2 Unix SMB/CIFS implementation.
4 trivial database library
6 Copyright (C) Andrew Tridgell 2005
7 Copyright (C) Rusty Russell 2010
9 ** NOTE! The following LGPL license applies to the tdb
10 ** library. This does NOT imply that all of Samba is released
13 This library is free software; you can redistribute it and/or
14 modify it under the terms of the GNU Lesser General Public
15 License as published by the Free Software Foundation; either
16 version 3 of the License, or (at your option) any later version.
18 This library is distributed in the hope that it will be useful,
19 but WITHOUT ANY WARRANTY; without even the implied warranty of
20 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
21 Lesser General Public License for more details.
23 You should have received a copy of the GNU Lesser General Public
24 License along with this library; if not, see <http://www.gnu.org/licenses/>.
28 #define SAFE_FREE(x) do { if ((x) != NULL) {free((void *)x); (x)=NULL;} } while(0)
33 - only allow a single transaction at a time per database. This makes
34 using the transaction API simpler, as otherwise the caller would
35 have to cope with temporary failures in transactions that conflict
36 with other current transactions
38 - keep the transaction recovery information in the same file as the
39 database, using a special 'transaction recovery' record pointed at
40 by the header. This removes the need for extra journal files as
41 used by some other databases
43 - dynamically allocated the transaction recover record, re-using it
44 for subsequent transactions. If a larger record is needed then
45 tdb_free() the old record to place it on the normal tdb freelist
46 before allocating the new record
48 - during transactions, keep a linked list of writes all that have
49 been performed by intercepting all tdb_write() calls. The hooked
50 transaction versions of tdb_read() and tdb_write() check this
51 linked list and try to use the elements of the list in preference
54 - don't allow any locks to be held when a transaction starts,
55 otherwise we can end up with deadlock (plus lack of lock nesting
56 in POSIX locks would mean the lock is lost)
58 - if the caller gains a lock during the transaction but doesn't
59 release it then fail the commit
61 - allow for nested calls to tdb_transaction_start(), re-using the
62 existing transaction record. If the inner transaction is canceled
63 then a subsequent commit will fail
65 - keep a mirrored copy of the tdb hash chain heads to allow for the
66 fast hash heads scan on traverse, updating the mirrored copy in
67 the transaction version of tdb_write
69 - allow callers to mix transaction and non-transaction use of tdb,
70 although once a transaction is started then an exclusive lock is
71 gained until the transaction is committed or canceled
73 - the commit stategy involves first saving away all modified data
74 into a linearised buffer in the transaction recovery area, then
75 marking the transaction recovery area with a magic value to
76 indicate a valid recovery record. In total 4 fsync/msync calls are
77 needed per commit to prevent race conditions. It might be possible
78 to reduce this to 3 or even 2 with some more work.
80 - check for a valid recovery record on open of the tdb, while the
81 open lock is held. Automatically recover from the transaction
82 recovery area if needed, then continue with the open as
83 usual. This allows for smooth crash recovery with no administrator
86 - if TDB_NOSYNC is passed to flags in tdb_open then transactions are
87 still available, but no transaction recovery area is used and no
88 fsync/msync calls are made.
92 hold the context of any current transaction
94 struct tdb_transaction {
95 /* the original io methods - used to do IOs to the real db */
96 const struct tdb_methods *io_methods;
98 /* the list of transaction blocks. When a block is first
99 written to, it gets created in this list */
102 size_t last_block_size; /* number of valid bytes in the last block */
104 /* non-zero when an internal transaction error has
105 occurred. All write operations will then fail until the
106 transaction is ended */
107 int transaction_error;
109 /* when inside a transaction we need to keep track of any
110 nested tdb_transaction_start() calls, as these are allowed,
111 but don't create a new transaction */
112 unsigned int nesting;
114 /* set when a prepare has already occurred */
116 tdb_off_t magic_offset;
118 /* old file size before transaction */
119 tdb_len_t old_map_size;
122 /* This doesn't really need to be pagesize, but we use it for similar reasons. */
123 #define PAGESIZE 65536
126 read while in a transaction. We need to check first if the data is in our list
127 of transaction elements, then if not do a real read
129 static enum TDB_ERROR transaction_read(struct tdb_context *tdb, tdb_off_t off,
130 void *buf, tdb_len_t len)
133 enum TDB_ERROR ecode;
135 /* break it down into block sized ops */
136 while (len + (off % PAGESIZE) > PAGESIZE) {
137 tdb_len_t len2 = PAGESIZE - (off % PAGESIZE);
138 ecode = transaction_read(tdb, off, buf, len2);
139 if (ecode != TDB_SUCCESS) {
144 buf = (void *)(len2 + (char *)buf);
151 blk = off / PAGESIZE;
153 /* see if we have it in the block list */
154 if (tdb->tdb2.transaction->num_blocks <= blk ||
155 tdb->tdb2.transaction->blocks[blk] == NULL) {
156 /* nope, do a real read */
157 ecode = tdb->tdb2.transaction->io_methods->tread(tdb, off, buf, len);
158 if (ecode != TDB_SUCCESS) {
164 /* it is in the block list. Now check for the last block */
165 if (blk == tdb->tdb2.transaction->num_blocks-1) {
166 if (len > tdb->tdb2.transaction->last_block_size) {
172 /* now copy it out of this block */
173 memcpy(buf, tdb->tdb2.transaction->blocks[blk] + (off % PAGESIZE), len);
177 tdb->tdb2.transaction->transaction_error = 1;
178 return tdb_logerr(tdb, ecode, TDB_LOG_ERROR,
179 "transaction_read: failed at off=%zu len=%zu",
180 (size_t)off, (size_t)len);
185 write while in a transaction
187 static enum TDB_ERROR transaction_write(struct tdb_context *tdb, tdb_off_t off,
188 const void *buf, tdb_len_t len)
191 enum TDB_ERROR ecode;
193 /* Only a commit is allowed on a prepared transaction */
194 if (tdb->tdb2.transaction->prepared) {
195 ecode = tdb_logerr(tdb, TDB_ERR_EINVAL, TDB_LOG_ERROR,
196 "transaction_write: transaction already"
197 " prepared, write not allowed");
201 /* break it up into block sized chunks */
202 while (len + (off % PAGESIZE) > PAGESIZE) {
203 tdb_len_t len2 = PAGESIZE - (off % PAGESIZE);
204 ecode = transaction_write(tdb, off, buf, len2);
205 if (ecode != TDB_SUCCESS) {
211 buf = (const void *)(len2 + (const char *)buf);
219 blk = off / PAGESIZE;
220 off = off % PAGESIZE;
222 if (tdb->tdb2.transaction->num_blocks <= blk) {
223 uint8_t **new_blocks;
224 /* expand the blocks array */
225 if (tdb->tdb2.transaction->blocks == NULL) {
226 new_blocks = (uint8_t **)malloc(
227 (blk+1)*sizeof(uint8_t *));
229 new_blocks = (uint8_t **)realloc(
230 tdb->tdb2.transaction->blocks,
231 (blk+1)*sizeof(uint8_t *));
233 if (new_blocks == NULL) {
234 ecode = tdb_logerr(tdb, TDB_ERR_OOM, TDB_LOG_ERROR,
236 " failed to allocate");
239 memset(&new_blocks[tdb->tdb2.transaction->num_blocks], 0,
240 (1+(blk - tdb->tdb2.transaction->num_blocks))*sizeof(uint8_t *));
241 tdb->tdb2.transaction->blocks = new_blocks;
242 tdb->tdb2.transaction->num_blocks = blk+1;
243 tdb->tdb2.transaction->last_block_size = 0;
246 /* allocate and fill a block? */
247 if (tdb->tdb2.transaction->blocks[blk] == NULL) {
248 tdb->tdb2.transaction->blocks[blk] = (uint8_t *)calloc(PAGESIZE, 1);
249 if (tdb->tdb2.transaction->blocks[blk] == NULL) {
250 ecode = tdb_logerr(tdb, TDB_ERR_OOM, TDB_LOG_ERROR,
252 " failed to allocate");
255 if (tdb->tdb2.transaction->old_map_size > blk * PAGESIZE) {
256 tdb_len_t len2 = PAGESIZE;
257 if (len2 + (blk * PAGESIZE) > tdb->tdb2.transaction->old_map_size) {
258 len2 = tdb->tdb2.transaction->old_map_size - (blk * PAGESIZE);
260 ecode = tdb->tdb2.transaction->io_methods->tread(tdb,
262 tdb->tdb2.transaction->blocks[blk],
264 if (ecode != TDB_SUCCESS) {
265 ecode = tdb_logerr(tdb, ecode,
269 " read old block: %s",
271 SAFE_FREE(tdb->tdb2.transaction->blocks[blk]);
274 if (blk == tdb->tdb2.transaction->num_blocks-1) {
275 tdb->tdb2.transaction->last_block_size = len2;
280 /* overwrite part of an existing block */
282 memset(tdb->tdb2.transaction->blocks[blk] + off, 0, len);
284 memcpy(tdb->tdb2.transaction->blocks[blk] + off, buf, len);
286 if (blk == tdb->tdb2.transaction->num_blocks-1) {
287 if (len + off > tdb->tdb2.transaction->last_block_size) {
288 tdb->tdb2.transaction->last_block_size = len + off;
295 tdb->tdb2.transaction->transaction_error = 1;
301 write while in a transaction - this variant never expands the transaction blocks, it only
302 updates existing blocks. This means it cannot change the recovery size
304 static void transaction_write_existing(struct tdb_context *tdb, tdb_off_t off,
305 const void *buf, tdb_len_t len)
309 /* break it up into block sized chunks */
310 while (len + (off % PAGESIZE) > PAGESIZE) {
311 tdb_len_t len2 = PAGESIZE - (off % PAGESIZE);
312 transaction_write_existing(tdb, off, buf, len2);
316 buf = (const void *)(len2 + (const char *)buf);
324 blk = off / PAGESIZE;
325 off = off % PAGESIZE;
327 if (tdb->tdb2.transaction->num_blocks <= blk ||
328 tdb->tdb2.transaction->blocks[blk] == NULL) {
332 if (blk == tdb->tdb2.transaction->num_blocks-1 &&
333 off + len > tdb->tdb2.transaction->last_block_size) {
334 if (off >= tdb->tdb2.transaction->last_block_size) {
337 len = tdb->tdb2.transaction->last_block_size - off;
340 /* overwrite part of an existing block */
341 memcpy(tdb->tdb2.transaction->blocks[blk] + off, buf, len);
346 out of bounds check during a transaction
348 static enum TDB_ERROR transaction_oob(struct tdb_context *tdb, tdb_off_t len,
351 if (len <= tdb->file->map_size || probe) {
355 tdb_logerr(tdb, TDB_ERR_IO, TDB_LOG_ERROR,
356 "tdb_oob len %lld beyond transaction size %lld",
358 (long long)tdb->file->map_size);
363 transaction version of tdb_expand().
365 static enum TDB_ERROR transaction_expand_file(struct tdb_context *tdb,
368 enum TDB_ERROR ecode;
370 /* add a write to the transaction elements, so subsequent
371 reads see the zero data */
372 ecode = transaction_write(tdb, tdb->file->map_size, NULL, addition);
373 if (ecode == TDB_SUCCESS) {
374 tdb->file->map_size += addition;
379 static void *transaction_direct(struct tdb_context *tdb, tdb_off_t off,
380 size_t len, bool write_mode)
382 size_t blk = off / PAGESIZE, end_blk;
384 /* This is wrong for zero-length blocks, but will fail gracefully */
385 end_blk = (off + len - 1) / PAGESIZE;
387 /* Can only do direct if in single block and we've already copied. */
389 tdb->stats.transaction_write_direct++;
391 || blk >= tdb->tdb2.transaction->num_blocks
392 || tdb->tdb2.transaction->blocks[blk] == NULL) {
393 tdb->stats.transaction_write_direct_fail++;
396 return tdb->tdb2.transaction->blocks[blk] + off % PAGESIZE;
399 tdb->stats.transaction_read_direct++;
400 /* Single which we have copied? */
402 && blk < tdb->tdb2.transaction->num_blocks
403 && tdb->tdb2.transaction->blocks[blk])
404 return tdb->tdb2.transaction->blocks[blk] + off % PAGESIZE;
406 /* Otherwise must be all not copied. */
407 while (blk <= end_blk) {
408 if (blk >= tdb->tdb2.transaction->num_blocks)
410 if (tdb->tdb2.transaction->blocks[blk]) {
411 tdb->stats.transaction_read_direct_fail++;
416 return tdb->tdb2.transaction->io_methods->direct(tdb, off, len, false);
419 static const struct tdb_methods transaction_methods = {
423 transaction_expand_file,
430 static enum TDB_ERROR transaction_sync(struct tdb_context *tdb,
431 tdb_off_t offset, tdb_len_t length)
433 if (tdb->flags & TDB_NOSYNC) {
437 if (fsync(tdb->file->fd) != 0) {
438 return tdb_logerr(tdb, TDB_ERR_IO, TDB_LOG_ERROR,
439 "tdb_transaction: fsync failed: %s",
443 if (tdb->file->map_ptr) {
444 tdb_off_t moffset = offset & ~(getpagesize()-1);
445 if (msync(moffset + (char *)tdb->file->map_ptr,
446 length + (offset - moffset), MS_SYNC) != 0) {
447 return tdb_logerr(tdb, TDB_ERR_IO, TDB_LOG_ERROR,
448 "tdb_transaction: msync failed: %s",
457 static void _tdb_transaction_cancel(struct tdb_context *tdb)
460 enum TDB_ERROR ecode;
462 if (tdb->tdb2.transaction == NULL) {
463 tdb_logerr(tdb, TDB_ERR_EINVAL, TDB_LOG_USE_ERROR,
464 "tdb_transaction_cancel: no transaction");
468 if (tdb->tdb2.transaction->nesting != 0) {
469 tdb->tdb2.transaction->transaction_error = 1;
470 tdb->tdb2.transaction->nesting--;
474 tdb->file->map_size = tdb->tdb2.transaction->old_map_size;
476 /* free all the transaction blocks */
477 for (i=0;i<tdb->tdb2.transaction->num_blocks;i++) {
478 if (tdb->tdb2.transaction->blocks[i] != NULL) {
479 free(tdb->tdb2.transaction->blocks[i]);
482 SAFE_FREE(tdb->tdb2.transaction->blocks);
484 if (tdb->tdb2.transaction->magic_offset) {
485 const struct tdb_methods *methods = tdb->tdb2.transaction->io_methods;
486 uint64_t invalid = TDB_RECOVERY_INVALID_MAGIC;
488 /* remove the recovery marker */
489 ecode = methods->twrite(tdb, tdb->tdb2.transaction->magic_offset,
490 &invalid, sizeof(invalid));
491 if (ecode == TDB_SUCCESS)
492 ecode = transaction_sync(tdb,
493 tdb->tdb2.transaction->magic_offset,
495 if (ecode != TDB_SUCCESS) {
496 tdb_logerr(tdb, ecode, TDB_LOG_ERROR,
497 "tdb_transaction_cancel: failed to remove"
502 if (tdb->file->allrecord_lock.count)
503 tdb_allrecord_unlock(tdb, tdb->file->allrecord_lock.ltype);
505 /* restore the normal io methods */
506 tdb->tdb2.io = tdb->tdb2.transaction->io_methods;
508 tdb_transaction_unlock(tdb, F_WRLCK);
510 if (tdb_has_open_lock(tdb))
511 tdb_unlock_open(tdb, F_WRLCK);
513 SAFE_FREE(tdb->tdb2.transaction);
517 start a tdb transaction. No token is returned, as only a single
518 transaction is allowed to be pending per tdb_context
520 enum TDB_ERROR tdb_transaction_start(struct tdb_context *tdb)
522 enum TDB_ERROR ecode;
524 if (tdb->flags & TDB_VERSION1) {
525 if (tdb1_transaction_start(tdb) == -1)
526 return tdb->last_error;
530 tdb->stats.transactions++;
531 /* some sanity checks */
532 if (tdb->flags & TDB_INTERNAL) {
533 return tdb->last_error = tdb_logerr(tdb, TDB_ERR_EINVAL,
535 "tdb_transaction_start:"
541 if (tdb->flags & TDB_RDONLY) {
542 return tdb->last_error = tdb_logerr(tdb, TDB_ERR_RDONLY,
544 "tdb_transaction_start:"
550 /* cope with nested tdb_transaction_start() calls */
551 if (tdb->tdb2.transaction != NULL) {
552 if (!(tdb->flags & TDB_ALLOW_NESTING)) {
553 return tdb->last_error
554 = tdb_logerr(tdb, TDB_ERR_IO,
556 "tdb_transaction_start:"
557 " already inside transaction");
559 tdb->tdb2.transaction->nesting++;
560 tdb->stats.transaction_nest++;
564 if (tdb_has_hash_locks(tdb)) {
565 /* the caller must not have any locks when starting a
566 transaction as otherwise we'll be screwed by lack
567 of nested locks in POSIX */
568 return tdb->last_error = tdb_logerr(tdb, TDB_ERR_LOCK,
570 "tdb_transaction_start:"
572 " transaction with locks"
576 tdb->tdb2.transaction = (struct tdb_transaction *)
577 calloc(sizeof(struct tdb_transaction), 1);
578 if (tdb->tdb2.transaction == NULL) {
579 return tdb->last_error = tdb_logerr(tdb, TDB_ERR_OOM,
581 "tdb_transaction_start:"
585 /* get the transaction write lock. This is a blocking lock. As
586 discussed with Volker, there are a number of ways we could
587 make this async, which we will probably do in the future */
588 ecode = tdb_transaction_lock(tdb, F_WRLCK);
589 if (ecode != TDB_SUCCESS) {
590 SAFE_FREE(tdb->tdb2.transaction->blocks);
591 SAFE_FREE(tdb->tdb2.transaction);
592 return tdb->last_error = ecode;
595 /* get a read lock over entire file. This is upgraded to a write
596 lock during the commit */
597 ecode = tdb_allrecord_lock(tdb, F_RDLCK, TDB_LOCK_WAIT, true);
598 if (ecode != TDB_SUCCESS) {
599 goto fail_allrecord_lock;
602 /* make sure we know about any file expansions already done by
604 tdb->tdb2.io->oob(tdb, tdb->file->map_size + 1, true);
605 tdb->tdb2.transaction->old_map_size = tdb->file->map_size;
607 /* finally hook the io methods, replacing them with
608 transaction specific methods */
609 tdb->tdb2.transaction->io_methods = tdb->tdb2.io;
610 tdb->tdb2.io = &transaction_methods;
611 return tdb->last_error = TDB_SUCCESS;
614 tdb_transaction_unlock(tdb, F_WRLCK);
615 SAFE_FREE(tdb->tdb2.transaction->blocks);
616 SAFE_FREE(tdb->tdb2.transaction);
617 return tdb->last_error = ecode;
622 cancel the current transaction
624 void tdb_transaction_cancel(struct tdb_context *tdb)
626 if (tdb->flags & TDB_VERSION1) {
627 tdb1_transaction_cancel(tdb);
630 tdb->stats.transaction_cancel++;
631 _tdb_transaction_cancel(tdb);
635 work out how much space the linearised recovery data will consume (worst case)
637 static tdb_len_t tdb_recovery_size(struct tdb_context *tdb)
639 tdb_len_t recovery_size = 0;
643 for (i=0;i<tdb->tdb2.transaction->num_blocks;i++) {
644 if (i * PAGESIZE >= tdb->tdb2.transaction->old_map_size) {
647 if (tdb->tdb2.transaction->blocks[i] == NULL) {
650 recovery_size += 2*sizeof(tdb_off_t);
651 if (i == tdb->tdb2.transaction->num_blocks-1) {
652 recovery_size += tdb->tdb2.transaction->last_block_size;
654 recovery_size += PAGESIZE;
658 return recovery_size;
661 static enum TDB_ERROR tdb_recovery_area(struct tdb_context *tdb,
662 const struct tdb_methods *methods,
663 tdb_off_t *recovery_offset,
664 struct tdb_recovery_record *rec)
666 enum TDB_ERROR ecode;
668 *recovery_offset = tdb_read_off(tdb,
669 offsetof(struct tdb_header, recovery));
670 if (TDB_OFF_IS_ERR(*recovery_offset)) {
671 return TDB_OFF_TO_ERR(*recovery_offset);
674 if (*recovery_offset == 0) {
679 ecode = methods->tread(tdb, *recovery_offset, rec, sizeof(*rec));
680 if (ecode != TDB_SUCCESS)
683 tdb_convert(tdb, rec, sizeof(*rec));
684 /* ignore invalid recovery regions: can happen in crash */
685 if (rec->magic != TDB_RECOVERY_MAGIC &&
686 rec->magic != TDB_RECOVERY_INVALID_MAGIC) {
687 *recovery_offset = 0;
693 static unsigned int same(const unsigned char *new,
694 const unsigned char *old,
699 for (i = 0; i < length; i++) {
700 if (new[i] != old[i])
706 static unsigned int different(const unsigned char *new,
707 const unsigned char *old,
709 unsigned int min_same,
710 unsigned int *samelen)
715 for (i = 0; i < length; i++) {
716 if (new[i] == old[i]) {
719 if (*samelen >= min_same) {
726 if (*samelen < min_same)
728 return length - *samelen;
731 /* Allocates recovery blob, without tdb_recovery_record at head set up. */
732 static struct tdb_recovery_record *alloc_recovery(struct tdb_context *tdb,
735 struct tdb_recovery_record *rec;
737 enum TDB_ERROR ecode;
739 const struct tdb_methods *old_methods = tdb->tdb2.io;
741 rec = malloc(sizeof(*rec) + tdb_recovery_size(tdb));
743 tdb_logerr(tdb, TDB_ERR_OOM, TDB_LOG_ERROR,
744 "transaction_setup_recovery:"
746 return TDB_ERR_PTR(TDB_ERR_OOM);
749 /* We temporarily revert to the old I/O methods, so we can use
751 tdb->tdb2.io = tdb->tdb2.transaction->io_methods;
753 /* build the recovery data into a single blob to allow us to do a single
754 large write, which should be more efficient */
755 p = (unsigned char *)(rec + 1);
756 for (i=0;i<tdb->tdb2.transaction->num_blocks;i++) {
760 const unsigned char *buffer;
762 if (tdb->tdb2.transaction->blocks[i] == NULL) {
766 offset = i * PAGESIZE;
768 if (i == tdb->tdb2.transaction->num_blocks-1) {
769 length = tdb->tdb2.transaction->last_block_size;
772 if (offset >= tdb->tdb2.transaction->old_map_size) {
776 if (offset + length > tdb->file->map_size) {
777 ecode = tdb_logerr(tdb, TDB_ERR_CORRUPT, TDB_LOG_ERROR,
778 "tdb_transaction_setup_recovery:"
779 " transaction data over new region"
783 if (offset + length > tdb->tdb2.transaction->old_map_size) {
784 /* Short read at EOF. */
785 length = tdb->tdb2.transaction->old_map_size - offset;
787 buffer = tdb_access_read(tdb, offset, length, false);
788 if (TDB_PTR_IS_ERR(buffer)) {
789 ecode = TDB_PTR_ERR(buffer);
793 /* Skip over anything the same at the start. */
794 off = same(tdb->tdb2.transaction->blocks[i], buffer, length);
797 while (off < length) {
799 unsigned int samelen;
801 len = different(tdb->tdb2.transaction->blocks[i] + off,
802 buffer + off, length - off,
803 sizeof(offset) + sizeof(len) + 1,
806 memcpy(p, &offset, sizeof(offset));
807 memcpy(p + sizeof(offset), &len, sizeof(len));
808 tdb_convert(tdb, p, sizeof(offset) + sizeof(len));
809 p += sizeof(offset) + sizeof(len);
810 memcpy(p, buffer + off, len);
812 off += len + samelen;
813 offset += len + samelen;
815 tdb_access_release(tdb, buffer);
818 *len = p - (unsigned char *)(rec + 1);
819 tdb->tdb2.io = old_methods;
824 tdb->tdb2.io = old_methods;
825 return TDB_ERR_PTR(ecode);
828 static tdb_off_t create_recovery_area(struct tdb_context *tdb,
829 tdb_len_t rec_length,
830 struct tdb_recovery_record *rec)
832 tdb_off_t off, recovery_off;
834 enum TDB_ERROR ecode;
835 const struct tdb_methods *methods = tdb->tdb2.transaction->io_methods;
837 /* round up to a multiple of page size. Overallocate, since each
838 * such allocation forces us to expand the file. */
840 = (((sizeof(*rec) + rec_length + rec_length / 2)
841 + PAGESIZE-1) & ~(PAGESIZE-1))
843 off = tdb->file->map_size;
845 /* Restore ->map_size before calling underlying expand_file.
846 Also so that we don't try to expand the file again in the
847 transaction commit, which would destroy the recovery
849 addition = (tdb->file->map_size - tdb->tdb2.transaction->old_map_size) +
850 sizeof(*rec) + rec->max_len;
851 tdb->file->map_size = tdb->tdb2.transaction->old_map_size;
852 tdb->stats.transaction_expand_file++;
853 ecode = methods->expand_file(tdb, addition);
854 if (ecode != TDB_SUCCESS) {
855 tdb_logerr(tdb, ecode, TDB_LOG_ERROR,
856 "tdb_recovery_allocate:"
857 " failed to create recovery area");
858 return TDB_ERR_TO_OFF(ecode);
861 /* we have to reset the old map size so that we don't try to
862 expand the file again in the transaction commit, which
863 would destroy the recovery area */
864 tdb->tdb2.transaction->old_map_size = tdb->file->map_size;
866 /* write the recovery header offset and sync - we can sync without a race here
867 as the magic ptr in the recovery record has not been set */
869 tdb_convert(tdb, &recovery_off, sizeof(recovery_off));
870 ecode = methods->twrite(tdb, offsetof(struct tdb_header, recovery),
871 &recovery_off, sizeof(tdb_off_t));
872 if (ecode != TDB_SUCCESS) {
873 tdb_logerr(tdb, ecode, TDB_LOG_ERROR,
874 "tdb_recovery_allocate:"
875 " failed to write recovery head");
876 return TDB_ERR_TO_OFF(ecode);
878 transaction_write_existing(tdb, offsetof(struct tdb_header, recovery),
885 setup the recovery data that will be used on a crash during commit
887 static enum TDB_ERROR transaction_setup_recovery(struct tdb_context *tdb)
889 tdb_len_t recovery_size = 0;
890 tdb_off_t recovery_off = 0;
891 tdb_off_t old_map_size = tdb->tdb2.transaction->old_map_size;
892 struct tdb_recovery_record *recovery;
893 const struct tdb_methods *methods = tdb->tdb2.transaction->io_methods;
895 enum TDB_ERROR ecode;
897 recovery = alloc_recovery(tdb, &recovery_size);
898 if (TDB_PTR_IS_ERR(recovery))
899 return TDB_PTR_ERR(recovery);
901 ecode = tdb_recovery_area(tdb, methods, &recovery_off, recovery);
907 if (recovery->max_len < recovery_size) {
908 /* Not large enough. Free up old recovery area. */
911 ecode = add_free_record(tdb, recovery_off,
914 TDB_LOCK_WAIT, true);
916 if (ecode != TDB_SUCCESS) {
917 return tdb_logerr(tdb, ecode, TDB_LOG_ERROR,
918 "tdb_recovery_allocate:"
919 " failed to free previous"
923 /* Refresh recovery after add_free_record above. */
924 recovery = alloc_recovery(tdb, &recovery_size);
925 if (TDB_PTR_IS_ERR(recovery))
926 return TDB_PTR_ERR(recovery);
929 recovery_off = create_recovery_area(tdb, recovery_size,
931 if (TDB_OFF_IS_ERR(recovery_off)) {
933 return TDB_OFF_TO_ERR(recovery_off);
937 /* Now we know size, convert rec header. */
938 recovery->magic = TDB_RECOVERY_INVALID_MAGIC;
939 recovery->len = recovery_size;
940 recovery->eof = old_map_size;
941 tdb_convert(tdb, recovery, sizeof(*recovery));
943 /* write the recovery data to the recovery area */
944 ecode = methods->twrite(tdb, recovery_off, recovery, recovery_size);
945 if (ecode != TDB_SUCCESS) {
947 return tdb_logerr(tdb, ecode, TDB_LOG_ERROR,
948 "tdb_transaction_setup_recovery:"
949 " failed to write recovery data");
951 transaction_write_existing(tdb, recovery_off, recovery, recovery_size);
955 /* as we don't have ordered writes, we have to sync the recovery
956 data before we update the magic to indicate that the recovery
958 ecode = transaction_sync(tdb, recovery_off, recovery_size);
959 if (ecode != TDB_SUCCESS)
962 magic = TDB_RECOVERY_MAGIC;
963 tdb_convert(tdb, &magic, sizeof(magic));
965 tdb->tdb2.transaction->magic_offset
966 = recovery_off + offsetof(struct tdb_recovery_record, magic);
968 ecode = methods->twrite(tdb, tdb->tdb2.transaction->magic_offset,
969 &magic, sizeof(magic));
970 if (ecode != TDB_SUCCESS) {
971 return tdb_logerr(tdb, ecode, TDB_LOG_ERROR,
972 "tdb_transaction_setup_recovery:"
973 " failed to write recovery magic");
975 transaction_write_existing(tdb, tdb->tdb2.transaction->magic_offset,
976 &magic, sizeof(magic));
978 /* ensure the recovery magic marker is on disk */
979 return transaction_sync(tdb, tdb->tdb2.transaction->magic_offset,
983 static enum TDB_ERROR _tdb_transaction_prepare_commit(struct tdb_context *tdb)
985 const struct tdb_methods *methods;
986 enum TDB_ERROR ecode;
988 if (tdb->tdb2.transaction == NULL) {
989 return tdb_logerr(tdb, TDB_ERR_EINVAL, TDB_LOG_USE_ERROR,
990 "tdb_transaction_prepare_commit:"
994 if (tdb->tdb2.transaction->prepared) {
995 _tdb_transaction_cancel(tdb);
996 return tdb_logerr(tdb, TDB_ERR_EINVAL, TDB_LOG_USE_ERROR,
997 "tdb_transaction_prepare_commit:"
998 " transaction already prepared");
1001 if (tdb->tdb2.transaction->transaction_error) {
1002 _tdb_transaction_cancel(tdb);
1003 return tdb_logerr(tdb, TDB_ERR_EINVAL, TDB_LOG_ERROR,
1004 "tdb_transaction_prepare_commit:"
1005 " transaction error pending");
1009 if (tdb->tdb2.transaction->nesting != 0) {
1013 /* check for a null transaction */
1014 if (tdb->tdb2.transaction->blocks == NULL) {
1018 methods = tdb->tdb2.transaction->io_methods;
1020 /* upgrade the main transaction lock region to a write lock */
1021 ecode = tdb_allrecord_upgrade(tdb, TDB_HASH_LOCK_START);
1022 if (ecode != TDB_SUCCESS) {
1026 /* get the open lock - this prevents new users attaching to the database
1027 during the commit */
1028 ecode = tdb_lock_open(tdb, F_WRLCK, TDB_LOCK_WAIT|TDB_LOCK_NOCHECK);
1029 if (ecode != TDB_SUCCESS) {
1033 /* Since we have whole db locked, we don't need the expansion lock. */
1034 if (!(tdb->flags & TDB_NOSYNC)) {
1035 /* Sets up tdb->tdb2.transaction->recovery and
1036 * tdb->tdb2.transaction->magic_offset. */
1037 ecode = transaction_setup_recovery(tdb);
1038 if (ecode != TDB_SUCCESS) {
1043 tdb->tdb2.transaction->prepared = true;
1045 /* expand the file to the new size if needed */
1046 if (tdb->file->map_size != tdb->tdb2.transaction->old_map_size) {
1049 add = tdb->file->map_size - tdb->tdb2.transaction->old_map_size;
1050 /* Restore original map size for tdb_expand_file */
1051 tdb->file->map_size = tdb->tdb2.transaction->old_map_size;
1052 ecode = methods->expand_file(tdb, add);
1053 if (ecode != TDB_SUCCESS) {
1058 /* Keep the open lock until the actual commit */
1063 prepare to commit the current transaction
1065 enum TDB_ERROR tdb_transaction_prepare_commit(struct tdb_context *tdb)
1067 if (tdb->flags & TDB_VERSION1) {
1068 if (tdb1_transaction_prepare_commit(tdb) == -1)
1069 return tdb->last_error;
1072 return tdb->last_error = _tdb_transaction_prepare_commit(tdb);
1076 commit the current transaction
1078 enum TDB_ERROR tdb_transaction_commit(struct tdb_context *tdb)
1080 const struct tdb_methods *methods;
1082 enum TDB_ERROR ecode;
1084 if (tdb->flags & TDB_VERSION1) {
1085 if (tdb1_transaction_commit(tdb) == -1)
1086 return tdb->last_error;
1090 if (tdb->tdb2.transaction == NULL) {
1091 return tdb->last_error = tdb_logerr(tdb, TDB_ERR_EINVAL,
1093 "tdb_transaction_commit:"
1097 tdb_trace(tdb, "tdb_transaction_commit");
1099 if (tdb->tdb2.transaction->nesting != 0) {
1100 tdb->tdb2.transaction->nesting--;
1101 return tdb->last_error = TDB_SUCCESS;
1104 /* check for a null transaction */
1105 if (tdb->tdb2.transaction->blocks == NULL) {
1106 _tdb_transaction_cancel(tdb);
1107 return tdb->last_error = TDB_SUCCESS;
1110 if (!tdb->tdb2.transaction->prepared) {
1111 ecode = _tdb_transaction_prepare_commit(tdb);
1112 if (ecode != TDB_SUCCESS) {
1113 _tdb_transaction_cancel(tdb);
1114 return tdb->last_error = ecode;
1118 methods = tdb->tdb2.transaction->io_methods;
1120 /* perform all the writes */
1121 for (i=0;i<tdb->tdb2.transaction->num_blocks;i++) {
1125 if (tdb->tdb2.transaction->blocks[i] == NULL) {
1129 offset = i * PAGESIZE;
1131 if (i == tdb->tdb2.transaction->num_blocks-1) {
1132 length = tdb->tdb2.transaction->last_block_size;
1135 ecode = methods->twrite(tdb, offset,
1136 tdb->tdb2.transaction->blocks[i], length);
1137 if (ecode != TDB_SUCCESS) {
1138 /* we've overwritten part of the data and
1139 possibly expanded the file, so we need to
1140 run the crash recovery code */
1141 tdb->tdb2.io = methods;
1142 tdb_transaction_recover(tdb);
1144 _tdb_transaction_cancel(tdb);
1146 return tdb->last_error = ecode;
1148 SAFE_FREE(tdb->tdb2.transaction->blocks[i]);
1151 SAFE_FREE(tdb->tdb2.transaction->blocks);
1152 tdb->tdb2.transaction->num_blocks = 0;
1154 /* ensure the new data is on disk */
1155 ecode = transaction_sync(tdb, 0, tdb->file->map_size);
1156 if (ecode != TDB_SUCCESS) {
1157 return tdb->last_error = ecode;
1161 TODO: maybe write to some dummy hdr field, or write to magic
1162 offset without mmap, before the last sync, instead of the
1166 /* on some systems (like Linux 2.6.x) changes via mmap/msync
1167 don't change the mtime of the file, this means the file may
1168 not be backed up (as tdb rounding to block sizes means that
1169 file size changes are quite rare too). The following forces
1170 mtime changes when a transaction completes */
1172 utime(tdb->name, NULL);
1175 /* use a transaction cancel to free memory and remove the
1176 transaction locks: it "restores" map_size, too. */
1177 tdb->tdb2.transaction->old_map_size = tdb->file->map_size;
1178 _tdb_transaction_cancel(tdb);
1180 return tdb->last_error = TDB_SUCCESS;
1185 recover from an aborted transaction. Must be called with exclusive
1186 database write access already established (including the open
1187 lock to prevent new processes attaching)
1189 enum TDB_ERROR tdb_transaction_recover(struct tdb_context *tdb)
1191 tdb_off_t recovery_head, recovery_eof;
1192 unsigned char *data, *p;
1193 struct tdb_recovery_record rec;
1194 enum TDB_ERROR ecode;
1196 /* find the recovery area */
1197 recovery_head = tdb_read_off(tdb, offsetof(struct tdb_header,recovery));
1198 if (TDB_OFF_IS_ERR(recovery_head)) {
1199 ecode = TDB_OFF_TO_ERR(recovery_head);
1200 return tdb_logerr(tdb, ecode, TDB_LOG_ERROR,
1201 "tdb_transaction_recover:"
1202 " failed to read recovery head");
1205 if (recovery_head == 0) {
1206 /* we have never allocated a recovery record */
1210 /* read the recovery record */
1211 ecode = tdb_read_convert(tdb, recovery_head, &rec, sizeof(rec));
1212 if (ecode != TDB_SUCCESS) {
1213 return tdb_logerr(tdb, ecode, TDB_LOG_ERROR,
1214 "tdb_transaction_recover:"
1215 " failed to read recovery record");
1218 if (rec.magic != TDB_RECOVERY_MAGIC) {
1219 /* there is no valid recovery data */
1223 if (tdb->flags & TDB_RDONLY) {
1224 return tdb_logerr(tdb, TDB_ERR_CORRUPT, TDB_LOG_ERROR,
1225 "tdb_transaction_recover:"
1226 " attempt to recover read only database");
1229 recovery_eof = rec.eof;
1231 data = (unsigned char *)malloc(rec.len);
1233 return tdb_logerr(tdb, TDB_ERR_OOM, TDB_LOG_ERROR,
1234 "tdb_transaction_recover:"
1235 " failed to allocate recovery data");
1238 /* read the full recovery data */
1239 ecode = tdb->tdb2.io->tread(tdb, recovery_head + sizeof(rec), data,
1241 if (ecode != TDB_SUCCESS) {
1242 return tdb_logerr(tdb, ecode, TDB_LOG_ERROR,
1243 "tdb_transaction_recover:"
1244 " failed to read recovery data");
1247 /* recover the file data */
1249 while (p+sizeof(tdb_off_t)+sizeof(tdb_len_t) < data + rec.len) {
1252 tdb_convert(tdb, p, sizeof(ofs) + sizeof(len));
1253 memcpy(&ofs, p, sizeof(ofs));
1254 memcpy(&len, p + sizeof(ofs), sizeof(len));
1255 p += sizeof(ofs) + sizeof(len);
1257 ecode = tdb->tdb2.io->twrite(tdb, ofs, p, len);
1258 if (ecode != TDB_SUCCESS) {
1260 return tdb_logerr(tdb, ecode, TDB_LOG_ERROR,
1261 "tdb_transaction_recover:"
1262 " failed to recover %zu bytes"
1264 (size_t)len, (size_t)ofs);
1271 ecode = transaction_sync(tdb, 0, tdb->file->map_size);
1272 if (ecode != TDB_SUCCESS) {
1273 return tdb_logerr(tdb, ecode, TDB_LOG_ERROR,
1274 "tdb_transaction_recover:"
1275 " failed to sync recovery");
1278 /* if the recovery area is after the recovered eof then remove it */
1279 if (recovery_eof <= recovery_head) {
1280 ecode = tdb_write_off(tdb, offsetof(struct tdb_header,
1283 if (ecode != TDB_SUCCESS) {
1284 return tdb_logerr(tdb, ecode, TDB_LOG_ERROR,
1285 "tdb_transaction_recover:"
1286 " failed to remove recovery head");
1290 /* remove the recovery magic */
1291 ecode = tdb_write_off(tdb,
1293 + offsetof(struct tdb_recovery_record, magic),
1294 TDB_RECOVERY_INVALID_MAGIC);
1295 if (ecode != TDB_SUCCESS) {
1296 return tdb_logerr(tdb, ecode, TDB_LOG_ERROR,
1297 "tdb_transaction_recover:"
1298 " failed to remove recovery magic");
1301 ecode = transaction_sync(tdb, 0, recovery_eof);
1302 if (ecode != TDB_SUCCESS) {
1303 return tdb_logerr(tdb, ecode, TDB_LOG_ERROR,
1304 "tdb_transaction_recover:"
1305 " failed to sync2 recovery");
1308 tdb_logerr(tdb, TDB_SUCCESS, TDB_LOG_WARNING,
1309 "tdb_transaction_recover: recovered %zu byte database",
1310 (size_t)recovery_eof);
1316 tdb_bool_err tdb_needs_recovery(struct tdb_context *tdb)
1318 tdb_off_t recovery_head;
1319 struct tdb_recovery_record rec;
1320 enum TDB_ERROR ecode;
1322 /* find the recovery area */
1323 recovery_head = tdb_read_off(tdb, offsetof(struct tdb_header,recovery));
1324 if (TDB_OFF_IS_ERR(recovery_head)) {
1325 return recovery_head;
1328 if (recovery_head == 0) {
1329 /* we have never allocated a recovery record */
1333 /* read the recovery record */
1334 ecode = tdb_read_convert(tdb, recovery_head, &rec, sizeof(rec));
1335 if (ecode != TDB_SUCCESS) {
1336 return TDB_ERR_TO_OFF(ecode);
1339 return (rec.magic == TDB_RECOVERY_MAGIC);
projects / ccan / blob