From: Andreas Hindborg <a.hindborg@kernel.org>
To: "Thomas Gleixner" <tglx@linutronix.de>
Cc: "Miguel Ojeda" <ojeda@kernel.org>,
"Anna-Maria Behnsen" <anna-maria@linutronix.de>,
"Frederic Weisbecker" <frederic@kernel.org>,
"Danilo Krummrich" <dakr@kernel.org>,
"Alex Gaynor" <alex.gaynor@gmail.com>,
"Boqun Feng" <boqun.feng@gmail.com>,
"Gary Guo" <gary@garyguo.net>,
"Björn Roy Baron" <bjorn3_gh@protonmail.com>,
"Benno Lossin" <benno.lossin@proton.me>,
"Alice Ryhl" <aliceryhl@google.com>,
"Trevor Gross" <tmgross@umich.edu>,
"Lyude Paul" <lyude@redhat.com>,
"Guangbo Cui" <2407018371@qq.com>,
"Dirk Behme" <dirk.behme@gmail.com>,
"Daniel Almeida" <daniel.almeida@collabora.com>,
"Tamir Duberstein" <tamird@gmail.com>,
rust-for-linux@vger.kernel.org, linux-kernel@vger.kernel.org
Subject: Re: [PATCH v9 01/13] rust: hrtimer: introduce hrtimer support
Date: Thu, 27 Feb 2025 11:44:51 +0100 [thread overview]
Message-ID: <87bjunr7j0.fsf@kernel.org> (raw)
In-Reply-To: <87o6yneqkz.ffs@tglx> (Thomas Gleixner's message of "Thu, 27 Feb 2025 09:31:40 +0100")
"Thomas Gleixner" <tglx@linutronix.de> writes:
> On Mon, Feb 24 2025 at 13:03, Andreas Hindborg wrote:
>> This patch adds support for intrusive use of the hrtimer system. For
>> now,
>
> git grep 'This patch' Documentation/process/
I was made aware and have change the mood to imperative for next spin.
>
>> only one timer can be embedded in a Rust struct.
>>
>> +//! ## State Diagram
>> +//!
>> +//! ```text
>> +//! Return NoRestart
>> +//! +---------------------------------------------------------------------+
>> +//! | |
>> +//! | |
>> +//! | |
>> +//! | Return Restart |
>> +//! | +------------------------+ |
>> +//! | | | |
>> +//! | | | |
>> +//! v v | |
>> +//! +-----------------+ Start +------------------+ +--------+-----+--+
>> +//! | +---------------->| | | |
>> +//! Init | | | | Expire | |
>> +//! --------->| Stopped | | Started +---------->| Running |
>> +//! | | Cancel | | | |
>> +//! | |<----------------+ | | |
>> +//! +-----------------+ +---------------+--+ +-----------------+
>> +//! ^ |
>> +//! | |
>> +//! +---------+
>> +//! Restart
>> +//! ```
>> +//!
>> +//!
>> +//! A timer is initialized in the **stopped** state. A stopped timer can be
>> +//! **started** by the `start` operation, with an **expiry** time. After the
>> +//! `start` operation, the timer is in the **started** state. When the timer
>> +//! **expires**, the timer enters the **running** state and the handler is
>> +//! executed. After the handler has finished executing, the timer may enter the
>> +//! **started* or **stopped** state, depending on the return value of the
>> +//! handler. A running timer can be **canceled** by the `cancel` operation. A
>> +//! timer that is cancelled enters the **stopped** state.
>> +//!
>> +//! A `cancel` or `restart` operation on a timer in the **running** state takes
>> +//! effect after the handler has finished executing and the timer has transitioned
>> +//! out of the **running** state.
>> +//!
>> +//! A `restart` operation on a timer in the **stopped** state is equivalent to a
>> +//! `start` operation.
>
> Nice explanation!
Thanks.
>
>> + /// Cancel an initialized and potentially running timer.
>> + ///
>> + /// If the timer handler is running, this will block until the handler is
>> + /// finished.
>> + ///
>> + /// Users of the `HrTimer` API would not usually call this method directly.
>> + /// Instead they would use the safe [`HrTimerHandle::cancel`] on the handle
>> + /// returned when the timer was started.
>> + ///
>> + /// This function does not create any references.
>> + ///
>> + /// # Safety
>> + ///
>> + /// `self_ptr` must point to a valid `Self`.
>> + #[allow(dead_code)]
>> + pub(crate) unsafe fn raw_cancel(self_ptr: *const Self) -> bool {
>> + // SAFETY: timer_ptr points to an allocation of at least `HrTimer` size.
>> + let c_timer_ptr = unsafe { HrTimer::raw_get(self_ptr) };
>> +
>> + // If the handler is running, this will wait for the handler to finish
>> + // before returning.
>> + // SAFETY: `c_timer_ptr` is initialized and valid. Synchronization is
>> + // handled on C side.
>
> You might want to be more explicit about the provided synchronization.
> The hrtimer core only guarantees that operations on the hrtimer object
> are strictly serialized. But it does not provide any guarantee about
> external concurrency. The following case cannot be handled by the core:
>
> T0 T1
> cancel() start()
> lock()
> .... lock() <- contended
> dequeue()
> unlock()
> enqueue()
> unlock()
>
> So there is no guarantee for T0 that the timer is actually canceled in
> this case. The hrtimer core can do nothing about this, that's a problem
> of the call sites.
Right, this was also my understanding. I can add a note about this race.
> We've implemented timer_shutdown() for the timer wheel timers, which
> prevents that the timer can be started after shutdown() succeeds. It
> might be a good thing to implement this for hrtimers as well.
Sounds like that would be useful.
Best regards,
Andreas Hindborg
next prev parent reply other threads:[~2025-02-27 11:18 UTC|newest]
Thread overview: 69+ messages / expand[flat|nested] mbox.gz Atom feed top
2025-02-24 12:03 [PATCH v9 00/13] hrtimer Rust API Andreas Hindborg
2025-02-24 12:03 ` [PATCH v9 01/13] rust: hrtimer: introduce hrtimer support Andreas Hindborg
2025-02-24 13:19 ` Andreas Hindborg
2025-02-24 15:46 ` Boqun Feng
2025-02-24 16:23 ` Miguel Ojeda
2025-02-24 16:31 ` Boqun Feng
2025-02-24 16:45 ` Miguel Ojeda
2025-02-24 17:01 ` Boqun Feng
2025-02-24 18:58 ` Andreas Hindborg
2025-02-24 19:18 ` Boqun Feng
2025-02-24 19:52 ` Andreas Hindborg
2025-02-24 20:22 ` Boqun Feng
2025-02-25 5:50 ` Andreas Hindborg
2025-02-26 16:31 ` Frederic Weisbecker
2025-02-26 19:41 ` Andreas Hindborg
2025-02-24 20:04 ` Tamir Duberstein
2025-02-25 8:52 ` Andreas Hindborg
2025-02-25 15:37 ` Tamir Duberstein
2025-02-25 19:12 ` Andreas Hindborg
2025-02-25 20:13 ` Tamir Duberstein
2025-02-26 11:48 ` Andreas Hindborg
2025-02-26 15:29 ` Tamir Duberstein
2025-03-07 9:09 ` Andreas Hindborg
2025-02-25 11:36 ` Markus Elfring
2025-02-25 12:13 ` Andreas Hindborg
2025-02-27 8:31 ` Thomas Gleixner
2025-02-27 10:44 ` Andreas Hindborg [this message]
2025-02-24 12:03 ` [PATCH v9 02/13] rust: sync: add `Arc::as_ptr` Andreas Hindborg
2025-02-24 12:03 ` [PATCH v9 03/13] rust: hrtimer: implement `HrTimerPointer` for `Arc` Andreas Hindborg
2025-02-24 23:13 ` Lyude Paul
2025-02-24 12:03 ` [PATCH v9 04/13] rust: hrtimer: allow timer restart from timer handler Andreas Hindborg
2025-02-24 23:23 ` Lyude Paul
2025-02-25 8:58 ` Andreas Hindborg
2025-02-25 21:46 ` Lyude Paul
2025-02-26 13:43 ` Andreas Hindborg
2025-02-26 19:26 ` Lyude Paul
2025-02-24 12:03 ` [PATCH v9 05/13] rust: hrtimer: add `UnsafeHrTimerPointer` Andreas Hindborg
2025-02-24 23:24 ` Lyude Paul
2025-02-24 12:03 ` [PATCH v9 06/13] rust: hrtimer: add `hrtimer::ScopedHrTimerPointer` Andreas Hindborg
2025-02-24 23:25 ` Lyude Paul
2025-02-24 12:03 ` [PATCH v9 07/13] rust: hrtimer: implement `UnsafeHrTimerPointer` for `Pin<&T>` Andreas Hindborg
2025-02-24 23:32 ` Lyude Paul
2025-02-25 9:01 ` Andreas Hindborg
2025-02-24 12:03 ` [PATCH v9 08/13] rust: hrtimer: implement `UnsafeHrTimerPointer` for `Pin<&mut T>` Andreas Hindborg
2025-02-24 23:33 ` Lyude Paul
2025-02-24 12:03 ` [PATCH v9 09/13] rust: alloc: add `Box::into_pin` Andreas Hindborg
2025-02-24 23:34 ` Lyude Paul
2025-02-24 12:03 ` [PATCH v9 10/13] rust: hrtimer: implement `HrTimerPointer` for `Pin<Box<T>>` Andreas Hindborg
2025-02-24 23:37 ` Lyude Paul
2025-02-24 12:03 ` [PATCH v9 11/13] rust: hrtimer: add `HrTimerMode` Andreas Hindborg
2025-02-24 23:40 ` Lyude Paul
2025-02-25 9:04 ` Andreas Hindborg
2025-02-25 21:49 ` Lyude Paul
2025-02-24 12:03 ` [PATCH v9 12/13] rust: hrtimer: add clocksource selection through `ClockSource` Andreas Hindborg
2025-02-24 23:42 ` Lyude Paul
2025-02-27 9:11 ` Thomas Gleixner
2025-02-27 9:24 ` Thomas Gleixner
2025-02-27 11:18 ` Andreas Hindborg
2025-02-27 14:22 ` Thomas Gleixner
2025-02-27 16:03 ` Andreas Hindborg
2025-02-24 12:03 ` [PATCH v9 13/13] rust: hrtimer: add maintainer entry Andreas Hindborg
2025-02-24 15:44 ` Boqun Feng
2025-02-26 16:17 ` Frederic Weisbecker
2025-02-26 19:42 ` Andreas Hindborg
2025-02-26 19:49 ` Lyude Paul
2025-02-26 21:08 ` Andreas Hindborg
2025-02-27 9:12 ` Thomas Gleixner
2025-02-27 10:45 ` Andreas Hindborg
2025-02-24 23:43 ` Lyude Paul
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=87bjunr7j0.fsf@kernel.org \
--to=a.hindborg@kernel.org \
--cc=2407018371@qq.com \
--cc=alex.gaynor@gmail.com \
--cc=aliceryhl@google.com \
--cc=anna-maria@linutronix.de \
--cc=benno.lossin@proton.me \
--cc=bjorn3_gh@protonmail.com \
--cc=boqun.feng@gmail.com \
--cc=dakr@kernel.org \
--cc=daniel.almeida@collabora.com \
--cc=dirk.behme@gmail.com \
--cc=frederic@kernel.org \
--cc=gary@garyguo.net \
--cc=linux-kernel@vger.kernel.org \
--cc=lyude@redhat.com \
--cc=ojeda@kernel.org \
--cc=rust-for-linux@vger.kernel.org \
--cc=tamird@gmail.com \
--cc=tglx@linutronix.de \
--cc=tmgross@umich.edu \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox