anakryiko
commented
1 year ago It seems like your kernel doesn't support one of BPF features required for retsnoop to work. Can you try on newer kernel?
Closed constantmanish closed 1 year ago
anakryiko
commented
1 year ago It seems like your kernel doesn't support one of BPF features required for retsnoop to work. Can you try on newer kernel?
anakryiko
commented
1 year ago I've just added a bit more graceful handling of this condition in https://github.com/anakryiko/retsnoop/commit/8c8cf83fe07969638f4438c5e797e3b274711fae, but ultimately you'll need newer Linux kernel, unfortunately.
I am trying to run retsnoop with the binary provided . This is resulting into segmentation fault.
./retsnoop(1) -e sched --lbr
Segmentation fault (core dumped)
(gdb) run -e sched --lbr Starting program: /home/support/retsnoop(1) -e sched --lbr
Program received signal SIGSEGV, Segmentation fault. 0x0000000000406338 in detect_kernel_features () at retsnoop.c:1795 1795 retsnoop.c: No such file or directory.
I ran this on gdb to see where we are having segfault and can see above output. What should i do here to run this properly??