Tracing (software)

In software engineering, tracing involves a specialized use of logging to record information about a program's execution. This information is typically used by programmers for debugging purposes, and additionally, depending on the type and detail of information contained in a trace log, by experienced system administrators or technical-support personnel and by software monitoring tools to diagnose common problems with software.[1] Tracing is a cross-cutting concern.

Software development
Core activities
Paradigms and models
Methodologies and frameworks
Supporting disciplines
Practices
Tools
Standards and Bodies of Knowledge
Glossaries
Outlines

There is not always a clear distinction between tracing and other forms of logging, except that the term tracing is almost never applied to logging that is a functional requirement of a program (therefore excluding logging of data from an external source, such as data acquisition in a high-energy physics experiment, and write-ahead logging). Logs that record program usage (such as a server log) or operating-system events primarily of interest to a system administrator (see for example Event Viewer) fall into a terminological gray area.

This article deals primarily with tracing for debugging or diagnostic purposes.

Event logging versus tracing

Difficulties in making a clear distinction between event logging and software tracing arise from the fact that some of the same technologies are used for both, and further because many of the criteria that distinguish between the two are continuous rather than discrete. The following table lists some important, but by no means precise or universal, distinctions that are used by developers to select technologies for each purposes, and that guide the separate development of new technologies in each area:

Event loggingSoftware tracing
Consumed primarily by system administrators Consumed primarily by developers
Logs "high level" information (e.g. failed installation of a program) Logs "low level" information (e.g. a thrown exception)
Must not be too "noisy" (containing many duplicate events or information is not helpful to its intended audience) Can be noisy
A standards-based output format is often desirable, sometimes even required Few limitations on output format
Event log messages are often localized Localization is rarely a concern
Addition of new types of events, as well as new event messages, need not be agile Addition of new tracing messages must be agile

Event logging

Event logging provides system administrators with information useful for diagnostics and auditing. The different classes of events that will be logged, as well as what details will appear in the event messages, are often considered early in the development cycle. Many event logging technologies allow or even require each class of event to be assigned a unique "code", which is used by the event logging software or a separate viewer (e.g., Event Viewer) to format and output a human-readable message. This facilitates localization and allows system administrators to more easily obtain information on problems that occur.

Because event logging is used to log high-level information (often failure information), performance of the logging implementation is often less important.

A special concern, preventing duplicate events from being recorded "too often" is taken care of through event throttling.

Software tracing

Software tracing provides developers with information useful for debugging. This information is used both during development cycles and after the release of the software. Unlike event logging, software tracing usually does not have the concept of a "class" of event or an "event code". Other reasons why event-logging solutions based on event codes are inappropriate for software tracing include:

  • Because software tracing is low-level, there are often many more types of messages that would need to be defined, many of which would only be used at one place in the code. The event-code paradigm introduces significant development overhead for these "one-shot" messages.
  • The types of messages that are logged are often less stable through the development cycle than for event logging.
  • Because the tracing output is intended to be consumed by the developer, the messages don't need to be localized. Keeping tracing messages separate from other resources that need to be localized (such as event messages) is therefore important.
  • There are messages that should never be seen.
  • Tracing messages should be kept in the code, because they can add to the readability of the code. This is not always possible or feasible with event-logging solutions.

Another important consideration for software tracing is performance. Because software tracing is low-level, the possible volume of trace messages is much higher. To address performance concerns, it often must be possible to turn off software tracing, either at compile-time or run-time.

Other special concerns:

  • In proprietary software, tracing data may include sensitive information about the product's source code.
  • If tracing is enabled or disabled at run-time, many methods of tracing require the inclusion of a significant amount of additional data in the binary, which can indirectly hurt performance even when tracing is disabled.
  • If tracing is enabled or disabled at compile-time, getting trace data for a problem on a customer machine depends on the customer being willing and able to install a special, tracing-enabled version of the software and then duplicating the problem.
  • Many uses of tracing have very stringent robustness requirements. This is both in the robustness of the trace output but also in that the use-case being traced should not be disrupted.
  • In operating systems, tracing is sometimes useful in situations (such as booting) where some of the technologies used to provide event logging may not be available.
  • in embedded software, tracing requires special techniques.[2]

Techniques

Software tracing:

Event logging:

  • syslog (see article for specific implementations)

Appropriate for both:

Trace analysis

Trace analysis consists of extracting knowledge from executions of software systems. One kind of trace analysis is trace alignment, it consists of identifying parts in the traces that are common, that correspond to the same behavior.[3] Trace alignment is a complex problem, because of the size of the traces, as well as because of the non-determinism and noise in real-world traces.[4]

gollark: Like the osmarks.tk firefox crasher (I think that got patched).
gollark: Yes, that is true for all pages.
gollark: γρεεκ ρεαδερς ἀρε θε κοολεστ.
gollark: λυρικλυ ἰσ δυμβ.
gollark: αιρβνβ

See also

References

  1. "The Tracing Book". Archived from the original on 2009-02-24.
  2. Kraft, Johan; Wall, Anders; Kienle, Holger (2010), "Trace Recording for Embedded Systems: Lessons Learned from Five Industrial Projects", Runtime Verification, Springer Berlin Heidelberg, pp. 315–329, doi:10.1007/978-3-642-16612-9_24, ISBN 9783642166112
  3. Weber, Matthias; Brendel, Ronny; Brunst, Holger (2012). "Trace File Comparison with a Hierarchical Sequence Alignment Algorithm". 2012 IEEE 10th International Symposium on Parallel and Distributed Processing with Applications. IEEE: 247–254. doi:10.1109/ispa.2012.40. ISBN 978-1-4673-1631-6.
  4. Cabrera Arteaga, Javier; Monperrus, Martin; Baudry, Benoit (2019). "Scalable comparison of JavaScript V8 bytecode traces". Proceedings of the 11th ACM SIGPLAN International Workshop on Virtual Machines and Intermediate Languages - VMIL 2019. ACM Press: 22–31. arXiv:1910.03478. doi:10.1145/3358504.3361228. ISBN 9781450369879.
This article is issued from Wikipedia. The text is licensed under Creative Commons - Attribution - Sharealike. Additional terms may apply for the media files.