Re: [PATCH 1/2] remove rcu_assign_pointer(NULL) penalty withtype/macro safety

From: Stephen Hemminger
Date: Wed Feb 13 2008 - 18:52:24 EST


On Wed, 13 Feb 2008 15:37:44 -0800
"Paul E. McKenney" <paulmck@xxxxxxxxxxxxxxxxxx> wrote:

> On Wed, Feb 13, 2008 at 02:42:33PM -0800, Stephen Hemminger wrote:
> > On Wed, 13 Feb 2008 14:41:34 -0800
> > "Paul E. McKenney" <paulmck@xxxxxxxxxxxxxxxxxx> wrote:
> >
> > > On Wed, Feb 13, 2008 at 02:35:37PM -0800, Stephen Hemminger wrote:
> > > > On Wed, 13 Feb 2008 14:00:24 -0800
> > > > "Paul E. McKenney" <paulmck@xxxxxxxxxxxxxxxxxx> wrote:
> > > >
> > > > > Hello!
> > > > >
> > > > > This is an updated version of the patch posted last November:
> > > > >
> > > > > http://archives.free.net.ph/message/20071201.003721.cd6ff17c.en.html
> > > > >
> > > > > This new version permits arguments with side effects, for example:
> > > > >
> > > > > rcu_assign_pointer(global_p, p++);
> > > > >
> > > > > and also verifies that the arguments are pointers, while still avoiding
> > > > > the unnecessary memory barrier when assigning NULL to a pointer.
> > > > > This memory-barrier avoidance means that rcu_assign_pointer() is now only
> > > > > permitted for pointers (not array indexes), and so this version emits a
> > > > > compiler warning if the first argument is not a pointer. I built a "make
> > > > > allyesconfig" version on an x86 system, and received no such warnings.
> > > > > If RCU is ever applied to array indexes, then the second patch in this
> > > > > series should be applied, and the resulting rcu_assign_index() be used.
> > > > >
> > > > > Given the rather surprising history of subtlely broken implementations of
> > > > > rcu_assign_pointer(), I took the precaution of generating a full set of
> > > > > test cases and verified that memory barriers and compiler warnings were
> > > > > emitted when required. I guess it is the simple things that get you...
> > > > >
> > > > > Signed-off-by: Paul E. McKenney <paulmck@xxxxxxxxxxxxxxxxxx>
> > > > > ---
> > > > >
> > > > > rcupdate.h | 16 ++++++++++++----
> > > > > 1 file changed, 12 insertions(+), 4 deletions(-)
> > > > >
> > > > > diff -urpNa -X dontdiff linux-2.6.24/include/linux/rcupdate.h linux-2.6.24-rap/include/linux/rcupdate.h
> > > > > --- linux-2.6.24/include/linux/rcupdate.h 2008-01-24 14:58:37.000000000 -0800
> > > > > +++ linux-2.6.24-rap/include/linux/rcupdate.h 2008-02-13 13:36:47.000000000 -0800
> > > > > @@ -270,12 +270,20 @@ extern struct lockdep_map rcu_lock_map;
> > > > > * structure after the pointer assignment. More importantly, this
> > > > > * call documents which pointers will be dereferenced by RCU read-side
> > > > > * code.
> > > > > + *
> > > > > + * Throws a compiler warning for non-pointer arguments.
> > > > > + *
> > > > > + * Does not insert a memory barrier for a NULL pointer.
> > > > > */
> > > > >
> > > > > -#define rcu_assign_pointer(p, v) ({ \
> > > > > - smp_wmb(); \
> > > > > - (p) = (v); \
> > > > > - })
> > > > > +#define rcu_assign_pointer(p, v) \
> > > > > + ({ \
> > > > > + typeof(*p) *_________p1 = (v); \
> > > > > + \
> > > > > + if (!__builtin_constant_p(v) || (_________p1 != NULL)) \
> > > > > + smp_wmb(); \
> > > > > + (p) = _________p1; \
> > > > > + })
> > > > >
> > > > > /**
> > > > > * synchronize_sched - block until all CPUs have exited any non-preemptive
> > > >
> > > > Will this still work if p is unsigned long?
> > >
> > > Hello, Steve,
> > >
> > > If p is unsigned long, then use rcu_assign_index() from the next patch in
> > > the set. Looks like Andrew has applied it to -mm -- so please make sure
> > > that he is aware if you do use it.
> >
> > Make sure fib_trie still works and doesn't get warnings.
>
> Ah. It does take a bit to get fib_trie into one's build -- allyesconfig
> doesn't cut it. Please accept my apologies for my confusion!!!
>
> Once fib_trie is configured, I do indeed get:
>
> net/ipv4/fib_trie.c: In function ânode_set_parentâ:
> net/ipv4/fib_trie.c:182: warning: comparison between pointer and integer
>
> So, given that node->parent is an unsigned long, I changed node_set_parent()
> to the following:
>
> static inline void node_set_parent(struct node *node, struct tnode *ptr)
> {
> rcu_assign_index(node->parent, (unsigned long)ptr | NODE_TYPE(node));
> }
>
> This removes the warnings. I am a little ambivalent about this, as
> this is really a pointer in disguise rather than an array index, but
> patch below. I suppose that another option would be to make node->parent
> be a void* and provide appropriate accessor functions/macros.
>
> Thoughts?
>
> Signed-off-by: Paul E. McKenney <paulmck@xxxxxxxxxxxxxxxxxx>

Maybe cast both sides to void * in this case:

static inline void node_set_parent(struct node *node, struct tnode *ptr)
{
rcu_assign_pointer((void *) node->parent, (void *)((unsigned long)ptr | NODE_TYPE(node)));
}

--
Stephen Hemminger <stephen.hemminger@xxxxxxxxxx>
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/