Přístupnostní navigace
E-application
Search Search Close
Bachelor's Thesis
Author of thesis: Marek Pazúr
Acad. year: 2025/2026
Supervisor: Ing. Viktor Malík, Ph.D.
Reviewer: Ing. David Kozák, Ph.D.
This thesis presents a set of extensions to bpftrace that utilize the DWARF debugging information format. bpftrace is a Linux tracing tool built on top of the BPF technology and provides a scripting language for writing observability programs. These programs are composed of small handlers called probes that attach to system events. While bpftrace already uses DWARF debugging information for a few user-space features, it does not fully leverage what the format provides, and its handling of debug files distributed in practice is limited. The work addresses both of these gaps and covers the necessary background in BPF, bpftrace, and the DWARF format. The first part of the work enables tracing at the source level, allowing probes to be attached to specific lines in the source code of user-space programs as well as the kernel and its modules. A related extension lists the source locations to which probes can actually be attached for a given function. The second part improves how bpftrace retrieves debugging information from external sources, adding support for custom search paths and for distribution formats not previously handled. The implemented features are covered by tests within the bpftrace test suite and verified through standalone experiments on real applications and kernels.
BPF, bpftrace, debugging information, DWARF, ELF, dynamic instrumentation, Linux, observability, tracing
Date of defence
15.06.2026
Result of the defence
Defended (thesis was successfully defended)
Grading
A
Process of defence
Student nejprve prezentoval výsledky, kterých dosáhl v rámci své práce. Komise se poté seznámila s hodnocením vedoucího a posudkem oponenta práce. Student následně odpověděl na otázky oponenta a na další otázky přítomných. Komise se na základě posudku oponenta, hodnocení vedoucího, přednesené prezentace a odpovědí studenta na položené otázky rozhodla práci hodnotit stupněm A.
Topics for thesis defence
Language of thesis
English
Faculty
Fakulta informačních technologií
Department
Department of Intelligent Systems
Study programme
Information Technology (BIT)
Composition of Committee
doc. RNDr. Milan Češka, Ph.D. (předseda) doc. Ing. Jan Kořenek, Ph.D. (místopředseda) Ing. Zdeněk Materna, Ph.D. (člen) Ing. Miloš Musil, Ph.D. (člen) Ing. Martin Hrubý, Ph.D. (člen)
Supervisor’s reportIng. Viktor Malík, Ph.D.
The thesis proposes and implements several extensions of the bpftrace tool, which improve its capabilities for tracing the Linux kernel and user-space binaries. The high quality of the implementation is supported by the positive feedback and reviews from the bpftrace maintainers and community. Combined with the popularity of bpftrace, the thesis makes a very nice real-world impact, especially for the bachelor level.
With respect to the above and to student's very good approach to the thesis throughout the year, I recommend to accept the thesis with the grade A (excellent).
The goal of the thesis was extension of an existing open-source project bpftrace. Bpftrace is a highly-popular dynamic tracing tool for Linux based on the eBPF technology. It is often the first tool of choice of system administrators and developers for debugging issues on production Linux systems. At the same time, thanks to its simplicity, it often acts as the introductory tool for people trying to get familiar with the eBPF ecosystem. The thesis assignment involved leveraging DWARF debugging information and the related tools, which are notorious for their lack of documentation.
The thesis has proposed several various extensions of bpftrace that leverage DWARF. These bring new features to the tool as well as improve its capabilities in terms of obtaining DWARF information for the traced binaries. All points of the assignment have been met, with a few additional extensions (such as the support for working with kernel DWARF).
Considering the implementation nature of the thesis, the student mostly worked with the DWARF standard document, manual pages, and project documentations. I was quite impressed by his ability to dive deep into these highly technical documents, often ending up with reading source code of the related projects (such as the libdw library) to understand all nuances needed for implementing the proposed solutions.
The student was very active throughout the entire academic year. We regularly met in a bi-weekly manner and he was always able to present new progress on the thesis.
The implementation part was finished well in advance with some of the extensions already reviewed by the bpftrace community and merged into the development branch. The textual part was also finished in a timely manner and I had the opportunity to review and consult most of its contents.
All of the proposed extentions have been or are about to be integrated into the upstream of the bpftrace project via GitHub pull requests (PRs). A part of the PRs has already been integrated as the student has been able to successfully incorporate reviews from the project maintainers. The rest of the PRs have just minor comments pending and are very likely to be merged in a nearby future. All of the proposed features have been very welcome by the community since many of them have been requested for a long time.
Grade proposed by supervisor: A
Reviewer’s reportIng. David Kozák, Ph.D.
The thesis addresses a difficult and practically relevant topic requiring knowledge of BPF, DWARF debugging information, compilers, ELF binaries, and the Linux kernel. The student delivered a well-designed and well-implemented solution, supported it with appropriate tests, and verified it in realistic environments. The written thesis is clear, technically precise, and of very good quality. I evaluate the work as excellent.
Evaluation level: značně obtížné zadání
The assignment was considerably demanding. It required the student to combine knowledge of compilers, debugging information formats, low-level Linux tracing mechanisms, and real-world systems programming. The work was made more challenging by the need to understand and extend an existing production-quality open-source tool, bpftrace.
The thesis is very well written. The text has a clear logical structure, the chapters follow naturally, and the technical narrative is precise and understandable. The author explains complex topics such as DWARF, bpftrace, and Linux tracing mechanisms in a way that is accessible while still technically accurate.
The thesis is well formatted and typographically clean. The language quality is high, and the use of English is appropriate for a technical academic text. Figures, listings, and examples are used effectively to support the explanation.
The implementation is of high quality and targets a real-world open-source project. The proposed extensions are not merely experimental; they are integrated into the existing architecture of bpftrace, covered by tests, and validated on practical scenarios. The fact that part of the work has already been accepted upstream is a strong indicator of the technical level of the solution.
The results are highly usable in practice. The work extends an established tracing tool with source-level DWARF-based functionality and improves its ability to work with debugging information as distributed on real systems. This gives the thesis clear practical value beyond the academic setting.
Evaluation level: zadání splněno a práce obsahuje podstatná rozšíření
The assignment was fully accomplished, and the submitted work goes beyond the minimum requirements. The student implemented several DWARF-based extensions to bpftrace, improved support for practical debug-information distribution formats, and added corresponding tests. Parts of the implementation have already been merged upstream, which further confirms the practical quality of the result.
Evaluation level: je v obvyklém rozmezí
The technical report is within the expected range for a bachelor’s thesis. Its length is appropriate for the complexity of the topic and provides enough space for both the necessary background and the description of the implemented extensions.
The student used relevant and appropriate sources, including official documentation, standards, technical articles, and literature related to BPF, DWARF, ELF, and Linux tracing. The cited sources are well connected to the topic and support both the theoretical and implementation parts of the thesis.
Grade proposed by reviewer: A
Responsibility: Mgr. et Mgr. Hana Odstrčilová