dee

Merge lp:~mhr3/dee/discard-invalid-transactions into lp:dee

  1. discard-invalid-transactions
  2. Merge into trunk
Proposed by Michal Hruby
Status: Merged
Approved by: Didier Roche-Tolomelli
Approved revision: 360
Merged at revision: 360
Proposed branch: lp:~mhr3/dee/discard-invalid-transactions
Merge into: lp:dee
Diff against target: 85 lines (+26/-17)
1 file modified
src/dee-shared-model.c (+26/-17)
To merge this branch: bzr merge lp:~mhr3/dee/discard-invalid-transactions
Reviewer Review Type Date Requested Status
Mikkel Kamstrup Erlandsen (community) Approve
Review via email: mp+99267@code.launchpad.net

Commit message

Discard invalid transactions

Description of the change

When we receive a commit on a model that is not valid (wrong seqnum etc), we only emit a warning and apply the transaction. This is wrong as it may leave the model in a weird state, the transaction needs to be discarded.

Discard invalid transactions.

To post a comment you must log in.
Revision history for this message
Mikkel Kamstrup Erlandsen (kamstrup) wrote :

Code looks correct. Nice to get rid of the FIXMEs :-)

Testing wise it would be quite a lot of work for little gain. These code paths are quite heavily tested already, and getting into all the nooks and crannies of the ways this can fail is a big undertaking. Very worthwhile, but let's not block this branch on it.

review: Approve

Preview Diff

[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk
1=== modified file 'src/dee-shared-model.c'
2--- src/dee-shared-model.c 2012-02-28 10:56:27 +0000
3+++ src/dee-shared-model.c 2012-03-26 08:47:25 +0000
4@@ -1183,6 +1183,7 @@
5 guint32 pos;
6 guchar change_type;
7 gint i, j;
8+ gboolean transaction_error;
9
10 g_return_if_fail (DEE_IS_SHARED_MODEL (self));
11 g_return_if_fail (transaction != NULL);
12@@ -1249,48 +1250,56 @@
13 g_variant_get (tt, "(tt)", &seqnum_before, &seqnum_after);
14 g_variant_unref (tt);
15
16+ transaction_error = FALSE;
17 /* If this is our first transaction we accept anything, if not the
18 * incoming seqnums must align with our own records */
19 current_seqnum = dee_serializable_model_get_seqnum (DEE_MODEL (self));
20- if (current_seqnum != 0 &&
21- current_seqnum != seqnum_before)
22- {
23+
24+ if (current_seqnum != 0 && current_seqnum != seqnum_before)
25+ {
26 g_warning ("Transaction from %s is in the %s. Expected seqnum %"G_GUINT64_FORMAT
27 ", but got %"G_GUINT64_FORMAT". Ignoring transaction.",
28 sender_name,
29 current_seqnum < seqnum_before ? "future" : "past",
30 current_seqnum, seqnum_before);
31- if (dee_shared_model_is_leader (self))
32- {
33- g_warning ("Invalidating %s", sender_name);
34- invalidate_peer (self, sender_name, NULL);
35- }
36-
37- g_variant_unref (transaction);
38- g_variant_unref (aav);
39- g_variant_unref (au);
40- g_variant_unref (ay);
41- return;
42- }
43+ transaction_error = TRUE;
44+ }
45
46 /* Check that the lengths of all the arrays match up */
47 n_rows = g_variant_n_children (aav);
48+
49 if (n_rows != g_variant_n_children (au))
50 {
51 g_warning ("Commit from %s has illegal position vector",
52 sender_name);
53- // FIXME cleanup
54+ transaction_error = TRUE;
55 }
56 if (n_rows != g_variant_n_children (ay))
57 {
58 g_warning ("Commit from %s has illegal change type vector",
59 sender_name);
60- // FIXME cleanup
61+ transaction_error = TRUE;
62 }
63 if (n_rows > (seqnum_after - seqnum_before))
64 {
65 g_warning ("Commit from %s has illegal seqnum count.",
66 sender_name);
67+ transaction_error = TRUE;
68+ }
69+
70+ if (transaction_error)
71+ {
72+ if (dee_shared_model_is_leader (self))
73+ {
74+ g_warning ("Invalidating %s", sender_name);
75+ invalidate_peer (self, sender_name, NULL);
76+ }
77+
78+ g_variant_unref (transaction);
79+ g_variant_unref (aav);
80+ g_variant_unref (au);
81+ g_variant_unref (ay);
82+ return;
83 }
84
85 /* Allocate an array on the stack as a temporary row data buffer */

Subscribers

People subscribed via source and target branches

to all changes: