# getgroups16 ________________________________________________
# long sys_getgroups16(int gidsetsize, old_gid_t __user *grouplist)
probe syscall.getgroups16 = kernel.function("sys_getgroups16") {
	name = "getgroups16"
	size = $gidsetsize
	list_uaddr = $grouplist
	argstr = sprintf("%d, %p", size, list_uaddr)
}
probe syscall.getgroups16.return = kernel.function("sys_getgroups16").return {
	name = "getgroups16"
	retstr = returnstr(1)
}

# setgroups16 ________________________________________________
#
# asmlinkage long
# sys_setgroups16(int gidsetsize,
#		     old_gid_t __user *grouplist)
#
probe syscall.setgroups16 = kernel.function("sys_setgroups16") {
	name = "setgroups16"
	size = $gidsetsize
	list_uaddr = $grouplist
	argstr = ""
}
probe syscall.setgroups16.return = kernel.function("sys_setgroups16").return {
	name = "setgroups16"
	retstr = returnstr(1)
}



# quotactl ___________________________________________________
#
# asmlinkage long
# sys_quotactl(unsigned int cmd,
#		  const char __user *special,
#		  qid_t id,
#		  void __user *addr)
#
probe syscall.quotactl = kernel.function("sys_quotactl") {
	name = "quotactl"
	cmd = $cmd
	cmd_str = _quotactl_cmd_str($cmd)
	special_str = user_string($special)
	id = $id
	addr_uaddr = $addr
	argstr = sprintf("%s, %s, %p, %p", cmd_str, special_str,
				id, addr_uaddr)
}
probe syscall.quotactl.return = kernel.function("sys_quotactl").return {
	name = "quotactl"
	retstr = returnstr(1)
}

# request_key ________________________________________________
#
# asmlinkage long
# sys_request_key(const char __user *_type,
#		     const char __user *_description,
#		     const char __user *_callout_info,
#		     key_serial_t destringid)
#

probe syscall.request_key = kernel.function("sys_request_key")? {
	name = "request_key"
	type_uaddr = $_type
	description_uaddr = $_description
	callout_info_uaddr = $_callout_info
	destringid = $destringid
	argstr = sprintf("%p, %p, %p, %p", type_uaddr,
			description_uaddr, callout_info_uaddr, destringid)
}
probe syscall.request_key.return = kernel.function("sys_request_key").return? {
	name = "request_key"
	retstr = returnstr(1)
}

# fcntl64 ____________________________________________________
/*
 * asmlinkage long
 * sys_fcntl64(unsigned int fd,
 *             unsigned int cmd,
 *             unsigned long arg)
 */
probe syscall.fcntl64 = kernel.function("sys_fcntl64") {
name = "fcntl64"
	fd = $fd
	cmd = $cmd
	cmd_str = _fcntl_cmd_str($cmd)
	arg = $arg
	argstr = sprintf("%d, %s, %p", $fd, cmd_str, $arg)
}
probe syscall.fcntl64.return = kernel.function("sys_fcntl64").return {
	name = "fcntl64"
	retstr = returnstr(1)
}
# get_thread_area ____________________________________________
/*
 * asmlinkage int
 * sys_get_thread_area(struct user_desc __user *u_info)
 */
probe syscall.get_thread_area = kernel.function("sys_get_thread_area") {
	name = "get_thread_area"
	u_info_uaddr = $u_info
	argstr = sprintf("%p", u_info_uaddr)
}
probe syscall.get_thread_area.return =
	kernel.function("sys_get_thread_area").return {
	name = "get_thread_area"
	retstr = returnstr(1)
}
# inotify_add_watch __________________________________________
/*
 * asmlinkage long
 * sys_inotify_add_watch(int fd,
 *                       const char __user *path,
 *                       u32 mask)
 */
probe syscall.inotify_add_watch =
	kernel.function("sys_inotify_add_watch") {
	name = "inotify_add_watch"
	fd = $fd
	path_uaddr = $path
	path = user_string($path)
	mask = $mask
	argstr = sprintf("%d, %s, %d", $fd, path, $mask)
}
probe syscall.inotify_add_watch.return =
	kernel.function("sys_inotify_add_watch").return {
	name = "inotify_add_watch"
	retstr = returnstr(1)
}
# inotify_init _______________________________________________
/*
 * asmlinkage long
 * sys_inotify_init(void)
 *
 */
probe syscall.inotify_init = kernel.function("sys_inotify_init") {
	name = "inotify_init"
}
probe syscall.inotify_init.return =
	kernel.function("sys_inotify_init").return {
	name = "inotify_init"
	retstr = returnstr(1)
}
# inotify_rm_watch ___________________________________________
/*
 * asmlinkage long
 * sys_inotify_rm_watch(int fd,
 *                      u32 wd)
 */
probe syscall.inotify_rm_watch =
	kernel.function("sys_inotify_rm_watch") {
	name = "inotify_rm_watch"
	fd = $fd
	wd = $wd
	argstr = sprintf("%d, %d", $fd, $wd)
}
probe syscall.inotify_rm_watch.return =
	kernel.function("sys_inotify_rm_watch").return {
	name = "inotify_rm_watch"
	retstr = returnstr(1)
}

# iopl _______________________________________________________
# long sys_iopl(unsigned long unused)
# NOTE. This function is only in i386 and x86_64 and its args vary
# between those two archs.
#
probe syscall.iopl = kernel.function("sys_iopl") {
	name = "iopl"
	argstr = ""
}
probe syscall.iopl.return = kernel.function("sys_iopl").return {
	name = "iopl"
	retstr = returnstr(1)
}

# ipc ________________________________________________________
/*
 * asmlinkage int
 * sys_ipc(uint call,
 *         int first,
 *         int second,
 *         int third,
 *         void __user *ptr,
 *         long fifth)
 */
probe syscall.ipc = kernel.function("sys_ipc") {
	name = "ipc"
	call = $call
	first = $first
	second = $second
	third = $third
	ptr_uaddr = $ptr
	fifth = $fifth
	argstr = sprintf("%d, %d, %d, %d, %p, %d", $call, $first,
			$second, $third, ptr_uaddr, $fifth)
}
probe syscall.ipc.return = kernel.function("sys_ipc").return {
	name = "ipc"
	retstr = returnstr(1)
}
# olduname ___________________________________________________
/*
 * asmlinkage long
 * sys_olduname(struct new_utsname __user * name)
 */
probe syscall.olduname = kernel.function("sys_olduname") {
	name = "olduname"
	name_uaddr = $name
	argstr = sprintf("%p", name_uaddr)
}
probe syscall.olduname.return = kernel.function("sys_olduname").return {
	name = "olduname"
	retstr = returnstr(1)
}

# sched_setparam _____________________________________________
/*
 * asmlinkage long
 * sys_sched_setparam(pid_t pid,
 *                    struct sched_param __user *param)
 */
probe syscall.sched_setparam =
	kernel.function("do_sched_setscheduler") {
	name = "sched_setparam"
	pid = $pid
	p_uaddr = $param
	argstr = sprintf("%d, %p", $pid, p_uaddr)
}
probe syscall.sched_setparam.return =
	kernel.function("do_sched_setscheduler").return {
	name = "sched_setparam"
	retstr = returnstr(1)
}
# sched_setscheduler _________________________________________
/*
 * asmlinkage long
 * sys_sched_setscheduler(pid_t pid,
 *                        int policy,
 *                        struct sched_param __user *param)
 */
probe syscall.sched_setscheduler =
	kernel.function("do_sched_setscheduler") {
	name = "sched_setscheduler"
	pid = $pid
	policy = $policy
	policy_str = _sched_policy_str($policy)
	p_uaddr = $param
	argstr = sprintf("%d, %s, %p", $pid, policy_str, p_uaddr)
}
probe syscall.sched_setscheduler.return =
	kernel.function("do_sched_setscheduler").return {
	name = "sched_setscheduler"
	retstr = returnstr(1)
}
# set_thread_area ____________________________________________
/*
 * asmlinkage int
 * sys_set_thread_area(struct user_desc __user *u_info)
 */
probe syscall.set_thread_area =
	kernel.function("sys_set_thread_area") {
	name = "set_thread_area"
	u_info_uaddr = $u_info
	argstr = sprintf("%p", u_info_uaddr)
}
probe syscall.set_thread_area.return =
	kernel.function("sys_set_thread_area").return {
	name = "set_thread_area"
	retstr = returnstr(1)
}
# set_zone_reclaim ___________________________________________
/*
 * asmlinkage long
 * sys_set_zone_reclaim(unsigned int node,
 *                      unsigned int zone,
 *                      unsigned int state)
 */
%( kernel_v  < "2.6.15" %?
probe syscall.set_zone_reclaim =
	kernel.function("sys_set_zone_reclaim") {
	name = "set_zone_reclaim"
	node = $node
	zone = $zone
	state = $state
	argstr = sprintf("%d, %d, %d", $node, $zone, $state)
}
probe syscall.set_zone_reclaim.return =
	kernel.function("sys_set_zone_reclaim").return {
	name = "set_zone_reclaim"
	retstr = returnstr(1)
}
%)
# shmat ______________________________________________________
/*
 * asmlinkage long
 * sys_shmat(int shmid,
 *           char __user *shmaddr,
 *           int shmflg)
 */
probe syscall.shmat =
	kernel.function("sys_shmat") {
	name = "shmat"
	shmid = $shmid
	shmaddr_uaddr = $shmaddr
	shmflg = $shmflg
	argstr = sprintf("%d, %p, %d", $shmid, shmaddr_uaddr, $shmflg)
}
probe syscall.shmat.return =
	kernel.function("sys_shmat").return {
	name = "shmat"
	retstr = returnstr(1)
}

# sigaction __________________________________________________
# int sys_sigaction(int sig,
#               const struct old_sigaction __user *act,
#               struct old_sigaction __user *oact)
#
probe syscall.sigaction =
	kernel.function("sys_sigaction") {
	name = "sigaction"
	sig = $sig
	act_uaddr = $act
	oact_uaddr = $oact
	# FIXME - decode $act
	argstr = sprintf("%s, %p, %p", _signal_name($sig), $act, $oact)
}
probe syscall.sigaction.return =
	kernel.function("sys_sigaction").return {
	name = "sigaction"
	retstr = returnstr(1)
}

# sigaltstack ________________________________________________
# int sys_sigaltstack(unsigned long ebx)
#
# NOTE: args vary between archs.
#
probe syscall.sigaltstack = kernel.function("sys_sigaltstack") {
	name = "sigaltstack"
	ebx = $ebx
	argstr = sprintf("%p", $ebx)
}
probe syscall.sigaltstack.return = kernel.function("sys_sigaltstack").return {
	name = "sigaltstack"
	retstr = returnstr(1)
}

# sigreturn __________________________________________________
/*
 * asmlinkage int
 * sys_sigreturn(unsigned long __unused)
 */
probe syscall.sigreturn =
	kernel.function("sys_sigreturn") {
	name = "sigreturn"
	__unused = $__unused
	argstr = sprint($__unused)
}
probe syscall.sigreturn.return =
	kernel.function("sys_sigreturn").return {
	name = "sigreturn.return"
}
# sigsuspend _________________________________________________
/*
 * asmlinkage int
 * sys_sigsuspend(int history0,
 *                int history1,
 *                old_sigset_t mask)
 */
probe syscall.sigsuspend =
	kernel.function("sys_sigsuspend") {
	name = "sigsuspend"
	history0 = $history0
	history1 = $history1
	mask = $mask
	argstr = sprintf("%d, %d, %p", $history0, $history1, $mask)
}
probe syscall.sigsuspend.return =
	kernel.function("sys_sigsuspend").return {
	name = "sigsuspend"
	retstr = returnstr(1)
}

# vm86 _______________________________________________________
/*
 * asmlinkage int
 * sys_vm86(struct pt_regs regs)
 */
probe syscall.vm86 = kernel.function("sys_vm86") {
	name = "vm86"
      /*
       * unsupported type identifier '$regs'
       * regs = $regs
       */
}
probe syscall.vm86.return = kernel.function("sys_vm86").return {
	name = "vm86"
	retstr = returnstr(1)
}
# vm86old ____________________________________________________
/*
 * asmlinkage int
 * sys_vm86old(struct pt_regs regs)
 */
probe syscall.vm86old = kernel.function("sys_vm86old") {
	name = "vm86old"
      /*
       * unsupported type identifier '$regs'
       * regs = $regs
       */
}
probe syscall.vm86old.return = kernel.function("sys_vm86old").return {
	name = "vm86old"
	retstr = returnstr(1)
}