Search code examples
linuxlinux-kernellttng

LTTng 2.0 : sys_unknown system calls


I am using LTTng 2.0 to track the events that occur when I click my USB mouse. The trace that I get is something like this (unwanted lines have been removed):

irq_handler_entry   name=i8042, irq-12
irq_handler_exit    Irq-12, ret=1 (handled)
exit_syscall        ret=1104
sys_unknown         Id=18, args={3, 140405224710240, 1024, 59772114944, 1024, 140405251328896}
exit_syscall        Ret=1024
sys_unknown         Id=18, args={3, 140405255394560, 1024, 3256243200, 2048, 1}
exit_syscall        Ret=1024
sys_unknown         Id=18, args={3, 140405255394560, 1024, 3256243200, 2048, 1}
exit_syscall        Ret=1024
sys_unknown         Id=18, args={3, 140405255303968, 1024, 3256252416, 1024, 1}
exit_syscall        Ret=1024
sys_writev          Vec=140737365122800, vlen=2, fd=4
exit_syscall        Ret=24
sys_read            Buf=140405224710160, count=135168, fd=4

This is the portion of the trace that starts when I get an IRQ 12 (mouse interrupt), I am trying to follow the events that occur after that but I can't seem to resolve the "sys_unknown" part of it. I would appreciate any sort of help.

Thanks!


Solution

  • The "id" field indicates the system call number. System calls for which probes are not yet implemented within LTTng 2.x appear as "sys_unknown".

    The mapping between system call ID and its actual name can be done manually by looking at your architecture-specific unistd.h file, usually installed system-wide. For instance, on x86-64, I can find this information within: /usr/include/asm/unistd_64.h