Debugging with strace in Linux

Debugging with strace in Linux

strace – trace system calls and signals

In the simplest case, strace runs the specified command until it exits. It intercepts and records the system calls which are called by a process and the signals which are received by a process. The name of each system call, its arguments and its return value are printed on standard error or to the file specified with the -o option.

strace is a useful diagnostic, instructional, and debugging tool. System administrators, diagnosticians and troubleshooters will find it invaluable for solving problems with programs for which the source is not readily available since they do not need to be recompiled in order to trace them. Students, hackers and the overly-curious will find that a great deal can be
learned about a system and its system calls by tracing even ordinary programs. And programmers will find that since system calls and signals are events that happen at the user/kernel interface, a close examination of this boundary is very useful for bug isolation, sanity checking and attempting to capture race conditions.


Here are few practical examples of strace options:

Trace a command or a program.

strace <program / comamnd to be executed>

Trace a command or a program and all of its child processes with “-f” follow.

strace -f <program / comamnd to be executed>

Trace a running process

strace -fp <pid>

Trace a running process and report the time spent in each system call

strace-fTp <pid>

I recommend you to set the buffer size to a higher value so that you can see more data without getting truncated in the output. You can achieve it as follow:

strace -f -s 4096 -p <PID>

The following are my favourite set of combinations. These set of options are more useful.

strace -tTfs 4096 -o /trace.log <command / program>
strace -tTfs 4096 -o /trace.log -p <PID>


Above will show time spent in each call (-T option), system time (-t), Follow child processes (-f), set buffer size to 4096 bytes (-s 4096) write the output to a log file ( -o).

Happy debugging !! : )

I will add few more practical use cases here..

One Reply to “Debugging with strace in Linux”

Leave a Reply

Your email address will not be published. Required fields are marked *