Skip to content
This repository has been archived by the owner on Mar 22, 2023. It is now read-only.
/ vltrace Public archive

Tool tracing syscalls in a fast way using eBPF linux kernel feature

License

Notifications You must be signed in to change notification settings

pmem/vltrace

Repository files navigation

vltrace: syscall tracer using eBPF

Build Status Coverity Scan Build Status

⚠️ Discontinuation of the project

The vltrace project will no longer be maintained by Intel.

  • Intel has ceased development and contributions including, but not limited to, maintenance, bug fixes, new releases, or updates, to this project.
  • Intel no longer accepts patches to this project.
  • If you have an ongoing need to use this project, are interested in independently developing it, or would like to maintain patches for the open source software community, please create your own fork of this project.
  • You will find more information here.

Introduction

This is the top-level README.md of vltrace.

vltrace is a syscall tracing tool which utilizes eBPF - an efficient tracing feature of the Linux kernel.

LICENSE

Please see the file LICENSE for information on how this tool is licensed.

DEPENDENCIES

The vltrace depends on libbcc library. The installation guide of libbcc can be found here.

SYSTEM REQUIREMENTS

  • kernel v4.7 or later (to attach eBPF to tracepoints)
  • kernel headers installed:
    • 'kernel-devel' package on RHEL, Fedora and CentOS or
    • 'linux-headers' package on Debian and Ubuntu
  • libbcc v0.4.0
  • CAP_SYS_ADMIN capability (required by the bpf() syscall)
  • mounted debugfs and tracefs

CONTACTS

If you read the blog post and still have some questions (especially about discontinuation of the project), please contact us using the dedicated e-mail: [email protected].