search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
ntdb: allocator attribute.
[Samba/gbeck.git] / lib / ntdb / check.c
blob723e7b11bf0d66bf2f78794c3f46b33778994276
1 /*
2 Trivial Database 2: free list/block handling
3 Copyright (C) Rusty Russell 2010
4
5 This library is free software; you can redistribute it and/or
6 modify it under the terms of the GNU Lesser General Public
7 License as published by the Free Software Foundation; either
8 version 3 of the License, or (at your option) any later version.
9
10 This library is distributed in the hope that it will be useful,
11 but WITHOUT ANY WARRANTY; without even the implied warranty of
12 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
13 Lesser General Public License for more details.
14
15 You should have received a copy of the GNU Lesser General Public
16 License along with this library; if not, see <http://www.gnu.org/licenses/>.
17 */
18 #include "private.h"
19 #include <ccan/likely/likely.h>
20 #include <ccan/asearch/asearch.h>
21
22 /* We keep an ordered array of offsets. */
23 static bool append(struct ntdb_context *ntdb,
24 ntdb_off_t **arr, size_t *num, ntdb_off_t off)
25 {
26 ntdb_off_t *new;
27
28 if (*num == 0) {
29 new = ntdb->alloc_fn(ntdb, sizeof(ntdb_off_t), ntdb->alloc_data);
30 } else {
31 new = ntdb->expand_fn(*arr, (*num + 1) * sizeof(ntdb_off_t),
32 ntdb->alloc_data);
33 }
34 if (!new)
35 return false;
36 new[(*num)++] = off;
37 *arr = new;
38 return true;
39 }
40
41 static enum NTDB_ERROR check_header(struct ntdb_context *ntdb, ntdb_off_t *recovery,
42 uint64_t *features, size_t *num_capabilities)
43 {
44 uint64_t hash_test;
45 struct ntdb_header hdr;
46 enum NTDB_ERROR ecode;
47 ntdb_off_t off, next;
48
49 ecode = ntdb_read_convert(ntdb, 0, &hdr, sizeof(hdr));
50 if (ecode != NTDB_SUCCESS) {
51 return ecode;
52 }
53 /* magic food should not be converted, so convert back. */
54 ntdb_convert(ntdb, hdr.magic_food, sizeof(hdr.magic_food));
55
56 hash_test = NTDB_HASH_MAGIC;
57 hash_test = ntdb_hash(ntdb, &hash_test, sizeof(hash_test));
58 if (hdr.hash_test != hash_test) {
59 return ntdb_logerr(ntdb, NTDB_ERR_CORRUPT, NTDB_LOG_ERROR,
60 "check: hash test %llu should be %llu",
61 (long long)hdr.hash_test,
62 (long long)hash_test);
63 }
64
65 if (strcmp(hdr.magic_food, NTDB_MAGIC_FOOD) != 0) {
66 return ntdb_logerr(ntdb, NTDB_ERR_CORRUPT, NTDB_LOG_ERROR,
67 "check: bad magic '%.*s'",
68 (unsigned)sizeof(hdr.magic_food),
69 hdr.magic_food);
70 }
71
72 /* Features which are used must be a subset of features offered. */
73 if (hdr.features_used & ~hdr.features_offered) {
74 return ntdb_logerr(ntdb, NTDB_ERR_CORRUPT, NTDB_LOG_ERROR,
75 "check: features used (0x%llx) which"
76 " are not offered (0x%llx)",
77 (long long)hdr.features_used,
78 (long long)hdr.features_offered);
79 }
80
81 *features = hdr.features_offered;
82 *recovery = hdr.recovery;
83 if (*recovery) {
84 if (*recovery < sizeof(hdr)
85 || *recovery > ntdb->file->map_size) {
86 return ntdb_logerr(ntdb, NTDB_ERR_CORRUPT, NTDB_LOG_ERROR,
87 "ntdb_check:"
88 " invalid recovery offset %zu",
89 (size_t)*recovery);
90 }
91 }
92
93 for (off = hdr.capabilities; off && ecode == NTDB_SUCCESS; off = next) {
94 const struct ntdb_capability *cap;
95 enum NTDB_ERROR e;
96
97 cap = ntdb_access_read(ntdb, off, sizeof(*cap), true);
98 if (NTDB_PTR_IS_ERR(cap)) {
99 return NTDB_PTR_ERR(cap);
100 }
101
102 /* All capabilities are unknown. */
103 e = unknown_capability(ntdb, "ntdb_check", cap->type);
104 next = cap->next;
105 ntdb_access_release(ntdb, cap);
106 if (e)
107 return e;
108 (*num_capabilities)++;
109 }
110
111 /* Don't check reserved: they *can* be used later. */
112 return NTDB_SUCCESS;
113 }
114
115 static enum NTDB_ERROR check_hash_tree(struct ntdb_context *ntdb,
116 ntdb_off_t off, unsigned int group_bits,
117 uint64_t hprefix,
118 unsigned hprefix_bits,
119 ntdb_off_t used[],
120 size_t num_used,
121 size_t *num_found,
122 enum NTDB_ERROR (*check)(NTDB_DATA,
123 NTDB_DATA, void *),
124 void *data);
125
126 static enum NTDB_ERROR check_hash_chain(struct ntdb_context *ntdb,
127 ntdb_off_t off,
128 uint64_t hash,
129 ntdb_off_t used[],
130 size_t num_used,
131 size_t *num_found,
132 enum NTDB_ERROR (*check)(NTDB_DATA,
133 NTDB_DATA,
134 void *),
135 void *data)
136 {
137 struct ntdb_used_record rec;
138 enum NTDB_ERROR ecode;
139
140 ecode = ntdb_read_convert(ntdb, off, &rec, sizeof(rec));
141 if (ecode != NTDB_SUCCESS) {
142 return ecode;
143 }
144
145 if (rec_magic(&rec) != NTDB_CHAIN_MAGIC) {
146 return ntdb_logerr(ntdb, NTDB_ERR_CORRUPT, NTDB_LOG_ERROR,
147 "ntdb_check: Bad hash chain magic %llu",
148 (long long)rec_magic(&rec));
149 }
150
151 if (rec_data_length(&rec) != sizeof(struct ntdb_chain)) {
152 return ntdb_logerr(ntdb, NTDB_ERR_CORRUPT, NTDB_LOG_ERROR,
153 "ntdb_check:"
154 " Bad hash chain length %llu vs %zu",
155 (long long)rec_data_length(&rec),
156 sizeof(struct ntdb_chain));
157 }
158 if (rec_key_length(&rec) != 0) {
159 return ntdb_logerr(ntdb, NTDB_ERR_CORRUPT, NTDB_LOG_ERROR,
160 "ntdb_check: Bad hash chain key length %llu",
161 (long long)rec_key_length(&rec));
162 }
163 if (rec_hash(&rec) != 0) {
164 return ntdb_logerr(ntdb, NTDB_ERR_CORRUPT, NTDB_LOG_ERROR,
165 "ntdb_check: Bad hash chain hash value %llu",
166 (long long)rec_hash(&rec));
167 }
168
169 off += sizeof(rec);
170 ecode = check_hash_tree(ntdb, off, 0, hash, 64,
171 used, num_used, num_found, check, data);
172 if (ecode != NTDB_SUCCESS) {
173 return ecode;
174 }
175
176 off = ntdb_read_off(ntdb, off + offsetof(struct ntdb_chain, next));
177 if (NTDB_OFF_IS_ERR(off)) {
178 return NTDB_OFF_TO_ERR(off);
179 }
180 if (off == 0)
181 return NTDB_SUCCESS;
182 (*num_found)++;
183 return check_hash_chain(ntdb, off, hash, used, num_used, num_found,
184 check, data);
185 }
186
187 static enum NTDB_ERROR check_hash_record(struct ntdb_context *ntdb,
188 ntdb_off_t off,
189 uint64_t hprefix,
190 unsigned hprefix_bits,
191 ntdb_off_t used[],
192 size_t num_used,
193 size_t *num_found,
194 enum NTDB_ERROR (*check)(NTDB_DATA,
195 NTDB_DATA,
196 void *),
197 void *data)
198 {
199 struct ntdb_used_record rec;
200 enum NTDB_ERROR ecode;
201
202 if (hprefix_bits >= 64)
203 return check_hash_chain(ntdb, off, hprefix, used, num_used,
204 num_found, check, data);
205
206 ecode = ntdb_read_convert(ntdb, off, &rec, sizeof(rec));
207 if (ecode != NTDB_SUCCESS) {
208 return ecode;
209 }
210
211 if (rec_magic(&rec) != NTDB_HTABLE_MAGIC) {
212 return ntdb_logerr(ntdb, NTDB_ERR_CORRUPT, NTDB_LOG_ERROR,
213 "ntdb_check: Bad hash table magic %llu",
214 (long long)rec_magic(&rec));
215 }
216 if (rec_data_length(&rec)
217 != sizeof(ntdb_off_t) << NTDB_SUBLEVEL_HASH_BITS) {
218 return ntdb_logerr(ntdb, NTDB_ERR_CORRUPT, NTDB_LOG_ERROR,
219 "ntdb_check:"
220 " Bad hash table length %llu vs %llu",
221 (long long)rec_data_length(&rec),
222 (long long)sizeof(ntdb_off_t)
223 << NTDB_SUBLEVEL_HASH_BITS);
224 }
225 if (rec_key_length(&rec) != 0) {
226 return ntdb_logerr(ntdb, NTDB_ERR_CORRUPT, NTDB_LOG_ERROR,
227 "ntdb_check: Bad hash table key length %llu",
228 (long long)rec_key_length(&rec));
229 }
230 if (rec_hash(&rec) != 0) {
231 return ntdb_logerr(ntdb, NTDB_ERR_CORRUPT, NTDB_LOG_ERROR,
232 "ntdb_check: Bad hash table hash value %llu",
233 (long long)rec_hash(&rec));
234 }
235
236 off += sizeof(rec);
237 return check_hash_tree(ntdb, off,
238 NTDB_SUBLEVEL_HASH_BITS-NTDB_HASH_GROUP_BITS,
239 hprefix, hprefix_bits,
240 used, num_used, num_found, check, data);
241 }
242
243 static int off_cmp(const ntdb_off_t *a, const ntdb_off_t *b)
244 {
245 /* Can overflow an int. */
246 return *a > *b ? 1
247 : *a < *b ? -1
248 : 0;
249 }
250
251 static uint64_t get_bits(uint64_t h, unsigned num, unsigned *used)
252 {
253 *used += num;
254
255 return (h >> (64 - *used)) & ((1U << num) - 1);
256 }
257
258 static enum NTDB_ERROR check_hash_tree(struct ntdb_context *ntdb,
259 ntdb_off_t off, unsigned int group_bits,
260 uint64_t hprefix,
261 unsigned hprefix_bits,
262 ntdb_off_t used[],
263 size_t num_used,
264 size_t *num_found,
265 enum NTDB_ERROR (*check)(NTDB_DATA,
266 NTDB_DATA, void *),
267 void *data)
268 {
269 unsigned int g, b;
270 const ntdb_off_t *hash;
271 struct ntdb_used_record rec;
272 enum NTDB_ERROR ecode;
273
274 hash = ntdb_access_read(ntdb, off,
275 sizeof(ntdb_off_t)
276 << (group_bits + NTDB_HASH_GROUP_BITS),
277 true);
278 if (NTDB_PTR_IS_ERR(hash)) {
279 return NTDB_PTR_ERR(hash);
280 }
281
282 for (g = 0; g < (1 << group_bits); g++) {
283 const ntdb_off_t *group = hash + (g << NTDB_HASH_GROUP_BITS);
284 for (b = 0; b < (1 << NTDB_HASH_GROUP_BITS); b++) {
285 unsigned int bucket, i, used_bits;
286 uint64_t h;
287 ntdb_off_t *p;
288 if (group[b] == 0)
289 continue;
290
291 off = group[b] & NTDB_OFF_MASK;
292 p = asearch(&off, used, num_used, off_cmp);
293 if (!p) {
294 ecode = ntdb_logerr(ntdb, NTDB_ERR_CORRUPT,
295 NTDB_LOG_ERROR,
296 "ntdb_check: Invalid offset"
297 " %llu in hash",
298 (long long)off);
299 goto fail;
300 }
301 /* Mark it invalid. */
302 *p ^= 1;
303 (*num_found)++;
304
305 if (hprefix_bits == 64) {
306 /* Chained entries are unordered. */
307 if (is_subhash(group[b])) {
308 ecode = NTDB_ERR_CORRUPT;
309 ntdb_logerr(ntdb, ecode,
310 NTDB_LOG_ERROR,
311 "ntdb_check: Invalid chain"
312 " entry subhash");
313 goto fail;
314 }
315 h = hash_record(ntdb, off);
316 if (h != hprefix) {
317 ecode = NTDB_ERR_CORRUPT;
318 ntdb_logerr(ntdb, ecode,
319 NTDB_LOG_ERROR,
320 "check: bad hash chain"
321 " placement"
322 " 0x%llx vs 0x%llx",
323 (long long)h,
324 (long long)hprefix);
325 goto fail;
326 }
327 ecode = ntdb_read_convert(ntdb, off, &rec,
328 sizeof(rec));
329 if (ecode != NTDB_SUCCESS) {
330 goto fail;
331 }
332 goto check;
333 }
334
335 if (is_subhash(group[b])) {
336 uint64_t subprefix;
337 subprefix = (hprefix
338 << (group_bits + NTDB_HASH_GROUP_BITS))
339 + g * (1 << NTDB_HASH_GROUP_BITS) + b;
340
341 ecode = check_hash_record(ntdb,
342 group[b] & NTDB_OFF_MASK,
343 subprefix,
344 hprefix_bits
345 + group_bits
346 + NTDB_HASH_GROUP_BITS,
347 used, num_used, num_found,
348 check, data);
349 if (ecode != NTDB_SUCCESS) {
350 goto fail;
351 }
352 continue;
353 }
354 /* A normal entry */
355
356 /* Does it belong here at all? */
357 h = hash_record(ntdb, off);
358 used_bits = 0;
359 if (get_bits(h, hprefix_bits, &used_bits) != hprefix
360 && hprefix_bits) {
361 ecode = ntdb_logerr(ntdb, NTDB_ERR_CORRUPT,
362 NTDB_LOG_ERROR,
363 "check: bad hash placement"
364 " 0x%llx vs 0x%llx",
365 (long long)h,
366 (long long)hprefix);
367 goto fail;
368 }
369
370 /* Does it belong in this group? */
371 if (get_bits(h, group_bits, &used_bits) != g) {
372 ecode = ntdb_logerr(ntdb, NTDB_ERR_CORRUPT,
373 NTDB_LOG_ERROR,
374 "check: bad group %llu"
375 " vs %u",
376 (long long)h, g);
377 goto fail;
378 }
379
380 /* Are bucket bits correct? */
381 bucket = group[b] & NTDB_OFF_HASH_GROUP_MASK;
382 if (get_bits(h, NTDB_HASH_GROUP_BITS, &used_bits)
383 != bucket) {
384 used_bits -= NTDB_HASH_GROUP_BITS;
385 ecode = ntdb_logerr(ntdb, NTDB_ERR_CORRUPT,
386 NTDB_LOG_ERROR,
387 "check: bad bucket %u vs %u",
388 (unsigned)get_bits(h,
389 NTDB_HASH_GROUP_BITS,
390 &used_bits),
391 bucket);
392 goto fail;
393 }
394
395 /* There must not be any zero entries between
396 * the bucket it belongs in and this one! */
397 for (i = bucket;
398 i != b;
399 i = (i + 1) % (1 << NTDB_HASH_GROUP_BITS)) {
400 if (group[i] == 0) {
401 ecode = NTDB_ERR_CORRUPT;
402 ntdb_logerr(ntdb, ecode,
403 NTDB_LOG_ERROR,
404 "check: bad group placement"
405 " %u vs %u",
406 b, bucket);
407 goto fail;
408 }
409 }
410
411 ecode = ntdb_read_convert(ntdb, off, &rec, sizeof(rec));
412 if (ecode != NTDB_SUCCESS) {
413 goto fail;
414 }
415
416 /* Bottom bits must match header. */
417 if ((h & ((1 << 11)-1)) != rec_hash(&rec)) {
418 ecode = ntdb_logerr(ntdb, NTDB_ERR_CORRUPT,
419 NTDB_LOG_ERROR,
420 "ntdb_check: Bad hash magic"
421 " at offset %llu"
422 " (0x%llx vs 0x%llx)",
423 (long long)off,
424 (long long)h,
425 (long long)rec_hash(&rec));
426 goto fail;
427 }
428
429 check:
430 if (check) {
431 NTDB_DATA k, d;
432 const unsigned char *kptr;
433
434 kptr = ntdb_access_read(ntdb,
435 off + sizeof(rec),
436 rec_key_length(&rec)
437 + rec_data_length(&rec),
438 false);
439 if (NTDB_PTR_IS_ERR(kptr)) {
440 ecode = NTDB_PTR_ERR(kptr);
441 goto fail;
442 }
443
444 k = ntdb_mkdata(kptr, rec_key_length(&rec));
445 d = ntdb_mkdata(kptr + k.dsize,
446 rec_data_length(&rec));
447 ecode = check(k, d, data);
448 ntdb_access_release(ntdb, kptr);
449 if (ecode != NTDB_SUCCESS) {
450 goto fail;
451 }
452 }
453 }
454 }
455 ntdb_access_release(ntdb, hash);
456 return NTDB_SUCCESS;
457
458 fail:
459 ntdb_access_release(ntdb, hash);
460 return ecode;
461 }
462
463 static enum NTDB_ERROR check_hash(struct ntdb_context *ntdb,
464 ntdb_off_t used[],
465 size_t num_used, size_t num_other_used,
466 enum NTDB_ERROR (*check)(NTDB_DATA, NTDB_DATA, void *),
467 void *data)
468 {
469 /* Free tables and capabilities also show up as used. */
470 size_t num_found = num_other_used;
471 enum NTDB_ERROR ecode;
472
473 ecode = check_hash_tree(ntdb, offsetof(struct ntdb_header, hashtable),
474 NTDB_TOPLEVEL_HASH_BITS-NTDB_HASH_GROUP_BITS,
475 0, 0, used, num_used, &num_found,
476 check, data);
477 if (ecode == NTDB_SUCCESS) {
478 if (num_found != num_used) {
479 ecode = ntdb_logerr(ntdb, NTDB_ERR_CORRUPT, NTDB_LOG_ERROR,
480 "ntdb_check: Not all entries"
481 " are in hash");
482 }
483 }
484 return ecode;
485 }
486
487 static enum NTDB_ERROR check_free(struct ntdb_context *ntdb,
488 ntdb_off_t off,
489 const struct ntdb_free_record *frec,
490 ntdb_off_t prev, unsigned int ftable,
491 unsigned int bucket)
492 {
493 enum NTDB_ERROR ecode;
494
495 if (frec_magic(frec) != NTDB_FREE_MAGIC) {
496 return ntdb_logerr(ntdb, NTDB_ERR_CORRUPT, NTDB_LOG_ERROR,
497 "ntdb_check: offset %llu bad magic 0x%llx",
498 (long long)off,
499 (long long)frec->magic_and_prev);
500 }
501 if (frec_ftable(frec) != ftable) {
502 return ntdb_logerr(ntdb, NTDB_ERR_CORRUPT, NTDB_LOG_ERROR,
503 "ntdb_check: offset %llu bad freetable %u",
504 (long long)off, frec_ftable(frec));
505
506 }
507
508 ecode = ntdb->io->oob(ntdb, off,
509 frec_len(frec)
510 + sizeof(struct ntdb_used_record),
511 false);
512 if (ecode != NTDB_SUCCESS) {
513 return ecode;
514 }
515 if (size_to_bucket(frec_len(frec)) != bucket) {
516 return ntdb_logerr(ntdb, NTDB_ERR_CORRUPT, NTDB_LOG_ERROR,
517 "ntdb_check: offset %llu in wrong bucket"
518 " (%u vs %u)",
519 (long long)off,
520 bucket, size_to_bucket(frec_len(frec)));
521 }
522 if (prev && prev != frec_prev(frec)) {
523 return ntdb_logerr(ntdb, NTDB_ERR_CORRUPT, NTDB_LOG_ERROR,
524 "ntdb_check: offset %llu bad prev"
525 " (%llu vs %llu)",
526 (long long)off,
527 (long long)prev, (long long)frec_len(frec));
528 }
529 return NTDB_SUCCESS;
530 }
531
532 static enum NTDB_ERROR check_free_table(struct ntdb_context *ntdb,
533 ntdb_off_t ftable_off,
534 unsigned ftable_num,
535 ntdb_off_t fr[],
536 size_t num_free,
537 size_t *num_found)
538 {
539 struct ntdb_freetable ft;
540 ntdb_off_t h;
541 unsigned int i;
542 enum NTDB_ERROR ecode;
543
544 ecode = ntdb_read_convert(ntdb, ftable_off, &ft, sizeof(ft));
545 if (ecode != NTDB_SUCCESS) {
546 return ecode;
547 }
548
549 if (rec_magic(&ft.hdr) != NTDB_FTABLE_MAGIC
550 || rec_key_length(&ft.hdr) != 0
551 || rec_data_length(&ft.hdr) != sizeof(ft) - sizeof(ft.hdr)
552 || rec_hash(&ft.hdr) != 0) {
553 return ntdb_logerr(ntdb, NTDB_ERR_CORRUPT, NTDB_LOG_ERROR,
554 "ntdb_check: Invalid header on free table");
555 }
556
557 for (i = 0; i < NTDB_FREE_BUCKETS; i++) {
558 ntdb_off_t off, prev = 0, *p, first = 0;
559 struct ntdb_free_record f;
560
561 h = bucket_off(ftable_off, i);
562 for (off = ntdb_read_off(ntdb, h); off; off = f.next) {
563 if (NTDB_OFF_IS_ERR(off)) {
564 return NTDB_OFF_TO_ERR(off);
565 }
566 if (!first) {
567 off &= NTDB_OFF_MASK;
568 first = off;
569 }
570 ecode = ntdb_read_convert(ntdb, off, &f, sizeof(f));
571 if (ecode != NTDB_SUCCESS) {
572 return ecode;
573 }
574 ecode = check_free(ntdb, off, &f, prev, ftable_num, i);
575 if (ecode != NTDB_SUCCESS) {
576 return ecode;
577 }
578
579 /* FIXME: Check hash bits */
580 p = asearch(&off, fr, num_free, off_cmp);
581 if (!p) {
582 return ntdb_logerr(ntdb, NTDB_ERR_CORRUPT,
583 NTDB_LOG_ERROR,
584 "ntdb_check: Invalid offset"
585 " %llu in free table",
586 (long long)off);
587 }
588 /* Mark it invalid. */
589 *p ^= 1;
590 (*num_found)++;
591 prev = off;
592 }
593
594 if (first) {
595 /* Now we can check first back pointer. */
596 ecode = ntdb_read_convert(ntdb, first, &f, sizeof(f));
597 if (ecode != NTDB_SUCCESS) {
598 return ecode;
599 }
600 ecode = check_free(ntdb, first, &f, prev, ftable_num, i);
601 if (ecode != NTDB_SUCCESS) {
602 return ecode;
603 }
604 }
605 }
606 return NTDB_SUCCESS;
607 }
608
609 /* Slow, but should be very rare. */
610 ntdb_off_t dead_space(struct ntdb_context *ntdb, ntdb_off_t off)
611 {
612 size_t len;
613 enum NTDB_ERROR ecode;
614
615 for (len = 0; off + len < ntdb->file->map_size; len++) {
616 char c;
617 ecode = ntdb->io->tread(ntdb, off, &c, 1);
618 if (ecode != NTDB_SUCCESS) {
619 return NTDB_ERR_TO_OFF(ecode);
620 }
621 if (c != 0 && c != 0x43)
622 break;
623 }
624 return len;
625 }
626
627 static enum NTDB_ERROR check_linear(struct ntdb_context *ntdb,
628 ntdb_off_t **used, size_t *num_used,
629 ntdb_off_t **fr, size_t *num_free,
630 uint64_t features, ntdb_off_t recovery)
631 {
632 ntdb_off_t off;
633 ntdb_len_t len;
634 enum NTDB_ERROR ecode;
635 bool found_recovery = false;
636
637 for (off = sizeof(struct ntdb_header);
638 off < ntdb->file->map_size;
639 off += len) {
640 union {
641 struct ntdb_used_record u;
642 struct ntdb_free_record f;
643 struct ntdb_recovery_record r;
644 } rec;
645 /* r is larger: only get that if we need to. */
646 ecode = ntdb_read_convert(ntdb, off, &rec, sizeof(rec.f));
647 if (ecode != NTDB_SUCCESS) {
648 return ecode;
649 }
650
651 /* If we crash after ftruncate, we can get zeroes or fill. */
652 if (rec.r.magic == NTDB_RECOVERY_INVALID_MAGIC
653 || rec.r.magic == 0x4343434343434343ULL) {
654 ecode = ntdb_read_convert(ntdb, off, &rec, sizeof(rec.r));
655 if (ecode != NTDB_SUCCESS) {
656 return ecode;
657 }
658 if (recovery == off) {
659 found_recovery = true;
660 len = sizeof(rec.r) + rec.r.max_len;
661 } else {
662 len = dead_space(ntdb, off);
663 if (NTDB_OFF_IS_ERR(len)) {
664 return NTDB_OFF_TO_ERR(len);
665 }
666 if (len < sizeof(rec.r)) {
667 return ntdb_logerr(ntdb, NTDB_ERR_CORRUPT,
668 NTDB_LOG_ERROR,
669 "ntdb_check: invalid"
670 " dead space at %zu",
671 (size_t)off);
672 }
673
674 ntdb_logerr(ntdb, NTDB_SUCCESS, NTDB_LOG_WARNING,
675 "Dead space at %zu-%zu (of %zu)",
676 (size_t)off, (size_t)(off + len),
677 (size_t)ntdb->file->map_size);
678 }
679 } else if (rec.r.magic == NTDB_RECOVERY_MAGIC) {
680 ecode = ntdb_read_convert(ntdb, off, &rec, sizeof(rec.r));
681 if (ecode != NTDB_SUCCESS) {
682 return ecode;
683 }
684 if (recovery != off) {
685 return ntdb_logerr(ntdb, NTDB_ERR_CORRUPT,
686 NTDB_LOG_ERROR,
687 "ntdb_check: unexpected"
688 " recovery record at offset"
689 " %zu",
690 (size_t)off);
691 }
692 if (rec.r.len > rec.r.max_len) {
693 return ntdb_logerr(ntdb, NTDB_ERR_CORRUPT,
694 NTDB_LOG_ERROR,
695 "ntdb_check: invalid recovery"
696 " length %zu",
697 (size_t)rec.r.len);
698 }
699 if (rec.r.eof > ntdb->file->map_size) {
700 return ntdb_logerr(ntdb, NTDB_ERR_CORRUPT,
701 NTDB_LOG_ERROR,
702 "ntdb_check: invalid old EOF"
703 " %zu", (size_t)rec.r.eof);
704 }
705 found_recovery = true;
706 len = sizeof(rec.r) + rec.r.max_len;
707 } else if (frec_magic(&rec.f) == NTDB_FREE_MAGIC) {
708 len = sizeof(rec.u) + frec_len(&rec.f);
709 if (off + len > ntdb->file->map_size) {
710 return ntdb_logerr(ntdb, NTDB_ERR_CORRUPT,
711 NTDB_LOG_ERROR,
712 "ntdb_check: free overlength"
713 " %llu at offset %llu",
714 (long long)len,
715 (long long)off);
716 }
717 /* This record should be in free lists. */
718 if (frec_ftable(&rec.f) != NTDB_FTABLE_NONE
719 && !append(ntdb, fr, num_free, off)) {
720 return ntdb_logerr(ntdb, NTDB_ERR_OOM,
721 NTDB_LOG_ERROR,
722 "ntdb_check: tracking %zu'th"
723 " free record.", *num_free);
724 }
725 } else if (rec_magic(&rec.u) == NTDB_USED_MAGIC
726 || rec_magic(&rec.u) == NTDB_CHAIN_MAGIC
727 || rec_magic(&rec.u) == NTDB_HTABLE_MAGIC
728 || rec_magic(&rec.u) == NTDB_FTABLE_MAGIC
729 || rec_magic(&rec.u) == NTDB_CAP_MAGIC) {
730 uint64_t klen, dlen, extra;
731
732 /* This record is used! */
733 if (!append(ntdb, used, num_used, off)) {
734 return ntdb_logerr(ntdb, NTDB_ERR_OOM,
735 NTDB_LOG_ERROR,
736 "ntdb_check: tracking %zu'th"
737 " used record.", *num_used);
738 }
739
740 klen = rec_key_length(&rec.u);
741 dlen = rec_data_length(&rec.u);
742 extra = rec_extra_padding(&rec.u);
743
744 len = sizeof(rec.u) + klen + dlen + extra;
745 if (off + len > ntdb->file->map_size) {
746 return ntdb_logerr(ntdb, NTDB_ERR_CORRUPT,
747 NTDB_LOG_ERROR,
748 "ntdb_check: used overlength"
749 " %llu at offset %llu",
750 (long long)len,
751 (long long)off);
752 }
753
754 if (len < sizeof(rec.f)) {
755 return ntdb_logerr(ntdb, NTDB_ERR_CORRUPT,
756 NTDB_LOG_ERROR,
757 "ntdb_check: too short record"
758 " %llu at %llu",
759 (long long)len,
760 (long long)off);
761 }
762
763 /* Check that records have correct 0 at end (but may
764 * not in future). */
765 if (extra && !features
766 && rec_magic(&rec.u) != NTDB_CAP_MAGIC) {
767 const char *p;
768 char c;
769 p = ntdb_access_read(ntdb, off + sizeof(rec.u)
770 + klen + dlen, 1, false);
771 if (NTDB_PTR_IS_ERR(p))
772 return NTDB_PTR_ERR(p);
773 c = *p;
774 ntdb_access_release(ntdb, p);
775
776 if (c != '\0') {
777 return ntdb_logerr(ntdb, NTDB_ERR_CORRUPT,
778 NTDB_LOG_ERROR,
779 "ntdb_check:"
780 " non-zero extra"
781 " at %llu",
782 (long long)off);
783 }
784 }
785 } else {
786 return ntdb_logerr(ntdb, NTDB_ERR_CORRUPT,
787 NTDB_LOG_ERROR,
788 "ntdb_check: Bad magic 0x%llx"
789 " at offset %zu",
790 (long long)rec_magic(&rec.u),
791 (size_t)off);
792 }
793 }
794
795 /* We must have found recovery area if there was one. */
796 if (recovery != 0 && !found_recovery) {
797 return ntdb_logerr(ntdb, NTDB_ERR_CORRUPT, NTDB_LOG_ERROR,
798 "ntdb_check: expected a recovery area at %zu",
799 (size_t)recovery);
800 }
801
802 return NTDB_SUCCESS;
803 }
804
805 _PUBLIC_ enum NTDB_ERROR ntdb_check_(struct ntdb_context *ntdb,
806 enum NTDB_ERROR (*check)(NTDB_DATA, NTDB_DATA, void *),
807 void *data)
808 {
809 ntdb_off_t *fr = NULL, *used = NULL, ft, recovery;
810 size_t num_free = 0, num_used = 0, num_found = 0, num_ftables = 0,
811 num_capabilities = 0;
812 uint64_t features;
813 enum NTDB_ERROR ecode;
814
815 if (ntdb->flags & NTDB_CANT_CHECK) {
816 return ntdb_logerr(ntdb, NTDB_SUCCESS, NTDB_LOG_WARNING,
817 "ntdb_check: database has unknown capability,"
818 " cannot check.");
819 }
820
821 ecode = ntdb_allrecord_lock(ntdb, F_RDLCK, NTDB_LOCK_WAIT, false);
822 if (ecode != NTDB_SUCCESS) {
823 return ecode;
824 }
825
826 ecode = ntdb_lock_expand(ntdb, F_RDLCK);
827 if (ecode != NTDB_SUCCESS) {
828 ntdb_allrecord_unlock(ntdb, F_RDLCK);
829 return ecode;
830 }
831
832 ecode = check_header(ntdb, &recovery, &features, &num_capabilities);
833 if (ecode != NTDB_SUCCESS)
834 goto out;
835
836 /* First we do a linear scan, checking all records. */
837 ecode = check_linear(ntdb, &used, &num_used, &fr, &num_free, features,
838 recovery);
839 if (ecode != NTDB_SUCCESS)
840 goto out;
841
842 for (ft = first_ftable(ntdb); ft; ft = next_ftable(ntdb, ft)) {
843 if (NTDB_OFF_IS_ERR(ft)) {
844 ecode = NTDB_OFF_TO_ERR(ft);
845 goto out;
846 }
847 ecode = check_free_table(ntdb, ft, num_ftables, fr, num_free,
848 &num_found);
849 if (ecode != NTDB_SUCCESS)
850 goto out;
851 num_ftables++;
852 }
853
854 /* FIXME: Check key uniqueness? */
855 ecode = check_hash(ntdb, used, num_used, num_ftables + num_capabilities,
856 check, data);
857 if (ecode != NTDB_SUCCESS)
858 goto out;
859
860 if (num_found != num_free) {
861 ecode = ntdb_logerr(ntdb, NTDB_ERR_CORRUPT, NTDB_LOG_ERROR,
862 "ntdb_check: Not all entries are in"
863 " free table");
864 }
865
866 out:
867 ntdb_allrecord_unlock(ntdb, F_RDLCK);
868 ntdb_unlock_expand(ntdb, F_RDLCK);
869 ntdb->free_fn(fr, ntdb->alloc_data);
870 ntdb->free_fn(used, ntdb->alloc_data);
871 return ecode;
872 }
WIP