Re: [PATCH 1/2] irq_flags_t: intro and core annotations

[Jeff Garzik]

Andrew Morton wrote:
> Linus Torvalds <torvalds@xxxxxxxxxxxxxxxxxxxx> wrote:

> > > On Mon, 22 Oct 2007, Matthew Wilcox wrote:
> > > > > We certainly don't want to encourage people to blindly make those
> > > > > conversions ... and I've seen the results of encouraging kernel janitors
> > > > > to do things a certain way.

> > > There's another issue: the "irqsave/irqrestore" versions are much safer 
> > > than the plain "irq" versions, in case the caller already has interrupts 
> > > disabled. 

> It's almost always a bug to do spin_lock_irq() when local interrupts are
> disabled.


Let me add to the chorus of voices:  I continually see two cases where 
real bugs crop up:

1) hacker uses spin_lock_irq() in incorrect context (where it is not 
safe to do a blind enable/disable)

2) hacker uses spin_lock_irq() correctly, but the surrounding code 
changes, thus invalidating prior assumptions.

I would even go so far as to support the drastic measure of deleting 
spin_lock_irq().

spin_lock_irqsave() generates fewer bugs, is more future-proof, and by 
virtue of 'flags' permits architectures a bit more flexibility.

	Jeff



-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/