Linux run kernel probe systemtap script failed with semantic error: no match"
Linux run kernel probe systemtap script failed with semantic error: no match"
我有 2 个实验环境:CentOS 6.8 和 Ubuntu16.04 都在 Virtualbox VM 中 运行。
我在 CentOS 上安装
yum install kernel-devel kernel-debug
在 Ubuntu 我安装了:
sudo apt-get install linux-headers-$(uname -r)
sudo apt-get install fakeroot build-essential crash kexec-tools makedumpfile kernel-wedge
在两个系统上我都可以运行成功:
stap -ve 'probe begin { log("hello world") exit() }'
我尝试了这个 .stp 来自 systemtap 指南的脚本:
#!/usr/bin/stap
probe begin
{
log("begin probe")
}
probe syscall.open
{
printf("%s(%d) open (%s)\n",execname(),pid(),argstr)
}
probe timer.ms(4000)#4s later
{
exit()
}
probe end
{
log("end probe")
}
chmod +x ... 脚本和 运行 作为 root 用户。两个系统都报告如下错误:
./test2.stp -v
Pass 1: parsed user script and 124 library script(s) using 217780virt/45168res/3204shr/42664data kb, in 210usr/20sys/238real ms.
semantic error: while resolving probe point: identifier 'kernel' at /usr/share/systemtap/tapset/linux/syscalls2.stp:197:24
source: probe __syscall.open = kernel.function("sys_open").call
^
semantic error: missing x86_64 kernel/module debuginfo [man warning::debuginfo] under '/lib/modules/2.6.32-642.el6.x86_64/build'
semantic error: while resolving probe point: identifier '__syscall' at :177:47
source: probe syscall.open = __syscall.compat_open ?, __syscall.open
^
semantic error: no match
semantic error: while resolving probe point: identifier 'syscall' at ./test2.stp:6:7
source: probe syscall.open
^
semantic error: no match
Pass 2: analyzed script: 3 probe(s), 6 function(s), 0 embed(s), 0 global(s) using 230172virt/57516res/5204shr/52952data kb, in 120usr/150sys/270real ms.
Pass 2: analysis failed. [man error::pass2]
这个错误是关于什么的?是安装问题吗?我的脚本有语法错误吗?
非常感谢。
tl;dr 安装内核映像调试符号,例如包裹 linux-image-$(uname -r)-dbgsym.
问题背景
我遇到了类似的错误
$ sudo stap -v udp_detect_exec.stp
...
semantic error: while resolving probe point: identifier 'kernel' at /usr/share/systemtap/tapset/linux/udp.stp:39:21
source: probe udp.sendmsg = kernel.function("udp_sendmsg") {
从 systemtap 脚本到 track DNS requests
#! /usr/bin/env stap
probe udp.sendmsg (
if ( dport == 53 && ( daddr == "8.8.8.8" || daddr == "8.8.4.4" ) ) {
printf ("PID %5d (%s) sent UDP to %15s 53\n", pid(), execname(), daddr)
}
}
在 this blog.jeffli.me post 之后,一个 hello world systemtap 脚本成功了。
sudo stap -e 'probe kernel.function("sys_open") {log("hello world") exit()}'
解决方法(安装内核调试符号)
在此 wiki.ubuntu.com entry 之后,我的 Ubuntu 16.04 系统缺少内核调试符号。我运行安装步骤:
sudo apt-key adv --keyserver keyserver.ubuntu.com --recv-keys C8CAB6595FDFF622
codename=$(lsb_release -c | awk '{print }')
sudo tee /etc/apt/sources.list.d/ddebs.list << EOF
deb http://ddebs.ubuntu.com/ ${codename} main restricted universe multiverse
deb http://ddebs.ubuntu.com/ ${codename}-security main restricted universe multiverse
deb http://ddebs.ubuntu.com/ ${codename}-updates main restricted universe multiverse
deb http://ddebs.ubuntu.com/ ${codename}-proposed main restricted universe multiverse
EOF
sudo apt-get update
sudo apt-get install linux-image-$(uname -r)-dbgsym
脚本udp_detect_exec.stp成功运行。
我建议在 wiki.ubuntu.com 条目中检查更新的 apt-get install 步骤。
我有 2 个实验环境:CentOS 6.8 和 Ubuntu16.04 都在 Virtualbox VM 中 运行。
我在 CentOS 上安装
yum install kernel-devel kernel-debug
在 Ubuntu 我安装了:
sudo apt-get install linux-headers-$(uname -r)
sudo apt-get install fakeroot build-essential crash kexec-tools makedumpfile kernel-wedge
在两个系统上我都可以运行成功:
stap -ve 'probe begin { log("hello world") exit() }'
我尝试了这个 .stp 来自 systemtap 指南的脚本:
#!/usr/bin/stap
probe begin
{
log("begin probe")
}
probe syscall.open
{
printf("%s(%d) open (%s)\n",execname(),pid(),argstr)
}
probe timer.ms(4000)#4s later
{
exit()
}
probe end
{
log("end probe")
}
chmod +x ... 脚本和 运行 作为 root 用户。两个系统都报告如下错误:
./test2.stp -v
Pass 1: parsed user script and 124 library script(s) using 217780virt/45168res/3204shr/42664data kb, in 210usr/20sys/238real ms.
semantic error: while resolving probe point: identifier 'kernel' at /usr/share/systemtap/tapset/linux/syscalls2.stp:197:24
source: probe __syscall.open = kernel.function("sys_open").call
^
semantic error: missing x86_64 kernel/module debuginfo [man warning::debuginfo] under '/lib/modules/2.6.32-642.el6.x86_64/build'
semantic error: while resolving probe point: identifier '__syscall' at :177:47
source: probe syscall.open = __syscall.compat_open ?, __syscall.open
^
semantic error: no match
semantic error: while resolving probe point: identifier 'syscall' at ./test2.stp:6:7
source: probe syscall.open
^
semantic error: no match
Pass 2: analyzed script: 3 probe(s), 6 function(s), 0 embed(s), 0 global(s) using 230172virt/57516res/5204shr/52952data kb, in 120usr/150sys/270real ms.
Pass 2: analysis failed. [man error::pass2]
这个错误是关于什么的?是安装问题吗?我的脚本有语法错误吗?
非常感谢。
tl;dr 安装内核映像调试符号,例如包裹 linux-image-$(uname -r)-dbgsym.
问题背景
我遇到了类似的错误
$ sudo stap -v udp_detect_exec.stp
...
semantic error: while resolving probe point: identifier 'kernel' at /usr/share/systemtap/tapset/linux/udp.stp:39:21
source: probe udp.sendmsg = kernel.function("udp_sendmsg") {
从 systemtap 脚本到 track DNS requests
#! /usr/bin/env stap
probe udp.sendmsg (
if ( dport == 53 && ( daddr == "8.8.8.8" || daddr == "8.8.4.4" ) ) {
printf ("PID %5d (%s) sent UDP to %15s 53\n", pid(), execname(), daddr)
}
}
在 this blog.jeffli.me post 之后,一个 hello world systemtap 脚本成功了。
sudo stap -e 'probe kernel.function("sys_open") {log("hello world") exit()}'
解决方法(安装内核调试符号)
在此 wiki.ubuntu.com entry 之后,我的 Ubuntu 16.04 系统缺少内核调试符号。我运行安装步骤:
sudo apt-key adv --keyserver keyserver.ubuntu.com --recv-keys C8CAB6595FDFF622
codename=$(lsb_release -c | awk '{print }')
sudo tee /etc/apt/sources.list.d/ddebs.list << EOF
deb http://ddebs.ubuntu.com/ ${codename} main restricted universe multiverse
deb http://ddebs.ubuntu.com/ ${codename}-security main restricted universe multiverse
deb http://ddebs.ubuntu.com/ ${codename}-updates main restricted universe multiverse
deb http://ddebs.ubuntu.com/ ${codename}-proposed main restricted universe multiverse
EOF
sudo apt-get update
sudo apt-get install linux-image-$(uname -r)-dbgsym
脚本udp_detect_exec.stp成功运行。
我建议在 wiki.ubuntu.com 条目中检查更新的 apt-get install 步骤。