The reader-writer-lock analogy is a useful way to think about RCU, but it is not always applicable. It is useful to have other analogies to work with, and particularly to emphasise that no single analogy is perfect. This patch adds a "RCU as reference count" to the "what is RCU" document. See https://lwn.net/Articles/872559/ Signed-off-by: NeilBrown <neilb@xxxxxxx> --- Documentation/RCU/whatisRCU.rst | 78 +++++++++++++++++++++++++++++++-- 1 file changed, 75 insertions(+), 3 deletions(-) diff --git a/Documentation/RCU/whatisRCU.rst b/Documentation/RCU/whatisRCU.rst index 17e95ab2a201..836b3c0bbf2e 100644 --- a/Documentation/RCU/whatisRCU.rst +++ b/Documentation/RCU/whatisRCU.rst @@ -872,7 +872,79 @@ be used in place of synchronize_rcu(). .. _7_whatisRCU: -7. FULL LIST OF RCU APIs +7. ANALOGY WITH REFERENCE COUNTING +----------------------------------- + +Many uses of RCU do not look so much like reader-writer locking as +illustrated by the previous section and so it can be helpful to have +other analogies to draw on. One such analogy involves thinking of its +behaviour as similar to reference counting: RCU effectively provides a +temporary protected reference on "everything". + +A reference count typically does not prevent the referenced object from +changes to values, but does prevent changes to type - particularly the +gross change of type that happens when the memory used to store the +object is freed and reclaimed for some other purpose. Once a +type-safe reference to the object is obtained some other mechanism is +needed to ensure consistent access to the data in the object. This +could involve taking a spinlock, but with RCU the typical approach is to +perform reads with SMP-aware operations such as smp_load_acquire(), to +perform updates with atomic read-modify-write operations, and to be +careful of ordering the operations. RCU provides a number of support +functions that embedded the required operations and ordering, such as the +list_for_each_entry_rcu() in the example of the previous section. + +A more precise statement of the reference counting behaviour is that, +between rcu_read_lock() and rcu_read_unlock(), any reference taken with +rcu_dereference() on a pointer marked as ``__rcu`` can be treated as +though a reference-count on that object has been temporarily increased. +This prevents the object from changing type. Exactly what this means +will depend on normal expectations of objects of that type, but it +typically includes that spinlocks can still be safely locked, normal +reference counters can be safely manipulated, and ``__rcu`` pointers can +be safely dereferenced. + +Some operations that one might expect to see on an object for +which an RCU reference is held include: + - copying out data that is guaranteed to be stable by the type of the + object. + - Using kref_get_unless_zero() or similar to get a longer-term + reference. This may fail of course. + - Claiming a spinlock in the object, and checking if the object still + is the expected object and if so, manipulating it freely. + +The understanding that RCU provides a reference that only prevents a +change of type is particularly visible with objects allocated from a +slab cache marked SLAB_TYPESAFE_BY_RCU. RCU operations may yield a +reference to and object from such a cache that has been concurrently +freed and reallocated to a completely different object, though of the +same type. In this case RCU doesn't even protect the identity of the +object from changing, only its type. So the object found may not be the +one expected, but it will be one where it is safe to take a reference or +spinlock and then confirm that the identity matches the expectations. + +With traditional reference counting - such as that implemented by the +kref library in Linux - there is typically code that runs when the last +reference to an object is dropped. With kref, this is the function +passed to kref_put(). When RCU is being used such finalization code +must not be run until all ``__rcu`` pointers referencing the object have +been updated, and then a grace period has passed. Every remaining +globally visible pointer to the object must be considered to be a +potential counted reference, and the finalization code it typically run +using call_rcu() only after all those pointers have been changed. + +To see how to choose between there two analogies - of RCU as a +reader-writer lock and RCU as a reference counting system - it is useful +to reflect on the scale of the thing being protected. The reader-writer +lock analogy looks at larger multi-part objects such as a linked list +and shows how RCU can facilitate concurrency while elements are add to, +and removed from, the list. The reference-count analogy looks at the +individual objects and looks at how they can be accessed safely within +whatever whole they are a part of. + +.. _8_whatisRCU: + +8. FULL LIST OF RCU APIs ------------------------- The RCU APIs are documented in docbook-format header comments in the @@ -1035,9 +1107,9 @@ g. Otherwise, use RCU. Of course, this all assumes that you have determined that RCU is in fact the right tool for your job. -.. _8_whatisRCU: +.. _9_whatisRCU: -8. ANSWERS TO QUICK QUIZZES +9. ANSWERS TO QUICK QUIZZES ---------------------------- Quick Quiz #1: -- 2.33.1
