* Peter Zijlstra <peterz@xxxxxxxxxxxxx> wrote:
> On Tue, 2009-06-16 at 10:13 +0200, Ingo Molnar wrote:
>
> > > By removing the types it becomes very difficult to verify the max
> > > depth. I really don't like removing them.
> >
> > The fact that it implies an atomic section pretty much limits its
> > depth in practice, doesnt it?
> >
> > All we need to track in the debug code is
> > max-{syscall,softirq,hardirq,nmi}. The sum of these 4 counts
> > must be smaller than the max - even if (as you are right to
> > point out) we dont hit that magic combo that truly maximizes the
> > depth.
>
> Right, so the thing I'd worry about is someone adding
> kmap_atomic() to an interrupt context that didn't have interrupts
> disabled and then managing to nest that a few times.
>
> Suppose you put it in some IO completion handler, and someone has
> 4 IO controllers installed and all 4 IO interrupts come in at the
> 'same' time.
>
> With types you could warn on similarly to what we do today, but
> with the simple push/pop that might be a lot harder.
Yes, fixed-purpose allocations are easier to warn about - they imply
more constraints, no doubt about that.
But we could warn about using kmap-atomic with in irq context with
irqs enabled and thus exclude the case you are worried about?
> Anyway, with the whole cr2 fiddling bit being discussed this seems
> to become redundant.
It's not just the cr2 fiddling but also conversion of pagefault
returns from IRET to RET. The kmap_atomic API change is a nice
cleanup in itself.
Ingo
--
To unsubscribe from this list: send the line "unsubscribe linux-tip-commits" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
|