nwclug demos

 "The programmer's toolbox"


here is the outline:

I'll have these edited and stuff by then, and
probably release it as a hand-out.
Let me know if you think this may be too long,
if it is, I'll probably just skim over some things.

Tentative plan for next LUG meeting:
 
go over
 strace,
  http://www.wi.leidenuniv.nl/~wichert/strace/
  intercept syscalls, demangles symbols, and shows return code.
 
  advantage: source not needed to debug/no debugging symbols need to
             be present. Very good bug tracking tool.
 
  can profile syscalls, find time spent in each call.
 
  can trace by filtering: -e trace=callname, or
                          trace=network,ipc,signal...
 
  show simple program.
 
 ltrace,
  No homepage.
  Author: Juan Cespedes <cespedes@debian.org>
  similar to strace allows dynamic library calls to be traced as well.
  ltrace -S to disp syscalls, kernels syscalls, not lib ones.
  strace more readable, as it symbolically displays things,
   but -C option allows similar things.
 
 gdb,
  http://sourceware.cygnus.com/gdb/
  debugger, allows tracing of processes.
  if debugging symbols present, allows user to view source
  as it runs, alter variables, change execution, examine
  variables, and dump assembler. Set breakpoints&watchpoints.
  One of the most powerful debugging tools if source is available.
  Lacks memory searches :(
 
 objdump,
  http://sourceware.cygnus.com/binutils/
  part of binutils.
  objdump -d, useful to disassemble.
 
 nm,
  http://sourceware.cygnus.com/binutils/
  part of binutils.
  list symbols from object files, such as libraries.
  Can list fncs, etc as well.        

 biew,
  http://biew.sourceforge.net/
  allows view in: text,binary,hex,dissasm modes.
  allows dissassembly mode, virtual/file addresses.
  ctrl-f1 fr instr sets
 
 khexedit,
  http://home.sol.no/~espensa/khexedit/
  similar to biew, allows viewing in text, binary, hex, oct.
  Useful as a quick way to hex edit things.
  character table, similar to dos/win.
  hex/dec/octal convertor.
  no disasm :(
 
 ddd:
  http://www.gnu.org/software/ddd/
  front end to gdb, very cool.
  graphical display of data structures.
  ability to graphically see execution of program.
 
mention things in procfs, /proc/pid
  <man proc>
  cmdline: command line name used to call prog
  cwd: current working dir
  environ: current environment variables
  exe: symlink to binary executable
  fd: open file descriptors, and links to them
  maps: descriptions memory mapped regions, and perms.
  mem: memory used by process, not mmap()-able yet
  root: current root dir of proc, chroot() to change
  stat: info about process, reported by ps
  status: current status
 
ptrace:
  #include <sys/ptrace.h>
  set of tools to trace processes.
  used by debuggers and tracers, mostly.
 
--
Ellick Chan