Commit 1689c16
dlm: fix missing lkb refcount handling
We always call hold_lkb(lkb) if we increment lkb->lkb_wait_count.
So, we always need to call unhold_lkb(lkb) if we decrement
lkb->lkb_wait_count. This patch will add missing unhold_lkb(lkb) if we
decrement lkb->lkb_wait_count. In case of setting lkb->lkb_wait_count to
zero we need to countdown until reaching zero and call unhold_lkb(lkb).
The waiters list unhold_lkb(lkb) can be removed because it's done for
the last lkb_wait_count decrement iteration as it's done in
_remove_from_waiters().
This issue was discovered by a dlm gfs2 test case which use excessively
dlm_unlock(LKF_CANCEL) feature. Probably the lkb->lkb_wait_count value
never reached above 1 if this feature isn't used and so it was not
discovered before.
The testcase ended in a rsb on the rsb keep data structure with a
refcount of 1 but no lkb was associated with it, which is itself
an invalid behaviour. A side effect of that was a condition in which
the dlm was sending remove messages in a looping behaviour. With this
patch that has not been reproduced.
Cc: stable@vger.kernel.org
Signed-off-by: Alexander Aring <aahringo@redhat.com>
Signed-off-by: David Teigland <teigland@redhat.com>1 parent e425ac9 commit 1689c16
1 file changed
Lines changed: 9 additions & 2 deletions
| Original file line number | Diff line number | Diff line change | |
|---|---|---|---|
| |||
1578 | 1578 | | |
1579 | 1579 | | |
1580 | 1580 | | |
| 1581 | + | |
1581 | 1582 | | |
1582 | 1583 | | |
1583 | 1584 | | |
| |||
1604 | 1605 | | |
1605 | 1606 | | |
1606 | 1607 | | |
| 1608 | + | |
1607 | 1609 | | |
1608 | 1610 | | |
1609 | 1611 | | |
| |||
5364 | 5366 | | |
5365 | 5367 | | |
5366 | 5368 | | |
5367 | | - | |
| 5369 | + | |
| 5370 | + | |
| 5371 | + | |
| 5372 | + | |
| 5373 | + | |
| 5374 | + | |
| 5375 | + | |
5368 | 5376 | | |
5369 | 5377 | | |
5370 | 5378 | | |
5371 | | - | |
5372 | 5379 | | |
5373 | 5380 | | |
5374 | 5381 | | |
| |||
0 commit comments