Tuesday, May 31, 2005

Finding out what a process is doing with strace

strace is a very powerfull and useful command, especially if you are trying to figure out what a certain process is doing ... (in other words, where the heck does it spend all its time). In essence what it does is tell you all the system calls and signals the process is making, which helps understand what it is doing.

You can run it in a couple of ways, either run the process within an "strace shell", or attach to an existing process.
The command prints A LOT of output, but it's usually pretty easy to understand what is going on

To run within an "strace shell":
strace -f -v COMMAND
strace -f -v -o output.txt COMMAND
(output.txt will have the strace output as oppsed to stdout)

To attach to a live process:
strace -f -v -p PID

strace is very powerful, and very detailed, but usually gives invaluable results!

(Thanks to my friend Eran for helping with syntax and such)

Recent update ..
Redhat just put out a nice little guide here : http://www.redhat.com/magazine/010aug05/features/strace/

No comments: