Return to BSD News archive
Path: euryale.cc.adfa.oz.au!newshost.carno.net.au!harbinger.cc.monash.edu.au!lucy.swin.edu.au!news.rmit.EDU.AU!news.unimelb.EDU.AU!munnari.OZ.AU!news.mel.connect.com.au!news.syd.connect.com.au!phaedrus.kralizec.net.au!news.mel.aone.net.au!grumpy.fl.net.au!news.webspan.net!www.nntp.primenet.com!nntp.primenet.com!enews.sgi.com!news.sgi.com!news.bbnplanet.com!su-news-hub1.bbnplanet.com!csn!nntp-xfer-1.csn.net!ncar!newshost.lanl.gov!corvette.mst6.lanl.gov!nntp.cs.sandia.gov!sloth.swcp.com!ns2.mainstreet.net!nn
tp.mainstreet.net!news.walltech.com!samba.rahul.net!rahul.net!a2i!busch.a2i!busch
From: Rainer Busch <busch@rahul.net>
Newsgroups: comp.unix.bsd.freebsd.misc
Subject: strace under FreeBSD
Date: 9 Jan 1997 18:24:41 GMT
Organization: a2i network
Lines: 121
Message-ID: <5b3d59$9ns@samba.rahul.net>
NNTP-Posting-Host: waltz.rahul.net
NNTP-Posting-User: busch
Summary: tracing system calls under FreeBSD ?
X-Newsreader: TIN [version 1.2 PL2]
Xref: euryale.cc.adfa.oz.au comp.unix.bsd.freebsd.misc:33903
Hi !
Is anyone aware of a port of the utility "strace" running under SunOS,
Linux etc. ? Did not find it in the ports collection ...
If there's another likewise powerful tool like it I'd love to hear about
it too !
If you want to take a look, its available at every major Linux site.
Now to get the port specialists among you interested, I pasted in the first
part of the manual entry of the SunOS implementation :
STRACE(1) USER COMMANDS STRACE(1)
NAME
strace - trace system calls and signals
DESCRIPTION
In the simplest case strace runs the specified command until
it exits. It intercepts and records the system calls which
are called by a process and the signals which are received
by a process. The name of each system call, its arguments
and its return value are printed on standard error or to the
file specified with the -o option.
strace is a useful diagnositic, instructional, and debugging
tool. System adminstrators, diagnosticians and trouble-
shooters will find it invaluable for solving problems with
programs for which the source is not readily available since
they do not need to be recompiled in order to trace them.
Students, hackers and the overly-curious will find that a
great deal can be learned about a system and its system
calls by tracing even ordinary programs. And programmers
will find that since system calls and signals are events
that happen at the user/kernel interface, a close examina-
tion of this boundary is very useful for bug isolation, san-
ity checking and attempting to capture race conditions.
Each line in the trace contains the system call name, fol-
lowed by its arguments in parentheses and its return value.
An example from stracing the command ``cat /dev/null'' is:
open("/dev/null", O_RDONLY) = 3
Errors (typically a return value of -1) have the errno sym-
bol and error string appended.
open("/foo/bar", O_RDONLY) = -1 ENOENT (No such file or directory)
Signals are printed as a signal symbol and a signal string.
An excerpt from stracing and interrupting the command
``sleep 666'' is:
sigsuspend([] <unfinished ...>
--- SIGINT (Interrupt) ---
+++ killed by SIGINT +++
Arguments are printed in symbolic form with a passion. This
Sun Release 4.1 Last change: 94/06/21 1
STRACE(1) USER COMMANDS STRACE(1)
example shows the shell peforming ``>>xyzzy'' output
redirection:
open("xyzzy", O_WRONLY|O_APPEND|O_CREAT, 0666) = 3
Here the three argument form of open is decoded by breaking
down the flag argument into its three bitwise-OR consti-
tuents and printing the mode value in octal by tradition.
Where traditional or native usage differs from ANSI or
POSIX, the latter forms are preferred. In some cases,
strace output has proven to be more readable than the
source.
Structure pointers are dereferenced and the members are
displayed as appropriate. In all cases arguments are for-
matted in the most C-like fashion possible. For example,
the essence of the command ``ls -l /dev/null'' is captured
as:
lstat("/dev/null", {st_mode=S_IFCHR|0666, st_rdev=makedev(1, 3), ...}) = 0
Notice how the `struct stat' argument is dereferenced and
how each member is displayed symbolically. In particular,
observe how the st_mode member is carefully decoded into a
bitwise-OR of symbolic and numeric values. Also notice in
this example that the first argument to lstat is an input to
the system call and the second argument is an output. Since
output arguments not modified if the system call fails,
arguments may not always be dereferenced. For example,
retrying the ``ls -l'' example with a non-existent file pro-
duces the following line:
lstat("/foo/bar", 0xb004) = -1 ENOENT (No such file or directory)
In this case the porch light is on but nobody is home.
Character pointers are dereferenced and printed as C
strings. Non-printing characters in strings are normally
represented by ordinary C escape codes. Only the first
strsize (32 by default) bytes of strings are printed; longer
strings have an ellipsis appended following the closing
quote. Here is a line from ``ls -l'' where the getpwuid
library routine is reading the password file:
read(3, "root::0:0:System Administrator:/"..., 1024) = 422
[...]