percpu-refcount: init ->confirm_switch member properly

This patch targets two things which are related to ->confirm_switch:

 1. Init ->confirm_switch pointer with NULL on percpu_ref_init() or
    kernel frightfully complains with WARN_ON_ONCE(ref->confirm_switch)
    at __percpu_ref_switch_to_atomic if memory chunk was not properly
    zeroed.

 2. Warn if RCU callback is still in progress on percpu_ref_exit().
    The race still exists, because percpu_ref_call_confirm_rcu()
    drops ->confirm_switch to NULL early, but that is only a warning
    and still the caller is responsible that ref is no longer in
    active use.  Hopefully that can help to catch incorrect usage
    of percpu-refcount.

Signed-off-by: Roman Pen <roman.penyaev@profitbricks.com>
Cc: Tejun Heo <tj@kernel.org>
Cc: linux-kernel@vger.kernel.org
Signed-off-by: Tejun Heo <tj@kernel.org>

diff --git a/lib/percpu-refcount.c b/lib/percpu-refcount.c
index c69938e4b0d5c64ce17ff351076b3679787178f8..9ac959ef4cae972374540f34895465507e656d7b 100644 (file)
--- a/lib/percpu-refcount.c
+++ b/lib/percpu-refcount.c
@@ -83,6 +83,7 @@ int percpu_ref_init(struct percpu_ref *ref, percpu_ref_func_t *release,
        atomic_long_set(&ref->count, start_count);
 
        ref->release = release;
+       ref->confirm_switch = NULL;
        return 0;
 }
 EXPORT_SYMBOL_GPL(percpu_ref_init);
@@ -102,6 +103,8 @@ void percpu_ref_exit(struct percpu_ref *ref)
        unsigned long __percpu *percpu_count = percpu_count_ptr(ref);
 
        if (percpu_count) {
+               /* non-NULL confirm_switch indicates switching in progress */
+               WARN_ON_ONCE(ref->confirm_switch);
                free_percpu(percpu_count);
                ref->percpu_count_ptr = __PERCPU_REF_ATOMIC_DEAD;
        }