Spying Linux processes

Spying Linux processes

D7d3f3dd5063d56c96151d433c303c1a?s=128

Javier Honduvilla Coto

November 24, 2016
Tweet

Transcript

  1. 5.

    CODE *printf debugging* *debugging* *wth is wrong… it _should work_!*

    CODE *WAT* *debugging* *moar printf debugging* CODE
  2. 8.

    The OS ~= API • Network: bind(), listen(), accept(), read()...

    • Files: open(), read(), write()... • Memory allocation: mmap(), malloc(), brk()? • Threads et al: pthreads_
  3. 10.

    1. My process is kindof stuck for no reason! 2.

    The file it should write is empty! 3. Its socket doesn’t get a single byte! 4. I just run out of FDs, but I was only using one 5. {CPU, disk, memory} usage is too high
  4. 14.
  5. 16.

    It opens the wrong file!!! But I set another path

    in the “WHATEVER_LOGGER” ENV variable...
  6. 21.
  7. 22.
  8. 29.

    perf (A bit out of the scope of this talk.

    Also, I’m even more newbie on this! )
  9. 30.
  10. 31.
  11. 35.

    What have I learnt? • Unix tools are awesome! •

    /proc/<pid>/<*>!! • I write lots of bugs! (but hopefully, got a bit better at debugging) • Things are going to fail in every single way they can (and that could be fun!)
  12. 36.
  13. 37.

    Interesting links/ bibliography [1] iovisor: https://github.com/iovisor/bcc/ [2] Julia Evans: http://jvns.ca/

    [3] perf: https://perf.wiki.kernel.org/index.php/Main_Page [4] Brendan Gregg: http://www.brendangregg.com/ [6] BPF syntax http://biot.com/capstats/bpf.html [7] Man pages are useful too! (but I do need examples as well :P)