Use of strace command
In Linux systems, strace is a very effective tracking tool, its main feature is that it can be used to monitor system calls. We can not only debug a newly started program with strace, but also debug an already running program (this means binding strace to an existing PID).
strace has two operating modes:
①Start the process to be traced through it. The
usage is very simple, just add it before the original commandstrace. For example, if we want to trackping www.baidu.comthe execution of the command " ", we can do this:
strace ping www.baidu.com
② is to track the process that is already running, and understand its work without interrupting the execution of the process. In this case, just
stracepass an-p pidoption. For example, if there is a running oneping服务, the first step is to check the pid:
pidof ping
or
ps -ef | grep ping
Get it
pid 11375, and then you can use it tostracetrack its execution:
strace -p 11375
When the tracking is complete, just press
ctrl + CEndstrace.
Strace commonly used options:
strace -tt -T -v -f -e trace=file -o /home/test/strace.txt -s 1024 -p 11375
-ttIn front of each line of output, the time in milliseconds is
-Tdisplayed. The time spent in each system call is displayed.
-vFor some related calls, the complete environment variables, file stat structure, etc. are typed out.
-fTrack the target process and all the child processes created by the target process.
-eControl the events and tracking behaviors to be traced, such as specifying the name of the system call to be traced.
-oWrite the output of strace to the specified file separately.( /home/test/strace.txt )
-sWhen a certain parameter of the system call is a string , Output the content of the specified length at most, the default is 32 bytes.
-pSpecify the process pid to be tracked. To track multiple pids at the same time, repeat the -p option multiple times.
strace view system call
strace track the process and view the system call situation:
strace -c -p 11375
need进程停止or manualCtrl + cto stop
