Linux 平台开源的跟踪工具:LTTng
LTTng 是一个 Linux 平台开源的跟踪工具,是一套软件组件,可允许跟踪 Linux 内核和用户程序,并控制跟踪会话(开始/停止跟踪、启动/停止事件 等等)。这些组件被绑定如下三个包:
- LTTng-tools:库和用于跟踪会话的命令行接口
- LTTng-modules:允许用 LTTng 跟踪 Linux 的 Linux 内核模块
- LTTng-UST:用户空间跟踪库
LTTng is an open source tracing framework for Linux.
System-wide insight
LTTng allows to understand the interactions between multiple components of a given system, i.e.:
- The Linux kernel, using either already available or user-defined instrumentation points
- C/C++ applications
- Java applications
- Any other user space application using the LTTng logger
Tracing all those components with LTTng will produce a unified log of events, providing great insight into the system's behavior. Here's a simplified example of a system trace:
... 17:23:05.035454 my-application startup 17:23:05.043948 my-application readConfigBegin path: /home/mole/.my-app/config 17:23:05.044120 linux sys_open pathname: /home/mole/.my-app/config flags: O_RDONLY ret: 5 17:23:05.044120 linux sys_fstat fd: 5 ret: st_uid: 1002 st_size: 4608 ... 17:23:05.044498 linux sys_read fd: 5 buf: 0x7fcd0128 count: 4608 17:23:05.046005 linux sys_close fd: 5 17:23:05.047948 my-application readConfigEnd 17:23:06.164870 my-application getUser username: joe 17:23:06.251164 java-db doQuery query: SELECT * FROM users WHERE username = 'joe';
High performance
LTTng is designed from the ground up to provide low overhead tracing on production systems. This is achieved by using techniques such as per-CPU buffering, RCU data structures, a compact and efficient binary format (the Common Trace Format), etc.
LTTng disturbs the traced system as little as possible in order to make tracing of subtle race conditions and rare interrupt cascades possible.
On platforms where resources are limited, such as some Linux embedded systems, LTTng can be used out of the box to help developers pinpoint the sources of hard-to-debug issues.
LTTng offers a new approach to gain insight into your system's behavior.
Flexible
Whether your target is a small embedded system or a large cloud, LTTng provides flexible configuration options that can accommodate the system's workload. Architectures such as x86, PowerPC, ARM and MIPS are supported, amongst others.
LTTng's tracing session mechanism makes it possible to record multiple traces concurrently with different configuration options. Each user may create and configure as many tracing sessions as needed.
Depending on your specific scenario, you may wish to:
- Trace locally: record a trace to the target's local filesystem, then use one of the many compatible viewers to investigate what happened.
- Trace remotely: send trace data over the network.
- View a live stream: monitor events as they occur, in real-time.
- Take a snapshot: when desired, keep only a fixed-sized log of the latest events.