• [daily] 查看linux程序或操作的kernel内核调用栈

    [classic_tong @ https://www.cnblogs.com/hugetong/p/12198122.html]

    查看一个命令或程序,都调用了什么系统API的方法,

    可以是用strace

    [root@T9 OUTPUT_nginx]# strace echo
execve("/usr/bin/echo", ["echo"], [/* 22 vars */]) = 0
brk(NULL)                               = 0x1311000
mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f10f71d4000
access("/etc/ld.so.preload", R_OK)      = -1 ENOENT (No such file or directory)
open("/etc/ld.so.cache", O_RDONLY|O_CLOEXEC) = 3
fstat(3, {st_mode=S_IFREG|0644, st_size=53652, ...}) = 0
mmap(NULL, 53652, PROT_READ, MAP_PRIVATE, 3, 0) = 0x7f10f71c6000
close(3)                                = 0
open("/lib64/libc.so.6", O_RDONLY|O_CLOEXEC) = 3
read(3, "177ELF21133>1340$2"..., 832) = 832
fstat(3, {st_mode=S_IFREG|0755, st_size=2151672, ...}) = 0
mmap(NULL, 3981792, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x7f10f6be7000
mprotect(0x7f10f6da9000, 2097152, PROT_NONE) = 0

    查看一个正在运行的程序的调用栈

    在红帽系的话,可以用红帽给gdb打的补丁,gstack:https://src.fedoraproject.org/rpms/gdb/blob/master/f/gdb-6.3-gstack-20050411.patch

    [root@T9 OUTPUT_nginx]# gstack 1
#0  0x00007f5924fad483 in epoll_wait () from /lib64/libc.so.6
#1  0x00005582a86c3ae9 in sd_event_wait ()
#2  0x00005582a86c45fd in sd_event_run ()
#3  0x00005582a86250c3 in manager_loop ()
#4  0x00005582a86195fb in main ()

    其他地方,还可以用pstack https://code.lm7.fr/robotux/pstack

    ┬─[tong@T7:~/Src/go/src/github.com/cmpxchg16/gobench]─[05:58:39 PM]
╰─>$ sudo pstack 1

1: /usr/lib/systemd/systemd --switched-root --system --deserialize 28
(No symbols found)
0x7f09c0b0060e: ???? (55d405e91340, 0, 7ffd04515c90, 55d4057163a7, 7ffd04515d80, 7ffd04515d7a) + ffffd5d70197beb0
0x7f09c084444c: ???? (55d405e8eab0, 55d405f0e920, 3500000002, 55d405f07130, 55d405f27da0, 59c2fce020610) + ffffaa2ffa16e55b
crawl: Input/output error
Error tracing through process 1
0xffffffff: ????⏎

    现在进入正题,查看一个程序或操作的内核调用栈

    使用trace-cmd,如他自己所说,是ftrace的用户态前端:user-space front-end command-line tool for Ftrace

    ftrace是内核的调试手段,用法稍有些复杂:详见:

    https://www.kernel.org/doc/Documentation/trace/ftrace.txt

    https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/7/html/Developer_Guide/ftrace.html

    trace-cmd就相对非常简单,如下:

    分两步,先record,可以针对正运行的程序,或一次性运行的程序。

    trace-cmd record -p function -P 10493
或
trace-cmd record -p functon -F cat /sys/class/net/lan0/statistics/rx_bytes

    他们会在本地存储一个文件,trace.dat

    如下命令,可以查看在内核中的调用栈

    trace-cmd report

    [classic_tong @ https://www.cnblogs.com/hugetong/p/12198122.html]
  • 相关阅读:
    Haskell Types与Typeclasses
    Haskell Tuple相关总结
    Haskell List相关操作
    Emacs 常用快捷键
    Emacs 参考资料
    Haskell Platform (windows)
    生成zip压缩包
    递归复制一个文件
    写表格
    读表格
  • 原文地址:https://www.cnblogs.com/hugetong/p/12198122.html
Copyright © 2020-2023  润新知