by Julia Evans
Stripe
- twitter: @b0rk
- blog: jvns.ca
Tweet questions to @b0rk
perl | go | c++ | fortran
php | python | java | smalltalk
INTERCAL | BASIC
php | python | java | smalltalk
INTERCAL | BASIC
- look at the source code
- add print statements
- know the programming language
look at the source codeadd print statementsknow the programming language- ★★★ be a wizard★★★
- Wizard school (or, an operating systems primer)
- Chapter 1: The Case of the Mystery Config File
- Chapter 2: The Case of the French Website
- Chapter 3: The Case of the Slow Program
When I go to http://google.com, kernel code runs for:
- Typing in the address
- Handling every network packet
- Writing history files to disk
- Allocating memory
- Communicating with the graphics card
- open a file! (
open) - start a program! (
execve) - change a file's permissions! (
chmod)
- Your OS does tons of stuff
- Programs tell it what to do using system calls
Does bash use `.bash_profile` or `.bashrc`??!??
$ strace google-chrome
execve("/usr/bin/google-chrome", ["google-chrome"], [/* 51 vars */]) = 0
brk(0) = 0x124f000
access("/etc/ld.so.nohwcap", F_OK) = -1 ENOENT (No such file or directory)
strace -e open bash
writefor log filesexecvefor starting programsrecvfromfor receiving data
???
sudo ngrep -d lo 5000
interface: lo (127.0.0.0/255.0.0.0)
match: 5000
####
T 127.0.0.1:45438 -> 127.0.0.1:5000 [AP]
GET / HTTP/1.1..Host: localhost:5000..Connection:
keep-alive..Cache-Control: max-age=0..Accept:
text/html,application/xhtml+xml,application
/xml;q=0.9,image/webp,*/*;q=0.8..User-Agent: Mozilla/5.0 (X11; Linux
x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/41.0.2272.53 Saf
ari/537.36..DNT: 1..Accept-Encoding: gzip, deflate,
sdch..Accept-Language: en-US,en;q=0.8..Cookie:
username-localhost-8888="2|1:0|10:142841
1879|23:username-localhost-8888|48:MjYzMTc2NGMtYTA1MC00YjNkLTkyYTktNGFhY2U3NmUwMjdj|f5f14c08e970bd6c81f8efe3f3a8b98edd85de834e88c250e96fdb7
fab7ee279"....
#######################
T 127.0.0.1:45440 -> 127.0.0.1:5000 [AP]
GET / HTTP/1.1..User-Agent: curl/7.22.0 (x86_64-pc-linux-gnu)
libcurl/7.22.0 OpenSSL/1.0.1 zlib/1.2.3.4 libidn/1.23
librtmp/2.3..Host: localhost:5000..Accept: */*....
##################
Accept-Language: en-US
- ngrep
- tcpdump
- wireshark
- mitmproxy
- CPU time
- too many writes
- waiting for a slow server
$ time python mystery_1.py 0.09user 0.01system 0:02.11elapsed 5%CPU
$ pgrep -f mystery_1
31728
$ sudo cat /proc/31728/stack
[<ffffffff8176d505>] return_to_handler+0x0/0x2b
[<ffffffff8176d505>] return_to_handler+0x0/0x2b
[<ffffffff8176d505>] return_to_handler+0x0/0x2b
[<ffffffff8163c039>] sk_wait_data+0xd9/0xe0
[<ffffffff8176d505>] return_to_handler+0x0/0x2b
[<ffffffff81698bdf>] tcp_recvmsg+0x67f/0xb50
[<ffffffff8176d505>] return_to_handler+0x0/0x2b
[<ffffffff816c172b>] inet_recvmsg+0x6b/0x80
[<ffffffff8176d505>] return_to_handler+0x0/0x2b
[<ffffffff81637895>] sock_recvmsg+0xc5/0xe0
[<ffffffff8176d505>] return_to_handler+0x0/0x2b
[<ffffffff8163799e>] SYSC_recvfrom+0xee/0x170
[<ffffffff8163871e>] SyS_recvfrom+0xe/0x10
[<ffffffff8176d505>] return_to_handler+0x0/0x2b
[<ffffffff8176d66d>] system_call_fastpath+0x1a/0x1f
[<ffffffffffffffff>] 0xffffffffffffffff
@app.route('/')
def slow():
time.sleep(2)
return "Hi!"
app.run()
$ time python mystery_2.py 2.74user 0.00system 0:02.74elapsed 99%CPU
total = 0
for i in xrange(14000000):
total += i
$ time python mystery_3.py 0:02.61elapsed 62%CPU $ time python mystery_3.py 0:10.61elapsed 10%CPU
Hacker School Recurse Center
- Julia Evans
- twitter: @b0rk
- learn more by reading my blog: http://jvns.ca
Come get a strace zine!!!!!