From: Zhi Wang <zhiw@nvidia.com>
To: Danilo Krummrich <dakr@kernel.org>
Cc: <rust-for-linux@vger.kernel.org>, <bhelgaas@google.com>,
<kwilczynski@kernel.org>, <ojeda@kernel.org>,
<alex.gaynor@gmail.com>, <boqun.feng@gmail.com>,
<gary@garyguo.net>, <bjorn3_gh@protonmail.com>,
<lossin@kernel.org>, <a.hindborg@kernel.org>,
<aliceryhl@google.com>, <tmgross@umich.edu>,
<linux-pci@vger.kernel.org>, <linux-kernel@vger.kernel.org>,
<cjia@nvidia.com>, <smitra@nvidia.com>, <ankita@nvidia.com>,
<aniketa@nvidia.com>, <kwankhede@nvidia.com>,
<targupta@nvidia.com>, <zhiwang@kernel.org>,
<acourbot@nvidia.com>, <joelagnelf@nvidia.com>,
<jhubbard@nvidia.com>, <markus.probst@posteo.de>
Subject: Re: [RFC 0/6] rust: pci: add config space read/write support
Date: Wed, 15 Oct 2025 13:44:34 +0300 [thread overview]
Message-ID: <20251015134434.041ff777.zhiw@nvidia.com> (raw)
In-Reply-To: <DDHGOCNZJRND.129VXJYMXMCZW@kernel.org>
On Mon, 13 Oct 2025 22:02:55 +0200
"Danilo Krummrich" <dakr@kernel.org> wrote:
ditto
> > But for the "infallible" part in PCI configuration space, the device
> > can be disconnected from the PCI bus. E.g. unresponsive device. In
> > that case, the current PCI core will mark the device as
> > "disconnected" before they causes more problems and any access to
> > the configuration space will fail with an error code. This can also
> > happen on access to "infalliable" part.
> >
> > How should we handle this case in "infallible" accessors of PCI
> > configuration space? Returning Result<> seems doesn't fit the
> > concept of "infallible", but causing a rust panic seems overkill...
>
> Panics are for the "the machine is unrecoverably dead" case, this
> clearly isn't one of them. :)
>
> I think we should do the same as with "normal" MMIO and just return
> the value, i.e. all bits set (PCI_ERROR_RESPONSE).
>
> The window between physical unplug and the driver core unbinds the
> driver should be pretty small and drivers have to be able to deal
> with garbage values read from registers anyways.
>
Was thinking about this these days. Panic seems overkill. Given the
current semantics of "infallible" (non-try) and "fallible" (try) is
decided by the driver, I think we can do the same for PCI configuration
space with the case of "PCI device could be disconnected".
- We implement both for PCI configuration space.
- The driver decides to use "non-try" or "try" according to the device
characteristic. E.g. if the device is simple, hardly to be
unresponsive, not supporting hotplug, or the driver is in a context
that the device is surely responsive. The driver can be confident
to use the "infallible" version and tolerate garbage values in the
rare situation. Otherwise the driver can use "faillble" version to
capture the error code if it is sure the device can sometimes be
unresponsive.
> If we really want to handle it, you can only implement the try_*()
> methods and for the non-try_*() methods throw a compile time error,
> but I don't see a reason for that.
prev parent reply other threads:[~2025-10-15 10:45 UTC|newest]
Thread overview: 11+ messages / expand[flat|nested] mbox.gz Atom feed top
2025-10-10 8:03 [RFC 0/6] rust: pci: add config space read/write support Zhi Wang
2025-10-10 8:03 ` [RFC 1/6] rust: io: refactor Io<SIZE> helpers into IoRegion trait Zhi Wang
2025-10-10 8:03 ` [RFC 2/6] rust: io: factor out MMIO read/write macros Zhi Wang
2025-10-10 8:03 ` [RFC 3/6] rust: pci: add a helper to query configuration space size Zhi Wang
2025-10-10 8:03 ` [RFC 4/6] rust: pci: add config space read/write support Zhi Wang
2025-10-10 8:03 ` [RFC 5/6] rust: pci: add helper to find extended capability Zhi Wang
2025-10-10 8:03 ` [RFC 6/6] [!UPSTREAM] nova-core: test configuration routine Zhi Wang
2025-10-13 15:39 ` [RFC 0/6] rust: pci: add config space read/write support Danilo Krummrich
2025-10-13 18:25 ` Zhi Wang
2025-10-13 20:02 ` Danilo Krummrich
2025-10-15 10:44 ` Zhi Wang [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20251015134434.041ff777.zhiw@nvidia.com \
--to=zhiw@nvidia.com \
--cc=a.hindborg@kernel.org \
--cc=acourbot@nvidia.com \
--cc=alex.gaynor@gmail.com \
--cc=aliceryhl@google.com \
--cc=aniketa@nvidia.com \
--cc=ankita@nvidia.com \
--cc=bhelgaas@google.com \
--cc=bjorn3_gh@protonmail.com \
--cc=boqun.feng@gmail.com \
--cc=cjia@nvidia.com \
--cc=dakr@kernel.org \
--cc=gary@garyguo.net \
--cc=jhubbard@nvidia.com \
--cc=joelagnelf@nvidia.com \
--cc=kwankhede@nvidia.com \
--cc=kwilczynski@kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-pci@vger.kernel.org \
--cc=lossin@kernel.org \
--cc=markus.probst@posteo.de \
--cc=ojeda@kernel.org \
--cc=rust-for-linux@vger.kernel.org \
--cc=smitra@nvidia.com \
--cc=targupta@nvidia.com \
--cc=tmgross@umich.edu \
--cc=zhiwang@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).