kdump —
display kernel trace data
  
    | kdump | [ -dElNnRT] [-eemulation] [-ffile] [-mmaxdata] [-ppid] [-ttrstr] [-x|-Xsize]
      [file] | 
kdump displays the kernel trace files produced with
  ktrace(1) in human readable
  format. The file ktrace.out in the current directory
  is displayed, unless either the -f option is used, or
  a file name is supplied as the last argument.
The options are as follows:
  - -d
- Display all numbers in decimal.
- -E
- Display elapsed timestamps (time since beginning of trace).
- -eemulation
- If an emulation of a process is unknown, interpret system call maps
      assuming the named emulation instead of default "netbsd".
- -ffile
- Display the specified file instead of
    ktrace.out.
- -l
- Loop reading the trace file, once the end-of-file is reached, waiting for
      more data.
- -mmaxdata
- Display at most maxdata bytes when decoding
    I/O.
- -N
- Suppress system call number-to-name translation.
- -n
- Suppress ad hoc translations. Normally kdumptries
      to decode many system calls into a more human readable format. For
      example, ioctl(2) values are
      replaced with the macro name and errno values are
      replaced with the
      strerror(3) string.
      Suppressing this feature yields a more consistent output format and is
      easily amenable to further processing.
- -ppid
- Only display records from the trace file that are for the indicated
    pid.
- -R
- Display relative timestamps (time since previous entry).
- -T
- Display absolute timestamps for each entry (seconds since epoch).
- -ttrstr
- Restrict display to the specified set of kernel trace points. The default
      is to display everything in the file. See the -toption of ktrace(1).
- -x
- Display GIO data in hex and ascii instead of
      vis(3) format.
- -Xsize
- Same as -xbut display hex values by groups of
      size bytes. Supported values are 1, 2, 4, 8, and
    16.
Thekdump command appears in
  4.4BSD.