Chinaunix首页 | 论坛 | 博客
  • 博客访问: 1584770
  • 博文数量: 399
  • 博客积分: 8508
  • 博客等级: 中将
  • 技术积分: 5302
  • 用 户 组: 普通用户
  • 注册时间: 2009-10-14 09:28
个人简介

能力强的人善于解决问题,有智慧的人善于绕过问题。 区别很微妙,小心谨慎做后者。

文章分类

全部博文(399)

文章存档

2018年(3)

2017年(1)

2016年(1)

2015年(69)

2013年(14)

2012年(17)

2011年(12)

2010年(189)

2009年(93)

分类: LINUX

2012-11-14 17:46:14

device
character(forward)/block(buffered)/network
kernel 
resource manger(cpu, memory,)
socklist
uname -r
ls -l /dev|grep ^b
ls -l /dev|grep --color=auto  ^c
alias grep= grep --color=auto
netstat -i
netstat -t
kernel 
32 bit :  0xC0000000
Monolithic
quich switch beween: threads , processed, spaces
more /proc/$$/maps
$$ current shell

uname -m
cat /proc/kallsyms = nm
kthreadd will create kernel threads
UID        PID  PPID  C STIME TTY          TIME CMD
root         1     0  0 Oct30 ?        00:00:07 /opt/upstart/sbin/init
root         2     0  0 Oct30 ?        00:00:00 [kthreadd]
root         3     2  0 Oct30 ?        00:00:03 [migration/0]
root         4     2  0 Oct30 ?        00:00:02 [ksoftirqd/0]
root         5     2  0 Oct30 ?        00:00:02 [migration/1]
root         6     2  0 Oct30 ?        00:00:03 [ksoftirqd/1]
root         7     2  0 Oct30 ?        00:00:22 [events/0]
root         8     2  0 Oct30 ?        00:00:33 [events/1]
lsmod | grep ip
modprobe vfat
file vfat.ko
modinfo vfat
modinfo !$ (same arguments)
sharelib in kernal mode is relocatable
module is used 

alias rm=mv /trash
/et/modules
chown root .
du -s 
make menuconfig
make gconfig
make xconfig
ARCHI=arm make config


alias c=clear

journal file system = diary  records transactions,  roll back bad transactions

/sys/block/sda/queue> cat scheduler
/sys/block/sda/queue> echo deadline>!$
cat iosched/write_expire
cat iosched/read_expire

strace on 1 pid, ftrace needs to be rebuilt into kernel

/proc> cat cmdline   // boot parametres

cat /proc/kallsyms |grep sys_read
gdb -c /proc/kcore
(gdb)  x/20i  0xffff81144e70

$$ : current pid


create_proc_entry:
fuse module:  file system in user mode
/sbin/syslog-ng is monitoring /proc/kmsg
/var/log/kern.log

syntax-off

dmesg -c  //display and clean
!inm
!rm

dmesg -s 100  //size
load average:  w, uptime 
cat /proc/loadavg
lsmod , cat /proc/modules

echo b > /proc/sysrq-trigger  :  cause reboot , never touch it
dmesg |grep -v fff
sysrq keyboard  to generate core dump


To be able to use the SysRq feature, you need to do

echo "1" > /proc/sys/kernel/sysrq
or add an entry to /etc/sysctl.conf:
kernel.sysrq = 1

# 立即重新启动计算机
echo "b" > /proc/sysrq-trigger
 
# 立即关闭计算机
echo "o" > /proc/sysrq-trigger
 
# 导出内存分配的信息 (可以用/var/log/message 查看)
echo "m" > /proc/sysrq-trigger
 
# 导出当前CPU寄存器信息和标志位的信息
echo "p" > /proc/sysrq-trigger
 
# 导出线程状态信息
echo "t" > /proc/sysrq-trigger
 
# 故意让系统崩溃
echo "c" > /proc/sysrq-trigger
 
# 立即重新挂载所有的文件系统 
echo "s" > /proc/sysrq-trigger
 
# 立即重新挂载所有的文件系统为只读
echo "u" > /proc/sysrq-trigger

dmesg|grep -v fffff|grep S --color=auto

sysctl = proc/sys

before debug : sysctl randomize_va_space=0  to reproduce

kill -l : all signals
unhandled exceptions will cause signal

ulimit -c 121413144
floating exception (core dump)
cat /proc/sys/kernel/coer_uses_piecho 
echo 1>/proc/sys/kernel/coer_uses_pid
echo /tmp/coer.%p.%e.%h.%t > /proc/sys/kernel/coer_pattern
%p: pid;  %e: executable; %h: host name; %t: tid 
echo "|/bin/ls" > /proc/sys/kernel/coer_pattern
#### execute a command when a core dump is generated, using pipe
/proc/sys/kernel/core_pipe

cat /proc/xx/status | grep Trace
ulimit -a
ulimit -t  SIGXCPU
normal user can reduce limit but can't increase the limit
mother must call wait4 or child will be zombie and only be killed after mother is killed.
z and defunt are already dead status


/proc/sys = sysctl

ls /proc/pid/cwd

ps aux |grep Ssl  : multi thread 

ps -L : show threads

Uid : realid  effective id   set id filesystem id

ls -l /proc/$$/fd
netstat -na|grep 

cat /proc/445/fdinfo/3
pos: 30
flags: 

:syntax off
gdb -p $$


MEM=`more /proc/xx/status | grep VmSize |cut -d':' -f2 |cut -dk f1`

threads share vm、 heap 、 fd 

conditional debug: 
if()
__asm("int $3")    intel
bkpt   ARM
break  PPC

gdb ./f
(gdb) r /etc/passwd



Virtual memory = rss + 
resident rss = uss + shared0

ls -i /proc/xx/map
cat /proc/partitions

nire /proc/$$/smaps

cat smaps |grep '^[6..7]'

rss
pss:(proportional)
shared_clean:
private_clean:(USS)

ulimit -m 400000

page cache : owner is file
buffer cache : io but not file  , owner is device
kill buffer cache , page cache, swap

cat /proc/7/oom_score ,  high score thread will be killed by oom
dmesg|grep killed

echo f > proc/sysrq-trugger  :  set up low memory killer
dmesg|grep killed

buffer cache --> page cache

dd  of=  if=

ls /proc/sys/vm
echo !*   : all last parametres
!!

Ctrl + L  :  clear the shell screen

nm : show symbols
objdump : 
file
ldd =  objdump -x /bin/ls |grep NEED --color=auto

void _init(void)
{
print("hello");
}
void _fini(void)
{
printf("123");
}
gcc l.c -o l -c -fPIC
ld -shared -soname l.so.1 -o l.so.1.0 -lc l.o

malloc debugging
MALLOC_TRACE=/tmp/xx LD_PRELOAD=$PWD/l.so.1.0 netstat
more /tmp/xx|grep "+ " | wc -l
more /tmp/xx|grep -- "- " | wc -l

vim /usr/inlcude/malloc.h    malloc_hook
dlopen:  dynamic linking loader

echo 0 > /proc/sys/kernel/raqndomize_va_space

debug without symbols:
gdb core
cat /proc/$$/map > grep xx
screen -x -D
strace -p $$ -vv -i -ttt -f
ltrace
fork unix
clone linux: create process or thread
grep -V
ftrace
ptrace 
 strace -o /tmp/xx strace -p 23290 -vv -c
 tty
trace sshd will get the password
ltrace share parametres with strace

gdb 

x/20x %rsp -0x10
x/s

file a
disass main

/etc/
man syslog
logger "123"
tail /var/log/messages
阅读(1238) | 评论(0) | 转发(0) |
0

上一篇:seq命令

下一篇:Shell array

给主人留下些什么吧!~~