Viewing function calls with whocalls


While catching up with various opensolaris.org mailing lists, I came across a post that described the whocalls utility. This nifty little utility can be used to view the stack frames leading up to a call to a specific function, which can be super useful for debugging. To view all of the code paths leading up to the printf function being called, whocalls can be run with the name of the function to look for, and the executable that we want to analyze for calls to that function:

$ whocalls printf /bin/ls /bin/lsblk /bin/lsmod

printf(0x80541b0, 0x8067800, 0x80653a8) /usr/bin/ls:pentry+0x593 /usr/bin/ls:pem+0xb1 /usr/bin/ls:pdirectory+0x266 /usr/bin/ls:main+0x70e /usr/bin/ls:_start+0x7a printf(0x80541b0, 0x8067a48, 0x80653a8) /usr/bin/ls:pentry+0x593 /usr/bin/ls:pem+0xb1 /usr/bin/ls:pdirectory+0x266 /usr/bin/ls:main+0x70e /usr/bin/ls:_start+0x7a < ….. >

Now to do some research on the runtime linker’s auditing facilities in /usr/lib/link_audit/*!

This article was posted by Matty on 2007-03-03 11:31:00 -0400 -0400