Strace is a very powerful debugging command-line utility tool which helps to troubleshoot the issues by monitoring the system calls and signals of the specific program. In case we do not have source code available, strace can be used to analyze how a program interacts with the system.

Here at Ibmi Media, as part of our Server Management Services, we regularly help our Customers to perform related Linux System tools queries on Linux Systems.

In this context, we shall look into some important strace commands to troubleshoot and debug programs and processes in Linux.

How to Install Strace utility in Linux ?

The Installation of strace utility tools is a straightforward and easy process. Use the following command to install the application as per your Linux distribution.

For Debian/Ubuntu, run the below command:

$ sudo apt install strace

For RedHat/CentOS, run the below command:

$ yum install strace

To Verify the Strace installation, simply run the following command:

$ strace -V

This command will display the version Strace installed on the system.

1. Trace Linux Command system calls using strace

Strace is helpful while tracing Linux command system calls. Here, a simple command pwd is used for tracing:

$ strace pwd

2. Redirect trace log in a file

The system calls trace log can be redirected to a file using strace command as:

$ strace -o pwd-log.txt pwd

Use cat command to find the contents of the file as:

$ cat pwd-log.txt

3. Use strace to print system calls summary instead of regular output.

Using strace with option -c makes it possible to print the log summary. In this example, a summary of the linux command pwd is presented:

$ strace -c pwd

4. Trace particular system calls using strace

Strace command with option -e and trace type (read, write) can be used to trace specific system calls. In this example, the write system call is being traced for the command pwd:

$ strace -e trace=write pwd

5. Strace command to print timestamp of each system call.

Strace command with the option -r can be used to print all the relative timestamps of each system call:

$ strace -r pwd

6. Tracing using process id

If there is any process already running in the system, the system calls can be traced by using strace command with option -p along with the process id. In this example, the process id of nginx is used for tracing

Syntax:

$ strace -p <process id>
$ strace -p 12842

Tracing can be stopped by pressing ctrl+c.

7. Strace command to print debugging output

Strace command with option -d can be used to print debugging output. In this example, a simple Linux command pwd is used for tracing:

$ strace -d pwd

8. Strace command to print time spent on system calls.

Strace command with option -T gives the time spent on system calls as:

$ strace -T pwd

9. Strace command to print instruction pointer

Strace command with the option -i prints the instruction pointer. In this example, a simple Linux command pwd is used for tracing:

$ strace -i pwd

10. Strace command to trace system calls based on specific condition

Strace command can be used to trace system calls based on specific conditions such as memory, process, CPU, etc. In this example, system calls related to memory management are being traced for a simple Linux command pwd:

$ strace -q -e memory pwd

11. Strace command to trace signal related system calls

Signal-related system calls can be traced by defining the trace type in the command. In this example nc -v -n localhost 80 is used for tracing system calls related to the signal.

$ strace -e trace=signal nc -v -n 127.0.0.1 80

[Need assistance in fixing Linux system issues ? We can help you. ]