From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <tarantool-patches-bounces@dev.tarantool.org>
Received: from [87.239.111.99] (localhost [127.0.0.1])
	by dev.tarantool.org (Postfix) with ESMTP id 9F6D36EC55;
	Thu, 15 Jul 2021 00:26:11 +0300 (MSK)
DKIM-Filter: OpenDKIM Filter v2.11.0 dev.tarantool.org 9F6D36EC55
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=tarantool.org; s=dev;
	t=1626297971; bh=xsAHFBu2kZ3KDFRa3sdrj20c3rJ1hd+1JiKy3hPpWYc=;
	h=To:Date:In-Reply-To:References:Subject:List-Id:List-Unsubscribe:
	 List-Archive:List-Post:List-Help:List-Subscribe:From:Reply-To:Cc:
	 From;
	b=pkDnFBvvebdg73y1C2y6l4iM0PMN5JNMh0QqIw18h7yfbDSI7LD3gkwVPootpRexK
	 6/UtiZBdcYWYshF5nhtrE+Np6ugnaPtj2sOcmTgkjEpljdg6O7q+IU16c3QmOdRBVl
	 xnUSSsGXa2IRwi5lV0z2BNq61C5wG1IEBu3bOatg=
Received: from mail-lf1-f51.google.com (mail-lf1-f51.google.com
 [209.85.167.51])
 (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits)
 key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256)
 (No client certificate requested)
 by dev.tarantool.org (Postfix) with ESMTPS id DD2E26EC6E
 for <tarantool-patches@dev.tarantool.org>;
 Thu, 15 Jul 2021 00:24:35 +0300 (MSK)
DKIM-Filter: OpenDKIM Filter v2.11.0 dev.tarantool.org DD2E26EC6E
Received: by mail-lf1-f51.google.com with SMTP id t17so6109736lfq.0
 for <tarantool-patches@dev.tarantool.org>;
 Wed, 14 Jul 2021 14:24:35 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20161025;
 h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to
 :references:mime-version:content-transfer-encoding;
 bh=dcKaAHXbNVNroFxAw+4hWeuNXz16TG4jf8FG1XoZgkY=;
 b=TMjE/3uetDw4eGkskLmNoDSgDvQHqQJksEv89EQcOcb8NqCzWT1HhVf0GJG/yhLcAe
 xZ4yYEA9x0zuM4hPIqNDnWlGxb0LYLUyGDaRaslNuqsKEvYcY7qmaATmeNu4Ni74dxwC
 njWlkgV7UP6APekT5aXiah8ZLpOYUBwsLcaRfFk9ZcitV5GbdWu99KH5zJvr19UuC4Vc
 6tof5cVVFBzzn/hF5g2hQUG+Evfmee5yvc1iZgmOiFrMpXVIOfL0/LeEtqB9TQwGtVxJ
 DQ0e/ZQuGlCgpmOYpQxx1gioKcabgVDgOsUv+qI3luF/Dk/5NuW7cSboYNzbqyWWD+VM
 6yOg==
X-Gm-Message-State: AOAM531xb2WuTTr/h0a3sUejyLZL5P9rxsQrUGUWTwUWkzd2Gh2LkDFI
 ZpHRtebF2YK+U2w2/wVEq9oYSV6NyJvs3w==
X-Google-Smtp-Source: ABdhPJxl0hn6WT6ULmVegV+RKLcB+1kLlG2tlTL0mwubaLYTAaDGNuyaDwIejR4PQyPY3x5s/1Cwcg==
X-Received: by 2002:ac2:5e2c:: with SMTP id o12mr144843lfg.543.1626297874844; 
 Wed, 14 Jul 2021 14:24:34 -0700 (PDT)
Received: from grain.localdomain ([5.18.199.94])
 by smtp.gmail.com with ESMTPSA id bp29sm157721lfb.58.2021.07.14.14.24.33
 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
 Wed, 14 Jul 2021 14:24:33 -0700 (PDT)
Received: by grain.localdomain (Postfix, from userid 1000)
 id 94A535A0023; Thu, 15 Jul 2021 00:23:32 +0300 (MSK)
To: tml <tarantool-patches@dev.tarantool.org>
Date: Thu, 15 Jul 2021 00:23:28 +0300
Message-Id: <20210714212328.701280-6-gorcunov@gmail.com>
X-Mailer: git-send-email 2.31.1
In-Reply-To: <20210714212328.701280-1-gorcunov@gmail.com>
References: <20210714212328.701280-1-gorcunov@gmail.com>
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
Subject: [Tarantool-patches] [RFC v5 5/5] limbo: filter incoming requests
X-BeenThere: tarantool-patches@dev.tarantool.org
X-Mailman-Version: 2.1.34
Precedence: list
List-Id: Tarantool development patches <tarantool-patches.dev.tarantool.org>
List-Unsubscribe: <https://lists.tarantool.org/mailman/options/tarantool-patches>, 
 <mailto:tarantool-patches-request@dev.tarantool.org?subject=unsubscribe>
List-Archive: <https://lists.tarantool.org/pipermail/tarantool-patches/>
List-Post: <mailto:tarantool-patches@dev.tarantool.org>
List-Help: <mailto:tarantool-patches-request@dev.tarantool.org?subject=help>
List-Subscribe: <https://lists.tarantool.org/mailman/listinfo/tarantool-patches>, 
 <mailto:tarantool-patches-request@dev.tarantool.org?subject=subscribe>
From: Cyrill Gorcunov via Tarantool-patches
 <tarantool-patches@dev.tarantool.org>
Reply-To: Cyrill Gorcunov <gorcunov@gmail.com>
Cc: Vladislav Shpilevoy <v.shpilevoy@tarantool.org>
Errors-To: tarantool-patches-bounces@dev.tarantool.org
Sender: "Tarantool-patches" <tarantool-patches-bounces@dev.tarantool.org>

FIXME: This is incomplete PoC

Closes #6036

Signed-off-by: Cyrill Gorcunov <gorcunov@gmail.com>
---
 src/box/applier.cc  |  3 +++
 src/box/txn_limbo.c | 52 ++++++++++++++++++++++++++++++++++++---------
 src/box/txn_limbo.h |  9 +++++++-
 3 files changed, 53 insertions(+), 11 deletions(-)

diff --git a/src/box/applier.cc b/src/box/applier.cc
index 838aa372d..c3f3a154a 100644
--- a/src/box/applier.cc
+++ b/src/box/applier.cc
@@ -871,6 +871,9 @@ apply_synchro_row(uint32_t replica_id, struct xrow_header *row)
 		goto err;
 
 	txn_limbo_promote_lock(&txn_limbo);
+	if (txn_limbo_filter_locked(&txn_limbo, &req) != 0)
+		goto err_unlock;
+
 	struct replica_cb_data rcb_data;
 	struct synchro_entry entry;
 	/*
diff --git a/src/box/txn_limbo.c b/src/box/txn_limbo.c
index d24df3606..330ba57b2 100644
--- a/src/box/txn_limbo.c
+++ b/src/box/txn_limbo.c
@@ -731,6 +731,40 @@ txn_limbo_wait_empty(struct txn_limbo *limbo, double timeout)
 	return 0;
 }
 
+int
+txn_limbo_filter_locked(struct txn_limbo *limbo,
+			const struct synchro_request *req)
+{
+	struct txn_limbo_promote *pmt = &limbo->promote;
+	uint32_t replica_id = req->origin_id;
+	uint64_t term = req->term;
+
+	panic_on(!txn_limbo_promote_is_locked(limbo),
+		 "limbo: unlocked filtering of a request");
+
+	/*
+	 * In case of split brain has happened the promote
+	 * request may come in with already seen term.
+	 */
+	uint64_t seen_term = txn_limbo_term_locked(limbo, replica_id);
+	if (seen_term >= term) {
+		if (iproto_type_is_promote_request(req->type) &&
+		    pmt->terms_max > 1) {
+			say_info("RAFT: rejecting %s obsolete request "
+				 "from instance id %u term %llu. "
+				 "Current max term %llu.",
+				 iproto_type_name(req->type),
+				 replica_id, (long long)term,
+				 (long long)pmt->terms_max);
+			diag_set(ClientError, ER_UNSUPPORTED,
+				 "Replication", "obsolete terms");
+			return -1;
+		}
+	}
+
+	return 0;
+}
+
 void
 txn_limbo_process_locked(struct txn_limbo *limbo,
 			 const struct synchro_request *req)
@@ -742,19 +776,14 @@ txn_limbo_process_locked(struct txn_limbo *limbo,
 	panic_on(!txn_limbo_promote_is_locked(limbo),
 		 "limbo: unlocked processing of a request");
 
+	/*
+	 * Update promote tracking since bad requests must
+	 * be filtered out already.
+	 */
 	if (txn_limbo_term_locked(limbo, origin) < term) {
 		vclock_follow(&pmt->terms_map, origin, term);
 		if (term > pmt->terms_max)
 			pmt->terms_max = term;
-	} else if (iproto_type_is_promote_request(req->type) &&
-		   pmt->terms_max > 1) {
-		/* PROMOTE for outdated term. Ignore. */
-		say_info("RAFT: ignoring %s request from instance "
-			 "id %u for term %llu. Greatest term seen "
-			 "before (%llu) is bigger.",
-			 iproto_type_name(req->type), origin, (long long)term,
-			 (long long)pmt->terms_max);
-		return;
 	}
 
 	int64_t lsn = req->lsn;
@@ -800,12 +829,15 @@ txn_limbo_process_locked(struct txn_limbo *limbo,
 	return;
 }
 
-void
+int
 txn_limbo_process(struct txn_limbo *limbo, const struct synchro_request *req)
 {
 	txn_limbo_promote_lock(limbo);
+	if (txn_limbo_filter_locked(limbo, req) != 0)
+		return -1;
 	txn_limbo_process_locked(limbo, req);
 	txn_limbo_promote_unlock(limbo);
+	return 0;
 }
 
 void
diff --git a/src/box/txn_limbo.h b/src/box/txn_limbo.h
index a2595bcff..bfdfef0e0 100644
--- a/src/box/txn_limbo.h
+++ b/src/box/txn_limbo.h
@@ -358,8 +358,15 @@ txn_limbo_ack(struct txn_limbo *limbo, uint32_t replica_id, int64_t lsn);
 int
 txn_limbo_wait_complete(struct txn_limbo *limbo, struct txn_limbo_entry *entry);
 
+/**
+ * Verify if the request is valid for processing.
+ */
+int
+txn_limbo_filter_locked(struct txn_limbo *limbo,
+			const struct synchro_request *req);
+
 /** Execute a synchronous replication request. */
-void
+int
 txn_limbo_process(struct txn_limbo *limbo, const struct synchro_request *req);
 
 void
-- 
2.31.1