centos7 strace的安装-摩杜云开发者社区

strace是一个功能强大的调试,分析诊断工具，主要用来监视系统调用。

1.下载strace-xxx.tar.xz

下载网址是：http://sourceforge.net/project/showfiles.php?group_id=2861&package_id=2819；

2.解压

$ xz -d ***.tar.xz

$ tar -xvf ***.tar

可以看到这个压缩包也是打包后再压缩，外面是xz压缩方式，里层是tar打包方式。

补充：目前可以直接使用 tar xvJf ***.tar.xz来解压

3.配置

./configure

4.编译

make

5.安装

make install

6.使用

strace命令的详细参数如下：

usage: strace [-dffhiqrtttTvVxx] [-a column] [-e expr] ... [-o file]

[-p pid] ... [-s strsize] [-u username] [-E var=val] ...

[command [arg ...]]

or: strace -c [-e expr] ... [-O overhead] [-S sortby] [-E var=val] ...

[command [arg ...]]

-c -- count time, calls, and errors for each syscall and report summary

-f -- follow forks, -ff -- with output into separate files

-F -- attempt to follow vforks, -h -- print help message

-i -- print instruction pointer at time of syscall

-q -- suppress messages about attaching, detaching, etc.

-r -- print relative timestamp, -t -- absolute timestamp, -tt -- with usecs

-T -- print time spent in each syscall, -V -- print version

-v -- verbose mode: print unabbreviated argv, stat, termio[s], etc. args

-x -- print non-ascii strings in hex, -xx -- print all strings in hex

-a column -- alignment COLUMN for printing syscall results (default 40)

-e expr -- a qualifying expression: option=[!]all or option=[!]val1[,val2]...

options: trace, abbrev, verbose, raw, signal, read, or write

-o file -- send trace output to FILE instead of stderr

-O overhead -- set overhead for tracing syscalls to OVERHEAD usecs

-p pid -- trace process with process id PID, may be repeated

-s strsize -- limit length of print strings to STRSIZE chars (default 32)

-S sortby -- sort syscall counts by: time, calls, name, nothing (default time)

-u username -- run command as username handling setuid and/or setgid

-E var=val -- put var=val in the environment for command

-E var -- remove var from the environment for command

1. 跟踪ls命令

# strace ls
execve("/bin/ls", ["ls"], [/* 46 vars */]) = 0
brk(0)                                  = 0x1ab9000
access("/etc/ld.so.nohwcap", F_OK)      = -1 ENOENT (No such file or directory)
mmap(NULL, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fcf695fb000
access("/etc/ld.so.preload", R_OK)      = -1 ENOENT (No such file or directory)
open("/etc/ld.so.cache", O_RDONLY)      = 3
fstat(3, {st_mode=S_IFREG|0644, st_size=102786, ...}) = 0
mmap(NULL, 102786, PROT_READ, MAP_PRIVATE, 3, 0) = 0x7fcf695e1000
close(3)                                = 0
access("/etc/ld.so.nohwcap", F_OK)      = -1 ENOENT (No such file or directory)
open("/lib/librt.so.1", O_RDONLY)       = 3
(省略)

2. 跟踪执行中的命令

用p选项指定PID。

# strace -p 42198

当权限不够时，会出现如下错误。

$ strace -p 42198
attach: ptrace(PTRACE_ATTACH, ...): Operation not permitted

3. 跟踪指定的系统调用

用e选项指定open系统调用。

# strace -e open ls
open("/etc/ld.so.cache", O_RDONLY)      = 3
open("/lib/librt.so.1", O_RDONLY)       = 3
open("/lib/libselinux.so.1", O_RDONLY)  = 3
open("/lib/libacl.so.1", O_RDONLY)      = 3
open("/lib/libc.so.6", O_RDONLY)        = 3
(省略)

可如下指定多个系统调用。

# strace -e trace=open,read ls
open("/etc/ld.so.cache", O_RDONLY)      = 3
open("/lib/librt.so.1", O_RDONLY)       = 3
read(3, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0\220!\0\0\0\0\0\0"..., 832) = 832
open("/lib/libselinux.so.1", O_RDONLY)  = 3
read(3, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0\20Y\0\0\0\0\0\0"..., 832) = 832

4. 跟踪结果保存到文件

用o选项指定输出结果的文件。

# strace -o zabbix.cc.txt ls

5. 添加时间戳

用-t选项的话，会在输出结果里追加时间戳。

# strace -t ls
17:43:25 execve("/bin/ls", ["ls"], [/* 47 vars */]) = 0
17:43:25 brk(0)                         = 0x8ad000
17:43:25 access("/etc/ld.so.nohwcap", F_OK) = -1 ENOENT (No such file or directory)
17:43:25 mmap(NULL, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fb41137b000
17:43:25 access("/etc/ld.so.preload", R_OK) = -1 ENOENT (No such file or directory)

6. 添加系统调用所消费的时间

# strace -r ls
     0.000000 execve("/bin/ls", ["ls"], [/* 21 vars */]) = 0
     0.000298 brk(0)                    = 0x2237000
     0.000063 mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fcfae0c5000
     0.000061 access("/etc/ld.so.preload", R_OK) = -1 ENOENT (No such file or directory)
     0.000075 open("/etc/ld.so.cache", O_RDONLY) = 3
     0.000044 fstat(3, {st_mode=S_IFREG|0644, st_size=31171, ...}) = 0
     0.000052 mmap(NULL, 31171, PROT_READ, MAP_PRIVATE, 3, 0) = 0x7fcfae0bd000
     0.000035 close(3)                  = 0
(省略)

7. 输出跟踪结果的摘要

# strace -c ls
(省略)
% time     seconds  usecs/call     calls    errors syscall
------ ----------- ----------- --------- --------- ----------------
  -nan    0.000000           0        10           read
  -nan    0.000000           0        18           write
  -nan    0.000000           0        12           open
  -nan    0.000000           0        14           close
  -nan    0.000000           0        12           fstat
  -nan    0.000000           0        28           mmap
  -nan    0.000000           0        16           mprotect
  -nan    0.000000           0         3           munmap
  -nan    0.000000           0         3           brk
  -nan    0.000000           0         2           rt_sigaction
  -nan    0.000000           0         1           rt_sigprocmask
  -nan    0.000000           0         2           ioctl
  -nan    0.000000           0         1         1 access
  -nan    0.000000           0         1           execve
  -nan    0.000000           0         1           fcntl
  -nan    0.000000           0         2           getdents
  -nan    0.000000           0         1           getrlimit
  -nan    0.000000           0         1           statfs
  -nan    0.000000           0         1           arch_prctl
  -nan    0.000000           0         2         1 futex
  -nan    0.000000           0         1           set_tid_address
  -nan    0.000000           0         1           set_robust_list
------ ----------- ----------- --------- --------- ----------------
100.00    0.000000                   133         2 total