Code Review In Seconds

Self-Hosted AI Code Reviewer

Hexmos LiveReview AI-Powered Code Review
Live Review
AI-Powered Code Review

Strace - System Call Tracer for Linux

Learn how to use strace, a powerful Linux utility for tracing system calls and signals. Understand its commands for debugging and monitoring processes.

Strace: System Call Tracer

Understanding Strace: A Linux System Call Tracer

Strace is an indispensable command-line utility for Linux systems that allows you to trace system calls and signals. It intercepts and records the system calls made by a process and the signals it receives, providing invaluable insights for debugging, monitoring, and understanding program behavior. By observing these interactions with the operating system kernel, developers can diagnose issues, optimize performance, and gain a deeper understanding of how their applications function.

Core Strace Commands and Usage

Here are some fundamental ways to utilize strace:

# To strace a command:
strace <command>

# To save the trace to a file:
strace -o <outfile> <command>

# To follow only the open() system call:
strace -e trace=open <command>

# To follow all the system calls which open a file:
strace -e trace=file <command>

# To follow all the system calls associated with process management:
strace -e trace=process <command>

# To follow child processes as they are created:
strace -f <command>

# To count time, calls and errors for each system call:
strace -c <command>

# To trace a running process (multiple PIDs can be specified):
strace -p <pid>

Advanced Strace Features and Options

Strace offers a wide array of options to fine-tune your tracing. For instance, the -e trace= option is crucial for filtering specific system calls, allowing you to focus on relevant events like file operations (trace=file) or process management (trace=process). The -f flag is essential when dealing with multi-process applications, ensuring that strace follows child processes as they are spawned.

Debugging with Strace

When a program behaves unexpectedly, strace can be your first line of defense. By examining the sequence of system calls, you can often pinpoint the exact moment an error occurs or identify resource contention. The -c option provides a summary of system call usage, including counts, time spent, and errors, which can be very helpful for performance analysis.

Further Resources for System Call Tracing

For more in-depth information on system calls and their behavior on Linux, consult the official documentation:

← Back to cmd cheatsheets All cheatsheets 🙏  Credits & Acknowledgments