Author: imp
Date: Mon Sep 2 17:11:32 2019
New Revision: 351706
URL: https://svnweb.freebsd.org/changeset/base/351706
Log:
In nvme_completion_poll, add a sanity check to make sure that we complete the
polling within a second. Panic if we don't. All the commands that use this
interface should typically complete within a few tens to hundreds of
microseconds. Panic rather than return ETIMEDOUT because if the command
somehow
does later complete, it will randomly corrupt memory. Also, it helps to get a
traceback from where the unexpected failure happens, rather than an infinite
loop.
Modified:
head/sys/dev/nvme/nvme_private.h
Modified: head/sys/dev/nvme/nvme_private.h
==============================================================================
--- head/sys/dev/nvme/nvme_private.h Mon Sep 2 17:11:27 2019
(r351705)
+++ head/sys/dev/nvme/nvme_private.h Mon Sep 2 17:11:32 2019
(r351706)
@@ -446,12 +446,24 @@ int nvme_attach(device_t dev);
int nvme_shutdown(device_t dev);
int nvme_detach(device_t dev);
+/*
+ * Wait for a command to complete using the nvme_completion_poll_cb.
+ * Used in limited contexts where the caller knows it's OK to block
+ * briefly while the command runs. The ISR will run the callback which
+ * will set status->done to true.usually within microseconds. A 1s
+ * pause means something is seriously AFU and we should panic to
+ * provide the proper context to diagnose.
+ */
static __inline
void
nvme_completion_poll(struct nvme_completion_poll_status *status)
{
- while (!atomic_load_acq_int(&status->done))
+ int sanity = hz * 1;
+
+ while (!atomic_load_acq_int(&status->done) && --sanity > 0)
pause("nvme", 1);
+ if (sanity <= 0)
+ panic("NVME polled command failed to complete within 1s.");
}
static __inline void
_______________________________________________
svn-src-head@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-head
To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"
