How to trace a process for system calls?

Question

I am trying to code a program that traces itself for system calls. I am having a difficult time making this work. I tried calling a fork() to create an instance of itself (the c

Answer 1

In your parent how many calls do you want to monitor? If you want more than one you're going to need some kind of loop.

Note the line in the example, it's important:

ptrace(PTRACE_TRACEME, 0, NULL, NULL);

Looking at the man page the child needs to either do a PTRACE_TRACEME and an exec, or the parent needs to trace using PTRACE_ATTACH. I don't see either in your code:

The parent can initiate a trace by calling fork(2) and having the resulting child do a PTRACE_TRACEME, followed (typically) by an exec(3). Alternatively, the parent may commence trace of an existing process using PTRACE_ATTACH.