From: "q1875486458 at gmail dot com" <sourceware-bugzilla@sourceware.org>
To: systemtap@sourceware.org
Subject: [Bug uprobes/27975] New: could systemtap probe user process running in docker(overlay2 fs)?
Date: Thu, 10 Jun 2021 07:44:54 +0000 [thread overview]
Message-ID: <bug-27975-6586@http.sourceware.org/bugzilla/> (raw)
https://sourceware.org/bugzilla/show_bug.cgi?id=27975
Bug ID: 27975
Summary: could systemtap probe user process running in
docker(overlay2 fs)?
Product: systemtap
Version: unspecified
Status: UNCONFIRMED
Severity: normal
Priority: P2
Component: uprobes
Assignee: systemtap at sourceware dot org
Reporter: q1875486458 at gmail dot com
Target Milestone: ---
## version info
systemtap version: 4.0/0.176
kernel version: 3.10.0-1160.25.1.el7.x86_64
os: CentOS Linux 7 (Core)
```bash
stap -V
Systemtap translator/driver (version 4.0/0.176, rpm 4.0-13.el7)
enabled features: AVAHI BOOST_STRING_REF DYNINST BPF JAVA PYTHON2 LIBRPM
LIBSQLITE3 LIBVIRT LIBXML2 NLS NSS READLINE
```
## what i want
i'm try to probe nginx(has debuginfo) which running in docker.
## what i have do
since nginx running in docker,so i just find the hostpath of the nginx in
docker
and run
`stap -x 27368 -e 'probe process.syscall {printf("%s %d %s\n", execname(),
pid(), pp())} probe
process("/var/lib/docker/overlay2/{a-long-long-string}/merged/usr/local/openresty/nginx/sbin/nginx").function("*")
{printf("%s",probefunc())}'
`process.syscall` works find,but nginx probe just nothing happen.
and
`stap -x 27368 -e 'probe process.syscall {printf("%s %d %s\n", execname(),
pid(), pp())} probe
process("/usr/local/openresty/nginx/sbin/nginx").function("*")
{printf("%s",probefunc())}'
--sysroot=/var/lib/docker/overlay2/{a-long-long-string}/merged/
`
report err like
`WARNING: probe
process("/usr/local/openresty/nginx/sbin/nginx").function("ngx_write_fd@src/os/unix/ngx_files.h:145")
inode-offset 0000000000041e55 registration error (rc -22)`
## what i searched
i find some says [systemtap does not support overlays/union
filesystems](https://stackoverflow.com/questions/57487292/systemtap-failed-to-probe-the-functions-registration-error)
there is samiler question asked in stackoverflow,but have to meanning answer
[smailer question but no
answer](https://stackoverflow.com/questions/29314665/systemtapwhile-resolving-probe-point-identifier-process-at-source-probe-pro)
[SystemTap_Beginners_Guide chapter 4
userspace-probing](https://www.sourceware.org/systemtap/SystemTap_Beginners_Guide/userspace-probing.html)
just say you to point the exepath of the process.
## what i want to know
is that true? how should i probe user process which run in docker?
what should i know to fix this question?
how to know what happen when uprobe just echo nothing?
## other info
```bash
docker top a0bb57
UID PID PPID C
STIME TTY TIME CMD
root 20807 20755 0
11:19 ? 00:00:00 /sbin/tini --
/run.sh
root 20852 20807 0
11:19 ? 00:00:00 sh /run.sh
root 27368 20807 0
11:20 ? 00:00:00 nginx: master
process /usr/local/openresty/nginx/sbin/nginx -c
/usr/local/openresty/nginx/conf/nginx.conf
root 27369 27368 4
11:20 ? 00:10:00 nginx: worker
process
root 27370 27368 0
11:20 ? 00:01:46 nginx: worker
process
```
i have copy /lib/modules/3.10.0-1160.25.1.el7.x86_64/ to
/var/lib/docker/overlay2/{a-long-long-string}/merged/
--
You are receiving this mail because:
You are the assignee for the bug.
next reply other threads:[~2021-06-10 7:44 UTC|newest]
Thread overview: 5+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-06-10 7:44 q1875486458 at gmail dot com [this message]
2021-06-10 14:45 ` [Bug uprobes/27975] " fche at redhat dot com
2021-06-10 16:59 ` q1875486458 at gmail dot com
2021-06-14 17:42 ` fche at redhat dot com
2021-10-08 3:15 ` fche at redhat dot com
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=bug-27975-6586@http.sourceware.org/bugzilla/ \
--to=sourceware-bugzilla@sourceware.org \
--cc=systemtap@sourceware.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).