Flashes (Alerts)
Abstract
Guardium Development have identified an issue with STAP 8.2 running in Oracle RAC/Linux which has a potential to cause a server crash.
[]Latest update:
This update is from September 23, 2014 to the document originally published in May, 2012.
The purpose of this update is to clarify:
[]
[]The code to address server crash is present in the original version of STAP v9 and in all subsequent revisions therefore all v9 STAP revisions (and future versions) are not exposed to this crash.
[]The recommendation regarding unix_domain_socket_marker to filter out unusable inter-cluster communication is relevant to all versions of STAP.
[][]
Content
The guard_tap.ini of every cluster node should be changed immediately to reduce the chances of a server failure to ‘very low’.
There are two options to do this below - Manual Correction or Automatic Script
Tab navigation
- Manual Correction- selected tab,
- Automatic Script
The original manual method for changing the configuration is as follows.
It is recommended to perform both steps 1. and 2. below independently. The configuration change to the guard_tap.ini is important to filter out unusable inter cluster communication.
- Please make the following change in guard_tap.ini
unix_domain_socket_marker=
wherevalue can be found in listener.ora in the IPC protocol definition
Example 1:
If the following is a description in the listener.ora
LISTENER=(DESCRIPTION=(ADDRESS_LIST=(ADDRESS=(PROTOCOL=IPC)(KEY=ORCL))))
…
then change the following parameter accordingly
unix_domain_socket_marker=ORCL
Example 2:LISTENER=(DESCRIPTION=(ADDRESS_LIST=(ADDRESS=(PROTOCOL=IPC)(KEY=LISTENER))))
In the case where there is more than one IPC line in listener.orause a common denominator of all the key
LISTENER_SCAN1=(DESCRIPTION=(ADDRESS_LIST=(ADDRESS=(PROTOCOL=IPC)(KEY=LISTENER_SCAN1))))
LISTENER_SCAN2=(DESCRIPTION=(ADDRESS_LIST=(ADDRESS=(PROTOCOL=IPC)(KEY=LISTENER_SCAN2))))
LISTENER_SCAN3=(DESCRIPTION=(ADDRESS_LIST=(ADDRESS=(PROTOCOL=IPC)(KEY=LISTENER_SCAN3))))
Guardium uses a string search in the path so "LISTENER" will work for all 4 and should be used in this case:
unix_domain_socket_marker=LISTENER
run "/ktap/current/guard_ktap_stat get " and look for "khash entry count" - it shows the number of available entries in the hash (out of what was configured in guard_tap.ini, the default is 8K).
- If the number of entries is less than 2024, stop stap until Oracle can be restarted or the server can be rebooted.
- If the number of entries is more than 2024, restart stap so that the new configuration takes effect. (no need to bounce Oracle or reboot the system)
Example 3:
In the case where there is no common denominator create inspection engines with unix_domain_socket_marker
corresponding to the specific IPC key(s). For example the guard_tap.ini may look similar to this example in the end :
[DB_0]
...
unix_domain_socket_marker=EXTPROC1522
...
[DB_1]
...
unix_domain_socket_marker=REGISTER
...
- If the number of entries is less than 2024, stop stap until Oracle can be restarted or the server can be rebooted.
The code to address server crash is present in the original version of STAP v9 and in all subsequent revisions therefore all v9 STAP revisions (and future versions) are not exposed to this crash.
Reboot your server at your earliest convenience after making the above changes.
Related Information
Was this topic helpful?
Document Information
Modified date:
25 September 2022
UID
swg21596526