NAME

kdump - display kernel trace data

SYNOPSIS

kdump [-dlNnRT] [-e emulation] [-f file] [-m maxdata] [-p pid] [-t trstr] [-x | -X size] [file]

DESCRIPTION

kdump displays the kernel trace files produced with ktrace(1) in human readable format. The file ktrace.out in the current directory is displayed, unless either the -f option is used, or a file name is supplied as the last argument.

The options are as follows:

-d
Display all numbers in decimal.

-e emulation
If an emulation of a process is unknown, interpret system call maps assuming the named emulation instead of default "netbsd".

-f file
Display the specified file instead of ktrace.out.

-l
Loop reading the trace file, once the end-of-file is reached, waiting for more data.

-m maxdata
Display at most maxdata bytes when decoding I/O.

-N
Suppress system call number-to-name translation.

-n
Suppress ad hoc translations. Normally kdump tries to decode many system calls into a more human readable format. For example, ioctl(2) values are replaced with the macro name and errno values are replaced with the strerror(3) string. Suppressing this feature yields a more consistent output format and is easily amenable to further processing.

-p pid
Only display records from the trace file that are for the indicated pid.

-R
Display relative timestamps (time since previous entry).

-T
Display absolute timestamps for each entry (seconds since epoch).

-t trstr
Restrict display to the specified set of kernel trace points. The default is to display everything in the file. See the -t option of ktrace(1).

-x
Display GIO data in hex and ascii instead of vis(3) format.

-X size
Same as -x but display hex values by groups of size bytes. Supported values are 1, 2, 4, 8, and 16.

SEE ALSO

ktrace(1)

HISTORY

The kdump command appears in 4.4BSD.