cab222 · September 1, 2014 19:18
diff --git a/strace_simple b/strace_simple
 #include <stdio.h>
 #include <fcntl.h>

 int main()
 {
    int x = open("/tmp/test.txt", O_WRONLY);
    return 0;
 }



 [vagrant@localhost vagrant]$ strace ./a.out
 execve("./a.out", ["./a.out"], [/* 25 vars */]) = 0

 #why did we need to know where the data section ended, we did nothing with it.
 brk(0)                                  = 0x1d90000  

 #Demand zero in 1 page, what are we putting there? Dont see address being used
 mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fb608fbc000  

 #Try to find this file, not there. File containing list ELF shared libraries to be loaded before the program
 access("/etc/ld.so.preload", R_OK)      = -1 ENOENT (No such file or directory) 


 #open file containing directories of shared libraris
 open("/etc/ld.so.cache", O_RDONLY)      = 3 
 #Find out how big it is
 fstat(3, {st_mode=S_IFREG|0644, st_size=15866, ...}) = 0 
 #memory map the entire file in privately
 mmap(NULL, 15866, PROT_READ, MAP_PRIVATE, 3, 0) = 0x7fb608fb8000  
 #close the file
 close(3)                                = 0 

 #open file pointing to glibc
 open("/lib64/libc.so.6", O_RDONLY)      = 3  
 #Read 832 bytes into a buffer
 read(3, "\177ELF\2\1\1\3\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0p\356\1\0\0\0\0\0"..., 832) = 832  
 #find out how big it is
 fstat(3, {st_mode=S_IFREG|0755, st_size=1921096, ...}) = 0  
 #memory map more than the entire file in privately?
 mmap(NULL, 3750152, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x7fb608a0a000
 mprotect(0x7fb608b94000, 2097152, PROT_NONE) = 0
 mmap(0x7fb608d94000, 20480, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x18a000) = 0x7fb608d94000
 mmap(0x7fb608d99000, 18696, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x7fb608d99000
 close(3)                                = 0


 #clear three page, demand zero page in
 mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fb608fb7000
 mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fb608fb6000
 mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7fb608fb5000
 arch_prctl(ARCH_SET_FS, 0x7fb608fb6700) = 0
 mprotect(0x7fb608d94000, 16384, PROT_READ) = 0
 mprotect(0x7fb608fbd000, 4096, PROT_READ) = 0
 munmap(0x7fb608fb8000, 15866)           = 0

 #Trie to open the file
 open("/tmp/test.txt", O_WRONLY)         = 3
 #Exit
 exit_group(0)                           = ?
	#include <stdio.h>
	#include <fcntl.h>

	int main()
	{
	int x = open("/tmp/test.txt", O_WRONLY);
	return 0;
	}



	[vagrant@localhost vagrant]$ strace ./a.out
	execve("./a.out", ["./a.out"], [/* 25 vars */]) = 0

	#why did we need to know where the data section ended, we did nothing with it.
	brk(0) = 0x1d90000

	#Demand zero in 1 page, what are we putting there? Dont see address being used
	mmap(NULL, 4096, PROT_READ\|PROT_WRITE, MAP_PRIVATE\|MAP_ANONYMOUS, -1, 0) = 0x7fb608fbc000

	#Try to find this file, not there. File containing list ELF shared libraries to be loaded before the program
	access("/etc/ld.so.preload", R_OK) = -1 ENOENT (No such file or directory)


	#open file containing directories of shared libraris
	open("/etc/ld.so.cache", O_RDONLY) = 3
	#Find out how big it is
	fstat(3, {st_mode=S_IFREG\|0644, st_size=15866, ...}) = 0
	#memory map the entire file in privately
	mmap(NULL, 15866, PROT_READ, MAP_PRIVATE, 3, 0) = 0x7fb608fb8000
	#close the file
	close(3) = 0

	#open file pointing to glibc
	open("/lib64/libc.so.6", O_RDONLY) = 3
	#Read 832 bytes into a buffer
	read(3, "\177ELF\2\1\1\3\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0p\356\1\0\0\0\0\0"..., 832) = 832
	#find out how big it is
	fstat(3, {st_mode=S_IFREG\|0755, st_size=1921096, ...}) = 0
	#memory map more than the entire file in privately?
	mmap(NULL, 3750152, PROT_READ\|PROT_EXEC, MAP_PRIVATE\|MAP_DENYWRITE, 3, 0) = 0x7fb608a0a000
	mprotect(0x7fb608b94000, 2097152, PROT_NONE) = 0
	mmap(0x7fb608d94000, 20480, PROT_READ\|PROT_WRITE, MAP_PRIVATE\|MAP_FIXED\|MAP_DENYWRITE, 3, 0x18a000) = 0x7fb608d94000
	mmap(0x7fb608d99000, 18696, PROT_READ\|PROT_WRITE, MAP_PRIVATE\|MAP_FIXED\|MAP_ANONYMOUS, -1, 0) = 0x7fb608d99000
	close(3) = 0


	#clear three page, demand zero page in
	mmap(NULL, 4096, PROT_READ\|PROT_WRITE, MAP_PRIVATE\|MAP_ANONYMOUS, -1, 0) = 0x7fb608fb7000
	mmap(NULL, 4096, PROT_READ\|PROT_WRITE, MAP_PRIVATE\|MAP_ANONYMOUS, -1, 0) = 0x7fb608fb6000
	mmap(NULL, 4096, PROT_READ\|PROT_WRITE, MAP_PRIVATE\|MAP_ANONYMOUS, -1, 0) = 0x7fb608fb5000
	arch_prctl(ARCH_SET_FS, 0x7fb608fb6700) = 0
	mprotect(0x7fb608d94000, 16384, PROT_READ) = 0
	mprotect(0x7fb608fbd000, 4096, PROT_READ) = 0
	munmap(0x7fb608fb8000, 15866) = 0

	#Trie to open the file
	open("/tmp/test.txt", O_WRONLY) = 3
	#Exit
	exit_group(0) = ?