LinuxCommandLibrary
GitHubF-DroidGoogle Play Store

ltrace

Intercepts and records dynamic library calls made by a process

TLDR

Trace library calls of a program
$ ltrace [path/to/program]
copy
Count library calls and print a summary on exit
$ ltrace -c [path/to/program]
copy
Trace specific library functions
$ ltrace -e malloc+free [path/to/program]
copy
Trace calls and also display system calls
$ ltrace -S [path/to/program]
copy
Attach to a running process
$ ltrace -p [pid]
copy
Write trace output to a file
$ ltrace -o [path/to/file] [path/to/program]
copy
Trace child processes created by fork
$ ltrace -f [path/to/program]
copy
Show time spent inside each library call
$ ltrace -T [path/to/program]
copy

SYNOPSIS

ltrace [options] [command [arg ...]]

DESCRIPTION

ltrace intercepts and records dynamic library calls made by a process and signals received by it. It is useful for debugging and understanding how programs interact with shared libraries.

PARAMETERS

-a, --align column

Align return values in a specific column (default is 5/8 of screen width).
-A maxelts
Maximum number of array elements to print before suppressing the rest with an ellipsis.
-b, --no-signals
Disable printing of signals received by the traced process.
-c
Count time and calls for each library call and print a summary on program exit.
-C, --demangle
Decode (demangle) low-level C++ symbol names into user-level names.
-D, --debug mask
Show debugging output of ltrace itself.
-e filter
Qualifying expression to select which library calls to trace.
-f
Trace child processes created by fork(2) or clone(2).
-F, --config pathlist
Colon-separated list of paths for prototype library configuration files.
-i
Print the instruction pointer at the time of the library call.
-l, --library librarypattern_
Display only calls to functions in libraries matching the pattern.
-L
Don't display library calls (use with -x to trace only symbol entry points).
-n, --indent nr
Indent trace output by nr spaces for each nested call level.
-o, --output filename
Write trace output to a file instead of stderr.
-p pid
Attach to the process with the given process ID.
-r
Print a relative timestamp with each line of the trace.
-s strsize
Maximum string size to print (default: 32).
-S
Display system calls as well as library calls.
-t
Prefix each line with the time of day.
-tt
Time of day with microseconds.
-ttt
Microseconds since the epoch.
-T
Show the time spent inside each call.
-u username
Run command with the userid and groupid of the specified user.
-w, --where nr
Show backtrace of nr stack frames for each traced function.
-x filter
Qualifying expression for tracing symbol table entry points.
-V, --version
Show version number and exit.
-h, --help
Display help and exit.

CAVEATS

May significantly slow down traced programs. Not all library calls may be intercepted on all architectures. The -w option requires elfutils or libunwind support at compile time.

SEE ALSO

strace(1), ldd(1), gdb(1), nm(1), objdump(1)

Copied to clipboard
Kai