NAME
kdump
- display kernel trace data
SYNOPSIS
kdump
[-dlNnRT]
[-e emulation]
[-f file]
[-m maxdata]
[-p pid]
[-t trstr]
[-x | -X size]
[file]
DESCRIPTION
kdump
displays the kernel trace files produced with
ktrace(1)
in human readable format.
The file
ktrace.out
in the current directory is displayed, unless either the
-f
option is used, or a file name is supplied as the last argument.
The options are as follows:
- -d
-
Display all numbers in decimal.
- -e emulation
-
If an emulation of a process is unknown,
interpret system call maps assuming the named emulation instead of
default "netbsd".
- -f file
-
Display the specified file instead of
ktrace.out
.
- -l
-
Loop reading the trace file, once the end-of-file is reached, waiting for
more data.
- -m maxdata
-
Display at most
maxdata
bytes when decoding
I/O.
- -N
-
Suppress system call number-to-name translation.
- -n
-
Suppress ad hoc translations.
Normally
kdump
tries to decode many system calls into a more human readable format.
For example,
ioctl(2)
values are replaced with the macro name and
errno
values are replaced with the
strerror(3)
string.
Suppressing this feature yields a more consistent output format and is
easily amenable to further processing.
- -p pid
-
Only display records from the trace file that are for the indicated pid.
- -R
-
Display relative timestamps (time since previous entry).
- -T
-
Display absolute timestamps for each entry (seconds since epoch).
- -t trstr
-
Restrict display to the specified set of kernel trace points.
The default is to display everything in the file.
See the
-t
option of
ktrace(1).
- -x
-
Display GIO data in hex and ascii instead of
vis(3)
format.
- -X size
-
Same as
-x
but display hex values by groups of
size
bytes.
Supported values are 1, 2, 4, 8, and 16.
SEE ALSO
ktrace(1)
HISTORY
The
kdump
command appears in
4.4BSD.