summaryrefslogtreecommitdiffstats
path: root/tapset/syscalls2.stp
diff options
context:
space:
mode:
Diffstat (limited to 'tapset/syscalls2.stp')
-rw-r--r--tapset/syscalls2.stp2501
1 files changed, 2501 insertions, 0 deletions
diff --git a/tapset/syscalls2.stp b/tapset/syscalls2.stp
new file mode 100644
index 00000000..c13bcf23
--- /dev/null
+++ b/tapset/syscalls2.stp
@@ -0,0 +1,2501 @@
+// syscalls tapset part 2 [N-Z]
+// Copyright (C) 2005 IBM Corp.
+// Copyright (C) 2005, 2006 Red Hat Inc.
+//
+// This file is part of systemtap, and is free software. You can
+// redistribute it and/or modify it under the terms of the GNU General
+// Public License (GPL); either version 2, or (at your option) any
+// later version.
+
+/* Each syscall returns the calls parameters. In addition, the following
+* variables are set:
+*
+* name - generally the syscall name minus the "sys_".
+*
+* argstr - a string containing the decoded args in an easy-to-read format.
+* It doesn't need to contain everything, but should have all the
+* important args.
+*
+* returnp - set to 1 if return probe
+*/
+
+# open _______________________________________________________
+# asmlinkage long sys_open(const char __user * filename, int flags, int mode)
+probe syscall.open = kernel.function("sys_open") {
+ name = "open"
+ filename = user_string($filename)
+ flags = $flags
+ mode = $mode
+ if (f & 64)
+ argstr = sprintf("\"%s\", %s, 0x%x", filename, _sys_open_flag_str(flags), mode)
+ else
+ argstr = sprintf("\"%s\", %s", filename, _sys_open_flag_str(flags))
+}
+probe syscall.open.return = kernel.function("sys_open").return {
+ name = "open"
+ returnp = 1
+}
+
+# read _______________________________________________________
+# ssize_t sys_read(unsigned int fd, char __user * buf, size_t count)
+probe syscall.read = kernel.function("sys_read") {
+ name = "read"
+ fd = $fd
+ buf_uaddr = $buf
+ count = $count
+ argstr = sprintf("%d, ..., %d", fd, count)
+}
+probe syscall.read.return = kernel.function("sys_read").return {
+ name = "read"
+ returnp = 1
+}
+
+#######################################################################
+################# OLD STUFF rewrite everything below here##############
+#######################################################################
+
+# nanosleep __________________________________________________
+/*
+ * asmlinkage long
+ * sys_nanosleep(struct timespec __user *rqtp,
+ * struct timespec __user *rmtp)
+ */
+probe kernel.syscall.nanosleep =
+ kernel.function("sys_nanosleep") {
+ name = "nanosleep"
+ req_uaddr = $rqtp
+ rem_uaddr = $rmtp
+ /*
+ * XXX NOT SAFE -- might sleep
+ * req_tv_sec = __uget_ts_m($rqtp,0)
+ * req_tv_nsec = __uget_ts_m($rqtp,1)
+ * rem_tv_sec = __uget_ts_m($rmtp,0)
+ * rem_tv_nsec = __uget_ts_m($rmtp,1)
+ */
+ }
+probe kernel.syscall.nanosleep.return =
+ kernel.function("sys_nanosleep").return {
+ name = "nanosleep.return"
+ }
+# newfstat ___________________________________________________
+/*
+ * asmlinkage long
+ * sys_newfstat(unsigned int fd,
+ * struct stat __user * statbuf)
+ */
+probe kernel.syscall.newfstat =
+ kernel.function("sys_newfstat") {
+ name = "newfstat"
+ fd = $fd
+ buf_uaddr = $statbuf
+ }
+probe kernel.syscall.newfstat.return =
+ kernel.function("sys_newfstat").return {
+ name = "newfstat.return"
+ }
+# newlstat ___________________________________________________
+/*
+ * asmlinkage long
+ * sys_newlstat(char __user * filename,
+ * struct stat __user * statbuf)
+ */
+probe kernel.syscall.newlstat =
+ kernel.function("sys_newlstat") {
+ name = "newlstat"
+ filename_uaddr = $filename
+ buf_uaddr = $statbuf
+ }
+probe kernel.syscall.newlstat.return =
+ kernel.function("sys_newlstat").return {
+ name = "newlstat.return"
+ }
+# newstat ____________________________________________________
+/*
+ * asmlinkage long
+ * sys_newstat(char __user * filename,
+ * struct stat __user * statbuf)
+ */
+probe kernel.syscall.newstat =
+ kernel.function("sys_newstat") {
+ name = "newstat"
+ filename_uaddr = $filename
+ buf_uaddr = $statbuf
+ }
+probe kernel.syscall.newstat.return =
+ kernel.function("sys_newstat").return {
+ name = "newstat.return"
+ }
+# newuname ___________________________________________________
+/*
+ * asmlinkage long
+ * sys_newuname(struct new_utsname __user * name)
+ */
+probe kernel.syscall.newuname =
+ kernel.function("sys_newuname") {
+ name = "newuname"
+ name_uaddr = $name
+ }
+probe kernel.syscall.newuname.return =
+ kernel.function("sys_newuname").return {
+ name = "newuname.return"
+ }
+# nfsservctl _________________________________________________
+/*
+ * long asmlinkage
+ * sys_nfsservctl(int cmd,
+ * struct nfsctl_arg __user *arg,
+ * void __user *res)
+ */
+probe kernel.syscall.nfsservctl =
+ kernel.function("sys_nfsservctl") {
+ name = "nfsservctl"
+ cmd = $cmd
+ argp_uaddr = $arg
+ resp_uaddr = $res
+ }
+probe kernel.syscall.nfsservctl.return =
+ kernel.function("sys_nfsservctl").return {
+ name = "nfsservctl.return"
+ }
+# nice _______________________________________________________
+/*
+ * asmlinkage long
+ * sys_nice(int increment)
+ */
+probe kernel.syscall.nice =
+ kernel.function("sys_nice") {
+ name = "nice"
+ inc = $increment
+ }
+probe kernel.syscall.nice.return =
+ kernel.function("sys_nice").return {
+ name = "nice.return"
+ }
+# ni_syscall _________________________________________________
+/*
+ * asmlinkage long
+ * sys_ni_syscall(void)
+ */
+probe kernel.syscall.ni_syscall =
+ kernel.function("sys_ni_syscall") {
+ name = "ni_syscall"
+ }
+probe kernel.syscall.ni_syscall.return =
+ kernel.function("sys_ni_syscall").return {
+ name = "ni_syscall.return"
+ }
+# old_getrlimit ______________________________________________
+/*
+ * asmlinkage long
+ * sys_old_getrlimit(unsigned int resource,
+ * struct rlimit __user *rlim)
+ */
+probe kernel.syscall.old_getrlimit =
+ kernel.function("sys_old_getrlimit") {
+ name = "old_getrlimit"
+ resource = $resource
+ resource_str = _rlimit_resource_str($resource)
+ rlim_uaddr = $rlim
+ }
+probe kernel.syscall.old_getrlimit.return =
+ kernel.function("sys_old_getrlimit").return {
+ name = "old_getrlimit.return"
+ }
+# oldumount __________________________________________________
+/*
+ * asmlinkage long
+ * sys_oldumount(char __user * name)
+ */
+probe kernel.syscall.oldumount =
+ kernel.function("sys_umount") {
+ name = "oldumount"
+ target_uaddr = $name
+ }
+probe kernel.syscall.oldumount.return =
+ kernel.function("sys_umount").return {
+ name = "oldumount.return"
+ }
+# pause ______________________________________________________
+/*
+ * sys_pause(void)
+ */
+probe kernel.syscall.pause =
+ kernel.function("sys_pause") {
+ name = "pause"
+ }
+probe kernel.syscall.pause.return =
+ kernel.function("sys_pause").return {
+ name = "pause.return"
+ }
+# pciconfig_iobase ___________________________________________
+/*
+ * asmlinkage long
+ * sys_pciconfig_iobase(long which,
+ * unsigned long bus,
+ * unsigned long dfn)
+ */
+/*
+probe kernel.syscall.pciconfig_iobase =
+ kernel.function("sys_pciconfig_iobase") {
+ name = "pciconfig_iobase"
+ which = $which
+ bus = $bus
+ dfn = $dfn
+ }
+probe kernel.syscall.pciconfig_iobase.return =
+ kernel.function("sys_pciconfig_iobase").return {
+ name = "pciconfig_iobase.return"
+ }
+*/
+# pciconfig_read _____________________________________________
+/*
+ * asmlinkage int
+ * sys_pciconfig_read(unsigned long bus,
+ * unsigned long dfn,
+ * unsigned long off,
+ * unsigned long len,
+ * unsigned char *buf)
+ * { return 0; }
+ */
+/*
+probe kernel.syscall.pciconfig_read =
+ kernel.function("sys_pciconfig_read") {
+ name = "pciconfig_read"
+ bus = $bus
+ dfn = $dfn
+ off = $off
+ len = $len
+ buf_uaddr = $buf
+ }
+probe kernel.syscall.pciconfig_read.return =
+ kernel.function("sys_pciconfig_read").return {
+ name = "pciconfig_read.return"
+ }
+*/
+# pciconfig_write ____________________________________________
+/*
+ * asmlinkage int
+ * sys_pciconfig_write(unsigned long bus,
+ * unsigned long dfn,
+ * unsigned long off,
+ * unsigned long len,
+ * unsigned char *buf)
+ */
+/*
+probe kernel.syscall.pciconfig_write =
+ kernel.function("sys_pciconfig_write") {
+ name = "pciconfig_write"
+ bus = $bus
+ dfn = $dfn
+ off = $off
+ len = $len
+ buf_uaddr = $buf
+ }
+probe kernel.syscall.pciconfig_write.return =
+ kernel.function("sys_pciconfig_write").return {
+ name = "pciconfig_write.return"
+ }
+*/
+# personality ________________________________________________
+/*
+ * asmlinkage long
+ * sys_personality(u_long personality)
+ */
+probe kernel.syscall.personality =
+ kernel.function("sys_personality") {
+ name = "personality"
+ persona = $personality
+ }
+probe kernel.syscall.personality.return =
+ kernel.function("sys_personality").return {
+ name = "personality.return"
+ }
+# pipe _______________________________________________________
+/*
+ * asmlinkage int
+ * sys_pipe(unsigned long __user * fildes)
+ */
+probe kernel.syscall.pipe =
+ kernel.function("sys_pipe") {
+ name = "pipe"
+ fildes_uaddr = $fildes
+ }
+probe kernel.syscall.pipe.return =
+ kernel.function("sys_pipe").return {
+ name = "pipe.return"
+ }
+# pivot_root _________________________________________________
+/*
+ * asmlinkage long
+ * sys_pivot_root(const char __user *new_root,
+ * const char __user *put_old)
+ */
+probe kernel.syscall.pivot_root =
+ kernel.function("sys_pivot_root") {
+ name = "pivot_root"
+ new_root_uaddr = $new_root
+ old_root_uaddr = $put_old
+ }
+probe kernel.syscall.pivot_root.return =
+ kernel.function("sys_pivot_root").return {
+ name = "pivot_root.return"
+ }
+# poll _______________________________________________________
+/*
+ * asmlinkage long
+ * sys_poll(struct pollfd __user * ufds,
+ * unsigned int nfds,
+ * long timeout)
+ */
+probe kernel.syscall.poll =
+ kernel.function("sys_poll") {
+ name = "poll"
+ ufds_uaddr = $ufds
+ nfds = $nfds
+ timeout = $timeout
+ }
+probe kernel.syscall.poll.return =
+ kernel.function("sys_poll").return {
+ name = "poll.return"
+ }
+# prctl ______________________________________________________
+/*
+ * asmlinkage long
+ * sys_prctl(int option,
+ * unsigned long arg2,
+ * unsigned long arg3,
+ * unsigned long arg4,
+ * unsigned long arg5)
+ */
+probe kernel.syscall.prctl =
+ kernel.function("sys_prctl") {
+ name = "prctl"
+ option = $option
+ arg2 = $arg2
+ arg3 = $arg3
+ arg4 = $arg4
+ arg5 = $arg5
+ }
+probe kernel.syscall.prctl.return =
+ kernel.function("sys_prctl").return {
+ name = "prctl.return"
+ }
+# pread64 ____________________________________________________
+/*
+ * asmlinkage ssize_t
+ * sys_pread64(unsigned int fd,
+ * char __user *buf,
+ * size_t count,
+ * loff_t pos)
+ */
+probe kernel.syscall.pread64 =
+ kernel.function("sys_pread64") {
+ name = "pread64"
+ fd = $fd
+ buf_uaddr = $buf
+ count = $count
+ offset = $pos
+ }
+probe kernel.syscall.pread64.return =
+ kernel.function("sys_pread64").return {
+ name = "pread64.return"
+ }
+# ptrace _____________________________________________________
+/*
+ * asmlinkage int
+ * sys_ptrace(long request,
+ * long pid,
+ * long addr,
+ * long data)
+ */
+probe kernel.syscall.ptrace =
+ kernel.function("sys_ptrace") {
+ name = "ptrace"
+ request = $request
+ pid = $pid
+ addr = $addr
+ data = $data
+ }
+probe kernel.syscall.ptrace.return =
+ kernel.function("sys_ptrace").return {
+ name = "ptrace.return"
+ }
+# pwrite64 ___________________________________________________
+/*
+ * asmlinkage ssize_t
+ * sys_pwrite64(unsigned int fd,
+ * const char __user *buf,
+ * size_t count,
+ * loff_t pos)
+ */
+probe kernel.syscall.pwrite64 =
+ kernel.function("sys_pwrite64") {
+ name = "pwrite64"
+ fd = $fd
+ buf_uaddr = $buf
+ count = $count
+ offset = $pos
+ }
+probe kernel.syscall.pwrite64.return =
+ kernel.function("sys_pwrite64").return {
+ name = "pwrite64.return"
+ }
+# quotactl ___________________________________________________
+/*
+ * asmlinkage long
+ * sys_quotactl(unsigned int cmd,
+ * const char __user *special,
+ * qid_t id,
+ * void __user *addr)
+ */
+probe kernel.syscall.quotactl =
+ kernel.function("sys_quotactl") {
+ name = "quotactl"
+ cmd = $cmd
+ cmd_str = _quotactl_cmd_str($cmd)
+ special_uaddr = $special
+ id = $id
+ addr_uaddr = $addr
+ }
+probe kernel.syscall.quotactl.return =
+ kernel.function("sys_quotactl").return {
+ name = "quotactl.return"
+ }
+# readahead __________________________________________________
+/*
+ * asmlinkage ssize_t
+ * sys_readahead(int fd,
+ * loff_t offset,
+ * size_t count)
+ */
+probe kernel.syscall.readahead =
+ kernel.function("sys_readahead") {
+ name = "readahead"
+ fd = $fd
+ offset = $offset
+ count = $count
+ }
+probe kernel.syscall.readahead.return =
+ kernel.function("sys_readahead").return {
+ name = "readahead.return"
+ }
+# readlink ___________________________________________________
+/*
+ * asmlinkage long
+ * sys_readlink(const char __user * path,
+ * char __user * buf,
+ * int bufsiz)
+ */
+probe kernel.syscall.readlink =
+ kernel.function("sys_readlink") {
+ name = "readlink"
+ path_uaddr = $path
+ buf_uaddr = $buf
+ bufsiz = $bufsiz
+ }
+probe kernel.syscall.readlink.return =
+ kernel.function("sys_readlink").return {
+ name = "readlink.return"
+ }
+# readv ______________________________________________________
+/*
+ * asmlinkage ssize_t
+ * sys_readv(unsigned long fd,
+ * const struct iovec __user *vec,
+ * unsigned long vlen)
+ */
+probe kernel.syscall.readv =
+ kernel.function("sys_readv") {
+ name = "readv"
+ fd = $fd
+ vector_uaddr = $vec
+ count = $vlen
+ }
+probe kernel.syscall.readv.return =
+ kernel.function("sys_readv").return {
+ name = "readv.return"
+ }
+# reboot _____________________________________________________
+/*
+ * asmlinkage long
+ * sys_reboot(int magic1,
+ * int magic2,
+ * unsigned int cmd,
+ * void __user * arg)
+ */
+probe kernel.syscall.reboot =
+ kernel.function("sys_reboot") {
+ name = "reboot"
+ magic = $magic1
+ magic_str = _reboot_magic_str($magic1)
+ magic2 = $magic2
+ magic2_str =_reboot_magic_str($magic2)
+ flag = $cmd
+ flag_str = _reboot_flag_str(flag)
+ arg_uaddr = $arg
+ }
+probe kernel.syscall.reboot.return =
+ kernel.function("sys_reboot").return {
+ name = "reboot.return"
+ }
+# recv _______________________________________________________
+/*
+ * asmlinkage long
+ * sys_recvfrom(int fd,
+ * void __user * ubuf,
+ * size_t size,
+ * unsigned flags,
+ * struct sockaddr __user *addr,
+ * int __user *addr_len)
+ */
+probe kernel.syscall.recv =
+ kernel.function("sys_recvfrom") {
+ name = "recv"
+ s = $fd
+ buf_uaddr = $ubuf
+ len = $size
+ flags = $flags
+ flags_str = _recvflags_str($flags)
+ from_uaddr = $addr
+ fromlen_uaddr = $addr_len
+ }
+probe kernel.syscall.recv.return =
+ kernel.function("sys_recvfrom").return {
+ name = "recv.return"
+ }
+# recvfrom ___________________________________________________
+/*
+ * asmlinkage long
+ * sys_recvfrom(int fd,
+ * void __user * ubuf,
+ * size_t size,
+ * unsigned flags,
+ * struct sockaddr __user *addr,
+ * int __user *addr_len)
+ */
+probe kernel.syscall.recvfrom =
+ kernel.function("sys_recvfrom") {
+ name = "recvfrom"
+ s = $fd
+ buf_uaddr = $ubuf
+ len = $size
+ flags = $flags
+ flags_str = _recvflags_str($flags)
+ from_uaddr = $addr
+ fromlen = $addr_len
+ }
+probe kernel.syscall.recvfrom.return =
+ kernel.function("sys_recvfrom").return {
+ name = "recvfrom.return"
+ }
+# recvmsg ____________________________________________________
+/*
+ * asmlinkage long
+ * sys_recvmsg(int fd,
+ * struct msghdr __user *msg,
+ * unsigned int flags)
+ */
+probe kernel.syscall.recvmsg =
+ kernel.function("sys_recvmsg") {
+ name = "recvmsg"
+ s = $fd
+ msg_uaddr = $msg
+ flags = $flags
+ flags_str = _recvflags_str($flags)
+ }
+probe kernel.syscall.recvmsg.return =
+ kernel.function("sys_recvmsg").return {
+ name = "recvmsg.return"
+ }
+# remap_file_pages ___________________________________________
+/*
+ * asmlinkage long
+ * sys_remap_file_pages(unsigned long start,
+ * unsigned long size,
+ * unsigned long __prot,
+ * unsigned long pgoff,
+ * unsigned long flags)
+ */
+probe kernel.syscall.remap_file_pages =
+ kernel.function("sys_remap_file_pages") {
+ name = "remap_file_pages"
+ start = $start
+ size = $size
+ prot = $__prot
+ pgoff = $pgoff
+ flags = $flags
+ }
+probe kernel.syscall.remap_file_pages.return =
+ kernel.function("sys_remap_file_pages").return {
+ name = "remap_file_pages.return"
+ }
+# removexattr ________________________________________________
+/*
+ * asmlinkage long
+ * sys_removexattr(char __user *path,
+ * char __user *name)
+ */
+probe kernel.syscall.removexattr =
+ kernel.function("sys_removexattr") {
+ name = "removexattr"
+ path_uaddr = $path
+ name_uaddr = $name
+ }
+probe kernel.syscall.removexattr.return =
+ kernel.function("sys_removexattr").return {
+ name = "removexattr.return"
+ }
+# rename _____________________________________________________
+/*
+ * asmlinkage long
+ * sys_rename(const char __user * oldname,
+ * const char __user * newname)
+ */
+probe kernel.syscall.rename =
+ kernel.function("sys_rename") {
+ name = "rename"
+ oldpath_uaddr = $oldname
+ newpath_uaddr = $newname
+ }
+probe kernel.syscall.rename.return =
+ kernel.function("sys_rename").return {
+ name = "rename.return"
+ }
+# request_key ________________________________________________
+/*
+ * asmlinkage long
+ * sys_request_key(const char __user *_type,
+ * const char __user *_description,
+ * const char __user *_callout_info,
+ * key_serial_t destringid)
+ */
+probe kernel.syscall.request_key =
+ kernel.function("sys_request_key") {
+ name = "request_key"
+ type_uaddr = $_type
+ description_uaddr = $_description
+ callout_info_uaddr = $_callout_info
+ destringid = $destringid
+ }
+probe kernel.syscall.request_key.return =
+ kernel.function("sys_request_key").return {
+ name = "request_key.return"
+ }
+# restart_syscall ____________________________________________
+/*
+ * asmlinkage long
+ * sys_restart_syscall(void)
+ */
+probe kernel.syscall.restart_syscall =
+ kernel.function("sys_restart_syscall") {
+ name = "restart_syscall"
+ }
+probe kernel.syscall.restart_syscall.return =
+ kernel.function("sys_restart_syscall").return {
+ name = "restart_syscall.return"
+ }
+# rmdir ______________________________________________________
+/*
+ * asmlinkage long
+ * sys_rmdir(const char __user * pathname)
+ */
+probe kernel.syscall.rmdir =
+ kernel.function("sys_rmdir") {
+ name = "rmdir"
+ pathname_uaddr = $pathname
+ }
+probe kernel.syscall.rmdir.return =
+ kernel.function("sys_rmdir").return {
+ name = "rmdir.return"
+ }
+# rt_sigaction _______________________________________________
+/*
+ * asmlinkage long
+ * sys_rt_sigaction(int sig,
+ * const struct sigaction __user *act,
+ * struct sigaction __user *oact,
+ * size_t sigsetsize,
+ * void __user *restorer)
+ */
+probe kernel.syscall.rt_sigaction =
+ kernel.function("sys_rt_sigaction") {
+ name = "rt_sigaction"
+ sig = $sig
+ act_uaddr = $act
+ oact_uaddr = $oact
+ sigsetsize = $sigsetsize
+ /*
+ * unable to find local 'restorer' (maybe i386 specific)
+ * restorer_uaddr = $restorer
+ */
+ }
+probe kernel.syscall.rt_sigaction.return =
+ kernel.function("sys_rt_sigaction").return {
+ name = "rt_sigaction.return"
+ }
+# rt_sigpending ______________________________________________
+/*
+ * asmlinkage long
+ * sys_rt_sigpending(sigset_t __user *set,
+ * size_t sigsetsize)
+ */
+probe kernel.syscall.rt_sigpending =
+ kernel.function("do_sigpending") {
+ name = "rt_sigpending"
+ set_uaddr = $set
+ sigsetsize = $sigsetsize
+ }
+probe kernel.syscall.rt_sigpending.return =
+ kernel.function("do_sigpending").return {
+ name = "rt_sigpending.return"
+ }
+# rt_sigprocmask _____________________________________________
+/*
+ * asmlinkage long
+ * sys_rt_sigprocmask(int how,
+ * sigset_t __user *set,
+ * sigset_t __user *oset,
+ * size_t sigsetsize)
+ */
+probe kernel.syscall.rt_sigprocmask =
+ kernel.function("sys_rt_sigprocmask") {
+ name = "rt_sigprocmask"
+ how = $how
+ how_str = _sigprocmask_how_str($how)
+ set_uaddr = $set
+ oset_uaddr = $oset
+ sigsetsize = $sigsetsize
+ }
+probe kernel.syscall.rt_sigprocmask.return =
+ kernel.function("sys_rt_sigprocmask").return {
+ name = "rt_sigprocmask.return"
+ }
+# rt_sigqueueinfo ____________________________________________
+/*
+ * asmlinkage long
+ * sys_rt_sigqueueinfo(int pid,
+ * int sig,
+ * siginfo_t __user *uinfo)
+ */
+probe kernel.syscall.rt_sigqueueinfo =
+ kernel.function("sys_rt_sigqueueinfo") {
+ name = "rt_sigqueueinfo"
+ pid = $pid
+ sig = $sig
+ uinfo_uaddr = $uinfo
+ }
+probe kernel.syscall.rt_sigqueueinfo.return =
+ kernel.function("sys_rt_sigqueueinfo").return {
+ name = "rt_sigqueueinfo.return"
+ }
+# rt_sigsuspend ______________________________________________
+/*
+ * asmlinkage int
+ * sys_rt_sigsuspend(struct pt_regs regs)
+ */
+probe kernel.syscall.rt_sigsuspend =
+ kernel.function("sys_rt_sigsuspend") {
+ name = "rt_sigsuspend"
+ /*
+ * unsupported type identifier '$regs'
+ * regs = $regs
+ */
+ }
+probe kernel.syscall.rt_sigsuspend.return =
+ kernel.function("sys_rt_sigsuspend").return {
+ name = "rt_sigsuspend.return"
+ }
+# rt_sigtimedwait ____________________________________________
+/*
+ * asmlinkage long
+ * sys_rt_sigtimedwait(const sigset_t __user *uthese,
+ * siginfo_t __user *uinfo,
+ * const struct timespec __user *uts,
+ * size_t sigsetsize)
+ */
+probe kernel.syscall.rt_sigtimedwait =
+ kernel.function("sys_rt_sigtimedwait") {
+ name = "rt_sigtimedwait"
+ uthese_uaddr = $uthese
+ uinfo_uaddr = $uinfo
+ uts_uaddr = $uts
+ sigsetsize = $sigsetsize
+ }
+probe kernel.syscall.rt_sigtimedwait.return =
+ kernel.function("sys_rt_sigtimedwait").return {
+ name = "rt_sigtimedwait.return"
+ }
+# sched_getaffinity __________________________________________
+/*
+ * asmlinkage long
+ * sys_sched_getaffinity(pid_t pid,
+ * unsigned int len,
+ * unsigned long __user *user_mask_ptr)
+ */
+probe kernel.syscall.sched_getaffinity =
+ kernel.function("sys_sched_getaffinity") {
+ name = "sched_getaffinity"
+ pid = $pid
+ len = $len
+ mask_uaddr = $user_mask_ptr
+ }
+probe kernel.syscall.sched_getaffinity.return =
+ kernel.function("sys_sched_getaffinity").return {
+ name = "sched_getaffinity.return"
+ }
+# sched_getparam _____________________________________________
+/*
+ * asmlinkage long
+ * sys_sched_getparam(pid_t pid,
+ * struct sched_param __user *param)
+ */
+probe kernel.syscall.sched_getparam =
+ kernel.function("sys_sched_getparam") {
+ name = "sched_getparam"
+ pid = $pid
+ p_uaddr = $param
+ }
+probe kernel.syscall.sched_getparam.return =
+ kernel.function("sys_sched_getparam").return {
+ name = "sched_getparam.return"
+ }
+# sched_get_priority_max _____________________________________
+/*
+ * asmlinkage long
+ * sys_sched_get_priority_max(int policy)
+ */
+probe kernel.syscall.sched_get_priority_max =
+ kernel.function("sys_sched_get_priority_max") {
+ name = "sched_get_priority_max"
+ policy = $policy
+ }
+probe kernel.syscall.sched_get_priority_max.return =
+ kernel.function("sys_sched_get_priority_max").return {
+ name = "sched_get_priority_max.return"
+ }
+# sched_get_priority_min _____________________________________
+/*
+ * asmlinkage long
+ * sys_sched_get_priority_min(int policy)
+ */
+probe kernel.syscall.sched_get_priority_min =
+ kernel.function("sys_sched_get_priority_min") {
+ name = "sched_get_priority_min"
+ policy = $policy
+ }
+probe kernel.syscall.sched_get_priority_min.return =
+ kernel.function("sys_sched_get_priority_min").return {
+ name = "sched_get_priority_min.return"
+ }
+# sched_getscheduler _________________________________________
+/*
+ * asmlinkage long
+ * sys_sched_getscheduler(pid_t pid)
+ */
+probe kernel.syscall.sched_getscheduler =
+ kernel.function("sys_sched_getscheduler") {
+ name = "sched_getscheduler"
+ pid = $pid
+ }
+probe kernel.syscall.sched_getscheduler.return =
+ kernel.function("sys_sched_getscheduler").return {
+ name = "sched_getscheduler.return"
+ }
+# sched_rr_get_interval ______________________________________
+/*
+ * asmlinkage long
+ * sys_sched_rr_get_interval(pid_t pid,
+ * struct timespec __user *interval)
+ */
+probe kernel.syscall.sched_rr_get_interval =
+ kernel.function("sys_sched_rr_get_interval") {
+ name = "sched_rr_get_interval"
+ pid = $pid
+ tp_uaddr = $interval
+ }
+probe kernel.syscall.sched_rr_get_interval.return =
+ kernel.function("sys_sched_rr_get_interval").return {
+ name = "sched_rr_get_interval.return"
+ }
+# sched_yield ________________________________________________
+/*
+ * asmlinkage long
+ * sys_sched_yield(void)
+ */
+probe kernel.syscall.sched_yield =
+ kernel.function("sys_sched_yield") {
+ name = "sched_yield"
+ }
+probe kernel.syscall.sched_yield.return =
+ kernel.function("sys_sched_yield").return {
+ name = "sched_yield.return"
+ }
+# select _____________________________________________________
+/*
+ * asmlinkage long
+ * sys_select(int n,
+ * fd_set __user *inp,
+ * fd_set __user *outp,
+ * fd_set __user *exp,
+ * struct timeval __user *tvp)
+ */
+probe kernel.syscall.select =
+ kernel.function("sys_select") {
+ name = "select"
+ n = $n
+ readfds_uaddr = $inp
+ writefds_uaddr = $outp
+ exceptfds_uaddr = $exp
+ timeout_uaddr = $tvp
+ }
+probe kernel.syscall.select.return =
+ kernel.function("sys_select").return {
+ name = "select.return"
+ }
+# semctl _____________________________________________________
+/*
+ * asmlinkage long
+ * sys_semctl (int semid,
+ * int semnum,
+ * int cmd,
+ * union semun arg)
+ */
+probe kernel.syscall.semctl =
+ kernel.function("sys_semctl") {
+ name = "semctl"
+ semid = $semid
+ semnum = $semnum
+ cmd = $cmd
+ /*
+ * unsupported type tag identifier '$arg'
+ * arg = $arg
+ */
+ }
+probe kernel.syscall.semctl.return =
+ kernel.function("sys_semctl").return {
+ name = "semctl.return"
+ }
+# semget _____________________________________________________
+/*
+ * asmlinkage long
+ * sys_semget (key_t key,
+ * int nsems,
+ * int semflg)
+ */
+probe kernel.syscall.semget =
+ kernel.function("sys_semget") {
+ name = "semget"
+ key = $key
+ nsems = $nsems
+ semflg = $semflg
+ }
+probe kernel.syscall.semget.return =
+ kernel.function("sys_semget").return {
+ name = "semget.return"
+ }
+# semop ______________________________________________________
+/*
+ * asmlinkage long
+ * sys_semop (int semid,
+ * struct sembuf __user *tsops,
+ * unsigned nsops)
+ */
+probe kernel.syscall.semop =
+ kernel.function("sys_semtimedop") {
+ name = "semop"
+ semid = $semid
+ tsops_uaddr = $tsops
+ nsops = $nsops
+ }
+probe kernel.syscall.semop.return =
+ kernel.function("sys_semtimedop").return {
+ name = "semop.return"
+ }
+# semtimedop _________________________________________________
+/*
+ * asmlinkage long
+ * sys_semtimedop(int semid,
+ * struct sembuf __user *tsops,
+ * unsigned nsops,
+ * const struct timespec __user *timeout)
+ */
+probe kernel.syscall.semtimedop =
+ kernel.function("sys_semtimedop") {
+ name = "semtimedop"
+ semid = $semid
+ sops_uaddr = $tsops
+ nsops = $nsops
+ timeout_uaddr = $timeout
+ }
+probe kernel.syscall.semtimedop.return =
+ kernel.function("sys_semtimedop").return {
+ name = "semtimedop.return"
+ }
+# send _______________________________________________________
+/*
+ * asmlinkage long
+ * sys_sendto(int fd,
+ * void __user * buff,
+ * size_t len,
+ * unsigned flags,
+ * struct sockaddr __user *addr,
+ * int addr_len)
+ */
+probe kernel.syscall.send =
+ kernel.function("sys_sendto") {
+ name = "send"
+ s = $fd
+ buf_uaddr = $buff
+ len = $len
+ flags = $flags
+ flags_str = _send_flags_str($flags)
+ to_uaddr = $addr
+ tolen = $addr_len
+ }
+probe kernel.syscall.send.return =
+ kernel.function("sys_sendto").return {
+ name = "send.return"
+ }
+# sendfile ___________________________________________________
+/*
+ * asmlinkage ssize_t
+ * sys_sendfile(int out_fd,
+ * int in_fd,
+ * off_t __user *offset,
+ * size_t count)
+ */
+probe kernel.syscall.sendfile =
+ kernel.function("sys_sendfile") {
+ name = "sendfile"
+ out_fd = $out_fd
+ in_fd = $in_fd
+ offset_uaddr = $offset
+ count = $count
+ }
+probe kernel.syscall.sendfile.return =
+ kernel.function("sys_sendfile").return {
+ name = "sendfile.return"
+ }
+# sendfile64 _________________________________________________
+/*
+ * asmlinkage ssize_t
+ * sys_sendfile64(int out_fd,
+ * int in_fd,
+ * loff_t __user *offset,
+ * size_t count)
+ */
+probe kernel.syscall.sendfile64 =
+ kernel.function("sys_sendfile64") {
+ name = "sendfile64"
+ out_fd = $out_fd
+ in_fd = $in_fd
+ offset_uaddr = $offset
+ count = $count
+ }
+probe kernel.syscall.sendfile64.return =
+ kernel.function("sys_sendfile64").return {
+ name = "sendfile64.return"
+ }
+# sendmsg ____________________________________________________
+/*
+ * asmlinkage long
+ * sys_sendmsg(int fd,
+ * struct msghdr __user *msg,
+ * unsigned flags)
+ */
+probe kernel.syscall.sendmsg =
+ kernel.function("sys_sendmsg") {
+ name = "sendmsg"
+ s = $fd
+ msg_uaddr = $msg
+ flags = $flags
+ flags_str = _send_flags_str($flags)
+ }
+probe kernel.syscall.sendmsg.return =
+ kernel.function("sys_sendmsg").return {
+ name = "sendmsg.return"
+ }
+# sendto _____________________________________________________
+/*
+ * asmlinkage long
+ * sys_sendto(int fd,
+ * void __user * buff,
+ * size_t len,
+ * unsigned flags,
+ * struct sockaddr __user *addr,
+ * int addr_len)
+ */
+probe kernel.syscall.sendto =
+ kernel.function("sys_sendto") {
+ name = "sendto"
+ s = $fd
+ buf_uaddr = $buff
+ len = $len
+ flags = $flags
+ flags_str = _send_flags_str($flags)
+ to_uaddr = $addr
+ tolen = $addr_len
+ }
+probe kernel.syscall.sendto.return =
+ kernel.function("sys_sendto").return {
+ name = "sendto.return"
+ }
+# setdomainname ______________________________________________
+/*
+ * asmlinkage long
+ * sys_setdomainname(char __user *name,
+ * int len)
+ */
+probe kernel.syscall.setdomainname =
+ kernel.function("sys_setdomainname") {
+ name = "setdomainname"
+ hostname_uaddr = $name
+ len = $len
+ }
+probe kernel.syscall.setdomainname.return =
+ kernel.function("sys_setdomainname").return {
+ name = "setdomainname.return"
+ }
+# setfsgid ___________________________________________________
+/*
+ * asmlinkage long
+ * sys_setfsgid(gid_t gid)
+ */
+probe kernel.syscall.setfsgid =
+ kernel.function("sys_setfsgid") {
+ name = "setfsgid"
+ fsgid = $gid
+ }
+probe kernel.syscall.setfsgid.return =
+ kernel.function("sys_setfsgid").return {
+ name = "setfsgid.return"
+ }
+# setfsgid16 _________________________________________________
+/*
+ * asmlinkage long
+ * sys_setfsgid16(old_gid_t gid)
+ */
+probe kernel.syscall.setfsgid16 =
+ kernel.function("sys_setfsgid") {
+ name = "setfsgid16"
+ gid = $gid
+ }
+probe kernel.syscall.setfsgid16.return =
+ kernel.function("sys_setfsgid").return {
+ name = "setfsgid16.return"
+ }
+# setfsuid ___________________________________________________
+/*
+ * asmlinkage long
+ * sys_setfsuid(uid_t uid)
+ */
+probe kernel.syscall.setfsuid =
+ kernel.function("sys_setfsuid") {
+ name = "setfsuid"
+ fsuid = $uid
+ }
+probe kernel.syscall.setfsuid.return =
+ kernel.function("sys_setfsuid").return {
+ name = "setfsuid.return"
+ }
+# setfsuid16 _________________________________________________
+/*
+ * asmlinkage long
+ * sys_setfsuid16(old_uid_t uid)
+ */
+probe kernel.syscall.setfsuid16 =
+ kernel.function("sys_setfsuid") {
+ name = "setfsuid16"
+ uid = $uid
+ }
+probe kernel.syscall.setfsuid16.return =
+ kernel.function("sys_setfsuid").return {
+ name = "setfsuid16.return"
+ }
+# setgid _____________________________________________________
+/*
+ * asmlinkage long
+ * sys_setgid(gid_t gid)
+ */
+probe kernel.syscall.setgid =
+ kernel.function("sys_setgid") {
+ name = "setgid"
+ gid = $gid
+ }
+probe kernel.syscall.setgid.return =
+ kernel.function("sys_setgid").return {
+ name = "setgid.return"
+ }
+# setgid16 ___________________________________________________
+/*
+ * asmlinkage long
+ * sys_setgid16(old_gid_t gid)
+ */
+probe kernel.syscall.setgid16 =
+ kernel.function("sys_setgid") {
+ name = "setgid16"
+ gid = $gid
+ }
+probe kernel.syscall.setgid16.return =
+ kernel.function("sys_setgid").return {
+ name = "setgid16.return"
+ }
+# setgroups __________________________________________________
+/*
+ * asmlinkage long
+ * sys_setgroups(int gidsetsize,
+ * gid_t __user *grouplist)
+ */
+probe kernel.syscall.setgroups =
+ kernel.function("sys_setgroups") {
+ name = "setgroups"
+ size = $gidsetsize
+ /*
+ * NOTE
+ * list defined as "gid_t list[]" there
+ * is no practical way to export these
+ * values. Therefore just export addr,
+ * let the user take care of it with
+ * embedded C if need be.
+ */
+ list_uaddr = $grouplist
+ }
+probe kernel.syscall.setgroups.return =
+ kernel.function("sys_setgroups").return {
+ name = "setgroups.return"
+ }
+# setgroups16 ________________________________________________
+/*
+ * asmlinkage long
+ * sys_setgroups16(int gidsetsize,
+ * old_gid_t __user *grouplist)
+ */
+probe kernel.syscall.setgroups16 =
+ kernel.function("sys_setgroups16") {
+ name = "setgroups16"
+ size = $gidsetsize
+ list_uaddr = $grouplist
+ }
+probe kernel.syscall.setgroups16.return =
+ kernel.function("sys_setgroups16").return {
+ name = "setgroups16.return"
+ }
+# sethostname ________________________________________________
+/*
+ * asmlinkage long
+ * sys_sethostname(char __user *name,
+ * int len)
+ */
+probe kernel.syscall.sethostname =
+ kernel.function("sys_sethostname") {
+ name = "sethostname"
+ hostname_uaddr = $name
+ len = $len
+ }
+probe kernel.syscall.sethostname.return =
+ kernel.function("sys_sethostname").return {
+ name = "sethostname.return"
+ }
+# setitimer __________________________________________________
+/*
+ * asmlinkage long
+ * sys_setitimer(int which,
+ * struct itimerval __user *value,
+ * struct itimerval __user *ovalue)
+ */
+probe kernel.syscall.setitimer =
+ kernel.function("sys_setitimer") {
+ name = "setitimer"
+ which = $which
+ which_str = _itimer_which_str($which)
+ value_uaddr = $value
+ ovalue_uaddr = $ovalue
+ /*
+ * XXX NOT SAFE -- might sleep
+ * value_it_interval_tv_sec = __uget_itimerval_tv_m($value,0)
+ * value_it_interval_tv_usec = __uget_itimerval_tv_m($value,1)
+ * value_it_value_tv_sec = __uget_itimerval_tv_m($value,2)
+ * value_it_value_tv_usec = __uget_itimerval_tv_m($value,3)
+ * ovalue_it_interval_tv_sec = __uget_itimerval_tv_m($ovalue,0)
+ * ovalue_it_interval_tv_usec =__uget_itimerval_tv_m($ovalue,1)
+ * ovalue_it_value_tv_sec = __uget_itimerval_tv_m($ovalue,2)
+ * ovalue_it_value_tv_usec = __uget_itimerval_tv_m($ovalue,3)
+ */
+ }
+probe kernel.syscall.setitimer.return =
+ kernel.function("sys_setitimer").return {
+ name = "setitimer.return"
+ }
+# setpgid ____________________________________________________
+/*
+ * asmlinkage long
+ * sys_setpgid(pid_t pid,
+ * pid_t pgid)
+ */
+probe kernel.syscall.setpgid =
+ kernel.function("sys_setpgid") {
+ name = "setpgid"
+ pid = $pid
+ pgid = $pgid
+ }
+probe kernel.syscall.setpgid.return =
+ kernel.function("sys_setpgid").return {
+ name = "setpgid.return"
+ }
+# setpriority ________________________________________________
+/*
+ * asmlinkage long
+ * sys_setpriority(int which,
+ * int who,
+ * int niceval)
+ */
+probe kernel.syscall.setpriority =
+ kernel.function("sys_setpriority") {
+ name = "setpriority"
+ which = $which
+ which_str = _priority_which_str($which)
+ who = $who
+ prio = $niceval
+ }
+probe kernel.syscall.setpriority.return =
+ kernel.function("sys_setpriority").return {
+ name = "setpriority.return"
+ }
+# setregid ___________________________________________________
+/*
+ * asmlinkage long
+ * sys_setregid(gid_t rgid,
+ * gid_t egid)
+ */
+probe kernel.syscall.setregid =
+ kernel.function("sys_setregid") {
+ name = "setregid"
+ rgid = $rgid
+ egid = $egid
+ }
+probe kernel.syscall.setregid.return =
+ kernel.function("sys_setregid").return {
+ name = "setregid.return"
+ }
+# setregid16 _________________________________________________
+/*
+ * asmlinkage long
+ * sys_setregid16(old_gid_t rgid,
+ * old_gid_t egid)
+ */
+probe kernel.syscall.setregid16 =
+ kernel.function("sys_setregid") {
+ name = "setregid16"
+ rgid = $rgid
+ egid = $egid
+ }
+probe kernel.syscall.setregid16.return =
+ kernel.function("sys_setregid").return {
+ name = "setregid16.return"
+ }
+# setresgid __________________________________________________
+/*
+ * asmlinkage long
+ * sys_setresgid(gid_t rgid,
+ * gid_t egid,
+ * gid_t sgid)
+ */
+probe kernel.syscall.setresgid =
+ kernel.function("sys_setresgid") {
+ name = "setresgid"
+ rgid = $rgid
+ egid = $egid
+ sgid = $sgid
+}
+probe kernel.syscall.setresgid.return =
+ kernel.function("sys_setresgid").return {
+ name = "setresgid.return"
+ }
+# setresgid16 ________________________________________________
+/*
+ * asmlinkage long
+ * sys_setresgid16(old_gid_t rgid,
+ * old_gid_t egid,
+ * old_gid_t sgid)
+ */
+probe kernel.syscall.setresgid16 =
+ kernel.function("sys_setresgid") {
+ name = "setresgid16"
+ rgid = $rgid
+ egid = $egid
+ sgid = $sgid
+ }
+probe kernel.syscall.setresgid16.return =
+ kernel.function("sys_setresgid").return {
+ name = "setresgid16.return"
+ }
+# setresuid __________________________________________________
+/*
+ * asmlinkage long
+ * sys_setresuid(uid_t ruid,
+ * uid_t euid,
+ * uid_t suid)
+ */
+probe kernel.syscall.setresuid =
+ kernel.function("sys_setresuid") {
+ name = "setresuid"
+ ruid = $ruid
+ euid = $euid
+ suid = $suid
+ }
+probe kernel.syscall.setresuid.return =
+ kernel.function("sys_setresuid").return {
+ name = "setresuid.return"
+ }
+# setresuid16 ________________________________________________
+/*
+ * asmlinkage long
+ * sys_setresuid16(old_uid_t ruid,
+ * old_uid_t euid,
+ * old_uid_t suid)
+ */
+probe kernel.syscall.setresuid16 =
+ kernel.function("sys_setresuid") {
+ name = "setresuid16"
+ ruid = $ruid
+ euid = $euid
+ suid = $suid
+ }
+probe kernel.syscall.setresuid16.return =
+ kernel.function("sys_setresuid").return {
+ name = "setresuid16.return"
+ }
+# setreuid ___________________________________________________
+/*
+ * asmlinkage long
+ * sys_setreuid(uid_t ruid,
+ * uid_t euid)
+ */
+probe kernel.syscall.setreuid =
+ kernel.function("sys_setreuid") {
+ name = "setreuid"
+ ruid = $ruid
+ euid = $euid
+ }
+probe kernel.syscall.setreuid.return =
+ kernel.function("sys_setreuid").return {
+ name = "setreuid.return"
+ }
+# setreuid16 _________________________________________________
+/*
+ * asmlinkage long
+ * sys_setreuid16(old_uid_t ruid,
+ * old_uid_t euid)
+ */
+probe kernel.syscall.setreuid16 =
+ kernel.function("sys_setreuid") {
+ name = "setreuid16"
+ ruid = $ruid
+ euid = $euid
+ }
+probe kernel.syscall.setreuid16.return =
+ kernel.function("sys_setreuid").return {
+ name = "setreuid16.return"
+ }
+# setrlimit __________________________________________________
+/*
+ * asmlinkage long
+ * sys_setrlimit(unsigned int resource,
+ * struct rlimit __user *rlim)
+ */
+probe kernel.syscall.setrlimit =
+ kernel.function("sys_setrlimit") {
+ name = "setrlimit"
+ resource = $resource
+ resource_str = _rlimit_resource_str($resource)
+ rlim_uaddr = $rlim
+ }
+probe kernel.syscall.setrlimit.return =
+ kernel.function("sys_setrlimit").return {
+ name = "setrlimit.return"
+ }
+# setsid _____________________________________________________
+/*
+ * asmlinkage long
+ * sys_setsid(void)
+ */
+probe kernel.syscall.setsid =
+ kernel.function("sys_setsid") {
+ name = "setsid"
+ }
+probe kernel.syscall.setsid.return =
+ kernel.function("sys_setsid").return {
+ name = "setsid.return"
+ }
+# setsockopt _________________________________________________
+/*
+ * asmlinkage long
+ * sys_setsockopt(int fd,
+ * int level,
+ * int optname,
+ * char __user *optval,
+ * int optlen)
+ */
+probe kernel.syscall.setsockopt =
+ kernel.function("sys_setsockopt") {
+ name = "setsockopt"
+ fd = $fd
+ level = $level
+ level_str = _sockopt_level_str($level)
+ optname = $optname
+ optname_str = _sockopt_optname_str($optname)
+ optval_uaddr = $optval
+ optlen = $optlen
+ }
+probe kernel.syscall.setsockopt.return =
+ kernel.function("sys_setsockopt").return {
+ name = "setsockopt.return"
+ }
+# set_tid_address ____________________________________________
+/*
+ * asmlinkage long
+ * sys_set_tid_address(int __user *tidptr)
+ */
+probe kernel.syscall.set_tid_address =
+ kernel.function("sys_set_tid_address") {
+ name = "set_tid_address"
+ tidptr_uaddr = $tidptr
+ }
+probe kernel.syscall.set_tid_address.return =
+ kernel.function("sys_set_tid_address").return {
+ name = "set_tid_address.return"
+ }
+# settimeofday _______________________________________________
+/*
+ * asmlinkage long
+ * sys_settimeofday(struct timeval __user *tv,
+ * struct timezone __user *tz)
+ */
+probe kernel.syscall.settimeofday =
+ kernel.function("sys_settimeofday") {
+ name = "settimeofday"
+ tv_uaddr = $tv
+ tz_uaddr = $tz
+ /*
+ * XXX NOT SAFE -- might sleep
+ * tv_tv_sec = __uget_tv_m($tv,0)
+ * tv_tv_usec = __uget_tv_m($tv,1)
+ * tz_tz_minuteswest = __uget_tz_m($tz,0)
+ * tz_tz_dsttime = __uget_tz_m($tz,1)
+ */
+ }
+probe kernel.syscall.settimeofday.return =
+ kernel.function("sys_settimeofday").return {
+ name = "settimeofday.return"
+ }
+# setuid _____________________________________________________
+/*
+ * asmlinkage long
+ * sys_setuid(uid_t uid)
+ */
+probe kernel.syscall.setuid =
+ kernel.function("sys_setuid") {
+ name = "setuid"
+ uid = $uid
+ }
+probe kernel.syscall.setuid.return =
+ kernel.function("sys_setuid").return {
+ name = "setuid.return"
+ }
+# setuid16 ___________________________________________________
+/*
+ * asmlinkage long
+ * sys_setuid16(old_uid_t uid)
+ */
+probe kernel.syscall.setuid16 =
+ kernel.function("sys_setuid") {
+ name = "setuid16"
+ uid = $uid
+ }
+probe kernel.syscall.setuid16.return =
+ kernel.function("sys_setuid").return {
+ name = "setuid16.return"
+ }
+# setxattr ___________________________________________________
+/*
+ * asmlinkage long
+ * sys_setxattr(char __user *path,
+ * char __user *name,
+ * void __user *value,
+ * size_t size,
+ * int flags)
+ */
+probe kernel.syscall.setxattr =
+ kernel.function("sys_setxattr") {
+ name = "setxattr"
+ path_uaddr = $path
+ name_uaddr = $name
+ value_uaddr = $value
+ size = $size
+ flags = $flags
+ }
+probe kernel.syscall.setxattr.return =
+ kernel.function("sys_setxattr").return {
+ name = "setxattr.return"
+ }
+# sgetmask ___________________________________________________
+/*
+ * sys_sgetmask(void)
+ */
+probe kernel.syscall.sgetmask =
+ kernel.function("sys_sgetmask") {
+ name = "sgetmask"
+ }
+probe kernel.syscall.sgetmask.return =
+ kernel.function("sys_sgetmask").return {
+ name = "sgetmask.return"
+ }
+# shmctl _____________________________________________________
+/*
+ * asmlinkage long
+ * sys_shmctl (int shmid,
+ * int cmd,
+ * struct shmid_ds __user *buf)
+ */
+probe kernel.syscall.shmctl =
+ kernel.function("sys_shmctl") {
+ name = "shmctl"
+ shmid = $shmid
+ cmd = $cmd
+ buf_uaddr = $buf
+ }
+probe kernel.syscall.shmctl.return =
+ kernel.function("sys_shmctl").return {
+ name = "shmctl.return"
+ }
+# shmdt ______________________________________________________
+/*
+ * asmlinkage long
+ * sys_shmdt(char __user *shmaddr)
+ */
+probe kernel.syscall.shmdt =
+ kernel.function("sys_shmdt") {
+ name = "shmdt"
+ shmaddr_uaddr = $shmaddr
+ }
+probe kernel.syscall.shmdt.return =
+ kernel.function("sys_shmdt").return {
+ name = "shmdt.return"
+ }
+# shmget _____________________________________________________
+/*
+ * asmlinkage long
+ * sys_shmget (key_t key,
+ * size_t size,
+ * int shmflg)
+ */
+probe kernel.syscall.shmget =
+ kernel.function("sys_shmget") {
+ name = "shmget"
+ key = $key
+ size = $size
+ shmflg = $shmflg
+ }
+probe kernel.syscall.shmget.return =
+ kernel.function("sys_shmget").return {
+ name = "shmget.return"
+ }
+# shutdown ___________________________________________________
+/*
+ * asmlinkage long
+ * sys_shutdown(int fd,
+ * int how)
+ */
+probe kernel.syscall.shutdown =
+ kernel.function("sys_shutdown") {
+ name = "shutdown"
+ s = $fd
+ how = $how
+ how_str = _shutdown_how_str($how)
+ }
+probe kernel.syscall.shutdown.return =
+ kernel.function("sys_shutdown").return {
+ name = "shutdown.return"
+ }
+# signal _____________________________________________________
+/*
+ * asmlinkage unsigned long
+ * sys_signal(int sig,
+ * __sighandler_t handler)
+ */
+probe kernel.syscall.signal =
+ kernel.function("sys_signal") {
+ name = "signal"
+ sig = $sig
+ handler = $handler
+ }
+probe kernel.syscall.signal.return =
+ kernel.function("sys_signal").return {
+ name = "signal.return"
+ }
+# sigpending _________________________________________________
+/*
+ * long do_sigpending(void __user *set,
+ * unsigned long sigsetsize)
+ */
+probe kernel.syscall.sigpending =
+ kernel.function("do_sigpending") {
+ name = "sigpending"
+ /*
+ * NOTE
+ * set is defined as
+ * struct {
+ * unsigned long int __val[128];
+ * }
+ * theres is no practical way to export
+ * these values. Therefore just export
+ * addr, let the user take care of it
+ * with embedded C if need be.
+ */
+ set_uaddr = $set
+ }
+probe kernel.syscall.sigpending.return =
+ kernel.function("do_sigpending").return {
+ name = "sigpending.return"
+ }
+# sigprocmask ________________________________________________
+/*
+ * asmlinkage long
+ * sys_sigprocmask(int how,
+ * old_sigset_t __user *set,
+ * old_sigset_t __user *oset)
+ */
+probe kernel.syscall.sigprocmask =
+ kernel.function("sys_sigprocmask") {
+ name = "sigprocmask"
+ how = $how
+ how_str = _sigprocmask_how_str($how)
+ /*
+ * NOTE
+ * set and oset are defined as
+ * struct {
+ * unsigned long int __val[128];
+ * }
+ * theres is no practical way to export
+ * these values. Therefore just export
+ * addr, let the user take care of it
+ * with embedded C if need be.
+ */
+ set_uaddr = $set
+ oldset_uaddr = $oset
+ }
+probe kernel.syscall.sigprocmask.return =
+ kernel.function("sigprocmask").return {
+ name = "sigprocmask.return"
+ }
+# socket _____________________________________________________
+/*
+ * asmlinkage long
+ * sys_socket(int family,
+ * int type,
+ * int protocol)
+ */
+probe kernel.syscall.socket =
+ kernel.function("sys_socket") {
+ name = "socket"
+ family = $family
+ family_str = _sock_family_str($family)
+ type = $type
+ type_str = _sock_type_str($type)
+ protocol = $protocol
+ }
+probe kernel.syscall.socket.return =
+ kernel.function("sys_socket").return {
+ name = "socket.return"
+ }
+# socketcall _________________________________________________
+/*
+ * asmlinkage long
+ * sys_socketcall(int call,
+ * unsigned long __user *args)
+ */
+probe kernel.syscall.socketcall =
+ kernel.function("sys_socketcall") {
+ name = "socketcall"
+ call = $call
+ args_uaddr = $args
+ }
+probe kernel.syscall.socketcall.return =
+ kernel.function("sys_socketcall").return {
+ name = "socketcall.return"
+ }
+# socketpair _________________________________________________
+/*
+ * asmlinkage long
+ * sys_socketpair(int family,
+ * int type,
+ * int protocol,
+ * int __user *usockvec)
+ */
+probe kernel.syscall.socketpair =
+ kernel.function("sys_socketpair") {
+ name = "socketpair"
+ family = $family
+ family_str = _sock_family_str($family)
+ type = $type
+ type_str = _sock_type_str($type)
+ protocol = $protocol
+ sv_uaddr = $usockvec
+ }
+probe kernel.syscall.socketpair.return =
+ kernel.function("sys_socketpair").return {
+ name = "socketpair.return"
+ }
+# ssetmask ___________________________________________________
+/*
+ * asmlinkage long
+ * sys_ssetmask(int newmask)
+ */
+probe kernel.syscall.ssetmask =
+ kernel.function("sys_ssetmask") {
+ name = "ssetmask"
+ newmask = $newmask
+ }
+probe kernel.syscall.ssetmask.return =
+ kernel.function("sys_ssetmask").return {
+ name = "ssetmask.return"
+ }
+# stat _______________________________________________________
+/*
+ * asmlinkage long
+ * sys_stat(char __user * filename,
+ * struct __old_kernel_stat __user * statbuf)
+ */
+probe kernel.syscall.stat =
+ kernel.function("sys_stat") {
+ name = "stat"
+ filename_uaddr = $filename
+ buf_uaddr = $statbuf
+ }
+probe kernel.syscall.stat.return =
+ kernel.function("sys_stat").return {
+ name = "stat.return"
+ }
+# statfs _____________________________________________________
+/*
+ * asmlinkage long
+ * sys_statfs(const char __user * path,
+ * struct statfs __user * buf)
+ */
+probe kernel.syscall.statfs =
+ kernel.function("sys_statfs") {
+ name = "statfs"
+ path_uaddr = $path
+ buf_uaddr = $buf
+ }
+probe kernel.syscall.statfs.return =
+ kernel.function("sys_statfs").return {
+ name = "statfs.return"
+ }
+# statfs64 ___________________________________________________
+/*
+ * asmlinkage long
+ * sys_statfs64(const char __user *path,
+ * size_t sz,
+ * struct statfs64 __user *buf)
+ */
+probe kernel.syscall.statfs64 =
+ kernel.function("sys_statfs64") {
+ name = "statfs64"
+ path_uaddr = $path
+ sz = $sz
+ buf_uaddr = $buf
+ }
+probe kernel.syscall.statfs64.return =
+ kernel.function("sys_statfs64").return {
+ name = "statfs64.return"
+ }
+# stime ______________________________________________________
+/*
+ * asmlinkage long
+ * sys_stime(time_t __user *tptr)
+ */
+probe kernel.syscall.stime =
+ kernel.function("sys_stime") {
+ name = "stime"
+ t_uaddr = $tptr
+ /*
+ * XXX NOT SAFE -- might sleep
+ * t = __uget_num($tptr)
+ */
+ }
+probe kernel.syscall.stime.return =
+ kernel.function("sys_stime").return {
+ name = "stime.return"
+ }
+# swapoff ____________________________________________________
+/*
+ * asmlinkage long
+ * sys_swapoff(const char __user * specialfile)
+ */
+probe kernel.syscall.swapoff =
+ kernel.function("sys_swapoff") {
+ name = "swapoff"
+ path_uaddr = $specialfile
+ }
+probe kernel.syscall.swapoff.return =
+ kernel.function("sys_swapoff").return {
+ name = "swapoff.return"
+ }
+# swapon _____________________________________________________
+/*
+ * asmlinkage long
+ * sys_swapon(const char __user * specialfile,
+ * int swap_flags)
+ */
+probe kernel.syscall.swapon =
+ kernel.function("sys_swapon") {
+ name = "swapon"
+ path_uaddr = $specialfile
+ swapflags = $swap_flags
+ }
+probe kernel.syscall.swapon.return =
+ kernel.function("sys_swapon").return {
+ name = "swapon.return"
+ }
+# symlink ____________________________________________________
+/*
+ * asmlinkage long
+ * sys_symlink(const char __user * oldname,
+ * const char __user * newname)
+ */
+probe kernel.syscall.symlink =
+ kernel.function("sys_symlink") {
+ name = "symlink"
+ oldpath_uaddr = $oldname
+ newpath_uaddr = $newname
+ }
+probe kernel.syscall.symlink.return =
+ kernel.function("sys_symlink").return {
+ name = "symlink.return"
+ }
+# sync _______________________________________________________
+/*
+ * asmlinkage long
+ * sys_sync(void)
+ */
+probe kernel.syscall.sync =
+ kernel.function("do_sync") {
+ name = "sync"
+ wait = $wait
+ }
+probe kernel.syscall.sync.return =
+ kernel.function("do_sync").return {
+ name = "sync.return"
+ }
+# sysctl _____________________________________________________
+/*
+ * asmlinkage long
+ * sys_sysctl(struct __sysctl_args __user *args)
+ */
+probe kernel.syscall.sysctl =
+ kernel.function("sys_sysctl") {
+ name = "sysctl"
+ args_uaddr = $args
+ }
+probe kernel.syscall.sysctl.return =
+ kernel.function("sys_sysctl").return {
+ name = "sysctl.return"
+ }
+# sysfs ______________________________________________________
+/*
+ * asmlinkage long
+ * sys_sysfs(int option,
+ * unsigned long arg1,
+ * unsigned long arg2)
+ */
+probe kernel.syscall.sysfs =
+ kernel.function("sys_sysfs") {
+ name = "sysfs"
+ option = $option
+ arg1 = $arg1
+ arg2 = $arg2
+ }
+probe kernel.syscall.sysfs.return =
+ kernel.function("sys_sysfs").return {
+ name = "sysfs.return"
+ }
+# sysinfo ____________________________________________________
+/*
+ * asmlinkage long
+ * sys_sysinfo(struct sysinfo __user *info)
+ */
+probe kernel.syscall.sysinfo =
+ kernel.function("sys_sysinfo") {
+ name = "sysinfo"
+ info_uaddr = $info
+ }
+probe kernel.syscall.sysinfo.return =
+ kernel.function("sys_sysinfo").return {
+ name = "sysinfo.return"
+ }
+# syslog _____________________________________________________
+/*
+ * asmlinkage long
+ * sys_syslog(int type,
+ * char __user * buf,
+ * int len)
+ */
+probe kernel.syscall.syslog =
+ kernel.function("do_syslog") {
+ name = "syslog"
+ type = $type
+ bufp_uaddr = $buf
+ len = $len
+ }
+probe kernel.syscall.syslog.return =
+ kernel.function("do_syslog").return {
+ name = "syslog.return"
+ }
+# tgkill _____________________________________________________
+/*
+ * asmlinkage long
+ * sys_tgkill(int tgid,
+ * int pid,
+ * int sig)
+ */
+probe kernel.syscall.tgkill =
+ kernel.function("sys_tgkill") {
+ name = "tgkill"
+ tgid = $tgid
+ pid = $pid
+ sig = $sig
+ }
+probe kernel.syscall.tgkill.return =
+ kernel.function("sys_tgkill").return {
+ name = "tgkill.return"
+ }
+# time _______________________________________________________
+/*
+ * asmlinkage long
+ * sys_time(time_t __user * tloc)
+ */
+probe kernel.syscall.time =
+ kernel.function("sys_time") {
+ name = "time"
+ t_uaddr = $tloc
+ /*
+ * XXX NOT SAFE -- might sleep
+ * t = __uget_num($tloc)
+ */
+ }
+probe kernel.syscall.time.return =
+ kernel.function("sys_time").return {
+ name = "time.return"
+ }
+# timer_create _______________________________________________
+/*
+ * asmlinkage long
+ * sys_timer_create(clockid_t which_clock,
+ * struct sigevent __user *timer_event_spec,
+ * timer_t __user * created_timer_id)
+ */
+probe kernel.syscall.timer_create =
+ kernel.function("sys_timer_create") {
+ name = "timer_create"
+ clockid = $which_clock
+ clockid_str = _get_wc_str($which_clock)
+ evp_uaddr = $timer_event_spec
+ timerid_uaddr = $created_timer_id
+ /*
+ * XXX NOT SAFE -- might sleep
+ * timerid = __uget_num($created_timer_id)
+ */
+ }
+probe kernel.syscall.timer_create.return =
+ kernel.function("sys_timer_create").return {
+ name = "timer_create.return"
+ }
+# timer_delete _______________________________________________
+/*
+ * asmlinkage long
+ * sys_timer_delete(timer_t timer_id)
+ */
+probe kernel.syscall.timer_delete =
+ kernel.function("sys_timer_delete") {
+ name = "timer_delete"
+ timerid = $timer_id
+}
+probe kernel.syscall.timer_delete.return =
+ kernel.function("sys_timer_delete").return {
+ name = "timer_delete.return"
+ }
+# timer_getoverrun ___________________________________________
+/*
+ * asmlinkage long
+ * sys_timer_getoverrun(timer_t timer_id)
+ */
+probe kernel.syscall.timer_getoverrun =
+ kernel.function("sys_timer_getoverrun") {
+ name = "timer_getoverrun"
+ timerid = $timer_id
+ }
+probe kernel.syscall.timer_getoverrun.return =
+ kernel.function("sys_timer_getoverrun").return {
+ name = "timer_getoverrun.return"
+ }
+# timer_gettime ______________________________________________
+/*
+ * asmlinkage long
+ * sys_timer_gettime(timer_t timer_id,
+ * struct itimerspec __user *setting)
+ */
+probe kernel.syscall.timer_gettime =
+ kernel.function("sys_timer_gettime") {
+ name = "timer_gettime"
+ timerid = $timer_id
+ value_uaddr = $setting
+ /*
+ * XXX NOT SAFE -- might sleep
+ * value_it_interval_tv_sec = __uget_itimerspec_ts_m($setting,0)
+ * value_it_interval_tv_nsec =__uget_itimerspec_ts_m($setting,1)
+ * value_it_value_tv_sec = __uget_itimerspec_ts_m($setting,2)
+ * value_it_value_tv_nsec = __uget_itimerspec_ts_m($setting,3)
+ */
+ }
+probe kernel.syscall.timer_gettime.return =
+ kernel.function("sys_timer_gettime").return {
+ name = "timer_gettime.return"
+ }
+# timer_settime ______________________________________________
+/*
+ * asmlinkage long
+ * sys_timer_settime(timer_t timer_id,
+ * int flags,
+ * const struct itimerspec __user *new_setting,
+ * struct itimerspec __user *old_setting)
+ */
+probe kernel.syscall.timer_settime =
+ kernel.function("sys_timer_settime") {
+ name = "timer_settime"
+ timerid = $timer_id
+ flags = $flags
+ value_uaddr = $new_setting
+ ovalue_uaddr = $old_setting
+ }
+probe kernel.syscall.timer_settime.return =
+ kernel.function("sys_timer_settime").return {
+ name = "timer_settime.return"
+ }
+# times ______________________________________________________
+/*
+ * asmlinkage long
+ * sys_times(struct tms __user * tbuf)
+ */
+probe kernel.syscall.times =
+ kernel.function("sys_times") {
+ name = "times"
+ buf_uaddr = $tbuf
+ /*
+ * XXX NOT SAFE -- might sleep
+ * buf_tms_utime = __uget_tms_m($tbuf,0)
+ * buf_tms_stime = __uget_tms_m($tbuf,1)
+ * buf_tms_cutime = __uget_tms_m($tbuf,2)
+ * buf_tms_cstime = __uget_tms_m($tbuf,3)
+ */
+ }
+probe kernel.syscall.times.return =
+ kernel.function("sys_times").return {
+ name = "times.return"
+ }
+# tkill ______________________________________________________
+/*
+ * asmlinkage long
+ * sys_tkill(int pid,
+ * int sig)
+ */
+probe kernel.syscall.tkill =
+ kernel.function("sys_tkill") {
+ name = "tkill"
+ pid = $pid
+ sig = $sig
+ }
+probe kernel.syscall.tkill.return =
+ kernel.function("sys_tkill").return {
+ name = "tkill.return"
+ }
+# truncate ___________________________________________________
+/*
+ * asmlinkage long
+ * sys_truncate(const char __user * path,
+ * unsigned long length)
+ */
+probe kernel.syscall.truncate =
+ kernel.function("sys_truncate") {
+ name = "truncate"
+ path_uaddr = $path
+ length = $length
+ }
+probe kernel.syscall.truncate.return =
+ kernel.function("sys_truncate").return {
+ name = "truncate.return"
+ }
+# truncate64 _________________________________________________
+/*
+ * asmlinkage long
+ * sys_truncate64(const char __user * path,
+ * loff_t length)
+ */
+probe kernel.syscall.truncate64 =
+ kernel.function("sys_truncate") {
+ name = "truncate64"
+ path_uaddr = $path
+ length = $length
+ }
+probe kernel.syscall.truncate64.return =
+ kernel.function("sys_truncate").return {
+ name = "truncate64.return"
+ }
+# umount _____________________________________________________
+/*
+ * asmlinkage long
+ * sys_umount(char __user * name,
+ * int flags)
+ */
+probe kernel.syscall.umount =
+ kernel.function("sys_umount") {
+ name = "umount"
+ target_uaddr = $name
+ flags = $flags
+ flags_str = _mountflags_str($flags)
+ }
+probe kernel.syscall.umount.return =
+ kernel.function("sys_umount").return {
+ name = "umount.return"
+ }
+# uname ______________________________________________________
+/*
+ * asmlinkage int
+ * int sys_uname(struct old_utsname __user *name)
+ */
+probe kernel.syscall.uname =
+ kernel.function("sys_uname") {
+ name = "uname"
+ name_uaddr = $name
+ }
+probe kernel.syscall.uname.return =
+ kernel.function("sys_uname").return {
+ name = "uname.return"
+ }
+# unlink _____________________________________________________
+/*
+ * asmlinkage long
+ * sys_unlink(const char __user * pathname)
+ */
+probe kernel.syscall.unlink =
+ kernel.function("sys_unlink") {
+ name = "unlink"
+ pathname_uaddr = $pathname
+ }
+probe kernel.syscall.unlink.return =
+ kernel.function("sys_unlink").return {
+ name = "unlink.return"
+ }
+# uselib _____________________________________________________
+/*
+ * asmlinkage long
+ * sys_uselib(const char __user * library)
+ */
+probe kernel.syscall.uselib =
+ kernel.function("sys_uselib") {
+ name = "uselib"
+ library_uaddr = $library
+ }
+probe kernel.syscall.uselib.return =
+ kernel.function("sys_uselib").return {
+ name = "uselib.return"
+ }
+# ustat ______________________________________________________
+/*
+ * asmlinkage long
+ * sys_ustat(unsigned dev,
+ * struct ustat __user * ubuf)
+ */
+probe kernel.syscall.ustat =
+ kernel.function("sys_ustat") {
+ name = "ustat"
+ dev = $dev
+ ubuf_uaddr = $ubuf
+ }
+probe kernel.syscall.ustat.return =
+ kernel.function("sys_ustat").return {
+ name = "ustat.return"
+ }
+# utime ______________________________________________________
+/*
+ * asmlinkage long
+ * sys_utime(char __user * filename,
+ * struct utimbuf __user * times)
+ */
+probe kernel.syscall.utime =
+ kernel.function("sys_utime") {
+ name = "utime"
+ filename_uaddr = $filename
+ buf_uaddr = $times
+ }
+probe kernel.syscall.utime.return =
+ kernel.function("sys_utime").return {
+ name = "utime.return"
+ }
+# utimes _____________________________________________________
+/*
+ * asmlinkage long
+ * sys_utimes(char __user * filename,
+ * struct timeval __user * utimes)
+ */
+probe kernel.syscall.utimes =
+ kernel.function("sys_utimes") {
+ name = "utimes"
+ filename_uaddr = $filename
+ tvp_uaddr = $utimes
+ }
+probe kernel.syscall.utimes.return =
+ kernel.function("sys_utimes").return {
+ name = "utimes.return"
+ }
+# vfork ______________________________________________________
+/*
+ * asmlinkage long
+ * do_fork(unsigned long clone_flags,
+ * unsigned long stack_start,
+ * struct pt_regs *regs,
+ * unsigned long stack_size,
+ * int __user *parent_tidptr,
+ * int __user *child_tidptr)
+ */
+probe kernel.syscall.vfork =
+ kernel.function("do_fork") {
+ name = "vfork"
+ clone_flags = $clone_flags
+ /*
+ * unable to find local 'start_stack' (maybe i386 specific)
+ * start_stack = $start_stack
+ */
+ regs_uaddr = $regs
+ stack_size = $stack_size
+ parent_tid_uaddr = $parent_tidptr
+ child_tid_uaddr = $child_tidptr
+ }
+probe kernel.syscall.vfork.return =
+ kernel.function("do_fork").return {
+ name = "vfork.return"
+ }
+# vhangup ____________________________________________________
+/*
+ * asmlinkage long
+ * sys_vhangup(void)
+ */
+probe kernel.syscall.vhangup =
+ kernel.function("sys_vhangup") {
+ name = "vhangup"
+ }
+probe kernel.syscall.vhangup.return =
+ kernel.function("sys_vhangup").return {
+ name = "vhangup.return"
+ }
+# wait4 ______________________________________________________
+/*
+ * asmlinkage long
+ * sys_wait4(pid_t pid,
+ * int __user *stat_addr,
+ * int options,
+ * struct rusage __user *ru)
+ */
+probe kernel.syscall.wait4 =
+ kernel.function("sys_wait4") {
+ name = "wait4"
+ pid = $pid
+ status_uaddr = $stat_addr
+ options = $options
+ options_str = _wait4_opt_str($options)
+ rusage_uaddr = $ru
+ }
+probe kernel.syscall.wait4.return =
+ kernel.function("sys_wait4").return {
+ name = "wait4.return"
+ }
+# waitid _____________________________________________________
+/*
+ * asmlinkage long
+ * sys_waitid(int which,
+ * pid_t pid,
+ * struct siginfo __user *infop,
+ * int options,
+ * struct rusage __user *ru)
+ */
+probe kernel.syscall.waitid =
+ kernel.function("sys_waitid") {
+ name = "waitid"
+ which = $which
+ which_str = _waitid_which_str($which)
+ pid = $pid
+ infop_uaddr = $infop
+ options = $options
+ options_str = _wait4_opt_str($options)
+ }
+probe kernel.syscall.waitid.return =
+ kernel.function("sys_waitid").return {
+ name = "waitid.return"
+ }
+# waitpid ____________________________________________________
+/*
+ * asmlinkage long
+ * sys_wait4(pid_t pid,
+ * int __user *stat_addr,
+ * int options,
+ * struct rusage __user *ru)
+ */
+probe kernel.syscall.waitpid =
+ kernel.function("sys_wait4") {
+ name = "waitpid"
+ pid = $pid
+ status_uaddr = $stat_addr
+ options = $options
+ options_str = _wait4_opt_str($options)
+ rusage_uaddr = $ru
+ }
+probe kernel.syscall.waitpid.return =
+ kernel.function("sys_wait4").return {
+ name = "waitpid.return"
+ }
+# write ______________________________________________________
+/*
+ * asmlinkage ssize_t
+ * sys_write(unsigned int fd,
+ * const char __user * buf,
+ * size_t count)
+ */
+probe kernel.syscall.write =
+ kernel.function("sys_write") {
+ name = "write"
+ fd = $fd
+ buf_uaddr = $buf
+ count = $count
+ }
+probe kernel.syscall.write.return =
+ kernel.function("sys_write").return {
+ name = "write.return"
+ }
+# writev _____________________________________________________
+/*
+ * asmlinkage ssize_t
+ * sys_writev(unsigned long fd,
+ * const struct iovec __user *vec,
+ * unsigned long vlen)
+ */
+probe kernel.syscall.writev =
+ kernel.function("sys_writev") {
+ name = "writev"
+ fd = $fd
+ vector_uaddr = $vec
+ count = $vlen
+ }
+probe kernel.syscall.writev.return =
+ kernel.function("sys_writev").return {
+ name = "writev.return"
+ }
generated by cgit (git 2.34.1) at 2025-08-05 10:48:52 +0000