Strace is a very powerful debugging command-line utility tool which helps to troubleshoot the issues by monitoring the system calls and signals of the specific program. In case we do not have source code available, strace can be used to analyze how a program interacts with the system.
Here at LinuxAPT, as part of our Server Management Services, we regularly help our Customers to perform related Linux System tools queries on Linux Systems.
In this context, we shall look into some important strace commands to troubleshoot and debug programs and processes in Linux.
The Installation of strace utility tools is a straightforward and easy process. Use the following command to install the application as per your Linux distribution.
For Debian/Ubuntu, run the below command:
$ sudo apt install strace
For RedHat/CentOS, run the below command:
$ yum install strace
To Verify the Strace installation, simply run the following command:
$ strace -V
This command will display the version Strace installed on the system.
Strace is helpful while tracing Linux command system calls. Here, a simple command pwd is used for tracing:
$ strace pwd
The system calls trace log can be redirected to a file using strace command as:
$ strace -o pwd-log.txt pwd
Use cat command to find the contents of the file as:
$ cat pwd-log.txt
Using strace with option -c makes it possible to print the log summary. In this example, a summary of the linux command pwd is presented:
$ strace -c pwd
Strace command with option -e and trace type (read, write) can be used to trace specific system calls. In this example, the write system call is being traced for the command pwd:
$ strace -e trace=write pwd
Strace command with the option -r can be used to print all the relative timestamps of each system call:
$ strace -r pwd
If there is any process already running in the system, the system calls can be traced by using strace command with option -p along with the process id. In this example, the process id of nginx is used for tracing
Syntax:
$ strace -p <process id>
$ strace -p 12842
Tracing can be stopped by pressing ctrl+c.
Strace command with option -d can be used to print debugging output. In this example, a simple Linux command pwd is used for tracing:
$ strace -d pwd
Strace command with option -T gives the time spent on system calls as:
$ strace -T pwd
Strace command with the option -i prints the instruction pointer. In this example, a simple Linux command pwd is used for tracing:
$ strace -i pwd
Strace command can be used to trace system calls based on specific conditions such as memory, process, CPU, etc. In this example, system calls related to memory management are being traced for a simple Linux command pwd:
$ strace -q -e memory pwd
Signal-related system calls can be traced by defining the trace type in the command. In this example nc -v -n localhost 80 is used for tracing system calls related to the signal.
$ strace -e trace=signal nc -v -n 127.0.0.1 80
This article covers strace utility tool and when It can be used. In fact, you will see how to use strace commands to troubleshoot and debug system calls and processes.
Also, Strace monitors the system calls and signals of a specific program. It is helpful when you do not have the source code and would like to debug the execution of a program. strace provides you the execution sequence of a binary from start to end.