Debug et correction d'un problème d'OOM avec plein de trucs utiles à voir: messwithdns, sqlite, restic, iptoasn, trie; ...
Amusant :-) Bon c'est évident, mais on a la liste des commandes à utiliser
strace, nethogs, sysdig, eBPF et outils d'analyse de malwares (any.run, cuckoo sandbox cuckoo.cert.ee/ )
To debug a fuzzer (or anything really), I use this magical strace command:
strace -tt -yy -y -f -e trace=open,read,write,pipe,socket,dup2,clone,close -s 10000 -o /tmp/strace.log ./tool
-ttenables microseconds-yyprints additional information about each file descriptor (like, files, sockets, etc.)-ffollows forks (get all info about subprocesses, threads, etc.)-e trace=traces only specific syscalls we are interested in-sincreases the max size of logged strings-owrites everything to/tmp/strace.log
Then, I can look at the log in vim or vscode, both with syntax hightlighting ( in vim, you may need to :set filetype=strace )
As additional weapon, I add -k which can dump a stacktrace at every syscall. Super slow, but super useful.
The Linux kernel always had kernel tracing capabilities such as kprobes (2.6.9), ftrace (2.6.27 and later), perf (2.6.31), or uprobes (3.5), but with BPF it’s finally possible to run kernel-level programs on events and consequently modify the state of the system, without needing to write a kernel module.
logging, décorateurs, traces, configuration via fichier yaml
In these tcpdump examples you will find 22 tactical commands to zero in on the key packets. Know your network with this powerful packet capture tool. Examples for http, icmp, dns, snmp and more.
This story begins, as they so often do, when I noticed that my machine was behaving poorly. My Windows 10 work machine has 24 cores (48 hyper-threads) and they were 50% idle. It has 64 GB of RAM an…