LD_PRELOAD和strace有什么区别? [英] What are the differences between LD_PRELOAD and strace?

问题描述

这两种方法都用于收集系统调用以及参数并返回它们的值.当我们更喜欢LD_PRELOAD时，为什么?也许可以说我们只能通过strace收集系统调用，但是可以通过LD_PRELOAD技巧来收集库调用.但是，还有一个名称为ltrace的库的跟踪器.

Both methods are used to gather system calls also parameters and return values of them. When we prefer LD_PRELOAD and why? Maybe we can say that we can only gather syscalls via strace but we can gather library calls with LD_PRELOAD trick. However, there is another tracer for libraries whose name is ltrace.

推荐答案

strace正在使用 musl-libc 或某些汇编程序编写的实用程序，如busybox的旧版本.

strace is using the ptrace(2) syscall (with PTRACE_SYSCALL probably), so will catch every system call (thru kernel hooks installed by ptrace). It will work on any executable, even on statically linked ones, or those using something else than your distribution's GNU Glibc (like e.g. musl-libc, or some assembly written utility like old versions of busybox).

LD_PRELOAD技巧使用动态加载程序，例如/lib64/ld-linux-x86-64.so.2或/lib/ld.so(请参见 ld.so(8)手册页)等信息，因此不适用于静态链接的可执行文件(或那些使用动态加载程序和GNU libc以外的文件的可执行文件).

LD_PRELOAD tricks use the dynamic loader e.g. /lib64/ld-linux-x86-64.so.2 or /lib/ld.so (see ld.so(8) man page) etc... so won't work with statically linked executables (or those using something else than your dynamic loader and your GNU libc).

ltrace可能也是基于ptrace的.

所有这些都是免费软件，您可以研究其源代码(并对其进行改进).

And all these are being free software, you could study their source code (and improve it).

这篇关于LD_PRELOAD和strace有什么区别?的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！