2 Unix SMB/CIFS implementation.
4 trivial database library
6 Copyright (C) Andrew Tridgell 2005
7 Copyright (C) Rusty Russell 2010
9 ** NOTE! The following LGPL license applies to the tdb
10 ** library. This does NOT imply that all of Samba is released
13 This library is free software; you can redistribute it and/or
14 modify it under the terms of the GNU Lesser General Public
15 License as published by the Free Software Foundation; either
16 version 3 of the License, or (at your option) any later version.
18 This library is distributed in the hope that it will be useful,
19 but WITHOUT ANY WARRANTY; without even the implied warranty of
20 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
21 Lesser General Public License for more details.
23 You should have received a copy of the GNU Lesser General Public
24 License along with this library; if not, see <http://www.gnu.org/licenses/>.
28 #define SAFE_FREE(x) do { if ((x) != NULL) {free((void *)x); (x)=NULL;} } while(0)
33 - only allow a single transaction at a time per database. This makes
34 using the transaction API simpler, as otherwise the caller would
35 have to cope with temporary failures in transactions that conflict
36 with other current transactions
38 - keep the transaction recovery information in the same file as the
39 database, using a special 'transaction recovery' record pointed at
40 by the header. This removes the need for extra journal files as
41 used by some other databases
43 - dynamically allocated the transaction recover record, re-using it
44 for subsequent transactions. If a larger record is needed then
45 tdb_free() the old record to place it on the normal tdb freelist
46 before allocating the new record
48 - during transactions, keep a linked list of writes all that have
49 been performed by intercepting all tdb_write() calls. The hooked
50 transaction versions of tdb_read() and tdb_write() check this
51 linked list and try to use the elements of the list in preference
54 - don't allow any locks to be held when a transaction starts,
55 otherwise we can end up with deadlock (plus lack of lock nesting
56 in POSIX locks would mean the lock is lost)
58 - if the caller gains a lock during the transaction but doesn't
59 release it then fail the commit
61 - allow for nested calls to tdb_transaction_start(), re-using the
62 existing transaction record. If the inner transaction is canceled
63 then a subsequent commit will fail
65 - keep a mirrored copy of the tdb hash chain heads to allow for the
66 fast hash heads scan on traverse, updating the mirrored copy in
67 the transaction version of tdb_write
69 - allow callers to mix transaction and non-transaction use of tdb,
70 although once a transaction is started then an exclusive lock is
71 gained until the transaction is committed or canceled
73 - the commit stategy involves first saving away all modified data
74 into a linearised buffer in the transaction recovery area, then
75 marking the transaction recovery area with a magic value to
76 indicate a valid recovery record. In total 4 fsync/msync calls are
77 needed per commit to prevent race conditions. It might be possible
78 to reduce this to 3 or even 2 with some more work.
80 - check for a valid recovery record on open of the tdb, while the
81 open lock is held. Automatically recover from the transaction
82 recovery area if needed, then continue with the open as
83 usual. This allows for smooth crash recovery with no administrator
86 - if TDB_NOSYNC is passed to flags in tdb_open then transactions are
87 still available, but no transaction recovery area is used and no
88 fsync/msync calls are made.
92 hold the context of any current transaction
94 struct tdb_transaction {
95 /* the original io methods - used to do IOs to the real db */
96 const struct tdb_methods *io_methods;
98 /* the list of transaction blocks. When a block is first
99 written to, it gets created in this list */
102 size_t last_block_size; /* number of valid bytes in the last block */
104 /* non-zero when an internal transaction error has
105 occurred. All write operations will then fail until the
106 transaction is ended */
107 int transaction_error;
109 /* when inside a transaction we need to keep track of any
110 nested tdb_transaction_start() calls, as these are allowed,
111 but don't create a new transaction */
112 unsigned int nesting;
114 /* set when a prepare has already occurred */
116 tdb_off_t magic_offset;
118 /* old file size before transaction */
119 tdb_len_t old_map_size;
122 /* This doesn't really need to be pagesize, but we use it for similar reasons. */
123 #define PAGESIZE 65536
126 read while in a transaction. We need to check first if the data is in our list
127 of transaction elements, then if not do a real read
129 static enum TDB_ERROR transaction_read(struct tdb_context *tdb, tdb_off_t off,
130 void *buf, tdb_len_t len)
133 enum TDB_ERROR ecode;
135 /* break it down into block sized ops */
136 while (len + (off % PAGESIZE) > PAGESIZE) {
137 tdb_len_t len2 = PAGESIZE - (off % PAGESIZE);
138 ecode = transaction_read(tdb, off, buf, len2);
139 if (ecode != TDB_SUCCESS) {
144 buf = (void *)(len2 + (char *)buf);
151 blk = off / PAGESIZE;
153 /* see if we have it in the block list */
154 if (tdb->tdb2.transaction->num_blocks <= blk ||
155 tdb->tdb2.transaction->blocks[blk] == NULL) {
156 /* nope, do a real read */
157 ecode = tdb->tdb2.transaction->io_methods->tread(tdb, off, buf, len);
158 if (ecode != TDB_SUCCESS) {
164 /* it is in the block list. Now check for the last block */
165 if (blk == tdb->tdb2.transaction->num_blocks-1) {
166 if (len > tdb->tdb2.transaction->last_block_size) {
172 /* now copy it out of this block */
173 memcpy(buf, tdb->tdb2.transaction->blocks[blk] + (off % PAGESIZE), len);
177 tdb->tdb2.transaction->transaction_error = 1;
178 return tdb_logerr(tdb, ecode, TDB_LOG_ERROR,
179 "transaction_read: failed at off=%zu len=%zu",
180 (size_t)off, (size_t)len);
185 write while in a transaction
187 static enum TDB_ERROR transaction_write(struct tdb_context *tdb, tdb_off_t off,
188 const void *buf, tdb_len_t len)
191 enum TDB_ERROR ecode;
193 /* Only a commit is allowed on a prepared transaction */
194 if (tdb->tdb2.transaction->prepared) {
195 ecode = tdb_logerr(tdb, TDB_ERR_EINVAL, TDB_LOG_ERROR,
196 "transaction_write: transaction already"
197 " prepared, write not allowed");
201 /* break it up into block sized chunks */
202 while (len + (off % PAGESIZE) > PAGESIZE) {
203 tdb_len_t len2 = PAGESIZE - (off % PAGESIZE);
204 ecode = transaction_write(tdb, off, buf, len2);
205 if (ecode != TDB_SUCCESS) {
211 buf = (const void *)(len2 + (const char *)buf);
219 blk = off / PAGESIZE;
220 off = off % PAGESIZE;
222 if (tdb->tdb2.transaction->num_blocks <= blk) {
223 uint8_t **new_blocks;
224 /* expand the blocks array */
225 if (tdb->tdb2.transaction->blocks == NULL) {
226 new_blocks = (uint8_t **)malloc(
227 (blk+1)*sizeof(uint8_t *));
229 new_blocks = (uint8_t **)realloc(
230 tdb->tdb2.transaction->blocks,
231 (blk+1)*sizeof(uint8_t *));
233 if (new_blocks == NULL) {
234 ecode = tdb_logerr(tdb, TDB_ERR_OOM, TDB_LOG_ERROR,
236 " failed to allocate");
239 memset(&new_blocks[tdb->tdb2.transaction->num_blocks], 0,
240 (1+(blk - tdb->tdb2.transaction->num_blocks))*sizeof(uint8_t *));
241 tdb->tdb2.transaction->blocks = new_blocks;
242 tdb->tdb2.transaction->num_blocks = blk+1;
243 tdb->tdb2.transaction->last_block_size = 0;
246 /* allocate and fill a block? */
247 if (tdb->tdb2.transaction->blocks[blk] == NULL) {
248 tdb->tdb2.transaction->blocks[blk] = (uint8_t *)calloc(PAGESIZE, 1);
249 if (tdb->tdb2.transaction->blocks[blk] == NULL) {
250 ecode = tdb_logerr(tdb, TDB_ERR_OOM, TDB_LOG_ERROR,
252 " failed to allocate");
255 if (tdb->tdb2.transaction->old_map_size > blk * PAGESIZE) {
256 tdb_len_t len2 = PAGESIZE;
257 if (len2 + (blk * PAGESIZE) > tdb->tdb2.transaction->old_map_size) {
258 len2 = tdb->tdb2.transaction->old_map_size - (blk * PAGESIZE);
260 ecode = tdb->tdb2.transaction->io_methods->tread(tdb,
262 tdb->tdb2.transaction->blocks[blk],
264 if (ecode != TDB_SUCCESS) {
265 ecode = tdb_logerr(tdb, ecode,
269 " read old block: %s",
271 SAFE_FREE(tdb->tdb2.transaction->blocks[blk]);
274 if (blk == tdb->tdb2.transaction->num_blocks-1) {
275 tdb->tdb2.transaction->last_block_size = len2;
280 /* overwrite part of an existing block */
282 memset(tdb->tdb2.transaction->blocks[blk] + off, 0, len);
284 memcpy(tdb->tdb2.transaction->blocks[blk] + off, buf, len);
286 if (blk == tdb->tdb2.transaction->num_blocks-1) {
287 if (len + off > tdb->tdb2.transaction->last_block_size) {
288 tdb->tdb2.transaction->last_block_size = len + off;
295 tdb->tdb2.transaction->transaction_error = 1;
301 write while in a transaction - this variant never expands the transaction blocks, it only
302 updates existing blocks. This means it cannot change the recovery size
304 static void transaction_write_existing(struct tdb_context *tdb, tdb_off_t off,
305 const void *buf, tdb_len_t len)
309 /* break it up into block sized chunks */
310 while (len + (off % PAGESIZE) > PAGESIZE) {
311 tdb_len_t len2 = PAGESIZE - (off % PAGESIZE);
312 transaction_write_existing(tdb, off, buf, len2);
316 buf = (const void *)(len2 + (const char *)buf);
324 blk = off / PAGESIZE;
325 off = off % PAGESIZE;
327 if (tdb->tdb2.transaction->num_blocks <= blk ||
328 tdb->tdb2.transaction->blocks[blk] == NULL) {
332 if (blk == tdb->tdb2.transaction->num_blocks-1 &&
333 off + len > tdb->tdb2.transaction->last_block_size) {
334 if (off >= tdb->tdb2.transaction->last_block_size) {
337 len = tdb->tdb2.transaction->last_block_size - off;
340 /* overwrite part of an existing block */
341 memcpy(tdb->tdb2.transaction->blocks[blk] + off, buf, len);
346 out of bounds check during a transaction
348 static enum TDB_ERROR transaction_oob(struct tdb_context *tdb,
349 tdb_off_t off, tdb_len_t len, bool probe)
351 if ((off + len >= off && off + len <= tdb->file->map_size) || probe) {
355 tdb_logerr(tdb, TDB_ERR_IO, TDB_LOG_ERROR,
356 "tdb_oob len %lld beyond transaction size %lld",
357 (long long)(off + len),
358 (long long)tdb->file->map_size);
363 transaction version of tdb_expand().
365 static enum TDB_ERROR transaction_expand_file(struct tdb_context *tdb,
368 enum TDB_ERROR ecode;
370 /* add a write to the transaction elements, so subsequent
371 reads see the zero data */
372 ecode = transaction_write(tdb, tdb->file->map_size, NULL, addition);
373 if (ecode == TDB_SUCCESS) {
374 tdb->file->map_size += addition;
379 static void *transaction_direct(struct tdb_context *tdb, tdb_off_t off,
380 size_t len, bool write_mode)
382 size_t blk = off / PAGESIZE, end_blk;
384 /* This is wrong for zero-length blocks, but will fail gracefully */
385 end_blk = (off + len - 1) / PAGESIZE;
387 /* Can only do direct if in single block and we've already copied. */
389 tdb->stats.transaction_write_direct++;
391 || blk >= tdb->tdb2.transaction->num_blocks
392 || tdb->tdb2.transaction->blocks[blk] == NULL) {
393 tdb->stats.transaction_write_direct_fail++;
396 return tdb->tdb2.transaction->blocks[blk] + off % PAGESIZE;
399 tdb->stats.transaction_read_direct++;
400 /* Single which we have copied? */
402 && blk < tdb->tdb2.transaction->num_blocks
403 && tdb->tdb2.transaction->blocks[blk])
404 return tdb->tdb2.transaction->blocks[blk] + off % PAGESIZE;
406 /* Otherwise must be all not copied. */
407 while (blk <= end_blk) {
408 if (blk >= tdb->tdb2.transaction->num_blocks)
410 if (tdb->tdb2.transaction->blocks[blk]) {
411 tdb->stats.transaction_read_direct_fail++;
416 return tdb->tdb2.transaction->io_methods->direct(tdb, off, len, false);
419 static const struct tdb_methods transaction_methods = {
423 transaction_expand_file,
430 static enum TDB_ERROR transaction_sync(struct tdb_context *tdb,
431 tdb_off_t offset, tdb_len_t length)
433 if (tdb->flags & TDB_NOSYNC) {
437 if (fsync(tdb->file->fd) != 0) {
438 return tdb_logerr(tdb, TDB_ERR_IO, TDB_LOG_ERROR,
439 "tdb_transaction: fsync failed: %s",
443 if (tdb->file->map_ptr) {
444 tdb_off_t moffset = offset & ~(getpagesize()-1);
445 if (msync(moffset + (char *)tdb->file->map_ptr,
446 length + (offset - moffset), MS_SYNC) != 0) {
447 return tdb_logerr(tdb, TDB_ERR_IO, TDB_LOG_ERROR,
448 "tdb_transaction: msync failed: %s",
457 static void _tdb_transaction_cancel(struct tdb_context *tdb)
460 enum TDB_ERROR ecode;
462 if (tdb->tdb2.transaction == NULL) {
463 tdb_logerr(tdb, TDB_ERR_EINVAL, TDB_LOG_USE_ERROR,
464 "tdb_transaction_cancel: no transaction");
468 if (tdb->tdb2.transaction->nesting != 0) {
469 tdb->tdb2.transaction->transaction_error = 1;
470 tdb->tdb2.transaction->nesting--;
474 tdb->file->map_size = tdb->tdb2.transaction->old_map_size;
476 /* free all the transaction blocks */
477 for (i=0;i<tdb->tdb2.transaction->num_blocks;i++) {
478 if (tdb->tdb2.transaction->blocks[i] != NULL) {
479 free(tdb->tdb2.transaction->blocks[i]);
482 SAFE_FREE(tdb->tdb2.transaction->blocks);
484 if (tdb->tdb2.transaction->magic_offset) {
485 const struct tdb_methods *methods = tdb->tdb2.transaction->io_methods;
486 uint64_t invalid = TDB_RECOVERY_INVALID_MAGIC;
488 /* remove the recovery marker */
489 ecode = methods->twrite(tdb, tdb->tdb2.transaction->magic_offset,
490 &invalid, sizeof(invalid));
491 if (ecode == TDB_SUCCESS)
492 ecode = transaction_sync(tdb,
493 tdb->tdb2.transaction->magic_offset,
495 if (ecode != TDB_SUCCESS) {
496 tdb_logerr(tdb, ecode, TDB_LOG_ERROR,
497 "tdb_transaction_cancel: failed to remove"
502 if (tdb->file->allrecord_lock.count)
503 tdb_allrecord_unlock(tdb, tdb->file->allrecord_lock.ltype);
505 /* restore the normal io methods */
506 tdb->tdb2.io = tdb->tdb2.transaction->io_methods;
508 tdb_transaction_unlock(tdb, F_WRLCK);
510 if (tdb_has_open_lock(tdb))
511 tdb_unlock_open(tdb, F_WRLCK);
513 SAFE_FREE(tdb->tdb2.transaction);
517 start a tdb transaction. No token is returned, as only a single
518 transaction is allowed to be pending per tdb_context
520 enum TDB_ERROR tdb_transaction_start(struct tdb_context *tdb)
522 enum TDB_ERROR ecode;
524 if (tdb->flags & TDB_VERSION1) {
525 if (tdb1_transaction_start(tdb) == -1)
526 return tdb->last_error;
530 tdb->stats.transactions++;
531 /* some sanity checks */
532 if (tdb->flags & TDB_INTERNAL) {
533 return tdb->last_error = tdb_logerr(tdb, TDB_ERR_EINVAL,
535 "tdb_transaction_start:"
541 if (tdb->flags & TDB_RDONLY) {
542 return tdb->last_error = tdb_logerr(tdb, TDB_ERR_RDONLY,
544 "tdb_transaction_start:"
550 /* cope with nested tdb_transaction_start() calls */
551 if (tdb->tdb2.transaction != NULL) {
552 if (!(tdb->flags & TDB_ALLOW_NESTING)) {
553 return tdb->last_error
554 = tdb_logerr(tdb, TDB_ERR_IO,
556 "tdb_transaction_start:"
557 " already inside transaction");
559 tdb->tdb2.transaction->nesting++;
560 tdb->stats.transaction_nest++;
564 if (tdb_has_hash_locks(tdb)) {
565 /* the caller must not have any locks when starting a
566 transaction as otherwise we'll be screwed by lack
567 of nested locks in POSIX */
568 return tdb->last_error = tdb_logerr(tdb, TDB_ERR_LOCK,
570 "tdb_transaction_start:"
572 " transaction with locks"
576 tdb->tdb2.transaction = (struct tdb_transaction *)
577 calloc(sizeof(struct tdb_transaction), 1);
578 if (tdb->tdb2.transaction == NULL) {
579 return tdb->last_error = tdb_logerr(tdb, TDB_ERR_OOM,
581 "tdb_transaction_start:"
585 /* get the transaction write lock. This is a blocking lock. As
586 discussed with Volker, there are a number of ways we could
587 make this async, which we will probably do in the future */
588 ecode = tdb_transaction_lock(tdb, F_WRLCK);
589 if (ecode != TDB_SUCCESS) {
590 SAFE_FREE(tdb->tdb2.transaction->blocks);
591 SAFE_FREE(tdb->tdb2.transaction);
592 return tdb->last_error = ecode;
595 /* get a read lock over entire file. This is upgraded to a write
596 lock during the commit */
597 ecode = tdb_allrecord_lock(tdb, F_RDLCK, TDB_LOCK_WAIT, true);
598 if (ecode != TDB_SUCCESS) {
599 goto fail_allrecord_lock;
602 /* make sure we know about any file expansions already done by
604 tdb->tdb2.io->oob(tdb, tdb->file->map_size, 1, true);
605 tdb->tdb2.transaction->old_map_size = tdb->file->map_size;
607 /* finally hook the io methods, replacing them with
608 transaction specific methods */
609 tdb->tdb2.transaction->io_methods = tdb->tdb2.io;
610 tdb->tdb2.io = &transaction_methods;
611 return tdb->last_error = TDB_SUCCESS;
614 tdb_transaction_unlock(tdb, F_WRLCK);
615 SAFE_FREE(tdb->tdb2.transaction->blocks);
616 SAFE_FREE(tdb->tdb2.transaction);
617 return tdb->last_error = ecode;
622 cancel the current transaction
624 void tdb_transaction_cancel(struct tdb_context *tdb)
626 if (tdb->flags & TDB_VERSION1) {
627 tdb1_transaction_cancel(tdb);
630 tdb->stats.transaction_cancel++;
631 _tdb_transaction_cancel(tdb);
635 work out how much space the linearised recovery data will consume (worst case)
637 static tdb_len_t tdb_recovery_size(struct tdb_context *tdb)
639 tdb_len_t recovery_size = 0;
643 for (i=0;i<tdb->tdb2.transaction->num_blocks;i++) {
644 if (i * PAGESIZE >= tdb->tdb2.transaction->old_map_size) {
647 if (tdb->tdb2.transaction->blocks[i] == NULL) {
650 recovery_size += 2*sizeof(tdb_off_t);
651 if (i == tdb->tdb2.transaction->num_blocks-1) {
652 recovery_size += tdb->tdb2.transaction->last_block_size;
654 recovery_size += PAGESIZE;
658 return recovery_size;
661 static enum TDB_ERROR tdb_recovery_area(struct tdb_context *tdb,
662 const struct tdb_methods *methods,
663 tdb_off_t *recovery_offset,
664 struct tdb_recovery_record *rec)
666 enum TDB_ERROR ecode;
668 *recovery_offset = tdb_read_off(tdb,
669 offsetof(struct tdb_header, recovery));
670 if (TDB_OFF_IS_ERR(*recovery_offset)) {
671 return TDB_OFF_TO_ERR(*recovery_offset);
674 if (*recovery_offset == 0) {
679 ecode = methods->tread(tdb, *recovery_offset, rec, sizeof(*rec));
680 if (ecode != TDB_SUCCESS)
683 tdb_convert(tdb, rec, sizeof(*rec));
684 /* ignore invalid recovery regions: can happen in crash */
685 if (rec->magic != TDB_RECOVERY_MAGIC &&
686 rec->magic != TDB_RECOVERY_INVALID_MAGIC) {
687 *recovery_offset = 0;
693 static unsigned int same(const unsigned char *new,
694 const unsigned char *old,
699 for (i = 0; i < length; i++) {
700 if (new[i] != old[i])
706 static unsigned int different(const unsigned char *new,
707 const unsigned char *old,
709 unsigned int min_same,
710 unsigned int *samelen)
715 for (i = 0; i < length; i++) {
716 if (new[i] == old[i]) {
719 if (*samelen >= min_same) {
726 if (*samelen < min_same)
728 return length - *samelen;
731 /* Allocates recovery blob, without tdb_recovery_record at head set up. */
732 static struct tdb_recovery_record *alloc_recovery(struct tdb_context *tdb,
735 struct tdb_recovery_record *rec;
737 enum TDB_ERROR ecode;
739 const struct tdb_methods *old_methods = tdb->tdb2.io;
741 rec = malloc(sizeof(*rec) + tdb_recovery_size(tdb));
743 tdb_logerr(tdb, TDB_ERR_OOM, TDB_LOG_ERROR,
744 "transaction_setup_recovery:"
746 return TDB_ERR_PTR(TDB_ERR_OOM);
749 /* We temporarily revert to the old I/O methods, so we can use
751 tdb->tdb2.io = tdb->tdb2.transaction->io_methods;
753 /* build the recovery data into a single blob to allow us to do a single
754 large write, which should be more efficient */
755 p = (unsigned char *)(rec + 1);
756 for (i=0;i<tdb->tdb2.transaction->num_blocks;i++) {
760 const unsigned char *buffer;
762 if (tdb->tdb2.transaction->blocks[i] == NULL) {
766 offset = i * PAGESIZE;
768 if (i == tdb->tdb2.transaction->num_blocks-1) {
769 length = tdb->tdb2.transaction->last_block_size;
772 if (offset >= tdb->tdb2.transaction->old_map_size) {
776 if (offset + length > tdb->file->map_size) {
777 ecode = tdb_logerr(tdb, TDB_ERR_CORRUPT, TDB_LOG_ERROR,
778 "tdb_transaction_setup_recovery:"
779 " transaction data over new region"
783 if (offset + length > tdb->tdb2.transaction->old_map_size) {
784 /* Short read at EOF. */
785 length = tdb->tdb2.transaction->old_map_size - offset;
787 buffer = tdb_access_read(tdb, offset, length, false);
788 if (TDB_PTR_IS_ERR(buffer)) {
789 ecode = TDB_PTR_ERR(buffer);
793 /* Skip over anything the same at the start. */
794 off = same(tdb->tdb2.transaction->blocks[i], buffer, length);
797 while (off < length) {
799 unsigned int samelen;
801 len = different(tdb->tdb2.transaction->blocks[i] + off,
802 buffer + off, length - off,
803 sizeof(offset) + sizeof(len) + 1,
806 memcpy(p, &offset, sizeof(offset));
807 memcpy(p + sizeof(offset), &len, sizeof(len));
808 tdb_convert(tdb, p, sizeof(offset) + sizeof(len));
809 p += sizeof(offset) + sizeof(len);
810 memcpy(p, buffer + off, len);
812 off += len + samelen;
813 offset += len + samelen;
815 tdb_access_release(tdb, buffer);
818 *len = p - (unsigned char *)(rec + 1);
819 tdb->tdb2.io = old_methods;
824 tdb->tdb2.io = old_methods;
825 return TDB_ERR_PTR(ecode);
828 static tdb_off_t create_recovery_area(struct tdb_context *tdb,
829 tdb_len_t rec_length,
830 struct tdb_recovery_record *rec)
832 tdb_off_t off, recovery_off;
834 enum TDB_ERROR ecode;
835 const struct tdb_methods *methods = tdb->tdb2.transaction->io_methods;
837 /* round up to a multiple of page size. Overallocate, since each
838 * such allocation forces us to expand the file. */
839 rec->max_len = tdb_expand_adjust(tdb->file->map_size, rec_length);
841 /* Round up to a page. */
842 rec->max_len = ((sizeof(*rec) + rec->max_len + PAGESIZE-1)
846 off = tdb->file->map_size;
848 /* Restore ->map_size before calling underlying expand_file.
849 Also so that we don't try to expand the file again in the
850 transaction commit, which would destroy the recovery
852 addition = (tdb->file->map_size - tdb->tdb2.transaction->old_map_size) +
853 sizeof(*rec) + rec->max_len;
854 tdb->file->map_size = tdb->tdb2.transaction->old_map_size;
855 tdb->stats.transaction_expand_file++;
856 ecode = methods->expand_file(tdb, addition);
857 if (ecode != TDB_SUCCESS) {
858 tdb_logerr(tdb, ecode, TDB_LOG_ERROR,
859 "tdb_recovery_allocate:"
860 " failed to create recovery area");
861 return TDB_ERR_TO_OFF(ecode);
864 /* we have to reset the old map size so that we don't try to
865 expand the file again in the transaction commit, which
866 would destroy the recovery area */
867 tdb->tdb2.transaction->old_map_size = tdb->file->map_size;
869 /* write the recovery header offset and sync - we can sync without a race here
870 as the magic ptr in the recovery record has not been set */
872 tdb_convert(tdb, &recovery_off, sizeof(recovery_off));
873 ecode = methods->twrite(tdb, offsetof(struct tdb_header, recovery),
874 &recovery_off, sizeof(tdb_off_t));
875 if (ecode != TDB_SUCCESS) {
876 tdb_logerr(tdb, ecode, TDB_LOG_ERROR,
877 "tdb_recovery_allocate:"
878 " failed to write recovery head");
879 return TDB_ERR_TO_OFF(ecode);
881 transaction_write_existing(tdb, offsetof(struct tdb_header, recovery),
888 setup the recovery data that will be used on a crash during commit
890 static enum TDB_ERROR transaction_setup_recovery(struct tdb_context *tdb)
892 tdb_len_t recovery_size = 0;
893 tdb_off_t recovery_off = 0;
894 tdb_off_t old_map_size = tdb->tdb2.transaction->old_map_size;
895 struct tdb_recovery_record *recovery;
896 const struct tdb_methods *methods = tdb->tdb2.transaction->io_methods;
898 enum TDB_ERROR ecode;
900 recovery = alloc_recovery(tdb, &recovery_size);
901 if (TDB_PTR_IS_ERR(recovery))
902 return TDB_PTR_ERR(recovery);
904 ecode = tdb_recovery_area(tdb, methods, &recovery_off, recovery);
910 if (recovery->max_len < recovery_size) {
911 /* Not large enough. Free up old recovery area. */
914 ecode = add_free_record(tdb, recovery_off,
917 TDB_LOCK_WAIT, true);
919 if (ecode != TDB_SUCCESS) {
920 return tdb_logerr(tdb, ecode, TDB_LOG_ERROR,
921 "tdb_recovery_allocate:"
922 " failed to free previous"
926 /* Refresh recovery after add_free_record above. */
927 recovery = alloc_recovery(tdb, &recovery_size);
928 if (TDB_PTR_IS_ERR(recovery))
929 return TDB_PTR_ERR(recovery);
932 recovery_off = create_recovery_area(tdb, recovery_size,
934 if (TDB_OFF_IS_ERR(recovery_off)) {
936 return TDB_OFF_TO_ERR(recovery_off);
940 /* Now we know size, convert rec header. */
941 recovery->magic = TDB_RECOVERY_INVALID_MAGIC;
942 recovery->len = recovery_size;
943 recovery->eof = old_map_size;
944 tdb_convert(tdb, recovery, sizeof(*recovery));
946 /* write the recovery data to the recovery area */
947 ecode = methods->twrite(tdb, recovery_off, recovery, recovery_size);
948 if (ecode != TDB_SUCCESS) {
950 return tdb_logerr(tdb, ecode, TDB_LOG_ERROR,
951 "tdb_transaction_setup_recovery:"
952 " failed to write recovery data");
954 transaction_write_existing(tdb, recovery_off, recovery, recovery_size);
958 /* as we don't have ordered writes, we have to sync the recovery
959 data before we update the magic to indicate that the recovery
961 ecode = transaction_sync(tdb, recovery_off, recovery_size);
962 if (ecode != TDB_SUCCESS)
965 magic = TDB_RECOVERY_MAGIC;
966 tdb_convert(tdb, &magic, sizeof(magic));
968 tdb->tdb2.transaction->magic_offset
969 = recovery_off + offsetof(struct tdb_recovery_record, magic);
971 ecode = methods->twrite(tdb, tdb->tdb2.transaction->magic_offset,
972 &magic, sizeof(magic));
973 if (ecode != TDB_SUCCESS) {
974 return tdb_logerr(tdb, ecode, TDB_LOG_ERROR,
975 "tdb_transaction_setup_recovery:"
976 " failed to write recovery magic");
978 transaction_write_existing(tdb, tdb->tdb2.transaction->magic_offset,
979 &magic, sizeof(magic));
981 /* ensure the recovery magic marker is on disk */
982 return transaction_sync(tdb, tdb->tdb2.transaction->magic_offset,
986 static enum TDB_ERROR _tdb_transaction_prepare_commit(struct tdb_context *tdb)
988 const struct tdb_methods *methods;
989 enum TDB_ERROR ecode;
991 if (tdb->tdb2.transaction == NULL) {
992 return tdb_logerr(tdb, TDB_ERR_EINVAL, TDB_LOG_USE_ERROR,
993 "tdb_transaction_prepare_commit:"
997 if (tdb->tdb2.transaction->prepared) {
998 _tdb_transaction_cancel(tdb);
999 return tdb_logerr(tdb, TDB_ERR_EINVAL, TDB_LOG_USE_ERROR,
1000 "tdb_transaction_prepare_commit:"
1001 " transaction already prepared");
1004 if (tdb->tdb2.transaction->transaction_error) {
1005 _tdb_transaction_cancel(tdb);
1006 return tdb_logerr(tdb, TDB_ERR_EINVAL, TDB_LOG_ERROR,
1007 "tdb_transaction_prepare_commit:"
1008 " transaction error pending");
1012 if (tdb->tdb2.transaction->nesting != 0) {
1016 /* check for a null transaction */
1017 if (tdb->tdb2.transaction->blocks == NULL) {
1021 methods = tdb->tdb2.transaction->io_methods;
1023 /* upgrade the main transaction lock region to a write lock */
1024 ecode = tdb_allrecord_upgrade(tdb, TDB_HASH_LOCK_START);
1025 if (ecode != TDB_SUCCESS) {
1029 /* get the open lock - this prevents new users attaching to the database
1030 during the commit */
1031 ecode = tdb_lock_open(tdb, F_WRLCK, TDB_LOCK_WAIT|TDB_LOCK_NOCHECK);
1032 if (ecode != TDB_SUCCESS) {
1036 /* Since we have whole db locked, we don't need the expansion lock. */
1037 if (!(tdb->flags & TDB_NOSYNC)) {
1038 /* Sets up tdb->tdb2.transaction->recovery and
1039 * tdb->tdb2.transaction->magic_offset. */
1040 ecode = transaction_setup_recovery(tdb);
1041 if (ecode != TDB_SUCCESS) {
1046 tdb->tdb2.transaction->prepared = true;
1048 /* expand the file to the new size if needed */
1049 if (tdb->file->map_size != tdb->tdb2.transaction->old_map_size) {
1052 add = tdb->file->map_size - tdb->tdb2.transaction->old_map_size;
1053 /* Restore original map size for tdb_expand_file */
1054 tdb->file->map_size = tdb->tdb2.transaction->old_map_size;
1055 ecode = methods->expand_file(tdb, add);
1056 if (ecode != TDB_SUCCESS) {
1061 /* Keep the open lock until the actual commit */
1066 prepare to commit the current transaction
1068 enum TDB_ERROR tdb_transaction_prepare_commit(struct tdb_context *tdb)
1070 if (tdb->flags & TDB_VERSION1) {
1071 if (tdb1_transaction_prepare_commit(tdb) == -1)
1072 return tdb->last_error;
1075 return tdb->last_error = _tdb_transaction_prepare_commit(tdb);
1079 commit the current transaction
1081 enum TDB_ERROR tdb_transaction_commit(struct tdb_context *tdb)
1083 const struct tdb_methods *methods;
1085 enum TDB_ERROR ecode;
1087 if (tdb->flags & TDB_VERSION1) {
1088 if (tdb1_transaction_commit(tdb) == -1)
1089 return tdb->last_error;
1093 if (tdb->tdb2.transaction == NULL) {
1094 return tdb->last_error = tdb_logerr(tdb, TDB_ERR_EINVAL,
1096 "tdb_transaction_commit:"
1100 tdb_trace(tdb, "tdb_transaction_commit");
1102 if (tdb->tdb2.transaction->nesting != 0) {
1103 tdb->tdb2.transaction->nesting--;
1104 return tdb->last_error = TDB_SUCCESS;
1107 /* check for a null transaction */
1108 if (tdb->tdb2.transaction->blocks == NULL) {
1109 _tdb_transaction_cancel(tdb);
1110 return tdb->last_error = TDB_SUCCESS;
1113 if (!tdb->tdb2.transaction->prepared) {
1114 ecode = _tdb_transaction_prepare_commit(tdb);
1115 if (ecode != TDB_SUCCESS) {
1116 _tdb_transaction_cancel(tdb);
1117 return tdb->last_error = ecode;
1121 methods = tdb->tdb2.transaction->io_methods;
1123 /* perform all the writes */
1124 for (i=0;i<tdb->tdb2.transaction->num_blocks;i++) {
1128 if (tdb->tdb2.transaction->blocks[i] == NULL) {
1132 offset = i * PAGESIZE;
1134 if (i == tdb->tdb2.transaction->num_blocks-1) {
1135 length = tdb->tdb2.transaction->last_block_size;
1138 ecode = methods->twrite(tdb, offset,
1139 tdb->tdb2.transaction->blocks[i], length);
1140 if (ecode != TDB_SUCCESS) {
1141 /* we've overwritten part of the data and
1142 possibly expanded the file, so we need to
1143 run the crash recovery code */
1144 tdb->tdb2.io = methods;
1145 tdb_transaction_recover(tdb);
1147 _tdb_transaction_cancel(tdb);
1149 return tdb->last_error = ecode;
1151 SAFE_FREE(tdb->tdb2.transaction->blocks[i]);
1154 SAFE_FREE(tdb->tdb2.transaction->blocks);
1155 tdb->tdb2.transaction->num_blocks = 0;
1157 /* ensure the new data is on disk */
1158 ecode = transaction_sync(tdb, 0, tdb->file->map_size);
1159 if (ecode != TDB_SUCCESS) {
1160 return tdb->last_error = ecode;
1164 TODO: maybe write to some dummy hdr field, or write to magic
1165 offset without mmap, before the last sync, instead of the
1169 /* on some systems (like Linux 2.6.x) changes via mmap/msync
1170 don't change the mtime of the file, this means the file may
1171 not be backed up (as tdb rounding to block sizes means that
1172 file size changes are quite rare too). The following forces
1173 mtime changes when a transaction completes */
1175 utime(tdb->name, NULL);
1178 /* use a transaction cancel to free memory and remove the
1179 transaction locks: it "restores" map_size, too. */
1180 tdb->tdb2.transaction->old_map_size = tdb->file->map_size;
1181 _tdb_transaction_cancel(tdb);
1183 return tdb->last_error = TDB_SUCCESS;
1188 recover from an aborted transaction. Must be called with exclusive
1189 database write access already established (including the open
1190 lock to prevent new processes attaching)
1192 enum TDB_ERROR tdb_transaction_recover(struct tdb_context *tdb)
1194 tdb_off_t recovery_head, recovery_eof;
1195 unsigned char *data, *p;
1196 struct tdb_recovery_record rec;
1197 enum TDB_ERROR ecode;
1199 /* find the recovery area */
1200 recovery_head = tdb_read_off(tdb, offsetof(struct tdb_header,recovery));
1201 if (TDB_OFF_IS_ERR(recovery_head)) {
1202 ecode = TDB_OFF_TO_ERR(recovery_head);
1203 return tdb_logerr(tdb, ecode, TDB_LOG_ERROR,
1204 "tdb_transaction_recover:"
1205 " failed to read recovery head");
1208 if (recovery_head == 0) {
1209 /* we have never allocated a recovery record */
1213 /* read the recovery record */
1214 ecode = tdb_read_convert(tdb, recovery_head, &rec, sizeof(rec));
1215 if (ecode != TDB_SUCCESS) {
1216 return tdb_logerr(tdb, ecode, TDB_LOG_ERROR,
1217 "tdb_transaction_recover:"
1218 " failed to read recovery record");
1221 if (rec.magic != TDB_RECOVERY_MAGIC) {
1222 /* there is no valid recovery data */
1226 if (tdb->flags & TDB_RDONLY) {
1227 return tdb_logerr(tdb, TDB_ERR_CORRUPT, TDB_LOG_ERROR,
1228 "tdb_transaction_recover:"
1229 " attempt to recover read only database");
1232 recovery_eof = rec.eof;
1234 data = (unsigned char *)malloc(rec.len);
1236 return tdb_logerr(tdb, TDB_ERR_OOM, TDB_LOG_ERROR,
1237 "tdb_transaction_recover:"
1238 " failed to allocate recovery data");
1241 /* read the full recovery data */
1242 ecode = tdb->tdb2.io->tread(tdb, recovery_head + sizeof(rec), data,
1244 if (ecode != TDB_SUCCESS) {
1245 return tdb_logerr(tdb, ecode, TDB_LOG_ERROR,
1246 "tdb_transaction_recover:"
1247 " failed to read recovery data");
1250 /* recover the file data */
1252 while (p+sizeof(tdb_off_t)+sizeof(tdb_len_t) < data + rec.len) {
1255 tdb_convert(tdb, p, sizeof(ofs) + sizeof(len));
1256 memcpy(&ofs, p, sizeof(ofs));
1257 memcpy(&len, p + sizeof(ofs), sizeof(len));
1258 p += sizeof(ofs) + sizeof(len);
1260 ecode = tdb->tdb2.io->twrite(tdb, ofs, p, len);
1261 if (ecode != TDB_SUCCESS) {
1263 return tdb_logerr(tdb, ecode, TDB_LOG_ERROR,
1264 "tdb_transaction_recover:"
1265 " failed to recover %zu bytes"
1267 (size_t)len, (size_t)ofs);
1274 ecode = transaction_sync(tdb, 0, tdb->file->map_size);
1275 if (ecode != TDB_SUCCESS) {
1276 return tdb_logerr(tdb, ecode, TDB_LOG_ERROR,
1277 "tdb_transaction_recover:"
1278 " failed to sync recovery");
1281 /* if the recovery area is after the recovered eof then remove it */
1282 if (recovery_eof <= recovery_head) {
1283 ecode = tdb_write_off(tdb, offsetof(struct tdb_header,
1286 if (ecode != TDB_SUCCESS) {
1287 return tdb_logerr(tdb, ecode, TDB_LOG_ERROR,
1288 "tdb_transaction_recover:"
1289 " failed to remove recovery head");
1293 /* remove the recovery magic */
1294 ecode = tdb_write_off(tdb,
1296 + offsetof(struct tdb_recovery_record, magic),
1297 TDB_RECOVERY_INVALID_MAGIC);
1298 if (ecode != TDB_SUCCESS) {
1299 return tdb_logerr(tdb, ecode, TDB_LOG_ERROR,
1300 "tdb_transaction_recover:"
1301 " failed to remove recovery magic");
1304 ecode = transaction_sync(tdb, 0, recovery_eof);
1305 if (ecode != TDB_SUCCESS) {
1306 return tdb_logerr(tdb, ecode, TDB_LOG_ERROR,
1307 "tdb_transaction_recover:"
1308 " failed to sync2 recovery");
1311 tdb_logerr(tdb, TDB_SUCCESS, TDB_LOG_WARNING,
1312 "tdb_transaction_recover: recovered %zu byte database",
1313 (size_t)recovery_eof);
1319 tdb_bool_err tdb_needs_recovery(struct tdb_context *tdb)
1321 tdb_off_t recovery_head;
1322 struct tdb_recovery_record rec;
1323 enum TDB_ERROR ecode;
1325 /* find the recovery area */
1326 recovery_head = tdb_read_off(tdb, offsetof(struct tdb_header,recovery));
1327 if (TDB_OFF_IS_ERR(recovery_head)) {
1328 return recovery_head;
1331 if (recovery_head == 0) {
1332 /* we have never allocated a recovery record */
1336 /* read the recovery record */
1337 ecode = tdb_read_convert(tdb, recovery_head, &rec, sizeof(rec));
1338 if (ecode != TDB_SUCCESS) {
1339 return TDB_ERR_TO_OFF(ecode);
1342 return (rec.magic == TDB_RECOVERY_MAGIC);
projects / ccan / blob