how to monitor system calls for a process?
- Oops I chose "belongs on uservoice.com" by accident - meant to pick serverfault.comJohn Rasch– John Rasch2009-06-18 03:03:16 +00:00Commented Jun 18, 2009 at 3:03
- 4I monitor system calls all the time while diagnosing problems in my programs. I see no reason to relegate this question to Server Fault. It's a question about debugging techniques.Rob Kennedy– Rob Kennedy2009-06-18 03:15:55 +00:00Commented Jun 18, 2009 at 3:15
Add a comment |
1 Answer
Check strace
In the simplest case strace runs the specified command until it exits. It intercepts and records the system calls which are called by a process and the signals which are received by a process. The name of each system call, its arguments and its return value are printed on standard error or to the file specified with the -o option.
Each line in the trace contains the system call name, followed by its arguments in parentheses and its return value.
4 Comments
ephemient
Somehow I remember
strace being relatively Linux-biased, though it appears to work on other platforms now. SunOS has a similar (and older) truss utility, inherited by Solaris; I believe that truss also runs on BSDs, which have their own ktrace utility. I've never used them, but I hear that Irix and Tru64 have par and trace respectively, all serving the same purpose.
Rob Kennedy
For the most part, the programs all do the same thing. They have different output format, but mostly the same information. On HP-UX, the command is called tusc.
Grzegorz Wierzowiecki
Gabe Halsmer
A great mentor once told me "truss is your friend". And even though I haven't used UNIX in a long time, I understand better now why he emphasized that tool. Visibility into running processes is absolutely key in IT. The person who can do that has a great advantage, or so I've learned in my profession.