search

anakryiko / retsnoop

Investigate kernel error call stacks
BSD 2-Clause "Simplified" License
209 stars 34 forks source link

verifier error: Infinite lop #79

Closed hodgesds closed 1 month ago

hodgesds commented 1 month ago

I hit a verifier error built off latest git:

$ retsnoop -e 'do_check*' -a ':kernel/bpf/verifier.c' -T 
libbpf: prog 'retsn_kentry': BPF program load failed: Invalid argument
libbpf: prog 'retsn_kentry': -- BEGIN PROG LOAD LOG --
0: R1=ctx() R10=fp0
; int retsn_kentry(struct pt_regs *ctx) @ mass_attach.bpf.c:91
0: (bf) r6 = r1                       ; R1=ctx() R6_w=ctx()
; if (!ready) @ mass_attach.bpf.c:97
1: (18) r1 = 0xffffa18f00aa2010       ; R1_w=map_value(map=retsnoop.bss,ks=4,vs=17,off=16)
3: (71) r1 = *(u8 *)(r1 +0)           ; R1_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=255,var_off=(0x0; 0xff))
4: (55) if r1 != 0x1 goto pc+36       ; R1_w=1
; if (has_bpf_get_func_ip) { @ mass_attach.bpf.c:100
5: (18) r1 = 0xffffa18f040329cc       ; R1_w=map_value(map=retsnoop.rodata,ks=4,vs=6740,off=6604)
7: (71) r1 = *(u8 *)(r1 +0)           ; R1_w=1
8: (55) if r1 != 0x1 goto pc+4        ; R1_w=1
; ip = bpf_get_func_ip(ctx); @ mass_attach.bpf.c:101
9: (bf) r1 = r6                       ; R1_w=ctx() R6_w=ctx()
10: (85) call bpf_get_func_ip#173     ; R0=scalar()
11: (bf) r7 = r0                      ; R0=scalar(id=1) R7_w=scalar(id=1)
; } else { @ mass_attach.bpf.c:102
12: (05) goto pc+2
; ip = PT_REGS_IP(ctx) - 1; @ mass_attach.bpf.c:107
15: (7b) *(u64 *)(r10 -8) = r7        ; R7_w=scalar(id=1) R10=fp0 fp-8_w=scalar(id=1)
; if (has_bpf_cookie) { @ mass_attach.bpf.c:113
16: (18) r1 = 0xffffa18f040329cd      ; R1_w=map_value(map=retsnoop.rodata,ks=4,vs=6740,off=6605)
18: (71) r1 = *(u8 *)(r1 +0)          ; R1_w=1
19: (55) if r1 != 0x1 goto pc+4       ; R1_w=1
; id = bpf_get_attach_cookie(ctx); @ mass_attach.bpf.c:114
20: (bf) r1 = r6                      ; R1_w=ctx() R6=ctx()
21: (85) call bpf_get_attach_cookie#174       ; R0=scalar()
22: (bf) r2 = r0                      ; R0=scalar(id=2) R2_w=scalar(id=2)
; } else { @ mass_attach.bpf.c:115
23: (05) goto pc+14
; handle_func_entry(ctx, id, ip); @ mass_attach.bpf.c:127
38: (bf) r1 = r6                      ; R1_w=ctx() R6=ctx()
39: (bf) r3 = r7                      ; R3_w=scalar(id=1) R7=scalar(id=1)
40: (85) call pc+2
caller:
 R6=ctx() R7=scalar(id=1) R10=fp0 fp-8=scalar(id=1)
callee:
 frame1: R1_w=ctx() R2_w=scalar(id=2) R3_w=scalar(id=1) R10=fp0
43: frame1: R1_w=ctx() R2_w=scalar(id=2) R3_w=scalar(id=1) R10=fp0
; __hidden int handle_func_entry(void *ctx, u32 func_id, u64 func_ip) @ retsnoop.bpf.c:1314
43: (bf) r6 = r2                      ; frame1: R2_w=scalar(id=2) R6_w=scalar(id=2)
44: (bf) r7 = r1                      ; frame1: R1_w=ctx() R7_w=ctx()
; if (tgid_allow_cnt + tgid_deny_cnt == 0) @ retsnoop.bpf.c:1281
45: (18) r1 = 0xffffa18f0403101c      ; frame1: R1_w=map_value(map=retsnoop.rodata,ks=4,vs=6740,off=28)
47: (61) r1 = *(u32 *)(r1 +0)         ; frame1: R1_w=0
48: (18) r2 = 0xffffa18f04031020      ; frame1: R2_w=map_value(map=retsnoop.rodata,ks=4,vs=6740,off=32)
50: (61) r2 = *(u32 *)(r2 +0)         ; frame1: R2_w=0
51: (87) r2 = -r2                     ; frame1: R2_w=scalar()
52: (67) r2 <<= 32                    ; frame1: R2_w=scalar(smax=0x7fffffff00000000,umax=0xffffffff00000000,smin32=0,smax32=umax32=0,var_off=(0x0; 0xffffffff00000000))
53: (77) r2 >>= 32                    ; frame1: R2=scalar(smin=0,smax=umax=0xffffffff,var_off=(0x0; 0xffffffff))
54: (5d) if r1 != r2 goto pc+1        ; frame1: R1=0 R2=0
; if (!tgid_allowed() || !comm_allowed()) @ retsnoop.bpf.c:1316
55: (05) goto pc+16
72: (b7) r1 = 0                       ; frame1: R1_w=0
; char comm[TASK_COMM_LEN] = {}; @ retsnoop.bpf.c:1296
73: (7b) *(u64 *)(r10 -8) = r1        ; frame1: R1_w=0 R10=fp0 fp-8_w=0
74: (7b) *(u64 *)(r10 -16) = r1       ; frame1: R1_w=0 R10=fp0 fp-16_w=0
; if (comm_allow_cnt + comm_deny_cnt == 0) @ retsnoop.bpf.c:1300
75: (18) r1 = 0xffffa18f04031024      ; frame1: R1_w=map_value(map=retsnoop.rodata,ks=4,vs=6740,off=36)
77: (61) r1 = *(u32 *)(r1 +0)         ; frame1: R1_w=0
78: (18) r2 = 0xffffa18f04031028      ; frame1: R2_w=map_value(map=retsnoop.rodata,ks=4,vs=6740,off=40)
80: (61) r2 = *(u32 *)(r2 +0)         ; frame1: R2_w=0
81: (87) r2 = -r2                     ; frame1: R2_w=scalar()
82: (67) r2 <<= 32                    ; frame1: R2_w=scalar(smax=0x7fffffff00000000,umax=0xffffffff00000000,smin32=0,smax32=umax32=0,var_off=(0x0; 0xffffffff00000000))
83: (77) r2 >>= 32                    ; frame1: R2=scalar(smin=0,smax=umax=0xffffffff,var_off=(0x0; 0xffffffff))
84: (5d) if r1 != r2 goto pc+1        ; frame1: R1=0 R2=0
; if (!tgid_allowed() || !comm_allowed()) @ retsnoop.bpf.c:1316
85: (05) goto pc+17
; push_call_stack(ctx, func_id, func_ip); @ retsnoop.bpf.c:1319
103: (bf) r1 = r7                     ; frame1: R1_w=ctx() R7=ctx()
104: (bf) r2 = r6                     ; frame1: R2_w=scalar(id=2) R6=scalar(id=2)
105: (85) call pc+2
caller:
 frame1: R6=scalar(id=2) R7=ctx() R10=fp0 fp-8=0 fp-16=0
callee:
 frame2: R1_w=ctx() R2_w=scalar(id=2) R3=scalar(id=1) R10=fp0
108: frame2: R1_w=ctx() R2_w=scalar(id=2) R3=scalar(id=1) R10=fp0
; static __noinline bool push_call_stack(void *ctx, u32 id, u64 ip) @ retsnoop.bpf.c:635
108: (7b) *(u64 *)(r10 -32) = r2      ; frame2: R2_w=scalar(id=2) R10=fp0 fp-32_w=scalar(id=2)
109: (7b) *(u64 *)(r10 -24) = r1      ; frame2: R1_w=ctx() R10=fp0 fp-24_w=ctx()
; u64 pid_tgid = bpf_get_current_pid_tgid(); @ retsnoop.bpf.c:637
110: (85) call bpf_get_current_pid_tgid#14    ; frame2: R0=scalar()
111: (bf) r7 = r0                     ; frame2: R0=scalar(id=3) R7_w=scalar(id=3)
; u32 pid = (u32)pid_tgid; @ retsnoop.bpf.c:638
112: (bf) r1 = r7                     ; frame2: R1_w=scalar(id=3) R7_w=scalar(id=3)
113: (67) r1 <<= 32                   ; frame2: R1_w=scalar(smax=0x7fffffff00000000,umax=0xffffffff00000000,smin32=0,smax32=umax32=0,var_off=(0x0; 0xffffffff00000000))
114: (77) r1 >>= 32                   ; frame2: R1_w=scalar(smin=0,smax=umax=0xffffffff,var_off=(0x0; 0xffffffff))
; return pid ?: -(1 + bpf_get_smp_processor_id()); @ retsnoop.bpf.c:616
115: (55) if r1 != 0x0 goto pc+2      ; frame2: R1_w=0
116: (85) call bpf_get_smp_processor_id#8     ; frame2: R0_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=11,var_off=(0x0; 0xf))
117: (a7) r0 ^= -1                    ; frame2: R0_w=scalar(smin=smin32=-16,smax=smax32=-1,umin=0xfffffffffffffff0,umin32=0xfffffff0,var_off=(0xfffffffffffffff0; 0xf))
; sess_id = session_id(pid); @ retsnoop.bpf.c:643
118: (63) *(u32 *)(r10 -4) = r0       ; frame2: R0_w=scalar(smin=smin32=-16,smax=smax32=-1,umin=0xfffffffffffffff0,umin32=0xfffffff0,var_off=(0xfffffffffffffff0; 0xf)) R10=fp0 fp-8=mmmm????
119: (bf) r2 = r10                    ; frame2: R2_w=fp0 R10=fp0
120: (07) r2 += -4                    ; frame2: R2_w=fp-4
; sess = bpf_map_lookup_elem(&sessions, &sess_id); @ retsnoop.bpf.c:644
121: (18) r1 = 0xffff97e14efd7400     ; frame2: R1_w=map_ptr(map=sessions,ks=4,vs=6024)
123: (85) call bpf_map_lookup_elem#1          ; frame2: R0=map_value_or_null(id=4,map=sessions,ks=4,vs=6024)
124: (bf) r6 = r0                     ; frame2: R0=map_value_or_null(id=4,map=sessions,ks=4,vs=6024) R6_w=map_value_or_null(id=4,map=sessions,ks=4,vs=6024)
; if (!sess) { @ retsnoop.bpf.c:645
125: (55) if r6 != 0x0 goto pc+127    ; frame2: R6_w=0
; return &func_infos[id & func_info_mask]; @ retsnoop.bpf.c:165
126: (18) r1 = 0xffffa18f04031238     ; frame2: R1_w=map_value(map=retsnoop.rodata,ks=4,vs=6740,off=568)
128: (61) r1 = *(u32 *)(r1 +0)        ; frame2: R1_w=127
129: (79) r2 = *(u64 *)(r10 -32)      ; frame2: R2_w=scalar(id=2) R10=fp0 fp-32=scalar(id=2)
130: (5f) r1 &= r2                    ; frame2: R1_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=127,var_off=(0x0; 0x7f)) R2_w=scalar(id=2)
131: (67) r1 <<= 32                   ; frame2: R1_w=scalar(smin=smin32=0,smax=umax=0x7f00000000,smax32=umax32=0,var_off=(0x0; 0x7f00000000))
132: (77) r1 >>= 32                   ; frame2: R1_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=127,var_off=(0x0; 0x7f))
; if (!(func_info(id)->flags & FUNC_IS_ENTRY)) @ retsnoop.bpf.c:648
133: (27) r1 *= 104                   ; frame2: R1_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=13208,var_off=(0x0; 0x3ff8))
134: (18) r2 = 0xffffa18f04035000     ; frame2: R2_w=map_value(map=.data.func_info,ks=4,vs=13312)
136: (0f) r2 += r1                    ; frame2: R1_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=13208,var_off=(0x0; 0x3ff8)) R2_w=map_value(map=.data.func_info,ks=4,vs=13312,smin=smin32=0,sm
ax=umax=smax32=umax32=13208,var_off=(0x0; 0x3ff8))
137: (61) r1 = *(u32 *)(r2 +48)       ; frame2: R1_w=scalar(smin=0,smax=umax=0xffffffff,var_off=(0x0; 0xffffffff)) R2_w=map_value(map=.data.func_info,ks=4,vs=13312,smin=smin32=0,smax=umax=smax
32=umax32=13208,var_off=(0x0; 0x3ff8))
138: (57) r1 &= 1                     ; frame2: R1_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=1,var_off=(0x0; 0x1))
139: (15) if r1 == 0x0 goto pc+311    ; frame2: R1_w=1
140: (bf) r6 = r10                    ; frame2: R6_w=fp0 R10=fp0
141: (07) r6 += -4                    ; frame2: R6_w=fp-4
; bpf_map_update_elem(&sessions, &sess_id, &empty_session, BPF_ANY); @ retsnoop.bpf.c:651
142: (18) r1 = 0xffff97e14efd7400     ; frame2: R1_w=map_ptr(map=sessions,ks=4,vs=6024)
144: (bf) r2 = r6                     ; frame2: R2_w=fp-4 R6_w=fp-4
145: (18) r3 = 0xffffa18f04031240     ; frame2: R3_w=map_value(map=retsnoop.rodata,ks=4,vs=6740,off=576)
147: (b7) r4 = 0                      ; frame2: R4_w=0
148: (85) call bpf_map_update_elem#2          ; frame2: R0=scalar()
; sess = bpf_map_lookup_elem(&sessions, &sess_id); @ retsnoop.bpf.c:652
149: (18) r1 = 0xffff97e14efd7400     ; frame2: R1_w=map_ptr(map=sessions,ks=4,vs=6024)
151: (bf) r2 = r6                     ; frame2: R2_w=fp-4 R6=fp-4
152: (85) call bpf_map_lookup_elem#1          ; frame2: R0_w=map_value_or_null(id=5,map=sessions,ks=4,vs=6024)
153: (bf) r6 = r0                     ; frame2: R0_w=map_value_or_null(id=5,map=sessions,ks=4,vs=6024) R6_w=map_value_or_null(id=5,map=sessions,ks=4,vs=6024)
; if (!sess) { @ retsnoop.bpf.c:653
154: (55) if r6 != 0x0 goto pc+5 160: frame2: R0_w=map_value(map=sessions,ks=4,vs=6024) R6_w=map_value(map=sessions,ks=4,vs=6024) R7=scalar(id=3) R10=fp0 fp-8=mmmm???? fp-24=ctx() fp-32=scalar
(id=2)
; sess->sess_id = sess_id; @ retsnoop.bpf.c:658
160: (61) r1 = *(u32 *)(r10 -4)       ; frame2: R1_w=scalar(smin=0,smax=umax=0xffffffff,var_off=(0x0; 0xffffffff)) R10=fp0 fp-8=mmmm????
161: (63) *(u32 *)(r6 +0) = r1        ; frame2: R1_w=scalar(smin=0,smax=umax=0xffffffff,var_off=(0x0; 0xffffffff)) R6_w=map_value(map=sessions,ks=4,vs=6024)
; sess->pid = pid; @ retsnoop.bpf.c:659
162: (63) *(u32 *)(r6 +4) = r7        ; frame2: R6_w=map_value(map=sessions,ks=4,vs=6024) R7=scalar(id=3)
; sess->tgid = (u32)(pid_tgid >> 32); @ retsnoop.bpf.c:660
163: (77) r7 >>= 32                   ; frame2: R7_w=scalar(smin=0,smax=umax=0xffffffff,var_off=(0x0; 0xffffffff))
164: (63) *(u32 *)(r6 +8) = r7        ; frame2: R6_w=map_value(map=sessions,ks=4,vs=6024) R7_w=scalar(smin=0,smax=umax=0xffffffff,var_off=(0x0; 0xffffffff))
; sess->start_ts = bpf_ktime_get_ns(); @ retsnoop.bpf.c:661
165: (85) call bpf_ktime_get_ns#5     ; frame2: R0=scalar()
166: (7b) *(u64 *)(r6 +16) = r0       ; frame2: R0=scalar() R6=map_value(map=sessions,ks=4,vs=6024)
; bpf_get_current_comm(&sess->task_comm, sizeof(sess->task_comm)); @ retsnoop.bpf.c:662
167: (bf) r7 = r6                     ; frame2: R6=map_value(map=sessions,ks=4,vs=6024) R7_w=map_value(map=sessions,ks=4,vs=6024)
168: (07) r7 += 24                    ; frame2: R7_w=map_value(map=sessions,ks=4,vs=6024,off=24)
169: (bf) r1 = r7                     ; frame2: R1_w=map_value(map=sessions,ks=4,vs=6024,off=24) R7_w=map_value(map=sessions,ks=4,vs=6024,off=24)
170: (b7) r2 = 16                     ; frame2: R2_w=16
171: (85) call bpf_get_current_comm#16        ; frame2: R0_w=scalar()
; tsk = (void *)bpf_get_current_task(); @ retsnoop.bpf.c:663
172: (85) call bpf_get_current_task#35        ; frame2: R0_w=scalar()
173: (b7) r1 = 1800                   ; frame2: R1_w=1800
174: (0f) r0 += r1                    ; frame2: R0_w=scalar() R1_w=1800
175: (bf) r1 = r10                    ; frame2: R1_w=fp0 R10=fp0
176: (07) r1 += -16                   ; frame2: R1_w=fp-16
; BPF_CORE_READ_INTO(&sess->proc_comm, tsk, group_leader, comm); @ retsnoop.bpf.c:664
177: (b7) r2 = 8                      ; frame2: R2_w=8
178: (bf) r3 = r0                     ; frame2: R0_w=scalar(id=6) R3_w=scalar(id=6)
179: (85) call bpf_probe_read_kernel#113      ; frame2: R0=scalar() fp-16=mmmmmmmm
180: (b7) r1 = 2224                   ; frame2: R1_w=2224
181: (79) r3 = *(u64 *)(r10 -16)      ; frame2: R3_w=scalar() R10=fp0 fp-16=mmmmmmmm
182: (0f) r3 += r1                    ; frame2: R1_w=2224 R3_w=scalar()
183: (bf) r9 = r6                     ; frame2: R6=map_value(map=sessions,ks=4,vs=6024) R9_w=map_value(map=sessions,ks=4,vs=6024)
184: (07) r9 += 40                    ; frame2: R9_w=map_value(map=sessions,ks=4,vs=6024,off=40)
185: (bf) r1 = r9                     ; frame2: R1_w=map_value(map=sessions,ks=4,vs=6024,off=40) R9_w=map_value(map=sessions,ks=4,vs=6024,off=40)
186: (b7) r2 = 16                     ; frame2: R2_w=16
187: (85) call bpf_probe_read_kernel#113      ; frame2: R0_w=scalar()
; if (emit_func_trace || capture_fn_args || capture_ctx_args) { @ retsnoop.bpf.c:666
188: (18) r1 = 0xffffa18f04031003     ; frame2: R1_w=map_value(map=retsnoop.rodata,ks=4,vs=6740,off=3)
190: (71) r1 = *(u8 *)(r1 +0)         ; frame2: R1_w=1
191: (55) if r1 != 0x0 goto pc+8      ; frame2: R1_w=1
200: (b7) r8 = 0                      ; frame2: R8_w=0
; r = bpf_ringbuf_reserve(&rb, sizeof(*r), 0); @ retsnoop.bpf.c:595
201: (18) r1 = 0xffff97e14732a700     ; frame2: R1_w=map_ptr(map=rb,ks=0,vs=0)
203: (b7) r2 = 56                     ; frame2: R2_w=56
204: (b7) r3 = 0                      ; frame2: R3_w=0
205: (85) call bpf_ringbuf_reserve#131        ; frame2: R0_w=ringbuf_mem_or_null(id=8,ref_obj_id=8,sz=56) refs=8
; if (!r) { @ retsnoop.bpf.c:596
206: (55) if r0 != 0x0 goto pc+24     ; frame2: R0_w=0
207: (b7) r7 = 1                      ; frame2: R7_w=1
; (void)__atomic_add_fetch(value, 1, __ATOMIC_RELAXED); @ retsnoop.bpf.c:34
208: (18) r1 = 0xffffa18f00aa2000     ; frame2: R1_w=map_value(map=retsnoop.bss,ks=4,vs=17)
210: (b7) r2 = 1                      ; frame2: R2_w=1
211: (db) lock *(u64 *)(r1 +0) += r2          ; frame2: R1_w=map_value(map=retsnoop.bss,ks=4,vs=17) R2_w=1
; vlog("DEFUNCT SESSION %d TID/PID %d/%d: failed to send SESSION_START record!", @ retsnoop.bpf.c:668
212: (18) r1 = 0xffffa18f04031000     ; frame2: R1_w=map_value(map=retsnoop.rodata,ks=4,vs=6740)
214: (71) r1 = *(u8 *)(r1 +0)         ; frame2: R1=0
215: (55) if r1 != 0x1 goto pc+13     ; frame2: R1=0
; sess->defunct = true; @ retsnoop.bpf.c:670
229: (73) *(u8 *)(r6 +64) = r7        ; frame2: R6=map_value(map=sessions,ks=4,vs=6024) R7=1
230: (05) goto pc+22
; if (sess->defunct) { @ retsnoop.bpf.c:680
253: (71) r1 = *(u8 *)(r6 +64)        ; frame2: R1_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=255,var_off=(0x0; 0xff)) R6=map_value(map=sessions,ks=4,vs=6024)
254: (18) r7 = 0xffffa18f04031005     ; frame2: R7_w=map_value(map=retsnoop.rodata,ks=4,vs=6740,off=5)
256: (18) r8 = 0xffffa18f04031004     ; frame2: R8_w=map_value(map=retsnoop.rodata,ks=4,vs=6740,off=4)
258: (05) goto pc+27
; save_stitch_stack(ctx, sess); @ retsnoop.bpf.c:703
286: (61) r9 = *(u32 *)(r6 +3040)     ; frame2: R6=map_value(map=sessions,ks=4,vs=6024) R9_w=scalar(smin=0,smax=umax=0xffffffff,var_off=(0x0; 0xffffffff))
; if (sess->defunct) { @ retsnoop.bpf.c:680
287: (57) r1 &= 1                     ; frame2: R1=scalar(smin=smin32=0,smax=umax=smax32=umax32=1,var_off=(0x0; 0x1))
288: (15) if r1 == 0x0 goto pc-30 259: frame2: R0=0 R1=0 R2=1 R6=map_value(map=sessions,ks=4,vs=6024) R7=map_value(map=retsnoop.rodata,ks=4,vs=6740,off=5) R8=map_value(map=retsnoop.rodata,ks=4
,vs=6740,off=4) R9=scalar(smin=0,smax=umax=0xffffffff,var_off=(0x0; 0xffffffff)) R10=fp0 fp-8=mmmm???? fp-16=mmmmmmmm fp-24=ctx() fp-32=scalar(id=2)
; if (d >= MAX_FSTACK_DEPTH) @ retsnoop.bpf.c:687
259: (25) if r9 > 0x3f goto pc+191    ; frame2: R9=scalar(smin=smin32=0,smax=umax=smax32=umax32=63,var_off=(0x0; 0x3f))
; if (sess->depth != sess->max_depth) { @ retsnoop.bpf.c:690
260: (61) r1 = *(u32 *)(r6 +3044)     ; frame2: R1_w=scalar(smin=0,smax=umax=0xffffffff,var_off=(0x0; 0xffffffff)) R6=map_value(map=sessions,ks=4,vs=6024)
261: (61) r2 = *(u32 *)(r6 +3040)     ; frame2: R2=scalar(smin=0,smax=umax=0xffffffff,var_off=(0x0; 0xffffffff)) R6=map_value(map=sessions,ks=4,vs=6024)
262: (1d) if r2 == r1 goto pc+29      ; frame2: R1=scalar(smin=0,smax=umax=0xffffffff,var_off=(0x0; 0xffffffff)) R2=scalar(smin=0,smax=umax=0xffffffff,var_off=(0x0; 0xffffffff))
; if (emit_interim_stacks && should_submit_interim_stack(sess)) @ retsnoop.bpf.c:698
263: (71) r2 = *(u8 *)(r7 +0)         ; frame2: R2_w=0 R7=map_value(map=retsnoop.rodata,ks=4,vs=6740,off=5)
264: (55) if r2 != 0x1 goto pc+14     ; frame2: R2_w=0
; if (sess->defunct) @ retsnoop.bpf.c:700
279: (71) r1 = *(u8 *)(r6 +64)        ; frame2: R1_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=255,var_off=(0x0; 0xff)) R6=map_value(map=sessions,ks=4,vs=6024)
280: (55) if r1 != 0x0 goto pc+5 286: frame2: R0=0 R1=scalar(smin=umin=smin32=umin32=1,smax=umax=smax32=umax32=255,var_off=(0x0; 0xff)) R2=0 R6=map_value(map=sessions,ks=4,vs=6024) R7=map_value(map=retsnoop.rodata,ks=4,vs=6740,off=5) R8=map_value(map=retsnoop.rodata,ks=4,vs=6740,off=4) R9=scalar(smin=smin32=0,smax=umax=smax32=umax32=63,var_off=(0x0; 0x3f)) R10=fp0 fp-8=mmmm???? fp-16=mmmmmmmm fp-24=ctx() fp-32=scalar(id=2)
; save_stitch_stack(ctx, sess); @ retsnoop.bpf.c:703
286: (61) r9 = *(u32 *)(r6 +3040)     ; frame2: R6=map_value(map=sessions,ks=4,vs=6024) R9_w=scalar(smin=0,smax=umax=0xffffffff,var_off=(0x0; 0xffffffff))
; if (sess->defunct) { @ retsnoop.bpf.c:680
287: (57) r1 &= 1                     ; frame2: R1_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=1,var_off=(0x0; 0x1))
288: (15) if r1 == 0x0 goto pc-30 259: frame2: R0=0 R1_w=0 R2=0 R6=map_value(map=sessions,ks=4,vs=6024) R7=map_value(map=retsnoop.rodata,ks=4,vs=6740,off=5) R8=map_value(map=retsnoop.rodata,ks=4,vs=6740,off=4) R9_w=scalar(smin=0,smax=umax=0xffffffff,var_off=(0x0; 0xffffffff)) R10=fp0 fp-8=mmmm???? fp-16=mmmmmmmm fp-24=ctx() fp-32=scalar(id=2)
; if (d >= MAX_FSTACK_DEPTH) @ retsnoop.bpf.c:687
259: (25) if r9 > 0x3f goto pc+191    ; frame2: R9_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=63,var_off=(0x0; 0x3f))
; if (sess->depth != sess->max_depth) { @ retsnoop.bpf.c:690
260: (61) r1 = *(u32 *)(r6 +3044)     ; frame2: R1_w=scalar(smin=0,smax=umax=0xffffffff,var_off=(0x0; 0xffffffff)) R6=map_value(map=sessions,ks=4,vs=6024)
261: (61) r2 = *(u32 *)(r6 +3040)
infinite loop detected at insn 262
cur state: frame2: R0=0 R1_w=scalar(smin=0,smax=umax=0xffffffff,var_off=(0x0; 0xffffffff)) R2_w=scalar(smin=0,smax=umax=0xffffffff,var_off=(0x0; 0xffffffff)) R6=map_value(map=sessions,ks=4,vs=6024) R7=map_value(map=retsnoop.rodata,ks=4,vs=6740,off=5) R8=map_value(map=retsnoop.rodata,ks=4,vs=6740,off=4) R9_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=63,var_off=(0x0; 0x3f)) R10=fp0 fp-8=mmmm???? fp-16=mmmmmmmm fp-24=ctx() fp-32=scalar(id=2)
old state: frame2: R0=0 R1_rw=scalar(smin=0,smax=umax=0xffffffff,var_off=(0x0; 0xffffffff)) R2_rw=scalar(smin=0,smax=umax=0xffffffff,var_off=(0x0; 0xffffffff)) R6_r=map_value(map=sessions,ks=4,vs=6024) R7_r=map_value(map=retsnoop.rodata,ks=4,vs=6740,off=5) R8=map_value(map=retsnoop.rodata,ks=4,vs=6740,off=4) R9_r=Pscalar(smin=smin32=0,smax=umax=smax32=umax32=63,var_off=(0x0; 0x3f)) R10=fp0 fp-8_r=mmmm???? fp-16=mmmmmmmm fp-24=ctx() fp-32_r=scalar(id=2)
processed 456 insns (limit 1000000) max_states_per_insn 1 total_states 32 peak_states 32 mark_read 12
-- END PROG LOAD LOG --
libbpf: prog 'retsn_kentry': failed to load: -22
libbpf: failed to load object 'retsnoop_bpf'
libbpf: failed to load BPF skeleton 'retsnoop_bpf': -22
Failed to load and verify BPF skeleton

Detaching...

System is a kernel running off 6.12 branch:

$ uname -r
6.11.0-x86_64-gc11d85bb33b4-dirty