I am using the command:
strace -tt -o ${filename} -e trace=network gdb –args ${EXECUTABLE}
to track which system calls occur whilst connecting to and sending messages to a peer. However, I am only receiving the following entries:
15:40:11.908857 --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_TRAPPED, si_pid=5019, si_status=SIGSTOP, si_utime=0, si_stime=0} --- 15:40:11.911130 --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_TRAPPED, si_pid=4987, si_status=SIGTRAP, si_utime=1, si_stime=0} --- 15:40:11.914907 --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=4987, si_status=0, si_utime=1779, si_stime=180} --- 15:40:11.963586 --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_TRAPPED, si_pid=4983, si_status=SIGTRAP, si_utime=37, si_stime=4} --- 15:40:11.973691 --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_TRAPPED, si_pid=5019, si_status=SIGSTOP, si_utime=0, si_stime=0} --- 15:40:11.975929 --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_TRAPPED, si_pid=4983, si_status=SIGTRAP, si_utime=37, si_stime=4} --- 15:40:11.979922 --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=4983, si_status=0, si_utime=1816, si_stime=184} ---
Should I not see the socket calls to read()
close()
etc?
Advertisement
Answer
Using strace with gdb --args ${EXECUTABLE}
prints syscall of gdb, instead of syscall of the executable running under gdb.
In order to prints syscall of your executable you could use :
strace -f -tt -o ${filename} -e trace=network ${EXECUTABLE}
The ‘-f’ option ask to strace to follow forks, this is useful when an executable fork new thread or new process.