Working on -e trace

haris iqbal haris.phnx at
Thu Feb 11 05:17:22 UTC 2016


I have understood a fair amount of working, how -e trace=option works.

Through the init() --> qualify()

    for (p = strtok(copy, ","); p; p = strtok(NULL, ",")) {
        int n;
        if (opt->bitflag == QUAL_TRACE && (n = lookup_class(p)) > 0) {
            unsigned pers;
            for (pers = 0; pers < SUPPORTED_PERSONALITIES; pers++) {
                for (i = 0; i < nsyscall_vec[pers]; i++)
                    if (sysent_vec[pers][i].sys_flags & n)
                        qualify_one(i, opt->bitflag, not, pers);

This piece of code is doing the magic. Now the lookupclass() uses the
bit set by the macros which is used to set the bits in qual_vec.
through qualify_one().

Although I am not understanding how the macros

TRACE_FILE, TRACE_IPC, TRACE_NETWORK, etc which corresponds to the
bits 001, 002, 004, work and set the particular system call bit in
qual_vec. I mean what will be the bit if I want to add TRACE_OPEN_LIKE
or something like that.

Btw, I am still trying to understand how qual_vec is used to trace
only particular system calls. May be the knowledge will help me
contribute more.

A Note. I saw at many critical places you are using wait4() system
call to wait for the process. I read it is obsolete. Should we worry
about it and think of changing it to waitpid() and getrusage() at


With regards,

Md Haris Iqbal,
Placement Coordinator, MTech IT
NITK Surathkal,
Contact: +91 8861996962

More information about the Strace-devel mailing list