* JIT based dynamic instrumentation in the linux kernel. We need your help!
@ 2006-04-10 4:54 Marek Olszewski
0 siblings, 0 replies; only message in thread
From: Marek Olszewski @ 2006-04-10 4:54 UTC (permalink / raw)
To: linux-kernel
Hello,
For a class project we have built an x86 kernel module which can
dynamically instrument system calls with very fine granularity. It does
so (explained a bit below) in a similar fashion to Valgrind, Pin, and
DynamoRio, except that it runs in the kernel. It's interface is quite
similar to Pin except that the "tools" or plugins (that dictate the kind
of instrumentation) are written as kernel modules. Our goal is to open
source the project after the class for everyone to enjoy.
This is not a probe based instrumentation tool such as kprobes. Our
tool instruments code by copying dynamic basic blocks over to a code
cache while instrumenting them according to the wishes of a user written
plugin. This plugin can look at all the instructions being executed and
decide (the first time they are encountered) whether to instrument them
or not. This allows users to write tools that can instrument branches,
memory references or just about any type of instruction without
specifying the exact instruction locations. Instrumentation is provided
in the form of a function, however, our tool will try to inline for
improved performance. The end result is a simple to use, fast
(hopefully, we haven't gotten around to performance tests)
instrumentation tool to help kernel hackers debug, profile, monitor, and
annotate system calls (instrumenting arbitrary kernel code is future
work). We believe that the size and complexity of the Linux kernel
motivates such a tool.
We are hoping to publish our work in the near future, and to that end,
we are looking for plugin ideas from real kernel hackers. We ourselves
are not kernel hackers (maybe one day) and therefore are not aware of
the needs of the potential users of our tool (please don't flame us for
this, it's only a class project). These ideas should require fine
grained instrumentation making them not suitable for probed based
instrumentation.
To give you a rough idea of what's possible: we are currently working on
a plugin that would find branches with hint prefixes and monitor their
directions at runtime. Hence, for a given workload, the plugin will be
able to check for branches that are incorrectly hinted (possibly with
the likely() macro) and report these back to the user. We are thinking
that a similar plugin that monitors all branches to detect whether a
hint could be profitable might also be useful.
If you think that you might have a nice idea, please let us know. We
will try to write it and include it in our paper. It will also be
available for all to use when we release the tool.
Thank you!
Marek
^ permalink raw reply [flat|nested] only message in thread
only message in thread, other threads:[~2006-04-10 4:56 UTC | newest]
Thread overview: (only message) (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2006-04-10 4:54 JIT based dynamic instrumentation in the linux kernel. We need your help! Marek Olszewski
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).