一段程序用strace和ltrace

2017-08-29 本文已影响0人 LeeNan

程序实例

#include <stdio.h>

int main() {

  int a;
  printf("\n"); 
  scanf("%d", &a); 
  printf("\n%09d\n", a); 
  return 0; 
}

用gcc编译

ubuntu@ubuntu:/media/sf_share$ gcc test.c -o test

调用ltrace

ubuntu@ubuntu:/media/sf_share$ ltrace ./test
__libc_start_main(0x4005ed, 1, 0x7ffd429553f8, 0x400630 <unfinished ...>
putchar(10, 0x7ffd429553f8, 0x7ffd42955408, 0
)                                        = 10
__isoc99_scanf(0x4006b4, 0x7ffd4295530c, 10, -199
)                                      = 1
printf("\n%09d\n", 99
000000099
)                                                                = 11
+++ exited (status 0) +++
ubuntu@ubuntu:/media/sf_share$

调用strace

ubuntu@ubuntu:/media/sf_share$ strace ./test
execve("./test", ["./test"], [/* 20 vars */]) = 0
brk(0)                                  = 0x1b93000
access("/etc/ld.so.nohwcap", F_OK)      = -1 ENOENT (No such file or directory)
mmap(NULL, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fd0364a0000
access("/etc/ld.so.preload", R_OK)      = -1 ENOENT (No such file or directory)
open("/etc/ld.so.cache", O_RDONLY|O_CLOEXEC) = 3
fstat(3, {st_mode=S_IFREG|0644, st_size=21926, ...}) = 0
mmap(NULL, 21926, PROT_READ, MAP_PRIVATE, 3, 0) = 0x7fd03649a000
close(3)                                = 0
access("/etc/ld.so.nohwcap", F_OK)      = -1 ENOENT (No such file or directory)
open("/lib/x86_64-linux-gnu/libc.so.6", O_RDONLY|O_CLOEXEC) = 3
read(3, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0P \2\0\0\0\0\0"..., 832) = 832
fstat(3, {st_mode=S_IFREG|0755, st_size=1857312, ...}) = 0
mmap(NULL, 3965632, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x7fd035eb7000
mprotect(0x7fd036075000, 2097152, PROT_NONE) = 0
mmap(0x7fd036275000, 24576, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x1be000) = 0x7fd036275000
mmap(0x7fd03627b000, 17088, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x7fd03627b000
close(3)                                = 0
mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fd036499000
mmap(NULL, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fd036497000
arch_prctl(ARCH_SET_FS, 0x7fd036497740) = 0
mprotect(0x7fd036275000, 16384, PROT_READ) = 0
mprotect(0x600000, 4096, PROT_READ)    = 0
mprotect(0x7fd0364a2000, 4096, PROT_READ) = 0
munmap(0x7fd03649a000, 21926)          = 0
fstat(1, {st_mode=S_IFCHR|0620, st_rdev=makedev(136, 0), ...}) = 0
mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fd03649f000
write(1, "\n", 1
)                      = 1
fstat(0, {st_mode=S_IFCHR|0620, st_rdev=makedev(136, 0), ...}) = 0
mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fd03649e000
read(0, 99
"99\n", 1024)                  = 3
write(1, "\n", 1
)                      = 1
write(1, "000000099\n", 10000000099
)            = 10
exit_group(0)                          = ?
+++ exited with 0 +++
ubuntu@ubuntu:/media/sf_share$

做了另一个实验, 用strace ./test, 然后在另一个窗口kill ./test这个进程, 可以看到最后几行收到了SIGTERM这个信号.

ubuntu@ubuntu:/media/sf_share$ strace ./test
execve("./test", ["./test"], [/* 20 vars */]) = 0
brk(0)                                  = 0x1913000
access("/etc/ld.so.nohwcap", F_OK)      = -1 ENOENT (No such file or directory)
mmap(NULL, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fad43da7000
access("/etc/ld.so.preload", R_OK)      = -1 ENOENT (No such file or directory)
open("/etc/ld.so.cache", O_RDONLY|O_CLOEXEC) = 3
fstat(3, {st_mode=S_IFREG|0644, st_size=21926, ...}) = 0
mmap(NULL, 21926, PROT_READ, MAP_PRIVATE, 3, 0) = 0x7fad43da1000
close(3)                                = 0
access("/etc/ld.so.nohwcap", F_OK)      = -1 ENOENT (No such file or directory)
open("/lib/x86_64-linux-gnu/libc.so.6", O_RDONLY|O_CLOEXEC) = 3
read(3, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0P \2\0\0\0\0\0"..., 832) = 832
fstat(3, {st_mode=S_IFREG|0755, st_size=1857312, ...}) = 0
mmap(NULL, 3965632, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x7fad437be000
mprotect(0x7fad4397c000, 2097152, PROT_NONE) = 0
mmap(0x7fad43b7c000, 24576, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x1be000) = 0x7fad43b7c000
mmap(0x7fad43b82000, 17088, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x7fad43b82000
close(3)                                = 0
mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fad43da0000
mmap(NULL, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fad43d9e000
arch_prctl(ARCH_SET_FS, 0x7fad43d9e740) = 0
mprotect(0x7fad43b7c000, 16384, PROT_READ) = 0
mprotect(0x600000, 4096, PROT_READ)    = 0
mprotect(0x7fad43da9000, 4096, PROT_READ) = 0
munmap(0x7fad43da1000, 21926)          = 0
fstat(1, {st_mode=S_IFCHR|0620, st_rdev=makedev(136, 0), ...}) = 0
mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fad43da6000
write(1, "\n", 1
)                      = 1
fstat(0, {st_mode=S_IFCHR|0620, st_rdev=makedev(136, 0), ...}) = 0
mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fad43da5000
read(0, 
------------------------------------------ #kill test
0x7fad43da5000, 1024)          = ? ERESTARTSYS (To be restarted if SA_RESTART is set)
--- SIGTERM {si_signo=SIGTERM, si_code=SI_USER, si_pid=1431, si_uid=1000} ---
+++ killed by SIGTERM +++
ubuntu@ubuntu:/media/sf_share$

如果用kill -9, 输出如下:

mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f07e186b000
read(0,  
--------------------------------------- # kill -9 test
<unfinished ...>
+++ killed by SIGKILL +++
Killed
ubuntu@ubuntu:/media/sf_share$

两个的不同点是, 用SIGTERM比SIGKILL少了一些操作, 可能是一些清理的操作

另外2个非常有用的参数

-c, 可以查看调用每个syscall多少次

ubuntu@ubuntu:/media/sf_share$ strace -c ./test

99

000000099
% time    seconds  usecs/call    calls    errors syscall
------ ----------- ----------- --------- --------- ----------------
  0.00    0.000000          0        2          read
  0.00    0.000000          0        3          write
  0.00    0.000000          0        2          open
  0.00    0.000000          0        2          close
  0.00    0.000000          0        4          fstat
  0.00    0.000000          0        9          mmap
  0.00    0.000000          0        4          mprotect
  0.00    0.000000          0        1          munmap
  0.00    0.000000          0        1          brk
  0.00    0.000000          0        3        3 access
  0.00    0.000000          0        1          execve
  0.00    0.000000          0        1          arch_prctl
------ ----------- ----------- --------- --------- ----------------
100.00    0.000000                    33        3 total
ubuntu@ubuntu:/media/sf_share$

比如上面的表示, 调用read 2次, 调用write 3次.

-t/-tt//ttt三个都表示显示执行时间, t是秒, tt是微秒

ubuntu@ubuntu:/media/sf_share$ strace -tt ./test
09:38:13.545422 execve("./test", ["./test"], [/* 20 vars */]) = 0
09:38:13.550373 brk(0)                  = 0x1543000
09:38:13.553995 access("/etc/ld.so.nohwcap", F_OK) = -1 ENOENT (No such file or directory)
09:38:13.555304 mmap(NULL, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f62a86c3000
09:38:13.558261 access("/etc/ld.so.preload", R_OK) = -1 ENOENT (No such file or directory)
09:38:13.558986 open("/etc/ld.so.cache", O_RDONLY|O_CLOEXEC) = 3
09:38:13.560623 fstat(3, {st_mode=S_IFREG|0644, st_size=21926, ...}) = 0
09:38:13.560879 mmap(NULL, 21926, PROT_READ, MAP_PRIVATE, 3, 0) = 0x7f62a86bd000
09:38:13.562443 close(3)                = 0
09:38:13.563273 access("/etc/ld.so.nohwcap", F_OK) = -1 ENOENT (No such file or directory)
09:38:13.563396 open("/lib/x86_64-linux-gnu/libc.so.6", O_RDONLY|O_CLOEXEC) = 3
09:38:13.563490 read(3, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0P \2\0\0\0\0\0"..., 832) = 832
09:38:13.564449 fstat(3, {st_mode=S_IFREG|0755, st_size=1857312, ...}) = 0
09:38:13.564872 mmap(NULL, 3965632, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x7f62a80da000
09:38:13.564969 mprotect(0x7f62a8298000, 2097152, PROT_NONE) = 0
09:38:13.565367 mmap(0x7f62a8498000, 24576, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x1be000) = 0x7f62a8498000
09:38:13.565857 mmap(0x7f62a849e000, 17088, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x7f62a849e000
09:38:13.567986 close(3)                = 0
09:38:13.568247 mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f62a86bc000
09:38:13.568304 mmap(NULL, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f62a86ba000
09:38:13.568338 arch_prctl(ARCH_SET_FS, 0x7f62a86ba740) = 0
09:38:13.568451 mprotect(0x7f62a8498000, 16384, PROT_READ) = 0
09:38:13.568495 mprotect(0x600000, 4096, PROT_READ) = 0
09:38:13.568533 mprotect(0x7f62a86c5000, 4096, PROT_READ) = 0
09:38:13.568593 munmap(0x7f62a86bd000, 21926) = 0
09:38:13.568701 fstat(1, {st_mode=S_IFCHR|0620, st_rdev=makedev(136, 0), ...}) = 0
09:38:13.568741 mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f62a86c2000
09:38:13.568772 write(1, "\n", 1
)      = 1
09:38:13.568810 fstat(0, {st_mode=S_IFCHR|0620, st_rdev=makedev(136, 0), ...}) = 0
09:38:13.568837 mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f62a86c1000
09:38:13.568864 read(0, 9999
"9999\n", 1024) = 5
09:38:16.999018 write(1, "\n", 1
)      = 1
09:38:16.999067 write(1, "000009999\n", 10000009999
) = 10
09:38:16.999098 exit_group(0)          = ?
09:38:16.999411 +++ exited with 0 +++
ubuntu@ubuntu:/media/sf_share$

一段程序用strace和ltrace

猜你喜欢

热点阅读