drsyscall_record.h File Reference

Header for Dr. Syscall system call records. More...

#include <stdint.h>
#include "dr_api.h"

Data Structures
struct	syscall_record_t_

Macros
#define	SYSCALL_RECORD_CONTENT_SIZE_BYTES   (sizeof(uint8_t *) + sizeof(size_t))

Typedefs
typedef START_PACKED_STRUCTURE struct syscall_record_t_	syscall_record_t

Enumerations
enum	syscall_record_type_t {   DRSYS_SYSCALL_NUMBER_DEPRECATED = 1 ,   DRSYS_PRECALL_PARAM ,   DRSYS_POSTCALL_PARAM ,   DRSYS_MEMORY_CONTENT ,   DRSYS_RETURN_VALUE ,   DRSYS_RECORD_END_DEPRECATED ,   DRSYS_SYSCALL_NUMBER_TIMESTAMP ,   DRSYS_RECORD_END_TIMESTAMP }

Detailed Description

Header for Dr. Syscall system call records.

Macro Definition Documentation

SYSCALL_RECORD_CONTENT_SIZE_BYTES

#define SYSCALL_RECORD_CONTENT_SIZE_BYTES   (sizeof(uint8_t *) + sizeof(size_t))

To enable syscall_record_t to be default initialized reliably, a byte array is defined with the same length as the largest member of the union.

Typedef Documentation

syscall_record_t

typedef START_PACKED_STRUCTURE struct syscall_record_t_ syscall_record_t

Describes a system call number, parameter, memory region, or the return value.

Enumeration Type Documentation

syscall_record_type_t

enum syscall_record_type_t

The type of the syscall record.

Enumerator
DRSYS_SYSCALL_NUMBER_DEPRECATED	Deprecated: Replaced by DRSYS_SYSCALL_NUMBER_TIMESTAMP.
DRSYS_PRECALL_PARAM	Pre-syscall parameter.
DRSYS_POSTCALL_PARAM	Post-syscall parameter.
DRSYS_MEMORY_CONTENT	Memory address, size, and content.
DRSYS_RETURN_VALUE	Return value of the syscall.
DRSYS_RECORD_END_DEPRECATED	Deprecated: Replaced by DRSYS_RECORD_END_TIMESTAMP.
DRSYS_SYSCALL_NUMBER_TIMESTAMP	Start of a syscall with a timestamp.
DRSYS_RECORD_END_TIMESTAMP	End of a syscall with a timestamp.