man.bsd.lv manual page server

Manual Page Search Parameters

KTRACE(1) General Commands Manual KTRACE(1)

ktraceenable kernel process tracing

ktrace [-aCcdi] [-f trfile] [-g pgrp | -p pid] [-t trstr]

ktrace [-adi] [-f trfile] [-t trstr] command

The ktrace utility enables kernel trace logging for the specified processes. By default, kernel trace data is logged to the file ktrace.out, this may be overridden by the -f option. The kernel operations that are traced include system calls, namei translations, signal processing, and I/O.

Once tracing is enabled on a process, trace data will be logged until either the process exits or the trace point is cleared. A traced process can generate enormous amounts of log data quickly; It is strongly suggested that users memorize how to disable tracing before attempting to trace a process. The following command is sufficient to disable tracing on all user owned processes, and, if executed by root, all processes:

$ ktrace -C

The trace file is not human readable; use kdump(1) to decode it.

The options are as follows:

Append to the trace file instead of recreating it.
Disable tracing on all user owned processes, and, if executed by root, all processes in the system.
Clear the trace points associated with the specified file or processes.
Descendants; perform the operation for all current children of the designated processes.
trfile
Log trace records to trfile instead of ktrace.out.
pgid
Enable (disable) tracing on all processes in the process group (only one -g flag is permitted).
Inherit; pass the trace flags to all future children of the designated processes.
pid
Enable (disable) tracing on the indicated process id (only one -p flag is permitted).
trstr
The string argument represents the kernel trace points, one per letter. The following table equates the letters with the tracepoints:

trace system calls
trace namei translations
trace I/O
trace signal processing
userland traces
context switches
trace the default set of trace points - c, n, i, s, u
command
Execute command with the specified trace flags.

The -p, -g, and command options are mutually exclusive.

ktrace.out
default ktrace dump file

# trace all kernel operations of process id 34

$ ktrace -p 34

# trace all kernel operations of processes in process group 15 and # pass the trace flags to all current and future children

$ ktrace -idg 15

# disable all tracing of process 65

$ ktrace -cp 65

# disable tracing signals on process 70 and all current children

$ ktrace -t s -cdp 70

# enable tracing of I/O on process 67

$ ktrace -ti -p 67

# run the command "w", tracing only system calls

$ ktrace -tc w

# disable all tracing to the file "tracedata"

$ ktrace -c -f tracedata

# disable tracing of all processes owned by the user

$ ktrace -C

kdump(1), ktrace(2), utrace(2)

The ktrace command appeared in 4.4BSD.

Only works if trfile is a regular file.

October 5, 2017 DragonFly-5.6.1