| Message ID | 20240130164059.25130-1-fabio.maria.de.francesco@linux.intel.com |
|---|---|
| State | New |
| Headers |
Return-Path: <linux-kernel+bounces-44966-ouuuleilei=gmail.com@vger.kernel.org>
Delivered-To: ouuuleilei@gmail.com
Received: by 2002:a05:7301:2087:b0:106:209c:c626 with SMTP id
gs7csp1388587dyb;
Tue, 30 Jan 2024 09:44:19 -0800 (PST)
X-Google-Smtp-Source:
AGHT+IF2Xdfg5cNjwg25pgcw4g+3XJTp1whfib3nb4q8MiYbLcB6l0VMuhG96KQVvnoY7Xa4jqiO
X-Received: by 2002:a17:902:ca0b:b0:1d7:633c:93e9 with SMTP id
w11-20020a170902ca0b00b001d7633c93e9mr4738382pld.62.1706636658929;
Tue, 30 Jan 2024 09:44:18 -0800 (PST)
ARC-Seal: i=2; a=rsa-sha256; t=1706636658; cv=pass;
d=google.com; s=arc-20160816;
b=TCFpefO96chjfo1ZD94CT81faKnLMbAM8HqciIdgAQ/WqdsvvYjKY5+vnzt7BmoyIl
qbR2sgSPiK0SsnChOudI2z7RPQLUQGhQ3dPG6I9P9S8nCsMhaKmweRizuEZktVs3cyMt
cb+o17iqzE/8AQ3f+KlDBzAUAB4iIB2LxIMzLyXIuCQgLnpBNKezWNWuVksa5xnhj0m1
ngEwT65n6TQwhpgRpHG+EQB1TVZZWDgTJPyY0tJT0/jriHBOBnnBgLakj2wvC3GqVa+1
JtxpheBx1v/ifA8hMNrGiu0ituiaFgFqvIYMpjVDT4+T+dXCNwgDm2Q/9kYiYbpN4bYm
QYlw==
ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com;
s=arc-20160816;
h=content-transfer-encoding:mime-version:list-unsubscribe
:list-subscribe:list-id:precedence:message-id:date:subject:cc:to
:from:dkim-signature;
bh=wAaVoyLME6iNmLSQ99xmwqcKaAL6fiRZib4MuvvtTTM=;
fh=GrBwOHLB7EHEQSs6t0XwLoHd4RKAbGScgfFQM/jONsE=;
b=lMA5Rq05wMIPFAWjDvMKeeqq02Rx/lCZB/GDTf9PEDZjrNUUJU64FcyMWsDrc2SKeb
MNIokNXxgfbHVWpgWe4eWTBqMQ1TSObQvjgrYvaydBlR5I1zJQaJznBjsB8MxFgoodTX
g+UqIl8fOor+ITHJLDuZdBhHrbaQ3I7tBgP8NG9Lic5keM1e3qyglnla9Hs47kHX++HE
EJJ/thMoz3dY2GV4Kat9mp5XggO52E5Mj8SSZ9bb405fvGAn6qfcgRMCP/yHIv03jjv3
lU2x6a0z7HQgWmIk9AhCJ4gOY8JZ/IFUN+DxK0T+7nAomIxfGoiG2YjCEphlsxS3XwdP
oxoA==
ARC-Authentication-Results: i=2; mx.google.com;
dkim=pass header.i=@intel.com header.s=Intel header.b=C50WnOS6;
arc=pass (i=1 dkim=pass dkdomain=intel.com dmarc=pass
fromdomain=linux.intel.com);
spf=pass (google.com: domain of
linux-kernel+bounces-44966-ouuuleilei=gmail.com@vger.kernel.org designates
147.75.48.161 as permitted sender)
smtp.mailfrom="linux-kernel+bounces-44966-ouuuleilei=gmail.com@vger.kernel.org";
dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com
Received: from sy.mirrors.kernel.org (sy.mirrors.kernel.org. [147.75.48.161])
by mx.google.com with ESMTPS id
lm11-20020a170903298b00b001d720fe91basi7841931plb.389.2024.01.30.09.44.18
for <ouuuleilei@gmail.com>
(version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
Tue, 30 Jan 2024 09:44:18 -0800 (PST)
Received-SPF: pass (google.com: domain of
linux-kernel+bounces-44966-ouuuleilei=gmail.com@vger.kernel.org designates
147.75.48.161 as permitted sender) client-ip=147.75.48.161;
Authentication-Results: mx.google.com;
dkim=pass header.i=@intel.com header.s=Intel header.b=C50WnOS6;
arc=pass (i=1 dkim=pass dkdomain=intel.com dmarc=pass
fromdomain=linux.intel.com);
spf=pass (google.com: domain of
linux-kernel+bounces-44966-ouuuleilei=gmail.com@vger.kernel.org designates
147.75.48.161 as permitted sender)
smtp.mailfrom="linux-kernel+bounces-44966-ouuuleilei=gmail.com@vger.kernel.org";
dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com
Received: from smtp.subspace.kernel.org (wormhole.subspace.kernel.org
[52.25.139.140])
(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
(No client certificate requested)
by sy.mirrors.kernel.org (Postfix) with ESMTPS id B143BB2B525
for <ouuuleilei@gmail.com>; Tue, 30 Jan 2024 16:41:41 +0000 (UTC)
Received: from localhost.localdomain (localhost.localdomain [127.0.0.1])
by smtp.subspace.kernel.org (Postfix) with ESMTP id 8553F1292D5;
Tue, 30 Jan 2024 16:41:13 +0000 (UTC)
Authentication-Results: smtp.subspace.kernel.org;
dkim=pass (2048-bit key) header.d=intel.com header.i=@intel.com
header.b="C50WnOS6"
Received: from mgamail.intel.com (mgamail.intel.com [192.198.163.10])
(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
(No client certificate requested)
by smtp.subspace.kernel.org (Postfix) with ESMTPS id EB0801272DE
for <linux-kernel@vger.kernel.org>; Tue, 30 Jan 2024 16:41:08 +0000 (UTC)
Authentication-Results: smtp.subspace.kernel.org;
arc=none smtp.client-ip=192.198.163.10
ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116;
t=1706632870; cv=none;
b=es1tqEw099hrQ4Ub+JQMH73BG9IbSleI2xUKpN3qpA3d2Q5HYQuAHsHOfZPRV+Q9j8ETiuKkbofWKSWrK8kbbFthlHp8Os2fCnJ8dBo1ijrXTF1iKcAEULACV3aQh5hs88lFwMixWeUz4JzUMNneJ/2QLjSuJ4C4qEhooTQtbNY=
ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org;
s=arc-20240116; t=1706632870; c=relaxed/simple;
bh=vNxT0rsPoDbVtngAtNP78Dp8PDvbA02h15YPEkop4Kw=;
h=From:To:Cc:Subject:Date:Message-ID:MIME-Version;
b=dEOuH0WRePU8sTv4v8FimczUnMPYEJv1BGGN3ZGuScOuw/9Ent9CioTXYWzN+hhQt1qYAlWGsyA4QJw18rZBNT8IreuWX+ceHSNv5X1dseri/naHHtwP0t5nRPj1DD2JqJUFDqPOSBYL24IZeGLIF54/AMZtUzmfizN1SkppZVA=
ARC-Authentication-Results: i=1; smtp.subspace.kernel.org;
dmarc=pass (p=none dis=none) header.from=linux.intel.com;
spf=none smtp.mailfrom=linux.intel.com;
dkim=pass (2048-bit key) header.d=intel.com header.i=@intel.com
header.b=C50WnOS6; arc=none smtp.client-ip=192.198.163.10
Authentication-Results: smtp.subspace.kernel.org;
dmarc=pass (p=none dis=none) header.from=linux.intel.com
Authentication-Results: smtp.subspace.kernel.org;
spf=none smtp.mailfrom=linux.intel.com
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple;
d=intel.com; i=@intel.com; q=dns/txt; s=Intel;
t=1706632869; x=1738168869;
h=from:to:cc:subject:date:message-id:mime-version:
content-transfer-encoding;
bh=vNxT0rsPoDbVtngAtNP78Dp8PDvbA02h15YPEkop4Kw=;
b=C50WnOS6XnBZmaFW5K6DyD5BuuX4u0OvjTfqd82BOTNtVWkNOPr0hKNi
OL9QCFaxtlBfE9AKVWss2AMnh/7DzNPm5NgOoH62jZny7TV2mibsEFZ4T
qbTId7jvnX+LwVFEAlOOyEi6h4vMjTcwbAAhSClcSyH3Lla48xL+/mwWv
um0nznu3rXRyPubzVO+OJiLM1RqS8qKfAm28E5Zzk93HnNkh6IA71w9vL
Vuo1V3u1mLTEnLFz16o9LMZJlGgSXB2e03VFofZ+QLCzbu/ok+Beg1jOr
Vjvn4JB63s4THCC/rH3yWgI3YkXl9Zkw8ROLSXOmjkP6nU7mbRnol58hc
w==;
X-IronPort-AV: E=McAfee;i="6600,9927,10969"; a="10721606"
X-IronPort-AV: E=Sophos;i="6.05,230,1701158400";
d="scan'208";a="10721606"
Received: from orviesa003.jf.intel.com ([10.64.159.143])
by fmvoesa104.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384;
30 Jan 2024 08:41:08 -0800
X-ExtLoop1: 1
X-IronPort-AV: E=Sophos;i="6.05,230,1701158400";
d="scan'208";a="3752969"
Received: from fdefranc-mobl3.ger.corp.intel.com (HELO
fdefranc-mobl3.intel.com) ([10.213.21.72])
by ORVIESA003-auth.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384;
30 Jan 2024 08:41:06 -0800
From: "Fabio M. De Francesco" <fabio.maria.de.francesco@linux.intel.com>
To: linux-kernel@vger.kernel.org
Cc: "Fabio M. De Francesco" <fabio.maria.de.francesco@linux.intel.com>,
Peter Zijlstra <peterz@infradead.org>,
Dan Williams <dan.j.williams@intel.com>,
Ira Weiny <ira.weiny@intel.com>
Subject: [RFC PATCH v2] cleanup: Add cond_guard() to conditional guards
Date: Tue, 30 Jan 2024 17:38:14 +0100
Message-ID: <20240130164059.25130-1-fabio.maria.de.francesco@linux.intel.com>
X-Mailer: git-send-email 2.43.0
Precedence: bulk
X-Mailing-List: linux-kernel@vger.kernel.org
List-Id: <linux-kernel.vger.kernel.org>
List-Subscribe: <mailto:linux-kernel+subscribe@vger.kernel.org>
List-Unsubscribe: <mailto:linux-kernel+unsubscribe@vger.kernel.org>
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
X-getmail-retrieved-from-mailbox: INBOX
X-GMAIL-THRID: 1789535823304224868
X-GMAIL-MSGID: 1789538241479985528
|
| Series |
[RFC,v2] cleanup: Add cond_guard() to conditional guards
|
|
Commit Message
Fabio M. De Francesco
Jan. 30, 2024, 4:38 p.m. UTC
Add cond_guard() to conditional guards.
cond_guard() is used for the _interruptible(), _killable(), and _try
versions of locks. It expects a block where the failure can be handled
(e.g., calling printk() and returning -EINTR in case of failure).
As the other guards, it avoids to open code the release of the lock
after a goto to an 'out' label.
This remains an RFC because Dan suggested a slightly different syntax:
if (cond_guard(...))
return -EINTR;
But the scoped_cond_guard() macro omits the if statement:
scoped_cond_guard (...) {
}
Thus define cond_guard() similarly to scoped_cond_guard() but with a block
to handle the failure case:
cond_guard(...)
return -EINTR;
Cc: Peter Zijlstra <peterz@infradead.org>
Cc: Dan Williams <dan.j.williams@intel.com>
Suggested-by: Ira Weiny <ira.weiny@intel.com>
Signed-off-by: Fabio M. De Francesco <fabio.maria.de.francesco@linux.intel.com>
---
drivers/cxl/core/region.c | 17 +++++------------
include/linux/cleanup.h | 13 +++++++++++++
2 files changed, 18 insertions(+), 12 deletions(-)
Comments
On Tuesday, 30 January 2024 18:02:09 CET Dan Williams wrote: > Fabio M. De Francesco wrote: > > Add cond_guard() to conditional guards. > > > > cond_guard() is used for the _interruptible(), _killable(), and _try > > versions of locks. It expects a block where the failure can be handled > > (e.g., calling printk() and returning -EINTR in case of failure). > > > > As the other guards, it avoids to open code the release of the lock > > after a goto to an 'out' label. > > > > This remains an RFC because Dan suggested a slightly different syntax: > > if (cond_guard(...)) > > > > return -EINTR; > > > > But the scoped_cond_guard() macro omits the if statement: > > scoped_cond_guard (...) { > > } > > > > Thus define cond_guard() similarly to scoped_cond_guard() but with a block > > > > to handle the failure case: > > cond_guard(...) > > > > return -EINTR; > > That's too subtle for me, because of the mistakes that can be made with > brackets how about a syntax like: > > cond_guard(..., return -EINTR, ...) > > ...to make it clear what happens if the lock acquisition fails without > having to remember there is a hidden incomplete "if ()" statement in > that macro? More below... As you propose I can't see how to handle multi-line error path like in: cond_guard(...) { dev_dbg(...); return -EINTR; } I added a similar example in a comment in cleanup.h. > > > Cc: Peter Zijlstra <peterz@infradead.org> > > Cc: Dan Williams <dan.j.williams@intel.com> > > Suggested-by: Ira Weiny <ira.weiny@intel.com> > > Signed-off-by: Fabio M. De Francesco > > <fabio.maria.de.francesco@linux.intel.com> --- > > > > drivers/cxl/core/region.c | 17 +++++------------ > > include/linux/cleanup.h | 13 +++++++++++++ > > 2 files changed, 18 insertions(+), 12 deletions(-) > > > > [...] > > > > diff --git a/include/linux/cleanup.h b/include/linux/cleanup.h > > index c2d09bc4f976..fc850e61a47e 100644 > > --- a/include/linux/cleanup.h > > +++ b/include/linux/cleanup.h > > @@ -134,6 +134,15 @@ static inline class_##_name##_t > > class_##_name##ext##_constructor(_init_args) \> > > * an anonymous instance of the (guard) class, not recommended for > > * conditional locks. > > * > > > > + * cond_guard(_name, args...): > > + * for conditional locks like mutex_trylock() or > > down_read_interruptible(). + * It expects a block for handling errors > > like in the following example: + * > > + * cond_guard(rwsem_read_intr, &my_sem) { > > + * printk(KERN_NOTICE "Try failure in work0()\n"); > > + * return -EINTR; > > + * } > > + * > > > > * scoped_guard (name, args...) { }: > > * similar to CLASS(name, scope)(args), except the variable (with the > > * explicit name 'scope') is declard in a for-loop such that its scope is > > > > @@ -165,6 +174,10 @@ static inline class_##_name##_t > > class_##_name##ext##_constructor(_init_args) \> > > #define __guard_ptr(_name) class_##_name##_lock_ptr > > > > +#define cond_guard(_name, args...) \ > > + CLASS(_name, scope)(args); \ > > + if (!__guard_ptr(_name)(&scope)) > > This needs to protect against being used within another if () block. > Imagine a case of: > > if (...) { > cond_guard(...); > <statement> > } else if (...) > > ...does that "else if" belong to the first "if ()" or the hidden one > inside the macro? Good question. > You can steal the embedded "if ()" trick from scoped_cond_guard() and do > something like (untested): > > #define cond_guard(_name, _fail, args...) \ > CLASS(_name, scope)(args); \ > if (!__guard_ptr(_name)(&scope)) _fail; else /* pass */; I think this may work, but... Again, with this interface there is no means to handle multi-line error paths. I wanted an interface sufficiently flexible to handle logging + return -EINTR, and possibly more lines to undo something. Can we have two macros, this for multi-line error paths, and one other, like you suggested, for an immediate 'return -EINTR'? Thanks, Fabio
On Tuesday, 30 January 2024 18:02:09 CET Dan Williams wrote: > Fabio M. De Francesco wrote: [skip} > > > > @@ -165,6 +174,10 @@ static inline class_##_name##_t > > class_##_name##ext##_constructor(_init_args) \> > > #define __guard_ptr(_name) class_##_name##_lock_ptr > > > > +#define cond_guard(_name, args...) \ > > + CLASS(_name, scope)(args); \ > > + if (!__guard_ptr(_name)(&scope)) > > This needs to protect against being used within another if () block. > Imagine a case of: > > if (...) { > cond_guard(...); > <statement> > } else if (...) Could it be made clear in the documentation that cond_guard() shouldn't be misused as you showed above? Actually, I don't know how effective the documentation can be in avoiding incorrect use of cond_guard(). Fabio > ...does that "else if" belong to the first "if ()" or the hidden one > inside the macro? > > You can steal the embedded "if ()" trick from scoped_cond_guard() and do > something like (untested): > > #define cond_guard(_name, _fail, args...) \ > CLASS(_name, scope)(args); \ > if (!__guard_ptr(_name)(&scope)) _fail; else /* pass */;
Fabio M. De Francesco wrote: > On Tuesday, 30 January 2024 18:02:09 CET Dan Williams wrote: > > Fabio M. De Francesco wrote: > > > Add cond_guard() to conditional guards. > > > > > > cond_guard() is used for the _interruptible(), _killable(), and _try > > > versions of locks. It expects a block where the failure can be handled > > > (e.g., calling printk() and returning -EINTR in case of failure). > > > > > > As the other guards, it avoids to open code the release of the lock > > > after a goto to an 'out' label. > > > > > > This remains an RFC because Dan suggested a slightly different syntax: > > > if (cond_guard(...)) > > > > > > return -EINTR; > > > > > > But the scoped_cond_guard() macro omits the if statement: > > > scoped_cond_guard (...) { > > > } > > > > > > Thus define cond_guard() similarly to scoped_cond_guard() but with a block > > > > > > to handle the failure case: > > > cond_guard(...) > > > > > > return -EINTR; > > > > That's too subtle for me, because of the mistakes that can be made with > > brackets how about a syntax like: > > > > cond_guard(..., return -EINTR, ...) > > > > ...to make it clear what happens if the lock acquisition fails without > > having to remember there is a hidden incomplete "if ()" statement in > > that macro? More below... > > As you propose I can't see how to handle multi-line error path like in: > > cond_guard(...) { > dev_dbg(...); > return -EINTR; > } The _fail argument is a statement, to make it a compound statement maybe just add braces, something like: cond_guard(..., { dev_dbg(...); return -EINTR; }, ...) ..another possibility is something like int rc = 0; cond_guard(..., rc = -EINTR, ...) if (rc) { ... return rc; } ..so, I don't think we need separate macros for the multi-statement case.
Dan Williams wrote: > Fabio M. De Francesco wrote: > > Add cond_guard() to conditional guards. > > > > cond_guard() is used for the _interruptible(), _killable(), and _try > > versions of locks. It expects a block where the failure can be handled > > (e.g., calling printk() and returning -EINTR in case of failure). > > > > As the other guards, it avoids to open code the release of the lock > > after a goto to an 'out' label. > > > > This remains an RFC because Dan suggested a slightly different syntax: > > > > if (cond_guard(...)) > > return -EINTR; > > > > But the scoped_cond_guard() macro omits the if statement: > > > > scoped_cond_guard (...) { > > } > > > > Thus define cond_guard() similarly to scoped_cond_guard() but with a block > > to handle the failure case: > > > > cond_guard(...) > > return -EINTR; > > That's too subtle for me, because of the mistakes that can be made with > brackets how about a syntax like: > > cond_guard(..., return -EINTR, ...) > > ...to make it clear what happens if the lock acquisition fails without > having to remember there is a hidden incomplete "if ()" statement in > that macro? More below... I sympathize with the hidden "if" being confusing but there is already precedent in the current *_guard macros. So I'd like to know if Peter has an opinion. Ira
Ira Weiny wrote: > Dan Williams wrote: > > Fabio M. De Francesco wrote: > > > Add cond_guard() to conditional guards. > > > > > > cond_guard() is used for the _interruptible(), _killable(), and _try > > > versions of locks. It expects a block where the failure can be handled > > > (e.g., calling printk() and returning -EINTR in case of failure). > > > > > > As the other guards, it avoids to open code the release of the lock > > > after a goto to an 'out' label. > > > > > > This remains an RFC because Dan suggested a slightly different syntax: > > > > > > if (cond_guard(...)) > > > return -EINTR; > > > > > > But the scoped_cond_guard() macro omits the if statement: > > > > > > scoped_cond_guard (...) { > > > } > > > > > > Thus define cond_guard() similarly to scoped_cond_guard() but with a block > > > to handle the failure case: > > > > > > cond_guard(...) > > > return -EINTR; > > > > That's too subtle for me, because of the mistakes that can be made with > > brackets how about a syntax like: > > > > cond_guard(..., return -EINTR, ...) > > > > ...to make it clear what happens if the lock acquisition fails without > > having to remember there is a hidden incomplete "if ()" statement in > > that macro? More below... > > I sympathize with the hidden "if" being confusing but there is already > precedent in the current *_guard macros. So I'd like to know if Peter has > an opinion. What are you asking specifically? The current scoped_cond_guard() already properly encapsulates the "if ()" and takes an "_fail" so why wouldn't cond_guard() also safely encpsulate an "if ()" and take an "_fail" statement argument?
Dan Williams wrote: > Ira Weiny wrote: > > Dan Williams wrote: > > > Fabio M. De Francesco wrote: > > > > Add cond_guard() to conditional guards. > > > > > > > > cond_guard() is used for the _interruptible(), _killable(), and _try > > > > versions of locks. It expects a block where the failure can be handled > > > > (e.g., calling printk() and returning -EINTR in case of failure). > > > > > > > > As the other guards, it avoids to open code the release of the lock > > > > after a goto to an 'out' label. > > > > > > > > This remains an RFC because Dan suggested a slightly different syntax: > > > > > > > > if (cond_guard(...)) > > > > return -EINTR; > > > > > > > > But the scoped_cond_guard() macro omits the if statement: > > > > > > > > scoped_cond_guard (...) { > > > > } > > > > > > > > Thus define cond_guard() similarly to scoped_cond_guard() but with a block > > > > to handle the failure case: > > > > > > > > cond_guard(...) > > > > return -EINTR; > > > > > > That's too subtle for me, because of the mistakes that can be made with > > > brackets how about a syntax like: > > > > > > cond_guard(..., return -EINTR, ...) > > > > > > ...to make it clear what happens if the lock acquisition fails without > > > having to remember there is a hidden incomplete "if ()" statement in > > > that macro? More below... > > > > I sympathize with the hidden "if" being confusing but there is already > > precedent in the current *_guard macros. So I'd like to know if Peter has > > an opinion. > > What are you asking specifically? The current scoped_cond_guard() > already properly encapsulates the "if ()" and takes an "_fail" so why > wouldn't cond_guard() also safely encpsulate an "if ()" and take an > "_fail" statement argument? Maybe I misunderstood you. I thought you were advocating that the 'if' would not be encapsulated. And I was wondering if Peter had an opinion. But if you are agreeing with the direction of this patch regarding the if then ignore me. Ira
Ira Weiny wrote: > Dan Williams wrote: > > Ira Weiny wrote: > > > Dan Williams wrote: > > > > Fabio M. De Francesco wrote: > > > > > Add cond_guard() to conditional guards. > > > > > > > > > > cond_guard() is used for the _interruptible(), _killable(), and _try > > > > > versions of locks. It expects a block where the failure can be handled > > > > > (e.g., calling printk() and returning -EINTR in case of failure). > > > > > > > > > > As the other guards, it avoids to open code the release of the lock > > > > > after a goto to an 'out' label. > > > > > > > > > > This remains an RFC because Dan suggested a slightly different syntax: > > > > > > > > > > if (cond_guard(...)) > > > > > return -EINTR; > > > > > > > > > > But the scoped_cond_guard() macro omits the if statement: > > > > > > > > > > scoped_cond_guard (...) { > > > > > } > > > > > > > > > > Thus define cond_guard() similarly to scoped_cond_guard() but with a block > > > > > to handle the failure case: > > > > > > > > > > cond_guard(...) > > > > > return -EINTR; > > > > > > > > That's too subtle for me, because of the mistakes that can be made with > > > > brackets how about a syntax like: > > > > > > > > cond_guard(..., return -EINTR, ...) > > > > > > > > ...to make it clear what happens if the lock acquisition fails without > > > > having to remember there is a hidden incomplete "if ()" statement in > > > > that macro? More below... > > > > > > I sympathize with the hidden "if" being confusing but there is already > > > precedent in the current *_guard macros. So I'd like to know if Peter has > > > an opinion. > > > > What are you asking specifically? The current scoped_cond_guard() > > already properly encapsulates the "if ()" and takes an "_fail" so why > > wouldn't cond_guard() also safely encpsulate an "if ()" and take an > > "_fail" statement argument? > > Maybe I misunderstood you. I thought you were advocating that the 'if' > would not be encapsulated. And I was wondering if Peter had an opinion. > Last I sent to Fabio was this: >> You can steal the embedded "if ()" trick from scoped_cond_guard() and do >> something like (untested): >> >> #define cond_guard(_name, _fail, args...) \ >> CLASS(_name, scope)(args); \ >> if (!__guard_ptr(_name)(&scope)) _fail; else /* pass */; > But if you are agreeing with the direction of this patch regarding the if > then ignore me. I disagree with the proposal that the caller needs to understand that the macro leaves a dangling "if ()". I am ok with aligning with scoped_cond_guard() where the caller can assume that the "_fail" statement has been executed with no "if ()" sequence to terminate.
On Tuesday, 30 January 2024 18:58:25 CET Dan Williams wrote: > Fabio M. De Francesco wrote: > > On Tuesday, 30 January 2024 18:02:09 CET Dan Williams wrote: > > > Fabio M. De Francesco wrote: > > > > Add cond_guard() to conditional guards. > > > > > > > > cond_guard() is used for the _interruptible(), _killable(), and _try > > > > versions of locks. It expects a block where the failure can be handled > > > > (e.g., calling printk() and returning -EINTR in case of failure). > > > > > > > > As the other guards, it avoids to open code the release of the lock > > > > after a goto to an 'out' label. > > > > > > > > This remains an RFC because Dan suggested a slightly different syntax: > > > > if (cond_guard(...)) > > > > > > > > return -EINTR; > > > > > > > > But the scoped_cond_guard() macro omits the if statement: > > > > scoped_cond_guard (...) { > > > > } > > > > > > > > Thus define cond_guard() similarly to scoped_cond_guard() but with a > > > > block > > > > > > > > to handle the failure case: > > > > cond_guard(...) > > > > > > > > return -EINTR; > > > > > > That's too subtle for me, because of the mistakes that can be made with > > > > > > brackets how about a syntax like: > > > cond_guard(..., return -EINTR, ...) > > > > > > ...to make it clear what happens if the lock acquisition fails without > > > having to remember there is a hidden incomplete "if ()" statement in > > > that macro? More below... > > > > As you propose I can't see how to handle multi-line error path like in: > > cond_guard(...) { > > > > dev_dbg(...); > > return -EINTR; > > > > } > > The _fail argument is a statement, to make it a compound statement maybe > just add braces, something like: > > cond_guard(..., { dev_dbg(...); return -EINTR; }, ...) > > ...another possibility is something like > > int rc = 0; > > cond_guard(..., rc = -EINTR, ...) > if (rc) { > ... > return rc; > } I had tried this before sending this patch. It looked the most obvious solution. But it fails my tests: it always return -EINTR, regardless of the successful down. It looks like it was not expanded as I was expecting. Or my tests are wrong, but I can't see any obvious mistake. BTW, it's interesting to notice that the following instead works. I guess that it is due to the same fact that required me to pass a pointer to 'rc' in the first version of this patch to (mistakenly) store the boolean of whether the constructor succeeded or failed. int rc; int *rcp = &rc; cond_guard(..., *rcp = -EINTR, ...) if (rc) { dev_dbg(...); return rc; } This works but I think nobody wants to see anything like this. Fabio > > ...so, I don't think we need separate macros for the multi-statement > case.
diff --git a/drivers/cxl/core/region.c b/drivers/cxl/core/region.c index 0f05692bfec3..20d405f01df5 100644 --- a/drivers/cxl/core/region.c +++ b/drivers/cxl/core/region.c @@ -666,28 +666,21 @@ static size_t show_targetN(struct cxl_region *cxlr, char *buf, int pos) { struct cxl_region_params *p = &cxlr->params; struct cxl_endpoint_decoder *cxled; - int rc; - rc = down_read_interruptible(&cxl_region_rwsem); - if (rc) - return rc; + cond_guard(rwsem_read_intr, &cxl_region_rwsem) + return -EINTR; if (pos >= p->interleave_ways) { dev_dbg(&cxlr->dev, "position %d out of range %d\n", pos, p->interleave_ways); - rc = -ENXIO; - goto out; + return -ENXIO; } cxled = p->targets[pos]; if (!cxled) - rc = sysfs_emit(buf, "\n"); + return sysfs_emit(buf, "\n"); else - rc = sysfs_emit(buf, "%s\n", dev_name(&cxled->cxld.dev)); -out: - up_read(&cxl_region_rwsem); - - return rc; + return sysfs_emit(buf, "%s\n", dev_name(&cxled->cxld.dev)); } static int match_free_decoder(struct device *dev, void *data) diff --git a/include/linux/cleanup.h b/include/linux/cleanup.h index c2d09bc4f976..fc850e61a47e 100644 --- a/include/linux/cleanup.h +++ b/include/linux/cleanup.h @@ -134,6 +134,15 @@ static inline class_##_name##_t class_##_name##ext##_constructor(_init_args) \ * an anonymous instance of the (guard) class, not recommended for * conditional locks. * + * cond_guard(_name, args...): + * for conditional locks like mutex_trylock() or down_read_interruptible(). + * It expects a block for handling errors like in the following example: + * + * cond_guard(rwsem_read_intr, &my_sem) { + * printk(KERN_NOTICE "Try failure in work0()\n"); + * return -EINTR; + * } + * * scoped_guard (name, args...) { }: * similar to CLASS(name, scope)(args), except the variable (with the * explicit name 'scope') is declard in a for-loop such that its scope is @@ -165,6 +174,10 @@ static inline class_##_name##_t class_##_name##ext##_constructor(_init_args) \ #define __guard_ptr(_name) class_##_name##_lock_ptr +#define cond_guard(_name, args...) \ + CLASS(_name, scope)(args); \ + if (!__guard_ptr(_name)(&scope)) + #define scoped_guard(_name, args...) \ for (CLASS(_name, scope)(args), \ *done = NULL; __guard_ptr(_name)(&scope) && !done; done = (void *)1)