strace tips for better debugging

Recently, I have been building software without libc to better understand Linux syscalls and internals better. So far, I have built a minimal shell, terminal Snake game, pure ARM64 assembly HTTP server and threads implementation. I have been using strace extensively while debugging. Useful options and flags I use a version of the following command: strace -fintrCDTYyy -o strace.log -v -s128 ./binary This looks like an alphabet soup of options! Here’s what they do and how they are useful: -f: Follow child processes/threads. This is especially useful when dealing with spawning processes or threads as otherwise, strace will only trace the parent process. -v: Print unabbreviated versions of environment, stat, termios and other structs in syscalls. I found this invaluable in conjunction with -s when doing assembly programming to check if the structs were being initialized correctly and if certain arguments were being sent in little/big endian format -s NUM: Specify the maximum string size to print. Useful for large structs -o: Save strace output to a log file. It is always better to do this to investigate the output of the original process and strace separately without each cluttering the other -yy: Print all available information associated with file descriptors. This is great for expanding the file descriptor to either its full path in case of a file or TCP address in case of sockets -Y: Print command names for PIDs. I found this useful when building the shell to check if the correct program is being executed -t: Print current timestamp in log -T: Show time spent in syscalls. Useful for some basic profiling although strace heavily slows down the process. -r: Print a relative timestamp upon entry to each system call -n: Print syscall number. Great to quickly find out syscall numbers on new architectures. -i: Print instruction pointer at the time of syscall. Found this useful when debugging assembly code to check rough location of errors. -C: Print summary of syscall count, time, errors at the end of regular output Print stack traces The -k or --stack-trace prints the stacktrace along with the syscall. This is useful if your program is compiled with with -g. This post is a good read on using strace to show backtraces for a Golang program compiled with GODEBUG.