OpenBSD manual page server

Manual Page Search Parameters

KTRACE(9) Kernel Developer's Manual KTRACE(9)

ktrcsw, ktremul, ktrgenio, ktrnamei, ktrpsig, ktrsyscall, ktrsysret, KTRPOINTprocess tracing kernel interface

#include <sys/param.h>
#include <sys/proc.h>
#include <sys/ktrace.h>

KTRPOINT(struct proc *p, int type);

void
ktrcsw(struct proc *p, int out, int user);

void
ktremul(struct proc *p, char *emul);

void
ktrgenio(struct proc *p, int fd, enum uio_rw rw, struct iovec *iov, int len, int error);

void
ktrnamei(struct proc *p, char *path);

void
ktrpsig(struct proc *p, int sig, sig_t action, int mask, int code, siginfo_t *si);

void
ktrsyscall(struct proc *p, register_t code, size_t argsize, register_t args[]);

void
ktrsysret(struct proc *p, register_t code, int error, register_t retval);

This interface is meant for kernel subsystems and machine dependent code to inform the user about the events occurring to the process should tracing of such be enabled using the ktrace(2) system call. Each of the functions (except for KTRPOINT) is meant for a particular type of event and is described below.

The () macro should be used before calling any of the other tracing functions to verify that tracing for that particular type of events has been enabled. Possible values for the type argument are a mask of the KTRFAC_ values described in ktrace(2).

() is called during the context switching. The user argument is a boolean value specifying whether the process has been put into a waiting state (true) or placed onto a running queue (false). Furthermore the user argument indicates whether a voluntary (false) or an involuntary (true) switching has happened.

() should be called every time emulation for the execution environment is changed and thus the name of which is given in the name argument.

() should be called for each generic input/output transaction that is described by the fd file descriptor, rw transaction type (consult sys/sys/uio.h for the enum uio_rw definition), iov input/output data vector, len size of the iov vector, and, lastly, error status of the transaction.

() should be called every time a namei(9) operation is performed over the path name.

() should be called for each signal sig posted for the traced process. The action taken is one of SIG_DFL, SIG_IGN, or SIG_ERR as described in the sigaction(2) document. mask is the current traced process' signal mask. Signal-specific code and structure as described in ⟨sys/siginfo.h⟩ are given in the code and si arguments respectively.

() should be called for each system call number code executed with arguments in args of total count of argsize.

() should be called for a return from each system call number code and error number of error as described in errno(2) and a return value in retval that is syscall dependent.

The process tracing facility is implemented in sys/kern/kern_ktrace.c.

errno(2), ktrace(2), syscall(2), namei(9), syscall(9)

The process tracing facility first appeared in 4.4BSD.

The ktrace section manual page appeared in OpenBSD 3.4.

May 31, 2007 OpenBSD-5.1