strace 调试linux 程序
sunln00 2012-02-15
strace调试
2010-03-1823:02
说明:本文档简要描述了strace的命令,在文末有本命令的基本应用。
strace-tracesystemcallsandsignals
usage:strace[-dffhiqrtttTvVxx][-acolumn][-eexpr]...[-ofile]
[-ppid]...[-sstrsize][-uusername][-Evar=val]...
[command[arg...]]
or:strace-c[-eexpr]...[-Ooverhead][-Ssortby][-Evar=val]...
[command[arg...]]
1。-c--counttime,calls,anderrorsforeachsyscallandreportsummary
为每个系统调用计算时间、调用、错误,并报告摘要
2。-f--followforks,-ff--withoutputintoseparatefiles
-f跟踪fork的进程;-ff把输出定向到独立的文件
3。-F--attempttofollowvforks,-h--printhelpmessage
-F尝试跟踪vfork的进程,当今平台与-f功能相同;-h打印帮助信息
4。-i--printinstructionpointerattimeofsyscall
在系统调用时,打印指令指针
5。-q--suppressmessagesaboutattaching,detaching,etc.
抑制附加、分离等信息
6。-r--printrelativetimestamp,-t--absolutetimestamp,-tt--withusecs
-r打印相对时间戳;-t绝对时间戳;-tt微秒
7。-T--printtimespentineachsyscall,-V--printversion
-T打印每个系统调用的时间花费;-V打印版本
8。-v--verbosemode:printunabbreviatedargv,stat,termio[s],etc.args
-v详细模式,打印非简略的参数、状态、termio[s]等
9。-x--printnon-asciistringsinhex,-xx--printallstringsinhex
-x打印非ascii的字符串为16进制;-xx打印所有的字符串为16进制
10。-acolumn--alignmentCOLUMNforprintingsyscallresults(default40)
对系统调用结果对齐列(默认为40列)
11。-eexpr--aqualifyingexpression:option=[!]alloroption=[!]val1[,val2]...
options:trace,abbrev,verbose,raw,signal,read,orwrite
在-e后附表达式。一个合格的表达式:选项=[!]所有或者选项=[!]值1[,值2]....;可选项:跟踪、缩写、冗长、原始的东东、信号、读、写。
12-ofile--sendtraceoutputtoFILEinsteadofstderr
发送跟踪输出到文件,而不是stderr
13。-Ooverhead--setoverheadfortracingsyscallstoOVERHEADusecs
设置跟踪系统调用的最大时间
14。-ppid--traceprocesswithprocessidPID,mayberepeated
跟踪值为ID的进程,可以重复多个哦(注:最多32个)
15。-sstrsize--limitlengthofprintstringstoSTRSIZEchars(default32)
限制打印字符串的最大长度,默认为32字节
16。-Ssortby--sortsyscallcountsby:time,calls,name,nothing(defaulttime)
排序,以系统调用过程中的时间、或者调用名等作为排序项。
17。-uusername--runcommandasusernamehandlingsetuidand/orsetgid
以其他用户名或者组名运行命令
18。-Evar=val--putvar=valintheenvironmentforcommand
设置环境变量
19。-Evar--removevarfromtheenvironmentforcommand
清除环境变量
#################################################################################################
常见的使用方式有:
1。查看CPU运行时间
[guest@localhosttmp]$strace-c./b.out
%timesecondsusecs/callcallserrorssyscall
--------------------------------------------------------------
42.720.000692878open
38.400.0006226221set_thread_area
16.850.0002731372munmap
2.040.00003357read
0.000.00000008close
0.000.00000001execve
0.000.00000001access
0.000.00000003brk
0.000.00000004mprotect
0.000.000000017mmap2
0.000.00000007fstat64
--------------------------------------------------------------
100.000.00162059total
2。查看相对运行时间
[guest@localhosttmp]$strace-r./b.out
0.000560mprotect(0xb91000,8192,PROT_READ)=0
0.000196mprotect(0x45c000,4096,PROT_READ)=0
0.000884mprotect(0x42a000,16384,PROT_READ)=0
0.000191mprotect(0xa4a000,4096,PROT_READ)=0
0.000144munmap(0xb7f12000,45307)=0
0.000577brk(0)=0x8c2b000
0.000171brk(0x8c4c000)=0x8c4c000
0.000183open("sleeper.cpp",O_RDONLY|O_LARGEFILE)=3
0.000225read(3,"#include<unistd.h>\n#include<io"...,8191)=355
0.000372read(3,"",8191)=0
0.000298close(3)=0
0.000192exit_group(0)=?
3。查看文件变动相关的信号
[guest@localhosttmp]$strace-etrace=desc./b.out
open("/etc/ld.so.preload",O_RDONLY)=3
fstat64(3,{st_mode=S_IFREG|0444,st_size=17,...})=0
close(3)=0
open("/lib/libcwait.so",O_RDONLY)=3
read(3,"\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0\20\3\0\0004\0\0\0"...,512)=512
fstat64(3,{st_mode=S_IFREG|0755,st_size=2572,...})=0
close(3)=0
open("/etc/ld.so.cache",O_RDONLY)=3
fstat64(3,{st_mode=S_IFREG|0644,st_size=45307,...})=0
close(3)=0
open("/usr/lib/libstdc++.so.6",O_RDONLY)=3
read(3,"\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0P\2348\0004\0\0\0"...,512)=512
fstat64(3,{st_mode=S_IFREG|0755,st_size=936908,...})=0
close(3)=0
open("/lib/libm.so.6",O_RDONLY)=3
4。按调用过程来排序,并显示相对时间
guest@localhosttmp]$strace-r-Scalls./b.out
0.000000execve("./b.out",["./b.out"],[/*20vars*/])=0
0.001860brk(0)=0x86b4000
0.000236access("/etc/ld.so.preload",R_OK)=0
0.001263open("/etc/ld.so.preload",O_RDONLY)=3
0.000497fstat64(3,{st_mode=S_IFREG|0444,st_size=17,...})=0
0.000211mmap2(NULL,17,PROT_READ|PROT_WRITE,MAP_PRIVATE,3,0)=0xb7ff3000
0.000756close(3)=0
0.000173open("/lib/libcwait.so",O_RDONLY)=3
0.001096read(3,"\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0\20\3\0\0004\0\0\0"...,512)=512
0.000164fstat64(3,{st_mode=S_IFREG|0755,st_size=2572,...})=0
0.000610mmap2(NULL,4096,PROT_READ|PROT_WRITE,MAP_PRIVATE|MAP_ANONYMOUS,-1,0)=0xb7ff2000
0.000165mmap2(NULL,5544,PROT_READ|PROT_EXEC,MAP_PRIVATE|MAP_DENYWRITE,3,0)=0x76d000
0.000757mmap2(0x76e000,4096,PROT_READ|PROT_WRITE,MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE,3,0)=0x76e000
0.000159close(3)=0
0.000762munmap(0xb7ff3000,17)=0
0.000160open("/etc/ld.so.cache",O_RDONLY)=3
5。调试vsftpd,其进程号为21712,在下例中-f参数对子进程也进行了跟踪。
[root@test1~]#strace-f-T-p21712
Process21712attached-interrupttoquit
注:此时从另外一终端访问ftp
accept(3,{sa_family=AF_INET,sin_port=htons(4138),sin_addr=inet_addr("192.168.203.137")},[16])=0<10.148879>
rt_sigprocmask(SIG_BLOCK,[CHLD],NULL,=0<0.000050>
rt_sigprocmask(SIG_BLOCK,[HUP],NULL,=0<0.000046>
clone(Process21732attached(waitingforparent)
Process21732resumed(parent21712ready)
child_stack=0,flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD,child_tidptr=0xb7fcd718)=21732<0.000514>
[pid21712]close(0)=0<0.000046>
[pid21712]rt_sigprocmask(SIG_UNBLOCK,[CHLD],NULL,=0<0.000049>
[pid21712]rt_sigprocmask(SIG_UNBLOCK,[HUP],NULL,=0<0.000039>
[pid21712]accept(3,<unfinished...>
[pid21732]close(3)=0<0.000055>
[pid21732]dup2(0,1)=1<0.000041>
[pid21732]dup2(0,2)=2<0.000040>
[pid21732]getpeername(0,{sa_family=AF_INET,sin_port=htons(4138),sin_addr=inet_addr("192.168.203.137")},[16])=0<0.000046>
[pid21732]getsockname(0,{sa_family=AF_INET,sin_port=htons(21),sin_addr=inet_addr("192.168.203.139")},[16])=0<0.000042>
[pid21732]open("/etc/hosts.allow",O_RDONLY)=3<0.000065>
[pid21732]fstat64(3,{st_mode=S_IFREG|0644,st_size=161,...})=0<0.000043>
[pid21732]mmap2(NULL,4096,PROT_READ|PROT_WRITE,MAP_PRIVATE|MAP_ANONYMOUS,-1,0)=0xb7fdc000<0.000054>
[pid21732]read(3,"#\n#hosts.allow\tThisfiledescri"...,4096)=161<0.000102>
[pid21732]read(3,"",4096)=0<0.000044>
[pid21732]close(3)=0<0.000044>
[pid21732]munmap(0xb7fdc000,4096)=0<0.000072>
[pid21732]open("/etc/hosts.deny",O_RDONLY)=3<0.000050>
[pid21732]fstat64(3,{st_mode=S_IFREG|0644,st_size=347,...})=0<0.000041>
.....................................
6。其他...
