Oracle SPY Events
-- Dennis Yurichev
This win32 utility intercept internal Oracle RDBMS function calls to ksdpec() and ss_wrtf() and may be used for undocumented Oracle trace events hunting.
Some trace events used for turning on some debug messages, some used for behavior change, some are even used for turning on and off some bug fixes.
Trace event may be turning on by issuing command like that:
ALTER SYSTEM SET EVENTS '10051 trace name context forever, level 255';
It assign value of 255 to event number 10051.
In reply to Jared Still's blog entry entitled "Undocumented Oracle Functions".
These are SYS_OP_* functions which I able to find in 11.1.0.7.0, however, I do not have any clue about what each does.
SYS_OP_ALEXPCOL SYS_OP_ATG SYS_OP_BL2R SYS_OP_BLOOM_FILTER SYS_OP_BLOOM_FILTER_LIST SYS_OP_C2C SYS_OP_CEG SYS_OP_CL2C SYS_OP_COMBINED_HASH SYS_OP_COMP SYS_OP_CONVERT SYS_OP_COUNTCHG SYS_OP_CSCONV SYS_OP_CSCONVTEST SYS_OP_CSR SYS_OP_CSX_PATCH SYS_OP_CSX_UPD SYS_OP_DECOMP
Here is some info about Oracle RDBMS modules from newly released 11.1.0.7.0 Linux x86 patchset.
As it was done before for 10.2.0.4, each .txt file representing functions list for each object (.o) file from libserver11.a, information about possible functions calls and their arguments.
It may be useful for debug messages tracing, etc.
See also my previous blog entry about the same, but for 10.2.0.4.
Very interesting text of unknown origin appeared on some forum, named "Basics of C within the Oracle kernel."
It contains also code snippets from ksl.h and ksl.c.
Basics of C within the Oracle kernel.
C is a function based language and as with most languages is composed of
declarations and statement blocks.
Below is a very simple example and even this example uses 5 functions:
strcat(),strcpy(),write(),strlen() and print_string().
***************
Once upon a time, I disassembled all object files (*.o) extracted from libserver10.a file which is main Oracle RDBMS library, from version 10.2.0.4 Linux x86.
After, I fetched essentials from each one: which functions are in each object file are present, which other functions they may call and possible arguments list.
Here is a short example of what I got:
* Function krvsats
May call krvsarts ()
May call ksdwrf ("krvsats->\n")
May call ksdpec (0x3FAC)
May call ksdpec (0x545)
May call kspgip (ds:kxfpx2_, 1, ...)
May call kslgetl (offset krvsvl_, 1, 0, offset krvsvl_alo_)
Oracle SPY
-- Dennis Yurichev <dennis(@)conus.info> http://blogs.conus.info
This is win32 utility which intercepts internal Oracle RDBMS function calls to rpisplu(), kprbprs(), opiprs() and OCIStmtPrepare() - all these 4 functions used in internal SQL processing. All they are actually "parse" command from different RDBMS layers.
Thereby, this utility allow us to see all (As I know) internal SQL executions.
It may be used for debugging, educational or any other purposes.
It was tested on Oracle 9.2.0.8, 10.1.0.5, 10.2.0.3 and 11.1.0.6.0, of course, for win32 platform.
I'm not sure, which C compiler was used to compile Oracle 11.1.0.6.0 win32 (maybe Intel(R) C++ 9.1, which is used for 11.1.0.6.0 Linux), but it generate some strange things:
.text:0051FBF8 85 C0 test eax, eax .text:0051FBFA 0F 84 8F 00 00 00 jz loc_51FC8F .text:0051FC00 74 1D jz short loc_51FC1F
(This code is from Oracle 11.1.0.6.0 Win32 CPUjul2008)
There're well-known parameters trace_level_server and trace_level_client in sqlnet.ora, which are defining debugging level of trace files.
A lot of network functions may call a special trace writer function which put passed information into trace file.
Usually, software developer with common sense makes trace writer function checking current debug level and let this tracer writer decide if to write any information to file. In this case his code is relatively clean and clear.
It is clever idea used in Oracle RDBMS, where, in complex memory control environment, there are a presence of different malloc()-like functions.
Major portion of these malloc()-like functions also have comment-parameter, where caller pass short human-readable parameter, describing, for what this memory will be used.
After that, at any point of program execution, it is possible to see statistics, what are major memory consumers.
Also, in case of memory leakage, it is possible to see, what memory were not freed.
I tried to use FPGA in quick search of original Oracle RDBMS account passwords extracting their hash values from database.
Relatively simple hashing algorithm used there, involving DES crypto algorithm.
I used three FPGA developer kits for this.
Recent comments
6 weeks 2 days ago
6 weeks 6 days ago
6 weeks 6 days ago
19 weeks 9 hours ago