cuckoo-osx-analyzer icon indicating copy to clipboard operation
cuckoo-osx-analyzer copied to clipboard

Published 20 hours ago verified publisher icon rodionovd

GUI applications startup is very slow when under apicalls analysis

Open rodionovd opened this issue 9 years ago • 3 comments

There's a ~ 30 seconds delay between starting analysis and the moment when an application starts launching (Dock icon appears, windows open, etc).

rodionovd avatar Jul 09 '15 13:07 rodionovd

From my investigation it seems like the problem lays inside dtrace itself: the main delay is between launching the dtrace process and receiving first results from it.

Not sure what I'm going to do about it ¯\_(ツ)_/¯, just leave as is right now.

rodionovd avatar Jul 10 '15 09:07 rodionovd

I've tried not to install any dtrace probes on sudo (we use it as a launcher for dropping privileges before executing a real target), but so far don't see any improvements: in general, it takes a Cocoa application ~20 seconds to just start launching.

Keep working on it.

rodionovd avatar Jul 16 '15 10:07 rodionovd

As it turns out, the more pid probes we install the slower our target is :-1:

rodionovd avatar Jul 17 '15 09:07 rodionovd