一个hard lockup的vmcore实例解析

最新推荐文章于 2023-04-12 15:44:19 发布
最新推荐文章于 2023-04-12 15:44:19 发布
阅读量1.1k 收藏 2
点赞数 1
分类专栏: linux 工具 文章标签: vmcore crash kdump hardlockup
版权声明:本文为博主原创文章,遵循 CC 4.0 BY-SA 版权协议,转载请附上原文出处链接和本声明。
本文链接:https://blog.youkuaiyun.com/hzj_001/article/details/95235761
版权

Hard lockup occurs due to an infinite loop encountered in distribute_cfs_runtime()
环境
Red Hat Enterprise Linux 7.3 (kernel-3.10.0-514.el7.x86_64)
问题
Hard lockup occurs due to an infinite loop encountered in distribute_cfs_runtime()
Raw
[ 1432.242810] Kernel panic - not syncing: Hard LOCKUP
[ 1432.242829] CPU: 25 PID: 0 Comm: swapper/25 Not tainted 3.10.0-514.el7.x86_64 #1
[ 1432.242855] Hardware name: Cisco Systems Inc UCSC-C220-M4S/UCSC-C220-M4S, BIOS C220M4.2.0.3d.0.111120141447 11/11/2014
[ 1432.242891]  ffffffff818d9764 b7b1a7a2bef0fc23 ffff88105f445b18 ffffffff81685eac
[ 1432.242921]  ffff88105f445b98 ffffffff8167f2b3 0000000000000010 ffff88105f445ba8
[ 1432.242951]  ffff88105f445b48 b7b1a7a2bef0fc23 ffff88105f445ba8 ffffffff818d946a
[ 1432.242980] Call Trace:
[ 1432.242991]  <NMI>  [<ffffffff81685eac>] dump_stack+0x19/0x1b
[ 1432.243018]  [<ffffffff8167f2b3>] panic+0xe3/0x1f2
[ 1432.243039]  [<ffffffff8108562f>] nmi_panic+0x3f/0x40
[ 1432.243059]  [<ffffffff8112f0e6>] watchdog_overflow_callback+0xf6/0x100
[ 1432.243085]  [<ffffffff8117465e>] __perf_event_overflow+0x8e/0x1f0
[ 1432.243108]  [<ffffffff811752a4>] perf_event_overflow+0x14/0x20
[ 1432.243132]  [<ffffffff81009d88>] intel_pmu_handle_irq+0x1f8/0x4e0
[ 1432.243156]  [<ffffffff81319d7c>] ? ioremap_page_range+0x27c/0x3e0
[ 1432.243179]  [<ffffffff811bedf4>] ? vunmap_page_range+0x1c4/0x310
[ 1432.243202]  [<ffffffff811bef51>] ? unmap_kernel_range_noflush+0x11/0x20
[ 1432.243227]  [<ffffffff813c93d4>] ? ghes_copy_tofrom_phys+0x124/0x210
[ 1432.243252]  [<ffffffff813c9560>] ? ghes_read_estatus+0xa0/0x190
[ 1432.243275]  [<ffffffff8168daeb>] perf_event_nmi_handler+0x2b/0x50
[ 1432.243298]  [<ffffffff8168ef19>] nmi_handle.isra.0+0x69/0xb0
[ 1432.243320]  [<ffffffff8168f093>] do_nmi+0x133/0x410
[ 1432.243339]  [<ffffffff8168e353>] end_repeat_nmi+0x1e/0x2e
[ 1432.243360]  [<ffffffff8168d812>] ? _raw_spin_lock+0x32/0x50
[ 1432.243381]  [<ffffffff8168d812>] ? _raw_spin_lock+0x32/0x50
[ 1432.243402]  [<ffffffff8168d812>] ? _raw_spin_lock+0x32/0x50
[ 1432.243422]  <<EOE>>  <IRQ>  [<ffffffff810d100b>] unthrottle_cfs_rq+0x4b/0x170
[ 1432.243453]  [<ffffffff810d12e2>] distribute_cfs_runtime+0xf2/0x100
[ 1432.243476]  [<ffffffff810d147f>] sched_cfs_period_timer+0xcf/0x160
[ 1432.243499]  [<ffffffff810d13b0>] ? sched_cfs_slack_timer+0xc0/0xc0
[ 1432.243523]  [<ffffffff810b4862>] __hrtimer_run_queues+0xd2/0x260
[ 1432.243546]  [<ffffffff810b4e00>] hrtimer_interrupt+0xb0/0x1e0
[ 1432.243569]  [<ffffffff810510d7>] local_apic_timer_interrupt+0x37/0x60
[ 1432.243594]  [<ffffffff81698bcf>] smp_apic_timer_interrupt+0x3f/0x60
[ 1432.243617]  [<ffffffff8169711d>] apic_timer_interrupt+0x6d/0x80
[ 1432.243638]  <EOI>  [<ffffffff81513f52>] ? cpuidle_enter_state+0x52/0xc0
[ 1432.243665]  [<ffffffff81514099>] cpuidle_idle_call+0xd9/0x210
[ 1432.243688]  [<ffffffff8103516e>] arch_cpu_idle+0xe/0x30
[ 1432.243709]  [<ffffffff810e7c95>] cpu_startup_entry+0x245/0x290
[ 1432.243732]  [<ffffffff8104f12a>] start_secondary+0x1ba/0x230
The following backtrace observed from the panic task:
Raw
crash> bt
PID: 0      TASK: ffff8808fce38fb0  CPU: 25  COMMAND: "swapper/25"
 #0 [ffff88105f4459f0] machine_kexec at ffffffff81059cdb
 #1 [ffff88105f445a50] __crash_kexec at ffffffff81105182
 #2 [ffff88105f445b20] panic at ffffffff8167f2ba
 #3 [ffff88105f445ba0] nmi_panic at ffffffff8108562f
 #4 [ffff88105f445bb0] watchdog_overflow_callback at ffffffff8112f0e6
 #5 [ffff88105f445bc8] __perf_event_overflow at ffffffff8117465e
 #6 [ffff88105f445c00] perf_event_overflow at ffffffff811752a4
 #7 [ffff88105f445c10] intel_pmu_handle_irq at ffffffff81009d88
 #8 [ffff88105f445e48] perf_event_nmi_handler at ffffffff8168daeb
 #9 [ffff88105f445e68] nmi_handle at ffffffff8168ef19
#10 [ffff88105f445eb0] do_nmi at ffffffff8168f093
#11 [ffff88105f445ef0] end_repeat_nmi at ffffffff8168e353
    [exception RIP: _raw_spin_lock+50]
    RIP: ffffffff8168d812  RSP: ffff88105f443e18  RFLAGS: 00000012
    RAX: 0000000000007f72  RBX: ffff88105aab1b00  RCX: 0000000000003f34
    RDX: 0000000000003f42  RSI: 0000000000003f42  RDI: ffff881058a79d48
    RBP: ffff88105f443e18   R8: 0000000000800008   R9: 0000000000000001
    R10: 0000000000018695  R11: 0000000000000000  R12: ffff8810537cd400
    R13: ffff88105f2d6c40  R14: ffff881058a79c00  R15: ffff881058a79d48
    ORIG_RAX: ffffffffffffffff  CS: 0010  SS: 0018
--- <NMI exception stack> ---
#12 [ffff88105f443e18] _raw_spin_lock at ffffffff8168d812
#13 [ffff88105f443e20] unthrottle_cfs_rq at ffffffff810d100b
#14 [ffff88105f443e58] distribute_cfs_runtime at ffffffff810d12e2
#15 [ffff88105f443ea0] sched_cfs_period_timer at ffffffff810d147f
#16 [ffff88105f443ed8] __hrtimer_run_queues at ffffffff810b4862
#17 [ffff88105f443f30] hrtimer_interrupt at ffffffff810b4e00
#18 [ffff88105f443f80] local_apic_timer_interrupt at ffffffff810510d7
#19 [ffff88105f443f98] smp_apic_timer_interrupt at ffffffff81698bcf
#20 [ffff88105f443fb0] apic_timer_interrupt at ffffffff8169711d
--- <IRQ stack> ---
#21 [ffff8808fce47da8] apic_timer_interrupt at ffffffff8169711d
    [exception RIP: cpuidle_enter_state+82]
    RIP: ffffffff81513f52  RSP: ffff8808fce47e50  RFLAGS: 00000206
    RAX: 0000014aa48e9400  RBX: 000000000000f8a0  RCX: 0000000000000018
    RDX: 0000000225c17d03  RSI: ffff8808fce47fd8  RDI: 0000014aa48e9400
    RBP: ffff8808fce47e78   R8: 000000000000608f   R9: 0000000000000018
    R10: 0000000000018695  R11: 0000000000000000  R12: ffff8808fce47e20
    R13: ffff88105f44f8e0  R14: 0000000000000082  R15: ffff88105f44f8e0
    ORIG_RAX: ffffffffffffff10  CS: 0010  SS: 0018
#22 [ffff8808fce47e80] cpuidle_idle_call at ffffffff81514099
#23 [ffff8808fce47ec0] arch_cpu_idle at ffffffff8103516e
#24 [ffff8808fce47ed0] cpu_startup_entry at ffffffff810e7c95
#25 [ffff8808fce47f28] start_secondary at ffffffff8104f12a
根源
There is a bug that should be fixed by a patch from upstream commit c06f04c70489b9deea3212af8375e2f0c2f0b184.

distribute_cfs_runtime() intentionally only hands out enough runtime to bring each cfs_rq to 1 ns of runtime, expecting the cfs_rqs to then take the runtime they need only once they actually get to run. However, if they get to run sufficiently quickly, the period timer is still in distribute_cfs_runtime() and no runtime is available, causing them to throttle. Then distribute has to handle them again, and this can go on until distribute has handed out all of the runtime 1ns at a time, which takes far too long.

诊断步骤
System Information:

Raw
crash> sys
      KERNEL: /cores/retrace/repos/kernel/x86_64/usr/lib/debug/lib/modules/3.10.0-514.el7.x86_64/vmlinux
    DUMPFILE: /cores/retrace/tasks/702709706/crash/vmcore  [PARTIAL DUMP]
        CPUS: 32
        DATE: Mon Nov 14 22:38:09 2016
      UPTIME: 00:23:52
LOAD AVERAGE: 4.69, 1.36, 0.50
       TASKS: 397
    NODENAME: somehost
     RELEASE: 3.10.0-514.el7.x86_64
     VERSION: #1 SMP Wed Oct 19 11:24:13 EDT 2016
     MACHINE: x86_64  (2400 Mhz)
      MEMORY: 63.9 GB
       PANIC: "Kernel panic - not syncing: Hard LOCKUP"
Backtrace of panic task:

Raw
crash> bt
PID: 0      TASK: ffff8808fce38fb0  CPU: 25  COMMAND: "swapper/25"
 #0 [ffff88105f4459f0] machine_kexec at ffffffff81059cdb
 #1 [ffff88105f445a50] __crash_kexec at ffffffff81105182
 #2 [ffff88105f445b20] panic at ffffffff8167f2ba
 #3 [ffff88105f445ba0] nmi_panic at ffffffff8108562f
 #4 [ffff88105f445bb0] watchdog_overflow_callback at ffffffff8112f0e6
 #5 [ffff88105f445bc8] __perf_event_overflow at ffffffff8117465e
 #6 [ffff88105f445c00] perf_event_overflow at ffffffff811752a4
 #7 [ffff88105f445c10] intel_pmu_handle_irq at ffffffff81009d88
 #8 [ffff88105f445e48] perf_event_nmi_handler at ffffffff8168daeb
 #9 [ffff88105f445e68] nmi_handle at ffffffff8168ef19
#10 [ffff88105f445eb0] do_nmi at ffffffff8168f093
#11 [ffff88105f445ef0] end_repeat_nmi at ffffffff8168e353
    [exception RIP: _raw_spin_lock+50]
    RIP: ffffffff8168d812  RSP: ffff88105f443e18  RFLAGS: 00000012
    RAX: 0000000000007f72  RBX: ffff88105aab1b00  RCX: 0000000000003f34
    RDX: 0000000000003f42  RSI: 0000000000003f42  RDI: ffff881058a79d48
    RBP: ffff88105f443e18   R8: 0000000000800008   R9: 0000000000000001
    R10: 0000000000018695  R11: 0000000000000000  R12: ffff8810537cd400
    R13: ffff88105f2d6c40  R14: ffff881058a79c00  R15: ffff881058a79d48
    ORIG_RAX: ffffffffffffffff  CS: 0010  SS: 0018
--- <NMI exception stack> ---
#12 [ffff88105f443e18] _raw_spin_lock at ffffffff8168d812
#13 [ffff88105f443e20] unthrottle_cfs_rq at ffffffff810d100b
#14 [ffff88105f443e58] distribute_cfs_runtime at ffffffff810d12e2
#15 [ffff88105f443ea0] sched_cfs_period_timer at ffffffff810d147f
#16 [ffff88105f443ed8] __hrtimer_run_queues at ffffffff810b4862
#17 [ffff88105f443f30] hrtimer_interrupt at ffffffff810b4e00
#18 [ffff88105f443f80] local_apic_timer_interrupt at ffffffff810510d7
#19 [ffff88105f443f98] smp_apic_timer_interrupt at ffffffff81698bcf
#20 [ffff88105f443fb0] apic_timer_interrupt at ffffffff8169711d
--- <IRQ stack> ---
#21 [ffff8808fce47da8] apic_timer_interrupt at ffffffff8169711d
    [exception RIP: cpuidle_enter_state+82]
    RIP: ffffffff81513f52  RSP: ffff8808fce47e50  RFLAGS: 00000206
    RAX: 0000014aa48e9400  RBX: 000000000000f8a0  RCX: 0000000000000018
    RDX: 0000000225c17d03  RSI: ffff8808fce47fd8  RDI: 0000014aa48e9400
    RBP: ffff8808fce47e78   R8: 000000000000608f   R9: 0000000000000018
    R10: 0000000000018695  R11: 0000000000000000  R12: ffff8808fce47e20
    R13: ffff88105f44f8e0  R14: 0000000000000082  R15: ffff88105f44f8e0
    ORIG_RAX: ffffffffffffff10  CS: 0010  SS: 0018
#22 [ffff8808fce47e80] cpuidle_idle_call at ffffffff81514099
#23 [ffff8808fce47ec0] arch_cpu_idle at ffffffff8103516e
#24 [ffff8808fce47ed0] cpu_startup_entry at ffffffff810e7c95
#25 [ffff8808fce47f28] start_secondary at ffffffff8104f12a
Analysis:

Raw
This unthrottle_cfs_rq() was all started from 'sched_cfs_period_timer()' which was in the follwoing while loop.

kernel/sched/fair.c

   3467 static int do_sched_cfs_period_timer(struct cfs_bandwidth *cfs_b, int overrun)
   3468 {

   [...]

   3519         while (throttled && runtime > 0) {
   3520                 raw_spin_unlock(&cfs_b->lock);
   3521                 /* we can't nest cfs_b->lock while distributing bandwidth */
   3522                 runtime = distribute_cfs_runtime(cfs_b, runtime,
   3523                                                  runtime_expires);
   3524                 raw_spin_lock(&cfs_b->lock);
   3525 
   3526                 throttled = !list_empty(&cfs_b->throttled_cfs_rq);
   3527         }

   [...]

crash> dis -lr ffffffff810d147f | tail
/usr/src/debug/kernel-3.10.0-514.el7/linux-3.10.0-514.el7.x86_64/kernel/sched/fair.c: 3520
0xffffffff810d1469 <sched_cfs_period_timer+185>:    mov    %r12,%rdi
0xffffffff810d146c <sched_cfs_period_timer+188>:    callq  0xffffffff8168d710 <_raw_spin_unlock>
/usr/src/debug/kernel-3.10.0-514.el7/linux-3.10.0-514.el7.x86_64/kernel/sched/fair.c: 3522
0xffffffff810d1471 <sched_cfs_period_timer+193>:    mov    %r13,%rsi
0xffffffff810d1474 <sched_cfs_period_timer+196>:    mov    %r15,%rdx
0xffffffff810d1477 <sched_cfs_period_timer+199>:    mov    %r12,%rdi
0xffffffff810d147a <sched_cfs_period_timer+202>:    callq  0xffffffff810d11f0 <distribute_cfs_runtime>
/usr/src/debug/kernel-3.10.0-514.el7/linux-3.10.0-514.el7.x86_64/kernel/sched/fair.c: 3524

   3423 static u64 distribute_cfs_runtime(struct cfs_bandwidth *cfs_b,
   3424                 u64 remaining, u64 expires)
   3425 {

crash> dis -lr ffffffff810d12e2 | head
/usr/src/debug/kernel-3.10.0-514.el7/linux-3.10.0-514.el7.x86_64/kernel/sched/fair.c: 3425
0xffffffff810d11f0 <distribute_cfs_runtime>:    nopl   0x0(%rax,%rax,1) [FTRACE NOP]
0xffffffff810d11f5 <distribute_cfs_runtime+5>:  push   %rbp
0xffffffff810d11f6 <distribute_cfs_runtime+6>:  mov    %rsp,%rbp
0xffffffff810d11f9 <distribute_cfs_runtime+9>:  push   %r15        <<<<<<<< runtime_expires
0xffffffff810d11fb <distribute_cfs_runtime+11>: push   %r14
0xffffffff810d11fd <distribute_cfs_runtime+13>: mov    %rdx,%r14
0xffffffff810d1200 <distribute_cfs_runtime+16>: push   %r13        <<<<<<<< runtime
0xffffffff810d1202 <distribute_cfs_runtime+18>: push   %r12        <<<<<<<< cfs_b
0xffffffff810d1204 <distribute_cfs_runtime+20>: mov    %rsi,%r12

#14 [ffff88105f443e58] distribute_cfs_runtime at ffffffff810d12e2
    ffff88105f443e60: ffff8810537cd500 b7b1a7a2bef0fc23 
    ffff88105f443e70: ffff881058a79d80 ffff881058a79d48 
                                          5th push
    ffff88105f443e80: 00000000bebc2000 ffff881058a79e40
                         4th push
    ffff88105f443e90: 0000014d2c58e112 ffff88105f443ed0 
                         2nd push
    ffff88105f443ea0: ffffffff810d147f 
#15 [ffff88105f443ea0] sched_cfs_period_timer at ffffffff810d147f


cfs_b             is ffff881058a79d48
runtime           is 00000000bebc2000
runtime_expires   is 0000014d2c58e112

It's checking if there is remaining runtime while throttle state is on.

How much runtime_remaining was remaining and how many runqueues were throttled?

crash> dis -lr ffffffff810d12e2 | tail
/usr/src/debug/kernel-3.10.0-514.el7/linux-3.10.0-514.el7.x86_64/kernel/sched/fair.c: 3447
0xffffffff810d12ce <distribute_cfs_runtime+222>:    test   %rdx,%rdx
/usr/src/debug/kernel-3.10.0-514.el7/linux-3.10.0-514.el7.x86_64/kernel/sched/fair.c: 3443
0xffffffff810d12d1 <distribute_cfs_runtime+225>:    mov    %rdx,0xd8(%r15)
/usr/src/debug/kernel-3.10.0-514.el7/linux-3.10.0-514.el7.x86_64/kernel/sched/fair.c: 3447
0xffffffff810d12d8 <distribute_cfs_runtime+232>:    jle    0xffffffff810d126f <distribute_cfs_runtime+127>
/usr/src/debug/kernel-3.10.0-514.el7/linux-3.10.0-514.el7.x86_64/kernel/sched/fair.c: 3448
0xffffffff810d12da <distribute_cfs_runtime+234>:    mov    %r15,%rdi
0xffffffff810d12dd <distribute_cfs_runtime+237>:    callq  0xffffffff810d0fc0 <unthrottle_cfs_rq>
0xffffffff810d12e2 <distribute_cfs_runtime+242>:    jmp    0xffffffff810d126f <distribute_cfs_runtime+127>

   3443                 cfs_rq->runtime_remaining += runtime;
   3444                 cfs_rq->runtime_expires = expires;
   3445 
   3446                 /* we check whether we're throttled above */
   3447                 if (cfs_rq->runtime_remaining > 0)
   3448                         unthrottle_cfs_rq(cfs_rq);

crash> dis -lr ffffffff810d100b | head
/usr/src/debug/kernel-3.10.0-514.el7/linux-3.10.0-514.el7.x86_64/kernel/sched/fair.c: 3379
0xffffffff810d0fc0 <unthrottle_cfs_rq>: nopl   0x0(%rax,%rax,1) [FTRACE NOP]
0xffffffff810d0fc5 <unthrottle_cfs_rq+5>:   push   %rbp
0xffffffff810d0fc6 <unthrottle_cfs_rq+6>:   mov    %rsp,%rbp
0xffffffff810d0fc9 <unthrottle_cfs_rq+9>:   push   %r15
0xffffffff810d0fcb <unthrottle_cfs_rq+11>:  push   %r14
0xffffffff810d0fcd <unthrottle_cfs_rq+13>:  push   %r13
0xffffffff810d0fcf <unthrottle_cfs_rq+15>:  push   %r12
0xffffffff810d0fd1 <unthrottle_cfs_rq+17>:  mov    %rdi,%r12
0xffffffff810d0fd4 <unthrottle_cfs_rq+20>:  push   %rbx

   3378 void unthrottle_cfs_rq(struct cfs_rq *cfs_rq)
   3379 {
   3380         struct rq *rq = rq_of(cfs_rq);
   3381         struct cfs_bandwidth *cfs_b = tg_cfs_bandwidth(cfs_rq->tg);
   3382         struct sched_entity *se;
   3383         int enqueue = 1;
   3384         long task_delta;

#13 [ffff88105f443e20] unthrottle_cfs_rq at ffffffff810d100b
    ffff88105f443e28: ffff88105f2d6c40 000000001426f50a 
    ffff88105f443e38: ffff881058a79e40 0000014d2c58e112 
    ffff88105f443e48: ffff8810537cd400 ffff88105f443e98 
                         2nd push
    ffff88105f443e58: ffffffff810d12e2 
#14 [ffff88105f443e58] distribute_cfs_runtime at ffffffff810d12e2

cfs_rq is ffff8810537cd400

How much runtime_remaining was remaining and how many runqueues were throttled?

crash> cfs_rq.runtime_remaining,runtime_expires ffff8810537cd400
  runtime_remaining = 1
  runtime_expires = 1430968131858

crash> cfs_rq.throttled_list ffff8810537cd400 -ox
struct cfs_rq {
  [ffff8810537cd500] struct list_head throttled_list;
}

crash> list -H ffff8810537cd500 -o cfs_rq.throttled_list -s cfs_rq.runtime_remaining |grep -c runtime
28

crash> list -H ffff8810537cd500 -o cfs_rq.throttled_list -s cfs_rq.throttled,runtime_remaining
ffff8810537cd600
  throttled = 1
  runtime_remaining = -1690
ffff8810537cdc00
  throttled = 1
  runtime_remaining = -1722
ffff8810537ce000
  throttled = 1
  runtime_remaining = -1616
ffff8810537ce600
  throttled = 1
  runtime_remaining = -1688
ffff8810537cc800
  throttled = 1
  runtime_remaining = -1820
ffff8810537cde00
  throttled = 1
  runtime_remaining = -1757
ffff8810537cf600
  throttled = 1
  runtime_remaining = -1848
ffff8800369ed400
  throttled = 1
  runtime_remaining = -2394
ffff8810537cc600
  throttled = 1
  runtime_remaining = -1758
ffff8810537cd200
  throttled = 1
  runtime_remaining = -1814
ffff8800369ee800
  throttled = 1
  runtime_remaining = -2395
ffff8810537cc200
  throttled = 1
  runtime_remaining = -1759
ffff8810537cf400
  throttled = 1
  runtime_remaining = -1682
ffff8810537cfa00
  throttled = 1
  runtime_remaining = -1912
ffff8810537cca00
  throttled = 1
  runtime_remaining = -1597
ffff8800369ec000
  throttled = 1
  runtime_remaining = -15057
ffff8800369eee00
  throttled = 1
  runtime_remaining = -14083
ffff8800369ed000
  throttled = 1
  runtime_remaining = -4009
ffff8800369ede00
  throttled = 1
  runtime_remaining = -5090
ffff8800369ed800
  throttled = 1
  runtime_remaining = -14091
ffff8800369ee000
  throttled = 1
  runtime_remaining = -3746
ffff8800369ee600
  throttled = 1
  runtime_remaining = -15879
ffff8800369efe00
  throttled = 1
  runtime_remaining = -3457
ffff8800369eda00
  throttled = 1
  runtime_remaining = -3742
ffff8800369eec00
  throttled = 1
  runtime_remaining = -4032
ffff8800369ee400
  throttled = 1
  runtime_remaining = -3386
ffff8800369ed600
  throttled = 1
  runtime_remaining = -3530
ffff881058a79d40
  throttled = 48
  runtime_remaining = 0

crash> pd 1690 + 1722 + 1616 + 1688 + 1820 + 1757 + 1848 + 2394 + 1758 + 1814 + 2395 + 1759 + 1682 + 1912 + 1597 + 15057 + 14083 + 4009 + 5090 + 14091 + 3746 + 15879 + 3457 + 3742 + 4032 + 3386 + 3530
$1 = 117554

As shown above, the total runtime_remaining from each throttled runqueue was 117554. 

However if we are checking remaining runtime which had in local variable in distribute_cfs_runtime() function was 338097418.

/usr/src/debug/kernel-3.10.0-514.el7/linux-3.10.0-514.el7.x86_64/kernel/sched/fair.c: 3438
0xffffffff810d12be <distribute_cfs_runtime+206>:        sub    %rcx,%rdx
0xffffffff810d12c1 <distribute_cfs_runtime+209>:        cmp    %rdx,%r12
0xffffffff810d12c4 <distribute_cfs_runtime+212>:        cmovbe %r12,%rdx
/usr/src/debug/kernel-3.10.0-514.el7/linux-3.10.0-514.el7.x86_64/kernel/sched/fair.c: 3441
0xffffffff810d12c8 <distribute_cfs_runtime+216>:        sub    %rdx,%r12

   3438                 runtime = -cfs_rq->runtime_remaining + 1;
   3439                 if (runtime > remaining)
   3440                         runtime = remaining;
   3441                 remaining -= runtime;

#13 [ffff88105f443e20] unthrottle_cfs_rq at ffffffff810d100b
    ffff88105f443e28: ffff88105f2d6c40 000000001426f50a <<<<<<<< %r12 (remaining runtime)
    ffff88105f443e38: ffff881058a79e40 0000014d2c58e112 
    ffff88105f443e48: ffff8810537cd400 ffff88105f443e98 
    ffff88105f443e58: ffffffff810d12e2 
#14 [ffff88105f443e58] distribute_cfs_runtime at ffffffff810d12e2

crash> pd 0x000000001426f50a
$2 = 338097418

The value is much bigger than the total runtime_remaining from each cfs_rq. Also, throttled_list is also not empty.

crash> cfs_bandwidth.throttled_cfs_rq ffff881058a79d48
  throttled_cfs_rq = {
    next = 0xffff8810537cd500, 
    prev = 0xffff8800369ed700
  }

crash> list 0xffff8810537cd500 | wc -l
29

Consequently, it made the kernel in the while loop which was unable to break out as the local runtime_remaining was much bigger than the sum of each runqueue's runtime_remaining.

It's matching the bug that should be fixed by applying a patch from upstream commit c06f04c70489b9deea3212af8375e2f0c2f0b184.

参考:https://access.redhat.com/solutions/2786591

【ARM Linux 系统稳定性分析入门及渐进 2 -- Kernel Lockup
CodingCos的博客
12-01 1721
Softlockup用于检测系统调度是否正常,即软锁的情况,当发生Softlockup时,内核不能调度,但还能响应中断,使系统呈现 “软 hung 死的状态”(CPU 上还是有程序在跑着,就是没法让别人来抢占它了而已,所以用户看起来系统不能切换任务了,像 hung 死了一样。主要是发现某个 cpu 因为长期的情况。由于某种原因导致系统处于内核态超过10s导致中断无法运行(hard lockup)。
时间子系统17_hard lockup机制
奔跑的Linerdx的专栏
11-28 3002
// 使能hard lockup探测 // 调用路径:watchdog_enable->watchdog_nmi_enable // 函数任务: // 1.初始化hard lockup检测事件 // 2.hard lockup阈值为10s // 2.向performance monitoring子系统注册hard lockup检测事件 // 3.使能hard lockup检测事件 //
openEuler 20.03 LTS SP3 4.19.90内核与标准版4.19.113内核 distribute_cfs_runtime代码差异对比 ARM64
hknaruto的专栏
04-12 2467
_lockfunc。
【Linux内核调试-dump_stack】
cddchina的专栏
06-07 1451
Linux内核调试
使用 ftrace 来跟踪系统问题 - ftrace 介绍
weixin_42082222的博客
01-22 1248
使用 ftrace 来跟踪系统问题 - ftrace 介绍  siddontang  关注 2018.07.15 10:44 字数 1476 阅读 1447评论 0喜欢 10 虽然之前一直听说过 ftrace,但从来没将它用在实战中,在一次客户排查问题中,遇到了比较奇怪的现象,一位精通内核的朋友建议使用 ftrace 来定位一下。虽然那一次并没有使用 ftrace,但也让我觉得,后面我们势必...
Linux死锁调试之hardlockup
Kris Fei's blog
05-05 7376
Kernel branch: 3.0.35 概要: hardlockup用于检测进入中断之后导致死锁的情况。 原理: 利用了NMI(非屏蔽中断)不能被屏蔽的特性,也就是说系统即使中断死锁后NMI也能被触发。 如果中断正常,hrtimer会定期被调用而去更新计数变量hrtimer_interrupts, 而NMI中断函数后 也会定期判断此值有没有变化,如果没有变化说明中断
kernel.hardlockup_all_cpu_backtrace = 0
最新发布
07-13
对于您提到的 `kernel.hardlockup_all_cpu_backtrace` 参数,它是一个内核参数,用于控制当系统出现硬锁定(hard lockup)时是否记录所有CPU的回溯信息。 硬锁定是指系统的所有CPU都处于无法响应的状态,不再执行...
关于panic之LOCKUP
qq125480341的博客
01-03 1155
配置: cat /proc/sys/kernel/hung_task_panic    软中断 , 内核中有进程进入了死循环,结束不了,或执行时间过长。 cat /proc/sys/kernel/nmi_watchdog     硬中断   PANIC: "Kernel panic - not syncing: Watchdog detected hard LOCKUP on cpu 2"
Linux打印内核函数调用栈(dump_stack)
SweeNeil
03-01 1万+
在Linux内核中提供了一个可以打印出内核调用堆栈的函数 dump_stack() 该函数在我们调试内核的过程中可以打印出函数调用关系,该函数可以帮助我们进行内核调试,以及让我们了解内核的调用关系。 该函数头文件为: #include &lt;asm/ptrace.h&gt; 使用方式: 直接在想要查看的函数中添加 dump_stack(); 案例: 随便写了一个模块test....
如何手动触发物理机panic,并产生vmcore
weixin_34275734的博客
09-29 1916
如何手动触发物理机panic,并产生vmcore? 1. 配置kdump 1.1 el6 如果是CentOS 6 则编辑/boot/grub/grub.conf配置在内核参数中添加 crashkernel=auto 类似如下 kernel /vmlinuz-2.6.32-xxx.el6.x86_64 ro root=LABEL=/ crashkernel=auto ... 1.2 el7 如果是C...
Linux 开机提示kernel panic...解决方法
热门推荐
ForeverDWYW的博客
05-17 1万+
原因极可能是:“在设置selinux的时候,是不是位置写错了,应该修改SELINUX行,而不是SELINUXTYPE”问题:开机提示“Kernel panic - not syncing: Attempted to kill init!” 解决方案:1、强制重启,编辑grub启动选项,按E键,选中kernel开头的行,再按E键,在最后添加enforcing=0,2、按B键重启,3、系统正常启动后,...
【19】简单、通用、详细---PCIEAER的蒙代尔不可能三角,怎么禁止AER的firmware first mode
linjiasen的博客
04-11 4210
https://github.com/torvalds/linux/blob/master/Documentation/PCI/pcieaer-howto.txt pcieaer-howto.txt里面有一句话,比较有意思。 有些系统的firmware支持AER功能,如果linux使能AER的同时,firmware也来处理AER,将可能导致无法预知的行为。因此,linux不会处理AER事件,除非f...
CFS进程组的cpu带宽限制
weixin_37948055的博客
08-13 1252
前文我们分析了实时进程组的带宽限制,本文将顺着前文的思路继续分析cfs进程组的带宽限制,由此进一步体会linux进程调度设计的优雅细节。 1. 数据结构描述 1.1 struct task_group 这是描述进程组的数据结构,我们现在只列出带宽限制的相关成员: (1)当前进程组在各CPU上的cfs调度实体描述,数组长度是CPU的颗数。 (2)当前进程组在各CPU上用于组织自己内部的就绪cfs调度实体的红黑树,数组长度也是CPU颗数。 (3)当前CPU的权重,用于调度实体之间按权重比例分配CPU时间。
【内核调度、调度组】【bandwidth throttle】
勿于浮沙筑高台
07-22 999
cfs bandwidth是针对task_group的配置,一个task_group的bandwidth使用一个struct cfs_bandwidth *cfs_b数据结构来控制 struct cfs_bandwidth struct cfs_bandwidth { #ifdef CONFIG_CFS_BANDWIDTH raw_spinlock_t lock; /*cfs bandwidth的监控周期,默认值是default_cfs_period() 0.1s */ ktime_.
服务器突然Out of memory的问题排查
坤哥的学习笔记
09-08 1万+
Out of memory: Kill process 19650 (java) score 940 or sacrifice child
评论
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值