Fix imex race condition, (#2255)

fix #2254: if the DB was closed without calling stop_io() and then an interrupt arrives (e.g. incoming message), the db was corrupted. * Add result.log() for logging with less boilerplate code * Bugfix: Resultify housekeeping() to make it abort if the db is closed instead of just deleting everything * Require the UI to call dc_stop_io() before backup export * Prepare a bit better for closed-db: Resultify get_uidvalidity and get_uid_next and let job::load_next() wait until the db is open About the bug (before this PR): if the DB was closed without calling stop_io() and then an interrupt arrives (e.g. incoming message): - I don't know if it downloads the message, but of course at some point the process of receiving the message will fail - In my test, DC is just in the process of moving a message when the imex starts, but then can't delete the job or update the msg server_uid - Then, when job::load_next() is called, no job can be loaded. That's why it calls `load_housekeeping_job()`. As `load_housekeeping_job()` can't load the time of the last housekeeping, it assumes we never ran housekeeping and returns a new Housekeeping job, which is immediately executed. - housekeeping can't find any blobs referenced in the db and therefore deletes almost all blobs.
2026-05-01 20:36:31 +03:00 · 2021-03-02 10:25:02 +01:00
parent a698a8dd84
commit 2a39dc06e9
13 changed files with 231 additions and 70 deletions
--- a/src/imex.rs
+++ b/src/imex.rs
@@ -11,7 +11,6 @@ use async_std::{
 };
 use rand::{thread_rng, Rng};

-use crate::blob::BlobObject;
 use crate::chat;
 use crate::chat::delete_and_reset_all_device_msgs;
 use crate::config::Config;
@@ -30,6 +29,7 @@ use crate::param::Param;
 use crate::pgp;
 use crate::sql::{self, Sql};
 use crate::stock_str;
+use crate::{blob::BlobObject, log::LogExt};
 use ::pgp::types::KeyTrait;
 use async_tar::Archive;

@@ -496,6 +496,10 @@ async fn import_backup(context: &Context, backup_to_import: impl AsRef<Path>) ->
        !context.is_configured().await,
        "Cannot import backups to accounts in use."
    );
+    ensure!(
+        !context.scheduler.read().await.is_running(),
+        "cannot import backup, IO already running"
+    );
    context.sql.close().await;
    dc_delete_file(context, context.get_dbfile()).await;
    ensure!(
@@ -563,6 +567,10 @@ async fn import_backup_old(context: &Context, backup_to_import: impl AsRef<Path>
        !context.is_configured().await,
        "Cannot import backups to accounts in use."
    );
+    ensure!(
+        !context.scheduler.read().await.is_running(),
+        "cannot import backup, IO already running"
+    );
    context.sql.close().await;
    dc_delete_file(context, context.get_dbfile()).await;
    ensure!(
@@ -668,7 +676,7 @@ async fn export_backup(context: &Context, dir: impl AsRef<Path>) -> Result<()> {
        .sql
        .set_raw_config_int(context, "backup_time", now as i32)
        .await?;
-    sql::housekeeping(context).await;
+    sql::housekeeping(context).await.log(context);

    context
        .sql
@@ -676,6 +684,11 @@ async fn export_backup(context: &Context, dir: impl AsRef<Path>) -> Result<()> {
        .await
        .map_err(|e| warn!(context, "Vacuum failed, exporting anyway {}", e));

+    ensure!(
+        !context.scheduler.read().await.is_running(),
+        "cannot export backup, IO already running"
+    );
+
    // we close the database during the export
    context.sql.close().await;