5a16dbf42798e0d351b6fe0f5c424e00703936a9
[ccan] / ccan / tdb2 / check.c
1  /* 
2    Trivial Database 2: free list/block handling
3    Copyright (C) Rusty Russell 2010
4    
5    This library is free software; you can redistribute it and/or
6    modify it under the terms of the GNU Lesser General Public
7    License as published by the Free Software Foundation; either
8    version 3 of the License, or (at your option) any later version.
9
10    This library is distributed in the hope that it will be useful,
11    but WITHOUT ANY WARRANTY; without even the implied warranty of
12    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
13    Lesser General Public License for more details.
14
15    You should have received a copy of the GNU Lesser General Public
16    License along with this library; if not, see <http://www.gnu.org/licenses/>.
17 */
18 #include "private.h"
19 #include <ccan/likely/likely.h>
20 #include <ccan/asearch/asearch.h>
21
22 /* We keep an ordered array of offsets. */
23 static bool append(tdb_off_t **arr, size_t *num, tdb_off_t off)
24 {
25         tdb_off_t *new = realloc(*arr, (*num + 1) * sizeof(tdb_off_t));
26         if (!new)
27                 return false;
28         new[(*num)++] = off;
29         *arr = new;
30         return true;
31 }
32
33 static bool check_header(struct tdb_context *tdb)
34 {
35         uint64_t hash_test;
36         struct tdb_header hdr;
37
38         if (tdb_read_convert(tdb, 0, &hdr, sizeof(hdr)) == -1)
39                 return false;
40         /* magic food should not be converted, so convert back. */
41         tdb_convert(tdb, hdr.magic_food, sizeof(hdr.magic_food));
42
43         hash_test = TDB_HASH_MAGIC;
44         hash_test = tdb_hash(tdb, &hash_test, sizeof(hash_test));
45         if (hdr.hash_test != hash_test) {
46                 tdb->log(tdb, TDB_DEBUG_ERROR, tdb->log_priv,
47                          "check: hash test %llu should be %llu\n",
48                          (long long)hdr.hash_test,
49                          (long long)hash_test);
50                 return false;
51         }
52
53         if (strcmp(hdr.magic_food, TDB_MAGIC_FOOD) != 0) {
54                 tdb->log(tdb, TDB_DEBUG_ERROR, tdb->log_priv,
55                          "check: bad magic '%.*s'\n",
56                          (unsigned)sizeof(hdr.magic_food), hdr.magic_food);
57                 return false;
58         }
59
60         /* Don't check reserved: they *can* be used later. */
61         return true;
62 }
63
64 static bool check_hash_tree(struct tdb_context *tdb,
65                             tdb_off_t off, unsigned int group_bits,
66                             uint64_t hprefix,
67                             unsigned hprefix_bits,
68                             tdb_off_t used[],
69                             size_t num_used,
70                             size_t *num_found);
71
72 static bool check_hash_record(struct tdb_context *tdb,
73                               tdb_off_t off,
74                               uint64_t hprefix,
75                               unsigned hprefix_bits,
76                               tdb_off_t used[],
77                               size_t num_used,
78                               size_t *num_found)
79 {
80         struct tdb_used_record rec;
81
82         if (tdb_read_convert(tdb, off, &rec, sizeof(rec)) == -1)
83                 return false;
84
85         if (rec_data_length(&rec)
86             != sizeof(tdb_off_t) << TDB_SUBLEVEL_HASH_BITS) {
87                 tdb->log(tdb, TDB_DEBUG_ERROR, tdb->log_priv,
88                          "tdb_check: Bad hash table length %llu vs %llu\n",
89                          (long long)rec_data_length(&rec),
90                          (long long)sizeof(tdb_off_t)<<TDB_SUBLEVEL_HASH_BITS);
91                 return false;
92         }
93         if (rec_key_length(&rec) != 0) {
94                 tdb->log(tdb, TDB_DEBUG_ERROR, tdb->log_priv,
95                          "tdb_check: Bad hash table key length %llu\n",
96                          (long long)rec_key_length(&rec));
97                 return false;
98         }
99         if (rec_hash(&rec) != 0) {
100                 tdb->log(tdb, TDB_DEBUG_ERROR, tdb->log_priv,
101                          "tdb_check: Bad hash table hash value %llu\n",
102                          (long long)rec_hash(&rec));
103                 return false;
104         }
105
106         off += sizeof(rec);
107         return check_hash_tree(tdb, off,
108                                TDB_SUBLEVEL_HASH_BITS-TDB_HASH_GROUP_BITS,
109                                hprefix, hprefix_bits,
110                                used, num_used, num_found);
111 }
112
113 static int off_cmp(const tdb_off_t *a, const tdb_off_t *b)
114 {
115         /* Can overflow an int. */
116         return *a > *b ? 1
117                 : *a < *b ? -1
118                 : 0;
119 }
120
121 static uint64_t get_bits(uint64_t h, unsigned num, unsigned *used)
122 {
123         *used += num;
124
125         return (h >> (64 - *used)) & ((1U << num) - 1);
126 }
127
128 static bool check_hash_tree(struct tdb_context *tdb,
129                             tdb_off_t off, unsigned int group_bits,
130                             uint64_t hprefix,
131                             unsigned hprefix_bits,
132                             tdb_off_t used[],
133                             size_t num_used,
134                             size_t *num_found)
135 {
136         unsigned int g, b;
137         const tdb_off_t *hash;
138         struct tdb_used_record rec;
139
140         hash = tdb_access_read(tdb, off,
141                                sizeof(tdb_off_t)
142                                << (group_bits + TDB_HASH_GROUP_BITS),
143                                true);
144         if (!hash)
145                 return false;
146
147         for (g = 0; g < (1 << group_bits); g++) {
148                 const tdb_off_t *group = hash + (g << TDB_HASH_GROUP_BITS);
149                 for (b = 0; b < (1 << TDB_HASH_GROUP_BITS); b++) {
150                         unsigned int bucket, i, used_bits;
151                         uint64_t h;
152                         tdb_off_t *p;
153                         if (group[b] == 0)
154                                 continue;
155
156                         off = group[b] & TDB_OFF_MASK;
157                         p = asearch(&off, used, num_used, off_cmp);
158                         if (!p) {
159                                 tdb->log(tdb, TDB_DEBUG_ERROR, tdb->log_priv,
160                                          "tdb_check: Invalid offset %llu "
161                                          "in hash\n",
162                                          (long long)off);
163                                 goto fail;
164                         }
165                         /* Mark it invalid. */
166                         *p ^= 1;
167                         (*num_found)++;
168
169                         if (is_subhash(group[b])) {
170                                 uint64_t subprefix;
171                                 subprefix = (hprefix 
172                                      << (group_bits + TDB_HASH_GROUP_BITS))
173                                         + g * (1 << TDB_HASH_GROUP_BITS) + b;
174
175                                 if (!check_hash_record(tdb,
176                                                group[b] & TDB_OFF_MASK,
177                                                subprefix,
178                                                hprefix_bits
179                                                        + group_bits
180                                                        + TDB_HASH_GROUP_BITS,
181                                                used, num_used, num_found))
182                                         goto fail;
183                                 continue;
184                         }
185                         /* A normal entry */
186
187                         /* Does it belong here at all? */
188                         h = hash_record(tdb, off);
189                         used_bits = 0;
190                         if (get_bits(h, hprefix_bits, &used_bits) != hprefix
191                             && hprefix_bits) {
192                                 tdb->log(tdb, TDB_DEBUG_ERROR, tdb->log_priv,
193                                          "check: bad hash placement"
194                                          " 0x%llx vs 0x%llx\n",
195                                          (long long)h, (long long)hprefix);
196                                 goto fail;
197                         }
198
199                         /* Does it belong in this group? */
200                         if (get_bits(h, group_bits, &used_bits) != g) {
201                                 tdb->log(tdb, TDB_DEBUG_ERROR, tdb->log_priv,
202                                          "check: bad group %llu vs %u\n",
203                                          (long long)h, g);
204                                 goto fail;
205                         }
206
207                         /* Are bucket bits correct? */
208                         bucket = group[b] & TDB_OFF_HASH_GROUP_MASK;
209                         if (get_bits(h, TDB_HASH_GROUP_BITS, &used_bits)
210                             != bucket) {
211                                 used_bits -= TDB_HASH_GROUP_BITS;
212                                 tdb->log(tdb, TDB_DEBUG_ERROR, tdb->log_priv,
213                                          "check: bad bucket %u vs %u\n",
214                                          (unsigned)get_bits(h,
215                                                             TDB_HASH_GROUP_BITS,
216                                                             &used_bits),
217                                          bucket);
218                                 goto fail;
219                         }
220
221                         /* There must not be any zero entries between
222                          * the bucket it belongs in and this one! */
223                         for (i = bucket;
224                              i != b;
225                              i = (i + 1) % (1 << TDB_HASH_GROUP_BITS)) {
226                                 if (group[i] == 0) {
227                                         tdb->log(tdb, TDB_DEBUG_ERROR,
228                                                  tdb->log_priv,
229                                                  "check: bad group placement"
230                                                  " %u vs %u\n",
231                                                  b, bucket);
232                                         goto fail;
233                                 }
234                         }
235
236                         if (tdb_read_convert(tdb, off, &rec, sizeof(rec)) == -1)
237                                 goto fail;
238
239                         /* Bottom bits must match header. */
240                         if ((h & ((1 << 5)-1)) != rec_hash(&rec)) {
241                                 tdb->log(tdb, TDB_DEBUG_ERROR, tdb->log_priv,
242                                          "tdb_check: Bad hash magic at"
243                                          " offset %llu (0x%llx vs 0x%llx)\n",
244                                          (long long)off,
245                                          (long long)h,
246                                          (long long)rec_hash(&rec));
247                                 goto fail;
248                         }
249                 }
250         }
251         tdb_access_release(tdb, hash);
252         return true;
253
254 fail:
255         tdb_access_release(tdb, hash);
256         return false;
257 }
258
259 static bool check_hash(struct tdb_context *tdb,
260                        tdb_off_t used[],
261                        size_t num_used)
262 {
263         size_t num_found = 0;
264
265         if (!check_hash_tree(tdb, offsetof(struct tdb_header, hashtable),
266                              TDB_TOPLEVEL_HASH_BITS-TDB_HASH_GROUP_BITS,
267                              0, 0, used, num_used, &num_found))
268                 return false;
269
270         if (num_found != num_used) {
271                 tdb->log(tdb, TDB_DEBUG_ERROR, tdb->log_priv,
272                          "tdb_check: Not all entries are in hash\n");
273                 return false;
274         }
275         return true;
276 }
277
278 static bool check_free(struct tdb_context *tdb,
279                        tdb_off_t off,
280                        const struct tdb_free_record *frec,
281                        tdb_off_t prev,
282                        tdb_off_t zone_off, unsigned int bucket)
283 {
284         if (frec_magic(frec) != TDB_FREE_MAGIC) {
285                 tdb->log(tdb, TDB_DEBUG_ERROR, tdb->log_priv,
286                          "tdb_check: offset %llu bad magic 0x%llx\n",
287                          (long long)off, (long long)frec->magic_and_meta);
288                 return false;
289         }
290         if (tdb->methods->oob(tdb, off
291                               + frec->data_len+sizeof(struct tdb_used_record),
292                               false))
293                 return false;
294         if (off < zone_off || off >= zone_off + (1ULL<<frec_zone_bits(frec))) {
295                 tdb->log(tdb, TDB_DEBUG_ERROR, tdb->log_priv,
296                          "tdb_check: offset %llu outside zone %llu-%llu\n",
297                          (long long)off,
298                          (long long)zone_off,
299                          (long long)zone_off + (1ULL<<frec_zone_bits(frec)));
300                 return false;
301         }
302         if (size_to_bucket(frec_zone_bits(frec), frec->data_len) != bucket) {
303                 tdb->log(tdb, TDB_DEBUG_ERROR, tdb->log_priv,
304                          "tdb_check: offset %llu in wrong bucket %u vs %u\n",
305                          (long long)off,
306                          bucket,
307                          size_to_bucket(frec_zone_bits(frec), frec->data_len));
308                 return false;
309         }
310         if (prev != frec->prev) {
311                 tdb->log(tdb, TDB_DEBUG_ERROR, tdb->log_priv,
312                          "tdb_check: offset %llu bad prev %llu vs %llu\n",
313                          (long long)off,
314                          (long long)prev, (long long)frec->prev);
315                 return false;
316         }
317         return true;
318 }
319                        
320 static tdb_len_t check_free_list(struct tdb_context *tdb,
321                                  tdb_off_t zone_off,
322                                  tdb_off_t free[],
323                                  size_t num_free,
324                                  size_t *num_found)
325 {
326         struct free_zone_header zhdr;
327         tdb_off_t h;
328         unsigned int i;
329
330         if (tdb_read_convert(tdb, zone_off, &zhdr, sizeof(zhdr)) == -1)
331                 return TDB_OFF_ERR;
332
333         for (i = 0; i <= BUCKETS_FOR_ZONE(zhdr.zone_bits); i++) {
334                 tdb_off_t off, prev = 0, *p;
335                 struct tdb_free_record f;
336
337                 h = bucket_off(zone_off, i);
338                 for (off = tdb_read_off(tdb, h); off; off = f.next) {
339                         if (off == TDB_OFF_ERR)
340                                 return TDB_OFF_ERR;
341                         if (tdb_read_convert(tdb, off, &f, sizeof(f)))
342                                 return TDB_OFF_ERR;
343                         if (!check_free(tdb, off, &f, prev, zone_off, i))
344                                 return TDB_OFF_ERR;
345
346                         /* FIXME: Check hash bits */
347                         p = asearch(&off, free, num_free, off_cmp);
348                         if (!p) {
349                                 tdb->log(tdb, TDB_DEBUG_ERROR,
350                                          tdb->log_priv,
351                                          "tdb_check: Invalid offset"
352                                          " %llu in free table\n",
353                                          (long long)off);
354                                 return TDB_OFF_ERR;
355                         }
356                         /* Mark it invalid. */
357                         *p ^= 1;
358                         (*num_found)++;
359                         prev = off;
360                 }
361         }
362         return 1ULL << zhdr.zone_bits;
363 }
364
365 static tdb_off_t check_zone(struct tdb_context *tdb, tdb_off_t zone_off,
366                             tdb_off_t **used, size_t *num_used,
367                             tdb_off_t **free, size_t *num_free,
368                             unsigned int *max_zone_bits)
369 {
370         struct free_zone_header zhdr;
371         tdb_off_t off, hdrlen, end;
372         tdb_len_t len;
373
374         if (tdb_read_convert(tdb, zone_off, &zhdr, sizeof(zhdr)) == -1)
375                 return TDB_OFF_ERR;
376
377         if (zhdr.zone_bits < INITIAL_ZONE_BITS) {
378                 tdb->log(tdb, TDB_DEBUG_ERROR, tdb->log_priv,
379                          "check: bad zone_bits %llu at zone %llu\n",
380                          (long long)zhdr.zone_bits, (long long)zone_off);
381                 return TDB_OFF_ERR;
382         }
383
384         /* Zone bits can only increase... */
385         if (zhdr.zone_bits > *max_zone_bits)
386                 *max_zone_bits = zhdr.zone_bits;
387         else if (zhdr.zone_bits < *max_zone_bits) {
388                 tdb->log(tdb, TDB_DEBUG_ERROR, tdb->log_priv,
389                          "check: small zone_bits %llu at zone %llu\n",
390                          (long long)zhdr.zone_bits, (long long)zone_off);
391                 return TDB_OFF_ERR;
392         }
393
394         /* Zone header must be within file! */
395         hdrlen = sizeof(zhdr)
396                 + (BUCKETS_FOR_ZONE(zhdr.zone_bits) + 1) * sizeof(tdb_off_t);
397
398         if (tdb->methods->oob(tdb, zone_off + hdrlen, true))
399                 return TDB_OFF_ERR;
400
401         end = zone_off + (1ULL << zhdr.zone_bits);
402         if (end > tdb->map_size)
403                 end = tdb->map_size;
404
405         for (off = zone_off + hdrlen; off < end; off += len) {
406                 union {
407                         struct tdb_used_record u;
408                         struct tdb_free_record f;
409                 } pad, *p;
410                 p = tdb_get(tdb, off, &pad, sizeof(pad));
411                 if (!p)
412                         return TDB_OFF_ERR;
413                 if (frec_magic(&p->f) == TDB_FREE_MAGIC
414                     || frec_magic(&p->f) == TDB_COALESCING_MAGIC) {
415                         if (frec_zone_bits(&p->f) != zhdr.zone_bits) {
416                                 tdb->log(tdb, TDB_DEBUG_ERROR, tdb->log_priv,
417                                          "tdb_check: Bad free zone bits %u"
418                                          " at offset %llu\n",
419                                          frec_zone_bits(&p->f),
420                                          (long long)off);
421                                 return TDB_OFF_ERR;
422                         }
423                         len = sizeof(p->u) + p->f.data_len;
424                         if (off + len > zone_off + (1ULL << zhdr.zone_bits)) {
425                                 tdb->log(tdb, TDB_DEBUG_ERROR, tdb->log_priv,
426                                          "tdb_check: free overlength %llu"
427                                          " at offset %llu\n",
428                                          (long long)len, (long long)off);
429                                 return TDB_OFF_ERR;
430                         }
431                         /* This record is free! */
432                         if (frec_magic(&p->f) == TDB_FREE_MAGIC
433                             && !append(free, num_free, off))
434                                 return TDB_OFF_ERR;
435                 } else {
436                         uint64_t klen, dlen, extra;
437
438                         /* This record is used! */
439                         if (rec_magic(&p->u) != TDB_MAGIC) {
440                                 tdb->log(tdb, TDB_DEBUG_ERROR, tdb->log_priv,
441                                          "tdb_check: Bad magic 0x%llx"
442                                          " at offset %llu\n",
443                                          (long long)rec_magic(&p->u),
444                                          (long long)off);
445                                 return TDB_OFF_ERR;
446                         }
447
448                         if (rec_zone_bits(&p->u) != zhdr.zone_bits) {
449                                 tdb->log(tdb, TDB_DEBUG_ERROR, tdb->log_priv,
450                                          "tdb_check: Bad zone bits %u"
451                                          " at offset %llu\n",
452                                          rec_zone_bits(&p->u),
453                                          (long long)off);
454                                 return TDB_OFF_ERR;
455                         }
456                         
457                         if (!append(used, num_used, off))
458                                 return TDB_OFF_ERR;
459
460                         klen = rec_key_length(&p->u);
461                         dlen = rec_data_length(&p->u);
462                         extra = rec_extra_padding(&p->u);
463
464                         len = sizeof(p->u) + klen + dlen + extra;
465                         if (off + len > zone_off + (1ULL << zhdr.zone_bits)) {
466                                 tdb->log(tdb, TDB_DEBUG_ERROR, tdb->log_priv,
467                                          "tdb_check: used overlength %llu"
468                                          " at offset %llu\n",
469                                          (long long)len, (long long)off);
470                                 return TDB_OFF_ERR;
471                         }
472
473                         if (len < sizeof(p->f)) {
474                                 tdb->log(tdb, TDB_DEBUG_ERROR, tdb->log_priv,
475                                          "tdb_check: too short record %llu at"
476                                          " %llu\n",
477                                          (long long)len, (long long)off);
478                                 return TDB_OFF_ERR;
479                         }
480                 }
481         }
482         return off - zone_off;
483 }
484
485 /* FIXME: call check() function. */
486 int tdb_check(struct tdb_context *tdb,
487               int (*check)(TDB_DATA key, TDB_DATA data, void *private_data),
488               void *private_data)
489 {
490         tdb_off_t *free = NULL, *used = NULL, off;
491         tdb_len_t len;
492         size_t num_free = 0, num_used = 0, num_found = 0;
493         unsigned max_zone_bits = INITIAL_ZONE_BITS;
494
495         if (tdb_allrecord_lock(tdb, F_RDLCK, TDB_LOCK_WAIT, false) != 0)
496                 return -1;
497
498         if (tdb_lock_expand(tdb, F_RDLCK) != 0) {
499                 tdb_allrecord_unlock(tdb, F_RDLCK);
500                 return -1;
501         }
502
503         if (!check_header(tdb))
504                 goto fail;
505
506         /* First we do a linear scan, checking all records. */
507         for (off = sizeof(struct tdb_header);
508              off < tdb->map_size;
509              off += len) {
510                 len = check_zone(tdb, off, &used, &num_used, &free, &num_free,
511                                  &max_zone_bits);
512                 if (len == TDB_OFF_ERR)
513                         goto fail;
514         }
515
516         /* FIXME: Check key uniqueness? */
517         if (!check_hash(tdb, used, num_used))
518                 goto fail;
519
520         for (off = sizeof(struct tdb_header);
521              off < tdb->map_size - 1;
522              off += len) {
523                 len = check_free_list(tdb, off, free, num_free, &num_found);
524                 if (len == TDB_OFF_ERR)
525                         goto fail;
526         }
527         if (num_found != num_free) {
528                 tdb->log(tdb, TDB_DEBUG_ERROR, tdb->log_priv,
529                          "tdb_check: Not all entries are in free table\n");
530                 return false;
531         }
532
533         tdb_allrecord_unlock(tdb, F_RDLCK);
534         tdb_unlock_expand(tdb, F_RDLCK);
535         return 0;
536
537 fail:
538         tdb_allrecord_unlock(tdb, F_RDLCK);
539         tdb_unlock_expand(tdb, F_RDLCK);
540         return -1;
541 }