From: Johan Hovold <johan@kernel.org>
To: Daniel Vetter <daniel@ffwll.ch>
Cc: Johan Hovold <johan@kernel.org>, Rob Clark <robdclark@gmail.com>,
Sean Paul <sean@poorly.run>,
Fabien Dessenne <fabien.dessenne@st.com>,
Mauro Carvalho Chehab <mchehab@kernel.org>,
Harald Freudenberger <freude@linux.ibm.com>,
David Airlie <airlied@linux.ie>,
Heiko Carstens <heiko.carstens@de.ibm.com>,
Vasily Gorbik <gor@linux.ibm.com>,
Christian Borntraeger <borntraeger@de.ibm.com>,
linux-arm-msm@vger.kernel.org, dri-devel@lists.freedesktop.org,
freedreno@lists.freedesktop.org, linux-kernel@vger.kernel.org,
linux-media@vger.kernel.org, linux-s390@vger.kernel.org,
Greg Kroah-Hartman <gregkh@linuxfoundation.org>,
Al Viro <viro@zeniv.linux.org.uk>
Subject: Re: [PATCH 0/4] treewide: fix interrupted release
Date: Mon, 21 Oct 2019 11:55:00 +0200 [thread overview]
Message-ID: <20191021095500.GE24768@localhost> (raw)
In-Reply-To: <20191015140726.GN11828@phenom.ffwll.local>
On Tue, Oct 15, 2019 at 04:07:26PM +0200, Daniel Vetter wrote:
> On Mon, Oct 14, 2019 at 06:13:26PM +0200, Johan Hovold wrote:
> > On Mon, Oct 14, 2019 at 10:48:47AM +0200, Daniel Vetter wrote:
> > > Do you have a legit usecase for interruptible sleeps in fops->release?
> >
> > The tty layer depends on this for example when waiting for buffered
> > writes to complete (something which may never happen when using flow
> > control).
> >
> > > I'm not even sure killable is legit in there, since it's an fd, not a
> > > process context ...
> >
> > It will be run in process context in many cases, and for ttys we're good
> > AFAICT.
>
> Huh, read it a bit, all the ->shutdown callbacks have void return type.
> But there's indeed interruptible sleeps in there. Doesn't this break
> userspace that expects that a close() actually flushes the tty?
This behaviour has been there since "forever" so the problem is rather
the other way round; changing it now might break user space.
> Imo if you're ->release callbacks feels like it should do a wait to
> guaranteed something userspace expects, then doing a
> wait_interruptible/killable feels like a bug. Or alternatively, the wait
> isn't really needed in the first place.
Posix says that the final tty close should cause any output to be sent.
And as mentioned before, due to flow control this may never finish. So
for usability reasons, you want to be able to interrupt that final
close, while removing the flush completely would break applications
currently expecting output to be flushed.
Also note that we have an interface for controlling how long to wait for
data to be sent (typically 30 s by default, but can be set to wait
forever).
> > > > The return value from release() is ignored by vfs, and adding a splat in
> > > > __fput() to catch these buggy drivers might be overkill.
> > >
> > > Ime once you have a handful of instances of a broken pattern, creating a
> > > check for it (under a debug option only ofc) is very much justified.
> > > Otherwise they just come back to life like the undead, all the time. And
> > > there's a _lot_ of fops->release callbacks in the kernel.
> >
> > Yeah, you have a point.
> >
> > But take tty again as an example, the close tty operation called from
> > release() is declared void so there's no propagated return value for vfs
> > to check.
> >
> > It may even be better to fix up the 100 or so callbacks potentially
> > returning non-zero and make fops->release void so that the compiler
> > would help us catch any future bugs and also serve as a hint for
> > developers that returning errnos from fops->release is probably not
> > what you want to do.
> >
> > But that's a lot of churn of course.
>
> Hm indeed ->release has int as return type. I guess that's needed for
> file I/O errno and similar stuff ...
>
> Still void return value doesn't catch funny stuff like doing interruptible
> waits and occasionally failing if you have a process that likes to use
> signals and also uses some library somewhere to do something. In graphics
> we have that, with Xorg loving signals for various things.
Right, but since there arguable are legitimate uses for interruptible
sleep at release(), I don't see how we can catch that at runtime.
Johan
WARNING: multiple messages have this Message-ID (diff)
From: Johan Hovold <johan-DgEjT+Ai2ygdnm+yROfE0A@public.gmane.org>
To: Daniel Vetter <daniel-/w4YWyX8dFk@public.gmane.org>
Cc: Al Viro <viro-RmSDqhL/yNMiFSDQTTA3OLVCufUGDwFn@public.gmane.org>,
freedreno-PD4FTy7X32lNgt0PjOBp9y5qC8QIuHrW@public.gmane.org,
Vasily Gorbik <gor-tEXmvtCZX7AybS5Ee8rs3A@public.gmane.org>,
linux-s390-u79uwXL29TY76Z2rM5mHXA@public.gmane.org,
David Airlie <airlied-cv59FeDIM0c@public.gmane.org>,
linux-arm-msm-u79uwXL29TY76Z2rM5mHXA@public.gmane.org,
Heiko Carstens
<heiko.carstens-tA70FqPdS9bQT0dZR+AlfA@public.gmane.org>,
Johan Hovold <johan-DgEjT+Ai2ygdnm+yROfE0A@public.gmane.org>,
Fabien Dessenne <fabien.dessenne-qxv4g6HH51o@public.gmane.org>,
linux-kernel-u79uwXL29TY76Z2rM5mHXA@public.gmane.org,
Christian Borntraeger
<borntraeger-tA70FqPdS9bQT0dZR+AlfA@public.gmane.org>,
Rob Clark <robdclark-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org>,
Harald Freudenberger
<freude-tEXmvtCZX7AybS5Ee8rs3A@public.gmane.org>,
dri-devel-PD4FTy7X32lNgt0PjOBp9y5qC8QIuHrW@public.gmane.org,
Greg Kroah-Hartman
<gregkh-hQyY1W1yCW8ekmWlsbkhG0B+6BGkLq7r@public.gmane.org>,
Mauro Carvalho Chehab
<mchehab-DgEjT+Ai2ygdnm+yROfE0A@public.gmane.org>,
Sean Paul <sean-p7yTbzM4H96eqtR555YLDQ@public.gmane.org>,
linux-media-u79uwXL29TY76Z2rM5mHXA@public.gmane.org
Subject: Re: [PATCH 0/4] treewide: fix interrupted release
Date: Mon, 21 Oct 2019 11:55:00 +0200 [thread overview]
Message-ID: <20191021095500.GE24768@localhost> (raw)
In-Reply-To: <20191015140726.GN11828-dv86pmgwkMBes7Z6vYuT8azUEOm+Xw19@public.gmane.org>
On Tue, Oct 15, 2019 at 04:07:26PM +0200, Daniel Vetter wrote:
> On Mon, Oct 14, 2019 at 06:13:26PM +0200, Johan Hovold wrote:
> > On Mon, Oct 14, 2019 at 10:48:47AM +0200, Daniel Vetter wrote:
> > > Do you have a legit usecase for interruptible sleeps in fops->release?
> >
> > The tty layer depends on this for example when waiting for buffered
> > writes to complete (something which may never happen when using flow
> > control).
> >
> > > I'm not even sure killable is legit in there, since it's an fd, not a
> > > process context ...
> >
> > It will be run in process context in many cases, and for ttys we're good
> > AFAICT.
>
> Huh, read it a bit, all the ->shutdown callbacks have void return type.
> But there's indeed interruptible sleeps in there. Doesn't this break
> userspace that expects that a close() actually flushes the tty?
This behaviour has been there since "forever" so the problem is rather
the other way round; changing it now might break user space.
> Imo if you're ->release callbacks feels like it should do a wait to
> guaranteed something userspace expects, then doing a
> wait_interruptible/killable feels like a bug. Or alternatively, the wait
> isn't really needed in the first place.
Posix says that the final tty close should cause any output to be sent.
And as mentioned before, due to flow control this may never finish. So
for usability reasons, you want to be able to interrupt that final
close, while removing the flush completely would break applications
currently expecting output to be flushed.
Also note that we have an interface for controlling how long to wait for
data to be sent (typically 30 s by default, but can be set to wait
forever).
> > > > The return value from release() is ignored by vfs, and adding a splat in
> > > > __fput() to catch these buggy drivers might be overkill.
> > >
> > > Ime once you have a handful of instances of a broken pattern, creating a
> > > check for it (under a debug option only ofc) is very much justified.
> > > Otherwise they just come back to life like the undead, all the time. And
> > > there's a _lot_ of fops->release callbacks in the kernel.
> >
> > Yeah, you have a point.
> >
> > But take tty again as an example, the close tty operation called from
> > release() is declared void so there's no propagated return value for vfs
> > to check.
> >
> > It may even be better to fix up the 100 or so callbacks potentially
> > returning non-zero and make fops->release void so that the compiler
> > would help us catch any future bugs and also serve as a hint for
> > developers that returning errnos from fops->release is probably not
> > what you want to do.
> >
> > But that's a lot of churn of course.
>
> Hm indeed ->release has int as return type. I guess that's needed for
> file I/O errno and similar stuff ...
>
> Still void return value doesn't catch funny stuff like doing interruptible
> waits and occasionally failing if you have a process that likes to use
> signals and also uses some library somewhere to do something. In graphics
> we have that, with Xorg loving signals for various things.
Right, but since there arguable are legitimate uses for interruptible
sleep at release(), I don't see how we can catch that at runtime.
Johan
_______________________________________________
Freedreno mailing list
Freedreno@lists.freedesktop.org
https://lists.freedesktop.org/mailman/listinfo/freedreno
next prev parent reply other threads:[~2019-10-21 9:54 UTC|newest]
Thread overview: 31+ messages / expand[flat|nested] mbox.gz Atom feed top
2019-10-10 13:13 [PATCH 0/4] treewide: fix interrupted release Johan Hovold
2019-10-10 13:13 ` [PATCH 1/4] drm/msm: fix memleak on release Johan Hovold
2019-10-30 10:01 ` Johan Hovold
2019-10-30 10:01 ` Johan Hovold
2019-10-30 10:01 ` Johan Hovold
2019-11-12 10:40 ` Johan Hovold
2019-11-12 10:40 ` Johan Hovold
2019-11-12 14:01 ` Daniel Vetter
2019-11-12 14:01 ` Daniel Vetter
2019-11-12 16:32 ` Rob Clark
2019-11-12 16:32 ` Rob Clark
2019-11-12 20:42 ` Sean Paul
2019-11-12 20:42 ` Sean Paul
2019-11-12 20:42 ` Sean Paul
2019-10-10 13:13 ` [PATCH 2/4] media: bdisp: " Johan Hovold
2019-10-10 13:13 ` Johan Hovold
2019-10-10 14:07 ` Fabien DESSENNE
2019-10-10 13:13 ` [PATCH 3/4] media: radio: wl1273: fix interrupt masking " Johan Hovold
2019-10-10 13:13 ` [PATCH 4/4] s390/zcrypt: fix memleak at release Johan Hovold
2019-10-10 13:13 ` Johan Hovold
2019-10-14 6:18 ` Heiko Carstens
2019-10-10 13:50 ` [PATCH 0/4] treewide: fix interrupted release Daniel Vetter
2019-10-10 13:50 ` Daniel Vetter
2019-10-11 9:36 ` Johan Hovold
2019-10-11 9:36 ` Johan Hovold
2019-10-14 8:48 ` Daniel Vetter
2019-10-14 16:13 ` Johan Hovold
2019-10-15 14:07 ` Daniel Vetter
2019-10-15 14:07 ` Daniel Vetter
2019-10-21 9:55 ` Johan Hovold [this message]
2019-10-21 9:55 ` Johan Hovold
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20191021095500.GE24768@localhost \
--to=johan@kernel.org \
--cc=airlied@linux.ie \
--cc=borntraeger@de.ibm.com \
--cc=daniel@ffwll.ch \
--cc=dri-devel@lists.freedesktop.org \
--cc=fabien.dessenne@st.com \
--cc=freedreno@lists.freedesktop.org \
--cc=freude@linux.ibm.com \
--cc=gor@linux.ibm.com \
--cc=gregkh@linuxfoundation.org \
--cc=heiko.carstens@de.ibm.com \
--cc=linux-arm-msm@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-media@vger.kernel.org \
--cc=linux-s390@vger.kernel.org \
--cc=mchehab@kernel.org \
--cc=robdclark@gmail.com \
--cc=sean@poorly.run \
--cc=viro@zeniv.linux.org.uk \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.