Last active
August 20, 2016 13:19
-
-
Save bcantrill/5dabd838b7f3ce0bfde8a4934a39cc0d to your computer and use it in GitHub Desktop.
Running DTrace on Powershell for Linux (!) running inside an LX-branded Ubuntu 14.04 zone on SmartOS
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
root@1eec2cd3-2cba-e416-e1b6-845b715b736c:~# dtrace -n lx-syscall:::entry'/progenyof($target)/{@[probefunc] = count()}' -c "powershell Get-Process > /dev/null" | |
dtrace: description 'lx-syscall:::entry' matched 676 probes | |
dtrace: pid 60025 has exited | |
arch_prctl 1 | |
exit_group 1 | |
getppid 1 | |
getuid 1 | |
mincore 1 | |
mlock 1 | |
set_tid_address 1 | |
exit 2 | |
getsid 2 | |
mknod 2 | |
setrlimit 2 | |
uname 2 | |
unlink 2 | |
getrusage 3 | |
poll 3 | |
sched_get_priority_max 3 | |
sched_get_priority_min 3 | |
sched_getparam 3 | |
sched_getscheduler 3 | |
sched_setscheduler 3 | |
getcwd 4 | |
madvise 4 | |
getrlimit 5 | |
connect 6 | |
socket 6 | |
readlink 8 | |
pipe 10 | |
ioctl 11 | |
clone 12 | |
set_robust_list 13 | |
rt_sigaction 25 | |
statfs 27 | |
brk 29 | |
access 32 | |
write 42 | |
sched_getaffinity 48 | |
msync 72 | |
dup 77 | |
fcntl 129 | |
sched_yield 151 | |
geteuid 154 | |
openat 203 | |
getdents 204 | |
fstatat64 210 | |
gettid 397 | |
lseek 568 | |
flock 634 | |
close 670 | |
open 700 | |
fstat 790 | |
read 1230 | |
lstat 1465 | |
rt_sigprocmask 2527 | |
futex 3892 | |
munmap 4191 | |
mmap 4387 | |
mprotect 7130 | |
stat 12253 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
root@1eec2cd3-2cba-e416-e1b6-845b715b736c:~# dtrace -n lx-syscall:::entry'/progenyof($target)/{@[probefunc] = count()}' -c "bash -c ps" | |
dtrace: description 'lx-syscall:::entry' matched 676 probes | |
PID TTY TIME CMD | |
61804 pts/7 00:00:00 ps | |
61309 pts/7 00:00:00 bash | |
61248 pts/7 00:00:00 login | |
61802 pts/7 00:00:00 dtrace | |
dtrace: pid 61804 has exited | |
execve 1 | |
exit_group 1 | |
getpeername 1 | |
getpgrp 1 | |
getpid 1 | |
getppid 1 | |
getrlimit 1 | |
openat 1 | |
arch_prctl 2 | |
getdents 2 | |
ioctl 2 | |
lseek 2 | |
readlink 4 | |
rt_sigprocmask 4 | |
uname 4 | |
munmap 5 | |
write 5 | |
getegid 10 | |
getgid 10 | |
getuid 10 | |
geteuid 11 | |
fstat 14 | |
mprotect 15 | |
access 17 | |
brk 18 | |
mmap 31 | |
rt_sigaction 34 | |
stat 62 | |
read 75 | |
close 82 | |
open 95 |
Looks a bit different w.r.t stat() on my triton/lxc using 16.04 - maybe they iterated
https://gist.github.com/danmack/a7570a3822525d70d83f4aa07bb4dbd7
Compare and contrast:
root@d046e5c864f4:/# /native/usr/sbin/dtrace -n lx-syscall::stat:entry'/progenyof($target)/{@[copyinstr(arg0)] = count()}' -c "bash -c ps"
dtrace: description 'lx-syscall::stat:entry' matched 2 probes
PID TTY TIME CMD
27551 ? 00:00:01 dtrace
27553 ? 00:00:00 ps
dtrace: pid 27553 has exited
/ 1
/proc/1 1
/proc/27551 1
/proc/27553 1
/proc/self/task 1
/sbin/bash 1
/sbin/ps 1
/usr/bin/bash 1
/usr/bin/ps 1
/usr/local/bin/bash 1
/usr/local/bin/ps 1
/usr/local/sbin/bash 1
/usr/local/sbin/ps 1
/usr/sbin/bash 1
/usr/sbin/ps 1
/dev/pts/1 2
/dev/zfd/0 2
. 3
/bin/bash 6
/bin/ps 6
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Looking at the
stat
calls in the Powershell invocation shows that it clearly does a lot of work on startup: