background rollback did happen.
Background rollback should be skipped if the aborting happens due to KILL command issued by user.
Some KILL signals, like KILL CONECTION, wake up the victim too early so that background rollback
could happen in parallel with the victim waking up and continuing execution.
Added methods bf_abort() and total_order_bf_abort() which take
wsrep::unique_lock<wsrep::mutex> as argument to allow caller
to grab the mutex before attempting BF abort. The old calls
were kept for backwards compatibility and wrap the new calls
with internal locking.
Streaming_context was cleaned up in streaming_rollback(),
which could cause clearing fragment seqno vector while
it was still accessed by the owning thread, causing
undefined behavior. Fixed by postponing streaming_context
cleanup for BF aborted SR transactions to always happen in
after_rollback().
Streaming rollback for total order BF abort used regular
BF abort codepath, which was not correct because the streaming
rollback must fully complete before total order operation executes.
Fixed this by adjusting bf_aborted_in_total_order_
before streaming_rollback() gets called.
The condition to skip changing to `s_joined` for all codepaths
which return from donor state. Extracted the logic into separate
method.
Commented start_sst_action in mock_server_service.
When the donor lost its donor state during SST due to cluster
partitioning, the state was erranously changed to `s_joined`
in `start_sst()` and `sst_sent()`, which caused assertion failures
in state checking.
Fixed by changing state to `s_joined` only if donor is still in
`s_donor` state.
Removed calls to assert() from public headers to have
full control when assertions are enabled in wsrep-lib
code regardless of parent project build configuration.
Moved methods containing assertions and non-trivial
code from headers into compilation units.
Compilation failed on arm64 with
error: comparison is always true due to limited range of data type
[-Werror=type-limits]
for
if (0x0 <= *c && *c <= 0x1f)
This was because char is unsigned on arm64 and thus always greater
than zero.
Fixed by using std::iscntrl() instead of explicit range check.
This adds also backspace into set of escaped characters.
Changed server_state public methods sst_received() and wait_until_state()
to report errors as return value instead of throwing exceptions.
This was done to gradually get rid of public methods which report
errors via exceptions.
This change was part of MDEV-30419.
Report event will write json formatted event into report
file.
Include Boost headers as system headers to avoid generating
excessive warnings. Enable extra tests for selected compilers
in actions.
Grabbing back the lock later, after set_position has been called.
This is because set_position may have to wait for correct seqno position
and calls sync wait in galera side. Such wait would happen while holding
the lock, which would case hanging like reported in MDEV-29512
PR for MDEV-29512 contains a mtr test for reproducing one such deadlock
scenario.
This commit introduces provider_options module which
acts as a proxy between application and wsrep provider
library.
When initialized, the provider options are read from the
provider through config service api extension. A lookup
table with current values and defaults is constructed.
Parameter names are mapped so that dots in provider parameter
names are transformed to underscores.
It turns out that avoiding apply error on fragment removal failure, is
not a safe thing to do. If the DBMS restarts, with a entry in the
streaming log storage, it may be recovered by creating a corresponding
streaming applier.
This reverts commit da5098b622.
Return an error if server_id_ is undefined before fragment
certification. This may happen if the server disconnects from the
cluster, right before a transactions attempts to replicate a
fragment.
Attempt to append keys while transaction is not active results in
creating a transaction handle with id -1 (undefined).
Assert that the transaction is `active()` before appending keys.
Same for appending data.
for SYNCED event as expected.
2. Fix transition to `s_joined` only after we have a complete state.
Complete state is reached in the following 3 cases:
- SST seqno exceeds connected seqno
- view seqno equals connected seqno (view processed == view connected)
- current state is `s_donor`
Refs codership/wsrep-lib#175
The fallthrough comment is not enough to silence the warning
with -Wimplicit-fallthrough=5.
This commit also fixes submodule handling in github actions.
This patch introduces a queue to store ids of transactions that failed
to send a rollback fragment in streaming_rollback(). This is to avoid
potentially missed rollback fragments when a cluster splits and then
later reforms. Rollback fragments would be missing if a node rolled
back a transaction locally (either BFed or voluntary rollback) while
non-primary, and the attempt to send rollback fragment failed in
transaction::streaming_rollback().
Transaction that fail to send rollback fragment can proceed to
rollback locally. However we must ensure that rollback fragments for
those transactions are eventually delivered by the cluster. This must
be done before a potentially conflicting writeset causes BF-BF
conflicts in the rest of the cluster.
Handle the case were prepare is bf aborted after it has replicated a
fragment, and before the command finishes in
after_command_before_result() and after_command_after_result() hooks.
Assertion is_streaming() fires in transaction::adopt() when a
transaction is BF aborted, while it is in s_executing state, and it
manages to complete rollback and cleanup while the BF aborter is
executing streaming_rollback() with client_state lock is unlocked.
In this case method transaction::adopt() finds a transaction that is
no longer marked as streaming, triggering the assertion.
A condition variable and flag streaming_rollback_in_progress_ now
prevents a client thread to finish rollback, even if the BF aborter
has temporarily unlocked the client_state lock.
Remove the method as it does nothing, except for calling
`streaming_context_.clear()`. This led to a situation where we have
two ways to do the same thing, and it is annoying, if one wants to search
for all places where streaming_context is cleaned up.
Remove `flags` local variable and use flags_ member in
transaction::commit_or_rollback_by_xid(). This avoids a case where the
pa_unsafe flag was not passed to provider.
The new feature which allows application to set transaction as PA unsafe
caused problems for streaming replication use cases. In apply_write_set(),
it is assumed that write set flags must be 0 for existing streaming
replication transaction. However, if SR transaction modifies non PK table,
the replicated fragment may have pa_unsafe flag.
Fixed by changing the condition detecting SR transactions to accept pa_unsafe
flag. This avoids the apply_write_set() execution from falling down to assert(0)
in the "condition tree"
Resetting pa_unsafe flag after fragment certification. If the flag is not reset,
it would remain in effect until the end of the transaction. However, the PA safety
should be inspected only during fragment applying time.
* Removed transaction::p_unsafe_ member
* Changed transaction::pa_unsafe(bool) to modify flags member directly
* Modified transaction.cpp to use transaction.pa_unsafe(bool) rather than
directly changing transaction's flag
* added method mark_transaction_pa_unsafe() for client_state,
application will use this
Client state end_rsu() didn't reset toi_mode to m_undefined,
which caused an assertion when NBO was started after RSU.
As a fix, reset toi_mode to m_undefined in end_rsu() after
changing mode.
This commit defines a TLS service interface. If the implementation is
provided by the application when the provider is loaded, appropriate
hooks are probed from the provider and the provider side hooks are
initialized after the provider is loaded.
A sample implementation to demostrate the use of TLS interface
is provided in dbsim/db_tls.cpp.
Also contains a change to thread service interface: The
thread exit virtual method was changed to function pointer
to allow thread exit path which does not involve C++.
The method takes already locked lock object as an argument.
The caller must ensure that the lock object owns the underlying mutex.
Replaced homegrown wsrep::unique_lock with type alias from
std::unique_lock.
This patch adds the possibility to have client commands that do not
return results from DBMS. While processing such commands we must be
able to preserve errors until the next interaction with client.
Specifically if the transaction is bf aborted while processing such
a non-returning command, then we have to keep the deadlock error until
the client issues a command that may return the error.
To handle such cases, client_state::before_command() now takes
parameter keep_command_error. The DBMS is supposed set
keep_command_error true to instruct wsrep-lib to preserve errors (if
any) until the next command which sets keep_command_error false.
Dealing with a case where current client command does not return result.
Work in progress.
Fix typo and add assertions in keep_command_error()
Make keep_command_error a parameter to before_commit()
Fix comment about keep_command_error
Handle keep_command_error with s_must_abort in wsrep_before_command()
Fix unit test
