Hi,
> Is there anything I need to do to enable these kernel tests?
To enable all kernel tracing tests, you need to pass -DRUN_SUDO_TESTS=ON to cmake during build. Also, note that because kernel tracing tests require PT hardware support, they are not run on our Github Action workflows yet, and can be run only locally on a system that provides the required support.
> From the view output, it looks like we expect to see only ifetch records from the kernel presently. Is this correct?
That's correct. We have an in-progress design to "synthesize" memory addresses, in a way that preserves usefulness of the memory access pattern, but that is not available yet.
> I also noticed that there are multiple sysrets per syscall. Possibly there is some other user code that's making these syscalls - some other process or DR itself?
We are aware of some "noise" instructions in each system call's trace. Some of these are from the ioctl call that DR makes to resume/pause PT tracing, write calls that DR may make to output logs, or from other code that the kernel happened to execute during the system call (perhaps unrelated execution like handling of interrupts). We also have a noise filter in-progress that identifies and removes such unrelated and non-app execution from the trace.
Since kernel tracing in general is still experimental, we are using the parent issue i#5505 for tracking work on these additional features/bugs and haven't filed separate issues in the Github tracker.
Abhinav