全部博文(930)
分类: C/C++
2010-07-29 17:57:10
strace -T -tt -p
strace - trace system calls and signals
usage: strace [-dffhiqrtttTvVxx] [-a column] [-e expr] ... [-o file]
[-p pid] ... [-s strsize] [-u username] [-E var=val] ...
[command [arg ...]]
or: strace -c [-e expr] ... [-O overhead] [-S sortby] [-E var=val] ...
[command [arg ...]]
1。 -c -- count time, calls, and errors for each syscall and report summary
为每个系统调用计算时间、调用、错误,并报告摘要
2。 -f -- follow forks, -ff -- with output into separate files
-f 跟踪fork的进程;-ff 把输出定向到独立的文件
3。 -F -- attempt to follow vforks, -h -- print help message
-F 尝试跟踪vfork的进程,当今平台与-f功能相同;-h 打印帮助信息
4。 -i -- print instruction pointer at time of syscall
在系统调用时,打印指令指针
5。 -q -- suppress messages about attaching, detaching, etc.
抑制附加、分离等信息
6。 -r -- print relative timestamp, -t -- absolute timestamp, -tt -- with usecs
-r 打印相对时间戳;-t 绝对时间戳;-tt 微秒
7。 -T -- print time spent in each syscall, -V -- print version
-T 打印每个系统调用的时间花费;-V 打印版本
8。 -v -- verbose mode: print unabbreviated argv, stat, termio[s], etc. args
-v 详细模式,打印非简略的参数、状态、termio[s]等
9。 -x -- print non-ascii strings in hex, -xx -- print all strings in hex
-x 打印非ascii的字符串为16进制;-xx 打印所有的字符串为16进制
10。-a column -- alignment COLUMN for printing syscall results (default 40)
对系统调用结果对齐列(默认为40列)
11。-e expr -- a qualifying expression: option=[!]all or option=[!]val1[,val2]...
options: trace, abbrev, verbose, raw, signal, read, or write
在-e后附表达式。一个合格的表达式:选项=[!]所有 或者 选项=[!]值1[,值2]....;可选项:跟踪、缩写、冗长、原始的东东、信号、读、写。
12 -o file -- send trace output to FILE instead of stderr
发送跟踪输出到文件,而不是stderr
13。-O overhead -- set overhead for tracing syscalls to OVERHEAD usecs
设置跟踪系统调用的最大时间
14。-p pid -- trace process with process id PID, may be repeated
跟踪值为ID的进程,可以重复多个哦(注:最多32个)
15。-s strsize -- limit length of print strings to STRSIZE chars (default 32)
限制打印字符串的最大长度,默认为32字节
16。-S sortby -- sort syscall counts by: time, calls, name, nothing (default time)
排序,以系统调用过程中的时间、或者调用名等作为排序项。
17。-u username -- run command as username handling setuid and/or setgid
以其他用户名或者组名运行命令
18。-E var=val -- put var=val in the environment for command
设置环境变量
19。-E var -- remove var from the environment for command
清除环境变量
#################################################################################################
常见的使用方式有:
1。查看CPU运行时间
[guest@localhost tmp]$ strace -c ./b.out
% time seconds usecs/call calls errors syscall
------ ----------- ----------- --------- --------- ----------------
42.72 0.000692 87 8 open
38.40 0.000622 622 1 set_thread_area
16.85 0.000273 137 2 munmap
2.04 0.000033 5 7 read
0.00 0.000000 0 8 close
0.00 0.000000 0 1 execve
0.00 0.000000 0 1 access
0.00 0.000000 0 3 brk
0.00 0.000000 0 4 mprotect
0.00 0.000000 0 17 mmap2
0.00 0.000000 0 7 fstat64
------ ----------- ----------- --------- --------- ----------------
100.00 0.001620 59 total
2。查看相对运行时间
[guest@localhost tmp]$ strace -r ./b.out
0.000560 mprotect(0xb91000, 8192, PROT_READ) = 0
0.000196 mprotect(0x45c000, 4096, PROT_READ) = 0
0.000884 mprotect(0x42a000, 16384, PROT_READ) = 0
0.000191 mprotect(0xa4a000, 4096, PROT_READ) = 0
0.000144 munmap(0xb7f12000, 45307) = 0
0.000577 brk(0) = 0x8c2b000
0.000171 brk(0x8c4c000) = 0x8c4c000
0.000183 open("sleeper.cpp", O_RDONLY|O_LARGEFILE) = 3
0.000225 read(3, "#include
0.000298 close(3) = 0
0.000192 exit_group(0) = ?
3。查看文件变动相关的信号
[guest@localhost tmp]$ strace -e trace=desc ./b.out
open("/etc/ld.so.preload", O_RDONLY) = 3
fstat64(3, {st_mode=S_IFREG|0444, st_size=17, ...}) = 0
close(3) = 0
open("/lib/libcwait.so", O_RDONLY) = 3
read(3, "\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0\20\3\0\0004\0\0\0"..., 512) = 512
fstat64(3, {st_mode=S_IFREG|0755, st_size=2572, ...}) = 0
close(3) = 0
open("/etc/ld.so.cache", O_RDONLY) = 3
fstat64(3, {st_mode=S_IFREG|0644, st_size=45307, ...}) = 0
close(3) = 0
open("/usr/lib/libstdc++.so.6", O_RDONLY) = 3
read(3, "\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0P\2348\0004\0\0\0"..., 512) = 512
fstat64(3, {st_mode=S_IFREG|0755, st_size=936908, ...}) = 0
close(3) = 0
open("/lib/libm.so.6", O_RDONLY) = 3
4。按调用过程来排序,并显示相对时间
tmp]$ strace -r -S calls ./b.out
0.000000 execve("./b.out", ["./b.out"], [/* 20 vars */]) = 0
0.001860 brk(0) = 0x86b4000
0.000236 access("/etc/ld.so.preload", R_OK) = 0
0.001263 open("/etc/ld.so.preload", O_RDONLY) = 3
0.000497 fstat64(3, {st_mode=S_IFREG|0444, st_size=17, ...}) = 0
0.000211 mmap2(NULL, 17, PROT_READ|PROT_WRITE, MAP_PRIVATE, 3, 0) = 0xb7ff3000
0.000756 close(3) = 0
0.000173 open("/lib/libcwait.so", O_RDONLY) = 3
0.001096 read(3, "\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0\20\3\0\0004\0\0\0"..., 512) = 512
0.000164 fstat64(3, {st_mode=S_IFREG|0755, st_size=2572, ...}) = 0
0.000610 mmap2(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0xb7ff2000
0.000165 mmap2(NULL, 5544, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x76d000
0.000757 mmap2(0x76e000, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0) = 0x76e000
0.000159 close(3) = 0
0.000762 munmap(0xb7ff3000, 17) = 0
0.000160 open("/etc/ld.so.cache", O_RDONLY) = 3
5。调试vsftpd,其进程号为21712,在下例中-f参数对子进程也进行了跟踪。
[root@test1 ~]# strace -f -T -p 21712
Process 21712 attached - interrupt to quit
注:此时从另外一终端访问ftp
accept(3, {sa_family=AF_INET, sin_port=htons(4138), sin_addr=inet_addr("192.168.203.137")}, [16]) = 0 <10.148879>
rt_sigprocmask(SIG_BLOCK, [CHLD], NULL, 8) = 0 <0.000050>
rt_sigprocmask(SIG_BLOCK, [HUP], NULL, 8) = 0 <0.000046>
clone(Process 21732 attached (waiting for parent)
Process 21732 resumed (parent 21712 ready)
child_stack=0, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0xb7fcd718) = 21732 <0.000514>
[pid 21712] close(0) = 0 <0.000046>
[pid 21712] rt_sigprocmask(SIG_UNBLOCK, [CHLD], NULL, 8) = 0 <0.000049>
[pid 21712] rt_sigprocmask(SIG_UNBLOCK, [HUP], NULL, 8) = 0 <0.000039>
[pid 21712] accept(3,
[pid 21732] close(3) = 0 <0.000055>
[pid 21732] dup2(0, 1) = 1 <0.000041>
[pid 21732] dup2(0, 2) = 2 <0.000040>
[pid 21732] getpeername(0, {sa_family=AF_INET, sin_port=htons(4138), sin_addr=inet_addr("192.168.203.137")}, [16]) = 0 <0.000046>
[pid 21732] getsockname(0, {sa_family=AF_INET, sin_port=htons(21), sin_addr=inet_addr("192.168.203.139")}, [16]) = 0 <0.000042>
[pid 21732] open("/etc/hosts.allow", O_RDONLY) = 3 <0.000065>
[pid 21732] fstat64(3, {st_mode=S_IFREG|0644, st_size=161, ...}) = 0 <0.000043>
[pid 21732] mmap2(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0xb7fdc000 <0.000054>
[pid 21732] read(3, "#\n# hosts.allow\tThis file descri"..., 4096) = 161 <0.000102>
[pid 21732] read(3, "", 4096) = 0 <0.000044>
[pid 21732] close(3) = 0 <0.000044>
[pid 21732] munmap(0xb7fdc000, 4096) = 0 <0.000072>
[pid 21732] open("/etc/hosts.deny", O_RDONLY) = 3 <0.000050>
[pid 21732] fstat64(3, {st_mode=S_IFREG|0644, st_size=347, ...}) = 0 <0.000041>
.....................................
6。其他...
