• L
    drbd: add race-breaker to drbd_go_diskless · 5dbfe7ae
    Lars Ellenberg 提交于
    This adds a necessary race breaker to these commits:
        drbd: fix for possible deadlock on IO error during resync
        drbd: drop wrong debug asserts, fix recently introduced race
    
    What we do is get a refcount, check the state, then depending on the
    state and the requested minimum disk state, either hold it (success),
    or give it back immediately (failed "try lock").
    
    Some code paths (flushing of drbd metadata) may still grab and hold a
    refcount even if we are D_FAILED (application IO won't).
    So even if we hit local_cnt == 0 once after being D_FAILED,
    we still need to wait for that again after we changed to D_DISKLESS.
    Once local_cnt reaches 0 while we are D_DISKLESS, we can be sure that
    no one will look at the protected members anymore, so only then is it
    safe to free them.
    
    We cannot easily convert to standard locking primitives here, as we want
    to be able to use it in atomic context (we always do a "try lock"),
    as well as hold references for a "long time" (from IO submission to
    completion callback).
    Signed-off-by: NPhilipp Reisner <philipp.reisner@linbit.com>
    Signed-off-by: NLars Ellenberg <lars.ellenberg@linbit.com>
    5dbfe7ae
drbd_main.c 106.7 KB