Otherwise, clear_data on MOSDOp will leave essentially
all of the buffers intact. This is a problem since the
OpTracker mechanism relies on being able to keep the mesage
around without keeping around the data.
Signed-off-by: Samuel Just <sam.just@inktank.com>
This makes it possible to test timeouts reliably by delaying certain
messages effectively forever, but still being able to e.g. connect and
authenticate to the monitors.
Signed-off-by: Josh Durgin <josh.durgin@inktank.com>
On OSX (and currently any platform missing the MSG_MORE
macro) the MSG_MORE optimization is disabled. The MSG_NOSIGNAL flag is
available on OSX but is called SO_NOSIGPIPE and must be set via
setsockopt.
Signed-off-by: Noah Watkins <noahwatkins@gmail.com>
Adds a ceph_spinlock_t implementation that will use pthread_spinlock_t
if available, and otherwise reverts to pthread_mutex_t. Note that this
spinlock is not intended to be used in process-shared memory.
Switches implementation in:
ceph_context
SimpleMessenger
atomic_t
Only ceph_context initialized its spinlock with PTHREAD_PROCESS_SHARED.
However, there does not appear to be any instance in which CephContext
is allocated in shared memory, and thus can use the default private
memory space behavior.
Signed-off-by: Noah Watkins <noahwatkins@gmail.com>
May as well be pedantic about it, even though we are leaving the port
in numeric form.
Signed-off-by: Sage Weil <sage@inktank.com>
Reviewed-by: Yehuda Sadeh <yehuda@inktank.com>
- Enabling subdir objects
- Created a Makefile-env.am with basic automake init
- Created .am files per subdir, included from src/Makefile.am
Signed-off-by: Roald J. van Loon <roaldvanloon@gmail.com>
- the generic function without the _le suffix (useless)
- use a static global so that detection only happens once
- make the structure a bit cleaner to plug in new implementations
Signed-off-by: Sage Weil <sage@inktank.com>
If we see a peer reporting features ~0ull, we know they are deluded in a
particular way and should infer what features they *actually* have. Do
this right when the features come over the wire to catch all users.
Fixes: #5655
Signed-off-by: Samuel Just <sam.just@inktank.com>
Signed-off-by: Sage Weil <sage@inktank.com>
Document these in the interface, not the implementation; having two copies
clutters the header and invites them to get out of sync.
Signed-off-by: Sage Weil <sage@inktank.com>
If the caller is marking down an addr, they presumably don't have the
Connection* handy, so we should generate a reset event to help them
clean up con <-> session ref cycles.
Signed-off-by: Sage Weil <sage@inktank.com>
We shouldn't hold the pipe_lock while doing the ms_verify_authorizer
upcalls.
Fix by unlocking a bit earlier, and verifying our state is still correct
in the failure path.
This regression was introduced by ecab4bb9513385bd765cca23e4e2fadb7ac4bac2.
Signed-off-by: Sage Weil <sage@inktank.com>
Reviewed-by: Greg Farnum <greg@inktank.com>
Previously we did not bother with locking for accept() because we were
not visible to any other threads. However, we need to close accepting
Pipes from mark_down_all(), which means we need to handle interference.
Fix up the locking so that we hold pipe_lock when looking at Pipe state
and verify that we are still in the ACCEPTING state any time we retake
the lock.
Signed-off-by: Sage Weil <sage@inktank.com>
New pipes exist in a sort of limbo before we know who the peer is and
add them to rank_pipe. Keep a list of them in accepting_pipes for that
period.
Signed-off-by: Sage Weil <sage@inktank.com>
We can have a situation where:
- we have a pipe to a peer
- pipe goes to standby (on peer)
- we rebind to a new port
- ....
- we rebind again to the same old port
- we connect to peer
and get reattached to the ancient pipe from two instances back. Avoid that
by picking a new nonce each time we rebind.
Add 1,000,000 each time so that the port is still legible in the printed
output.
Signed-off-by: Sage Weil <sage@inktank.com>
If we are shutting down all old connections and binding to new ports,
we want to avoid a sequence like:
- close all prevoius connections
- new connection comes in on old port
- rebind to new ports
-> connection from old port leaks through
As a first step, close all connections after we shut down the old
accepter and before we start the new one.
Signed-off-by: Sage Weil <sage@inktank.com>
We need to maintain the invariant that all sub queues in out_q are never
empty. Fix discard_requeued_up_to() to avoid creating an entry unless we
know it is already present.
This bug leads to an incorrect reconnect attempt when
- we accept a pipe (lossless peer)
- they send some stuff, maybe
- fault
- we initiate reconnect, even tho we have nothing queued
In particular, we shouldn't reconnect because we aren't checking for
resets, and the fact that our out_seq is 0 while the peer's might be
something else entirely will trigger asserts later.
This fixes at least one source of #5626, and possibly #5517.
Backport: cuttlefish
Signed-off-by: Sage Weil <sage@inktank.com>
Calling handle_ack() here has no effect because we have already
spliced sent messages back into our out queue. Instead, pull them out
of there and discard. Add a few assertions along the way.
Signed-off-by: Sage Weil <sage@inktank.com>
Reviewed-by: Greg Farnum <greg@inktank.com>
This avoids the need for a conditional decoding check on ceph-dencoder,
and makes it match up with what encode_message() is doing. The new(ish)
fields in the footer (the signature) is not useful for the object
corpus.
Signed-off-by: Sage Weil <sage@inktank.com>
Compare all keys within the sync'ed prefixes across members of the quorum
and compare the key counts and CRC for inconsistencies.
Currently this is a one-shot inefficient hammer. We'll want to make this
work in chunks before it is usable in production environments.
Protect with a feature bit to avoid sending MMonScrub to mons who can't
decode it.
Signed-off-by: Sage Weil <sage@inktank.com>
Reviewed-by: Greg Farnum <greg@inktank.com>
Fixes: #5497
Signed-off-by: Samuel Just <sam.just@inktank.com>
Reviewed-by: Sage Weil <sage@inktank.com>
Reviewed-by: Joao Luis <joao.luis@inktank.com>
We already handle the lossless replacement and lossy fault paths, but
not the lossy replacement. This fixes an assert(!cleared) in the
reaper. Adjust comments appropriately.
Signed-off-by: Sage Weil <sage@inktank.com>
All paths to pipe shutdown should have cleared the con->pipe reference
already. Assert as much.
Also, do it under pipe_lock!
Signed-off-by: Sage Weil <sage@inktank.com>
Instead of duplicating an incomplete cleanup sequence (that does not
clear_pipe()), goto fail_unlocked and do the cleanup in a generic way.
s/rc/r/ while we are here.
Signed-off-by: Sage Weil <sage@inktank.com>
Observed a segfault in rebind -> mark_down_all -> clear_pipe -> put that
may have been due to a racing thread clearing the connection_state pointer.
Do the clear_pipe() call under the protection of pipe_lock, as we do in
all other contexts.
Signed-off-by: Sage Weil <sage@inktank.com>
When the shutdown/stop flag is set, continue to work through the queue.
Process events, but discard messages. This avoids the loss of reset events
on shutdown that are necessary to clean up ref cycles.
Signed-off-by: Sage Weil <sage@inktank.com>
Use the atomic pipe link removal as a signal that we are the one failing
the con and use that to queue the reset event.
This fixes the case where we have an open, the session gets set up via the
handle_accept callback, and then race with another connection and go into
wait + close, or just close. In that case, fault() needs to queue a reset
event to match the accept.
Signed-off-by: Sage Weil <sage@inktank.com>
This gives the ms_handle_reset call a chance to clean up (for example, by
breaking a con->priv <-> session reference cycle).
Signed-off-by: Sage Weil <sage@inktank.com>
