ktrace(1) | enable kernel process tracing |
ktrace(2) | process tracing |
ktrace, ktrgenio, ktrnamei, KTRPOINT, ktrpsig, ktrsyscall, ktrsysret(9) | process tracing kernel interface |
KTRACE(1) | General Commands Manual | KTRACE(1) |
ktrace
— enable
kernel process tracing
ktrace |
[-aCcdi ] [-f
trfile] [-g
pgid] [-p
pid] [-t
trstr] |
ktrace |
[-aBdiT ] [-f
trfile] [-t
trstr] command |
ktrace
enables kernel trace logging for
the specified processes. By default, kernel trace data is logged to the file
ktrace.out, unless overridden by the
-f
option. The kernel operations traced are system
calls, namei translations, signal processing and I/O.
Once tracing is enabled on a process, trace data will be logged until either the process exits or the trace point is cleared. A traced process can generate enormous amounts of log data quickly; it is strongly suggested that users memorize how to disable tracing before attempting to trace a process. The following command is sufficient to disable tracing on all user owned processes and, if executed by root, all processes:
$ ktrace -C
The trace file is not human-readable; use kdump(1) to decode it.
The options are as follows:
-a
-B
LD_BIND_NOW
environment variable to
specify that the dynamic linker should process relocations immediately
instead of as they are encountered. This eliminates the resulting
ld.so(1) relocation
sequences.-C
-c
-d
-f
trfile-g
pgid-g
flag is permitted).-i
-p
pid-p
flag is permitted).-T
-t
trstrX
are enabled.
The -p
, -g
, and
command options are mutually exclusive.
Trace all kernel operations of process ID 34:
$ ktrace -p 34
Trace all kernel operations of processes in process group 15 and pass the trace flags to all current and future children:
$ ktrace -idg 15
Disable all tracing of process 65:
$ ktrace -cp 65
Disable tracing signals on process 70 and all current children:
$ ktrace -t s -cdp 70
Enable tracing of I/O on process 67:
$ ktrace -ti -p 67
Run the command w(1), tracing only system calls:
$ ktrace -tc w
Disable all tracing to the file "tracedata":
$ ktrace -c -f tracedata
Disable tracing of all processes owned by the user:
$ ktrace -C
The ktrace
command appeared in
4.4BSD.
July 16, 2020 | OpenBSD-7.1 |