UNPKG

ctrace

Version:

well-formatted and improved trace system calls and signals (when the debugger does not help)

github.com/automation-stack/ctrace

automation-stack/ctrace

86 lines (60 loc) 3.24 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
# ctrace Well-formatted and improved trace system calls and signals (when the debugger does not help). <img src="http://g.recordit.co/AKdHxKdzqy.gif" width="45%"/> <img src="http://g.recordit.co/66Xzz2TGHS.gif" width="45%"/> ## Why? Awesome tools ```strace``` and ```dtruss``` have only one drawback: too much information which is hard to understand without additional sources of information and various configuration options. ```ctrace``` resolves it. ```ctrace``` are indispensable in the following cases - Debugging complex performance issues or not identified unhandled errors and exceptions in own code or someone else's code - Learning OS kernel ## Let's try it! What do you think how difficult it is to display a hint for using CLI utility, let us say NPM? ``` > ctrace -c "npm --help" ``` What we see?! What NPM does to simply display help? - over 6800 system calls elapsed over 650 msec! - 7 child processes :open_mouth: - aims to open over 400 files **Сlearly there is something to improve!** :muscle: <img width="70%" src="data/npm.png" /> ## Features - Supported platforms: OSx (dtruss), Linux (strace) - Trace command or attach to process (with forks following) - Syscall details in output (number, description, synonyms, is it platform specific syscall) <br> ``` pread (preadv), 534 -- read or write data into multiple ``` - Resolving errno in syscall result <br> ```Err#22 -> EINVAL : Invalid argument``` (only OSx) - Prints by default only syscall with errors, with ```-v``` prints all output - Filter output with syscall list ``` -f "lstat,open" ``` ## Installation ```sh $> npm install -g ctrace ``` ``` $> ctrace --help Usage: ctrace [options] ctrace - well-formatted and improved trace system calls and signals Options: -h, --help output usage information -V, --version output the version number -p, --pid [pid] process id to trace -c, --cmd [cmd] command to trace -f, --filter [syscall,] trace syscall only from list -v, --verbose print all syscalls (by default only with errors) Examples: $ ctrace -p 2312 -v $ ctrace -c "ping google.com" ``` ## Troubleshooting ### OSx : Dtrace cannot control executables signed with restricted entitlements As you may know Apple released their new OS X revision 10.11 this year with a great security feature built-in: System Integrity Protection. In a nutshell, this mechanism protects any system data and important filesystem components (like /System or /usr) from being modified by user; even if they are root. SIP also disables any use of code-injection and debugging techniques for third-party software, so some of your favorite hacks may not work anymore. ... #### Completely disable SIP Although not recommended by Apple, you can entirely disable System Integrity Protection on you Mac. Here's how: Boot your Mac into Recovery Mode: reboot it and hold cmd+R until a progress bar appears. Choose the language and go to Utilities menu. Choose Terminal there. Enter this command to disable System Integrity Protection: ``` $> csrutil disable ``` It will ask you to reboot — do so and you're free from SIP! http://internals.exposed/blog/dtrace-vs-sip.html#fnref1