tracefs_eprobe_alloc(3) — Linux manual page

NAME | SYNOPSIS | DESCRIPTION | RETURN VALUE | EXAMPLE | FILES | SEE ALSO | AUTHOR | REPORTING BUGS | LICENSE | RESOURCES | COPYING | NOTES | COLOPHON

LIBTRACEFS(3)               libtracefs Manual              LIBTRACEFS(3)

NAME         top

       tracefs_eprobe_alloc - Allocate new event probe (eprobe)

SYNOPSIS         top

       #include <tracefs.h>

       struct tracefs_dynevent *
       tracefs_eprobe_alloc(const char *system, const char *event,
                              const char *target_system, const char *target_event,
                              const char *fetchargs);

DESCRIPTION         top

       tracefs_eprobe_alloc() allocates a new eprobe context. The ebrobe
       is not configured in the system. The new eprobe will be in the
       system group (or eprobes if system is NULL) and have the name of
       event. The eprobe will be attached to target_event, located in
       target_system. The list of arguments, described in fetchargs,
       will be fetched from target_event. The returned pointer to the
       event probe must be freed with tracefs_dynevent_free().

RETURN VALUE         top

       The tracefs_eprobe_alloc() API returns a pointer to an allocated
       tracefs_dynevent structure, describing the event probe. This
       pointer must be freed by tracefs_dynevent_free(3). Note, this
       only allocates a descriptor representing the eprobe. It does not
       modify the running system. On error NULL is returned.

EXAMPLE         top

           #include <stdlib.h>
           #include <unistd.h>
           #include <sys/wait.h>

           #include <tracefs.h>

           static struct tep_event *open_event;
           static struct tep_format_field *file_field;

           static int callback(struct tep_event *event, struct tep_record *record,
                               int cpu, void *data)
           {
                   struct trace_seq seq;

                   trace_seq_init(&seq);
                   tep_print_event(event->tep, &seq, record, "%d-%s: ", TEP_PRINT_PID, TEP_PRINT_COMM);

                   if (event->id == open_event->id) {
                           trace_seq_puts(&seq, "open file='");
                           tep_print_field(&seq, record->data, file_field);
                           trace_seq_puts(&seq, "'\n");
                   }

                   trace_seq_terminate(&seq);
                   trace_seq_do_printf(&seq);
                   trace_seq_destroy(&seq);

                   return 0;
           }

           static pid_t run_exec(char **argv, char **env)
           {
                   pid_t pid;

                   pid = fork();
                   if (pid)
                           return pid;

                   execve(argv[0], argv, env);
                   perror("exec");
                   exit(-1);
           }

           const char *myprobe = "my_eprobes";

           int main (int argc, char **argv, char **env)
           {
                   struct tracefs_dynevent *eprobe;
                   struct tracefs_instance *instance;
                   struct tep_handle *tep;
                   const char *sysnames[] = { myprobe, NULL };
                   pid_t pid;

                   if (argc < 2) {
                           printf("usage: %s command\n", argv[0]);
                           exit(-1);
                   }

                   instance = tracefs_instance_create("exec_open");
                   if (!instance) {
                           perror("creating instance");
                           exit(-1);
                   }

                   tracefs_dynevent_destroy_all(TRACEFS_DYNEVENT_EPROBE, true);

                   eprobe = tracefs_eprobe_alloc(myprobe, "sopen", "syscalls", "sys_enter_openat2",
                                                 "file=+0($filename):ustring");
                   if (!eprobe) {
                           perror("allocating event probe");
                           exit(-1);
                   }

                   if (tracefs_dynevent_create(eprobe)) {
                           perror("creating event probe");
                           exit(-1);
                   }

                   tep = tracefs_local_events_system(NULL, sysnames);
                   if (!tep) {
                           perror("reading events");
                           exit(-1);
                   }

                   open_event = tep_find_event_by_name(tep, myprobe, "sopen");
                   file_field = tep_find_field(open_event, "file");

                   tracefs_event_enable(instance, myprobe, "sopen");
                   pid = run_exec(&argv[1], env);

                   /* Let the child start to run */
                   sched_yield();

                   do {
                           tracefs_load_cmdlines(NULL, tep);
                           tracefs_iterate_raw_events(tep, instance, NULL, 0, callback, NULL);
                   } while (waitpid(pid, NULL, WNOHANG) != pid);

                   /* Will disable the events */
                   tracefs_dynevent_destroy(eprobe, true);
                   tracefs_dynevent_free(eprobe);
                   tracefs_instance_destroy(instance);
                   tep_free(tep);

                   return 0;
           }

FILES         top

           tracefs.h
                   Header file to include in order to have access to the library APIs.
           -ltracefs
                   Linker switch to add when building a program that uses the library.

SEE ALSO         top

       libtracefs(3), libtraceevent(3), trace-cmd(1)

AUTHOR         top

           Steven Rostedt <[email protected][1]>
           Tzvetomir Stoyanov <[email protected][2]>

REPORTING BUGS         top

       Report bugs to <[email protected][3]>

LICENSE         top

       libtracefs is Free Software licensed under the GNU LGPL 2.1

RESOURCES         top

       https://git.kernel.org/pub/scm/libs/libtrace/libtracefs.git/ 

COPYING         top

       Copyright (C) 2021 VMware, Inc. Free use of this software is
       granted under the terms of the GNU Public License (GPL).

NOTES         top

        1. [email protected]
           mailto:[email protected]

        2. [email protected]
           mailto:[email protected]

        3. [email protected]
           mailto:[email protected]

COLOPHON         top

       This page is part of the libtracefs (Linux kernel trace file
       system library) project.  Information about the project can be
       found at ⟨https://www.trace-cmd.org/⟩.  If you have a bug report
       for this manual page, see ⟨https://www.trace-cmd.org/⟩.  This
       page was obtained from the project's upstream Git repository
       ⟨https://git.kernel.org/pub/scm/libs/libtrace/libtracefs.git⟩ on
       2024-06-14.  (At that time, the date of the most recent commit
       that was found in the repository was 2024-05-17.)  If you
       discover any rendering problems in this HTML version of the page,
       or you believe there is a better or more up-to-date source for
       the page, or you have corrections or improvements to the
       information in this COLOPHON (which is not part of the original
       manual page), send a mail to [email protected]

libtracefs 1.7.0               12/22/2023                  LIBTRACEFS(3)