The Design and Implementation of the FreeBSD Operating System, Second Edition
Now available: The Design and Implementation of the FreeBSD Operating System (Second Edition)


[ source navigation ] [ diff markup ] [ identifier search ] [ freetext search ] [ file search ] [ list types ] [ track identifier ]

FreeBSD/Linux Kernel Cross Reference
sys/i386/i386/mp_watchdog.c

Version: -  FREEBSD  -  FREEBSD-12-STABLE  -  FREEBSD-12-0  -  FREEBSD-11-STABLE  -  FREEBSD-11-2  -  FREEBSD-11-1  -  FREEBSD-11-0  -  FREEBSD-10-STABLE  -  FREEBSD-10-4  -  FREEBSD-10-3  -  FREEBSD-10-2  -  FREEBSD-10-1  -  FREEBSD-10-0  -  FREEBSD-9-STABLE  -  FREEBSD-9-3  -  FREEBSD-9-2  -  FREEBSD-9-1  -  FREEBSD-9-0  -  FREEBSD-8-STABLE  -  FREEBSD-8-4  -  FREEBSD-8-3  -  FREEBSD-8-2  -  FREEBSD-8-1  -  FREEBSD-8-0  -  FREEBSD-7-STABLE  -  FREEBSD-7-4  -  FREEBSD-7-3  -  FREEBSD-7-2  -  FREEBSD-7-1  -  FREEBSD-7-0  -  FREEBSD-6-STABLE  -  FREEBSD-6-4  -  FREEBSD-6-3  -  FREEBSD-6-2  -  FREEBSD-6-1  -  FREEBSD-6-0  -  FREEBSD-5-STABLE  -  FREEBSD-5-5  -  FREEBSD-5-4  -  FREEBSD-5-3  -  FREEBSD-5-2  -  FREEBSD-5-1  -  FREEBSD-5-0  -  FREEBSD-4-STABLE  -  FREEBSD-3-STABLE  -  FREEBSD22  -  linux-2.6  -  linux-2.4.22  -  MK83  -  MK84  -  PLAN9  -  DFBSD  -  NETBSD  -  NETBSD5  -  NETBSD4  -  NETBSD3  -  NETBSD20  -  OPENBSD  -  xnu-517  -  xnu-792  -  xnu-792.6.70  -  xnu-1228  -  xnu-1456.1.26  -  xnu-1699.24.8  -  xnu-2050.18.24  -  OPENSOLARIS  -  minix-3-1-1 
SearchContext: -  none  -  3  -  10 

    1 /*-
    2  * Copyright (c) 2004 Robert N. M. Watson
    3  * All rights reserved.
    4  *
    5  * Redistribution and use in source and binary forms, with or without
    6  * modification, are permitted provided that the following conditions
    7  * are met:
    8  * 1. Redistributions of source code must retain the above copyright
    9  *    notice, this list of conditions and the following disclaimer.
   10  * 2. Redistributions in binary form must reproduce the above copyright
   11  *    notice, this list of conditions and the following disclaimer in the
   12  *    documentation and/or other materials provided with the distribution.
   13  *
   14  * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
   15  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
   16  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
   17  * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
   18  * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
   19  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
   20  * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
   21  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
   22  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
   23  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
   24  * SUCH DAMAGE.
   25  *
   26  * $FreeBSD: src/sys/i386/i386/mp_watchdog.c,v 1.2 2004/08/15 20:32:40 rwatson Exp $
   27  */
   28 
   29 #include "opt_mp_watchdog.h"
   30 #include "opt_sched.h"
   31 
   32 #ifdef SCHED_ULE
   33 #error MP_WATCHDOG cannot currently be used with SCHED_ULE
   34 #endif
   35 
   36 #include <sys/param.h>
   37 #include <sys/kdb.h>
   38 #include <sys/kernel.h>
   39 #include <sys/lock.h>
   40 #include <sys/mutex.h>
   41 #include <sys/pcpu.h>
   42 #include <sys/proc.h>
   43 #include <sys/sysctl.h>
   44 #include <sys/systm.h>
   45 
   46 #include <machine/smp.h>
   47 #include <machine/apicreg.h>
   48 #include <machine/apicvar.h>
   49 #include <machine/mp_watchdog.h>
   50 
   51 /*
   52  * mp_swatchdog hijacks the idle thread on a specified CPU, prevents new work
   53  * from being scheduled there, and uses it as a "watchdog" to detect kernel
   54  * failure on other CPUs.  This is made reasonable by inclusion of logical
   55  * processors in Xeon hardware.  The watchdog is configured by setting the
   56  * debug.watchdog_cpu sysctl to the CPU of interest.  A callout will then
   57  * begin executing reseting a timer that is gradually lowered by the watching
   58  * thread.  If the timer reaches 0, the watchdog fires by ether dropping
   59  * directly to the debugger, or by sending an NMI IPI to the boot processor.
   60  * This is a somewhat less efficient substitute for dedicated watchdog
   61  * hardware, but can be quite an effective tool for debugging hangs.
   62  *
   63  * XXXRW: This should really use the watchdog(9)/watchdog(4) framework, but
   64  * doesn't yet.
   65  */
   66 static int      watchdog_cpu = -1;
   67 static int      watchdog_dontfire = 1;
   68 static int      watchdog_timer = -1;
   69 static int      watchdog_nmi = 1;
   70 
   71 SYSCTL_INT(_debug, OID_AUTO, watchdog_nmi, CTLFLAG_RW, &watchdog_nmi, 0,
   72     "IPI the boot processor with an NMI to enter the debugger");
   73 
   74 static struct callout   watchdog_callout;
   75 
   76 /*
   77  * Number of seconds before the watchdog will fire if the callout fails to
   78  * reset the timer.
   79  */
   80 #define WATCHDOG_THRESHOLD      10
   81 
   82 static void
   83 watchdog_init(void *arg)
   84 {
   85 
   86         callout_init(&watchdog_callout, CALLOUT_MPSAFE);
   87 }
   88 
   89 /*
   90  * This callout resets a timer until the watchdog kicks in.  It acquires some
   91  * critical locks to make sure things haven't gotten wedged with hose locks
   92  * held.
   93  */
   94 static void
   95 watchdog_function(void *arg)
   96 {
   97 
   98         /*
   99          * Since the timer ran, we must not be wedged.  Acquire some critical
  100          * locks to make sure.  Then reset the timer.
  101          */
  102         mtx_lock(&Giant);
  103         mtx_lock_spin(&sched_lock);
  104         watchdog_timer = WATCHDOG_THRESHOLD;
  105         mtx_unlock_spin(&sched_lock);
  106         mtx_unlock(&Giant);
  107         callout_reset(&watchdog_callout, 1 * hz, watchdog_function, NULL);
  108 }
  109 SYSINIT(watchdog_init, SI_SUB_DRIVERS, SI_ORDER_ANY, watchdog_init, NULL);
  110 
  111 /*
  112  * This sysctl sets which CPU is the watchdog CPU.  Set to -1 or 0xffffffff
  113  * to disable the watchdog.
  114  */
  115 static int
  116 sysctl_watchdog(SYSCTL_HANDLER_ARGS)
  117 {
  118         int error, temp;
  119 
  120         temp = watchdog_cpu;
  121         error = sysctl_handle_int(oidp, &temp, 0, req);
  122         if (error)
  123                 return (error);
  124 
  125         if (req->newptr != NULL) {
  126                 if (temp == -1 || temp == 0xffffffff) {
  127                         /*
  128                          * Disable the watcdog.
  129                          */
  130                         watchdog_cpu = -1;
  131                         watchdog_dontfire = 1;
  132                         callout_stop(&watchdog_callout);
  133                         printf("watchdog stopped\n");
  134                 } else {
  135                         watchdog_timer = WATCHDOG_THRESHOLD;
  136                         watchdog_dontfire = 0;
  137                         watchdog_cpu = temp;
  138                         callout_reset(&watchdog_callout, 1 * hz,
  139                             watchdog_function, NULL);
  140                 }
  141         }
  142         return (0);
  143 }
  144 SYSCTL_PROC(_debug, OID_AUTO, watchdog, CTLTYPE_INT|CTLFLAG_RW, 0, 0,
  145     sysctl_watchdog, "IU", "");
  146 
  147 /*
  148  * A badly behaved sysctl that leaks the sched lock when written to.  Then
  149  * spin holding it just to make matters worse.  This can be used to test the
  150  * effectiveness of the watchdog by generating a fairly hard and nast hang.
  151  * Note that Giant is also held in the current world order when we get here.
  152  */
  153 static int
  154 sysctl_leak_schedlock(SYSCTL_HANDLER_ARGS)
  155 {
  156         int error, temp;
  157 
  158         temp = 0;
  159         error = sysctl_handle_int(oidp, &temp, 0, req);
  160         if (error)
  161                 return (error);
  162 
  163         if (req->newptr != NULL) {
  164                 if (temp) {
  165                         printf("Leaking the sched lock...\n");
  166                         mtx_lock_spin(&sched_lock);
  167                         while (1);
  168                 }
  169         }
  170         return (0);
  171 }
  172 SYSCTL_PROC(_debug, OID_AUTO, leak_schedlock, CTLTYPE_INT|CTLFLAG_RW, 0, 0,
  173     sysctl_leak_schedlock, "IU", "");
  174 
  175 /*
  176  * Drop into the debugger by sending an IPI NMI to the boot processor.
  177  */
  178 static void
  179 watchdog_ipi_nmi(void)
  180 {
  181 
  182         /*
  183          * Deliver NMI to the boot processor.  Why not?
  184          */
  185         lapic_ipi_raw(APIC_DEST_DESTFLD | APIC_TRIGMOD_EDGE |
  186             APIC_LEVEL_ASSERT | APIC_DESTMODE_PHY | APIC_DELMODE_NMI,
  187             boot_cpu_id);
  188         lapic_ipi_wait(-1);
  189 }
  190 
  191 /*
  192  * ap_watchdog() is called by the SMP idle loop code.  It works on the same
  193  * premise that the disabling of logical processors does: that if the cpu is
  194  * idle, then it can ignore the world from then on, as nothing will be
  195  * scheduled on it.  Leaving aside multi-runqueue schedulers (SCHED_ULE) and
  196  * explicit process migration (sched_bind()), this is not an unreasonable
  197  * assumption.
  198  */
  199 void
  200 ap_watchdog(u_int cpuid)
  201 {
  202         char old_pcomm[MAXCOMLEN + 1];
  203         struct proc *p;
  204 
  205         if (watchdog_cpu != cpuid)
  206                 return;
  207 
  208         printf("watchdog started on cpu %d\n", cpuid);
  209         p = curproc;
  210         bcopy(p->p_comm, old_pcomm, MAXCOMLEN + 1);
  211         snprintf(p->p_comm, MAXCOMLEN + 1, "mp_watchdog cpu %d", cpuid);
  212         while (1) {
  213                 DELAY(1000000);                         /* One second. */
  214                 if (watchdog_cpu != cpuid)
  215                         break;
  216                 atomic_subtract_int(&watchdog_timer, 1);
  217                 if (watchdog_timer < 4)
  218                         printf("Watchdog timer: %d\n", watchdog_timer);
  219                 if (watchdog_timer == 0 && watchdog_dontfire == 0) {
  220                         printf("Watchdog firing!\n");
  221                         watchdog_dontfire = 1;
  222                         if (watchdog_nmi)
  223                                 watchdog_ipi_nmi();
  224                         else
  225                                 kdb_enter("mp_watchdog");
  226                 }
  227         }
  228         bcopy(old_pcomm, p->p_comm, MAXCOMLEN + 1);
  229         printf("watchdog stopped on cpu %d\n", cpuid);
  230 }

Cache object: ac97419292b92887a30e6b590b5786ab


[ source navigation ] [ diff markup ] [ identifier search ] [ freetext search ] [ file search ] [ list types ] [ track identifier ]


This page is part of the FreeBSD/Linux Linux Kernel Cross-Reference, and was automatically generated using a modified version of the LXR engine.