wtclient: ensure correct disk mode for overflow queue #8377
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
ellemouton
force-pushed
the
towerTestFlakeFix
branch
from
1c60dac to
b4b23f3
Compare
guggero
reviewed
Jan 15, 2024
ellemouton
force-pushed
the
towerTestFlakeFix
branch
from
b4b23f3 to
84e7de6
Compare
Good idea @guggero 👍 It was a bit more tricky than usual though since this is a race issue. So what i've done is first added a few temporary variables to allow more easy stop/go control from a test & then i've added the reproduction test. Then I add the commit that fixes the issue and finally, I remove all the stop/go code and also the test. |
ellemouton
force-pushed
the
towerTestFlakeFix
branch
2 times, most recently
from
f942de4 to
1f5a645
Compare
In this commit, some temporary variables and logic is added to the DiskOverflowQueue for easy stop/go control from unit tests. This is then used to write a temporary unit tests that demonstrates a race condition that can cause the queue to be in disk mode when it should be in memory mode. This new code & test will be removed after the issue has been fixed.
Before this commit, in the watchtower client's DiskOverflowQueue, there could be a situation _if no consumer was reading from the queue_ that could lead to an in-memory build up of backup tasks instead of the expected disk overflow. This commit fixes this by ensuring that if a task is read from disk, then the mode is set to disk mode to ensure that any new items are persisted to disk in this scenario. The unit tests added in the previous commit is updated here in order to show that the fix does in-fact fix the test.
This commit removes the temporary members added to the DiskOverflowQueue that made it possible to more easily demonstrate a previous bug that existed.
ellemouton
force-pushed
the
towerTestFlakeFix
branch
from
1f5a645 to
65de80b
Compare
bitromortac
approved these changes
Jan 23, 2024
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Before this commit, in the watchtower client's DiskOverflowQueue, there could be a situation if no consumer was reading from the queue that could lead to an in-memory build up of backup tasks instead of the expected disk overflow. This commit fixes this by ensuring that if a task is read from disk, then the mode is set to disk mode to ensure that any new items are persisted to disk in this scenario.
More detailed explanation
This order of events could trigger the flake in question:
toDisk= false (ie, we are in memory-mode)memQueueto its capacity.drainInputListwill try push it toinputChanbut becausememQueueis full, it will returnsuccess=falseand the mode will be switched to disk-mode (toDisk=true).drainInputListwill then instead write the item to disk & push a notification on thenewDiskItemSignalchannel.feedMemQueuethen responds to this signal and callsfeedFromDiskwhich will pop the first item from disk and will block on pushing the item to the currently fullmemQueue.drainInputListstarts handling the second item - since the mode is still "disk-mode" it preps writing the item to disk (but doesnt yet!!)memQueuemeaning thatfeedMemQueuemanages to push the first item tomemQueueand then goes onto the next iteration of thefeedFromDiskloop - Here, it will try read an item from disk but will see that there are no more items items & so will set the mode to memory-mode.drainInputListactually writes the second item to disk and sends a newnewDiskItemSignal.feedMemQueuewill then respond to this signal by reading the new item from disk and blocking on adding it to thememQueue.drainInputListgets - it will try to push those toinputChanbecause the mode is "memory-mode" BUTfeedMemQueuewont be listening on that channel because it is blocking on pushing an item tomemQueue.We want to make sure that if
feedMemQueueis ever blocking on pushing tomemQueue, then the mode MUST be disk-mode.The Fix
The fix is straight forward: basically, if
feedMemQueuesuccessfully pops an item from disk (and is therefore about to potentially block onmemQueuethen it first sets the mode todisk-mode.Confirmation of the correctness of the fix
Before this commit, I ran the test 10k times & ran into the flake 4 times.
After this commit, I ran the test 10k times and did not run into the flake at all.
Fixes #8355