1、strace是什么
strace是一个非常简单的工具,它可以跟踪系统调用的执行。最简单的方式,它可以从头到尾跟踪binary的执行,然后以一行文本输出系统调用的名字,参数和返回值。可用于诊断、调试和教学的Linux用户空间跟踪器。我们用它来监控用户空间进程和内核的交互,比如系统调用、信号传递、进程状态变更等。strace底层使用内核的ptrace特性来实现其功能。
2、怎么用
1)strace最简单的用法是执行一个指定的命令(过程中,starce会记录和解析命令进程的所有系统调用及这个进程的所有的信号值),在指定命令结束后立即退出
[root@VM_0_11_centos grub2]# strace cat /boot/grub2/grub.cfg
execve("/usr/bin/cat", ["cat", "/boot/grub2/grub.cfg"], [/* 23 vars */]) = 0
brk(NULL) = 0x1741000
mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f9eb4042000
access("/etc/ld.so.preload", R_OK) = -1 ENOENT (No such file or directory)
open("/etc/ld.so.cache", O_RDONLY|O_CLOEXEC) = 3
fstat(3, {st_mode=S_IFREG|0644, st_size=38171, ...}) = 0
mmap(NULL, 38171, PROT_READ, MAP_PRIVATE, 3, 0) = 0x7f9eb4038000
close(3) = 0
open("/lib64/libc.so.6", O_RDONLY|O_CLOEXEC) = 3
read(3, "\177ELF\2\1\1\3\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0\20&\2\0\0\0\0\0"..., 832) = 832
fstat(3, {st_mode=S_IFREG|0755, st_size=2156160, ...}) = 0
mmap(NULL, 3985888, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x7f9eb3a54000
mprotect(0x7f9eb3c17000, 2097152, PROT_NONE) = 0
mmap(0x7f9eb3e17000, 24576, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x1c3000) = 0x7f9eb3e17000
mmap(0x7f9eb3e1d000, 16864, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x7f9eb3e1d000
close(3) = 0
mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f9eb4037000
mmap(NULL, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f9eb4035000
arch_prctl(ARCH_SET_FS, 0x7f9eb4035740) = 0
mprotect(0x7f9eb3e17000, 16384, PROT_READ) = 0
mprotect(0x60b000, 4096, PROT_READ) = 0
mprotect(0x7f9eb4043000, 4096, PROT_READ) = 0
munmap(0x7f9eb4038000, 38171) = 0
brk(NULL) = 0x1741000
brk(0x1762000) = 0x1762000
brk(NULL) = 0x1762000
open("/usr/lib/locale/locale-archive", O_RDONLY|O_CLOEXEC) = 3
fstat(3, {st_mode=S_IFREG|0644, st_size=106075056, ...}) = 0
mmap(NULL, 106075056, PROT_READ, MAP_PRIVATE, 3, 0) = 0x7f9ead52a000
close(3) = 0
fstat(1, {st_mode=S_IFCHR|0620, st_rdev=makedev(136, 0), ...}) = 0
open("/boot/grub2/grub.cfg", O_RDONLY) = 3
fstat(3, {st_mode=S_IFREG|0644, st_size=5944, ...}) = 0
fadvise64(3, 0, 0, POSIX_FADV_SEQUENTIAL) = 0
read(3, "#\n# DO NOT EDIT THIS FILE\n#\n# It"..., 65536) = 5944
write(1, "#\n# DO NOT EDIT THIS FILE\n#\n# It"..., 5944#
[root@VM_0_11_centos grub2]#
2)跟踪指定的进程号
root 24765 24715 0 17:02 ? 00:00:00 /usr/libexec/openssh/sftp-server
root 24818 24750 0 17:02 pts/1 00:00:00 top
root 25167 2 0 17:03 ? 00:00:00 [kworker/u2:2]
root 25737 1 0 Dec18 ? 00:00:00 /usr/bin/Xvnc :1 -auth /root/.Xauthority -desktop VM_0_11_centos:1 (root) -fp catalogue:/etc/X11/fontpath.d -geometry 1024
root 31178 1201 0 17:08 ? 00:00:00 sshd: root [priv]
sshd 31179 31178 0 17:08 ? 00:00:00 sshd: root [net]
root 31235 24725 0 17:08 pts/0 00:00:00 ps -ef
[root@VM_0_11_centos grub2]# strace -p 24818
strace: Process 24818 attached
pselect6(1, [0], NULL, NULL, {1, 849844948}, {[WINCH], 8}) = 0 (Timeout)
lseek(6, 0, SEEK_SET) = 0
read(6, "MemTotal: 1916008 kB\nMemF"..., 8191) = 1282
lseek(5, 0, SEEK_SET) = 0
read(5, "666882.64 643819.40\n", 8191) = 20
openat(AT_FDCWD, "/proc", O_RDONLY|O_NONBLOCK|O_DIRECTORY|O_CLOEXEC) = 8
getdents(8, /* 145 entries */, 32768) = 3896
stat("/proc/1", {st_mode=S_IFDIR|0555, st_size=0, ...}) = 0
open("/proc/1/stat", O_RDONLY) = 9
read(9, "1 (systemd) S 0 1 1 0 -1 4202752"..., 1024) = 378
close(9) = 0
open("/proc/1/statm", O_RDONLY) = 9
read(9, "12970 930 588 355 0 2399 0\n", 1024) = 27
close(9) = 0
stat("/proc/2", {st_mode=S_IFDIR|0555, st_size=0, ...}) = 0
open("/proc/2/stat", O_RDONLY) = 9
read(9, "2 (kthreadd) S 0 0 0 0 -1 213817"..., 1024) = 168
close(9) = 0
open("/proc/2/statm", O_RDONLY) = 9
read(9, "0 0 0 0 0 0 0\n", 1024) = 14
close(9) = 0
stat("/proc/3", {st_mode=S_IFDIR|0555, st_size=0, ...}) = 0
open("/proc/3/stat", O_RDONLY) = 9
read(9, "3 (ksoftirqd/0) S 2 0 0 0 -1 692"..., 1024) = 176
close(9) = 0
open("/proc/3/statm", O_RDONLY) = 9
read(9, "0 0 0 0 0 0 0\n", 1024) = 14
close(9) = 0
stat("/proc/5", {st_mode=S_IFDIR|0555, st_size=0, ...}) = 0
open("/proc/5/stat", O_RDONLY) = 9
read(9, "5 (kworker/0:0H) S 2 0 0 0 -1 69"..., 1024) = 175
close(9) = 0
open("/proc/5/statm", O_RDONLY) = 9
read(9, "0 0 0 0 0 0 0\n", 1024) = 14
close(9) = 0
stat("/proc/7", {st_mode=S_IFDIR|0555, st_size=0, ...}) = 0
open("/proc/7/stat", O_RDONLY) = 9
read(9, "7 (migration/0) S 2 0 0 0 -1 692"..., 1024) = 176
close(9) = 0
open("/proc/7/statm", O_RDONLY) = 9
read(9, "0 0 0 0 0 0 0\n", 1024) = 14
close(9) = 0
stat("/proc/8", {st_mode=S_IFDIR|0555, st_size=0, ...}) = 0
open("/proc/8/stat", O_RDONLY) = 9
read(9, "8 (rcu_bh) S 2 0 0 0 -1 2138176 "..., 1024) = 167
close(9) = 0
open("/proc/8/statm", O_RDONLY) = 9
read(9, "0 0 0 0 0 0 0\n", 1024) = 14
close(9) = 0
stat("/proc/9", {st_mode=S_IFDIR|0555, st_size=0, ...}) = 0
open("/proc/9/stat", O_RDONLY) = 9
read(9, "9 (rcu_sched) R 2 0 0 0 -1 21381"..., 1024) = 155
close(9) = 0
open("/proc/9/statm", O_RDONLY) = 9
read(9, "0 0 0 0 0 0 0\n", 1024) = 14
close(9) = 0
stat("/proc/10", {st_mode=S_IFDIR|0555, st_size=0, ...}) = 0
open("/proc/10/stat", O_RDONLY) = 9
read(9, "10 (lru-add-drain) S 2 0 0 0 -1 "..., 1024) = 177
close(9) = 0
open("/proc/10/statm", O_RDONLY) = 9
read(9, "0 0 0 0 0 0 0\n", 1024) = 14
close(9) = 0
stat("/proc/11", {st_mode=S_IFDIR|0555, st_size=0, ...}) = 0
open("/proc/11/stat", O_RDONLY) = 9
read(9, "11 (watchdog/0) S 2 0 0 0 -1 692"..., 1024) = 178
close(9) = 0
open("/proc/11/statm", O_RDONLY) = 9
read(9, "0 0 0 0 0 0 0\n", 1024) = 14
close(9) = 0
stat("/proc/13", {st_mode=S_IFDIR|0555, st_size=0, ...}) = 0
open("/proc/13/stat", O_RDONLY) = 9
read(9, "13 (kdevtmpfs) S 2 0 0 0 -1 2138"..., 1024) = 171
close(9) = 0
open("/proc/13/statm", O_RDONLY) = 9
read(9, "0 0 0 0 0 0 0\n", 1024) = 14
close(9) = 0
stat("/proc/14", {st_mode=S_IFDIR|0555, st_size=0, ...}) = 0
open("/proc/14/stat", O_RDONLY) = 9
read(9, "14 (netns) S 2 0 0 0 -1 69247072"..., 1024) = 169
close(9) = 0
open("/proc/14/statm", O_RDONLY) = 9
read(9, "0 0 0 0 0 0 0\n", 1024) = 14
close(9) = 0
stat("/proc/15", {st_mode=S_IFDIR|0555, st_size=0, ...}) = 0
open("/proc/15/stat", O_RDONLY) = 9
read(9, "15 (khungtaskd) S 2 0 0 0 -1 213"..., 1024) = 173
close(9) = 0
open("/proc/15/statm", O_RDONLY) = 9
read(9, "0 0 0 0 0 0 0\n", 1024) = 14
close(9) = 0
stat("/proc/16", {st_mode=S_IFDIR|0555, st_size=0, ...}) = 0
open("/proc/16/stat", O_RDONLY) = 9
read(9, "16 (writeback) S 2 0 0 0 -1 6924"..., 1024) = 174
close(9) = 0
open("/proc/16/statm", O_RDONLY) = 9
read(9, "0 0 0 0 0 0 0\n", 1024) = 14
close(9) = 0
stat("/proc/17", {st_mode=S_IFDIR|0555, st_size=0, ...}) = 0
open("/proc/17/stat", O_RDONLY) = 9
read(9, "17 (kintegrityd) S 2 0 0 0 -1 69"..., 1024) = 176
close(9) = 0
open("/proc/17/statm", O_RDONLY) = 9
read(9, "0 0 0 0 0 0 0\n", 1024) = 14
close(9) = 0
stat("/proc/18", {st_mode=S_IFDIR|0555, st_size=0, ...}) = 0
open("/proc/18/stat", O_RDONLY) = 9
read(9, "18 (bioset) S 2 0 0 0 -1 6924707"..., 1024) = 171
close(9) = 0
open("/proc/18/statm", O_RDONLY) = 9
read(9, "0 0 0 0 0 0 0\n", 1024) = 14
close(9) = 0
stat("/proc/19", {st_mode=S_IFDIR|0555, st_size=0, ...}) = 0
open("/proc/19/stat", O_RDONLY) = 9
read(9, "19 (bioset) S 2 0 0 0 -1 6924707"..., 1024) = 171
close(9) = 0
open("/proc/19/statm", O_RDONLY) = 9
read(9, "0 0 0 0 0 0 0\n", 1024) = 14
close(9) = 0
stat("/proc/20", {st_mode=S_IFDIR|0555, st_size=0, ...}) = 0
open("/proc/20/stat", O_RDONLY) = 9
read(9, "20 (bioset) S 2 0 0 0 -1 6924707"..., 1024) = 171
close(9) = 0
open("/proc/20/statm", O_RDONLY) = 9
read(9, "0 0 0 0 0 0 0\n", 1024) = 14
close(9) = 0
stat("/proc/21", {st_mode=S_IFDIR|0555, st_size=0, ...}) = 0
open("/proc/21/stat", O_RDONLY) = 9
read(9, "21 (kblockd) S 2 0 0 0 -1 692470"..., 1024) = 172
close(9) = 0
open("/proc/21/statm", O_RDONLY) = 9
read(9, "0 0 0 0 0 0 0\n", 1024) = 14
close(9) = 0
stat("/proc/22", {st_mode=S_IFDIR|0555, st_size=0, ...}) = 0
open("/proc/22/stat", O_RDONLY) = 9
read(9, "22 (md) S 2 0 0 0 -1 69247072 0 "..., 1024) = 167
close(9) = 0
open("/proc/22/statm", O_RDONLY) = 9
read(9, "0 0 0 0 0 0 0\n", 1024) = 14
close(9) = 0
stat("/proc/23", {st_mode=S_IFDIR|0555, st_size=0, ...}) = 0
open("/proc/23/stat", O_RDONLY) = 9
read(9, "23 (edac-poller) S 2 0 0 0 -1 69"..., 1024) = 176
close(9) = 0
open("/proc/23/statm", O_RDONLY) = 9
read(9, "0 0 0 0 0 0 0\n", 1024) = 14
close(9) = 0
stat("/proc/24", {st_mode=S_IFDIR|0555, st_size=0, ...}) = 0
open("/proc/24/stat", O_RDONLY) = 9
read(9, "24 (watchdogd) S 2 0 0 0 -1 6924"..., 1024) = 174
close(9) = 0
open("/proc/24/statm", O_RDONLY) = 9
read(9, "0 0 0 0 0 0 0\n", 1024) = 14
close(9) = 0
stat("/proc/30", {st_mode=S_IFDIR|0555, st_size=0, ...}) = 0
open("/proc/30/stat", O_RDONLY) = 9
read(9, "30 (kswapd0) S 2 0 0 0 -1 107582"..., 1024) = 175
close(9) = 0
open("/proc/30/statm", O_RDONLY) = 9
read(9, "0 0 0 0 0 0 0\n", 1024) = 14
close(9) = 0
stat("/proc/31", {st_mode=S_IFDIR|0555, st_size=0, ...}) = 0
open("/proc/31/stat", O_RDONLY) = 9
read(9, "31 (ksmd) S 2 0 0 0 -1 107584723"..., 1024) = 170
close(9) = 0
open("/proc/31/statm", O_RDONLY) = 9
read(9, "0 0 0 0 0 0 0\n", 1024) = 14
close(9) = 0
stat("/proc/32", {st_mode=S_IFDIR|0555, st_size=0, ...}) = 0
open("/proc/32/stat", O_RDONLY) = 9
read(9, "32 (khugepaged) S 2 0 0 0 -1 107"..., 1024) = 179
close(9) = 0
open("/proc/32/statm", O_RDONLY) = 9
read(9, "0 0 0 0 0 0 0\n", 1024) = 14
close(9) = 0
stat("/proc/33", {st_mode=S_IFDIR|0555, st_size=0, ...}) = 0
open("/proc/33/stat", O_RDONLY) = 9
read(9, "33 (crypto) S 2 0 0 0 -1 6924707"..., 1024) = 171
close(9) = 0
open("/proc/33/statm", O_RDONLY) = 9
read(9, "0 0 0 0 0 0 0\n", 1024) = 14
close(9) = 0
stat("/proc/41", {st_mode=S_IFDIR|0555, st_size=0, ...}) = 0
open("/proc/41/stat", O_RDONLY) = 9
read(9, "41 (kthrotld) S 2 0 0 0 -1 69247"..., 1024) = 173
3)使用-c参数,它会将进程的所有系统调用做一个统计分析展示出来
[root@VM_0_11_centos grub2]# strace -c ls /boot/grub2/grub.cfg
/boot/grub2/grub.cfg
% time seconds usecs/call calls errors syscall
------ ----------- ----------- --------- --------- ----------------
0.00 0.000000 0 10 read
0.00 0.000000 0 1 write
0.00 0.000000 0 11 open
0.00 0.000000 0 13 close
0.00 0.000000 0 2 1 stat
0.00 0.000000 0 12 fstat
0.00 0.000000 0 1 lstat
0.00 0.000000 0 28 mmap
0.00 0.000000 0 18 mprotect
0.00 0.000000 0 3 munmap
0.00 0.000000 0 3 brk
0.00 0.000000 0 2 rt_sigaction
0.00 0.000000 0 1 rt_sigprocmask
0.00 0.000000 0 2 ioctl
0.00 0.000000 0 2 1 access
0.00 0.000000 0 1 execve
0.00 0.000000 0 1 getrlimit
0.00 0.000000 0 2 2 statfs
0.00 0.000000 0 1 arch_prctl
0.00 0.000000 0 1 set_tid_address
0.00 0.000000 0 1 set_robust_list
------ ----------- ----------- --------- --------- ----------------
100.00 0.000000 116 4 total
[root@VM_0_11_centos grub2]#
4)-T 将每个系统调用所花费的时间打印出来
[root@VM_0_11_centos grub2]# strace -T ls /boot/grub2/grub.cfg
execve("/usr/bin/ls", ["ls", "/boot/grub2/grub.cfg"], [/* 23 vars */]) = 0 <0.000097>
brk(NULL) = 0xdc6000 <0.000009>
mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f415fd88000 <0.000010>
access("/etc/ld.so.preload", R_OK) = -1 ENOENT (No such file or directory) <0.000010>
open("/etc/ld.so.cache", O_RDONLY|O_CLOEXEC) = 3 <0.000011>
fstat(3, {st_mode=S_IFREG|0644, st_size=38171, ...}) = 0 <0.000010>
mmap(NULL, 38171, PROT_READ, MAP_PRIVATE, 3, 0) = 0x7f415fd7e000 <0.000010>
close(3) = 0 <0.000008>
open("/lib64/libselinux.so.1", O_RDONLY|O_CLOEXEC) = 3 <0.000012>
read(3, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0\320i\0\0\0\0\0\0"..., 832) = 832 <0.000010>
fstat(3, {st_mode=S_IFREG|0755, st_size=155784, ...}) = 0 <0.000009>
mmap(NULL, 2255184, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x7f415f941000 <0.000011>
mprotect(0x7f415f965000, 2093056, PROT_NONE) = 0 <0.000013>
mmap(0x7f415fb64000, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x23000) = 0x7f415fb64000 <0.000013>
mmap(0x7f415fb66000, 6480, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x7f415fb66000 <0.000011>
close(3) = 0 <0.000008>
open("/lib64/libcap.so.2", O_RDONLY|O_CLOEXEC) = 3 <0.000012>
read(3, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0\20\26\0\0\0\0\0\0"..., 832) = 832 <0.000009>
fstat(3, {st_mode=S_IFREG|0755, st_size=20048, ...}) = 0 <0.000010>
mmap(NULL, 2114112, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x7f415f73c000 <0.000011>
mprotect(0x7f415f740000, 2093056, PROT_NONE) = 0 <0.000012>
mmap(0x7f415f93f000, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x3000) = 0x7f415f93f000 <0.000011>
来源:CSDN
作者:远去的栀子花
链接:https://blog.csdn.net/u012967763/article/details/103646103