sreplay is a tool that performs system call replay of strace logs on UNIX-like operating systems. It is written in assembly and C, and is free software licensed under the LGPL. It is ported to i386 and ppc64 Linux at present, and currently supports playback of about 34 system calls, which is enough to replay the interesting paths of some server applications and to replay simple dynamically-linked applications in their entirety.


  1. Download
  2. Development
  3. Description
  4. Documentation
  5. Example


Build instructions are in the README. A simple list of changes per release is in the NEWS file. A detailed list of changes is in the ChangeLog. Binary rpm packages for RHEL and Fedora are at the Dag repository sreplay package page.


You can clone the sreplay source with:

 git clone

Browse the source.

Please send patches or bug reports to Amos Waterland at


sreplay can be thought of as a virtual application. It is a freestanding program that has just enough logic to get itself running and then parse and replay system calls from a trace. It understands the trace format produced by the standard strace utility. Note that it does not attempt to preserve any timing information or trap loads and stores; it just takes an strace log and executes the system calls recorded therein.

It is mostly useful for bringup of experimental operating systems. Since it is an entirely free-standing program (no libgcc or libc), the kernel can blast it into memory with the desired trace and leap at its entry point. In this way, a kernel designer can make sure his kernel properly supports the common code paths through a proprietary database management system (for example) by obtaining a trace thereof.

A freestanding program is one that does not rely on code provided by the compiler runtime library or the system C library. Operating system kernels, hypervisors and bootloaders are freestanding for obvious reasons, but sreplay is so because the code provided by libc makes system calls before handing control to main. Because our goal is to make sreplay execute only those system calls provided in a trace, it must be freestanding. For similar reasons, the trace is accepted as a literal command line argument, because opening a file would involve one or more system calls. The alternative is to embed the trace as a separate ELF section in the sreplay binary, similar to Linux's zImage format, but we have chosen to pursue the simplicity of the argv approach for now.


sreplay is supposed to be easy to use; it has very few options:

  `sreplay' plays back system call traces

  Usage: sreplay [OPTIONS] TRACE
  -?, --help      Print this help statement and exit
      --version   Print version statement and exit
  -n, --dry-run   Parse trace but do not execute it

  Note: TRACE format is that of strace output

  Example: sreplay $(cat foo.strace) 


In the following, we record and replay a simple dynamically-linked program:

  $ strace /bin/echo 'Hello, world!' 2> hello.strace
  Hello, world!
  $ sreplay --dry-run $(cat hello.strace)
  SYS: execve
  ARG: /bin/echo
  ARG: [/bin/echo, Hello, world!]
  ARG: [/* 44 vars */]
  RET: 0

  SYS: uname
  ARG: {sys=Linux, node=cluster013, ...}
  RET: 0

  ... (32 more system calls)

  SYS: exit_group
  ARG: 0
  RET: ?
  $ sreplay $(cat hello.strace)
  Hello, world!

Last upated: Mon Aug 5 15:09:38 EDT 2013