SlideShare a Scribd company logo

Using the big guns: Advanced OS performance tools for troubleshooting database issues

Download as PPTX, PDF
N
Nikolay Savvinov

Using OS performance tools and basic alternatives to troubleshoot production database issues The document discusses using Linux performance tools like pidstat, ps, and tracing tools like perf, systemtap, and dtrace to troubleshoot complex database problems that may involve issues at the operating system, hardware, or network level. It provides examples of using these tools to diagnose specific issues like memory fragmentation, I/O problems, and network congestion and presents a methodology around reproducing issues, analyzing tool output, identifying root causes, and developing solutions.

Technology
1 of 38
Downloaded 13 times
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
Using the big guns Advanced OS performance tools and their more basic alternatives for tackling production issues Nikolai Savvinov, Deutsche Bank
About me • worked with databases for 19 years (started with MySQL) • working with Oracle database since approx. 2005 • Oracle database engineer, Deutsche Bank Moscow/London 2007-now • Last 10 years, specialize in database performance/internals • blog: savvinov.com, twitter: @oradiag
About this presentation • 50/50 overview of tools / practical use cases • All examples based on Oracle Linux 6 (kernel 4.1.12), Exadata X6-2 EF 3-node cluster • All opinions are my own and not of my employer (or Oracle corp) • Caveat emptor
Why use OS performance tools? • Database instruments things that are expected to be slow • Also, bugs and blind spots • Database doesn’t sit in a vacuum, there isn’t always clear-cut separation between application/database/OS/hw layers • Better understand Unix/Storage/Network when jointly troubleshooting issues
What kind of database prod issues are solved with OS performance tools • Memory issues • low-level memory leaks • memory fragmentation • NUMA • swapping • Kernel-level locking • I/O issues • e.g. suboptimal low-level I/O settings • Filesystem issues • e.g. too many files in a directory because a bug leading to excessive tracing • Network issues • e.g. poor TCP throughput due to congestion events
Overview of Linux performance tools
Basic process level tools • pidstat • -u for CPU (default) • -d for disk I/O • -r for memory • ps • -e to do output for all processes • -o to pick fields you like • e.g. wchan, state, rss • most useful when used “ASH-style” in ExaWatcher / OSWatcher • especially when combined with “OEM-style” visualization
WCHAN • WCHAN: the outermost system call where the process is waiting • Zero-overhead stack profiling tool that is always on (w/ OSWatcher) • Low frequency (every few seconds) • Sometimes doesn’t go all the way for some reason • Off CPU only • Kernel-space only
WCHAN example • Removed state=‘S’ (interruptible sleep) • cma_acquire_dev is biggest • CMA = contiguos memory allocation • called inside rdma_bind_addr • in drivers/infiniband/core/cma.c • RDMA is core IB technology • Exafusion relies on RDMA • RDMA is not NUMA-friendly
DIY-profilers • debugger command dumping a stack with a loop around it • not always stable/safe/predictable • pstack (Tanel Poder’s “poor man’s profiler”) • /proc/<pid>/stack (Luca Canali’s kstacksampler) • oradebug short_stack
Profilers/tracers in Linux • perf • systemtap • dtrace for Oracle Linux • ftrace • lttng https://sourceware.org/systemtap/wiki/SystemtapDtraceComparison http://www.brendangregg.com/blog/2015-07-08/choosing-a-linux-tracer.html
Scope of profiling tools • The output from a profiler does not always represent wall clock time • The standard (on-CPU) profiling is only valid for CPU-intensive loads • Off-CPU profiling can be tricky (e.g. perf requires CONFIG_SCHEDSTATS=y which is not the case for some Linux distributions), DIY-profilers or WCHAN can help • User-space vs kernel-space: a profiler can only be giving you one half of the picture, and not necessarily the one you need • Be sure to pick the right profiler for the task
Safety considerations • ptrace-based tools (strace, gdb, pstack etc.) are less safe • systemtap had some teething problems in early days, considered relatively safe now, but still has issues • Oracle Linux dtrace, perf and bcc(bpf) are probably the safest • It’s a good idea to build a large arsenal of tools • Use UAT as much as possible: even if the issue doesn’t reproduce itself in all its entirety, doesn’t mean some aspects of it can’t be reproduced • If the problem can’t be reproduced on UAT, one can try to reproduce it as isolated mockup activity on production – so if tracing crashes it, no biggie • Balance of risk: side effects of diagnostics vs issue going undiagnosed
Case study: memory fragmentation
Step 1: high-level picture • Problems started shortly after 18c upgrade • The main symptom experienced by users was connection delays • The obvious things to check were listener, cluster database alert and kernel logs • On the system level, somewhat elevated sys CPU was noticed • WCHAN analysis didn’t reveal any interesting waits, but showed that extended periods of busy CPU for some of the listeners • pidstat confirmed there were periods of 100% sys CPU for listener processes
Step 2: getting stacks • We know what processes we want • We are interested in on-CPU samples • We are interested in kernel-space stacks • Two obvious choices: /proc/<pid>/stack based sampling or “proper” stack profiling using perf • Both are sufficiently safe, but perf can cause noticeable overhead, so we started with kstacksampler, but then also used perf
Step 3 (optional here): visualization
Step 4: make sense out of results • Identify biggest branch(es) • Identify stack structure, e.g. in this example • Oracle Network Session layer calls • Oracle Network Transport calls • VFS syscalls • TCP syscalls • page allocation • direct compaction • page migration • Identify key elements • Read relevant parts of documentation • Look at the source code • Read source comments + git blame/history
Sidenote: compaction and fragmentation • Compaction is an algorithm for memory defragmentation • Normally kernel shouldn’t care if memory is fragmented • Some pieces do, however (like device drivers) • Apparently, TCP implementation also relies on contiguous allocations • A chunk is 2^N pages (4kB), N = order • When initial allocation attempt fails, there are a number of possible fallback strategies (depending on GFP flags) • One common scenario is direct compaction • While doing compaction, the process will be unresponsive
Step 5: finding solution
Step 6: getting additional detail sudo perf probe --add 'sk_stream_alloc_skb sk=%di size=%si gfp=%dx force=%cx' sudo perf probe --add '__alloc_pages_nodemask gfp_mask=%di order=%si zonelist=%dx zonemask=%cx' sudo perf record -e probe:sk_stream_alloc_skb --filter 'size>0x1000’ –e probe:__alloc_pages_nodemask --filter 'order>4' -agR sleep 100 ============================================================ tgtd 5216 [004] 5706280.274976: probe:sk_stream_alloc_skb: (ffffffff816232d0) sk=0xffff8804959b9800 size=0x1b30 gfp=0xd0 force=0x40 ibportstate 17206 [003] 5706280.311569: probe:__alloc_pages_nodemask: (ffffffff81191fa0) gfp_mask=0x2c0 order=0x6 zonelist=0xffff88407ffd8e00 zonemask=0x0 7fff81193fa1 __alloc_pages_nodemask ([kernel.kallsyms]) 7fff81069641 x86_swiotlb_alloc_coherent ([kernel.kallsyms]) 7fffa01bd88f mlx4_alloc_icm ([kernel.kallsyms])
Step 7: digging a little bit deeper…
Summary • OS tools can be very useful or even necessary for troubleshooting complex cluster or database issues • Much can be done with basic risk-free OS tools like ps • Some tracing/profiling tools are safer than others • Low-level OS tools become safer over time, but can still carry risk • There are ways to minimize the risk • Weigh the risk of side effects against the risk of not solving the issue
Credits • Brendan Gregg – Linux performance expert • Tanel Poder, Luca Canali, Frits Hoogland, Andrey Nikolaev, Alexander Anokhin – pioneered use of OS low-level tools in Oracle troubleshooting • Thanks UKOUG organizers for the opportunity!
Bonus slides
WCHAN example 2: NUMA balancing
WCHAN example 3: inode cache depletion
Systemtap safety “In practice, there are several weak points in systemtap and the underlying kprobes system at the time of writing. Putting probes indiscriminately into unusually sensitive parts of the kernel (low level context switching, interrupt dispatching) has reportedly caused crashes in the past. We are fixing these bugs as they are found, and constructing a probe point “blacklist”, but it is not complete” Frank Ch. Eigler, Systemtap tutorial, November 2019 https://sourceware.org/systemtap/tutorial.pdf
Bcc (bpf) safety It is unlikely that the programs should cause the kernel to crash, loop or become unresponsive because they run in a safe virtual machine in the kernel.
Hanging the system with a simple “cat”
Other low-level OS tools • tcpdump • iosnoop
Tcpdump for network performance • SQL*Net tracing on client/server side doesn’t always reveal problem • Network-side metrics don’t always reveal problem • Various pings almost never reveal the problem • Many TCP performance problems have to do with congestion control • A variety of tools for analyzing the dumps, e.g. Wireshark • Can dump to ASCII and use own tools
Our case • Log file sync delays, sometimes spiking to tens of seconds • Production synchronously replicated to standby via DataGuard • Synchronicity was essential (Max Availability) • Pings show nothing • netops say the network is fine
Analysis • We did a tcpdump capture at both ends • Tcpdump shows congestion window (bytes in flight) • It was shrinking in response to congestion events
Remediation • Remediation: netops removed bottlenecks, optimized QoS, top users working on improving colocality of their estate • Monitoring/alerting: how do we define thresholds for packet loss? • Zero-loss networks are expensive • In a non zero-loss network, what level of packet loss is acceptable? • Relationship between throughput and packet loss in TCP was approximated by Mathis in 1997 • 𝑡ℎ𝑟𝑜𝑢𝑔ℎ𝑝𝑢𝑡 ≤ 𝑀𝑆𝑆 𝑙𝑎𝑡𝑒𝑛𝑐𝑦 𝑝𝑎𝑐𝑘𝑒𝑡 𝑙𝑜𝑠𝑠 • Assuming 1 ms latency, this meant 1.5 𝑝𝑎𝑐𝑘𝑒𝑡 𝑙𝑜𝑠𝑠 MB/s, or 0.25% for 30 MB/s
Iosnoop • gives a high resolution picture of I/O usage (low-res can be obtained from iotop) • ftrace based • reported safe • observed high performance overhead
Our case • General slowness on one of the nodes during certain periods • Nothing helpful in AWR/ASH • ExaWatcher iostat showed I/O spikes on another node • High “reliable message” waits on that other node • iotop didn’t reveal the culprit
Analysis & remediation • iosnoop told us the high I/O was from admin f/s housekeeping • housekeeping had too much work due to excessive tracing • processes were slow due to slow writes to trace files • slowness propagated to another node via inter-node communication (“reliable message”) • Remediation: excessive tracing patched, housekeeping job optimized, old files moved manually, scheduling clash resolved

More Related Content

PPTX
Performance analysis and troubleshooting using DTrace
Graeme Jenkinson
 
PDF
Session 1 introduction concurrent programming
Eric Verhulst
 
PPTX
Networking Architecture of Warframe
Maciej Siniło
 
PPTX
Introduction to .NET Performance Measurement
Sasha Goldshtein
 
PPTX
Debugging multiplayer games
Maciej Siniło
 
PDF
Overview of Linux real-time challenges
Daniel Stenberg
 
PPTX
Practical Windows Kernel Exploitation
zeroSteiner
 
PPTX
Real time Linux
navid ashrafi
 
Performance analysis and troubleshooting using DTrace
Graeme Jenkinson
 
Session 1 introduction concurrent programming
Eric Verhulst
 
Networking Architecture of Warframe
Maciej Siniło
 
Introduction to .NET Performance Measurement
Sasha Goldshtein
 
Debugging multiplayer games
Maciej Siniło
 
Overview of Linux real-time challenges
Daniel Stenberg
 
Practical Windows Kernel Exploitation
zeroSteiner
 
Real time Linux
navid ashrafi
 

What's hot (20)

PPTX
Thread
Syed Zaid Irshad
 
PPTX
Fun With Dr Brown
zeroSteiner
 
PPTX
Process Scheduling Algorithms | Interviews | Operating system
Shivam Mitra
 
PPTX
Process management in operating system | process states | PCB | FORK() | Zomb...
Shivam Mitra
 
PPTX
Techno-Fest-15nov16
Satish Navkar
 
PDF
Mastering Real-time Linux
Jean-François Deverge
 
PPTX
Threads in Operating System | Multithreading | Interprocess Communication
Shivam Mitra
 
PPTX
Steelcon 2014 - Process Injection with Python
infodox
 
PDF
Making Linux do Hard Real-time
National Cheng Kung University
 
PDF
CNIT 126 2: Malware Analysis in Virtual Machines & 3: Basic Dynamic Analysis
Sam Bowne
 
PPT
RT linux
SARITHA REDDY
 
PDF
Mike Bartley - Innovations for Testing Parallel Software - EuroSTAR 2012
TEST Huddle
 
PPTX
Security research over Windows #defcon china
Peter Hlavaty
 
PPTX
Towards "write once - run whenever possible" with Safety Critical Java af Ben...
InfinIT - Innovationsnetværket for it
 
PPTX
Memory management in operating system | Paging | Virtual memory
Shivam Mitra
 
PPTX
Why internal pen tests are still fun
pyschedelicsupernova
 
PPTX
Stop Feeding IBM i Performance Hogs - Robot
HelpSystems
 
PPT
Rt linux-lab1
JOLLUSUDARSHANREDDY
 
PDF
Rainbow Over the Windows: More Colors Than You Could Expect
Peter Hlavaty
 
PDF
Process injection - Malware style
Sander Demeester
 
Thread
Syed Zaid Irshad
 
Fun With Dr Brown
zeroSteiner
 
Process Scheduling Algorithms | Interviews | Operating system
Shivam Mitra
 
Process management in operating system | process states | PCB | FORK() | Zomb...
Shivam Mitra
 
Techno-Fest-15nov16
Satish Navkar
 
Mastering Real-time Linux
Jean-François Deverge
 
Threads in Operating System | Multithreading | Interprocess Communication
Shivam Mitra
 
Steelcon 2014 - Process Injection with Python
infodox
 
Making Linux do Hard Real-time
National Cheng Kung University
 
CNIT 126 2: Malware Analysis in Virtual Machines & 3: Basic Dynamic Analysis
Sam Bowne
 
RT linux
SARITHA REDDY
 
Mike Bartley - Innovations for Testing Parallel Software - EuroSTAR 2012
TEST Huddle
 
Security research over Windows #defcon china
Peter Hlavaty
 
Towards "write once - run whenever possible" with Safety Critical Java af Ben...
InfinIT - Innovationsnetværket for it
 
Memory management in operating system | Paging | Virtual memory
Shivam Mitra
 
Why internal pen tests are still fun
pyschedelicsupernova
 
Stop Feeding IBM i Performance Hogs - Robot
HelpSystems
 
Rt linux-lab1
JOLLUSUDARSHANREDDY
 
Rainbow Over the Windows: More Colors Than You Could Expect
Peter Hlavaty
 
Process injection - Malware style
Sander Demeester
 
Ad

Similar to Using the big guns: Advanced OS performance tools for troubleshooting database issues (20)

PDF
Linux Performance Analysis: New Tools and Old Secrets
Brendan Gregg
 
PDF
Linux Perf Tools
Raj Pandey
 
PDF
Velocity 2015 linux perf tools
Brendan Gregg
 
PDF
MeetBSD2014 Performance Analysis
Brendan Gregg
 
PPTX
The power of linux advanced tracer [POUG18]
Mahmoud Hatem
 
PDF
Kernel Recipes 2017 - Using Linux perf at Netflix - Brendan Gregg
Anne Nicolas
 
PDF
Kernel Recipes 2017: Using Linux perf at Netflix
Brendan Gregg
 
PDF
Linux Performance Tools 2014
Brendan Gregg
 
PDF
Linux Profiling at Netflix
Brendan Gregg
 
PDF
Linux Performance Tools
Brendan Gregg
 
PDF
My talk at Linux Piter 2015
Alex Chistyakov
 
PDF
Linux Systems Performance 2016
Brendan Gregg
 
PPT
Servers and Processes: Behavior and Analysis
dreamwidth
 
PDF
Hotsos Advanced Linux Tools
Kellyn Pot'Vin-Gorman
 
PDF
test
WentingLiu4
 
PDF
LISA2019 Linux Systems Performance
Brendan Gregg
 
PPTX
Dpdk applications
Vipin Varghese
 
PPT
Capacity Planning Free Solution
luanrjesus
 
PDF
Linux Server Deep Dives (DrupalCon Amsterdam)
Amin Astaneh
 
POTX
Performance Tuning EC2 Instances
Brendan Gregg
 
Linux Performance Analysis: New Tools and Old Secrets
Brendan Gregg
 
Linux Perf Tools
Raj Pandey
 
Velocity 2015 linux perf tools
Brendan Gregg
 
MeetBSD2014 Performance Analysis
Brendan Gregg
 
The power of linux advanced tracer [POUG18]
Mahmoud Hatem
 
Kernel Recipes 2017 - Using Linux perf at Netflix - Brendan Gregg
Anne Nicolas
 
Kernel Recipes 2017: Using Linux perf at Netflix
Brendan Gregg
 
Linux Performance Tools 2014
Brendan Gregg
 
Linux Profiling at Netflix
Brendan Gregg
 
Linux Performance Tools
Brendan Gregg
 
My talk at Linux Piter 2015
Alex Chistyakov
 
Linux Systems Performance 2016
Brendan Gregg
 
Servers and Processes: Behavior and Analysis
dreamwidth
 
Hotsos Advanced Linux Tools
Kellyn Pot'Vin-Gorman
 
test
WentingLiu4
 
LISA2019 Linux Systems Performance
Brendan Gregg
 
Dpdk applications
Vipin Varghese
 
Capacity Planning Free Solution
luanrjesus
 
Linux Server Deep Dives (DrupalCon Amsterdam)
Amin Astaneh
 
Performance Tuning EC2 Instances
Brendan Gregg
 
Ad

Recently uploaded (20)

PDF
Reach Out and Touch Someone: Haptics and Empathic Computing
Mark Billinghurst
 
PPT
“AI and Expert System Decision Support & Business Intelligence Systems”
ZubinRadhakrishnan
 
PDF
TokAI - TikTok AI Agent : The First AI Application That Analyzes 10,000+ Vira...
SOFTTECHHUB
 
PPTX
ACSFv1EN-58255 AWS Academy Cloud Security Foundations.pptx
23bcla24
 
PDF
Build a system with the filesystem maintained by OSTree @ COSCUP 2025
Jian-Hong Pan
 
PDF
Approach and Philosophy of On baking technology
30anthuong17
 
PDF
7 ChatGPT Prompts to Help You Define Your Ideal Customer Profile.pdf
SOFTTECHHUB
 
PDF
Profit Center Accounting in SAP S/4HANA, S4F28 Col11
Libreria ERP
 
PDF
Advanced methodologies resolving dimensionality complications for autism neur...
IAESIJAI
 
PDF
Encapsulation theory and applications.pdf
gurumoop
 
PDF
Unlocking AI with Model Context Protocol (MCP)
Brian McKeiver
 
PPTX
VMware vSphere Foundation How to Sell Presentation-Ver1.4-2-14-2024.pptx
blackmambaettijean
 
PDF
Encapsulation_ Review paper, used for researhc scholars
gurumoop
 
PDF
Blue Purple Modern Animated Computer Science Presentation.pdf.pdf
Akar16
 
PDF
Peak of Data & AI Encore- AI for Metadata and Smarter Workflows
Safe Software
 
PPTX
Big Data Technologies - Introduction.pptx
kuthubussaman1
 
PPTX
Spectroscopy.pptx food analysis technology
nawahassan45
 
PPTX
Detection-First SIEM: Rule Types, Dashboards, and Threat-Informed Strategy
ReZa AdineH
 
PPTX
KOM of Painting work and Equipment Insulation REV00 update 25-dec.pptx
muhammadmuneebnaeem7
 
PPTX
sap open course for s4hana steps from ECC to s4
sreeni2106invites
 
Reach Out and Touch Someone: Haptics and Empathic Computing
Mark Billinghurst
 
“AI and Expert System Decision Support & Business Intelligence Systems”
ZubinRadhakrishnan
 
TokAI - TikTok AI Agent : The First AI Application That Analyzes 10,000+ Vira...
SOFTTECHHUB
 
ACSFv1EN-58255 AWS Academy Cloud Security Foundations.pptx
23bcla24
 
Build a system with the filesystem maintained by OSTree @ COSCUP 2025
Jian-Hong Pan
 
Approach and Philosophy of On baking technology
30anthuong17
 
7 ChatGPT Prompts to Help You Define Your Ideal Customer Profile.pdf
SOFTTECHHUB
 
Profit Center Accounting in SAP S/4HANA, S4F28 Col11
Libreria ERP
 
Advanced methodologies resolving dimensionality complications for autism neur...
IAESIJAI
 
Encapsulation theory and applications.pdf
gurumoop
 
Unlocking AI with Model Context Protocol (MCP)
Brian McKeiver
 
VMware vSphere Foundation How to Sell Presentation-Ver1.4-2-14-2024.pptx
blackmambaettijean
 
Encapsulation_ Review paper, used for researhc scholars
gurumoop
 
Blue Purple Modern Animated Computer Science Presentation.pdf.pdf
Akar16
 
Peak of Data & AI Encore- AI for Metadata and Smarter Workflows
Safe Software
 
Big Data Technologies - Introduction.pptx
kuthubussaman1
 
Spectroscopy.pptx food analysis technology
nawahassan45
 
Detection-First SIEM: Rule Types, Dashboards, and Threat-Informed Strategy
ReZa AdineH
 
KOM of Painting work and Equipment Insulation REV00 update 25-dec.pptx
muhammadmuneebnaeem7
 
sap open course for s4hana steps from ECC to s4
sreeni2106invites
 

Using the big guns: Advanced OS performance tools for troubleshooting database issues

  • 1. Using the big guns Advanced OS performance tools and their more basic alternatives for tackling production issues Nikolai Savvinov, Deutsche Bank
  • 2. About me • worked with databases for 19 years (started with MySQL) • working with Oracle database since approx. 2005 • Oracle database engineer, Deutsche Bank Moscow/London 2007-now • Last 10 years, specialize in database performance/internals • blog: savvinov.com, twitter: @oradiag
  • 3. About this presentation • 50/50 overview of tools / practical use cases • All examples based on Oracle Linux 6 (kernel 4.1.12), Exadata X6-2 EF 3-node cluster • All opinions are my own and not of my employer (or Oracle corp) • Caveat emptor
  • 4. Why use OS performance tools? • Database instruments things that are expected to be slow • Also, bugs and blind spots • Database doesn’t sit in a vacuum, there isn’t always clear-cut separation between application/database/OS/hw layers • Better understand Unix/Storage/Network when jointly troubleshooting issues
  • 5. What kind of database prod issues are solved with OS performance tools • Memory issues • low-level memory leaks • memory fragmentation • NUMA • swapping • Kernel-level locking • I/O issues • e.g. suboptimal low-level I/O settings • Filesystem issues • e.g. too many files in a directory because a bug leading to excessive tracing • Network issues • e.g. poor TCP throughput due to congestion events
  • 6. Overview of Linux performance tools
  • 7. Basic process level tools • pidstat • -u for CPU (default) • -d for disk I/O • -r for memory • ps • -e to do output for all processes • -o to pick fields you like • e.g. wchan, state, rss • most useful when used “ASH-style” in ExaWatcher / OSWatcher • especially when combined with “OEM-style” visualization
  • 8. WCHAN • WCHAN: the outermost system call where the process is waiting • Zero-overhead stack profiling tool that is always on (w/ OSWatcher) • Low frequency (every few seconds) • Sometimes doesn’t go all the way for some reason • Off CPU only • Kernel-space only
  • 9. WCHAN example • Removed state=‘S’ (interruptible sleep) • cma_acquire_dev is biggest • CMA = contiguos memory allocation • called inside rdma_bind_addr • in drivers/infiniband/core/cma.c • RDMA is core IB technology • Exafusion relies on RDMA • RDMA is not NUMA-friendly
  • 10. DIY-profilers • debugger command dumping a stack with a loop around it • not always stable/safe/predictable • pstack (Tanel Poder’s “poor man’s profiler”) • /proc/<pid>/stack (Luca Canali’s kstacksampler) • oradebug short_stack
  • 11. Profilers/tracers in Linux • perf • systemtap • dtrace for Oracle Linux • ftrace • lttng https://sourceware.org/systemtap/wiki/SystemtapDtraceComparison http://www.brendangregg.com/blog/2015-07-08/choosing-a-linux-tracer.html
  • 12. Scope of profiling tools • The output from a profiler does not always represent wall clock time • The standard (on-CPU) profiling is only valid for CPU-intensive loads • Off-CPU profiling can be tricky (e.g. perf requires CONFIG_SCHEDSTATS=y which is not the case for some Linux distributions), DIY-profilers or WCHAN can help • User-space vs kernel-space: a profiler can only be giving you one half of the picture, and not necessarily the one you need • Be sure to pick the right profiler for the task
  • 13. Safety considerations • ptrace-based tools (strace, gdb, pstack etc.) are less safe • systemtap had some teething problems in early days, considered relatively safe now, but still has issues • Oracle Linux dtrace, perf and bcc(bpf) are probably the safest • It’s a good idea to build a large arsenal of tools • Use UAT as much as possible: even if the issue doesn’t reproduce itself in all its entirety, doesn’t mean some aspects of it can’t be reproduced • If the problem can’t be reproduced on UAT, one can try to reproduce it as isolated mockup activity on production – so if tracing crashes it, no biggie • Balance of risk: side effects of diagnostics vs issue going undiagnosed
  • 15. Step 1: high-level picture • Problems started shortly after 18c upgrade • The main symptom experienced by users was connection delays • The obvious things to check were listener, cluster database alert and kernel logs • On the system level, somewhat elevated sys CPU was noticed • WCHAN analysis didn’t reveal any interesting waits, but showed that extended periods of busy CPU for some of the listeners • pidstat confirmed there were periods of 100% sys CPU for listener processes
  • 16. Step 2: getting stacks • We know what processes we want • We are interested in on-CPU samples • We are interested in kernel-space stacks • Two obvious choices: /proc/<pid>/stack based sampling or “proper” stack profiling using perf • Both are sufficiently safe, but perf can cause noticeable overhead, so we started with kstacksampler, but then also used perf
  • 17. Step 3 (optional here): visualization
  • 18. Step 4: make sense out of results • Identify biggest branch(es) • Identify stack structure, e.g. in this example • Oracle Network Session layer calls • Oracle Network Transport calls • VFS syscalls • TCP syscalls • page allocation • direct compaction • page migration • Identify key elements • Read relevant parts of documentation • Look at the source code • Read source comments + git blame/history
  • 19. Sidenote: compaction and fragmentation • Compaction is an algorithm for memory defragmentation • Normally kernel shouldn’t care if memory is fragmented • Some pieces do, however (like device drivers) • Apparently, TCP implementation also relies on contiguous allocations • A chunk is 2^N pages (4kB), N = order • When initial allocation attempt fails, there are a number of possible fallback strategies (depending on GFP flags) • One common scenario is direct compaction • While doing compaction, the process will be unresponsive
  • 20. Step 5: finding solution
  • 21. Step 6: getting additional detail sudo perf probe --add 'sk_stream_alloc_skb sk=%di size=%si gfp=%dx force=%cx' sudo perf probe --add '__alloc_pages_nodemask gfp_mask=%di order=%si zonelist=%dx zonemask=%cx' sudo perf record -e probe:sk_stream_alloc_skb --filter 'size>0x1000’ –e probe:__alloc_pages_nodemask --filter 'order>4' -agR sleep 100 ============================================================ tgtd 5216 [004] 5706280.274976: probe:sk_stream_alloc_skb: (ffffffff816232d0) sk=0xffff8804959b9800 size=0x1b30 gfp=0xd0 force=0x40 ibportstate 17206 [003] 5706280.311569: probe:__alloc_pages_nodemask: (ffffffff81191fa0) gfp_mask=0x2c0 order=0x6 zonelist=0xffff88407ffd8e00 zonemask=0x0 7fff81193fa1 __alloc_pages_nodemask ([kernel.kallsyms]) 7fff81069641 x86_swiotlb_alloc_coherent ([kernel.kallsyms]) 7fffa01bd88f mlx4_alloc_icm ([kernel.kallsyms])
  • 22. Step 7: digging a little bit deeper…
  • 23. Summary • OS tools can be very useful or even necessary for troubleshooting complex cluster or database issues • Much can be done with basic risk-free OS tools like ps • Some tracing/profiling tools are safer than others • Low-level OS tools become safer over time, but can still carry risk • There are ways to minimize the risk • Weigh the risk of side effects against the risk of not solving the issue
  • 24. Credits • Brendan Gregg – Linux performance expert • Tanel Poder, Luca Canali, Frits Hoogland, Andrey Nikolaev, Alexander Anokhin – pioneered use of OS low-level tools in Oracle troubleshooting • Thanks UKOUG organizers for the opportunity!
  • 26. WCHAN example 2: NUMA balancing
  • 27. WCHAN example 3: inode cache depletion
  • 28. Systemtap safety “In practice, there are several weak points in systemtap and the underlying kprobes system at the time of writing. Putting probes indiscriminately into unusually sensitive parts of the kernel (low level context switching, interrupt dispatching) has reportedly caused crashes in the past. We are fixing these bugs as they are found, and constructing a probe point “blacklist”, but it is not complete” Frank Ch. Eigler, Systemtap tutorial, November 2019 https://sourceware.org/systemtap/tutorial.pdf
  • 29. Bcc (bpf) safety It is unlikely that the programs should cause the kernel to crash, loop or become unresponsive because they run in a safe virtual machine in the kernel.
  • 30. Hanging the system with a simple “cat”
  • 31. Other low-level OS tools • tcpdump • iosnoop
  • 32. Tcpdump for network performance • SQL*Net tracing on client/server side doesn’t always reveal problem • Network-side metrics don’t always reveal problem • Various pings almost never reveal the problem • Many TCP performance problems have to do with congestion control • A variety of tools for analyzing the dumps, e.g. Wireshark • Can dump to ASCII and use own tools
  • 33. Our case • Log file sync delays, sometimes spiking to tens of seconds • Production synchronously replicated to standby via DataGuard • Synchronicity was essential (Max Availability) • Pings show nothing • netops say the network is fine
  • 34. Analysis • We did a tcpdump capture at both ends • Tcpdump shows congestion window (bytes in flight) • It was shrinking in response to congestion events
  • 35. Remediation • Remediation: netops removed bottlenecks, optimized QoS, top users working on improving colocality of their estate • Monitoring/alerting: how do we define thresholds for packet loss? • Zero-loss networks are expensive • In a non zero-loss network, what level of packet loss is acceptable? • Relationship between throughput and packet loss in TCP was approximated by Mathis in 1997 • 𝑡ℎ𝑟𝑜𝑢𝑔ℎ𝑝𝑢𝑡 ≤ 𝑀𝑆𝑆 𝑙𝑎𝑡𝑒𝑛𝑐𝑦 𝑝𝑎𝑐𝑘𝑒𝑡 𝑙𝑜𝑠𝑠 • Assuming 1 ms latency, this meant 1.5 𝑝𝑎𝑐𝑘𝑒𝑡 𝑙𝑜𝑠𝑠 MB/s, or 0.25% for 30 MB/s
  • 36. Iosnoop • gives a high resolution picture of I/O usage (low-res can be obtained from iotop) • ftrace based • reported safe • observed high performance overhead
  • 37. Our case • General slowness on one of the nodes during certain periods • Nothing helpful in AWR/ASH • ExaWatcher iostat showed I/O spikes on another node • High “reliable message” waits on that other node • iotop didn’t reveal the culprit
  • 38. Analysis & remediation • iosnoop told us the high I/O was from admin f/s housekeeping • housekeeping had too much work due to excessive tracing • processes were slow due to slow writes to trace files • slowness propagated to another node via inter-node communication (“reliable message”) • Remediation: excessive tracing patched, housekeeping job optimized, old files moved manually, scheduling clash resolved