2 * See the file LICENSE for redistribution information.
4 * Copyright (c) 1996-2009 Oracle. All rights reserved.
12 #include "dbinc/db_page.h"
13 #include "dbinc/db_am.h"
14 #include "dbinc/lock.h"
15 #include "dbinc/log.h"
17 #include "dbinc/txn.h"
19 static void __db_msgcall __P((const DB_ENV *, const char *, va_list));
20 static void __db_msgfile __P((const DB_ENV *, const char *, va_list));
24 * General flags checking routine.
26 * PUBLIC: int __db_fchk __P((ENV *, const char *, u_int32_t, u_int32_t));
29 __db_fchk(env, name, flags, ok_flags)
32 u_int32_t flags, ok_flags;
34 return (LF_ISSET(~ok_flags) ? __db_ferr(env, name, 0) : 0);
39 * General combination flags checking routine.
41 * PUBLIC: int __db_fcchk
42 * PUBLIC: __P((ENV *, const char *, u_int32_t, u_int32_t, u_int32_t));
45 __db_fcchk(env, name, flags, flag1, flag2)
48 u_int32_t flags, flag1, flag2;
50 return (LF_ISSET(flag1) &&
51 LF_ISSET(flag2) ? __db_ferr(env, name, 1) : 0);
58 * PUBLIC: int __db_ferr __P((const ENV *, const char *, int));
61 __db_ferr(env, name, iscombo)
66 __db_errx(env, "illegal flag %sspecified to %s",
67 iscombo ? "combination " : "", name);
73 * Common flag-needs-locking message.
75 * PUBLIC: int __db_fnl __P((const ENV *, const char *));
83 "%s: DB_READ_COMMITTED, DB_READ_UNCOMMITTED and DB_RMW require locking",
90 * Error when unable to retrieve a specified page.
92 * PUBLIC: int __db_pgerr __P((DB *, db_pgno_t, int));
95 __db_pgerr(dbp, pgno, errval)
101 * Three things are certain:
102 * Death, taxes, and lost data.
103 * Guess which has occurred.
106 "unable to create/retrieve page %lu", (u_long)pgno);
107 return (__env_panic(dbp->env, errval));
112 * Error when a page has the wrong format.
114 * PUBLIC: int __db_pgfmt __P((ENV *, db_pgno_t));
117 __db_pgfmt(env, pgno)
121 __db_errx(env, "page %lu: illegal page type or format", (u_long)pgno);
122 return (__env_panic(env, EINVAL));
128 * Error when an assertion fails. Only checked if #DIAGNOSTIC defined.
130 * PUBLIC: #ifdef DIAGNOSTIC
131 * PUBLIC: void __db_assert __P((ENV *, const char *, const char *, int));
135 __db_assert(env, e, file, line)
137 const char *e, *file;
140 __db_errx(env, "assert failure: %s/%d: \"%s\"", file, line, e);
149 * Just report that someone else paniced.
151 * PUBLIC: int __env_panic_msg __P((ENV *));
162 ret = DB_RUNRECOVERY;
164 __db_errx(env, "PANIC: fatal region error detected; run recovery");
166 if (dbenv->db_paniccall != NULL) /* Deprecated */
167 dbenv->db_paniccall(dbenv, ret);
169 /* Must check for DB_EVENT_REG_PANIC panic first because it is never
170 * set by itself. If set, it means panic came from DB_REGISTER code
171 * only, otherwise it could be from many possible places in the code.
173 if ((env->reginfo != NULL) &&
174 (((REGENV *)env->reginfo->primary)->reg_panic))
175 DB_EVENT(env, DB_EVENT_REG_PANIC, &ret);
177 DB_EVENT(env, DB_EVENT_PANIC, &ret);
184 * Lock out the database environment due to unrecoverable error.
186 * PUBLIC: int __env_panic __P((ENV *, int));
189 __env_panic(env, errval)
198 __env_panic_set(env, 1);
200 __db_err(env, errval, "PANIC");
202 if (dbenv->db_paniccall != NULL) /* Deprecated */
203 dbenv->db_paniccall(dbenv, errval);
205 /* Must check for DB_EVENT_REG_PANIC first because it is never
206 * set by itself. If set, it means panic came from DB_REGISTER
207 * code only, otherwise it could be from many possible places
210 if ((env->reginfo != NULL) &&
211 (((REGENV *)env->reginfo->primary)->reg_panic))
212 DB_EVENT(env, DB_EVENT_REG_PANIC, &errval);
214 DB_EVENT(env, DB_EVENT_PANIC, &errval);
217 #if defined(DIAGNOSTIC) && !defined(CONFIG_TEST)
219 * We want a stack trace of how this could possibly happen.
221 * Don't drop core if it's the test suite -- it's reasonable for the
222 * test suite to check to make sure that DB_RUNRECOVERY is returned
223 * under certain conditions.
230 * Chaos reigns within.
231 * Reflect, repent, and reboot.
232 * Order shall return.
234 return (DB_RUNRECOVERY);
239 * ANSI C strerror(3) for DB.
241 * EXTERN: char *db_strerror __P((int));
250 return ("Successful return: 0");
252 if ((p = strerror(error)) != NULL)
254 return (__db_unknown_error(error));
259 * The Tcl API requires that some of these return strings be compared
260 * against strings stored in application scripts. So, any of these
261 * errors that do not invariably result in a Tcl exception may not be
265 case DB_BUFFER_SMALL:
267 ("DB_BUFFER_SMALL: User memory too small for return value");
269 return ("DB_DONOTINDEX: Secondary index callback returns null");
270 case DB_FOREIGN_CONFLICT:
272 ("DB_FOREIGN_CONFLICT: A foreign database constraint has been violated");
274 return ("DB_KEYEMPTY: Non-existent key/data pair");
276 return ("DB_KEYEXIST: Key/data pair already exists");
277 case DB_LOCK_DEADLOCK:
279 ("DB_LOCK_DEADLOCK: Locker killed to resolve a deadlock");
280 case DB_LOCK_NOTGRANTED:
281 return ("DB_LOCK_NOTGRANTED: Lock not granted");
282 case DB_LOG_BUFFER_FULL:
283 return ("DB_LOG_BUFFER_FULL: In-memory log buffer is full");
285 return ("DB_NOSERVER: Fatal error, no RPC server");
286 case DB_NOSERVER_HOME:
287 return ("DB_NOSERVER_HOME: Home unrecognized at server");
289 return ("DB_NOSERVER_ID: Identifier unrecognized at server");
291 return ("DB_NOTFOUND: No matching key/data pair found");
293 return ("DB_OLDVERSION: Database requires a version upgrade");
294 case DB_PAGE_NOTFOUND:
295 return ("DB_PAGE_NOTFOUND: Requested page not found");
296 case DB_REP_DUPMASTER:
297 return ("DB_REP_DUPMASTER: A second master site appeared");
298 case DB_REP_HANDLE_DEAD:
299 return ("DB_REP_HANDLE_DEAD: Handle is no longer valid");
300 case DB_REP_HOLDELECTION:
301 return ("DB_REP_HOLDELECTION: Need to hold an election");
303 return ("DB_REP_IGNORE: Replication record/operation ignored");
305 return ("DB_REP_ISPERM: Permanent record written");
306 case DB_REP_JOIN_FAILURE:
308 ("DB_REP_JOIN_FAILURE: Unable to join replication group");
309 case DB_REP_LEASE_EXPIRED:
311 ("DB_REP_LEASE_EXPIRED: Replication leases have expired");
314 ("DB_REP_LOCKOUT: Waiting for replication recovery to complete");
316 return ("DB_REP_NEWSITE: A new site has entered the system");
318 return ("DB_REP_NOTPERM: Permanent log record not written");
320 return ("DB_REP_UNAVAIL: Unable to elect a master");
322 return ("DB_RUNRECOVERY: Fatal error, run database recovery");
323 case DB_SECONDARY_BAD:
325 ("DB_SECONDARY_BAD: Secondary index inconsistent with primary");
327 return ("DB_VERIFY_BAD: Database verification failed");
328 case DB_VERSION_MISMATCH:
330 ("DB_VERSION_MISMATCH: Database environment version mismatch");
335 return (__db_unknown_error(error));
339 * __db_unknown_error --
340 * Format an unknown error value into a static buffer.
342 * PUBLIC: char *__db_unknown_error __P((int));
345 __db_unknown_error(error)
350 * Room for a 64-bit number + slop. This buffer is only used
351 * if we're given an unknown error number, which should never
354 * We're no longer thread-safe if it does happen, but the worst
355 * result is a corrupted error string because there will always
356 * be a trailing nul byte since the error buffer is nul filled
357 * and longer than any error message.
359 (void)snprintf(DB_GLOBAL(error_buf),
360 sizeof(DB_GLOBAL(error_buf)), "Unknown error: %d", error);
361 return (DB_GLOBAL(error_buf));
366 * Standard error routine.
368 * PUBLIC: void __db_syserr __P((const ENV *, int, const char *, ...))
369 * PUBLIC: __attribute__ ((__format__ (__printf__, 3, 4)));
373 __db_syserr(const ENV *env, int error, const char *fmt, ...)
375 __db_syserr(env, error, fmt, va_alist)
384 dbenv = env == NULL ? NULL : env->dbenv;
387 * The same as DB->err, except we don't default to writing to stderr
388 * after any output channel has been configured, and we use a system-
389 * specific function to translate errors to strings.
391 DB_REAL_ERR(dbenv, error, DB_ERROR_SYSTEM, 0, fmt);
396 * Standard error routine.
398 * PUBLIC: void __db_err __P((const ENV *, int, const char *, ...))
399 * PUBLIC: __attribute__ ((__format__ (__printf__, 3, 4)));
403 __db_err(const ENV *env, int error, const char *fmt, ...)
405 __db_err(env, error, fmt, va_alist)
414 dbenv = env == NULL ? NULL : env->dbenv;
417 * The same as DB->err, except we don't default to writing to stderr
418 * once an output channel has been configured.
420 DB_REAL_ERR(dbenv, error, DB_ERROR_SET, 0, fmt);
425 * Standard error routine.
427 * PUBLIC: void __db_errx __P((const ENV *, const char *, ...))
428 * PUBLIC: __attribute__ ((__format__ (__printf__, 2, 3)));
432 __db_errx(const ENV *env, const char *fmt, ...)
434 __db_errx(env, fmt, va_alist)
442 dbenv = env == NULL ? NULL : env->dbenv;
445 * The same as DB->errx, except we don't default to writing to stderr
446 * once an output channel has been configured.
448 DB_REAL_ERR(dbenv, 0, DB_ERROR_NOT_SET, 0, fmt);
453 * Do the error message work for callback functions.
455 * PUBLIC: void __db_errcall
456 * PUBLIC: __P((const DB_ENV *, int, db_error_set_t, const char *, va_list));
459 __db_errcall(dbenv, error, error_set, fmt, ap)
462 db_error_set_t error_set;
467 char buf[2048]; /* !!!: END OF THE STACK DON'T TRUST SPRINTF. */
468 char sysbuf[1024]; /* !!!: END OF THE STACK DON'T TRUST SPRINTF. */
472 p += vsnprintf(buf, sizeof(buf), fmt, ap);
473 if (error_set != DB_ERROR_NOT_SET)
475 sizeof(buf) - (size_t)(p - buf), ": %s",
476 error_set == DB_ERROR_SET ? db_strerror(error) :
477 __os_strerror(error, sysbuf, sizeof(sysbuf)));
479 dbenv->db_errcall(dbenv, dbenv->db_errpfx, buf);
484 * Do the error message work for FILE *s.
486 * PUBLIC: void __db_errfile
487 * PUBLIC: __P((const DB_ENV *, int, db_error_set_t, const char *, va_list));
490 __db_errfile(dbenv, error, error_set, fmt, ap)
493 db_error_set_t error_set;
499 char sysbuf[1024]; /* !!!: END OF THE STACK DON'T TRUST SPRINTF. */
501 fp = dbenv == NULL ||
502 dbenv->db_errfile == NULL ? stderr : dbenv->db_errfile;
505 if (dbenv != NULL && dbenv->db_errpfx != NULL) {
506 (void)fprintf(fp, "%s", dbenv->db_errpfx);
509 if (fmt != NULL && fmt[0] != '\0') {
511 (void)fprintf(fp, ": ");
513 (void)vfprintf(fp, fmt, ap);
515 if (error_set != DB_ERROR_NOT_SET)
516 (void)fprintf(fp, "%s%s",
517 need_sep ? ": " : "",
518 error_set == DB_ERROR_SET ? db_strerror(error) :
519 __os_strerror(error, sysbuf, sizeof(sysbuf)));
520 (void)fprintf(fp, "\n");
526 * Aggregate a set of strings into a buffer for the callback API.
528 * PUBLIC: void __db_msgadd __P((ENV *, DB_MSGBUF *, const char *, ...))
529 * PUBLIC: __attribute__ ((__format__ (__printf__, 3, 4)));
533 __db_msgadd(ENV *env, DB_MSGBUF *mbp, const char *fmt, ...)
535 __db_msgadd(env, mbp, fmt, va_alist)
549 __db_msgadd_ap(env, mbp, fmt, ap);
555 * Aggregate a set of strings into a buffer for the callback API.
557 * PUBLIC: void __db_msgadd_ap
558 * PUBLIC: __P((ENV *, DB_MSGBUF *, const char *, va_list));
561 __db_msgadd_ap(env, mbp, fmt, ap)
568 char buf[2048]; /* !!!: END OF THE STACK DON'T TRUST SPRINTF. */
570 len = (size_t)vsnprintf(buf, sizeof(buf), fmt, ap);
573 * There's a heap buffer in the ENV handle we use to aggregate the
574 * message chunks. We maintain a pointer to the buffer, the next slot
575 * to be filled in in the buffer, and a total buffer length.
577 olen = (size_t)(mbp->cur - mbp->buf);
578 if (olen + len >= mbp->len) {
579 if (__os_realloc(env, mbp->len + len + 256, &mbp->buf))
581 mbp->len += (len + 256);
582 mbp->cur = mbp->buf + olen;
585 memcpy(mbp->cur, buf, len + 1);
591 * Standard DB stat message routine.
593 * PUBLIC: void __db_msg __P((const ENV *, const char *, ...))
594 * PUBLIC: __attribute__ ((__format__ (__printf__, 2, 3)));
598 __db_msg(const ENV *env, const char *fmt, ...)
600 __db_msg(env, fmt, va_alist)
608 dbenv = env == NULL ? NULL : env->dbenv;
610 DB_REAL_MSG(dbenv, fmt);
615 * Do the message work for callback functions.
618 __db_msgcall(dbenv, fmt, ap)
623 char buf[2048]; /* !!!: END OF THE STACK DON'T TRUST SPRINTF. */
625 (void)vsnprintf(buf, sizeof(buf), fmt, ap);
627 dbenv->db_msgcall(dbenv, buf);
632 * Do the message work for FILE *s.
635 __db_msgfile(dbenv, fmt, ap)
642 fp = dbenv == NULL ||
643 dbenv->db_msgfile == NULL ? stdout : dbenv->db_msgfile;
644 (void)vfprintf(fp, fmt, ap);
646 (void)fprintf(fp, "\n");
651 * __db_unknown_flag -- report internal error
653 * PUBLIC: int __db_unknown_flag __P((ENV *, char *, u_int32_t));
656 __db_unknown_flag(env, routine, flag)
661 __db_errx(env, "%s: Unknown flag: %#x", routine, (u_int)flag);
671 * __db_unknown_type -- report internal database type error
673 * PUBLIC: int __db_unknown_type __P((ENV *, char *, DBTYPE));
676 __db_unknown_type(env, routine, type)
682 "%s: Unexpected database type: %s",
683 routine, __db_dbtype_to_string(type));
693 * __db_unknown_path -- report unexpected database code path error.
695 * PUBLIC: int __db_unknown_path __P((ENV *, char *));
698 __db_unknown_path(env, routine)
702 __db_errx(env, "%s: Unexpected code path error", routine);
713 * Check for common transaction errors.
715 * PUBLIC: int __db_check_txn __P((DB *, DB_TXN *, DB_LOCKER *, int));
718 __db_check_txn(dbp, txn, assoc_locker, read_op)
721 DB_LOCKER *assoc_locker;
730 * If we are in recovery or aborting a transaction, then we
731 * don't need to enforce the rules about dbp's not allowing
732 * transactional operations in non-transactional dbps and
733 * vica-versa. This happens all the time as the dbp during
734 * an abort may be transactional, but we undo operations
735 * outside a transaction since we're aborting.
737 if (IS_RECOVERING(env) || F_ISSET(dbp, DB_AM_RECOVER))
741 * Check for common transaction errors:
742 * an operation on a handle whose open commit hasn't completed.
743 * a transaction handle in a non-transactional environment
744 * a transaction handle for a non-transactional database
746 if (txn == NULL || F_ISSET(txn, TXN_PRIVATE)) {
747 if (dbp->cur_locker != NULL &&
748 dbp->cur_locker->id >= TXN_MINIMUM)
751 if (!read_op && F_ISSET(dbp, DB_AM_TXN)) {
753 "Transaction not specified for a transactional database");
756 } else if (F_ISSET(txn, TXN_CDSGROUP)) {
757 if (!CDB_LOCKING(env)) {
759 "CDS groups can only be used in a CDS environment");
763 * CDS group handles can be passed to any method, since they
764 * only determine locker IDs.
769 return (__db_not_txn_env(env));
771 if (!F_ISSET(dbp, DB_AM_TXN)) {
773 "Transaction specified for a non-transactional database");
777 if (F_ISSET(txn, TXN_DEADLOCK))
778 return (__db_txn_deadlock_err(env, txn));
779 if (dbp->cur_locker != NULL &&
780 dbp->cur_locker->id >= TXN_MINIMUM &&
781 dbp->cur_locker->id != txn->txnid) {
782 if ((ret = __lock_locker_is_parent(env,
783 dbp->cur_locker, txn->locker, &isp)) != 0)
791 * If dbp->associate_locker is not NULL, that means we're in
792 * the middle of a DB->associate with DB_CREATE (i.e., a secondary index
795 * In addition to the usual transaction rules, we need to lock out
796 * non-transactional updates that aren't part of the associate (and
797 * thus are using some other locker ID).
799 * Transactional updates should simply block; from the time we
800 * decide to build the secondary until commit, we'll hold a write
801 * lock on all of its pages, so it should be safe to attempt to update
802 * the secondary in another transaction (presumably by updating the
805 if (!read_op && dbp->associate_locker != NULL &&
806 txn != NULL && dbp->associate_locker != assoc_locker) {
808 "Operation forbidden while secondary index is being created");
813 * Check the txn and dbp are from the same env.
815 if (txn != NULL && env != txn->mgrp->env) {
817 "Transaction and database from different environments");
824 "Transaction that opened the DB handle is still active");
829 * __db_txn_deadlock_err --
830 * Transaction has allready been deadlocked.
832 * PUBLIC: int __db_txn_deadlock_err __P((ENV *, DB_TXN *));
835 __db_txn_deadlock_err(env, txn)
842 (void)__txn_get_name(txn, &name);
845 "%s%sprevious transaction deadlock return not resolved",
846 name == NULL ? "" : name, name == NULL ? "" : ": ");
852 * __db_not_txn_env --
853 * DB handle must be in an environment that supports transactions.
855 * PUBLIC: int __db_not_txn_env __P((ENV *));
858 __db_not_txn_env(env)
861 __db_errx(env, "DB environment not configured for transactions");
867 * Fixed record length exceeded error message.
869 * PUBLIC: int __db_rec_toobig __P((ENV *, u_int32_t, u_int32_t));
872 __db_rec_toobig(env, data_len, fixed_rec_len)
874 u_int32_t data_len, fixed_rec_len;
877 "%lu larger than database's maximum record length %lu",
878 (u_long)data_len, (u_long)fixed_rec_len);
884 * Fixed record replacement length error message.
886 * PUBLIC: int __db_rec_repl __P((ENV *, u_int32_t, u_int32_t));
889 __db_rec_repl(env, data_size, data_dlen)
891 u_int32_t data_size, data_dlen;
894 "%s: replacement length %lu differs from replaced length %lu",
895 "Record length error", (u_long)data_size, (u_long)data_dlen);
899 #if defined(DIAGNOSTIC) || defined(DEBUG_ROP) || defined(DEBUG_WOP)
902 * In DIAGNOSTIC mode, check for bad replication combinations.
904 * PUBLIC: int __dbc_logging __P((DBC *));
915 db_rep = env->rep_handle;
917 ret = LOGGING_ON(env) &&
918 !F_ISSET(dbc, DBC_RECOVER) && !IS_REP_CLIENT(env);
921 * If we're not using replication or running recovery, return.
923 if (db_rep == NULL || F_ISSET(dbc, DBC_RECOVER))
928 * Only check when DEBUG_ROP is not configured. People often do
929 * non-transactional reads, and debug_rop is going to write
935 rep = db_rep->region;
938 * If we're a client and not running recovery or non durably, error.
940 if (IS_REP_CLIENT(env) && !F_ISSET(dbc->dbp, DB_AM_NOT_DURABLE)) {
941 __db_errx(env, "dbc_logging: Client update");
947 * If DEBUG_WOP is enabled, then we'll generate debugging log records
948 * that are non-transactional. This is OK.
950 if (IS_REP_MASTER(env) &&
951 dbc->txn == NULL && !F_ISSET(dbc->dbp, DB_AM_NOT_DURABLE)) {
952 __db_errx(env, "Dbc_logging: Master non-txn update");
958 err: __db_errx(env, "Rep: flags 0x%lx msg_th %lu",
959 (u_long)rep->flags, (u_long)rep->msg_th);
960 __db_errx(env, "Rep: handle %lu, opcnt %lu",
961 (u_long)rep->handle_cnt, (u_long)rep->op_cnt);
973 * Display the log sequence error message.
975 * PUBLIC: int __db_check_lsn __P((ENV *, DB_LSN *, DB_LSN *));
978 __db_check_lsn(env, lsn, prev)
983 "Log sequence error: page LSN %lu %lu; previous LSN %lu %lu",
984 (u_long)(lsn)->file, (u_long)(lsn)->offset,
985 (u_long)(prev)->file, (u_long)(prev)->offset);
991 * Common readonly message.
992 * PUBLIC: int __db_rdonly __P((const ENV *, const char *));
995 __db_rdonly(env, name)
999 __db_errx(env, "%s: attempt to modify a read-only database", name);
1005 * Common out of space message.
1006 * PUBLIC: int __db_space_err __P((const DB *));
1013 "%s: file limited to %lu pages",
1014 dbp->fname, (u_long)dbp->mpf->mfp->maxpgno);
1020 * Common failed thread message.
1022 * PUBLIC: int __db_failed __P((const ENV *,
1023 * PUBLIC: const char *, pid_t, db_threadid_t));
1026 __db_failed(env, msg, pid, tid)
1033 char buf[DB_THREADID_STRLEN];
1037 __db_errx(env, "Thread/process %s failed: %s",
1038 dbenv->thread_id_string(dbenv, pid, tid, buf), msg);
1039 return (DB_RUNRECOVERY);