[BUG] bpftime fails to find the base address of a simple ELF file from a simple C source file

[agentzh]

I'm getting errors with LLVM JIT mode of bpftime on Fedora Linux x86_64:

[2024-01-28 00:38:50][info][707114] Created uprobe/uretprobe perf event handler, module name /500g-a/git/ebpf-plus/libbpf/uprobes/a.out, offset 1106
[2024-01-28 00:38:50.707] [info] [agent.cpp:66] Entering bpftime agent
[2024-01-28 00:38:50.708] [info] [bpftime_shm_internal.cpp:618] Global shm constructed. shm_open_type 1 for bpftime_maps_shm
[2024-01-28 00:38:50.709] [info] [agent.cpp:81] Initializing agent..
[2024-01-28 00:38:50][info][707119] Initializing llvm
[2024-01-28 00:38:50][info][707119] Executable path: /usr/bin/bash
[2024-01-28 00:38:50][error][707119] Failed to find module base address for /500g-a/git/ebpf-plus/libbpf/uprobes/a.out
[2024-01-28 00:38:50][error][707119] Failed to initialize attach context
[2024-01-28 00:38:50.720] [info] [agent.cpp:66] Entering bpftime agent
[2024-01-28 00:38:50.721] [info] [bpftime_shm_internal.cpp:618] Global shm constructed. shm_open_type 1 for bpftime_maps_shm
[2024-01-28 00:38:50.721] [info] [agent.cpp:81] Initializing agent..
[2024-01-28 00:38:50][info][707119] Initializing llvm
[2024-01-28 00:38:50][info][707119] Executable path: /500g-a/git/ebpf-plus/libbpf/uprobes/a.out
[2024-01-28 00:38:50][info][707119] Attached 1 uprobe programs to function 401106
[2024-01-28 00:38:50][info][707119] Attach successfully
INFO [707119]: Global shm destructed

Note the lines containing [error] in the output:

[2024-01-28 00:38:50][error][707119] Failed to find module base address for /500g-a/git/ebpf-plus/libbpf/uprobes/a.out
[2024-01-28 00:38:50][error][707119] Failed to initialize attach context

The a.out is a simple ELF executable which is not a PIE:

a.out: ELF 64-bit LSB executable, x86-64, version 1 (SYSV), dynamically linked, interpreter /lib64/ld-linux-x86-64.so.2, BuildID[sha1]=ce095a0663ef61c1651820dc3642301d489aeffa, for GNU/Linux 3.2.0, not stripped

And it is built from the following C source file a.c:

#include <unistd.h>
#include <stdio.h>

int blah = 7;

int foo(int a) {
    return a + 1;
}

int main(void) {
    foo(3 + 1);
    return 0;
}

And the command to build it is like this:

gcc -fno-PIC a.c -fno-pie -o a.out

Using other tools can easily find its base address is 0x400000. Nothing unusual.

How to debug and workaround this issue?

[agentzh]

Another issue here is why it still went forward to attach to the uprobe when it failed to find the base address of the target program? Missing proper error handling here?

[agentzh]

OK, found that it is because the target process for ./a.out is spawned by a parent bash process, and that both of them have libbpftime-agent.so preloaded. If I get rid of the parent bash process, then the errors are gone:

[2024-01-28 00:53:06][info][707271] Created uprobe/uretprobe perf event handler, module name /500g-a/git/ebpf-plus/libbpf/uprobes/a.out, offset 1106
[2024-01-28 00:53:06.163] [info] [agent.cpp:66] Entering bpftime agent
[2024-01-28 00:53:06.163] [info] [bpftime_shm_internal.cpp:618] Global shm constructed. shm_open_type 1 for bpftime_maps_shm
[2024-01-28 00:53:06.164] [info] [agent.cpp:81] Initializing agent..
[2024-01-28 00:53:06][info][707276] Initializing llvm
[2024-01-28 00:53:06][info][707276] Executable path: /500g-a/git/ebpf-plus/libbpf/uprobes/a.out
[2024-01-28 00:53:06][info][707276] Attached 1 uprobe programs to function 401106
[2024-01-28 00:53:06][info][707276] Attach successfully

Still, this special case is worth fixing. I think for irrelevant processes with the bpftime agent preloaded, they should just be silently ignored.