On Mon, Sep 30, 2024 at 03:30:01PM +0200, Alice Ryhl wrote:
On Fri, Sep 27, 2024 at 6:32 PM Carlos Llamas cmllamas@google.com wrote:
There are different ways to proceed with this dead node scenario:
- return ESRCH
- silently fail and don't allocate a ref->freeze
- allocate a ref->freeze but don't notify the current state
- allocate and send a "fake" state notification.
I like 1 just because it is technically the correct thing to do from the driver's perspective. However, it does complicate things in userspace as we've discussed. Option 2, could work but it would also fail with EINVAL if a "clear notification" is sent later anyway. Option 3 changes the behavior of guaranteeing a notification upon success. Option 4 can cause trouble on how a "not-frozen" notification is handled in userspace e.g start sending transactions.
As you can see there is no clear winner here, we have to compromise something and option #3 is the best we can do IMO.
I am happy with both #3 and #4. I think #1 and #2 are problematic because they will lead to userspace getting errors on correct use of Binder.
After talking with userspace folks it seems that #3 would be their preferred approach. So this v2 patch it the way to go then!
Thanks, Carlos Llamas