Generic Probe Support: Add kprobe Functionality Alongside exiting uprobes#9
Merged
dalehamel merged 1 commit intoshopify-omnibusfrom Nov 10, 2025
Merged
Generic Probe Support: Add kprobe Functionality Alongside exiting uprobes#9dalehamel merged 1 commit intoshopify-omnibusfrom
dalehamel merged 1 commit intoshopify-omnibusfrom
Conversation
dalehamel
approved these changes
Nov 10, 2025
Member
dalehamel
left a comment
dalehamel
left a comment
There was a problem hiding this comment.
One minor nitpick, this looks great overall.
Curious what caused all the mod changes?
It would be good for the upstream PR description to also include a real world example we are using this for, describing the CoW debugging that was the motivation for facilitating this
manuelfelipe
force-pushed
the
kprobe-support
branch
from
60e6403 to
4ae269f
Compare
Rename uprobe-specific code to generic probe terminology and add support for kprobes alongside uprobes. Update probe-ctrl tool to handle both probe types.
manuelfelipe
force-pushed
the
kprobe-support
branch
from
4ae269f to
7e06081
Compare
Member
Author
before https://github.com/Shopify/opentelemetry-ebpf-profiler/pull/9/files#diff-411cc25513d351cd98dba8360c35b0cec01c0271246e3b15c71e3626eb63edc6R14, |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
Refactors probe infrastructure introduced in open-telemetry#651 to support kprobes, kretprobes, uprobes, and uretprobes through a unified interface. Previously only uprobes were supported.
Motivation
We wanted to understand what causes shared memory pages to turn into private memory pages (copy-on-write) in our Ruby workers. Pitchfork workers start with everything shared post-fork but quickly grow private memory as requests come in.
Being able to attach kprobes to kernel functions like
do_wp_pageallows us to capture stack traces when CoW events occur, showing exactly which Ruby code is causing pages to be copied. This data could help us identify memory hotspots and optimization opportunities.Previous uprobe-only support limited profiling to user space functions. Adding kprobe support enables profiling kernel-level events (page faults, syscalls, etc.) alongside regular CPU profiling, giving a complete picture of system behavior.
What Changed
Renamed uprobe-specific code to generic probe terminology:
--uprobe-link→--probe-linkflagUProbeLinks→ProbeLinksconfigTraceOriginUProbe→TraceOriginProbesupport/ebpf/uprobe.ebpf.c→generic_probe.ebpf.cAdded kprobe support:
kprobe__genericeBPF entry pointtracer/probe.goEnhanced probe-ctrl tool:
--listflag to show loaded eBPF programsUsage
Running ^ locally, with traces going to devfiler: