dtrace

I'm writing a tool that calls through to DTrace to trace the program that the user specifies. If my tool uses dtrace -c to run the program as a subprocess of DTrace, not only can I not pass any arguments to the program, but the program runs with all the privileges of DTrace—that is, as root (I'm on Mac OS X). This makes certain things that should work break, and obviously makes a great many things that shouldn't work possible. The other solution I know of is to start the program myself, pause it by sending it SIGSTOP , pass its PID to dtrace -p , then continue it by sending it SIGCONT . The

When I asked for tools to profile Rails apps, someone pointed at DTrace . Since I work on MacOSX stations and deploy on OpenSolaris, it is a valid way to go. But I have little knowledge of DTrace. Besides the usual suspect, Sun DTrace page and the avaliable info there, is there any other killer pointer to learn Dtrace out there? I did a 35 min video and showed some DTrace starter examples that you can find here: http://cocoasamurai.blogspot.com/2008/05/dtrace-for-cocoa-developers.html which were intended for introducing DTrace to Cocoa Developers, but it can work for anybody really philant

简介 jstack用于生成java虚拟机当前时刻的线程快照。线程快照是当前java虚拟机内每一条线程正在执行的方法堆栈的集合，生成线程快照的主要目的是定位线程出现长时间停顿的原因，如线程间死锁、死循环、请求外部资源导致的长时间等待等。 线程出现停顿的时候通过jstack来查看各个线程的调用堆栈，就可以知道没有响应的线程到底在后台做什么事情，或者等待什么资源。 如果java程序崩溃生成core文件，jstack工具可以用来获得core文件的java stack和native stack的信息，从而可以轻松地知道java程序是如何崩溃和在程序何处发生问题。另外，jstack工具还可以附属到正在运行的java程序中，看到当时运行的java程序的java stack和native stack的信息, 如果现在运行的java程序呈现hung的状态，jstack是非常有用的。 一：jstack jstack命令的语法格式： jstack <pid>。可以用jps查看java进程id。这里要注意的是： 1. 不同的 JAVA虚机的线程 DUMP的创建方法和文件格式是不一样的，不同的 JVM版本， dump信息也有差别。 2. 在实际运行中，往往一次 dump的信息，还不足以确认问题。建议产生三次 dump信息，如果每次 dump都指向同一个问题，我们才确定问题的典型性。 二：jstack

This question is asking the same thing, but when I tried: typedef long long ptr_t; objc$target:NSWindow:-setTitle?:entry { printf( "%30s %10s %x %x %x\n", probemod, probefunc, arg0, arg1, arg2 ); this->str = *(ptr_t*)copyin(arg2+2*sizeof(ptr_t), sizeof(ptr_t)); printf("string addr = %p\n", this->str); printf("string val = %s\n", copyinstr(this->str)); } It didn't work. arg2 should be the address of the NSString. I got: NSWindow -setTitle: 100685240 7fff92d82f73 7fff78a6eb80 string addr = 7fff8e7e83b9 string val=Window dtrace: error on enabled probe ID 5 (ID 35737: objc9434:NSWindow:-setTitle:

I need to interpose (get my functions called instead of the original functions) some OS X system calls to overcome a flaw in a piece of closed-source software. Preferably, the resulting solution would work under 10.5 (Leopard) and newer, but I might be able to require 10.6 (Snow Leopard) if the argument were strong enough. Preferably, the resulting solution would be an executable, but I might settle for a script. Preferably, the resulting solution would be able to interpose ("steal the vectors") even after the target application is running, but I could settle for a technology that must inject

osx has the really powerful dtrace/ktrace/dtruss tools - however i'm not willing to invest the time necessary to learn dealing with them right now. what's the easiest way to get the equivalent functionality of linux ltrace (and possibly strace) on OSX? No answer for ltrace (except perhaps "work out how to use dtrace" :-) ), but for system call tracing ala strace, dtruss is a pretty good front end to dtrace. e.g. dtruss df -h # run and examine the "df -h" command dtruss -p 1871 # examine PID 1871 dtruss -n tar # examine all processes called "tar" you don't need to learn dtrace to use it. there

OS X lacks linux's strace , but it has dtrace which is supposed to be so much better. However, I miss the ability to do simple tracing on individual commands. For example, on linux I can write strace -f gcc hello.c to caputre all system calls, which gives me the list of all the filenames needed by the compiler to compile my program (the excellent memoize script is built upon this trick) I want to port memoize on the mac, so I need some kind of strace . What I actually need is the list of files gcc reads and writes into, so what I need is more of a truss . Sure enough can I say dtruss -f gcc