Disqus - Latest Comments for ice799

Re: an obscure kernel feature to get more info about dying processes

Joe Damato (ice799) — Mon, 20 Sep 2010 14:12:55 -0000

yep, in the article i mentioned that it is documented and show the path to the documentation about it.

just because it is documented doesn't mean that people actually _know_ about it. everyone i spoke with after finding this were surprised that it existed and had never heard of it before.

thanks for reading.

Re: A Few Things You Didn’t Know about Signals in Linux Part 1

Joe Damato (ice799) — Thu, 16 Sep 2010 02:39:59 -0000

Thanks for reading. No part 2 has not been written yet, sorry.

Re: GCC optimization flag makes your 64bit binary fatter and slower

Joe Damato (ice799) — Tue, 20 Jul 2010 22:31:26 -0000

i did pin the process to one cpu by calling sched_setaffinity(2) (which is what taskset does). see my testing harness codez.

i cant use isolcpus (nor could i pin init to cpu 0, and have everything then be pinned to cpu 0) because i can't reboot that box. i am 'borrowing' a system that has other shit running on it and none of those things can be turned off or stopped for me to do a reboot.

as i said above, the testing environment was non-ideal but its all i got. i tried to compensate for this by taking a lot of samples.

Re: Extending ltrace to make your Ruby/Python/Perl/PHP apps faster

Joe Damato (ice799) — Fri, 16 Jul 2010 22:50:36 -0000

never heard back from the maintainer. he might be dead. no idea. all my codes are on github, though and you can clone and build ltrace from there. i pinged the maintainer again after i saw your comment and havent heard anything.

Re: Binary format show down: some differences between ELF and Mach-O

Joe Damato (ice799) — Tue, 25 May 2010 20:34:18 -0000

wireshark output is proof that the post went back over cleartext.

Re: Binary format show down: some differences between ELF and Mach-O

Joe Damato (ice799) — Tue, 25 May 2010 16:02:49 -0000

Word. repeat password was pre-filled. that is a bug. fixing it now, thanks.

it's sent over http but encrypted on the client before being sent.

Re: Binary format show down: some differences between ELF and Mach-O

Joe Damato (ice799) — Tue, 25 May 2010 15:51:34 -0000

Troll? I'm just saying, using SSL is pretty easy. Why not use SSL and not worry about it?

Re: Descent into Darkness: Understanding your system’s binary interface is the only way out

Joe Damato (ice799) — Fri, 02 Apr 2010 01:34:20 -0000

Don't know what exactly I'd write a white paper on. Suggestions? Thanks for reading!

Re: Descent into Darkness: Understanding your system’s binary interface is the only way out

Joe Damato (ice799) — Fri, 02 Apr 2010 01:33:44 -0000

thanks for reading.

Re: Descent into Darkness: Understanding your system’s binary interface is the only way out

Joe Damato (ice799) — Fri, 02 Apr 2010 01:33:28 -0000

glad you enjoyed and thanks for coming out to MWRC

Re: Garbage Collection Slides from LA Ruby Conference

Joe Damato (ice799) — Fri, 05 Mar 2010 20:26:29 -0000

Yes, that is definitely a typo. Good catch.

Re: Garbage Collection Slides from LA Ruby Conference

Joe Damato (ice799) — Mon, 22 Feb 2010 17:59:22 -0000

the slides about the GC implementation are relevant for 1.8 AND 1.9. the types may have changed slightly in 1.9, but the GC implementation is the same.

memprof and gdb.rb and bleak_house are all tools for 1.8, but memprof will support 1.9 soon.

thanks for reading!

Re: Rewrite your Ruby VM at runtime to hot patch useful features

Joe Damato (ice799) — Fri, 11 Dec 2009 16:13:37 -0000

Glad you liked this post.

1.) This technique allows you to examine and modify internal state in the Ruby VM itself. LD_PRELOAD lets you hook methods that the application would need to resolve (via the PLT). This technique can also be expanded to hook inline functions (as seen in the next post in this series). LD_PRELOAD can't do that, either. LD_PRELOAD is very useful, but doesn't afford the flexibility of this method.

2.) Yes and also inline.

3.) Sounds cool, but don't know if I'd have the time to do it.

4.) The trampoline can be generated at runtime. The next post in this series shows an example of how I generated a trampoline at runtime based on the instructions I was overwriting.

Hope that answers some questions and thanks for reading my blog!

Re: Rewrite your Ruby VM at runtime to hot patch useful features

Joe Damato (ice799) — Mon, 23 Nov 2009 21:41:55 -0000

As long as I can mark it PROT_WRITE, write the code and then mark it PROT_EXEC (and disable PROT_WRITE, of course) it'll work. I don't use SELinux, though so I have no way of testing it.

Either way, nothing in the article was designed to be portable or to work on anything other than an amd64 vanilla linux box.

Thanks for reading.

Re: Defeating the Matasano C++ Challenge with ASLR enabled

Joe Damato (ice799) — Mon, 23 Nov 2009 18:56:11 -0000

You are correct. o[2] takes up space outside of the allocated range (and is "laying on top" of the imetad). Don't forget to include glibc malloc metadata overhead in your calculations, too :)

Re: Rewrite your Ruby VM at runtime to hot patch useful features

Joe Damato (ice799) — Mon, 23 Nov 2009 18:49:26 -0000

I'm glad you enjoyed the ugly hack. Thanks for reading!

Re: Defeating the Matasano C++ Challenge with ASLR enabled

Joe Damato (ice799) — Sun, 18 Oct 2009 15:54:16 -0000

http://www.deanlee.cn/wordp... is the plugin I use. I hacked up the CSS a bit to get the color scheme you see above. Thanks for reading!

Re: Defeating the Matasano C++ Challenge with ASLR enabled

Joe Damato (ice799) — Fri, 16 Oct 2009 20:50:05 -0000

Nope. The programmer should have used a sane check before calling new. That would have prevented this bug from happening. Thanks for reading.

Re: Defeating the Matasano C++ Challenge with ASLR enabled

Joe Damato (ice799) — Fri, 16 Oct 2009 20:46:40 -0000

Let me know if there are any parts I can expand on to help make the explanation more clear. Thanks for reading!

Re: Defeating the Matasano C++ Challenge with ASLR enabled

Joe Damato (ice799) — Fri, 16 Oct 2009 20:45:46 -0000

Thanks for reading!

Re: Extending ltrace to make your Ruby/Python/Perl/PHP apps faster

Joe Damato (ice799) — Mon, 12 Oct 2009 12:25:20 -0000

Not as pretty and also *completely* different.

Try to trace garbage_collect, rb_thread_save_context, and rb_thread_schedule using strace. You can't. Being able to trace these functions is really useful when diagnosing performance problems.

Re: Extending ltrace to make your Ruby/Python/Perl/PHP apps faster

Joe Damato (ice799) — Sun, 11 Oct 2009 01:09:53 -0000

If you modify strace sure, but you'd have to do some pretty serious modification.

Re: Ruby Hoedown Slides

Joe Damato (ice799) — Fri, 09 Oct 2009 17:08:48 -0000

OK, I updated the post with a link to a PDF version. (http://dl.getdropbox.com/u/....

But first, please chill the fuck out.

Re: Ruby Hoedown Slides

Joe Damato (ice799) — Fri, 09 Oct 2009 17:04:17 -0000

OK, I put a copy of the PDF on dropbox and put the link above. (http://dl.getdropbox.com/u/...

Re: Extending ltrace to make your Ruby/Python/Perl/PHP apps faster

Joe Damato (ice799) — Thu, 08 Oct 2009 14:06:51 -0000

Thanks for reading!