From: Nilay Shroff <nilay@linux.ibm.com>
To: paulmck@kernel.org, Marco Elver <elver@google.com>
Cc: Christoph Hellwig <hch@lst.de>,
linux-nvme@lists.infradead.org, linux-kernel@vger.kernel.org,
kbusch@kernel.org, sagi@grimberg.me, axboe@fb.com,
bvanassche@acm.org, gjoyce@linux.ibm.com
Subject: Re: [PATCHv2 05/17] nvme: add Clang context annotations for nvme_ns_head::current_path
Date: Mon, 29 Jun 2026 10:50:39 +0530 [thread overview]
Message-ID: <2a3c6a56-a9a6-461e-80ca-c0f2b4203bff@linux.ibm.com> (raw)
In-Reply-To: <62bbec8e-6eb5-4024-acba-6be1e7f33080@paulmck-laptop>
On 6/28/26 9:37 PM, Paul E. McKenney wrote:
> On Sun, Jun 28, 2026 at 08:00:00AM +0200, Marco Elver wrote:
>> On Sat, 27 Jun 2026 at 19:14, Paul E. McKenney <paulmck@kernel.org> wrote:
>>>
>>> On Sat, Jun 27, 2026 at 05:38:44PM +0200, Marco Elver wrote:
>>>> On Fri, 26 Jun 2026 at 20:36, Paul E. McKenney <paulmck@kernel.org> wrote:
>>>>> On Fri, Jun 26, 2026 at 08:40:50AM +0200, Christoph Hellwig wrote:
>>>>>> On Sun, Jun 14, 2026 at 06:45:20PM +0530, Nilay Shroff wrote:
>>>>>>> +++ b/drivers/nvme/host/multipath.c
>>>>>>> @@ -231,8 +231,16 @@ bool nvme_mpath_clear_current_path(struct nvme_ns *ns)
>>>>>>> bool changed = false;
>>>>>>> int node;
>>>>>>>
>>>>>>> + /*
>>>>>>> + * This helper is used by namespace failover/teardown and I/O policy
>>>>>>> + * update paths. We only compare the head->current_path[] pointer value
>>>>>>> + * and do not dereference the referenced namespace, so suppress the
>>>>>>> + * context analysis warning for this lockless inspection of the
>>>>>>> + * __rcu_guarded pointer.
>>>>>>> + */
>>>>>>> for_each_node(node) {
>>>>>>> - if (ns == rcu_access_pointer(head->current_path[node])) {
>>>>>>> + if (context_unsafe(ns ==
>>>>>>> + rcu_access_pointer(head->current_path[node]))) {
>>>>>>
>>>>>> I think we need a helper for this, as for a simple pointer value
>>>>>> comparison without a dereference we don't really need either
>>>>>> rcu_access_pointer nor locking.
>>>>>>
>>>>>> Maybe somthing like a
>>>>>>
>>>>>> rcu_compare_pointer(rcu_pointer, nonrcu_pointer)
>>>>>>
>>>>>> ?
>>>>>
>>>>> We could provide something like this:
>>>>>
>>>>> #define rcu_compare_pointer(rcu_pointer, nonrcu_pointer) \
>>>>> context_unsafe(rcu_access_pointer(rcu_pointer) == (nonrcu_pointer))
>>>>>
>>>>> Or maybe rcu_pointer_equals()?
>>>>>
>>>>> Marco, thoughts?
>>>>
>>>> I see 2 options:
>>>>
>>>> 1. rcu_compare_pointer / rcu_pointer_equals as proposed. It's more
>>>> explicit but does add some friction during Context Analysis
>>>> enablement. But this only makes sense if there are cases where
>>>> rcu_access_pointer() should be used under the RCU reader lock, which
>>>> led me to the next suggestion...
>>>>
>>>> 2. Redefine rcu_access_pointer() to just not require the RCU read-side
>>>> lock to be held as:
>>>>
>>>>> #define rcu_access_pointer(p) context_unsafe(__rcu_access_pointer((p), __UNIQUE_ID(rcu), __rcu))
>>>>
>>>> [ Or alternatively wrap __rcu_access_pointer() in context_unsafe()
>>>> (similar to rcu_assign_pointer and friends). ]
>>>>
>>>> I think rcu_access_pointer() is in the same category as the other RCU
>>>> pointer helpers, although currently only the pointer update helpers
>>>> imply context_unsafe(); I think it might have been an oversight
>>>> initially, and we should change rcu_access_pointer() to match. There
>>>> should be no reason why an rcu_access_pointer() should be protected by
>>>> the RCU read-side critical section, since it's not meant for
>>>> dereferencing the pointer (that'd be a bug; its documentation also
>>>> says "Return the value of the specified RCU-protected pointer, but
>>>> omit the lockdep checks for being in an RCU read-side critical section
>>>> [...]").
>>>>
>>>> If you agree there should be no cases where an rcu_access_pointer()
>>>> should be guarded by an RCU read-side critical section, then I think
>>>> this is the simplest and correct design, and avoids expanding the RCU
>>>> API.
>>>
>>> I don't know of any uses of rcu_access_pointer() within an RCU read-side
>>> critical section, but code in a function that might be called both within
>>> and outside of a critical section might well use rcu_access_pointer().
>>> In other words, it should be OK to use rcu_access_pointer() within an
>>> RCU read-side critical section as well as outside of one.
>>
>> Thanks, yes, that's what I wanted to confirm; i.e. it's ok to use
>> rcu_access_pointer() within and outside an RCU read-side critical
>> section.
>>
>> In which case, my proposal (2) to make rcu_access_pointer() not warn
>> on accessing __rcu_guarded pointers outside an RCU read-side critical
>> section should be the simpler and more generic change (vs. adding a
>> new rcu_pointer_equals() helper).
>
> As shown below?
>
> My guess is that this change makes it unnecessary to have a separate
> RCU-protected-pointer comparison macro, but please let me know if I am
> missing something.
>
> Thanx, Paul
>
> ------------------------------------------------------------------------
>
> commit 32c1e63fee171f7ed8cc986ec64f576ee80bccab
> Author: Paul E. McKenney <paulmck@kernel.org>
> Date: Sun Jun 28 09:00:01 2026 -0700
>
> rcu: Mark __rcu_access_pointer() as context_unsafe()
>
> A simple comparison of a pointer returned by rcu_access_pointer() results
> in a context-analysis warning for lockless inspection of the RCU-protected
> (also known as __rcu-protected) pointer. This can be suppressed by
> placing context_unsafe() calls around calls rcu_access_pointer(),
> but this is messy and distracting. This commit therefore wraps the
> underlying __rcu_access_pointer() macro with a call to context_unsafe(),
> thereby informing the context-analysis code that rcu_access_pointer()
> may safely be invoked outside of an RCU read-side critical section.
>
> Reported-by: Christoph Hellwig <hch@lst.de>
> Suggested-by: Marco Elver <elver@google.com>
> Signed-off-by: Paul E. McKenney <paulmck@kernel.org>
>
> diff --git a/include/linux/rcupdate.h b/include/linux/rcupdate.h
> index 5e95acc33989b6..e40dc2e20c5b1f 100644
> --- a/include/linux/rcupdate.h
> +++ b/include/linux/rcupdate.h
> @@ -490,12 +490,12 @@ context_unsafe( \
> */
> #define unrcu_pointer(p) __unrcu_pointer(p, __UNIQUE_ID(rcu))
>
> -#define __rcu_access_pointer(p, local, space) \
> +#define __rcu_access_pointer(p, local, space) context_unsafe( \
> ({ \
> typeof(*p) *local = (typeof(*p) *__force)READ_ONCE(p); \
> rcu_check_sparse(p, space); \
> ((typeof(*p) __force __kernel *)(local)); \
> -})
> +}) )
> #define __rcu_dereference_check(p, local, c, space) \
> ({ \
> /* Dependency order vs. p above. */ \
I have tested the above patch with an __rcu_guarded pointer accessed
outside an RCU read-side critical section while Clang context analysis
is enabled. I can confirm that this change suppresses the context
analysis warning when the pointer is accessed via rcu_access_pointer().
With that, if you send out this change, please add:
Tested-by: Nilay Shroff <nilay@linux.ibm.com>
Thanks,
--Nilay
next prev parent reply other threads:[~2026-06-29 5:21 UTC|newest]
Thread overview: 68+ messages / expand[flat|nested] mbox.gz Atom feed top
2026-06-14 13:15 [PATCHv2 00/17] Support Clang context analysis for NVMe host drivers Nilay Shroff
2026-06-14 13:15 ` [PATCHv2 01/17] nvme: update nvme_passthru_end() signature Nilay Shroff
2026-06-26 6:32 ` Christoph Hellwig
2026-06-14 13:15 ` [PATCHv2 02/17] nvme: add Clang context annotations for nvme_passthru_{start|stop} Nilay Shroff
2026-06-26 6:33 ` Christoph Hellwig
2026-06-26 14:20 ` Nilay Shroff
2026-06-14 13:15 ` [PATCHv2 03/17] nvme: add Clang context annotations for nvme_ns_head::srcu Nilay Shroff
2026-06-26 6:34 ` Christoph Hellwig
2026-06-14 13:15 ` [PATCHv2 04/17] nvme: add Clang context annotations for nvme_ns_head::requeue_list Nilay Shroff
2026-06-26 6:37 ` Christoph Hellwig
2026-06-26 14:24 ` Nilay Shroff
2026-06-14 13:15 ` [PATCHv2 05/17] nvme: add Clang context annotations for nvme_ns_head::current_path Nilay Shroff
2026-06-26 6:40 ` Christoph Hellwig
2026-06-26 15:35 ` Nilay Shroff
2026-06-26 18:36 ` Paul E. McKenney
2026-06-27 15:38 ` Marco Elver
2026-06-27 17:14 ` Paul E. McKenney
2026-06-28 6:00 ` Marco Elver
2026-06-28 16:07 ` Paul E. McKenney
2026-06-29 5:20 ` Nilay Shroff [this message]
2026-06-29 8:48 ` Marco Elver
2026-06-29 15:33 ` Paul E. McKenney
2026-06-30 9:56 ` Nilay Shroff
2026-06-30 14:24 ` Paul E. McKenney
2026-06-29 6:00 ` Marco Elver
2026-06-29 6:04 ` Nilay Shroff
2026-06-14 13:15 ` [PATCHv2 06/17] nvme: add Clang context annotations for nvme_dev::shutdown_lock Nilay Shroff
2026-06-26 6:41 ` Christoph Hellwig
2026-06-14 13:15 ` [PATCHv2 07/17] nvme: add Clang context annotations for nvme_subsystem::lock Nilay Shroff
2026-06-26 6:43 ` Christoph Hellwig
2026-06-26 14:39 ` Nilay Shroff
2026-06-29 12:47 ` Christoph Hellwig
2026-06-29 23:12 ` Marco Elver
2026-06-30 9:53 ` Nilay Shroff
2026-07-09 6:20 ` Christoph Hellwig
2026-07-09 7:24 ` Marco Elver
2026-07-10 7:58 ` Nilay Shroff
2026-06-14 13:15 ` [PATCHv2 08/17] nvme: add Clang context annotations for nvme_ctrl::ana_lock Nilay Shroff
2026-06-26 6:43 ` Christoph Hellwig
2026-06-14 13:15 ` [PATCHv2 09/17] nvme: add Clang context annotations for nvme_subsystems_lock Nilay Shroff
2026-06-26 6:45 ` Christoph Hellwig
2026-06-26 14:48 ` Nilay Shroff
2026-06-29 12:47 ` Christoph Hellwig
2026-06-14 13:15 ` [PATCHv2 10/17] nvme: add Clang context annotations in fabric.c Nilay Shroff
2026-06-14 13:15 ` [PATCHv2 11/17] nvme: add Clang context annotations for nvme_queue::sq_lock Nilay Shroff
2026-06-26 6:47 ` Christoph Hellwig
2026-06-26 9:50 ` Marco Elver
2026-06-26 15:12 ` Nilay Shroff
2026-06-29 12:48 ` Christoph Hellwig
2026-06-14 13:15 ` [PATCHv2 12/17] nvme: add Clang context annotations for nvme_queue::cq_poll_lock Nilay Shroff
2026-06-26 6:48 ` Christoph Hellwig
2026-06-26 15:22 ` Nilay Shroff
2026-06-29 12:50 ` Christoph Hellwig
2026-06-30 9:26 ` Nilay Shroff
2026-06-30 10:56 ` Marco Elver
2026-07-01 7:45 ` Nilay Shroff
2026-06-14 13:15 ` [PATCHv2 13/17] nvme: add Clang context annotations in rdma.c Nilay Shroff
2026-06-14 13:15 ` [PATCHv2 14/17] nvme: fix Clang context analysis warning " Nilay Shroff
2026-06-26 6:49 ` Christoph Hellwig
2026-06-26 15:31 ` Nilay Shroff
2026-06-29 12:50 ` Christoph Hellwig
2026-06-29 22:47 ` Marco Elver
2026-06-30 9:35 ` Nilay Shroff
2026-06-30 10:38 ` Marco Elver
2026-07-01 7:50 ` Nilay Shroff
2026-06-14 13:15 ` [PATCHv2 15/17] nvme: add Clang context annotations in tcp.c Nilay Shroff
2026-06-14 13:15 ` [PATCHv2 16/17] nvme: fix Clang context analysis warning " Nilay Shroff
2026-06-14 13:15 ` [PATCHv2 17/17] nvme: enable Clang context analysis support for nvme host driver Nilay Shroff
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=2a3c6a56-a9a6-461e-80ca-c0f2b4203bff@linux.ibm.com \
--to=nilay@linux.ibm.com \
--cc=axboe@fb.com \
--cc=bvanassche@acm.org \
--cc=elver@google.com \
--cc=gjoyce@linux.ibm.com \
--cc=hch@lst.de \
--cc=kbusch@kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-nvme@lists.infradead.org \
--cc=paulmck@kernel.org \
--cc=sagi@grimberg.me \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox
Powered by JetHome