Re: [PATCH] driver core: Reorder devices on successful probe

[Thierry Reding]

On Thu, Dec 03, 2020 at 07:17:30PM +0100, Rafael J. Wysocki wrote:
> On Thu, Dec 3, 2020 at 6:58 PM Thierry Reding <thierry.reding@xxxxxxxxx> wrote:
> >
> > From: Thierry Reding <treding@xxxxxxxxxx>
> >
> > Device drivers usually depend on the fact that the devices that they
> > control are suspended in the same order that they were probed in. In
> > most cases this is already guaranteed via deferred probe.
> >
> > However, there's one case where this can still break: if a device is
> > instantiated before a dependency (for example if it appears before the
> > dependency in device tree) but gets probed only after the dependency is
> > probed. Instantiation order would cause the dependency to get probed
> > later, in which case probe of the original device would be deferred and
> > the suspend/resume queue would get reordered properly. However, if the
> > dependency is provided by a built-in driver and the device depending on
> > that driver is controlled by a loadable module, which may only get
> > loaded after the root filesystem has become available, we can be faced
> > with a situation where the probe order ends up being different from the
> > suspend/resume order.
> >
> > One example where this happens is on Tegra186, where the ACONNECT is
> > listed very early in device tree (sorted by unit-address) and depends on
> > BPMP (listed very late because it has no unit-address) for power domains
> > and clocks/resets. If the ACONNECT driver is built-in, there is no
> > problem because it will be probed before BPMP, causing a probe deferral
> > and that in turn reorders the suspend/resume queue. However, if built as
> > a module, it will end up being probed after BPMP, and therefore not
> > result in a probe deferral, and therefore the suspend/resume queue will
> > stay in the instantiation order. This in turn causes problems because
> > ACONNECT will be resumed before BPMP, which will result in a hang
> > because the ACONNECT's power domain cannot be powered on as long as the
> > BPMP is still suspended.
> >
> > Fix this by always reordering devices on successful probe. This ensures
> > that the suspend/resume queue is always in probe order and hence meets
> > the natural expectations of drivers vs. their dependencies.
> >
> > Reported-by: Jonathan Hunter <jonathanh@xxxxxxxxxx>
> > Signed-off-by: Thierry Reding <treding@xxxxxxxxxx>
> 
> Saravana had submitted a very similar patch (I don't have a pointer to
> that one though) and I was against it at that time due to
> overhead-related concerns.  There still are some, but maybe that
> doesn't matter in practice.

I suspect that any overhead would be offset if we can get rid of the
deferred probe reordering and the recursive provider/consumer reordering
as discussed with Saravana in that other subthread. Even if we can't do
that, this is a one-time cost per device and therefore shouldn't have a
huge impact.

Besides, as the example above and Saravana's in the discussion in June
shows, there are certain cases where we just have no other way of doing
the sorting correctly, so I think we need this for correctness.

> Also, I kind of expect this to blow up somewhere, but since I have no
> examples ready from the top of my head, I think let's try and see, so:

I'm slightly worried about that, too. But I did give this quite a bit of
thought and I can't come up with a case where this would blow up. Maybe
the one case where this might break something is if some combination of
drivers specifically rely on the suspend/resume order to be *different*
from the probe order. That's a bit far-fetched and I would think that
either driver would have a workaround in place to deal with that somehow
so this might actually unveil such workarounds and gives us an
opportunity to do things right.

But I think it'd probably be best to feed this into linux-next sometime
soon after v5.11-rc1 to get broad exposure and see if there are any
cases where this causes trouble.

Thierry

Attachment: signature.asc
Description: PGP signature