aboutsummaryrefslogtreecommitdiffstats
path: root/drivers/block/drbd
diff options
context:
space:
mode:
authorLars Ellenberg <lars.ellenberg@linbit.com>2010-10-15 03:52:46 -0400
committerPhilipp Reisner <philipp.reisner@linbit.com>2010-10-15 08:06:53 -0400
commit5dbfe7aedf54aa7f62fd659e34371d4ea0e7bffe (patch)
tree1ef5c18551186ba593010cbde9756e27b5d54685 /drivers/block/drbd
parentac7241211ded714873e8dc6d2f7c98ae7ea2cc30 (diff)
drbd: add race-breaker to drbd_go_diskless
This adds a necessary race breaker to these commits: drbd: fix for possible deadlock on IO error during resync drbd: drop wrong debug asserts, fix recently introduced race What we do is get a refcount, check the state, then depending on the state and the requested minimum disk state, either hold it (success), or give it back immediately (failed "try lock"). Some code paths (flushing of drbd metadata) may still grab and hold a refcount even if we are D_FAILED (application IO won't). So even if we hit local_cnt == 0 once after being D_FAILED, we still need to wait for that again after we changed to D_DISKLESS. Once local_cnt reaches 0 while we are D_DISKLESS, we can be sure that no one will look at the protected members anymore, so only then is it safe to free them. We cannot easily convert to standard locking primitives here, as we want to be able to use it in atomic context (we always do a "try lock"), as well as hold references for a "long time" (from IO submission to completion callback). Signed-off-by: Philipp Reisner <philipp.reisner@linbit.com> Signed-off-by: Lars Ellenberg <lars.ellenberg@linbit.com>
Diffstat (limited to 'drivers/block/drbd')
-rw-r--r--drivers/block/drbd/drbd_main.c3
1 files changed, 3 insertions, 0 deletions
diff --git a/drivers/block/drbd/drbd_main.c b/drivers/block/drbd/drbd_main.c
index bbe3bff2cad6..8bfedc7164fa 100644
--- a/drivers/block/drbd/drbd_main.c
+++ b/drivers/block/drbd/drbd_main.c
@@ -3763,6 +3763,9 @@ static int w_go_diskless(struct drbd_conf *mdev, struct drbd_work *w, int unused
3763 * the protected members anymore, though, so in the after_state_ch work 3763 * the protected members anymore, though, so in the after_state_ch work
3764 * it will be safe to free them. */ 3764 * it will be safe to free them. */
3765 drbd_force_state(mdev, NS(disk, D_DISKLESS)); 3765 drbd_force_state(mdev, NS(disk, D_DISKLESS));
3766 /* We need to wait for return of references checked out while we still
3767 * have been D_FAILED, though (drbd_md_sync, bitmap io). */
3768 wait_event(mdev->misc_wait, !atomic_read(&mdev->local_cnt));
3766 3769
3767 clear_bit(GO_DISKLESS, &mdev->flags); 3770 clear_bit(GO_DISKLESS, &mdev->flags);
3768 return 1; 3771 return 1;