*BSD News Article 86575


Return to BSD News archive

Path: euryale.cc.adfa.oz.au!newshost.carno.net.au!harbinger.cc.monash.edu.au!lucy.swin.edu.au!news.rmit.EDU.AU!news.unimelb.EDU.AU!munnari.OZ.AU!news.mel.connect.com.au!news.syd.connect.com.au!phaedrus.kralizec.net.au!news.mel.aone.net.au!grumpy.fl.net.au!news.webspan.net!www.nntp.primenet.com!nntp.primenet.com!enews.sgi.com!news.sgi.com!news.bbnplanet.com!su-news-hub1.bbnplanet.com!csn!nntp-xfer-1.csn.net!ncar!newshost.lanl.gov!corvette.mst6.lanl.gov!nntp.cs.sandia.gov!sloth.swcp.com!ns2.mainstreet.net!nn
tp.mainstreet.net!news.walltech.com!samba.rahul.net!rahul.net!a2i!busch.a2i!busch
From: Rainer Busch <busch@rahul.net>
Newsgroups: comp.unix.bsd.freebsd.misc
Subject: strace under FreeBSD
Date: 9 Jan 1997 18:24:41 GMT
Organization: a2i network
Lines: 121
Message-ID: <5b3d59$9ns@samba.rahul.net>
NNTP-Posting-Host: waltz.rahul.net
NNTP-Posting-User: busch
Summary: tracing system calls under FreeBSD ?
X-Newsreader: TIN [version 1.2 PL2]
Xref: euryale.cc.adfa.oz.au comp.unix.bsd.freebsd.misc:33903

Hi !

Is anyone aware of a port of the utility "strace" running under SunOS,
Linux etc. ? Did not find it in the ports collection ...
If there's another likewise powerful tool like it I'd love to hear about 
it too !
If you want to take a look, its available at every major Linux site.
Now to get the port specialists among you interested, I pasted in the first 
part of the manual entry of the SunOS implementation :


STRACE(1)                USER COMMANDS                  STRACE(1)



NAME
     strace - trace system calls and signals


DESCRIPTION
     In the simplest case strace runs the specified command until
     it exits.  It intercepts and records the system calls which
     are called by a process and the signals which are received
     by a process.  The name of each system call, its arguments
     and its return value are printed on standard error or to the
     file specified with the -o option.

     strace is a useful diagnositic, instructional, and debugging
     tool.  System adminstrators, diagnosticians and trouble-
     shooters will find it invaluable for solving problems with
     programs for which the source is not readily available since
     they do not need to be recompiled in order to trace them.
     Students, hackers and the overly-curious will find that a
     great deal can be learned about a system and its system
     calls by tracing even ordinary programs.  And programmers
     will find that since system calls and signals are events
     that happen at the user/kernel interface, a close examina-
     tion of this boundary is very useful for bug isolation, san-
     ity checking and attempting to capture race conditions.

     Each line in the trace contains the system call name, fol-
     lowed by its arguments in parentheses and its return value.
     An example from stracing the command ``cat /dev/null'' is:

     open("/dev/null", O_RDONLY) = 3

     Errors (typically a return value of -1) have the errno sym-
     bol and error string appended.

     open("/foo/bar", O_RDONLY) = -1 ENOENT (No such file or directory)

     Signals are printed as a signal symbol and a signal string.
     An excerpt from stracing and interrupting the command
     ``sleep 666'' is:

     sigsuspend([] <unfinished ...>
     --- SIGINT (Interrupt) ---
     +++ killed by SIGINT +++

     Arguments are printed in symbolic form with a passion.  This



Sun Release 4.1       Last change: 94/06/21                     1






STRACE(1)                USER COMMANDS                  STRACE(1)



     example shows the shell peforming ``>>xyzzy'' output
     redirection:

     open("xyzzy", O_WRONLY|O_APPEND|O_CREAT, 0666) = 3

     Here the three argument form of open is decoded by breaking
     down the flag argument into its three bitwise-OR consti-
     tuents and printing the mode value in octal by tradition.
     Where traditional or native usage differs from ANSI or
     POSIX, the latter forms are preferred.  In some cases,
     strace output has proven to be more readable than the
     source.

     Structure pointers are dereferenced and the members are
     displayed as appropriate.  In all cases arguments are for-
     matted in the most C-like fashion possible.  For example,
     the essence of the command ``ls -l /dev/null'' is captured
     as:

     lstat("/dev/null", {st_mode=S_IFCHR|0666, st_rdev=makedev(1, 3), ...}) = 0

     Notice how the `struct stat' argument is dereferenced and
     how each member is displayed symbolically.  In particular,
     observe how the st_mode member is carefully decoded into a
     bitwise-OR of symbolic and numeric values.  Also notice in
     this example that the first argument to lstat is an input to
     the system call and the second argument is an output.  Since
     output arguments not modified if the system call fails,
     arguments may not always be dereferenced.  For example,
     retrying the ``ls -l'' example with a non-existent file pro-
     duces the following line:

     lstat("/foo/bar", 0xb004) = -1 ENOENT (No such file or directory)

     In this case the porch light is on but nobody is home.

     Character pointers are dereferenced and printed as C
     strings.  Non-printing characters in strings are normally
     represented by ordinary C escape codes.  Only the first
     strsize (32 by default) bytes of strings are printed; longer
     strings have an ellipsis appended following the closing
     quote.  Here is a line from ``ls -l'' where the getpwuid
     library routine is reading the password file:

     read(3, "root::0:0:System Administrator:/"..., 1024) = 422

[...]