Linux调试中的各种trace

Linux中有很多调试手段，很多trace，很让人迷糊，弄得云里雾里。
今天简单介绍下其中的几种trace：ptrace, strace, ltrace, ftrace 。
只是简单介绍它们的基本概念，对其有基本的了解，后面有机会的话，再逐个深入。

ptrace

官方手册说明：https://man7.org/linux/man-pages/man2/ptrace.2.html

The ptrace() system call provides a means by which one process (the “tracer”) may observe and control the execution of another process (the “tracee”), and examine and change the tracee’s memory and registers. It is primarily used to implement breakpoint debugging and system call tracing.
进程跟踪器，类似于gdb watch的调试方法

ptrace是一个系统调用，通过它，一个进程(“tracer”)可以观察和控制另一个进程(“tracee”)的执行，基于它可以实现断点调试和系统调用的跟踪。后面要说的strace就是基于它实现的，还有大名鼎鼎的gdb也是以它为基础的。

strace

官方网站：https://strace.io/

strace is a diagnostic, debugging and instructional userspace utility for Linux. It is used to monitor and tamper with interactions between processes and the Linux kernel, which include system calls, signal deliveries, and changes of process state.

strace是一个功能强大的用于调试、分析、诊断用户空间程序的工具，它可以监视和篡改进程与Linux内核之间的交互，包括系统调用、信号传递和进程状态的更改。

ltrace

官方网站：https://www.ltrace.org/

ltrace intercepts and records dynamic library calls which are called by an executed process and the signals received by that process. It can also intercept and print the system calls executed by the program.

ltrace截获并记录进程动态库的调用以及该进程接收的信号，它还可以拦截和打印程序执行的系统调用，用法类似strace。

ftrace

官方网站：https://www.kernel.org/doc/html/latest/trace/ftrace.html

Ftrace is an internal tracer designed to help out developers and designers of systems to find what is going on inside the kernel. It can be used for debugging or analyzing latencies and performance issues that take place outside of user-space.

ftrace是Linux内核官方出品，内建于Linux的内核跟踪工具，它包含一系列跟踪器，用于不同的场合，比如跟踪内核函数调用(function tracer)、跟踪上下文切换(sched_switch tracer)、查看中断被关闭的时长(irqsoff tracer)、调试或分析内核中的延迟以及性能问题等。

ftrace还有官方的前端交互工具：trace-cmd和kernelshark

后面的篇章会详细展开学习介绍 ftrace。