From 3da2b0eca357196e344f88ef61b0f95cb6f88ac5 Mon Sep 17 00:00:00 2001 From: Steven Allen Date: Mon, 26 Oct 2015 17:30:39 +2000 Subject: [PATCH] [PATCH] forbid atomic transactions on writable, upgradable databases --- a1/69847ddd3df62b3acda20e1275430e331569b0 | 102 ++++++++++++++++++++++ 1 file changed, 102 insertions(+) create mode 100644 a1/69847ddd3df62b3acda20e1275430e331569b0 diff --git a/a1/69847ddd3df62b3acda20e1275430e331569b0 b/a1/69847ddd3df62b3acda20e1275430e331569b0 new file mode 100644 index 000000000..5b9944f6b --- /dev/null +++ b/a1/69847ddd3df62b3acda20e1275430e331569b0 @@ -0,0 +1,102 @@ +Return-Path: +X-Original-To: notmuch@notmuchmail.org +Delivered-To: notmuch@notmuchmail.org +Received: from localhost (localhost [127.0.0.1]) + by arlo.cworth.org (Postfix) with ESMTP id 7A7AA6DE1617 + for ; Sun, 25 Oct 2015 14:31:02 -0700 (PDT) +X-Virus-Scanned: Debian amavisd-new at cworth.org +X-Spam-Flag: NO +X-Spam-Score: -0.647 +X-Spam-Level: +X-Spam-Status: No, score=-0.647 tagged_above=-999 required=5 tests=[AWL=0.053, + DKIM_SIGNED=0.1, DKIM_VALID=-0.1, FREEMAIL_FROM=0.001, + RCVD_IN_DNSWL_LOW=-0.7, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, + SPF_PASS=-0.001, T_FREEMAIL_FORGED_FROMDOMAIN=0.01, + T_HEADER_FROM_DIFFERENT_DOMAINS=0.01] autolearn=disabled +Received: from arlo.cworth.org ([127.0.0.1]) + by localhost (arlo.cworth.org [127.0.0.1]) (amavisd-new, port 10024) + with ESMTP id P4N5WUghiR8j for ; + Sun, 25 Oct 2015 14:31:00 -0700 (PDT) +Received: from mail-yk0-f180.google.com (mail-yk0-f180.google.com + [209.85.160.180]) + by arlo.cworth.org (Postfix) with ESMTPS id EF4086DE15DC + for ; Sun, 25 Oct 2015 14:30:59 -0700 (PDT) +Received: by ykaz22 with SMTP id z22so167484966yka.2 + for ; Sun, 25 Oct 2015 14:30:59 -0700 (PDT) +DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; + h=sender:from:to:cc:subject:date:message-id; + bh=hwExSPfcPbcVtLo1/8+dcasX2JZ6MebErO0Ck/IymMo=; + b=y2jqdOyZgIZ2vBEpY5Juotsf3b6h9gNlDGCSodiwY7KHgf8Seeo+nJy8+JXEFeLawu + l5Oen3TnNtjL52HNIqHCgCEb273MveK0TAuMJFfcvWTaTGcLh/kslII70jD9PzAUJDJU + 10fFy4TWSJY3KEXCPAor1+NvFbcDMUlC+pzAgJC7vSokhccIcyUoGP/ZHZcFPnLFSCew + RZ6/2Pu4p9a7EH12SLU8KXapJiU3zkvHQyU589e4yM9foGEFxnPolIlLMt30sXmv/3n9 + dT3SgA02O5Pfx2FCTlS5pn0j6gI0RfcSdHg9UZzzurGMToxze+pbgd/Ty1bdTvQhLQWx + bugA== +X-Received: by 10.13.222.132 with SMTP id h126mr23309557ywe.128.1445808659093; + Sun, 25 Oct 2015 14:30:59 -0700 (PDT) +Received: from localhost (pool-71-174-176-247.bstnma.east.verizon.net. + [71.174.176.247]) + by smtp.gmail.com with ESMTPSA id s189sm15144720ywe.35.2015.10.25.14.30.58 + (version=TLSv1.2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); + Sun, 25 Oct 2015 14:30:58 -0700 (PDT) +Sender: Steven +From: Steven Allen +To: notmuch@notmuchmail.org +Cc: Steven Allen +Subject: [PATCH] forbid atomic transactions on writable, upgradable databases +Date: Sun, 25 Oct 2015 17:30:39 -0400 +Message-Id: <1445808639-5378-1-git-send-email-steven@stebalien.com> +X-Mailer: git-send-email 2.6.2 +X-Mailman-Approved-At: Sun, 25 Oct 2015 14:34:16 -0700 +X-BeenThere: notmuch@notmuchmail.org +X-Mailman-Version: 2.1.20 +Precedence: list +List-Id: "Use and development of the notmuch mail system." + +List-Unsubscribe: , + +List-Archive: +List-Post: +List-Help: +List-Subscribe: , + +X-List-Received-Date: Sun, 25 Oct 2015 21:31:02 -0000 + +We can't (but currently do) allow upgrades within transactions because +upgrades need their own transactions. We don't want to re-use the +current transaction because bailing out of an upgrade would mean loosing +all previous changes (because our "atomic" transactions don't commit +before hand). This gives us two options: + +1. Fail at the beginning of upgrade (tell the user to end the + transaction, upgrade, and start over). +2. Don't allow the user to start the transaction. + +I went with the latter because: + +1. There is no reason to call `begin_atomic` unless you intend to to + write to the database and anyone intending to write to the database + should upgrade it first. +2. This means that nothing inside an atomic transaction can ever fail + with NOTMUCH_STATUS_UPGRADE_REQUIRED. +--- + lib/database.cc | 3 +++ + 1 file changed, 3 insertions(+) + +diff --git a/lib/database.cc b/lib/database.cc +index 5e86955..3b342f1 100644 +--- a/lib/database.cc ++++ b/lib/database.cc +@@ -1635,6 +1635,9 @@ notmuch_database_begin_atomic (notmuch_database_t *notmuch) + notmuch->atomic_nesting > 0) + goto DONE; + ++ if (notmuch_database_needs_upgrade(notmuch)) ++ return NOTMUCH_STATUS_UPGRADE_REQUIRED; ++ + try { + (static_cast (notmuch->xapian_db))->begin_transaction (false); + } catch (const Xapian::Error &error) { +-- +2.6.2 + -- 2.26.2