strace: See what system calls kernel is executing.

strace: See what system calls kernel is executing.
5 (100%) 4 votes

In linux environment when you run any piece of code, any application or software. The piece of code actually maps to the some set of instructions in kernel level. To see those instructions that are being executed for that piece of code we can use this tool called strace. We will see what system calls kernel is executing.

Installation:

sudo apt-get install strace

Usage:

After this is installed you can use it. To see its options type the below command

strace -h

Keep in mind you have to run it with sudo or root.

Lets try to debug a command df
Look at the below command to do it.

strace df

You will see lot of lines coming up that were executed to get the output required. These lines consists of the kernel level function that it called for the command to complete. You can find various commands like open,stat, statfs,close, read, lseek, etc.

You can read about these functions here.
http://man7.org/linux/man-pages/man2/syscalls.2.html

Now you will be able to map what any command does at kernel level to present you with the output it needs.

Recommended books for devops and linux admin

How to attach strace to running process?

You have to find the ID of process you want to attach strace to. To do so you can simple run the below command

ps aux| grep "program matching string"

Second column in the output is your ID.

Now you can run the below command to start watching the list of system calls happening for your process.

strace -p pid

You can read about other option of strace and use it. To do so you can type

man strace

It will show all the options and arguments that you can use.

Strace is a very powerful tool when it comes to checking performance of the system. You can go through articles of
http://www.brendangregg.com/blog/2014-05-11/strace-wow-much-syscall.html

Brendan Gregg’s Blog is an awesome place to learn about system performance and stuff related to that.

This was an small introduction on how you can start using strace.

If you like the article please share and subscribe. You can also read recent articles below.


Gaurav Yadav

Gaurav is cloud infrastructure engineer and a full stack web developer and blogger. Sportsperson by heart and loves football. Scale is something he loves to work for and always keen to learn new tech. Experienced with CI/CD, distributed cloud infrastructure, build systems and lot of SRE Stuff.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.