/*
* __snapshot_extlist_fblocks --
* If an extent list was read from disk, free its space to the live avail
* list.
*/
static inline int
__snapshot_extlist_fblocks(
WT_SESSION_IMPL *session, WT_BLOCK *block, WT_EXTLIST *el)
{
if (el->offset == WT_BLOCK_INVALID_OFFSET)
return (0);
return (__wt_block_insert_ext(
session, &block->live.avail, el->offset, el->size));
}
/*
* __wt_block_salvage_start --
* Start a file salvage.
*/
int
__wt_block_salvage_start(WT_SESSION_IMPL *session, WT_BLOCK *block)
{
off_t len;
uint32_t allocsize;
/* Reset the description sector. */
WT_RET(__wt_desc_init(session, block->fh));
/*
* Salvage creates a new snapshot when it's finished, set up for
* rolling an empty file forward.
*/
WT_RET(__wt_block_snap_init(session, block, &block->live, "live", 1));
/*
* Truncate the file to an initial sector plus N allocation size
* units (bytes trailing the last multiple of an allocation size
* unit must be garbage, by definition).
*/
if (block->fh->file_size > WT_BLOCK_DESC_SECTOR) {
allocsize = block->allocsize;
len = block->fh->file_size - WT_BLOCK_DESC_SECTOR;
len = (len / allocsize) * allocsize;
len += WT_BLOCK_DESC_SECTOR;
if (len != block->fh->file_size)
WT_RET(__wt_ftruncate(session, block->fh, len));
} else
len = WT_BLOCK_DESC_SECTOR;
/*
* The first sector of the file is the description record, skip it as
* we read the file.
*/
block->slvg_off = WT_BLOCK_DESC_SECTOR;
/*
* The only snapshot extent we care about is the allocation list. Start
* with the entire file on the allocation list, we'll "free" any blocks
* we don't want as we process the file.
*/
WT_RET(__wt_block_insert_ext(session, &block->live.alloc,
WT_BLOCK_DESC_SECTOR, len - WT_BLOCK_DESC_SECTOR));
block->slvg = 1;
return (0);
}
/*
* __ckpt_extlist_fblocks --
* If a checkpoint's extent list is going away, free its blocks.
*/
static int
__ckpt_extlist_fblocks(
WT_SESSION_IMPL *session, WT_BLOCK *block, WT_EXTLIST *el)
{
if (el->offset == WT_BLOCK_INVALID_OFFSET)
return (0);
/*
* Free blocks used to write checkpoint extents into the live system's
* checkpoint avail list (they were never on any alloc list). Do not
* use the live system's avail list because that list is used to decide
* if the file can be truncated, and we can't truncate any part of the
* file that contains a previous checkpoint's extents.
*/
return (__wt_block_insert_ext(
session, block, &block->live.ckpt_avail, el->offset, el->size));
}
/*
* __wt_block_salvage_start --
* Start a file salvage.
*/
int
__wt_block_salvage_start(WT_SESSION_IMPL *session, WT_BLOCK *block)
{
wt_off_t len;
uint32_t allocsize;
allocsize = block->allocsize;
/* Reset the description information in the first block. */
WT_RET(__wt_desc_write(session, block->fh, allocsize));
/*
* Salvage creates a new checkpoint when it's finished, set up for
* rolling an empty file forward.
*/
WT_RET(__wt_block_ckpt_init(session, &block->live, "live"));
/*
* Truncate the file to an allocation-size multiple of blocks (bytes
* trailing the last block must be garbage, by definition).
*/
len = allocsize;
if (block->size > allocsize)
len = (block->size / allocsize) * allocsize;
WT_RET(__wt_block_truncate(session, block, len));
/*
* The file's first allocation-sized block is description information,
* skip it when reading through the file.
*/
block->slvg_off = allocsize;
/*
* The only checkpoint extent we care about is the allocation list.
* Start with the entire file on the allocation list, we'll "free"
* any blocks we don't want as we process the file.
*/
WT_RET(__wt_block_insert_ext(
session, block, &block->live.alloc, allocsize, len - allocsize));
/* Salvage performs a checkpoint but doesn't start or resolve it. */
WT_ASSERT(session, block->ckpt_state == WT_CKPT_NONE);
block->ckpt_state = WT_CKPT_SALVAGE;
return (0);
}
/*
* __ckpt_process --
* Process the list of checkpoints.
*/
static int
__ckpt_process(WT_SESSION_IMPL *session, WT_BLOCK *block, WT_CKPT *ckptbase)
{
WT_BLOCK_CKPT *a, *b, *ci;
WT_CKPT *ckpt, *next_ckpt;
WT_DECL_ITEM(tmp);
WT_DECL_RET;
uint64_t ckpt_size;
bool deleting, fatal, locked;
ci = &block->live;
fatal = locked = false;
#ifdef HAVE_DIAGNOSTIC
WT_RET(__ckpt_verify(session, ckptbase));
#endif
/*
* Checkpoints are a two-step process: first, write a new checkpoint to
* disk (including all the new extent lists for modified checkpoints
* and the live system). As part of this, create a list of file blocks
* newly available for reallocation, based on checkpoints being deleted.
* We then return the locations of the new checkpoint information to our
* caller. Our caller has to write that information into some kind of
* stable storage, and once that's done, we can actually allocate from
* that list of newly available file blocks. (We can't allocate from
* that list immediately because the allocation might happen before our
* caller saves the new checkpoint information, and if we crashed before
* the new checkpoint location was saved, we'd have overwritten blocks
* still referenced by checkpoints in the system.) In summary, there is
* a second step: after our caller saves the checkpoint information, we
* are called to add the newly available blocks into the live system's
* available list.
*
* This function is the first step, the second step is in the resolve
* function.
*
* If we're called to checkpoint the same file twice (without the second
* resolution step), or re-entered for any reason, it's an error in our
* caller, and our choices are all bad: leak blocks or potentially crash
* with our caller not yet having saved previous checkpoint information
* to stable storage.
*/
__wt_spin_lock(session, &block->live_lock);
if (block->ckpt_inprogress)
ret = __wt_block_panic(session, EINVAL,
"%s: unexpected checkpoint ordering", block->name);
else
block->ckpt_inprogress = true;
__wt_spin_unlock(session, &block->live_lock);
WT_RET(ret);
/*
* Extents newly available as a result of deleting previous checkpoints
* are added to a list of extents. The list should be empty, but as
* described above, there is no "free the checkpoint information" call
* into the block manager; if there was an error in an upper level that
* resulted in some previous checkpoint never being resolved, the list
* may not be empty. We should have caught that with the "checkpoint
* in progress" test, but it doesn't cost us anything to be cautious.
*
* We free the checkpoint's allocation and discard extent lists as part
* of the resolution step, not because they're needed at that time, but
* because it's potentially a lot of work, and waiting allows the btree
* layer to continue eviction sooner. As for the checkpoint-available
* list, make sure they get cleaned out.
*/
__wt_block_extlist_free(session, &ci->ckpt_avail);
WT_RET(__wt_block_extlist_init(
session, &ci->ckpt_avail, "live", "ckpt_avail", true));
__wt_block_extlist_free(session, &ci->ckpt_alloc);
__wt_block_extlist_free(session, &ci->ckpt_discard);
/*
* To delete a checkpoint, we'll need checkpoint information for it and
* the subsequent checkpoint into which it gets rolled; read them from
* disk before we lock things down.
*/
deleting = false;
WT_CKPT_FOREACH(ckptbase, ckpt) {
if (F_ISSET(ckpt, WT_CKPT_FAKE) ||
!F_ISSET(ckpt, WT_CKPT_DELETE))
continue;
deleting = true;
/*
* Read the checkpoint and next checkpoint extent lists if we
* haven't already read them (we may have already read these
* extent blocks if there is more than one deleted checkpoint).
*/
if (ckpt->bpriv == NULL)
WT_ERR(__ckpt_extlist_read(session, block, ckpt));
for (next_ckpt = ckpt + 1;; ++next_ckpt)
if (!F_ISSET(next_ckpt, WT_CKPT_FAKE))
break;
/*
* The "next" checkpoint may be the live tree which has no
* extent blocks to read.
*/
if (next_ckpt->bpriv == NULL &&
!F_ISSET(next_ckpt, WT_CKPT_ADD))
WT_ERR(__ckpt_extlist_read(session, block, next_ckpt));
}
/*
* Failures are now fatal: we can't currently back out the merge of any
* deleted checkpoint extent lists into the live system's extent lists,
* so continuing after error would leave the live system's extent lists
* corrupted for any subsequent checkpoint (and potentially, should a
* subsequent checkpoint succeed, for recovery).
*/
fatal = true;
/*
* Hold a lock so the live extent lists and the file size can't change
* underneath us. I suspect we'll tighten this if checkpoints take too
* much time away from real work: we read the historic checkpoint
* information without a lock, but we could also merge and re-write the
* deleted and merged checkpoint information without a lock, except for
* the final merge of ranges into the live tree.
*/
__wt_spin_lock(session, &block->live_lock);
locked = true;
/*
* We've allocated our last page, update the checkpoint size. We need
* to calculate the live system's checkpoint size before merging
* checkpoint allocation and discard information from the checkpoints
* we're deleting, those operations change the underlying byte counts.
*/
ckpt_size = ci->ckpt_size;
ckpt_size += ci->alloc.bytes;
ckpt_size -= ci->discard.bytes;
/* Skip the additional processing if we aren't deleting checkpoints. */
if (!deleting)
goto live_update;
/*
* Delete any no-longer-needed checkpoints: we do this first as it frees
* blocks to the live lists, and the freed blocks will then be included
* when writing the live extent lists.
*/
WT_CKPT_FOREACH(ckptbase, ckpt) {
if (F_ISSET(ckpt, WT_CKPT_FAKE) ||
!F_ISSET(ckpt, WT_CKPT_DELETE))
continue;
#ifdef HAVE_VERBOSE
if (WT_VERBOSE_ISSET(session, WT_VERB_CHECKPOINT)) {
if (tmp == NULL)
WT_ERR(__wt_scr_alloc(session, 0, &tmp));
WT_ERR(__ckpt_string(
session, block, ckpt->raw.data, tmp));
__wt_verbose(session, WT_VERB_CHECKPOINT,
"%s: delete-checkpoint: %s: %s",
block->name, ckpt->name, (const char *)tmp->data);
}
#endif
/*
* Find the checkpoint into which we'll roll this checkpoint's
* blocks: it's the next real checkpoint in the list, and it
* better have been read in (if it's not the add slot).
*/
for (next_ckpt = ckpt + 1;; ++next_ckpt)
if (!F_ISSET(next_ckpt, WT_CKPT_FAKE))
break;
/*
* Set the from/to checkpoint structures, where the "to" value
* may be the live tree.
*/
a = ckpt->bpriv;
if (F_ISSET(next_ckpt, WT_CKPT_ADD))
b = &block->live;
else
b = next_ckpt->bpriv;
/*
* Free the root page: there's nothing special about this free,
* the root page is allocated using normal rules, that is, it
* may have been taken from the avail list, and was entered on
* the live system's alloc list at that time. We free it into
* the checkpoint's discard list, however, not the live system's
* list because it appears on the checkpoint's alloc list and so
* must be paired in the checkpoint.
*/
if (a->root_offset != WT_BLOCK_INVALID_OFFSET)
WT_ERR(__wt_block_insert_ext(session, block,
&a->discard, a->root_offset, a->root_size));
/*
* Free the blocks used to hold the "from" checkpoint's extent
* lists, including the avail list.
*/
WT_ERR(__ckpt_extlist_fblocks(session, block, &a->alloc));
WT_ERR(__ckpt_extlist_fblocks(session, block, &a->avail));
WT_ERR(__ckpt_extlist_fblocks(session, block, &a->discard));
/*
* Roll the "from" alloc and discard extent lists into the "to"
* checkpoint's lists.
*/
if (a->alloc.entries != 0)
WT_ERR(__wt_block_extlist_merge(
session, block, &a->alloc, &b->alloc));
if (a->discard.entries != 0)
WT_ERR(__wt_block_extlist_merge(
session, block, &a->discard, &b->discard));
/*
* If the "to" checkpoint is also being deleted, we're done with
* it, it's merged into some other checkpoint in the next loop.
* This means the extent lists may aggregate over a number of
* checkpoints, but that's OK, they're disjoint sets of ranges.
*/
if (F_ISSET(next_ckpt, WT_CKPT_DELETE))
continue;
/*
* Find blocks for re-use: wherever the "to" checkpoint's
* allocate and discard lists overlap, move the range to
* the live system's checkpoint available list.
*/
WT_ERR(__wt_block_extlist_overlap(session, block, b));
/*
* If we're updating the live system's information, we're done.
*/
if (F_ISSET(next_ckpt, WT_CKPT_ADD))
continue;
/*
* We have to write the "to" checkpoint's extent lists out in
* new blocks, and update its cookie.
*
* Free the blocks used to hold the "to" checkpoint's extent
* lists; don't include the avail list, it's not changing.
*/
WT_ERR(__ckpt_extlist_fblocks(session, block, &b->alloc));
WT_ERR(__ckpt_extlist_fblocks(session, block, &b->discard));
F_SET(next_ckpt, WT_CKPT_UPDATE);
}
/* Update checkpoints marked for update. */
WT_CKPT_FOREACH(ckptbase, ckpt)
if (F_ISSET(ckpt, WT_CKPT_UPDATE))
WT_ERR(__ckpt_update(
session, block, ckpt, ckpt->bpriv, false));
live_update:
/* Truncate the file if that's possible. */
WT_ERR(__wt_block_extlist_truncate(session, block, &ci->avail));
/* Update the final, added checkpoint based on the live system. */
WT_CKPT_FOREACH(ckptbase, ckpt)
if (F_ISSET(ckpt, WT_CKPT_ADD)) {
/*
* !!!
* Our caller wants the final checkpoint size. Setting
* the size here violates layering, but the alternative
* is a call for the btree layer to crack the checkpoint
* cookie into its components, and that's a fair amount
* of work.
*/
ckpt->ckpt_size = ckpt_size;
/*
* Set the rolling checkpoint size for the live system.
* The current size includes the current checkpoint's
* root page size (root pages are on the checkpoint's
* block allocation list as root pages are allocated
* with the usual block allocation functions). That's
* correct, but we don't want to include it in the size
* for the next checkpoint.
*/
ckpt_size -= ci->root_size;
/*
* Additionally, we had a bug for awhile where the live
* checkpoint size grew without bound. We can't sanity
* check the value, that would require walking the tree
* as part of the checkpoint. Bound any bug at the size
* of the file.
* It isn't practical to assert that the value is within
* bounds since databases created with older versions
* of WiredTiger (2.8.0) would likely see an error.
*/
ci->ckpt_size =
WT_MIN(ckpt_size, (uint64_t)block->size);
WT_ERR(__ckpt_update(session, block, ckpt, ci, true));
}
/*
* Reset the live system's alloc and discard extent lists, leave the
* avail list alone. This includes freeing a lot of extents, so do it
* outside of the system's lock by copying and resetting the original,
* then doing the work later.
*/
ci->ckpt_alloc = ci->alloc;
WT_ERR(__wt_block_extlist_init(
session, &ci->alloc, "live", "alloc", false));
ci->ckpt_discard = ci->discard;
WT_ERR(__wt_block_extlist_init(
session, &ci->discard, "live", "discard", false));
#ifdef HAVE_DIAGNOSTIC
/*
* The first checkpoint in the system should always have an empty
* discard list. If we've read that checkpoint and/or created it,
* check.
*/
WT_CKPT_FOREACH(ckptbase, ckpt)
if (!F_ISSET(ckpt, WT_CKPT_DELETE))
break;
if ((a = ckpt->bpriv) == NULL)
a = &block->live;
if (a->discard.entries != 0)
WT_ERR_MSG(session, WT_ERROR,
"first checkpoint incorrectly has blocks on the discard "
"list");
#endif
err: if (ret != 0 && fatal)
ret = __wt_block_panic(session, ret,
"%s: fatal checkpoint failure", block->name);
if (locked)
__wt_spin_unlock(session, &block->live_lock);
/* Discard any checkpoint information we loaded. */
WT_CKPT_FOREACH(ckptbase, ckpt)
if ((ci = ckpt->bpriv) != NULL)
__wt_block_ckpt_destroy(session, ci);
__wt_scr_free(session, &tmp);
return (ret);
}
/*
* __ckpt_process --
* Process the list of checkpoints.
*/
static int
__ckpt_process(
WT_SESSION_IMPL *session, WT_BLOCK *block, WT_CKPT *ckptbase)
{
WT_BLOCK_CKPT *a, *b, *ci;
WT_CKPT *ckpt, *next_ckpt;
WT_DECL_ITEM(tmp);
WT_DECL_RET;
uint64_t ckpt_size;
int deleting, locked;
ci = &block->live;
locked = 0;
/*
* We've allocated our last page, update the checkpoint size. We need
* to calculate the live system's checkpoint size before reading and
* merging checkpoint allocation and discard information from the
* checkpoints we're deleting, those operations change the underlying
* byte counts.
*/
ckpt_size = ci->ckpt_size;
ckpt_size += ci->alloc.bytes;
ckpt_size -= ci->discard.bytes;
/*
* Extents newly available as a result of deleting previous checkpoints
* are added to a list of extents. The list should be empty, but there
* is no explicit "free the checkpoint information" call into the block
* manager; if there was an error in an upper level resulting in some
* previous checkpoint never being resolved, the list may not be empty.
*
* XXX
* This isn't sufficient, actually: we're going to leak all the blocks
* written as part of the last checkpoint because it was never resolved.
*/
__wt_block_extlist_free(session, &ci->ckpt_avail);
WT_RET(__wt_block_extlist_init(
session, &ci->ckpt_avail, "live", "ckpt_avail"));
/*
* To delete a checkpoint, we'll need checkpoint information for it and
* the subsequent checkpoint into which it gets rolled; read them from
* disk before we lock things down.
*/
deleting = 0;
WT_CKPT_FOREACH(ckptbase, ckpt) {
if (F_ISSET(ckpt, WT_CKPT_FAKE) ||
!F_ISSET(ckpt, WT_CKPT_DELETE))
continue;
deleting = 1;
/*
* Read the checkpoint and next checkpoint extent lists if we
* haven't already read them (we may have already read these
* extent blocks if there is more than one deleted checkpoint).
*/
if (ckpt->bpriv == NULL)
WT_ERR(__ckpt_extlist_read(session, block, ckpt));
for (next_ckpt = ckpt + 1;; ++next_ckpt)
if (!F_ISSET(next_ckpt, WT_CKPT_FAKE))
break;
/*
* The "next" checkpoint may be the live tree which has no
* extent blocks to read.
*/
if (next_ckpt->bpriv == NULL &&
!F_ISSET(next_ckpt, WT_CKPT_ADD))
WT_ERR(__ckpt_extlist_read(session, block, next_ckpt));
}
/*
* Hold a lock so the live extent lists and the file size can't change
* underneath us. I suspect we'll tighten this if checkpoints take too
* much time away from real work: we read the historic checkpoint
* information without a lock, but we could also merge and re-write the
* delete checkpoint information without a lock, except for ranges
* merged into the live tree.
*/
__wt_spin_lock(session, &block->live_lock);
locked = 1;
/* Skip the additional processing if we aren't deleting checkpoints. */
if (!deleting)
goto live_update;
/*
* Delete any no-longer-needed checkpoints: we do this first as it frees
* blocks to the live lists, and the freed blocks will then be included
* when writing the live extent lists.
*/
WT_CKPT_FOREACH(ckptbase, ckpt) {
if (F_ISSET(ckpt, WT_CKPT_FAKE) ||
!F_ISSET(ckpt, WT_CKPT_DELETE))
continue;
if (WT_VERBOSE_ISSET(session, ckpt)) {
if (tmp == NULL)
WT_ERR(__wt_scr_alloc(session, 0, &tmp));
WT_ERR(__ckpt_string(
session, block, ckpt->raw.data, tmp));
WT_VERBOSE_ERR(session, ckpt,
"%s: delete-checkpoint: %s: %s",
block->name, ckpt->name, (char *)tmp->data);
}
/*
* Find the checkpoint into which we'll roll this checkpoint's
* blocks: it's the next real checkpoint in the list, and it
* better have been read in (if it's not the add slot).
*/
for (next_ckpt = ckpt + 1;; ++next_ckpt)
if (!F_ISSET(next_ckpt, WT_CKPT_FAKE))
break;
/*
* Set the from/to checkpoint structures, where the "to" value
* may be the live tree.
*/
a = ckpt->bpriv;
if (F_ISSET(next_ckpt, WT_CKPT_ADD))
b = &block->live;
else
b = next_ckpt->bpriv;
/*
* Free the root page: there's nothing special about this free,
* the root page is allocated using normal rules, that is, it
* may have been taken from the avail list, and was entered on
* the live system's alloc list at that time. We free it into
* the checkpoint's discard list, however, not the live system's
* list because it appears on the checkpoint's alloc list and so
* must be paired in the checkpoint.
*/
if (a->root_offset != WT_BLOCK_INVALID_OFFSET)
WT_ERR(__wt_block_insert_ext(session,
&a->discard, a->root_offset, a->root_size));
/*
* Free the blocks used to hold the "from" checkpoint's extent
* lists, including the avail list.
*/
WT_ERR(__ckpt_extlist_fblocks(session, block, &a->alloc));
WT_ERR(__ckpt_extlist_fblocks(session, block, &a->avail));
WT_ERR(__ckpt_extlist_fblocks(session, block, &a->discard));
/*
* Roll the "from" alloc and discard extent lists into the "to"
* checkpoint's lists.
*/
if (a->alloc.entries != 0)
WT_ERR(__wt_block_extlist_merge(
session, &a->alloc, &b->alloc));
if (a->discard.entries != 0)
WT_ERR(__wt_block_extlist_merge(
session, &a->discard, &b->discard));
/*
* If the "to" checkpoint is also being deleted, we're done with
* it, it's merged into some other checkpoint in the next loop.
* This means the extent lists may aggregate over a number of
* checkpoints, but that's OK, they're disjoint sets of ranges.
*/
if (F_ISSET(next_ckpt, WT_CKPT_DELETE))
continue;
/*
* Find blocks for re-use: wherever the "to" checkpoint's
* allocate and discard lists overlap, move the range to
* the live system's checkpoint available list.
*/
WT_ERR(__wt_block_extlist_overlap(session, block, b));
/*
* If we're updating the live system's information, we're done.
*/
if (F_ISSET(next_ckpt, WT_CKPT_ADD))
continue;
/*
* We have to write the "to" checkpoint's extent lists out in
* new blocks, and update its cookie.
*
* Free the blocks used to hold the "to" checkpoint's extent
* lists; don't include the avail list, it's not changing.
*/
WT_ERR(__ckpt_extlist_fblocks(session, block, &b->alloc));
WT_ERR(__ckpt_extlist_fblocks(session, block, &b->discard));
F_SET(next_ckpt, WT_CKPT_UPDATE);
}
/* Update checkpoints marked for update. */
WT_CKPT_FOREACH(ckptbase, ckpt)
if (F_ISSET(ckpt, WT_CKPT_UPDATE)) {
WT_ASSERT(session, !F_ISSET(ckpt, WT_CKPT_ADD));
WT_ERR(__ckpt_update(
session, block, ckpt, ckpt->bpriv, 0, 0));
}
live_update:
ci = &block->live;
/* Truncate the file if that's possible. */
WT_ERR(__wt_block_extlist_truncate(session, block, &ci->avail));
/* Update the final, added checkpoint based on the live system. */
WT_CKPT_FOREACH(ckptbase, ckpt)
if (F_ISSET(ckpt, WT_CKPT_ADD)) {
WT_ERR(__ckpt_update(
session, block, ckpt, ci, ckpt_size, 1));
/*
* XXX
* Our caller wants the final checkpoint size. Setting
* the size here violates layering, but the alternative
* is a call for the btree layer to crack the checkpoint
* cookie into its components, and that's a fair amount
* of work.
*/
ckpt->ckpt_size = ci->ckpt_size;
}
/*
* Reset the live system's alloc and discard extent lists, leave the
* avail list alone.
*/
__wt_block_extlist_free(session, &ci->alloc);
WT_ERR(__wt_block_extlist_init(session, &ci->alloc, "live", "alloc"));
__wt_block_extlist_free(session, &ci->discard);
WT_ERR(
__wt_block_extlist_init(session, &ci->discard, "live", "discard"));
#ifdef HAVE_DIAGNOSTIC
/*
* The first checkpoint in the system should always have an empty
* discard list. If we've read that checkpoint and/or created it,
* check.
*/
WT_CKPT_FOREACH(ckptbase, ckpt)
if (!F_ISSET(ckpt, WT_CKPT_DELETE))
break;
if ((a = ckpt->bpriv) == NULL)
a = &block->live;
if (a->discard.entries != 0) {
__wt_errx(session,
"first checkpoint incorrectly has blocks on the discard "
"list");
WT_ERR(WT_ERROR);
}
#endif
err: if (locked)
__wt_spin_unlock(session, &block->live_lock);
/* Discard any checkpoint information we loaded. */
WT_CKPT_FOREACH(ckptbase, ckpt)
if ((ci = ckpt->bpriv) != NULL)
__wt_block_ckpt_destroy(session, ci);
__wt_scr_free(&tmp);
return (ret);
}
/*
* __snapshot_process --
* Process the list of snapshots.
*/
static int
__snapshot_process(
WT_SESSION_IMPL *session, WT_BLOCK *block, WT_SNAPSHOT *snapbase)
{
WT_BLOCK_SNAPSHOT *a, *b, *si;
WT_DECL_ITEM(tmp);
WT_DECL_RET;
WT_SNAPSHOT *snap;
uint64_t snapshot_size;
int deleting, locked;
si = &block->live;
locked = 0;
/*
* We've allocated our last page, update the snapshot size. We need to
* calculate the live system's snapshot size before reading and merging
* snapshot allocation and discard information from the snapshots we're
* deleting, those operations will change the underlying byte counts.
*/
snapshot_size = si->snapshot_size;
snapshot_size += si->alloc.bytes;
snapshot_size -= si->discard.bytes;
/*
* Extents that become newly available as a result of deleting previous
* snapshots are added to a list of extents. The list should be empty,
* but there's no explicit "free the snapshot information" call into the
* block manager; if there was an error in an upper level resulting in
* the snapshot never being "resolved", the list might not be empty.
*
* XXX
* This isn't sufficient, actually: we're going to leak all the blocks
* that were written as part of the last snapshot because it was never
* resolved.
*/
__wt_block_extlist_free(session, &si->snapshot_avail);
WT_RET(__wt_block_extlist_init(
session, &si->snapshot_avail, "live", "snapshot_avail"));
/*
* To delete a snapshot, we'll need snapshot information for it, and we
* have to read that from the disk.
*/
deleting = 0;
WT_SNAPSHOT_FOREACH(snapbase, snap) {
/*
* To delete a snapshot, we'll need snapshot information for it
* and the subsequent snapshot. The test is tricky, we have to
* load the current snapshot's information if it's marked for
* deletion, or if it follows a snapshot marked for deletion,
* where the boundary cases are the first snapshot in the list
* and the last snapshot in the list: if we're deleting the last
* snapshot in the list, there's no next snapshot, the snapshot
* will be merged into the live tree.
*/
if (!F_ISSET(snap, WT_SNAP_DELETE) &&
(snap == snapbase ||
F_ISSET(snap, WT_SNAP_ADD) ||
!F_ISSET(snap - 1, WT_SNAP_DELETE)))
continue;
deleting = 1;
/*
* Allocate a snapshot structure, crack the cookie and read the
* snapshot's extent lists.
*
* Ignore the avail list: snapshot avail lists are only useful
* if we are rolling forward from the particular snapshot and
* they represent our best understanding of what blocks can be
* allocated. If we are not operating on the live snapshot,
* subsequent snapshots might have allocated those blocks, and
* the avail list is useless. We don't discard it, because it
* is useful as part of verification, but we don't re-write it
* either.
*/
WT_ERR(__wt_calloc(
session, 1, sizeof(WT_BLOCK_SNAPSHOT), &snap->bpriv));
si = snap->bpriv;
WT_ERR(__wt_block_snap_init(session, block, si, snap->name, 0));
WT_ERR(__wt_block_buffer_to_snapshot(
session, block, snap->raw.data, si));
WT_ERR(__wt_block_extlist_read(session, block, &si->alloc));
WT_ERR(__wt_block_extlist_read(session, block, &si->discard));
}
/*
* Hold a lock so the live extent lists and the file size can't change
* underneath us. I suspect we'll tighten this if snapshots take too
* much time away from real work: we read historic snapshot information
* without a lock, but we could also merge and re-write the delete
* snapshot information without a lock, except for ranges merged into
* the live tree.
*/
__wt_spin_lock(session, &block->live_lock);
locked = 1;
/* Skip the additional processing if we aren't deleting snapshots. */
if (!deleting)
goto live_update;
/*
* Delete any no-longer-needed snapshots: we do this first as it frees
* blocks to the live lists, and the freed blocks will then be included
* when writing the live extent lists.
*/
WT_SNAPSHOT_FOREACH(snapbase, snap) {
if (!F_ISSET(snap, WT_SNAP_DELETE))
continue;
if (WT_VERBOSE_ISSET(session, snapshot)) {
if (tmp == NULL)
WT_ERR(__wt_scr_alloc(session, 0, &tmp));
WT_ERR(__snapshot_string(
session, block, snap->raw.data, tmp));
WT_VERBOSE_ERR(session, snapshot,
"%s: delete-snapshot: %s: %s",
block->name, snap->name, (char *)tmp->data);
}
/*
* Set the from/to snapshot structures, where the "to" value
* may be the live tree.
*/
a = snap->bpriv;
if (F_ISSET(snap + 1, WT_SNAP_ADD))
b = &block->live;
else
b = (snap + 1)->bpriv;
/*
* Free the root page: there's nothing special about this free,
* the root page is allocated using normal rules, that is, it
* may have been taken from the avail list, and was entered on
* the live system's alloc list at that time. We free it into
* the snapshot's discard list, however, not the live system's
* list because it appears on the snapshot's alloc list and so
* must be paired in the snapshot.
*/
if (a->root_offset != WT_BLOCK_INVALID_OFFSET)
WT_ERR(__wt_block_insert_ext(session,
&a->discard, a->root_offset, a->root_size));
/*
* Free the blocks used to hold the "from" snapshot's extent
* lists directly to the live system's avail list, they were
* never on any alloc list. Include the "from" snapshot's
* avail list, it's going away.
*/
WT_ERR(__snapshot_extlist_fblocks(session, block, &a->alloc));
WT_ERR(__snapshot_extlist_fblocks(session, block, &a->avail));
WT_ERR(__snapshot_extlist_fblocks(session, block, &a->discard));
/*
* Roll the "from" alloc and discard extent lists into the "to"
* snapshot's lists.
*/
if (a->alloc.entries != 0)
WT_ERR(__wt_block_extlist_merge(
session, &a->alloc, &b->alloc));
if (a->discard.entries != 0)
WT_ERR(__wt_block_extlist_merge(
session, &a->discard, &b->discard));
/*
* If the "to" snapshot is also being deleted, we're done with
* it, it's merged into some other snapshot in the next loop.
* This means the extent lists may aggregate over a number of
* snapshots, but that's OK, they're disjoint sets of ranges.
*/
if (F_ISSET(snap + 1, WT_SNAP_DELETE))
continue;
/*
* Find blocks for re-use: wherever the "to" snapshot's allocate
* and discard lists overlap is fair game, move ranges appearing
* on both lists to the live snapshot's newly available list.
*/
WT_ERR(__wt_block_extlist_overlap(session, block, b));
/*
* If we're updating the live system's information, we're done.
*/
if (F_ISSET(snap + 1, WT_SNAP_ADD))
continue;
/*
* We have to write the "to" snapshot's extent lists out in new
* blocks, and update its cookie.
*
* Free the blocks used to hold the "to" snapshot's extent lists
* directly to the live system's avail list, they were never on
* any alloc list. Do not include the "to" snapshot's avail
* list, it's not changing.
*/
WT_ERR(__snapshot_extlist_fblocks(session, block, &b->alloc));
WT_ERR(__snapshot_extlist_fblocks(session, block, &b->discard));
F_SET(snap + 1, WT_SNAP_UPDATE);
}
/* Update snapshots marked for update. */
WT_SNAPSHOT_FOREACH(snapbase, snap)
if (F_ISSET(snap, WT_SNAP_UPDATE)) {
WT_ASSERT(session, !F_ISSET(snap, WT_SNAP_ADD));
WT_ERR(__snapshot_update(
session, block, snap, snap->bpriv, 0, 0));
}
live_update:
si = &block->live;
/* Truncate the file if that's possible. */
WT_ERR(__wt_block_extlist_truncate(session, block, &si->avail));
/* Update the final, added snapshot based on the live system. */
WT_SNAPSHOT_FOREACH(snapbase, snap)
if (F_ISSET(snap, WT_SNAP_ADD)) {
WT_ERR(__snapshot_update(
session, block, snap, si, snapshot_size, 1));
/*
* XXX
* Our caller wants two pieces of information: the time
* the snapshot was taken and the final snapshot size.
* This violates layering but the alternative is a call
* for the btree layer to crack the snapshot cookie into
* its components, and that's a fair amount of work.
* (We could just read the system time in the session
* layer when updating the metadata file, but that won't
* work for the snapshot size, and so we do both here.)
*/
snap->snapshot_size = si->snapshot_size;
WT_ERR(__wt_epoch(session, &snap->sec, NULL));
}
/*
* Reset the live system's alloc and discard extent lists, leave the
* avail list alone.
*/
__wt_block_extlist_free(session, &si->alloc);
WT_ERR(__wt_block_extlist_init(session, &si->alloc, "live", "alloc"));
__wt_block_extlist_free(session, &si->discard);
WT_ERR(
__wt_block_extlist_init(session, &si->discard, "live", "discard"));
#ifdef HAVE_DIAGNOSTIC
/*
* The first snapshot in the system should always have an empty discard
* list. If we've read that snapshot and/or created it, check.
*/
WT_SNAPSHOT_FOREACH(snapbase, snap)
if (!F_ISSET(snap, WT_SNAP_DELETE))
break;
if ((a = snap->bpriv) == NULL)
a = &block->live;
if (a->discard.entries != 0) {
__wt_errx(session,
"snapshot incorrectly has blocks on the discard list");
WT_ERR(WT_ERROR);
}
#endif
err: if (locked)
__wt_spin_unlock(session, &block->live_lock);
/* Discard any snapshot information we loaded, we no longer need it. */
WT_SNAPSHOT_FOREACH(snapbase, snap)
if ((si = snap->bpriv) != NULL) {
__wt_block_extlist_free(session, &si->alloc);
__wt_block_extlist_free(session, &si->avail);
__wt_block_extlist_free(session, &si->discard);
}
__wt_scr_free(&tmp);
return (ret);
}