c - system call tracing using ptrace

Question

I wrote a program to list all the system calls executed by a command (say /bin/ls). Now what I am trying to do is find all the system call arguments, environment variables, command line arguments that may be passed to it

Example: If I open a file. The system call sys_access will open the file right ? But how to get these values?
Want to do this for system calls like open, read, write, close.

As per my study these must be in the registers (ebx - edx) If so what does these register values signify? I got this link.
But I really couldn't get much from there. Also any further references for this would be much helpful.

Answer 1

(Revised form of comments above (so you can accept it)):

Detailed syscall parameters can be looked up in Linux kernel header syscalls.h. In above case, as sys_access (#33 on x86) has only two parameters:

• first is the pointer to filename, so your file name was stored at address 0x4c4d8e
• Second parameter is file mode (see mode flag defines)
• as there is no third parameter to this syscall, edx is not relevant and contains some undefined value

Return value of this syscall is -2 (ENOENT, defined in errno-base.h), which signifies error (no such file or directory).

Also note (see Basile's comment above) that you are duplicating the functionality of strace utility.