Attempted summary of suspend-blockers LKML thread
in [Kernel]
|
Prev: [PATCH 6/7] usb: iowarrior: fix misuse of return value of copy_to_user()
Next: Get Back To Me Immediately....
From: Matthew Garrett on 4 Aug 2010 16:00 On Wed, Aug 04, 2010 at 12:29:36PM -0700, david(a)lang.hm wrote: > why would you trust it to take a wakelock, but not trust it the rest of > the time? Because I trust that when the application author says "I explicitly need the machine to stay awake" that they mean it, whereas I don't trust the application author to write an application that avoids consuming background CPU. The distinction is pretty important. > in my proposal I'm saying that if you would trust the application to take > a wakelock, you instead trust it to be sane in the rest of it's power > activity (avoiding polling, etc) and so you consider it for sleep > decisions. When we say "trust", we're not using the same meaning as we do with security. Yes, it's possible that an application that can block suspend will do so at inopportune times. But given that blocking suspend is an explicit act it's much more likely that the developer will only use it in reasonable ways, while it's still entirely plausible that the application will generate unnecessary wakeups. Pretending otherwise is unrealistic. I recently had to fix the fact that the kernel IPMI layer would generate a constant 1000 wakeups a second even if it had an interrupt-driven controller or was entirely idle. >> The second is that the incoming network packet causes >> the kernel to take a wakelock that will be released once userspace has >> processed the network packet. This ensures that at least one wakelock is >> held for the entire relevant period of time. > > how do you determine that userspace has processed the network packet so > that the kernel can release the wakelock (or is this one of the cases > where there is a timer related to the wakelock) The current implementation uses a timer, but Rafael's implementation should allow userspace to explicitly acknowledge it. > two things here, > > on the dirty networks that I see as common, refusing to sleep if network > packets are arriving will mean that you never go to sleep. Cell networks typically have no background traffic, for obvious reasons. > secondly, nothing stops the code doing the idle/suspend decision from > considering network activity. I would be surprised if there weren't > already options to support this today. If you proxy every potential wakeup event through some central server then this becomes much easier, but it's also a performance hit. The alternative is that you poll for network activity, but that's a power hit. -- Matthew Garrett | mjg59(a)srcf.ucam.org -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo(a)vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
From: Paul E. McKenney on 4 Aug 2010 16:10 On Wed, Aug 04, 2010 at 12:29:36PM -0700, david(a)lang.hm wrote: > On Wed, 4 Aug 2010, Matthew Garrett wrote: > > >On Wed, Aug 04, 2010 at 12:15:59PM -0700, david(a)lang.hm wrote: > >>On Wed, 4 Aug 2010, Matthew Garrett wrote: > >>>No! And that's precisely the issue. Android's existing behaviour could > >>>be entirely implemented in the form of binary that manually triggers > >>>suspend when (a) the screen is off and (b) no userspace applications > >>>have indicated that the system shouldn't sleep, except for the wakeup > >>>event race. Imagine the following: > >>> > >>>1) The policy timeout is about to expire. No applications are holding > >>>wakelocks. The system will suspend providing nothing takes a wakelock. > >>>2) A network packet arrives indicating an incoming SIP call > >>>3) The VOIP application takes a wakelock and prevents the phone from > >>>suspending while the call is in progress > >>> > >>>What stops the system going to sleep between (2) and (3)? cgroups don't, > >>>because the voip app is an otherwise untrusted application that you've > >>>just told the scheduler to ignore. > >> > >>Even in the current implementation (wakelocks), Since the VOIP > >>application isn't allowed to take a wakelock, wouldn't the system go to > >>sleep immediatly anyway, even if the application gets the packet and > >>starts the call? What would ever raise the wakelock to keep the phone > >>from sleeping in the middle of the call? > > > >There's two parts of that. The first is that the voip application is > >allowed to take a wakelock - but that doesn't mean that you trust it the > >rest of the time. > > why would you trust it to take a wakelock, but not trust it the rest > of the time? > > in my proposal I'm saying that if you would trust the application to > take a wakelock, you instead trust it to be sane in the rest of it's > power activity (avoiding polling, etc) and so you consider it for > sleep decisions. The word "trust" does not appear to be helping here. ;-) The VOIP application acquires a suspend blocker when it needs to prevent the system from suspending, and releases that suspend blocker when it can tolerate the system suspending. It is important to note that while the VOIP application holds the suspend blocker, the system won't suspend even if it is completely idle (for example, if the VOIP application uses blocking system calls, during the time that the VOIP application is waiting for its next event). > >The second is that the incoming network packet causes > >the kernel to take a wakelock that will be released once userspace has > >processed the network packet. This ensures that at least one wakelock is > >held for the entire relevant period of time. > > how do you determine that userspace has processed the network packet > so that the kernel can release the wakelock (or is this one of the > cases where there is a timer related to the wakelock) There are two cases: 1. The application is permitted to acquire suspend blockers. In this case, the application would acquire a suspend blocker before reading the input. It would then read the input (at which point the kernel releases its suspend blocker), do any needed processing, and finally release the suspend blocker. So in this case, the system knows that the application is done processing the input when that application releases its suspend blocker. 2. The application is prohibited from acquiring suspend blockers. In this case, the system might well be suspended before the application has a chance to do more than read the input. But the application will get a chance to process the input when the next input event is directed to it. > two things here, > > on the dirty networks that I see as common, refusing to sleep if > network packets are arriving will mean that you never go to sleep. > > secondly, nothing stops the code doing the idle/suspend decision > from considering network activity. I would be surprised if there > weren't already options to support this today. I don't know about the general networking case for Android, but the example of downloading was discussed some time back. The application doing the download acquires a suspend blocker, which it releases once the download is complete (or once a timeout expires, if I remember correctly). In this particular case, the network packets were not bringing the device out of suspend. There might well be other cases where networking packets -do- bring the system out of suspend, but I must leave this to someone who knows more about Android than do I. Thanx, Paul -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo(a)vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
From: Rafael J. Wysocki on 4 Aug 2010 16:40 On Wednesday, August 04, 2010, david(a)lang.hm wrote: > On Wed, 4 Aug 2010, Rafael J. Wysocki wrote: > > > On Wednesday, August 04, 2010, david(a)lang.hm wrote: > >> On Wed, 4 Aug 2010, Arve Hj?nnev?g wrote: > >> > >>> 2010/8/3 <david(a)lang.hm>: > >>>> On Tue, 3 Aug 2010, Arve Hj?nnev?g wrote: > >>>> > >>>>> 2010/8/3 <david(a)lang.hm>: > >>>>>> > >>>>>> On Tue, 3 Aug 2010, Arve Hj?nnev?g wrote: > > ... > >>>>>>> The hardware specific idle hook can (and does) decide to go into any > >>>>>>> power state from idle that does not disrupt any active devices. > >>>>>> > >>>>>> This I know is an Andoid specific thing. On other platforms power states > >>>>>> very definantly can make user visible changes. > > > > It would be much better if you gave specific examples. Because, for instance, > > I'm not sure what platforms you have in mind. > > I gave examples in other messages that included dimming/turning off the > screen and spinning down the disk among others. > > the definition of 'transparently' was then clarified to not mean > transparent to the user, but transparent (except for possibly delays) to > the applications (they may have to wait for the disk to spin up for > example) > > >>>>> How is this Android specific? > >>>> > >>>> you are stating that this must be suspend because low-power idle must be > >>>> transparent to the user. > >>> > >>> It must be transparent to the rest of the system. > >>> > >>>> > >>>> I am saying that on Linux, low-power idle commonly is not transparent to the > >>>> user, so the requirement for it to be transparent (therefor putting the > >>>> suspend into a different category) is an Android only requirement. > >>>> > >>> > >>> I'm am not talking about minor latencies. If you have a platform that > >>> for instance turns off you screen dma when entering idle, it is broken > >>> whether is running Android or not. If it does the same in suspend it > >>> is not a problem. > >> > >> This isn't sounding quite right to me. I've seen too many discussions > >> about things like idle and USB devices/hubs/drives/etc getting powered > >> down for power savings modes to make me readily accept that everything > >> must be as transparent as you imply. Just the case of drive spin-down > >> shows that it's possible to do things that would be considered > >> destructive, but you have to have a flag and wake-up path to recover > >> within a 'reasonable' amount of time (I guess that this could be > >> 'transparent' if that only implies that things must work eventually, which > >> isn't what I read into the statement) > > > > Well, consider a single character device and suppose there is an application > > talking to the driver using read(), write(), ioctl(), whatever. Now suppose > > you want to put the device into a low-power state such that the device can't > > do the I/O in that state. You need to ensure that the app won't be able to > > reach the device while in that state and you can (1) arrange things so that > > the device is put into the full-power state whenever the app tries to access > > it and (2) "freeze" the app so that it won't try to access the device being in > > the low-power state. > > > > Generally speaking (1) is what idle (and any other form of runtime PM) does and > > (2) is what suspend does with respect to the whole system. > > makes sense > > > In the suspend case, when you have frozen all applications, you can > > sequentially disable all interrupts except for a few selected ("wakeup") ones > > in a safe way. By disabling them, you ensure that the CPU will only be > > "revived" by a limited set of events and that allows the system to stay > > low-power for extended time intervals. > > the benifit of this will depend on what wakeups you are able to avoid by > putting the hardware to sleep. Depending on the hardware, this may be not > matter that much. That's correct, but evidently it does make a difference with the hardware Android commonly runs on. > In addition, there are input devices like a touchscreen that could be > disabled even short of a full suspend, as long as there is some way to get > them reactivated. That's correct again, but it doesn't matter too much as far as the difference between "deep idle" and suspend is concerned. These devices are generally not the interrupt sources that are difficult to shut down safely in the "idle" case. > > To achieve the same result in the "idle" case, you'll need to have a mechanism > > to disable interrupts (except for the "wakeup" ones) avoiding synchronization > > problems (eg. situations in which task A, blocked on a "suspended" device > > access, holds a mutex waited for by task B that needs to run so that we can > > "suspend" another device). That, however, is a difficult problem. > > I would say that the difficulty of the problem depends on the hardware and > how much userspace interaction is needed. If the kernel can disable the > hardware in the driver (so that it can wake it up again when accessed by > an application) it would seem that this isn't a problem. Well, I guess it's useful to consider the sequence of events in the "idle" case. We first detect that a CPU is idle, so it can be put into a C-state (or equivalent). It's easy to put that CPU into such a state, but suppose we want to do more and put all devices into low-power states at that point. We have to ensure that there are no devices in the middle of DMA and that the other CPUs are idle (that's kind of easy, but still). Next, we have to figure out the right ordering in which to put devices into low-power states (that is not trivial, because the tasks that use those devices may depend on each other in various ways). If we decide to shut down clock source interrupts, we must ensure that the timekeeping will be correct after that and so on. Moreover, things get ugly if there are shared interrupts. Suspend kind of works around these difficulties by taking the entire user space out of the picture with one big sledgehammer called the freezer, but these problems would have to be actually _solved_ in the "idle" case. Thanks, Rafael -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo(a)vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
From: Pavel Machek on 4 Aug 2010 16:50 Hi! > > If this doesn't work for the Android folks for whatever reason, another > > approach would be to do the freeze in user code, which could track > > whether any user-level resources (pthread mutexes, SysV semas, whatever) > > where held, and do the freeze on a thread-by-thread basis within each > > "victim" application as the threads reach safe points. > > The main problem I see with the cgroups solution is that it doesn't seem > to do anything to handle avoiding loss of wakeup events. In different message, Arve said they are actually using low-power idle to emulate suspend on Android. This came like a bit of a shock to me ("why do they make it so complex then"), but... it also means that as soon as you are able to stop "unwanted" processing, you can just leave normal cpuidle mechanisms to deal with the rest... (Of course, you'll also have to fix kernel timers not to beat unneccessarily often; still that's better solution that just stoping them all and then sprinkling wakelocks all over the kernel to deal with obvious bugs it introduces...) Pavel -- (english) http://www.livejournal.com/~pavelmachek (cesky, pictures) http://atrey.karlin.mff.cuni.cz/~pavel/picture/horses/blog.html -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo(a)vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
From: Matthew Garrett on 4 Aug 2010 16:50
On Wed, Aug 04, 2010 at 10:42:08PM +0200, Pavel Machek wrote: > This came like a bit of a shock to me ("why do they make it so complex > then"), but... it also means that as soon as you are able to stop > "unwanted" processing, you can just leave normal cpuidle mechanisms to > deal with the rest... How do you differentiate between "unwanted" and "wanted" processing in the same task in a race-free manner? -- Matthew Garrett | mjg59(a)srcf.ucam.org -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo(a)vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/ |