Now You See Me Too: Visual Tooling for Advanced System Analysis

Thursday, November 02, 2017 - 2:00 pm2:45 pm

Suchakrapani Sharma, ShiftLeft Inc.


Command line tools ensure lowest friction and entry bar for system analysis. However, visual analysis yields more information in a shorter amount of time. As an example, when an application crashes or an elusive transient bug occurs, understanding of callstack that led to the anomaly is a valuable information. Recording such function call graphs of the application and displaying them on the command line as huge chunks of text has been a common occurrence and a quick resort for such analyses. However, methodical analysis requires better visuals. Modern representations, such as FlameGraphs, FlameCharts, and Sun-bursts in such cases, have shown how effective the same analysis can be, when represented visually. However, there are hundreds of techniques to gather trace/debug data, and understanding of what visual tool to represent which data can be a daunting task. This talk focuses on the various visual tools available for common system analysis and debugging scenarios. We explore some open source tools used in system tracing and the representation formats for such data comping from multiple sources such as LTTng and eBPF. We explore historical origins of such visual representations and see the evolution of research ideas to concrete modern tools. We also discuss how in a few minutes you can easily enhance the same tools and develop new views to visualize a wide range of data—from network capture, Container/VM tracing to even hardware traces coming directly from CPUs—all in the same tool.

Suchakrapani Sharma, ShiftLeft Inc.

Suchakra is currently a Scientist at ShiftLeft Inc. He completed his PhD in Computer Engineering from École Polytechnique de Montréal where he worked on eBPF and hardware-assisted tracing techniques for advanced systems performance analysis. He has been involved in research on performance analysis domain for last 4 years and has delivered talks on systems analysis at Tracing Summit 2015 (LinuxCon, Seattle), TracingSummit 2016 (Embedded LinuxCon, Berlin) and FUDCon 2015 (Pune) where he has demonstrated advanced kernel and userspace tracing tools in a very "friendly manner". He has developed one of the first hardware-trace based VM analysis techniques, and wants to see to it that systems analysis tools are ready for the future. He is also a member of Linux Foundation's IOVisor Project and a contributor to the BPF Compiler Collection. In the past, he has been involved in biomedical and automotive electronics as an embedded Linux engineer. More information about him can be found at :

Open Access Media

USENIX is committed to Open Access to the research presented at our events. Papers and proceedings are freely available to everyone once the event begins. Any video, audio, and/or slides that are posted after the event are also free and open to everyone. Support USENIX and our commitment to Open Access.

@conference {207251,
author = {Suchakrapani Sharma},
title = {Now You See Me Too: Visual Tooling for Advanced System Analysis},
year = {2017},
address = {San Francisco, CA},
publisher = {USENIX Association},
month = oct

Presentation Video 

Presentation Audio