In linux environment when you run any piece of code, any application or software. The piece of code actually maps to the some set of instructions in kernel level. To see those instructions that are being executed for that piece of code we can use this tool called strace. We will see what system calls kernel is executing.
sudo apt-get install strace
After this is installed you can use it. To see its options type the below command
Keep in mind you have to run it with sudo or root.
Lets try to debug a command
Look at the below command to do it.
You will see lot of lines coming up that were executed to get the output required. These lines consists of the kernel level function that it called for the command to complete. You can find various commands like
statfs,close, read, lseek, etc.
You can read about these functions here.
Now you will be able to map what any command does at kernel level to present you with the output it needs.
How to attach strace to running process?
You have to find the ID of process you want to attach strace to. To do so you can simple run the below command
ps aux| grep "program matching string"
Second column in the output is your ID.
Now you can run the below command to start watching the list of system calls happening for your process.
strace -p pid
You can read about other option of strace and use it. To do so you can type
It will show all the options and arguments that you can use.
Strace is a very powerful tool when it comes to checking performance of the system. You can go through articles of
Brendan Gregg’s Blog is an awesome place to learn about system performance and stuff related to that.
This was an small introduction on how you can start using strace.
If you like the article please share and subscribe. You can also read recent articles below.