| KQUEUE(2) | System Calls Manual | KQUEUE(2) | 
kqueue, kqueue1,
  kevent, EV_SET —
#include <sys/event.h>
#include <sys/time.h>
int
  
  kqueue(void);
int
  
  kqueue1(int
    flags);
int
  
  kevent(int
    kq, const struct kevent
    *changelist, size_t
    nchanges, struct kevent
    *eventlist, size_t
    nevents, const struct
    timespec *timeout);
EV_SET(&kev,
    ident,
    filter,
    flags,
    fflags,
    data,
    udata);
kqueue() provides a generic method of notifying the user
  when an event happens or a condition holds, based on the results of small
  pieces of kernel code termed filters. A kevent is identified by the (ident,
  filter) pair; there may only be one unique kevent per kqueue.
The filter is executed upon the initial registration of a kevent in order to detect whether a preexisting condition is present, and is also executed whenever an event is passed to the filter for evaluation. If the filter determines that the condition should be reported, then the kevent is placed on the kqueue for the user to retrieve.
The filter is also run when the user attempts to retrieve the kevent from the kqueue. If the filter indicates that the condition that triggered the event no longer holds, the kevent is removed from the kqueue and is not returned.
Multiple events which trigger the filter do not result in multiple kevents being placed on the kqueue; instead, the filter will aggregate the events into a single struct kevent. Calling close(2) on a file descriptor will remove any kevents that reference the descriptor.
kqueue() creates a new kernel event queue
    and returns a descriptor.
The kqueue1() function also allows to set
    the following flags on the returned file
  descriptor:
| O_CLOEXECSet the close on exec property. | 
| O_NONBLOCKSet non-blocking I/O. | 
| O_NOSIGPIPEReturnEPIPEinstead of raisingSIGPIPE. | 
The queue is not inherited by a child created with fork(2).
kevent() is used to register events with
    the queue, and return any pending events to the user.
    changelist is a pointer to an array of
    kevent structures, as defined in
    <sys/event.h>. All changes
    contained in the changelist are applied before any
    pending events are read from the queue. nchanges gives
    the size of changelist.
    eventlist is a pointer to an array of kevent
    structures. nevents determines the size of
    eventlist. If timeout is a
    non-NULL pointer, it
    specifies a maximum interval to wait for an event, which will be interpreted
    as a struct timespec. If
    timeout is a NULL pointer,
    kevent() waits indefinitely. To effect a poll, the
    timeout argument should be
    non-NULL, pointing to a
    zero-valued timespec(3)
    structure. The same array may be used for the
    changelist and eventlist.
EV_SET() is a macro which is provided for
    ease of initializing a kevent structure. This macro does not evaluate its
    parameters multiple times.
The kevent structure is defined as:
struct kevent {
	uintptr_t ident;	/* identifier for this event */
	uint32_t  filter;	/* filter for event */
	uint32_t  flags;	/* action flags for kqueue */
	uint32_t  fflags;	/* filter flag value */
	int64_t   data;		/* filter data value */
	intptr_t  udata;	/* opaque user data identifier */
};
The fields of struct kevent are:
The flags field can contain the following values:
EV_ADDEV_ENABLEkevent() to return the event if it is
      triggered.EV_DISABLEkevent() will not return it.
      The filter itself is not disabled.EV_DISPATCHEV_DISABLE above.EV_DELETEEV_RECEIPTEV_ERROR to always be returned. When a filter is
      successfully added the data field will be zero.EV_ONESHOTEV_CLEAREV_EOFEV_ERRORAs a third-party filter is referenced by a well-known name instead
    of a statically assigned number, two
    ioctl(2)s are supported on the
    file descriptor returned by kqueue() to map a filter
    name to a filter number, and vice-versa (passing arguments in a structure
    described below):
KFILTER_BYFILTERKFILTER_BYNAMEThe following structure is used to pass arguments in and out of the ioctl(2):
struct kfilter_mapping {
	char	 *name;		/* name to lookup or return */
	size_t	 len;		/* length of name */
	uint32_t filter;	/* filter to lookup or return */
};
Arguments may be passed to and from the filter via the fflags and data fields in the kevent structure.
The predefined system filters are:
EVFILT_READOther socket descriptors return when there is data to be
            read, subject to the SO_RCVLOWAT value of
            the socket buffer. This may be overridden with a per-filter low
            water mark at the time the filter is added by setting the NOTE_LOWAT
            flag in fflags, and specifying the new low
            water mark in data. On return,
            data contains the number of bytes in the
            socket buffer.
If the read direction of the socket has shutdown, then the filter also sets EV_EOF in flags, and returns the socket error (if any) in fflags. It is possible for EOF to be returned (indicating the connection is gone) while there is still data pending in the socket buffer.
When the last writer disconnects, the filter will set EV_EOF in flags. This may be cleared by passing in EV_CLEAR, at which point the filter will resume waiting for data to become available before returning.
EVFILT_WRITEFor sockets, the low water mark and socket error handling is identical to the EVFILT_READ case.
EVFILT_AIOEVFILT_VNODENOTE_DELETENOTE_WRITENOTE_EXTENDNOTE_ATTRIBNOTE_LINKNOTE_RENAMENOTE_REVOKEOn return, fflags contains the events which triggered the filter.
EVFILT_PROCNOTE_EXITNOTE_FORKNOTE_EXECNOTE_TRACKNOTE_TRACKERROn return, fflags contains the events which triggered the filter.
EVFILT_SIGNALkevent(). This
      filter automatically sets the EV_CLEAR flag internally.EVFILT_TIMERkevent(). This filter automatically sets the
      EV_CLEAR flag internally.EVFILT_FSkqueue() creates a new kernel event queue and returns a
  file descriptor. If there was an error creating the kernel event queue, a
  value of -1 is returned and errno is set.
kevent() returns the number of events
    placed in the eventlist, up to the value given by
    nevents. If an error occurs while processing an
    element of the changelist and there is enough room in
    the eventlist, then the event will be placed in the
    eventlist with EV_ERROR set in
    flags and the system error in
    data. Otherwise, -1 will be
    returned, and errno will be set to indicate the
    error condition. If the time limit expires, then
    kevent() returns 0.
#include <sys/types.h>
#include <sys/event.h>
#include <sys/time.h>
#include <stdio.h>
#include <unistd.h>
#include <stdlib.h>
#include <fcntl.h>
#include <err.h>
int
main(int argc, char *argv[])
{
        int fd, kq, nev;
        struct kevent ev;
        static const struct timespec tout = { 1, 0 };
        if ((fd = open(argv[1], O_RDONLY)) == -1)
                err(1, "Cannot open `%s'", argv[1]);
        if ((kq = kqueue()) == -1)
                err(1, "Cannot create kqueue");
        EV_SET(&ev, fd, EVFILT_VNODE, EV_ADD | EV_ENABLE | EV_CLEAR,
            NOTE_DELETE|NOTE_WRITE|NOTE_EXTEND|NOTE_ATTRIB|NOTE_LINK|
            NOTE_RENAME|NOTE_REVOKE, 0, 0);
        if (kevent(kq, &ev, 1, NULL, 0, &tout) == -1)
                err(1, "kevent");
        for (;;) {
                nev = kevent(kq, NULL, 0, &ev, 1, &tout);
                if (nev == -1)
                        err(1, "kevent");
                if (nev == 0)
                        continue;
                if (ev.fflags & NOTE_DELETE) {
                        printf("deleted ");
                        ev.fflags &= ~NOTE_DELETE;
                }
                if (ev.fflags & NOTE_WRITE) {
                        printf("written ");
                        ev.fflags &= ~NOTE_WRITE;
                }
                if (ev.fflags & NOTE_EXTEND) {
                        printf("extended ");
                        ev.fflags &= ~NOTE_EXTEND;
                }
                if (ev.fflags & NOTE_ATTRIB) {
                        printf("chmod/chown/utimes ");
                        ev.fflags &= ~NOTE_ATTRIB;
                }
                if (ev.fflags & NOTE_LINK) {
                        printf("hardlinked ");
                        ev.fflags &= ~NOTE_LINK;
                }
                if (ev.fflags & NOTE_RENAME) {
                        printf("renamed ");
                        ev.fflags &= ~NOTE_RENAME;
                }
                if (ev.fflags & NOTE_REVOKE) {
                        printf("revoked ");
                        ev.fflags &= ~NOTE_REVOKE;
                }
                printf("\n");
                if (ev.fflags)
                        warnx("unknown event 0x%x\n", ev.fflags);
        }
}
kqueue() function fails if:
EMFILE]ENFILE]ENOMEM]The kevent() function fails if:
EACCES]EBADF]EFAULT]EINTR]EINVAL]ENOENT]ENOMEM]EOPNOTSUPP]kevent() operations.ESRCH]Jonathan Lemon, Kqueue: A Generic and Scalable Event Notification Facility, Proceedings of the FREENIX Track: 2001 USENIX Annual Technical Conference, USENIX Association, http://www.usenix.org/event/usenix01/freenix01/full_papers/lemon/lemon.pdf, June 25-30, 2001.
kqueue() and kevent()
  functions first appeared in FreeBSD 4.1, and then in
  NetBSD 2.0. The kqueue1()
  function first appeared in NetBSD 6.0.
The EV_SET() macro was protected from
    evaluating multiple times the first argument in NetBSD
    8.0.
| January 8, 2018 | NetBSD 9.3 |