strace
提供: セキュリティ
2013年6月4日 (火) 00:18時点におけるDaemon (トーク | 投稿記録)による版 (ページの作成:「<!-- vim: filetype=mediawiki --> [[{{PAGENAME}}]] とは、システムコールとシグナルをトレースするためのLinuxのコマンドです。 ...」)
スポンサーリンク
strace とは、システムコールとシグナルをトレースするためのLinuxのコマンドです。
読み方
- strace
- えすとれーす
概要
strace とは、システムコールとシグナルをトレースするためのLinuxのコマンドです。
インストール
Linux のデフォルトのコマンドです。
書式
usage: strace [-dDffhiqrtttTvVxx] [-a column] [-e expr] ... [-o file] [-p pid] ... [-s strsize] [-u username] [-E var=val] ... [command [arg ...]] or: strace -c [-D] [-e expr] ... [-O overhead] [-S sortby] [-E var=val] ... [command [arg ...]] -c -- count time, calls, and errors for each syscall and report summary -f -- follow forks, -ff -- with output into separate files -F -- attempt to follow vforks, -h -- print help message -i -- print instruction pointer at time of syscall -q -- suppress messages about attaching, detaching, etc. -r -- print relative timestamp, -t -- absolute timestamp, -tt -- with usecs -T -- print time spent in each syscall, -V -- print version -v -- verbose mode: print unabbreviated argv, stat, termio[s], etc. args -x -- print non-ascii strings in hex, -xx -- print all strings in hex -a column -- alignment COLUMN for printing syscall results (default 40) -e expr -- a qualifying expression: option=[!]all or option=[!]val1[,val2]... options: trace, abbrev, verbose, raw, signal, read, or write -o file -- send trace output to FILE instead of stderr -O overhead -- set overhead for tracing syscalls to OVERHEAD usecs -p pid -- trace process with process id PID, may be repeated -D -- run tracer process as a detached grandchild, not as parent -s strsize -- limit length of print strings to STRSIZE chars (default 32) -S sortby -- sort syscall counts by: time, calls, name, nothing (default time) -u username -- run command as username handling setuid and/or setgid -E var=val -- put var=val in the environment for command -E var -- remove var from the environment for command
使い方
コマンドを指定する場合は、下記の通りです。
$ strace /path/to/command
プロセスID 123 をトレースする場合は、下記の通りです。
$ strace -p 123
cat コマンドをトレースする例です。
$ strace cat /etc/centos-release execve("/bin/cat", ["cat", "/etc/centos-release"], [/* 29 vars */]) = 0 brk(0) = 0x1c73000 mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f9a4b96a000 access("/etc/ld.so.preload", R_OK) = -1 ENOENT (No such file or directory) open("/etc/ld.so.cache", O_RDONLY) = 3 fstat(3, {st_mode=S_IFREG|0644, st_size=52696, ...}) = 0 mmap(NULL, 52696, PROT_READ, MAP_PRIVATE, 3, 0) = 0x7f9a4b95d000 close(3) = 0 open("/lib64/libc.so.6", O_RDONLY) = 3 read(3, "\177ELF\2\1\1\3\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0\360\355\1M6\0\0\0"..., 832) = 832 fstat(3, {st_mode=S_IFREG|0755, st_size=1922152, ...}) = 0 mmap(0x364d000000, 3745960, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x364d000000 mprotect(0x364d18a000, 2093056, PROT_NONE) = 0 mmap(0x364d389000, 20480, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x189000) = 0x364d389000 mmap(0x364d38e000, 18600, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x364d38e000 close(3) = 0 mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f9a4b95c000 mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f9a4b95b000 mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f9a4b95a000 arch_prctl(ARCH_SET_FS, 0x7f9a4b95b700) = 0 mprotect(0x364d389000, 16384, PROT_READ) = 0 mprotect(0x364ce1f000, 4096, PROT_READ) = 0 munmap(0x7f9a4b95d000, 52696) = 0 brk(0) = 0x1c73000 brk(0x1c94000) = 0x1c94000 open("/usr/lib/locale/locale-archive", O_RDONLY) = 3 fstat(3, {st_mode=S_IFREG|0644, st_size=99158576, ...}) = 0 mmap(NULL, 99158576, PROT_READ, MAP_PRIVATE, 3, 0) = 0x7f9a45ac9000 close(3) = 0 fstat(1, {st_mode=S_IFCHR|0620, st_rdev=makedev(136, 0), ...}) = 0 open("/etc/centos-release", O_RDONLY) = 3 fstat(3, {st_mode=S_IFREG|0644, st_size=27, ...}) = 0 read(3, "CentOS release 6.4 (Final)\n", 32768) = 27 write(1, "CentOS release 6.4 (Final)\n", 27CentOS release 6.4 (Final) ) = 27 read(3, "", 32768) = 0 close(3) = 0 close(1) = 0 close(2) = 0 exit_group(0) = ?
関連項目
ツイート
スポンサーリンク