]> sourceware.org Git - systemtap.git/blob - tapset/linux/x86_64/nd_syscalls.stp
git://sourceware.org / systemtap.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Align nd_syscall.mmap* and syscall.mmap* convenience vars lists.
[systemtap.git] / tapset / linux / x86_64 / nd_syscalls.stp
1 # x86_64-specific system calls
2
3 # arch_prctl _________________________________________________
4 # long sys_arch_prctl(int code, unsigned long addr)
5 #
6 # NOTE: x86_64 only.
7 #
8 probe nd_syscall.arch_prctl = kprobe.function("sys_arch_prctl")
9 {
10 name = "arch_prctl"
11 // code = $code
12 // addr = $addr
13 // argstr = sprintf("%d, %p", $code, $addr)
14 // NB: no asmlinkage()
15 code = int_arg(1)
16 code_str = _stp_arch_prctl_func_str(code)
17 addr = ulong_arg(2)
18 argstr = sprintf("%s, %u", code_str, addr)
19 }
20 probe nd_syscall.arch_prctl.return = kprobe.function("sys_arch_prctl").return
21 {
22 name = "arch_prctl"
23 retstr = returnstr(1)
24 }
25
26 # get_thread_area ____________________________________________
27 /*
28 * asmlinkage int
29 * sys_get_thread_area(struct user_desc __user *u_info)
30 * asmlinkage long sys32_get_thread_area(struct user_desc __user *u_info)
31 */
32 probe nd_syscall.get_thread_area = kprobe.function("sys_get_thread_area") ?,
33 kprobe.function("sys32_get_thread_area") ?
34 {
35 name = "get_thread_area"
36 asmlinkage()
37 u_info_uaddr = pointer_arg(1)
38 argstr = sprintf("%s", _struct_user_desc_u(u_info_uaddr))
39 }
40 probe nd_syscall.get_thread_area.return =
41 kprobe.function("sys_get_thread_area").return ?,
42 kprobe.function("sys32_get_thread_area").return ?
43 {
44 name = "get_thread_area"
45 retstr = returnstr(1)
46 }
47
48 # iopl _______________________________________________________
49 # long sys_iopl(unsigned int level, struct pt_regs *regs);
50 # NOTE. This function is only in i386 and x86_64 and its args vary
51 # between those two archs.
52 #
53 probe nd_syscall.iopl = kprobe.function("sys_iopl")
54 {
55 name = "iopl"
56 // level = (@defined($level) ? $level : $new_iopl)
57 asmlinkage()
58 level = uint_arg(1)
59 argstr = sprint(level)
60 }
61 probe nd_syscall.iopl.return = kprobe.function("sys_iopl").return
62 {
63 name = "iopl"
64 retstr = returnstr(1)
65 }
66
67 # set_thread_area ____________________________________________
68 /*
69 * asmlinkage int
70 * sys_set_thread_area(struct user_desc __user *u_info)
71 * asmlinkage long sys32_set_thread_area(struct user_desc __user *u_info)
72 */
73 probe nd_syscall.set_thread_area = kprobe.function("sys_set_thread_area") ?,
74 kprobe.function("sys32_set_thread_area") ?
75 {
76 name = "set_thread_area"
77 asmlinkage()
78 u_info_uaddr = pointer_arg(1)
79 argstr = sprintf("%s", _struct_user_desc_u(u_info_uaddr))
80 }
81 probe nd_syscall.set_thread_area.return =
82 kprobe.function("sys_set_thread_area").return ?,
83 kprobe.function("sys32_set_thread_area").return ?
84 {
85 name = "set_thread_area"
86 retstr = returnstr(1)
87 }
88
89 %( CONFIG_GENERIC_SIGALTSTACK == "n" || kernel_v < "3.8" %?
90 # sigaltstack ________________________________________________
91 # long sys_sigaltstack(const stack_t __user *uss, stack_t __user *uoss,
92 # struct pt_regs *regs)
93 #
94 # NOTE: args vary between archs.
95 #
96 probe nd_syscall.sigaltstack = kprobe.function("sys_sigaltstack"),
97 kprobe.function("sys32_sigaltstack").call ?
98 {
99 name = "sigaltstack"
100 asmlinkage()
101 uss_uaddr = pointer_arg(1)
102 uoss_uaddr = pointer_arg(2)
103 %(systemtap_v < "2.3" %?
104 regs_uaddr = pointer_arg(3)
105 regs = pointer_arg(3)
106 %)
107 argstr = sprintf("%s, %p",
108 (@__compat_task ? _stp_compat_sigaltstack_u(uss_uaddr)
109 : _stp_sigaltstack_u(uss_uaddr)), uoss_uaddr)
110 }
111 probe nd_syscall.sigaltstack.return = kprobe.function("sys_sigaltstack").return,
112 kprobe.function("sys32_sigaltstack").return ?
113 {
114 name = "sigaltstack"
115 retstr = returnstr(1)
116 }
117 %)
118
119 # sysctl _____________________________________________________
120 #
121 # long sys32_sysctl(struct sysctl_ia32 __user *args32)
122 #
123 probe nd_syscall.sysctl32 = kprobe.function("sys32_sysctl") ?
124 {
125 name = "sysctl"
126 // argstr = sprintf("%p", $args32)
127 asmlinkage()
128 argstr = sprintf("%p", pointer_arg(1))
129 }
130 probe nd_syscall.sysctl32.return = kprobe.function("sys32_sysctl").return ?
131 {
132 name = "sysctl"
133 retstr = returnstr(1)
134 }
135
136 # In kernels < 2.6.33, mmap()/mmap2() was handled by arch-specific
137 # code. In kernels >= 2.6.33, the arch-specific code just calls
138 # generic sys_mmap_pgoff().
139 %( kernel_v < "2.6.33" %?
140 # mmap
141 # long sys_mmap(unsigned long addr, unsigned long len,
142 # unsigned long prot, unsigned long flags,
143 # unsigned long fd, unsigned long off)
144 probe nd_syscall.mmap = kprobe.function("sys_mmap") ?
145 {
146 name = "mmap"
147 asmlinkage()
148 start = ulong_arg(1)
149 len = ulong_arg(2)
150 prot = ulong_arg(3)
151 flags = ulong_arg(4)
152 # Although the kernel gets an unsigned long fd, on the
153 # user-side it is a signed int. Fix this.
154 fd = int_arg(5)
155 offset = ulong_arg(6)
156 argstr = sprintf("%p, %u, %s, %s, %d, %d", start, len,
157 _mprotect_prot_str(prot), _mmap_flags(flags), fd, offset)
158 }
159 probe nd_syscall.mmap.return = kprobe.function("sys_mmap").return ?
160 {
161 name = "mmap"
162 retstr = returnstr(2)
163 }
164
165 #
166 # sys32_mmap(struct mmap_arg_struct __user *arg)
167 #
168 probe nd_syscall.mmap32 = kprobe.function("sys32_mmap")
169 {
170 name = "mmap"
171 asmlinkage()
172 __args = &@cast(pointer_arg(1), "unsigned int", "kernel<linux/types.h>")
173 start = user_uint32(&(__args)[0])
174 len = user_uint32(&(__args)[1])
175 prot = user_uint32(&(__args)[2])
176 flags = user_uint32(&(__args)[3])
177 fd = user_int(&(__args)[4])
178 offset = user_uint32(&(__args)[5])
179 argstr = sprintf("%p, %u, %s, %s, %d, %d", start, len,
180 _mprotect_prot_str(prot), _mmap_flags(flags),
181 fd, offset)
182 }
183 probe nd_syscall.mmap32.return = kprobe.function("sys32_mmap").return
184 {
185 name = "mmap"
186 retstr = returnstr(2)
187 }
188
189 # sys32_mmap2(unsigned long addr, unsigned long len,
190 # unsigned long prot, unsigned long flags,
191 # unsigned long fd, unsigned long pgoff)
192 #
193 probe nd_syscall.mmap2 = __nd_syscall.mmap2 ?, __nd_syscall.mmap_pgoff ?
194 {
195 @__syscall_compat_gate(%{ __NR_mmap2 %}, %{ __NR_ia32_mmap2 %})
196 name = "mmap2"
197 start = ulong_arg(1)
198 length = ulong_arg(2)
199 prot = ulong_arg(3)
200 prot_str = _mprotect_prot_str(prot)
201 flags = ulong_arg(4)
202 flags_str = _mmap_flags(flags)
203 fd = int_arg(5)
204 argstr = sprintf("%p, %u, %s, %s, %d, %d", start, length,
205 prot_str, flags_str, fd, pgoffset)
206 }
207 probe __nd_syscall.mmap2 = kprobe.function("sys32_mmap2")
208 {
209 asmlinkage()
210 pgoffset = ulong_arg(6)
211 }
212 probe __nd_syscall.mmap_pgoff = kprobe.function("sys_mmap_pgoff")
213 {
214 asmlinkage()
215 # $pgoff is the number of pages. Convert this back into a
216 # number of bytes.
217 pgoffset = ulong_arg(6) * %{ /* pure */ PAGE_SIZE %}
218 }
219 probe nd_syscall.mmap2.return = kprobe.function("sys32_mmap2").return ?,
220 kprobe.function("sys_mmap_pgoff").return ?
221 {
222 @__syscall_compat_gate(%{ __NR_mmap2 %}, %{ __NR_ia32_mmap2 %})
223 name = "mmap2"
224 retstr = returnstr(2)
225 }
226 %)
227
228 # vm86_warning _____________________________________________________
229 #
230 # long sys32_vm86_warning(void)
231 #
232 probe nd_syscall.vm86_warning = kprobe.function("sys32_vm86_warning") ?
233 {
234 name = "vm86_warning"
235 argstr = ""
236 }
237 probe nd_syscall.vm86_warning.return =
238 kprobe.function("sys32_vm86_warning").return ?
239 {
240 name = "wm86_warning"
241 retstr = returnstr(1)
242 }
243
244 # pipe _______________________________________________________
245 #
246 # long sys32_pipe(int __user *fd)
247 #
248 probe nd_syscall.pipe32 = kprobe.function("sys32_pipe")?
249 {
250 name = "pipe"
251 // argstr = sprintf("%p", $fd)
252 asmlinkage()
253 argstr = sprintf("%p", pointer_arg(1))
254 }
255 probe nd_syscall.pipe32.return = kprobe.function("sys32_pipe").return?
256 {
257 name = "pipe"
258 retstr = returnstr(1)
259 }
260
261 # ftruncate _______________________________________________________
262 #
263 # asmlinkage long sys32_ftruncate64(unsigned int fd, unsigned long offset_low,
264 # unsigned long offset_high)
265 #
266 probe nd_syscall.compat_ftruncate64 = kprobe.function("sys32_ftruncate64") ?
267 {
268 asmlinkage()
269 name = "ftruncate"
270 fd = int_arg(1)
271 length = ((uint_arg(3) << 32) | uint_arg(2))
272 argstr = sprintf("%d, %d", fd, length)
273 }
274 probe nd_syscall.compat_ftruncate64.return =
275 kprobe.function("sys32_ftruncate64").return ?
276 {
277 name = "ftruncate"
278 retstr = returnstr(1)
279 }
280
281 # truncate _______________________________________________________
282 #
283 # asmlinkage long sys32_truncate64(const char __user *filename,
284 # unsigned long offset_low,
285 # unsigned long offset_high)
286 #
287 probe nd_syscall.compat_truncate64 = kprobe.function("sys32_truncate64") ?
288 {
289 asmlinkage()
290 name = "truncate"
291 path_uaddr = pointer_arg(1)
292 path = user_string_quoted(path_uaddr)
293 length = ((uint_arg(3) << 32) | uint_arg(2))
294 argstr = sprintf("%s, %d", user_string_quoted(path_uaddr), length)
295 }
296 probe nd_syscall.compat_truncate64.return =
297 kprobe.function("sys32_truncate64").return ?
298 {
299 name = "truncate"
300 retstr = returnstr(1)
301 }
302
303 # fadvise64 _______________________________________________________
304 #
305 # asmlinkage long sys32_fadvise64(int fd, unsigned offset_lo,
306 # unsigned offset_hi,
307 # size_t len, int advice)
308 #
309 probe nd_syscall.compat_fadvise64 = kprobe.function("sys32_fadvise64") ?
310 {
311 asmlinkage()
312 name = "fadvise64"
313 fd = int_arg(1)
314 offset = ((uint_arg(3) << 32) | uint_arg(2))
315 len = int_arg(4)
316 advice = int_arg(5)
317 argstr = sprintf("%d, %d, %d, %s", fd, offset, len,
318 _fadvice_advice_str(advice))
319 }
320 probe nd_syscall.compat_fadvise64.return =
321 kprobe.function("sys32_fadvise64").return ?
322 {
323 name = "fadvise64"
324 retstr = returnstr(1)
325 }
326
327 # fadvise64_64 __________________________________________________
328 #
329 # long sys32_fadvise64_64(int fd, __u32 offset_low, __u32 offset_high,
330 # __u32 len_low, __u32 len_high, int advice)
331 probe nd_syscall.compat_fadvise64_64 = kprobe.function("sys32_fadvise64_64") ?
332 {
333 name = "fadvise64"
334 fd = int_arg(1)
335 offset = ((uint_arg(3) << 32) | uint_arg(2))
336 len = ((uint_arg(5) << 32) | uint_arg(4))
337 advice = int_arg(6)
338 argstr = sprintf("%d, %d, %d, %s", fd, offset, len,
339 _fadvice_advice_str(advice))
340 }
341 probe nd_syscall.compat_fadvise64_64.return =
342 kprobe.function("sys32_fadvise64_64").return ?
343 {
344 name = "fadvise64"
345 retstr = returnstr(1)
346 }
347
348 # readahead __________________________________________________
349 #
350 # asmlinkage ssize_t
351 # ssize_t sys32_readahead(int fd, unsigned off_lo, unsigned off_hi, size_t count)
352 #
353 probe nd_syscall.compat_readahead = kprobe.function("sys32_readahead") ?
354 {
355 name = "readahead"
356 asmlinkage()
357 fd = int_arg(1)
358 offset = ((uint_arg(3) << 32) | uint_arg(2))
359 count = ulong_arg(4)
360 argstr = sprintf("%d, %d, %u", fd, offset, count)
361 }
362 probe nd_syscall.compat_readahead.return =
363 kprobe.function("sys32_readahead").return ?
364 {
365 name = "readahead"
366 retstr = returnstr(1)
367 }
368
369 # fallocate __________________________________________________
370 #
371 # asmlinkage long sys32_fallocate(int fd, int mode, unsigned offset_lo,
372 # unsigned offset_hi, unsigned len_lo,
373 # unsigned len_hi)
374 probe nd_syscall.compat_fallocate = kprobe.function("sys32_fallocate") ?
375 {
376 asmlinkage()
377 name = "fallocate"
378 fd = int_arg(1)
379 mode = int_arg(2)
380 offset = ((uint_arg(4) << 32) | uint_arg(3))
381 len = ((uint_arg(6) << 32) | uint_arg(5))
382 argstr = sprintf("%d, %s, %#x, %u", fd, _stp_fallocate_mode_str(mode),
383 offset, len)
384 }
385 probe nd_syscall.compat_fallocate.return =
386 kprobe.function("sys32_fallocate").return ?
387 {
388 name = "fallocate"
389 retstr = returnstr(1)
390 }
391
392 %( kernel_v < "3.7" %?
393 # execve _____________________________________________________
394 #
395 # In kernels < 3.7, sys_execve() was in arch-specific code (and had
396 # varying arguments). It was just a wrapper around generic
397 # do_execve(), but the wrapper could error out before calling
398 # do_execve(). So, we'll have to handle it in arch-specific tapset
399 # code to catch all calls.
400 #
401 # long sys_execve(char __user *name, char __user * __user *argv,
402 # char __user * __user *envp, struct pt_regs regs)
403 probe nd_syscall.execve = kprobe.function("sys_execve")
404 {
405 name = "execve"
406 filename = user_string_quoted(pointer_arg(1))
407 args = __get_argv(pointer_arg(2), 0)
408 env_str = __count_envp(pointer_arg(3))
409 argstr = sprintf("%s, %s, %s", filename, args, env_str)
410 }
411 probe nd_syscall.execve.return = kprobe.function("sys_execve").return
412 {
413 name = "execve"
414 retstr = returnstr(1)
415 }
416
417 # execve _____________________________________________________
418 #
419 # asmlinkage long sys32_execve(char __user *name, compat_uptr_t __user *argv,
420 # compat_uptr_t __user *envp, struct pt_regs *regs)
421 probe nd_syscall.compat_execve = kprobe.function("sys32_execve") ?
422 {
423 asmlinkage()
424 name = "execve"
425 filename = user_string_quoted(pointer_arg(1))
426 args = __get_compat_argv(pointer_arg(2), 0)
427 env_str = __count_compat_envp(pointer_arg(3))
428 argstr = sprintf("%s, %s, %s", filename, args, env_str)
429 }
430 probe nd_syscall.compat_execve.return = kprobe.function("sys32_execve").return ?
431 {
432 name = "execve"
433 retstr = returnstr(1)
434 }
435 %)
436
437 # lookup_dcookie _____________________________________________
438 # COMPAT_SYSCALL_DEFINE4(lookup_dcookie, u32, w0, u32, w1, char __user *,
439 # buf, compat_size_t, len)
440 # long sys32_lookup_dcookie(u32 addr_low, u32 addr_high, char __user *buf,
441 # size_t len)
442 #
443 probe nd_syscall.compat_lookup_dcookie =
444 kprobe.function("compat_sys_lookup_dcookie") ?,
445 kprobe.function("sys32_lookup_dcookie") ?
446 {
447 name = "lookup_dcookie"
448 asmlinkage()
449 cookie = ((uint_arg(2) << 32) | uint_arg(1))
450 buffer_uaddr = pointer_arg(3)
451 len = ulong_arg(4)
452 argstr = sprintf("%#lx, %p, %#x", cookie, buffer_uaddr, len)
453 }
454 probe nd_syscall.compat_lookup_dcookie.return =
455 kprobe.function("compat_sys_lookup_dcookie").return ?,
456 kprobe.function("sys32_lookup_dcookie").return ?
457 {
458 name = "lookup_dcookie"
459 retstr = returnstr(1)
460 }
461
systemtap: system-wide probe/trace tool
This page took 0.057309 seconds and 5 git commands to generate.