On Thu, May 21, 2020 at 08:39:02PM +0300, Dan Carpenter wrote: > On Thu, May 21, 2020 at 05:22:05PM +0200, Rafael J. Wysocki wrote: > > On Thu, May 21, 2020 at 11:15 AM Dan Carpenter <dan.carpenter@xxxxxxxxxx> wrote: > > > > > > On Thu, May 21, 2020 at 11:42:55AM +0800, dinghao.liu@xxxxxxxxxx wrote: > > > > Hi, Dan, > > > > > > > > I agree the best solution is to fix __pm_runtime_resume(). But there are also > > > > many cases that assume pm_runtime_get_sync() will change PM usage > > > > counter on error. According to my static analysis results, the number of these > > > > "right" cases are larger. Adjusting __pm_runtime_resume() directly will introduce > > > > more new bugs. Therefore I think we should resolve the "bug" cases individually. > > > > > > > > > > That's why I was saying that we may need to introduce a new replacement > > > function for pm_runtime_get_sync() that works as expected. > > > > > > There is no reason why we have to live with the old behavior. > > > > What exactly do you mean by "the old behavior"? > > I'm suggesting we leave pm_runtime_get_sync() alone but we add a new > function which called pm_runtime_get_sync_resume() which does something > like this: > > static inline int pm_runtime_get_sync_resume(struct device *dev) > { > int ret; > > ret = __pm_runtime_resume(dev, RPM_GET_PUT); > if (ret < 0) { > pm_runtime_put(dev); > return ret; > } > return 0; > } > > I'm not sure if pm_runtime_put() is the correct thing to do? The other > thing is that this always returns zero on success. I don't know that > drivers ever care to differentiate between one and zero returns. > > Then if any of the caller expect that behavior we update them to use the > new function. Does that really have many benefits, though? I understand that this would perhaps be easier to use because it is more in line with how other functions operate. On the other hand, in some cases you may want to call a different version of pm_runtime_put() on failure, as discussed in other threads. Even ignoring that issue, any existing callsites that are leaking the reference would have to be updated to call the new function, which would be pretty much the same amount of work as updating the callsites to fix the leak, right? So if instead we just fix up the leaks, we might have a case of an API that doesn't work as some of us (myself included) expected it, but at least it would be consistent. If we add another variant things become fragmented and therefore even more complicated to use and review. Thierry
Attachment:
signature.asc
Description: PGP signature
_______________________________________________ devel mailing list devel@xxxxxxxxxxxxxxxxxxxxxx http://driverdev.linuxdriverproject.org/mailman/listinfo/driverdev-devel