NotificationsYou must be signed in to change notification settings
Fork28
Star151

Commit2a11b18

committed

Clean up assorted messiness around AllocateDir() usage.

This patch fixes a couple of low-probability bugs that could lead toreporting an irrelevant errno value (and hence possibly a wrong SQLSTATE)concerning directory-open or file-open failures. It also fixes placeswhere we took shortcuts in reporting such errors, either by using eloginstead of ereport or by using ereport but forgetting to specify anerrcode. And it eliminates a lot of just plain redundant error-handlingcode.In service of all this, export fd.c's formerly-static functionReadDirExtended, so that external callers can make use of the codingpatterndir = AllocateDir(path);while ((de = ReadDirExtended(dir, path, LOG)) != NULL)if they'd like to treat directory-open failures as mere LOG conditionsrather than errors. Also fix FreeDir to be a no-op if we reach itwith dir == NULL, as such a coding pattern would cause.Then, remove code at many call sites that was throwing an error or logmessage for AllocateDir failure, as ReadDir or ReadDirExtended can handlethat job just fine. Aside from being a net code savings, this gets rid ofa lot of not-quite-up-to-snuff reports, as mentioned above. (In someplaces these changes result in replacing a custom error message such as"could not open tablespace directory" with more generic wording "could notopen directory", but it was agreed that the custom wording buys little aslong as we report the directory name.) In some other call sites where wecan't just remove code, change the error reports to be fullyproject-style-compliant.Also reorder code in restoreTwoPhaseData that was acquiring a lockbetween AllocateDir and ReadDir; in the unlikely but surely notimpossible case that LWLockAcquire changes errno, AllocateDir failureswould be misreported. There is no great value in opening the directorybefore acquiring TwoPhaseStateLock, so just do it in the other order.Also fix CheckXLogRemoved to guarantee that it preserves errno,as quite a number of call sites are implicitly assuming. (Again,it's unlikely but I think not impossible that errno could changeduring a SpinLockAcquire. If so, this function was broken for itsown purposes as well as breaking callers.)And change a few places that were using not-per-project-style messages,such as "could not read directory" when "could not open directory" ismore correct.Back-patch the exporting of ReadDirExtended, in case we have occasionto back-patch some fix that makes use of it; it's not needed right nowbut surely making it global is pretty harmless. Also back-patch therestoreTwoPhaseData and CheckXLogRemoved fixes. The rest of this isessentially cosmetic and need not get back-patched.Michael Paquier, with a bit of additional work by meDiscussion:https://postgr.es/m/CAB7nPqRpOCxjiirHmebEFhXVTK7V5Jvw4bz82p7Oimtsm3TyZA@mail.gmail.com

1 parentbf2b317 commit2a11b18Copy full SHA for 2a11b18

File tree

4 files changed

+35

-9

lines changed

src
- backend
  - access/transam
    - twophase.c
    - xlog.c
  - storage/file
    - fd.c
- include/storage
  - fd.h

4 files changed

+35

-9

lines changed

`‎src/backend/access/transam/twophase.c`

Lines changed: 1 addition & 1 deletion

Original file line number	Diff line number	Diff line change
`@@ -1735,8 +1735,8 @@ restoreTwoPhaseData(void)`
`1735`	`1735`	`DIR*cldir;`
`1736`	`1736`	`structdirent*clde;`
`1737`	`1737`
`1738`		`-cldir=AllocateDir(TWOPHASE_DIR);`
`1739`	`1738`	`LWLockAcquire(TwoPhaseStateLock,LW_EXCLUSIVE);`
	`1739`	`+cldir=AllocateDir(TWOPHASE_DIR);`
`1740`	`1740`	`while ((clde=ReadDir(cldir,TWOPHASE_DIR))!=NULL)`
`1741`	`1741`	`{`
`1742`	`1742`	`if (strlen(clde->d_name)==8&&`

`‎src/backend/access/transam/xlog.c`

Lines changed: 8 additions & 0 deletions

Original file line number	Diff line number	Diff line change
`@@ -3760,10 +3760,16 @@ PreallocXlogFiles(XLogRecPtr endptr)`
`3760`	`3760`	`* existed while the server has been running, as this function always`
`3761`	`3761`	`* succeeds if no WAL segments have been removed since startup.`
`3762`	`3762`	`* 'tli' is only used in the error message.`
	`3763`	`+ *`
	`3764`	`+ * Note: this function guarantees to keep errno unchanged on return.`
	`3765`	`+ * This supports callers that use this to possibly deliver a better`
	`3766`	`+ * error message about a missing file, while still being able to throw`
	`3767`	`+ * a normal file-access error afterwards, if this does return.`
`3763`	`3768`	`*/`
`3764`	`3769`	`void`
`3765`	`3770`	`CheckXLogRemoved(XLogSegNosegno,TimeLineIDtli)`
`3766`	`3771`	`{`
	`3772`	`+intsave_errno=errno;`
`3767`	`3773`	`XLogSegNolastRemovedSegNo;`
`3768`	`3774`
`3769`	`3775`	`SpinLockAcquire(&XLogCtl->info_lck);`
`@@ -3775,11 +3781,13 @@ CheckXLogRemoved(XLogSegNo segno, TimeLineID tli)`
`3775`	`3781`	`charfilename[MAXFNAMELEN];`
`3776`	`3782`
`3777`	`3783`	`XLogFileName(filename,tli,segno);`
	`3784`	`+errno=save_errno;`
`3778`	`3785`	`ereport(ERROR,`
`3779`	`3786`	`(errcode_for_file_access(),`
`3780`	`3787`	`errmsg("requested WAL segment %s has already been removed",`
`3781`	`3788`	`filename)));`
`3782`	`3789`	`}`
	`3790`	`+errno=save_errno;`
`3783`	`3791`	`}`
`3784`	`3792`
`3785`	`3793`	`/*`

`‎src/backend/storage/file/fd.c`

Lines changed: 24 additions & 8 deletions

Original file line number	Diff line number	Diff line change
`@@ -304,7 +304,6 @@ static intFileAccess(File file);`
`304`	`304`	`staticFileOpenTemporaryFileInTablespace(OidtblspcOid,boolrejectError);`
`305`	`305`	`staticboolreserveAllocatedDesc(void);`
`306`	`306`	`staticintFreeDesc(AllocateDesc*desc);`
`307`		`-staticstructdirentReadDirExtended(DIRdir,constchar*dirname,intelevel);`
`308`	`307`
`309`	`308`	`staticvoidAtProcExit_Files(intcode,Datumarg);`
`310`	`309`	`staticvoidCleanupTempFiles(boolisProcExit);`
`@@ -2335,6 +2334,10 @@ CloseTransientFile(int fd)`
`2335`	`2334`	`* necessary to open the directory, and with closing it after an elog.`
`2336`	`2335`	`* When done, call FreeDir rather than closedir.`
`2337`	`2336`	`*`
	`2337`	`+ * Returns NULL, with errno set, on failure. Note that failure detection`
	`2338`	`+ * is commonly left to the following call of ReadDir or ReadDirExtended;`
	`2339`	`+ * see the comments for ReadDir.`
	`2340`	`+ *`
`2338`	`2341`	`* Ideally this should be the only direct call of opendir() in the backend.`
`2339`	`2342`	`*/`
`2340`	`2343`	`DIR*`
`@@ -2397,8 +2400,8 @@ AllocateDir(const char *dirname)`
`2397`	`2400`	`*FreeDir(dir);`
`2398`	`2401`	`*`
`2399`	`2402`	`* since a NULL dir parameter is taken as indicating AllocateDir failed.`
`2400`		`- * (Make sure errnohasn'tbeenchangedsince AllocateDirif you use this`
`2401`		`- * shortcut.)`
	`2403`	`+ * (Make sure errnoisn't changedbetween AllocateDirand ReadDir if you`
	`2404`	`+ *use thisshortcut.)`
`2402`	`2405`	`*`
`2403`	`2406`	`* The pathname passed to AllocateDir must be passed to this routine too,`
`2404`	`2407`	`* but it is only used for error reporting.`
`@@ -2410,10 +2413,15 @@ ReadDir(DIR dir, const char dirname)`
`2410`	`2413`	`}`
`2411`	`2414`
`2412`	`2415`	`/*`
`2413`		`- * Alternate version that allows caller to specify the elevel for any`
`2414`		`- * error report. If elevel < ERROR, returns NULL on any error.`
	`2416`	`+ * Alternate version of ReadDir that allows caller to specify the elevel`
	`2417`	`+ * for any error report (whether it's reporting an initial failure of`
	`2418`	`+ * AllocateDir or a subsequent directory read failure).`
	`2419`	`+ *`
	`2420`	`+ * If elevel < ERROR, returns NULL after any error. With the normal coding`
	`2421`	`+ * pattern, this will result in falling out of the loop immediately as`
	`2422`	`+ * though the directory contained no (more) entries.`
`2415`	`2423`	`*/`
`2416`		`-staticstructdirent*`
	`2424`	`+structdirent*`
`2417`	`2425`	`ReadDirExtended(DIRdir,constchardirname,intelevel)`
`2418`	`2426`	`{`
`2419`	`2427`	`structdirent*dent;`
`@@ -2443,14 +2451,22 @@ ReadDirExtended(DIR dir, const char dirname, int elevel)`
`2443`	`2451`	`/*`
`2444`	`2452`	`* Close a directory opened with AllocateDir.`
`2445`	`2453`	`*`
`2446`		`- * Note we do not check closedir's return value --- it is up to the caller`
`2447`		`- * to handle close errors.`
	`2454`	`+ * Returns closedir's return value (with errno set if it's not 0).`
	`2455`	`+ * Note we do not check the return value --- it is up to the caller`
	`2456`	`+ * to handle close errors if wanted.`
	`2457`	`+ *`
	`2458`	`+ * Does nothing if dir == NULL; we assume that directory open failure was`
	`2459`	`+ * already reported if desired.`
`2448`	`2460`	`*/`
`2449`	`2461`	`int`
`2450`	`2462`	`FreeDir(DIR*dir)`
`2451`	`2463`	`{`
`2452`	`2464`	`inti;`
`2453`	`2465`
	`2466`	`+/* Nothing to do if AllocateDir failed */`
	`2467`	`+if (dir==NULL)`
	`2468`	`+return0;`
	`2469`	`+`
`2454`	`2470`	`DO_DB(elog(LOG,"FreeDir: Allocated %d",numAllocatedDescs));`
`2455`	`2471`
`2456`	`2472`	`/* Remove dir from list of allocated dirs, if it's present */`

`‎src/include/storage/fd.h`

Lines changed: 2 additions & 0 deletions

Original file line number	Diff line number	Diff line change
`@@ -91,6 +91,8 @@ extern intClosePipeStream(FILE *file);`
`91`	`91`	`/* Operations to allow use of the <dirent.h> library routines */`
`92`	`92`	`externDIRAllocateDir(constchardirname);`
`93`	`93`	`externstructdirentReadDir(DIRdir,constchar*dirname);`
	`94`	`+externstructdirentReadDirExtended(DIRdir,constchar*dirname,`
	`95`	`+intelevel);`
`94`	`96`	`externintFreeDir(DIR*dir);`
`95`	`97`
`96`	`98`	`/* Operations to allow use of a plain kernel FD, with automatic cleanup */`

0 commit comments

Comments

(0)

Movatterモバイル変換

Navigation Menu

Search code, repositories, users, issues, pull requests...

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Commit2a11b18

File tree

4 files changed

4 files changed

`‎src/backend/access/transam/twophase.c`

`‎src/backend/access/transam/xlog.c`

`‎src/backend/storage/file/fd.c`

`‎src/include/storage/fd.h`

0 commit comments