~bzr-pqm/bzr/bzr.dev

2555.3.3 by Martin Pool
Simple lock tracing in LockDir
1
# Copyright (C) 2006, 2007 Canonical Ltd
1887.1.1 by Adeodato Simó
Do not separate paragraphs in the copyright statement with blank lines,
2
#
1553.5.12 by Martin Pool
New LockDir locking mechanism
3
# This program is free software; you can redistribute it and/or modify
4
# it under the terms of the GNU General Public License as published by
5
# the Free Software Foundation; either version 2 of the License, or
6
# (at your option) any later version.
1887.1.1 by Adeodato Simó
Do not separate paragraphs in the copyright statement with blank lines,
7
#
1553.5.12 by Martin Pool
New LockDir locking mechanism
8
# This program is distributed in the hope that it will be useful,
9
# but WITHOUT ANY WARRANTY; without even the implied warranty of
10
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
11
# GNU General Public License for more details.
1887.1.1 by Adeodato Simó
Do not separate paragraphs in the copyright statement with blank lines,
12
#
1553.5.12 by Martin Pool
New LockDir locking mechanism
13
# You should have received a copy of the GNU General Public License
14
# along with this program; if not, write to the Free Software
15
# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
16
1553.5.31 by Martin Pool
LockDir doc corrections
17
"""On-disk mutex protecting a resource
1553.5.12 by Martin Pool
New LockDir locking mechanism
18
1553.5.33 by Martin Pool
LockDir review comment fixes
19
bzr on-disk objects are locked by the existence of a directory with a
20
particular name within the control directory.  We use this rather than OS
21
internal locks (such as flock etc) because they can be seen across all
22
transports, including http.
1553.5.12 by Martin Pool
New LockDir locking mechanism
23
24
Objects can be read if there is only physical read access; therefore 
25
readers can never be required to create a lock, though they will
26
check whether a writer is using the lock.  Writers can't detect
27
whether anyone else is reading from the resource as they write.
28
This works because of ordering constraints that make sure readers
29
see a consistent view of existing data.
30
31
Waiting for a lock must be done by polling; this can be aborted after
32
a timeout.
33
34
Locks must always be explicitly released, typically from a try/finally
35
block -- they are not released from a finalizer or when Python
36
exits.
37
38
Locks may fail to be released if the process is abruptly terminated
39
(machine stop, SIGKILL) or if a remote transport becomes permanently
40
disconnected.  There is therefore a method to break an existing lock.
41
This should rarely be used, and generally only with user approval.
42
Locks contain some information on when the lock was taken and by who
43
which may guide in deciding whether it can safely be broken.  (This is
44
similar to the messages displayed by emacs and vim.) Note that if the
45
lock holder is still alive they will get no notification that the lock
46
has been broken and will continue their work -- so it is important to be
47
sure they are actually dead.
48
49
A lock is represented on disk by a directory of a particular name,
50
containing an information file.  Taking a lock is done by renaming a
51
temporary directory into place.  We use temporary directories because
52
for all known transports and filesystems we believe that exactly one
53
attempt to claim the lock will succeed and the others will fail.  (Files
54
won't do because some filesystems or transports only have
55
rename-and-overwrite, making it hard to tell who won.)
56
57
The desired characteristics are:
58
59
* Locks are not reentrant.  (That is, a client that tries to take a 
60
  lock it already holds may deadlock or fail.)
61
* Stale locks can be guessed at by a heuristic
62
* Lost locks can be broken by any client
63
* Failed lock operations leave little or no mess
64
* Deadlocks are avoided by having a timeout always in use, clients
65
  desiring indefinite waits can retry or set a silly big timeout.
66
67
Storage formats use the locks, and also need to consider concurrency
68
issues underneath the lock.  A format may choose not to use a lock
69
at all for some operations.
70
71
LockDirs always operate over a Transport.  The transport may be readonly, in
72
which case the lock can be queried but not acquired.
73
74
Locks are identified by a path name, relative to a base transport.
75
76
Calling code will typically want to make sure there is exactly one LockDir
77
object per actual lock on disk.  This module does nothing to prevent aliasing
78
and deadlocks will likely occur if the locks are aliased.
79
80
In the future we may add a "freshen" method which can be called
81
by a lock holder to check that their lock has not been broken, and to 
82
update the timestamp within it.
83
1553.5.18 by Martin Pool
LockDir should use Transport.rename when releasing locks too.
84
Example usage:
85
86
>>> from bzrlib.transport.memory import MemoryTransport
87
>>> # typically will be obtained from a BzrDir, Branch, etc
88
>>> t = MemoryTransport()
89
>>> l = LockDir(t, 'sample-lock')
1553.5.61 by Martin Pool
Locks protecting LockableFiles must now be explicitly created before use.
90
>>> l.create()
2555.3.11 by Martin Pool
fix up doctest example for token being returned from wait_lock
91
>>> token = l.wait_lock()
1553.5.18 by Martin Pool
LockDir should use Transport.rename when releasing locks too.
92
>>> # do something here
93
>>> l.unlock()
94
1553.5.12 by Martin Pool
New LockDir locking mechanism
95
"""
96
2555.3.10 by Martin Pool
doc
97
98
# TODO: We sometimes have the problem that our attempt to rename '1234' to
99
# 'held' fails because the transport server moves into an existing directory,
100
# rather than failing the rename.  If we made the info file name the same as
101
# the locked directory name we would avoid this problem because moving into
102
# the held directory would implicitly clash.  However this would not mesh with
103
# the existing locking code and needs a new format of the containing object.
104
# -- robertc, mbp 20070628
105
1553.5.12 by Martin Pool
New LockDir locking mechanism
106
import os
107
import time
1957.1.1 by John Arbash Meinel
Report to the user when we are spinning on a lock
108
from cStringIO import StringIO
1553.5.12 by Martin Pool
New LockDir locking mechanism
109
2055.2.1 by John Arbash Meinel
Make LockDir less sensitive to invalid configuration of email
110
from bzrlib import (
2555.3.3 by Martin Pool
Simple lock tracing in LockDir
111
    debug,
2055.2.1 by John Arbash Meinel
Make LockDir less sensitive to invalid configuration of email
112
    errors,
113
    )
1553.5.12 by Martin Pool
New LockDir locking mechanism
114
import bzrlib.config
115
from bzrlib.errors import (
116
        DirectoryNotEmpty,
117
        FileExists,
1553.5.27 by Martin Pool
Confirm that only the intended holder of a lock was broken.
118
        LockBreakMismatch,
1553.5.23 by Martin Pool
Start LockDir.confirm method and LockBroken exception
119
        LockBroken,
1553.5.12 by Martin Pool
New LockDir locking mechanism
120
        LockContention,
121
        LockNotHeld,
122
        NoSuchFile,
1662.1.12 by Martin Pool
Translate unknown sftp errors to PathError, no NoSuchFile
123
        PathError,
1558.10.1 by Aaron Bentley
Handle lockdirs over NFS properly
124
        ResourceBusy,
1553.5.12 by Martin Pool
New LockDir locking mechanism
125
        UnlockableTransport,
126
        )
1957.1.1 by John Arbash Meinel
Report to the user when we are spinning on a lock
127
from bzrlib.trace import mutter, note
1553.5.12 by Martin Pool
New LockDir locking mechanism
128
from bzrlib.transport import Transport
1957.1.5 by John Arbash Meinel
Create a helper function for formatting lock information
129
from bzrlib.osutils import rand_chars, format_delta
1993.1.2 by John Arbash Meinel
Use Stanza.to_string() rather than a RioWriter
130
from bzrlib.rio import read_stanza, Stanza
2094.3.5 by John Arbash Meinel
Fix imports to ensure modules are loaded before they are used
131
import bzrlib.ui
1553.5.12 by Martin Pool
New LockDir locking mechanism
132
1957.1.15 by John Arbash Meinel
Review feedback from Robert
133
1553.5.12 by Martin Pool
New LockDir locking mechanism
134
# XXX: At the moment there is no consideration of thread safety on LockDir
135
# objects.  This should perhaps be updated - e.g. if two threads try to take a
136
# lock at the same time they should *both* get it.  But then that's unlikely
137
# to be a good idea.
138
139
# TODO: Perhaps store some kind of note like the bzr command line in the lock
140
# info?
141
142
# TODO: Some kind of callback run while polling a lock to show progress
143
# indicators.
144
1553.5.59 by Martin Pool
Pass file/mode bits through to creation of lock files/dirs
145
# TODO: Make sure to pass the right file and directory mode bits to all
146
# files/dirs created.
147
1957.1.15 by John Arbash Meinel
Review feedback from Robert
148
149
_DEFAULT_TIMEOUT_SECONDS = 300
1957.1.9 by John Arbash Meinel
Change default timeouts, and report differently the first failure
150
_DEFAULT_POLL_SECONDS = 1.0
1553.5.12 by Martin Pool
New LockDir locking mechanism
151
1957.1.15 by John Arbash Meinel
Review feedback from Robert
152
1553.5.12 by Martin Pool
New LockDir locking mechanism
153
class LockDir(object):
1553.5.33 by Martin Pool
LockDir review comment fixes
154
    """Write-lock guarding access to data."""
1553.5.12 by Martin Pool
New LockDir locking mechanism
155
1553.5.33 by Martin Pool
LockDir review comment fixes
156
    __INFO_NAME = '/info'
1553.5.12 by Martin Pool
New LockDir locking mechanism
157
1553.5.59 by Martin Pool
Pass file/mode bits through to creation of lock files/dirs
158
    def __init__(self, transport, path, file_modebits=0644, dir_modebits=0755):
1553.5.12 by Martin Pool
New LockDir locking mechanism
159
        """Create a new LockDir object.
160
161
        The LockDir is initially unlocked - this just creates the object.
162
163
        :param transport: Transport which will contain the lock
164
165
        :param path: Path to the lock within the base directory of the 
166
            transport.
167
        """
168
        assert isinstance(transport, Transport), \
169
            ("not a transport: %r" % transport)
170
        self.transport = transport
171
        self.path = path
172
        self._lock_held = False
2279.7.1 by Andrew Bennetts
``LockableFiles.lock_write()`` now accepts a ``token`` keyword argument, so that
173
        self._locked_via_token = False
1553.5.54 by Martin Pool
Add LockDir.read_lock fake method
174
        self._fake_read_lock = False
1553.5.58 by Martin Pool
Change LockDirs to format "lock-name/held/info"
175
        self._held_dir = path + '/held'
176
        self._held_info_path = self._held_dir + self.__INFO_NAME
1553.5.59 by Martin Pool
Pass file/mode bits through to creation of lock files/dirs
177
        self._file_modebits = file_modebits
178
        self._dir_modebits = dir_modebits
1553.5.12 by Martin Pool
New LockDir locking mechanism
179
1957.1.1 by John Arbash Meinel
Report to the user when we are spinning on a lock
180
        self._report_function = note
181
1553.5.12 by Martin Pool
New LockDir locking mechanism
182
    def __repr__(self):
183
        return '%s(%s%s)' % (self.__class__.__name__,
184
                             self.transport.base,
185
                             self.path)
186
1553.5.13 by Martin Pool
New Transport.rename that mustn't overwrite
187
    is_held = property(lambda self: self._lock_held)
1553.5.12 by Martin Pool
New LockDir locking mechanism
188
1666.1.4 by Robert Collins
* 'Metadir' is now the default disk format. This improves behaviour in
189
    def create(self, mode=None):
1553.5.58 by Martin Pool
Change LockDirs to format "lock-name/held/info"
190
        """Create the on-disk lock.
191
192
        This is typically only called when the object/directory containing the 
193
        directory is first created.  The lock is not held when it's created.
194
        """
195
        if self.transport.is_readonly():
196
            raise UnlockableTransport(self.transport)
2555.3.13 by Martin Pool
LockDir cleanups
197
        self._trace("create lock directory")
1666.1.4 by Robert Collins
* 'Metadir' is now the default disk format. This improves behaviour in
198
        self.transport.mkdir(self.path, mode=mode)
1553.5.58 by Martin Pool
Change LockDirs to format "lock-name/held/info"
199
2555.3.20 by Martin Pool
rename _lock_core to _attempt_lock
200
    def _attempt_lock(self):
2555.3.13 by Martin Pool
LockDir cleanups
201
        """Make the pending directory and attempt to rename into place.
1553.5.12 by Martin Pool
New LockDir locking mechanism
202
        
2555.3.13 by Martin Pool
LockDir cleanups
203
        If the rename succeeds, we read back the info file to check that we
204
        really got the lock.
205
206
        If we fail to acquire the lock, this method is responsible for
207
        cleaning up the pending directory if possible.  (But it doesn't do
208
        that yet.)
209
210
        :returns: The nonce of the lock, if it was successfully acquired.
211
212
        :raises LockContention: If the lock is held by someone else.  The exception
213
            contains the info of the current holder of the lock.
1553.5.12 by Martin Pool
New LockDir locking mechanism
214
        """
2555.3.16 by Martin Pool
Clean up patch to make divergence from mainline smaller.
215
        self._trace("lock_write...")
216
        start_time = time.time()
217
        tmpname = self._create_pending_dir()
1553.5.12 by Martin Pool
New LockDir locking mechanism
218
        try:
1553.5.58 by Martin Pool
Change LockDirs to format "lock-name/held/info"
219
            self.transport.rename(tmpname, self._held_dir)
1662.1.12 by Martin Pool
Translate unknown sftp errors to PathError, no NoSuchFile
220
        except (PathError, DirectoryNotEmpty, FileExists, ResourceBusy), e:
2555.3.3 by Martin Pool
Simple lock tracing in LockDir
221
            self._trace("... contention, %s", e)
2555.3.16 by Martin Pool
Clean up patch to make divergence from mainline smaller.
222
            self._remove_pending_dir(tmpname)
223
            raise LockContention(self)
224
        except Exception, e:
225
            self._trace("... lock failed, %s", e)
226
            self._remove_pending_dir(tmpname)
227
            raise
228
        # We must check we really got the lock, because Launchpad's sftp
229
        # server at one time had a bug were the rename would successfully
230
        # move the new directory into the existing directory, which was
231
        # incorrect.  It's possible some other servers or filesystems will
232
        # have a similar bug allowing someone to think they got the lock
233
        # when it's already held.
234
        info = self.peek()
235
        self._trace("after locking, info=%r", info)
236
        if info['nonce'] != self.nonce:
237
            self._trace("rename succeeded, "
238
                "but lock is still held by someone else")
239
            raise LockContention(self)
240
        self._lock_held = True
2555.3.3 by Martin Pool
Simple lock tracing in LockDir
241
        self._trace("... lock succeeded after %dms",
242
                (time.time() - start_time) * 1000)
2555.3.6 by Martin Pool
Restore disabled LockDir trace message
243
        return self.nonce
1553.5.12 by Martin Pool
New LockDir locking mechanism
244
2555.3.16 by Martin Pool
Clean up patch to make divergence from mainline smaller.
245
    def _remove_pending_dir(self, tmpname):
246
        """Remove the pending directory
247
248
        This is called if we failed to rename into place, so that the pending 
249
        dirs don't clutter up the lockdir.
250
        """
251
        self._trace("remove %s", tmpname)
2555.3.18 by Martin Pool
Don't fail hard when removing pending lockdir
252
        try:
253
            self.transport.delete(tmpname + self.__INFO_NAME)
254
            self.transport.rmdir(tmpname)
255
        except PathError, e:
256
            note("error removing pending lock: %s", e)
2555.3.16 by Martin Pool
Clean up patch to make divergence from mainline smaller.
257
2555.3.13 by Martin Pool
LockDir cleanups
258
    def _create_pending_dir(self):
259
        tmpname = '%s/%s.tmp' % (self.path, rand_chars(10))
260
        try:
261
            self.transport.mkdir(tmpname)
262
        except NoSuchFile:
263
            # This may raise a FileExists exception
264
            # which is okay, it will be caught later and determined
265
            # to be a LockContention.
266
            self._trace("lock directory does not exist, creating it")
267
            self.create(mode=self._dir_modebits)
268
            # After creating the lock directory, try again
269
            self.transport.mkdir(tmpname)
270
        self.nonce = rand_chars(20)
271
        info_bytes = self._prepare_info()
272
        # We use put_file_non_atomic because we just created a new unique
273
        # directory so we don't have to worry about files existing there.
274
        # We'll rename the whole directory into place to get atomic
275
        # properties
276
        self.transport.put_bytes_non_atomic(tmpname + self.__INFO_NAME,
277
                                            info_bytes)
278
        return tmpname
279
1553.5.12 by Martin Pool
New LockDir locking mechanism
280
    def unlock(self):
1553.5.30 by Martin Pool
docstring for LockDir.unlock
281
        """Release a held lock
282
        """
1553.5.54 by Martin Pool
Add LockDir.read_lock fake method
283
        if self._fake_read_lock:
284
            self._fake_read_lock = False
285
            return
1553.5.12 by Martin Pool
New LockDir locking mechanism
286
        if not self._lock_held:
287
            raise LockNotHeld(self)
2279.7.1 by Andrew Bennetts
``LockableFiles.lock_write()`` now accepts a ``token`` keyword argument, so that
288
        if self._locked_via_token:
289
            self._locked_via_token = False
290
            self._lock_held = False
291
        else:
292
            # rename before deleting, because we can't atomically remove the
293
            # whole tree
2555.3.3 by Martin Pool
Simple lock tracing in LockDir
294
            start_time = time.time()
295
            self._trace("unlocking")
2279.7.1 by Andrew Bennetts
``LockableFiles.lock_write()`` now accepts a ``token`` keyword argument, so that
296
            tmpname = '%s/releasing.%s.tmp' % (self.path, rand_chars(20))
297
            # gotta own it to unlock
298
            self.confirm()
299
            self.transport.rename(self._held_dir, tmpname)
300
            self._lock_held = False
301
            self.transport.delete(tmpname + self.__INFO_NAME)
2555.3.14 by Martin Pool
Better handling in LockDir of rename that moves one directory within another
302
            try:
303
                self.transport.rmdir(tmpname)
304
            except DirectoryNotEmpty, e:
305
                # There might have been junk left over by a rename that moved
306
                # another locker within the 'held' directory.  do a slower
307
                # deletion where we list the directory and remove everything
308
                # within it.
309
                #
310
                # Maybe this should be broader to allow for ftp servers with
311
                # non-specific error messages?
312
                self._trace("doing recursive deletion of non-empty directory "
313
                        "%s", tmpname)
314
                self.transport.delete_tree(tmpname)
2555.3.3 by Martin Pool
Simple lock tracing in LockDir
315
            self._trace("... unlock succeeded after %dms",
316
                    (time.time() - start_time) * 1000)
1553.5.12 by Martin Pool
New LockDir locking mechanism
317
1687.1.5 by Robert Collins
Add break_lock utility function to LockDir.
318
    def break_lock(self):
319
        """Break a lock not held by this instance of LockDir.
320
321
        This is a UI centric function: it uses the bzrlib.ui.ui_factory to
322
        prompt for input if a lock is detected and there is any doubt about
323
        it possibly being still active.
324
        """
1687.1.6 by Robert Collins
Extend LockableFiles to support break_lock() calls.
325
        self._check_not_locked()
1687.1.5 by Robert Collins
Add break_lock utility function to LockDir.
326
        holder_info = self.peek()
327
        if holder_info is not None:
1957.1.5 by John Arbash Meinel
Create a helper function for formatting lock information
328
            lock_info = '\n'.join(self._format_lock_info(holder_info))
329
            if bzrlib.ui.ui_factory.get_boolean("Break %s" % lock_info):
1687.1.5 by Robert Collins
Add break_lock utility function to LockDir.
330
                self.force_break(holder_info)
331
        
1553.5.27 by Martin Pool
Confirm that only the intended holder of a lock was broken.
332
    def force_break(self, dead_holder_info):
1553.5.25 by Martin Pool
New LockDir.force_break and simple test case
333
        """Release a lock held by another process.
334
335
        WARNING: This should only be used when the other process is dead; if
336
        it still thinks it has the lock there will be two concurrent writers.
337
        In general the user's approval should be sought for lock breaks.
338
1553.5.27 by Martin Pool
Confirm that only the intended holder of a lock was broken.
339
        dead_holder_info must be the result of a previous LockDir.peek() call;
340
        this is used to check that it's still held by the same process that
341
        the user decided was dead.  If this is not the current holder,
342
        LockBreakMismatch is raised.
343
1553.5.25 by Martin Pool
New LockDir.force_break and simple test case
344
        After the lock is broken it will not be held by any process.
345
        It is possible that another process may sneak in and take the 
346
        lock before the breaking process acquires it.
347
        """
1553.5.27 by Martin Pool
Confirm that only the intended holder of a lock was broken.
348
        if not isinstance(dead_holder_info, dict):
349
            raise ValueError("dead_holder_info: %r" % dead_holder_info)
1687.1.6 by Robert Collins
Extend LockableFiles to support break_lock() calls.
350
        self._check_not_locked()
1553.5.27 by Martin Pool
Confirm that only the intended holder of a lock was broken.
351
        current_info = self.peek()
352
        if current_info is None:
1553.5.26 by Martin Pool
Breaking an already-released lock should just succeed
353
            # must have been recently released
354
            return
1553.5.27 by Martin Pool
Confirm that only the intended holder of a lock was broken.
355
        if current_info != dead_holder_info:
356
            raise LockBreakMismatch(self, current_info, dead_holder_info)
1553.5.58 by Martin Pool
Change LockDirs to format "lock-name/held/info"
357
        tmpname = '%s/broken.%s.tmp' % (self.path, rand_chars(20))
358
        self.transport.rename(self._held_dir, tmpname)
1553.5.27 by Martin Pool
Confirm that only the intended holder of a lock was broken.
359
        # check that we actually broke the right lock, not someone else;
360
        # there's a small race window between checking it and doing the 
361
        # rename.
1553.5.33 by Martin Pool
LockDir review comment fixes
362
        broken_info_path = tmpname + self.__INFO_NAME
363
        broken_info = self._read_info_file(broken_info_path)
1553.5.27 by Martin Pool
Confirm that only the intended holder of a lock was broken.
364
        if broken_info != dead_holder_info:
365
            raise LockBreakMismatch(self, broken_info, dead_holder_info)
366
        self.transport.delete(broken_info_path)
1553.5.25 by Martin Pool
New LockDir.force_break and simple test case
367
        self.transport.rmdir(tmpname)
368
1687.1.6 by Robert Collins
Extend LockableFiles to support break_lock() calls.
369
    def _check_not_locked(self):
370
        """If the lock is held by this instance, raise an error."""
371
        if self._lock_held:
372
            raise AssertionError("can't break own lock: %r" % self)
373
1553.5.20 by Martin Pool
Start adding LockDir.confirm() method
374
    def confirm(self):
375
        """Make sure that the lock is still held by this locker.
376
377
        This should only fail if the lock was broken by user intervention,
378
        or if the lock has been affected by a bug.
379
380
        If the lock is not thought to be held, raises LockNotHeld.  If
381
        the lock is thought to be held but has been broken, raises 
382
        LockBroken.
383
        """
384
        if not self._lock_held:
385
            raise LockNotHeld(self)
1553.5.23 by Martin Pool
Start LockDir.confirm method and LockBroken exception
386
        info = self.peek()
387
        if info is None:
388
            # no lock there anymore!
389
            raise LockBroken(self)
390
        if info.get('nonce') != self.nonce:
391
            # there is a lock, but not ours
392
            raise LockBroken(self)
1553.5.33 by Martin Pool
LockDir review comment fixes
393
        
394
    def _read_info_file(self, path):
1553.5.58 by Martin Pool
Change LockDirs to format "lock-name/held/info"
395
        """Read one given info file.
396
397
        peek() reads the info file of the lock holder, if any.
398
        """
1553.5.33 by Martin Pool
LockDir review comment fixes
399
        return self._parse_info(self.transport.get(path))
1553.5.20 by Martin Pool
Start adding LockDir.confirm() method
400
1553.5.12 by Martin Pool
New LockDir locking mechanism
401
    def peek(self):
402
        """Check if the lock is held by anyone.
403
        
404
        If it is held, this returns the lock info structure as a rio Stanza,
405
        which contains some information about the current lock holder.
406
        Otherwise returns None.
407
        """
408
        try:
1553.5.58 by Martin Pool
Change LockDirs to format "lock-name/held/info"
409
            info = self._read_info_file(self._held_info_path)
2555.3.3 by Martin Pool
Simple lock tracing in LockDir
410
            self._trace("peek -> held")
1553.5.27 by Martin Pool
Confirm that only the intended holder of a lock was broken.
411
            assert isinstance(info, dict), \
1553.5.12 by Martin Pool
New LockDir locking mechanism
412
                    "bad parse result %r" % info
1553.5.27 by Martin Pool
Confirm that only the intended holder of a lock was broken.
413
            return info
1553.5.12 by Martin Pool
New LockDir locking mechanism
414
        except NoSuchFile, e:
2555.3.3 by Martin Pool
Simple lock tracing in LockDir
415
            self._trace("peek -> not held")
1553.5.12 by Martin Pool
New LockDir locking mechanism
416
1993.1.2 by John Arbash Meinel
Use Stanza.to_string() rather than a RioWriter
417
    def _prepare_info(self):
1553.5.12 by Martin Pool
New LockDir locking mechanism
418
        """Write information about a pending lock to a temporary file.
419
        """
420
        import socket
421
        # XXX: is creating this here inefficient?
422
        config = bzrlib.config.GlobalConfig()
2055.2.1 by John Arbash Meinel
Make LockDir less sensitive to invalid configuration of email
423
        try:
424
            user = config.user_email()
2055.2.2 by John Arbash Meinel
Switch extract_email_address() to use a more specific exception
425
        except errors.NoEmailInUsername:
2055.2.1 by John Arbash Meinel
Make LockDir less sensitive to invalid configuration of email
426
            user = config.username()
1553.5.12 by Martin Pool
New LockDir locking mechanism
427
        s = Stanza(hostname=socket.gethostname(),
428
                   pid=str(os.getpid()),
429
                   start_time=str(int(time.time())),
430
                   nonce=self.nonce,
2055.2.1 by John Arbash Meinel
Make LockDir less sensitive to invalid configuration of email
431
                   user=user,
1553.5.12 by Martin Pool
New LockDir locking mechanism
432
                   )
1993.1.2 by John Arbash Meinel
Use Stanza.to_string() rather than a RioWriter
433
        return s.to_string()
1553.5.12 by Martin Pool
New LockDir locking mechanism
434
435
    def _parse_info(self, info_file):
1553.5.27 by Martin Pool
Confirm that only the intended holder of a lock was broken.
436
        return read_stanza(info_file.readlines()).as_dict()
1553.5.12 by Martin Pool
New LockDir locking mechanism
437
2555.3.13 by Martin Pool
LockDir cleanups
438
    def attempt_lock(self):
439
        """Take the lock; fail if it's already held.
440
        
441
        If you wish to block until the lock can be obtained, call wait_lock()
442
        instead.
443
444
        :return: The lock token.
445
        :raises LockContention: if the lock is held by someone else.
446
        """
2555.3.16 by Martin Pool
Clean up patch to make divergence from mainline smaller.
447
        if self._fake_read_lock:
448
            raise LockContention(self)
449
        if self.transport.is_readonly():
450
            raise UnlockableTransport(self.transport)
2555.3.20 by Martin Pool
rename _lock_core to _attempt_lock
451
        return self._attempt_lock()
2555.3.13 by Martin Pool
LockDir cleanups
452
453
    def wait_lock(self, timeout=None, poll=None, max_attempts=None):
1553.5.12 by Martin Pool
New LockDir locking mechanism
454
        """Wait a certain period for a lock.
455
456
        If the lock can be acquired within the bounded time, it
457
        is taken and this returns.  Otherwise, LockContention
458
        is raised.  Either way, this function should return within
459
        approximately `timeout` seconds.  (It may be a bit more if
460
        a transport operation takes a long time to complete.)
2555.3.5 by Martin Pool
Return token directly from LockDir.acquire to avoid unnecessary peek()
461
2555.3.13 by Martin Pool
LockDir cleanups
462
        :param timeout: Approximate maximum amount of time to wait for the
463
        lock, in seconds.
464
         
465
        :param poll: Delay in seconds between retrying the lock.
466
467
        :param max_attempts: Maximum number of times to try to lock.
468
2555.3.5 by Martin Pool
Return token directly from LockDir.acquire to avoid unnecessary peek()
469
        :return: The lock token.
1553.5.12 by Martin Pool
New LockDir locking mechanism
470
        """
1957.1.17 by John Arbash Meinel
Change tests that expect locking to fail to timeout sooner.
471
        if timeout is None:
472
            timeout = _DEFAULT_TIMEOUT_SECONDS
473
        if poll is None:
474
            poll = _DEFAULT_POLL_SECONDS
2555.3.13 by Martin Pool
LockDir cleanups
475
        # XXX: the transport interface doesn't let us guard against operations
476
        # there taking a long time, so the total elapsed time or poll interval
477
        # may be more than was requested.
1553.5.12 by Martin Pool
New LockDir locking mechanism
478
        deadline = time.time() + timeout
1957.1.13 by John Arbash Meinel
Change to reporting the time when we will stop trying to grab the lock
479
        deadline_str = None
1957.1.7 by John Arbash Meinel
Add the ability to report if the lock changes from underneath you
480
        last_info = None
2555.3.13 by Martin Pool
LockDir cleanups
481
        attempt_count = 0
1553.5.12 by Martin Pool
New LockDir locking mechanism
482
        while True:
2555.3.13 by Martin Pool
LockDir cleanups
483
            attempt_count += 1
1553.5.12 by Martin Pool
New LockDir locking mechanism
484
            try:
2555.3.16 by Martin Pool
Clean up patch to make divergence from mainline smaller.
485
                return self.attempt_lock()
486
            except LockContention:
487
                # possibly report the blockage, then try again
488
                pass
489
            # TODO: In a few cases, we find out that there's contention by
490
            # reading the held info and observing that it's not ours.  In
491
            # those cases it's a bit redundant to read it again.  However,
492
            # the normal case (??) is that the rename fails and so we
493
            # don't know who holds the lock.  For simplicity we peek
494
            # always.
495
            new_info = self.peek()
496
            if new_info is not None and new_info != last_info:
497
                if last_info is None:
498
                    start = 'Unable to obtain'
1957.1.9 by John Arbash Meinel
Change default timeouts, and report differently the first failure
499
                else:
2555.3.16 by Martin Pool
Clean up patch to make divergence from mainline smaller.
500
                    start = 'Lock owner changed for'
501
                last_info = new_info
502
                formatted_info = self._format_lock_info(new_info)
503
                if deadline_str is None:
504
                    deadline_str = time.strftime('%H:%M:%S',
505
                                                 time.localtime(deadline))
506
                self._report_function('%s %s\n'
507
                                      '%s\n' # held by
508
                                      '%s\n' # locked ... ago
509
                                      'Will continue to try until %s\n',
510
                                      start,
511
                                      formatted_info[0],
512
                                      formatted_info[1],
513
                                      formatted_info[2],
514
                                      deadline_str)
515
516
            if (max_attempts is not None) and (attempt_count >= max_attempts):
517
                self._trace("exceeded %d attempts")
518
                raise LockContention(self)
519
            if time.time() + poll < deadline:
520
                self._trace("waiting %ss", poll)
521
                time.sleep(poll)
522
            else:
523
                self._trace("timeout after waiting %ss", timeout)
524
                raise LockContention(self)
2018.5.75 by Andrew Bennetts
Add Repository.{dont_,}leave_lock_in_place.
525
    
526
    def leave_in_place(self):
527
        self._locked_via_token = True
528
529
    def dont_leave_in_place(self):
530
        self._locked_via_token = False
1553.5.12 by Martin Pool
New LockDir locking mechanism
531
2279.7.1 by Andrew Bennetts
``LockableFiles.lock_write()`` now accepts a ``token`` keyword argument, so that
532
    def lock_write(self, token=None):
533
        """Wait for and acquire the lock.
534
        
535
        :param token: if this is already locked, then lock_write will fail
536
            unless the token matches the existing lock.
537
        :returns: a token if this instance supports tokens, otherwise None.
538
        :raises TokenLockingNotSupported: when a token is given but this
539
            instance doesn't support using token locks.
2279.7.7 by Andrew Bennetts
LockDir, Repository and Branch lock token changes from the hpss branch.
540
        :raises MismatchedToken: if the specified token doesn't match the token
2279.7.1 by Andrew Bennetts
``LockableFiles.lock_write()`` now accepts a ``token`` keyword argument, so that
541
            of the existing lock.
2018.5.145 by Andrew Bennetts
Add a brief explanation of what tokens are used for to lock_write docstrings.
542
543
        A token should be passed in if you know that you have locked the object
544
        some other way, and need to synchronise this object's state with that
545
        fact.
2279.7.1 by Andrew Bennetts
``LockableFiles.lock_write()`` now accepts a ``token`` keyword argument, so that
546
         
547
        XXX: docstring duplicated from LockableFiles.lock_write.
548
        """
549
        if token is not None:
550
            self.validate_token(token)
2018.5.75 by Andrew Bennetts
Add Repository.{dont_,}leave_lock_in_place.
551
            self.nonce = token
2279.7.1 by Andrew Bennetts
``LockableFiles.lock_write()`` now accepts a ``token`` keyword argument, so that
552
            self._lock_held = True
553
            self._locked_via_token = True
2018.5.78 by Andrew Bennetts
Implement RemoteRepository.lock_write/unlock to expect and send tokens over the
554
            return token
2279.7.1 by Andrew Bennetts
``LockableFiles.lock_write()`` now accepts a ``token`` keyword argument, so that
555
        else:
2555.3.5 by Martin Pool
Return token directly from LockDir.acquire to avoid unnecessary peek()
556
            return self.wait_lock()
1553.5.44 by Martin Pool
LockableFiles can now call LockDir directly
557
558
    def lock_read(self):
1759.2.1 by Jelmer Vernooij
Fix some types (found using aspell).
559
        """Compatibility-mode shared lock.
1553.5.44 by Martin Pool
LockableFiles can now call LockDir directly
560
561
        LockDir doesn't support shared read-only locks, so this 
1553.5.54 by Martin Pool
Add LockDir.read_lock fake method
562
        just pretends that the lock is taken but really does nothing.
1553.5.44 by Martin Pool
LockableFiles can now call LockDir directly
563
        """
564
        # At the moment Branches are commonly locked for read, but 
565
        # we can't rely on that remotely.  Once this is cleaned up,
566
        # reenable this warning to prevent it coming back in 
567
        # -- mbp 20060303
568
        ## warn("LockDir.lock_read falls back to write lock")
1553.5.54 by Martin Pool
Add LockDir.read_lock fake method
569
        if self._lock_held or self._fake_read_lock:
570
            raise LockContention(self)
571
        self._fake_read_lock = True
1553.5.44 by Martin Pool
LockableFiles can now call LockDir directly
572
1957.1.5 by John Arbash Meinel
Create a helper function for formatting lock information
573
    def _format_lock_info(self, info):
574
        """Turn the contents of peek() into something for the user"""
575
        lock_url = self.transport.abspath(self.path)
576
        delta = time.time() - int(info['start_time'])
577
        return [
578
            'lock %s' % (lock_url,),
579
            'held by %(user)s on host %(hostname)s [process #%(pid)s]' % info,
580
            'locked %s' % (format_delta(delta),),
581
            ]
582
2279.7.1 by Andrew Bennetts
``LockableFiles.lock_write()`` now accepts a ``token`` keyword argument, so that
583
    def validate_token(self, token):
584
        if token is not None:
585
            info = self.peek()
586
            if info is None:
587
                # Lock isn't held
588
                lock_token = None
589
            else:
590
                lock_token = info.get('nonce')
591
            if token != lock_token:
592
                raise errors.TokenMismatch(token, lock_token)
2555.3.3 by Martin Pool
Simple lock tracing in LockDir
593
            else:
2555.3.16 by Martin Pool
Clean up patch to make divergence from mainline smaller.
594
                self._trace("revalidated by token %r", token)
2279.7.1 by Andrew Bennetts
``LockableFiles.lock_write()`` now accepts a ``token`` keyword argument, so that
595
2555.3.3 by Martin Pool
Simple lock tracing in LockDir
596
    def _trace(self, format, *args):
597
        if 'lock' not in debug.debug_flags:
598
            return
599
        mutter(str(self) + ": " + (format % args))