Hardware trace re-construction support in kernel


One Line Summary

Kernel-assisted trace re-construction for JITed code


We begin with a discussion of shortcomings in hardware trace reconstruction in scenarios where runtime compiled code is used. Two examples with Intel PT would be shown – static-key instrumentation (in kernel) and userspace JIT machines (such as uBPF) which either yield incorrect program flow or don’t yield a flow at all when used in conjunction with hardware traces. This is evident in other sites in kernel also when perf is used with intel PT and we try to reconstruct trace offline. To begin fixing this, a possible solution is discussed as a PoC patch to kernel ( https://github.com/tuxology/flowjit ) which would allow copies of JIT’ed pages to be saved and then queried during reconstruction. Feedback on this FlowJIT approach and inspirations from other approaches such as kmmiotrace ( https://www.kernel.org/doc/Documentation/trace/mmiotrace.txt ) or any other technique that comes up in discussion could be very helpful for implementing this feature.


perf, Virtual Machines, hardware tracing, intel processor trace, coresight


  • Suchakra_bw_small

    Suchakra Sharma

    ShiftLeft Inc.


    Suchakra is currently a Scientist at ShiftLeft Inc. He completed his PhD in Computer Engineering from École Polytechnique de Montréal where he worked on eBPF and hardware-assisted tracing techniques for advanced systems performance analysis. He has been involved in research on performance analysis domain for last 4 years and has delivered talks on systems analysis at multiple conferences. In the past, he has been involved in biomedical and automotive electronics as an embedded Linux engineer