[20241108]跟踪library cache lock library cache pin使用gdb(11g)3.txt

[20241108]跟踪library cache lock library cache pin使用gdb(11g)3.txt --//前一段时间写的使用gdb跟踪library cache lock/library cache pin的脚本。 --//我看过以前的笔记，当时测试过链接https://nenadnoveljic.com/blog/library-cache-lock-debugger/,我的测试在11g是失败. --//今天有空再次尝试,确实不成功,不过有了前面测试的经验,可以很容易写成11g的gdb监测脚本. --//前几天完成了11g下的脚本,有一个小问题,不能获取lock address,今天尝试完成它. --//通过调用kglGetSO返回lock address/pin address. 1.环境: SCOTT@book> @ver1 PORT_STRING                    VERSION        BANNER ------------------------------ -------------- -------------------------------------------------------------------------------- x86_64/Linux 2.4.xx            11.2.0.4.0     Oracle Database 11g Enterprise Edition Release 11.2.0.4.0 - 64bit Production 2.测试: --//session 1: --//执行如下语句多次。 SCOTT@book> select * from dept where deptno=20;     DEPTNO DNAME          LOC ---------- -------------- -------------         20 RESEARCH       DALLAS SCOTT@book> @ hash HASH_VALUE SQL_ID        CHILD_NUMBER KGL_BUCKET PLAN_HASH_VALUE HASH_HEX   SQL_EXEC_START      SQL_EXEC_ID ---------- ------------- ------------ ---------- --------------- ---------- ------------------- -----------   95129850 80baj2c2ur47u            0     102650      2852011669   5ab90fa  2024-11-08 08:59:46    16777220 --//session 2: SYS@book> @ sharepool/shp4 80baj2c2ur47u 0 HANDLE_TYPE            KGLHDADR         KGLHDPAR         C40                                        KGLHDLMD   KGLHDPMD   KGLHDIVC KGLOBHD0         KGLOBHD6           KGLOBHS0   KGLOBHS6   KGLOBT16   N0_6_16        N20   KGLNAHSH KGLOBT03        KGLOBT09 ---------------------- ---------------- ---------------- ---------------------------------------- ---------- ---------- ---------- ---------------- ---------------- ---------- ---------- ---------- --------- ---------- ---------- ------------- ---------- child handle address   000000007D927640 000000007DB40C60 select * from dept where deptno=20                1          0          0 000000007D3CC960 000000007CAA5948       4528      12144       3067     19739      19739   95129850 80baj2c2ur47u          0 parent handle address  000000007DB40C60 000000007DB40C60 select * from dept where deptno=20                1          0          0 000000007C6565D8 00                     4720          0          0      4720       4720   95129850 80baj2c2ur47u      65535 SYS@book> column KGLNAOBJ format a40 SYS@book> select KGLLKSNM sid ,KGLLKMOD,KGLLKREQ,KGLNAOBJ,KGLLKHDL,KGLLKADR,KGLLKUSE,KGLLKSES from x$kgllk where KGLNAOBJ='select * from dept where deptno=20';        SID   KGLLKMOD   KGLLKREQ KGLNAOBJ                                 KGLLKHDL         KGLLKADR         KGLLKUSE         KGLLKSES ---------- ---------- ---------- ---------------------------------------- ---------------- ---------------- ---------------- ----------------          1          1          0 select * from dept where deptno=20       000000007D927640 000000007DAF9380 0000000085C77E38 0000000085C77E38          1          1          0 select * from dept where deptno=20       000000007DB40C60 000000007D7182E0 0000000085C77E38 0000000085C77E38 --//KGLLKHDL 对应 父子游标的句柄地址，KGLLKADR表示lock地址。 ----//session 1,退出重新登录,因为会话光标已经换成,实际上测试前可以设置session_cached_cursors,这样每次都是软解析. SCOTT@book> alter session set session_cached_cursors=0; Session altered. SCOTT@book> @ spid ============================== SID                           : 1 SERIAL#                       : 1811 PROCESS                       : 19892 SERVER                        : DEDICATED SPID                          : 19893 PID                           : 24 P_SERIAL#                     : 137 KILL_COMMAND                  : alter system kill session '1,1811' immediate; PL/SQL procedure successfully completed. --//我的环境仅仅个人使用,重新登录sid还是1. --//window 1: $ cat lkpn11g.gdb set pagination off set print repeats 0 set print elements 0 set logging file /tmp/lkpn.log set logging overwrite on set logging on set $lk  = 0 set $pn  = 0 set $lock  = 0 #break kgllkal if $rdx==3 #break kgllkal if ( $rdx==3 && $rsi==0x00000000670C9E58 ) #break kgllkal if $rsi==0x00000000670C9E58 break kgllkal commands  silent  printf "kgllkal count %02d -- handle address: %016x, mode: %d ", ++$lk ,$rsi ,$rdx  echo kglnaobj address:  x/s $rsi+0x1a8  c  end #break kglpnal if $rcx==3 break kglpnal commands  silent  printf "kglpnal count %02d -- handle address: %016x, mode: %d ", ++$pn ,$rsi ,$rdx  echo kglnaobj address:  x/s $rsi+0x1a8  c  end break kglGetSO commands  silent  finish  end $ rlgdb -f -p 19893 -x lkpn11g.gdb ... 0x000000379a00da70 in __read_nocancel () from /lib64/libpthread.so.0 Breakpoint 1 at 0x983da94 Breakpoint 2 at 0x9839f5c Breakpoint 3 at 0x9845840 --//session 1: SCOTT@book> select * from dept where deptno=20; --//挂起!! (gdb) c Continuing. kgllkal count 01 -- handle address: 000000007db40c60, mode: 1 kglnaobj address:0x7db40e08:       "select * from dept where deptno=20" 0x000000000983db73 in kgllkal () (gdb) info regi rax            0x7c174e28       2081902120 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ rbx            0x60004668       1610630760 rcx            0x99d6510        161309968 rdx            0x7c174e28       2081902120 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ rsi            0xc0f1b58        202316632 rdi            0x7d63f408       2103702536 rbp            0x7ffff3af33b0   0x7ffff3af33b0 rsp            0x7ffff3af3300   0x7ffff3af3300 r8             0x14     20 r9             0x0      0 r10            0xea0    3744 r11            0x3      3 r12            0xc0cc9e0        202164704 r13            0x7db40c60       2108951648 r14            0x1      1 r15            0x7ffff3af39e0   140737281735136 rip            0x983db73        0x983db73 <kgllkal+227> eflags         0x246    [ PF ZF IF ] cs             0x33     51 ss             0x2b     43 ds             0x0      0 es             0x0      0 fs             0x0      0 gs             0x0      0 fctrl          0x27f    639 fstat          0x420    1056 ftag           0xffff   65535 fiseg          0x0      0 fioff          0x961e00e        157409294 foseg          0x7fff   32767 fooff          0xf3af4160       -206618272 fop            0x0      0 mxcsr          0x1fa0   [ PE IM DM ZM OM UM PM ] (gdb) c Continuing. kgllkal count 02 -- handle address: 000000007d927640, mode: 1 kglnaobj address:0x7d9277e8:       "" 0x000000000983db73 in kgllkal () (gdb) c Continuing. --//session 2: SYS@book> select KGLLKSNM sid ,KGLLKMOD,KGLLKREQ,KGLNAOBJ,KGLLKHDL,KGLLKADR,KGLLKUSE,KGLLKSES from x$kgllk where KGLNAOBJ='select * from dept where deptno=20';        SID   KGLLKMOD   KGLLKREQ KGLNAOBJ                                 KGLLKHDL         KGLLKADR         KGLLKUSE         KGLLKSES ---------- ---------- ---------- ---------------------------------------- ---------------- ---------------- ---------------- ----------------          1          1          0 select * from dept where deptno=20       000000007D927640 000000007D63F7E8 0000000085C77E38 0000000085C77E38          1          1          0 select * from dept where deptno=20       000000007DB40C60 000000007C174E28 0000000085C77E38 0000000085C77E38 --//注意看rax=0x7c174e28, 与KGLLKHDL=000000007DB40C60(父游标句柄)那行KGLLKADR=000000007C174E28相互对应。也就是返回后寄 --//存器rax的值就是返回lock address。好像rdx也能对上. --//这样就可以知道调用kgllkal，再调用kglGetSO返回的地址是0x000000000983db73,在此设置断点，查看相应寄存器就可以知道lock address。 --//这样gdb脚本改写如下： $ cat lkpn11g.gdb set pagination off #set print repeats 0 #set print elements 0 set logging file /tmp/lkpn.log set logging overwrite on set logging on set $lk  = 0 set $pn  = 0 set $lock  = 0 #break kgllkal if $rdx==3 #break kgllkal if ( $rdx==3 && $rsi==0x00000000670C9E58 ) #break kgllkal if $rsi==0x00000000670C9E58 break kgllkal commands  silent  printf "kgllkal count %02d -- handle address: %016x, mode: %d ", ++$lk ,$rsi ,$rdx  echo kglnaobj address:  x/s $rsi+0x1a8  c  end #break kglpnal if $rcx==3 break kglpnal commands  silent  printf "kglpnal count %02d -- handle address: %016x, mode: %d ", ++$pn ,$rsi ,$rdx  echo kglnaobj address:  x/s $rsi+0x1a8  c  end #break kglGetSO #commands # silent # finish # end break *0x000000000983db73 commands silent printf "kgllkal kglGetS0 lock address : %016x\n", $rax c end --//重复测试: --//session 2: SYS@book> select KGLLKSNM sid ,KGLLKMOD,KGLLKREQ,KGLNAOBJ,KGLLKHDL,KGLLKADR,KGLLKUSE,KGLLKSES from x$kgllk where KGLNAOBJ='select * from dept where deptno=20';        SID   KGLLKMOD   KGLLKREQ KGLNAOBJ                                 KGLLKHDL         KGLLKADR         KGLLKUSE         KGLLKSES ---------- ---------- ---------- ---------------------------------------- ---------------- ---------------- ---------------- ----------------          1          1          0 select * from dept where deptno=20       000000007D927640 000000007D63F7E8 0000000085C77E38 0000000085C77E38          1          1          0 select * from dept where deptno=20       000000007DB40C60 000000007C174E28 0000000085C77E38 0000000085C77E38 --//window 1: --//退出gdb界面,重新执行: $ rlgdb -f -p 19893 -x lkpn11g.gdb 0x000000379a00da70 in __read_nocancel () from /lib64/libpthread.so.0 Breakpoint 1 at 0x983da94 Breakpoint 2 at 0x9839f5c Breakpoint 3 at 0x983db73 (gdb) c Continuing. kgllkal count 01 -- handle address: 000000007db40c60, mode: 1 kglnaobj address:0x7db40e08:       "select * from dept where deptno=20" kglGetS0 lock address : 000000007c174e28 kgllkal count 02 -- handle address: 000000007d927640, mode: 1 kglnaobj address:0x7d9277e8:       "" kglGetS0 lock address : 000000007d63f7e8 --//完全能对上.剩下定位library cache pin address.实际上如法炮制. --//注解 lkpn11g.gdb脚本的break kgllkal段落. set logging file /tmp/lkpn.log set logging overwrite on set logging on set $lk  = 0 set $pn  = 0 set $lock  = 0 #break kgllkal if $rdx==3 #break kgllkal if ( $rdx==3 && $rsi==0x00000000670C9E58 ) #break kgllkal if $rsi==0x00000000670C9E58 #break kgllkal #commands # silent # printf "kgllkal count %02d -- handle address: %016x, mode: %d ", ++$lk ,$rsi ,$rdx # echo kglnaobj address: # x/s $rsi+0x1a8 # c # end #break kglpnal if $rcx==3 break kglpnal commands  silent  printf "kglpnal count %02d -- handle address: %016x, mode: %d ", ++$pn ,$rsi ,$rdx  echo kglnaobj address:  x/s $rsi+0x1a8  c  end break kglGetSO commands  silent  finish  end --//session 1: SCOTT@book> select * from dept where deptno=60; --//window 1: --//退出gdb界面,重新执行: (gdb) c Continuing. 0x000000000983db73 in kgllkal () (gdb) c Continuing. 0x000000000984175e in kglllal () (gdb) c Continuing. kglpnal count 01 -- handle address: 000000007c53b830, mode: 2 kglnaobj address:0x7c53b9d8:       "select * from dept where deptno=60" 0x000000000983a048 in kglpnal () --//这样就可以知道调用kglpnal，再调用kglGetSO返回的地址是0x000000000983a048,在此设置断点，查看相应寄存器就可以知道lock address。 --//注意一定要对应kglpna调用返回的值,前面2个不是. $ cat  lkpn11g.gdb set pagination off #set print repeats 0 #set print elements 0 set logging file /tmp/lkpn.log set logging overwrite on set logging on set $lk  = 0 set $pn  = 0 set $lock  = 0 #break kgllkal if $rdx==3 #break kgllkal if ( $rdx==3 && $rsi==0x00000000670C9E58 ) #break kgllkal if $rsi==0x00000000670C9E58 break kgllkal commands  silent  printf "kgllkal count %02d -- handle address: %016x, mode: %d ", ++$lk ,$rsi ,$rdx  echo kglnaobj address:  x/s $rsi+0x1a8  c  end #break kglpnal if $rcx==3 break kglpnal commands  silent  printf "kglpnal count %02d -- handle address: %016x, mode: %d ", ++$pn ,$rsi ,$rdx  echo kglnaobj address:  x/s $rsi+0x1a8  c  end #break kglGetSO #commands # silent # finish # end break *0x000000000983db73 commands silent printf "kglGetS0 return lock address : %016x %016x\n", $rax,$rdx c end break *0x000000000983a048 commands  silent  printf "kglGetS0 return pin address : %016x %016x\n", $rax,$rdx  c end --//session 1: SCOTT@book> select * from dept where deptno=32; no rows selected --//window 1: --//退出gdb界面,重新执行: Breakpoint 1 at 0x983da94 Breakpoint 2 at 0x9839f5c Breakpoint 3 at 0x983db73 Breakpoint 4 at 0x983a048 (gdb) c Continuing. kgllkal count 01 -- handle address: 000000007bea0990, mode: 1 kglnaobj address:0x7bea0b38:       "select * from dept where deptno=32" kglGetS0 return lock address : 000000007c175128 000000007c175128 kglpnal count 01 -- handle address: 000000007bea0990, mode: 2 kglnaobj address:0x7bea0b38:       "select * from dept where deptno=32" kglGetS0 return pin address : 000000007c175228 000000007c175228 kgllkal count 02 -- handle address: 000000007dbb0788, mode: 2 kglnaobj address:0x7dbb0930:       "bookSYS" kglGetS0 return lock address : 000000007c174e28 000000007c174e28 kgllkal count 03 -- handle address: 000000007c3e3ba8, mode: 2 kglnaobj address:0x7c3e3d50:       "c40e5b0d7f1b5ad0$BUILD$" kglGetS0 return lock address : 000000007c175228 000000007c175228 kgllkal count 04 -- handle address: 000000007cebdcb0, mode: 1 kglnaobj address:0x7cebde58:       "" kglGetS0 return lock address : 000000007d63f7e8 000000007d63f7e8 kglpnal count 02 -- handle address: 000000007cebdcb0, mode: 3 kglnaobj address:0x7cebde58:       "" kglGetS0 return pin address : 000000007c174e28 000000007c174e28 kgllkal count 05 -- handle address: 000000007dbb0788, mode: 2 kglnaobj address:0x7dbb0930:       "bookSYS" kglGetS0 return lock address : 000000007c175528 000000007c175528 kgllkal count 06 -- handle address: 000000007d932218, mode: 1 kglnaobj address:0x7d9323c0:       "23bc01efc31eccb6c40e5b0d7f1b5ad0Child:0" kglGetS0 return lock address : 000000007c5772e0 000000007c5772e0 kglpnal count 03 -- handle address: 000000007d932218, mode: 3 kglnaobj address:0x7d9323c0:       "23bc01efc31eccb6c40e5b0d7f1b5ad0Child:0" kglGetS0 return pin address : 000000007c5773e0 000000007c5773e0 kgllkal count 07 -- handle address: 000000007d1f57b8, mode: 1 kglnaobj address:0x7d1f5960:       "SCOTT" kglGetS0 return lock address : 000000007c5772e0 000000007c5772e0 kgllkal count 08 -- handle address: 000000007dbb0788, mode: 2 kglnaobj address:0x7dbb0930:       "bookSYS" kglGetS0 return lock address : 000000007c174e28 000000007c174e28 kgllkal count 09 -- handle address: 000000007d065910, mode: 2 kglnaobj address:0x7d065ab8:       "DEPTSCOTT" kglGetS0 return lock address : 000000007c175528 000000007c175528 kglpnal count 04 -- handle address: 000000007d065910, mode: 2 kglnaobj address:0x7d065ab8:       "DEPTSCOTT" kglGetS0 return pin address : 000000007c5773e0 000000007c5773e0 SYS@book> select * from x$kglpn where KGLPNSID=1; no rows selected --//pin address已经释放,另外写一篇验证自己的测试结果是否正确。.