DTrace is a framework that gives administrators and kernel developers the ability to observe kernel behavior in real time. DTrace has kernel modules called “providers”, which perform a particular instrumentation in the kernel using “probes”.
kinst is a new low-level DTrace provider co-authored by Christos Margiolis and Mark Johnston for the FreeBSD operating system. It allows the user to trace arbitrary instructions and is part of the base system as of FreeBSD 14.0.
kinst probes take the form of `kinst::<function>:<instruction>`, where `<function>` is the kernel function to be traced, and `<instruction>` is the offset to the instruction, relative to the beginning of the function, and can be obtained from the function’s disassembly.
The project’s main goal is to implement inline function tracing (a much-requested DTrace feature) and also port kinst to riscv and arm64. For inline tracing, kinst will make use of the DWARF debugging standard to be able to detect inline calls and create probes for each one of them. In the future, this functionality could be leveraged to address some of the shortcomings of FBT, such as the tail-call optimization problem (chapter 20.4 of the DTrace manual) and the absence of inline tracing capabilities.
Deliverables for the project include:
– Extending kinst to be able to trace inline calls by making use of the DWARF standard with FreeBSD’s dwarf(3).
– Adding a new dtrace(1) flag which dumps the D script after libdtrace has applied syntactic transformations, if any. This is useful for debugging libdtrace itself, as well as the new inline tracing features.
– Porting kinst to riscv and arm64.