1The following are examples of sh_syscalls.d. 2 3This is a simple script to count Shell functions, built-ins, external command 4executions and system calls. Here we trace an example program - 5Code/Shell/func_abc.sh. 6 7# sh_syscalls.d -c ./func_abc.sh -o /tmp/out 8Function A 9Function B 10Function C 11 12# cat /tmp/out 13Tracing... Hit Ctrl-C to end. 14 15Calls for PID 12966, 16 17 FILE TYPE NAME COUNT 18 func_abc.sh func func_a 1 19 func_abc.sh func func_b 1 20 func_abc.sh func func_c 1 21 func_abc.sh syscall getrlimit 1 22 func_abc.sh syscall mmap 1 23 func_abc.sh syscall munmap 1 24 func_abc.sh syscall rexit 1 25 func_abc.sh syscall schedctl 1 26 func_abc.sh syscall sigaltstack 1 27 func_abc.sh syscall stat64 1 28 func_abc.sh syscall sysi86 1 29 func_abc.sh syscall access 2 30 func_abc.sh syscall fcntl 2 31 func_abc.sh syscall getgid 2 32 func_abc.sh syscall getpid 2 33 func_abc.sh syscall setcontext 2 34 func_abc.sh syscall sysconfig 2 35 func_abc.sh builtin echo 3 36 func_abc.sh cmd sleep 3 37 func_abc.sh syscall fork1 3 38 func_abc.sh syscall getuid 3 39 func_abc.sh syscall lwp_sigmask 3 40 func_abc.sh syscall open64 3 41 func_abc.sh syscall read 3 42 func_abc.sh syscall write 3 43 func_abc.sh syscall close 5 44 func_abc.sh syscall setpgrp 5 45 func_abc.sh syscall waitsys 6 46 func_abc.sh syscall brk 9 47 func_abc.sh syscall ioctl 15 48 func_abc.sh syscall sigaction 53 49 50While tracing, three functions were called - func_a(), func_b() and 51func_c(). There were 3 instances of the shell built-in 'echo' being called, 52and 3 executions of the sleep command (which is probably /usr/bin/sleep - use 53the syscall provider to confirm). There were numerous system calls made, 54including 9 brk()'s, 15 ioctl()'s and 53 sigaction()'s. 55 56This script can provide an insight to how a script is interacting 57with the system, by providing function calls, commands, built-ins and system 58calls in the same output. 59 60