I can’t believe how powerful DTrace is. Isn’t it remarkable that it can detect and handle every single userland function call (and even every CPU instruction)?
sudo dtrace -ln ’objc$target:::’ -p PID
This will create a probe description on every Objective-C every class, method, and assembly instruction within the Finder application.
In fact, I’m baffled. How in the world does it work?
If a userland process is chugging along, making calls its own statically-linked methods within its own module, then how do the dtrace probes know they should suspend the process and analyze what’s going on? I don’t know how it’s possible for dtrace to fulfill such a requirement without destroying system performance.
Does anyone know how this works? Is there a CPU hardware capability it’s leveraging?