Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Spying Linux processes

Javier Honduvilla Coto
November 24, 2016
Programming
0
77

Spying Linux processes

Javier Honduvilla Coto

November 24, 2016
Tweet

More Decks by Javier Honduvilla Coto

See All by Javier Honduvilla Coto
Debugging – Learning Linux @ Facebook
javierhonduco
0
70
Understanding Ruby with BPF
javierhonduco
1
26
word2vec
javierhonduco
0
57
UC3M university cafeteria redesign
javierhonduco
0
63
Mac OSX UI toolkit and design guidelines
javierhonduco
0
85
Python for Java developers
javierhonduco
0
64

Other Decks in Programming

See All in Programming
GraphQLサーバの構成要素を整理する #ハッカー鮨 #tsukijigraphql / graphql server technology selection
izumin5210
4
830
Prepare for Jakarta EE 11 - Performance and Developer Productivity
ivargrimstad
0
750
GitHub Copilotのススメ
marcy731
1
200
educure_カリキュラム生操作マニュアル.pdf
linew_official
0
760
大規模Reactアプリのリアーキテクチャ~8万行のTanStack Query移行の軌跡~
kj455
4
960
MicrosoftのPlatform Engineeringガイドを読んで実際になにかやってみた
ymd65536
1
320
VSCodeでのDatabricks開発もお勧めしたい/I would also recommend Databricks development with VSCode.
kazumain
0
250
Goのエラースタックトレースの歴史と今後
sonatard
7
1.2k
CA.swift19 恋するAIアプリ開発の裏側
oskmr
0
360
MetricKitで予期せぬ終了を検知する話 / Detect unexpected termination with MetricKit
nekowen
1
180
新宿ダンジョンを可視化してみた
satoshi7190
2
250
Site Reliability Engineering for GMO
pyama86
8
1k

Featured

See All Featured
Code Review Best Practice
trishagee
55
15k
Building Flexible Design Systems
yeseniaperezcruz
319
37k
Distributed Sagas: A Protocol for Coordinating Microservices
caitiem20
322
20k
Become a Pro
speakerdeck
PRO
11
4.5k
Building Effective Engineering Teams - LeadDev
addyosmani
28
1.8k
Facilitating Awesome Meetings
lara
42
5.6k
The Brand Is Dead. Long Live the Brand.
mthomps
49
28k
Git: the NoSQL Database
bkeepers
PRO
422
63k
Making Projects Easy
brettharned
108
5.5k
Agile that works and the tools we love
rasmusluckow
325
20k
Making the Leap to Tech Lead
cromwellryan
124
8.5k
The Illustrated Children's Guide to Kubernetes
chrisshort
31
46k

Transcript

  1. Spying Linux processes @javierhonduco

  2. Before this summer

  3. CODE CODE *printf debugging* CODE

  4. This summer

  5. CODE *printf debugging* *debugging* *wth is wrong… it _should work_!*

    CODE *WAT* *debugging* *moar printf debugging* CODE

  6. *debugging* *WAT* *debugging* *debugging* *debugging* *eats a cookie* *debugging* CODE

  7. ¯\_(ツ)_/¯

  8. The OS ~= API • Network: bind(), listen(), accept(), read()...

    • Files: open(), read(), write()... • Memory allocation: mmap(), malloc(), brk()? • Threads et al: pthreads_

  9. Mmmm, something’s not quite ok!

  10. 1. My process is kindof stuck for no reason! 2.

    The file it should write is empty! 3. Its socket doesn’t get a single byte! 4. I just run out of FDs, but I was only using one 5. {CPU, disk, memory} usage is too high

  11. Let’s peek into!

  12. 1. Stuck process. Let’s strace!

  13. strace -p <pid>

  14. None

  15. 2. It’s writing to another file! Let’s strace again

  16. It opens the wrong file!!! But I set another path

    in the “WHATEVER_LOGGER” ENV variable...

  17. Let’s into /proc/<pid>/environment

  18. Ooops! The ENV var was not set in the appropriate

    place

  19. /proc/<pid>/<*> is pretty rad Exposes kernel data structures in the

    VFS

  20. 3. It doesn’t reach a server ngrep to the rescue!

  21. None
  22. None

  23. 4. I run out of FDs asks coworker :D

  24. “Javier, try with lsof”

  25. lsof -p <pid>

  26. Thousands like this!

  27. It ended up being a bug on a Ruby library

    written in C

  28. 5. CPU DISK RAM

  29. perf (A bit out of the scope of this talk.

    Also, I’m even more newbie on this! )

  30. Graphs!

  31. None

  32. Linux 4.1 and above… BPF Compiler Collection (BCC) Basically low

    overhead kernel tracing!

  33. Flamegraphs, heatmaps, histograms etc etc

  34. valgrind --leak-check=yes \ ./maybe_leaking_program

  35. What have I learnt? • Unix tools are awesome! •

    /proc/<pid>/<*>!! • I write lots of bugs! (but hopefully, got a bit better at debugging) • Things are going to fail in every single way they can (and that could be fun!)

  36. Merci!

  37. Interesting links/ bibliography [1] iovisor: https://github.com/iovisor/bcc/ [2] Julia Evans: http://jvns.ca/

    [3] perf: https://perf.wiki.kernel.org/index.php/Main_Page [4] Brendan Gregg: http://www.brendangregg.com/ [6] BPF syntax http://biot.com/capstats/bpf.html [7] Man pages are useful too! (but I do need examples as well :P)