2 Trivial Database 2: free list/block handling
3 Copyright (C) Rusty Russell 2010
5 This library is free software; you can redistribute it and/or
6 modify it under the terms of the GNU Lesser General Public
7 License as published by the Free Software Foundation; either
8 version 3 of the License, or (at your option) any later version.
10 This library is distributed in the hope that it will be useful,
11 but WITHOUT ANY WARRANTY; without even the implied warranty of
12 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
13 Lesser General Public License for more details.
15 You should have received a copy of the GNU Lesser General Public
16 License along with this library; if not, see <http://www.gnu.org/licenses/>.
19 #include <ccan/likely/likely.h>
20 #include <ccan/asearch/asearch.h>
22 /* We keep an ordered array of offsets. */
23 static bool append(tdb_off_t **arr, size_t *num, tdb_off_t off)
25 tdb_off_t *new = realloc(*arr, (*num + 1) * sizeof(tdb_off_t));
33 static bool check_header(struct tdb_context *tdb, tdb_off_t *recovery)
36 struct tdb_header hdr;
38 if (tdb_read_convert(tdb, 0, &hdr, sizeof(hdr)) == -1)
40 /* magic food should not be converted, so convert back. */
41 tdb_convert(tdb, hdr.magic_food, sizeof(hdr.magic_food));
43 hash_test = TDB_HASH_MAGIC;
44 hash_test = tdb_hash(tdb, &hash_test, sizeof(hash_test));
45 if (hdr.hash_test != hash_test) {
46 tdb_logerr(tdb, TDB_ERR_CORRUPT, TDB_DEBUG_ERROR,
47 "check: hash test %llu should be %llu",
48 (long long)hdr.hash_test,
49 (long long)hash_test);
53 if (strcmp(hdr.magic_food, TDB_MAGIC_FOOD) != 0) {
54 tdb_logerr(tdb, TDB_ERR_CORRUPT, TDB_DEBUG_ERROR,
55 "check: bad magic '%.*s'",
56 (unsigned)sizeof(hdr.magic_food), hdr.magic_food);
60 *recovery = hdr.recovery;
62 if (*recovery < sizeof(hdr) || *recovery > tdb->map_size) {
63 tdb_logerr(tdb, TDB_ERR_CORRUPT, TDB_DEBUG_ERROR,
64 "tdb_check: invalid recovery offset %zu",
70 /* Don't check reserved: they *can* be used later. */
74 static bool check_hash_tree(struct tdb_context *tdb,
75 tdb_off_t off, unsigned int group_bits,
77 unsigned hprefix_bits,
81 int (*check)(TDB_DATA, TDB_DATA, void *),
84 static bool check_hash_record(struct tdb_context *tdb,
87 unsigned hprefix_bits,
91 int (*check)(TDB_DATA, TDB_DATA, void *),
94 struct tdb_used_record rec;
96 if (tdb_read_convert(tdb, off, &rec, sizeof(rec)) == -1)
99 if (rec_data_length(&rec)
100 != sizeof(tdb_off_t) << TDB_SUBLEVEL_HASH_BITS) {
101 tdb_logerr(tdb, TDB_ERR_CORRUPT, TDB_DEBUG_ERROR,
102 "tdb_check: Bad hash table length %llu vs %llu",
103 (long long)rec_data_length(&rec),
104 (long long)sizeof(tdb_off_t)
105 << TDB_SUBLEVEL_HASH_BITS);
108 if (rec_key_length(&rec) != 0) {
109 tdb_logerr(tdb, TDB_ERR_CORRUPT, TDB_DEBUG_ERROR,
110 "tdb_check: Bad hash table key length %llu",
111 (long long)rec_key_length(&rec));
114 if (rec_hash(&rec) != 0) {
115 tdb_logerr(tdb, TDB_ERR_CORRUPT, TDB_DEBUG_ERROR,
116 "tdb_check: Bad hash table hash value %llu",
117 (long long)rec_hash(&rec));
122 return check_hash_tree(tdb, off,
123 TDB_SUBLEVEL_HASH_BITS-TDB_HASH_GROUP_BITS,
124 hprefix, hprefix_bits,
125 used, num_used, num_found, check, private_data);
128 static int off_cmp(const tdb_off_t *a, const tdb_off_t *b)
130 /* Can overflow an int. */
136 static uint64_t get_bits(uint64_t h, unsigned num, unsigned *used)
140 return (h >> (64 - *used)) & ((1U << num) - 1);
143 static bool check_hash_tree(struct tdb_context *tdb,
144 tdb_off_t off, unsigned int group_bits,
146 unsigned hprefix_bits,
150 int (*check)(TDB_DATA, TDB_DATA, void *),
154 const tdb_off_t *hash;
155 struct tdb_used_record rec;
157 hash = tdb_access_read(tdb, off,
159 << (group_bits + TDB_HASH_GROUP_BITS),
164 for (g = 0; g < (1 << group_bits); g++) {
165 const tdb_off_t *group = hash + (g << TDB_HASH_GROUP_BITS);
166 for (b = 0; b < (1 << TDB_HASH_GROUP_BITS); b++) {
167 unsigned int bucket, i, used_bits;
173 off = group[b] & TDB_OFF_MASK;
174 p = asearch(&off, used, num_used, off_cmp);
176 tdb_logerr(tdb, TDB_ERR_CORRUPT,
178 "tdb_check: Invalid offset %llu "
179 "in hash", (long long)off);
182 /* Mark it invalid. */
186 if (is_subhash(group[b])) {
189 << (group_bits + TDB_HASH_GROUP_BITS))
190 + g * (1 << TDB_HASH_GROUP_BITS) + b;
192 if (!check_hash_record(tdb,
193 group[b] & TDB_OFF_MASK,
197 + TDB_HASH_GROUP_BITS,
198 used, num_used, num_found,
199 check, private_data))
205 /* Does it belong here at all? */
206 h = hash_record(tdb, off);
208 if (get_bits(h, hprefix_bits, &used_bits) != hprefix
210 tdb_logerr(tdb, TDB_ERR_CORRUPT,
212 "check: bad hash placement"
214 (long long)h, (long long)hprefix);
218 /* Does it belong in this group? */
219 if (get_bits(h, group_bits, &used_bits) != g) {
220 tdb_logerr(tdb, TDB_ERR_CORRUPT,
222 "check: bad group %llu vs %u",
227 /* Are bucket bits correct? */
228 bucket = group[b] & TDB_OFF_HASH_GROUP_MASK;
229 if (get_bits(h, TDB_HASH_GROUP_BITS, &used_bits)
231 used_bits -= TDB_HASH_GROUP_BITS;
232 tdb_logerr(tdb, TDB_ERR_CORRUPT,
234 "check: bad bucket %u vs %u",
235 (unsigned)get_bits(h,
242 /* There must not be any zero entries between
243 * the bucket it belongs in and this one! */
246 i = (i + 1) % (1 << TDB_HASH_GROUP_BITS)) {
248 tdb_logerr(tdb, TDB_ERR_CORRUPT,
250 "check: bad group placement"
257 if (tdb_read_convert(tdb, off, &rec, sizeof(rec)))
260 /* Bottom bits must match header. */
261 if ((h & ((1 << 11)-1)) != rec_hash(&rec)) {
262 tdb_logerr(tdb, TDB_ERR_CORRUPT,
264 "tdb_check: Bad hash magic at"
265 " offset %llu (0x%llx vs 0x%llx)",
268 (long long)rec_hash(&rec));
274 key.dsize = rec_key_length(&rec);
275 data.dsize = rec_data_length(&rec);
276 key.dptr = (void *)tdb_access_read(tdb,
278 key.dsize + data.dsize,
282 data.dptr = key.dptr + key.dsize;
283 if (check(key, data, private_data) != 0)
285 tdb_access_release(tdb, key.dptr);
289 tdb_access_release(tdb, hash);
293 tdb_access_release(tdb, hash);
297 static bool check_hash(struct tdb_context *tdb,
299 size_t num_used, size_t num_flists,
300 int (*check)(TDB_DATA, TDB_DATA, void *),
303 /* Free lists also show up as used. */
304 size_t num_found = num_flists;
306 if (!check_hash_tree(tdb, offsetof(struct tdb_header, hashtable),
307 TDB_TOPLEVEL_HASH_BITS-TDB_HASH_GROUP_BITS,
308 0, 0, used, num_used, &num_found,
309 check, private_data))
312 if (num_found != num_used) {
313 tdb_logerr(tdb, TDB_ERR_CORRUPT, TDB_DEBUG_ERROR,
314 "tdb_check: Not all entries are in hash");
320 static bool check_free(struct tdb_context *tdb,
322 const struct tdb_free_record *frec,
323 tdb_off_t prev, unsigned int flist, unsigned int bucket)
325 if (frec_magic(frec) != TDB_FREE_MAGIC) {
326 tdb_logerr(tdb, TDB_ERR_CORRUPT, TDB_DEBUG_ERROR,
327 "tdb_check: offset %llu bad magic 0x%llx",
328 (long long)off, (long long)frec->magic_and_prev);
331 if (frec_flist(frec) != flist) {
332 tdb_logerr(tdb, TDB_ERR_CORRUPT, TDB_DEBUG_ERROR,
333 "tdb_check: offset %llu bad freelist %u",
334 (long long)off, frec_flist(frec));
338 if (tdb->methods->oob(tdb, off
339 + frec_len(frec) + sizeof(struct tdb_used_record),
342 if (size_to_bucket(frec_len(frec)) != bucket) {
343 tdb_logerr(tdb, TDB_ERR_CORRUPT, TDB_DEBUG_ERROR,
344 "tdb_check: offset %llu in wrong bucket %u vs %u",
346 bucket, size_to_bucket(frec_len(frec)));
349 if (prev != frec_prev(frec)) {
350 tdb_logerr(tdb, TDB_ERR_CORRUPT, TDB_DEBUG_ERROR,
351 "tdb_check: offset %llu bad prev %llu vs %llu",
353 (long long)prev, (long long)frec_len(frec));
359 static bool check_free_list(struct tdb_context *tdb,
366 struct tdb_freelist flist;
370 if (tdb_read_convert(tdb, flist_off, &flist, sizeof(flist)) == -1)
373 if (rec_magic(&flist.hdr) != TDB_MAGIC
374 || rec_key_length(&flist.hdr) != 0
375 || rec_data_length(&flist.hdr) != sizeof(flist) - sizeof(flist.hdr)
376 || rec_hash(&flist.hdr) != 1) {
377 tdb_logerr(tdb, TDB_ERR_CORRUPT, TDB_DEBUG_ERROR,
378 "tdb_check: Invalid header on free list");
382 for (i = 0; i < TDB_FREE_BUCKETS; i++) {
383 tdb_off_t off, prev = 0, *p;
384 struct tdb_free_record f;
386 h = bucket_off(flist_off, i);
387 for (off = tdb_read_off(tdb, h); off; off = f.next) {
388 if (off == TDB_OFF_ERR)
390 if (tdb_read_convert(tdb, off, &f, sizeof(f)))
392 if (!check_free(tdb, off, &f, prev, flist_num, i))
395 /* FIXME: Check hash bits */
396 p = asearch(&off, free, num_free, off_cmp);
398 tdb_logerr(tdb, TDB_ERR_CORRUPT,
400 "tdb_check: Invalid offset"
401 " %llu in free table",
405 /* Mark it invalid. */
414 /* Slow, but should be very rare. */
415 size_t dead_space(struct tdb_context *tdb, tdb_off_t off)
419 for (len = 0; off + len < tdb->map_size; len++) {
421 if (tdb->methods->read(tdb, off, &c, 1))
423 if (c != 0 && c != 0x43)
429 static bool check_linear(struct tdb_context *tdb,
430 tdb_off_t **used, size_t *num_used,
431 tdb_off_t **free, size_t *num_free,
436 bool found_recovery = false;
438 for (off = sizeof(struct tdb_header); off < tdb->map_size; off += len) {
440 struct tdb_used_record u;
441 struct tdb_free_record f;
442 struct tdb_recovery_record r;
444 /* r is larger: only get that if we need to. */
445 if (tdb_read_convert(tdb, off, &rec, sizeof(rec.f)) == -1)
448 /* If we crash after ftruncate, we can get zeroes or fill. */
449 if (rec.r.magic == TDB_RECOVERY_INVALID_MAGIC
450 || rec.r.magic == 0x4343434343434343ULL) {
451 if (tdb_read_convert(tdb, off, &rec, sizeof(rec.r)))
454 if (recovery == off) {
455 found_recovery = true;
456 len = sizeof(rec.r) + rec.r.max_len;
458 len = dead_space(tdb, off);
459 if (len < sizeof(rec.r)) {
460 tdb_logerr(tdb, TDB_ERR_CORRUPT,
462 "tdb_check: invalid dead"
468 tdb_logerr(tdb, TDB_SUCCESS, TDB_DEBUG_WARNING,
469 "Dead space at %zu-%zu (of %zu)",
470 (size_t)off, (size_t)(off + len),
471 (size_t)tdb->map_size);
473 } else if (rec.r.magic == TDB_RECOVERY_MAGIC) {
474 if (tdb_read_convert(tdb, off, &rec, sizeof(rec.r)))
476 if (recovery != off) {
477 tdb_logerr(tdb, TDB_ERR_CORRUPT,
479 "tdb_check: unexpected recovery"
480 " record at offset %zu",
484 if (rec.r.len > rec.r.max_len) {
485 tdb_logerr(tdb, TDB_ERR_CORRUPT,
487 "tdb_check: invalid recovery length"
488 " %zu", (size_t)rec.r.len);
491 if (rec.r.eof > tdb->map_size) {
492 tdb_logerr(tdb, TDB_ERR_CORRUPT,
494 "tdb_check: invalid old EOF"
495 " %zu", (size_t)rec.r.eof);
498 found_recovery = true;
499 len = sizeof(rec.r) + rec.r.max_len;
500 } else if (frec_magic(&rec.f) == TDB_FREE_MAGIC
501 || frec_magic(&rec.f) == TDB_COALESCING_MAGIC) {
502 len = sizeof(rec.u) + frec_len(&rec.f);
503 if (off + len > tdb->map_size) {
504 tdb_logerr(tdb, TDB_ERR_CORRUPT,
506 "tdb_check: free overlength %llu"
508 (long long)len, (long long)off);
511 /* This record is free! */
512 if (frec_magic(&rec.f) == TDB_FREE_MAGIC
513 && !append(free, num_free, off))
516 uint64_t klen, dlen, extra;
518 /* This record is used! */
519 if (rec_magic(&rec.u) != TDB_MAGIC) {
520 tdb_logerr(tdb, TDB_ERR_CORRUPT,
522 "tdb_check: Bad magic 0x%llx"
524 (long long)rec_magic(&rec.u),
529 if (!append(used, num_used, off))
532 klen = rec_key_length(&rec.u);
533 dlen = rec_data_length(&rec.u);
534 extra = rec_extra_padding(&rec.u);
536 len = sizeof(rec.u) + klen + dlen + extra;
537 if (off + len > tdb->map_size) {
538 tdb_logerr(tdb, TDB_ERR_CORRUPT,
540 "tdb_check: used overlength %llu"
542 (long long)len, (long long)off);
546 if (len < sizeof(rec.f)) {
547 tdb_logerr(tdb, TDB_ERR_CORRUPT,
549 "tdb_check: too short record %llu"
551 (long long)len, (long long)off);
557 /* We must have found recovery area if there was one. */
558 if (recovery != 0 && !found_recovery) {
559 tdb_logerr(tdb, TDB_ERR_CORRUPT, TDB_DEBUG_ERROR,
560 "tdb_check: expected a recovery area at %zu",
568 int tdb_check(struct tdb_context *tdb,
569 int (*check)(TDB_DATA key, TDB_DATA data, void *private_data),
572 tdb_off_t *free = NULL, *used = NULL, flist, recovery;
573 size_t num_free = 0, num_used = 0, num_found = 0, num_flists = 0;
575 if (tdb_allrecord_lock(tdb, F_RDLCK, TDB_LOCK_WAIT, false) != 0)
578 if (tdb_lock_expand(tdb, F_RDLCK) != 0) {
579 tdb_allrecord_unlock(tdb, F_RDLCK);
583 if (!check_header(tdb, &recovery))
586 /* First we do a linear scan, checking all records. */
587 if (!check_linear(tdb, &used, &num_used, &free, &num_free, recovery))
590 for (flist = first_flist(tdb); flist; flist = next_flist(tdb, flist)) {
591 if (flist == TDB_OFF_ERR)
593 if (!check_free_list(tdb, flist, num_flists, free, num_free,
599 /* FIXME: Check key uniqueness? */
600 if (!check_hash(tdb, used, num_used, num_flists, check, private_data))
603 if (num_found != num_free) {
604 tdb_logerr(tdb, TDB_ERR_CORRUPT, TDB_DEBUG_ERROR,
605 "tdb_check: Not all entries are in free table");
609 tdb_allrecord_unlock(tdb, F_RDLCK);
610 tdb_unlock_expand(tdb, F_RDLCK);
614 tdb_allrecord_unlock(tdb, F_RDLCK);
615 tdb_unlock_expand(tdb, F_RDLCK);
projects / ccan / blob