KTRACE(9) BSD Kernel Manual KTRACE(9)NAME
ktrcsw, ktremul, ktrgenio, ktrnamei, ktrpsig, ktrsyscall, ktrsysret,
KTRPOINT - process tracing kernel interface
SYNOPSIS
#include <sys/param.h>
#include <sys/proc.h>
#include <sys/ktrace.h>
KTRPOINT(struct proc *p, int type);
void
ktrcsw(struct proc *p, int out, int user);
void
ktremul(struct proc *p, char *emul);
void
ktrgenio(struct proc *p, int fd, enum uio_rw rw, struct iovec *iov,
int len, int error);
void
ktrnamei(struct proc *p, char *path);
void
ktrpsig(struct proc *p, int sig, sig_t action, int mask, int code,
siginfo_t *si);
void
ktrsyscall(struct proc *p, register_t code, size_t argsize,
register_t args[]);
void
ktrsysret(struct proc *p, register_t code, int error, register_t retval);
DESCRIPTION
This interface is meant for kernel subsystems and machine dependent code
to inform the user about the events occurring to the process should trac-
ing of such be enabled using the ktrace(2) system call. Each of the func-
tions (except for KTRPOINT) is meant for a particular type of event and
is described below.
The KTRPOINT() macro should be used before calling any of the other trac-
ing functions to verify that tracing for that particular type of events
has been enabled. Possible values for the type argument are a mask of the
KTRFAC_ values described in ktrace(2).
ktrcsw() is called during the context switching. The user argument is a
boolean value specifying whether the process has been put into a waiting
state (true) or placed onto a running queue (false). Furthermore the user
argument indicates whether a voluntary (false) or an involuntary (true)
switching has happened.
ktremul() should be called every time emulation for the execution en-
vironment is changed and thus the name of which is given in the name ar-
gument.
ktrgenio() should be called for each generic input/output transaction
that is described by the fd file descriptor, rw transaction type (consult
sys/sys/uio.h for the enum uio_rw definition), iov input/output data vec-
tor, len size of the iov vector, and, lastly, error status of the tran-
saction.
ktrnamei() should be called every time a namei(9) operation is performed
over the path name.
ktrpsig() should be called for each signal sig posted for the traced pro-
cess. The action taken is one of SIG_DFL, SIG_IGN, or SIG_ERR as
described in the sigaction(2) document. mask is the current traced pro-
cess' signal mask. Signal-specific code and siginfo_t structure as
described in <sys/siginfo.h> are given in the code and si arguments
respectively.
ktrsyscall() should be called for each system call number code executed
with arguments in args of total count of argsize.
ktrsysret() should be called for a return from each system call number
code and error number of error as described in errno(2) and a return
value in retval that is syscall dependent.
CODE REFERENCES
The process tracing facility is implemented in sys/kern/kern_ktrace.c.
SEE ALSOerrno(2), ktrace(2), syscall(2), namei(9), syscall(9)HISTORY
The process tracing facility first appeared in 4.4BSD.
The ktrace section manual page appeared in OpenBSD 3.4.
MirOS BSD #10-current July 21, 2003 1
