Strace: what a process does

From Linuxintro
Revision as of 05:10, 21 February 2010 by imported>ThorstenStaerk (New page: strace is a command to show what a command or process is doing. = Analyzing strace's output = Analyzing strace's output is tedious, so it is shown here as an example. Here is an exam...)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)

strace is a command to show what a command or process is doing.

Analyzing strace's output

Analyzing strace's output is tedious, so it is shown here as an example.

Here is an example output from strace: 

open("/lib64/libexpat.so.1", O_RDONLY)  = 6                                     
read(6, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0@>\0\0\0\0\0\0"..., 832) = 832                                                                           
fstat(6, {st_mode=S_IFREG|0755, st_size=170240, ...}) = 0                       
mmap(NULL, 2265264, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 6, 0) = 0x7f5d5ced6000

Here is it again, analyzed line by line: 

open("/lib64/libexpat.so.1", O_RDONLY)  = 6

The first line performs the syscall open on the file /lib64/libexpat.so.1. The file shall be opened read-only (O_RDONLY). This call returns the file descriptor 6. 

read(6, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0@>\0\0\0\0\0\0"..., 832) = 832

The above line reads from the file with the descriptor number 6. The file content is character 177, then the string ELF, then character 2, 1, 1, 0 and so on. 

fstat(6, {st_mode=S_IFREG|0755, st_size=170240, ...}) = 0                       
mmap(NULL, 2265264, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 6, 0) = 0x7f5d5ced6000

The above line performs the syscall mmap. See man 2 mmap about the parameters.

Retrieved from "http://linuxintro.org/index.php?title=Strace:_what_a_process_does&oldid=11567"