strace是一个功能强大的调试,分析诊断工具,主要用来监视系统调用。下面的内容主要以centOS为例。
安装
使用strace前需要先在安装它,可使用命令:
yum install strace
否则会出现:
-bash: strace: command not found
使用
strace命令的详细参数如下:
usage: strace [-dffhiqrtttTvVxx] [-a column] [-e expr] ... [-o file]
[-p pid] ... [-s strsize] [-u username] [-E var=val] ...
[command [arg ...]]
or: strace -c [-e expr] ... [-O overhead] [-S sortby] [-E var=val] ...
[command [arg ...]]
-c -- count time, calls, and errors for each syscall and report summary
-f -- follow forks, -ff -- with output into separate files
-F -- attempt to follow vforks, -h -- print help message
-i -- print instruction pointer at time of syscall
-q -- suppress messages about attaching, detaching, etc.
-r -- print relative timestamp, -t -- absolute timestamp, -tt -- with usecs
-T -- print time spent in each syscall, -V -- print version
-v -- verbose mode: print unabbreviated argv, stat, termio[s], etc. args
-x -- print non-ascii strings in hex, -xx -- print all strings in hex
-a column -- alignment COLUMN for printing syscall results (default 40)
-e expr -- a qualifying expression: option=[!]all or option=[!]val1[,val2]...
options: trace, abbrev, verbose, raw, signal, read, or write
-o file -- send trace output to FILE instead of stderr
-O overhead -- set overhead for tracing syscalls to OVERHEAD usecs
-p pid -- trace process with process id PID, may be repeated
-s strsize -- limit length of print strings to STRSIZE chars (default 32)
-S sortby -- sort syscall counts by: time, calls, name, nothing (default time)
-u username -- run command as username handling setuid and/or setgid
-E var=val -- put var=val in the environment for command
-E var -- remove var from the environment for command
使用时,需要关注哪个参数就把哪个参数加上,例如:
strace -c -p 18892
这里的18892是进程的id,
启动strace之后,可以使用ctrl+c停止,停止之后将会输出检查的结果:
% time seconds usecs/call calls errors syscall
------ ----------- ----------- --------- --------- ----------------
70.34 0.000083 2 48 rt_sigprocmask
29.66 0.000035 0 2999 write
0.00 0.000000 0 8997 read
0.00 0.000000 0 23 epoll_wait
------ ----------- ----------- --------- --------- ----------------
100.00 0.000118 12067 total
可以使用ps命令根据程序的名称查看其对应的进程id,例如:
ps -ef | grep mosquitto
这里mosquitto就是要查找的程序,将得到下面的输出结果:
[root@cddserver3 ~]# ps -ef | grep mosquitto
501 18892 17309 23 01:19 pts/1 00:04:27 ./mosquitto
root 18935 18893 0 01:38 pts/2 00:00:00 grep mosquitto
不过该输出也包含了grep的程序,去掉此干扰结果可使用:
ps -ef | grep mosquitto | grep -v grep
得到输出:
501 18892 17309 23 01:19 pts/1 00:05:19 ./mosquitto
需要注意的是不能用stace和gdb一起使用,如果程序正在gdb,再启动strace则会提示:
attach: ptrace(PTRACE_ATTACH, ...): Operation not permitted
安装
使用strace前需要先在安装它,可使用命令:
yum install strace
否则会出现:
-bash: strace: command not found
使用
strace命令的详细参数如下:
usage: strace [-dffhiqrtttTvVxx] [-a column] [-e expr] ... [-o file]
[-p pid] ... [-s strsize] [-u username] [-E var=val] ...
[command [arg ...]]
or: strace -c [-e expr] ... [-O overhead] [-S sortby] [-E var=val] ...
[command [arg ...]]
-c -- count time, calls, and errors for each syscall and report summary
-f -- follow forks, -ff -- with output into separate files
-F -- attempt to follow vforks, -h -- print help message
-i -- print instruction pointer at time of syscall
-q -- suppress messages about attaching, detaching, etc.
-r -- print relative timestamp, -t -- absolute timestamp, -tt -- with usecs
-T -- print time spent in each syscall, -V -- print version
-v -- verbose mode: print unabbreviated argv, stat, termio[s], etc. args
-x -- print non-ascii strings in hex, -xx -- print all strings in hex
-a column -- alignment COLUMN for printing syscall results (default 40)
-e expr -- a qualifying expression: option=[!]all or option=[!]val1[,val2]...
options: trace, abbrev, verbose, raw, signal, read, or write
-o file -- send trace output to FILE instead of stderr
-O overhead -- set overhead for tracing syscalls to OVERHEAD usecs
-p pid -- trace process with process id PID, may be repeated
-s strsize -- limit length of print strings to STRSIZE chars (default 32)
-S sortby -- sort syscall counts by: time, calls, name, nothing (default time)
-u username -- run command as username handling setuid and/or setgid
-E var=val -- put var=val in the environment for command
-E var -- remove var from the environment for command
使用时,需要关注哪个参数就把哪个参数加上,例如:
strace -c -p 18892
这里的18892是进程的id,
启动strace之后,可以使用ctrl+c停止,停止之后将会输出检查的结果:
% time seconds usecs/call calls errors syscall
------ ----------- ----------- --------- --------- ----------------
70.34 0.000083 2 48 rt_sigprocmask
29.66 0.000035 0 2999 write
0.00 0.000000 0 8997 read
0.00 0.000000 0 23 epoll_wait
------ ----------- ----------- --------- --------- ----------------
100.00 0.000118 12067 total
可以使用ps命令根据程序的名称查看其对应的进程id,例如:
ps -ef | grep mosquitto
这里mosquitto就是要查找的程序,将得到下面的输出结果:
[root@cddserver3 ~]# ps -ef | grep mosquitto
501 18892 17309 23 01:19 pts/1 00:04:27 ./mosquitto
root 18935 18893 0 01:38 pts/2 00:00:00 grep mosquitto
不过该输出也包含了grep的程序,去掉此干扰结果可使用:
ps -ef | grep mosquitto | grep -v grep
得到输出:
501 18892 17309 23 01:19 pts/1 00:05:19 ./mosquitto
需要注意的是不能用stace和gdb一起使用,如果程序正在gdb,再启动strace则会提示:
attach: ptrace(PTRACE_ATTACH, ...): Operation not permitted