Checking if destruct is false and setting destruct to true are
separated by mutex in remove_cb() and bdev_nvme_library_fini().
It was possible that multiple threads called nvme_bdev_ctrlr_destruct()
because the caller could call nvme_bdev_ctrlr_destruct() before
setting destruct to true after knowing it was false.
This patch ensures that nvme_bdev_ctrlr_destruct() is called only once.
Set ctrlr->destruct to true without releasing mutex after checking
if ctrlr->destruct is false.
If destruct is set to true before calling nvme_ctrlr_depopulate_namespaces(),
nvme_ctrlr_depopulate_namespace_done() may call nvme_bdev_ctrlr_destruct()
because it is likely that reference count is zero and destruct is true.
In this case, remove_cb() or bdev_nvme_library_fini() cannot call
nvme_bdev_destruct() after returning from nvme_ctrlr_depopulate_namespaces().
On the other hand, if a controller has no namespace,
nvme_ctrlr_depopulate_namespaces() does nothing and
nvme_ctrlr_depopulate_namespace_done() is not called. Hence
remove_cb() or bdev_nvme_library_fini() has to call nvme_bdev_destruct()
after returning nvme_ctrlr_depopulate_namespaces().
To unify both cases, initialize reference count to one as a sentinel value
and remove_cb() and bdev_nvme_library_fini() decrement reference count
and then calls nvme_bdev_ctrlr_destruct() if reference count is zero
after returning from nvme_ctrlr_depopulate_namespaces().
Additionally, add assert to check if reference count is not negative
to find bug in future.
Signed-off-by: Shuhei Matsumoto <shuhei.matsumoto.xt@hitachi.com>
Change-Id: I8a617b5aa4d0a9faff832e63c2ed4b353341dd6b
Reviewed-on: https://review.spdk.io/gerrit/c/spdk/spdk/+/4817
Community-CI: Broadcom CI
Community-CI: Mellanox Build Bot
Reviewed-by: Changpeng Liu <changpeng.liu@intel.com>
Reviewed-by: Jim Harris <james.r.harris@intel.com>
Reviewed-by: Aleksey Marchuk <alexeymar@mellanox.com>
Tested-by: SPDK CI Jenkins <sys_sgci@intel.com>
01f769c62a