1 /* Debuginfo-over-http server.
2 Copyright (C) 2019-2021 Red Hat, Inc.
3 Copyright (C) 2021, 2022 Mark J. Wielaard <mark@klomp.org>
4 This file is part of elfutils.
5
6 This file is free software; you can redistribute it and/or modify
7 it under the terms of the GNU General Public License as published by
8 the Free Software Foundation; either version 3 of the License, or
9 (at your option) any later version.
10
11 elfutils is distributed in the hope that it will be useful, but
12 WITHOUT ANY WARRANTY; without even the implied warranty of
13 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14 GNU General Public License for more details.
15
16 You should have received a copy of the GNU General Public License
17 along with this program. If not, see <http://www.gnu.org/licenses/>. */
18
19
20 /* cargo-cult from libdwfl linux-kernel-modules.c */
21 /* In case we have a bad fts we include this before config.h because it
22 can't handle _FILE_OFFSET_BITS.
23 Everything we need here is fine if its declarations just come first.
24 Also, include sys/types.h before fts. On some systems fts.h is not self
25 contained. */
26 #ifdef BAD_FTS
27 #include <sys/types.h>
28 #include <fts.h>
29 #endif
30
31 #ifdef HAVE_CONFIG_H
32 #include "config.h"
33 #endif
34
35 // #define _GNU_SOURCE
36 #ifdef HAVE_SCHED_H
37 extern "C" {
38 #include <sched.h>
39 }
40 #endif
41 #ifdef HAVE_SYS_RESOURCE_H
42 extern "C" {
43 #include <sys/resource.h>
44 }
45 #endif
46
47 #ifdef HAVE_EXECINFO_H
48 extern "C" {
49 #include <execinfo.h>
50 }
51 #endif
52
53 extern "C" {
54 #include "printversion.h"
55 #include "system.h"
56 }
57
58 #include "debuginfod.h"
59 #include <dwarf.h>
60
61 #include <argp.h>
62 #ifdef __GNUC__
63 #undef __attribute__ /* glibc bug - rhbz 1763325 */
64 #endif
65
66 #include <unistd.h>
67 #include <stdlib.h>
68 #include <locale.h>
69 #include <pthread.h>
70 #include <signal.h>
71 #include <sys/stat.h>
72 #include <sys/time.h>
73 #include <sys/vfs.h>
74 #include <unistd.h>
75 #include <fcntl.h>
76 #include <netdb.h>
77
78
79 /* If fts.h is included before config.h, its indirect inclusions may not
80 give us the right LFS aliases of these functions, so map them manually. */
81 #ifdef BAD_FTS
82 #ifdef _FILE_OFFSET_BITS
83 #define open open64
84 #define fopen fopen64
85 #endif
86 #else
87 #include <sys/types.h>
88 #include <fts.h>
89 #endif
90
91 #include <cstring>
92 #include <vector>
93 #include <set>
94 #include <unordered_set>
95 #include <map>
96 #include <string>
97 #include <iostream>
98 #include <iomanip>
99 #include <ostream>
100 #include <sstream>
101 #include <mutex>
102 #include <deque>
103 #include <condition_variable>
104 #include <exception>
105 #include <thread>
106 // #include <regex> // on rhel7 gcc 4.8, not competent
107 #include <regex.h>
108 // #include <algorithm>
109 using namespace std;
110
111 #include <gelf.h>
112 #include <libdwelf.h>
113
114 #include <microhttpd.h>
115
116 #if MHD_VERSION >= 0x00097002
117 // libmicrohttpd 0.9.71 broke API
118 #define MHD_RESULT enum MHD_Result
119 #else
120 #define MHD_RESULT int
121 #endif
122
123 #include <curl/curl.h>
124 #include <archive.h>
125 #include <archive_entry.h>
126 #include <sqlite3.h>
127
128 #ifdef __linux__
129 #include <sys/syscall.h>
130 #endif
131
132 #ifdef __linux__
133 #define tid() syscall(SYS_gettid)
134 #else
135 #define tid() pthread_self()
136 #endif
137
138
139 inline bool
string_endswith(const string & haystack,const string & needle)140 string_endswith(const string& haystack, const string& needle)
141 {
142 return (haystack.size() >= needle.size() &&
143 equal(haystack.end()-needle.size(), haystack.end(),
144 needle.begin()));
145 }
146
147
148 // Roll this identifier for every sqlite schema incompatibility.
149 #define BUILDIDS "buildids10"
150
151 #if SQLITE_VERSION_NUMBER >= 3008000
152 #define WITHOUT_ROWID "without rowid"
153 #else
154 #define WITHOUT_ROWID ""
155 #endif
156
157 static const char DEBUGINFOD_SQLITE_DDL[] =
158 "pragma foreign_keys = on;\n"
159 "pragma synchronous = 0;\n" // disable fsync()s - this cache is disposable across a machine crash
160 "pragma journal_mode = wal;\n" // https://sqlite.org/wal.html
161 "pragma wal_checkpoint = truncate;\n" // clean out any preexisting wal file
162 "pragma journal_size_limit = 0;\n" // limit steady state file (between grooming, which also =truncate's)
163 "pragma auto_vacuum = incremental;\n" // https://sqlite.org/pragma.html
164 "pragma busy_timeout = 1000;\n" // https://sqlite.org/pragma.html
165 // NB: all these are overridable with -D option
166
167 // Normalization table for interning file names
168 "create table if not exists " BUILDIDS "_fileparts (\n"
169 " id integer primary key not null,\n"
170 " name text unique not null\n"
171 " );\n"
172 "create table if not exists " BUILDIDS "_files (\n"
173 " id integer primary key not null,\n"
174 " dirname integer not null,\n"
175 " basename integer not null,\n"
176 " unique (dirname, basename),\n"
177 " foreign key (dirname) references " BUILDIDS "_fileparts(id) on delete cascade,\n"
178 " foreign key (basename) references " BUILDIDS "_fileparts(id) on delete cascade\n"
179 " );\n"
180 "create view if not exists " BUILDIDS "_files_v as\n" // a
181 " select f.id, n1.name || '/' || n2.name as name\n"
182 " from " BUILDIDS "_files f, " BUILDIDS "_fileparts n1, " BUILDIDS "_fileparts n2\n"
183 " where f.dirname = n1.id and f.basename = n2.id;\n"
184
185 // Normalization table for interning buildids
186 "create table if not exists " BUILDIDS "_buildids (\n"
187 " id integer primary key not null,\n"
188 " hex text unique not null);\n"
189 // Track the completion of scanning of a given file & sourcetype at given time
190 "create table if not exists " BUILDIDS "_file_mtime_scanned (\n"
191 " mtime integer not null,\n"
192 " file integer not null,\n"
193 " size integer not null,\n" // in bytes
194 " sourcetype text(1) not null\n"
195 " check (sourcetype IN ('F', 'R')),\n"
196 " foreign key (file) references " BUILDIDS "_files(id) on update cascade on delete cascade,\n"
197 " primary key (file, mtime, sourcetype)\n"
198 " ) " WITHOUT_ROWID ";\n"
199 "create table if not exists " BUILDIDS "_f_de (\n"
200 " buildid integer not null,\n"
201 " debuginfo_p integer not null,\n"
202 " executable_p integer not null,\n"
203 " file integer not null,\n"
204 " mtime integer not null,\n"
205 " foreign key (file) references " BUILDIDS "_files(id) on update cascade on delete cascade,\n"
206 " foreign key (buildid) references " BUILDIDS "_buildids(id) on update cascade on delete cascade,\n"
207 " primary key (buildid, file, mtime)\n"
208 " ) " WITHOUT_ROWID ";\n"
209 // Index for faster delete by file identifier
210 "create index if not exists " BUILDIDS "_f_de_idx on " BUILDIDS "_f_de (file, mtime);\n"
211 "create table if not exists " BUILDIDS "_f_s (\n"
212 " buildid integer not null,\n"
213 " artifactsrc integer not null,\n"
214 " file integer not null,\n" // NB: not necessarily entered into _mtime_scanned
215 " mtime integer not null,\n"
216 " foreign key (file) references " BUILDIDS "_files(id) on update cascade on delete cascade,\n"
217 " foreign key (artifactsrc) references " BUILDIDS "_files(id) on update cascade on delete cascade,\n"
218 " foreign key (buildid) references " BUILDIDS "_buildids(id) on update cascade on delete cascade,\n"
219 " primary key (buildid, artifactsrc, file, mtime)\n"
220 " ) " WITHOUT_ROWID ";\n"
221 "create table if not exists " BUILDIDS "_r_de (\n"
222 " buildid integer not null,\n"
223 " debuginfo_p integer not null,\n"
224 " executable_p integer not null,\n"
225 " file integer not null,\n"
226 " mtime integer not null,\n"
227 " content integer not null,\n"
228 " foreign key (file) references " BUILDIDS "_files(id) on update cascade on delete cascade,\n"
229 " foreign key (content) references " BUILDIDS "_files(id) on update cascade on delete cascade,\n"
230 " foreign key (buildid) references " BUILDIDS "_buildids(id) on update cascade on delete cascade,\n"
231 " primary key (buildid, debuginfo_p, executable_p, file, content, mtime)\n"
232 " ) " WITHOUT_ROWID ";\n"
233 // Index for faster delete by archive file identifier
234 "create index if not exists " BUILDIDS "_r_de_idx on " BUILDIDS "_r_de (file, mtime);\n"
235 "create table if not exists " BUILDIDS "_r_sref (\n" // outgoing dwarf sourcefile references from rpm
236 " buildid integer not null,\n"
237 " artifactsrc integer not null,\n"
238 " foreign key (artifactsrc) references " BUILDIDS "_files(id) on update cascade on delete cascade,\n"
239 " foreign key (buildid) references " BUILDIDS "_buildids(id) on update cascade on delete cascade,\n"
240 " primary key (buildid, artifactsrc)\n"
241 " ) " WITHOUT_ROWID ";\n"
242 "create table if not exists " BUILDIDS "_r_sdef (\n" // rpm contents that may satisfy sref
243 " file integer not null,\n"
244 " mtime integer not null,\n"
245 " content integer not null,\n"
246 " foreign key (file) references " BUILDIDS "_files(id) on update cascade on delete cascade,\n"
247 " foreign key (content) references " BUILDIDS "_files(id) on update cascade on delete cascade,\n"
248 " primary key (content, file, mtime)\n"
249 " ) " WITHOUT_ROWID ";\n"
250 // create views to glue together some of the above tables, for webapi D queries
251 "create view if not exists " BUILDIDS "_query_d as \n"
252 "select\n"
253 " b.hex as buildid, n.mtime, 'F' as sourcetype, f0.name as source0, n.mtime as mtime, null as source1\n"
254 " from " BUILDIDS "_buildids b, " BUILDIDS "_files_v f0, " BUILDIDS "_f_de n\n"
255 " where b.id = n.buildid and f0.id = n.file and n.debuginfo_p = 1\n"
256 "union all select\n"
257 " b.hex as buildid, n.mtime, 'R' as sourcetype, f0.name as source0, n.mtime as mtime, f1.name as source1\n"
258 " from " BUILDIDS "_buildids b, " BUILDIDS "_files_v f0, " BUILDIDS "_files_v f1, " BUILDIDS "_r_de n\n"
259 " where b.id = n.buildid and f0.id = n.file and f1.id = n.content and n.debuginfo_p = 1\n"
260 ";"
261 // ... and for E queries
262 "create view if not exists " BUILDIDS "_query_e as \n"
263 "select\n"
264 " b.hex as buildid, n.mtime, 'F' as sourcetype, f0.name as source0, n.mtime as mtime, null as source1\n"
265 " from " BUILDIDS "_buildids b, " BUILDIDS "_files_v f0, " BUILDIDS "_f_de n\n"
266 " where b.id = n.buildid and f0.id = n.file and n.executable_p = 1\n"
267 "union all select\n"
268 " b.hex as buildid, n.mtime, 'R' as sourcetype, f0.name as source0, n.mtime as mtime, f1.name as source1\n"
269 " from " BUILDIDS "_buildids b, " BUILDIDS "_files_v f0, " BUILDIDS "_files_v f1, " BUILDIDS "_r_de n\n"
270 " where b.id = n.buildid and f0.id = n.file and f1.id = n.content and n.executable_p = 1\n"
271 ";"
272 // ... and for S queries
273 "create view if not exists " BUILDIDS "_query_s as \n"
274 "select\n"
275 " b.hex as buildid, fs.name as artifactsrc, 'F' as sourcetype, f0.name as source0, n.mtime as mtime, null as source1, null as source0ref\n"
276 " from " BUILDIDS "_buildids b, " BUILDIDS "_files_v f0, " BUILDIDS "_files_v fs, " BUILDIDS "_f_s n\n"
277 " where b.id = n.buildid and f0.id = n.file and fs.id = n.artifactsrc\n"
278 "union all select\n"
279 " b.hex as buildid, f1.name as artifactsrc, 'R' as sourcetype, f0.name as source0, sd.mtime as mtime, f1.name as source1, fsref.name as source0ref\n"
280 " from " BUILDIDS "_buildids b, " BUILDIDS "_files_v f0, " BUILDIDS "_files_v f1, " BUILDIDS "_files_v fsref, "
281 " " BUILDIDS "_r_sdef sd, " BUILDIDS "_r_sref sr, " BUILDIDS "_r_de sde\n"
282 " where b.id = sr.buildid and f0.id = sd.file and fsref.id = sde.file and f1.id = sd.content\n"
283 " and sr.artifactsrc = sd.content and sde.buildid = sr.buildid\n"
284 ";"
285 // and for startup overview counts
286 "drop view if exists " BUILDIDS "_stats;\n"
287 "create view if not exists " BUILDIDS "_stats as\n"
288 " select 'file d/e' as label,count(*) as quantity from " BUILDIDS "_f_de\n"
289 "union all select 'file s',count(*) from " BUILDIDS "_f_s\n"
290 "union all select 'archive d/e',count(*) from " BUILDIDS "_r_de\n"
291 "union all select 'archive sref',count(*) from " BUILDIDS "_r_sref\n"
292 "union all select 'archive sdef',count(*) from " BUILDIDS "_r_sdef\n"
293 "union all select 'buildids',count(*) from " BUILDIDS "_buildids\n"
294 "union all select 'filenames',count(*) from " BUILDIDS "_files\n"
295 "union all select 'fileparts',count(*) from " BUILDIDS "_fileparts\n"
296 "union all select 'files scanned (#)',count(*) from " BUILDIDS "_file_mtime_scanned\n"
297 "union all select 'files scanned (mb)',coalesce(sum(size)/1024/1024,0) from " BUILDIDS "_file_mtime_scanned\n"
298 #if SQLITE_VERSION_NUMBER >= 3016000
299 "union all select 'index db size (mb)',page_count*page_size/1024/1024 as size FROM pragma_page_count(), pragma_page_size()\n"
300 #endif
301 ";\n"
302
303 // schema change history & garbage collection
304 //
305 // XXX: we could have migration queries here to bring prior-schema
306 // data over instead of just dropping it. But that could incur
307 // doubled storage costs.
308 //
309 // buildids10: split the _files table into _parts
310 "" // <<< we are here
311 // buildids9: widen the mtime_scanned table
312 "DROP VIEW IF EXISTS buildids9_stats;\n"
313 "DROP INDEX IF EXISTS buildids9_r_de_idx;\n"
314 "DROP INDEX IF EXISTS buildids9_f_de_idx;\n"
315 "DROP VIEW IF EXISTS buildids9_query_s;\n"
316 "DROP VIEW IF EXISTS buildids9_query_e;\n"
317 "DROP VIEW IF EXISTS buildids9_query_d;\n"
318 "DROP TABLE IF EXISTS buildids9_r_sdef;\n"
319 "DROP TABLE IF EXISTS buildids9_r_sref;\n"
320 "DROP TABLE IF EXISTS buildids9_r_de;\n"
321 "DROP TABLE IF EXISTS buildids9_f_s;\n"
322 "DROP TABLE IF EXISTS buildids9_f_de;\n"
323 "DROP TABLE IF EXISTS buildids9_file_mtime_scanned;\n"
324 "DROP TABLE IF EXISTS buildids9_buildids;\n"
325 "DROP TABLE IF EXISTS buildids9_files;\n"
326 // buildids8: slim the sref table
327 "drop table if exists buildids8_f_de;\n"
328 "drop table if exists buildids8_f_s;\n"
329 "drop table if exists buildids8_r_de;\n"
330 "drop table if exists buildids8_r_sref;\n"
331 "drop table if exists buildids8_r_sdef;\n"
332 "drop table if exists buildids8_file_mtime_scanned;\n"
333 "drop table if exists buildids8_files;\n"
334 "drop table if exists buildids8_buildids;\n"
335 // buildids7: separate _norm table into dense subtype tables
336 "drop table if exists buildids7_f_de;\n"
337 "drop table if exists buildids7_f_s;\n"
338 "drop table if exists buildids7_r_de;\n"
339 "drop table if exists buildids7_r_sref;\n"
340 "drop table if exists buildids7_r_sdef;\n"
341 "drop table if exists buildids7_file_mtime_scanned;\n"
342 "drop table if exists buildids7_files;\n"
343 "drop table if exists buildids7_buildids;\n"
344 // buildids6: drop bolo/rfolo again, represent sources / rpmcontents in main table
345 "drop table if exists buildids6_norm;\n"
346 "drop table if exists buildids6_files;\n"
347 "drop table if exists buildids6_buildids;\n"
348 "drop view if exists buildids6;\n"
349 // buildids5: redefine srcfile1 column to be '.'-less (for rpms)
350 "drop table if exists buildids5_norm;\n"
351 "drop table if exists buildids5_files;\n"
352 "drop table if exists buildids5_buildids;\n"
353 "drop table if exists buildids5_bolo;\n"
354 "drop table if exists buildids5_rfolo;\n"
355 "drop view if exists buildids5;\n"
356 // buildids4: introduce rpmfile RFOLO
357 "drop table if exists buildids4_norm;\n"
358 "drop table if exists buildids4_files;\n"
359 "drop table if exists buildids4_buildids;\n"
360 "drop table if exists buildids4_bolo;\n"
361 "drop table if exists buildids4_rfolo;\n"
362 "drop view if exists buildids4;\n"
363 // buildids3*: split out srcfile BOLO
364 "drop table if exists buildids3_norm;\n"
365 "drop table if exists buildids3_files;\n"
366 "drop table if exists buildids3_buildids;\n"
367 "drop table if exists buildids3_bolo;\n"
368 "drop view if exists buildids3;\n"
369 // buildids2: normalized buildid and filenames into interning tables;
370 "drop table if exists buildids2_norm;\n"
371 "drop table if exists buildids2_files;\n"
372 "drop table if exists buildids2_buildids;\n"
373 "drop view if exists buildids2;\n"
374 // buildids1: made buildid and artifacttype NULLable, to represent cached-negative
375 // lookups from sources, e.g. files or rpms that contain no buildid-indexable content
376 "drop table if exists buildids1;\n"
377 // buildids: original
378 "drop table if exists buildids;\n"
379 ;
380
381 static const char DEBUGINFOD_SQLITE_CLEANUP_DDL[] =
382 "pragma wal_checkpoint = truncate;\n" // clean out any preexisting wal file
383 ;
384
385
386
387
388 /* Name and version of program. */
389 ARGP_PROGRAM_VERSION_HOOK_DEF = print_version;
390
391 /* Bug report address. */
392 ARGP_PROGRAM_BUG_ADDRESS_DEF = PACKAGE_BUGREPORT;
393
394 /* Definitions of arguments for argp functions. */
395 static const struct argp_option options[] =
396 {
397 { NULL, 0, NULL, 0, "Scanners:", 1 },
398 { "scan-file-dir", 'F', NULL, 0, "Enable ELF/DWARF file scanning.", 0 },
399 { "scan-rpm-dir", 'R', NULL, 0, "Enable RPM scanning.", 0 },
400 { "scan-deb-dir", 'U', NULL, 0, "Enable DEB scanning.", 0 },
401 { "scan-archive", 'Z', "EXT=CMD", 0, "Enable arbitrary archive scanning.", 0 },
402 // "source-oci-imageregistry" ...
403
404 { NULL, 0, NULL, 0, "Options:", 2 },
405 { "logical", 'L', NULL, 0, "Follow symlinks, default=ignore.", 0 },
406 { "rescan-time", 't', "SECONDS", 0, "Number of seconds to wait between rescans, 0=disable.", 0 },
407 { "groom-time", 'g', "SECONDS", 0, "Number of seconds to wait between database grooming, 0=disable.", 0 },
408 { "maxigroom", 'G', NULL, 0, "Run a complete database groom/shrink pass at startup.", 0 },
409 { "concurrency", 'c', "NUM", 0, "Limit scanning thread concurrency to NUM, default=#CPUs.", 0 },
410 { "connection-pool", 'C', "NUM", OPTION_ARG_OPTIONAL,
411 "Use webapi connection pool with NUM threads, default=unlim.", 0 },
412 { "include", 'I', "REGEX", 0, "Include files matching REGEX, default=all.", 0 },
413 { "exclude", 'X', "REGEX", 0, "Exclude files matching REGEX, default=none.", 0 },
414 { "port", 'p', "NUM", 0, "HTTP port to listen on, default 8002.", 0 },
415 { "database", 'd', "FILE", 0, "Path to sqlite database.", 0 },
416 { "ddl", 'D', "SQL", 0, "Apply extra sqlite ddl/pragma to connection.", 0 },
417 { "verbose", 'v', NULL, 0, "Increase verbosity.", 0 },
418 { "regex-groom", 'r', NULL, 0,"Uses regexes from -I and -X arguments to groom the database.",0},
419 #define ARGP_KEY_FDCACHE_FDS 0x1001
420 { "fdcache-fds", ARGP_KEY_FDCACHE_FDS, "NUM", 0, "Maximum number of archive files to keep in fdcache.", 0 },
421 #define ARGP_KEY_FDCACHE_MBS 0x1002
422 { "fdcache-mbs", ARGP_KEY_FDCACHE_MBS, "MB", 0, "Maximum total size of archive file fdcache.", 0 },
423 #define ARGP_KEY_FDCACHE_PREFETCH 0x1003
424 { "fdcache-prefetch", ARGP_KEY_FDCACHE_PREFETCH, "NUM", 0, "Number of archive files to prefetch into fdcache.", 0 },
425 #define ARGP_KEY_FDCACHE_MINTMP 0x1004
426 { "fdcache-mintmp", ARGP_KEY_FDCACHE_MINTMP, "NUM", 0, "Minimum free space% on tmpdir.", 0 },
427 #define ARGP_KEY_FDCACHE_PREFETCH_MBS 0x1005
428 { "fdcache-prefetch-mbs", ARGP_KEY_FDCACHE_PREFETCH_MBS, "MB", 0,"Megabytes allocated to the \
429 prefetch cache.", 0},
430 #define ARGP_KEY_FDCACHE_PREFETCH_FDS 0x1006
431 { "fdcache-prefetch-fds", ARGP_KEY_FDCACHE_PREFETCH_FDS, "NUM", 0,"Number of files allocated to the \
432 prefetch cache.", 0},
433 #define ARGP_KEY_FORWARDED_TTL_LIMIT 0x1007
434 {"forwarded-ttl-limit", ARGP_KEY_FORWARDED_TTL_LIMIT, "NUM", 0, "Limit of X-Forwarded-For hops, default 8.", 0},
435 #define ARGP_KEY_PASSIVE 0x1008
436 { "passive", ARGP_KEY_PASSIVE, NULL, 0, "Do not scan or groom, read-only database.", 0 },
437 #define ARGP_KEY_DISABLE_SOURCE_SCAN 0x1009
438 { "disable-source-scan", ARGP_KEY_DISABLE_SOURCE_SCAN, NULL, 0, "Do not scan dwarf source info.", 0 },
439 #define ARGP_SCAN_CHECKPOINT 0x100A
440 { "scan-checkpoint", ARGP_SCAN_CHECKPOINT, "NUM", 0, "Number of files scanned before a WAL checkpoint.", 0 },
441 { NULL, 0, NULL, 0, NULL, 0 },
442 };
443
444 /* Short description of program. */
445 static const char doc[] = "Serve debuginfo-related content across HTTP from files under PATHs.";
446
447 /* Strings for arguments in help texts. */
448 static const char args_doc[] = "[PATH ...]";
449
450 /* Prototype for option handler. */
451 static error_t parse_opt (int key, char *arg, struct argp_state *state);
452
453 static unsigned default_concurrency();
454
455 /* Data structure to communicate with argp functions. */
456 static struct argp argp =
457 {
458 options, parse_opt, args_doc, doc, NULL, NULL, NULL
459 };
460
461
462 static string db_path;
463 static sqlite3 *db; // single connection, serialized across all our threads!
464 static sqlite3 *dbq; // webapi query-servicing readonly connection, serialized ditto!
465 static unsigned verbose;
466 static volatile sig_atomic_t interrupted = 0;
467 static volatile sig_atomic_t forced_rescan_count = 0;
468 static volatile sig_atomic_t sigusr1 = 0;
469 static volatile sig_atomic_t forced_groom_count = 0;
470 static volatile sig_atomic_t sigusr2 = 0;
471 static unsigned http_port = 8002;
472 static unsigned rescan_s = 300;
473 static unsigned groom_s = 86400;
474 static bool maxigroom = false;
475 static unsigned concurrency = default_concurrency();
476 static int connection_pool = 0;
477 static set<string> source_paths;
478 static bool scan_files = false;
479 static map<string,string> scan_archives;
480 static vector<string> extra_ddl;
481 static regex_t file_include_regex;
482 static regex_t file_exclude_regex;
483 static bool regex_groom = false;
484 static bool traverse_logical;
485 static long fdcache_fds;
486 static long fdcache_mbs;
487 static long fdcache_prefetch;
488 static long fdcache_mintmp;
489 static long fdcache_prefetch_mbs;
490 static long fdcache_prefetch_fds;
491 static unsigned forwarded_ttl_limit = 8;
492 static bool scan_source_info = true;
493 static string tmpdir;
494 static bool passive_p = false;
495 static long scan_checkpoint = 256;
496
497 static void set_metric(const string& key, double value);
498 // static void inc_metric(const string& key);
499 static void set_metric(const string& metric,
500 const string& lname, const string& lvalue,
501 double value);
502 static void inc_metric(const string& metric,
503 const string& lname, const string& lvalue);
504 static void add_metric(const string& metric,
505 const string& lname, const string& lvalue,
506 double value);
507 static void inc_metric(const string& metric,
508 const string& lname, const string& lvalue,
509 const string& rname, const string& rvalue);
510 static void add_metric(const string& metric,
511 const string& lname, const string& lvalue,
512 const string& rname, const string& rvalue,
513 double value);
514
515
516 class tmp_inc_metric { // a RAII style wrapper for exception-safe scoped increment & decrement
517 string m, n, v;
518 public:
tmp_inc_metric(const string & mname,const string & lname,const string & lvalue)519 tmp_inc_metric(const string& mname, const string& lname, const string& lvalue):
520 m(mname), n(lname), v(lvalue)
521 {
522 add_metric (m, n, v, 1);
523 }
~tmp_inc_metric()524 ~tmp_inc_metric()
525 {
526 add_metric (m, n, v, -1);
527 }
528 };
529
530 class tmp_ms_metric { // a RAII style wrapper for exception-safe scoped timing
531 string m, n, v;
532 struct timespec ts_start;
533 public:
tmp_ms_metric(const string & mname,const string & lname,const string & lvalue)534 tmp_ms_metric(const string& mname, const string& lname, const string& lvalue):
535 m(mname), n(lname), v(lvalue)
536 {
537 clock_gettime (CLOCK_MONOTONIC, & ts_start);
538 }
~tmp_ms_metric()539 ~tmp_ms_metric()
540 {
541 struct timespec ts_end;
542 clock_gettime (CLOCK_MONOTONIC, & ts_end);
543 double deltas = (ts_end.tv_sec - ts_start.tv_sec)
544 + (ts_end.tv_nsec - ts_start.tv_nsec)/1.e9;
545
546 add_metric (m + "_milliseconds_sum", n, v, (deltas*1000.0));
547 inc_metric (m + "_milliseconds_count", n, v);
548 }
549 };
550
551
552 /* Handle program arguments. */
553 static error_t
parse_opt(int key,char * arg,struct argp_state * state)554 parse_opt (int key, char *arg,
555 struct argp_state *state __attribute__ ((unused)))
556 {
557 int rc;
558 switch (key)
559 {
560 case 'v': verbose ++; break;
561 case 'd':
562 /* When using the in-memory database make sure it is shareable,
563 so we can open it twice as read/write and read-only. */
564 if (strcmp (arg, ":memory:") == 0)
565 db_path = "file::memory:?cache=shared";
566 else
567 db_path = string(arg);
568 break;
569 case 'p': http_port = (unsigned) atoi(arg);
570 if (http_port == 0 || http_port > 65535)
571 argp_failure(state, 1, EINVAL, "port number");
572 break;
573 case 'F': scan_files = true; break;
574 case 'R':
575 scan_archives[".rpm"]="cat"; // libarchive groks rpm natively
576 break;
577 case 'U':
578 scan_archives[".deb"]="(bsdtar -O -x -f - data.tar\\*)<";
579 scan_archives[".ddeb"]="(bsdtar -O -x -f - data.tar\\*)<";
580 scan_archives[".ipk"]="(bsdtar -O -x -f - data.tar\\*)<";
581 // .udeb too?
582 break;
583 case 'Z':
584 {
585 char* extension = strchr(arg, '=');
586 if (arg[0] == '\0')
587 argp_failure(state, 1, EINVAL, "missing EXT");
588 else if (extension)
589 scan_archives[string(arg, (extension-arg))]=string(extension+1);
590 else
591 scan_archives[string(arg)]=string("cat");
592 }
593 break;
594 case 'L':
595 if (passive_p)
596 argp_failure(state, 1, EINVAL, "-L option inconsistent with passive mode");
597 traverse_logical = true;
598 break;
599 case 'D':
600 if (passive_p)
601 argp_failure(state, 1, EINVAL, "-D option inconsistent with passive mode");
602 extra_ddl.push_back(string(arg));
603 break;
604 case 't':
605 if (passive_p)
606 argp_failure(state, 1, EINVAL, "-t option inconsistent with passive mode");
607 rescan_s = (unsigned) atoi(arg);
608 break;
609 case 'g':
610 if (passive_p)
611 argp_failure(state, 1, EINVAL, "-g option inconsistent with passive mode");
612 groom_s = (unsigned) atoi(arg);
613 break;
614 case 'G':
615 if (passive_p)
616 argp_failure(state, 1, EINVAL, "-G option inconsistent with passive mode");
617 maxigroom = true;
618 break;
619 case 'c':
620 if (passive_p)
621 argp_failure(state, 1, EINVAL, "-c option inconsistent with passive mode");
622 concurrency = (unsigned) atoi(arg);
623 if (concurrency < 1) concurrency = 1;
624 break;
625 case 'C':
626 if (arg)
627 {
628 connection_pool = atoi(arg);
629 if (connection_pool < 2)
630 argp_failure(state, 1, EINVAL, "-C NUM minimum 2");
631 }
632 break;
633 case 'I':
634 // NB: no problem with unconditional free here - an earlier failed regcomp would exit program
635 if (passive_p)
636 argp_failure(state, 1, EINVAL, "-I option inconsistent with passive mode");
637 regfree (&file_include_regex);
638 rc = regcomp (&file_include_regex, arg, REG_EXTENDED|REG_NOSUB);
639 if (rc != 0)
640 argp_failure(state, 1, EINVAL, "regular expression");
641 break;
642 case 'X':
643 if (passive_p)
644 argp_failure(state, 1, EINVAL, "-X option inconsistent with passive mode");
645 regfree (&file_exclude_regex);
646 rc = regcomp (&file_exclude_regex, arg, REG_EXTENDED|REG_NOSUB);
647 if (rc != 0)
648 argp_failure(state, 1, EINVAL, "regular expression");
649 break;
650 case 'r':
651 if (passive_p)
652 argp_failure(state, 1, EINVAL, "-r option inconsistent with passive mode");
653 regex_groom = true;
654 break;
655 case ARGP_KEY_FDCACHE_FDS:
656 fdcache_fds = atol (arg);
657 break;
658 case ARGP_KEY_FDCACHE_MBS:
659 fdcache_mbs = atol (arg);
660 break;
661 case ARGP_KEY_FDCACHE_PREFETCH:
662 fdcache_prefetch = atol (arg);
663 break;
664 case ARGP_KEY_FDCACHE_MINTMP:
665 fdcache_mintmp = atol (arg);
666 if( fdcache_mintmp > 100 || fdcache_mintmp < 0 )
667 argp_failure(state, 1, EINVAL, "fdcache mintmp percent");
668 break;
669 case ARGP_KEY_FORWARDED_TTL_LIMIT:
670 forwarded_ttl_limit = (unsigned) atoi(arg);
671 break;
672 case ARGP_KEY_ARG:
673 source_paths.insert(string(arg));
674 break;
675 case ARGP_KEY_FDCACHE_PREFETCH_FDS:
676 fdcache_prefetch_fds = atol(arg);
677 if ( fdcache_prefetch_fds < 0)
678 argp_failure(state, 1, EINVAL, "fdcache prefetch fds");
679 break;
680 case ARGP_KEY_FDCACHE_PREFETCH_MBS:
681 fdcache_prefetch_mbs = atol(arg);
682 if ( fdcache_prefetch_mbs < 0)
683 argp_failure(state, 1, EINVAL, "fdcache prefetch mbs");
684 break;
685 case ARGP_KEY_PASSIVE:
686 passive_p = true;
687 if (source_paths.size() > 0
688 || maxigroom
689 || extra_ddl.size() > 0
690 || traverse_logical)
691 // other conflicting options tricky to check
692 argp_failure(state, 1, EINVAL, "inconsistent options with passive mode");
693 break;
694 case ARGP_KEY_DISABLE_SOURCE_SCAN:
695 scan_source_info = false;
696 break;
697 case ARGP_SCAN_CHECKPOINT:
698 scan_checkpoint = atol (arg);
699 if (scan_checkpoint < 0)
700 argp_failure(state, 1, EINVAL, "scan checkpoint");
701 break;
702 // case 'h': argp_state_help (state, stderr, ARGP_HELP_LONG|ARGP_HELP_EXIT_OK);
703 default: return ARGP_ERR_UNKNOWN;
704 }
705
706 return 0;
707 }
708
709
710 ////////////////////////////////////////////////////////////////////////
711
712
713 static void add_mhd_response_header (struct MHD_Response *r,
714 const char *h, const char *v);
715
716 // represent errors that may get reported to an ostream and/or a libmicrohttpd connection
717
718 struct reportable_exception
719 {
720 int code;
721 string message;
722
reportable_exceptionreportable_exception723 reportable_exception(int c, const string& m): code(c), message(m) {}
reportable_exceptionreportable_exception724 reportable_exception(const string& m): code(503), message(m) {}
reportable_exceptionreportable_exception725 reportable_exception(): code(503), message() {}
726
727 void report(ostream& o) const; // defined under obatched() class below
728
mhd_send_responsereportable_exception729 MHD_RESULT mhd_send_response(MHD_Connection* c) const {
730 MHD_Response* r = MHD_create_response_from_buffer (message.size(),
731 (void*) message.c_str(),
732 MHD_RESPMEM_MUST_COPY);
733 add_mhd_response_header (r, "Content-Type", "text/plain");
734 MHD_RESULT rc = MHD_queue_response (c, code, r);
735 MHD_destroy_response (r);
736 return rc;
737 }
738 };
739
740
741 struct sqlite_exception: public reportable_exception
742 {
sqlite_exceptionsqlite_exception743 sqlite_exception(int rc, const string& msg):
744 reportable_exception(string("sqlite3 error: ") + msg + ": " + string(sqlite3_errstr(rc) ?: "?")) {
745 inc_metric("error_count","sqlite3",sqlite3_errstr(rc));
746 }
747 };
748
749 struct libc_exception: public reportable_exception
750 {
libc_exceptionlibc_exception751 libc_exception(int rc, const string& msg):
752 reportable_exception(string("libc error: ") + msg + ": " + string(strerror(rc) ?: "?")) {
753 inc_metric("error_count","libc",strerror(rc));
754 }
755 };
756
757
758 struct archive_exception: public reportable_exception
759 {
archive_exceptionarchive_exception760 archive_exception(const string& msg):
761 reportable_exception(string("libarchive error: ") + msg) {
762 inc_metric("error_count","libarchive",msg);
763 }
archive_exceptionarchive_exception764 archive_exception(struct archive* a, const string& msg):
765 reportable_exception(string("libarchive error: ") + msg + ": " + string(archive_error_string(a) ?: "?")) {
766 inc_metric("error_count","libarchive",msg + ": " + string(archive_error_string(a) ?: "?"));
767 }
768 };
769
770
771 struct elfutils_exception: public reportable_exception
772 {
elfutils_exceptionelfutils_exception773 elfutils_exception(int rc, const string& msg):
774 reportable_exception(string("elfutils error: ") + msg + ": " + string(elf_errmsg(rc) ?: "?")) {
775 inc_metric("error_count","elfutils",elf_errmsg(rc));
776 }
777 };
778
779
780 ////////////////////////////////////////////////////////////////////////
781
782 template <typename Payload>
783 class workq
784 {
785 unordered_set<Payload> q; // eliminate duplicates
786 mutex mtx;
787 condition_variable cv;
788 bool dead;
789 unsigned idlers; // number of threads busy with wait_idle / done_idle
790 unsigned fronters; // number of threads busy with wait_front / done_front
791
792 public:
workq()793 workq() { dead = false; idlers = 0; fronters = 0; }
~workq()794 ~workq() {}
795
push_back(const Payload & p)796 void push_back(const Payload& p)
797 {
798 unique_lock<mutex> lock(mtx);
799 q.insert (p);
800 set_metric("thread_work_pending","role","scan", q.size());
801 cv.notify_all();
802 }
803
804 // kill this workqueue, wake up all idlers / scanners
nuke()805 void nuke() {
806 unique_lock<mutex> lock(mtx);
807 // optional: q.clear();
808 dead = true;
809 cv.notify_all();
810 }
811
812 // clear the workqueue, when scanning is interrupted with USR2
clear()813 void clear() {
814 unique_lock<mutex> lock(mtx);
815 q.clear();
816 set_metric("thread_work_pending","role","scan", q.size());
817 // NB: there may still be some live fronters
818 cv.notify_all(); // maybe wake up waiting idlers
819 }
820
821 // block this scanner thread until there is work to do and no active idler
wait_front(Payload & p)822 bool wait_front (Payload& p)
823 {
824 unique_lock<mutex> lock(mtx);
825 while (!dead && (q.size() == 0 || idlers > 0))
826 cv.wait(lock);
827 if (dead)
828 return false;
829 else
830 {
831 p = * q.begin();
832 q.erase (q.begin());
833 fronters ++; // prevent idlers from starting awhile, even if empty q
834 set_metric("thread_work_pending","role","scan", q.size());
835 // NB: don't wake up idlers yet! The consumer is busy
836 // processing this element until it calls done_front().
837 return true;
838 }
839 }
840
841 // notify waitq that scanner thread is done with that last item
done_front()842 void done_front ()
843 {
844 unique_lock<mutex> lock(mtx);
845 fronters --;
846 if (q.size() == 0 && fronters == 0)
847 cv.notify_all(); // maybe wake up waiting idlers
848 }
849
850 // block this idler thread until there is no work to do
wait_idle()851 void wait_idle ()
852 {
853 unique_lock<mutex> lock(mtx);
854 cv.notify_all(); // maybe wake up waiting scanners
855 while (!dead && ((q.size() != 0) || fronters > 0))
856 cv.wait(lock);
857 idlers ++;
858 }
859
done_idle()860 void done_idle ()
861 {
862 unique_lock<mutex> lock(mtx);
863 idlers --;
864 cv.notify_all(); // maybe wake up waiting scanners, but probably not (shutting down)
865 }
866 };
867
868 typedef struct stat stat_t;
869 typedef pair<string,stat_t> scan_payload;
operator <(const scan_payload & a,const scan_payload & b)870 inline bool operator< (const scan_payload& a, const scan_payload& b)
871 {
872 return a.first < b.first; // don't bother compare the stat fields
873 }
874
875 namespace std { // https://gcc.gnu.org/bugzilla/show_bug.cgi?id=56480
876 template<> struct hash<::scan_payload>
877 {
operator ()std::hash878 std::size_t operator() (const ::scan_payload& p) const noexcept
879 {
880 return hash<string>()(p.first);
881 }
882 };
883 template<> struct equal_to<::scan_payload>
884 {
operator ()std::equal_to885 std::size_t operator() (const ::scan_payload& a, const ::scan_payload& b) const noexcept
886 {
887 return a.first == b.first;
888 }
889 };
890 }
891
892 static workq<scan_payload> scanq; // just a single one
893 // producer & idler: thread_main_fts_source_paths()
894 // consumer: thread_main_scanner()
895 // idler: thread_main_groom()
896
897
898 ////////////////////////////////////////////////////////////////////////
899
900 // Unique set is a thread-safe structure that lends 'ownership' of a value
901 // to a thread. Other threads requesting the same thing are made to wait.
902 // It's like a semaphore-on-demand.
903 template <typename T>
904 class unique_set
905 {
906 private:
907 set<T> values;
908 mutex mtx;
909 condition_variable cv;
910 public:
unique_set()911 unique_set() {}
~unique_set()912 ~unique_set() {}
913
acquire(const T & value)914 void acquire(const T& value)
915 {
916 unique_lock<mutex> lock(mtx);
917 while (values.find(value) != values.end())
918 cv.wait(lock);
919 values.insert(value);
920 }
921
release(const T & value)922 void release(const T& value)
923 {
924 unique_lock<mutex> lock(mtx);
925 // assert (values.find(value) != values.end());
926 values.erase(value);
927 cv.notify_all();
928 }
929 };
930
931
932 // This is the object that's instantiate to uniquely hold a value in a
933 // RAII-pattern way.
934 template <typename T>
935 class unique_set_reserver
936 {
937 private:
938 unique_set<T>& please_hold;
939 T mine;
940 public:
unique_set_reserver(unique_set<T> & t,const T & value)941 unique_set_reserver(unique_set<T>& t, const T& value):
942 please_hold(t), mine(value) { please_hold.acquire(mine); }
~unique_set_reserver()943 ~unique_set_reserver() { please_hold.release(mine); }
944 };
945
946
947 ////////////////////////////////////////////////////////////////////////
948
949 // periodic_barrier is a concurrency control object that lets N threads
950 // periodically (based on counter value) agree to wait at a barrier,
951 // let one of them carry out some work, then be set free
952
953 class periodic_barrier
954 {
955 private:
956 unsigned period; // number of count() reports to trigger barrier activation
957 unsigned threads; // number of threads participating
958 mutex mtx; // protects all the following fields
959 unsigned counter; // count of count() reports in the current generation
960 unsigned generation; // barrier activation generation
961 unsigned waiting; // number of threads waiting for barrier
962 bool dead; // bring out your
963 condition_variable cv;
964 public:
periodic_barrier(unsigned t,unsigned p)965 periodic_barrier(unsigned t, unsigned p):
966 period(p), threads(t), counter(0), generation(0), waiting(0), dead(false) { }
~periodic_barrier()967 virtual ~periodic_barrier() {}
968
969 virtual void periodic_barrier_work() noexcept = 0;
nuke()970 void nuke() {
971 unique_lock<mutex> lock(mtx);
972 dead = true;
973 cv.notify_all();
974 }
975
count()976 void count()
977 {
978 unique_lock<mutex> lock(mtx);
979 unsigned prev_generation = this->generation;
980 if (counter < period-1) // normal case: counter just freely running
981 {
982 counter ++;
983 return;
984 }
985 else if (counter == period-1) // we're the doer
986 {
987 counter = period; // entering barrier holding phase
988 cv.notify_all();
989 while (waiting < threads-1 && !dead)
990 cv.wait(lock);
991 // all other threads are now stuck in the barrier
992 this->periodic_barrier_work(); // NB: we're holding the mutex the whole time
993 // reset for next barrier, releasing other waiters
994 counter = 0;
995 generation ++;
996 cv.notify_all();
997 return;
998 }
999 else if (counter == period) // we're a waiter, in holding phase
1000 {
1001 waiting ++;
1002 cv.notify_all();
1003 while (counter == period && generation == prev_generation && !dead)
1004 cv.wait(lock);
1005 waiting --;
1006 return;
1007 }
1008 }
1009 };
1010
1011
1012
1013 ////////////////////////////////////////////////////////////////////////
1014
1015
1016 // Print a standard timestamp.
1017 static ostream&
timestamp(ostream & o)1018 timestamp (ostream &o)
1019 {
1020 char datebuf[80];
1021 char *now2 = NULL;
1022 time_t now_t = time(NULL);
1023 struct tm now;
1024 struct tm *nowp = gmtime_r (&now_t, &now);
1025 if (nowp)
1026 {
1027 (void) strftime (datebuf, sizeof (datebuf), "%c", nowp);
1028 now2 = datebuf;
1029 }
1030
1031 return o << "[" << (now2 ? now2 : "") << "] "
1032 << "(" << getpid () << "/" << tid() << "): ";
1033 }
1034
1035
1036 // A little class that impersonates an ostream to the extent that it can
1037 // take << streaming operations. It batches up the bits into an internal
1038 // stringstream until it is destroyed; then flushes to the original ostream.
1039 // It adds a timestamp
1040 class obatched
1041 {
1042 private:
1043 ostream& o;
1044 stringstream stro;
1045 static mutex lock;
1046 public:
obatched(ostream & oo,bool timestamp_p=true)1047 obatched(ostream& oo, bool timestamp_p = true): o(oo)
1048 {
1049 if (timestamp_p)
1050 timestamp(stro);
1051 }
~obatched()1052 ~obatched()
1053 {
1054 unique_lock<mutex> do_not_cross_the_streams(obatched::lock);
1055 o << stro.str();
1056 o.flush();
1057 }
operator ostream&()1058 operator ostream& () { return stro; }
operator <<(const T & t)1059 template <typename T> ostream& operator << (const T& t) { stro << t; return stro; }
1060 };
1061 mutex obatched::lock; // just the one, since cout/cerr iostreams are not thread-safe
1062
1063
report(ostream & o) const1064 void reportable_exception::report(ostream& o) const {
1065 obatched(o) << message << endl;
1066 }
1067
1068
1069 ////////////////////////////////////////////////////////////////////////
1070
1071
1072 // RAII style sqlite prepared-statement holder that matches { } block lifetime
1073
1074 struct sqlite_ps
1075 {
1076 private:
1077 sqlite3* db;
1078 const string nickname;
1079 const string sql;
1080 sqlite3_stmt *pp;
1081
1082 sqlite_ps(const sqlite_ps&); // make uncopyable
1083 sqlite_ps& operator=(const sqlite_ps &); // make unassignable
1084
1085 public:
sqlite_pssqlite_ps1086 sqlite_ps (sqlite3* d, const string& n, const string& s): db(d), nickname(n), sql(s) {
1087 // tmp_ms_metric tick("sqlite3","prep",nickname);
1088 if (verbose > 4)
1089 obatched(clog) << nickname << " prep " << sql << endl;
1090 int rc = sqlite3_prepare_v2 (db, sql.c_str(), -1 /* to \0 */, & this->pp, NULL);
1091 if (rc != SQLITE_OK)
1092 throw sqlite_exception(rc, "prepare " + sql);
1093 }
1094
resetsqlite_ps1095 sqlite_ps& reset()
1096 {
1097 tmp_ms_metric tick("sqlite3","reset",nickname);
1098 sqlite3_reset(this->pp);
1099 return *this;
1100 }
1101
bindsqlite_ps1102 sqlite_ps& bind(int parameter, const string& str)
1103 {
1104 if (verbose > 4)
1105 obatched(clog) << nickname << " bind " << parameter << "=" << str << endl;
1106 int rc = sqlite3_bind_text (this->pp, parameter, str.c_str(), -1, SQLITE_TRANSIENT);
1107 if (rc != SQLITE_OK)
1108 throw sqlite_exception(rc, "sqlite3 bind");
1109 return *this;
1110 }
1111
bindsqlite_ps1112 sqlite_ps& bind(int parameter, int64_t value)
1113 {
1114 if (verbose > 4)
1115 obatched(clog) << nickname << " bind " << parameter << "=" << value << endl;
1116 int rc = sqlite3_bind_int64 (this->pp, parameter, value);
1117 if (rc != SQLITE_OK)
1118 throw sqlite_exception(rc, "sqlite3 bind");
1119 return *this;
1120 }
1121
bindsqlite_ps1122 sqlite_ps& bind(int parameter)
1123 {
1124 if (verbose > 4)
1125 obatched(clog) << nickname << " bind " << parameter << "=" << "NULL" << endl;
1126 int rc = sqlite3_bind_null (this->pp, parameter);
1127 if (rc != SQLITE_OK)
1128 throw sqlite_exception(rc, "sqlite3 bind");
1129 return *this;
1130 }
1131
1132
step_ok_donesqlite_ps1133 void step_ok_done() {
1134 tmp_ms_metric tick("sqlite3","step_done",nickname);
1135 int rc = sqlite3_step (this->pp);
1136 if (verbose > 4)
1137 obatched(clog) << nickname << " step-ok-done(" << sqlite3_errstr(rc) << ") " << sql << endl;
1138 if (rc != SQLITE_OK && rc != SQLITE_DONE && rc != SQLITE_ROW)
1139 throw sqlite_exception(rc, "sqlite3 step");
1140 (void) sqlite3_reset (this->pp);
1141 }
1142
1143
stepsqlite_ps1144 int step() {
1145 tmp_ms_metric tick("sqlite3","step",nickname);
1146 int rc = sqlite3_step (this->pp);
1147 if (verbose > 4)
1148 obatched(clog) << nickname << " step(" << sqlite3_errstr(rc) << ") " << sql << endl;
1149 return rc;
1150 }
1151
~sqlite_pssqlite_ps1152 ~sqlite_ps () { sqlite3_finalize (this->pp); }
operator sqlite3_stmt*sqlite_ps1153 operator sqlite3_stmt* () { return this->pp; }
1154 };
1155
1156
1157 ////////////////////////////////////////////////////////////////////////
1158
1159
1160 struct sqlite_checkpoint_pb: public periodic_barrier
1161 {
1162 // NB: don't use sqlite_ps since it can throw exceptions during ctor etc.
sqlite_checkpoint_pbsqlite_checkpoint_pb1163 sqlite_checkpoint_pb(unsigned t, unsigned p):
1164 periodic_barrier(t, p) { }
1165
periodic_barrier_worksqlite_checkpoint_pb1166 void periodic_barrier_work() noexcept
1167 {
1168 (void) sqlite3_exec (db, "pragma wal_checkpoint(truncate);", NULL, NULL, NULL);
1169 }
1170 };
1171
1172 static periodic_barrier* scan_barrier = 0; // initialized in main()
1173
1174
1175 ////////////////////////////////////////////////////////////////////////
1176
1177 // RAII style templated autocloser
1178
1179 template <class Payload, class Ignore>
1180 struct defer_dtor
1181 {
1182 public:
1183 typedef Ignore (*dtor_fn) (Payload);
1184
1185 private:
1186 Payload p;
1187 dtor_fn fn;
1188
1189 public:
defer_dtordefer_dtor1190 defer_dtor(Payload _p, dtor_fn _fn): p(_p), fn(_fn) {}
~defer_dtordefer_dtor1191 ~defer_dtor() { (void) (*fn)(p); }
1192
1193 private:
1194 defer_dtor(const defer_dtor<Payload,Ignore>&); // make uncopyable
1195 defer_dtor& operator=(const defer_dtor<Payload,Ignore> &); // make unassignable
1196 };
1197
1198
1199
1200 ////////////////////////////////////////////////////////////////////////
1201
1202
1203 static string
header_censor(const string & str)1204 header_censor(const string& str)
1205 {
1206 string y;
1207 for (auto&& x : str)
1208 {
1209 if (isalnum(x) || x == '/' || x == '.' || x == ',' || x == '_' || x == ':')
1210 y += x;
1211 }
1212 return y;
1213 }
1214
1215
1216 static string
conninfo(struct MHD_Connection * conn)1217 conninfo (struct MHD_Connection * conn)
1218 {
1219 char hostname[256]; // RFC1035
1220 char servname[256];
1221 int sts = -1;
1222
1223 if (conn == 0)
1224 return "internal";
1225
1226 /* Look up client address data. */
1227 const union MHD_ConnectionInfo *u = MHD_get_connection_info (conn,
1228 MHD_CONNECTION_INFO_CLIENT_ADDRESS);
1229 struct sockaddr *so = u ? u->client_addr : 0;
1230
1231 if (so && so->sa_family == AF_INET) {
1232 sts = getnameinfo (so, sizeof (struct sockaddr_in),
1233 hostname, sizeof (hostname),
1234 servname, sizeof (servname),
1235 NI_NUMERICHOST | NI_NUMERICSERV);
1236 } else if (so && so->sa_family == AF_INET6) {
1237 struct sockaddr_in6* addr6 = (struct sockaddr_in6*) so;
1238 if (IN6_IS_ADDR_V4MAPPED(&addr6->sin6_addr)) {
1239 struct sockaddr_in addr4;
1240 memset (&addr4, 0, sizeof(addr4));
1241 addr4.sin_family = AF_INET;
1242 addr4.sin_port = addr6->sin6_port;
1243 memcpy (&addr4.sin_addr.s_addr, addr6->sin6_addr.s6_addr+12, sizeof(addr4.sin_addr.s_addr));
1244 sts = getnameinfo ((struct sockaddr*) &addr4, sizeof (addr4),
1245 hostname, sizeof (hostname),
1246 servname, sizeof (servname),
1247 NI_NUMERICHOST | NI_NUMERICSERV);
1248 } else {
1249 sts = getnameinfo (so, sizeof (struct sockaddr_in6),
1250 hostname, sizeof (hostname),
1251 servname, sizeof (servname),
1252 NI_NUMERICHOST | NI_NUMERICSERV);
1253 }
1254 }
1255
1256 if (sts != 0) {
1257 hostname[0] = servname[0] = '\0';
1258 }
1259
1260 // extract headers relevant to administration
1261 const char* user_agent = MHD_lookup_connection_value (conn, MHD_HEADER_KIND, "User-Agent") ?: "";
1262 const char* x_forwarded_for = MHD_lookup_connection_value (conn, MHD_HEADER_KIND, "X-Forwarded-For") ?: "";
1263 // NB: these are untrustworthy, beware if machine-processing log files
1264
1265 return string(hostname) + string(":") + string(servname) +
1266 string(" UA:") + header_censor(string(user_agent)) +
1267 string(" XFF:") + header_censor(string(x_forwarded_for));
1268 }
1269
1270
1271
1272 ////////////////////////////////////////////////////////////////////////
1273
1274 /* Wrapper for MHD_add_response_header that logs an error if we
1275 couldn't add the specified header. */
1276 static void
add_mhd_response_header(struct MHD_Response * r,const char * h,const char * v)1277 add_mhd_response_header (struct MHD_Response *r,
1278 const char *h, const char *v)
1279 {
1280 if (MHD_add_response_header (r, h, v) == MHD_NO)
1281 obatched(clog) << "Error: couldn't add '" << h << "' header" << endl;
1282 }
1283
1284 static void
add_mhd_last_modified(struct MHD_Response * resp,time_t mtime)1285 add_mhd_last_modified (struct MHD_Response *resp, time_t mtime)
1286 {
1287 struct tm now;
1288 struct tm *nowp = gmtime_r (&mtime, &now);
1289 if (nowp != NULL)
1290 {
1291 char datebuf[80];
1292 size_t rc = strftime (datebuf, sizeof (datebuf), "%a, %d %b %Y %T GMT",
1293 nowp);
1294 if (rc > 0 && rc < sizeof (datebuf))
1295 add_mhd_response_header (resp, "Last-Modified", datebuf);
1296 }
1297
1298 add_mhd_response_header (resp, "Cache-Control", "public");
1299 }
1300
1301 // quote all questionable characters of str for safe passage through a sh -c expansion.
1302 static string
shell_escape(const string & str)1303 shell_escape(const string& str)
1304 {
1305 string y;
1306 for (auto&& x : str)
1307 {
1308 if (! isalnum(x) && x != '/')
1309 y += "\\";
1310 y += x;
1311 }
1312 return y;
1313 }
1314
1315
1316 // PR25548: Perform POSIX / RFC3986 style path canonicalization on the input string.
1317 //
1318 // Namely:
1319 // // -> /
1320 // /foo/../ -> /
1321 // /./ -> /
1322 //
1323 // This mapping is done on dwarf-side source path names, which may
1324 // include these constructs, so we can deal with debuginfod clients
1325 // that accidentally canonicalize the paths.
1326 //
1327 // realpath(3) is close but not quite right, because it also resolves
1328 // symbolic links. Symlinks at the debuginfod server have nothing to
1329 // do with the build-time symlinks, thus they must not be considered.
1330 //
1331 // see also curl Curl_dedotdotify() aka RFC3986, which we mostly follow here
1332 // see also libc __realpath()
1333 // see also llvm llvm::sys::path::remove_dots()
1334 static string
canon_pathname(const string & input)1335 canon_pathname (const string& input)
1336 {
1337 string i = input; // 5.2.4 (1)
1338 string o;
1339
1340 while (i.size() != 0)
1341 {
1342 // 5.2.4 (2) A
1343 if (i.substr(0,3) == "../")
1344 i = i.substr(3);
1345 else if(i.substr(0,2) == "./")
1346 i = i.substr(2);
1347
1348 // 5.2.4 (2) B
1349 else if (i.substr(0,3) == "/./")
1350 i = i.substr(2);
1351 else if (i == "/.")
1352 i = ""; // no need to handle "/." complete-path-segment case; we're dealing with file names
1353
1354 // 5.2.4 (2) C
1355 else if (i.substr(0,4) == "/../") {
1356 i = i.substr(3);
1357 string::size_type sl = o.rfind("/");
1358 if (sl != string::npos)
1359 o = o.substr(0, sl);
1360 else
1361 o = "";
1362 } else if (i == "/..")
1363 i = ""; // no need to handle "/.." complete-path-segment case; we're dealing with file names
1364
1365 // 5.2.4 (2) D
1366 // no need to handle these cases; we're dealing with file names
1367 else if (i == ".")
1368 i = "";
1369 else if (i == "..")
1370 i = "";
1371
1372 // POSIX special: map // to /
1373 else if (i.substr(0,2) == "//")
1374 i = i.substr(1);
1375
1376 // 5.2.4 (2) E
1377 else {
1378 string::size_type next_slash = i.find("/", (i[0]=='/' ? 1 : 0)); // skip first slash
1379 o += i.substr(0, next_slash);
1380 if (next_slash == string::npos)
1381 i = "";
1382 else
1383 i = i.substr(next_slash);
1384 }
1385 }
1386
1387 return o;
1388 }
1389
1390
1391 // Estimate available free space for a given filesystem via statfs(2).
1392 // Return true if the free fraction is known to be smaller than the
1393 // given minimum percentage. Also update a related metric.
statfs_free_enough_p(const string & path,const string & label,long minfree=0)1394 bool statfs_free_enough_p(const string& path, const string& label, long minfree = 0)
1395 {
1396 struct statfs sfs;
1397 int rc = statfs(path.c_str(), &sfs);
1398 if (rc == 0)
1399 {
1400 double s = (double) sfs.f_bavail / (double) sfs.f_blocks;
1401 set_metric("filesys_free_ratio","purpose",label, s);
1402 return ((s * 100.0) < minfree);
1403 }
1404 return false;
1405 }
1406
1407
1408
1409 // A map-like class that owns a cache of file descriptors (indexed by
1410 // file / content names).
1411 //
1412 // If only it could use fd's instead of file names ... but we can't
1413 // dup(2) to create independent descriptors for the same unlinked
1414 // files, so would have to use some goofy linux /proc/self/fd/%d
1415 // hack such as the following
1416
1417 #if 0
1418 int superdup(int fd)
1419 {
1420 #ifdef __linux__
1421 char *fdpath = NULL;
1422 int rc = asprintf(& fdpath, "/proc/self/fd/%d", fd);
1423 int newfd;
1424 if (rc >= 0)
1425 newfd = open(fdpath, O_RDONLY);
1426 else
1427 newfd = -1;
1428 free (fdpath);
1429 return newfd;
1430 #else
1431 return -1;
1432 #endif
1433 }
1434 #endif
1435
1436 class libarchive_fdcache
1437 {
1438 private:
1439 mutex fdcache_lock;
1440
1441 struct fdcache_entry
1442 {
1443 string archive;
1444 string entry;
1445 string fd;
1446 double fd_size_mb; // slightly rounded up megabytes
1447 };
1448 deque<fdcache_entry> lru; // @head: most recently used
1449 long max_fds;
1450 deque<fdcache_entry> prefetch; // prefetched
1451 long max_mbs;
1452 long max_prefetch_mbs;
1453 long max_prefetch_fds;
1454
1455 public:
set_metrics()1456 void set_metrics()
1457 {
1458 double fdcache_mb = 0.0;
1459 double prefetch_mb = 0.0;
1460 for (auto i = lru.begin(); i < lru.end(); i++)
1461 fdcache_mb += i->fd_size_mb;
1462 for (auto j = prefetch.begin(); j < prefetch.end(); j++)
1463 prefetch_mb += j->fd_size_mb;
1464 set_metric("fdcache_bytes", fdcache_mb*1024.0*1024.0);
1465 set_metric("fdcache_count", lru.size());
1466 set_metric("fdcache_prefetch_bytes", prefetch_mb*1024.0*1024.0);
1467 set_metric("fdcache_prefetch_count", prefetch.size());
1468 }
1469
intern(const string & a,const string & b,string fd,off_t sz,bool front_p)1470 void intern(const string& a, const string& b, string fd, off_t sz, bool front_p)
1471 {
1472 {
1473 unique_lock<mutex> lock(fdcache_lock);
1474 // nuke preexisting copy
1475 for (auto i = lru.begin(); i < lru.end(); i++)
1476 {
1477 if (i->archive == a && i->entry == b)
1478 {
1479 unlink (i->fd.c_str());
1480 lru.erase(i);
1481 inc_metric("fdcache_op_count","op","dequeue");
1482 break; // must not continue iterating
1483 }
1484 }
1485 // nuke preexisting copy in prefetch
1486 for (auto i = prefetch.begin(); i < prefetch.end(); i++)
1487 {
1488 if (i->archive == a && i->entry == b)
1489 {
1490 unlink (i->fd.c_str());
1491 prefetch.erase(i);
1492 inc_metric("fdcache_op_count","op","prefetch_dequeue");
1493 break; // must not continue iterating
1494 }
1495 }
1496 double mb = (sz+65535)/1048576.0; // round up to 64K block
1497 fdcache_entry n = { a, b, fd, mb };
1498 if (front_p)
1499 {
1500 inc_metric("fdcache_op_count","op","enqueue");
1501 lru.push_front(n);
1502 }
1503 else
1504 {
1505 inc_metric("fdcache_op_count","op","prefetch_enqueue");
1506 prefetch.push_front(n);
1507 }
1508 if (verbose > 3)
1509 obatched(clog) << "fdcache interned a=" << a << " b=" << b
1510 << " fd=" << fd << " mb=" << mb << " front=" << front_p << endl;
1511
1512 set_metrics();
1513 }
1514
1515 // NB: we age the cache at lookup time too
1516 if (statfs_free_enough_p(tmpdir, "tmpdir", fdcache_mintmp))
1517 {
1518 inc_metric("fdcache_op_count","op","emerg-flush");
1519 obatched(clog) << "fdcache emergency flush for filling tmpdir" << endl;
1520 this->limit(0, 0, 0, 0); // emergency flush
1521 }
1522 else if (front_p)
1523 this->limit(max_fds, max_mbs, max_prefetch_fds, max_prefetch_mbs); // age cache if required
1524 }
1525
lookup(const string & a,const string & b)1526 int lookup(const string& a, const string& b)
1527 {
1528 int fd = -1;
1529 {
1530 unique_lock<mutex> lock(fdcache_lock);
1531 for (auto i = lru.begin(); i < lru.end(); i++)
1532 {
1533 if (i->archive == a && i->entry == b)
1534 { // found it; move it to head of lru
1535 fdcache_entry n = *i;
1536 lru.erase(i); // invalidates i, so no more iteration!
1537 lru.push_front(n);
1538 inc_metric("fdcache_op_count","op","requeue_front");
1539 fd = open(n.fd.c_str(), O_RDONLY);
1540 break;
1541 }
1542 }
1543 // Iterate through prefetch while fd == -1 to ensure that no duplication between lru and
1544 // prefetch occurs.
1545 for ( auto i = prefetch.begin(); fd == -1 && i < prefetch.end(); ++i)
1546 {
1547 if (i->archive == a && i->entry == b)
1548 { // found it; take the entry from the prefetch deque to the lru deque, since it has now been accessed.
1549 fdcache_entry n = *i;
1550 prefetch.erase(i);
1551 lru.push_front(n);
1552 inc_metric("fdcache_op_count","op","prefetch_access");
1553 fd = open(n.fd.c_str(), O_RDONLY);
1554 break;
1555 }
1556 }
1557 }
1558
1559 if (statfs_free_enough_p(tmpdir, "tmpdir", fdcache_mintmp))
1560 {
1561 inc_metric("fdcache_op_count","op","emerg-flush");
1562 obatched(clog) << "fdcache emergency flush for filling tmpdir" << endl;
1563 this->limit(0, 0, 0, 0); // emergency flush
1564 }
1565 else if (fd >= 0)
1566 this->limit(max_fds, max_mbs, max_prefetch_fds, max_prefetch_mbs); // age cache if required
1567
1568 return fd;
1569 }
1570
probe(const string & a,const string & b)1571 int probe(const string& a, const string& b) // just a cache residency check - don't modify LRU state, don't open
1572 {
1573 unique_lock<mutex> lock(fdcache_lock);
1574 for (auto i = lru.begin(); i < lru.end(); i++)
1575 {
1576 if (i->archive == a && i->entry == b)
1577 {
1578 inc_metric("fdcache_op_count","op","probe_hit");
1579 return true;
1580 }
1581 }
1582 for (auto i = prefetch.begin(); i < prefetch.end(); i++)
1583 {
1584 if (i->archive == a && i->entry == b)
1585 {
1586 inc_metric("fdcache_op_count","op","prefetch_probe_hit");
1587 return true;
1588 }
1589 }
1590 inc_metric("fdcache_op_count","op","probe_miss");
1591 return false;
1592 }
1593
clear(const string & a,const string & b)1594 void clear(const string& a, const string& b)
1595 {
1596 unique_lock<mutex> lock(fdcache_lock);
1597 for (auto i = lru.begin(); i < lru.end(); i++)
1598 {
1599 if (i->archive == a && i->entry == b)
1600 { // found it; erase it from lru
1601 fdcache_entry n = *i;
1602 lru.erase(i); // invalidates i, so no more iteration!
1603 inc_metric("fdcache_op_count","op","clear");
1604 unlink (n.fd.c_str());
1605 set_metrics();
1606 return;
1607 }
1608 }
1609 for (auto i = prefetch.begin(); i < prefetch.end(); i++)
1610 {
1611 if (i->archive == a && i->entry == b)
1612 { // found it; erase it from lru
1613 fdcache_entry n = *i;
1614 prefetch.erase(i); // invalidates i, so no more iteration!
1615 inc_metric("fdcache_op_count","op","prefetch_clear");
1616 unlink (n.fd.c_str());
1617 set_metrics();
1618 return;
1619 }
1620 }
1621 }
1622
limit(long maxfds,long maxmbs,long maxprefetchfds,long maxprefetchmbs,bool metrics_p=true)1623 void limit(long maxfds, long maxmbs, long maxprefetchfds, long maxprefetchmbs , bool metrics_p = true)
1624 {
1625 if (verbose > 3 && (this->max_fds != maxfds || this->max_mbs != maxmbs))
1626 obatched(clog) << "fdcache limited to maxfds=" << maxfds << " maxmbs=" << maxmbs << endl;
1627
1628 unique_lock<mutex> lock(fdcache_lock);
1629 this->max_fds = maxfds;
1630 this->max_mbs = maxmbs;
1631 this->max_prefetch_fds = maxprefetchfds;
1632 this->max_prefetch_mbs = maxprefetchmbs;
1633 long total_fd = 0;
1634 double total_mb = 0.0;
1635 for (auto i = lru.begin(); i < lru.end(); i++)
1636 {
1637 // accumulate totals from most recently used one going backward
1638 total_fd ++;
1639 total_mb += i->fd_size_mb;
1640 if (total_fd > this->max_fds || total_mb > this->max_mbs)
1641 {
1642 // found the cut here point!
1643
1644 for (auto j = i; j < lru.end(); j++) // close all the fds from here on in
1645 {
1646 if (verbose > 3)
1647 obatched(clog) << "fdcache evicted a=" << j->archive << " b=" << j->entry
1648 << " fd=" << j->fd << " mb=" << j->fd_size_mb << endl;
1649 if (metrics_p)
1650 inc_metric("fdcache_op_count","op","evict");
1651 unlink (j->fd.c_str());
1652 }
1653
1654 lru.erase(i, lru.end()); // erase the nodes generally
1655 break;
1656 }
1657 }
1658 total_fd = 0;
1659 total_mb = 0.0;
1660 for(auto i = prefetch.begin(); i < prefetch.end(); i++){
1661 // accumulate totals from most recently used one going backward
1662 total_fd ++;
1663 total_mb += i->fd_size_mb;
1664 if (total_fd > this->max_prefetch_fds || total_mb > this->max_prefetch_mbs)
1665 {
1666 // found the cut here point!
1667 for (auto j = i; j < prefetch.end(); j++) // close all the fds from here on in
1668 {
1669 if (verbose > 3)
1670 obatched(clog) << "fdcache evicted from prefetch a=" << j->archive << " b=" << j->entry
1671 << " fd=" << j->fd << " mb=" << j->fd_size_mb << endl;
1672 if (metrics_p)
1673 inc_metric("fdcache_op_count","op","prefetch_evict");
1674 unlink (j->fd.c_str());
1675 }
1676
1677 prefetch.erase(i, prefetch.end()); // erase the nodes generally
1678 break;
1679 }
1680 }
1681 if (metrics_p) set_metrics();
1682 }
1683
1684
~libarchive_fdcache()1685 ~libarchive_fdcache()
1686 {
1687 // unlink any fdcache entries in $TMPDIR
1688 // don't update metrics; those globals may be already destroyed
1689 limit(0, 0, 0, 0, false);
1690 }
1691 };
1692 static libarchive_fdcache fdcache;
1693
1694 /* Search ELF_FD for an ELF/DWARF section with name SECTION.
1695 If found copy the section to a temporary file and return
1696 its file descriptor, otherwise return -1.
1697
1698 The temporary file's mtime will be set to PARENT_MTIME.
1699 B_SOURCE should be a description of the parent file suitable
1700 for printing to the log. */
1701
1702 static int
extract_section(int elf_fd,int64_t parent_mtime,const string & b_source,const string & section)1703 extract_section (int elf_fd, int64_t parent_mtime,
1704 const string& b_source, const string& section)
1705 {
1706 /* Search the fdcache. */
1707 struct stat fs;
1708 int fd = fdcache.lookup (b_source, section);
1709 if (fd >= 0)
1710 {
1711 if (fstat (fd, &fs) != 0)
1712 {
1713 if (verbose)
1714 obatched (clog) << "cannot fstate fdcache "
1715 << b_source << " " << section << endl;
1716 close (fd);
1717 return -1;
1718 }
1719 if ((int64_t) fs.st_mtime != parent_mtime)
1720 {
1721 if (verbose)
1722 obatched(clog) << "mtime mismatch for "
1723 << b_source << " " << section << endl;
1724 close (fd);
1725 return -1;
1726 }
1727 /* Success. */
1728 return fd;
1729 }
1730
1731 Elf *elf = elf_begin (elf_fd, ELF_C_READ_MMAP_PRIVATE, NULL);
1732 if (elf == NULL)
1733 return -1;
1734
1735 /* Try to find the section and copy the contents into a separate file. */
1736 try
1737 {
1738 size_t shstrndx;
1739 int rc = elf_getshdrstrndx (elf, &shstrndx);
1740 if (rc < 0)
1741 throw elfutils_exception (rc, "getshdrstrndx");
1742
1743 Elf_Scn *scn = NULL;
1744 while (true)
1745 {
1746 scn = elf_nextscn (elf, scn);
1747 if (scn == NULL)
1748 break;
1749 GElf_Shdr shdr_storage;
1750 GElf_Shdr *shdr = gelf_getshdr (scn, &shdr_storage);
1751 if (shdr == NULL)
1752 break;
1753
1754 const char *scn_name = elf_strptr (elf, shstrndx, shdr->sh_name);
1755 if (scn_name == NULL)
1756 break;
1757 if (scn_name == section)
1758 {
1759 Elf_Data *data = NULL;
1760
1761 /* We found the desired section. */
1762 data = elf_rawdata (scn, NULL);
1763 if (data == NULL)
1764 throw elfutils_exception (elf_errno (), "elfraw_data");
1765 if (data->d_buf == NULL)
1766 {
1767 obatched(clog) << "section " << section
1768 << " is empty" << endl;
1769 break;
1770 }
1771
1772 /* Create temporary file containing the section. */
1773 char *tmppath = NULL;
1774 rc = asprintf (&tmppath, "%s/debuginfod.XXXXXX", tmpdir.c_str());
1775 if (rc < 0)
1776 throw libc_exception (ENOMEM, "cannot allocate tmppath");
1777 defer_dtor<void*,void> tmmpath_freer (tmppath, free);
1778 fd = mkstemp (tmppath);
1779 if (fd < 0)
1780 throw libc_exception (errno, "cannot create temporary file");
1781 ssize_t res = write_retry (fd, data->d_buf, data->d_size);
1782 if (res < 0 || (size_t) res != data->d_size)
1783 throw libc_exception (errno, "cannot write to temporary file");
1784
1785 /* Set mtime to be the same as the parent file's mtime. */
1786 struct timespec tvs[2];
1787 if (fstat (elf_fd, &fs) != 0)
1788 throw libc_exception (errno, "cannot fstat file");
1789
1790 tvs[0].tv_sec = 0;
1791 tvs[0].tv_nsec = UTIME_OMIT;
1792 tvs[1] = fs.st_mtim;
1793 (void) futimens (fd, tvs);
1794
1795 /* Add to fdcache. */
1796 fdcache.intern (b_source, section, tmppath, data->d_size, true);
1797 break;
1798 }
1799 }
1800 }
1801 catch (const reportable_exception &e)
1802 {
1803 e.report (clog);
1804 close (fd);
1805 fd = -1;
1806 }
1807
1808 elf_end (elf);
1809 return fd;
1810 }
1811
1812 static struct MHD_Response*
handle_buildid_f_match(bool internal_req_t,int64_t b_mtime,const string & b_source0,const string & section,int * result_fd)1813 handle_buildid_f_match (bool internal_req_t,
1814 int64_t b_mtime,
1815 const string& b_source0,
1816 const string& section,
1817 int *result_fd)
1818 {
1819 (void) internal_req_t; // ignored
1820 int fd = open(b_source0.c_str(), O_RDONLY);
1821 if (fd < 0)
1822 throw libc_exception (errno, string("open ") + b_source0);
1823
1824 // NB: use manual close(2) in error case instead of defer_dtor, because
1825 // in the normal case, we want to hand the fd over to libmicrohttpd for
1826 // file transfer.
1827
1828 struct stat s;
1829 int rc = fstat(fd, &s);
1830 if (rc < 0)
1831 {
1832 close(fd);
1833 throw libc_exception (errno, string("fstat ") + b_source0);
1834 }
1835
1836 if ((int64_t) s.st_mtime != b_mtime)
1837 {
1838 if (verbose)
1839 obatched(clog) << "mtime mismatch for " << b_source0 << endl;
1840 close(fd);
1841 return 0;
1842 }
1843
1844 if (!section.empty ())
1845 {
1846 int scn_fd = extract_section (fd, s.st_mtime, b_source0, section);
1847 close (fd);
1848
1849 if (scn_fd >= 0)
1850 fd = scn_fd;
1851 else
1852 {
1853 if (verbose)
1854 obatched (clog) << "cannot find section " << section
1855 << " for " << b_source0 << endl;
1856 return 0;
1857 }
1858
1859 rc = fstat(fd, &s);
1860 if (rc < 0)
1861 {
1862 close (fd);
1863 throw libc_exception (errno, string ("fstat ") + b_source0
1864 + string (" ") + section);
1865 }
1866 }
1867
1868 struct MHD_Response* r = MHD_create_response_from_fd ((uint64_t) s.st_size, fd);
1869 inc_metric ("http_responses_total","result","file");
1870 if (r == 0)
1871 {
1872 if (verbose)
1873 obatched(clog) << "cannot create fd-response for " << b_source0
1874 << " section=" << section << endl;
1875 close(fd);
1876 }
1877 else
1878 {
1879 add_mhd_response_header (r, "Content-Type", "application/octet-stream");
1880 add_mhd_response_header (r, "X-DEBUGINFOD-SIZE",
1881 to_string(s.st_size).c_str());
1882 add_mhd_response_header (r, "X-DEBUGINFOD-FILE", b_source0.c_str());
1883 add_mhd_last_modified (r, s.st_mtime);
1884 if (verbose > 1)
1885 obatched(clog) << "serving file " << b_source0 << " section=" << section << endl;
1886 /* libmicrohttpd will close it. */
1887 if (result_fd)
1888 *result_fd = fd;
1889 }
1890
1891 return r;
1892 }
1893
1894 // For security/portability reasons, many distro-package archives have
1895 // a "./" in front of path names; others have nothing, others have
1896 // "/". Canonicalize them all to a single leading "/", with the
1897 // assumption that this matches the dwarf-derived file names too.
canonicalized_archive_entry_pathname(struct archive_entry * e)1898 string canonicalized_archive_entry_pathname(struct archive_entry *e)
1899 {
1900 string fn = archive_entry_pathname(e);
1901 if (fn.size() == 0)
1902 return fn;
1903 if (fn[0] == '/')
1904 return fn;
1905 if (fn[0] == '.')
1906 return fn.substr(1);
1907 else
1908 return string("/")+fn;
1909 }
1910
1911
1912
1913 static struct MHD_Response*
handle_buildid_r_match(bool internal_req_p,int64_t b_mtime,const string & b_source0,const string & b_source1,const string & section,int * result_fd)1914 handle_buildid_r_match (bool internal_req_p,
1915 int64_t b_mtime,
1916 const string& b_source0,
1917 const string& b_source1,
1918 const string& section,
1919 int *result_fd)
1920 {
1921 struct stat fs;
1922 int rc = stat (b_source0.c_str(), &fs);
1923 if (rc != 0)
1924 throw libc_exception (errno, string("stat ") + b_source0);
1925
1926 if ((int64_t) fs.st_mtime != b_mtime)
1927 {
1928 if (verbose)
1929 obatched(clog) << "mtime mismatch for " << b_source0 << endl;
1930 return 0;
1931 }
1932
1933 // check for a match in the fdcache first
1934 int fd = fdcache.lookup(b_source0, b_source1);
1935 while (fd >= 0) // got one!; NB: this is really an if() with a possible branch out to the end
1936 {
1937 rc = fstat(fd, &fs);
1938 if (rc < 0) // disappeared?
1939 {
1940 if (verbose)
1941 obatched(clog) << "cannot fstat fdcache " << b_source0 << endl;
1942 close(fd);
1943 fdcache.clear(b_source0, b_source1);
1944 break; // branch out of if "loop", to try new libarchive fetch attempt
1945 }
1946
1947 if (!section.empty ())
1948 {
1949 int scn_fd = extract_section (fd, fs.st_mtime,
1950 b_source0 + ":" + b_source1,
1951 section);
1952 close (fd);
1953 if (scn_fd >= 0)
1954 fd = scn_fd;
1955 else
1956 {
1957 if (verbose)
1958 obatched (clog) << "cannot find section " << section
1959 << " for archive " << b_source0
1960 << " file " << b_source1 << endl;
1961 return 0;
1962 }
1963
1964 rc = fstat(fd, &fs);
1965 if (rc < 0)
1966 {
1967 close (fd);
1968 throw libc_exception (errno,
1969 string ("fstat archive ") + b_source0 + string (" file ") + b_source1
1970 + string (" section ") + section);
1971 }
1972 }
1973
1974 struct MHD_Response* r = MHD_create_response_from_fd (fs.st_size, fd);
1975 if (r == 0)
1976 {
1977 if (verbose)
1978 obatched(clog) << "cannot create fd-response for " << b_source0 << endl;
1979 close(fd);
1980 break; // branch out of if "loop", to try new libarchive fetch attempt
1981 }
1982
1983 inc_metric ("http_responses_total","result","archive fdcache");
1984
1985 add_mhd_response_header (r, "Content-Type", "application/octet-stream");
1986 add_mhd_response_header (r, "X-DEBUGINFOD-SIZE",
1987 to_string(fs.st_size).c_str());
1988 add_mhd_response_header (r, "X-DEBUGINFOD-ARCHIVE", b_source0.c_str());
1989 add_mhd_response_header (r, "X-DEBUGINFOD-FILE", b_source1.c_str());
1990 add_mhd_last_modified (r, fs.st_mtime);
1991 if (verbose > 1)
1992 obatched(clog) << "serving fdcache archive " << b_source0
1993 << " file " << b_source1
1994 << " section=" << section << endl;
1995 /* libmicrohttpd will close it. */
1996 if (result_fd)
1997 *result_fd = fd;
1998 return r;
1999 // NB: see, we never go around the 'loop' more than once
2000 }
2001
2002 // no match ... grumble, must process the archive
2003 string archive_decoder = "/dev/null";
2004 string archive_extension = "";
2005 for (auto&& arch : scan_archives)
2006 if (string_endswith(b_source0, arch.first))
2007 {
2008 archive_extension = arch.first;
2009 archive_decoder = arch.second;
2010 }
2011 FILE* fp;
2012 defer_dtor<FILE*,int>::dtor_fn dfn;
2013 if (archive_decoder != "cat")
2014 {
2015 string popen_cmd = archive_decoder + " " + shell_escape(b_source0);
2016 fp = popen (popen_cmd.c_str(), "r"); // "e" O_CLOEXEC?
2017 dfn = pclose;
2018 if (fp == NULL)
2019 throw libc_exception (errno, string("popen ") + popen_cmd);
2020 }
2021 else
2022 {
2023 fp = fopen (b_source0.c_str(), "r");
2024 dfn = fclose;
2025 if (fp == NULL)
2026 throw libc_exception (errno, string("fopen ") + b_source0);
2027 }
2028 defer_dtor<FILE*,int> fp_closer (fp, dfn);
2029
2030 struct archive *a;
2031 a = archive_read_new();
2032 if (a == NULL)
2033 throw archive_exception("cannot create archive reader");
2034 defer_dtor<struct archive*,int> archive_closer (a, archive_read_free);
2035
2036 rc = archive_read_support_format_all(a);
2037 if (rc != ARCHIVE_OK)
2038 throw archive_exception(a, "cannot select all format");
2039 rc = archive_read_support_filter_all(a);
2040 if (rc != ARCHIVE_OK)
2041 throw archive_exception(a, "cannot select all filters");
2042
2043 rc = archive_read_open_FILE (a, fp);
2044 if (rc != ARCHIVE_OK)
2045 {
2046 obatched(clog) << "cannot open archive from pipe " << b_source0 << endl;
2047 throw archive_exception(a, "cannot open archive from pipe");
2048 }
2049
2050 // archive traversal is in three stages, no, four stages:
2051 // 1) skip entries whose names do not match the requested one
2052 // 2) extract the matching entry name (set r = result)
2053 // 3) extract some number of prefetched entries (just into fdcache)
2054 // 4) abort any further processing
2055 struct MHD_Response* r = 0; // will set in stage 2
2056 unsigned prefetch_count =
2057 internal_req_p ? 0 : fdcache_prefetch; // will decrement in stage 3
2058
2059 while(r == 0 || prefetch_count > 0) // stage 1, 2, or 3
2060 {
2061 if (interrupted)
2062 break;
2063
2064 struct archive_entry *e;
2065 rc = archive_read_next_header (a, &e);
2066 if (rc != ARCHIVE_OK)
2067 break;
2068
2069 if (! S_ISREG(archive_entry_mode (e))) // skip non-files completely
2070 continue;
2071
2072 string fn = canonicalized_archive_entry_pathname (e);
2073 if ((r == 0) && (fn != b_source1)) // stage 1
2074 continue;
2075
2076 if (fdcache.probe (b_source0, fn) && // skip if already interned
2077 fn != b_source1) // but only if we'd just be prefetching, PR29474
2078 continue;
2079
2080 // extract this file to a temporary file
2081 char* tmppath = NULL;
2082 rc = asprintf (&tmppath, "%s/debuginfod.XXXXXX", tmpdir.c_str());
2083 if (rc < 0)
2084 throw libc_exception (ENOMEM, "cannot allocate tmppath");
2085 defer_dtor<void*,void> tmmpath_freer (tmppath, free);
2086 fd = mkstemp (tmppath);
2087 if (fd < 0)
2088 throw libc_exception (errno, "cannot create temporary file");
2089 // NB: don't unlink (tmppath), as fdcache will take charge of it.
2090
2091 // NB: this can take many uninterruptible seconds for a huge file
2092 rc = archive_read_data_into_fd (a, fd);
2093 if (rc != ARCHIVE_OK) // e.g. ENOSPC!
2094 {
2095 close (fd);
2096 unlink (tmppath);
2097 throw archive_exception(a, "cannot extract file");
2098 }
2099
2100 // Set the mtime so the fdcache file mtimes, even prefetched ones,
2101 // propagate to future webapi clients.
2102 struct timespec tvs[2];
2103 tvs[0].tv_sec = 0;
2104 tvs[0].tv_nsec = UTIME_OMIT;
2105 tvs[1].tv_sec = archive_entry_mtime(e);
2106 tvs[1].tv_nsec = archive_entry_mtime_nsec(e);
2107 (void) futimens (fd, tvs); /* best effort */
2108
2109 if (r != 0) // stage 3
2110 {
2111 // NB: now we know we have a complete reusable file; make fdcache
2112 // responsible for unlinking it later.
2113 fdcache.intern(b_source0, fn,
2114 tmppath, archive_entry_size(e),
2115 false); // prefetched ones go to the prefetch cache
2116 prefetch_count --;
2117 close (fd); // we're not saving this fd to make a mhd-response from!
2118 continue;
2119 }
2120
2121 // NB: now we know we have a complete reusable file; make fdcache
2122 // responsible for unlinking it later.
2123 fdcache.intern(b_source0, b_source1,
2124 tmppath, archive_entry_size(e),
2125 true); // requested ones go to the front of lru
2126
2127 if (!section.empty ())
2128 {
2129 int scn_fd = extract_section (fd, b_mtime,
2130 b_source0 + ":" + b_source1,
2131 section);
2132 close (fd);
2133 if (scn_fd >= 0)
2134 fd = scn_fd;
2135 else
2136 {
2137 if (verbose)
2138 obatched (clog) << "cannot find section " << section
2139 << " for archive " << b_source0
2140 << " file " << b_source1 << endl;
2141 return 0;
2142 }
2143
2144 rc = fstat(fd, &fs);
2145 if (rc < 0)
2146 {
2147 close (fd);
2148 throw libc_exception (errno,
2149 string ("fstat ") + b_source0 + string (" ") + section);
2150 }
2151 r = MHD_create_response_from_fd (fs.st_size, fd);
2152 }
2153 else
2154 r = MHD_create_response_from_fd (archive_entry_size(e), fd);
2155
2156 inc_metric ("http_responses_total","result",archive_extension + " archive");
2157 if (r == 0)
2158 {
2159 if (verbose)
2160 obatched(clog) << "cannot create fd-response for " << b_source0 << endl;
2161 close(fd);
2162 break; // assume no chance of better luck around another iteration; no other copies of same file
2163 }
2164 else
2165 {
2166 add_mhd_response_header (r, "Content-Type",
2167 "application/octet-stream");
2168 add_mhd_response_header (r, "X-DEBUGINFOD-SIZE",
2169 to_string(archive_entry_size(e)).c_str());
2170 add_mhd_response_header (r, "X-DEBUGINFOD-ARCHIVE", b_source0.c_str());
2171 add_mhd_response_header (r, "X-DEBUGINFOD-FILE", b_source1.c_str());
2172 add_mhd_last_modified (r, archive_entry_mtime(e));
2173 if (verbose > 1)
2174 obatched(clog) << "serving archive " << b_source0
2175 << " file " << b_source1
2176 << " section=" << section << endl;
2177 /* libmicrohttpd will close it. */
2178 if (result_fd)
2179 *result_fd = fd;
2180 continue;
2181 }
2182 }
2183
2184 // XXX: rpm/file not found: delete this R entry?
2185 return r;
2186 }
2187
2188
2189 static struct MHD_Response*
handle_buildid_match(bool internal_req_p,int64_t b_mtime,const string & b_stype,const string & b_source0,const string & b_source1,const string & section,int * result_fd)2190 handle_buildid_match (bool internal_req_p,
2191 int64_t b_mtime,
2192 const string& b_stype,
2193 const string& b_source0,
2194 const string& b_source1,
2195 const string& section,
2196 int *result_fd)
2197 {
2198 try
2199 {
2200 if (b_stype == "F")
2201 return handle_buildid_f_match(internal_req_p, b_mtime, b_source0,
2202 section, result_fd);
2203 else if (b_stype == "R")
2204 return handle_buildid_r_match(internal_req_p, b_mtime, b_source0,
2205 b_source1, section, result_fd);
2206 }
2207 catch (const reportable_exception &e)
2208 {
2209 e.report(clog);
2210 // Report but swallow libc etc. errors here; let the caller
2211 // iterate to other matches of the content.
2212 }
2213
2214 return 0;
2215 }
2216
2217
2218 static int
debuginfod_find_progress(debuginfod_client *,long a,long b)2219 debuginfod_find_progress (debuginfod_client *, long a, long b)
2220 {
2221 if (verbose > 4)
2222 obatched(clog) << "federated debuginfod progress=" << a << "/" << b << endl;
2223
2224 return interrupted;
2225 }
2226
2227
2228 // a little lru pool of debuginfod_client*s for reuse between query threads
2229
2230 mutex dc_pool_lock;
2231 deque<debuginfod_client*> dc_pool;
2232
debuginfod_pool_begin()2233 debuginfod_client* debuginfod_pool_begin()
2234 {
2235 unique_lock<mutex> lock(dc_pool_lock);
2236 if (dc_pool.size() > 0)
2237 {
2238 inc_metric("dc_pool_op_count","op","begin-reuse");
2239 debuginfod_client *c = dc_pool.front();
2240 dc_pool.pop_front();
2241 return c;
2242 }
2243 inc_metric("dc_pool_op_count","op","begin-new");
2244 return debuginfod_begin();
2245 }
2246
2247
debuginfod_pool_groom()2248 void debuginfod_pool_groom()
2249 {
2250 unique_lock<mutex> lock(dc_pool_lock);
2251 while (dc_pool.size() > 0)
2252 {
2253 inc_metric("dc_pool_op_count","op","end");
2254 debuginfod_end(dc_pool.front());
2255 dc_pool.pop_front();
2256 }
2257 }
2258
2259
debuginfod_pool_end(debuginfod_client * c)2260 void debuginfod_pool_end(debuginfod_client* c)
2261 {
2262 unique_lock<mutex> lock(dc_pool_lock);
2263 inc_metric("dc_pool_op_count","op","end-save");
2264 dc_pool.push_front(c); // accelerate reuse, vs. push_back
2265 }
2266
2267
2268 static struct MHD_Response*
handle_buildid(MHD_Connection * conn,const string & buildid,string & artifacttype,const string & suffix,int * result_fd)2269 handle_buildid (MHD_Connection* conn,
2270 const string& buildid /* unsafe */,
2271 string& artifacttype /* unsafe, cleanse on exception/return */,
2272 const string& suffix /* unsafe */,
2273 int *result_fd)
2274 {
2275 // validate artifacttype
2276 string atype_code;
2277 if (artifacttype == "debuginfo") atype_code = "D";
2278 else if (artifacttype == "executable") atype_code = "E";
2279 else if (artifacttype == "source") atype_code = "S";
2280 else if (artifacttype == "section") atype_code = "I";
2281 else {
2282 artifacttype = "invalid"; // PR28242 ensure http_resposes metrics don't propagate unclean user data
2283 throw reportable_exception("invalid artifacttype");
2284 }
2285
2286 if (conn != 0)
2287 inc_metric("http_requests_total", "type", artifacttype);
2288
2289 string section;
2290 if (atype_code == "I")
2291 {
2292 if (suffix.size () < 2)
2293 throw reportable_exception ("invalid section suffix");
2294
2295 // Remove leading '/'
2296 section = suffix.substr(1);
2297 }
2298
2299 if (atype_code == "S" && suffix == "")
2300 throw reportable_exception("invalid source suffix");
2301
2302 // validate buildid
2303 if ((buildid.size() < 2) || // not empty
2304 (buildid.size() % 2) || // even number
2305 (buildid.find_first_not_of("0123456789abcdef") != string::npos)) // pure tasty lowercase hex
2306 throw reportable_exception("invalid buildid");
2307
2308 if (verbose > 1)
2309 obatched(clog) << "searching for buildid=" << buildid << " artifacttype=" << artifacttype
2310 << " suffix=" << suffix << endl;
2311
2312 // If invoked from the scanner threads, use the scanners' read-write
2313 // connection. Otherwise use the web query threads' read-only connection.
2314 sqlite3 *thisdb = (conn == 0) ? db : dbq;
2315
2316 sqlite_ps *pp = 0;
2317
2318 if (atype_code == "D")
2319 {
2320 pp = new sqlite_ps (thisdb, "mhd-query-d",
2321 "select mtime, sourcetype, source0, source1 from " BUILDIDS "_query_d where buildid = ? "
2322 "order by mtime desc");
2323 pp->reset();
2324 pp->bind(1, buildid);
2325 }
2326 else if (atype_code == "E")
2327 {
2328 pp = new sqlite_ps (thisdb, "mhd-query-e",
2329 "select mtime, sourcetype, source0, source1 from " BUILDIDS "_query_e where buildid = ? "
2330 "order by mtime desc");
2331 pp->reset();
2332 pp->bind(1, buildid);
2333 }
2334 else if (atype_code == "S")
2335 {
2336 // PR25548
2337 // Incoming source queries may come in with either dwarf-level OR canonicalized paths.
2338 // We let the query pass with either one.
2339
2340 pp = new sqlite_ps (thisdb, "mhd-query-s",
2341 "select mtime, sourcetype, source0, source1 from " BUILDIDS "_query_s where buildid = ? and artifactsrc in (?,?) "
2342 "order by sharedprefix(source0,source0ref) desc, mtime desc");
2343 pp->reset();
2344 pp->bind(1, buildid);
2345 // NB: we don't store the non-canonicalized path names any more, but old databases
2346 // might have them (and no canon ones), so we keep searching for both.
2347 pp->bind(2, suffix);
2348 pp->bind(3, canon_pathname(suffix));
2349 }
2350 else if (atype_code == "I")
2351 {
2352 pp = new sqlite_ps (thisdb, "mhd-query-i",
2353 "select mtime, sourcetype, source0, source1, 1 as debug_p from " BUILDIDS "_query_d where buildid = ? "
2354 "union all "
2355 "select mtime, sourcetype, source0, source1, 0 as debug_p from " BUILDIDS "_query_e where buildid = ? "
2356 "order by debug_p desc, mtime desc");
2357 pp->reset();
2358 pp->bind(1, buildid);
2359 pp->bind(2, buildid);
2360 }
2361 unique_ptr<sqlite_ps> ps_closer(pp); // release pp if exception or return
2362
2363 bool do_upstream_section_query = true;
2364
2365 // consume all the rows
2366 while (1)
2367 {
2368 int rc = pp->step();
2369 if (rc == SQLITE_DONE) break;
2370 if (rc != SQLITE_ROW)
2371 throw sqlite_exception(rc, "step");
2372
2373 int64_t b_mtime = sqlite3_column_int64 (*pp, 0);
2374 string b_stype = string((const char*) sqlite3_column_text (*pp, 1) ?: ""); /* by DDL may not be NULL */
2375 string b_source0 = string((const char*) sqlite3_column_text (*pp, 2) ?: ""); /* may be NULL */
2376 string b_source1 = string((const char*) sqlite3_column_text (*pp, 3) ?: ""); /* may be NULL */
2377
2378 if (verbose > 1)
2379 obatched(clog) << "found mtime=" << b_mtime << " stype=" << b_stype
2380 << " source0=" << b_source0 << " source1=" << b_source1 << endl;
2381
2382 // Try accessing the located match.
2383 // XXX: in case of multiple matches, attempt them in parallel?
2384 auto r = handle_buildid_match (conn ? false : true,
2385 b_mtime, b_stype, b_source0, b_source1,
2386 section, result_fd);
2387 if (r)
2388 return r;
2389
2390 // If a debuginfo file matching BUILDID was found but didn't contain
2391 // the desired section, then the section should not exist. Don't
2392 // bother querying upstream servers.
2393 if (!section.empty () && (sqlite3_column_int (*pp, 4) == 1))
2394 {
2395 struct stat st;
2396
2397 // For "F" sourcetype, check if the debuginfo exists. For "R"
2398 // sourcetype, check if the debuginfo was interned into the fdcache.
2399 if ((b_stype == "F" && (stat (b_source0.c_str (), &st) == 0))
2400 || (b_stype == "R" && fdcache.probe (b_source0, b_source1)))
2401 do_upstream_section_query = false;
2402 }
2403 }
2404 pp->reset();
2405
2406 if (!do_upstream_section_query)
2407 throw reportable_exception(MHD_HTTP_NOT_FOUND, "not found");
2408
2409 // We couldn't find it in the database. Last ditch effort
2410 // is to defer to other debuginfo servers.
2411
2412 int fd = -1;
2413 debuginfod_client *client = debuginfod_pool_begin ();
2414 if (client == NULL)
2415 throw libc_exception(errno, "debuginfod client pool alloc");
2416 defer_dtor<debuginfod_client*,void> client_closer (client, debuginfod_pool_end);
2417
2418 debuginfod_set_progressfn (client, & debuginfod_find_progress);
2419
2420 if (conn)
2421 {
2422 // Transcribe incoming User-Agent:
2423 string ua = MHD_lookup_connection_value (conn, MHD_HEADER_KIND, "User-Agent") ?: "";
2424 string ua_complete = string("User-Agent: ") + ua;
2425 debuginfod_add_http_header (client, ua_complete.c_str());
2426
2427 // Compute larger XFF:, for avoiding info loss during
2428 // federation, and for future cyclicity detection.
2429 string xff = MHD_lookup_connection_value (conn, MHD_HEADER_KIND, "X-Forwarded-For") ?: "";
2430 if (xff != "")
2431 xff += string(", "); // comma separated list
2432
2433 unsigned int xff_count = 0;
2434 for (auto&& i : xff){
2435 if (i == ',') xff_count++;
2436 }
2437
2438 // if X-Forwarded-For: exceeds N hops,
2439 // do not delegate a local lookup miss to upstream debuginfods.
2440 if (xff_count >= forwarded_ttl_limit)
2441 throw reportable_exception(MHD_HTTP_NOT_FOUND, "not found, --forwared-ttl-limit reached \
2442 and will not query the upstream servers");
2443
2444 // Compute the client's numeric IP address only - so can't merge with conninfo()
2445 const union MHD_ConnectionInfo *u = MHD_get_connection_info (conn,
2446 MHD_CONNECTION_INFO_CLIENT_ADDRESS);
2447 struct sockaddr *so = u ? u->client_addr : 0;
2448 char hostname[256] = ""; // RFC1035
2449 if (so && so->sa_family == AF_INET) {
2450 (void) getnameinfo (so, sizeof (struct sockaddr_in), hostname, sizeof (hostname), NULL, 0,
2451 NI_NUMERICHOST);
2452 } else if (so && so->sa_family == AF_INET6) {
2453 struct sockaddr_in6* addr6 = (struct sockaddr_in6*) so;
2454 if (IN6_IS_ADDR_V4MAPPED(&addr6->sin6_addr)) {
2455 struct sockaddr_in addr4;
2456 memset (&addr4, 0, sizeof(addr4));
2457 addr4.sin_family = AF_INET;
2458 addr4.sin_port = addr6->sin6_port;
2459 memcpy (&addr4.sin_addr.s_addr, addr6->sin6_addr.s6_addr+12, sizeof(addr4.sin_addr.s_addr));
2460 (void) getnameinfo ((struct sockaddr*) &addr4, sizeof (addr4),
2461 hostname, sizeof (hostname), NULL, 0,
2462 NI_NUMERICHOST);
2463 } else {
2464 (void) getnameinfo (so, sizeof (struct sockaddr_in6), hostname, sizeof (hostname), NULL, 0,
2465 NI_NUMERICHOST);
2466 }
2467 }
2468
2469 string xff_complete = string("X-Forwarded-For: ")+xff+string(hostname);
2470 debuginfod_add_http_header (client, xff_complete.c_str());
2471 }
2472
2473 if (artifacttype == "debuginfo")
2474 fd = debuginfod_find_debuginfo (client,
2475 (const unsigned char*) buildid.c_str(),
2476 0, NULL);
2477 else if (artifacttype == "executable")
2478 fd = debuginfod_find_executable (client,
2479 (const unsigned char*) buildid.c_str(),
2480 0, NULL);
2481 else if (artifacttype == "source")
2482 fd = debuginfod_find_source (client,
2483 (const unsigned char*) buildid.c_str(),
2484 0, suffix.c_str(), NULL);
2485 else if (artifacttype == "section")
2486 fd = debuginfod_find_section (client,
2487 (const unsigned char*) buildid.c_str(),
2488 0, section.c_str(), NULL);
2489
2490 if (fd >= 0)
2491 {
2492 if (conn != 0)
2493 inc_metric ("http_responses_total","result","upstream");
2494 struct stat s;
2495 int rc = fstat (fd, &s);
2496 if (rc == 0)
2497 {
2498 auto r = MHD_create_response_from_fd ((uint64_t) s.st_size, fd);
2499 if (r)
2500 {
2501 add_mhd_response_header (r, "Content-Type",
2502 "application/octet-stream");
2503 // Copy the incoming headers
2504 const char * hdrs = debuginfod_get_headers(client);
2505 string header_dup;
2506 if (hdrs)
2507 header_dup = string(hdrs);
2508 // Parse the "header: value\n" lines into (h,v) tuples and pass on
2509 while(1)
2510 {
2511 size_t newline = header_dup.find('\n');
2512 if (newline == string::npos) break;
2513 size_t colon = header_dup.find(':');
2514 if (colon == string::npos) break;
2515 string header = header_dup.substr(0,colon);
2516 string value = header_dup.substr(colon+1,newline-colon-1);
2517 // strip leading spaces from value
2518 size_t nonspace = value.find_first_not_of(" ");
2519 if (nonspace != string::npos)
2520 value = value.substr(nonspace);
2521 add_mhd_response_header(r, header.c_str(), value.c_str());
2522 header_dup = header_dup.substr(newline+1);
2523 }
2524
2525 add_mhd_last_modified (r, s.st_mtime);
2526 if (verbose > 1)
2527 obatched(clog) << "serving file from upstream debuginfod/cache" << endl;
2528 if (result_fd)
2529 *result_fd = fd;
2530 return r; // NB: don't close fd; libmicrohttpd will
2531 }
2532 }
2533 close (fd);
2534 }
2535 else
2536 switch(fd)
2537 {
2538 case -ENOSYS:
2539 break;
2540 case -ENOENT:
2541 break;
2542 default: // some more tricky error
2543 throw libc_exception(-fd, "upstream debuginfod query failed");
2544 }
2545
2546 throw reportable_exception(MHD_HTTP_NOT_FOUND, "not found");
2547 }
2548
2549
2550 ////////////////////////////////////////////////////////////////////////
2551
2552 static map<string,double> metrics; // arbitrary data for /metrics query
2553 // NB: store int64_t since all our metrics are integers; prometheus accepts double
2554 static mutex metrics_lock;
2555 // NB: these objects get released during the process exit via global dtors
2556 // do not call them from within other global dtors
2557
2558 // utility function for assembling prometheus-compatible
2559 // name="escaped-value" strings
2560 // https://prometheus.io/docs/instrumenting/exposition_formats/
2561 static string
metric_label(const string & name,const string & value)2562 metric_label(const string& name, const string& value)
2563 {
2564 string x = name + "=\"";
2565 for (auto&& c : value)
2566 switch(c)
2567 {
2568 case '\\': x += "\\\\"; break;
2569 case '\"': x += "\\\""; break;
2570 case '\n': x += "\\n"; break;
2571 default: x += c; break;
2572 }
2573 x += "\"";
2574 return x;
2575 }
2576
2577
2578 // add prometheus-format metric name + label tuple (if any) + value
2579
2580 static void
set_metric(const string & metric,double value)2581 set_metric(const string& metric, double value)
2582 {
2583 unique_lock<mutex> lock(metrics_lock);
2584 metrics[metric] = value;
2585 }
2586 #if 0 /* unused */
2587 static void
2588 inc_metric(const string& metric)
2589 {
2590 unique_lock<mutex> lock(metrics_lock);
2591 metrics[metric] ++;
2592 }
2593 #endif
2594 static void
set_metric(const string & metric,const string & lname,const string & lvalue,double value)2595 set_metric(const string& metric,
2596 const string& lname, const string& lvalue,
2597 double value)
2598 {
2599 string key = (metric + "{" + metric_label(lname, lvalue) + "}");
2600 unique_lock<mutex> lock(metrics_lock);
2601 metrics[key] = value;
2602 }
2603
2604 static void
inc_metric(const string & metric,const string & lname,const string & lvalue)2605 inc_metric(const string& metric,
2606 const string& lname, const string& lvalue)
2607 {
2608 string key = (metric + "{" + metric_label(lname, lvalue) + "}");
2609 unique_lock<mutex> lock(metrics_lock);
2610 metrics[key] ++;
2611 }
2612 static void
add_metric(const string & metric,const string & lname,const string & lvalue,double value)2613 add_metric(const string& metric,
2614 const string& lname, const string& lvalue,
2615 double value)
2616 {
2617 string key = (metric + "{" + metric_label(lname, lvalue) + "}");
2618 unique_lock<mutex> lock(metrics_lock);
2619 metrics[key] += value;
2620 }
2621 #if 0
2622 static void
2623 add_metric(const string& metric,
2624 double value)
2625 {
2626 unique_lock<mutex> lock(metrics_lock);
2627 metrics[metric] += value;
2628 }
2629 #endif
2630
2631
2632 // and more for higher arity labels if needed
2633
2634 static void
inc_metric(const string & metric,const string & lname,const string & lvalue,const string & rname,const string & rvalue)2635 inc_metric(const string& metric,
2636 const string& lname, const string& lvalue,
2637 const string& rname, const string& rvalue)
2638 {
2639 string key = (metric + "{"
2640 + metric_label(lname, lvalue) + ","
2641 + metric_label(rname, rvalue) + "}");
2642 unique_lock<mutex> lock(metrics_lock);
2643 metrics[key] ++;
2644 }
2645 static void
add_metric(const string & metric,const string & lname,const string & lvalue,const string & rname,const string & rvalue,double value)2646 add_metric(const string& metric,
2647 const string& lname, const string& lvalue,
2648 const string& rname, const string& rvalue,
2649 double value)
2650 {
2651 string key = (metric + "{"
2652 + metric_label(lname, lvalue) + ","
2653 + metric_label(rname, rvalue) + "}");
2654 unique_lock<mutex> lock(metrics_lock);
2655 metrics[key] += value;
2656 }
2657
2658 static struct MHD_Response*
handle_metrics(off_t * size)2659 handle_metrics (off_t* size)
2660 {
2661 stringstream o;
2662 {
2663 unique_lock<mutex> lock(metrics_lock);
2664 for (auto&& i : metrics)
2665 o << i.first
2666 << " "
2667 << std::setprecision(std::numeric_limits<double>::digits10 + 1)
2668 << i.second
2669 << endl;
2670 }
2671 const string& os = o.str();
2672 MHD_Response* r = MHD_create_response_from_buffer (os.size(),
2673 (void*) os.c_str(),
2674 MHD_RESPMEM_MUST_COPY);
2675 if (r != NULL)
2676 {
2677 *size = os.size();
2678 add_mhd_response_header (r, "Content-Type", "text/plain");
2679 }
2680 return r;
2681 }
2682
2683 static struct MHD_Response*
handle_root(off_t * size)2684 handle_root (off_t* size)
2685 {
2686 static string version = "debuginfod (" + string (PACKAGE_NAME) + ") "
2687 + string (PACKAGE_VERSION);
2688 MHD_Response* r = MHD_create_response_from_buffer (version.size (),
2689 (void *) version.c_str (),
2690 MHD_RESPMEM_PERSISTENT);
2691 if (r != NULL)
2692 {
2693 *size = version.size ();
2694 add_mhd_response_header (r, "Content-Type", "text/plain");
2695 }
2696 return r;
2697 }
2698
2699
2700 ////////////////////////////////////////////////////////////////////////
2701
2702
2703 /* libmicrohttpd callback */
2704 static MHD_RESULT
handler_cb(void *,struct MHD_Connection * connection,const char * url,const char * method,const char *,const char *,size_t *,void ** ptr)2705 handler_cb (void * /*cls*/,
2706 struct MHD_Connection *connection,
2707 const char *url,
2708 const char *method,
2709 const char * /*version*/,
2710 const char * /*upload_data*/,
2711 size_t * /*upload_data_size*/,
2712 void ** ptr)
2713 {
2714 struct MHD_Response *r = NULL;
2715 string url_copy = url;
2716
2717 /* libmicrohttpd always makes (at least) two callbacks: once just
2718 past the headers, and one after the request body is finished
2719 being received. If we process things early (first callback) and
2720 queue a response, libmicrohttpd would suppress http keep-alive
2721 (via connection->read_closed = true). */
2722 static int aptr; /* just some random object to use as a flag */
2723 if (&aptr != *ptr)
2724 {
2725 /* do never respond on first call */
2726 *ptr = &aptr;
2727 return MHD_YES;
2728 }
2729 *ptr = NULL; /* reset when done */
2730
2731 const char *maxsize_string = MHD_lookup_connection_value(connection, MHD_HEADER_KIND, "X-DEBUGINFOD-MAXSIZE");
2732 long maxsize = 0;
2733 if (maxsize_string != NULL && maxsize_string[0] != '\0')
2734 maxsize = atol(maxsize_string);
2735 else
2736 maxsize = 0;
2737
2738 #if MHD_VERSION >= 0x00097002
2739 enum MHD_Result rc;
2740 #else
2741 int rc = MHD_NO; // mhd
2742 #endif
2743 int http_code = 500;
2744 off_t http_size = -1;
2745 struct timespec ts_start, ts_end;
2746 clock_gettime (CLOCK_MONOTONIC, &ts_start);
2747 double afteryou = 0.0;
2748 string artifacttype, suffix;
2749
2750 try
2751 {
2752 if (string(method) != "GET")
2753 throw reportable_exception(400, "we support GET only");
2754
2755 /* Start decoding the URL. */
2756 size_t slash1 = url_copy.find('/', 1);
2757 string url1 = url_copy.substr(0, slash1); // ok even if slash1 not found
2758
2759 if (slash1 != string::npos && url1 == "/buildid")
2760 {
2761 // PR27863: block this thread awhile if another thread is already busy
2762 // fetching the exact same thing. This is better for Everyone.
2763 // The latecomer says "... after you!" and waits.
2764 add_metric ("thread_busy", "role", "http-buildid-after-you", 1);
2765 #ifdef HAVE_PTHREAD_SETNAME_NP
2766 (void) pthread_setname_np (pthread_self(), "mhd-buildid-after-you");
2767 #endif
2768 struct timespec tsay_start, tsay_end;
2769 clock_gettime (CLOCK_MONOTONIC, &tsay_start);
2770 static unique_set<string> busy_urls;
2771 unique_set_reserver<string> after_you(busy_urls, url_copy);
2772 clock_gettime (CLOCK_MONOTONIC, &tsay_end);
2773 afteryou = (tsay_end.tv_sec - tsay_start.tv_sec) + (tsay_end.tv_nsec - tsay_start.tv_nsec)/1.e9;
2774 add_metric ("thread_busy", "role", "http-buildid-after-you", -1);
2775
2776 tmp_inc_metric m ("thread_busy", "role", "http-buildid");
2777 #ifdef HAVE_PTHREAD_SETNAME_NP
2778 (void) pthread_setname_np (pthread_self(), "mhd-buildid");
2779 #endif
2780 size_t slash2 = url_copy.find('/', slash1+1);
2781 if (slash2 == string::npos)
2782 throw reportable_exception("/buildid/ webapi error, need buildid");
2783
2784 string buildid = url_copy.substr(slash1+1, slash2-slash1-1);
2785
2786 size_t slash3 = url_copy.find('/', slash2+1);
2787
2788 if (slash3 == string::npos)
2789 {
2790 artifacttype = url_copy.substr(slash2+1);
2791 suffix = "";
2792 }
2793 else
2794 {
2795 artifacttype = url_copy.substr(slash2+1, slash3-slash2-1);
2796 suffix = url_copy.substr(slash3); // include the slash in the suffix
2797 }
2798
2799 // get the resulting fd so we can report its size
2800 int fd;
2801 r = handle_buildid(connection, buildid, artifacttype, suffix, &fd);
2802 if (r)
2803 {
2804 struct stat fs;
2805 if (fstat(fd, &fs) == 0)
2806 http_size = fs.st_size;
2807 // libmicrohttpd will close (fd);
2808 }
2809 }
2810 else if (url1 == "/metrics")
2811 {
2812 tmp_inc_metric m ("thread_busy", "role", "http-metrics");
2813 artifacttype = "metrics";
2814 inc_metric("http_requests_total", "type", artifacttype);
2815 r = handle_metrics(& http_size);
2816 }
2817 else if (url1 == "/")
2818 {
2819 artifacttype = "/";
2820 inc_metric("http_requests_total", "type", artifacttype);
2821 r = handle_root(& http_size);
2822 }
2823 else
2824 throw reportable_exception("webapi error, unrecognized '" + url1 + "'");
2825
2826 if (r == 0)
2827 throw reportable_exception("internal error, missing response");
2828
2829 if (maxsize > 0 && http_size > maxsize)
2830 {
2831 MHD_destroy_response(r);
2832 throw reportable_exception(406, "File too large, max size=" + std::to_string(maxsize));
2833 }
2834
2835 rc = MHD_queue_response (connection, MHD_HTTP_OK, r);
2836 http_code = MHD_HTTP_OK;
2837 MHD_destroy_response (r);
2838 }
2839 catch (const reportable_exception& e)
2840 {
2841 inc_metric("http_responses_total","result","error");
2842 e.report(clog);
2843 http_code = e.code;
2844 http_size = e.message.size();
2845 rc = e.mhd_send_response (connection);
2846 }
2847
2848 clock_gettime (CLOCK_MONOTONIC, &ts_end);
2849 double deltas = (ts_end.tv_sec - ts_start.tv_sec) + (ts_end.tv_nsec - ts_start.tv_nsec)/1.e9;
2850 // afteryou: delay waiting for other client's identical query to complete
2851 // deltas: total latency, including afteryou waiting
2852 obatched(clog) << conninfo(connection)
2853 << ' ' << method << ' ' << url
2854 << ' ' << http_code << ' ' << http_size
2855 << ' ' << (int)(afteryou*1000) << '+' << (int)((deltas-afteryou)*1000) << "ms"
2856 << endl;
2857
2858 // related prometheus metrics
2859 string http_code_str = to_string(http_code);
2860 add_metric("http_responses_transfer_bytes_sum",
2861 "code", http_code_str, "type", artifacttype, http_size);
2862 inc_metric("http_responses_transfer_bytes_count",
2863 "code", http_code_str, "type", artifacttype);
2864
2865 add_metric("http_responses_duration_milliseconds_sum",
2866 "code", http_code_str, "type", artifacttype, deltas*1000); // prometheus prefers _seconds and floating point
2867 inc_metric("http_responses_duration_milliseconds_count",
2868 "code", http_code_str, "type", artifacttype);
2869
2870 add_metric("http_responses_after_you_milliseconds_sum",
2871 "code", http_code_str, "type", artifacttype, afteryou*1000);
2872 inc_metric("http_responses_after_you_milliseconds_count",
2873 "code", http_code_str, "type", artifacttype);
2874
2875 return rc;
2876 }
2877
2878
2879 ////////////////////////////////////////////////////////////////////////
2880 // borrowed originally from src/nm.c get_local_names()
2881
2882 static void
dwarf_extract_source_paths(Elf * elf,set<string> & debug_sourcefiles)2883 dwarf_extract_source_paths (Elf *elf, set<string>& debug_sourcefiles)
2884 noexcept // no exceptions - so we can simplify the altdbg resource release at end
2885 {
2886 Dwarf* dbg = dwarf_begin_elf (elf, DWARF_C_READ, NULL);
2887 if (dbg == NULL)
2888 return;
2889
2890 Dwarf* altdbg = NULL;
2891 int altdbg_fd = -1;
2892
2893 // DWZ handling: if we have an unsatisfied debug-alt-link, add an
2894 // empty string into the outgoing sourcefiles set, so the caller
2895 // should know that our data is incomplete.
2896 const char *alt_name_p;
2897 const void *alt_build_id; // elfutils-owned memory
2898 ssize_t sz = dwelf_dwarf_gnu_debugaltlink (dbg, &alt_name_p, &alt_build_id);
2899 if (sz > 0) // got one!
2900 {
2901 string buildid;
2902 unsigned char* build_id_bytes = (unsigned char*) alt_build_id;
2903 for (ssize_t idx=0; idx<sz; idx++)
2904 {
2905 buildid += "0123456789abcdef"[build_id_bytes[idx] >> 4];
2906 buildid += "0123456789abcdef"[build_id_bytes[idx] & 0xf];
2907 }
2908
2909 if (verbose > 3)
2910 obatched(clog) << "Need altdebug buildid=" << buildid << endl;
2911
2912 // but is it unsatisfied the normal elfutils ways?
2913 Dwarf* alt = dwarf_getalt (dbg);
2914 if (alt == NULL)
2915 {
2916 // Yup, unsatisfied the normal way. Maybe we can satisfy it
2917 // from our own debuginfod database.
2918 int alt_fd;
2919 struct MHD_Response *r = 0;
2920 try
2921 {
2922 string artifacttype = "debuginfo";
2923 r = handle_buildid (0, buildid, artifacttype, "", &alt_fd);
2924 }
2925 catch (const reportable_exception& e)
2926 {
2927 // swallow exceptions
2928 }
2929
2930 // NB: this is not actually recursive! This invokes the web-query
2931 // path, which cannot get back into the scan code paths.
2932 if (r)
2933 {
2934 // Found it!
2935 altdbg_fd = dup(alt_fd); // ok if this fails, downstream failures ok
2936 alt = altdbg = dwarf_begin (altdbg_fd, DWARF_C_READ);
2937 // NB: must close this dwarf and this fd at the bottom of the function!
2938 MHD_destroy_response (r); // will close alt_fd
2939 if (alt)
2940 dwarf_setalt (dbg, alt);
2941 }
2942 }
2943 else
2944 {
2945 // NB: dwarf_setalt(alt) inappropriate - already done!
2946 // NB: altdbg will stay 0 so nothing tries to redundantly dealloc.
2947 }
2948
2949 if (alt)
2950 {
2951 if (verbose > 3)
2952 obatched(clog) << "Resolved altdebug buildid=" << buildid << endl;
2953 }
2954 else // (alt == NULL) - signal possible presence of poor debuginfo
2955 {
2956 debug_sourcefiles.insert("");
2957 if (verbose > 3)
2958 obatched(clog) << "Unresolved altdebug buildid=" << buildid << endl;
2959 }
2960 }
2961
2962 Dwarf_Off offset = 0;
2963 Dwarf_Off old_offset;
2964 size_t hsize;
2965
2966 while (dwarf_nextcu (dbg, old_offset = offset, &offset, &hsize, NULL, NULL, NULL) == 0)
2967 {
2968 Dwarf_Die cudie_mem;
2969 Dwarf_Die *cudie = dwarf_offdie (dbg, old_offset + hsize, &cudie_mem);
2970
2971 if (cudie == NULL)
2972 continue;
2973 if (dwarf_tag (cudie) != DW_TAG_compile_unit)
2974 continue;
2975
2976 const char *cuname = dwarf_diename(cudie) ?: "unknown";
2977
2978 Dwarf_Files *files;
2979 size_t nfiles;
2980 if (dwarf_getsrcfiles (cudie, &files, &nfiles) != 0)
2981 continue;
2982
2983 // extract DW_AT_comp_dir to resolve relative file names
2984 const char *comp_dir = "";
2985 const char *const *dirs;
2986 size_t ndirs;
2987 if (dwarf_getsrcdirs (files, &dirs, &ndirs) == 0 &&
2988 dirs[0] != NULL)
2989 comp_dir = dirs[0];
2990 if (comp_dir == NULL)
2991 comp_dir = "";
2992
2993 if (verbose > 3)
2994 obatched(clog) << "searching for sources for cu=" << cuname << " comp_dir=" << comp_dir
2995 << " #files=" << nfiles << " #dirs=" << ndirs << endl;
2996
2997 if (comp_dir[0] == '\0' && cuname[0] != '/')
2998 {
2999 // This is a common symptom for dwz-compressed debug files,
3000 // where the altdebug file cannot be resolved.
3001 if (verbose > 3)
3002 obatched(clog) << "skipping cu=" << cuname << " due to empty comp_dir" << endl;
3003 continue;
3004 }
3005
3006 for (size_t f = 1; f < nfiles; f++)
3007 {
3008 const char *hat = dwarf_filesrc (files, f, NULL, NULL);
3009 if (hat == NULL)
3010 continue;
3011
3012 if (string(hat) == "<built-in>") // gcc intrinsics, don't bother record
3013 continue;
3014
3015 string waldo;
3016 if (hat[0] == '/') // absolute
3017 waldo = (string (hat));
3018 else if (comp_dir[0] != '\0') // comp_dir relative
3019 waldo = (string (comp_dir) + string("/") + string (hat));
3020 else
3021 {
3022 if (verbose > 3)
3023 obatched(clog) << "skipping hat=" << hat << " due to empty comp_dir" << endl;
3024 continue;
3025 }
3026
3027 // NB: this is the 'waldo' that a dbginfo client will have
3028 // to supply for us to give them the file The comp_dir
3029 // prefixing is a definite complication. Otherwise we'd
3030 // have to return a setof comp_dirs (one per CU!) with
3031 // corresponding filesrc[] names, instead of one absolute
3032 // resoved set. Maybe we'll have to do that anyway. XXX
3033
3034 if (verbose > 4)
3035 obatched(clog) << waldo
3036 << (debug_sourcefiles.find(waldo)==debug_sourcefiles.end() ? " new" : " dup") << endl;
3037
3038 debug_sourcefiles.insert (waldo);
3039 }
3040 }
3041
3042 dwarf_end(dbg);
3043 if (altdbg)
3044 dwarf_end(altdbg);
3045 if (altdbg_fd >= 0)
3046 close(altdbg_fd);
3047 }
3048
3049
3050
3051 static void
elf_classify(int fd,bool & executable_p,bool & debuginfo_p,string & buildid,set<string> & debug_sourcefiles)3052 elf_classify (int fd, bool &executable_p, bool &debuginfo_p, string &buildid, set<string>& debug_sourcefiles)
3053 {
3054 Elf *elf = elf_begin (fd, ELF_C_READ_MMAP_PRIVATE, NULL);
3055 if (elf == NULL)
3056 return;
3057
3058 try // catch our types of errors and clean up the Elf* object
3059 {
3060 if (elf_kind (elf) != ELF_K_ELF)
3061 {
3062 elf_end (elf);
3063 return;
3064 }
3065
3066 GElf_Ehdr ehdr_storage;
3067 GElf_Ehdr *ehdr = gelf_getehdr (elf, &ehdr_storage);
3068 if (ehdr == NULL)
3069 {
3070 elf_end (elf);
3071 return;
3072 }
3073 auto elf_type = ehdr->e_type;
3074
3075 const void *build_id; // elfutils-owned memory
3076 ssize_t sz = dwelf_elf_gnu_build_id (elf, & build_id);
3077 if (sz <= 0)
3078 {
3079 // It's not a diagnostic-worthy error for an elf file to lack build-id.
3080 // It might just be very old.
3081 elf_end (elf);
3082 return;
3083 }
3084
3085 // build_id is a raw byte array; convert to hexadecimal *lowercase*
3086 unsigned char* build_id_bytes = (unsigned char*) build_id;
3087 for (ssize_t idx=0; idx<sz; idx++)
3088 {
3089 buildid += "0123456789abcdef"[build_id_bytes[idx] >> 4];
3090 buildid += "0123456789abcdef"[build_id_bytes[idx] & 0xf];
3091 }
3092
3093 // now decide whether it's an executable - namely, any allocatable section has
3094 // PROGBITS;
3095 if (elf_type == ET_EXEC || elf_type == ET_DYN)
3096 {
3097 size_t shnum;
3098 int rc = elf_getshdrnum (elf, &shnum);
3099 if (rc < 0)
3100 throw elfutils_exception(rc, "getshdrnum");
3101
3102 executable_p = false;
3103 for (size_t sc = 0; sc < shnum; sc++)
3104 {
3105 Elf_Scn *scn = elf_getscn (elf, sc);
3106 if (scn == NULL)
3107 continue;
3108
3109 GElf_Shdr shdr_mem;
3110 GElf_Shdr *shdr = gelf_getshdr (scn, &shdr_mem);
3111 if (shdr == NULL)
3112 continue;
3113
3114 // allocated (loadable / vm-addr-assigned) section with available content?
3115 if ((shdr->sh_type == SHT_PROGBITS) && (shdr->sh_flags & SHF_ALLOC))
3116 {
3117 if (verbose > 4)
3118 obatched(clog) << "executable due to SHF_ALLOC SHT_PROGBITS sc=" << sc << endl;
3119 executable_p = true;
3120 break; // no need to keep looking for others
3121 }
3122 } // iterate over sections
3123 } // executable_p classification
3124
3125 // now decide whether it's a debuginfo - namely, if it has any .debug* or .zdebug* sections
3126 // logic mostly stolen from fweimer@redhat.com's elfclassify drafts
3127 size_t shstrndx;
3128 int rc = elf_getshdrstrndx (elf, &shstrndx);
3129 if (rc < 0)
3130 throw elfutils_exception(rc, "getshdrstrndx");
3131
3132 Elf_Scn *scn = NULL;
3133 bool symtab_p = false;
3134 bool bits_alloc_p = false;
3135 while (true)
3136 {
3137 scn = elf_nextscn (elf, scn);
3138 if (scn == NULL)
3139 break;
3140 GElf_Shdr shdr_storage;
3141 GElf_Shdr *shdr = gelf_getshdr (scn, &shdr_storage);
3142 if (shdr == NULL)
3143 break;
3144 const char *section_name = elf_strptr (elf, shstrndx, shdr->sh_name);
3145 if (section_name == NULL)
3146 break;
3147 if (startswith (section_name, ".debug_line") ||
3148 startswith (section_name, ".zdebug_line"))
3149 {
3150 debuginfo_p = true;
3151 if (scan_source_info)
3152 dwarf_extract_source_paths (elf, debug_sourcefiles);
3153 break; // expecting only one .*debug_line, so no need to look for others
3154 }
3155 else if (startswith (section_name, ".debug_") ||
3156 startswith (section_name, ".zdebug_"))
3157 {
3158 debuginfo_p = true;
3159 // NB: don't break; need to parse .debug_line for sources
3160 }
3161 else if (shdr->sh_type == SHT_SYMTAB)
3162 {
3163 symtab_p = true;
3164 }
3165 else if (shdr->sh_type != SHT_NOBITS
3166 && shdr->sh_type != SHT_NOTE
3167 && (shdr->sh_flags & SHF_ALLOC) != 0)
3168 {
3169 bits_alloc_p = true;
3170 }
3171 }
3172
3173 // For more expansive elf/split-debuginfo classification, we
3174 // want to identify as debuginfo "strip -s"-produced files
3175 // without .debug_info* (like libicudata), but we don't want to
3176 // identify "strip -g" executables (with .symtab left there).
3177 if (symtab_p && !bits_alloc_p)
3178 debuginfo_p = true;
3179 }
3180 catch (const reportable_exception& e)
3181 {
3182 e.report(clog);
3183 }
3184 elf_end (elf);
3185 }
3186
3187
3188 // Intern the given file name in two parts (dirname & basename) and
3189 // return the resulting file's id.
3190 static int64_t
register_file_name(sqlite_ps & ps_upsert_fileparts,sqlite_ps & ps_upsert_file,sqlite_ps & ps_lookup_file,const string & name)3191 register_file_name(sqlite_ps& ps_upsert_fileparts,
3192 sqlite_ps& ps_upsert_file,
3193 sqlite_ps& ps_lookup_file,
3194 const string& name)
3195 {
3196 std::size_t slash = name.rfind('/');
3197 string dirname, basename;
3198 if (slash == std::string::npos)
3199 {
3200 dirname = "";
3201 basename = name;
3202 }
3203 else
3204 {
3205 dirname = name.substr(0, slash);
3206 basename = name.substr(slash+1);
3207 }
3208
3209 // intern the two substrings
3210 ps_upsert_fileparts
3211 .reset()
3212 .bind(1, dirname)
3213 .step_ok_done();
3214 ps_upsert_fileparts
3215 .reset()
3216 .bind(1, basename)
3217 .step_ok_done();
3218
3219 // intern the tuple
3220 ps_upsert_file
3221 .reset()
3222 .bind(1, dirname)
3223 .bind(2, basename)
3224 .step_ok_done();
3225
3226 // look up the tuple's id
3227 ps_lookup_file
3228 .reset()
3229 .bind(1, dirname)
3230 .bind(2, basename);
3231 int rc = ps_lookup_file.step();
3232 if (rc != SQLITE_ROW) throw sqlite_exception(rc, "step");
3233
3234 int64_t id = sqlite3_column_int64 (ps_lookup_file, 0);
3235 ps_lookup_file.reset();
3236 return id;
3237 }
3238
3239
3240
3241 static void
scan_source_file(const string & rps,const stat_t & st,sqlite_ps & ps_upsert_buildids,sqlite_ps & ps_upsert_fileparts,sqlite_ps & ps_upsert_file,sqlite_ps & ps_lookup_file,sqlite_ps & ps_upsert_de,sqlite_ps & ps_upsert_s,sqlite_ps & ps_query,sqlite_ps & ps_scan_done,unsigned & fts_cached,unsigned & fts_executable,unsigned & fts_debuginfo,unsigned & fts_sourcefiles)3242 scan_source_file (const string& rps, const stat_t& st,
3243 sqlite_ps& ps_upsert_buildids,
3244 sqlite_ps& ps_upsert_fileparts,
3245 sqlite_ps& ps_upsert_file,
3246 sqlite_ps& ps_lookup_file,
3247 sqlite_ps& ps_upsert_de,
3248 sqlite_ps& ps_upsert_s,
3249 sqlite_ps& ps_query,
3250 sqlite_ps& ps_scan_done,
3251 unsigned& fts_cached,
3252 unsigned& fts_executable,
3253 unsigned& fts_debuginfo,
3254 unsigned& fts_sourcefiles)
3255 {
3256 int64_t fileid = register_file_name(ps_upsert_fileparts, ps_upsert_file, ps_lookup_file, rps);
3257
3258 /* See if we know of it already. */
3259 int rc = ps_query
3260 .reset()
3261 .bind(1, fileid)
3262 .bind(2, st.st_mtime)
3263 .step();
3264 ps_query.reset();
3265 if (rc == SQLITE_ROW) // i.e., a result, as opposed to DONE (no results)
3266 // no need to recheck a file/version we already know
3267 // specifically, no need to elf-begin a file we already determined is non-elf
3268 // (so is stored with buildid=NULL)
3269 {
3270 fts_cached++;
3271 return;
3272 }
3273
3274 bool executable_p = false, debuginfo_p = false; // E and/or D
3275 string buildid;
3276 set<string> sourcefiles;
3277
3278 int fd = open (rps.c_str(), O_RDONLY);
3279 try
3280 {
3281 if (fd >= 0)
3282 elf_classify (fd, executable_p, debuginfo_p, buildid, sourcefiles);
3283 else
3284 throw libc_exception(errno, string("open ") + rps);
3285 add_metric ("scanned_bytes_total","source","file",
3286 st.st_size);
3287 inc_metric ("scanned_files_total","source","file");
3288 }
3289 // NB: we catch exceptions here too, so that we can
3290 // cache the corrupt-elf case (!executable_p &&
3291 // !debuginfo_p) just below, just as if we had an
3292 // EPERM error from open(2).
3293 catch (const reportable_exception& e)
3294 {
3295 e.report(clog);
3296 }
3297
3298 if (fd >= 0)
3299 close (fd);
3300
3301 if (buildid == "")
3302 {
3303 // no point storing an elf file without buildid
3304 executable_p = false;
3305 debuginfo_p = false;
3306 }
3307 else
3308 {
3309 // register this build-id in the interning table
3310 ps_upsert_buildids
3311 .reset()
3312 .bind(1, buildid)
3313 .step_ok_done();
3314 }
3315
3316 if (executable_p)
3317 fts_executable ++;
3318 if (debuginfo_p)
3319 fts_debuginfo ++;
3320 if (executable_p || debuginfo_p)
3321 {
3322 ps_upsert_de
3323 .reset()
3324 .bind(1, buildid)
3325 .bind(2, debuginfo_p ? 1 : 0)
3326 .bind(3, executable_p ? 1 : 0)
3327 .bind(4, fileid)
3328 .bind(5, st.st_mtime)
3329 .step_ok_done();
3330 }
3331 if (executable_p)
3332 inc_metric("found_executable_total","source","files");
3333 if (debuginfo_p)
3334 inc_metric("found_debuginfo_total","source","files");
3335
3336 if (sourcefiles.size() && buildid != "")
3337 {
3338 fts_sourcefiles += sourcefiles.size();
3339
3340 for (auto&& dwarfsrc : sourcefiles)
3341 {
3342 char *srp = realpath(dwarfsrc.c_str(), NULL);
3343 if (srp == NULL) // also if DWZ unresolved dwarfsrc=""
3344 continue; // unresolvable files are not a serious problem
3345 // throw libc_exception(errno, "fts/file realpath " + srcpath);
3346 string srps = string(srp);
3347 free (srp);
3348
3349 struct stat sfs;
3350 rc = stat(srps.c_str(), &sfs);
3351 if (rc != 0)
3352 continue;
3353
3354 if (verbose > 2)
3355 obatched(clog) << "recorded buildid=" << buildid << " file=" << srps
3356 << " mtime=" << sfs.st_mtime
3357 << " as source " << dwarfsrc << endl;
3358
3359 // PR25548: store canonicalized dwarfsrc path
3360 string dwarfsrc_canon = canon_pathname (dwarfsrc);
3361 if (dwarfsrc_canon != dwarfsrc)
3362 {
3363 if (verbose > 3)
3364 obatched(clog) << "canonicalized src=" << dwarfsrc << " alias=" << dwarfsrc_canon << endl;
3365 }
3366
3367 int64_t fileid1 = register_file_name (ps_upsert_fileparts, ps_upsert_file, ps_lookup_file, dwarfsrc_canon);
3368 int64_t fileid2 = register_file_name (ps_upsert_fileparts, ps_upsert_file, ps_lookup_file, srps);
3369
3370 ps_upsert_s
3371 .reset()
3372 .bind(1, buildid)
3373 .bind(2, fileid1)
3374 .bind(3, fileid2)
3375 .bind(4, sfs.st_mtime)
3376 .step_ok_done();
3377
3378 inc_metric("found_sourcerefs_total","source","files");
3379 }
3380 }
3381
3382 ps_scan_done
3383 .reset()
3384 .bind(1, fileid)
3385 .bind(2, st.st_mtime)
3386 .bind(3, st.st_size)
3387 .step_ok_done();
3388
3389 if (verbose > 2)
3390 obatched(clog) << "recorded buildid=" << buildid << " file=" << rps
3391 << " mtime=" << st.st_mtime << " atype="
3392 << (executable_p ? "E" : "")
3393 << (debuginfo_p ? "D" : "") << endl;
3394 }
3395
3396
3397
3398
3399
3400 // Analyze given archive file of given age; record buildids / exec/debuginfo-ness of its
3401 // constituent files with given upsert statements.
3402 static void
archive_classify(const string & rps,string & archive_extension,int64_t archiveid,sqlite_ps & ps_upsert_buildids,sqlite_ps & ps_upsert_fileparts,sqlite_ps & ps_upsert_file,sqlite_ps & ps_lookup_file,sqlite_ps & ps_upsert_de,sqlite_ps & ps_upsert_sref,sqlite_ps & ps_upsert_sdef,time_t mtime,unsigned & fts_executable,unsigned & fts_debuginfo,unsigned & fts_sref,unsigned & fts_sdef,bool & fts_sref_complete_p)3403 archive_classify (const string& rps, string& archive_extension, int64_t archiveid,
3404 sqlite_ps& ps_upsert_buildids, sqlite_ps& ps_upsert_fileparts, sqlite_ps& ps_upsert_file,
3405 sqlite_ps& ps_lookup_file,
3406 sqlite_ps& ps_upsert_de, sqlite_ps& ps_upsert_sref, sqlite_ps& ps_upsert_sdef,
3407 time_t mtime,
3408 unsigned& fts_executable, unsigned& fts_debuginfo, unsigned& fts_sref, unsigned& fts_sdef,
3409 bool& fts_sref_complete_p)
3410 {
3411 string archive_decoder = "/dev/null";
3412 for (auto&& arch : scan_archives)
3413 if (string_endswith(rps, arch.first))
3414 {
3415 archive_extension = arch.first;
3416 archive_decoder = arch.second;
3417 }
3418
3419 FILE* fp;
3420 defer_dtor<FILE*,int>::dtor_fn dfn;
3421 if (archive_decoder != "cat")
3422 {
3423 string popen_cmd = archive_decoder + " " + shell_escape(rps);
3424 fp = popen (popen_cmd.c_str(), "r"); // "e" O_CLOEXEC?
3425 dfn = pclose;
3426 if (fp == NULL)
3427 throw libc_exception (errno, string("popen ") + popen_cmd);
3428 }
3429 else
3430 {
3431 fp = fopen (rps.c_str(), "r");
3432 dfn = fclose;
3433 if (fp == NULL)
3434 throw libc_exception (errno, string("fopen ") + rps);
3435 }
3436 defer_dtor<FILE*,int> fp_closer (fp, dfn);
3437
3438 struct archive *a;
3439 a = archive_read_new();
3440 if (a == NULL)
3441 throw archive_exception("cannot create archive reader");
3442 defer_dtor<struct archive*,int> archive_closer (a, archive_read_free);
3443
3444 int rc = archive_read_support_format_all(a);
3445 if (rc != ARCHIVE_OK)
3446 throw archive_exception(a, "cannot select all formats");
3447 rc = archive_read_support_filter_all(a);
3448 if (rc != ARCHIVE_OK)
3449 throw archive_exception(a, "cannot select all filters");
3450
3451 rc = archive_read_open_FILE (a, fp);
3452 if (rc != ARCHIVE_OK)
3453 {
3454 obatched(clog) << "cannot open archive from pipe " << rps << endl;
3455 throw archive_exception(a, "cannot open archive from pipe");
3456 }
3457
3458 if (verbose > 3)
3459 obatched(clog) << "libarchive scanning " << rps << " id " << archiveid << endl;
3460
3461 bool any_exceptions = false;
3462 while(1) // parse archive entries
3463 {
3464 if (interrupted)
3465 break;
3466
3467 try
3468 {
3469 struct archive_entry *e;
3470 rc = archive_read_next_header (a, &e);
3471 if (rc != ARCHIVE_OK)
3472 break;
3473
3474 if (! S_ISREG(archive_entry_mode (e))) // skip non-files completely
3475 continue;
3476
3477 string fn = canonicalized_archive_entry_pathname (e);
3478
3479 if (verbose > 3)
3480 obatched(clog) << "libarchive checking " << fn << endl;
3481
3482 // extract this file to a temporary file
3483 char* tmppath = NULL;
3484 rc = asprintf (&tmppath, "%s/debuginfod.XXXXXX", tmpdir.c_str());
3485 if (rc < 0)
3486 throw libc_exception (ENOMEM, "cannot allocate tmppath");
3487 defer_dtor<void*,void> tmmpath_freer (tmppath, free);
3488 int fd = mkstemp (tmppath);
3489 if (fd < 0)
3490 throw libc_exception (errno, "cannot create temporary file");
3491 unlink (tmppath); // unlink now so OS will release the file as soon as we close the fd
3492 defer_dtor<int,int> minifd_closer (fd, close);
3493
3494 rc = archive_read_data_into_fd (a, fd);
3495 if (rc != ARCHIVE_OK)
3496 throw archive_exception(a, "cannot extract file");
3497
3498 // finally ... time to run elf_classify on this bad boy and update the database
3499 bool executable_p = false, debuginfo_p = false;
3500 string buildid;
3501 set<string> sourcefiles;
3502 elf_classify (fd, executable_p, debuginfo_p, buildid, sourcefiles);
3503 // NB: might throw
3504
3505 if (buildid != "") // intern buildid
3506 {
3507 ps_upsert_buildids
3508 .reset()
3509 .bind(1, buildid)
3510 .step_ok_done();
3511 }
3512
3513 int64_t fileid = register_file_name (ps_upsert_fileparts, ps_upsert_file, ps_lookup_file, fn);
3514
3515 if (sourcefiles.size() > 0) // sref records needed
3516 {
3517 // NB: we intern each source file once. Once raw, as it
3518 // appears in the DWARF file list coming back from
3519 // elf_classify() - because it'll end up in the
3520 // _norm.artifactsrc column. We don't also put another
3521 // version with a '.' at the front, even though that's
3522 // how rpm/cpio packs names, because we hide that from
3523 // the database for storage efficiency.
3524
3525 for (auto&& s : sourcefiles)
3526 {
3527 if (s == "")
3528 {
3529 fts_sref_complete_p = false;
3530 continue;
3531 }
3532
3533 // PR25548: store canonicalized source path
3534 const string& dwarfsrc = s;
3535 string dwarfsrc_canon = canon_pathname (dwarfsrc);
3536 if (dwarfsrc_canon != dwarfsrc)
3537 {
3538 if (verbose > 3)
3539 obatched(clog) << "canonicalized src=" << dwarfsrc << " alias=" << dwarfsrc_canon << endl;
3540 }
3541
3542 int64_t srcfileid = register_file_name(ps_upsert_fileparts, ps_upsert_file, ps_lookup_file,
3543 dwarfsrc_canon);
3544
3545 ps_upsert_sref
3546 .reset()
3547 .bind(1, buildid)
3548 .bind(2, srcfileid)
3549 .step_ok_done();
3550
3551 fts_sref ++;
3552 }
3553 }
3554
3555 if (executable_p)
3556 fts_executable ++;
3557 if (debuginfo_p)
3558 fts_debuginfo ++;
3559
3560 if (executable_p || debuginfo_p)
3561 {
3562 ps_upsert_de
3563 .reset()
3564 .bind(1, buildid)
3565 .bind(2, debuginfo_p ? 1 : 0)
3566 .bind(3, executable_p ? 1 : 0)
3567 .bind(4, archiveid)
3568 .bind(5, mtime)
3569 .bind(6, fileid)
3570 .step_ok_done();
3571 }
3572 else // potential source - sdef record
3573 {
3574 fts_sdef ++;
3575 ps_upsert_sdef
3576 .reset()
3577 .bind(1, archiveid)
3578 .bind(2, mtime)
3579 .bind(3, fileid)
3580 .step_ok_done();
3581 }
3582
3583 if ((verbose > 2) && (executable_p || debuginfo_p))
3584 obatched(clog) << "recorded buildid=" << buildid << " rpm=" << rps << " file=" << fn
3585 << " mtime=" << mtime << " atype="
3586 << (executable_p ? "E" : "")
3587 << (debuginfo_p ? "D" : "")
3588 << " sourcefiles=" << sourcefiles.size() << endl;
3589
3590 }
3591 catch (const reportable_exception& e)
3592 {
3593 e.report(clog);
3594 any_exceptions = true;
3595 // NB: but we allow the libarchive iteration to continue, in
3596 // case we can still gather some useful information. That
3597 // would allow some webapi queries to work, until later when
3598 // this archive is rescanned. (Its vitals won't go into the
3599 // _file_mtime_scanned table until after a successful scan.)
3600 }
3601 }
3602
3603 if (any_exceptions)
3604 throw reportable_exception("exceptions encountered during archive scan");
3605 }
3606
3607
3608
3609 // scan for archive files such as .rpm
3610 static void
scan_archive_file(const string & rps,const stat_t & st,sqlite_ps & ps_upsert_buildids,sqlite_ps & ps_upsert_fileparts,sqlite_ps & ps_upsert_file,sqlite_ps & ps_lookup_file,sqlite_ps & ps_upsert_de,sqlite_ps & ps_upsert_sref,sqlite_ps & ps_upsert_sdef,sqlite_ps & ps_query,sqlite_ps & ps_scan_done,unsigned & fts_cached,unsigned & fts_executable,unsigned & fts_debuginfo,unsigned & fts_sref,unsigned & fts_sdef)3611 scan_archive_file (const string& rps, const stat_t& st,
3612 sqlite_ps& ps_upsert_buildids,
3613 sqlite_ps& ps_upsert_fileparts,
3614 sqlite_ps& ps_upsert_file,
3615 sqlite_ps& ps_lookup_file,
3616 sqlite_ps& ps_upsert_de,
3617 sqlite_ps& ps_upsert_sref,
3618 sqlite_ps& ps_upsert_sdef,
3619 sqlite_ps& ps_query,
3620 sqlite_ps& ps_scan_done,
3621 unsigned& fts_cached,
3622 unsigned& fts_executable,
3623 unsigned& fts_debuginfo,
3624 unsigned& fts_sref,
3625 unsigned& fts_sdef)
3626 {
3627 // intern the archive file name
3628 int64_t archiveid = register_file_name (ps_upsert_fileparts, ps_upsert_file, ps_lookup_file, rps);
3629
3630 /* See if we know of it already. */
3631 int rc = ps_query
3632 .reset()
3633 .bind(1, archiveid)
3634 .bind(2, st.st_mtime)
3635 .step();
3636 ps_query.reset();
3637 if (rc == SQLITE_ROW) // i.e., a result, as opposed to DONE (no results)
3638 // no need to recheck a file/version we already know
3639 // specifically, no need to parse this archive again, since we already have
3640 // it as a D or E or S record,
3641 // (so is stored with buildid=NULL)
3642 {
3643 fts_cached ++;
3644 return;
3645 }
3646
3647 // extract the archive contents
3648 unsigned my_fts_executable = 0, my_fts_debuginfo = 0, my_fts_sref = 0, my_fts_sdef = 0;
3649 bool my_fts_sref_complete_p = true;
3650 bool any_exceptions = false;
3651 try
3652 {
3653 string archive_extension;
3654 archive_classify (rps, archive_extension, archiveid,
3655 ps_upsert_buildids, ps_upsert_fileparts, ps_upsert_file, ps_lookup_file,
3656 ps_upsert_de, ps_upsert_sref, ps_upsert_sdef, // dalt
3657 st.st_mtime,
3658 my_fts_executable, my_fts_debuginfo, my_fts_sref, my_fts_sdef,
3659 my_fts_sref_complete_p);
3660 add_metric ("scanned_bytes_total","source",archive_extension + " archive",
3661 st.st_size);
3662 inc_metric ("scanned_files_total","source",archive_extension + " archive");
3663 add_metric("found_debuginfo_total","source",archive_extension + " archive",
3664 my_fts_debuginfo);
3665 add_metric("found_executable_total","source",archive_extension + " archive",
3666 my_fts_executable);
3667 add_metric("found_sourcerefs_total","source",archive_extension + " archive",
3668 my_fts_sref);
3669 }
3670 catch (const reportable_exception& e)
3671 {
3672 e.report(clog);
3673 any_exceptions = true;
3674 }
3675
3676 if (verbose > 2)
3677 obatched(clog) << "scanned archive=" << rps
3678 << " mtime=" << st.st_mtime
3679 << " executables=" << my_fts_executable
3680 << " debuginfos=" << my_fts_debuginfo
3681 << " srefs=" << my_fts_sref
3682 << " sdefs=" << my_fts_sdef
3683 << " exceptions=" << any_exceptions
3684 << endl;
3685
3686 fts_executable += my_fts_executable;
3687 fts_debuginfo += my_fts_debuginfo;
3688 fts_sref += my_fts_sref;
3689 fts_sdef += my_fts_sdef;
3690
3691 if (any_exceptions)
3692 throw reportable_exception("exceptions encountered during archive scan");
3693
3694 if (my_fts_sref_complete_p) // leave incomplete?
3695 ps_scan_done
3696 .reset()
3697 .bind(1, archiveid)
3698 .bind(2, st.st_mtime)
3699 .bind(3, st.st_size)
3700 .step_ok_done();
3701 }
3702
3703
3704
3705 ////////////////////////////////////////////////////////////////////////
3706
3707
3708
3709 // The thread that consumes file names off of the scanq. We hold
3710 // the persistent sqlite_ps's at this level and delegate file/archive
3711 // scanning to other functions.
3712 static void
scan()3713 scan ()
3714 {
3715 // all the prepared statements fit to use, the _f_ set:
3716 sqlite_ps ps_f_upsert_buildids (db, "file-buildids-intern", "insert or ignore into " BUILDIDS "_buildids VALUES (NULL, ?);");
3717 sqlite_ps ps_f_upsert_fileparts (db, "file-fileparts-intern", "insert or ignore into " BUILDIDS "_fileparts VALUES (NULL, ?);");
3718 sqlite_ps ps_f_upsert_file (db, "file-file-intern", "insert or ignore into " BUILDIDS "_files VALUES (NULL, \n"
3719 "(select id from " BUILDIDS "_fileparts where name = ?),\n"
3720 "(select id from " BUILDIDS "_fileparts where name = ?));");
3721 sqlite_ps ps_f_lookup_file (db, "file-file-lookup",
3722 "select f.id\n"
3723 " from " BUILDIDS "_files f, " BUILDIDS "_fileparts p1, " BUILDIDS "_fileparts p2 \n"
3724 " where f.dirname = p1.id and f.basename = p2.id and p1.name = ? and p2.name = ?;\n");
3725 sqlite_ps ps_f_upsert_de (db, "file-de-upsert",
3726 "insert or ignore into " BUILDIDS "_f_de "
3727 "(buildid, debuginfo_p, executable_p, file, mtime) "
3728 "values ((select id from " BUILDIDS "_buildids where hex = ?),"
3729 " ?,?,?,?);");
3730 sqlite_ps ps_f_upsert_s (db, "file-s-upsert",
3731 "insert or ignore into " BUILDIDS "_f_s "
3732 "(buildid, artifactsrc, file, mtime) "
3733 "values ((select id from " BUILDIDS "_buildids where hex = ?),"
3734 " ?,?,?);");
3735 sqlite_ps ps_f_query (db, "file-negativehit-find",
3736 "select 1 from " BUILDIDS "_file_mtime_scanned where sourcetype = 'F' "
3737 "and file = ? and mtime = ?;");
3738 sqlite_ps ps_f_scan_done (db, "file-scanned",
3739 "insert or ignore into " BUILDIDS "_file_mtime_scanned (sourcetype, file, mtime, size)"
3740 "values ('F', ?,?,?);");
3741
3742 // and now for the _r_ set
3743 sqlite_ps ps_r_upsert_buildids (db, "rpm-buildid-intern", "insert or ignore into " BUILDIDS "_buildids VALUES (NULL, ?);");
3744 sqlite_ps ps_r_upsert_fileparts (db, "rpm-fileparts-intern", "insert or ignore into " BUILDIDS "_fileparts VALUES (NULL, ?);");
3745 sqlite_ps ps_r_upsert_file (db, "rpm-file-intern", "insert or ignore into " BUILDIDS "_files VALUES (NULL, \n"
3746 "(select id from " BUILDIDS "_fileparts where name = ?),\n"
3747 "(select id from " BUILDIDS "_fileparts where name = ?));");
3748 sqlite_ps ps_r_lookup_file (db, "rpm-file-lookup",
3749 "select f.id\n"
3750 " from " BUILDIDS "_files f, " BUILDIDS "_fileparts p1, " BUILDIDS "_fileparts p2 \n"
3751 " where f.dirname = p1.id and f.basename = p2.id and p1.name = ? and p2.name = ?;\n");
3752 sqlite_ps ps_r_upsert_de (db, "rpm-de-insert",
3753 "insert or ignore into " BUILDIDS "_r_de (buildid, debuginfo_p, executable_p, file, mtime, content) values ("
3754 "(select id from " BUILDIDS "_buildids where hex = ?), ?, ?, ?, ?, ?);");
3755 sqlite_ps ps_r_upsert_sref (db, "rpm-sref-insert",
3756 "insert or ignore into " BUILDIDS "_r_sref (buildid, artifactsrc) values ("
3757 "(select id from " BUILDIDS "_buildids where hex = ?), "
3758 "?);");
3759 sqlite_ps ps_r_upsert_sdef (db, "rpm-sdef-insert",
3760 "insert or ignore into " BUILDIDS "_r_sdef (file, mtime, content) values ("
3761 "?, ?, ?);");
3762 sqlite_ps ps_r_query (db, "rpm-negativehit-query",
3763 "select 1 from " BUILDIDS "_file_mtime_scanned where "
3764 "sourcetype = 'R' and file = ? and mtime = ?;");
3765 sqlite_ps ps_r_scan_done (db, "rpm-scanned",
3766 "insert or ignore into " BUILDIDS "_file_mtime_scanned (sourcetype, file, mtime, size)"
3767 "values ('R', ?, ?, ?);");
3768
3769
3770 unsigned fts_cached = 0, fts_executable = 0, fts_debuginfo = 0, fts_sourcefiles = 0;
3771 unsigned fts_sref = 0, fts_sdef = 0;
3772
3773 add_metric("thread_count", "role", "scan", 1);
3774 add_metric("thread_busy", "role", "scan", 1);
3775 while (! interrupted)
3776 {
3777 scan_payload p;
3778
3779 add_metric("thread_busy", "role", "scan", -1);
3780 // NB: threads may be blocked within either of these two waiting
3781 // states, if the work queue happens to run dry. That's OK.
3782 if (scan_barrier) scan_barrier->count();
3783 bool gotone = scanq.wait_front(p);
3784 add_metric("thread_busy", "role", "scan", 1);
3785
3786 if (! gotone) continue; // go back to waiting
3787
3788 try
3789 {
3790 bool scan_archive = false;
3791 for (auto&& arch : scan_archives)
3792 if (string_endswith(p.first, arch.first))
3793 scan_archive = true;
3794
3795 if (scan_archive)
3796 scan_archive_file (p.first, p.second,
3797 ps_r_upsert_buildids,
3798 ps_r_upsert_fileparts,
3799 ps_r_upsert_file,
3800 ps_r_lookup_file,
3801 ps_r_upsert_de,
3802 ps_r_upsert_sref,
3803 ps_r_upsert_sdef,
3804 ps_r_query,
3805 ps_r_scan_done,
3806 fts_cached,
3807 fts_executable,
3808 fts_debuginfo,
3809 fts_sref,
3810 fts_sdef);
3811
3812 if (scan_files) // NB: maybe "else if" ?
3813 scan_source_file (p.first, p.second,
3814 ps_f_upsert_buildids,
3815 ps_f_upsert_fileparts,
3816 ps_f_upsert_file,
3817 ps_f_lookup_file,
3818 ps_f_upsert_de,
3819 ps_f_upsert_s,
3820 ps_f_query,
3821 ps_f_scan_done,
3822 fts_cached, fts_executable, fts_debuginfo, fts_sourcefiles);
3823 }
3824 catch (const reportable_exception& e)
3825 {
3826 e.report(cerr);
3827 }
3828
3829 scanq.done_front(); // let idlers run
3830
3831 if (fts_cached || fts_executable || fts_debuginfo || fts_sourcefiles || fts_sref || fts_sdef)
3832 {} // NB: not just if a successful scan - we might have encountered -ENOSPC & failed
3833 (void) statfs_free_enough_p(db_path, "database"); // report sqlite filesystem size
3834 (void) statfs_free_enough_p(tmpdir, "tmpdir"); // this too, in case of fdcache/tmpfile usage
3835
3836 // finished a scanning step -- not a "loop", because we just
3837 // consume the traversal loop's work, whenever
3838 inc_metric("thread_work_total","role","scan");
3839 }
3840
3841 add_metric("thread_busy", "role", "scan", -1);
3842 }
3843
3844
3845 // Use this function as the thread entry point, so it can catch our
3846 // fleet of exceptions (incl. the sqlite_ps ctors) and report.
3847 static void*
thread_main_scanner(void * arg)3848 thread_main_scanner (void* arg)
3849 {
3850 (void) arg;
3851 while (! interrupted)
3852 try
3853 {
3854 scan();
3855 }
3856 catch (const reportable_exception& e)
3857 {
3858 e.report(cerr);
3859 }
3860 return 0;
3861 }
3862
3863
3864
3865 // The thread that traverses all the source_paths and enqueues all the
3866 // matching files into the file/archive scan queue.
3867 static void
scan_source_paths()3868 scan_source_paths()
3869 {
3870 // NB: fedora 31 glibc/fts(3) crashes inside fts_read() on empty
3871 // path list.
3872 if (source_paths.empty())
3873 return;
3874
3875 // Turn the source_paths into an fts(3)-compatible char**. Since
3876 // source_paths[] does not change after argv processing, the
3877 // c_str()'s are safe to keep around awile.
3878 vector<const char *> sps;
3879 for (auto&& sp: source_paths)
3880 sps.push_back(sp.c_str());
3881 sps.push_back(NULL);
3882
3883 FTS *fts = fts_open ((char * const *)sps.data(),
3884 (traverse_logical ? FTS_LOGICAL : FTS_PHYSICAL|FTS_XDEV)
3885 | FTS_NOCHDIR /* multithreaded */,
3886 NULL);
3887 if (fts == NULL)
3888 throw libc_exception(errno, "cannot fts_open");
3889 defer_dtor<FTS*,int> fts_cleanup (fts, fts_close);
3890
3891 struct timespec ts_start, ts_end;
3892 clock_gettime (CLOCK_MONOTONIC, &ts_start);
3893 unsigned fts_scanned = 0, fts_regex = 0;
3894
3895 FTSENT *f;
3896 while ((f = fts_read (fts)) != NULL)
3897 {
3898 if (interrupted) break;
3899
3900 if (sigusr2 != forced_groom_count) // stop early if groom triggered
3901 {
3902 scanq.clear(); // clear previously issued work for scanner threads
3903 break;
3904 }
3905
3906 fts_scanned ++;
3907
3908 if (verbose > 2)
3909 obatched(clog) << "fts traversing " << f->fts_path << endl;
3910
3911 switch (f->fts_info)
3912 {
3913 case FTS_F:
3914 {
3915 /* Found a file. Convert it to an absolute path, so
3916 the buildid database does not have relative path
3917 names that are unresolvable from a subsequent run
3918 in a different cwd. */
3919 char *rp = realpath(f->fts_path, NULL);
3920 if (rp == NULL)
3921 continue; // ignore dangling symlink or such
3922 string rps = string(rp);
3923 free (rp);
3924
3925 bool ri = !regexec (&file_include_regex, rps.c_str(), 0, 0, 0);
3926 bool rx = !regexec (&file_exclude_regex, rps.c_str(), 0, 0, 0);
3927 if (!ri || rx)
3928 {
3929 if (verbose > 3)
3930 obatched(clog) << "fts skipped by regex "
3931 << (!ri ? "I" : "") << (rx ? "X" : "") << endl;
3932 fts_regex ++;
3933 if (!ri)
3934 inc_metric("traversed_total","type","file-skipped-I");
3935 if (rx)
3936 inc_metric("traversed_total","type","file-skipped-X");
3937 }
3938 else
3939 {
3940 scanq.push_back (make_pair(rps, *f->fts_statp));
3941 inc_metric("traversed_total","type","file");
3942 }
3943 }
3944 break;
3945
3946 case FTS_ERR:
3947 case FTS_NS:
3948 // report on some types of errors because they may reflect fixable misconfiguration
3949 {
3950 auto x = libc_exception(f->fts_errno, string("fts traversal ") + string(f->fts_path));
3951 x.report(cerr);
3952 }
3953 inc_metric("traversed_total","type","error");
3954 break;
3955
3956 case FTS_SL: // ignore, but count because debuginfod -L would traverse these
3957 inc_metric("traversed_total","type","symlink");
3958 break;
3959
3960 case FTS_D: // ignore
3961 inc_metric("traversed_total","type","directory");
3962 break;
3963
3964 default: // ignore
3965 inc_metric("traversed_total","type","other");
3966 break;
3967 }
3968 }
3969 clock_gettime (CLOCK_MONOTONIC, &ts_end);
3970 double deltas = (ts_end.tv_sec - ts_start.tv_sec) + (ts_end.tv_nsec - ts_start.tv_nsec)/1.e9;
3971
3972 obatched(clog) << "fts traversed source paths in " << deltas << "s, scanned=" << fts_scanned
3973 << ", regex-skipped=" << fts_regex << endl;
3974 }
3975
3976
3977 static void*
thread_main_fts_source_paths(void * arg)3978 thread_main_fts_source_paths (void* arg)
3979 {
3980 (void) arg; // ignore; we operate on global data
3981
3982 set_metric("thread_tid", "role","traverse", tid());
3983 add_metric("thread_count", "role", "traverse", 1);
3984
3985 time_t last_rescan = 0;
3986
3987 while (! interrupted)
3988 {
3989 sleep (1);
3990 scanq.wait_idle(); // don't start a new traversal while scanners haven't finished the job
3991 scanq.done_idle(); // release the hounds
3992 if (interrupted) break;
3993
3994 time_t now = time(NULL);
3995 bool rescan_now = false;
3996 if (last_rescan == 0) // at least one initial rescan is documented even for -t0
3997 rescan_now = true;
3998 if (rescan_s > 0 && (long)now > (long)(last_rescan + rescan_s))
3999 rescan_now = true;
4000 if (sigusr1 != forced_rescan_count)
4001 {
4002 forced_rescan_count = sigusr1;
4003 rescan_now = true;
4004 }
4005 if (rescan_now)
4006 {
4007 set_metric("thread_busy", "role","traverse", 1);
4008 try
4009 {
4010 scan_source_paths();
4011 }
4012 catch (const reportable_exception& e)
4013 {
4014 e.report(cerr);
4015 }
4016 last_rescan = time(NULL); // NB: now was before scanning
4017 // finished a traversal loop
4018 inc_metric("thread_work_total", "role","traverse");
4019 set_metric("thread_busy", "role","traverse", 0);
4020 }
4021 }
4022
4023 return 0;
4024 }
4025
4026
4027
4028 ////////////////////////////////////////////////////////////////////////
4029
4030 static void
database_stats_report()4031 database_stats_report()
4032 {
4033 sqlite_ps ps_query (db, "database-overview",
4034 "select label,quantity from " BUILDIDS "_stats");
4035
4036 obatched(clog) << "database record counts:" << endl;
4037 while (1)
4038 {
4039 if (interrupted) break;
4040 if (sigusr1 != forced_rescan_count) // stop early if scan triggered
4041 break;
4042
4043 int rc = ps_query.step();
4044 if (rc == SQLITE_DONE) break;
4045 if (rc != SQLITE_ROW)
4046 throw sqlite_exception(rc, "step");
4047
4048 obatched(clog)
4049 << ((const char*) sqlite3_column_text(ps_query, 0) ?: (const char*) "NULL")
4050 << " "
4051 << (sqlite3_column_text(ps_query, 1) ?: (const unsigned char*) "NULL")
4052 << endl;
4053
4054 set_metric("groom", "statistic",
4055 ((const char*) sqlite3_column_text(ps_query, 0) ?: (const char*) "NULL"),
4056 (sqlite3_column_double(ps_query, 1)));
4057 }
4058 }
4059
4060
4061 // Do a round of database grooming that might take many minutes to run.
groom()4062 void groom()
4063 {
4064 obatched(clog) << "grooming database" << endl;
4065
4066 struct timespec ts_start, ts_end;
4067 clock_gettime (CLOCK_MONOTONIC, &ts_start);
4068
4069 // scan for files that have disappeared
4070 sqlite_ps files (db, "check old files",
4071 "select distinct s.mtime, s.file, f.name from "
4072 BUILDIDS "_file_mtime_scanned s, " BUILDIDS "_files_v f "
4073 "where f.id = s.file");
4074 // NB: Because _ftime_mtime_scanned can contain both F and
4075 // R records for the same file, this query would return duplicates if the
4076 // DISTINCT qualifier were not there.
4077 files.reset();
4078
4079 // DECISION TIME - we enumerate stale fileids/mtimes
4080 deque<pair<int64_t,int64_t> > stale_fileid_mtime;
4081
4082 time_t time_start = time(NULL);
4083 while(1)
4084 {
4085 // PR28514: limit grooming iteration to O(rescan time), to avoid
4086 // slow filesystem tests over many files locking out rescans for
4087 // too long.
4088 if (rescan_s > 0 && (long)time(NULL) > (long)(time_start + rescan_s))
4089 {
4090 inc_metric("groomed_total", "decision", "aborted");
4091 break;
4092 }
4093
4094 if (interrupted) break;
4095
4096 int rc = files.step();
4097 if (rc != SQLITE_ROW)
4098 break;
4099
4100 int64_t mtime = sqlite3_column_int64 (files, 0);
4101 int64_t fileid = sqlite3_column_int64 (files, 1);
4102 const char* filename = ((const char*) sqlite3_column_text (files, 2) ?: "");
4103 struct stat s;
4104 bool regex_file_drop = 0;
4105
4106 if (regex_groom)
4107 {
4108 bool reg_include = !regexec (&file_include_regex, filename, 0, 0, 0);
4109 bool reg_exclude = !regexec (&file_exclude_regex, filename, 0, 0, 0);
4110 regex_file_drop = !reg_include || reg_exclude; // match logic of scan_source_paths
4111 }
4112
4113 rc = stat(filename, &s);
4114 if ( regex_file_drop || rc < 0 || (mtime != (int64_t) s.st_mtime) )
4115 {
4116 if (verbose > 2)
4117 obatched(clog) << "groom: stale file=" << filename << " mtime=" << mtime << endl;
4118 stale_fileid_mtime.push_back(make_pair(fileid,mtime));
4119 inc_metric("groomed_total", "decision", "stale");
4120 set_metric("thread_work_pending","role","groom", stale_fileid_mtime.size());
4121 }
4122 else
4123 inc_metric("groomed_total", "decision", "fresh");
4124
4125 if (sigusr1 != forced_rescan_count) // stop early if scan triggered
4126 break;
4127 }
4128 files.reset();
4129
4130 // ACTION TIME
4131
4132 // Now that we know which file/mtime tuples are stale, actually do
4133 // the deletion from the database. Doing this during the SELECT
4134 // iteration above results in undefined behaviour in sqlite, as per
4135 // https://www.sqlite.org/isolation.html
4136
4137 // We could shuffle stale_fileid_mtime[] here. It'd let aborted
4138 // sequences of nuke operations resume at random locations, instead
4139 // of just starting over. But it doesn't matter much either way,
4140 // as long as we make progress.
4141
4142 sqlite_ps files_del_f_de (db, "nuke f_de", "delete from " BUILDIDS "_f_de where file = ? and mtime = ?");
4143 sqlite_ps files_del_r_de (db, "nuke r_de", "delete from " BUILDIDS "_r_de where file = ? and mtime = ?");
4144 sqlite_ps files_del_scan (db, "nuke f_m_s", "delete from " BUILDIDS "_file_mtime_scanned "
4145 "where file = ? and mtime = ?");
4146
4147 while (! stale_fileid_mtime.empty())
4148 {
4149 auto stale = stale_fileid_mtime.front();
4150 stale_fileid_mtime.pop_front();
4151 set_metric("thread_work_pending","role","groom", stale_fileid_mtime.size());
4152
4153 // PR28514: limit grooming iteration to O(rescan time), to avoid
4154 // slow nuke_* queries over many files locking out rescans for too
4155 // long. We iterate over the files in random() sequence to avoid
4156 // partial checks going over the same set.
4157 if (rescan_s > 0 && (long)time(NULL) > (long)(time_start + rescan_s))
4158 {
4159 inc_metric("groomed_total", "action", "aborted");
4160 break;
4161 }
4162
4163 if (interrupted) break;
4164
4165 int64_t fileid = stale.first;
4166 int64_t mtime = stale.second;
4167 files_del_f_de.reset().bind(1,fileid).bind(2,mtime).step_ok_done();
4168 files_del_r_de.reset().bind(1,fileid).bind(2,mtime).step_ok_done();
4169 files_del_scan.reset().bind(1,fileid).bind(2,mtime).step_ok_done();
4170 inc_metric("groomed_total", "action", "cleaned");
4171
4172 if (sigusr1 != forced_rescan_count) // stop early if scan triggered
4173 break;
4174 }
4175 stale_fileid_mtime.clear(); // no need for this any longer
4176 set_metric("thread_work_pending","role","groom", stale_fileid_mtime.size());
4177
4178 // delete buildids with no references in _r_de or _f_de tables;
4179 // cascades to _r_sref & _f_s records
4180 sqlite_ps buildids_del (db, "nuke orphan buildids",
4181 "delete from " BUILDIDS "_buildids "
4182 "where not exists (select 1 from " BUILDIDS "_f_de d where " BUILDIDS "_buildids.id = d.buildid) "
4183 "and not exists (select 1 from " BUILDIDS "_r_de d where " BUILDIDS "_buildids.id = d.buildid)");
4184 buildids_del.reset().step_ok_done();
4185
4186 if (interrupted) return;
4187
4188 // NB: "vacuum" is too heavy for even daily runs: it rewrites the entire db, so is done as maxigroom -G
4189 sqlite_ps g1 (db, "incremental vacuum", "pragma incremental_vacuum");
4190 g1.reset().step_ok_done();
4191 sqlite_ps g2 (db, "optimize", "pragma optimize");
4192 g2.reset().step_ok_done();
4193 sqlite_ps g3 (db, "wal checkpoint", "pragma wal_checkpoint=truncate");
4194 g3.reset().step_ok_done();
4195
4196 database_stats_report();
4197
4198 (void) statfs_free_enough_p(db_path, "database"); // report sqlite filesystem size
4199
4200 sqlite3_db_release_memory(db); // shrink the process if possible
4201 sqlite3_db_release_memory(dbq); // ... for both connections
4202 debuginfod_pool_groom(); // and release any debuginfod_client objects we've been holding onto
4203
4204 fdcache.limit(0,0,0,0); // release the fdcache contents
4205 fdcache.limit(fdcache_fds, fdcache_mbs, fdcache_prefetch_fds, fdcache_prefetch_mbs); // restore status quo parameters
4206
4207 clock_gettime (CLOCK_MONOTONIC, &ts_end);
4208 double deltas = (ts_end.tv_sec - ts_start.tv_sec) + (ts_end.tv_nsec - ts_start.tv_nsec)/1.e9;
4209
4210 obatched(clog) << "groomed database in " << deltas << "s" << endl;
4211 }
4212
4213
4214 static void*
thread_main_groom(void *)4215 thread_main_groom (void* /*arg*/)
4216 {
4217 set_metric("thread_tid", "role", "groom", tid());
4218 add_metric("thread_count", "role", "groom", 1);
4219
4220 time_t last_groom = 0;
4221
4222 while (1)
4223 {
4224 sleep (1);
4225 scanq.wait_idle(); // PR25394: block scanners during grooming!
4226 if (interrupted) break;
4227
4228 time_t now = time(NULL);
4229 bool groom_now = false;
4230 if (last_groom == 0) // at least one initial groom is documented even for -g0
4231 groom_now = true;
4232 if (groom_s > 0 && (long)now > (long)(last_groom + groom_s))
4233 groom_now = true;
4234 if (sigusr2 != forced_groom_count)
4235 {
4236 forced_groom_count = sigusr2;
4237 groom_now = true;
4238 }
4239 if (groom_now)
4240 {
4241 set_metric("thread_busy", "role", "groom", 1);
4242 try
4243 {
4244 groom ();
4245 }
4246 catch (const sqlite_exception& e)
4247 {
4248 obatched(cerr) << e.message << endl;
4249 }
4250 last_groom = time(NULL); // NB: now was before grooming
4251 // finished a grooming loop
4252 inc_metric("thread_work_total", "role", "groom");
4253 set_metric("thread_busy", "role", "groom", 0);
4254 }
4255
4256 scanq.done_idle();
4257 }
4258
4259 return 0;
4260 }
4261
4262
4263 ////////////////////////////////////////////////////////////////////////
4264
4265
4266 static void
signal_handler(int)4267 signal_handler (int /* sig */)
4268 {
4269 interrupted ++;
4270
4271 if (db)
4272 sqlite3_interrupt (db);
4273 if (dbq)
4274 sqlite3_interrupt (dbq);
4275
4276 // NB: don't do anything else in here
4277 }
4278
4279 static void
sigusr1_handler(int)4280 sigusr1_handler (int /* sig */)
4281 {
4282 sigusr1 ++;
4283 // NB: don't do anything else in here
4284 }
4285
4286 static void
sigusr2_handler(int)4287 sigusr2_handler (int /* sig */)
4288 {
4289 sigusr2 ++;
4290 // NB: don't do anything else in here
4291 }
4292
4293
4294 static void // error logging callback from libmicrohttpd internals
error_cb(void * arg,const char * fmt,va_list ap)4295 error_cb (void *arg, const char *fmt, va_list ap)
4296 {
4297 (void) arg;
4298 inc_metric("error_count","libmicrohttpd",fmt);
4299 char errmsg[512];
4300 (void) vsnprintf (errmsg, sizeof(errmsg), fmt, ap); // ok if slightly truncated
4301 obatched(cerr) << "libmicrohttpd error: " << errmsg; // MHD_DLOG calls already include \n
4302 }
4303
4304
4305 // A user-defined sqlite function, to score the sharedness of the
4306 // prefix of two strings. This is used to compare candidate debuginfo
4307 // / source-rpm names, so that the closest match
4308 // (directory-topology-wise closest) is found. This is important in
4309 // case the same sref (source file name) is in many -debuginfo or
4310 // -debugsource RPMs, such as when multiple versions/releases of the
4311 // same package are in the database.
4312
sqlite3_sharedprefix_fn(sqlite3_context * c,int argc,sqlite3_value ** argv)4313 static void sqlite3_sharedprefix_fn (sqlite3_context* c, int argc, sqlite3_value** argv)
4314 {
4315 if (argc != 2)
4316 sqlite3_result_error(c, "expect 2 string arguments", -1);
4317 else if ((sqlite3_value_type(argv[0]) != SQLITE_TEXT) ||
4318 (sqlite3_value_type(argv[1]) != SQLITE_TEXT))
4319 sqlite3_result_null(c);
4320 else
4321 {
4322 const unsigned char* a = sqlite3_value_text (argv[0]);
4323 const unsigned char* b = sqlite3_value_text (argv[1]);
4324 int i = 0;
4325 while (*a != '\0' && *b != '\0' && *a++ == *b++)
4326 i++;
4327 sqlite3_result_int (c, i);
4328 }
4329 }
4330
4331
4332 static unsigned
default_concurrency()4333 default_concurrency() // guaranteed >= 1
4334 {
4335 // Prior to PR29975 & PR29976, we'd just use this:
4336 unsigned sth = std::thread::hardware_concurrency();
4337 // ... but on many-CPU boxes, admins or distros may throttle
4338 // resources in such a way that debuginfod would mysteriously fail.
4339 // So we reduce the defaults:
4340
4341 unsigned aff = 0;
4342 #ifdef HAVE_SCHED_GETAFFINITY
4343 {
4344 int ret;
4345 cpu_set_t mask;
4346 CPU_ZERO(&mask);
4347 ret = sched_getaffinity(0, sizeof(mask), &mask);
4348 if (ret == 0)
4349 aff = CPU_COUNT(&mask);
4350 }
4351 #endif
4352
4353 unsigned fn = 0;
4354 #ifdef HAVE_GETRLIMIT
4355 {
4356 struct rlimit rlim;
4357 int rc = getrlimit(RLIMIT_NOFILE, &rlim);
4358 if (rc == 0)
4359 fn = max((rlim_t)1, (rlim.rlim_cur - 100) / 4);
4360 // at least 2 fds are used by each listener thread etc.
4361 // plus a bunch to account for shared libraries and such
4362 }
4363 #endif
4364
4365 unsigned d = min(max(sth, 1U),
4366 min(max(aff, 1U),
4367 max(fn, 1U)));
4368 return d;
4369 }
4370
4371
4372 // 30879: Something to help out in case of an uncaught exception.
my_terminate_handler()4373 void my_terminate_handler()
4374 {
4375 #if defined(__GLIBC__)
4376 void *array[40];
4377 int size = backtrace (array, 40);
4378 backtrace_symbols_fd (array, size, STDERR_FILENO);
4379 #endif
4380 #if defined(__GLIBCXX__) || defined(__GLIBCPP__)
4381 __gnu_cxx::__verbose_terminate_handler();
4382 #endif
4383 abort();
4384 }
4385
4386
4387 int
main(int argc,char * argv[])4388 main (int argc, char *argv[])
4389 {
4390 (void) setlocale (LC_ALL, "");
4391 (void) bindtextdomain (PACKAGE_TARNAME, LOCALEDIR);
4392 (void) textdomain (PACKAGE_TARNAME);
4393
4394 std::set_terminate(& my_terminate_handler);
4395
4396 /* Tell the library which version we are expecting. */
4397 elf_version (EV_CURRENT);
4398
4399 tmpdir = string(getenv("TMPDIR") ?: "/tmp");
4400
4401 /* Set computed default values. */
4402 db_path = string(getenv("HOME") ?: "/") + string("/.debuginfod.sqlite"); /* XDG? */
4403 int rc = regcomp (& file_include_regex, ".*", REG_EXTENDED|REG_NOSUB); // match everything
4404 if (rc != 0)
4405 error (EXIT_FAILURE, 0, "regcomp failure: %d", rc);
4406 rc = regcomp (& file_exclude_regex, "^$", REG_EXTENDED|REG_NOSUB); // match nothing
4407 if (rc != 0)
4408 error (EXIT_FAILURE, 0, "regcomp failure: %d", rc);
4409
4410 // default parameters for fdcache are computed from system stats
4411 struct statfs sfs;
4412 rc = statfs(tmpdir.c_str(), &sfs);
4413 if (rc < 0)
4414 fdcache_mbs = 1024; // 1 gigabyte
4415 else
4416 fdcache_mbs = sfs.f_bavail * sfs.f_bsize / 1024 / 1024 / 4; // 25% of free space
4417 fdcache_mintmp = 25; // emergency flush at 25% remaining (75% full)
4418 fdcache_prefetch = 64; // guesstimate storage is this much less costly than re-decompression
4419 fdcache_fds = (concurrency + fdcache_prefetch) * 2;
4420
4421 /* Parse and process arguments. */
4422 int remaining;
4423 (void) argp_parse (&argp, argc, argv, ARGP_IN_ORDER, &remaining, NULL);
4424 if (remaining != argc)
4425 error (EXIT_FAILURE, 0,
4426 "unexpected argument: %s", argv[remaining]);
4427
4428 // Make the prefetch cache spaces a fraction of the main fdcache if
4429 // unspecified.
4430 if (fdcache_prefetch_fds == 0)
4431 fdcache_prefetch_fds = fdcache_fds / 2;
4432 if (fdcache_prefetch_mbs == 0)
4433 fdcache_prefetch_mbs = fdcache_mbs / 2;
4434
4435 if (scan_archives.size()==0 && !scan_files && source_paths.size()>0)
4436 obatched(clog) << "warning: without -F -R -U -Z, ignoring PATHs" << endl;
4437
4438 fdcache.limit(fdcache_fds, fdcache_mbs, fdcache_prefetch_fds, fdcache_prefetch_mbs);
4439
4440 (void) signal (SIGPIPE, SIG_IGN); // microhttpd can generate it incidentally, ignore
4441 (void) signal (SIGINT, signal_handler); // ^C
4442 (void) signal (SIGHUP, signal_handler); // EOF
4443 (void) signal (SIGTERM, signal_handler); // systemd
4444 (void) signal (SIGUSR1, sigusr1_handler); // end-user
4445 (void) signal (SIGUSR2, sigusr2_handler); // end-user
4446
4447 /* Get database ready. */
4448 if (! passive_p)
4449 {
4450 rc = sqlite3_open_v2 (db_path.c_str(), &db, (SQLITE_OPEN_READWRITE
4451 |SQLITE_OPEN_URI
4452 |SQLITE_OPEN_PRIVATECACHE
4453 |SQLITE_OPEN_CREATE
4454 |SQLITE_OPEN_FULLMUTEX), /* thread-safe */
4455 NULL);
4456 if (rc == SQLITE_CORRUPT)
4457 {
4458 (void) unlink (db_path.c_str());
4459 error (EXIT_FAILURE, 0,
4460 "cannot open %s, deleted database: %s", db_path.c_str(), sqlite3_errmsg(db));
4461 }
4462 else if (rc)
4463 {
4464 error (EXIT_FAILURE, 0,
4465 "cannot open %s, consider deleting database: %s", db_path.c_str(), sqlite3_errmsg(db));
4466 }
4467 }
4468
4469 // open the readonly query variant
4470 // NB: PRIVATECACHE allows web queries to operate in parallel with
4471 // much other grooming/scanning operation.
4472 rc = sqlite3_open_v2 (db_path.c_str(), &dbq, (SQLITE_OPEN_READONLY
4473 |SQLITE_OPEN_URI
4474 |SQLITE_OPEN_PRIVATECACHE
4475 |SQLITE_OPEN_FULLMUTEX), /* thread-safe */
4476 NULL);
4477 if (rc)
4478 {
4479 error (EXIT_FAILURE, 0,
4480 "cannot open %s, consider deleting database: %s", db_path.c_str(), sqlite3_errmsg(dbq));
4481 }
4482
4483
4484 obatched(clog) << "opened database " << db_path
4485 << (db?" rw":"") << (dbq?" ro":"") << endl;
4486 obatched(clog) << "sqlite version " << sqlite3_version << endl;
4487 obatched(clog) << "service mode " << (passive_p ? "passive":"active") << endl;
4488
4489 // add special string-prefix-similarity function used in rpm sref/sdef resolution
4490 rc = sqlite3_create_function(dbq, "sharedprefix", 2, SQLITE_UTF8, NULL,
4491 & sqlite3_sharedprefix_fn, NULL, NULL);
4492 if (rc != SQLITE_OK)
4493 error (EXIT_FAILURE, 0,
4494 "cannot create sharedprefix function: %s", sqlite3_errmsg(dbq));
4495
4496 if (! passive_p)
4497 {
4498 if (verbose > 3)
4499 obatched(clog) << "ddl: " << DEBUGINFOD_SQLITE_DDL << endl;
4500 rc = sqlite3_exec (db, DEBUGINFOD_SQLITE_DDL, NULL, NULL, NULL);
4501 if (rc != SQLITE_OK)
4502 {
4503 error (EXIT_FAILURE, 0,
4504 "cannot run database schema ddl: %s", sqlite3_errmsg(db));
4505 }
4506 }
4507
4508 obatched(clog) << "libmicrohttpd version " << MHD_get_version() << endl;
4509
4510 /* If '-C' wasn't given or was given with no arg, pick a reasonable default
4511 for the number of worker threads. */
4512 if (connection_pool == 0)
4513 connection_pool = default_concurrency();
4514
4515 /* Note that MHD_USE_EPOLL and MHD_USE_THREAD_PER_CONNECTION don't
4516 work together. */
4517 unsigned int use_epoll = 0;
4518 #if MHD_VERSION >= 0x00095100
4519 use_epoll = MHD_USE_EPOLL;
4520 #endif
4521
4522 unsigned int mhd_flags = (
4523 #if MHD_VERSION >= 0x00095300
4524 MHD_USE_INTERNAL_POLLING_THREAD
4525 #else
4526 MHD_USE_SELECT_INTERNALLY
4527 #endif
4528 | MHD_USE_DUAL_STACK
4529 | use_epoll
4530 #if MHD_VERSION >= 0x00095200
4531 | MHD_USE_ITC
4532 #endif
4533 | MHD_USE_DEBUG); /* report errors to stderr */
4534
4535 // Start httpd server threads. Use a single dual-homed pool.
4536 MHD_Daemon *d46 = MHD_start_daemon (mhd_flags, http_port,
4537 NULL, NULL, /* default accept policy */
4538 handler_cb, NULL, /* handler callback */
4539 MHD_OPTION_EXTERNAL_LOGGER,
4540 error_cb, NULL,
4541 MHD_OPTION_THREAD_POOL_SIZE,
4542 (int)connection_pool,
4543 MHD_OPTION_END);
4544
4545 MHD_Daemon *d4 = NULL;
4546 if (d46 == NULL)
4547 {
4548 // Cannot use dual_stack, use ipv4 only
4549 mhd_flags &= ~(MHD_USE_DUAL_STACK);
4550 d4 = MHD_start_daemon (mhd_flags, http_port,
4551 NULL, NULL, /* default accept policy */
4552 handler_cb, NULL, /* handler callback */
4553 MHD_OPTION_EXTERNAL_LOGGER,
4554 error_cb, NULL,
4555 (connection_pool
4556 ? MHD_OPTION_THREAD_POOL_SIZE
4557 : MHD_OPTION_END),
4558 (connection_pool
4559 ? (int)connection_pool
4560 : MHD_OPTION_END),
4561 MHD_OPTION_END);
4562 if (d4 == NULL)
4563 {
4564 sqlite3 *database = db;
4565 sqlite3 *databaseq = dbq;
4566 db = dbq = 0; // for signal_handler not to freak
4567 sqlite3_close (databaseq);
4568 sqlite3_close (database);
4569 error (EXIT_FAILURE, 0, "cannot start http server at port %d",
4570 http_port);
4571 }
4572
4573 }
4574 obatched(clog) << "started http server on"
4575 << (d4 != NULL ? " IPv4 " : " IPv4 IPv6 ")
4576 << "port=" << http_port << endl;
4577
4578 // add maxigroom sql if -G given
4579 if (maxigroom)
4580 {
4581 obatched(clog) << "maxigrooming database, please wait." << endl;
4582 extra_ddl.push_back("create index if not exists " BUILDIDS "_r_sref_arc on " BUILDIDS "_r_sref(artifactsrc);");
4583 extra_ddl.push_back("delete from " BUILDIDS "_r_sdef where not exists (select 1 from " BUILDIDS "_r_sref b where " BUILDIDS "_r_sdef.content = b.artifactsrc);");
4584 extra_ddl.push_back("drop index if exists " BUILDIDS "_r_sref_arc;");
4585
4586 // NB: we don't maxigroom the _files interning table. It'd require a temp index on all the
4587 // tables that have file foreign-keys, which is a lot.
4588
4589 // NB: with =delete, may take up 3x disk space total during vacuum process
4590 // vs. =off (only 2x but may corrupt database if program dies mid-vacuum)
4591 // vs. =wal (>3x observed, but safe)
4592 extra_ddl.push_back("pragma journal_mode=delete;");
4593 extra_ddl.push_back("vacuum;");
4594 extra_ddl.push_back("pragma journal_mode=wal;");
4595 }
4596
4597 // run extra -D sql if given
4598 if (! passive_p)
4599 for (auto&& i: extra_ddl)
4600 {
4601 if (verbose > 1)
4602 obatched(clog) << "extra ddl:\n" << i << endl;
4603 rc = sqlite3_exec (db, i.c_str(), NULL, NULL, NULL);
4604 if (rc != SQLITE_OK && rc != SQLITE_DONE && rc != SQLITE_ROW)
4605 error (0, 0,
4606 "warning: cannot run database extra ddl %s: %s", i.c_str(), sqlite3_errmsg(db));
4607
4608 if (maxigroom)
4609 obatched(clog) << "maxigroomed database" << endl;
4610 }
4611
4612 if (! passive_p)
4613 obatched(clog) << "search concurrency " << concurrency << endl;
4614 obatched(clog) << "webapi connection pool " << connection_pool
4615 << (connection_pool ? "" : " (unlimited)") << endl;
4616 if (! passive_p) {
4617 obatched(clog) << "rescan time " << rescan_s << endl;
4618 obatched(clog) << "scan checkpoint " << scan_checkpoint << endl;
4619 }
4620 obatched(clog) << "fdcache fds " << fdcache_fds << endl;
4621 obatched(clog) << "fdcache mbs " << fdcache_mbs << endl;
4622 obatched(clog) << "fdcache prefetch " << fdcache_prefetch << endl;
4623 obatched(clog) << "fdcache tmpdir " << tmpdir << endl;
4624 obatched(clog) << "fdcache tmpdir min% " << fdcache_mintmp << endl;
4625 if (! passive_p)
4626 obatched(clog) << "groom time " << groom_s << endl;
4627 obatched(clog) << "prefetch fds " << fdcache_prefetch_fds << endl;
4628 obatched(clog) << "prefetch mbs " << fdcache_prefetch_mbs << endl;
4629 obatched(clog) << "forwarded ttl limit " << forwarded_ttl_limit << endl;
4630
4631 if (scan_archives.size()>0)
4632 {
4633 obatched ob(clog);
4634 auto& o = ob << "accepting archive types ";
4635 for (auto&& arch : scan_archives)
4636 o << arch.first << "(" << arch.second << ") ";
4637 o << endl;
4638 }
4639 const char* du = getenv(DEBUGINFOD_URLS_ENV_VAR);
4640 if (du && du[0] != '\0') // set to non-empty string?
4641 obatched(clog) << "upstream debuginfod servers: " << du << endl;
4642
4643 vector<pthread_t> all_threads;
4644
4645 if (! passive_p)
4646 {
4647 pthread_t pt;
4648 rc = pthread_create (& pt, NULL, thread_main_groom, NULL);
4649 if (rc)
4650 error (EXIT_FAILURE, rc, "cannot spawn thread to groom database\n");
4651 else
4652 {
4653 #ifdef HAVE_PTHREAD_SETNAME_NP
4654 (void) pthread_setname_np (pt, "groom");
4655 #endif
4656 all_threads.push_back(pt);
4657 }
4658
4659 if (scan_files || scan_archives.size() > 0)
4660 {
4661 if (scan_checkpoint > 0)
4662 scan_barrier = new sqlite_checkpoint_pb(concurrency, (unsigned) scan_checkpoint);
4663
4664 rc = pthread_create (& pt, NULL, thread_main_fts_source_paths, NULL);
4665 if (rc)
4666 error (EXIT_FAILURE, rc, "cannot spawn thread to traverse source paths\n");
4667 #ifdef HAVE_PTHREAD_SETNAME_NP
4668 (void) pthread_setname_np (pt, "traverse");
4669 #endif
4670 all_threads.push_back(pt);
4671
4672 for (unsigned i=0; i<concurrency; i++)
4673 {
4674 rc = pthread_create (& pt, NULL, thread_main_scanner, NULL);
4675 if (rc)
4676 error (EXIT_FAILURE, rc, "cannot spawn thread to scan source files / archives\n");
4677 #ifdef HAVE_PTHREAD_SETNAME_NP
4678 (void) pthread_setname_np (pt, "scan");
4679 #endif
4680 all_threads.push_back(pt);
4681 }
4682 }
4683 }
4684
4685 /* Trivial main loop! */
4686 set_metric("ready", 1);
4687 while (! interrupted)
4688 pause ();
4689 scanq.nuke(); // wake up any remaining scanq-related threads, let them die
4690 if (scan_barrier) scan_barrier->nuke(); // ... in case they're stuck in a barrier
4691 set_metric("ready", 0);
4692
4693 if (verbose)
4694 obatched(clog) << "stopping" << endl;
4695
4696 /* Join all our threads. */
4697 for (auto&& it : all_threads)
4698 pthread_join (it, NULL);
4699
4700 /* Stop all the web service threads. */
4701 if (d46) MHD_stop_daemon (d46);
4702 if (d4) MHD_stop_daemon (d4);
4703
4704 if (! passive_p)
4705 {
4706 /* With all threads known dead, we can clean up the global resources. */
4707 rc = sqlite3_exec (db, DEBUGINFOD_SQLITE_CLEANUP_DDL, NULL, NULL, NULL);
4708 if (rc != SQLITE_OK)
4709 {
4710 error (0, 0,
4711 "warning: cannot run database cleanup ddl: %s", sqlite3_errmsg(db));
4712 }
4713 }
4714
4715 debuginfod_pool_groom ();
4716 delete scan_barrier;
4717
4718 // NB: no problem with unconditional free here - an earlier failed regcomp would exit program
4719 (void) regfree (& file_include_regex);
4720 (void) regfree (& file_exclude_regex);
4721
4722 sqlite3 *database = db;
4723 sqlite3 *databaseq = dbq;
4724 db = dbq = 0; // for signal_handler not to freak
4725 (void) sqlite3_close (databaseq);
4726 if (! passive_p)
4727 (void) sqlite3_close (database);
4728
4729 return 0;
4730 }
4731