Commit c9eb55db authored by Omar Sandoval's avatar Omar Sandoval Committed by David Sterba

btrfs: get rid of pointless wtag variable in async-thread.c

Commit ac0c7cf8 ("btrfs: fix crash when tracepoint arguments are
freed by wq callbacks") added a void pointer, wtag, which is passed into
trace_btrfs_all_work_done() instead of the freed work item. This is
silly for a few reasons:

1. The freed work item still has the same address.
2. work is still in scope after it's freed, so assigning wtag doesn't
   stop anyone from using it.
3. The tracepoint has always taken a void * argument, so assigning wtag
   doesn't actually make things any more type-safe. (Note that the
   original bug in commit bc074524 ("btrfs: prefix fsid to all trace
   events") was that the void * was implicitly casted when it was passed
   to btrfs_work_owner() in the trace point itself).

Instead, let's add some clearer warnings as comments.
Reviewed-by: default avatarNikolay Borisov <nborisov@suse.com>
Reviewed-by: default avatarFilipe Manana <fdmanana@suse.com>
Signed-off-by: default avatarOmar Sandoval <osandov@fb.com>
Reviewed-by: default avatarDavid Sterba <dsterba@suse.com>
Signed-off-by: default avatarDavid Sterba <dsterba@suse.com>
parent a0cac0ec
...@@ -226,7 +226,6 @@ static void run_ordered_work(struct __btrfs_workqueue *wq, ...@@ -226,7 +226,6 @@ static void run_ordered_work(struct __btrfs_workqueue *wq,
struct btrfs_work *work; struct btrfs_work *work;
spinlock_t *lock = &wq->list_lock; spinlock_t *lock = &wq->list_lock;
unsigned long flags; unsigned long flags;
void *wtag;
bool free_self = false; bool free_self = false;
while (1) { while (1) {
...@@ -281,21 +280,19 @@ static void run_ordered_work(struct __btrfs_workqueue *wq, ...@@ -281,21 +280,19 @@ static void run_ordered_work(struct __btrfs_workqueue *wq,
} else { } else {
/* /*
* We don't want to call the ordered free functions with * We don't want to call the ordered free functions with
* the lock held though. Save the work as tag for the * the lock held.
* trace event, because the callback could free the
* structure.
*/ */
wtag = work;
work->ordered_free(work); work->ordered_free(work);
trace_btrfs_all_work_done(wq->fs_info, wtag); /* NB: work must not be dereferenced past this point. */
trace_btrfs_all_work_done(wq->fs_info, work);
} }
} }
spin_unlock_irqrestore(lock, flags); spin_unlock_irqrestore(lock, flags);
if (free_self) { if (free_self) {
wtag = self;
self->ordered_free(self); self->ordered_free(self);
trace_btrfs_all_work_done(wq->fs_info, wtag); /* NB: self must not be dereferenced past this point. */
trace_btrfs_all_work_done(wq->fs_info, self);
} }
} }
...@@ -304,7 +301,6 @@ static void btrfs_work_helper(struct work_struct *normal_work) ...@@ -304,7 +301,6 @@ static void btrfs_work_helper(struct work_struct *normal_work)
struct btrfs_work *work = container_of(normal_work, struct btrfs_work, struct btrfs_work *work = container_of(normal_work, struct btrfs_work,
normal_work); normal_work);
struct __btrfs_workqueue *wq; struct __btrfs_workqueue *wq;
void *wtag;
int need_order = 0; int need_order = 0;
/* /*
...@@ -318,8 +314,6 @@ static void btrfs_work_helper(struct work_struct *normal_work) ...@@ -318,8 +314,6 @@ static void btrfs_work_helper(struct work_struct *normal_work)
if (work->ordered_func) if (work->ordered_func)
need_order = 1; need_order = 1;
wq = work->wq; wq = work->wq;
/* Safe for tracepoints in case work gets freed by the callback */
wtag = work;
trace_btrfs_work_sched(work); trace_btrfs_work_sched(work);
thresh_exec_hook(wq); thresh_exec_hook(wq);
...@@ -327,9 +321,10 @@ static void btrfs_work_helper(struct work_struct *normal_work) ...@@ -327,9 +321,10 @@ static void btrfs_work_helper(struct work_struct *normal_work)
if (need_order) { if (need_order) {
set_bit(WORK_DONE_BIT, &work->flags); set_bit(WORK_DONE_BIT, &work->flags);
run_ordered_work(wq, work); run_ordered_work(wq, work);
} else {
/* NB: work must not be dereferenced past this point. */
trace_btrfs_all_work_done(wq->fs_info, work);
} }
if (!need_order)
trace_btrfs_all_work_done(wq->fs_info, wtag);
} }
void btrfs_init_work(struct btrfs_work *work, btrfs_func_t func, void btrfs_init_work(struct btrfs_work *work, btrfs_func_t func,
......
...@@ -1389,9 +1389,9 @@ DECLARE_EVENT_CLASS(btrfs__work, ...@@ -1389,9 +1389,9 @@ DECLARE_EVENT_CLASS(btrfs__work,
); );
/* /*
* For situiations when the work is freed, we pass fs_info and a tag that that * For situations when the work is freed, we pass fs_info and a tag that matches
* matches address of the work structure so it can be paired with the * the address of the work structure so it can be paired with the scheduling
* scheduling event. * event. DO NOT add anything here that dereferences wtag.
*/ */
DECLARE_EVENT_CLASS(btrfs__work__done, DECLARE_EVENT_CLASS(btrfs__work__done,
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment