【tcp】TCP socket文件句柄泄漏问题排查处理

使用strace查看网络连接与关闭详情

# yum -y install strace
$   strace   -t   -T  -f  -p  ${pid}   -e trace=network,close  -o  ${pid}_strace.out

通过上述指令对应用的网络请求
-t ：显示时间
-T : 显示调用的耗时
-f : 跟踪由fork调用所产生的子进程
-p : 指定跟踪的进程号
trace=network,close ：跟踪与网络有关的所有系统调用和close系统调用

7360 11:06:47 accept(682, {sa_family=AF_INET6, sin6_port=htons(59787), inet_pton(AF_INET6, "::ffff:172.20.4.1", &sin6_addr), sin6_flowinfo=0, sin6_scope_id=0}, [28]) = 19703 <0.000060>
7360 11:06:47 getsockname(19703, {sa_family=AF_INET6, sin6_port=htons(5590), inet_pton(AF_INET6, "::ffff:172.20.4.2", &sin6_addr), sin6_flowinfo=0, sin6_scope_id=0}, [28]) = 0 <0.000038>
7360 11:06:47 getsockname(19703, {sa_family=AF_INET6, sin6_port=htons(5590), inet_pton(AF_INET6, "::ffff:172.20.4.2", &sin6_addr), sin6_flowinfo=0, sin6_scope_id=0}, [28]) = 0 <0.000037>
7360 11:06:47 setsockopt(19703, SOL_TCP, TCP_NODELAY, [1], 4) = 0 <0.000047>
...
7360 11:06:47 setsockopt(19703, SOL_SOCKET, SO_KEEPALIVE, [1], 4) = 0 <0.000039>
7359 11:06:48 accept(627, {sa_family=AF_INET6, sin6_port=htons(59790), inet_pton(AF_INET6, "::ffff:172.20.4.1", &sin6_addr), sin6_flowinfo=0, sin6_scope_id=0}, [28]) = 48246 <0.000043>
7356 11:06:48 accept(462, {sa_family=AF_INET6, sin6_port=htons(59791), inet_pton(AF_INET6, "::ffff:172.20.4.1", &sin6_addr), sin6_flowinfo=0, sin6_scope_id=0}, [28]) = 48382 <0.000102>
7356 11:06:48 getsockname(48382, {sa_family=AF_INET6, sin6_port=htons(9999), inet_pton(AF_INET6, "::ffff:172.20.4.2", &sin6_addr), sin6_flowinfo=0, sin6_scope_id=0}, [28]) = 0 <0.000050>
7356 11:06:48 getsockname(48382, {sa_family=AF_INET6, sin6_port=htons(9999), inet_pton(AF_INET6, "::ffff:172.20.4.2", &sin6_addr), sin6_flowinfo=0, sin6_scope_id=0}, [28]) = 0 <0.000063>
...
7402 11:06:51 close(19703) = 0 <0.000044>
7388 11:06:53 shutdown(48382, SHUT_RD) = 0 <0.000053>

Linux找出已经删除但磁盘空间未释放的大文件并清空
http://mdba.cn/2019/10/18/linux%e6%89%be%e5%87%ba%e5%b7%b2%e7%bb%8f%e5%88%a0%e9%99%a4%e4%bd%86%e7%a3%81%e7%9b%98%e7%a9%ba%e9%97%b4%e6%9c%aa%e9%87%8a%e6%94%be%e7%9a%84%e5%a4%a7%e6%96%87%e4%bb%b6%e5%b9%b6%e6%b8%85%e7%a9%ba

文件句柄占用问题排查经历
https://blog.csdn.net/m0_53246313/article/details/123667998

redis大量的连接创建导致cpu飙高
http://mdba.cn/2016/12/19/redis%e5%a4%a7%e9%87%8f%e7%9a%84%e8%bf%9e%e6%8e%a5%e5%88%9b%e5%bb%ba%e5%af%bc%e8%87%b4cpu%e9%a3%99%e9%ab%98

tcp socket文件句柄泄漏
http://mdba.cn/2015/03/10/tcp-socket%E6%96%87%E4%BB%B6%E5%8F%A5%E6%9F%84%E6%B3%84%E6%BC%8F

lsof: can't identify protocol
https://idea.popcount.org/2012-12-09-lsof-cant-identify-protocol

Sockets found by lsof but not by netstat
https://serverfault.com/questions/153983/sockets-found-by-lsof-but-not-by-netstat

How to identify leaked file descriptors that are shown only as “can't identify protocol” in lsof
https://mulesoftprm.force.com/s/article/How-to-identify-leaked-file-descriptors-that-are-shown-only-as-cant-identify-protocol-in-lsof

进程异常重启，Linux句柄泄漏问题的定位
https://blog.csdn.net/stpeace/article/details/51809584