

Debug your programs like they're closed source - zimbu668
http://jvns.ca/blog/2014/04/20/debug-your-programs-like-theyre-closed-source/

======
cottonseed
I used to work for a (no defunct) company, ARDI, that made a Mac emulator. We
dynamically translated 68K to x86 and did a clean room reimplementation of Mac
OS 9. (Yes, crazy.) Much of the job involved debugging the OS when running 3rd
party software (binaries). The first step was to collect a syscall trace. Then
lots of thought experiments. It was a great way to develop extreme debugging
skills.

~~~
meric
> clean room reimplementation of Mac OS 9

Wow. Was the project successful? Where can we read more about it? Was it a
perfect implementation - all the images in the right places pixel by pixel?

~~~
Someone
[http://en.m.wikipedia.org/wiki/Executor_(software)](http://en.m.wikipedia.org/wiki/Executor_\(software\))

Source is at
[https://github.com/ctm/executor](https://github.com/ctm/executor)

I think the OP is of by two OS versions, but I didn't work at ARDI, so I may
be wrong.

~~~
cottonseed
No, it looks like you're right, I misremembered. I haven't thought about this
in a long time.

Whoa, Cliff open-sourced Executor. I didn't know that.

------
userbinator
Syscall tracing works well for debugging applications or pieces of one that
interact externally, or for ensuring that the OS is doing what you think it
should, but I've found that more often than not the buggy part is "inside";
e.g. if an output file is incorrect, you would be able to see the incorrect
data being written to it via the OS (which would've been clear from inspecting
the file itself), but not what lead to that.

Coincidentally, I prefer to use an Asm-level debugger (WinDbg, OllyDbg)
whenever I need to use one - which for debugging something I wrote, is not
very often. Maybe it has to do with the fact that I started with Asm and
disassembling other programs, so it's relatively straightforward to map
between source code and the instructions the compiler generated. This also
helped with figuring out a very subtle compiler bug - I know that they're
quite rare, but when they do occur, they tend to be _extremely_ difficult to
figure out otherwise.

~~~
Terr_
> WinDbg, OllyDbg

As someone who seldom leaves higher-abstraction languages, I've had some fun
using Cheat Engine against old single-player games. I remember being pretty
proud of the first time I managed to replace a few instructions with a larger
set sitting in a code-cave. (Nothing impressive for those who learned assembly
in a structured way, of course.)

~~~
girvo
Ah, Cheat Engine. I used to use it for multiplayer flash or shockwave games,
as well as a couple other games along the years. Poor Nitto 1320, we killed
that game. Got me into disassembly and hacking at that level, which was a lot
of fun too.

------
basicallydan
Great article, very interesting! I never knew about this :)

For those on OSX, `dtruss` seems to work in more-or-less the same way.

    
    
        sudo dtruss -t open ssh whatever.com
    

More info on stack overflow:
[http://stackoverflow.com/questions/1925978/equivalent-of-
str...](http://stackoverflow.com/questions/1925978/equivalent-of-strace-
feopen-command-on-mac-os-x)

~~~
Someone
On Mac OS X you really want to learn about DTrace.

dtruss is a DTrace script. See
[http://dtrace.org/blogs/brendan/2011/10/10/top-10-dtrace-
scr...](http://dtrace.org/blogs/brendan/2011/10/10/top-10-dtrace-scripts-for-
mac-os-x/) for more useful DTrace scripts.

~~~
alexisnorman
This just changed my life, thanks so much

------
Terr_
For those on Windows, the excellent System Internals suite contains "Process
Monitor", which does pretty much what you'd expect, allowing you to see all
sorts of file (and registry) activity.

~~~
SonOfLilit
SysInternals procmon.exe and procexp.exe are the only things I really miss
when on Linux (either developing or just troubleshooting Firefox being slow
again.)

A few procmon features you probably weren't aware of:

\- It can log your boot process (by loading a driver very early in the boot
process)

\- It stores a lot of details about every line of output, including a stack
trace (!), accessible by doubleclicking

~~~
Gurkenmaster
I miss Search Everything on linux. Nothing beats real-time indexing of the
filesystem without overhead.

~~~
keeperofdakeys
You could setup something almost like it. mlocate is the defacto indexed
filename search for linux, and the update script skips directories that
haven't been updated - so an update call is quite cheap. You could run it
every 15m, and have 'almost' uptodate indexed search.

Most systems should have it setup to run daily out of the box.

~~~
comex
There are also more sophisticated desktop search tools like Recoll, of course.

------
jordigh
Ah, an article on tracing.

I am very impressed by lttng myself:

[http://lttng.org/](http://lttng.org/)

------
akkartik
Everytime I read about strace I feel guilty about not having tried it out.

Another awesome story:
[http://lwn.net/1999/0121/a/mec.html](http://lwn.net/1999/0121/a/mec.html)

------
antoaravinth
Even though I havent followed the above idea ( I will try to do in sometime ),
I have followed this way, which have helped me a lot.

I used to make guess when I debug my day to day problem. Say for example, when
I run selenium, and the browser doesn't open up:

1\. Does the jar is valid? 2\. Safari has selenium plugin? 3\. Have custom
installation rather than default installation location?

Then the smart you make the guess, the smart you can solve the problem.

Its about removing the un-wanted space ( by making smart guess ) and debugging
the right space.

------
Nutomic
I'm curious, is there anything like this for Android and calls to any Java
system functions?

(it should be possible with XPrivacy)

