Crate linux_perf_event_reader

Expand description

linux-perf-event-reader

This crate lets you parse Linux perf events and associated structures.

Example

use linux_perf_event_reader::{
    CommOrExecRecord, Endianness, EventRecord, PerfEventAttr, RawData, RawEventRecord,
    RecordParseInfo, RecordType
};

// Read the perf_event_attr data.
let attr_data = vec![
    0, 0, 0, 0, 128, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 229, 3, 0, 0, 0, 0, 0, 0, 47, 177, 0,
    0, 0, 0, 0, 0, 4, 0, 0, 0, 0, 0, 0, 0, 3, 183, 215, 97, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
    0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 255, 15,
    255, 0, 0, 0, 0, 0, 0, 128, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
    0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 104, 0, 0, 0, 0, 0, 0, 0, 128, 0,
    0, 0, 0, 0, 0, 0,
];
let attr =
    PerfEventAttr::parse::<_, byteorder::LittleEndian>(&attr_data[..], None).unwrap();
let parse_info = RecordParseInfo::new(&attr, Endianness::LittleEndian);

let body = b"lG\x08\0lG\x08\0dump_syms\0\0\0\0\0\0\0lG\x08\0lG\x08\08\x1b\xf8\x18hX\x04\0";
let body_raw_data = RawData::from(&body[..]);
let raw_record = RawEventRecord::new(RecordType::COMM, 0x2000, body_raw_data, parse_info);
let parsed_record = raw_record.parse().unwrap();

assert_eq!(
    parsed_record,
    EventRecord::Comm(CommOrExecRecord {
        pid: 542572,
        tid: 542572,
        name: RawData::Single(b"dump_syms"),
        is_execve: true
    })
);

Structs

The address of the breakpoint.

HwBreakpointLen

The length of the breakpoint being measured.

These aren’t emitted by the kernel any more - the kernel uses MMAP2 events these days. However, perf record still emits synthetic MMAP events (not MMAP2!) for the kernel image. So if you want to symbolicate kernel addresses you still need to process these. The kernel image MMAP events have pid -1.

perf_event_attr

perf_event_header

PMU type ID

An unparsed event record.

ReadFormat

The format of the data returned by read() on a perf event fd, as specified by attr.read_format:

Enums

An enum for little or big endian.

EventRecord

A fully parsed event record.

HardwareCacheId

HardwareCacheOp

HardwareCacheOpResult

HardwareEventId

IpSkidConstraint

Specifies how precise the instruction address should be. With perf record -e you can set the precision by appending /p to the event name, with varying numbers of ps.

Mmap2FileId

PerfClock

This allows selecting which internal Linux clock to use when generating timestamps.

PerfEventType

The type of perf event

RawData

A slice of u8 data that can have non-contiguous backing storage split into two pieces, and abstracts that split away so that users can pretend to deal with a contiguous slice.

SamplingPolicy

Sampling Policy

SoftwareCounterType

TaskWasPreempted

Whether a task was in the TASK_RUNNING state when it was switched away from.

WakeupPolicy

Wakeup policy for “overflow notifications”. This controls the point at which the read call completes. (TODO: double check this)