testsuite/semok/four.stp


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23

#! semtest

# these will ultimately be somehow associated with "providers"
# and have a syntax of their own
global kernel_jiffies, kernel_current_comm;

function kernel_netlink(a, b) {
  # this should be a builtin function
  return 0
}

function stamp (syscall)
{
  return kernel_netlink (4, kernel_jiffies . " " . kernel_current_comm . " " . syscall)
}

# probe kernel:syscall:read = kernel:function("sys_read");


probe kernel:syscall:read
{ 
  stamp ("read");
}