man.bsd.lv manual page server

KTRACE(1) General Commands Manual KTRACE(1)

NAME

ktrace — enable kernel process tracing

SYNOPSIS

ktrace [-aCcdi] [-f trfile] [-g pgrp | -p pid] [-t trstr]

ktrace [-adi] [-f trfile] [-t trstr] command

DESCRIPTION

The ktrace utility enables kernel trace logging for the specified processes. By default, kernel trace data is logged to the file ktrace.out, this may be overridden by the -f option. The kernel operations that are traced include system calls, namei translations, signal processing, and I/O.

Once tracing is enabled on a process, trace data will be logged until either the process exits or the trace point is cleared. A traced process can generate enormous amounts of log data quickly; It is strongly suggested that users memorize how to disable tracing before attempting to trace a process. The following command is sufficient to disable tracing on all user owned processes, and, if executed by root, all processes:

$ ktrace -C

The trace file is not human readable; use kdump(1) to decode it.

The options are as follows:

Append to the trace file instead of recreating it.

Disable tracing on all user owned processes, and, if executed by root, all processes in the system.

Clear the trace points associated with the specified file or processes.

Descendants; perform the operation for all current children of the designated processes.

-f trfile

Log trace records to trfile instead of ktrace.out.

-g pgid

Enable (disable) tracing on all processes in the process group (only one -g flag is permitted).

Inherit; pass the trace flags to all future children of the designated processes.

-p pid

Enable (disable) tracing on the indicated process id (only one -p flag is permitted).

-t trstr

The string argument represents the kernel trace points, one per letter. The following table equates the letters with the tracepoints:

c: trace system calls
n: trace namei translations
i: trace I/O
s: trace signal processing
u: userland traces
w: context switches
+: trace the default set of trace points - c, n, i, s, u

command

Execute command with the specified trace flags.

The -p, -g, and command options are mutually exclusive.

FILES

ktrace.out: default ktrace dump file

EXAMPLES

# trace all kernel operations of process id 34

$ ktrace -p 34

# trace all kernel operations of processes in process group 15 and # pass the trace flags to all current and future children

$ ktrace -idg 15

# disable all tracing of process 65

$ ktrace -cp 65

# disable tracing signals on process 70 and all current children

$ ktrace -t s -cdp 70

# enable tracing of I/O on process 67

$ ktrace -ti -p 67

# run the command "w", tracing only system calls

$ ktrace -tc w

# disable all tracing to the file "tracedata"

$ ktrace -c -f tracedata

# disable tracing of all processes owned by the user

$ ktrace -C

SEE ALSO

kdump(1), ktrace(2), utrace(2)

HISTORY

The ktrace command appeared in 4.4BSD.

BUGS

Only works if trfile is a regular file.

October 5, 2017 DragonFly-5.6.1