From: Serge Petrenko <sergepetrenko@tarantool.org>
To: gorcunov@gmail.com
Cc: tarantool-patches@dev.tarantool.org
Subject: [Tarantool-patches] [PATCH v2] relay: fix segfault on replica transition from anonymous
Date: Mon, 13 Apr 2020 13:34:54 +0300 [thread overview]
Message-ID: <20200413103454.82207-1-sergepetrenko@tarantool.org> (raw)
relay_subscribe_f sets a recovery trigger notifying tx when a full log
is read and gc consumer corresponding to the replica may be advanced.
Since anonymous replicas do not have gc consumers, the trigger isn't
added for them. However, on relay exit, the trigger deletion depends
on replica->anon flag. This is buggy in case relay stalls on exit due to
replica disconnect. Replica has time to reconnect and register as a
normal instance, hence its replica->anon flag will be false by the time
we check whether to clear triggers or not, effectively making us to
clear unset triggers and segfault.
Fix this by initializing the triggers with trigger_create(), which
allows a trigger_clear() call, even if the triggers are not set, and
omit the replica->anon check.
Closes #4731
Acked-by: Cyrill Gorcunov <gorcunov@gmail.com>
---
https://github.com/tarantool/tarantool/tree/sp/gh-4731-anon-segfault-v2
https://github.com/tarantool/tarantool/issues/4731
src/box/relay.cc | 14 ++++++++------
1 file changed, 8 insertions(+), 6 deletions(-)
diff --git a/src/box/relay.cc b/src/box/relay.cc
index c634348a4..5f34753fc 100644
--- a/src/box/relay.cc
+++ b/src/box/relay.cc
@@ -580,9 +580,8 @@ relay_subscribe_f(va_list ap)
* Not needed for anonymous replicas, since they
* aren't registered with gc at all.
*/
- struct trigger on_close_log = {
- RLIST_LINK_INITIALIZER, relay_on_close_log_f, relay, NULL
- };
+ struct trigger on_close_log;
+ trigger_create(&on_close_log, relay_on_close_log_f, relay, NULL);
if (!relay->replica->anon)
trigger_add(&r->on_close_log, &on_close_log);
@@ -662,9 +661,12 @@ relay_subscribe_f(va_list ap)
diag_log();
say_crit("exiting the relay loop");
- /* Clear garbage collector trigger and WAL watcher. */
- if (!relay->replica->anon)
- trigger_clear(&on_close_log);
+ /*
+ * Clear garbage collector trigger and WAL watcher.
+ * trigger_clear() does nothing in case the triggers
+ * aren't set (the replica is anonymous).
+ */
+ trigger_clear(&on_close_log);
wal_clear_watcher(&relay->wal_watcher, cbus_process);
/* Join ack reader fiber. */
--
2.21.1 (Apple Git-122.3)
next reply other threads:[~2020-04-13 10:35 UTC|newest]
Thread overview: 4+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-04-13 10:34 Serge Petrenko [this message]
2020-04-13 10:37 ` Serge Petrenko
2020-04-13 13:24 ` Sergey Bronnikov
2020-04-15 10:16 ` Kirill Yukhin
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20200413103454.82207-1-sergepetrenko@tarantool.org \
--to=sergepetrenko@tarantool.org \
--cc=gorcunov@gmail.com \
--cc=tarantool-patches@dev.tarantool.org \
--subject='Re: [Tarantool-patches] [PATCH v2] relay: fix segfault on replica transition from anonymous' \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox