Writing UNIX® system programs is fun and instructive. Using the UNIX strace tool and GDB (GNU Project Debugging Tools), you can really delve into the functionality of the system and understand the various programs that make up these features. Using both of these tools will give you a better experience when viewing the underlying information on UNIX computers.
The UNIX family always provides a rich tool for users. UNIX is a tool treasure chest, with these tools, you can not only complete creative work, but also in-depth study of the operating system while getting education and entertainment. Strace (a full-featured debugging tool used to track any program's system calls) and GDB Debugging tools (for running programs in a controlled environment) is two valuable tools for achieving this goal.
The UNIX design consists of a number of function calls, called system calls , that include simple tasks such as displaying strings on the screen to prioritize tasks. All UNIX programs perform their tasks by invoking these underlying services provided by the operating system, and using the Strace tool, you can clearly see these call procedures and the parameters they use. In this way, you can manipulate these programs to understand the underlying interactions between them and the operating system.
Start the game
Let's start with a simple UNIX command pwd
, and then delve deeper into what the command does in the process of accomplishing its tasks. Start Xterm to create a controlled environment for the experiment, and then enter the following command:
$ pwd
This pwd
command shows the current working directory. On my computer, the output at that time was:
/home/bill/
A function So simple masks the complexity of the command at the bottom (by the way, all computer programs do). To really understand its complexity, run the command again using the Strace tool pwd
:
$ strace pwd
With this command, you can see that the UNIX computer performs quite a number of operations during the display and enumeration of the current working directory (see Listing 1).
Listing 1:strace the output of the PWD command
Execve ("/bin/pwd", ["pwd"], [/* VARs */]) = 0uname ({sys= "Linux", Node= "Sammy", ...}) = 0BRK (0) = 0x804c000old_mmap (NULL, 4096, prot_read| Prot_write, map_private| Map_anonymous,-1, 0) = 0x4001......fstat64 (3, {st_mode=s_ifreg|0644, st_size=115031, ...}) = 0old_mmap (NULL, 115031, PRO T_read, Map_private, 3, 0) = 0x40017000close (3) = 0open ("/lib/tls/libc.so.6", o_rdonly) = 3read (3, "\177elf\1\1\1\0\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0\360u\1" ..., 1024x768) = 1024fstat64 (3, {st_mode=s_ifreg|0755 , st_size=1547996, ...}) = 0old_mmap (0x42000000, 1257224, prot_read| Prot_exec, Map_private, 3, 0) = 0x42000000mprotect (0x4212e000, 20232, Prot_none) = 0old_mmap (0x4212e000, 12288, PROT_READ | Prot_write, map_private| Map_fixed, 3, 0x12e000) ... old_mmap (0x42131000, 7944, prot_read| Prot_write, map_private| map_fixed| Map_anonymous,... Close (3) = 0set_thread_area ({entry_number:-1-6, BASE_ADDR:0X40016AC0 , Limit:1048575, Seg_32bit...munmap (0x40017000, 115031) = 0brk (0) = 0X804C000BRK (0x804 d000) = 0x804d000brk (0) = 0x804d000open ("/usr/lib/locale/locale- Archive ", o_rdonly| O_largefile) = 3fstat64 (3, {st_mode=s_ifreg|0644, st_size=30301680, ...}) = 0mmap2 (NULL, 2097152, Prot_read, MAP_PRIVATE , 3, 0) = 0x40017000close (3) = 0BRK (0) = 0X804D000BRK (0x80 4e000) = 0X804E000GETCWD ("/home/bill", 4096) = 11fstat64 (1, {st_mode=s_ifchr|0600, S T_rdev=makedev (136, 6), ...}) = 0MMAP2 (NULL, 4096, prot_read| Prot_write, map_private| Map_anonymous,-1, 0) = 0x4021700...write (1, "/home/bill\n", 11/home/bill) = 11munmap (0x40217000, 4096) = 0exit_group (0) =?
Back to top of page
Specific details of UNIX system calls
The details of all the system calls needed to retrieve and display the current working directory are beyond the scope of this article, but I'll show you how to get that information. Each line in Listing 1 C
clearly illustrates a system call and its parameters in a similar format, which is what C
programmers want to see. Strace also displays these calls in this manner, regardless of the programming language that was used when the program was actually created.
If you want to understand all the details in Listing 1, for all of these system calls, UNIX provides you with a large number of documents. The "most important" function in Listing 1 is a getcwd()
function that represents getting the current working directory . The current xterm displays strace pwd
the output, and then starts another xterm and enters the following command to see the UNIX display of the function:
$ mans GETCWD
What you see should be the getcwd()
complete list of functions and the list of parameters that this important C
function needs and returns. Similarly, you can enter man brk
or man fstat64
so on. Typically, UNIX systems describe these system functions in detail through documentation, and if you take the time to study them carefully, you will gradually learn how powerful UNIX is and how easy it is to learn the details of these underlying systems. Of all the operating systems, UNIX is best at helping you understand the underlying process.
Back to top of page
Observe Nweb
For the next few steps, you need to use a larger and more complex program, rather than a pwd
simple UNIX command like this. A simple Hypertext Transfer Protocol (HTTP) server, such as Nweb, is well suited. When you surf the Internet, the HTTP server listens for browser requests, and then responds to browser requests by sending the requested objects, such as Web pages and graphics files.
Download and install Nweb, written by IBM DeveloperWorks contributor writer Nigel Griffiths. (See the Resources section for the Nigel article "Nweb:?") A tiny, safe Web server (static pages only) "(developerworks,2004 year June) links. )
Download the Es-nweb.zip to $HOME/downloads directory, and then enter the simple command shown in Listing 2 to extract, compile, and start the program:
Note: I assume you need to compile this program for your Linux® workstation. If this is not the case, please read this nweb article for more information on compiling the program on other UNIX operating systems.
Listing 2. Commands for extracting, compiling, and starting Nweb
$ cd src$ mkdir nweb$ CD nweb$ unzip $HOME/downloads/es-nweb.zip$ gcc-ggdb-o-dlinux nweb.c-o nweb$./nweb 9090 $HOME/s Rc/nweb &
Note: the options in Listing 2 are -ggdb
somewhat different from those in the Nigel article, which tells the GCC compiler to optimize the program so that it can be debugged using the GDB debugging tool, which you will use later.
Next, to confirm that the Nweb server is already running, you can check it using the command shown in Listing 3 ps
.
Listing 3. PS command
$ ps PID TTY time CMD 2913 pts/5 00:00:00 bash 4009 pts/5 00:00:00 nweb 4011 pts/5 00:00:00 PS
Finally, to make sure that Nweb is running and in good condition, you can start a Web browser on your computer and enter it in the Address bar http://localhost:9090
.
Use Strace for Nweb
Now, let's do some interesting work. Start another xterm, and then use Strace to track the running Nweb server. To complete this task, you must be aware of the program's process ID and must have the appropriate permissions. You can only see a specific set of system calls, those that are related to the network. Start by entering the command shown in the first line of listing 4, which uses the process ID of the nweb shown earlier. You should see the following output (the second line in Listing 4).
Listing 4. Start tracking the Nweb
$ strace-e trace=network-p 4009accept (0,
Notice that the accept()
trace operation was stopped during the call to the network function. Refresh the page several times in the browser http://localhost:9090
, and note the display of strace each time you refresh the page. Isn't that great? What you see is the nweb
underlying network call made by the server when the Web browser calls the HTTP server (). Simply put, nweb
you are accepting a call from your browser.
You can stop tracking network calls by pressing CTRL + C in the xterm that has window focus running strace.
Back to top of page
Explore the GDB debugging tool again.
As you can see, Strace is a good program to understand how a user program interacts with the operating system through some system calls. The GDB debugging tool itself can also be attached to a running process and help you do more in-depth research.
The GDB debugging tool is useful and provides a large amount of information available on the Internet about the tool. Often, debugging tools are valuable tools, and anyone responsible for developing and maintaining a computer system should know how to use them. So, while Nweb is running on another xterm session, press CTRL + C to stop strace, and then enter the command shown in Listing 5 to start the GDB debugging tool.
Listing 5. Start the GDB debugging tool
$ gdb--quiet (gdb) attach 4009Attaching to process 4009Reading symbols from/home/bill/src/nweb/nweb...done. Reading symbols From/lib/tls/libc.so.6...done. Loaded symbols for/lib/tls/libc.so.6reading symbols from/lib/ld-linux.so.2...done. Loaded symbols for/lib/ld-linux.so.20xffffe410 in?? () (GDB)
-quiet
Option tells the GDB Debug tool to display only its prompt, not all other startup information. If you need to display additional text information, you can remove the -quiet
option.
attach 4009
The command initiates debugging work on the currently running Nweb server, and the GDB debugging tool responds in the same way by reading all the symbolic information about the process. Next, use the info
command to enumerate information about the program you are studying (see Listing 6).
Listing 6. Info command lists program information
(GDB) Info procprocess 4009cmdline = './nweb ' CWD = '/home/bill/src/nweb ' exe = '/home/bill/src/nweb/nweb ' (GDB)
info
Another useful variant of the command (see Listing 7) is info functions
that, however, the list of functions can be very long.
Listing 7. The list of functions obtained by the info functions command
(GDB) Info functionsall defined functions:file nweb.c:void log (int, char *, char *, int); int main (int, char * *); void Web (i NT, int); File __finite:int __finite ();.. (GDB)
Because the -ggdb
nweb program was compiled with options, the executable file contains a lot of debugging information, allowing the debugging tool to see the defined functions listed in the file, as shown in Listing 7.
Back to top of page
List and Disassemble commands
There are two important GDB debugging tool commands, each of which is the list
and disassemble
. Try to use these commands by using the code shown in Listing 8.
Listing 8. List command
As you can see, the list
command lists the running programs as source files and labels the corresponding line numbers. Press the Return key (as shown between lines 130th and 131th) to continue with the last list. Now, try using disassemble
the command, which can be abbreviated as disass
(see Listing 9).
Listing 9. Disassemble command
(GDB) Disass maindump of assembler code for function Main:0x08048ba2 <main+0>: push Ebp0x08048ba3 <main +1>: mov ebp,esp0x08048ba5 <main+3>: push Edi0x08048ba6 <main+4>: push Esi0x08048ba7 <main+5>: push ebx0x08048ba8 <main+6>: Sub Esp,0xc0x08048bab < Main+9>: mov ebx,dword PTR [Ebp+12]0x08048bae <main+12>: and esp,0xfffffff0 ... 0X08048C01 <main+95>: call 0x8048664 <printf>0x08048c06 <main+100>: add ESP , 0x100x08048c09 <main+103>: Inc esi0x08048c0a <main+104>: cmp DWORD PTR [Ebx+esi], 0x0---Type <return> to continue, or Q <return> to quit---
The Disassembly checklist shows the main
assembly language list of the function. In this example, the assembly code indicates that the computer running the code is using the Intel®pentium® processor. If the program runs on different types of processors, such as IBM Power pc®-based computers, your code will look very different.
Back to top of page
monitoring during its operation
Because you are monitoring a running program, you can set the appropriate breakpoint, and then Monitor The program as it responds to the browser request and transmits the. html and. jpg files to the requesting browser. Listing 10 shows how to accomplish this task.
Listing 10. Set breakpoints
(GDB) Break 188Breakpoint 1 at 0x8048e70:file NWEB.C, line 188. (GDB) Commands 1Type commands for when Breakpoint 1 was hit, one per line. End with a line saying just "End". >continue>end (GDB) ccontinuing.
At this point, the GDB debugging tool is set to break at the time the Nweb server accepts browser requests, and the debugging tool will simply display the corresponding request and continue processing other requests without interrupting the running program. Refresh the page in your browser several times http://localhost:9090/
, and you can see that the GDB debugging tool shows the breakpoint and continues to run.
While refreshing the browser page, you should see the breakpoint information as shown in Listing 11 and scroll the output in the GDB Debug tool xterm. As with Strace, you can press CTRL + C to stop debugging the Nweb server. After you stop the trace operation, you can enter quit
a command to exit the GDB debugging tool.
Listing 11. The breakpoint information in the GDB debugging tool xterm
Breakpoint 1, Main (argc=3, argv=0x1) at nweb.c:188188 if (socketfd = accept (LISTENFD, struct sockaddr *) &cli_addr, & amp;length)) < 0) Breakpoint 1, Main (argc=3, argv=0x1) at nweb.c:188188 if (socketfd = accept (LISTENFD, struct sockadd R *) &cli_addr, &length)) < 0) Breakpoint 1, Main (argc=3, argv=0x1) at nweb.c:188188 if (socketfd = Accept (liste NFD, (struct sockaddr *) &cli_addr, &length)) < 0) Breakpoint 1, Main (argc=3, argv=0x1) at nweb.c:188188 if (Soc KETFD = Accept (LISTENFD, (struct sockaddr *) &cli_addr, &length)) < 0) program received signal SIGINT, Interrupt. 0xffffe410 in?? (GDB) quitthe program is running. Quit anyway (and detach it)? (Y or N) ydetaching from program:/home/bill/src/nweb/nweb, Process 4009$
Note that you are telling the GDB debugging tool to stop debugging a program that is still active in memory. Even after you exit the debugging tool, you can refresh the browser page and see that Nweb is still running. You can enter a kill 4009
command to stop the program, or the page will disappear when you exit the session.
As usual, you can learn about a variety of tools, such as Strace and GDB debugging tools, through their man and info pages. Make sure you use these tools provided by UNIX!
Back to top of page
Get as much information as possible
Knowing as much information as possible about the computer you are using is by no means a bad thing, and can also be fun from the process. In fact, UNIX encourages you to study and learn the system by providing a variety of tools, such as Strace and GDB debugging tools, as well as a large amount of information contained in the corresponding man and info pages. Computers are an extension of human wisdom, and the more we learn about them, the more useful they will become.
Fun using the Strace and GDB debugging Tools