[Gluster-devel] handling open fds and graph switches
Raghavendra Bhat
rabhat at redhat.com
Tue Aug 6 08:22:40 UTC 2013
Hi,
As of now, there is a problem when following set of operations are
performed on a file.
open () => unlink () => do a graph change (not reconfigure) => fop on
the opened fd (may be write)
In the above set of operations, the fop performed on the fd after the
graph switch fails with EBADFD (which should not happen). Its because
when the file is unlinked (assume there are no other hardlinks for the
file), the gfid handle present in the .glusterfs directory of the brick
is removed. Now when graph change happens, all fds have to be migrated
to the new graph. Before that a nameless lookup will be sent on the gfid
(to build the new inode in the new graph). The nameless lookup happens
on the gfid handle. But since the gfid handle is removed upon receiving
the unlink, nameless lookup fails, thus failing the fd migration to the
new graph and the fops on the fd are also failed.
A patch has been sent to handle
this(http://review.gluster.org/#/c/5428/), where the gfid handle is
removed when the last reference to the file is removed (i.e upon getting
the unlink, it also checks whether there are any open fds on the inode.
If so, then the gfid handle is not removed. Its removed when release on
that fd is received). But that approach might lead to gfid handle leaks
(what if glusterfsd crashes upon unlinking the last entry? the gfid
handle might not have been removed if there are open fds. And now if
glusterfsd crashes, then the gfid handle for that file is leaked).
Another approach might be to make posix_lookup do a stat on one of the
fds present on the inode when it has to build a INODE HANDLE (which
happens as part of nameless lookup). The nameless lookup suceeds and the
new inode is looked up in the new graph for the client. But after that,
there are 2 more issues.
1) After successful completion of the nameless lookup, the file has to
be opened in the new graph. So a syncop_open is sent on the new graph
for the gfid. In posix_open, posix xlator again tries to open the file
using the gfid handle. But since the gfid handle is removed, open fails
and the file is not opened (thus fd migration fails again.) We can
search the list of fds for the inode, find the right fd that the fuse
client is trying to migrate and return that fd. But searching the right
fd is a hard task. (What if a fuse client has opened 2 fds with same flags?)
2) Another problem is open-behind. Fuse xlator after nameless lookup,
sends syncop_open to migrate the fds. Once the syncop_open is complete
and fds are migrated, PARENT_DOWN event is sent on the old graph and the
client xlator sends release on all the fds (if the previous syncop_open
is successful, then its safe to send release from old graph as the new
fd would have been migrated to the new graph, with corresponding fd
present in the brick). But before that in syncop_open, open-behind might
have sent success to the fuse without actually winding the open call to
the below xlators. Now fuse gets success for the open, sends PARENT_DOWN
to old graph, which sends release on the fd. Thus even though a fd is
present from application's point of view, there are no mechanisms to
access the file (as the fds and gfid handles have been removed already.)
Please provide feedback on the above issues.
Regards,
Raghavendra Bhat
More information about the Gluster-devel
mailing list