Closed ccb3 closed 6 years ago
Was trying to do some syscall counter today and noticed that in one of my cases the strcmp function in the filter section did not work. Consider the following failing example
kprobe:sys_* / strcmp(comm, "ply") / { @[caller] = count(); }
However, the following example works perfectly well where I changed the map to comm instead of caller.
kprobe:sys_* / strcmp(comm, "ply") / { @[comm] = count(); }
Also, removing the strcmp filter works without any problems even when using caller in the map, thus turning my suspission towards the strcmp function.
Was trying to do some syscall counter today and noticed that in one of my cases the strcmp function in the filter section did not work. Consider the following failing example
However, the following example works perfectly well where I changed the map to comm instead of caller.
Also, removing the strcmp filter works without any problems even when using caller in the map, thus turning my suspission towards the strcmp function.