Hardware‐assisted instruction profiling and latency detection

“…17 In our previous work, we observed Intel PT's low overhead as 2% to 3% for common workloads, as compared with other software-only program-flow trace approaches, which had an overhead of up to 63.5%. 17 Thalheim et al 18 used Intel PT for improving security and dependability in software by presenting a data parallel provenance algorithm. Analysis of virtual machines using host-only Intel PT hardware traces has also been explored recently.…”

“…Intel PT generates this information in an encoded form, as multiple hardware packets such as taken‐not‐taken (TNT), target IP (TIP), and timestamp counter, which are then decoded postexecution to generate the program flow . In our previous work, we observed Intel PT's low overhead as 2% to 3% for common workloads, as compared with other software‐only program‐flow trace approaches, which had an overhead of up to 63.5% . Thalheim et al used Intel PT for improving security and dependability in software by presenting a data parallel provenance algorithm.…”

“…Intel PT, however, records 1 bit per conditional branch, and the complete IP for indirect branches, thus reducing the trace bandwidth further. Intel PT generates this information in an encoded form, as multiple hardware packets such as taken‐not‐taken (TNT), target IP (TIP), and timestamp counter, which are then decoded postexecution to generate the program flow . In our previous work, we observed Intel PT's low overhead as 2% to 3% for common workloads, as compared with other software‐only program‐flow trace approaches, which had an overhead of up to 63.5% .…”

“…Modern hardware tracing techniques, however, allow F ( P ) to be reconstructed postexecution, thus generating true execution profiles at very low overhead. We have discussed this in detail in our previous work . Therefore, for each branch encountered in CS p and CS r , the processor generates encoded trace packets representing the decision on a branch taken or not taken, along with the IP, if required.…”

Hardware trace reconstruction of runtime compiled code

“…17 In our previous work, we observed Intel PT's low overhead as 2% to 3% for common workloads, as compared with other software-only program-flow trace approaches, which had an overhead of up to 63.5%. 17 Thalheim et al 18 used Intel PT for improving security and dependability in software by presenting a data parallel provenance algorithm. Analysis of virtual machines using host-only Intel PT hardware traces has also been explored recently.…”

“…Intel PT generates this information in an encoded form, as multiple hardware packets such as taken‐not‐taken (TNT), target IP (TIP), and timestamp counter, which are then decoded postexecution to generate the program flow . In our previous work, we observed Intel PT's low overhead as 2% to 3% for common workloads, as compared with other software‐only program‐flow trace approaches, which had an overhead of up to 63.5% . Thalheim et al used Intel PT for improving security and dependability in software by presenting a data parallel provenance algorithm.…”

“…Intel PT, however, records 1 bit per conditional branch, and the complete IP for indirect branches, thus reducing the trace bandwidth further. Intel PT generates this information in an encoded form, as multiple hardware packets such as taken‐not‐taken (TNT), target IP (TIP), and timestamp counter, which are then decoded postexecution to generate the program flow . In our previous work, we observed Intel PT's low overhead as 2% to 3% for common workloads, as compared with other software‐only program‐flow trace approaches, which had an overhead of up to 63.5% .…”

“…Modern hardware tracing techniques, however, allow F ( P ) to be reconstructed postexecution, thus generating true execution profiles at very low overhead. We have discussed this in detail in our previous work . Therefore, for each branch encountered in CS p and CS r , the processor generates encoded trace packets representing the decision on a branch taken or not taken, along with the IP, if required.…”

Hardware trace reconstruction of runtime compiled code

“…Dedicated hardware blocks in the Intel architecture, such as Last Branch Record, Branch Trace Store [15], and more recently Intel Processor Trace (PT) follow this approach. A detailed study of hardwareassisted tracing and profiling with Intel PT has been recently presented in [12].…”

Low Overhead Hardware-Assisted Virtual Machine Analysis and Profiling

Accurate and Robust Malware Detection: Running XGBoost on Runtime Data From Performance Counters