Tracers

One class of tools captures the events and function calls of compiled programs (and sometimes even of the entire system), producing logs known as traces. Programmers can use these logs to understand which function calls and actions lead to errors, and repeated entries could indicate race conditions or deadlocks. Reverse engineers might find debuggers useful, and kernel developers could gain insights into the typical processes between user space and the operating system kernel. Admins can use these tools to find out what’s happening on a system, with traces helping them take a closer look at suspicious behavior. For example, if you monitor and log all calls to the system function open, a look at the debugger output could reveal which programs regularly produce temporary files of several gigabytes.