Difference between revisions of "Strace"

From wikieduonline
Jump to navigation Jump to search
 
(10 intermediate revisions by 2 users not shown)
Line 1: Line 1:
 +
{{lc}}
 
<code>[[wikipedia:strace|strace]]</code><ref>http://man7.org/linux/man-pages/man1/strace.1.html</ref> is a diagnostic, debugging and instructional userspace utility for [[Linux]] that allows to trace [[system calls]] and [[signal Processing/Signals|signals]].
 
<code>[[wikipedia:strace|strace]]</code><ref>http://man7.org/linux/man-pages/man1/strace.1.html</ref> is a diagnostic, debugging and instructional userspace utility for [[Linux]] that allows to trace [[system calls]] and [[signal Processing/Signals|signals]].
 +
 +
 +
  -c            count time, [[calls]], and errors for each [[syscall]] and report summary
 +
 +
[[strace]] -c -f -p $PID
 +
{{strace example}}
 +
 +
== help ==
 +
<pre>
 +
strace -help
 +
usage: strace [-CdffhiqrtttTvVwxxy] [-I n] [-e expr]...
 +
              [-a column] [-o file] [-s strsize] [-P path]...
 +
              -p pid... / [-D] [-E var=val]... [-u username] PROG [ARGS]
 +
  or: strace -c[dfw] [-I n] [-e expr]... [-O overhead] [-S sortby]
 +
              -p pid... / [-D] [-E var=val]... [-u username] PROG [ARGS]
 +
 +
Output format:
 +
  -a column      alignment COLUMN for printing syscall results (default 40)
 +
  -i            print instruction pointer at time of syscall
 +
  -k            obtain stack trace between each syscall
 +
  -o file        send trace output to FILE instead of stderr
 +
  -q            suppress messages about attaching, detaching, etc.
 +
  -r            print relative timestamp
 +
  -s strsize    limit length of print strings to STRSIZE chars (default 32)
 +
  -t            print absolute timestamp
 +
  -tt            print absolute timestamp with usecs
 +
  -T            print time spent in each syscall
 +
  -x            print non-ascii strings in hex
 +
  -xx            print all strings in hex
 +
  -X format      set the format for printing of named constants and flags
 +
  -y            print paths associated with file descriptor arguments
 +
  -yy            print protocol specific information associated with socket file descriptors
 +
 +
Statistics:
 +
  -c            count time, calls, and errors for each syscall and report summary
 +
  -C            like -c but also print regular output
 +
  -O overhead    set overhead for tracing syscalls to OVERHEAD usecs
 +
  -S sortby      sort syscall counts by: time, calls, name, nothing (default time)
 +
  -w            summarise syscall latency (default is system time)
 +
 +
Filtering:
 +
  -e expr        a qualifying expression: option=[!]all or option=[!]val1[,val2]...
 +
    options:    trace, abbrev, verbose, raw, signal, read, write, fault, inject, kvm
 +
  -P path        trace accesses to path
 +
 +
Tracing:
 +
  -b execve      detach on execve syscall
 +
  -D            run tracer process as a detached grandchild, not as parent
 +
  -f            follow forks
 +
  -ff            follow forks with output into separate files
 +
  -I interruptible
 +
    1:          no signals are blocked
 +
    2:          fatal signals are blocked while decoding syscall (default)
 +
    3:          fatal signals are always blocked (default if '-o FILE PROG')
 +
    4:          fatal signals and SIGTSTP (^Z) are always blocked
 +
                (useful to make 'strace -o FILE PROG' not stop on ^Z)
 +
 +
Startup:
 +
  -E var        remove var from the environment for command
 +
  -E var=val    put var=val in the environment for command
 +
  -p pid        trace process with process id PID, may be repeated
 +
  -u username    run command as username handling setuid and/or setgid
 +
 +
Miscellaneous:
 +
  -d            enable debug output to stderr
 +
  -v            verbose mode: print unabbreviated argv, stat, termios, etc. args
 +
  -h            print help message
 +
  -V            print version
 +
</pre>
  
 
== Examples ==
 
== Examples ==
* Strace <code>[[ps]]</code> command: <code>strace -e open ps</code>
+
* Strace <code>[[ps]]</code> command:
 +
: <code>strace -e open [[ps]]</code>
 
* <code>strace -p MY_PID_NUMBER</code>
 
* <code>strace -p MY_PID_NUMBER</code>
  
Line 9: Line 80:
 
* {{lsof}}
 
* {{lsof}}
 
* {{perf}}
 
* {{perf}}
* [[Dtrace]], use Dtrace to view [[syscall]]s inside a [[DevOps/Docker|Docker]] container. https://blogs.oracle.com/linux/dtrace-a-docker-container
+
* {{syscall}}
* [[SystemTap]] (2005)
+
 
  
[[Category:Linux]]
+
[[Category:Linux commands]]

Latest revision as of 08:39, 24 March 2023

strace[1] is a diagnostic, debugging and instructional userspace utility for Linux that allows to trace system calls and signals.


 -c             count time, calls, and errors for each syscall and report summary
strace -c -f -p $PID
 .../...
% time     seconds  usecs/call     calls    errors syscall
------ ----------- ----------- --------- --------- ----------------
 63.56    0.032899         539        61        13 futex
 17.62    0.009118         217        42           epoll_pwait
 11.48    0.005944         104        57           nanosleep
  3.15    0.001628          11       142           madvise
  1.07    0.000553          79         7           read
  0.87    0.000452          64         7           write
  0.72    0.000374         374         1         1 restart_syscall
  0.59    0.000307          51         6           sched_yield
  0.56    0.000291         145         2           getpid
  0.36    0.000184          92         2           rt_sigreturn
  0.01    0.000007           3         2           tgkill
------ ----------- ----------- --------- --------- ----------------
100.00    0.051757                   329        14 total

help[edit]

strace -help
usage: strace [-CdffhiqrtttTvVwxxy] [-I n] [-e expr]...
              [-a column] [-o file] [-s strsize] [-P path]...
              -p pid... / [-D] [-E var=val]... [-u username] PROG [ARGS]
   or: strace -c[dfw] [-I n] [-e expr]... [-O overhead] [-S sortby]
              -p pid... / [-D] [-E var=val]... [-u username] PROG [ARGS]

Output format:
  -a column      alignment COLUMN for printing syscall results (default 40)
  -i             print instruction pointer at time of syscall
  -k             obtain stack trace between each syscall
  -o file        send trace output to FILE instead of stderr
  -q             suppress messages about attaching, detaching, etc.
  -r             print relative timestamp
  -s strsize     limit length of print strings to STRSIZE chars (default 32)
  -t             print absolute timestamp
  -tt            print absolute timestamp with usecs
  -T             print time spent in each syscall
  -x             print non-ascii strings in hex
  -xx            print all strings in hex
  -X format      set the format for printing of named constants and flags
  -y             print paths associated with file descriptor arguments
  -yy            print protocol specific information associated with socket file descriptors

Statistics:
  -c             count time, calls, and errors for each syscall and report summary
  -C             like -c but also print regular output
  -O overhead    set overhead for tracing syscalls to OVERHEAD usecs
  -S sortby      sort syscall counts by: time, calls, name, nothing (default time)
  -w             summarise syscall latency (default is system time)

Filtering:
  -e expr        a qualifying expression: option=[!]all or option=[!]val1[,val2]...
     options:    trace, abbrev, verbose, raw, signal, read, write, fault, inject, kvm
  -P path        trace accesses to path

Tracing:
  -b execve      detach on execve syscall
  -D             run tracer process as a detached grandchild, not as parent
  -f             follow forks
  -ff            follow forks with output into separate files
  -I interruptible
     1:          no signals are blocked
     2:          fatal signals are blocked while decoding syscall (default)
     3:          fatal signals are always blocked (default if '-o FILE PROG')
     4:          fatal signals and SIGTSTP (^Z) are always blocked
                 (useful to make 'strace -o FILE PROG' not stop on ^Z)

Startup:
  -E var         remove var from the environment for command
  -E var=val     put var=val in the environment for command
  -p pid         trace process with process id PID, may be repeated
  -u username    run command as username handling setuid and/or setgid

Miscellaneous:
  -d             enable debug output to stderr
  -v             verbose mode: print unabbreviated argv, stat, termios, etc. args
  -h             print help message
  -V             print version

Examples[edit]

  • Strace ps command:
strace -e open ps
  • strace -p MY_PID_NUMBER

See also[edit]

  • http://man7.org/linux/man-pages/man1/strace.1.html
  • Advertising: