ITPub博客

首页 > 应用开发 > IT综合 > [20181217]strace使用问题.txt

[20181217]strace使用问题.txt

原创 IT综合 作者:lfree 时间:2018-12-17 15:41:59 0 删除 编辑

[20181217]strace使用问题.txt


--//最近使用starce跟踪分析ogg相关进程遇到一些问题.


# strace -t -p 703 -f -e open,read,lseek

Process 703 attached with 12 threads - interrupt to quit

[pid   717] 15:07:01 read(22, "\0\350\0\0\6\0\0\0\0\0\6\1\"R\1\0\0\0\0\0\2\0\0\0\0\0\0\0\0\0\0\0"..., 32784) = 232

[pid   717] 15:07:01 lseek(26, 2192071680, SEEK_SET) = 2192071680

[pid   720] 15:07:01 read(26, "\1\"\0\0.TA\0\337\20\0\0\20\200FZ`\0\0\0\4\0\6\0\177\354\237/\1\0\24\0"..., 1024000) = 1024000

[pid   717] 15:07:01 read(22, "\0\350\0\0\6\0\0\0\0\0\6\1\"R\1\0\0\0\0\0\2\0\0\0\0\0\0\0\0\0\0\0"..., 32784) = 232

[pid   720] 15:07:01 read(26, "\1\"\0\0\376[A\0\325\20\0\0000\200\332\364G\225-\0\2\0\21\1\26\0\307\316\5\304\25-"..., 1024000) = 1024000

[pid   716] 15:07:03 read(18, "\0\350\0\0\6\0\0\0\0\0\6\1\"R\1\0\0\0\0\0\2\0\0\0\0\0\0\0\0\0\0\0"..., 32784) = 232

[pid   716] 15:07:03 lseek(25, 1679056896, SEEK_SET) = 1679056896

[pid   719] 15:07:03 read(25, "\1\"\0\0000\n2\0\362\25\0\0000\200\0023(#\0\0k\0\21\0\306f\n\0\377\0\16\0"..., 1024000) = 1024000

[pid   716] 15:07:03 read(18, "\0\350\0\0\6\0\0\0\0\0\6\1\"R\1\0\0\0\0\0\2\0\0\0\0\0\0\0\0\0\0\0"..., 32784) = 232

[pid   719] 15:07:03 read(25, "\1\"\0\0\0\0222\0\356\25\0\0\220\200\10I/5\300\0\214\303\24\0\0\200\6\0\373x\361."..., 1024000) = 1024000

[pid   717] 15:07:04 read(22, "\0\350\0\0\6\0\0\0\0\0\6\1\"R\1\0\0\0\0\0\2\0\0\0\0\0\0\0\0\0\0\0"..., 32784) = 232

[pid   717] 15:07:04 lseek(26, 2192132608, SEEK_SET) = 2192132608

[pid   720] 15:07:04 read(26, "\1\"\0\0\245TA\0\337\20\0\0\20\200-3`\0\0\0\0043\6\0\305\356\237/\1\0ug"..., 1024000) = 1024000

[pid   717] 15:07:04 read(22, "\0\350\0\0\6\0\0\0\0\0\6\1\"R\1\0\0\0\0\0\2\0\0\0\0\0\0\0\0\0\0\0"..., 32784) = 232

[pid   720] 15:07:04 read(26, "\1\"\0\0u\\A\0\325\20\0\0\230\200\214\205\0\0;V\2\r\2\0\5\0\377\377Y\310\300\21"..., 1024000) = 1024000

[pid   716] 15:07:06 read(18, "\0\350\0\0\6\0\0\0\0\0\6\1\"R\1\0\0\0\0\0\2\0\0\0\0\0\0\0\0\0\0\0"..., 32784) = 232

[pid   716] 15:07:06 lseek(25, 1679399424, SEEK_SET) = 1679399424

[pid   719] 15:07:06 read(25, "\1\"\0\0\315\f2\0\362\25\0\0\34\200\265Q\0\0\313*\367\357\237/\6\0\0\0\0\0\0\0"..., 1024000) = 1024000

[pid   716] 15:07:06 read(18, "\0\350\0\0\6\0\0\0\0\0\6\1\"R\1\0\0\0\0\0\2\0\0\0\0\0\0\0\0\0\0\0"..., 32784) = 232

[pid   716] 15:07:06 read(18, "\0\350\0\0\6\0\0\0\0\0\6\1\"R\1\0\0\0\0\0\2\0\0\0\0\0\0\0\0\0\0\0"..., 32784) = 232

[pid   716] 15:07:06 read(18, "\0\350\0\0\6\0\0\0\0\0\6\1\"R\1\0\0\0\0\0\2\0\0\0\0\0\0\0\0\0\0\0"..., 32784) = 232

[pid   719] 15:07:06 read(25, "\1\"\0\0\235\0242\0\356\25\0\0\20\200\177Z(\2\0\0\5\0\6\0009\231\361.\1\0\24\0"..., 1024000) = 1024000

[pid   703] 15:07:07 lseek(20, 0, SEEK_SET) = 0

[pid   717] 15:07:07 read(22, "\0\350\0\0\6\0\0\0\0\0\6\1\"R\1\0\0\0\0\0\2\0\0\0\0\0\0\0\0\0\0\0"..., 32784) = 232

[pid   717] 15:07:07 lseek(26, 2192153600, SEEK_SET) = 2192153600

[pid   720] 15:07:07 read(26, "\1\"\0\0\316TA\0\337\20\0\0\20\200\347\257p\0\0\0\6\v\6\0\230\360\237/\1\0\0\0"..., 1024000) = 1024000

[pid   720] 15:07:07 read(26, "\1\"\0\0\236\\A\0\337\20\0\0008\200J75\0\22\0\240\212=\0\216\350@\1d\226;\0"..., 1024000) = 1024000

[pid   717] 15:07:07 read(22, "\0\350\0\0\6\0\0\0\0\0\6\1\"R\1\0\0\0\0\0\2\0\0\0\0\0\0\0\0\0\0\0"..., 32784) = 232

[pid   717] 15:07:07 read(22, "\0\350\0\0\6\0\0\0\0\0\6\1\"R\1\0\0\0\0\0\2\0\0\0\0\0\0\0\0\0\0\0"..., 32784) = 232

--//这样可以跟踪open,read,lseek函数.

--//如果我想保存到文件并且输出,遇到问题:

# strace -t -p 703 -f -e open,read,lseek | tee /tmp/703.txt

...

--//ctrl+c中断退出.


# ls -l /tmp/703.txt

-rw-r--r-- 1 root root 0 2018-12-17 15:07:51 /tmp/703.txt


--//可以发现这样并不会通过管道写入/tmp/703.txt,似乎starce的这些输出被定向到标准错误输出(句柄2).

--//0对应标准输入 1对应标准输出 2对应标准错误.


--//改写如下就ok了.


# strace -t -p 703 -f -e open,read,lseek 2>&1 | tee /tmp/703.txt

Process 703 attached with 12 threads - interrupt to quit

[pid   703] 15:18:26 lseek(20, 0, SEEK_SET) = 0

[pid   716] 15:18:26 read(18, "\0\350\0\0\6\0\0\0\0\0\6\1\"R\1\0\0\0\0\0\2\0\0\0\0\0\0\0\0\0\0\0"..., 32784) = 232

[pid   716] 15:18:26 lseek(25, 1819684352, SEEK_SET) = 1819684352

[pid   719] 15:18:26 read(25, "\1\"\0\0\27;6\0\362\25\0\0l\200\312J\1\0\216\1\1\0\0\0\0\0\24\0k\0 \0"..., 1024000) = 1024000

[pid   716] 15:18:26 read(18, "\0\350\0\0\6\0\0\0\0\0\6\1\"R\1\0\0\0\0\0\2\0\0\0\0\0\0\0\0\0\0\0"..., 32784) = 232

[pid   716] 15:18:26 read(18, "\0\350\0\0\6\0\0\0\0\0\6\1\"R\1\0\0\0\0\0\2\0\0\0\0\0\0\0\0\0\0\0"..., 32784) = 232

[pid   716] 15:18:26 read(18, "\0\350\0\0\6\0\0\0\0\0\6\1\"R\1\0\0\0\0\0\2\0\0\0\0\0\0\0\0\0\0\0"..., 32784) = 232

[pid   719] 15:18:26 read(25, "\1\"\0\0\347B6\0\356\25\0\0\20\200d\2040\2\0\0\5\0\6\0S\262\364.\1\0\360."..., 1024000) = 1024000

[pid   717] 15:18:27 read(22, "\0\350\0\0\6\0\0\0\0\0\6\1\"R\1\0\0\0\0\0\2\0\0\0\0\0\0\0\0\0\0\0"..., 32784) = 232

[pid   717] 15:18:27 lseek(26, 2217297920, SEEK_SET) = 2217297920

[pid   720] 15:18:27 read(26, "\1\"\0\0\244\24B\0\337\20\0\0\300\200\"\323\0\0\0\0\2\2\1\0h5\242/\6\0\0\0"..., 1024000) = 1024000

[pid   720] 15:18:27 read(26, "\1\"\0\0t\34B\0\337\20\0\0x\200\25\262!\352\10\4\346\217\315\22\0\0\0\0\0\0\0\0"..., 1024000) = 1024000

[pid   720] 15:18:27 read(26, "\1\"\0\0D$B\0\337\20\0\0\20\200M\7/table></div>\r\n<"..., 1024000) = 1024000

[pid   720] 15:18:27 read(26, "\1\"\0\0\24,B\0\325\20\0\0`\200\346\3755px; left:435px;"..., 1024000) = 1024000

[pid   720] 15:18:27 read(26, "\1\"\0\0\3443B\0\325\20\0\0\200\200\217\1!j\t\4R0\331\22\0\0\0\0\0\0\0\0"..., 1024000) = 1024000

[pid   717] 15:18:27 read(22, "\0\350\0\0\6\0\0\0\0\0\6\1\"R\1\0\0\0\0\0\2\0\0\0\0\0\0\0\0\0\0\0"..., 32784) = 232

[pid   717] 15:18:27 read(22, "\0\350\0\0\6\0\0\0\0\0\6\1\"R\1\0\0\0\0\0\2\0\0\0\0\0\0\0\0\0\0\0"..., 32784) = 232


# cat /tmp/703.txt

Process 703 attached with 12 threads - interrupt to quit

[pid   703] 15:18:26 lseek(20, 0, SEEK_SET) = 0

[pid   716] 15:18:26 read(18, "\0\350\0\0\6\0\0\0\0\0\6\1\"R\1\0\0\0\0\0\2\0\0\0\0\0\0\0\0\0\0\0"..., 32784) = 232

[pid   716] 15:18:26 lseek(25, 1819684352, SEEK_SET) = 1819684352

[pid   719] 15:18:26 read(25, "\1\"\0\0\27;6\0\362\25\0\0l\200\312J\1\0\216\1\1\0\0\0\0\0\24\0k\0 \0"..., 1024000) = 1024000

[pid   716] 15:18:26 read(18, "\0\350\0\0\6\0\0\0\0\0\6\1\"R\1\0\0\0\0\0\2\0\0\0\0\0\0\0\0\0\0\0"..., 32784) = 232

[pid   716] 15:18:26 read(18, "\0\350\0\0\6\0\0\0\0\0\6\1\"R\1\0\0\0\0\0\2\0\0\0\0\0\0\0\0\0\0\0"..., 32784) = 232

[pid   716] 15:18:26 read(18, "\0\350\0\0\6\0\0\0\0\0\6\1\"R\1\0\0\0\0\0\2\0\0\0\0\0\0\0\0\0\0\0"..., 32784) = 232

[pid   719] 15:18:26 read(25, "\1\"\0\0\347B6\0\356\25\0\0\20\200d\2040\2\0\0\5\0\6\0S\262\364.\1\0\360."..., 1024000) = 1024000

[pid   717] 15:18:27 read(22, "\0\350\0\0\6\0\0\0\0\0\6\1\"R\1\0\0\0\0\0\2\0\0\0\0\0\0\0\0\0\0\0"..., 32784) = 232

[pid   717] 15:18:27 lseek(26, 2217297920, SEEK_SET) = 2217297920

[pid   720] 15:18:27 read(26, "\1\"\0\0\244\24B\0\337\20\0\0\300\200\"\323\0\0\0\0\2\2\1\0h5\242/\6\0\0\0"..., 1024000) = 1024000

[pid   720] 15:18:27 read(26, "\1\"\0\0t\34B\0\337\20\0\0x\200\25\262!\352\10\4\346\217\315\22\0\0\0\0\0\0\0\0"..., 1024000) = 1024000

[pid   720] 15:18:27 read(26, "\1\"\0\0D$B\0\337\20\0\0\20\200M\7/table></div>\r\n<"..., 1024000) = 1024000

[pid   720] 15:18:27 read(26, "\1\"\0\0\24,B\0\325\20\0\0`\200\346\3755px; left:435px;"..., 1024000) = 1024000

[pid   720] 15:18:27 read(26, "\1\"\0\0\3443B\0\325\20\0\0\200\200\217\1!j\t\4R0\331\22\0\0\0\0\0\0\0\0"..., 1024000) = 1024000

[pid   717] 15:18:27 read(22, "\0\350\0\0\6\0\0\0\0\0\6\1\"R\1\0\0\0\0\0\2\0\0\0\0\0\0\0\0\0\0\0"..., 32784) = 232

[pid   717] 15:18:27 read(22, "\0\350\0\0\6\0\0\0\0\0\6\1\"R\1\0\0\0\0\0\2\0\0\0\0\0\0\0\0\0\0\0"..., 32784) = 232


---//简单探究打开句柄的情况:

# ps -ef | grep strac[e]

root      1913 24587  1 15:18 pts/3    00:00:00 strace -t -p 703 -f -e open read lseek


# ls -l /proc/1913/fd

total 0

lrwx------ 1 root root 64 2018-12-17 15:19:40 0 -> /dev/pts/3

l-wx------ 1 root root 64 2018-12-17 15:19:40 1 -> pipe:[32398409]

l-wx------ 1 root root 64 2018-12-17 15:19:04 2 -> pipe:[32398409]

--//1,2 被定向到 pipe:[32398409].


# ps -ef | grep te[e]

root      1914 24587  0 15:18 pts/3    00:00:00 tee /tmp/703.txt


# ls -l /proc/1914/fd

total 0

lr-x------ 1 root root 64 2018-12-17 15:20:29 0 -> pipe:[32398409]

lrwx------ 1 root root 64 2018-12-17 15:20:29 1 -> /dev/pts/3

lrwx------ 1 root root 64 2018-12-17 15:19:04 2 -> /dev/pts/3

l-wx------ 1 root root 64 2018-12-17 15:20:29 3 -> /tmp/703.txt

--// 0 定向到pipe:[32398409],也就是接收strace的输出.


# cat  /proc/1914/fd/0

[pid   717] 15:21:36 read(22, "\0\350\0\0\6\0\0\0\0\0\6\1\"R\1\0\0\0\0\0\2\0\0\0\0\0\0\0\0\0\0\0"..., 32784) = 232

[pid   717] 15:21:36 lseek(26, 2230129664, SEEK_SET) = 2230129664

[pid   720] 15:21:36 read(26,

[root@dbcndg2 IP=100.75 /proc/1691/fd 159]# cat  /proc/1914/fd/0

[pid   717] 15:21:39 read(22, [pid   717] 15:21:39 lseek(26, 2230850560, SEEK_SET) = 2230850560

[pid   720] 15:21:39 read(26, "\1\"\0\0\n|B\0\337\20\0\0\20\200\20u`\0\0\0\4\211\6\0\373\367\242/\1\0\1\0"..., 1024000) = 1024000

[pid   717] 15:21:39 read(22, "\0\350\0\0\6\0\0\0\0\0\6\1\"R\1\0\0\0\0\0\2\0\0\0\0\0\0\0\0\0\0\0"..., 32784) = 232

[pid   720] 15:21:39 read(26, "\1\"\0\0\332\203B\0\325\20\0\0X\200\27\330:normal;font-fam"..., 1024000) = 1024000


--//还有一种方式分别写入文件使用参数-ff


# strace -t -p 703 -ff -e open,read,lseek -o /tmp/703.txt

Process 703 attached with 12 threads - interrupt to quit


# ls -l /tmp/703.txt*

-rw-r--r-- 1 root root     88 2018-12-17 15:27:24 /tmp/703.txt.703

-rw-r--r-- 1 root root      0 2018-12-17 15:27:11 /tmp/703.txt.704

-rw-r--r-- 1 root root      0 2018-12-17 15:27:11 /tmp/703.txt.705

-rw-r--r-- 1 root root      0 2018-12-17 15:27:11 /tmp/703.txt.706

-rw-r--r-- 1 root root      0 2018-12-17 15:27:11 /tmp/703.txt.707

-rw-r--r-- 1 root root      0 2018-12-17 15:27:11 /tmp/703.txt.712

-rw-r--r-- 1 root root      0 2018-12-17 15:27:11 /tmp/703.txt.715

-rw-r--r-- 1 root root   2334 2018-12-17 15:27:30 /tmp/703.txt.716

-rw-r--r-- 1 root root   1815 2018-12-17 15:27:31 /tmp/703.txt.717

-rw-r--r-- 1 root root      0 2018-12-17 15:27:11 /tmp/703.txt.718

-rw-r--r-- 1 root root   1555 2018-12-17 15:27:30 /tmp/703.txt.719

-rw-r--r-- 1 root root   1090 2018-12-17 15:27:31 /tmp/703.txt.720



来自 “ ITPUB博客 ” ,链接:http://blog.itpub.net/267265/viewspace-2285470/,如需转载,请注明出处,否则将追究法律责任。

请登录后发表评论 登录
全部评论
熟悉oracle相关技术,擅长sql优化,rman备份与恢复,熟悉linux shell编程。

注册时间:2008-01-03

  • 博文量
    2855
  • 访问量
    6643889