 at 5:11 PM, Kiran T via iovisor-dev

[iovisor-dev] How to use USDT probes without having to pass the pid of the traced program?

Hi All the examples on tracing processes with USDT require the pid of the traced program: https://github.com/iovisor/bcc/tree/master/examples/tracing Can one not request to monitor binaries -- like with uprobes/uretprobes but with USDT? I am trying to trace php scripts running on a webserver,