From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from [87.239.111.99] (localhost [127.0.0.1]) by dev.tarantool.org (Postfix) with ESMTP id 712AF6EC55; Thu, 15 Jul 2021 14:59:04 +0300 (MSK) DKIM-Filter: OpenDKIM Filter v2.11.0 dev.tarantool.org 712AF6EC55 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=tarantool.org; s=dev; t=1626350344; bh=0hFnbCWxhKf8GE8yOPK42XH2LTbSJ3qMyyZga3V5ylg=; h=To:Cc:References:Date:In-Reply-To:Subject:List-Id: List-Unsubscribe:List-Archive:List-Post:List-Help:List-Subscribe: From:Reply-To:From; b=eRGpRiMjUaikULh2eCiz4BO41S6LlXXuKDHArUaSMuwn59TqqAdMUMEtABN7OACpY UQNA6T6vNFGBvYWZvzJhHrulaEN7w93AeBIj3cjfG+o3avJwF7Owp56OSmpq+ITj04 quEue+CzJ/N8gj3N5WvPZ8KXMEcQWHcdaHicSlfs= Received: from smtp60.i.mail.ru (smtp60.i.mail.ru [217.69.128.40]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by dev.tarantool.org (Postfix) with ESMTPS id C02D26EC55 for ; Thu, 15 Jul 2021 14:59:03 +0300 (MSK) DKIM-Filter: OpenDKIM Filter v2.11.0 dev.tarantool.org C02D26EC55 Received: by smtp60.i.mail.ru with esmtpa (envelope-from ) id 1m4019-0007fx-1z; Thu, 15 Jul 2021 14:59:03 +0300 To: Cyrill Gorcunov , tml Cc: Vladislav Shpilevoy References: <20210714212328.701280-1-gorcunov@gmail.com> <20210714212328.701280-6-gorcunov@gmail.com> Message-ID: Date: Thu, 15 Jul 2021 14:59:02 +0300 User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:78.0) Gecko/20100101 Thunderbird/78.11.0 MIME-Version: 1.0 In-Reply-To: <20210714212328.701280-6-gorcunov@gmail.com> Content-Type: text/plain; charset=utf-8; format=flowed Content-Transfer-Encoding: 8bit Content-Language: ru X-4EC0790: 10 X-7564579A: 646B95376F6C166E X-77F55803: 4F1203BC0FB41BD941C43E597735A9C36A98DBA789EBB6AEAF05AC269C48884F182A05F538085040D445D63D3F00F876923C8EA91515EFD74281FC8F98D958D648BAC1A7562A0A63 X-7FA49CB5: FF5795518A3D127A4AD6D5ED66289B5278DA827A17800CE74ABD1465354149F7EA1F7E6F0F101C67BD4B6F7A4D31EC0BCC500DACC3FED6E28638F802B75D45FF8AA50765F7900637369CDFF96C7994428638F802B75D45FF36EB9D2243A4F8B5A6FCA7DBDB1FC311F39EFFDF887939037866D6147AF826D8418EE606090A9C5595A60B140FACBD62117882F4460429724CE54428C33FAD305F5C1EE8F4F765FC8C7ADC89C2F0B2A5A471835C12D1D9774AD6D5ED66289B52BA9C0B312567BB23117882F44604297287769387670735201E561CDFBCA1751F2CC0D3CB04F14752D2E47CDBA5A96583BA9C0B312567BB231DD303D21008E29813377AFFFEAFD269A417C69337E82CC2E827F84554CEF50127C277FBC8AE2E8BA83251EDC214901ED5E8D9A59859A8B6753C3A5E0A5AB5B7089D37D7C0E48F6C5571747095F342E88FB05168BE4CE3AF X-C1DE0DAB: 0D63561A33F958A553EC0D5E31545B933E16BA1CA8B6DA5B18AB239BE8C05292D59269BC5F550898D99A6476B3ADF6B47008B74DF8BB9EF7333BD3B22AA88B938A852937E12ACA7501A9DF589746230F410CA545F18667F91A7EA1CDA0B5A7A0 X-C8649E89: 4E36BF7865823D7055A7F0CF078B5EC49A30900B95165D34A5112A9AECFE11B10A1BF0F9B93E9112966897388175319CA3F4D2D5BDA4C563AED46E77B8C64E4D1D7E09C32AA3244CEEF2E429A09C672C92F421EC061317438580396430872480FACE5A9C96DEB163 X-D57D3AED: 3ZO7eAau8CL7WIMRKs4sN3D3tLDjz0dLbV79QFUyzQ2Ujvy7cMT6pYYqY16iZVKkSc3dCLJ7zSJH7+u4VD18S7Vl4ZUrpaVfd2+vE6kuoey4m4VkSEu530nj6fImhcD4MUrOEAnl0W826KZ9Q+tr5ycPtXkTV4k65bRjmOUUP8cvGozZ33TWg5HZplvhhXbhDGzqmQDTd6OAevLeAnq3Ra9uf7zvY2zzsIhlcp/Y7m53TZgf2aB4JOg4gkr2biojSyb42jm8PHJEHSBGg9tuCA== X-Mailru-Sender: 3B9A0136629DC9125D61937A2360A44699988824E59994688FCD20146F5E3F441377BDD0F5586198424AE0EB1F3D1D21E2978F233C3FAE6EE63DB1732555E4A8EE80603BA4A5B0BC112434F685709FCF0DA7A0AF5A3A8387 X-Mras: Ok Subject: Re: [Tarantool-patches] [RFC v5 5/5] limbo: filter incoming requests X-BeenThere: tarantool-patches@dev.tarantool.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: Tarantool development patches List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , From: Serge Petrenko via Tarantool-patches Reply-To: Serge Petrenko Errors-To: tarantool-patches-bounces@dev.tarantool.org Sender: "Tarantool-patches" 15.07.2021 00:23, Cyrill Gorcunov пишет: > FIXME: This is incomplete PoC > > Closes #6036 > > Signed-off-by: Cyrill Gorcunov > --- > src/box/applier.cc | 3 +++ > src/box/txn_limbo.c | 52 ++++++++++++++++++++++++++++++++++++--------- > src/box/txn_limbo.h | 9 +++++++- > 3 files changed, 53 insertions(+), 11 deletions(-) > > diff --git a/src/box/applier.cc b/src/box/applier.cc > index 838aa372d..c3f3a154a 100644 > --- a/src/box/applier.cc > +++ b/src/box/applier.cc > @@ -871,6 +871,9 @@ apply_synchro_row(uint32_t replica_id, struct xrow_header *row) > goto err; > > txn_limbo_promote_lock(&txn_limbo); > + if (txn_limbo_filter_locked(&txn_limbo, &req) != 0) > + goto err_unlock; > + > struct replica_cb_data rcb_data; > struct synchro_entry entry; > /* > diff --git a/src/box/txn_limbo.c b/src/box/txn_limbo.c > index d24df3606..330ba57b2 100644 > --- a/src/box/txn_limbo.c > +++ b/src/box/txn_limbo.c > @@ -731,6 +731,40 @@ txn_limbo_wait_empty(struct txn_limbo *limbo, double timeout) > return 0; > } > > +int > +txn_limbo_filter_locked(struct txn_limbo *limbo, > + const struct synchro_request *req) > +{ > + struct txn_limbo_promote *pmt = &limbo->promote; > + uint32_t replica_id = req->origin_id; > + uint64_t term = req->term; > + > + panic_on(!txn_limbo_promote_is_locked(limbo), > + "limbo: unlocked filtering of a request"); > + > + /* > + * In case of split brain has happened the promote > + * request may come in with already seen term. > + */ > + uint64_t seen_term = txn_limbo_term_locked(limbo, replica_id); You need to filter by "term_max". Any term smaller than "term_max" is bad. > + if (seen_term >= term) { > + if (iproto_type_is_promote_request(req->type) && > + pmt->terms_max > 1) { > + say_info("RAFT: rejecting %s obsolete request " > + "from instance id %u term %llu. " > + "Current max term %llu.", > + iproto_type_name(req->type), > + replica_id, (long long)term, > + (long long)pmt->terms_max); > + diag_set(ClientError, ER_UNSUPPORTED, > + "Replication", "obsolete terms"); > + return -1; > + } > + } > + > + return 0; > +} > + > void > txn_limbo_process_locked(struct txn_limbo *limbo, > const struct synchro_request *req) > @@ -742,19 +776,14 @@ txn_limbo_process_locked(struct txn_limbo *limbo, > panic_on(!txn_limbo_promote_is_locked(limbo), > "limbo: unlocked processing of a request"); > > + /* > + * Update promote tracking since bad requests must > + * be filtered out already. > + */ > if (txn_limbo_term_locked(limbo, origin) < term) { Filtering was done above,  shouldn't this if(() always evaluate to true now? > vclock_follow(&pmt->terms_map, origin, term); > if (term > pmt->terms_max) > pmt->terms_max = term; > - } else if (iproto_type_is_promote_request(req->type) && > - pmt->terms_max > 1) { > - /* PROMOTE for outdated term. Ignore. */ > - say_info("RAFT: ignoring %s request from instance " > - "id %u for term %llu. Greatest term seen " > - "before (%llu) is bigger.", > - iproto_type_name(req->type), origin, (long long)term, > - (long long)pmt->terms_max); > - return; > } > > int64_t lsn = req->lsn; > @@ -800,12 +829,15 @@ txn_limbo_process_locked(struct txn_limbo *limbo, > return; > } > > -void > +int > txn_limbo_process(struct txn_limbo *limbo, const struct synchro_request *req) > { > txn_limbo_promote_lock(limbo); > + if (txn_limbo_filter_locked(limbo, req) != 0) > + return -1; > txn_limbo_process_locked(limbo, req); > txn_limbo_promote_unlock(limbo); > + return 0; > } > > void > diff --git a/src/box/txn_limbo.h b/src/box/txn_limbo.h > index a2595bcff..bfdfef0e0 100644 > --- a/src/box/txn_limbo.h > +++ b/src/box/txn_limbo.h > @@ -358,8 +358,15 @@ txn_limbo_ack(struct txn_limbo *limbo, uint32_t replica_id, int64_t lsn); > int > txn_limbo_wait_complete(struct txn_limbo *limbo, struct txn_limbo_entry *entry); > > +/** > + * Verify if the request is valid for processing. > + */ > +int > +txn_limbo_filter_locked(struct txn_limbo *limbo, > + const struct synchro_request *req); > + > /** Execute a synchronous replication request. */ > -void > +int > txn_limbo_process(struct txn_limbo *limbo, const struct synchro_request *req); > > void -- Serge Petrenko