DTrace is a framework that gives administrators and kernel developers the ability to observe kernel behavior in real time. DTrace has kernel modules called “providers”, which perform a particular instrumentation in the kernel using “probes”. kinst is a new DTrace provider created by Christos Margiolis and Mark Johnston as part of GSOC 2022, that allows for instruction-level tracing, that is, for a given kernel function, a user can trace each instruction in it. The provider is available on FreeBSD 14.0. kinst probes take the form of kinst::<function>:<offset>, where <function> is the kernel function to be traced, and <offset> is the specific instruction. The offsets can be obtained from the function’s disassembly using kgdb(1). For example, the following command will trace vm_fault()’s first instruction each time it executes:
# dtrace -n ‘kinst::vm_fault:0’
The project’s main goal is to implement inline function tracing. In order to achieve this functionality, the DWARF debugging standard will be used to be able to detect inline calls and handle them accordingly. DWARF’s and kinst’s functionality will be leveraged to address some of the shortcomings of FBT, such as the tail-call optimization problem (chapter 20.4 of the DTrace manual) and the absence of inline tracing capabilities.
Develiverables for the project include:
– adding entry and return probes to kinst, similar to FBT needed for inline tracing
– extending kinst to be able to trace inline calls by making use of the DWARF standard with FreeBSD’s dwarf(3)
– adding a “locals” structure which stores the local variables of the traced function. For example, with kinst::foo:<x>, we could print the local variable bar by doing print(locals->bar) inside a D script
– adding a new dtrace(1) flag which dumps the D program after dt_sugar has applied transformations. This is useful for debugging dt_sugar itself.5. Port kinst to riscv and/or arm64.
