| blob | cb3a8d3743975362414dbbbec7c8b1d589ad534e |
1 /** @file flint_lock.cc
2 * @brief Flint-compatible database locking.
3 */
4 /* Copyright (C) 2005,2006,2007,2008,2009,2010,2011,2012,2013,2014,2015 Olly Betts
5 *
6 * This program is free software; you can redistribute it and/or
7 * modify it under the terms of the GNU General Public License as
8 * published by the Free Software Foundation; either version 2 of the
9 * License, or (at your option) any later version.
10 *
11 * This program is distributed in the hope that it will be useful,
12 * but WITHOUT ANY WARRANTY; without even the implied warranty of
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14 * GNU General Public License for more details.
15 *
16 * You should have received a copy of the GNU General Public License
17 * along with this program; if not, write to the Free Software
18 * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301
19 * USA
20 */
22 #include <config.h>
26 #ifndef __WIN32__
30 #include <unistd.h>
31 #include <cstdlib>
32 #include <sys/types.h>
34 #include <sys/wait.h>
35 #include <signal.h>
36 #include <cstring>
37 #endif
43 #ifdef __CYGWIN__
44 # include <cygwin/version.h>
45 # include <sys/cygwin.h>
46 #endif
48 #ifdef FLINTLOCK_USE_FLOCK
49 # include <sys/file.h>
50 #endif
56 #ifndef F_OFD_SETLK
57 # ifdef __linux__
58 // Apparently defining _GNU_SOURCE should get us F_OFD_SETLK, etc, but that
59 // doesn't actually seem to work, so hard-code the known values.
60 # define F_OFD_GETLK 36
61 # define F_OFD_SETLK 37
62 # define F_OFD_SETLKW 38
63 # endif
64 #endif
68 // Currently we only support exclusive locks.
71 #if defined __CYGWIN__ || defined __WIN32__
73 #ifdef __CYGWIN__
75 #if CYGWIN_VERSION_API_MAJOR == 0 && CYGWIN_VERSION_API_MINOR < 181
77 #else
83 }
84 #endif
85 #else
87 #endif
88 retry:
89 // FIXME: Use LockFileEx() for locking, which would allow proper blocking
90 // and also byte-range locking for when we implement MVCC. But is there a
91 // way to interwork with the CreateFile()-based locking while doing so?
99 }
101 }
104 #elif defined FLINTLOCK_USE_FLOCK
105 // This is much simpler than using fcntl() due to saner semantics around
106 // releasing locks when closing other descriptors on the same file (at
107 // least on platforms where flock() isn't just a compatibility wrapper
108 // around fcntl()). We can't simply switch to this without breaking
109 // locking compatibility with previous releases, though it might be useful
110 // for porting to platforms without fcntl() locking. Also, flock()
111 // apparently doesn't work over NFS - perhaps that's OK, but we should at
112 // least check the failure mode.
116 // Couldn't open lockfile.
120 }
126 // Lock failed - translate known errno values into a reason code.
135 }
136 }
137 }
141 #else
143 #if defined F_SETFD && defined FD_CLOEXEC
145 #else
147 #endif
149 // Couldn't open lockfile.
153 }
155 #ifdef F_OFD_SETLK
156 // F_OFD_SETLK has exactly the semantics we want, so use it if it's
157 // available. Support was added in Linux 3.15, and there's work on
158 // getting it standardised via POSIX:
159 // http://austingroupbugs.net/view.php?id=768
161 // Use a static flag so we don't repeatedly try F_OFD_SETLK when
162 // the kernel in use doesn't support it. This should be safe in a
163 // threaded context - at worst multiple threads might end up trying
164 // F_OFD_SETLK and then setting f_ofd_setlk_fails to true.
176 // F_OFD_SETLK not supported by this kernel.
178 }
179 // Lock failed - translate known errno values into a reason
180 // code.
190 }
191 }
192 }
196 no_ofd_support:
198 }
199 #endif
201 // If stdin and/or stdout have been closed, it is possible that lockfd could
202 // be 0 or 1. We need fds 0 and 1 to be available in the child process to
203 // be stdin and stdout, and we can't use dup() on lockfd after locking it,
204 // as the lock won't be transferred, so we handle this corner case here by
205 // using F_DUPFD or by calling dup() once or twice so that lockfd >= 2.
207 // Note this temporarily requires one or two spare fds to work, but
208 // then we need two spare for socketpair() to succeed below anyway.
209 #ifdef F_DUPFD
210 // Where available, F_DUPFD allows us to directly get the first unused
211 // fd which is at least 2.
217 }
219 #else
220 // Otherwise we have to call dup() until we get one, though at least
221 // that's only at most twice.
232 }
236 }
239 }
243 }
244 #endif
245 }
249 // Couldn't create socketpair.
255 }
260 // Child process.
263 #if defined F_SETFD && defined FD_CLOEXEC
264 // Clear close-on-exec flag, if we set it when we called socketpair().
265 // Clearing it here means there's no window where another thread in the
266 // parent process could fork()+exec() and end up with this fd still
267 // open (assuming close-on-exec is supported).
268 //
269 // We can't use a preprocessor check on the *value* of SOCK_CLOEXEC as
270 // on Linux SOCK_CLOEXEC is an enum, with '#define SOCK_CLOEXEC
271 // SOCK_CLOEXEC' to allow '#ifdef SOCK_CLOEXEC' to work.
276 #endif
277 // Connect pipe to stdin and stdout.
281 // Make sure we don't hang on to open files which may get deleted but
282 // not have their disk space released until we exit. Close these
283 // before we try to get the lock because if one of them is open on
284 // the lock file then closing it after obtaining the lock would release
285 // the lock, which would be really bad.
287 // Retry on EINTR; just ignore other errors (we'll get
288 // EBADF if the fd isn't open so that's OK).
290 }
294 {
302 // Lock failed - translate known errno values into a reason
303 // code.
310 }
312 }
313 }
314 }
316 {
317 // Tell the parent if we got the lock, and if not, why not.
320 // EINTR means a signal interrupted us, so retry.
321 // Otherwise we're DOOMED! The best we can do is just exit
322 // and the parent process should get EOF and know the lock
323 // failed.
325 }
327 }
329 // Make sure we don't block unmount of partition holding the current
330 // directory.
332 // We can't usefully do anything in response to an error, so just
333 // ignore it - the worst harm it can do is make it impossible to
334 // unmount a partition.
335 //
336 // We need the if statement because glibc's _FORTIFY_SOURCE mode
337 // gives a warning even if we cast the result to void.
338 }
340 // FIXME: use special statically linked helper instead of cat.
342 // Emulate cat ourselves (we try to avoid this to reduce VM overhead).
346 }
352 // Couldn't fork.
357 }
361 // Parent process.
368 // Got the lock.
372 }
374 // EOF means the lock failed.
377 }
379 // Treat unexpected errors from read() as failure to get the lock.
383 }
384 }
391 }
394 #endif
395 }
397 void
399 #if defined __CYGWIN__ || defined __WIN32__
403 #elif defined FLINTLOCK_USE_FLOCK
407 #else
411 #ifdef F_OFD_SETLK
413 #endif
414 // Kill the child process which is holding the lock. Use SIGKILL since
415 // that can't be caught or ignored (we used to use SIGHUP, but if the
416 // application has set that to SIG_IGN, the child process inherits that
417 // setting, which sometimes results in the child process not exiting -
418 // noted on Linux).
419 //
420 // The only likely error from kill is ESRCH (pid doesn't exist). The other
421 // possibilities (according to the Linux man page) are EINVAL (invalid
422 // signal) and EPERM (don't have permission to SIGKILL the process) but in
423 // none of the cases does calling waitpid do us any good!
428 }
429 }
430 #endif
431 }
433 void
437 {
449 }
451 }