DAOS-16931 container: fix oid iv race with using invalid on_update ptr #15714
There are no files selected for viewing
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -1,5 +1,6 @@ | ||
| /** | ||
| * (C) Copyright 2017-2024 Intel Corporation. | ||
| * (C) Copyright 2025 Hewlett Packard Enterprise Development LP | ||
| * | ||
| * SPDX-License-Identifier: BSD-2-Clause-Patent | ||
| */ | ||
|
|
@@ -133,10 +134,10 @@ oid_iv_ent_update(struct ds_iv_entry *ns_entry, struct ds_iv_key *iv_key, | |
| entry = ns_entry->iv_value.sg_iovs[0].iov_buf; | ||
| rc = ABT_mutex_trylock(entry->lock); | ||
| /** For retry requests, from _iv_op(), the lock may not be released in some cases. */ | ||
| if (rc == ABT_ERR_MUTEX_LOCKED && entry->current_req != priv) | ||
|
There was a problem hiding this comment. Just to double-check -- does on_get() implementation always return a valid priv or are there cases when priv returned can be NULL? (iv framework just passes whatever priv was filled with, we dont enforce it to be non-null). if latter, then two requests might have same null priv causing issues with this logic. There was a problem hiding this comment. for the oid iv, the on get returns a valid ptr always. see here: There was a problem hiding this comment. looks like the "entry->current_req == priv" can never be true, as every time it will allocate a new one though oid_iv_ent_get(). So why need this check in the original place? There was a problem hiding this comment. I am not sure TBH. @wangdi1 had added this one a while back. according to wangdi's comment, on an IV retry operation, we can re-enter the on-update call. but are you saying on a retry, we are calling on_get() again and so we have a new priv pointer allocated? There was a problem hiding this comment. If the "retry" you mean here - Then yes, I think the retry of iv_op_internal() -> crt_iv_update()/crt_iv_fetch(), it will cause the oid_iv_ent_get() be called in the path and provide a new priv pointer. @wangdi1 is above correct? There was a problem hiding this comment. There was a problem hiding this comment. using src is just wrong.. it causes assertions. check the ticket. There was a problem hiding this comment. hmm perhaps you may want to use "entry->current_req = src->sg_iovs[0].iov_buf" while 'src' (temp iv value) can be on the stack, depending where iv calls it from, the underlying iov buffer will be provided by on_get(), so should remain valid until a corresponding on_put() There was a problem hiding this comment. yea that was my thought as well. thanks Alex, i'll post a follow on PR. There was a problem hiding this comment. "while 'src' (temp iv value) can be on the stack, depending where iv calls it from, the underlying iov buffer will be provided by on_get()," |
||
| return -DER_BUSY; | ||
|
|
||
| entry->current_req = priv; | ||
| avail = &entry->rg; | ||
|
|
||
| oids = src->sg_iovs[0].iov_buf; | ||
|
|
||
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
is it guaranteed that priv going to be the same for retry requests? i am not sure what daos stores in it or how it manages it across requests
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
yes i believe so. the priv is allocated on the on-get CB. so it will not change on retry afaik.