diff --git a/src/bpf/hs_trace.bpf.c b/src/bpf/hs_trace.bpf.c index e3b9e91..44787a5 100644 --- a/src/bpf/hs_trace.bpf.c +++ b/src/bpf/hs_trace.bpf.c @@ -452,9 +452,6 @@ BPF_PROG(hs_trace_sys_exit, struct pt_regs *regs, long ret) #ifdef __NR_inotify_add_watch case __NR_inotify_add_watch: #endif -#ifdef __NR_execve - case __NR_execve: /* r_first_path_set */ -#endif #ifdef __NR_statfs case __NR_statfs: #endif @@ -556,6 +553,9 @@ BPF_PROG(hs_trace_sys_exit, struct pt_regs *regs, long ret) #endif #ifdef __NR_futimeat case __NR_futimeat: +#endif +#ifdef __NR_execve + case __NR_execve: /* r_first_path_set */ #endif break; default: diff --git a/src/dep_tracer.rs b/src/dep_tracer.rs index 02afddd..d81679b 100644 --- a/src/dep_tracer.rs +++ b/src/dep_tracer.rs @@ -163,8 +163,8 @@ impl Logs { pub fn update_log(&mut self, pid_tgid: u64, event: SyscallEvent) { self.log .entry(pid_tgid) - .and_modify(|vd| vd.push_back(event)) - .or_insert(VecDeque::new()); + .or_insert_with(|| VecDeque::new()) + .push_back(event); } pub fn dump_log(&mut self) {