Welcome to the Matrix - Speaker Deck

Slide 1

Slide 1 text

Benoit Jacquemont @bjacquemont

Slide 2

Slide 2 text

Our nice little program Our nice little program

Slide 3

Slide 3 text

No content

Slide 4

Slide 4 text

No content

Slide 5

Slide 5 text

No content

Slide 6

Slide 6 text

No content

Slide 7

Slide 7 text

No content

Slide 8

Slide 8 text

No content

Slide 9

Slide 9 text

No content

Slide 10

Slide 10 text

No content

Slide 11

Slide 11 text

No content

Slide 12

Slide 12 text

No content

Slide 13

Slide 13 text

No content

Slide 14

Slide 14 text

No content

Slide 15

Slide 15 text

No content

Slide 16

Slide 16 text

Not convinced? Not convinced? echo file_get_contents('/dev/zero');

Slide 17

Slide 17 text

No content

Slide 18

Slide 18 text

No content

Slide 19

Slide 19 text

No content

Slide 20

Slide 20 text

Your programs Your programs never never have have direct access to the "real direct access to the "real world". world".

Slide 21

Slide 21 text

No content

Slide 22

Slide 22 text

No content

Slide 23

Slide 23 text

strace strace The syscalls sni er The syscalls sni er Attaching to an already running process Running directly a program $ strace -p $ strace

Slide 24

Slide 24 text

Stracing "Hello World" Stracing "Hello World" hello_world.php echo "Hello World\n"; $ strace php hello_world.php

Slide 25

Slide 25 text

About le descriptors About le descriptors File handle identi er 0: Standard Input 1: Standard Output 2: Error Output >= 3: Any other le/stream

Slide 26

Slide 26 text

Filtering strace output Filtering strace output Unix style Built-in lters Mix Dump to le for latter analysis $ strace 2>&1 | grep -e "read\|open" | cut ... $ strace -e "read,open" $ strace -e "read,open" 2>&1 | cut ... $ strace -e "read,open" -o strace.out

Slide 27

Slide 27 text

Let's get real! Let's get real!

Slide 28

Slide 28 text

Where are the #!?$ PHP con g les? Where are the #!?$ PHP con g les? $ strace -e open php -i > /dev/null

Slide 29

Slide 29 text

Why my homepage is so slow? Why my homepage is so slow?

Slide 30

Slide 30 text

File descriptors (again) File descriptors (again) list open les(lsof) is your friend! $ lsof -p

Slide 31

Slide 31 text

What my process is doing? What my process is doing?

Slide 32

Slide 32 text

Why this le is not processed? Why this le is not processed?

Slide 33

Slide 33 text

I'm processing a huge le, where my I'm processing a huge le, where my process is at? process is at?

Slide 34

Slide 34 text

Sni ng syscalls gives us a Sni ng syscalls gives us a better better understanding of a understanding of a process behaviour process behaviour

Slide 35

Slide 35 text

No content

Slide 36

Slide 36 text

No content

Slide 37

Slide 37 text

No content

Slide 38

Slide 38 text

ltrace ltrace The library calls sni er The library calls sni er Attaching to an already running process Running directly a process $ ltrace -p $ ltrace

Slide 39

Slide 39 text

My webservice call seems to get My webservice call seems to get strange response... strange response...

Slide 40

Slide 40 text

Does my program uses the right DB Does my program uses the right DB parameters? parameters?

Slide 41

Slide 41 text

strace and ltrace strace and ltrace shortcomings shortcomings performance impact some binaries not "ltraceable" due to a binutils bug in some distribs

Slide 42

Slide 42 text

Tips and Tricks Tips and Tricks dump full trace into a le and lter/analyze later use -s to show longer parts of string use -f to attach to child processes use -c to display a summary of call count and time use -y to display the path associated to the le descriptor use -T to display the time spent on each call

Slide 43

Slide 43 text

What about other OS? What about other OS? FreeBSD: truss MacOS X: dtruss Windows: NtTrace

Slide 44

Slide 44 text

Going further... Going further... perf-trace: strace on steroids gdb: the universal debugger perf: lightweight performance pro ling

Slide 45

Slide 45 text

Take aways about Take aways about strace/ltrace strace/ltrace strace and ltrace give great insights on the program behavior Often allow a rst and fast diagnostic They are complementary tools to your existing toolbox

Slide 46

Slide 46 text

Thank you! Thank you! Questions? Questions? @bjacquemont github.com/BitOne