如何查看进程在当前时间执行的系统调用?
How to see system call that executed in current time by process?
Linux 实用程序 "strace" 显示在 strace 运行 之后启动的系统调用列表。我如何通过进程查看当前时刻 运行 的系统调用?在 strace 开始之前。
proc 提供一些关于内核当前正在做什么的信息 "for" 一个进程
/proc/${pid}/syscall
/proc/${pid}/stack
更多信息:
你发现使用 ps:
ps -p PID_OF_PROC -ocmd,stat,wchan
这里的wchan是关键。来自 man ps:
wchan WCHAN name of the kernel function in which the process is sleeping, a "-" if the process is running, or a
"*" if the process is multi-threaded and ps is not displaying threads.
PROCESS STATE CODES
Here are the different values that the s, stat and state output specifiers (header "STAT" or "S") will display to describe
the state of a process:
D uninterruptible sleep (usually IO)
R running or runnable (on run queue)
S interruptible sleep (waiting for an event to complete)
T stopped by job control signal
t stopped by debugger during the tracing
W paging (not valid since the 2.6.xx kernel)
X dead (should never be seen)
Z defunct ("zombie") process, terminated but not reaped by its parent
For BSD formats and when the stat keyword is used, additional characters may be displayed:
< high-priority (not nice to other users)
N low-priority (nice to other users)
L has pages locked into memory (for real-time and custom IO)
s is a session leader
l is multi-threaded (using CLONE_THREAD, like NPTL pthreads do)
+ is in the foreground process group
假设您知道进程的 PID,您可以简单地使用 strace 实时跟踪所有系统调用。
strace -p PID
Linux 实用程序 "strace" 显示在 strace 运行 之后启动的系统调用列表。我如何通过进程查看当前时刻 运行 的系统调用?在 strace 开始之前。
proc 提供一些关于内核当前正在做什么的信息 "for" 一个进程
/proc/${pid}/syscall
/proc/${pid}/stack
更多信息:
你发现使用 ps:
ps -p PID_OF_PROC -ocmd,stat,wchan
这里的wchan是关键。来自 man ps:
wchan WCHAN name of the kernel function in which the process is sleeping, a "-" if the process is running, or a "*" if the process is multi-threaded and ps is not displaying threads.
PROCESS STATE CODES Here are the different values that the s, stat and state output specifiers (header "STAT" or "S") will display to describe the state of a process:
D uninterruptible sleep (usually IO) R running or runnable (on run queue) S interruptible sleep (waiting for an event to complete) T stopped by job control signal t stopped by debugger during the tracing W paging (not valid since the 2.6.xx kernel) X dead (should never be seen) Z defunct ("zombie") process, terminated but not reaped by its parent For BSD formats and when the stat keyword is used, additional characters may be displayed: < high-priority (not nice to other users) N low-priority (nice to other users) L has pages locked into memory (for real-time and custom IO) s is a session leader l is multi-threaded (using CLONE_THREAD, like NPTL pthreads do) + is in the foreground process group
假设您知道进程的 PID,您可以简单地使用 strace 实时跟踪所有系统调用。
strace -p PID