strace和ltrace的简单使用

ぃ、小莉子 提交于 2019-12-20 04:05:59

前言

strace用来跟踪进程的系统调用或信号产生的情况;
ltrace 用来跟踪进程调用库函数的情况。

1,strace命令


root@ubuntu:/opt/files/release/strace/x86_64/bin# ./strace uname
execve("/bin/uname", ["uname"], 0x7ffc0cd82290 /* 20 vars */) = 0
brk(NULL)                               = 0x1ed4000
access("/etc/ld.so.nohwcap", F_OK)      = -1 ENOENT (No such file or directory)
access("/etc/ld.so.preload", R_OK)      = 0
open("/etc/ld.so.preload", O_RDONLY|O_CLOEXEC) = 3
fstat(3, {st_mode=S_IFREG|0644, st_size=1, ...}) = 0
mmap(NULL, 1, PROT_READ|PROT_WRITE, MAP_PRIVATE, 3, 0) = 0x7f4fcdb37000
close(3)                                = 0
munmap(0x7f4fcdb37000, 1)               = 0
open("/etc/ld.so.cache", O_RDONLY|O_CLOEXEC) = 3
fstat(3, {st_mode=S_IFREG|0644, st_size=85661, ...}) = 0
mmap(NULL, 85661, PROT_READ, MAP_PRIVATE, 3, 0) = 0x7f4fcdb23000
close(3)                                = 0
access("/etc/ld.so.nohwcap", F_OK)      = -1 ENOENT (No such file or directory)
open("/lib/x86_64-linux-gnu/libc.so.6", O_RDONLY|O_CLOEXEC) = 3
read(3, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0P \2\0\0\0\0\0"..., 832) = 832
fstat(3, {st_mode=S_IFREG|0755, st_size=1857312, ...}) = 0
mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f4fcdb22000
mmap(NULL, 3965632, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x7f4fcd54d000
mprotect(0x7f4fcd70b000, 2097152, PROT_NONE) = 0
mmap(0x7f4fcd90b000, 24576, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x1be000) = 0x7f4fcd90b000
mmap(0x7f4fcd911000, 17088, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x7f4fcd911000
close(3)                                = 0
mmap(NULL, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f4fcdb20000
arch_prctl(ARCH_SET_FS, 0x7f4fcdb20740) = 0
mprotect(0x7f4fcd90b000, 16384, PROT_READ) = 0
mprotect(0x606000, 4096, PROT_READ)     = 0
mprotect(0x7f4fcdb38000, 4096, PROT_READ) = 0
munmap(0x7f4fcdb23000, 85661)           = 0
brk(NULL)                               = 0x1ed4000
brk(0x1ef5000)                          = 0x1ef5000
open("/usr/lib/locale/locale-archive", O_RDONLY|O_CLOEXEC) = 3
fstat(3, {st_mode=S_IFREG|0644, st_size=7216688, ...}) = 0
mmap(NULL, 7216688, PROT_READ, MAP_PRIVATE, 3, 0) = 0x7f4fcce6b000
close(3)                                = 0
uname({sysname="Linux", nodename="ubuntu", ...}) = 0
fstat(1, {st_mode=S_IFCHR|0600, st_rdev=makedev(0x88, 0), ...}) = 0
mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f4fcdb37000
write(1, "Linux\n", 6Linux
)                  = 6
close(1)                                = 0
munmap(0x7f4fcdb37000, 4096)            = 0
close(2)                                = 0
exit_group(0)                           = ?
+++ exited with 0 +++

2,ltrace命令

root@ubuntu:/opt/files/release/ltrace/x86_64/bin# ./ltrace uname 
__libc_start_main(0x401590, 1, 0x7ffdd645ee98, 0x4042c0 <unfinished ...>
strrchr("uname", '/')                                                            = nil
setlocale(LC_ALL, "")                                                            = "en_US.UTF-8"
bindtextdomain("coreutils", "/usr/share/locale")                                 = "/usr/share/locale"
textdomain("coreutils")                                                          = "coreutils"
__cxa_atexit(0x401da0, 0, 0, 0x736c6974756572)                                   = 0
getopt_long(1, 0x7ffdd645ee98, "asnrvmpio", 0x4049c0, nil)                       = -1
uname(0x7ffdd645e980)                                                            = 0
fputs_unlocked(0x7ffdd645e980, 0x7f5bce464400, 0x7f5bce463280, 0x7f5bce165827)   = 1
__overflow(0x7f5bce464400, 10, 0x7f5bce68b004, 1024Linux
)                             = 10
exit(0 <unfinished ...>
__fpending(0x7f5bce464400, 0, 64, 0x7f5bce464eb0)                                = 0
fileno(0x7f5bce464400)                                                           = 1
__freading(0x7f5bce464400, 0, 64, 0x7f5bce464eb0)                                = 0
__freading(0x7f5bce464400, 0, 2052, 0x7f5bce464eb0)                              = 0
fflush(0x7f5bce464400)                                                           = 0
fclose(0x7f5bce464400)                                                           = 0
__fpending(0x7f5bce4641c0, 0, 0x7f5bce465900, 0xfbad000c)                        = 0
fileno(0x7f5bce4641c0)                                                           = 2
__freading(0x7f5bce4641c0, 0, 0x7f5bce465900, 0xfbad000c)                        = 0
__freading(0x7f5bce4641c0, 0, 4, 0xfbad000c)                                     = 0
fflush(0x7f5bce4641c0)                                                           = 0
fclose(0x7f5bce4641c0)                                                           = 0
+++ exited (status 0) +++

3,总结

根据实际的需要,选择合适的工具对程序进行分析,提高程序的健壮性。

4,参考

使用strace,lstrace,truss来跟踪程序的运行过程 https://blog.csdn.net/liangzhao_jay/article/details/50457197

标签
易学教程内所有资源均来自网络或用户发布的内容,如有违反法律规定的内容欢迎反馈
该文章没有解决你所遇到的问题?点击提问,说说你的问题,让更多的人一起探讨吧!