I survey some dynamic tracers (e.g. perf, sysdig) available on Linux.
I document some pain points from recent performance investigations and then speculate that such issues are endemic to the Linux community.
I use off-cpu flame graphs to identify that repeated mmap calls are slowing my database.
In this post, I statically link
We use flame graphs to identify that hgfs is the bottleneck in my build.
During my first week at my new job, I had the opportunity to teach some of my new coworkers about
gdbbreakpoint commands and conditional breakpoints. I had a lot of fun teaching these techniques my friends here and thought others might find the story enjoyable as well.
Breakpoint commands ...
I'm having issues compiling glib2.40.0 (a libtool compiled shared library) on Omnios.
In particular, my shared library has a static initializer that does not get executed by the libtool linked library. I've reduced this to the test case below:
#include <stdio.h> void __attribute__((constructor)) myctor ...
Tonight, I sat down and read through every resume in the 2013 SCS senior resume book. Reading resumes for a company is really interesting, because I find myself looking at them very differently. As a student, I didn't really understand what sections of the resume are important. I thought ...
My coworkers presented a silly programming interview style question to me the other day: given a list of words, find the largest set of words from that list that all have the same hash value. Everyone was playing around with a different language, and someone made the claim that it ...
A brief introduction to Return Oriented Programming (ROP) exploits.
To support some of my other tutorials, I prepared a brief introduction to x86 calling conventions.
I embarked upon a quest to understand some unexpected behavior and write a program that achieved the theoretical maximum memory bandwidth.
I've been working on writing a memory bandwidth benchmark for a while and needed to use a monotonic timer to compute accurate timings. I have since learned that this is more challenging to do that I initially expected and each platform has a different way of doing it.
Some students had some difficulty profiling their code because
omp_get_num_procswas dominating the profiling traces. I tracked it down and found that the profiling tools emitted misleading results when the library didn't have symbols.
A brief introduction to format string exploits.
For PicoCTF this year, I made some slides and recorded some video tutorials.
Earlier this year, tylerni7 showed us a proof of concept for a 32 bit Go exploit using this issue. geohot and I had a wager over who could get the first remote code execution on play.golang.org: he won, but just barely ;-). Props also to ricky for helping to find the underlying cause/writing the patch. Here is a summary of how we did it.
In this article, you will see several performance tools used to identify bottlenecks in a simple program.
Pai Mei is an open source windows reverse engineering framework. At one point, it was ported to Mac OSX but the project is not very actively maintained and the current instructions are quite lacking. This post hopes to offer some guidance and reduce some of the frustration involved in installing ...
I implemented and tested different configurations of a modern parallel memory allocator.
I have spent some time over the past month or so trying to use Go binaries in a secure manner and trying to exploit Go binaries and I thought it would be useful if I talked a little bit about my journey.
In this post, I play around with some make functions and eventually provide a constructive proof that the make syntax is turing complete via reduction to μ-recursion.
First, we have to construct numbers. I used the representation of numbers as unary strings of the character
0: ie, the number 4 ...