• Tim Hockin's avatar
    x86_64: mcelog tolerant level cleanup · bd78432c
    Tim Hockin authored
    Background:
     The MCE handler has several paths that it can take, depending on various
     conditions of the MCE status and the value of the 'tolerant' knob.  The
     exact semantics are not well defined and the code is a bit twisty.
    
    Description:
     This patch makes the MCE handler's behavior more clear by documenting the
     behavior for various 'tolerant' levels.  It also fixes or enhances
     several small things in the handler.  Specifically:
         * If RIPV is set it is not safe to restart, so set the 'no way out'
           flag rather than the 'kill it' flag.
         * Don't panic() on correctable MCEs.
         * If the _OVER bit is set *and* the _UC bit is set (meaning possibly
           dropped uncorrected errors), set the 'no way out' flag.
         * Use EIPV for testing whether an app can be killed (SIGBUS) rather
           than RIPV.  According to docs, EIPV indicates that the error is
           related to the IP, while RIPV simply means the IP is valid to
           restart from.
         * Don't clear the MCi_STATUS registers until after the panic() path.
           This leaves the status bits set after the panic() so clever BIOSes
           can find them (and dumb BIOSes can do nothing).
    
     This patch also calls nonseekable_open() in mce_open (as suggested by akpm).
    
    Result:
     Tolerant levels behave almost identically to how they always have, but
     not it's well defined.  There's a slightly higher chance of panic()ing
     when multiple errors happen (a good thing, IMHO).  If you take an MBE and
     panic(), the error status bits are not cleared.
    
    Alternatives:
     None.
    
    Testing:
     I used software to inject correctable and uncorrectable errors.  With
     tolerant = 3, the system usually survives.  With tolerant = 2, the system
     usually panic()s (PCC) but not always.  With tolerant = 1, the system
     always panic()s.  When the system panic()s, the BIOS is able to detect
     that the cause of death was an MC4.  I was not able to reproduce the
     case of a non-PCC error in userspace, with EIPV, with (tolerant < 3).
     That will be rare at best.
    Signed-off-by: default avatarTim Hockin <thockin@google.com>
    Signed-off-by: default avatarAndrew Morton <akpm@linux-foundation.org>
    Signed-off-by: default avatarAndi Kleen <ak@suse.de>
    Signed-off-by: default avatarLinus Torvalds <torvalds@linux-foundation.org>
    bd78432c
boot-options.txt 11.6 KB