[Question] Breakpoints using perf hardware breakpoints

Question

[Question] Breakpoints using perf hardware breakpoints

Closed this issue 3 years ago · 4 comments

Thanks for this interesting project especially its amazingly written accompanying blog post on the janestreet tech blog!

I was intrigued by the following line in the post:

It turns out that perf_event_open can use hardware breakpoints and notify you when a memory address is executed or accessed

Very cool! So I understand that (1) You get notified (probably via a fd) that a hardware breakpoint has been reached (2) You enable intel processor trace for that thread (3) You resume the thread paused on the hardware breakpoint

My question is how do you do (3) ? How do you resume the thread? Do you sent it a SIGCONT or something like that?

sidkshatriya commented 3 years ago

Thanks!

Answer 1 · 2022-02-07T13:46:09.000Z

Magic trace uses hardware breakpoints to take snapshots, that is, to read trace events that were recorded by IPT. So, first, the tracer process enables Intel Processor Trace (IPT) on the tracee and sets a hardware breakpoint. When a hardware breakpoint is hit, the tracer gets notified (via fd) and the tracer can read from fd, asynchronously, while the tracee keeps running.

Answer 2 · 2022-02-08T07:53:32.000Z

Thanks for your reply. So the purpose of the hardware breakpoint is to simply notify the tracer it must now read from the perf ring buffer that is storing IPT data?

Answer 3 · 2022-02-08T08:39:02.000Z

Thanks for your reply. So the purpose of the hardware breakpoint is to simply notify the tracer it must now read from the perf ring buffer that is storing IPT data?

yes.