Comment by pjc50

Comment by pjc50 2 days ago

Plus points for using strace. It's one of those debugging tools everyone know about for emergencies that can't be solved at a higher level, and a great convenience of using Linux. The Windows ETW system is much harder to use, and I'm not sure if it's even possible at all under OSX security.

throwway120385 2 days ago

I have solved an incredible number of problems just by looking at strace output very carefully. Strace combined with Wireshark or Tcpdump are incredible as a toolset for capturing what a program is doing and for capturing what the effect is either on the USB or the NIC.

Reply View 0 replies

frizlab 2 days ago

macOS has dtrace which is actually nicer to use. Cannot be used on all processes when SIP is on though.

Reply View 1 reply

pjc50 2 days ago

Last time I tried SIP prevented me from using it on my own processes, but I may have been holding it wrong.

Reply View | 0 replies

dontlaugh 2 days ago

macOS’s Solaris-inspired dtrace is actually nicer, especially the UI.

Reply View 3 replies

pjc50 2 days ago

Is there a guide for how to use this, including the UI, with SIP on?

Reply View | 2 replies
- jntun 2 days ago
  
  Instruments is implemented under-the-hood with dtrace, that could be what they are referring to.
  
  Reply View | 1 reply
  
  dontlaugh 2 days ago
  
  Yes. Most things run well with Instruments attached. I’ve only used the dtrace cli a few times.
  
  Reply View | 0 replies

mrguyorama 2 days ago

The chrome folks built https://randomascii.wordpress.com/2015/04/14/uiforetw-window... to improve ETW usability.

You usually don't need that full industrial level tracing though on Windows! Process Monitor is 95% of the solution for most people, and provides very similar functionality to strace, if a lot easier to read.

Reply View 0 replies