Run set -x to get a trace of every shell command, even those executed by the completion framework.
Run strace -f -p 1234 from another shell to see a trace of system calls. If you get the error “Operation not permitted”, it may be due to a security restriction that restricts the ptrace system call to children of the tracing process.¹ To disable this restriction, run sysctl kernel.yama.ptrace_scope=0 as root. See https://askubuntu.com/questions/41629/after-upgrade-gdb-wont-attach-to-process for more information. Alternatively, you can still start a shell with strace -T -f -o strace.bash bash (-T adds the time spent in each system call) and do your experiments from there.
¹ This restriction limits the impact of running a malicious application from your account. It's only effective if coupled with many other restrictions (typically effected with SELinux or AppArmor), in particular to limit the restricted process to a small set of files. Even in restricted ptrace mode, the typical use case for ptrace, which is for a debugger to debug a child process, remains allowed.
