Efficient way to determine when a child process forks or calls
exec
Dan McNulty
dkmcnulty at gmail.com
Wed May 19 14:13:52 UTC 2010
Thanks for all the great suggestions!
It looks like the kevent system call is the closest to what I need.
However, I didn't mention this, but I would like the process being
traced to be stopped on entrance to fork, exec, etc. This would be
similar to Linux's ptrace interface which sends a SIGTRAP to the
traced process on exec, fork, etc. From what I could tell so far,
kevent doesn't provide this functionality.
Am I missing something? Is there a way to get kevent to stop the
process when events occur?
Thanks again for your help,
-Dan
On Tue, May 18, 2010 at 2:40 AM, Alfred Perlstein <alfred at freebsd.org> wrote:
> * Dan McNulty <dkmcnulty at gmail.com> [100517 08:02] wrote:
>> Hi all,
>>
>> I have been experimenting with ptrace to determine when a child
>> process forks or calls exec. Particularly, I have explored tracing
>> every system call entry and exit similar to what the truss utility
>> does, and for my case, the performance impact of tracing every system
>> call is too great.
>>
>> Is there a more efficient way than tracing every system call entry and
>> exit to determine when a child process forks, calls exec, or creates a
>> new LWP?
>>
>> Thanks a lot for your help!
>
> kevent has some hooks, have you looked at that?
>
> --
> - Alfred Perlstein
> .- AMA, VMOA #5191, 03 vmax, 92 gs500, 85 ch250, 07 zx10
> .- FreeBSD committer
>
More information about the freebsd-hackers
mailing list