ldd
ldd is good when you need to know what shared dependencies has an executable file. For example.
angel@mbweb1:/bin$ ldd /bin/bash
libncurses.so.5 => /lib/libncurses.so.5 (0x00002ac651098000)
libdl.so.2 => /lib/libdl.so.2 (0x00002ac6512f4000)
libc.so.6 => /lib/libc.so.6 (0x00002ac6514f8000)
/lib64/ld-linux-x86-64.so.2 (0x00002ac650e7b000)
ltrace / dtruss for mac
As seen in the manual:
ltrace is a program that simply runs the specified command until it exits. It intercepts and records the dynamic library calls which are called by the executed process and the signals which are received by that process. It can also intercept and print the system calls executed by the program.
Here’s some sample output of ltrace
ltrace -p 929
--- SIGSTOP (Stopped (signal)) ---
--- SIGSTOP (Stopped (signal)) ---
fcntl(10, 4, 2050, 12, 0) = 0
accept(10, 0x7fffb0855b30, 0x7fffb08557ac, -1, 0) = 76
fcntl(10, 4, 2, 0, 0) = 0
signal(17, NULL) = NULL
request_init(0x7fffb08557b0, 2, 0x7fffb0857ac5, 1, 76) = 0x7fffb08557b0
sock_host(0x7fffb08557b0, 0, 0x7fffb08555d8, 40, 0x7fffb085583a) = 0
hosts_access(0x7fffb08557b0, 0x2b0bfaa95580, 0x7fffb0853648, -1, 0x7fffb085583a) = 1
getsockname(76, 0x7fffb0855b20, 0x7fffb08557ac, 0x2aaab0000000, 0x2aaab0017ea0) = 0
malloc(8496) = 0x2aaab01857b0
malloc(256) = 0x2aaab000b490
malloc(256) = 0x2aaab000b5a0
memset(0x2aaab0186678, '00', 472) = 0x2aaab0186678
memset(0x2aaab0186b48, '00', 72) = 0x2aaab0186b48
memset(0x2aaab0186558, '00', 72) = 0x2aaab0186558
memset(0x2aaab0186608, '00', 112) = 0x2aaab0186608
pthread_mutex_init(0x2aaab01863c0, 0xda6668, 0, 0x2aaab0186678, 0) = 0
pthread_mutex_lock(0xd94200, 0xda6668, 0, 0x2aaab0186678, 0xda6668) = 0
memcpy(0x2aaab0185c68, "", 528) = 0x2aaab0185c68
malloc(41) = 0x2aaab0002f80
memcpy(0x2aaab0002fa0, "%H:%i:%s", 8) = 0x2aaab0002fa0
malloc(41) = 0x2aaab00646e0
memcpy(0x2aaab0064700, "%Y-%m-%d", 8) = 0x2aaab0064700
malloc(50) = 0x2aaab0064720
memcpy(0x2aaab0064740, "%Y-%m-%d %H:%i:%s", 17) = 0x2aaab0064740
pthread_mutex_unlock(0xd94200, 0xdaaab1, 17, 0, 64) = 0
strcmp("latin1", "utf8") = -1
memset(0x2aaab0185e78, '00', 1312) = 0x2aaab0185e78
malloc(1040) = 0x2aaab00576e0
malloc(256) = 0x2aaab0017ea0
pthread_mutex_lock(0xd93f00, 0x2aaab0185bf8, 0, 704, 128) = 0
pthread_mutex_unlock(0xd93f00, 0x2aaab0185bf8, 0x3252d661, 1, 128) = 0
pthread_self(0x2aaab0186398, 0x2aab7963b5ce, 0x39988b2e, 0xf9988b2b, 0xd93f00) = 0x2b0bfbde9e70
pthread_self(0x2aaab0186398, 0x2aab7963b5ce, 0x39988b2e, 0xf9988b2b, 0xd93f00) = 0x2b0bfbde9e70
malloc(240) = 0x2aaab0017d20
memset(0x2aaab0017d20, '00', 240) = 0x2aaab0017d20
sprintf("", "") = 11
fcntl(76, 4, 0, 0x7fffb0855450, 0) = 0
fcntl(76, 3, 0, -1, 0) = 2
malloc(16391) = 0x2aaab0131590
fcntl(76, 4, 2050, 0, 0x200000) = 0
setsockopt(76, 0, 1, 0x7fffb0855634, 4) = 0
setsockopt(76, 6, 1, 0x7fffb0855634, 4) = 0
pthread_mutex_lock(0xd93f00, 6, 501, -1, 4) = 0
pthread_cond_signal(0xd94920, 6, 0x2aaab01857c0, 0, 4) = 0
pthread_mutex_unlock(0xd93f00, 5, 1, -1, 0xd94920) = 0
select(13, 0x7fffb0855720, 0, 0, 0) = 1
fcntl(10, 4, 2050, 12, 0) = 0
accept(10, 0x7fffb0855b30, 0x7fffb08557ac, -1, 0) = 80
fcntl(10, 4, 2, 0, 0) = 0
signal(17, NULL) = NULL
request_init(0x7fffb08557b0, 2, 0x7fffb0857ac5, 1, 80) = 0x7fffb08557b0
sock_host(0x7fffb08557b0, 0, 0x7fffb08555d8, 40, 0x7fffb085583a) = 0
hosts_access(0x7fffb08557b0, 0x2b0bfaa95580, 0x7fffb0853648, -1, 0x7fffb085583a) = 1
getsockname(80, 0x7fffb0855b20, 0x7fffb08557ac, 0x2aaab0000000, 0x2aaab0017fb0) = 0
malloc(8496) = 0x2aaab01355a0
malloc(256) = 0x2aaab0017fb0
malloc(256) = 0x2aaab00180c0
memset(0x2aaab0136468, '00', 472) = 0x2aaab0136468
...
strace
the same as ltrace, but only for system calls.
Damn, that was cool. I didn’t know those commands. They’re very usefull
I just don’t understand one thing:
What’s that draw doing there? 🙂
And if that girl does exists then WOOOOOOOOOOOOOOOOOOW!!!
Nothing else by the moment 🙂