2006-06-06 21:51:49 +02:00
|
|
|
/*
|
|
|
|
* Copyright (c) 2005, Junio C Hamano
|
|
|
|
*/
|
|
|
|
#include "cache.h"
|
chain kill signals for cleanup functions
If a piece of code wanted to do some cleanup before exiting
(e.g., cleaning up a lockfile or a tempfile), our usual
strategy was to install a signal handler that did something
like this:
do_cleanup(); /* actual work */
signal(signo, SIG_DFL); /* restore previous behavior */
raise(signo); /* deliver signal, killing ourselves */
For a single handler, this works fine. However, if we want
to clean up two _different_ things, we run into a problem.
The most recently installed handler will run, but when it
removes itself as a handler, it doesn't put back the first
handler.
This patch introduces sigchain, a tiny library for handling
a stack of signal handlers. You sigchain_push each handler,
and use sigchain_pop to restore whoever was before you in
the stack.
Signed-off-by: Jeff King <peff@peff.net>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
2009-01-22 07:02:35 +01:00
|
|
|
#include "sigchain.h"
|
2006-06-06 21:51:49 +02:00
|
|
|
|
|
|
|
static struct lock_file *lock_file_list;
|
2007-04-01 08:27:41 +02:00
|
|
|
static const char *alternate_index_output;
|
2006-06-06 21:51:49 +02:00
|
|
|
|
|
|
|
static void remove_lock_file(void)
|
|
|
|
{
|
2007-04-21 12:11:10 +02:00
|
|
|
pid_t me = getpid();
|
|
|
|
|
2006-06-06 21:51:49 +02:00
|
|
|
while (lock_file_list) {
|
2007-04-21 12:11:10 +02:00
|
|
|
if (lock_file_list->owner == me &&
|
2007-11-13 21:05:03 +01:00
|
|
|
lock_file_list->filename[0]) {
|
2008-01-16 20:05:32 +01:00
|
|
|
if (lock_file_list->fd >= 0)
|
|
|
|
close(lock_file_list->fd);
|
2009-04-29 23:22:56 +02:00
|
|
|
unlink_or_warn(lock_file_list->filename);
|
2007-11-13 21:05:03 +01:00
|
|
|
}
|
2006-06-06 21:51:49 +02:00
|
|
|
lock_file_list = lock_file_list->next;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
static void remove_lock_file_on_signal(int signo)
|
|
|
|
{
|
|
|
|
remove_lock_file();
|
chain kill signals for cleanup functions
If a piece of code wanted to do some cleanup before exiting
(e.g., cleaning up a lockfile or a tempfile), our usual
strategy was to install a signal handler that did something
like this:
do_cleanup(); /* actual work */
signal(signo, SIG_DFL); /* restore previous behavior */
raise(signo); /* deliver signal, killing ourselves */
For a single handler, this works fine. However, if we want
to clean up two _different_ things, we run into a problem.
The most recently installed handler will run, but when it
removes itself as a handler, it doesn't put back the first
handler.
This patch introduces sigchain, a tiny library for handling
a stack of signal handlers. You sigchain_push each handler,
and use sigchain_pop to restore whoever was before you in
the stack.
Signed-off-by: Jeff King <peff@peff.net>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
2009-01-22 07:02:35 +01:00
|
|
|
sigchain_pop(signo);
|
2006-06-06 21:51:49 +02:00
|
|
|
raise(signo);
|
|
|
|
}
|
|
|
|
|
2007-07-26 19:34:14 +02:00
|
|
|
/*
|
|
|
|
* p = absolute or relative path name
|
|
|
|
*
|
|
|
|
* Return a pointer into p showing the beginning of the last path name
|
|
|
|
* element. If p is empty or the root directory ("/"), just return p.
|
|
|
|
*/
|
|
|
|
static char *last_path_elm(char *p)
|
|
|
|
{
|
|
|
|
/* r starts pointing to null at the end of the string */
|
|
|
|
char *r = strchr(p, '\0');
|
|
|
|
|
|
|
|
if (r == p)
|
|
|
|
return p; /* just return empty string */
|
|
|
|
|
|
|
|
r--; /* back up to last non-null character */
|
|
|
|
|
|
|
|
/* back up past trailing slashes, if any */
|
|
|
|
while (r > p && *r == '/')
|
|
|
|
r--;
|
|
|
|
|
|
|
|
/*
|
|
|
|
* then go backwards until I hit a slash, or the beginning of
|
|
|
|
* the string
|
|
|
|
*/
|
|
|
|
while (r > p && *(r-1) != '/')
|
|
|
|
r--;
|
|
|
|
return r;
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
/* We allow "recursive" symbolic links. Only within reason, though */
|
|
|
|
#define MAXDEPTH 5
|
|
|
|
|
|
|
|
/*
|
|
|
|
* p = path that may be a symlink
|
|
|
|
* s = full size of p
|
|
|
|
*
|
|
|
|
* If p is a symlink, attempt to overwrite p with a path to the real
|
|
|
|
* file or directory (which may or may not exist), following a chain of
|
|
|
|
* symlinks if necessary. Otherwise, leave p unmodified.
|
|
|
|
*
|
|
|
|
* This is a best-effort routine. If an error occurs, p will either be
|
|
|
|
* left unmodified or will name a different symlink in a symlink chain
|
|
|
|
* that started with p's initial contents.
|
|
|
|
*
|
|
|
|
* Always returns p.
|
|
|
|
*/
|
|
|
|
|
|
|
|
static char *resolve_symlink(char *p, size_t s)
|
|
|
|
{
|
|
|
|
int depth = MAXDEPTH;
|
|
|
|
|
|
|
|
while (depth--) {
|
|
|
|
char link[PATH_MAX];
|
|
|
|
int link_len = readlink(p, link, sizeof(link));
|
|
|
|
if (link_len < 0) {
|
|
|
|
/* not a symlink anymore */
|
|
|
|
return p;
|
|
|
|
}
|
|
|
|
else if (link_len < sizeof(link))
|
|
|
|
/* readlink() never null-terminates */
|
|
|
|
link[link_len] = '\0';
|
|
|
|
else {
|
|
|
|
warning("%s: symlink too long", p);
|
|
|
|
return p;
|
|
|
|
}
|
|
|
|
|
2007-11-25 23:29:03 +01:00
|
|
|
if (is_absolute_path(link)) {
|
2007-07-26 19:34:14 +02:00
|
|
|
/* absolute path simply replaces p */
|
|
|
|
if (link_len < s)
|
|
|
|
strcpy(p, link);
|
|
|
|
else {
|
|
|
|
warning("%s: symlink too long", p);
|
|
|
|
return p;
|
|
|
|
}
|
|
|
|
} else {
|
|
|
|
/*
|
|
|
|
* link is a relative path, so I must replace the
|
|
|
|
* last element of p with it.
|
|
|
|
*/
|
2009-05-01 11:06:36 +02:00
|
|
|
char *r = (char *)last_path_elm(p);
|
2007-07-26 19:34:14 +02:00
|
|
|
if (r - p + link_len < s)
|
|
|
|
strcpy(r, link);
|
|
|
|
else {
|
|
|
|
warning("%s: symlink too long", p);
|
|
|
|
return p;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
return p;
|
|
|
|
}
|
|
|
|
|
2014-06-20 16:42:48 +02:00
|
|
|
/* Make sure errno contains a meaningful value on error */
|
2008-10-18 00:44:39 +02:00
|
|
|
static int lock_file(struct lock_file *lk, const char *path, int flags)
|
2006-06-06 21:51:49 +02:00
|
|
|
{
|
2007-07-26 19:34:14 +02:00
|
|
|
/*
|
|
|
|
* subtract 5 from size to make sure there's room for adding
|
|
|
|
* ".lock" for the lock file name
|
|
|
|
*/
|
2013-07-06 21:48:52 +02:00
|
|
|
static const size_t max_path_len = sizeof(lk->filename) - 5;
|
|
|
|
|
2014-06-20 16:42:48 +02:00
|
|
|
if (strlen(path) >= max_path_len) {
|
|
|
|
errno = ENAMETOOLONG;
|
2013-07-06 21:48:52 +02:00
|
|
|
return -1;
|
2014-06-20 16:42:48 +02:00
|
|
|
}
|
2013-07-06 21:48:52 +02:00
|
|
|
strcpy(lk->filename, path);
|
2008-10-18 00:44:39 +02:00
|
|
|
if (!(flags & LOCK_NODEREF))
|
2013-07-06 21:48:52 +02:00
|
|
|
resolve_symlink(lk->filename, max_path_len);
|
2007-07-26 19:34:14 +02:00
|
|
|
strcat(lk->filename, ".lock");
|
2007-11-13 21:05:03 +01:00
|
|
|
lk->fd = open(lk->filename, O_RDWR | O_CREAT | O_EXCL, 0666);
|
|
|
|
if (0 <= lk->fd) {
|
2007-07-13 16:14:50 +02:00
|
|
|
if (!lock_file_list) {
|
2009-01-22 07:03:08 +01:00
|
|
|
sigchain_push_common(remove_lock_file_on_signal);
|
2007-07-13 16:14:50 +02:00
|
|
|
atexit(remove_lock_file);
|
|
|
|
}
|
2007-04-21 12:11:10 +02:00
|
|
|
lk->owner = getpid();
|
2007-01-02 20:19:05 +01:00
|
|
|
if (!lk->on_list) {
|
2006-06-10 07:07:23 +02:00
|
|
|
lk->next = lock_file_list;
|
|
|
|
lock_file_list = lk;
|
2007-01-02 20:19:05 +01:00
|
|
|
lk->on_list = 1;
|
|
|
|
}
|
2014-06-20 16:42:48 +02:00
|
|
|
if (adjust_shared_perm(lk->filename)) {
|
|
|
|
int save_errno = errno;
|
|
|
|
error("cannot fix permission bits on %s",
|
|
|
|
lk->filename);
|
|
|
|
errno = save_errno;
|
|
|
|
return -1;
|
|
|
|
}
|
2006-06-06 21:51:49 +02:00
|
|
|
}
|
2007-01-02 20:19:05 +01:00
|
|
|
else
|
|
|
|
lk->filename[0] = 0;
|
2007-11-13 21:05:03 +01:00
|
|
|
return lk->fd;
|
2006-06-06 21:51:49 +02:00
|
|
|
}
|
|
|
|
|
2014-06-20 16:42:47 +02:00
|
|
|
void unable_to_lock_message(const char *path, int err, struct strbuf *buf)
|
2009-02-19 13:54:18 +01:00
|
|
|
{
|
2009-03-04 16:00:44 +01:00
|
|
|
if (err == EEXIST) {
|
2014-06-20 16:42:47 +02:00
|
|
|
strbuf_addf(buf, "Unable to create '%s.lock': %s.\n\n"
|
2009-02-19 13:54:18 +01:00
|
|
|
"If no other git process is currently running, this probably means a\n"
|
|
|
|
"git process crashed in this repository earlier. Make sure no other git\n"
|
|
|
|
"process is running and remove the file manually to continue.",
|
2011-03-17 12:26:46 +01:00
|
|
|
absolute_path(path), strerror(err));
|
2009-09-27 01:15:09 +02:00
|
|
|
} else
|
2014-06-20 16:42:47 +02:00
|
|
|
strbuf_addf(buf, "Unable to create '%s.lock': %s",
|
2011-03-17 12:26:46 +01:00
|
|
|
absolute_path(path), strerror(err));
|
2009-09-27 01:15:09 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
int unable_to_lock_error(const char *path, int err)
|
|
|
|
{
|
2014-06-20 16:42:47 +02:00
|
|
|
struct strbuf buf = STRBUF_INIT;
|
|
|
|
|
|
|
|
unable_to_lock_message(path, err, &buf);
|
|
|
|
error("%s", buf.buf);
|
|
|
|
strbuf_release(&buf);
|
2009-09-27 01:15:09 +02:00
|
|
|
return -1;
|
|
|
|
}
|
|
|
|
|
|
|
|
NORETURN void unable_to_lock_index_die(const char *path, int err)
|
|
|
|
{
|
2014-06-20 16:42:47 +02:00
|
|
|
struct strbuf buf = STRBUF_INIT;
|
|
|
|
|
|
|
|
unable_to_lock_message(path, err, &buf);
|
|
|
|
die("%s", buf.buf);
|
2009-02-19 13:54:18 +01:00
|
|
|
}
|
|
|
|
|
2014-06-20 16:42:48 +02:00
|
|
|
/* This should return a meaningful errno on failure */
|
2008-10-18 00:44:39 +02:00
|
|
|
int hold_lock_file_for_update(struct lock_file *lk, const char *path, int flags)
|
2006-08-12 10:03:47 +02:00
|
|
|
{
|
2008-10-18 00:44:39 +02:00
|
|
|
int fd = lock_file(lk, path, flags);
|
|
|
|
if (fd < 0 && (flags & LOCK_DIE_ON_ERROR))
|
2009-02-19 13:54:18 +01:00
|
|
|
unable_to_lock_index_die(path, errno);
|
2006-08-12 10:03:47 +02:00
|
|
|
return fd;
|
|
|
|
}
|
|
|
|
|
2008-10-18 00:44:39 +02:00
|
|
|
int hold_lock_file_for_append(struct lock_file *lk, const char *path, int flags)
|
2008-04-18 01:32:26 +02:00
|
|
|
{
|
|
|
|
int fd, orig_fd;
|
|
|
|
|
2008-10-18 00:44:39 +02:00
|
|
|
fd = lock_file(lk, path, flags);
|
2008-04-18 01:32:26 +02:00
|
|
|
if (fd < 0) {
|
2008-10-18 00:44:39 +02:00
|
|
|
if (flags & LOCK_DIE_ON_ERROR)
|
2009-03-04 16:00:44 +01:00
|
|
|
unable_to_lock_index_die(path, errno);
|
2008-04-18 01:32:26 +02:00
|
|
|
return fd;
|
|
|
|
}
|
|
|
|
|
|
|
|
orig_fd = open(path, O_RDONLY);
|
|
|
|
if (orig_fd < 0) {
|
|
|
|
if (errno != ENOENT) {
|
2008-10-18 00:44:39 +02:00
|
|
|
if (flags & LOCK_DIE_ON_ERROR)
|
2008-04-18 01:32:26 +02:00
|
|
|
die("cannot open '%s' for copying", path);
|
|
|
|
close(fd);
|
|
|
|
return error("cannot open '%s' for copying", path);
|
|
|
|
}
|
|
|
|
} else if (copy_fd(orig_fd, fd)) {
|
2008-10-18 00:44:39 +02:00
|
|
|
if (flags & LOCK_DIE_ON_ERROR)
|
2008-04-18 01:32:26 +02:00
|
|
|
exit(128);
|
|
|
|
close(fd);
|
|
|
|
return -1;
|
|
|
|
}
|
|
|
|
return fd;
|
|
|
|
}
|
|
|
|
|
2008-01-16 20:05:32 +01:00
|
|
|
int close_lock_file(struct lock_file *lk)
|
|
|
|
{
|
|
|
|
int fd = lk->fd;
|
|
|
|
lk->fd = -1;
|
|
|
|
return close(fd);
|
|
|
|
}
|
|
|
|
|
2006-06-06 21:51:49 +02:00
|
|
|
int commit_lock_file(struct lock_file *lk)
|
|
|
|
{
|
|
|
|
char result_file[PATH_MAX];
|
2008-01-16 20:05:32 +01:00
|
|
|
size_t i;
|
|
|
|
if (lk->fd >= 0 && close_lock_file(lk))
|
|
|
|
return -1;
|
2006-06-06 21:51:49 +02:00
|
|
|
strcpy(result_file, lk->filename);
|
|
|
|
i = strlen(result_file) - 5; /* .lock */
|
|
|
|
result_file[i] = 0;
|
2008-01-16 20:05:32 +01:00
|
|
|
if (rename(lk->filename, result_file))
|
|
|
|
return -1;
|
2006-06-06 21:51:49 +02:00
|
|
|
lk->filename[0] = 0;
|
2008-01-16 20:05:32 +01:00
|
|
|
return 0;
|
2006-06-06 21:51:49 +02:00
|
|
|
}
|
|
|
|
|
_GIT_INDEX_OUTPUT: allow plumbing to output to an alternative index file.
When defined, this allows plumbing commands that update the
index (add, apply, checkout-index, merge-recursive, mv,
read-tree, rm, update-index, and write-tree) to write their
resulting index to an alternative index file while holding a
lock to the original index file. With this, git-commit that
jumps the index does not have to make an extra copy of the index
file, and more importantly, it can do the update while holding
the lock on the index.
However, I think the interface to let an environment variable
specify the output is a mistake, as shown in the documentation.
If a curious user has the environment variable set to something
other than the file GIT_INDEX_FILE points at, almost everything
will break. This should instead be a command line parameter to
tell these plumbing commands to write the result in the named
file, to prevent stupid mistakes.
Signed-off-by: Junio C Hamano <junkio@cox.net>
2007-04-01 08:09:02 +02:00
|
|
|
int hold_locked_index(struct lock_file *lk, int die_on_error)
|
|
|
|
{
|
2008-10-18 00:44:39 +02:00
|
|
|
return hold_lock_file_for_update(lk, get_index_file(),
|
|
|
|
die_on_error
|
|
|
|
? LOCK_DIE_ON_ERROR
|
|
|
|
: 0);
|
_GIT_INDEX_OUTPUT: allow plumbing to output to an alternative index file.
When defined, this allows plumbing commands that update the
index (add, apply, checkout-index, merge-recursive, mv,
read-tree, rm, update-index, and write-tree) to write their
resulting index to an alternative index file while holding a
lock to the original index file. With this, git-commit that
jumps the index does not have to make an extra copy of the index
file, and more importantly, it can do the update while holding
the lock on the index.
However, I think the interface to let an environment variable
specify the output is a mistake, as shown in the documentation.
If a curious user has the environment variable set to something
other than the file GIT_INDEX_FILE points at, almost everything
will break. This should instead be a command line parameter to
tell these plumbing commands to write the result in the named
file, to prevent stupid mistakes.
Signed-off-by: Junio C Hamano <junkio@cox.net>
2007-04-01 08:09:02 +02:00
|
|
|
}
|
|
|
|
|
2007-04-01 08:27:41 +02:00
|
|
|
void set_alternate_index_output(const char *name)
|
|
|
|
{
|
|
|
|
alternate_index_output = name;
|
|
|
|
}
|
|
|
|
|
_GIT_INDEX_OUTPUT: allow plumbing to output to an alternative index file.
When defined, this allows plumbing commands that update the
index (add, apply, checkout-index, merge-recursive, mv,
read-tree, rm, update-index, and write-tree) to write their
resulting index to an alternative index file while holding a
lock to the original index file. With this, git-commit that
jumps the index does not have to make an extra copy of the index
file, and more importantly, it can do the update while holding
the lock on the index.
However, I think the interface to let an environment variable
specify the output is a mistake, as shown in the documentation.
If a curious user has the environment variable set to something
other than the file GIT_INDEX_FILE points at, almost everything
will break. This should instead be a command line parameter to
tell these plumbing commands to write the result in the named
file, to prevent stupid mistakes.
Signed-off-by: Junio C Hamano <junkio@cox.net>
2007-04-01 08:09:02 +02:00
|
|
|
int commit_locked_index(struct lock_file *lk)
|
|
|
|
{
|
2007-04-01 08:27:41 +02:00
|
|
|
if (alternate_index_output) {
|
2008-01-16 20:05:32 +01:00
|
|
|
if (lk->fd >= 0 && close_lock_file(lk))
|
|
|
|
return -1;
|
|
|
|
if (rename(lk->filename, alternate_index_output))
|
|
|
|
return -1;
|
_GIT_INDEX_OUTPUT: allow plumbing to output to an alternative index file.
When defined, this allows plumbing commands that update the
index (add, apply, checkout-index, merge-recursive, mv,
read-tree, rm, update-index, and write-tree) to write their
resulting index to an alternative index file while holding a
lock to the original index file. With this, git-commit that
jumps the index does not have to make an extra copy of the index
file, and more importantly, it can do the update while holding
the lock on the index.
However, I think the interface to let an environment variable
specify the output is a mistake, as shown in the documentation.
If a curious user has the environment variable set to something
other than the file GIT_INDEX_FILE points at, almost everything
will break. This should instead be a command line parameter to
tell these plumbing commands to write the result in the named
file, to prevent stupid mistakes.
Signed-off-by: Junio C Hamano <junkio@cox.net>
2007-04-01 08:09:02 +02:00
|
|
|
lk->filename[0] = 0;
|
2008-01-16 20:05:32 +01:00
|
|
|
return 0;
|
_GIT_INDEX_OUTPUT: allow plumbing to output to an alternative index file.
When defined, this allows plumbing commands that update the
index (add, apply, checkout-index, merge-recursive, mv,
read-tree, rm, update-index, and write-tree) to write their
resulting index to an alternative index file while holding a
lock to the original index file. With this, git-commit that
jumps the index does not have to make an extra copy of the index
file, and more importantly, it can do the update while holding
the lock on the index.
However, I think the interface to let an environment variable
specify the output is a mistake, as shown in the documentation.
If a curious user has the environment variable set to something
other than the file GIT_INDEX_FILE points at, almost everything
will break. This should instead be a command line parameter to
tell these plumbing commands to write the result in the named
file, to prevent stupid mistakes.
Signed-off-by: Junio C Hamano <junkio@cox.net>
2007-04-01 08:09:02 +02:00
|
|
|
}
|
|
|
|
else
|
|
|
|
return commit_lock_file(lk);
|
|
|
|
}
|
|
|
|
|
2006-06-06 21:51:49 +02:00
|
|
|
void rollback_lock_file(struct lock_file *lk)
|
|
|
|
{
|
2007-11-13 21:05:03 +01:00
|
|
|
if (lk->filename[0]) {
|
2008-01-16 20:05:32 +01:00
|
|
|
if (lk->fd >= 0)
|
|
|
|
close(lk->fd);
|
2009-04-29 23:22:56 +02:00
|
|
|
unlink_or_warn(lk->filename);
|
2007-11-13 21:05:03 +01:00
|
|
|
}
|
2006-06-06 21:51:49 +02:00
|
|
|
lk->filename[0] = 0;
|
|
|
|
}
|