On Tue, Sep 15, 2020 at 1:39 AM Thomas Gleixner tglx@linutronix.de wrote:
OTOH, having a working 'preemptible()' or maybe better named 'can_schedule()' check makes tons of sense to make decisions about allocation modes or other things.
No. I think that those kinds of decisions about actual behavior are always simply fundamentally wrong.
Note that this is very different from having warnings about invalid use. THAT is correct. It may not warn in all configurations, but that doesn't matter: what matters is that it warns in common enough configurations that developers will catch it.
So having a warning in "might_sleep()" that doesn't always trigger, because you have a limited configuration that can't even detect the situation, that's fine and dandy and intentional.
But having code like
if (can_schedule()) .. do something different ..
is fundamentally complete and utter garbage.
It's one thing if you test for "am I in hardware interrupt context". Those tests aren't great either, but at least they make sense.
But a driver - or some library routine - making a difference based on some nebulous "can I schedule" is fundamentally and basically WRONG.
If some code changes behavior, it needs to be explicit to the *caller* of that code.
So this is why GFP_ATOMIC is fine, but "if (!can_schedule()) do_something_atomic()" is pure shite.
And I am not IN THE LEAST interested in trying to help people doing pure shite. We need to fix them. Like the crypto code is getting fixed.
Linus