On 28/04/14 18:44, Colin Cross wrote:
Is that case documented somewhere in the code comments?
Perhaps not near enough to the _nolock but the primary bit of comment is here (and in same file as kdb_sr). --- cut here ---
- kdb_main_loop - After initial setup and assignment of the
controlling cpu, all cpus are in this loop. One cpu is incontrol and will issue the kdb prompt, the others will spinuntil 'go' or cpu switch.--- cut here ---
The mechanism kgdb uses to quiesce other CPUs means other CPUs cannot be in irqsave critical sections.
One of the advantages of FIQ debugger is that it can be triggered from an FIQ (NMI for those in x86 land), and Jason and I have discussed using FIQs for kgdb to allow interrupting cpus stuck in critical sections. If that gets implemented the above assumption will no longer be correct.
Quite so (I've got Anton's old FIQ patches running on latest kernel and am trying to port to a GICv2-without-trustzone qemu model I've written in order to kick the idea about a bit on an ARM multi-arch kernel).
This patch has therefore pained me a little bit to not complete cover this case in the patch. As posted I deliberately ignore the problem. In this particular case the SysRq table is so infrequently updated the chances of an badly timed NMI are vanishingly small and, at that point, even if we did actually hit that tiny window its *still* better to have the new behaviour (risk of race) than the old behaviour (guaranteed deadlock).
I'd very much welcome other ideas (I have tried out quite a few in my head but none solve the problem of NMI "gratuitiously" hitting critical sections). However when NMI/FIQ finally comes along I'd be tempted to borrow the "bounce to normal interrupt mode" idea from FIQ debugger and ensure commands like "sr" command do not run from the NMI handler.
Daniel.