search

patricia-gallardo / hello-world-ebpf

3 stars 0 forks source link

Running the binary prints errors #2

Closed patricia-gallardo closed 1 year ago

patricia-gallardo commented 1 year ago

sudo ./hello-world-ebpf

libbpf: BTF loading error: -22
libbpf: -- BEGIN BTF LOAD LOG ---
magic: 0xeb9f
version: 1
flags: 0x0
hdr_len: 24
type_off: 0
type_len: 376
str_off: 376
str_len: 295
btf_total_size: 695
[1] FUNC_PROTO (anon) return=2 args=(3 (anon))
[2] INT int size=4 bits_offset=0 nr_bits=32 encoding=SIGNED
[3] PTR (anon) type_id=0
[4] FUNC handle_execve type_id=1
[5] INT char size=1 bits_offset=0 nr_bits=8 encoding=SIGNED
[6] ARRAY (anon) type_id=5 index_type_id=7 nr_elems=13
[7] INT __ARRAY_SIZE_TYPE__ size=4 bits_offset=0 nr_bits=32 encoding=(none)
[8] VAR LICENSE type_id=6 linkage=1
[9] CONST (anon) type_id=5
[10] ARRAY (anon) type_id=9 index_type_id=7 nr_elems=13
[11] VAR handle_execve.____fmt type_id=10 linkage=0
[12] PTR (anon) type_id=13
[13] FUNC_PROTO (anon) return=14 args=(15 (anon), 16 (anon), vararg)
[14] INT long size=8 bits_offset=0 nr_bits=64 encoding=SIGNED
[15] PTR (anon) type_id=9
[16] TYPEDEF __u32 type_id=17
[17] INT unsigned int size=4 bits_offset=0 nr_bits=32 encoding=(none)
[18] VAR bpf_trace_printk type_id=12 linkage=0
[19] DATASEC .data size=8 vlen=1
         type_id=18 offset=0 size=8
[20] DATASEC .rodata size=13 vlen=1
         type_id=11 offset=0 size=13
[21] DATASEC license size=13 vlen=1
         type_id=8 offset=0 size=13
[4] FUNC handle_execve type_id=1 Invalid arg#1

-- END BTF LOAD LOG --
libbpf: Error loading .BTF into kernel: -22. BTF is optional, ignoring.
libbpf: prog 'handle_execve': BPF program load failed: Invalid argument
libbpf: prog 'handle_execve': -- BEGIN PROG LOAD LOG --
unknown opcode 8d
processed 0 insns (limit 1000000) max_states_per_insn 0 total_states 0 peak_states 0 mark_read 0
-- END PROG LOAD LOG --
libbpf: failed to load program 'handle_execve'
libbpf: failed to load object 'exec'
libbpf: failed to load BPF skeleton 'exec': -22
libbpf: Can't get the 0th fd from program handle_execve: only -1 instances
libbpf: prog 'handle_execve': can't attach BPF program w/o FD (did you load it?)
libbpf: prog 'handle_execve': failed to attach to tracepoint 'syscalls/sys_enter_execve': Invalid argument
libbpf: failed to auto-attach program 'handle_execve': -22
patricia-gallardo commented 1 year ago

After these suggestions by Halvar Flake https://mastodon.social/@HalvarFlake/110471020024013081 https://mastodon.social/@HalvarFlake/110471024055877961 I found out that the error only occurs with -O0, but is gone with -O1, -O2 and -O3