Missing sys_enter_open events
sahil aggarwal
sahil.agg15 at gmail.com
Fri Mar 13 04:16:06 EDT 2015
Hi all
I am doing ftrace to track files being opened and mapped by process
but sys_enter_open is getting missed and getname is being traced which
is called by sys_open only. What is happening.?
mem-2474 [005] 681774.985957: getnameprobe: (sys_execve+0x21/0x5a <-
getname) arg1="bin/mem"
mem-2474 [001] 683183.894867: sync_read:
(vfs_read+0xab/0x107 <- do_sync_read) arg1=80
mem-2474 [001] 683183.894900: sync_read:
(vfs_read+0xab/0x107 <- do_sync_read) arg1=1c0
mem-2474 [001] 683183.894902: sync_read:
(vfs_read+0xab/0x107 <- do_sync_read) arg1=1c
mem-2474 [001] 683183.894913: sync_read:
(vfs_read+0xab/0x107 <- do_sync_read) arg1=80
mem-2474 [001] 683183.895113: sync_read:
(vfs_read+0xab/0x107 <- do_sync_read) arg1=188
mem-2474 [001] 683183.895275: getnameprobe:
(do_sys_open+0x3b/0x105 <- getname) arg1="/etc/ld.so.cache"
mem-2474 [001] 683183.895316: getnameprobe:
(do_sys_open+0x3b/0x105 <- getname) arg1="/lib/libc.so.6"
mem-2474 [001] 683183.895321: sys_read(fd: 4, buf:
7fff8461a0f8, count: 340)
mem-2474 [001] 683183.895328: sync_read:
(vfs_read+0xab/0x107 <- do_sync_read) arg1=340
More information about the Kernelnewbies
mailing list