strace 调试linux 程序

strace调试

2010-03-1823:02

说明:本文档简要描述了strace的命令,在文末有本命令的基本应用。

strace-tracesystemcallsandsignals

usage:strace[-dffhiqrtttTvVxx][-acolumn][-eexpr]...[-ofile]

[-ppid]...[-sstrsize][-uusername][-Evar=val]...

[command[arg...]]

or:strace-c[-eexpr]...[-Ooverhead][-Ssortby][-Evar=val]...

[command[arg...]]

1。-c--counttime,calls,anderrorsforeachsyscallandreportsummary

为每个系统调用计算时间、调用、错误,并报告摘要

2。-f--followforks,-ff--withoutputintoseparatefiles

-f跟踪fork的进程;-ff把输出定向到独立的文件

3。-F--attempttofollowvforks,-h--printhelpmessage

-F尝试跟踪vfork的进程,当今平台与-f功能相同;-h打印帮助信息

4。-i--printinstructionpointerattimeofsyscall

在系统调用时,打印指令指针

5。-q--suppressmessagesaboutattaching,detaching,etc.

抑制附加、分离等信息

6。-r--printrelativetimestamp,-t--absolutetimestamp,-tt--withusecs

-r打印相对时间戳;-t绝对时间戳;-tt微秒

7。-T--printtimespentineachsyscall,-V--printversion

-T打印每个系统调用的时间花费;-V打印版本

8。-v--verbosemode:printunabbreviatedargv,stat,termio[s],etc.args

-v详细模式,打印非简略的参数、状态、termio[s]等

9。-x--printnon-asciistringsinhex,-xx--printallstringsinhex

-x打印非ascii的字符串为16进制;-xx打印所有的字符串为16进制

10。-acolumn--alignmentCOLUMNforprintingsyscallresults(default40)

对系统调用结果对齐列(默认为40列)

11。-eexpr--aqualifyingexpression:option=[!]alloroption=[!]val1[,val2]...

options:trace,abbrev,verbose,raw,signal,read,orwrite

在-e后附表达式。一个合格的表达式:选项=[!]所有或者选项=[!]值1[,值2]....;可选项:跟踪、缩写、冗长、原始的东东、信号、读、写。

12-ofile--sendtraceoutputtoFILEinsteadofstderr

发送跟踪输出到文件,而不是stderr

13。-Ooverhead--setoverheadfortracingsyscallstoOVERHEADusecs

设置跟踪系统调用的最大时间

14。-ppid--traceprocesswithprocessidPID,mayberepeated

跟踪值为ID的进程,可以重复多个哦(注:最多32个)

15。-sstrsize--limitlengthofprintstringstoSTRSIZEchars(default32)

限制打印字符串的最大长度,默认为32字节

16。-Ssortby--sortsyscallcountsby:time,calls,name,nothing(defaulttime)

排序,以系统调用过程中的时间、或者调用名等作为排序项。

17。-uusername--runcommandasusernamehandlingsetuidand/orsetgid

以其他用户名或者组名运行命令

18。-Evar=val--putvar=valintheenvironmentforcommand

设置环境变量

19。-Evar--removevarfromtheenvironmentforcommand

清除环境变量

#################################################################################################

常见的使用方式有:

1。查看CPU运行时间

[guest@localhosttmp]$strace-c./b.out

%timesecondsusecs/callcallserrorssyscall

--------------------------------------------------------------

42.720.000692878open

38.400.0006226221set_thread_area

16.850.0002731372munmap

2.040.00003357read

0.000.00000008close

0.000.00000001execve

0.000.00000001access

0.000.00000003brk

0.000.00000004mprotect

0.000.000000017mmap2

0.000.00000007fstat64

--------------------------------------------------------------

100.000.00162059total

2。查看相对运行时间

[guest@localhosttmp]$strace-r./b.out

0.000560mprotect(0xb91000,8192,PROT_READ)=0

0.000196mprotect(0x45c000,4096,PROT_READ)=0

0.000884mprotect(0x42a000,16384,PROT_READ)=0

0.000191mprotect(0xa4a000,4096,PROT_READ)=0

0.000144munmap(0xb7f12000,45307)=0

0.000577brk(0)=0x8c2b000

0.000171brk(0x8c4c000)=0x8c4c000

0.000183open("sleeper.cpp",O_RDONLY|O_LARGEFILE)=3

0.000225read(3,"#include<unistd.h>\n#include<io"...,8191)=355

0.000372read(3,"",8191)=0

0.000298close(3)=0

0.000192exit_group(0)=?

3。查看文件变动相关的信号

[guest@localhosttmp]$strace-etrace=desc./b.out

open("/etc/ld.so.preload",O_RDONLY)=3

fstat64(3,{st_mode=S_IFREG|0444,st_size=17,...})=0

close(3)=0

open("/lib/libcwait.so",O_RDONLY)=3

read(3,"\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0\20\3\0\0004\0\0\0"...,512)=512

fstat64(3,{st_mode=S_IFREG|0755,st_size=2572,...})=0

close(3)=0

open("/etc/ld.so.cache",O_RDONLY)=3

fstat64(3,{st_mode=S_IFREG|0644,st_size=45307,...})=0

close(3)=0

open("/usr/lib/libstdc++.so.6",O_RDONLY)=3

read(3,"\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0P\2348\0004\0\0\0"...,512)=512

fstat64(3,{st_mode=S_IFREG|0755,st_size=936908,...})=0

close(3)=0

open("/lib/libm.so.6",O_RDONLY)=3

4。按调用过程来排序,并显示相对时间

guest@localhosttmp]$strace-r-Scalls./b.out

0.000000execve("./b.out",["./b.out"],[/*20vars*/])=0

0.001860brk(0)=0x86b4000

0.000236access("/etc/ld.so.preload",R_OK)=0

0.001263open("/etc/ld.so.preload",O_RDONLY)=3

0.000497fstat64(3,{st_mode=S_IFREG|0444,st_size=17,...})=0

0.000211mmap2(NULL,17,PROT_READ|PROT_WRITE,MAP_PRIVATE,3,0)=0xb7ff3000

0.000756close(3)=0

0.000173open("/lib/libcwait.so",O_RDONLY)=3

0.001096read(3,"\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0\20\3\0\0004\0\0\0"...,512)=512

0.000164fstat64(3,{st_mode=S_IFREG|0755,st_size=2572,...})=0

0.000610mmap2(NULL,4096,PROT_READ|PROT_WRITE,MAP_PRIVATE|MAP_ANONYMOUS,-1,0)=0xb7ff2000

0.000165mmap2(NULL,5544,PROT_READ|PROT_EXEC,MAP_PRIVATE|MAP_DENYWRITE,3,0)=0x76d000

0.000757mmap2(0x76e000,4096,PROT_READ|PROT_WRITE,MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE,3,0)=0x76e000

0.000159close(3)=0

0.000762munmap(0xb7ff3000,17)=0

0.000160open("/etc/ld.so.cache",O_RDONLY)=3

5。调试vsftpd,其进程号为21712,在下例中-f参数对子进程也进行了跟踪。

[root@test1~]#strace-f-T-p21712

Process21712attached-interrupttoquit

注:此时从另外一终端访问ftp

accept(3,{sa_family=AF_INET,sin_port=htons(4138),sin_addr=inet_addr("192.168.203.137")},[16])=0<10.148879>

rt_sigprocmask(SIG_BLOCK,[CHLD],NULL,=0<0.000050>

rt_sigprocmask(SIG_BLOCK,[HUP],NULL,=0<0.000046>

clone(Process21732attached(waitingforparent)

Process21732resumed(parent21712ready)

child_stack=0,flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD,child_tidptr=0xb7fcd718)=21732<0.000514>

[pid21712]close(0)=0<0.000046>

[pid21712]rt_sigprocmask(SIG_UNBLOCK,[CHLD],NULL,=0<0.000049>

[pid21712]rt_sigprocmask(SIG_UNBLOCK,[HUP],NULL,=0<0.000039>

[pid21712]accept(3,<unfinished...>

[pid21732]close(3)=0<0.000055>

[pid21732]dup2(0,1)=1<0.000041>

[pid21732]dup2(0,2)=2<0.000040>

[pid21732]getpeername(0,{sa_family=AF_INET,sin_port=htons(4138),sin_addr=inet_addr("192.168.203.137")},[16])=0<0.000046>

[pid21732]getsockname(0,{sa_family=AF_INET,sin_port=htons(21),sin_addr=inet_addr("192.168.203.139")},[16])=0<0.000042>

[pid21732]open("/etc/hosts.allow",O_RDONLY)=3<0.000065>

[pid21732]fstat64(3,{st_mode=S_IFREG|0644,st_size=161,...})=0<0.000043>

[pid21732]mmap2(NULL,4096,PROT_READ|PROT_WRITE,MAP_PRIVATE|MAP_ANONYMOUS,-1,0)=0xb7fdc000<0.000054>

[pid21732]read(3,"#\n#hosts.allow\tThisfiledescri"...,4096)=161<0.000102>

[pid21732]read(3,"",4096)=0<0.000044>

[pid21732]close(3)=0<0.000044>

[pid21732]munmap(0xb7fdc000,4096)=0<0.000072>

[pid21732]open("/etc/hosts.deny",O_RDONLY)=3<0.000050>

[pid21732]fstat64(3,{st_mode=S_IFREG|0644,st_size=347,...})=0<0.000041>

.....................................

6。其他...

相关推荐