Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Welcome to the Matrix

Benoit Jacquemont
March 29, 2018
0
830

Welcome to the Matrix

Better understanding a process behaviour by sniffing its interactions with the kernel and other libraries.

Benoit Jacquemont

March 29, 2018
Tweet

More Decks by Benoit Jacquemont

See All by Benoit Jacquemont
Why 0.1 + 0.2 != 0.3, or the mysterious world of floating-point numbers.
bitone
3
3.4k
PHP OpCode? What's that?
bitone
3
700
HTTP/3
bitone
4
2.7k
PHP 8 and Just In Time Compilation
bitone
1
430
Hunting Down Memory Leaks with php Meminfo
bitone
15
8.6k
The Small World Of PHP Engines
bitone
0
230

Featured

See All Featured
The MySQL Ecosystem @ GitHub 2015
samlambert
243
12k
Product Roadmaps are Hard
iamctodd
44
9.7k
Adopting Sorbet at Scale
ufuk
68
8.6k
We Have a Design System, Now What?
morganepeng
43
6.8k
Refactoring Trust on Your Teams (GOTO; Chicago 2020)
rmw
25
2.3k
The Success of Rails: Ensuring Growth for the Next 100 Years
eileencodes
30
6k
The Straight Up "How To Draw Better" Workshop
denniskardys
227
130k
A Philosophy of Restraint
colly
197
16k
Easily Structure & Communicate Ideas using Wireframe
afnizarnur
187
16k
Sharpening the Axe: The Primacy of Toolmaking
bcantrill
17
1.4k
Writing Fast Ruby
sferik
621
60k
Optimising Largest Contentful Paint
csswizardry
8
2.4k

Transcript

  1. Benoit Jacquemont @bjacquemont

  2. Our nice little program Our nice little program

  3. None
  4. None
  5. None
  6. None
  7. None
  8. None
  9. None
  10. None
  11. None
  12. None
  13. None
  14. None
  15. None

  16. Not convinced? Not convinced? echo file_get_contents('/dev/zero');

  17. None
  18. None
  19. None

  20. Your programs Your programs never never have have direct access

    to the "real direct access to the "real world". world".
  21. None
  22. None

  23. strace strace The syscalls sni er The syscalls sni er

    Attaching to an already running process Running directly a program $ strace -p <process_id> $ strace <my_program>

  24. Stracing "Hello World" Stracing "Hello World" hello_world.php echo "Hello World\n";

    $ strace php hello_world.php

  25. About le descriptors About le descriptors File handle identi er

    0: Standard Input 1: Standard Output 2: Error Output >= 3: Any other le/stream

  26. Filtering strace output Filtering strace output Unix style Built-in lters

    Mix Dump to le for latter analysis $ strace <prog> 2>&1 | grep -e "read\|open" | cut ... $ strace -e "read,open" <prog> $ strace -e "read,open" <prog> 2>&1 | cut ... $ strace -e "read,open" -o strace.out <xxxx>

  27. Let's get real! Let's get real!

  28. Where are the #!?$ PHP con g les? Where are

    the #!?$ PHP con g les? $ strace -e open php -i > /dev/null

  29. Why my homepage is so slow? Why my homepage is

    so slow?

  30. File descriptors (again) File descriptors (again) list open les(lsof) is

    your friend! $ lsof -p <pid>

  31. What my process is doing? What my process is doing?

  32. Why this le is not processed? Why this le is

    not processed?

  33. I'm processing a huge le, where my I'm processing a

    huge le, where my process is at? process is at?

  34. Sni ng syscalls gives us a Sni ng syscalls gives

    us a better better understanding of a understanding of a process behaviour process behaviour
  35. None
  36. None
  37. None

  38. ltrace ltrace The library calls sni er The library calls

    sni er Attaching to an already running process Running directly a process $ ltrace -p <process_id> $ ltrace <my_command>

  39. My webservice call seems to get My webservice call seems

    to get strange response... strange response...

  40. Does my program uses the right DB Does my program

    uses the right DB parameters? parameters?

  41. strace and ltrace strace and ltrace shortcomings shortcomings performance impact

    some binaries not "ltraceable" due to a binutils bug in some distribs

  42. Tips and Tricks Tips and Tricks dump full trace into

    a le and lter/analyze later use -s to show longer parts of string use -f to attach to child processes use -c to display a summary of call count and time use -y to display the path associated to the le descriptor use -T to display the time spent on each call

  43. What about other OS? What about other OS? FreeBSD: truss

    MacOS X: dtruss Windows: NtTrace

  44. Going further... Going further... perf-trace: strace on steroids gdb: the

    universal debugger perf: lightweight performance pro ling

  45. Take aways about Take aways about strace/ltrace strace/ltrace strace and

    ltrace give great insights on the program behavior Often allow a rst and fast diagnostic They are complementary tools to your existing toolbox

  46. Thank you! Thank you! Questions? Questions? @bjacquemont github.com/BitOne