avoid failure to lock content of removed file causing drop etc to fail

This was already prevented in other ways, but as seen in commit
c30fd24d91, those were a bit fragile.
And I'm not sure races were avoided in every case before. At least a
race between two separate git-annex processes, dropping the same
content, seemed possible.

This way, if locking fails, and the content is not present, it will
always do the right thing. Also, it avoids the overhead of an unncessary
inAnnex check for every file.

This commit was sponsored by Denis Dzyubenko on Patreon.
This commit is contained in:
Joey Hess 2020-07-25 11:54:34 -04:00
parent c30fd24d91
commit 2a45b5ae9a
No known key found for this signature in database
GPG key ID: DB12DB0FF05F8F38
11 changed files with 65 additions and 40 deletions

View file

@ -99,13 +99,8 @@ startKeys o from (key, ai) = start' o from key (AssociatedFile Nothing) ai
startLocal :: AssociatedFile -> ActionItem -> NumCopies -> Key -> [VerifiedCopy] -> CommandStart
startLocal afile ai numcopies key preverified =
-- This is a redundant check, because checkContentPresent was
-- enabled when seeking. However, when two files have the same key,
-- the content may have already been removed, which would cause
-- this to fail, so it has to be checked again.
stopUnless (inAnnex key) $
starting "drop" (OnlyActionOn key ai) $
performLocal key afile numcopies preverified
starting "drop" (OnlyActionOn key ai) $
performLocal key afile numcopies preverified
startRemote :: AssociatedFile -> ActionItem -> NumCopies -> Key -> Remote -> CommandStart
startRemote afile ai numcopies key remote =
@ -113,7 +108,7 @@ startRemote afile ai numcopies key remote =
performRemote key afile numcopies remote
performLocal :: Key -> AssociatedFile -> NumCopies -> [VerifiedCopy] -> CommandPerform
performLocal key afile numcopies preverified = lockContentForRemoval key $ \contentlock -> do
performLocal key afile numcopies preverified = lockContentForRemoval key fallback $ \contentlock -> do
u <- getUUID
(tocheck, verified) <- verifiableCopies key [u]
doDrop u (Just contentlock) key afile numcopies [] (preverified ++ verified) tocheck
@ -130,6 +125,13 @@ performLocal key afile numcopies preverified = lockContentForRemoval key $ \cont
notifyDrop afile False
stop
)
where
-- This occurs when, for example, two files are being dropped
-- and have the same content. The seek stage checks if the content
-- is present, but due to buffering, may find it present for the
-- second file before the first is dropped. If so, nothing remains
-- to be done except for cleaning up.
fallback = next $ cleanupLocal key
performRemote :: Key -> AssociatedFile -> NumCopies -> Remote -> CommandPerform
performRemote key afile numcopies remote = do

View file

@ -47,7 +47,7 @@ start key = starting "dropkey" (mkActionItem key) $
perform :: Key -> CommandPerform
perform key = ifM (inAnnex key)
( lockContentForRemoval key $ \contentlock -> do
( lockContentForRemoval key (next $ cleanup key) $ \contentlock -> do
removeAnnex contentlock
next $ cleanup key
, next $ return True

View file

@ -155,7 +155,7 @@ toPerform dest removewhen key afile fastcheck isthere =
RemoveNever -> do
setpresentremote
next $ return True
RemoveSafe -> lockContentForRemoval key $ \contentlock -> do
RemoveSafe -> lockContentForRemoval key lockfailed $ \contentlock -> do
srcuuid <- getUUID
let destuuid = Remote.uuid dest
willDropMakeItWorse srcuuid destuuid deststartedwithcopy key afile >>= \case
@ -188,6 +188,13 @@ toPerform dest removewhen key afile fastcheck isthere =
next $ do
() <- setpresentremote
return False
-- This occurs when, for example, two files are being dropped
-- and have the same content. The seek stage checks if the content
-- is present, but due to buffering, may find it present for the
-- second file before the first is dropped. If so, nothing remains
-- to be done except for cleaning up.
lockfailed = next $ Command.Drop.cleanupLocal key
fromStart :: RemoveWhen -> AssociatedFile -> Key -> ActionItem -> Remote -> CommandStart
fromStart removewhen afile key ai src =

View file

@ -245,7 +245,7 @@ test runannex mkr mkk =
whenwritable r $ isRight <$> tryNonAsync (store r k)
, check ("present " ++ show True) $ \r k -> present r k True
, check "retrieveKeyFile" $ \r k -> do
lockContentForRemoval k removeAnnex
lockContentForRemoval k noop removeAnnex
get r k
, check "fsck downloaded object" fsck
, check "retrieveKeyFile resume from 33%" $ \r k -> do
@ -255,20 +255,20 @@ test runannex mkr mkk =
sz <- hFileSize h
L.hGet h $ fromInteger $ sz `div` 3
liftIO $ L.writeFile tmp partial
lockContentForRemoval k removeAnnex
lockContentForRemoval k noop removeAnnex
get r k
, check "fsck downloaded object" fsck
, check "retrieveKeyFile resume from 0" $ \r k -> do
tmp <- prepTmp k
liftIO $ writeFile tmp ""
lockContentForRemoval k removeAnnex
lockContentForRemoval k noop removeAnnex
get r k
, check "fsck downloaded object" fsck
, check "retrieveKeyFile resume from end" $ \r k -> do
loc <- fromRawFilePath <$> Annex.calcRepo (gitAnnexLocation k)
tmp <- prepTmp k
void $ liftIO $ copyFileExternal CopyAllMetaData loc tmp
lockContentForRemoval k removeAnnex
lockContentForRemoval k noop removeAnnex
get r k
, check "fsck downloaded object" fsck
, check "removeKey when present" $ \r k ->
@ -393,7 +393,7 @@ cleanup rs ks ok
| all Remote.readonly rs = return ok
| otherwise = do
forM_ rs $ \r -> forM_ ks (Remote.removeKey r)
forM_ ks $ \k -> lockContentForRemoval k removeAnnex
forM_ ks $ \k -> lockContentForRemoval k noop removeAnnex
return ok
chunkSizes :: Int -> Bool -> [Int]

View file

@ -115,7 +115,7 @@ removeUnannexed = go []
go c [] = return c
go c (k:ks) = ifM (inAnnexCheck k $ liftIO . enoughlinks)
( do
lockContentForRemoval k removeAnnex
lockContentForRemoval k noop removeAnnex
go c ks
, go (k:c) ks
)