strace是一个功能强大的调试,分析诊断工具,主要用来监视系统调用。
1.下载strace-xxx.tar.xz
下载网址是:http://sourceforge.net/project/showfiles.php?group_id=2861&package_id=2819;
2.解压
$ xz -d ***.tar.xz
$ tar -xvf ***.tar
可以看到这个压缩包也是打包后再压缩,外面是xz压缩方式,里层是tar打包方式。
补充:目前可以直接使用 tar xvJf ***.tar.xz来解压
3.配置
./configure
4.编译
make
5.安装
make install
6.使用
strace命令的详细参数如下:
usage: strace [-dffhiqrtttTvVxx] [-a column] [-e expr] ... [-o file]
[-p pid] ... [-s strsize] [-u username] [-E var=val] ...
[command [arg ...]]
or: strace -c [-e expr] ... [-O overhead] [-S sortby] [-E var=val] ...
[command [arg ...]]
-c -- count time, calls, and errors for each syscall and report summary
-f -- follow forks, -ff -- with output into separate files
-F -- attempt to follow vforks, -h -- print help message
-i -- print instruction pointer at time of syscall
-q -- suppress messages about attaching, detaching, etc.
-r -- print relative timestamp, -t -- absolute timestamp, -tt -- with usecs
-T -- print time spent in each syscall, -V -- print version
-v -- verbose mode: print unabbreviated argv, stat, termio[s], etc. args
-x -- print non-ascii strings in hex, -xx -- print all strings in hex
-a column -- alignment COLUMN for printing syscall results (default 40)
-e expr -- a qualifying expression: option=[!]all or option=[!]val1[,val2]...
options: trace, abbrev, verbose, raw, signal, read, or write
-o file -- send trace output to FILE instead of stderr
-O overhead -- set overhead for tracing syscalls to OVERHEAD usecs
-p pid -- trace process with process id PID, may be repeated
-s strsize -- limit length of print strings to STRSIZE chars (default 32)
-S sortby -- sort syscall counts by: time, calls, name, nothing (default time)
-u username -- run command as username handling setuid and/or setgid
-E var=val -- put var=val in the environment for command
-E var -- remove var from the environment for command
1. 跟踪ls命令
2. 跟踪执行中的命令
用p选项指定PID。
当权限不够时,会出现如下错误。
3. 跟踪指定的系统调用
用e选项指定open系统调用。
可如下指定多个系统调用。
4. 跟踪结果保存到文件
用o选项指定输出结果的文件。
5. 添加时间戳
用-t选项的话,会在输出结果里追加时间戳。
6. 添加系统调用所消费的时间
7. 输出跟踪结果的摘要