bobower

bobower

关注
发信
关注(28)粉丝(399)

netstat不显示进程名pid的bug

问题描述

之前有个同学反馈说现网有机器netstat看不了监听端口的进程与pid,当时让他改用lsof -i:PORT方式规避,没去深究。最近在核对外网监听端口时又碰到了:
netstat不显示进程名pid的bug-LMLPHP

定位分析

为啥有的端口ok有的不能显示?是否是监听端口范围问题?
用python -m SimpleHTTPServer测试监听不同端口,netstat都不能查出进程名pid
说明这台机器有问题,strace跟踪比较6200、24849这2个进程pid有什么不同,netstat到底做了什么?
进程pid: 6200
netstat不显示进程名pid的bug-LMLPHP
进程pid:24849
netstat不显示进程名pid的bug-LMLPHP
对比发现,netstat在处理6200这个pid时,没有读取/proc/PID/cmdline。为啥没读取呢?估计得看netstat源码了。偷懒google了一把。发现之前有人遇到过这个问题,原因是:
       netstat低版本有bug,当Socket id 大于 2^31 时,会造成无法显示进程信息。


源码解惑

有点奇怪为啥是大于2^31就不行,这个博客也没讲清楚。下载了当前系统netstat 1.6.0版源码, grep -r -i "cmdline"狂扫。在netstat.c文件找到处理cmdline的函数代码:

  1. static void prg_cache_load(void)
  2. {
  3.     char line[LINE_MAX],eacces=0;
  4.     int procfdlen,fd,cmdllen,lnamelen;
  5.     char lname[30],cmdlbuf[512],finbuf[PROGNAME_WIDTH];
  6.     long inode;
  7.     const char *cs,*cmdlp;
  8.     DIR *dirproc=NULL,*dirfd=NULL;
  9.     struct dirent *direproc,*direfd;

  11.     if (prg_cache_loaded || !flag_prg) return;
  12.     prg_cache_loaded=1;
  13.     cmdlbuf[sizeof(cmdlbuf)-1]='\0';
  14.     if (!(dirproc=opendir(PATH_PROC))) goto fail;
  15.     while (errno=0,direproc=readdir(dirproc)) {
  16. #ifdef DIRENT_HAVE_D_TYPE_WORKS
  17.     if (direproc->d_type!=DT_DIR) continue;
  18. #endif
  19.     for (cs=direproc->d_name;*cs;cs++)
  20.      if (!isdigit(*cs))
  21.         break;
  22.     if (*cs)
  23.      continue;
  24.     procfdlen=snprintf(line,sizeof(line),PATH_PROC_X_FD,direproc->d_name);
  25.     if (procfdlen<=0 || procfdlen>=sizeof(line)-5)
  26.      continue;
  27.     errno=0;
  28.     dirfd=opendir(line);
  29.     if (! dirfd) {
  30.      if (errno==EACCES)
  31.         eacces=1;
  32.      continue;
  33.     }
  34.     line[procfdlen] = '/';
  35.     cmdlp = NULL;
  36.     while ((direfd = readdir(dirfd))) {
  37. #ifdef DIRENT_HAVE_D_TYPE_WORKS
  38.      if (direfd->d_type!=DT_LNK)
  39.         continue;
  40. #endif
  41.      if (procfdlen+1+strlen(direfd->d_name)+1>sizeof(line))
  42.         continue;
  43.      memcpy(line + procfdlen - PATH_FD_SUFFl, PATH_FD_SUFF "/",
  44.          PATH_FD_SUFFl+1);
  45.      strcpy(line + procfdlen + 1, direfd->d_name);
  46.      lnamelen=readlink(line,lname,sizeof(lname)-1);
  47.             lname[lnamelen] = '\0'; /*make it a null-terminated string*/

  49.             extract_type_1_socket_inode(lname, &inode);

  51.             if (inode < 0) extract_type_2_socket_inode(lname, &inode);

  53.             if (inode < 0) continue;

  55.      if (!cmdlp) {
  56.         if (procfdlen - PATH_FD_SUFFl + PATH_CMDLINEl >=
  57.          sizeof(line) - 5)
  58.          continue;
  59.         strcpy(line + procfdlen-PATH_FD_SUFFl, PATH_CMDLINE);
  60.         fd = open(line, O_RDONLY);
  61.         if (fd < 0)
  62.          continue;
  63.         cmdllen = read(fd, cmdlbuf, sizeof(cmdlbuf) - 1);   #读取/proc/PID/cmdline
  64.         if (close(fd))
  65.          continue;
  66.         if (cmdllen == -1)
  67.          continue;
  68.         if (cmdllen < sizeof(cmdlbuf) - 1)
  69.          cmdlbuf[cmdllen]='\0';
  70.         if ((cmdlp = strrchr(cmdlbuf, '/')))
  71.          cmdlp++;
  72.         else
  73.          cmdlp = cmdlbuf;
  74.      }

  76.      snprintf(finbuf, sizeof(finbuf), "%s/%s", direproc->d_name, cmdlp);
  77.      prg_cache_add(inode, finbuf);
  78.     }
  79.     closedir(dirfd);
  80.     dirfd = NULL;
  81.     }
  82.     if (dirproc)
  83.     closedir(dirproc);
  84.     if (dirfd)
  85.     closedir(dirfd);
  86.     if (!eacces)
  87.     return;
  88.     if (prg_cache_loaded == 1) {
  89.     fail:
  90.     fprintf(stderr,_("(No info could be read for \"-p\": geteuid()=%d but you should be root.)\n"),
  91.         geteuid());
  92.     }
  93.     else
  94.     fprintf(stderr, _("(Not all processes could be identified, non-owned process info\n"
  95.              " will not be shown, you would have to be root to see it all.)\n"));
  96. }
prg_cache_load函数的第60行打开/proc/PID/cmdline, 63行读取/proc/PID/cmdline。现在需要找到这段代码没执行的原因。
回头看,如果inodeextract_type_1_socket_inode、extract_type_2_socket_inode函数。

  1. static void extract_type_1_socket_inode(const char lname[], long * inode_p) {

  3.     /* If lname is of the form "socket:[12345]", extract the "12345"
  4.        as *inode_p. Otherwise, return -1 as *inode_p.
  5.        */

  7.     if (strlen(lname) < PRG_SOCKET_PFXl+3) *inode_p = -1;
  8.     else if (memcmp(lname, PRG_SOCKET_PFX, PRG_SOCKET_PFXl)) *inode_p = -1;
  9.     else if (lname[strlen(lname)-1] != ']') *inode_p = -1;
  10.     else {
  11.         char inode_str[strlen(lname + 1)]; /* e.g. "12345" */
  12.         const int inode_str_len = strlen(lname) - PRG_SOCKET_PFXl - 1;
  13.         char *serr;

  15.         strncpy(inode_str, lname+PRG_SOCKET_PFXl, inode_str_len);
  16.         inode_str[inode_str_len] = '\0';
  17.         *inode_p = strtol(inode_str,&serr,0);
  18.         if (!serr || *serr || *inode_p < 0 || *inode_p >= INT_MAX)
  19.             *inode_p = -1;
  20.     }
  21. }
注意到末尾,当inode_p >= INT_MAX时, *inode_p指针值为-1.检查机器的INT_MAX值: getconf  INT_MAX 结果是2147483647,而pid为6200的进程socket inode号2413086211大于2147483647所以返回-1值。

  1. static void extract_type_2_socket_inode(const char lname[], long * inode_p) {

  3.     /* If lname is of the form "[0000]:12345", extract the "12345"
  4.        as *inode_p. Otherwise, return -1 as *inode_p.
  5.        */

  7.     if (strlen(lname) < PRG_SOCKET_PFX2l+1) *inode_p = -1;
  8.     else if (memcmp(lname, PRG_SOCKET_PFX2, PRG_SOCKET_PFX2l)) *inode_p = -1;
  9.     else {
  10.         char *serr;

  12.         *inode_p=strtol(lname + PRG_SOCKET_PFX2l,&serr,0);
  13.         if (!serr || *serr || *inode_p < 0 || *inode_p >= INT_MAX)
  14.             *inode_p = -1;
  15.     }
  16. }
同样extract_type_2_socket_inode也返回-1值,导致prg_cache_load函数未读取/proc/PID/cmdline文件内容。
现在可以确认: 原因是socket inode超过INT_MAX,引起netstat不识别进程名pid.

ref: http://xiezhenye.com/2014/01/%E6%9F%90%E4%BA%9B-linux-%E5%8F%91%E8%A1%8C%E7%89%88%E4%B8%AD-netstat-%E7%9A%84-bug.html
12-14 11:48
Powered by LMLPHP ©2024 bobower 0.079785