strace(1) all the things!

Transcript

1. strace(1) all the things Dan Miller Software Engineer Etsy

2. etsy.com/careers

3. @jazzdan strace(1) all the things What is strace(1)? How to

   see what a program does without the source A quick aside about man(1) pages How does ls(1) work?

4. What is strace?

5. @jazzdan strace(1) is a unix utility for observing system calls

6. How do we see what a program does without reading

   the source?

7. @jazzdan $ls

8. @jazzdan $strace ls

9. None

10. @jazzdan strace ls • execve(2) • open(2) • close(2) •

    getdents(2) • write(2)

11. A quick aside on Unix man pages

12. @jazzdan $man man

13. None
14. None
15. None

16. How does ls work?

17. execve("/bin/ls", ["ls"], [/* 23 vars */]) = 0

18. None

19. execve() executes the program pointed to by filename. filename must

    be either a binary executable, or a script starting with a line of the form: ! #! interpreter [optional-arg]

20. int execve(const char *filename, char *const argv[], char *const envp[]);

21. open( “/lib/x86_64-linux-gnu/libc.so.6", O_RDONLY|O_CLOEXEC ) = 3

22. None

23. Given a pathname for a file, open() returns a file

    descriptor, a small, nonnegative integer for use in subsequent system calls (read(2), write(2), lseek(2), fcntl(2), etc.).

24. int open(const char *pathname, int flags)

25. open( “/lib/x86_64-linux-gnu/libc.so.6", O_RDONLY|O_CLOEXEC ) = 3

26. @jazzdan Wait… what is libc?

27. @jazzdan $man libc

28. None

29. open( “.", O_RDONLY|O_NONBLOCK|O_DIRECTORY|O_CLOEXEC ) = 3

30. getdents( 3, /* 4 entries */, 32768 ) = 712

31. None

32. int getdents(unsigned int fd, struct linux_dirent *dirp, unsigned int count);

33. getdents( 3, /* 23 entries */, 32768 )= 712

34. open( “.", O_RDONLY|O_NONBLOCK|O_DIRECTORY|O_CLOEXEC ) = 3

35. close(3)

36. None

37. int close(int fd);

38. close(3)

39. write( 1, “hello_world\n", hello_world ) = 23

40. None

41. exit_group(0) = ?

42. None

43. This system call is equivalent to exit(2) except that it

    terminates not only the calling thread, but all threads in the calling process's thread group.

44. void exit_group(int status);

45. @jazzdan When is strace(1) useful? • Anything involving files or

    sockets • Path issues • See what is being sent over a network interface

46. @jazzdan When is strace(1) not useful? • In production (performance

    is terrible) • When no syscalls are being executed

47. One Cool Trick for Performance Analysis (perf folks hate ‘em)

48. @jazzdan $strace -c ls

49. None

50. Questions?