In addition to Weibo, there is also WeChat
Please pay attention
WeChat public account
Shulou
2025-01-28 Update From: SLTechnology News&Howtos shulou NAV: SLTechnology News&Howtos > Servers >
Share
Shulou(Shulou.com)06/02 Report--
Strace is a very simple tool for tracking system calls (system call) of executable programs. The easiest to use is to track the entire life cycle of a viable program, outputting the name, parameters, and return value of each system call.
But it can do a lot more:
It can be filtered based on system calls or system call groups
It can describe the use of system calls by calculating the number of system calls, the time spent, and the number of successes and failures.
It can track the signal sent to the process (signal)
It can be added to any running process through the process id (pid) number.
How to use
This is only a brief description of how to use strace, and I'm not going to analyze it in depth.
Find out which configuration file is read when a program starts
Sometimes, you find that no matter how you modify the configuration file, the application doesn't run the way you want it to. What's the reason? A simple but easy-to-ignore consideration is, does the application start up to read the configuration file you think you want to read? Look at the following example:
$strace php 2 > & 1 | grep php.ini open ("/ usr/local/bin/php.ini", O_RDONLY) =-1 ENOENT (No such file or directory) open ("/ usr/local/lib/php.ini", O_RDONLY) = 4 lstat64 ("/ usr/local/lib/php.ini", {st_mode=S_IFLNK | 0777, st_size=27,...}) = 0 readlink ("/ usr/local/lib/php.ini", "/ usr/local/Zend/etc/php.ini") 4096) = 27 lstat64 ("/ usr/local/Zend/etc/php.ini", {st_mode=S_IFREG | 0664 camera 40971,...}) = 0
The above php program will first read the php.ini file from / usr/local/bin/, maybe not from / usr/local/lib/ first.
There will be a lot of output above, and we can even specify that only the system calls we care about can be tracked through parameters, like this:
$strace-e open php 2 > & 1 | grep php.ini open ("/ usr/local/bin/php.ini", O_RDONLY) =-1 ENOENT (No such file or directory) open ("/ usr/local/lib/php.ini", O_RDONLY) = 4
Why didn't the program open my file?
When each executable program reads the file, if the permissions are insufficient, it will be denied. And if the file can not be found, it will not report an error, unless you set up error handling in the program, So, if the program does not read my file, how can I track it?
$strace-e open,access 2 > & 1 | grep your-filename
Check the output of the open () and access () system calls to see why
What is the process doing at the moment?
Your program suddenly consumes a lot of CPU, or it seems to be suspended, so let's use the process's pid number to see what it's doing at the moment.
Root@dev:~# strace-p 15427 Process 15427 attached-interrupt to quit futex (0x402f4900, FUTEX_WAIT, 2, NULL Process 15427 detached
By tracing, you know that the reason the program hangs is that futex () is being called.
Where is the program's time spent?
You always want the program to work according to your wishes, and you want it to do the right thing at the right time, or even want it to be optimal, as far as possible during the running cycle of the program. More than 90% of the resources consumed are doing what needs to be done, rather than simply waiting. Maybe the following instructions can help you:
Root@dev:~# strace-c-p 11084
Process 11084 attached-interrupt to quit
Process 11084 detached
% time seconds usecs/call calls errors syscall
94.59 0.001014 48 21 select
2.89 0.000031 1 21 getppid
2.52 0.000027 1 21 time
100.00 0.001072 63 total
Root@dev:~#
If you are a background daemon for tracking, you can follow the instructions above for a period of time, then press ctrl+c to exit, and strace will describe the above results based on the information obtained.
The above example shows that the most important time spent by the current process (postmaster) is waiting for the select () function. After each call to the select function, it calls the getpid function and the time function respectively. If it is a non-background daemon, strace can track the start and end of the process, like this:
Root@dev:~# strace-c > / dev/null ls
% time seconds usecs/call calls errors syscall
23.62 0.000205 103 2 getdents64
18.78 0.000163 15 11 1 open
15.09 0.000131 19 7 read
12.79 0.000111 7 16 old_mmap
7.03 0.000061 6 11 close
4.84 0.000042 11 4 munmap
4.84 0.000042 11 4 mmap2
4.03 0.000035 6 6 6 access
3.80 0.000033 3 11 fstat64
1.38 0.000012 3 4 brk
0.92 0.000008 3 3 3 ioctl
0.69 0.000006 6 1 uname
0.58 0.000005 5 1 set_thread_area
0.35 0.000003 3 1 write
0.35 0.000003 3 1 rt_sigaction
0.35 0.000003 3 1 fcntl64
0.23 0.000002 2 1 getrlimit
0.23 0.000002 2 1 set_tid_address
0.12 0.000001 1 1 rt_sigprocmask
100.00 0.000868 87 10 total
The ls program spends most of its time reading directory entries.
Why can't I connect to the server?
The debugging process cannot connect to the server is a painful thing, for many reasons, such as DNS failure, connection is suspended, the server returned abnormal data, the server itself is abnormal, and so on. In general, in terms of network debugging, many people will think of another very good tool-tcpdump. But it has too many parameters, and it's probably a laborious task to find out why one of the hundreds of connected processes can't connect. Strace can actually help you in this situation, by only outputting data related to system calls, thus making us more focused. Something like this:
$strace-e poll,select,connect,recvfrom,sendto nc http://www.news.com 80
Sendto (3, "\ 24\ 0\ 0\ 0\ 26\ 0\ 1\ 3\ 255\ 373NH\ 0\ 0\ 0\ 0\ 0\ 0\ 0\ 0\ 0\ 0", 20,0, {sa_family=AF_NETLINK, pid=0, groups=00000000}, 12) = 20
Connect (3, {sa_family=AF_FILE, path= "/ var/run/nscd/socket"}, 110) =-1 ENOENT (No such file or directory)
Connect (3, {sa_family=AF_FILE, path= "/ var/run/nscd/socket"}, 110) =-1 ENOENT (No such file or directory)
Connect (3, {sa_family=AF_INET, sin_port=htons (53), sin_addr=inet_addr ("62.30.112.39")}, 28) = 0
Poll ([{fd=3, events=POLLOUT, revents=POLLOUT}], 1, 0) = 1
Sendto (3, "\ 213\ 321\ 1\ 0\ 0\ 1\ 0\ 0\ 0\ 0\ 0\ 3www\ 4news\ 3com\ 0\ 0\ 34\ 0\ 1", 30, MSG_NOSIGNAL, NULL, 0) = 30
Poll ([{fd=3, events=POLLIN, revents=POLLIN}], 1, 5000) = 1
Recvfrom (3, "\ 213\ 321\ 201\ 200\ 1\ 0\ 1\ 0\ 0\ 0\ 0\ 3www\ 4news\ 3com\ 0\ 0\ 34\ 0\ 1\ 300\ f", 1024, 0, {sa_family=AF_INET, sin_port=htons (53), sin_addr=inet_addr ("62.30.112.39")}, [16]) = 153
Connect (3, {sa_family=AF_INET, sin_port=htons (53), sin_addr=inet_addr ("62.30.112.39")}, 28) = 0
Poll ([{fd=3, events=POLLOUT, revents=POLLOUT}], 1, 0) = 1
Sendto (3, "k\ 374\ 1\ 0\ 0\ 1\ 0\ 0\ 0\ 0\ 0\ 3www\ 4news\ 3com\ 0\ 0\ 1\ 0, 30, MSG_NOSIGNAL, NULL, 0) = 30
Poll ([{fd=3, events=POLLIN, revents=POLLIN}], 1, 5000) = 1
Recvfrom (3, "k\ 374\ 201\ 200\ 1\ 0\ 2\ 0\ 0\ 0\ 0\ 3www\ 4news\ 3com\ 0\ 0\ 1\ 0\ 1\ 1\ 300\ f", 1024, 0, {sa_family=AF_INET, sin_port=htons (53), sin_addr=inet_addr ("62.30.112.39")}, [16]) = 106
Connect (3, {sa_family=AF_INET, sin_port=htons (53), sin_addr=inet_addr ("62.30.112.39")}, 28) = 0
Poll ([{fd=3, events=POLLOUT, revents=POLLOUT}], 1, 0) = 1
Sendto (3, "\\ 2\ 1\ 0\ 0\ 1\ 0\ 0\ 0\ 0\ 0\ 3www\ 4news\ 3com\ 0\ 0\ 1\ 0\ 1\ 1", 30, MSG_NOSIGNAL, NULL, 0) = 30
Poll ([{fd=3, events=POLLIN, revents=POLLIN}], 1, 5000) = 1
Recvfrom (3, "\ 2\ 201\ 200\ 1\ 0\ 2\ 0\ 0\ 0\ 0\ 0\ 3www\ 4news\ 3com\ 0\ 0\ 1\ 0\ 1\ 1\ 300\ f", 1024, 0, {sa_family=AF_INET, sin_port=htons (53), sin_addr=inet_addr ("62.30.112.39")}, [16]) = 106
Connect (3, {sa_family=AF_INET, sin_port=htons (80), sin_addr=inet_addr ("216.239.122.102")}, 16) =-1 EINPROGRESS (Operation now in progress)
Select (4, NULL, [3], NULL, NULL) = 1 (out [3])
So what does the above output say about what happened to the process?
Notice that this process is trying to connect / var/run/nscd/socket connection? This means that the nc program will first connect to NSCD- Name Service Cache Daemon, which is usually used to set up domain name query configurations related to NIS,YP,LDAP or similar directory protocols. In the above example, the connection failed.
Then the process begins to connect to the DNS, as can be seen from the sin_port=htons (53) output. As you can see, it then makes a call to sendto (), sending out a DNS package containing http://www.news.com information. Then read the returned packet data, and for some reason, it made three such attempts. One possible reason is that http://www.news.com is a CNAME record. Multiple requests may be a way for nc programs to handle them.
Finally, it finally initiates the connect () operation, and notice that the return result of this operation is EINPROGRESS, which means that the connection is non-blocking, and nc wants to continue, so it calls select ().
By adding read,write calls to the list of system calls traced by strace, we can see some of the following results:
Read (0, "test\ n", 1024) = 5
Write (3, "test\ n", 5) = 5
Poll ([{fd=3, events=POLLIN, revents=POLLIN}, {fd=0, events=POLLIN}], 2,-1) = 1
Read (3,
The above indicates that it reads a line of information from "test" + standard input, then writes to the network connection, then calls poll to wait for the response, and then reads the network feedback and writes it to standard output.
Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.
Views: 0
*The comments in the above article only represent the author's personal views and do not represent the views and positions of this website. If you have more insights, please feel free to contribute and share.
Continue with the installation of the previous hadoop.First, install zookooper1. Decompress zookoope
"Every 5-10 years, there's a rare product, a really special, very unusual product that's the most un
© 2024 shulou.com SLNews company. All rights reserved.