Unable to run Tracee locally #4635

MrZLeo · 2025-02-28T08:34:30Z

MrZLeo
Feb 28, 2025

I have a machine that running Ubuntu 24.04 LTS with custom Linux 6.12.1 kernel. I found that only docker are able to run Tracee but I have special requirement that must run Tracee locally.

I use this command for docker and it works:

docker run --name tracee -it --rm \
  --pid=host --cgroupns=host --privileged \
  -v /etc/os-release:/etc/os-release-host:ro \
  -v /var/run:/var/run:ro \
  aquasec/tracee:latest

And I do these locally but fail with error message:

# make all
# ./dist/tracee-ebpf

{"level":"warn","ts":1740729506.437951,"msg":"libbpf: prog 'syscall__execve_enter': failed to load: -13"}
{"level":"warn","ts":1740729506.439204,"msg":"libbpf: failed to load object ''"}
{"level":"fatal","ts":1740729506.445795,"msg":"Tracee runner failed","error":"cmd.Runner.Run: error initializing Tracee: ebpf.(*Tracee).Init: ebpf.(*Tracee).initBPF: failed to load BPF object: permission denied"}
...

Answered by rscampos

Mar 5, 2025

Thank you for the logs, @MrZLeo. @geyslan suggested that the issue might be related to the Clang version. Currently, we fully support Clang 14 (I'll update this in the future). I tested compiling Tracee and found that Clang 18 and 19 produce errors similar to yours. Are you using one of these versions?

View full answer

geyslan · 2025-03-05T12:15:38Z

geyslan
Mar 5, 2025
Maintainer

@MrZLeo thanks for this report. Trying to reproduce it soon.

2 replies

geyslan Mar 5, 2025
Maintainer

Not reproducible on 6.12.17.

❯ uname -a
Linux hb0 6.12.17-1-MANJARO #1 SMP PREEMPT_DYNAMIC Thu, 27 Feb 2025 13:04:33 +0000 x86_64 GNU/Linux

❯ sudo ./dist/tracee-ebpf
TIME             UID    COMM             PID     TID     RET              EVENT                     ARGS
13:55:58:452827  0      nmcli            22422   22422   0                sched_process_exec        cmdpath: /usr/bin/nmcli, pathname: /usr/bin/nmcli, dev: 271581187, inode: 14966285, ctime: 1741193153078623286, inode_mode: 33261, interpreter_pathname: /usr/lib/ld-linux-x86-64.so.2, interpreter_dev: 271581187, interpreter_inode: 14953478, interpreter_ctime: 1741193124567515415, argv: [nmcli --terse --fields active,ssid,bssid,mode,chan,freq,signal,security,wpa-flags,rsn-flags,device device wifi], interp: /usr/bin/nmcli, stdin_type: S_IFSOCK, stdin_path: UNIX-STREAM, invoked_from_kernel: false, prev_comm: daemon, env: []
13:55:58:455957  0      pool             22422   22441   0                security_socket_connect   sockfd: 5, type: SOCK_STREAM, remote_addr: map[sa_family:AF_UNIX sun_path:/run/dbus/system_bus_socket]
^C
End of events stream
{"Stats":{"EventCount":2,"EventsFiltered":0,"NetCapCount":0,"BPFLogsCount":0,"ErrorCount":0,"LostEvCount":0,"LostWrCount":0,"LostNtCapCount":0,"LostBPFLogsCount":0}}

It seems all right so far. @MrZLeo your log shows: failed to load BPF object: permission denied. Are you building and running on host or inside other env? Could you provide the full log?

P.S.: use ./dist/tracee (one-binary) instead of ./dist/tracee-{ebpf,rules} since the latter will be removed soon.

MrZLeo Mar 5, 2025
Author

Hi @geyslan, thanks for you help! I built it in my host machine, no virtual environment (docker, vm...) involved. This is the whole logs I can give, and this procedure can be reproduced for me multiple times. I am wondering whether there are some difference between our kernel?

libbpf reported permission denied because ebpf verification error: arg#0 reference type('UNKNOWN '), which caused by unknown reference in program related to syscall__execve_enter.

Welcome to fish, the friendly interactive shell
Type help for instructions on how to use fish
[I] mrzleo@arch ~/tracee ((v0.23.0))> make clean
rm -rf ./dist
rm -f goenv.mk
rm -f .*.md5
rm -f .build_*
rm -f .check*
rm -f .eval_*
rm -f .*-pkgs*
[I] mrzleo@arch ~/tracee ((v0.23.0))> make all
CC="clang" \
        CFLAGS=""-fPIC"" \
        LD_FLAGS="" \
        make \
        -C ./3rdparty/libbpf/src \
        BUILD_STATIC_ONLY=1 \
        PREFIX=/home/mrzleo/tracee/dist \
        DESTDIR=/home/mrzleo/tracee/dist/libbpf \
        OBJDIR=/home/mrzleo/tracee/dist/libbpf/obj \
        LIBDIR=/to-be-removed \
        INCLUDEDIR=/include \
        UAPIDIR=/include \
        install install_uapi_headers
touch .build_libbpf
  MKDIR    /home/mrzleo/tracee/dist/libbpf/obj/staticobjs
  CC       /home/mrzleo/tracee/dist/libbpf/obj/staticobjs/bpf.o
  CC       /home/mrzleo/tracee/dist/libbpf/obj/staticobjs/btf.o
  CC       /home/mrzleo/tracee/dist/libbpf/obj/staticobjs/libbpf.o
  CC       /home/mrzleo/tracee/dist/libbpf/obj/staticobjs/libbpf_errno.o
  CC       /home/mrzleo/tracee/dist/libbpf/obj/staticobjs/netlink.o
  CC       /home/mrzleo/tracee/dist/libbpf/obj/staticobjs/nlattr.o
  CC       /home/mrzleo/tracee/dist/libbpf/obj/staticobjs/str_error.o
  CC       /home/mrzleo/tracee/dist/libbpf/obj/staticobjs/libbpf_probes.o
  CC       /home/mrzleo/tracee/dist/libbpf/obj/staticobjs/bpf_prog_linfo.o
  CC       /home/mrzleo/tracee/dist/libbpf/obj/staticobjs/btf_dump.o
  CC       /home/mrzleo/tracee/dist/libbpf/obj/staticobjs/hashmap.o
  CC       /home/mrzleo/tracee/dist/libbpf/obj/staticobjs/ringbuf.o
  CC       /home/mrzleo/tracee/dist/libbpf/obj/staticobjs/strset.o
  CC       /home/mrzleo/tracee/dist/libbpf/obj/staticobjs/linker.o
  CC       /home/mrzleo/tracee/dist/libbpf/obj/staticobjs/gen_loader.o
  CC       /home/mrzleo/tracee/dist/libbpf/obj/staticobjs/relo_core.o
  CC       /home/mrzleo/tracee/dist/libbpf/obj/staticobjs/usdt.o
  CC       /home/mrzleo/tracee/dist/libbpf/obj/staticobjs/zip.o
  CC       /home/mrzleo/tracee/dist/libbpf/obj/staticobjs/elf.o
  CC       /home/mrzleo/tracee/dist/libbpf/obj/staticobjs/features.o
  CC       /home/mrzleo/tracee/dist/libbpf/obj/staticobjs/btf_iter.o
  CC       /home/mrzleo/tracee/dist/libbpf/obj/staticobjs/btf_relocate.o
  AR       /home/mrzleo/tracee/dist/libbpf/obj/libbpf.a
  INSTALL  bpf.h libbpf.h btf.h libbpf_common.h libbpf_legacy.h bpf_helpers.h bpf_helper_defs.h bpf_tracing.h bpf_endian.h bpf_core_read.h skel_internal.h libbpf_version.h usdt.bpf.h
  INSTALL  /home/mrzleo/tracee/dist/libbpf/obj/libbpf.pc
  INSTALL  /home/mrzleo/tracee/dist/libbpf/obj/libbpf.a
  INSTALL  ../include/uapi/linux/bpf.h ../include/uapi/linux/bpf_common.h ../include/uapi/linux/btf.h
clang \
         \
        -D__TARGET_ARCH_x86 \
        -D__BPF_TRACING__ \
        -DCORE \
        -I/home/mrzleo/tracee/dist/libbpf/include \
        -I./pkg/ebpf/c/ \
        -target bpf \
        -O2 -g \
        -mcpu=v2 \
        -c ./pkg/ebpf/c/tracee.bpf.c \
        -o dist/tracee.bpf.o
make ./dist/btfhub
make btfhub
GOOS=linux CC=clang GOARCH=amd64 CGO_CFLAGS="-I/home/mrzleo/tracee/dist/libbpf/include" CGO_LDFLAGS="-L/home/mrzleo/tracee/dist/libbpf/obj -lbpf" go build \
        -tags core,ebpf \
        -ldflags="-w \
                -extldflags \"\" \
                -X main.version=\"-c290b180b\" \
                " \
        -v -o dist/tracee-ebpf \
        ./cmd/tracee-ebpf
make[1]: Nothing to be done for 'btfhub'.
mkdir -p dist/signatures
GOOS=linux CC=clang GOARCH=amd64 CGO_CFLAGS="-I/home/mrzleo/tracee/dist/libbpf/include" CGO_LDFLAGS="-L/home/mrzleo/tracee/dist/libbpf/obj -lbpf" go build \
        --buildmode=plugin \
        -o dist/signatures/builtin.so \
        signatures/golang/export.go signatures/golang/test_helpers.go signatures/golang/anti_debugging_ptraceme.go signatures/golang/aslr_inspection.go signatures/golang/cgroup_notify_on_release_modification.go signatures/golang/cgroup_release_agent_modification.go signatures/golang/core_pattern_modification.go signatures/golang/default_loader_modification.go signatures/golang/disk_mount.go signatures/golang/docker_abuse.go signatures/golang/dropped_executable.go signatures/golang/dynamic_code_loading.go signatures/golang/fileless_execution.go signatures/golang/hidden_file_created.go signatures/golang/illegitimate_shell.go signatures/golang/k8s_service_account_token.go signatures/golang/kernel_module_loading.go signatures/golang/kubernetes_api_connection.go signatures/golang/kubernetes_certificate_theft_attempt.go signatures/golang/ld_preload.go signatures/golang/proc_fops_hooking.go signatures/golang/proc_kcore_read.go signatures/golang/proc_mem_access.go signatures/golang/proc_mem_code_injection.go signatures/golang/process_vm_write_code_injection.go signatures/golang/ptrace_code_injection.go signatures/golang/rcd_modification.go signatures/golang/sched_debug_recon.go signatures/golang/scheduled_task_modification.go signatures/golang/stdio_over_socket.go signatures/golang/sudoers_modification.go signatures/golang/syscall_table_hooking.go signatures/golang/system_request_key_config_modification.go
GOOS=linux CC=clang GOARCH=amd64 CGO_CFLAGS="-I/home/mrzleo/tracee/dist/libbpf/include" CGO_LDFLAGS="-L/home/mrzleo/tracee/dist/libbpf/obj -lbpf" go build \
        -tags  \
        -ldflags="-w \
                -extldflags \"\" \
                " \
        -v -o dist/tracee-rules \
        ./cmd/tracee-rules
make ./dist/btfhub
make btfhub
GOOS=linux CC=clang GOARCH=amd64 CGO_CFLAGS="-I/home/mrzleo/tracee/dist/libbpf/include" CGO_LDFLAGS="-L/home/mrzleo/tracee/dist/libbpf/obj -lbpf" go build \
        -tags core,ebpf \
        -ldflags="-w \
                -extldflags \"\" \
                -X github.com/aquasecurity/tracee/pkg/version.version=-c290b180b \
                -X github.com/aquasecurity/tracee/pkg/version.metrics= \
                " \
        -v -o dist/tracee \
        ./cmd/tracee
make[1]: 'dist/btfhub' is up to date.
make[1]: Nothing to be done for 'btfhub'.
[I] mrzleo@arch ~/tracee ((v0.23.0))> sudo ./dist/tracee-ebpf
{"level":"warn","ts":1741194515.6852627,"msg":"libbpf: prog 'syscall__execve_enter': BPF program load failed: Permission denied"}
libbpf: prog 'syscall__execve_enter': -- BEGIN PROG LOAD LOG --
arg#0 reference type('UNKNOWN ') size cannot be determined: -22
0: R1=ctx() R10=fp0
; int syscall__execve_enter(void *ctx) @ tracee.bpf.c:366
0: (bf) r7 = r1                       ; R1=ctx() R7_w=ctx()
1: (b7) r8 = 0                        ; R8_w=0
; u32 zero = 0; @ context.h:213
2: (63) *(u32 *)(r10 -72) = r8        ; R8_w=0 R10=fp0 fp-72=????0
3: (bf) r2 = r10                      ; R2_w=fp0 R10=fp0
4: (07) r2 += -72                     ; R2_w=fp-72
; p->event = bpf_map_lookup_elem(&event_data_map, &zero); @ context.h:217
5: (18) r1 = 0xffff9cc68c988a00       ; R1_w=map_ptr(map=event_data_map,ks=4,vs=32528)
7: (85) call bpf_map_lookup_elem#1    ; R0_w=map_value_or_null(id=1,map=event_data_map,ks=4,vs=32528)
8: (7b) *(u64 *)(r10 -96) = r0        ; R0_w=map_value_or_null(id=1,map=event_data_map,ks=4,vs=32528) R10=fp0 fp-96_w=map_value_or_null(id=1,map=event_data_map,ks=4,vs=32528)
; if (unlikely(p->event == NULL)) @ context.h:218
9: (15) if r0 == 0x0 goto pc+23       ; R0_w=map_value(map=event_data_map,ks=4,vs=32528)
10: (bf) r2 = r10                     ; R2_w=fp0 R10=fp0
11: (07) r2 += -72                    ; R2_w=fp-72
; p->config = bpf_map_lookup_elem(&config_map, &zero); @ context.h:221
12: (18) r1 = 0xffff9cc68357e800      ; R1_w=map_ptr(map=config_map,ks=4,vs=256)
14: (85) call bpf_map_lookup_elem#1   ; R0=map_value_or_null(id=2,map=config_map,ks=4,vs=256)
15: (7b) *(u64 *)(r10 -120) = r0      ; R0=map_value_or_null(id=2,map=config_map,ks=4,vs=256) R10=fp0 fp-120_w=map_value_or_null(id=2,map=config_map,ks=4,vs=256)
; if (unlikely(p->config == NULL)) @ context.h:222
16: (15) if r0 == 0x0 goto pc+16      ; R0=map_value(map=config_map,ks=4,vs=256)
; p->task_info = bpf_map_lookup_elem(&task_info_map, &p->event->context.task.host_tid); @ context.h:225
17: (79) r6 = *(u64 *)(r10 -96)       ; R6_w=map_value(map=event_data_map,ks=4,vs=32528) R10=fp0 fp-96=map_value(map=event_data_map,ks=4,vs=32528)
18: (07) r6 += 40                     ; R6_w=map_value(map=event_data_map,ks=4,vs=32528,off=40)
19: (18) r1 = 0xffff9cc68357fc00      ; R1_w=map_ptr(map=task_info_map,ks=4,vs=200)
21: (bf) r2 = r6                      ; R2_w=map_value(map=event_data_map,ks=4,vs=32528,off=40) R6_w=map_value(map=event_data_map,ks=4,vs=32528,off=40)
22: (85) call bpf_map_lookup_elem#1   ; R0_w=map_value_or_null(id=3,map=task_info_map,ks=4,vs=200)
23: (7b) *(u64 *)(r10 -112) = r0      ; R0=map_value_or_null(id=3,map=task_info_map,ks=4,vs=200) R10=fp0 fp-112=map_value_or_null(id=3,map=task_info_map,ks=4,vs=200)
; if (unlikely(p->task_info == NULL)) { @ context.h:226
24: (15) if r0 == 0x0 goto pc+8       ; R0=map_value(map=task_info_map,ks=4,vs=200)
; p->proc_info = bpf_map_lookup_elem(&proc_info_map, &p->event->context.task.host_pid); @ context.h:230
25: (79) r9 = *(u64 *)(r10 -96)       ; R9_w=map_value(map=event_data_map,ks=4,vs=32528) R10=fp0 fp-96=map_value(map=event_data_map,ks=4,vs=32528)
26: (07) r9 += 36                     ; R9_w=map_value(map=event_data_map,ks=4,vs=32528,off=36)
27: (18) r1 = 0xffff9cc68357f800      ; R1_w=map_ptr(map=proc_info_map,ks=4,vs=368)
29: (bf) r2 = r9                      ; R2_w=map_value(map=event_data_map,ks=4,vs=32528,off=36) R9_w=map_value(map=event_data_map,ks=4,vs=32528,off=36)
30: (85) call bpf_map_lookup_elem#1   ; R0_w=map_value_or_null(id=4,map=proc_info_map,ks=4,vs=368)
31: (7b) *(u64 *)(r10 -128) = r0      ; R0_w=map_value_or_null(id=4,map=proc_info_map,ks=4,vs=368) R10=fp0 fp-128_w=map_value_or_null(id=4,map=proc_info_map,ks=4,vs=368)
32: (55) if r0 != 0x0 goto pc+1 34: R0_w=map_value(map=proc_info_map,ks=4,vs=368) R6=map_value(map=event_data_map,ks=4,vs=32528,off=40) R7=ctx() R8=0 R9_w=map_value(map=event_data_map,ks=4,vs=32528,off=36) R10=fp0 fp-72=????mmmm fp-96=map_value(map=event_data_map,ks=4,vs=32528) fp-112=map_value(map=task_info_map,ks=4,vs=200) fp-120=map_value(map=config_map,ks=4,vs=256) fp-128_w=map_value(map=proc_info_map,ks=4,vs=368)
; if (event_config == NULL) @ context.h:256
34: (18) r8 = 0xffffffff              ; R8_w=0xffffffff
; if (!p.task_info->syscall_traced) @ tracee.bpf.c:372
36: (79) r1 = *(u64 *)(r10 -112)      ; R1_w=map_value(map=task_info_map,ks=4,vs=200) R10=fp0 fp-112=map_value(map=task_info_map,ks=4,vs=200)
37: (71) r1 = *(u8 *)(r1 +176)        ; R1_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=255,var_off=(0x0; 0xff))
38: (55) if r1 != 0x1 goto pc+1097    ; R1_w=1
39: (79) r4 = *(u64 *)(r10 -96)       ; R4_w=map_value(map=event_data_map,ks=4,vs=32528) R10=fp0 fp-96=map_value(map=event_data_map,ks=4,vs=32528)
; p.event->context.ts = sys->ts; @ tracee.bpf.c:375
40: (79) r1 = *(u64 *)(r10 -112)      ; R1_w=map_value(map=task_info_map,ks=4,vs=200) R10=fp0 fp-112=map_value(map=task_info_map,ks=4,vs=200)
41: (79) r2 = *(u64 *)(r1 +160)       ; R1_w=map_value(map=task_info_map,ks=4,vs=200) R2_w=scalar()
42: (b7) r1 = -1                      ; R1_w=-1
; __builtin_memset(event->args_buf.args_offset, 0xFF, sizeof(event->args_buf.args_offset)); @ context.h:245
43: (b7) r3 = -1                      ; R3_w=-1
44: (77) r3 >>= 32                    ; R3_w=0xffffffff
45: (63) *(u32 *)(r4 +32152) = r3     ; R3_w=0xffffffff R4_w=map_value(map=event_data_map,ks=4,vs=32528)
46: (63) *(u32 *)(r4 +32160) = r3     ; R3_w=0xffffffff R4_w=map_value(map=event_data_map,ks=4,vs=32528)
47: (63) *(u32 *)(r4 +32168) = r3     ; R3_w=0xffffffff R4_w=map_value(map=event_data_map,ks=4,vs=32528)
48: (63) *(u32 *)(r4 +32176) = r3     ; R3_w=0xffffffff R4_w=map_value(map=event_data_map,ks=4,vs=32528)
49: (63) *(u32 *)(r4 +32184) = r3     ; R3_w=0xffffffff R4_w=map_value(map=event_data_map,ks=4,vs=32528)
50: (63) *(u32 *)(r4 +32192) = r3     ; R3_w=0xffffffff R4_w=map_value(map=event_data_map,ks=4,vs=32528)
51: (63) *(u32 *)(r4 +32200) = r3     ; R3_w=0xffffffff R4_w=map_value(map=event_data_map,ks=4,vs=32528)
52: (63) *(u32 *)(r4 +32208) = r3     ; R3_w=0xffffffff R4_w=map_value(map=event_data_map,ks=4,vs=32528)
; p.event->context.ts = sys->ts; @ tracee.bpf.c:375
53: (7b) *(u64 *)(r4 +0) = r2         ; R2_w=scalar() R4_w=map_value(map=event_data_map,ks=4,vs=32528)
54: (b7) r8 = 0                       ; R8_w=0
; event->args_buf.offset = 0; @ context.h:241
55: (6b) *(u16 *)(r4 +32146) = r8     ; R4_w=map_value(map=event_data_map,ks=4,vs=32528) R8_w=0
; event->args_buf.argnum = 0; @ context.h:242
56: (73) *(u8 *)(r4 +144) = r8        ; R4_w=map_value(map=event_data_map,ks=4,vs=32528) R8_w=0
; __builtin_memset(event->args_buf.args_offset, 0xFF, sizeof(event->args_buf.args_offset)); @ context.h:245
57: (63) *(u32 *)(r4 +32148) = r1     ; R1_w=-1 R4_w=map_value(map=event_data_map,ks=4,vs=32528)
58: (63) *(u32 *)(r4 +32156) = r1     ; R1_w=-1 R4_w=map_value(map=event_data_map,ks=4,vs=32528)
59: (63) *(u32 *)(r4 +32164) = r1     ; R1_w=-1 R4_w=map_value(map=event_data_map,ks=4,vs=32528)
60: (63) *(u32 *)(r4 +32172) = r1     ; R1_w=-1 R4_w=map_value(map=event_data_map,ks=4,vs=32528)
61: (63) *(u32 *)(r4 +32180) = r1     ; R1_w=-1 R4_w=map_value(map=event_data_map,ks=4,vs=32528)
62: (63) *(u32 *)(r4 +32188) = r1     ; R1_w=-1 R4_w=map_value(map=event_data_map,ks=4,vs=32528)
63: (63) *(u32 *)(r4 +32196) = r1     ; R1_w=-1 R4_w=map_value(map=event_data_map,ks=4,vs=32528)
64: (63) *(u32 *)(r4 +32204) = r1     ; R1_w=-1 R4_w=map_value(map=event_data_map,ks=4,vs=32528)
; event->config.submit_for_policies = ~0ULL; @ context.h:253
65: (7b) *(u64 *)(r4 +32224) = r1     ; R1_w=-1 R4_w=map_value(map=event_data_map,ks=4,vs=32528)
66: (b7) r1 = 59                      ; R1_w=59
; event->context.eventid = event_id; @ context.h:251
67: (63) *(u32 *)(r4 +112) = r1       ; R1_w=59 R4_w=map_value(map=event_data_map,ks=4,vs=32528)
68: (7b) *(u64 *)(r10 -104) = r4      ; R4_w=map_value(map=event_data_map,ks=4,vs=32528) R10=fp0 fp-104_w=map_value(map=event_data_map,ks=4,vs=32528)
; event_config_t *event_config = get_event_config(event_id, event->context.policies_version); @ context.h:255
69: (69) r2 = *(u16 *)(r4 +134)       ; R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff)) R4_w=map_value(map=event_data_map,ks=4,vs=32528)
70: (63) *(u32 *)(r10 -72) = r1       ; R1_w=59 R10=fp0 fp-72=????59
71: (6b) *(u16 *)(r10 -76) = r2       ; R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff)) R10=fp0 fp-80=??mm????
72: (bf) r2 = r10                     ; R2_w=fp0 R10=fp0
73: (07) r2 += -76                    ; R2_w=fp-76
; void *inner_events_map = bpf_map_lookup_elem(&events_map_version, &policies_version); @ context.h:105
74: (18) r1 = 0xffff9cc6855afc00      ; R1_w=map_ptr(map=events_map_vers,ks=2,vs=4)
76: (85) call bpf_map_lookup_elem#1   ; R0=map_value_or_null(id=5,map=events_map_vers,ks=2,vs=4)
; if (inner_events_map == NULL) @ context.h:106
77: (55) if r0 != 0x0 goto pc+1 79: R0=map_ptr(ks=4,vs=64) R6=map_value(map=event_data_map,ks=4,vs=32528,off=40) R7=ctx() R8=0 R9=map_value(map=event_data_map,ks=4,vs=32528,off=36) R10=fp0 fp-72=????59 fp-80=??mm???? fp-96=map_value(map=event_data_map,ks=4,vs=32528) fp-104=map_value(map=event_data_map,ks=4,vs=32528) fp-112=map_value(map=task_info_map,ks=4,vs=200) fp-120=map_value(map=config_map,ks=4,vs=256) fp-128=map_value(map=proc_info_map,ks=4,vs=368)
; if (event_config == NULL) @ context.h:256
79: (bf) r2 = r10                     ; R2_w=fp0 R10=fp0
80: (07) r2 += -72                    ; R2_w=fp-72
; return bpf_map_lookup_elem(inner_events_map, &event_id); @ context.h:109
81: (bf) r1 = r0                      ; R0=map_ptr(ks=4,vs=64) R1_w=map_ptr(ks=4,vs=64)
82: (85) call bpf_map_lookup_elem#1   ; R0=map_value_or_null(id=6,ks=4,vs=64)
83: (79) r5 = *(u64 *)(r10 -104)      ; R5_w=map_value(map=event_data_map,ks=4,vs=32528) R10=fp0 fp-104=map_value(map=event_data_map,ks=4,vs=32528)
; if (event_config == NULL) @ context.h:256
84: (15) if r0 == 0x0 goto pc+1051    ; R0=map_value(ks=4,vs=64)
; event->config.field_types = event_config->field_types; @ context.h:259
85: (79) r1 = *(u64 *)(r0 +8)         ; R0=map_value(ks=4,vs=64) R1_w=scalar()
86: (7b) *(u64 *)(r5 +32232) = r1     ; R1_w=scalar() R5_w=map_value(map=event_data_map,ks=4,vs=32528)
; event->config.submit_for_policies = event_config->submit_for_policies; @ context.h:260
87: (79) r1 = *(u64 *)(r0 +0)         ; R0=map_value(ks=4,vs=64) R1_w=scalar()
; event->context.matched_policies = event_config->submit_for_policies; @ context.h:261
88: (7b) *(u64 *)(r5 +136) = r1       ; R1_w=scalar() R5_w=map_value(map=event_data_map,ks=4,vs=32528)
; event->config.submit_for_policies = event_config->submit_for_policies; @ context.h:260
89: (7b) *(u64 *)(r5 +32224) = r1     ; R1_w=scalar() R5_w=map_value(map=event_data_map,ks=4,vs=32528)
; if (p->config->tracee_pid == context->host_pid) @ filtering.h:190
90: (61) r3 = *(u32 *)(r5 +36)        ; R3_w=scalar(smin=0,smax=umax=0xffffffff,var_off=(0x0; 0xffffffff)) R5_w=map_value(map=event_data_map,ks=4,vs=32528)
91: (79) r2 = *(u64 *)(r10 -120)      ; R2_w=map_value(map=config_map,ks=4,vs=256) R10=fp0 fp-120=map_value(map=config_map,ks=4,vs=256)
92: (61) r4 = *(u32 *)(r2 +0)         ; R2_w=map_value(map=config_map,ks=4,vs=256) R4_w=scalar(smin=0,smax=umax=0xffffffff,var_off=(0x0; 0xffffffff))
93: (b7) r2 = 0                       ; R2_w=0
94: (7b) *(u64 *)(r10 -152) = r7      ; R7=ctx() R10=fp0 fp-152_w=ctx()
95: (1d) if r4 == r3 goto pc+546      ; R3_w=scalar(smin=0,smax=umax=0xffffffff,var_off=(0x0; 0xffffffff)) R4_w=scalar(smin=0,smax=umax=0xffffffff,var_off=(0x0; 0xffffffff))
96: (b7) r4 = -1                      ; R4_w=-1
; if (policies_cfg->cont_filter_enabled) { @ filtering.h:201
97: (79) r1 = *(u64 *)(r5 +32344)     ; R1=scalar() R5=map_value(map=event_data_map,ks=4,vs=32528)
98: (15) if r1 == 0x0 goto pc+16      ; R1=scalar(umin=1)
; u8 state = p->task_info->container_state; @ filtering.h:203
99: (79) r2 = *(u64 *)(r10 -112)      ; R2_w=map_value(map=task_info_map,ks=4,vs=200) R10=fp0 fp-112=map_value(map=task_info_map,ks=4,vs=200)
100: (71) r3 = *(u8 *)(r2 +177)       ; R2_w=map_value(map=task_info_map,ks=4,vs=200) R3_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=255,var_off=(0x0; 0xff))
101: (57) r3 &= 255                   ; R3_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=255,var_off=(0x0; 0xff))
102: (b7) r2 = 1                      ; R2_w=1
103: (b7) r4 = 1                      ; R4_w=1
104: (15) if r3 == 0x1 goto pc+1      ; R3_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=255,var_off=(0x0; 0xff))
105: (b7) r4 = 0                      ; R4=0
; if (state == CONTAINER_STARTED || state == CONTAINER_EXISTED) @ filtering.h:204
106: (15) if r3 == 0x3 goto pc+1      ; R3=scalar(smin=smin32=0,smax=umax=smax32=umax32=255,var_off=(0x0; 0xff))
107: (b7) r2 = 0                      ; R2_w=0
108: (4f) r2 |= r4                    ; R2_w=0 R4=0
; return match_bitmap ^ (bool_value ? ~0ULL : 0); @ filtering.h:182
109: (57) r2 &= 1                     ; R2_w=0
110: (87) r2 = -r2                    ; R2_w=scalar()
; u64 match_bitmap = policies_cfg->cont_filter_match_if_key_missing; @ filtering.h:206
111: (79) r4 = *(u64 *)(r5 +32448)    ; R4_w=scalar() R5=map_value(map=event_data_map,ks=4,vs=32528)
; return match_bitmap ^ (bool_value ? ~0ULL : 0); @ filtering.h:182
112: (af) r4 ^= r2                    ; R2_w=scalar() R4_w=scalar()
; u64 mask = ~policies_cfg->cont_filter_enabled; @ filtering.h:207
113: (a7) r1 ^= -1                    ; R1_w=scalar()
; res &= bool_filter_matches(match_bitmap, is_container) | mask; @ filtering.h:210
114: (4f) r4 |= r1                    ; R1_w=scalar() R4_w=scalar()
; if (policies_cfg->new_cont_filter_enabled) { @ filtering.h:213
115: (79) r1 = *(u64 *)(r5 +32352)    ; R1_w=scalar() R5=map_value(map=event_data_map,ks=4,vs=32528)
116: (15) if r1 == 0x0 goto pc+11     ; R1_w=scalar(umin=1)
; if (p->task_info->container_state == CONTAINER_STARTED) @ filtering.h:215
117: (79) r2 = *(u64 *)(r10 -112)     ; R2_w=map_value(map=task_info_map,ks=4,vs=200) R10=fp0 fp-112=map_value(map=task_info_map,ks=4,vs=200)
118: (71) r3 = *(u8 *)(r2 +177)       ; R2_w=map_value(map=task_info_map,ks=4,vs=200) R3_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=255,var_off=(0x0; 0xff))
119: (b7) r2 = -1                     ; R2=-1
; return match_bitmap ^ (bool_value ? ~0ULL : 0); @ filtering.h:182
120: (15) if r3 == 0x3 goto pc+1      ; R3=scalar(smin=smin32=0,smax=umax=smax32=umax32=255,var_off=(0x0; 0xff))
121: (b7) r2 = 0                      ; R2_w=0
; u64 match_bitmap = policies_cfg->new_cont_filter_match_if_key_missing; @ filtering.h:217
122: (79) r3 = *(u64 *)(r5 +32456)    ; R3_w=scalar() R5=map_value(map=event_data_map,ks=4,vs=32528)
; return match_bitmap ^ (bool_value ? ~0ULL : 0); @ filtering.h:182
123: (af) r3 ^= r2                    ; R2_w=0 R3_w=scalar()
; u64 mask = ~policies_cfg->new_cont_filter_enabled; @ filtering.h:218
124: (a7) r1 ^= -1                    ; R1_w=scalar()
; res &= bool_filter_matches(match_bitmap, is_new_container) | mask; @ filtering.h:220
125: (4f) r3 |= r1                    ; R1_w=scalar() R3_w=scalar()
126: (5f) r3 &= r4                    ; R3_w=scalar() R4=scalar()
127: (bf) r4 = r3                     ; R3_w=scalar(id=7) R4_w=scalar(id=7)
; if (policies_cfg->new_pid_filter_enabled) { @ filtering.h:223
128: (79) r1 = *(u64 *)(r5 +32360)    ; R1_w=scalar() R5=map_value(map=event_data_map,ks=4,vs=32528)
129: (15) if r1 == 0x0 goto pc+9      ; R1_w=scalar(umin=1)
; u64 match_bitmap = policies_cfg->new_pid_filter_match_if_key_missing; @ filtering.h:224
130: (79) r2 = *(u64 *)(r5 +32464)    ; R2_w=scalar() R5=map_value(map=event_data_map,ks=4,vs=32528)
; res &= bool_filter_matches(match_bitmap, proc_info->new_proc) | mask; @ filtering.h:227
131: (79) r3 = *(u64 *)(r10 -128)     ; R3_w=map_value(map=proc_info_map,ks=4,vs=368) R10=fp0 fp-128=map_value(map=proc_info_map,ks=4,vs=368)
132: (71) r3 = *(u8 *)(r3 +0)         ; R3_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=255,var_off=(0x0; 0xff))
; return match_bitmap ^ (bool_value ? ~0ULL : 0); @ filtering.h:182
133: (87) r3 = -r3                    ; R3_w=scalar()
134: (af) r2 ^= r3                    ; R2_w=scalar() R3_w=scalar()
; u64 mask = ~policies_cfg->new_pid_filter_enabled; @ filtering.h:225
135: (a7) r1 ^= -1                    ; R1_w=scalar()
; res &= bool_filter_matches(match_bitmap, proc_info->new_proc) | mask; @ filtering.h:227
136: (4f) r2 |= r1                    ; R1_w=scalar() R2_w=scalar()
137: (5f) r2 &= r4                    ; R2_w=scalar() R4_w=scalar(id=7)
138: (bf) r4 = r2                     ; R2=scalar(id=8) R4=scalar(id=8)
; u16 version = p->event->context.policies_version; @ filtering.h:234
139: (69) r1 = *(u16 *)(r5 +134)      ; R1_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff)) R5=map_value(map=event_data_map,ks=4,vs=32528)
; if (policies_cfg->pid_filter_enabled) { @ filtering.h:237
140: (7b) *(u64 *)(r10 -144) = r1     ; R1_w=scalar(id=9,smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff)) R10=fp0 fp-144_w=scalar(id=9,smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff))
141: (79) r1 = *(u64 *)(r5 +32296)    ; R1_w=scalar() R5=map_value(map=event_data_map,ks=4,vs=32528)
142: (15) if r1 == 0x0 goto pc+84     ; R1_w=scalar(umin=1)
143: (7b) *(u64 *)(r10 -184) = r1     ; R1_w=scalar(id=10,umin=1) R10=fp0 fp-184_w=scalar(id=10,umin=1)
144: (7b) *(u64 *)(r10 -136) = r4     ; R4=scalar(id=8) R10=fp0 fp-136_w=scalar(id=8)
; u64 min = policies_cfg->pid_min; @ filtering.h:241
145: (79) r1 = *(u64 *)(r5 +32520)    ; R1_w=scalar() R5=map_value(map=event_data_map,ks=4,vs=32528)
; u64 max = policies_cfg->pid_max; @ filtering.h:240
146: (7b) *(u64 *)(r10 -168) = r1     ; R1_w=scalar(id=11) R10=fp0 fp-168_w=scalar(id=11)
147: (79) r1 = *(u64 *)(r5 +32512)    ; R1_w=scalar() R5=map_value(map=event_data_map,ks=4,vs=32528)
; u64 match_if_key_missing = policies_cfg->pid_filter_match_if_key_missing; @ filtering.h:238
148: (7b) *(u64 *)(r10 -160) = r1     ; R1_w=scalar(id=12) R10=fp0 fp-160_w=scalar(id=12)
149: (79) r1 = *(u64 *)(r5 +32400)    ; R1_w=scalar() R5=map_value(map=event_data_map,ks=4,vs=32528)
150: (7b) *(u64 *)(r10 -192) = r1     ; R1_w=scalar(id=13) R10=fp0 fp-192_w=scalar(id=13)
151: (79) r1 = *(u64 *)(r10 -144)     ; R1_w=scalar(id=9,smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff)) R10=fp0 fp-144_w=scalar(id=9,smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff))
152: (6b) *(u16 *)(r10 -72) = r1      ; R1_w=scalar(id=9,smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff)) R10=fp0 fp-72=????mmscalar(id=9,smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff))
153: (bf) r2 = r10                    ; R2_w=fp0 R10=fp0
154: (07) r2 += -72                   ; R2_w=fp-72
; return bpf_map_lookup_elem(outer_map, &version); @ filtering.h:36
155: (18) r1 = 0xffff9cc6a0f49800     ; R1_w=map_ptr(map=pid_filter_vers,ks=2,vs=4)
157: (85) call bpf_map_lookup_elem#1          ; R0=map_value_or_null(id=14,map=pid_filter_vers,ks=2,vs=4)
158: (79) r5 = *(u64 *)(r10 -104)     ; R5_w=map_value(map=event_data_map,ks=4,vs=32528) R10=fp0 fp-104=map_value(map=event_data_map,ks=4,vs=32528)
159: (bf) r4 = r0                     ; R0=map_value_or_null(id=14,map=pid_filter_vers,ks=2,vs=4) R4_w=map_value_or_null(id=14,map=pid_filter_vers,ks=2,vs=4)
; match_if_key_missing, filter_map, context->host_pid, max, min) | @ filtering.h:246
160: (61) r1 = *(u32 *)(r5 +36)       ; R1_w=scalar(smin=0,smax=umax=0xffffffff,var_off=(0x0; 0xffffffff)) R5_w=map_value(map=event_data_map,ks=4,vs=32528)
161: (7b) *(u64 *)(r10 -72) = r1      ; R1_w=scalar(id=15,smin=0,smax=umax=0xffffffff,var_off=(0x0; 0xffffffff)) R10=fp0 fp-72_w=scalar(id=15,smin=0,smax=umax=0xffffffff,var_off=(0x0; 0xffffffff))
162: (b7) r1 = -1                     ; R1_w=-1
163: (7b) *(u64 *)(r10 -176) = r1     ; R1_w=-1 R10=fp0 fp-176_w=-1
164: (b7) r7 = 0                      ; R7_w=0
; if (filter_map) { @ filtering.h:58
165: (15) if r4 == 0x0 goto pc+12     ; R4_w=map_ptr(ks=4,vs=16)
166: (bf) r2 = r10                    ; R2_w=fp0 R10=fp0
167: (07) r2 += -72                   ; R2_w=fp-72
; eq_t *equality = bpf_map_lookup_elem(filter_map, &value); @ filtering.h:59
168: (bf) r1 = r4                     ; R1_w=map_ptr(ks=4,vs=16) R4_w=map_ptr(ks=4,vs=16)
169: (7b) *(u64 *)(r10 -200) = r4     ; R4_w=map_ptr(ks=4,vs=16) R10=fp0 fp-200_w=map_ptr(ks=4,vs=16)
170: (85) call bpf_map_lookup_elem#1          ; R0=map_value_or_null(id=16,ks=4,vs=16)
171: (79) r4 = *(u64 *)(r10 -200)     ; R4_w=map_ptr(ks=4,vs=16) R10=fp0 fp-200=map_ptr(ks=4,vs=16)
172: (79) r5 = *(u64 *)(r10 -104)     ; R5_w=map_value(map=event_data_map,ks=4,vs=32528) R10=fp0 fp-104=map_value(map=event_data_map,ks=4,vs=32528)
; if (equality != NULL) { @ filtering.h:60
173: (15) if r0 == 0x0 goto pc+4      ; R0=map_value(ks=4,vs=16)
; equals_in_policies = equality->equals_in_policies; @ filtering.h:61
174: (79) r7 = *(u64 *)(r0 +0)        ; R0=map_value(ks=4,vs=16) R7_w=scalar()
; key_used_in_policies = equality->key_used_in_policies; @ filtering.h:62
175: (79) r1 = *(u64 *)(r0 +8)        ; R0=map_value(ks=4,vs=16) R1_w=scalar()
; return equals_in_policies | (match_if_key_missing & ~key_used_in_policies); @ filtering.h:72
176: (a7) r1 ^= -1                    ; R1_w=scalar()
177: (7b) *(u64 *)(r10 -176) = r1     ; R1_w=scalar(id=17) R10=fp0 fp-176_w=scalar(id=17)
178: (79) r3 = *(u64 *)(r10 -160)     ; R3_w=scalar(id=12) R10=fp0 fp-160=scalar(id=12)
; if ((max != FILTER_MAX_NOT_SET) && (value >= max)) @ filtering.h:66
179: (07) r3 += -1                    ; R3_w=scalar()
180: (79) r1 = *(u64 *)(r10 -72)      ; R1_w=scalar() R10=fp0 fp-72=mmmmmmmm
181: (ad) if r3 < r1 goto pc+9        ; R1_w=scalar() R3_w=scalar()
; if ((min != FILTER_MIN_NOT_SET) && (value <= min)) @ filtering.h:69
182: (79) r2 = *(u64 *)(r10 -168)     ; R2=scalar(id=11) R10=fp0 fp-168=scalar(id=11)
183: (15) if r2 == 0xffffffff goto pc+2       ; R2=scalar(id=11,umax=0xfffffffffffffffe)
184: (79) r2 = *(u64 *)(r10 -168)     ; R2_w=scalar(id=11,umax=0xfffffffffffffffe) R10=fp0 fp-168=scalar(id=11,umax=0xfffffffffffffffe)
185: (bd) if r1 <= r2 goto pc+5       ; R1=scalar(umin=1) R2_w=scalar(id=11,umax=0xfffffffffffffffe)
; return equals_in_policies | (match_if_key_missing & ~key_used_in_policies); @ filtering.h:72
186: (79) r1 = *(u64 *)(r10 -192)     ; R1_w=scalar(id=13) R10=fp0 fp-192=scalar(id=13)
187: (79) r2 = *(u64 *)(r10 -176)     ; R2_w=scalar(id=17) R10=fp0 fp-176=scalar(id=17)
188: (5f) r2 &= r1                    ; R1_w=scalar(id=13) R2_w=scalar()
189: (4f) r2 |= r7                    ; R2_w=scalar() R7=scalar()
190: (bf) r7 = r2                     ; R2=scalar(id=18) R7=scalar(id=18)
; match_if_key_missing, filter_map, context->host_tid, max, min) | @ filtering.h:248
191: (61) r1 = *(u32 *)(r6 +0)        ; R1_w=scalar(smin=0,smax=umax=0xffffffff,var_off=(0x0; 0xffffffff)) R6=map_value(map=event_data_map,ks=4,vs=32528,off=40)
192: (7b) *(u64 *)(r10 -72) = r1      ; R1_w=scalar(id=19,smin=0,smax=umax=0xffffffff,var_off=(0x0; 0xffffffff)) R10=fp0 fp-72_w=scalar(id=19,smin=0,smax=umax=0xffffffff,var_off=(0x0; 0xffffffff))
193: (b7) r6 = -1                     ; R6_w=-1
194: (b7) r1 = 0                      ; R1_w=0
; if (filter_map) { @ filtering.h:58
195: (7b) *(u64 *)(r10 -176) = r1     ; R1_w=0 R10=fp0 fp-176_w=0
196: (15) if r4 == 0x0 goto pc+12     ; R4=map_ptr(ks=4,vs=16)
197: (bf) r2 = r10                    ; R2_w=fp0 R10=fp0
198: (07) r2 += -72                   ; R2_w=fp-72
; eq_t *equality = bpf_map_lookup_elem(filter_map, &value); @ filtering.h:59
199: (bf) r1 = r4                     ; R1_w=map_ptr(ks=4,vs=16) R4=map_ptr(ks=4,vs=16)
200: (7b) *(u64 *)(r10 -160) = r3     ; R3=scalar(id=20) R10=fp0 fp-160_w=scalar(id=20)
201: (85) call bpf_map_lookup_elem#1          ; R0=map_value_or_null(id=21,ks=4,vs=16)
202: (79) r3 = *(u64 *)(r10 -160)     ; R3_w=scalar(id=20) R10=fp0 fp-160=scalar(id=20)
203: (79) r5 = *(u64 *)(r10 -104)     ; R5_w=map_value(map=event_data_map,ks=4,vs=32528) R10=fp0 fp-104=map_value(map=event_data_map,ks=4,vs=32528)
; if (equality != NULL) { @ filtering.h:60
204: (15) if r0 == 0x0 goto pc+4      ; R0=map_value(ks=4,vs=16)
; equals_in_policies = equality->equals_in_policies; @ filtering.h:61
205: (79) r1 = *(u64 *)(r0 +0)        ; R0=map_value(ks=4,vs=16) R1_w=scalar()
; key_used_in_policies = equality->key_used_in_policies; @ filtering.h:62
206: (7b) *(u64 *)(r10 -176) = r1     ; R1_w=scalar(id=22) R10=fp0 fp-176_w=scalar(id=22)
207: (79) r6 = *(u64 *)(r0 +8)        ; R0=map_value(ks=4,vs=16) R6_w=scalar()
; return equals_in_policies | (match_if_key_missing & ~key_used_in_policies); @ filtering.h:72
208: (a7) r6 ^= -1                    ; R6_w=scalar()
209: (79) r2 = *(u64 *)(r10 -184)     ; R2_w=scalar(id=10,umin=1) R10=fp0 fp-184=scalar(id=10,umin=1)
210: (a7) r2 ^= -1                    ; R2_w=scalar()
211: (79) r1 = *(u64 *)(r10 -72)      ; R1_w=scalar() R10=fp0 fp-72=mmmmmmmm
212: (79) r4 = *(u64 *)(r10 -176)     ; R4_w=scalar(id=22) R10=fp0 fp-176_w=scalar(id=22)
; if ((max != FILTER_MAX_NOT_SET) && (value >= max)) @ filtering.h:66
213: (ad) if r3 < r1 goto pc+8        ; R1_w=scalar() R3_w=scalar(id=20)
; if ((min != FILTER_MIN_NOT_SET) && (value <= min)) @ filtering.h:69
214: (79) r3 = *(u64 *)(r10 -168)     ; R3=scalar(id=11,umax=0xfffffffffffffffe) R10=fp0 fp-168=scalar(id=11,umax=0xfffffffffffffffe)
215: (15) if r3 == 0xffffffff goto pc+2       ; R3=scalar(id=11,umax=0xfffffffffffffffe)
216: (79) r3 = *(u64 *)(r10 -168)     ; R3_w=scalar(id=11,umax=0xfffffffffffffffe) R10=fp0 fp-168=scalar(id=11,umax=0xfffffffffffffffe)
217: (bd) if r1 <= r3 goto pc+4       ; R1=scalar(umin=1) R3_w=scalar(id=11,umax=0xfffffffffffffffe)
; return equals_in_policies | (match_if_key_missing & ~key_used_in_policies); @ filtering.h:72
218: (79) r1 = *(u64 *)(r10 -192)     ; R1_w=scalar(id=13) R10=fp0 fp-192=scalar(id=13)
219: (5f) r6 &= r1                    ; R1_w=scalar(id=13) R6_w=scalar()
220: (4f) r6 |= r4                    ; R4=scalar(id=22) R6_w=scalar()
221: (bf) r4 = r6                     ; R4_w=scalar(id=23) R6_w=scalar(id=23)
; match_if_key_missing, filter_map, context->host_pid, max, min) | @ filtering.h:246
222: (4f) r7 |= r2                    ; R2=scalar() R7_w=scalar()
; match_if_key_missing, filter_map, context->host_tid, max, min) | @ filtering.h:248
223: (4f) r7 |= r4                    ; R4_w=scalar(id=23) R7_w=scalar()
; res &= uint_filter_range_matches( @ filtering.h:245
224: (79) r1 = *(u64 *)(r10 -136)     ; R1_w=scalar(id=8) R10=fp0 fp-136=scalar(id=8)
225: (5f) r7 &= r1                    ; R1_w=scalar(id=8) R7_w=scalar()
226: (bf) r4 = r7                     ; R4=scalar(id=24) R7=scalar(id=24)
; if (policies_cfg->uid_filter_enabled) { @ filtering.h:252
227: (79) r1 = *(u64 *)(r5 +32288)    ; R1_w=scalar() R5=map_value(map=event_data_map,ks=4,vs=32528)
228: (15) if r1 == 0x0 goto pc+57     ; R1_w=scalar(umin=1)
229: (7b) *(u64 *)(r10 -136) = r4     ; R4=scalar(id=24) R10=fp0 fp-136_w=scalar(id=24)
; context->uid = bpf_get_current_uid_gid(); @ filtering.h:253
230: (85) call bpf_get_current_uid_gid#15     ; R0_w=scalar()
231: (79) r1 = *(u64 *)(r10 -104)     ; R1_w=map_value(map=event_data_map,ks=4,vs=32528) R10=fp0 fp-104=map_value(map=event_data_map,ks=4,vs=32528)
232: (63) *(u32 *)(r1 +48) = r0       ; R0_w=scalar() R1_w=map_value(map=event_data_map,ks=4,vs=32528)
; u64 match_if_key_missing = policies_cfg->uid_filter_match_if_key_missing; @ filtering.h:254
233: (79) r1 = *(u64 *)(r10 -104)     ; R1_w=map_value(map=event_data_map,ks=4,vs=32528) R10=fp0 fp-104=map_value(map=event_data_map,ks=4,vs=32528)
234: (79) r1 = *(u64 *)(r1 +32392)    ; R1_w=scalar()
; u64 max = policies_cfg->uid_max; @ filtering.h:256
235: (7b) *(u64 *)(r10 -184) = r1     ; R1_w=scalar(id=25) R10=fp0 fp-184_w=scalar(id=25)
236: (79) r1 = *(u64 *)(r10 -104)     ; R1_w=map_value(map=event_data_map,ks=4,vs=32528) R10=fp0 fp-104=map_value(map=event_data_map,ks=4,vs=32528)
237: (79) r6 = *(u64 *)(r1 +32496)    ; R1_w=map_value(map=event_data_map,ks=4,vs=32528) R6_w=scalar()
; u64 min = policies_cfg->uid_min; @ filtering.h:257
238: (79) r1 = *(u64 *)(r10 -104)     ; R1_w=map_value(map=event_data_map,ks=4,vs=32528) R10=fp0 fp-104=map_value(map=event_data_map,ks=4,vs=32528)
239: (79) r1 = *(u64 *)(r1 +32504)    ; R1_w=scalar()
; u64 mask = ~policies_cfg->uid_filter_enabled; @ filtering.h:255
240: (7b) *(u64 *)(r10 -168) = r1     ; R1_w=scalar(id=26) R10=fp0 fp-168_w=scalar(id=26)
241: (79) r1 = *(u64 *)(r10 -104)     ; R1_w=map_value(map=event_data_map,ks=4,vs=32528) R10=fp0 fp-104=map_value(map=event_data_map,ks=4,vs=32528)
242: (79) r1 = *(u64 *)(r1 +32288)    ; R1_w=scalar()
243: (7b) *(u64 *)(r10 -160) = r1     ; R1_w=scalar(id=27) R10=fp0 fp-160_w=scalar(id=27)
244: (79) r1 = *(u64 *)(r10 -144)     ; R1_w=scalar(id=9,smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff)) R10=fp0 fp-144=scalar(id=9,smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff))
245: (6b) *(u16 *)(r10 -72) = r1      ; R1_w=scalar(id=9,smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff)) R10=fp0 fp-72=mmmmmmscalar(id=9,smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff))
246: (bf) r2 = r10                    ; R2_w=fp0 R10=fp0
247: (07) r2 += -72                   ; R2_w=fp-72
; return bpf_map_lookup_elem(outer_map, &version); @ filtering.h:36
248: (18) r1 = 0xffff9cc69b847000     ; R1_w=map_ptr(map=uid_filter_vers,ks=2,vs=4)
250: (85) call bpf_map_lookup_elem#1          ; R0=map_value_or_null(id=28,map=uid_filter_vers,ks=2,vs=4)
251: (79) r5 = *(u64 *)(r10 -104)     ; R5_w=map_value(map=event_data_map,ks=4,vs=32528) R10=fp0 fp-104=map_value(map=event_data_map,ks=4,vs=32528)
; res &= uint_filter_range_matches(match_if_key_missing, filter_map, context->uid, max, min) | @ filtering.h:260
252: (61) r1 = *(u32 *)(r5 +48)       ; R1_w=scalar(smin=0,smax=umax=0xffffffff,var_off=(0x0; 0xffffffff)) R5_w=map_value(map=event_data_map,ks=4,vs=32528)
253: (7b) *(u64 *)(r10 -72) = r1      ; R1_w=scalar(id=29,smin=0,smax=umax=0xffffffff,var_off=(0x0; 0xffffffff)) R10=fp0 fp-72_w=scalar(id=29,smin=0,smax=umax=0xffffffff,var_off=(0x0; 0xffffffff))
254: (b7) r1 = -1                     ; R1_w=-1
255: (7b) *(u64 *)(r10 -176) = r1     ; R1_w=-1 R10=fp0 fp-176_w=-1
256: (b7) r7 = 0                      ; R7_w=0
; if (filter_map) { @ filtering.h:58
257: (15) if r0 == 0x0 goto pc+10     ; R0=map_ptr(ks=4,vs=16)
258: (bf) r2 = r10                    ; R2_w=fp0 R10=fp0
259: (07) r2 += -72                   ; R2_w=fp-72
; eq_t *equality = bpf_map_lookup_elem(filter_map, &value); @ filtering.h:59
260: (bf) r1 = r0                     ; R0=map_ptr(ks=4,vs=16) R1_w=map_ptr(ks=4,vs=16)
261: (85) call bpf_map_lookup_elem#1          ; R0=map_value_or_null(id=30,ks=4,vs=16)
262: (79) r5 = *(u64 *)(r10 -104)     ; R5_w=map_value(map=event_data_map,ks=4,vs=32528) R10=fp0 fp-104=map_value(map=event_data_map,ks=4,vs=32528)
; if (equality != NULL) { @ filtering.h:60
263: (15) if r0 == 0x0 goto pc+4      ; R0=map_value(ks=4,vs=16)
; equals_in_policies = equality->equals_in_policies; @ filtering.h:61
264: (79) r7 = *(u64 *)(r0 +0)        ; R0=map_value(ks=4,vs=16) R7_w=scalar()
; key_used_in_policies = equality->key_used_in_policies; @ filtering.h:62
265: (79) r1 = *(u64 *)(r0 +8)        ; R0=map_value(ks=4,vs=16) R1_w=scalar()
; return equals_in_policies | (match_if_key_missing & ~key_used_in_policies); @ filtering.h:72
266: (a7) r1 ^= -1                    ; R1_w=scalar()
267: (7b) *(u64 *)(r10 -176) = r1     ; R1_w=scalar(id=31) R10=fp0 fp-176_w=scalar(id=31)
268: (79) r3 = *(u64 *)(r10 -160)     ; R3_w=scalar(id=27) R10=fp0 fp-160=scalar(id=27)
269: (a7) r3 ^= -1                    ; R3_w=scalar()
270: (79) r1 = *(u64 *)(r10 -72)      ; R1_w=scalar() R10=fp0 fp-72=mmmmmmmm
; if ((max != FILTER_MAX_NOT_SET) && (value >= max)) @ filtering.h:66
271: (07) r6 += -1                    ; R6_w=scalar()
272: (79) r2 = *(u64 *)(r10 -136)     ; R2_w=scalar(id=24) R10=fp0 fp-136=scalar(id=24)
273: (ad) if r6 < r1 goto pc+9        ; R1_w=scalar() R6_w=scalar()
; if ((min != FILTER_MIN_NOT_SET) && (value <= min)) @ filtering.h:69
274: (79) r4 = *(u64 *)(r10 -168)     ; R4=scalar(id=26) R10=fp0 fp-168=scalar(id=26)
275: (15) if r4 == 0xffffffff goto pc+2       ; R4=scalar(id=26,umax=0xfffffffffffffffe)
276: (79) r4 = *(u64 *)(r10 -168)     ; R4_w=scalar(id=26,umax=0xfffffffffffffffe) R10=fp0 fp-168=scalar(id=26,umax=0xfffffffffffffffe)
277: (bd) if r1 <= r4 goto pc+5       ; R1=scalar(umin=1) R4_w=scalar(id=26,umax=0xfffffffffffffffe)
; return equals_in_policies | (match_if_key_missing & ~key_used_in_policies); @ filtering.h:72
278: (79) r1 = *(u64 *)(r10 -184)     ; R1_w=scalar(id=25) R10=fp0 fp-184=scalar(id=25)
279: (79) r4 = *(u64 *)(r10 -176)     ; R4_w=scalar(id=31) R10=fp0 fp-176=scalar(id=31)
280: (5f) r4 &= r1                    ; R1_w=scalar(id=25) R4_w=scalar()
281: (4f) r4 |= r7                    ; R4_w=scalar() R7=scalar()
282: (bf) r7 = r4                     ; R4=scalar(id=32) R7=scalar(id=32)
; res &= uint_filter_range_matches(match_if_key_missing, filter_map, context->uid, max, min) | @ filtering.h:260
283: (4f) r7 |= r3                    ; R3=scalar() R7_w=scalar()
284: (5f) r7 &= r2                    ; R2=scalar(id=24) R7_w=scalar()
285: (bf) r4 = r7                     ; R4_w=scalar(id=33) R7_w=scalar(id=33)
; if (policies_cfg->mnt_ns_filter_enabled) { @ filtering.h:264
286: (79) r1 = *(u64 *)(r5 +32304)    ; R1_w=scalar() R5=map_value(map=event_data_map,ks=4,vs=32528)
287: (15) if r1 == 0x0 goto pc+56     ; R1_w=scalar(umin=1)
288: (7b) *(u64 *)(r10 -136) = r4     ; R4_w=scalar(id=33) R10=fp0 fp-136_w=scalar(id=33)
289: (b7) r1 = 3384                   ; R1_w=3384
; context->mnt_id = get_task_mnt_ns_id(p->event->task); @ filtering.h:265
290: (79) r3 = *(u64 *)(r5 +32216)    ; R3_w=scalar() R5=map_value(map=event_data_map,ks=4,vs=32528)
291: (0f) r3 += r1                    ; R1_w=3384 R3_w=scalar()
292: (bf) r1 = r10                    ; R1_w=fp0 R10=fp0
293: (07) r1 += -72                   ; R1_w=fp-72
; return get_mnt_ns_id(BPF_CORE_READ(task, nsproxy)); @ task.h:66
294: (b7) r2 = 8                      ; R2_w=8
295: (bf) r6 = r5                     ; R5=map_value(map=event_data_map,ks=4,vs=32528) R6_w=map_value(map=event_data_map,ks=4,vs=32528)
296: (85) call bpf_probe_read_kernel#113      ; R0=scalar() fp-72=mmmmmmmm
297: (b7) r1 = 24                     ; R1_w=24
298: (79) r3 = *(u64 *)(r10 -72)      ; R3_w=scalar() R10=fp0 fp-72=mmmmmmmm
299: (0f) r3 += r1                    ; R1_w=24 R3_w=scalar()
300: (bf) r1 = r10                    ; R1_w=fp0 R10=fp0
301: (07) r1 += -72                   ; R1_w=fp-72
; return BPF_CORE_READ(ns, mnt_ns, ns.inum); @ namespaces.h:21
302: (b7) r2 = 8                      ; R2_w=8
303: (85) call bpf_probe_read_kernel#113      ; R0_w=scalar() fp-72=mmmmmmmm
304: (b7) r1 = 16                     ; R1_w=16
305: (79) r3 = *(u64 *)(r10 -72)      ; R3_w=scalar() R10=fp0 fp-72=mmmmmmmm
306: (0f) r3 += r1                    ; R1_w=16 R3_w=scalar()
307: (bf) r1 = r10                    ; R1_w=fp0 R10=fp0
308: (07) r1 += -76                   ; R1_w=fp-76
309: (b7) r2 = 4                      ; R2_w=4
310: (85) call bpf_probe_read_kernel#113      ; R0=scalar() fp-80=mmmm????
311: (61) r1 = *(u32 *)(r10 -76)      ; R1_w=scalar(smin=0,smax=umax=0xffffffff,var_off=(0x0; 0xffffffff)) R10=fp0 fp-80=mmmm????
; context->mnt_id = get_task_mnt_ns_id(p->event->task); @ filtering.h:265
312: (63) *(u32 *)(r6 +52) = r1       ; R1_w=scalar(smin=0,smax=umax=0xffffffff,var_off=(0x0; 0xffffffff)) R6=map_value(map=event_data_map,ks=4,vs=32528)
; u64 match_if_key_missing = policies_cfg->mnt_ns_filter_match_if_key_missing; @ filtering.h:266
313: (79) r1 = *(u64 *)(r6 +32408)    ; R1_w=scalar() R6=map_value(map=event_data_map,ks=4,vs=32528)
; u64 mask = ~policies_cfg->mnt_ns_filter_enabled; @ filtering.h:267
314: (7b) *(u64 *)(r10 -160) = r1     ; R1_w=scalar(id=34) R10=fp0 fp-160_w=scalar(id=34)
315: (79) r6 = *(u64 *)(r6 +32304)    ; R6_w=scalar()
316: (79) r1 = *(u64 *)(r10 -144)     ; R1_w=scalar(id=9,smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff)) R10=fp0 fp-144=scalar(id=9,smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff))
317: (6b) *(u16 *)(r10 -72) = r1      ; R1_w=scalar(id=9,smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff)) R10=fp0 fp-72=mmmmmmscalar(id=9,smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff))
318: (bf) r2 = r10                    ; R2_w=fp0 R10=fp0
319: (07) r2 += -72                   ; R2_w=fp-72
; return bpf_map_lookup_elem(outer_map, &version); @ filtering.h:36
320: (18) r1 = 0xffff9cc6a0f49400     ; R1_w=map_ptr(map=mnt_ns_filter_v,ks=2,vs=4)
322: (85) call bpf_map_lookup_elem#1          ; R0_w=map_value_or_null(id=35,map=mnt_ns_filter_v,ks=2,vs=4)
323: (b7) r2 = 0                      ; R2_w=0
324: (b7) r7 = -1                     ; R7_w=-1
; u64 mask = ~policies_cfg->mnt_ns_filter_enabled; @ filtering.h:267
325: (a7) r6 ^= -1                    ; R6_w=scalar()
; if (filter_map) { @ filtering.h:144
326: (15) if r0 == 0x0 goto pc+9      ; R0_w=map_ptr(ks=4,vs=16)
327: (79) r2 = *(u64 *)(r10 -96)      ; R2_w=map_value(map=event_data_map,ks=4,vs=32528) R10=fp0 fp-96=map_value(map=event_data_map,ks=4,vs=32528)
328: (07) r2 += 52                    ; R2_w=map_value(map=event_data_map,ks=4,vs=32528,off=52)
; eq_t *equality = bpf_map_lookup_elem(filter_map, key); @ filtering.h:145
329: (bf) r1 = r0                     ; R0_w=map_ptr(ks=4,vs=16) R1_w=map_ptr(ks=4,vs=16)
330: (85) call bpf_map_lookup_elem#1          ; R0=map_value_or_null(id=36,ks=4,vs=16)
331: (b7) r2 = 0                      ; R2_w=0
; if (equality != NULL) { @ filtering.h:146
332: (15) if r0 == 0x0 goto pc+3      ; R0=map_value(ks=4,vs=16)
; equals_in_policies = equality->equals_in_policies; @ filtering.h:147
333: (79) r2 = *(u64 *)(r0 +0)        ; R0=map_value(ks=4,vs=16) R2_w=scalar()
; key_used_in_policies = equality->key_used_in_policies; @ filtering.h:148
334: (79) r7 = *(u64 *)(r0 +8)        ; R0=map_value(ks=4,vs=16) R7_w=scalar()
; return equals_in_policies | (match_if_key_missing & ~key_used_in_policies); @ filtering.h:155
335: (a7) r7 ^= -1                    ; R7_w=scalar()
336: (79) r1 = *(u64 *)(r10 -160)     ; R1_w=scalar(id=34) R10=fp0 fp-160=scalar(id=34)
337: (5f) r7 &= r1                    ; R1_w=scalar(id=34) R7_w=scalar()
338: (4f) r7 |= r6                    ; R6=scalar() R7_w=scalar()
; res &= equality_filter_matches(match_if_key_missing, filter_map, &context->mnt_id) | mask; @ filtering.h:270
339: (4f) r7 |= r2                    ; R2_w=scalar() R7_w=scalar()
340: (79) r1 = *(u64 *)(r10 -136)     ; R1_w=scalar(id=33) R10=fp0 fp-136=scalar(id=33)
341: (5f) r7 &= r1                    ; R1_w=scalar(id=33) R7_w=scalar()
342: (bf) r4 = r7                     ; R4_w=scalar(id=37) R7_w=scalar(id=37)
343: (79) r5 = *(u64 *)(r10 -104)     ; R5_w=map_value(map=event_data_map,ks=4,vs=32528) R10=fp0 fp-104=map_value(map=event_data_map,ks=4,vs=32528)
; if (policies_cfg->pid_ns_filter_enabled) { @ filtering.h:273
344: (79) r1 = *(u64 *)(r5 +32312)    ; R1_w=scalar() R5_w=map_value(map=event_data_map,ks=4,vs=32528)
345: (15) if r1 == 0x0 goto pc+73     ; R1_w=scalar(umin=1)
346: (7b) *(u64 *)(r10 -136) = r4     ; R4_w=scalar(id=37) R10=fp0 fp-136_w=scalar(id=37)
; context->pid_id = get_task_pid_ns_id(p->event->task); @ filtering.h:274
347: (79) r3 = *(u64 *)(r5 +32216)    ; R3_w=scalar() R5_w=map_value(map=event_data_map,ks=4,vs=32528)
348: (b7) r1 = 0                      ; R1=0
; if (bpf_core_type_exists(struct pid_link)) { @ task.h:80
349: (15) if r1 == 0x0 goto pc+2      ; R1=0
352: (b7) r1 = 2856                   ; R1_w=2856
353: (0f) r3 += r1                    ; R1_w=2856 R3_w=scalar()
354: (bf) r1 = r10                    ; R1_w=fp0 R10=fp0
355: (07) r1 += -72                   ; R1_w=fp-72
356: (b7) r2 = 8                      ; R2_w=8
357: (85) call bpf_probe_read_kernel#113      ; R0_w=scalar() fp-72=mmmmmmmm
358: (79) r6 = *(u64 *)(r10 -72)      ; R6_w=scalar() R10=fp0 fp-72=mmmmmmmm
359: (b7) r1 = 4                      ; R1_w=4
360: (bf) r3 = r6                     ; R3_w=scalar(id=38) R6_w=scalar(id=38)
361: (0f) r3 += r1                    ; R1_w=4 R3_w=scalar(id=38+4)
362: (bf) r1 = r10                    ; R1_w=fp0 R10=fp0
363: (07) r1 += -72                   ; R1_w=fp-72
; level = BPF_CORE_READ(pid, level); @ task.h:87
364: (b7) r2 = 4                      ; R2_w=4
365: (85) call bpf_probe_read_kernel#113      ; R0=scalar() fp-72=mmmmmmmm
366: (b7) r1 = 112                    ; R1_w=112
367: (0f) r6 += r1                    ; R1_w=112 R6_w=scalar(id=38+112)
368: (61) r1 = *(u32 *)(r10 -72)      ; R1_w=scalar(smin=0,smax=umax=0xffffffff,var_off=(0x0; 0xffffffff)) R10=fp0 fp-72=mmmmmmmm
; ns = BPF_CORE_READ(pid, numbers[level].ns); @ task.h:88
369: (67) r1 <<= 4                    ; R1_w=scalar(smin=0,smax=umax=0xffffffff0,smax32=0x7ffffff0,umax32=0xfffffff0,var_off=(0x0; 0xffffffff0))
370: (0f) r6 += r1                    ; R1_w=scalar(smin=0,smax=umax=0xffffffff0,smax32=0x7ffffff0,umax32=0xfffffff0,var_off=(0x0; 0xffffffff0)) R6_w=scalar()
371: (b7) r1 = 8                      ; R1_w=8
372: (0f) r6 += r1                    ; R1_w=8 R6_w=scalar()
373: (bf) r1 = r10                    ; R1_w=fp0 R10=fp0
374: (07) r1 += -72                   ; R1_w=fp-72
375: (b7) r2 = 8                      ; R2_w=8
376: (bf) r3 = r6                     ; R3_w=scalar(id=39) R6_w=scalar(id=39)
377: (85) call bpf_probe_read_kernel#113      ; R0_w=scalar() fp-72=mmmmmmmm
378: (b7) r1 = 128                    ; R1_w=128
379: (79) r3 = *(u64 *)(r10 -72)      ; R3_w=scalar() R10=fp0 fp-72=mmmmmmmm
380: (0f) r3 += r1                    ; R1_w=128 R3_w=scalar()
381: (bf) r1 = r10                    ; R1_w=fp0 R10=fp0
382: (07) r1 += -72                   ; R1_w=fp-72
; return BPF_CORE_READ(ns, ns.inum); @ task.h:89
383: (b7) r2 = 4                      ; R2_w=4
384: (85) call bpf_probe_read_kernel#113      ; R0=scalar() fp-72=mmmmmmmm
385: (61) r1 = *(u32 *)(r10 -72)      ; R1_w=scalar(smin=0,smax=umax=0xffffffff,var_off=(0x0; 0xffffffff)) R10=fp0 fp-72=mmmmmmmm
386: (79) r2 = *(u64 *)(r10 -104)     ; R2_w=map_value(map=event_data_map,ks=4,vs=32528) R10=fp0 fp-104=map_value(map=event_data_map,ks=4,vs=32528)
; context->pid_id = get_task_pid_ns_id(p->event->task); @ filtering.h:274
387: (63) *(u32 *)(r2 +56) = r1       ; R1_w=scalar(smin=0,smax=umax=0xffffffff,var_off=(0x0; 0xffffffff)) R2_w=map_value(map=event_data_map,ks=4,vs=32528)
; u64 match_if_key_missing = policies_cfg->pid_ns_filter_match_if_key_missing; @ filtering.h:275
388: (79) r1 = *(u64 *)(r2 +32416)    ; R1_w=scalar() R2_w=map_value(map=event_data_map,ks=4,vs=32528)
; u64 mask = ~policies_cfg->pid_ns_filter_enabled; @ filtering.h:276
389: (7b) *(u64 *)(r10 -160) = r1     ; R1_w=scalar(id=40) R10=fp0 fp-160_w=scalar(id=40)
390: (79) r6 = *(u64 *)(r2 +32312)    ; R2_w=map_value(map=event_data_map,ks=4,vs=32528) R6_w=scalar()
391: (79) r1 = *(u64 *)(r10 -144)     ; R1_w=scalar(id=9,smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff)) R10=fp0 fp-144=scalar(id=9,smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff))
392: (6b) *(u16 *)(r10 -72) = r1      ; R1_w=scalar(id=9,smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff)) R10=fp0 fp-72=mmmmmmscalar(id=9,smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff))
393: (bf) r2 = r10                    ; R2_w=fp0 R10=fp0
394: (07) r2 += -72                   ; R2_w=fp-72
; return bpf_map_lookup_elem(outer_map, &version); @ filtering.h:36
395: (18) r1 = 0xffff9cc6a0f48000     ; R1_w=map_ptr(map=pid_ns_filter_v,ks=2,vs=4)
397: (85) call bpf_map_lookup_elem#1          ; R0_w=map_value_or_null(id=41,map=pid_ns_filter_v,ks=2,vs=4)
398: (b7) r2 = 0                      ; R2_w=0
399: (b7) r7 = -1                     ; R7_w=-1
; u64 mask = ~policies_cfg->pid_ns_filter_enabled; @ filtering.h:276
400: (a7) r6 ^= -1                    ; R6_w=scalar()
; if (filter_map) { @ filtering.h:144
401: (15) if r0 == 0x0 goto pc+9      ; R0_w=map_ptr(ks=4,vs=16)
402: (79) r2 = *(u64 *)(r10 -96)      ; R2_w=map_value(map=event_data_map,ks=4,vs=32528) R10=fp0 fp-96=map_value(map=event_data_map,ks=4,vs=32528)
403: (07) r2 += 56                    ; R2_w=map_value(map=event_data_map,ks=4,vs=32528,off=56)
; eq_t *equality = bpf_map_lookup_elem(filter_map, key); @ filtering.h:145
404: (bf) r1 = r0                     ; R0_w=map_ptr(ks=4,vs=16) R1_w=map_ptr(ks=4,vs=16)
405: (85) call bpf_map_lookup_elem#1          ; R0=map_value_or_null(id=42,ks=4,vs=16)
406: (b7) r2 = 0                      ; R2_w=0
; if (equality != NULL) { @ filtering.h:146
407: (15) if r0 == 0x0 goto pc+3      ; R0=map_value(ks=4,vs=16)
; equals_in_policies = equality->equals_in_policies; @ filtering.h:147
408: (79) r2 = *(u64 *)(r0 +0)        ; R0=map_value(ks=4,vs=16) R2_w=scalar()
; key_used_in_policies = equality->key_used_in_policies; @ filtering.h:148
409: (79) r7 = *(u64 *)(r0 +8)        ; R0=map_value(ks=4,vs=16) R7_w=scalar()
; return equals_in_policies | (match_if_key_missing & ~key_used_in_policies); @ filtering.h:155
410: (a7) r7 ^= -1                    ; R7_w=scalar()
411: (79) r1 = *(u64 *)(r10 -160)     ; R1_w=scalar(id=40) R10=fp0 fp-160=scalar(id=40)
412: (5f) r7 &= r1                    ; R1_w=scalar(id=40) R7_w=scalar()
413: (4f) r7 |= r6                    ; R6=scalar() R7_w=scalar()
; res &= equality_filter_matches(match_if_key_missing, filter_map, &context->pid_id) | mask; @ filtering.h:279
414: (4f) r7 |= r2                    ; R2_w=scalar() R7_w=scalar()
415: (79) r1 = *(u64 *)(r10 -136)     ; R1_w=scalar(id=37) R10=fp0 fp-136=scalar(id=37)
416: (5f) r7 &= r1                    ; R1_w=scalar(id=37) R7_w=scalar()
417: (bf) r4 = r7                     ; R4_w=scalar(id=43) R7_w=scalar(id=43)
418: (79) r5 = *(u64 *)(r10 -104)     ; R5_w=map_value(map=event_data_map,ks=4,vs=32528) R10=fp0 fp-104=map_value(map=event_data_map,ks=4,vs=32528)
; if (policies_cfg->uts_ns_filter_enabled) { @ filtering.h:282
419: (79) r1 = *(u64 *)(r5 +32320)    ; R1_w=scalar() R5_w=map_value(map=event_data_map,ks=4,vs=32528)
420: (15) if r1 == 0x0 goto pc+64     ; R1_w=scalar(umin=1)
421: (7b) *(u64 *)(r10 -168) = r9     ; R9=map_value(map=event_data_map,ks=4,vs=32528,off=36) R10=fp0 fp-168_w=map_value(map=event_data_map,ks=4,vs=32528,off=36)
422: (7b) *(u64 *)(r10 -136) = r4     ; R4_w=scalar(id=43) R10=fp0 fp-136_w=scalar(id=43)
423: (b7) r1 = 3384                   ; R1_w=3384
; char *uts_name = get_task_uts_name(p->event->task); @ filtering.h:283
424: (79) r3 = *(u64 *)(r5 +32216)    ; R3_w=scalar() R5_w=map_value(map=event_data_map,ks=4,vs=32528)
425: (0f) r3 += r1                    ; R1_w=3384 R3_w=scalar()
426: (bf) r1 = r10                    ; R1_w=fp0 R10=fp0
427: (07) r1 += -72                   ; R1_w=fp-72
; struct nsproxy *np = BPF_CORE_READ(task, nsproxy); @ task.h:148
428: (b7) r2 = 8                      ; R2_w=8
429: (bf) r9 = r5                     ; R5_w=map_value(map=event_data_map,ks=4,vs=32528) R9_w=map_value(map=event_data_map,ks=4,vs=32528)
430: (85) call bpf_probe_read_kernel#113      ; R0=scalar() fp-72=mmmmmmmm
431: (b7) r1 = 8                      ; R1_w=8
432: (79) r3 = *(u64 *)(r10 -72)      ; R3_w=scalar() R10=fp0 fp-72=mmmmmmmm
433: (0f) r3 += r1                    ; R1_w=8 R3_w=scalar()
434: (bf) r1 = r10                    ; R1_w=fp0 R10=fp0
435: (07) r1 += -72                   ; R1_w=fp-72
; struct uts_namespace *uts_ns = BPF_CORE_READ(np, uts_ns); @ task.h:149
436: (b7) r2 = 8                      ; R2_w=8
437: (85) call bpf_probe_read_kernel#113      ; R0_w=scalar() fp-72=mmmmmmmm
438: (b7) r1 = 65                     ; R1_w=65
439: (79) r3 = *(u64 *)(r10 -72)      ; R3_w=scalar() R10=fp0 fp-72=mmmmmmmm
440: (0f) r3 += r1                    ; R1_w=65 R3_w=scalar()
441: (bf) r7 = r10                    ; R7_w=fp0 R10=fp0
442: (07) r7 += -72                   ; R7_w=fp-72
; return BPF_CORE_READ(uts_ns, name.nodename); @ task.h:150
443: (bf) r1 = r7                     ; R1_w=fp-72 R7_w=fp-72
444: (b7) r2 = 65                     ; R2_w=65
445: (85) call bpf_probe_read_kernel#113      ; R0=scalar() fp-8=???????m fp-16=mmmmmmmm fp-24=mmmmmmmm fp-32=mmmmmmmm fp-40=mmmmmmmm fp-48=mmmmmmmm fp-56=mmmmmmmm fp-64=mmmmmmmm fp-72=mmmmmmmm
; bpf_probe_read_kernel_str(&context->uts_name, TASK_COMM_LEN, uts_name); @ filtering.h:285
446: (79) r6 = *(u64 *)(r10 -96)      ; R6_w=map_value(map=event_data_map,ks=4,vs=32528) R10=fp0 fp-96=map_value(map=event_data_map,ks=4,vs=32528)
447: (07) r6 += 76                    ; R6_w=map_value(map=event_data_map,ks=4,vs=32528,off=76)
448: (bf) r1 = r6                     ; R1_w=map_value(map=event_data_map,ks=4,vs=32528,off=76) R6_w=map_value(map=event_data_map,ks=4,vs=32528,off=76)
449: (b7) r2 = 16                     ; R2_w=16
450: (bf) r3 = r7                     ; R3_w=fp-72 R7=fp-72
451: (85) call bpf_probe_read_kernel_str#115          ; R0_w=scalar(smin=smin32=-4095,smax=smax32=16)
; u64 match_if_key_missing = policies_cfg->uts_ns_filter_match_if_key_missing; @ filtering.h:286
452: (79) r1 = *(u64 *)(r9 +32424)    ; R1_w=scalar() R9=map_value(map=event_data_map,ks=4,vs=32528)
; u64 mask = ~policies_cfg->uts_ns_filter_enabled; @ filtering.h:287
453: (7b) *(u64 *)(r10 -176) = r1     ; R1_w=scalar(id=44) R10=fp0 fp-176_w=scalar(id=44)
454: (79) r9 = *(u64 *)(r9 +32320)    ; R9_w=scalar()
455: (79) r1 = *(u64 *)(r10 -144)     ; R1_w=scalar(id=9,smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff)) R10=fp0 fp-144=scalar(id=9,smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff))
456: (6b) *(u16 *)(r10 -72) = r1      ; R1_w=scalar(id=9,smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff)) R10=fp0 fp-72=mmmmmmscalar(id=9,smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff))
457: (bf) r2 = r10                    ; R2_w=fp0 R10=fp0
458: (07) r2 += -72                   ; R2_w=fp-72
; return bpf_map_lookup_elem(outer_map, &version); @ filtering.h:36
459: (18) r1 = 0xffff9cc6a0f4cc00     ; R1_w=map_ptr(map=uts_ns_filter_v,ks=2,vs=4)
461: (85) call bpf_map_lookup_elem#1          ; R0=map_value_or_null(id=45,map=uts_ns_filter_v,ks=2,vs=4)
462: (b7) r2 = 0                      ; R2_w=0
463: (b7) r7 = -1                     ; R7_w=-1
; u64 mask = ~policies_cfg->uts_ns_filter_enabled; @ filtering.h:287
464: (a7) r9 ^= -1                    ; R9_w=scalar()
465: (7b) *(u64 *)(r10 -160) = r9     ; R9_w=scalar(id=46) R10=fp0 fp-160_w=scalar(id=46)
; if (filter_map) { @ filtering.h:144
466: (15) if r0 == 0x0 goto pc+8      ; R0=map_ptr(ks=16,vs=16)
; eq_t *equality = bpf_map_lookup_elem(filter_map, key); @ filtering.h:145
467: (bf) r1 = r0                     ; R0=map_ptr(ks=16,vs=16) R1_w=map_ptr(ks=16,vs=16)
468: (bf) r2 = r6                     ; R2_w=map_value(map=event_data_map,ks=4,vs=32528,off=76) R6=map_value(map=event_data_map,ks=4,vs=32528,off=76)
469: (85) call bpf_map_lookup_elem#1          ; R0=map_value_or_null(id=47,ks=16,vs=16)
470: (b7) r2 = 0                      ; R2_w=0
; if (equality != NULL) { @ filtering.h:146
471: (15) if r0 == 0x0 goto pc+3      ; R0=map_value(ks=16,vs=16)
; equals_in_policies = equality->equals_in_policies; @ filtering.h:147
472: (79) r2 = *(u64 *)(r0 +0)        ; R0=map_value(ks=16,vs=16) R2_w=scalar()
; key_used_in_policies = equality->key_used_in_policies; @ filtering.h:148
473: (79) r7 = *(u64 *)(r0 +8)        ; R0=map_value(ks=16,vs=16) R7_w=scalar()
; return equals_in_policies | (match_if_key_missing & ~key_used_in_policies); @ filtering.h:155
474: (a7) r7 ^= -1                    ; R7_w=scalar()
475: (79) r1 = *(u64 *)(r10 -176)     ; R1_w=scalar(id=44) R10=fp0 fp-176=scalar(id=44)
476: (5f) r7 &= r1                    ; R1_w=scalar(id=44) R7_w=scalar()
477: (79) r1 = *(u64 *)(r10 -160)     ; R1_w=scalar(id=46) R10=fp0 fp-160=scalar(id=46)
478: (4f) r7 |= r1                    ; R1_w=scalar(id=46) R7_w=scalar()
; res &= equality_filter_matches(match_if_key_missing, filter_map, &context->uts_name) | mask; @ filtering.h:290
479: (4f) r7 |= r2                    ; R2_w=scalar() R7_w=scalar()
480: (79) r1 = *(u64 *)(r10 -136)     ; R1_w=scalar(id=43) R10=fp0 fp-136=scalar(id=43)
481: (5f) r7 &= r1                    ; R1_w=scalar(id=43) R7_w=scalar()
482: (bf) r4 = r7                     ; R4_w=scalar(id=48) R7_w=scalar(id=48)
483: (79) r5 = *(u64 *)(r10 -104)     ; R5_w=map_value(map=event_data_map,ks=4,vs=32528) R10=fp0 fp-104=map_value(map=event_data_map,ks=4,vs=32528)
484: (79) r9 = *(u64 *)(r10 -168)     ; R9_w=map_value(map=event_data_map,ks=4,vs=32528,off=36) R10=fp0 fp-168=map_value(map=event_data_map,ks=4,vs=32528,off=36)
; if (policies_cfg->comm_filter_enabled) { @ filtering.h:293
485: (79) r1 = *(u64 *)(r5 +32328)    ; R1_w=scalar() R5_w=map_value(map=event_data_map,ks=4,vs=32528)
486: (15) if r1 == 0x0 goto pc+39     ; R1_w=scalar(umin=1)
487: (7b) *(u64 *)(r10 -136) = r4     ; R4_w=scalar(id=48) R10=fp0 fp-136_w=scalar(id=48)
; bpf_get_current_comm(&context->comm, sizeof(context->comm)); @ filtering.h:294
488: (79) r1 = *(u64 *)(r10 -96)      ; R1_w=map_value(map=event_data_map,ks=4,vs=32528) R10=fp0 fp-96=map_value(map=event_data_map,ks=4,vs=32528)
489: (07) r1 += 60                    ; R1_w=map_value(map=event_data_map,ks=4,vs=32528,off=60)
490: (7b) *(u64 *)(r10 -176) = r1     ; R1_w=map_value(map=event_data_map,ks=4,vs=32528,off=60) R10=fp0 fp-176_w=map_value(map=event_data_map,ks=4,vs=32528,off=60)
491: (b7) r2 = 16                     ; R2_w=16
492: (bf) r7 = r5                     ; R5_w=map_value(map=event_data_map,ks=4,vs=32528) R7_w=map_value(map=event_data_map,ks=4,vs=32528)
493: (85) call bpf_get_current_comm#16        ; R0=scalar()
; u64 match_if_key_missing = policies_cfg->comm_filter_match_if_key_missing; @ filtering.h:295
494: (79) r1 = *(u64 *)(r7 +32432)    ; R1_w=scalar() R7=map_value(map=event_data_map,ks=4,vs=32528)
; u64 mask = ~policies_cfg->comm_filter_enabled; @ filtering.h:296
495: (7b) *(u64 *)(r10 -168) = r1     ; R1_w=scalar(id=49) R10=fp0 fp-168_w=scalar(id=49)
496: (79) r6 = *(u64 *)(r7 +32328)    ; R6_w=scalar() R7=map_value(map=event_data_map,ks=4,vs=32528)
497: (79) r1 = *(u64 *)(r10 -144)     ; R1_w=scalar(id=9,smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff)) R10=fp0 fp-144=scalar(id=9,smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff))
498: (6b) *(u16 *)(r10 -72) = r1      ; R1_w=scalar(id=9,smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff)) R10=fp0 fp-72=mmmmmmscalar(id=9,smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff))
499: (bf) r2 = r10                    ; R2_w=fp0 R10=fp0
500: (07) r2 += -72                   ; R2_w=fp-72
; return bpf_map_lookup_elem(outer_map, &version); @ filtering.h:36
501: (18) r1 = 0xffff9cc6a0f48c00     ; R1_w=map_ptr(map=comm_filter_ver,ks=2,vs=4)
503: (85) call bpf_map_lookup_elem#1          ; R0_w=map_value_or_null(id=50,map=comm_filter_ver,ks=2,vs=4)
504: (b7) r2 = 0                      ; R2_w=0
505: (b7) r7 = -1                     ; R7_w=-1
; u64 mask = ~policies_cfg->comm_filter_enabled; @ filtering.h:296
506: (a7) r6 ^= -1                    ; R6_w=scalar()
507: (7b) *(u64 *)(r10 -160) = r6     ; R6_w=scalar(id=51) R10=fp0 fp-160_w=scalar(id=51)
; if (filter_map) { @ filtering.h:144
508: (15) if r0 == 0x0 goto pc+8      ; R0_w=map_ptr(ks=16,vs=16)
; eq_t *equality = bpf_map_lookup_elem(filter_map, key); @ filtering.h:145
509: (bf) r1 = r0                     ; R0_w=map_ptr(ks=16,vs=16) R1_w=map_ptr(ks=16,vs=16)
510: (79) r2 = *(u64 *)(r10 -176)     ; R2_w=map_value(map=event_data_map,ks=4,vs=32528,off=60) R10=fp0 fp-176=map_value(map=event_data_map,ks=4,vs=32528,off=60)
511: (85) call bpf_map_lookup_elem#1          ; R0=map_value_or_null(id=52,ks=16,vs=16)
512: (b7) r2 = 0                      ; R2_w=0
; if (equality != NULL) { @ filtering.h:146
513: (15) if r0 == 0x0 goto pc+3      ; R0=map_value(ks=16,vs=16)
; equals_in_policies = equality->equals_in_policies; @ filtering.h:147
514: (79) r2 = *(u64 *)(r0 +0)        ; R0=map_value(ks=16,vs=16) R2_w=scalar()
; key_used_in_policies = equality->key_used_in_policies; @ filtering.h:148
515: (79) r7 = *(u64 *)(r0 +8)        ; R0=map_value(ks=16,vs=16) R7_w=scalar()
; return equals_in_policies | (match_if_key_missing & ~key_used_in_policies); @ filtering.h:155
516: (a7) r7 ^= -1                    ; R7_w=scalar()
517: (79) r1 = *(u64 *)(r10 -168)     ; R1_w=scalar(id=49) R10=fp0 fp-168=scalar(id=49)
518: (5f) r7 &= r1                    ; R1_w=scalar(id=49) R7_w=scalar()
519: (79) r1 = *(u64 *)(r10 -160)     ; R1_w=scalar(id=51) R10=fp0 fp-160=scalar(id=51)
520: (4f) r7 |= r1                    ; R1_w=scalar(id=51) R7_w=scalar()
; res &= equality_filter_matches(match_if_key_missing, filter_map, &context->comm) | mask; @ filtering.h:299
521: (4f) r7 |= r2                    ; R2_w=scalar() R7_w=scalar()
522: (79) r1 = *(u64 *)(r10 -136)     ; R1_w=scalar(id=48) R10=fp0 fp-136=scalar(id=48)
523: (5f) r7 &= r1                    ; R1_w=scalar(id=48) R7_w=scalar()
524: (bf) r4 = r7                     ; R4_w=scalar(id=53) R7_w=scalar(id=53)
525: (79) r5 = *(u64 *)(r10 -104)     ; R5_w=map_value(map=event_data_map,ks=4,vs=32528) R10=fp0 fp-104=map_value(map=event_data_map,ks=4,vs=32528)
; if (policies_cfg->cgroup_id_filter_enabled) { @ filtering.h:302
526: (79) r6 = *(u64 *)(r5 +32336)    ; R5_w=map_value(map=event_data_map,ks=4,vs=32528) R6_w=scalar()
527: (15) if r6 == 0x0 goto pc+33     ; R6_w=scalar(umin=1)
528: (7b) *(u64 *)(r10 -136) = r4     ; R4_w=scalar(id=53) R10=fp0 fp-136_w=scalar(id=53)
; u32 cgroup_id_lsb = context->cgroup_id; @ filtering.h:303
529: (79) r1 = *(u64 *)(r5 +16)       ; R1_w=scalar() R5_w=map_value(map=event_data_map,ks=4,vs=32528)
530: (63) *(u32 *)(r10 -72) = r1      ; R1_w=scalar() R10=fp0 fp-72=mmmmscalar()
; u64 match_if_key_missing = policies_cfg->cgroup_id_filter_match_if_key_missing; @ filtering.h:304
531: (79) r1 = *(u64 *)(r5 +32440)    ; R1_w=scalar() R5_w=map_value(map=event_data_map,ks=4,vs=32528)
532: (7b) *(u64 *)(r10 -160) = r1     ; R1_w=scalar(id=54) R10=fp0 fp-160_w=scalar(id=54)
533: (79) r1 = *(u64 *)(r10 -144)     ; R1_w=scalar(id=9,smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff)) R10=fp0 fp-144=scalar(id=9,smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff))
534: (6b) *(u16 *)(r10 -76) = r1      ; R1_w=scalar(id=9,smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff)) R10=fp0 fp-80=mmmm????
535: (bf) r2 = r10                    ; R2_w=fp0 R10=fp0
536: (07) r2 += -76                   ; R2_w=fp-76
; return bpf_map_lookup_elem(outer_map, &version); @ filtering.h:36
537: (18) r1 = 0xffff9cc6a0f48800     ; R1_w=map_ptr(map=cgroup_id_filte,ks=2,vs=4)
539: (85) call bpf_map_lookup_elem#1          ; R0=map_value_or_null(id=55,map=cgroup_id_filte,ks=2,vs=4)
540: (b7) r2 = 0                      ; R2_w=0
541: (b7) r7 = -1                     ; R7_w=-1
; u64 mask = ~policies_cfg->cgroup_id_filter_enabled; @ filtering.h:305
542: (a7) r6 ^= -1                    ; R6_w=scalar()
; if (filter_map) { @ filtering.h:144
543: (15) if r0 == 0x0 goto pc+9      ; R0=map_ptr(ks=4,vs=16)
544: (bf) r2 = r10                    ; R2_w=fp0 R10=fp0
545: (07) r2 += -72                   ; R2_w=fp-72
; eq_t *equality = bpf_map_lookup_elem(filter_map, key); @ filtering.h:145
546: (bf) r1 = r0                     ; R0=map_ptr(ks=4,vs=16) R1_w=map_ptr(ks=4,vs=16)
547: (85) call bpf_map_lookup_elem#1          ; R0=map_value_or_null(id=56,ks=4,vs=16)
548: (b7) r2 = 0                      ; R2_w=0
; if (equality != NULL) { @ filtering.h:146
549: (15) if r0 == 0x0 goto pc+3      ; R0=map_value(ks=4,vs=16)
; equals_in_policies = equality->equals_in_policies; @ filtering.h:147
550: (79) r2 = *(u64 *)(r0 +0)        ; R0=map_value(ks=4,vs=16) R2_w=scalar()
; key_used_in_policies = equality->key_used_in_policies; @ filtering.h:148
551: (79) r7 = *(u64 *)(r0 +8)        ; R0=map_value(ks=4,vs=16) R7_w=scalar()
; return equals_in_policies | (match_if_key_missing & ~key_used_in_policies); @ filtering.h:155
552: (a7) r7 ^= -1                    ; R7_w=scalar()
553: (79) r1 = *(u64 *)(r10 -160)     ; R1_w=scalar(id=54) R10=fp0 fp-160=scalar(id=54)
554: (5f) r7 &= r1                    ; R1_w=scalar(id=54) R7_w=scalar()
555: (4f) r7 |= r6                    ; R6=scalar() R7_w=scalar()
; res &= equality_filter_matches(match_if_key_missing, filter_map, &cgroup_id_lsb) | mask; @ filtering.h:308
556: (4f) r7 |= r2                    ; R2_w=scalar() R7_w=scalar()
557: (79) r1 = *(u64 *)(r10 -136)     ; R1_w=scalar(id=53) R10=fp0 fp-136=scalar(id=53)
558: (5f) r7 &= r1                    ; R1_w=scalar(id=53) R7_w=scalar()
559: (bf) r4 = r7                     ; R4_w=scalar(id=57) R7_w=scalar(id=57)
560: (79) r5 = *(u64 *)(r10 -104)     ; R5_w=map_value(map=event_data_map,ks=4,vs=32528) R10=fp0 fp-104=map_value(map=event_data_map,ks=4,vs=32528)
; if (policies_cfg->proc_tree_filter_enabled) { @ filtering.h:311
561: (79) r6 = *(u64 *)(r5 +32368)    ; R5_w=map_value(map=event_data_map,ks=4,vs=32528) R6_w=scalar()
562: (15) if r6 == 0x0 goto pc+30     ; R6_w=scalar(umin=1)
563: (7b) *(u64 *)(r10 -136) = r4     ; R4_w=scalar(id=57) R10=fp0 fp-136_w=scalar(id=57)
; u64 match_if_key_missing = policies_cfg->proc_tree_filter_match_if_key_missing; @ filtering.h:312
564: (79) r1 = *(u64 *)(r5 +32472)    ; R1_w=scalar() R5_w=map_value(map=event_data_map,ks=4,vs=32528)
565: (7b) *(u64 *)(r10 -160) = r1     ; R1_w=scalar(id=58) R10=fp0 fp-160_w=scalar(id=58)
566: (79) r1 = *(u64 *)(r10 -144)     ; R1_w=scalar(id=9,smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff)) R10=fp0 fp-144=scalar(id=9,smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff))
567: (6b) *(u16 *)(r10 -72) = r1      ; R1_w=scalar(id=9,smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff)) R10=fp0 fp-72=mmmmmmscalar(id=9,smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff))
568: (bf) r2 = r10                    ; R2_w=fp0 R10=fp0
569: (07) r2 += -72                   ; R2_w=fp-72
; return bpf_map_lookup_elem(outer_map, &version); @ filtering.h:36
570: (18) r1 = 0xffff9cc683578c00     ; R1_w=map_ptr(map=process_tree_ma,ks=2,vs=4)
572: (85) call bpf_map_lookup_elem#1          ; R0=map_value_or_null(id=59,map=process_tree_ma,ks=2,vs=4)
573: (b7) r2 = 0                      ; R2_w=0
574: (b7) r7 = -1                     ; R7_w=-1
; u64 mask = ~policies_cfg->proc_tree_filter_enabled; @ filtering.h:313
575: (a7) r6 ^= -1                    ; R6_w=scalar()
; if (filter_map) { @ filtering.h:144
576: (15) if r0 == 0x0 goto pc+8      ; R0=map_ptr(ks=4,vs=16)
; eq_t *equality = bpf_map_lookup_elem(filter_map, key); @ filtering.h:145
577: (bf) r1 = r0                     ; R0=map_ptr(ks=4,vs=16) R1_w=map_ptr(ks=4,vs=16)
578: (bf) r2 = r9                     ; R2_w=map_value(map=event_data_map,ks=4,vs=32528,off=36) R9=map_value(map=event_data_map,ks=4,vs=32528,off=36)
579: (85) call bpf_map_lookup_elem#1          ; R0_w=map_value_or_null(id=60,ks=4,vs=16)
580: (b7) r2 = 0                      ; R2=0
; if (equality != NULL) { @ filtering.h:146
581: (15) if r0 == 0x0 goto pc+3      ; R0=map_value(ks=4,vs=16)
; equals_in_policies = equality->equals_in_policies; @ filtering.h:147
582: (79) r2 = *(u64 *)(r0 +0)        ; R0=map_value(ks=4,vs=16) R2_w=scalar()
; key_used_in_policies = equality->key_used_in_policies; @ filtering.h:148
583: (79) r7 = *(u64 *)(r0 +8)        ; R0=map_value(ks=4,vs=16) R7_w=scalar()
; return equals_in_policies | (match_if_key_missing & ~key_used_in_policies); @ filtering.h:155
584: (a7) r7 ^= -1                    ; R7_w=scalar()
585: (79) r1 = *(u64 *)(r10 -160)     ; R1_w=scalar(id=58) R10=fp0 fp-160=scalar(id=58)
586: (5f) r7 &= r1                    ; R1_w=scalar(id=58) R7_w=scalar()
587: (4f) r7 |= r6                    ; R6=scalar() R7_w=scalar()
; res &= equality_filter_matches(match_if_key_missing, filter_map, &context->host_pid) | mask; @ filtering.h:316
588: (4f) r7 |= r2                    ; R2_w=scalar() R7_w=scalar()
589: (79) r1 = *(u64 *)(r10 -136)     ; R1_w=scalar(id=57) R10=fp0 fp-136=scalar(id=57)
590: (5f) r7 &= r1                    ; R1_w=scalar(id=57) R7_w=scalar()
591: (bf) r4 = r7                     ; R4_w=scalar(id=61) R7_w=scalar(id=61)
592: (79) r5 = *(u64 *)(r10 -104)     ; R5_w=map_value(map=event_data_map,ks=4,vs=32528) R10=fp0 fp-104=map_value(map=event_data_map,ks=4,vs=32528)
; if (policies_cfg->bin_path_filter_enabled) { @ filtering.h:319
593: (79) r7 = *(u64 *)(r5 +32376)    ; R5_w=map_value(map=event_data_map,ks=4,vs=32528) R7_w=scalar()
594: (15) if r7 == 0x0 goto pc+36     ; R7_w=scalar(umin=1)
595: (7b) *(u64 *)(r10 -136) = r4     ; R4_w=scalar(id=61) R10=fp0 fp-136_w=scalar(id=61)
; u64 match_if_key_missing = policies_cfg->bin_path_filter_match_if_key_missing; @ filtering.h:320
596: (79) r1 = *(u64 *)(r5 +32480)    ; R1_w=scalar() R5_w=map_value(map=event_data_map,ks=4,vs=32528)
597: (7b) *(u64 *)(r10 -160) = r1     ; R1_w=scalar(id=62) R10=fp0 fp-160_w=scalar(id=62)
598: (79) r1 = *(u64 *)(r10 -144)     ; R1_w=scalar(id=9,smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff)) R10=fp0 fp-144=scalar(id=9,smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff))
599: (6b) *(u16 *)(r10 -72) = r1      ; R1_w=scalar(id=9,smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff)) R10=fp0 fp-72=mmmmmmscalar(id=9,smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff))
600: (bf) r2 = r10                    ; R2_w=fp0 R10=fp0
601: (07) r2 += -72                   ; R2_w=fp-72
; return bpf_map_lookup_elem(outer_map, &version); @ filtering.h:36
602: (18) r1 = 0xffff9cc6855ae800     ; R1_w=map_ptr(map=binary_filter_v,ks=2,vs=4)
604: (85) call bpf_map_lookup_elem#1          ; R0=map_value_or_null(id=63,map=binary_filter_v,ks=2,vs=4)
605: (b7) r6 = -1                     ; R6_w=-1
606: (b7) r9 = 0                      ; R9_w=0
; u64 mask = ~policies_cfg->bin_path_filter_enabled; @ filtering.h:321
607: (a7) r7 ^= -1                    ; R7_w=scalar()
; if (filter_map) { @ filtering.h:84
608: (15) if r0 == 0x0 goto pc+14     ; R0=map_ptr(ks=260,vs=16)
; eq_t *equality = bpf_map_lookup_elem(filter_map, proc_info->binary.path); @ filtering.h:85
609: (79) r2 = *(u64 *)(r10 -128)     ; R2_w=map_value(map=proc_info_map,ks=4,vs=368) R10=fp0 fp-128=map_value(map=proc_info_map,ks=4,vs=368)
610: (07) r2 += 20                    ; R2_w=map_value(map=proc_info_map,ks=4,vs=368,off=20)
611: (7b) *(u64 *)(r10 -144) = r0     ; R0=map_ptr(ks=260,vs=16) R10=fp0 fp-144_w=map_ptr(ks=260,vs=16)
612: (79) r1 = *(u64 *)(r10 -144)     ; R1_w=map_ptr(ks=260,vs=16) R10=fp0 fp-144_w=map_ptr(ks=260,vs=16)
613: (85) call bpf_map_lookup_elem#1          ; R0=map_value_or_null(id=64,ks=260,vs=16)
614: (79) r1 = *(u64 *)(r10 -144)     ; R1_w=map_ptr(ks=260,vs=16) R10=fp0 fp-144=map_ptr(ks=260,vs=16)
; if (equality == NULL) { @ filtering.h:86
615: (55) if r0 != 0x0 goto pc+4      ; R0=0
; eq_t *equality = bpf_map_lookup_elem(filter_map, proc_info->binary.path); @ filtering.h:85
616: (79) r2 = *(u64 *)(r10 -128)     ; R2_w=map_value(map=proc_info_map,ks=4,vs=368) R10=fp0 fp-128=map_value(map=proc_info_map,ks=4,vs=368)
617: (07) r2 += 16                    ; R2_w=map_value(map=proc_info_map,ks=4,vs=368,off=16)
; equality = bpf_map_lookup_elem(filter_map, &proc_info->binary); @ filtering.h:88
618: (85) call bpf_map_lookup_elem#1          ; R0_w=map_value_or_null(id=65,ks=260,vs=16)
; if (equality != NULL) { @ filtering.h:90
619: (15) if r0 == 0x0 goto pc+3      ; R0_w=map_value(ks=260,vs=16)
; equals_in_policies = equality->equals_in_policies; @ filtering.h:91
620: (79) r9 = *(u64 *)(r0 +0)        ; R0_w=map_value(ks=260,vs=16) R9_w=scalar()
; key_used_in_policies = equality->key_used_in_policies; @ filtering.h:92
621: (79) r6 = *(u64 *)(r0 +8)        ; R0_w=map_value(ks=260,vs=16) R6_w=scalar()
; return equals_in_policies | (match_if_key_missing & ~key_used_in_policies); @ filtering.h:96
622: (a7) r6 ^= -1                    ; R6=scalar()
623: (79) r1 = *(u64 *)(r10 -160)     ; R1_w=scalar(id=62) R10=fp0 fp-160=scalar(id=62)
624: (5f) r6 &= r1                    ; R1_w=scalar(id=62) R6_w=scalar()
625: (4f) r9 |= r7                    ; R7=scalar() R9_w=scalar()
; res &= binary_filter_matches(match_if_key_missing, filter_map, proc_info) | mask; @ filtering.h:324
626: (4f) r9 |= r6                    ; R6_w=scalar() R9_w=scalar()
627: (79) r1 = *(u64 *)(r10 -136)     ; R1_w=scalar(id=61) R10=fp0 fp-136=scalar(id=61)
628: (5f) r9 &= r1                    ; R1_w=scalar(id=61) R9_w=scalar()
629: (bf) r4 = r9                     ; R4_w=scalar(id=66) R9_w=scalar(id=66)
630: (79) r5 = *(u64 *)(r10 -104)     ; R5_w=map_value(map=event_data_map,ks=4,vs=32528) R10=fp0 fp-104=map_value(map=event_data_map,ks=4,vs=32528)
; if (policies_cfg->follow_filter_enabled) { @ filtering.h:331
631: (79) r1 = *(u64 *)(r5 +32384)    ; R1_w=scalar() R5_w=map_value(map=event_data_map,ks=4,vs=32528)
632: (15) if r1 == 0x0 goto pc+5      ; R1_w=scalar(umin=1)
; res |= proc_info->follow_in_scopes & policies_cfg->follow_filter_enabled; @ filtering.h:333
633: (79) r2 = *(u64 *)(r10 -128)     ; R2_w=map_value(map=proc_info_map,ks=4,vs=368) R10=fp0 fp-128=map_value(map=proc_info_map,ks=4,vs=368)
634: (79) r2 = *(u64 *)(r2 +8)        ; R2_w=scalar()
635: (5f) r2 &= r1                    ; R1_w=scalar(umin=1) R2_w=scalar()
636: (4f) r2 |= r4                    ; R2_w=scalar() R4_w=scalar(id=66)
637: (bf) r4 = r2                     ; R2_w=scalar(id=67) R4_w=scalar(id=67)
; return res & policies_cfg->enabled_policies; @ filtering.h:337
638: (79) r2 = *(u64 *)(r5 +32488)    ; R2_w=scalar() R5_w=map_value(map=event_data_map,ks=4,vs=32528)
639: (5f) r2 &= r4                    ; R2_w=scalar() R4_w=scalar(id=67)
; p->event->context.matched_policies &= matched_policies; @ filtering.h:450
640: (79) r1 = *(u64 *)(r5 +136)      ; R1_w=scalar() R5_w=map_value(map=event_data_map,ks=4,vs=32528)
641: (79) r7 = *(u64 *)(r10 -152)     ; R7_w=ctx() R10=fp0 fp-152=ctx()
642: (5f) r1 &= r2                    ; R1_w=scalar() R2_w=scalar()
643: (7b) *(u64 *)(r5 +136) = r1      ; R1_w=scalar() R5_w=map_value(map=event_data_map,ks=4,vs=32528)
; if (!evaluate_scope_filters(&p)) @ tracee.bpf.c:380
644: (15) if r1 == 0x0 goto pc+491    ; R1_w=scalar(umin=1)
645: (79) r7 = *(u64 *)(r10 -96)      ; R7_w=map_value(map=event_data_map,ks=4,vs=32528) R10=fp0 fp-96=map_value(map=event_data_map,ks=4,vs=32528)
646: (bf) r6 = r7                     ; R6_w=map_value(map=event_data_map,ks=4,vs=32528) R7_w=map_value(map=event_data_map,ks=4,vs=32528)
647: (07) r6 += 32146                 ; R6_w=map_value(map=event_data_map,ks=4,vs=32528,off=32146)
; if (buf->offset > ARGS_BUF_SIZE - 1) @ buffer.h:218
648: (69) r1 = *(u16 *)(r6 +0)        ; R1=scalar(smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff)) R6=map_value(map=event_data_map,ks=4,vs=32528,off=32146)
649: (a5) if r1 < 0x7d00 goto pc+89   ; R1=scalar(smin=umin=smin32=umin32=32000,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff))
; if (p.config->options & OPT_EXEC_ENV) { @ tracee.bpf.c:385
650: (79) r1 = *(u64 *)(r10 -120)     ; R1_w=map_value(map=config_map,ks=4,vs=256) R10=fp0 fp-120=map_value(map=config_map,ks=4,vs=256)
651: (61) r1 = *(u32 *)(r1 +4)        ; R1_w=scalar(smin=0,smax=umax=0xffffffff,var_off=(0x0; 0xffffffff))
652: (57) r1 &= 1                     ; R1_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=1,var_off=(0x0; 0x1))
653: (15) if r1 == 0x0 goto pc+46     ; R1_w=1
; if (buf->offset > ARGS_BUF_SIZE - 1) @ buffer.h:314
654: (69) r1 = *(u16 *)(r6 +0)        ; R1_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff)) R6=map_value(map=event_data_map,ks=4,vs=32528,off=32146)
655: (25) if r1 > 0x7cff goto pc+44   ; R1_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=31999,var_off=(0x0; 0x7fff))
656: (79) r2 = *(u64 *)(r10 -112)     ; R2_w=map_value(map=task_info_map,ks=4,vs=200) R10=fp0 fp-112=map_value(map=task_info_map,ks=4,vs=200)
657: (79) r3 = *(u64 *)(r2 +128)      ; R2_w=map_value(map=task_info_map,ks=4,vs=200) R3_w=scalar()
; buf->args[buf->offset] = index; @ buffer.h:318
658: (79) r7 = *(u64 *)(r10 -96)      ; R7_w=map_value(map=event_data_map,ks=4,vs=32528) R10=fp0 fp-96=map_value(map=event_data_map,ks=4,vs=32528)
659: (07) r7 += 145                   ; R7_w=map_value(map=event_data_map,ks=4,vs=32528,off=145)
660: (bf) r2 = r7                     ; R2_w=map_value(map=event_data_map,ks=4,vs=32528,off=145) R7_w=map_value(map=event_data_map,ks=4,vs=32528,off=145)
661: (0f) r2 += r1                    ; R1_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=31999,var_off=(0x0; 0x7fff)) R2_w=map_value(map=event_data_map,ks=4,vs=32528,off=145,smin=smin32=0,smax=umax=smax32=umax32=31999,var_off=(0x0; 0x7fff))
662: (b7) r1 = 2                      ; R1_w=2
663: (73) *(u8 *)(r2 +0) = r1         ; R1_w=2 R2_w=map_value(map=event_data_map,ks=4,vs=32528,off=145,smin=smin32=0,smax=umax=smax32=umax32=31999,var_off=(0x0; 0x7fff))
; u32 orig_off = buf->offset + 1; @ buffer.h:321
664: (69) r8 = *(u16 *)(r5 +32146)    ; R5=map_value(map=event_data_map,ks=4,vs=32528) R8_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff))
; buf->offset += 2; @ buffer.h:322
665: (bf) r1 = r8                     ; R1_w=scalar(id=68,smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff)) R8_w=scalar(id=68,smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff))
666: (07) r1 += 2                     ; R1_w=scalar(id=68+2,smin=umin=smin32=umin32=2,smax=umax=smax32=umax32=0x10001,var_off=(0x0; 0x1ffff))
667: (6b) *(u16 *)(r5 +32146) = r1    ; R1_w=scalar(id=68+2,smin=umin=smin32=umin32=2,smax=umax=smax32=umax32=0x10001,var_off=(0x0; 0x1ffff)) R5=map_value(map=event_data_map,ks=4,vs=32528)
668: (b7) r9 = 0                      ; R9_w=0
; const char *argp = NULL; @ buffer.h:326
669: (7b) *(u64 *)(r10 -72) = r9      ; R9_w=0 R10=fp0 fp-72_w=0
670: (bf) r1 = r10                    ; R1_w=fp0 R10=fp0
671: (07) r1 += -72                   ; R1_w=fp-72
; bpf_probe_read(&argp, sizeof(argp), &ptr[i]); @ buffer.h:327
672: (b7) r2 = 8                      ; R2_w=8
673: (7b) *(u64 *)(r10 -128) = r3     ; R3_w=scalar(id=69) R10=fp0 fp-128_w=scalar(id=69)
674: (85) call bpf_probe_read#4       ; R0=scalar() fp-72=mmmmmmmm
; if (!argp) @ buffer.h:328
675: (79) r3 = *(u64 *)(r10 -72)      ; R3_w=scalar() R10=fp0 fp-72=mmmmmmmm
676: (15) if r3 == 0x0 goto pc+15     ; R3_w=scalar(umin=1)
; if (buf->offset > ARGS_BUF_SIZE - MAX_STRING_SIZE - sizeof(int)) @ buffer.h:331
677: (69) r2 = *(u16 *)(r6 +0)        ; R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff)) R6=map_value(map=event_data_map,ks=4,vs=32528,off=32146)
678: (25) if r2 > 0x6cfc goto pc+13   ; R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=27900,var_off=(0x0; 0x7fff))
; int sz = bpf_probe_read_str(&(buf->args[buf->offset + sizeof(int)]), MAX_STRING_SIZE, argp); @ buffer.h:336
679: (07) r2 += 4                     ; R2_w=scalar(smin=umin=smin32=umin32=4,smax=umax=smax32=umax32=27904,var_off=(0x0; 0x7fff))
680: (57) r2 &= 65535                 ; R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=27904,var_off=(0x0; 0x7fff))
681: (bf) r1 = r7                     ; R1_w=map_value(map=event_data_map,ks=4,vs=32528,off=145) R7=map_value(map=event_data_map,ks=4,vs=32528,off=145)
682: (0f) r1 += r2                    ; R1_w=map_value(map=event_data_map,ks=4,vs=32528,off=145,smin=smin32=0,smax=umax=smax32=umax32=27904,var_off=(0x0; 0x7fff)) R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=27904,var_off=(0x0; 0x7fff))
683: (b7) r2 = 4096                   ; R2_w=4096
684: (85) call bpf_probe_read_str#45          ; R0=scalar(smin=smin32=-4095,smax=smax32=4096)
685: (63) *(u32 *)(r10 -76) = r0      ; R0=scalar(smin=smin32=-4095,smax=smax32=4096) R10=fp0 fp-80=mmmm????
686: (67) r0 <<= 32                   ; R0_w=scalar(smax=0x100000000000,umax=0xffffffff00000000,smin32=0,smax32=umax32=0,var_off=(0x0; 0xffffffff00000000))
687: (c7) r0 s>>= 32                  ; R0_w=scalar(smin=0xffffffff80000000,smax=smax32=4096)
; if (sz > 0) { @ buffer.h:337
688: (c5) if r0 s< 0x1 goto pc+3      ; R0_w=scalar(smin=umin=smin32=umin32=1,smax=umax=smax32=umax32=4096,var_off=(0x0; 0x1fff))
; if (buf->offset > ARGS_BUF_SIZE - sizeof(int)) @ buffer.h:338
689: (69) r2 = *(u16 *)(r6 +0)        ; R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff)) R6=map_value(map=event_data_map,ks=4,vs=32528,off=32146)
690: (25) if r2 > 0x7cfc goto pc+1    ; R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=31996,var_off=(0x0; 0x7fff))
691: (05) goto pc+493
; bpf_probe_read(&(buf->args[buf->offset]), sizeof(int), &sz); @ buffer.h:341
1185: (bf) r1 = r7                    ; R1_w=map_value(map=event_data_map,ks=4,vs=32528,off=145) R7=map_value(map=event_data_map,ks=4,vs=32528,off=145)
1186: (0f) r1 += r2                   ; R1_w=map_value(map=event_data_map,ks=4,vs=32528,off=145,smin=smin32=0,smax=umax=smax32=umax32=31996,var_off=(0x0; 0x7fff)) R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=31996,var_off=(0x0; 0x7fff))
1187: (bf) r3 = r10                   ; R3_w=fp0 R10=fp0
1188: (07) r3 += -76                  ; R3_w=fp-76
1189: (b7) r2 = 4                     ; R2_w=4
1190: (85) call bpf_probe_read#4      ; R0=scalar()
; buf->offset += sz + sizeof(int); @ buffer.h:342
1191: (69) r1 = *(u16 *)(r6 +0)       ; R1_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff)) R6=map_value(map=event_data_map,ks=4,vs=32528,off=32146)
1192: (61) r2 = *(u32 *)(r10 -76)     ; R2_w=scalar(smin=0,smax=umax=0xffffffff,var_off=(0x0; 0xffffffff)) R10=fp0 fp-80=mmmm????
1193: (0f) r2 += r1                   ; R1_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff)) R2_w=scalar(smin=0,smax=umax=0x10000fffe,var_off=(0x0; 0x1ffffffff))
1194: (07) r2 += 4                    ; R2_w=scalar(smin=umin=4,smax=umax=0x100010002,var_off=(0x0; 0x1ffffffff))
1195: (6b) *(u16 *)(r6 +0) = r2       ; R2_w=scalar(smin=umin=4,smax=umax=0x100010002,var_off=(0x0; 0x1ffffffff)) R6=map_value(map=event_data_map,ks=4,vs=32528,off=32146)
1196: (b7) r1 = 0                     ; R1_w=0
; const char *argp = NULL; @ buffer.h:326
1197: (7b) *(u64 *)(r10 -72) = r1     ; R1_w=0 R10=fp0 fp-72_w=0
; bpf_probe_read(&argp, sizeof(argp), &ptr[i]); @ buffer.h:327
1198: (79) r3 = *(u64 *)(r10 -128)    ; R3_w=scalar(id=69) R10=fp0 fp-128=scalar(id=69)
1199: (07) r3 += 8                    ; R3_w=scalar(id=69+8)
1200: (bf) r1 = r10                   ; R1_w=fp0 R10=fp0
1201: (07) r1 += -72                  ; R1_w=fp-72
1202: (b7) r2 = 8                     ; R2_w=8
1203: (85) call bpf_probe_read#4      ; R0_w=scalar() fp-72_w=mmmmmmmm
1204: (b7) r9 = 1                     ; R9_w=1
; if (!argp) @ buffer.h:328
1205: (79) r3 = *(u64 *)(r10 -72)     ; R3_w=scalar() R10=fp0 fp-72_w=mmmmmmmm
1206: (15) if r3 == 0x0 goto pc-515   ; R3_w=scalar(umin=1)
; if (buf->offset > ARGS_BUF_SIZE - MAX_STRING_SIZE - sizeof(int)) @ buffer.h:331
1207: (69) r2 = *(u16 *)(r6 +0)       ; R2=scalar(smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff)) R6=map_value(map=event_data_map,ks=4,vs=32528,off=32146)
1208: (25) if r2 > 0x6cfc goto pc-517         ; R2=scalar(smin=smin32=0,smax=umax=smax32=umax32=27900,var_off=(0x0; 0x7fff))
; int sz = bpf_probe_read_str(&(buf->args[buf->offset + sizeof(int)]), MAX_STRING_SIZE, argp); @ buffer.h:336
1209: (07) r2 += 4                    ; R2_w=scalar(smin=umin=smin32=umin32=4,smax=umax=smax32=umax32=27904,var_off=(0x0; 0x7fff))
1210: (57) r2 &= 65535                ; R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=27904,var_off=(0x0; 0x7fff))
1211: (bf) r1 = r7                    ; R1_w=map_value(map=event_data_map,ks=4,vs=32528,off=145) R7=map_value(map=event_data_map,ks=4,vs=32528,off=145)
1212: (0f) r1 += r2                   ; R1_w=map_value(map=event_data_map,ks=4,vs=32528,off=145,smin=smin32=0,smax=umax=smax32=umax32=27904,var_off=(0x0; 0x7fff)) R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=27904,var_off=(0x0; 0x7fff))
1213: (b7) r2 = 4096                  ; R2_w=4096
1214: (85) call bpf_probe_read_str#45         ; R0_w=scalar(smin=smin32=-4095,smax=smax32=4096)
1215: (63) *(u32 *)(r10 -76) = r0     ; R0_w=scalar(smin=smin32=-4095,smax=smax32=4096) R10=fp0 fp-80=mmmm????
1216: (67) r0 <<= 32                  ; R0_w=scalar(smax=0x100000000000,umax=0xffffffff00000000,smin32=0,smax32=umax32=0,var_off=(0x0; 0xffffffff00000000))
1217: (c7) r0 s>>= 32                 ; R0=scalar(smin=0xffffffff80000000,smax=smax32=4096)
; if (sz > 0) { @ buffer.h:337
1218: (c5) if r0 s< 0x1 goto pc-527   ; R0=scalar(smin=umin=smin32=umin32=1,smax=umax=smax32=umax32=4096,var_off=(0x0; 0x1fff))
; if (buf->offset > ARGS_BUF_SIZE - sizeof(int)) @ buffer.h:338
1219: (69) r2 = *(u16 *)(r6 +0)       ; R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff)) R6=map_value(map=event_data_map,ks=4,vs=32528,off=32146)
1220: (25) if r2 > 0x7cfc goto pc-529         ; R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=31996,var_off=(0x0; 0x7fff))
; bpf_probe_read(&(buf->args[buf->offset]), sizeof(int), &sz); @ buffer.h:341
1221: (bf) r1 = r7                    ; R1_w=map_value(map=event_data_map,ks=4,vs=32528,off=145) R7=map_value(map=event_data_map,ks=4,vs=32528,off=145)
1222: (0f) r1 += r2                   ; R1_w=map_value(map=event_data_map,ks=4,vs=32528,off=145,smin=smin32=0,smax=umax=smax32=umax32=31996,var_off=(0x0; 0x7fff)) R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=31996,var_off=(0x0; 0x7fff))
1223: (bf) r3 = r10                   ; R3_w=fp0 R10=fp0
1224: (07) r3 += -76                  ; R3_w=fp-76
1225: (b7) r2 = 4                     ; R2_w=4
1226: (85) call bpf_probe_read#4      ; R0=scalar()
; buf->offset += sz + sizeof(int); @ buffer.h:342
1227: (69) r1 = *(u16 *)(r6 +0)       ; R1_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff)) R6=map_value(map=event_data_map,ks=4,vs=32528,off=32146)
1228: (61) r2 = *(u32 *)(r10 -76)     ; R2_w=scalar(smin=0,smax=umax=0xffffffff,var_off=(0x0; 0xffffffff)) R10=fp0 fp-80=mmmm????
1229: (0f) r2 += r1                   ; R1_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff)) R2_w=scalar(smin=0,smax=umax=0x10000fffe,var_off=(0x0; 0x1ffffffff))
1230: (07) r2 += 4                    ; R2_w=scalar(smin=umin=4,smax=umax=0x100010002,var_off=(0x0; 0x1ffffffff))
1231: (6b) *(u16 *)(r6 +0) = r2       ; R2_w=scalar(smin=umin=4,smax=umax=0x100010002,var_off=(0x0; 0x1ffffffff)) R6=map_value(map=event_data_map,ks=4,vs=32528,off=32146)
1232: (b7) r1 = 0                     ; R1_w=0
; const char *argp = NULL; @ buffer.h:326
1233: (7b) *(u64 *)(r10 -72) = r1     ; R1_w=0 R10=fp0 fp-72_w=0
; bpf_probe_read(&argp, sizeof(argp), &ptr[i]); @ buffer.h:327
1234: (79) r3 = *(u64 *)(r10 -128)    ; R3_w=scalar(id=69) R10=fp0 fp-128=scalar(id=69)
1235: (07) r3 += 16                   ; R3_w=scalar(id=69+16)
1236: (bf) r1 = r10                   ; R1_w=fp0 R10=fp0
1237: (07) r1 += -72                  ; R1_w=fp-72
1238: (b7) r2 = 8                     ; R2_w=8
1239: (85) call bpf_probe_read#4      ; R0_w=scalar() fp-72_w=mmmmmmmm
1240: (b7) r9 = 2                     ; R9_w=2
; if (!argp) @ buffer.h:328
1241: (79) r3 = *(u64 *)(r10 -72)     ; R3_w=scalar() R10=fp0 fp-72_w=mmmmmmmm
1242: (15) if r3 == 0x0 goto pc-551   ; R3_w=scalar(umin=1)
; if (buf->offset > ARGS_BUF_SIZE - MAX_STRING_SIZE - sizeof(int)) @ buffer.h:331
1243: (69) r2 = *(u16 *)(r6 +0)       ; R2=scalar(smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff)) R6=map_value(map=event_data_map,ks=4,vs=32528,off=32146)
1244: (25) if r2 > 0x6cfc goto pc-553         ; R2=scalar(smin=smin32=0,smax=umax=smax32=umax32=27900,var_off=(0x0; 0x7fff))
; int sz = bpf_probe_read_str(&(buf->args[buf->offset + sizeof(int)]), MAX_STRING_SIZE, argp); @ buffer.h:336
1245: (07) r2 += 4                    ; R2_w=scalar(smin=umin=smin32=umin32=4,smax=umax=smax32=umax32=27904,var_off=(0x0; 0x7fff))
1246: (57) r2 &= 65535                ; R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=27904,var_off=(0x0; 0x7fff))
1247: (bf) r1 = r7                    ; R1_w=map_value(map=event_data_map,ks=4,vs=32528,off=145) R7=map_value(map=event_data_map,ks=4,vs=32528,off=145)
1248: (0f) r1 += r2                   ; R1_w=map_value(map=event_data_map,ks=4,vs=32528,off=145,smin=smin32=0,smax=umax=smax32=umax32=27904,var_off=(0x0; 0x7fff)) R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=27904,var_off=(0x0; 0x7fff))
1249: (b7) r2 = 4096                  ; R2_w=4096
1250: (85) call bpf_probe_read_str#45         ; R0_w=scalar(smin=smin32=-4095,smax=smax32=4096)
1251: (63) *(u32 *)(r10 -76) = r0     ; R0_w=scalar(smin=smin32=-4095,smax=smax32=4096) R10=fp0 fp-80=mmmm????
1252: (67) r0 <<= 32                  ; R0_w=scalar(smax=0x100000000000,umax=0xffffffff00000000,smin32=0,smax32=umax32=0,var_off=(0x0; 0xffffffff00000000))
1253: (c7) r0 s>>= 32                 ; R0=scalar(smin=0xffffffff80000000,smax=smax32=4096)
; if (sz > 0) { @ buffer.h:337
1254: (c5) if r0 s< 0x1 goto pc-563   ; R0=scalar(smin=umin=smin32=umin32=1,smax=umax=smax32=umax32=4096,var_off=(0x0; 0x1fff))
; if (buf->offset > ARGS_BUF_SIZE - sizeof(int)) @ buffer.h:338
1255: (69) r2 = *(u16 *)(r6 +0)       ; R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff)) R6=map_value(map=event_data_map,ks=4,vs=32528,off=32146)
1256: (25) if r2 > 0x7cfc goto pc-565         ; R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=31996,var_off=(0x0; 0x7fff))
; bpf_probe_read(&(buf->args[buf->offset]), sizeof(int), &sz); @ buffer.h:341
1257: (bf) r1 = r7                    ; R1_w=map_value(map=event_data_map,ks=4,vs=32528,off=145) R7=map_value(map=event_data_map,ks=4,vs=32528,off=145)
1258: (0f) r1 += r2                   ; R1_w=map_value(map=event_data_map,ks=4,vs=32528,off=145,smin=smin32=0,smax=umax=smax32=umax32=31996,var_off=(0x0; 0x7fff)) R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=31996,var_off=(0x0; 0x7fff))
1259: (bf) r3 = r10                   ; R3_w=fp0 R10=fp0
1260: (07) r3 += -76                  ; R3_w=fp-76
1261: (b7) r2 = 4                     ; R2_w=4
1262: (85) call bpf_probe_read#4      ; R0=scalar()
; buf->offset += sz + sizeof(int); @ buffer.h:342
1263: (69) r1 = *(u16 *)(r6 +0)       ; R1_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff)) R6=map_value(map=event_data_map,ks=4,vs=32528,off=32146)
1264: (61) r2 = *(u32 *)(r10 -76)     ; R2_w=scalar(smin=0,smax=umax=0xffffffff,var_off=(0x0; 0xffffffff)) R10=fp0 fp-80=mmmm????
1265: (0f) r2 += r1                   ; R1_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff)) R2_w=scalar(smin=0,smax=umax=0x10000fffe,var_off=(0x0; 0x1ffffffff))
1266: (07) r2 += 4                    ; R2_w=scalar(smin=umin=4,smax=umax=0x100010002,var_off=(0x0; 0x1ffffffff))
1267: (6b) *(u16 *)(r6 +0) = r2       ; R2_w=scalar(smin=umin=4,smax=umax=0x100010002,var_off=(0x0; 0x1ffffffff)) R6=map_value(map=event_data_map,ks=4,vs=32528,off=32146)
1268: (b7) r1 = 0                     ; R1_w=0
; const char *argp = NULL; @ buffer.h:326
1269: (7b) *(u64 *)(r10 -72) = r1     ; R1_w=0 R10=fp0 fp-72_w=0
; bpf_probe_read(&argp, sizeof(argp), &ptr[i]); @ buffer.h:327
1270: (79) r3 = *(u64 *)(r10 -128)    ; R3_w=scalar(id=69) R10=fp0 fp-128=scalar(id=69)
1271: (07) r3 += 24                   ; R3_w=scalar(id=69+24)
1272: (bf) r1 = r10                   ; R1_w=fp0 R10=fp0
1273: (07) r1 += -72                  ; R1_w=fp-72
1274: (b7) r2 = 8                     ; R2_w=8
1275: (85) call bpf_probe_read#4      ; R0_w=scalar() fp-72_w=mmmmmmmm
1276: (b7) r9 = 3                     ; R9_w=3
; if (!argp) @ buffer.h:328
1277: (79) r3 = *(u64 *)(r10 -72)     ; R3_w=scalar() R10=fp0 fp-72_w=mmmmmmmm
1278: (15) if r3 == 0x0 goto pc-587   ; R3_w=scalar(umin=1)
; if (buf->offset > ARGS_BUF_SIZE - MAX_STRING_SIZE - sizeof(int)) @ buffer.h:331
1279: (69) r2 = *(u16 *)(r6 +0)       ; R2=scalar(smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff)) R6=map_value(map=event_data_map,ks=4,vs=32528,off=32146)
1280: (25) if r2 > 0x6cfc goto pc-589         ; R2=scalar(smin=smin32=0,smax=umax=smax32=umax32=27900,var_off=(0x0; 0x7fff))
; int sz = bpf_probe_read_str(&(buf->args[buf->offset + sizeof(int)]), MAX_STRING_SIZE, argp); @ buffer.h:336
1281: (07) r2 += 4                    ; R2_w=scalar(smin=umin=smin32=umin32=4,smax=umax=smax32=umax32=27904,var_off=(0x0; 0x7fff))
1282: (57) r2 &= 65535                ; R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=27904,var_off=(0x0; 0x7fff))
1283: (bf) r1 = r7                    ; R1_w=map_value(map=event_data_map,ks=4,vs=32528,off=145) R7=map_value(map=event_data_map,ks=4,vs=32528,off=145)
1284: (0f) r1 += r2                   ; R1_w=map_value(map=event_data_map,ks=4,vs=32528,off=145,smin=smin32=0,smax=umax=smax32=umax32=27904,var_off=(0x0; 0x7fff)) R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=27904,var_off=(0x0; 0x7fff))
1285: (b7) r2 = 4096                  ; R2_w=4096
1286: (85) call bpf_probe_read_str#45         ; R0_w=scalar(smin=smin32=-4095,smax=smax32=4096)
1287: (63) *(u32 *)(r10 -76) = r0     ; R0_w=scalar(smin=smin32=-4095,smax=smax32=4096) R10=fp0 fp-80=mmmm????
1288: (67) r0 <<= 32                  ; R0_w=scalar(smax=0x100000000000,umax=0xffffffff00000000,smin32=0,smax32=umax32=0,var_off=(0x0; 0xffffffff00000000))
1289: (c7) r0 s>>= 32                 ; R0=scalar(smin=0xffffffff80000000,smax=smax32=4096)
; if (sz > 0) { @ buffer.h:337
1290: (c5) if r0 s< 0x1 goto pc-599   ; R0=scalar(smin=umin=smin32=umin32=1,smax=umax=smax32=umax32=4096,var_off=(0x0; 0x1fff))
; if (buf->offset > ARGS_BUF_SIZE - sizeof(int)) @ buffer.h:338
1291: (69) r2 = *(u16 *)(r6 +0)       ; R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff)) R6=map_value(map=event_data_map,ks=4,vs=32528,off=32146)
1292: (25) if r2 > 0x7cfc goto pc-601         ; R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=31996,var_off=(0x0; 0x7fff))
; bpf_probe_read(&(buf->args[buf->offset]), sizeof(int), &sz); @ buffer.h:341
1293: (bf) r1 = r7                    ; R1_w=map_value(map=event_data_map,ks=4,vs=32528,off=145) R7=map_value(map=event_data_map,ks=4,vs=32528,off=145)
1294: (0f) r1 += r2                   ; R1_w=map_value(map=event_data_map,ks=4,vs=32528,off=145,smin=smin32=0,smax=umax=smax32=umax32=31996,var_off=(0x0; 0x7fff)) R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=31996,var_off=(0x0; 0x7fff))
1295: (b7) r9 = 4                     ; R9_w=4
1296: (bf) r3 = r10                   ; R3_w=fp0 R10=fp0
1297: (07) r3 += -76                  ; R3_w=fp-76
1298: (b7) r2 = 4                     ; R2_w=4
1299: (85) call bpf_probe_read#4      ; R0=scalar()
; buf->offset += sz + sizeof(int); @ buffer.h:342
1300: (69) r1 = *(u16 *)(r6 +0)       ; R1_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff)) R6=map_value(map=event_data_map,ks=4,vs=32528,off=32146)
1301: (61) r2 = *(u32 *)(r10 -76)     ; R2_w=scalar(smin=0,smax=umax=0xffffffff,var_off=(0x0; 0xffffffff)) R10=fp0 fp-80=mmmm????
1302: (0f) r2 += r1                   ; R1_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff)) R2_w=scalar(smin=0,smax=umax=0x10000fffe,var_off=(0x0; 0x1ffffffff))
1303: (07) r2 += 4                    ; R2_w=scalar(smin=umin=4,smax=umax=0x100010002,var_off=(0x0; 0x1ffffffff))
1304: (6b) *(u16 *)(r6 +0) = r2       ; R2_w=scalar(smin=umin=4,smax=umax=0x100010002,var_off=(0x0; 0x1ffffffff)) R6=map_value(map=event_data_map,ks=4,vs=32528,off=32146)
1305: (b7) r1 = 0                     ; R1_w=0
; const char *argp = NULL; @ buffer.h:326
1306: (7b) *(u64 *)(r10 -72) = r1     ; R1_w=0 R10=fp0 fp-72_w=0
; bpf_probe_read(&argp, sizeof(argp), &ptr[i]); @ buffer.h:327
1307: (79) r3 = *(u64 *)(r10 -128)    ; R3_w=scalar(id=69) R10=fp0 fp-128=scalar(id=69)
1308: (07) r3 += 32                   ; R3_w=scalar(id=69+32)
1309: (bf) r1 = r10                   ; R1_w=fp0 R10=fp0
1310: (07) r1 += -72                  ; R1_w=fp-72
1311: (b7) r2 = 8                     ; R2_w=8
1312: (85) call bpf_probe_read#4      ; R0_w=scalar() fp-72_w=mmmmmmmm
; if (!argp) @ buffer.h:328
1313: (79) r3 = *(u64 *)(r10 -72)     ; R3_w=scalar() R10=fp0 fp-72_w=mmmmmmmm
1314: (15) if r3 == 0x0 goto pc-623   ; R3_w=scalar(umin=1)
; if (buf->offset > ARGS_BUF_SIZE - MAX_STRING_SIZE - sizeof(int)) @ buffer.h:331
1315: (69) r2 = *(u16 *)(r6 +0)       ; R2=scalar(smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff)) R6=map_value(map=event_data_map,ks=4,vs=32528,off=32146)
1316: (25) if r2 > 0x6cfc goto pc-625         ; R2=scalar(smin=smin32=0,smax=umax=smax32=umax32=27900,var_off=(0x0; 0x7fff))
; int sz = bpf_probe_read_str(&(buf->args[buf->offset + sizeof(int)]), MAX_STRING_SIZE, argp); @ buffer.h:336
1317: (07) r2 += 4                    ; R2_w=scalar(smin=umin=smin32=umin32=4,smax=umax=smax32=umax32=27904,var_off=(0x0; 0x7fff))
1318: (57) r2 &= 65535                ; R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=27904,var_off=(0x0; 0x7fff))
1319: (bf) r1 = r7                    ; R1_w=map_value(map=event_data_map,ks=4,vs=32528,off=145) R7=map_value(map=event_data_map,ks=4,vs=32528,off=145)
1320: (0f) r1 += r2                   ; R1_w=map_value(map=event_data_map,ks=4,vs=32528,off=145,smin=smin32=0,smax=umax=smax32=umax32=27904,var_off=(0x0; 0x7fff)) R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=27904,var_off=(0x0; 0x7fff))
1321: (b7) r2 = 4096                  ; R2_w=4096
1322: (85) call bpf_probe_read_str#45         ; R0_w=scalar(smin=smin32=-4095,smax=smax32=4096)
1323: (63) *(u32 *)(r10 -76) = r0     ; R0_w=scalar(smin=smin32=-4095,smax=smax32=4096) R10=fp0 fp-80=mmmm????
1324: (67) r0 <<= 32                  ; R0_w=scalar(smax=0x100000000000,umax=0xffffffff00000000,smin32=0,smax32=umax32=0,var_off=(0x0; 0xffffffff00000000))
1325: (c7) r0 s>>= 32                 ; R0=scalar(smin=0xffffffff80000000,smax=smax32=4096)
; if (sz > 0) { @ buffer.h:337
1326: (c5) if r0 s< 0x1 goto pc-635   ; R0=scalar(smin=umin=smin32=umin32=1,smax=umax=smax32=umax32=4096,var_off=(0x0; 0x1fff))
; if (buf->offset > ARGS_BUF_SIZE - sizeof(int)) @ buffer.h:338
1327: (69) r2 = *(u16 *)(r6 +0)       ; R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff)) R6=map_value(map=event_data_map,ks=4,vs=32528,off=32146)
1328: (25) if r2 > 0x7cfc goto pc-637         ; R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=31996,var_off=(0x0; 0x7fff))
; bpf_probe_read(&(buf->args[buf->offset]), sizeof(int), &sz); @ buffer.h:341
1329: (bf) r1 = r7                    ; R1_w=map_value(map=event_data_map,ks=4,vs=32528,off=145) R7=map_value(map=event_data_map,ks=4,vs=32528,off=145)
1330: (0f) r1 += r2                   ; R1_w=map_value(map=event_data_map,ks=4,vs=32528,off=145,smin=smin32=0,smax=umax=smax32=umax32=31996,var_off=(0x0; 0x7fff)) R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=31996,var_off=(0x0; 0x7fff))
1331: (bf) r3 = r10                   ; R3_w=fp0 R10=fp0
1332: (07) r3 += -76                  ; R3_w=fp-76
1333: (b7) r2 = 4                     ; R2_w=4
1334: (85) call bpf_probe_read#4      ; R0=scalar()
; buf->offset += sz + sizeof(int); @ buffer.h:342
1335: (69) r1 = *(u16 *)(r6 +0)       ; R1_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff)) R6=map_value(map=event_data_map,ks=4,vs=32528,off=32146)
1336: (61) r2 = *(u32 *)(r10 -76)     ; R2_w=scalar(smin=0,smax=umax=0xffffffff,var_off=(0x0; 0xffffffff)) R10=fp0 fp-80=mmmm????
1337: (0f) r2 += r1                   ; R1_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff)) R2_w=scalar(smin=0,smax=umax=0x10000fffe,var_off=(0x0; 0x1ffffffff))
1338: (07) r2 += 4                    ; R2_w=scalar(smin=umin=4,smax=umax=0x100010002,var_off=(0x0; 0x1ffffffff))
1339: (6b) *(u16 *)(r6 +0) = r2       ; R2_w=scalar(smin=umin=4,smax=umax=0x100010002,var_off=(0x0; 0x1ffffffff)) R6=map_value(map=event_data_map,ks=4,vs=32528,off=32146)
1340: (b7) r1 = 0                     ; R1_w=0
; const char *argp = NULL; @ buffer.h:326
1341: (7b) *(u64 *)(r10 -72) = r1     ; R1_w=0 R10=fp0 fp-72_w=0
; bpf_probe_read(&argp, sizeof(argp), &ptr[i]); @ buffer.h:327
1342: (79) r3 = *(u64 *)(r10 -128)    ; R3_w=scalar(id=69) R10=fp0 fp-128=scalar(id=69)
1343: (07) r3 += 40                   ; R3_w=scalar(id=69+40)
1344: (bf) r1 = r10                   ; R1_w=fp0 R10=fp0
1345: (07) r1 += -72                  ; R1_w=fp-72
1346: (b7) r2 = 8                     ; R2_w=8
1347: (85) call bpf_probe_read#4      ; R0_w=scalar() fp-72_w=mmmmmmmm
1348: (b7) r9 = 5                     ; R9_w=5
; if (!argp) @ buffer.h:328
1349: (79) r3 = *(u64 *)(r10 -72)     ; R3_w=scalar() R10=fp0 fp-72_w=mmmmmmmm
1350: (15) if r3 == 0x0 goto pc-659   ; R3_w=scalar(umin=1)
; if (buf->offset > ARGS_BUF_SIZE - MAX_STRING_SIZE - sizeof(int)) @ buffer.h:331
1351: (69) r2 = *(u16 *)(r6 +0)       ; R2=scalar(smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff)) R6=map_value(map=event_data_map,ks=4,vs=32528,off=32146)
1352: (25) if r2 > 0x6cfc goto pc-661         ; R2=scalar(smin=smin32=0,smax=umax=smax32=umax32=27900,var_off=(0x0; 0x7fff))
; int sz = bpf_probe_read_str(&(buf->args[buf->offset + sizeof(int)]), MAX_STRING_SIZE, argp); @ buffer.h:336
1353: (07) r2 += 4                    ; R2_w=scalar(smin=umin=smin32=umin32=4,smax=umax=smax32=umax32=27904,var_off=(0x0; 0x7fff))
1354: (57) r2 &= 65535                ; R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=27904,var_off=(0x0; 0x7fff))
1355: (bf) r1 = r7                    ; R1_w=map_value(map=event_data_map,ks=4,vs=32528,off=145) R7=map_value(map=event_data_map,ks=4,vs=32528,off=145)
1356: (0f) r1 += r2                   ; R1_w=map_value(map=event_data_map,ks=4,vs=32528,off=145,smin=smin32=0,smax=umax=smax32=umax32=27904,var_off=(0x0; 0x7fff)) R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=27904,var_off=(0x0; 0x7fff))
1357: (b7) r2 = 4096                  ; R2_w=4096
1358: (85) call bpf_probe_read_str#45         ; R0_w=scalar(smin=smin32=-4095,smax=smax32=4096)
1359: (63) *(u32 *)(r10 -76) = r0     ; R0_w=scalar(smin=smin32=-4095,smax=smax32=4096) R10=fp0 fp-80=mmmm????
1360: (67) r0 <<= 32                  ; R0_w=scalar(smax=0x100000000000,umax=0xffffffff00000000,smin32=0,smax32=umax32=0,var_off=(0x0; 0xffffffff00000000))
1361: (c7) r0 s>>= 32                 ; R0=scalar(smin=0xffffffff80000000,smax=smax32=4096)
; if (sz > 0) { @ buffer.h:337
1362: (c5) if r0 s< 0x1 goto pc-671   ; R0=scalar(smin=umin=smin32=umin32=1,smax=umax=smax32=umax32=4096,var_off=(0x0; 0x1fff))
; if (buf->offset > ARGS_BUF_SIZE - sizeof(int)) @ buffer.h:338
1363: (69) r2 = *(u16 *)(r6 +0)       ; R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff)) R6=map_value(map=event_data_map,ks=4,vs=32528,off=32146)
1364: (25) if r2 > 0x7cfc goto pc-673         ; R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=31996,var_off=(0x0; 0x7fff))
; bpf_probe_read(&(buf->args[buf->offset]), sizeof(int), &sz); @ buffer.h:341
1365: (bf) r1 = r7                    ; R1_w=map_value(map=event_data_map,ks=4,vs=32528,off=145) R7=map_value(map=event_data_map,ks=4,vs=32528,off=145)
1366: (0f) r1 += r2                   ; R1_w=map_value(map=event_data_map,ks=4,vs=32528,off=145,smin=smin32=0,smax=umax=smax32=umax32=31996,var_off=(0x0; 0x7fff)) R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=31996,var_off=(0x0; 0x7fff))
1367: (bf) r3 = r10                   ; R3_w=fp0 R10=fp0
1368: (07) r3 += -76                  ; R3_w=fp-76
1369: (b7) r2 = 4                     ; R2_w=4
1370: (85) call bpf_probe_read#4      ; R0=scalar()
; buf->offset += sz + sizeof(int); @ buffer.h:342
1371: (69) r1 = *(u16 *)(r6 +0)       ; R1_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff)) R6=map_value(map=event_data_map,ks=4,vs=32528,off=32146)
1372: (61) r2 = *(u32 *)(r10 -76)     ; R2_w=scalar(smin=0,smax=umax=0xffffffff,var_off=(0x0; 0xffffffff)) R10=fp0 fp-80=mmmm????
1373: (0f) r2 += r1                   ; R1_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff)) R2_w=scalar(smin=0,smax=umax=0x10000fffe,var_off=(0x0; 0x1ffffffff))
1374: (07) r2 += 4                    ; R2_w=scalar(smin=umin=4,smax=umax=0x100010002,var_off=(0x0; 0x1ffffffff))
1375: (6b) *(u16 *)(r6 +0) = r2       ; R2_w=scalar(smin=umin=4,smax=umax=0x100010002,var_off=(0x0; 0x1ffffffff)) R6=map_value(map=event_data_map,ks=4,vs=32528,off=32146)
1376: (b7) r1 = 0                     ; R1_w=0
; const char *argp = NULL; @ buffer.h:326
1377: (7b) *(u64 *)(r10 -72) = r1     ; R1_w=0 R10=fp0 fp-72_w=0
; bpf_probe_read(&argp, sizeof(argp), &ptr[i]); @ buffer.h:327
1378: (79) r3 = *(u64 *)(r10 -128)    ; R3_w=scalar(id=69) R10=fp0 fp-128=scalar(id=69)
1379: (07) r3 += 48                   ; R3_w=scalar(id=69+48)
1380: (bf) r1 = r10                   ; R1_w=fp0 R10=fp0
1381: (07) r1 += -72                  ; R1_w=fp-72
1382: (b7) r2 = 8                     ; R2_w=8
1383: (85) call bpf_probe_read#4      ; R0_w=scalar() fp-72_w=mmmmmmmm
1384: (b7) r9 = 6                     ; R9_w=6
; if (!argp) @ buffer.h:328
1385: (79) r3 = *(u64 *)(r10 -72)     ; R3_w=scalar() R10=fp0 fp-72_w=mmmmmmmm
1386: (15) if r3 == 0x0 goto pc-695   ; R3_w=scalar(umin=1)
; if (buf->offset > ARGS_BUF_SIZE - MAX_STRING_SIZE - sizeof(int)) @ buffer.h:331
1387: (69) r2 = *(u16 *)(r6 +0)       ; R2=scalar(smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff)) R6=map_value(map=event_data_map,ks=4,vs=32528,off=32146)
1388: (25) if r2 > 0x6cfc goto pc-697         ; R2=scalar(smin=smin32=0,smax=umax=smax32=umax32=27900,var_off=(0x0; 0x7fff))
; int sz = bpf_probe_read_str(&(buf->args[buf->offset + sizeof(int)]), MAX_STRING_SIZE, argp); @ buffer.h:336
1389: (07) r2 += 4                    ; R2_w=scalar(smin=umin=smin32=umin32=4,smax=umax=smax32=umax32=27904,var_off=(0x0; 0x7fff))
1390: (57) r2 &= 65535                ; R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=27904,var_off=(0x0; 0x7fff))
1391: (bf) r1 = r7                    ; R1_w=map_value(map=event_data_map,ks=4,vs=32528,off=145) R7=map_value(map=event_data_map,ks=4,vs=32528,off=145)
1392: (0f) r1 += r2                   ; R1_w=map_value(map=event_data_map,ks=4,vs=32528,off=145,smin=smin32=0,smax=umax=smax32=umax32=27904,var_off=(0x0; 0x7fff)) R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=27904,var_off=(0x0; 0x7fff))
1393: (b7) r2 = 4096                  ; R2_w=4096
1394: (85) call bpf_probe_read_str#45         ; R0_w=scalar(smin=smin32=-4095,smax=smax32=4096)
1395: (63) *(u32 *)(r10 -76) = r0     ; R0_w=scalar(smin=smin32=-4095,smax=smax32=4096) R10=fp0 fp-80=mmmm????
1396: (67) r0 <<= 32                  ; R0_w=scalar(smax=0x100000000000,umax=0xffffffff00000000,smin32=0,smax32=umax32=0,var_off=(0x0; 0xffffffff00000000))
1397: (c7) r0 s>>= 32                 ; R0=scalar(smin=0xffffffff80000000,smax=smax32=4096)
; if (sz > 0) { @ buffer.h:337
1398: (c5) if r0 s< 0x1 goto pc-707   ; R0=scalar(smin=umin=smin32=umin32=1,smax=umax=smax32=umax32=4096,var_off=(0x0; 0x1fff))
; if (buf->offset > ARGS_BUF_SIZE - sizeof(int)) @ buffer.h:338
1399: (69) r2 = *(u16 *)(r6 +0)       ; R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff)) R6=map_value(map=event_data_map,ks=4,vs=32528,off=32146)
1400: (25) if r2 > 0x7cfc goto pc-709         ; R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=31996,var_off=(0x0; 0x7fff))
; bpf_probe_read(&(buf->args[buf->offset]), sizeof(int), &sz); @ buffer.h:341
1401: (bf) r1 = r7                    ; R1_w=map_value(map=event_data_map,ks=4,vs=32528,off=145) R7=map_value(map=event_data_map,ks=4,vs=32528,off=145)
1402: (0f) r1 += r2                   ; R1_w=map_value(map=event_data_map,ks=4,vs=32528,off=145,smin=smin32=0,smax=umax=smax32=umax32=31996,var_off=(0x0; 0x7fff)) R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=31996,var_off=(0x0; 0x7fff))
1403: (bf) r3 = r10                   ; R3_w=fp0 R10=fp0
1404: (07) r3 += -76                  ; R3_w=fp-76
1405: (b7) r2 = 4                     ; R2_w=4
1406: (85) call bpf_probe_read#4      ; R0=scalar()
; buf->offset += sz + sizeof(int); @ buffer.h:342
1407: (69) r1 = *(u16 *)(r6 +0)       ; R1_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff)) R6=map_value(map=event_data_map,ks=4,vs=32528,off=32146)
1408: (61) r2 = *(u32 *)(r10 -76)     ; R2_w=scalar(smin=0,smax=umax=0xffffffff,var_off=(0x0; 0xffffffff)) R10=fp0 fp-80=mmmm????
1409: (0f) r2 += r1                   ; R1_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff)) R2_w=scalar(smin=0,smax=umax=0x10000fffe,var_off=(0x0; 0x1ffffffff))
1410: (07) r2 += 4                    ; R2_w=scalar(smin=umin=4,smax=umax=0x100010002,var_off=(0x0; 0x1ffffffff))
1411: (6b) *(u16 *)(r6 +0) = r2       ; R2_w=scalar(smin=umin=4,smax=umax=0x100010002,var_off=(0x0; 0x1ffffffff)) R6=map_value(map=event_data_map,ks=4,vs=32528,off=32146)
1412: (b7) r1 = 0                     ; R1_w=0
; const char *argp = NULL; @ buffer.h:326
1413: (7b) *(u64 *)(r10 -72) = r1     ; R1_w=0 R10=fp0 fp-72_w=0
; bpf_probe_read(&argp, sizeof(argp), &ptr[i]); @ buffer.h:327
1414: (79) r3 = *(u64 *)(r10 -128)    ; R3_w=scalar(id=69) R10=fp0 fp-128=scalar(id=69)
1415: (07) r3 += 56                   ; R3_w=scalar(id=69+56)
1416: (bf) r1 = r10                   ; R1_w=fp0 R10=fp0
1417: (07) r1 += -72                  ; R1_w=fp-72
1418: (b7) r2 = 8                     ; R2_w=8
1419: (85) call bpf_probe_read#4      ; R0_w=scalar() fp-72_w=mmmmmmmm
1420: (b7) r9 = 7                     ; R9_w=7
; if (!argp) @ buffer.h:328
1421: (79) r3 = *(u64 *)(r10 -72)     ; R3_w=scalar() R10=fp0 fp-72_w=mmmmmmmm
1422: (15) if r3 == 0x0 goto pc-731   ; R3_w=scalar(umin=1)
; if (buf->offset > ARGS_BUF_SIZE - MAX_STRING_SIZE - sizeof(int)) @ buffer.h:331
1423: (69) r2 = *(u16 *)(r6 +0)       ; R2=scalar(smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff)) R6=map_value(map=event_data_map,ks=4,vs=32528,off=32146)
1424: (25) if r2 > 0x6cfc goto pc-733         ; R2=scalar(smin=smin32=0,smax=umax=smax32=umax32=27900,var_off=(0x0; 0x7fff))
; int sz = bpf_probe_read_str(&(buf->args[buf->offset + sizeof(int)]), MAX_STRING_SIZE, argp); @ buffer.h:336
1425: (07) r2 += 4                    ; R2_w=scalar(smin=umin=smin32=umin32=4,smax=umax=smax32=umax32=27904,var_off=(0x0; 0x7fff))
1426: (57) r2 &= 65535                ; R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=27904,var_off=(0x0; 0x7fff))
1427: (bf) r1 = r7                    ; R1_w=map_value(map=event_data_map,ks=4,vs=32528,off=145) R7=map_value(map=event_data_map,ks=4,vs=32528,off=145)
1428: (0f) r1 += r2                   ; R1_w=map_value(map=event_data_map,ks=4,vs=32528,off=145,smin=smin32=0,smax=umax=smax32=umax32=27904,var_off=(0x0; 0x7fff)) R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=27904,var_off=(0x0; 0x7fff))
1429: (b7) r2 = 4096                  ; R2_w=4096
1430: (85) call bpf_probe_read_str#45         ; R0_w=scalar(smin=smin32=-4095,smax=smax32=4096)
1431: (63) *(u32 *)(r10 -76) = r0     ; R0_w=scalar(smin=smin32=-4095,smax=smax32=4096) R10=fp0 fp-80=mmmm????
1432: (67) r0 <<= 32                  ; R0_w=scalar(smax=0x100000000000,umax=0xffffffff00000000,smin32=0,smax32=umax32=0,var_off=(0x0; 0xffffffff00000000))
1433: (c7) r0 s>>= 32                 ; R0=scalar(smin=0xffffffff80000000,smax=smax32=4096)
; if (sz > 0) { @ buffer.h:337
1434: (c5) if r0 s< 0x1 goto pc-743   ; R0=scalar(smin=umin=smin32=umin32=1,smax=umax=smax32=umax32=4096,var_off=(0x0; 0x1fff))
; if (buf->offset > ARGS_BUF_SIZE - sizeof(int)) @ buffer.h:338
1435: (69) r2 = *(u16 *)(r6 +0)       ; R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff)) R6=map_value(map=event_data_map,ks=4,vs=32528,off=32146)
1436: (25) if r2 > 0x7cfc goto pc-745         ; R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=31996,var_off=(0x0; 0x7fff))
; bpf_probe_read(&(buf->args[buf->offset]), sizeof(int), &sz); @ buffer.h:341
1437: (bf) r1 = r7                    ; R1_w=map_value(map=event_data_map,ks=4,vs=32528,off=145) R7=map_value(map=event_data_map,ks=4,vs=32528,off=145)
1438: (0f) r1 += r2                   ; R1_w=map_value(map=event_data_map,ks=4,vs=32528,off=145,smin=smin32=0,smax=umax=smax32=umax32=31996,var_off=(0x0; 0x7fff)) R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=31996,var_off=(0x0; 0x7fff))
1439: (bf) r3 = r10                   ; R3_w=fp0 R10=fp0
1440: (07) r3 += -76                  ; R3_w=fp-76
1441: (b7) r2 = 4                     ; R2_w=4
1442: (85) call bpf_probe_read#4      ; R0=scalar()
; buf->offset += sz + sizeof(int); @ buffer.h:342
1443: (69) r1 = *(u16 *)(r6 +0)       ; R1_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff)) R6=map_value(map=event_data_map,ks=4,vs=32528,off=32146)
1444: (61) r2 = *(u32 *)(r10 -76)     ; R2_w=scalar(smin=0,smax=umax=0xffffffff,var_off=(0x0; 0xffffffff)) R10=fp0 fp-80=mmmm????
1445: (0f) r2 += r1                   ; R1_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff)) R2_w=scalar(smin=0,smax=umax=0x10000fffe,var_off=(0x0; 0x1ffffffff))
1446: (07) r2 += 4                    ; R2_w=scalar(smin=umin=4,smax=umax=0x100010002,var_off=(0x0; 0x1ffffffff))
1447: (6b) *(u16 *)(r6 +0) = r2       ; R2_w=scalar(smin=umin=4,smax=umax=0x100010002,var_off=(0x0; 0x1ffffffff)) R6=map_value(map=event_data_map,ks=4,vs=32528,off=32146)
1448: (b7) r1 = 0                     ; R1_w=0
; const char *argp = NULL; @ buffer.h:326
1449: (7b) *(u64 *)(r10 -72) = r1     ; R1_w=0 R10=fp0 fp-72_w=0
; bpf_probe_read(&argp, sizeof(argp), &ptr[i]); @ buffer.h:327
1450: (79) r3 = *(u64 *)(r10 -128)    ; R3_w=scalar(id=69) R10=fp0 fp-128=scalar(id=69)
1451: (07) r3 += 64                   ; R3_w=scalar(id=69+64)
1452: (bf) r1 = r10                   ; R1_w=fp0 R10=fp0
1453: (07) r1 += -72                  ; R1_w=fp-72
1454: (b7) r9 = 8                     ; R9_w=8
1455: (b7) r2 = 8                     ; R2_w=8
1456: (85) call bpf_probe_read#4      ; R0_w=scalar() fp-72_w=mmmmmmmm
; if (!argp) @ buffer.h:328
1457: (79) r3 = *(u64 *)(r10 -72)     ; R3_w=scalar() R10=fp0 fp-72_w=mmmmmmmm
1458: (15) if r3 == 0x0 goto pc-767   ; R3_w=scalar(umin=1)
; if (buf->offset > ARGS_BUF_SIZE - MAX_STRING_SIZE - sizeof(int)) @ buffer.h:331
1459: (69) r2 = *(u16 *)(r6 +0)       ; R2=scalar(smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff)) R6=map_value(map=event_data_map,ks=4,vs=32528,off=32146)
1460: (25) if r2 > 0x6cfc goto pc-769         ; R2=scalar(smin=smin32=0,smax=umax=smax32=umax32=27900,var_off=(0x0; 0x7fff))
; int sz = bpf_probe_read_str(&(buf->args[buf->offset + sizeof(int)]), MAX_STRING_SIZE, argp); @ buffer.h:336
1461: (07) r2 += 4                    ; R2_w=scalar(smin=umin=smin32=umin32=4,smax=umax=smax32=umax32=27904,var_off=(0x0; 0x7fff))
1462: (57) r2 &= 65535                ; R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=27904,var_off=(0x0; 0x7fff))
1463: (bf) r1 = r7                    ; R1_w=map_value(map=event_data_map,ks=4,vs=32528,off=145) R7=map_value(map=event_data_map,ks=4,vs=32528,off=145)
1464: (0f) r1 += r2                   ; R1_w=map_value(map=event_data_map,ks=4,vs=32528,off=145,smin=smin32=0,smax=umax=smax32=umax32=27904,var_off=(0x0; 0x7fff)) R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=27904,var_off=(0x0; 0x7fff))
1465: (b7) r2 = 4096                  ; R2_w=4096
1466: (85) call bpf_probe_read_str#45         ; R0_w=scalar(smin=smin32=-4095,smax=smax32=4096)
1467: (63) *(u32 *)(r10 -76) = r0     ; R0_w=scalar(smin=smin32=-4095,smax=smax32=4096) R10=fp0 fp-80=mmmm????
1468: (67) r0 <<= 32                  ; R0_w=scalar(smax=0x100000000000,umax=0xffffffff00000000,smin32=0,smax32=umax32=0,var_off=(0x0; 0xffffffff00000000))
1469: (c7) r0 s>>= 32                 ; R0=scalar(smin=0xffffffff80000000,smax=smax32=4096)
; if (sz > 0) { @ buffer.h:337
1470: (c5) if r0 s< 0x1 goto pc-779   ; R0=scalar(smin=umin=smin32=umin32=1,smax=umax=smax32=umax32=4096,var_off=(0x0; 0x1fff))
; if (buf->offset > ARGS_BUF_SIZE - sizeof(int)) @ buffer.h:338
1471: (69) r2 = *(u16 *)(r6 +0)       ; R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff)) R6=map_value(map=event_data_map,ks=4,vs=32528,off=32146)
1472: (25) if r2 > 0x7cfc goto pc-781         ; R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=31996,var_off=(0x0; 0x7fff))
; bpf_probe_read(&(buf->args[buf->offset]), sizeof(int), &sz); @ buffer.h:341
1473: (bf) r1 = r7                    ; R1_w=map_value(map=event_data_map,ks=4,vs=32528,off=145) R7=map_value(map=event_data_map,ks=4,vs=32528,off=145)
1474: (0f) r1 += r2                   ; R1_w=map_value(map=event_data_map,ks=4,vs=32528,off=145,smin=smin32=0,smax=umax=smax32=umax32=31996,var_off=(0x0; 0x7fff)) R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=31996,var_off=(0x0; 0x7fff))
1475: (bf) r3 = r10                   ; R3_w=fp0 R10=fp0
1476: (07) r3 += -76                  ; R3_w=fp-76
1477: (b7) r2 = 4                     ; R2_w=4
1478: (85) call bpf_probe_read#4      ; R0=scalar()
; buf->offset += sz + sizeof(int); @ buffer.h:342
1479: (69) r1 = *(u16 *)(r6 +0)       ; R1_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff)) R6=map_value(map=event_data_map,ks=4,vs=32528,off=32146)
1480: (61) r2 = *(u32 *)(r10 -76)     ; R2_w=scalar(smin=0,smax=umax=0xffffffff,var_off=(0x0; 0xffffffff)) R10=fp0 fp-80=mmmm????
1481: (0f) r2 += r1                   ; R1_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff)) R2_w=scalar(smin=0,smax=umax=0x10000fffe,var_off=(0x0; 0x1ffffffff))
1482: (07) r2 += 4                    ; R2_w=scalar(smin=umin=4,smax=umax=0x100010002,var_off=(0x0; 0x1ffffffff))
1483: (6b) *(u16 *)(r6 +0) = r2       ; R2_w=scalar(smin=umin=4,smax=umax=0x100010002,var_off=(0x0; 0x1ffffffff)) R6=map_value(map=event_data_map,ks=4,vs=32528,off=32146)
1484: (b7) r1 = 0                     ; R1_w=0
; const char *argp = NULL; @ buffer.h:326
1485: (7b) *(u64 *)(r10 -72) = r1     ; R1_w=0 R10=fp0 fp-72_w=0
; bpf_probe_read(&argp, sizeof(argp), &ptr[i]); @ buffer.h:327
1486: (79) r3 = *(u64 *)(r10 -128)    ; R3_w=scalar(id=69) R10=fp0 fp-128=scalar(id=69)
1487: (07) r3 += 72                   ; R3_w=scalar(id=69+72)
1488: (bf) r1 = r10                   ; R1_w=fp0 R10=fp0
1489: (07) r1 += -72                  ; R1_w=fp-72
1490: (b7) r2 = 8                     ; R2_w=8
1491: (85) call bpf_probe_read#4      ; R0_w=scalar() fp-72_w=mmmmmmmm
1492: (b7) r9 = 9                     ; R9_w=9
; if (!argp) @ buffer.h:328
1493: (79) r3 = *(u64 *)(r10 -72)     ; R3_w=scalar() R10=fp0 fp-72_w=mmmmmmmm
1494: (15) if r3 == 0x0 goto pc-803   ; R3_w=scalar(umin=1)
; if (buf->offset > ARGS_BUF_SIZE - MAX_STRING_SIZE - sizeof(int)) @ buffer.h:331
1495: (69) r2 = *(u16 *)(r6 +0)       ; R2=scalar(smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff)) R6=map_value(map=event_data_map,ks=4,vs=32528,off=32146)
1496: (25) if r2 > 0x6cfc goto pc-805         ; R2=scalar(smin=smin32=0,smax=umax=smax32=umax32=27900,var_off=(0x0; 0x7fff))
; int sz = bpf_probe_read_str(&(buf->args[buf->offset + sizeof(int)]), MAX_STRING_SIZE, argp); @ buffer.h:336
1497: (07) r2 += 4                    ; R2_w=scalar(smin=umin=smin32=umin32=4,smax=umax=smax32=umax32=27904,var_off=(0x0; 0x7fff))
1498: (57) r2 &= 65535                ; R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=27904,var_off=(0x0; 0x7fff))
1499: (bf) r1 = r7                    ; R1_w=map_value(map=event_data_map,ks=4,vs=32528,off=145) R7=map_value(map=event_data_map,ks=4,vs=32528,off=145)
1500: (0f) r1 += r2                   ; R1_w=map_value(map=event_data_map,ks=4,vs=32528,off=145,smin=smin32=0,smax=umax=smax32=umax32=27904,var_off=(0x0; 0x7fff)) R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=27904,var_off=(0x0; 0x7fff))
1501: (b7) r2 = 4096                  ; R2_w=4096
1502: (85) call bpf_probe_read_str#45         ; R0_w=scalar(smin=smin32=-4095,smax=smax32=4096)
1503: (63) *(u32 *)(r10 -76) = r0     ; R0_w=scalar(smin=smin32=-4095,smax=smax32=4096) R10=fp0 fp-80=mmmm????
1504: (67) r0 <<= 32                  ; R0_w=scalar(smax=0x100000000000,umax=0xffffffff00000000,smin32=0,smax32=umax32=0,var_off=(0x0; 0xffffffff00000000))
1505: (c7) r0 s>>= 32                 ; R0=scalar(smin=0xffffffff80000000,smax=smax32=4096)
; if (sz > 0) { @ buffer.h:337
1506: (c5) if r0 s< 0x1 goto pc-815   ; R0=scalar(smin=umin=smin32=umin32=1,smax=umax=smax32=umax32=4096,var_off=(0x0; 0x1fff))
; if (buf->offset > ARGS_BUF_SIZE - sizeof(int)) @ buffer.h:338
1507: (69) r2 = *(u16 *)(r6 +0)       ; R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff)) R6=map_value(map=event_data_map,ks=4,vs=32528,off=32146)
1508: (25) if r2 > 0x7cfc goto pc-817         ; R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=31996,var_off=(0x0; 0x7fff))
; bpf_probe_read(&(buf->args[buf->offset]), sizeof(int), &sz); @ buffer.h:341
1509: (bf) r1 = r7                    ; R1_w=map_value(map=event_data_map,ks=4,vs=32528,off=145) R7=map_value(map=event_data_map,ks=4,vs=32528,off=145)
1510: (0f) r1 += r2                   ; R1_w=map_value(map=event_data_map,ks=4,vs=32528,off=145,smin=smin32=0,smax=umax=smax32=umax32=31996,var_off=(0x0; 0x7fff)) R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=31996,var_off=(0x0; 0x7fff))
1511: (bf) r3 = r10                   ; R3_w=fp0 R10=fp0
1512: (07) r3 += -76                  ; R3_w=fp-76
1513: (b7) r2 = 4                     ; R2_w=4
1514: (85) call bpf_probe_read#4      ; R0=scalar()
; buf->offset += sz + sizeof(int); @ buffer.h:342
1515: (69) r1 = *(u16 *)(r6 +0)       ; R1_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff)) R6=map_value(map=event_data_map,ks=4,vs=32528,off=32146)
1516: (61) r2 = *(u32 *)(r10 -76)     ; R2_w=scalar(smin=0,smax=umax=0xffffffff,var_off=(0x0; 0xffffffff)) R10=fp0 fp-80=mmmm????
1517: (0f) r2 += r1                   ; R1_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff)) R2_w=scalar(smin=0,smax=umax=0x10000fffe,var_off=(0x0; 0x1ffffffff))
1518: (07) r2 += 4                    ; R2_w=scalar(smin=umin=4,smax=umax=0x100010002,var_off=(0x0; 0x1ffffffff))
1519: (6b) *(u16 *)(r6 +0) = r2       ; R2_w=scalar(smin=umin=4,smax=umax=0x100010002,var_off=(0x0; 0x1ffffffff)) R6=map_value(map=event_data_map,ks=4,vs=32528,off=32146)
1520: (b7) r1 = 0                     ; R1_w=0
; const char *argp = NULL; @ buffer.h:326
1521: (7b) *(u64 *)(r10 -72) = r1     ; R1_w=0 R10=fp0 fp-72_w=0
; bpf_probe_read(&argp, sizeof(argp), &ptr[i]); @ buffer.h:327
1522: (79) r3 = *(u64 *)(r10 -128)    ; R3_w=scalar(id=69) R10=fp0 fp-128=scalar(id=69)
1523: (07) r3 += 80                   ; R3_w=scalar(id=69+80)
1524: (bf) r1 = r10                   ; R1_w=fp0 R10=fp0
1525: (07) r1 += -72                  ; R1_w=fp-72
1526: (b7) r2 = 8                     ; R2_w=8
1527: (85) call bpf_probe_read#4      ; R0_w=scalar() fp-72_w=mmmmmmmm
1528: (b7) r9 = 10                    ; R9_w=10
; if (!argp) @ buffer.h:328
1529: (79) r3 = *(u64 *)(r10 -72)     ; R3_w=scalar() R10=fp0 fp-72_w=mmmmmmmm
1530: (15) if r3 == 0x0 goto pc-839   ; R3_w=scalar(umin=1)
; if (buf->offset > ARGS_BUF_SIZE - MAX_STRING_SIZE - sizeof(int)) @ buffer.h:331
1531: (69) r2 = *(u16 *)(r6 +0)       ; R2=scalar(smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff)) R6=map_value(map=event_data_map,ks=4,vs=32528,off=32146)
1532: (25) if r2 > 0x6cfc goto pc-841         ; R2=scalar(smin=smin32=0,smax=umax=smax32=umax32=27900,var_off=(0x0; 0x7fff))
; int sz = bpf_probe_read_str(&(buf->args[buf->offset + sizeof(int)]), MAX_STRING_SIZE, argp); @ buffer.h:336
1533: (07) r2 += 4                    ; R2_w=scalar(smin=umin=smin32=umin32=4,smax=umax=smax32=umax32=27904,var_off=(0x0; 0x7fff))
1534: (57) r2 &= 65535                ; R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=27904,var_off=(0x0; 0x7fff))
1535: (bf) r1 = r7                    ; R1_w=map_value(map=event_data_map,ks=4,vs=32528,off=145) R7=map_value(map=event_data_map,ks=4,vs=32528,off=145)
1536: (0f) r1 += r2                   ; R1_w=map_value(map=event_data_map,ks=4,vs=32528,off=145,smin=smin32=0,smax=umax=smax32=umax32=27904,var_off=(0x0; 0x7fff)) R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=27904,var_off=(0x0; 0x7fff))
1537: (b7) r2 = 4096                  ; R2_w=4096
1538: (85) call bpf_probe_read_str#45         ; R0_w=scalar(smin=smin32=-4095,smax=smax32=4096)
1539: (63) *(u32 *)(r10 -76) = r0     ; R0_w=scalar(smin=smin32=-4095,smax=smax32=4096) R10=fp0 fp-80=mmmm????
1540: (67) r0 <<= 32                  ; R0_w=scalar(smax=0x100000000000,umax=0xffffffff00000000,smin32=0,smax32=umax32=0,var_off=(0x0; 0xffffffff00000000))
1541: (c7) r0 s>>= 32                 ; R0=scalar(smin=0xffffffff80000000,smax=smax32=4096)
; if (sz > 0) { @ buffer.h:337
1542: (c5) if r0 s< 0x1 goto pc-851   ; R0=scalar(smin=umin=smin32=umin32=1,smax=umax=smax32=umax32=4096,var_off=(0x0; 0x1fff))
; if (buf->offset > ARGS_BUF_SIZE - sizeof(int)) @ buffer.h:338
1543: (69) r2 = *(u16 *)(r6 +0)       ; R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff)) R6=map_value(map=event_data_map,ks=4,vs=32528,off=32146)
1544: (25) if r2 > 0x7cfc goto pc-853         ; R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=31996,var_off=(0x0; 0x7fff))
; bpf_probe_read(&(buf->args[buf->offset]), sizeof(int), &sz); @ buffer.h:341
1545: (bf) r1 = r7                    ; R1_w=map_value(map=event_data_map,ks=4,vs=32528,off=145) R7=map_value(map=event_data_map,ks=4,vs=32528,off=145)
1546: (0f) r1 += r2                   ; R1_w=map_value(map=event_data_map,ks=4,vs=32528,off=145,smin=smin32=0,smax=umax=smax32=umax32=31996,var_off=(0x0; 0x7fff)) R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=31996,var_off=(0x0; 0x7fff))
1547: (bf) r3 = r10                   ; R3_w=fp0 R10=fp0
1548: (07) r3 += -76                  ; R3_w=fp-76
1549: (b7) r2 = 4                     ; R2_w=4
1550: (85) call bpf_probe_read#4      ; R0=scalar()
; buf->offset += sz + sizeof(int); @ buffer.h:342
1551: (69) r1 = *(u16 *)(r6 +0)       ; R1_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff)) R6=map_value(map=event_data_map,ks=4,vs=32528,off=32146)
1552: (61) r2 = *(u32 *)(r10 -76)     ; R2_w=scalar(smin=0,smax=umax=0xffffffff,var_off=(0x0; 0xffffffff)) R10=fp0 fp-80=mmmm????
1553: (0f) r2 += r1                   ; R1_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff)) R2_w=scalar(smin=0,smax=umax=0x10000fffe,var_off=(0x0; 0x1ffffffff))
1554: (07) r2 += 4                    ; R2_w=scalar(smin=umin=4,smax=umax=0x100010002,var_off=(0x0; 0x1ffffffff))
1555: (6b) *(u16 *)(r6 +0) = r2       ; R2_w=scalar(smin=umin=4,smax=umax=0x100010002,var_off=(0x0; 0x1ffffffff)) R6=map_value(map=event_data_map,ks=4,vs=32528,off=32146)
1556: (b7) r1 = 0                     ; R1_w=0
; const char *argp = NULL; @ buffer.h:326
1557: (7b) *(u64 *)(r10 -72) = r1     ; R1_w=0 R10=fp0 fp-72_w=0
; bpf_probe_read(&argp, sizeof(argp), &ptr[i]); @ buffer.h:327
1558: (79) r3 = *(u64 *)(r10 -128)    ; R3_w=scalar(id=69) R10=fp0 fp-128=scalar(id=69)
1559: (07) r3 += 88                   ; R3_w=scalar(id=69+88)
1560: (bf) r1 = r10                   ; R1_w=fp0 R10=fp0
1561: (07) r1 += -72                  ; R1_w=fp-72
1562: (b7) r2 = 8                     ; R2_w=8
1563: (85) call bpf_probe_read#4      ; R0_w=scalar() fp-72_w=mmmmmmmm
1564: (b7) r9 = 11                    ; R9_w=11
; if (!argp) @ buffer.h:328
1565: (79) r3 = *(u64 *)(r10 -72)     ; R3_w=scalar() R10=fp0 fp-72_w=mmmmmmmm
1566: (15) if r3 == 0x0 goto pc-875   ; R3_w=scalar(umin=1)
; if (buf->offset > ARGS_BUF_SIZE - MAX_STRING_SIZE - sizeof(int)) @ buffer.h:331
1567: (69) r2 = *(u16 *)(r6 +0)       ; R2=scalar(smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff)) R6=map_value(map=event_data_map,ks=4,vs=32528,off=32146)
1568: (25) if r2 > 0x6cfc goto pc-877         ; R2=scalar(smin=smin32=0,smax=umax=smax32=umax32=27900,var_off=(0x0; 0x7fff))
; int sz = bpf_probe_read_str(&(buf->args[buf->offset + sizeof(int)]), MAX_STRING_SIZE, argp); @ buffer.h:336
1569: (07) r2 += 4                    ; R2_w=scalar(smin=umin=smin32=umin32=4,smax=umax=smax32=umax32=27904,var_off=(0x0; 0x7fff))
1570: (57) r2 &= 65535                ; R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=27904,var_off=(0x0; 0x7fff))
1571: (bf) r1 = r7                    ; R1_w=map_value(map=event_data_map,ks=4,vs=32528,off=145) R7=map_value(map=event_data_map,ks=4,vs=32528,off=145)
1572: (0f) r1 += r2                   ; R1_w=map_value(map=event_data_map,ks=4,vs=32528,off=145,smin=smin32=0,smax=umax=smax32=umax32=27904,var_off=(0x0; 0x7fff)) R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=27904,var_off=(0x0; 0x7fff))
1573: (b7) r2 = 4096                  ; R2_w=4096
1574: (85) call bpf_probe_read_str#45         ; R0_w=scalar(smin=smin32=-4095,smax=smax32=4096)
1575: (63) *(u32 *)(r10 -76) = r0     ; R0_w=scalar(smin=smin32=-4095,smax=smax32=4096) R10=fp0 fp-80=mmmm????
1576: (67) r0 <<= 32                  ; R0_w=scalar(smax=0x100000000000,umax=0xffffffff00000000,smin32=0,smax32=umax32=0,var_off=(0x0; 0xffffffff00000000))
1577: (c7) r0 s>>= 32                 ; R0=scalar(smin=0xffffffff80000000,smax=smax32=4096)
; if (sz > 0) { @ buffer.h:337
1578: (c5) if r0 s< 0x1 goto pc-887   ; R0=scalar(smin=umin=smin32=umin32=1,smax=umax=smax32=umax32=4096,var_off=(0x0; 0x1fff))
; if (buf->offset > ARGS_BUF_SIZE - sizeof(int)) @ buffer.h:338
1579: (69) r2 = *(u16 *)(r6 +0)       ; R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff)) R6=map_value(map=event_data_map,ks=4,vs=32528,off=32146)
1580: (25) if r2 > 0x7cfc goto pc-889         ; R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=31996,var_off=(0x0; 0x7fff))
; bpf_probe_read(&(buf->args[buf->offset]), sizeof(int), &sz); @ buffer.h:341
1581: (bf) r1 = r7                    ; R1_w=map_value(map=event_data_map,ks=4,vs=32528,off=145) R7=map_value(map=event_data_map,ks=4,vs=32528,off=145)
1582: (0f) r1 += r2                   ; R1_w=map_value(map=event_data_map,ks=4,vs=32528,off=145,smin=smin32=0,smax=umax=smax32=umax32=31996,var_off=(0x0; 0x7fff)) R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=31996,var_off=(0x0; 0x7fff))
1583: (bf) r3 = r10                   ; R3_w=fp0 R10=fp0
1584: (07) r3 += -76                  ; R3_w=fp-76
1585: (b7) r2 = 4                     ; R2_w=4
1586: (85) call bpf_probe_read#4      ; R0=scalar()
; buf->offset += sz + sizeof(int); @ buffer.h:342
1587: (69) r1 = *(u16 *)(r6 +0)       ; R1_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff)) R6=map_value(map=event_data_map,ks=4,vs=32528,off=32146)
1588: (61) r2 = *(u32 *)(r10 -76)     ; R2_w=scalar(smin=0,smax=umax=0xffffffff,var_off=(0x0; 0xffffffff)) R10=fp0 fp-80=mmmm????
1589: (0f) r2 += r1                   ; R1_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff)) R2_w=scalar(smin=0,smax=umax=0x10000fffe,var_off=(0x0; 0x1ffffffff))
1590: (07) r2 += 4                    ; R2_w=scalar(smin=umin=4,smax=umax=0x100010002,var_off=(0x0; 0x1ffffffff))
1591: (6b) *(u16 *)(r6 +0) = r2       ; R2_w=scalar(smin=umin=4,smax=umax=0x100010002,var_off=(0x0; 0x1ffffffff)) R6=map_value(map=event_data_map,ks=4,vs=32528,off=32146)
1592: (b7) r1 = 0                     ; R1_w=0
; const char *argp = NULL; @ buffer.h:326
1593: (7b) *(u64 *)(r10 -72) = r1     ; R1_w=0 R10=fp0 fp-72_w=0
; bpf_probe_read(&argp, sizeof(argp), &ptr[i]); @ buffer.h:327
1594: (79) r3 = *(u64 *)(r10 -128)    ; R3_w=scalar(id=69) R10=fp0 fp-128=scalar(id=69)
1595: (07) r3 += 96                   ; R3_w=scalar(id=69+96)
1596: (bf) r1 = r10                   ; R1_w=fp0 R10=fp0
1597: (07) r1 += -72                  ; R1_w=fp-72
1598: (b7) r2 = 8                     ; R2_w=8
1599: (85) call bpf_probe_read#4      ; R0_w=scalar() fp-72_w=mmmmmmmm
1600: (b7) r9 = 12                    ; R9_w=12
; if (!argp) @ buffer.h:328
1601: (79) r3 = *(u64 *)(r10 -72)     ; R3_w=scalar() R10=fp0 fp-72_w=mmmmmmmm
1602: (15) if r3 == 0x0 goto pc-911   ; R3_w=scalar(umin=1)
; if (buf->offset > ARGS_BUF_SIZE - MAX_STRING_SIZE - sizeof(int)) @ buffer.h:331
1603: (69) r2 = *(u16 *)(r6 +0)       ; R2=scalar(smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff)) R6=map_value(map=event_data_map,ks=4,vs=32528,off=32146)
1604: (25) if r2 > 0x6cfc goto pc-913         ; R2=scalar(smin=smin32=0,smax=umax=smax32=umax32=27900,var_off=(0x0; 0x7fff))
; int sz = bpf_probe_read_str(&(buf->args[buf->offset + sizeof(int)]), MAX_STRING_SIZE, argp); @ buffer.h:336
1605: (07) r2 += 4                    ; R2_w=scalar(smin=umin=smin32=umin32=4,smax=umax=smax32=umax32=27904,var_off=(0x0; 0x7fff))
1606: (57) r2 &= 65535                ; R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=27904,var_off=(0x0; 0x7fff))
1607: (bf) r1 = r7                    ; R1_w=map_value(map=event_data_map,ks=4,vs=32528,off=145) R7=map_value(map=event_data_map,ks=4,vs=32528,off=145)
1608: (0f) r1 += r2                   ; R1_w=map_value(map=event_data_map,ks=4,vs=32528,off=145,smin=smin32=0,smax=umax=smax32=umax32=27904,var_off=(0x0; 0x7fff)) R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=27904,var_off=(0x0; 0x7fff))
1609: (b7) r2 = 4096                  ; R2_w=4096
1610: (85) call bpf_probe_read_str#45         ; R0_w=scalar(smin=smin32=-4095,smax=smax32=4096)
1611: (63) *(u32 *)(r10 -76) = r0     ; R0_w=scalar(smin=smin32=-4095,smax=smax32=4096) R10=fp0 fp-80=mmmm????
1612: (67) r0 <<= 32                  ; R0_w=scalar(smax=0x100000000000,umax=0xffffffff00000000,smin32=0,smax32=umax32=0,var_off=(0x0; 0xffffffff00000000))
1613: (c7) r0 s>>= 32                 ; R0=scalar(smin=0xffffffff80000000,smax=smax32=4096)
; if (sz > 0) { @ buffer.h:337
1614: (c5) if r0 s< 0x1 goto pc-923   ; R0=scalar(smin=umin=smin32=umin32=1,smax=umax=smax32=umax32=4096,var_off=(0x0; 0x1fff))
; if (buf->offset > ARGS_BUF_SIZE - sizeof(int)) @ buffer.h:338
1615: (69) r2 = *(u16 *)(r6 +0)       ; R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff)) R6=map_value(map=event_data_map,ks=4,vs=32528,off=32146)
1616: (25) if r2 > 0x7cfc goto pc-925         ; R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=31996,var_off=(0x0; 0x7fff))
; bpf_probe_read(&(buf->args[buf->offset]), sizeof(int), &sz); @ buffer.h:341
1617: (bf) r1 = r7                    ; R1_w=map_value(map=event_data_map,ks=4,vs=32528,off=145) R7=map_value(map=event_data_map,ks=4,vs=32528,off=145)
1618: (0f) r1 += r2                   ; R1_w=map_value(map=event_data_map,ks=4,vs=32528,off=145,smin=smin32=0,smax=umax=smax32=umax32=31996,var_off=(0x0; 0x7fff)) R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=31996,var_off=(0x0; 0x7fff))
1619: (bf) r3 = r10                   ; R3_w=fp0 R10=fp0
1620: (07) r3 += -76                  ; R3_w=fp-76
1621: (b7) r2 = 4                     ; R2_w=4
1622: (85) call bpf_probe_read#4      ; R0=scalar()
; buf->offset += sz + sizeof(int); @ buffer.h:342
1623: (69) r1 = *(u16 *)(r6 +0)       ; R1_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff)) R6=map_value(map=event_data_map,ks=4,vs=32528,off=32146)
1624: (61) r2 = *(u32 *)(r10 -76)     ; R2_w=scalar(smin=0,smax=umax=0xffffffff,var_off=(0x0; 0xffffffff)) R10=fp0 fp-80=mmmm????
1625: (0f) r2 += r1                   ; R1_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff)) R2_w=scalar(smin=0,smax=umax=0x10000fffe,var_off=(0x0; 0x1ffffffff))
1626: (07) r2 += 4                    ; R2_w=scalar(smin=umin=4,smax=umax=0x100010002,var_off=(0x0; 0x1ffffffff))
1627: (6b) *(u16 *)(r6 +0) = r2       ; R2_w=scalar(smin=umin=4,smax=umax=0x100010002,var_off=(0x0; 0x1ffffffff)) R6=map_value(map=event_data_map,ks=4,vs=32528,off=32146)
1628: (b7) r1 = 0                     ; R1_w=0
; const char *argp = NULL; @ buffer.h:326
1629: (7b) *(u64 *)(r10 -72) = r1     ; R1_w=0 R10=fp0 fp-72_w=0
; bpf_probe_read(&argp, sizeof(argp), &ptr[i]); @ buffer.h:327
1630: (79) r3 = *(u64 *)(r10 -128)    ; R3_w=scalar(id=69) R10=fp0 fp-128=scalar(id=69)
1631: (07) r3 += 104                  ; R3_w=scalar(id=69+104)
1632: (bf) r1 = r10                   ; R1_w=fp0 R10=fp0
1633: (07) r1 += -72                  ; R1_w=fp-72
1634: (b7) r2 = 8                     ; R2_w=8
1635: (85) call bpf_probe_read#4      ; R0_w=scalar() fp-72_w=mmmmmmmm
1636: (b7) r9 = 13                    ; R9_w=13
; if (!argp) @ buffer.h:328
1637: (79) r3 = *(u64 *)(r10 -72)     ; R3_w=scalar() R10=fp0 fp-72_w=mmmmmmmm
1638: (15) if r3 == 0x0 goto pc-947   ; R3_w=scalar(umin=1)
; if (buf->offset > ARGS_BUF_SIZE - MAX_STRING_SIZE - sizeof(int)) @ buffer.h:331
1639: (69) r2 = *(u16 *)(r6 +0)       ; R2=scalar(smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff)) R6=map_value(map=event_data_map,ks=4,vs=32528,off=32146)
1640: (25) if r2 > 0x6cfc goto pc-949         ; R2=scalar(smin=smin32=0,smax=umax=smax32=umax32=27900,var_off=(0x0; 0x7fff))
; int sz = bpf_probe_read_str(&(buf->args[buf->offset + sizeof(int)]), MAX_STRING_SIZE, argp); @ buffer.h:336
1641: (07) r2 += 4                    ; R2_w=scalar(smin=umin=smin32=umin32=4,smax=umax=smax32=umax32=27904,var_off=(0x0; 0x7fff))
1642: (57) r2 &= 65535                ; R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=27904,var_off=(0x0; 0x7fff))
1643: (bf) r1 = r7                    ; R1_w=map_value(map=event_data_map,ks=4,vs=32528,off=145) R7=map_value(map=event_data_map,ks=4,vs=32528,off=145)
1644: (0f) r1 += r2                   ; R1_w=map_value(map=event_data_map,ks=4,vs=32528,off=145,smin=smin32=0,smax=umax=smax32=umax32=27904,var_off=(0x0; 0x7fff)) R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=27904,var_off=(0x0; 0x7fff))
1645: (b7) r2 = 4096                  ; R2_w=4096
1646: (85) call bpf_probe_read_str#45         ; R0_w=scalar(smin=smin32=-4095,smax=smax32=4096)
1647: (63) *(u32 *)(r10 -76) = r0     ; R0_w=scalar(smin=smin32=-4095,smax=smax32=4096) R10=fp0 fp-80=mmmm????
1648: (67) r0 <<= 32                  ; R0_w=scalar(smax=0x100000000000,umax=0xffffffff00000000,smin32=0,smax32=umax32=0,var_off=(0x0; 0xffffffff00000000))
1649: (c7) r0 s>>= 32                 ; R0=scalar(smin=0xffffffff80000000,smax=smax32=4096)
; if (sz > 0) { @ buffer.h:337
1650: (c5) if r0 s< 0x1 goto pc-959   ; R0=scalar(smin=umin=smin32=umin32=1,smax=umax=smax32=umax32=4096,var_off=(0x0; 0x1fff))
; if (buf->offset > ARGS_BUF_SIZE - sizeof(int)) @ buffer.h:338
1651: (69) r2 = *(u16 *)(r6 +0)       ; R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff)) R6=map_value(map=event_data_map,ks=4,vs=32528,off=32146)
1652: (25) if r2 > 0x7cfc goto pc-961         ; R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=31996,var_off=(0x0; 0x7fff))
; bpf_probe_read(&(buf->args[buf->offset]), sizeof(int), &sz); @ buffer.h:341
1653: (bf) r1 = r7                    ; R1_w=map_value(map=event_data_map,ks=4,vs=32528,off=145) R7=map_value(map=event_data_map,ks=4,vs=32528,off=145)
1654: (0f) r1 += r2                   ; R1_w=map_value(map=event_data_map,ks=4,vs=32528,off=145,smin=smin32=0,smax=umax=smax32=umax32=31996,var_off=(0x0; 0x7fff)) R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=31996,var_off=(0x0; 0x7fff))
1655: (bf) r3 = r10                   ; R3_w=fp0 R10=fp0
1656: (07) r3 += -76                  ; R3_w=fp-76
1657: (b7) r2 = 4                     ; R2_w=4
1658: (85) call bpf_probe_read#4      ; R0=scalar()
; buf->offset += sz + sizeof(int); @ buffer.h:342
1659: (69) r1 = *(u16 *)(r6 +0)       ; R1_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff)) R6=map_value(map=event_data_map,ks=4,vs=32528,off=32146)
1660: (61) r2 = *(u32 *)(r10 -76)     ; R2_w=scalar(smin=0,smax=umax=0xffffffff,var_off=(0x0; 0xffffffff)) R10=fp0 fp-80=mmmm????
1661: (0f) r2 += r1                   ; R1_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff)) R2_w=scalar(smin=0,smax=umax=0x10000fffe,var_off=(0x0; 0x1ffffffff))
1662: (07) r2 += 4                    ; R2_w=scalar(smin=umin=4,smax=umax=0x100010002,var_off=(0x0; 0x1ffffffff))
1663: (6b) *(u16 *)(r6 +0) = r2       ; R2_w=scalar(smin=umin=4,smax=umax=0x100010002,var_off=(0x0; 0x1ffffffff)) R6=map_value(map=event_data_map,ks=4,vs=32528,off=32146)
1664: (b7) r1 = 0                     ; R1_w=0
; const char *argp = NULL; @ buffer.h:326
1665: (7b) *(u64 *)(r10 -72) = r1     ; R1_w=0 R10=fp0 fp-72_w=0
; bpf_probe_read(&argp, sizeof(argp), &ptr[i]); @ buffer.h:327
1666: (79) r3 = *(u64 *)(r10 -128)    ; R3_w=scalar(id=69) R10=fp0 fp-128=scalar(id=69)
1667: (07) r3 += 112                  ; R3_w=scalar(id=69+112)
1668: (bf) r1 = r10                   ; R1_w=fp0 R10=fp0
1669: (07) r1 += -72                  ; R1_w=fp-72
1670: (b7) r2 = 8                     ; R2_w=8
1671: (85) call bpf_probe_read#4      ; R0_w=scalar() fp-72_w=mmmmmmmm
1672: (b7) r9 = 14                    ; R9_w=14
; if (!argp) @ buffer.h:328
1673: (79) r3 = *(u64 *)(r10 -72)     ; R3_w=scalar() R10=fp0 fp-72_w=mmmmmmmm
1674: (15) if r3 == 0x0 goto pc-983   ; R3_w=scalar(umin=1)
; if (buf->offset > ARGS_BUF_SIZE - MAX_STRING_SIZE - sizeof(int)) @ buffer.h:331
1675: (69) r2 = *(u16 *)(r6 +0)       ; R2=scalar(smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff)) R6=map_value(map=event_data_map,ks=4,vs=32528,off=32146)
1676: (25) if r2 > 0x6cfc goto pc-985         ; R2=scalar(smin=smin32=0,smax=umax=smax32=umax32=27900,var_off=(0x0; 0x7fff))
; int sz = bpf_probe_read_str(&(buf->args[buf->offset + sizeof(int)]), MAX_STRING_SIZE, argp); @ buffer.h:336
1677: (07) r2 += 4                    ; R2_w=scalar(smin=umin=smin32=umin32=4,smax=umax=smax32=umax32=27904,var_off=(0x0; 0x7fff))
1678: (57) r2 &= 65535                ; R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=27904,var_off=(0x0; 0x7fff))
1679: (bf) r1 = r7                    ; R1_w=map_value(map=event_data_map,ks=4,vs=32528,off=145) R7=map_value(map=event_data_map,ks=4,vs=32528,off=145)
1680: (0f) r1 += r2                   ; R1_w=map_value(map=event_data_map,ks=4,vs=32528,off=145,smin=smin32=0,smax=umax=smax32=umax32=27904,var_off=(0x0; 0x7fff)) R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=27904,var_off=(0x0; 0x7fff))
1681: (b7) r2 = 4096                  ; R2_w=4096
1682: (85) call bpf_probe_read_str#45         ; R0_w=scalar(smin=smin32=-4095,smax=smax32=4096)
1683: (63) *(u32 *)(r10 -76) = r0     ; R0_w=scalar(smin=smin32=-4095,smax=smax32=4096) R10=fp0 fp-80=mmmm????
1684: (67) r0 <<= 32                  ; R0_w=scalar(smax=0x100000000000,umax=0xffffffff00000000,smin32=0,smax32=umax32=0,var_off=(0x0; 0xffffffff00000000))
1685: (c7) r0 s>>= 32                 ; R0=scalar(smin=0xffffffff80000000,smax=smax32=4096)
; if (sz > 0) { @ buffer.h:337
1686: (c5) if r0 s< 0x1 goto pc-995   ; R0=scalar(smin=umin=smin32=umin32=1,smax=umax=smax32=umax32=4096,var_off=(0x0; 0x1fff))
; if (buf->offset > ARGS_BUF_SIZE - sizeof(int)) @ buffer.h:338
1687: (69) r2 = *(u16 *)(r6 +0)       ; R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff)) R6=map_value(map=event_data_map,ks=4,vs=32528,off=32146)
1688: (25) if r2 > 0x7cfc goto pc-997         ; R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=31996,var_off=(0x0; 0x7fff))
; bpf_probe_read(&(buf->args[buf->offset]), sizeof(int), &sz); @ buffer.h:341
1689: (bf) r1 = r7                    ; R1_w=map_value(map=event_data_map,ks=4,vs=32528,off=145) R7=map_value(map=event_data_map,ks=4,vs=32528,off=145)
1690: (0f) r1 += r2                   ; R1_w=map_value(map=event_data_map,ks=4,vs=32528,off=145,smin=smin32=0,smax=umax=smax32=umax32=31996,var_off=(0x0; 0x7fff)) R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=31996,var_off=(0x0; 0x7fff))
1691: (bf) r3 = r10                   ; R3_w=fp0 R10=fp0
1692: (07) r3 += -76                  ; R3_w=fp-76
1693: (b7) r2 = 4                     ; R2_w=4
1694: (85) call bpf_probe_read#4      ; R0=scalar()
; buf->offset += sz + sizeof(int); @ buffer.h:342
1695: (69) r1 = *(u16 *)(r6 +0)       ; R1_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff)) R6=map_value(map=event_data_map,ks=4,vs=32528,off=32146)
1696: (61) r2 = *(u32 *)(r10 -76)     ; R2_w=scalar(smin=0,smax=umax=0xffffffff,var_off=(0x0; 0xffffffff)) R10=fp0 fp-80=mmmm????
1697: (0f) r2 += r1                   ; R1_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff)) R2_w=scalar(smin=0,smax=umax=0x10000fffe,var_off=(0x0; 0x1ffffffff))
1698: (07) r2 += 4                    ; R2_w=scalar(smin=umin=4,smax=umax=0x100010002,var_off=(0x0; 0x1ffffffff))
1699: (6b) *(u16 *)(r6 +0) = r2       ; R2_w=scalar(smin=umin=4,smax=umax=0x100010002,var_off=(0x0; 0x1ffffffff)) R6=map_value(map=event_data_map,ks=4,vs=32528,off=32146)
1700: (b7) r1 = 0                     ; R1_w=0
; const char *argp = NULL; @ buffer.h:326
1701: (7b) *(u64 *)(r10 -72) = r1     ; R1_w=0 R10=fp0 fp-72_w=0
; bpf_probe_read(&argp, sizeof(argp), &ptr[i]); @ buffer.h:327
1702: (79) r3 = *(u64 *)(r10 -128)    ; R3_w=scalar(id=69) R10=fp0 fp-128=scalar(id=69)
1703: (07) r3 += 120                  ; R3_w=scalar(id=69+120)
1704: (bf) r1 = r10                   ; R1_w=fp0 R10=fp0
1705: (07) r1 += -72                  ; R1_w=fp-72
1706: (b7) r2 = 8                     ; R2_w=8
1707: (85) call bpf_probe_read#4      ; R0_w=scalar() fp-72_w=mmmmmmmm
1708: (b7) r9 = 15                    ; R9_w=15
; if (!argp) @ buffer.h:328
1709: (79) r3 = *(u64 *)(r10 -72)     ; R3_w=scalar() R10=fp0 fp-72_w=mmmmmmmm
1710: (15) if r3 == 0x0 goto pc-1019          ; R3_w=scalar(umin=1)
; if (buf->offset > ARGS_BUF_SIZE - MAX_STRING_SIZE - sizeof(int)) @ buffer.h:331
1711: (69) r2 = *(u16 *)(r6 +0)       ; R2=scalar(smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff)) R6=map_value(map=event_data_map,ks=4,vs=32528,off=32146)
1712: (25) if r2 > 0x6cfc goto pc-1021        ; R2=scalar(smin=smin32=0,smax=umax=smax32=umax32=27900,var_off=(0x0; 0x7fff))
; int sz = bpf_probe_read_str(&(buf->args[buf->offset + sizeof(int)]), MAX_STRING_SIZE, argp); @ buffer.h:336
1713: (07) r2 += 4                    ; R2_w=scalar(smin=umin=smin32=umin32=4,smax=umax=smax32=umax32=27904,var_off=(0x0; 0x7fff))
1714: (57) r2 &= 65535                ; R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=27904,var_off=(0x0; 0x7fff))
1715: (bf) r1 = r7                    ; R1_w=map_value(map=event_data_map,ks=4,vs=32528,off=145) R7=map_value(map=event_data_map,ks=4,vs=32528,off=145)
1716: (0f) r1 += r2                   ; R1_w=map_value(map=event_data_map,ks=4,vs=32528,off=145,smin=smin32=0,smax=umax=smax32=umax32=27904,var_off=(0x0; 0x7fff)) R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=27904,var_off=(0x0; 0x7fff))
1717: (b7) r2 = 4096                  ; R2_w=4096
1718: (85) call bpf_probe_read_str#45         ; R0_w=scalar(smin=smin32=-4095,smax=smax32=4096)
1719: (63) *(u32 *)(r10 -76) = r0     ; R0_w=scalar(smin=smin32=-4095,smax=smax32=4096) R10=fp0 fp-80=mmmm????
1720: (67) r0 <<= 32                  ; R0_w=scalar(smax=0x100000000000,umax=0xffffffff00000000,smin32=0,smax32=umax32=0,var_off=(0x0; 0xffffffff00000000))
1721: (c7) r0 s>>= 32                 ; R0=scalar(smin=0xffffffff80000000,smax=smax32=4096)
; if (sz > 0) { @ buffer.h:337
1722: (c5) if r0 s< 0x1 goto pc-1031          ; R0=scalar(smin=umin=smin32=umin32=1,smax=umax=smax32=umax32=4096,var_off=(0x0; 0x1fff))
; if (buf->offset > ARGS_BUF_SIZE - sizeof(int)) @ buffer.h:338
1723: (69) r2 = *(u16 *)(r6 +0)       ; R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff)) R6=map_value(map=event_data_map,ks=4,vs=32528,off=32146)
1724: (25) if r2 > 0x7cfc goto pc-1033        ; R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=31996,var_off=(0x0; 0x7fff))
; bpf_probe_read(&(buf->args[buf->offset]), sizeof(int), &sz); @ buffer.h:341
1725: (bf) r1 = r7                    ; R1_w=map_value(map=event_data_map,ks=4,vs=32528,off=145) R7=map_value(map=event_data_map,ks=4,vs=32528,off=145)
1726: (0f) r1 += r2                   ; R1_w=map_value(map=event_data_map,ks=4,vs=32528,off=145,smin=smin32=0,smax=umax=smax32=umax32=31996,var_off=(0x0; 0x7fff)) R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=31996,var_off=(0x0; 0x7fff))
1727: (bf) r3 = r10                   ; R3_w=fp0 R10=fp0
1728: (07) r3 += -76                  ; R3_w=fp-76
1729: (b7) r2 = 4                     ; R2_w=4
1730: (85) call bpf_probe_read#4      ; R0=scalar()
; buf->offset += sz + sizeof(int); @ buffer.h:342
1731: (69) r1 = *(u16 *)(r6 +0)       ; R1_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff)) R6=map_value(map=event_data_map,ks=4,vs=32528,off=32146)
1732: (61) r2 = *(u32 *)(r10 -76)     ; R2_w=scalar(smin=0,smax=umax=0xffffffff,var_off=(0x0; 0xffffffff)) R10=fp0 fp-80=mmmm????
1733: (0f) r2 += r1                   ; R1_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff)) R2_w=scalar(smin=0,smax=umax=0x10000fffe,var_off=(0x0; 0x1ffffffff))
1734: (07) r2 += 4                    ; R2_w=scalar(smin=umin=4,smax=umax=0x100010002,var_off=(0x0; 0x1ffffffff))
1735: (6b) *(u16 *)(r6 +0) = r2       ; R2_w=scalar(smin=umin=4,smax=umax=0x100010002,var_off=(0x0; 0x1ffffffff)) R6=map_value(map=event_data_map,ks=4,vs=32528,off=32146)
1736: (b7) r1 = 0                     ; R1_w=0
; const char *argp = NULL; @ buffer.h:326
1737: (7b) *(u64 *)(r10 -72) = r1     ; R1_w=0 R10=fp0 fp-72_w=0
; bpf_probe_read(&argp, sizeof(argp), &ptr[i]); @ buffer.h:327
1738: (79) r3 = *(u64 *)(r10 -128)    ; R3_w=scalar(id=69) R10=fp0 fp-128=scalar(id=69)
1739: (07) r3 += 128                  ; R3_w=scalar(id=69+128)
1740: (bf) r1 = r10                   ; R1_w=fp0 R10=fp0
1741: (07) r1 += -72                  ; R1_w=fp-72
1742: (b7) r2 = 8                     ; R2_w=8
1743: (85) call bpf_probe_read#4      ; R0_w=scalar() fp-72_w=mmmmmmmm
1744: (b7) r9 = 16                    ; R9_w=16
; if (!argp) @ buffer.h:328
1745: (79) r3 = *(u64 *)(r10 -72)     ; R3_w=scalar() R10=fp0 fp-72_w=mmmmmmmm
1746: (15) if r3 == 0x0 goto pc-1055          ; R3_w=scalar(umin=1)
; if (buf->offset > ARGS_BUF_SIZE - MAX_STRING_SIZE - sizeof(int)) @ buffer.h:331
1747: (69) r2 = *(u16 *)(r6 +0)       ; R2=scalar(smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff)) R6=map_value(map=event_data_map,ks=4,vs=32528,off=32146)
1748: (25) if r2 > 0x6cfc goto pc-1057        ; R2=scalar(smin=smin32=0,smax=umax=smax32=umax32=27900,var_off=(0x0; 0x7fff))
; int sz = bpf_probe_read_str(&(buf->args[buf->offset + sizeof(int)]), MAX_STRING_SIZE, argp); @ buffer.h:336
1749: (07) r2 += 4                    ; R2_w=scalar(smin=umin=smin32=umin32=4,smax=umax=smax32=umax32=27904,var_off=(0x0; 0x7fff))
1750: (57) r2 &= 65535                ; R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=27904,var_off=(0x0; 0x7fff))
1751: (bf) r1 = r7                    ; R1_w=map_value(map=event_data_map,ks=4,vs=32528,off=145) R7=map_value(map=event_data_map,ks=4,vs=32528,off=145)
1752: (0f) r1 += r2                   ; R1_w=map_value(map=event_data_map,ks=4,vs=32528,off=145,smin=smin32=0,smax=umax=smax32=umax32=27904,var_off=(0x0; 0x7fff)) R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=27904,var_off=(0x0; 0x7fff))
1753: (b7) r2 = 4096                  ; R2_w=4096
1754: (85) call bpf_probe_read_str#45         ; R0_w=scalar(smin=smin32=-4095,smax=smax32=4096)
1755: (63) *(u32 *)(r10 -76) = r0     ; R0_w=scalar(smin=smin32=-4095,smax=smax32=4096) R10=fp0 fp-80=mmmm????
1756: (67) r0 <<= 32                  ; R0_w=scalar(smax=0x100000000000,umax=0xffffffff00000000,smin32=0,smax32=umax32=0,var_off=(0x0; 0xffffffff00000000))
1757: (c7) r0 s>>= 32                 ; R0=scalar(smin=0xffffffff80000000,smax=smax32=4096)
; if (sz > 0) { @ buffer.h:337
1758: (c5) if r0 s< 0x1 goto pc-1067          ; R0=scalar(smin=umin=smin32=umin32=1,smax=umax=smax32=umax32=4096,var_off=(0x0; 0x1fff))
; if (buf->offset > ARGS_BUF_SIZE - sizeof(int)) @ buffer.h:338
1759: (69) r2 = *(u16 *)(r6 +0)       ; R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff)) R6=map_value(map=event_data_map,ks=4,vs=32528,off=32146)
1760: (25) if r2 > 0x7cfc goto pc-1069        ; R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=31996,var_off=(0x0; 0x7fff))
; bpf_probe_read(&(buf->args[buf->offset]), sizeof(int), &sz); @ buffer.h:341
1761: (bf) r1 = r7                    ; R1_w=map_value(map=event_data_map,ks=4,vs=32528,off=145) R7=map_value(map=event_data_map,ks=4,vs=32528,off=145)
1762: (0f) r1 += r2                   ; R1_w=map_value(map=event_data_map,ks=4,vs=32528,off=145,smin=smin32=0,smax=umax=smax32=umax32=31996,var_off=(0x0; 0x7fff)) R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=31996,var_off=(0x0; 0x7fff))
1763: (bf) r3 = r10                   ; R3_w=fp0 R10=fp0
1764: (07) r3 += -76                  ; R3_w=fp-76
1765: (b7) r2 = 4                     ; R2_w=4
1766: (85) call bpf_probe_read#4      ; R0=scalar()
; buf->offset += sz + sizeof(int); @ buffer.h:342
1767: (69) r1 = *(u16 *)(r6 +0)       ; R1_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff)) R6=map_value(map=event_data_map,ks=4,vs=32528,off=32146)
1768: (61) r2 = *(u32 *)(r10 -76)     ; R2_w=scalar(smin=0,smax=umax=0xffffffff,var_off=(0x0; 0xffffffff)) R10=fp0 fp-80=mmmm????
1769: (0f) r2 += r1                   ; R1_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff)) R2_w=scalar(smin=0,smax=umax=0x10000fffe,var_off=(0x0; 0x1ffffffff))
1770: (07) r2 += 4                    ; R2_w=scalar(smin=umin=4,smax=umax=0x100010002,var_off=(0x0; 0x1ffffffff))
1771: (6b) *(u16 *)(r6 +0) = r2       ; R2_w=scalar(smin=umin=4,smax=umax=0x100010002,var_off=(0x0; 0x1ffffffff)) R6=map_value(map=event_data_map,ks=4,vs=32528,off=32146)
1772: (b7) r1 = 0                     ; R1_w=0
; const char *argp = NULL; @ buffer.h:326
1773: (7b) *(u64 *)(r10 -72) = r1     ; R1_w=0 R10=fp0 fp-72_w=0
; bpf_probe_read(&argp, sizeof(argp), &ptr[i]); @ buffer.h:327
1774: (79) r3 = *(u64 *)(r10 -128)    ; R3_w=scalar(id=69) R10=fp0 fp-128=scalar(id=69)
1775: (07) r3 += 136                  ; R3_w=scalar(id=69+136)
1776: (bf) r1 = r10                   ; R1_w=fp0 R10=fp0
1777: (07) r1 += -72                  ; R1_w=fp-72
1778: (b7) r2 = 8                     ; R2_w=8
1779: (85) call bpf_probe_read#4      ; R0_w=scalar() fp-72_w=mmmmmmmm
1780: (b7) r9 = 17                    ; R9_w=17
; if (!argp) @ buffer.h:328
1781: (79) r3 = *(u64 *)(r10 -72)     ; R3_w=scalar() R10=fp0 fp-72_w=mmmmmmmm
1782: (15) if r3 == 0x0 goto pc-1091          ; R3_w=scalar(umin=1)
; if (buf->offset > ARGS_BUF_SIZE - MAX_STRING_SIZE - sizeof(int)) @ buffer.h:331
1783: (69) r2 = *(u16 *)(r6 +0)       ; R2=scalar(smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff)) R6=map_value(map=event_data_map,ks=4,vs=32528,off=32146)
1784: (25) if r2 > 0x6cfc goto pc-1093        ; R2=scalar(smin=smin32=0,smax=umax=smax32=umax32=27900,var_off=(0x0; 0x7fff))
; int sz = bpf_probe_read_str(&(buf->args[buf->offset + sizeof(int)]), MAX_STRING_SIZE, argp); @ buffer.h:336
1785: (07) r2 += 4                    ; R2_w=scalar(smin=umin=smin32=umin32=4,smax=umax=smax32=umax32=27904,var_off=(0x0; 0x7fff))
1786: (57) r2 &= 65535                ; R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=27904,var_off=(0x0; 0x7fff))
1787: (bf) r1 = r7                    ; R1_w=map_value(map=event_data_map,ks=4,vs=32528,off=145) R7=map_value(map=event_data_map,ks=4,vs=32528,off=145)
1788: (0f) r1 += r2                   ; R1_w=map_value(map=event_data_map,ks=4,vs=32528,off=145,smin=smin32=0,smax=umax=smax32=umax32=27904,var_off=(0x0; 0x7fff)) R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=27904,var_off=(0x0; 0x7fff))
1789: (b7) r2 = 4096                  ; R2_w=4096
1790: (85) call bpf_probe_read_str#45         ; R0_w=scalar(smin=smin32=-4095,smax=smax32=4096)
1791: (63) *(u32 *)(r10 -76) = r0     ; R0_w=scalar(smin=smin32=-4095,smax=smax32=4096) R10=fp0 fp-80=mmmm????
1792: (67) r0 <<= 32                  ; R0_w=scalar(smax=0x100000000000,umax=0xffffffff00000000,smin32=0,smax32=umax32=0,var_off=(0x0; 0xffffffff00000000))
1793: (c7) r0 s>>= 32                 ; R0=scalar(smin=0xffffffff80000000,smax=smax32=4096)
; if (sz > 0) { @ buffer.h:337
1794: (c5) if r0 s< 0x1 goto pc-1103          ; R0=scalar(smin=umin=smin32=umin32=1,smax=umax=smax32=umax32=4096,var_off=(0x0; 0x1fff))
; if (buf->offset > ARGS_BUF_SIZE - sizeof(int)) @ buffer.h:338
1795: (69) r2 = *(u16 *)(r6 +0)       ; R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff)) R6=map_value(map=event_data_map,ks=4,vs=32528,off=32146)
1796: (25) if r2 > 0x7cfc goto pc-1105        ; R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=31996,var_off=(0x0; 0x7fff))
; bpf_probe_read(&(buf->args[buf->offset]), sizeof(int), &sz); @ buffer.h:341
1797: (bf) r1 = r7                    ; R1_w=map_value(map=event_data_map,ks=4,vs=32528,off=145) R7=map_value(map=event_data_map,ks=4,vs=32528,off=145)
1798: (0f) r1 += r2                   ; R1_w=map_value(map=event_data_map,ks=4,vs=32528,off=145,smin=smin32=0,smax=umax=smax32=umax32=31996,var_off=(0x0; 0x7fff)) R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=31996,var_off=(0x0; 0x7fff))
1799: (bf) r3 = r10                   ; R3_w=fp0 R10=fp0
1800: (07) r3 += -76                  ; R3_w=fp-76
1801: (b7) r2 = 4                     ; R2_w=4
1802: (85) call bpf_probe_read#4      ; R0=scalar()
; buf->offset += sz + sizeof(int); @ buffer.h:342
1803: (69) r1 = *(u16 *)(r6 +0)       ; R1_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff)) R6=map_value(map=event_data_map,ks=4,vs=32528,off=32146)
1804: (61) r2 = *(u32 *)(r10 -76)     ; R2_w=scalar(smin=0,smax=umax=0xffffffff,var_off=(0x0; 0xffffffff)) R10=fp0 fp-80=mmmm????
1805: (0f) r2 += r1                   ; R1_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff)) R2_w=scalar(smin=0,smax=umax=0x10000fffe,var_off=(0x0; 0x1ffffffff))
1806: (07) r2 += 4                    ; R2_w=scalar(smin=umin=4,smax=umax=0x100010002,var_off=(0x0; 0x1ffffffff))
1807: (6b) *(u16 *)(r6 +0) = r2       ; R2_w=scalar(smin=umin=4,smax=umax=0x100010002,var_off=(0x0; 0x1ffffffff)) R6=map_value(map=event_data_map,ks=4,vs=32528,off=32146)
1808: (b7) r1 = 0                     ; R1_w=0
; const char *argp = NULL; @ buffer.h:326
1809: (7b) *(u64 *)(r10 -72) = r1     ; R1_w=0 R10=fp0 fp-72_w=0
; bpf_probe_read(&argp, sizeof(argp), &ptr[i]); @ buffer.h:327
1810: (79) r3 = *(u64 *)(r10 -128)    ; R3_w=scalar(id=69) R10=fp0 fp-128=scalar(id=69)
1811: (07) r3 += 144                  ; R3_w=scalar(id=69+144)
1812: (bf) r1 = r10                   ; R1_w=fp0 R10=fp0
1813: (07) r1 += -72                  ; R1_w=fp-72
1814: (b7) r2 = 8                     ; R2_w=8
1815: (85) call bpf_probe_read#4      ; R0_w=scalar() fp-72_w=mmmmmmmm
1816: (b7) r9 = 18                    ; R9_w=18
; if (!argp) @ buffer.h:328
1817: (79) r3 = *(u64 *)(r10 -72)     ; R3_w=scalar() R10=fp0 fp-72_w=mmmmmmmm
1818: (15) if r3 == 0x0 goto pc-1127          ; R3_w=scalar(umin=1)
; if (buf->offset > ARGS_BUF_SIZE - MAX_STRING_SIZE - sizeof(int)) @ buffer.h:331
1819: (69) r2 = *(u16 *)(r6 +0)       ; R2=scalar(smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff)) R6=map_value(map=event_data_map,ks=4,vs=32528,off=32146)
1820: (25) if r2 > 0x6cfc goto pc-1129        ; R2=scalar(smin=smin32=0,smax=umax=smax32=umax32=27900,var_off=(0x0; 0x7fff))
; int sz = bpf_probe_read_str(&(buf->args[buf->offset + sizeof(int)]), MAX_STRING_SIZE, argp); @ buffer.h:336
1821: (07) r2 += 4                    ; R2_w=scalar(smin=umin=smin32=umin32=4,smax=umax=smax32=umax32=27904,var_off=(0x0; 0x7fff))
1822: (57) r2 &= 65535                ; R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=27904,var_off=(0x0; 0x7fff))
1823: (bf) r1 = r7                    ; R1_w=map_value(map=event_data_map,ks=4,vs=32528,off=145) R7=map_value(map=event_data_map,ks=4,vs=32528,off=145)
1824: (0f) r1 += r2                   ; R1_w=map_value(map=event_data_map,ks=4,vs=32528,off=145,smin=smin32=0,smax=umax=smax32=umax32=27904,var_off=(0x0; 0x7fff)) R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=27904,var_off=(0x0; 0x7fff))
1825: (b7) r2 = 4096                  ; R2_w=4096
1826: (85) call bpf_probe_read_str#45         ; R0_w=scalar(smin=smin32=-4095,smax=smax32=4096)
1827: (63) *(u32 *)(r10 -76) = r0     ; R0_w=scalar(smin=smin32=-4095,smax=smax32=4096) R10=fp0 fp-80=mmmm????
1828: (67) r0 <<= 32                  ; R0_w=scalar(smax=0x100000000000,umax=0xffffffff00000000,smin32=0,smax32=umax32=0,var_off=(0x0; 0xffffffff00000000))
1829: (c7) r0 s>>= 32                 ; R0=scalar(smin=0xffffffff80000000,smax=smax32=4096)
; if (sz > 0) { @ buffer.h:337
1830: (c5) if r0 s< 0x1 goto pc-1139          ; R0=scalar(smin=umin=smin32=umin32=1,smax=umax=smax32=umax32=4096,var_off=(0x0; 0x1fff))
; if (buf->offset > ARGS_BUF_SIZE - sizeof(int)) @ buffer.h:338
1831: (69) r2 = *(u16 *)(r6 +0)       ; R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff)) R6=map_value(map=event_data_map,ks=4,vs=32528,off=32146)
1832: (25) if r2 > 0x7cfc goto pc-1141        ; R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=31996,var_off=(0x0; 0x7fff))
; bpf_probe_read(&(buf->args[buf->offset]), sizeof(int), &sz); @ buffer.h:341
1833: (bf) r1 = r7                    ; R1_w=map_value(map=event_data_map,ks=4,vs=32528,off=145) R7=map_value(map=event_data_map,ks=4,vs=32528,off=145)
1834: (0f) r1 += r2                   ; R1_w=map_value(map=event_data_map,ks=4,vs=32528,off=145,smin=smin32=0,smax=umax=smax32=umax32=31996,var_off=(0x0; 0x7fff)) R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=31996,var_off=(0x0; 0x7fff))
1835: (bf) r3 = r10                   ; R3_w=fp0 R10=fp0
1836: (07) r3 += -76                  ; R3_w=fp-76
1837: (b7) r2 = 4                     ; R2_w=4
1838: (85) call bpf_probe_read#4      ; R0=scalar()
; buf->offset += sz + sizeof(int); @ buffer.h:342
1839: (69) r1 = *(u16 *)(r6 +0)       ; R1_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff)) R6=map_value(map=event_data_map,ks=4,vs=32528,off=32146)
1840: (61) r2 = *(u32 *)(r10 -76)     ; R2_w=scalar(smin=0,smax=umax=0xffffffff,var_off=(0x0; 0xffffffff)) R10=fp0 fp-80=mmmm????
1841: (0f) r2 += r1                   ; R1_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff)) R2_w=scalar(smin=0,smax=umax=0x10000fffe,var_off=(0x0; 0x1ffffffff))
1842: (07) r2 += 4                    ; R2_w=scalar(smin=umin=4,smax=umax=0x100010002,var_off=(0x0; 0x1ffffffff))
1843: (6b) *(u16 *)(r6 +0) = r2       ; R2_w=scalar(smin=umin=4,smax=umax=0x100010002,var_off=(0x0; 0x1ffffffff)) R6=map_value(map=event_data_map,ks=4,vs=32528,off=32146)
1844: (b7) r1 = 0                     ; R1_w=0
; const char *argp = NULL; @ buffer.h:326
1845: (7b) *(u64 *)(r10 -72) = r1     ; R1_w=0 R10=fp0 fp-72_w=0
; bpf_probe_read(&argp, sizeof(argp), &ptr[i]); @ buffer.h:327
1846: (79) r3 = *(u64 *)(r10 -128)    ; R3_w=scalar(id=69) R10=fp0 fp-128=scalar(id=69)
1847: (07) r3 += 152                  ; R3_w=scalar(id=69+152)
1848: (bf) r1 = r10                   ; R1_w=fp0 R10=fp0
1849: (07) r1 += -72                  ; R1_w=fp-72
1850: (b7) r2 = 8                     ; R2_w=8
1851: (85) call bpf_probe_read#4      ; R0_w=scalar() fp-72_w=mmmmmmmm
1852: (b7) r9 = 19                    ; R9_w=19
; if (!argp) @ buffer.h:328
1853: (79) r3 = *(u64 *)(r10 -72)     ; R3_w=scalar() R10=fp0 fp-72_w=mmmmmmmm
1854: (15) if r3 == 0x0 goto pc-1163          ; R3_w=scalar(umin=1)
; if (buf->offset > ARGS_BUF_SIZE - MAX_STRING_SIZE - sizeof(int)) @ buffer.h:331
1855: (69) r2 = *(u16 *)(r6 +0)       ; R2=scalar(smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff)) R6=map_value(map=event_data_map,ks=4,vs=32528,off=32146)
1856: (25) if r2 > 0x6cfc goto pc-1165        ; R2=scalar(smin=smin32=0,smax=umax=smax32=umax32=27900,var_off=(0x0; 0x7fff))
; int sz = bpf_probe_read_str(&(buf->args[buf->offset + sizeof(int)]), MAX_STRING_SIZE, argp); @ buffer.h:336
1857: (07) r2 += 4                    ; R2_w=scalar(smin=umin=smin32=umin32=4,smax=umax=smax32=umax32=27904,var_off=(0x0; 0x7fff))
1858: (57) r2 &= 65535                ; R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=27904,var_off=(0x0; 0x7fff))
1859: (bf) r1 = r7                    ; R1_w=map_value(map=event_data_map,ks=4,vs=32528,off=145) R7=map_value(map=event_data_map,ks=4,vs=32528,off=145)
1860: (0f) r1 += r2                   ; R1_w=map_value(map=event_data_map,ks=4,vs=32528,off=145,smin=smin32=0,smax=umax=smax32=umax32=27904,var_off=(0x0; 0x7fff)) R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=27904,var_off=(0x0; 0x7fff))
1861: (b7) r2 = 4096                  ; R2_w=4096
1862: (85) call bpf_probe_read_str#45         ; R0_w=scalar(smin=smin32=-4095,smax=smax32=4096)
1863: (63) *(u32 *)(r10 -76) = r0     ; R0_w=scalar(smin=smin32=-4095,smax=smax32=4096) R10=fp0 fp-80=mmmm????
1864: (67) r0 <<= 32                  ; R0_w=scalar(smax=0x100000000000,umax=0xffffffff00000000,smin32=0,smax32=umax32=0,var_off=(0x0; 0xffffffff00000000))
1865: (c7) r0 s>>= 32                 ; R0=scalar(smin=0xffffffff80000000,smax=smax32=4096)
; if (sz > 0) { @ buffer.h:337
1866: (c5) if r0 s< 0x1 goto pc-1175          ; R0=scalar(smin=umin=smin32=umin32=1,smax=umax=smax32=umax32=4096,var_off=(0x0; 0x1fff))
; if (buf->offset > ARGS_BUF_SIZE - sizeof(int)) @ buffer.h:338
1867: (69) r2 = *(u16 *)(r6 +0)       ; R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff)) R6=map_value(map=event_data_map,ks=4,vs=32528,off=32146)
1868: (25) if r2 > 0x7cfc goto pc-1177        ; R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=31996,var_off=(0x0; 0x7fff))
; bpf_probe_read(&(buf->args[buf->offset]), sizeof(int), &sz); @ buffer.h:341
1869: (bf) r1 = r7                    ; R1_w=map_value(map=event_data_map,ks=4,vs=32528,off=145) R7=map_value(map=event_data_map,ks=4,vs=32528,off=145)
1870: (0f) r1 += r2                   ; R1_w=map_value(map=event_data_map,ks=4,vs=32528,off=145,smin=smin32=0,smax=umax=smax32=umax32=31996,var_off=(0x0; 0x7fff)) R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=31996,var_off=(0x0; 0x7fff))
1871: (bf) r3 = r10                   ; R3_w=fp0 R10=fp0
1872: (07) r3 += -76                  ; R3_w=fp-76
1873: (b7) r2 = 4                     ; R2_w=4
1874: (85) call bpf_probe_read#4      ; R0=scalar()
; buf->offset += sz + sizeof(int); @ buffer.h:342
1875: (69) r1 = *(u16 *)(r6 +0)       ; R1_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff)) R6=map_value(map=event_data_map,ks=4,vs=32528,off=32146)
1876: (61) r2 = *(u32 *)(r10 -76)     ; R2_w=scalar(smin=0,smax=umax=0xffffffff,var_off=(0x0; 0xffffffff)) R10=fp0 fp-80=mmmm????
1877: (0f) r2 += r1                   ; R1_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff)) R2_w=scalar(smin=0,smax=umax=0x10000fffe,var_off=(0x0; 0x1ffffffff))
1878: (07) r2 += 4                    ; R2_w=scalar(smin=umin=4,smax=umax=0x100010002,var_off=(0x0; 0x1ffffffff))
1879: (6b) *(u16 *)(r6 +0) = r2       ; R2_w=scalar(smin=umin=4,smax=umax=0x100010002,var_off=(0x0; 0x1ffffffff)) R6=map_value(map=event_data_map,ks=4,vs=32528,off=32146)
1880: (b7) r1 = 0                     ; R1_w=0
; const char *argp = NULL; @ buffer.h:326
1881: (7b) *(u64 *)(r10 -72) = r1     ; R1_w=0 R10=fp0 fp-72_w=0
; bpf_probe_read(&argp, sizeof(argp), &ptr[i]); @ buffer.h:327
1882: (79) r3 = *(u64 *)(r10 -128)    ; R3_w=scalar(id=69) R10=fp0 fp-128=scalar(id=69)
1883: (07) r3 += 160                  ; R3_w=scalar(id=69+160)
1884: (bf) r1 = r10                   ; R1_w=fp0 R10=fp0
1885: (07) r1 += -72                  ; R1_w=fp-72
1886: (b7) r2 = 8                     ; R2_w=8
1887: (85) call bpf_probe_read#4      ; R0_w=scalar() fp-72_w=mmmmmmmm
1888: (b7) r9 = 20                    ; R9_w=20
; if (!argp) @ buffer.h:328
1889: (79) r3 = *(u64 *)(r10 -72)     ; R3_w=scalar() R10=fp0 fp-72_w=mmmmmmmm
1890: (15) if r3 == 0x0 goto pc-1199          ; R3_w=scalar(umin=1)
; if (buf->offset > ARGS_BUF_SIZE - MAX_STRING_SIZE - sizeof(int)) @ buffer.h:331
1891: (69) r2 = *(u16 *)(r6 +0)       ; R2=scalar(smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff)) R6=map_value(map=event_data_map,ks=4,vs=32528,off=32146)
1892: (25) if r2 > 0x6cfc goto pc-1201        ; R2=scalar(smin=smin32=0,smax=umax=smax32=umax32=27900,var_off=(0x0; 0x7fff))
; int sz = bpf_probe_read_str(&(buf->args[buf->offset + sizeof(int)]), MAX_STRING_SIZE, argp); @ buffer.h:336
1893: (07) r2 += 4                    ; R2_w=scalar(smin=umin=smin32=umin32=4,smax=umax=smax32=umax32=27904,var_off=(0x0; 0x7fff))
1894: (57) r2 &= 65535                ; R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=27904,var_off=(0x0; 0x7fff))
1895: (bf) r1 = r7                    ; R1_w=map_value(map=event_data_map,ks=4,vs=32528,off=145) R7=map_value(map=event_data_map,ks=4,vs=32528,off=145)
1896: (0f) r1 += r2                   ; R1_w=map_value(map=event_data_map,ks=4,vs=32528,off=145,smin=smin32=0,smax=umax=smax32=umax32=27904,var_off=(0x0; 0x7fff)) R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=27904,var_off=(0x0; 0x7fff))
1897: (b7) r2 = 4096                  ; R2_w=4096
1898: (85) call bpf_probe_read_str#45         ; R0_w=scalar(smin=smin32=-4095,smax=smax32=4096)
1899: (63) *(u32 *)(r10 -76) = r0     ; R0_w=scalar(smin=smin32=-4095,smax=smax32=4096) R10=fp0 fp-80=mmmm????
1900: (67) r0 <<= 32                  ; R0_w=scalar(smax=0x100000000000,umax=0xffffffff00000000,smin32=0,smax32=umax32=0,var_off=(0x0; 0xffffffff00000000))
1901: (c7) r0 s>>= 32                 ; R0=scalar(smin=0xffffffff80000000,smax=smax32=4096)
; if (sz > 0) { @ buffer.h:337
1902: (c5) if r0 s< 0x1 goto pc-1211          ; R0=scalar(smin=umin=smin32=umin32=1,smax=umax=smax32=umax32=4096,var_off=(0x0; 0x1fff))
; if (buf->offset > ARGS_BUF_SIZE - sizeof(int)) @ buffer.h:338
1903: (69) r2 = *(u16 *)(r6 +0)       ; R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff)) R6=map_value(map=event_data_map,ks=4,vs=32528,off=32146)
1904: (25) if r2 > 0x7cfc goto pc-1213        ; R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=31996,var_off=(0x0; 0x7fff))
; bpf_probe_read(&(buf->args[buf->offset]), sizeof(int), &sz); @ buffer.h:341
1905: (bf) r1 = r7                    ; R1_w=map_value(map=event_data_map,ks=4,vs=32528,off=145) R7=map_value(map=event_data_map,ks=4,vs=32528,off=145)
1906: (0f) r1 += r2                   ; R1_w=map_value(map=event_data_map,ks=4,vs=32528,off=145,smin=smin32=0,smax=umax=smax32=umax32=31996,var_off=(0x0; 0x7fff)) R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=31996,var_off=(0x0; 0x7fff))
1907: (bf) r3 = r10                   ; R3_w=fp0 R10=fp0
1908: (07) r3 += -76                  ; R3_w=fp-76
1909: (b7) r2 = 4                     ; R2_w=4
1910: (85) call bpf_probe_read#4      ; R0=scalar()
; buf->offset += sz + sizeof(int); @ buffer.h:342
1911: (69) r1 = *(u16 *)(r6 +0)       ; R1_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff)) R6=map_value(map=event_data_map,ks=4,vs=32528,off=32146)
1912: (61) r2 = *(u32 *)(r10 -76)     ; R2_w=scalar(smin=0,smax=umax=0xffffffff,var_off=(0x0; 0xffffffff)) R10=fp0 fp-80=mmmm????
1913: (0f) r2 += r1                   ; R1_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff)) R2_w=scalar(smin=0,smax=umax=0x10000fffe,var_off=(0x0; 0x1ffffffff))
1914: (07) r2 += 4                    ; R2_w=scalar(smin=umin=4,smax=umax=0x100010002,var_off=(0x0; 0x1ffffffff))
1915: (6b) *(u16 *)(r6 +0) = r2       ; R2_w=scalar(smin=umin=4,smax=umax=0x100010002,var_off=(0x0; 0x1ffffffff)) R6=map_value(map=event_data_map,ks=4,vs=32528,off=32146)
1916: (b7) r1 = 0                     ; R1_w=0
; const char *argp = NULL; @ buffer.h:326
1917: (7b) *(u64 *)(r10 -72) = r1     ; R1_w=0 R10=fp0 fp-72_w=0
; bpf_probe_read(&argp, sizeof(argp), &ptr[i]); @ buffer.h:327
1918: (79) r3 = *(u64 *)(r10 -128)    ; R3_w=scalar(id=69) R10=fp0 fp-128=scalar(id=69)
1919: (07) r3 += 168                  ; R3_w=scalar(id=69+168)
1920: (bf) r1 = r10                   ; R1_w=fp0 R10=fp0
1921: (07) r1 += -72                  ; R1_w=fp-72
1922: (b7) r2 = 8                     ; R2_w=8
1923: (85) call bpf_probe_read#4      ; R0_w=scalar() fp-72_w=mmmmmmmm
1924: (b7) r9 = 21                    ; R9_w=21
; if (!argp) @ buffer.h:328
1925: (79) r3 = *(u64 *)(r10 -72)     ; R3_w=scalar() R10=fp0 fp-72_w=mmmmmmmm
1926: (15) if r3 == 0x0 goto pc-1235          ; R3_w=scalar(umin=1)
; if (buf->offset > ARGS_BUF_SIZE - MAX_STRING_SIZE - sizeof(int)) @ buffer.h:331
1927: (69) r2 = *(u16 *)(r6 +0)       ; R2=scalar(smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff)) R6=map_value(map=event_data_map,ks=4,vs=32528,off=32146)
1928: (25) if r2 > 0x6cfc goto pc-1237        ; R2=scalar(smin=smin32=0,smax=umax=smax32=umax32=27900,var_off=(0x0; 0x7fff))
; int sz = bpf_probe_read_str(&(buf->args[buf->offset + sizeof(int)]), MAX_STRING_SIZE, argp); @ buffer.h:336
1929: (07) r2 += 4                    ; R2_w=scalar(smin=umin=smin32=umin32=4,smax=umax=smax32=umax32=27904,var_off=(0x0; 0x7fff))
1930: (57) r2 &= 65535                ; R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=27904,var_off=(0x0; 0x7fff))
1931: (bf) r1 = r7                    ; R1_w=map_value(map=event_data_map,ks=4,vs=32528,off=145) R7=map_value(map=event_data_map,ks=4,vs=32528,off=145)
1932: (0f) r1 += r2                   ; R1_w=map_value(map=event_data_map,ks=4,vs=32528,off=145,smin=smin32=0,smax=umax=smax32=umax32=27904,var_off=(0x0; 0x7fff)) R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=27904,var_off=(0x0; 0x7fff))
1933: (b7) r2 = 4096                  ; R2_w=4096
1934: (85) call bpf_probe_read_str#45         ; R0_w=scalar(smin=smin32=-4095,smax=smax32=4096)
1935: (63) *(u32 *)(r10 -76) = r0     ; R0_w=scalar(smin=smin32=-4095,smax=smax32=4096) R10=fp0 fp-80=mmmm????
1936: (67) r0 <<= 32                  ; R0_w=scalar(smax=0x100000000000,umax=0xffffffff00000000,smin32=0,smax32=umax32=0,var_off=(0x0; 0xffffffff00000000))
1937: (c7) r0 s>>= 32                 ; R0=scalar(smin=0xffffffff80000000,smax=smax32=4096)
; if (sz > 0) { @ buffer.h:337
1938: (c5) if r0 s< 0x1 goto pc-1247          ; R0=scalar(smin=umin=smin32=umin32=1,smax=umax=smax32=umax32=4096,var_off=(0x0; 0x1fff))
; if (buf->offset > ARGS_BUF_SIZE - sizeof(int)) @ buffer.h:338
1939: (69) r2 = *(u16 *)(r6 +0)       ; R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff)) R6=map_value(map=event_data_map,ks=4,vs=32528,off=32146)
1940: (25) if r2 > 0x7cfc goto pc-1249        ; R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=31996,var_off=(0x0; 0x7fff))
; bpf_probe_read(&(buf->args[buf->offset]), sizeof(int), &sz); @ buffer.h:341
1941: (bf) r1 = r7                    ; R1_w=map_value(map=event_data_map,ks=4,vs=32528,off=145) R7=map_value(map=event_data_map,ks=4,vs=32528,off=145)
1942: (0f) r1 += r2                   ; R1_w=map_value(map=event_data_map,ks=4,vs=32528,off=145,smin=smin32=0,smax=umax=smax32=umax32=31996,var_off=(0x0; 0x7fff)) R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=31996,var_off=(0x0; 0x7fff))
1943: (bf) r3 = r10                   ; R3_w=fp0 R10=fp0
1944: (07) r3 += -76                  ; R3_w=fp-76
1945: (b7) r2 = 4                     ; R2_w=4
1946: (85) call bpf_probe_read#4      ; R0=scalar()
; buf->offset += sz + sizeof(int); @ buffer.h:342
1947: (69) r1 = *(u16 *)(r6 +0)       ; R1_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff)) R6=map_value(map=event_data_map,ks=4,vs=32528,off=32146)
1948: (61) r2 = *(u32 *)(r10 -76)     ; R2_w=scalar(smin=0,smax=umax=0xffffffff,var_off=(0x0; 0xffffffff)) R10=fp0 fp-80=mmmm????
1949: (0f) r2 += r1                   ; R1_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff)) R2_w=scalar(smin=0,smax=umax=0x10000fffe,var_off=(0x0; 0x1ffffffff))
1950: (07) r2 += 4                    ; R2_w=scalar(smin=umin=4,smax=umax=0x100010002,var_off=(0x0; 0x1ffffffff))
1951: (6b) *(u16 *)(r6 +0) = r2       ; R2_w=scalar(smin=umin=4,smax=umax=0x100010002,var_off=(0x0; 0x1ffffffff)) R6=map_value(map=event_data_map,ks=4,vs=32528,off=32146)
1952: (b7) r1 = 0                     ; R1_w=0
; const char *argp = NULL; @ buffer.h:326
1953: (7b) *(u64 *)(r10 -72) = r1     ; R1_w=0 R10=fp0 fp-72_w=0
; bpf_probe_read(&argp, sizeof(argp), &ptr[i]); @ buffer.h:327
1954: (79) r3 = *(u64 *)(r10 -128)    ; R3_w=scalar(id=69) R10=fp0 fp-128=scalar(id=69)
1955: (07) r3 += 176                  ; R3_w=scalar(id=69+176)
1956: (bf) r1 = r10                   ; R1_w=fp0 R10=fp0
1957: (07) r1 += -72                  ; R1_w=fp-72
1958: (b7) r2 = 8                     ; R2_w=8
1959: (85) call bpf_probe_read#4      ; R0_w=scalar() fp-72_w=mmmmmmmm
1960: (b7) r9 = 22                    ; R9_w=22
; if (!argp) @ buffer.h:328
1961: (79) r3 = *(u64 *)(r10 -72)     ; R3_w=scalar() R10=fp0 fp-72_w=mmmmmmmm
1962: (15) if r3 == 0x0 goto pc-1271          ; R3_w=scalar(umin=1)
; if (buf->offset > ARGS_BUF_SIZE - MAX_STRING_SIZE - sizeof(int)) @ buffer.h:331
1963: (69) r2 = *(u16 *)(r6 +0)       ; R2=scalar(smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff)) R6=map_value(map=event_data_map,ks=4,vs=32528,off=32146)
1964: (25) if r2 > 0x6cfc goto pc-1273        ; R2=scalar(smin=smin32=0,smax=umax=smax32=umax32=27900,var_off=(0x0; 0x7fff))
; int sz = bpf_probe_read_str(&(buf->args[buf->offset + sizeof(int)]), MAX_STRING_SIZE, argp); @ buffer.h:336
1965: (07) r2 += 4                    ; R2_w=scalar(smin=umin=smin32=umin32=4,smax=umax=smax32=umax32=27904,var_off=(0x0; 0x7fff))
1966: (57) r2 &= 65535                ; R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=27904,var_off=(0x0; 0x7fff))
1967: (bf) r1 = r7                    ; R1_w=map_value(map=event_data_map,ks=4,vs=32528,off=145) R7=map_value(map=event_data_map,ks=4,vs=32528,off=145)
1968: (0f) r1 += r2                   ; R1_w=map_value(map=event_data_map,ks=4,vs=32528,off=145,smin=smin32=0,smax=umax=smax32=umax32=27904,var_off=(0x0; 0x7fff)) R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=27904,var_off=(0x0; 0x7fff))
1969: (b7) r2 = 4096                  ; R2_w=4096
1970: (85) call bpf_probe_read_str#45         ; R0_w=scalar(smin=smin32=-4095,smax=smax32=4096)
1971: (63) *(u32 *)(r10 -76) = r0     ; R0_w=scalar(smin=smin32=-4095,smax=smax32=4096) R10=fp0 fp-80=mmmm????
1972: (67) r0 <<= 32                  ; R0_w=scalar(smax=0x100000000000,umax=0xffffffff00000000,smin32=0,smax32=umax32=0,var_off=(0x0; 0xffffffff00000000))
1973: (c7) r0 s>>= 32                 ; R0=scalar(smin=0xffffffff80000000,smax=smax32=4096)
; if (sz > 0) { @ buffer.h:337
1974: (c5) if r0 s< 0x1 goto pc-1283          ; R0=scalar(smin=umin=smin32=umin32=1,smax=umax=smax32=umax32=4096,var_off=(0x0; 0x1fff))
; if (buf->offset > ARGS_BUF_SIZE - sizeof(int)) @ buffer.h:338
1975: (69) r2 = *(u16 *)(r6 +0)       ; R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff)) R6=map_value(map=event_data_map,ks=4,vs=32528,off=32146)
1976: (25) if r2 > 0x7cfc goto pc-1285        ; R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=31996,var_off=(0x0; 0x7fff))
; bpf_probe_read(&(buf->args[buf->offset]), sizeof(int), &sz); @ buffer.h:341
1977: (bf) r1 = r7                    ; R1_w=map_value(map=event_data_map,ks=4,vs=32528,off=145) R7=map_value(map=event_data_map,ks=4,vs=32528,off=145)
1978: (0f) r1 += r2                   ; R1_w=map_value(map=event_data_map,ks=4,vs=32528,off=145,smin=smin32=0,smax=umax=smax32=umax32=31996,var_off=(0x0; 0x7fff)) R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=31996,var_off=(0x0; 0x7fff))
1979: (bf) r3 = r10                   ; R3_w=fp0 R10=fp0
1980: (07) r3 += -76                  ; R3_w=fp-76
1981: (b7) r2 = 4                     ; R2_w=4
1982: (85) call bpf_probe_read#4      ; R0=scalar()
; buf->offset += sz + sizeof(int); @ buffer.h:342
1983: (69) r1 = *(u16 *)(r6 +0)       ; R1_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff)) R6=map_value(map=event_data_map,ks=4,vs=32528,off=32146)
1984: (61) r2 = *(u32 *)(r10 -76)     ; R2_w=scalar(smin=0,smax=umax=0xffffffff,var_off=(0x0; 0xffffffff)) R10=fp0 fp-80=mmmm????
1985: (0f) r2 += r1                   ; R1_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff)) R2_w=scalar(smin=0,smax=umax=0x10000fffe,var_off=(0x0; 0x1ffffffff))
1986: (07) r2 += 4                    ; R2_w=scalar(smin=umin=4,smax=umax=0x100010002,var_off=(0x0; 0x1ffffffff))
1987: (6b) *(u16 *)(r6 +0) = r2       ; R2_w=scalar(smin=umin=4,smax=umax=0x100010002,var_off=(0x0; 0x1ffffffff)) R6=map_value(map=event_data_map,ks=4,vs=32528,off=32146)
1988: (b7) r1 = 0                     ; R1_w=0
; const char *argp = NULL; @ buffer.h:326
1989: (7b) *(u64 *)(r10 -72) = r1     ; R1_w=0 R10=fp0 fp-72_w=0
; bpf_probe_read(&argp, sizeof(argp), &ptr[i]); @ buffer.h:327
1990: (79) r3 = *(u64 *)(r10 -128)    ; R3_w=scalar(id=69) R10=fp0 fp-128=scalar(id=69)
1991: (07) r3 += 184                  ; R3_w=scalar(id=69+184)
1992: (bf) r1 = r10                   ; R1_w=fp0 R10=fp0
1993: (07) r1 += -72                  ; R1_w=fp-72
1994: (b7) r2 = 8                     ; R2_w=8
1995: (85) call bpf_probe_read#4      ; R0_w=scalar() fp-72_w=mmmmmmmm
1996: (b7) r9 = 23                    ; R9_w=23
; if (!argp) @ buffer.h:328
1997: (79) r3 = *(u64 *)(r10 -72)     ; R3_w=scalar() R10=fp0 fp-72_w=mmmmmmmm
1998: (15) if r3 == 0x0 goto pc-1307          ; R3_w=scalar(umin=1)
; if (buf->offset > ARGS_BUF_SIZE - MAX_STRING_SIZE - sizeof(int)) @ buffer.h:331
1999: (69) r2 = *(u16 *)(r6 +0)       ; R2=scalar(smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff)) R6=map_value(map=event_data_map,ks=4,vs=32528,off=32146)
2000: (25) if r2 > 0x6cfc goto pc-1309        ; R2=scalar(smin=smin32=0,smax=umax=smax32=umax32=27900,var_off=(0x0; 0x7fff))
; int sz = bpf_probe_read_str(&(buf->args[buf->offset + sizeof(int)]), MAX_STRING_SIZE, argp); @ buffer.h:336
2001: (07) r2 += 4                    ; R2_w=scalar(smin=umin=smin32=umin32=4,smax=umax=smax32=umax32=27904,var_off=(0x0; 0x7fff))
2002: (57) r2 &= 65535                ; R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=27904,var_off=(0x0; 0x7fff))
2003: (bf) r1 = r7                    ; R1_w=map_value(map=event_data_map,ks=4,vs=32528,off=145) R7=map_value(map=event_data_map,ks=4,vs=32528,off=145)
2004: (0f) r1 += r2                   ; R1_w=map_value(map=event_data_map,ks=4,vs=32528,off=145,smin=smin32=0,smax=umax=smax32=umax32=27904,var_off=(0x0; 0x7fff)) R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=27904,var_off=(0x0; 0x7fff))
2005: (b7) r2 = 4096                  ; R2_w=4096
2006: (85) call bpf_probe_read_str#45         ; R0_w=scalar(smin=smin32=-4095,smax=smax32=4096)
2007: (63) *(u32 *)(r10 -76) = r0     ; R0_w=scalar(smin=smin32=-4095,smax=smax32=4096) R10=fp0 fp-80=mmmm????
2008: (67) r0 <<= 32                  ; R0_w=scalar(smax=0x100000000000,umax=0xffffffff00000000,smin32=0,smax32=umax32=0,var_off=(0x0; 0xffffffff00000000))
2009: (c7) r0 s>>= 32                 ; R0=scalar(smin=0xffffffff80000000,smax=smax32=4096)
; if (sz > 0) { @ buffer.h:337
2010: (c5) if r0 s< 0x1 goto pc-1319          ; R0=scalar(smin=umin=smin32=umin32=1,smax=umax=smax32=umax32=4096,var_off=(0x0; 0x1fff))
; if (buf->offset > ARGS_BUF_SIZE - sizeof(int)) @ buffer.h:338
2011: (69) r2 = *(u16 *)(r6 +0)       ; R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff)) R6=map_value(map=event_data_map,ks=4,vs=32528,off=32146)
2012: (25) if r2 > 0x7cfc goto pc-1321        ; R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=31996,var_off=(0x0; 0x7fff))
; bpf_probe_read(&(buf->args[buf->offset]), sizeof(int), &sz); @ buffer.h:341
2013: (bf) r1 = r7                    ; R1_w=map_value(map=event_data_map,ks=4,vs=32528,off=145) R7=map_value(map=event_data_map,ks=4,vs=32528,off=145)
2014: (0f) r1 += r2                   ; R1_w=map_value(map=event_data_map,ks=4,vs=32528,off=145,smin=smin32=0,smax=umax=smax32=umax32=31996,var_off=(0x0; 0x7fff)) R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=31996,var_off=(0x0; 0x7fff))
2015: (bf) r3 = r10                   ; R3_w=fp0 R10=fp0
2016: (07) r3 += -76                  ; R3_w=fp-76
2017: (b7) r2 = 4                     ; R2_w=4
2018: (85) call bpf_probe_read#4      ; R0=scalar()
; buf->offset += sz + sizeof(int); @ buffer.h:342
2019: (69) r1 = *(u16 *)(r6 +0)       ; R1_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff)) R6=map_value(map=event_data_map,ks=4,vs=32528,off=32146)
2020: (61) r2 = *(u32 *)(r10 -76)     ; R2_w=scalar(smin=0,smax=umax=0xffffffff,var_off=(0x0; 0xffffffff)) R10=fp0 fp-80=mmmm????
2021: (0f) r2 += r1                   ; R1_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff)) R2_w=scalar(smin=0,smax=umax=0x10000fffe,var_off=(0x0; 0x1ffffffff))
2022: (07) r2 += 4                    ; R2_w=scalar(smin=umin=4,smax=umax=0x100010002,var_off=(0x0; 0x1ffffffff))
2023: (6b) *(u16 *)(r6 +0) = r2       ; R2_w=scalar(smin=umin=4,smax=umax=0x100010002,var_off=(0x0; 0x1ffffffff)) R6=map_value(map=event_data_map,ks=4,vs=32528,off=32146)
2024: (b7) r1 = 0                     ; R1_w=0
; const char *argp = NULL; @ buffer.h:326
2025: (7b) *(u64 *)(r10 -72) = r1     ; R1_w=0 R10=fp0 fp-72_w=0
; bpf_probe_read(&argp, sizeof(argp), &ptr[i]); @ buffer.h:327
2026: (79) r3 = *(u64 *)(r10 -128)    ; R3_w=scalar(id=69) R10=fp0 fp-128=scalar(id=69)
2027: (07) r3 += 192                  ; R3_w=scalar(id=69+192)
2028: (bf) r1 = r10                   ; R1_w=fp0 R10=fp0
2029: (07) r1 += -72                  ; R1_w=fp-72
2030: (b7) r2 = 8                     ; R2_w=8
2031: (85) call bpf_probe_read#4      ; R0_w=scalar() fp-72_w=mmmmmmmm
2032: (b7) r9 = 24                    ; R9_w=24
; if (!argp) @ buffer.h:328
2033: (79) r3 = *(u64 *)(r10 -72)     ; R3_w=scalar() R10=fp0 fp-72_w=mmmmmmmm
2034: (15) if r3 == 0x0 goto pc-1343          ; R3_w=scalar(umin=1)
; if (buf->offset > ARGS_BUF_SIZE - MAX_STRING_SIZE - sizeof(int)) @ buffer.h:331
2035: (69) r2 = *(u16 *)(r6 +0)       ; R2=scalar(smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff)) R6=map_value(map=event_data_map,ks=4,vs=32528,off=32146)
2036: (25) if r2 > 0x6cfc goto pc-1345        ; R2=scalar(smin=smin32=0,smax=umax=smax32=umax32=27900,var_off=(0x0; 0x7fff))
; int sz = bpf_probe_read_str(&(buf->args[buf->offset + sizeof(int)]), MAX_STRING_SIZE, argp); @ buffer.h:336
2037: (07) r2 += 4                    ; R2_w=scalar(smin=umin=smin32=umin32=4,smax=umax=smax32=umax32=27904,var_off=(0x0; 0x7fff))
2038: (57) r2 &= 65535                ; R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=27904,var_off=(0x0; 0x7fff))
2039: (bf) r1 = r7                    ; R1_w=map_value(map=event_data_map,ks=4,vs=32528,off=145) R7=map_value(map=event_data_map,ks=4,vs=32528,off=145)
2040: (0f) r1 += r2                   ; R1_w=map_value(map=event_data_map,ks=4,vs=32528,off=145,smin=smin32=0,smax=umax=smax32=umax32=27904,var_off=(0x0; 0x7fff)) R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=27904,var_off=(0x0; 0x7fff))
2041: (b7) r2 = 4096                  ; R2_w=4096
2042: (85) call bpf_probe_read_str#45         ; R0_w=scalar(smin=smin32=-4095,smax=smax32=4096)
2043: (63) *(u32 *)(r10 -76) = r0     ; R0_w=scalar(smin=smin32=-4095,smax=smax32=4096) R10=fp0 fp-80=mmmm????
2044: (67) r0 <<= 32                  ; R0_w=scalar(smax=0x100000000000,umax=0xffffffff00000000,smin32=0,smax32=umax32=0,var_off=(0x0; 0xffffffff00000000))
2045: (c7) r0 s>>= 32                 ; R0=scalar(smin=0xffffffff80000000,smax=smax32=4096)
; if (sz > 0) { @ buffer.h:337
2046: (c5) if r0 s< 0x1 goto pc-1355          ; R0=scalar(smin=umin=smin32=umin32=1,smax=umax=smax32=umax32=4096,var_off=(0x0; 0x1fff))
; if (buf->offset > ARGS_BUF_SIZE - sizeof(int)) @ buffer.h:338
2047: (69) r2 = *(u16 *)(r6 +0)       ; R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff)) R6=map_value(map=event_data_map,ks=4,vs=32528,off=32146)
2048: (25) if r2 > 0x7cfc goto pc-1357        ; R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=31996,var_off=(0x0; 0x7fff))
; bpf_probe_read(&(buf->args[buf->offset]), sizeof(int), &sz); @ buffer.h:341
2049: (bf) r1 = r7                    ; R1_w=map_value(map=event_data_map,ks=4,vs=32528,off=145) R7=map_value(map=event_data_map,ks=4,vs=32528,off=145)
2050: (0f) r1 += r2                   ; R1_w=map_value(map=event_data_map,ks=4,vs=32528,off=145,smin=smin32=0,smax=umax=smax32=umax32=31996,var_off=(0x0; 0x7fff)) R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=31996,var_off=(0x0; 0x7fff))
2051: (bf) r3 = r10                   ; R3_w=fp0 R10=fp0
2052: (07) r3 += -76                  ; R3_w=fp-76
2053: (b7) r2 = 4                     ; R2_w=4
2054: (85) call bpf_probe_read#4      ; R0=scalar()
; buf->offset += sz + sizeof(int); @ buffer.h:342
2055: (69) r1 = *(u16 *)(r6 +0)       ; R1_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff)) R6=map_value(map=event_data_map,ks=4,vs=32528,off=32146)
2056: (61) r2 = *(u32 *)(r10 -76)     ; R2_w=scalar(smin=0,smax=umax=0xffffffff,var_off=(0x0; 0xffffffff)) R10=fp0 fp-80=mmmm????
2057: (0f) r2 += r1                   ; R1_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff)) R2_w=scalar(smin=0,smax=umax=0x10000fffe,var_off=(0x0; 0x1ffffffff))
2058: (07) r2 += 4                    ; R2_w=scalar(smin=umin=4,smax=umax=0x100010002,var_off=(0x0; 0x1ffffffff))
2059: (6b) *(u16 *)(r6 +0) = r2       ; R2_w=scalar(smin=umin=4,smax=umax=0x100010002,var_off=(0x0; 0x1ffffffff)) R6=map_value(map=event_data_map,ks=4,vs=32528,off=32146)
2060: (b7) r1 = 0                     ; R1_w=0
; const char *argp = NULL; @ buffer.h:326
2061: (7b) *(u64 *)(r10 -72) = r1     ; R1_w=0 R10=fp0 fp-72_w=0
; bpf_probe_read(&argp, sizeof(argp), &ptr[i]); @ buffer.h:327
2062: (79) r3 = *(u64 *)(r10 -128)    ; R3_w=scalar(id=69) R10=fp0 fp-128=scalar(id=69)
2063: (07) r3 += 200                  ; R3_w=scalar(id=69+200)
2064: (bf) r1 = r10                   ; R1_w=fp0 R10=fp0
2065: (07) r1 += -72                  ; R1_w=fp-72
2066: (b7) r2 = 8                     ; R2_w=8
2067: (85) call bpf_probe_read#4      ; R0_w=scalar() fp-72_w=mmmmmmmm
2068: (b7) r9 = 25                    ; R9_w=25
; if (!argp) @ buffer.h:328
2069: (79) r3 = *(u64 *)(r10 -72)     ; R3_w=scalar() R10=fp0 fp-72_w=mmmmmmmm
2070: (15) if r3 == 0x0 goto pc-1379          ; R3_w=scalar(umin=1)
; if (buf->offset > ARGS_BUF_SIZE - MAX_STRING_SIZE - sizeof(int)) @ buffer.h:331
2071: (69) r2 = *(u16 *)(r6 +0)       ; R2=scalar(smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff)) R6=map_value(map=event_data_map,ks=4,vs=32528,off=32146)
2072: (25) if r2 > 0x6cfc goto pc-1381        ; R2=scalar(smin=smin32=0,smax=umax=smax32=umax32=27900,var_off=(0x0; 0x7fff))
; int sz = bpf_probe_read_str(&(buf->args[buf->offset + sizeof(int)]), MAX_STRING_SIZE, argp); @ buffer.h:336
2073: (07) r2 += 4                    ; R2_w=scalar(smin=umin=smin32=umin32=4,smax=umax=smax32=umax32=27904,var_off=(0x0; 0x7fff))
2074: (57) r2 &= 65535                ; R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=27904,var_off=(0x0; 0x7fff))
2075: (bf) r1 = r7                    ; R1_w=map_value(map=event_data_map,ks=4,vs=32528,off=145) R7=map_value(map=event_data_map,ks=4,vs=32528,off=145)
2076: (0f) r1 += r2                   ; R1_w=map_value(map=event_data_map,ks=4,vs=32528,off=145,smin=smin32=0,smax=umax=smax32=umax32=27904,var_off=(0x0; 0x7fff)) R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=27904,var_off=(0x0; 0x7fff))
2077: (b7) r2 = 4096                  ; R2_w=4096
2078: (85) call bpf_probe_read_str#45         ; R0_w=scalar(smin=smin32=-4095,smax=smax32=4096)
2079: (63) *(u32 *)(r10 -76) = r0     ; R0_w=scalar(smin=smin32=-4095,smax=smax32=4096) R10=fp0 fp-80=mmmm????
2080: (67) r0 <<= 32                  ; R0_w=scalar(smax=0x100000000000,umax=0xffffffff00000000,smin32=0,smax32=umax32=0,var_off=(0x0; 0xffffffff00000000))
2081: (c7) r0 s>>= 32                 ; R0=scalar(smin=0xffffffff80000000,smax=smax32=4096)
; if (sz > 0) { @ buffer.h:337
2082: (c5) if r0 s< 0x1 goto pc-1391          ; R0=scalar(smin=umin=smin32=umin32=1,smax=umax=smax32=umax32=4096,var_off=(0x0; 0x1fff))
; if (buf->offset > ARGS_BUF_SIZE - sizeof(int)) @ buffer.h:338
2083: (69) r2 = *(u16 *)(r6 +0)       ; R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff)) R6=map_value(map=event_data_map,ks=4,vs=32528,off=32146)
2084: (25) if r2 > 0x7cfc goto pc-1393        ; R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=31996,var_off=(0x0; 0x7fff))
; bpf_probe_read(&(buf->args[buf->offset]), sizeof(int), &sz); @ buffer.h:341
2085: (bf) r1 = r7                    ; R1_w=map_value(map=event_data_map,ks=4,vs=32528,off=145) R7=map_value(map=event_data_map,ks=4,vs=32528,off=145)
2086: (0f) r1 += r2                   ; R1_w=map_value(map=event_data_map,ks=4,vs=32528,off=145,smin=smin32=0,smax=umax=smax32=umax32=31996,var_off=(0x0; 0x7fff)) R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=31996,var_off=(0x0; 0x7fff))
2087: (bf) r3 = r10                   ; R3_w=fp0 R10=fp0
2088: (07) r3 += -76                  ; R3_w=fp-76
2089: (b7) r2 = 4                     ; R2_w=4
2090: (85) call bpf_probe_read#4      ; R0=scalar()
; buf->offset += sz + sizeof(int); @ buffer.h:342
2091: (69) r1 = *(u16 *)(r6 +0)       ; R1_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff)) R6=map_value(map=event_data_map,ks=4,vs=32528,off=32146)
2092: (61) r2 = *(u32 *)(r10 -76)     ; R2_w=scalar(smin=0,smax=umax=0xffffffff,var_off=(0x0; 0xffffffff)) R10=fp0 fp-80=mmmm????
2093: (0f) r2 += r1                   ; R1_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff)) R2_w=scalar(smin=0,smax=umax=0x10000fffe,var_off=(0x0; 0x1ffffffff))
2094: (07) r2 += 4                    ; R2_w=scalar(smin=umin=4,smax=umax=0x100010002,var_off=(0x0; 0x1ffffffff))
2095: (6b) *(u16 *)(r6 +0) = r2       ; R2_w=scalar(smin=umin=4,smax=umax=0x100010002,var_off=(0x0; 0x1ffffffff)) R6=map_value(map=event_data_map,ks=4,vs=32528,off=32146)
2096: (b7) r1 = 0                     ; R1_w=0
; const char *argp = NULL; @ buffer.h:326
2097: (7b) *(u64 *)(r10 -72) = r1     ; R1_w=0 R10=fp0 fp-72_w=0
; bpf_probe_read(&argp, sizeof(argp), &ptr[i]); @ buffer.h:327
2098: (79) r3 = *(u64 *)(r10 -128)    ; R3_w=scalar(id=69) R10=fp0 fp-128=scalar(id=69)
2099: (07) r3 += 208                  ; R3_w=scalar(id=69+208)
2100: (bf) r1 = r10                   ; R1_w=fp0 R10=fp0
2101: (07) r1 += -72                  ; R1_w=fp-72
2102: (b7) r2 = 8                     ; R2_w=8
2103: (85) call bpf_probe_read#4      ; R0_w=scalar() fp-72_w=mmmmmmmm
2104: (b7) r9 = 26                    ; R9_w=26
; if (!argp) @ buffer.h:328
2105: (79) r3 = *(u64 *)(r10 -72)     ; R3_w=scalar() R10=fp0 fp-72_w=mmmmmmmm
2106: (15) if r3 == 0x0 goto pc-1415          ; R3_w=scalar(umin=1)
; if (buf->offset > ARGS_BUF_SIZE - MAX_STRING_SIZE - sizeof(int)) @ buffer.h:331
2107: (69) r2 = *(u16 *)(r6 +0)       ; R2=scalar(smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff)) R6=map_value(map=event_data_map,ks=4,vs=32528,off=32146)
2108: (25) if r2 > 0x6cfc goto pc-1417        ; R2=scalar(smin=smin32=0,smax=umax=smax32=umax32=27900,var_off=(0x0; 0x7fff))
; int sz = bpf_probe_read_str(&(buf->args[buf->offset + sizeof(int)]), MAX_STRING_SIZE, argp); @ buffer.h:336
2109: (07) r2 += 4                    ; R2_w=scalar(smin=umin=smin32=umin32=4,smax=umax=smax32=umax32=27904,var_off=(0x0; 0x7fff))
2110: (57) r2 &= 65535                ; R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=27904,var_off=(0x0; 0x7fff))
2111: (bf) r1 = r7                    ; R1_w=map_value(map=event_data_map,ks=4,vs=32528,off=145) R7=map_value(map=event_data_map,ks=4,vs=32528,off=145)
2112: (0f) r1 += r2                   ; R1_w=map_value(map=event_data_map,ks=4,vs=32528,off=145,smin=smin32=0,smax=umax=smax32=umax32=27904,var_off=(0x0; 0x7fff)) R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=27904,var_off=(0x0; 0x7fff))
2113: (b7) r2 = 4096                  ; R2_w=4096
2114: (85) call bpf_probe_read_str#45         ; R0_w=scalar(smin=smin32=-4095,smax=smax32=4096)
2115: (63) *(u32 *)(r10 -76) = r0     ; R0_w=scalar(smin=smin32=-4095,smax=smax32=4096) R10=fp0 fp-80=mmmm????
2116: (67) r0 <<= 32                  ; R0_w=scalar(smax=0x100000000000,umax=0xffffffff00000000,smin32=0,smax32=umax32=0,var_off=(0x0; 0xffffffff00000000))
2117: (c7) r0 s>>= 32                 ; R0=scalar(smin=0xffffffff80000000,smax=smax32=4096)
; if (sz > 0) { @ buffer.h:337
2118: (c5) if r0 s< 0x1 goto pc-1427          ; R0=scalar(smin=umin=smin32=umin32=1,smax=umax=smax32=umax32=4096,var_off=(0x0; 0x1fff))
; if (buf->offset > ARGS_BUF_SIZE - sizeof(int)) @ buffer.h:338
2119: (69) r2 = *(u16 *)(r6 +0)       ; R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff)) R6=map_value(map=event_data_map,ks=4,vs=32528,off=32146)
2120: (25) if r2 > 0x7cfc goto pc-1429        ; R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=31996,var_off=(0x0; 0x7fff))
; bpf_probe_read(&(buf->args[buf->offset]), sizeof(int), &sz); @ buffer.h:341
2121: (bf) r1 = r7                    ; R1_w=map_value(map=event_data_map,ks=4,vs=32528,off=145) R7=map_value(map=event_data_map,ks=4,vs=32528,off=145)
2122: (0f) r1 += r2                   ; R1_w=map_value(map=event_data_map,ks=4,vs=32528,off=145,smin=smin32=0,smax=umax=smax32=umax32=31996,var_off=(0x0; 0x7fff)) R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=31996,var_off=(0x0; 0x7fff))
2123: (bf) r3 = r10                   ; R3_w=fp0 R10=fp0
2124: (07) r3 += -76                  ; R3_w=fp-76
2125: (b7) r2 = 4                     ; R2_w=4
2126: (85) call bpf_probe_read#4      ; R0=scalar()
; buf->offset += sz + sizeof(int); @ buffer.h:342
2127: (69) r1 = *(u16 *)(r6 +0)       ; R1_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff)) R6=map_value(map=event_data_map,ks=4,vs=32528,off=32146)
2128: (61) r2 = *(u32 *)(r10 -76)     ; R2_w=scalar(smin=0,smax=umax=0xffffffff,var_off=(0x0; 0xffffffff)) R10=fp0 fp-80=mmmm????
2129: (0f) r2 += r1                   ; R1_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff)) R2_w=scalar(smin=0,smax=umax=0x10000fffe,var_off=(0x0; 0x1ffffffff))
2130: (07) r2 += 4                    ; R2_w=scalar(smin=umin=4,smax=umax=0x100010002,var_off=(0x0; 0x1ffffffff))
2131: (6b) *(u16 *)(r6 +0) = r2       ; R2_w=scalar(smin=umin=4,smax=umax=0x100010002,var_off=(0x0; 0x1ffffffff)) R6=map_value(map=event_data_map,ks=4,vs=32528,off=32146)
2132: (b7) r1 = 0                     ; R1_w=0
; const char *argp = NULL; @ buffer.h:326
2133: (7b) *(u64 *)(r10 -72) = r1     ; R1_w=0 R10=fp0 fp-72_w=0
; bpf_probe_read(&argp, sizeof(argp), &ptr[i]); @ buffer.h:327
2134: (79) r3 = *(u64 *)(r10 -128)    ; R3_w=scalar(id=69) R10=fp0 fp-128=scalar(id=69)
2135: (07) r3 += 216                  ; R3_w=scalar(id=69+216)
2136: (bf) r1 = r10                   ; R1_w=fp0 R10=fp0
2137: (07) r1 += -72                  ; R1_w=fp-72
2138: (b7) r2 = 8                     ; R2_w=8
2139: (85) call bpf_probe_read#4      ; R0_w=scalar() fp-72_w=mmmmmmmm
2140: (b7) r9 = 27                    ; R9_w=27
; if (!argp) @ buffer.h:328
2141: (79) r3 = *(u64 *)(r10 -72)     ; R3_w=scalar() R10=fp0 fp-72_w=mmmmmmmm
2142: (15) if r3 == 0x0 goto pc-1451          ; R3_w=scalar(umin=1)
; if (buf->offset > ARGS_BUF_SIZE - MAX_STRING_SIZE - sizeof(int)) @ buffer.h:331
2143: (69) r2 = *(u16 *)(r6 +0)       ; R2=scalar(smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff)) R6=map_value(map=event_data_map,ks=4,vs=32528,off=32146)
2144: (25) if r2 > 0x6cfc goto pc-1453        ; R2=scalar(smin=smin32=0,smax=umax=smax32=umax32=27900,var_off=(0x0; 0x7fff))
; int sz = bpf_probe_read_str(&(buf->args[buf->offset + sizeof(int)]), MAX_STRING_SIZE, argp); @ buffer.h:336
2145: (07) r2 += 4                    ; R2_w=scalar(smin=umin=smin32=umin32=4,smax=umax=smax32=umax32=27904,var_off=(0x0; 0x7fff))
2146: (57) r2 &= 65535                ; R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=27904,var_off=(0x0; 0x7fff))
2147: (bf) r1 = r7                    ; R1_w=map_value(map=event_data_map,ks=4,vs=32528,off=145) R7=map_value(map=event_data_map,ks=4,vs=32528,off=145)
2148: (0f) r1 += r2                   ; R1_w=map_value(map=event_data_map,ks=4,vs=32528,off=145,smin=smin32=0,smax=umax=smax32=umax32=27904,var_off=(0x0; 0x7fff)) R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=27904,var_off=(0x0; 0x7fff))
2149: (b7) r2 = 4096                  ; R2_w=4096
2150: (85) call bpf_probe_read_str#45         ; R0_w=scalar(smin=smin32=-4095,smax=smax32=4096)
2151: (63) *(u32 *)(r10 -76) = r0     ; R0_w=scalar(smin=smin32=-4095,smax=smax32=4096) R10=fp0 fp-80=mmmm????
2152: (67) r0 <<= 32                  ; R0_w=scalar(smax=0x100000000000,umax=0xffffffff00000000,smin32=0,smax32=umax32=0,var_off=(0x0; 0xffffffff00000000))
2153: (c7) r0 s>>= 32                 ; R0=scalar(smin=0xffffffff80000000,smax=smax32=4096)
; if (sz > 0) { @ buffer.h:337
2154: (c5) if r0 s< 0x1 goto pc-1463          ; R0=scalar(smin=umin=smin32=umin32=1,smax=umax=smax32=umax32=4096,var_off=(0x0; 0x1fff))
; if (buf->offset > ARGS_BUF_SIZE - sizeof(int)) @ buffer.h:338
2155: (69) r2 = *(u16 *)(r6 +0)       ; R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff)) R6=map_value(map=event_data_map,ks=4,vs=32528,off=32146)
2156: (25) if r2 > 0x7cfc goto pc-1465        ; R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=31996,var_off=(0x0; 0x7fff))
; bpf_probe_read(&(buf->args[buf->offset]), sizeof(int), &sz); @ buffer.h:341
2157: (bf) r1 = r7                    ; R1_w=map_value(map=event_data_map,ks=4,vs=32528,off=145) R7=map_value(map=event_data_map,ks=4,vs=32528,off=145)
2158: (0f) r1 += r2                   ; R1_w=map_value(map=event_data_map,ks=4,vs=32528,off=145,smin=smin32=0,smax=umax=smax32=umax32=31996,var_off=(0x0; 0x7fff)) R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=31996,var_off=(0x0; 0x7fff))
2159: (bf) r3 = r10                   ; R3_w=fp0 R10=fp0
2160: (07) r3 += -76                  ; R3_w=fp-76
2161: (b7) r2 = 4                     ; R2_w=4
2162: (85) call bpf_probe_read#4      ; R0=scalar()
; buf->offset += sz + sizeof(int); @ buffer.h:342
2163: (69) r1 = *(u16 *)(r6 +0)       ; R1_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff)) R6=map_value(map=event_data_map,ks=4,vs=32528,off=32146)
2164: (61) r2 = *(u32 *)(r10 -76)     ; R2_w=scalar(smin=0,smax=umax=0xffffffff,var_off=(0x0; 0xffffffff)) R10=fp0 fp-80=mmmm????
2165: (0f) r2 += r1                   ; R1_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff)) R2_w=scalar(smin=0,smax=umax=0x10000fffe,var_off=(0x0; 0x1ffffffff))
2166: (07) r2 += 4                    ; R2_w=scalar(smin=umin=4,smax=umax=0x100010002,var_off=(0x0; 0x1ffffffff))
2167: (6b) *(u16 *)(r6 +0) = r2       ; R2_w=scalar(smin=umin=4,smax=umax=0x100010002,var_off=(0x0; 0x1ffffffff)) R6=map_value(map=event_data_map,ks=4,vs=32528,off=32146)
2168: (b7) r1 = 0                     ; R1_w=0
; const char *argp = NULL; @ buffer.h:326
2169: (7b) *(u64 *)(r10 -72) = r1     ; R1_w=0 R10=fp0 fp-72_w=0
; bpf_probe_read(&argp, sizeof(argp), &ptr[i]); @ buffer.h:327
2170: (79) r3 = *(u64 *)(r10 -128)    ; R3_w=scalar(id=69) R10=fp0 fp-128=scalar(id=69)
2171: (07) r3 += 224                  ; R3_w=scalar(id=69+224)
2172: (bf) r1 = r10                   ; R1_w=fp0 R10=fp0
2173: (07) r1 += -72                  ; R1_w=fp-72
2174: (b7) r2 = 8                     ; R2_w=8
2175: (85) call bpf_probe_read#4      ; R0_w=scalar() fp-72_w=mmmmmmmm
2176: (b7) r9 = 28                    ; R9_w=28
; if (!argp) @ buffer.h:328
2177: (79) r3 = *(u64 *)(r10 -72)     ; R3_w=scalar() R10=fp0 fp-72_w=mmmmmmmm
2178: (15) if r3 == 0x0 goto pc-1487          ; R3_w=scalar(umin=1)
; if (buf->offset > ARGS_BUF_SIZE - MAX_STRING_SIZE - sizeof(int)) @ buffer.h:331
2179: (69) r2 = *(u16 *)(r6 +0)       ; R2=scalar(smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff)) R6=map_value(map=event_data_map,ks=4,vs=32528,off=32146)
2180: (25) if r2 > 0x6cfc goto pc-1489        ; R2=scalar(smin=smin32=0,smax=umax=smax32=umax32=27900,var_off=(0x0; 0x7fff))
; int sz = bpf_probe_read_str(&(buf->args[buf->offset + sizeof(int)]), MAX_STRING_SIZE, argp); @ buffer.h:336
2181: (07) r2 += 4                    ; R2_w=scalar(smin=umin=smin32=umin32=4,smax=umax=smax32=umax32=27904,var_off=(0x0; 0x7fff))
2182: (57) r2 &= 65535                ; R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=27904,var_off=(0x0; 0x7fff))
2183: (bf) r1 = r7                    ; R1_w=map_value(map=event_data_map,ks=4,vs=32528,off=145) R7=map_value(map=event_data_map,ks=4,vs=32528,off=145)
2184: (0f) r1 += r2                   ; R1_w=map_value(map=event_data_map,ks=4,vs=32528,off=145,smin=smin32=0,smax=umax=smax32=umax32=27904,var_off=(0x0; 0x7fff)) R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=27904,var_off=(0x0; 0x7fff))
2185: (b7) r2 = 4096                  ; R2_w=4096
2186: (85) call bpf_probe_read_str#45         ; R0_w=scalar(smin=smin32=-4095,smax=smax32=4096)
2187: (63) *(u32 *)(r10 -76) = r0     ; R0_w=scalar(smin=smin32=-4095,smax=smax32=4096) R10=fp0 fp-80=mmmm????
2188: (67) r0 <<= 32                  ; R0_w=scalar(smax=0x100000000000,umax=0xffffffff00000000,smin32=0,smax32=umax32=0,var_off=(0x0; 0xffffffff00000000))
2189: (c7) r0 s>>= 32                 ; R0=scalar(smin=0xffffffff80000000,smax=smax32=4096)
; if (sz > 0) { @ buffer.h:337
2190: (c5) if r0 s< 0x1 goto pc-1499          ; R0=scalar(smin=umin=smin32=umin32=1,smax=umax=smax32=umax32=4096,var_off=(0x0; 0x1fff))
; if (buf->offset > ARGS_BUF_SIZE - sizeof(int)) @ buffer.h:338
2191: (69) r2 = *(u16 *)(r6 +0)       ; R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff)) R6=map_value(map=event_data_map,ks=4,vs=32528,off=32146)
2192: (25) if r2 > 0x7cfc goto pc-1501        ; R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=31996,var_off=(0x0; 0x7fff))
; bpf_probe_read(&(buf->args[buf->offset]), sizeof(int), &sz); @ buffer.h:341
2193: (bf) r1 = r7                    ; R1_w=map_value(map=event_data_map,ks=4,vs=32528,off=145) R7=map_value(map=event_data_map,ks=4,vs=32528,off=145)
2194: (0f) r1 += r2                   ; R1_w=map_value(map=event_data_map,ks=4,vs=32528,off=145,smin=smin32=0,smax=umax=smax32=umax32=31996,var_off=(0x0; 0x7fff)) R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=31996,var_off=(0x0; 0x7fff))
2195: (bf) r3 = r10                   ; R3_w=fp0 R10=fp0
2196: (07) r3 += -76                  ; R3_w=fp-76
2197: (b7) r2 = 4                     ; R2_w=4
2198: (85) call bpf_probe_read#4      ; R0=scalar()
; buf->offset += sz + sizeof(int); @ buffer.h:342
2199: (69) r1 = *(u16 *)(r6 +0)       ; R1_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff)) R6=map_value(map=event_data_map,ks=4,vs=32528,off=32146)
2200: (61) r2 = *(u32 *)(r10 -76)     ; R2_w=scalar(smin=0,smax=umax=0xffffffff,var_off=(0x0; 0xffffffff)) R10=fp0 fp-80=mmmm????
2201: (0f) r2 += r1                   ; R1_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff)) R2_w=scalar(smin=0,smax=umax=0x10000fffe,var_off=(0x0; 0x1ffffffff))
2202: (07) r2 += 4                    ; R2_w=scalar(smin=umin=4,smax=umax=0x100010002,var_off=(0x0; 0x1ffffffff))
2203: (6b) *(u16 *)(r6 +0) = r2       ; R2_w=scalar(smin=umin=4,smax=umax=0x100010002,var_off=(0x0; 0x1ffffffff)) R6=map_value(map=event_data_map,ks=4,vs=32528,off=32146)
2204: (b7) r1 = 0                     ; R1_w=0
; const char *argp = NULL; @ buffer.h:326
2205: (7b) *(u64 *)(r10 -72) = r1     ; R1_w=0 R10=fp0 fp-72_w=0
; bpf_probe_read(&argp, sizeof(argp), &ptr[i]); @ buffer.h:327
2206: (79) r3 = *(u64 *)(r10 -128)    ; R3_w=scalar(id=69) R10=fp0 fp-128=scalar(id=69)
2207: (07) r3 += 232                  ; R3_w=scalar(id=69+232)
2208: (bf) r1 = r10                   ; R1_w=fp0 R10=fp0
2209: (07) r1 += -72                  ; R1_w=fp-72
2210: (b7) r2 = 8                     ; R2_w=8
2211: (85) call bpf_probe_read#4      ; R0_w=scalar() fp-72_w=mmmmmmmm
2212: (b7) r9 = 29                    ; R9_w=29
; if (!argp) @ buffer.h:328
2213: (79) r3 = *(u64 *)(r10 -72)     ; R3_w=scalar() R10=fp0 fp-72_w=mmmmmmmm
2214: (15) if r3 == 0x0 goto pc-1523          ; R3_w=scalar(umin=1)
; if (buf->offset > ARGS_BUF_SIZE - MAX_STRING_SIZE - sizeof(int)) @ buffer.h:331
2215: (69) r2 = *(u16 *)(r6 +0)       ; R2=scalar(smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff)) R6=map_value(map=event_data_map,ks=4,vs=32528,off=32146)
2216: (25) if r2 > 0x6cfc goto pc-1525        ; R2=scalar(smin=smin32=0,smax=umax=smax32=umax32=27900,var_off=(0x0; 0x7fff))
; int sz = bpf_probe_read_str(&(buf->args[buf->offset + sizeof(int)]), MAX_STRING_SIZE, argp); @ buffer.h:336
2217: (07) r2 += 4                    ; R2_w=scalar(smin=umin=smin32=umin32=4,smax=umax=smax32=umax32=27904,var_off=(0x0; 0x7fff))
2218: (57) r2 &= 65535                ; R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=27904,var_off=(0x0; 0x7fff))
2219: (bf) r1 = r7                    ; R1_w=map_value(map=event_data_map,ks=4,vs=32528,off=145) R7=map_value(map=event_data_map,ks=4,vs=32528,off=145)
2220: (0f) r1 += r2                   ; R1_w=map_value(map=event_data_map,ks=4,vs=32528,off=145,smin=smin32=0,smax=umax=smax32=umax32=27904,var_off=(0x0; 0x7fff)) R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=27904,var_off=(0x0; 0x7fff))
2221: (b7) r2 = 4096                  ; R2_w=4096
2222: (85) call bpf_probe_read_str#45         ; R0_w=scalar(smin=smin32=-4095,smax=smax32=4096)
2223: (63) *(u32 *)(r10 -76) = r0     ; R0_w=scalar(smin=smin32=-4095,smax=smax32=4096) R10=fp0 fp-80=mmmm????
2224: (67) r0 <<= 32                  ; R0_w=scalar(smax=0x100000000000,umax=0xffffffff00000000,smin32=0,smax32=umax32=0,var_off=(0x0; 0xffffffff00000000))
2225: (c7) r0 s>>= 32                 ; R0=scalar(smin=0xffffffff80000000,smax=smax32=4096)
; if (sz > 0) { @ buffer.h:337
2226: (c5) if r0 s< 0x1 goto pc-1535          ; R0=scalar(smin=umin=smin32=umin32=1,smax=umax=smax32=umax32=4096,var_off=(0x0; 0x1fff))
; if (buf->offset > ARGS_BUF_SIZE - sizeof(int)) @ buffer.h:338
2227: (69) r2 = *(u16 *)(r6 +0)       ; R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff)) R6=map_value(map=event_data_map,ks=4,vs=32528,off=32146)
2228: (25) if r2 > 0x7cfc goto pc-1537        ; R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=31996,var_off=(0x0; 0x7fff))
; bpf_probe_read(&(buf->args[buf->offset]), sizeof(int), &sz); @ buffer.h:341
2229: (bf) r1 = r7                    ; R1_w=map_value(map=event_data_map,ks=4,vs=32528,off=145) R7=map_value(map=event_data_map,ks=4,vs=32528,off=145)
2230: (0f) r1 += r2                   ; R1_w=map_value(map=event_data_map,ks=4,vs=32528,off=145,smin=smin32=0,smax=umax=smax32=umax32=31996,var_off=(0x0; 0x7fff)) R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=31996,var_off=(0x0; 0x7fff))
2231: (bf) r3 = r10                   ; R3_w=fp0 R10=fp0
2232: (07) r3 += -76                  ; R3_w=fp-76
2233: (b7) r2 = 4                     ; R2_w=4
2234: (85) call bpf_probe_read#4      ; R0=scalar()
; buf->offset += sz + sizeof(int); @ buffer.h:342
2235: (69) r1 = *(u16 *)(r6 +0)       ; R1_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff)) R6=map_value(map=event_data_map,ks=4,vs=32528,off=32146)
2236: (61) r2 = *(u32 *)(r10 -76)     ; R2_w=scalar(smin=0,smax=umax=0xffffffff,var_off=(0x0; 0xffffffff)) R10=fp0 fp-80=mmmm????
2237: (0f) r2 += r1                   ; R1_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff)) R2_w=scalar(smin=0,smax=umax=0x10000fffe,var_off=(0x0; 0x1ffffffff))
2238: (07) r2 += 4                    ; R2_w=scalar(smin=umin=4,smax=umax=0x100010002,var_off=(0x0; 0x1ffffffff))
2239: (6b) *(u16 *)(r6 +0) = r2       ; R2_w=scalar(smin=umin=4,smax=umax=0x100010002,var_off=(0x0; 0x1ffffffff)) R6=map_value(map=event_data_map,ks=4,vs=32528,off=32146)
2240: (b7) r1 = 0                     ; R1_w=0
; const char *argp = NULL; @ buffer.h:326
2241: (7b) *(u64 *)(r10 -72) = r1     ; R1_w=0 R10=fp0 fp-72_w=0
; bpf_probe_read(&argp, sizeof(argp), &ptr[i]); @ buffer.h:327
2242: (79) r3 = *(u64 *)(r10 -128)    ; R3_w=scalar(id=69) R10=fp0 fp-128=scalar(id=69)
2243: (07) r3 += 240                  ; R3_w=scalar(id=69+240)
2244: (bf) r1 = r10                   ; R1_w=fp0 R10=fp0
2245: (07) r1 += -72                  ; R1_w=fp-72
2246: (b7) r2 = 8                     ; R2_w=8
2247: (85) call bpf_probe_read#4      ; R0_w=scalar() fp-72_w=mmmmmmmm
2248: (b7) r9 = 30                    ; R9_w=30
; if (!argp) @ buffer.h:328
2249: (79) r3 = *(u64 *)(r10 -72)     ; R3_w=scalar() R10=fp0 fp-72_w=mmmmmmmm
2250: (15) if r3 == 0x0 goto pc-1559          ; R3_w=scalar(umin=1)
; if (buf->offset > ARGS_BUF_SIZE - MAX_STRING_SIZE - sizeof(int)) @ buffer.h:331
2251: (69) r2 = *(u16 *)(r6 +0)       ; R2=scalar(smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff)) R6=map_value(map=event_data_map,ks=4,vs=32528,off=32146)
2252: (25) if r2 > 0x6cfc goto pc-1561        ; R2=scalar(smin=smin32=0,smax=umax=smax32=umax32=27900,var_off=(0x0; 0x7fff))
; int sz = bpf_probe_read_str(&(buf->args[buf->offset + sizeof(int)]), MAX_STRING_SIZE, argp); @ buffer.h:336
2253: (07) r2 += 4                    ; R2_w=scalar(smin=umin=smin32=umin32=4,smax=umax=smax32=umax32=27904,var_off=(0x0; 0x7fff))
2254: (57) r2 &= 65535                ; R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=27904,var_off=(0x0; 0x7fff))
2255: (bf) r1 = r7                    ; R1_w=map_value(map=event_data_map,ks=4,vs=32528,off=145) R7=map_value(map=event_data_map,ks=4,vs=32528,off=145)
2256: (0f) r1 += r2                   ; R1_w=map_value(map=event_data_map,ks=4,vs=32528,off=145,smin=smin32=0,smax=umax=smax32=umax32=27904,var_off=(0x0; 0x7fff)) R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=27904,var_off=(0x0; 0x7fff))
2257: (b7) r2 = 4096                  ; R2_w=4096
2258: (85) call bpf_probe_read_str#45         ; R0_w=scalar(smin=smin32=-4095,smax=smax32=4096)
2259: (63) *(u32 *)(r10 -76) = r0     ; R0_w=scalar(smin=smin32=-4095,smax=smax32=4096) R10=fp0 fp-80=mmmm????
2260: (67) r0 <<= 32                  ; R0_w=scalar(smax=0x100000000000,umax=0xffffffff00000000,smin32=0,smax32=umax32=0,var_off=(0x0; 0xffffffff00000000))
2261: (c7) r0 s>>= 32                 ; R0=scalar(smin=0xffffffff80000000,smax=smax32=4096)
; if (sz > 0) { @ buffer.h:337
2262: (c5) if r0 s< 0x1 goto pc-1571          ; R0=scalar(smin=umin=smin32=umin32=1,smax=umax=smax32=umax32=4096,var_off=(0x0; 0x1fff))
; if (buf->offset > ARGS_BUF_SIZE - sizeof(int)) @ buffer.h:338
2263: (69) r2 = *(u16 *)(r6 +0)       ; R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff)) R6=map_value(map=event_data_map,ks=4,vs=32528,off=32146)
2264: (25) if r2 > 0x7cfc goto pc-1573        ; R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=31996,var_off=(0x0; 0x7fff))
; bpf_probe_read(&(buf->args[buf->offset]), sizeof(int), &sz); @ buffer.h:341
2265: (bf) r1 = r7                    ; R1_w=map_value(map=event_data_map,ks=4,vs=32528,off=145) R7=map_value(map=event_data_map,ks=4,vs=32528,off=145)
2266: (0f) r1 += r2                   ; R1_w=map_value(map=event_data_map,ks=4,vs=32528,off=145,smin=smin32=0,smax=umax=smax32=umax32=31996,var_off=(0x0; 0x7fff)) R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=31996,var_off=(0x0; 0x7fff))
2267: (bf) r3 = r10                   ; R3_w=fp0 R10=fp0
2268: (07) r3 += -76                  ; R3_w=fp-76
2269: (b7) r2 = 4                     ; R2_w=4
2270: (85) call bpf_probe_read#4      ; R0=scalar()
; buf->offset += sz + sizeof(int); @ buffer.h:342
2271: (69) r1 = *(u16 *)(r6 +0)       ; R1_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff)) R6=map_value(map=event_data_map,ks=4,vs=32528,off=32146)
2272: (61) r2 = *(u32 *)(r10 -76)     ; R2_w=scalar(smin=0,smax=umax=0xffffffff,var_off=(0x0; 0xffffffff)) R10=fp0 fp-80=mmmm????
2273: (0f) r2 += r1                   ; R1_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff)) R2_w=scalar(smin=0,smax=umax=0x10000fffe,var_off=(0x0; 0x1ffffffff))
2274: (07) r2 += 4                    ; R2_w=scalar(smin=umin=4,smax=umax=0x100010002,var_off=(0x0; 0x1ffffffff))
2275: (6b) *(u16 *)(r6 +0) = r2       ; R2_w=scalar(smin=umin=4,smax=umax=0x100010002,var_off=(0x0; 0x1ffffffff)) R6=map_value(map=event_data_map,ks=4,vs=32528,off=32146)
2276: (b7) r1 = 0                     ; R1_w=0
; const char *argp = NULL; @ buffer.h:326
2277: (7b) *(u64 *)(r10 -72) = r1     ; R1_w=0 R10=fp0 fp-72_w=0
; bpf_probe_read(&argp, sizeof(argp), &ptr[i]); @ buffer.h:327
2278: (79) r3 = *(u64 *)(r10 -128)    ; R3_w=scalar(id=69) R10=fp0 fp-128=scalar(id=69)
2279: (07) r3 += 248                  ; R3_w=scalar(id=69+248)
2280: (bf) r1 = r10                   ; R1_w=fp0 R10=fp0
2281: (07) r1 += -72                  ; R1_w=fp-72
2282: (b7) r2 = 8                     ; R2_w=8
2283: (85) call bpf_probe_read#4      ; R0_w=scalar() fp-72_w=mmmmmmmm
2284: (b7) r9 = 31                    ; R9_w=31
; if (!argp) @ buffer.h:328
2285: (79) r3 = *(u64 *)(r10 -72)     ; R3_w=scalar() R10=fp0 fp-72_w=mmmmmmmm
2286: (15) if r3 == 0x0 goto pc-1595          ; R3_w=scalar(umin=1)
; if (buf->offset > ARGS_BUF_SIZE - MAX_STRING_SIZE - sizeof(int)) @ buffer.h:331
2287: (69) r2 = *(u16 *)(r6 +0)       ; R2=scalar(smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff)) R6=map_value(map=event_data_map,ks=4,vs=32528,off=32146)
2288: (25) if r2 > 0x6cfc goto pc-1597        ; R2=scalar(smin=smin32=0,smax=umax=smax32=umax32=27900,var_off=(0x0; 0x7fff))
; int sz = bpf_probe_read_str(&(buf->args[buf->offset + sizeof(int)]), MAX_STRING_SIZE, argp); @ buffer.h:336
2289: (07) r2 += 4                    ; R2_w=scalar(smin=umin=smin32=umin32=4,smax=umax=smax32=umax32=27904,var_off=(0x0; 0x7fff))
2290: (57) r2 &= 65535                ; R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=27904,var_off=(0x0; 0x7fff))
2291: (bf) r1 = r7                    ; R1_w=map_value(map=event_data_map,ks=4,vs=32528,off=145) R7=map_value(map=event_data_map,ks=4,vs=32528,off=145)
2292: (0f) r1 += r2                   ; R1_w=map_value(map=event_data_map,ks=4,vs=32528,off=145,smin=smin32=0,smax=umax=smax32=umax32=27904,var_off=(0x0; 0x7fff)) R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=27904,var_off=(0x0; 0x7fff))
2293: (b7) r2 = 4096                  ; R2_w=4096
2294: (85) call bpf_probe_read_str#45         ; R0_w=scalar(smin=smin32=-4095,smax=smax32=4096)
2295: (63) *(u32 *)(r10 -76) = r0     ; R0_w=scalar(smin=smin32=-4095,smax=smax32=4096) R10=fp0 fp-80=mmmm????
2296: (67) r0 <<= 32                  ; R0_w=scalar(smax=0x100000000000,umax=0xffffffff00000000,smin32=0,smax32=umax32=0,var_off=(0x0; 0xffffffff00000000))
2297: (c7) r0 s>>= 32                 ; R0=scalar(smin=0xffffffff80000000,smax=smax32=4096)
; if (sz > 0) { @ buffer.h:337
2298: (c5) if r0 s< 0x1 goto pc-1607          ; R0=scalar(smin=umin=smin32=umin32=1,smax=umax=smax32=umax32=4096,var_off=(0x0; 0x1fff))
; if (buf->offset > ARGS_BUF_SIZE - sizeof(int)) @ buffer.h:338
2299: (69) r2 = *(u16 *)(r6 +0)       ; R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff)) R6=map_value(map=event_data_map,ks=4,vs=32528,off=32146)
2300: (25) if r2 > 0x7cfc goto pc-1609        ; R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=31996,var_off=(0x0; 0x7fff))
; bpf_probe_read(&(buf->args[buf->offset]), sizeof(int), &sz); @ buffer.h:341
2301: (bf) r1 = r7                    ; R1_w=map_value(map=event_data_map,ks=4,vs=32528,off=145) R7=map_value(map=event_data_map,ks=4,vs=32528,off=145)
2302: (0f) r1 += r2                   ; R1_w=map_value(map=event_data_map,ks=4,vs=32528,off=145,smin=smin32=0,smax=umax=smax32=umax32=31996,var_off=(0x0; 0x7fff)) R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=31996,var_off=(0x0; 0x7fff))
2303: (bf) r3 = r10                   ; R3_w=fp0 R10=fp0
2304: (07) r3 += -76                  ; R3_w=fp-76
2305: (b7) r2 = 4                     ; R2_w=4
2306: (85) call bpf_probe_read#4      ; R0=scalar()
; buf->offset += sz + sizeof(int); @ buffer.h:342
2307: (69) r1 = *(u16 *)(r6 +0)       ; R1_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff)) R6=map_value(map=event_data_map,ks=4,vs=32528,off=32146)
2308: (61) r2 = *(u32 *)(r10 -76)     ; R2_w=scalar(smin=0,smax=umax=0xffffffff,var_off=(0x0; 0xffffffff)) R10=fp0 fp-80=mmmm????
2309: (0f) r2 += r1                   ; R1_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff)) R2_w=scalar(smin=0,smax=umax=0x10000fffe,var_off=(0x0; 0x1ffffffff))
2310: (07) r2 += 4                    ; R2_w=scalar(smin=umin=4,smax=umax=0x100010002,var_off=(0x0; 0x1ffffffff))
2311: (6b) *(u16 *)(r6 +0) = r2       ; R2_w=scalar(smin=umin=4,smax=umax=0x100010002,var_off=(0x0; 0x1ffffffff)) R6=map_value(map=event_data_map,ks=4,vs=32528,off=32146)
2312: (b7) r1 = 0                     ; R1_w=0
; const char *argp = NULL; @ buffer.h:326
2313: (7b) *(u64 *)(r10 -72) = r1     ; R1_w=0 R10=fp0 fp-72_w=0
; bpf_probe_read(&argp, sizeof(argp), &ptr[i]); @ buffer.h:327
2314: (79) r3 = *(u64 *)(r10 -128)    ; R3_w=scalar(id=69) R10=fp0 fp-128=scalar(id=69)
2315: (07) r3 += 256                  ; R3_w=scalar(id=69+256)
2316: (bf) r1 = r10                   ; R1_w=fp0 R10=fp0
2317: (07) r1 += -72                  ; R1_w=fp-72
2318: (b7) r2 = 8                     ; R2_w=8
2319: (85) call bpf_probe_read#4      ; R0_w=scalar() fp-72_w=mmmmmmmm
2320: (b7) r9 = 32                    ; R9_w=32
; if (!argp) @ buffer.h:328
2321: (79) r3 = *(u64 *)(r10 -72)     ; R3_w=scalar() R10=fp0 fp-72_w=mmmmmmmm
2322: (15) if r3 == 0x0 goto pc-1631          ; R3_w=scalar(umin=1)
; if (buf->offset > ARGS_BUF_SIZE - MAX_STRING_SIZE - sizeof(int)) @ buffer.h:331
2323: (69) r2 = *(u16 *)(r6 +0)       ; R2=scalar(smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff)) R6=map_value(map=event_data_map,ks=4,vs=32528,off=32146)
2324: (25) if r2 > 0x6cfc goto pc-1633        ; R2=scalar(smin=smin32=0,smax=umax=smax32=umax32=27900,var_off=(0x0; 0x7fff))
; int sz = bpf_probe_read_str(&(buf->args[buf->offset + sizeof(int)]), MAX_STRING_SIZE, argp); @ buffer.h:336
2325: (07) r2 += 4                    ; R2_w=scalar(smin=umin=smin32=umin32=4,smax=umax=smax32=umax32=27904,var_off=(0x0; 0x7fff))
2326: (57) r2 &= 65535                ; R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=27904,var_off=(0x0; 0x7fff))
2327: (bf) r1 = r7                    ; R1_w=map_value(map=event_data_map,ks=4,vs=32528,off=145) R7=map_value(map=event_data_map,ks=4,vs=32528,off=145)
2328: (0f) r1 += r2                   ; R1_w=map_value(map=event_data_map,ks=4,vs=32528,off=145,smin=smin32=0,smax=umax=smax32=umax32=27904,var_off=(0x0; 0x7fff)) R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=27904,var_off=(0x0; 0x7fff))
2329: (b7) r2 = 4096                  ; R2_w=4096
2330: (85) call bpf_probe_read_str#45         ; R0_w=scalar(smin=smin32=-4095,smax=smax32=4096)
2331: (63) *(u32 *)(r10 -76) = r0     ; R0_w=scalar(smin=smin32=-4095,smax=smax32=4096) R10=fp0 fp-80=mmmm????
2332: (67) r0 <<= 32                  ; R0_w=scalar(smax=0x100000000000,umax=0xffffffff00000000,smin32=0,smax32=umax32=0,var_off=(0x0; 0xffffffff00000000))
2333: (c7) r0 s>>= 32                 ; R0=scalar(smin=0xffffffff80000000,smax=smax32=4096)
; if (sz > 0) { @ buffer.h:337
2334: (c5) if r0 s< 0x1 goto pc-1643          ; R0=scalar(smin=umin=smin32=umin32=1,smax=umax=smax32=umax32=4096,var_off=(0x0; 0x1fff))
; if (buf->offset > ARGS_BUF_SIZE - sizeof(int)) @ buffer.h:338
2335: (69) r2 = *(u16 *)(r6 +0)       ; R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff)) R6=map_value(map=event_data_map,ks=4,vs=32528,off=32146)
2336: (25) if r2 > 0x7cfc goto pc-1645        ; R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=31996,var_off=(0x0; 0x7fff))
; bpf_probe_read(&(buf->args[buf->offset]), sizeof(int), &sz); @ buffer.h:341
2337: (bf) r1 = r7                    ; R1_w=map_value(map=event_data_map,ks=4,vs=32528,off=145) R7=map_value(map=event_data_map,ks=4,vs=32528,off=145)
2338: (0f) r1 += r2                   ; R1_w=map_value(map=event_data_map,ks=4,vs=32528,off=145,smin=smin32=0,smax=umax=smax32=umax32=31996,var_off=(0x0; 0x7fff)) R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=31996,var_off=(0x0; 0x7fff))
2339: (bf) r3 = r10                   ; R3_w=fp0 R10=fp0
2340: (07) r3 += -76                  ; R3_w=fp-76
2341: (b7) r2 = 4                     ; R2_w=4
2342: (85) call bpf_probe_read#4      ; R0=scalar()
; buf->offset += sz + sizeof(int); @ buffer.h:342
2343: (69) r1 = *(u16 *)(r6 +0)       ; R1_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff)) R6=map_value(map=event_data_map,ks=4,vs=32528,off=32146)
2344: (61) r2 = *(u32 *)(r10 -76)     ; R2_w=scalar(smin=0,smax=umax=0xffffffff,var_off=(0x0; 0xffffffff)) R10=fp0 fp-80=mmmm????
2345: (0f) r2 += r1                   ; R1_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff)) R2_w=scalar(smin=0,smax=umax=0x10000fffe,var_off=(0x0; 0x1ffffffff))
2346: (07) r2 += 4                    ; R2_w=scalar(smin=umin=4,smax=umax=0x100010002,var_off=(0x0; 0x1ffffffff))
2347: (6b) *(u16 *)(r6 +0) = r2       ; R2_w=scalar(smin=umin=4,smax=umax=0x100010002,var_off=(0x0; 0x1ffffffff)) R6=map_value(map=event_data_map,ks=4,vs=32528,off=32146)
2348: (b7) r1 = 0                     ; R1_w=0
; const char *argp = NULL; @ buffer.h:326
2349: (7b) *(u64 *)(r10 -72) = r1     ; R1_w=0 R10=fp0 fp-72_w=0
; bpf_probe_read(&argp, sizeof(argp), &ptr[i]); @ buffer.h:327
2350: (79) r3 = *(u64 *)(r10 -128)    ; R3_w=scalar(id=69) R10=fp0 fp-128=scalar(id=69)
2351: (07) r3 += 264                  ; R3_w=scalar(id=69+264)
2352: (bf) r1 = r10                   ; R1_w=fp0 R10=fp0
2353: (07) r1 += -72                  ; R1_w=fp-72
2354: (b7) r2 = 8                     ; R2_w=8
2355: (85) call bpf_probe_read#4      ; R0_w=scalar() fp-72_w=mmmmmmmm
2356: (b7) r9 = 33                    ; R9_w=33
; if (!argp) @ buffer.h:328
2357: (79) r3 = *(u64 *)(r10 -72)     ; R3_w=scalar() R10=fp0 fp-72_w=mmmmmmmm
2358: (15) if r3 == 0x0 goto pc-1667          ; R3_w=scalar(umin=1)
; if (buf->offset > ARGS_BUF_SIZE - MAX_STRING_SIZE - sizeof(int)) @ buffer.h:331
2359: (69) r2 = *(u16 *)(r6 +0)       ; R2=scalar(smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff)) R6=map_value(map=event_data_map,ks=4,vs=32528,off=32146)
2360: (25) if r2 > 0x6cfc goto pc-1669        ; R2=scalar(smin=smin32=0,smax=umax=smax32=umax32=27900,var_off=(0x0; 0x7fff))
; int sz = bpf_probe_read_str(&(buf->args[buf->offset + sizeof(int)]), MAX_STRING_SIZE, argp); @ buffer.h:336
2361: (07) r2 += 4                    ; R2_w=scalar(smin=umin=smin32=umin32=4,smax=umax=smax32=umax32=27904,var_off=(0x0; 0x7fff))
2362: (57) r2 &= 65535                ; R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=27904,var_off=(0x0; 0x7fff))
2363: (bf) r1 = r7                    ; R1_w=map_value(map=event_data_map,ks=4,vs=32528,off=145) R7=map_value(map=event_data_map,ks=4,vs=32528,off=145)
2364: (0f) r1 += r2                   ; R1_w=map_value(map=event_data_map,ks=4,vs=32528,off=145,smin=smin32=0,smax=umax=smax32=umax32=27904,var_off=(0x0; 0x7fff)) R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=27904,var_off=(0x0; 0x7fff))
2365: (b7) r2 = 4096                  ; R2_w=4096
2366: (85) call bpf_probe_read_str#45         ; R0_w=scalar(smin=smin32=-4095,smax=smax32=4096)
2367: (63) *(u32 *)(r10 -76) = r0     ; R0_w=scalar(smin=smin32=-4095,smax=smax32=4096) R10=fp0 fp-80=mmmm????
2368: (67) r0 <<= 32                  ; R0_w=scalar(smax=0x100000000000,umax=0xffffffff00000000,smin32=0,smax32=umax32=0,var_off=(0x0; 0xffffffff00000000))
2369: (c7) r0 s>>= 32                 ; R0=scalar(smin=0xffffffff80000000,smax=smax32=4096)
; if (sz > 0) { @ buffer.h:337
2370: (c5) if r0 s< 0x1 goto pc-1679          ; R0=scalar(smin=umin=smin32=umin32=1,smax=umax=smax32=umax32=4096,var_off=(0x0; 0x1fff))
; if (buf->offset > ARGS_BUF_SIZE - sizeof(int)) @ buffer.h:338
2371: (69) r2 = *(u16 *)(r6 +0)       ; R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff)) R6=map_value(map=event_data_map,ks=4,vs=32528,off=32146)
2372: (25) if r2 > 0x7cfc goto pc-1681        ; R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=31996,var_off=(0x0; 0x7fff))
; bpf_probe_read(&(buf->args[buf->offset]), sizeof(int), &sz); @ buffer.h:341
2373: (bf) r1 = r7                    ; R1_w=map_value(map=event_data_map,ks=4,vs=32528,off=145) R7=map_value(map=event_data_map,ks=4,vs=32528,off=145)
2374: (0f) r1 += r2                   ; R1_w=map_value(map=event_data_map,ks=4,vs=32528,off=145,smin=smin32=0,smax=umax=smax32=umax32=31996,var_off=(0x0; 0x7fff)) R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=31996,var_off=(0x0; 0x7fff))
2375: (bf) r3 = r10                   ; R3_w=fp0 R10=fp0
2376: (07) r3 += -76                  ; R3_w=fp-76
2377: (b7) r2 = 4                     ; R2_w=4
2378: (85) call bpf_probe_read#4      ; R0=scalar()
; buf->offset += sz + sizeof(int); @ buffer.h:342
2379: (69) r1 = *(u16 *)(r6 +0)       ; R1_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff)) R6=map_value(map=event_data_map,ks=4,vs=32528,off=32146)
2380: (61) r2 = *(u32 *)(r10 -76)     ; R2_w=scalar(smin=0,smax=umax=0xffffffff,var_off=(0x0; 0xffffffff)) R10=fp0 fp-80=mmmm????
2381: (0f) r2 += r1                   ; R1_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff)) R2_w=scalar(smin=0,smax=umax=0x10000fffe,var_off=(0x0; 0x1ffffffff))
2382: (07) r2 += 4                    ; R2_w=scalar(smin=umin=4,smax=umax=0x100010002,var_off=(0x0; 0x1ffffffff))
2383: (6b) *(u16 *)(r6 +0) = r2       ; R2_w=scalar(smin=umin=4,smax=umax=0x100010002,var_off=(0x0; 0x1ffffffff)) R6=map_value(map=event_data_map,ks=4,vs=32528,off=32146)
2384: (b7) r1 = 0                     ; R1_w=0
; const char *argp = NULL; @ buffer.h:326
2385: (7b) *(u64 *)(r10 -72) = r1     ; R1_w=0 R10=fp0 fp-72_w=0
; bpf_probe_read(&argp, sizeof(argp), &ptr[i]); @ buffer.h:327
2386: (79) r3 = *(u64 *)(r10 -128)    ; R3_w=scalar(id=69) R10=fp0 fp-128=scalar(id=69)
2387: (07) r3 += 272                  ; R3_w=scalar(id=69+272)
2388: (bf) r1 = r10                   ; R1_w=fp0 R10=fp0
2389: (07) r1 += -72                  ; R1_w=fp-72
2390: (b7) r2 = 8                     ; R2_w=8
2391: (85) call bpf_probe_read#4      ; R0_w=scalar() fp-72_w=mmmmmmmm
2392: (b7) r9 = 34                    ; R9_w=34
; if (!argp) @ buffer.h:328
2393: (79) r3 = *(u64 *)(r10 -72)     ; R3_w=scalar() R10=fp0 fp-72_w=mmmmmmmm
2394: (15) if r3 == 0x0 goto pc-1703          ; R3_w=scalar(umin=1)
; if (buf->offset > ARGS_BUF_SIZE - MAX_STRING_SIZE - sizeof(int)) @ buffer.h:331
2395: (69) r2 = *(u16 *)(r6 +0)       ; R2=scalar(smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff)) R6=map_value(map=event_data_map,ks=4,vs=32528,off=32146)
2396: (25) if r2 > 0x6cfc goto pc-1705        ; R2=scalar(smin=smin32=0,smax=umax=smax32=umax32=27900,var_off=(0x0; 0x7fff))
; int sz = bpf_probe_read_str(&(buf->args[buf->offset + sizeof(int)]), MAX_STRING_SIZE, argp); @ buffer.h:336
2397: (07) r2 += 4                    ; R2_w=scalar(smin=umin=smin32=umin32=4,smax=umax=smax32=umax32=27904,var_off=(0x0; 0x7fff))
2398: (57) r2 &= 65535                ; R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=27904,var_off=(0x0; 0x7fff))
2399: (bf) r1 = r7                    ; R1_w=map_value(map=event_data_map,ks=4,vs=32528,off=145) R7=map_value(map=event_data_map,ks=4,vs=32528,off=145)
2400: (0f) r1 += r2                   ; R1_w=map_value(map=event_data_map,ks=4,vs=32528,off=145,smin=smin32=0,smax=umax=smax32=umax32=27904,var_off=(0x0; 0x7fff)) R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=27904,var_off=(0x0; 0x7fff))
2401: (b7) r2 = 4096                  ; R2_w=4096
2402: (85) call bpf_probe_read_str#45         ; R0_w=scalar(smin=smin32=-4095,smax=smax32=4096)
2403: (63) *(u32 *)(r10 -76) = r0     ; R0_w=scalar(smin=smin32=-4095,smax=smax32=4096) R10=fp0 fp-80=mmmm????
2404: (67) r0 <<= 32                  ; R0_w=scalar(smax=0x100000000000,umax=0xffffffff00000000,smin32=0,smax32=umax32=0,var_off=(0x0; 0xffffffff00000000))
2405: (c7) r0 s>>= 32                 ; R0=scalar(smin=0xffffffff80000000,smax=smax32=4096)
; if (sz > 0) { @ buffer.h:337
2406: (c5) if r0 s< 0x1 goto pc-1715          ; R0=scalar(smin=umin=smin32=umin32=1,smax=umax=smax32=umax32=4096,var_off=(0x0; 0x1fff))
; if (buf->offset > ARGS_BUF_SIZE - sizeof(int)) @ buffer.h:338
2407: (69) r2 = *(u16 *)(r6 +0)       ; R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff)) R6=map_value(map=event_data_map,ks=4,vs=32528,off=32146)
2408: (25) if r2 > 0x7cfc goto pc-1717        ; R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=31996,var_off=(0x0; 0x7fff))
; bpf_probe_read(&(buf->args[buf->offset]), sizeof(int), &sz); @ buffer.h:341
2409: (bf) r1 = r7                    ; R1_w=map_value(map=event_data_map,ks=4,vs=32528,off=145) R7=map_value(map=event_data_map,ks=4,vs=32528,off=145)
2410: (0f) r1 += r2                   ; R1_w=map_value(map=event_data_map,ks=4,vs=32528,off=145,smin=smin32=0,smax=umax=smax32=umax32=31996,var_off=(0x0; 0x7fff)) R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=31996,var_off=(0x0; 0x7fff))
2411: (bf) r3 = r10                   ; R3_w=fp0 R10=fp0
2412: (07) r3 += -76                  ; R3_w=fp-76
2413: (b7) r2 = 4                     ; R2_w=4
2414: (85) call bpf_probe_read#4      ; R0=scalar()
; buf->offset += sz + sizeof(int); @ buffer.h:342
2415: (69) r1 = *(u16 *)(r6 +0)       ; R1_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff)) R6=map_value(map=event_data_map,ks=4,vs=32528,off=32146)
2416: (61) r2 = *(u32 *)(r10 -76)     ; R2_w=scalar(smin=0,smax=umax=0xffffffff,var_off=(0x0; 0xffffffff)) R10=fp0 fp-80=mmmm????
2417: (0f) r2 += r1                   ; R1_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff)) R2_w=scalar(smin=0,smax=umax=0x10000fffe,var_off=(0x0; 0x1ffffffff))
2418: (07) r2 += 4                    ; R2_w=scalar(smin=umin=4,smax=umax=0x100010002,var_off=(0x0; 0x1ffffffff))
2419: (6b) *(u16 *)(r6 +0) = r2       ; R2_w=scalar(smin=umin=4,smax=umax=0x100010002,var_off=(0x0; 0x1ffffffff)) R6=map_value(map=event_data_map,ks=4,vs=32528,off=32146)
2420: (b7) r1 = 0                     ; R1_w=0
; const char *argp = NULL; @ buffer.h:326
2421: (7b) *(u64 *)(r10 -72) = r1     ; R1_w=0 R10=fp0 fp-72_w=0
; bpf_probe_read(&argp, sizeof(argp), &ptr[i]); @ buffer.h:327
2422: (79) r3 = *(u64 *)(r10 -128)    ; R3_w=scalar(id=69) R10=fp0 fp-128=scalar(id=69)
2423: (07) r3 += 280                  ; R3_w=scalar(id=69+280)
2424: (bf) r1 = r10                   ; R1_w=fp0 R10=fp0
2425: (07) r1 += -72                  ; R1_w=fp-72
2426: (b7) r2 = 8                     ; R2_w=8
2427: (85) call bpf_probe_read#4      ; R0_w=scalar() fp-72_w=mmmmmmmm
2428: (b7) r9 = 35                    ; R9_w=35
; if (!argp) @ buffer.h:328
2429: (79) r3 = *(u64 *)(r10 -72)     ; R3_w=scalar() R10=fp0 fp-72_w=mmmmmmmm
2430: (15) if r3 == 0x0 goto pc-1739          ; R3_w=scalar(umin=1)
; if (buf->offset > ARGS_BUF_SIZE - MAX_STRING_SIZE - sizeof(int)) @ buffer.h:331
2431: (69) r2 = *(u16 *)(r6 +0)       ; R2=scalar(smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff)) R6=map_value(map=event_data_map,ks=4,vs=32528,off=32146)
2432: (25) if r2 > 0x6cfc goto pc-1741        ; R2=scalar(smin=smin32=0,smax=umax=smax32=umax32=27900,var_off=(0x0; 0x7fff))
; int sz = bpf_probe_read_str(&(buf->args[buf->offset + sizeof(int)]), MAX_STRING_SIZE, argp); @ buffer.h:336
2433: (07) r2 += 4                    ; R2_w=scalar(smin=umin=smin32=umin32=4,smax=umax=smax32=umax32=27904,var_off=(0x0; 0x7fff))
2434: (57) r2 &= 65535                ; R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=27904,var_off=(0x0; 0x7fff))
2435: (bf) r1 = r7                    ; R1_w=map_value(map=event_data_map,ks=4,vs=32528,off=145) R7=map_value(map=event_data_map,ks=4,vs=32528,off=145)
2436: (0f) r1 += r2                   ; R1_w=map_value(map=event_data_map,ks=4,vs=32528,off=145,smin=smin32=0,smax=umax=smax32=umax32=27904,var_off=(0x0; 0x7fff)) R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=27904,var_off=(0x0; 0x7fff))
2437: (b7) r2 = 4096                  ; R2_w=4096
2438: (85) call bpf_probe_read_str#45         ; R0_w=scalar(smin=smin32=-4095,smax=smax32=4096)
2439: (63) *(u32 *)(r10 -76) = r0     ; R0_w=scalar(smin=smin32=-4095,smax=smax32=4096) R10=fp0 fp-80=mmmm????
2440: (67) r0 <<= 32                  ; R0_w=scalar(smax=0x100000000000,umax=0xffffffff00000000,smin32=0,smax32=umax32=0,var_off=(0x0; 0xffffffff00000000))
2441: (c7) r0 s>>= 32                 ; R0=scalar(smin=0xffffffff80000000,smax=smax32=4096)
; if (sz > 0) { @ buffer.h:337
2442: (c5) if r0 s< 0x1 goto pc-1751          ; R0=scalar(smin=umin=smin32=umin32=1,smax=umax=smax32=umax32=4096,var_off=(0x0; 0x1fff))
; if (buf->offset > ARGS_BUF_SIZE - sizeof(int)) @ buffer.h:338
2443: (69) r2 = *(u16 *)(r6 +0)       ; R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff)) R6=map_value(map=event_data_map,ks=4,vs=32528,off=32146)
2444: (25) if r2 > 0x7cfc goto pc-1753        ; R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=31996,var_off=(0x0; 0x7fff))
; bpf_probe_read(&(buf->args[buf->offset]), sizeof(int), &sz); @ buffer.h:341
2445: (bf) r1 = r7                    ; R1_w=map_value(map=event_data_map,ks=4,vs=32528,off=145) R7=map_value(map=event_data_map,ks=4,vs=32528,off=145)
2446: (0f) r1 += r2                   ; R1_w=map_value(map=event_data_map,ks=4,vs=32528,off=145,smin=smin32=0,smax=umax=smax32=umax32=31996,var_off=(0x0; 0x7fff)) R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=31996,var_off=(0x0; 0x7fff))
2447: (bf) r3 = r10                   ; R3_w=fp0 R10=fp0
2448: (07) r3 += -76                  ; R3_w=fp-76
2449: (b7) r2 = 4                     ; R2_w=4
2450: (85) call bpf_probe_read#4      ; R0=scalar()
; buf->offset += sz + sizeof(int); @ buffer.h:342
2451: (69) r1 = *(u16 *)(r6 +0)       ; R1_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff)) R6=map_value(map=event_data_map,ks=4,vs=32528,off=32146)
2452: (61) r2 = *(u32 *)(r10 -76)     ; R2_w=scalar(smin=0,smax=umax=0xffffffff,var_off=(0x0; 0xffffffff)) R10=fp0 fp-80=mmmm????
2453: (0f) r2 += r1                   ; R1_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff)) R2_w=scalar(smin=0,smax=umax=0x10000fffe,var_off=(0x0; 0x1ffffffff))
2454: (07) r2 += 4                    ; R2_w=scalar(smin=umin=4,smax=umax=0x100010002,var_off=(0x0; 0x1ffffffff))
2455: (6b) *(u16 *)(r6 +0) = r2       ; R2_w=scalar(smin=umin=4,smax=umax=0x100010002,var_off=(0x0; 0x1ffffffff)) R6=map_value(map=event_data_map,ks=4,vs=32528,off=32146)
2456: (b7) r1 = 0                     ; R1_w=0
; const char *argp = NULL; @ buffer.h:326
2457: (7b) *(u64 *)(r10 -72) = r1     ; R1_w=0 R10=fp0 fp-72_w=0
; bpf_probe_read(&argp, sizeof(argp), &ptr[i]); @ buffer.h:327
2458: (79) r3 = *(u64 *)(r10 -128)    ; R3_w=scalar(id=69) R10=fp0 fp-128=scalar(id=69)
2459: (07) r3 += 288                  ; R3_w=scalar(id=69+288)
2460: (bf) r1 = r10                   ; R1_w=fp0 R10=fp0
2461: (07) r1 += -72                  ; R1_w=fp-72
2462: (b7) r2 = 8                     ; R2_w=8
2463: (85) call bpf_probe_read#4      ; R0_w=scalar() fp-72_w=mmmmmmmm
2464: (b7) r9 = 36                    ; R9_w=36
; if (!argp) @ buffer.h:328
2465: (79) r3 = *(u64 *)(r10 -72)     ; R3_w=scalar() R10=fp0 fp-72_w=mmmmmmmm
2466: (15) if r3 == 0x0 goto pc-1775          ; R3_w=scalar(umin=1)
; if (buf->offset > ARGS_BUF_SIZE - MAX_STRING_SIZE - sizeof(int)) @ buffer.h:331
2467: (69) r2 = *(u16 *)(r6 +0)       ; R2=scalar(smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff)) R6=map_value(map=event_data_map,ks=4,vs=32528,off=32146)
2468: (25) if r2 > 0x6cfc goto pc-1777        ; R2=scalar(smin=smin32=0,smax=umax=smax32=umax32=27900,var_off=(0x0; 0x7fff))
; int sz = bpf_probe_read_str(&(buf->args[buf->offset + sizeof(int)]), MAX_STRING_SIZE, argp); @ buffer.h:336
2469: (07) r2 += 4                    ; R2_w=scalar(smin=umin=smin32=umin32=4,smax=umax=smax32=umax32=27904,var_off=(0x0; 0x7fff))
2470: (57) r2 &= 65535                ; R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=27904,var_off=(0x0; 0x7fff))
2471: (bf) r1 = r7                    ; R1_w=map_value(map=event_data_map,ks=4,vs=32528,off=145) R7=map_value(map=event_data_map,ks=4,vs=32528,off=145)
2472: (0f) r1 += r2                   ; R1_w=map_value(map=event_data_map,ks=4,vs=32528,off=145,smin=smin32=0,smax=umax=smax32=umax32=27904,var_off=(0x0; 0x7fff)) R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=27904,var_off=(0x0; 0x7fff))
2473: (b7) r2 = 4096                  ; R2_w=4096
2474: (85) call bpf_probe_read_str#45         ; R0_w=scalar(smin=smin32=-4095,smax=smax32=4096)
2475: (63) *(u32 *)(r10 -76) = r0     ; R0_w=scalar(smin=smin32=-4095,smax=smax32=4096) R10=fp0 fp-80=mmmm????
2476: (67) r0 <<= 32                  ; R0_w=scalar(smax=0x100000000000,umax=0xffffffff00000000,smin32=0,smax32=umax32=0,var_off=(0x0; 0xffffffff00000000))
2477: (c7) r0 s>>= 32                 ; R0=scalar(smin=0xffffffff80000000,smax=smax32=4096)
; if (sz > 0) { @ buffer.h:337
2478: (c5) if r0 s< 0x1 goto pc-1787          ; R0=scalar(smin=umin=smin32=umin32=1,smax=umax=smax32=umax32=4096,var_off=(0x0; 0x1fff))
; if (buf->offset > ARGS_BUF_SIZE - sizeof(int)) @ buffer.h:338
2479: (69) r2 = *(u16 *)(r6 +0)       ; R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff)) R6=map_value(map=event_data_map,ks=4,vs=32528,off=32146)
2480: (25) if r2 > 0x7cfc goto pc-1789        ; R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=31996,var_off=(0x0; 0x7fff))
; bpf_probe_read(&(buf->args[buf->offset]), sizeof(int), &sz); @ buffer.h:341
2481: (bf) r1 = r7                    ; R1_w=map_value(map=event_data_map,ks=4,vs=32528,off=145) R7=map_value(map=event_data_map,ks=4,vs=32528,off=145)
2482: (0f) r1 += r2                   ; R1_w=map_value(map=event_data_map,ks=4,vs=32528,off=145,smin=smin32=0,smax=umax=smax32=umax32=31996,var_off=(0x0; 0x7fff)) R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=31996,var_off=(0x0; 0x7fff))
2483: (bf) r3 = r10                   ; R3_w=fp0 R10=fp0
2484: (07) r3 += -76                  ; R3_w=fp-76
2485: (b7) r2 = 4                     ; R2_w=4
2486: (85) call bpf_probe_read#4      ; R0=scalar()
; buf->offset += sz + sizeof(int); @ buffer.h:342
2487: (69) r1 = *(u16 *)(r6 +0)       ; R1_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff)) R6=map_value(map=event_data_map,ks=4,vs=32528,off=32146)
2488: (61) r2 = *(u32 *)(r10 -76)     ; R2_w=scalar(smin=0,smax=umax=0xffffffff,var_off=(0x0; 0xffffffff)) R10=fp0 fp-80=mmmm????
2489: (0f) r2 += r1                   ; R1_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff)) R2_w=scalar(smin=0,smax=umax=0x10000fffe,var_off=(0x0; 0x1ffffffff))
2490: (07) r2 += 4                    ; R2_w=scalar(smin=umin=4,smax=umax=0x100010002,var_off=(0x0; 0x1ffffffff))
2491: (6b) *(u16 *)(r6 +0) = r2       ; R2_w=scalar(smin=umin=4,smax=umax=0x100010002,var_off=(0x0; 0x1ffffffff)) R6=map_value(map=event_data_map,ks=4,vs=32528,off=32146)
2492: (b7) r1 = 0                     ; R1_w=0
; const char *argp = NULL; @ buffer.h:326
2493: (7b) *(u64 *)(r10 -72) = r1     ; R1_w=0 R10=fp0 fp-72_w=0
2494: (79) r3 = *(u64 *)(r10 -128)    ; R3_w=scalar(id=69) R10=fp0 fp-128=scalar(id=69)
; bpf_probe_read(&argp, sizeof(argp), &ptr[i]); @ buffer.h:327
2495: (07) r3 += 296                  ; R3_w=scalar(id=69+296)
2496: (bf) r1 = r10                   ; R1_w=fp0 R10=fp0
2497: (07) r1 += -72                  ; R1_w=fp-72
2498: (b7) r2 = 8                     ; R2_w=8
2499: (85) call bpf_probe_read#4      ; R0_w=scalar() fp-72_w=mmmmmmmm
2500: (b7) r9 = 37                    ; R9_w=37
; if (!argp) @ buffer.h:328
2501: (79) r3 = *(u64 *)(r10 -72)     ; R3_w=scalar() R10=fp0 fp-72_w=mmmmmmmm
2502: (15) if r3 == 0x0 goto pc-1811          ; R3_w=scalar(umin=1)
; if (buf->offset > ARGS_BUF_SIZE - MAX_STRING_SIZE - sizeof(int)) @ buffer.h:331
2503: (69) r2 = *(u16 *)(r6 +0)       ; R2=scalar(smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff)) R6=map_value(map=event_data_map,ks=4,vs=32528,off=32146)
2504: (25) if r2 > 0x6cfc goto pc-1813        ; R2=scalar(smin=smin32=0,smax=umax=smax32=umax32=27900,var_off=(0x0; 0x7fff))
; int sz = bpf_probe_read_str(&(buf->args[buf->offset + sizeof(int)]), MAX_STRING_SIZE, argp); @ buffer.h:336
2505: (07) r2 += 4                    ; R2_w=scalar(smin=umin=smin32=umin32=4,smax=umax=smax32=umax32=27904,var_off=(0x0; 0x7fff))
2506: (57) r2 &= 65535                ; R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=27904,var_off=(0x0; 0x7fff))
2507: (bf) r1 = r7                    ; R1_w=map_value(map=event_data_map,ks=4,vs=32528,off=145) R7=map_value(map=event_data_map,ks=4,vs=32528,off=145)
2508: (0f) r1 += r2                   ; R1_w=map_value(map=event_data_map,ks=4,vs=32528,off=145,smin=smin32=0,smax=umax=smax32=umax32=27904,var_off=(0x0; 0x7fff)) R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=27904,var_off=(0x0; 0x7fff))
2509: (b7) r2 = 4096                  ; R2_w=4096
2510: (85) call bpf_probe_read_str#45         ; R0_w=scalar(smin=smin32=-4095,smax=smax32=4096)
2511: (63) *(u32 *)(r10 -76) = r0     ; R0_w=scalar(smin=smin32=-4095,smax=smax32=4096) R10=fp0 fp-80=mmmm????
2512: (67) r0 <<= 32                  ; R0_w=scalar(smax=0x100000000000,umax=0xffffffff00000000,smin32=0,smax32=umax32=0,var_off=(0x0; 0xffffffff00000000))
2513: (c7) r0 s>>= 32                 ; R0=scalar(smin=0xffffffff80000000,smax=smax32=4096)
; if (sz > 0) { @ buffer.h:337
2514: (c5) if r0 s< 0x1 goto pc-1823          ; R0=scalar(smin=umin=smin32=umin32=1,smax=umax=smax32=umax32=4096,var_off=(0x0; 0x1fff))
; if (buf->offset > ARGS_BUF_SIZE - sizeof(int)) @ buffer.h:338
2515: (69) r2 = *(u16 *)(r6 +0)       ; R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff)) R6=map_value(map=event_data_map,ks=4,vs=32528,off=32146)
2516: (25) if r2 > 0x7cfc goto pc-1825        ; R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=31996,var_off=(0x0; 0x7fff))
; bpf_probe_read(&(buf->args[buf->offset]), sizeof(int), &sz); @ buffer.h:341
2517: (bf) r1 = r7                    ; R1_w=map_value(map=event_data_map,ks=4,vs=32528,off=145) R7=map_value(map=event_data_map,ks=4,vs=32528,off=145)
2518: (0f) r1 += r2                   ; R1_w=map_value(map=event_data_map,ks=4,vs=32528,off=145,smin=smin32=0,smax=umax=smax32=umax32=31996,var_off=(0x0; 0x7fff)) R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=31996,var_off=(0x0; 0x7fff))
2519: (bf) r3 = r10                   ; R3_w=fp0 R10=fp0
2520: (07) r3 += -76                  ; R3_w=fp-76
2521: (b7) r2 = 4                     ; R2_w=4
2522: (85) call bpf_probe_read#4      ; R0=scalar()
; buf->offset += sz + sizeof(int); @ buffer.h:342
2523: (69) r1 = *(u16 *)(r6 +0)       ; R1_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff)) R6=map_value(map=event_data_map,ks=4,vs=32528,off=32146)
2524: (61) r2 = *(u32 *)(r10 -76)     ; R2_w=scalar(smin=0,smax=umax=0xffffffff,var_off=(0x0; 0xffffffff)) R10=fp0 fp-80=mmmm????
2525: (0f) r2 += r1                   ; R1_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff)) R2_w=scalar(smin=0,smax=umax=0x10000fffe,var_off=(0x0; 0x1ffffffff))
2526: (07) r2 += 4                    ; R2_w=scalar(smin=umin=4,smax=umax=0x100010002,var_off=(0x0; 0x1ffffffff))
2527: (6b) *(u16 *)(r6 +0) = r2       ; R2_w=scalar(smin=umin=4,smax=umax=0x100010002,var_off=(0x0; 0x1ffffffff)) R6=map_value(map=event_data_map,ks=4,vs=32528,off=32146)
2528: (b7) r1 = 3026478               ; R1_w=0x2e2e2e
; char ellipsis[] = "..."; @ buffer.h:350
2529: (63) *(u32 *)(r10 -80) = r1     ; R1_w=0x2e2e2e R10=fp0 fp-80=mmmm0x2e2e2e
2530: (b7) r9 = 38                    ; R9_w=38
; buf->offset += sz + sizeof(int); @ buffer.h:342
2531: (bf) r1 = r2                    ; R1_w=scalar(id=70,smin=umin=4,smax=umax=0x100010002,var_off=(0x0; 0x1ffffffff)) R2_w=scalar(id=70,smin=umin=4,smax=umax=0x100010002,var_off=(0x0; 0x1ffffffff))
2532: (57) r1 &= 65535                ; R1_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff))
2533: (79) r5 = *(u64 *)(r10 -104)    ; R5_w=map_value(map=event_data_map,ks=4,vs=32528) R10=fp0 fp-104=map_value(map=event_data_map,ks=4,vs=32528)
; if (buf->offset > ARGS_BUF_SIZE - MAX_STRING_SIZE - sizeof(int)) @ buffer.h:351
2534: (25) if r1 > 0x6cfc goto pc-1842        ; R1_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=27900,var_off=(0x0; 0x7fff))
; int sz = bpf_probe_read_str(&(buf->args[buf->offset + sizeof(int)]), MAX_STRING_SIZE, ellipsis); @ buffer.h:356
2535: (07) r2 += 4                    ; R2_w=scalar(id=70+4,smin=umin=8,smax=umax=0x100010006,var_off=(0x0; 0x1ffffffff))
2536: (57) r2 &= 65535                ; R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff))
2537: (bf) r1 = r7                    ; R1_w=map_value(map=event_data_map,ks=4,vs=32528,off=145) R7=map_value(map=event_data_map,ks=4,vs=32528,off=145)
2538: (0f) r1 += r2                   ; R1_w=map_value(map=event_data_map,ks=4,vs=32528,off=145,smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff)) R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff))
2539: (bf) r3 = r10                   ; R3_w=fp0 R10=fp0
2540: (07) r3 += -80                  ; R3_w=fp-80
2541: (b7) r2 = 4096                  ; R2_w=4096
2542: (85) call bpf_probe_read_str#45
invalid access to map value, value_size=32528 off=65680 size=4096
R1 max value is outside of the allowed memory range
processed 2037 insns (limit 1000000) max_states_per_insn 0 total_states 155 peak_states 155 mark_read 115
-- END PROG LOAD LOG --
{"level":"warn","ts":1741194515.6936848,"msg":"libbpf: prog 'syscall__execve_enter': failed to load: -13"}
{"level":"warn","ts":1741194515.6939566,"msg":"libbpf: failed to load object ''"}
{"level":"fatal","ts":1741194515.6948407,"msg":"App","error":"cmd.Runner.Run: error initializing Tracee: ebpf.(*Tracee).Init: ebpf.(*Tracee).initBPF: failed to load BPF object: permission denied"}
[I] mrzleo@arch ~/tracee ((v0.23.0)) [1]> go version
go version go1.24.0 linux/amd64
[I] mrzleo@arch ~/tracee ((v0.23.0))> uname -a
Linux arch 6.12.17-1-lts #1 SMP PREEMPT_DYNAMIC Thu, 27 Feb 2025 14:12:30 +0000 x86_64 GNU/Linux
[I] mrzleo@arch ~/tracee ((v0.23.0))> fastfetch
                  -`                     mrzleo@arch
                 .o+`                    -----------
                `ooo/                    OS: Arch Linux x86_64
               `+oooo:                   Host: MS-7D42 (1.0)
              `+oooooo:                  Kernel: Linux 6.12.17-1-lts
              -+oooooo+:                 Uptime: 1 day, 4 hours, 10 mins
            `/:-:++oooo+:                Packages: 2013 (pacman), 6 (flatpak)
           `/++++/+++++++:               Shell: fish 4.0.0-455-g44d5abdc0
          `/++++++++++++++:              Display (SSN-24): 1920x1080 @ 75 Hz in 24" [External]
         `/+++ooooooooooooo/`            DE: GNOME 47.5
        ./ooosssso++osssssso+`           WM: Mutter (Wayland)
       .oossssso-````/ossssss+`          WM Theme: Adwaita
      -osssssso.      :ssssssso.         Theme: Adwaita [GTK2/3/4]
     :osssssss/        osssso+++.        Icons: Adwaita [GTK2/3/4]
    /ossssssss/        +ssssooo/-        Font: SF Pro Display (11pt) [GTK2/3/4]
  `/ossssso+/:-        -:/+osssso+-      Cursor: Adwaita (24px)
 `+sso+:-`                 `.-/+oso:     Terminal: tmux 3.5a
`++:.                           `-/+/    CPU: 13th Gen Intel(R) Core(TM) i7-13700 (24) @ 5.20 GHz
.`                                 `/    GPU: Intel UHD Graphics 770 @ 1.60 GHz [Integrated]
                                         Memory: 5.12 GiB / 62.58 GiB (8%)
                                         Swap: Disabled
                                         Disk (/): 1.46 TiB / 1.82 TiB (80%) - btrfs
                                         Local IP (enp4s0): 192.168.26.33/20
                                         Locale: en_US.UTF-8



[N] mrzleo@arch ~/tracee ((v0.23.0))>

rscampos · 2025-03-05T14:55:41Z

rscampos
Mar 5, 2025
Maintainer

Hello @MrZLeo, thanks for reporting this... we're happy to help you.

Could you share the output of uname -a pls?

I've tried in my env and I was not able to reproduce the issue yet:

% lsb_release -a
No LSB modules are available.
Distributor ID: Ubuntu
Description:    Ubuntu 24.04.1 LTS
Release:        24.04
Codename:       noble

% uname -a
Linux ip-172-31-5-124 6.12.1-061201-generic #202411221622 SMP PREEMPT_DYNAMIC Wed Nov 27 04:16:22 UTC 2024 x86_64 x86_64 x86_64 GNU/Linux

Please run ./dist/tracee -e execve at terminal 1 and run ls at terminal 2, you should see this output:

sudo ./dist/tracee -e execve
TIME             UID    COMM             PID     TID     RET              EVENT                     ARGS
14:53:29:536779  1000   bash             1450    1450    0                execve                    pathname: /usr/bin/ls, argv: [ls --color=auto], envp: 0x0

7 replies

MrZLeo Mar 5, 2025
Author

Hi @rscampos , I am using upstream linux 6.12.1 kernel, which I compiled myself. I can reproduce this problem in archlinux as well, you can try to use newest archlinux virtual machine.

I quickly looked the ebpf source code and found that Tracee use raw_tracepoint of execve syscall, which don't exist in original kernel as far as I know (only sys_enter and sys_exit raw tracepoint exist).

Maybe this is a breaking change in trace subsystem of kernel?

MrZLeo Mar 5, 2025
Author

My full log:

[I] mrzleo@arch ~/tracee ((v0.23.0))> sudo .//dist/tracee -e execve
{"level":"warn","ts":1741187266.0288892,"msg":"libbpf: prog 'syscall__execve_enter': BPF program load failed: Permission denied"}
libbpf: prog 'syscall__execve_enter': -- BEGIN PROG LOAD LOG --
arg#0 reference type('UNKNOWN ') size cannot be determined: -22
0: R1=ctx() R10=fp0
; int syscall__execve_enter(void *ctx) @ tracee.bpf.c:366
0: (bf) r7 = r1                       ; R1=ctx() R7_w=ctx()
1: (b7) r8 = 0                        ; R8_w=0
; u32 zero = 0; @ context.h:213
2: (63) *(u32 *)(r10 -72) = r8        ; R8_w=0 R10=fp0 fp-72=????0
3: (bf) r2 = r10                      ; R2_w=fp0 R10=fp0
4: (07) r2 += -72                     ; R2_w=fp-72
; p->event = bpf_map_lookup_elem(&event_data_map, &zero); @ context.h:217
5: (18) r1 = 0xffff9ccdaa3f6600       ; R1_w=map_ptr(map=event_data_map,ks=4,vs=32528)
7: (85) call bpf_map_lookup_elem#1    ; R0_w=map_value_or_null(id=1,map=event_data_map,ks=4,vs=32528)
8: (7b) *(u64 *)(r10 -96) = r0        ; R0_w=map_value_or_null(id=1,map=event_data_map,ks=4,vs=32528) R10=fp0 fp-96_w=map_value_or_null(id=1,map=event_data_map,ks=4,vs=32528)
; if (unlikely(p->event == NULL)) @ context.h:218
9: (15) if r0 == 0x0 goto pc+23       ; R0_w=map_value(map=event_data_map,ks=4,vs=32528)
10: (bf) r2 = r10                     ; R2_w=fp0 R10=fp0
11: (07) r2 += -72                    ; R2_w=fp-72
; p->config = bpf_map_lookup_elem(&config_map, &zero); @ context.h:221
12: (18) r1 = 0xffff9cc6855ad400      ; R1_w=map_ptr(map=config_map,ks=4,vs=256)
14: (85) call bpf_map_lookup_elem#1   ; R0=map_value_or_null(id=2,map=config_map,ks=4,vs=256)
15: (7b) *(u64 *)(r10 -120) = r0      ; R0=map_value_or_null(id=2,map=config_map,ks=4,vs=256) R10=fp0 fp-120_w=map_value_or_null(id=2,map=config_map,ks=4,vs=256)
; if (unlikely(p->config == NULL)) @ context.h:222
16: (15) if r0 == 0x0 goto pc+16      ; R0=map_value(map=config_map,ks=4,vs=256)
; p->task_info = bpf_map_lookup_elem(&task_info_map, &p->event->context.task.host_tid); @ context.h:225
17: (79) r6 = *(u64 *)(r10 -96)       ; R6_w=map_value(map=event_data_map,ks=4,vs=32528) R10=fp0 fp-96=map_value(map=event_data_map,ks=4,vs=32528)
18: (07) r6 += 40                     ; R6_w=map_value(map=event_data_map,ks=4,vs=32528,off=40)
19: (18) r1 = 0xffff9cc6855a8400      ; R1_w=map_ptr(map=task_info_map,ks=4,vs=200)
21: (bf) r2 = r6                      ; R2_w=map_value(map=event_data_map,ks=4,vs=32528,off=40) R6_w=map_value(map=event_data_map,ks=4,vs=32528,off=40)
22: (85) call bpf_map_lookup_elem#1   ; R0_w=map_value_or_null(id=3,map=task_info_map,ks=4,vs=200)
23: (7b) *(u64 *)(r10 -112) = r0      ; R0=map_value_or_null(id=3,map=task_info_map,ks=4,vs=200) R10=fp0 fp-112=map_value_or_null(id=3,map=task_info_map,ks=4,vs=200)
; if (unlikely(p->task_info == NULL)) { @ context.h:226
24: (15) if r0 == 0x0 goto pc+8       ; R0=map_value(map=task_info_map,ks=4,vs=200)
; p->proc_info = bpf_map_lookup_elem(&proc_info_map, &p->event->context.task.host_pid); @ context.h:230
25: (79) r9 = *(u64 *)(r10 -96)       ; R9_w=map_value(map=event_data_map,ks=4,vs=32528) R10=fp0 fp-96=map_value(map=event_data_map,ks=4,vs=32528)
26: (07) r9 += 36                     ; R9_w=map_value(map=event_data_map,ks=4,vs=32528,off=36)
27: (18) r1 = 0xffff9cc6855ab800      ; R1_w=map_ptr(map=proc_info_map,ks=4,vs=368)
29: (bf) r2 = r9                      ; R2_w=map_value(map=event_data_map,ks=4,vs=32528,off=36) R9_w=map_value(map=event_data_map,ks=4,vs=32528,off=36)
30: (85) call bpf_map_lookup_elem#1   ; R0_w=map_value_or_null(id=4,map=proc_info_map,ks=4,vs=368)
31: (7b) *(u64 *)(r10 -128) = r0      ; R0_w=map_value_or_null(id=4,map=proc_info_map,ks=4,vs=368) R10=fp0 fp-128_w=map_value_or_null(id=4,map=proc_info_map,ks=4,vs=368)
32: (55) if r0 != 0x0 goto pc+1 34: R0_w=map_value(map=proc_info_map,ks=4,vs=368) R6=map_value(map=event_data_map,ks=4,vs=32528,off=40) R7=ctx() R8=0 R9_w=map_value(map=event_data_map,ks=4,vs=32528,off=36) R10=fp0 fp-72=????mmmm fp-96=map_value(map=event_data_map,ks=4,vs=32528) fp-112=map_value(map=task_info_map,ks=4,vs=200) fp-120=map_value(map=config_map,ks=4,vs=256) fp-128_w=map_value(map=proc_info_map,ks=4,vs=368)
; if (event_config == NULL) @ context.h:256
34: (18) r8 = 0xffffffff              ; R8_w=0xffffffff
; if (!p.task_info->syscall_traced) @ tracee.bpf.c:372
36: (79) r1 = *(u64 *)(r10 -112)      ; R1_w=map_value(map=task_info_map,ks=4,vs=200) R10=fp0 fp-112=map_value(map=task_info_map,ks=4,vs=200)
37: (71) r1 = *(u8 *)(r1 +176)        ; R1_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=255,var_off=(0x0; 0xff))
38: (55) if r1 != 0x1 goto pc+1097    ; R1_w=1
39: (79) r4 = *(u64 *)(r10 -96)       ; R4_w=map_value(map=event_data_map,ks=4,vs=32528) R10=fp0 fp-96=map_value(map=event_data_map,ks=4,vs=32528)
; p.event->context.ts = sys->ts; @ tracee.bpf.c:375
40: (79) r1 = *(u64 *)(r10 -112)      ; R1_w=map_value(map=task_info_map,ks=4,vs=200) R10=fp0 fp-112=map_value(map=task_info_map,ks=4,vs=200)
41: (79) r2 = *(u64 *)(r1 +160)       ; R1_w=map_value(map=task_info_map,ks=4,vs=200) R2_w=scalar()
42: (b7) r1 = -1                      ; R1_w=-1
; __builtin_memset(event->args_buf.args_offset, 0xFF, sizeof(event->args_buf.args_offset)); @ context.h:245
43: (b7) r3 = -1                      ; R3_w=-1
44: (77) r3 >>= 32                    ; R3_w=0xffffffff
45: (63) *(u32 *)(r4 +32152) = r3     ; R3_w=0xffffffff R4_w=map_value(map=event_data_map,ks=4,vs=32528)
46: (63) *(u32 *)(r4 +32160) = r3     ; R3_w=0xffffffff R4_w=map_value(map=event_data_map,ks=4,vs=32528)
47: (63) *(u32 *)(r4 +32168) = r3     ; R3_w=0xffffffff R4_w=map_value(map=event_data_map,ks=4,vs=32528)
48: (63) *(u32 *)(r4 +32176) = r3     ; R3_w=0xffffffff R4_w=map_value(map=event_data_map,ks=4,vs=32528)
49: (63) *(u32 *)(r4 +32184) = r3     ; R3_w=0xffffffff R4_w=map_value(map=event_data_map,ks=4,vs=32528)
50: (63) *(u32 *)(r4 +32192) = r3     ; R3_w=0xffffffff R4_w=map_value(map=event_data_map,ks=4,vs=32528)
51: (63) *(u32 *)(r4 +32200) = r3     ; R3_w=0xffffffff R4_w=map_value(map=event_data_map,ks=4,vs=32528)
52: (63) *(u32 *)(r4 +32208) = r3     ; R3_w=0xffffffff R4_w=map_value(map=event_data_map,ks=4,vs=32528)
; p.event->context.ts = sys->ts; @ tracee.bpf.c:375
53: (7b) *(u64 *)(r4 +0) = r2         ; R2_w=scalar() R4_w=map_value(map=event_data_map,ks=4,vs=32528)
54: (b7) r8 = 0                       ; R8_w=0
; event->args_buf.offset = 0; @ context.h:241
55: (6b) *(u16 *)(r4 +32146) = r8     ; R4_w=map_value(map=event_data_map,ks=4,vs=32528) R8_w=0
; event->args_buf.argnum = 0; @ context.h:242
56: (73) *(u8 *)(r4 +144) = r8        ; R4_w=map_value(map=event_data_map,ks=4,vs=32528) R8_w=0
; __builtin_memset(event->args_buf.args_offset, 0xFF, sizeof(event->args_buf.args_offset)); @ context.h:245
57: (63) *(u32 *)(r4 +32148) = r1     ; R1_w=-1 R4_w=map_value(map=event_data_map,ks=4,vs=32528)
58: (63) *(u32 *)(r4 +32156) = r1     ; R1_w=-1 R4_w=map_value(map=event_data_map,ks=4,vs=32528)
59: (63) *(u32 *)(r4 +32164) = r1     ; R1_w=-1 R4_w=map_value(map=event_data_map,ks=4,vs=32528)
60: (63) *(u32 *)(r4 +32172) = r1     ; R1_w=-1 R4_w=map_value(map=event_data_map,ks=4,vs=32528)
61: (63) *(u32 *)(r4 +32180) = r1     ; R1_w=-1 R4_w=map_value(map=event_data_map,ks=4,vs=32528)
62: (63) *(u32 *)(r4 +32188) = r1     ; R1_w=-1 R4_w=map_value(map=event_data_map,ks=4,vs=32528)
63: (63) *(u32 *)(r4 +32196) = r1     ; R1_w=-1 R4_w=map_value(map=event_data_map,ks=4,vs=32528)
64: (63) *(u32 *)(r4 +32204) = r1     ; R1_w=-1 R4_w=map_value(map=event_data_map,ks=4,vs=32528)
; event->config.submit_for_policies = ~0ULL; @ context.h:253
65: (7b) *(u64 *)(r4 +32224) = r1     ; R1_w=-1 R4_w=map_value(map=event_data_map,ks=4,vs=32528)
66: (b7) r1 = 59                      ; R1_w=59
; event->context.eventid = event_id; @ context.h:251
67: (63) *(u32 *)(r4 +112) = r1       ; R1_w=59 R4_w=map_value(map=event_data_map,ks=4,vs=32528)
68: (7b) *(u64 *)(r10 -104) = r4      ; R4_w=map_value(map=event_data_map,ks=4,vs=32528) R10=fp0 fp-104_w=map_value(map=event_data_map,ks=4,vs=32528)
; event_config_t *event_config = get_event_config(event_id, event->context.policies_version); @ context.h:255
69: (69) r2 = *(u16 *)(r4 +134)       ; R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff)) R4_w=map_value(map=event_data_map,ks=4,vs=32528)
70: (63) *(u32 *)(r10 -72) = r1       ; R1_w=59 R10=fp0 fp-72=????59
71: (6b) *(u16 *)(r10 -76) = r2       ; R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff)) R10=fp0 fp-80=??mm????
72: (bf) r2 = r10                     ; R2_w=fp0 R10=fp0
73: (07) r2 += -76                    ; R2_w=fp-76
; void *inner_events_map = bpf_map_lookup_elem(&events_map_version, &policies_version); @ context.h:105
74: (18) r1 = 0xffff9cc773175c00      ; R1_w=map_ptr(map=events_map_vers,ks=2,vs=4)
76: (85) call bpf_map_lookup_elem#1   ; R0=map_value_or_null(id=5,map=events_map_vers,ks=2,vs=4)
; if (inner_events_map == NULL) @ context.h:106
77: (55) if r0 != 0x0 goto pc+1 79: R0=map_ptr(ks=4,vs=64) R6=map_value(map=event_data_map,ks=4,vs=32528,off=40) R7=ctx() R8=0 R9=map_value(map=event_data_map,ks=4,vs=32528,off=36) R10=fp0 fp-72=????59 fp-80=??mm???? fp-96=map_value(map=event_data_map,ks=4,vs=32528) fp-104=map_value(map=event_data_map,ks=4,vs=32528) fp-112=map_value(map=task_info_map,ks=4,vs=200) fp-120=map_value(map=config_map,ks=4,vs=256) fp-128=map_value(map=proc_info_map,ks=4,vs=368)
; if (event_config == NULL) @ context.h:256
79: (bf) r2 = r10                     ; R2_w=fp0 R10=fp0
80: (07) r2 += -72                    ; R2_w=fp-72
; return bpf_map_lookup_elem(inner_events_map, &event_id); @ context.h:109
81: (bf) r1 = r0                      ; R0=map_ptr(ks=4,vs=64) R1_w=map_ptr(ks=4,vs=64)
82: (85) call bpf_map_lookup_elem#1   ; R0=map_value_or_null(id=6,ks=4,vs=64)
83: (79) r5 = *(u64 *)(r10 -104)      ; R5_w=map_value(map=event_data_map,ks=4,vs=32528) R10=fp0 fp-104=map_value(map=event_data_map,ks=4,vs=32528)
; if (event_config == NULL) @ context.h:256
84: (15) if r0 == 0x0 goto pc+1051    ; R0=map_value(ks=4,vs=64)
; event->config.field_types = event_config->field_types; @ context.h:259
85: (79) r1 = *(u64 *)(r0 +8)         ; R0=map_value(ks=4,vs=64) R1_w=scalar()
86: (7b) *(u64 *)(r5 +32232) = r1     ; R1_w=scalar() R5_w=map_value(map=event_data_map,ks=4,vs=32528)
; event->config.submit_for_policies = event_config->submit_for_policies; @ context.h:260
87: (79) r1 = *(u64 *)(r0 +0)         ; R0=map_value(ks=4,vs=64) R1_w=scalar()
; event->context.matched_policies = event_config->submit_for_policies; @ context.h:261
88: (7b) *(u64 *)(r5 +136) = r1       ; R1_w=scalar() R5_w=map_value(map=event_data_map,ks=4,vs=32528)
; event->config.submit_for_policies = event_config->submit_for_policies; @ context.h:260
89: (7b) *(u64 *)(r5 +32224) = r1     ; R1_w=scalar() R5_w=map_value(map=event_data_map,ks=4,vs=32528)
; if (p->config->tracee_pid == context->host_pid) @ filtering.h:190
90: (61) r3 = *(u32 *)(r5 +36)        ; R3_w=scalar(smin=0,smax=umax=0xffffffff,var_off=(0x0; 0xffffffff)) R5_w=map_value(map=event_data_map,ks=4,vs=32528)
91: (79) r2 = *(u64 *)(r10 -120)      ; R2_w=map_value(map=config_map,ks=4,vs=256) R10=fp0 fp-120=map_value(map=config_map,ks=4,vs=256)
92: (61) r4 = *(u32 *)(r2 +0)         ; R2_w=map_value(map=config_map,ks=4,vs=256) R4_w=scalar(smin=0,smax=umax=0xffffffff,var_off=(0x0; 0xffffffff))
93: (b7) r2 = 0                       ; R2_w=0
94: (7b) *(u64 *)(r10 -152) = r7      ; R7=ctx() R10=fp0 fp-152_w=ctx()
95: (1d) if r4 == r3 goto pc+546      ; R3_w=scalar(smin=0,smax=umax=0xffffffff,var_off=(0x0; 0xffffffff)) R4_w=scalar(smin=0,smax=umax=0xffffffff,var_off=(0x0; 0xffffffff))
96: (b7) r4 = -1                      ; R4_w=-1
; if (policies_cfg->cont_filter_enabled) { @ filtering.h:201
97: (79) r1 = *(u64 *)(r5 +32344)     ; R1=scalar() R5=map_value(map=event_data_map,ks=4,vs=32528)
98: (15) if r1 == 0x0 goto pc+16      ; R1=scalar(umin=1)
; u8 state = p->task_info->container_state; @ filtering.h:203
99: (79) r2 = *(u64 *)(r10 -112)      ; R2_w=map_value(map=task_info_map,ks=4,vs=200) R10=fp0 fp-112=map_value(map=task_info_map,ks=4,vs=200)
100: (71) r3 = *(u8 *)(r2 +177)       ; R2_w=map_value(map=task_info_map,ks=4,vs=200) R3_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=255,var_off=(0x0; 0xff))
101: (57) r3 &= 255                   ; R3_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=255,var_off=(0x0; 0xff))
102: (b7) r2 = 1                      ; R2_w=1
103: (b7) r4 = 1                      ; R4_w=1
104: (15) if r3 == 0x1 goto pc+1      ; R3_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=255,var_off=(0x0; 0xff))
105: (b7) r4 = 0                      ; R4=0
; if (state == CONTAINER_STARTED || state == CONTAINER_EXISTED) @ filtering.h:204
106: (15) if r3 == 0x3 goto pc+1      ; R3=scalar(smin=smin32=0,smax=umax=smax32=umax32=255,var_off=(0x0; 0xff))
107: (b7) r2 = 0                      ; R2_w=0
108: (4f) r2 |= r4                    ; R2_w=0 R4=0
; return match_bitmap ^ (bool_value ? ~0ULL : 0); @ filtering.h:182
109: (57) r2 &= 1                     ; R2_w=0
110: (87) r2 = -r2                    ; R2_w=scalar()
; u64 match_bitmap = policies_cfg->cont_filter_match_if_key_missing; @ filtering.h:206
111: (79) r4 = *(u64 *)(r5 +32448)    ; R4_w=scalar() R5=map_value(map=event_data_map,ks=4,vs=32528)
; return match_bitmap ^ (bool_value ? ~0ULL : 0); @ filtering.h:182
112: (af) r4 ^= r2                    ; R2_w=scalar() R4_w=scalar()
; u64 mask = ~policies_cfg->cont_filter_enabled; @ filtering.h:207
113: (a7) r1 ^= -1                    ; R1_w=scalar()
; res &= bool_filter_matches(match_bitmap, is_container) | mask; @ filtering.h:210
114: (4f) r4 |= r1                    ; R1_w=scalar() R4_w=scalar()
; if (policies_cfg->new_cont_filter_enabled) { @ filtering.h:213
115: (79) r1 = *(u64 *)(r5 +32352)    ; R1_w=scalar() R5=map_value(map=event_data_map,ks=4,vs=32528)
116: (15) if r1 == 0x0 goto pc+11     ; R1_w=scalar(umin=1)
; if (p->task_info->container_state == CONTAINER_STARTED) @ filtering.h:215
117: (79) r2 = *(u64 *)(r10 -112)     ; R2_w=map_value(map=task_info_map,ks=4,vs=200) R10=fp0 fp-112=map_value(map=task_info_map,ks=4,vs=200)
118: (71) r3 = *(u8 *)(r2 +177)       ; R2_w=map_value(map=task_info_map,ks=4,vs=200) R3_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=255,var_off=(0x0; 0xff))
119: (b7) r2 = -1                     ; R2=-1
; return match_bitmap ^ (bool_value ? ~0ULL : 0); @ filtering.h:182
120: (15) if r3 == 0x3 goto pc+1      ; R3=scalar(smin=smin32=0,smax=umax=smax32=umax32=255,var_off=(0x0; 0xff))
121: (b7) r2 = 0                      ; R2_w=0
; u64 match_bitmap = policies_cfg->new_cont_filter_match_if_key_missing; @ filtering.h:217
122: (79) r3 = *(u64 *)(r5 +32456)    ; R3_w=scalar() R5=map_value(map=event_data_map,ks=4,vs=32528)
; return match_bitmap ^ (bool_value ? ~0ULL : 0); @ filtering.h:182
123: (af) r3 ^= r2                    ; R2_w=0 R3_w=scalar()
; u64 mask = ~policies_cfg->new_cont_filter_enabled; @ filtering.h:218
124: (a7) r1 ^= -1                    ; R1_w=scalar()
; res &= bool_filter_matches(match_bitmap, is_new_container) | mask; @ filtering.h:220
125: (4f) r3 |= r1                    ; R1_w=scalar() R3_w=scalar()
126: (5f) r3 &= r4                    ; R3_w=scalar() R4=scalar()
127: (bf) r4 = r3                     ; R3_w=scalar(id=7) R4_w=scalar(id=7)
; if (policies_cfg->new_pid_filter_enabled) { @ filtering.h:223
128: (79) r1 = *(u64 *)(r5 +32360)    ; R1_w=scalar() R5=map_value(map=event_data_map,ks=4,vs=32528)
129: (15) if r1 == 0x0 goto pc+9      ; R1_w=scalar(umin=1)
; u64 match_bitmap = policies_cfg->new_pid_filter_match_if_key_missing; @ filtering.h:224
130: (79) r2 = *(u64 *)(r5 +32464)    ; R2_w=scalar() R5=map_value(map=event_data_map,ks=4,vs=32528)
; res &= bool_filter_matches(match_bitmap, proc_info->new_proc) | mask; @ filtering.h:227
131: (79) r3 = *(u64 *)(r10 -128)     ; R3_w=map_value(map=proc_info_map,ks=4,vs=368) R10=fp0 fp-128=map_value(map=proc_info_map,ks=4,vs=368)
132: (71) r3 = *(u8 *)(r3 +0)         ; R3_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=255,var_off=(0x0; 0xff))
; return match_bitmap ^ (bool_value ? ~0ULL : 0); @ filtering.h:182
133: (87) r3 = -r3                    ; R3_w=scalar()
134: (af) r2 ^= r3                    ; R2_w=scalar() R3_w=scalar()
; u64 mask = ~policies_cfg->new_pid_filter_enabled; @ filtering.h:225
135: (a7) r1 ^= -1                    ; R1_w=scalar()
; res &= bool_filter_matches(match_bitmap, proc_info->new_proc) | mask; @ filtering.h:227
136: (4f) r2 |= r1                    ; R1_w=scalar() R2_w=scalar()
137: (5f) r2 &= r4                    ; R2_w=scalar() R4_w=scalar(id=7)
138: (bf) r4 = r2                     ; R2=scalar(id=8) R4=scalar(id=8)
; u16 version = p->event->context.policies_version; @ filtering.h:234
139: (69) r1 = *(u16 *)(r5 +134)      ; R1_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff)) R5=map_value(map=event_data_map,ks=4,vs=32528)
; if (policies_cfg->pid_filter_enabled) { @ filtering.h:237
140: (7b) *(u64 *)(r10 -144) = r1     ; R1_w=scalar(id=9,smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff)) R10=fp0 fp-144_w=scalar(id=9,smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff))
141: (79) r1 = *(u64 *)(r5 +32296)    ; R1_w=scalar() R5=map_value(map=event_data_map,ks=4,vs=32528)
142: (15) if r1 == 0x0 goto pc+84     ; R1_w=scalar(umin=1)
143: (7b) *(u64 *)(r10 -184) = r1     ; R1_w=scalar(id=10,umin=1) R10=fp0 fp-184_w=scalar(id=10,umin=1)
144: (7b) *(u64 *)(r10 -136) = r4     ; R4=scalar(id=8) R10=fp0 fp-136_w=scalar(id=8)
; u64 min = policies_cfg->pid_min; @ filtering.h:241
145: (79) r1 = *(u64 *)(r5 +32520)    ; R1_w=scalar() R5=map_value(map=event_data_map,ks=4,vs=32528)
; u64 max = policies_cfg->pid_max; @ filtering.h:240
146: (7b) *(u64 *)(r10 -168) = r1     ; R1_w=scalar(id=11) R10=fp0 fp-168_w=scalar(id=11)
147: (79) r1 = *(u64 *)(r5 +32512)    ; R1_w=scalar() R5=map_value(map=event_data_map,ks=4,vs=32528)
; u64 match_if_key_missing = policies_cfg->pid_filter_match_if_key_missing; @ filtering.h:238
148: (7b) *(u64 *)(r10 -160) = r1     ; R1_w=scalar(id=12) R10=fp0 fp-160_w=scalar(id=12)
149: (79) r1 = *(u64 *)(r5 +32400)    ; R1_w=scalar() R5=map_value(map=event_data_map,ks=4,vs=32528)
150: (7b) *(u64 *)(r10 -192) = r1     ; R1_w=scalar(id=13) R10=fp0 fp-192_w=scalar(id=13)
151: (79) r1 = *(u64 *)(r10 -144)     ; R1_w=scalar(id=9,smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff)) R10=fp0 fp-144_w=scalar(id=9,smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff))
152: (6b) *(u16 *)(r10 -72) = r1      ; R1_w=scalar(id=9,smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff)) R10=fp0 fp-72=????mmscalar(id=9,smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff))
153: (bf) r2 = r10                    ; R2_w=fp0 R10=fp0
154: (07) r2 += -72                   ; R2_w=fp-72
; return bpf_map_lookup_elem(outer_map, &version); @ filtering.h:36
155: (18) r1 = 0xffff9cc69fb39000     ; R1_w=map_ptr(map=pid_filter_vers,ks=2,vs=4)
157: (85) call bpf_map_lookup_elem#1          ; R0=map_value_or_null(id=14,map=pid_filter_vers,ks=2,vs=4)
158: (79) r5 = *(u64 *)(r10 -104)     ; R5_w=map_value(map=event_data_map,ks=4,vs=32528) R10=fp0 fp-104=map_value(map=event_data_map,ks=4,vs=32528)
159: (bf) r4 = r0                     ; R0=map_value_or_null(id=14,map=pid_filter_vers,ks=2,vs=4) R4_w=map_value_or_null(id=14,map=pid_filter_vers,ks=2,vs=4)
; match_if_key_missing, filter_map, context->host_pid, max, min) | @ filtering.h:246
160: (61) r1 = *(u32 *)(r5 +36)       ; R1_w=scalar(smin=0,smax=umax=0xffffffff,var_off=(0x0; 0xffffffff)) R5_w=map_value(map=event_data_map,ks=4,vs=32528)
161: (7b) *(u64 *)(r10 -72) = r1      ; R1_w=scalar(id=15,smin=0,smax=umax=0xffffffff,var_off=(0x0; 0xffffffff)) R10=fp0 fp-72_w=scalar(id=15,smin=0,smax=umax=0xffffffff,var_off=(0x0; 0xffffffff))
162: (b7) r1 = -1                     ; R1_w=-1
163: (7b) *(u64 *)(r10 -176) = r1     ; R1_w=-1 R10=fp0 fp-176_w=-1
164: (b7) r7 = 0                      ; R7_w=0
; if (filter_map) { @ filtering.h:58
165: (15) if r4 == 0x0 goto pc+12     ; R4_w=map_ptr(ks=4,vs=16)
166: (bf) r2 = r10                    ; R2_w=fp0 R10=fp0
167: (07) r2 += -72                   ; R2_w=fp-72
; eq_t *equality = bpf_map_lookup_elem(filter_map, &value); @ filtering.h:59
168: (bf) r1 = r4                     ; R1_w=map_ptr(ks=4,vs=16) R4_w=map_ptr(ks=4,vs=16)
169: (7b) *(u64 *)(r10 -200) = r4     ; R4_w=map_ptr(ks=4,vs=16) R10=fp0 fp-200_w=map_ptr(ks=4,vs=16)
170: (85) call bpf_map_lookup_elem#1          ; R0=map_value_or_null(id=16,ks=4,vs=16)
171: (79) r4 = *(u64 *)(r10 -200)     ; R4_w=map_ptr(ks=4,vs=16) R10=fp0 fp-200=map_ptr(ks=4,vs=16)
172: (79) r5 = *(u64 *)(r10 -104)     ; R5_w=map_value(map=event_data_map,ks=4,vs=32528) R10=fp0 fp-104=map_value(map=event_data_map,ks=4,vs=32528)
; if (equality != NULL) { @ filtering.h:60
173: (15) if r0 == 0x0 goto pc+4      ; R0=map_value(ks=4,vs=16)
; equals_in_policies = equality->equals_in_policies; @ filtering.h:61
174: (79) r7 = *(u64 *)(r0 +0)        ; R0=map_value(ks=4,vs=16) R7_w=scalar()
; key_used_in_policies = equality->key_used_in_policies; @ filtering.h:62
175: (79) r1 = *(u64 *)(r0 +8)        ; R0=map_value(ks=4,vs=16) R1_w=scalar()
; return equals_in_policies | (match_if_key_missing & ~key_used_in_policies); @ filtering.h:72
176: (a7) r1 ^= -1                    ; R1_w=scalar()
177: (7b) *(u64 *)(r10 -176) = r1     ; R1_w=scalar(id=17) R10=fp0 fp-176_w=scalar(id=17)
178: (79) r3 = *(u64 *)(r10 -160)     ; R3_w=scalar(id=12) R10=fp0 fp-160=scalar(id=12)
; if ((max != FILTER_MAX_NOT_SET) && (value >= max)) @ filtering.h:66
179: (07) r3 += -1                    ; R3_w=scalar()
180: (79) r1 = *(u64 *)(r10 -72)      ; R1_w=scalar() R10=fp0 fp-72=mmmmmmmm
181: (ad) if r3 < r1 goto pc+9        ; R1_w=scalar() R3_w=scalar()
; if ((min != FILTER_MIN_NOT_SET) && (value <= min)) @ filtering.h:69
182: (79) r2 = *(u64 *)(r10 -168)     ; R2=scalar(id=11) R10=fp0 fp-168=scalar(id=11)
183: (15) if r2 == 0xffffffff goto pc+2       ; R2=scalar(id=11,umax=0xfffffffffffffffe)
184: (79) r2 = *(u64 *)(r10 -168)     ; R2_w=scalar(id=11,umax=0xfffffffffffffffe) R10=fp0 fp-168=scalar(id=11,umax=0xfffffffffffffffe)
185: (bd) if r1 <= r2 goto pc+5       ; R1=scalar(umin=1) R2_w=scalar(id=11,umax=0xfffffffffffffffe)
; return equals_in_policies | (match_if_key_missing & ~key_used_in_policies); @ filtering.h:72
186: (79) r1 = *(u64 *)(r10 -192)     ; R1_w=scalar(id=13) R10=fp0 fp-192=scalar(id=13)
187: (79) r2 = *(u64 *)(r10 -176)     ; R2_w=scalar(id=17) R10=fp0 fp-176=scalar(id=17)
188: (5f) r2 &= r1                    ; R1_w=scalar(id=13) R2_w=scalar()
189: (4f) r2 |= r7                    ; R2_w=scalar() R7=scalar()
190: (bf) r7 = r2                     ; R2=scalar(id=18) R7=scalar(id=18)
; match_if_key_missing, filter_map, context->host_tid, max, min) | @ filtering.h:248
191: (61) r1 = *(u32 *)(r6 +0)        ; R1_w=scalar(smin=0,smax=umax=0xffffffff,var_off=(0x0; 0xffffffff)) R6=map_value(map=event_data_map,ks=4,vs=32528,off=40)
192: (7b) *(u64 *)(r10 -72) = r1      ; R1_w=scalar(id=19,smin=0,smax=umax=0xffffffff,var_off=(0x0; 0xffffffff)) R10=fp0 fp-72_w=scalar(id=19,smin=0,smax=umax=0xffffffff,var_off=(0x0; 0xffffffff))
193: (b7) r6 = -1                     ; R6_w=-1
194: (b7) r1 = 0                      ; R1_w=0
; if (filter_map) { @ filtering.h:58
195: (7b) *(u64 *)(r10 -176) = r1     ; R1_w=0 R10=fp0 fp-176_w=0
196: (15) if r4 == 0x0 goto pc+12     ; R4=map_ptr(ks=4,vs=16)
197: (bf) r2 = r10                    ; R2_w=fp0 R10=fp0
198: (07) r2 += -72                   ; R2_w=fp-72
; eq_t *equality = bpf_map_lookup_elem(filter_map, &value); @ filtering.h:59
199: (bf) r1 = r4                     ; R1_w=map_ptr(ks=4,vs=16) R4=map_ptr(ks=4,vs=16)
200: (7b) *(u64 *)(r10 -160) = r3     ; R3=scalar(id=20) R10=fp0 fp-160_w=scalar(id=20)
201: (85) call bpf_map_lookup_elem#1          ; R0=map_value_or_null(id=21,ks=4,vs=16)
202: (79) r3 = *(u64 *)(r10 -160)     ; R3_w=scalar(id=20) R10=fp0 fp-160=scalar(id=20)
203: (79) r5 = *(u64 *)(r10 -104)     ; R5_w=map_value(map=event_data_map,ks=4,vs=32528) R10=fp0 fp-104=map_value(map=event_data_map,ks=4,vs=32528)
; if (equality != NULL) { @ filtering.h:60
204: (15) if r0 == 0x0 goto pc+4      ; R0=map_value(ks=4,vs=16)
; equals_in_policies = equality->equals_in_policies; @ filtering.h:61
205: (79) r1 = *(u64 *)(r0 +0)        ; R0=map_value(ks=4,vs=16) R1_w=scalar()
; key_used_in_policies = equality->key_used_in_policies; @ filtering.h:62
206: (7b) *(u64 *)(r10 -176) = r1     ; R1_w=scalar(id=22) R10=fp0 fp-176_w=scalar(id=22)
207: (79) r6 = *(u64 *)(r0 +8)        ; R0=map_value(ks=4,vs=16) R6_w=scalar()
; return equals_in_policies | (match_if_key_missing & ~key_used_in_policies); @ filtering.h:72
208: (a7) r6 ^= -1                    ; R6_w=scalar()
209: (79) r2 = *(u64 *)(r10 -184)     ; R2_w=scalar(id=10,umin=1) R10=fp0 fp-184=scalar(id=10,umin=1)
210: (a7) r2 ^= -1                    ; R2_w=scalar()
211: (79) r1 = *(u64 *)(r10 -72)      ; R1_w=scalar() R10=fp0 fp-72=mmmmmmmm
212: (79) r4 = *(u64 *)(r10 -176)     ; R4_w=scalar(id=22) R10=fp0 fp-176_w=scalar(id=22)
; if ((max != FILTER_MAX_NOT_SET) && (value >= max)) @ filtering.h:66
213: (ad) if r3 < r1 goto pc+8        ; R1_w=scalar() R3_w=scalar(id=20)
; if ((min != FILTER_MIN_NOT_SET) && (value <= min)) @ filtering.h:69
214: (79) r3 = *(u64 *)(r10 -168)     ; R3=scalar(id=11,umax=0xfffffffffffffffe) R10=fp0 fp-168=scalar(id=11,umax=0xfffffffffffffffe)
215: (15) if r3 == 0xffffffff goto pc+2       ; R3=scalar(id=11,umax=0xfffffffffffffffe)
216: (79) r3 = *(u64 *)(r10 -168)     ; R3_w=scalar(id=11,umax=0xfffffffffffffffe) R10=fp0 fp-168=scalar(id=11,umax=0xfffffffffffffffe)
217: (bd) if r1 <= r3 goto pc+4       ; R1=scalar(umin=1) R3_w=scalar(id=11,umax=0xfffffffffffffffe)
; return equals_in_policies | (match_if_key_missing & ~key_used_in_policies); @ filtering.h:72
218: (79) r1 = *(u64 *)(r10 -192)     ; R1_w=scalar(id=13) R10=fp0 fp-192=scalar(id=13)
219: (5f) r6 &= r1                    ; R1_w=scalar(id=13) R6_w=scalar()
220: (4f) r6 |= r4                    ; R4=scalar(id=22) R6_w=scalar()
221: (bf) r4 = r6                     ; R4_w=scalar(id=23) R6_w=scalar(id=23)
; match_if_key_missing, filter_map, context->host_pid, max, min) | @ filtering.h:246
222: (4f) r7 |= r2                    ; R2=scalar() R7_w=scalar()
; match_if_key_missing, filter_map, context->host_tid, max, min) | @ filtering.h:248
223: (4f) r7 |= r4                    ; R4_w=scalar(id=23) R7_w=scalar()
; res &= uint_filter_range_matches( @ filtering.h:245
224: (79) r1 = *(u64 *)(r10 -136)     ; R1_w=scalar(id=8) R10=fp0 fp-136=scalar(id=8)
225: (5f) r7 &= r1                    ; R1_w=scalar(id=8) R7_w=scalar()
226: (bf) r4 = r7                     ; R4=scalar(id=24) R7=scalar(id=24)
; if (policies_cfg->uid_filter_enabled) { @ filtering.h:252
227: (79) r1 = *(u64 *)(r5 +32288)    ; R1_w=scalar() R5=map_value(map=event_data_map,ks=4,vs=32528)
228: (15) if r1 == 0x0 goto pc+57     ; R1_w=scalar(umin=1)
229: (7b) *(u64 *)(r10 -136) = r4     ; R4=scalar(id=24) R10=fp0 fp-136_w=scalar(id=24)
; context->uid = bpf_get_current_uid_gid(); @ filtering.h:253
230: (85) call bpf_get_current_uid_gid#15     ; R0_w=scalar()
231: (79) r1 = *(u64 *)(r10 -104)     ; R1_w=map_value(map=event_data_map,ks=4,vs=32528) R10=fp0 fp-104=map_value(map=event_data_map,ks=4,vs=32528)
232: (63) *(u32 *)(r1 +48) = r0       ; R0_w=scalar() R1_w=map_value(map=event_data_map,ks=4,vs=32528)
; u64 match_if_key_missing = policies_cfg->uid_filter_match_if_key_missing; @ filtering.h:254
233: (79) r1 = *(u64 *)(r10 -104)     ; R1_w=map_value(map=event_data_map,ks=4,vs=32528) R10=fp0 fp-104=map_value(map=event_data_map,ks=4,vs=32528)
234: (79) r1 = *(u64 *)(r1 +32392)    ; R1_w=scalar()
; u64 max = policies_cfg->uid_max; @ filtering.h:256
235: (7b) *(u64 *)(r10 -184) = r1     ; R1_w=scalar(id=25) R10=fp0 fp-184_w=scalar(id=25)
236: (79) r1 = *(u64 *)(r10 -104)     ; R1_w=map_value(map=event_data_map,ks=4,vs=32528) R10=fp0 fp-104=map_value(map=event_data_map,ks=4,vs=32528)
237: (79) r6 = *(u64 *)(r1 +32496)    ; R1_w=map_value(map=event_data_map,ks=4,vs=32528) R6_w=scalar()
; u64 min = policies_cfg->uid_min; @ filtering.h:257
238: (79) r1 = *(u64 *)(r10 -104)     ; R1_w=map_value(map=event_data_map,ks=4,vs=32528) R10=fp0 fp-104=map_value(map=event_data_map,ks=4,vs=32528)
239: (79) r1 = *(u64 *)(r1 +32504)    ; R1_w=scalar()
; u64 mask = ~policies_cfg->uid_filter_enabled; @ filtering.h:255
240: (7b) *(u64 *)(r10 -168) = r1     ; R1_w=scalar(id=26) R10=fp0 fp-168_w=scalar(id=26)
241: (79) r1 = *(u64 *)(r10 -104)     ; R1_w=map_value(map=event_data_map,ks=4,vs=32528) R10=fp0 fp-104=map_value(map=event_data_map,ks=4,vs=32528)
242: (79) r1 = *(u64 *)(r1 +32288)    ; R1_w=scalar()
243: (7b) *(u64 *)(r10 -160) = r1     ; R1_w=scalar(id=27) R10=fp0 fp-160_w=scalar(id=27)
244: (79) r1 = *(u64 *)(r10 -144)     ; R1_w=scalar(id=9,smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff)) R10=fp0 fp-144=scalar(id=9,smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff))
245: (6b) *(u16 *)(r10 -72) = r1      ; R1_w=scalar(id=9,smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff)) R10=fp0 fp-72=mmmmmmscalar(id=9,smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff))
246: (bf) r2 = r10                    ; R2_w=fp0 R10=fp0
247: (07) r2 += -72                   ; R2_w=fp-72
; return bpf_map_lookup_elem(outer_map, &version); @ filtering.h:36
248: (18) r1 = 0xffff9cc69fb3ac00     ; R1_w=map_ptr(map=uid_filter_vers,ks=2,vs=4)
250: (85) call bpf_map_lookup_elem#1          ; R0=map_value_or_null(id=28,map=uid_filter_vers,ks=2,vs=4)
251: (79) r5 = *(u64 *)(r10 -104)     ; R5_w=map_value(map=event_data_map,ks=4,vs=32528) R10=fp0 fp-104=map_value(map=event_data_map,ks=4,vs=32528)
; res &= uint_filter_range_matches(match_if_key_missing, filter_map, context->uid, max, min) | @ filtering.h:260
252: (61) r1 = *(u32 *)(r5 +48)       ; R1_w=scalar(smin=0,smax=umax=0xffffffff,var_off=(0x0; 0xffffffff)) R5_w=map_value(map=event_data_map,ks=4,vs=32528)
253: (7b) *(u64 *)(r10 -72) = r1      ; R1_w=scalar(id=29,smin=0,smax=umax=0xffffffff,var_off=(0x0; 0xffffffff)) R10=fp0 fp-72_w=scalar(id=29,smin=0,smax=umax=0xffffffff,var_off=(0x0; 0xffffffff))
254: (b7) r1 = -1                     ; R1_w=-1
255: (7b) *(u64 *)(r10 -176) = r1     ; R1_w=-1 R10=fp0 fp-176_w=-1
256: (b7) r7 = 0                      ; R7_w=0
; if (filter_map) { @ filtering.h:58
257: (15) if r0 == 0x0 goto pc+10     ; R0=map_ptr(ks=4,vs=16)
258: (bf) r2 = r10                    ; R2_w=fp0 R10=fp0
259: (07) r2 += -72                   ; R2_w=fp-72
; eq_t *equality = bpf_map_lookup_elem(filter_map, &value); @ filtering.h:59
260: (bf) r1 = r0                     ; R0=map_ptr(ks=4,vs=16) R1_w=map_ptr(ks=4,vs=16)
261: (85) call bpf_map_lookup_elem#1          ; R0=map_value_or_null(id=30,ks=4,vs=16)
262: (79) r5 = *(u64 *)(r10 -104)     ; R5_w=map_value(map=event_data_map,ks=4,vs=32528) R10=fp0 fp-104=map_value(map=event_data_map,ks=4,vs=32528)
; if (equality != NULL) { @ filtering.h:60
263: (15) if r0 == 0x0 goto pc+4      ; R0=map_value(ks=4,vs=16)
; equals_in_policies = equality->equals_in_policies; @ filtering.h:61
264: (79) r7 = *(u64 *)(r0 +0)        ; R0=map_value(ks=4,vs=16) R7_w=scalar()
; key_used_in_policies = equality->key_used_in_policies; @ filtering.h:62
265: (79) r1 = *(u64 *)(r0 +8)        ; R0=map_value(ks=4,vs=16) R1_w=scalar()
; return equals_in_policies | (match_if_key_missing & ~key_used_in_policies); @ filtering.h:72
266: (a7) r1 ^= -1                    ; R1_w=scalar()
267: (7b) *(u64 *)(r10 -176) = r1     ; R1_w=scalar(id=31) R10=fp0 fp-176_w=scalar(id=31)
268: (79) r3 = *(u64 *)(r10 -160)     ; R3_w=scalar(id=27) R10=fp0 fp-160=scalar(id=27)
269: (a7) r3 ^= -1                    ; R3_w=scalar()
270: (79) r1 = *(u64 *)(r10 -72)      ; R1_w=scalar() R10=fp0 fp-72=mmmmmmmm
; if ((max != FILTER_MAX_NOT_SET) && (value >= max)) @ filtering.h:66
271: (07) r6 += -1                    ; R6_w=scalar()
272: (79) r2 = *(u64 *)(r10 -136)     ; R2_w=scalar(id=24) R10=fp0 fp-136=scalar(id=24)
273: (ad) if r6 < r1 goto pc+9        ; R1_w=scalar() R6_w=scalar()
; if ((min != FILTER_MIN_NOT_SET) && (value <= min)) @ filtering.h:69
274: (79) r4 = *(u64 *)(r10 -168)     ; R4=scalar(id=26) R10=fp0 fp-168=scalar(id=26)
275: (15) if r4 == 0xffffffff goto pc+2       ; R4=scalar(id=26,umax=0xfffffffffffffffe)
276: (79) r4 = *(u64 *)(r10 -168)     ; R4_w=scalar(id=26,umax=0xfffffffffffffffe) R10=fp0 fp-168=scalar(id=26,umax=0xfffffffffffffffe)
277: (bd) if r1 <= r4 goto pc+5       ; R1=scalar(umin=1) R4_w=scalar(id=26,umax=0xfffffffffffffffe)
; return equals_in_policies | (match_if_key_missing & ~key_used_in_policies); @ filtering.h:72
278: (79) r1 = *(u64 *)(r10 -184)     ; R1_w=scalar(id=25) R10=fp0 fp-184=scalar(id=25)
279: (79) r4 = *(u64 *)(r10 -176)     ; R4_w=scalar(id=31) R10=fp0 fp-176=scalar(id=31)
280: (5f) r4 &= r1                    ; R1_w=scalar(id=25) R4_w=scalar()
281: (4f) r4 |= r7                    ; R4_w=scalar() R7=scalar()
282: (bf) r7 = r4                     ; R4=scalar(id=32) R7=scalar(id=32)
; res &= uint_filter_range_matches(match_if_key_missing, filter_map, context->uid, max, min) | @ filtering.h:260
283: (4f) r7 |= r3                    ; R3=scalar() R7_w=scalar()
284: (5f) r7 &= r2                    ; R2=scalar(id=24) R7_w=scalar()
285: (bf) r4 = r7                     ; R4_w=scalar(id=33) R7_w=scalar(id=33)
; if (policies_cfg->mnt_ns_filter_enabled) { @ filtering.h:264
286: (79) r1 = *(u64 *)(r5 +32304)    ; R1_w=scalar() R5=map_value(map=event_data_map,ks=4,vs=32528)
287: (15) if r1 == 0x0 goto pc+56     ; R1_w=scalar(umin=1)
288: (7b) *(u64 *)(r10 -136) = r4     ; R4_w=scalar(id=33) R10=fp0 fp-136_w=scalar(id=33)
289: (b7) r1 = 3384                   ; R1_w=3384
; context->mnt_id = get_task_mnt_ns_id(p->event->task); @ filtering.h:265
290: (79) r3 = *(u64 *)(r5 +32216)    ; R3_w=scalar() R5=map_value(map=event_data_map,ks=4,vs=32528)
291: (0f) r3 += r1                    ; R1_w=3384 R3_w=scalar()
292: (bf) r1 = r10                    ; R1_w=fp0 R10=fp0
293: (07) r1 += -72                   ; R1_w=fp-72
; return get_mnt_ns_id(BPF_CORE_READ(task, nsproxy)); @ task.h:66
294: (b7) r2 = 8                      ; R2_w=8
295: (bf) r6 = r5                     ; R5=map_value(map=event_data_map,ks=4,vs=32528) R6_w=map_value(map=event_data_map,ks=4,vs=32528)
296: (85) call bpf_probe_read_kernel#113      ; R0=scalar() fp-72=mmmmmmmm
297: (b7) r1 = 24                     ; R1_w=24
298: (79) r3 = *(u64 *)(r10 -72)      ; R3_w=scalar() R10=fp0 fp-72=mmmmmmmm
299: (0f) r3 += r1                    ; R1_w=24 R3_w=scalar()
300: (bf) r1 = r10                    ; R1_w=fp0 R10=fp0
301: (07) r1 += -72                   ; R1_w=fp-72
; return BPF_CORE_READ(ns, mnt_ns, ns.inum); @ namespaces.h:21
302: (b7) r2 = 8                      ; R2_w=8
303: (85) call bpf_probe_read_kernel#113      ; R0_w=scalar() fp-72=mmmmmmmm
304: (b7) r1 = 16                     ; R1_w=16
305: (79) r3 = *(u64 *)(r10 -72)      ; R3_w=scalar() R10=fp0 fp-72=mmmmmmmm
306: (0f) r3 += r1                    ; R1_w=16 R3_w=scalar()
307: (bf) r1 = r10                    ; R1_w=fp0 R10=fp0
308: (07) r1 += -76                   ; R1_w=fp-76
309: (b7) r2 = 4                      ; R2_w=4
310: (85) call bpf_probe_read_kernel#113      ; R0=scalar() fp-80=mmmm????
311: (61) r1 = *(u32 *)(r10 -76)      ; R1_w=scalar(smin=0,smax=umax=0xffffffff,var_off=(0x0; 0xffffffff)) R10=fp0 fp-80=mmmm????
; context->mnt_id = get_task_mnt_ns_id(p->event->task); @ filtering.h:265
312: (63) *(u32 *)(r6 +52) = r1       ; R1_w=scalar(smin=0,smax=umax=0xffffffff,var_off=(0x0; 0xffffffff)) R6=map_value(map=event_data_map,ks=4,vs=32528)
; u64 match_if_key_missing = policies_cfg->mnt_ns_filter_match_if_key_missing; @ filtering.h:266
313: (79) r1 = *(u64 *)(r6 +32408)    ; R1_w=scalar() R6=map_value(map=event_data_map,ks=4,vs=32528)
; u64 mask = ~policies_cfg->mnt_ns_filter_enabled; @ filtering.h:267
314: (7b) *(u64 *)(r10 -160) = r1     ; R1_w=scalar(id=34) R10=fp0 fp-160_w=scalar(id=34)
315: (79) r6 = *(u64 *)(r6 +32304)    ; R6_w=scalar()
316: (79) r1 = *(u64 *)(r10 -144)     ; R1_w=scalar(id=9,smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff)) R10=fp0 fp-144=scalar(id=9,smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff))
317: (6b) *(u16 *)(r10 -72) = r1      ; R1_w=scalar(id=9,smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff)) R10=fp0 fp-72=mmmmmmscalar(id=9,smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff))
318: (bf) r2 = r10                    ; R2_w=fp0 R10=fp0
319: (07) r2 += -72                   ; R2_w=fp-72
; return bpf_map_lookup_elem(outer_map, &version); @ filtering.h:36
320: (18) r1 = 0xffff9cc69fb3b000     ; R1_w=map_ptr(map=mnt_ns_filter_v,ks=2,vs=4)
322: (85) call bpf_map_lookup_elem#1          ; R0_w=map_value_or_null(id=35,map=mnt_ns_filter_v,ks=2,vs=4)
323: (b7) r2 = 0                      ; R2_w=0
324: (b7) r7 = -1                     ; R7_w=-1
; u64 mask = ~policies_cfg->mnt_ns_filter_enabled; @ filtering.h:267
325: (a7) r6 ^= -1                    ; R6_w=scalar()
; if (filter_map) { @ filtering.h:144
326: (15) if r0 == 0x0 goto pc+9      ; R0_w=map_ptr(ks=4,vs=16)
327: (79) r2 = *(u64 *)(r10 -96)      ; R2_w=map_value(map=event_data_map,ks=4,vs=32528) R10=fp0 fp-96=map_value(map=event_data_map,ks=4,vs=32528)
328: (07) r2 += 52                    ; R2_w=map_value(map=event_data_map,ks=4,vs=32528,off=52)
; eq_t *equality = bpf_map_lookup_elem(filter_map, key); @ filtering.h:145
329: (bf) r1 = r0                     ; R0_w=map_ptr(ks=4,vs=16) R1_w=map_ptr(ks=4,vs=16)
330: (85) call bpf_map_lookup_elem#1          ; R0=map_value_or_null(id=36,ks=4,vs=16)
331: (b7) r2 = 0                      ; R2_w=0
; if (equality != NULL) { @ filtering.h:146
332: (15) if r0 == 0x0 goto pc+3      ; R0=map_value(ks=4,vs=16)
; equals_in_policies = equality->equals_in_policies; @ filtering.h:147
333: (79) r2 = *(u64 *)(r0 +0)        ; R0=map_value(ks=4,vs=16) R2_w=scalar()
; key_used_in_policies = equality->key_used_in_policies; @ filtering.h:148
334: (79) r7 = *(u64 *)(r0 +8)        ; R0=map_value(ks=4,vs=16) R7_w=scalar()
; return equals_in_policies | (match_if_key_missing & ~key_used_in_policies); @ filtering.h:155
335: (a7) r7 ^= -1                    ; R7_w=scalar()
336: (79) r1 = *(u64 *)(r10 -160)     ; R1_w=scalar(id=34) R10=fp0 fp-160=scalar(id=34)
337: (5f) r7 &= r1                    ; R1_w=scalar(id=34) R7_w=scalar()
338: (4f) r7 |= r6                    ; R6=scalar() R7_w=scalar()
; res &= equality_filter_matches(match_if_key_missing, filter_map, &context->mnt_id) | mask; @ filtering.h:270
339: (4f) r7 |= r2                    ; R2_w=scalar() R7_w=scalar()
340: (79) r1 = *(u64 *)(r10 -136)     ; R1_w=scalar(id=33) R10=fp0 fp-136=scalar(id=33)
341: (5f) r7 &= r1                    ; R1_w=scalar(id=33) R7_w=scalar()
342: (bf) r4 = r7                     ; R4_w=scalar(id=37) R7_w=scalar(id=37)
343: (79) r5 = *(u64 *)(r10 -104)     ; R5_w=map_value(map=event_data_map,ks=4,vs=32528) R10=fp0 fp-104=map_value(map=event_data_map,ks=4,vs=32528)
; if (policies_cfg->pid_ns_filter_enabled) { @ filtering.h:273
344: (79) r1 = *(u64 *)(r5 +32312)    ; R1_w=scalar() R5_w=map_value(map=event_data_map,ks=4,vs=32528)
345: (15) if r1 == 0x0 goto pc+73     ; R1_w=scalar(umin=1)
346: (7b) *(u64 *)(r10 -136) = r4     ; R4_w=scalar(id=37) R10=fp0 fp-136_w=scalar(id=37)
; context->pid_id = get_task_pid_ns_id(p->event->task); @ filtering.h:274
347: (79) r3 = *(u64 *)(r5 +32216)    ; R3_w=scalar() R5_w=map_value(map=event_data_map,ks=4,vs=32528)
348: (b7) r1 = 0                      ; R1=0
; if (bpf_core_type_exists(struct pid_link)) { @ task.h:80
349: (15) if r1 == 0x0 goto pc+2      ; R1=0
352: (b7) r1 = 2856                   ; R1_w=2856
353: (0f) r3 += r1                    ; R1_w=2856 R3_w=scalar()
354: (bf) r1 = r10                    ; R1_w=fp0 R10=fp0
355: (07) r1 += -72                   ; R1_w=fp-72
356: (b7) r2 = 8                      ; R2_w=8
357: (85) call bpf_probe_read_kernel#113      ; R0_w=scalar() fp-72=mmmmmmmm
358: (79) r6 = *(u64 *)(r10 -72)      ; R6_w=scalar() R10=fp0 fp-72=mmmmmmmm
359: (b7) r1 = 4                      ; R1_w=4
360: (bf) r3 = r6                     ; R3_w=scalar(id=38) R6_w=scalar(id=38)
361: (0f) r3 += r1                    ; R1_w=4 R3_w=scalar(id=38+4)
362: (bf) r1 = r10                    ; R1_w=fp0 R10=fp0
363: (07) r1 += -72                   ; R1_w=fp-72
; level = BPF_CORE_READ(pid, level); @ task.h:87
364: (b7) r2 = 4                      ; R2_w=4
365: (85) call bpf_probe_read_kernel#113      ; R0=scalar() fp-72=mmmmmmmm
366: (b7) r1 = 112                    ; R1_w=112
367: (0f) r6 += r1                    ; R1_w=112 R6_w=scalar(id=38+112)
368: (61) r1 = *(u32 *)(r10 -72)      ; R1_w=scalar(smin=0,smax=umax=0xffffffff,var_off=(0x0; 0xffffffff)) R10=fp0 fp-72=mmmmmmmm
; ns = BPF_CORE_READ(pid, numbers[level].ns); @ task.h:88
369: (67) r1 <<= 4                    ; R1_w=scalar(smin=0,smax=umax=0xffffffff0,smax32=0x7ffffff0,umax32=0xfffffff0,var_off=(0x0; 0xffffffff0))
370: (0f) r6 += r1                    ; R1_w=scalar(smin=0,smax=umax=0xffffffff0,smax32=0x7ffffff0,umax32=0xfffffff0,var_off=(0x0; 0xffffffff0)) R6_w=scalar()
371: (b7) r1 = 8                      ; R1_w=8
372: (0f) r6 += r1                    ; R1_w=8 R6_w=scalar()
373: (bf) r1 = r10                    ; R1_w=fp0 R10=fp0
374: (07) r1 += -72                   ; R1_w=fp-72
375: (b7) r2 = 8                      ; R2_w=8
376: (bf) r3 = r6                     ; R3_w=scalar(id=39) R6_w=scalar(id=39)
377: (85) call bpf_probe_read_kernel#113      ; R0_w=scalar() fp-72=mmmmmmmm
378: (b7) r1 = 128                    ; R1_w=128
379: (79) r3 = *(u64 *)(r10 -72)      ; R3_w=scalar() R10=fp0 fp-72=mmmmmmmm
380: (0f) r3 += r1                    ; R1_w=128 R3_w=scalar()
381: (bf) r1 = r10                    ; R1_w=fp0 R10=fp0
382: (07) r1 += -72                   ; R1_w=fp-72
; return BPF_CORE_READ(ns, ns.inum); @ task.h:89
383: (b7) r2 = 4                      ; R2_w=4
384: (85) call bpf_probe_read_kernel#113      ; R0=scalar() fp-72=mmmmmmmm
385: (61) r1 = *(u32 *)(r10 -72)      ; R1_w=scalar(smin=0,smax=umax=0xffffffff,var_off=(0x0; 0xffffffff)) R10=fp0 fp-72=mmmmmmmm
386: (79) r2 = *(u64 *)(r10 -104)     ; R2_w=map_value(map=event_data_map,ks=4,vs=32528) R10=fp0 fp-104=map_value(map=event_data_map,ks=4,vs=32528)
; context->pid_id = get_task_pid_ns_id(p->event->task); @ filtering.h:274
387: (63) *(u32 *)(r2 +56) = r1       ; R1_w=scalar(smin=0,smax=umax=0xffffffff,var_off=(0x0; 0xffffffff)) R2_w=map_value(map=event_data_map,ks=4,vs=32528)
; u64 match_if_key_missing = policies_cfg->pid_ns_filter_match_if_key_missing; @ filtering.h:275
388: (79) r1 = *(u64 *)(r2 +32416)    ; R1_w=scalar() R2_w=map_value(map=event_data_map,ks=4,vs=32528)
; u64 mask = ~policies_cfg->pid_ns_filter_enabled; @ filtering.h:276
389: (7b) *(u64 *)(r10 -160) = r1     ; R1_w=scalar(id=40) R10=fp0 fp-160_w=scalar(id=40)
390: (79) r6 = *(u64 *)(r2 +32312)    ; R2_w=map_value(map=event_data_map,ks=4,vs=32528) R6_w=scalar()
391: (79) r1 = *(u64 *)(r10 -144)     ; R1_w=scalar(id=9,smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff)) R10=fp0 fp-144=scalar(id=9,smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff))
392: (6b) *(u16 *)(r10 -72) = r1      ; R1_w=scalar(id=9,smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff)) R10=fp0 fp-72=mmmmmmscalar(id=9,smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff))
393: (bf) r2 = r10                    ; R2_w=fp0 R10=fp0
394: (07) r2 += -72                   ; R2_w=fp-72
; return bpf_map_lookup_elem(outer_map, &version); @ filtering.h:36
395: (18) r1 = 0xffff9cc69fb3d800     ; R1_w=map_ptr(map=pid_ns_filter_v,ks=2,vs=4)
397: (85) call bpf_map_lookup_elem#1          ; R0_w=map_value_or_null(id=41,map=pid_ns_filter_v,ks=2,vs=4)
398: (b7) r2 = 0                      ; R2_w=0
399: (b7) r7 = -1                     ; R7_w=-1
; u64 mask = ~policies_cfg->pid_ns_filter_enabled; @ filtering.h:276
400: (a7) r6 ^= -1                    ; R6_w=scalar()
; if (filter_map) { @ filtering.h:144
401: (15) if r0 == 0x0 goto pc+9      ; R0_w=map_ptr(ks=4,vs=16)
402: (79) r2 = *(u64 *)(r10 -96)      ; R2_w=map_value(map=event_data_map,ks=4,vs=32528) R10=fp0 fp-96=map_value(map=event_data_map,ks=4,vs=32528)
403: (07) r2 += 56                    ; R2_w=map_value(map=event_data_map,ks=4,vs=32528,off=56)
; eq_t *equality = bpf_map_lookup_elem(filter_map, key); @ filtering.h:145
404: (bf) r1 = r0                     ; R0_w=map_ptr(ks=4,vs=16) R1_w=map_ptr(ks=4,vs=16)
405: (85) call bpf_map_lookup_elem#1          ; R0=map_value_or_null(id=42,ks=4,vs=16)
406: (b7) r2 = 0                      ; R2_w=0
; if (equality != NULL) { @ filtering.h:146
407: (15) if r0 == 0x0 goto pc+3      ; R0=map_value(ks=4,vs=16)
; equals_in_policies = equality->equals_in_policies; @ filtering.h:147
408: (79) r2 = *(u64 *)(r0 +0)        ; R0=map_value(ks=4,vs=16) R2_w=scalar()
; key_used_in_policies = equality->key_used_in_policies; @ filtering.h:148
409: (79) r7 = *(u64 *)(r0 +8)        ; R0=map_value(ks=4,vs=16) R7_w=scalar()
; return equals_in_policies | (match_if_key_missing & ~key_used_in_policies); @ filtering.h:155
410: (a7) r7 ^= -1                    ; R7_w=scalar()
411: (79) r1 = *(u64 *)(r10 -160)     ; R1_w=scalar(id=40) R10=fp0 fp-160=scalar(id=40)
412: (5f) r7 &= r1                    ; R1_w=scalar(id=40) R7_w=scalar()
413: (4f) r7 |= r6                    ; R6=scalar() R7_w=scalar()
; res &= equality_filter_matches(match_if_key_missing, filter_map, &context->pid_id) | mask; @ filtering.h:279
414: (4f) r7 |= r2                    ; R2_w=scalar() R7_w=scalar()
415: (79) r1 = *(u64 *)(r10 -136)     ; R1_w=scalar(id=37) R10=fp0 fp-136=scalar(id=37)
416: (5f) r7 &= r1                    ; R1_w=scalar(id=37) R7_w=scalar()
417: (bf) r4 = r7                     ; R4_w=scalar(id=43) R7_w=scalar(id=43)
418: (79) r5 = *(u64 *)(r10 -104)     ; R5_w=map_value(map=event_data_map,ks=4,vs=32528) R10=fp0 fp-104=map_value(map=event_data_map,ks=4,vs=32528)
; if (policies_cfg->uts_ns_filter_enabled) { @ filtering.h:282
419: (79) r1 = *(u64 *)(r5 +32320)    ; R1_w=scalar() R5_w=map_value(map=event_data_map,ks=4,vs=32528)
420: (15) if r1 == 0x0 goto pc+64     ; R1_w=scalar(umin=1)
421: (7b) *(u64 *)(r10 -168) = r9     ; R9=map_value(map=event_data_map,ks=4,vs=32528,off=36) R10=fp0 fp-168_w=map_value(map=event_data_map,ks=4,vs=32528,off=36)
422: (7b) *(u64 *)(r10 -136) = r4     ; R4_w=scalar(id=43) R10=fp0 fp-136_w=scalar(id=43)
423: (b7) r1 = 3384                   ; R1_w=3384
; char *uts_name = get_task_uts_name(p->event->task); @ filtering.h:283
424: (79) r3 = *(u64 *)(r5 +32216)    ; R3_w=scalar() R5_w=map_value(map=event_data_map,ks=4,vs=32528)
425: (0f) r3 += r1                    ; R1_w=3384 R3_w=scalar()
426: (bf) r1 = r10                    ; R1_w=fp0 R10=fp0
427: (07) r1 += -72                   ; R1_w=fp-72
; struct nsproxy *np = BPF_CORE_READ(task, nsproxy); @ task.h:148
428: (b7) r2 = 8                      ; R2_w=8
429: (bf) r9 = r5                     ; R5_w=map_value(map=event_data_map,ks=4,vs=32528) R9_w=map_value(map=event_data_map,ks=4,vs=32528)
430: (85) call bpf_probe_read_kernel#113      ; R0=scalar() fp-72=mmmmmmmm
431: (b7) r1 = 8                      ; R1_w=8
432: (79) r3 = *(u64 *)(r10 -72)      ; R3_w=scalar() R10=fp0 fp-72=mmmmmmmm
433: (0f) r3 += r1                    ; R1_w=8 R3_w=scalar()
434: (bf) r1 = r10                    ; R1_w=fp0 R10=fp0
435: (07) r1 += -72                   ; R1_w=fp-72
; struct uts_namespace *uts_ns = BPF_CORE_READ(np, uts_ns); @ task.h:149
436: (b7) r2 = 8                      ; R2_w=8
437: (85) call bpf_probe_read_kernel#113      ; R0_w=scalar() fp-72=mmmmmmmm
438: (b7) r1 = 65                     ; R1_w=65
439: (79) r3 = *(u64 *)(r10 -72)      ; R3_w=scalar() R10=fp0 fp-72=mmmmmmmm
440: (0f) r3 += r1                    ; R1_w=65 R3_w=scalar()
441: (bf) r7 = r10                    ; R7_w=fp0 R10=fp0
442: (07) r7 += -72                   ; R7_w=fp-72
; return BPF_CORE_READ(uts_ns, name.nodename); @ task.h:150
443: (bf) r1 = r7                     ; R1_w=fp-72 R7_w=fp-72
444: (b7) r2 = 65                     ; R2_w=65
445: (85) call bpf_probe_read_kernel#113      ; R0=scalar() fp-8=???????m fp-16=mmmmmmmm fp-24=mmmmmmmm fp-32=mmmmmmmm fp-40=mmmmmmmm fp-48=mmmmmmmm fp-56=mmmmmmmm fp-64=mmmmmmmm fp-72=mmmmmmmm
; bpf_probe_read_kernel_str(&context->uts_name, TASK_COMM_LEN, uts_name); @ filtering.h:285
446: (79) r6 = *(u64 *)(r10 -96)      ; R6_w=map_value(map=event_data_map,ks=4,vs=32528) R10=fp0 fp-96=map_value(map=event_data_map,ks=4,vs=32528)
447: (07) r6 += 76                    ; R6_w=map_value(map=event_data_map,ks=4,vs=32528,off=76)
448: (bf) r1 = r6                     ; R1_w=map_value(map=event_data_map,ks=4,vs=32528,off=76) R6_w=map_value(map=event_data_map,ks=4,vs=32528,off=76)
449: (b7) r2 = 16                     ; R2_w=16
450: (bf) r3 = r7                     ; R3_w=fp-72 R7=fp-72
451: (85) call bpf_probe_read_kernel_str#115          ; R0_w=scalar(smin=smin32=-4095,smax=smax32=16)
; u64 match_if_key_missing = policies_cfg->uts_ns_filter_match_if_key_missing; @ filtering.h:286
452: (79) r1 = *(u64 *)(r9 +32424)    ; R1_w=scalar() R9=map_value(map=event_data_map,ks=4,vs=32528)
; u64 mask = ~policies_cfg->uts_ns_filter_enabled; @ filtering.h:287
453: (7b) *(u64 *)(r10 -176) = r1     ; R1_w=scalar(id=44) R10=fp0 fp-176_w=scalar(id=44)
454: (79) r9 = *(u64 *)(r9 +32320)    ; R9_w=scalar()
455: (79) r1 = *(u64 *)(r10 -144)     ; R1_w=scalar(id=9,smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff)) R10=fp0 fp-144=scalar(id=9,smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff))
456: (6b) *(u16 *)(r10 -72) = r1      ; R1_w=scalar(id=9,smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff)) R10=fp0 fp-72=mmmmmmscalar(id=9,smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff))
457: (bf) r2 = r10                    ; R2_w=fp0 R10=fp0
458: (07) r2 += -72                   ; R2_w=fp-72
; return bpf_map_lookup_elem(outer_map, &version); @ filtering.h:36
459: (18) r1 = 0xffff9cc69fb38c00     ; R1_w=map_ptr(map=uts_ns_filter_v,ks=2,vs=4)
461: (85) call bpf_map_lookup_elem#1          ; R0=map_value_or_null(id=45,map=uts_ns_filter_v,ks=2,vs=4)
462: (b7) r2 = 0                      ; R2_w=0
463: (b7) r7 = -1                     ; R7_w=-1
; u64 mask = ~policies_cfg->uts_ns_filter_enabled; @ filtering.h:287
464: (a7) r9 ^= -1                    ; R9_w=scalar()
465: (7b) *(u64 *)(r10 -160) = r9     ; R9_w=scalar(id=46) R10=fp0 fp-160_w=scalar(id=46)
; if (filter_map) { @ filtering.h:144
466: (15) if r0 == 0x0 goto pc+8      ; R0=map_ptr(ks=16,vs=16)
; eq_t *equality = bpf_map_lookup_elem(filter_map, key); @ filtering.h:145
467: (bf) r1 = r0                     ; R0=map_ptr(ks=16,vs=16) R1_w=map_ptr(ks=16,vs=16)
468: (bf) r2 = r6                     ; R2_w=map_value(map=event_data_map,ks=4,vs=32528,off=76) R6=map_value(map=event_data_map,ks=4,vs=32528,off=76)
469: (85) call bpf_map_lookup_elem#1          ; R0=map_value_or_null(id=47,ks=16,vs=16)
470: (b7) r2 = 0                      ; R2_w=0
; if (equality != NULL) { @ filtering.h:146
471: (15) if r0 == 0x0 goto pc+3      ; R0=map_value(ks=16,vs=16)
; equals_in_policies = equality->equals_in_policies; @ filtering.h:147
472: (79) r2 = *(u64 *)(r0 +0)        ; R0=map_value(ks=16,vs=16) R2_w=scalar()
; key_used_in_policies = equality->key_used_in_policies; @ filtering.h:148
473: (79) r7 = *(u64 *)(r0 +8)        ; R0=map_value(ks=16,vs=16) R7_w=scalar()
; return equals_in_policies | (match_if_key_missing & ~key_used_in_policies); @ filtering.h:155
474: (a7) r7 ^= -1                    ; R7_w=scalar()
475: (79) r1 = *(u64 *)(r10 -176)     ; R1_w=scalar(id=44) R10=fp0 fp-176=scalar(id=44)
476: (5f) r7 &= r1                    ; R1_w=scalar(id=44) R7_w=scalar()
477: (79) r1 = *(u64 *)(r10 -160)     ; R1_w=scalar(id=46) R10=fp0 fp-160=scalar(id=46)
478: (4f) r7 |= r1                    ; R1_w=scalar(id=46) R7_w=scalar()
; res &= equality_filter_matches(match_if_key_missing, filter_map, &context->uts_name) | mask; @ filtering.h:290
479: (4f) r7 |= r2                    ; R2_w=scalar() R7_w=scalar()
480: (79) r1 = *(u64 *)(r10 -136)     ; R1_w=scalar(id=43) R10=fp0 fp-136=scalar(id=43)
481: (5f) r7 &= r1                    ; R1_w=scalar(id=43) R7_w=scalar()
482: (bf) r4 = r7                     ; R4_w=scalar(id=48) R7_w=scalar(id=48)
483: (79) r5 = *(u64 *)(r10 -104)     ; R5_w=map_value(map=event_data_map,ks=4,vs=32528) R10=fp0 fp-104=map_value(map=event_data_map,ks=4,vs=32528)
484: (79) r9 = *(u64 *)(r10 -168)     ; R9_w=map_value(map=event_data_map,ks=4,vs=32528,off=36) R10=fp0 fp-168=map_value(map=event_data_map,ks=4,vs=32528,off=36)
; if (policies_cfg->comm_filter_enabled) { @ filtering.h:293
485: (79) r1 = *(u64 *)(r5 +32328)    ; R1_w=scalar() R5_w=map_value(map=event_data_map,ks=4,vs=32528)
486: (15) if r1 == 0x0 goto pc+39     ; R1_w=scalar(umin=1)
487: (7b) *(u64 *)(r10 -136) = r4     ; R4_w=scalar(id=48) R10=fp0 fp-136_w=scalar(id=48)
; bpf_get_current_comm(&context->comm, sizeof(context->comm)); @ filtering.h:294
488: (79) r1 = *(u64 *)(r10 -96)      ; R1_w=map_value(map=event_data_map,ks=4,vs=32528) R10=fp0 fp-96=map_value(map=event_data_map,ks=4,vs=32528)
489: (07) r1 += 60                    ; R1_w=map_value(map=event_data_map,ks=4,vs=32528,off=60)
490: (7b) *(u64 *)(r10 -176) = r1     ; R1_w=map_value(map=event_data_map,ks=4,vs=32528,off=60) R10=fp0 fp-176_w=map_value(map=event_data_map,ks=4,vs=32528,off=60)
491: (b7) r2 = 16                     ; R2_w=16
492: (bf) r7 = r5                     ; R5_w=map_value(map=event_data_map,ks=4,vs=32528) R7_w=map_value(map=event_data_map,ks=4,vs=32528)
493: (85) call bpf_get_current_comm#16        ; R0=scalar()
; u64 match_if_key_missing = policies_cfg->comm_filter_match_if_key_missing; @ filtering.h:295
494: (79) r1 = *(u64 *)(r7 +32432)    ; R1_w=scalar() R7=map_value(map=event_data_map,ks=4,vs=32528)
; u64 mask = ~policies_cfg->comm_filter_enabled; @ filtering.h:296
495: (7b) *(u64 *)(r10 -168) = r1     ; R1_w=scalar(id=49) R10=fp0 fp-168_w=scalar(id=49)
496: (79) r6 = *(u64 *)(r7 +32328)    ; R6_w=scalar() R7=map_value(map=event_data_map,ks=4,vs=32528)
497: (79) r1 = *(u64 *)(r10 -144)     ; R1_w=scalar(id=9,smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff)) R10=fp0 fp-144=scalar(id=9,smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff))
498: (6b) *(u16 *)(r10 -72) = r1      ; R1_w=scalar(id=9,smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff)) R10=fp0 fp-72=mmmmmmscalar(id=9,smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff))
499: (bf) r2 = r10                    ; R2_w=fp0 R10=fp0
500: (07) r2 += -72                   ; R2_w=fp-72
; return bpf_map_lookup_elem(outer_map, &version); @ filtering.h:36
501: (18) r1 = 0xffff9cc773170400     ; R1_w=map_ptr(map=comm_filter_ver,ks=2,vs=4)
503: (85) call bpf_map_lookup_elem#1          ; R0_w=map_value_or_null(id=50,map=comm_filter_ver,ks=2,vs=4)
504: (b7) r2 = 0                      ; R2_w=0
505: (b7) r7 = -1                     ; R7_w=-1
; u64 mask = ~policies_cfg->comm_filter_enabled; @ filtering.h:296
506: (a7) r6 ^= -1                    ; R6_w=scalar()
507: (7b) *(u64 *)(r10 -160) = r6     ; R6_w=scalar(id=51) R10=fp0 fp-160_w=scalar(id=51)
; if (filter_map) { @ filtering.h:144
508: (15) if r0 == 0x0 goto pc+8      ; R0_w=map_ptr(ks=16,vs=16)
; eq_t *equality = bpf_map_lookup_elem(filter_map, key); @ filtering.h:145
509: (bf) r1 = r0                     ; R0_w=map_ptr(ks=16,vs=16) R1_w=map_ptr(ks=16,vs=16)
510: (79) r2 = *(u64 *)(r10 -176)     ; R2_w=map_value(map=event_data_map,ks=4,vs=32528,off=60) R10=fp0 fp-176=map_value(map=event_data_map,ks=4,vs=32528,off=60)
511: (85) call bpf_map_lookup_elem#1          ; R0=map_value_or_null(id=52,ks=16,vs=16)
512: (b7) r2 = 0                      ; R2_w=0
; if (equality != NULL) { @ filtering.h:146
513: (15) if r0 == 0x0 goto pc+3      ; R0=map_value(ks=16,vs=16)
; equals_in_policies = equality->equals_in_policies; @ filtering.h:147
514: (79) r2 = *(u64 *)(r0 +0)        ; R0=map_value(ks=16,vs=16) R2_w=scalar()
; key_used_in_policies = equality->key_used_in_policies; @ filtering.h:148
515: (79) r7 = *(u64 *)(r0 +8)        ; R0=map_value(ks=16,vs=16) R7_w=scalar()
; return equals_in_policies | (match_if_key_missing & ~key_used_in_policies); @ filtering.h:155
516: (a7) r7 ^= -1                    ; R7_w=scalar()
517: (79) r1 = *(u64 *)(r10 -168)     ; R1_w=scalar(id=49) R10=fp0 fp-168=scalar(id=49)
518: (5f) r7 &= r1                    ; R1_w=scalar(id=49) R7_w=scalar()
519: (79) r1 = *(u64 *)(r10 -160)     ; R1_w=scalar(id=51) R10=fp0 fp-160=scalar(id=51)
520: (4f) r7 |= r1                    ; R1_w=scalar(id=51) R7_w=scalar()
; res &= equality_filter_matches(match_if_key_missing, filter_map, &context->comm) | mask; @ filtering.h:299
521: (4f) r7 |= r2                    ; R2_w=scalar() R7_w=scalar()
522: (79) r1 = *(u64 *)(r10 -136)     ; R1_w=scalar(id=48) R10=fp0 fp-136=scalar(id=48)
523: (5f) r7 &= r1                    ; R1_w=scalar(id=48) R7_w=scalar()
524: (bf) r4 = r7                     ; R4_w=scalar(id=53) R7_w=scalar(id=53)
525: (79) r5 = *(u64 *)(r10 -104)     ; R5_w=map_value(map=event_data_map,ks=4,vs=32528) R10=fp0 fp-104=map_value(map=event_data_map,ks=4,vs=32528)
; if (policies_cfg->cgroup_id_filter_enabled) { @ filtering.h:302
526: (79) r6 = *(u64 *)(r5 +32336)    ; R5_w=map_value(map=event_data_map,ks=4,vs=32528) R6_w=scalar()
527: (15) if r6 == 0x0 goto pc+33     ; R6_w=scalar(umin=1)
528: (7b) *(u64 *)(r10 -136) = r4     ; R4_w=scalar(id=53) R10=fp0 fp-136_w=scalar(id=53)
; u32 cgroup_id_lsb = context->cgroup_id; @ filtering.h:303
529: (79) r1 = *(u64 *)(r5 +16)       ; R1_w=scalar() R5_w=map_value(map=event_data_map,ks=4,vs=32528)
530: (63) *(u32 *)(r10 -72) = r1      ; R1_w=scalar() R10=fp0 fp-72=mmmmscalar()
; u64 match_if_key_missing = policies_cfg->cgroup_id_filter_match_if_key_missing; @ filtering.h:304
531: (79) r1 = *(u64 *)(r5 +32440)    ; R1_w=scalar() R5_w=map_value(map=event_data_map,ks=4,vs=32528)
532: (7b) *(u64 *)(r10 -160) = r1     ; R1_w=scalar(id=54) R10=fp0 fp-160_w=scalar(id=54)
533: (79) r1 = *(u64 *)(r10 -144)     ; R1_w=scalar(id=9,smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff)) R10=fp0 fp-144=scalar(id=9,smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff))
534: (6b) *(u16 *)(r10 -76) = r1      ; R1_w=scalar(id=9,smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff)) R10=fp0 fp-80=mmmm????
535: (bf) r2 = r10                    ; R2_w=fp0 R10=fp0
536: (07) r2 += -76                   ; R2_w=fp-76
; return bpf_map_lookup_elem(outer_map, &version); @ filtering.h:36
537: (18) r1 = 0xffff9cc773177800     ; R1_w=map_ptr(map=cgroup_id_filte,ks=2,vs=4)
539: (85) call bpf_map_lookup_elem#1          ; R0=map_value_or_null(id=55,map=cgroup_id_filte,ks=2,vs=4)
540: (b7) r2 = 0                      ; R2_w=0
541: (b7) r7 = -1                     ; R7_w=-1
; u64 mask = ~policies_cfg->cgroup_id_filter_enabled; @ filtering.h:305
542: (a7) r6 ^= -1                    ; R6_w=scalar()
; if (filter_map) { @ filtering.h:144
543: (15) if r0 == 0x0 goto pc+9      ; R0=map_ptr(ks=4,vs=16)
544: (bf) r2 = r10                    ; R2_w=fp0 R10=fp0
545: (07) r2 += -72                   ; R2_w=fp-72
; eq_t *equality = bpf_map_lookup_elem(filter_map, key); @ filtering.h:145
546: (bf) r1 = r0                     ; R0=map_ptr(ks=4,vs=16) R1_w=map_ptr(ks=4,vs=16)
547: (85) call bpf_map_lookup_elem#1          ; R0=map_value_or_null(id=56,ks=4,vs=16)
548: (b7) r2 = 0                      ; R2_w=0
; if (equality != NULL) { @ filtering.h:146
549: (15) if r0 == 0x0 goto pc+3      ; R0=map_value(ks=4,vs=16)
; equals_in_policies = equality->equals_in_policies; @ filtering.h:147
550: (79) r2 = *(u64 *)(r0 +0)        ; R0=map_value(ks=4,vs=16) R2_w=scalar()
; key_used_in_policies = equality->key_used_in_policies; @ filtering.h:148
551: (79) r7 = *(u64 *)(r0 +8)        ; R0=map_value(ks=4,vs=16) R7_w=scalar()
; return equals_in_policies | (match_if_key_missing & ~key_used_in_policies); @ filtering.h:155
552: (a7) r7 ^= -1                    ; R7_w=scalar()
553: (79) r1 = *(u64 *)(r10 -160)     ; R1_w=scalar(id=54) R10=fp0 fp-160=scalar(id=54)
554: (5f) r7 &= r1                    ; R1_w=scalar(id=54) R7_w=scalar()
555: (4f) r7 |= r6                    ; R6=scalar() R7_w=scalar()
; res &= equality_filter_matches(match_if_key_missing, filter_map, &cgroup_id_lsb) | mask; @ filtering.h:308
556: (4f) r7 |= r2                    ; R2_w=scalar() R7_w=scalar()
557: (79) r1 = *(u64 *)(r10 -136)     ; R1_w=scalar(id=53) R10=fp0 fp-136=scalar(id=53)
558: (5f) r7 &= r1                    ; R1_w=scalar(id=53) R7_w=scalar()
559: (bf) r4 = r7                     ; R4_w=scalar(id=57) R7_w=scalar(id=57)
560: (79) r5 = *(u64 *)(r10 -104)     ; R5_w=map_value(map=event_data_map,ks=4,vs=32528) R10=fp0 fp-104=map_value(map=event_data_map,ks=4,vs=32528)
; if (policies_cfg->proc_tree_filter_enabled) { @ filtering.h:311
561: (79) r6 = *(u64 *)(r5 +32368)    ; R5_w=map_value(map=event_data_map,ks=4,vs=32528) R6_w=scalar()
562: (15) if r6 == 0x0 goto pc+30     ; R6_w=scalar(umin=1)
563: (7b) *(u64 *)(r10 -136) = r4     ; R4_w=scalar(id=57) R10=fp0 fp-136_w=scalar(id=57)
; u64 match_if_key_missing = policies_cfg->proc_tree_filter_match_if_key_missing; @ filtering.h:312
564: (79) r1 = *(u64 *)(r5 +32472)    ; R1_w=scalar() R5_w=map_value(map=event_data_map,ks=4,vs=32528)
565: (7b) *(u64 *)(r10 -160) = r1     ; R1_w=scalar(id=58) R10=fp0 fp-160_w=scalar(id=58)
566: (79) r1 = *(u64 *)(r10 -144)     ; R1_w=scalar(id=9,smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff)) R10=fp0 fp-144=scalar(id=9,smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff))
567: (6b) *(u16 *)(r10 -72) = r1      ; R1_w=scalar(id=9,smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff)) R10=fp0 fp-72=mmmmmmscalar(id=9,smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff))
568: (bf) r2 = r10                    ; R2_w=fp0 R10=fp0
569: (07) r2 += -72                   ; R2_w=fp-72
; return bpf_map_lookup_elem(outer_map, &version); @ filtering.h:36
570: (18) r1 = 0xffff9cc6855ac400     ; R1_w=map_ptr(map=process_tree_ma,ks=2,vs=4)
572: (85) call bpf_map_lookup_elem#1          ; R0=map_value_or_null(id=59,map=process_tree_ma,ks=2,vs=4)
573: (b7) r2 = 0                      ; R2_w=0
574: (b7) r7 = -1                     ; R7_w=-1
; u64 mask = ~policies_cfg->proc_tree_filter_enabled; @ filtering.h:313
575: (a7) r6 ^= -1                    ; R6_w=scalar()
; if (filter_map) { @ filtering.h:144
576: (15) if r0 == 0x0 goto pc+8      ; R0=map_ptr(ks=4,vs=16)
; eq_t *equality = bpf_map_lookup_elem(filter_map, key); @ filtering.h:145
577: (bf) r1 = r0                     ; R0=map_ptr(ks=4,vs=16) R1_w=map_ptr(ks=4,vs=16)
578: (bf) r2 = r9                     ; R2_w=map_value(map=event_data_map,ks=4,vs=32528,off=36) R9=map_value(map=event_data_map,ks=4,vs=32528,off=36)
579: (85) call bpf_map_lookup_elem#1          ; R0_w=map_value_or_null(id=60,ks=4,vs=16)
580: (b7) r2 = 0                      ; R2=0
; if (equality != NULL) { @ filtering.h:146
581: (15) if r0 == 0x0 goto pc+3      ; R0=map_value(ks=4,vs=16)
; equals_in_policies = equality->equals_in_policies; @ filtering.h:147
582: (79) r2 = *(u64 *)(r0 +0)        ; R0=map_value(ks=4,vs=16) R2_w=scalar()
; key_used_in_policies = equality->key_used_in_policies; @ filtering.h:148
583: (79) r7 = *(u64 *)(r0 +8)        ; R0=map_value(ks=4,vs=16) R7_w=scalar()
; return equals_in_policies | (match_if_key_missing & ~key_used_in_policies); @ filtering.h:155
584: (a7) r7 ^= -1                    ; R7_w=scalar()
585: (79) r1 = *(u64 *)(r10 -160)     ; R1_w=scalar(id=58) R10=fp0 fp-160=scalar(id=58)
586: (5f) r7 &= r1                    ; R1_w=scalar(id=58) R7_w=scalar()
587: (4f) r7 |= r6                    ; R6=scalar() R7_w=scalar()
; res &= equality_filter_matches(match_if_key_missing, filter_map, &context->host_pid) | mask; @ filtering.h:316
588: (4f) r7 |= r2                    ; R2_w=scalar() R7_w=scalar()
589: (79) r1 = *(u64 *)(r10 -136)     ; R1_w=scalar(id=57) R10=fp0 fp-136=scalar(id=57)
590: (5f) r7 &= r1                    ; R1_w=scalar(id=57) R7_w=scalar()
591: (bf) r4 = r7                     ; R4_w=scalar(id=61) R7_w=scalar(id=61)
592: (79) r5 = *(u64 *)(r10 -104)     ; R5_w=map_value(map=event_data_map,ks=4,vs=32528) R10=fp0 fp-104=map_value(map=event_data_map,ks=4,vs=32528)
; if (policies_cfg->bin_path_filter_enabled) { @ filtering.h:319
593: (79) r7 = *(u64 *)(r5 +32376)    ; R5_w=map_value(map=event_data_map,ks=4,vs=32528) R7_w=scalar()
594: (15) if r7 == 0x0 goto pc+36     ; R7_w=scalar(umin=1)
595: (7b) *(u64 *)(r10 -136) = r4     ; R4_w=scalar(id=61) R10=fp0 fp-136_w=scalar(id=61)
; u64 match_if_key_missing = policies_cfg->bin_path_filter_match_if_key_missing; @ filtering.h:320
596: (79) r1 = *(u64 *)(r5 +32480)    ; R1_w=scalar() R5_w=map_value(map=event_data_map,ks=4,vs=32528)
597: (7b) *(u64 *)(r10 -160) = r1     ; R1_w=scalar(id=62) R10=fp0 fp-160_w=scalar(id=62)
598: (79) r1 = *(u64 *)(r10 -144)     ; R1_w=scalar(id=9,smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff)) R10=fp0 fp-144=scalar(id=9,smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff))
599: (6b) *(u16 *)(r10 -72) = r1      ; R1_w=scalar(id=9,smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff)) R10=fp0 fp-72=mmmmmmscalar(id=9,smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff))
600: (bf) r2 = r10                    ; R2_w=fp0 R10=fp0
601: (07) r2 += -72                   ; R2_w=fp-72
; return bpf_map_lookup_elem(outer_map, &version); @ filtering.h:36
602: (18) r1 = 0xffff9cc773173400     ; R1_w=map_ptr(map=binary_filter_v,ks=2,vs=4)
604: (85) call bpf_map_lookup_elem#1          ; R0=map_value_or_null(id=63,map=binary_filter_v,ks=2,vs=4)
605: (b7) r6 = -1                     ; R6_w=-1
606: (b7) r9 = 0                      ; R9_w=0
; u64 mask = ~policies_cfg->bin_path_filter_enabled; @ filtering.h:321
607: (a7) r7 ^= -1                    ; R7_w=scalar()
; if (filter_map) { @ filtering.h:84
608: (15) if r0 == 0x0 goto pc+14     ; R0=map_ptr(ks=260,vs=16)
; eq_t *equality = bpf_map_lookup_elem(filter_map, proc_info->binary.path); @ filtering.h:85
609: (79) r2 = *(u64 *)(r10 -128)     ; R2_w=map_value(map=proc_info_map,ks=4,vs=368) R10=fp0 fp-128=map_value(map=proc_info_map,ks=4,vs=368)
610: (07) r2 += 20                    ; R2_w=map_value(map=proc_info_map,ks=4,vs=368,off=20)
611: (7b) *(u64 *)(r10 -144) = r0     ; R0=map_ptr(ks=260,vs=16) R10=fp0 fp-144_w=map_ptr(ks=260,vs=16)
612: (79) r1 = *(u64 *)(r10 -144)     ; R1_w=map_ptr(ks=260,vs=16) R10=fp0 fp-144_w=map_ptr(ks=260,vs=16)
613: (85) call bpf_map_lookup_elem#1          ; R0=map_value_or_null(id=64,ks=260,vs=16)
614: (79) r1 = *(u64 *)(r10 -144)     ; R1_w=map_ptr(ks=260,vs=16) R10=fp0 fp-144=map_ptr(ks=260,vs=16)
; if (equality == NULL) { @ filtering.h:86
615: (55) if r0 != 0x0 goto pc+4      ; R0=0
; eq_t *equality = bpf_map_lookup_elem(filter_map, proc_info->binary.path); @ filtering.h:85
616: (79) r2 = *(u64 *)(r10 -128)     ; R2_w=map_value(map=proc_info_map,ks=4,vs=368) R10=fp0 fp-128=map_value(map=proc_info_map,ks=4,vs=368)
617: (07) r2 += 16                    ; R2_w=map_value(map=proc_info_map,ks=4,vs=368,off=16)
; equality = bpf_map_lookup_elem(filter_map, &proc_info->binary); @ filtering.h:88
618: (85) call bpf_map_lookup_elem#1          ; R0_w=map_value_or_null(id=65,ks=260,vs=16)
; if (equality != NULL) { @ filtering.h:90
619: (15) if r0 == 0x0 goto pc+3      ; R0_w=map_value(ks=260,vs=16)
; equals_in_policies = equality->equals_in_policies; @ filtering.h:91
620: (79) r9 = *(u64 *)(r0 +0)        ; R0_w=map_value(ks=260,vs=16) R9_w=scalar()
; key_used_in_policies = equality->key_used_in_policies; @ filtering.h:92
621: (79) r6 = *(u64 *)(r0 +8)        ; R0_w=map_value(ks=260,vs=16) R6_w=scalar()
; return equals_in_policies | (match_if_key_missing & ~key_used_in_policies); @ filtering.h:96
622: (a7) r6 ^= -1                    ; R6=scalar()
623: (79) r1 = *(u64 *)(r10 -160)     ; R1_w=scalar(id=62) R10=fp0 fp-160=scalar(id=62)
624: (5f) r6 &= r1                    ; R1_w=scalar(id=62) R6_w=scalar()
625: (4f) r9 |= r7                    ; R7=scalar() R9_w=scalar()
; res &= binary_filter_matches(match_if_key_missing, filter_map, proc_info) | mask; @ filtering.h:324
626: (4f) r9 |= r6                    ; R6_w=scalar() R9_w=scalar()
627: (79) r1 = *(u64 *)(r10 -136)     ; R1_w=scalar(id=61) R10=fp0 fp-136=scalar(id=61)
628: (5f) r9 &= r1                    ; R1_w=scalar(id=61) R9_w=scalar()
629: (bf) r4 = r9                     ; R4_w=scalar(id=66) R9_w=scalar(id=66)
630: (79) r5 = *(u64 *)(r10 -104)     ; R5_w=map_value(map=event_data_map,ks=4,vs=32528) R10=fp0 fp-104=map_value(map=event_data_map,ks=4,vs=32528)
; if (policies_cfg->follow_filter_enabled) { @ filtering.h:331
631: (79) r1 = *(u64 *)(r5 +32384)    ; R1_w=scalar() R5_w=map_value(map=event_data_map,ks=4,vs=32528)
632: (15) if r1 == 0x0 goto pc+5      ; R1_w=scalar(umin=1)
; res |= proc_info->follow_in_scopes & policies_cfg->follow_filter_enabled; @ filtering.h:333
633: (79) r2 = *(u64 *)(r10 -128)     ; R2_w=map_value(map=proc_info_map,ks=4,vs=368) R10=fp0 fp-128=map_value(map=proc_info_map,ks=4,vs=368)
634: (79) r2 = *(u64 *)(r2 +8)        ; R2_w=scalar()
635: (5f) r2 &= r1                    ; R1_w=scalar(umin=1) R2_w=scalar()
636: (4f) r2 |= r4                    ; R2_w=scalar() R4_w=scalar(id=66)
637: (bf) r4 = r2                     ; R2_w=scalar(id=67) R4_w=scalar(id=67)
; return res & policies_cfg->enabled_policies; @ filtering.h:337
638: (79) r2 = *(u64 *)(r5 +32488)    ; R2_w=scalar() R5_w=map_value(map=event_data_map,ks=4,vs=32528)
639: (5f) r2 &= r4                    ; R2_w=scalar() R4_w=scalar(id=67)
; p->event->context.matched_policies &= matched_policies; @ filtering.h:450
640: (79) r1 = *(u64 *)(r5 +136)      ; R1_w=scalar() R5_w=map_value(map=event_data_map,ks=4,vs=32528)
641: (79) r7 = *(u64 *)(r10 -152)     ; R7_w=ctx() R10=fp0 fp-152=ctx()
642: (5f) r1 &= r2                    ; R1_w=scalar() R2_w=scalar()
643: (7b) *(u64 *)(r5 +136) = r1      ; R1_w=scalar() R5_w=map_value(map=event_data_map,ks=4,vs=32528)
; if (!evaluate_scope_filters(&p)) @ tracee.bpf.c:380
644: (15) if r1 == 0x0 goto pc+491    ; R1_w=scalar(umin=1)
645: (79) r7 = *(u64 *)(r10 -96)      ; R7_w=map_value(map=event_data_map,ks=4,vs=32528) R10=fp0 fp-96=map_value(map=event_data_map,ks=4,vs=32528)
646: (bf) r6 = r7                     ; R6_w=map_value(map=event_data_map,ks=4,vs=32528) R7_w=map_value(map=event_data_map,ks=4,vs=32528)
647: (07) r6 += 32146                 ; R6_w=map_value(map=event_data_map,ks=4,vs=32528,off=32146)
; if (buf->offset > ARGS_BUF_SIZE - 1) @ buffer.h:218
648: (69) r1 = *(u16 *)(r6 +0)        ; R1=scalar(smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff)) R6=map_value(map=event_data_map,ks=4,vs=32528,off=32146)
649: (a5) if r1 < 0x7d00 goto pc+89   ; R1=scalar(smin=umin=smin32=umin32=32000,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff))
; if (p.config->options & OPT_EXEC_ENV) { @ tracee.bpf.c:385
650: (79) r1 = *(u64 *)(r10 -120)     ; R1_w=map_value(map=config_map,ks=4,vs=256) R10=fp0 fp-120=map_value(map=config_map,ks=4,vs=256)
651: (61) r1 = *(u32 *)(r1 +4)        ; R1_w=scalar(smin=0,smax=umax=0xffffffff,var_off=(0x0; 0xffffffff))
652: (57) r1 &= 1                     ; R1_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=1,var_off=(0x0; 0x1))
653: (15) if r1 == 0x0 goto pc+46     ; R1_w=1
; if (buf->offset > ARGS_BUF_SIZE - 1) @ buffer.h:314
654: (69) r1 = *(u16 *)(r6 +0)        ; R1_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff)) R6=map_value(map=event_data_map,ks=4,vs=32528,off=32146)
655: (25) if r1 > 0x7cff goto pc+44   ; R1_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=31999,var_off=(0x0; 0x7fff))
656: (79) r2 = *(u64 *)(r10 -112)     ; R2_w=map_value(map=task_info_map,ks=4,vs=200) R10=fp0 fp-112=map_value(map=task_info_map,ks=4,vs=200)
657: (79) r3 = *(u64 *)(r2 +128)      ; R2_w=map_value(map=task_info_map,ks=4,vs=200) R3_w=scalar()
; buf->args[buf->offset] = index; @ buffer.h:318
658: (79) r7 = *(u64 *)(r10 -96)      ; R7_w=map_value(map=event_data_map,ks=4,vs=32528) R10=fp0 fp-96=map_value(map=event_data_map,ks=4,vs=32528)
659: (07) r7 += 145                   ; R7_w=map_value(map=event_data_map,ks=4,vs=32528,off=145)
660: (bf) r2 = r7                     ; R2_w=map_value(map=event_data_map,ks=4,vs=32528,off=145) R7_w=map_value(map=event_data_map,ks=4,vs=32528,off=145)
661: (0f) r2 += r1                    ; R1_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=31999,var_off=(0x0; 0x7fff)) R2_w=map_value(map=event_data_map,ks=4,vs=32528,off=145,smin=smin32=0,smax=umax=smax32=umax32=31999,var_off=(0x0; 0x7fff))
662: (b7) r1 = 2                      ; R1_w=2
663: (73) *(u8 *)(r2 +0) = r1         ; R1_w=2 R2_w=map_value(map=event_data_map,ks=4,vs=32528,off=145,smin=smin32=0,smax=umax=smax32=umax32=31999,var_off=(0x0; 0x7fff))
; u32 orig_off = buf->offset + 1; @ buffer.h:321
664: (69) r8 = *(u16 *)(r5 +32146)    ; R5=map_value(map=event_data_map,ks=4,vs=32528) R8_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff))
; buf->offset += 2; @ buffer.h:322
665: (bf) r1 = r8                     ; R1_w=scalar(id=68,smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff)) R8_w=scalar(id=68,smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff))
666: (07) r1 += 2                     ; R1_w=scalar(id=68+2,smin=umin=smin32=umin32=2,smax=umax=smax32=umax32=0x10001,var_off=(0x0; 0x1ffff))
667: (6b) *(u16 *)(r5 +32146) = r1    ; R1_w=scalar(id=68+2,smin=umin=smin32=umin32=2,smax=umax=smax32=umax32=0x10001,var_off=(0x0; 0x1ffff)) R5=map_value(map=event_data_map,ks=4,vs=32528)
668: (b7) r9 = 0                      ; R9_w=0
; const char *argp = NULL; @ buffer.h:326
669: (7b) *(u64 *)(r10 -72) = r9      ; R9_w=0 R10=fp0 fp-72_w=0
670: (bf) r1 = r10                    ; R1_w=fp0 R10=fp0
671: (07) r1 += -72                   ; R1_w=fp-72
; bpf_probe_read(&argp, sizeof(argp), &ptr[i]); @ buffer.h:327
672: (b7) r2 = 8                      ; R2_w=8
673: (7b) *(u64 *)(r10 -128) = r3     ; R3_w=scalar(id=69) R10=fp0 fp-128_w=scalar(id=69)
674: (85) call bpf_probe_read#4       ; R0=scalar() fp-72=mmmmmmmm
; if (!argp) @ buffer.h:328
675: (79) r3 = *(u64 *)(r10 -72)      ; R3_w=scalar() R10=fp0 fp-72=mmmmmmmm
676: (15) if r3 == 0x0 goto pc+15     ; R3_w=scalar(umin=1)
; if (buf->offset > ARGS_BUF_SIZE - MAX_STRING_SIZE - sizeof(int)) @ buffer.h:331
677: (69) r2 = *(u16 *)(r6 +0)        ; R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff)) R6=map_value(map=event_data_map,ks=4,vs=32528,off=32146)
678: (25) if r2 > 0x6cfc goto pc+13   ; R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=27900,var_off=(0x0; 0x7fff))
; int sz = bpf_probe_read_str(&(buf->args[buf->offset + sizeof(int)]), MAX_STRING_SIZE, argp); @ buffer.h:336
679: (07) r2 += 4                     ; R2_w=scalar(smin=umin=smin32=umin32=4,smax=umax=smax32=umax32=27904,var_off=(0x0; 0x7fff))
680: (57) r2 &= 65535                 ; R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=27904,var_off=(0x0; 0x7fff))
681: (bf) r1 = r7                     ; R1_w=map_value(map=event_data_map,ks=4,vs=32528,off=145) R7=map_value(map=event_data_map,ks=4,vs=32528,off=145)
682: (0f) r1 += r2                    ; R1_w=map_value(map=event_data_map,ks=4,vs=32528,off=145,smin=smin32=0,smax=umax=smax32=umax32=27904,var_off=(0x0; 0x7fff)) R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=27904,var_off=(0x0; 0x7fff))
683: (b7) r2 = 4096                   ; R2_w=4096
684: (85) call bpf_probe_read_str#45          ; R0=scalar(smin=smin32=-4095,smax=smax32=4096)
685: (63) *(u32 *)(r10 -76) = r0      ; R0=scalar(smin=smin32=-4095,smax=smax32=4096) R10=fp0 fp-80=mmmm????
686: (67) r0 <<= 32                   ; R0_w=scalar(smax=0x100000000000,umax=0xffffffff00000000,smin32=0,smax32=umax32=0,var_off=(0x0; 0xffffffff00000000))
687: (c7) r0 s>>= 32                  ; R0_w=scalar(smin=0xffffffff80000000,smax=smax32=4096)
; if (sz > 0) { @ buffer.h:337
688: (c5) if r0 s< 0x1 goto pc+3      ; R0_w=scalar(smin=umin=smin32=umin32=1,smax=umax=smax32=umax32=4096,var_off=(0x0; 0x1fff))
; if (buf->offset > ARGS_BUF_SIZE - sizeof(int)) @ buffer.h:338
689: (69) r2 = *(u16 *)(r6 +0)        ; R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff)) R6=map_value(map=event_data_map,ks=4,vs=32528,off=32146)
690: (25) if r2 > 0x7cfc goto pc+1    ; R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=31996,var_off=(0x0; 0x7fff))
691: (05) goto pc+493
; bpf_probe_read(&(buf->args[buf->offset]), sizeof(int), &sz); @ buffer.h:341
1185: (bf) r1 = r7                    ; R1_w=map_value(map=event_data_map,ks=4,vs=32528,off=145) R7=map_value(map=event_data_map,ks=4,vs=32528,off=145)
1186: (0f) r1 += r2                   ; R1_w=map_value(map=event_data_map,ks=4,vs=32528,off=145,smin=smin32=0,smax=umax=smax32=umax32=31996,var_off=(0x0; 0x7fff)) R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=31996,var_off=(0x0; 0x7fff))
1187: (bf) r3 = r10                   ; R3_w=fp0 R10=fp0
1188: (07) r3 += -76                  ; R3_w=fp-76
1189: (b7) r2 = 4                     ; R2_w=4
1190: (85) call bpf_probe_read#4      ; R0=scalar()
; buf->offset += sz + sizeof(int); @ buffer.h:342
1191: (69) r1 = *(u16 *)(r6 +0)       ; R1_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff)) R6=map_value(map=event_data_map,ks=4,vs=32528,off=32146)
1192: (61) r2 = *(u32 *)(r10 -76)     ; R2_w=scalar(smin=0,smax=umax=0xffffffff,var_off=(0x0; 0xffffffff)) R10=fp0 fp-80=mmmm????
1193: (0f) r2 += r1                   ; R1_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff)) R2_w=scalar(smin=0,smax=umax=0x10000fffe,var_off=(0x0; 0x1ffffffff))
1194: (07) r2 += 4                    ; R2_w=scalar(smin=umin=4,smax=umax=0x100010002,var_off=(0x0; 0x1ffffffff))
1195: (6b) *(u16 *)(r6 +0) = r2       ; R2_w=scalar(smin=umin=4,smax=umax=0x100010002,var_off=(0x0; 0x1ffffffff)) R6=map_value(map=event_data_map,ks=4,vs=32528,off=32146)
1196: (b7) r1 = 0                     ; R1_w=0
; const char *argp = NULL; @ buffer.h:326
1197: (7b) *(u64 *)(r10 -72) = r1     ; R1_w=0 R10=fp0 fp-72_w=0
; bpf_probe_read(&argp, sizeof(argp), &ptr[i]); @ buffer.h:327
1198: (79) r3 = *(u64 *)(r10 -128)    ; R3_w=scalar(id=69) R10=fp0 fp-128=scalar(id=69)
1199: (07) r3 += 8                    ; R3_w=scalar(id=69+8)
1200: (bf) r1 = r10                   ; R1_w=fp0 R10=fp0
1201: (07) r1 += -72                  ; R1_w=fp-72
1202: (b7) r2 = 8                     ; R2_w=8
1203: (85) call bpf_probe_read#4      ; R0_w=scalar() fp-72_w=mmmmmmmm
1204: (b7) r9 = 1                     ; R9_w=1
; if (!argp) @ buffer.h:328
1205: (79) r3 = *(u64 *)(r10 -72)     ; R3_w=scalar() R10=fp0 fp-72_w=mmmmmmmm
1206: (15) if r3 == 0x0 goto pc-515   ; R3_w=scalar(umin=1)
; if (buf->offset > ARGS_BUF_SIZE - MAX_STRING_SIZE - sizeof(int)) @ buffer.h:331
1207: (69) r2 = *(u16 *)(r6 +0)       ; R2=scalar(smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff)) R6=map_value(map=event_data_map,ks=4,vs=32528,off=32146)
1208: (25) if r2 > 0x6cfc goto pc-517         ; R2=scalar(smin=smin32=0,smax=umax=smax32=umax32=27900,var_off=(0x0; 0x7fff))
; int sz = bpf_probe_read_str(&(buf->args[buf->offset + sizeof(int)]), MAX_STRING_SIZE, argp); @ buffer.h:336
1209: (07) r2 += 4                    ; R2_w=scalar(smin=umin=smin32=umin32=4,smax=umax=smax32=umax32=27904,var_off=(0x0; 0x7fff))
1210: (57) r2 &= 65535                ; R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=27904,var_off=(0x0; 0x7fff))
1211: (bf) r1 = r7                    ; R1_w=map_value(map=event_data_map,ks=4,vs=32528,off=145) R7=map_value(map=event_data_map,ks=4,vs=32528,off=145)
1212: (0f) r1 += r2                   ; R1_w=map_value(map=event_data_map,ks=4,vs=32528,off=145,smin=smin32=0,smax=umax=smax32=umax32=27904,var_off=(0x0; 0x7fff)) R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=27904,var_off=(0x0; 0x7fff))
1213: (b7) r2 = 4096                  ; R2_w=4096
1214: (85) call bpf_probe_read_str#45         ; R0_w=scalar(smin=smin32=-4095,smax=smax32=4096)
1215: (63) *(u32 *)(r10 -76) = r0     ; R0_w=scalar(smin=smin32=-4095,smax=smax32=4096) R10=fp0 fp-80=mmmm????
1216: (67) r0 <<= 32                  ; R0_w=scalar(smax=0x100000000000,umax=0xffffffff00000000,smin32=0,smax32=umax32=0,var_off=(0x0; 0xffffffff00000000))
1217: (c7) r0 s>>= 32                 ; R0=scalar(smin=0xffffffff80000000,smax=smax32=4096)
; if (sz > 0) { @ buffer.h:337
1218: (c5) if r0 s< 0x1 goto pc-527   ; R0=scalar(smin=umin=smin32=umin32=1,smax=umax=smax32=umax32=4096,var_off=(0x0; 0x1fff))
; if (buf->offset > ARGS_BUF_SIZE - sizeof(int)) @ buffer.h:338
1219: (69) r2 = *(u16 *)(r6 +0)       ; R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff)) R6=map_value(map=event_data_map,ks=4,vs=32528,off=32146)
1220: (25) if r2 > 0x7cfc goto pc-529         ; R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=31996,var_off=(0x0; 0x7fff))
; bpf_probe_read(&(buf->args[buf->offset]), sizeof(int), &sz); @ buffer.h:341
1221: (bf) r1 = r7                    ; R1_w=map_value(map=event_data_map,ks=4,vs=32528,off=145) R7=map_value(map=event_data_map,ks=4,vs=32528,off=145)
1222: (0f) r1 += r2                   ; R1_w=map_value(map=event_data_map,ks=4,vs=32528,off=145,smin=smin32=0,smax=umax=smax32=umax32=31996,var_off=(0x0; 0x7fff)) R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=31996,var_off=(0x0; 0x7fff))
1223: (bf) r3 = r10                   ; R3_w=fp0 R10=fp0
1224: (07) r3 += -76                  ; R3_w=fp-76
1225: (b7) r2 = 4                     ; R2_w=4
1226: (85) call bpf_probe_read#4      ; R0=scalar()
; buf->offset += sz + sizeof(int); @ buffer.h:342
1227: (69) r1 = *(u16 *)(r6 +0)       ; R1_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff)) R6=map_value(map=event_data_map,ks=4,vs=32528,off=32146)
1228: (61) r2 = *(u32 *)(r10 -76)     ; R2_w=scalar(smin=0,smax=umax=0xffffffff,var_off=(0x0; 0xffffffff)) R10=fp0 fp-80=mmmm????
1229: (0f) r2 += r1                   ; R1_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff)) R2_w=scalar(smin=0,smax=umax=0x10000fffe,var_off=(0x0; 0x1ffffffff))
1230: (07) r2 += 4                    ; R2_w=scalar(smin=umin=4,smax=umax=0x100010002,var_off=(0x0; 0x1ffffffff))
1231: (6b) *(u16 *)(r6 +0) = r2       ; R2_w=scalar(smin=umin=4,smax=umax=0x100010002,var_off=(0x0; 0x1ffffffff)) R6=map_value(map=event_data_map,ks=4,vs=32528,off=32146)
1232: (b7) r1 = 0                     ; R1_w=0
; const char *argp = NULL; @ buffer.h:326
1233: (7b) *(u64 *)(r10 -72) = r1     ; R1_w=0 R10=fp0 fp-72_w=0
; bpf_probe_read(&argp, sizeof(argp), &ptr[i]); @ buffer.h:327
1234: (79) r3 = *(u64 *)(r10 -128)    ; R3_w=scalar(id=69) R10=fp0 fp-128=scalar(id=69)
1235: (07) r3 += 16                   ; R3_w=scalar(id=69+16)
1236: (bf) r1 = r10                   ; R1_w=fp0 R10=fp0
1237: (07) r1 += -72                  ; R1_w=fp-72
1238: (b7) r2 = 8                     ; R2_w=8
1239: (85) call bpf_probe_read#4      ; R0_w=scalar() fp-72_w=mmmmmmmm
1240: (b7) r9 = 2                     ; R9_w=2
; if (!argp) @ buffer.h:328
1241: (79) r3 = *(u64 *)(r10 -72)     ; R3_w=scalar() R10=fp0 fp-72_w=mmmmmmmm
1242: (15) if r3 == 0x0 goto pc-551   ; R3_w=scalar(umin=1)
; if (buf->offset > ARGS_BUF_SIZE - MAX_STRING_SIZE - sizeof(int)) @ buffer.h:331
1243: (69) r2 = *(u16 *)(r6 +0)       ; R2=scalar(smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff)) R6=map_value(map=event_data_map,ks=4,vs=32528,off=32146)
1244: (25) if r2 > 0x6cfc goto pc-553         ; R2=scalar(smin=smin32=0,smax=umax=smax32=umax32=27900,var_off=(0x0; 0x7fff))
; int sz = bpf_probe_read_str(&(buf->args[buf->offset + sizeof(int)]), MAX_STRING_SIZE, argp); @ buffer.h:336
1245: (07) r2 += 4                    ; R2_w=scalar(smin=umin=smin32=umin32=4,smax=umax=smax32=umax32=27904,var_off=(0x0; 0x7fff))
1246: (57) r2 &= 65535                ; R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=27904,var_off=(0x0; 0x7fff))
1247: (bf) r1 = r7                    ; R1_w=map_value(map=event_data_map,ks=4,vs=32528,off=145) R7=map_value(map=event_data_map,ks=4,vs=32528,off=145)
1248: (0f) r1 += r2                   ; R1_w=map_value(map=event_data_map,ks=4,vs=32528,off=145,smin=smin32=0,smax=umax=smax32=umax32=27904,var_off=(0x0; 0x7fff)) R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=27904,var_off=(0x0; 0x7fff))
1249: (b7) r2 = 4096                  ; R2_w=4096
1250: (85) call bpf_probe_read_str#45         ; R0_w=scalar(smin=smin32=-4095,smax=smax32=4096)
1251: (63) *(u32 *)(r10 -76) = r0     ; R0_w=scalar(smin=smin32=-4095,smax=smax32=4096) R10=fp0 fp-80=mmmm????
1252: (67) r0 <<= 32                  ; R0_w=scalar(smax=0x100000000000,umax=0xffffffff00000000,smin32=0,smax32=umax32=0,var_off=(0x0; 0xffffffff00000000))
1253: (c7) r0 s>>= 32                 ; R0=scalar(smin=0xffffffff80000000,smax=smax32=4096)
; if (sz > 0) { @ buffer.h:337
1254: (c5) if r0 s< 0x1 goto pc-563   ; R0=scalar(smin=umin=smin32=umin32=1,smax=umax=smax32=umax32=4096,var_off=(0x0; 0x1fff))
; if (buf->offset > ARGS_BUF_SIZE - sizeof(int)) @ buffer.h:338
1255: (69) r2 = *(u16 *)(r6 +0)       ; R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff)) R6=map_value(map=event_data_map,ks=4,vs=32528,off=32146)
1256: (25) if r2 > 0x7cfc goto pc-565         ; R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=31996,var_off=(0x0; 0x7fff))
; bpf_probe_read(&(buf->args[buf->offset]), sizeof(int), &sz); @ buffer.h:341
1257: (bf) r1 = r7                    ; R1_w=map_value(map=event_data_map,ks=4,vs=32528,off=145) R7=map_value(map=event_data_map,ks=4,vs=32528,off=145)
1258: (0f) r1 += r2                   ; R1_w=map_value(map=event_data_map,ks=4,vs=32528,off=145,smin=smin32=0,smax=umax=smax32=umax32=31996,var_off=(0x0; 0x7fff)) R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=31996,var_off=(0x0; 0x7fff))
1259: (bf) r3 = r10                   ; R3_w=fp0 R10=fp0
1260: (07) r3 += -76                  ; R3_w=fp-76
1261: (b7) r2 = 4                     ; R2_w=4
1262: (85) call bpf_probe_read#4      ; R0=scalar()
; buf->offset += sz + sizeof(int); @ buffer.h:342
1263: (69) r1 = *(u16 *)(r6 +0)       ; R1_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff)) R6=map_value(map=event_data_map,ks=4,vs=32528,off=32146)
1264: (61) r2 = *(u32 *)(r10 -76)     ; R2_w=scalar(smin=0,smax=umax=0xffffffff,var_off=(0x0; 0xffffffff)) R10=fp0 fp-80=mmmm????
1265: (0f) r2 += r1                   ; R1_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff)) R2_w=scalar(smin=0,smax=umax=0x10000fffe,var_off=(0x0; 0x1ffffffff))
1266: (07) r2 += 4                    ; R2_w=scalar(smin=umin=4,smax=umax=0x100010002,var_off=(0x0; 0x1ffffffff))
1267: (6b) *(u16 *)(r6 +0) = r2       ; R2_w=scalar(smin=umin=4,smax=umax=0x100010002,var_off=(0x0; 0x1ffffffff)) R6=map_value(map=event_data_map,ks=4,vs=32528,off=32146)
1268: (b7) r1 = 0                     ; R1_w=0
; const char *argp = NULL; @ buffer.h:326
1269: (7b) *(u64 *)(r10 -72) = r1     ; R1_w=0 R10=fp0 fp-72_w=0
; bpf_probe_read(&argp, sizeof(argp), &ptr[i]); @ buffer.h:327
1270: (79) r3 = *(u64 *)(r10 -128)    ; R3_w=scalar(id=69) R10=fp0 fp-128=scalar(id=69)
1271: (07) r3 += 24                   ; R3_w=scalar(id=69+24)
1272: (bf) r1 = r10                   ; R1_w=fp0 R10=fp0
1273: (07) r1 += -72                  ; R1_w=fp-72
1274: (b7) r2 = 8                     ; R2_w=8
1275: (85) call bpf_probe_read#4      ; R0_w=scalar() fp-72_w=mmmmmmmm
1276: (b7) r9 = 3                     ; R9_w=3
; if (!argp) @ buffer.h:328
1277: (79) r3 = *(u64 *)(r10 -72)     ; R3_w=scalar() R10=fp0 fp-72_w=mmmmmmmm
1278: (15) if r3 == 0x0 goto pc-587   ; R3_w=scalar(umin=1)
; if (buf->offset > ARGS_BUF_SIZE - MAX_STRING_SIZE - sizeof(int)) @ buffer.h:331
1279: (69) r2 = *(u16 *)(r6 +0)       ; R2=scalar(smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff)) R6=map_value(map=event_data_map,ks=4,vs=32528,off=32146)
1280: (25) if r2 > 0x6cfc goto pc-589         ; R2=scalar(smin=smin32=0,smax=umax=smax32=umax32=27900,var_off=(0x0; 0x7fff))
; int sz = bpf_probe_read_str(&(buf->args[buf->offset + sizeof(int)]), MAX_STRING_SIZE, argp); @ buffer.h:336
1281: (07) r2 += 4                    ; R2_w=scalar(smin=umin=smin32=umin32=4,smax=umax=smax32=umax32=27904,var_off=(0x0; 0x7fff))
1282: (57) r2 &= 65535                ; R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=27904,var_off=(0x0; 0x7fff))
1283: (bf) r1 = r7                    ; R1_w=map_value(map=event_data_map,ks=4,vs=32528,off=145) R7=map_value(map=event_data_map,ks=4,vs=32528,off=145)
1284: (0f) r1 += r2                   ; R1_w=map_value(map=event_data_map,ks=4,vs=32528,off=145,smin=smin32=0,smax=umax=smax32=umax32=27904,var_off=(0x0; 0x7fff)) R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=27904,var_off=(0x0; 0x7fff))
1285: (b7) r2 = 4096                  ; R2_w=4096
1286: (85) call bpf_probe_read_str#45         ; R0_w=scalar(smin=smin32=-4095,smax=smax32=4096)
1287: (63) *(u32 *)(r10 -76) = r0     ; R0_w=scalar(smin=smin32=-4095,smax=smax32=4096) R10=fp0 fp-80=mmmm????
1288: (67) r0 <<= 32                  ; R0_w=scalar(smax=0x100000000000,umax=0xffffffff00000000,smin32=0,smax32=umax32=0,var_off=(0x0; 0xffffffff00000000))
1289: (c7) r0 s>>= 32                 ; R0=scalar(smin=0xffffffff80000000,smax=smax32=4096)
; if (sz > 0) { @ buffer.h:337
1290: (c5) if r0 s< 0x1 goto pc-599   ; R0=scalar(smin=umin=smin32=umin32=1,smax=umax=smax32=umax32=4096,var_off=(0x0; 0x1fff))
; if (buf->offset > ARGS_BUF_SIZE - sizeof(int)) @ buffer.h:338
1291: (69) r2 = *(u16 *)(r6 +0)       ; R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff)) R6=map_value(map=event_data_map,ks=4,vs=32528,off=32146)
1292: (25) if r2 > 0x7cfc goto pc-601         ; R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=31996,var_off=(0x0; 0x7fff))
; bpf_probe_read(&(buf->args[buf->offset]), sizeof(int), &sz); @ buffer.h:341
1293: (bf) r1 = r7                    ; R1_w=map_value(map=event_data_map,ks=4,vs=32528,off=145) R7=map_value(map=event_data_map,ks=4,vs=32528,off=145)
1294: (0f) r1 += r2                   ; R1_w=map_value(map=event_data_map,ks=4,vs=32528,off=145,smin=smin32=0,smax=umax=smax32=umax32=31996,var_off=(0x0; 0x7fff)) R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=31996,var_off=(0x0; 0x7fff))
1295: (b7) r9 = 4                     ; R9_w=4
1296: (bf) r3 = r10                   ; R3_w=fp0 R10=fp0
1297: (07) r3 += -76                  ; R3_w=fp-76
1298: (b7) r2 = 4                     ; R2_w=4
1299: (85) call bpf_probe_read#4      ; R0=scalar()
; buf->offset += sz + sizeof(int); @ buffer.h:342
1300: (69) r1 = *(u16 *)(r6 +0)       ; R1_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff)) R6=map_value(map=event_data_map,ks=4,vs=32528,off=32146)
1301: (61) r2 = *(u32 *)(r10 -76)     ; R2_w=scalar(smin=0,smax=umax=0xffffffff,var_off=(0x0; 0xffffffff)) R10=fp0 fp-80=mmmm????
1302: (0f) r2 += r1                   ; R1_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff)) R2_w=scalar(smin=0,smax=umax=0x10000fffe,var_off=(0x0; 0x1ffffffff))
1303: (07) r2 += 4                    ; R2_w=scalar(smin=umin=4,smax=umax=0x100010002,var_off=(0x0; 0x1ffffffff))
1304: (6b) *(u16 *)(r6 +0) = r2       ; R2_w=scalar(smin=umin=4,smax=umax=0x100010002,var_off=(0x0; 0x1ffffffff)) R6=map_value(map=event_data_map,ks=4,vs=32528,off=32146)
1305: (b7) r1 = 0                     ; R1_w=0
; const char *argp = NULL; @ buffer.h:326
1306: (7b) *(u64 *)(r10 -72) = r1     ; R1_w=0 R10=fp0 fp-72_w=0
; bpf_probe_read(&argp, sizeof(argp), &ptr[i]); @ buffer.h:327
1307: (79) r3 = *(u64 *)(r10 -128)    ; R3_w=scalar(id=69) R10=fp0 fp-128=scalar(id=69)
1308: (07) r3 += 32                   ; R3_w=scalar(id=69+32)
1309: (bf) r1 = r10                   ; R1_w=fp0 R10=fp0
1310: (07) r1 += -72                  ; R1_w=fp-72
1311: (b7) r2 = 8                     ; R2_w=8
1312: (85) call bpf_probe_read#4      ; R0_w=scalar() fp-72_w=mmmmmmmm
; if (!argp) @ buffer.h:328
1313: (79) r3 = *(u64 *)(r10 -72)     ; R3_w=scalar() R10=fp0 fp-72_w=mmmmmmmm
1314: (15) if r3 == 0x0 goto pc-623   ; R3_w=scalar(umin=1)
; if (buf->offset > ARGS_BUF_SIZE - MAX_STRING_SIZE - sizeof(int)) @ buffer.h:331
1315: (69) r2 = *(u16 *)(r6 +0)       ; R2=scalar(smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff)) R6=map_value(map=event_data_map,ks=4,vs=32528,off=32146)
1316: (25) if r2 > 0x6cfc goto pc-625         ; R2=scalar(smin=smin32=0,smax=umax=smax32=umax32=27900,var_off=(0x0; 0x7fff))
; int sz = bpf_probe_read_str(&(buf->args[buf->offset + sizeof(int)]), MAX_STRING_SIZE, argp); @ buffer.h:336
1317: (07) r2 += 4                    ; R2_w=scalar(smin=umin=smin32=umin32=4,smax=umax=smax32=umax32=27904,var_off=(0x0; 0x7fff))
1318: (57) r2 &= 65535                ; R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=27904,var_off=(0x0; 0x7fff))
1319: (bf) r1 = r7                    ; R1_w=map_value(map=event_data_map,ks=4,vs=32528,off=145) R7=map_value(map=event_data_map,ks=4,vs=32528,off=145)
1320: (0f) r1 += r2                   ; R1_w=map_value(map=event_data_map,ks=4,vs=32528,off=145,smin=smin32=0,smax=umax=smax32=umax32=27904,var_off=(0x0; 0x7fff)) R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=27904,var_off=(0x0; 0x7fff))
1321: (b7) r2 = 4096                  ; R2_w=4096
1322: (85) call bpf_probe_read_str#45         ; R0_w=scalar(smin=smin32=-4095,smax=smax32=4096)
1323: (63) *(u32 *)(r10 -76) = r0     ; R0_w=scalar(smin=smin32=-4095,smax=smax32=4096) R10=fp0 fp-80=mmmm????
1324: (67) r0 <<= 32                  ; R0_w=scalar(smax=0x100000000000,umax=0xffffffff00000000,smin32=0,smax32=umax32=0,var_off=(0x0; 0xffffffff00000000))
1325: (c7) r0 s>>= 32                 ; R0=scalar(smin=0xffffffff80000000,smax=smax32=4096)
; if (sz > 0) { @ buffer.h:337
1326: (c5) if r0 s< 0x1 goto pc-635   ; R0=scalar(smin=umin=smin32=umin32=1,smax=umax=smax32=umax32=4096,var_off=(0x0; 0x1fff))
; if (buf->offset > ARGS_BUF_SIZE - sizeof(int)) @ buffer.h:338
1327: (69) r2 = *(u16 *)(r6 +0)       ; R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff)) R6=map_value(map=event_data_map,ks=4,vs=32528,off=32146)
1328: (25) if r2 > 0x7cfc goto pc-637         ; R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=31996,var_off=(0x0; 0x7fff))
; bpf_probe_read(&(buf->args[buf->offset]), sizeof(int), &sz); @ buffer.h:341
1329: (bf) r1 = r7                    ; R1_w=map_value(map=event_data_map,ks=4,vs=32528,off=145) R7=map_value(map=event_data_map,ks=4,vs=32528,off=145)
1330: (0f) r1 += r2                   ; R1_w=map_value(map=event_data_map,ks=4,vs=32528,off=145,smin=smin32=0,smax=umax=smax32=umax32=31996,var_off=(0x0; 0x7fff)) R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=31996,var_off=(0x0; 0x7fff))
1331: (bf) r3 = r10                   ; R3_w=fp0 R10=fp0
1332: (07) r3 += -76                  ; R3_w=fp-76
1333: (b7) r2 = 4                     ; R2_w=4
1334: (85) call bpf_probe_read#4      ; R0=scalar()
; buf->offset += sz + sizeof(int); @ buffer.h:342
1335: (69) r1 = *(u16 *)(r6 +0)       ; R1_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff)) R6=map_value(map=event_data_map,ks=4,vs=32528,off=32146)
1336: (61) r2 = *(u32 *)(r10 -76)     ; R2_w=scalar(smin=0,smax=umax=0xffffffff,var_off=(0x0; 0xffffffff)) R10=fp0 fp-80=mmmm????
1337: (0f) r2 += r1                   ; R1_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff)) R2_w=scalar(smin=0,smax=umax=0x10000fffe,var_off=(0x0; 0x1ffffffff))
1338: (07) r2 += 4                    ; R2_w=scalar(smin=umin=4,smax=umax=0x100010002,var_off=(0x0; 0x1ffffffff))
1339: (6b) *(u16 *)(r6 +0) = r2       ; R2_w=scalar(smin=umin=4,smax=umax=0x100010002,var_off=(0x0; 0x1ffffffff)) R6=map_value(map=event_data_map,ks=4,vs=32528,off=32146)
1340: (b7) r1 = 0                     ; R1_w=0
; const char *argp = NULL; @ buffer.h:326
1341: (7b) *(u64 *)(r10 -72) = r1     ; R1_w=0 R10=fp0 fp-72_w=0
; bpf_probe_read(&argp, sizeof(argp), &ptr[i]); @ buffer.h:327
1342: (79) r3 = *(u64 *)(r10 -128)    ; R3_w=scalar(id=69) R10=fp0 fp-128=scalar(id=69)
1343: (07) r3 += 40                   ; R3_w=scalar(id=69+40)
1344: (bf) r1 = r10                   ; R1_w=fp0 R10=fp0
1345: (07) r1 += -72                  ; R1_w=fp-72
1346: (b7) r2 = 8                     ; R2_w=8
1347: (85) call bpf_probe_read#4      ; R0_w=scalar() fp-72_w=mmmmmmmm
1348: (b7) r9 = 5                     ; R9_w=5
; if (!argp) @ buffer.h:328
1349: (79) r3 = *(u64 *)(r10 -72)     ; R3_w=scalar() R10=fp0 fp-72_w=mmmmmmmm
1350: (15) if r3 == 0x0 goto pc-659   ; R3_w=scalar(umin=1)
; if (buf->offset > ARGS_BUF_SIZE - MAX_STRING_SIZE - sizeof(int)) @ buffer.h:331
1351: (69) r2 = *(u16 *)(r6 +0)       ; R2=scalar(smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff)) R6=map_value(map=event_data_map,ks=4,vs=32528,off=32146)
1352: (25) if r2 > 0x6cfc goto pc-661         ; R2=scalar(smin=smin32=0,smax=umax=smax32=umax32=27900,var_off=(0x0; 0x7fff))
; int sz = bpf_probe_read_str(&(buf->args[buf->offset + sizeof(int)]), MAX_STRING_SIZE, argp); @ buffer.h:336
1353: (07) r2 += 4                    ; R2_w=scalar(smin=umin=smin32=umin32=4,smax=umax=smax32=umax32=27904,var_off=(0x0; 0x7fff))
1354: (57) r2 &= 65535                ; R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=27904,var_off=(0x0; 0x7fff))
1355: (bf) r1 = r7                    ; R1_w=map_value(map=event_data_map,ks=4,vs=32528,off=145) R7=map_value(map=event_data_map,ks=4,vs=32528,off=145)
1356: (0f) r1 += r2                   ; R1_w=map_value(map=event_data_map,ks=4,vs=32528,off=145,smin=smin32=0,smax=umax=smax32=umax32=27904,var_off=(0x0; 0x7fff)) R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=27904,var_off=(0x0; 0x7fff))
1357: (b7) r2 = 4096                  ; R2_w=4096
1358: (85) call bpf_probe_read_str#45         ; R0_w=scalar(smin=smin32=-4095,smax=smax32=4096)
1359: (63) *(u32 *)(r10 -76) = r0     ; R0_w=scalar(smin=smin32=-4095,smax=smax32=4096) R10=fp0 fp-80=mmmm????
1360: (67) r0 <<= 32                  ; R0_w=scalar(smax=0x100000000000,umax=0xffffffff00000000,smin32=0,smax32=umax32=0,var_off=(0x0; 0xffffffff00000000))
1361: (c7) r0 s>>= 32                 ; R0=scalar(smin=0xffffffff80000000,smax=smax32=4096)
; if (sz > 0) { @ buffer.h:337
1362: (c5) if r0 s< 0x1 goto pc-671   ; R0=scalar(smin=umin=smin32=umin32=1,smax=umax=smax32=umax32=4096,var_off=(0x0; 0x1fff))
; if (buf->offset > ARGS_BUF_SIZE - sizeof(int)) @ buffer.h:338
1363: (69) r2 = *(u16 *)(r6 +0)       ; R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff)) R6=map_value(map=event_data_map,ks=4,vs=32528,off=32146)
1364: (25) if r2 > 0x7cfc goto pc-673         ; R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=31996,var_off=(0x0; 0x7fff))
; bpf_probe_read(&(buf->args[buf->offset]), sizeof(int), &sz); @ buffer.h:341
1365: (bf) r1 = r7                    ; R1_w=map_value(map=event_data_map,ks=4,vs=32528,off=145) R7=map_value(map=event_data_map,ks=4,vs=32528,off=145)
1366: (0f) r1 += r2                   ; R1_w=map_value(map=event_data_map,ks=4,vs=32528,off=145,smin=smin32=0,smax=umax=smax32=umax32=31996,var_off=(0x0; 0x7fff)) R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=31996,var_off=(0x0; 0x7fff))
1367: (bf) r3 = r10                   ; R3_w=fp0 R10=fp0
1368: (07) r3 += -76                  ; R3_w=fp-76
1369: (b7) r2 = 4                     ; R2_w=4
1370: (85) call bpf_probe_read#4      ; R0=scalar()
; buf->offset += sz + sizeof(int); @ buffer.h:342
1371: (69) r1 = *(u16 *)(r6 +0)       ; R1_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff)) R6=map_value(map=event_data_map,ks=4,vs=32528,off=32146)
1372: (61) r2 = *(u32 *)(r10 -76)     ; R2_w=scalar(smin=0,smax=umax=0xffffffff,var_off=(0x0; 0xffffffff)) R10=fp0 fp-80=mmmm????
1373: (0f) r2 += r1                   ; R1_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff)) R2_w=scalar(smin=0,smax=umax=0x10000fffe,var_off=(0x0; 0x1ffffffff))
1374: (07) r2 += 4                    ; R2_w=scalar(smin=umin=4,smax=umax=0x100010002,var_off=(0x0; 0x1ffffffff))
1375: (6b) *(u16 *)(r6 +0) = r2       ; R2_w=scalar(smin=umin=4,smax=umax=0x100010002,var_off=(0x0; 0x1ffffffff)) R6=map_value(map=event_data_map,ks=4,vs=32528,off=32146)
1376: (b7) r1 = 0                     ; R1_w=0
; const char *argp = NULL; @ buffer.h:326
1377: (7b) *(u64 *)(r10 -72) = r1     ; R1_w=0 R10=fp0 fp-72_w=0
; bpf_probe_read(&argp, sizeof(argp), &ptr[i]); @ buffer.h:327
1378: (79) r3 = *(u64 *)(r10 -128)    ; R3_w=scalar(id=69) R10=fp0 fp-128=scalar(id=69)
1379: (07) r3 += 48                   ; R3_w=scalar(id=69+48)
1380: (bf) r1 = r10                   ; R1_w=fp0 R10=fp0
1381: (07) r1 += -72                  ; R1_w=fp-72
1382: (b7) r2 = 8                     ; R2_w=8
1383: (85) call bpf_probe_read#4      ; R0_w=scalar() fp-72_w=mmmmmmmm
1384: (b7) r9 = 6                     ; R9_w=6
; if (!argp) @ buffer.h:328
1385: (79) r3 = *(u64 *)(r10 -72)     ; R3_w=scalar() R10=fp0 fp-72_w=mmmmmmmm
1386: (15) if r3 == 0x0 goto pc-695   ; R3_w=scalar(umin=1)
; if (buf->offset > ARGS_BUF_SIZE - MAX_STRING_SIZE - sizeof(int)) @ buffer.h:331
1387: (69) r2 = *(u16 *)(r6 +0)       ; R2=scalar(smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff)) R6=map_value(map=event_data_map,ks=4,vs=32528,off=32146)
1388: (25) if r2 > 0x6cfc goto pc-697         ; R2=scalar(smin=smin32=0,smax=umax=smax32=umax32=27900,var_off=(0x0; 0x7fff))
; int sz = bpf_probe_read_str(&(buf->args[buf->offset + sizeof(int)]), MAX_STRING_SIZE, argp); @ buffer.h:336
1389: (07) r2 += 4                    ; R2_w=scalar(smin=umin=smin32=umin32=4,smax=umax=smax32=umax32=27904,var_off=(0x0; 0x7fff))
1390: (57) r2 &= 65535                ; R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=27904,var_off=(0x0; 0x7fff))
1391: (bf) r1 = r7                    ; R1_w=map_value(map=event_data_map,ks=4,vs=32528,off=145) R7=map_value(map=event_data_map,ks=4,vs=32528,off=145)
1392: (0f) r1 += r2                   ; R1_w=map_value(map=event_data_map,ks=4,vs=32528,off=145,smin=smin32=0,smax=umax=smax32=umax32=27904,var_off=(0x0; 0x7fff)) R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=27904,var_off=(0x0; 0x7fff))
1393: (b7) r2 = 4096                  ; R2_w=4096
1394: (85) call bpf_probe_read_str#45         ; R0_w=scalar(smin=smin32=-4095,smax=smax32=4096)
1395: (63) *(u32 *)(r10 -76) = r0     ; R0_w=scalar(smin=smin32=-4095,smax=smax32=4096) R10=fp0 fp-80=mmmm????
1396: (67) r0 <<= 32                  ; R0_w=scalar(smax=0x100000000000,umax=0xffffffff00000000,smin32=0,smax32=umax32=0,var_off=(0x0; 0xffffffff00000000))
1397: (c7) r0 s>>= 32                 ; R0=scalar(smin=0xffffffff80000000,smax=smax32=4096)
; if (sz > 0) { @ buffer.h:337
1398: (c5) if r0 s< 0x1 goto pc-707   ; R0=scalar(smin=umin=smin32=umin32=1,smax=umax=smax32=umax32=4096,var_off=(0x0; 0x1fff))
; if (buf->offset > ARGS_BUF_SIZE - sizeof(int)) @ buffer.h:338
1399: (69) r2 = *(u16 *)(r6 +0)       ; R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff)) R6=map_value(map=event_data_map,ks=4,vs=32528,off=32146)
1400: (25) if r2 > 0x7cfc goto pc-709         ; R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=31996,var_off=(0x0; 0x7fff))
; bpf_probe_read(&(buf->args[buf->offset]), sizeof(int), &sz); @ buffer.h:341
1401: (bf) r1 = r7                    ; R1_w=map_value(map=event_data_map,ks=4,vs=32528,off=145) R7=map_value(map=event_data_map,ks=4,vs=32528,off=145)
1402: (0f) r1 += r2                   ; R1_w=map_value(map=event_data_map,ks=4,vs=32528,off=145,smin=smin32=0,smax=umax=smax32=umax32=31996,var_off=(0x0; 0x7fff)) R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=31996,var_off=(0x0; 0x7fff))
1403: (bf) r3 = r10                   ; R3_w=fp0 R10=fp0
1404: (07) r3 += -76                  ; R3_w=fp-76
1405: (b7) r2 = 4                     ; R2_w=4
1406: (85) call bpf_probe_read#4      ; R0=scalar()
; buf->offset += sz + sizeof(int); @ buffer.h:342
1407: (69) r1 = *(u16 *)(r6 +0)       ; R1_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff)) R6=map_value(map=event_data_map,ks=4,vs=32528,off=32146)
1408: (61) r2 = *(u32 *)(r10 -76)     ; R2_w=scalar(smin=0,smax=umax=0xffffffff,var_off=(0x0; 0xffffffff)) R10=fp0 fp-80=mmmm????
1409: (0f) r2 += r1                   ; R1_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff)) R2_w=scalar(smin=0,smax=umax=0x10000fffe,var_off=(0x0; 0x1ffffffff))
1410: (07) r2 += 4                    ; R2_w=scalar(smin=umin=4,smax=umax=0x100010002,var_off=(0x0; 0x1ffffffff))
1411: (6b) *(u16 *)(r6 +0) = r2       ; R2_w=scalar(smin=umin=4,smax=umax=0x100010002,var_off=(0x0; 0x1ffffffff)) R6=map_value(map=event_data_map,ks=4,vs=32528,off=32146)
1412: (b7) r1 = 0                     ; R1_w=0
; const char *argp = NULL; @ buffer.h:326
1413: (7b) *(u64 *)(r10 -72) = r1     ; R1_w=0 R10=fp0 fp-72_w=0
; bpf_probe_read(&argp, sizeof(argp), &ptr[i]); @ buffer.h:327
1414: (79) r3 = *(u64 *)(r10 -128)    ; R3_w=scalar(id=69) R10=fp0 fp-128=scalar(id=69)
1415: (07) r3 += 56                   ; R3_w=scalar(id=69+56)
1416: (bf) r1 = r10                   ; R1_w=fp0 R10=fp0
1417: (07) r1 += -72                  ; R1_w=fp-72
1418: (b7) r2 = 8                     ; R2_w=8
1419: (85) call bpf_probe_read#4      ; R0_w=scalar() fp-72_w=mmmmmmmm
1420: (b7) r9 = 7                     ; R9_w=7
; if (!argp) @ buffer.h:328
1421: (79) r3 = *(u64 *)(r10 -72)     ; R3_w=scalar() R10=fp0 fp-72_w=mmmmmmmm
1422: (15) if r3 == 0x0 goto pc-731   ; R3_w=scalar(umin=1)
; if (buf->offset > ARGS_BUF_SIZE - MAX_STRING_SIZE - sizeof(int)) @ buffer.h:331
1423: (69) r2 = *(u16 *)(r6 +0)       ; R2=scalar(smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff)) R6=map_value(map=event_data_map,ks=4,vs=32528,off=32146)
1424: (25) if r2 > 0x6cfc goto pc-733         ; R2=scalar(smin=smin32=0,smax=umax=smax32=umax32=27900,var_off=(0x0; 0x7fff))
; int sz = bpf_probe_read_str(&(buf->args[buf->offset + sizeof(int)]), MAX_STRING_SIZE, argp); @ buffer.h:336
1425: (07) r2 += 4                    ; R2_w=scalar(smin=umin=smin32=umin32=4,smax=umax=smax32=umax32=27904,var_off=(0x0; 0x7fff))
1426: (57) r2 &= 65535                ; R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=27904,var_off=(0x0; 0x7fff))
1427: (bf) r1 = r7                    ; R1_w=map_value(map=event_data_map,ks=4,vs=32528,off=145) R7=map_value(map=event_data_map,ks=4,vs=32528,off=145)
1428: (0f) r1 += r2                   ; R1_w=map_value(map=event_data_map,ks=4,vs=32528,off=145,smin=smin32=0,smax=umax=smax32=umax32=27904,var_off=(0x0; 0x7fff)) R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=27904,var_off=(0x0; 0x7fff))
1429: (b7) r2 = 4096                  ; R2_w=4096
1430: (85) call bpf_probe_read_str#45         ; R0_w=scalar(smin=smin32=-4095,smax=smax32=4096)
1431: (63) *(u32 *)(r10 -76) = r0     ; R0_w=scalar(smin=smin32=-4095,smax=smax32=4096) R10=fp0 fp-80=mmmm????
1432: (67) r0 <<= 32                  ; R0_w=scalar(smax=0x100000000000,umax=0xffffffff00000000,smin32=0,smax32=umax32=0,var_off=(0x0; 0xffffffff00000000))
1433: (c7) r0 s>>= 32                 ; R0=scalar(smin=0xffffffff80000000,smax=smax32=4096)
; if (sz > 0) { @ buffer.h:337
1434: (c5) if r0 s< 0x1 goto pc-743   ; R0=scalar(smin=umin=smin32=umin32=1,smax=umax=smax32=umax32=4096,var_off=(0x0; 0x1fff))
; if (buf->offset > ARGS_BUF_SIZE - sizeof(int)) @ buffer.h:338
1435: (69) r2 = *(u16 *)(r6 +0)       ; R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff)) R6=map_value(map=event_data_map,ks=4,vs=32528,off=32146)
1436: (25) if r2 > 0x7cfc goto pc-745         ; R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=31996,var_off=(0x0; 0x7fff))
; bpf_probe_read(&(buf->args[buf->offset]), sizeof(int), &sz); @ buffer.h:341
1437: (bf) r1 = r7                    ; R1_w=map_value(map=event_data_map,ks=4,vs=32528,off=145) R7=map_value(map=event_data_map,ks=4,vs=32528,off=145)
1438: (0f) r1 += r2                   ; R1_w=map_value(map=event_data_map,ks=4,vs=32528,off=145,smin=smin32=0,smax=umax=smax32=umax32=31996,var_off=(0x0; 0x7fff)) R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=31996,var_off=(0x0; 0x7fff))
1439: (bf) r3 = r10                   ; R3_w=fp0 R10=fp0
1440: (07) r3 += -76                  ; R3_w=fp-76
1441: (b7) r2 = 4                     ; R2_w=4
1442: (85) call bpf_probe_read#4      ; R0=scalar()
; buf->offset += sz + sizeof(int); @ buffer.h:342
1443: (69) r1 = *(u16 *)(r6 +0)       ; R1_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff)) R6=map_value(map=event_data_map,ks=4,vs=32528,off=32146)
1444: (61) r2 = *(u32 *)(r10 -76)     ; R2_w=scalar(smin=0,smax=umax=0xffffffff,var_off=(0x0; 0xffffffff)) R10=fp0 fp-80=mmmm????
1445: (0f) r2 += r1                   ; R1_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff)) R2_w=scalar(smin=0,smax=umax=0x10000fffe,var_off=(0x0; 0x1ffffffff))
1446: (07) r2 += 4                    ; R2_w=scalar(smin=umin=4,smax=umax=0x100010002,var_off=(0x0; 0x1ffffffff))
1447: (6b) *(u16 *)(r6 +0) = r2       ; R2_w=scalar(smin=umin=4,smax=umax=0x100010002,var_off=(0x0; 0x1ffffffff)) R6=map_value(map=event_data_map,ks=4,vs=32528,off=32146)
1448: (b7) r1 = 0                     ; R1_w=0
; const char *argp = NULL; @ buffer.h:326
1449: (7b) *(u64 *)(r10 -72) = r1     ; R1_w=0 R10=fp0 fp-72_w=0
; bpf_probe_read(&argp, sizeof(argp), &ptr[i]); @ buffer.h:327
1450: (79) r3 = *(u64 *)(r10 -128)    ; R3_w=scalar(id=69) R10=fp0 fp-128=scalar(id=69)
1451: (07) r3 += 64                   ; R3_w=scalar(id=69+64)
1452: (bf) r1 = r10                   ; R1_w=fp0 R10=fp0
1453: (07) r1 += -72                  ; R1_w=fp-72
1454: (b7) r9 = 8                     ; R9_w=8
1455: (b7) r2 = 8                     ; R2_w=8
1456: (85) call bpf_probe_read#4      ; R0_w=scalar() fp-72_w=mmmmmmmm
; if (!argp) @ buffer.h:328
1457: (79) r3 = *(u64 *)(r10 -72)     ; R3_w=scalar() R10=fp0 fp-72_w=mmmmmmmm
1458: (15) if r3 == 0x0 goto pc-767   ; R3_w=scalar(umin=1)
; if (buf->offset > ARGS_BUF_SIZE - MAX_STRING_SIZE - sizeof(int)) @ buffer.h:331
1459: (69) r2 = *(u16 *)(r6 +0)       ; R2=scalar(smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff)) R6=map_value(map=event_data_map,ks=4,vs=32528,off=32146)
1460: (25) if r2 > 0x6cfc goto pc-769         ; R2=scalar(smin=smin32=0,smax=umax=smax32=umax32=27900,var_off=(0x0; 0x7fff))
; int sz = bpf_probe_read_str(&(buf->args[buf->offset + sizeof(int)]), MAX_STRING_SIZE, argp); @ buffer.h:336
1461: (07) r2 += 4                    ; R2_w=scalar(smin=umin=smin32=umin32=4,smax=umax=smax32=umax32=27904,var_off=(0x0; 0x7fff))
1462: (57) r2 &= 65535                ; R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=27904,var_off=(0x0; 0x7fff))
1463: (bf) r1 = r7                    ; R1_w=map_value(map=event_data_map,ks=4,vs=32528,off=145) R7=map_value(map=event_data_map,ks=4,vs=32528,off=145)
1464: (0f) r1 += r2                   ; R1_w=map_value(map=event_data_map,ks=4,vs=32528,off=145,smin=smin32=0,smax=umax=smax32=umax32=27904,var_off=(0x0; 0x7fff)) R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=27904,var_off=(0x0; 0x7fff))
1465: (b7) r2 = 4096                  ; R2_w=4096
1466: (85) call bpf_probe_read_str#45         ; R0_w=scalar(smin=smin32=-4095,smax=smax32=4096)
1467: (63) *(u32 *)(r10 -76) = r0     ; R0_w=scalar(smin=smin32=-4095,smax=smax32=4096) R10=fp0 fp-80=mmmm????
1468: (67) r0 <<= 32                  ; R0_w=scalar(smax=0x100000000000,umax=0xffffffff00000000,smin32=0,smax32=umax32=0,var_off=(0x0; 0xffffffff00000000))
1469: (c7) r0 s>>= 32                 ; R0=scalar(smin=0xffffffff80000000,smax=smax32=4096)
; if (sz > 0) { @ buffer.h:337
1470: (c5) if r0 s< 0x1 goto pc-779   ; R0=scalar(smin=umin=smin32=umin32=1,smax=umax=smax32=umax32=4096,var_off=(0x0; 0x1fff))
; if (buf->offset > ARGS_BUF_SIZE - sizeof(int)) @ buffer.h:338
1471: (69) r2 = *(u16 *)(r6 +0)       ; R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff)) R6=map_value(map=event_data_map,ks=4,vs=32528,off=32146)
1472: (25) if r2 > 0x7cfc goto pc-781         ; R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=31996,var_off=(0x0; 0x7fff))
; bpf_probe_read(&(buf->args[buf->offset]), sizeof(int), &sz); @ buffer.h:341
1473: (bf) r1 = r7                    ; R1_w=map_value(map=event_data_map,ks=4,vs=32528,off=145) R7=map_value(map=event_data_map,ks=4,vs=32528,off=145)
1474: (0f) r1 += r2                   ; R1_w=map_value(map=event_data_map,ks=4,vs=32528,off=145,smin=smin32=0,smax=umax=smax32=umax32=31996,var_off=(0x0; 0x7fff)) R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=31996,var_off=(0x0; 0x7fff))
1475: (bf) r3 = r10                   ; R3_w=fp0 R10=fp0
1476: (07) r3 += -76                  ; R3_w=fp-76
1477: (b7) r2 = 4                     ; R2_w=4
1478: (85) call bpf_probe_read#4      ; R0=scalar()
; buf->offset += sz + sizeof(int); @ buffer.h:342
1479: (69) r1 = *(u16 *)(r6 +0)       ; R1_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff)) R6=map_value(map=event_data_map,ks=4,vs=32528,off=32146)
1480: (61) r2 = *(u32 *)(r10 -76)     ; R2_w=scalar(smin=0,smax=umax=0xffffffff,var_off=(0x0; 0xffffffff)) R10=fp0 fp-80=mmmm????
1481: (0f) r2 += r1                   ; R1_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff)) R2_w=scalar(smin=0,smax=umax=0x10000fffe,var_off=(0x0; 0x1ffffffff))
1482: (07) r2 += 4                    ; R2_w=scalar(smin=umin=4,smax=umax=0x100010002,var_off=(0x0; 0x1ffffffff))
1483: (6b) *(u16 *)(r6 +0) = r2       ; R2_w=scalar(smin=umin=4,smax=umax=0x100010002,var_off=(0x0; 0x1ffffffff)) R6=map_value(map=event_data_map,ks=4,vs=32528,off=32146)
1484: (b7) r1 = 0                     ; R1_w=0
; const char *argp = NULL; @ buffer.h:326
1485: (7b) *(u64 *)(r10 -72) = r1     ; R1_w=0 R10=fp0 fp-72_w=0
; bpf_probe_read(&argp, sizeof(argp), &ptr[i]); @ buffer.h:327
1486: (79) r3 = *(u64 *)(r10 -128)    ; R3_w=scalar(id=69) R10=fp0 fp-128=scalar(id=69)
1487: (07) r3 += 72                   ; R3_w=scalar(id=69+72)
1488: (bf) r1 = r10                   ; R1_w=fp0 R10=fp0
1489: (07) r1 += -72                  ; R1_w=fp-72
1490: (b7) r2 = 8                     ; R2_w=8
1491: (85) call bpf_probe_read#4      ; R0_w=scalar() fp-72_w=mmmmmmmm
1492: (b7) r9 = 9                     ; R9_w=9
; if (!argp) @ buffer.h:328
1493: (79) r3 = *(u64 *)(r10 -72)     ; R3_w=scalar() R10=fp0 fp-72_w=mmmmmmmm
1494: (15) if r3 == 0x0 goto pc-803   ; R3_w=scalar(umin=1)
; if (buf->offset > ARGS_BUF_SIZE - MAX_STRING_SIZE - sizeof(int)) @ buffer.h:331
1495: (69) r2 = *(u16 *)(r6 +0)       ; R2=scalar(smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff)) R6=map_value(map=event_data_map,ks=4,vs=32528,off=32146)
1496: (25) if r2 > 0x6cfc goto pc-805         ; R2=scalar(smin=smin32=0,smax=umax=smax32=umax32=27900,var_off=(0x0; 0x7fff))
; int sz = bpf_probe_read_str(&(buf->args[buf->offset + sizeof(int)]), MAX_STRING_SIZE, argp); @ buffer.h:336
1497: (07) r2 += 4                    ; R2_w=scalar(smin=umin=smin32=umin32=4,smax=umax=smax32=umax32=27904,var_off=(0x0; 0x7fff))
1498: (57) r2 &= 65535                ; R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=27904,var_off=(0x0; 0x7fff))
1499: (bf) r1 = r7                    ; R1_w=map_value(map=event_data_map,ks=4,vs=32528,off=145) R7=map_value(map=event_data_map,ks=4,vs=32528,off=145)
1500: (0f) r1 += r2                   ; R1_w=map_value(map=event_data_map,ks=4,vs=32528,off=145,smin=smin32=0,smax=umax=smax32=umax32=27904,var_off=(0x0; 0x7fff)) R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=27904,var_off=(0x0; 0x7fff))
1501: (b7) r2 = 4096                  ; R2_w=4096
1502: (85) call bpf_probe_read_str#45         ; R0_w=scalar(smin=smin32=-4095,smax=smax32=4096)
1503: (63) *(u32 *)(r10 -76) = r0     ; R0_w=scalar(smin=smin32=-4095,smax=smax32=4096) R10=fp0 fp-80=mmmm????
1504: (67) r0 <<= 32                  ; R0_w=scalar(smax=0x100000000000,umax=0xffffffff00000000,smin32=0,smax32=umax32=0,var_off=(0x0; 0xffffffff00000000))
1505: (c7) r0 s>>= 32                 ; R0=scalar(smin=0xffffffff80000000,smax=smax32=4096)
; if (sz > 0) { @ buffer.h:337
1506: (c5) if r0 s< 0x1 goto pc-815   ; R0=scalar(smin=umin=smin32=umin32=1,smax=umax=smax32=umax32=4096,var_off=(0x0; 0x1fff))
; if (buf->offset > ARGS_BUF_SIZE - sizeof(int)) @ buffer.h:338
1507: (69) r2 = *(u16 *)(r6 +0)       ; R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff)) R6=map_value(map=event_data_map,ks=4,vs=32528,off=32146)
1508: (25) if r2 > 0x7cfc goto pc-817         ; R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=31996,var_off=(0x0; 0x7fff))
; bpf_probe_read(&(buf->args[buf->offset]), sizeof(int), &sz); @ buffer.h:341
1509: (bf) r1 = r7                    ; R1_w=map_value(map=event_data_map,ks=4,vs=32528,off=145) R7=map_value(map=event_data_map,ks=4,vs=32528,off=145)
1510: (0f) r1 += r2                   ; R1_w=map_value(map=event_data_map,ks=4,vs=32528,off=145,smin=smin32=0,smax=umax=smax32=umax32=31996,var_off=(0x0; 0x7fff)) R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=31996,var_off=(0x0; 0x7fff))
1511: (bf) r3 = r10                   ; R3_w=fp0 R10=fp0
1512: (07) r3 += -76                  ; R3_w=fp-76
1513: (b7) r2 = 4                     ; R2_w=4
1514: (85) call bpf_probe_read#4      ; R0=scalar()
; buf->offset += sz + sizeof(int); @ buffer.h:342
1515: (69) r1 = *(u16 *)(r6 +0)       ; R1_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff)) R6=map_value(map=event_data_map,ks=4,vs=32528,off=32146)
1516: (61) r2 = *(u32 *)(r10 -76)     ; R2_w=scalar(smin=0,smax=umax=0xffffffff,var_off=(0x0; 0xffffffff)) R10=fp0 fp-80=mmmm????
1517: (0f) r2 += r1                   ; R1_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff)) R2_w=scalar(smin=0,smax=umax=0x10000fffe,var_off=(0x0; 0x1ffffffff))
1518: (07) r2 += 4                    ; R2_w=scalar(smin=umin=4,smax=umax=0x100010002,var_off=(0x0; 0x1ffffffff))
1519: (6b) *(u16 *)(r6 +0) = r2       ; R2_w=scalar(smin=umin=4,smax=umax=0x100010002,var_off=(0x0; 0x1ffffffff)) R6=map_value(map=event_data_map,ks=4,vs=32528,off=32146)
1520: (b7) r1 = 0                     ; R1_w=0
; const char *argp = NULL; @ buffer.h:326
1521: (7b) *(u64 *)(r10 -72) = r1     ; R1_w=0 R10=fp0 fp-72_w=0
; bpf_probe_read(&argp, sizeof(argp), &ptr[i]); @ buffer.h:327
1522: (79) r3 = *(u64 *)(r10 -128)    ; R3_w=scalar(id=69) R10=fp0 fp-128=scalar(id=69)
1523: (07) r3 += 80                   ; R3_w=scalar(id=69+80)
1524: (bf) r1 = r10                   ; R1_w=fp0 R10=fp0
1525: (07) r1 += -72                  ; R1_w=fp-72
1526: (b7) r2 = 8                     ; R2_w=8
1527: (85) call bpf_probe_read#4      ; R0_w=scalar() fp-72_w=mmmmmmmm
1528: (b7) r9 = 10                    ; R9_w=10
; if (!argp) @ buffer.h:328
1529: (79) r3 = *(u64 *)(r10 -72)     ; R3_w=scalar() R10=fp0 fp-72_w=mmmmmmmm
1530: (15) if r3 == 0x0 goto pc-839   ; R3_w=scalar(umin=1)
; if (buf->offset > ARGS_BUF_SIZE - MAX_STRING_SIZE - sizeof(int)) @ buffer.h:331
1531: (69) r2 = *(u16 *)(r6 +0)       ; R2=scalar(smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff)) R6=map_value(map=event_data_map,ks=4,vs=32528,off=32146)
1532: (25) if r2 > 0x6cfc goto pc-841         ; R2=scalar(smin=smin32=0,smax=umax=smax32=umax32=27900,var_off=(0x0; 0x7fff))
; int sz = bpf_probe_read_str(&(buf->args[buf->offset + sizeof(int)]), MAX_STRING_SIZE, argp); @ buffer.h:336
1533: (07) r2 += 4                    ; R2_w=scalar(smin=umin=smin32=umin32=4,smax=umax=smax32=umax32=27904,var_off=(0x0; 0x7fff))
1534: (57) r2 &= 65535                ; R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=27904,var_off=(0x0; 0x7fff))
1535: (bf) r1 = r7                    ; R1_w=map_value(map=event_data_map,ks=4,vs=32528,off=145) R7=map_value(map=event_data_map,ks=4,vs=32528,off=145)
1536: (0f) r1 += r2                   ; R1_w=map_value(map=event_data_map,ks=4,vs=32528,off=145,smin=smin32=0,smax=umax=smax32=umax32=27904,var_off=(0x0; 0x7fff)) R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=27904,var_off=(0x0; 0x7fff))
1537: (b7) r2 = 4096                  ; R2_w=4096
1538: (85) call bpf_probe_read_str#45         ; R0_w=scalar(smin=smin32=-4095,smax=smax32=4096)
1539: (63) *(u32 *)(r10 -76) = r0     ; R0_w=scalar(smin=smin32=-4095,smax=smax32=4096) R10=fp0 fp-80=mmmm????
1540: (67) r0 <<= 32                  ; R0_w=scalar(smax=0x100000000000,umax=0xffffffff00000000,smin32=0,smax32=umax32=0,var_off=(0x0; 0xffffffff00000000))
1541: (c7) r0 s>>= 32                 ; R0=scalar(smin=0xffffffff80000000,smax=smax32=4096)
; if (sz > 0) { @ buffer.h:337
1542: (c5) if r0 s< 0x1 goto pc-851   ; R0=scalar(smin=umin=smin32=umin32=1,smax=umax=smax32=umax32=4096,var_off=(0x0; 0x1fff))
; if (buf->offset > ARGS_BUF_SIZE - sizeof(int)) @ buffer.h:338
1543: (69) r2 = *(u16 *)(r6 +0)       ; R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff)) R6=map_value(map=event_data_map,ks=4,vs=32528,off=32146)
1544: (25) if r2 > 0x7cfc goto pc-853         ; R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=31996,var_off=(0x0; 0x7fff))
; bpf_probe_read(&(buf->args[buf->offset]), sizeof(int), &sz); @ buffer.h:341
1545: (bf) r1 = r7                    ; R1_w=map_value(map=event_data_map,ks=4,vs=32528,off=145) R7=map_value(map=event_data_map,ks=4,vs=32528,off=145)
1546: (0f) r1 += r2                   ; R1_w=map_value(map=event_data_map,ks=4,vs=32528,off=145,smin=smin32=0,smax=umax=smax32=umax32=31996,var_off=(0x0; 0x7fff)) R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=31996,var_off=(0x0; 0x7fff))
1547: (bf) r3 = r10                   ; R3_w=fp0 R10=fp0
1548: (07) r3 += -76                  ; R3_w=fp-76
1549: (b7) r2 = 4                     ; R2_w=4
1550: (85) call bpf_probe_read#4      ; R0=scalar()
; buf->offset += sz + sizeof(int); @ buffer.h:342
1551: (69) r1 = *(u16 *)(r6 +0)       ; R1_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff)) R6=map_value(map=event_data_map,ks=4,vs=32528,off=32146)
1552: (61) r2 = *(u32 *)(r10 -76)     ; R2_w=scalar(smin=0,smax=umax=0xffffffff,var_off=(0x0; 0xffffffff)) R10=fp0 fp-80=mmmm????
1553: (0f) r2 += r1                   ; R1_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff)) R2_w=scalar(smin=0,smax=umax=0x10000fffe,var_off=(0x0; 0x1ffffffff))
1554: (07) r2 += 4                    ; R2_w=scalar(smin=umin=4,smax=umax=0x100010002,var_off=(0x0; 0x1ffffffff))
1555: (6b) *(u16 *)(r6 +0) = r2       ; R2_w=scalar(smin=umin=4,smax=umax=0x100010002,var_off=(0x0; 0x1ffffffff)) R6=map_value(map=event_data_map,ks=4,vs=32528,off=32146)
1556: (b7) r1 = 0                     ; R1_w=0
; const char *argp = NULL; @ buffer.h:326
1557: (7b) *(u64 *)(r10 -72) = r1     ; R1_w=0 R10=fp0 fp-72_w=0
; bpf_probe_read(&argp, sizeof(argp), &ptr[i]); @ buffer.h:327
1558: (79) r3 = *(u64 *)(r10 -128)    ; R3_w=scalar(id=69) R10=fp0 fp-128=scalar(id=69)
1559: (07) r3 += 88                   ; R3_w=scalar(id=69+88)
1560: (bf) r1 = r10                   ; R1_w=fp0 R10=fp0
1561: (07) r1 += -72                  ; R1_w=fp-72
1562: (b7) r2 = 8                     ; R2_w=8
1563: (85) call bpf_probe_read#4      ; R0_w=scalar() fp-72_w=mmmmmmmm
1564: (b7) r9 = 11                    ; R9_w=11
; if (!argp) @ buffer.h:328
1565: (79) r3 = *(u64 *)(r10 -72)     ; R3_w=scalar() R10=fp0 fp-72_w=mmmmmmmm
1566: (15) if r3 == 0x0 goto pc-875   ; R3_w=scalar(umin=1)
; if (buf->offset > ARGS_BUF_SIZE - MAX_STRING_SIZE - sizeof(int)) @ buffer.h:331
1567: (69) r2 = *(u16 *)(r6 +0)       ; R2=scalar(smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff)) R6=map_value(map=event_data_map,ks=4,vs=32528,off=32146)
1568: (25) if r2 > 0x6cfc goto pc-877         ; R2=scalar(smin=smin32=0,smax=umax=smax32=umax32=27900,var_off=(0x0; 0x7fff))
; int sz = bpf_probe_read_str(&(buf->args[buf->offset + sizeof(int)]), MAX_STRING_SIZE, argp); @ buffer.h:336
1569: (07) r2 += 4                    ; R2_w=scalar(smin=umin=smin32=umin32=4,smax=umax=smax32=umax32=27904,var_off=(0x0; 0x7fff))
1570: (57) r2 &= 65535                ; R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=27904,var_off=(0x0; 0x7fff))
1571: (bf) r1 = r7                    ; R1_w=map_value(map=event_data_map,ks=4,vs=32528,off=145) R7=map_value(map=event_data_map,ks=4,vs=32528,off=145)
1572: (0f) r1 += r2                   ; R1_w=map_value(map=event_data_map,ks=4,vs=32528,off=145,smin=smin32=0,smax=umax=smax32=umax32=27904,var_off=(0x0; 0x7fff)) R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=27904,var_off=(0x0; 0x7fff))
1573: (b7) r2 = 4096                  ; R2_w=4096
1574: (85) call bpf_probe_read_str#45         ; R0_w=scalar(smin=smin32=-4095,smax=smax32=4096)
1575: (63) *(u32 *)(r10 -76) = r0     ; R0_w=scalar(smin=smin32=-4095,smax=smax32=4096) R10=fp0 fp-80=mmmm????
1576: (67) r0 <<= 32                  ; R0_w=scalar(smax=0x100000000000,umax=0xffffffff00000000,smin32=0,smax32=umax32=0,var_off=(0x0; 0xffffffff00000000))
1577: (c7) r0 s>>= 32                 ; R0=scalar(smin=0xffffffff80000000,smax=smax32=4096)
; if (sz > 0) { @ buffer.h:337
1578: (c5) if r0 s< 0x1 goto pc-887   ; R0=scalar(smin=umin=smin32=umin32=1,smax=umax=smax32=umax32=4096,var_off=(0x0; 0x1fff))
; if (buf->offset > ARGS_BUF_SIZE - sizeof(int)) @ buffer.h:338
1579: (69) r2 = *(u16 *)(r6 +0)       ; R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff)) R6=map_value(map=event_data_map,ks=4,vs=32528,off=32146)
1580: (25) if r2 > 0x7cfc goto pc-889         ; R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=31996,var_off=(0x0; 0x7fff))
; bpf_probe_read(&(buf->args[buf->offset]), sizeof(int), &sz); @ buffer.h:341
1581: (bf) r1 = r7                    ; R1_w=map_value(map=event_data_map,ks=4,vs=32528,off=145) R7=map_value(map=event_data_map,ks=4,vs=32528,off=145)
1582: (0f) r1 += r2                   ; R1_w=map_value(map=event_data_map,ks=4,vs=32528,off=145,smin=smin32=0,smax=umax=smax32=umax32=31996,var_off=(0x0; 0x7fff)) R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=31996,var_off=(0x0; 0x7fff))
1583: (bf) r3 = r10                   ; R3_w=fp0 R10=fp0
1584: (07) r3 += -76                  ; R3_w=fp-76
1585: (b7) r2 = 4                     ; R2_w=4
1586: (85) call bpf_probe_read#4      ; R0=scalar()
; buf->offset += sz + sizeof(int); @ buffer.h:342
1587: (69) r1 = *(u16 *)(r6 +0)       ; R1_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff)) R6=map_value(map=event_data_map,ks=4,vs=32528,off=32146)
1588: (61) r2 = *(u32 *)(r10 -76)     ; R2_w=scalar(smin=0,smax=umax=0xffffffff,var_off=(0x0; 0xffffffff)) R10=fp0 fp-80=mmmm????
1589: (0f) r2 += r1                   ; R1_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff)) R2_w=scalar(smin=0,smax=umax=0x10000fffe,var_off=(0x0; 0x1ffffffff))
1590: (07) r2 += 4                    ; R2_w=scalar(smin=umin=4,smax=umax=0x100010002,var_off=(0x0; 0x1ffffffff))
1591: (6b) *(u16 *)(r6 +0) = r2       ; R2_w=scalar(smin=umin=4,smax=umax=0x100010002,var_off=(0x0; 0x1ffffffff)) R6=map_value(map=event_data_map,ks=4,vs=32528,off=32146)
1592: (b7) r1 = 0                     ; R1_w=0
; const char *argp = NULL; @ buffer.h:326
1593: (7b) *(u64 *)(r10 -72) = r1     ; R1_w=0 R10=fp0 fp-72_w=0
; bpf_probe_read(&argp, sizeof(argp), &ptr[i]); @ buffer.h:327
1594: (79) r3 = *(u64 *)(r10 -128)    ; R3_w=scalar(id=69) R10=fp0 fp-128=scalar(id=69)
1595: (07) r3 += 96                   ; R3_w=scalar(id=69+96)
1596: (bf) r1 = r10                   ; R1_w=fp0 R10=fp0
1597: (07) r1 += -72                  ; R1_w=fp-72
1598: (b7) r2 = 8                     ; R2_w=8
1599: (85) call bpf_probe_read#4      ; R0_w=scalar() fp-72_w=mmmmmmmm
1600: (b7) r9 = 12                    ; R9_w=12
; if (!argp) @ buffer.h:328
1601: (79) r3 = *(u64 *)(r10 -72)     ; R3_w=scalar() R10=fp0 fp-72_w=mmmmmmmm
1602: (15) if r3 == 0x0 goto pc-911   ; R3_w=scalar(umin=1)
; if (buf->offset > ARGS_BUF_SIZE - MAX_STRING_SIZE - sizeof(int)) @ buffer.h:331
1603: (69) r2 = *(u16 *)(r6 +0)       ; R2=scalar(smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff)) R6=map_value(map=event_data_map,ks=4,vs=32528,off=32146)
1604: (25) if r2 > 0x6cfc goto pc-913         ; R2=scalar(smin=smin32=0,smax=umax=smax32=umax32=27900,var_off=(0x0; 0x7fff))
; int sz = bpf_probe_read_str(&(buf->args[buf->offset + sizeof(int)]), MAX_STRING_SIZE, argp); @ buffer.h:336
1605: (07) r2 += 4                    ; R2_w=scalar(smin=umin=smin32=umin32=4,smax=umax=smax32=umax32=27904,var_off=(0x0; 0x7fff))
1606: (57) r2 &= 65535                ; R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=27904,var_off=(0x0; 0x7fff))
1607: (bf) r1 = r7                    ; R1_w=map_value(map=event_data_map,ks=4,vs=32528,off=145) R7=map_value(map=event_data_map,ks=4,vs=32528,off=145)
1608: (0f) r1 += r2                   ; R1_w=map_value(map=event_data_map,ks=4,vs=32528,off=145,smin=smin32=0,smax=umax=smax32=umax32=27904,var_off=(0x0; 0x7fff)) R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=27904,var_off=(0x0; 0x7fff))
1609: (b7) r2 = 4096                  ; R2_w=4096
1610: (85) call bpf_probe_read_str#45         ; R0_w=scalar(smin=smin32=-4095,smax=smax32=4096)
1611: (63) *(u32 *)(r10 -76) = r0     ; R0_w=scalar(smin=smin32=-4095,smax=smax32=4096) R10=fp0 fp-80=mmmm????
1612: (67) r0 <<= 32                  ; R0_w=scalar(smax=0x100000000000,umax=0xffffffff00000000,smin32=0,smax32=umax32=0,var_off=(0x0; 0xffffffff00000000))
1613: (c7) r0 s>>= 32                 ; R0=scalar(smin=0xffffffff80000000,smax=smax32=4096)
; if (sz > 0) { @ buffer.h:337
1614: (c5) if r0 s< 0x1 goto pc-923   ; R0=scalar(smin=umin=smin32=umin32=1,smax=umax=smax32=umax32=4096,var_off=(0x0; 0x1fff))
; if (buf->offset > ARGS_BUF_SIZE - sizeof(int)) @ buffer.h:338
1615: (69) r2 = *(u16 *)(r6 +0)       ; R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff)) R6=map_value(map=event_data_map,ks=4,vs=32528,off=32146)
1616: (25) if r2 > 0x7cfc goto pc-925         ; R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=31996,var_off=(0x0; 0x7fff))
; bpf_probe_read(&(buf->args[buf->offset]), sizeof(int), &sz); @ buffer.h:341
1617: (bf) r1 = r7                    ; R1_w=map_value(map=event_data_map,ks=4,vs=32528,off=145) R7=map_value(map=event_data_map,ks=4,vs=32528,off=145)
1618: (0f) r1 += r2                   ; R1_w=map_value(map=event_data_map,ks=4,vs=32528,off=145,smin=smin32=0,smax=umax=smax32=umax32=31996,var_off=(0x0; 0x7fff)) R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=31996,var_off=(0x0; 0x7fff))
1619: (bf) r3 = r10                   ; R3_w=fp0 R10=fp0
1620: (07) r3 += -76                  ; R3_w=fp-76
1621: (b7) r2 = 4                     ; R2_w=4
1622: (85) call bpf_probe_read#4      ; R0=scalar()
; buf->offset += sz + sizeof(int); @ buffer.h:342
1623: (69) r1 = *(u16 *)(r6 +0)       ; R1_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff)) R6=map_value(map=event_data_map,ks=4,vs=32528,off=32146)
1624: (61) r2 = *(u32 *)(r10 -76)     ; R2_w=scalar(smin=0,smax=umax=0xffffffff,var_off=(0x0; 0xffffffff)) R10=fp0 fp-80=mmmm????
1625: (0f) r2 += r1                   ; R1_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff)) R2_w=scalar(smin=0,smax=umax=0x10000fffe,var_off=(0x0; 0x1ffffffff))
1626: (07) r2 += 4                    ; R2_w=scalar(smin=umin=4,smax=umax=0x100010002,var_off=(0x0; 0x1ffffffff))
1627: (6b) *(u16 *)(r6 +0) = r2       ; R2_w=scalar(smin=umin=4,smax=umax=0x100010002,var_off=(0x0; 0x1ffffffff)) R6=map_value(map=event_data_map,ks=4,vs=32528,off=32146)
1628: (b7) r1 = 0                     ; R1_w=0
; const char *argp = NULL; @ buffer.h:326
1629: (7b) *(u64 *)(r10 -72) = r1     ; R1_w=0 R10=fp0 fp-72_w=0
; bpf_probe_read(&argp, sizeof(argp), &ptr[i]); @ buffer.h:327
1630: (79) r3 = *(u64 *)(r10 -128)    ; R3_w=scalar(id=69) R10=fp0 fp-128=scalar(id=69)
1631: (07) r3 += 104                  ; R3_w=scalar(id=69+104)
1632: (bf) r1 = r10                   ; R1_w=fp0 R10=fp0
1633: (07) r1 += -72                  ; R1_w=fp-72
1634: (b7) r2 = 8                     ; R2_w=8
1635: (85) call bpf_probe_read#4      ; R0_w=scalar() fp-72_w=mmmmmmmm
1636: (b7) r9 = 13                    ; R9_w=13
; if (!argp) @ buffer.h:328
1637: (79) r3 = *(u64 *)(r10 -72)     ; R3_w=scalar() R10=fp0 fp-72_w=mmmmmmmm
1638: (15) if r3 == 0x0 goto pc-947   ; R3_w=scalar(umin=1)
; if (buf->offset > ARGS_BUF_SIZE - MAX_STRING_SIZE - sizeof(int)) @ buffer.h:331
1639: (69) r2 = *(u16 *)(r6 +0)       ; R2=scalar(smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff)) R6=map_value(map=event_data_map,ks=4,vs=32528,off=32146)
1640: (25) if r2 > 0x6cfc goto pc-949         ; R2=scalar(smin=smin32=0,smax=umax=smax32=umax32=27900,var_off=(0x0; 0x7fff))
; int sz = bpf_probe_read_str(&(buf->args[buf->offset + sizeof(int)]), MAX_STRING_SIZE, argp); @ buffer.h:336
1641: (07) r2 += 4                    ; R2_w=scalar(smin=umin=smin32=umin32=4,smax=umax=smax32=umax32=27904,var_off=(0x0; 0x7fff))
1642: (57) r2 &= 65535                ; R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=27904,var_off=(0x0; 0x7fff))
1643: (bf) r1 = r7                    ; R1_w=map_value(map=event_data_map,ks=4,vs=32528,off=145) R7=map_value(map=event_data_map,ks=4,vs=32528,off=145)
1644: (0f) r1 += r2                   ; R1_w=map_value(map=event_data_map,ks=4,vs=32528,off=145,smin=smin32=0,smax=umax=smax32=umax32=27904,var_off=(0x0; 0x7fff)) R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=27904,var_off=(0x0; 0x7fff))
1645: (b7) r2 = 4096                  ; R2_w=4096
1646: (85) call bpf_probe_read_str#45         ; R0_w=scalar(smin=smin32=-4095,smax=smax32=4096)
1647: (63) *(u32 *)(r10 -76) = r0     ; R0_w=scalar(smin=smin32=-4095,smax=smax32=4096) R10=fp0 fp-80=mmmm????
1648: (67) r0 <<= 32                  ; R0_w=scalar(smax=0x100000000000,umax=0xffffffff00000000,smin32=0,smax32=umax32=0,var_off=(0x0; 0xffffffff00000000))
1649: (c7) r0 s>>= 32                 ; R0=scalar(smin=0xffffffff80000000,smax=smax32=4096)
; if (sz > 0) { @ buffer.h:337
1650: (c5) if r0 s< 0x1 goto pc-959   ; R0=scalar(smin=umin=smin32=umin32=1,smax=umax=smax32=umax32=4096,var_off=(0x0; 0x1fff))
; if (buf->offset > ARGS_BUF_SIZE - sizeof(int)) @ buffer.h:338
1651: (69) r2 = *(u16 *)(r6 +0)       ; R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff)) R6=map_value(map=event_data_map,ks=4,vs=32528,off=32146)
1652: (25) if r2 > 0x7cfc goto pc-961         ; R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=31996,var_off=(0x0; 0x7fff))
; bpf_probe_read(&(buf->args[buf->offset]), sizeof(int), &sz); @ buffer.h:341
1653: (bf) r1 = r7                    ; R1_w=map_value(map=event_data_map,ks=4,vs=32528,off=145) R7=map_value(map=event_data_map,ks=4,vs=32528,off=145)
1654: (0f) r1 += r2                   ; R1_w=map_value(map=event_data_map,ks=4,vs=32528,off=145,smin=smin32=0,smax=umax=smax32=umax32=31996,var_off=(0x0; 0x7fff)) R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=31996,var_off=(0x0; 0x7fff))
1655: (bf) r3 = r10                   ; R3_w=fp0 R10=fp0
1656: (07) r3 += -76                  ; R3_w=fp-76
1657: (b7) r2 = 4                     ; R2_w=4
1658: (85) call bpf_probe_read#4      ; R0=scalar()
; buf->offset += sz + sizeof(int); @ buffer.h:342
1659: (69) r1 = *(u16 *)(r6 +0)       ; R1_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff)) R6=map_value(map=event_data_map,ks=4,vs=32528,off=32146)
1660: (61) r2 = *(u32 *)(r10 -76)     ; R2_w=scalar(smin=0,smax=umax=0xffffffff,var_off=(0x0; 0xffffffff)) R10=fp0 fp-80=mmmm????
1661: (0f) r2 += r1                   ; R1_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff)) R2_w=scalar(smin=0,smax=umax=0x10000fffe,var_off=(0x0; 0x1ffffffff))
1662: (07) r2 += 4                    ; R2_w=scalar(smin=umin=4,smax=umax=0x100010002,var_off=(0x0; 0x1ffffffff))
1663: (6b) *(u16 *)(r6 +0) = r2       ; R2_w=scalar(smin=umin=4,smax=umax=0x100010002,var_off=(0x0; 0x1ffffffff)) R6=map_value(map=event_data_map,ks=4,vs=32528,off=32146)
1664: (b7) r1 = 0                     ; R1_w=0
; const char *argp = NULL; @ buffer.h:326
1665: (7b) *(u64 *)(r10 -72) = r1     ; R1_w=0 R10=fp0 fp-72_w=0
; bpf_probe_read(&argp, sizeof(argp), &ptr[i]); @ buffer.h:327
1666: (79) r3 = *(u64 *)(r10 -128)    ; R3_w=scalar(id=69) R10=fp0 fp-128=scalar(id=69)
1667: (07) r3 += 112                  ; R3_w=scalar(id=69+112)
1668: (bf) r1 = r10                   ; R1_w=fp0 R10=fp0
1669: (07) r1 += -72                  ; R1_w=fp-72
1670: (b7) r2 = 8                     ; R2_w=8
1671: (85) call bpf_probe_read#4      ; R0_w=scalar() fp-72_w=mmmmmmmm
1672: (b7) r9 = 14                    ; R9_w=14
; if (!argp) @ buffer.h:328
1673: (79) r3 = *(u64 *)(r10 -72)     ; R3_w=scalar() R10=fp0 fp-72_w=mmmmmmmm
1674: (15) if r3 == 0x0 goto pc-983   ; R3_w=scalar(umin=1)
; if (buf->offset > ARGS_BUF_SIZE - MAX_STRING_SIZE - sizeof(int)) @ buffer.h:331
1675: (69) r2 = *(u16 *)(r6 +0)       ; R2=scalar(smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff)) R6=map_value(map=event_data_map,ks=4,vs=32528,off=32146)
1676: (25) if r2 > 0x6cfc goto pc-985         ; R2=scalar(smin=smin32=0,smax=umax=smax32=umax32=27900,var_off=(0x0; 0x7fff))
; int sz = bpf_probe_read_str(&(buf->args[buf->offset + sizeof(int)]), MAX_STRING_SIZE, argp); @ buffer.h:336
1677: (07) r2 += 4                    ; R2_w=scalar(smin=umin=smin32=umin32=4,smax=umax=smax32=umax32=27904,var_off=(0x0; 0x7fff))
1678: (57) r2 &= 65535                ; R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=27904,var_off=(0x0; 0x7fff))
1679: (bf) r1 = r7                    ; R1_w=map_value(map=event_data_map,ks=4,vs=32528,off=145) R7=map_value(map=event_data_map,ks=4,vs=32528,off=145)
1680: (0f) r1 += r2                   ; R1_w=map_value(map=event_data_map,ks=4,vs=32528,off=145,smin=smin32=0,smax=umax=smax32=umax32=27904,var_off=(0x0; 0x7fff)) R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=27904,var_off=(0x0; 0x7fff))
1681: (b7) r2 = 4096                  ; R2_w=4096
1682: (85) call bpf_probe_read_str#45         ; R0_w=scalar(smin=smin32=-4095,smax=smax32=4096)
1683: (63) *(u32 *)(r10 -76) = r0     ; R0_w=scalar(smin=smin32=-4095,smax=smax32=4096) R10=fp0 fp-80=mmmm????
1684: (67) r0 <<= 32                  ; R0_w=scalar(smax=0x100000000000,umax=0xffffffff00000000,smin32=0,smax32=umax32=0,var_off=(0x0; 0xffffffff00000000))
1685: (c7) r0 s>>= 32                 ; R0=scalar(smin=0xffffffff80000000,smax=smax32=4096)
; if (sz > 0) { @ buffer.h:337
1686: (c5) if r0 s< 0x1 goto pc-995   ; R0=scalar(smin=umin=smin32=umin32=1,smax=umax=smax32=umax32=4096,var_off=(0x0; 0x1fff))
; if (buf->offset > ARGS_BUF_SIZE - sizeof(int)) @ buffer.h:338
1687: (69) r2 = *(u16 *)(r6 +0)       ; R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff)) R6=map_value(map=event_data_map,ks=4,vs=32528,off=32146)
1688: (25) if r2 > 0x7cfc goto pc-997         ; R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=31996,var_off=(0x0; 0x7fff))
; bpf_probe_read(&(buf->args[buf->offset]), sizeof(int), &sz); @ buffer.h:341
1689: (bf) r1 = r7                    ; R1_w=map_value(map=event_data_map,ks=4,vs=32528,off=145) R7=map_value(map=event_data_map,ks=4,vs=32528,off=145)
1690: (0f) r1 += r2                   ; R1_w=map_value(map=event_data_map,ks=4,vs=32528,off=145,smin=smin32=0,smax=umax=smax32=umax32=31996,var_off=(0x0; 0x7fff)) R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=31996,var_off=(0x0; 0x7fff))
1691: (bf) r3 = r10                   ; R3_w=fp0 R10=fp0
1692: (07) r3 += -76                  ; R3_w=fp-76
1693: (b7) r2 = 4                     ; R2_w=4
1694: (85) call bpf_probe_read#4      ; R0=scalar()
; buf->offset += sz + sizeof(int); @ buffer.h:342
1695: (69) r1 = *(u16 *)(r6 +0)       ; R1_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff)) R6=map_value(map=event_data_map,ks=4,vs=32528,off=32146)
1696: (61) r2 = *(u32 *)(r10 -76)     ; R2_w=scalar(smin=0,smax=umax=0xffffffff,var_off=(0x0; 0xffffffff)) R10=fp0 fp-80=mmmm????
1697: (0f) r2 += r1                   ; R1_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff)) R2_w=scalar(smin=0,smax=umax=0x10000fffe,var_off=(0x0; 0x1ffffffff))
1698: (07) r2 += 4                    ; R2_w=scalar(smin=umin=4,smax=umax=0x100010002,var_off=(0x0; 0x1ffffffff))
1699: (6b) *(u16 *)(r6 +0) = r2       ; R2_w=scalar(smin=umin=4,smax=umax=0x100010002,var_off=(0x0; 0x1ffffffff)) R6=map_value(map=event_data_map,ks=4,vs=32528,off=32146)
1700: (b7) r1 = 0                     ; R1_w=0
; const char *argp = NULL; @ buffer.h:326
1701: (7b) *(u64 *)(r10 -72) = r1     ; R1_w=0 R10=fp0 fp-72_w=0
; bpf_probe_read(&argp, sizeof(argp), &ptr[i]); @ buffer.h:327
1702: (79) r3 = *(u64 *)(r10 -128)    ; R3_w=scalar(id=69) R10=fp0 fp-128=scalar(id=69)
1703: (07) r3 += 120                  ; R3_w=scalar(id=69+120)
1704: (bf) r1 = r10                   ; R1_w=fp0 R10=fp0
1705: (07) r1 += -72                  ; R1_w=fp-72
1706: (b7) r2 = 8                     ; R2_w=8
1707: (85) call bpf_probe_read#4      ; R0_w=scalar() fp-72_w=mmmmmmmm
1708: (b7) r9 = 15                    ; R9_w=15
; if (!argp) @ buffer.h:328
1709: (79) r3 = *(u64 *)(r10 -72)     ; R3_w=scalar() R10=fp0 fp-72_w=mmmmmmmm
1710: (15) if r3 == 0x0 goto pc-1019          ; R3_w=scalar(umin=1)
; if (buf->offset > ARGS_BUF_SIZE - MAX_STRING_SIZE - sizeof(int)) @ buffer.h:331
1711: (69) r2 = *(u16 *)(r6 +0)       ; R2=scalar(smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff)) R6=map_value(map=event_data_map,ks=4,vs=32528,off=32146)
1712: (25) if r2 > 0x6cfc goto pc-1021        ; R2=scalar(smin=smin32=0,smax=umax=smax32=umax32=27900,var_off=(0x0; 0x7fff))
; int sz = bpf_probe_read_str(&(buf->args[buf->offset + sizeof(int)]), MAX_STRING_SIZE, argp); @ buffer.h:336
1713: (07) r2 += 4                    ; R2_w=scalar(smin=umin=smin32=umin32=4,smax=umax=smax32=umax32=27904,var_off=(0x0; 0x7fff))
1714: (57) r2 &= 65535                ; R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=27904,var_off=(0x0; 0x7fff))
1715: (bf) r1 = r7                    ; R1_w=map_value(map=event_data_map,ks=4,vs=32528,off=145) R7=map_value(map=event_data_map,ks=4,vs=32528,off=145)
1716: (0f) r1 += r2                   ; R1_w=map_value(map=event_data_map,ks=4,vs=32528,off=145,smin=smin32=0,smax=umax=smax32=umax32=27904,var_off=(0x0; 0x7fff)) R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=27904,var_off=(0x0; 0x7fff))
1717: (b7) r2 = 4096                  ; R2_w=4096
1718: (85) call bpf_probe_read_str#45         ; R0_w=scalar(smin=smin32=-4095,smax=smax32=4096)
1719: (63) *(u32 *)(r10 -76) = r0     ; R0_w=scalar(smin=smin32=-4095,smax=smax32=4096) R10=fp0 fp-80=mmmm????
1720: (67) r0 <<= 32                  ; R0_w=scalar(smax=0x100000000000,umax=0xffffffff00000000,smin32=0,smax32=umax32=0,var_off=(0x0; 0xffffffff00000000))
1721: (c7) r0 s>>= 32                 ; R0=scalar(smin=0xffffffff80000000,smax=smax32=4096)
; if (sz > 0) { @ buffer.h:337
1722: (c5) if r0 s< 0x1 goto pc-1031          ; R0=scalar(smin=umin=smin32=umin32=1,smax=umax=smax32=umax32=4096,var_off=(0x0; 0x1fff))
; if (buf->offset > ARGS_BUF_SIZE - sizeof(int)) @ buffer.h:338
1723: (69) r2 = *(u16 *)(r6 +0)       ; R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff)) R6=map_value(map=event_data_map,ks=4,vs=32528,off=32146)
1724: (25) if r2 > 0x7cfc goto pc-1033        ; R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=31996,var_off=(0x0; 0x7fff))
; bpf_probe_read(&(buf->args[buf->offset]), sizeof(int), &sz); @ buffer.h:341
1725: (bf) r1 = r7                    ; R1_w=map_value(map=event_data_map,ks=4,vs=32528,off=145) R7=map_value(map=event_data_map,ks=4,vs=32528,off=145)
1726: (0f) r1 += r2                   ; R1_w=map_value(map=event_data_map,ks=4,vs=32528,off=145,smin=smin32=0,smax=umax=smax32=umax32=31996,var_off=(0x0; 0x7fff)) R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=31996,var_off=(0x0; 0x7fff))
1727: (bf) r3 = r10                   ; R3_w=fp0 R10=fp0
1728: (07) r3 += -76                  ; R3_w=fp-76
1729: (b7) r2 = 4                     ; R2_w=4
1730: (85) call bpf_probe_read#4      ; R0=scalar()
; buf->offset += sz + sizeof(int); @ buffer.h:342
1731: (69) r1 = *(u16 *)(r6 +0)       ; R1_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff)) R6=map_value(map=event_data_map,ks=4,vs=32528,off=32146)
1732: (61) r2 = *(u32 *)(r10 -76)     ; R2_w=scalar(smin=0,smax=umax=0xffffffff,var_off=(0x0; 0xffffffff)) R10=fp0 fp-80=mmmm????
1733: (0f) r2 += r1                   ; R1_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff)) R2_w=scalar(smin=0,smax=umax=0x10000fffe,var_off=(0x0; 0x1ffffffff))
1734: (07) r2 += 4                    ; R2_w=scalar(smin=umin=4,smax=umax=0x100010002,var_off=(0x0; 0x1ffffffff))
1735: (6b) *(u16 *)(r6 +0) = r2       ; R2_w=scalar(smin=umin=4,smax=umax=0x100010002,var_off=(0x0; 0x1ffffffff)) R6=map_value(map=event_data_map,ks=4,vs=32528,off=32146)
1736: (b7) r1 = 0                     ; R1_w=0
; const char *argp = NULL; @ buffer.h:326
1737: (7b) *(u64 *)(r10 -72) = r1     ; R1_w=0 R10=fp0 fp-72_w=0
; bpf_probe_read(&argp, sizeof(argp), &ptr[i]); @ buffer.h:327
1738: (79) r3 = *(u64 *)(r10 -128)    ; R3_w=scalar(id=69) R10=fp0 fp-128=scalar(id=69)
1739: (07) r3 += 128                  ; R3_w=scalar(id=69+128)
1740: (bf) r1 = r10                   ; R1_w=fp0 R10=fp0
1741: (07) r1 += -72                  ; R1_w=fp-72
1742: (b7) r2 = 8                     ; R2_w=8
1743: (85) call bpf_probe_read#4      ; R0_w=scalar() fp-72_w=mmmmmmmm
1744: (b7) r9 = 16                    ; R9_w=16
; if (!argp) @ buffer.h:328
1745: (79) r3 = *(u64 *)(r10 -72)     ; R3_w=scalar() R10=fp0 fp-72_w=mmmmmmmm
1746: (15) if r3 == 0x0 goto pc-1055          ; R3_w=scalar(umin=1)
; if (buf->offset > ARGS_BUF_SIZE - MAX_STRING_SIZE - sizeof(int)) @ buffer.h:331
1747: (69) r2 = *(u16 *)(r6 +0)       ; R2=scalar(smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff)) R6=map_value(map=event_data_map,ks=4,vs=32528,off=32146)
1748: (25) if r2 > 0x6cfc goto pc-1057        ; R2=scalar(smin=smin32=0,smax=umax=smax32=umax32=27900,var_off=(0x0; 0x7fff))
; int sz = bpf_probe_read_str(&(buf->args[buf->offset + sizeof(int)]), MAX_STRING_SIZE, argp); @ buffer.h:336
1749: (07) r2 += 4                    ; R2_w=scalar(smin=umin=smin32=umin32=4,smax=umax=smax32=umax32=27904,var_off=(0x0; 0x7fff))
1750: (57) r2 &= 65535                ; R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=27904,var_off=(0x0; 0x7fff))
1751: (bf) r1 = r7                    ; R1_w=map_value(map=event_data_map,ks=4,vs=32528,off=145) R7=map_value(map=event_data_map,ks=4,vs=32528,off=145)
1752: (0f) r1 += r2                   ; R1_w=map_value(map=event_data_map,ks=4,vs=32528,off=145,smin=smin32=0,smax=umax=smax32=umax32=27904,var_off=(0x0; 0x7fff)) R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=27904,var_off=(0x0; 0x7fff))
1753: (b7) r2 = 4096                  ; R2_w=4096
1754: (85) call bpf_probe_read_str#45         ; R0_w=scalar(smin=smin32=-4095,smax=smax32=4096)
1755: (63) *(u32 *)(r10 -76) = r0     ; R0_w=scalar(smin=smin32=-4095,smax=smax32=4096) R10=fp0 fp-80=mmmm????
1756: (67) r0 <<= 32                  ; R0_w=scalar(smax=0x100000000000,umax=0xffffffff00000000,smin32=0,smax32=umax32=0,var_off=(0x0; 0xffffffff00000000))
1757: (c7) r0 s>>= 32                 ; R0=scalar(smin=0xffffffff80000000,smax=smax32=4096)
; if (sz > 0) { @ buffer.h:337
1758: (c5) if r0 s< 0x1 goto pc-1067          ; R0=scalar(smin=umin=smin32=umin32=1,smax=umax=smax32=umax32=4096,var_off=(0x0; 0x1fff))
; if (buf->offset > ARGS_BUF_SIZE - sizeof(int)) @ buffer.h:338
1759: (69) r2 = *(u16 *)(r6 +0)       ; R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff)) R6=map_value(map=event_data_map,ks=4,vs=32528,off=32146)
1760: (25) if r2 > 0x7cfc goto pc-1069        ; R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=31996,var_off=(0x0; 0x7fff))
; bpf_probe_read(&(buf->args[buf->offset]), sizeof(int), &sz); @ buffer.h:341
1761: (bf) r1 = r7                    ; R1_w=map_value(map=event_data_map,ks=4,vs=32528,off=145) R7=map_value(map=event_data_map,ks=4,vs=32528,off=145)
1762: (0f) r1 += r2                   ; R1_w=map_value(map=event_data_map,ks=4,vs=32528,off=145,smin=smin32=0,smax=umax=smax32=umax32=31996,var_off=(0x0; 0x7fff)) R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=31996,var_off=(0x0; 0x7fff))
1763: (bf) r3 = r10                   ; R3_w=fp0 R10=fp0
1764: (07) r3 += -76                  ; R3_w=fp-76
1765: (b7) r2 = 4                     ; R2_w=4
1766: (85) call bpf_probe_read#4      ; R0=scalar()
; buf->offset += sz + sizeof(int); @ buffer.h:342
1767: (69) r1 = *(u16 *)(r6 +0)       ; R1_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff)) R6=map_value(map=event_data_map,ks=4,vs=32528,off=32146)
1768: (61) r2 = *(u32 *)(r10 -76)     ; R2_w=scalar(smin=0,smax=umax=0xffffffff,var_off=(0x0; 0xffffffff)) R10=fp0 fp-80=mmmm????
1769: (0f) r2 += r1                   ; R1_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff)) R2_w=scalar(smin=0,smax=umax=0x10000fffe,var_off=(0x0; 0x1ffffffff))
1770: (07) r2 += 4                    ; R2_w=scalar(smin=umin=4,smax=umax=0x100010002,var_off=(0x0; 0x1ffffffff))
1771: (6b) *(u16 *)(r6 +0) = r2       ; R2_w=scalar(smin=umin=4,smax=umax=0x100010002,var_off=(0x0; 0x1ffffffff)) R6=map_value(map=event_data_map,ks=4,vs=32528,off=32146)
1772: (b7) r1 = 0                     ; R1_w=0
; const char *argp = NULL; @ buffer.h:326
1773: (7b) *(u64 *)(r10 -72) = r1     ; R1_w=0 R10=fp0 fp-72_w=0
; bpf_probe_read(&argp, sizeof(argp), &ptr[i]); @ buffer.h:327
1774: (79) r3 = *(u64 *)(r10 -128)    ; R3_w=scalar(id=69) R10=fp0 fp-128=scalar(id=69)
1775: (07) r3 += 136                  ; R3_w=scalar(id=69+136)
1776: (bf) r1 = r10                   ; R1_w=fp0 R10=fp0
1777: (07) r1 += -72                  ; R1_w=fp-72
1778: (b7) r2 = 8                     ; R2_w=8
1779: (85) call bpf_probe_read#4      ; R0_w=scalar() fp-72_w=mmmmmmmm
1780: (b7) r9 = 17                    ; R9_w=17
; if (!argp) @ buffer.h:328
1781: (79) r3 = *(u64 *)(r10 -72)     ; R3_w=scalar() R10=fp0 fp-72_w=mmmmmmmm
1782: (15) if r3 == 0x0 goto pc-1091          ; R3_w=scalar(umin=1)
; if (buf->offset > ARGS_BUF_SIZE - MAX_STRING_SIZE - sizeof(int)) @ buffer.h:331
1783: (69) r2 = *(u16 *)(r6 +0)       ; R2=scalar(smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff)) R6=map_value(map=event_data_map,ks=4,vs=32528,off=32146)
1784: (25) if r2 > 0x6cfc goto pc-1093        ; R2=scalar(smin=smin32=0,smax=umax=smax32=umax32=27900,var_off=(0x0; 0x7fff))
; int sz = bpf_probe_read_str(&(buf->args[buf->offset + sizeof(int)]), MAX_STRING_SIZE, argp); @ buffer.h:336
1785: (07) r2 += 4                    ; R2_w=scalar(smin=umin=smin32=umin32=4,smax=umax=smax32=umax32=27904,var_off=(0x0; 0x7fff))
1786: (57) r2 &= 65535                ; R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=27904,var_off=(0x0; 0x7fff))
1787: (bf) r1 = r7                    ; R1_w=map_value(map=event_data_map,ks=4,vs=32528,off=145) R7=map_value(map=event_data_map,ks=4,vs=32528,off=145)
1788: (0f) r1 += r2                   ; R1_w=map_value(map=event_data_map,ks=4,vs=32528,off=145,smin=smin32=0,smax=umax=smax32=umax32=27904,var_off=(0x0; 0x7fff)) R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=27904,var_off=(0x0; 0x7fff))
1789: (b7) r2 = 4096                  ; R2_w=4096
1790: (85) call bpf_probe_read_str#45         ; R0_w=scalar(smin=smin32=-4095,smax=smax32=4096)
1791: (63) *(u32 *)(r10 -76) = r0     ; R0_w=scalar(smin=smin32=-4095,smax=smax32=4096) R10=fp0 fp-80=mmmm????
1792: (67) r0 <<= 32                  ; R0_w=scalar(smax=0x100000000000,umax=0xffffffff00000000,smin32=0,smax32=umax32=0,var_off=(0x0; 0xffffffff00000000))
1793: (c7) r0 s>>= 32                 ; R0=scalar(smin=0xffffffff80000000,smax=smax32=4096)
; if (sz > 0) { @ buffer.h:337
1794: (c5) if r0 s< 0x1 goto pc-1103          ; R0=scalar(smin=umin=smin32=umin32=1,smax=umax=smax32=umax32=4096,var_off=(0x0; 0x1fff))
; if (buf->offset > ARGS_BUF_SIZE - sizeof(int)) @ buffer.h:338
1795: (69) r2 = *(u16 *)(r6 +0)       ; R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff)) R6=map_value(map=event_data_map,ks=4,vs=32528,off=32146)
1796: (25) if r2 > 0x7cfc goto pc-1105        ; R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=31996,var_off=(0x0; 0x7fff))
; bpf_probe_read(&(buf->args[buf->offset]), sizeof(int), &sz); @ buffer.h:341
1797: (bf) r1 = r7                    ; R1_w=map_value(map=event_data_map,ks=4,vs=32528,off=145) R7=map_value(map=event_data_map,ks=4,vs=32528,off=145)
1798: (0f) r1 += r2                   ; R1_w=map_value(map=event_data_map,ks=4,vs=32528,off=145,smin=smin32=0,smax=umax=smax32=umax32=31996,var_off=(0x0; 0x7fff)) R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=31996,var_off=(0x0; 0x7fff))
1799: (bf) r3 = r10                   ; R3_w=fp0 R10=fp0
1800: (07) r3 += -76                  ; R3_w=fp-76
1801: (b7) r2 = 4                     ; R2_w=4
1802: (85) call bpf_probe_read#4      ; R0=scalar()
; buf->offset += sz + sizeof(int); @ buffer.h:342
1803: (69) r1 = *(u16 *)(r6 +0)       ; R1_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff)) R6=map_value(map=event_data_map,ks=4,vs=32528,off=32146)
1804: (61) r2 = *(u32 *)(r10 -76)     ; R2_w=scalar(smin=0,smax=umax=0xffffffff,var_off=(0x0; 0xffffffff)) R10=fp0 fp-80=mmmm????
1805: (0f) r2 += r1                   ; R1_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff)) R2_w=scalar(smin=0,smax=umax=0x10000fffe,var_off=(0x0; 0x1ffffffff))
1806: (07) r2 += 4                    ; R2_w=scalar(smin=umin=4,smax=umax=0x100010002,var_off=(0x0; 0x1ffffffff))
1807: (6b) *(u16 *)(r6 +0) = r2       ; R2_w=scalar(smin=umin=4,smax=umax=0x100010002,var_off=(0x0; 0x1ffffffff)) R6=map_value(map=event_data_map,ks=4,vs=32528,off=32146)
1808: (b7) r1 = 0                     ; R1_w=0
; const char *argp = NULL; @ buffer.h:326
1809: (7b) *(u64 *)(r10 -72) = r1     ; R1_w=0 R10=fp0 fp-72_w=0
; bpf_probe_read(&argp, sizeof(argp), &ptr[i]); @ buffer.h:327
1810: (79) r3 = *(u64 *)(r10 -128)    ; R3_w=scalar(id=69) R10=fp0 fp-128=scalar(id=69)
1811: (07) r3 += 144                  ; R3_w=scalar(id=69+144)
1812: (bf) r1 = r10                   ; R1_w=fp0 R10=fp0
1813: (07) r1 += -72                  ; R1_w=fp-72
1814: (b7) r2 = 8                     ; R2_w=8
1815: (85) call bpf_probe_read#4      ; R0_w=scalar() fp-72_w=mmmmmmmm
1816: (b7) r9 = 18                    ; R9_w=18
; if (!argp) @ buffer.h:328
1817: (79) r3 = *(u64 *)(r10 -72)     ; R3_w=scalar() R10=fp0 fp-72_w=mmmmmmmm
1818: (15) if r3 == 0x0 goto pc-1127          ; R3_w=scalar(umin=1)
; if (buf->offset > ARGS_BUF_SIZE - MAX_STRING_SIZE - sizeof(int)) @ buffer.h:331
1819: (69) r2 = *(u16 *)(r6 +0)       ; R2=scalar(smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff)) R6=map_value(map=event_data_map,ks=4,vs=32528,off=32146)
1820: (25) if r2 > 0x6cfc goto pc-1129        ; R2=scalar(smin=smin32=0,smax=umax=smax32=umax32=27900,var_off=(0x0; 0x7fff))
; int sz = bpf_probe_read_str(&(buf->args[buf->offset + sizeof(int)]), MAX_STRING_SIZE, argp); @ buffer.h:336
1821: (07) r2 += 4                    ; R2_w=scalar(smin=umin=smin32=umin32=4,smax=umax=smax32=umax32=27904,var_off=(0x0; 0x7fff))
1822: (57) r2 &= 65535                ; R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=27904,var_off=(0x0; 0x7fff))
1823: (bf) r1 = r7                    ; R1_w=map_value(map=event_data_map,ks=4,vs=32528,off=145) R7=map_value(map=event_data_map,ks=4,vs=32528,off=145)
1824: (0f) r1 += r2                   ; R1_w=map_value(map=event_data_map,ks=4,vs=32528,off=145,smin=smin32=0,smax=umax=smax32=umax32=27904,var_off=(0x0; 0x7fff)) R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=27904,var_off=(0x0; 0x7fff))
1825: (b7) r2 = 4096                  ; R2_w=4096
1826: (85) call bpf_probe_read_str#45         ; R0_w=scalar(smin=smin32=-4095,smax=smax32=4096)
1827: (63) *(u32 *)(r10 -76) = r0     ; R0_w=scalar(smin=smin32=-4095,smax=smax32=4096) R10=fp0 fp-80=mmmm????
1828: (67) r0 <<= 32                  ; R0_w=scalar(smax=0x100000000000,umax=0xffffffff00000000,smin32=0,smax32=umax32=0,var_off=(0x0; 0xffffffff00000000))
1829: (c7) r0 s>>= 32                 ; R0=scalar(smin=0xffffffff80000000,smax=smax32=4096)
; if (sz > 0) { @ buffer.h:337
1830: (c5) if r0 s< 0x1 goto pc-1139          ; R0=scalar(smin=umin=smin32=umin32=1,smax=umax=smax32=umax32=4096,var_off=(0x0; 0x1fff))
; if (buf->offset > ARGS_BUF_SIZE - sizeof(int)) @ buffer.h:338
1831: (69) r2 = *(u16 *)(r6 +0)       ; R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff)) R6=map_value(map=event_data_map,ks=4,vs=32528,off=32146)
1832: (25) if r2 > 0x7cfc goto pc-1141        ; R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=31996,var_off=(0x0; 0x7fff))
; bpf_probe_read(&(buf->args[buf->offset]), sizeof(int), &sz); @ buffer.h:341
1833: (bf) r1 = r7                    ; R1_w=map_value(map=event_data_map,ks=4,vs=32528,off=145) R7=map_value(map=event_data_map,ks=4,vs=32528,off=145)
1834: (0f) r1 += r2                   ; R1_w=map_value(map=event_data_map,ks=4,vs=32528,off=145,smin=smin32=0,smax=umax=smax32=umax32=31996,var_off=(0x0; 0x7fff)) R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=31996,var_off=(0x0; 0x7fff))
1835: (bf) r3 = r10                   ; R3_w=fp0 R10=fp0
1836: (07) r3 += -76                  ; R3_w=fp-76
1837: (b7) r2 = 4                     ; R2_w=4
1838: (85) call bpf_probe_read#4      ; R0=scalar()
; buf->offset += sz + sizeof(int); @ buffer.h:342
1839: (69) r1 = *(u16 *)(r6 +0)       ; R1_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff)) R6=map_value(map=event_data_map,ks=4,vs=32528,off=32146)
1840: (61) r2 = *(u32 *)(r10 -76)     ; R2_w=scalar(smin=0,smax=umax=0xffffffff,var_off=(0x0; 0xffffffff)) R10=fp0 fp-80=mmmm????
1841: (0f) r2 += r1                   ; R1_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff)) R2_w=scalar(smin=0,smax=umax=0x10000fffe,var_off=(0x0; 0x1ffffffff))
1842: (07) r2 += 4                    ; R2_w=scalar(smin=umin=4,smax=umax=0x100010002,var_off=(0x0; 0x1ffffffff))
1843: (6b) *(u16 *)(r6 +0) = r2       ; R2_w=scalar(smin=umin=4,smax=umax=0x100010002,var_off=(0x0; 0x1ffffffff)) R6=map_value(map=event_data_map,ks=4,vs=32528,off=32146)
1844: (b7) r1 = 0                     ; R1_w=0
; const char *argp = NULL; @ buffer.h:326
1845: (7b) *(u64 *)(r10 -72) = r1     ; R1_w=0 R10=fp0 fp-72_w=0
; bpf_probe_read(&argp, sizeof(argp), &ptr[i]); @ buffer.h:327
1846: (79) r3 = *(u64 *)(r10 -128)    ; R3_w=scalar(id=69) R10=fp0 fp-128=scalar(id=69)
1847: (07) r3 += 152                  ; R3_w=scalar(id=69+152)
1848: (bf) r1 = r10                   ; R1_w=fp0 R10=fp0
1849: (07) r1 += -72                  ; R1_w=fp-72
1850: (b7) r2 = 8                     ; R2_w=8
1851: (85) call bpf_probe_read#4      ; R0_w=scalar() fp-72_w=mmmmmmmm
1852: (b7) r9 = 19                    ; R9_w=19
; if (!argp) @ buffer.h:328
1853: (79) r3 = *(u64 *)(r10 -72)     ; R3_w=scalar() R10=fp0 fp-72_w=mmmmmmmm
1854: (15) if r3 == 0x0 goto pc-1163          ; R3_w=scalar(umin=1)
; if (buf->offset > ARGS_BUF_SIZE - MAX_STRING_SIZE - sizeof(int)) @ buffer.h:331
1855: (69) r2 = *(u16 *)(r6 +0)       ; R2=scalar(smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff)) R6=map_value(map=event_data_map,ks=4,vs=32528,off=32146)
1856: (25) if r2 > 0x6cfc goto pc-1165        ; R2=scalar(smin=smin32=0,smax=umax=smax32=umax32=27900,var_off=(0x0; 0x7fff))
; int sz = bpf_probe_read_str(&(buf->args[buf->offset + sizeof(int)]), MAX_STRING_SIZE, argp); @ buffer.h:336
1857: (07) r2 += 4                    ; R2_w=scalar(smin=umin=smin32=umin32=4,smax=umax=smax32=umax32=27904,var_off=(0x0; 0x7fff))
1858: (57) r2 &= 65535                ; R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=27904,var_off=(0x0; 0x7fff))
1859: (bf) r1 = r7                    ; R1_w=map_value(map=event_data_map,ks=4,vs=32528,off=145) R7=map_value(map=event_data_map,ks=4,vs=32528,off=145)
1860: (0f) r1 += r2                   ; R1_w=map_value(map=event_data_map,ks=4,vs=32528,off=145,smin=smin32=0,smax=umax=smax32=umax32=27904,var_off=(0x0; 0x7fff)) R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=27904,var_off=(0x0; 0x7fff))
1861: (b7) r2 = 4096                  ; R2_w=4096
1862: (85) call bpf_probe_read_str#45         ; R0_w=scalar(smin=smin32=-4095,smax=smax32=4096)
1863: (63) *(u32 *)(r10 -76) = r0     ; R0_w=scalar(smin=smin32=-4095,smax=smax32=4096) R10=fp0 fp-80=mmmm????
1864: (67) r0 <<= 32                  ; R0_w=scalar(smax=0x100000000000,umax=0xffffffff00000000,smin32=0,smax32=umax32=0,var_off=(0x0; 0xffffffff00000000))
1865: (c7) r0 s>>= 32                 ; R0=scalar(smin=0xffffffff80000000,smax=smax32=4096)
; if (sz > 0) { @ buffer.h:337
1866: (c5) if r0 s< 0x1 goto pc-1175          ; R0=scalar(smin=umin=smin32=umin32=1,smax=umax=smax32=umax32=4096,var_off=(0x0; 0x1fff))
; if (buf->offset > ARGS_BUF_SIZE - sizeof(int)) @ buffer.h:338
1867: (69) r2 = *(u16 *)(r6 +0)       ; R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff)) R6=map_value(map=event_data_map,ks=4,vs=32528,off=32146)
1868: (25) if r2 > 0x7cfc goto pc-1177        ; R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=31996,var_off=(0x0; 0x7fff))
; bpf_probe_read(&(buf->args[buf->offset]), sizeof(int), &sz); @ buffer.h:341
1869: (bf) r1 = r7                    ; R1_w=map_value(map=event_data_map,ks=4,vs=32528,off=145) R7=map_value(map=event_data_map,ks=4,vs=32528,off=145)
1870: (0f) r1 += r2                   ; R1_w=map_value(map=event_data_map,ks=4,vs=32528,off=145,smin=smin32=0,smax=umax=smax32=umax32=31996,var_off=(0x0; 0x7fff)) R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=31996,var_off=(0x0; 0x7fff))
1871: (bf) r3 = r10                   ; R3_w=fp0 R10=fp0
1872: (07) r3 += -76                  ; R3_w=fp-76
1873: (b7) r2 = 4                     ; R2_w=4
1874: (85) call bpf_probe_read#4      ; R0=scalar()
; buf->offset += sz + sizeof(int); @ buffer.h:342
1875: (69) r1 = *(u16 *)(r6 +0)       ; R1_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff)) R6=map_value(map=event_data_map,ks=4,vs=32528,off=32146)
1876: (61) r2 = *(u32 *)(r10 -76)     ; R2_w=scalar(smin=0,smax=umax=0xffffffff,var_off=(0x0; 0xffffffff)) R10=fp0 fp-80=mmmm????
1877: (0f) r2 += r1                   ; R1_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff)) R2_w=scalar(smin=0,smax=umax=0x10000fffe,var_off=(0x0; 0x1ffffffff))
1878: (07) r2 += 4                    ; R2_w=scalar(smin=umin=4,smax=umax=0x100010002,var_off=(0x0; 0x1ffffffff))
1879: (6b) *(u16 *)(r6 +0) = r2       ; R2_w=scalar(smin=umin=4,smax=umax=0x100010002,var_off=(0x0; 0x1ffffffff)) R6=map_value(map=event_data_map,ks=4,vs=32528,off=32146)
1880: (b7) r1 = 0                     ; R1_w=0
; const char *argp = NULL; @ buffer.h:326
1881: (7b) *(u64 *)(r10 -72) = r1     ; R1_w=0 R10=fp0 fp-72_w=0
; bpf_probe_read(&argp, sizeof(argp), &ptr[i]); @ buffer.h:327
1882: (79) r3 = *(u64 *)(r10 -128)    ; R3_w=scalar(id=69) R10=fp0 fp-128=scalar(id=69)
1883: (07) r3 += 160                  ; R3_w=scalar(id=69+160)
1884: (bf) r1 = r10                   ; R1_w=fp0 R10=fp0
1885: (07) r1 += -72                  ; R1_w=fp-72
1886: (b7) r2 = 8                     ; R2_w=8
1887: (85) call bpf_probe_read#4      ; R0_w=scalar() fp-72_w=mmmmmmmm
1888: (b7) r9 = 20                    ; R9_w=20
; if (!argp) @ buffer.h:328
1889: (79) r3 = *(u64 *)(r10 -72)     ; R3_w=scalar() R10=fp0 fp-72_w=mmmmmmmm
1890: (15) if r3 == 0x0 goto pc-1199          ; R3_w=scalar(umin=1)
; if (buf->offset > ARGS_BUF_SIZE - MAX_STRING_SIZE - sizeof(int)) @ buffer.h:331
1891: (69) r2 = *(u16 *)(r6 +0)       ; R2=scalar(smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff)) R6=map_value(map=event_data_map,ks=4,vs=32528,off=32146)
1892: (25) if r2 > 0x6cfc goto pc-1201        ; R2=scalar(smin=smin32=0,smax=umax=smax32=umax32=27900,var_off=(0x0; 0x7fff))
; int sz = bpf_probe_read_str(&(buf->args[buf->offset + sizeof(int)]), MAX_STRING_SIZE, argp); @ buffer.h:336
1893: (07) r2 += 4                    ; R2_w=scalar(smin=umin=smin32=umin32=4,smax=umax=smax32=umax32=27904,var_off=(0x0; 0x7fff))
1894: (57) r2 &= 65535                ; R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=27904,var_off=(0x0; 0x7fff))
1895: (bf) r1 = r7                    ; R1_w=map_value(map=event_data_map,ks=4,vs=32528,off=145) R7=map_value(map=event_data_map,ks=4,vs=32528,off=145)
1896: (0f) r1 += r2                   ; R1_w=map_value(map=event_data_map,ks=4,vs=32528,off=145,smin=smin32=0,smax=umax=smax32=umax32=27904,var_off=(0x0; 0x7fff)) R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=27904,var_off=(0x0; 0x7fff))
1897: (b7) r2 = 4096                  ; R2_w=4096
1898: (85) call bpf_probe_read_str#45         ; R0_w=scalar(smin=smin32=-4095,smax=smax32=4096)
1899: (63) *(u32 *)(r10 -76) = r0     ; R0_w=scalar(smin=smin32=-4095,smax=smax32=4096) R10=fp0 fp-80=mmmm????
1900: (67) r0 <<= 32                  ; R0_w=scalar(smax=0x100000000000,umax=0xffffffff00000000,smin32=0,smax32=umax32=0,var_off=(0x0; 0xffffffff00000000))
1901: (c7) r0 s>>= 32                 ; R0=scalar(smin=0xffffffff80000000,smax=smax32=4096)
; if (sz > 0) { @ buffer.h:337
1902: (c5) if r0 s< 0x1 goto pc-1211          ; R0=scalar(smin=umin=smin32=umin32=1,smax=umax=smax32=umax32=4096,var_off=(0x0; 0x1fff))
; if (buf->offset > ARGS_BUF_SIZE - sizeof(int)) @ buffer.h:338
1903: (69) r2 = *(u16 *)(r6 +0)       ; R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff)) R6=map_value(map=event_data_map,ks=4,vs=32528,off=32146)
1904: (25) if r2 > 0x7cfc goto pc-1213        ; R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=31996,var_off=(0x0; 0x7fff))
; bpf_probe_read(&(buf->args[buf->offset]), sizeof(int), &sz); @ buffer.h:341
1905: (bf) r1 = r7                    ; R1_w=map_value(map=event_data_map,ks=4,vs=32528,off=145) R7=map_value(map=event_data_map,ks=4,vs=32528,off=145)
1906: (0f) r1 += r2                   ; R1_w=map_value(map=event_data_map,ks=4,vs=32528,off=145,smin=smin32=0,smax=umax=smax32=umax32=31996,var_off=(0x0; 0x7fff)) R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=31996,var_off=(0x0; 0x7fff))
1907: (bf) r3 = r10                   ; R3_w=fp0 R10=fp0
1908: (07) r3 += -76                  ; R3_w=fp-76
1909: (b7) r2 = 4                     ; R2_w=4
1910: (85) call bpf_probe_read#4      ; R0=scalar()
; buf->offset += sz + sizeof(int); @ buffer.h:342
1911: (69) r1 = *(u16 *)(r6 +0)       ; R1_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff)) R6=map_value(map=event_data_map,ks=4,vs=32528,off=32146)
1912: (61) r2 = *(u32 *)(r10 -76)     ; R2_w=scalar(smin=0,smax=umax=0xffffffff,var_off=(0x0; 0xffffffff)) R10=fp0 fp-80=mmmm????
1913: (0f) r2 += r1                   ; R1_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff)) R2_w=scalar(smin=0,smax=umax=0x10000fffe,var_off=(0x0; 0x1ffffffff))
1914: (07) r2 += 4                    ; R2_w=scalar(smin=umin=4,smax=umax=0x100010002,var_off=(0x0; 0x1ffffffff))
1915: (6b) *(u16 *)(r6 +0) = r2       ; R2_w=scalar(smin=umin=4,smax=umax=0x100010002,var_off=(0x0; 0x1ffffffff)) R6=map_value(map=event_data_map,ks=4,vs=32528,off=32146)
1916: (b7) r1 = 0                     ; R1_w=0
; const char *argp = NULL; @ buffer.h:326
1917: (7b) *(u64 *)(r10 -72) = r1     ; R1_w=0 R10=fp0 fp-72_w=0
; bpf_probe_read(&argp, sizeof(argp), &ptr[i]); @ buffer.h:327
1918: (79) r3 = *(u64 *)(r10 -128)    ; R3_w=scalar(id=69) R10=fp0 fp-128=scalar(id=69)
1919: (07) r3 += 168                  ; R3_w=scalar(id=69+168)
1920: (bf) r1 = r10                   ; R1_w=fp0 R10=fp0
1921: (07) r1 += -72                  ; R1_w=fp-72
1922: (b7) r2 = 8                     ; R2_w=8
1923: (85) call bpf_probe_read#4      ; R0_w=scalar() fp-72_w=mmmmmmmm
1924: (b7) r9 = 21                    ; R9_w=21
; if (!argp) @ buffer.h:328
1925: (79) r3 = *(u64 *)(r10 -72)     ; R3_w=scalar() R10=fp0 fp-72_w=mmmmmmmm
1926: (15) if r3 == 0x0 goto pc-1235          ; R3_w=scalar(umin=1)
; if (buf->offset > ARGS_BUF_SIZE - MAX_STRING_SIZE - sizeof(int)) @ buffer.h:331
1927: (69) r2 = *(u16 *)(r6 +0)       ; R2=scalar(smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff)) R6=map_value(map=event_data_map,ks=4,vs=32528,off=32146)
1928: (25) if r2 > 0x6cfc goto pc-1237        ; R2=scalar(smin=smin32=0,smax=umax=smax32=umax32=27900,var_off=(0x0; 0x7fff))
; int sz = bpf_probe_read_str(&(buf->args[buf->offset + sizeof(int)]), MAX_STRING_SIZE, argp); @ buffer.h:336
1929: (07) r2 += 4                    ; R2_w=scalar(smin=umin=smin32=umin32=4,smax=umax=smax32=umax32=27904,var_off=(0x0; 0x7fff))
1930: (57) r2 &= 65535                ; R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=27904,var_off=(0x0; 0x7fff))
1931: (bf) r1 = r7                    ; R1_w=map_value(map=event_data_map,ks=4,vs=32528,off=145) R7=map_value(map=event_data_map,ks=4,vs=32528,off=145)
1932: (0f) r1 += r2                   ; R1_w=map_value(map=event_data_map,ks=4,vs=32528,off=145,smin=smin32=0,smax=umax=smax32=umax32=27904,var_off=(0x0; 0x7fff)) R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=27904,var_off=(0x0; 0x7fff))
1933: (b7) r2 = 4096                  ; R2_w=4096
1934: (85) call bpf_probe_read_str#45         ; R0_w=scalar(smin=smin32=-4095,smax=smax32=4096)
1935: (63) *(u32 *)(r10 -76) = r0     ; R0_w=scalar(smin=smin32=-4095,smax=smax32=4096) R10=fp0 fp-80=mmmm????
1936: (67) r0 <<= 32                  ; R0_w=scalar(smax=0x100000000000,umax=0xffffffff00000000,smin32=0,smax32=umax32=0,var_off=(0x0; 0xffffffff00000000))
1937: (c7) r0 s>>= 32                 ; R0=scalar(smin=0xffffffff80000000,smax=smax32=4096)
; if (sz > 0) { @ buffer.h:337
1938: (c5) if r0 s< 0x1 goto pc-1247          ; R0=scalar(smin=umin=smin32=umin32=1,smax=umax=smax32=umax32=4096,var_off=(0x0; 0x1fff))
; if (buf->offset > ARGS_BUF_SIZE - sizeof(int)) @ buffer.h:338
1939: (69) r2 = *(u16 *)(r6 +0)       ; R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff)) R6=map_value(map=event_data_map,ks=4,vs=32528,off=32146)
1940: (25) if r2 > 0x7cfc goto pc-1249        ; R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=31996,var_off=(0x0; 0x7fff))
; bpf_probe_read(&(buf->args[buf->offset]), sizeof(int), &sz); @ buffer.h:341
1941: (bf) r1 = r7                    ; R1_w=map_value(map=event_data_map,ks=4,vs=32528,off=145) R7=map_value(map=event_data_map,ks=4,vs=32528,off=145)
1942: (0f) r1 += r2                   ; R1_w=map_value(map=event_data_map,ks=4,vs=32528,off=145,smin=smin32=0,smax=umax=smax32=umax32=31996,var_off=(0x0; 0x7fff)) R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=31996,var_off=(0x0; 0x7fff))
1943: (bf) r3 = r10                   ; R3_w=fp0 R10=fp0
1944: (07) r3 += -76                  ; R3_w=fp-76
1945: (b7) r2 = 4                     ; R2_w=4
1946: (85) call bpf_probe_read#4      ; R0=scalar()
; buf->offset += sz + sizeof(int); @ buffer.h:342
1947: (69) r1 = *(u16 *)(r6 +0)       ; R1_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff)) R6=map_value(map=event_data_map,ks=4,vs=32528,off=32146)
1948: (61) r2 = *(u32 *)(r10 -76)     ; R2_w=scalar(smin=0,smax=umax=0xffffffff,var_off=(0x0; 0xffffffff)) R10=fp0 fp-80=mmmm????
1949: (0f) r2 += r1                   ; R1_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff)) R2_w=scalar(smin=0,smax=umax=0x10000fffe,var_off=(0x0; 0x1ffffffff))
1950: (07) r2 += 4                    ; R2_w=scalar(smin=umin=4,smax=umax=0x100010002,var_off=(0x0; 0x1ffffffff))
1951: (6b) *(u16 *)(r6 +0) = r2       ; R2_w=scalar(smin=umin=4,smax=umax=0x100010002,var_off=(0x0; 0x1ffffffff)) R6=map_value(map=event_data_map,ks=4,vs=32528,off=32146)
1952: (b7) r1 = 0                     ; R1_w=0
; const char *argp = NULL; @ buffer.h:326
1953: (7b) *(u64 *)(r10 -72) = r1     ; R1_w=0 R10=fp0 fp-72_w=0
; bpf_probe_read(&argp, sizeof(argp), &ptr[i]); @ buffer.h:327
1954: (79) r3 = *(u64 *)(r10 -128)    ; R3_w=scalar(id=69) R10=fp0 fp-128=scalar(id=69)
1955: (07) r3 += 176                  ; R3_w=scalar(id=69+176)
1956: (bf) r1 = r10                   ; R1_w=fp0 R10=fp0
1957: (07) r1 += -72                  ; R1_w=fp-72
1958: (b7) r2 = 8                     ; R2_w=8
1959: (85) call bpf_probe_read#4      ; R0_w=scalar() fp-72_w=mmmmmmmm
1960: (b7) r9 = 22                    ; R9_w=22
; if (!argp) @ buffer.h:328
1961: (79) r3 = *(u64 *)(r10 -72)     ; R3_w=scalar() R10=fp0 fp-72_w=mmmmmmmm
1962: (15) if r3 == 0x0 goto pc-1271          ; R3_w=scalar(umin=1)
; if (buf->offset > ARGS_BUF_SIZE - MAX_STRING_SIZE - sizeof(int)) @ buffer.h:331
1963: (69) r2 = *(u16 *)(r6 +0)       ; R2=scalar(smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff)) R6=map_value(map=event_data_map,ks=4,vs=32528,off=32146)
1964: (25) if r2 > 0x6cfc goto pc-1273        ; R2=scalar(smin=smin32=0,smax=umax=smax32=umax32=27900,var_off=(0x0; 0x7fff))
; int sz = bpf_probe_read_str(&(buf->args[buf->offset + sizeof(int)]), MAX_STRING_SIZE, argp); @ buffer.h:336
1965: (07) r2 += 4                    ; R2_w=scalar(smin=umin=smin32=umin32=4,smax=umax=smax32=umax32=27904,var_off=(0x0; 0x7fff))
1966: (57) r2 &= 65535                ; R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=27904,var_off=(0x0; 0x7fff))
1967: (bf) r1 = r7                    ; R1_w=map_value(map=event_data_map,ks=4,vs=32528,off=145) R7=map_value(map=event_data_map,ks=4,vs=32528,off=145)
1968: (0f) r1 += r2                   ; R1_w=map_value(map=event_data_map,ks=4,vs=32528,off=145,smin=smin32=0,smax=umax=smax32=umax32=27904,var_off=(0x0; 0x7fff)) R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=27904,var_off=(0x0; 0x7fff))
1969: (b7) r2 = 4096                  ; R2_w=4096
1970: (85) call bpf_probe_read_str#45         ; R0_w=scalar(smin=smin32=-4095,smax=smax32=4096)
1971: (63) *(u32 *)(r10 -76) = r0     ; R0_w=scalar(smin=smin32=-4095,smax=smax32=4096) R10=fp0 fp-80=mmmm????
1972: (67) r0 <<= 32                  ; R0_w=scalar(smax=0x100000000000,umax=0xffffffff00000000,smin32=0,smax32=umax32=0,var_off=(0x0; 0xffffffff00000000))
1973: (c7) r0 s>>= 32                 ; R0=scalar(smin=0xffffffff80000000,smax=smax32=4096)
; if (sz > 0) { @ buffer.h:337
1974: (c5) if r0 s< 0x1 goto pc-1283          ; R0=scalar(smin=umin=smin32=umin32=1,smax=umax=smax32=umax32=4096,var_off=(0x0; 0x1fff))
; if (buf->offset > ARGS_BUF_SIZE - sizeof(int)) @ buffer.h:338
1975: (69) r2 = *(u16 *)(r6 +0)       ; R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff)) R6=map_value(map=event_data_map,ks=4,vs=32528,off=32146)
1976: (25) if r2 > 0x7cfc goto pc-1285        ; R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=31996,var_off=(0x0; 0x7fff))
; bpf_probe_read(&(buf->args[buf->offset]), sizeof(int), &sz); @ buffer.h:341
1977: (bf) r1 = r7                    ; R1_w=map_value(map=event_data_map,ks=4,vs=32528,off=145) R7=map_value(map=event_data_map,ks=4,vs=32528,off=145)
1978: (0f) r1 += r2                   ; R1_w=map_value(map=event_data_map,ks=4,vs=32528,off=145,smin=smin32=0,smax=umax=smax32=umax32=31996,var_off=(0x0; 0x7fff)) R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=31996,var_off=(0x0; 0x7fff))
1979: (bf) r3 = r10                   ; R3_w=fp0 R10=fp0
1980: (07) r3 += -76                  ; R3_w=fp-76
1981: (b7) r2 = 4                     ; R2_w=4
1982: (85) call bpf_probe_read#4      ; R0=scalar()
; buf->offset += sz + sizeof(int); @ buffer.h:342
1983: (69) r1 = *(u16 *)(r6 +0)       ; R1_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff)) R6=map_value(map=event_data_map,ks=4,vs=32528,off=32146)
1984: (61) r2 = *(u32 *)(r10 -76)     ; R2_w=scalar(smin=0,smax=umax=0xffffffff,var_off=(0x0; 0xffffffff)) R10=fp0 fp-80=mmmm????
1985: (0f) r2 += r1                   ; R1_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff)) R2_w=scalar(smin=0,smax=umax=0x10000fffe,var_off=(0x0; 0x1ffffffff))
1986: (07) r2 += 4                    ; R2_w=scalar(smin=umin=4,smax=umax=0x100010002,var_off=(0x0; 0x1ffffffff))
1987: (6b) *(u16 *)(r6 +0) = r2       ; R2_w=scalar(smin=umin=4,smax=umax=0x100010002,var_off=(0x0; 0x1ffffffff)) R6=map_value(map=event_data_map,ks=4,vs=32528,off=32146)
1988: (b7) r1 = 0                     ; R1_w=0
; const char *argp = NULL; @ buffer.h:326
1989: (7b) *(u64 *)(r10 -72) = r1     ; R1_w=0 R10=fp0 fp-72_w=0
; bpf_probe_read(&argp, sizeof(argp), &ptr[i]); @ buffer.h:327
1990: (79) r3 = *(u64 *)(r10 -128)    ; R3_w=scalar(id=69) R10=fp0 fp-128=scalar(id=69)
1991: (07) r3 += 184                  ; R3_w=scalar(id=69+184)
1992: (bf) r1 = r10                   ; R1_w=fp0 R10=fp0
1993: (07) r1 += -72                  ; R1_w=fp-72
1994: (b7) r2 = 8                     ; R2_w=8
1995: (85) call bpf_probe_read#4      ; R0_w=scalar() fp-72_w=mmmmmmmm
1996: (b7) r9 = 23                    ; R9_w=23
; if (!argp) @ buffer.h:328
1997: (79) r3 = *(u64 *)(r10 -72)     ; R3_w=scalar() R10=fp0 fp-72_w=mmmmmmmm
1998: (15) if r3 == 0x0 goto pc-1307          ; R3_w=scalar(umin=1)
; if (buf->offset > ARGS_BUF_SIZE - MAX_STRING_SIZE - sizeof(int)) @ buffer.h:331
1999: (69) r2 = *(u16 *)(r6 +0)       ; R2=scalar(smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff)) R6=map_value(map=event_data_map,ks=4,vs=32528,off=32146)
2000: (25) if r2 > 0x6cfc goto pc-1309        ; R2=scalar(smin=smin32=0,smax=umax=smax32=umax32=27900,var_off=(0x0; 0x7fff))
; int sz = bpf_probe_read_str(&(buf->args[buf->offset + sizeof(int)]), MAX_STRING_SIZE, argp); @ buffer.h:336
2001: (07) r2 += 4                    ; R2_w=scalar(smin=umin=smin32=umin32=4,smax=umax=smax32=umax32=27904,var_off=(0x0; 0x7fff))
2002: (57) r2 &= 65535                ; R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=27904,var_off=(0x0; 0x7fff))
2003: (bf) r1 = r7                    ; R1_w=map_value(map=event_data_map,ks=4,vs=32528,off=145) R7=map_value(map=event_data_map,ks=4,vs=32528,off=145)
2004: (0f) r1 += r2                   ; R1_w=map_value(map=event_data_map,ks=4,vs=32528,off=145,smin=smin32=0,smax=umax=smax32=umax32=27904,var_off=(0x0; 0x7fff)) R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=27904,var_off=(0x0; 0x7fff))
2005: (b7) r2 = 4096                  ; R2_w=4096
2006: (85) call bpf_probe_read_str#45         ; R0_w=scalar(smin=smin32=-4095,smax=smax32=4096)
2007: (63) *(u32 *)(r10 -76) = r0     ; R0_w=scalar(smin=smin32=-4095,smax=smax32=4096) R10=fp0 fp-80=mmmm????
2008: (67) r0 <<= 32                  ; R0_w=scalar(smax=0x100000000000,umax=0xffffffff00000000,smin32=0,smax32=umax32=0,var_off=(0x0; 0xffffffff00000000))
2009: (c7) r0 s>>= 32                 ; R0=scalar(smin=0xffffffff80000000,smax=smax32=4096)
; if (sz > 0) { @ buffer.h:337
2010: (c5) if r0 s< 0x1 goto pc-1319          ; R0=scalar(smin=umin=smin32=umin32=1,smax=umax=smax32=umax32=4096,var_off=(0x0; 0x1fff))
; if (buf->offset > ARGS_BUF_SIZE - sizeof(int)) @ buffer.h:338
2011: (69) r2 = *(u16 *)(r6 +0)       ; R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff)) R6=map_value(map=event_data_map,ks=4,vs=32528,off=32146)
2012: (25) if r2 > 0x7cfc goto pc-1321        ; R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=31996,var_off=(0x0; 0x7fff))
; bpf_probe_read(&(buf->args[buf->offset]), sizeof(int), &sz); @ buffer.h:341
2013: (bf) r1 = r7                    ; R1_w=map_value(map=event_data_map,ks=4,vs=32528,off=145) R7=map_value(map=event_data_map,ks=4,vs=32528,off=145)
2014: (0f) r1 += r2                   ; R1_w=map_value(map=event_data_map,ks=4,vs=32528,off=145,smin=smin32=0,smax=umax=smax32=umax32=31996,var_off=(0x0; 0x7fff)) R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=31996,var_off=(0x0; 0x7fff))
2015: (bf) r3 = r10                   ; R3_w=fp0 R10=fp0
2016: (07) r3 += -76                  ; R3_w=fp-76
2017: (b7) r2 = 4                     ; R2_w=4
2018: (85) call bpf_probe_read#4      ; R0=scalar()
; buf->offset += sz + sizeof(int); @ buffer.h:342
2019: (69) r1 = *(u16 *)(r6 +0)       ; R1_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff)) R6=map_value(map=event_data_map,ks=4,vs=32528,off=32146)
2020: (61) r2 = *(u32 *)(r10 -76)     ; R2_w=scalar(smin=0,smax=umax=0xffffffff,var_off=(0x0; 0xffffffff)) R10=fp0 fp-80=mmmm????
2021: (0f) r2 += r1                   ; R1_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff)) R2_w=scalar(smin=0,smax=umax=0x10000fffe,var_off=(0x0; 0x1ffffffff))
2022: (07) r2 += 4                    ; R2_w=scalar(smin=umin=4,smax=umax=0x100010002,var_off=(0x0; 0x1ffffffff))
2023: (6b) *(u16 *)(r6 +0) = r2       ; R2_w=scalar(smin=umin=4,smax=umax=0x100010002,var_off=(0x0; 0x1ffffffff)) R6=map_value(map=event_data_map,ks=4,vs=32528,off=32146)
2024: (b7) r1 = 0                     ; R1_w=0
; const char *argp = NULL; @ buffer.h:326
2025: (7b) *(u64 *)(r10 -72) = r1     ; R1_w=0 R10=fp0 fp-72_w=0
; bpf_probe_read(&argp, sizeof(argp), &ptr[i]); @ buffer.h:327
2026: (79) r3 = *(u64 *)(r10 -128)    ; R3_w=scalar(id=69) R10=fp0 fp-128=scalar(id=69)
2027: (07) r3 += 192                  ; R3_w=scalar(id=69+192)
2028: (bf) r1 = r10                   ; R1_w=fp0 R10=fp0
2029: (07) r1 += -72                  ; R1_w=fp-72
2030: (b7) r2 = 8                     ; R2_w=8
2031: (85) call bpf_probe_read#4      ; R0_w=scalar() fp-72_w=mmmmmmmm
2032: (b7) r9 = 24                    ; R9_w=24
; if (!argp) @ buffer.h:328
2033: (79) r3 = *(u64 *)(r10 -72)     ; R3_w=scalar() R10=fp0 fp-72_w=mmmmmmmm
2034: (15) if r3 == 0x0 goto pc-1343          ; R3_w=scalar(umin=1)
; if (buf->offset > ARGS_BUF_SIZE - MAX_STRING_SIZE - sizeof(int)) @ buffer.h:331
2035: (69) r2 = *(u16 *)(r6 +0)       ; R2=scalar(smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff)) R6=map_value(map=event_data_map,ks=4,vs=32528,off=32146)
2036: (25) if r2 > 0x6cfc goto pc-1345        ; R2=scalar(smin=smin32=0,smax=umax=smax32=umax32=27900,var_off=(0x0; 0x7fff))
; int sz = bpf_probe_read_str(&(buf->args[buf->offset + sizeof(int)]), MAX_STRING_SIZE, argp); @ buffer.h:336
2037: (07) r2 += 4                    ; R2_w=scalar(smin=umin=smin32=umin32=4,smax=umax=smax32=umax32=27904,var_off=(0x0; 0x7fff))
2038: (57) r2 &= 65535                ; R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=27904,var_off=(0x0; 0x7fff))
2039: (bf) r1 = r7                    ; R1_w=map_value(map=event_data_map,ks=4,vs=32528,off=145) R7=map_value(map=event_data_map,ks=4,vs=32528,off=145)
2040: (0f) r1 += r2                   ; R1_w=map_value(map=event_data_map,ks=4,vs=32528,off=145,smin=smin32=0,smax=umax=smax32=umax32=27904,var_off=(0x0; 0x7fff)) R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=27904,var_off=(0x0; 0x7fff))
2041: (b7) r2 = 4096                  ; R2_w=4096
2042: (85) call bpf_probe_read_str#45         ; R0_w=scalar(smin=smin32=-4095,smax=smax32=4096)
2043: (63) *(u32 *)(r10 -76) = r0     ; R0_w=scalar(smin=smin32=-4095,smax=smax32=4096) R10=fp0 fp-80=mmmm????
2044: (67) r0 <<= 32                  ; R0_w=scalar(smax=0x100000000000,umax=0xffffffff00000000,smin32=0,smax32=umax32=0,var_off=(0x0; 0xffffffff00000000))
2045: (c7) r0 s>>= 32                 ; R0=scalar(smin=0xffffffff80000000,smax=smax32=4096)
; if (sz > 0) { @ buffer.h:337
2046: (c5) if r0 s< 0x1 goto pc-1355          ; R0=scalar(smin=umin=smin32=umin32=1,smax=umax=smax32=umax32=4096,var_off=(0x0; 0x1fff))
; if (buf->offset > ARGS_BUF_SIZE - sizeof(int)) @ buffer.h:338
2047: (69) r2 = *(u16 *)(r6 +0)       ; R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff)) R6=map_value(map=event_data_map,ks=4,vs=32528,off=32146)
2048: (25) if r2 > 0x7cfc goto pc-1357        ; R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=31996,var_off=(0x0; 0x7fff))
; bpf_probe_read(&(buf->args[buf->offset]), sizeof(int), &sz); @ buffer.h:341
2049: (bf) r1 = r7                    ; R1_w=map_value(map=event_data_map,ks=4,vs=32528,off=145) R7=map_value(map=event_data_map,ks=4,vs=32528,off=145)
2050: (0f) r1 += r2                   ; R1_w=map_value(map=event_data_map,ks=4,vs=32528,off=145,smin=smin32=0,smax=umax=smax32=umax32=31996,var_off=(0x0; 0x7fff)) R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=31996,var_off=(0x0; 0x7fff))
2051: (bf) r3 = r10                   ; R3_w=fp0 R10=fp0
2052: (07) r3 += -76                  ; R3_w=fp-76
2053: (b7) r2 = 4                     ; R2_w=4
2054: (85) call bpf_probe_read#4      ; R0=scalar()
; buf->offset += sz + sizeof(int); @ buffer.h:342
2055: (69) r1 = *(u16 *)(r6 +0)       ; R1_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff)) R6=map_value(map=event_data_map,ks=4,vs=32528,off=32146)
2056: (61) r2 = *(u32 *)(r10 -76)     ; R2_w=scalar(smin=0,smax=umax=0xffffffff,var_off=(0x0; 0xffffffff)) R10=fp0 fp-80=mmmm????
2057: (0f) r2 += r1                   ; R1_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff)) R2_w=scalar(smin=0,smax=umax=0x10000fffe,var_off=(0x0; 0x1ffffffff))
2058: (07) r2 += 4                    ; R2_w=scalar(smin=umin=4,smax=umax=0x100010002,var_off=(0x0; 0x1ffffffff))
2059: (6b) *(u16 *)(r6 +0) = r2       ; R2_w=scalar(smin=umin=4,smax=umax=0x100010002,var_off=(0x0; 0x1ffffffff)) R6=map_value(map=event_data_map,ks=4,vs=32528,off=32146)
2060: (b7) r1 = 0                     ; R1_w=0
; const char *argp = NULL; @ buffer.h:326
2061: (7b) *(u64 *)(r10 -72) = r1     ; R1_w=0 R10=fp0 fp-72_w=0
; bpf_probe_read(&argp, sizeof(argp), &ptr[i]); @ buffer.h:327
2062: (79) r3 = *(u64 *)(r10 -128)    ; R3_w=scalar(id=69) R10=fp0 fp-128=scalar(id=69)
2063: (07) r3 += 200                  ; R3_w=scalar(id=69+200)
2064: (bf) r1 = r10                   ; R1_w=fp0 R10=fp0
2065: (07) r1 += -72                  ; R1_w=fp-72
2066: (b7) r2 = 8                     ; R2_w=8
2067: (85) call bpf_probe_read#4      ; R0_w=scalar() fp-72_w=mmmmmmmm
2068: (b7) r9 = 25                    ; R9_w=25
; if (!argp) @ buffer.h:328
2069: (79) r3 = *(u64 *)(r10 -72)     ; R3_w=scalar() R10=fp0 fp-72_w=mmmmmmmm
2070: (15) if r3 == 0x0 goto pc-1379          ; R3_w=scalar(umin=1)
; if (buf->offset > ARGS_BUF_SIZE - MAX_STRING_SIZE - sizeof(int)) @ buffer.h:331
2071: (69) r2 = *(u16 *)(r6 +0)       ; R2=scalar(smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff)) R6=map_value(map=event_data_map,ks=4,vs=32528,off=32146)
2072: (25) if r2 > 0x6cfc goto pc-1381        ; R2=scalar(smin=smin32=0,smax=umax=smax32=umax32=27900,var_off=(0x0; 0x7fff))
; int sz = bpf_probe_read_str(&(buf->args[buf->offset + sizeof(int)]), MAX_STRING_SIZE, argp); @ buffer.h:336
2073: (07) r2 += 4                    ; R2_w=scalar(smin=umin=smin32=umin32=4,smax=umax=smax32=umax32=27904,var_off=(0x0; 0x7fff))
2074: (57) r2 &= 65535                ; R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=27904,var_off=(0x0; 0x7fff))
2075: (bf) r1 = r7                    ; R1_w=map_value(map=event_data_map,ks=4,vs=32528,off=145) R7=map_value(map=event_data_map,ks=4,vs=32528,off=145)
2076: (0f) r1 += r2                   ; R1_w=map_value(map=event_data_map,ks=4,vs=32528,off=145,smin=smin32=0,smax=umax=smax32=umax32=27904,var_off=(0x0; 0x7fff)) R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=27904,var_off=(0x0; 0x7fff))
2077: (b7) r2 = 4096                  ; R2_w=4096
2078: (85) call bpf_probe_read_str#45         ; R0_w=scalar(smin=smin32=-4095,smax=smax32=4096)
2079: (63) *(u32 *)(r10 -76) = r0     ; R0_w=scalar(smin=smin32=-4095,smax=smax32=4096) R10=fp0 fp-80=mmmm????
2080: (67) r0 <<= 32                  ; R0_w=scalar(smax=0x100000000000,umax=0xffffffff00000000,smin32=0,smax32=umax32=0,var_off=(0x0; 0xffffffff00000000))
2081: (c7) r0 s>>= 32                 ; R0=scalar(smin=0xffffffff80000000,smax=smax32=4096)
; if (sz > 0) { @ buffer.h:337
2082: (c5) if r0 s< 0x1 goto pc-1391          ; R0=scalar(smin=umin=smin32=umin32=1,smax=umax=smax32=umax32=4096,var_off=(0x0; 0x1fff))
; if (buf->offset > ARGS_BUF_SIZE - sizeof(int)) @ buffer.h:338
2083: (69) r2 = *(u16 *)(r6 +0)       ; R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff)) R6=map_value(map=event_data_map,ks=4,vs=32528,off=32146)
2084: (25) if r2 > 0x7cfc goto pc-1393        ; R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=31996,var_off=(0x0; 0x7fff))
; bpf_probe_read(&(buf->args[buf->offset]), sizeof(int), &sz); @ buffer.h:341
2085: (bf) r1 = r7                    ; R1_w=map_value(map=event_data_map,ks=4,vs=32528,off=145) R7=map_value(map=event_data_map,ks=4,vs=32528,off=145)
2086: (0f) r1 += r2                   ; R1_w=map_value(map=event_data_map,ks=4,vs=32528,off=145,smin=smin32=0,smax=umax=smax32=umax32=31996,var_off=(0x0; 0x7fff)) R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=31996,var_off=(0x0; 0x7fff))
2087: (bf) r3 = r10                   ; R3_w=fp0 R10=fp0
2088: (07) r3 += -76                  ; R3_w=fp-76
2089: (b7) r2 = 4                     ; R2_w=4
2090: (85) call bpf_probe_read#4      ; R0=scalar()
; buf->offset += sz + sizeof(int); @ buffer.h:342
2091: (69) r1 = *(u16 *)(r6 +0)       ; R1_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff)) R6=map_value(map=event_data_map,ks=4,vs=32528,off=32146)
2092: (61) r2 = *(u32 *)(r10 -76)     ; R2_w=scalar(smin=0,smax=umax=0xffffffff,var_off=(0x0; 0xffffffff)) R10=fp0 fp-80=mmmm????
2093: (0f) r2 += r1                   ; R1_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff)) R2_w=scalar(smin=0,smax=umax=0x10000fffe,var_off=(0x0; 0x1ffffffff))
2094: (07) r2 += 4                    ; R2_w=scalar(smin=umin=4,smax=umax=0x100010002,var_off=(0x0; 0x1ffffffff))
2095: (6b) *(u16 *)(r6 +0) = r2       ; R2_w=scalar(smin=umin=4,smax=umax=0x100010002,var_off=(0x0; 0x1ffffffff)) R6=map_value(map=event_data_map,ks=4,vs=32528,off=32146)
2096: (b7) r1 = 0                     ; R1_w=0
; const char *argp = NULL; @ buffer.h:326
2097: (7b) *(u64 *)(r10 -72) = r1     ; R1_w=0 R10=fp0 fp-72_w=0
; bpf_probe_read(&argp, sizeof(argp), &ptr[i]); @ buffer.h:327
2098: (79) r3 = *(u64 *)(r10 -128)    ; R3_w=scalar(id=69) R10=fp0 fp-128=scalar(id=69)
2099: (07) r3 += 208                  ; R3_w=scalar(id=69+208)
2100: (bf) r1 = r10                   ; R1_w=fp0 R10=fp0
2101: (07) r1 += -72                  ; R1_w=fp-72
2102: (b7) r2 = 8                     ; R2_w=8
2103: (85) call bpf_probe_read#4      ; R0_w=scalar() fp-72_w=mmmmmmmm
2104: (b7) r9 = 26                    ; R9_w=26
; if (!argp) @ buffer.h:328
2105: (79) r3 = *(u64 *)(r10 -72)     ; R3_w=scalar() R10=fp0 fp-72_w=mmmmmmmm
2106: (15) if r3 == 0x0 goto pc-1415          ; R3_w=scalar(umin=1)
; if (buf->offset > ARGS_BUF_SIZE - MAX_STRING_SIZE - sizeof(int)) @ buffer.h:331
2107: (69) r2 = *(u16 *)(r6 +0)       ; R2=scalar(smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff)) R6=map_value(map=event_data_map,ks=4,vs=32528,off=32146)
2108: (25) if r2 > 0x6cfc goto pc-1417        ; R2=scalar(smin=smin32=0,smax=umax=smax32=umax32=27900,var_off=(0x0; 0x7fff))
; int sz = bpf_probe_read_str(&(buf->args[buf->offset + sizeof(int)]), MAX_STRING_SIZE, argp); @ buffer.h:336
2109: (07) r2 += 4                    ; R2_w=scalar(smin=umin=smin32=umin32=4,smax=umax=smax32=umax32=27904,var_off=(0x0; 0x7fff))
2110: (57) r2 &= 65535                ; R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=27904,var_off=(0x0; 0x7fff))
2111: (bf) r1 = r7                    ; R1_w=map_value(map=event_data_map,ks=4,vs=32528,off=145) R7=map_value(map=event_data_map,ks=4,vs=32528,off=145)
2112: (0f) r1 += r2                   ; R1_w=map_value(map=event_data_map,ks=4,vs=32528,off=145,smin=smin32=0,smax=umax=smax32=umax32=27904,var_off=(0x0; 0x7fff)) R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=27904,var_off=(0x0; 0x7fff))
2113: (b7) r2 = 4096                  ; R2_w=4096
2114: (85) call bpf_probe_read_str#45         ; R0_w=scalar(smin=smin32=-4095,smax=smax32=4096)
2115: (63) *(u32 *)(r10 -76) = r0     ; R0_w=scalar(smin=smin32=-4095,smax=smax32=4096) R10=fp0 fp-80=mmmm????
2116: (67) r0 <<= 32                  ; R0_w=scalar(smax=0x100000000000,umax=0xffffffff00000000,smin32=0,smax32=umax32=0,var_off=(0x0; 0xffffffff00000000))
2117: (c7) r0 s>>= 32                 ; R0=scalar(smin=0xffffffff80000000,smax=smax32=4096)
; if (sz > 0) { @ buffer.h:337
2118: (c5) if r0 s< 0x1 goto pc-1427          ; R0=scalar(smin=umin=smin32=umin32=1,smax=umax=smax32=umax32=4096,var_off=(0x0; 0x1fff))
; if (buf->offset > ARGS_BUF_SIZE - sizeof(int)) @ buffer.h:338
2119: (69) r2 = *(u16 *)(r6 +0)       ; R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff)) R6=map_value(map=event_data_map,ks=4,vs=32528,off=32146)
2120: (25) if r2 > 0x7cfc goto pc-1429        ; R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=31996,var_off=(0x0; 0x7fff))
; bpf_probe_read(&(buf->args[buf->offset]), sizeof(int), &sz); @ buffer.h:341
2121: (bf) r1 = r7                    ; R1_w=map_value(map=event_data_map,ks=4,vs=32528,off=145) R7=map_value(map=event_data_map,ks=4,vs=32528,off=145)
2122: (0f) r1 += r2                   ; R1_w=map_value(map=event_data_map,ks=4,vs=32528,off=145,smin=smin32=0,smax=umax=smax32=umax32=31996,var_off=(0x0; 0x7fff)) R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=31996,var_off=(0x0; 0x7fff))
2123: (bf) r3 = r10                   ; R3_w=fp0 R10=fp0
2124: (07) r3 += -76                  ; R3_w=fp-76
2125: (b7) r2 = 4                     ; R2_w=4
2126: (85) call bpf_probe_read#4      ; R0=scalar()
; buf->offset += sz + sizeof(int); @ buffer.h:342
2127: (69) r1 = *(u16 *)(r6 +0)       ; R1_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff)) R6=map_value(map=event_data_map,ks=4,vs=32528,off=32146)
2128: (61) r2 = *(u32 *)(r10 -76)     ; R2_w=scalar(smin=0,smax=umax=0xffffffff,var_off=(0x0; 0xffffffff)) R10=fp0 fp-80=mmmm????
2129: (0f) r2 += r1                   ; R1_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff)) R2_w=scalar(smin=0,smax=umax=0x10000fffe,var_off=(0x0; 0x1ffffffff))
2130: (07) r2 += 4                    ; R2_w=scalar(smin=umin=4,smax=umax=0x100010002,var_off=(0x0; 0x1ffffffff))
2131: (6b) *(u16 *)(r6 +0) = r2       ; R2_w=scalar(smin=umin=4,smax=umax=0x100010002,var_off=(0x0; 0x1ffffffff)) R6=map_value(map=event_data_map,ks=4,vs=32528,off=32146)
2132: (b7) r1 = 0                     ; R1_w=0
; const char *argp = NULL; @ buffer.h:326
2133: (7b) *(u64 *)(r10 -72) = r1     ; R1_w=0 R10=fp0 fp-72_w=0
; bpf_probe_read(&argp, sizeof(argp), &ptr[i]); @ buffer.h:327
2134: (79) r3 = *(u64 *)(r10 -128)    ; R3_w=scalar(id=69) R10=fp0 fp-128=scalar(id=69)
2135: (07) r3 += 216                  ; R3_w=scalar(id=69+216)
2136: (bf) r1 = r10                   ; R1_w=fp0 R10=fp0
2137: (07) r1 += -72                  ; R1_w=fp-72
2138: (b7) r2 = 8                     ; R2_w=8
2139: (85) call bpf_probe_read#4      ; R0_w=scalar() fp-72_w=mmmmmmmm
2140: (b7) r9 = 27                    ; R9_w=27
; if (!argp) @ buffer.h:328
2141: (79) r3 = *(u64 *)(r10 -72)     ; R3_w=scalar() R10=fp0 fp-72_w=mmmmmmmm
2142: (15) if r3 == 0x0 goto pc-1451          ; R3_w=scalar(umin=1)
; if (buf->offset > ARGS_BUF_SIZE - MAX_STRING_SIZE - sizeof(int)) @ buffer.h:331
2143: (69) r2 = *(u16 *)(r6 +0)       ; R2=scalar(smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff)) R6=map_value(map=event_data_map,ks=4,vs=32528,off=32146)
2144: (25) if r2 > 0x6cfc goto pc-1453        ; R2=scalar(smin=smin32=0,smax=umax=smax32=umax32=27900,var_off=(0x0; 0x7fff))
; int sz = bpf_probe_read_str(&(buf->args[buf->offset + sizeof(int)]), MAX_STRING_SIZE, argp); @ buffer.h:336
2145: (07) r2 += 4                    ; R2_w=scalar(smin=umin=smin32=umin32=4,smax=umax=smax32=umax32=27904,var_off=(0x0; 0x7fff))
2146: (57) r2 &= 65535                ; R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=27904,var_off=(0x0; 0x7fff))
2147: (bf) r1 = r7                    ; R1_w=map_value(map=event_data_map,ks=4,vs=32528,off=145) R7=map_value(map=event_data_map,ks=4,vs=32528,off=145)
2148: (0f) r1 += r2                   ; R1_w=map_value(map=event_data_map,ks=4,vs=32528,off=145,smin=smin32=0,smax=umax=smax32=umax32=27904,var_off=(0x0; 0x7fff)) R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=27904,var_off=(0x0; 0x7fff))
2149: (b7) r2 = 4096                  ; R2_w=4096
2150: (85) call bpf_probe_read_str#45         ; R0_w=scalar(smin=smin32=-4095,smax=smax32=4096)
2151: (63) *(u32 *)(r10 -76) = r0     ; R0_w=scalar(smin=smin32=-4095,smax=smax32=4096) R10=fp0 fp-80=mmmm????
2152: (67) r0 <<= 32                  ; R0_w=scalar(smax=0x100000000000,umax=0xffffffff00000000,smin32=0,smax32=umax32=0,var_off=(0x0; 0xffffffff00000000))
2153: (c7) r0 s>>= 32                 ; R0=scalar(smin=0xffffffff80000000,smax=smax32=4096)
; if (sz > 0) { @ buffer.h:337
2154: (c5) if r0 s< 0x1 goto pc-1463          ; R0=scalar(smin=umin=smin32=umin32=1,smax=umax=smax32=umax32=4096,var_off=(0x0; 0x1fff))
; if (buf->offset > ARGS_BUF_SIZE - sizeof(int)) @ buffer.h:338
2155: (69) r2 = *(u16 *)(r6 +0)       ; R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff)) R6=map_value(map=event_data_map,ks=4,vs=32528,off=32146)
2156: (25) if r2 > 0x7cfc goto pc-1465        ; R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=31996,var_off=(0x0; 0x7fff))
; bpf_probe_read(&(buf->args[buf->offset]), sizeof(int), &sz); @ buffer.h:341
2157: (bf) r1 = r7                    ; R1_w=map_value(map=event_data_map,ks=4,vs=32528,off=145) R7=map_value(map=event_data_map,ks=4,vs=32528,off=145)
2158: (0f) r1 += r2                   ; R1_w=map_value(map=event_data_map,ks=4,vs=32528,off=145,smin=smin32=0,smax=umax=smax32=umax32=31996,var_off=(0x0; 0x7fff)) R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=31996,var_off=(0x0; 0x7fff))
2159: (bf) r3 = r10                   ; R3_w=fp0 R10=fp0
2160: (07) r3 += -76                  ; R3_w=fp-76
2161: (b7) r2 = 4                     ; R2_w=4
2162: (85) call bpf_probe_read#4      ; R0=scalar()
; buf->offset += sz + sizeof(int); @ buffer.h:342
2163: (69) r1 = *(u16 *)(r6 +0)       ; R1_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff)) R6=map_value(map=event_data_map,ks=4,vs=32528,off=32146)
2164: (61) r2 = *(u32 *)(r10 -76)     ; R2_w=scalar(smin=0,smax=umax=0xffffffff,var_off=(0x0; 0xffffffff)) R10=fp0 fp-80=mmmm????
2165: (0f) r2 += r1                   ; R1_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff)) R2_w=scalar(smin=0,smax=umax=0x10000fffe,var_off=(0x0; 0x1ffffffff))
2166: (07) r2 += 4                    ; R2_w=scalar(smin=umin=4,smax=umax=0x100010002,var_off=(0x0; 0x1ffffffff))
2167: (6b) *(u16 *)(r6 +0) = r2       ; R2_w=scalar(smin=umin=4,smax=umax=0x100010002,var_off=(0x0; 0x1ffffffff)) R6=map_value(map=event_data_map,ks=4,vs=32528,off=32146)
2168: (b7) r1 = 0                     ; R1_w=0
; const char *argp = NULL; @ buffer.h:326
2169: (7b) *(u64 *)(r10 -72) = r1     ; R1_w=0 R10=fp0 fp-72_w=0
; bpf_probe_read(&argp, sizeof(argp), &ptr[i]); @ buffer.h:327
2170: (79) r3 = *(u64 *)(r10 -128)    ; R3_w=scalar(id=69) R10=fp0 fp-128=scalar(id=69)
2171: (07) r3 += 224                  ; R3_w=scalar(id=69+224)
2172: (bf) r1 = r10                   ; R1_w=fp0 R10=fp0
2173: (07) r1 += -72                  ; R1_w=fp-72
2174: (b7) r2 = 8                     ; R2_w=8
2175: (85) call bpf_probe_read#4      ; R0_w=scalar() fp-72_w=mmmmmmmm
2176: (b7) r9 = 28                    ; R9_w=28
; if (!argp) @ buffer.h:328
2177: (79) r3 = *(u64 *)(r10 -72)     ; R3_w=scalar() R10=fp0 fp-72_w=mmmmmmmm
2178: (15) if r3 == 0x0 goto pc-1487          ; R3_w=scalar(umin=1)
; if (buf->offset > ARGS_BUF_SIZE - MAX_STRING_SIZE - sizeof(int)) @ buffer.h:331
2179: (69) r2 = *(u16 *)(r6 +0)       ; R2=scalar(smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff)) R6=map_value(map=event_data_map,ks=4,vs=32528,off=32146)
2180: (25) if r2 > 0x6cfc goto pc-1489        ; R2=scalar(smin=smin32=0,smax=umax=smax32=umax32=27900,var_off=(0x0; 0x7fff))
; int sz = bpf_probe_read_str(&(buf->args[buf->offset + sizeof(int)]), MAX_STRING_SIZE, argp); @ buffer.h:336
2181: (07) r2 += 4                    ; R2_w=scalar(smin=umin=smin32=umin32=4,smax=umax=smax32=umax32=27904,var_off=(0x0; 0x7fff))
2182: (57) r2 &= 65535                ; R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=27904,var_off=(0x0; 0x7fff))
2183: (bf) r1 = r7                    ; R1_w=map_value(map=event_data_map,ks=4,vs=32528,off=145) R7=map_value(map=event_data_map,ks=4,vs=32528,off=145)
2184: (0f) r1 += r2                   ; R1_w=map_value(map=event_data_map,ks=4,vs=32528,off=145,smin=smin32=0,smax=umax=smax32=umax32=27904,var_off=(0x0; 0x7fff)) R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=27904,var_off=(0x0; 0x7fff))
2185: (b7) r2 = 4096                  ; R2_w=4096
2186: (85) call bpf_probe_read_str#45         ; R0_w=scalar(smin=smin32=-4095,smax=smax32=4096)
2187: (63) *(u32 *)(r10 -76) = r0     ; R0_w=scalar(smin=smin32=-4095,smax=smax32=4096) R10=fp0 fp-80=mmmm????
2188: (67) r0 <<= 32                  ; R0_w=scalar(smax=0x100000000000,umax=0xffffffff00000000,smin32=0,smax32=umax32=0,var_off=(0x0; 0xffffffff00000000))
2189: (c7) r0 s>>= 32                 ; R0=scalar(smin=0xffffffff80000000,smax=smax32=4096)
; if (sz > 0) { @ buffer.h:337
2190: (c5) if r0 s< 0x1 goto pc-1499          ; R0=scalar(smin=umin=smin32=umin32=1,smax=umax=smax32=umax32=4096,var_off=(0x0; 0x1fff))
; if (buf->offset > ARGS_BUF_SIZE - sizeof(int)) @ buffer.h:338
2191: (69) r2 = *(u16 *)(r6 +0)       ; R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff)) R6=map_value(map=event_data_map,ks=4,vs=32528,off=32146)
2192: (25) if r2 > 0x7cfc goto pc-1501        ; R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=31996,var_off=(0x0; 0x7fff))
; bpf_probe_read(&(buf->args[buf->offset]), sizeof(int), &sz); @ buffer.h:341
2193: (bf) r1 = r7                    ; R1_w=map_value(map=event_data_map,ks=4,vs=32528,off=145) R7=map_value(map=event_data_map,ks=4,vs=32528,off=145)
2194: (0f) r1 += r2                   ; R1_w=map_value(map=event_data_map,ks=4,vs=32528,off=145,smin=smin32=0,smax=umax=smax32=umax32=31996,var_off=(0x0; 0x7fff)) R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=31996,var_off=(0x0; 0x7fff))
2195: (bf) r3 = r10                   ; R3_w=fp0 R10=fp0
2196: (07) r3 += -76                  ; R3_w=fp-76
2197: (b7) r2 = 4                     ; R2_w=4
2198: (85) call bpf_probe_read#4      ; R0=scalar()
; buf->offset += sz + sizeof(int); @ buffer.h:342
2199: (69) r1 = *(u16 *)(r6 +0)       ; R1_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff)) R6=map_value(map=event_data_map,ks=4,vs=32528,off=32146)
2200: (61) r2 = *(u32 *)(r10 -76)     ; R2_w=scalar(smin=0,smax=umax=0xffffffff,var_off=(0x0; 0xffffffff)) R10=fp0 fp-80=mmmm????
2201: (0f) r2 += r1                   ; R1_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff)) R2_w=scalar(smin=0,smax=umax=0x10000fffe,var_off=(0x0; 0x1ffffffff))
2202: (07) r2 += 4                    ; R2_w=scalar(smin=umin=4,smax=umax=0x100010002,var_off=(0x0; 0x1ffffffff))
2203: (6b) *(u16 *)(r6 +0) = r2       ; R2_w=scalar(smin=umin=4,smax=umax=0x100010002,var_off=(0x0; 0x1ffffffff)) R6=map_value(map=event_data_map,ks=4,vs=32528,off=32146)
2204: (b7) r1 = 0                     ; R1_w=0
; const char *argp = NULL; @ buffer.h:326
2205: (7b) *(u64 *)(r10 -72) = r1     ; R1_w=0 R10=fp0 fp-72_w=0
; bpf_probe_read(&argp, sizeof(argp), &ptr[i]); @ buffer.h:327
2206: (79) r3 = *(u64 *)(r10 -128)    ; R3_w=scalar(id=69) R10=fp0 fp-128=scalar(id=69)
2207: (07) r3 += 232                  ; R3_w=scalar(id=69+232)
2208: (bf) r1 = r10                   ; R1_w=fp0 R10=fp0
2209: (07) r1 += -72                  ; R1_w=fp-72
2210: (b7) r2 = 8                     ; R2_w=8
2211: (85) call bpf_probe_read#4      ; R0_w=scalar() fp-72_w=mmmmmmmm
2212: (b7) r9 = 29                    ; R9_w=29
; if (!argp) @ buffer.h:328
2213: (79) r3 = *(u64 *)(r10 -72)     ; R3_w=scalar() R10=fp0 fp-72_w=mmmmmmmm
2214: (15) if r3 == 0x0 goto pc-1523          ; R3_w=scalar(umin=1)
; if (buf->offset > ARGS_BUF_SIZE - MAX_STRING_SIZE - sizeof(int)) @ buffer.h:331
2215: (69) r2 = *(u16 *)(r6 +0)       ; R2=scalar(smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff)) R6=map_value(map=event_data_map,ks=4,vs=32528,off=32146)
2216: (25) if r2 > 0x6cfc goto pc-1525        ; R2=scalar(smin=smin32=0,smax=umax=smax32=umax32=27900,var_off=(0x0; 0x7fff))
; int sz = bpf_probe_read_str(&(buf->args[buf->offset + sizeof(int)]), MAX_STRING_SIZE, argp); @ buffer.h:336
2217: (07) r2 += 4                    ; R2_w=scalar(smin=umin=smin32=umin32=4,smax=umax=smax32=umax32=27904,var_off=(0x0; 0x7fff))
2218: (57) r2 &= 65535                ; R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=27904,var_off=(0x0; 0x7fff))
2219: (bf) r1 = r7                    ; R1_w=map_value(map=event_data_map,ks=4,vs=32528,off=145) R7=map_value(map=event_data_map,ks=4,vs=32528,off=145)
2220: (0f) r1 += r2                   ; R1_w=map_value(map=event_data_map,ks=4,vs=32528,off=145,smin=smin32=0,smax=umax=smax32=umax32=27904,var_off=(0x0; 0x7fff)) R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=27904,var_off=(0x0; 0x7fff))
2221: (b7) r2 = 4096                  ; R2_w=4096
2222: (85) call bpf_probe_read_str#45         ; R0_w=scalar(smin=smin32=-4095,smax=smax32=4096)
2223: (63) *(u32 *)(r10 -76) = r0     ; R0_w=scalar(smin=smin32=-4095,smax=smax32=4096) R10=fp0 fp-80=mmmm????
2224: (67) r0 <<= 32                  ; R0_w=scalar(smax=0x100000000000,umax=0xffffffff00000000,smin32=0,smax32=umax32=0,var_off=(0x0; 0xffffffff00000000))
2225: (c7) r0 s>>= 32                 ; R0=scalar(smin=0xffffffff80000000,smax=smax32=4096)
; if (sz > 0) { @ buffer.h:337
2226: (c5) if r0 s< 0x1 goto pc-1535          ; R0=scalar(smin=umin=smin32=umin32=1,smax=umax=smax32=umax32=4096,var_off=(0x0; 0x1fff))
; if (buf->offset > ARGS_BUF_SIZE - sizeof(int)) @ buffer.h:338
2227: (69) r2 = *(u16 *)(r6 +0)       ; R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff)) R6=map_value(map=event_data_map,ks=4,vs=32528,off=32146)
2228: (25) if r2 > 0x7cfc goto pc-1537        ; R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=31996,var_off=(0x0; 0x7fff))
; bpf_probe_read(&(buf->args[buf->offset]), sizeof(int), &sz); @ buffer.h:341
2229: (bf) r1 = r7                    ; R1_w=map_value(map=event_data_map,ks=4,vs=32528,off=145) R7=map_value(map=event_data_map,ks=4,vs=32528,off=145)
2230: (0f) r1 += r2                   ; R1_w=map_value(map=event_data_map,ks=4,vs=32528,off=145,smin=smin32=0,smax=umax=smax32=umax32=31996,var_off=(0x0; 0x7fff)) R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=31996,var_off=(0x0; 0x7fff))
2231: (bf) r3 = r10                   ; R3_w=fp0 R10=fp0
2232: (07) r3 += -76                  ; R3_w=fp-76
2233: (b7) r2 = 4                     ; R2_w=4
2234: (85) call bpf_probe_read#4      ; R0=scalar()
; buf->offset += sz + sizeof(int); @ buffer.h:342
2235: (69) r1 = *(u16 *)(r6 +0)       ; R1_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff)) R6=map_value(map=event_data_map,ks=4,vs=32528,off=32146)
2236: (61) r2 = *(u32 *)(r10 -76)     ; R2_w=scalar(smin=0,smax=umax=0xffffffff,var_off=(0x0; 0xffffffff)) R10=fp0 fp-80=mmmm????
2237: (0f) r2 += r1                   ; R1_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff)) R2_w=scalar(smin=0,smax=umax=0x10000fffe,var_off=(0x0; 0x1ffffffff))
2238: (07) r2 += 4                    ; R2_w=scalar(smin=umin=4,smax=umax=0x100010002,var_off=(0x0; 0x1ffffffff))
2239: (6b) *(u16 *)(r6 +0) = r2       ; R2_w=scalar(smin=umin=4,smax=umax=0x100010002,var_off=(0x0; 0x1ffffffff)) R6=map_value(map=event_data_map,ks=4,vs=32528,off=32146)
2240: (b7) r1 = 0                     ; R1_w=0
; const char *argp = NULL; @ buffer.h:326
2241: (7b) *(u64 *)(r10 -72) = r1     ; R1_w=0 R10=fp0 fp-72_w=0
; bpf_probe_read(&argp, sizeof(argp), &ptr[i]); @ buffer.h:327
2242: (79) r3 = *(u64 *)(r10 -128)    ; R3_w=scalar(id=69) R10=fp0 fp-128=scalar(id=69)
2243: (07) r3 += 240                  ; R3_w=scalar(id=69+240)
2244: (bf) r1 = r10                   ; R1_w=fp0 R10=fp0
2245: (07) r1 += -72                  ; R1_w=fp-72
2246: (b7) r2 = 8                     ; R2_w=8
2247: (85) call bpf_probe_read#4      ; R0_w=scalar() fp-72_w=mmmmmmmm
2248: (b7) r9 = 30                    ; R9_w=30
; if (!argp) @ buffer.h:328
2249: (79) r3 = *(u64 *)(r10 -72)     ; R3_w=scalar() R10=fp0 fp-72_w=mmmmmmmm
2250: (15) if r3 == 0x0 goto pc-1559          ; R3_w=scalar(umin=1)
; if (buf->offset > ARGS_BUF_SIZE - MAX_STRING_SIZE - sizeof(int)) @ buffer.h:331
2251: (69) r2 = *(u16 *)(r6 +0)       ; R2=scalar(smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff)) R6=map_value(map=event_data_map,ks=4,vs=32528,off=32146)
2252: (25) if r2 > 0x6cfc goto pc-1561        ; R2=scalar(smin=smin32=0,smax=umax=smax32=umax32=27900,var_off=(0x0; 0x7fff))
; int sz = bpf_probe_read_str(&(buf->args[buf->offset + sizeof(int)]), MAX_STRING_SIZE, argp); @ buffer.h:336
2253: (07) r2 += 4                    ; R2_w=scalar(smin=umin=smin32=umin32=4,smax=umax=smax32=umax32=27904,var_off=(0x0; 0x7fff))
2254: (57) r2 &= 65535                ; R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=27904,var_off=(0x0; 0x7fff))
2255: (bf) r1 = r7                    ; R1_w=map_value(map=event_data_map,ks=4,vs=32528,off=145) R7=map_value(map=event_data_map,ks=4,vs=32528,off=145)
2256: (0f) r1 += r2                   ; R1_w=map_value(map=event_data_map,ks=4,vs=32528,off=145,smin=smin32=0,smax=umax=smax32=umax32=27904,var_off=(0x0; 0x7fff)) R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=27904,var_off=(0x0; 0x7fff))
2257: (b7) r2 = 4096                  ; R2_w=4096
2258: (85) call bpf_probe_read_str#45         ; R0_w=scalar(smin=smin32=-4095,smax=smax32=4096)
2259: (63) *(u32 *)(r10 -76) = r0     ; R0_w=scalar(smin=smin32=-4095,smax=smax32=4096) R10=fp0 fp-80=mmmm????
2260: (67) r0 <<= 32                  ; R0_w=scalar(smax=0x100000000000,umax=0xffffffff00000000,smin32=0,smax32=umax32=0,var_off=(0x0; 0xffffffff00000000))
2261: (c7) r0 s>>= 32                 ; R0=scalar(smin=0xffffffff80000000,smax=smax32=4096)
; if (sz > 0) { @ buffer.h:337
2262: (c5) if r0 s< 0x1 goto pc-1571          ; R0=scalar(smin=umin=smin32=umin32=1,smax=umax=smax32=umax32=4096,var_off=(0x0; 0x1fff))
; if (buf->offset > ARGS_BUF_SIZE - sizeof(int)) @ buffer.h:338
2263: (69) r2 = *(u16 *)(r6 +0)       ; R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff)) R6=map_value(map=event_data_map,ks=4,vs=32528,off=32146)
2264: (25) if r2 > 0x7cfc goto pc-1573        ; R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=31996,var_off=(0x0; 0x7fff))
; bpf_probe_read(&(buf->args[buf->offset]), sizeof(int), &sz); @ buffer.h:341
2265: (bf) r1 = r7                    ; R1_w=map_value(map=event_data_map,ks=4,vs=32528,off=145) R7=map_value(map=event_data_map,ks=4,vs=32528,off=145)
2266: (0f) r1 += r2                   ; R1_w=map_value(map=event_data_map,ks=4,vs=32528,off=145,smin=smin32=0,smax=umax=smax32=umax32=31996,var_off=(0x0; 0x7fff)) R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=31996,var_off=(0x0; 0x7fff))
2267: (bf) r3 = r10                   ; R3_w=fp0 R10=fp0
2268: (07) r3 += -76                  ; R3_w=fp-76
2269: (b7) r2 = 4                     ; R2_w=4
2270: (85) call bpf_probe_read#4      ; R0=scalar()
; buf->offset += sz + sizeof(int); @ buffer.h:342
2271: (69) r1 = *(u16 *)(r6 +0)       ; R1_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff)) R6=map_value(map=event_data_map,ks=4,vs=32528,off=32146)
2272: (61) r2 = *(u32 *)(r10 -76)     ; R2_w=scalar(smin=0,smax=umax=0xffffffff,var_off=(0x0; 0xffffffff)) R10=fp0 fp-80=mmmm????
2273: (0f) r2 += r1                   ; R1_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff)) R2_w=scalar(smin=0,smax=umax=0x10000fffe,var_off=(0x0; 0x1ffffffff))
2274: (07) r2 += 4                    ; R2_w=scalar(smin=umin=4,smax=umax=0x100010002,var_off=(0x0; 0x1ffffffff))
2275: (6b) *(u16 *)(r6 +0) = r2       ; R2_w=scalar(smin=umin=4,smax=umax=0x100010002,var_off=(0x0; 0x1ffffffff)) R6=map_value(map=event_data_map,ks=4,vs=32528,off=32146)
2276: (b7) r1 = 0                     ; R1_w=0
; const char *argp = NULL; @ buffer.h:326
2277: (7b) *(u64 *)(r10 -72) = r1     ; R1_w=0 R10=fp0 fp-72_w=0
; bpf_probe_read(&argp, sizeof(argp), &ptr[i]); @ buffer.h:327
2278: (79) r3 = *(u64 *)(r10 -128)    ; R3_w=scalar(id=69) R10=fp0 fp-128=scalar(id=69)
2279: (07) r3 += 248                  ; R3_w=scalar(id=69+248)
2280: (bf) r1 = r10                   ; R1_w=fp0 R10=fp0
2281: (07) r1 += -72                  ; R1_w=fp-72
2282: (b7) r2 = 8                     ; R2_w=8
2283: (85) call bpf_probe_read#4      ; R0_w=scalar() fp-72_w=mmmmmmmm
2284: (b7) r9 = 31                    ; R9_w=31
; if (!argp) @ buffer.h:328
2285: (79) r3 = *(u64 *)(r10 -72)     ; R3_w=scalar() R10=fp0 fp-72_w=mmmmmmmm
2286: (15) if r3 == 0x0 goto pc-1595          ; R3_w=scalar(umin=1)
; if (buf->offset > ARGS_BUF_SIZE - MAX_STRING_SIZE - sizeof(int)) @ buffer.h:331
2287: (69) r2 = *(u16 *)(r6 +0)       ; R2=scalar(smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff)) R6=map_value(map=event_data_map,ks=4,vs=32528,off=32146)
2288: (25) if r2 > 0x6cfc goto pc-1597        ; R2=scalar(smin=smin32=0,smax=umax=smax32=umax32=27900,var_off=(0x0; 0x7fff))
; int sz = bpf_probe_read_str(&(buf->args[buf->offset + sizeof(int)]), MAX_STRING_SIZE, argp); @ buffer.h:336
2289: (07) r2 += 4                    ; R2_w=scalar(smin=umin=smin32=umin32=4,smax=umax=smax32=umax32=27904,var_off=(0x0; 0x7fff))
2290: (57) r2 &= 65535                ; R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=27904,var_off=(0x0; 0x7fff))
2291: (bf) r1 = r7                    ; R1_w=map_value(map=event_data_map,ks=4,vs=32528,off=145) R7=map_value(map=event_data_map,ks=4,vs=32528,off=145)
2292: (0f) r1 += r2                   ; R1_w=map_value(map=event_data_map,ks=4,vs=32528,off=145,smin=smin32=0,smax=umax=smax32=umax32=27904,var_off=(0x0; 0x7fff)) R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=27904,var_off=(0x0; 0x7fff))
2293: (b7) r2 = 4096                  ; R2_w=4096
2294: (85) call bpf_probe_read_str#45         ; R0_w=scalar(smin=smin32=-4095,smax=smax32=4096)
2295: (63) *(u32 *)(r10 -76) = r0     ; R0_w=scalar(smin=smin32=-4095,smax=smax32=4096) R10=fp0 fp-80=mmmm????
2296: (67) r0 <<= 32                  ; R0_w=scalar(smax=0x100000000000,umax=0xffffffff00000000,smin32=0,smax32=umax32=0,var_off=(0x0; 0xffffffff00000000))
2297: (c7) r0 s>>= 32                 ; R0=scalar(smin=0xffffffff80000000,smax=smax32=4096)
; if (sz > 0) { @ buffer.h:337
2298: (c5) if r0 s< 0x1 goto pc-1607          ; R0=scalar(smin=umin=smin32=umin32=1,smax=umax=smax32=umax32=4096,var_off=(0x0; 0x1fff))
; if (buf->offset > ARGS_BUF_SIZE - sizeof(int)) @ buffer.h:338
2299: (69) r2 = *(u16 *)(r6 +0)       ; R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff)) R6=map_value(map=event_data_map,ks=4,vs=32528,off=32146)
2300: (25) if r2 > 0x7cfc goto pc-1609        ; R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=31996,var_off=(0x0; 0x7fff))
; bpf_probe_read(&(buf->args[buf->offset]), sizeof(int), &sz); @ buffer.h:341
2301: (bf) r1 = r7                    ; R1_w=map_value(map=event_data_map,ks=4,vs=32528,off=145) R7=map_value(map=event_data_map,ks=4,vs=32528,off=145)
2302: (0f) r1 += r2                   ; R1_w=map_value(map=event_data_map,ks=4,vs=32528,off=145,smin=smin32=0,smax=umax=smax32=umax32=31996,var_off=(0x0; 0x7fff)) R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=31996,var_off=(0x0; 0x7fff))
2303: (bf) r3 = r10                   ; R3_w=fp0 R10=fp0
2304: (07) r3 += -76                  ; R3_w=fp-76
2305: (b7) r2 = 4                     ; R2_w=4
2306: (85) call bpf_probe_read#4      ; R0=scalar()
; buf->offset += sz + sizeof(int); @ buffer.h:342
2307: (69) r1 = *(u16 *)(r6 +0)       ; R1_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff)) R6=map_value(map=event_data_map,ks=4,vs=32528,off=32146)
2308: (61) r2 = *(u32 *)(r10 -76)     ; R2_w=scalar(smin=0,smax=umax=0xffffffff,var_off=(0x0; 0xffffffff)) R10=fp0 fp-80=mmmm????
2309: (0f) r2 += r1                   ; R1_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff)) R2_w=scalar(smin=0,smax=umax=0x10000fffe,var_off=(0x0; 0x1ffffffff))
2310: (07) r2 += 4                    ; R2_w=scalar(smin=umin=4,smax=umax=0x100010002,var_off=(0x0; 0x1ffffffff))
2311: (6b) *(u16 *)(r6 +0) = r2       ; R2_w=scalar(smin=umin=4,smax=umax=0x100010002,var_off=(0x0; 0x1ffffffff)) R6=map_value(map=event_data_map,ks=4,vs=32528,off=32146)
2312: (b7) r1 = 0                     ; R1_w=0
; const char *argp = NULL; @ buffer.h:326
2313: (7b) *(u64 *)(r10 -72) = r1     ; R1_w=0 R10=fp0 fp-72_w=0
; bpf_probe_read(&argp, sizeof(argp), &ptr[i]); @ buffer.h:327
2314: (79) r3 = *(u64 *)(r10 -128)    ; R3_w=scalar(id=69) R10=fp0 fp-128=scalar(id=69)
2315: (07) r3 += 256                  ; R3_w=scalar(id=69+256)
2316: (bf) r1 = r10                   ; R1_w=fp0 R10=fp0
2317: (07) r1 += -72                  ; R1_w=fp-72
2318: (b7) r2 = 8                     ; R2_w=8
2319: (85) call bpf_probe_read#4      ; R0_w=scalar() fp-72_w=mmmmmmmm
2320: (b7) r9 = 32                    ; R9_w=32
; if (!argp) @ buffer.h:328
2321: (79) r3 = *(u64 *)(r10 -72)     ; R3_w=scalar() R10=fp0 fp-72_w=mmmmmmmm
2322: (15) if r3 == 0x0 goto pc-1631          ; R3_w=scalar(umin=1)
; if (buf->offset > ARGS_BUF_SIZE - MAX_STRING_SIZE - sizeof(int)) @ buffer.h:331
2323: (69) r2 = *(u16 *)(r6 +0)       ; R2=scalar(smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff)) R6=map_value(map=event_data_map,ks=4,vs=32528,off=32146)
2324: (25) if r2 > 0x6cfc goto pc-1633        ; R2=scalar(smin=smin32=0,smax=umax=smax32=umax32=27900,var_off=(0x0; 0x7fff))
; int sz = bpf_probe_read_str(&(buf->args[buf->offset + sizeof(int)]), MAX_STRING_SIZE, argp); @ buffer.h:336
2325: (07) r2 += 4                    ; R2_w=scalar(smin=umin=smin32=umin32=4,smax=umax=smax32=umax32=27904,var_off=(0x0; 0x7fff))
2326: (57) r2 &= 65535                ; R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=27904,var_off=(0x0; 0x7fff))
2327: (bf) r1 = r7                    ; R1_w=map_value(map=event_data_map,ks=4,vs=32528,off=145) R7=map_value(map=event_data_map,ks=4,vs=32528,off=145)
2328: (0f) r1 += r2                   ; R1_w=map_value(map=event_data_map,ks=4,vs=32528,off=145,smin=smin32=0,smax=umax=smax32=umax32=27904,var_off=(0x0; 0x7fff)) R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=27904,var_off=(0x0; 0x7fff))
2329: (b7) r2 = 4096                  ; R2_w=4096
2330: (85) call bpf_probe_read_str#45         ; R0_w=scalar(smin=smin32=-4095,smax=smax32=4096)
2331: (63) *(u32 *)(r10 -76) = r0     ; R0_w=scalar(smin=smin32=-4095,smax=smax32=4096) R10=fp0 fp-80=mmmm????
2332: (67) r0 <<= 32                  ; R0_w=scalar(smax=0x100000000000,umax=0xffffffff00000000,smin32=0,smax32=umax32=0,var_off=(0x0; 0xffffffff00000000))
2333: (c7) r0 s>>= 32                 ; R0=scalar(smin=0xffffffff80000000,smax=smax32=4096)
; if (sz > 0) { @ buffer.h:337
2334: (c5) if r0 s< 0x1 goto pc-1643          ; R0=scalar(smin=umin=smin32=umin32=1,smax=umax=smax32=umax32=4096,var_off=(0x0; 0x1fff))
; if (buf->offset > ARGS_BUF_SIZE - sizeof(int)) @ buffer.h:338
2335: (69) r2 = *(u16 *)(r6 +0)       ; R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff)) R6=map_value(map=event_data_map,ks=4,vs=32528,off=32146)
2336: (25) if r2 > 0x7cfc goto pc-1645        ; R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=31996,var_off=(0x0; 0x7fff))
; bpf_probe_read(&(buf->args[buf->offset]), sizeof(int), &sz); @ buffer.h:341
2337: (bf) r1 = r7                    ; R1_w=map_value(map=event_data_map,ks=4,vs=32528,off=145) R7=map_value(map=event_data_map,ks=4,vs=32528,off=145)
2338: (0f) r1 += r2                   ; R1_w=map_value(map=event_data_map,ks=4,vs=32528,off=145,smin=smin32=0,smax=umax=smax32=umax32=31996,var_off=(0x0; 0x7fff)) R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=31996,var_off=(0x0; 0x7fff))
2339: (bf) r3 = r10                   ; R3_w=fp0 R10=fp0
2340: (07) r3 += -76                  ; R3_w=fp-76
2341: (b7) r2 = 4                     ; R2_w=4
2342: (85) call bpf_probe_read#4      ; R0=scalar()
; buf->offset += sz + sizeof(int); @ buffer.h:342
2343: (69) r1 = *(u16 *)(r6 +0)       ; R1_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff)) R6=map_value(map=event_data_map,ks=4,vs=32528,off=32146)
2344: (61) r2 = *(u32 *)(r10 -76)     ; R2_w=scalar(smin=0,smax=umax=0xffffffff,var_off=(0x0; 0xffffffff)) R10=fp0 fp-80=mmmm????
2345: (0f) r2 += r1                   ; R1_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff)) R2_w=scalar(smin=0,smax=umax=0x10000fffe,var_off=(0x0; 0x1ffffffff))
2346: (07) r2 += 4                    ; R2_w=scalar(smin=umin=4,smax=umax=0x100010002,var_off=(0x0; 0x1ffffffff))
2347: (6b) *(u16 *)(r6 +0) = r2       ; R2_w=scalar(smin=umin=4,smax=umax=0x100010002,var_off=(0x0; 0x1ffffffff)) R6=map_value(map=event_data_map,ks=4,vs=32528,off=32146)
2348: (b7) r1 = 0                     ; R1_w=0
; const char *argp = NULL; @ buffer.h:326
2349: (7b) *(u64 *)(r10 -72) = r1     ; R1_w=0 R10=fp0 fp-72_w=0
; bpf_probe_read(&argp, sizeof(argp), &ptr[i]); @ buffer.h:327
2350: (79) r3 = *(u64 *)(r10 -128)    ; R3_w=scalar(id=69) R10=fp0 fp-128=scalar(id=69)
2351: (07) r3 += 264                  ; R3_w=scalar(id=69+264)
2352: (bf) r1 = r10                   ; R1_w=fp0 R10=fp0
2353: (07) r1 += -72                  ; R1_w=fp-72
2354: (b7) r2 = 8                     ; R2_w=8
2355: (85) call bpf_probe_read#4      ; R0_w=scalar() fp-72_w=mmmmmmmm
2356: (b7) r9 = 33                    ; R9_w=33
; if (!argp) @ buffer.h:328
2357: (79) r3 = *(u64 *)(r10 -72)     ; R3_w=scalar() R10=fp0 fp-72_w=mmmmmmmm
2358: (15) if r3 == 0x0 goto pc-1667          ; R3_w=scalar(umin=1)
; if (buf->offset > ARGS_BUF_SIZE - MAX_STRING_SIZE - sizeof(int)) @ buffer.h:331
2359: (69) r2 = *(u16 *)(r6 +0)       ; R2=scalar(smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff)) R6=map_value(map=event_data_map,ks=4,vs=32528,off=32146)
2360: (25) if r2 > 0x6cfc goto pc-1669        ; R2=scalar(smin=smin32=0,smax=umax=smax32=umax32=27900,var_off=(0x0; 0x7fff))
; int sz = bpf_probe_read_str(&(buf->args[buf->offset + sizeof(int)]), MAX_STRING_SIZE, argp); @ buffer.h:336
2361: (07) r2 += 4                    ; R2_w=scalar(smin=umin=smin32=umin32=4,smax=umax=smax32=umax32=27904,var_off=(0x0; 0x7fff))
2362: (57) r2 &= 65535                ; R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=27904,var_off=(0x0; 0x7fff))
2363: (bf) r1 = r7                    ; R1_w=map_value(map=event_data_map,ks=4,vs=32528,off=145) R7=map_value(map=event_data_map,ks=4,vs=32528,off=145)
2364: (0f) r1 += r2                   ; R1_w=map_value(map=event_data_map,ks=4,vs=32528,off=145,smin=smin32=0,smax=umax=smax32=umax32=27904,var_off=(0x0; 0x7fff)) R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=27904,var_off=(0x0; 0x7fff))
2365: (b7) r2 = 4096                  ; R2_w=4096
2366: (85) call bpf_probe_read_str#45         ; R0_w=scalar(smin=smin32=-4095,smax=smax32=4096)
2367: (63) *(u32 *)(r10 -76) = r0     ; R0_w=scalar(smin=smin32=-4095,smax=smax32=4096) R10=fp0 fp-80=mmmm????
2368: (67) r0 <<= 32                  ; R0_w=scalar(smax=0x100000000000,umax=0xffffffff00000000,smin32=0,smax32=umax32=0,var_off=(0x0; 0xffffffff00000000))
2369: (c7) r0 s>>= 32                 ; R0=scalar(smin=0xffffffff80000000,smax=smax32=4096)
; if (sz > 0) { @ buffer.h:337
2370: (c5) if r0 s< 0x1 goto pc-1679          ; R0=scalar(smin=umin=smin32=umin32=1,smax=umax=smax32=umax32=4096,var_off=(0x0; 0x1fff))
; if (buf->offset > ARGS_BUF_SIZE - sizeof(int)) @ buffer.h:338
2371: (69) r2 = *(u16 *)(r6 +0)       ; R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff)) R6=map_value(map=event_data_map,ks=4,vs=32528,off=32146)
2372: (25) if r2 > 0x7cfc goto pc-1681        ; R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=31996,var_off=(0x0; 0x7fff))
; bpf_probe_read(&(buf->args[buf->offset]), sizeof(int), &sz); @ buffer.h:341
2373: (bf) r1 = r7                    ; R1_w=map_value(map=event_data_map,ks=4,vs=32528,off=145) R7=map_value(map=event_data_map,ks=4,vs=32528,off=145)
2374: (0f) r1 += r2                   ; R1_w=map_value(map=event_data_map,ks=4,vs=32528,off=145,smin=smin32=0,smax=umax=smax32=umax32=31996,var_off=(0x0; 0x7fff)) R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=31996,var_off=(0x0; 0x7fff))
2375: (bf) r3 = r10                   ; R3_w=fp0 R10=fp0
2376: (07) r3 += -76                  ; R3_w=fp-76
2377: (b7) r2 = 4                     ; R2_w=4
2378: (85) call bpf_probe_read#4      ; R0=scalar()
; buf->offset += sz + sizeof(int); @ buffer.h:342
2379: (69) r1 = *(u16 *)(r6 +0)       ; R1_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff)) R6=map_value(map=event_data_map,ks=4,vs=32528,off=32146)
2380: (61) r2 = *(u32 *)(r10 -76)     ; R2_w=scalar(smin=0,smax=umax=0xffffffff,var_off=(0x0; 0xffffffff)) R10=fp0 fp-80=mmmm????
2381: (0f) r2 += r1                   ; R1_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff)) R2_w=scalar(smin=0,smax=umax=0x10000fffe,var_off=(0x0; 0x1ffffffff))
2382: (07) r2 += 4                    ; R2_w=scalar(smin=umin=4,smax=umax=0x100010002,var_off=(0x0; 0x1ffffffff))
2383: (6b) *(u16 *)(r6 +0) = r2       ; R2_w=scalar(smin=umin=4,smax=umax=0x100010002,var_off=(0x0; 0x1ffffffff)) R6=map_value(map=event_data_map,ks=4,vs=32528,off=32146)
2384: (b7) r1 = 0                     ; R1_w=0
; const char *argp = NULL; @ buffer.h:326
2385: (7b) *(u64 *)(r10 -72) = r1     ; R1_w=0 R10=fp0 fp-72_w=0
; bpf_probe_read(&argp, sizeof(argp), &ptr[i]); @ buffer.h:327
2386: (79) r3 = *(u64 *)(r10 -128)    ; R3_w=scalar(id=69) R10=fp0 fp-128=scalar(id=69)
2387: (07) r3 += 272                  ; R3_w=scalar(id=69+272)
2388: (bf) r1 = r10                   ; R1_w=fp0 R10=fp0
2389: (07) r1 += -72                  ; R1_w=fp-72
2390: (b7) r2 = 8                     ; R2_w=8
2391: (85) call bpf_probe_read#4      ; R0_w=scalar() fp-72_w=mmmmmmmm
2392: (b7) r9 = 34                    ; R9_w=34
; if (!argp) @ buffer.h:328
2393: (79) r3 = *(u64 *)(r10 -72)     ; R3_w=scalar() R10=fp0 fp-72_w=mmmmmmmm
2394: (15) if r3 == 0x0 goto pc-1703          ; R3_w=scalar(umin=1)
; if (buf->offset > ARGS_BUF_SIZE - MAX_STRING_SIZE - sizeof(int)) @ buffer.h:331
2395: (69) r2 = *(u16 *)(r6 +0)       ; R2=scalar(smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff)) R6=map_value(map=event_data_map,ks=4,vs=32528,off=32146)
2396: (25) if r2 > 0x6cfc goto pc-1705        ; R2=scalar(smin=smin32=0,smax=umax=smax32=umax32=27900,var_off=(0x0; 0x7fff))
; int sz = bpf_probe_read_str(&(buf->args[buf->offset + sizeof(int)]), MAX_STRING_SIZE, argp); @ buffer.h:336
2397: (07) r2 += 4                    ; R2_w=scalar(smin=umin=smin32=umin32=4,smax=umax=smax32=umax32=27904,var_off=(0x0; 0x7fff))
2398: (57) r2 &= 65535                ; R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=27904,var_off=(0x0; 0x7fff))
2399: (bf) r1 = r7                    ; R1_w=map_value(map=event_data_map,ks=4,vs=32528,off=145) R7=map_value(map=event_data_map,ks=4,vs=32528,off=145)
2400: (0f) r1 += r2                   ; R1_w=map_value(map=event_data_map,ks=4,vs=32528,off=145,smin=smin32=0,smax=umax=smax32=umax32=27904,var_off=(0x0; 0x7fff)) R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=27904,var_off=(0x0; 0x7fff))
2401: (b7) r2 = 4096                  ; R2_w=4096
2402: (85) call bpf_probe_read_str#45         ; R0_w=scalar(smin=smin32=-4095,smax=smax32=4096)
2403: (63) *(u32 *)(r10 -76) = r0     ; R0_w=scalar(smin=smin32=-4095,smax=smax32=4096) R10=fp0 fp-80=mmmm????
2404: (67) r0 <<= 32                  ; R0_w=scalar(smax=0x100000000000,umax=0xffffffff00000000,smin32=0,smax32=umax32=0,var_off=(0x0; 0xffffffff00000000))
2405: (c7) r0 s>>= 32                 ; R0=scalar(smin=0xffffffff80000000,smax=smax32=4096)
; if (sz > 0) { @ buffer.h:337
2406: (c5) if r0 s< 0x1 goto pc-1715          ; R0=scalar(smin=umin=smin32=umin32=1,smax=umax=smax32=umax32=4096,var_off=(0x0; 0x1fff))
; if (buf->offset > ARGS_BUF_SIZE - sizeof(int)) @ buffer.h:338
2407: (69) r2 = *(u16 *)(r6 +0)       ; R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff)) R6=map_value(map=event_data_map,ks=4,vs=32528,off=32146)
2408: (25) if r2 > 0x7cfc goto pc-1717        ; R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=31996,var_off=(0x0; 0x7fff))
; bpf_probe_read(&(buf->args[buf->offset]), sizeof(int), &sz); @ buffer.h:341
2409: (bf) r1 = r7                    ; R1_w=map_value(map=event_data_map,ks=4,vs=32528,off=145) R7=map_value(map=event_data_map,ks=4,vs=32528,off=145)
2410: (0f) r1 += r2                   ; R1_w=map_value(map=event_data_map,ks=4,vs=32528,off=145,smin=smin32=0,smax=umax=smax32=umax32=31996,var_off=(0x0; 0x7fff)) R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=31996,var_off=(0x0; 0x7fff))
2411: (bf) r3 = r10                   ; R3_w=fp0 R10=fp0
2412: (07) r3 += -76                  ; R3_w=fp-76
2413: (b7) r2 = 4                     ; R2_w=4
2414: (85) call bpf_probe_read#4      ; R0=scalar()
; buf->offset += sz + sizeof(int); @ buffer.h:342
2415: (69) r1 = *(u16 *)(r6 +0)       ; R1_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff)) R6=map_value(map=event_data_map,ks=4,vs=32528,off=32146)
2416: (61) r2 = *(u32 *)(r10 -76)     ; R2_w=scalar(smin=0,smax=umax=0xffffffff,var_off=(0x0; 0xffffffff)) R10=fp0 fp-80=mmmm????
2417: (0f) r2 += r1                   ; R1_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff)) R2_w=scalar(smin=0,smax=umax=0x10000fffe,var_off=(0x0; 0x1ffffffff))
2418: (07) r2 += 4                    ; R2_w=scalar(smin=umin=4,smax=umax=0x100010002,var_off=(0x0; 0x1ffffffff))
2419: (6b) *(u16 *)(r6 +0) = r2       ; R2_w=scalar(smin=umin=4,smax=umax=0x100010002,var_off=(0x0; 0x1ffffffff)) R6=map_value(map=event_data_map,ks=4,vs=32528,off=32146)
2420: (b7) r1 = 0                     ; R1_w=0
; const char *argp = NULL; @ buffer.h:326
2421: (7b) *(u64 *)(r10 -72) = r1     ; R1_w=0 R10=fp0 fp-72_w=0
; bpf_probe_read(&argp, sizeof(argp), &ptr[i]); @ buffer.h:327
2422: (79) r3 = *(u64 *)(r10 -128)    ; R3_w=scalar(id=69) R10=fp0 fp-128=scalar(id=69)
2423: (07) r3 += 280                  ; R3_w=scalar(id=69+280)
2424: (bf) r1 = r10                   ; R1_w=fp0 R10=fp0
2425: (07) r1 += -72                  ; R1_w=fp-72
2426: (b7) r2 = 8                     ; R2_w=8
2427: (85) call bpf_probe_read#4      ; R0_w=scalar() fp-72_w=mmmmmmmm
2428: (b7) r9 = 35                    ; R9_w=35
; if (!argp) @ buffer.h:328
2429: (79) r3 = *(u64 *)(r10 -72)     ; R3_w=scalar() R10=fp0 fp-72_w=mmmmmmmm
2430: (15) if r3 == 0x0 goto pc-1739          ; R3_w=scalar(umin=1)
; if (buf->offset > ARGS_BUF_SIZE - MAX_STRING_SIZE - sizeof(int)) @ buffer.h:331
2431: (69) r2 = *(u16 *)(r6 +0)       ; R2=scalar(smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff)) R6=map_value(map=event_data_map,ks=4,vs=32528,off=32146)
2432: (25) if r2 > 0x6cfc goto pc-1741        ; R2=scalar(smin=smin32=0,smax=umax=smax32=umax32=27900,var_off=(0x0; 0x7fff))
; int sz = bpf_probe_read_str(&(buf->args[buf->offset + sizeof(int)]), MAX_STRING_SIZE, argp); @ buffer.h:336
2433: (07) r2 += 4                    ; R2_w=scalar(smin=umin=smin32=umin32=4,smax=umax=smax32=umax32=27904,var_off=(0x0; 0x7fff))
2434: (57) r2 &= 65535                ; R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=27904,var_off=(0x0; 0x7fff))
2435: (bf) r1 = r7                    ; R1_w=map_value(map=event_data_map,ks=4,vs=32528,off=145) R7=map_value(map=event_data_map,ks=4,vs=32528,off=145)
2436: (0f) r1 += r2                   ; R1_w=map_value(map=event_data_map,ks=4,vs=32528,off=145,smin=smin32=0,smax=umax=smax32=umax32=27904,var_off=(0x0; 0x7fff)) R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=27904,var_off=(0x0; 0x7fff))
2437: (b7) r2 = 4096                  ; R2_w=4096
2438: (85) call bpf_probe_read_str#45         ; R0_w=scalar(smin=smin32=-4095,smax=smax32=4096)
2439: (63) *(u32 *)(r10 -76) = r0     ; R0_w=scalar(smin=smin32=-4095,smax=smax32=4096) R10=fp0 fp-80=mmmm????
2440: (67) r0 <<= 32                  ; R0_w=scalar(smax=0x100000000000,umax=0xffffffff00000000,smin32=0,smax32=umax32=0,var_off=(0x0; 0xffffffff00000000))
2441: (c7) r0 s>>= 32                 ; R0=scalar(smin=0xffffffff80000000,smax=smax32=4096)
; if (sz > 0) { @ buffer.h:337
2442: (c5) if r0 s< 0x1 goto pc-1751          ; R0=scalar(smin=umin=smin32=umin32=1,smax=umax=smax32=umax32=4096,var_off=(0x0; 0x1fff))
; if (buf->offset > ARGS_BUF_SIZE - sizeof(int)) @ buffer.h:338
2443: (69) r2 = *(u16 *)(r6 +0)       ; R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff)) R6=map_value(map=event_data_map,ks=4,vs=32528,off=32146)
2444: (25) if r2 > 0x7cfc goto pc-1753        ; R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=31996,var_off=(0x0; 0x7fff))
; bpf_probe_read(&(buf->args[buf->offset]), sizeof(int), &sz); @ buffer.h:341
2445: (bf) r1 = r7                    ; R1_w=map_value(map=event_data_map,ks=4,vs=32528,off=145) R7=map_value(map=event_data_map,ks=4,vs=32528,off=145)
2446: (0f) r1 += r2                   ; R1_w=map_value(map=event_data_map,ks=4,vs=32528,off=145,smin=smin32=0,smax=umax=smax32=umax32=31996,var_off=(0x0; 0x7fff)) R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=31996,var_off=(0x0; 0x7fff))
2447: (bf) r3 = r10                   ; R3_w=fp0 R10=fp0
2448: (07) r3 += -76                  ; R3_w=fp-76
2449: (b7) r2 = 4                     ; R2_w=4
2450: (85) call bpf_probe_read#4      ; R0=scalar()
; buf->offset += sz + sizeof(int); @ buffer.h:342
2451: (69) r1 = *(u16 *)(r6 +0)       ; R1_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff)) R6=map_value(map=event_data_map,ks=4,vs=32528,off=32146)
2452: (61) r2 = *(u32 *)(r10 -76)     ; R2_w=scalar(smin=0,smax=umax=0xffffffff,var_off=(0x0; 0xffffffff)) R10=fp0 fp-80=mmmm????
2453: (0f) r2 += r1                   ; R1_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff)) R2_w=scalar(smin=0,smax=umax=0x10000fffe,var_off=(0x0; 0x1ffffffff))
2454: (07) r2 += 4                    ; R2_w=scalar(smin=umin=4,smax=umax=0x100010002,var_off=(0x0; 0x1ffffffff))
2455: (6b) *(u16 *)(r6 +0) = r2       ; R2_w=scalar(smin=umin=4,smax=umax=0x100010002,var_off=(0x0; 0x1ffffffff)) R6=map_value(map=event_data_map,ks=4,vs=32528,off=32146)
2456: (b7) r1 = 0                     ; R1_w=0
; const char *argp = NULL; @ buffer.h:326
2457: (7b) *(u64 *)(r10 -72) = r1     ; R1_w=0 R10=fp0 fp-72_w=0
; bpf_probe_read(&argp, sizeof(argp), &ptr[i]); @ buffer.h:327
2458: (79) r3 = *(u64 *)(r10 -128)    ; R3_w=scalar(id=69) R10=fp0 fp-128=scalar(id=69)
2459: (07) r3 += 288                  ; R3_w=scalar(id=69+288)
2460: (bf) r1 = r10                   ; R1_w=fp0 R10=fp0
2461: (07) r1 += -72                  ; R1_w=fp-72
2462: (b7) r2 = 8                     ; R2_w=8
2463: (85) call bpf_probe_read#4      ; R0_w=scalar() fp-72_w=mmmmmmmm
2464: (b7) r9 = 36                    ; R9_w=36
; if (!argp) @ buffer.h:328
2465: (79) r3 = *(u64 *)(r10 -72)     ; R3_w=scalar() R10=fp0 fp-72_w=mmmmmmmm
2466: (15) if r3 == 0x0 goto pc-1775          ; R3_w=scalar(umin=1)
; if (buf->offset > ARGS_BUF_SIZE - MAX_STRING_SIZE - sizeof(int)) @ buffer.h:331
2467: (69) r2 = *(u16 *)(r6 +0)       ; R2=scalar(smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff)) R6=map_value(map=event_data_map,ks=4,vs=32528,off=32146)
2468: (25) if r2 > 0x6cfc goto pc-1777        ; R2=scalar(smin=smin32=0,smax=umax=smax32=umax32=27900,var_off=(0x0; 0x7fff))
; int sz = bpf_probe_read_str(&(buf->args[buf->offset + sizeof(int)]), MAX_STRING_SIZE, argp); @ buffer.h:336
2469: (07) r2 += 4                    ; R2_w=scalar(smin=umin=smin32=umin32=4,smax=umax=smax32=umax32=27904,var_off=(0x0; 0x7fff))
2470: (57) r2 &= 65535                ; R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=27904,var_off=(0x0; 0x7fff))
2471: (bf) r1 = r7                    ; R1_w=map_value(map=event_data_map,ks=4,vs=32528,off=145) R7=map_value(map=event_data_map,ks=4,vs=32528,off=145)
2472: (0f) r1 += r2                   ; R1_w=map_value(map=event_data_map,ks=4,vs=32528,off=145,smin=smin32=0,smax=umax=smax32=umax32=27904,var_off=(0x0; 0x7fff)) R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=27904,var_off=(0x0; 0x7fff))
2473: (b7) r2 = 4096                  ; R2_w=4096
2474: (85) call bpf_probe_read_str#45         ; R0_w=scalar(smin=smin32=-4095,smax=smax32=4096)
2475: (63) *(u32 *)(r10 -76) = r0     ; R0_w=scalar(smin=smin32=-4095,smax=smax32=4096) R10=fp0 fp-80=mmmm????
2476: (67) r0 <<= 32                  ; R0_w=scalar(smax=0x100000000000,umax=0xffffffff00000000,smin32=0,smax32=umax32=0,var_off=(0x0; 0xffffffff00000000))
2477: (c7) r0 s>>= 32                 ; R0=scalar(smin=0xffffffff80000000,smax=smax32=4096)
; if (sz > 0) { @ buffer.h:337
2478: (c5) if r0 s< 0x1 goto pc-1787          ; R0=scalar(smin=umin=smin32=umin32=1,smax=umax=smax32=umax32=4096,var_off=(0x0; 0x1fff))
; if (buf->offset > ARGS_BUF_SIZE - sizeof(int)) @ buffer.h:338
2479: (69) r2 = *(u16 *)(r6 +0)       ; R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff)) R6=map_value(map=event_data_map,ks=4,vs=32528,off=32146)
2480: (25) if r2 > 0x7cfc goto pc-1789        ; R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=31996,var_off=(0x0; 0x7fff))
; bpf_probe_read(&(buf->args[buf->offset]), sizeof(int), &sz); @ buffer.h:341
2481: (bf) r1 = r7                    ; R1_w=map_value(map=event_data_map,ks=4,vs=32528,off=145) R7=map_value(map=event_data_map,ks=4,vs=32528,off=145)
2482: (0f) r1 += r2                   ; R1_w=map_value(map=event_data_map,ks=4,vs=32528,off=145,smin=smin32=0,smax=umax=smax32=umax32=31996,var_off=(0x0; 0x7fff)) R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=31996,var_off=(0x0; 0x7fff))
2483: (bf) r3 = r10                   ; R3_w=fp0 R10=fp0
2484: (07) r3 += -76                  ; R3_w=fp-76
2485: (b7) r2 = 4                     ; R2_w=4
2486: (85) call bpf_probe_read#4      ; R0=scalar()
; buf->offset += sz + sizeof(int); @ buffer.h:342
2487: (69) r1 = *(u16 *)(r6 +0)       ; R1_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff)) R6=map_value(map=event_data_map,ks=4,vs=32528,off=32146)
2488: (61) r2 = *(u32 *)(r10 -76)     ; R2_w=scalar(smin=0,smax=umax=0xffffffff,var_off=(0x0; 0xffffffff)) R10=fp0 fp-80=mmmm????
2489: (0f) r2 += r1                   ; R1_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff)) R2_w=scalar(smin=0,smax=umax=0x10000fffe,var_off=(0x0; 0x1ffffffff))
2490: (07) r2 += 4                    ; R2_w=scalar(smin=umin=4,smax=umax=0x100010002,var_off=(0x0; 0x1ffffffff))
2491: (6b) *(u16 *)(r6 +0) = r2       ; R2_w=scalar(smin=umin=4,smax=umax=0x100010002,var_off=(0x0; 0x1ffffffff)) R6=map_value(map=event_data_map,ks=4,vs=32528,off=32146)
2492: (b7) r1 = 0                     ; R1_w=0
; const char *argp = NULL; @ buffer.h:326
2493: (7b) *(u64 *)(r10 -72) = r1     ; R1_w=0 R10=fp0 fp-72_w=0
2494: (79) r3 = *(u64 *)(r10 -128)    ; R3_w=scalar(id=69) R10=fp0 fp-128=scalar(id=69)
; bpf_probe_read(&argp, sizeof(argp), &ptr[i]); @ buffer.h:327
2495: (07) r3 += 296                  ; R3_w=scalar(id=69+296)
2496: (bf) r1 = r10                   ; R1_w=fp0 R10=fp0
2497: (07) r1 += -72                  ; R1_w=fp-72
2498: (b7) r2 = 8                     ; R2_w=8
2499: (85) call bpf_probe_read#4      ; R0_w=scalar() fp-72_w=mmmmmmmm
2500: (b7) r9 = 37                    ; R9_w=37
; if (!argp) @ buffer.h:328
2501: (79) r3 = *(u64 *)(r10 -72)     ; R3_w=scalar() R10=fp0 fp-72_w=mmmmmmmm
2502: (15) if r3 == 0x0 goto pc-1811          ; R3_w=scalar(umin=1)
; if (buf->offset > ARGS_BUF_SIZE - MAX_STRING_SIZE - sizeof(int)) @ buffer.h:331
2503: (69) r2 = *(u16 *)(r6 +0)       ; R2=scalar(smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff)) R6=map_value(map=event_data_map,ks=4,vs=32528,off=32146)
2504: (25) if r2 > 0x6cfc goto pc-1813        ; R2=scalar(smin=smin32=0,smax=umax=smax32=umax32=27900,var_off=(0x0; 0x7fff))
; int sz = bpf_probe_read_str(&(buf->args[buf->offset + sizeof(int)]), MAX_STRING_SIZE, argp); @ buffer.h:336
2505: (07) r2 += 4                    ; R2_w=scalar(smin=umin=smin32=umin32=4,smax=umax=smax32=umax32=27904,var_off=(0x0; 0x7fff))
2506: (57) r2 &= 65535                ; R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=27904,var_off=(0x0; 0x7fff))
2507: (bf) r1 = r7                    ; R1_w=map_value(map=event_data_map,ks=4,vs=32528,off=145) R7=map_value(map=event_data_map,ks=4,vs=32528,off=145)
2508: (0f) r1 += r2                   ; R1_w=map_value(map=event_data_map,ks=4,vs=32528,off=145,smin=smin32=0,smax=umax=smax32=umax32=27904,var_off=(0x0; 0x7fff)) R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=27904,var_off=(0x0; 0x7fff))
2509: (b7) r2 = 4096                  ; R2_w=4096
2510: (85) call bpf_probe_read_str#45         ; R0_w=scalar(smin=smin32=-4095,smax=smax32=4096)
2511: (63) *(u32 *)(r10 -76) = r0     ; R0_w=scalar(smin=smin32=-4095,smax=smax32=4096) R10=fp0 fp-80=mmmm????
2512: (67) r0 <<= 32                  ; R0_w=scalar(smax=0x100000000000,umax=0xffffffff00000000,smin32=0,smax32=umax32=0,var_off=(0x0; 0xffffffff00000000))
2513: (c7) r0 s>>= 32                 ; R0=scalar(smin=0xffffffff80000000,smax=smax32=4096)
; if (sz > 0) { @ buffer.h:337
2514: (c5) if r0 s< 0x1 goto pc-1823          ; R0=scalar(smin=umin=smin32=umin32=1,smax=umax=smax32=umax32=4096,var_off=(0x0; 0x1fff))
; if (buf->offset > ARGS_BUF_SIZE - sizeof(int)) @ buffer.h:338
2515: (69) r2 = *(u16 *)(r6 +0)       ; R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff)) R6=map_value(map=event_data_map,ks=4,vs=32528,off=32146)
2516: (25) if r2 > 0x7cfc goto pc-1825        ; R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=31996,var_off=(0x0; 0x7fff))
; bpf_probe_read(&(buf->args[buf->offset]), sizeof(int), &sz); @ buffer.h:341
2517: (bf) r1 = r7                    ; R1_w=map_value(map=event_data_map,ks=4,vs=32528,off=145) R7=map_value(map=event_data_map,ks=4,vs=32528,off=145)
2518: (0f) r1 += r2                   ; R1_w=map_value(map=event_data_map,ks=4,vs=32528,off=145,smin=smin32=0,smax=umax=smax32=umax32=31996,var_off=(0x0; 0x7fff)) R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=31996,var_off=(0x0; 0x7fff))
2519: (bf) r3 = r10                   ; R3_w=fp0 R10=fp0
2520: (07) r3 += -76                  ; R3_w=fp-76
2521: (b7) r2 = 4                     ; R2_w=4
2522: (85) call bpf_probe_read#4      ; R0=scalar()
; buf->offset += sz + sizeof(int); @ buffer.h:342
2523: (69) r1 = *(u16 *)(r6 +0)       ; R1_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff)) R6=map_value(map=event_data_map,ks=4,vs=32528,off=32146)
2524: (61) r2 = *(u32 *)(r10 -76)     ; R2_w=scalar(smin=0,smax=umax=0xffffffff,var_off=(0x0; 0xffffffff)) R10=fp0 fp-80=mmmm????
2525: (0f) r2 += r1                   ; R1_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff)) R2_w=scalar(smin=0,smax=umax=0x10000fffe,var_off=(0x0; 0x1ffffffff))
2526: (07) r2 += 4                    ; R2_w=scalar(smin=umin=4,smax=umax=0x100010002,var_off=(0x0; 0x1ffffffff))
2527: (6b) *(u16 *)(r6 +0) = r2       ; R2_w=scalar(smin=umin=4,smax=umax=0x100010002,var_off=(0x0; 0x1ffffffff)) R6=map_value(map=event_data_map,ks=4,vs=32528,off=32146)
2528: (b7) r1 = 3026478               ; R1_w=0x2e2e2e
; char ellipsis[] = "..."; @ buffer.h:350
2529: (63) *(u32 *)(r10 -80) = r1     ; R1_w=0x2e2e2e R10=fp0 fp-80=mmmm0x2e2e2e
2530: (b7) r9 = 38                    ; R9_w=38
; buf->offset += sz + sizeof(int); @ buffer.h:342
2531: (bf) r1 = r2                    ; R1_w=scalar(id=70,smin=umin=4,smax=umax=0x100010002,var_off=(0x0; 0x1ffffffff)) R2_w=scalar(id=70,smin=umin=4,smax=umax=0x100010002,var_off=(0x0; 0x1ffffffff))
2532: (57) r1 &= 65535                ; R1_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff))
2533: (79) r5 = *(u64 *)(r10 -104)    ; R5_w=map_value(map=event_data_map,ks=4,vs=32528) R10=fp0 fp-104=map_value(map=event_data_map,ks=4,vs=32528)
; if (buf->offset > ARGS_BUF_SIZE - MAX_STRING_SIZE - sizeof(int)) @ buffer.h:351
2534: (25) if r1 > 0x6cfc goto pc-1842        ; R1_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=27900,var_off=(0x0; 0x7fff))
; int sz = bpf_probe_read_str(&(buf->args[buf->offset + sizeof(int)]), MAX_STRING_SIZE, ellipsis); @ buffer.h:356
2535: (07) r2 += 4                    ; R2_w=scalar(id=70+4,smin=umin=8,smax=umax=0x100010006,var_off=(0x0; 0x1ffffffff))
2536: (57) r2 &= 65535                ; R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff))
2537: (bf) r1 = r7                    ; R1_w=map_value(map=event_data_map,ks=4,vs=32528,off=145) R7=map_value(map=event_data_map,ks=4,vs=32528,off=145)
2538: (0f) r1 += r2                   ; R1_w=map_value(map=event_data_map,ks=4,vs=32528,off=145,smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff)) R2_w=scalar(smin=smin32=0,smax=umax=smax32=umax32=0xffff,var_off=(0x0; 0xffff))
2539: (bf) r3 = r10                   ; R3_w=fp0 R10=fp0
2540: (07) r3 += -80                  ; R3_w=fp-80
2541: (b7) r2 = 4096                  ; R2_w=4096
2542: (85) call bpf_probe_read_str#45
invalid access to map value, value_size=32528 off=65680 size=4096
R1 max value is outside of the allowed memory range
processed 2037 insns (limit 1000000) max_states_per_insn 0 total_states 155 peak_states 155 mark_read 115
-- END PROG LOAD LOG --
{"level":"warn","ts":1741187266.0371149,"msg":"libbpf: prog 'syscall__execve_enter': failed to load: -13"}
{"level":"warn","ts":1741187266.0375547,"msg":"libbpf: failed to load object ''"}
{"level":"fatal","ts":1741187266.0384955,"msg":"Tracee runner failed","error":"cmd.Runner.Run: error initializing Tracee: ebpf.(*Tracee).Init: ebpf.(*Tracee).initBPF: failed to load BPF object: permission denied"}

MrZLeo Mar 5, 2025
Author

kernel version:

[I] mrzleo@arch ~/tracee ((v0.23.0))> uname -a
Linux arch 6.12.17-1-lts #1 SMP PREEMPT_DYNAMIC Thu, 27 Feb 2025 14:12:30 +0000 x86_64 GNU/Linux

rscampos Mar 5, 2025
Maintainer

Thank you for the logs, @MrZLeo. @geyslan suggested that the issue might be related to the Clang version. Currently, we fully support Clang 14 (I'll update this in the future). I tested compiling Tracee and found that Clang 18 and 19 produce errors similar to yours. Are you using one of these versions?

Answer selected by MrZLeo

MrZLeo Mar 6, 2025
Author

@rscampos Yes, that's it. I use Clang 19 in archlinux and Clang 18 in Ubuntu.

rscampos Mar 6, 2025
Maintainer

Nice... pls try with Clang 14 and share with us if you have any problem... soon we'll bump the clang version.

MrZLeo Mar 6, 2025
Author

Nice... pls try with Clang 14 and share with us if you have any problem... soon we'll bump the clang version.

yep，clang-14 is good.🥳

Unable to run Tracee locally #4635

Uh oh!

MrZLeo Feb 28, 2025

Replies: 2 comments · 9 replies

Uh oh!

geyslan Mar 5, 2025 Maintainer

Uh oh!

geyslan Mar 5, 2025 Maintainer

Uh oh!

MrZLeo Mar 5, 2025 Author

Uh oh!

Uh oh!

rscampos Mar 5, 2025 Maintainer

Uh oh!

MrZLeo Mar 5, 2025 Author

Uh oh!

MrZLeo Mar 5, 2025 Author

Uh oh!

MrZLeo Mar 5, 2025 Author

Uh oh!

rscampos Mar 5, 2025 Maintainer

Uh oh!

MrZLeo Mar 6, 2025 Author

Uh oh!

rscampos Mar 6, 2025 Maintainer

Uh oh!

MrZLeo Mar 6, 2025 Author

MrZLeo
Feb 28, 2025

Replies: 2 comments 9 replies

geyslan
Mar 5, 2025
Maintainer

geyslan Mar 5, 2025
Maintainer

MrZLeo Mar 5, 2025
Author

rscampos
Mar 5, 2025
Maintainer

MrZLeo Mar 5, 2025
Author

MrZLeo Mar 5, 2025
Author

MrZLeo Mar 5, 2025
Author

rscampos Mar 5, 2025
Maintainer

MrZLeo Mar 6, 2025
Author

rscampos Mar 6, 2025
Maintainer

MrZLeo Mar 6, 2025
Author