Strace is the next generic process dynamic tracking tool for Linux that tracks system calls and received signals when the program executes. The application method is as follows (part).
First of all, simply say its use parameters, Strace parameters include output parameters, filtering parameters, statistical parameters, tracking parameters, startup parameters and other miscellaneous. For a detailed look at the Help document or search for its usage, we'll simply describe a few common parameters:
-P Pid tracks the process of the specified process number.
-o file output trace information to a file.
-F tracks the child processes that are generated by the fork call.
-e expr expression, using the specified tracing method, commonly:
-e Trace=open,close,rean,write keeps track of calls to these four system functions, and defaults to Set=all.
-e Trace=file Tracks system calls about file operations.
-e trace=process trace process invocation.
-e trace=network Tracks network calls.
-e strace=signal trace the system signal call.
-e TRACE=IPC Tracks IPC communication calls.
Other more filter formulas slightly ...
-D output debug information to standard error output.
-C statistical function, statistics of the number of system calls, time and number of errors and other information.
-T/R the absolute/relative timestamp of the output call.
-u user name tracks the process for a specific user.
1. Find the actual loaded configuration file
I am often asked why my configuration has changed and it has not actually been effective. I asked him if you had finished restarting, oh, forget. After a while to ask, elder brother I restarted, or the same no effect. I asked you to change that file? He said, looking for online Baidu, do not know why does not take effect.
This scenario is estimated that a lot of people have met, that deal with such problems there is no good, once and for all, or only by experience or frequent ask the old driver?
In fact, one of the best way is to use Strace to trace the process load of the file, the loading of the configuration file is definitely the real use of the configuration file, modify the file, reboot will definitely take effect.
For example, we're looking for a MySQL configuration file
STRACE-TF MySQL 2>&1|grep cnf
As a result, as we have seen, the actual invocation file is/etc/my.cnf.
As for the order "2>&1", there are serious classmates will have doubts, remove it can? Then I tried, and grep didn't work, and all the content came out of the brain. Why is it so? The original Starce output is output to standard error 2, as the debug information. The pipeline to grep is only standard output 1, so the content is all displayed (standard error), and grep filtering does not work (the standard output is empty). So you have to add "2>&1" to redirect the standard error message to standard output 1 first. That's the result.
The same approach applies to finding configuration files, loading class library files that are not found, and so on. Extrapolate tried it well.
2. Track time-consuming processes
If you suddenly find that your program starts very slowly, or consumes CPU, memory and so on, or you find that the system load is very large, you through Top,ps and other discoveries are caused by a process, such as the MSYQL program, and possibly the server was hacked, a Trojan process accounted for a lot of resources. We would like to further refine the analysis, exactly why MySQL accounted for a particularly large resources? What's wrong with this trojan process? At this time to sacrifice strace artifact on OK.
We said before. Strace has statistical parameters, the simplest is the-c parameter, a process with the-c parameter, Strace will be statistical program system call statistics. Will count those items? We described above the-c parameter, there are system calls, time-consuming, and the number of errors.
Statistics for MySQL calls such as:
See that the system call is mainly called Nmap, which is related to memory. You can make it clear that MySQL is primarily doing memory operations.
We then through the PID dynamic tracking, the implementation of-c-p PID for a period of time, CTRL + C exit, there is the result:
It can be seen that most of the time you make pull calls.
3, comprehensive tracking Java time-consuming, memory leaks, debug errors, etc. 1) first find the best resources of the child process:
Top-h-P ' ps aux|perl-lane ' print $F [1] If $F [0]=~/tomcat/'
2) Trace the most time-consuming sub-process with trace
Strace-p 31164
When the Futex process synchronization thread is discovered, there is a large number of link timeouts.
3) combine Jstack to track code-level issues
This sub-process is converted to 16, then analyzed with jstack and searched for 16 of the sub-process to obtain specific debug information for the specific VM, thus further code troubleshooting.
Well, in fact, Strace has more extension applications, there are a lot of articles on the Internet to learn from the reference. Of course you can dig deeper and find bigger treasures according to your actual environment.
Jstack Use method Reference
Tomcat+java Web programs continue to account for high CPU problems Debug "turn"-paul_hch-Blog Park http://www.cnblogs.com/paul8339/p/7144736.html
Java online application troubleshooting: High CPU consumption "turn"-paul_hch-Blog Park http://www.cnblogs.com/paul8339/p/7464206.html
High CPU usage on Java line application failure troubleshooting and targeting-paul_hch-Blog Park http://www.cnblogs.com/paul8339/p/7591226.html
Turn from
"Security tools"linux dynamic tracking Artifact--strace instance Introduction https://www.toutiao.com/i6521168589418922504/
Linux dynamic Tracking Artifact--strace example Introduction "Go"