Alexey,
On Tue, Nov 24 2020 at 17:17, Alexey Kardashevskiy wrote:
> This moves hierarchical domain's irqs cleanup into the kobject release
> hook to make irq_domain_free_irqs() as simple as kobject_put.
Truly simple: Simply broken in multiple ways.
CONFIG_SPARSE_IRQ=n is now completely buggered. It does not even compile
anymore. Running core code changes through a larger set of cross
compilers is neither rocket science nor optional.
For CONFIG_SPARSE_IRQ=y, see below.
> @@ -1675,14 +1679,11 @@ void irq_domain_free_irqs(unsigned int virq, unsigned int nr_irqs)
> "NULL pointer, cannot free irq\n"))
> return;
>
> - mutex_lock(&irq_domain_mutex);
> - for (i = 0; i < nr_irqs; i++)
> - irq_domain_remove_irq(virq + i);
> - irq_domain_free_irqs_hierarchy(data->domain, virq, nr_irqs);
> - mutex_unlock(&irq_domain_mutex);
> + for (i = 0; i < nr_irqs; i++) {
> + struct irq_desc *desc = irq_to_desc(virq + i);
>
> - irq_domain_free_irq_data(virq, nr_irqs);
> - irq_free_descs(virq, nr_irqs);
> + kobject_put(&desc->kobj);
So up to this point both irq_dispose_mapping() _and_
irq_domain_free_irqs() invoked irq_free_descs().
Let's look at the call chains:
irq_domain_free_irqs()
irq_free_descs()
mutex_lock(&sparse_irq_lock);
for (i...)
free_desc(from + i)
irq_remove_debugfs_entry();
unregister_irq_proc();
irq_sysfs_del();
delete_irq_desc();
call_rcu();
bitmap_clear(allocated_irqs, ...);
mutex_unlock(&sparse_irq_lock);
with your modifications it does:
irq_domain_free_irqs()
for (i...)
kobject_put(&desc->kobj)
irq_kobj_release()
if (desc->free_irq)
desc->free_irq(desc);
irq_remove_debugfs_entry();
unregister_irq_proc();
delete_irq_desc();
call_rcu();
Can you spot the wreckage? It's not even subtle, it's more than obvious.
1) None of the operations in irq_kobj_release() is protected by
sparse_irq_lock anymore. There was a comment in free_desc() which
explained what is protected. You removed parts of that comment
and just left the sysfs portion of it above delete_irq_desc()
which is completely bogus because you removed the irq_sysfs_del()
call.
2) Nothing removes the freed interrupts from the allocation
bitmap. Run this often enough and you exhausted the interrupt
space.
And no, you cannot just go and invoke irq_free_descs() instead of
kobject_put(), simply because you'd create lock order inversion vs. the
free_irq() callback.
So no, it's not that simple and I'm not at all interested in another
respin of this with some more duct tape applied.
It can be done, but that needs way more thought, a proper design which
preserves the existing semantics completely and wants to be a fine
grained series where each patch does exactly ONE small thing which is
reviewable and testable on _ALL_ users of this code, i.e. _ALL_
architectures and irq chip implementations.
Thanks,
tglx
Re: [PATCH kernel v4 6/8] genirq/irqdomain: Move hierarchical IRQ cleanup to kobject_release
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
- Subject: Re: [PATCH kernel v4 6/8] genirq/irqdomain: Move hierarchical IRQ cleanup to kobject_release
- From: Thomas Gleixner <tglx@xxxxxxxxxxxxx>
- Date: Tue, 01 Dec 2020 00:13:44 +0100
- In-reply-to: <20201124061720.86766-7-aik@ozlabs.ru>
- References: <20201124061720.86766-1-aik@ozlabs.ru> <20201124061720.86766-7-aik@ozlabs.ru>
- References:
- [PATCH kernel v4 0/8] genirq/irqdomain: Add reference counting to IRQs
- From: Alexey Kardashevskiy
- [PATCH kernel v4 6/8] genirq/irqdomain: Move hierarchical IRQ cleanup to kobject_release
- From: Alexey Kardashevskiy
- [PATCH kernel v4 0/8] genirq/irqdomain: Add reference counting to IRQs
- Prev by Date: Re: [PATCH 04/18] software_node: Enforce parent before child ordering of nodes array for software_node_register_nodes()
- Next by Date: Re: [PATCH 18/18] ipu3: Add driver for dummy INT3472 ACPI device
- Previous by thread: Re: [PATCH kernel v4 6/8] genirq/irqdomain: Move hierarchical IRQ cleanup to kobject_release
- Next by thread: [PATCH kernel v4 4/8] genirq: Free IRQ descriptor via embedded kobject
- Index(es):
 |