]> git.ipfire.org Git - thirdparty/git.git/blob - refs/files-backend.c
projects / thirdparty / git.git / blob
? search:


32663a999ea030f76f400608ae1ed6dbaebbc20c
[thirdparty/git.git] / refs / files-backend.c
1 #include "../cache.h"
2 #include "../config.h"
3 #include "../refs.h"
4 #include "refs-internal.h"
5 #include "ref-cache.h"
6 #include "packed-backend.h"
7 #include "../iterator.h"
8 #include "../dir-iterator.h"
9 #include "../lockfile.h"
10 #include "../object.h"
11 #include "../dir.h"
12
13 struct ref_lock {
14 char *ref_name;
15 struct lock_file lk;
16 struct object_id old_oid;
17 };
18
19 /*
20 * Future: need to be in "struct repository"
21 * when doing a full libification.
22 */
23 struct files_ref_store {
24 struct ref_store base;
25 unsigned int store_flags;
26
27 char *gitdir;
28 char *gitcommondir;
29
30 struct ref_cache *loose;
31
32 struct ref_store *packed_ref_store;
33 };
34
35 static void clear_loose_ref_cache(struct files_ref_store *refs)
36 {
37 if (refs->loose) {
38 free_ref_cache(refs->loose);
39 refs->loose = NULL;
40 }
41 }
42
43 /*
44 * Create a new submodule ref cache and add it to the internal
45 * set of caches.
46 */
47 static struct ref_store *files_ref_store_create(const char *gitdir,
48 unsigned int flags)
49 {
50 struct files_ref_store *refs = xcalloc(1, sizeof(*refs));
51 struct ref_store *ref_store = (struct ref_store *)refs;
52 struct strbuf sb = STRBUF_INIT;
53
54 base_ref_store_init(ref_store, &refs_be_files);
55 refs->store_flags = flags;
56
57 refs->gitdir = xstrdup(gitdir);
58 get_common_dir_noenv(&sb, gitdir);
59 refs->gitcommondir = strbuf_detach(&sb, NULL);
60 strbuf_addf(&sb, "%s/packed-refs", refs->gitcommondir);
61 refs->packed_ref_store = packed_ref_store_create(sb.buf, flags);
62 strbuf_release(&sb);
63
64 return ref_store;
65 }
66
67 /*
68 * Die if refs is not the main ref store. caller is used in any
69 * necessary error messages.
70 */
71 static void files_assert_main_repository(struct files_ref_store *refs,
72 const char *caller)
73 {
74 if (refs->store_flags & REF_STORE_MAIN)
75 return;
76
77 die("BUG: operation %s only allowed for main ref store", caller);
78 }
79
80 /*
81 * Downcast ref_store to files_ref_store. Die if ref_store is not a
82 * files_ref_store. required_flags is compared with ref_store's
83 * store_flags to ensure the ref_store has all required capabilities.
84 * "caller" is used in any necessary error messages.
85 */
86 static struct files_ref_store *files_downcast(struct ref_store *ref_store,
87 unsigned int required_flags,
88 const char *caller)
89 {
90 struct files_ref_store *refs;
91
92 if (ref_store->be != &refs_be_files)
93 die("BUG: ref_store is type \"%s\" not \"files\" in %s",
94 ref_store->be->name, caller);
95
96 refs = (struct files_ref_store *)ref_store;
97
98 if ((refs->store_flags & required_flags) != required_flags)
99 die("BUG: operation %s requires abilities 0x%x, but only have 0x%x",
100 caller, required_flags, refs->store_flags);
101
102 return refs;
103 }
104
105 static void files_reflog_path(struct files_ref_store *refs,
106 struct strbuf *sb,
107 const char *refname)
108 {
109 switch (ref_type(refname)) {
110 case REF_TYPE_PER_WORKTREE:
111 case REF_TYPE_PSEUDOREF:
112 strbuf_addf(sb, "%s/logs/%s", refs->gitdir, refname);
113 break;
114 case REF_TYPE_NORMAL:
115 strbuf_addf(sb, "%s/logs/%s", refs->gitcommondir, refname);
116 break;
117 default:
118 die("BUG: unknown ref type %d of ref %s",
119 ref_type(refname), refname);
120 }
121 }
122
123 static void files_ref_path(struct files_ref_store *refs,
124 struct strbuf *sb,
125 const char *refname)
126 {
127 switch (ref_type(refname)) {
128 case REF_TYPE_PER_WORKTREE:
129 case REF_TYPE_PSEUDOREF:
130 strbuf_addf(sb, "%s/%s", refs->gitdir, refname);
131 break;
132 case REF_TYPE_NORMAL:
133 strbuf_addf(sb, "%s/%s", refs->gitcommondir, refname);
134 break;
135 default:
136 die("BUG: unknown ref type %d of ref %s",
137 ref_type(refname), refname);
138 }
139 }
140
141 /*
142 * Read the loose references from the namespace dirname into dir
143 * (without recursing). dirname must end with '/'. dir must be the
144 * directory entry corresponding to dirname.
145 */
146 static void loose_fill_ref_dir(struct ref_store *ref_store,
147 struct ref_dir *dir, const char *dirname)
148 {
149 struct files_ref_store *refs =
150 files_downcast(ref_store, REF_STORE_READ, "fill_ref_dir");
151 DIR *d;
152 struct dirent *de;
153 int dirnamelen = strlen(dirname);
154 struct strbuf refname;
155 struct strbuf path = STRBUF_INIT;
156 size_t path_baselen;
157
158 files_ref_path(refs, &path, dirname);
159 path_baselen = path.len;
160
161 d = opendir(path.buf);
162 if (!d) {
163 strbuf_release(&path);
164 return;
165 }
166
167 strbuf_init(&refname, dirnamelen + 257);
168 strbuf_add(&refname, dirname, dirnamelen);
169
170 while ((de = readdir(d)) != NULL) {
171 struct object_id oid;
172 struct stat st;
173 int flag;
174
175 if (de->d_name[0] == '.')
176 continue;
177 if (ends_with(de->d_name, ".lock"))
178 continue;
179 strbuf_addstr(&refname, de->d_name);
180 strbuf_addstr(&path, de->d_name);
181 if (stat(path.buf, &st) < 0) {
182 ; /* silently ignore */
183 } else if (S_ISDIR(st.st_mode)) {
184 strbuf_addch(&refname, '/');
185 add_entry_to_dir(dir,
186 create_dir_entry(dir->cache, refname.buf,
187 refname.len, 1));
188 } else {
189 if (!refs_resolve_ref_unsafe(&refs->base,
190 refname.buf,
191 RESOLVE_REF_READING,
192 oid.hash, &flag)) {
193 oidclr(&oid);
194 flag |= REF_ISBROKEN;
195 } else if (is_null_oid(&oid)) {
196 /*
197 * It is so astronomically unlikely
198 * that NULL_SHA1 is the SHA-1 of an
199 * actual object that we consider its
200 * appearance in a loose reference
201 * file to be repo corruption
202 * (probably due to a software bug).
203 */
204 flag |= REF_ISBROKEN;
205 }
206
207 if (check_refname_format(refname.buf,
208 REFNAME_ALLOW_ONELEVEL)) {
209 if (!refname_is_safe(refname.buf))
210 die("loose refname is dangerous: %s", refname.buf);
211 oidclr(&oid);
212 flag |= REF_BAD_NAME | REF_ISBROKEN;
213 }
214 add_entry_to_dir(dir,
215 create_ref_entry(refname.buf, &oid, flag));
216 }
217 strbuf_setlen(&refname, dirnamelen);
218 strbuf_setlen(&path, path_baselen);
219 }
220 strbuf_release(&refname);
221 strbuf_release(&path);
222 closedir(d);
223
224 /*
225 * Manually add refs/bisect, which, being per-worktree, might
226 * not appear in the directory listing for refs/ in the main
227 * repo.
228 */
229 if (!strcmp(dirname, "refs/")) {
230 int pos = search_ref_dir(dir, "refs/bisect/", 12);
231
232 if (pos < 0) {
233 struct ref_entry *child_entry = create_dir_entry(
234 dir->cache, "refs/bisect/", 12, 1);
235 add_entry_to_dir(dir, child_entry);
236 }
237 }
238 }
239
240 static struct ref_cache *get_loose_ref_cache(struct files_ref_store *refs)
241 {
242 if (!refs->loose) {
243 /*
244 * Mark the top-level directory complete because we
245 * are about to read the only subdirectory that can
246 * hold references:
247 */
248 refs->loose = create_ref_cache(&refs->base, loose_fill_ref_dir);
249
250 /* We're going to fill the top level ourselves: */
251 refs->loose->root->flag &= ~REF_INCOMPLETE;
252
253 /*
254 * Add an incomplete entry for "refs/" (to be filled
255 * lazily):
256 */
257 add_entry_to_dir(get_ref_dir(refs->loose->root),
258 create_dir_entry(refs->loose, "refs/", 5, 1));
259 }
260 return refs->loose;
261 }
262
263 static int files_read_raw_ref(struct ref_store *ref_store,
264 const char *refname, unsigned char *sha1,
265 struct strbuf *referent, unsigned int *type)
266 {
267 struct files_ref_store *refs =
268 files_downcast(ref_store, REF_STORE_READ, "read_raw_ref");
269 struct strbuf sb_contents = STRBUF_INIT;
270 struct strbuf sb_path = STRBUF_INIT;
271 const char *path;
272 const char *buf;
273 struct stat st;
274 int fd;
275 int ret = -1;
276 int save_errno;
277 int remaining_retries = 3;
278
279 *type = 0;
280 strbuf_reset(&sb_path);
281
282 files_ref_path(refs, &sb_path, refname);
283
284 path = sb_path.buf;
285
286 stat_ref:
287 /*
288 * We might have to loop back here to avoid a race
289 * condition: first we lstat() the file, then we try
290 * to read it as a link or as a file. But if somebody
291 * changes the type of the file (file <-> directory
292 * <-> symlink) between the lstat() and reading, then
293 * we don't want to report that as an error but rather
294 * try again starting with the lstat().
295 *
296 * We'll keep a count of the retries, though, just to avoid
297 * any confusing situation sending us into an infinite loop.
298 */
299
300 if (remaining_retries-- <= 0)
301 goto out;
302
303 if (lstat(path, &st) < 0) {
304 if (errno != ENOENT)
305 goto out;
306 if (refs_read_raw_ref(refs->packed_ref_store, refname,
307 sha1, referent, type)) {
308 errno = ENOENT;
309 goto out;
310 }
311 ret = 0;
312 goto out;
313 }
314
315 /* Follow "normalized" - ie "refs/.." symlinks by hand */
316 if (S_ISLNK(st.st_mode)) {
317 strbuf_reset(&sb_contents);
318 if (strbuf_readlink(&sb_contents, path, 0) < 0) {
319 if (errno == ENOENT || errno == EINVAL)
320 /* inconsistent with lstat; retry */
321 goto stat_ref;
322 else
323 goto out;
324 }
325 if (starts_with(sb_contents.buf, "refs/") &&
326 !check_refname_format(sb_contents.buf, 0)) {
327 strbuf_swap(&sb_contents, referent);
328 *type |= REF_ISSYMREF;
329 ret = 0;
330 goto out;
331 }
332 /*
333 * It doesn't look like a refname; fall through to just
334 * treating it like a non-symlink, and reading whatever it
335 * points to.
336 */
337 }
338
339 /* Is it a directory? */
340 if (S_ISDIR(st.st_mode)) {
341 /*
342 * Even though there is a directory where the loose
343 * ref is supposed to be, there could still be a
344 * packed ref:
345 */
346 if (refs_read_raw_ref(refs->packed_ref_store, refname,
347 sha1, referent, type)) {
348 errno = EISDIR;
349 goto out;
350 }
351 ret = 0;
352 goto out;
353 }
354
355 /*
356 * Anything else, just open it and try to use it as
357 * a ref
358 */
359 fd = open(path, O_RDONLY);
360 if (fd < 0) {
361 if (errno == ENOENT && !S_ISLNK(st.st_mode))
362 /* inconsistent with lstat; retry */
363 goto stat_ref;
364 else
365 goto out;
366 }
367 strbuf_reset(&sb_contents);
368 if (strbuf_read(&sb_contents, fd, 256) < 0) {
369 int save_errno = errno;
370 close(fd);
371 errno = save_errno;
372 goto out;
373 }
374 close(fd);
375 strbuf_rtrim(&sb_contents);
376 buf = sb_contents.buf;
377 if (starts_with(buf, "ref:")) {
378 buf += 4;
379 while (isspace(*buf))
380 buf++;
381
382 strbuf_reset(referent);
383 strbuf_addstr(referent, buf);
384 *type |= REF_ISSYMREF;
385 ret = 0;
386 goto out;
387 }
388
389 /*
390 * Please note that FETCH_HEAD has additional
391 * data after the sha.
392 */
393 if (get_sha1_hex(buf, sha1) ||
394 (buf[40] != '\0' && !isspace(buf[40]))) {
395 *type |= REF_ISBROKEN;
396 errno = EINVAL;
397 goto out;
398 }
399
400 ret = 0;
401
402 out:
403 save_errno = errno;
404 strbuf_release(&sb_path);
405 strbuf_release(&sb_contents);
406 errno = save_errno;
407 return ret;
408 }
409
410 static void unlock_ref(struct ref_lock *lock)
411 {
412 rollback_lock_file(&lock->lk);
413 free(lock->ref_name);
414 free(lock);
415 }
416
417 /*
418 * Lock refname, without following symrefs, and set *lock_p to point
419 * at a newly-allocated lock object. Fill in lock->old_oid, referent,
420 * and type similarly to read_raw_ref().
421 *
422 * The caller must verify that refname is a "safe" reference name (in
423 * the sense of refname_is_safe()) before calling this function.
424 *
425 * If the reference doesn't already exist, verify that refname doesn't
426 * have a D/F conflict with any existing references. extras and skip
427 * are passed to refs_verify_refname_available() for this check.
428 *
429 * If mustexist is not set and the reference is not found or is
430 * broken, lock the reference anyway but clear sha1.
431 *
432 * Return 0 on success. On failure, write an error message to err and
433 * return TRANSACTION_NAME_CONFLICT or TRANSACTION_GENERIC_ERROR.
434 *
435 * Implementation note: This function is basically
436 *
437 * lock reference
438 * read_raw_ref()
439 *
440 * but it includes a lot more code to
441 * - Deal with possible races with other processes
442 * - Avoid calling refs_verify_refname_available() when it can be
443 * avoided, namely if we were successfully able to read the ref
444 * - Generate informative error messages in the case of failure
445 */
446 static int lock_raw_ref(struct files_ref_store *refs,
447 const char *refname, int mustexist,
448 const struct string_list *extras,
449 const struct string_list *skip,
450 struct ref_lock **lock_p,
451 struct strbuf *referent,
452 unsigned int *type,
453 struct strbuf *err)
454 {
455 struct ref_lock *lock;
456 struct strbuf ref_file = STRBUF_INIT;
457 int attempts_remaining = 3;
458 int ret = TRANSACTION_GENERIC_ERROR;
459
460 assert(err);
461 files_assert_main_repository(refs, "lock_raw_ref");
462
463 *type = 0;
464
465 /* First lock the file so it can't change out from under us. */
466
467 *lock_p = lock = xcalloc(1, sizeof(*lock));
468
469 lock->ref_name = xstrdup(refname);
470 files_ref_path(refs, &ref_file, refname);
471
472 retry:
473 switch (safe_create_leading_directories(ref_file.buf)) {
474 case SCLD_OK:
475 break; /* success */
476 case SCLD_EXISTS:
477 /*
478 * Suppose refname is "refs/foo/bar". We just failed
479 * to create the containing directory, "refs/foo",
480 * because there was a non-directory in the way. This
481 * indicates a D/F conflict, probably because of
482 * another reference such as "refs/foo". There is no
483 * reason to expect this error to be transitory.
484 */
485 if (refs_verify_refname_available(&refs->base, refname,
486 extras, skip, err)) {
487 if (mustexist) {
488 /*
489 * To the user the relevant error is
490 * that the "mustexist" reference is
491 * missing:
492 */
493 strbuf_reset(err);
494 strbuf_addf(err, "unable to resolve reference '%s'",
495 refname);
496 } else {
497 /*
498 * The error message set by
499 * refs_verify_refname_available() is
500 * OK.
501 */
502 ret = TRANSACTION_NAME_CONFLICT;
503 }
504 } else {
505 /*
506 * The file that is in the way isn't a loose
507 * reference. Report it as a low-level
508 * failure.
509 */
510 strbuf_addf(err, "unable to create lock file %s.lock; "
511 "non-directory in the way",
512 ref_file.buf);
513 }
514 goto error_return;
515 case SCLD_VANISHED:
516 /* Maybe another process was tidying up. Try again. */
517 if (--attempts_remaining > 0)
518 goto retry;
519 /* fall through */
520 default:
521 strbuf_addf(err, "unable to create directory for %s",
522 ref_file.buf);
523 goto error_return;
524 }
525
526 if (hold_lock_file_for_update_timeout(
527 &lock->lk, ref_file.buf, LOCK_NO_DEREF,
528 get_files_ref_lock_timeout_ms()) < 0) {
529 if (errno == ENOENT && --attempts_remaining > 0) {
530 /*
531 * Maybe somebody just deleted one of the
532 * directories leading to ref_file. Try
533 * again:
534 */
535 goto retry;
536 } else {
537 unable_to_lock_message(ref_file.buf, errno, err);
538 goto error_return;
539 }
540 }
541
542 /*
543 * Now we hold the lock and can read the reference without
544 * fear that its value will change.
545 */
546
547 if (files_read_raw_ref(&refs->base, refname,
548 lock->old_oid.hash, referent, type)) {
549 if (errno == ENOENT) {
550 if (mustexist) {
551 /* Garden variety missing reference. */
552 strbuf_addf(err, "unable to resolve reference '%s'",
553 refname);
554 goto error_return;
555 } else {
556 /*
557 * Reference is missing, but that's OK. We
558 * know that there is not a conflict with
559 * another loose reference because
560 * (supposing that we are trying to lock
561 * reference "refs/foo/bar"):
562 *
563 * - We were successfully able to create
564 * the lockfile refs/foo/bar.lock, so we
565 * know there cannot be a loose reference
566 * named "refs/foo".
567 *
568 * - We got ENOENT and not EISDIR, so we
569 * know that there cannot be a loose
570 * reference named "refs/foo/bar/baz".
571 */
572 }
573 } else if (errno == EISDIR) {
574 /*
575 * There is a directory in the way. It might have
576 * contained references that have been deleted. If
577 * we don't require that the reference already
578 * exists, try to remove the directory so that it
579 * doesn't cause trouble when we want to rename the
580 * lockfile into place later.
581 */
582 if (mustexist) {
583 /* Garden variety missing reference. */
584 strbuf_addf(err, "unable to resolve reference '%s'",
585 refname);
586 goto error_return;
587 } else if (remove_dir_recursively(&ref_file,
588 REMOVE_DIR_EMPTY_ONLY)) {
589 if (refs_verify_refname_available(
590 &refs->base, refname,
591 extras, skip, err)) {
592 /*
593 * The error message set by
594 * verify_refname_available() is OK.
595 */
596 ret = TRANSACTION_NAME_CONFLICT;
597 goto error_return;
598 } else {
599 /*
600 * We can't delete the directory,
601 * but we also don't know of any
602 * references that it should
603 * contain.
604 */
605 strbuf_addf(err, "there is a non-empty directory '%s' "
606 "blocking reference '%s'",
607 ref_file.buf, refname);
608 goto error_return;
609 }
610 }
611 } else if (errno == EINVAL && (*type & REF_ISBROKEN)) {
612 strbuf_addf(err, "unable to resolve reference '%s': "
613 "reference broken", refname);
614 goto error_return;
615 } else {
616 strbuf_addf(err, "unable to resolve reference '%s': %s",
617 refname, strerror(errno));
618 goto error_return;
619 }
620
621 /*
622 * If the ref did not exist and we are creating it,
623 * make sure there is no existing packed ref that
624 * conflicts with refname:
625 */
626 if (refs_verify_refname_available(
627 refs->packed_ref_store, refname,
628 extras, skip, err))
629 goto error_return;
630 }
631
632 ret = 0;
633 goto out;
634
635 error_return:
636 unlock_ref(lock);
637 *lock_p = NULL;
638
639 out:
640 strbuf_release(&ref_file);
641 return ret;
642 }
643
644 static int files_peel_ref(struct ref_store *ref_store,
645 const char *refname, unsigned char *sha1)
646 {
647 struct files_ref_store *refs =
648 files_downcast(ref_store, REF_STORE_READ | REF_STORE_ODB,
649 "peel_ref");
650 int flag;
651 unsigned char base[20];
652
653 if (current_ref_iter && current_ref_iter->refname == refname) {
654 struct object_id peeled;
655
656 if (ref_iterator_peel(current_ref_iter, &peeled))
657 return -1;
658 hashcpy(sha1, peeled.hash);
659 return 0;
660 }
661
662 if (refs_read_ref_full(ref_store, refname,
663 RESOLVE_REF_READING, base, &flag))
664 return -1;
665
666 /*
667 * If the reference is packed, read its ref_entry from the
668 * cache in the hope that we already know its peeled value.
669 * We only try this optimization on packed references because
670 * (a) forcing the filling of the loose reference cache could
671 * be expensive and (b) loose references anyway usually do not
672 * have REF_KNOWS_PEELED.
673 */
674 if (flag & REF_ISPACKED &&
675 !refs_peel_ref(refs->packed_ref_store, refname, sha1))
676 return 0;
677
678 return peel_object(base, sha1);
679 }
680
681 struct files_ref_iterator {
682 struct ref_iterator base;
683
684 struct ref_iterator *iter0;
685 unsigned int flags;
686 };
687
688 static int files_ref_iterator_advance(struct ref_iterator *ref_iterator)
689 {
690 struct files_ref_iterator *iter =
691 (struct files_ref_iterator *)ref_iterator;
692 int ok;
693
694 while ((ok = ref_iterator_advance(iter->iter0)) == ITER_OK) {
695 if (iter->flags & DO_FOR_EACH_PER_WORKTREE_ONLY &&
696 ref_type(iter->iter0->refname) != REF_TYPE_PER_WORKTREE)
697 continue;
698
699 if (!(iter->flags & DO_FOR_EACH_INCLUDE_BROKEN) &&
700 !ref_resolves_to_object(iter->iter0->refname,
701 iter->iter0->oid,
702 iter->iter0->flags))
703 continue;
704
705 iter->base.refname = iter->iter0->refname;
706 iter->base.oid = iter->iter0->oid;
707 iter->base.flags = iter->iter0->flags;
708 return ITER_OK;
709 }
710
711 iter->iter0 = NULL;
712 if (ref_iterator_abort(ref_iterator) != ITER_DONE)
713 ok = ITER_ERROR;
714
715 return ok;
716 }
717
718 static int files_ref_iterator_peel(struct ref_iterator *ref_iterator,
719 struct object_id *peeled)
720 {
721 struct files_ref_iterator *iter =
722 (struct files_ref_iterator *)ref_iterator;
723
724 return ref_iterator_peel(iter->iter0, peeled);
725 }
726
727 static int files_ref_iterator_abort(struct ref_iterator *ref_iterator)
728 {
729 struct files_ref_iterator *iter =
730 (struct files_ref_iterator *)ref_iterator;
731 int ok = ITER_DONE;
732
733 if (iter->iter0)
734 ok = ref_iterator_abort(iter->iter0);
735
736 base_ref_iterator_free(ref_iterator);
737 return ok;
738 }
739
740 static struct ref_iterator_vtable files_ref_iterator_vtable = {
741 files_ref_iterator_advance,
742 files_ref_iterator_peel,
743 files_ref_iterator_abort
744 };
745
746 static struct ref_iterator *files_ref_iterator_begin(
747 struct ref_store *ref_store,
748 const char *prefix, unsigned int flags)
749 {
750 struct files_ref_store *refs;
751 struct ref_iterator *loose_iter, *packed_iter;
752 struct files_ref_iterator *iter;
753 struct ref_iterator *ref_iterator;
754 unsigned int required_flags = REF_STORE_READ;
755
756 if (!(flags & DO_FOR_EACH_INCLUDE_BROKEN))
757 required_flags |= REF_STORE_ODB;
758
759 refs = files_downcast(ref_store, required_flags, "ref_iterator_begin");
760
761 iter = xcalloc(1, sizeof(*iter));
762 ref_iterator = &iter->base;
763 base_ref_iterator_init(ref_iterator, &files_ref_iterator_vtable);
764
765 /*
766 * We must make sure that all loose refs are read before
767 * accessing the packed-refs file; this avoids a race
768 * condition if loose refs are migrated to the packed-refs
769 * file by a simultaneous process, but our in-memory view is
770 * from before the migration. We ensure this as follows:
771 * First, we call start the loose refs iteration with its
772 * `prime_ref` argument set to true. This causes the loose
773 * references in the subtree to be pre-read into the cache.
774 * (If they've already been read, that's OK; we only need to
775 * guarantee that they're read before the packed refs, not
776 * *how much* before.) After that, we call
777 * packed_ref_iterator_begin(), which internally checks
778 * whether the packed-ref cache is up to date with what is on
779 * disk, and re-reads it if not.
780 */
781
782 loose_iter = cache_ref_iterator_begin(get_loose_ref_cache(refs),
783 prefix, 1);
784
785 /*
786 * The packed-refs file might contain broken references, for
787 * example an old version of a reference that points at an
788 * object that has since been garbage-collected. This is OK as
789 * long as there is a corresponding loose reference that
790 * overrides it, and we don't want to emit an error message in
791 * this case. So ask the packed_ref_store for all of its
792 * references, and (if needed) do our own check for broken
793 * ones in files_ref_iterator_advance(), after we have merged
794 * the packed and loose references.
795 */
796 packed_iter = refs_ref_iterator_begin(
797 refs->packed_ref_store, prefix, 0,
798 DO_FOR_EACH_INCLUDE_BROKEN);
799
800 iter->iter0 = overlay_ref_iterator_begin(loose_iter, packed_iter);
801 iter->flags = flags;
802
803 return ref_iterator;
804 }
805
806 /*
807 * Verify that the reference locked by lock has the value old_sha1.
808 * Fail if the reference doesn't exist and mustexist is set. Return 0
809 * on success. On error, write an error message to err, set errno, and
810 * return a negative value.
811 */
812 static int verify_lock(struct ref_store *ref_store, struct ref_lock *lock,
813 const unsigned char *old_sha1, int mustexist,
814 struct strbuf *err)
815 {
816 assert(err);
817
818 if (refs_read_ref_full(ref_store, lock->ref_name,
819 mustexist ? RESOLVE_REF_READING : 0,
820 lock->old_oid.hash, NULL)) {
821 if (old_sha1) {
822 int save_errno = errno;
823 strbuf_addf(err, "can't verify ref '%s'", lock->ref_name);
824 errno = save_errno;
825 return -1;
826 } else {
827 oidclr(&lock->old_oid);
828 return 0;
829 }
830 }
831 if (old_sha1 && hashcmp(lock->old_oid.hash, old_sha1)) {
832 strbuf_addf(err, "ref '%s' is at %s but expected %s",
833 lock->ref_name,
834 oid_to_hex(&lock->old_oid),
835 sha1_to_hex(old_sha1));
836 errno = EBUSY;
837 return -1;
838 }
839 return 0;
840 }
841
842 static int remove_empty_directories(struct strbuf *path)
843 {
844 /*
845 * we want to create a file but there is a directory there;
846 * if that is an empty directory (or a directory that contains
847 * only empty directories), remove them.
848 */
849 return remove_dir_recursively(path, REMOVE_DIR_EMPTY_ONLY);
850 }
851
852 static int create_reflock(const char *path, void *cb)
853 {
854 struct lock_file *lk = cb;
855
856 return hold_lock_file_for_update_timeout(
857 lk, path, LOCK_NO_DEREF,
858 get_files_ref_lock_timeout_ms()) < 0 ? -1 : 0;
859 }
860
861 /*
862 * Locks a ref returning the lock on success and NULL on failure.
863 * On failure errno is set to something meaningful.
864 */
865 static struct ref_lock *lock_ref_sha1_basic(struct files_ref_store *refs,
866 const char *refname,
867 const unsigned char *old_sha1,
868 const struct string_list *extras,
869 const struct string_list *skip,
870 unsigned int flags, int *type,
871 struct strbuf *err)
872 {
873 struct strbuf ref_file = STRBUF_INIT;
874 struct ref_lock *lock;
875 int last_errno = 0;
876 int mustexist = (old_sha1 && !is_null_sha1(old_sha1));
877 int resolve_flags = RESOLVE_REF_NO_RECURSE;
878 int resolved;
879
880 files_assert_main_repository(refs, "lock_ref_sha1_basic");
881 assert(err);
882
883 lock = xcalloc(1, sizeof(struct ref_lock));
884
885 if (mustexist)
886 resolve_flags |= RESOLVE_REF_READING;
887 if (flags & REF_DELETING)
888 resolve_flags |= RESOLVE_REF_ALLOW_BAD_NAME;
889
890 files_ref_path(refs, &ref_file, refname);
891 resolved = !!refs_resolve_ref_unsafe(&refs->base,
892 refname, resolve_flags,
893 lock->old_oid.hash, type);
894 if (!resolved && errno == EISDIR) {
895 /*
896 * we are trying to lock foo but we used to
897 * have foo/bar which now does not exist;
898 * it is normal for the empty directory 'foo'
899 * to remain.
900 */
901 if (remove_empty_directories(&ref_file)) {
902 last_errno = errno;
903 if (!refs_verify_refname_available(
904 &refs->base,
905 refname, extras, skip, err))
906 strbuf_addf(err, "there are still refs under '%s'",
907 refname);
908 goto error_return;
909 }
910 resolved = !!refs_resolve_ref_unsafe(&refs->base,
911 refname, resolve_flags,
912 lock->old_oid.hash, type);
913 }
914 if (!resolved) {
915 last_errno = errno;
916 if (last_errno != ENOTDIR ||
917 !refs_verify_refname_available(&refs->base, refname,
918 extras, skip, err))
919 strbuf_addf(err, "unable to resolve reference '%s': %s",
920 refname, strerror(last_errno));
921
922 goto error_return;
923 }
924
925 /*
926 * If the ref did not exist and we are creating it, make sure
927 * there is no existing packed ref whose name begins with our
928 * refname, nor a packed ref whose name is a proper prefix of
929 * our refname.
930 */
931 if (is_null_oid(&lock->old_oid) &&
932 refs_verify_refname_available(refs->packed_ref_store, refname,
933 extras, skip, err)) {
934 last_errno = ENOTDIR;
935 goto error_return;
936 }
937
938 lock->ref_name = xstrdup(refname);
939
940 if (raceproof_create_file(ref_file.buf, create_reflock, &lock->lk)) {
941 last_errno = errno;
942 unable_to_lock_message(ref_file.buf, errno, err);
943 goto error_return;
944 }
945
946 if (verify_lock(&refs->base, lock, old_sha1, mustexist, err)) {
947 last_errno = errno;
948 goto error_return;
949 }
950 goto out;
951
952 error_return:
953 unlock_ref(lock);
954 lock = NULL;
955
956 out:
957 strbuf_release(&ref_file);
958 errno = last_errno;
959 return lock;
960 }
961
962 struct ref_to_prune {
963 struct ref_to_prune *next;
964 unsigned char sha1[20];
965 char name[FLEX_ARRAY];
966 };
967
968 enum {
969 REMOVE_EMPTY_PARENTS_REF = 0x01,
970 REMOVE_EMPTY_PARENTS_REFLOG = 0x02
971 };
972
973 /*
974 * Remove empty parent directories associated with the specified
975 * reference and/or its reflog, but spare [logs/]refs/ and immediate
976 * subdirs. flags is a combination of REMOVE_EMPTY_PARENTS_REF and/or
977 * REMOVE_EMPTY_PARENTS_REFLOG.
978 */
979 static void try_remove_empty_parents(struct files_ref_store *refs,
980 const char *refname,
981 unsigned int flags)
982 {
983 struct strbuf buf = STRBUF_INIT;
984 struct strbuf sb = STRBUF_INIT;
985 char *p, *q;
986 int i;
987
988 strbuf_addstr(&buf, refname);
989 p = buf.buf;
990 for (i = 0; i < 2; i++) { /* refs/{heads,tags,...}/ */
991 while (*p && *p != '/')
992 p++;
993 /* tolerate duplicate slashes; see check_refname_format() */
994 while (*p == '/')
995 p++;
996 }
997 q = buf.buf + buf.len;
998 while (flags & (REMOVE_EMPTY_PARENTS_REF | REMOVE_EMPTY_PARENTS_REFLOG)) {
999 while (q > p && *q != '/')
1000 q--;
1001 while (q > p && *(q-1) == '/')
1002 q--;
1003 if (q == p)
1004 break;
1005 strbuf_setlen(&buf, q - buf.buf);
1006
1007 strbuf_reset(&sb);
1008 files_ref_path(refs, &sb, buf.buf);
1009 if ((flags & REMOVE_EMPTY_PARENTS_REF) && rmdir(sb.buf))
1010 flags &= ~REMOVE_EMPTY_PARENTS_REF;
1011
1012 strbuf_reset(&sb);
1013 files_reflog_path(refs, &sb, buf.buf);
1014 if ((flags & REMOVE_EMPTY_PARENTS_REFLOG) && rmdir(sb.buf))
1015 flags &= ~REMOVE_EMPTY_PARENTS_REFLOG;
1016 }
1017 strbuf_release(&buf);
1018 strbuf_release(&sb);
1019 }
1020
1021 /* make sure nobody touched the ref, and unlink */
1022 static void prune_ref(struct files_ref_store *refs, struct ref_to_prune *r)
1023 {
1024 struct ref_transaction *transaction;
1025 struct strbuf err = STRBUF_INIT;
1026
1027 if (check_refname_format(r->name, 0))
1028 return;
1029
1030 transaction = ref_store_transaction_begin(&refs->base, &err);
1031 if (!transaction ||
1032 ref_transaction_delete(transaction, r->name, r->sha1,
1033 REF_ISPRUNING | REF_NODEREF, NULL, &err) ||
1034 ref_transaction_commit(transaction, &err)) {
1035 ref_transaction_free(transaction);
1036 error("%s", err.buf);
1037 strbuf_release(&err);
1038 return;
1039 }
1040 ref_transaction_free(transaction);
1041 strbuf_release(&err);
1042 }
1043
1044 /*
1045 * Prune the loose versions of the references in the linked list
1046 * `*refs_to_prune`, freeing the entries in the list as we go.
1047 */
1048 static void prune_refs(struct files_ref_store *refs, struct ref_to_prune **refs_to_prune)
1049 {
1050 while (*refs_to_prune) {
1051 struct ref_to_prune *r = *refs_to_prune;
1052 *refs_to_prune = r->next;
1053 prune_ref(refs, r);
1054 free(r);
1055 }
1056 }
1057
1058 /*
1059 * Return true if the specified reference should be packed.
1060 */
1061 static int should_pack_ref(const char *refname,
1062 const struct object_id *oid, unsigned int ref_flags,
1063 unsigned int pack_flags)
1064 {
1065 /* Do not pack per-worktree refs: */
1066 if (ref_type(refname) != REF_TYPE_NORMAL)
1067 return 0;
1068
1069 /* Do not pack non-tags unless PACK_REFS_ALL is set: */
1070 if (!(pack_flags & PACK_REFS_ALL) && !starts_with(refname, "refs/tags/"))
1071 return 0;
1072
1073 /* Do not pack symbolic refs: */
1074 if (ref_flags & REF_ISSYMREF)
1075 return 0;
1076
1077 /* Do not pack broken refs: */
1078 if (!ref_resolves_to_object(refname, oid, ref_flags))
1079 return 0;
1080
1081 return 1;
1082 }
1083
1084 static int files_pack_refs(struct ref_store *ref_store, unsigned int flags)
1085 {
1086 struct files_ref_store *refs =
1087 files_downcast(ref_store, REF_STORE_WRITE | REF_STORE_ODB,
1088 "pack_refs");
1089 struct ref_iterator *iter;
1090 int ok;
1091 struct ref_to_prune *refs_to_prune = NULL;
1092 struct strbuf err = STRBUF_INIT;
1093 struct ref_transaction *transaction;
1094
1095 transaction = ref_store_transaction_begin(refs->packed_ref_store, &err);
1096 if (!transaction)
1097 return -1;
1098
1099 packed_refs_lock(refs->packed_ref_store, LOCK_DIE_ON_ERROR, &err);
1100
1101 iter = cache_ref_iterator_begin(get_loose_ref_cache(refs), NULL, 0);
1102 while ((ok = ref_iterator_advance(iter)) == ITER_OK) {
1103 /*
1104 * If the loose reference can be packed, add an entry
1105 * in the packed ref cache. If the reference should be
1106 * pruned, also add it to refs_to_prune.
1107 */
1108 if (!should_pack_ref(iter->refname, iter->oid, iter->flags,
1109 flags))
1110 continue;
1111
1112 /*
1113 * Add a reference creation for this reference to the
1114 * packed-refs transaction:
1115 */
1116 if (ref_transaction_update(transaction, iter->refname,
1117 iter->oid->hash, NULL,
1118 REF_NODEREF, NULL, &err))
1119 die("failure preparing to create packed reference %s: %s",
1120 iter->refname, err.buf);
1121
1122 /* Schedule the loose reference for pruning if requested. */
1123 if ((flags & PACK_REFS_PRUNE)) {
1124 struct ref_to_prune *n;
1125 FLEX_ALLOC_STR(n, name, iter->refname);
1126 hashcpy(n->sha1, iter->oid->hash);
1127 n->next = refs_to_prune;
1128 refs_to_prune = n;
1129 }
1130 }
1131 if (ok != ITER_DONE)
1132 die("error while iterating over references");
1133
1134 if (ref_transaction_commit(transaction, &err))
1135 die("unable to write new packed-refs: %s", err.buf);
1136
1137 ref_transaction_free(transaction);
1138
1139 packed_refs_unlock(refs->packed_ref_store);
1140
1141 prune_refs(refs, &refs_to_prune);
1142 strbuf_release(&err);
1143 return 0;
1144 }
1145
1146 static int files_delete_refs(struct ref_store *ref_store, const char *msg,
1147 struct string_list *refnames, unsigned int flags)
1148 {
1149 struct files_ref_store *refs =
1150 files_downcast(ref_store, REF_STORE_WRITE, "delete_refs");
1151 struct strbuf err = STRBUF_INIT;
1152 int i, result = 0;
1153
1154 if (!refnames->nr)
1155 return 0;
1156
1157 if (packed_refs_lock(refs->packed_ref_store, 0, &err))
1158 goto error;
1159
1160 if (refs_delete_refs(refs->packed_ref_store, msg, refnames, flags)) {
1161 packed_refs_unlock(refs->packed_ref_store);
1162 goto error;
1163 }
1164
1165 packed_refs_unlock(refs->packed_ref_store);
1166
1167 for (i = 0; i < refnames->nr; i++) {
1168 const char *refname = refnames->items[i].string;
1169
1170 if (refs_delete_ref(&refs->base, msg, refname, NULL, flags))
1171 result |= error(_("could not remove reference %s"), refname);
1172 }
1173
1174 strbuf_release(&err);
1175 return result;
1176
1177 error:
1178 /*
1179 * If we failed to rewrite the packed-refs file, then it is
1180 * unsafe to try to remove loose refs, because doing so might
1181 * expose an obsolete packed value for a reference that might
1182 * even point at an object that has been garbage collected.
1183 */
1184 if (refnames->nr == 1)
1185 error(_("could not delete reference %s: %s"),
1186 refnames->items[0].string, err.buf);
1187 else
1188 error(_("could not delete references: %s"), err.buf);
1189
1190 strbuf_release(&err);
1191 return -1;
1192 }
1193
1194 /*
1195 * People using contrib's git-new-workdir have .git/logs/refs ->
1196 * /some/other/path/.git/logs/refs, and that may live on another device.
1197 *
1198 * IOW, to avoid cross device rename errors, the temporary renamed log must
1199 * live into logs/refs.
1200 */
1201 #define TMP_RENAMED_LOG "refs/.tmp-renamed-log"
1202
1203 struct rename_cb {
1204 const char *tmp_renamed_log;
1205 int true_errno;
1206 };
1207
1208 static int rename_tmp_log_callback(const char *path, void *cb_data)
1209 {
1210 struct rename_cb *cb = cb_data;
1211
1212 if (rename(cb->tmp_renamed_log, path)) {
1213 /*
1214 * rename(a, b) when b is an existing directory ought
1215 * to result in ISDIR, but Solaris 5.8 gives ENOTDIR.
1216 * Sheesh. Record the true errno for error reporting,
1217 * but report EISDIR to raceproof_create_file() so
1218 * that it knows to retry.
1219 */
1220 cb->true_errno = errno;
1221 if (errno == ENOTDIR)
1222 errno = EISDIR;
1223 return -1;
1224 } else {
1225 return 0;
1226 }
1227 }
1228
1229 static int rename_tmp_log(struct files_ref_store *refs, const char *newrefname)
1230 {
1231 struct strbuf path = STRBUF_INIT;
1232 struct strbuf tmp = STRBUF_INIT;
1233 struct rename_cb cb;
1234 int ret;
1235
1236 files_reflog_path(refs, &path, newrefname);
1237 files_reflog_path(refs, &tmp, TMP_RENAMED_LOG);
1238 cb.tmp_renamed_log = tmp.buf;
1239 ret = raceproof_create_file(path.buf, rename_tmp_log_callback, &cb);
1240 if (ret) {
1241 if (errno == EISDIR)
1242 error("directory not empty: %s", path.buf);
1243 else
1244 error("unable to move logfile %s to %s: %s",
1245 tmp.buf, path.buf,
1246 strerror(cb.true_errno));
1247 }
1248
1249 strbuf_release(&path);
1250 strbuf_release(&tmp);
1251 return ret;
1252 }
1253
1254 static int write_ref_to_lockfile(struct ref_lock *lock,
1255 const struct object_id *oid, struct strbuf *err);
1256 static int commit_ref_update(struct files_ref_store *refs,
1257 struct ref_lock *lock,
1258 const struct object_id *oid, const char *logmsg,
1259 struct strbuf *err);
1260
1261 static int files_rename_ref(struct ref_store *ref_store,
1262 const char *oldrefname, const char *newrefname,
1263 const char *logmsg)
1264 {
1265 struct files_ref_store *refs =
1266 files_downcast(ref_store, REF_STORE_WRITE, "rename_ref");
1267 struct object_id oid, orig_oid;
1268 int flag = 0, logmoved = 0;
1269 struct ref_lock *lock;
1270 struct stat loginfo;
1271 struct strbuf sb_oldref = STRBUF_INIT;
1272 struct strbuf sb_newref = STRBUF_INIT;
1273 struct strbuf tmp_renamed_log = STRBUF_INIT;
1274 int log, ret;
1275 struct strbuf err = STRBUF_INIT;
1276
1277 files_reflog_path(refs, &sb_oldref, oldrefname);
1278 files_reflog_path(refs, &sb_newref, newrefname);
1279 files_reflog_path(refs, &tmp_renamed_log, TMP_RENAMED_LOG);
1280
1281 log = !lstat(sb_oldref.buf, &loginfo);
1282 if (log && S_ISLNK(loginfo.st_mode)) {
1283 ret = error("reflog for %s is a symlink", oldrefname);
1284 goto out;
1285 }
1286
1287 if (!refs_resolve_ref_unsafe(&refs->base, oldrefname,
1288 RESOLVE_REF_READING | RESOLVE_REF_NO_RECURSE,
1289 orig_oid.hash, &flag)) {
1290 ret = error("refname %s not found", oldrefname);
1291 goto out;
1292 }
1293
1294 if (flag & REF_ISSYMREF) {
1295 ret = error("refname %s is a symbolic ref, renaming it is not supported",
1296 oldrefname);
1297 goto out;
1298 }
1299 if (!refs_rename_ref_available(&refs->base, oldrefname, newrefname)) {
1300 ret = 1;
1301 goto out;
1302 }
1303
1304 if (log && rename(sb_oldref.buf, tmp_renamed_log.buf)) {
1305 ret = error("unable to move logfile logs/%s to logs/"TMP_RENAMED_LOG": %s",
1306 oldrefname, strerror(errno));
1307 goto out;
1308 }
1309
1310 if (refs_delete_ref(&refs->base, logmsg, oldrefname,
1311 orig_oid.hash, REF_NODEREF)) {
1312 error("unable to delete old %s", oldrefname);
1313 goto rollback;
1314 }
1315
1316 /*
1317 * Since we are doing a shallow lookup, oid is not the
1318 * correct value to pass to delete_ref as old_oid. But that
1319 * doesn't matter, because an old_oid check wouldn't add to
1320 * the safety anyway; we want to delete the reference whatever
1321 * its current value.
1322 */
1323 if (!refs_read_ref_full(&refs->base, newrefname,
1324 RESOLVE_REF_READING | RESOLVE_REF_NO_RECURSE,
1325 oid.hash, NULL) &&
1326 refs_delete_ref(&refs->base, NULL, newrefname,
1327 NULL, REF_NODEREF)) {
1328 if (errno == EISDIR) {
1329 struct strbuf path = STRBUF_INIT;
1330 int result;
1331
1332 files_ref_path(refs, &path, newrefname);
1333 result = remove_empty_directories(&path);
1334 strbuf_release(&path);
1335
1336 if (result) {
1337 error("Directory not empty: %s", newrefname);
1338 goto rollback;
1339 }
1340 } else {
1341 error("unable to delete existing %s", newrefname);
1342 goto rollback;
1343 }
1344 }
1345
1346 if (log && rename_tmp_log(refs, newrefname))
1347 goto rollback;
1348
1349 logmoved = log;
1350
1351 lock = lock_ref_sha1_basic(refs, newrefname, NULL, NULL, NULL,
1352 REF_NODEREF, NULL, &err);
1353 if (!lock) {
1354 error("unable to rename '%s' to '%s': %s", oldrefname, newrefname, err.buf);
1355 strbuf_release(&err);
1356 goto rollback;
1357 }
1358 oidcpy(&lock->old_oid, &orig_oid);
1359
1360 if (write_ref_to_lockfile(lock, &orig_oid, &err) ||
1361 commit_ref_update(refs, lock, &orig_oid, logmsg, &err)) {
1362 error("unable to write current sha1 into %s: %s", newrefname, err.buf);
1363 strbuf_release(&err);
1364 goto rollback;
1365 }
1366
1367 ret = 0;
1368 goto out;
1369
1370 rollback:
1371 lock = lock_ref_sha1_basic(refs, oldrefname, NULL, NULL, NULL,
1372 REF_NODEREF, NULL, &err);
1373 if (!lock) {
1374 error("unable to lock %s for rollback: %s", oldrefname, err.buf);
1375 strbuf_release(&err);
1376 goto rollbacklog;
1377 }
1378
1379 flag = log_all_ref_updates;
1380 log_all_ref_updates = LOG_REFS_NONE;
1381 if (write_ref_to_lockfile(lock, &orig_oid, &err) ||
1382 commit_ref_update(refs, lock, &orig_oid, NULL, &err)) {
1383 error("unable to write current sha1 into %s: %s", oldrefname, err.buf);
1384 strbuf_release(&err);
1385 }
1386 log_all_ref_updates = flag;
1387
1388 rollbacklog:
1389 if (logmoved && rename(sb_newref.buf, sb_oldref.buf))
1390 error("unable to restore logfile %s from %s: %s",
1391 oldrefname, newrefname, strerror(errno));
1392 if (!logmoved && log &&
1393 rename(tmp_renamed_log.buf, sb_oldref.buf))
1394 error("unable to restore logfile %s from logs/"TMP_RENAMED_LOG": %s",
1395 oldrefname, strerror(errno));
1396 ret = 1;
1397 out:
1398 strbuf_release(&sb_newref);
1399 strbuf_release(&sb_oldref);
1400 strbuf_release(&tmp_renamed_log);
1401
1402 return ret;
1403 }
1404
1405 static int close_ref_gently(struct ref_lock *lock)
1406 {
1407 if (close_lock_file_gently(&lock->lk))
1408 return -1;
1409 return 0;
1410 }
1411
1412 static int commit_ref(struct ref_lock *lock)
1413 {
1414 char *path = get_locked_file_path(&lock->lk);
1415 struct stat st;
1416
1417 if (!lstat(path, &st) && S_ISDIR(st.st_mode)) {
1418 /*
1419 * There is a directory at the path we want to rename
1420 * the lockfile to. Hopefully it is empty; try to
1421 * delete it.
1422 */
1423 size_t len = strlen(path);
1424 struct strbuf sb_path = STRBUF_INIT;
1425
1426 strbuf_attach(&sb_path, path, len, len);
1427
1428 /*
1429 * If this fails, commit_lock_file() will also fail
1430 * and will report the problem.
1431 */
1432 remove_empty_directories(&sb_path);
1433 strbuf_release(&sb_path);
1434 } else {
1435 free(path);
1436 }
1437
1438 if (commit_lock_file(&lock->lk))
1439 return -1;
1440 return 0;
1441 }
1442
1443 static int open_or_create_logfile(const char *path, void *cb)
1444 {
1445 int *fd = cb;
1446
1447 *fd = open(path, O_APPEND | O_WRONLY | O_CREAT, 0666);
1448 return (*fd < 0) ? -1 : 0;
1449 }
1450
1451 /*
1452 * Create a reflog for a ref. If force_create = 0, only create the
1453 * reflog for certain refs (those for which should_autocreate_reflog
1454 * returns non-zero). Otherwise, create it regardless of the reference
1455 * name. If the logfile already existed or was created, return 0 and
1456 * set *logfd to the file descriptor opened for appending to the file.
1457 * If no logfile exists and we decided not to create one, return 0 and
1458 * set *logfd to -1. On failure, fill in *err, set *logfd to -1, and
1459 * return -1.
1460 */
1461 static int log_ref_setup(struct files_ref_store *refs,
1462 const char *refname, int force_create,
1463 int *logfd, struct strbuf *err)
1464 {
1465 struct strbuf logfile_sb = STRBUF_INIT;
1466 char *logfile;
1467
1468 files_reflog_path(refs, &logfile_sb, refname);
1469 logfile = strbuf_detach(&logfile_sb, NULL);
1470
1471 if (force_create || should_autocreate_reflog(refname)) {
1472 if (raceproof_create_file(logfile, open_or_create_logfile, logfd)) {
1473 if (errno == ENOENT)
1474 strbuf_addf(err, "unable to create directory for '%s': "
1475 "%s", logfile, strerror(errno));
1476 else if (errno == EISDIR)
1477 strbuf_addf(err, "there are still logs under '%s'",
1478 logfile);
1479 else
1480 strbuf_addf(err, "unable to append to '%s': %s",
1481 logfile, strerror(errno));
1482
1483 goto error;
1484 }
1485 } else {
1486 *logfd = open(logfile, O_APPEND | O_WRONLY, 0666);
1487 if (*logfd < 0) {
1488 if (errno == ENOENT || errno == EISDIR) {
1489 /*
1490 * The logfile doesn't already exist,
1491 * but that is not an error; it only
1492 * means that we won't write log
1493 * entries to it.
1494 */
1495 ;
1496 } else {
1497 strbuf_addf(err, "unable to append to '%s': %s",
1498 logfile, strerror(errno));
1499 goto error;
1500 }
1501 }
1502 }
1503
1504 if (*logfd >= 0)
1505 adjust_shared_perm(logfile);
1506
1507 free(logfile);
1508 return 0;
1509
1510 error:
1511 free(logfile);
1512 return -1;
1513 }
1514
1515 static int files_create_reflog(struct ref_store *ref_store,
1516 const char *refname, int force_create,
1517 struct strbuf *err)
1518 {
1519 struct files_ref_store *refs =
1520 files_downcast(ref_store, REF_STORE_WRITE, "create_reflog");
1521 int fd;
1522
1523 if (log_ref_setup(refs, refname, force_create, &fd, err))
1524 return -1;
1525
1526 if (fd >= 0)
1527 close(fd);
1528
1529 return 0;
1530 }
1531
1532 static int log_ref_write_fd(int fd, const struct object_id *old_oid,
1533 const struct object_id *new_oid,
1534 const char *committer, const char *msg)
1535 {
1536 int msglen, written;
1537 unsigned maxlen, len;
1538 char *logrec;
1539
1540 msglen = msg ? strlen(msg) : 0;
1541 maxlen = strlen(committer) + msglen + 100;
1542 logrec = xmalloc(maxlen);
1543 len = xsnprintf(logrec, maxlen, "%s %s %s\n",
1544 oid_to_hex(old_oid),
1545 oid_to_hex(new_oid),
1546 committer);
1547 if (msglen)
1548 len += copy_reflog_msg(logrec + len - 1, msg) - 1;
1549
1550 written = len <= maxlen ? write_in_full(fd, logrec, len) : -1;
1551 free(logrec);
1552 if (written != len)
1553 return -1;
1554
1555 return 0;
1556 }
1557
1558 static int files_log_ref_write(struct files_ref_store *refs,
1559 const char *refname, const struct object_id *old_oid,
1560 const struct object_id *new_oid, const char *msg,
1561 int flags, struct strbuf *err)
1562 {
1563 int logfd, result;
1564
1565 if (log_all_ref_updates == LOG_REFS_UNSET)
1566 log_all_ref_updates = is_bare_repository() ? LOG_REFS_NONE : LOG_REFS_NORMAL;
1567
1568 result = log_ref_setup(refs, refname,
1569 flags & REF_FORCE_CREATE_REFLOG,
1570 &logfd, err);
1571
1572 if (result)
1573 return result;
1574
1575 if (logfd < 0)
1576 return 0;
1577 result = log_ref_write_fd(logfd, old_oid, new_oid,
1578 git_committer_info(0), msg);
1579 if (result) {
1580 struct strbuf sb = STRBUF_INIT;
1581 int save_errno = errno;
1582
1583 files_reflog_path(refs, &sb, refname);
1584 strbuf_addf(err, "unable to append to '%s': %s",
1585 sb.buf, strerror(save_errno));
1586 strbuf_release(&sb);
1587 close(logfd);
1588 return -1;
1589 }
1590 if (close(logfd)) {
1591 struct strbuf sb = STRBUF_INIT;
1592 int save_errno = errno;
1593
1594 files_reflog_path(refs, &sb, refname);
1595 strbuf_addf(err, "unable to append to '%s': %s",
1596 sb.buf, strerror(save_errno));
1597 strbuf_release(&sb);
1598 return -1;
1599 }
1600 return 0;
1601 }
1602
1603 /*
1604 * Write sha1 into the open lockfile, then close the lockfile. On
1605 * errors, rollback the lockfile, fill in *err and
1606 * return -1.
1607 */
1608 static int write_ref_to_lockfile(struct ref_lock *lock,
1609 const struct object_id *oid, struct strbuf *err)
1610 {
1611 static char term = '\n';
1612 struct object *o;
1613 int fd;
1614
1615 o = parse_object(oid);
1616 if (!o) {
1617 strbuf_addf(err,
1618 "trying to write ref '%s' with nonexistent object %s",
1619 lock->ref_name, oid_to_hex(oid));
1620 unlock_ref(lock);
1621 return -1;
1622 }
1623 if (o->type != OBJ_COMMIT && is_branch(lock->ref_name)) {
1624 strbuf_addf(err,
1625 "trying to write non-commit object %s to branch '%s'",
1626 oid_to_hex(oid), lock->ref_name);
1627 unlock_ref(lock);
1628 return -1;
1629 }
1630 fd = get_lock_file_fd(&lock->lk);
1631 if (write_in_full(fd, oid_to_hex(oid), GIT_SHA1_HEXSZ) != GIT_SHA1_HEXSZ ||
1632 write_in_full(fd, &term, 1) != 1 ||
1633 close_ref_gently(lock) < 0) {
1634 strbuf_addf(err,
1635 "couldn't write '%s'", get_lock_file_path(&lock->lk));
1636 unlock_ref(lock);
1637 return -1;
1638 }
1639 return 0;
1640 }
1641
1642 /*
1643 * Commit a change to a loose reference that has already been written
1644 * to the loose reference lockfile. Also update the reflogs if
1645 * necessary, using the specified lockmsg (which can be NULL).
1646 */
1647 static int commit_ref_update(struct files_ref_store *refs,
1648 struct ref_lock *lock,
1649 const struct object_id *oid, const char *logmsg,
1650 struct strbuf *err)
1651 {
1652 files_assert_main_repository(refs, "commit_ref_update");
1653
1654 clear_loose_ref_cache(refs);
1655 if (files_log_ref_write(refs, lock->ref_name,
1656 &lock->old_oid, oid,
1657 logmsg, 0, err)) {
1658 char *old_msg = strbuf_detach(err, NULL);
1659 strbuf_addf(err, "cannot update the ref '%s': %s",
1660 lock->ref_name, old_msg);
1661 free(old_msg);
1662 unlock_ref(lock);
1663 return -1;
1664 }
1665
1666 if (strcmp(lock->ref_name, "HEAD") != 0) {
1667 /*
1668 * Special hack: If a branch is updated directly and HEAD
1669 * points to it (may happen on the remote side of a push
1670 * for example) then logically the HEAD reflog should be
1671 * updated too.
1672 * A generic solution implies reverse symref information,
1673 * but finding all symrefs pointing to the given branch
1674 * would be rather costly for this rare event (the direct
1675 * update of a branch) to be worth it. So let's cheat and
1676 * check with HEAD only which should cover 99% of all usage
1677 * scenarios (even 100% of the default ones).
1678 */
1679 struct object_id head_oid;
1680 int head_flag;
1681 const char *head_ref;
1682
1683 head_ref = refs_resolve_ref_unsafe(&refs->base, "HEAD",
1684 RESOLVE_REF_READING,
1685 head_oid.hash, &head_flag);
1686 if (head_ref && (head_flag & REF_ISSYMREF) &&
1687 !strcmp(head_ref, lock->ref_name)) {
1688 struct strbuf log_err = STRBUF_INIT;
1689 if (files_log_ref_write(refs, "HEAD",
1690 &lock->old_oid, oid,
1691 logmsg, 0, &log_err)) {
1692 error("%s", log_err.buf);
1693 strbuf_release(&log_err);
1694 }
1695 }
1696 }
1697
1698 if (commit_ref(lock)) {
1699 strbuf_addf(err, "couldn't set '%s'", lock->ref_name);
1700 unlock_ref(lock);
1701 return -1;
1702 }
1703
1704 unlock_ref(lock);
1705 return 0;
1706 }
1707
1708 static int create_ref_symlink(struct ref_lock *lock, const char *target)
1709 {
1710 int ret = -1;
1711 #ifndef NO_SYMLINK_HEAD
1712 char *ref_path = get_locked_file_path(&lock->lk);
1713 unlink(ref_path);
1714 ret = symlink(target, ref_path);
1715 free(ref_path);
1716
1717 if (ret)
1718 fprintf(stderr, "no symlink - falling back to symbolic ref\n");
1719 #endif
1720 return ret;
1721 }
1722
1723 static void update_symref_reflog(struct files_ref_store *refs,
1724 struct ref_lock *lock, const char *refname,
1725 const char *target, const char *logmsg)
1726 {
1727 struct strbuf err = STRBUF_INIT;
1728 struct object_id new_oid;
1729 if (logmsg &&
1730 !refs_read_ref_full(&refs->base, target,
1731 RESOLVE_REF_READING, new_oid.hash, NULL) &&
1732 files_log_ref_write(refs, refname, &lock->old_oid,
1733 &new_oid, logmsg, 0, &err)) {
1734 error("%s", err.buf);
1735 strbuf_release(&err);
1736 }
1737 }
1738
1739 static int create_symref_locked(struct files_ref_store *refs,
1740 struct ref_lock *lock, const char *refname,
1741 const char *target, const char *logmsg)
1742 {
1743 if (prefer_symlink_refs && !create_ref_symlink(lock, target)) {
1744 update_symref_reflog(refs, lock, refname, target, logmsg);
1745 return 0;
1746 }
1747
1748 if (!fdopen_lock_file(&lock->lk, "w"))
1749 return error("unable to fdopen %s: %s",
1750 lock->lk.tempfile->filename.buf, strerror(errno));
1751
1752 update_symref_reflog(refs, lock, refname, target, logmsg);
1753
1754 /* no error check; commit_ref will check ferror */
1755 fprintf(lock->lk.tempfile->fp, "ref: %s\n", target);
1756 if (commit_ref(lock) < 0)
1757 return error("unable to write symref for %s: %s", refname,
1758 strerror(errno));
1759 return 0;
1760 }
1761
1762 static int files_create_symref(struct ref_store *ref_store,
1763 const char *refname, const char *target,
1764 const char *logmsg)
1765 {
1766 struct files_ref_store *refs =
1767 files_downcast(ref_store, REF_STORE_WRITE, "create_symref");
1768 struct strbuf err = STRBUF_INIT;
1769 struct ref_lock *lock;
1770 int ret;
1771
1772 lock = lock_ref_sha1_basic(refs, refname, NULL,
1773 NULL, NULL, REF_NODEREF, NULL,
1774 &err);
1775 if (!lock) {
1776 error("%s", err.buf);
1777 strbuf_release(&err);
1778 return -1;
1779 }
1780
1781 ret = create_symref_locked(refs, lock, refname, target, logmsg);
1782 unlock_ref(lock);
1783 return ret;
1784 }
1785
1786 static int files_reflog_exists(struct ref_store *ref_store,
1787 const char *refname)
1788 {
1789 struct files_ref_store *refs =
1790 files_downcast(ref_store, REF_STORE_READ, "reflog_exists");
1791 struct strbuf sb = STRBUF_INIT;
1792 struct stat st;
1793 int ret;
1794
1795 files_reflog_path(refs, &sb, refname);
1796 ret = !lstat(sb.buf, &st) && S_ISREG(st.st_mode);
1797 strbuf_release(&sb);
1798 return ret;
1799 }
1800
1801 static int files_delete_reflog(struct ref_store *ref_store,
1802 const char *refname)
1803 {
1804 struct files_ref_store *refs =
1805 files_downcast(ref_store, REF_STORE_WRITE, "delete_reflog");
1806 struct strbuf sb = STRBUF_INIT;
1807 int ret;
1808
1809 files_reflog_path(refs, &sb, refname);
1810 ret = remove_path(sb.buf);
1811 strbuf_release(&sb);
1812 return ret;
1813 }
1814
1815 static int show_one_reflog_ent(struct strbuf *sb, each_reflog_ent_fn fn, void *cb_data)
1816 {
1817 struct object_id ooid, noid;
1818 char *email_end, *message;
1819 timestamp_t timestamp;
1820 int tz;
1821 const char *p = sb->buf;
1822
1823 /* old SP new SP name <email> SP time TAB msg LF */
1824 if (!sb->len || sb->buf[sb->len - 1] != '\n' ||
1825 parse_oid_hex(p, &ooid, &p) || *p++ != ' ' ||
1826 parse_oid_hex(p, &noid, &p) || *p++ != ' ' ||
1827 !(email_end = strchr(p, '>')) ||
1828 email_end[1] != ' ' ||
1829 !(timestamp = parse_timestamp(email_end + 2, &message, 10)) ||
1830 !message || message[0] != ' ' ||
1831 (message[1] != '+' && message[1] != '-') ||
1832 !isdigit(message[2]) || !isdigit(message[3]) ||
1833 !isdigit(message[4]) || !isdigit(message[5]))
1834 return 0; /* corrupt? */
1835 email_end[1] = '\0';
1836 tz = strtol(message + 1, NULL, 10);
1837 if (message[6] != '\t')
1838 message += 6;
1839 else
1840 message += 7;
1841 return fn(&ooid, &noid, p, timestamp, tz, message, cb_data);
1842 }
1843
1844 static char *find_beginning_of_line(char *bob, char *scan)
1845 {
1846 while (bob < scan && *(--scan) != '\n')
1847 ; /* keep scanning backwards */
1848 /*
1849 * Return either beginning of the buffer, or LF at the end of
1850 * the previous line.
1851 */
1852 return scan;
1853 }
1854
1855 static int files_for_each_reflog_ent_reverse(struct ref_store *ref_store,
1856 const char *refname,
1857 each_reflog_ent_fn fn,
1858 void *cb_data)
1859 {
1860 struct files_ref_store *refs =
1861 files_downcast(ref_store, REF_STORE_READ,
1862 "for_each_reflog_ent_reverse");
1863 struct strbuf sb = STRBUF_INIT;
1864 FILE *logfp;
1865 long pos;
1866 int ret = 0, at_tail = 1;
1867
1868 files_reflog_path(refs, &sb, refname);
1869 logfp = fopen(sb.buf, "r");
1870 strbuf_release(&sb);
1871 if (!logfp)
1872 return -1;
1873
1874 /* Jump to the end */
1875 if (fseek(logfp, 0, SEEK_END) < 0)
1876 ret = error("cannot seek back reflog for %s: %s",
1877 refname, strerror(errno));
1878 pos = ftell(logfp);
1879 while (!ret && 0 < pos) {
1880 int cnt;
1881 size_t nread;
1882 char buf[BUFSIZ];
1883 char *endp, *scanp;
1884
1885 /* Fill next block from the end */
1886 cnt = (sizeof(buf) < pos) ? sizeof(buf) : pos;
1887 if (fseek(logfp, pos - cnt, SEEK_SET)) {
1888 ret = error("cannot seek back reflog for %s: %s",
1889 refname, strerror(errno));
1890 break;
1891 }
1892 nread = fread(buf, cnt, 1, logfp);
1893 if (nread != 1) {
1894 ret = error("cannot read %d bytes from reflog for %s: %s",
1895 cnt, refname, strerror(errno));
1896 break;
1897 }
1898 pos -= cnt;
1899
1900 scanp = endp = buf + cnt;
1901 if (at_tail && scanp[-1] == '\n')
1902 /* Looking at the final LF at the end of the file */
1903 scanp--;
1904 at_tail = 0;
1905
1906 while (buf < scanp) {
1907 /*
1908 * terminating LF of the previous line, or the beginning
1909 * of the buffer.
1910 */
1911 char *bp;
1912
1913 bp = find_beginning_of_line(buf, scanp);
1914
1915 if (*bp == '\n') {
1916 /*
1917 * The newline is the end of the previous line,
1918 * so we know we have complete line starting
1919 * at (bp + 1). Prefix it onto any prior data
1920 * we collected for the line and process it.
1921 */
1922 strbuf_splice(&sb, 0, 0, bp + 1, endp - (bp + 1));
1923 scanp = bp;
1924 endp = bp + 1;
1925 ret = show_one_reflog_ent(&sb, fn, cb_data);
1926 strbuf_reset(&sb);
1927 if (ret)
1928 break;
1929 } else if (!pos) {
1930 /*
1931 * We are at the start of the buffer, and the
1932 * start of the file; there is no previous
1933 * line, and we have everything for this one.
1934 * Process it, and we can end the loop.
1935 */
1936 strbuf_splice(&sb, 0, 0, buf, endp - buf);
1937 ret = show_one_reflog_ent(&sb, fn, cb_data);
1938 strbuf_reset(&sb);
1939 break;
1940 }
1941
1942 if (bp == buf) {
1943 /*
1944 * We are at the start of the buffer, and there
1945 * is more file to read backwards. Which means
1946 * we are in the middle of a line. Note that we
1947 * may get here even if *bp was a newline; that
1948 * just means we are at the exact end of the
1949 * previous line, rather than some spot in the
1950 * middle.
1951 *
1952 * Save away what we have to be combined with
1953 * the data from the next read.
1954 */
1955 strbuf_splice(&sb, 0, 0, buf, endp - buf);
1956 break;
1957 }
1958 }
1959
1960 }
1961 if (!ret && sb.len)
1962 die("BUG: reverse reflog parser had leftover data");
1963
1964 fclose(logfp);
1965 strbuf_release(&sb);
1966 return ret;
1967 }
1968
1969 static int files_for_each_reflog_ent(struct ref_store *ref_store,
1970 const char *refname,
1971 each_reflog_ent_fn fn, void *cb_data)
1972 {
1973 struct files_ref_store *refs =
1974 files_downcast(ref_store, REF_STORE_READ,
1975 "for_each_reflog_ent");
1976 FILE *logfp;
1977 struct strbuf sb = STRBUF_INIT;
1978 int ret = 0;
1979
1980 files_reflog_path(refs, &sb, refname);
1981 logfp = fopen(sb.buf, "r");
1982 strbuf_release(&sb);
1983 if (!logfp)
1984 return -1;
1985
1986 while (!ret && !strbuf_getwholeline(&sb, logfp, '\n'))
1987 ret = show_one_reflog_ent(&sb, fn, cb_data);
1988 fclose(logfp);
1989 strbuf_release(&sb);
1990 return ret;
1991 }
1992
1993 struct files_reflog_iterator {
1994 struct ref_iterator base;
1995
1996 struct ref_store *ref_store;
1997 struct dir_iterator *dir_iterator;
1998 struct object_id oid;
1999 };
2000
2001 static int files_reflog_iterator_advance(struct ref_iterator *ref_iterator)
2002 {
2003 struct files_reflog_iterator *iter =
2004 (struct files_reflog_iterator *)ref_iterator;
2005 struct dir_iterator *diter = iter->dir_iterator;
2006 int ok;
2007
2008 while ((ok = dir_iterator_advance(diter)) == ITER_OK) {
2009 int flags;
2010
2011 if (!S_ISREG(diter->st.st_mode))
2012 continue;
2013 if (diter->basename[0] == '.')
2014 continue;
2015 if (ends_with(diter->basename, ".lock"))
2016 continue;
2017
2018 if (refs_read_ref_full(iter->ref_store,
2019 diter->relative_path, 0,
2020 iter->oid.hash, &flags)) {
2021 error("bad ref for %s", diter->path.buf);
2022 continue;
2023 }
2024
2025 iter->base.refname = diter->relative_path;
2026 iter->base.oid = &iter->oid;
2027 iter->base.flags = flags;
2028 return ITER_OK;
2029 }
2030
2031 iter->dir_iterator = NULL;
2032 if (ref_iterator_abort(ref_iterator) == ITER_ERROR)
2033 ok = ITER_ERROR;
2034 return ok;
2035 }
2036
2037 static int files_reflog_iterator_peel(struct ref_iterator *ref_iterator,
2038 struct object_id *peeled)
2039 {
2040 die("BUG: ref_iterator_peel() called for reflog_iterator");
2041 }
2042
2043 static int files_reflog_iterator_abort(struct ref_iterator *ref_iterator)
2044 {
2045 struct files_reflog_iterator *iter =
2046 (struct files_reflog_iterator *)ref_iterator;
2047 int ok = ITER_DONE;
2048
2049 if (iter->dir_iterator)
2050 ok = dir_iterator_abort(iter->dir_iterator);
2051
2052 base_ref_iterator_free(ref_iterator);
2053 return ok;
2054 }
2055
2056 static struct ref_iterator_vtable files_reflog_iterator_vtable = {
2057 files_reflog_iterator_advance,
2058 files_reflog_iterator_peel,
2059 files_reflog_iterator_abort
2060 };
2061
2062 static struct ref_iterator *reflog_iterator_begin(struct ref_store *ref_store,
2063 const char *gitdir)
2064 {
2065 struct files_reflog_iterator *iter = xcalloc(1, sizeof(*iter));
2066 struct ref_iterator *ref_iterator = &iter->base;
2067 struct strbuf sb = STRBUF_INIT;
2068
2069 base_ref_iterator_init(ref_iterator, &files_reflog_iterator_vtable);
2070 strbuf_addf(&sb, "%s/logs", gitdir);
2071 iter->dir_iterator = dir_iterator_begin(sb.buf);
2072 iter->ref_store = ref_store;
2073 strbuf_release(&sb);
2074
2075 return ref_iterator;
2076 }
2077
2078 static enum iterator_selection reflog_iterator_select(
2079 struct ref_iterator *iter_worktree,
2080 struct ref_iterator *iter_common,
2081 void *cb_data)
2082 {
2083 if (iter_worktree) {
2084 /*
2085 * We're a bit loose here. We probably should ignore
2086 * common refs if they are accidentally added as
2087 * per-worktree refs.
2088 */
2089 return ITER_SELECT_0;
2090 } else if (iter_common) {
2091 if (ref_type(iter_common->refname) == REF_TYPE_NORMAL)
2092 return ITER_SELECT_1;
2093
2094 /*
2095 * The main ref store may contain main worktree's
2096 * per-worktree refs, which should be ignored
2097 */
2098 return ITER_SKIP_1;
2099 } else
2100 return ITER_DONE;
2101 }
2102
2103 static struct ref_iterator *files_reflog_iterator_begin(struct ref_store *ref_store)
2104 {
2105 struct files_ref_store *refs =
2106 files_downcast(ref_store, REF_STORE_READ,
2107 "reflog_iterator_begin");
2108
2109 if (!strcmp(refs->gitdir, refs->gitcommondir)) {
2110 return reflog_iterator_begin(ref_store, refs->gitcommondir);
2111 } else {
2112 return merge_ref_iterator_begin(
2113 reflog_iterator_begin(ref_store, refs->gitdir),
2114 reflog_iterator_begin(ref_store, refs->gitcommondir),
2115 reflog_iterator_select, refs);
2116 }
2117 }
2118
2119 /*
2120 * If update is a direct update of head_ref (the reference pointed to
2121 * by HEAD), then add an extra REF_LOG_ONLY update for HEAD.
2122 */
2123 static int split_head_update(struct ref_update *update,
2124 struct ref_transaction *transaction,
2125 const char *head_ref,
2126 struct string_list *affected_refnames,
2127 struct strbuf *err)
2128 {
2129 struct string_list_item *item;
2130 struct ref_update *new_update;
2131
2132 if ((update->flags & REF_LOG_ONLY) ||
2133 (update->flags & REF_ISPRUNING) ||
2134 (update->flags & REF_UPDATE_VIA_HEAD))
2135 return 0;
2136
2137 if (strcmp(update->refname, head_ref))
2138 return 0;
2139
2140 /*
2141 * First make sure that HEAD is not already in the
2142 * transaction. This check is O(lg N) in the transaction
2143 * size, but it happens at most once per transaction.
2144 */
2145 if (string_list_has_string(affected_refnames, "HEAD")) {
2146 /* An entry already existed */
2147 strbuf_addf(err,
2148 "multiple updates for 'HEAD' (including one "
2149 "via its referent '%s') are not allowed",
2150 update->refname);
2151 return TRANSACTION_NAME_CONFLICT;
2152 }
2153
2154 new_update = ref_transaction_add_update(
2155 transaction, "HEAD",
2156 update->flags | REF_LOG_ONLY | REF_NODEREF,
2157 update->new_oid.hash, update->old_oid.hash,
2158 update->msg);
2159
2160 /*
2161 * Add "HEAD". This insertion is O(N) in the transaction
2162 * size, but it happens at most once per transaction.
2163 * Add new_update->refname instead of a literal "HEAD".
2164 */
2165 if (strcmp(new_update->refname, "HEAD"))
2166 BUG("%s unexpectedly not 'HEAD'", new_update->refname);
2167 item = string_list_insert(affected_refnames, new_update->refname);
2168 item->util = new_update;
2169
2170 return 0;
2171 }
2172
2173 /*
2174 * update is for a symref that points at referent and doesn't have
2175 * REF_NODEREF set. Split it into two updates:
2176 * - The original update, but with REF_LOG_ONLY and REF_NODEREF set
2177 * - A new, separate update for the referent reference
2178 * Note that the new update will itself be subject to splitting when
2179 * the iteration gets to it.
2180 */
2181 static int split_symref_update(struct files_ref_store *refs,
2182 struct ref_update *update,
2183 const char *referent,
2184 struct ref_transaction *transaction,
2185 struct string_list *affected_refnames,
2186 struct strbuf *err)
2187 {
2188 struct string_list_item *item;
2189 struct ref_update *new_update;
2190 unsigned int new_flags;
2191
2192 /*
2193 * First make sure that referent is not already in the
2194 * transaction. This check is O(lg N) in the transaction
2195 * size, but it happens at most once per symref in a
2196 * transaction.
2197 */
2198 if (string_list_has_string(affected_refnames, referent)) {
2199 /* An entry already exists */
2200 strbuf_addf(err,
2201 "multiple updates for '%s' (including one "
2202 "via symref '%s') are not allowed",
2203 referent, update->refname);
2204 return TRANSACTION_NAME_CONFLICT;
2205 }
2206
2207 new_flags = update->flags;
2208 if (!strcmp(update->refname, "HEAD")) {
2209 /*
2210 * Record that the new update came via HEAD, so that
2211 * when we process it, split_head_update() doesn't try
2212 * to add another reflog update for HEAD. Note that
2213 * this bit will be propagated if the new_update
2214 * itself needs to be split.
2215 */
2216 new_flags |= REF_UPDATE_VIA_HEAD;
2217 }
2218
2219 new_update = ref_transaction_add_update(
2220 transaction, referent, new_flags,
2221 update->new_oid.hash, update->old_oid.hash,
2222 update->msg);
2223
2224 new_update->parent_update = update;
2225
2226 /*
2227 * Change the symbolic ref update to log only. Also, it
2228 * doesn't need to check its old SHA-1 value, as that will be
2229 * done when new_update is processed.
2230 */
2231 update->flags |= REF_LOG_ONLY | REF_NODEREF;
2232 update->flags &= ~REF_HAVE_OLD;
2233
2234 /*
2235 * Add the referent. This insertion is O(N) in the transaction
2236 * size, but it happens at most once per symref in a
2237 * transaction. Make sure to add new_update->refname, which will
2238 * be valid as long as affected_refnames is in use, and NOT
2239 * referent, which might soon be freed by our caller.
2240 */
2241 item = string_list_insert(affected_refnames, new_update->refname);
2242 if (item->util)
2243 BUG("%s unexpectedly found in affected_refnames",
2244 new_update->refname);
2245 item->util = new_update;
2246
2247 return 0;
2248 }
2249
2250 /*
2251 * Return the refname under which update was originally requested.
2252 */
2253 static const char *original_update_refname(struct ref_update *update)
2254 {
2255 while (update->parent_update)
2256 update = update->parent_update;
2257
2258 return update->refname;
2259 }
2260
2261 /*
2262 * Check whether the REF_HAVE_OLD and old_oid values stored in update
2263 * are consistent with oid, which is the reference's current value. If
2264 * everything is OK, return 0; otherwise, write an error message to
2265 * err and return -1.
2266 */
2267 static int check_old_oid(struct ref_update *update, struct object_id *oid,
2268 struct strbuf *err)
2269 {
2270 if (!(update->flags & REF_HAVE_OLD) ||
2271 !oidcmp(oid, &update->old_oid))
2272 return 0;
2273
2274 if (is_null_oid(&update->old_oid))
2275 strbuf_addf(err, "cannot lock ref '%s': "
2276 "reference already exists",
2277 original_update_refname(update));
2278 else if (is_null_oid(oid))
2279 strbuf_addf(err, "cannot lock ref '%s': "
2280 "reference is missing but expected %s",
2281 original_update_refname(update),
2282 oid_to_hex(&update->old_oid));
2283 else
2284 strbuf_addf(err, "cannot lock ref '%s': "
2285 "is at %s but expected %s",
2286 original_update_refname(update),
2287 oid_to_hex(oid),
2288 oid_to_hex(&update->old_oid));
2289
2290 return -1;
2291 }
2292
2293 /*
2294 * Prepare for carrying out update:
2295 * - Lock the reference referred to by update.
2296 * - Read the reference under lock.
2297 * - Check that its old SHA-1 value (if specified) is correct, and in
2298 * any case record it in update->lock->old_oid for later use when
2299 * writing the reflog.
2300 * - If it is a symref update without REF_NODEREF, split it up into a
2301 * REF_LOG_ONLY update of the symref and add a separate update for
2302 * the referent to transaction.
2303 * - If it is an update of head_ref, add a corresponding REF_LOG_ONLY
2304 * update of HEAD.
2305 */
2306 static int lock_ref_for_update(struct files_ref_store *refs,
2307 struct ref_update *update,
2308 struct ref_transaction *transaction,
2309 const char *head_ref,
2310 struct string_list *affected_refnames,
2311 struct strbuf *err)
2312 {
2313 struct strbuf referent = STRBUF_INIT;
2314 int mustexist = (update->flags & REF_HAVE_OLD) &&
2315 !is_null_oid(&update->old_oid);
2316 int ret = 0;
2317 struct ref_lock *lock;
2318
2319 files_assert_main_repository(refs, "lock_ref_for_update");
2320
2321 if ((update->flags & REF_HAVE_NEW) && is_null_oid(&update->new_oid))
2322 update->flags |= REF_DELETING;
2323
2324 if (head_ref) {
2325 ret = split_head_update(update, transaction, head_ref,
2326 affected_refnames, err);
2327 if (ret)
2328 goto out;
2329 }
2330
2331 ret = lock_raw_ref(refs, update->refname, mustexist,
2332 affected_refnames, NULL,
2333 &lock, &referent,
2334 &update->type, err);
2335 if (ret) {
2336 char *reason;
2337
2338 reason = strbuf_detach(err, NULL);
2339 strbuf_addf(err, "cannot lock ref '%s': %s",
2340 original_update_refname(update), reason);
2341 free(reason);
2342 goto out;
2343 }
2344
2345 update->backend_data = lock;
2346
2347 if (update->type & REF_ISSYMREF) {
2348 if (update->flags & REF_NODEREF) {
2349 /*
2350 * We won't be reading the referent as part of
2351 * the transaction, so we have to read it here
2352 * to record and possibly check old_sha1:
2353 */
2354 if (refs_read_ref_full(&refs->base,
2355 referent.buf, 0,
2356 lock->old_oid.hash, NULL)) {
2357 if (update->flags & REF_HAVE_OLD) {
2358 strbuf_addf(err, "cannot lock ref '%s': "
2359 "error reading reference",
2360 original_update_refname(update));
2361 ret = TRANSACTION_GENERIC_ERROR;
2362 goto out;
2363 }
2364 } else if (check_old_oid(update, &lock->old_oid, err)) {
2365 ret = TRANSACTION_GENERIC_ERROR;
2366 goto out;
2367 }
2368 } else {
2369 /*
2370 * Create a new update for the reference this
2371 * symref is pointing at. Also, we will record
2372 * and verify old_sha1 for this update as part
2373 * of processing the split-off update, so we
2374 * don't have to do it here.
2375 */
2376 ret = split_symref_update(refs, update,
2377 referent.buf, transaction,
2378 affected_refnames, err);
2379 if (ret)
2380 goto out;
2381 }
2382 } else {
2383 struct ref_update *parent_update;
2384
2385 if (check_old_oid(update, &lock->old_oid, err)) {
2386 ret = TRANSACTION_GENERIC_ERROR;
2387 goto out;
2388 }
2389
2390 /*
2391 * If this update is happening indirectly because of a
2392 * symref update, record the old SHA-1 in the parent
2393 * update:
2394 */
2395 for (parent_update = update->parent_update;
2396 parent_update;
2397 parent_update = parent_update->parent_update) {
2398 struct ref_lock *parent_lock = parent_update->backend_data;
2399 oidcpy(&parent_lock->old_oid, &lock->old_oid);
2400 }
2401 }
2402
2403 if ((update->flags & REF_HAVE_NEW) &&
2404 !(update->flags & REF_DELETING) &&
2405 !(update->flags & REF_LOG_ONLY)) {
2406 if (!(update->type & REF_ISSYMREF) &&
2407 !oidcmp(&lock->old_oid, &update->new_oid)) {
2408 /*
2409 * The reference already has the desired
2410 * value, so we don't need to write it.
2411 */
2412 } else if (write_ref_to_lockfile(lock, &update->new_oid,
2413 err)) {
2414 char *write_err = strbuf_detach(err, NULL);
2415
2416 /*
2417 * The lock was freed upon failure of
2418 * write_ref_to_lockfile():
2419 */
2420 update->backend_data = NULL;
2421 strbuf_addf(err,
2422 "cannot update ref '%s': %s",
2423 update->refname, write_err);
2424 free(write_err);
2425 ret = TRANSACTION_GENERIC_ERROR;
2426 goto out;
2427 } else {
2428 update->flags |= REF_NEEDS_COMMIT;
2429 }
2430 }
2431 if (!(update->flags & REF_NEEDS_COMMIT)) {
2432 /*
2433 * We didn't call write_ref_to_lockfile(), so
2434 * the lockfile is still open. Close it to
2435 * free up the file descriptor:
2436 */
2437 if (close_ref_gently(lock)) {
2438 strbuf_addf(err, "couldn't close '%s.lock'",
2439 update->refname);
2440 ret = TRANSACTION_GENERIC_ERROR;
2441 goto out;
2442 }
2443 }
2444
2445 out:
2446 strbuf_release(&referent);
2447 return ret;
2448 }
2449
2450 struct files_transaction_backend_data {
2451 struct ref_transaction *packed_transaction;
2452 int packed_refs_locked;
2453 };
2454
2455 /*
2456 * Unlock any references in `transaction` that are still locked, and
2457 * mark the transaction closed.
2458 */
2459 static void files_transaction_cleanup(struct files_ref_store *refs,
2460 struct ref_transaction *transaction)
2461 {
2462 size_t i;
2463 struct files_transaction_backend_data *backend_data =
2464 transaction->backend_data;
2465 struct strbuf err = STRBUF_INIT;
2466
2467 for (i = 0; i < transaction->nr; i++) {
2468 struct ref_update *update = transaction->updates[i];
2469 struct ref_lock *lock = update->backend_data;
2470
2471 if (lock) {
2472 unlock_ref(lock);
2473 update->backend_data = NULL;
2474 }
2475 }
2476
2477 if (backend_data->packed_transaction &&
2478 ref_transaction_abort(backend_data->packed_transaction, &err)) {
2479 error("error aborting transaction: %s", err.buf);
2480 strbuf_release(&err);
2481 }
2482
2483 if (backend_data->packed_refs_locked)
2484 packed_refs_unlock(refs->packed_ref_store);
2485
2486 free(backend_data);
2487
2488 transaction->state = REF_TRANSACTION_CLOSED;
2489 }
2490
2491 static int files_transaction_prepare(struct ref_store *ref_store,
2492 struct ref_transaction *transaction,
2493 struct strbuf *err)
2494 {
2495 struct files_ref_store *refs =
2496 files_downcast(ref_store, REF_STORE_WRITE,
2497 "ref_transaction_prepare");
2498 size_t i;
2499 int ret = 0;
2500 struct string_list affected_refnames = STRING_LIST_INIT_NODUP;
2501 char *head_ref = NULL;
2502 int head_type;
2503 struct object_id head_oid;
2504 struct files_transaction_backend_data *backend_data;
2505 struct ref_transaction *packed_transaction = NULL;
2506
2507 assert(err);
2508
2509 if (!transaction->nr)
2510 goto cleanup;
2511
2512 backend_data = xcalloc(1, sizeof(*backend_data));
2513 transaction->backend_data = backend_data;
2514
2515 /*
2516 * Fail if a refname appears more than once in the
2517 * transaction. (If we end up splitting up any updates using
2518 * split_symref_update() or split_head_update(), those
2519 * functions will check that the new updates don't have the
2520 * same refname as any existing ones.)
2521 */
2522 for (i = 0; i < transaction->nr; i++) {
2523 struct ref_update *update = transaction->updates[i];
2524 struct string_list_item *item =
2525 string_list_append(&affected_refnames, update->refname);
2526
2527 /*
2528 * We store a pointer to update in item->util, but at
2529 * the moment we never use the value of this field
2530 * except to check whether it is non-NULL.
2531 */
2532 item->util = update;
2533 }
2534 string_list_sort(&affected_refnames);
2535 if (ref_update_reject_duplicates(&affected_refnames, err)) {
2536 ret = TRANSACTION_GENERIC_ERROR;
2537 goto cleanup;
2538 }
2539
2540 /*
2541 * Special hack: If a branch is updated directly and HEAD
2542 * points to it (may happen on the remote side of a push
2543 * for example) then logically the HEAD reflog should be
2544 * updated too.
2545 *
2546 * A generic solution would require reverse symref lookups,
2547 * but finding all symrefs pointing to a given branch would be
2548 * rather costly for this rare event (the direct update of a
2549 * branch) to be worth it. So let's cheat and check with HEAD
2550 * only, which should cover 99% of all usage scenarios (even
2551 * 100% of the default ones).
2552 *
2553 * So if HEAD is a symbolic reference, then record the name of
2554 * the reference that it points to. If we see an update of
2555 * head_ref within the transaction, then split_head_update()
2556 * arranges for the reflog of HEAD to be updated, too.
2557 */
2558 head_ref = refs_resolve_refdup(ref_store, "HEAD",
2559 RESOLVE_REF_NO_RECURSE,
2560 head_oid.hash, &head_type);
2561
2562 if (head_ref && !(head_type & REF_ISSYMREF)) {
2563 FREE_AND_NULL(head_ref);
2564 }
2565
2566 /*
2567 * Acquire all locks, verify old values if provided, check
2568 * that new values are valid, and write new values to the
2569 * lockfiles, ready to be activated. Only keep one lockfile
2570 * open at a time to avoid running out of file descriptors.
2571 * Note that lock_ref_for_update() might append more updates
2572 * to the transaction.
2573 */
2574 for (i = 0; i < transaction->nr; i++) {
2575 struct ref_update *update = transaction->updates[i];
2576
2577 ret = lock_ref_for_update(refs, update, transaction,
2578 head_ref, &affected_refnames, err);
2579 if (ret)
2580 break;
2581
2582 if (update->flags & REF_DELETING &&
2583 !(update->flags & REF_LOG_ONLY) &&
2584 !(update->flags & REF_ISPRUNING)) {
2585 /*
2586 * This reference has to be deleted from
2587 * packed-refs if it exists there.
2588 */
2589 if (!packed_transaction) {
2590 packed_transaction = ref_store_transaction_begin(
2591 refs->packed_ref_store, err);
2592 if (!packed_transaction) {
2593 ret = TRANSACTION_GENERIC_ERROR;
2594 goto cleanup;
2595 }
2596
2597 backend_data->packed_transaction =
2598 packed_transaction;
2599 }
2600
2601 ref_transaction_add_update(
2602 packed_transaction, update->refname,
2603 update->flags & ~REF_HAVE_OLD,
2604 update->new_oid.hash, update->old_oid.hash,
2605 NULL);
2606 }
2607 }
2608
2609 if (packed_transaction) {
2610 if (packed_refs_lock(refs->packed_ref_store, 0, err)) {
2611 ret = TRANSACTION_GENERIC_ERROR;
2612 goto cleanup;
2613 }
2614 backend_data->packed_refs_locked = 1;
2615 ret = ref_transaction_prepare(packed_transaction, err);
2616 }
2617
2618 cleanup:
2619 free(head_ref);
2620 string_list_clear(&affected_refnames, 0);
2621
2622 if (ret)
2623 files_transaction_cleanup(refs, transaction);
2624 else
2625 transaction->state = REF_TRANSACTION_PREPARED;
2626
2627 return ret;
2628 }
2629
2630 static int files_transaction_finish(struct ref_store *ref_store,
2631 struct ref_transaction *transaction,
2632 struct strbuf *err)
2633 {
2634 struct files_ref_store *refs =
2635 files_downcast(ref_store, 0, "ref_transaction_finish");
2636 size_t i;
2637 int ret = 0;
2638 struct strbuf sb = STRBUF_INIT;
2639 struct files_transaction_backend_data *backend_data;
2640 struct ref_transaction *packed_transaction;
2641
2642
2643 assert(err);
2644
2645 if (!transaction->nr) {
2646 transaction->state = REF_TRANSACTION_CLOSED;
2647 return 0;
2648 }
2649
2650 backend_data = transaction->backend_data;
2651 packed_transaction = backend_data->packed_transaction;
2652
2653 /* Perform updates first so live commits remain referenced */
2654 for (i = 0; i < transaction->nr; i++) {
2655 struct ref_update *update = transaction->updates[i];
2656 struct ref_lock *lock = update->backend_data;
2657
2658 if (update->flags & REF_NEEDS_COMMIT ||
2659 update->flags & REF_LOG_ONLY) {
2660 if (files_log_ref_write(refs,
2661 lock->ref_name,
2662 &lock->old_oid,
2663 &update->new_oid,
2664 update->msg, update->flags,
2665 err)) {
2666 char *old_msg = strbuf_detach(err, NULL);
2667
2668 strbuf_addf(err, "cannot update the ref '%s': %s",
2669 lock->ref_name, old_msg);
2670 free(old_msg);
2671 unlock_ref(lock);
2672 update->backend_data = NULL;
2673 ret = TRANSACTION_GENERIC_ERROR;
2674 goto cleanup;
2675 }
2676 }
2677 if (update->flags & REF_NEEDS_COMMIT) {
2678 clear_loose_ref_cache(refs);
2679 if (commit_ref(lock)) {
2680 strbuf_addf(err, "couldn't set '%s'", lock->ref_name);
2681 unlock_ref(lock);
2682 update->backend_data = NULL;
2683 ret = TRANSACTION_GENERIC_ERROR;
2684 goto cleanup;
2685 }
2686 }
2687 }
2688
2689 /*
2690 * Now that updates are safely completed, we can perform
2691 * deletes. First delete the reflogs of any references that
2692 * will be deleted, since (in the unexpected event of an
2693 * error) leaving a reference without a reflog is less bad
2694 * than leaving a reflog without a reference (the latter is a
2695 * mildly invalid repository state):
2696 */
2697 for (i = 0; i < transaction->nr; i++) {
2698 struct ref_update *update = transaction->updates[i];
2699 if (update->flags & REF_DELETING &&
2700 !(update->flags & REF_LOG_ONLY) &&
2701 !(update->flags & REF_ISPRUNING)) {
2702 strbuf_reset(&sb);
2703 files_reflog_path(refs, &sb, update->refname);
2704 if (!unlink_or_warn(sb.buf))
2705 try_remove_empty_parents(refs, update->refname,
2706 REMOVE_EMPTY_PARENTS_REFLOG);
2707 }
2708 }
2709
2710 /*
2711 * Perform deletes now that updates are safely completed.
2712 *
2713 * First delete any packed versions of the references, while
2714 * retaining the packed-refs lock:
2715 */
2716 if (packed_transaction) {
2717 ret = ref_transaction_commit(packed_transaction, err);
2718 ref_transaction_free(packed_transaction);
2719 packed_transaction = NULL;
2720 backend_data->packed_transaction = NULL;
2721 if (ret)
2722 goto cleanup;
2723 }
2724
2725 /* Now delete the loose versions of the references: */
2726 for (i = 0; i < transaction->nr; i++) {
2727 struct ref_update *update = transaction->updates[i];
2728 struct ref_lock *lock = update->backend_data;
2729
2730 if (update->flags & REF_DELETING &&
2731 !(update->flags & REF_LOG_ONLY)) {
2732 if (!(update->type & REF_ISPACKED) ||
2733 update->type & REF_ISSYMREF) {
2734 /* It is a loose reference. */
2735 strbuf_reset(&sb);
2736 files_ref_path(refs, &sb, lock->ref_name);
2737 if (unlink_or_msg(sb.buf, err)) {
2738 ret = TRANSACTION_GENERIC_ERROR;
2739 goto cleanup;
2740 }
2741 update->flags |= REF_DELETED_LOOSE;
2742 }
2743 }
2744 }
2745
2746 clear_loose_ref_cache(refs);
2747
2748 cleanup:
2749 files_transaction_cleanup(refs, transaction);
2750
2751 for (i = 0; i < transaction->nr; i++) {
2752 struct ref_update *update = transaction->updates[i];
2753
2754 if (update->flags & REF_DELETED_LOOSE) {
2755 /*
2756 * The loose reference was deleted. Delete any
2757 * empty parent directories. (Note that this
2758 * can only work because we have already
2759 * removed the lockfile.)
2760 */
2761 try_remove_empty_parents(refs, update->refname,
2762 REMOVE_EMPTY_PARENTS_REF);
2763 }
2764 }
2765
2766 strbuf_release(&sb);
2767 return ret;
2768 }
2769
2770 static int files_transaction_abort(struct ref_store *ref_store,
2771 struct ref_transaction *transaction,
2772 struct strbuf *err)
2773 {
2774 struct files_ref_store *refs =
2775 files_downcast(ref_store, 0, "ref_transaction_abort");
2776
2777 files_transaction_cleanup(refs, transaction);
2778 return 0;
2779 }
2780
2781 static int ref_present(const char *refname,
2782 const struct object_id *oid, int flags, void *cb_data)
2783 {
2784 struct string_list *affected_refnames = cb_data;
2785
2786 return string_list_has_string(affected_refnames, refname);
2787 }
2788
2789 static int files_initial_transaction_commit(struct ref_store *ref_store,
2790 struct ref_transaction *transaction,
2791 struct strbuf *err)
2792 {
2793 struct files_ref_store *refs =
2794 files_downcast(ref_store, REF_STORE_WRITE,
2795 "initial_ref_transaction_commit");
2796 size_t i;
2797 int ret = 0;
2798 struct string_list affected_refnames = STRING_LIST_INIT_NODUP;
2799 struct ref_transaction *packed_transaction = NULL;
2800
2801 assert(err);
2802
2803 if (transaction->state != REF_TRANSACTION_OPEN)
2804 die("BUG: commit called for transaction that is not open");
2805
2806 /* Fail if a refname appears more than once in the transaction: */
2807 for (i = 0; i < transaction->nr; i++)
2808 string_list_append(&affected_refnames,
2809 transaction->updates[i]->refname);
2810 string_list_sort(&affected_refnames);
2811 if (ref_update_reject_duplicates(&affected_refnames, err)) {
2812 ret = TRANSACTION_GENERIC_ERROR;
2813 goto cleanup;
2814 }
2815
2816 /*
2817 * It's really undefined to call this function in an active
2818 * repository or when there are existing references: we are
2819 * only locking and changing packed-refs, so (1) any
2820 * simultaneous processes might try to change a reference at
2821 * the same time we do, and (2) any existing loose versions of
2822 * the references that we are setting would have precedence
2823 * over our values. But some remote helpers create the remote
2824 * "HEAD" and "master" branches before calling this function,
2825 * so here we really only check that none of the references
2826 * that we are creating already exists.
2827 */
2828 if (refs_for_each_rawref(&refs->base, ref_present,
2829 &affected_refnames))
2830 die("BUG: initial ref transaction called with existing refs");
2831
2832 packed_transaction = ref_store_transaction_begin(refs->packed_ref_store, err);
2833 if (!packed_transaction) {
2834 ret = TRANSACTION_GENERIC_ERROR;
2835 goto cleanup;
2836 }
2837
2838 for (i = 0; i < transaction->nr; i++) {
2839 struct ref_update *update = transaction->updates[i];
2840
2841 if ((update->flags & REF_HAVE_OLD) &&
2842 !is_null_oid(&update->old_oid))
2843 die("BUG: initial ref transaction with old_sha1 set");
2844 if (refs_verify_refname_available(&refs->base, update->refname,
2845 &affected_refnames, NULL,
2846 err)) {
2847 ret = TRANSACTION_NAME_CONFLICT;
2848 goto cleanup;
2849 }
2850
2851 /*
2852 * Add a reference creation for this reference to the
2853 * packed-refs transaction:
2854 */
2855 ref_transaction_add_update(packed_transaction, update->refname,
2856 update->flags & ~REF_HAVE_OLD,
2857 update->new_oid.hash, update->old_oid.hash,
2858 NULL);
2859 }
2860
2861 if (packed_refs_lock(refs->packed_ref_store, 0, err)) {
2862 ret = TRANSACTION_GENERIC_ERROR;
2863 goto cleanup;
2864 }
2865
2866 if (initial_ref_transaction_commit(packed_transaction, err)) {
2867 ret = TRANSACTION_GENERIC_ERROR;
2868 goto cleanup;
2869 }
2870
2871 cleanup:
2872 if (packed_transaction)
2873 ref_transaction_free(packed_transaction);
2874 packed_refs_unlock(refs->packed_ref_store);
2875 transaction->state = REF_TRANSACTION_CLOSED;
2876 string_list_clear(&affected_refnames, 0);
2877 return ret;
2878 }
2879
2880 struct expire_reflog_cb {
2881 unsigned int flags;
2882 reflog_expiry_should_prune_fn *should_prune_fn;
2883 void *policy_cb;
2884 FILE *newlog;
2885 struct object_id last_kept_oid;
2886 };
2887
2888 static int expire_reflog_ent(struct object_id *ooid, struct object_id *noid,
2889 const char *email, timestamp_t timestamp, int tz,
2890 const char *message, void *cb_data)
2891 {
2892 struct expire_reflog_cb *cb = cb_data;
2893 struct expire_reflog_policy_cb *policy_cb = cb->policy_cb;
2894
2895 if (cb->flags & EXPIRE_REFLOGS_REWRITE)
2896 ooid = &cb->last_kept_oid;
2897
2898 if ((*cb->should_prune_fn)(ooid, noid, email, timestamp, tz,
2899 message, policy_cb)) {
2900 if (!cb->newlog)
2901 printf("would prune %s", message);
2902 else if (cb->flags & EXPIRE_REFLOGS_VERBOSE)
2903 printf("prune %s", message);
2904 } else {
2905 if (cb->newlog) {
2906 fprintf(cb->newlog, "%s %s %s %"PRItime" %+05d\t%s",
2907 oid_to_hex(ooid), oid_to_hex(noid),
2908 email, timestamp, tz, message);
2909 oidcpy(&cb->last_kept_oid, noid);
2910 }
2911 if (cb->flags & EXPIRE_REFLOGS_VERBOSE)
2912 printf("keep %s", message);
2913 }
2914 return 0;
2915 }
2916
2917 static int files_reflog_expire(struct ref_store *ref_store,
2918 const char *refname, const unsigned char *sha1,
2919 unsigned int flags,
2920 reflog_expiry_prepare_fn prepare_fn,
2921 reflog_expiry_should_prune_fn should_prune_fn,
2922 reflog_expiry_cleanup_fn cleanup_fn,
2923 void *policy_cb_data)
2924 {
2925 struct files_ref_store *refs =
2926 files_downcast(ref_store, REF_STORE_WRITE, "reflog_expire");
2927 static struct lock_file reflog_lock;
2928 struct expire_reflog_cb cb;
2929 struct ref_lock *lock;
2930 struct strbuf log_file_sb = STRBUF_INIT;
2931 char *log_file;
2932 int status = 0;
2933 int type;
2934 struct strbuf err = STRBUF_INIT;
2935 struct object_id oid;
2936
2937 memset(&cb, 0, sizeof(cb));
2938 cb.flags = flags;
2939 cb.policy_cb = policy_cb_data;
2940 cb.should_prune_fn = should_prune_fn;
2941
2942 /*
2943 * The reflog file is locked by holding the lock on the
2944 * reference itself, plus we might need to update the
2945 * reference if --updateref was specified:
2946 */
2947 lock = lock_ref_sha1_basic(refs, refname, sha1,
2948 NULL, NULL, REF_NODEREF,
2949 &type, &err);
2950 if (!lock) {
2951 error("cannot lock ref '%s': %s", refname, err.buf);
2952 strbuf_release(&err);
2953 return -1;
2954 }
2955 if (!refs_reflog_exists(ref_store, refname)) {
2956 unlock_ref(lock);
2957 return 0;
2958 }
2959
2960 files_reflog_path(refs, &log_file_sb, refname);
2961 log_file = strbuf_detach(&log_file_sb, NULL);
2962 if (!(flags & EXPIRE_REFLOGS_DRY_RUN)) {
2963 /*
2964 * Even though holding $GIT_DIR/logs/$reflog.lock has
2965 * no locking implications, we use the lock_file
2966 * machinery here anyway because it does a lot of the
2967 * work we need, including cleaning up if the program
2968 * exits unexpectedly.
2969 */
2970 if (hold_lock_file_for_update(&reflog_lock, log_file, 0) < 0) {
2971 struct strbuf err = STRBUF_INIT;
2972 unable_to_lock_message(log_file, errno, &err);
2973 error("%s", err.buf);
2974 strbuf_release(&err);
2975 goto failure;
2976 }
2977 cb.newlog = fdopen_lock_file(&reflog_lock, "w");
2978 if (!cb.newlog) {
2979 error("cannot fdopen %s (%s)",
2980 get_lock_file_path(&reflog_lock), strerror(errno));
2981 goto failure;
2982 }
2983 }
2984
2985 hashcpy(oid.hash, sha1);
2986
2987 (*prepare_fn)(refname, &oid, cb.policy_cb);
2988 refs_for_each_reflog_ent(ref_store, refname, expire_reflog_ent, &cb);
2989 (*cleanup_fn)(cb.policy_cb);
2990
2991 if (!(flags & EXPIRE_REFLOGS_DRY_RUN)) {
2992 /*
2993 * It doesn't make sense to adjust a reference pointed
2994 * to by a symbolic ref based on expiring entries in
2995 * the symbolic reference's reflog. Nor can we update
2996 * a reference if there are no remaining reflog
2997 * entries.
2998 */
2999 int update = (flags & EXPIRE_REFLOGS_UPDATE_REF) &&
3000 !(type & REF_ISSYMREF) &&
3001 !is_null_oid(&cb.last_kept_oid);
3002
3003 if (close_lock_file_gently(&reflog_lock)) {
3004 status |= error("couldn't write %s: %s", log_file,
3005 strerror(errno));
3006 rollback_lock_file(&reflog_lock);
3007 } else if (update &&
3008 (write_in_full(get_lock_file_fd(&lock->lk),
3009 oid_to_hex(&cb.last_kept_oid), GIT_SHA1_HEXSZ) != GIT_SHA1_HEXSZ ||
3010 write_str_in_full(get_lock_file_fd(&lock->lk), "\n") != 1 ||
3011 close_ref_gently(lock) < 0)) {
3012 status |= error("couldn't write %s",
3013 get_lock_file_path(&lock->lk));
3014 rollback_lock_file(&reflog_lock);
3015 } else if (commit_lock_file(&reflog_lock)) {
3016 status |= error("unable to write reflog '%s' (%s)",
3017 log_file, strerror(errno));
3018 } else if (update && commit_ref(lock)) {
3019 status |= error("couldn't set %s", lock->ref_name);
3020 }
3021 }
3022 free(log_file);
3023 unlock_ref(lock);
3024 return status;
3025
3026 failure:
3027 rollback_lock_file(&reflog_lock);
3028 free(log_file);
3029 unlock_ref(lock);
3030 return -1;
3031 }
3032
3033 static int files_init_db(struct ref_store *ref_store, struct strbuf *err)
3034 {
3035 struct files_ref_store *refs =
3036 files_downcast(ref_store, REF_STORE_WRITE, "init_db");
3037 struct strbuf sb = STRBUF_INIT;
3038
3039 /*
3040 * Create .git/refs/{heads,tags}
3041 */
3042 files_ref_path(refs, &sb, "refs/heads");
3043 safe_create_dir(sb.buf, 1);
3044
3045 strbuf_reset(&sb);
3046 files_ref_path(refs, &sb, "refs/tags");
3047 safe_create_dir(sb.buf, 1);
3048
3049 strbuf_release(&sb);
3050 return 0;
3051 }
3052
3053 struct ref_storage_be refs_be_files = {
3054 NULL,
3055 "files",
3056 files_ref_store_create,
3057 files_init_db,
3058 files_transaction_prepare,
3059 files_transaction_finish,
3060 files_transaction_abort,
3061 files_initial_transaction_commit,
3062
3063 files_pack_refs,
3064 files_peel_ref,
3065 files_create_symref,
3066 files_delete_refs,
3067 files_rename_ref,
3068
3069 files_ref_iterator_begin,
3070 files_read_raw_ref,
3071
3072 files_reflog_iterator_begin,
3073 files_for_each_reflog_ent,
3074 files_for_each_reflog_ent_reverse,
3075 files_reflog_exists,
3076 files_create_reflog,
3077 files_delete_reflog,
3078 files_reflog_expire
3079 };
Unnamed repository; edit this file 'description' to name the repository.