packaged strace does not decode all arguments for bpf() syscall
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
strace (Ubuntu) |
Fix Released
|
Undecided
|
Unassigned |
Bug Description
Support for decoding bpf() syscall arguments with current packaged version of strace is incomplete.
In particular, on Ubuntu 16.04 LTS with kernel 4.4.0, strace is packaged in version 4.11 and does not decode arguments for bpf(BPF_OBJ_PIN, …) or bpf(BPF_OBJ_GET, …) calls.
Also, other constants are added in kernel 4.8 and are missing on Ubuntu 16.10, such as BPF_MAP_
For calls to bpf() with these commands, strace output is similar to:
bpf(0x6 /* BPF_??? */, 0x7fffbf33efe0, 48) = 0
bpf(0x7 /* BPF_??? */, 0x7fffbf33ffe0, 48) = -1 ENOENT (No such file or directory)
A patch to update bpf() support was recently merged to strace code base:
https:/
The output of the same calls, after this patch, is as follows, and makes things much easier to debug:
bpf(
bpf(
Would it be possible to have it somehow (new strace release, or backport) on 16.04 LTS?
Ubuntu 20.04 LTS ships with 5.5, 22.04 LTS will ship with 5.16. There are no plans to backport these to 16.04 LTS