]>
Commit | Line | Data |
---|---|---|
021b6e45 JH |
1 | /* |
2 | * Copyright (c) 2005, Junio C Hamano | |
3 | */ | |
2db69de8 MH |
4 | |
5 | /* | |
6 | * State diagram and cleanup | |
7 | * ------------------------- | |
8 | * | |
9 | * This module keeps track of all locked files in `lock_file_list` for | |
10 | * use at cleanup. This list and the `lock_file` objects that comprise | |
11 | * it must be kept in self-consistent states at all time, because the | |
12 | * program can be interrupted any time by a signal, in which case the | |
13 | * signal handler will walk through the list attempting to clean up | |
14 | * any open lock files. | |
15 | * | |
16 | * The possible states of a `lock_file` object are as follows: | |
17 | * | |
18 | * - Uninitialized. In this state the object's `on_list` field must be | |
19 | * zero but the rest of its contents need not be initialized. As | |
20 | * soon as the object is used in any way, it is irrevocably | |
21 | * registered in `lock_file_list`, and `on_list` is set. | |
22 | * | |
23 | * - Locked, lockfile open (after `hold_lock_file_for_update()`, | |
24 | * `hold_lock_file_for_append()`, or `reopen_lock_file()`). In this | |
25 | * state: | |
26 | * | |
27 | * - the lockfile exists | |
28 | * - `active` is set | |
29 | * - `filename` holds the filename of the lockfile | |
30 | * - `fd` holds a file descriptor open for writing to the lockfile | |
31 | * - `fp` holds a pointer to an open `FILE` object if and only if | |
32 | * `fdopen_lock_file()` has been called on the object | |
33 | * - `owner` holds the PID of the process that locked the file | |
34 | * | |
35 | * - Locked, lockfile closed (after successful `close_lock_file()`). | |
36 | * Same as the previous state, except that the lockfile is closed | |
37 | * and `fd` is -1. | |
38 | * | |
39 | * - Unlocked (after `commit_lock_file()`, `commit_lock_file_to()`, | |
40 | * `rollback_lock_file()`, a failed attempt to lock, or a failed | |
41 | * `close_lock_file()`). In this state: | |
42 | * | |
43 | * - `active` is unset | |
44 | * - `filename` is empty (usually, though there are transitory | |
45 | * states in which this condition doesn't hold). Client code should | |
46 | * *not* rely on the filename being empty in this state. | |
47 | * - `fd` is -1 | |
48 | * - the object is left registered in the `lock_file_list`, and | |
49 | * `on_list` is set. | |
50 | * | |
51 | * A lockfile is owned by the process that created it. The `lock_file` | |
52 | * has an `owner` field that records the owner's PID. This field is | |
53 | * used to prevent a forked process from closing a lockfile created by | |
54 | * its parent. | |
55 | */ | |
56 | ||
021b6e45 | 57 | #include "cache.h" |
697cc8ef | 58 | #include "lockfile.h" |
4a16d072 | 59 | #include "sigchain.h" |
021b6e45 | 60 | |
2091c506 | 61 | static struct lock_file *volatile lock_file_list; |
021b6e45 | 62 | |
013870cd | 63 | static void remove_lock_files(int skip_fclose) |
021b6e45 | 64 | { |
5e635e39 JH |
65 | pid_t me = getpid(); |
66 | ||
021b6e45 | 67 | while (lock_file_list) { |
013870cd MH |
68 | if (lock_file_list->owner == me) { |
69 | /* fclose() is not safe to call in a signal handler */ | |
70 | if (skip_fclose) | |
71 | lock_file_list->fp = NULL; | |
a1754bcc | 72 | rollback_lock_file(lock_file_list); |
013870cd | 73 | } |
021b6e45 JH |
74 | lock_file_list = lock_file_list->next; |
75 | } | |
76 | } | |
77 | ||
013870cd MH |
78 | static void remove_lock_files_on_exit(void) |
79 | { | |
80 | remove_lock_files(0); | |
81 | } | |
82 | ||
316683bd | 83 | static void remove_lock_files_on_signal(int signo) |
021b6e45 | 84 | { |
013870cd | 85 | remove_lock_files(1); |
4a16d072 | 86 | sigchain_pop(signo); |
021b6e45 JH |
87 | raise(signo); |
88 | } | |
89 | ||
5d5a7a67 | 90 | /* |
0c0d6e86 | 91 | * path = absolute or relative path name |
5d5a7a67 | 92 | * |
0c0d6e86 MH |
93 | * Remove the last path name element from path (leaving the preceding |
94 | * "/", if any). If path is empty or the root directory ("/"), set | |
95 | * path to the empty string. | |
5d5a7a67 | 96 | */ |
0c0d6e86 | 97 | static void trim_last_path_component(struct strbuf *path) |
5d5a7a67 | 98 | { |
0c0d6e86 | 99 | int i = path->len; |
5d5a7a67 BS |
100 | |
101 | /* back up past trailing slashes, if any */ | |
0c0d6e86 MH |
102 | while (i && path->buf[i - 1] == '/') |
103 | i--; | |
5d5a7a67 BS |
104 | |
105 | /* | |
0c0d6e86 MH |
106 | * then go backwards until a slash, or the beginning of the |
107 | * string | |
5d5a7a67 | 108 | */ |
0c0d6e86 MH |
109 | while (i && path->buf[i - 1] != '/') |
110 | i--; | |
111 | ||
112 | strbuf_setlen(path, i); | |
5d5a7a67 BS |
113 | } |
114 | ||
115 | ||
116 | /* We allow "recursive" symbolic links. Only within reason, though */ | |
117 | #define MAXDEPTH 5 | |
118 | ||
119 | /* | |
6cad8053 | 120 | * path contains a path that might be a symlink. |
5d5a7a67 | 121 | * |
6cad8053 MH |
122 | * If path is a symlink, attempt to overwrite it with a path to the |
123 | * real file or directory (which may or may not exist), following a | |
124 | * chain of symlinks if necessary. Otherwise, leave path unmodified. | |
5d5a7a67 | 125 | * |
6cad8053 MH |
126 | * This is a best-effort routine. If an error occurs, path will |
127 | * either be left unmodified or will name a different symlink in a | |
128 | * symlink chain that started with the original path. | |
5d5a7a67 | 129 | */ |
6cad8053 | 130 | static void resolve_symlink(struct strbuf *path) |
5d5a7a67 BS |
131 | { |
132 | int depth = MAXDEPTH; | |
5025d845 | 133 | static struct strbuf link = STRBUF_INIT; |
5d5a7a67 BS |
134 | |
135 | while (depth--) { | |
6cad8053 | 136 | if (strbuf_readlink(&link, path->buf, path->len) < 0) |
5025d845 | 137 | break; |
5d5a7a67 | 138 | |
6cad8053 | 139 | if (is_absolute_path(link.buf)) |
5d5a7a67 | 140 | /* absolute path simply replaces p */ |
6cad8053 | 141 | strbuf_reset(path); |
0c0d6e86 | 142 | else |
5d5a7a67 | 143 | /* |
5025d845 | 144 | * link is a relative path, so replace the |
5d5a7a67 BS |
145 | * last element of p with it. |
146 | */ | |
0c0d6e86 | 147 | trim_last_path_component(path); |
6cad8053 MH |
148 | |
149 | strbuf_addbuf(path, &link); | |
5d5a7a67 | 150 | } |
5025d845 | 151 | strbuf_reset(&link); |
5d5a7a67 BS |
152 | } |
153 | ||
447ff1bf | 154 | /* Make sure errno contains a meaningful value on error */ |
acd3b9ec | 155 | static int lock_file(struct lock_file *lk, const char *path, int flags) |
021b6e45 | 156 | { |
6cad8053 | 157 | size_t pathlen = strlen(path); |
2fbd4f92 | 158 | |
04e57d4d MH |
159 | if (!lock_file_list) { |
160 | /* One-time initialization */ | |
316683bd | 161 | sigchain_push_common(remove_lock_files_on_signal); |
013870cd | 162 | atexit(remove_lock_files_on_exit); |
04e57d4d MH |
163 | } |
164 | ||
707103fd MH |
165 | if (lk->active) |
166 | die("BUG: cannot lock_file(\"%s\") using active struct lock_file", | |
167 | path); | |
04e57d4d MH |
168 | if (!lk->on_list) { |
169 | /* Initialize *lk and add it to lock_file_list: */ | |
170 | lk->fd = -1; | |
013870cd | 171 | lk->fp = NULL; |
707103fd | 172 | lk->active = 0; |
04e57d4d | 173 | lk->owner = 0; |
6cad8053 | 174 | strbuf_init(&lk->filename, pathlen + LOCK_SUFFIX_LEN); |
04e57d4d MH |
175 | lk->next = lock_file_list; |
176 | lock_file_list = lk; | |
177 | lk->on_list = 1; | |
cf6950d3 MH |
178 | } else if (lk->filename.len) { |
179 | /* This shouldn't happen, but better safe than sorry. */ | |
180 | die("BUG: lock_file(\"%s\") called with improperly-reset lock_file object", | |
181 | path); | |
04e57d4d MH |
182 | } |
183 | ||
fa137f67 NTND |
184 | if (flags & LOCK_NO_DEREF) { |
185 | strbuf_add_absolute_path(&lk->filename, path); | |
186 | } else { | |
187 | struct strbuf resolved_path = STRBUF_INIT; | |
188 | ||
189 | strbuf_add(&resolved_path, path, pathlen); | |
190 | resolve_symlink(&resolved_path); | |
191 | strbuf_add_absolute_path(&lk->filename, resolved_path.buf); | |
192 | strbuf_release(&resolved_path); | |
193 | } | |
194 | ||
cf6950d3 MH |
195 | strbuf_addstr(&lk->filename, LOCK_SUFFIX); |
196 | lk->fd = open(lk->filename.buf, O_RDWR | O_CREAT | O_EXCL, 0666); | |
e31e949b | 197 | if (lk->fd < 0) { |
cf6950d3 | 198 | strbuf_reset(&lk->filename); |
2fbd4f92 | 199 | return -1; |
447ff1bf | 200 | } |
e31e949b | 201 | lk->owner = getpid(); |
707103fd | 202 | lk->active = 1; |
cf6950d3 | 203 | if (adjust_shared_perm(lk->filename.buf)) { |
e31e949b | 204 | int save_errno = errno; |
cf6950d3 | 205 | error("cannot fix permission bits on %s", lk->filename.buf); |
e31e949b MH |
206 | rollback_lock_file(lk); |
207 | errno = save_errno; | |
208 | return -1; | |
021b6e45 | 209 | } |
4723ee99 | 210 | return lk->fd; |
021b6e45 JH |
211 | } |
212 | ||
044b6a9e MH |
213 | static int sleep_microseconds(long us) |
214 | { | |
215 | struct timeval tv; | |
216 | tv.tv_sec = 0; | |
217 | tv.tv_usec = us; | |
218 | return select(0, NULL, NULL, NULL, &tv); | |
219 | } | |
220 | ||
221 | /* | |
222 | * Constants defining the gaps between attempts to lock a file. The | |
223 | * first backoff period is approximately INITIAL_BACKOFF_MS | |
224 | * milliseconds. The longest backoff period is approximately | |
225 | * (BACKOFF_MAX_MULTIPLIER * INITIAL_BACKOFF_MS) milliseconds. | |
226 | */ | |
227 | #define INITIAL_BACKOFF_MS 1L | |
228 | #define BACKOFF_MAX_MULTIPLIER 1000 | |
229 | ||
230 | /* | |
231 | * Try locking path, retrying with quadratic backoff for at least | |
232 | * timeout_ms milliseconds. If timeout_ms is 0, try locking the file | |
233 | * exactly once. If timeout_ms is -1, try indefinitely. | |
234 | */ | |
235 | static int lock_file_timeout(struct lock_file *lk, const char *path, | |
236 | int flags, long timeout_ms) | |
237 | { | |
238 | int n = 1; | |
239 | int multiplier = 1; | |
240 | long remaining_us = 0; | |
241 | static int random_initialized = 0; | |
242 | ||
243 | if (timeout_ms == 0) | |
244 | return lock_file(lk, path, flags); | |
245 | ||
246 | if (!random_initialized) { | |
247 | srandom((unsigned int)getpid()); | |
248 | random_initialized = 1; | |
249 | } | |
250 | ||
251 | if (timeout_ms > 0) { | |
252 | /* avoid overflow */ | |
253 | if (timeout_ms <= LONG_MAX / 1000) | |
254 | remaining_us = timeout_ms * 1000; | |
255 | else | |
256 | remaining_us = LONG_MAX; | |
257 | } | |
258 | ||
259 | while (1) { | |
260 | long backoff_ms, wait_us; | |
261 | int fd; | |
262 | ||
263 | fd = lock_file(lk, path, flags); | |
264 | ||
265 | if (fd >= 0) | |
266 | return fd; /* success */ | |
267 | else if (errno != EEXIST) | |
268 | return -1; /* failure other than lock held */ | |
269 | else if (timeout_ms > 0 && remaining_us <= 0) | |
270 | return -1; /* failure due to timeout */ | |
271 | ||
272 | backoff_ms = multiplier * INITIAL_BACKOFF_MS; | |
273 | /* back off for between 0.75*backoff_ms and 1.25*backoff_ms */ | |
274 | wait_us = (750 + random() % 500) * backoff_ms; | |
275 | sleep_microseconds(wait_us); | |
276 | remaining_us -= wait_us; | |
277 | ||
278 | /* Recursion: (n+1)^2 = n^2 + 2n + 1 */ | |
279 | multiplier += 2*n + 1; | |
280 | if (multiplier > BACKOFF_MAX_MULTIPLIER) | |
281 | multiplier = BACKOFF_MAX_MULTIPLIER; | |
282 | else | |
283 | n++; | |
284 | } | |
285 | } | |
286 | ||
6af926e8 | 287 | void unable_to_lock_message(const char *path, int err, struct strbuf *buf) |
e43a6fd3 | 288 | { |
bdfd739d | 289 | if (err == EEXIST) { |
6af926e8 | 290 | strbuf_addf(buf, "Unable to create '%s.lock': %s.\n\n" |
e43a6fd3 MM |
291 | "If no other git process is currently running, this probably means a\n" |
292 | "git process crashed in this repository earlier. Make sure no other git\n" | |
293 | "process is running and remove the file manually to continue.", | |
e2a57aac | 294 | absolute_path(path), strerror(err)); |
1b018fd9 | 295 | } else |
6af926e8 | 296 | strbuf_addf(buf, "Unable to create '%s.lock': %s", |
e2a57aac | 297 | absolute_path(path), strerror(err)); |
1b018fd9 MV |
298 | } |
299 | ||
e197c218 | 300 | NORETURN void unable_to_lock_die(const char *path, int err) |
1b018fd9 | 301 | { |
6af926e8 RS |
302 | struct strbuf buf = STRBUF_INIT; |
303 | ||
304 | unable_to_lock_message(path, err, &buf); | |
305 | die("%s", buf.buf); | |
e43a6fd3 MM |
306 | } |
307 | ||
447ff1bf | 308 | /* This should return a meaningful errno on failure */ |
044b6a9e MH |
309 | int hold_lock_file_for_update_timeout(struct lock_file *lk, const char *path, |
310 | int flags, long timeout_ms) | |
40aaae88 | 311 | { |
044b6a9e | 312 | int fd = lock_file_timeout(lk, path, flags, timeout_ms); |
acd3b9ec | 313 | if (fd < 0 && (flags & LOCK_DIE_ON_ERROR)) |
e197c218 | 314 | unable_to_lock_die(path, errno); |
40aaae88 JH |
315 | return fd; |
316 | } | |
317 | ||
acd3b9ec | 318 | int hold_lock_file_for_append(struct lock_file *lk, const char *path, int flags) |
ea3cd5c7 DB |
319 | { |
320 | int fd, orig_fd; | |
321 | ||
acd3b9ec | 322 | fd = lock_file(lk, path, flags); |
ea3cd5c7 | 323 | if (fd < 0) { |
acd3b9ec | 324 | if (flags & LOCK_DIE_ON_ERROR) |
e197c218 | 325 | unable_to_lock_die(path, errno); |
ea3cd5c7 DB |
326 | return fd; |
327 | } | |
328 | ||
329 | orig_fd = open(path, O_RDONLY); | |
330 | if (orig_fd < 0) { | |
331 | if (errno != ENOENT) { | |
4d423a3e MH |
332 | int save_errno = errno; |
333 | ||
acd3b9ec | 334 | if (flags & LOCK_DIE_ON_ERROR) |
ea3cd5c7 | 335 | die("cannot open '%s' for copying", path); |
ebb8e380 | 336 | rollback_lock_file(lk); |
4d423a3e MH |
337 | error("cannot open '%s' for copying", path); |
338 | errno = save_errno; | |
339 | return -1; | |
ea3cd5c7 DB |
340 | } |
341 | } else if (copy_fd(orig_fd, fd)) { | |
4d423a3e MH |
342 | int save_errno = errno; |
343 | ||
acd3b9ec | 344 | if (flags & LOCK_DIE_ON_ERROR) |
00b7cbfc | 345 | die("failed to prepare '%s' for appending", path); |
b29763aa | 346 | close(orig_fd); |
ebb8e380 | 347 | rollback_lock_file(lk); |
4d423a3e | 348 | errno = save_errno; |
ea3cd5c7 | 349 | return -1; |
b29763aa SP |
350 | } else { |
351 | close(orig_fd); | |
ea3cd5c7 DB |
352 | } |
353 | return fd; | |
354 | } | |
355 | ||
013870cd MH |
356 | FILE *fdopen_lock_file(struct lock_file *lk, const char *mode) |
357 | { | |
358 | if (!lk->active) | |
359 | die("BUG: fdopen_lock_file() called for unlocked object"); | |
360 | if (lk->fp) | |
361 | die("BUG: fdopen_lock_file() called twice for file '%s'", lk->filename.buf); | |
362 | ||
363 | lk->fp = fdopen(lk->fd, mode); | |
364 | return lk->fp; | |
365 | } | |
366 | ||
b4fb09e4 MH |
367 | const char *get_lock_file_path(struct lock_file *lk) |
368 | { | |
369 | if (!lk->active) | |
370 | die("BUG: get_lock_file_path() called for unlocked object"); | |
371 | return lk->filename.buf; | |
372 | } | |
373 | ||
c99a4c2d MH |
374 | int get_lock_file_fd(struct lock_file *lk) |
375 | { | |
376 | if (!lk->active) | |
377 | die("BUG: get_lock_file_fd() called for unlocked object"); | |
378 | return lk->fd; | |
379 | } | |
380 | ||
381 | FILE *get_lock_file_fp(struct lock_file *lk) | |
382 | { | |
383 | if (!lk->active) | |
384 | die("BUG: get_lock_file_fp() called for unlocked object"); | |
385 | return lk->fp; | |
386 | } | |
387 | ||
ec38b4e4 MH |
388 | char *get_locked_file_path(struct lock_file *lk) |
389 | { | |
390 | if (!lk->active) | |
391 | die("BUG: get_locked_file_path() called for unlocked object"); | |
392 | if (lk->filename.len <= LOCK_SUFFIX_LEN) | |
393 | die("BUG: get_locked_file_path() called for malformed lock object"); | |
394 | return xmemdupz(lk->filename.buf, lk->filename.len - LOCK_SUFFIX_LEN); | |
395 | } | |
396 | ||
d6cf61bf BC |
397 | int close_lock_file(struct lock_file *lk) |
398 | { | |
399 | int fd = lk->fd; | |
013870cd MH |
400 | FILE *fp = lk->fp; |
401 | int err; | |
419f0c0f MH |
402 | |
403 | if (fd < 0) | |
404 | return 0; | |
405 | ||
d6cf61bf | 406 | lk->fd = -1; |
013870cd MH |
407 | if (fp) { |
408 | lk->fp = NULL; | |
409 | ||
410 | /* | |
411 | * Note: no short-circuiting here; we want to fclose() | |
412 | * in any case! | |
413 | */ | |
414 | err = ferror(fp) | fclose(fp); | |
415 | } else { | |
416 | err = close(fd); | |
417 | } | |
418 | ||
419 | if (err) { | |
8e86c155 MH |
420 | int save_errno = errno; |
421 | rollback_lock_file(lk); | |
422 | errno = save_errno; | |
423 | return -1; | |
424 | } | |
013870cd | 425 | |
8e86c155 | 426 | return 0; |
d6cf61bf BC |
427 | } |
428 | ||
93dcaea2 JH |
429 | int reopen_lock_file(struct lock_file *lk) |
430 | { | |
431 | if (0 <= lk->fd) | |
432 | die(_("BUG: reopen a lockfile that is still open")); | |
707103fd | 433 | if (!lk->active) |
93dcaea2 | 434 | die(_("BUG: reopen a lockfile that has been committed")); |
cf6950d3 | 435 | lk->fd = open(lk->filename.buf, O_WRONLY); |
93dcaea2 JH |
436 | return lk->fd; |
437 | } | |
438 | ||
751baced | 439 | int commit_lock_file_to(struct lock_file *lk, const char *path) |
021b6e45 | 440 | { |
707103fd | 441 | if (!lk->active) |
751baced | 442 | die("BUG: attempt to commit unlocked object to \"%s\"", path); |
8a1c7533 | 443 | |
419f0c0f | 444 | if (close_lock_file(lk)) |
d6cf61bf | 445 | return -1; |
4f4713df | 446 | |
751baced | 447 | if (rename(lk->filename.buf, path)) { |
1b1648f4 MH |
448 | int save_errno = errno; |
449 | rollback_lock_file(lk); | |
450 | errno = save_errno; | |
d6cf61bf | 451 | return -1; |
1b1648f4 MH |
452 | } |
453 | ||
707103fd | 454 | lk->active = 0; |
cf6950d3 | 455 | strbuf_reset(&lk->filename); |
d6cf61bf | 456 | return 0; |
021b6e45 JH |
457 | } |
458 | ||
751baced | 459 | int commit_lock_file(struct lock_file *lk) |
30ca07a2 | 460 | { |
751baced MH |
461 | static struct strbuf result_file = STRBUF_INIT; |
462 | int err; | |
463 | ||
464 | if (!lk->active) | |
465 | die("BUG: attempt to commit unlocked object"); | |
466 | ||
467 | if (lk->filename.len <= LOCK_SUFFIX_LEN || | |
468 | strcmp(lk->filename.buf + lk->filename.len - LOCK_SUFFIX_LEN, LOCK_SUFFIX)) | |
469 | die("BUG: lockfile filename corrupt"); | |
470 | ||
471 | /* remove ".lock": */ | |
472 | strbuf_add(&result_file, lk->filename.buf, | |
473 | lk->filename.len - LOCK_SUFFIX_LEN); | |
474 | err = commit_lock_file_to(lk, result_file.buf); | |
475 | strbuf_reset(&result_file); | |
476 | return err; | |
30ca07a2 JH |
477 | } |
478 | ||
021b6e45 JH |
479 | void rollback_lock_file(struct lock_file *lk) |
480 | { | |
707103fd | 481 | if (!lk->active) |
9085f8e2 MH |
482 | return; |
483 | ||
8e86c155 | 484 | if (!close_lock_file(lk)) { |
cf6950d3 | 485 | unlink_or_warn(lk->filename.buf); |
707103fd | 486 | lk->active = 0; |
cf6950d3 | 487 | strbuf_reset(&lk->filename); |
4723ee99 | 488 | } |
021b6e45 | 489 | } |