Applicable to: OpenHarmony 3.2 Beta (API version 9)
**Symptom**
How do I flush HiLog information to disks?
**Solution**
Run the **hilog -w start -f ckTest -l 1M -n 5 -m zlib -j 11** command.
The log file is saved in the **/data/log/hilog/** directory.
Parameter description:
**Parameters:**
```
-**-w**: Starts a log flushing task. **start** means to start the task, and **stop** means to stop the task.
...
...
@@ -25,3 +21,129 @@ Parameter description:
-**-j**: Specifies the task ID. The value ranges from **10** to **0xffffffffff**.
For more details about parameters, run the **hilog --help** command.
```
## How do I print only HiLog information of the current application?
Applicable to: OpenHarmony 3.2 Beta (API version 9)
**Solution**
Use the hilog command line tool to filter the logs of the current application.
**hilog -T xxx**: filtering logs by tag.
**hilog –D xxx**: filtering logs by domain.
**hilog -e**: matching log content based on the tag, domain, and pid by using regular expressions. Multi-layered filtering, combination filtering, and reverse filtering are supported.
## How do I locate the fault when the application crashes?
Applicable to: OpenHarmony 3.2 Beta (API version 9)
**Solution**
Method 1: Locate the crash-related code based on the service log.
Method 2: View the error information in the crash file. The crash file is located at **/data/log/faultlog/faultlogger/**.
## Is HiLog or console recommended for log printing? How do I set the domain if HiLog is used?
Applicable to: OpenHarmony 3.2 Beta (API version 9)
The console encapsulates the HiLog system with the default parameter configuration. It is mainly used in the application development and debugging phase.
HiLog is recommended because it supports log classification and processing in a unified manner. For details, see [@ohos.hilog (HiLog)](../reference/apis/js-apis-hilog.md#hilogisloggable).
The value of the **domain** parameter in the HiLog API ranges from **0x0** to **0xFFFF**. You are advised to customize the value as required.
## What is the maximum length of a log record when HiLog is used? Is it configurable?
Applicable to: OpenHarmony 3.2 Beta (API version 9)
The maximum length of a log record is 1,024 characters, and it is not changeable.
## What is the purpose of using private in printing of formatted logs?
Applicable to: OpenHarmony 3.2 Beta (API version 9)
**Symptom**
**private** is displayed in HiLog information when format parameters are of the %d or %s type in C++.
**Solution**
When format parameters such as **%d** and **%s** are directly used, the standard system uses **private** to replace the actual data for printing by default to prevent data leakage. To print the actual data, replace **%d** with **%{public}d** or replace **%s** with **%{public}s**.
## What should I do if the hilog.debug log cannot be printed?
Applicable to: OpenHarmony 3.2 Beta (API version 9)
**Solution**
Run **hdc std shell hilog -b D** to turn on the debugging switch.
## Can I separate multiple strings by spaces in the tag parameter of the HiLog API?
Applicable to: OpenHarmony 3.2 Beta (API version 9)
Yes.
## How does HiLog print the log information marked with the \{private\} tag?
Applicable to: OpenHarmony 3.2 Beta (API version 9)
**Solution**
To print the log information marked with the \{private\} tag, run the command to disable the privacy mode: hdc shell hilog -p off
## What are the cash log collection and performance troubleshooting functions provided by the HiLog system?
Applicable to: OpenHarmony 3.2 Beta (API version 9)
**Symptom**
What are the cash log collection and performance troubleshooting functions provided by the HiLog system?
**Solution**
FaultLogger: collects crash logs. For details, see [FaultLogger](../reference/apis/js-apis-faultLogger.md).
HiChecker: detects potential faults. For details, see [HiChecker](../reference/apis/js-apis-hichecker.md).
hiTraceMeter: implements performance tracing. For details, see [hiTraceMeter](../reference/apis/js-apis-hitracemeter.md).
## How do I control log output?
Applicable to: OpenHarmony 3.2 Beta (API version 9)
**Symptom**
The output log varies according to environment requirements.
**Solution**
You can run the following command to adjust the log level to print the desired logs:
hdc shell hilog -L <D/I/W/E/F\>
## Is there a limit on the tag length of HiLog?
Applicable to: OpenHarmony 3.2 Beta (API version 9)
The length of the entire tag is 32.
## How do I view the appfreeze information in the logs?
Applicable to: OpenHarmony 3.2 Beta (API version 9)
Try the following procedure:
1. Check the reason for the event. Fault location methods and examples are provided specifically to different reasons.
2. Check the MSG information.
3. Check the application stack information in OpenStacktraceCatcher as well as the HiLog information for the operation that leads to the event.
4. Check the PeerBinderCatcher process to see if the current process is suspended by the peer binder. If there is a synchronous wait related to the current process, the corresponding PeerBinder Stacktrace information will be logged. It contains the stack information of the peer process that leads to suspension of the current process.
5. Check the CPU usage of system processes and the memory usage of the current process.
## How do I read an XML file in rawfile and convert the data in it to the string type?
Applicable to: OpenHarmony 3.2 Beta5 (API version 9)
Applicable to: OpenHarmony 3.2 Beta5 (API version 9)
**Solution**
Call **getRawFileContent** of the **ResourceManager** module to obtain the data in the XML file, and then use **String.fromCharCode** to convert the data to the string type.
@@ -33,7 +33,7 @@ Applicable to: OpenHarmony 3.1 Beta 5 (API version 9)
The stage model allows an application to obtain a **ResourceManager** object based on **context** and call its resource management APIs without first importing the required bundle. This mode does not apply to the FA model.
**Sample Code**
**Example**
```
const context = getContext(this) as any
...
...
@@ -63,13 +63,13 @@ To obtain the path of the **resource** directory, try either of the following wa
2. Use **ResourceManager** for access. This method applies to dynamic access, during which the **resource** directory dynamically changes when the application is running.
**Reference**
**Reference Link**
[Resource Categories and Access](../quick-start/resource-categories-and-access.md) and [Resource Manager](../reference/apis/js-apis-resource-manager.md)
## Why does getPluralString return an incorrect value?
Applicable to: OpenHarmony 3.2 Beta5 (API version 9)
Applicable to: OpenHarmony 3.2 Beta5 (API version 9)
**Symptom**
...
...
@@ -81,19 +81,19 @@ The **getPluralString** API is effective only when the system language is Englis
## How do I obtain the customized string fields in the resources directory?
Applicable to: OpenHarmony 3.2 Beta5 (API version 9)
Applicable to: OpenHarmony 3.2 Beta5 (API version 9)
**Solution**
Use **getStringValue** of the **ResourceManager** module.
## How do I reference resources such as images and text in AppScope?
Applicable to: OpenHarmony 3.2 Beta5 (API version 9)
Applicable to: OpenHarmony 3.2 Beta5 (API version 9)
**Solution**
...
...
@@ -101,18 +101,50 @@ Reference resources in the **\$r\('app.type.name'\)** format. Wherein, **type**
## How do I convert resources to strings?
Applicable to: OpenHarmony 3.2 Beta5 (API version 9)
Applicable to: OpenHarmony 3.2 Beta5 (API version 9)
**Solution**
For a qualifier directory, use **this.context.resourceManager.getStringSync\(\$r\('app.string.test'\).id\)** to covert resources to strings synchronously. Note that the **\$r\('app.string.test', 2\)** mode is not supported.
The **hiSysEvent** module provides the system event logging functions, such as configuring trace points, subscribing to system events, and querying system events written to the event file.
> **NOTE**
>
> - The initial APIs of this module are supported since API version 9. Newly added APIs will be marked with a superscript to indicate their earliest API version.
> - The APIs provided by this module are system APIs.
...
...
@@ -312,6 +313,8 @@ Defines arguments for an event query.
| beginTime | number | Yes| Start time (13-digit timestamp) for the event query.|
| endTime | number | Yes| End time (13-digit timestamp) for the event query.|
| maxEvents | number | Yes| Maximum number of events that can be queried.|
| fromSeq<sup>10+</sup> | number | No | Start SN of the events to be queried. The default value is **-1**.|
| toSeq<sup>10+</sup> | number | No | End SN of the system events to be queried. The default value is **-1**.|
## QueryRule
...
...
@@ -323,6 +326,7 @@ Defines event query rules.
| -------- | -------- | -------- | -------- |
| domain | string | Yes| Event domain.|
| names | string[] | Yes| Array of event names. A **QueryRule** object contains multiple system event names.|
| condition<sup>10+</sup> | string | No| Additional event conditions. The value of this parameter is in the format of {"version":"V1","condition":{"and":[{"param":"*Parameter*","op":"*Operator*","value":"*Comparison value*"}]}}.|
exportSysEvents(queryArg: QueryArg, rules: QueryRule[]): number
Exports system events in batches and writes them as a file to the fixed directory of the application sandbox (that is, **/data/storage/el2/base/cache/hiview/event/**).
Subscribes to real-time system events that occur occasionally or occur in a low frequency. These events are written as a file to the fixed directory of the application sandbox (that is, **/data/storage/el2/base/cache/hiview/event/**).
// Call the destroy() method to release resources after HttpRequest is complete.
httpRequest.destroy();
}else{
console.info('error:'+JSON.stringify(err));
// Unsubscribe from HTTP Response Header events.
...
...
@@ -73,7 +75,7 @@ httpRequest.request(
createHttp(): HttpRequest
Creates an HTTP request. You can use this API to initiate or destroy an HTTP request, or enable or disable listening for HTTP Response Header events. An **HttpRequest** object corresponds to an HTTP request. To initiate multiple HTTP requests, you must create an **HttpRequest** object for each HTTP request.
Creates an HTTP request. You can use this API to initiate or destroy an HTTP request, or enable or disable listening for HTTP Response Header events. An HttpRequest object corresponds to an HTTP request. To initiate multiple HTTP requests, you must create an **HttpRequest** object for each HTTP request.
Initiates an HTTP request containing specified options to a given URL. This API uses an asynchronous callback to return the result, which is a streaming response.
Initiates an HTTP request to a given URL. This API uses an asynchronous callback to return the result, which is a streaming response.
@@ -567,7 +569,7 @@ Initiates an HTTP request containing specified options to a given URL. This API
> **NOTE**
> For details about the error codes, see [HTTP Error Codes](../errorcodes/errorcode-net-http.md).
> The HTTP error code mapping is in the format of 2300000 + Curl error code. For more common error codes, see [Curl Error Codes](https://curl.se/libcurl/c/libcurl-errors.html).
> The HTTP error code mapping is in the format of 2300000 + Curl error code. For more common error codes, see:
@@ -621,7 +623,7 @@ Unregisters the observer for HTTP Response Header events.
> **NOTE**
>
>1. This API has been deprecated. You are advised to use [off('headersReceive')<sup>8+</sup>](#offheadersreceive8).
>1. This API has been deprecated. You are advised to use [off('headersReceive')<sup>8+</sup>](#offheadersreceive8) instead.
>
>2. You can pass the callback of the **on** function if you want to cancel listening for a certain type of event. If you do not pass the callback, you will cancel listening for all events.
...
...
@@ -817,7 +819,7 @@ Registers an observer for events indicating progress of receiving HTTP streaming
| type | string | Yes | Event type. The value is **dataProgress**.|
| callback | AsyncCallback\<{ receiveSize: number, totalSize: number }\> | Yes | Callback used to return the result.<br>- **receiveSize**: number of received bytes.<br>- **totalSize**: total number of bytes to be received.|
| callback | AsyncCallback\<{ receiveSize: number, totalSize: number }\> | Yes | Callback used to return the result.<br>**receiveSize**: number of received bytes.<br>**totalSize**: total number of bytes to be received.|
**Example**
...
...
@@ -860,7 +862,7 @@ Specifies the type and value range of the optional parameters in the HTTP reques
| method | [RequestMethod](#requestmethod) | No | Request method. The default value is **GET**. |
| extraData | string<sup>6+</sup>\| Object<sup>6+</sup>\| ArrayBuffer<sup>8+</sup> | No | Additional data for sending a request. This parameter is not used by default.<br>- If the HTTP request uses a POST or PUT method, this parameter serves as the content of the HTTP request and is encoded in UTF-8 format. If **'Content-Type'** is **'application/x-www-form-urlencoded'**, the data in the request body must be encoded in the format of **key1=value1&key2=value2&key3=value3** after URL transcoding.<sup>6+</sup><br>- If the HTTP request uses the GET, OPTIONS, DELETE, TRACE, or CONNECT method, this parameter serves as a supplement to HTTP request parameters. Parameters of the string type need to be encoded before being passed to the HTTP request. Parameters of the object type do not need to be precoded and will be directly concatenated to the URL. Parameters of the ArrayBuffer type will not be concatenated to the URL.<sup>6+</sup>|
| extraData | string<sup>6+</sup>\| Object<sup>6+</sup>\| ArrayBuffer<sup>8+</sup> | No | Additional data for sending a request. This parameter is not used by default.<br>- If the HTTP request uses a POST or PUT method, this parameter serves as the content of the HTTP request and is encoded in UTF-8 format. If **'Content-Type'** is **'application/x-www-form-urlencoded'**, the data in the request body must be encoded in the format of **key1=value1&key2=value2&key3=value3** after URL transcoding.<br>- If the HTTP request uses the GET, OPTIONS, DELETE, TRACE, or CONNECT method, this parameter serves as a supplement to HTTP request parameters. Parameters of the string type need to be encoded before being passed to the HTTP request. Parameters of the object type do not need to be precoded and will be directly concatenated to the URL. Parameters of the ArrayBuffer type will not be concatenated to the URL.|
| expectDataType<sup>9+</sup> | [HttpDataType](#httpdatatype9) | No | Type of the returned data. This parameter is not used by default. If this parameter is set, the system returns the specified type of data preferentially.|
| usingCache<sup>9+</sup> | boolean | No | Whether to use the cache. The default value is **true**. |
| priority<sup>9+</sup> | number | No | Priority. The value range is [1,1000]. The default value is **1**. |
...
...
@@ -896,7 +898,7 @@ Enumerates the response codes for an HTTP request.
@@ -19,9 +19,10 @@ Prints debugging information in formatted output mode.
| Name | Type | Mandatory | Description |
| ------- | ------ | ---- | ----------- |
| message | string | Yes | Text to be printed.|
| arguments | any | No | Arguments in the message or other information to be printed.|
| arguments | any[] | No | Arguments in the message or other information to be printed.|
**Example**
```js
constnumber=5;
console.debug('count: %d',number);// Print the debugging information with arguments in the message replaced.
...
...
@@ -45,9 +46,10 @@ Prints log information in formatted output mode.
| Name | Type | Mandatory | Description |
| ------- | ------ | ---- | ----------- |
| message | string | Yes | Text to be printed.|
| arguments | any | No |Arguments in the message or other information to be printed.|
| arguments | any[] | No |Arguments in the message or other information to be printed.|
**Example**
```js
constnumber=5;
console.log('count: %d',number);// Print the log information with arguments in the message replaced.
...
...
@@ -71,9 +73,10 @@ Prints log information in formatted output mode. This API is the alias of **cons
| Name | Type | Mandatory | Description |
| ------- | ------ | ---- | ----------- |
| message | string | Yes | Text to be printed.|
| arguments | any | No | Arguments in the message or other information to be printed.|
| arguments | any[] | No | Arguments in the message or other information to be printed.|
**Example**
```js
constnumber=5;
console.info('count: %d',number);// Print the log information with arguments in the message replaced.
...
...
@@ -97,9 +100,10 @@ Prints warning information in formatted output mode.
| Name | Type | Mandatory | Description |
| ------- | ------ | ---- | ----------- |
| message | string | Yes | Warning information to be printed.|
| arguments | any | No | Arguments in the message or other information to be printed.|
| arguments | any[] | No | Arguments in the message or other information to be printed.|
**Example**
```js
conststr="name should be string";
console.warn('warn: %d',str);// Print the warning information with arguments in the message replaced.
...
...
@@ -123,10 +127,11 @@ Prints error information in formatted output mode.
| Name | Type | Mandatory | Description |
| ------- | ------ | ---- | ----------- |
| message | string | Yes | Error information to be printed.|
| arguments | any | No | Arguments in the message or other information to be printed.|
| arguments | any[] | No | Arguments in the message or other information to be printed.|
**Example**
```js
conststr="value is not defined";
console.error('error: %d',str);// Print the error information with arguments in the message replaced.
...
...
@@ -153,6 +158,7 @@ Prints assertion information.
| arguments | Object | No | Other information to be printed when **value** is **false**. If this parameter is left blank, other information is not printed.|
**Example**
```js
console.assert(true,'does nothing');// Do not print error information as value is true.
console.assert(2%1==0,'does nothing');// Do not print error information as value is true.
...
...
@@ -180,6 +186,7 @@ Maintains an internal counter. When this counter is invoked, its label name and
**Example**
```js
console.count()
// default: 1
...
...
@@ -210,6 +217,7 @@ Resets a counter based on the specified label name.
| label | string | No | Counter label name. The default value is **default**.|
**Example**
```js
console.count('abc');
// abc: 1
...
...
@@ -234,6 +242,7 @@ Prints content of the specified object.
**Example**
```js
leta={foo:{bar:{baz:true}}};
console.dir(a);
...
...
@@ -258,6 +267,7 @@ Displays an interactive tree of the descendant elements of the specified XML ele
| arguments | Object | Yes | Information to be printed.|
**Example**
```js
constnumber=5;
console.dirxml('count: %d',number);
...
...
@@ -284,6 +294,7 @@ If the information to be printed is provided, the information is printed without
| arguments | Object | No | Information to be printed.|
**Example**
```js
console.log("outter");
// outter
...
...
@@ -313,6 +324,7 @@ Creates a new inline group in collapsed mode. The usage and function of this API
**Example**
```js
console.groupCollapsed("outter");
// outter
...
...
@@ -335,6 +347,7 @@ Reduces the indentation of subsequent lines by two spaces.
**Example**
```js
console.log("outter");
// outter
...
...
@@ -362,6 +375,7 @@ Prints data in a table.
| tableData | Object | No | Data to be printed in a table. If this parameter is left blank, no information is printed.|
Secure computing mode (Seccomp) is a security mechanism provided by the Linux kernel. In the Linux system, a large number of system calls can be opened to user-mode programs without any restrictions. However, not all of these system calls are necessarily needed for user-mode programs. In this case, abuse of system calls can lead to system threats. For example, if a process has a security vulnerability, an attacker can run a shellcode segment to trigger system calls that are not triggered during normal execution, resulting in privilege escalation or private information leakage. To prevent such security risks, Seccomp limits the scope of system calls that can be used by programs, so as to reduce system exposure and improve security.
### Operating Mechanism
1. Basic mechanism
Seccomp policies exist in the form of policy files. During compilation and building, a policy file is parsed to generate a source file that contains the BPF instruction policies, and then the source file is compiled into a dynamic policy library. During startup of a user-mode process, Seccomp system calls are invoked to load the BPF instruction policies into the kernel through the dynamic policy library.
...
...
@@ -15,6 +19,7 @@ Secure computing mode (Seccomp) is a security mechanism provided by the Linux ke
### Constraints
- System restrictions<br>The system used must be a standard system, and the options listed below must be enabled in the kernel. You can find the kernel option configuration file of the product in **//kernel/linux/config/{linux_version}/arch/{target_cpu}/configs/**.
```shell
CONFIG_HAVE_ARCH_SECCOMP=y
...
...
@@ -31,9 +36,13 @@ Secure computing mode (Seccomp) is a security mechanism provided by the Linux ke
- Personalized Seccomp policies can be enabled for the native service processes incubated by the init process.
## Enabling Seccomp
### When to Use
To meet product security requirements, you can enable Seccomp to limit the scope of system calls that can be invoked by processes. The development procedure below describes how to enable the basic functions and policies of Seccomp. Note that the basic functions must meet the feature restrictions described in [Constraints](#constraints). For details about the basic policy file, see [Policy File Overview](#policy-file-overview).
### How to Develop
1. Add the following field to **vendor/Product vendor/Product name/config.json**:
```c
"build_seccomp":true
...
...
@@ -68,6 +77,7 @@ To meet product security requirements, you can enable Seccomp to limit the scope
3. Burn the image into the device.
### Debugging and Verification
Check whether Seccomp is enabled for application processes and system service processes.
1. Run the shell command to obtain the process ID (that is, **target pid**) of the target process.
```
...
...
@@ -95,9 +105,13 @@ Check whether Seccomp is enabled for application processes and system service pr
| Seccomp_filters | Number of Seccomp policies set for a process. |
## Customizing Seccomp Policies for a Process
### When to Use
If the basic Seccomp policy has been enabled for a product, you can customize Seccomp policies for native service processes incubated by the init process to adapt to diversified security requirements. In this case, the Seccomp policies of other native service processes remain unchanged.
### How to Develop
1. Collect statistics on the system calls required by the 32-bit and 64-bit systems by using the static analysis and Strace statistics methods described in [System Call Statistic Methods](#system-call-statistic-methods). In this way, you will obtain the initial Seccomp policy.
2. Write a policy file. For details, see [How to Write a Common Policy File](#how-to-write-a-common-policy-file).
3. Write and build the **BUILD.gn** file.
...
...
@@ -166,12 +180,15 @@ If the basic Seccomp policy has been enabled for a product, you can customize Se
6. Use the [audit statistics](#audit-statistics) method to check and supplement the Seccomp policies. Repeat steps 4 to 6 until the process can run properly.
### Debugging and Verification
1. If Seccomp is not enabled for the target process, [check the Seccomp status](#debugging-and-verification) of the target process.
2. If the process is terminated and audit log information is present in the kernel logs, the Seccomp policy is enabled but the policy list is incomplete. You can find an example audit log in [Audit Statistics](#audit-statistics).
3. If the process is not terminated, comment out the system calls (for example, **setuid**) related to the specified uid in the Seccomp policy file. Rebuild the dynamic policy library, push the library to the image, and restart the process. Then, check whether the process is terminated by Seccomp. If the process is terminated, Seccomp has been enabled.
## FAQs
### How do I determine whether a process termination is caused by Seccomp?
**Symptom**
If a process is terminated under certain conditions, how do I determine whether the issue is caused by Seccomp?
...
...
@@ -207,6 +224,7 @@ Use either of the following methods:
| privileged_process.seccomp.policy | Privileged process policy file. If certain processes need to use the system calls on the baseline blocklist, you need to declare the corresponding process identifiers and baseline blocklists in this file.|
### How to Write a Common Policy File
- To declare a configuration item, write **@** followed by the configuration item, for example, **@returnValue**.
- Add the content of a configuration item from the next line of this configuration item to the beginning of the next configuration item.
- To comment out a line, add a pound sign (#) at the beginning of this line.
...
...
@@ -298,6 +318,7 @@ swapon;all
```
### How to Write a Privileged Process Policy File
- To declare a configuration item, write **@** followed by the configuration item, for example, **@allowBlockList**.
- Add the content of a configuration item from the next line of this configuration item to the beginning of the next configuration item.
- To comment out a line, add a pound sign (#) at the beginning of this line.
| Audit statistics | After the Seccomp policy is enabled for a process, Seccomp intercepts invalid system calls and records audit log information containing the system call numbers into kernel logs. Collect the logs after the trace is complete, and use a script to parse the logs and generate a Seccomp policy file.| This method can be used as a supplement to the preceding methods. | Logs may be lost.<br>System calls can be completely collected only when all code branches are traversed. |
#### Static Analysis
1. Prepare the environment.
1. Prepare a Linux environment.
2. Download the cross compilers arm-linux-musleabi and aarch64-linux-musl.
...
...
@@ -433,10 +456,13 @@ swapon;all
```
#### Strace Statistics
1. Use the cross compilers arm-linux-musleabi and aarch64-linux-musl to build the Strace tool for the 32-bit and 64-bit architectures, respectively.
2.[Trace the service process](#tracing-the-service-process) to obtain the Strace logs.
3.[Parse Strace logs](#parsing-strace-logs) by using scripts to obtain the Seccomp policy file.
##### Tracing the Service Process
1. Modify the embedded code in the init repository. Specifically, add the following content to **//base/startup/init/services/init/init_common_service.c** before executing the **SetSystemseccompPolicy** function to set the Seccomp policy. If the line starts with a plus sign (+), the line is added; if the line starts with a hyphen (-), the line is deleted. **xxxx** must be the same as the value of **Services name** in the [boot configuration file](subsys-boot-init-cfg.md) of the process.
```c
---a/services/init/init_common_service.c
...
...
@@ -485,6 +511,7 @@ swapon;all
```
##### Parsing Strace Logs
1. Copy the dependency files to the Strace log folder for later use. The dependency files are those generated in step 2 in [Static Analysis](#static-analysis).
1. Enable the initial Seccomp policy. For details, see [Customizing Seccomp Policies for a Process](#customizing-seccomp-policies-for-a-process).
2. Obtain logs.
1. Create a folder for storing logs.
...
...
@@ -586,6 +614,7 @@ swapon;all
```
### Combining Multiple Policy Files
During [colltatistics on system calls](#system-call-statistic-methods), multiple policy files may be generated. In these policy files, system calls may be repeated or disordered. To solve these problems, you can combine policy files to sort system calls by arm64/arm and by system call number in ascending order.
**Table 11** Parameters in the merge_policy.py script file
| -l, --list_categories | Lists the trace categories supported by the device. |
| --overwrite | Sets the action to take when the buffer is full. If this option is used, the latest trace data is discarded. If this option is not used, the earliest trace data is discarded (default). |
| -o *filename*, --output *filename*| Outputs trace data to the specified file. |
