Re: [patch V2 7/7] fs/jbd2: Free journal head outside of locked region

From: Jan Kara
Date: Thu Aug 01 2019 - 12:55:13 EST


On Thu 01-08-19 03:01:33, Thomas Gleixner wrote:
> On PREEMPT_RT bit-spinlocks have the same semantics as on PREEMPT_RT=n,
> i.e. they disable preemption. That means functions which are not safe to be
> called in preempt disabled context on RT trigger a might_sleep() assert.
>
> The journal head bit spinlock is mostly held for short code sequences with
> trivial RT safe functionality, except for one place:
>
> jbd2_journal_put_journal_head() invokes __journal_remove_journal_head()
> with the journal head bit spinlock held. __journal_remove_journal_head()
> invokes kmem_cache_free() which must not be called with preemption disabled
> on RT.
>
> Jan suggested to rework the removal function so the actual free happens
> outside the bit-spinlocked region.
>
> Split it into two parts:
>
> - Do the sanity checks and the buffer head detach under the lock
>
> - Do the actual free after dropping the lock
>
> There is error case handling in the free part which needs to dereference
> the b_size field of the now detached buffer head. Due to paranoia (caused
> by ignorance) the size is retrieved in the detach function and handed into
> the free function. Might be over-engineered, but better safe than sorry.
>
> This makes the journal head bit-spinlock usage RT compliant and also avoids
> nested locking which is not covered by lockdep.
>
> Suggested-by: Jan Kara <jack@xxxxxxxx>
> Signed-off-by: Thomas Gleixner <tglx@xxxxxxxxxxxxx>
> Cc: linux-ext4@xxxxxxxxxxxxxxx
> Cc: "Theodore Ts'o" <tytso@xxxxxxx>
> Cc: Jan Kara <jack@xxxxxxxx>

Looks mostly good. Just a small suggestion for simplification below:

> @@ -2559,11 +2568,14 @@ void jbd2_journal_put_journal_head(struc
> J_ASSERT_JH(jh, jh->b_jcount > 0);
> --jh->b_jcount;
> if (!jh->b_jcount) {
> - __journal_remove_journal_head(bh);
> + size_t b_size = __journal_remove_journal_head(bh);
> +
> jbd_unlock_bh_journal_head(bh);
> + journal_release_journal_head(jh, b_size);
> __brelse(bh);

The bh is pinned until you call __brelse(bh) above and bh->b_size doesn't
change during the lifetime of the buffer. So there's no need of
fetching bh->b_size in __journal_remove_journal_head() and passing it back.
You can just:

journal_release_journal_head(jh, bh->b_size);

> - } else
> + } else {
> jbd_unlock_bh_journal_head(bh);
> + }
> }
>

Honza
--
Jan Kara <jack@xxxxxxxx>
SUSE Labs, CR