Mirror of strace – the linux syscall tracer
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

strace.1.in 35KB

12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455565758596061626364656667686970717273747576777879808182838485868788899091929394959697989910010110210310410510610710810911011111211311411511611711811912012112212312412512612712812913013113213313413513613713813914014114214314414514614714814915015115215315415515615715815916016116216316416516616716816917017117217317417517617717817918018118218318418518618718818919019119219319419519619719819920020120220320420520620720820921021121221321421521621721821922022122222322422522622722822923023123223323423523623723823924024124224324424524624724824925025125225325425525625725825926026126226326426526626726826927027127227327427527627727827928028128228328428528628728828929029129229329429529629729829930030130230330430530630730830931031131231331431531631731831932032132232332432532632732832933033133233333433533633733833934034134234334434534634734834935035135235335435535635735835936036136236336436536636736836937037137237337437537637737837938038138238338438538638738838939039139239339439539639739839940040140240340440540640740840941041141241341441541641741841942042142242342442542642742842943043143243343443543643743843944044144244344444544644744844945045145245345445545645745845946046146246346446546646746846947047147247347447547647747847948048148248348448548648748848949049149249349449549649749849950050150250350450550650750850951051151251351451551651751851952052152252352452552652752852953053153253353453553653753853954054154254354454554654754854955055155255355455555655755855956056156256356456556656756856957057157257357457557657757857958058158258358458558658758858959059159259359459559659759859960060160260360460560660760860961061161261361461561661761861962062162262362462562662762862963063163263363463563663763863964064164264364464564664764864965065165265365465565665765865966066166266366466566666766866967067167267367467567667767867968068168268368468568668768868969069169269369469569669769869970070170270370470570670770870971071171271371471571671771871972072172272372472572672772872973073173273373473573673773873974074174274374474574674774874975075175275375475575675775875976076176276376476576676776876977077177277377477577677777877978078178278378478578678778878979079179279379479579679779879980080180280380480580680780880981081181281381481581681781881982082182282382482582682782882983083183283383483583683783883984084184284384484584684784884985085185285385485585685785885986086186286386486586686786886987087187287387487587687787887988088188288388488588688788888989089189289389489589689789889990090190290390490590690790890991091191291391491591691791891992092192292392492592692792892993093193293393493593693793893994094194294394494594694794894995095195295395495595695795895996096196296396496596696796896997097197297397497597697797897998098198298398498598698798898999099199299399499599699799899910001001100210031004100510061007100810091010101110121013101410151016101710181019102010211022102310241025102610271028102910301031103210331034103510361037103810391040104110421043104410451046104710481049105010511052105310541055105610571058105910601061106210631064106510661067106810691070107110721073107410751076107710781079108010811082108310841085108610871088108910901091109210931094109510961097109810991100110111021103110411051106110711081109111011111112111311141115111611171118111911201121112211231124112511261127112811291130113111321133113411351136113711381139114011411142114311441145114611471148114911501151115211531154115511561157115811591160116111621163116411651166116711681169117011711172117311741175117611771178117911801181118211831184118511861187118811891190119111921193119411951196119711981199120012011202120312041205120612071208120912101211121212131214121512161217121812191220122112221223122412251226122712281229123012311232123312341235123612371238123912401241124212431244124512461247124812491250125112521253125412551256125712581259126012611262126312641265126612671268126912701271127212731274127512761277127812791280128112821283128412851286128712881289129012911292129312941295129612971298129913001301
  1. .\" Copyright (c) 1991, 1992 Paul Kranenburg <pk@cs.few.eur.nl>
  2. .\" Copyright (c) 1993 Branko Lankester <branko@hacktic.nl>
  3. .\" Copyright (c) 1993, 1994, 1995, 1996 Rick Sladkey <jrs@world.std.com>
  4. .\" Copyright (c) 1996-2017 The strace developers.
  5. .\" All rights reserved.
  6. .\"
  7. .\" SPDX-License-Identifier: LGPL-2.1-or-later
  8. .de CW
  9. .sp
  10. .in +4n
  11. .nf
  12. .ft CW
  13. ..
  14. .de CE
  15. .ft R
  16. .fi
  17. .in
  18. .sp
  19. ..
  20. .\" Like .OP, but with ellipsis at the end in order to signify that option
  21. .\" can be provided multiple times. Based on .OP definition in groff's
  22. .\" an-ext.tmac.
  23. .de OM
  24. . ie \\n(.$-1 \
  25. . RI "[\fB\\$1\fP" "\ \\$2" "]...\&"
  26. . el \
  27. . RB "[" "\\$1" "]...\&"
  28. ..
  29. .\" Required option.
  30. .de OR
  31. . ie \\n(.$-1 \
  32. . RI "\fB\\$1\fP" "\ \\$2"
  33. . el \
  34. . BR "\\$1"
  35. ..
  36. .TH STRACE 1 "@MANPAGE_DATE@" "strace @VERSION@"
  37. .SH NAME
  38. strace \- trace system calls and signals
  39. .SH SYNOPSIS
  40. .SY strace
  41. .if '@ENABLE_STACKTRACE_FALSE@'#' .OP \-ACdffhikqqrtttTvVwxxyyzZ
  42. .if '@ENABLE_STACKTRACE_TRUE@'#' .OP \-ACdffhiqqrtttTvVwxxyyzZ
  43. .OP \-I n
  44. .OP \-b execve
  45. .OM \-e expr
  46. .OP \-a column
  47. .OP \-o file
  48. .OP \-s strsize
  49. .OP \-X format
  50. .OM \-P path
  51. .OM \-p pid
  52. .BR "" {
  53. .OR \-p pid
  54. .BR "" |
  55. .OP \-D
  56. .OM \-E var\fR[=\fIval\fR]
  57. .OP \-u username
  58. .IR command " [" args ]
  59. .BR "" }
  60. .YS
  61. .SY strace
  62. .B \-c
  63. .OP \-dfwzZ
  64. .OP \-I n
  65. .OP \-b execve
  66. .OM \-e expr
  67. .OP \-O overhead
  68. .OP \-S sortby
  69. .OM \-P path
  70. .OM \-p pid
  71. .BR "" {
  72. .OR \-p pid
  73. .BR "" |
  74. .OP \-D
  75. .OM \-E var\fR[=\fIval\fR]
  76. .OP -u username
  77. .IR command " [" args ]
  78. .BR "" }
  79. .YS
  80. .SH DESCRIPTION
  81. .IX "strace command" "" "\fLstrace\fR command"
  82. .LP
  83. In the simplest case
  84. .B strace
  85. runs the specified
  86. .I command
  87. until it exits.
  88. It intercepts and records the system calls which are called
  89. by a process and the signals which are received by a process.
  90. The name of each system call, its arguments and its return value
  91. are printed on standard error or to the file specified with the
  92. .B \-o
  93. option.
  94. .LP
  95. .B strace
  96. is a useful diagnostic, instructional, and debugging tool.
  97. System administrators, diagnosticians and trouble-shooters will find
  98. it invaluable for solving problems with
  99. programs for which the source is not readily available since
  100. they do not need to be recompiled in order to trace them.
  101. Students, hackers and the overly-curious will find that
  102. a great deal can be learned about a system and its system calls by
  103. tracing even ordinary programs. And programmers will find that
  104. since system calls and signals are events that happen at the user/kernel
  105. interface, a close examination of this boundary is very
  106. useful for bug isolation, sanity checking and
  107. attempting to capture race conditions.
  108. .LP
  109. Each line in the trace contains the system call name, followed
  110. by its arguments in parentheses and its return value.
  111. An example from stracing the command "cat /dev/null" is:
  112. .CW
  113. open("/dev/null", O_RDONLY) = 3
  114. .CE
  115. Errors (typically a return value of \-1) have the errno symbol
  116. and error string appended.
  117. .CW
  118. open("/foo/bar", O_RDONLY) = \-1 ENOENT (No such file or directory)
  119. .CE
  120. Signals are printed as signal symbol and decoded siginfo structure.
  121. An excerpt from stracing and interrupting the command "sleep 666" is:
  122. .CW
  123. sigsuspend([] <unfinished ...>
  124. --- SIGINT {si_signo=SIGINT, si_code=SI_USER, si_pid=...} ---
  125. +++ killed by SIGINT +++
  126. .CE
  127. If a system call is being executed and meanwhile another one is being called
  128. from a different thread/process then
  129. .B strace
  130. will try to preserve the order of those events and mark the ongoing call as
  131. being
  132. .IR unfinished .
  133. When the call returns it will be marked as
  134. .IR resumed .
  135. .CW
  136. [pid 28772] select(4, [3], NULL, NULL, NULL <unfinished ...>
  137. [pid 28779] clock_gettime(CLOCK_REALTIME, {1130322148, 939977000}) = 0
  138. [pid 28772] <... select resumed> ) = 1 (in [3])
  139. .CE
  140. Interruption of a (restartable) system call by a signal delivery is processed
  141. differently as kernel terminates the system call and also arranges its
  142. immediate reexecution after the signal handler completes.
  143. .CW
  144. read(0, 0x7ffff72cf5cf, 1) = ? ERESTARTSYS (To be restarted)
  145. --- SIGALRM ... ---
  146. rt_sigreturn(0xe) = 0
  147. read(0, "", 1) = 0
  148. .CE
  149. Arguments are printed in symbolic form with passion.
  150. This example shows the shell performing ">>xyzzy" output redirection:
  151. .CW
  152. open("xyzzy", O_WRONLY|O_APPEND|O_CREAT, 0666) = 3
  153. .CE
  154. Here, the third argument of
  155. .BR open (2)
  156. is decoded by breaking down the
  157. flag argument into its three bitwise-OR constituents and printing the
  158. mode value in octal by tradition. Where the traditional or native
  159. usage differs from ANSI or POSIX, the latter forms are preferred.
  160. In some cases,
  161. .B strace
  162. output is proven to be more readable than the source.
  163. .LP
  164. Structure pointers are dereferenced and the members are displayed
  165. as appropriate. In most cases, arguments are formatted in the most C-like
  166. fashion possible.
  167. For example, the essence of the command "ls \-l /dev/null" is captured as:
  168. .CW
  169. lstat("/dev/null", {st_mode=S_IFCHR|0666, st_rdev=makedev(0x1, 0x3), ...}) = 0
  170. .CE
  171. Notice how the 'struct stat' argument is dereferenced and how each member is
  172. displayed symbolically. In particular, observe how the
  173. .B st_mode
  174. member is carefully decoded into a bitwise-OR of symbolic and numeric values.
  175. Also notice in this example that the first argument to
  176. .BR lstat (2)
  177. is an input to the system call and the second argument is an output.
  178. Since output arguments are not modified if the system call fails, arguments may
  179. not always be dereferenced. For example, retrying the "ls \-l" example
  180. with a non-existent file produces the following line:
  181. .CW
  182. lstat("/foo/bar", 0xb004) = \-1 ENOENT (No such file or directory)
  183. .CE
  184. In this case the porch light is on but nobody is home.
  185. .LP
  186. Syscalls unknown to
  187. .B strace
  188. are printed raw, with the unknown system call number printed in hexadecimal form
  189. and prefixed with "syscall_":
  190. .CW
  191. syscall_0xbad(0x1, 0x2, 0x3, 0x4, 0x5, 0x6) = -1 ENOSYS (Function not implemented)
  192. .CE
  193. .LP
  194. Character pointers are dereferenced and printed as C strings.
  195. Non-printing characters in strings are normally represented by
  196. ordinary C escape codes.
  197. Only the first
  198. .I strsize
  199. (32 by default) bytes of strings are printed;
  200. longer strings have an ellipsis appended following the closing quote.
  201. Here is a line from "ls \-l" where the
  202. .BR getpwuid (3)
  203. library routine is reading the password file:
  204. .CW
  205. read(3, "root::0:0:System Administrator:/"..., 1024) = 422
  206. .CE
  207. While structures are annotated using curly braces, simple pointers
  208. and arrays are printed using square brackets with commas separating
  209. elements. Here is an example from the command
  210. .BR id (1)
  211. on a system with supplementary group ids:
  212. .CW
  213. getgroups(32, [100, 0]) = 2
  214. .CE
  215. On the other hand, bit-sets are also shown using square brackets
  216. but set elements are separated only by a space. Here is the shell,
  217. preparing to execute an external command:
  218. .CW
  219. sigprocmask(SIG_BLOCK, [CHLD TTOU], []) = 0
  220. .CE
  221. Here, the second argument is a bit-set of two signals,
  222. .BR SIGCHLD " and " SIGTTOU .
  223. In some cases, the bit-set is so full that printing out the unset
  224. elements is more valuable. In that case, the bit-set is prefixed by
  225. a tilde like this:
  226. .CW
  227. sigprocmask(SIG_UNBLOCK, ~[], NULL) = 0
  228. .CE
  229. Here, the second argument represents the full set of all signals.
  230. .SH OPTIONS
  231. .SS General
  232. .TP 12
  233. .BI "\-e " expr
  234. A qualifying expression which modifies which events to trace
  235. or how to trace them. The format of the expression is:
  236. .RS 15
  237. .IP
  238. [\,\fIqualifier\/\fB=\fR][\fB!\fR][\fB?\fR]\,\fIvalue1\/\fR[\fB,\fR[\fB?\fR]\,\fIvalue2\/\fR]...
  239. .RE
  240. .IP
  241. where
  242. .I qualifier
  243. is one of
  244. .BR trace ,
  245. .BR abbrev ,
  246. .BR verbose ,
  247. .BR raw ,
  248. .BR signal ,
  249. .BR read ,
  250. .BR write ,
  251. .BR fault ,
  252. .BR inject ,
  253. .BR status ,
  254. or
  255. .B kvm
  256. and
  257. .I value
  258. is a qualifier-dependent symbol or number. The default
  259. qualifier is
  260. .BR trace .
  261. Using an exclamation mark negates the set of values. For example,
  262. .BR \-e "\ " open
  263. means literally
  264. .BR \-e "\ " trace = open
  265. which in turn means trace only the
  266. .B open
  267. system call. By contrast,
  268. .BR \-e "\ " trace "=!" open
  269. means to trace every system call except
  270. .BR open .
  271. Question mark before the syscall qualification allows suppression of error
  272. in case no syscalls matched the qualification provided.
  273. Appending one of "@64", "@32", or "@x32" suffixes to the syscall qualification
  274. allows specifying syscalls only for the 64-bit, 32-bit, or 32-on-64-bit
  275. personality, respectively.
  276. In addition, the special values
  277. .B all
  278. and
  279. .B none
  280. have the obvious meanings.
  281. .IP
  282. Note that some shells use the exclamation point for history
  283. expansion even inside quoted arguments. If so, you must escape
  284. the exclamation point with a backslash.
  285. .SS Startup
  286. .TP 12
  287. \fB\-E\ \fIvar\fR=\,\fIval\fR
  288. Run command with
  289. .IR var = val
  290. in its list of environment variables.
  291. .TP
  292. .BI "\-E " var
  293. Remove
  294. .IR var
  295. from the inherited list of environment variables before passing it on to
  296. the command.
  297. .TP
  298. .BI "\-p " pid
  299. Attach to the process with the process
  300. .SM ID
  301. .I pid
  302. and begin tracing.
  303. The trace may be terminated
  304. at any time by a keyboard interrupt signal
  305. .RB ( CTRL\-C ).
  306. .B strace
  307. will respond by detaching itself from the traced process(es)
  308. leaving it (them) to continue running.
  309. Multiple
  310. .B \-p
  311. options can be used to attach to many processes in addition to
  312. .I command
  313. (which is optional if at least one
  314. .B \-p
  315. option is given).
  316. .B \-p
  317. "`pidof PROG`" syntax is supported.
  318. .TP
  319. .BI "\-u " username
  320. Run command with the user \s-1ID\s0, group \s-2ID\s0, and
  321. supplementary groups of
  322. .IR username .
  323. This option is only useful when running as root and enables the
  324. correct execution of setuid and/or setgid binaries.
  325. Unless this option is used setuid and setgid programs are executed
  326. without effective privileges.
  327. .SS Tracing
  328. .TP 12
  329. .BI "\-b " syscall
  330. If specified syscall is reached, detach from traced process.
  331. Currently, only
  332. .BR execve (2)
  333. syscall is supported. This option is useful if you want to trace
  334. multi-threaded process and therefore require
  335. .BR \-f ,
  336. but don't want to trace its (potentially very complex) children.
  337. .TP
  338. .B \-D
  339. Run tracer process as a detached grandchild, not as parent of the
  340. tracee. This reduces the visible effect of
  341. .B strace
  342. by keeping the tracee a direct child of the calling process.
  343. .TP
  344. .B \-f
  345. Trace child processes as they are created by currently traced
  346. processes as a result of the
  347. .BR fork (2),
  348. .BR vfork (2)
  349. and
  350. .BR clone (2)
  351. system calls. Note that
  352. .B \-p
  353. .I PID
  354. .B \-f
  355. will attach all threads of process
  356. .I PID
  357. if it is multi-threaded, not only thread with
  358. .IR thread_id " = " PID .
  359. .TP
  360. .B \-ff
  361. If the
  362. .B \-o
  363. .I filename
  364. option is in effect, each processes trace is written to
  365. .IR filename . pid
  366. where
  367. .I pid
  368. is the numeric process id of each process.
  369. This is incompatible with
  370. .BR \-c ,
  371. since no per-process counts are kept.
  372. One might want to consider using
  373. .BR strace-log-merge (1)
  374. to obtain a combined strace log view.
  375. .TP
  376. .BI "\-I " interruptible
  377. When
  378. .B strace
  379. can be interrupted by signals (such as pressing
  380. .BR CTRL\-C ).
  381. .RS
  382. .TP 4
  383. .B 1
  384. no signals are blocked;
  385. .TQ
  386. .B 2
  387. fatal signals are blocked while decoding syscall (default);
  388. .TQ
  389. .B 3
  390. fatal signals are always blocked (default if
  391. .BR -o " " \fIFILE\fR " " \fIPROG\fR );
  392. .TQ
  393. .B 4
  394. fatal signals and
  395. .BR SIGTSTP " (" CTRL\-Z )
  396. are always blocked (useful to make
  397. .BI "strace -o " "FILE PROG"
  398. not stop on
  399. .BR CTRL\-Z ,
  400. default if
  401. .BR \-D ).
  402. .RE
  403. .SS Filtering
  404. .TP 12
  405. \fB\-e\ trace\fR=\,\fIset\fR
  406. Trace only the specified set of system calls. The
  407. .B \-c
  408. option is useful for determining which system calls might be useful
  409. to trace. For example,
  410. .BR trace = open,close,read,write
  411. means to only
  412. trace those four system calls. Be careful when making inferences
  413. about the user/kernel boundary if only a subset of system calls
  414. are being monitored. The default is
  415. .BR trace = all .
  416. .TP
  417. \fB\-e\ trace\fR=/\,\fIregex\fR
  418. Trace only those system calls that match the
  419. .IR regex .
  420. You can use
  421. .B POSIX
  422. Extended Regular Expression syntax (see
  423. .BR regex (7)).
  424. .TP
  425. .BR "\-e\ trace" = %file
  426. .TQ
  427. .BR "\-e\ trace" = file
  428. Trace all system calls which take a file name as an argument. You
  429. can think of this as an abbreviation for
  430. .BR "\-e\ trace" = open , stat , chmod , unlink ,...
  431. which is useful to seeing what files the process is referencing.
  432. Furthermore, using the abbreviation will ensure that you don't
  433. accidentally forget to include a call like
  434. .BR lstat (2)
  435. in the list. Betchya woulda forgot that one.
  436. The syntax without a preceding percent sign
  437. .RB (\[dq] "-e trace" = file \[dq])
  438. is deprecated.
  439. .TP
  440. .BR "\-e\ trace" = %process
  441. .TQ
  442. .BR "\-e\ trace" = process
  443. Trace all system calls which involve process management. This
  444. is useful for watching the fork, wait, and exec steps of a process.
  445. The syntax without a preceding percent sign
  446. .RB (\[dq] "-e trace" = process \[dq])
  447. is deprecated.
  448. .TP
  449. .BR "\-e\ trace" = %net
  450. .TQ
  451. .BR "\-e\ trace" = %network
  452. .TQ
  453. .BR "\-e\ trace" = network
  454. Trace all the network related system calls.
  455. The syntax without a preceding percent sign
  456. .RB (\[dq] "-e trace" = network \[dq])
  457. is deprecated.
  458. .TP
  459. .BR "\-e\ trace" = %signal
  460. .TQ
  461. .BR "\-e\ trace" = signal
  462. Trace all signal related system calls.
  463. The syntax without a preceding percent sign
  464. .RB (\[dq] "-e trace" = signal \[dq])
  465. is deprecated.
  466. .TP
  467. .BR "\-e\ trace" = %ipc
  468. .TQ
  469. .BR "\-e\ trace" = ipc
  470. Trace all IPC related system calls.
  471. The syntax without a preceding percent sign
  472. .RB (\[dq] "-e trace" = ipc \[dq])
  473. is deprecated.
  474. .TP
  475. .BR "\-e\ trace" = %desc
  476. .TQ
  477. .BR "\-e\ trace" = desc
  478. Trace all file descriptor related system calls.
  479. The syntax without a preceding percent sign
  480. .RB (\[dq] "-e trace" = desc \[dq])
  481. is deprecated.
  482. .TP
  483. .BR "\-e\ trace" = %memory
  484. .TQ
  485. .BR "\-e\ trace" = memory
  486. Trace all memory mapping related system calls.
  487. The syntax without a preceding percent sign
  488. .RB (\[dq] "-e trace" = memory \[dq])
  489. is deprecated.
  490. .TP
  491. .BR "\-e\ trace" = %stat
  492. Trace stat syscall variants.
  493. .TP
  494. .BR "\-e\ trace" = %lstat
  495. Trace lstat syscall variants.
  496. .TP
  497. .BR "\-e\ trace" = %fstat
  498. Trace fstat and fstatat syscall variants.
  499. .TP
  500. .BR "\-e\ trace" = %%stat
  501. Trace syscalls used for requesting file status (stat, lstat, fstat, fstatat,
  502. statx, and their variants).
  503. .TP
  504. .BR "\-e\ trace" = %statfs
  505. Trace statfs, statfs64, statvfs, osf_statfs, and osf_statfs64 system calls.
  506. The same effect can be achieved with
  507. .BR "\-e\ trace" = /^(.*_)?statv?fs
  508. regular expression.
  509. .TP
  510. .BR "\-e\ trace" = %fstatfs
  511. Trace fstatfs, fstatfs64, fstatvfs, osf_fstatfs, and osf_fstatfs64 system calls.
  512. The same effect can be achieved with
  513. .BR "\-e\ trace" = /fstatv?fs
  514. regular expression.
  515. .TP
  516. .BR "\-e\ trace" = %%statfs
  517. Trace syscalls related to file system statistics (statfs-like, fstatfs-like,
  518. and ustat). The same effect can be achieved with
  519. .BR "\-e\ trace" = /statv?fs|fsstat|ustat
  520. regular expression.
  521. .TP
  522. .BR "\-e\ trace" = %pure
  523. Trace syscalls that always succeed and have no arguments.
  524. Currently, this list includes
  525. .BR arc_gettls "(2), " getdtablesize "(2), " getegid "(2), " getegid32 "(2),"
  526. .BR geteuid "(2), " geteuid32 "(2), " getgid "(2), " getgid32 "(2),"
  527. .BR getpagesize "(2), " getpgrp "(2), " getpid "(2), " getppid "(2),"
  528. .BR get_thread_area (2)
  529. (on architectures other than x86),
  530. .BR gettid "(2), " get_tls "(2), " getuid "(2), " getuid32 "(2),"
  531. .BR getxgid "(2), " getxpid "(2), " getxuid "(2), " kern_features "(2), and"
  532. .BR metag_get_tls "(2)"
  533. syscalls.
  534. .TP
  535. \fB\-e\ signal\fR=\,\fIset\fR
  536. Trace only the specified subset of signals. The default is
  537. .BR signal = all .
  538. For example,
  539. .BR signal "=!" SIGIO
  540. (or
  541. .BR signal "=!" io )
  542. causes
  543. .B SIGIO
  544. signals not to be traced.
  545. .TP
  546. \fB\-e\ status\fR=\,\fIset\fR
  547. Print only system calls with the specified return status. The default is
  548. .BR status = all .
  549. When using the
  550. .B status
  551. qualifier, because
  552. .B strace
  553. waits for system calls to return before deciding whether they should be printed
  554. or not, the traditional order of events may not be preserved anymore. If two
  555. system calls are executed by concurrent threads,
  556. .B strace
  557. will first print both the entry and exit of the first system call to exit,
  558. regardless of their respective entry time. The entry and exit of the second
  559. system call to exit will be printed afterwards. Here is an example when
  560. .BR select (2)
  561. is called, but a different thread calls
  562. .BR clock_gettime (2)
  563. before
  564. .BR select (2)
  565. finishes:
  566. .CW
  567. [pid 28779] 1130322148.939977 clock_gettime(CLOCK_REALTIME, {1130322148, 939977000}) = 0
  568. [pid 28772] 1130322148.438139 select(4, [3], NULL, NULL, NULL) = 1 (in [3])
  569. .CE
  570. .I set
  571. can include the following elements:
  572. .RS
  573. .TP 13
  574. .B successful
  575. Trace system calls that returned without an error code.
  576. The
  577. .B -z
  578. option has the effect of
  579. .BR status = successful .
  580. .TQ
  581. .B failed
  582. Trace system calls that returned with an error code.
  583. The
  584. .B -Z
  585. option has the effect of
  586. .BR status = failed .
  587. .TQ
  588. .B unfinished
  589. Trace system calls that did not return. This might happen, for example, due to
  590. an execve call in a neighbour thread.
  591. .TQ
  592. .B unavailable
  593. Trace system calls that returned but strace failed to fetch the error status.
  594. .TQ
  595. .B detached
  596. Trace system calls for which strace detached before the return.
  597. .RE
  598. .TP
  599. .BI "\-P " path
  600. Trace only system calls accessing
  601. .IR path .
  602. Multiple
  603. .B \-P
  604. options can be used to specify several paths.
  605. .TP
  606. .B \-z
  607. Print only syscalls that returned without an error code.
  608. .TP
  609. .B \-Z
  610. Print only syscalls that returned with an error code.
  611. .SS Output format
  612. .TP 12
  613. .BI "\-a " column
  614. Align return values in a specific column (default column 40).
  615. .TP
  616. \fB\-e\ abbrev\fR=\,\fIset\fR
  617. Abbreviate the output from printing each member of large structures.
  618. The default is
  619. .BR abbrev = all .
  620. The
  621. .B \-v
  622. option has the effect of
  623. .BR abbrev = none .
  624. .TP
  625. \fB\-e\ verbose\fR=\,\fIset\fR
  626. Dereference structures for the specified set of system calls. The
  627. default is
  628. .BR verbose = all .
  629. .TP
  630. \fB\-e\ raw\fR=\,\fIset\fR
  631. Print raw, undecoded arguments for the specified set of system calls.
  632. This option has the effect of causing all arguments to be printed
  633. in hexadecimal. This is mostly useful if you don't trust the
  634. decoding or you need to know the actual numeric value of an
  635. argument.
  636. See also
  637. .B \-X raw
  638. option.
  639. .TP
  640. \fB\-e\ read\fR=\,\fIset\fR
  641. Perform a full hexadecimal and ASCII dump of all the data read from
  642. file descriptors listed in the specified set. For example, to see
  643. all input activity on file descriptors
  644. .I 3
  645. and
  646. .I 5
  647. use
  648. \fB\-e\ read\fR=\,\fI3\fR,\fI5\fR.
  649. Note that this is independent from the normal tracing of the
  650. .BR read (2)
  651. system call which is controlled by the option
  652. .BR -e "\ " trace = read .
  653. .TP
  654. \fB\-e\ write\fR=\,\fIset\fR
  655. Perform a full hexadecimal and ASCII dump of all the data written to
  656. file descriptors listed in the specified set. For example, to see
  657. all output activity on file descriptors
  658. .I 3
  659. and
  660. .I 5
  661. use
  662. \fB\-e\ write\fR=\,\fI3\fR,\,\fI5\fR.
  663. Note that this is independent from the normal tracing of the
  664. .BR write (2)
  665. system call which is controlled by the option
  666. .BR -e "\ " trace = write .
  667. .TP
  668. .BR "\-e\ kvm" = vcpu
  669. Print the exit reason of kvm vcpu. Requires Linux kernel version 4.16.0
  670. or higher.
  671. .TP
  672. .B \-i
  673. Print the instruction pointer at the time of the system call.
  674. .if '@ENABLE_STACKTRACE_FALSE@'#' .TP
  675. .if '@ENABLE_STACKTRACE_FALSE@'#' .B \-k
  676. .if '@ENABLE_STACKTRACE_FALSE@'#' Print the execution stack trace of the traced
  677. .if '@ENABLE_STACKTRACE_FALSE@'#' processes after each system call.
  678. .TP
  679. .BI "\-o " filename
  680. Write the trace output to the file
  681. .I filename
  682. rather than to stderr.
  683. .IR filename . pid
  684. form is used if
  685. .B \-ff
  686. option is supplied.
  687. If the argument begins with '|' or '!', the rest of the
  688. argument is treated as a command and all output is piped to it.
  689. This is convenient for piping the debugging output to a program
  690. without affecting the redirections of executed programs.
  691. The latter is not compatible with
  692. .B \-ff
  693. option currently.
  694. .TP
  695. .B \-A
  696. Open the file provided in the
  697. .B \-o
  698. option in append mode.
  699. .TP
  700. .B \-q
  701. Suppress messages about attaching, detaching etc. This happens
  702. automatically when output is redirected to a file and the command
  703. is run directly instead of attaching.
  704. .TP
  705. .B \-qq
  706. If given twice, suppress messages about process exit status.
  707. .TP
  708. .B \-r
  709. Print a relative timestamp upon entry to each system call. This
  710. records the time difference between the beginning of successive
  711. system calls.
  712. Note that since
  713. .B \-r
  714. option uses the monotonic clock time for measuring time difference and not the
  715. wall clock time, its measurements can differ from the difference in time
  716. reported by the
  717. .B \-t
  718. option.
  719. .TP
  720. .BI "\-s " strsize
  721. Specify the maximum string size to print (the default is 32). Note
  722. that filenames are not considered strings and are always printed in
  723. full.
  724. .TP
  725. .B \-t
  726. Prefix each line of the trace with the wall clock time.
  727. .TP
  728. .B \-tt
  729. If given twice, the time printed will include the microseconds.
  730. .TP
  731. .B \-ttt
  732. If given thrice, the time printed will include the microseconds
  733. and the leading portion will be printed as the number
  734. of seconds since the epoch.
  735. .TP
  736. .B \-T
  737. Show the time spent in system calls. This records the time
  738. difference between the beginning and the end of each system call.
  739. .TP
  740. .B \-v
  741. Print unabbreviated versions of environment, stat, termios, etc.
  742. calls. These structures are very common in calls and so the default
  743. behavior displays a reasonable subset of structure members. Use
  744. this option to get all of the gory details.
  745. .TP
  746. .B \-x
  747. Print all non-ASCII strings in hexadecimal string format.
  748. .TP
  749. .B \-xx
  750. Print all strings in hexadecimal string format.
  751. .TP
  752. .BI "\-X " format
  753. Set the format for printing of named constants and flags.
  754. Supported
  755. .I format
  756. values are:
  757. .RS
  758. .TP 10
  759. .B raw
  760. Raw number output, without decoding.
  761. .TQ
  762. .B abbrev
  763. Output a named constant or a set of flags instead of the raw number if they are
  764. found.
  765. This is the default
  766. .B strace
  767. behaviour.
  768. .TQ
  769. .B verbose
  770. Output both the raw value and the decoded string (as a comment).
  771. .RE
  772. .TP
  773. .B \-y
  774. Print paths associated with file descriptor arguments.
  775. .TP
  776. .B \-yy
  777. Print protocol specific information associated with socket file descriptors,
  778. and block/character device number associated with device file descriptors.
  779. .SS Statistics
  780. .TP 12
  781. .B \-c
  782. Count time, calls, and errors for each system call and report a summary on
  783. program exit, suppressing the regular output.
  784. This attempts to show system time (CPU time spent running
  785. in the kernel) independent of wall clock time. If
  786. .B \-c
  787. is used with
  788. .BR \-f ,
  789. only aggregate totals for all traced processes are kept.
  790. .TP
  791. .B \-C
  792. Like
  793. .B \-c
  794. but also print regular output while processes are running.
  795. .TP
  796. .BI "\-O " overhead
  797. Set the overhead for tracing system calls to
  798. .I overhead
  799. microseconds.
  800. This is useful for overriding the default heuristic for guessing
  801. how much time is spent in mere measuring when timing system calls using
  802. the
  803. .B \-c
  804. option. The accuracy of the heuristic can be gauged by timing a given
  805. program run without tracing (using
  806. .BR time (1))
  807. and comparing the accumulated
  808. system call time to the total produced using
  809. .BR \-c .
  810. .TP
  811. .BI "\-S " sortby
  812. Sort the output of the histogram printed by the
  813. .B \-c
  814. option by the specified criterion. Legal values are
  815. .BR time " (or " time_total " or " total_time ),
  816. .BR calls " (or " count ),
  817. .BR errors " (or " error ),
  818. .BR name " (or " syscall " or " syscall_name ),
  819. and
  820. .BR nothing " (or " none );
  821. default is
  822. .BR time .
  823. .TP
  824. .B \-w
  825. Summarise the time difference between the beginning and end of
  826. each system call. The default is to summarise the system time.
  827. .SS Tampering
  828. .TP
  829. \fB\-e\ inject\fR=\,\fIset\/\fR[:\fBerror\fR=\,\fIerrno\/\fR|:\fBretval\fR=\,\fIvalue\/\fR][:\fBsignal\fR=\,\fIsig\/\fR][:\fBsyscall\fR=\fIsyscall\fR][:\fBdelay_enter\fR=\,\fIusecs\/\fR][:\fBdelay_exit\fR=\,\fIusecs\/\fR][:\fBwhen\fR=\,\fIexpr\/\fR]
  830. Perform syscall tampering for the specified set of syscalls.
  831. At least one of
  832. .BR error ,
  833. .BR retval ,
  834. .BR signal ,
  835. .BR delay_enter ,
  836. or
  837. .B delay_exit
  838. options has to be specified.
  839. .B error
  840. and
  841. .B retval
  842. are mutually exclusive.
  843. If :\fBerror\fR=\,\fIerrno\/\fR option is specified,
  844. a fault is injected into a syscall invocation:
  845. the syscall number is replaced by -1 which corresponds to an invalid syscall
  846. (unless a syscall is specified with :\fBsyscall=\fR option),
  847. and the error code is specified using a symbolic
  848. .I errno
  849. value like
  850. .B ENOSYS
  851. or a numeric value within 1..4095 range.
  852. If :\fBretval\fR=\,\fIvalue\/\fR option is specified,
  853. success injection is performed: the syscall number is replaced by -1,
  854. but a bogus success value is returned to the callee.
  855. If :\fBsignal\fR=\,\fIsig\/\fR option is specified with either a symbolic value
  856. like
  857. .B SIGSEGV
  858. or a numeric value within 1..\fBSIGRTMAX\fR range,
  859. that signal is delivered on entering every syscall specified by the
  860. .IR set .
  861. If :\fBdelay_enter\fR=\,\fIusecs\/\fR or :\fBdelay_exit\fR=\,\fIusecs\/\fR
  862. options are specified, delay injection is performed: the tracee is delayed
  863. by at least
  864. .IR usecs
  865. microseconds on entering or exiting the syscall.
  866. If :\fBsignal\fR=\,\fIsig\/\fR option is specified without
  867. :\fBerror\fR=\,\fIerrno\/\fR, :\fBretval\fR=\,\fIvalue\/\fR or
  868. :\fBdelay_{enter,exit}\fR=\,\fIusecs\/\fR options,
  869. then only a signal
  870. .I sig
  871. is delivered without a syscall fault or delay injection.
  872. Conversely, :\fBerror\fR=\,\fIerrno\/\fR or
  873. :\fBretval\fR=\,\fIvalue\/\fR option without
  874. :\fBdelay_enter\fR=\,\fIusecs\/\fR,
  875. :\fBdelay_exit\fR=\,\fIusecs\/\fR or
  876. :\fBsignal\fR=\,\fIsig\/\fR options injects a fault without delivering a signal
  877. or injecting a delay, etc.
  878. If both :\fBerror\fR=\,\fIerrno\/\fR or :\fBretval\fR=\,\fIvalue\/\fR
  879. and :\fBsignal\fR=\,\fIsig\/\fR options are specified, then both
  880. a fault or success is injected and a signal is delivered.
  881. if :\fBsyscall\fR=\fIsyscall\fR option is specified, the corresponding syscall
  882. with no side effects is injected instead of -1.
  883. Currently, only "pure" (see
  884. .BR "-e trace" = "%pure"
  885. description) syscalls can be specified there.
  886. Unless a :\fBwhen\fR=\,\fIexpr\fR subexpression is specified,
  887. an injection is being made into every invocation of each syscall from the
  888. .IR set .
  889. The format of the subexpression is one of the following:
  890. .RS
  891. .TP 12
  892. .I first
  893. For every syscall from the
  894. .IR set ,
  895. perform an injection for the syscall invocation number
  896. .I first
  897. only.
  898. .TQ
  899. \fIfirst\/\fB+\fR
  900. For every syscall from the
  901. .IR set ,
  902. perform injections for the syscall invocation number
  903. .I first
  904. and all subsequent invocations.
  905. .TQ
  906. \fIfirst\/\fB+\fIstep\fR
  907. For every syscall from the
  908. .IR set ,
  909. perform injections for syscall invocations number
  910. .IR first ,
  911. .IR first + step ,
  912. .IR first + step + step ,
  913. and so on.
  914. .RE
  915. .IP
  916. For example, to fail each third and subsequent chdir syscalls with
  917. .BR ENOENT ,
  918. use
  919. \fB\-e\ inject\fR=\,\fIchdir\/\fR:\fBerror\fR=\,\fIENOENT\/\fR:\fBwhen\fR=\,\fI3\/\fB+\fR.
  920. The valid range for numbers
  921. .I first
  922. and
  923. .I step
  924. is 1..65535.
  925. An injection expression can contain only one
  926. .BR error =
  927. or
  928. .BR retval =
  929. specification, and only one
  930. .BR signal =
  931. specification. If an injection expression contains multiple
  932. .BR when =
  933. specifications, the last one takes precedence.
  934. Accounting of syscalls that are subject to injection
  935. is done per syscall and per tracee.
  936. Specification of syscall injection can be combined
  937. with other syscall filtering options, for example,
  938. \fB\-P \fI/dev/urandom \fB\-e inject\fR=\,\fIfile\/\fR:\fBerror\fR=\,\fIENOENT\fR.
  939. .TP
  940. \fB\-e\ fault\fR=\,\fIset\/\fR[:\fBerror\fR=\,\fIerrno\/\fR][:\fBwhen\fR=\,\fIexpr\/\fR]
  941. Perform syscall fault injection for the specified set of syscalls.
  942. This is equivalent to more generic
  943. \fB\-e\ inject\fR= expression with default value of
  944. .I errno
  945. option set to
  946. .BR ENOSYS .
  947. .SS Miscellaneous
  948. .TP 12
  949. .B \-d
  950. Show some debugging output of
  951. .B strace
  952. itself on the standard error.
  953. .TP
  954. .B \-F
  955. This option is deprecated. It is retained for backward compatibility only
  956. and may be removed in future releases.
  957. Usage of multiple instances of
  958. .B \-F
  959. option is still equivalent to a single
  960. .BR \-f ,
  961. and it is ignored at all if used along with one or more instances of
  962. .B \-f
  963. option.
  964. .TP
  965. .B \-h
  966. Print the help summary.
  967. .TP
  968. .B \-V
  969. Print the version number of
  970. .BR strace .
  971. .SH DIAGNOSTICS
  972. When
  973. .I command
  974. exits,
  975. .B strace
  976. exits with the same exit status.
  977. If
  978. .I command
  979. is terminated by a signal,
  980. .B strace
  981. terminates itself with the same signal, so that
  982. .B strace
  983. can be used as a wrapper process transparent to the invoking parent process.
  984. Note that parent-child relationship (signal stop notifications,
  985. .BR getppid (2)
  986. value, etc) between traced process and its parent are not preserved
  987. unless
  988. .B \-D
  989. is used.
  990. .LP
  991. When using
  992. .B \-p
  993. without a
  994. .IR command ,
  995. the exit status of
  996. .B strace
  997. is zero unless no processes has been attached or there was an unexpected error
  998. in doing the tracing.
  999. .SH "SETUID INSTALLATION"
  1000. If
  1001. .B strace
  1002. is installed setuid to root then the invoking user will be able to
  1003. attach to and trace processes owned by any user.
  1004. In addition setuid and setgid programs will be executed and traced
  1005. with the correct effective privileges.
  1006. Since only users trusted with full root privileges should be allowed
  1007. to do these things,
  1008. it only makes sense to install
  1009. .B strace
  1010. as setuid to root when the users who can execute it are restricted
  1011. to those users who have this trust.
  1012. For example, it makes sense to install a special version of
  1013. .B strace
  1014. with mode 'rwsr-xr--', user
  1015. .B root
  1016. and group
  1017. .BR trace ,
  1018. where members of the
  1019. .B trace
  1020. group are trusted users.
  1021. If you do use this feature, please remember to install
  1022. a regular non-setuid version of
  1023. .B strace
  1024. for ordinary users to use.
  1025. .SH "MULTIPLE PERSONALITY SUPPORT"
  1026. On some architectures,
  1027. .B strace
  1028. supports decoding of syscalls for processes that use different ABI rather than
  1029. the one
  1030. .B strace
  1031. uses.
  1032. Specifically, in addition to decoding native ABI,
  1033. .B strace
  1034. can decode the following ABIs on the following architectures:
  1035. .TS H
  1036. allbox;
  1037. lb lb
  1038. l l.
  1039. Architecture ABIs supported
  1040. x86_64 i386, x32 [1]; i386 [2]
  1041. AArch64 ARM 32-bit EABI
  1042. PowerPC 64-bit [3] PowerPC 32-bit
  1043. RISC-V 64-bit RISC-V 32-bit
  1044. s390x s390
  1045. SPARC 64-bit SPARC 32-bit
  1046. TILE 64-bit TILE 32-bit
  1047. .TE
  1048. .RS 0
  1049. .TP 5
  1050. [1]
  1051. When
  1052. .B strace
  1053. is built as an x86_64 application
  1054. .TQ
  1055. [2]
  1056. When
  1057. .B strace
  1058. is built as an x32 application
  1059. .TQ
  1060. [3]
  1061. Big endian only
  1062. .RE
  1063. .PP
  1064. This support is optional and relies on ability to generate and parse structure
  1065. definitions during the build time.
  1066. Please refer to the output of the
  1067. .B strace \-V
  1068. command in order to figure out what support is available in your
  1069. .B strace
  1070. build ("non-native" refers to an ABI that differs from the ABI
  1071. .B strace
  1072. has):
  1073. .TP 15
  1074. .B m32-mpers
  1075. .B strace
  1076. can trace and properly decode non-native 32-bit binaries.
  1077. .TQ
  1078. .B no-m32-mpers
  1079. .B strace
  1080. can trace, but cannot properly decode non-native 32-bit binaries.
  1081. .TQ
  1082. .B mx32-mpers
  1083. .B strace
  1084. can trace and properly decode non-native 32-on-64-bit binaries.
  1085. .TQ
  1086. .B no-mx32-mpers
  1087. .B strace
  1088. can trace, but cannot properly decode non-native 32-on-64-bit binaries.
  1089. .PP
  1090. If the output contains neither
  1091. .B m32-mpers
  1092. nor
  1093. .BR no-m32-mpers ,
  1094. then decoding of non-native 32-bit binaries is not implemented at all
  1095. or not applicable.
  1096. .PP
  1097. Likewise, if the output contains neither
  1098. .B mx32-mpers
  1099. nor
  1100. .BR no-mx32-mpers ,
  1101. then decoding of non-native 32-on-64-bit binaries is not implemented at all
  1102. or not applicable.
  1103. .SH NOTES
  1104. It is a pity that so much tracing clutter is produced by systems
  1105. employing shared libraries.
  1106. .LP
  1107. It is instructive to think about system call inputs and outputs
  1108. as data-flow across the user/kernel boundary. Because user-space
  1109. and kernel-space are separate and address-protected, it is
  1110. sometimes possible to make deductive inferences about process
  1111. behavior using inputs and outputs as propositions.
  1112. .LP
  1113. In some cases, a system call will differ from the documented behavior
  1114. or have a different name. For example, the
  1115. .BR faccessat (2)
  1116. system call does not have
  1117. .I flags
  1118. argument, and the
  1119. .BR setrlimit (2)
  1120. library function uses
  1121. .BR prlimit64 (2)
  1122. system call on modern (2.6.38+) kernels. These
  1123. discrepancies are normal but idiosyncratic characteristics of the
  1124. system call interface and are accounted for by C library wrapper
  1125. functions.
  1126. .LP
  1127. Some system calls have different names in different architectures and
  1128. personalities. In these cases, system call filtering and printing
  1129. uses the names that match corresponding
  1130. .BR __NR_ *
  1131. kernel macros of the tracee's architecture and personality.
  1132. There are two exceptions from this general rule:
  1133. .BR arm_fadvise64_64 (2)
  1134. ARM syscall and
  1135. .BR xtensa_fadvise64_64 (2)
  1136. Xtensa syscall are filtered and printed as
  1137. .BR fadvise64_64 (2).
  1138. .LP
  1139. On x32, syscalls that are intended to be used by 64-bit processes and not x32
  1140. ones (for example,
  1141. .BR readv (2),
  1142. that has syscall number 19 on x86_64, with its x32 counterpart has syscall
  1143. number 515), but called with
  1144. .B __X32_SYSCALL_BIT
  1145. flag being set, are designated with
  1146. .B "#64"
  1147. suffix.
  1148. .LP
  1149. On some platforms a process that is attached to with the
  1150. .B \-p
  1151. option may observe a spurious
  1152. .B EINTR
  1153. return from the current system call that is not restartable.
  1154. (Ideally, all system calls should be restarted on
  1155. .B strace
  1156. attach, making the attach invisible
  1157. to the traced process, but a few system calls aren't.
  1158. Arguably, every instance of such behavior is a kernel bug.)
  1159. This may have an unpredictable effect on the process
  1160. if the process takes no action to restart the system call.
  1161. .LP
  1162. As
  1163. .B strace
  1164. executes the specified
  1165. .I command
  1166. directly and does not employ a shell for that, scripts without shebang
  1167. that usually run just fine when invoked by shell fail to execute with
  1168. .B ENOEXEC
  1169. error.
  1170. It is advisable to manually supply a shell as a
  1171. .I command
  1172. with the script as its argument.
  1173. .SH BUGS
  1174. Programs that use the
  1175. .I setuid
  1176. bit do not have
  1177. effective user
  1178. .SM ID
  1179. privileges while being traced.
  1180. .LP
  1181. A traced process runs slowly.
  1182. .LP
  1183. Traced processes which are descended from
  1184. .I command
  1185. may be left running after an interrupt signal
  1186. .RB ( CTRL\-C ).
  1187. .SH HISTORY
  1188. The original
  1189. .B strace
  1190. was written by Paul Kranenburg
  1191. for SunOS and was inspired by its
  1192. .B trace
  1193. utility.
  1194. The SunOS version of
  1195. .B strace
  1196. was ported to Linux and enhanced
  1197. by Branko Lankester, who also wrote the Linux kernel support.
  1198. Even though Paul released
  1199. .B strace
  1200. 2.5 in 1992,
  1201. Branko's work was based on Paul's
  1202. .B strace
  1203. 1.5 release from 1991.
  1204. In 1993, Rick Sladkey merged
  1205. .B strace
  1206. 2.5 for SunOS and the second release of
  1207. .B strace
  1208. for Linux, added many of the features of
  1209. .BR truss (1)
  1210. from SVR4, and produced an
  1211. .B strace
  1212. that worked on both platforms. In 1994 Rick ported
  1213. .B strace
  1214. to SVR4 and Solaris and wrote the
  1215. automatic configuration support. In 1995 he ported
  1216. .B strace
  1217. to Irix
  1218. and tired of writing about himself in the third person.
  1219. .PP
  1220. Beginning with 1996,
  1221. .B strace
  1222. was maintained by Wichert Akkerman.
  1223. During his tenure,
  1224. .B strace
  1225. development migrated to CVS; ports to FreeBSD and many architectures on Linux
  1226. (including ARM, IA-64, MIPS, PA-RISC, PowerPC, s390, SPARC) were introduced.
  1227. In 2002, the burden of
  1228. .B strace
  1229. maintainership was transferred to Roland McGrath.
  1230. Since then,
  1231. .B strace
  1232. gained support for several new Linux architectures (AMD64, s390x, SuperH),
  1233. bi-architecture support for some of them, and received numerous additions and
  1234. improvements in syscalls decoders on Linux;
  1235. .B strace
  1236. development migrated to
  1237. .B git
  1238. during that period.
  1239. Since 2009,
  1240. .B strace
  1241. is actively maintained by Dmitry Levin.
  1242. .B strace
  1243. gained support for AArch64, ARC, AVR32, Blackfin, Meta, Nios II, OpenSISC 1000,
  1244. RISC-V, Tile/TileGx, Xtensa architectures since that time.
  1245. In 2012, unmaintained and apparently broken support for non-Linux operating
  1246. systems was removed.
  1247. Also, in 2012
  1248. .B strace
  1249. gained support for path tracing and file descriptor path decoding.
  1250. In 2014, support for stack traces printing was added.
  1251. In 2016, syscall fault injection was implemented.
  1252. .PP
  1253. For the additional information, please refer to the
  1254. .B NEWS
  1255. file and
  1256. .B strace
  1257. repository commit log.
  1258. .SH REPORTING BUGS
  1259. Problems with
  1260. .B strace
  1261. should be reported to the
  1262. .B strace
  1263. mailing list at <strace\-devel@lists.strace.io>.
  1264. .SH "SEE ALSO"
  1265. .BR strace-log-merge (1),
  1266. .BR ltrace (1),
  1267. .BR perf-trace (1),
  1268. .BR trace-cmd (1),
  1269. .BR time (1),
  1270. .BR ptrace (2),
  1271. .BR proc (5)
  1272. .PP
  1273. .UR https://strace.io/
  1274. .B strace
  1275. Home Page
  1276. .UE
  1277. .SH AUTHORS
  1278. The complete list of
  1279. .B strace
  1280. contributors can be found in the
  1281. .B CREDITS
  1282. file.