LinuxQuestions.org
Review your favorite Linux distribution.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Software > Linux - Kernel
User Name
Password
Linux - Kernel This forum is for all discussion relating to the Linux kernel.

Notices

Reply
 
Search this Thread
Old 10-24-2009, 08:32 PM   #1
mrshanim
Member
 
Registered: Aug 2009
Posts: 30

Rep: Reputation: 16
intercepting system call / alternative to strace


Hello guys,
I want to trace a particular application, all the system calls which was call to that application.
I can do this by strace but I want to do this dynamically. like say if I want to keep track on ps2pdf, whenever I run this command then it should capture all the system calls related to ps2pdf.
CAn we do this by intercpeting the system call? ( execve , read, write ,open ,close) . Its enough if we can able to get exec() command .
Is there any other way to achieve this?

Thanks
Shanim
 
Old 10-24-2009, 08:51 PM   #2
syg00
LQ Veteran
 
Registered: Aug 2003
Location: Australia
Distribution: Lots ...
Posts: 12,286

Rep: Reputation: 1030Reputation: 1030Reputation: 1030Reputation: 1030Reputation: 1030Reputation: 1030Reputation: 1030Reputation: 1030
Have a look at systemtap.
 
Old 10-24-2009, 09:07 PM   #3
mrshanim
Member
 
Registered: Aug 2009
Posts: 30

Original Poster
Rep: Reputation: 16
Hi, Thanks for reply
But systemmap can able to return this kind of output? like not counting how many syscalls, how many times,
rather I am looking for an arguments inside it. I can able to parse those system call by other functions.

Basically I am trying to generate a relationship between arguments of the syscalls ( including header files / or read only files etc)
Can I achieve this by systemtap? if yes tell me in short how?



Quote:
execve("/usr/bin/pdf2ps", ["pdf2ps", "./wp_systemcallinterception.pdf", "new.ps$
rt_sigprocmask(SIG_BLOCK, NULL, [], 8) = 0
brk(0xfea000) = 0xfea000
open("/proc/meminfo", O_RDONLY) = 3
fstat(3, {st_mode=S_IFREG|0444, st_size=0, ...}) = 0
mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f$
read(3, "MemTotal: 3996212 kB\nMemFree"..., 1024) = 774
close(3) = 0
......
...
..
This I can get using strace I am looking same kind of information using systemmap or any other way
Thanks
Shanim

Last edited by mrshanim; 10-24-2009 at 09:09 PM.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Strace Linux System Call Peter_APIIT Programming 2 05-25-2009 12:12 AM
How to call system call from usb driver's code Mr.J Linux - Kernel 4 09-29-2008 03:47 AM
How can i make centos 4.5's system call using vDSO(call *%gs:0x10) instead of int80 tclwp Red Hat 3 08-06-2007 12:07 AM
Calling a system call from a system call? Loc_8 Programming 0 09-16-2006 04:21 PM
problem in intercepting sys_write system call appas Programming 7 09-03-2004 12:33 PM


All times are GMT -5. The time now is 12:04 PM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration