2 Unix SMB/CIFS implementation.
4 trivial database library
6 Copyright (C) Andrew Tridgell 2005
8 ** NOTE! The following LGPL license applies to the tdb
9 ** library. This does NOT imply that all of Samba is released
12 This library is free software; you can redistribute it and/or
13 modify it under the terms of the GNU Lesser General Public
14 License as published by the Free Software Foundation; either
15 version 3 of the License, or (at your option) any later version.
17 This library is distributed in the hope that it will be useful,
18 but WITHOUT ANY WARRANTY; without even the implied warranty of
19 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
20 Lesser General Public License for more details.
22 You should have received a copy of the GNU Lesser General Public
23 License along with this library; if not, see <http://www.gnu.org/licenses/>.
26 #include "tdb_private.h"
31 - only allow a single transaction at a time per database. This makes
32 using the transaction API simpler, as otherwise the caller would
33 have to cope with temporary failures in transactions that conflict
34 with other current transactions
36 - keep the transaction recovery information in the same file as the
37 database, using a special 'transaction recovery' record pointed at
38 by the header. This removes the need for extra journal files as
39 used by some other databases
41 - dynamically allocated the transaction recover record, re-using it
42 for subsequent transactions. If a larger record is needed then
43 tdb_free() the old record to place it on the normal tdb freelist
44 before allocating the new record
46 - during transactions, keep a linked list of writes all that have
47 been performed by intercepting all tdb_write() calls. The hooked
48 transaction versions of tdb_read() and tdb_write() check this
49 linked list and try to use the elements of the list in preference
52 - don't allow any locks to be held when a transaction starts,
53 otherwise we can end up with deadlock (plus lack of lock nesting
54 in posix locks would mean the lock is lost)
56 - if the caller gains a lock during the transaction but doesn't
57 release it then fail the commit
59 - allow for nested calls to tdb_transaction_start(), re-using the
60 existing transaction record. If the inner transaction is cancelled
61 then a subsequent commit will fail
63 - keep a mirrored copy of the tdb hash chain heads to allow for the
64 fast hash heads scan on traverse, updating the mirrored copy in
65 the transaction version of tdb_write
67 - allow callers to mix transaction and non-transaction use of tdb,
68 although once a transaction is started then an exclusive lock is
69 gained until the transaction is committed or cancelled
71 - the commit stategy involves first saving away all modified data
72 into a linearised buffer in the transaction recovery area, then
73 marking the transaction recovery area with a magic value to
74 indicate a valid recovery record. In total 4 fsync/msync calls are
75 needed per commit to prevent race conditions. It might be possible
76 to reduce this to 3 or even 2 with some more work.
78 - check for a valid recovery record on open of the tdb, while the
79 global lock is held. Automatically recover from the transaction
80 recovery area if needed, then continue with the open as
81 usual. This allows for smooth crash recovery with no administrator
84 - if TDB_NOSYNC is passed to flags in tdb_open then transactions are
85 still available, but no transaction recovery area is used and no
86 fsync/msync calls are made.
92 hold the context of any current transaction
94 struct tdb_transaction {
95 /* we keep a mirrored copy of the tdb hash heads here so
96 tdb_next_hash_chain() can operate efficiently */
99 /* the original io methods - used to do IOs to the real db */
100 const struct tdb_methods *io_methods;
102 /* the list of transaction blocks. When a block is first
103 written to, it gets created in this list */
106 uint32_t block_size; /* bytes in each block */
107 uint32_t last_block_size; /* number of valid bytes in the last block */
109 /* non-zero when an internal transaction error has
110 occurred. All write operations will then fail until the
111 transaction is ended */
112 int transaction_error;
114 /* when inside a transaction we need to keep track of any
115 nested tdb_transaction_start() calls, as these are allowed,
116 but don't create a new transaction */
119 /* old file size before transaction */
120 tdb_len_t old_map_size;
125 read while in a transaction. We need to check first if the data is in our list
126 of transaction elements, then if not do a real read
128 static int transaction_read(struct tdb_context *tdb, tdb_off_t off, void *buf,
129 tdb_len_t len, int cv)
133 /* break it down into block sized ops */
134 while (len + (off % tdb->transaction->block_size) > tdb->transaction->block_size) {
135 tdb_len_t len2 = tdb->transaction->block_size - (off % tdb->transaction->block_size);
136 if (transaction_read(tdb, off, buf, len2, cv) != 0) {
141 buf = (void *)(len2 + (char *)buf);
148 blk = off / tdb->transaction->block_size;
150 /* see if we have it in the block list */
151 if (tdb->transaction->num_blocks <= blk ||
152 tdb->transaction->blocks[blk] == NULL) {
153 /* nope, do a real read */
154 if (tdb->transaction->io_methods->tdb_read(tdb, off, buf, len, cv) != 0) {
160 /* it is in the block list. Now check for the last block */
161 if (blk == tdb->transaction->num_blocks-1) {
162 if (len > tdb->transaction->last_block_size) {
167 /* now copy it out of this block */
168 memcpy(buf, tdb->transaction->blocks[blk] + (off % tdb->transaction->block_size), len);
170 tdb_convert(buf, len);
175 TDB_LOG((tdb, TDB_DEBUG_FATAL, "transaction_read: failed at off=%d len=%d\n", off, len));
176 tdb->ecode = TDB_ERR_IO;
177 tdb->transaction->transaction_error = 1;
183 write while in a transaction
185 static int transaction_write(struct tdb_context *tdb, tdb_off_t off,
186 const void *buf, tdb_len_t len)
190 /* if the write is to a hash head, then update the transaction
192 if (len == sizeof(tdb_off_t) && off >= FREELIST_TOP &&
193 off < FREELIST_TOP+TDB_HASHTABLE_SIZE(tdb)) {
194 uint32_t chain = (off-FREELIST_TOP) / sizeof(tdb_off_t);
195 memcpy(&tdb->transaction->hash_heads[chain], buf, len);
198 /* break it up into block sized chunks */
199 while (len + (off % tdb->transaction->block_size) > tdb->transaction->block_size) {
200 tdb_len_t len2 = tdb->transaction->block_size - (off % tdb->transaction->block_size);
201 if (transaction_write(tdb, off, buf, len2) != 0) {
207 buf = (const void *)(len2 + (const char *)buf);
215 blk = off / tdb->transaction->block_size;
216 off = off % tdb->transaction->block_size;
218 if (tdb->transaction->num_blocks <= blk) {
219 uint8_t **new_blocks;
220 /* expand the blocks array */
221 if (tdb->transaction->blocks == NULL) {
222 new_blocks = malloc((blk+1)*sizeof(uint8_t *));
224 new_blocks = realloc(tdb->transaction->blocks, (blk+1)*sizeof(uint8_t *));
226 if (new_blocks == NULL) {
227 tdb->ecode = TDB_ERR_OOM;
230 memset(&new_blocks[tdb->transaction->num_blocks], 0,
231 (1+(blk - tdb->transaction->num_blocks))*sizeof(uint8_t *));
232 tdb->transaction->blocks = new_blocks;
233 tdb->transaction->num_blocks = blk+1;
234 tdb->transaction->last_block_size = 0;
237 /* allocate and fill a block? */
238 if (tdb->transaction->blocks[blk] == NULL) {
239 tdb->transaction->blocks[blk] = (uint8_t *)calloc(tdb->transaction->block_size, 1);
240 if (tdb->transaction->blocks[blk] == NULL) {
241 tdb->ecode = TDB_ERR_OOM;
242 tdb->transaction->transaction_error = 1;
245 if (tdb->transaction->old_map_size > blk * tdb->transaction->block_size) {
246 tdb_len_t len2 = tdb->transaction->block_size;
247 if (len2 + (blk * tdb->transaction->block_size) > tdb->transaction->old_map_size) {
248 len2 = tdb->transaction->old_map_size - (blk * tdb->transaction->block_size);
250 if (tdb->transaction->io_methods->tdb_read(tdb, blk * tdb->transaction->block_size,
251 tdb->transaction->blocks[blk],
253 SAFE_FREE(tdb->transaction->blocks[blk]);
254 tdb->ecode = TDB_ERR_IO;
257 if (blk == tdb->transaction->num_blocks-1) {
258 tdb->transaction->last_block_size = len2;
263 /* overwrite part of an existing block */
265 memset(tdb->transaction->blocks[blk] + off, 0, len);
267 memcpy(tdb->transaction->blocks[blk] + off, buf, len);
269 if (blk == tdb->transaction->num_blocks-1) {
270 if (len + off > tdb->transaction->last_block_size) {
271 tdb->transaction->last_block_size = len + off;
278 TDB_LOG((tdb, TDB_DEBUG_FATAL, "transaction_write: failed at off=%d len=%d\n",
279 (blk*tdb->transaction->block_size) + off, len));
280 tdb->transaction->transaction_error = 1;
286 write while in a transaction - this varient never expands the transaction blocks, it only
287 updates existing blocks. This means it cannot change the recovery size
289 static int transaction_write_existing(struct tdb_context *tdb, tdb_off_t off,
290 const void *buf, tdb_len_t len)
294 /* break it up into block sized chunks */
295 while (len + (off % tdb->transaction->block_size) > tdb->transaction->block_size) {
296 tdb_len_t len2 = tdb->transaction->block_size - (off % tdb->transaction->block_size);
297 if (transaction_write_existing(tdb, off, buf, len2) != 0) {
303 buf = (const void *)(len2 + (const char *)buf);
311 blk = off / tdb->transaction->block_size;
312 off = off % tdb->transaction->block_size;
314 if (tdb->transaction->num_blocks <= blk ||
315 tdb->transaction->blocks[blk] == NULL) {
319 /* overwrite part of an existing block */
321 memset(tdb->transaction->blocks[blk] + off, 0, len);
323 memcpy(tdb->transaction->blocks[blk] + off, buf, len);
325 if (blk == tdb->transaction->num_blocks-1) {
326 if (len + off > tdb->transaction->last_block_size) {
327 tdb->transaction->last_block_size = len + off;
334 TDB_LOG((tdb, TDB_DEBUG_FATAL, "transaction_write: failed at off=%d len=%d\n",
335 (blk*tdb->transaction->block_size) + off, len));
336 tdb->transaction->transaction_error = 1;
342 accelerated hash chain head search, using the cached hash heads
344 static void transaction_next_hash_chain(struct tdb_context *tdb, uint32_t *chain)
347 for (;h < tdb->header.hash_size;h++) {
348 /* the +1 takes account of the freelist */
349 if (0 != tdb->transaction->hash_heads[h+1]) {
357 out of bounds check during a transaction
359 static int transaction_oob(struct tdb_context *tdb, tdb_off_t len, int probe)
361 if (len <= tdb->map_size) {
364 return TDB_ERRCODE(TDB_ERR_IO, -1);
368 transaction version of tdb_expand().
370 static int transaction_expand_file(struct tdb_context *tdb, tdb_off_t size,
373 /* add a write to the transaction elements, so subsequent
374 reads see the zero data */
375 if (transaction_write(tdb, size, NULL, addition) != 0) {
383 brlock during a transaction - ignore them
385 static int transaction_brlock(struct tdb_context *tdb, tdb_off_t offset,
386 int rw_type, int lck_type, int probe, size_t len)
391 static const struct tdb_methods transaction_methods = {
394 transaction_next_hash_chain,
396 transaction_expand_file,
402 start a tdb transaction. No token is returned, as only a single
403 transaction is allowed to be pending per tdb_context
405 int tdb_transaction_start(struct tdb_context *tdb)
407 /* some sanity checks */
408 if (tdb->read_only || (tdb->flags & TDB_INTERNAL) || tdb->traverse_read) {
409 TDB_LOG((tdb, TDB_DEBUG_ERROR, "tdb_transaction_start: cannot start a transaction on a read-only or internal db\n"));
410 tdb->ecode = TDB_ERR_EINVAL;
414 /* cope with nested tdb_transaction_start() calls */
415 if (tdb->transaction != NULL) {
416 tdb->transaction->nesting++;
417 TDB_LOG((tdb, TDB_DEBUG_TRACE, "tdb_transaction_start: nesting %d\n",
418 tdb->transaction->nesting));
422 if (tdb->num_locks != 0 || tdb->global_lock.count) {
423 /* the caller must not have any locks when starting a
424 transaction as otherwise we'll be screwed by lack
425 of nested locks in posix */
426 TDB_LOG((tdb, TDB_DEBUG_ERROR, "tdb_transaction_start: cannot start a transaction with locks held\n"));
427 tdb->ecode = TDB_ERR_LOCK;
431 if (tdb->travlocks.next != NULL) {
432 /* you cannot use transactions inside a traverse (although you can use
433 traverse inside a transaction) as otherwise you can end up with
435 TDB_LOG((tdb, TDB_DEBUG_ERROR, "tdb_transaction_start: cannot start a transaction within a traverse\n"));
436 tdb->ecode = TDB_ERR_LOCK;
440 tdb->transaction = (struct tdb_transaction *)
441 calloc(sizeof(struct tdb_transaction), 1);
442 if (tdb->transaction == NULL) {
443 tdb->ecode = TDB_ERR_OOM;
447 /* a page at a time seems like a reasonable compromise between compactness and efficiency */
448 tdb->transaction->block_size = tdb->page_size;
450 /* get the transaction write lock. This is a blocking lock. As
451 discussed with Volker, there are a number of ways we could
452 make this async, which we will probably do in the future */
453 if (tdb_transaction_lock(tdb, F_WRLCK) == -1) {
454 SAFE_FREE(tdb->transaction->blocks);
455 SAFE_FREE(tdb->transaction);
459 /* get a read lock from the freelist to the end of file. This
460 is upgraded to a write lock during the commit */
461 if (tdb_brlock(tdb, FREELIST_TOP, F_RDLCK, F_SETLKW, 0, 0) == -1) {
462 TDB_LOG((tdb, TDB_DEBUG_ERROR, "tdb_transaction_start: failed to get hash locks\n"));
463 tdb->ecode = TDB_ERR_LOCK;
467 /* setup a copy of the hash table heads so the hash scan in
468 traverse can be fast */
469 tdb->transaction->hash_heads = (uint32_t *)
470 calloc(tdb->header.hash_size+1, sizeof(uint32_t));
471 if (tdb->transaction->hash_heads == NULL) {
472 tdb->ecode = TDB_ERR_OOM;
475 if (tdb->methods->tdb_read(tdb, FREELIST_TOP, tdb->transaction->hash_heads,
476 TDB_HASHTABLE_SIZE(tdb), 0) != 0) {
477 TDB_LOG((tdb, TDB_DEBUG_FATAL, "tdb_transaction_start: failed to read hash heads\n"));
478 tdb->ecode = TDB_ERR_IO;
482 /* make sure we know about any file expansions already done by
484 tdb->methods->tdb_oob(tdb, tdb->map_size + 1, 1);
485 tdb->transaction->old_map_size = tdb->map_size;
487 /* finally hook the io methods, replacing them with
488 transaction specific methods */
489 tdb->transaction->io_methods = tdb->methods;
490 tdb->methods = &transaction_methods;
495 tdb_brlock(tdb, FREELIST_TOP, F_UNLCK, F_SETLKW, 0, 0);
496 tdb_transaction_unlock(tdb);
497 SAFE_FREE(tdb->transaction->blocks);
498 SAFE_FREE(tdb->transaction->hash_heads);
499 SAFE_FREE(tdb->transaction);
505 cancel the current transaction
507 int tdb_transaction_cancel(struct tdb_context *tdb)
511 if (tdb->transaction == NULL) {
512 TDB_LOG((tdb, TDB_DEBUG_ERROR, "tdb_transaction_cancel: no transaction\n"));
516 if (tdb->transaction->nesting != 0) {
517 tdb->transaction->transaction_error = 1;
518 tdb->transaction->nesting--;
522 tdb->map_size = tdb->transaction->old_map_size;
524 /* free all the transaction blocks */
525 for (i=0;i<tdb->transaction->num_blocks;i++) {
526 if (tdb->transaction->blocks[i] != NULL) {
527 free(tdb->transaction->blocks[i]);
530 SAFE_FREE(tdb->transaction->blocks);
532 /* remove any global lock created during the transaction */
533 if (tdb->global_lock.count != 0) {
534 tdb_brlock(tdb, FREELIST_TOP, F_UNLCK, F_SETLKW, 0, 4*tdb->header.hash_size);
535 tdb->global_lock.count = 0;
538 /* remove any locks created during the transaction */
539 if (tdb->num_locks != 0) {
540 for (i=0;i<tdb->num_lockrecs;i++) {
541 tdb_brlock(tdb,FREELIST_TOP+4*tdb->lockrecs[i].list,
542 F_UNLCK,F_SETLKW, 0, 1);
545 tdb->num_lockrecs = 0;
546 SAFE_FREE(tdb->lockrecs);
549 /* restore the normal io methods */
550 tdb->methods = tdb->transaction->io_methods;
552 tdb_brlock(tdb, FREELIST_TOP, F_UNLCK, F_SETLKW, 0, 0);
553 tdb_transaction_unlock(tdb);
554 SAFE_FREE(tdb->transaction->hash_heads);
555 SAFE_FREE(tdb->transaction);
563 static int transaction_sync(struct tdb_context *tdb, tdb_off_t offset, tdb_len_t length)
565 if (fsync(tdb->fd) != 0) {
566 tdb->ecode = TDB_ERR_IO;
567 TDB_LOG((tdb, TDB_DEBUG_FATAL, "tdb_transaction: fsync failed\n"));
572 tdb_off_t moffset = offset & ~(tdb->page_size-1);
573 if (msync(moffset + (char *)tdb->map_ptr,
574 length + (offset - moffset), MS_SYNC) != 0) {
575 tdb->ecode = TDB_ERR_IO;
576 TDB_LOG((tdb, TDB_DEBUG_FATAL, "tdb_transaction: msync failed - %s\n",
587 work out how much space the linearised recovery data will consume
589 static tdb_len_t tdb_recovery_size(struct tdb_context *tdb)
591 tdb_len_t recovery_size = 0;
594 recovery_size = sizeof(uint32_t);
595 for (i=0;i<tdb->transaction->num_blocks;i++) {
596 if (i * tdb->transaction->block_size >= tdb->transaction->old_map_size) {
599 if (tdb->transaction->blocks[i] == NULL) {
602 recovery_size += 2*sizeof(tdb_off_t);
603 if (i == tdb->transaction->num_blocks-1) {
604 recovery_size += tdb->transaction->last_block_size;
606 recovery_size += tdb->transaction->block_size;
610 return recovery_size;
614 allocate the recovery area, or use an existing recovery area if it is
617 static int tdb_recovery_allocate(struct tdb_context *tdb,
618 tdb_len_t *recovery_size,
619 tdb_off_t *recovery_offset,
620 tdb_len_t *recovery_max_size)
622 struct list_struct rec;
623 const struct tdb_methods *methods = tdb->transaction->io_methods;
624 tdb_off_t recovery_head;
626 if (tdb_ofs_read(tdb, TDB_RECOVERY_HEAD, &recovery_head) == -1) {
627 TDB_LOG((tdb, TDB_DEBUG_FATAL, "tdb_recovery_allocate: failed to read recovery head\n"));
633 if (recovery_head != 0 &&
634 methods->tdb_read(tdb, recovery_head, &rec, sizeof(rec), DOCONV()) == -1) {
635 TDB_LOG((tdb, TDB_DEBUG_FATAL, "tdb_recovery_allocate: failed to read recovery record\n"));
639 *recovery_size = tdb_recovery_size(tdb);
641 if (recovery_head != 0 && *recovery_size <= rec.rec_len) {
642 /* it fits in the existing area */
643 *recovery_max_size = rec.rec_len;
644 *recovery_offset = recovery_head;
648 /* we need to free up the old recovery area, then allocate a
649 new one at the end of the file. Note that we cannot use
650 tdb_allocate() to allocate the new one as that might return
651 us an area that is being currently used (as of the start of
653 if (recovery_head != 0) {
654 if (tdb_free(tdb, recovery_head, &rec) == -1) {
655 TDB_LOG((tdb, TDB_DEBUG_FATAL, "tdb_recovery_allocate: failed to free previous recovery area\n"));
660 /* the tdb_free() call might have increased the recovery size */
661 *recovery_size = tdb_recovery_size(tdb);
663 /* round up to a multiple of page size */
664 *recovery_max_size = TDB_ALIGN(sizeof(rec) + *recovery_size, tdb->page_size) - sizeof(rec);
665 *recovery_offset = tdb->map_size;
666 recovery_head = *recovery_offset;
668 if (methods->tdb_expand_file(tdb, tdb->transaction->old_map_size,
669 (tdb->map_size - tdb->transaction->old_map_size) +
670 sizeof(rec) + *recovery_max_size) == -1) {
671 TDB_LOG((tdb, TDB_DEBUG_FATAL, "tdb_recovery_allocate: failed to create recovery area\n"));
675 /* remap the file (if using mmap) */
676 methods->tdb_oob(tdb, tdb->map_size + 1, 1);
678 /* we have to reset the old map size so that we don't try to expand the file
679 again in the transaction commit, which would destroy the recovery area */
680 tdb->transaction->old_map_size = tdb->map_size;
682 /* write the recovery header offset and sync - we can sync without a race here
683 as the magic ptr in the recovery record has not been set */
684 CONVERT(recovery_head);
685 if (methods->tdb_write(tdb, TDB_RECOVERY_HEAD,
686 &recovery_head, sizeof(tdb_off_t)) == -1) {
687 TDB_LOG((tdb, TDB_DEBUG_FATAL, "tdb_recovery_allocate: failed to write recovery head\n"));
690 if (transaction_write_existing(tdb, TDB_RECOVERY_HEAD, &recovery_head, sizeof(tdb_off_t)) == -1) {
691 TDB_LOG((tdb, TDB_DEBUG_FATAL, "tdb_recovery_allocate: failed to write recovery head\n"));
700 setup the recovery data that will be used on a crash during commit
702 static int transaction_setup_recovery(struct tdb_context *tdb,
703 tdb_off_t *magic_offset)
705 tdb_len_t recovery_size;
706 unsigned char *data, *p;
707 const struct tdb_methods *methods = tdb->transaction->io_methods;
708 struct list_struct *rec;
709 tdb_off_t recovery_offset, recovery_max_size;
710 tdb_off_t old_map_size = tdb->transaction->old_map_size;
711 uint32_t magic, tailer;
715 check that the recovery area has enough space
717 if (tdb_recovery_allocate(tdb, &recovery_size,
718 &recovery_offset, &recovery_max_size) == -1) {
722 data = (unsigned char *)malloc(recovery_size + sizeof(*rec));
724 tdb->ecode = TDB_ERR_OOM;
728 rec = (struct list_struct *)data;
729 memset(rec, 0, sizeof(*rec));
732 rec->data_len = recovery_size;
733 rec->rec_len = recovery_max_size;
734 rec->key_len = old_map_size;
737 /* build the recovery data into a single blob to allow us to do a single
738 large write, which should be more efficient */
739 p = data + sizeof(*rec);
740 for (i=0;i<tdb->transaction->num_blocks;i++) {
744 if (tdb->transaction->blocks[i] == NULL) {
748 offset = i * tdb->transaction->block_size;
749 length = tdb->transaction->block_size;
750 if (i == tdb->transaction->num_blocks-1) {
751 length = tdb->transaction->last_block_size;
754 if (offset >= old_map_size) {
757 if (offset + length > tdb->transaction->old_map_size) {
758 TDB_LOG((tdb, TDB_DEBUG_FATAL, "tdb_transaction_setup_recovery: transaction data over new region boundary\n"));
760 tdb->ecode = TDB_ERR_CORRUPT;
763 memcpy(p, &offset, 4);
764 memcpy(p+4, &length, 4);
768 /* the recovery area contains the old data, not the
769 new data, so we have to call the original tdb_read
771 if (methods->tdb_read(tdb, offset, p + 8, length, 0) != 0) {
773 tdb->ecode = TDB_ERR_IO;
780 tailer = sizeof(*rec) + recovery_max_size;
781 memcpy(p, &tailer, 4);
784 /* write the recovery data to the recovery area */
785 if (methods->tdb_write(tdb, recovery_offset, data, sizeof(*rec) + recovery_size) == -1) {
786 TDB_LOG((tdb, TDB_DEBUG_FATAL, "tdb_transaction_setup_recovery: failed to write recovery data\n"));
788 tdb->ecode = TDB_ERR_IO;
791 if (transaction_write_existing(tdb, recovery_offset, data, sizeof(*rec) + recovery_size) == -1) {
792 TDB_LOG((tdb, TDB_DEBUG_FATAL, "tdb_transaction_setup_recovery: failed to write secondary recovery data\n"));
794 tdb->ecode = TDB_ERR_IO;
798 /* as we don't have ordered writes, we have to sync the recovery
799 data before we update the magic to indicate that the recovery
801 if (transaction_sync(tdb, recovery_offset, sizeof(*rec) + recovery_size) == -1) {
808 magic = TDB_RECOVERY_MAGIC;
811 *magic_offset = recovery_offset + offsetof(struct list_struct, magic);
813 if (methods->tdb_write(tdb, *magic_offset, &magic, sizeof(magic)) == -1) {
814 TDB_LOG((tdb, TDB_DEBUG_FATAL, "tdb_transaction_setup_recovery: failed to write recovery magic\n"));
815 tdb->ecode = TDB_ERR_IO;
818 if (transaction_write_existing(tdb, *magic_offset, &magic, sizeof(magic)) == -1) {
819 TDB_LOG((tdb, TDB_DEBUG_FATAL, "tdb_transaction_setup_recovery: failed to write secondary recovery magic\n"));
820 tdb->ecode = TDB_ERR_IO;
824 /* ensure the recovery magic marker is on disk */
825 if (transaction_sync(tdb, *magic_offset, sizeof(magic)) == -1) {
833 commit the current transaction
835 int tdb_transaction_commit(struct tdb_context *tdb)
837 const struct tdb_methods *methods;
838 tdb_off_t magic_offset = 0;
842 if (tdb->transaction == NULL) {
843 TDB_LOG((tdb, TDB_DEBUG_ERROR, "tdb_transaction_commit: no transaction\n"));
847 if (tdb->transaction->transaction_error) {
848 tdb->ecode = TDB_ERR_IO;
849 tdb_transaction_cancel(tdb);
850 TDB_LOG((tdb, TDB_DEBUG_ERROR, "tdb_transaction_commit: transaction error pending\n"));
855 if (tdb->transaction->nesting != 0) {
856 tdb->transaction->nesting--;
860 /* check for a null transaction */
861 if (tdb->transaction->blocks == NULL) {
862 tdb_transaction_cancel(tdb);
866 methods = tdb->transaction->io_methods;
868 /* if there are any locks pending then the caller has not
869 nested their locks properly, so fail the transaction */
870 if (tdb->num_locks || tdb->global_lock.count) {
871 tdb->ecode = TDB_ERR_LOCK;
872 TDB_LOG((tdb, TDB_DEBUG_ERROR, "tdb_transaction_commit: locks pending on commit\n"));
873 tdb_transaction_cancel(tdb);
877 /* upgrade the main transaction lock region to a write lock */
878 if (tdb_brlock_upgrade(tdb, FREELIST_TOP, 0) == -1) {
879 TDB_LOG((tdb, TDB_DEBUG_ERROR, "tdb_transaction_start: failed to upgrade hash locks\n"));
880 tdb->ecode = TDB_ERR_LOCK;
881 tdb_transaction_cancel(tdb);
885 /* get the global lock - this prevents new users attaching to the database
887 if (tdb_brlock(tdb, GLOBAL_LOCK, F_WRLCK, F_SETLKW, 0, 1) == -1) {
888 TDB_LOG((tdb, TDB_DEBUG_ERROR, "tdb_transaction_commit: failed to get global lock\n"));
889 tdb->ecode = TDB_ERR_LOCK;
890 tdb_transaction_cancel(tdb);
894 if (!(tdb->flags & TDB_NOSYNC)) {
895 /* write the recovery data to the end of the file */
896 if (transaction_setup_recovery(tdb, &magic_offset) == -1) {
897 TDB_LOG((tdb, TDB_DEBUG_FATAL, "tdb_transaction_commit: failed to setup recovery data\n"));
898 tdb_brlock(tdb, GLOBAL_LOCK, F_UNLCK, F_SETLKW, 0, 1);
899 tdb_transaction_cancel(tdb);
904 /* expand the file to the new size if needed */
905 if (tdb->map_size != tdb->transaction->old_map_size) {
906 if (methods->tdb_expand_file(tdb, tdb->transaction->old_map_size,
908 tdb->transaction->old_map_size) == -1) {
909 tdb->ecode = TDB_ERR_IO;
910 TDB_LOG((tdb, TDB_DEBUG_FATAL, "tdb_transaction_commit: expansion failed\n"));
911 tdb_brlock(tdb, GLOBAL_LOCK, F_UNLCK, F_SETLKW, 0, 1);
912 tdb_transaction_cancel(tdb);
915 tdb->map_size = tdb->transaction->old_map_size;
916 methods->tdb_oob(tdb, tdb->map_size + 1, 1);
919 /* perform all the writes */
920 for (i=0;i<tdb->transaction->num_blocks;i++) {
924 if (tdb->transaction->blocks[i] == NULL) {
928 offset = i * tdb->transaction->block_size;
929 length = tdb->transaction->block_size;
930 if (i == tdb->transaction->num_blocks-1) {
931 length = tdb->transaction->last_block_size;
934 if (methods->tdb_write(tdb, offset, tdb->transaction->blocks[i], length) == -1) {
935 TDB_LOG((tdb, TDB_DEBUG_FATAL, "tdb_transaction_commit: write failed during commit\n"));
937 /* we've overwritten part of the data and
938 possibly expanded the file, so we need to
939 run the crash recovery code */
940 tdb->methods = methods;
941 tdb_transaction_recover(tdb);
943 tdb_transaction_cancel(tdb);
944 tdb_brlock(tdb, GLOBAL_LOCK, F_UNLCK, F_SETLKW, 0, 1);
946 TDB_LOG((tdb, TDB_DEBUG_FATAL, "tdb_transaction_commit: write failed\n"));
949 SAFE_FREE(tdb->transaction->blocks[i]);
952 SAFE_FREE(tdb->transaction->blocks);
953 tdb->transaction->num_blocks = 0;
955 if (!(tdb->flags & TDB_NOSYNC)) {
956 /* ensure the new data is on disk */
957 if (transaction_sync(tdb, 0, tdb->map_size) == -1) {
961 /* remove the recovery marker */
962 if (methods->tdb_write(tdb, magic_offset, &zero, 4) == -1) {
963 TDB_LOG((tdb, TDB_DEBUG_FATAL, "tdb_transaction_commit: failed to remove recovery magic\n"));
967 /* ensure the recovery marker has been removed on disk */
968 if (transaction_sync(tdb, magic_offset, 4) == -1) {
973 tdb_brlock(tdb, GLOBAL_LOCK, F_UNLCK, F_SETLKW, 0, 1);
976 TODO: maybe write to some dummy hdr field, or write to magic
977 offset without mmap, before the last sync, instead of the
981 /* on some systems (like Linux 2.6.x) changes via mmap/msync
982 don't change the mtime of the file, this means the file may
983 not be backed up (as tdb rounding to block sizes means that
984 file size changes are quite rare too). The following forces
985 mtime changes when a transaction completes */
987 utime(tdb->name, NULL);
990 /* use a transaction cancel to free memory and remove the
992 tdb_transaction_cancel(tdb);
999 recover from an aborted transaction. Must be called with exclusive
1000 database write access already established (including the global
1001 lock to prevent new processes attaching)
1003 int tdb_transaction_recover(struct tdb_context *tdb)
1005 tdb_off_t recovery_head, recovery_eof;
1006 unsigned char *data, *p;
1008 struct list_struct rec;
1010 /* find the recovery area */
1011 if (tdb_ofs_read(tdb, TDB_RECOVERY_HEAD, &recovery_head) == -1) {
1012 TDB_LOG((tdb, TDB_DEBUG_FATAL, "tdb_transaction_recover: failed to read recovery head\n"));
1013 tdb->ecode = TDB_ERR_IO;
1017 if (recovery_head == 0) {
1018 /* we have never allocated a recovery record */
1022 /* read the recovery record */
1023 if (tdb->methods->tdb_read(tdb, recovery_head, &rec,
1024 sizeof(rec), DOCONV()) == -1) {
1025 TDB_LOG((tdb, TDB_DEBUG_FATAL, "tdb_transaction_recover: failed to read recovery record\n"));
1026 tdb->ecode = TDB_ERR_IO;
1030 if (rec.magic != TDB_RECOVERY_MAGIC) {
1031 /* there is no valid recovery data */
1035 if (tdb->read_only) {
1036 TDB_LOG((tdb, TDB_DEBUG_FATAL, "tdb_transaction_recover: attempt to recover read only database\n"));
1037 tdb->ecode = TDB_ERR_CORRUPT;
1041 recovery_eof = rec.key_len;
1043 data = (unsigned char *)malloc(rec.data_len);
1045 TDB_LOG((tdb, TDB_DEBUG_FATAL, "tdb_transaction_recover: failed to allocate recovery data\n"));
1046 tdb->ecode = TDB_ERR_OOM;
1050 /* read the full recovery data */
1051 if (tdb->methods->tdb_read(tdb, recovery_head + sizeof(rec), data,
1052 rec.data_len, 0) == -1) {
1053 TDB_LOG((tdb, TDB_DEBUG_FATAL, "tdb_transaction_recover: failed to read recovery data\n"));
1054 tdb->ecode = TDB_ERR_IO;
1058 /* recover the file data */
1060 while (p+8 < data + rec.data_len) {
1066 memcpy(&len, p+4, 4);
1068 if (tdb->methods->tdb_write(tdb, ofs, p+8, len) == -1) {
1070 TDB_LOG((tdb, TDB_DEBUG_FATAL, "tdb_transaction_recover: failed to recover %d bytes at offset %d\n", len, ofs));
1071 tdb->ecode = TDB_ERR_IO;
1079 if (transaction_sync(tdb, 0, tdb->map_size) == -1) {
1080 TDB_LOG((tdb, TDB_DEBUG_FATAL, "tdb_transaction_recover: failed to sync recovery\n"));
1081 tdb->ecode = TDB_ERR_IO;
1085 /* if the recovery area is after the recovered eof then remove it */
1086 if (recovery_eof <= recovery_head) {
1087 if (tdb_ofs_write(tdb, TDB_RECOVERY_HEAD, &zero) == -1) {
1088 TDB_LOG((tdb, TDB_DEBUG_FATAL, "tdb_transaction_recover: failed to remove recovery head\n"));
1089 tdb->ecode = TDB_ERR_IO;
1094 /* remove the recovery magic */
1095 if (tdb_ofs_write(tdb, recovery_head + offsetof(struct list_struct, magic),
1097 TDB_LOG((tdb, TDB_DEBUG_FATAL, "tdb_transaction_recover: failed to remove recovery magic\n"));
1098 tdb->ecode = TDB_ERR_IO;
1102 /* reduce the file size to the old size */
1104 if (ftruncate(tdb->fd, recovery_eof) != 0) {
1105 TDB_LOG((tdb, TDB_DEBUG_FATAL, "tdb_transaction_recover: failed to reduce to recovery size\n"));
1106 tdb->ecode = TDB_ERR_IO;
1109 tdb->map_size = recovery_eof;
1112 if (transaction_sync(tdb, 0, recovery_eof) == -1) {
1113 TDB_LOG((tdb, TDB_DEBUG_FATAL, "tdb_transaction_recover: failed to sync2 recovery\n"));
1114 tdb->ecode = TDB_ERR_IO;
1118 TDB_LOG((tdb, TDB_DEBUG_TRACE, "tdb_transaction_recover: recovered %d byte database\n",