Re: [PATCH v5 0/2] printk: Console owner and waiter logic cleanup

From: Sergey Senozhatsky
Date: Mon Jan 15 2018 - 04:48:20 EST


On (01/15/18 09:51), Petr Mladek wrote:
> On Sat 2018-01-13 16:31:00, Sergey Senozhatsky wrote:
> > On (01/12/18 13:55), Petr Mladek wrote:
> > [..]
> > > > I'm not fixing console_unlock(), I'm fixing printk(). BTW, all my
> > > > kernels are CONFIG_PREEMPT (I'm a RT guy), my mind thinks more about
> > > > PREEMPT kernels than !PREEMPT ones.
> > >
> > > I would say that the patch improves also console_unlock() but only in
> > > non-preemttive context.
> > >
> > > By other words, it makes console_unlock() finite in preemptible context
> > > (limited by buffer size). It might still be unlimited in
> > > non-preemtible context.
> >
> > could you elaborate a bit?
>
> Ah, I am sorry, I swapped the conditions. I meant that
> console_unlock() is finite in non-preemptible context.

ah, OK.
yes. it sill can be infinite, in preemptible context.

a side note,
no kernel or user space process is designed to loop in console_unlock(),
so infinte console_unlock() still can do some damage. we don't crash the
kernel, but if we somehow bring down the user space process, then things
are not so clear. e.g. when we do lots of handoffs we don't up() the
console_sem, so anything that might be sleeping in TASK_UNINTERRUPTIBLE
on console_sem stays in that uninterruptible state, which possibly can
fire the hung task alarm, which also may be configured to panic() the
kernel (or some other type of watchdog). so panic() is still possible
even if we do hand offs. but that's a completely different topic.


> There are two possibilities if console_unlock() is in atomic context
> and never sleeps. First, if there are new printk() callers, they could
> take over the job. Second. if they are no more callers, the
> current owner will release the lock after processing the existing
> messages. In both situations, the current owner will not handle more
> than the entire buffer. Therefore it is limited. We might argue
> if it is enough. But the point is that it is limited which is
> a step forward. And I think that you already agreed that this
> was a step forward.

yes.
the question whether O(A * B) bound is good enough is still there,
but in the worst case it's still a lockup, just like before [including
cases of accidental hand off from non-atomic context to a atomic one].


> The chance of taking over the lock is lower when console_unlock()
> owner could sleep. But then there is not a danger of a softlockup.
> In each case, this patch did not make it worse. Could we agree
> on this, please?

yes.


> All in all, this patch improved one scenario and did not make
> worse another one. We know that it does not fix everything.
> But it is a step forward. Could we agree on this, please?

yes.
it's iffy. it's a step forward when it's a step forward :)
and the good old lockup/panic in other cases. IMHO.

-ss