gimli server process monitoring fault analysis agenda
play

Gimli: Server Process Monitoring & Fault Analysis Agenda - PowerPoint PPT Presentation

Jan 23, 2023 •190 likes •484 views

Gimli: Server Process Monitoring & Fault Analysis Agenda What problem does Gimli solve? How does it work? How can I leverage Gimli? Where can I get Gimli? How can I contribute to Gimli? 2 The Setting

  1. Gimli: Server Process Monitoring & Fault Analysis

  2. Agenda • What problem does Gimli solve? • How does it work? • How can I leverage Gimli? • Where can I get Gimli? • How can I contribute to Gimli? 2




  3. The Setting • You have software deployed in Production • Production: – has stability and/or downtime requirements – May prohibit gdb and interactive debugging tools for security purposes – May be at the other end of a VPN and/or be subject to draconian access policies 3




  4. The Problem • Your software is manifesting a crash/hang problem in Production • Can’t use gdb: – Takes too long to poke around – May not be able to run gdb • Getting a usable core file is hard: – Big server processes leave big cores – Can’t debug the core on the box – Can’t get the core back to your box • How can you effectively get a bead on the issue? 4




  5. Gimli – a solution in 2 parts • Monitor: supervises your target process – Optional watchdog support via heartbeat – If a fault is detected (crash, hang) invokes the analysis component, then re-spawns the target process • Glider (the analyzer): – Pstack on steroids – DWARF-3 assisted stack unwinding – Full backtrace and deep structure printing – Optional extension modules to augment trace • Runs on: Linux, Solaris, Darwin OS/X. – i386, x86_64/amd64. – Incomplete support for Solaris Sparc (mostly there!) 5




  6. The Gimli Monitor • A bit like “init”, but focused on a single process • Detaches from the terminal and establishes a new session • Spawns the child process and monitors: – Did the child exit abnormally (signalled)? – Did the child get STOP’d? – If the child opted in to hearbeat, did its heart stop beating? • If one of these conditions triggers, and the process is still running, the Glider is invoked • The process is then respawned (and throttled if respawning too fast) 6




  7. Monitor options • All options can be command line, environmental or in a config file • Watchdog interval – heart must beat at least once in this many seconds • Detach, setstid: alter daemonizing behavior • Trace-dir – where to record trace files • Pidfile – where to store pidfile • Uid, gid – setuid/setgid to the specified user before spawning the child • Respawn-frequency – brake on respawning to avoid hammering the system 7




  8. Heart beat • Monitor assumes that the child does not support heartbeat until it beats at least once • Two mechanisms for heart beat: – Simple: kill(getppid(), SIGUSR1) • Easy for scripts to implement – Shared Memory via libgimli: • hb = gimli_heartbeat_attach() • gimli_heartbeat_set(hb, GIMLI_HB_RUNNING); 8




  9. Effective Heart beat • Intended to issue one heart beat per iteration of the main loop in your app • If it stops ticking over at least once every watchdog interval (60 seconds by default), it is deemed to have hanged • Generally not good to heart beat inside utility functions; better to keep it at the higher level in the app to avoid false negatives • Exception to this rule might be an infrequent but long running function 9




  10. Trapping Faults • If you don’t install a signal handler, the Monitor won’t be able to trap a fault and generate a trace • libgimli provides a gimli_establish_signal_handlers() to set up suitable fault trapping • Handler: – Clears signal handler so a double fault will kill us – SIGSTOP’s self; monitor is notified via SIGCHLD – When it resumes, calls an application supplied shutdown hook – Sends the faulting signal to itself so that it terminates abnormally 10




  11. Tracing • When the Monitor decides that the child is dead, it initiates tracing • Creates a file named appname.pid.trc in the specified trace dir (default: /tmp) • Emits a header describing the reason for the fault and when it happened • Spawns Glider and has its output append to the trace file 11




  12. Trace Header This is a trace file generated by Gimli. Process: pid=6704 /path/to/faulty‐app Traced because: fault detected Time of trace: (1278702746) Fri Jul 9 15:12:26 2010 Invoking trace program: /opt/msys/gimli/bin/glider 12




  13. The Gimli Glider • Name comes from a combination of well known Dwarf and Elf fantasy literature and an incident in Manitoba where an aircraft ran out of fuel • Fundamental purpose is to get a stack trace of all threads in the target process in a human readable form • Uses DWARF-3 debugging information – gcc -gdwarf-2 -g3 • Extracts siginfo from signal trampolines to show more detail about the fault 13




  14. Example partial trace Thread 0 (LWP 6704) #0 0x00000035ad69a1a1 /lib64/libc‐2.5.so`nanosleep+41 #1 0x00000035ad699fc3 /lib64/libc‐2.5.so`sleep+93 #2 0x00002b029434bde6 /opt/msys/3rdParty/lib/perl5/5.10.0/x86_64‐linux‐thread‐ multi/CORE/libperl.so`Perl_pp_sleep+56 (pp_sys.c:4525) PerlInterpreter *my_perl = 0x6ff2010 (/opt/msys/3rdParty/bin/perl`0x6ff2010) [deref'ing my_perl] PerlInterpreter @ 0x6ff2010 = { SV **Istack_sp = 0x71938c8 (/opt/msys/3rdParty/bin/perl`0x71938c8) OP *Iop = 0x7cd8f30 (/opt/msys/3rdParty/bin/perl`0x7cd8f30) SV **Icurpad = 0x7019fc0 (/opt/msys/3rdParty/bin/perl`0x7019fc0) SV **Istack_base = 0x71938c0 (/opt/msys/3rdParty/bin/perl`0x71938c0) SV **Istack_max = 0x71958a8 (/opt/msys/3rdParty/bin/perl`0x71958a8) I32 *Iscopestack = 0x76331c0 (/opt/msys/3rdParty/bin/perl`0x76331c0) I32 Iscopestack_ix = 5 (0x5) I32 Iscopestack_max = 108 (0x6c) 14




  15. Glider vs pstack • Pstack is terse, does not include file:line info • Glider is verbose (full backtrace) • Glider is extensible 15




  16. Extending Glider • It is often necessary to get more than just a stack trace out of a faulting application • Want a readable snapshot of important datastructures like: – Circular log buffer – Stats – State machine dumps – Memory utilization • Glider provides an API for extracting this type of data from your process 16




  17. Gimli Modules • Gimli modules are shared objects that are loaded and executed by the glider process, not the target, faulting process • Glider examines the mapped objects in the target process and locates corresponding gimli modules. • Example: if I link against libfoo.so, gimli looks for a gimli_libfoo.so • If a module in the target has a “gimli_tracer_module_name” symbol, it is interpreted as the name of a module to load in the glider instead 17




  18. Glider Modules • Gimli modules export a function named “gimli_ana_init” which is invoked when the module is loaded into the Glider • It is expected to return a Gimli module structure that allows the module to hook into aspects of the tracing • When all the modules have been loaded, the trace begins • Can intercept each threads trace and each frame of the trace – Can either emit additional info or suppress the item • After the stack trace, modules have their generic tracing hook invoked to allow arbitrary other data to be emitted 18




  19. Glider API: libgimli_ana.h • Provides functions that: – resolve symbols – Reverse map an address to a symbol – Copy memory from the target process – Copy a string from the target process – Get source (file:line) information for an address – Examine DWARF parameter information for a named parameter in a given stack frame 19




  20. Extracting data from globals • Given the following global data in the target, how can I print it out in my Gimli module? char *my_str_ptr = “hello”; int my_int; char my_str[1024]; struct foo { int value; } my_foo; struct foo *my_foo_ptr = &my_foo; 20




  21. static void perform_trace(const struct gimli_ana_api *api, const char *object) { // First the string pointer char *s = api‐>get_string_symbol(object, “my_str_ptr”); printf(“%s\n”, s ? s : “null”); 21




  22. // Now the int. The 0 below means don’t deref int ival; if (api‐>copy_from_symbol(object, “my_int”, 0, &ival, sizeof(ival)) { printf(“my_int: %d\n”, ival); } 22




  23. // Now the string buffer char buf[1024]; if (api‐>copy_from_symbol(object, “my_str”, 0, &buf, sizeof(buf)) { printf(“my_str: %s\n”, buf); } 23




  24. // Now the foo struct; you need to #include its // definition, or re‐declare it here struct foo f; if (api‐>copy_from_symbol(object, “my_foo”, 0, &f, sizeof(f)) { printf(“foo.value: %d\n”, f.value); } if (api‐>copy_from_symbol(object, “my_foo_ptr”, 1, &f, sizeof(f)) { // 1 = deref once printf(“foo_ptr‐>value: %d\n”, f.value); } 24




  25. Making an address human readable // Some address I plucked from the target void *addr = ???; // What is the closest symbol? char buf[1024]; printf(“%p = %s\n”, addr, api‐>sym_name(addr, buf, sizeof(buf)); // Gives: 0x00000035ad699fc3 = /lib64/libc‐2.5.so`sleep+93 25




  26. File:line info // if it is code, what’s the file and line? int line; if (api‐>get_source_info(addr, buf, sizeof(buf), &line)) { printf(“%p => %s:%d\n”, addr, buf, line); } 26




Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Batch Modeling and Process Monitoring Geir Rune Flten Agenda CAMO Batch analysis

Batch Modeling and Process Monitoring Geir Rune Flten Agenda CAMO Batch analysis

Batch Modeling and Process Monitoring Geir Rune Flten Agenda CAMO Batch analysis background Challenges CAMOs approach Example Alternative strategies Demo Next Steps We Develop Multivariate Data Analysis

683 views • 37 slides
CH NG 8: FAULT TOLERANCE TS. Tr n H i Anh Content 2 1. Introduction to fault

CH NG 8: FAULT TOLERANCE TS. Tr n H i Anh Content 2 1. Introduction to fault

1 Tr n H i Anh Distributed System CH NG 8: FAULT TOLERANCE TS. Tr n H i Anh Content 2 1. Introduction to fault tolerance 2. Process resilience 3. Reliable client-Server Communication 4. Reliable Group Communication 5.

966 views • 50 slides
Cryptanalysis Results on the NIST Candidate Gimli (WIP) Antonio Flrez Gutirrez, Gatan

Cryptanalysis Results on the NIST Candidate Gimli (WIP) Antonio Flrez Gutirrez, Gatan

Cryptanalysis Results on the NIST Candidate Gimli (WIP) Antonio Flrez Gutirrez, Gatan Leurent, Mara Naya-Plasencia, Lo Perrin, Andr Schrottenloher, Ferdinand Sibleyras Inria, France Context Gimli is a permutation proposed by

529 views • 7 slides
Forensic analysis of a Linux web server 1 www.nbs-system.com Agenda Who are we ? Performing

Forensic analysis of a Linux web server 1 www.nbs-system.com Agenda Who are we ? Performing

Mathieu Deous Julien Reveret Forensic analysis of a Linux web server 1 www.nbs-system.com Agenda Who are we ? Performing forensic analysis on a compromised web server What to search, where, how ? Logs but also dynamic analysis What

603 views • 28 slides
DB server limits (process/sessions) DB server limits (process/sessions) Carlos Fernando Gamboa,

DB server limits (process/sessions) DB server limits (process/sessions) Carlos Fernando Gamboa,

DB server limits (process/sessions) DB server limits (process/sessions) Carlos Fernando Gamboa, BNL Andrew Wong, TRIUMF WLCG Collaboration Workshop, CERN Geneva, April 2008. DB server limits (process/sessions) DB server limits

472 views • 21 slides
On the Use of Extents Material Balance Equations Energy Balance for Process Monitoring and

On the Use of Extents Material Balance Equations Energy Balance for Process Monitoring and

Extents for Process Monitoring Motivation Problem Statement System Description On the Use of Extents Material Balance Equations Energy Balance for Process Monitoring and Fault Diagnosis Equations Transformation to Vessel Extents

692 views • 19 slides
JUST ONE FAULT Persistent Fault Analysis on Block Ciphers Shivam Bhasin Temasek Labs @ NTU ASK

JUST ONE FAULT Persistent Fault Analysis on Block Ciphers Shivam Bhasin Temasek Labs @ NTU ASK

JUST ONE FAULT Persistent Fault Analysis on Block Ciphers Shivam Bhasin Temasek Labs @ NTU ASK 2018, Kolkata, India 15 Nov 2018 Table of Contents 1. Introduction to Fault Attacks 2. Persistent Fault Analysis (PFA) 3. PFA on Fault

588 views • 19 slides
Securing RSA against Fault Analysis by Double Addition Chain Exponentiation Matthieu Rivain

Securing RSA against Fault Analysis by Double Addition Chain Exponentiation Matthieu Rivain

Securing RSA against Fault Analysis by Double Addition Chain Exponentiation Matthieu Rivain Oberthur Technologies & Univ. of Luxembourg 04/24/09 | Session ID: CRYP-403 Session Classification: Agenda RSA and Fault Analysis A New

421 views • 27 slides
A Fault Tolerant Virtualization Server Based on Xen Jrgen Gro Virtualization Kernel

A Fault Tolerant Virtualization Server Based on Xen Jrgen Gro Virtualization Kernel

A Fault Tolerant Virtualization Server Based on Xen Jrgen Gro Virtualization Kernel Developer SUSE Linux GmbH, jgross@suse.com Status Quo Standard Xen Virtualization Server dom0 HVM pv Net- Block- xenstore qemu backend backend

421 views • 23 slides
Differential Fault Analysis of HC-128 Aleksandar Kircanski and Amr M. Youssef AFRICACRYPT 2010

Differential Fault Analysis of HC-128 Aleksandar Kircanski and Amr M. Youssef AFRICACRYPT 2010

Differential Fault Analysis of HC-128 Differential Fault Analysis of HC-128 Aleksandar Kircanski and Amr M. Youssef AFRICACRYPT 2010 May 03-06, 2010, Stellenbosch, South Africa Differential Fault Analysis of HC-128 Outline Fault analysis

374 views • 24 slides
JVM Web Application Metrics & Monitoring FOLIO @krrrr38 2 3 1. 2. 3. JVM Web

JVM Web Application Metrics & Monitoring FOLIO @krrrr38 2 3 1. 2. 3. JVM Web

JVM Web Application Metrics & Monitoring FOLIO @krrrr38 2 3 1. 2. 3. JVM Web Application 4 5 Metrics 6 Metrics JVM http JMX jcmd, jstat, ... 7 Metrics server/process pull /push 8 pull /push push server -(process)->

528 views • 36 slides
Monitoring your CSS Hardware Alan Lechtenberg University of Washington Can I Monitoring my CSS

Monitoring your CSS Hardware Alan Lechtenberg University of Washington Can I Monitoring my CSS

I Didnt Know You Could Do That Monitoring your CSS Hardware Alan Lechtenberg University of Washington Can I Monitoring my CSS Hardware? Youve licensed a CSS machine running on your Dell server. How will you know if the server is

122 views • 11 slides
Fault-Tolerant Data Collection in Fault-Tolerant Data Collection in Heterogeneous Intelligent

Fault-Tolerant Data Collection in Fault-Tolerant Data Collection in Heterogeneous Intelligent

Fault-Tolerant Data Collection in Fault-Tolerant Data Collection in Heterogeneous Intelligent Monitoring Networks Networks Heterogeneous Intelligent Monitoring Jing Deng Department of Computer Science University of North Carolina at

335 views • 18 slides
INFRASTRUCTURE Fault Detection at Scale INFRASTRUCTURE Giacomo Bagnoli Production Engineer, PE

INFRASTRUCTURE Fault Detection at Scale INFRASTRUCTURE Giacomo Bagnoli Production Engineer, PE

INFRASTRUCTURE Fault Detection at Scale INFRASTRUCTURE Giacomo Bagnoli Production Engineer, PE Network Monitoring Monitoring the network How and what NetNORAD NFI Agenda TTLd Netsonar Lessons learned

554 views • 34 slides
Nonlinear Autoregressive with Exogenous Wathiq R Abed #UDT2019 Outline Aim of Fault

Nonlinear Autoregressive with Exogenous Wathiq R Abed #UDT2019 Outline Aim of Fault

Unmanned Marine Vehicles Motor Fault Classifier Based on Nonlinear Autoregressive with Exogenous Wathiq R Abed #UDT2019 Outline Aim of Fault diagnosis and condition monitoring Task Major Faults in electrical Machines Fault

274 views • 9 slides
Can Fault Tree Analysis Technique Resolve Fault Isolation Ambiguity? Alpana Gangopadhyaya

Can Fault Tree Analysis Technique Resolve Fault Isolation Ambiguity? Alpana Gangopadhyaya

Reliability Maintenance and Managing Risk Conference 2019 Can Fault Tree Analysis Technique Resolve Fault Isolation Ambiguity? Alpana Gangopadhyaya Supportability Systems Engineer Northrop Grumman Alpana.Gangopadhyaya@ngc.com Phone Number

466 views • 18 slides
6/12/2014 Social norms theoretical background Basic elements of social norms campaign

6/12/2014 Social norms theoretical background Basic elements of social norms campaign

6/12/2014 Social norms theoretical background Basic elements of social norms campaign development Casa Grande approach Cindy Schaider, Executive Director Results Breanna Boland, Program Director Correct youth misperceptions

397 views • 10 slides
A preview of the DGiT research I want to share two things with you today 1. . A general l

A preview of the DGiT research I want to share two things with you today 1. . A general l

A preview of the DGiT research I want to share two things with you today 1. . A general l overvie iew of f th the DGiT iT rese search resu sult lts 2. . So Some example les of f how you can use se th the rese search Before we

646 views • 35 slides
Ap April 2018 2018 Me Meeting EAA CHAPTER 643 APRIL MONTHLY MEETING (3/16/2018) YOUNG EAGLES

Ap April 2018 2018 Me Meeting EAA CHAPTER 643 APRIL MONTHLY MEETING (3/16/2018) YOUNG EAGLES

Ap April 2018 2018 Me Meeting EAA CHAPTER 643 APRIL MONTHLY MEETING (3/16/2018) YOUNG EAGLES Planning is well advanced for Young Eagles Rally on Saturday April 21 st , Sky Manor Airport. See slide for list of volunteer pilots and ground

103 views • 9 slides
Creating pathways for youth travel Jenny Mitchell Industry Services Specialist Tourism NSW

Creating pathways for youth travel Jenny Mitchell Industry Services Specialist Tourism NSW

Creating pathways for youth travel Jenny Mitchell Industry Services Specialist Tourism NSW February 10, 2011 Tourism NSW Tourism NSW promotes and supports the development of sustainable tourist destinations and experiences, by:

370 views • 14 slides
Why bother to enhance teams Session 2. It's always better when we're together! Collaboration

Why bother to enhance teams Session 2. It's always better when we're together! Collaboration

Why bother to enhance teams Session 2. It's always better when we're together! Collaboration and co- teaching can work, but what are the essential ingredients to empower and enable your team to be the best they can be? Year 3! Year 1!

743 views • 46 slides
HEALTHWAYS: Presentation to Healthways Shareholders THE CASE FOR CHANGE April 2014 DISCLAIMER

HEALTHWAYS: Presentation to Healthways Shareholders THE CASE FOR CHANGE April 2014 DISCLAIMER

HEALTHWAYS: Presentation to Healthways Shareholders THE CASE FOR CHANGE April 2014 DISCLAIMER T H I S P R E S E N T A T I O N I S F O R D I S C U S S I O N A N D G E N E R A L I N F O R M A T I O N A L P U R P O S E S O N L Y . I T

500 views • 48 slides
Inspiring minds. Shaping Futures. Inspiring minds. Shaping futures.

Inspiring minds. Shaping Futures. Inspiring minds. Shaping futures.

Inspiring minds. Shaping Futures. Inspiring minds. Shaping futures. Alison Mike Hill Woodcock Principal Pastoral Director Inspiring minds. Shaping Futures. Review 1 Tuesday 31 st October 1pm to

739 views • 41 slides
Unive rsity I ndustry Go ve rnme nt Co lla b o ra tio n: Ne xt g e ne ra tio n Ne w Me

Unive rsity I ndustry Go ve rnme nt Co lla b o ra tio n: Ne xt g e ne ra tio n Ne w Me

Unive rsity I ndustry Go ve rnme nt Co lla b o ra tio n: Ne xt g e ne ra tio n Ne w Me xic o e ne rg y e mpo we rme nt Adva nc e d T e c hno lo g y Ma na g e me nt Se pte mb e r 19, 2019 2 T o da y s Pro g ra m Unive r

375 views • 20 slides

More recommend