[lisp] / safely.lisp

;;; -*-lisp-*-
;;;
;;; $Id$
;;;
;;; Safely modify collections of files
;;;
;;; (c) 2005 Straylight/Edgeware
;;;

;;;----- Licensing notice ---------------------------------------------------
;;;
;;; This program is free software; you can redistribute it and/or modify
;;; it under the terms of the GNU General Public License as published by
;;; the Free Software Foundation; either version 2 of the License, or
;;; (at your option) any later version.
;;;
;;; This program is distributed in the hope that it will be useful,
;;; but WITHOUT ANY WARRANTY; without even the implied warranty of
;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
;;; GNU General Public License for more details.
;;;
;;; You should have received a copy of the GNU General Public License
;;; along with this program; if not, write to the Free Software Foundation,
;;; Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.

(defpackage #:safely
  (:use #:common-lisp #:mdw.base)
  (:export #:safely #:safely-close #:safely-delete-file
	   #:safely-open-output-stream #:safely-bail #:safely-commit
	   #:safely-writing))
(in-package #:safely)

#+(or cmu sbcl)
(eval-when (:compile-toplevel :execute)
  (import #+cmu '(ext:unix-namestring unix:unix-link)
	  #+sbcl '(sb-int:unix-namestring)))

(defstruct (safely (:predicate safelyp))
  "Stores information about how to commit or undo safe writes."
  (streams nil)
  (trail nil))

(defun safely-close (safe stream)
  "Make sure that STREAM is closed when SAFE is finished."
  (push stream (safely-streams safe)))

(defun safely-delete-file (safe file)
  "Delete FILE when SAFE is committed."
  (push `(:delete ,file) (safely-trail safe)))

(defun generate-fresh-file-name (base tag &optional func)
  "Return a fresh file name constructed from BASE (a filespec) and TAG (some
   short descriptive string).  The generated name has the same directory and
   type as the BASE name, but a different name.

   If FUNC is non-nil, then it is a function to call on the generated file
   name: generate-fresh-file-name runs in a loop, calling FUNC with generated
   file names until FUNC returns non-nil, at which point generate-fresh-
   file-name returns two values: the generated name, and the result of FUNC.
   generate-fresh-file-name catches errors of type file-error from FUNC, and
   just tries again with a new name.

   If FUNC is nil, it's treated the same as a function which always returns
   t.

   This is inspired by a similar facility in scsh."
  (let ((base (pathname base)))
    (dotimes (i 256
	      (error "Gave up trying to find a temporary ~A file for ~S."
		     tag base))
      (let* ((new (merge-pathnames
		   (make-pathname
		    :name (format nil "~A-~A-~X"
				  (pathname-name base)
				  tag
				  (random most-positive-fixnum)))
		   base))
	     (ret (and (not (probe-file new))
		       (if func
			   (handler-case (funcall func new)
			     (file-error (cond)
			       (unless (pathname-match-p
					(file-error-pathname cond)
					new)
				 (error cond))
			       nil))
			   t))))
	(when ret
	  (return (values new ret)))))))

(defun safely-open-output-stream (safe file &rest open-args)
  "Create an output stream which will be named FILE when SAFE is committed.
   Other OPEN-ARGS are passed to open."
  (multiple-value-bind
      (name stream)
      (generate-fresh-file-name file "new"
				(lambda (name)
				  (apply #'open name
					 :direction :output
					 :if-exists nil
					 open-args)))
    (safely-close safe stream)
    (push `(:shunt ,name ,file)
	  (safely-trail safe))
    stream))

(declaim (inline rename))
(defun rename (old new)
  #-clisp (rename-file old new)
  #+clisp (posix:copy-file old new :method :rename))

(defun delete-file-without-moaning (file)
  "Delete the FILE, ignoring errors."
  (handler-case (delete-file file)
    (file-error () nil)))

(defun rename-file-without-moaning (old new)
  "Rename OLD to NEW, ignoring errors, and without doing any stupid name
   mangling."
  (handler-case (rename old new)
    (file-error () nil)))

(defun safely-unwind (trail)
  "Roll back the TRAIL of operations."
  (dolist (job trail)
    (ecase (car job)
      (:shunt (destructuring-bind (new file) (cdr job)
		(declare (ignore file))
		(delete-file-without-moaning new)))
      (:delete)
      (:rmtmp (destructuring-bind (file) (cdr job)
		(delete-file-without-moaning file)))
      (:revert (destructuring-bind (old new) (cdr job)
		 (rename-file-without-moaning old new))))))

(defun safely-reset (safe)
  "Reset SAFE to its initial state."
  (setf (safely-streams safe) nil)
  (setf (safely-trail safe) nil))

(defun safely-bail (safe)
  "Abort the operations in SAFE, unwinding all the things that have been
   done.  Streams are closed, new files are removed."
  (dolist (stream (safely-streams safe))
    (close stream :abort t))
  (safely-unwind (safely-trail safe))
  (safely-reset safe))

#+sbcl
(defun unix-link (from to)
  (sb-unix::int-syscall ("link" sb-alien:c-string sb-alien:c-string)
			from to))

(defun safe-copy (file tag)
  "Make a copy of the FILE.  Return the new name."

  #+(or cmu sbcl)
  ;; Use link(2) where available.
  (generate-fresh-file-name file tag
			    (lambda (name)
			      (let ((from (unix-namestring file t))
				    (to (unix-namestring name nil)))
				(and from to
				     (unix-link from to)))))

  #+clisp
  (generate-fresh-file-name file tag
			    (lambda (name)
			      (posix:copy-file (namestring file)
					       (namestring name)
					       :method :hardlink
					       :if-exists nil)))


  #-(or cmu sbcl)
  ;; Otherwise just copy the file contents and hope for the best.
  (with-open-file (input file :element-type :default)
    (multiple-value-bind
	(copy output)
	(generate-fresh-file-name file tag
				  (lambda (name)
				    (open name
					  :direction :output
					  :if-exists nil
					  :element-type :default)))
      (unwind-protect
	   (progn
	     (let ((buffer (make-array 8192
				       :element-type (stream-element-type
						      input))))
	       (loop
		 (let ((read (read-sequence buffer input)))
		   (when (plusp read)
		     (write-sequence buffer output :end read))
		   (when (< read (length buffer))
		     (return copy))))))
	(close output)))))

(defun safely-commit (safe)
  "Commit SAFE.  The files deleted by safely-delete-file are deleted; the
   files created by safely-open-output-stream are renamed over the old
   versions, if any.  If a problem occurs during this stage, everything is
   rewound and no changes are made."
  (let ((trail (safely-trail safe))
	(revert nil)
	(cleanup nil))
    (unwind-protect
	(progn
	  (dolist (stream (safely-streams safe))
	    (close stream))
	  (loop
	    (unless trail
	      (return))
	      (let ((job (pop trail)))
		(ecase (car job)
		  (:shunt (destructuring-bind (tag new file) job
			    (declare (ignore tag))
			    (push `(:rmtmp ,new) revert)
			    (if (probe-file file)
				(let ((old (safe-copy file "old")))
				  (push `(:rmtmp ,old) cleanup)
				  (push `(:revert ,old ,file) revert))
				(push `(:rmtmp ,file) revert))
			    (rename new file)))
		  (:delete (destructuring-bind (tag file) job
			     (declare (ignore tag))
			     (let ((old (safe-copy file "delete")))
			       (push `(:revert ,old ,file) revert)
			       (push `(:rmtmp ,old) cleanup)
			       (delete-file file)))))))
	  (setf revert nil))
      (safely-unwind trail)
      (safely-unwind revert)
      (safely-unwind cleanup)
      (safely-reset safe))))

(defmacro safely ((safe &key) &body body)
  "Do stuff within the BODY safely.  If BODY completes without errors, the
   SAFE is committed; otherwise it's bailed."
  `(let ((,safe (make-safely)))
     (unwind-protect
	 (progn
	   ,@body
	   (safely-commit ,safe)
	   (setf ,safe nil))
       (when ,safe
	 (safely-bail ,safe)))))

(defmacro safely-writing ((stream file &rest open-args) &body body)
  "Simple macro for writing a single file safely.  STREAM is opened onto a
   temporary file, and if BODY completes, it is renamed to FILE."
  (with-gensyms safe
    `(safely (,safe)
       (let ((,stream (safely-open-output-stream ,safe ,file ,@open-args)))
	 ,@body))))

;;;----- That's all, folks --------------------------------------------------
Commit	Line	Data
861345b4	1	;;; --lisp--
	2	;;;
	3	;;; $Id$
	4	;;;
	5	;;; Safely modify collections of files
	6	;;;
	7	;;; (c) 2005 Straylight/Edgeware
	8	;;;
	9
	10	;;;----- Licensing notice ---------------------------------------------------
	11	;;;
	12	;;; This program is free software; you can redistribute it and/or modify
	13	;;; it under the terms of the GNU General Public License as published by
	14	;;; the Free Software Foundation; either version 2 of the License, or
	15	;;; (at your option) any later version.
b2c12b4e	16	;;;
861345b4	17	;;; This program is distributed in the hope that it will be useful,
	18	;;; but WITHOUT ANY WARRANTY; without even the implied warranty of
	19	;;; MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
	20	;;; GNU General Public License for more details.
b2c12b4e	21	;;;
861345b4	22	;;; You should have received a copy of the GNU General Public License
	23	;;; along with this program; if not, write to the Free Software Foundation,
	24	;;; Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
	25
0b3651e5	26	(defpackage #:safely
623291d2	27	(:use #:common-lisp #:mdw.base)
861345b4	28	(:export #:safely #:safely-close #:safely-delete-file
	29	#:safely-open-output-stream #:safely-bail #:safely-commit
	30	#:safely-writing))
0b3651e5	31	(in-package #:safely)
861345b4	32
d7d81997 MW	33	#+(or cmu sbcl)
	34	(eval-when (:compile-toplevel :execute)
	35	(import #+cmu '(ext:unix-namestring unix:unix-link)
	36	#+sbcl '(sb-int:unix-namestring)))
	37
861345b4	38	(defstruct (safely (:predicate safelyp))
	39	"Stores information about how to commit or undo safe writes."
	40	(streams nil)
	41	(trail nil))
5e04ac39	42
861345b4	43	(defun safely-close (safe stream)
	44	"Make sure that STREAM is closed when SAFE is finished."
	45	(push stream (safely-streams safe)))
5e04ac39	46
861345b4	47	(defun safely-delete-file (safe file)
861345b4	48	"Delete FILE when SAFE is committed."
623291d2 MW	49	(push `(:delete ,file) (safely-trail safe)))
	50
	51	(defun generate-fresh-file-name (base tag &optional func)
	52	"Return a fresh file name constructed from BASE (a filespec) and TAG (some
	53	short descriptive string). The generated name has the same directory and
	54	type as the BASE name, but a different name.
	55
	56	If FUNC is non-nil, then it is a function to call on the generated file
	57	name: generate-fresh-file-name runs in a loop, calling FUNC with generated
	58	file names until FUNC returns non-nil, at which point generate-fresh-
	59	file-name returns two values: the generated name, and the result of FUNC.
	60	generate-fresh-file-name catches errors of type file-error from FUNC, and
	61	just tries again with a new name.
	62
	63	If FUNC is nil, it's treated the same as a function which always returns
	64	t.
	65
	66	This is inspired by a similar facility in scsh."
	67	(let ((base (pathname base)))
	68	(dotimes (i 256
	69	(error "Gave up trying to find a temporary ~A file for ~S."
	70	tag base))
	71	(let* ((new (merge-pathnames
	72	(make-pathname
	73	:name (format nil "~A-~A-~X"
	74	(pathname-name base)
	75	tag
	76	(random most-positive-fixnum)))
	77	base))
	78	(ret (and (not (probe-file new))
	79	(if func
	80	(handler-case (funcall func new)
	81	(file-error (cond)
	82	(unless (pathname-match-p
	83	(file-error-pathname cond)
	84	new)
	85	(error cond))
	86	nil))
	87	t))))
	88	(when ret
	89	(return (values new ret)))))))
5e04ac39	90
861345b4	91	(defun safely-open-output-stream (safe file &rest open-args)
861345b4	92	"Create an output stream which will be named FILE when SAFE is committed.
0ff9df03	93	Other OPEN-ARGS are passed to open."
623291d2 MW	94	(multiple-value-bind
	95	(name stream)
	96	(generate-fresh-file-name file "new"
	97	(lambda (name)
	98	(apply #'open name
	99	:direction :output
	100	:if-exists nil
	101	open-args)))
861345b4	102	(safely-close safe stream)
623291d2	103	(push `(:shunt ,name ,file)
861345b4	104	(safely-trail safe))
861345b4	105	stream))
5e04ac39	106
443fcfc4 MW	107	(declaim (inline rename))
	108	(defun rename (old new)
	109	#-clisp (rename-file old new)
	110	#+clisp (posix:copy-file old new :method :rename))
	111
861345b4	112	(defun delete-file-without-moaning (file)
861345b4	113	"Delete the FILE, ignoring errors."
623291d2 MW	114	(handler-case (delete-file file)
623291d2 MW	115	(file-error () nil)))
5e04ac39	116
861345b4	117	(defun rename-file-without-moaning (old new)
861345b4	118	"Rename OLD to NEW, ignoring errors, and without doing any stupid name
0ff9df03	119	mangling."
443fcfc4	120	(handler-case (rename old new)
623291d2	121	(file-error () nil)))
5e04ac39	122
861345b4	123	(defun safely-unwind (trail)
	124	"Roll back the TRAIL of operations."
	125	(dolist (job trail)
	126	(ecase (car job)
623291d2 MW	127	(:shunt (destructuring-bind (new file) (cdr job)
623291d2 MW	128	(declare (ignore file))
861345b4	129	(delete-file-without-moaning new)))
861345b4	130	(:delete)
623291d2	131	(:rmtmp (destructuring-bind (file) (cdr job)
861345b4	132	(delete-file-without-moaning file)))
623291d2	133	(:revert (destructuring-bind (old new) (cdr job)
861345b4	134	(rename-file-without-moaning old new))))))
5e04ac39	135
861345b4	136	(defun safely-reset (safe)
	137	"Reset SAFE to its initial state."
	138	(setf (safely-streams safe) nil)
	139	(setf (safely-trail safe) nil))
5e04ac39	140
861345b4	141	(defun safely-bail (safe)
861345b4	142	"Abort the operations in SAFE, unwinding all the things that have been
0ff9df03	143	done. Streams are closed, new files are removed."
861345b4	144	(dolist (stream (safely-streams safe))
	145	(close stream :abort t))
	146	(safely-unwind (safely-trail safe))
	147	(safely-reset safe))
5e04ac39	148
d7d81997 MW	149	#+sbcl
	150	(defun unix-link (from to)
	151	(sb-unix::int-syscall ("link" sb-alien:c-string sb-alien:c-string)
	152	from to))
	153
623291d2 MW	154	(defun safe-copy (file tag)
	155	"Make a copy of the FILE. Return the new name."
	156
d7d81997	157	#+(or cmu sbcl)
623291d2 MW	158	;; Use link(2) where available.
	159	(generate-fresh-file-name file tag
	160	(lambda (name)
d7d81997 MW	161	(let ((from (unix-namestring file t))
d7d81997 MW	162	(to (unix-namestring name nil)))
623291d2	163	(and from to
d7d81997	164	(unix-link from to)))))
623291d2	165
443fcfc4 MW	166	#+clisp
	167	(generate-fresh-file-name file tag
	168	(lambda (name)
6a115035 MW	169	(posix:copy-file (namestring file)
	170	(namestring name)
	171	:method :hardlink
	172	:if-exists nil)))
	173
443fcfc4 MW	174
443fcfc4 MW	175
d7d81997	176	#-(or cmu sbcl)
623291d2 MW	177	;; Otherwise just copy the file contents and hope for the best.
	178	(with-open-file (input file :element-type :default)
	179	(multiple-value-bind
	180	(copy output)
	181	(generate-fresh-file-name file tag
	182	(lambda (name)
	183	(open name
	184	:direction :output
	185	:if-exists nil
	186	:element-type :default)))
	187	(unwind-protect
	188	(progn
	189	(let ((buffer (make-array 8192
	190	:element-type (stream-element-type
	191	input))))
	192	(loop
	193	(let ((read (read-sequence buffer input)))
	194	(when (plusp read)
	195	(write-sequence buffer output :end read))
	196	(when (< read (length buffer))
	197	(return copy))))))
	198	(close output)))))
b2c12b4e	199
861345b4	200	(defun safely-commit (safe)
861345b4	201	"Commit SAFE. The files deleted by safely-delete-file are deleted; the
0ff9df03 MW	202	files created by safely-open-output-stream are renamed over the old
	203	versions, if any. If a problem occurs during this stage, everything is
	204	rewound and no changes are made."
861345b4	205	(let ((trail (safely-trail safe))
	206	(revert nil)
	207	(cleanup nil))
	208	(unwind-protect
	209	(progn
	210	(dolist (stream (safely-streams safe))
	211	(close stream))
	212	(loop
	213	(unless trail
	214	(return))
	215	(let ((job (pop trail)))
	216	(ecase (car job)
623291d2	217	(:shunt (destructuring-bind (tag new file) job
861345b4	218	(declare (ignore tag))
861345b4	219	(push `(:rmtmp ,new) revert)
861345b4	220	(if (probe-file file)
623291d2 MW	221	(let ((old (safe-copy file "old")))
623291d2 MW	222	(push `(:rmtmp ,old) cleanup)
861345b4	223	(push `(:revert ,old ,file) revert))
861345b4	224	(push `(:rmtmp ,file) revert))
443fcfc4	225	(rename new file)))
623291d2	226	(:delete (destructuring-bind (tag file) job
861345b4	227	(declare (ignore tag))
623291d2 MW	228	(let ((old (safe-copy file "delete")))
	229	(push `(:revert ,old ,file) revert)
	230	(push `(:rmtmp ,old) cleanup)
	231	(delete-file file)))))))
861345b4	232	(setf revert nil))
	233	(safely-unwind trail)
	234	(safely-unwind revert)
	235	(safely-unwind cleanup)
	236	(safely-reset safe))))
5e04ac39	237
861345b4	238	(defmacro safely ((safe &key) &body body)
861345b4	239	"Do stuff within the BODY safely. If BODY completes without errors, the
0ff9df03	240	SAFE is committed; otherwise it's bailed."
861345b4	241	`(let ((,safe (make-safely)))
	242	(unwind-protect
	243	(progn
	244	,@body
	245	(safely-commit ,safe)
	246	(setf ,safe nil))
	247	(when ,safe
	248	(safely-bail ,safe)))))
5e04ac39	249
861345b4	250	(defmacro safely-writing ((stream file &rest open-args) &body body)
861345b4	251	"Simple macro for writing a single file safely. STREAM is opened onto a
0ff9df03	252	temporary file, and if BODY completes, it is renamed to FILE."
861345b4	253	(with-gensyms safe
861345b4	254	`(safely (,safe)
7413889a	255	(let ((,stream (safely-open-output-stream ,safe ,file ,@open-args)))
861345b4	256	,@body))))
	257
	258	;;;----- That's all, folks --------------------------------------------------