diff options
| author | Eugeniy Meshcheryakov <eugen@debian.org> | 2009-02-24 15:48:31 +0100 |
|---|---|---|
| committer | Eugeniy Meshcheryakov <eugen@debian.org> | 2009-02-24 15:48:31 +0100 |
| commit | ab421f562d14d1322b9197d9e23fcfbaf809fba3 (patch) | |
| tree | a75fe2b3174ea14dd2538c075de13db898eb3fdf | |
| parent | 4176d5b1f4bf25adb8e44eaae9e6ab1de5a2c806 (diff) | |
| parent | cfba34fccd99924a47622c5082706867f0a34b12 (diff) | |
| download | systemtap-steved-ab421f562d14d1322b9197d9e23fcfbaf809fba3.tar.gz systemtap-steved-ab421f562d14d1322b9197d9e23fcfbaf809fba3.tar.xz systemtap-steved-ab421f562d14d1322b9197d9e23fcfbaf809fba3.zip | |
Merge branch 'master' of git+ssh://sources.redhat.com/git/systemtap
| -rw-r--r-- | doc/SystemTap_Beginners_Guide/en-US/Book_Info.xml | 4 | ||||
| -rw-r--r-- | doc/SystemTap_Beginners_Guide/en-US/Introduction.xml | 2 | ||||
| -rw-r--r-- | runtime/time.c | 8 | ||||
| -rw-r--r-- | runtime/transport/transport.c | 6 | ||||
| -rw-r--r-- | tapset/syscalls.stp | 858 | ||||
| -rw-r--r-- | tapset/syscalls2.stp | 801 | ||||
| -rw-r--r-- | tapset/timestamp.stp | 43 | ||||
| -rw-r--r-- | tapset/timestamp_gtod.stp | 68 | ||||
| -rw-r--r-- | tapsets.cxx | 34 | ||||
| -rw-r--r-- | testsuite/systemtap.base/gtod_init.exp | 29 | ||||
| -rw-r--r-- | testsuite/systemtap.base/static_uprobes.exp | 6 | ||||
| -rw-r--r-- | translate.cxx | 8 |
12 files changed, 1231 insertions, 636 deletions
diff --git a/doc/SystemTap_Beginners_Guide/en-US/Book_Info.xml b/doc/SystemTap_Beginners_Guide/en-US/Book_Info.xml index 07c3f74d..8128fb07 100644 --- a/doc/SystemTap_Beginners_Guide/en-US/Book_Info.xml +++ b/doc/SystemTap_Beginners_Guide/en-US/Book_Info.xml @@ -5,7 +5,7 @@ <bookinfo id="SystemTap_Beginners_Guide"> <title>SystemTap Beginners Guide</title> <subtitle condition="RedHat">Introduction to SystemTap (for Red Hat Enterprise Linux 5.3)</subtitle> - <subtitle condition="fedora">Introduction to SystemTap (for Fedora Core 10)</subtitle> + <subtitle condition="fedora">Introduction to SystemTap (for Fedora 10)</subtitle> <edition>2.0</edition> <productname>Red Hat Enterprise Linux</productname> @@ -14,7 +14,7 @@ <pubsnumber>2</pubsnumber> <abstract condition="RedHat"><para>This guide provides basic instructions on how to use SystemTap to monitor different subsystems of &PRODUCT; in finer detail. The <citetitle>SystemTap Beginners Guide</citetitle> is recommended for users who have taken <ulink url="https://www.redhat.com/courses/rh133_red_hat_linux_system_administration_and_rhct_exam/">RHCT</ulink> or have a similar level of expertise in &PRODUCT;.</para></abstract> - <abstract condition="fedora"><para>This guide provides basic instructions on how to use SystemTap to monitor different subsystems of Fedora Core 10 in finer detail. The <citetitle>SystemTap Beginners Guide</citetitle> is recommended for users who have taken <ulink url="https://www.redhat.com/courses/rh133_red_hat_linux_system_administration_and_rhct_exam/">RHCT</ulink> or have a similar level of expertise in Fedora Core 10.</para></abstract> + <abstract condition="fedora"><para>This guide provides basic instructions on how to use SystemTap to monitor different subsystems of Fedora 10 in finer detail. The <citetitle>SystemTap Beginners Guide</citetitle> is recommended for users who have taken <ulink url="https://www.redhat.com/courses/rh133_red_hat_linux_system_administration_and_rhct_exam/">RHCT</ulink> or have a similar level of expertise in Fedora 10.</para></abstract> <corpauthor> <inlinemediaobject> <imageobject> diff --git a/doc/SystemTap_Beginners_Guide/en-US/Introduction.xml b/doc/SystemTap_Beginners_Guide/en-US/Introduction.xml index afb9e738..0b52cc7b 100644 --- a/doc/SystemTap_Beginners_Guide/en-US/Introduction.xml +++ b/doc/SystemTap_Beginners_Guide/en-US/Introduction.xml @@ -103,7 +103,7 @@ </indexterm> <para condition="RedHat">SystemTap was originally developed to provide functionality for &PROD; similar to previous Linux probing tools such as <application>dprobes</application> and the Linux Trace Toolkit. SystemTap aims to supplement the existing suite of Linux monitoring tools by providing users with the infrastructure to track kernel activity. In addition, SystemTap combines this capability with two things:</para> -<para condition="fedora">SystemTap was originally developed to provide functionality for Fedora Core 10 similar to previous Linux probing tools such as <application>dprobes</application> and the Linux Trace Toolkit. SystemTap aims to supplement the existing suite of Linux monitoring tools by providing users with the infrastructure to track kernel activity. In addition, SystemTap combines this capability with two things:</para> +<para condition="fedora">SystemTap was originally developed to provide functionality for Fedora 10 similar to previous Linux probing tools such as <application>dprobes</application> and the Linux Trace Toolkit. SystemTap aims to supplement the existing suite of Linux monitoring tools by providing users with the infrastructure to track kernel activity. In addition, SystemTap combines this capability with two things:</para> <!-- <para>SystemTap was originally developed as a working &PROD; version of old Linux probing tools such as <application>dprobes</application> and the Linux Trace Toolkit. Further, SystemTap can also be considered the Linux answer to <firstterm>Dtrace</firstterm>. Dtrace is a Sun Microsystems "dynamic tracing" framework that assists administrators in monitoring and troubleshooting kernel and user-space applications in real time.</para> diff --git a/runtime/time.c b/runtime/time.c index ad7cef9d..58c23e57 100644 --- a/runtime/time.c +++ b/runtime/time.c @@ -223,6 +223,7 @@ _stp_kill_time(void) #endif _stp_free_percpu(stp_time); + stp_time = NULL; } } @@ -232,6 +233,8 @@ _stp_init_time(void) { int ret = 0; + _stp_kill_time(); + stp_time = _stp_alloc_percpu(sizeof(stp_time_t)); if (unlikely(stp_time == 0)) return -1; @@ -263,7 +266,7 @@ _stp_init_time(void) } } #endif - if (ret) + if (ret) _stp_kill_time(); return ret; } @@ -278,6 +281,9 @@ _stp_gettimeofday_ns(void) stp_time_t *time; int i = 0; + if (!stp_time) + return -1; + preempt_disable(); time = per_cpu_ptr(stp_time, smp_processor_id()); diff --git a/runtime/transport/transport.c b/runtime/transport/transport.c index 0755781e..7fcebd42 100644 --- a/runtime/transport/transport.c +++ b/runtime/transport/transport.c @@ -188,7 +188,6 @@ static void _stp_transport_close() _stp_unregister_ctl_channel(); if (_stp_utt) utt_trace_remove(_stp_utt); - _stp_kill_time(); /* Go to a beach. Drink a beer. */ _stp_print_cleanup(); /* free print buffers */ _stp_mem_debug_done(); dbug_trans(1, "---- CLOSED ----\n"); @@ -244,10 +243,6 @@ static int _stp_transport_init(void) dbug_trans(1, "Using %d subbufs of size %d\n", _stp_nsubbufs, _stp_subbuf_size); } - /* initialize timer code */ - if (_stp_init_time()) - return -1; - #if !defined (STP_OLD_TRANSPORT) || defined (STP_BULKMODE) /* open utt (relayfs) channel to send data to userspace */ _stp_utt = _stp_utt_open(); @@ -286,7 +281,6 @@ err1: if (_stp_utt) utt_trace_remove(_stp_utt); err0: - _stp_kill_time(); return -1; } diff --git a/tapset/syscalls.stp b/tapset/syscalls.stp index 4744412a..256174d3 100644 --- a/tapset/syscalls.stp +++ b/tapset/syscalls.stp @@ -28,28 +28,32 @@ # accept _____________________________________________________ # long sys_accept(int fd, struct sockaddr __user *upeer_sockaddr, # int __user *upeer_addrlen) -probe syscall.accept = kernel.function("sys_accept") ? { +probe syscall.accept = kernel.function("SyS_accept") !, + kernel.function("sys_accept") ? { name = "accept" sockfd = $fd addr_uaddr = $upeer_sockaddr addrlen_uaddr = $upeer_addrlen argstr = sprintf("%d, %p, %p", $fd, $upeer_sockaddr, $upeer_addrlen) } -probe syscall.accept.return = kernel.function("sys_accept").return ? { +probe syscall.accept.return = kernel.function("SyS_accept").return !, + kernel.function("sys_accept").return ? { name = "accept" retstr = returnstr(1) } # access _____________________________________________________ # long sys_access(const char __user * filename, int mode) -probe syscall.access = kernel.function("sys_access") { +probe syscall.access = kernel.function("SyS_access") !, + kernel.function("sys_access") { name = "access" pathname = user_string($filename) mode = $mode mode_str = _access_mode_str($mode) argstr = sprintf("%s, %s", user_string_quoted($filename), mode_str) } -probe syscall.access.return = kernel.function("sys_access").return { +probe syscall.access.return = kernel.function("SyS_access").return !, + kernel.function("sys_access").return { name = "access" retstr = returnstr(1) } @@ -73,7 +77,8 @@ probe syscall.acct.return = kernel.function("sys_acct").return ? { # size_t plen, # key_serial_t ringid) # -probe syscall.add_key = kernel.function("sys_add_key") ? { +probe syscall.add_key = kernel.function("SyS_add_key") !, + kernel.function("sys_add_key") ? { name = "add_key" type_uaddr = $_type description_auddr = $_description @@ -86,14 +91,16 @@ probe syscall.add_key = kernel.function("sys_add_key") ? { text_strn(user_string($_payload),syscall_string_trunc,1), $plen, $ringid) } -probe syscall.add_key.return = kernel.function("sys_add_key").return ? { +probe syscall.add_key.return = kernel.function("SyS_add_key").return !, + kernel.function("sys_add_key").return ? { name = "add_key" retstr = returnstr(1) } # adjtimex ___________________________________________________ # long sys_adjtimex(struct timex __user *txc_p) -probe syscall.adjtimex = kernel.function("sys_adjtimex") { +probe syscall.adjtimex = kernel.function("SyS_adjtimex") !, + kernel.function("sys_adjtimex") { name = "adjtimex" /* @@ -111,7 +118,8 @@ probe syscall.adjtimex = kernel.function("sys_adjtimex") { */ argstr = sprintf("%p", $txc_p) } -probe syscall.adjtimex.return = kernel.function("sys_adjtimex").return { +probe syscall.adjtimex.return = kernel.function("SyS_adjtimex").return !, + kernel.function("sys_adjtimex").return { name = "adjtimex" retstr = _adjtimex_return_str($return) } @@ -130,16 +138,18 @@ probe syscall.compat_adjtimex.return = kernel.function("compat_sys_adjtimex").re # long sys32_alarm(unsigned int seconds) # probe syscall.alarm = - kernel.function("sys_alarm") ?, - kernel.function("sys32_alarm") ? + kernel.function("sys32_alarm") ?, + kernel.function("SyS_alarm") !, + kernel.function("sys_alarm") ? { name = "alarm" seconds = $seconds argstr = sprint($seconds) } probe syscall.alarm.return = - kernel.function("sys_alarm").return ?, - kernel.function("sys32_alarm").return ? + kernel.function("sys32_alarm").return ?, + kernel.function("SyS_alarm").return !, + kernel.function("sys_alarm").return ? { name = "alarm" retstr = returnstr(1) @@ -147,7 +157,8 @@ probe syscall.alarm.return = # bdflush ____________________________________________________ # long sys_bdflush(int func,long data) -probe syscall.bdflush = kernel.function("sys_bdflush") ? { +probe syscall.bdflush = kernel.function("SyS_bdflush") !, + kernel.function("sys_bdflush") ? { name = "bdflush" func = $func data = $data @@ -157,21 +168,24 @@ probe syscall.bdflush = kernel.function("sys_bdflush") ? { data_str = sprintf("%d", $data) argstr = sprintf("%d, %s",func, data_str) } -probe syscall.bdflush.return = kernel.function("sys_bdflush").return ? { +probe syscall.bdflush.return = kernel.function("SyS_bdflush").return !, + kernel.function("sys_bdflush").return ? { name = "bdflush" retstr = returnstr(1) } # bind _______________________________________________________ # long sys_bind(int fd, struct sockaddr __user *umyaddr, int addrlen) -probe syscall.bind = kernel.function("sys_bind") ? { +probe syscall.bind = kernel.function("SyS_bind") !, + kernel.function("sys_bind") ? { name = "bind" sockfd = $fd my_addr_uaddr = $umyaddr addrlen = $addrlen argstr = sprintf("%d, %s, %d", $fd, _struct_sockaddr_u($umyaddr,$addrlen),$addrlen) } -probe syscall.bind.return = kernel.function("sys_bind").return ? { +probe syscall.bind.return = kernel.function("SyS_bind").return !, + kernel.function("sys_bind").return ? { name = "bind" retstr = returnstr(1) } @@ -179,16 +193,18 @@ probe syscall.bind.return = kernel.function("sys_bind").return ? { # brk ________________________________________________________ # unsigned long sys_brk(unsigned long brk) probe syscall.brk = - kernel.function("sys_brk"), - kernel.function("ia64_brk") ? + kernel.function("ia64_brk") ?, + kernel.function("SyS_brk") !, + kernel.function("sys_brk") { name = "brk" brk = $brk argstr = sprintf("%p", brk) } probe syscall.brk.return = - kernel.function("sys_brk").return, - kernel.function("ia64_brk").return ? + kernel.function("ia64_brk").return ?, + kernel.function("SyS_brk").return !, + kernel.function("sys_brk").return { name = "brk" retstr = returnstr(1) @@ -207,13 +223,15 @@ probe syscall.brk.return = * functions to export. */ # long sys_capget(cap_user_header_t header, cap_user_data_t dataptr) -probe syscall.capget = kernel.function("sys_capget") { +probe syscall.capget = kernel.function("SyS_capget") !, + kernel.function("sys_capget") { name = "capget" header_uaddr = $header data_uaddr = $dataptr argstr = sprintf("%p, %p", $header, $dataptr) } -probe syscall.capget.return = kernel.function("sys_capget").return { +probe syscall.capget.return = kernel.function("SyS_capget").return !, + kernel.function("sys_capget").return { name = "capget" retstr = returnstr(1) } @@ -230,52 +248,60 @@ probe syscall.capget.return = kernel.function("sys_capget").return { * functions to export. */ # long sys_capset(cap_user_header_t header, const cap_user_data_t data) -probe syscall.capset = kernel.function("sys_capset") { +probe syscall.capset = kernel.function("SyS_capset") !, + kernel.function("sys_capset") { name = "capset" header_uaddr = $header data_uaddr = $data argstr = sprintf("%p, %p", $header, $data) } -probe syscall.capset.return = kernel.function("sys_capset").return { +probe syscall.capset.return = kernel.function("SyS_capset").return !, + kernel.function("sys_capset").return { name = "capset" retstr = returnstr(1) } # chdir ______________________________________________________ # long sys_chdir(const char __user * filename) -probe syscall.chdir = kernel.function("sys_chdir") { +probe syscall.chdir = kernel.function("SyS_chdir") !, + kernel.function("sys_chdir") { name = "chdir" path = user_string($filename) argstr = user_string_quoted($filename) } -probe syscall.chdir.return = kernel.function("sys_chdir").return { +probe syscall.chdir.return = kernel.function("SyS_chdir").return !, + kernel.function("sys_chdir").return { name = "chdir" retstr = returnstr(1) } # chmod ______________________________________________________ # long sys_chmod(const char __user * filename, mode_t mode) -probe syscall.chmod = kernel.function("sys_chmod") { +probe syscall.chmod = kernel.function("SyS_chmod") !, + kernel.function("sys_chmod") { name = "chmod" path = user_string($filename) mode = $mode argstr = sprintf("%s, %#o", user_string_quoted($filename), mode) } -probe syscall.chmod.return = kernel.function("sys_chmod").return { +probe syscall.chmod.return = kernel.function("SyS_chmod").return !, + kernel.function("sys_chmod").return { name = "chmod" retstr = returnstr(1) } # chown ______________________________________________________ # long sys_chown(const char __user * filename, uid_t user, gid_t group) -probe syscall.chown = kernel.function("sys_chown") { +probe syscall.chown = kernel.function("SyS_chown") !, + kernel.function("sys_chown") { name = "chown" path = user_string($filename) owner = __int32($user) group = __int32($group) argstr = sprintf("%s, %d, %d",user_string_quoted($filename), owner, group) } -probe syscall.chown.return = kernel.function("sys_chown").return { +probe syscall.chown.return = kernel.function("SyS_chown").return !, + kernel.function("sys_chown").return { name = "chown" retstr = returnstr(1) } @@ -297,12 +323,14 @@ probe syscall.chown16.return = kernel.function("sys_chown16").return ? { # chroot _____________________________________________________ # long sys_chroot(const char __user * filename) -probe syscall.chroot = kernel.function("sys_chroot") { +probe syscall.chroot = kernel.function("SyS_chroot") !, + kernel.function("sys_chroot") { name = "chroot" path = user_string($filename) argstr = user_string_quoted($filename) } -probe syscall.chroot.return = kernel.function("sys_chroot").return { +probe syscall.chroot.return = kernel.function("SyS_chroot").return !, + kernel.function("sys_chroot").return { name = "chroot" retstr = returnstr(1) } @@ -312,8 +340,9 @@ probe syscall.chroot.return = kernel.function("sys_chroot").return { # long compat_clock_getres(clockid_t which_clock, struct compat_timespec __user *tp) # probe syscall.clock_getres = - kernel.function("sys_clock_getres"), - kernel.function("compat_clock_getres") ? + kernel.function("compat_clock_getres") ?, + kernel.function("SyS_clock_getres") !, + kernel.function("sys_clock_getres") { name = "clock_getres" clk_id = $which_clock @@ -322,8 +351,9 @@ probe syscall.clock_getres = argstr = sprintf("%s, %p", _get_wc_str($which_clock), $tp) } probe syscall.clock_getres.return = - kernel.function("sys_clock_getres").return, - kernel.function("compat_clock_getres").return ? + kernel.function("compat_clock_getres").return ?, + kernel.function("SyS_clock_getres").return !, + kernel.function("sys_clock_getres").return { name = "clock_getres" retstr = returnstr(1) @@ -333,6 +363,7 @@ probe syscall.clock_getres.return = # long sys_clock_gettime(clockid_t which_clock, struct timespec __user *tp) # probe syscall.clock_gettime = + kernel.function("SyS_clock_gettime") !, kernel.function("sys_clock_gettime") { name = "clock_gettime" @@ -340,7 +371,9 @@ probe syscall.clock_gettime = clk_id_str = _get_wc_str($which_clock) argstr = sprintf("%s, %p", _get_wc_str($which_clock), $tp) } -probe syscall.clock_gettime.return = kernel.function("sys_clock_gettime").return +probe syscall.clock_gettime.return = + kernel.function("SyS_clock_gettime").return !, + kernel.function("sys_clock_gettime").return { name = "clock_gettime" retstr = returnstr(1) @@ -352,7 +385,8 @@ probe syscall.clock_gettime.return = kernel.function("sys_clock_gettime").return # const struct timespec __user *rqtp, # struct timespec __user *rmtp) # -probe syscall.clock_nanosleep = kernel.function("sys_clock_nanosleep") { +probe syscall.clock_nanosleep = kernel.function("SyS_clock_nanosleep") !, + kernel.function("sys_clock_nanosleep") { name = "clock_nanosleep" if ($flags == 1) flag_str = "TIMER_ABSTIME" @@ -361,7 +395,9 @@ probe syscall.clock_nanosleep = kernel.function("sys_clock_nanosleep") { argstr = sprintf("%s, %s, %s, %p", _get_wc_str($which_clock), flag_str, _struct_timespec_u($rqtp,1), $rmtp) } -probe syscall.clock_nanosleep.return = kernel.function("sys_clock_nanosleep").return { +probe syscall.clock_nanosleep.return = + kernel.function("SyS_clock_nanosleep").return !, + kernel.function("sys_clock_nanosleep").return { name = "clock_nanosleep" retstr = returnstr(1) } @@ -395,53 +431,61 @@ probe syscall.compat_clock_nanosleep.return = # long sys_clock_settime(clockid_t which_clock, # const struct timespec __user *tp) # -probe syscall.clock_settime = kernel.function("sys_clock_settime") { +probe syscall.clock_settime = kernel.function("SyS_clock_settime") !, + kernel.function("sys_clock_settime") { name = "clock_settime" clk_id = $which_clock clk_id_str = _get_wc_str($which_clock) tp_uaddr = $tp argstr = sprintf("%s, %s", clk_id_str, _struct_timespec_u($tp,1)) } -probe syscall.clock_settime.return = kernel.function("sys_clock_settime").return { +probe syscall.clock_settime.return = kernel.function("SyS_clock_settime").return !, + kernel.function("sys_clock_settime").return { name = "clock_settime" retstr = returnstr(1) } # close ______________________________________________________ # long sys_close(unsigned int fd) -probe syscall.close = kernel.function("sys_close") { +probe syscall.close = kernel.function("SyS_close") !, + kernel.function("sys_close") { name = "close" fd = $fd argstr = sprint(fd) } -probe syscall.close.return = kernel.function("sys_close").return { +probe syscall.close.return = kernel.function("SyS_close").return !, + kernel.function("sys_close").return { name = "close" retstr = returnstr(1) } # connect ____________________________________________________ # long sys_connect(int fd, struct sockaddr __user *uservaddr, int addrlen) -probe syscall.connect = kernel.function("sys_connect") ? { +probe syscall.connect = kernel.function("SyS_connect") !, + kernel.function("sys_connect") ? { name = "connect" sockfd = $fd serv_addr_uaddr = $uservaddr addrlen = $addrlen argstr = sprintf("%d, %s, %d", $fd, _struct_sockaddr_u($uservaddr,$addrlen),$addrlen) } -probe syscall.connect.return = kernel.function("sys_connect").return ? { +probe syscall.connect.return = kernel.function("SyS_connect").return !, + kernel.function("sys_connect").return ? { name = "connect" retstr = returnstr(1) } # creat # long sys_creat(const char __user * pathname, int mode) -probe syscall.creat = kernel.function("sys_creat") ? +probe syscall.creat = kernel.function("SyS_creat") !, + kernel.function("sys_creat") ? { name = "creat" mode = $mode pathname = user_string($pathname) argstr = sprintf("%s, %#o", user_string_quoted($pathname), $mode) } -probe syscall.creat.return = kernel.function("sys_creat").return ? +probe syscall.creat.return = kernel.function("SyS_creat").return !, + kernel.function("sys_creat").return ? { name = "creat" retstr = returnstr(1) @@ -449,50 +493,59 @@ probe syscall.creat.return = kernel.function("sys_creat").return ? # delete_module ______________________________________________ # long sys_delete_module(const char __user *name_user, unsigned int flags) -probe syscall.delete_module = kernel.function("sys_delete_module") ? { +probe syscall.delete_module = kernel.function("SyS_delete_module") !, + kernel.function("sys_delete_module") ? { name = "delete_module" name_user = user_string($name_user) flags = $flags argstr = sprintf("%s, %s", user_string_quoted($name_user), _module_flags_str($flags)) } -probe syscall.delete_module.return = kernel.function("sys_delete_module").return ? { +probe syscall.delete_module.return = kernel.function("SyS_delete_module").return !, + kernel.function("sys_delete_module").return ? { name = "delete_module" retstr = returnstr(1) } # dup ________________________________________________________ # long sys_dup(unsigned int fildes) -probe syscall.dup = kernel.function("sys_dup") { +probe syscall.dup = kernel.function("SyS_dup") !, + kernel.function("sys_dup") { name = "dup" oldfd = $fildes argstr = sprint($fildes) } -probe syscall.dup.return = kernel.function("sys_dup").return { +probe syscall.dup.return = kernel.function("SyS_dup").return !, + kernel.function("sys_dup").return { name = "dup" retstr = returnstr(1) } # dup2 _______________________________________________________ # long sys_dup2(unsigned int oldfd, unsigned int newfd) -probe syscall.dup2 = kernel.function("sys_dup2") { +probe syscall.dup2 = kernel.function("SyS_dup2") !, + kernel.function("sys_dup2") { name = "dup2" oldfd = $oldfd newfd = $newfd argstr = sprintf("%d, %d", $oldfd, $newfd) } -probe syscall.dup2.return = kernel.function("sys_dup2").return { +probe syscall.dup2.return = kernel.function("SyS_dup2").return !, + kernel.function("sys_dup2").return { name = "dup2" retstr = returnstr(1) } # epoll_create _______________________________________________ # long sys_epoll_create(int size) -probe syscall.epoll_create = kernel.function("sys_epoll_create") ? { +probe syscall.epoll_create = kernel.function("SyS_epoll_create") !, + kernel.function("sys_epoll_create") ? { name = "epoll_create" size = $size argstr = sprint($size) } -probe syscall.epoll_create.return = kernel.function("sys_epoll_create").return ? { +probe syscall.epoll_create.return = + kernel.function("SyS_epoll_create").return !, + kernel.function("sys_epoll_create").return ? { name = "epoll_create" retstr = returnstr(1) } @@ -504,8 +557,9 @@ probe syscall.epoll_create.return = kernel.function("sys_epoll_create").return ? # struct compat_epoll_event __user *event) # probe syscall.epoll_ctl = - kernel.function("sys_epoll_ctl") ?, - kernel.function("compat_sys_epoll_ctl") ? + kernel.function("compat_sys_epoll_ctl") ?, + kernel.function("SyS_epoll_ctl") !, + kernel.function("sys_epoll_ctl") ? { name = "epoll_ctl" epfd = $epfd @@ -516,8 +570,9 @@ probe syscall.epoll_ctl = argstr = sprintf("%d, %s, %d, %p", $epfd, _opoll_op_str($op), $fd, $event) } probe syscall.epoll_ctl.return = - kernel.function("sys_epoll_ctl").return ?, - kernel.function("compat_sys_epoll_ctl").return ? + kernel.function("compat_sys_epoll_ctl").return ?, + kernel.function("SyS_epoll_ctl").return !, + kernel.function("sys_epoll_ctl").return ? { name = "epoll_ctl" retstr = returnstr(1) @@ -535,16 +590,18 @@ probe syscall.epoll_ctl.return = # compat_size_t sigsetsize) # probe syscall.epoll_pwait = - kernel.function("sys_epoll_pwait") ?, - kernel.function("compat_sys_epoll_pwait") ? + kernel.function("compat_sys_epoll_pwait") ?, + kernel.function("SyS_epoll_pwait") !, + kernel.function("sys_epoll_pwait") ? { name = "epoll_pwait" argstr = sprintf("%d, %p, %d, %d, %p, %d", $epfd, $events, $maxevents, $timeout, $sigmask, $sigsetsize) } probe syscall.epoll_pwait.return = - kernel.function("sys_epoll_pwait").return ?, - kernel.function("compat_sys_epoll_pwait").return ? + kernel.function("compat_sys_epoll_pwait").return ?, + kernel.function("SyS_epoll_pwait").return !, + kernel.function("sys_epoll_pwait").return ? { name = "epoll_pwait" retstr = returnstr(1) @@ -559,8 +616,9 @@ probe syscall.epoll_pwait.return = # int maxevents, int timeout) # probe syscall.epoll_wait = - kernel.function("sys_epoll_wait") ?, - kernel.function("compat_sys_epoll_wait") ? + kernel.function("compat_sys_epoll_wait") ?, + kernel.function("SyS_epoll_wait") !, + kernel.function("sys_epoll_wait") ? { name = "epoll_wait" epfd = $epfd @@ -570,8 +628,9 @@ probe syscall.epoll_wait = argstr = sprintf("%d, %p, %d, %d", $epfd, $events, $maxevents, $timeout) } probe syscall.epoll_wait.return = - kernel.function("sys_epoll_wait").return ?, - kernel.function("compat_sys_epoll_wait").return ? + kernel.function("compat_sys_epoll_wait").return ?, + kernel.function("SyS_epoll_wait").return !, + kernel.function("sys_epoll_wait").return ? { name = "epoll_wait" retstr = returnstr(1) @@ -580,11 +639,13 @@ probe syscall.epoll_wait.return = # eventfd _____________________________________________________ # long sys_eventfd(unsigned int count) # -probe syscall.eventfd = kernel.function("sys_eventfd") ? { +probe syscall.eventfd = kernel.function("SyS_eventfd") !, + kernel.function("sys_eventfd") ? { name = "eventfd" argstr = sprint($count) } -probe syscall.eventfd.return = kernel.function("sys_eventfd").return ? { +probe syscall.eventfd.return = kernel.function("SyS_eventfd").return !, + kernel.function("sys_eventfd").return ? { name = "eventfd" retstr = returnstr(1) } @@ -636,7 +697,8 @@ probe syscall.exit = kernel.function("do_exit") { # exit_group _________________________________________________ # void sys_exit_group(int error_code) # -probe syscall.exit_group = kernel.function("sys_exit_group") { +probe syscall.exit_group = kernel.function("SyS_exit_group") !, + kernel.function("sys_exit_group") { name = "exit_group" status = $error_code argstr = sprint($error_code) @@ -647,7 +709,8 @@ probe syscall.exit_group = kernel.function("sys_exit_group") { # faccessat __________________________________________________ # new function with 2.6.16 # long sys_faccessat(int dfd, const char __user *filename, int mode) -probe syscall.faccessat = kernel.function("sys_faccessat") ? { +probe syscall.faccessat = kernel.function("SyS_faccessat") !, + kernel.function("sys_faccessat") ? { name = "faccessat" dfd = $dfd dfd_str = _dfd_str($dfd) @@ -657,7 +720,8 @@ probe syscall.faccessat = kernel.function("sys_faccessat") ? { mode_str = _access_mode_str($mode) argstr = sprintf("%s, %s, %s", dfd_str, user_string_quoted($filename), mode_str) } -probe syscall.faccessat.return = kernel.function("sys_faccessat").return ? { +probe syscall.faccessat.return = kernel.function("SyS_faccessat").return !, + kernel.function("sys_faccessat").return ? { name = "faccessat" retstr = returnstr(1) } @@ -666,7 +730,8 @@ probe syscall.faccessat.return = kernel.function("sys_faccessat").return ? { # fadvise64 __________________________________________________ # long sys_fadvise64(int fd, loff_t offset, size_t len, int advice) # -probe syscall.fadvise64 = kernel.function("sys_fadvise64") ? { +probe syscall.fadvise64 = kernel.function("SyS_fadvise64") !, + kernel.function("sys_fadvise64") ? { name = "fadvise64" fs = $fd offset = $offset @@ -674,7 +739,8 @@ probe syscall.fadvise64 = kernel.function("sys_fadvise64") ? { advice = $advice argstr = sprintf("%d, %d, %d, %s", $fd, $offset, $len, _fadvice_advice_str($advice)) } -probe syscall.fadvise64.return = kernel.function("sys_fadvise64").return ? { +probe syscall.fadvise64.return = kernel.function("SyS_fadvise64").return !, + kernel.function("sys_fadvise64").return ? { name = "fadvise64" retstr = returnstr(1) } @@ -682,7 +748,8 @@ probe syscall.fadvise64.return = kernel.function("sys_fadvise64").return ? { # fadvise64_64 _______________________________________________ # long sys_fadvise64_64(int fd, loff_t offset, loff_t len, int advice) # -probe syscall.fadvise64_64 = kernel.function("sys_fadvise64_64") { +probe syscall.fadvise64_64 = kernel.function("SyS_fadvise64_64") !, + kernel.function("sys_fadvise64_64") ? { name = "fadvise64_64" fs = $fd offset = $offset @@ -690,7 +757,8 @@ probe syscall.fadvise64_64 = kernel.function("sys_fadvise64_64") { advice = $advice argstr = sprintf("%d, %d, %d, %s", $fd, $offset, $len, _fadvice_advice_str($advice)) } -probe syscall.fadvise64_64.return = kernel.function("sys_fadvise64_64").return { +probe syscall.fadvise64_64.return = kernel.function("SyS_fadvise64_64").return !, + kernel.function("sys_fadvise64_64").return ? { name = "fadvise64_64" retstr = returnstr(1) } @@ -700,7 +768,8 @@ probe syscall.fadvise64_64.return = kernel.function("sys_fadvise64_64").return # fadvise64 __________________________________________________ # long sys_fadvise64(int fd, loff_t offset, size_t len, int advice) # -probe syscall.fadvise64 = kernel.function("sys_fadvise64") { +probe syscall.fadvise64 = kernel.function("SyS_fadvise64") !, + kernel.function("sys_fadvise64") { name = "fadvise64" fs = 0 offset = 0 @@ -708,7 +777,8 @@ probe syscall.fadvise64 = kernel.function("sys_fadvise64") { advice = 0 argstr = "" } -probe syscall.fadvise64.return = kernel.function("sys_fadvise64").return { +probe syscall.fadvise64.return = kernel.function("SyS_fadvise64").return !, + kernel.function("sys_fadvise64").return { name = "fadvise64" retstr = returnstr(1) } @@ -716,7 +786,8 @@ probe syscall.fadvise64.return = kernel.function("sys_fadvise64").return { # fadvise64_64 _______________________________________________ # long sys_fadvise64_64(int fd, loff_t offset, loff_t len, int advice) # -probe syscall.fadvise64_64 = kernel.function("sys_fadvise64_64") { +probe syscall.fadvise64_64 = kernel.function("SyS_fadvise64_64") !, + kernel.function("sys_fadvise64_64") { name = "fadvise64_64" fs = 0 offset = 0 @@ -724,7 +795,8 @@ probe syscall.fadvise64_64 = kernel.function("sys_fadvise64_64") { advice = 0 argstr = "" } -probe syscall.fadvise64_64.return = kernel.function("sys_fadvise64_64").return { +probe syscall.fadvise64_64.return = kernel.function("SyS_fadvise64_64").return !, + kernel.function("sys_fadvise64_64").return { name = "fadvise64_64" retstr = returnstr(1) } @@ -732,25 +804,29 @@ probe syscall.fadvise64_64.return = kernel.function("sys_fadvise64_64").return # fchdir _____________________________________________________ # long sys_fchdir(unsigned int fd) -probe syscall.fchdir = kernel.function("sys_fchdir") { +probe syscall.fchdir = kernel.function("SyS_fchdir") !, + kernel.function("sys_fchdir") { name = "fchdir" fd = $fd argstr = sprint($fd) } -probe syscall.fchdir.return = kernel.function("sys_fchdir").return { +probe syscall.fchdir.return = kernel.function("SyS_fchdir").return !, + kernel.function("sys_fchdir").return { name = "fchdir" retstr = returnstr(1) } # fchmod _____________________________________________________ # long sys_fchmod(unsigned int fd, mode_t mode) -probe syscall.fchmod = kernel.function("sys_fchmod") { +probe syscall.fchmod = kernel.function("SyS_fchmod") !, + kernel.function("sys_fchmod") { name = "fchmod" fildes = $fd mode = $mode argstr = sprintf("%d, %#o", $fd, $mode) } -probe syscall.fchmod.return = kernel.function("sys_fchmod").return { +probe syscall.fchmod.return = kernel.function("SyS_fchmod").return !, + kernel.function("sys_fchmod").return { name = "fchmod" retstr = returnstr(1) } @@ -759,7 +835,8 @@ probe syscall.fchmod.return = kernel.function("sys_fchmod").return { # new function with 2.6.16 # long sys_fchmodat(int dfd, const char __user *filename, # mode_t mode) -probe syscall.fchmodat = kernel.function("sys_fchmodat") ? { +probe syscall.fchmodat = kernel.function("SyS_fchmodat") !, + kernel.function("sys_fchmodat") ? { name = "fchmodat" dfd = $dfd dfd_str = _dfd_str($dfd) @@ -768,21 +845,24 @@ probe syscall.fchmodat = kernel.function("sys_fchmodat") ? { mode = $mode argstr = sprintf("%s, %s, %#o", dfd_str, user_string_quoted($filename), $mode) } -probe syscall.fchmodat.return = kernel.function("sys_fchmodat").return ? { +probe syscall.fchmodat.return = kernel.function("SyS_fchmodat").return !, + kernel.function("sys_fchmodat").return ? { name = "fchmodat" retstr = returnstr(1) } # fchown _____________________________________________________ # long sys_fchown(unsigned int fd, uid_t user, gid_t group) -probe syscall.fchown = kernel.function("sys_fchown") { +probe syscall.fchown = kernel.function("SyS_fchown") !, + kernel.function("sys_fchown") { name = "fchown" fd = $fd owner = __int32($user) group = __int32($group) argstr = sprintf("%d, %d, %d", $fd, owner, group) } -probe syscall.fchown.return = kernel.function("sys_fchown").return { +probe syscall.fchown.return = kernel.function("SyS_fchown").return !, + kernel.function("sys_fchown").return { name = "fchown" retstr = returnstr(1) } @@ -805,7 +885,8 @@ probe syscall.fchown16.return = kernel.function("sys_fchown16").return ? { # new function with 2.6.16 # long sys_fchownat(int dfd, const char __user *filename, # uid_t user, gid_t group, int flag) -probe syscall.fchownat = kernel.function("sys_fchownat") ? { +probe syscall.fchownat = kernel.function("SyS_fchownat") !, + kernel.function("sys_fchownat") ? { name = "fchownat" dfd = $dfd dfd_str = _dfd_str($dfd) @@ -818,7 +899,8 @@ probe syscall.fchownat = kernel.function("sys_fchownat") ? { argstr = sprintf("%s, %s, %d, %d, %s", dfd_str, user_string_quoted($filename), user, group, flag_str) } -probe syscall.fchownat.return = kernel.function("sys_fchownat").return ? { +probe syscall.fchownat.return = kernel.function("SyS_fchownat").return !, + kernel.function("sys_fchownat").return ? { name = "fchownat" retstr = returnstr(1) } @@ -830,10 +912,11 @@ probe syscall.fchownat.return = kernel.function("sys_fchownat").return ? { # long compat_sys_fcntl(unsigned int fd, unsigned int cmd, unsigned long arg) # probe syscall.fcntl = - kernel.function("sys_fcntl") ?, - kernel.function("sys_fcntl64") ?, kernel.function("compat_sys_fcntl") ?, - kernel.function("compat_sys_fcntl64") ? + kernel.function("compat_sys_fcntl64") ?, + kernel.function("sys_fcntl64") ?, + kernel.function("SyS_fcntl") !, + kernel.function("sys_fcntl") ? { name = "fcntl" fd = $fd @@ -843,10 +926,11 @@ probe syscall.fcntl = argstr = sprintf("%d, %s, %p", $fd, _fcntl_cmd_str($cmd), $arg) } probe syscall.fcntl.return = - kernel.function("sys_fcntl").return ?, - kernel.function("sys_fcntl64").return ?, kernel.function("compat_sys_fcntl").return ?, - kernel.function("compat_sys_fcntl64").return ? + kernel.function("compat_sys_fcntl64").return ?, + kernel.function("sys_fcntl64").return ?, + kernel.function("SyS_fcntl").return !, + kernel.function("sys_fcntl").return ? { name = "fcntl" retstr = returnstr(1) @@ -854,12 +938,14 @@ probe syscall.fcntl.return = # fdatasync __________________________________________________ # long sys_fdatasync(unsigned int fd) -probe syscall.fdatasync = kernel.function("sys_fdatasync") { +probe syscall.fdatasync = kernel.function("SyS_fdatasync") !, + kernel.function("sys_fdatasync") { name = "fdatasync" fd = $fd argstr = sprint(fd) } -probe syscall.fdatasync.return = kernel.function("sys_fdatasync").return { +probe syscall.fdatasync.return = kernel.function("SyS_fdatasync").return !, + kernel.function("sys_fdatasync").return { name = "fdatasync" retstr = returnstr(1) } @@ -867,7 +953,8 @@ probe syscall.fdatasync.return = kernel.function("sys_fdatasync").return { # fgetxattr __________________________________________________ # ssize_t sys_fgetxattr(int fd, char __user *name, # void __user *value, size_t size) -probe syscall.fgetxattr = kernel.function("sys_fgetxattr") { +probe syscall.fgetxattr = kernel.function("SyS_fgetxattr") !, + kernel.function("sys_fgetxattr") { name = "fgetxattr" filedes = $fd #FIXME @@ -876,33 +963,38 @@ probe syscall.fgetxattr = kernel.function("sys_fgetxattr") { size = $size argstr = sprintf("%d, %s, %p, %d", filedes, user_string_quoted($name), value_uaddr, size) } -probe syscall.fgetxattr.return = kernel.function("sys_fgetxattr").return { +probe syscall.fgetxattr.return = kernel.function("SyS_fgetxattr").return !, + kernel.function("sys_fgetxattr").return { name = "fgetxattr" retstr = returnstr(1) } # flistxattr _________________________________________________ # ssize_t sys_flistxattr(int fd, char __user *list, size_t size) -probe syscall.flistxattr = kernel.function("sys_flistxattr") { +probe syscall.flistxattr = kernel.function("SyS_flistxattr") !, + kernel.function("sys_flistxattr") { name = "flistxattr" filedes = $fd list_uaddr = $list size = $size argstr = sprintf("%d, %p, %d", filedes, list_uaddr, size) } -probe syscall.flistxattr.return = kernel.function("sys_flistxattr").return { +probe syscall.flistxattr.return = kernel.function("SyS_flistxattr").return !, + kernel.function("sys_flistxattr").return { name = "flistxattr" retstr = returnstr(1) } # flock ______________________________________________________ # long sys_flock(unsigned int fd, unsigned int cmd) -probe syscall.flock = kernel.function("sys_flock") { +probe syscall.flock = kernel.function("SyS_flock") !, + kernel.function("sys_flock") { name = "flock" fd = $fd operation = $cmd argstr = sprintf("%d, %s", fd, _flock_cmd_str(operation)) } -probe syscall.flock.return = kernel.function("sys_flock").return { +probe syscall.flock.return = kernel.function("SyS_flock").return !, + kernel.function("sys_flock").return { name = "flock" retstr = returnstr(1) } @@ -971,13 +1063,15 @@ probe syscall.fork.return = kernel.function("do_fork").return { } # fremovexattr _______________________________________________ # long sys_fremovexattr(int fd, char __user *name) -probe syscall.fremovexattr = kernel.function("sys_fremovexattr") { +probe syscall.fremovexattr = kernel.function("SyS_fremovexattr") !, + kernel.function("sys_fremovexattr") { name = "fremovexattr" filedes = $fd name_uaddr = $name argstr = sprintf("FIXME PLEASE") } -probe syscall.fremovexattr.return = kernel.function("sys_fremovexattr").return { +probe syscall.fremovexattr.return = kernel.function("SyS_fremovexattr").return !, + kernel.function("sys_fremovexattr").return { name = "fremovexattr" retstr = returnstr(1) } @@ -991,7 +1085,8 @@ probe syscall.fremovexattr.return = kernel.function("sys_fremovexattr").return { * size_t size, * int flags) */ -probe syscall.fsetxattr = kernel.function("sys_fsetxattr") { +probe syscall.fsetxattr = kernel.function("SyS_fsetxattr") !, + kernel.function("sys_fsetxattr") { name = "fsetxattr" filedes = $fd # FIXME @@ -1001,7 +1096,8 @@ probe syscall.fsetxattr = kernel.function("sys_fsetxattr") { flags = $flags argstr = sprintf("%d, %s, %p, %d, %p", filedes, user_string_quoted($name), value_uaddr, size, flags) } -probe syscall.fsetxattr.return = kernel.function("sys_fsetxattr").return { +probe syscall.fsetxattr.return = kernel.function("SyS_fsetxattr").return !, + kernel.function("sys_fsetxattr").return { name = "fsetxattr" retstr = returnstr(1) } @@ -1017,8 +1113,10 @@ probe syscall.fsetxattr.return = kernel.function("sys_fsetxattr").return { # probe syscall.fstat = kernel.function("sys_fstat") ?, + kernel.function("SyS_fstat64") ?, kernel.function("sys_fstat64") ?, kernel.function("sys32_fstat64") ?, + kernel.function("SyS_newfstat") ?, kernel.function("sys_newfstat") ?, kernel.function("sys_oabi_fstat64") ?, kernel.function("compat_sys_newfstat") ? @@ -1030,8 +1128,10 @@ probe syscall.fstat = } probe syscall.fstat.return = kernel.function("sys_fstat").return ?, + kernel.function("SyS_fstat64").return ?, kernel.function("sys_fstat64").return ?, kernel.function("sys32_fstat64").return ?, + kernel.function("SyS_newfstat").return ?, kernel.function("sys_newfstat").return ?, kernel.function("sys_oabi_fstat64").return ?, kernel.function("compat_sys_newfstat").return ? @@ -1046,7 +1146,9 @@ probe syscall.fstat.return = # long sys_fstatat64(int dfd, char __user *filename, struct stat64 __user *statbuf, int flag) # long compat_sys_newfstatat(unsigned int dfd, char __user *filename, struct compat_stat __user *statbuf, int flag) probe syscall.fstatat = + kernel.function("SyS_fstatat64") ?, kernel.function("sys_fstatat64") ?, + kernel.function("SyS_newfstatat") ?, kernel.function("sys_newfstatat") ?, kernel.function("compat_sys_newfstatat") ?, kernel.function("sys32_fstatat64") ? @@ -1058,7 +1160,9 @@ probe syscall.fstatat = argstr = sprintf("%s, %s, %p, %s", _dfd_str($dfd), user_string_quoted($filename), $statbuf, _at_flag_str($flag)) } probe syscall.fstatat.return = + kernel.function("SyS_fstatat64").return ?, kernel.function("sys_fstatat64").return ?, + kernel.function("SyS_newfstatat").return ?, kernel.function("sys_newfstatat").return ?, kernel.function("compat_sys_newfstatat").return ?, kernel.function("sys32_fstatat64").return ? @@ -1072,8 +1176,9 @@ probe syscall.fstatat.return = # long compat_sys_fstatfs(unsigned int fd, struct compat_statfs __user *buf) # probe syscall.fstatfs = - kernel.function("sys_fstatfs"), - kernel.function("compat_sys_fstatfs") ? + kernel.function("compat_sys_fstatfs") ?, + kernel.function("SyS_fstatfs") !, + kernel.function("sys_fstatfs") { name = "fstatfs" fd = $fd @@ -1081,8 +1186,9 @@ probe syscall.fstatfs = argstr = sprintf("%d, %p", $fd, $buf) } probe syscall.fstatfs.return = - kernel.function("sys_fstatfs").return, - kernel.function("compat_sys_fstatfs").return ? + kernel.function("compat_sys_fstatfs").return ?, + kernel.function("SyS_fstatfs").return !, + kernel.function("sys_fstatfs").return { name = "fstatfs" retstr = returnstr(1) @@ -1093,8 +1199,9 @@ probe syscall.fstatfs.return = # long compat_sys_fstatfs64(unsigned int fd, compat_size_t sz, struct compat_statfs64 __user *buf) # probe syscall.fstatfs64 = - kernel.function("sys_fstatfs64") ?, - kernel.function("compat_sys_fstatfs64") ? + kernel.function("compat_sys_fstatfs64") ?, + kernel.function("SyS_fstatfs64") !, + kernel.function("sys_fstatfs64") ? { name = "fstatfs" fd = $fd @@ -1103,8 +1210,9 @@ probe syscall.fstatfs64 = argstr = sprintf("%d, %d, %p", $fd, $sz, $buf) } probe syscall.fstatfs64.return = - kernel.function("sys_fstatfs64").return ?, - kernel.function("compat_sys_fstatfs64").return ? + kernel.function("compat_sys_fstatfs64").return ?, + kernel.function("SyS_fstatfs64").return !, + kernel.function("sys_fstatfs64").return ? { name = "fstatfs" retstr = returnstr(1) @@ -1112,24 +1220,28 @@ probe syscall.fstatfs64.return = # fsync ______________________________________________________ # long sys_fsync(unsigned int fd) -probe syscall.fsync = kernel.function("sys_fsync") { +probe syscall.fsync = kernel.function("SyS_fsync") !, + kernel.function("sys_fsync") { name = "fsync" fd = $fd argstr = sprint(fd) } -probe syscall.fsync.return = kernel.function("sys_fsync").return { +probe syscall.fsync.return = kernel.function("SyS_fsync").return !, + kernel.function("sys_fsync").return { name = "fsync" retstr = returnstr(1) } # ftruncate __________________________________________________ # long sys_ftruncate(unsigned int fd, unsigned long length) -probe syscall.ftruncate = kernel.function("sys_ftruncate") { +probe syscall.ftruncate = kernel.function("SyS_ftruncate") !, + kernel.function("sys_ftruncate") { name = "ftruncate" fd = $fd length = $length argstr = sprintf("%d, %d", fd, length) } -probe syscall.ftruncate.return = kernel.function("sys_ftruncate").return { +probe syscall.ftruncate.return = kernel.function("SyS_ftruncate").return !, + kernel.function("sys_ftruncate").return { name = "ftruncate" retstr = returnstr(1) } @@ -1158,7 +1270,8 @@ probe syscall.ftruncate64.return = kernel.function("sys_ftruncate64").return ? { # struct compat_timespec __user *utime, u32 __user *uaddr2, # u32 val3) # -probe syscall.futex = kernel.function("sys_futex") ? { +probe syscall.futex = kernel.function("SyS_futex") !, + kernel.function("sys_futex") ? { name = "futex" futex_uaddr = $uaddr op = $op @@ -1173,7 +1286,8 @@ probe syscall.futex = kernel.function("sys_futex") ? { argstr = sprintf("%p, %s, %d", $uaddr, _futex_op_str($op), $val) } -probe syscall.futex.return = kernel.function("sys_futex").return ? { +probe syscall.futex.return = kernel.function("SyS_futex").return !, + kernel.function("sys_futex").return ? { name = "futex" retstr = returnstr(1) } @@ -1203,7 +1317,8 @@ probe syscall.compat_futex.return = kernel.function("compat_sys_futex").return ? # long compat_sys_futimesat(unsigned int dfd, char __user *filename, struct compat_timeval __user *t) # -probe syscall.futimesat = kernel.function("sys_futimesat") ? { +probe syscall.futimesat = kernel.function("SyS_futimesat") !, + kernel.function("sys_futimesat") ? { name = "futimesat" dirfd = $dfd filename_uaddr = $filename @@ -1221,7 +1336,8 @@ probe syscall.compat_futimesat = kernel.function("compat_sys_futimesat") ? { argstr = sprintf("%s, %s, %s", _dfd_str($dfd), user_string_quoted($filename), _struct_compat_timeval_u($t, 2)) } -probe syscall.futimesat.return = kernel.function("sys_futimesat").return ? { +probe syscall.futimesat.return = kernel.function("SyS_futimesat").return !, + kernel.function("sys_futimesat").return ? { name = "futimesat" retstr = returnstr(1) } @@ -1232,13 +1348,15 @@ probe syscall.compat_futimesat.return = kernel.function("compat_sys_futimesat"). # getcwd _____________________________________________________ # long sys_getcwd(char __user *buf, unsigned long size) -probe syscall.getcwd = kernel.function("sys_getcwd") { +probe syscall.getcwd = kernel.function("SyS_getcwd") !, + kernel.function("sys_getcwd") { name = "getcwd" buf_uaddr = $buf size = $size argstr = sprintf("%p, %d", buf_uaddr, size) } -probe syscall.getcwd.return = kernel.function("sys_getcwd").return { +probe syscall.getcwd.return = kernel.function("SyS_getcwd").return !, + kernel.function("sys_getcwd").return { name = "getcwd" retstr = returnstr(1) } @@ -1250,7 +1368,9 @@ probe syscall.getcwd.return = kernel.function("sys_getcwd").return { # long compat_sys_getdents64(unsigned int fd, struct linux_dirent64 __user * dirent, unsigned int count) # probe syscall.getdents = + kernel.function("SyS_getdents") ?, kernel.function("sys_getdents") ?, + kernel.function("SyS_getdents64") ?, kernel.function("sys_getdents64") ?, kernel.function("compat_sys_getdents") ?, kernel.function("compat_sys_getdents64") ? @@ -1262,7 +1382,9 @@ probe syscall.getdents = argstr = sprintf("%d, %p, %d", $fd, $dirent, $count) } probe syscall.getdents.return = + kernel.function("SyS_getdents").return ?, kernel.function("sys_getdents").return ?, + kernel.function("SyS_getdents64").return ?, kernel.function("sys_getdents64").return ?, kernel.function("compat_sys_getdents").return ?, kernel.function("compat_sys_getdents64").return ? @@ -1341,9 +1463,10 @@ probe syscall.getgid.return = # long sys32_getgroups16(int gidsetsize, u16 __user *grouplist) # probe syscall.getgroups = - kernel.function("sys_getgroups") ?, kernel.function("sys_getgroups16") ?, - kernel.function("sys32_getgroups16") ? + kernel.function("sys32_getgroups16") ?, + kernel.function("SyS_getgroups") !, + kernel.function("sys_getgroups") ? { name = "getgroups" size = $gidsetsize @@ -1351,9 +1474,10 @@ probe syscall.getgroups = argstr = sprintf("%d, %p", $gidsetsize, $grouplist) } probe syscall.getgroups.return = - kernel.function("sys_getgroups").return ?, kernel.function("sys_getgroups16").return ?, - kernel.function("sys32_getgroups16").return ? + kernel.function("sys32_getgroups16").return ?, + kernel.function("SyS_getgroups").return !, + kernel.function("sys_getgroups").return ? { name = "getgroups" retstr = returnstr(1) @@ -1361,13 +1485,15 @@ probe syscall.getgroups.return = # gethostname ________________________________________________ # long sys_gethostname(char __user *name, int len) -probe syscall.gethostname = kernel.function("sys_gethostname") ? { +probe syscall.gethostname = kernel.function("SyS_gethostname") !, + kernel.function("sys_gethostname") ? { name = "gethostname" name_uaddr = $name len = $len argstr = sprintf ("%p, %d", name_uaddr, len) } -probe syscall.gethostname.return = kernel.function("sys_gethostname").return ? { +probe syscall.gethostname.return = kernel.function("SyS_gethostname").return !, + kernel.function("sys_gethostname").return ? { name = "gethostname" retstr = returnstr(1) } @@ -1375,13 +1501,15 @@ probe syscall.gethostname.return = kernel.function("sys_gethostname").return ? { # getitimer __________________________________________________ # sys_getitimer(int which, struct itimerval __user *value) # -probe syscall.getitimer = kernel.function("sys_getitimer") { +probe syscall.getitimer = kernel.function("SyS_getitimer") !, + kernel.function("sys_getitimer") { name = "getitimer" which = $which value_uaddr = $value argstr = sprintf("%s, %p", _itimer_which_str($which), $value) } -probe syscall.getitimer.return = kernel.function("sys_getitimer").return { +probe syscall.getitimer.return = kernel.function("SyS_getitimer").return !, + kernel.function("sys_getitimer").return { name = "getitimer" retstr = returnstr(1) } @@ -1409,8 +1537,9 @@ probe syscall.compat_getitimer.return = kernel.function("compat_sys_getitimer"). # compat_ulong_t addr, compat_ulong_t flags) # probe syscall.get_mempolicy = - kernel.function("sys_get_mempolicy") ?, - kernel.function("compat_sys_get_mempolicy") ? + kernel.function("compat_sys_get_mempolicy") ?, + kernel.function("SyS_get_mempolicy") !, + kernel.function("sys_get_mempolicy") ? { name = "get_mempolicy" policy_uaddr = $policy @@ -1422,8 +1551,9 @@ probe syscall.get_mempolicy = $nmask, $maxnode, $addr, $flags) } probe syscall.get_mempolicy.return = - kernel.function("sys_get_mempolicy").return ?, - kernel.function("compat_sys_get_mempolicy").return ? + kernel.function("compat_sys_get_mempolicy").return ?, + kernel.function("SyS_get_mempolicy").return !, + kernel.function("sys_get_mempolicy").return ? { name = "get_mempolicy" retstr = returnstr(1) @@ -1432,26 +1562,30 @@ probe syscall.get_mempolicy.return = # getpeername ________________________________________________ # long sys_getpeername(int fd, struct sockaddr __user *usockaddr, int __user *usockaddr_len) # -probe syscall.getpeername = kernel.function("sys_getpeername") ? { +probe syscall.getpeername = kernel.function("SyS_getpeername") !, + kernel.function("sys_getpeername") ? { name = "getpeername" s = $fd name_uaddr = $usockaddr namelen_uaddr = $usockaddr_len argstr = sprintf("%d, %p, %p", $fd, $usockaddr, $usockaddr_len) } -probe syscall.getpeername.return = kernel.function("sys_getpeername").return ? { +probe syscall.getpeername.return = kernel.function("SyS_getpeername").return !, + kernel.function("sys_getpeername").return ? { name = "getpeername" retstr = returnstr(1) } # getpgid ____________________________________________________ # long sys_getpgid(pid_t pid) -probe syscall.getpgid = kernel.function("sys_getpgid") { +probe syscall.getpgid = kernel.function("SyS_getpgid") !, + kernel.function("sys_getpgid") { name = "getpgid" pid = $pid argstr = sprintf("%d", $pid) } -probe syscall.getpgid.return = kernel.function("sys_getpgid").return { +probe syscall.getpgid.return = kernel.function("SyS_getpgid").return !, + kernel.function("sys_getpgid").return { name = "getpgid" retstr = returnstr(1) } @@ -1491,13 +1625,15 @@ probe syscall.getppid.return = kernel.function("sys_getppid").return { # getpriority ________________________________________________ # long sys_getpriority(int which, int who) -probe syscall.getpriority = kernel.function("sys_getpriority") { +probe syscall.getpriority = kernel.function("SyS_getpriority") !, + kernel.function("sys_getpriority") { name = "getpriority" which = $which who = $who argstr = sprintf("%s, %d", _priority_which_str(which), who) } -probe syscall.getpriority.return = kernel.function("sys_getpriority").return { +probe syscall.getpriority.return = kernel.function("SyS_getpriority").return !, + kernel.function("sys_getpriority").return { name = "getpriority" retstr = returnstr(1) } @@ -1511,7 +1647,8 @@ probe syscall.getpriority.return = kernel.function("sys_getpriority").return { # old_uid_t __user *sgid) probe syscall.getresgid = kernel.function("sys_getresgid16") ?, - kernel.function("sys_getresgid") + kernel.function("SyS_getresgid") !, + kernel.function("sys_getresgid") { name = "getresgid" rgid_uaddr = $rgid @@ -1521,6 +1658,7 @@ probe syscall.getresgid = } probe syscall.getresgid.return = kernel.function("sys_getresgid16").return ?, + kernel.function("SyS_getresgid").return !, kernel.function("sys_getresgid").return { name = "getresgid" @@ -1533,6 +1671,7 @@ probe syscall.getresgid.return = # uid_t __user *suid) probe syscall.getresuid = kernel.function("sys_getresuid16") ?, + kernel.function("SyS_getresuid") !, kernel.function("sys_getresuid") { name = "getresuid" @@ -1543,7 +1682,8 @@ probe syscall.getresuid = } probe syscall.getresuid.return = kernel.function("sys_getresuid16").return ?, - kernel.function("sys_getresuid").return + kernel.function("SyS_getresuid").return !, + kernel.function("sys_getresuid").return { name = "getresuid" retstr = returnstr(1) @@ -1553,7 +1693,9 @@ probe syscall.getresuid.return = # long sys_getrlimit(unsigned int resource, struct rlimit __user *rlim) # long sys_old_getrlimit(unsigned int resource, struct rlimit __user *rlim) # long compat_sys_getrlimit (unsigned int resource, struct compat_rlimit __user *rlim) -probe syscall.getrlimit = kernel.function("sys_getrlimit"), +probe syscall.getrlimit = kernel.function("SyS_getrlimit") ?, + kernel.function("sys_getrlimit") ?, + kernel.function("SyS_old_getrlimit") ?, kernel.function("sys_old_getrlimit") ?, kernel.function("compat_sys_getrlimit") ? { @@ -1562,7 +1704,9 @@ probe syscall.getrlimit = kernel.function("sys_getrlimit"), rlim_uaddr = $rlim argstr = sprintf("%s, %p", _rlimit_resource_str($resource), $rlim) } -probe syscall.getrlimit.return = kernel.function("sys_getrlimit").return, +probe syscall.getrlimit.return = kernel.function("SyS_getrlimit").return ?, + kernel.function("sys_getrlimit").return ?, + kernel.function("SyS_old_getrlimit").return ?, kernel.function("sys_old_getrlimit").return ?, kernel.function("compat_sys_getrlimit").return ? { @@ -1572,7 +1716,8 @@ probe syscall.getrlimit.return = kernel.function("sys_getrlimit").return, # getrusage __________________________________________________ # long sys_getrusage(int who, struct rusage __user *ru) -probe syscall.getrusage = kernel.function("sys_getrusage") { +probe syscall.getrusage = kernel.function("SyS_getrusage") !, + kernel.function("sys_getrusage") { name = "getrusage" who = $who if($who==-2) @@ -1587,19 +1732,22 @@ probe syscall.getrusage = kernel.function("sys_getrusage") { usage_uaddr = $ru argstr = sprintf("%s, %p", who_str, usage_uaddr) } -probe syscall.getrusage.return = kernel.function("sys_getrusage").return { +probe syscall.getrusage.return = kernel.function("SyS_getrusage").return !, + kernel.function("sys_getrusage").return { name = "getrusage" retstr = returnstr(1) } # getsid _____________________________________________________ # long sys_getsid(pid_t pid) -probe syscall.getsid = kernel.function("sys_getsid") { +probe syscall.getsid = kernel.function("SyS_getsid") !, + kernel.function("sys_getsid") { name = "getsid" pid = $pid argstr = sprint(pid) } -probe syscall.getsid.return = kernel.function("sys_getsid").return { +probe syscall.getsid.return = kernel.function("SyS_getsid").return !, + kernel.function("sys_getsid").return { name = "getsid" retstr = returnstr(1) } @@ -1608,14 +1756,16 @@ probe syscall.getsid.return = kernel.function("sys_getsid").return { # long sys_getsockname(int fd, # struct sockaddr __user *usockaddr, # int __user *usockaddr_len) -probe syscall.getsockname = kernel.function("sys_getsockname") ? { +probe syscall.getsockname = kernel.function("SyS_getsockname") !, + kernel.function("sys_getsockname") ? { name = "getsockname" s = $fd name_uaddr = $usockaddr namelen_uaddr = $usockaddr_len argstr = sprintf("%d, %p, %p", $fd, $usockaddr, $usockaddr_len) } -probe syscall.getsockname.return = kernel.function("sys_getsockname").return ? { +probe syscall.getsockname.return = kernel.function("SyS_getsockname").return !, + kernel.function("sys_getsockname").return ? { name = "getsockname" retstr = returnstr(1) } @@ -1628,8 +1778,9 @@ probe syscall.getsockname.return = kernel.function("sys_getsockname").return ? { # int __user *optlen) # probe syscall.getsockopt = - kernel.function("sys_getsockopt") ?, - kernel.function("compat_sys_getsockopt") ? + kernel.function("compat_sys_getsockopt") ?, + kernel.function("SyS_getsockopt") !, + kernel.function("sys_getsockopt") ? { name = "getsockopt" fd = $fd @@ -1643,8 +1794,9 @@ probe syscall.getsockopt = _sockopt_optname_str($optname), $optval, $optlen) } probe syscall.getsockopt.return = - kernel.function("sys_getsockopt").return ?, - kernel.function("compat_sys_getsockopt").return ? + kernel.function("compat_sys_getsockopt").return ?, + kernel.function("SyS_getsockopt").return !, + kernel.function("sys_getsockopt").return ? { name = "getsockopt" retstr = returnstr(1) @@ -1669,9 +1821,10 @@ probe syscall.gettid.return = kernel.function("sys_gettid").return { # long compat_sys_gettimeofday(struct compat_timeval __user *tv, # struct timezone __user *tz) probe syscall.gettimeofday = - kernel.function("sys_gettimeofday"), + kernel.function("compat_sys_gettimeofday") ?, kernel.function("sys32_gettimeofday") ?, - kernel.function("compat_sys_gettimeofday") ? + kernel.function("SyS_gettimeofday") !, + kernel.function("sys_gettimeofday") { name = "gettimeofday" tv_uaddr = $tv @@ -1680,9 +1833,10 @@ probe syscall.gettimeofday = } probe syscall.gettimeofday.return = - kernel.function("sys_gettimeofday").return, + kernel.function("compat_sys_gettimeofday").return ?, kernel.function("sys32_gettimeofday").return ?, - kernel.function("compat_sys_gettimeofday").return ? + kernel.function("SyS_gettimeofday").return !, + kernel.function("sys_gettimeofday").return { name = "gettimeofday" retstr = returnstr(1) @@ -1713,7 +1867,8 @@ probe syscall.getuid.return = # getxattr ___________________________________________________ # ssize_t sys_getxattr(char __user *path, char __user *name, # void __user *value, size_t size) -probe syscall.getxattr = kernel.function("sys_getxattr") { +probe syscall.getxattr = kernel.function("SyS_getxattr") !, + kernel.function("sys_getxattr") { name = "getxattr" %( kernel_v >= "2.6.27" %? path = user_string($pathname) @@ -1733,7 +1888,8 @@ probe syscall.getxattr = kernel.function("sys_getxattr") { user_string_quoted($name), value_uaddr, size) } -probe syscall.getxattr.return = kernel.function("sys_getxattr").return { +probe syscall.getxattr.return = kernel.function("SyS_getxattr").return !, + kernel.function("sys_getxattr").return { name = "getxattr" retstr = returnstr(1) } @@ -1743,14 +1899,16 @@ probe syscall.getxattr.return = kernel.function("sys_getxattr").return { # unsigned long len, # const char __user *uargs) # -probe syscall.init_module = kernel.function("sys_init_module") ? { +probe syscall.init_module = kernel.function("SyS_init_module") !, + kernel.function("sys_init_module") ? { name = "init_module" umod_uaddr = $umod len = $len uargs = user_string($uargs) argstr = sprintf("%p, %d, %s", $umod, $len, user_string_quoted($uargs)) } -probe syscall.init_module.return = kernel.function("sys_init_module").return ? { +probe syscall.init_module.return = kernel.function("SyS_init_module").return !, + kernel.function("sys_init_module").return ? { name = "init_module" retstr = returnstr(1) } @@ -1759,7 +1917,8 @@ probe syscall.init_module.return = kernel.function("sys_init_module").return ? { # # long sys_inotify_add_watch(int fd, const char __user *path, u32 mask) # -probe syscall.inotify_add_watch = kernel.function("sys_inotify_add_watch") ? { +probe syscall.inotify_add_watch = kernel.function("SyS_inotify_add_watch") !, + kernel.function("sys_inotify_add_watch") ? { name = "inotify_add_watch" fd = $fd mask = $mask @@ -1774,7 +1933,8 @@ probe syscall.inotify_add_watch = kernel.function("sys_inotify_add_watch") ? { %) } -probe syscall.inotify_add_watch.return = kernel.function("sys_inotify_add_watch").return ? { +probe syscall.inotify_add_watch.return = kernel.function("SyS_inotify_add_watch").return !, + kernel.function("sys_inotify_add_watch").return ? { name = "inotify_add_watch" retstr = returnstr(1) } @@ -1796,13 +1956,15 @@ probe syscall.inotify_init.return = kernel.function("sys_inotify_init").return ? # # long sys_inotify_rm_watch(int fd, u32 wd) # -probe syscall.inotify_rm_watch = kernel.function("sys_inotify_rm_watch") ? { +probe syscall.inotify_rm_watch = kernel.function("SyS_inotify_rm_watch") !, + kernel.function("sys_inotify_rm_watch") ? { name = "inotify_rm_watch" fd = $fd wd = $wd argstr = sprintf("%d, %d", $fd, $wd) } -probe syscall.inotify_rm_watch.return = kernel.function("sys_inotify_rm_watch").return ? { +probe syscall.inotify_rm_watch.return = kernel.function("SyS_inotify_rm_watch").return !, + kernel.function("sys_inotify_rm_watch").return ? { name = "inotify_rm_watch" retstr = returnstr(1) } @@ -1811,14 +1973,16 @@ probe syscall.inotify_rm_watch.return = kernel.function("sys_inotify_rm_watch"). # long sys_io_cancel(aio_context_t ctx_id, # struct iocb __user *iocb, # struct io_event __user *result) -probe syscall.io_cancel = kernel.function("sys_io_cancel") { +probe syscall.io_cancel = kernel.function("SyS_io_cancel") !, + kernel.function("sys_io_cancel") { name = "io_cancel" ctx_id = $ctx_id iocb_uaddr = $iocb result_uaddr = $result argstr = sprintf("%d, %p, %p", ctx_id, iocb_uaddr, result_uaddr) } -probe syscall.io_cancel.return = kernel.function("sys_io_cancel").return { +probe syscall.io_cancel.return = kernel.function("SyS_io_cancel").return !, + kernel.function("sys_io_cancel").return { name = "io_cancel" retstr = returnstr(1) } @@ -1828,8 +1992,9 @@ probe syscall.io_cancel.return = kernel.function("sys_io_cancel").return { # long compat_sys_ioctl(unsigned int fd, unsigned int cmd, unsigned long arg) # probe syscall.ioctl = - kernel.function("sys_ioctl") ?, - kernel.function("compat_sys_ioctl") ? + kernel.function("compat_sys_ioctl") ?, + kernel.function("SyS_ioctl") !, + kernel.function("sys_ioctl") ? { name = "ioctl" fd = $fd @@ -1838,8 +2003,9 @@ probe syscall.ioctl = argstr = sprintf("%d, %d, %p", $fd, $cmd, $arg) } probe syscall.ioctl.return = - kernel.function("sys_ioctl").return ?, - kernel.function("compat_sys_ioctl").return ? + kernel.function("compat_sys_ioctl").return ?, + kernel.function("SyS_ioctl").return !, + kernel.function("sys_ioctl").return ? { name = "ioctl" retstr = returnstr(1) @@ -1847,12 +2013,14 @@ probe syscall.ioctl.return = # io_destroy _________________________________________________ # long sys_io_destroy(aio_context_t ctx) -probe syscall.io_destroy = kernel.function("sys_io_destroy") { +probe syscall.io_destroy = kernel.function("SyS_io_destroy") !, + kernel.function("sys_io_destroy") { name = "io_destroy" ctx = $ctx argstr = sprintf("%d", ctx) } -probe syscall.io_destroy.return = kernel.function("sys_io_destroy").return { +probe syscall.io_destroy.return = kernel.function("SyS_io_destroy").return !, + kernel.function("sys_io_destroy").return { name = "io_destroy" retstr = returnstr(1) } @@ -1870,8 +2038,9 @@ probe syscall.io_destroy.return = kernel.function("sys_io_destroy").return { # struct compat_timespec __user *timeout) # probe syscall.io_getevents = - kernel.function("sys_io_getevents") ?, - kernel.function("compat_sys_io_getevents") ? + kernel.function("compat_sys_io_getevents") ?, + kernel.function("SyS_io_getevents") !, + kernel.function("sys_io_getevents") ? { name = "io_getevents" ctx_id = $ctx_id @@ -1884,8 +2053,9 @@ probe syscall.io_getevents = $nr, $events, $timeout, timestr) } probe syscall.io_getevents.return = - kernel.function("sys_io_getevents").return ?, - kernel.function("compat_sys_io_getevents").return ? + kernel.function("compat_sys_io_getevents").return ?, + kernel.function("SyS_io_getevents").return !, + kernel.function("sys_io_getevents").return ? { name = "io_getevents" retstr = returnstr(1) @@ -1909,14 +2079,16 @@ probe syscall.ioperm.return = kernel.function("sys_ioperm").return ? { # io_setup ___________________________________________________ # long sys_io_setup(unsigned nr_events, aio_context_t __user *ctxp) # -probe syscall.io_setup = kernel.function("sys_io_setup") { +probe syscall.io_setup = kernel.function("SyS_io_setup") !, + kernel.function("sys_io_setup") { name = "io_setup" maxevents = $nr_events ctxp_uaddr = $ctxp argstr = sprintf("%d, %p", $nr_events, $ctxp) } -probe syscall.io_setup.return = kernel.function("sys_io_setup").return { +probe syscall.io_setup.return = kernel.function("SyS_io_setup").return !, + kernel.function("sys_io_setup").return { name = "io_setup" retstr = returnstr(1) } @@ -1937,14 +2109,16 @@ probe syscall.compat_io_setup.return = kernel.function("compat_sys_io_setup").re # io_submit __________________________________________________ # long sys_io_submit(aio_context_t ctx_id, long nr, struct iocb __user * __user *iocbpp) # -probe syscall.io_submit = kernel.function("sys_io_submit") { +probe syscall.io_submit = kernel.function("SyS_io_submit") !, + kernel.function("sys_io_submit") { name = "io_submit" ctx_id = $ctx_id nr = $nr iocbpp_uaddr = $iocbpp argstr = sprintf("%d, %d, %p", $ctx_id, $nr, $iocbpp) } -probe syscall.io_submit.return = kernel.function("sys_io_submit").return { +probe syscall.io_submit.return = kernel.function("SyS_io_submit").return !, + kernel.function("sys_io_submit").return { name = "io_submit" retstr = returnstr(1) } @@ -1965,13 +2139,15 @@ probe syscall.compat_io_submit.return = kernel.function("compat_sys_io_submit"). # ioprio_get _________________________________________________ # long sys_ioprio_get(int which, int who) # -probe syscall.ioprio_get = kernel.function("sys_ioprio_get") ? { +probe syscall.ioprio_get = kernel.function("SyS_ioprio_get") !, + kernel.function("sys_ioprio_get") ? { name = "ioprio_get" which = $which who = $who argstr = sprintf("%d, %d", $which, $who) } -probe syscall.ioprio_get.return = kernel.function("sys_ioprio_get").return ? { +probe syscall.ioprio_get.return = kernel.function("SyS_ioprio_get").return !, + kernel.function("sys_ioprio_get").return ? { name = "ioprio_get" retstr = returnstr(1) } @@ -1979,14 +2155,16 @@ probe syscall.ioprio_get.return = kernel.function("sys_ioprio_get").return ? { # ioprio_set _________________________________________________ # long sys_ioprio_set(int which, int who, int ioprio) # -probe syscall.ioprio_set = kernel.function("sys_ioprio_set") ? { +probe syscall.ioprio_set = kernel.function("SyS_ioprio_set") !, + kernel.function("sys_ioprio_set") ? { name = "ioprio_set" which = $which who = $who ioprio = $ioprio argstr = sprintf("%d, %d, %d", $which, $who, $ioprio) } -probe syscall.ioprio_set.return = kernel.function("sys_ioprio_set").return ? { +probe syscall.ioprio_set.return = kernel.function("SyS_ioprio_set").return !, + kernel.function("sys_ioprio_set").return ? { name = "ioprio_set" retstr = returnstr(1) } @@ -2002,8 +2180,9 @@ probe syscall.ioprio_set.return = kernel.function("sys_ioprio_set").return ? { # unsigned long flags) # probe syscall.kexec_load = - kernel.function("sys_kexec_load") ?, - kernel.function("compat_sys_kexec_load") ? + kernel.function("compat_sys_kexec_load") ?, + kernel.function("SyS_kexec_load") !, + kernel.function("sys_kexec_load") ? { name = "kexec_load" entry = $entry @@ -2013,8 +2192,9 @@ probe syscall.kexec_load = argstr = sprintf("%p, %d, %p, %d", $entry, $nr_segments, $segments, $flags) } probe syscall.kexec_load.return = - kernel.function("sys_kexec_load").return ?, - kernel.function("compat_sys_kexec_load").return ? + kernel.function("compat_sys_kexec_load").return ?, + kernel.function("SyS_kexec_load").return !, + kernel.function("sys_kexec_load").return ? { name = "kexec_load" retstr = returnstr(1) @@ -2029,16 +2209,18 @@ probe syscall.kexec_load.return = # long compat_sys_keyctl(u32 option, u32 arg2, u32 arg3, u32 arg4, u32 arg5) # probe syscall.keyctl = - kernel.function("sys_keyctl") ?, - kernel.function("compat_sys_keyctl") ? + kernel.function("compat_sys_keyctl") ?, + kernel.function("SyS_keyctl") !, + kernel.function("sys_keyctl") ? { name = "keyctl" argstr = sprintf("%d, ...", $option) } probe syscall.keyctl.return = - kernel.function("sys_keyctl").return ?, - kernel.function("compat_sys_keyctl").return ? + kernel.function("compat_sys_keyctl").return ?, + kernel.function("SyS_keyctl").return !, + kernel.function("sys_keyctl").return ? { name = "keyctl" retstr = returnstr(1) @@ -2046,13 +2228,15 @@ probe syscall.keyctl.return = # kill _______________________________________________________ # long sys_kill(int pid, int sig) -probe syscall.kill = kernel.function("sys_kill") { +probe syscall.kill = kernel.function("SyS_kill") !, + kernel.function("sys_kill") { name = "kill" pid = $pid sig = $sig argstr = sprintf("%d, %s", $pid, _signal_name($sig)) } -probe syscall.kill.return = kernel.function("sys_kill").return { +probe syscall.kill.return = kernel.function("SyS_kill").return !, + kernel.function("sys_kill").return { name = "kill" retstr = returnstr(1) } @@ -2060,14 +2244,16 @@ probe syscall.kill.return = kernel.function("sys_kill").return { # lchown _____________________________________________________ # long sys_lchown(const char __user * filename, uid_t user, gid_t group) # -probe syscall.lchown = kernel.function("sys_lchown") { +probe syscall.lchown = kernel.function("SyS_lchown") !, + kernel.function("sys_lchown") { name = "lchown" path = user_string($filename) owner = __int32($user) group = __int32($group) argstr = sprintf("%s, %d, %d",user_string_quoted($filename), owner, group) } -probe syscall.lchown.return = kernel.function("sys_lchown").return { +probe syscall.lchown.return = kernel.function("SyS_lchown").return !, + kernel.function("sys_lchown").return { name = "lchown" retstr = returnstr(1) } @@ -2094,7 +2280,8 @@ probe syscall.lchown16.return = kernel.function("sys_lchown16").return ? { # void __user *value, # size_t size) # -probe syscall.lgetxattr = kernel.function("sys_lgetxattr") { +probe syscall.lgetxattr = kernel.function("SyS_lgetxattr") !, + kernel.function("sys_lgetxattr") { name = "lgetxattr" %( kernel_v >= "2.6.27" %? path = user_string($pathname) @@ -2114,7 +2301,8 @@ probe syscall.lgetxattr = kernel.function("sys_lgetxattr") { user_string_quoted($name), value_uaddr, size) } -probe syscall.lgetxattr.return = kernel.function("sys_lgetxattr").return { +probe syscall.lgetxattr.return = kernel.function("SyS_lgetxattr").return !, + kernel.function("sys_lgetxattr").return { name = "lgetxattr" retstr = returnstr(1) } @@ -2122,7 +2310,8 @@ probe syscall.lgetxattr.return = kernel.function("sys_lgetxattr").return { # link _______________________________________________________ # long sys_link(const char __user * oldname, # const char __user * newname) -probe syscall.link = kernel.function("sys_link") { +probe syscall.link = kernel.function("SyS_link") !, + kernel.function("sys_link") { name = "link" oldpath = user_string($oldname) newpath = user_string($newname) @@ -2130,7 +2319,8 @@ probe syscall.link = kernel.function("sys_link") { user_string_quoted($oldname), user_string_quoted($newname)) } -probe syscall.link.return = kernel.function("sys_link").return { +probe syscall.link.return = kernel.function("SyS_link").return !, + kernel.function("sys_link").return { name = "link" retstr = returnstr(1) } @@ -2139,7 +2329,8 @@ probe syscall.link.return = kernel.function("sys_link").return { # new function with 2.6.16 # long sys_linkat(int olddfd, const char __user *oldname, # int newdfd, const char __user *newname, int flags) -probe syscall.linkat = kernel.function("sys_linkat") ? { +probe syscall.linkat = kernel.function("SyS_linkat") !, + kernel.function("sys_linkat") ? { name = "linkat" olddfd = $olddfd olddfd_str = _dfd_str($olddfd) @@ -2156,20 +2347,23 @@ probe syscall.linkat = kernel.function("sys_linkat") ? { newdfd_str, user_string_quoted($newname), flags_str) } -probe syscall.linkat.return = kernel.function("sys_linkat").return ? { +probe syscall.linkat.return = kernel.function("SyS_linkat").return !, + kernel.function("sys_linkat").return ? { name = "linkat" retstr = returnstr(1) } # listen _____________________________________________________ # long sys_listen(int fd, int backlog) -probe syscall.listen = kernel.function("sys_listen") ? { +probe syscall.listen = kernel.function("SyS_listen") !, + kernel.function("sys_listen") ? { name = "listen" sockfd = $fd backlog = $backlog argstr = sprintf("%d, %d", $fd, $backlog) } -probe syscall.listen.return = kernel.function("sys_listen").return ? { +probe syscall.listen.return = kernel.function("SyS_listen").return !, + kernel.function("sys_listen").return ? { name = "listen" retstr = returnstr(1) } @@ -2177,7 +2371,8 @@ probe syscall.listen.return = kernel.function("sys_listen").return ? { # listxattr __________________________________________________ # ssize_t sys_listxattr(char __user *path, char __user *list, size_t size) # -probe syscall.listxattr = kernel.function("sys_listxattr") { +probe syscall.listxattr = kernel.function("SyS_listxattr") !, + kernel.function("sys_listxattr") { name = "listxattr" list_uaddr = $list size = $size @@ -2191,7 +2386,8 @@ probe syscall.listxattr = kernel.function("sys_listxattr") { argstr = sprintf("%s, %p, %d", user_string_quoted($path), $list, $size) %) } -probe syscall.listxattr.return = kernel.function("sys_listxattr").return { +probe syscall.listxattr.return = kernel.function("SyS_listxattr").return !, + kernel.function("sys_listxattr").return { name = "listxattr" retstr = returnstr(1) } @@ -2199,7 +2395,8 @@ probe syscall.listxattr.return = kernel.function("sys_listxattr").return { # llistxattr _________________________________________________ # ssize_t sys_llistxattr(char __user *path, char __user *list, size_t size) # -probe syscall.llistxattr = kernel.function("sys_llistxattr") { +probe syscall.llistxattr = kernel.function("SyS_llistxattr") !, + kernel.function("sys_llistxattr") { name = "llistxattr" list_uaddr = $list size = $size @@ -2213,7 +2410,8 @@ probe syscall.llistxattr = kernel.function("sys_llistxattr") { argstr = sprintf("%s, %p, %d", user_string_quoted($path), $list, $size) %) } -probe syscall.llistxattr.return = kernel.function("sys_llistxattr").return { +probe syscall.llistxattr.return = kernel.function("SyS_llistxattr").return !, + kernel.function("sys_llistxattr").return { name = "llistxattr" retstr = returnstr(1) } @@ -2224,7 +2422,8 @@ probe syscall.llistxattr.return = kernel.function("sys_llistxattr").return { # unsigned long offset_low, # loff_t __user * result, # unsigned int origin) -probe syscall.llseek = kernel.function("sys_llseek") ? { +probe syscall.llseek = kernel.function("SyS_llseek") !, + kernel.function("sys_llseek") ? { name = "llseek" fd = $fd offset_high = $offset_high @@ -2235,7 +2434,8 @@ probe syscall.llseek = kernel.function("sys_llseek") ? { argstr = sprintf("%d, 0x%x, 0x%x, %p, %s", $fd, $offset_high, $offset_low, $result, whence_str) } -probe syscall.llseek.return = kernel.function("sys_llseek").return ? { +probe syscall.llseek.return = kernel.function("SyS_llseek").return !, + kernel.function("sys_llseek").return ? { name = "llseek" retstr = returnstr(1) } @@ -2243,14 +2443,16 @@ probe syscall.llseek.return = kernel.function("sys_llseek").return ? { # lookup_dcookie _____________________________________________ # long sys_lookup_dcookie(u64 cookie64, char __user * buf, size_t len) # -probe syscall.lookup_dcookie = kernel.function("sys_lookup_dcookie") ? { +probe syscall.lookup_dcookie = kernel.function("SyS_lookup_dcookie") !, + kernel.function("sys_lookup_dcookie") ? { name = "lookup_dcookie" cookie = $cookie64 buffer_uaddr = $buf len = $len argstr = sprintf("%d, %p, %d", $cookie64, $buf, $len) } -probe syscall.lookup_dcookie.return = kernel.function("sys_lookup_dcookie").return ? { +probe syscall.lookup_dcookie.return = kernel.function("SyS_lookup_dcookie").return !, + kernel.function("sys_lookup_dcookie").return ? { name = "lookup_dcookie" retstr = returnstr(1) } @@ -2258,7 +2460,8 @@ probe syscall.lookup_dcookie.return = kernel.function("sys_lookup_dcookie").retu # lremovexattr _______________________________________________ # long sys_lremovexattr(char __user *path, char __user *name) # -probe syscall.lremovexattr = kernel.function("sys_lremovexattr") { +probe syscall.lremovexattr = kernel.function("SyS_lremovexattr") !, + kernel.function("sys_lremovexattr") { name = "lremovexattr" name_uaddr = $name name2 = user_string($name) @@ -2272,14 +2475,16 @@ probe syscall.lremovexattr = kernel.function("sys_lremovexattr") { argstr = sprintf("%s, %s", user_string_quoted($path), user_string_quoted($name)) %) } -probe syscall.lremovexattr.return = kernel.function("sys_lremovexattr").return { +probe syscall.lremovexattr.return = kernel.function("SyS_lremovexattr").return !, + kernel.function("sys_lremovexattr").return { name = "lremovexattr" retstr = returnstr(1) } # lseek ______________________________________________________ # off_t sys_lseek(unsigned int fd, off_t offset, unsigned int origin) -probe syscall.lseek = kernel.function("sys_lseek") { +probe syscall.lseek = kernel.function("SyS_lseek") !, + kernel.function("sys_lseek") { name = "lseek" fildes = $fd # offset = __int32($offset) @@ -2288,7 +2493,8 @@ probe syscall.lseek = kernel.function("sys_lseek") { whence_str = _seek_whence_str($origin) argstr = sprintf("%d, %d, %s", $fd, offset, whence_str) } -probe syscall.lseek.return = kernel.function("sys_lseek").return { +probe syscall.lseek.return = kernel.function("SyS_lseek").return !, + kernel.function("sys_lseek").return { name = "lseek" retstr = returnstr(1) } @@ -2300,7 +2506,8 @@ probe syscall.lseek.return = kernel.function("sys_lseek").return { # size_t size, # int flags) # -probe syscall.lsetxattr = kernel.function("sys_lsetxattr") { +probe syscall.lsetxattr = kernel.function("SyS_lsetxattr") !, + kernel.function("sys_lsetxattr") { name = "lsetxattr" %( kernel_v >= "2.6.27" %? path_uaddr = $pathname @@ -2323,7 +2530,8 @@ probe syscall.lsetxattr = kernel.function("sys_lsetxattr") { user_string_quoted($name), value_uaddr, $size, $flags) } -probe syscall.lsetxattr.return = kernel.function("sys_lsetxattr").return { +probe syscall.lsetxattr.return = kernel.function("SyS_lsetxattr").return !, + kernel.function("sys_lsetxattr").return { name = "lsetxattr" retstr = returnstr(1) } @@ -2339,9 +2547,11 @@ probe syscall.lsetxattr.return = kernel.function("sys_lsetxattr").return { # probe syscall.lstat = kernel.function("sys_lstat") ?, + kernel.function("SyS_newlstat") ?, kernel.function("sys_newlstat") ?, kernel.function("compat_sys_newlstat") ?, kernel.function("sys32_lstat64") ?, + kernel.function("SyS_lstat64") ?, kernel.function("sys_lstat64") ?, kernel.function("sys_oabi_lstat64") ? { @@ -2352,9 +2562,11 @@ probe syscall.lstat = } probe syscall.lstat.return = kernel.function("sys_lstat").return ?, + kernel.function("SyS_newlstat").return ?, kernel.function("sys_newlstat").return ?, kernel.function("compat_sys_newlstat").return ?, kernel.function("sys32_lstat64").return ?, + kernel.function("SyS_lstat64").return ?, kernel.function("sys_lstat64").return ?, kernel.function("sys_oabi_lstat64").return ? { @@ -2365,7 +2577,8 @@ probe syscall.lstat.return = # madvise ____________________________________________________ # long sys_madvise(unsigned long start, size_t len_in, int behavior) # -probe syscall.madvise = kernel.function("sys_madvise") ? { +probe syscall.madvise = kernel.function("SyS_madvise") !, + kernel.function("sys_madvise") ? { name = "madvise" start = $start length = $len_in @@ -2373,7 +2586,8 @@ probe syscall.madvise = kernel.function("sys_madvise") ? { advice_str = _madvice_advice_str($behavior) argstr = sprintf("%p, %d, %s", $start, $len_in, _madvice_advice_str($behavior)) } -probe syscall.madvise.return = kernel.function("sys_madvise").return ? { +probe syscall.madvise.return = kernel.function("SyS_madvise").return !, + kernel.function("sys_madvise").return ? { name = "madvise" retstr = returnstr(1) } @@ -2394,8 +2608,9 @@ probe syscall.madvise.return = kernel.function("sys_madvise").return ? { # compat_ulong_t flags) # probe syscall.mbind = - kernel.function("sys_mbind") ?, - kernel.function("compat_sys_mbind") ? + kernel.function("compat_sys_mbind") ?, + kernel.function("SyS_mbind") !, + kernel.function("sys_mbind") ? { name = "mbind" start = $start @@ -2408,8 +2623,9 @@ probe syscall.mbind = $nmask, $maxnode, $flags) } probe syscall.mbind.return = - kernel.function("sys_mbind").return ?, - kernel.function("compat_sys_mbind").return ? + kernel.function("compat_sys_mbind").return ?, + kernel.function("SyS_mbind").return !, + kernel.function("sys_mbind").return ? { name = "mbind" retstr = returnstr(1) @@ -2419,11 +2635,13 @@ probe syscall.mbind.return = # long sys_migrate_pages(pid_t pid, unsigned long maxnode, # const unsigned long __user *old_nodes, # const unsigned long __user *new_nodes) -probe syscall.migrate_pages = kernel.function("sys_migrate_pages") ? { +probe syscall.migrate_pages = kernel.function("SyS_migrate_pages") !, + kernel.function("sys_migrate_pages") ? { name = "migrate_pages" argstr = sprintf("%d, %d, %p, %p", $pid, $maxnode, $old_nodes, $new_nodes) } -probe syscall.migrate_pages.return = kernel.function("sys_migrate_pages").return ? { +probe syscall.migrate_pages.return = kernel.function("SyS_migrate_pages").return !, + kernel.function("sys_migrate_pages").return ? { name = "migrate_pages" retstr = returnstr(1) } @@ -2431,28 +2649,32 @@ probe syscall.migrate_pages.return = kernel.function("sys_migrate_pages").return # mincore ____________________________________________________ # long sys_mincore(unsigned long start, size_t len, unsigned char __user * vec) # -probe syscall.mincore = kernel.function("sys_mincore") ? { +probe syscall.mincore = kernel.function("SyS_mincore") !, + kernel.function("sys_mincore") ? { name = "mincore" start = $start length = $len vec_uaddr = $vec argstr = sprintf("%p, %d, %p", $start, $len, $vec) } -probe syscall.mincore.return = kernel.function("sys_mincore").return ? { +probe syscall.mincore.return = kernel.function("SyS_mincore").return !, + kernel.function("sys_mincore").return ? { name = "mincore" retstr = returnstr(1) } # mkdir ______________________________________________________ # long sys_mkdir(const char __user * pathname, int mode) -probe syscall.mkdir = kernel.function("sys_mkdir") { +probe syscall.mkdir = kernel.function("SyS_mkdir") !, + kernel.function("sys_mkdir") { name = "mkdir" pathname_uaddr = $pathname pathname = user_string($pathname) mode = $mode argstr = sprintf("%s, %#o", user_string_quoted($pathname), $mode) } -probe syscall.mkdir.return = kernel.function("sys_mkdir").return { +probe syscall.mkdir.return = kernel.function("SyS_mkdir").return !, + kernel.function("sys_mkdir").return { name = "mkdir" retstr = returnstr(1) } @@ -2460,21 +2682,24 @@ probe syscall.mkdir.return = kernel.function("sys_mkdir").return { # mkdirat ____________________________________________________ # new function with 2.6.16 # long sys_mkdirat(int dfd, const char __user *pathname, int mode) -probe syscall.mkdirat = kernel.function("sys_mkdirat") ? { +probe syscall.mkdirat = kernel.function("SyS_mkdirat") !, + kernel.function("sys_mkdirat") ? { name = "mkdirat" dirfd = $dfd pathname = user_string($pathname) mode = $mode argstr = sprintf("%s, %s, %#o", _dfd_str($dfd), user_string_quoted($pathname), $mode) } -probe syscall.mkdirat.return = kernel.function("sys_mkdirat").return ? { +probe syscall.mkdirat.return = kernel.function("SyS_mkdirat").return !, + kernel.function("sys_mkdirat").return ? { name = "mkdirat" retstr = returnstr(1) } # mknod # long sys_mknod(const char __user * filename, int mode, unsigned dev) -probe syscall.mknod = kernel.function("sys_mknod") { +probe syscall.mknod = kernel.function("SyS_mknod") !, + kernel.function("sys_mknod") { name = "mknod" pathname = user_string($filename) mode = $mode @@ -2482,7 +2707,8 @@ probe syscall.mknod = kernel.function("sys_mknod") { argstr = sprintf("%s, %s, %p", user_string_quoted($filename), _mknod_mode_str($mode), dev) } -probe syscall.mknod.return = kernel.function("sys_mknod").return { +probe syscall.mknod.return = kernel.function("SyS_mknod").return !, + kernel.function("sys_mknod").return { name = "mknod" retstr = returnstr(1) } @@ -2491,7 +2717,8 @@ probe syscall.mknod.return = kernel.function("sys_mknod").return { # new function with 2.6.16 # long sys_mknodat(int dfd, const char __user *filename, # int mode, unsigned dev) -probe syscall.mknodat = kernel.function("sys_mknodat") ? { +probe syscall.mknodat = kernel.function("SyS_mknodat") !, + kernel.function("sys_mknodat") ? { name = "mknodat" dfd = $dfd dfd_str = _dfd_str($dfd) @@ -2503,7 +2730,8 @@ probe syscall.mknodat = kernel.function("sys_mknodat") ? { argstr = sprintf("%s, %s, %s, %p", dfd_str, user_string_quoted($filename), mode_str, $dev) } -probe syscall.mknodat.return = kernel.function("sys_mknodat").return ? { +probe syscall.mknodat.return = kernel.function("SyS_mknodat").return !, + kernel.function("sys_mknodat").return ? { name = "mknodat" retstr = returnstr(1) } @@ -2512,13 +2740,15 @@ probe syscall.mknodat.return = kernel.function("sys_mknodat").return ? { # # long sys_mlock(unsigned long start, size_t len) # -probe syscall.mlock = kernel.function("sys_mlock") ? { +probe syscall.mlock = kernel.function("SyS_mlock") !, + kernel.function("sys_mlock") ? { name = "mlock" addr = $start len = $len argstr = sprintf("%p, %d", $start, $len) } -probe syscall.mlock.return = kernel.function("sys_mlock").return ? { +probe syscall.mlock.return = kernel.function("SyS_mlock").return !, + kernel.function("sys_mlock").return ? { name = "mlock" retstr = returnstr(1) } @@ -2526,12 +2756,14 @@ probe syscall.mlock.return = kernel.function("sys_mlock").return ? { # # long sys_mlockall(int flags) # -probe syscall.mlockall = kernel.function("sys_mlockall") ? { +probe syscall.mlockall = kernel.function("SyS_mlockall") !, + kernel.function("sys_mlockall") ? { name = "mlockall" flags = $flags argstr = _mlockall_flags_str($flags) } -probe syscall.mlockall.return = kernel.function("sys_mlockall").return ? { +probe syscall.mlockall.return = kernel.function("SyS_mlockall").return !, + kernel.function("sys_mlockall").return ? { name = "mlockall" retstr = returnstr(1) } @@ -2565,15 +2797,17 @@ probe syscall.modify_ldt.return = kernel.function("sys_modify_ldt").return ? { # int flags) # probe syscall.move_pages = - kernel.function("sys_move_pages") ?, - kernel.function("compat_sys_move_pages") ? + kernel.function("compat_sys_move_pages") ?, + kernel.function("SyS_move_pages") !, + kernel.function("sys_move_pages") ? { name = "move_pages" argstr = sprintf("%d, %d, %p, %p, 0x%x", $pid, $nr_pages, $nodes, $status, $flags) } probe syscall.move_pages.return = - kernel.function("sys_move_pages").return ?, - kernel.function("compat_sys_move_pages").return ? + kernel.function("compat_sys_move_pages").return ?, + kernel.function("SyS_move_pages").return !, + kernel.function("sys_move_pages").return ? { name = "move_pages" retstr = returnstr(1) @@ -2591,8 +2825,9 @@ probe syscall.move_pages.return = # unsigned long flags, # void __user * data) probe syscall.mount = - kernel.function("sys_mount"), - kernel.function("compat_sys_mount") ? + kernel.function("compat_sys_mount") ?, + kernel.function("SyS_mount") !, + kernel.function("sys_mount") { name = "mount" source = user_string($dev_name) @@ -2608,8 +2843,9 @@ probe syscall.mount = mountflags_str, data) } probe syscall.mount.return = - kernel.function("sys_mount").return, - kernel.function("compat_sys_mount").return ? + kernel.function("compat_sys_mount").return ?, + kernel.function("SyS_mount").return !, + kernel.function("sys_mount").return { name = "mount" retstr = returnstr(1) @@ -2618,7 +2854,8 @@ probe syscall.mount.return = # mprotect ___________________________________________________ # long sys_mprotect(unsigned long start, size_t len, unsigned long prot) # -probe syscall.mprotect = kernel.function("sys_mprotect") ? { +probe syscall.mprotect = kernel.function("SyS_mprotect") !, + kernel.function("sys_mprotect") ? { name = "mprotect" addr = $start len = $len @@ -2626,7 +2863,8 @@ probe syscall.mprotect = kernel.function("sys_mprotect") ? { prot_str = _mprotect_prot_str($prot) argstr = sprintf("%p, %d, %s", $start, $len, _mprotect_prot_str($prot)) } -probe syscall.mprotect.return = kernel.function("sys_mprotect").return ? { +probe syscall.mprotect.return = kernel.function("SyS_mprotect").return !, + kernel.function("sys_mprotect").return ? { name = "mprotect" retstr = returnstr(1) } @@ -2640,8 +2878,9 @@ probe syscall.mprotect.return = kernel.function("sys_mprotect").return ? { # struct compat_mq_attr __user *u_omqstat) # probe syscall.mq_getsetattr = - kernel.function("sys_mq_getsetattr") ?, - kernel.function("compat_sys_mq_getsetattr") ? + kernel.function("compat_sys_mq_getsetattr") ?, + kernel.function("SyS_mq_getsetattr") !, + kernel.function("sys_mq_getsetattr") ? { name = "mq_getsetattr" mqdes = $mqdes @@ -2650,8 +2889,9 @@ probe syscall.mq_getsetattr = argstr = sprintf("%d, %p, %p", $mqdes, $u_mqstat, $u_omqstat) } probe syscall.mq_getsetattr.return = - kernel.function("sys_mq_getsetattr").return ?, - kernel.function("compat_sys_mq_getsetattr").return ? + kernel.function("compat_sys_mq_getsetattr").return ?, + kernel.function("SyS_mq_getsetattr").return !, + kernel.function("sys_mq_getsetattr").return ? { name = "mq_getsetattr" retstr = returnstr(1) @@ -2662,8 +2902,9 @@ probe syscall.mq_getsetattr.return = # long compat_sys_mq_notify(mqd_t mqdes, const struct compat_sigevent __user *u_notification) # probe syscall.mq_notify = - kernel.function("sys_mq_notify") ?, - kernel.function("compat_sys_mq_notify") ? + kernel.function("compat_sys_mq_notify") ?, + kernel.function("SyS_mq_notify") !, + kernel.function("sys_mq_notify") ? { name = "mq_notify" mqdes = $mqdes @@ -2671,8 +2912,9 @@ probe syscall.mq_notify = argstr = sprintf("%d, %p", $mqdes, $u_notification) } probe syscall.mq_notify.return = - kernel.function("sys_mq_notify").return ?, - kernel.function("compat_sys_mq_notify").return ? + kernel.function("compat_sys_mq_notify").return ?, + kernel.function("SyS_mq_notify").return !, + kernel.function("sys_mq_notify").return ? { name = "mq_notify" retstr = returnstr(1) @@ -2688,8 +2930,9 @@ probe syscall.mq_notify.return = # struct compat_mq_attr __user *u_attr) # probe syscall.mq_open = - kernel.function("sys_mq_open") ?, - kernel.function("compat_sys_mq_open") ? + kernel.function("compat_sys_mq_open") ?, + kernel.function("SyS_mq_open") !, + kernel.function("sys_mq_open") ? { name = "mq_open" name_uaddr = $u_name @@ -2704,8 +2947,9 @@ probe syscall.mq_open = argstr = sprintf("%s, %s", user_string_quoted($u_name), _sys_open_flag_str($oflag)) } probe syscall.mq_open.return = - kernel.function("sys_mq_open").return ?, - kernel.function("compat_sys_mq_open").return ? + kernel.function("compat_sys_mq_open").return ?, + kernel.function("SyS_mq_open").return !, + kernel.function("sys_mq_open").return ? { name = "mq_open" retstr = returnstr(1) @@ -2723,8 +2967,9 @@ probe syscall.mq_open.return = # const struct compat_timespec __user *u_abs_timeout) # probe syscall.mq_timedreceive = - kernel.function("sys_mq_timedreceive") ?, - kernel.function("compat_sys_mq_timedreceive") ? + kernel.function("compat_sys_mq_timedreceive") ?, + kernel.function("SyS_mq_timedreceive") !, + kernel.function("sys_mq_timedreceive") ? { name = "mq_timedreceive" mqdes = $mqdes @@ -2736,8 +2981,9 @@ probe syscall.mq_timedreceive = $u_msg_prio, $u_abs_timeout) } probe syscall.mq_timedreceive.return = - kernel.function("sys_mq_timedreceive").return ?, - kernel.function("compat_sys_mq_timedreceive").return ? + kernel.function("compat_sys_mq_timedreceive").return ?, + kernel.function("SyS_mq_timedreceive").return !, + kernel.function("sys_mq_timedreceive").return ? { name = "mq_timedreceive" retstr = returnstr(1) @@ -2755,8 +3001,9 @@ probe syscall.mq_timedreceive.return = # const struct compat_timespec __user *u_abs_timeout) # probe syscall.mq_timedsend = - kernel.function("sys_mq_timedsend") ?, - kernel.function("compat_sys_mq_timedsend") ? + kernel.function("compat_sys_mq_timedsend") ?, + kernel.function("SyS_mq_timedsend") !, + kernel.function("sys_mq_timedsend") ? { name = "mq_timedsend" mqdes = $mqdes @@ -2768,8 +3015,9 @@ probe syscall.mq_timedsend = $msg_prio, $u_abs_timeout) } probe syscall.mq_timedsend.return = - kernel.function("sys_mq_timedsend").return ?, - kernel.function("compat_sys_mq_timedsend").return ? + kernel.function("compat_sys_mq_timedsend").return ?, + kernel.function("SyS_mq_timedsend").return !, + kernel.function("sys_mq_timedsend").return ? { name = "mq_timedsend" retstr = returnstr(1) @@ -2778,13 +3026,15 @@ probe syscall.mq_timedsend.return = # mq_unlink __________________________________________________ # long sys_mq_unlink(const char __user *u_name) # -probe syscall.mq_unlink = kernel.function("sys_mq_unlink") ? { +probe syscall.mq_unlink = kernel.function("SyS_mq_unlink") !, + kernel.function("sys_mq_unlink") ? { name = "mq_unlink" u_name_uaddr = $u_name u_name = user_string($u_name) argstr = user_string_quoted($u_name) } -probe syscall.mq_unlink.return = kernel.function("sys_mq_unlink").return ? { +probe syscall.mq_unlink.return = kernel.function("SyS_mq_unlink").return !, + kernel.function("sys_mq_unlink").return ? { name = "mq_unlink" retstr = returnstr(1) } @@ -2797,8 +3047,9 @@ probe syscall.mq_unlink.return = kernel.function("sys_mq_unlink").return ? { # unsigned long new_addr) # probe syscall.mremap = - kernel.function("sys_mremap") ?, - kernel.function("ia64_mremap") ? + kernel.function("ia64_mremap") ?, + kernel.function("SyS_mremap") !, + kernel.function("sys_mremap") ? { name = "mremap" old_address = $addr @@ -2810,8 +3061,9 @@ probe syscall.mremap = _mremap_flags($flags), $new_addr) } probe syscall.mremap.return = - kernel.function("sys_mremap").return ?, - kernel.function("ia64_mremap").return ? + kernel.function("ia64_mremap").return ?, + kernel.function("SyS_mremap").return !, + kernel.function("sys_mremap").return ? { name = "mremap" retstr = returnstr(2) @@ -2820,14 +3072,16 @@ probe syscall.mremap.return = # msgctl _____________________________________________________ # long sys_msgctl (int msqid, int cmd, struct msqid_ds __user *buf) # -probe syscall.msgctl = kernel.function("sys_msgctl") ? { +probe syscall.msgctl = kernel.function("SyS_msgctl") !, + kernel.function("sys_msgctl") ? { name = "msgctl" msqid = $msqid cmd = $cmd buf_uaddr = $buf argstr = sprintf("%d, %d, %p", $msqid, $cmd, $buf) } -probe syscall.msgctl.return = kernel.function("sys_msgctl").return ? { +probe syscall.msgctl.return = kernel.function("SyS_msgctl").return !, + kernel.function("sys_msgctl").return ? { name = "msgctl" retstr = returnstr(1) } @@ -2847,14 +3101,16 @@ probe syscall.compat_sys_msgctl.return = kernel.function("compat_sys_msgctl").re # msgget _____________________________________________________ # long sys_msgget (key_t key, int msgflg) # -probe syscall.msgget = kernel.function("sys_msgget") ? { +probe syscall.msgget = kernel.function("SyS_msgget") !, + kernel.function("sys_msgget") ? { name = "msgget" key = $key msgflg = $msgflg msgflg_str = _sys_open_flag_str($msgflg) argstr = sprintf("%d, %s", $key, _sys_open_flag_str($msgflg)) } -probe syscall.msgget.return = kernel.function("sys_msgget").return ? { +probe syscall.msgget.return = kernel.function("SyS_msgget").return !, + kernel.function("sys_msgget").return ? { name = "msgget" retstr = returnstr(1) } @@ -2866,7 +3122,8 @@ probe syscall.msgget.return = kernel.function("sys_msgget").return ? { # long msgtyp, # int msgflg) # -probe syscall.msgrcv = kernel.function("sys_msgrcv") ? { +probe syscall.msgrcv = kernel.function("SyS_msgrcv") !, + kernel.function("sys_msgrcv") ? { name = "msgrcv" msqid = $msqid msgp_uaddr = $msgp @@ -2875,7 +3132,8 @@ probe syscall.msgrcv = kernel.function("sys_msgrcv") ? { msgflg = $msgflg argstr = sprintf("%d, %p, %d, %d, %d", $msqid, $msgp, $msgsz, $msgtyp, $msgflg) } -probe syscall.msgrcv.return = kernel.function("sys_msgrcv").return ? { +probe syscall.msgrcv.return = kernel.function("SyS_msgrcv").return !, + kernel.function("sys_msgrcv").return ? { name = "msgrcv" retstr = returnstr(1) } @@ -2899,7 +3157,8 @@ probe syscall.compat_sys_msgrcv.return = kernel.function("compat_sys_msgrcv").re # size_t msgsz, # int msgflg) # -probe syscall.msgsnd = kernel.function("sys_msgsnd") ? { +probe syscall.msgsnd = kernel.function("SyS_msgsnd") !, + kernel.function("sys_msgsnd") ? { name = "msgsnd" msqid = $msqid msgp_uaddr = $msgp @@ -2907,7 +3166,8 @@ probe syscall.msgsnd = kernel.function("sys_msgsnd") ? { msgflg = $msgflg argstr = sprintf("%d, %p, %d, %d", $msqid, $msgp, $msgsz, $msgflg) } -probe syscall.msgsnd.return = kernel.function("sys_msgsnd").return ? { +probe syscall.msgsnd.return = kernel.function("SyS_msgsnd").return !, + kernel.function("sys_msgsnd").return ? { name = "msgsnd" retstr = returnstr(1) } @@ -2926,27 +3186,31 @@ probe syscall.compat_sys_msgsnd.return = kernel.function("compat_sys_msgsnd").re # msync ______________________________________________________ # long sys_msync(unsigned long start, size_t len, int flags) -probe syscall.msync = kernel.function("sys_msync") ? { +probe syscall.msync = kernel.function("SyS_msync") !, + kernel.function("sys_msync") ? { name = "msync" start = $start length = $len flags = $flags argstr = sprintf("%p, %d, %s",start, length, _msync_flag_str(flags)) } -probe syscall.msync.return = kernel.function("sys_msync").return ? { +probe syscall.msync.return = kernel.function("SyS_msync").return !, + kernel.function("sys_msync").return ? { name = "msync" retstr = returnstr(1) } # munlock ____________________________________________________ # long sys_munlock(unsigned long start, size_t len) -probe syscall.munlock = kernel.function("sys_munlock") ? { +probe syscall.munlock = kernel.function("SyS_munlock") !, + kernel.function("sys_munlock") ? { name = "munlock" addr = $start len = $len argstr = sprintf("%p, %d", addr, len) } -probe syscall.munlock.return = kernel.function("sys_munlock").return ? { +probe syscall.munlock.return = kernel.function("SyS_munlock").return !, + kernel.function("sys_munlock").return ? { name = "munlock" retstr = returnstr(1) } @@ -2964,13 +3228,15 @@ probe syscall.munlockall.return = kernel.function("sys_munlockall").return ? { # munmap _____________________________________________________ # long sys_munmap(unsigned long addr, size_t len) -probe syscall.munmap = kernel.function("sys_munmap") { +probe syscall.munmap = kernel.function("SyS_munmap") !, + kernel.function("sys_munmap") { name = "munmap" start = $addr length = $len argstr = sprintf("%p, %d", start, length) } -probe syscall.munmap.return = kernel.function("sys_munmap").return { +probe syscall.munmap.return = kernel.function("SyS_munmap").return !, + kernel.function("sys_munmap").return { name = "munmap" retstr = returnstr(1) } diff --git a/tapset/syscalls2.stp b/tapset/syscalls2.stp index 3b592e14..65bcf9bf 100644 --- a/tapset/syscalls2.stp +++ b/tapset/syscalls2.stp @@ -28,13 +28,15 @@ # long compat_sys_nanosleep(struct compat_timespec __user *rqtp, # struct compat_timespec __user *rmtp) # -probe syscall.nanosleep = kernel.function("sys_nanosleep") { +probe syscall.nanosleep = kernel.function("SyS_nanosleep") !, + kernel.function("sys_nanosleep") { name = "nanosleep" req_uaddr = $rqtp rem_uaddr = $rmtp argstr = sprintf("%s, %p", _struct_timespec_u($rqtp,1), $rmtp) } -probe syscall.nanosleep.return = kernel.function("sys_nanosleep").return { +probe syscall.nanosleep.return = kernel.function("SyS_nanosleep").return !, + kernel.function("sys_nanosleep").return { name = "nanosleep" retstr = returnstr(1) } @@ -76,12 +78,14 @@ probe syscall.nfsservctl.return = # nice _______________________________________________________ # long sys_nice(int increment) # -probe syscall.nice = kernel.function("sys_nice") ? { +probe syscall.nice = kernel.function("SyS_nice") !, + kernel.function("sys_nice") ? { name = "nice" inc = $increment argstr = sprintf("%d", $increment) } -probe syscall.nice.return = kernel.function("sys_nice").return ? { +probe syscall.nice.return = kernel.function("SyS_nice").return !, + kernel.function("sys_nice").return ? { name = "nice" retstr = returnstr(1) } @@ -104,9 +108,10 @@ probe syscall.ni_syscall.return = kernel.function("sys_ni_syscall").return { # (obsolete) long sys32_open(const char * filename, int flags, int mode) # probe syscall.open = - kernel.function("sys_open") ?, kernel.function("compat_sys_open") ?, - kernel.function("sys32_open") ? + kernel.function("sys32_open") ?, + kernel.function("SyS_open") !, + kernel.function("sys_open") ? { name = "open" filename = user_string($filename) @@ -120,9 +125,10 @@ probe syscall.open = _sys_open_flag_str($flags)) } probe syscall.open.return = - kernel.function("sys_open").return ?, kernel.function("compat_sys_open").return ?, - kernel.function("sys32_open").return ? + kernel.function("sys32_open").return ?, + kernel.function("SyS_open").return !, + kernel.function("sys_open").return ? { name = "open" retstr = returnstr(1) @@ -133,8 +139,9 @@ probe syscall.open.return = # long compat_sys_openat(unsigned int dfd, const char __user *filename, int flags, int mode) # probe syscall.openat = - kernel.function("sys_openat") ?, - kernel.function("compat_sys_openat") ? + kernel.function("compat_sys_openat") ?, + kernel.function("SyS_openat") !, + kernel.function("sys_openat") ? { name = "openat" filename = user_string($filename) @@ -150,8 +157,9 @@ probe syscall.openat = _sys_open_flag_str($flags)) } probe syscall.openat.return = - kernel.function("sys_openat").return ?, - kernel.function("compat_sys_openat").return ? + kernel.function("compat_sys_openat").return ?, + kernel.function("SyS_openat").return !, + kernel.function("sys_openat").return ? { name = "openat" retstr = returnstr(1) @@ -251,12 +259,14 @@ probe syscall.pause.return = kernel.function("sys_pause").return ?, # asmlinkage long # sys_personality(u_long personality) # -probe syscall.personality = kernel.function("sys_personality") { +probe syscall.personality = kernel.function("SyS_personality") !, + kernel.function("sys_personality") { name = "personality" persona = $personality argstr = sprintf("%p", persona); } -probe syscall.personality.return = kernel.function("sys_personality").return { +probe syscall.personality.return = kernel.function("SyS_personality").return !, + kernel.function("sys_personality").return { name = "personality" retstr = returnstr(1) } @@ -267,12 +277,14 @@ probe syscall.personality.return = kernel.function("sys_personality").return { # %(arch == "x86_64" %? # x86_64 gcc 4.1 problem -probe syscall.pipe = kernel.function("sys_pipe") { +probe syscall.pipe = kernel.function("SyS_pipe") !, + kernel.function("sys_pipe") { name = "pipe" argstr = "" } %: -probe syscall.pipe = kernel.function("sys_pipe") { +probe syscall.pipe = kernel.function("SyS_pipe") !, + kernel.function("sys_pipe") { name = "pipe" %( arch == "ia64" %? # ia64 just returns value directly, no fildes argument @@ -283,7 +295,8 @@ probe syscall.pipe = kernel.function("sys_pipe") { %) } %) -probe syscall.pipe.return = kernel.function("sys_pipe").return { +probe syscall.pipe.return = kernel.function("SyS_pipe").return !, + kernel.function("sys_pipe").return { name = "pipe" retstr = returnstr(1) } @@ -292,14 +305,16 @@ probe syscall.pipe.return = kernel.function("sys_pipe").return { # # long sys_pivot_root(const char __user *new_root, const char __user *put_old) # -probe syscall.pivot_root = kernel.function("sys_pivot_root") { +probe syscall.pivot_root = kernel.function("SyS_pivot_root") !, + kernel.function("sys_pivot_root") { name = "pivot_root" new_root_str = user_string($new_root) old_root_str = user_string($put_old) argstr = sprintf("%s, %s", user_string_quoted($new_root), user_string_quoted($put_old)) } -probe syscall.pivot_root.return = kernel.function("sys_pivot_root").return { +probe syscall.pivot_root.return = kernel.function("SyS_pivot_root").return !, + kernel.function("sys_pivot_root").return { name = "pivot_root" retstr = returnstr(1) } @@ -308,7 +323,8 @@ probe syscall.pivot_root.return = kernel.function("sys_pivot_root").return { # # long sys_poll(struct pollfd __user * ufds, unsigned int nfds, long timeout) # -probe syscall.poll = kernel.function("sys_poll") { +probe syscall.poll = kernel.function("SyS_poll") !, + kernel.function("sys_poll") { name = "poll" ufds_uaddr = $ufds nfds = $nfds @@ -319,7 +335,8 @@ probe syscall.poll = kernel.function("sys_poll") { %) argstr = sprintf("%p, %d, %d", $ufds, $nfds, timeout) } -probe syscall.poll.return = kernel.function("sys_poll").return { +probe syscall.poll.return = kernel.function("SyS_poll").return !, + kernel.function("sys_poll").return { name = "poll" retstr = returnstr(1) } @@ -330,7 +347,8 @@ probe syscall.poll.return = kernel.function("sys_poll").return { # struct timespec __user *tsp, const sigset_t __user *sigmask, # size_t sigsetsize) # -probe syscall.ppoll = kernel.function("sys_ppoll") ? { +probe syscall.ppoll = kernel.function("SyS_ppoll") !, + kernel.function("sys_ppoll") ? { name = "ppoll" argstr = sprintf("%p, %d, %s, %p, %d", $ufds, @@ -339,7 +357,8 @@ probe syscall.ppoll = kernel.function("sys_ppoll") ? { $sigmask, $sigsetsize) } -probe syscall.ppoll.return = kernel.function("sys_ppoll").return ? { +probe syscall.ppoll.return = kernel.function("SyS_ppoll").return !, + kernel.function("sys_ppoll").return ? { name = "ppoll" retstr = returnstr(1) } @@ -370,7 +389,8 @@ probe syscall.compat_ppoll.return = kernel.function("compat_sys_ppoll").return ? # unsigned long arg4, # unsigned long arg5) # -probe syscall.prctl = kernel.function("sys_prctl") { +probe syscall.prctl = kernel.function("SyS_prctl") !, + kernel.function("sys_prctl") { name = "prctl" option = $option arg2 = $arg2 @@ -380,7 +400,8 @@ probe syscall.prctl = kernel.function("sys_prctl") { argstr = sprintf("%p, %p, %p, %p, %p", option, arg2, arg3, arg4, arg5) } -probe syscall.prctl.return = kernel.function("sys_prctl").return { +probe syscall.prctl.return = kernel.function("SyS_prctl").return !, + kernel.function("sys_prctl").return { name = "prctl" retstr = returnstr(1) } @@ -391,7 +412,8 @@ probe syscall.prctl.return = kernel.function("sys_prctl").return { # size_t count, # loff_t pos) # -probe syscall.pread = kernel.function("sys_pread64") { +probe syscall.pread = kernel.function("SyS_pread64") !, + kernel.function("sys_pread64") { name = "pread" fd = $fd buf_uaddr = $buf @@ -399,7 +421,8 @@ probe syscall.pread = kernel.function("sys_pread64") { offset = $pos argstr = sprintf("%d, %p, %d, %d", $fd, $buf, $count, $pos) } -probe syscall.pread.return = kernel.function("sys_pread64").return { +probe syscall.pread.return = kernel.function("SyS_pread64").return !, + kernel.function("sys_pread64").return { name = "pread" retstr = returnstr(1) } @@ -409,12 +432,14 @@ probe syscall.pread.return = kernel.function("sys_pread64").return { # long sys_pselect6(int n, fd_set __user *inp, fd_set __user *outp, # fd_set __user *exp, struct timespec __user *tsp, void __user *sig) # -probe syscall.pselect6 = kernel.function("sys_pselect6") ? { +probe syscall.pselect6 = kernel.function("SyS_pselect6") !, + kernel.function("sys_pselect6") ? { name = "pselect6" argstr = sprintf("%d, %p, %p, %p, %s, %p", $n, $inp, $outp, $exp, _struct_timespec_u($tsp,1), $sig) } -probe syscall.pselect6.return = kernel.function("sys_pselect6").return ? { +probe syscall.pselect6.return = kernel.function("SyS_pselect6").return !, + kernel.function("sys_pselect6").return ? { name = "pselect6" retstr = returnstr(1) } @@ -460,7 +485,8 @@ probe syscall.compat_pselect7.return = kernel.function("compat_sys_pselect7").re # long addr, # long data) # -probe syscall.ptrace = kernel.function("sys_ptrace") ? { +probe syscall.ptrace = kernel.function("SyS_ptrace") !, + kernel.function("sys_ptrace") ? { name = "ptrace" request = $request pid = $pid @@ -468,7 +494,8 @@ probe syscall.ptrace = kernel.function("sys_ptrace") ? { data = $data argstr = sprintf("%d, %d, %p, %p", request, pid, addr, data) } -probe syscall.ptrace.return = kernel.function("sys_ptrace").return ? { +probe syscall.ptrace.return = kernel.function("SyS_ptrace").return !, + kernel.function("sys_ptrace").return ? { name = "ptrace" retstr = returnstr(1) } @@ -480,7 +507,8 @@ probe syscall.ptrace.return = kernel.function("sys_ptrace").return ? { # size_t count, # loff_t pos) # -probe syscall.pwrite = kernel.function("sys_pwrite64") { +probe syscall.pwrite = kernel.function("SyS_pwrite64") !, + kernel.function("sys_pwrite64") { name = "pwrite" fd = $fd buf_uaddr = $buf @@ -490,7 +518,8 @@ probe syscall.pwrite = kernel.function("sys_pwrite64") { text_strn(user_string($buf),syscall_string_trunc,1), $count, $pos) } -probe syscall.pwrite.return = kernel.function("sys_pwrite64").return { +probe syscall.pwrite.return = kernel.function("SyS_pwrite64").return !, + kernel.function("sys_pwrite64").return { name = "pwrite" retstr = returnstr(1) } @@ -526,7 +555,8 @@ probe syscall.pwrite32.return = kernel.function("sys32_pwrite64").return ? { # qid_t id, # void __user *addr) # -probe syscall.quotactl = kernel.function("sys_quotactl") ? { +probe syscall.quotactl = kernel.function("SyS_quotactl") !, + kernel.function("sys_quotactl") ? { name = "quotactl" cmd = $cmd cmd_str = _quotactl_cmd_str($cmd) @@ -536,7 +566,8 @@ probe syscall.quotactl = kernel.function("sys_quotactl") ? { addr_uaddr = $addr argstr = sprintf("%s, %s, %d, %p", cmd_str, special_str, $id, $addr) } -probe syscall.quotactl.return = kernel.function("sys_quotactl").return ? { +probe syscall.quotactl.return = kernel.function("SyS_quotactl").return !, + kernel.function("sys_quotactl").return ? { name = "quotactl" retstr = returnstr(1) } @@ -544,14 +575,16 @@ probe syscall.quotactl.return = kernel.function("sys_quotactl").return ? { # read _______________________________________________________ # ssize_t sys_read(unsigned int fd, char __user * buf, size_t count) -probe syscall.read = kernel.function("sys_read") { +probe syscall.read = kernel.function("SyS_read") !, + kernel.function("sys_read") { name = "read" fd = $fd buf_uaddr = $buf count = $count argstr = sprintf("%d, %p, %d", $fd, $buf, $count) } -probe syscall.read.return = kernel.function("sys_read").return { +probe syscall.read.return = kernel.function("SyS_read").return !, + kernel.function("sys_read").return { name = "read" retstr = returnstr(1) } @@ -563,14 +596,16 @@ probe syscall.read.return = kernel.function("sys_read").return { # loff_t offset, # size_t count) # -probe syscall.readahead = kernel.function("sys_readahead") { +probe syscall.readahead = kernel.function("SyS_readahead") !, + kernel.function("sys_readahead") { name = "readahead" fd = $fd offset = $offset count = $count argstr = sprintf("%d, %p, %p", fd, offset, count) } -probe syscall.readahead.return = kernel.function("sys_readahead").return { +probe syscall.readahead.return = kernel.function("SyS_readahead").return !, + kernel.function("sys_readahead").return { name = "readahead" retstr = returnstr(1) } @@ -601,7 +636,8 @@ probe syscall.readdir.return = # char __user * buf, # int bufsiz) # -probe syscall.readlink = kernel.function("sys_readlink") { +probe syscall.readlink = kernel.function("SyS_readlink") !, + kernel.function("sys_readlink") { name = "readlink" path = user_string($path) buf_uaddr = $buf @@ -609,7 +645,8 @@ probe syscall.readlink = kernel.function("sys_readlink") { argstr = sprintf("%s, %p, %d", user_string_quoted($path), $buf, $bufsiz) } -probe syscall.readlink.return = kernel.function("sys_readlink").return { +probe syscall.readlink.return = kernel.function("SyS_readlink").return !, + kernel.function("sys_readlink").return { name = "readlink" retstr = returnstr(1) } @@ -620,7 +657,8 @@ probe syscall.readlink.return = kernel.function("sys_readlink").return { # char __user * buf, # int bufsiz) # -probe syscall.readlinkat = kernel.function("sys_readlinkat") ? { +probe syscall.readlinkat = kernel.function("SyS_readlinkat") !, + kernel.function("sys_readlinkat") ? { name = "readlinkat" dfd = $dfd buf_uaddr = $buf @@ -634,7 +672,8 @@ probe syscall.readlinkat = kernel.function("sys_readlinkat") ? { %) } -probe syscall.readlinkat.return = kernel.function("sys_readlinkat").return ? { +probe syscall.readlinkat.return = kernel.function("SyS_readlinkat").return !, + kernel.function("sys_readlinkat").return ? { name = "readlinkat" retstr = returnstr(1) } @@ -649,8 +688,9 @@ probe syscall.readlinkat.return = kernel.function("sys_readlinkat").return ? { # unsigned long vlen) # probe syscall.readv = - kernel.function("sys_readv"), - kernel.function("compat_sys_readv") ? + kernel.function("compat_sys_readv") ?, + kernel.function("SyS_readv") !, + kernel.function("sys_readv") { name = "readv" vector_uaddr = $vec @@ -664,8 +704,9 @@ probe syscall.readv = %) } probe syscall.readv.return = - kernel.function("sys_readv").return, - kernel.function("compat_sys_readv").return ? + kernel.function("compat_sys_readv").return ?, + kernel.function("SyS_readv").return !, + kernel.function("sys_readv").return { name = "readv" retstr = returnstr(1) @@ -678,7 +719,8 @@ probe syscall.readv.return = # unsigned int cmd, # void __user * arg) # -probe syscall.reboot = kernel.function("sys_reboot") { +probe syscall.reboot = kernel.function("SyS_reboot") !, + kernel.function("sys_reboot") { name = "reboot" magic = $magic1 magic_str = _reboot_magic_str($magic1) @@ -690,7 +732,8 @@ probe syscall.reboot = kernel.function("sys_reboot") { argstr = sprintf("%s, %s, %s, %p", magic_str, magic2_str, flag_str, $arg) } -probe syscall.reboot.return = kernel.function("sys_reboot").return { +probe syscall.reboot.return = kernel.function("SyS_reboot").return !, + kernel.function("sys_reboot").return { name = "reboot" retstr = returnstr(1) } @@ -722,7 +765,8 @@ probe syscall.recv.return = kernel.function("sys_recv").return ? { # struct sockaddr __user *addr, # int __user *addr_len) # -probe syscall.recvfrom = kernel.function("sys_recvfrom") ? { +probe syscall.recvfrom = kernel.function("SyS_recvfrom") !, + kernel.function("sys_recvfrom") ? { name = "recvfrom" s = $fd buf_uaddr = $ubuf @@ -734,7 +778,8 @@ probe syscall.recvfrom = kernel.function("sys_recvfrom") ? { argstr = sprintf("%d, %p, %d, %s, %p, %p", $fd, $ubuf, $size, _recvflags_str($flags), $addr, $addr_len) } -probe syscall.recvfrom.return = kernel.function("sys_recvfrom").return ? { +probe syscall.recvfrom.return = kernel.function("SyS_recvfrom").return !, + kernel.function("sys_recvfrom").return ? { name = "recvfrom" retstr = returnstr(1) } @@ -745,7 +790,8 @@ probe syscall.recvfrom.return = kernel.function("sys_recvfrom").return ? { # struct msghdr __user *msg, # unsigned int flags) # -probe syscall.recvmsg = kernel.function("sys_recvmsg") ? { +probe syscall.recvmsg = kernel.function("SyS_recvmsg") !, + kernel.function("sys_recvmsg") ? { name = "recvmsg" s = $fd msg_uaddr = $msg @@ -753,7 +799,8 @@ probe syscall.recvmsg = kernel.function("sys_recvmsg") ? { flags_str = _recvflags_str($flags) argstr = sprintf("%d, %p, %s", $fd, $msg, _recvflags_str($flags)) } -probe syscall.recvmsg.return = kernel.function("sys_recvmsg").return ? { +probe syscall.recvmsg.return = kernel.function("SyS_recvmsg").return !, + kernel.function("sys_recvmsg").return ? { name = "recvmsg" retstr = returnstr(1) } @@ -783,7 +830,8 @@ probe syscall.compat_sys_recvmsg.return = kernel.function("compat_sys_recvmsg"). # unsigned long pgoff, # unsigned long flags) # -probe syscall.remap_file_pages = kernel.function("sys_remap_file_pages") ? { +probe syscall.remap_file_pages = kernel.function("SyS_remap_file_pages") !, + kernel.function("sys_remap_file_pages") ? { name = "remap_file_pages" start = $start size = $size @@ -798,6 +846,7 @@ probe syscall.remap_file_pages = kernel.function("sys_remap_file_pages") ? { pgoff, flags) } probe syscall.remap_file_pages.return = + kernel.function("SyS_remap_file_pages").return !, kernel.function("sys_remap_file_pages").return ? { name = "remap_file_pages" retstr = returnstr(1) @@ -809,7 +858,8 @@ probe syscall.remap_file_pages.return = # sys_removexattr(char __user *path, # char __user *name) # -probe syscall.removexattr = kernel.function("sys_removexattr") { +probe syscall.removexattr = kernel.function("SyS_removexattr") !, + kernel.function("sys_removexattr") { name = "removexattr" name_str = user_string($name) %( kernel_v >= "2.6.27" %? @@ -823,7 +873,8 @@ probe syscall.removexattr = kernel.function("sys_removexattr") { %) } -probe syscall.removexattr.return = kernel.function("sys_removexattr").return { +probe syscall.removexattr.return = kernel.function("SyS_removexattr").return !, + kernel.function("sys_removexattr").return { name = "removexattr" retstr = returnstr(1) } @@ -833,14 +884,16 @@ probe syscall.removexattr.return = kernel.function("sys_removexattr").return { # sys_rename(const char __user * oldname, # const char __user * newname) # -probe syscall.rename = kernel.function("sys_rename") { +probe syscall.rename = kernel.function("SyS_rename") !, + kernel.function("sys_rename") { name = "rename" oldpath = user_string($oldname) newpath = user_string($newname) argstr = sprintf("%s, %s", user_string_quoted($oldname), user_string_quoted($newname)) } -probe syscall.rename.return = kernel.function("sys_rename").return { +probe syscall.rename.return = kernel.function("SyS_rename").return !, + kernel.function("sys_rename").return { name = "rename" retstr = returnstr(1) } @@ -849,7 +902,8 @@ probe syscall.rename.return = kernel.function("sys_rename").return { # new function with 2.6.16 # long sys_renameat(int olddfd, const char __user *oldname, # int newdfd, const char __user *newname) -probe syscall.renameat = kernel.function("sys_renameat") ? { +probe syscall.renameat = kernel.function("SyS_renameat") !, + kernel.function("sys_renameat") ? { name = "renameat" olddfd = $olddfd olddfd_str = _dfd_str($olddfd) @@ -863,7 +917,8 @@ probe syscall.renameat = kernel.function("sys_renameat") ? { olddfd_str, user_string_quoted($oldname), newdfd_str, user_string_quoted($newname)) } -probe syscall.renameat.return = kernel.function("sys_renameat").return ? { +probe syscall.renameat.return = kernel.function("SyS_renameat").return !, + kernel.function("sys_renameat").return ? { name = "renameat" retstr = returnstr(1) } @@ -876,7 +931,8 @@ probe syscall.renameat.return = kernel.function("sys_renameat").return ? { # key_serial_t destringid) # compat_sys_request_key() calls sys_request_key, so don't need probe there. # -probe syscall.request_key = kernel.function("sys_request_key") ? { +probe syscall.request_key = kernel.function("SyS_request_key") !, + kernel.function("sys_request_key") ? { name = "request_key" type_uaddr = $_type description_uaddr = $_description @@ -884,7 +940,8 @@ probe syscall.request_key = kernel.function("sys_request_key") ? { destringid = $destringid argstr = sprintf("%p, %p, %p, %p", $_type, $_description, $_callout_info, $destringid) } -probe syscall.request_key.return = kernel.function("sys_request_key").return ? { +probe syscall.request_key.return = kernel.function("SyS_request_key").return !, + kernel.function("sys_request_key").return ? { name = "request_key" retstr = returnstr(1) } @@ -908,12 +965,14 @@ probe syscall.restart_syscall.return = # asmlinkage long # sys_rmdir(const char __user * pathname) # -probe syscall.rmdir = kernel.function("sys_rmdir") { +probe syscall.rmdir = kernel.function("SyS_rmdir") !, + kernel.function("sys_rmdir") { name = "rmdir" pathname = user_string($pathname) argstr = user_string_quoted($pathname) } -probe syscall.rmdir.return = kernel.function("sys_rmdir").return { +probe syscall.rmdir.return = kernel.function("SyS_rmdir").return !, + kernel.function("sys_rmdir").return { name = "rmdir" retstr = returnstr(1) } @@ -925,7 +984,8 @@ probe syscall.rmdir.return = kernel.function("sys_rmdir").return { # struct sigaction __user *oact, # size_t sigsetsize) # -probe syscall.rt_sigaction = kernel.function("sys_rt_sigaction") ? { +probe syscall.rt_sigaction = kernel.function("SyS_rt_sigaction") !, + kernel.function("sys_rt_sigaction") ? { name = "rt_sigaction" sig = $sig act_uaddr = $act @@ -934,7 +994,9 @@ probe syscall.rt_sigaction = kernel.function("sys_rt_sigaction") ? { argstr = sprintf("%s, {%s}, %p, %d", _signal_name($sig), _struct_sigaction_u($act), $oact, $sigsetsize) } -probe syscall.rt_sigaction.return = kernel.function("sys_rt_sigaction").return ? { +probe syscall.rt_sigaction.return = + kernel.function("SyS_rt_sigaction").return !, + kernel.function("sys_rt_sigaction").return ? { name = "rt_sigaction" retstr = returnstr(1) } @@ -972,13 +1034,16 @@ probe syscall.rt_sigaction32.return = kernel.function("sys32_rt_sigaction").retu # # long sys_rt_sigpending(sigset_t __user *set, size_t sigsetsize) # -probe syscall.rt_sigpending = kernel.function("sys_rt_sigpending") ? { +probe syscall.rt_sigpending = kernel.function("SyS_rt_sigpending") !, + kernel.function("sys_rt_sigpending") ? { name = "rt_sigpending" set_uaddr = $set sigsetsize = $sigsetsize argstr = sprintf("%p, %d", $set, $sigsetsize) } -probe syscall.rt_sigpending.return = kernel.function("sys_rt_sigpending").return ? { +probe syscall.rt_sigpending.return = + kernel.function("SyS_rt_sigpending").return !, + kernel.function("sys_rt_sigpending").return ? { name = "rt_sigpending" retstr = returnstr(1) } @@ -991,6 +1056,7 @@ probe syscall.rt_sigpending.return = kernel.function("sys_rt_sigpending").return probe syscall.rt_sigprocmask = kernel.function("sys32_rt_sigprocmask") ?, kernel.function("compat_sys_rt_sigprocmask") ?, + kernel.function("SyS_rt_sigprocmask") !, kernel.function("sys_rt_sigprocmask") ? { name = "rt_sigprocmask" @@ -1004,6 +1070,7 @@ probe syscall.rt_sigprocmask = probe syscall.rt_sigprocmask.return = kernel.function("sys32_rt_sigprocmask").return ?, kernel.function("compat_sys_rt_sigprocmask").return ?, + kernel.function("SyS_rt_sigprocmask").return !, kernel.function("sys_rt_sigprocmask").return ? { name = "rt_sigprocmask" @@ -1014,7 +1081,8 @@ probe syscall.rt_sigprocmask.return = # # long sys_rt_sigqueueinfo(int pid, int sig,siginfo_t __user *uinfo) # -probe syscall.rt_sigqueueinfo = kernel.function("sys_rt_sigqueueinfo") { +probe syscall.rt_sigqueueinfo = kernel.function("SyS_rt_sigqueueinfo") !, + kernel.function("sys_rt_sigqueueinfo") { name = "rt_sigqueueinfo" pid = $pid sig = $sig @@ -1022,6 +1090,7 @@ probe syscall.rt_sigqueueinfo = kernel.function("sys_rt_sigqueueinfo") { argstr = sprintf("%d, %s, %p", $pid, _signal_name($sig), $uinfo) } probe syscall.rt_sigqueueinfo.return = + kernel.function("SyS_rt_sigqueueinfo").return !, kernel.function("sys_rt_sigqueueinfo").return { name = "rt_sigqueueinfo" retstr = returnstr(1) @@ -1050,17 +1119,19 @@ probe syscall.rt_sigreturn.return = # sys_rt_sigsuspend(struct pt_regs regs) # probe syscall.rt_sigsuspend = - kernel.function("sys_rt_sigsuspend") ?, kernel.function("compat_sys_rt_sigsuspend") ?, - kernel.function("ia64_rt_sigsuspend") ? + kernel.function("ia64_rt_sigsuspend") ?, + kernel.function("SyS_rt_sigsuspend") !, + kernel.function("sys_rt_sigsuspend") ? { name = "rt_sigsuspend" argstr = "" } probe syscall.rt_sigsuspend.return = - kernel.function("sys_rt_sigsuspend").return ?, kernel.function("compat_sys_rt_sigsuspend").return ?, - kernel.function("ia64_rt_sigsuspend").return ? + kernel.function("ia64_rt_sigsuspend").return ?, + kernel.function("SyS_rt_sigsuspend").return !, + kernel.function("sys_rt_sigsuspend").return ? { name = "rt_sigsuspend" retstr = returnstr(1) @@ -1077,8 +1148,9 @@ probe syscall.rt_sigsuspend.return = # struct compat_timespec __user *uts, compat_size_t sigsetsize) # probe syscall.rt_sigtimedwait = - kernel.function("sys_rt_sigtimedwait"), - kernel.function("compat_sys_rt_sigtimedwait") ? + kernel.function("compat_sys_rt_sigtimedwait") ?, + kernel.function("SyS_rt_sigtimedwait") !, + kernel.function("sys_rt_sigtimedwait") { name = "rt_sigtimedwait" uthese_uaddr = $uthese @@ -1088,8 +1160,9 @@ probe syscall.rt_sigtimedwait = argstr = sprintf("%p, %p, %p, %d", $uthese, $uinfo, $uts, $sigsetsize) } probe syscall.rt_sigtimedwait.return = - kernel.function("sys_rt_sigtimedwait").return, - kernel.function("compat_sys_rt_sigtimedwait").return ? + kernel.function("compat_sys_rt_sigtimedwait").return ?, + kernel.function("SyS_rt_sigtimedwait").return !, + kernel.function("sys_rt_sigtimedwait").return { name = "rt_sigtimedwait" retstr = returnstr(1) @@ -1102,7 +1175,8 @@ probe syscall.rt_sigtimedwait.return = # unsigned int len, # unsigned long __user *user_mask_ptr) # -probe syscall.sched_getaffinity = kernel.function("sys_sched_getaffinity") { +probe syscall.sched_getaffinity = kernel.function("SyS_sched_getaffinity") !, + kernel.function("sys_sched_getaffinity") { name = "sched_getaffinity" pid = $pid len = $len @@ -1110,6 +1184,7 @@ probe syscall.sched_getaffinity = kernel.function("sys_sched_getaffinity") { argstr = sprintf("%d, %p, %p", pid, len, mask_uaddr) } probe syscall.sched_getaffinity.return = + kernel.function("SyS_sched_getaffinity").return !, kernel.function("sys_sched_getaffinity").return { name = "sched_getaffinity" retstr = returnstr(1) @@ -1120,13 +1195,15 @@ probe syscall.sched_getaffinity.return = # sys_sched_getparam(pid_t pid, # struct sched_param __user *param) # -probe syscall.sched_getparam = kernel.function("sys_sched_getparam") { +probe syscall.sched_getparam = kernel.function("SyS_sched_getparam") !, + kernel.function("sys_sched_getparam") { name = "sched_getparam" pid = $pid p_uaddr = $param argstr = sprintf("%d, %p", pid, p_uaddr) } probe syscall.sched_getparam.return = + kernel.function("SyS_sched_getparam").return !, kernel.function("sys_sched_getparam").return { name = "sched_getparam" retstr = returnstr(1) @@ -1137,12 +1214,14 @@ probe syscall.sched_getparam.return = # sys_sched_get_priority_max(int policy) # probe syscall.sched_get_priority_max = + kernel.function("SyS_sched_get_priority_max") !, kernel.function("sys_sched_get_priority_max") { name = "sched_get_priority_max" policy = $policy argstr = sprint(policy) } probe syscall.sched_get_priority_max.return = + kernel.function("SyS_sched_get_priority_max").return !, kernel.function("sys_sched_get_priority_max").return { name = "sched_get_priority_max" retstr = returnstr(1) @@ -1153,12 +1232,14 @@ probe syscall.sched_get_priority_max.return = # sys_sched_get_priority_min(int policy) # probe syscall.sched_get_priority_min = + kernel.function("SyS_sched_get_priority_min") !, kernel.function("sys_sched_get_priority_min") { name = "sched_get_priority_min" policy = $policy argstr = sprint(policy) } probe syscall.sched_get_priority_min.return = + kernel.function("SyS_sched_get_priority_min").return !, kernel.function("sys_sched_get_priority_min").return { name = "sched_get_priority_min" retstr = returnstr(1) @@ -1167,12 +1248,14 @@ probe syscall.sched_get_priority_min.return = # # long sys_sched_getscheduler(pid_t pid) # -probe syscall.sched_getscheduler = kernel.function("sys_sched_getscheduler") { +probe syscall.sched_getscheduler = kernel.function("SyS_sched_getscheduler") !, + kernel.function("sys_sched_getscheduler") { name = "sched_getscheduler" pid = $pid argstr = sprint($pid) } -probe syscall.sched_getscheduler.return = kernel.function("sys_sched_getscheduler").return { +probe syscall.sched_getscheduler.return = kernel.function("SyS_sched_getscheduler").return !, + kernel.function("sys_sched_getscheduler").return { name = "sched_getscheduler" retstr = returnstr(1) } @@ -1180,13 +1263,15 @@ probe syscall.sched_getscheduler.return = kernel.function("sys_sched_getschedule # # long sys_sched_rr_get_interval(pid_t pid, struct timespec __user *interval) # -probe syscall.sched_rr_get_interval = kernel.function("sys_sched_rr_get_interval") { +probe syscall.sched_rr_get_interval = kernel.function("SyS_sched_rr_get_interval") !, + kernel.function("sys_sched_rr_get_interval") { name = "sched_rr_get_interval" pid = $pid tp_uaddr = $interval argstr = sprintf("%d, %s", $pid, _struct_timespec_u($interval,1)) } -probe syscall.sched_rr_get_interval.return = kernel.function("sys_sched_rr_get_interval").return { +probe syscall.sched_rr_get_interval.return = kernel.function("SyS_sched_rr_get_interval").return !, + kernel.function("sys_sched_rr_get_interval").return { name = "sched_rr_get_interval" retstr = returnstr(1) } @@ -1198,7 +1283,8 @@ probe syscall.sched_rr_get_interval.return = kernel.function("sys_sched_rr_get_i # FIXME: why the problem with x86_64? # %( arch != "x86_64" %? -probe syscall.sched_setaffinity = kernel.function("sys_sched_setaffinity") { +probe syscall.sched_setaffinity = kernel.function("SyS_sched_setaffinity") !, + kernel.function("sys_sched_setaffinity") { name = "sched_setaffinity" pid = $pid len = $len @@ -1206,7 +1292,8 @@ probe syscall.sched_setaffinity = kernel.function("sys_sched_setaffinity") { argstr = sprintf("%d, %d, %p", $pid, $len, $user_mask_ptr) } %: -probe syscall.sched_setaffinity = kernel.function("sys_sched_setaffinity") { +probe syscall.sched_setaffinity = kernel.function("SyS_sched_setaffinity") !, + kernel.function("sys_sched_setaffinity") { name = "sched_setaffinity" pid = $pid len = 0 @@ -1214,7 +1301,8 @@ probe syscall.sched_setaffinity = kernel.function("sys_sched_setaffinity") { argstr = sprintf("%d, <unknown>, %p", $pid, $user_mask_ptr) } %) -probe syscall.sched_setaffinity.return = kernel.function("sys_sched_setaffinity").return { +probe syscall.sched_setaffinity.return = kernel.function("SyS_sched_setaffinity").return !, + kernel.function("sys_sched_setaffinity").return { name = "sched_setaffinity" retstr = returnstr(1) } @@ -1223,13 +1311,16 @@ probe syscall.sched_setaffinity.return = kernel.function("sys_sched_setaffinity" # # long sys_sched_setparam(pid_t pid, struct sched_param __user *param) # -probe syscall.sched_setparam = kernel.function("sys_sched_setparam") ? { +probe syscall.sched_setparam = kernel.function("SyS_sched_setparam") !, + kernel.function("sys_sched_setparam") ? { name = "sched_setparam" pid = $pid p_uaddr = $param argstr = sprintf("%d, %p", $pid, $param) } -probe syscall.sched_setparam.return = kernel.function("sys_sched_setparam").return ? { +probe syscall.sched_setparam.return = + kernel.function("SyS_sched_setparam").return !, + kernel.function("sys_sched_setparam").return ? { name = "sched_setparam" retstr = returnstr(1) } @@ -1238,7 +1329,9 @@ probe syscall.sched_setparam.return = kernel.function("sys_sched_setparam").retu # # long sys_sched_setscheduler(pid_t pid, int policy, struct sched_param __user *param) # -probe syscall.sched_setscheduler = kernel.function("sys_sched_setscheduler") ? { +probe syscall.sched_setscheduler = + kernel.function("SyS_sched_setscheduler") !, + kernel.function("sys_sched_setscheduler") ? { name = "sched_setscheduler" pid = $pid policy = $policy @@ -1246,7 +1339,9 @@ probe syscall.sched_setscheduler = kernel.function("sys_sched_setscheduler") ? { p_uaddr = $param argstr = sprintf("%d, %s, %p", $pid, policy_str, $param) } -probe syscall.sched_setscheduler.return = kernel.function("sys_sched_setscheduler").return ? { +probe syscall.sched_setscheduler.return = + kernel.function("SyS_sched_setscheduler").return !, + kernel.function("sys_sched_setscheduler").return ? { name = "sched_setscheduler" retstr = returnstr(1) } @@ -1270,7 +1365,8 @@ probe syscall.sched_yield.return = kernel.function("sys_sched_yield").return { # fd_set __user *exp, # struct timeval __user *tvp) # -probe syscall.select = kernel.function("sys_select") { +probe syscall.select = kernel.function("SyS_select") !, + kernel.function("sys_select") { name = "select" n = $n readfds_uaddr = $inp @@ -1280,7 +1376,8 @@ probe syscall.select = kernel.function("sys_select") { argstr = sprintf("%d, %p, %p, %p, %s", $n, $inp, $outp, $exp, _struct_timeval_u($tvp, 1)) } -probe syscall.select.return = kernel.function("sys_select").return { +probe syscall.select.return = kernel.function("SyS_select").return !, + kernel.function("sys_select").return { name = "select" retstr = returnstr(1) } @@ -1311,7 +1408,8 @@ probe syscall.compat_select.return = kernel.function("compat_sys_select").return # int cmd, # union semun arg) # -probe syscall.semctl = kernel.function("sys_semctl") ? { +probe syscall.semctl = kernel.function("SyS_semctl") !, + kernel.function("sys_semctl") ? { name = "semctl" semid = $semid semnum = $semnum @@ -1322,7 +1420,8 @@ probe syscall.semctl = kernel.function("sys_semctl") ? { */ argstr = sprintf("%d, %d, %s", $semid, $semnum, _semctl_cmd($cmd)) } -probe syscall.semctl.return = kernel.function("sys_semctl").return ? { +probe syscall.semctl.return = kernel.function("SyS_semctl").return !, + kernel.function("sys_semctl").return ? { name = "semctl" retstr = returnstr(1) } @@ -1342,14 +1441,16 @@ probe syscall.compat_sys_semctl.return = kernel.function("compat_sys_semctl").re # semget _____________________________________________________ # long sys_semget (key_t key, int nsems, int semflg) # -probe syscall.semget = kernel.function("sys_semget") ? { +probe syscall.semget = kernel.function("SyS_semget") !, + kernel.function("sys_semget") ? { name = "semget" key = $key nsems = $nsems semflg = $semflg argstr = sprintf("%d, %d, %s", $key, $nsems, __sem_flags($semflg)) } -probe syscall.semget.return = kernel.function("sys_semget").return ? { +probe syscall.semget.return = kernel.function("SyS_semget").return !, + kernel.function("sys_semget").return ? { name = "semget" retstr = returnstr(1) } @@ -1360,14 +1461,16 @@ probe syscall.semget.return = kernel.function("sys_semget").return ? { # struct sembuf __user *tsops, # unsigned nsops) # -probe syscall.semop = kernel.function("sys_semtimedop") ? { +probe syscall.semop = kernel.function("SyS_semtimedop") !, + kernel.function("sys_semtimedop") ? { name = "semop" semid = $semid tsops_uaddr = $tsops nsops = $nsops argstr = sprintf("%d, %p, %d", $semid, $tsops, $nsops) } -probe syscall.semop.return = kernel.function("sys_semtimedop").return ? { +probe syscall.semop.return = kernel.function("SyS_semtimedop").return !, + kernel.function("sys_semtimedop").return ? { name = "semop" retstr = returnstr(1) } @@ -1379,7 +1482,8 @@ probe syscall.semop.return = kernel.function("sys_semtimedop").return ? { # unsigned nsops, # const struct timespec __user *timeout) # -probe syscall.semtimedop = kernel.function("sys_semtimedop") ? { +probe syscall.semtimedop = kernel.function("SyS_semtimedop") !, + kernel.function("sys_semtimedop") ? { name = "semtimedop" semid = $semid sops_uaddr = $tsops @@ -1388,7 +1492,8 @@ probe syscall.semtimedop = kernel.function("sys_semtimedop") ? { argstr = sprintf("%d, %p, %d, %s", $semid, $tsops, $nsops, _struct_timespec_u($timeout,1)) } -probe syscall.semtimedop.return = kernel.function("sys_semtimedop").return ? { +probe syscall.semtimedop.return = kernel.function("SyS_semtimedop").return !, + kernel.function("sys_semtimedop").return ? { name = "semtimedop" retstr = returnstr(1) } @@ -1418,7 +1523,8 @@ probe syscall.compat_sys_semtimedop.return = kernel.function("compat_sys_semtime # size_t len, # unsigned flags) # -probe syscall.send = kernel.function("sys_send") ? { +probe syscall.send = kernel.function("SyS_send") !, + kernel.function("sys_send") ? { name = "send" s = $fd buf_uaddr = $buff @@ -1427,7 +1533,8 @@ probe syscall.send = kernel.function("sys_send") ? { flags_str = _sendflags_str($flags) argstr = sprintf("%d, %p, %d, %s", $fd, $buff, $len, flags_str) } -probe syscall.send.return = kernel.function("sys_send").return ? { +probe syscall.send.return = kernel.function("SyS_send").return !, + kernel.function("sys_send").return ? { name = "send" retstr = returnstr(1) } @@ -1440,7 +1547,9 @@ probe syscall.send.return = kernel.function("sys_send").return ? { # size_t count) # probe syscall.sendfile = + kernel.function("SyS_sendfile") ?, kernel.function("sys_sendfile") ?, + kernel.function("SyS_sendfile64") ?, kernel.function("sys_sendfile64") ? { name = "sendfile" @@ -1452,7 +1561,9 @@ probe syscall.sendfile = $count) } probe syscall.sendfile.return = + kernel.function("SyS_sendfile").return ?, kernel.function("sys_sendfile").return ?, + kernel.function("SyS_sendfile64").return ?, kernel.function("sys_sendfile64").return ? { name = "sendfile" @@ -1463,7 +1574,8 @@ probe syscall.sendfile.return = # # long sys_sendmsg(int fd, struct msghdr __user *msg, unsigned flags) # -probe syscall.sendmsg = kernel.function("sys_sendmsg") ? { +probe syscall.sendmsg = kernel.function("SyS_sendmsg") !, + kernel.function("sys_sendmsg") ? { name = "sendmsg" s = $fd msg_uaddr = $msg @@ -1471,7 +1583,8 @@ probe syscall.sendmsg = kernel.function("sys_sendmsg") ? { flags_str = _sendflags_str($flags) argstr = sprintf("%d, %p, %s", $fd, $msg, _sendflags_str($flags)) } -probe syscall.sendmsg.return = kernel.function("sys_sendmsg").return ? { +probe syscall.sendmsg.return = kernel.function("SyS_sendmsg").return !, + kernel.function("sys_sendmsg").return ? { name = "sendmsg" retstr = returnstr(1) } @@ -1500,7 +1613,8 @@ probe syscall.compat_sys_sendmsg.return = kernel.function("compat_sys_sendmsg"). # struct sockaddr __user *addr, # int addr_len) # -probe syscall.sendto = kernel.function("sys_sendto") ? { +probe syscall.sendto = kernel.function("SyS_sendto") !, + kernel.function("sys_sendto") ? { name = "sendto" s = $fd buf_uaddr = $buff @@ -1512,7 +1626,8 @@ probe syscall.sendto = kernel.function("sys_sendto") ? { argstr = sprintf("%d, %p, %d, %s, %s, %d", $fd, $buff, $len, flags_str, _struct_sockaddr_u($addr,$addr_len), $addr_len) } -probe syscall.sendto.return = kernel.function("sys_sendto").return ? { +probe syscall.sendto.return = kernel.function("SyS_sendto").return !, + kernel.function("sys_sendto").return ? { name = "sendto" retstr = returnstr(1) } @@ -1523,13 +1638,15 @@ probe syscall.sendto.return = kernel.function("sys_sendto").return ? { # sys_setdomainname(char __user *name, # int len) # -probe syscall.setdomainname = kernel.function("sys_setdomainname") { +probe syscall.setdomainname = kernel.function("SyS_setdomainname") !, + kernel.function("sys_setdomainname") { name = "setdomainname" hostname_uaddr = $name len = $len argstr = sprintf("%p, %d", $name, $len) } probe syscall.setdomainname.return = + kernel.function("SyS_setdomainname").return !, kernel.function("sys_setdomainname").return { name = "setdomainname" retstr = returnstr(1) @@ -1540,16 +1657,18 @@ probe syscall.setdomainname.return = # long sys_setfsgid16(old_gid_t gid) # probe syscall.setfsgid = - kernel.function("sys_setfsgid") ?, - kernel.function("sys_setfsgid16") ? + kernel.function("sys_setfsgid16") ?, + kernel.function("SyS_setfsgid") !, + kernel.function("sys_setfsgid") ? { name = "setfsgid" fsgid = $gid argstr = sprint($gid) } probe syscall.setfsgid.return = - kernel.function("sys_setfsgid").return ?, - kernel.function("sys_setfsgid16").return ? + kernel.function("sys_setfsgid16").return ?, + kernel.function("SyS_setfsgid").return !, + kernel.function("sys_setfsgid").return ? { name = "setfsgid" retstr = returnstr(1) @@ -1560,16 +1679,18 @@ probe syscall.setfsgid.return = # long sys_setfsuid16(old_uid_t uid) # probe syscall.setfsuid = - kernel.function("sys_setfsuid") ?, - kernel.function("sys_setfsuid16") ? + kernel.function("sys_setfsuid16") ?, + kernel.function("SyS_setfsuid") !, + kernel.function("sys_setfsuid") ? { name = "setfsuid" fsuid = $uid argstr = sprint($uid) } probe syscall.setfsuid.return = - kernel.function("sys_setfsuid").return ?, - kernel.function("sys_setfsuid16").return ? + kernel.function("sys_setfsuid16").return ?, + kernel.function("SyS_setfsuid").return !, + kernel.function("sys_setfsuid").return ? { name = "setfsuid" retstr = returnstr(1) @@ -1581,16 +1702,18 @@ probe syscall.setfsuid.return = # long sys_setgid16(old_gid_t gid) # probe syscall.setgid = - kernel.function("sys_setgid") ?, - kernel.function("sys_setgid16") ? + kernel.function("sys_setgid16") ?, + kernel.function("SyS_setgid") !, + kernel.function("sys_setgid") ? { name = "setgid" gid = $gid argstr = sprint($gid) } probe syscall.setgid.return = - kernel.function("sys_setgid").return ?, - kernel.function("sys_setgid16").return ? + kernel.function("sys_setgid16").return ?, + kernel.function("SyS_setgid").return !, + kernel.function("sys_setgid").return ? { name = "setgid" retstr = returnstr(1) @@ -1603,9 +1726,10 @@ probe syscall.setgid.return = # long sys32_setgroups16(int gidsetsize, u16 __user *grouplist) # probe syscall.setgroups = - kernel.function("sys_setgroups") ?, kernel.function("sys_setgroups16") ?, - kernel.function("sys32_setgroups16") ? + kernel.function("sys32_setgroups16") ?, + kernel.function("SyS_setgroups") !, + kernel.function("sys_setgroups") ? { name = "setgroups" size = $gidsetsize @@ -1613,9 +1737,10 @@ probe syscall.setgroups = argstr = sprintf("%d, %p", $gidsetsize, $grouplist) } probe syscall.setgroups.return = - kernel.function("sys_setgroups").return ?, kernel.function("sys_setgroups16").return ?, - kernel.function("sys32_setgroups16").return ? + kernel.function("sys32_setgroups16").return ?, + kernel.function("SyS_setgroups").return !, + kernel.function("sys_setgroups").return ? { name = "setgroups" retstr = returnstr(1) @@ -1627,14 +1752,16 @@ probe syscall.setgroups.return = # sys_sethostname(char __user *name, # int len) # -probe syscall.sethostname = kernel.function("sys_sethostname") { +probe syscall.sethostname = kernel.function("SyS_sethostname") !, + kernel.function("sys_sethostname") { name = "sethostname" hostname_uaddr = $name name_str = user_string($name) len = $len argstr = sprintf("%s, %d", user_string_quoted($name), $len) } -probe syscall.sethostname.return = kernel.function("sys_sethostname").return { +probe syscall.sethostname.return = kernel.function("SyS_sethostname").return !, + kernel.function("sys_sethostname").return { name = "sethostname" retstr = returnstr(1) } @@ -1644,7 +1771,8 @@ probe syscall.sethostname.return = kernel.function("sys_sethostname").return { # struct itimerval __user *value, # struct itimerval __user *ovalue) # -probe syscall.setitimer = kernel.function("sys_setitimer") { +probe syscall.setitimer = kernel.function("SyS_setitimer") !, + kernel.function("sys_setitimer") { name = "setitimer" which = $which value_uaddr = $value @@ -1652,7 +1780,8 @@ probe syscall.setitimer = kernel.function("sys_setitimer") { argstr = sprintf("%s, %s, %p", _itimer_which_str($which), _struct_itimerval_u($value), $ovalue) } -probe syscall.setitimer.return = kernel.function("sys_setitimer").return { +probe syscall.setitimer.return = kernel.function("SyS_setitimer").return !, + kernel.function("sys_setitimer").return { name = "setitimer" retstr = returnstr(1) } @@ -1680,8 +1809,9 @@ probe syscall.compat_setitimer.return = kernel.function("compat_sys_setitimer"). # unsigned long maxnode) # probe syscall.set_mempolicy = - kernel.function("sys_set_mempolicy") ?, - kernel.function("compat_sys_set_mempolicy") ? + kernel.function("compat_sys_set_mempolicy") ?, + kernel.function("SyS_set_mempolicy") !, + kernel.function("sys_set_mempolicy") ? { name = "set_mempolicy" mode = $mode @@ -1690,8 +1820,9 @@ probe syscall.set_mempolicy = argstr = sprintf("%d, %p, %d", $mode, $nmask, $maxnode) } probe syscall.set_mempolicy.return = - kernel.function("sys_set_mempolicy").return ?, - kernel.function("compat_sys_set_mempolicy").return ? + kernel.function("compat_sys_set_mempolicy").return ?, + kernel.function("SyS_set_mempolicy").return !, + kernel.function("sys_set_mempolicy").return ? { name = "set_mempolicy" retstr = returnstr(1) @@ -1703,13 +1834,15 @@ probe syscall.set_mempolicy.return = # sys_setpgid(pid_t pid, # pid_t pgid) # -probe syscall.setpgid = kernel.function("sys_setpgid") { +probe syscall.setpgid = kernel.function("SyS_setpgid") !, + kernel.function("sys_setpgid") { name = "setpgid" pid = $pid pgid = $pgid argstr = sprintf("%d, %d", $pid, $pgid) } -probe syscall.setpgid.return = kernel.function("sys_setpgid").return { +probe syscall.setpgid.return = kernel.function("SyS_setpgid").return !, + kernel.function("sys_setpgid").return { name = "setpgid" retstr = returnstr(1) } @@ -1720,7 +1853,8 @@ probe syscall.setpgid.return = kernel.function("sys_setpgid").return { # int who, # int niceval) # -probe syscall.setpriority = kernel.function("sys_setpriority") { +probe syscall.setpriority = kernel.function("SyS_setpriority") !, + kernel.function("sys_setpriority") { name = "setpriority" which = $which which_str = _priority_which_str($which) @@ -1728,7 +1862,8 @@ probe syscall.setpriority = kernel.function("sys_setpriority") { prio = $niceval argstr = sprintf("%s, %d, %d", which_str, $who, $niceval) } -probe syscall.setpriority.return = kernel.function("sys_setpriority").return { +probe syscall.setpriority.return = kernel.function("SyS_setpriority").return !, + kernel.function("sys_setpriority").return { name = "setpriority" retstr = returnstr(1) } @@ -1736,13 +1871,15 @@ probe syscall.setpriority.return = kernel.function("sys_setpriority").return { # setregid ___________________________________________________ # long sys_setregid(gid_t rgid, gid_t egid) # -probe syscall.setregid = kernel.function("sys_setregid") { +probe syscall.setregid = kernel.function("SyS_setregid") !, + kernel.function("sys_setregid") { name = "setregid" rgid = __int32($rgid) egid = __int32($egid) argstr = sprintf("%d, %d", rgid, egid) } -probe syscall.setregid.return = kernel.function("sys_setregid").return { +probe syscall.setregid.return = kernel.function("SyS_setregid").return !, + kernel.function("sys_setregid").return { name = "setregid" retstr = returnstr(1) } @@ -1762,14 +1899,16 @@ probe syscall.setregid16.return = kernel.function("sys_setregid16").return ? { # setresgid __________________________________________________ # long sys_setresgid(gid_t rgid, gid_t egid, gid_t sgid) # -probe syscall.setresgid = kernel.function("sys_setresgid") { +probe syscall.setresgid = kernel.function("SyS_setresgid") !, + kernel.function("sys_setresgid") { name = "setresgid" rgid = __int32($rgid) egid = __int32($egid) sgid = __int32($sgid) argstr = sprintf("%d, %d, %d", rgid, egid, sgid) } -probe syscall.setresgid.return = kernel.function("sys_setresgid").return { +probe syscall.setresgid.return = kernel.function("SyS_setresgid").return !, + kernel.function("sys_setresgid").return { name = "setresgid" retstr = returnstr(1) } @@ -1795,14 +1934,16 @@ probe syscall.setresgid16.return = kernel.function("sys_setresgid16").return ? { # # long sys_setresuid(uid_t ruid, uid_t euid, uid_t suid) # -probe syscall.setresuid = kernel.function("sys_setresuid") { +probe syscall.setresuid = kernel.function("SyS_setresuid") !, + kernel.function("sys_setresuid") { name = "setresuid" ruid = __int32($ruid) euid = __int32($euid) suid = __int32($suid) argstr = sprintf("%d, %d, %d", ruid, euid, suid) } -probe syscall.setresuid.return = kernel.function("sys_setresuid").return { +probe syscall.setresuid.return = kernel.function("SyS_setresuid").return !, + kernel.function("sys_setresuid").return { name = "setresuid" retstr = returnstr(1) } @@ -1826,13 +1967,15 @@ probe syscall.setresuid16.return = kernel.function("sys_setresuid16").return ? { # setreuid ___________________________________________________ # long sys_setreuid(uid_t ruid, uid_t euid) # -probe syscall.setreuid = kernel.function("sys_setreuid") { +probe syscall.setreuid = kernel.function("SyS_setreuid") !, + kernel.function("sys_setreuid") { name = "setreuid" ruid = __int32($ruid) euid = __int32($euid) argstr = sprintf("%d, %d", ruid, euid) } -probe syscall.setreuid.return = kernel.function("sys_setreuid").return { +probe syscall.setreuid.return = kernel.function("SyS_setreuid").return !, + kernel.function("sys_setreuid").return { name = "setreuid" retstr = returnstr(1) } @@ -1855,14 +1998,16 @@ probe syscall.setreuid16.return = kernel.function("sys_setreuid16").return ? { # sys_setrlimit(unsigned int resource, # struct rlimit __user *rlim) # -probe syscall.setrlimit = kernel.function("sys_setrlimit") { +probe syscall.setrlimit = kernel.function("SyS_setrlimit") !, + kernel.function("sys_setrlimit") { name = "setrlimit" resource = $resource rlim_uaddr = $rlim argstr = sprintf("%s, %s", _rlimit_resource_str($resource), _struct_rlimit_u($rlim)) } -probe syscall.setrlimit.return = kernel.function("sys_setrlimit").return { +probe syscall.setrlimit.return = kernel.function("SyS_setrlimit").return !, + kernel.function("sys_setrlimit").return { name = "setrlimit" retstr = returnstr(1) } @@ -1888,8 +2033,9 @@ probe syscall.setsid.return = kernel.function("sys_setsid").return { # int optlen) # probe syscall.setsockopt = - kernel.function("sys_setsockopt") ?, - kernel.function("compat_sys_setsockopt") ? + kernel.function("compat_sys_setsockopt") ?, + kernel.function("SyS_setsockopt") !, + kernel.function("sys_setsockopt") ? { name = "setsockopt" fd = $fd @@ -1903,8 +2049,9 @@ probe syscall.setsockopt = optname_str, $optval, $optlen) } probe syscall.setsockopt.return = - kernel.function("sys_setsockopt").return ?, - kernel.function("compat_sys_setsockopt").return ? + kernel.function("compat_sys_setsockopt").return ?, + kernel.function("SyS_setsockopt").return !, + kernel.function("sys_setsockopt").return ? { name = "setsockopt" retstr = returnstr(1) @@ -1915,12 +2062,14 @@ probe syscall.setsockopt.return = # asmlinkage long # sys_set_tid_address(int __user *tidptr) # -probe syscall.set_tid_address = kernel.function("sys_set_tid_address") { +probe syscall.set_tid_address = kernel.function("SyS_set_tid_address") !, + kernel.function("sys_set_tid_address") { name = "set_tid_address" tidptr_uaddr = $tidptr argstr = sprintf("%p", tidptr_uaddr) } probe syscall.set_tid_address.return = + kernel.function("SyS_set_tid_address").return !, kernel.function("sys_set_tid_address").return { name = "set_tid_address" retstr = returnstr(1) @@ -1930,13 +2079,15 @@ probe syscall.set_tid_address.return = # long sys_settimeofday(struct timeval __user *tv, # struct timezone __user *tz) # -probe syscall.settimeofday = kernel.function("sys_settimeofday") { +probe syscall.settimeofday = kernel.function("SyS_settimeofday") !, + kernel.function("sys_settimeofday") { name = "settimeofday" tv_uaddr = $tv tz_uaddr = $tz argstr = sprintf("%s, %s", _struct_timeval_u($tv, 1), _struct_timezone_u($tz)) } -probe syscall.settimeofday.return = kernel.function("sys_settimeofday").return { +probe syscall.settimeofday.return = kernel.function("SyS_settimeofday").return !, + kernel.function("sys_settimeofday").return { name = "settimeofday" retstr = returnstr(1) } @@ -1968,6 +2119,7 @@ probe syscall.settimeofday32.return = # probe syscall.setuid = kernel.function("sys_setuid16") ?, + kernel.function("SyS_setuid") !, kernel.function("sys_setuid") { name = "setuid" @@ -1976,6 +2128,7 @@ probe syscall.setuid = } probe syscall.setuid.return = kernel.function("sys_setuid16").return ?, + kernel.function("SyS_setuid").return !, kernel.function("sys_setuid").return { name = "setuid" @@ -1989,7 +2142,8 @@ probe syscall.setuid.return = # size_t size, # int flags) # -probe syscall.setxattr = kernel.function("sys_setxattr") { +probe syscall.setxattr = kernel.function("SyS_setxattr") !, + kernel.function("sys_setxattr") { name = "setxattr" %( kernel_v >= "2.6.27" %? path_uaddr = $pathname @@ -2012,7 +2166,8 @@ probe syscall.setxattr = kernel.function("sys_setxattr") { user_string_quoted($name), value_uaddr, $size, $flags) } -probe syscall.setxattr.return = kernel.function("sys_setxattr").return { +probe syscall.setxattr.return = kernel.function("SyS_setxattr").return !, + kernel.function("sys_setxattr").return { name = "setxattr" retstr = returnstr(1) } @@ -2033,14 +2188,16 @@ probe syscall.sgetmask.return = kernel.function("sys_sgetmask").return ? { # # long sys_shmat(int shmid, char __user *shmaddr, int shmflg) # -probe syscall.shmat = kernel.function("sys_shmat") ? { +probe syscall.shmat = kernel.function("SyS_shmat") !, + kernel.function("sys_shmat") ? { name = "shmat" shmid = $shmid shmaddr_uaddr = $shmaddr shmflg = $shmflg argstr = sprintf("%d, %p, %s", $shmid, $shmaddr, _shmat_flags_str($shmflg)) } -probe syscall.shmat.return = kernel.function("sys_shmat").return ? { +probe syscall.shmat.return = kernel.function("SyS_shmat").return !, + kernel.function("sys_shmat").return ? { name = "shmat" retstr = returnstr(1) } @@ -2068,14 +2225,16 @@ probe syscall.compat_sys_shmat.return = kernel.function("compat_sys_shmat").retu # int cmd, # struct shmid_ds __user *buf) # -probe syscall.shmctl = kernel.function("sys_shmctl") ? { +probe syscall.shmctl = kernel.function("SyS_shmctl") !, + kernel.function("sys_shmctl") ? { name = "shmctl" shmid = $shmid cmd = $cmd buf_uaddr = $buf argstr = sprintf("%d, %s, %p", $shmid, _semctl_cmd($cmd), $buf) } -probe syscall.shmctl.return = kernel.function("sys_shmctl").return ? { +probe syscall.shmctl.return = kernel.function("SyS_shmctl").return !, + kernel.function("sys_shmctl").return ? { name = "shmctl" retstr = returnstr(1) } @@ -2099,12 +2258,14 @@ probe syscall.compat_sys_shmctl.return = kernel.function("compat_sys_shmctl").re # # long sys_shmdt(char __user *shmaddr) # -probe syscall.shmdt = kernel.function("sys_shmdt") ? { +probe syscall.shmdt = kernel.function("SyS_shmdt") !, + kernel.function("sys_shmdt") ? { name = "shmdt" shmaddr_uaddr = $shmaddr argstr = sprintf("%p", $shmaddr) } -probe syscall.shmdt.return = kernel.function("sys_shmdt").return ? { +probe syscall.shmdt.return = kernel.function("SyS_shmdt").return !, + kernel.function("sys_shmdt").return ? { name = "shmdt" retstr = returnstr(1) } @@ -2115,14 +2276,16 @@ probe syscall.shmdt.return = kernel.function("sys_shmdt").return ? { # size_t size, # int shmflg) # -probe syscall.shmget = kernel.function("sys_shmget") ? { +probe syscall.shmget = kernel.function("SyS_shmget") !, + kernel.function("sys_shmget") ? { name = "shmget" key = $key size = $size shmflg = $shmflg argstr = sprintf("%d, %d, %d", $key, $size, $shmflg) } -probe syscall.shmget.return = kernel.function("sys_shmget").return ? { +probe syscall.shmget.return = kernel.function("SyS_shmget").return !, + kernel.function("sys_shmget").return ? { name = "shmget" retstr = returnstr(1) } @@ -2131,14 +2294,16 @@ probe syscall.shmget.return = kernel.function("sys_shmget").return ? { # # long sys_shutdown(int fd, int how) # -probe syscall.shutdown = kernel.function("sys_shutdown") ? { +probe syscall.shutdown = kernel.function("SyS_shutdown") !, + kernel.function("sys_shutdown") ? { name = "shutdown" s = $fd how = $how how_str = _shutdown_how_str($how) argstr = sprintf("%d, %s", $fd, how_str) } -probe syscall.shutdown.return = kernel.function("sys_shutdown").return ? { +probe syscall.shutdown.return = kernel.function("SyS_shutdown").return !, + kernel.function("sys_shutdown").return ? { name = "shutdown" retstr = returnstr(1) } @@ -2173,13 +2338,15 @@ probe syscall.sigaction32.return = kernel.function("sys32_sigaction").return ? { # signal _____________________________________________________ # unsigned long sys_signal(int sig, __sighandler_t handler) # -probe syscall.signal = kernel.function("sys_signal") ? { +probe syscall.signal = kernel.function("SyS_signal") !, + kernel.function("sys_signal") ? { name = "signal" sig = $sig handler = $handler argstr = sprintf("%s, %s", _signal_name($sig), _sighandler_str($handler)) } -probe syscall.signal.return = kernel.function("sys_signal").return ? { +probe syscall.signal.return = kernel.function("SyS_signal").return !, + kernel.function("sys_signal").return ? { name = "signal" retstr = returnstr(1) } @@ -2190,11 +2357,13 @@ probe syscall.signal.return = kernel.function("sys_signal").return ? { # long compat_sys_signalfd(int ufd, const compat_sigset_t __user *sigmask, # compat_size_t sigsetsize) # -probe syscall.signalfd = kernel.function("sys_signalfd") ? { +probe syscall.signalfd = kernel.function("SyS_signalfd") !, + kernel.function("sys_signalfd") ? { name = "signalfd" argstr = sprintf("%d, %p, %d", $ufd, $user_mask, $sizemask) } -probe syscall.signalfd.return = kernel.function("sys_signalfd").return ? { +probe syscall.signalfd.return = kernel.function("SyS_signalfd").return !, + kernel.function("sys_signalfd").return ? { name = "signalfd" retstr = returnstr(1) } @@ -2210,11 +2379,13 @@ probe syscall.compat_signalfd.return = kernel.function("compat_sys_signalfd").re # sigpending _________________________________________________ # long sys_sigpending(old_sigset_t __user *set) # -probe syscall.sigpending = kernel.function("sys_sigpending") ? { +probe syscall.sigpending = kernel.function("SyS_sigpending") !, + kernel.function("sys_sigpending") ? { name = "sigpending" argstr = sprintf("%p", $set) } -probe syscall.sigpending.return = kernel.function("sys_sigpending").return ? { +probe syscall.sigpending.return = kernel.function("SyS_sigpending").return !, + kernel.function("sys_sigpending").return ? { name = "sigpending" retstr = returnstr(1) } @@ -2222,7 +2393,8 @@ probe syscall.sigpending.return = kernel.function("sys_sigpending").return ? { # sigprocmask ________________________________________________ # long sys_sigprocmask(int how, old_sigset_t __user *set, old_sigset_t __user *oset) # -probe syscall.sigprocmask = kernel.function("sys_sigprocmask") ? +probe syscall.sigprocmask = kernel.function("SyS_sigprocmask") !, + kernel.function("sys_sigprocmask") ? { name = "sigprocmask" how = $how @@ -2231,7 +2403,8 @@ probe syscall.sigprocmask = kernel.function("sys_sigprocmask") ? oldset_uaddr = $oset argstr = sprintf("%s, %p, %p", how_str, $set, $oset) } -probe syscall.sigprocmask.return = kernel.function("sys_sigprocmask").return ? +probe syscall.sigprocmask.return = kernel.function("SyS_sigprocmask").return !, + kernel.function("sys_sigprocmask").return ? { name = "sigprocmask" retstr = returnstr(1) @@ -2275,7 +2448,8 @@ probe syscall.sigsuspend.return = # socket _____________________________________________________ # long sys_socket(int family, int type, int protocol) # -probe syscall.socket = kernel.function("sys_socket") ? { +probe syscall.socket = kernel.function("SyS_socket") !, + kernel.function("sys_socket") ? { name = "socket" family = $family type = $type @@ -2284,7 +2458,8 @@ probe syscall.socket = kernel.function("sys_socket") ? { _sock_type_str($type), $protocol) } -probe syscall.socket.return = kernel.function("sys_socket").return ? { +probe syscall.socket.return = kernel.function("SyS_socket").return !, + kernel.function("sys_socket").return ? { name = "socket" retstr = returnstr(1) } @@ -2311,7 +2486,8 @@ probe syscall.socket.return = kernel.function("sys_socket").return ? { # int protocol, # int __user *usockvec) # -probe syscall.socketpair = kernel.function("sys_socketpair") ? { +probe syscall.socketpair = kernel.function("SyS_socketpair") !, + kernel.function("sys_socketpair") ? { name = "socketpair" family = $family type = $type @@ -2322,7 +2498,8 @@ probe syscall.socketpair = kernel.function("sys_socketpair") ? { _sock_type_str($type), $protocol, sv_uaddr) } -probe syscall.socketpair.return = kernel.function("sys_socketpair").return ? { +probe syscall.socketpair.return = kernel.function("SyS_socketpair").return !, + kernel.function("sys_socketpair").return ? { name = "socketpair" retstr = returnstr(1) } @@ -2333,12 +2510,14 @@ probe syscall.socketpair.return = kernel.function("sys_socketpair").return ? { # int fd_out, loff_t __user *off_out, # size_t len, unsigned int flags) # -probe syscall.splice = kernel.function("sys_splice") ? { +probe syscall.splice = kernel.function("SyS_splice") !, + kernel.function("sys_splice") ? { name = "splice" argstr = sprintf("%d, %p, %d, %p, %d, 0x%x", $fd_in, $off_in, $fd_out, $off_out, $len, $flags) } -probe syscall.splice.return = kernel.function("sys_splice").return ? { +probe syscall.splice.return = kernel.function("SyS_splice").return !, + kernel.function("sys_splice").return ? { name = "splice" retstr = returnstr(1) } @@ -2347,12 +2526,14 @@ probe syscall.splice.return = kernel.function("sys_splice").return ? { # # long sys_ssetmask(int newmask) # -probe syscall.ssetmask = kernel.function("sys_ssetmask") ? { +probe syscall.ssetmask = kernel.function("SyS_ssetmask") !, + kernel.function("sys_ssetmask") ? { name = "ssetmask" newmask = $newmask argstr = sprint($newmask) } -probe syscall.ssetmask.return = kernel.function("sys_ssetmask").return ? { +probe syscall.ssetmask.return = kernel.function("SyS_ssetmask").return !, + kernel.function("sys_ssetmask").return ? { name = "ssetmask" retstr = returnstr(1) } @@ -2365,8 +2546,10 @@ probe syscall.ssetmask.return = kernel.function("sys_ssetmask").return ? { # long compat_sys_newstat(char __user * filename, struct compat_stat __user *statbuf) probe syscall.stat = kernel.function("sys_stat") ?, + kernel.function("SyS_newstat") ?, kernel.function("sys_newstat") ?, kernel.function("sys32_stat64") ?, + kernel.function("SyS_stat64") ?, kernel.function("sys_stat64") ?, kernel.function("sys_oabi_stat64") ?, kernel.function("compat_sys_newstat") ? @@ -2379,8 +2562,10 @@ probe syscall.stat = } probe syscall.stat.return = kernel.function("sys_stat").return ?, + kernel.function("SyS_newstat").return ?, kernel.function("sys_newstat").return ?, kernel.function("sys32_stat64").return ?, + kernel.function("SyS_stat64").return ?, kernel.function("sys_stat64").return ?, kernel.function("sys_oabi_stat64").return ?, kernel.function("compat_sys_newstat").return ? @@ -2394,8 +2579,9 @@ probe syscall.stat.return = # long compat_sys_statfs(const char __user *path, struct compat_statfs __user *buf) # probe syscall.statfs = - kernel.function("sys_statfs"), - kernel.function("compat_sys_statfs") ? + kernel.function("compat_sys_statfs") ?, + kernel.function("SyS_statfs") !, + kernel.function("sys_statfs") ? { name = "statfs" buf_uaddr = $buf @@ -2409,8 +2595,9 @@ probe syscall.statfs = } probe syscall.statfs.return = - kernel.function("sys_statfs").return, - kernel.function("compat_sys_statfs").return ? + kernel.function("compat_sys_statfs").return ?, + kernel.function("SyS_statfs").return !, + kernel.function("sys_statfs").return ? { name = "statfs" retstr = returnstr(1) @@ -2422,8 +2609,9 @@ probe syscall.statfs.return = # long compat_sys_statfs64(const char __user *path, compat_size_t sz, struct compat_statfs64 __user *buf) # probe syscall.statfs64 = - kernel.function("sys_statfs64") ?, - kernel.function("compat_sys_statfs64") ? + kernel.function("compat_sys_statfs64") ?, + kernel.function("SyS_statfs64") !, + kernel.function("sys_statfs64") ? { name = "statfs" sz = $sz @@ -2438,8 +2626,9 @@ probe syscall.statfs64 = } probe syscall.statfs64.return = - kernel.function("sys_statfs64").return ?, - kernel.function("compat_sys_statfs64").return ? + kernel.function("compat_sys_statfs64").return ?, + kernel.function("SyS_statfs64").return !, + kernel.function("sys_statfs64").return ? { name = "statfs" retstr = returnstr(1) @@ -2451,8 +2640,9 @@ probe syscall.statfs64.return = # long compat_sys_stime(compat_time_t __user *tptr) # probe syscall.stime = - kernel.function("sys_stime") ?, - kernel.function("compat_sys_stime") ? + kernel.function("compat_sys_stime") ?, + kernel.function("SyS_stime") !, + kernel.function("sys_stime") ? { name = "stime" t_uaddr = $tptr @@ -2460,8 +2650,9 @@ probe syscall.stime = argstr = sprintf("%p", $tptr) } probe syscall.stime.return = - kernel.function("sys_stime").return ?, - kernel.function("compat_sys_stime").return ? + kernel.function("compat_sys_stime").return ?, + kernel.function("SyS_stime").return !, + kernel.function("sys_stime").return ? { name = "stime" retstr = returnstr(1) @@ -2472,12 +2663,14 @@ probe syscall.stime.return = # asmlinkage long # sys_swapoff(const char __user * specialfile) # -probe syscall.swapoff = kernel.function("sys_swapoff")? { +probe syscall.swapoff = kernel.function("SyS_swapoff") !, + kernel.function("sys_swapoff") ? { name = "swapoff" path = user_string($specialfile) argstr = user_string_quoted($specialfile) } -probe syscall.swapoff.return = kernel.function("sys_swapoff").return ? { +probe syscall.swapoff.return = kernel.function("SyS_swapoff").return !, + kernel.function("sys_swapoff").return ? { name = "swapoff" retstr = returnstr(1) } @@ -2487,13 +2680,15 @@ probe syscall.swapoff.return = kernel.function("sys_swapoff").return ? { # sys_swapon(const char __user * specialfile, # int swap_flags) # -probe syscall.swapon = kernel.function("sys_swapon") ? { +probe syscall.swapon = kernel.function("SyS_swapon") !, + kernel.function("sys_swapon") ? { name = "swapon" path = user_string($specialfile) swapflags = $swap_flags argstr = sprintf("%s, %d", user_string_quoted($specialfile), swapflags) } -probe syscall.swapon.return = kernel.function("sys_swapon").return ? { +probe syscall.swapon.return = kernel.function("SyS_swapon").return !, + kernel.function("sys_swapon").return ? { name = "swapon" retstr = returnstr(1) } @@ -2501,14 +2696,16 @@ probe syscall.swapon.return = kernel.function("sys_swapon").return ? { # symlink ____________________________________________________ # long sys_symlink(const char __user * oldname, # const char __user * newname) -probe syscall.symlink = kernel.function("sys_symlink") { +probe syscall.symlink = kernel.function("SyS_symlink") !, + kernel.function("sys_symlink") { name = "symlink" oldpath = user_string($oldname) newpath = user_string($newname) argstr = sprintf("%s, %s", user_string_quoted($oldname), user_string_quoted($newname)) } -probe syscall.symlink.return = kernel.function("sys_symlink").return { +probe syscall.symlink.return = kernel.function("SyS_symlink").return !, + kernel.function("sys_symlink").return { name = "symlink" retstr = returnstr(1) } @@ -2517,7 +2714,8 @@ probe syscall.symlink.return = kernel.function("sys_symlink").return { # new function with 2.6.16 # long sys_symlinkat(const char __user *oldname, int newdfd, # const char __user *newname) -probe syscall.symlinkat = kernel.function("sys_symlinkat") ? { +probe syscall.symlinkat = kernel.function("SyS_symlinkat") !, + kernel.function("sys_symlinkat") ? { name = "symlinkat" oldname = $oldname oldname_str = user_string($oldname) @@ -2528,7 +2726,8 @@ probe syscall.symlinkat = kernel.function("sys_symlinkat") ? { argstr = sprintf("%s, %s, %s", user_string_quoted($oldname), newdfd_str, user_string_quoted($newname)) } -probe syscall.symlinkat.return = kernel.function("sys_symlinkat").return ? { +probe syscall.symlinkat.return = kernel.function("SyS_symlinkat").return !, + kernel.function("sys_symlinkat").return ? { name = "symlinkat" retstr = returnstr(1) } @@ -2551,15 +2750,17 @@ probe syscall.sync.return = kernel.function("sys_sync").return { # long sys_sysctl(struct __sysctl_args __user *args) # probe syscall.sysctl = - kernel.function("sys_sysctl") ?, - kernel.function("compat_sys_sysctl") ? + kernel.function("compat_sys_sysctl") ?, + kernel.function("SyS_sysctl") !, + kernel.function("sys_sysctl") ? { name = "sysctl" argstr = sprintf("%p", $args) } probe syscall.sysctl.return = - kernel.function("sys_sysctl").return ?, - kernel.function("compat_sys_sysctl").return ? + kernel.function("compat_sys_sysctl").return ?, + kernel.function("SyS_sysctl").return !, + kernel.function("sys_sysctl").return ? { name = "sysctl" retstr = returnstr(1) @@ -2572,7 +2773,8 @@ probe syscall.sysctl.return = # unsigned long arg1, # unsigned long arg2) # -probe syscall.sysfs = kernel.function("sys_sysfs") { +probe syscall.sysfs = kernel.function("SyS_sysfs") !, + kernel.function("sys_sysfs") { name = "sysfs" option = $option arg1 = $arg1 @@ -2586,7 +2788,8 @@ probe syscall.sysfs = kernel.function("sys_sysfs") { else argstr = sprintf("%d, %d, %d", $option, $arg1, $arg2) } -probe syscall.sysfs.return = kernel.function("sys_sysfs").return { +probe syscall.sysfs.return = kernel.function("SyS_sysfs").return !, + kernel.function("sys_sysfs").return { name = "sysfs" retstr = returnstr(1) } @@ -2595,16 +2798,18 @@ probe syscall.sysfs.return = kernel.function("sys_sysfs").return { # long sys_sysinfo(struct sysinfo __user *info) # long compat_sys_sysinfo(struct compat_sysinfo __user *info) probe syscall.sysinfo = - kernel.function("sys_sysinfo"), - kernel.function("compat_sys_sysinfo") ? + kernel.function("compat_sys_sysinfo") ?, + kernel.function("SyS_sysinfo") !, + kernel.function("sys_sysinfo") { name = "sysinfo" info_uaddr = $info argstr = sprintf("%p", $info) } probe syscall.sysinfo.return = - kernel.function("sys_sysinfo").return, - kernel.function("compat_sys_sysinfo").return ? + kernel.function("compat_sys_sysinfo").return ?, + kernel.function("SyS_sysinfo").return !, + kernel.function("sys_sysinfo").return { name = "sysinfo" retstr = returnstr(1) @@ -2614,14 +2819,16 @@ probe syscall.sysinfo.return = # # long sys_syslog(int type, char __user * buf, int len) # -probe syscall.syslog = kernel.function("sys_syslog") { +probe syscall.syslog = kernel.function("SyS_syslog") !, + kernel.function("sys_syslog") { name = "syslog" type = $type bufp_uaddr = $buf len = $len argstr = sprintf("%d, %p, %d", $type, $buf, $len) } -probe syscall.syslog.return = kernel.function("sys_syslog").return { +probe syscall.syslog.return = kernel.function("SyS_syslog").return !, + kernel.function("sys_syslog").return { name = "syslog" retstr = returnstr(1) } @@ -2630,11 +2837,13 @@ probe syscall.syslog.return = kernel.function("sys_syslog").return { # # long sys_tee(int fdin, int fdout, size_t len, unsigned int flags) # -probe syscall.tee = kernel.function("sys_tee") ? { +probe syscall.tee = kernel.function("SyS_tee") !, + kernel.function("sys_tee") ? { name = "tee" argstr = sprintf("%d, %d, %d, 0x%x", $fdin, $fdout, $len, $flags) } -probe syscall.tee.return = kernel.function("sys_tee").return ? { +probe syscall.tee.return = kernel.function("SyS_tee").return !, + kernel.function("sys_tee").return ? { name = "tee" retstr = returnstr(1) } @@ -2646,14 +2855,16 @@ probe syscall.tee.return = kernel.function("sys_tee").return ? { # int pid, # int sig) # -probe syscall.tgkill = kernel.function("sys_tgkill") { +probe syscall.tgkill = kernel.function("SyS_tgkill") !, + kernel.function("sys_tgkill") { name = "tgkill" tgid = $tgid pid = $pid sig = $sig argstr = sprintf("%d, %d, %s", $tgid, $pid, _signal_name($sig)) } -probe syscall.tgkill.return = kernel.function("sys_tgkill").return { +probe syscall.tgkill.return = kernel.function("SyS_tgkill").return !, + kernel.function("sys_tgkill").return { name = "tgkill" retstr = returnstr(1) } @@ -2665,20 +2876,22 @@ probe syscall.tgkill.return = kernel.function("sys_tgkill").return { # long compat_sys_time(compat_time_t __user * tloc) # probe syscall.time = - kernel.function("sys_time")?, kernel.function("sys32_time") ?, kernel.function("sys_time64") ?, - kernel.function("compat_sys_time") ? + kernel.function("compat_sys_time") ?, + kernel.function("SyS_time") !, + kernel.function("sys_time") ? { name = "time" t_uaddr = $tloc argstr = sprintf("%p", $tloc) } probe syscall.time.return = - kernel.function("sys_time").return?, kernel.function("sys32_time").return ?, kernel.function("sys_time64").return ?, - kernel.function("compat_sys_time").return ? + kernel.function("compat_sys_time").return ?, + kernel.function("SyS_time").return !, + kernel.function("sys_time").return ? { name = "time" retstr = returnstr(1) @@ -2690,7 +2903,8 @@ probe syscall.time.return = # struct sigevent __user *timer_event_spec, # timer_t __user * created_timer_id) # -probe syscall.timer_create = kernel.function("sys_timer_create") { +probe syscall.timer_create = kernel.function("SyS_timer_create") !, + kernel.function("sys_timer_create") { name = "timer_create" clockid = $which_clock clockid_str = _get_wc_str($which_clock) @@ -2699,6 +2913,7 @@ probe syscall.timer_create = kernel.function("sys_timer_create") { argstr = sprintf("%s, %p, %p", clockid_str, $timer_event_spec, $created_timer_id) } probe syscall.timer_create.return = + kernel.function("SyS_timer_create").return !, kernel.function("sys_timer_create").return { name = "timer_create" retstr = returnstr(1) @@ -2708,12 +2923,14 @@ probe syscall.timer_create.return = # # long sys_timer_delete(timer_t timer_id) # -probe syscall.timer_delete = kernel.function("sys_timer_delete") { +probe syscall.timer_delete = kernel.function("SyS_timer_delete") !, + kernel.function("sys_timer_delete") { name = "timer_delete" timerid = $timer_id argstr = sprint($timer_id) } -probe syscall.timer_delete.return = kernel.function("sys_timer_delete").return { +probe syscall.timer_delete.return = kernel.function("SyS_timer_delete").return !, + kernel.function("sys_timer_delete").return { name = "timer_delete" retstr = returnstr(1) } @@ -2722,12 +2939,14 @@ probe syscall.timer_delete.return = kernel.function("sys_timer_delete").return { # # long sys_timer_getoverrun(timer_t timer_id) # -probe syscall.timer_getoverrun = kernel.function("sys_timer_getoverrun") { +probe syscall.timer_getoverrun = kernel.function("SyS_timer_getoverrun") !, + kernel.function("sys_timer_getoverrun") { name = "timer_getoverrun" timerid = $timer_id argstr = sprint($timer_id) } probe syscall.timer_getoverrun.return = + kernel.function("SyS_timer_getoverrun").return !, kernel.function("sys_timer_getoverrun").return { name = "timer_getoverrun" retstr = returnstr(1) @@ -2738,13 +2957,15 @@ probe syscall.timer_getoverrun.return = # long sys_timer_gettime(timer_t timer_id, # struct itimerspec __user *setting) # -probe syscall.timer_gettime = kernel.function("sys_timer_gettime") { +probe syscall.timer_gettime = kernel.function("SyS_timer_gettime") !, + kernel.function("sys_timer_gettime") { name = "timer_gettime" timerid = $timer_id value_uaddr = $setting argstr = sprintf("%d, %p", $timer_id, $setting) } probe syscall.timer_gettime.return = + kernel.function("SyS_timer_gettime").return !, kernel.function("sys_timer_gettime").return { name = "timer_gettime" retstr = returnstr(1) @@ -2757,7 +2978,8 @@ probe syscall.timer_gettime.return = # const struct itimerspec __user *new_setting, # struct itimerspec __user *old_setting) # -probe syscall.timer_settime = kernel.function("sys_timer_settime") { +probe syscall.timer_settime = kernel.function("SyS_timer_settime") !, + kernel.function("sys_timer_settime") { name = "timer_settime" timerid = $timer_id flags = $flags @@ -2768,6 +2990,7 @@ probe syscall.timer_settime = kernel.function("sys_timer_settime") { $old_setting) } probe syscall.timer_settime.return = + kernel.function("SyS_timer_settime").return !, kernel.function("sys_timer_settime").return { name = "timer_settime" retstr = returnstr(1) @@ -2800,15 +3023,17 @@ probe syscall.timerfd.return = # long sys_times(struct tms __user * tbuf) # long compat_sys_times(struct compat_tms __user *tbuf) probe syscall.times = - kernel.function("sys_times") ?, - kernel.function("compat_sys_times") ? + kernel.function("compat_sys_times") ?, + kernel.function("SyS_times") !, + kernel.function("sys_times") ? { name = "times" argstr = sprintf("%p", $tbuf) } probe syscall.times.return = - kernel.function("sys_times").return ?, - kernel.function("compat_sys_times").return ? + kernel.function("compat_sys_times").return ?, + kernel.function("SyS_times").return !, + kernel.function("sys_times").return ? { name = "times" retstr = returnstr(1) @@ -2820,13 +3045,15 @@ probe syscall.times.return = # sys_tkill(int pid, # int sig) # -probe syscall.tkill = kernel.function("sys_tkill") { +probe syscall.tkill = kernel.function("SyS_tkill") !, + kernel.function("sys_tkill") { name = "tkill" pid = $pid sig = $sig argstr = sprintf("%d, %s", $pid, _signal_name($sig)) } -probe syscall.tkill.return = kernel.function("sys_tkill").return { +probe syscall.tkill.return = kernel.function("SyS_tkill").return !, + kernel.function("sys_tkill").return { name = "tkill" retstr = returnstr(1) } @@ -2836,14 +3063,18 @@ probe syscall.tkill.return = kernel.function("sys_tkill").return { # sys_truncate(const char __user * path, unsigned long length) # sys_truncate64(const char __user * path, loff_t length) # -probe syscall.truncate = kernel.function("sys_truncate")?, kernel.function("sys_truncate64") ? { +probe syscall.truncate = kernel.function("SyS_truncate") !, + kernel.function("sys_truncate") ?, + kernel.function("sys_truncate64") ? { name = "truncate" path_uaddr = $path path = user_string($path) length = $length argstr = sprintf("%s, %d", user_string_quoted($path), $length) } -probe syscall.truncate.return = kernel.function("sys_truncate").return ?, kernel.function("sys_truncate64").return ? { +probe syscall.truncate.return = kernel.function("SyS_truncate").return !, + kernel.function("sys_truncate").return ?, + kernel.function("sys_truncate64").return ? { name = "truncate" retstr = returnstr(1) } @@ -2865,12 +3096,14 @@ probe syscall.tux.return = kernel.function("sys_tux").return ? { # umask ______________________________________________________ # long sys_umask(int mask) # -probe syscall.umask = kernel.function("sys_umask") { +probe syscall.umask = kernel.function("SyS_umask") !, + kernel.function("sys_umask") { name = "umask" mask = $mask argstr = sprintf("%#o", $mask) } -probe syscall.umask.return = kernel.function("sys_umask").return { +probe syscall.umask.return = kernel.function("SyS_umask").return !, + kernel.function("sys_umask").return { name = "umask" retstr = returnstr(3) } @@ -2878,14 +3111,16 @@ probe syscall.umask.return = kernel.function("sys_umask").return { # umount _____________________________________________________ # long sys_umount(char __user * name, int flags) # -probe syscall.umount = kernel.function("sys_umount") { +probe syscall.umount = kernel.function("SyS_umount") !, + kernel.function("sys_umount") { name = "umount" target = user_string($name) flags = $flags flags_str = _umountflags_str($flags) argstr = sprintf("%s, %s", user_string_quoted($name), flags_str) } -probe syscall.umount.return = kernel.function("sys_umount").return { +probe syscall.umount.return = kernel.function("SyS_umount").return !, + kernel.function("sys_umount").return { name = "umount" retstr = returnstr(1) } @@ -2902,6 +3137,7 @@ probe syscall.uname = kernel.function("sys_olduname") ?, kernel.function("sys32_olduname") ?, kernel.function("sys32_uname") ?, + kernel.function("SyS_newuname") !, kernel.function("sys_newuname") ? { name = "uname" @@ -2913,6 +3149,7 @@ probe syscall.uname.return = kernel.function("sys_olduname").return ?, kernel.function("sys32_olduname").return ?, kernel.function("sys32_uname").return ?, + kernel.function("SyS_newuname").return !, kernel.function("sys_newuname").return ? { name = "uname" @@ -2922,13 +3159,15 @@ probe syscall.uname.return = # unlink _____________________________________________________ # long sys_unlink(const char __user * pathname) # -probe syscall.unlink = kernel.function("sys_unlink") { +probe syscall.unlink = kernel.function("SyS_unlink") !, + kernel.function("sys_unlink") { name = "unlink" pathname_uaddr = $pathname pathname = user_string($pathname) argstr = user_string_quoted($pathname) } -probe syscall.unlink.return = kernel.function("sys_unlink").return { +probe syscall.unlink.return = kernel.function("SyS_unlink").return !, + kernel.function("sys_unlink").return { name = "unlink" retstr = returnstr(1) } @@ -2937,7 +3176,8 @@ probe syscall.unlink.return = kernel.function("sys_unlink").return { # new function with 2.6.16 # long sys_unlinkat(int dfd, const char __user *pathname, # int flag) -probe syscall.unlinkat = kernel.function("sys_unlinkat") ? { +probe syscall.unlinkat = kernel.function("SyS_unlinkat") !, + kernel.function("sys_unlinkat") ? { name = "unlinkat" dfd = $dfd dfd_str = _dfd_str($dfd) @@ -2947,7 +3187,8 @@ probe syscall.unlinkat = kernel.function("sys_unlinkat") ? { flag_str = _at_flag_str($flag) argstr = sprintf("%s, %s, %s", dfd_str, user_string_quoted($pathname), flag_str) } -probe syscall.unlinkat.return = kernel.function("sys_unlinkat").return ? { +probe syscall.unlinkat.return = kernel.function("SyS_unlinkat").return !, + kernel.function("sys_unlinkat").return ? { name = "unlinkat" retstr = returnstr(1) } @@ -2955,12 +3196,14 @@ probe syscall.unlinkat.return = kernel.function("sys_unlinkat").return ? { # unshare ____________________________________________________ # new function with 2.6.16 # long sys_unshare(unsigned long unshare_flags) -probe syscall.unshare = kernel.function("sys_unshare") ? { +probe syscall.unshare = kernel.function("SyS_unshare") !, + kernel.function("sys_unshare") ? { name = "unshare" unshare_flags = $unshare_flags argstr = __fork_flags(unshare_flags) } -probe syscall.unshare.return = kernel.function("sys_unshare").return ? { +probe syscall.unshare.return = kernel.function("SyS_unshare").return !, + kernel.function("sys_unshare").return ? { name = "unshare" retstr = returnstr(1) } @@ -2970,20 +3213,23 @@ probe syscall.unshare.return = kernel.function("sys_unshare").return ? { # asmlinkage long # sys_uselib(const char __user * library) # -probe syscall.uselib = kernel.function("sys_uselib") { +probe syscall.uselib = kernel.function("SyS_uselib") !, + kernel.function("sys_uselib") { name = "uselib" library_uaddr = $library library = user_string($library) argstr = user_string_quoted($library) } -probe syscall.uselib.return = kernel.function("sys_uselib").return { +probe syscall.uselib.return = kernel.function("SyS_uselib").return !, + kernel.function("sys_uselib").return { name = "uselib" retstr = returnstr(1) } # ustat ______________________________________________________ # long sys_ustat(unsigned dev, struct ustat __user * ubuf) # -probe syscall.ustat = kernel.function("sys_ustat") { +probe syscall.ustat = kernel.function("SyS_ustat") !, + kernel.function("sys_ustat") { name = "ustat" dev = $dev ubuf_uaddr = $ubuf @@ -2998,7 +3244,8 @@ probe syscall.ustat32 = kernel.function("sys32_ustat") ? { } probe syscall.ustat.return = - kernel.function("sys_ustat").return, + kernel.function("SyS_ustat").return ?, + kernel.function("sys_ustat").return?, kernel.function("sys32_ustat").return ? { name = "ustat" @@ -3007,7 +3254,8 @@ probe syscall.ustat.return = # utime ______________________________________________________ # long sys_utime(char __user * filename, struct utimbuf __user * times) -probe syscall.utime = kernel.function("sys_utime") ? { +probe syscall.utime = kernel.function("SyS_utime") !, + kernel.function("sys_utime") ? { name = "utime" filename_uaddr = $filename filename = user_string($filename) @@ -3017,7 +3265,8 @@ probe syscall.utime = kernel.function("sys_utime") ? { argstr = sprintf("%s, [%s, %s]", user_string_quoted($filename), ctime(actime), ctime(modtime)) } -probe syscall.utime.return = kernel.function("sys_utime").return ? { +probe syscall.utime.return = kernel.function("SyS_utime").return !, + kernel.function("sys_utime").return ? { name = "utime" retstr = returnstr(1) } @@ -3042,7 +3291,8 @@ probe syscall.compat_utime.return = kernel.function("compat_sys_utime").return ? # # long sys_utimes(char __user * filename, struct timeval __user * utimes) # -probe syscall.utimes = kernel.function("sys_utimes") { +probe syscall.utimes = kernel.function("SyS_utimes") !, + kernel.function("sys_utimes") { name = "utimes" filename_uaddr = $filename filename = user_string($filename) @@ -3050,7 +3300,8 @@ probe syscall.utimes = kernel.function("sys_utimes") { argstr = sprintf("%s, %s", user_string_quoted($filename), _struct_timeval_u($utimes, 2)) } -probe syscall.utimes.return = kernel.function("sys_utimes").return { +probe syscall.utimes.return = kernel.function("SyS_utimes").return !, + kernel.function("sys_utimes").return { name = "utimes" retstr = returnstr(1) } @@ -3073,7 +3324,8 @@ probe syscall.compat_sys_utimes.return = kernel.function("compat_sys_utimes").re # long sys_utimensat(int dfd, char __user *filename, struct timespec __user *utimes, int flags) # long compat_sys_utimensat(unsigned int dfd, char __user *filename, struct compat_timespec __user *t, int flags) # -probe syscall.utimensat = kernel.function("sys_utimensat") ? { +probe syscall.utimensat = kernel.function("SyS_utimensat") !, + kernel.function("sys_utimensat") ? { name = "utimensat" argstr = sprintf("%s, %s, %s, %s", _dfd_str($dfd), user_string_quoted($filename), _struct_timespec_u($utimes,2), _at_flag_str($flags)) @@ -3083,7 +3335,8 @@ probe syscall.compat_utimensat = kernel.function("compat_sys_utimensat") ? { argstr = sprintf("%s, %s, %s, %s", _dfd_str($dfd), user_string_quoted($filename), _struct_compat_timespec_u($t,2), _at_flag_str($flags)) } -probe syscall.utimensat.return = kernel.function("sys_utimensat").return ? { +probe syscall.utimensat.return = kernel.function("SyS_utimensat").return !, + kernel.function("sys_utimensat").return ? { name = "utimensat" retstr = returnstr(1) } @@ -3113,7 +3366,8 @@ probe syscall.vhangup.return = kernel.function("sys_vhangup").return { # long compat_sys_vmsplice(int fd, const struct compat_iovec __user *iov32, # unsigned int nr_segs, unsigned int flags) # -probe syscall.vmsplice = kernel.function("sys_vmsplice") ? { +probe syscall.vmsplice = kernel.function("SyS_vmsplice") !, + kernel.function("sys_vmsplice") ? { name = "vmsplice" argstr = sprintf("%d, %p, %d, 0x%x", $fd, $iov, $nr_segs, $flags) } @@ -3121,7 +3375,8 @@ probe syscall.compat_vmsplice = kernel.function("compat_sys_vmsplice") ? { name = "vmsplice" argstr = sprintf("%d, %p, %d, 0x%x", $fd, $iov32, $nr_segs, $flags) } -probe syscall.vmsplice.return = kernel.function("sys_vmsplice").return ? { +probe syscall.vmsplice.return = kernel.function("SyS_vmsplice").return !, + kernel.function("sys_vmsplice").return ? { name = "vmsplice" retstr = returnstr(1) } @@ -3137,7 +3392,8 @@ probe syscall.compat_vmsplice.return = kernel.function("compat_sys_vmsplice").re # int options, # struct rusage __user *ru) # -probe syscall.wait4 = kernel.function("sys_wait4") { +probe syscall.wait4 = kernel.function("SyS_wait4") !, + kernel.function("sys_wait4") { name = "wait4" pid = %( kernel_vr >= "2.6.25" %? $upid %: $pid%) status_uaddr = $stat_addr @@ -3148,7 +3404,8 @@ probe syscall.wait4 = kernel.function("sys_wait4") { %( kernel_vr >= "2.6.25" %? $upid %: $pid%), $stat_addr,_wait4_opt_str($options), $ru) } -probe syscall.wait4.return = kernel.function("sys_wait4").return { +probe syscall.wait4.return = kernel.function("SyS_wait4").return !, + kernel.function("sys_wait4").return { name = "wait4" retstr = returnstr(1) } @@ -3160,7 +3417,8 @@ probe syscall.wait4.return = kernel.function("sys_wait4").return { # int options, # struct rusage __user *ru) # -probe syscall.waitid = kernel.function("sys_waitid") { +probe syscall.waitid = kernel.function("SyS_waitid") !, + kernel.function("sys_waitid") { name = "waitid" pid = %( kernel_vr >= "2.6.25" %? $upid %: $pid%) which = $which @@ -3173,7 +3431,8 @@ probe syscall.waitid = kernel.function("sys_waitid") { %( kernel_vr >= "2.6.25" %? $upid %: $pid%), $infop, _waitid_opt_str($options), $ru) } -probe syscall.waitid.return = kernel.function("sys_waitid").return { +probe syscall.waitid.return = kernel.function("SyS_waitid").return !, + kernel.function("sys_waitid").return { name = "waitid" retstr = returnstr(1) } @@ -3185,7 +3444,8 @@ probe syscall.waitid.return = kernel.function("sys_waitid").return { # int options, # struct rusage __user *ru) # -probe syscall.waitpid = kernel.function("sys_wait4") { +probe syscall.waitpid = kernel.function("SyS_wait4") !, + kernel.function("sys_wait4") { name = "waitpid" pid = $pid status_uaddr = $stat_addr @@ -3195,7 +3455,8 @@ probe syscall.waitpid = kernel.function("sys_wait4") { argstr = sprintf("%d, %p, %s, %p", $pid, $stat_addr, options_str, $ru) } -probe syscall.waitpid.return = kernel.function("sys_wait4").return { +probe syscall.waitpid.return = kernel.function("SyS_wait4").return !, + kernel.function("sys_wait4").return { name = "waitpid" retstr = returnstr(1) } @@ -3207,14 +3468,16 @@ probe syscall.waitpid.return = kernel.function("sys_wait4").return { # const char __user * buf, # size_t count) # -probe syscall.write = kernel.function("sys_write") { +probe syscall.write = kernel.function("SyS_write") !, + kernel.function("sys_write") { name = "write" fd = $fd buf_uaddr = $buf count = $count argstr = sprintf("%d, %s, %d", $fd, text_strn(user_string($buf),syscall_string_trunc,1), $count) } -probe syscall.write.return = kernel.function("sys_write").return { +probe syscall.write.return = kernel.function("SyS_write").return !, + kernel.function("sys_write").return { name = "write" retstr = returnstr(1) } @@ -3229,8 +3492,9 @@ probe syscall.write.return = kernel.function("sys_write").return { # unsigned long vlen) # probe syscall.writev = - kernel.function("sys_writev"), - kernel.function("compat_sys_writev") ? + kernel.function("compat_sys_writev") ?, + kernel.function("SyS_writev") !, + kernel.function("sys_writev") { name = "writev" vector_uaddr = $vec @@ -3244,8 +3508,9 @@ probe syscall.writev = %) } probe syscall.writev.return = - kernel.function("sys_writev").return, - kernel.function("compat_sys_writev").return ? + kernel.function("compat_sys_writev").return ?, + kernel.function("SyS_writev").return !, + kernel.function("sys_writev").return { name = "writev" retstr = returnstr(1) diff --git a/tapset/timestamp.stp b/tapset/timestamp.stp index 29763cb9..ce8f7558 100644 --- a/tapset/timestamp.stp +++ b/tapset/timestamp.stp @@ -7,10 +7,6 @@ // Public License (GPL); either version 2, or (at your option) any // later version. -%{ -#include <linux/time.h> -%} - /** * sfunction get_cycles - Processor cycle count. * @@ -21,43 +17,4 @@ function get_cycles:long () %{ /* pure */ THIS->__retvalue = (int64_t) c; %} - -/** - * sfunction gettimeofday_ns - Number of nanoseconds since UNIX epoch. - * - * Return the number of nanoseconds since the UNIX epoch. - */ -function gettimeofday_ns:long () %{ /* pure */ - /* NOTE: we can't use do_gettimeofday because we could be called from a - * context where xtime_lock is already held. See bug #2525. */ - THIS->__retvalue = _stp_gettimeofday_ns(); -%} - -/** - * sfunction gettimeofday_us - Number of microseconds since UNIX epoch. - * - * Return the number of microseconds since the UNIX epoch. - */ -function gettimeofday_us:long () { - return gettimeofday_ns() / 1000; -} - -/** - * sfunction gettimeofday_ms - Number of milliseconds since UNIX epoch. - * - * Return the number of milliseconds since the UNIX epoch. - */ -function gettimeofday_ms:long () { - return gettimeofday_ns() / 1000000; -} - -/** - * sfunction gettimeofday_s - Number of seconds since UNIX epoch. - * - * Return the number of seconds since the UNIX epoch. - */ -function gettimeofday_s:long () { - return gettimeofday_ns() / 1000000000; -} - // likewise jiffies, monotonic_clock ... diff --git a/tapset/timestamp_gtod.stp b/tapset/timestamp_gtod.stp new file mode 100644 index 00000000..43b127dc --- /dev/null +++ b/tapset/timestamp_gtod.stp @@ -0,0 +1,68 @@ +// timestamp tapset -- gettimeofday variants +// Copyright (C) 2005-2009 Red Hat Inc. +// Copyright (C) 2006 Intel Corporation. +// +// This file is part of systemtap, and is free software. You can +// redistribute it and/or modify it under the terms of the GNU General +// Public License (GPL); either version 2, or (at your option) any +// later version. + +function _gettimeofday_init:long() %{ + THIS->__retvalue = _stp_init_time(); /* Kick off the Big Bang. */ +%} + +probe begin(-0x8000000000000000) { + if (_gettimeofday_init() != 0) + error("couldn't initialize gettimeofday") +} + +function _gettimeofday_kill() %{ + _stp_kill_time(); /* Go to a beach. Drink a beer. */ +%} + +probe end(0x7FFFFFFFFFFFFFFF), error(0x7FFFFFFFFFFFFFFF) { + _gettimeofday_kill() +} + + +/** + * sfunction gettimeofday_ns - Number of nanoseconds since UNIX epoch. + * + * Return the number of nanoseconds since the UNIX epoch. + */ +function gettimeofday_ns:long () %{ /* pure */ + /* NOTE: we can't use do_gettimeofday because we could be called from a + * context where xtime_lock is already held. See bug #2525. */ + THIS->__retvalue = _stp_gettimeofday_ns(); + if (THIS->__retvalue < 0) + CONTEXT->last_error = "gettimeofday not initialized"; +%} + +/** + * sfunction gettimeofday_us - Number of microseconds since UNIX epoch. + * + * Return the number of microseconds since the UNIX epoch. + */ +function gettimeofday_us:long () { + return gettimeofday_ns() / 1000; +} + +/** + * sfunction gettimeofday_ms - Number of milliseconds since UNIX epoch. + * + * Return the number of milliseconds since the UNIX epoch. + */ +function gettimeofday_ms:long () { + return gettimeofday_ns() / 1000000; +} + +/** + * sfunction gettimeofday_s - Number of seconds since UNIX epoch. + * + * Return the number of seconds since the UNIX epoch. + */ +function gettimeofday_s:long () { + return gettimeofday_ns() / 1000000000; +} + +// likewise jiffies, monotonic_clock ... diff --git a/tapsets.cxx b/tapsets.cxx index 959aa56b..e5efa153 100644 --- a/tapsets.cxx +++ b/tapsets.cxx @@ -1329,7 +1329,10 @@ struct dwflpp const char * sym = label_val.c_str(); Dwarf_Die die; - dwarf_child (cu, &die); + int res = dwarf_child (cu, &die); + if (res != 0) + return; // die without children, bail out. + static string function_name; do { @@ -1337,13 +1340,11 @@ struct dwflpp Dwarf_Attribute *attr = dwarf_attr (&die, DW_AT_name, &attr_mem); int tag = dwarf_tag(&die); const char *name = dwarf_formstring (attr); - if (name == NULL) - continue; - if (tag == DW_TAG_subprogram) + if (tag == DW_TAG_subprogram && name != 0) { function_name = name; } - else if (tag == DW_TAG_label + else if (tag == DW_TAG_label && name != 0 && ((strncmp(name, sym, strlen(sym)) == 0) || (name_has_wildcard (sym) && function_name_matches_pattern (name, sym)))) @@ -5723,7 +5724,7 @@ dwarf_builder::build(systemtap_session & sess, } } - if (probe_type == probes_and_dwarf) + if (probe_type == probes_and_dwarf && ! sess.listing_mode) { Elf_Data *pdata = elf_getdata_rawchunk (elf, shdr->sh_offset, shdr->sh_size, ELF_T_BYTE); assert (pdata != NULL); @@ -5747,17 +5748,22 @@ dwarf_builder::build(systemtap_session & sess, if (probe_scn_offset % (sizeof(__uint64_t))) probe_scn_offset += sizeof(__uint64_t) - (probe_scn_offset % sizeof(__uint64_t)); probe_arg = *((__uint64_t*)((char*)pdata->d_buf + probe_scn_offset)); - if (strcmp (location->components[1]->arg->tok->content.c_str(), probe_name.c_str()) == 0) - { - probe_found = true; - break; - } if (probe_scn_offset % (sizeof(__uint64_t)*2)) probe_scn_offset = (probe_scn_offset + sizeof(__uint64_t)*2) - (probe_scn_offset % (sizeof(__uint64_t)*2)); + if (strcmp (location->components[1]->arg->tok->content.c_str(), probe_name.c_str()) == 0) + probe_found = true; + else + continue; + const token* sv_tok = location->components[1]->arg->tok; + location->components[1]->functor = TOK_STATEMENT; + location->components[1]->arg = new literal_number((int)probe_arg); + location->components[1]->arg->tok = sv_tok; + ((literal_map_t&)parameters)[TOK_STATEMENT] = location->components[1]->arg; + dwarf_query q(sess, base, location, *dw, parameters, finished_results); + dw->query_modules(&q); } - location->components[1]->functor = TOK_STATEMENT; - location->components[1]->arg = new literal_number((int)probe_arg); - ((literal_map_t&)parameters)[TOK_STATEMENT] = location->components[1]->arg; + if (probe_found) + return; } if (probe_type == dwarf_no_probes || ! probe_found) diff --git a/testsuite/systemtap.base/gtod_init.exp b/testsuite/systemtap.base/gtod_init.exp new file mode 100644 index 00000000..48616b1f --- /dev/null +++ b/testsuite/systemtap.base/gtod_init.exp @@ -0,0 +1,29 @@ +# test for checking initialization of the time subsystem +set test "gtod_init" + +# check that init and kill are both present with a gettimeofday +set time_init 0 +set time_kill 0 +spawn stap -p2 -e {probe begin { println(gettimeofday_s()) }} +expect { + -timeout 120 + -re {\n_gettimeofday_init:} { incr time_init; exp_continue } + -re {\n_gettimeofday_kill:} { incr time_kill; exp_continue } + timeout { fail "$test (timeout)" } + eof { + if {$time_init == 1} { pass "$test (init)" } { fail "$test (init $time_init)" } + if {$time_kill == 1} { pass "$test (kill)" } { fail "$test (kill $time_kill)" } + } +} +wait + +# check that init and kill are both NOT present without a gettimeofday +spawn stap -p2 -e {probe begin { println(get_cycles()) }} +expect { + -timeout 120 + -re {\n_gettimeofday_init:} { fail "$test (bad init)" } + -re {\n_gettimeofday_kill:} { fail "$test (bad kill)" } + timeout { fail "$test (timeout)" } + eof { pass "$test (no init/kill)" } +} +wait diff --git a/testsuite/systemtap.base/static_uprobes.exp b/testsuite/systemtap.base/static_uprobes.exp index c76d4805..a4bd5e2c 100644 --- a/testsuite/systemtap.base/static_uprobes.exp +++ b/testsuite/systemtap.base/static_uprobes.exp @@ -14,6 +14,7 @@ puts $fp " void bar (int i) { + STATIC_UPROBES_TEST_PROBE_2(i); if (i == 0) i = 1000; STAP_PROBE1(static_uprobes,test_probe_2,i); @@ -158,7 +159,7 @@ expect { wait -if {$ok == 4} { pass "$test C" } { fail "$test C ($ok)" } +if {$ok == 5} { pass "$test C" } { fail "$test C ($ok)" } set ok 0 @@ -169,7 +170,6 @@ verbose -log "spawn stap -c $sup_exepath $sup_stppath" spawn stap -c $sup_exepath $sup_stppath expect { -timeout 180 - -re {In test_probe_1 probe} { incr ok; exp_continue } -re {In test_probe_2 probe 0x2} { incr ok; exp_continue } -re {In test_probe_0 probe 0x3} { incr ok; exp_continue } -re {In test_probe_3 probe 0x3 0x[0-9a-f][0-9a-f]} { incr ok; exp_continue } @@ -180,7 +180,7 @@ expect { wait -if {$ok == 4} { pass "$test C++" } { fail "$test C++ ($ok)" } +if {$ok == 5} { pass "$test C++" } { fail "$test C++ ($ok)" } # catch {exec rm -f $sup_srcpath $sup_exepath $supcplus_exepath $sup_hpath $sup_stppath} diff --git a/translate.cxx b/translate.cxx index 530b077d..135830df 100644 --- a/translate.cxx +++ b/translate.cxx @@ -4534,6 +4534,10 @@ dump_unwindsyms (Dwfl_Module *m, ki = dwfl_module_relocate_address (m, &extra_offset); dwfl_assert ("dwfl_module_relocate_address extra_offset", ki >= 0); + // Sadly dwfl_module_relocate_address is broken on + // elfutils < 0.138, so we need to adjust for the module + // base address outself. (see also below). + extra_offset = sym.st_value - base; if (c->session.verbose > 2) clog << "Found kernel _stext 0x" << hex << extra_offset << dec << endl; } @@ -5009,11 +5013,11 @@ translate_pass (systemtap_session& s) s.op->newline(); // XXX impedance mismatch - s.op->newline() << "static int probe_start () {"; + s.op->newline() << "static int probe_start (void) {"; s.op->newline(1) << "return systemtap_module_init () ? -1 : 0;"; s.op->newline(-1) << "}"; s.op->newline(); - s.op->newline() << "static void probe_exit () {"; + s.op->newline() << "static void probe_exit (void) {"; s.op->newline(1) << "systemtap_module_exit ();"; s.op->newline(-1) << "}"; s.op->assert_0_indent(); |