"The programmer's toolbox" here is the outline: I'll have these edited and stuff by then, and probably release it as a hand-out. Let me know if you think this may be too long, if it is, I'll probably just skim over some things. Tentative plan for next LUG meeting: go over strace, http://www.wi.leidenuniv.nl/~wichert/strace/ intercept syscalls, demangles symbols, and shows return code. advantage: source not needed to debug/no debugging symbols need to be present. Very good bug tracking tool. can profile syscalls, find time spent in each call. can trace by filtering: -e trace=callname, or trace=network,ipc,signal... show simple program. ltrace, No homepage. Author: Juan Cespedes <cespedes@debian.org> similar to strace allows dynamic library calls to be traced as well. ltrace -S to disp syscalls, kernels syscalls, not lib ones. strace more readable, as it symbolically displays things, but -C option allows similar things. gdb, http://sourceware.cygnus.com/gdb/ debugger, allows tracing of processes. if debugging symbols present, allows user to view source as it runs, alter variables, change execution, examine variables, and dump assembler. Set breakpoints&watchpoints. One of the most powerful debugging tools if source is available. Lacks memory searches :( objdump, http://sourceware.cygnus.com/binutils/ part of binutils. objdump -d, useful to disassemble. nm, http://sourceware.cygnus.com/binutils/ part of binutils. list symbols from object files, such as libraries. Can list fncs, etc as well. biew, http://biew.sourceforge.net/ allows view in: text,binary,hex,dissasm modes. allows dissassembly mode, virtual/file addresses. ctrl-f1 fr instr sets khexedit, http://home.sol.no/~espensa/khexedit/ similar to biew, allows viewing in text, binary, hex, oct. Useful as a quick way to hex edit things. character table, similar to dos/win. hex/dec/octal convertor. no disasm :( ddd: http://www.gnu.org/software/ddd/ front end to gdb, very cool. graphical display of data structures. ability to graphically see execution of program. mention things in procfs, /proc/pid <man proc> cmdline: command line name used to call prog cwd: current working dir environ: current environment variables exe: symlink to binary executable fd: open file descriptors, and links to them maps: descriptions memory mapped regions, and perms. mem: memory used by process, not mmap()-able yet root: current root dir of proc, chroot() to change stat: info about process, reported by ps status: current status ptrace: #include <sys/ptrace.h> set of tools to trace processes. used by debuggers and tracers, mostly. -- Ellick Chan