'\" t
.\" Title: libtracefs
.\" Author: [see the "AUTHOR" section]
.\" Generator: DocBook XSL Stylesheets vsnapshot
.\" Date: 10/08/2022
.\" Manual: libtracefs Manual
.\" Source: libtracefs 1.5.0
.\" Language: English
.\"
.TH "LIBTRACEFS" "3" "10/08/2022" "libtracefs 1\&.5\&.0" "libtracefs Manual"
.\" -----------------------------------------------------------------
.\" * Define some portability stuff
.\" -----------------------------------------------------------------
.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
.\" http://bugs.debian.org/507673
.\" http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html
.\" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
.ie \n(.g .ds Aq \(aq
.el .ds Aq '
.\" -----------------------------------------------------------------
.\" * set default formatting
.\" -----------------------------------------------------------------
.\" disable hyphenation
.nh
.\" disable justification (adjust text to left margin only)
.ad l
.\" -----------------------------------------------------------------
.\" * MAIN CONTENT STARTS HERE *
.\" -----------------------------------------------------------------
.SH "NAME"
tracefs_dynevent_create, tracefs_dynevent_destroy, tracefs_dynevent_destroy_all, tracefs_dynevent_free, tracefs_dynevent_list_free, tracefs_dynevent_get, tracefs_dynevent_get_all, tracefs_dynevent_info, tracefs_dynevent_get_event \- Create, destroy, free and get dynamic events\&.
.SH "SYNOPSIS"
.sp
.nf
\fB#include \fR
struct \fBtracefs_dynevent\fR;
enum \fBtracefs_dynevent_type\fR;
int \fBtracefs_dynevent_create\fR(struct tracefs_dynevent *\fIdevent\fR);
int \fBtracefs_dynevent_destroy\fR(struct tracefs_dynevent *\fIdevent\fR, bool \fIforce\fR);
int \fBtracefs_dynevent_destroy_all\fR(unsigned int \fItypes\fR, bool \fIforce\fR);
void \fBtracefs_dynevent_free\fR(struct tracefs_dynevent *\fIdevent\fR);
void \fBtracefs_dynevent_list_free\fR(struct tracefs_dynevent **\fIevents\fR);
struct tracefs_dynevent *\fBtracefs_dynevent_get\fR(enum tracefs_dynevent_type \fItype\fR, const char *\fIsystem\fR, const char *\fIevent\fR);
struct tracefs_dynevent **\fBtracefs_dynevent_get_all\fR(unsigned int \fItypes\fR, const char *\fIsystem\fR);
enum tracefs_dynevent_type \fBtracefs_dynevent_info\fR(struct tracefs_dynevent *\fIdynevent\fR, char **\fIsystem\fR, char **\fIevent\fR, char **\fIprefix\fR, char **\fIaddr\fR, char **\fIformat\fR);
struct tep_event *\fBtracefs_dynevent_get_event\fR(struct tep_handle *\fItep\fR, struct tracefs_dynevent *\fIdynevent\fR);
.fi
.SH "DESCRIPTION"
.sp
The \fBtracefs_dynevent_create\fR() function creates dynamic event \fIdevent\fR in the system\&.
.sp
The \fBtracefs_dynevent_destroy\fR() function removes dynamic event \fIdevent\fR from the system\&. If \fIforce\fR is true, the function will attempt to disable all events in all trace instances, before removing the dynamic event\&. The \fIdevent\fR context is not freed, use \fBtracefs_dynevent_free\fR() to free it\&.
.sp
The \fBtracefs_dynevent_destroy_all\fR() function removes all dynamic events of given types from the system\&. The \fItypes\fR parameter is a type of specific dynamic event, or a bitmask of dynamic events types \fBtracefs_dynevent_type\fR, that will be removed\&. If \fItypes\fR is 0, dynamic events from all types will be removed\&. If \fIforce\fR is true, the function will attempt to disable all events in all trace instances, before removing the dynamic events\&.
.sp
The \fBtracefs_dynevent_get\fR() function allocates and returns a single instance of a dynamic event that matches the given \fBtype\fR, \fBsystem\fR and \fBevent\fR that is passed to it\&. NULL is returned if there is no match\&. The returned event is what is found in the system, and must be freed with \fBtracefs_dynevent_free\fR()\&. If \fBsystem\fR is NULL, then the first \fBevent\fR of any system of the given type that has the name of \fBevent\fR will be returned\&.
.sp
The \fBtracefs_dynevent_get_all\fR() function allocates and returns an array of pointers to dynamic events of given types that exist in the system\&. The last element of the array is a NULL pointer\&. The array must be freed with \fBtracefs_dynevent_list_free\fR()\&. If there are no events a NULL pointer is returned\&. The \fItypes\fR parameter is a type of specific dynamic event, or a bitmask of dynamic events types \fBtracefs_dynevent_type\fR, that will be retrieved\&. If \fItypes\fR is 0, dynamic events from all types will be retrieved\&.
.sp
The \fBtracefs_dynevent_free\fR() function frees a dynamic event context \fIdevent\fR\&.
.sp
The \fBtracefs_dynevent_list_free\fR() function frees an array of pointers to dynamic event, returned by \fBtracefs_dynevent_get_all()\fR API\&.
.sp
The \fBtracefs_dynevent_info\fR() function returns the type and information of a given dynamic event \fIdynevent\fR\&. If any of the \fIsystem\fR, \fIevent\fR, \fIprefix\fR, \fIaddr\fR or \fIformat\fR arguments are not NULL, then strings are allocated and returned back via these arguments\&. The \fIsystem\fR and \fIevent\fR holds the system and the name of the dynamic event\&. If \fIprefix\fR is non NULL, then it will hold an allocated string that holds the prefix portion of the dynamic event (the content up to the ":", exluding it)\&. If \fIaddr\fR is non NULL, it will hold the address or function that the dynamic event is attached to, if relevant for this event type\&. If \fIformat\fR is non NULL, it will hold the format string of the dynamic event\&. Note, that the content in \fIgroup\fR, \fIevent\fR, \fIprefix\fR, \fIaddr\fR, and \fIformat\fR must be freed with free(3) if they are set\&.
.sp
The \fBtracefs_dynevent_get_event\fR() function returns a tep event, describing the given dynamic event\&. The API detects any newly created or removed dynamic events\&. The returned pointer to tep event is controlled by @tep and must not be freed\&.
.SH "RETURN VALUE"
.sp
\fBtracefs_dynevent_create\fR() returns 0 on success, or \-1 on error\&. If a parsing error occurs then \fBtracefs_error_last\fR(3) may be used to retrieve the error message explaining the parsing issue\&.
.sp
\fBtracefs_dynevent_destroy\fR() and \fBtracefs_dynevent_destroy_all\fR() return 0 on success, or \-1 on error\&. If \fIforce\fR is enabled, the functions may fail on disabling the events\&.
.sp
\fBtracefs_dynevent_get\fR() function returns an allocated dynamic event from the system that matches the type, system and event given\&.
.sp
\fBtracefs_dynevent_get_all\fR() function returns allocated array of pointers to dynamic events, or NULL in case of an error or in case there are no events in the system\&. That array must be freed by \fBtracefs_dynevent_list_free\fR()\&.
.sp
\fBtracefs_dynevent_info\fR() returns the type of the given dynamic event or TRACEFS_DYNEVENT_UNKNOWN on error\&. If \fIsystem\fR, \fIevent\fR, \fIprefix\fR, \fIaddr\fR, or \fIformat\fR are non NULL, they will contain allocated strings that must be freed by free(3)\&.
.sp
The \fBtracefs_dynevent_get_event\fR() function returns a pointer to a tep event or NULL in case of an error or if the requested dynamic event is missing\&. The returned pointer to tep event is controlled by @tep and must not be freed\&.
.SH "ERRORS"
.sp
The following errors are for all the above calls:
.sp
\fBENODEV\fR dynamic events of requested type are not configured for the running kernel\&.
.sp
\fBENOMEM\fR Memory allocation error\&.
.sp
\fBtracefs_dynevent_create\fR() can fail with the following errors:
.sp
\fBEINVAL\fR Most likely a parsing error occurred (use \fBtracefs_error_last\fR(3) to possibly see what that error was)\&.
.sp
Other errors may also happen caused by internal system calls\&.
.SH "EXAMPLE"
.sp
.if n \{\
.RS 4
.\}
.nf
#include
#include
#include
#include
static struct tep_event *open_event;
static struct tep_format_field *file_field;
static struct tep_event *openret_event;
static struct tep_format_field *ret_field;
static int callback(struct tep_event *event, struct tep_record *record,
int cpu, void *data)
{
struct trace_seq seq;
trace_seq_init(&seq);
tep_print_event(event\->tep, &seq, record, "%d\-%s: ", TEP_PRINT_PID, TEP_PRINT_COMM);
if (event\->id == open_event\->id) {
trace_seq_puts(&seq, "open file=\*(Aq");
tep_print_field(&seq, record\->data, file_field);
trace_seq_puts(&seq, "\*(Aq\en");
} else if (event\->id == openret_event\->id) {
unsigned long long ret;
tep_read_number_field(ret_field, record\->data, &ret);
trace_seq_printf(&seq, "open ret=%lld\en", ret);
} else {
goto out;
}
trace_seq_terminate(&seq);
trace_seq_do_printf(&seq);
out:
trace_seq_destroy(&seq);
return 0;
}
static pid_t run_exec(char **argv, char **env)
{
pid_t pid;
pid = fork();
if (pid)
return pid;
execve(argv[0], argv, env);
perror("exec");
exit(\-1);
}
const char *mykprobe = "my_kprobes";
int main (int argc, char **argv, char **env)
{
struct tracefs_dynevent *kprobe, *kretprobe;
const char *sysnames[] = { mykprobe, NULL };
struct tracefs_instance *instance;
struct tep_handle *tep;
pid_t pid;
if (argc < 2) {
printf("usage: %s command\en", argv[0]);
exit(\-1);
}
instance = tracefs_instance_create("exec_open");
if (!instance) {
perror("creating instance");
exit(\-1);
}
tracefs_dynevent_destroy_all(TRACEFS_DYNEVENT_KPROBE | TRACEFS_DYNEVENT_KRETPROBE, true);
kprobe = tracefs_kprobe_alloc(mykprobe, "open", "do_sys_openat2",
"file=+0($arg2):ustring flags=+0($arg3):x64 mode=+8($arg3):x64\en");
kretprobe = tracefs_kretprobe_alloc(mykprobe, "openret", "do_sys_openat2", "ret=%ax", 0);
if (!kprobe || !kretprobe) {
perror("allocating dynamic events");
exit(\-1);
}
if (tracefs_dynevent_create(kprobe) || tracefs_dynevent_create(kretprobe)){
char *err = tracefs_error_last(NULL);
perror("Failed to create kprobes:");
if (err && strlen(err))
fprintf(stderr, "%s\en", err);
exit(\-1);
}
tep = tracefs_local_events_system(NULL, sysnames);
if (!tep) {
perror("reading events");
exit(\-1);
}
open_event = tep_find_event_by_name(tep, mykprobe, "open");
file_field = tep_find_field(open_event, "file");
openret_event = tep_find_event_by_name(tep, mykprobe, "openret");
ret_field = tep_find_field(openret_event, "ret");
tracefs_event_enable(instance, mykprobe, NULL);
pid = run_exec(&argv[1], env);
/* Let the child start to run */
sched_yield();
do {
tracefs_load_cmdlines(NULL, tep);
tracefs_iterate_raw_events(tep, instance, NULL, 0, callback, NULL);
} while (waitpid(pid, NULL, WNOHANG) != pid);
/* Will disable the events */
tracefs_dynevent_destroy_all(TRACEFS_DYNEVENT_KPROBE | TRACEFS_DYNEVENT_KRETPROBE, true);
tracefs_dynevent_free(kprobe);
tracefs_dynevent_free(kretprobe);
tracefs_instance_destroy(instance);
tep_free(tep);
return 0;
}
.fi
.if n \{\
.RE
.\}
.SH "FILES"
.sp
.if n \{\
.RS 4
.\}
.nf
\fBtracefs\&.h\fR
Header file to include in order to have access to the library APIs\&.
\fB\-ltracefs\fR
Linker switch to add when building a program that uses the library\&.
.fi
.if n \{\
.RE
.\}
.SH "SEE ALSO"
.sp
\fBlibtracefs\fR(3), \fBlibtraceevent\fR(3), \fBtrace\-cmd\fR(1)
.SH "AUTHOR"
.sp
.if n \{\
.RS 4
.\}
.nf
\fBSteven Rostedt\fR <\m[blue]\fBrostedt@goodmis\&.org\fR\m[]\&\s-2\u[1]\d\s+2>
\fBTzvetomir Stoyanov\fR <\m[blue]\fBtz\&.stoyanov@gmail\&.com\fR\m[]\&\s-2\u[2]\d\s+2>
\fBYordan Karadzhov\fR <\m[blue]\fBy\&.karadz@gmail\&.com\fR\m[]\&\s-2\u[3]\d\s+2>
.fi
.if n \{\
.RE
.\}
.SH "REPORTING BUGS"
.sp
Report bugs to <\m[blue]\fBlinux\-trace\-devel@vger\&.kernel\&.org\fR\m[]\&\s-2\u[4]\d\s+2>
.SH "LICENSE"
.sp
libtracefs is Free Software licensed under the GNU LGPL 2\&.1
.SH "RESOURCES"
.sp
\m[blue]\fBhttps://git\&.kernel\&.org/pub/scm/libs/libtrace/libtracefs\&.git/\fR\m[]
.SH "COPYING"
.sp
Copyright (C) 2021 VMware, Inc\&. Free use of this software is granted under the terms of the GNU Public License (GPL)\&.
.SH "NOTES"
.IP " 1." 4
rostedt@goodmis.org
.RS 4
\%mailto:rostedt@goodmis.org
.RE
.IP " 2." 4
tz.stoyanov@gmail.com
.RS 4
\%mailto:tz.stoyanov@gmail.com
.RE
.IP " 3." 4
y.karadz@gmail.com
.RS 4
\%mailto:y.karadz@gmail.com
.RE
.IP " 4." 4
linux-trace-devel@vger.kernel.org
.RS 4
\%mailto:linux-trace-devel@vger.kernel.org
.RE