]>
Commit | Line | Data |
---|---|---|
1 | /* | |
2 | * Various trivial helper wrappers around standard functions | |
3 | */ | |
4 | #include "cache.h" | |
5 | #include "config.h" | |
6 | ||
7 | static int memory_limit_check(size_t size, int gentle) | |
8 | { | |
9 | static size_t limit = 0; | |
10 | if (!limit) { | |
11 | limit = git_env_ulong("GIT_ALLOC_LIMIT", 0); | |
12 | if (!limit) | |
13 | limit = SIZE_MAX; | |
14 | } | |
15 | if (size > limit) { | |
16 | if (gentle) { | |
17 | error("attempting to allocate %"PRIuMAX" over limit %"PRIuMAX, | |
18 | (uintmax_t)size, (uintmax_t)limit); | |
19 | return -1; | |
20 | } else | |
21 | die("attempting to allocate %"PRIuMAX" over limit %"PRIuMAX, | |
22 | (uintmax_t)size, (uintmax_t)limit); | |
23 | } | |
24 | return 0; | |
25 | } | |
26 | ||
27 | char *xstrdup(const char *str) | |
28 | { | |
29 | char *ret = strdup(str); | |
30 | if (!ret) | |
31 | die("Out of memory, strdup failed"); | |
32 | return ret; | |
33 | } | |
34 | ||
35 | static void *do_xmalloc(size_t size, int gentle) | |
36 | { | |
37 | void *ret; | |
38 | ||
39 | if (memory_limit_check(size, gentle)) | |
40 | return NULL; | |
41 | ret = malloc(size); | |
42 | if (!ret && !size) | |
43 | ret = malloc(1); | |
44 | if (!ret) { | |
45 | if (!gentle) | |
46 | die("Out of memory, malloc failed (tried to allocate %lu bytes)", | |
47 | (unsigned long)size); | |
48 | else { | |
49 | error("Out of memory, malloc failed (tried to allocate %lu bytes)", | |
50 | (unsigned long)size); | |
51 | return NULL; | |
52 | } | |
53 | } | |
54 | #ifdef XMALLOC_POISON | |
55 | memset(ret, 0xA5, size); | |
56 | #endif | |
57 | return ret; | |
58 | } | |
59 | ||
60 | void *xmalloc(size_t size) | |
61 | { | |
62 | return do_xmalloc(size, 0); | |
63 | } | |
64 | ||
65 | static void *do_xmallocz(size_t size, int gentle) | |
66 | { | |
67 | void *ret; | |
68 | if (unsigned_add_overflows(size, 1)) { | |
69 | if (gentle) { | |
70 | error("Data too large to fit into virtual memory space."); | |
71 | return NULL; | |
72 | } else | |
73 | die("Data too large to fit into virtual memory space."); | |
74 | } | |
75 | ret = do_xmalloc(size + 1, gentle); | |
76 | if (ret) | |
77 | ((char*)ret)[size] = 0; | |
78 | return ret; | |
79 | } | |
80 | ||
81 | void *xmallocz(size_t size) | |
82 | { | |
83 | return do_xmallocz(size, 0); | |
84 | } | |
85 | ||
86 | void *xmallocz_gently(size_t size) | |
87 | { | |
88 | return do_xmallocz(size, 1); | |
89 | } | |
90 | ||
91 | /* | |
92 | * xmemdupz() allocates (len + 1) bytes of memory, duplicates "len" bytes of | |
93 | * "data" to the allocated memory, zero terminates the allocated memory, | |
94 | * and returns a pointer to the allocated memory. If the allocation fails, | |
95 | * the program dies. | |
96 | */ | |
97 | void *xmemdupz(const void *data, size_t len) | |
98 | { | |
99 | return memcpy(xmallocz(len), data, len); | |
100 | } | |
101 | ||
102 | char *xstrndup(const char *str, size_t len) | |
103 | { | |
104 | char *p = memchr(str, '\0', len); | |
105 | return xmemdupz(str, p ? p - str : len); | |
106 | } | |
107 | ||
108 | void *xrealloc(void *ptr, size_t size) | |
109 | { | |
110 | void *ret; | |
111 | ||
112 | memory_limit_check(size, 0); | |
113 | ret = realloc(ptr, size); | |
114 | if (!ret && !size) | |
115 | ret = realloc(ptr, 1); | |
116 | if (!ret) | |
117 | die("Out of memory, realloc failed"); | |
118 | return ret; | |
119 | } | |
120 | ||
121 | void *xcalloc(size_t nmemb, size_t size) | |
122 | { | |
123 | void *ret; | |
124 | ||
125 | if (unsigned_mult_overflows(nmemb, size)) | |
126 | die("data too large to fit into virtual memory space"); | |
127 | ||
128 | memory_limit_check(size * nmemb, 0); | |
129 | ret = calloc(nmemb, size); | |
130 | if (!ret && (!nmemb || !size)) | |
131 | ret = calloc(1, 1); | |
132 | if (!ret) | |
133 | die("Out of memory, calloc failed"); | |
134 | return ret; | |
135 | } | |
136 | ||
137 | /* | |
138 | * Limit size of IO chunks, because huge chunks only cause pain. OS X | |
139 | * 64-bit is buggy, returning EINVAL if len >= INT_MAX; and even in | |
140 | * the absence of bugs, large chunks can result in bad latencies when | |
141 | * you decide to kill the process. | |
142 | * | |
143 | * We pick 8 MiB as our default, but if the platform defines SSIZE_MAX | |
144 | * that is smaller than that, clip it to SSIZE_MAX, as a call to | |
145 | * read(2) or write(2) larger than that is allowed to fail. As the last | |
146 | * resort, we allow a port to pass via CFLAGS e.g. "-DMAX_IO_SIZE=value" | |
147 | * to override this, if the definition of SSIZE_MAX given by the platform | |
148 | * is broken. | |
149 | */ | |
150 | #ifndef MAX_IO_SIZE | |
151 | # define MAX_IO_SIZE_DEFAULT (8*1024*1024) | |
152 | # if defined(SSIZE_MAX) && (SSIZE_MAX < MAX_IO_SIZE_DEFAULT) | |
153 | # define MAX_IO_SIZE SSIZE_MAX | |
154 | # else | |
155 | # define MAX_IO_SIZE MAX_IO_SIZE_DEFAULT | |
156 | # endif | |
157 | #endif | |
158 | ||
159 | /** | |
160 | * xopen() is the same as open(), but it die()s if the open() fails. | |
161 | */ | |
162 | int xopen(const char *path, int oflag, ...) | |
163 | { | |
164 | mode_t mode = 0; | |
165 | va_list ap; | |
166 | ||
167 | /* | |
168 | * va_arg() will have undefined behavior if the specified type is not | |
169 | * compatible with the argument type. Since integers are promoted to | |
170 | * ints, we fetch the next argument as an int, and then cast it to a | |
171 | * mode_t to avoid undefined behavior. | |
172 | */ | |
173 | va_start(ap, oflag); | |
174 | if (oflag & O_CREAT) | |
175 | mode = va_arg(ap, int); | |
176 | va_end(ap); | |
177 | ||
178 | for (;;) { | |
179 | int fd = open(path, oflag, mode); | |
180 | if (fd >= 0) | |
181 | return fd; | |
182 | if (errno == EINTR) | |
183 | continue; | |
184 | ||
185 | if ((oflag & O_RDWR) == O_RDWR) | |
186 | die_errno(_("could not open '%s' for reading and writing"), path); | |
187 | else if ((oflag & O_WRONLY) == O_WRONLY) | |
188 | die_errno(_("could not open '%s' for writing"), path); | |
189 | else | |
190 | die_errno(_("could not open '%s' for reading"), path); | |
191 | } | |
192 | } | |
193 | ||
194 | static int handle_nonblock(int fd, short poll_events, int err) | |
195 | { | |
196 | struct pollfd pfd; | |
197 | ||
198 | if (err != EAGAIN && err != EWOULDBLOCK) | |
199 | return 0; | |
200 | ||
201 | pfd.fd = fd; | |
202 | pfd.events = poll_events; | |
203 | ||
204 | /* | |
205 | * no need to check for errors, here; | |
206 | * a subsequent read/write will detect unrecoverable errors | |
207 | */ | |
208 | poll(&pfd, 1, -1); | |
209 | return 1; | |
210 | } | |
211 | ||
212 | /* | |
213 | * xread() is the same a read(), but it automatically restarts read() | |
214 | * operations with a recoverable error (EAGAIN and EINTR). xread() | |
215 | * DOES NOT GUARANTEE that "len" bytes is read even if the data is available. | |
216 | */ | |
217 | ssize_t xread(int fd, void *buf, size_t len) | |
218 | { | |
219 | ssize_t nr; | |
220 | if (len > MAX_IO_SIZE) | |
221 | len = MAX_IO_SIZE; | |
222 | while (1) { | |
223 | nr = read(fd, buf, len); | |
224 | if (nr < 0) { | |
225 | if (errno == EINTR) | |
226 | continue; | |
227 | if (handle_nonblock(fd, POLLIN, errno)) | |
228 | continue; | |
229 | } | |
230 | return nr; | |
231 | } | |
232 | } | |
233 | ||
234 | /* | |
235 | * xwrite() is the same a write(), but it automatically restarts write() | |
236 | * operations with a recoverable error (EAGAIN and EINTR). xwrite() DOES NOT | |
237 | * GUARANTEE that "len" bytes is written even if the operation is successful. | |
238 | */ | |
239 | ssize_t xwrite(int fd, const void *buf, size_t len) | |
240 | { | |
241 | ssize_t nr; | |
242 | if (len > MAX_IO_SIZE) | |
243 | len = MAX_IO_SIZE; | |
244 | while (1) { | |
245 | nr = write(fd, buf, len); | |
246 | if (nr < 0) { | |
247 | if (errno == EINTR) | |
248 | continue; | |
249 | if (handle_nonblock(fd, POLLOUT, errno)) | |
250 | continue; | |
251 | } | |
252 | ||
253 | return nr; | |
254 | } | |
255 | } | |
256 | ||
257 | /* | |
258 | * xpread() is the same as pread(), but it automatically restarts pread() | |
259 | * operations with a recoverable error (EAGAIN and EINTR). xpread() DOES | |
260 | * NOT GUARANTEE that "len" bytes is read even if the data is available. | |
261 | */ | |
262 | ssize_t xpread(int fd, void *buf, size_t len, off_t offset) | |
263 | { | |
264 | ssize_t nr; | |
265 | if (len > MAX_IO_SIZE) | |
266 | len = MAX_IO_SIZE; | |
267 | while (1) { | |
268 | nr = pread(fd, buf, len, offset); | |
269 | if ((nr < 0) && (errno == EAGAIN || errno == EINTR)) | |
270 | continue; | |
271 | return nr; | |
272 | } | |
273 | } | |
274 | ||
275 | ssize_t read_in_full(int fd, void *buf, size_t count) | |
276 | { | |
277 | char *p = buf; | |
278 | ssize_t total = 0; | |
279 | ||
280 | while (count > 0) { | |
281 | ssize_t loaded = xread(fd, p, count); | |
282 | if (loaded < 0) | |
283 | return -1; | |
284 | if (loaded == 0) | |
285 | return total; | |
286 | count -= loaded; | |
287 | p += loaded; | |
288 | total += loaded; | |
289 | } | |
290 | ||
291 | return total; | |
292 | } | |
293 | ||
294 | ssize_t write_in_full(int fd, const void *buf, size_t count) | |
295 | { | |
296 | const char *p = buf; | |
297 | ssize_t total = 0; | |
298 | ||
299 | while (count > 0) { | |
300 | ssize_t written = xwrite(fd, p, count); | |
301 | if (written < 0) | |
302 | return -1; | |
303 | if (!written) { | |
304 | errno = ENOSPC; | |
305 | return -1; | |
306 | } | |
307 | count -= written; | |
308 | p += written; | |
309 | total += written; | |
310 | } | |
311 | ||
312 | return total; | |
313 | } | |
314 | ||
315 | ssize_t pread_in_full(int fd, void *buf, size_t count, off_t offset) | |
316 | { | |
317 | char *p = buf; | |
318 | ssize_t total = 0; | |
319 | ||
320 | while (count > 0) { | |
321 | ssize_t loaded = xpread(fd, p, count, offset); | |
322 | if (loaded < 0) | |
323 | return -1; | |
324 | if (loaded == 0) | |
325 | return total; | |
326 | count -= loaded; | |
327 | p += loaded; | |
328 | total += loaded; | |
329 | offset += loaded; | |
330 | } | |
331 | ||
332 | return total; | |
333 | } | |
334 | ||
335 | int xdup(int fd) | |
336 | { | |
337 | int ret = dup(fd); | |
338 | if (ret < 0) | |
339 | die_errno("dup failed"); | |
340 | return ret; | |
341 | } | |
342 | ||
343 | /** | |
344 | * xfopen() is the same as fopen(), but it die()s if the fopen() fails. | |
345 | */ | |
346 | FILE *xfopen(const char *path, const char *mode) | |
347 | { | |
348 | for (;;) { | |
349 | FILE *fp = fopen(path, mode); | |
350 | if (fp) | |
351 | return fp; | |
352 | if (errno == EINTR) | |
353 | continue; | |
354 | ||
355 | if (*mode && mode[1] == '+') | |
356 | die_errno(_("could not open '%s' for reading and writing"), path); | |
357 | else if (*mode == 'w' || *mode == 'a') | |
358 | die_errno(_("could not open '%s' for writing"), path); | |
359 | else | |
360 | die_errno(_("could not open '%s' for reading"), path); | |
361 | } | |
362 | } | |
363 | ||
364 | FILE *xfdopen(int fd, const char *mode) | |
365 | { | |
366 | FILE *stream = fdopen(fd, mode); | |
367 | if (stream == NULL) | |
368 | die_errno("Out of memory? fdopen failed"); | |
369 | return stream; | |
370 | } | |
371 | ||
372 | FILE *fopen_for_writing(const char *path) | |
373 | { | |
374 | FILE *ret = fopen(path, "w"); | |
375 | ||
376 | if (!ret && errno == EPERM) { | |
377 | if (!unlink(path)) | |
378 | ret = fopen(path, "w"); | |
379 | else | |
380 | errno = EPERM; | |
381 | } | |
382 | return ret; | |
383 | } | |
384 | ||
385 | static void warn_on_inaccessible(const char *path) | |
386 | { | |
387 | warning_errno(_("unable to access '%s'"), path); | |
388 | } | |
389 | ||
390 | int warn_on_fopen_errors(const char *path) | |
391 | { | |
392 | if (errno != ENOENT && errno != ENOTDIR) { | |
393 | warn_on_inaccessible(path); | |
394 | return -1; | |
395 | } | |
396 | ||
397 | return 0; | |
398 | } | |
399 | ||
400 | FILE *fopen_or_warn(const char *path, const char *mode) | |
401 | { | |
402 | FILE *fp = fopen(path, mode); | |
403 | ||
404 | if (fp) | |
405 | return fp; | |
406 | ||
407 | warn_on_fopen_errors(path); | |
408 | return NULL; | |
409 | } | |
410 | ||
411 | int xmkstemp(char *filename_template) | |
412 | { | |
413 | int fd; | |
414 | char origtemplate[PATH_MAX]; | |
415 | strlcpy(origtemplate, filename_template, sizeof(origtemplate)); | |
416 | ||
417 | fd = mkstemp(filename_template); | |
418 | if (fd < 0) { | |
419 | int saved_errno = errno; | |
420 | const char *nonrelative_template; | |
421 | ||
422 | if (strlen(filename_template) != strlen(origtemplate)) | |
423 | filename_template = origtemplate; | |
424 | ||
425 | nonrelative_template = absolute_path(filename_template); | |
426 | errno = saved_errno; | |
427 | die_errno("Unable to create temporary file '%s'", | |
428 | nonrelative_template); | |
429 | } | |
430 | return fd; | |
431 | } | |
432 | ||
433 | /* Adapted from libiberty's mkstemp.c. */ | |
434 | ||
435 | #undef TMP_MAX | |
436 | #define TMP_MAX 16384 | |
437 | ||
438 | int git_mkstemps_mode(char *pattern, int suffix_len, int mode) | |
439 | { | |
440 | static const char letters[] = | |
441 | "abcdefghijklmnopqrstuvwxyz" | |
442 | "ABCDEFGHIJKLMNOPQRSTUVWXYZ" | |
443 | "0123456789"; | |
444 | static const int num_letters = ARRAY_SIZE(letters) - 1; | |
445 | static const char x_pattern[] = "XXXXXX"; | |
446 | static const int num_x = ARRAY_SIZE(x_pattern) - 1; | |
447 | uint64_t value; | |
448 | struct timeval tv; | |
449 | char *filename_template; | |
450 | size_t len; | |
451 | int fd, count; | |
452 | ||
453 | len = strlen(pattern); | |
454 | ||
455 | if (len < num_x + suffix_len) { | |
456 | errno = EINVAL; | |
457 | return -1; | |
458 | } | |
459 | ||
460 | if (strncmp(&pattern[len - num_x - suffix_len], x_pattern, num_x)) { | |
461 | errno = EINVAL; | |
462 | return -1; | |
463 | } | |
464 | ||
465 | /* | |
466 | * Replace pattern's XXXXXX characters with randomness. | |
467 | * Try TMP_MAX different filenames. | |
468 | */ | |
469 | gettimeofday(&tv, NULL); | |
470 | value = ((uint64_t)tv.tv_usec << 16) ^ tv.tv_sec ^ getpid(); | |
471 | filename_template = &pattern[len - num_x - suffix_len]; | |
472 | for (count = 0; count < TMP_MAX; ++count) { | |
473 | uint64_t v = value; | |
474 | int i; | |
475 | /* Fill in the random bits. */ | |
476 | for (i = 0; i < num_x; i++) { | |
477 | filename_template[i] = letters[v % num_letters]; | |
478 | v /= num_letters; | |
479 | } | |
480 | ||
481 | fd = open(pattern, O_CREAT | O_EXCL | O_RDWR, mode); | |
482 | if (fd >= 0) | |
483 | return fd; | |
484 | /* | |
485 | * Fatal error (EPERM, ENOSPC etc). | |
486 | * It doesn't make sense to loop. | |
487 | */ | |
488 | if (errno != EEXIST) | |
489 | break; | |
490 | /* | |
491 | * This is a random value. It is only necessary that | |
492 | * the next TMP_MAX values generated by adding 7777 to | |
493 | * VALUE are different with (module 2^32). | |
494 | */ | |
495 | value += 7777; | |
496 | } | |
497 | /* We return the null string if we can't find a unique file name. */ | |
498 | pattern[0] = '\0'; | |
499 | return -1; | |
500 | } | |
501 | ||
502 | int git_mkstemp_mode(char *pattern, int mode) | |
503 | { | |
504 | /* mkstemp is just mkstemps with no suffix */ | |
505 | return git_mkstemps_mode(pattern, 0, mode); | |
506 | } | |
507 | ||
508 | int xmkstemp_mode(char *filename_template, int mode) | |
509 | { | |
510 | int fd; | |
511 | char origtemplate[PATH_MAX]; | |
512 | strlcpy(origtemplate, filename_template, sizeof(origtemplate)); | |
513 | ||
514 | fd = git_mkstemp_mode(filename_template, mode); | |
515 | if (fd < 0) { | |
516 | int saved_errno = errno; | |
517 | const char *nonrelative_template; | |
518 | ||
519 | if (!filename_template[0]) | |
520 | filename_template = origtemplate; | |
521 | ||
522 | nonrelative_template = absolute_path(filename_template); | |
523 | errno = saved_errno; | |
524 | die_errno("Unable to create temporary file '%s'", | |
525 | nonrelative_template); | |
526 | } | |
527 | return fd; | |
528 | } | |
529 | ||
530 | static int warn_if_unremovable(const char *op, const char *file, int rc) | |
531 | { | |
532 | int err; | |
533 | if (!rc || errno == ENOENT) | |
534 | return 0; | |
535 | err = errno; | |
536 | warning_errno("unable to %s '%s'", op, file); | |
537 | errno = err; | |
538 | return rc; | |
539 | } | |
540 | ||
541 | int unlink_or_msg(const char *file, struct strbuf *err) | |
542 | { | |
543 | int rc = unlink(file); | |
544 | ||
545 | assert(err); | |
546 | ||
547 | if (!rc || errno == ENOENT) | |
548 | return 0; | |
549 | ||
550 | strbuf_addf(err, "unable to unlink '%s': %s", | |
551 | file, strerror(errno)); | |
552 | return -1; | |
553 | } | |
554 | ||
555 | int unlink_or_warn(const char *file) | |
556 | { | |
557 | return warn_if_unremovable("unlink", file, unlink(file)); | |
558 | } | |
559 | ||
560 | int rmdir_or_warn(const char *file) | |
561 | { | |
562 | return warn_if_unremovable("rmdir", file, rmdir(file)); | |
563 | } | |
564 | ||
565 | int remove_or_warn(unsigned int mode, const char *file) | |
566 | { | |
567 | return S_ISGITLINK(mode) ? rmdir_or_warn(file) : unlink_or_warn(file); | |
568 | } | |
569 | ||
570 | static int access_error_is_ok(int err, unsigned flag) | |
571 | { | |
572 | return (is_missing_file_error(err) || | |
573 | ((flag & ACCESS_EACCES_OK) && err == EACCES)); | |
574 | } | |
575 | ||
576 | int access_or_warn(const char *path, int mode, unsigned flag) | |
577 | { | |
578 | int ret = access(path, mode); | |
579 | if (ret && !access_error_is_ok(errno, flag)) | |
580 | warn_on_inaccessible(path); | |
581 | return ret; | |
582 | } | |
583 | ||
584 | int access_or_die(const char *path, int mode, unsigned flag) | |
585 | { | |
586 | int ret = access(path, mode); | |
587 | if (ret && !access_error_is_ok(errno, flag)) | |
588 | die_errno(_("unable to access '%s'"), path); | |
589 | return ret; | |
590 | } | |
591 | ||
592 | char *xgetcwd(void) | |
593 | { | |
594 | struct strbuf sb = STRBUF_INIT; | |
595 | if (strbuf_getcwd(&sb)) | |
596 | die_errno(_("unable to get current working directory")); | |
597 | return strbuf_detach(&sb, NULL); | |
598 | } | |
599 | ||
600 | int xsnprintf(char *dst, size_t max, const char *fmt, ...) | |
601 | { | |
602 | va_list ap; | |
603 | int len; | |
604 | ||
605 | va_start(ap, fmt); | |
606 | len = vsnprintf(dst, max, fmt, ap); | |
607 | va_end(ap); | |
608 | ||
609 | if (len < 0) | |
610 | BUG("your snprintf is broken"); | |
611 | if (len >= max) | |
612 | BUG("attempt to snprintf into too-small buffer"); | |
613 | return len; | |
614 | } | |
615 | ||
616 | void write_file_buf(const char *path, const char *buf, size_t len) | |
617 | { | |
618 | int fd = xopen(path, O_WRONLY | O_CREAT | O_TRUNC, 0666); | |
619 | if (write_in_full(fd, buf, len) < 0) | |
620 | die_errno(_("could not write to '%s'"), path); | |
621 | if (close(fd)) | |
622 | die_errno(_("could not close '%s'"), path); | |
623 | } | |
624 | ||
625 | void write_file(const char *path, const char *fmt, ...) | |
626 | { | |
627 | va_list params; | |
628 | struct strbuf sb = STRBUF_INIT; | |
629 | ||
630 | va_start(params, fmt); | |
631 | strbuf_vaddf(&sb, fmt, params); | |
632 | va_end(params); | |
633 | ||
634 | strbuf_complete_line(&sb); | |
635 | ||
636 | write_file_buf(path, sb.buf, sb.len); | |
637 | strbuf_release(&sb); | |
638 | } | |
639 | ||
640 | void sleep_millisec(int millisec) | |
641 | { | |
642 | poll(NULL, 0, millisec); | |
643 | } | |
644 | ||
645 | int xgethostname(char *buf, size_t len) | |
646 | { | |
647 | /* | |
648 | * If the full hostname doesn't fit in buf, POSIX does not | |
649 | * specify whether the buffer will be null-terminated, so to | |
650 | * be safe, do it ourselves. | |
651 | */ | |
652 | int ret = gethostname(buf, len); | |
653 | if (!ret) | |
654 | buf[len - 1] = 0; | |
655 | return ret; | |
656 | } | |
657 | ||
658 | int is_empty_or_missing_file(const char *filename) | |
659 | { | |
660 | struct stat st; | |
661 | ||
662 | if (stat(filename, &st) < 0) { | |
663 | if (errno == ENOENT) | |
664 | return 1; | |
665 | die_errno(_("could not stat %s"), filename); | |
666 | } | |
667 | ||
668 | return !st.st_size; | |
669 | } |