Tree - rpms/glusterfs - CentOS Git server

rpms / glusterfs

Blame SOURCES/0304-cluster-dht-Correct-fd-processing-loop.patch

Blob History Raw

		14f8ab	`From ad233c1b3abdfe2bdfd1eacc83b5f84b7afa6b46 Mon Sep 17 00:00:00 2001`
		14f8ab	`From: N Balachandran <nbalacha@redhat.com>`
		14f8ab	`Date: Tue, 1 Oct 2019 17:37:15 +0530`
		14f8ab	`Subject: [PATCH 304/304] cluster/dht: Correct fd processing loop`
		14f8ab
		14f8ab	`The fd processing loops in the`
		14f8ab	`dht_migration_complete_check_task and the`
		14f8ab	`dht_rebalance_inprogress_task functions were unsafe`
		14f8ab	`and could cause an open to be sent on an already freed`
		14f8ab	`fd. This has been fixed.`
		14f8ab
		14f8ab	`> Change-Id: I0a3c7d2fba314089e03dfd704f9dceb134749540`
		14f8ab	`> Fixes: bz#1757399`
		14f8ab	`> Signed-off-by: N Balachandran <nbalacha@redhat.com>`
		14f8ab	`> (Cherry picked from commit 9b15867070b0cc241ab165886292ecffc3bc0aed)`
		14f8ab	`> (Reviewed on upstream link https://review.gluster.org/#/c/glusterfs/+/23506/)`
		14f8ab
		14f8ab	`Change-Id: I0a3c7d2fba314089e03dfd704f9dceb134749540`
		14f8ab	`BUG: 1756325`
		14f8ab	`Signed-off-by: Mohit Agrawal <moagrawa@redhat.com>`
		14f8ab	`Reviewed-on: https://code.engineering.redhat.com/gerrit/182826`
		14f8ab	`Tested-by: RHGS Build Bot <nigelb@redhat.com>`
		14f8ab	`Reviewed-by: Sunil Kumar Heggodu Gopala Acharya <sheggodu@redhat.com>`
		14f8ab	`---`
		14f8ab	`xlators/cluster/dht/src/dht-helper.c \| 84 ++++++++++++++++++++++++++----------`
		14f8ab	`1 file changed, 62 insertions(+), 22 deletions(-)`
		14f8ab
		14f8ab	`diff --git a/xlators/cluster/dht/src/dht-helper.c b/xlators/cluster/dht/src/dht-helper.c`
		14f8ab	`index 4c57e0d..1e9fee0 100644`
		14f8ab	`--- a/xlators/cluster/dht/src/dht-helper.c`
		14f8ab	`+++ b/xlators/cluster/dht/src/dht-helper.c`
		14f8ab	`@@ -1261,6 +1261,7 @@ dht_migration_complete_check_task(void *data)`
		14f8ab	`fd_t *tmp = NULL;`
		14f8ab	`uint64_t tmp_miginfo = 0;`
		14f8ab	`dht_migrate_info_t *miginfo = NULL;`
		14f8ab	`+ gf_boolean_t skip_open = _gf_false;`
		14f8ab	`int open_failed = 0;`
		14f8ab
		14f8ab	`this = THIS;`
		14f8ab	`@@ -1399,24 +1400,34 @@ dht_migration_complete_check_task(void *data)`
		14f8ab	`* the loop will cause the destruction of the fd. So we need to`
		14f8ab	`* iterate the list safely because iter_fd cannot be trusted.`
		14f8ab	`*/`
		14f8ab	`- list_for_each_entry_safe(iter_fd, tmp, &inode->fd_list, inode_list)`
		14f8ab	`- {`
		14f8ab	`- if (fd_is_anonymous(iter_fd))`
		14f8ab	`- continue;`
		14f8ab	`-`
		14f8ab	`- if (dht_fd_open_on_dst(this, iter_fd, dst_node))`
		14f8ab	`- continue;`
		14f8ab	`-`
		14f8ab	`+ iter_fd = list_entry((&inode->fd_list)->next, typeof(*iter_fd), inode_list);`
		14f8ab	`+ while (&iter_fd->inode_list != (&inode->fd_list)) {`
		14f8ab	`+ if (fd_is_anonymous(iter_fd) \|\|`
		14f8ab	`+ (dht_fd_open_on_dst(this, iter_fd, dst_node))) {`
		14f8ab	`+ if (!tmp) {`
		14f8ab	`+ iter_fd = list_entry(iter_fd->inode_list.next, typeof(*iter_fd),`
		14f8ab	`+ inode_list);`
		14f8ab	`+ continue;`
		14f8ab	`+ }`
		14f8ab	`+ skip_open = _gf_true;`
		14f8ab	`+ }`
		14f8ab	`/* We need to release the inode->lock before calling`
		14f8ab	`* syncop_open() to avoid possible deadlocks. However this`
		14f8ab	`* can cause the iter_fd to be released by other threads.`
		14f8ab	`* To avoid this, we take a reference before releasing the`
		14f8ab	`* lock.`
		14f8ab	`*/`
		14f8ab	`- __fd_ref(iter_fd);`
		14f8ab	`+ fd_ref(iter_fd);`
		14f8ab
		14f8ab	`UNLOCK(&inode->lock);`
		14f8ab
		14f8ab	`+ if (tmp) {`
		14f8ab	`+ fd_unref(tmp);`
		14f8ab	`+ tmp = NULL;`
		14f8ab	`+ }`
		14f8ab	`+ if (skip_open)`
		14f8ab	`+ goto next;`
		14f8ab	`+`
		14f8ab	`/* flags for open are stripped down to allow following the`
		14f8ab	`* new location of the file, otherwise we can get EEXIST or`
		14f8ab	`* truncate the file again as rebalance is moving the data */`
		14f8ab	`@@ -1438,9 +1449,11 @@ dht_migration_complete_check_task(void *data)`
		14f8ab	`dht_fd_ctx_set(this, iter_fd, dst_node);`
		14f8ab	`}`
		14f8ab
		14f8ab	`- fd_unref(iter_fd);`
		14f8ab	`-`
		14f8ab	`+ next:`
		14f8ab	`LOCK(&inode->lock);`
		14f8ab	`+ skip_open = _gf_false;`
		14f8ab	`+ tmp = iter_fd;`
		14f8ab	`+ iter_fd = list_entry(tmp->inode_list.next, typeof(*tmp), inode_list);`
		14f8ab	`}`
		14f8ab
		14f8ab	`SYNCTASK_SETID(frame->root->uid, frame->root->gid);`
		14f8ab	`@@ -1453,6 +1466,10 @@ dht_migration_complete_check_task(void *data)`
		14f8ab
		14f8ab	`unlock:`
		14f8ab	`UNLOCK(&inode->lock);`
		14f8ab	`+ if (tmp) {`
		14f8ab	`+ fd_unref(tmp);`
		14f8ab	`+ tmp = NULL;`
		14f8ab	`+ }`
		14f8ab
		14f8ab	`out:`
		14f8ab	`if (dict) {`
		14f8ab	`@@ -1534,6 +1551,7 @@ dht_rebalance_inprogress_task(void *data)`
		14f8ab	`int open_failed = 0;`
		14f8ab	`uint64_t tmp_miginfo = 0;`
		14f8ab	`dht_migrate_info_t *miginfo = NULL;`
		14f8ab	`+ gf_boolean_t skip_open = _gf_false;`
		14f8ab
		14f8ab	`this = THIS;`
		14f8ab	`frame = data;`
		14f8ab	`@@ -1654,24 +1672,40 @@ dht_rebalance_inprogress_task(void *data)`
		14f8ab	`* the loop will cause the destruction of the fd. So we need to`
		14f8ab	`* iterate the list safely because iter_fd cannot be trusted.`
		14f8ab	`*/`
		14f8ab	`- list_for_each_entry_safe(iter_fd, tmp, &inode->fd_list, inode_list)`
		14f8ab	`- {`
		14f8ab	`- if (fd_is_anonymous(iter_fd))`
		14f8ab	`- continue;`
		14f8ab	`-`
		14f8ab	`- if (dht_fd_open_on_dst(this, iter_fd, dst_node))`
		14f8ab	`- continue;`
		14f8ab	`-`
		14f8ab	`+ iter_fd = list_entry((&inode->fd_list)->next, typeof(*iter_fd), inode_list);`
		14f8ab	`+ while (&iter_fd->inode_list != (&inode->fd_list)) {`
		14f8ab	`/* We need to release the inode->lock before calling`
		14f8ab	`* syncop_open() to avoid possible deadlocks. However this`
		14f8ab	`* can cause the iter_fd to be released by other threads.`
		14f8ab	`* To avoid this, we take a reference before releasing the`
		14f8ab	`* lock.`
		14f8ab	`*/`
		14f8ab	`- __fd_ref(iter_fd);`
		14f8ab
		14f8ab	`+ if (fd_is_anonymous(iter_fd) \|\|`
		14f8ab	`+ (dht_fd_open_on_dst(this, iter_fd, dst_node))) {`
		14f8ab	`+ if (!tmp) {`
		14f8ab	`+ iter_fd = list_entry(iter_fd->inode_list.next, typeof(*iter_fd),`
		14f8ab	`+ inode_list);`
		14f8ab	`+ continue;`
		14f8ab	`+ }`
		14f8ab	`+ skip_open = _gf_true;`
		14f8ab	`+ }`
		14f8ab	`+`
		14f8ab	`+ /* Yes, this is ugly but there isn't a cleaner way to do this`
		14f8ab	`+ * the fd_ref is an atomic increment so not too bad. We want to`
		14f8ab	`+ * reduce the number of inode locks and unlocks.`
		14f8ab	`+ */`
		14f8ab	`+`
		14f8ab	`+ fd_ref(iter_fd);`
		14f8ab	`UNLOCK(&inode->lock);`
		14f8ab
		14f8ab	`+ if (tmp) {`
		14f8ab	`+ fd_unref(tmp);`
		14f8ab	`+ tmp = NULL;`
		14f8ab	`+ }`
		14f8ab	`+ if (skip_open)`
		14f8ab	`+ goto next;`
		14f8ab	`+`
		14f8ab	`/* flags for open are stripped down to allow following the`
		14f8ab	`* new location of the file, otherwise we can get EEXIST or`
		14f8ab	`* truncate the file again as rebalance is moving the data */`
		14f8ab	`@@ -1692,9 +1726,11 @@ dht_rebalance_inprogress_task(void *data)`
		14f8ab	`dht_fd_ctx_set(this, iter_fd, dst_node);`
		14f8ab	`}`
		14f8ab
		14f8ab	`- fd_unref(iter_fd);`
		14f8ab	`-`
		14f8ab	`+ next:`
		14f8ab	`LOCK(&inode->lock);`
		14f8ab	`+ skip_open = _gf_false;`
		14f8ab	`+ tmp = iter_fd;`
		14f8ab	`+ iter_fd = list_entry(tmp->inode_list.next, typeof(*tmp), inode_list);`
		14f8ab	`}`
		14f8ab
		14f8ab	`SYNCTASK_SETID(frame->root->uid, frame->root->gid);`
		14f8ab	`@@ -1702,6 +1738,10 @@ dht_rebalance_inprogress_task(void *data)`
		14f8ab	`unlock:`
		14f8ab	`UNLOCK(&inode->lock);`
		14f8ab
		14f8ab	`+ if (tmp) {`
		14f8ab	`+ fd_unref(tmp);`
		14f8ab	`+ tmp = NULL;`
		14f8ab	`+ }`
		14f8ab	`if (open_failed) {`
		14f8ab	`ret = -1;`
		14f8ab	`goto out;`
		14f8ab	`--`
		14f8ab	`1.8.3.1`
		14f8ab

rpms / glusterfs

Source Code

Blame SOURCES/0304-cluster-dht-Correct-fd-processing-loop.patch