2016-03-05 20:10:19 +01:00
|
|
|
/*-------------------------------------------------------------------------
|
|
|
|
*
|
|
|
|
* controldata_utils.c
|
|
|
|
* Common code for control data file output.
|
|
|
|
*
|
|
|
|
*
|
2019-01-02 18:44:25 +01:00
|
|
|
* Portions Copyright (c) 1996-2019, PostgreSQL Global Development Group
|
2016-03-05 20:10:19 +01:00
|
|
|
* Portions Copyright (c) 1994, Regents of the University of California
|
|
|
|
*
|
|
|
|
*
|
|
|
|
* IDENTIFICATION
|
|
|
|
* src/common/controldata_utils.c
|
|
|
|
*
|
|
|
|
*-------------------------------------------------------------------------
|
|
|
|
*/
|
|
|
|
|
|
|
|
#ifndef FRONTEND
|
|
|
|
#include "postgres.h"
|
|
|
|
#else
|
|
|
|
#include "postgres_fe.h"
|
|
|
|
#endif
|
|
|
|
|
|
|
|
#include <unistd.h>
|
|
|
|
#include <sys/stat.h>
|
|
|
|
#include <fcntl.h>
|
|
|
|
|
2019-03-12 02:03:33 +01:00
|
|
|
#include "access/xlog_internal.h"
|
2016-03-05 20:10:19 +01:00
|
|
|
#include "catalog/pg_control.h"
|
|
|
|
#include "common/controldata_utils.h"
|
2019-03-12 02:03:33 +01:00
|
|
|
#include "common/file_perm.h"
|
2016-03-05 20:10:19 +01:00
|
|
|
#include "port/pg_crc32c.h"
|
2019-03-18 04:59:35 +01:00
|
|
|
|
2019-02-28 21:57:40 +01:00
|
|
|
#ifndef FRONTEND
|
2019-03-18 04:59:35 +01:00
|
|
|
#include "pgstat.h"
|
2019-02-28 21:57:40 +01:00
|
|
|
#include "storage/fd.h"
|
|
|
|
#endif
|
2016-03-05 20:10:19 +01:00
|
|
|
|
|
|
|
/*
|
2019-02-28 21:57:40 +01:00
|
|
|
* get_controlfile()
|
2016-03-05 20:10:19 +01:00
|
|
|
*
|
2016-09-28 18:00:00 +02:00
|
|
|
* Get controlfile values. The result is returned as a palloc'd copy of the
|
|
|
|
* control file data.
|
2016-07-26 17:23:43 +02:00
|
|
|
*
|
2016-09-28 18:00:00 +02:00
|
|
|
* crc_ok_p can be used by the caller to see whether the CRC of the control
|
|
|
|
* file data is correct.
|
2016-03-05 20:10:19 +01:00
|
|
|
*/
|
|
|
|
ControlFileData *
|
2016-09-28 18:00:00 +02:00
|
|
|
get_controlfile(const char *DataDir, const char *progname, bool *crc_ok_p)
|
2016-03-05 20:10:19 +01:00
|
|
|
{
|
2016-06-10 00:02:36 +02:00
|
|
|
ControlFileData *ControlFile;
|
|
|
|
int fd;
|
|
|
|
char ControlFilePath[MAXPGPATH];
|
|
|
|
pg_crc32c crc;
|
2018-05-18 17:52:18 +02:00
|
|
|
int r;
|
2016-03-05 20:10:19 +01:00
|
|
|
|
2016-09-28 18:00:00 +02:00
|
|
|
AssertArg(crc_ok_p);
|
|
|
|
|
2016-03-05 20:10:19 +01:00
|
|
|
ControlFile = palloc(sizeof(ControlFileData));
|
|
|
|
snprintf(ControlFilePath, MAXPGPATH, "%s/global/pg_control", DataDir);
|
|
|
|
|
2016-03-08 00:14:20 +01:00
|
|
|
#ifndef FRONTEND
|
2019-02-28 21:57:40 +01:00
|
|
|
if ((fd = OpenTransientFile(ControlFilePath, O_RDONLY | PG_BINARY)) == -1)
|
2016-03-08 00:14:20 +01:00
|
|
|
ereport(ERROR,
|
|
|
|
(errcode_for_file_access(),
|
2016-06-10 00:02:36 +02:00
|
|
|
errmsg("could not open file \"%s\" for reading: %m",
|
|
|
|
ControlFilePath)));
|
2016-03-08 00:14:20 +01:00
|
|
|
#else
|
2019-02-28 21:57:40 +01:00
|
|
|
if ((fd = open(ControlFilePath, O_RDONLY | PG_BINARY, 0)) == -1)
|
2016-03-08 00:14:20 +01:00
|
|
|
{
|
|
|
|
fprintf(stderr, _("%s: could not open file \"%s\" for reading: %s\n"),
|
|
|
|
progname, ControlFilePath, strerror(errno));
|
|
|
|
exit(EXIT_FAILURE);
|
|
|
|
}
|
|
|
|
#endif
|
2016-03-05 20:10:19 +01:00
|
|
|
|
2018-05-18 17:52:18 +02:00
|
|
|
r = read(fd, ControlFile, sizeof(ControlFileData));
|
|
|
|
if (r != sizeof(ControlFileData))
|
|
|
|
{
|
|
|
|
if (r < 0)
|
2016-03-08 00:14:20 +01:00
|
|
|
#ifndef FRONTEND
|
2018-05-18 17:52:18 +02:00
|
|
|
ereport(ERROR,
|
|
|
|
(errcode_for_file_access(),
|
|
|
|
errmsg("could not read file \"%s\": %m", ControlFilePath)));
|
2016-03-08 00:14:20 +01:00
|
|
|
#else
|
2018-05-18 17:52:18 +02:00
|
|
|
{
|
|
|
|
fprintf(stderr, _("%s: could not read file \"%s\": %s\n"),
|
|
|
|
progname, ControlFilePath, strerror(errno));
|
|
|
|
exit(EXIT_FAILURE);
|
|
|
|
}
|
2016-03-08 00:14:20 +01:00
|
|
|
#endif
|
2018-05-18 17:52:18 +02:00
|
|
|
else
|
|
|
|
#ifndef FRONTEND
|
|
|
|
ereport(ERROR,
|
2018-07-23 02:37:36 +02:00
|
|
|
(errcode(ERRCODE_DATA_CORRUPTED),
|
|
|
|
errmsg("could not read file \"%s\": read %d of %zu",
|
Rework error messages around file handling
Some error messages related to file handling are using the code path
context to define their state. For example, 2PC-related errors are
referring to "two-phase status files", or "relation mapping file" is
used for catalog-to-filenode mapping, however those prove to be
difficult to translate, and are not more helpful than just referring to
the path of the file being worked on. So simplify all those error
messages by just referring to files with their path used. In some
cases, like the manipulation of WAL segments, the context is actually
helpful so those are kept.
Calls to the system function read() have also been rather inconsistent
with their error handling sometimes not reporting the number of bytes
read, and some other code paths trying to use an errno which has not
been set. The in-core functions are using a more consistent pattern
with this patch, which checks for both errno if set or if an
inconsistent read is happening.
So as to care about pluralization when reading an unexpected number of
byte(s), "could not read: read %d of %zu" is used as error message, with
%d field being the output result of read() and %zu the expected size.
This simplifies the work of translators with less variations of the same
message.
Author: Michael Paquier
Reviewed-by: Álvaro Herrera
Discussion: https://postgr.es/m/20180520000522.GB1603@paquier.xyz
2018-07-18 01:01:23 +02:00
|
|
|
ControlFilePath, r, sizeof(ControlFileData))));
|
2018-05-18 17:52:18 +02:00
|
|
|
#else
|
|
|
|
{
|
Rework error messages around file handling
Some error messages related to file handling are using the code path
context to define their state. For example, 2PC-related errors are
referring to "two-phase status files", or "relation mapping file" is
used for catalog-to-filenode mapping, however those prove to be
difficult to translate, and are not more helpful than just referring to
the path of the file being worked on. So simplify all those error
messages by just referring to files with their path used. In some
cases, like the manipulation of WAL segments, the context is actually
helpful so those are kept.
Calls to the system function read() have also been rather inconsistent
with their error handling sometimes not reporting the number of bytes
read, and some other code paths trying to use an errno which has not
been set. The in-core functions are using a more consistent pattern
with this patch, which checks for both errno if set or if an
inconsistent read is happening.
So as to care about pluralization when reading an unexpected number of
byte(s), "could not read: read %d of %zu" is used as error message, with
%d field being the output result of read() and %zu the expected size.
This simplifies the work of translators with less variations of the same
message.
Author: Michael Paquier
Reviewed-by: Álvaro Herrera
Discussion: https://postgr.es/m/20180520000522.GB1603@paquier.xyz
2018-07-18 01:01:23 +02:00
|
|
|
fprintf(stderr, _("%s: could not read file \"%s\": read %d of %zu\n"),
|
|
|
|
progname, ControlFilePath, r, sizeof(ControlFileData));
|
2018-05-18 17:52:18 +02:00
|
|
|
exit(EXIT_FAILURE);
|
|
|
|
}
|
|
|
|
#endif
|
|
|
|
}
|
2016-03-05 20:10:19 +01:00
|
|
|
|
2019-02-28 21:57:40 +01:00
|
|
|
#ifndef FRONTEND
|
Tighten use of OpenTransientFile and CloseTransientFile
This fixes two sets of issues related to the use of transient files in
the backend:
1) OpenTransientFile() has been used in some code paths with read-write
flags while read-only is sufficient, so switch those calls to be
read-only where necessary. These have been reported by Joe Conway.
2) When opening transient files, it is up to the caller to close the
file descriptors opened. In error code paths, CloseTransientFile() gets
called to clean up things before issuing an error. However in normal
exit paths, a lot of callers of CloseTransientFile() never actually
reported errors, which could leave a file descriptor open without
knowing about it. This is an issue I complained about a couple of
times, but never had the courage to write and submit a patch, so here we
go.
Note that one frontend code path is impacted by this commit so as an
error is issued when fetching control file data, making backend and
frontend to be treated consistently.
Reported-by: Joe Conway, Michael Paquier
Author: Michael Paquier
Reviewed-by: Álvaro Herrera, Georgios Kokolatos, Joe Conway
Discussion: https://postgr.es/m/20190301023338.GD1348@paquier.xyz
Discussion: https://postgr.es/m/c49b69ec-e2f7-ff33-4f17-0eaa4f2cef27@joeconway.com
2019-03-09 00:50:55 +01:00
|
|
|
if (CloseTransientFile(fd))
|
|
|
|
ereport(ERROR,
|
|
|
|
(errcode_for_file_access(),
|
|
|
|
errmsg("could not close file \"%s\": %m",
|
|
|
|
ControlFilePath)));
|
2019-02-28 21:57:40 +01:00
|
|
|
#else
|
Tighten use of OpenTransientFile and CloseTransientFile
This fixes two sets of issues related to the use of transient files in
the backend:
1) OpenTransientFile() has been used in some code paths with read-write
flags while read-only is sufficient, so switch those calls to be
read-only where necessary. These have been reported by Joe Conway.
2) When opening transient files, it is up to the caller to close the
file descriptors opened. In error code paths, CloseTransientFile() gets
called to clean up things before issuing an error. However in normal
exit paths, a lot of callers of CloseTransientFile() never actually
reported errors, which could leave a file descriptor open without
knowing about it. This is an issue I complained about a couple of
times, but never had the courage to write and submit a patch, so here we
go.
Note that one frontend code path is impacted by this commit so as an
error is issued when fetching control file data, making backend and
frontend to be treated consistently.
Reported-by: Joe Conway, Michael Paquier
Author: Michael Paquier
Reviewed-by: Álvaro Herrera, Georgios Kokolatos, Joe Conway
Discussion: https://postgr.es/m/20190301023338.GD1348@paquier.xyz
Discussion: https://postgr.es/m/c49b69ec-e2f7-ff33-4f17-0eaa4f2cef27@joeconway.com
2019-03-09 00:50:55 +01:00
|
|
|
if (close(fd))
|
|
|
|
{
|
|
|
|
fprintf(stderr, _("%s: could not close file \"%s\": %s\n"),
|
|
|
|
progname, ControlFilePath, strerror(errno));
|
|
|
|
exit(EXIT_FAILURE);
|
|
|
|
}
|
2019-02-28 21:57:40 +01:00
|
|
|
#endif
|
2016-03-05 20:10:19 +01:00
|
|
|
|
|
|
|
/* Check the CRC. */
|
|
|
|
INIT_CRC32C(crc);
|
|
|
|
COMP_CRC32C(crc,
|
2016-06-10 00:02:36 +02:00
|
|
|
(char *) ControlFile,
|
|
|
|
offsetof(ControlFileData, crc));
|
2016-03-05 20:10:19 +01:00
|
|
|
FIN_CRC32C(crc);
|
|
|
|
|
2016-09-28 18:00:00 +02:00
|
|
|
*crc_ok_p = EQ_CRC32C(crc, ControlFile->crc);
|
2016-03-05 20:10:19 +01:00
|
|
|
|
|
|
|
/* Make sure the control file is valid byte order. */
|
|
|
|
if (ControlFile->pg_control_version % 65536 == 0 &&
|
|
|
|
ControlFile->pg_control_version / 65536 != 0)
|
|
|
|
#ifndef FRONTEND
|
|
|
|
elog(ERROR, _("byte ordering mismatch"));
|
|
|
|
#else
|
|
|
|
printf(_("WARNING: possible byte ordering mismatch\n"
|
|
|
|
"The byte ordering used to store the pg_control file might not match the one\n"
|
|
|
|
"used by this program. In that case the results below would be incorrect, and\n"
|
|
|
|
"the PostgreSQL installation would be incompatible with this data directory.\n"));
|
|
|
|
#endif
|
|
|
|
|
|
|
|
return ControlFile;
|
|
|
|
}
|
2019-03-12 02:03:33 +01:00
|
|
|
|
|
|
|
/*
|
|
|
|
* update_controlfile()
|
|
|
|
*
|
|
|
|
* Update controlfile values with the contents given by caller. The
|
2019-03-18 04:59:35 +01:00
|
|
|
* contents to write are included in "ControlFile". "do_sync" can be
|
|
|
|
* optionally used to flush the updated control file. Note that it is up
|
|
|
|
* to the caller to properly lock ControlFileLock when calling this
|
|
|
|
* routine in the backend.
|
2019-03-12 02:03:33 +01:00
|
|
|
*/
|
|
|
|
void
|
|
|
|
update_controlfile(const char *DataDir, const char *progname,
|
2019-03-18 04:59:35 +01:00
|
|
|
ControlFileData *ControlFile, bool do_sync)
|
2019-03-12 02:03:33 +01:00
|
|
|
{
|
|
|
|
int fd;
|
|
|
|
char buffer[PG_CONTROL_FILE_SIZE];
|
|
|
|
char ControlFilePath[MAXPGPATH];
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Apply the same static assertions as in backend's WriteControlFile().
|
|
|
|
*/
|
|
|
|
StaticAssertStmt(sizeof(ControlFileData) <= PG_CONTROL_MAX_SAFE_SIZE,
|
|
|
|
"pg_control is too large for atomic disk writes");
|
|
|
|
StaticAssertStmt(sizeof(ControlFileData) <= PG_CONTROL_FILE_SIZE,
|
|
|
|
"sizeof(ControlFileData) exceeds PG_CONTROL_FILE_SIZE");
|
|
|
|
|
|
|
|
/* Recalculate CRC of control file */
|
|
|
|
INIT_CRC32C(ControlFile->crc);
|
|
|
|
COMP_CRC32C(ControlFile->crc,
|
|
|
|
(char *) ControlFile,
|
|
|
|
offsetof(ControlFileData, crc));
|
|
|
|
FIN_CRC32C(ControlFile->crc);
|
|
|
|
|
|
|
|
/*
|
|
|
|
* Write out PG_CONTROL_FILE_SIZE bytes into pg_control by zero-padding
|
|
|
|
* the excess over sizeof(ControlFileData), to avoid premature EOF related
|
|
|
|
* errors when reading it.
|
|
|
|
*/
|
|
|
|
memset(buffer, 0, PG_CONTROL_FILE_SIZE);
|
|
|
|
memcpy(buffer, ControlFile, sizeof(ControlFileData));
|
|
|
|
|
|
|
|
snprintf(ControlFilePath, sizeof(ControlFilePath), "%s/%s", DataDir, XLOG_CONTROL_FILE);
|
|
|
|
|
|
|
|
#ifndef FRONTEND
|
2019-03-18 04:59:35 +01:00
|
|
|
|
|
|
|
/*
|
|
|
|
* All errors issue a PANIC, so no need to use OpenTransientFile() and to
|
|
|
|
* worry about file descriptor leaks.
|
|
|
|
*/
|
|
|
|
if ((fd = BasicOpenFile(ControlFilePath, O_RDWR | PG_BINARY)) < 0)
|
2019-03-12 02:03:33 +01:00
|
|
|
ereport(PANIC,
|
|
|
|
(errcode_for_file_access(),
|
|
|
|
errmsg("could not open file \"%s\": %m",
|
|
|
|
ControlFilePath)));
|
|
|
|
#else
|
|
|
|
if ((fd = open(ControlFilePath, O_WRONLY | PG_BINARY,
|
|
|
|
pg_file_create_mode)) == -1)
|
|
|
|
{
|
|
|
|
fprintf(stderr, _("%s: could not open file \"%s\": %s\n"),
|
|
|
|
progname, ControlFilePath, strerror(errno));
|
|
|
|
exit(EXIT_FAILURE);
|
|
|
|
}
|
|
|
|
#endif
|
|
|
|
|
|
|
|
errno = 0;
|
2019-03-18 04:59:35 +01:00
|
|
|
#ifndef FRONTEND
|
|
|
|
pgstat_report_wait_start(WAIT_EVENT_CONTROL_FILE_WRITE_UPDATE);
|
|
|
|
#endif
|
2019-03-12 02:03:33 +01:00
|
|
|
if (write(fd, buffer, PG_CONTROL_FILE_SIZE) != PG_CONTROL_FILE_SIZE)
|
|
|
|
{
|
|
|
|
/* if write didn't set errno, assume problem is no disk space */
|
|
|
|
if (errno == 0)
|
|
|
|
errno = ENOSPC;
|
|
|
|
|
|
|
|
#ifndef FRONTEND
|
|
|
|
ereport(PANIC,
|
|
|
|
(errcode_for_file_access(),
|
|
|
|
errmsg("could not write file \"%s\": %m",
|
|
|
|
ControlFilePath)));
|
|
|
|
#else
|
|
|
|
fprintf(stderr, _("%s: could not write \"%s\": %s\n"),
|
|
|
|
progname, ControlFilePath, strerror(errno));
|
|
|
|
exit(EXIT_FAILURE);
|
|
|
|
#endif
|
|
|
|
}
|
2019-03-18 04:59:35 +01:00
|
|
|
#ifndef FRONTEND
|
|
|
|
pgstat_report_wait_end();
|
|
|
|
#endif
|
2019-03-12 02:03:33 +01:00
|
|
|
|
2019-03-18 04:59:35 +01:00
|
|
|
if (do_sync)
|
|
|
|
{
|
|
|
|
#ifndef FRONTEND
|
|
|
|
pgstat_report_wait_start(WAIT_EVENT_CONTROL_FILE_SYNC_UPDATE);
|
|
|
|
if (pg_fsync(fd) != 0)
|
|
|
|
ereport(PANIC,
|
|
|
|
(errcode_for_file_access(),
|
|
|
|
errmsg("could not fsync file \"%s\": %m",
|
|
|
|
ControlFilePath)));
|
|
|
|
pgstat_report_wait_end();
|
|
|
|
#else
|
|
|
|
if (fsync(fd) != 0)
|
|
|
|
{
|
|
|
|
fprintf(stderr, _("%s: could not fsync file \"%s\": %s\n"),
|
|
|
|
progname, ControlFilePath, strerror(errno));
|
|
|
|
exit(EXIT_FAILURE);
|
|
|
|
}
|
|
|
|
#endif
|
|
|
|
}
|
|
|
|
|
|
|
|
if (close(fd) < 0)
|
|
|
|
{
|
2019-03-12 02:03:33 +01:00
|
|
|
#ifndef FRONTEND
|
|
|
|
ereport(PANIC,
|
|
|
|
(errcode_for_file_access(),
|
|
|
|
errmsg("could not close file \"%s\": %m",
|
|
|
|
ControlFilePath)));
|
|
|
|
#else
|
|
|
|
fprintf(stderr, _("%s: could not close file \"%s\": %s\n"),
|
|
|
|
progname, ControlFilePath, strerror(errno));
|
|
|
|
exit(EXIT_FAILURE);
|
|
|
|
#endif
|
2019-03-18 04:59:35 +01:00
|
|
|
}
|
2019-03-12 02:03:33 +01:00
|
|
|
}
|