I've been using bpftrace -lv to examine available trace points. But the bpftrace output won't show you the complex types definitions and this tool can do it. Great work!
seneca 368 days ago [-]
Very handy tool! I love eBPF, but playing with it you quickly get into cryptic kernel internals territory. Tools like this are a great way to smooth out the experience. Well done!
tptacek 368 days ago [-]
In fairness that is also one of the awesome things about eBPF. My overall comprehension of the kernel has risen dramatically since I started using it.
ddelnano 367 days ago [-]
Definitely agree. As I've looked into instrumentation/tracing, it has helped me more fearlessly look at the kernel. Ftrace is another tool that's helped me level up as well (https://blog.px.dev/ebpf-probes-and-you/)
tanelpoder 367 days ago [-]
Yeah, ftrace is great and the trace-cmd frontend too. Another swiss-army-knife type of a tool, like perf... and is also available in older kernels.
One thing that I had missed was function call argument tracing, but looks like ftrace will soon have it too (update: it's actually available on modern kernels already, look for CONFIG_HAVE_DYNAMIC_FTRACE_WITH_ARGS kernel config option).
One thing that I had missed was function call argument tracing, but looks like ftrace will soon have it too (update: it's actually available on modern kernels already, look for CONFIG_HAVE_DYNAMIC_FTRACE_WITH_ARGS kernel config option).
https://lwn.net/Articles/1003386/
https://lpc.events/event/11/contributions/1106/attachments/7...