一次死锁实战rwsem

最新推荐文章于 2023-07-16 12:07:22 发布
最新推荐文章于 2023-07-16 12:07:22 发布
阅读量1.4k 收藏 3
点赞数
文章标签: Android
版权声明:本文为博主原创文章,遵循 CC 4.0 BY-SA 版权协议,转载请附上原文出处链接和本声明。
本文链接:https://blog.csdn.net/zhangweihui123/article/details/126266021
版权

[exception_reboot_reason]: kernel_crash

[exception_panic_reason]: Native hang monitor trigger

结论:

需要内存管理的同事在帮忙check下

代码中确实存在down_read后,handle_mm_fault - handle_pte_fault - do_wp_page - balance_dirty_pages_ratelimited - schedule

当前UN进程里存在

ffffffc00e7773f0

ffffffc0144652c8

ffffffc004cf9ff0

ffffffc004cf91f0

ffffffc004cfdb70

 

ffffffc00e7773f0 ffffffc004cfdb70 和 ffffffc004cf91f0 ffffffc004cf91f0d都被balance_dirty_pages_ratelimited出去。

ffffffc0144652c8被15577 block balance_dirty_pages_ratelimited - schedule

推导过程:

crash_arm64> rd cpu_feed_mask

ffffff8009a9d0e0: 00000000000000ff ........

crash_arm64> rd cpu_feed_bitmap

ffffff8009a9d0e4: d2fbd2fb00000000 ........

crash_arm64> ps -l | grep hang

[119352 286 360 532] [RU] PID: 607 TASK: ffffffc0a5120e80 CPU: 0 COMMAND: "native_hang_det"

[119348327880470] [IN] PID: 209 TASK: ffffffc0b9fec880 CPU: 7 COMMAND: "hang_debug/7"

[119348325009162] [IN] PID: 208 TASK: ffffffc0b9fed700 CPU: 6 COMMAND: "hang_debug/6"

[119348322574624] [IN] PID: 207 TASK: ffffffc0b9fee580 CPU: 5 COMMAND: "hang_debug/5"

[119348320191931] [IN] PID: 206 TASK: ffffffc0b9ff0000 CPU: 4 COMMAND: "hang_debug/4"

[119348317873508] [IN] PID: 205 TASK: ffffffc0b9ff0e80 CPU: 3 COMMAND: "hang_debug/3"

[119348315890085] [IN] PID: 204 TASK: ffffffc0b9ff1d00 CPU: 2 COMMAND: "hang_debug/2"

[119348313697431] [IN] PID: 203 TASK: ffffffc0b9ff2b80 CPU: 1 COMMAND: "hang_debug/1"

[119345025989944] [IN] PID: 202 TASK: ffffffc0b9ff3a00 CPU: 0 COMMAND: "hang_debug/0"

疑点2:

[119352298356416] [UN] PID: 21715 TASK: ffffffc036a90e80 CPU: 6 COMMAND: "AsyncTask #95"

[119352298349570] [UN] PID: 1076 TASK: ffffffc07b911d00 CPU: 1 COMMAND: "android.bg"

[119352278352686] [UN] PID: 2648 TASK: ffffffc0951b0000 CPU: 0 COMMAND: "DFacilitator-1"

[119352274368378] [UN] PID: 1054 TASK: ffffffc095020e80 CPU: 7 COMMAND: "Signal Catcher"

[119352266347032] [UN] PID: 14286 TASK: ffffffc0acebba00 CPU: 0 COMMAND: "slogmodem"

[119352258363647] [UN] PID: 15577 TASK: ffffffc08573d700 CPU: 7 COMMAND: "Thread-18"

[119352258342455] [UN] PID: 4749 TASK: ffffffc083183a00 CPU: 6 COMMAND: "lowpool[366]"

[119352254350070] [UN] PID: 2779 TASK: ffffffc008381d00 CPU: 0 COMMAND: "ogle.android.gm"

[119352238358917] [UN] PID: 3213 TASK: ffffffc04e279d00 CPU: 0 COMMAND: "HangWatcher"

[119352234402378] [UN] PID: 21746 TASK: ffffffc013fcba00 CPU: 6 COMMAND: "queued-work-loo"

[119352234367609] [UN] PID: 10040 TASK: ffffffc08630d700 CPU: 6 COMMAND: "Alpha Thread #2"

[119352202370955] [UN] PID: 21924 TASK: ffffffc084331d00 CPU: 7 COMMAND: "CrashSDKBkgdHan"

[119352202353570] [UN] PID: 14290 TASK: ffffffc00381e580 CPU: 0 COMMAND: "slogmodem"

[119352182371609] [UN] PID: 15622 TASK: ffffffc0953ae580 CPU: 7 COMMAND: "ageEmmcTestThre"

[119352182367724] [UN] PID: 3216 TASK: ffffffc01ae01d00 CPU: 0 COMMAND: "ThreadPoolForeg"

[119352158388378] [UN] PID: 4830 TASK: ffffffc00fa8c880 CPU: 0 COMMAND: "Chrome_IOThread"

[119352138372417] [UN] PID: 3150 TASK: ffffffc01b0a8000 CPU: 0 COMMAND: ".android.chrome"

[119352134414494] [UN] PID: 2207 TASK: ffffffc015b6c880 CPU: 7 COMMAND: "queued-work-loo"

[119352134383686] [UN] PID: 17671 TASK: ffffffc01618d700 CPU: 7 COMMAND: "Alpha Thread #6"

[119352134374186] [UN] PID: 14282 TASK: ffffffc03b890000 CPU: 2 COMMAND: "slogmodem"

[119352122370648] [UN] PID: 1048 TASK: ffffffc099e50000 CPU: 7 COMMAND: "system_server"

[119352122361186] [UN] PID: 707 TASK: ffffffc0a0d20e80 CPU: 2 COMMAND: "slogmodem"

[119352118368225] [UN] PID: 471 TASK: ffffffc0b2090e80 CPU: 2 COMMAND: "ylog.journal"

[119352118346302] [UN] PID: 14923 TASK: ffffffc01ae04880 CPU: 0 COMMAND: "acji"

[119352110370225] [UN] PID: 23223 TASK: ffffffc00272ab80 CPU: 0 COMMAND: "dumpstate"

[119352098459648] [UN] PID: 21876 TASK: ffffffc00452e580 CPU: 7 COMMAND: "Alpha Simple Th"

[119352098376763] [UN] PID: 1068 TASK: ffffffc07bb91d00 CPU: 7 COMMAND: "android.io"

[119352094398571] [UN] PID: 631 TASK: ffffffc0a52fab80 CPU: 0 COMMAND: "ylog.writer"

crash_arm64> bt 631

PID: 631 TASK: ffffffc0a52fab80 CPU: 0 COMMAND: "ylog.writer"

#0 [ffffff800e0bb7d0] __switch_to at ffffff80081f4ae0

#1 [ffffff800e0bb820] __schedule at ffffff8008e1518c

#2 [ffffff800e0bb880] schedule at ffffff8008e15528

#3 [ffffff800e0bb900] schedule_timeout at ffffff8008e193cc

#4 [ffffff800e0bb960] io_schedule_timeout at ffffff8008e15a74

#5 [ffffff800e0bbb50] balance_dirty_pages_ratelimited at ffffff800838bd24

#6 [ffffff800e0bbbc0] do_wp_page at ffffff80083c3ba0

#7 [ffffff800e0bbc10] handle_pte_fault at ffffff80083c4c90

#8 [ffffff800e0bbcf0] handle_mm_fault at ffffff80083c5b70

#9 [ffffff800e0bbd90] do_page_fault$2ad2e1b83c15cf95a0f028b354d101f0 at ffffff8008210510

#10 [ffffff800e0bbe80] do_mem_abort at ffffff80080815dc

#11 [ffffff800e0bbff0] el0_da at ffffff8008084054

[119346636502361] [UN] PID: 21811 TASK: ffffffc015904880 CPU: 6 COMMAND: "Thread-5442" -- rwsem_down_write_failed_killable - ffffffc004cfdb70

[119326638527706] [UN] PID: 21812 TASK: ffffffc013540000 CPU: 6 COMMAND: "Thread-5446" -- rwsem_down_write_failed_killable - ffffffc004cfdb70

[119284381064598] [UN] PID: 5567 TASK: ffffffc084db0000 CPU: 7 COMMAND: "grpc-timer-0" -- rwsem_down_read_failed - ffffffc00e7773f0

[119225439135477] [UN] PID: 10033 TASK: ffffffc012668e80 CPU: 6 COMMAND: "Thread-2763" -- rwsem_down_write_failed_killable - ffffffc004cf91f0

[119225439128746] [UN] PID: 10032 TASK: ffffffc012668000 CPU: 7 COMMAND: "Thread-2761" -- rwsem_down_write_failed_killable - ffffffc004cf91f0

[119205590461168] [UN] PID: 4828 TASK: ffffffc004c80000 CPU: 2 COMMAND: "ThreadPoolForeg" -- rwsem_down_write_failed_killable - ffffffc00e7773f0

[119120751987723] [UN] PID: 17642 TASK: ffffffc083186580 CPU: 7 COMMAND: "AppMonitor:0" -- rwsem_down_read_failed - ffffffc004cf9ff0

[119082242871562] [UN] PID: 3035 TASK: ffffffc083160e80 CPU: 0 COMMAND: "ThreadPoolForeg" -- rwsem_down_write_failed_killable - ffffffc004cfe5f0

[119005150455356] [UN] PID: 3221 TASK: ffffffc088978e80 CPU: 2 COMMAND: "ThreadPoolForeg" -- rwsem_down_write_failed_killable - ffffffc004cfe270

[119001102348602] [UN] PID: 22849 TASK: ffffffc002140e80 CPU: 0 COMMAND: "ThreadPoolForeg" -- rwsem_down_write_failed_killable - ffffffc004cfe5f0

[118976530368311] [UN] PID: 19825 TASK: ffffffc017708000 CPU: 0 COMMAND: "UserFacingBlock" -- rwsem_down_write_failed_killable - ffffffc00e7773f0

[118976526353619] [UN] PID: 19826 TASK: ffffffc017708e80 CPU: 1 COMMAND: "UserFacingBlock" -- rwsem_down_write_failed_killable - ffffffc00e7773f0

[118960468503219] [UN] PID: 17657 TASK: ffffffc0137f6580 CPU: 7 COMMAND: "Thread-3304" -- rwsem_down_write_failed_killable - ffffffc004cf9ff0

[118958418145188] [UN] PID: 17597 TASK: ffffffc083161d00 CPU: 7 COMMAND: "Jit thread pool" -- rwsem_down_read_failed - ffffffc004cf9ff0

[118940471159295] [UN] PID: 17658 TASK: ffffffc0051f3a00 CPU: 7 COMMAND: "Thread-3294" -- rwsem_down_write_failed_killable - ffffffc004cf9ff0

[118862162523094] [UN] PID: 4833 TASK: ffffffc0083c1d00 CPU: 1 COMMAND: "ThreadPoolForeg" -- rwsem_down_write_failed_killable - ffffffc00e7773f0

###############

[118836162877616] [UN] PID: 1072 TASK: ffffffc07bb95700 CPU: 6 COMMAND: "watchdog" -- rwsem_down_read_failed - ffffffc00e7773f0

#############

[118819464467680] [UN] PID: 15532 TASK: ffffffc0a533c880 CPU: 7 COMMAND: "ageTestThread" -- rwsem_down_write_failed - ffffffc0144652c8

[118812146819169] [UN] PID: 22143 TASK: ffffffc042224880 CPU: 0 COMMAND: "UserFacingBlock" -- rwsem_down_write_failed_killable -- ffffffc00e7773f0

[118782600367513] [UN] PID: 32074 TASK: ffffffc071fc8e80 CPU: 7 COMMAND: "HeapTaskDaemon" -- rwsem_down_read_failed - ffffffc00e7773f0

[118737434910031] [UN] PID: 22126 TASK: ffffffc08845ab80 CPU: 0 COMMAND: "Blocking Thread" -- rwsem_down_write_failed_killable - ffffffc00e7773f0

[118717714142722] [UN] PID: 22402 TASK: ffffffc08041d700 CPU: 1 COMMAND: "Blocking Thread" -- rwsem_down_write_failed_killable - ffffffc00e7773f0

[118714934390001] [UN] PID: 22621 TASK: ffffffc05f8e8e80 CPU: 2 COMMAND: "Blocking Thread" -- rwsem_down_write_failed_killable - ffffffc00e7773f0

[118714934039078] [UN] PID: 22414 TASK: ffffffc002728000 CPU: 1 COMMAND: "Blocking Thread" --rwsem_down_write_failed_killable - ffffffc00e7773f0

[118679601158175] [UN] PID: 22697 TASK: ffffffc036bc0000 CPU: 7 COMMAND: "GAC_Executor[12" -- rwsem_down_write_failed_killable - ffffffc00e7773f0

[118679600623482] [UN] PID: 22698 TASK: ffffffc002729d00 CPU: 6 COMMAND: "GAC_Executor[13" -- rwsem_down_write_failed_killable - ffffffc00e7773f0

[118677477690491] [UN] PID: 32125 TASK: ffffffc0369f2b80 CPU: 0 COMMAND: "RenderThread" -- rwsem_down_write_failed_killable - ffffffc00e7773f0

[118677440422375] [UN] PID: 32073 TASK: ffffffc01b730e80 CPU: 6 COMMAND: "Jit thread pool" -- rwsem_down_write_failed_killable - ffffffc00e7773f0

[118676 970 363 800] [UN] PID: 32130 TASK: ffffffc00473ab80 CPU: 0 COMMAND: "mali-mem-purge" -- down_write_killable ffffffc00e7773f0

watchdog进程

#3 [ffffff8012e6bcc0] rwsem_down_read_failed at ffffff8008e18644

ffffff8012e6bcc0: ffffff8012e6bd10 ffffff8008e17d7c x29, x30

ffffff8012e6bcd0: 000000000000003f 0000000000000fff x26, x25

ffffff8012e6bce0: 0000000000000015 000000774a7d47b8 x24, x23

ffffff8012e6bcf0: ffffffc00e7773f0 ffffffc00e777380 x22, x21

ffffff8012e6bd00: ffffffc001c38e80 ffffffc00e7773f0 x20, x19

crash_arm64> struct rw_semaphore ffffffc00e7773f0 -x

struct rw_semaphore {

count = {

counter = 0xffffffff00000001

},

wait_list = {

next = 0xffffff8012723dd8,

prev = 0xffffff800c9f3c88

},

wait_lock = {

raw_lock = {

owner = 0x1142,

next = 0x1142

}

},

osq = {

tail = {

counter = 0x0

}

},

owner = 0x1

}

crash_arm64> search -t ffffffc00e7773f0

search: invalid list entry: 0

search: WARNING: invalid/corrupt vmap_area_list

PID: 1072 TASK: ffffffc07bb95700 CPU: 6 COMMAND: "watchdog" //UN-ps

ffffff8012e6bc60: ffffffc00e7773f0

ffffff8012e6bc68: ffffffc00e7773f0

ffffff8012e6bcf0: ffffffc00e7773f0

ffffff8012e6bd08: ffffffc00e7773f0

PID: 4828 TASK: ffffffc004c80000 CPU: 2 COMMAND: "ThreadPoolForeg"//UN-ps

ffffff800d69bd20: ffffffc00e7773f0

ffffff800d69bd90: ffffffc00e7773f0

ffffff800d69bdc8: ffffffc00e7773f0

PID: 4830 TASK: ffffffc00fa8c880 CPU: 0 COMMAND: "Chrome_IOThread"//suspect

ffffff800a203b78: ffffffc00e7773f0

ffffff800a203c28: ffffffc00e7773f0

[119352158388378] [UN] PID: 4830 TASK: ffffffc00fa8c880 CPU: 0 COMMAND: "Chrome_IOThread"

PID: 4833 TASK: ffffffc0083c1d00 CPU: 1 COMMAND: "ThreadPoolForeg" //UN-ps

ffffff800d6bbda0: ffffffc00e7773f0

ffffff800d6bbe38: ffffffc00e7773f0

ffffff800d6bbe48: ffffffc00e7773f0

 

PID: 4838 TASK: ffffffc004c83a00 CPU: 2 COMMAND: "NetworkService" //fail

ffffff800d70b578: ffffffc00e7773f0

ffffff800d70b718: ffffffc00e7773f0

ffffff800d70b778: ffffffc00e7773f0

[118532 123 726 276] [IN] PID: 4838 TASK: ffffffc004c83a00 CPU: 2 COMMAND: "NetworkService"

PID: 4861 TASK: ffffffc006eb6580 CPU: 5 COMMAND: "Binder:32060_8" //binder

ffffff800dbe3478: ffffffc00e7773f0

[118611 910 015 241] [IN] PID: 4861 TASK: ffffffc006eb6580 CPU: 5 COMMAND: "Binder:32060_8"

PID: 5177 TASK: ffffffc00737ba00 CPU: 5 COMMAND: "Binder:32060_A" //binder

ffffff800c36b478: ffffffc00e7773f0

ffffff800c36b618: ffffffc00e7773f0

ffffff800c36b678: ffffffc00e7773f0

[118543653119770] [IN] PID: 5177 TASK: ffffffc00737ba00 CPU: 5 COMMAND: "Binder:32060_A"

PID: 5475 TASK: ffffffc0b9934880 CPU: 2 COMMAND: "Binder:32060_D" //binder

ffffff8010c2b478: ffffffc00e7773f0

ffffff8010c2b618: ffffffc00e7773f0

ffffff8010c2b678: ffffffc00e7773f0

[118543 652 690 193] [IN] PID: 5475 TASK: ffffffc0b9934880 CPU: 2 COMMAND: "Binder:32060_D"

PID: 5567 TASK: ffffffc084db0000 CPU: 7 COMMAND: "grpc-timer-0"//UN-ps

ffffff800c9f3c50: ffffffc00e7773f0

ffffff800c9f3c58: ffffffc00e7773f0

ffffff800c9f3cc8: ffffffc00e7773f0

ffffff800c9f3cf8: ffffffc00e7773f0

PID: 5857 TASK: ffffffc003234880 CPU: 2 COMMAND: "Binder:32060_E"//binder

ffffff80105cb478: ffffffc00e7773f0

[118543 652667693] [IN] PID: 5857 TASK: ffffffc003234880 CPU: 2 COMMAND: "Binder:32060_E"

PID: 19825 TASK: ffffffc017708000 CPU: 0 COMMAND: "UserFacingBlock"//

ffffff800f82bda0: ffffffc00e7773f0

ffffff800f82be38: ffffffc00e7773f0

ffffff800f82be48: ffffffc00e7773f0

PID: 19826 TASK: ffffffc017708e80 CPU: 1 COMMAND: "UserFacingBlock"//UN-ps

ffffff800f6dbda0: ffffffc00e7773f0

ffffff800f6dbe38: ffffffc00e7773f0

ffffff800f6dbe48: ffffffc00e7773f0

PID: 22126 TASK: ffffffc08845ab80 CPU: 0 COMMAND: "Blocking Thread"//UN-ps

ffffff800d223da0: ffffffc00e7773f0

ffffff800d223e38: ffffffc00e7773f0

ffffff800d223e48: ffffffc00e7773f0

PID: 22143 TASK: ffffffc042224880 CPU: 0 COMMAND: "UserFacingBlock"//UN-ps

ffffff801424bda0: ffffffc00e7773f0

ffffff801424be38: ffffffc00e7773f0

ffffff801424be48: ffffffc00e7773f0

PID: 22402 TASK: ffffffc08041d700 CPU: 1 COMMAND: "Blocking Thread"//UN-ps

ffffff800f9f3da0: ffffffc00e7773f0

ffffff800f9f3e38: ffffffc00e7773f0

ffffff800f9f3e48: ffffffc00e7773f0

PID: 22414 TASK: ffffffc002728000 CPU: 1 COMMAND: "Blocking Thread"//UN-ps

ffffff800c56bda0: ffffffc00e7773f0

ffffff800c56be38: ffffffc00e7773f0

ffffff800c56be48: ffffffc00e7773f0

PID: 22621 TASK: ffffffc05f8e8e80 CPU: 2 COMMAND: "Blocking Thread"//UN-ps

ffffff800f5cbda0: ffffffc00e7773f0

ffffff800f5cbe38: ffffffc00e7773f0

ffffff800f5cbe48: ffffffc00e7773f0

PID: 22697 TASK: ffffffc036bc0000 CPU: 7 COMMAND: "GAC_Executor[12"//UN-ps

ffffff800c94bda0: ffffffc00e7773f0

ffffff800c94be38: ffffffc00e7773f0

ffffff800c94be48: ffffffc00e7773f0

PID: 22698 TASK: ffffffc002729d00 CPU: 6 COMMAND: "GAC_Executor[13"//UN-ps

ffffff800dbdbda0: ffffffc00e7773f0

ffffff800dbdbe38: ffffffc00e7773f0

ffffff800dbdbe48: ffffffc00e7773f0

PID: 32073 TASK: ffffffc01b730e80 CPU: 6 COMMAND: "Jit thread pool"//UN-ps

ffffff800fc6bd70: ffffffc00e7773f0

ffffff800fc6be18: ffffffc00e7773f0

PID: 32074 TASK: ffffffc071fc8e80 CPU: 7 COMMAND: "HeapTaskDaemon"//UN-ps

ffffff800fcbbc30: ffffffc00e7773f0

ffffff800fcbbc38: ffffffc00e7773f0

ffffff800fcbbcd8: ffffffc00e7773f0

PID: 32078 TASK: ffffffc052b66580 CPU: 3 COMMAND: "Binder:32060_1" //binder

ffffff8010793478: ffffffc00e7773f0

ffffff8010793618: ffffffc00e7773f0

ffffff8010793678: ffffffc00e7773f0

[118543652560039] [IN] PID: 32078 TASK: ffffffc052b66580 CPU: 3 COMMAND: "Binder:32060_1"

PID: 32079 TASK: ffffffc0793fc880 CPU: 2 COMMAND: "Binder:32060_2" //binder

ffffff80107a3478: ffffffc00e7773f0

ffffff80107a3618: ffffffc00e7773f0

ffffff80107a3678: ffffffc00e7773f0

[118543652579578] [IN] PID: 32079 TASK: ffffffc0793fc880 CPU: 2 COMMAND: "Binder:32060_2"//

PID: 32080 TASK: ffffffc0137f0e80 CPU: 5 COMMAND: "Binder:32060_3"//binder

ffffff8010d2b6c8: ffffffc00e7773f0

ffffff8010d2b728: ffffffc00e7773f0

[118543 652 667 193] [IN] PID: 32080 TASK: ffffffc0137f0e80 CPU: 5 COMMAND: "Binder:32060_3"

PID: 32125 TASK: ffffffc0369f2b80 CPU: 0 COMMAND: "RenderThread"//UN-ps

ffffff80128f3d20: ffffffc00e7773f0

ffffff80128f3d90: ffffffc00e7773f0

ffffff80128f3dc8: ffffffc00e7773f0

PID: 32130 TASK: ffffffc00473ab80 CPU: 0 COMMAND: "mali-mem-purge"

ffffff8012723da0: ffffffc00e7773f0

ffffff8012723e38: ffffffc00e7773f0

ffffff8012723e48: ffffffc00e7773f0

PID: 32131 TASK: ffffffc0383e0e80 CPU: 4 COMMAND: "mali-utility-wo"

ffffff80126f3de8: ffffffc00e7773f0

[116172 885 652 160] [IN] PID: 32131 TASK: ffffffc0383e0e80 CPU: 4 COMMAND: "mali-utility-wo"

 

PID: 32132 TASK: ffffffc0383e0000 CPU: 0 COMMAND: "mali-utility-wo"

ffffff80127936e8: ffffffc00e7773f0

ffffff8012793798: ffffffc00e7773f0

ffffff8012793de8: ffffffc00e7773f0

[116172885680660] [IN] PID: 32132 TASK: ffffffc0383e0000 CPU: 0 COMMAND: "mali-utility-wo"

PID: 32133 TASK: ffffffc047a3e580 CPU: 7 COMMAND: "mali-utility-wo"

ffffff801279b6e8: ffffffc00e7773f0

ffffff801279b798: ffffffc00e7773f0

ffffff801279bde8: ffffffc00e7773f0

PID: 32134 TASK: ffffffc047a3d700 CPU: 7 COMMAND: "mali-utility-wo"

ffffff801283b6e8: ffffffc00e7773f0

ffffff801283b798: ffffffc00e7773f0

ffffff801283bde8: ffffffc00e7773f0

PID: 32136 TASK: ffffffc00f472b80 CPU: 7 COMMAND: "mali-utility-wo"

ffffff80128e36e8: ffffffc00e7773f0

ffffff80128e3798: ffffffc00e7773f0

PID: 32137 TASK: ffffffc08349d700 CPU: 0 COMMAND: "mali-utility-wo"

ffffff801294b6e8: ffffffc00e7773f0

ffffff801294b798: ffffffc00e7773f0

[116172885730891] [IN] PID: 32137 TASK: ffffffc08349d700 CPU: 0 COMMAND: "mali-utility-wo"

crash_arm64> list -s rwsem_waiter.task,type -h 0xffffff8012723dd8

ffffff8012723dd8

task = 0xffffffc00473ab80

type = RWSEM_WAITING_FOR_WRITE

ffffff800fc6bda8

task = 0xffffffc01b730e80

type = RWSEM_WAITING_FOR_WRITE

ffffff80128f3d58

task = 0xffffffc0369f2b80

type = RWSEM_WAITING_FOR_WRITE

ffffff800dbdbdd8

task = 0xffffffc002729d00

type = RWSEM_WAITING_FOR_WRITE

ffffff800c94bdd8

task = 0xffffffc036bc0000

type = RWSEM_WAITING_FOR_WRITE

ffffff800fb03c98

task = 0x0

type = RWSEM_WAITING_FOR_WRITE

list: invalid list entry: 0

static ssize_t get_mm_cmdline(struct mm_struct *mm, char __user *buf,

215 size_t count, loff_t *ppos)

216 {

217 unsigned long arg_start, arg_end, env_start, env_end;

218 unsigned long pos, len;

219 char *page;

220

221 /* Check if process spawned far enough to have cmdline. */

222 if (!mm->env_end)

223 return 0;

224

225 down_read(&mm->mmap_sem);

226 arg_start = mm->arg_start;

227 arg_end = mm->arg_end;

228 env_start = mm->env_start;

229 env_end = mm->env_end;

230 up_read(&mm->mmap_sem);

231

struct mm_struct { -- ffffffc00e777380

[0x70] struct rw_semaphore mmap_sem; -- ffffffc00e7773f0

[0x310] struct task_struct *owner; -- ffffffc001c38e80

crash_arm64> eval ffffffc00e777380+0x310

hexadecimal: ffffffc00e777690

decimal: 18446743799074354832 (-274635196784)

octal: 1777777774001635673220

binary: 1111111111111111111111111100000000001110011101110111011010010000

crash_arm64> rd ffffffc00e777690

ffffffc00e777690: ffffffc001c38e80 ........

crash_arm64> struct task_struct ffffffc001c38e80

pid = 32060,

comm = "earchbox:search",

目前来看watchdog在读取32060的proc节点时被阻塞了,该进程的mmap_sem被其他进程持有了,需要找出谁持有了该进程。

从search -t来看,最大的嫌疑犯是4830。

PID: 4830 TASK: ffffffc00fa8c880 CPU: 0 COMMAND: "Chrome_IOThread"

#0 [ffffff800a2037d0] __switch_to at ffffff80081f4ae0

#1 [ffffff800a203820] __schedule at ffffff8008e1518c

#2 [ffffff800a203880] schedule at ffffff8008e15528

#3 [ffffff800a203900] schedule_timeout at ffffff8008e193cc

#4 [ffffff800a203960] io_schedule_timeout at ffffff8008e15a74

#5 [ffffff800a203b50] balance_dirty_pages_ratelimited at ffffff800838bd24

#6 [ffffff800a203bc0] do_wp_page at ffffff80083c3ba0

#7 [ffffff800a203c10] handle_pte_fault at ffffff80083c4c90

#8 [ffffff800a203cf0] handle_mm_fault at ffffff80083c5b70

#9 [ffffff800a203d90] do_page_fault$2ad2e1b83c15cf95a0f028b354d101f0 at ffffff8008210510

#10 [ffffff800a203e80] do_mem_abort at ffffff80080815dc

#11 [ffffff800a203ff0] el0_da at ffffff8008084054

#7 [ffffff800a203c10] handle_pte_fault at ffffff80083c4c90

ffffff800a203c10: ffffff800a203cf0 ffffff80083c5b74

ffffff800a203c20: ffffffc071126ca8 ffffffc00e7773f0## rw_semaphore##

ffffff800a203c30: 0000000000000055 ffffffc00fa8c880

ffffff800a203c40: ffffffc0b995ced8 ffffffc071126ca8

ffffff800a203c50: 00000076ef2ce000 0000000000000055

ffffff800a203c60: ffffffc071126ca8 014200ca00000055

ffffff800a203c70: 0000000000000004 00000076ef2ce000

ffffff800a203c80: 0000000000000006 0000000000000000

ffffff800a203c90: ffffffc0b5455bc8 ffffffc0b995ced8

ffffff800a203ca0: 00600000ee987fd3 0000000000000000

ffffff800a203cb0: 0000000000000000 ffffffbf01ba61c0

ffffff800a203cc0: ffffffc01219a670 ffffffbf004866b0

ffffff800a203cd0: 0000000000000000 00000000000000fb

ffffff800a203ce0: 0060000000000fd3 4345862aad4c8f00

阅读源码发现

471 retry:

472 down_read(&mm->mmap_sem);

473 } else {

474 /*

475 * The above down_read_trylock() might have succeeded in

476 * which case we'll have missed the might_sleep() from

477 * down_read():

478 */

479 might_sleep();

480 }

481

482 vma = find_vma(mm, address);

483 if (unlikely(!vma))

484 return bad_area(regs, address);

485 if (likely(vma->vm_start <= address))

486 goto good_area;

487 if (unlikely(!(vma->vm_flags & VM_GROWSDOWN)))

488 return bad_area(regs, address);

489

490 /* The stack is being expanded, check if it's valid */

491 if (unlikely(bad_stack_expansion(regs, address, vma, store_update_sp)))

492 return bad_area(regs, address);

493

494 /* Try to expand it */

495 if (unlikely(expand_stack(vma, address)))

496 return bad_area(regs, address);

497

498 good_area:

499 if (unlikely(access_error(is_write, is_exec, vma)))

500 return bad_access(regs, address);

501

502 /*

503 * If for any reason at all we couldn't handle the fault,

504 * make sure we exit gracefully rather than endlessly redo

505 * the fault.

506 */

507 fault = handle_mm_fault(vma, address, flags);

508 major |= fault & VM_FAULT_MAJOR;

代码中确实存在down_read后,handle_mm_fault - handle_pte_fault - do_wp_page - balance_dirty_pages_ratelimited - schedule

当前UN进程里存在

ffffffc00e7773f0

ffffffc0144652c8

ffffffc004cf9ff0

ffffffc004cf91f0

ffffffc004cfdb70

 

ffffffc00e7773f0 ffffffc004cfdb70 和 ffffffc004cf91f0 ffffffc004cf91f0d都被balance_dirty_pages_ratelimited出去。

ffffffc0144652c8被15577 block balance_dirty_pages_ratelimited - schedule

#3 [ffffff8011a13c90] rwsem_down_write_failed at ffffff8008e18a90

ffffff8011a13c90: ffffff8011a13ce0 ffffff8008e17dc8

ffffff8011a13ca0: 00000000000001b3 0000000000000000

ffffff8011a13cb0: ffffffc0a533c880 0000000000000000

ffffff8011a13cc0: ffffffc0144652c8 ffffff8011a13db8

ffffff8011a13cd0: ffffffc014465220 ffffffc0144652c8

crash_arm64> struct rw_semaphore ffffffc0144652c8 -x

struct rw_semaphore {

count = {

counter = 0xfffffffe00000001 owner = 0xffffffc08573d700

},

wait_list = {

next = 0xffffff8011a13c68,

prev = 0xffffff8011a13c68

},

wait_lock = {

raw_lock = {

owner = 0x1,

next = 0x1

}

},

osq = {

tail = {

counter = 0x0

}

},

owner = 0xffffffc08573d700

}

crash_arm64> task_struct 0xffffffc08573d700 | grep mm

comm = "Thread-18\000nitor",

pid = 15577,

crash_arm64> bt 15577

PID: 15577 TASK: ffffffc08573d700 CPU: 7 COMMAND: "Thread-18"

#0 [ffffff8013c83840] __switch_to at ffffff80081f4ae0

#1 [ffffff8013c83890] __schedule at ffffff8008e1518c

#2 [ffffff8013c838f0] schedule at ffffff8008e15528

#3 [ffffff8013c83970] schedule_timeout at ffffff8008e193cc

#4 [ffffff8013c839d0] io_schedule_timeout at ffffff8008e15a74

#5 [ffffff8013c83bc0] balance_dirty_pages_ratelimited at ffffff800838bd24

#6 [ffffff8013c83c50] generic_perform_write at ffffff800837e328

#7 [ffffff8013c83cb0] __generic_file_write_iter at ffffff800837e468

#8 [ffffff8013c83d40] f2fs_file_write_iter$717f3c7ebb2509b4b38e79ecff9af67f at ffffff80085a100c

#9 [ffffff8013c83e20] __vfs_write at ffffff80083ff6b0

#10 [ffffff8013c83e40] vfs_write at ffffff80083ff9f0

#11 [ffffff8013c83e90] sys_write at ffffff80083ffc34

#12 [ffffff8013c83ff0] el0_svc_naked at ffffff80080844bc

PC: 0000007a4f1388c8 LR: 00000077b40ee834 SP: 0000007718caf4e0

X29: 0000007718caf510 X28: 0000000000000001 X27: 0000000000000000

X26: 0000007718cb2000 X25: 0000007718cb2000 X24: b4000077dc835030

X23: b40000792c815a08 X22: 0000000000000037 X21: 000000000000004a

X20: 0000007718caf588 X19: b40000787c7e1370 X18: 0000007717dd6000

X17: 0000007a4f1388c0 X16: 0000007a4f156ef8 X15: 0000000000000001

X14: 00000077bc4902f8 X13: 0000000000000000 X12: 00000000c8dbf66e

X11: 00000000dc835050 X10: 0000000000000002 X9: 0000000000000001

X8: 0000000000000040 X7: 7f7f7f7f7f7f7f7f X6: 284801ff3a445328

X5: 0000000000000049 X4: ffffffffffffffff X3: ffffffffffffffff

X2: 0000000000000037 X1: b40000793c7e0090 X0: 000000000000004a

ORIG_X0: 000000000000004a SYSCALLNO: 40 PSTATE: 00001000

buck1237
关注
  • 0
    点赞
  • 3
    收藏
    觉得还不错? 一键收藏
  • 0
    评论
mmap_sem信号量死锁故障分析
jiazheng.li的CSDN博客
04-08 4008
1 故障现象      该故障出现时,系统提供的调试shell,命令行都不能执行,只有busybox shell (bshell)和魔键(sysrq)可以用。在串口下启动进程就被挂住,进程都处于D状态。 2 故障定位分析         该故障出现时,只有bshell跟魔键信息可以用,自然而然的就敲了魔键,把内核的调用链打印出来,可是,魔键打印的内核调用链信息很多,很难从调用链的信息
Java线程池
豪猪的博客
02-13 329
什么是线程池(thread pool)?          在面向对象编程中,创建和销毁对象是很费时间的,因为创建一个对象要获取内存资源或者其它更多资源。在Java中更是如此,虚拟机将试图跟踪每一个对象,以便能够在对象销毁后进行垃圾回收。所以提高服务程序效率的一个手段就是尽可能减少创建和销毁对象的次数,特别是一些很耗资源的对象创建和销毁,这就是”池化资源”技术产生的原因。
Android 对线程池的使用
wqewq19的博客
10-30 267
了解这几个接口Executor, 接口ExecutorService继承 Executor, ThreadPoolExecutor,Executors;Executors 工厂类 用于创建各种类型的线程池。其包含的方法创建固定个数线程的线程池 public static ExecutorService newFixedThreadPool(int nThreads) { ret
调试内核死锁
momodeconger的博客
02-10 202
windows内核调试
rwsem文件
huaner_m的专栏
07-17 625
include/linux/rwsem.h lib/rwsem.c   rwsem_down_read_failed
linux 内核信号量使用,Linux内核读写信号量 rwsem实现分析
weixin_39804629的博客
04-29 232
读写信号量信号量根据用途不同,可以区分读和写两种操作方式。为提高信号量的效率引入rwsem,此锁使用的机会比较少,适用于读频繁的情况。头文件,类型struct rw_semaphore,其必须在运行时进行显示的初始化:void init_rwsem(struct rw_semaphore* sem);对于只读访问,使用如下PV:void down_read(struct rw_semaphore*...
linux读写信号量,Linux内核读写信号量rwsem实现分析
weixin_35939542的博客
05-13 603
Linux内核读写信号量rwsem实现分析 读写信号量 信号量根据用途不同,可以区分读和写两种操作方式。 为提高信号量的效率引入rwsem,此锁使用的机会比较少,适用于读频繁的情况。 头文件,类型struct rw_semaphore,其必须在运行时进行显示的初始化: void init_rwsem(struct rw_semaphore* sem); 对于只读访问,使用如下PV: void do...
一次mysql死锁的排查过程
12-14
4. **程序逻辑优化**:在代码层面避免可能导致死锁的操作,如一次性获取所有需要的锁。 **总结** 了解死锁的原因和排查方法对于后端开发者至关重要。虽然我们不需要深入研究锁的源码,但熟悉基本的死锁原理和排查...
一次离奇的 MySQL 死锁分析
12-14
MySQL中的死锁问题是一个复杂而微妙的议题,尤其是在高并发的业务环境中,死锁可能导致服务的不稳定甚至数据的不一致。在2016年11月15日的这个生产bug中,我们看到的问题核心在于两个事务间的资源争夺,最终导致了...
一次神奇的MySQL死锁排查记录
09-09
本篇文章将深入探讨一次神奇的MySQL死锁排查记录,通过具体的案例帮助读者理解和解决这类问题。 在描述中提到的背景,我们了解到作者之前对MySQL锁机制有一定的了解,但在处理一个特定的死锁问题时遇到了挑战。问题...
MySQL数据库的一次死锁实例分析
09-09
MySQL数据库中的死锁问题是一个复杂而重要的主题,尤其是在高并发的业务环境中。本文将通过一个具体的实例来深入理解MySQL死锁的产生、检测以及解决策略。 首先,让我们回顾一下这个实例。在2016年11月15日,一个...
一次死锁追踪经历
10-24
在本文中,作者通过一次实际的死锁追踪经历,深入探讨了如何诊断和解决数据库死锁的问题。 【死锁的症状】 文章中提到的现象是生产数据库晚上突然中断,连接被强制中止,这通常是死锁发生时的典型表现。系统取消了...
内核mmap_sem锁的危害和相关优化
buhui912的专栏
05-26 1707
mmap_sem锁简介 mmap_sem锁是进程为了保护自身虚拟地址空间不受多线程并发访问影响而设计的。 多线程环境下,如果想访问进程的虚拟地址空间(比如find_vma等),是要先持有该mmap_sem锁才能访问的,这样可以避免多线程并发修改进程vma区域造成的冲突。 mmap_sem锁的一些问题总结 内核mmap_sem锁设计目前存在一些问题,简单总结如下: 1:保护的东西太多,范围太广了。 mmap_sem目前保护: 1)Rbtree of VMA,比如做find_vma()时 arm
linux内核的读写信号量,Linux内核读写信号量 rwsem实现分析
weixin_28956181的博客
05-02 252
Linux内核读写信号量 rwsem实现分析 (5页) 本资源提供全文预览,点击全文预览即可全文预览,如果喜欢文档就下载吧,查找使用更方便哦!19.90 积分读写信号量 信号量根据用途不同,可以区分读和写两种操作方式。为提高信号量的效率引入rwsem,此锁使用的机会比较少,适用于读频繁的情况。头文件,类型struct rw_semaphore,其必须在运行时进行显示的初始化:void init_...
ThreadPool 之 线程池概览
RojerAlone的博客
07-30 513
ThreadPool[注] 本文中的源码基于 JDK1.8,源码中的注释为 JDK 中注释的翻译加上个人的理解。如有错误欢迎指正。引言  因为进程的切换相当耗费资源,加上 CPU 的发展,操作系统中引入了线程的概念。相比于进程的上下文切换,线程的切换更轻量级,但是不代表没有开销,而且大部分多线程的生命周期都比较短,会发生频繁的线程创建、销毁动作,这也是相当消耗资源的,因此引入了线程池。  合理利用线
libbpf-bootstrap开发指南:内核态探针- kprobe
阿呆的隐秘角落
07-16 567
做全网最好的libbpf-bootstrap开发指南
Android线程和线程池(3)——线程池的使用
haazzz的博客
03-27 421
目录1.线程池的介绍1.1 使用线程池的原因1.2 使用线程池的好处2.线程池的使用说明2.1 构造方法2.2 参数解释2.3 线程池状态3.使用线程池3.1 使用的流程3.2 线程初始化3.3 线程池关闭3.4 线程池容量调整3.5 具体的demo4.功能线程池4.1 定长线程池(FixedThreadPool)4.2 定时线程池(ScheduledThreadPool )4.3 可缓存线程池(CachedThreadPool)4.4 单线程化线程池(SingleThreadExecutor)4.5
深入学习Android framework(2)——Handler Native层
一个码农的博客
06-30 4433
基于android28源码,MessageQueue类里面涉及到多个native方法,除了MessageQueue的native方法,native层本身也有一套完整的消息机制,用于处理native的消息,如下图Native层的消息机制。 Java层可以向MessageQueue消息队列中添加消息,Native层也可以向MessageQueue消息队列中添加消息 MessageQueue 初始化过程的调用链如下: 在MessageQueue中的native方法如下: private native st
ASP外观专利图像检索平台(源代码+论文).rar
最新发布
07-21
ASP外观专利图像检索平台(源代码+论文)
mysql sqlstate 40001_一次MySQL死锁问题解决
06-08
MySQL死锁问题通常是由于多个事务同时尝试访问相同的资源而导致的。当一个事务持有锁并且等待另一个事务持有的锁时,就会发生死锁。这种情况下,MySQL会自动选择其中一个事务进行回滚,以解除死锁。 解决这个问题的方法有几种: 1. 优化数据库设计和查询语句,减少事务之间的冲突。例如,避免在同一表中进行大量的插入和删除操作。 2. 将事务操作拆分为更小的单元,并尽可能快速地完成它们。这可以减少每个事务所持有锁的时间,从而减少死锁的可能性。 3. 使用MySQL提供的锁分级机制,例如行级锁和表级锁,以减少死锁的可能性。 4. 在应用程序中使用事务重试机制,当事务发生死锁时,可以自动重试事务,直到成功为止。 总之,解决MySQL死锁问题需要多方面的努力,包括数据库设计、查询语句优化、事务拆分、锁分级和事务重试等方面的优化。

“相关推荐”对你有帮助么?

  • 非常没帮助
  • 没帮助
  • 一般
  • 有帮助
  • 非常有帮助
提交
评论
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值