diff --git a/bpf/bpf_bpfel_x86.go b/bpf/bpf_bpfel_x86.go
index c15f8ce..5e6dfd2 100644
--- a/bpf/bpf_bpfel_x86.go
+++ b/bpf/bpf_bpfel_x86.go
@@ -18,7 +18,8 @@ type BpfSkbdump struct {
 		Skb       uint64
 		TimeNs    uint64
 		Rax       uint64
-		L2        uint16
+		L2        uint8
+		Ret       uint8
 		_         [2]byte
 		Len       uint32
 		Ifindex   uint32
diff --git a/bpf/bpf_bpfel_x86.o b/bpf/bpf_bpfel_x86.o
index 3279605..7df0af3 100644
Binary files a/bpf/bpf_bpfel_x86.o and b/bpf/bpf_bpfel_x86.o differ
diff --git a/bpf/skbdump.c b/bpf/skbdump.c
index 1a442ff..70272ed 100644
--- a/bpf/skbdump.c
+++ b/bpf/skbdump.c
@@ -30,7 +30,8 @@ struct skbmeta {
 	__u64	time_ns;
 	__u64   rax;
 
-	__u16	l2;
+	__u8	l2;
+	__u8	ret;
 	__u32	len;
 	__u32	ifindex;
 
@@ -115,6 +116,7 @@ void handle_skb_tc(struct __sk_buff *skb, bool ingress)
 	dump->meta.skb = skb_addr;
 
 	dump->meta.l2 = 1;
+	dump->meta.ret = 0;
 	dump->meta.len = skb->len;
 	dump->meta.ifindex = skb->ifindex;
 
@@ -242,7 +244,8 @@ handle_skb_kprobe(struct sk_buff *skb, struct pt_regs *ctx)
 	if (!dump)
 		return 0;
 
-	dump->meta.at = ctx->ip - 1;
+	dump->meta.at = ctx->ip;
+	dump->meta.ret = 0;
 	__u64 sp = ctx->sp;
 	bpf_map_update_elem(&sp2ip, &sp, &dump->meta.at, BPF_ANY);
 	return collect_skb(skb, ctx, dump);
@@ -273,7 +276,8 @@ int on_kprobe_tid(struct pt_regs *ctx)
 		if (!dump)
 			return 0;
 
-		dump->meta.at = ctx->ip - 1;
+		dump->meta.at = ctx->ip;
+		dump->meta.ret = 0;
 		__u64 sp = ctx->sp;
 		if (!bpf_map_lookup_elem(&sp2ip, &sp))
 			bpf_map_update_elem(&sp2ip, &sp, &dump->meta.at, BPF_ANY);
@@ -299,7 +303,8 @@ int on_kretprobe(struct pt_regs *ctx)
 	if (!dump)
 		return 0;
 
-	dump->meta.at = (*ip) - 1;
+	dump->meta.at = *ip;
+	dump->meta.ret = 1;
 	collect_skb(*skb, ctx, dump);
 
 	bpf_map_delete_elem(&sp2ip, &sp);
diff --git a/skbprint.go b/skbprint.go
index 882786f..c76280e 100644
--- a/skbprint.go
+++ b/skbprint.go
@@ -46,7 +46,7 @@ func skbPrint(skb *bpf.Skbdump, linktype layers.LinkType) {
 		ksym = fmt.Sprintf("%s+%d", ksym, off)
 	}
 	fmt.Printf("%s@%d(%s) ", ksym, skb.Meta.Ifindex, ifname)
-	if strings.Contains(ksym, "+r") {
+	if skb.Meta.Ret == 1 {
 		fmt.Printf("rv=%x ", skb.Meta.Rax)
 	}
 
diff --git a/utils/utils.go b/utils/utils.go
index 815b103..319f3d7 100644
--- a/utils/utils.go
+++ b/utils/utils.go
@@ -1,7 +1,6 @@
 package utils
 
 import (
-	"fmt"
 	"log"
 	"os"
 	"slices"
@@ -36,8 +35,7 @@ func init() {
 		typ, name := parts[1], parts[2]
 		if typ == "t" || typ == "T" {
 			kallsymsByAddr[addr] = Symbol{typ, name, addr}
-			kallsymsByAddr[addr-1] = Symbol{typ, fmt.Sprintf("%s+r", name), addr - 1}
-			kallsyms = append(kallsyms, kallsymsByAddr[addr], kallsymsByAddr[addr-1])
+			kallsyms = append(kallsyms, kallsymsByAddr[addr])
 		}
 	}
 	kallsymsByAddr[0] = Symbol{"t", "out", 0}