Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

Plus points for using strace. It's one of those debugging tools everyone know about for emergencies that can't be solved at a higher level, and a great convenience of using Linux. The Windows ETW system is much harder to use, and I'm not sure if it's even possible at all under OSX security.


I have solved an incredible number of problems just by looking at strace output very carefully. Strace combined with Wireshark or Tcpdump are incredible as a toolset for capturing what a program is doing and for capturing what the effect is either on the USB or the NIC.


The chrome folks built https://randomascii.wordpress.com/2015/04/14/uiforetw-window... to improve ETW usability.

You usually don't need that full industrial level tracing though on Windows! Process Monitor is 95% of the solution for most people, and provides very similar functionality to strace, if a lot easier to read.


macOS has dtrace which is actually nicer to use. Cannot be used on all processes when SIP is on though.


Last time I tried SIP prevented me from using it on my own processes, but I may have been holding it wrong.


macOS’s Solaris-inspired dtrace is actually nicer, especially the UI.


Is there a guide for how to use this, including the UI, with SIP on?


Instruments is implemented under-the-hood with dtrace, that could be what they are referring to.


Yes. Most things run well with Instruments attached. I’ve only used the dtrace cli a few times.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: