78
78
and deadlocks will likely occur if the locks are aliased.
80
80
In the future we may add a "freshen" method which can be called
81
by a lock holder to check that their lock has not been broken, and to
81
by a lock holder to check that their lock has not been broken, and to
82
82
update the timestamp within it.
86
>>> from breezy.transport.memory import MemoryTransport
86
>>> from bzrlib.transport.memory import MemoryTransport
87
87
>>> # typically will be obtained from a BzrDir, Branch, etc
88
88
>>> t = MemoryTransport()
89
89
>>> l = LockDir(t, 'sample-lock')
91
>>> token = l.wait_lock()
92
92
>>> # do something here
95
Some classes of stale locks can be predicted by checking: the host name is the
96
same as the local host name; the user name is the same as the local user; the
97
process id no longer exists. The check on user name is not strictly necessary
98
but helps protect against colliding host names.
102
# TODO: We sometimes have the problem that our attempt to rename '1234' to
103
# 'held' fails because the transport server moves into an existing directory,
104
# rather than failing the rename. If we made the info file name the same as
105
# the locked directory name we would avoid this problem because moving into
106
# the held directory would implicitly clash. However this would not mesh with
107
# the existing locking code and needs a new format of the containing object.
108
# -- robertc, mbp 20070628
99
from cStringIO import StringIO
123
from .decorators import only_raises
124
from .errors import (
138
from .i18n import gettext
139
from .osutils import format_delta, rand_chars, get_host_name
140
from .trace import mutter, note
105
from bzrlib.errors import (
117
from bzrlib.trace import mutter, note
118
from bzrlib.transport import Transport
119
from bzrlib.osutils import rand_chars, format_delta
120
from bzrlib.rio import read_stanza, Stanza
143
124
# XXX: At the moment there is no consideration of thread safety on LockDir
203
179
def create(self, mode=None):
204
180
"""Create the on-disk lock.
206
This is typically only called when the object/directory containing the
182
This is typically only called when the object/directory containing the
207
183
directory is first created. The lock is not held when it's created.
209
self._trace("create lock directory")
211
self.transport.mkdir(self.path, mode=mode)
212
except (TransportError, PathError) as e:
213
raise LockFailed(self, e)
215
def _attempt_lock(self):
216
"""Make the pending directory and attempt to rename into place.
218
If the rename succeeds, we read back the info file to check that we
221
If we fail to acquire the lock, this method is responsible for
222
cleaning up the pending directory if possible. (But it doesn't do
225
:returns: The nonce of the lock, if it was successfully acquired.
227
:raises LockContention: If the lock is held by someone else. The
228
exception contains the info of the current holder of the lock.
185
if self.transport.is_readonly():
186
raise UnlockableTransport(self.transport)
187
self.transport.mkdir(self.path, mode=mode)
189
def attempt_lock(self):
190
"""Take the lock; fail if it's already held.
192
If you wish to block until the lock can be obtained, call wait_lock()
230
self._trace("lock_write...")
231
start_time = time.time()
195
if self._fake_read_lock:
196
raise LockContention(self)
197
if self.transport.is_readonly():
198
raise UnlockableTransport(self.transport)
233
tmpname = self._create_pending_dir()
234
except (errors.TransportError, PathError) as e:
235
self._trace("... failed to create pending dir, %s", e)
236
raise LockFailed(self, e)
200
tmpname = '%s/pending.%s.tmp' % (self.path, rand_chars(20))
239
self.transport.rename(tmpname, self._held_dir)
241
except (errors.TransportError, PathError, DirectoryNotEmpty,
242
FileExists, ResourceBusy) as e:
243
self._trace("... contention, %s", e)
244
other_holder = self.peek()
245
self._trace("other holder is %r" % other_holder)
247
self._handle_lock_contention(other_holder)
248
except BaseException:
249
self._remove_pending_dir(tmpname)
251
except Exception as e:
252
self._trace("... lock failed, %s", e)
253
self._remove_pending_dir(tmpname)
255
# We must check we really got the lock, because Launchpad's sftp
256
# server at one time had a bug were the rename would successfully
257
# move the new directory into the existing directory, which was
258
# incorrect. It's possible some other servers or filesystems will
259
# have a similar bug allowing someone to think they got the lock
260
# when it's already held.
262
# See <https://bugs.launchpad.net/bzr/+bug/498378> for one case.
264
# Strictly the check is unnecessary and a waste of time for most
265
# people, but probably worth trapping if something is wrong.
267
self._trace("after locking, info=%r", info)
269
raise LockFailed(self, "lock was renamed into place, but "
271
if info.get('nonce') != self.nonce:
272
self._trace("rename succeeded, "
273
"but lock is still held by someone else")
202
self.transport.mkdir(tmpname)
204
# This may raise a FileExists exception
205
# which is okay, it will be caught later and determined
206
# to be a LockContention.
207
self.create(mode=self._dir_modebits)
209
# After creating the lock directory, try again
210
self.transport.mkdir(tmpname)
212
self.nonce = rand_chars(20)
213
info_bytes = self._prepare_info()
214
# We use put_file_non_atomic because we just created a new unique
215
# directory so we don't have to worry about files existing there.
216
# We'll rename the whole directory into place to get atomic
218
self.transport.put_bytes_non_atomic(tmpname + self.__INFO_NAME,
221
self.transport.rename(tmpname, self._held_dir)
222
self._lock_held = True
224
except errors.PermissionDenied:
226
except (PathError, DirectoryNotEmpty, FileExists, ResourceBusy), e:
227
mutter("contention on %r: %s", self, e)
274
228
raise LockContention(self)
275
self._lock_held = True
276
self._trace("... lock succeeded after %dms",
277
(time.time() - start_time) * 1000)
280
def _handle_lock_contention(self, other_holder):
281
"""A lock we want to take is held by someone else.
283
This function can: tell the user about it; possibly detect that it's
284
safe or appropriate to steal the lock, or just raise an exception.
286
If this function returns (without raising an exception) the lock will
289
:param other_holder: A LockHeldInfo for the current holder; note that
290
it might be None if the lock can be seen to be held but the info
293
if (other_holder is not None):
294
if other_holder.is_lock_holder_known_dead():
295
if self.get_config().get('locks.steal_dead'):
296
ui.ui_factory.show_user_warning(
298
lock_url=urlutils.join(self.transport.base, self.path),
299
other_holder_info=str(other_holder))
300
self.force_break(other_holder)
301
self._trace("stole lock from dead holder")
303
raise LockContention(self)
305
def _remove_pending_dir(self, tmpname):
306
"""Remove the pending directory
308
This is called if we failed to rename into place, so that the pending
309
dirs don't clutter up the lockdir.
311
self._trace("remove %s", tmpname)
313
self.transport.delete(tmpname + self.__INFO_NAME)
314
self.transport.rmdir(tmpname)
315
except PathError as e:
316
note(gettext("error removing pending lock: %s"), e)
318
def _create_pending_dir(self):
319
tmpname = '%s/%s.tmp' % (self.path, rand_chars(10))
321
self.transport.mkdir(tmpname)
323
# This may raise a FileExists exception
324
# which is okay, it will be caught later and determined
325
# to be a LockContention.
326
self._trace("lock directory does not exist, creating it")
327
self.create(mode=self._dir_modebits)
328
# After creating the lock directory, try again
329
self.transport.mkdir(tmpname)
330
info = LockHeldInfo.for_this_process(self.extra_holder_info)
331
self.nonce = info.get('nonce')
332
# We use put_file_non_atomic because we just created a new unique
333
# directory so we don't have to worry about files existing there.
334
# We'll rename the whole directory into place to get atomic
336
self.transport.put_bytes_non_atomic(tmpname + self.__INFO_NAME,
340
@only_raises(LockNotHeld, LockBroken)
341
230
def unlock(self):
342
231
"""Release a held lock
345
234
self._fake_read_lock = False
347
236
if not self._lock_held:
348
return lock.cant_unlock_not_held(self)
237
raise LockNotHeld(self)
349
238
if self._locked_via_token:
350
239
self._locked_via_token = False
351
240
self._lock_held = False
353
old_nonce = self.nonce
354
242
# rename before deleting, because we can't atomically remove the
356
start_time = time.time()
357
self._trace("unlocking")
358
244
tmpname = '%s/releasing.%s.tmp' % (self.path, rand_chars(20))
359
245
# gotta own it to unlock
361
247
self.transport.rename(self._held_dir, tmpname)
362
248
self._lock_held = False
363
249
self.transport.delete(tmpname + self.__INFO_NAME)
365
self.transport.rmdir(tmpname)
366
except DirectoryNotEmpty:
367
# There might have been junk left over by a rename that moved
368
# another locker within the 'held' directory. do a slower
369
# deletion where we list the directory and remove everything
371
self._trace("doing recursive deletion of non-empty directory "
373
self.transport.delete_tree(tmpname)
374
self._trace("... unlock succeeded after %dms",
375
(time.time() - start_time) * 1000)
376
result = lock.LockResult(self.transport.abspath(self.path),
378
for hook in self.hooks['lock_released']:
250
self.transport.rmdir(tmpname)
381
252
def break_lock(self):
382
253
"""Break a lock not held by this instance of LockDir.
384
This is a UI centric function: it uses the ui.ui_factory to
255
This is a UI centric function: it uses the bzrlib.ui.ui_factory to
385
256
prompt for input if a lock is detected and there is any doubt about
386
it possibly being still active. force_break is the non-interactive
389
:returns: LockResult for the broken lock.
257
it possibly being still active.
391
259
self._check_not_locked()
393
holder_info = self.peek()
394
except LockCorrupt as e:
395
# The lock info is corrupt.
396
if ui.ui_factory.get_boolean(u"Break (corrupt %r)" % (self,)):
397
self.force_break_corrupt(e.file_data)
260
holder_info = self.peek()
399
261
if holder_info is not None:
400
if ui.ui_factory.confirm_action(
401
u"Break %(lock_info)s",
402
'breezy.lockdir.break',
403
dict(lock_info=str(holder_info))):
404
result = self.force_break(holder_info)
405
ui.ui_factory.show_message(
406
"Broke lock %s" % result.lock_url)
262
lock_info = '\n'.join(self._format_lock_info(holder_info))
263
if bzrlib.ui.ui_factory.get_boolean("Break %s" % lock_info):
264
self.force_break(holder_info)
408
266
def force_break(self, dead_holder_info):
409
267
"""Release a lock held by another process.
444
299
raise LockBreakMismatch(self, broken_info, dead_holder_info)
445
300
self.transport.delete(broken_info_path)
446
301
self.transport.rmdir(tmpname)
447
result = lock.LockResult(self.transport.abspath(self.path),
448
current_info.get('nonce'))
449
for hook in self.hooks['lock_broken']:
453
def force_break_corrupt(self, corrupt_info_lines):
454
"""Release a lock that has been corrupted.
456
This is very similar to force_break, it except it doesn't assume that
457
self.peek() can work.
459
:param corrupt_info_lines: the lines of the corrupted info file, used
460
to check that the lock hasn't changed between reading the (corrupt)
461
info file and calling force_break_corrupt.
463
# XXX: this copes with unparseable info files, but what about missing
464
# info files? Or missing lock dirs?
465
self._check_not_locked()
466
tmpname = '%s/broken.%s.tmp' % (self.path, rand_chars(20))
467
self.transport.rename(self._held_dir, tmpname)
468
# check that we actually broke the right lock, not someone else;
469
# there's a small race window between checking it and doing the
471
broken_info_path = tmpname + self.__INFO_NAME
472
broken_content = self.transport.get_bytes(broken_info_path)
473
broken_lines = osutils.split_lines(broken_content)
474
if broken_lines != corrupt_info_lines:
475
raise LockBreakMismatch(self, broken_lines, corrupt_info_lines)
476
self.transport.delete(broken_info_path)
477
self.transport.rmdir(tmpname)
478
result = lock.LockResult(self.transport.abspath(self.path))
479
for hook in self.hooks['lock_broken']:
482
303
def _check_not_locked(self):
483
304
"""If the lock is held by this instance, raise an error."""
503
324
if info.get('nonce') != self.nonce:
504
325
# there is a lock, but not ours
505
326
raise LockBroken(self)
507
328
def _read_info_file(self, path):
508
329
"""Read one given info file.
510
331
peek() reads the info file of the lock holder, if any.
512
return LockHeldInfo.from_info_file_bytes(
513
self.transport.get_bytes(path))
333
return self._parse_info(self.transport.get(path))
516
336
"""Check if the lock is held by anyone.
518
If it is held, this returns the lock info structure as a dict
338
If it is held, this returns the lock info structure as a rio Stanza,
519
339
which contains some information about the current lock holder.
520
340
Otherwise returns None.
523
343
info = self._read_info_file(self._held_info_path)
524
self._trace("peek -> held")
344
assert isinstance(info, dict), \
345
"bad parse result %r" % info
527
self._trace("peek -> not held")
347
except NoSuchFile, e:
529
350
def _prepare_info(self):
530
351
"""Write information about a pending lock to a temporary file.
533
def attempt_lock(self):
534
"""Take the lock; fail if it's already held.
536
If you wish to block until the lock can be obtained, call wait_lock()
539
:return: The lock token.
540
:raises LockContention: if the lock is held by someone else.
542
if self._fake_read_lock:
543
raise LockContention(self)
544
result = self._attempt_lock()
545
hook_result = lock.LockResult(self.transport.abspath(self.path),
547
for hook in self.hooks['lock_acquired']:
551
def lock_url_for_display(self):
552
"""Give a nicely-printable representation of the URL of this lock."""
553
# As local lock urls are correct we display them.
554
# We avoid displaying remote lock urls.
555
lock_url = self.transport.abspath(self.path)
556
if lock_url.startswith('file://'):
557
lock_url = lock_url.split('.bzr/')[0]
562
def wait_lock(self, timeout=None, poll=None, max_attempts=None):
354
# XXX: is creating this here inefficient?
355
config = bzrlib.config.GlobalConfig()
357
user = config.user_email()
358
except errors.NoEmailInUsername:
359
user = config.username()
360
s = Stanza(hostname=socket.gethostname(),
361
pid=str(os.getpid()),
362
start_time=str(int(time.time())),
368
def _parse_info(self, info_file):
369
return read_stanza(info_file.readlines()).as_dict()
371
def wait_lock(self, timeout=None, poll=None):
563
372
"""Wait a certain period for a lock.
565
374
If the lock can be acquired within the bounded time, it
567
376
is raised. Either way, this function should return within
568
377
approximately `timeout` seconds. (It may be a bit more if
569
378
a transport operation takes a long time to complete.)
571
:param timeout: Approximate maximum amount of time to wait for the
574
:param poll: Delay in seconds between retrying the lock.
576
:param max_attempts: Maximum number of times to try to lock.
578
:return: The lock token.
580
380
if timeout is None:
581
381
timeout = _DEFAULT_TIMEOUT_SECONDS
583
383
poll = _DEFAULT_POLL_SECONDS
584
# XXX: the transport interface doesn't let us guard against operations
585
# there taking a long time, so the total elapsed time or poll interval
586
# may be more than was requested.
385
# XXX: the transport interface doesn't let us guard
386
# against operations there taking a long time.
587
387
deadline = time.time() + timeout
588
388
deadline_str = None
591
lock_url = self.lock_url_for_display()
595
return self.attempt_lock()
596
394
except LockContention:
597
# possibly report the blockage, then try again
599
# TODO: In a few cases, we find out that there's contention by
600
# reading the held info and observing that it's not ours. In
601
# those cases it's a bit redundant to read it again. However,
602
# the normal case (??) is that the rename fails and so we
603
# don't know who holds the lock. For simplicity we peek
605
396
new_info = self.peek()
397
mutter('last_info: %s, new info: %s', last_info, new_info)
606
398
if new_info is not None and new_info != last_info:
607
399
if last_info is None:
608
start = gettext('Unable to obtain')
400
start = 'Unable to obtain'
610
start = gettext('Lock owner changed for')
402
start = 'Lock owner changed for'
611
403
last_info = new_info
612
msg = gettext('{0} lock {1} {2}.').format(start, lock_url,
404
formatted_info = self._format_lock_info(new_info)
614
405
if deadline_str is None:
615
406
deadline_str = time.strftime('%H:%M:%S',
616
407
time.localtime(deadline))
618
msg += '\n' + gettext(
619
'Will continue to try until %s, unless '
620
'you press Ctrl-C.') % deadline_str
621
msg += '\n' + gettext('See "brz help break-lock" for more.')
622
self._report_function(msg)
623
if (max_attempts is not None) and (attempt_count >= max_attempts):
624
self._trace("exceeded %d attempts")
625
raise LockContention(self)
408
self._report_function('%s %s\n'
410
'%s\n' # locked ... ago
411
'Will continue to try until %s\n',
626
418
if time.time() + poll < deadline:
627
self._trace("waiting %ss", poll)
630
# As timeout is always 0 for remote locks
631
# this block is applicable only for local
633
self._trace("timeout after waiting %ss", timeout)
634
raise LockContention('(local)', lock_url)
421
raise LockContention(self)
636
423
def leave_in_place(self):
637
424
self._locked_via_token = True
663
450
self._locked_via_token = True
666
return self.wait_lock()
454
return self.peek().get('nonce')
668
456
def lock_read(self):
669
457
"""Compatibility-mode shared lock.
671
LockDir doesn't support shared read-only locks, so this
459
LockDir doesn't support shared read-only locks, so this
672
460
just pretends that the lock is taken but really does nothing.
674
# At the moment Branches are commonly locked for read, but
462
# At the moment Branches are commonly locked for read, but
675
463
# we can't rely on that remotely. Once this is cleaned up,
676
# reenable this warning to prevent it coming back in
464
# reenable this warning to prevent it coming back in
677
465
# -- mbp 20060303
678
# warn("LockDir.lock_read falls back to write lock")
466
## warn("LockDir.lock_read falls back to write lock")
679
467
if self._lock_held or self._fake_read_lock:
680
468
raise LockContention(self)
681
469
self._fake_read_lock = True
471
def wait(self, timeout=20, poll=0.5):
472
"""Wait a certain period for a lock to be released."""
473
# XXX: the transport interface doesn't let us guard
474
# against operations there taking a long time.
475
deadline = time.time() + timeout
479
if time.time() + poll < deadline:
482
raise LockContention(self)
484
def _format_lock_info(self, info):
485
"""Turn the contents of peek() into something for the user"""
486
lock_url = self.transport.abspath(self.path)
487
delta = time.time() - int(info['start_time'])
489
'lock %s' % (lock_url,),
490
'held by %(user)s on host %(hostname)s [process #%(pid)s]' % info,
491
'locked %s' % (format_delta(delta),),
683
494
def validate_token(self, token):
684
495
if token is not None:
685
496
info = self.peek()
690
501
lock_token = info.get('nonce')
691
502
if token != lock_token:
692
503
raise errors.TokenMismatch(token, lock_token)
694
self._trace("revalidated by token %r", token)
696
def _trace(self, format, *args):
697
if 'lock' not in debug.debug_flags:
699
mutter(str(self) + ": " + (format % args))
701
def get_config(self):
702
"""Get the configuration that governs this lockdir."""
703
# XXX: This really should also use the locationconfig at least, but
704
# that seems a bit hard to hook up at the moment. -- mbp 20110329
705
# FIXME: The above is still true ;) -- vila 20110811
706
return config.GlobalStack()
709
class LockHeldInfo(object):
710
"""The information recorded about a held lock.
712
This information is recorded into the lock when it's taken, and it can be
713
read back by any process with access to the lockdir. It can be used, for
714
example, to tell the user who holds the lock, or to try to detect whether
715
the lock holder is still alive.
717
Prior to bzr 2.4 a simple dict was used instead of an object.
720
def __init__(self, info_dict):
721
self.info_dict = info_dict
724
"""Return a debugging representation of this object."""
725
return "%s(%r)" % (self.__class__.__name__, self.info_dict)
728
"""Return a user-oriented description of this object."""
729
d = self.to_readable_dict()
731
u'held by %(user)s on %(hostname)s (process #%(pid)s), '
732
u'acquired %(time_ago)s') % d)
734
def to_readable_dict(self):
735
"""Turn the holder info into a dict of human-readable attributes.
737
For example, the start time is presented relative to the current time,
738
rather than as seconds since the epoch.
740
Returns a list of [user, hostname, pid, time_ago] all as readable
743
start_time = self.info_dict.get('start_time')
744
if start_time is None:
745
time_ago = '(unknown)'
747
time_ago = format_delta(
748
time.time() - int(self.info_dict['start_time']))
749
user = self.info_dict.get('user', '<unknown>')
750
hostname = self.info_dict.get('hostname', '<unknown>')
751
pid = self.info_dict.get('pid', '<unknown>')
758
def get(self, field_name):
759
"""Return the contents of a field from the lock info, or None."""
760
return self.info_dict.get(field_name)
763
def for_this_process(cls, extra_holder_info):
764
"""Return a new LockHeldInfo for a lock taken by this process.
767
hostname=get_host_name(),
768
pid=str(os.getpid()),
769
nonce=rand_chars(20).encode('ascii'),
770
start_time=str(int(time.time())),
771
user=get_username_for_lock_info(),
773
if extra_holder_info is not None:
774
info.update(extra_holder_info)
778
s = rio.Stanza(**self.info_dict)
782
def from_info_file_bytes(cls, info_file_bytes):
783
"""Construct from the contents of the held file."""
784
lines = osutils.split_lines(info_file_bytes)
786
stanza = rio.read_stanza(lines)
787
except ValueError as e:
788
mutter('Corrupt lock info file: %r', lines)
789
raise LockCorrupt("could not parse lock info file: " + str(e),
792
# see bug 185013; we fairly often end up with the info file being
793
# empty after an interruption; we could log a message here but
794
# there may not be much we can say
797
ret = stanza.as_dict()
798
ret['nonce'] = ret['nonce'].encode('ascii')
804
def __eq__(self, other):
805
"""Equality check for lock holders."""
806
if type(self) != type(other):
808
return self.info_dict == other.info_dict
810
def __ne__(self, other):
811
return not self == other
813
def is_locked_by_this_process(self):
814
"""True if this process seems to be the current lock holder."""
816
self.get('hostname') == get_host_name()
817
and self.get('pid') == str(os.getpid())
818
and self.get('user') == get_username_for_lock_info())
820
def is_lock_holder_known_dead(self):
821
"""True if the lock holder process is known to be dead.
823
False if it's either known to be still alive, or if we just can't tell.
825
We can be fairly sure the lock holder is dead if it declared the same
826
hostname and there is no process with the given pid alive. If people
827
have multiple machines with the same hostname this may cause trouble.
829
This doesn't check whether the lock holder is in fact the same process
830
calling this method. (In that case it will return true.)
832
if self.get('hostname') != get_host_name():
834
if self.get('hostname') == 'localhost':
837
if self.get('user') != get_username_for_lock_info():
838
# Could well be another local process by a different user, but
839
# just to be safe we won't conclude about this either.
841
pid_str = self.info_dict.get('pid', None)
843
mutter("no pid recorded in %r" % (self, ))
848
mutter("can't parse pid %r from %r"
851
return osutils.is_local_pid_dead(pid)
854
def get_username_for_lock_info():
855
"""Get a username suitable for putting into a lock.
857
It's ok if what's written here is not a proper email address as long
858
as it gives some clue who the user is.
861
return config.GlobalStack().get('email')
862
except errors.NoWhoami:
863
return osutils.getuser_unicode()
added
removed
bzrlib/lockdir.py
