I have this rather simple script:
#!/usr/bin/bpftrace
tracepoint:syscalls:sys_enter_exec*
{
@start[pid] = nsecs;
printf("START;%-6d;", pid);
join(args->argv);
}
tracepoint:syscalls:sys_enter_exit*
{
$from = @start[pid];
$until = nsecs;
printf("STOP;%-5d;%-16d\n", pid, $until-$from);
}args->argv instead of printing the often multi-line join(args->argv).
Problem is that printf("START;%-6d;%s", pid, args->argv); doesn't work:
/tmp/foo.bt:5:5-48: ERROR: printf: %s specifier expects a value of type string (integer supplied)
printf("START;%-6d;%s", pid, args->argv);
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~args->argv is a string array, so this kind of surprises me. How do I solve this?
Asked by Marcus Müller
(47107 rep)
Sep 19, 2023, 09:49 AM
Last activity: Dec 14, 2023, 09:13 AM
Last activity: Dec 14, 2023, 09:13 AM