[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <471D0C54.7060207@garzik.org>
Date: Mon, 22 Oct 2007 16:47:16 -0400
From: Jeff Garzik <jeff@...zik.org>
To: Andrew Morton <akpm@...ux-foundation.org>
CC: Linus Torvalds <torvalds@...ux-foundation.org>,
Matthew Wilcox <matthew@....cx>, Arnd Bergmann <arnd@...db.de>,
Ralf Baechle <ralf@...ux-mips.org>,
Alexey Dobriyan <adobriyan@...il.com>,
Al Viro <viro@....linux.org.uk>, viro@...iv.linux.org.uk,
linux-kernel@...r.kernel.org, linux-arch@...r.kernel.org
Subject: Re: [PATCH 1/2] irq_flags_t: intro and core annotations
Andrew Morton wrote:
> Linus Torvalds <torvalds@...ux-foundation.org> wrote:
>> > On Mon, 22 Oct 2007, Matthew Wilcox wrote:
>>> > > We certainly don't want to encourage people to blindly make those
>>> > > conversions ... and I've seen the results of encouraging kernel janitors
>>> > > to do things a certain way.
>> > There's another issue: the "irqsave/irqrestore" versions are much safer
>> > than the plain "irq" versions, in case the caller already has interrupts
>> > disabled.
> It's almost always a bug to do spin_lock_irq() when local interrupts are
> disabled.
Let me add to the chorus of voices: I continually see two cases where
real bugs crop up:
1) hacker uses spin_lock_irq() in incorrect context (where it is not
safe to do a blind enable/disable)
2) hacker uses spin_lock_irq() correctly, but the surrounding code
changes, thus invalidating prior assumptions.
I would even go so far as to support the drastic measure of deleting
spin_lock_irq().
spin_lock_irqsave() generates fewer bugs, is more future-proof, and by
virtue of 'flags' permits architectures a bit more flexibility.
Jeff
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists