Use of strace command
In Linux systems, strace is a very effective tracking tool, its main feature is that it can be used to monitor system calls. We can not only debug a newly started program with strace, but also debug an already running program (this means binding strace to an existing PID).
strace has two operating modes:
①Start the process to be traced through it. The
usage is very simple, just add it before the original commandstrace
. For example, if we want to trackping www.baidu.com
the execution of the command " ", we can do this:
strace ping www.baidu.com
② is to track the process that is already running, and understand its work without interrupting the execution of the process. In this case, just
strace
pass an-p pid
option. For example, if there is a running oneping服务
, the first step is to check the pid:
pidof ping
or
ps -ef | grep ping
Get it
pid 11375
, and then you can use it tostrace
track its execution:
strace -p 11375
When the tracking is complete, just press
ctrl + C
Endstrace
.
Strace commonly used options:
strace -tt -T -v -f -e trace=file -o /home/test/strace.txt -s 1024 -p 11375
-tt
In front of each line of output, the time in milliseconds is
-T
displayed. The time spent in each system call is displayed.
-v
For some related calls, the complete environment variables, file stat structure, etc. are typed out.
-f
Track the target process and all the child processes created by the target process.
-e
Control the events and tracking behaviors to be traced, such as specifying the name of the system call to be traced.
-o
Write the output of strace to the specified file separately.( /home/test/strace.txt )
-s
When a certain parameter of the system call is a string , Output the content of the specified length at most, the default is 32 bytes.
-p
Specify the process pid to be tracked. To track multiple pids at the same time, repeat the -p option multiple times.
strace view system call
strace track the process and view the system call situation:
strace -c -p 11375
need进程停止
or manualCtrl + c
to stop