dafs: prevent corruption in large fsstate.dat files

If while writing to the fsstate.dat file, it exceeds the current
size of the file (multiples of FS_STATE_INIT_FILESIZE (8MiB)),
we call fs_stateResizeFile.  This un-mmaps, truncates, and
re-mmaps the file.  Unfortunately, fs_stateMapFile() resets the
state->mmap.offset and .cursor, so any writes in flight over
the resize will overwrite the first bytes of the file (and leave
zeros in the file where the data should have been written).

Upon return from the write that caused a file resize, the offset
is eventually corrected and the state dump continues with a
silent failure.  Eventually the state dump completes and the
file header is rewritten; this may conceal some or all of
the overwrite damage at offset 0.  However, any zeros near the 8MiB
offset (and its multiples) remain as corruption.

Add a flag to fs_stateMapFile() to allow the caller to specify if
the offset and cursor should be preserved.  Modify fs_stateResizeFile()
to use this capability.

testing note: temporarily reduced FS_STATE_INIT_FILESIZE to 256 bytes
during testing in order to make the problem easier to reproduce.
This problem would normally occur only on relatively large/active
DAFS fileservers.

Reviewed-on: http://gerrit.openafs.org/9599
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Derrick Brashear <shadow@your-file-system.com>
(cherry picked from commit 42351db75e04e46012208d38f80dc17be7ab776d)

Change-Id: I05a01ebce15e26534361863ed0f8d3161c3f8240
Reviewed-on: http://gerrit.openafs.org/9683
Reviewed-by: Michael Meffie <mmeffie@sinenomine.net>
Reviewed-by: Derrick Brashear <shadow@your-file-system.com>
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Andrew Deason <adeason@sinenomine.net>
Reviewed-by: Stephan Wiesand <stephan.wiesand@desy.de>

diff --git a/src/tviced/serialize_state.c b/src/tviced/serialize_state.c
index cc29623269b2f74cf2e47318a8817f5f02f25fe0..e70391ff853e2a5bd1e0e96370a05be54f0fb44d 100644 (file)
--- a/src/tviced/serialize_state.c
+++ b/src/tviced/serialize_state.c
@@ -121,7 +121,7 @@ static int fs_stateSizeFile(struct fs_dump_state * state);
 static int fs_stateResizeFile(struct fs_dump_state * state, size_t min_add);
 static int fs_stateTruncateFile(struct fs_dump_state * state);
 
-static int fs_stateMapFile(struct fs_dump_state * state);
+static int fs_stateMapFile(struct fs_dump_state * state, int preserve_flag);
 static int fs_stateUnmapFile(struct fs_dump_state * state);
 
 static int fs_stateIncCursor(struct fs_dump_state * state, size_t len);
@@ -387,7 +387,7 @@ fs_stateCreateDump(struct fs_dump_state * state)
        goto done;
     }
 
-    if (fs_stateMapFile(state)) {
+    if (fs_stateMapFile(state, 0)) {
        ViceLog(0, ("fs_stateCreateDump: failed to memory map state dump file '%s'\n",
                    state->fn));
        ret = 1;
@@ -512,7 +512,7 @@ fs_stateLoadDump(struct fs_dump_state * state)
     state->file_len = status.st_size;
 
 #ifdef FS_STATE_USE_MMAP
-    if (fs_stateMapFile(state)) {
+    if (fs_stateMapFile(state, 0)) {
        ViceLog(0, ("fs_stateLoadDump: failed to memory map state dump file '%s'\n",
                    state->fn));
        ret = 1;
@@ -781,7 +781,7 @@ fs_stateResizeFile(struct fs_dump_state * state, size_t min_add)
        goto done;
     }
 
-    if (fs_stateMapFile(state)) {
+    if (fs_stateMapFile(state, 1)) {
        ViceLog(0, ("fs_stateResizeFile: remapping memory mapped file failed\n"));
        ret = 1;
        goto done;
@@ -804,7 +804,7 @@ fs_stateTruncateFile(struct fs_dump_state * state)
 }
 
 static int
-fs_stateMapFile(struct fs_dump_state * state)
+fs_stateMapFile(struct fs_dump_state * state, int preserve_flag )
 {
     int ret = 0, flags;
 
@@ -838,8 +838,16 @@ fs_stateMapFile(struct fs_dump_state * state)
 
     state->mmap.size = state->file_len;
     state->mmap.cursor = state->mmap.map;
-    state->mmap.offset = 0;
 
+    if (preserve_flag) {
+       /* don't lose track of where we are during a file resize */
+       afs_foff_t curr_offset = state->mmap.offset;
+
+       state->mmap.offset = 0;
+       fs_stateIncCursor(state, curr_offset);
+    } else {           /* reset offset */
+       state->mmap.offset = 0;
+    }
     /* for state loading, accesses will be sequential, so let's give
      * the VM subsystem a heads up */
     if (state->mode == FS_STATE_LOAD_MODE) {