Hacker News new | ask | show | jobs
by zokier 3191 days ago
So the issues noticed so far:

* Missing syscalls

* Wrong syscall numbers

* Wrong calling convention

* Links to source are to wrong version

Does the table get actually anything right? I mean this is pretty spectacular cascade of failures.
1 comments
Skunkleton 3191 days ago
At least for x86, you can get this same information fairly easily directly from the source. The table is located at arch/x86/entry/syscalls/syscall_64.tbl, from there you can grep for the function with git grep. For example, git grep 'SYSCALL_DEFINE.*read'.
link
tomsthumb 3191 days ago
why bother with git grep vs. just vanilla grep. i could see the use if you're working with an older binary, but you didn't mention.
link
Skunkleton 3191 days ago
If you ran something like grep -r SYSCALL_DEFINE.read from the top level of the linux source it would search through not just your source code, but also all of the artifacts of building the kernel. Basically, git grep is faster in this case because it filters the searched files down to only ones that are checked in. You could achieve a similar effect with standard tools like this: find -type f -regex '.\.[hc]' | xargs grep 'SYSCALL_DEFINE.*read'
link
leni536 3191 days ago 

    grep -r --include='*.[hc]' 'SYSCALL_DEFINE.*read'
link
Skunkleton 3190 days ago
Nice. I hadn't used --include before.
link
bmn__ 3191 days ago
See also: programmer's grep clones. https://beyondgrep.com/more-tools/#Other%20grep-like%20tools

They work fine even where git-grep is not an option. Example:

    ack 'SYSCALL_DEFINE.*read'
link