From f83c5ad964c09857faa22dd99fb2537f290a979f Mon Sep 17 00:00:00 2001

From: Pranith Kumar K <pkarampu@redhat.com>

Date: Tue, 23 Jun 2015 06:39:49 +0530

Subject: [PATCH 128/129] cluster/ec: Avoid parallel executions of the same state machine

        Backport of http://review.gluster.org/11317

In very rare circumstances it was possible that a subfop started

by another fop could finish fast enough to cause that two or more

instances of the same state machine be executing at the same time.

Change-Id: I319924a18bd3f88115e751a66f8f4560435e0e0e

BUG: 1230513

Signed-off-by: Xavier Hernandez <xhernandez@datalab.es>

Reviewed-on: https://code.engineering.redhat.com/gerrit/51301

Reviewed-by: Pranith Kumar Karampuri <pkarampu@redhat.com>

Tested-by: Pranith Kumar Karampuri <pkarampu@redhat.com>

---

 xlators/cluster/ec/src/ec-common.c |   25 ++++++++++++-------------

 1 files changed, 12 insertions(+), 13 deletions(-)

diff --git a/xlators/cluster/ec/src/ec-common.c b/xlators/cluster/ec/src/ec-common.c

index be69c57..f69234e 100644

--- a/xlators/cluster/ec/src/ec-common.c

+++ b/xlators/cluster/ec/src/ec-common.c

@@ -250,7 +250,7 @@ int32_t ec_check_complete(ec_fop_data_t * fop, ec_resume_f resume)

     GF_ASSERT(fop->resume == NULL);

-    if (fop->jobs != 0)

+    if (--fop->jobs != 0)

     {

         ec_trace("WAIT", fop, "resume=%p", resume);

@@ -1259,11 +1259,6 @@ void ec_lock(ec_fop_data_t *fop)

     ec_lock_link_t *timer_link = NULL;

     ec_lock_t *lock;

-    /* There is a chance that ec_resume is called on fop even before ec_sleep.

-     * Which can result in refs == 0 for fop leading to use after free in this

-     * function when it calls ec_sleep so do ec_sleep at start and end of this

-     * function.*/

-    ec_sleep (fop);

     while (fop->locked < fop->lock_count) {

         /* Since there are only up to 2 locks per fop, this xor will change

          * the order of the locks if fop->first_lock is 1. */

@@ -1328,7 +1323,6 @@ void ec_lock(ec_fop_data_t *fop)

             timer_link = NULL;

         }

     }

-    ec_resume (fop, 0);

     if (timer_link != NULL) {

         ec_resume(timer_link->fop, 0);

@@ -1725,15 +1719,9 @@ void ec_unlock(ec_fop_data_t *fop)

 {

     int32_t i;

-    /*If fop->lock_count > 1 then there is a chance that by the time

-     * ec_unlock_timer_add() is called for the second lock epoll thread could

-     * reply inodelk and jobs will be '0' leading to completion of state

-     * machine and freeing of fop. So add sleep/resume*/

-    ec_sleep (fop);

     for (i = 0; i < fop->lock_count; i++) {

         ec_unlock_timer_add(&fop->locks[i]);

     }

-    ec_resume (fop, 0);

 }

 void

@@ -1879,6 +1867,17 @@ void __ec_manager(ec_fop_data_t * fop, int32_t error)

             break;

         }

+        /* At each state, fop must not be used anywhere else and there

+         * shouldn't be any pending subfop going on. */

+        GF_ASSERT(fop->jobs == 0);

+

+        /* While the manager is running we need to avoid that subfops launched

+         * from it could finish and call ec_resume() before the fop->handler

+         * has completed. This could lead to the same manager being executed

+         * by two threads concurrently. ec_check_complete() will take care of

+         * this reference. */

+        fop->jobs = 1;

+

         fop->state = fop->handler(fop, fop->state);

         error = ec_check_complete(fop, __ec_manager);

-- 

1.7.1