Difference between revisions of "SystemTap"

From ArchWiki
Jump to: navigation, search
(modify config: update tested kernel version)
(Process return probes not available: Remove explanation)
 
(28 intermediate revisions by 8 users not shown)
Line 1: Line 1:
 
[[Category:Kernel]]
 
[[Category:Kernel]]
[[zh-CN:Systemtap]]
+
[[zh-cn:SystemTap]]
[http://sourceware.org/systemtap/ Systemtap] provides free software (GPL)
+
[[ja:SystemTap]]
 +
[http://sourceware.org/systemtap/ SystemTap] provides free software (GPL)
 
infrastructure to simplify the gathering of information about the running Linux system.
 
infrastructure to simplify the gathering of information about the running Linux system.
  
==Easy and fast==
+
==SystemTap==
Officially, it is recommended to build a ''linux-custom'' package to run systemtap, but rebuilding the original {{Pkg|linux}} package can be very easy and efficient.
+
 
 +
Simply install SystemTap from [[AUR]]: {{AUR|systemtap}}, all done.
 +
Compare it to the most recent upstream release at [https://sourceware.org/systemtap/wiki/SystemTapReleases].
 +
 
 +
Consider also building it from sources at [https://sourceware.org/git/?p=systemtap.git;a=summary], where
 +
support for newer kernels or distros makes first appearance.
 +
 
 +
==Standard kernel==
 +
 
 +
You will need at least the {{Pkg|linux-headers}} package installed.
 +
 
 +
Because Arch permanently strips debugging data from its distributed binaries (including the kernel),
 +
many normal/fancier systemtap capabilities are simply not available, so many examples at ''/usr/share/doc/systemtap/examples'' will not work.  However, see the [https://sourceware.org/systemtap/man/stapprobes.3stap.html stapprobes man page] for the NON-DWARF and AUTO-DWARF probe types for what should still work, for example:
 +
 
 +
* kernel tracepoints: kernel.trace("*")
 +
* user-space probes: process("...").function("...")  (for programs you build yourself with -g)
 +
* user-space markers: process("...").mark("...")  (if they were configured with the ''<sys/sdt.h>'' markers)
 +
* perfctr-based probes: perf.*
 +
* non-dwarf kernel probes: kprobe.function("...") and nd_syscall.* tapset  (if a /boot/System.map* file is available, see below).
 +
 
 +
==Kernel rebuild==
 +
 
 +
You may consider to build a ''linux-custom'' package to run SystemTap, but rebuilding the original {{Pkg|linux}} package is easy and efficient.  See also [[Kernels/Traditional compilation]].
  
 
===Prepare===
 
===Prepare===
You can run {{ic|sudo abs; cp -r /var/abs/core/linux .}} to get the original kernel build files.
+
First, run {{ic|<nowiki>ABSROOT=. abs core/linux; cd core/linux</nowiki>}} to get the original kernel build files.
 +
Then use {{ic|makepkg --verifysource}} to get the additional files. By performing the verification, you can safely '''skip''' the steps on "Update checksum".
  
 
===modify config===
 
===modify config===
 
Edit '''config''' (for 32-bit systems) or '''config.x86_64''' (for 64-bit systems), turn on these options:
 
Edit '''config''' (for 32-bit systems) or '''config.x86_64''' (for 64-bit systems), turn on these options:
* CONFIG_UTRACE=y
 
 
* CONFIG_KPROBES=y
 
* CONFIG_KPROBES=y
 
* CONFIG_KPROBES_SANITY_TEST=n
 
* CONFIG_KPROBES_SANITY_TEST=n
Line 22: Line 45:
 
* CONFIG_DEBUG_INFO_REDUCED=n
 
* CONFIG_DEBUG_INFO_REDUCED=n
 
* CONFIG_X86_DECODER_SELFTEST=n
 
* CONFIG_X86_DECODER_SELFTEST=n
By default only ''CONFIG_DEBUG_INFO'' and ''CONFIG_KPROBES'' are not set.
+
By default only ''CONFIG_DEBUG_INFO'' and ''CONFIG_DEBUG_INFO_REDUCED'' are not set.
  
With current core/linux (3.6.10) you can simply append these lines into config[.x86_64]:
+
With current core/linux (tested with 3.15.2) you can simply append these lines into config.[x86_64]:
 
{{hc|x86_64|
 
{{hc|x86_64|
 
<nowiki>
 
<nowiki>
 
echo '
 
echo '
CONFIG_UTRACE=y
 
CONFIG_KPROBES=y
 
CONFIG_KPROBES_SANITY_TEST=n
 
CONFIG_KPROBE_EVENT=y
 
CONFIG_NET_DCCPPROBE=m
 
CONFIG_NET_SCTPPROBE=m
 
CONFIG_NET_TCPPROBE=y
 
 
CONFIG_DEBUG_INFO=y
 
CONFIG_DEBUG_INFO=y
 
CONFIG_DEBUG_INFO_REDUCED=n
 
CONFIG_DEBUG_INFO_REDUCED=n
CONFIG_X86_DECODER_SELFTEST=n
 
 
' >> config.x86_64
 
' >> config.x86_64
 
</nowiki>
 
</nowiki>
 
}}
 
}}
  
===update checksum===
+
''Note that if you want to put these lines into a self-maintained script, do not insert any space before CONFIG_* lines.''
 +
 
 +
===Update checksum===
 +
''You can safely skip this step if you believe the source files are correct''.
 +
 
 
Run {{ic|md5sum config[.x86_64]}} to get a new md5sum.
 
Run {{ic|md5sum config[.x86_64]}} to get a new md5sum.
  
Line 49: Line 68:
  
 
===Build and Install===
 
===Build and Install===
Optional: you can set {{ic|<nowiki>MAKEFLAGS="-j16"</nowiki>}} in {{ic|/etc/makepkg.conf}} to speed up the compilation.
+
Optional: It is recommended to set {{ic|<nowiki>MAKEFLAGS="-j16"</nowiki>}} in {{ic|/etc/makepkg.conf}} to speed up the compilation.
  
Run {{ic|makepkg}} to compile, then simply {{ic|sudo pacman -U *.pkg.tar.gz}} to install the packages.
+
You will need about 12 GB disk space for this build. Consider using an in-memory tmpfs if you have large DRAM.
'''pacman''' will tell you '''reinstall''', That's great!
+
Run {{ic|makepkg}} or {{ic|makepkg --skipchecksums}} to compile, then simply {{ic|sudo pacman -U *.pkg.tar.gz}} to install the packages.
 +
'''pacman''' will tell you '''reinstall''', and you should say y.
  
 
{{Pkg|linux}} and {{Pkg|linux-headers}} should be reinstalled, {{Pkg|linux-docs}} does not matter.
 
{{Pkg|linux}} and {{Pkg|linux-headers}} should be reinstalled, {{Pkg|linux-docs}} does not matter.
  
Via this method, external modules (e.g. {{Pkg|nvidia}} and {{Pkg|virtualbox}}) don't need to be rebuilt.
+
Via this method, external modules (e.g. {{Pkg|nvidia}} and {{Pkg|virtualbox}}) do not need to be rebuilt.
 
+
===Systemtap===
+
Simply install systemtap from [[AUR]]: {{AUR|systemtap}}, all done.
+
 
+
However, the systemtap package in AUR seems to be outdated. You could also try a newer version of PKGBUILD from this site: [https://raw.github.com/wuxb45/Snippet/master/PKGBUILDs/systemtap/PKGBUILD].
+
  
 
==Build custom kernel==
 
==Build custom kernel==
Line 76: Line 91:
 
Try to install systemtap-git package
 
Try to install systemtap-git package
  
=== System.tap is missing ===
+
=== System.map is missing ===
  
 
You can recover it where you build your linux kernel with DEBUG_INFO enabled
 
You can recover it where you build your linux kernel with DEBUG_INFO enabled
 
      
 
      
 
     cp src/linux-3.6/System.map /boot/System.map-3.6.7-1-ARCH
 
     cp src/linux-3.6/System.map /boot/System.map-3.6.7-1-ARCH
 +
 +
Alternately,
 +
 +
    sudo cp /proc/kallsyms /boot/System.map-`uname -r`
 +
 +
=== Process return probes not available ===
 +
 +
 +
If you are sure that your kernel configuration is correct, but on launching {{ic|stap}} you get '''both''' of the following messages:
 +
 +
    WARNING: Kernel function symbol table missing [man warning::symbols]
 +
 +
    semantic error: process return probes not available [man error::inode-uprobes]
 +
 +
then SystemTap may have failed to verify support for this feature. You can fix this by following the steps in [[#System.map is missing|System.map is missing]].

Latest revision as of 15:17, 5 September 2016

SystemTap provides free software (GPL) infrastructure to simplify the gathering of information about the running Linux system.

SystemTap

Simply install SystemTap from AUR: systemtapAUR, all done. Compare it to the most recent upstream release at [1].

Consider also building it from sources at [2], where support for newer kernels or distros makes first appearance.

Standard kernel

You will need at least the linux-headers package installed.

Because Arch permanently strips debugging data from its distributed binaries (including the kernel), many normal/fancier systemtap capabilities are simply not available, so many examples at /usr/share/doc/systemtap/examples will not work. However, see the stapprobes man page for the NON-DWARF and AUTO-DWARF probe types for what should still work, for example:

  • kernel tracepoints: kernel.trace("*")
  • user-space probes: process("...").function("...") (for programs you build yourself with -g)
  • user-space markers: process("...").mark("...") (if they were configured with the <sys/sdt.h> markers)
  • perfctr-based probes: perf.*
  • non-dwarf kernel probes: kprobe.function("...") and nd_syscall.* tapset (if a /boot/System.map* file is available, see below).

Kernel rebuild

You may consider to build a linux-custom package to run SystemTap, but rebuilding the original linux package is easy and efficient. See also Kernels/Traditional compilation.

Prepare

First, run ABSROOT=. abs core/linux; cd core/linux to get the original kernel build files. Then use makepkg --verifysource to get the additional files. By performing the verification, you can safely skip the steps on "Update checksum".

modify config

Edit config (for 32-bit systems) or config.x86_64 (for 64-bit systems), turn on these options:

  • CONFIG_KPROBES=y
  • CONFIG_KPROBES_SANITY_TEST=n
  • CONFIG_KPROBE_EVENT=y
  • CONFIG_NET_DCCPPROBE=m
  • CONFIG_NET_SCTPPROBE=m
  • CONFIG_NET_TCPPROBE=y
  • CONFIG_DEBUG_INFO=y
  • CONFIG_DEBUG_INFO_REDUCED=n
  • CONFIG_X86_DECODER_SELFTEST=n

By default only CONFIG_DEBUG_INFO and CONFIG_DEBUG_INFO_REDUCED are not set.

With current core/linux (tested with 3.15.2) you can simply append these lines into config.[x86_64]:

x86_64

echo '
CONFIG_DEBUG_INFO=y
CONFIG_DEBUG_INFO_REDUCED=n
' >> config.x86_64

Note that if you want to put these lines into a self-maintained script, do not insert any space before CONFIG_* lines.

Update checksum

You can safely skip this step if you believe the source files are correct.

Run md5sum config[.x86_64] to get a new md5sum.

In PKGBUILD file, the md5sums=('sum-of-first' ... 'sum-of-last') has the same order with source=('first-source' ... 'last-source'), put your new md5sum in the right place.

Build and Install

Optional: It is recommended to set MAKEFLAGS="-j16" in /etc/makepkg.conf to speed up the compilation.

You will need about 12 GB disk space for this build. Consider using an in-memory tmpfs if you have large DRAM. Run makepkg or makepkg --skipchecksums to compile, then simply sudo pacman -U *.pkg.tar.gz to install the packages. pacman will tell you reinstall, and you should say y.

linux and linux-headers should be reinstalled, linux-docs does not matter.

Via this method, external modules (e.g. nvidia and virtualbox) do not need to be rebuilt.

Build custom kernel

Please reference this README

Troubleshooting

Pass 4 fails when launching

If you have:

   /usr/share/systemtap/runtime/stat.c:214:2: error: 'cpu_possible_map' undeclared (first use in this function)

Try to install systemtap-git package

System.map is missing

You can recover it where you build your linux kernel with DEBUG_INFO enabled

   cp src/linux-3.6/System.map /boot/System.map-3.6.7-1-ARCH

Alternately,

   sudo cp /proc/kallsyms /boot/System.map-`uname -r`

Process return probes not available

If you are sure that your kernel configuration is correct, but on launching stap you get both of the following messages:

   WARNING: Kernel function symbol table missing [man warning::symbols]
   semantic error: process return probes not available [man error::inode-uprobes]

then SystemTap may have failed to verify support for this feature. You can fix this by following the steps in System.map is missing.