Commit 4f84e4be authored by Joshua Wise's avatar Joshua Wise Committed by Linus Torvalds

x86_64: fix misplaced `continue' in mce.c

Background:
  When a userspace application wants to know about machine check events, it
  opens /dev/mcelog and does a read(). Usually, we found that this interface
  works well, but in some cases, when the system was taking large numbers of
  machine check exceptions, the read() would hang. The system would output a
  soft-lockup warning, and the daemon reading from /dev/mcelog would suck up
  as much of a single CPU as it could spinning in system space.

Description:
  This patch fixes this bug. In particular, there was a "continue" inside a
  timeout loop that presumably was intended to break out of the outer loop,
  but instead caused the inner loop to continue. This patch also makes the
  condition for the break-out a little more evident by changing a
  !time_before to a time_after_eq.

Result:
  The read() no longer hangs in this test case.

Testing:
  On my system, I could replicate the bug with the following command:
    # for i in `seq 15000`; do ./inject_sbe.sh; done
  where inject_sbe.sh contains commands to inject a single-bit error into the
  next memory write transaction.

Patch:
  This patch is against git f1518a08.
Signed-off-by: default avatarJoshua Wise <jwise@google.com>
Signed-off-by: default avatarTim Hockin <thockin@google.com>
Cc: Andi Kleen <ak@suse.de>
Signed-off-by: default avatarAndrew Morton <akpm@linux-foundation.org>
Signed-off-by: default avatarLinus Torvalds <torvalds@linux-foundation.org>
parent d8aaf121
...@@ -497,15 +497,17 @@ static ssize_t mce_read(struct file *filp, char __user *ubuf, size_t usize, loff ...@@ -497,15 +497,17 @@ static ssize_t mce_read(struct file *filp, char __user *ubuf, size_t usize, loff
for (i = 0; i < next; i++) { for (i = 0; i < next; i++) {
unsigned long start = jiffies; unsigned long start = jiffies;
while (!mcelog.entry[i].finished) { while (!mcelog.entry[i].finished) {
if (!time_before(jiffies, start + 2)) { if (time_after_eq(jiffies, start + 2)) {
memset(mcelog.entry + i,0, sizeof(struct mce)); memset(mcelog.entry + i,0, sizeof(struct mce));
continue; goto timeout;
} }
cpu_relax(); cpu_relax();
} }
smp_rmb(); smp_rmb();
err |= copy_to_user(buf, mcelog.entry + i, sizeof(struct mce)); err |= copy_to_user(buf, mcelog.entry + i, sizeof(struct mce));
buf += sizeof(struct mce); buf += sizeof(struct mce);
timeout:
;
} }
memset(mcelog.entry, 0, next * sizeof(struct mce)); memset(mcelog.entry, 0, next * sizeof(struct mce));
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment