0

I'm trying to implement STRACE in c, I was able to print all the SYSCALLS with it's arguments but it doesn't look like the real STRACE ex : my strace

    mmap(0x7f4a8f56a000,8192,3,2066,3,0x1c000)

Strace :

    mmap(0x7fc66739a000, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x1c000)

I only get the flags in octal, how can I print them in a string like they do

same for structures ex : my strace

    fstat(3,0x7fffd94a1ec0)

STRACE :

    fstat(3, {st_mode=S_IFCHR|0660, st_rdev=makedev(0x4, 0x2), ...})

I only can print the struct address, how can I deference it correctly like they do ?.

haxor12
  • 21
  • 1
  • 8
  • 5
    Only by manual coding. Actual `strace` has lots of data (declarations of the syscalls, definitions of the structures and flag bits, etc.) and processing code in the sources to implement this. – Ruslan Jan 01 '21 at 21:30
  • 1
    strace is also an open source utility - why not look at its source code? – baseman101 Jan 01 '21 at 21:33
  • [Linux strace](https://github.com/strace) uses a kind of database to print decode numbers and print descriptive text. See e,g. the [xlat](https://github.com/strace/strace/tree/master/xlat) directory and `xlat.h`/`xlat.c` in the root directory. – Codo Jan 01 '21 at 22:04

0 Answers0