failed to load object './/sysmonEBPFkern4.17-5.1.o'

[polluxkj]

Hi, I've installed sysmonforlinux on Centos 8 Stream with kernel 4.18.0-408.el8.x86_64 #1 SMP and got error:

Feb 17 12:31:04 machine.themachine sysmon[444366]:  R0_w=inv(id=0) R6_rw=invP(id=43,smin_value=-4095,smax_value=4096) R7=inv(id=0,umax_value=4096,var_off=(0x0; 0xff>
Feb 17 12:31:04 machine.themachine sysmon[444366]: parent already had regs=0 stack=8000 marks
Feb 17 12:31:04 machine.themachine sysmon[444366]: 2149: (b7) r2 = 47
Feb 17 12:31:04 machine.themachine sysmon[444366]: 2150: (73) *(u8 *)(r1 +4095) = r2
Feb 17 12:31:04 machine.themachine sysmon[444366]:  R0=inv(id=45,smin_value=-4095,smax_value=4095) R1_w=map_value(id=0,off=0,ks=4,vs=8192,smin_value=-4095,smax_valu>
Feb 17 12:31:04 machine.themachine sysmon[444366]: R1 unbounded memory access, make sure to bounds check any such access
Feb 17 12:31:04 machine.themachine sysmon[444366]: processed 1320 insns (limit 1000000) max_states_per_insn 2 total_states 109 peak_states 109 mark_read 84
Feb 17 12:31:04 machine.themachine sysmon[444366]: libbpf: -- END LOG --
Feb 17 12:31:04 machine.themachine sysmon[444366]: **libbpf: failed to load program 'sysmon/ProcCreate/rawExit'**
Feb 17 12:31:04 machine.themachine sysmon[444366]: **libbpf: failed to load object './/sysmonEBPFkern4.17-5.1.o'**
Feb 17 12:31:04 machine.themachine sysmon[444366]: **ERROR: failed to load prog: 'Permission denied'**
Feb 17 12:31:04 machine.themachine sysmon[444322]: **Telemetry failed to start: eBPF object could not be loaded**

Please help kris

[phibid]

Duplicate of https://github.com/Sysinternals/SysmonForLinux/issues/65 it seems ?

Philippe.

[MarioHewardt]

Indeed, that looks like a dup. The fix has been pushed but you will need to build to get it. I'm hoping to push new packages out by end of next week (which will also include the BTF/CORE support).