Protect the toc action with the object action lock

If monitor_action is not "reboot" or "crash". So "toc" can not run twice in parallel. Before this patch, a toc action with monitor_action=freezestop could run in parallel on the same object, causing a race to stop the resources, and unclean stop (fuser -k to free fs while app resources are still stopping, for ex).
opensvc · Dec 3, 2019 · 0a510c3 · 0a510c3
1 parent 7dc8301
commit 0a510c3
Showing 1 changed file with 6 additions and 3 deletions.
diff --git a/lib/svc.py b/lib/svc.py
@@ -310,7 +310,6 @@ def signal_handler(*args):
     "set_provisioned",
     "set_unprovisioned",
     "thaw",
-    "toc",
     "validate_config",
 ]
 
@@ -724,6 +723,10 @@ def svclock(self, action=None, timeout=30, delay=1):
         if want_context():
             return
         suffix = None
+
+        if action == "toc" and self.monitor_action in ("reboot", "crash"):
+            return
+
         if (action not in ACTION_NO_ASYNC and self.options.node is not None and self.options.node != "") or \
            action in ACTIONS_NO_LOCK or \
            self.options.nolock or \
@@ -1880,7 +1883,7 @@ def wake_monitor(self):
             if status and data.get("errno") != 111:
                 # 111: EREFUSED (ie daemon down)
                 if error:
-                    self.log.warning(error)
+                    self.log.warning("wake monitor failed: %s", error)
                 else:
                     self.log.warning("wake monitor failed")
         except Exception as exc:
@@ -3822,7 +3825,7 @@ def toc(self):
             self.log.error("invalid monitor action '%s'", self.monitor_action)
             return
         self.log.info("start monitor action '%s'", self.monitor_action)
-        if self.monitor_action != "freezestop":
+        if self.monitor_action not in ("freezestop", "switch"):
             time.sleep(2)
         getattr(self, self.monitor_action)()