Linux中程序执行的流程分析工具——strace
源代码:
#include <stdio.h>
main()
{
char a='A';
int b=20;
printf("%d,%o\n",(a=a+a,a+b,b),a+'a'-'A',b);
}
使用strace运行:
[arm@acer test]$ ./prin
20,141
[arm@acer test]$ strace ./prin
execve("./prin", ["./prin"], [/* 48 vars */]) = 0
brk(0) = 0x9b6a000
mmap2(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0xb772e000
access("/etc/ld.so.preload", R_OK) = -1 ENOENT (No such file or directory)
open("/etc/ld.so.cache", O_RDONLY) = 3
fstat64(3, {st_mode=S_IFREG|0644, st_size=102258, ...}) = 0
mmap2(NULL, 102258, PROT_READ, MAP_PRIVATE, 3, 0) = 0xb7715000
close(3) = 0
open("/lib/libc.so.6", O_RDONLY) = 3
read(3, "\177ELF\1\1\1\3\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0@^c\0004\0\0\0"..., 512) = 512
fstat64(3, {st_mode=S_IFREG|0755, st_size=1906124, ...}) = 0
mmap2(0x61f000, 1665416, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x61f000
mprotect(0x7af000, 4096, PROT_NONE) = 0
mmap2(0x7b0000, 12288, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x190) = 0x7b0000
mmap2(0x7b3000, 10632, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x7b3000
close(3) = 0
mmap2(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0xb7714000
set_thread_area({entry_number:-1 -> 6, base_addr:0xb77146c0, limit:1048575, seg_32bit:1, contents:0, read_exec_only:0, limit_in_pages:1, seg_not_present:0, useable:1}) = 0
mprotect(0x7b0000, 8192, PROT_READ) = 0
mprotect(0x617000, 4096, PROT_READ) = 0
munmap(0xb7715000, 102258) = 0
fstat64(1, {st_mode=S_IFCHR|0620, st_rdev=makedev(136, 0), ...}) = 0
mmap2(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0xb772d000
write(1, "20,141\n", 720,141
) = 7
exit_group(7) = ?
可以看到程序首先使用系统调用execve()函数,使用brk()函数设置创建进程段。brk()系统调用很重要,该系统调用创建存放程序内容的内存区域。
打开共享库文件,并加载到内存。
相关阅读: