From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-2.0 required=3.0 tests=DKIM_INVALID,DKIM_SIGNED, HEADER_FROM_DIFFERENT_DOMAINS,MAILING_LIST_MULTI,SPF_HELO_NONE,SPF_PASS, URIBL_BLOCKED,USER_AGENT_SANE_1 autolearn=no autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id DD392ECE58F for ; Tue, 15 Oct 2019 14:07:35 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by mail.kernel.org (Postfix) with ESMTP id AD85021A49 for ; Tue, 15 Oct 2019 14:07:35 +0000 (UTC) Authentication-Results: mail.kernel.org; dkim=fail reason="signature verification failed" (1024-bit key) header.d=ffwll.ch header.i=@ffwll.ch header.b="NPijPlHE" Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1732313AbfJOOHe (ORCPT ); Tue, 15 Oct 2019 10:07:34 -0400 Received: from mail-ed1-f67.google.com ([209.85.208.67]:44888 "EHLO mail-ed1-f67.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1732435AbfJOOHe (ORCPT ); Tue, 15 Oct 2019 10:07:34 -0400 Received: by mail-ed1-f67.google.com with SMTP id r16so18119784edq.11 for ; Tue, 15 Oct 2019 07:07:30 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ffwll.ch; s=google; h=sender:date:from:to:cc:subject:message-id:mail-followup-to :references:mime-version:content-disposition:in-reply-to:user-agent; bh=qNZCwssE+agkEqCxaKtKVtylCGvXFSXX5DhiQKaIXpg=; b=NPijPlHE9mOZETSF+T0qFTrnynppESRm1hPk8m15z6BtFKp/f35nb6fP0AtxA+vICD JOWnOXgGumAnnyCgoxgqcArGuemzJeDfqPdA4LYis0/rmWoNPx8t+Aa38BhPM8yc5J1y jTOJ95BLBFELDrUekBUcpVOI1TGYpw9L5o3bg= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:sender:date:from:to:cc:subject:message-id :mail-followup-to:references:mime-version:content-disposition :in-reply-to:user-agent; bh=qNZCwssE+agkEqCxaKtKVtylCGvXFSXX5DhiQKaIXpg=; b=VGSxGfi5H1gmTrAucV+OlBSf7mbalvwc4k1NmxrRrYQI7hs5VDRKZS/g5En47TWx9j xUMfGF7NTc7a/XaGRHKeMjBNRH7hDE+arJi7CDdGBh5h/rsn4lk3v5s7YUqdLOOR0dJ/ lPvgLdvRgjzkFNzUI5XmqTT2VUi9XtZrQ6wobVlOb++HuYUtaYM2yK4M75YWDZyMm53X T4Dhm+zSVUN12MPYeTiBCY8UmvsHYcdKo4qpuIniTYz+3Z7ZwJU4Onq5FdTm25opqsoo 49rOD+7t7DLH1q9C91703cV1xnyanLx1B27D6nHrBpDkTln6S4x+ShXPePSdcdkz3RW3 8F9Q== X-Gm-Message-State: APjAAAXYJr/tFD72rGSJ3yNSqSte8bS4lbl8+P1x6T9vu/4nz+mzFrz5 7quCQn5MdaYh1JWxp3DbNvrDpgq8t6c= X-Google-Smtp-Source: APXvYqxwy4bxug6xoJIsFM59wzr8Eu7OLed7aQTfUGOfiWObU9eeM/ertrRHn6MHc5kJuwT0SZQfrw== X-Received: by 2002:a17:906:6a8e:: with SMTP id p14mr34255737ejr.137.1571148449724; Tue, 15 Oct 2019 07:07:29 -0700 (PDT) Received: from phenom.ffwll.local (212-51-149-96.fiber7.init7.net. [212.51.149.96]) by smtp.gmail.com with ESMTPSA id d2sm3745355eda.20.2019.10.15.07.07.27 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 15 Oct 2019 07:07:28 -0700 (PDT) Date: Tue, 15 Oct 2019 16:07:26 +0200 From: Daniel Vetter To: Johan Hovold Cc: Daniel Vetter , Rob Clark , Sean Paul , Fabien Dessenne , Mauro Carvalho Chehab , Harald Freudenberger , David Airlie , Heiko Carstens , Vasily Gorbik , Christian Borntraeger , linux-arm-msm@vger.kernel.org, dri-devel@lists.freedesktop.org, freedreno@lists.freedesktop.org, linux-kernel@vger.kernel.org, linux-media@vger.kernel.org, linux-s390@vger.kernel.org, Greg Kroah-Hartman , Al Viro Subject: Re: [PATCH 0/4] treewide: fix interrupted release Message-ID: <20191015140726.GN11828@phenom.ffwll.local> Mail-Followup-To: Johan Hovold , Rob Clark , Sean Paul , Fabien Dessenne , Mauro Carvalho Chehab , Harald Freudenberger , David Airlie , Heiko Carstens , Vasily Gorbik , Christian Borntraeger , linux-arm-msm@vger.kernel.org, dri-devel@lists.freedesktop.org, freedreno@lists.freedesktop.org, linux-kernel@vger.kernel.org, linux-media@vger.kernel.org, linux-s390@vger.kernel.org, Greg Kroah-Hartman , Al Viro References: <20191010131333.23635-1-johan@kernel.org> <20191010135043.GA16989@phenom.ffwll.local> <20191011093633.GD27819@localhost> <20191014084847.GD11828@phenom.ffwll.local> <20191014161326.GO13531@localhost> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20191014161326.GO13531@localhost> X-Operating-System: Linux phenom 5.2.0-2-amd64 User-Agent: Mutt/1.10.1 (2018-07-13) Sender: linux-arm-msm-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-arm-msm@vger.kernel.org On Mon, Oct 14, 2019 at 06:13:26PM +0200, Johan Hovold wrote: > On Mon, Oct 14, 2019 at 10:48:47AM +0200, Daniel Vetter wrote: > > On Fri, Oct 11, 2019 at 11:36:33AM +0200, Johan Hovold wrote: > > > On Thu, Oct 10, 2019 at 03:50:43PM +0200, Daniel Vetter wrote: > > > > On Thu, Oct 10, 2019 at 03:13:29PM +0200, Johan Hovold wrote: > > > > > Two old USB drivers had a bug in them which could lead to memory leaks > > > > > if an interrupted process raced with a disconnect event. > > > > > > > > > > Turns out we had a few more driver in other subsystems with the same > > > > > kind of bug in them. > > > > > > > Random funny idea: Could we do some debug annotations (akin to > > > > might_sleep) that splats when you might_sleep_interruptible somewhere > > > > where interruptible sleeps are generally a bad idea? Like in > > > > fops->release? > > > > > > There's nothing wrong with interruptible sleep in fops->release per se, > > > it's just that drivers cannot return -ERESTARTSYS and friends and expect > > > to be called again later. > > > > Do you have a legit usecase for interruptible sleeps in fops->release? > > The tty layer depends on this for example when waiting for buffered > writes to complete (something which may never happen when using flow > control). > > > I'm not even sure killable is legit in there, since it's an fd, not a > > process context ... > > It will be run in process context in many cases, and for ttys we're good > AFAICT. Huh, read it a bit, all the ->shutdown callbacks have void return type. But there's indeed interruptible sleeps in there. Doesn't this break userspace that expects that a close() actually flushes the tty? Imo if you're ->release callbacks feels like it should do a wait to guaranteed something userspace expects, then doing a wait_interruptible/killable feels like a bug. Or alternatively, the wait isn't really needed in the first place. > > > The return value from release() is ignored by vfs, and adding a splat in > > > __fput() to catch these buggy drivers might be overkill. > > > > Ime once you have a handful of instances of a broken pattern, creating a > > check for it (under a debug option only ofc) is very much justified. > > Otherwise they just come back to life like the undead, all the time. And > > there's a _lot_ of fops->release callbacks in the kernel. > > Yeah, you have a point. > > But take tty again as an example, the close tty operation called from > release() is declared void so there's no propagated return value for vfs > to check. > > It may even be better to fix up the 100 or so callbacks potentially > returning non-zero and make fops->release void so that the compiler > would help us catch any future bugs and also serve as a hint for > developers that returning errnos from fops->release is probably not > what you want to do. > > But that's a lot of churn of course. Hm indeed ->release has int as return type. I guess that's needed for file I/O errno and similar stuff ... Still void return value doesn't catch funny stuff like doing interruptible waits and occasionally failing if you have a process that likes to use signals and also uses some library somewhere to do something. In graphics we have that, with Xorg loving signals for various things. -Daniel -- Daniel Vetter Software Engineer, Intel Corporation http://blog.ffwll.ch