KProbes -- I Finally Get It!

Back in April of 2001 GLLUG had a meeting, in the CFC preview cinema, which featured a talk by Richard Moore of IBM. Now the speaker obviously knew his stuff, he was a little dry but obviously passionate and enthusiastic about his material. The topic was a new way of debugging the Linux Kernel; it was called DProbes.

Now while I understood most of the talk, I’m not a kernel guy so bits were over my head, the idea seemed like a good, if quite ambitious one. DProbes would allow kernel developers to pull out what was actually going on when things were executing by creating instrumentation points in the code. Like watch points in a normal debugger. And while the idea was sound it was only really useful to kernel developers. A niche in a niche so to speak.

Over the years since, I’ve been fortunate enough to see Richard present updated versions of the talk as work’s progressed on the software. This year, at the UKUUG Linux con in Swansea, I saw him present what are now called KProbes. And I finally “got it”. Solaris has something called DTrace. It’s a way of pulling out low level details from pretty much anything in the system. Metrics and information that’s never been available in the past can now be pulled out. And Linux can do it as well; just not from as many places.

Now I don’t know whether DTrace has opened my eyes to the potential of KProbes or the KProbes people have seen what DTrace can do and adjusted their presentation but I think KProbes is one of the more important Linux projects happening at the moment. The ability to pull out real data, to such an incredibly fine grained level, is something every admin should want and every developer should be aware of.

It’s weird how a talk I sat through four years ago is now one of the topics I’m most interesting in.