SystemTap: Difference between revisions
m (→modify config: enable full variable debugging information within dbgsyms with gcc vta cflags (-fvar-tracking-assignments)) |
Lahwaacz.bot (talk | contribs) (simplification and beautification of wikilinks (interactive)) |
||
| (17 intermediate revisions by 4 users not shown) | |||
| Line 1: | Line 1: | ||
[[Category:Kernel]] | [[Category:Kernel]] | ||
[[ja:SystemTap]] | |||
[[zh-hans:SystemTap]] | [[zh-hans:SystemTap]] | ||
[ | [https://sourceware.org/systemtap/ SystemTap] provides free software (GPL) | ||
infrastructure to simplify the gathering of information about the running Linux system. | infrastructure to simplify the gathering of information about the running Linux system. | ||
== | == Installation == | ||
Simply install {{AUR|systemtap}} or {{AUR|systemtap-git}}, all done. | Simply install {{AUR|systemtap}} or {{AUR|systemtap-git}}, all done. | ||
| Line 11: | Line 11: | ||
Consider also building it from sources at [https://sourceware.org/git/?p=systemtap.git;a=summary], where | Consider also building it from sources at [https://sourceware.org/git/?p=systemtap.git;a=summary], where | ||
support for newer kernels or | support for newer kernels or distributions makes first appearance. | ||
==Standard kernel== | == Standard kernel == | ||
You will need at least the {{Pkg|linux-headers}} package installed. | You will need at least the {{Pkg|linux-headers}} package installed. | ||
Because Arch permanently strips debugging data from its distributed binaries (including the kernel), | Because Arch permanently strips debugging data from its distributed binaries (including the kernel), | ||
many normal/fancier systemtap capabilities are simply not available, so many examples at | many normal/fancier systemtap capabilities are simply not available, so many examples at {{ic|/usr/share/doc/systemtap/examples}} will not work. However, see {{man|3|stapprobes|url=https://sourceware.org/systemtap/man/stapprobes.3stap.html}} for the NON-DWARF and AUTO-DWARF probe types for what should still work, for example: | ||
* kernel tracepoints: kernel.trace("*") | * kernel tracepoints: kernel.trace("*") | ||
| Line 26: | Line 26: | ||
* non-dwarf kernel probes: kprobe.function("...") and nd_syscall.* tapset (if a /boot/System.map* file is available, see below). | * non-dwarf kernel probes: kprobe.function("...") and nd_syscall.* tapset (if a /boot/System.map* file is available, see below). | ||
==Kernel rebuild== | == Kernel rebuild == | ||
You may consider to build a ''linux-custom'' package to run SystemTap, but rebuilding the {{Pkg|linux}} package is easy and efficient. | |||
=== Prepare === | |||
First, follow the steps at [[Kernel/Arch build system#Getting the ingredients]] to get the original kernel build files. | |||
First, | |||
Then use {{ic|makepkg --verifysource}} to get the additional files. By performing the verification, you can safely '''skip''' the steps on "Update checksum". | Then use {{ic|makepkg --verifysource}} to get the additional files. By performing the verification, you can safely '''skip''' the steps on "Update checksum". | ||
=== | === Modify config === | ||
Edit | |||
* CONFIG_KPROBES=y | Edit {{ic|config.x86_64}}, turn on these options: | ||
* CONFIG_KPROBES_SANITY_TEST=n | |||
* CONFIG_KPROBE_EVENT=y | * {{ic|1=CONFIG_KPROBES=y}} | ||
* CONFIG_NET_DCCPPROBE=m | * {{ic|1=CONFIG_KPROBES_SANITY_TEST=n}} | ||
* CONFIG_NET_SCTPPROBE=m | * {{ic|1=CONFIG_KPROBE_EVENT=y}} | ||
* CONFIG_NET_TCPPROBE=y | * {{ic|1=CONFIG_NET_DCCPPROBE=m}} | ||
* CONFIG_DEBUG_INFO=y | * {{ic|1=CONFIG_NET_SCTPPROBE=m}} | ||
* CONFIG_DEBUG_INFO_REDUCED=n | * {{ic|1=CONFIG_NET_TCPPROBE=y}} | ||
* CONFIG_X86_DECODER_SELFTEST=n | * {{ic|1=CONFIG_DEBUG_INFO=y}} | ||
* CONFIG_DEBUG_INFO_VTA=y | * {{ic|1=CONFIG_DEBUG_INFO_REDUCED=n}} | ||
* {{ic|1=CONFIG_X86_DECODER_SELFTEST=n}} | |||
* {{ic|1=CONFIG_DEBUG_INFO_VTA=y}} | |||
By default only ''CONFIG_DEBUG_INFO'' and ''CONFIG_DEBUG_INFO_REDUCED'' are not set. | By default only ''CONFIG_DEBUG_INFO'' and ''CONFIG_DEBUG_INFO_REDUCED'' are not set. | ||
With current | With the current linux kernel (tested with 3.15.2) you can simply append these lines into {{ic|config.x86_64}}: | ||
{{hc|x86_64| | |||
<nowiki> | {{hc|x86_64|<nowiki> | ||
echo ' | echo ' | ||
CONFIG_DEBUG_INFO=y | CONFIG_DEBUG_INFO=y | ||
CONFIG_DEBUG_INFO_REDUCED=n | CONFIG_DEBUG_INFO_REDUCED=n | ||
' >> config.x86_64 | ' >> config.x86_64 | ||
</nowiki> | </nowiki>}} | ||
}} | |||
{{Note|If you want to put these lines into a self-maintained script, do not insert any space before CONFIG_* lines.}} | |||
===Update checksum=== | === Update checksum === | ||
Run {{ic|sha256sum config | {{Tip|You can safely skip this step if you verified the source files previously.}} | ||
Run {{ic|sha256sum config.x86_64}} to get a new sha256sum. | |||
In '''PKGBUILD''' file, the {{ic|<nowiki>sha256sum=('sum-of-first' ... 'sum-of-last')</nowiki>}} has the same order with | In '''PKGBUILD''' file, the {{ic|<nowiki>sha256sum=('sum-of-first' ... 'sum-of-last')</nowiki>}} has the same order with | ||
{{ic|<nowiki>source=('first-source' ... 'last-source')</nowiki>}}, put your new sha256sum in the right place. | {{ic|<nowiki>source=('first-source' ... 'last-source')</nowiki>}}, put your new sha256sum in the right place. | ||
===Build and | === Build and install === | ||
Optional: It is recommended to set {{ic|<nowiki>MAKEFLAGS="-j16"</nowiki>}} in {{ic|/etc/makepkg.conf}} to speed up the compilation. | Optional: It is recommended to set {{ic|<nowiki>MAKEFLAGS="-j16"</nowiki>}} in {{ic|/etc/makepkg.conf}} to speed up the compilation. | ||
| Line 79: | Line 84: | ||
Via this method, external modules (e.g. {{Pkg|nvidia}} and {{Pkg|virtualbox}}) do not need to be rebuilt. | Via this method, external modules (e.g. {{Pkg|nvidia}} and {{Pkg|virtualbox}}) do not need to be rebuilt. | ||
==Build custom kernel== | == Build custom kernel == | ||
Please reference this [ | |||
Please reference this [https://sourceware.org/git/?p=systemtap.git;a=blob_plain;f=README;hb=HEAD README] | |||
==Troubleshooting== | == Troubleshooting == | ||
=== Pass 4 fails when launching === | === Pass 4 fails when launching === | ||
If you | If you get the following error message, try into install {{AUR|systemtap-git}} | ||
/usr/share/systemtap/runtime/stat.c:214:2: error: 'cpu_possible_map' undeclared (first use in this function) | |||
=== System.map is missing === | === System.map is missing === | ||
| Line 96: | Line 100: | ||
You can recover it where you build your linux kernel with DEBUG_INFO enabled | You can recover it where you build your linux kernel with DEBUG_INFO enabled | ||
# cp src/linux-3.6/System.map /boot/System.map-3.6.7-1-ARCH | |||
Alternatively, | |||
# cp /proc/kallsyms /boot/System.map-$(uname -r) | |||
=== Process return probes not available === | === Process return probes not available === | ||
If you are sure that your kernel configuration is correct, but on launching {{ic|stap}} you get '''both''' of the following messages: | If you are sure that your kernel configuration is correct, but on launching {{ic|stap}} you get '''both''' of the following messages: | ||
WARNING: Kernel function symbol table missing [man warning::symbols] | |||
semantic error: process return probes not available [man error::inode-uprobes] | |||
then SystemTap may have failed to verify support for this feature. You can fix this by following the steps in [[# | then SystemTap may have failed to verify support for this feature. You can fix this by following the steps in [[#System.map is missing]]. | ||
Latest revision as of 06:19, 11 August 2023
SystemTap provides free software (GPL) infrastructure to simplify the gathering of information about the running Linux system.
Installation
Simply install systemtapAUR or systemtap-gitAUR, all done. Compare it to the most recent upstream release at [1].
Consider also building it from sources at [2], where support for newer kernels or distributions makes first appearance.
Standard kernel
You will need at least the linux-headers package installed.
Because Arch permanently strips debugging data from its distributed binaries (including the kernel),
many normal/fancier systemtap capabilities are simply not available, so many examples at /usr/share/doc/systemtap/examples will not work. However, see stapprobes(3) for the NON-DWARF and AUTO-DWARF probe types for what should still work, for example:
- kernel tracepoints: kernel.trace("*")
- user-space probes: process("...").function("...") (for programs you build yourself with -g)
- user-space markers: process("...").mark("...") (if they were configured with the <sys/sdt.h> markers)
- perfctr-based probes: perf.*
- non-dwarf kernel probes: kprobe.function("...") and nd_syscall.* tapset (if a /boot/System.map* file is available, see below).
Kernel rebuild
You may consider to build a linux-custom package to run SystemTap, but rebuilding the linux package is easy and efficient.
Prepare
First, follow the steps at Kernel/Arch build system#Getting the ingredients to get the original kernel build files.
Then use makepkg --verifysource to get the additional files. By performing the verification, you can safely skip the steps on "Update checksum".
Modify config
Edit config.x86_64, turn on these options:
CONFIG_KPROBES=yCONFIG_KPROBES_SANITY_TEST=nCONFIG_KPROBE_EVENT=yCONFIG_NET_DCCPPROBE=mCONFIG_NET_SCTPPROBE=mCONFIG_NET_TCPPROBE=yCONFIG_DEBUG_INFO=yCONFIG_DEBUG_INFO_REDUCED=nCONFIG_X86_DECODER_SELFTEST=nCONFIG_DEBUG_INFO_VTA=y
By default only CONFIG_DEBUG_INFO and CONFIG_DEBUG_INFO_REDUCED are not set.
With the current linux kernel (tested with 3.15.2) you can simply append these lines into config.x86_64:
x86_64
echo ' CONFIG_DEBUG_INFO=y CONFIG_DEBUG_INFO_REDUCED=n ' >> config.x86_64
Update checksum
Run sha256sum config.x86_64 to get a new sha256sum.
In PKGBUILD file, the sha256sum=('sum-of-first' ... 'sum-of-last') has the same order with
source=('first-source' ... 'last-source'), put your new sha256sum in the right place.
Build and install
Optional: It is recommended to set MAKEFLAGS="-j16" in /etc/makepkg.conf to speed up the compilation.
You will need about 12 GB disk space for this build. Consider using an in-memory tmpfs if you have large DRAM.
Run makepkg or makepkg --skipchecksums to compile, then simply sudo pacman -U *.pkg.tar.gz to install the packages.
pacman will tell you reinstall, and you should say y.
linux and linux-headers should be reinstalled, linux-docs does not matter.
Via this method, external modules (e.g. nvidia and virtualbox) do not need to be rebuilt.
Build custom kernel
Please reference this README
Troubleshooting
Pass 4 fails when launching
If you get the following error message, try into install systemtap-gitAUR
/usr/share/systemtap/runtime/stat.c:214:2: error: 'cpu_possible_map' undeclared (first use in this function)
System.map is missing
You can recover it where you build your linux kernel with DEBUG_INFO enabled
# cp src/linux-3.6/System.map /boot/System.map-3.6.7-1-ARCH
Alternatively,
# cp /proc/kallsyms /boot/System.map-$(uname -r)
Process return probes not available
If you are sure that your kernel configuration is correct, but on launching stap you get both of the following messages:
WARNING: Kernel function symbol table missing [man warning::symbols] semantic error: process return probes not available [man error::inode-uprobes]
then SystemTap may have failed to verify support for this feature. You can fix this by following the steps in #System.map is missing.