strace 调试工具
strace是一个基础的调试工具,常用来跟踪进程执行时的系统调用和所接受的信号。进程不能直接访问硬件设备,当进程需要访问硬件设备,如读取磁盘文件,接收网络数据时,必须由用户态模式切换至内核态模式,通过系统调用访问硬件设备.strace可以跟踪到一个进程产生的系统调用,包括参数,返回值,执行消耗的时间.一个系统调用就是一个从应用程序到内核的消息.
strace参数:
-c 统计每一系统调用的所执行的时间,次数和出错的次数等.
-d 输出strace关于标准错误的调试信息.
-u username 以username 的UID和GID执行被跟踪的命令
-p pid 跟踪指定的进程pid
-o filename 将输出内容保存到filename中
-f 跟踪由fork调用所产生的子进程.
-ff 如果提供-o filename,则所有进程的跟踪结果输出到相应的filename.pid中,pid是各进程的进程号.
-F 尝试跟踪vfork调用.在-f时,vfork不被跟踪.
-h 输出简要的帮助信息.
-i 输出系统调用的入口指针.
-q 禁止输出关于脱离的消息.
-r 打印出相对时间关于,,每一个系统调用.
-t 在输出中的每一行前加上时间信息.
-tt 在输出中的每一行前加上时间信息,微秒级.
-ttt 微秒级输出,以秒了表示时间.
-T 显示每一调用所耗的时间.
-v 输出所有的系统调用.一些调用关于环境变量,状态,输入输出等调用由于使用频繁,默认不输出.
-V 输出strace的版本信息.
-e expr 指定一个表达式,用来控制如何跟踪.格式如下:
[qualifier=][!]value1[,value2]...
qualifier只能是 trace,abbrev,verbose,raw,signal,read,write其中之一.value是用来限定的符号或数字.默认的qualifier是 trace
例如:
-eopen等价于 -e trace=open,表示只跟踪open调用.而-etrace!=open表示跟踪除了open以外的其他调用.有两个特殊的符号 all 和 none.
-e trace=set 只跟踪指定的系统调用.例如:-e trace=open,close,rean,write表示只跟踪这四个系统调用.默认的为set=all.
-e trace=file 跟踪有关文件操作的系统调用.
-e trace=process 跟踪有关进程控制的系统调用.
-e trace=network 跟踪与网络有关的所有系统调用.
-e trace=signal 跟踪所有与系统信号有关的系统调用
-e trace=ipc 跟踪所有与进程通讯有关的系统调用
下面来看一个命令实例:
[email protected]:~# strace -o strace.out ls -l total 1472 -rw-r--r-- 1 root root 38695 2013-04-11 23:32 0.jpg -rw-r--r-- 1 root root 48829 2013-04-11 23:32 10.jpg -rw-r--r-- 1 root root 51835 2013-04-11 23:32 11.jpg -rwxr-xr-x 1 root root 415 2013-04-11 23:03 11.py -rw-r--r-- 1 root root 41688 2013-04-11 23:32 12.jpg -rwxr-xr-x 1 root root 126 2013-04-11 23:24 12.py -rw-r--r-- 1 root root 1077 2013-04-11 23:32 13.jpg -rwxr-xr-x 1 root root 136 2013-04-11 23:20 13.py -rw-r--r-- 1 root root 33989 2013-04-11 23:32 14.jpg -rw-r--r-- 1 root root 41890 2013-04-11 23:32 15.jpg -rw-r--r-- 1 root root 35728 2013-04-11 23:32 16.jpg -rw-r--r-- 1 root root 44405 2013-04-11 23:32 17.jpg -rw-r--r-- 1 root root 29847 2013-04-11 23:32 18.jpg -rw-r--r-- 1 root root 44607 2013-04-11 23:32 19.jpg -rw-r--r-- 1 root root 23939 2013-04-11 23:32 1.jpg -rw-r--r-- 1 root root 45592 2013-04-11 23:32 20.jpg -rw-r--r-- 1 root root 60910 2013-04-11 23:32 2.jpg -rw-r--r-- 1 root root 39014 2013-04-11 23:32 3.jpg -rw-r--r-- 1 root root 19057 2013-04-11 23:32 4.jpg -rw-r--r-- 1 root root 64584 2013-04-11 23:32 5.jpg -rw-r--r-- 1 root root 29297 2013-04-11 23:32 6.jpg -rw-r--r-- 1 root root 39145 2013-04-11 23:32 7.jpg -rw-r--r-- 1 root root 1059 2013-04-11 23:32 8.jpg -rw-r--r-- 1 root root 44797 2013-04-11 23:32 9.jpg
[email protected]:~# cat strace.out execve("/bin/ls", ["ls", "-l"], [/* 21 vars */]) = 0 #第一行显示execve的系统调用,当前可执行程序的位置/bin/ls brk(0) = 0x10c6000 mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f554b3ac000 access("/etc/ld.so.nohwcap", F_OK) = -1 ENOENT (No such file or directory) mmap(NULL, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f554b3aa000 access("/etc/ld.so.preload", R_OK) = -1 ENOENT (No such file or directory) open("/etc/ld.so.cache", O_RDONLY) = 3 fstat(3, {st_mode=S_IFREG|0644, st_size=12600, ...}) = 0 mmap(NULL, 12600, PROT_READ, MAP_PRIVATE, 3, 0) = 0x7f554b3a6000 close(3) = 0 access("/etc/ld.so.nohwcap", F_OK) = -1 ENOENT (No such file or directory) open("/lib/librt.so.1", O_RDONLY) = 3 #access查找一个文件,如果没有找到就返回-1和一个错误码,然后检查当前程序是否有访问权限.open试图打开一个文件,如果成功的话就会将其连接一个文件句柄. read(3, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0@#\0\0\0\0\0\0@"..., 832) = 832 fstat(3, {st_mode=S_IFREG|0644, st_size=35784, ...}) = 0 mmap(NULL, 2132968, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x7f554af89000 mprotect(0x7f554af91000, 2093056, PROT_NONE) = 0 mmap(0x7f554b190000, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x7000) = 0x7f554b190000 close(3) = 0 #fstat会获取连接到句柄的文件的相关信息. lstat("test.py", {st_mode=S_IFREG|0644, st_size=67, ...}) = 0 lgetxattr("test.py", "security.selinux", 0x10d0a70, 255) = -1 ENODATA (No data available) getxattr("test.py", "system.posix_acl_access", 0x0, 0) = -1 EOPNOTSUPP (Operation not supported) lstat("8.jpg", {st_mode=S_IFREG|0644, st_size=1059, ...}) = 0 lgetxattr("8.jpg", "security.selinux", 0x10d0a90, 255) = -1 ENODATA (No data available) getxattr("8.jpg", "system.posix_acl_access", 0x0, 0) = -1 EOPNOTSUPP (Operation not supported) lstat("12.jpg", {st_mode=S_IFREG|0644, st_size=41688, ...}) = 0 lgetxattr("12.jpg", "security.selinux", 0x10d0ab0, 255) = -1 ENODATA (No data available) getxattr("12.jpg", "system.posix_acl_access", 0x0, 0) = -1 EOPNOTSUPP (Operation not supported) lstat("a.txt", {st_mode=S_IFREG|0644, st_size=57, ...}) = 0 lgetxattr("a.txt", "security.selinux", 0x10d0ad0, 255) = -1 ENODATA (No data available) getxattr("a.txt", "system.posix_acl_access", 0x0, 0) = -1 EOPNOTSUPP (Operation not supported) #对于每个列出的文件还有lstat,lgetxattr,getxattr等调用.以获取文件信息. stat("/etc/localtime", {st_mode=S_IFREG|0644, st_size=3519, ...}) = 0 write(1, "-rw-r--r-- 1 root root 48829 201"..., 54) = 54 stat("/etc/localtime", {st_mode=S_IFREG|0644, st_size=3519, ...}) = 0 write(1, "-rw-r--r-- 1 root root 51835 201"..., 54) = 54 stat("/etc/localtime", {st_mode=S_IFREG|0644, st_size=3519, ...}) = 0 write(1, "-rwxr-xr-x 1 root root 415 201"..., 53) = 53 stat("/etc/localtime", {st_mode=S_IFREG|0644, st_size=3519, ...}) = 0 write(1, "-rw-r--r-- 1 root root 41688 201"..., 54) = 54 stat("/etc/localtime", {st_mode=S_IFREG|0644, st_size=3519, ...}) = 0 write(1, "-rwxr-xr-x 1 root root 126 201"..., 53) = 53 stat("/etc/localtime", {st_mode=S_IFREG|0644, st_size=3519, ...}) = 0 write(1, "-rw-r--r-- 1 root root 1077 201"..., 54) = 54 stat("/etc/localtime", {st_mode=S_IFREG|0644, st_size=3519, ...}) = 0 write(1, "-rwxr-xr-x 1 root root 136 201"..., 53) = 53 stat("/etc/localtime", {st_mode=S_IFREG|0644, st_size=3519, ...}) = 0 #最后每个文件都会按这种方式写入到输出文件 close(1) = 0 munmap(0x7f554b3a9000, 4096) = 0 close(2) = 0 exit_group(0) = ?
下面只跟踪open系统调用
[email protected]:~# strace -e trace=open -tt -o strace.out ls -l [email protected]:~# cat strace.out 15:17:54.349895 open("/etc/ld.so.cache", O_RDONLY) = 3 15:17:54.350229 open("/lib/librt.so.1", O_RDONLY) = 3 15:17:54.350415 open("/lib/libselinux.so.1", O_RDONLY) = 3 15:17:54.350609 open("/lib/libacl.so.1", O_RDONLY) = 3 15:17:54.350795 open("/lib/libc.so.6", O_RDONLY) = 3 15:17:54.350980 open("/lib/libpthread.so.0", O_RDONLY) = 3 15:17:54.351183 open("/lib/libdl.so.2", O_RDONLY) = 3 15:17:54.351380 open("/lib/libattr.so.1", O_RDONLY) = 3 15:17:54.352050 open("/etc/selinux/config", O_RDONLY) = -1 ENOENT (No such file or directory) 15:17:54.352179 open("/proc/mounts", O_RDONLY) = 3 15:17:54.352427 open("/usr/lib/locale/locale-archive", O_RDONLY) = 3 15:17:54.352646 open("/usr/share/locale/locale.alias", O_RDONLY) = 3 15:17:54.352857 open("/usr/share/locale/en_US.UTF-8/LC_TIME/coreutils.mo", O_RDONLY) = -1 ENOENT (No such file or directory) 15:17:54.352942 open("/usr/share/locale/en_US.utf8/LC_TIME/coreutils.mo", O_RDONLY) = -1 ENOENT (No such file or directory) 15:17:54.352990 open("/usr/share/locale/en_US/LC_TIME/coreutils.mo", O_RDONLY) = -1 ENOENT (No such file or directory) 15:17:54.353035 open("/usr/share/locale/en.UTF-8/LC_TIME/coreutils.mo", O_RDONLY) = -1 ENOENT (No such file or directory) 15:17:54.353079 open("/usr/share/locale/en.utf8/LC_TIME/coreutils.mo", O_RDONLY) = -1 ENOENT (No such file or directory) 15:17:54.353123 open("/usr/share/locale/en/LC_TIME/coreutils.mo", O_RDONLY) = -1 ENOENT (No such file or directory) 15:17:54.353182 open(".", O_RDONLY|O_NONBLOCK|O_DIRECTORY|O_CLOEXEC) = 3 15:17:54.353540 open("/etc/nsswitch.conf", O_RDONLY) = 4 15:17:54.353705 open("/etc/ld.so.cache", O_RDONLY) = 4 15:17:54.353809 open("/lib/libnss_compat.so.2", O_RDONLY) = 4 15:17:54.354001 open("/lib/libnsl.so.1", O_RDONLY) = 4 15:17:54.354332 open("/etc/ld.so.cache", O_RDONLY) = 4 15:17:54.354440 open("/lib/libnss_nis.so.2", O_RDONLY) = 4 15:17:54.354623 open("/lib/libnss_files.so.2", O_RDONLY) = 4 15:17:54.354851 open("/etc/passwd", O_RDONLY|O_CLOEXEC) = 4 15:17:54.355162 open("/etc/group", O_RDONLY|O_CLOEXEC) = 4 15:17:54.357098 open("/usr/share/locale/en_US.UTF-8/LC_MESSAGES/coreutils.mo", O_RDONLY) = -1 ENOENT (No such file or directory) 15:17:54.357155 open("/usr/share/locale/en_US.utf8/LC_MESSAGES/coreutils.mo", O_RDONLY) = -1 ENOENT (No such file or directory) 15:17:54.357200 open("/usr/share/locale/en_US/LC_MESSAGES/coreutils.mo", O_RDONLY) = -1 ENOENT (No such file or directory) 15:17:54.357244 open("/usr/share/locale/en.UTF-8/LC_MESSAGES/coreutils.mo", O_RDONLY) = -1 ENOENT (No such file or directory) 15:17:54.357288 open("/usr/share/locale/en.utf8/LC_MESSAGES/coreutils.mo", O_RDONLY) = -1 ENOENT (No such file or directory) 15:17:54.357332 open("/usr/share/locale/en/LC_MESSAGES/coreutils.mo", O_RDONLY) = -1 ENOENT (No such file or directory) 15:17:54.357547 open("/etc/localtime", O_RDONLY) = 3