在Linux中跟踪本地函数调用的工具。

时间:2021-10-17 01:46:12

I am looking for a tool like ltrace or strace that can trace locally defined functions in an executable. ltrace only traces dynamic library calls and strace only traces system calls. For example, given the following C program:

我正在寻找一个像ltrace或strace这样的工具,它可以在可执行文件中跟踪本地定义的函数。ltrace只跟踪动态库调用,而strace只跟踪系统调用。例如,给定以下C程序:

#include <stdio.h>

int triple ( int x )
{
  return 3 * x;
}

int main (void)
{
  printf("%d\n", triple(10));
  return 0;
}

Running the program with ltrace will show the call to printf since that is a standard library function (which is a dynamic library on my system) and strace will show all the system calls from the startup code, the system calls used to implement printf, and the shutdown code, but I want something that will show me that the function triple was called. Assuming that the local functions have not been inlined by an optimizing compiler and that the binary has not been stripped (symbols removed), is there a tool that can do this?

与ltrace运行程序将显示调用printf因为这是一个标准的库函数(这是一个动态库在我的系统)和strace将显示所有的系统调用启动代码,用于实现的系统调用printf,和关闭代码,但是我想要的东西给我,这个函数被称为三倍。假设本地函数没有被优化编译器内联,并且二进制文件没有被删除(符号删除),是否有一个工具可以做到这一点?

Edit

编辑

A couple of clarifications:

一些说明:

  • It is okay if the tool also provides trace information for non-local functions.
  • 如果该工具还为非本地函数提供跟踪信息,则可以。
  • I don't want to have to recompile the program(s) with support for specific tools, the symbol information in the executable should be enough.
  • 我不想重新编译程序(s)支持特定的工具,在可执行文件中的符号信息应该足够了。
  • I would be really nice if I could use the tool to attach to existing processes like I can with ltrace/strace.
  • 如果我能使用这个工具附加到现有的进程,比如ltrace/strace,我将会非常好。

12 个解决方案

#1

52  

Assuming you only want to be notified for specific functions, you can do it like this:

假设您只希望得到特定函数的通知,您可以这样做:

compile with debug informations (as you already have symbol informations, you probably also have enough debugs in)

使用调试信息进行编译(因为您已经有了符号信息,您可能也有足够的调试信息)

given

鉴于

#include <iostream>

int fac(int n) {
    if(n == 0)
        return 1;
    return n * fac(n-1);
}

int main()
{
    for(int i=0;i<4;i++)
        std::cout << fac(i) << std::endl;
}

Use gdb to trace:

使用gdb跟踪:

[js@HOST2 cpp]$ g++ -g3 test.cpp
[js@HOST2 cpp]$ gdb ./a.out
(gdb) b fac
Breakpoint 1 at 0x804866a: file test.cpp, line 4.
(gdb) commands 1
Type commands for when breakpoint 1 is hit, one per line.
End with a line saying just "end".
>silent
>bt 1
>c
>end
(gdb) run
Starting program: /home/js/cpp/a.out
#0  fac (n=0) at test.cpp:4
1
#0  fac (n=1) at test.cpp:4
#0  fac (n=0) at test.cpp:4
1
#0  fac (n=2) at test.cpp:4
#0  fac (n=1) at test.cpp:4
#0  fac (n=0) at test.cpp:4
2
#0  fac (n=3) at test.cpp:4
#0  fac (n=2) at test.cpp:4
#0  fac (n=1) at test.cpp:4
#0  fac (n=0) at test.cpp:4
6

Program exited normally.
(gdb)

Here is what i do to collect all function's addresses:

下面是我收集所有函数地址的方法:

tmp=$(mktemp)
readelf -s ./a.out | gawk '
{ 
  if($4 == "FUNC" && $2 != 0) { 
    print "# code for " $NF; 
    print "b *0x" $2; 
    print "commands"; 
    print "silent"; 
    print "bt 1"; 
    print "c"; 
    print "end"; 
    print ""; 
  } 
}' > $tmp; 
gdb --command=$tmp ./a.out; 
rm -f $tmp

Note that instead of just printing the current frame(bt 1), you can do anything you like, printing the value of some global, executing some shell command or mailing something if it hits the fatal_bomb_exploded function :) Sadly, gcc outputs some "Current Language changed" messages in between. But that's easily grepped out. No big deal.

注意,不只是打印当前帧(bt 1),你可以做任何你喜欢的事情,打印一些全局的值,执行一些shell命令或者发送一些东西,如果它命中fatal_爆炸性函数:)很遗憾,gcc输出了一些“当前语言更改”的消息。但这是很容易的。没什么大不了的。

#2

19  

System Tap can be used on a modern Linux box (Fedora 10, RHEL 5, etc.).

系统Tap可以在一个现代的Linux盒子上使用(Fedora 10, RHEL 5,等等)。

First download the para-callgraph.stp script.

首先下载para-callgraph。stp脚本。

Then run:

然后运行:

$ sudo stap para-callgraph.stp 'process("/bin/ls").function("*")' -c /bin/ls
0    ls(12631):->main argc=0x1 argv=0x7fff1ec3b038
276  ls(12631): ->human_options spec=0x0 opts=0x61a28c block_size=0x61a290
365  ls(12631): <-human_options return=0x0
496  ls(12631): ->clone_quoting_options o=0x0
657  ls(12631):  ->xmemdup p=0x61a600 s=0x28
815  ls(12631):   ->xmalloc n=0x28
908  ls(12631):   <-xmalloc return=0x1efe540
950  ls(12631):  <-xmemdup return=0x1efe540
990  ls(12631): <-clone_quoting_options return=0x1efe540
1030 ls(12631): ->get_quoting_style o=0x1efe540

See also: Observe, systemtap and oprofile updates

参见:观察,systemtap和oprofile更新。

#3

11  

Using Uprobes (since Linux 3.5)

Assuming you wanted to trace all functions in ~/Desktop/datalog-2.2/datalog when calling it with the parameters -l ~/Desktop/datalog-2.2/add.lua ~/Desktop/datalog-2.2/test.dl

假设您想要跟踪~/Desktop/datalog-2.2/datalog中的所有函数,并使用参数-l ~/Desktop/datalog-2.2/add。lua ~ /桌面/ datalog - 2.2 / test.dl

  1. cd /usr/src/linux-`uname -r`/tools/perf
  2. cd /usr/src/linux——uname - r /工具/性能
  3. for i in `./perf probe -F -x ~/Desktop/datalog-2.2/datalog`; do sudo ./perf probe -x ~/Desktop/datalog-2.2/datalog $i; done
  4. 因为我在”。/perf探测器-F -x ~/桌面/datalog-2.2/datalog ';sudo ./perf探针-x ~/Desktop/datalog-2.2/datalog $i;完成
  5. sudo ./perf record -agR $(for j in $(sudo ./perf probe -l | cut -d' ' -f3); do echo "-e $j"; done) ~/Desktop/datalog-2.2/datalog -l ~/Desktop/datalog-2.2/add.lua ~/Desktop/datalog-2.2/test.dl
  6. sudo ./perf record -agR $(for j in $(sudo ./perf probe -l | cut -d' -f3);回声”- e $ j”;做)~ /桌面/ datalog - 2.2 / datalog - l ~ /桌面/ datalog - 2.2 /添加。lua ~ /桌面/ datalog - 2.2 / test.dl
  7. sudo ./perf report -G
  8. sudo。/性能报告- g

在Linux中跟踪本地函数调用的工具。在Linux中跟踪本地函数调用的工具。

#4

9  

Assuming you can re-compile (no source change required) the code you want to trace with the gcc option -finstrument-functions, you can use etrace to get the function call graph.

假设您可以重新编译(不需要源代码更改),您想要跟踪的代码与gcc选项-finstrument-functions,您可以使用etrace来获得函数调用图。

Here is what the output looks like:

下面是输出的样子:

\-- main
|   \-- Crumble_make_apple_crumble
|   |   \-- Crumble_buy_stuff
|   |   |   \-- Crumble_buy
|   |   |   \-- Crumble_buy
|   |   |   \-- Crumble_buy
|   |   |   \-- Crumble_buy
|   |   |   \-- Crumble_buy
|   |   \-- Crumble_prepare_apples
|   |   |   \-- Crumble_skin_and_dice
|   |   \-- Crumble_mix
|   |   \-- Crumble_finalize
|   |   |   \-- Crumble_put
|   |   |   \-- Crumble_put
|   |   \-- Crumble_cook
|   |   |   \-- Crumble_put
|   |   |   \-- Crumble_bake

On Solaris, truss (strace equivalent) has the ability to filter the library to be traced. I'm was surprised when I discovered strace doesn't have such a capability.

在Solaris上,truss (strace等效)具有过滤要跟踪的库的能力。当我发现strace没有这样的能力时,我很惊讶。

#5

4  

$ sudo yum install frysk
$ ftrace -sym:'*' -- ./a.out

More: ftrace.1

更多:ftrace.1

#6

2  

If you externalize that function into an external library, you should also be able to see it getting called, ( with ltrace ).

如果您将该函数外部化到一个外部库中,您还应该能够看到它被调用(带有ltrace)。

The reason this works is because ltrace puts itself between your app and the library, and when all the code is internalized with the one file it can't intercept the call.

之所以这样做是因为ltrace将自己放在应用程序和库之间,当所有的代码都被一个文件内化时,它就不能拦截调用。

ie: ltrace xterm

即:ltrace xterm

spews stuff from X libraries, and X is hardly system.

从X库中传输数据,而X几乎不是系统。

Outside this, the only real way to do it is compile-time intercept via prof flags or debug symbols.

在此之外,唯一真正的方法是通过标记或调试符号进行编译时拦截。

I just ran over this app, which looks interesting:

我刚刚浏览了这个应用程序,它看起来很有趣:

http://www.gnu.org/software/cflow/

http://www.gnu.org/software/cflow/

But I dont think thats what you want.

但我不认为那是你想要的。

#7

2  

If the functions aren't inlined, you might even have luck using objdump -d <program>.

如果函数没有内联,您甚至可以使用objdump -d

For an example, let's take a loot at the beginning of GCC 4.3.2's main routine:

举例来说,让我们在GCC 4.3.2的主要例程的开始处取一个loot:

$ objdump `which gcc` -d | grep '\(call\|main\)' 

08053270 <main>:
8053270:    8d 4c 24 04             lea    0x4(%esp),%ecx
--
8053299:    89 1c 24                mov    %ebx,(%esp)
805329c:    e8 8f 60 ff ff          call   8049330 <strlen@plt>
80532a1:    8d 04 03                lea    (%ebx,%eax,1),%eax
--
80532cf:    89 04 24                mov    %eax,(%esp)
80532d2:    e8 b9 c9 00 00          call   805fc90 <xmalloc_set_program_name>
80532d7:    8b 5d 9c                mov    0xffffff9c(%ebp),%ebx
--
80532e4:    89 04 24                mov    %eax,(%esp)
80532e7:    e8 b4 a7 00 00          call   805daa0 <expandargv>
80532ec:    8b 55 9c                mov    0xffffff9c(%ebp),%edx
--
8053302:    89 0c 24                mov    %ecx,(%esp)
8053305:    e8 d6 2a 00 00          call   8055de0 <prune_options>
805330a:    e8 71 ac 00 00          call   805df80 <unlock_std_streams>
805330f:    e8 4c 2f 00 00          call   8056260 <gcc_init_libintl>
8053314:    c7 44 24 04 01 00 00    movl   $0x1,0x4(%esp)
--
805331c:    c7 04 24 02 00 00 00    movl   $0x2,(%esp)
8053323:    e8 78 5e ff ff          call   80491a0 <signal@plt>
8053328:    83 e8 01                sub    $0x1,%eax

It takes a bit of effort to wade through all of the assembler, but you can see all possible calls from a given function. It's not as easy to use as gprof or some of the other utilities mentioned, but it has several distinct advantages:

通过所有的汇编程序需要花费一些精力,但是您可以看到来自给定函数的所有可能的调用。它不像gprof或其他一些实用工具那样容易使用,但是它有几个明显的优点:

  • You generally don't need to recompile an application to use it
  • 通常,您不需要重新编译应用程序来使用它。
  • It shows all possible function calls, whereas something like gprof will only show the executed function calls.
  • 它显示了所有可能的函数调用,而像gprof这样的函数只显示执行的函数调用。

#8

2  

There is a shell script for automatizating tracing function calls with gdb. But it can't attach to running process.

在gdb中有一个用于自动跟踪函数调用的shell脚本。但它不能附加到运行过程中。

blog.superadditive.com/2007/12/01/call-graphs-using-the-gnu-project-debugger/

blog.superadditive.com/2007/12/01/call-graphs-using-the-gnu-project-debugger/

Copy of the page - http://web.archive.org/web/20090317091725/http://blog.superadditive.com/2007/12/01/call-graphs-using-the-gnu-project-debugger/

页面的副本- http://web.archive.org/web/20090317091725/http://blog. superadditive.com/2007/12/01/call-graphs-gnu-projectdebugger/。

Copy of the tool - callgraph.tar.gz

工具的副本- callgraph.tar.gz。

http://web.archive.org/web/20090317091725/http://superadditive.com/software/callgraph.tar.gz

http://web.archive.org/web/20090317091725/http:/ /superadditive.com/software/callgraph.tar.gz

It dumps all functions from program and generate a gdb command file with breakpoints on each function. At each breakpoint, "backtrace 2" and "continue" are executed.

它从程序中转储所有函数,并在每个函数上生成一个带有断点的gdb命令文件。在每个断点处执行“backtrace 2”和“continue”。

This script is rather slow on big porject (~ thousands of functions), so i add a filter on function list (via egrep). It was very easy, and I use this script almost evry day.

这个脚本在大的porject(~数千个函数)上比较慢,所以我在函数列表上添加了一个过滤器(通过白鹭)。这很简单,我几乎每天都用这个脚本。

#9

1  

Gprof might be what you want

Gprof可能是你想要的。

#10

1  

See traces, a tracing framework for Linux C/C++ applications: https://github.com/baruch/traces#readme

参阅跟踪,一个用于Linux C/ c++应用程序的跟踪框架:https://github.com/baruch/trace #readme。

It requires recompiling your code with its instrumentor, but will provide a listing of all functions, their parameters and return values. There's an interactive to allow easy navigation of large data samples.

它需要用它的工具重新编译您的代码,但是将提供所有函数的列表,它们的参数和返回值。有一个交互式的,可以轻松导航大数据样本。

#11

0  

Hopefully the callgrind or cachegrind tools for Valgrind will give you the information you seek.

有希望为Valgrind提供的callgrind或cachegrind工具将提供您所需要的信息。

#12

0  

NOTE: This is not the linux kernel based ftrace, but rather a tool I recently designed to accomplish local function tracing and control flow. Linux ELF x86_64/x86_32 are supported publicly.

注意:这不是基于linux内核的ftrace,而是我最近设计的用于实现局部函数跟踪和控制流的工具。Linux ELF x86_64/x86_32是公开支持的。

https://github.com/leviathansecurity/ftrace

https://github.com/leviathansecurity/ftrace

#1

52  

Assuming you only want to be notified for specific functions, you can do it like this:

假设您只希望得到特定函数的通知,您可以这样做:

compile with debug informations (as you already have symbol informations, you probably also have enough debugs in)

使用调试信息进行编译(因为您已经有了符号信息,您可能也有足够的调试信息)

given

鉴于

#include <iostream>

int fac(int n) {
    if(n == 0)
        return 1;
    return n * fac(n-1);
}

int main()
{
    for(int i=0;i<4;i++)
        std::cout << fac(i) << std::endl;
}

Use gdb to trace:

使用gdb跟踪:

[js@HOST2 cpp]$ g++ -g3 test.cpp
[js@HOST2 cpp]$ gdb ./a.out
(gdb) b fac
Breakpoint 1 at 0x804866a: file test.cpp, line 4.
(gdb) commands 1
Type commands for when breakpoint 1 is hit, one per line.
End with a line saying just "end".
>silent
>bt 1
>c
>end
(gdb) run
Starting program: /home/js/cpp/a.out
#0  fac (n=0) at test.cpp:4
1
#0  fac (n=1) at test.cpp:4
#0  fac (n=0) at test.cpp:4
1
#0  fac (n=2) at test.cpp:4
#0  fac (n=1) at test.cpp:4
#0  fac (n=0) at test.cpp:4
2
#0  fac (n=3) at test.cpp:4
#0  fac (n=2) at test.cpp:4
#0  fac (n=1) at test.cpp:4
#0  fac (n=0) at test.cpp:4
6

Program exited normally.
(gdb)

Here is what i do to collect all function's addresses:

下面是我收集所有函数地址的方法:

tmp=$(mktemp)
readelf -s ./a.out | gawk '
{ 
  if($4 == "FUNC" && $2 != 0) { 
    print "# code for " $NF; 
    print "b *0x" $2; 
    print "commands"; 
    print "silent"; 
    print "bt 1"; 
    print "c"; 
    print "end"; 
    print ""; 
  } 
}' > $tmp; 
gdb --command=$tmp ./a.out; 
rm -f $tmp

Note that instead of just printing the current frame(bt 1), you can do anything you like, printing the value of some global, executing some shell command or mailing something if it hits the fatal_bomb_exploded function :) Sadly, gcc outputs some "Current Language changed" messages in between. But that's easily grepped out. No big deal.

注意,不只是打印当前帧(bt 1),你可以做任何你喜欢的事情,打印一些全局的值,执行一些shell命令或者发送一些东西,如果它命中fatal_爆炸性函数:)很遗憾,gcc输出了一些“当前语言更改”的消息。但这是很容易的。没什么大不了的。

#2

19  

System Tap can be used on a modern Linux box (Fedora 10, RHEL 5, etc.).

系统Tap可以在一个现代的Linux盒子上使用(Fedora 10, RHEL 5,等等)。

First download the para-callgraph.stp script.

首先下载para-callgraph。stp脚本。

Then run:

然后运行:

$ sudo stap para-callgraph.stp 'process("/bin/ls").function("*")' -c /bin/ls
0    ls(12631):->main argc=0x1 argv=0x7fff1ec3b038
276  ls(12631): ->human_options spec=0x0 opts=0x61a28c block_size=0x61a290
365  ls(12631): <-human_options return=0x0
496  ls(12631): ->clone_quoting_options o=0x0
657  ls(12631):  ->xmemdup p=0x61a600 s=0x28
815  ls(12631):   ->xmalloc n=0x28
908  ls(12631):   <-xmalloc return=0x1efe540
950  ls(12631):  <-xmemdup return=0x1efe540
990  ls(12631): <-clone_quoting_options return=0x1efe540
1030 ls(12631): ->get_quoting_style o=0x1efe540

See also: Observe, systemtap and oprofile updates

参见:观察,systemtap和oprofile更新。

#3

11  

Using Uprobes (since Linux 3.5)

Assuming you wanted to trace all functions in ~/Desktop/datalog-2.2/datalog when calling it with the parameters -l ~/Desktop/datalog-2.2/add.lua ~/Desktop/datalog-2.2/test.dl

假设您想要跟踪~/Desktop/datalog-2.2/datalog中的所有函数,并使用参数-l ~/Desktop/datalog-2.2/add。lua ~ /桌面/ datalog - 2.2 / test.dl

  1. cd /usr/src/linux-`uname -r`/tools/perf
  2. cd /usr/src/linux——uname - r /工具/性能
  3. for i in `./perf probe -F -x ~/Desktop/datalog-2.2/datalog`; do sudo ./perf probe -x ~/Desktop/datalog-2.2/datalog $i; done
  4. 因为我在”。/perf探测器-F -x ~/桌面/datalog-2.2/datalog ';sudo ./perf探针-x ~/Desktop/datalog-2.2/datalog $i;完成
  5. sudo ./perf record -agR $(for j in $(sudo ./perf probe -l | cut -d' ' -f3); do echo "-e $j"; done) ~/Desktop/datalog-2.2/datalog -l ~/Desktop/datalog-2.2/add.lua ~/Desktop/datalog-2.2/test.dl
  6. sudo ./perf record -agR $(for j in $(sudo ./perf probe -l | cut -d' -f3);回声”- e $ j”;做)~ /桌面/ datalog - 2.2 / datalog - l ~ /桌面/ datalog - 2.2 /添加。lua ~ /桌面/ datalog - 2.2 / test.dl
  7. sudo ./perf report -G
  8. sudo。/性能报告- g

在Linux中跟踪本地函数调用的工具。在Linux中跟踪本地函数调用的工具。

#4

9  

Assuming you can re-compile (no source change required) the code you want to trace with the gcc option -finstrument-functions, you can use etrace to get the function call graph.

假设您可以重新编译(不需要源代码更改),您想要跟踪的代码与gcc选项-finstrument-functions,您可以使用etrace来获得函数调用图。

Here is what the output looks like:

下面是输出的样子:

\-- main
|   \-- Crumble_make_apple_crumble
|   |   \-- Crumble_buy_stuff
|   |   |   \-- Crumble_buy
|   |   |   \-- Crumble_buy
|   |   |   \-- Crumble_buy
|   |   |   \-- Crumble_buy
|   |   |   \-- Crumble_buy
|   |   \-- Crumble_prepare_apples
|   |   |   \-- Crumble_skin_and_dice
|   |   \-- Crumble_mix
|   |   \-- Crumble_finalize
|   |   |   \-- Crumble_put
|   |   |   \-- Crumble_put
|   |   \-- Crumble_cook
|   |   |   \-- Crumble_put
|   |   |   \-- Crumble_bake

On Solaris, truss (strace equivalent) has the ability to filter the library to be traced. I'm was surprised when I discovered strace doesn't have such a capability.

在Solaris上,truss (strace等效)具有过滤要跟踪的库的能力。当我发现strace没有这样的能力时,我很惊讶。

#5

4  

$ sudo yum install frysk
$ ftrace -sym:'*' -- ./a.out

More: ftrace.1

更多:ftrace.1

#6

2  

If you externalize that function into an external library, you should also be able to see it getting called, ( with ltrace ).

如果您将该函数外部化到一个外部库中,您还应该能够看到它被调用(带有ltrace)。

The reason this works is because ltrace puts itself between your app and the library, and when all the code is internalized with the one file it can't intercept the call.

之所以这样做是因为ltrace将自己放在应用程序和库之间,当所有的代码都被一个文件内化时,它就不能拦截调用。

ie: ltrace xterm

即:ltrace xterm

spews stuff from X libraries, and X is hardly system.

从X库中传输数据,而X几乎不是系统。

Outside this, the only real way to do it is compile-time intercept via prof flags or debug symbols.

在此之外,唯一真正的方法是通过标记或调试符号进行编译时拦截。

I just ran over this app, which looks interesting:

我刚刚浏览了这个应用程序,它看起来很有趣:

http://www.gnu.org/software/cflow/

http://www.gnu.org/software/cflow/

But I dont think thats what you want.

但我不认为那是你想要的。

#7

2  

If the functions aren't inlined, you might even have luck using objdump -d <program>.

如果函数没有内联,您甚至可以使用objdump -d

For an example, let's take a loot at the beginning of GCC 4.3.2's main routine:

举例来说,让我们在GCC 4.3.2的主要例程的开始处取一个loot:

$ objdump `which gcc` -d | grep '\(call\|main\)' 

08053270 <main>:
8053270:    8d 4c 24 04             lea    0x4(%esp),%ecx
--
8053299:    89 1c 24                mov    %ebx,(%esp)
805329c:    e8 8f 60 ff ff          call   8049330 <strlen@plt>
80532a1:    8d 04 03                lea    (%ebx,%eax,1),%eax
--
80532cf:    89 04 24                mov    %eax,(%esp)
80532d2:    e8 b9 c9 00 00          call   805fc90 <xmalloc_set_program_name>
80532d7:    8b 5d 9c                mov    0xffffff9c(%ebp),%ebx
--
80532e4:    89 04 24                mov    %eax,(%esp)
80532e7:    e8 b4 a7 00 00          call   805daa0 <expandargv>
80532ec:    8b 55 9c                mov    0xffffff9c(%ebp),%edx
--
8053302:    89 0c 24                mov    %ecx,(%esp)
8053305:    e8 d6 2a 00 00          call   8055de0 <prune_options>
805330a:    e8 71 ac 00 00          call   805df80 <unlock_std_streams>
805330f:    e8 4c 2f 00 00          call   8056260 <gcc_init_libintl>
8053314:    c7 44 24 04 01 00 00    movl   $0x1,0x4(%esp)
--
805331c:    c7 04 24 02 00 00 00    movl   $0x2,(%esp)
8053323:    e8 78 5e ff ff          call   80491a0 <signal@plt>
8053328:    83 e8 01                sub    $0x1,%eax

It takes a bit of effort to wade through all of the assembler, but you can see all possible calls from a given function. It's not as easy to use as gprof or some of the other utilities mentioned, but it has several distinct advantages:

通过所有的汇编程序需要花费一些精力,但是您可以看到来自给定函数的所有可能的调用。它不像gprof或其他一些实用工具那样容易使用,但是它有几个明显的优点:

  • You generally don't need to recompile an application to use it
  • 通常,您不需要重新编译应用程序来使用它。
  • It shows all possible function calls, whereas something like gprof will only show the executed function calls.
  • 它显示了所有可能的函数调用,而像gprof这样的函数只显示执行的函数调用。

#8

2  

There is a shell script for automatizating tracing function calls with gdb. But it can't attach to running process.

在gdb中有一个用于自动跟踪函数调用的shell脚本。但它不能附加到运行过程中。

blog.superadditive.com/2007/12/01/call-graphs-using-the-gnu-project-debugger/

blog.superadditive.com/2007/12/01/call-graphs-using-the-gnu-project-debugger/

Copy of the page - http://web.archive.org/web/20090317091725/http://blog.superadditive.com/2007/12/01/call-graphs-using-the-gnu-project-debugger/

页面的副本- http://web.archive.org/web/20090317091725/http://blog. superadditive.com/2007/12/01/call-graphs-gnu-projectdebugger/。

Copy of the tool - callgraph.tar.gz

工具的副本- callgraph.tar.gz。

http://web.archive.org/web/20090317091725/http://superadditive.com/software/callgraph.tar.gz

http://web.archive.org/web/20090317091725/http:/ /superadditive.com/software/callgraph.tar.gz

It dumps all functions from program and generate a gdb command file with breakpoints on each function. At each breakpoint, "backtrace 2" and "continue" are executed.

它从程序中转储所有函数,并在每个函数上生成一个带有断点的gdb命令文件。在每个断点处执行“backtrace 2”和“continue”。

This script is rather slow on big porject (~ thousands of functions), so i add a filter on function list (via egrep). It was very easy, and I use this script almost evry day.

这个脚本在大的porject(~数千个函数)上比较慢,所以我在函数列表上添加了一个过滤器(通过白鹭)。这很简单,我几乎每天都用这个脚本。

#9

1  

Gprof might be what you want

Gprof可能是你想要的。

#10

1  

See traces, a tracing framework for Linux C/C++ applications: https://github.com/baruch/traces#readme

参阅跟踪,一个用于Linux C/ c++应用程序的跟踪框架:https://github.com/baruch/trace #readme。

It requires recompiling your code with its instrumentor, but will provide a listing of all functions, their parameters and return values. There's an interactive to allow easy navigation of large data samples.

它需要用它的工具重新编译您的代码,但是将提供所有函数的列表,它们的参数和返回值。有一个交互式的,可以轻松导航大数据样本。

#11

0  

Hopefully the callgrind or cachegrind tools for Valgrind will give you the information you seek.

有希望为Valgrind提供的callgrind或cachegrind工具将提供您所需要的信息。

#12

0  

NOTE: This is not the linux kernel based ftrace, but rather a tool I recently designed to accomplish local function tracing and control flow. Linux ELF x86_64/x86_32 are supported publicly.

注意:这不是基于linux内核的ftrace,而是我最近设计的用于实现局部函数跟踪和控制流的工具。Linux ELF x86_64/x86_32是公开支持的。

https://github.com/leviathansecurity/ftrace

https://github.com/leviathansecurity/ftrace

标签:

相关文章