Cannot compile sysdig/libscap bpf driver in 6.11.2-zen kernel

Describe the bug
When trying to use sysdig --bpf ... I was unable to download the prebuilt bpf probe, and compiling the bpf probe resulted in the error.
How to reproduce it
run sysdig --bpf ...
Expected behaviour
*Capturing events with sysdig.
Screenshots
* Running scap-driver-loader for: driver version=0.17.2, arch=x86_64, kernel release=6.11.2-zen1-1-zen, kernel version=1
* Running scap-driver-loader with: driver=bpf, compile=yes, download=yes
* Filename 'scap_arch_6.11.2-zen1-1-zen_1.o' is composed of:
 - driver name: scap
 - target identifier: arch
 - kernel release: 6.11.2-zen1-1-zen
 - kernel version: 1
* Trying to download a prebuilt eBPF probe from https://download.sysdig.com/scap-drivers/0.17.2/x86_64/scap_arch_6.11.2-zen1-1-zen_1.o
curl: (22) The requested URL returned error: 404
Unable to find a prebuilt scap eBPF probe
* Trying to compile the eBPF probe (scap_arch_6.11.2-zen1-1-zen_1.o)
In file included from /usr/src/scap-0.17.2/bpf/probe.c:17:
In file included from ./include/linux/sched.h:12:
In file included from ./arch/x86/include/asm/current.h:10:
In file included from ./include/linux/cache.h:6:
In file included from ./arch/x86/include/asm/cache.h:5:
In file included from ./include/linux/linkage.h:8:
In file included from ./arch/x86/include/asm/linkage.h:6:
./arch/x86/include/asm/ibt.h:77:8: warning: 'nocf_check' attribute ignored; use -fcf-protection to enable the attribute [-Wignored-attributes]
   77 | extern __noendbr u64 ibt_save(bool disable);
      |        ^
./arch/x86/include/asm/ibt.h:32:34: note: expanded from macro '__noendbr'
   32 | #define __noendbr       __attribute__((nocf_check))
      |                                        ^
./arch/x86/include/asm/ibt.h:78:8: warning: 'nocf_check' attribute ignored; use -fcf-protection to enable the attribute [-Wignored-attributes]
   78 | extern __noendbr void ibt_restore(u64 save);
      |        ^
./arch/x86/include/asm/ibt.h:32:34: note: expanded from macro '__noendbr'
   32 | #define __noendbr       __attribute__((nocf_check))
      |                                        ^
In file included from /usr/src/scap-0.17.2/bpf/probe.c:17:
In file included from ./include/linux/sched.h:12:
./arch/x86/include/asm/current.h:47:10: warning: multiple identical address spaces specified for type [-Wduplicate-decl-specifier]
   47 |                 return this_cpu_read_const(const_pcpu_hot.current_task);
      |                        ^
./arch/x86/include/asm/percpu.h:577:36: note: expanded from macro 'this_cpu_read_const'
  577 | #define this_cpu_read_const(pcp)                        __raw_cpu_read_const(pcp)
      |                                                         ^
./arch/x86/include/asm/percpu.h:163:35: note: expanded from macro '__raw_cpu_read_const'
  163 | #define __raw_cpu_read_const(pcp)       __raw_cpu_read(, , pcp)
      |                                         ^
./arch/x86/include/asm/percpu.h:155:30: note: expanded from macro '__raw_cpu_read'
  155 |         *(qual __my_cpu_type(pcp) *)__my_cpu_ptr(&(pcp));               \
      |                                     ^
note: (skipping 1 expansions in backtrace; use -fmacro-backtrace-limit=0 to see all)
./arch/x86/include/asm/percpu.h:94:40: note: expanded from macro '__my_cpu_type'
   94 | #define __my_cpu_type(var)      typeof(var) __percpu_seg_override
      |                                             ^
./arch/x86/include/asm/percpu.h:45:32: note: expanded from macro '__percpu_seg_override'
   45 | # define __percpu_seg_override  __seg_gs
      |                                 ^
<built-in>:358:33: note: expanded from macro '__seg_gs'
  358 | #define __seg_gs __attribute__((address_space(256)))
      |                                 ^
In file included from /usr/src/scap-0.17.2/bpf/probe.c:17:
In file included from ./include/linux/sched.h:12:
./arch/x86/include/asm/current.h:47:10: warning: multiple identical address spaces specified for type [-Wduplicate-decl-specifier]
./arch/x86/include/asm/percpu.h:577:36: note: expanded from macro 'this_cpu_read_const'
  577 | #define this_cpu_read_const(pcp)                        __raw_cpu_read_const(pcp)
      |                                                         ^
./arch/x86/include/asm/percpu.h:163:35: note: expanded from macro '__raw_cpu_read_const'
  163 | #define __raw_cpu_read_const(pcp)       __raw_cpu_read(, , pcp)
      |                                         ^
./arch/x86/include/asm/percpu.h:155:9: note: expanded from macro '__raw_cpu_read'
  155 |         *(qual __my_cpu_type(pcp) *)__my_cpu_ptr(&(pcp));               \
      |                ^
./arch/x86/include/asm/percpu.h:94:40: note: expanded from macro '__my_cpu_type'
   94 | #define __my_cpu_type(var)      typeof(var) __percpu_seg_override
      |                                             ^
./arch/x86/include/asm/percpu.h:45:32: note: expanded from macro '__percpu_seg_override'
   45 | # define __percpu_seg_override  __seg_gs
      |                                 ^
<built-in>:358:33: note: expanded from macro '__seg_gs'
  358 | #define __seg_gs __attribute__((address_space(256)))
      |                                 ^
In file included from /usr/src/scap-0.17.2/bpf/probe.c:17:
In file included from ./include/linux/sched.h:13:
./arch/x86/include/asm/processor.h:543:10: warning: multiple identical address spaces specified for type [-Wduplicate-decl-specifier]
  543 |                 return this_cpu_read_const(const_pcpu_hot.top_of_stack);
      |                        ^
./arch/x86/include/asm/percpu.h:577:36: note: expanded from macro 'this_cpu_read_const'
  577 | #define this_cpu_read_const(pcp)                        __raw_cpu_read_const(pcp)
      |                                                         ^
./arch/x86/include/asm/percpu.h:163:35: note: expanded from macro '__raw_cpu_read_const'
  163 | #define __raw_cpu_read_const(pcp)       __raw_cpu_read(, , pcp)
      |                                         ^
./arch/x86/include/asm/percpu.h:155:30: note: expanded from macro '__raw_cpu_read'
  155 |         *(qual __my_cpu_type(pcp) *)__my_cpu_ptr(&(pcp));               \
      |                                     ^
note: (skipping 1 expansions in backtrace; use -fmacro-backtrace-limit=0 to see all)
./arch/x86/include/asm/percpu.h:94:40: note: expanded from macro '__my_cpu_type'
   94 | #define __my_cpu_type(var)      typeof(var) __percpu_seg_override
      |                                             ^
./arch/x86/include/asm/percpu.h:45:32: note: expanded from macro '__percpu_seg_override'
   45 | # define __percpu_seg_override  __seg_gs
      |                                 ^
<built-in>:358:33: note: expanded from macro '__seg_gs'
  358 | #define __seg_gs __attribute__((address_space(256)))
      |                                 ^
In file included from /usr/src/scap-0.17.2/bpf/probe.c:17:
In file included from ./include/linux/sched.h:13:
./arch/x86/include/asm/processor.h:543:10: warning: multiple identical address spaces specified for type [-Wduplicate-decl-specifier]
./arch/x86/include/asm/percpu.h:577:36: note: expanded from macro 'this_cpu_read_const'
  577 | #define this_cpu_read_const(pcp)                        __raw_cpu_read_const(pcp)
      |                                                         ^
./arch/x86/include/asm/percpu.h:163:35: note: expanded from macro '__raw_cpu_read_const'
  163 | #define __raw_cpu_read_const(pcp)       __raw_cpu_read(, , pcp)
      |                                         ^
./arch/x86/include/asm/percpu.h:155:9: note: expanded from macro '__raw_cpu_read'
  155 |         *(qual __my_cpu_type(pcp) *)__my_cpu_ptr(&(pcp));               \
      |                ^
./arch/x86/include/asm/percpu.h:94:40: note: expanded from macro '__my_cpu_type'
   94 | #define __my_cpu_type(var)      typeof(var) __percpu_seg_override
      |                                             ^
./arch/x86/include/asm/percpu.h:45:32: note: expanded from macro '__percpu_seg_override'
   45 | # define __percpu_seg_override  __seg_gs
      |                                 ^
<built-in>:358:33: note: expanded from macro '__seg_gs'
  358 | #define __seg_gs __attribute__((address_space(256)))
      |                                 ^
In file included from /usr/src/scap-0.17.2/bpf/probe.c:27:
/usr/src/scap-0.17.2/bpf/fillers.h:766:9: warning: cast to 'void *' from smaller integer type 'compat_uptr_t' (aka 'unsigned int') [-Wint-to-void-pointer-cast]
  766 |                                                                 (void*)compat_iov[j].iov_base))
      |                                                                 ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~
/usr/src/scap-0.17.2/bpf/fillers.h:2525:48: warning: passing 'volatile long *' to parameter of type 'long *' discards qualifiers [-Wincompatible-pointer-types-discards-qualifiers]
 2525 |                 res = bpf_accumulate_argv_or_env(data, argv, &args_len);
      |                                                              ^~~~~~~~~
/usr/src/scap-0.17.2/bpf/fillers.h:2063:19: note: passing argument to parameter 'args_len' here
 2063 |                                                       long *args_len)
      |                                                             ^
/usr/src/scap-0.17.2/bpf/fillers.h:3032:22: error: no member named '__i_ctime' in 'struct inode'
 3032 |         time = _READ(inode->__i_ctime);
      |                      ~~~~~  ^
/usr/src/scap-0.17.2/bpf/plumbing_helpers.h:21:28: note: expanded from macro '_READ'
   21 | #define _READ(P) ({ typeof(P) _val;                                     \
      |                            ^
In file included from /usr/src/scap-0.17.2/bpf/probe.c:27:
/usr/src/scap-0.17.2/bpf/fillers.h:3032:22: error: no member named '__i_ctime' in 'struct inode'
 3032 |         time = _READ(inode->__i_ctime);
      |                      ~~~~~  ^
/usr/src/scap-0.17.2/bpf/plumbing_helpers.h:22:51: note: expanded from macro '_READ'
   22 |                     bpf_probe_read_kernel(&_val, sizeof(_val), &P);     \
      |                                                                 ^
In file included from /usr/src/scap-0.17.2/bpf/probe.c:27:
/usr/src/scap-0.17.2/bpf/fillers.h:3041:22: error: no member named '__i_mtime' in 'struct inode'
 3041 |         time = _READ(inode->__i_mtime);
      |                      ~~~~~  ^
/usr/src/scap-0.17.2/bpf/plumbing_helpers.h:21:28: note: expanded from macro '_READ'
   21 | #define _READ(P) ({ typeof(P) _val;                                     \
      |                            ^
In file included from /usr/src/scap-0.17.2/bpf/probe.c:27:
/usr/src/scap-0.17.2/bpf/fillers.h:3041:22: error: no member named '__i_mtime' in 'struct inode'
 3041 |         time = _READ(inode->__i_mtime);
      |                      ~~~~~  ^
/usr/src/scap-0.17.2/bpf/plumbing_helpers.h:22:51: note: expanded from macro '_READ'
   22 |                     bpf_probe_read_kernel(&_val, sizeof(_val), &P);     \
      |                                                                 ^
8 warnings and 4 errors generated.
make[3]: *** [/usr/src/scap-0.17.2/bpf/Makefile:74: /usr/src/scap-0.17.2/bpf/probe.o] Error 1
make[2]: *** [/usr/lib/modules/6.11.2-zen1-1-zen/build/Makefile:1924: /usr/src/scap-0.17.2/bpf] Error 2
make[1]: *** [Makefile:224: __sub-make] Error 2
make: *** [Makefile:23: all] Error 2
mv: cannot stat '/usr/src/scap-0.17.2/bpf/probe.o': No such file or directory
Unable to load the scap eBPF probe
Unable to load the BPF probe
BPF probe is compiled for 6.10.10-zen1-1-zen, but running version is 6.11.2-zen1-1-zen
Environment
Falco version: not installed falco, from sysdig: sysdig version 0.38.1
System info: not installed falco, none
Cloud provider or hardware configuration: VirtualBox 7.1.0
OS: Arch
Kernel: Linux arch 6.11.2-zen1-1-zen #1 ZEN SMP PREEMPT_DYNAMIC Fri, 04 Oct 2024 21:51:07 +0000 x86_64 GNU/Linux
Installation method: pacman
Additional context
In Arch, the patch from https://github.com/falcosecurity/libs/pull/1884 fixes the problem that kmod cannot be compiled in 6.10+ kernel, but does not solve the problem that bpf cannot be used.
falcosecurity / libs

Cannot compile sysdig/libscap bpf driver in 6.11.2-zen kernel #2110
