• Mikulas Patocka's avatar
    dm table: rework reference counting · d5816876
    Mikulas Patocka authored
    Rework table reference counting.
    
    The existing code uses a reference counter. When the last reference is
    dropped and the counter reaches zero, the table destructor is called.
    Table reference counters are acquired/released from upcalls from other
    kernel code (dm_any_congested, dm_merge_bvec, dm_unplug_all).
    If the reference counter reaches zero in one of the upcalls, the table
    destructor is called from almost random kernel code.
    
    This leads to various problems:
    * dm_any_congested being called under a spinlock, which calls the
      destructor, which calls some sleeping function.
    * the destructor attempting to take a lock that is already taken by the
      same process.
    * stale reference from some other kernel code keeps the table
      constructed, which keeps some devices open, even after successful
      return from "dmsetup remove". This can confuse lvm and prevent closing
      of underlying devices or reusing device minor numbers.
    
    The patch changes reference counting so that the table destructor can be
    called only at predetermined places.
    
    The table has always exactly one reference from either mapped_device->map
    or hash_cell->new_map. After this patch, this reference is not counted
    in table->holders.  A pair of dm_create_table/dm_destroy_table functions
    is used for table creation/destruction.
    
    Temporary references from the other code increase table->holders. A pair
    of dm_table_get/dm_table_put functions is used to manipulate it.
    
    When the table is about to be destroyed, we wait for table->holders to
    reach 0. Then, we call the table destructor.  We use active waiting with
    msleep(1), because the situation happens rarely (to one user in 5 years)
    and removing the device isn't performance-critical task: the user doesn't
    care if it takes one tick more or not.
    
    This way, the destructor is called only at specific points
    (dm_table_destroy function) and the above problems associated with lazy
    destruction can't happen.
    
    Finally remove the temporary protection added to dm_any_congested().
    Signed-off-by: default avatarMikulas Patocka <mpatocka@redhat.com>
    Signed-off-by: default avatarAlasdair G Kergon <agk@redhat.com>
    d5816876
dm-table.c 21.9 KB