Re: [PATCH RFC tip/core/rcu 03/41] rcu: Add lockdep-RCU checks forsimple self-deadlock

[Paul E. McKenney]

On Fri, Feb 03, 2012 at 01:04:49AM -0800, Josh Triplett wrote:
> On Thu, Feb 02, 2012 at 12:42:06PM -0800, Paul E. McKenney wrote:
> > On Thu, Feb 02, 2012 at 11:56:38AM -0800, Josh Triplett wrote:
> > > On Thu, Feb 02, 2012 at 08:20:17AM -0800, Paul E. McKenney wrote:
> > > > On Wed, Feb 01, 2012 at 04:55:54PM -0800, Josh Triplett wrote:
> > > > > On Wed, Feb 01, 2012 at 11:41:21AM -0800, Paul E. McKenney wrote:
> > > > > > From: "Paul E. McKenney" <paulmck@xxxxxxxxxxxxxxxxxx>
> > > > > > 
> > > > > > It is illegal to have a grace period within a same-flavor RCU read-side
> > > > > > critical section, so this commit adds lockdep-RCU checks to splat when
> > > > > > such abuse is encountered.  This commit does not detect more elaborate
> > > > > > RCU deadlock situations.  These situations might be a job for lockdep
> > > > > > enhancements.
> > > > > 
> > > > > Since doing so also violates the prohibition on blocking within an RCU
> > > > > read-side critical section, wouldn't it suffice to call might_sleep() or
> > > > > equivalent, which also detects other problems?  (Obviously this doesn't
> > > > > apply to SRCU, but it applies to the other variants of RCU.)
> > > > 
> > > > Yes, but...
> > > > 
> > > > The advantage of the lockdep-RCU splat is that it gives you a better
> > > > hint as to where the RCU read-side critical section was entered, which
> > > > is very helpful when tracking these down, especially when they are
> > > > intermittent.
> > > 
> > > Ah, fair enough.
> > > 
> > > > And yes, I should also well check for the other variants of RCU read-side
> > > > critical section (other than RCU).  Done.
> > > 
> > > Oh?  What hadn't you checked for?
> > 
> > Things like synchronize_sched() in rcu_read_lock() critical section
> > and vice versa.
> 
> Ouch.  Good idea.
> 
> That also suggests another interesting possibility: lockdep could tag
> pointers used in the flavor-specific rcu_dereference variants and
> pointers used in the call_rcu variants to make sure nobody uses multiple
> variants on the same pointer. :)  (Assuming we don't want
> flavor-specific __rcu_* pointer tags.)

Indeed, the last attempt to produce flavor-specific __rcu_* pointer tags
turned into quite a mess.  The other issue with it is that it looks like 
there are reasonable use cases for protecting a given pointer with multiple
flavors of RCU.  I don't know if any of them have actually made it into
mainline, but there have been a number of discussions involving them.

> Speaking of which, could kfree_rcu require its argument to have the
> __rcu type annotation?  We can't necessarily guarantee that for call_rcu
> in all cases, but I think we can for kfree_rcu.

It might make sense -- I have added it to my list of things to think
about for RCU.

							Thanx, Paul

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/