Forrest logo
tool overview
On this page you find all important commands for the CLI tool strace. If the command you are looking for is missing please ask our AI.

strace

"strace" is a command line tool used in Linux and other Unix-like operating systems to trace and analyze system calls made by a program. It helps in understanding program behavior and troubleshooting issues by providing detailed information about system call interactions. The name "strace" stands for "system call trace."

When a program is executed with "strace," it intercepts and records all the system calls made by that program. It displays information such as the system call name, arguments, and return values. Additionally, it shows signals, process IDs, and various debugging messages.

The output generated by "strace" can be immensely helpful in understanding the flow of a program, identifying errors, and detecting performance bottlenecks. It allows developers, system administrators, and security analysts to gain insights into how a program interacts with the operating system and other external resources.

"strace" is often used for troubleshooting system-level issues, such as determining why a program fails to execute correctly or identifying specific system resource utilization. It is also useful for auditing and analyzing the behavior of potentially malicious programs or identifying software vulnerabilities.

Advanced features of "strace" include the ability to trace specific system calls, filter output based on various criteria, attach to running processes, and save trace results to a file for later analysis. It is a powerful tool in the hands of experienced users but requires knowledge of system call interfaces and understanding of how programs interact with the operating system.

Overall, "strace" is a versatile and indispensable tool for diagnosing, debugging, and studying the behavior of programs at a system call level in Linux and Unix-like environments.

List of commands for strace:

  • strace:tldr:15eba strace: Start tracing a specific process by its PID.
    $ strace -p ${pid}
    try on your machine
    explain this command
  • strace:tldr:3cb2a strace: Start tracing file operations of a program.
    $ strace -e trace=file ${program}
    try on your machine
    explain this command
  • strace:tldr:e7110 strace: Trace a process and filter output by system call.
    $ strace -p ${pid} -e ${system_call_name}
    try on your machine
    explain this command
  • strace:tldr:f1af4 strace: Show the time spent in every system call.
    $ strace -p ${pid} -T
    try on your machine
    explain this command
  • strace:tldr:faf35 strace: Start tracing a program by executing it.
    $ strace ${program}
    try on your machine
    explain this command
tool overview