系統技術非業餘研究 » 突破systemtap指令碼對資源使用的限制
我們在使用指令碼收集系統資訊的時候經常會用到map這樣的資料結構存放結果,但是stap指令碼在使用過程中經常會提升說”ERROR: Array overflow, check MAXMAPENTRIES near identifier ‘a’ at test.stp:6:5″ 類似這樣的資訊,然後指令碼就自動退出了.
這是stap執行期為了避免使用者濫用系統資源做出的保護,為了安全性犧牲下方便,但是會給我們需要長期執行的指令碼造成很大的麻煩,所以我們演示下如何來回避這個事情:
$ uname -r
2.6.38-yufeng
$ cat > test.stp
global a
probe begin
{
println(":");
for(i=0;i<2049;i++)
a[i]=i;
delete a;
exit();
}
CTRL+D
$ sudo stap test.stp
ERROR: Array overflow, check MAXMAPENTRIES near identifier 'a' at test.stp:6:5
:
WARNING: Number of errors: 1, skipped probes: 0
Pass 5: run failed. Try again with another '--vp 00001' option.
$ sudo stap -DMAXMAPENTRIES=10240 test.stp
:
我們來分析下stap如何做到的:
$ stap --disable-cache -p3 -DMAXMAPENTRIES=10240 test.stp 2>&1 |grep MAXMAPENTRIES #ifndef MAXMAPENTRIES #define MAXMAPENTRIES 2048 #生成的模組c原始碼裡面是這麼定義的, 最大項 2048 $ sudo stap --disable-cache -vvv -DMAXMAPENTRIES=10240 test.stp .. gcc -Wp,-MD,/tmp/stap6FKM9Q/.stap_4227.mod.o.d -nostdinc -isystem /usr/lib/gcc/x86_64-linux-gnu/4.4.5/include -I/usr/src/linux-2.6.38/arch/x86/include -Iinclude -include include/generated/autoconf.h -D__KERNEL__ -Wall -Wundef -Wstrict-prototypes -Wno-trigraphs -fno-strict-aliasing -fno-common -Werror-implicit-function-declaration -Wno-format-security -fno-delete-null-pointer-checks -O2 -m64 -mtune=generic -mno-red-zone -mcmodel=kernel -funit-at-a-time -maccumulate-outgoing-args -fstack-protector -DCONFIG_AS_CFI=1 -DCONFIG_AS_CFI_SIGNAL_FRAME=1 -DCONFIG_AS_CFI_SECTIONS=1 -DCONFIG_AS_FXSAVEQ=1 -pipe -Wno-sign-compare -fno-asynchronous-unwind-tables -mno-sse -mno-mmx -mno-sse2 -mno-3dnow -Wframe-larger-than=1024 -fno-omit-frame-pointer -fno-optimize-sibling-calls -g -pg -Wdeclaration-after-statement -Wno-pointer-sign -fno-strict-overflow -fconserve-stack -Iinclude2/asm/mach-default -include /tmp/stap6FKM9Q/stapconf_4227.h -D "MAXMAPENTRIES=10240" -freorder-blocks -Wframe-larger-than=256 -Wno-unused -Werror -I"/usr/share/systemtap/runtime" -D"KBUILD_STR(s)=#s" -D"KBUILD_BASENAME=KBUILD_STR(stap_4227.mod)" -D"KBUILD_MODNAME=KBUILD_STR(stap_4227)" -DMODULE -c -o /tmp/stap6FKM9Q/stap_4227.mod.o /tmp/stap6FKM9Q/stap_4227.mod.c .. #我們可以看到gcc編譯的時候使用了-D "MAXMAPENTRIES=10240" 來替換模組原始碼裡面的macro MAXMAPENTRIES,最大項改成了10240
我們順藤摸瓜, man stap下我們可以看到類似可以修改的引數還有其他的:
MAXNESTING
Maximum number of nested function calls. Default determined by script analysis, with a bonus 10 slots added for recursive scripts.MAXSTRINGLEN
Maximum length of strings, default 128.MAXTRYLOCK
Maximum number of iterations to wait for locks on global variables before declaring possible deadlock and skipping the probe, default 1000.MAXACTION
Maximum number of statements to execute during any single probe hit (with interrupts disabled), default 1000.MAXACTION_INTERRUPTIBLE
Maximum number of statements to execute during any single probe hit which is executed with interrupts enabled (such as begin/end probes),
default (MAXACTION * 10).MAXMAPENTRIES
Maximum number of rows in any single global array, default 2048.MAXERRORS
Maximum number of soft errors before an exit is triggered, default 0, which means that the first error will exit the script.MAXSKIPPED
Maximum number of skipped probes before an exit is triggered, default 100. Running systemtap with -t (timing) mode gives more details about
skipped probes. With the default -DINTERRUPTIBLE=1 setting, probes skipped due to reentrancy are not accumulated against this limit.MINSTACKSPACE
Minimum number of free kernel stack bytes required in order to run a probe handler, default 1024. This number should be large enough for
the probe handler’s own needs, plus a safety margin.MAXUPROBES
Maximum number of concurrently armed user-space probes (uprobes), default somewhat larger than the number of user-space probe points named
in the script. This pool needs to be potentialy large because individual uprobe objects (about 64 bytes each) are allocated for each
process for each matching script-level probe.
STP_MAXMEMORY
Maximum amount of memory (in kilobytes) that the systemtap module should use, default unlimited. The memory size includes the size of the
module itself, plus any additional allocations. This only tracks direct allocations by the systemtap runtime. This does not track indirect
allocations (as done by kprobes/uprobes/etc. internals).TASK_FINDER_VMA_ENTRY_ITEMS
Maximum number of VMA pages that will be tracked at runtime. This might get exhausted for system wide probes inspecting shared library vari‐
ables and/or user backtraces. Defaults to 1536.STP_PROCFS_BUFSIZE
Size of procfs probe read buffers (in bytes). Defaults to MAXSTRINGLEN. This value can be overridden on a per-procfs file basis using the
procfs read probe .maxsize(MAXSIZE) parameter.
玩得開心!
Post Footer automatically generated by wp-posturl plugin for wordpress.