Crate linux_perf_event_reader

linux-perf-event-reader

This crate lets you parse Linux perf events and associated structures.

Example

use linux_perf_event_reader::{
    CommOrExecRecord, Endianness, EventRecord, PerfEventAttr, RawData, RawEventRecord,
    RecordParseInfo, RecordType
};

// Read the perf_event_attr data.
let attr_data = [
    0, 0, 0, 0, 128, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 229, 3, 0, 0, 0, 0, 0, 0, 47, 177, 0,
    0, 0, 0, 0, 0, 4, 0, 0, 0, 0, 0, 0, 0, 3, 183, 215, 97, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
    0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 255, 15,
    255, 0, 0, 0, 0, 0, 0, 128, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
    0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 104, 0, 0, 0, 0, 0, 0, 0, 128, 0,
    0, 0, 0, 0, 0, 0,
];
let (attr, _size) =
    PerfEventAttr::parse::<_, byteorder::LittleEndian>(&attr_data[..]).unwrap();
let parse_info = RecordParseInfo::new(&attr, Endianness::LittleEndian);

let body = b"lG\x08\0lG\x08\0dump_syms\0\0\0\0\0\0\0lG\x08\0lG\x08\08\x1b\xf8\x18hX\x04\0";
let body_raw_data = RawData::from(&body[..]);
let raw_record = RawEventRecord::new(RecordType::COMM, 0x2000, body_raw_data, parse_info);
let parsed_record = raw_record.parse().unwrap();

assert_eq!(
    parsed_record,
    EventRecord::Comm(CommOrExecRecord {
        pid: 542572,
        tid: 542572,
        name: RawData::Single(b"dump_syms"),
        is_execve: true
    })
);

Modules

• constants

Structs

• AttrFlags
• BranchSampleFormat
• CommOrExecRecord
• CommonData
• ForkOrExitRecord
• HwBreakpointAddr
  The address of the breakpoint.
• HwBreakpointLen
  The length of the breakpoint being measured.
• HwBreakpointType
• LostRecord
• Mmap2InodeAndVersion
• Mmap2Record
• MmapRecord
  These aren’t emitted by the kernel any more - the kernel uses MMAP2 events these days. However, perf record still emits synthetic MMAP events (not MMAP2!) for the kernel image. So if you want to symbolicate kernel addresses you still need to process these. The kernel image MMAP events have pid -1.
• PerfEventAttr
  perf_event_attr
• PerfEventHeader
  perf_event_header
• PmuTypeId
  PMU type ID
• RawDataU64
• RawEventRecord
  An unparsed event record.
• ReadFormat
  The format of the data returned by read() on a perf event fd, as specified by attr.read_format:
• RecordIdParseInfo
• RecordParseInfo
• RecordType
• Regs
• SampleFormat
• SampleRecord
• ThrottleRecord

Enums

• ClockId
• ContextSwitchRecord
• CpuMode
• Endianness
  An enum for little or big endian.
• EventRecord
  A fully parsed event record.
• HardwareCacheId
• HardwareCacheOp
• HardwareCacheOpResult
• HardwareEventId
• IpSkidConstraint
  Specifies how precise the instruction address should be. With perf record -e you can set the precision by appending /p to the event name, with varying numbers of ps.
• Mmap2FileId
• PerfClock
  This allows selecting which internal Linux clock to use when generating timestamps.
• PerfEventType
  The type of perf event
• RawData
  A slice of u8 data that can have non-contiguous backing storage split into two pieces, and abstracts that split away so that users can pretend to deal with a contiguous slice.
• SamplingPolicy
  Sampling Policy
• SoftwareCounterType
• TaskWasPreempted
  Whether a task was in the TASK_RUNNING state when it was switched away from.
• WakeupPolicy
  Wakeup policy for “overflow notifications”. This controls the point at which the read call completes. (TODO: double check this)

Functions

• get_record_id
  Get the ID from an event record, with the help of RecordIdParseInfo.
• get_record_identifier
  Get the ID from an event record, if the sample format includes SampleFormat::IDENTIFIER.
• get_record_timestamp
  Get the timestamp from an event record, with the help of RecordParseInfo.
• is_swapped_endian