JPortal: precise and efficient control-flow tracing for JVM programs with Intel processor trace

Hardware tracing modules such as Intel Processor Trace perform continuous control-flow tracing of an end-to-end program execution with an ultra-low overhead. PT has been used in a variety of contexts to support applications such as testing, debugging, and performance diagnosis. However, these hardware modules have so far been used only to trace native programs, which are directly compiled down to machine code. As high-level languages (HLL) such as Java and Go become increasingly popular, there is a pressing need to extend these benefits to the HLL community. This paper presents JPortal, a JVM-based profiling tool that bridges the gap between HLL applications and low-level hardware traces by using a set of algorithms to precisely recover an HLL program’s control flow from PT traces. An evaluation of JPortal with the DaCapo benchmark shows that JPortal achieves an overall 80% accuracy for end-to-end control flow profiling with only a 4-16% runtime overhead.

[1]  J. Larus Whole program paths , 1999, PLDI '99.

[2]  Edith Schonberg,et al.  Finding low-utility data structures , 2010, PLDI '10.

[3]  Matthias Hauswirth,et al.  Evaluating the accuracy of Java profilers , 2010, PLDI '10.

[4]  Guoqing Xu,et al.  Cachetor: detecting cacheable data to remove bloat , 2013, ESEC/FSE 2013.

[5]  Koushik Sen,et al.  Jalangi: a selective record-replay and dynamic analysis framework for JavaScript , 2013, ESEC/FSE 2013.

[6]  Matthew Arnold,et al.  A framework for reducing the cost of instrumented code , 2001, PLDI '01.

[7]  Matthew Arnold,et al.  Go with the flow: profiling copies to find runtime bloat , 2009, PLDI '09.

[8]  Loris D'Antoni,et al.  Control-flow recovery from partial failure reports , 2017, PLDI.

[9]  James R. Larus,et al.  Efficient path profiling , 1996, Proceedings of the 29th Annual IEEE/ACM International Symposium on Microarchitecture. MICRO 29.

[10]  Haibo Chen,et al.  DTrace: fine-grained and efficient data integrity checking with hardware instruction tracing , 2019, Cybersecur..

[11]  Shan Lu,et al.  Production-run software failure diagnosis via hardware performance counters , 2013, ASPLOS '13.

[12]  Benjamin G. Zorn,et al.  BIT: A Tool for Instrumenting Java Bytecodes , 1997, USENIX Symposium on Internet Technologies and Systems.

[13]  James R. Larus,et al.  Optimally profiling and tracing programs , 1992, POPL '92.

[14]  Michel Dagenais,et al.  Hardware-assisted instruction profiling and latency detection , 2016 .

[15]  Fengwei Zhang,et al.  Hardware-Assisted Transparent Tracing and Debugging on ARM , 2019, IEEE Transactions on Information Forensics and Security.

[16]  Harish Patil,et al.  Pin: building customized program analysis tools with dynamic instrumentation , 2005, PLDI '05.

[17]  Amer Diwan,et al.  The DaCapo benchmarks: java benchmarking development and analysis , 2006, OOPSLA '06.

[18]  Xu Zhou,et al.  PTfuzz: Guided Fuzzing With Processor Trace Feedback , 2018, IEEE Access.

[19]  Brad Calder,et al.  Online performance auditing: using hot optimizations without getting burned , 2006, PLDI '06.

[20]  Bradley C. Kuszmaul,et al.  The CSI Framework for Compiler-Inserted Program Instrumentation , 2017, Proc. ACM Meas. Anal. Comput. Syst..

[21]  Shan Lu,et al.  Leveraging the short-term memory of hardware to diagnose production-run software failures , 2014, ASPLOS.

[22]  Walter Binder,et al.  DiSL: a domain-specific language for bytecode instrumentation , 2012, AOSD.

[23]  Stephen N. Freund,et al.  The RoadRunner Dynamic Analysis Framework for Concurrent Programs , 2010, PASTE '10.

[24]  Ben Niu,et al.  REPT: Reverse Debugging of Failures in Deployed Software , 2018, OSDI.

[25]  Ben Niu,et al.  Reverse Debugging of Kernel Failures in Deployed Systems , 2020, USENIX Annual Technical Conference.

[26]  Siau-Cheng Khoo,et al.  Efficient predicated bug signature mining via hierarchical instrumentation , 2014, ISSTA 2014.

[27]  Ali Kassem,et al.  BISM: Bytecode-Level Instrumentation for Software Monitoring , 2020, RV.

[28]  Matthew Arnold,et al.  Jolt: lightweight dynamic analysis and removal of object churn , 2008, OOPSLA.

[29]  Guoqing Xu,et al.  Finding reusable data structures , 2012, OOPSLA '12.

[30]  Yang Wang,et al.  Automatic Self-Validation for Code Coverage Profilers , 2019, 2019 34th IEEE/ACM International Conference on Automated Software Engineering (ASE).

[31]  Baowen Xu,et al.  Hunting for Bugs in Code Coverage Tools via Randomized Differential Testing , 2019, 2019 IEEE/ACM 41st International Conference on Software Engineering (ICSE).

[32]  Lu Fang,et al.  Low-overhead and fully automated statistical debugging with abstraction refinement , 2016, OOPSLA.

[33]  Trent Jaeger,et al.  GRIFFIN: Guarding Control Flows Using Intel Processor Trace , 2017, ASPLOS.

[34]  Sebastian Schinzel,et al.  kAFL: Hardware-Assisted Feedback Fuzzing for OS Kernels , 2017, USENIX Security Symposium.

[35]  Daniel Lehmann,et al.  Wasabi: A Framework for Dynamically Analyzing WebAssembly , 2018, ASPLOS.

[36]  Ben Niu,et al.  Lazy Diagnosis of In-Production Concurrency Bugs , 2017, SOSP.

[37]  Zhendong Su,et al.  Calling-to-reference context translation via constraint-guided CFL-reachability , 2018, PLDI.

[38]  James R. Larus,et al.  Exploiting hardware performance counters with flow and context sensitive profiling , 1997, PLDI '97.

[39]  Bing Mao,et al.  PTrix: Efficient Hardware-Assisted Fuzzing for COTS Binary , 2019, AsiaCCS.

[40]  Yutao Liu,et al.  Transparent and Efficient CFI Enforcement with Intel Processor Trace , 2017, 2017 IEEE International Symposium on High Performance Computer Architecture (HPCA).

[41]  Helmut Veith,et al.  Counterexample-guided abstraction refinement for symbolic model checking , 2003, JACM.