From: "Paul E. McKenney" <paulmck@linux.vnet.ibm.com>
To: linux-kernel@vger.kernel.org
Cc: mingo@elte.hu, laijs@cn.fujitsu.com, dipankar@in.ibm.com,
akpm@linux-foundation.org, mathieu.desnoyers@polymtl.ca,
josh@joshtriplett.org, niv@us.ibm.com, tglx@linutronix.de,
peterz@infradead.org, rostedt@goodmis.org,
Valdis.Kletnieks@vt.edu, dhowells@redhat.com,
eric.dumazet@gmail.com, darren@dvhart.com, patches@linaro.org,
"Paul E. McKenney" <paulmck@linux.vnet.ibm.com>
Subject: [PATCH tip/core/rcu 33/55] rcu: Improve rcu_assign_pointer() and RCU_INIT_POINTER() documentation
Date: Tue, 6 Sep 2011 11:00:27 -0700 [thread overview]
Message-ID: <1315332049-2604-33-git-send-email-paulmck@linux.vnet.ibm.com> (raw)
In-Reply-To: <20110906180015.GA2560@linux.vnet.ibm.com>
The differences between rcu_assign_pointer() and RCU_INIT_POINTER() are
subtle, and it is easy to use the the cheaper RCU_INIT_POINTER() when
the more-expensive rcu_assign_pointer() should have been used instead.
The consequences of this mistake are quite severe.
This commit therefore carefully lays out the situations in which it it
permissible to use RCU_INIT_POINTER().
Signed-off-by: Paul E. McKenney <paulmck@linux.vnet.ibm.com>
---
include/linux/rcupdate.h | 47 +++++++++++++++++++++++++++++++++++++++------
1 files changed, 40 insertions(+), 7 deletions(-)
diff --git a/include/linux/rcupdate.h b/include/linux/rcupdate.h
index b2e5fe8..9873040 100644
--- a/include/linux/rcupdate.h
+++ b/include/linux/rcupdate.h
@@ -754,11 +754,18 @@ static inline notrace void rcu_read_unlock_sched_notrace(void)
* any prior initialization. Returns the value assigned.
*
* Inserts memory barriers on architectures that require them
- * (pretty much all of them other than x86), and also prevents
- * the compiler from reordering the code that initializes the
- * structure after the pointer assignment. More importantly, this
- * call documents which pointers will be dereferenced by RCU read-side
- * code.
+ * (which is most of them), and also prevents the compiler from
+ * reordering the code that initializes the structure after the pointer
+ * assignment. More importantly, this call documents which pointers
+ * will be dereferenced by RCU read-side code.
+ *
+ * In some special cases, you may use RCU_INIT_POINTER() instead
+ * of rcu_assign_pointer(). RCU_INIT_POINTER() is a bit faster due
+ * to the fact that it does not constrain either the CPU or the compiler.
+ * That said, using RCU_INIT_POINTER() when you should have used
+ * rcu_assign_pointer() is a very bad thing that results in
+ * impossible-to-diagnose memory corruption. So please be careful.
+ * See the RCU_INIT_POINTER() comment header for details.
*/
#define rcu_assign_pointer(p, v) \
__rcu_assign_pointer((p), (v), __rcu)
@@ -766,8 +773,34 @@ static inline notrace void rcu_read_unlock_sched_notrace(void)
/**
* RCU_INIT_POINTER() - initialize an RCU protected pointer
*
- * Initialize an RCU-protected pointer in such a way to avoid RCU-lockdep
- * splats.
+ * Initialize an RCU-protected pointer in special cases where readers
+ * do not need ordering constraints on the CPU or the compiler. These
+ * special cases are:
+ *
+ * 1. This use of RCU_INIT_POINTER() is NULLing out the pointer -or-
+ * 2. The caller has taken whatever steps are required to prevent
+ * RCU readers from concurrently accessing this pointer -or-
+ * 3. The referenced data structure has already been exposed to
+ * readers either at compile time or via rcu_assign_pointer() -and-
+ * a. You have not made -any- reader-visible changes to
+ * this structure since then -or-
+ * b. It is OK for readers accessing this structure from its
+ * new location to see the old state of the structure. (For
+ * example, the changes were to statistical counters or to
+ * other state where exact synchronization is not required.)
+ *
+ * Failure to follow these rules governing use of RCU_INIT_POINTER() will
+ * result in impossible-to-diagnose memory corruption. As in the structures
+ * will look OK in crash dumps, but any concurrent RCU readers might
+ * see pre-initialized values of the referenced data structure. So
+ * please be very careful how you use RCU_INIT_POINTER()!!!
+ *
+ * If you are creating an RCU-protected linked structure that is accessed
+ * by a single external-to-structure RCU-protected pointer, then you may
+ * use RCU_INIT_POINTER() to initialize the internal RCU-protected
+ * pointers, but you must use rcu_assign_pointer() to initialize the
+ * external-to-structure pointer -after- you have completely initialized
+ * the reader-accessible portions of the linked structure.
*/
#define RCU_INIT_POINTER(p, v) \
p = (typeof(*v) __force __rcu *)(v)
--
1.7.3.2
next prev parent reply other threads:[~2011-09-07 6:21 UTC|newest]
Thread overview: 98+ messages / expand[flat|nested] mbox.gz Atom feed top
2011-09-06 18:00 [PATCH tip/core/rcu 0/55] Preview of RCU changes for 3.2 Paul E. McKenney
2011-09-06 17:59 ` [PATCH tip/core/rcu 01/55] rcu: Use kthread_create_on_node() Paul E. McKenney
2011-09-06 17:59 ` [PATCH tip/core/rcu 02/55] rcu: Avoid unnecessary self-wakeup of per-CPU kthreads Paul E. McKenney
2011-09-06 17:59 ` [PATCH tip/core/rcu 03/55] rcu: Update documentation to flag RCU_BOOST trace information Paul E. McKenney
2011-09-06 17:59 ` [PATCH tip/core/rcu 04/55] rcu: Restore checks for blocking in RCU read-side critical sections Paul E. McKenney
2011-09-06 17:59 ` [PATCH tip/core/rcu 05/55] rcu: Move rcu_head definition to types.h Paul E. McKenney
2011-09-07 18:31 ` Paul Gortmaker
2011-09-07 22:11 ` Paul E. McKenney
2011-09-06 18:00 ` [PATCH tip/core/rcu 06/55] rcu: Update rcutorture documentation Paul E. McKenney
2011-09-06 18:00 ` [PATCH tip/core/rcu 07/55] rcu: Fix mismatched variable in rcutree_trace.c Paul E. McKenney
2011-09-06 18:00 ` [PATCH tip/core/rcu 08/55] rcu: Abstract common code for RCU grace-period-wait primitives Paul E. McKenney
2011-09-06 18:00 ` [PATCH tip/core/rcu 09/55] rcu: Catch rcutorture up to new RCU API additions Paul E. McKenney
2011-09-06 18:00 ` [PATCH tip/core/rcu 10/55] rcu: Fix RCU's NMI documentation Paul E. McKenney
2011-09-06 18:00 ` [PATCH tip/core/rcu 11/55] rcu: Drive configuration directly from SMP and PREEMPT Paul E. McKenney
2011-09-06 18:00 ` [PATCH tip/core/rcu 12/55] rcu: Fix pathnames in documentation Paul E. McKenney
2011-09-06 18:00 ` [PATCH tip/core/rcu 13/55] rcu: Don't destroy rcu_torture_boost() callback until it is done Paul E. McKenney
2011-09-06 18:00 ` [PATCH tip/core/rcu 14/55] rcu: Add event-tracing for RCU callback invocation Paul E. McKenney
2011-09-06 18:00 ` [PATCH tip/core/rcu 15/55] rcu: Event-trace markers for computing RCU CPU utilization Paul E. McKenney
2011-09-06 18:00 ` [PATCH tip/core/rcu 16/55] rcu: Put names into TINY_RCU structures under RCU_TRACE Paul E. McKenney
2011-09-06 18:00 ` [PATCH tip/core/rcu 17/55] rcu: Add RCU type to callback-invocation tracing Paul E. McKenney
2011-09-06 18:00 ` [PATCH tip/core/rcu 18/55] rcu: Update comments to reflect softirqs vs. kthreads Paul E. McKenney
2011-09-06 18:00 ` [PATCH tip/core/rcu 19/55] rcu: Move RCU_BOOST declarations to allow compiler checking Paul E. McKenney
2011-09-06 18:00 ` [PATCH tip/core/rcu 20/55] rcu: Add event-trace markers to TREE_RCU kthreads Paul E. McKenney
2011-09-06 18:00 ` [PATCH tip/core/rcu 21/55] rcu: Make TINY_RCU also use softirq for RCU_BOOST=n Paul E. McKenney
2011-09-06 18:00 ` [PATCH tip/core/rcu 22/55] rcu: Add grace-period, quiescent-state, and call_rcu trace events Paul E. McKenney
2011-10-17 1:33 ` Josh Triplett
2011-10-24 12:02 ` Paul E. McKenney
2011-09-06 18:00 ` [PATCH tip/core/rcu 23/55] rcu: Simplify quiescent-state accounting Paul E. McKenney
2011-09-06 18:00 ` [PATCH tip/core/rcu 24/55] rcu: Not necessary to pass rcu_read_lock_held() to rcu_dereference_protected() Paul E. McKenney
2011-09-06 18:00 ` [PATCH tip/core/rcu 25/55] rcu: Update documentation for additional RCU lockdep functions Paul E. McKenney
2011-09-06 18:00 ` [PATCH tip/core/rcu 26/55] rcu: Remove unused and redundant interfaces Paul E. McKenney
2011-09-06 18:00 ` [PATCH tip/core/rcu 27/55] rcu: Allow rcutorture's stat_interval parameter to be changed at runtime Paul E. McKenney
2011-09-06 18:00 ` [PATCH tip/core/rcu 28/55] rcu: Document interpretation of RCU-lockdep splats Paul E. McKenney
2011-09-06 18:00 ` [PATCH tip/core/rcu 29/55] nohz: Remove nohz_cpu_mask Paul E. McKenney
2011-09-06 18:00 ` [PATCH tip/core/rcu 30/55] rcu: Eliminate in_irq() checks in rcu_enter_nohz() Paul E. McKenney
2011-09-06 18:00 ` [PATCH tip/core/rcu 31/55] rcu: Make rcu_implicit_dynticks_qs() locals be correct size Paul E. McKenney
2011-10-17 1:43 ` Josh Triplett
2011-10-24 12:00 ` Paul E. McKenney
2011-09-06 18:00 ` [PATCH tip/core/rcu 32/55] rcu: Make rcu_assign_pointer() unconditionally insert a memory barrier Paul E. McKenney
2011-09-06 18:00 ` Paul E. McKenney [this message]
2011-09-06 18:00 ` [PATCH tip/core/rcu 34/55] rcu: Move __rcu_read_unlock()'s barrier() within if-statement Paul E. McKenney
2011-09-06 18:00 ` [PATCH tip/core/rcu 35/55] rcu: Dump local stack if cannot dump all CPUs' stacks Paul E. McKenney
2011-09-06 18:00 ` [PATCH tip/core/rcu 36/55] rcu: Prevent early boot set_need_resched() from __rcu_pending() Paul E. McKenney
2011-10-17 1:49 ` Josh Triplett
2011-10-24 12:07 ` Paul E. McKenney
2011-09-06 18:00 ` [PATCH tip/core/rcu 37/55] rcu: Simplify unboosting checks Paul E. McKenney
2011-09-06 18:00 ` [PATCH tip/core/rcu 38/55] rcu: Prohibit grace periods during early boot Paul E. McKenney
2011-10-17 1:51 ` Josh Triplett
2011-09-06 18:00 ` [PATCH tip/core/rcu 39/55] rcu: Suppress NMI backtraces when stall ends before dump Paul E. McKenney
2011-09-06 18:00 ` [PATCH tip/core/rcu 40/55] rcu: Avoid having just-onlined CPU resched itself when RCU is idle Paul E. McKenney
2011-09-06 18:00 ` [PATCH tip/core/rcu 41/55] rcu: Permit rt_mutex_unlock() with irqs disabled Paul E. McKenney
2011-09-18 4:09 ` Yong Zhang
2011-09-19 4:14 ` Paul E. McKenney
2011-09-19 5:49 ` Yong Zhang
2011-09-20 14:57 ` Paul E. McKenney
2011-09-06 18:00 ` [PATCH tip/core/rcu 42/55] rcu: Make rcu_torture_fqs() exit loops at end of test Paul E. McKenney
2011-10-17 1:53 ` Josh Triplett
2011-10-24 12:10 ` Paul E. McKenney
2011-09-06 18:00 ` [PATCH tip/core/rcu 43/55] rcu: Make rcu_torture_boost() " Paul E. McKenney
2011-09-06 18:00 ` [PATCH tip/core/rcu 44/55] rcu: wire up RCU_BOOST_PRIO for rcutree Paul E. McKenney
2011-09-13 12:02 ` Mike Galbraith
2011-09-13 15:34 ` Paul E. McKenney
2011-09-13 16:04 ` Mike Galbraith
2011-09-13 20:50 ` Paul E. McKenney
2011-10-17 1:55 ` Josh Triplett
2011-09-06 18:00 ` [PATCH tip/core/rcu 45/55] rcu: check for entering dyntick-idle mode while in read-side critical section Paul E. McKenney
2011-09-06 18:00 ` [PATCH tip/core/rcu 46/55] rcu: Remove rcu_needs_cpu_flush() to avoid false quiescent states Paul E. McKenney
2011-09-06 18:00 ` [PATCH tip/core/rcu 47/55] rcu: Move propagation of ->completed from rcu_start_gp() to rcu_report_qs_rsp() Paul E. McKenney
2011-09-06 18:00 ` [PATCH tip/core/rcu 48/55] powerpc: strengthen value-returning-atomics memory barriers Paul E. McKenney
2011-09-09 17:23 ` Olof Johansson
2011-09-09 17:34 ` Paul E. McKenney
2011-09-09 18:43 ` Olof Johansson
2011-09-06 18:00 ` [PATCH tip/core/rcu 49/55] rcu: Detect illegal rcu dereference in extended quiescent state Paul E. McKenney
2011-09-06 18:00 ` [PATCH tip/core/rcu 50/55] rcu: Inform the user about dynticks-idle mode on PROVE_RCU warning Paul E. McKenney
2011-09-06 18:00 ` [PATCH tip/core/rcu 51/55] rcu: Warn when rcu_read_lock() is used in extended quiescent state Paul E. McKenney
2011-09-06 18:00 ` [PATCH tip/core/rcu 52/55] rcu: Remove one layer of abstraction from PROVE_RCU checking Paul E. McKenney
2011-09-06 18:00 ` [PATCH tip/core/rcu 53/55] rcu: Warn when srcu_read_lock() is used in an extended quiescent state Paul E. McKenney
2011-10-04 21:03 ` Frederic Weisbecker
2011-10-04 23:40 ` Paul E. McKenney
2011-10-04 23:42 ` Frederic Weisbecker
2011-09-06 18:00 ` [PATCH tip/core/rcu 54/55] rcu: Make srcu_read_lock_held() call common lockdep-enabled function Paul E. McKenney
2011-10-17 2:03 ` Josh Triplett
2011-10-24 12:34 ` Paul E. McKenney
2011-09-06 18:00 ` [PATCH tip/core/rcu 55/55] powerpc: Work around tracing from dyntick-idle mode Paul E. McKenney
2011-09-07 10:00 ` Benjamin Herrenschmidt
2011-09-07 13:44 ` Paul E. McKenney
2011-09-13 19:13 ` Frederic Weisbecker
2011-09-13 19:50 ` Paul E. McKenney
2011-09-13 20:49 ` Benjamin Herrenschmidt
2011-09-15 14:53 ` Frederic Weisbecker
2011-09-16 12:24 ` Frederic Weisbecker
2011-09-07 14:39 ` [PATCH tip/core/rcu 0/55] Preview of RCU changes for 3.2 Lin Ming
2011-09-08 17:41 ` Paul E. McKenney
2011-09-08 19:23 ` Thomas Gleixner
2011-09-08 20:48 ` Paul E. McKenney
2011-09-12 16:24 ` Paul E. McKenney
2011-10-17 2:06 ` Josh Triplett
2011-10-24 12:35 ` Paul E. McKenney
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1315332049-2604-33-git-send-email-paulmck@linux.vnet.ibm.com \
--to=paulmck@linux.vnet.ibm.com \
--cc=Valdis.Kletnieks@vt.edu \
--cc=akpm@linux-foundation.org \
--cc=darren@dvhart.com \
--cc=dhowells@redhat.com \
--cc=dipankar@in.ibm.com \
--cc=eric.dumazet@gmail.com \
--cc=josh@joshtriplett.org \
--cc=laijs@cn.fujitsu.com \
--cc=linux-kernel@vger.kernel.org \
--cc=mathieu.desnoyers@polymtl.ca \
--cc=mingo@elte.hu \
--cc=niv@us.ibm.com \
--cc=patches@linaro.org \
--cc=peterz@infradead.org \
--cc=rostedt@goodmis.org \
--cc=tglx@linutronix.de \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).