Strace Is Your Friend

30 Mar 2016

To become a drastically better programmer, you need not only to know how to use things, you must also know how things really work and how they work together as a system.

To be able to do that, diving into the source code directly is one option, but not the best option (IMHO). Eventually you will need to read the source code, but it had better be AFTER you have understood the behavior of the tool you are trying to comprehend.

Fortunately, there are already a lot of tools available on Linux to help you discover and inspect deeper into software’s behavior - strace (system call tracer) is one of them.

Some simple usage of strace:

# trace the target command and print details for each syscall
$ strace command

# trace the target PID and print details for each syscall
$ strace -p PID

# trace the target PID and trace open() syscalls only:
$ strace -eopen -p PID

# trace target PID and trace connect() and accept() syscalls only:
$ strace -econnect,accept -p PID

That is it for now. Please make use of strace or even perf to help you understand how things work. As you gain more experience with strace or even some other system observability tools, you can further amend this post. Do not forget to check out the man page of strace.

More About strace