我有两个实验环境:CentOS 6.8和Ubuntu 16.04都在Virtualbox VM中运行。
在我安装的CentOS上
yum install kernel-devel kernel-debug
在Ubuntu上我安装了:
sudo apt-get install linux-headers-$(uname -r)
sudo apt-get install fakeroot build-essential crash kexec-tools makedumpfile kernel-wedge
在两个系统上,我都可以成功运行:
stap -ve 'probe begin { log("hello world") exit() }'
我在 systemtap 指南中尝试了这个.stp脚本:
#!/usr/bin/stap
probe begin
{
log("begin probe")
}
probe syscall.open
{
printf("%s(%d) open (%s)\n",execname(),pid(),argstr)
}
probe timer.ms(4000)#4s later
{
exit()
}
probe end
{
log("end probe")
}
chmod +x ...脚本并以root用户身份运行。两个系统都报告错误,如:
./test2.stp -v
Pass 1: parsed user script and 124 library script(s) using 217780virt/45168res/3204shr/42664data kb, in 210usr/20sys/238real ms.
semantic error: while resolving probe point: identifier 'kernel' at /usr/share/systemtap/tapset/linux/syscalls2.stp:197:24
source: probe __syscall.open = kernel.function("sys_open").call
^
semantic error: missing x86_64 kernel/module debuginfo [man warning::debuginfo] under '/lib/modules/2.6.32-642.el6.x86_64/build'
semantic error: while resolving probe point: identifier '__syscall' at :177:47
source: probe syscall.open = __syscall.compat_open ?, __syscall.open
^
semantic error: no match
semantic error: while resolving probe point: identifier 'syscall' at ./test2.stp:6:7
source: probe syscall.open
^
semantic error: no match
Pass 2: analyzed script: 3 probe(s), 6 function(s), 0 embed(s), 0 global(s) using 230172virt/57516res/5204shr/52952data kb, in 120usr/150sys/270real ms.
Pass 2: analysis failed. [man error::pass2]
这个错误是什么?这是安装问题吗?我的脚本中是否存在语法错误?
非常感谢。
答案 0 :(得分:1)
tl; dr 安装内核映像调试符号,例如包linux-image-$(uname -r)-dbgsym。
我有类似的错误
$ sudo stap -v udp_detect_exec.stp
...
semantic error: while resolving probe point: identifier 'kernel' at /usr/share/systemtap/tapset/linux/udp.stp:39:21
source: probe udp.sendmsg = kernel.function("udp_sendmsg") {
从systemtap脚本到track DNS requests
#! /usr/bin/env stap
probe udp.sendmsg (
if ( dport == 53 && ( daddr == "8.8.8.8" || daddr == "8.8.4.4" ) ) {
printf ("PID %5d (%s) sent UDP to %15s 53\n", pid(), execname(), daddr)
}
}
关注this blog.jeffli.me post, hello world systemtap脚本有效。
sudo stap -e 'probe kernel.function("sys_open") {log("hello world") exit()}'
在wiki.ubuntu.com entry之后,我的 Ubuntu 16.04 系统缺少内核调试符号。我运行了安装步骤:
sudo apt-key adv --keyserver keyserver.ubuntu.com --recv-keys C8CAB6595FDFF622
codename=$(lsb_release -c | awk '{print $2}')
sudo tee /etc/apt/sources.list.d/ddebs.list << EOF
deb http://ddebs.ubuntu.com/ ${codename} main restricted universe multiverse
deb http://ddebs.ubuntu.com/ ${codename}-security main restricted universe multiverse
deb http://ddebs.ubuntu.com/ ${codename}-updates main restricted universe multiverse
deb http://ddebs.ubuntu.com/ ${codename}-proposed main restricted universe multiverse
EOF
sudo apt-get update
sudo apt-get install linux-image-$(uname -r)-dbgsym
脚本udp_detect_exec.stp已成功运行。
我建议在 wiki.ubuntu.com 条目中检查更新的apt-get install步骤。