Re: io_uring: submission error handling

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Hi,

On 30.04.19 18:15, Jens Axboe wrote:
> On 4/30/19 10:02 AM, Jens Axboe wrote:
>> On 4/27/19 9:50 AM, Stefan Bühler wrote:
>>> Hi,
>>>
>>> On 24.04.19 00:07, Jens Axboe wrote:
>>>> On 4/23/19 2:31 PM, Jens Axboe wrote:
>>>>>> 1. An error for a submission should be returned as completion for that
>>>>>> submission.  Please don't break my main event loop with strange error
>>>>>> codes just because a single operation is broken/not supported/...
>>>>>
>>>>> So that's the case I was referring to above. We can just make that change,
>>>>> there's absolutely no reason to have errors passed back through a different
>>>>> channel.
>>>>
>>>> Thinking about this a bit more, and I think the current approach is the
>>>> best one. The issue is that only submission side events tied to an sqe
>>>> can return an cqe, the rest have to be returned through the system call
>>>> value. So I think it's cleaner to keep it as-is, honestly.
>>>
>>> Not sure we're talking about the same.
>>>
>>> I'm talking about the errors returned by io_submit_sqe: io_submit_sqes
>>> (called by the SQ thread) calls io_cqring_add_event if there was an
>>> error, but io_ring_submit (called by io_uring_enter) doesn't: instead,
>>> if there were successfully submitted entries before, it will just return
>>> those (and "undo" the current SQE), otherwise it will return the error,
>>> which will then be returned by io_uring_enter.
>>>
>>> But if I get an error from io_uring_enter I have no idea whether it was
>>> some generic error (say EINVAL for broken flags or EBADF for a
>>> non-io-uring filedescriptor) or an error related to a single submission.
>>>
>>> I think io_ring_submit should call io_cqring_add_event on errors too
>>> (like io_submit_sqes), and not stop handling submissions (and never
>>> return an error).
>>>
>>> Maybe io_cqring_add_event could then even be moved to io_submit_sqe and
>>> just return whether the job is already done or not (io_submit_sqes
>>> returns the new "inflight" jobs, and io_ring_submit the total number of
>>> submitted jobs).
>>
>> I think we are talking about the same thing, actually. See below patch.
>> This changes it so that any error that occurs on behalf of a specific
>> sqe WILL trigger a completion event, instead of returning it through
>> io_uring_enter(). io_uring_enter() can still return -ERROR for errors
>> that aren't specific to an sqe.
>>
>> I think this is what you had in mind?
>>
>> Totally untested, will do so now.
> 
> Seems to work for me, just needed to adjust the -EAGAIN test case in
> liburing.
> 
> I forgot to mention, but this will still stall the submission sequence.
> Before, if you wanted to queue 8 sqes and we had an error on the 5th, we'd
> return ret == 4 and the application would have to look at the sqring to
> figure out what is wrong with the head entry. Now we'd return 5, and
> have a cqe posted for the 5th entry that had an error. The app can then
> decide if it needs to do anything about this. If it doesn't, it just
> needs to call io_uring_enter() again to submit the remaining 3 entries.
> 
> I do like this change. Any error on an sqe will result in a cqe being
> posted, instead of having the submission be slightly different and have
> the cqe be dependent on where the error occurred.

I think you forgot to attach the patch - I can't find it :)

Without seeing the patch I'd like to point out the stalling is buggy
right now: if you stall you must not wait for an event (unless you
decrease min_complete by the number of events you didn't submit,
min(...) is wrong), as the event that possibly might wake up the loop
might not have been submitted in the first place.

The patch I was working on locally didn't stall so it also indirectly
fixed that bug; the challenge with stalling will be how to detect it:
"submitted < to_submit" does not indicate a stall if we accept that
applications are allowed to pass "to_submit" values larger than what is
actually in the queue.

While I agree that for special applications stalling on errors might be
an interesting feature, for more "general purpose" libraries stalling is
probably not useful (also note that the SQ thread won't stall either).

Maybe other solutions can be found: e.g. mark submissions as depending
on other submissions (including a barrier), and fail if the previous one
fails.

One last thing about stalling: the ring documentation so far describes
pending SQ elements as "owned by kernel"; allowing the application to
update it afterwards might make the documentation more complex (I don't
see a technical problem: without SQ thread the kernel never accesses the
submission queue outside io_uring_enter; but the application mustn't
modify SQ head).

cheers,
Stefan



[Index of Archives]     [Linux Ext4 Filesystem]     [Union Filesystem]     [Filesystem Testing]     [Ceph Users]     [Ecryptfs]     [AutoFS]     [Kernel Newbies]     [Share Photos]     [Security]     [Netfilter]     [Bugtraq]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux Cachefs]     [Reiser Filesystem]     [Linux RAID]     [Samba]     [Device Mapper]     [CEPH Development]

  Powered by Linux