[thirdparty/git.git] / wrapper.c

/*
 * Various trivial helper wrappers around standard functions
 */
#include "cache.h"
#include "config.h"

static void do_nothing(size_t size)
{
}

static void (*try_to_free_routine)(size_t size) = do_nothing;

static int memory_limit_check(size_t size, int gentle)
{
	static size_t limit = 0;
	if (!limit) {
		limit = git_env_ulong("GIT_ALLOC_LIMIT", 0);
		if (!limit)
			limit = SIZE_MAX;
	}
	if (size > limit) {
		if (gentle) {
			error("attempting to allocate %"PRIuMAX" over limit %"PRIuMAX,
			      (uintmax_t)size, (uintmax_t)limit);
			return -1;
		} else
			die("attempting to allocate %"PRIuMAX" over limit %"PRIuMAX,
			    (uintmax_t)size, (uintmax_t)limit);
	}
	return 0;
}

try_to_free_t set_try_to_free_routine(try_to_free_t routine)
{
	try_to_free_t old = try_to_free_routine;
	if (!routine)
		routine = do_nothing;
	try_to_free_routine = routine;
	return old;
}

char *xstrdup(const char *str)
{
	char *ret = strdup(str);
	if (!ret) {
		try_to_free_routine(strlen(str) + 1);
		ret = strdup(str);
		if (!ret)
			die("Out of memory, strdup failed");
	}
	return ret;
}

static void *do_xmalloc(size_t size, int gentle)
{
	void *ret;

	if (memory_limit_check(size, gentle))
		return NULL;
	ret = malloc(size);
	if (!ret && !size)
		ret = malloc(1);
	if (!ret) {
		try_to_free_routine(size);
		ret = malloc(size);
		if (!ret && !size)
			ret = malloc(1);
		if (!ret) {
			if (!gentle)
				die("Out of memory, malloc failed (tried to allocate %lu bytes)",
				    (unsigned long)size);
			else {
				error("Out of memory, malloc failed (tried to allocate %lu bytes)",
				      (unsigned long)size);
				return NULL;
			}
		}
	}
#ifdef XMALLOC_POISON
	memset(ret, 0xA5, size);
#endif
	return ret;
}

void *xmalloc(size_t size)
{
	return do_xmalloc(size, 0);
}

static void *do_xmallocz(size_t size, int gentle)
{
	void *ret;
	if (unsigned_add_overflows(size, 1)) {
		if (gentle) {
			error("Data too large to fit into virtual memory space.");
			return NULL;
		} else
			die("Data too large to fit into virtual memory space.");
	}
	ret = do_xmalloc(size + 1, gentle);
	if (ret)
		((char*)ret)[size] = 0;
	return ret;
}

void *xmallocz(size_t size)
{
	return do_xmallocz(size, 0);
}

void *xmallocz_gently(size_t size)
{
	return do_xmallocz(size, 1);
}

/*
 * xmemdupz() allocates (len + 1) bytes of memory, duplicates "len" bytes of
 * "data" to the allocated memory, zero terminates the allocated memory,
 * and returns a pointer to the allocated memory. If the allocation fails,
 * the program dies.
 */
void *xmemdupz(const void *data, size_t len)
{
	return memcpy(xmallocz(len), data, len);
}

char *xstrndup(const char *str, size_t len)
{
	char *p = memchr(str, '\0', len);
	return xmemdupz(str, p ? p - str : len);
}

void *xrealloc(void *ptr, size_t size)
{
	void *ret;

	memory_limit_check(size, 0);
	ret = realloc(ptr, size);
	if (!ret && !size)
		ret = realloc(ptr, 1);
	if (!ret) {
		try_to_free_routine(size);
		ret = realloc(ptr, size);
		if (!ret && !size)
			ret = realloc(ptr, 1);
		if (!ret)
			die("Out of memory, realloc failed");
	}
	return ret;
}

void *xcalloc(size_t nmemb, size_t size)
{
	void *ret;

	if (unsigned_mult_overflows(nmemb, size))
		die("data too large to fit into virtual memory space");

	memory_limit_check(size * nmemb, 0);
	ret = calloc(nmemb, size);
	if (!ret && (!nmemb || !size))
		ret = calloc(1, 1);
	if (!ret) {
		try_to_free_routine(nmemb * size);
		ret = calloc(nmemb, size);
		if (!ret && (!nmemb || !size))
			ret = calloc(1, 1);
		if (!ret)
			die("Out of memory, calloc failed");
	}
	return ret;
}

/*
 * Limit size of IO chunks, because huge chunks only cause pain.  OS X
 * 64-bit is buggy, returning EINVAL if len >= INT_MAX; and even in
 * the absence of bugs, large chunks can result in bad latencies when
 * you decide to kill the process.
 *
 * We pick 8 MiB as our default, but if the platform defines SSIZE_MAX
 * that is smaller than that, clip it to SSIZE_MAX, as a call to
 * read(2) or write(2) larger than that is allowed to fail.  As the last
 * resort, we allow a port to pass via CFLAGS e.g. "-DMAX_IO_SIZE=value"
 * to override this, if the definition of SSIZE_MAX given by the platform
 * is broken.
 */
#ifndef MAX_IO_SIZE
# define MAX_IO_SIZE_DEFAULT (8*1024*1024)
# if defined(SSIZE_MAX) && (SSIZE_MAX < MAX_IO_SIZE_DEFAULT)
#  define MAX_IO_SIZE SSIZE_MAX
# else
#  define MAX_IO_SIZE MAX_IO_SIZE_DEFAULT
# endif
#endif

/**
 * xopen() is the same as open(), but it die()s if the open() fails.
 */
int xopen(const char *path, int oflag, ...)
{
	mode_t mode = 0;
	va_list ap;

	/*
	 * va_arg() will have undefined behavior if the specified type is not
	 * compatible with the argument type. Since integers are promoted to
	 * ints, we fetch the next argument as an int, and then cast it to a
	 * mode_t to avoid undefined behavior.
	 */
	va_start(ap, oflag);
	if (oflag & O_CREAT)
		mode = va_arg(ap, int);
	va_end(ap);

	for (;;) {
		int fd = open(path, oflag, mode);
		if (fd >= 0)
			return fd;
		if (errno == EINTR)
			continue;

		if ((oflag & O_RDWR) == O_RDWR)
			die_errno(_("could not open '%s' for reading and writing"), path);
		else if ((oflag & O_WRONLY) == O_WRONLY)
			die_errno(_("could not open '%s' for writing"), path);
		else
			die_errno(_("could not open '%s' for reading"), path);
	}
}

static int handle_nonblock(int fd, short poll_events, int err)
{
	struct pollfd pfd;

	if (err != EAGAIN && err != EWOULDBLOCK)
		return 0;

	pfd.fd = fd;
	pfd.events = poll_events;

	/*
	 * no need to check for errors, here;
	 * a subsequent read/write will detect unrecoverable errors
	 */
	poll(&pfd, 1, -1);
	return 1;
}

/*
 * xread() is the same a read(), but it automatically restarts read()
 * operations with a recoverable error (EAGAIN and EINTR). xread()
 * DOES NOT GUARANTEE that "len" bytes is read even if the data is available.
 */
ssize_t xread(int fd, void *buf, size_t len)
{
	ssize_t nr;
	if (len > MAX_IO_SIZE)
	    len = MAX_IO_SIZE;
	while (1) {
		nr = read(fd, buf, len);
		if (nr < 0) {
			if (errno == EINTR)
				continue;
			if (handle_nonblock(fd, POLLIN, errno))
				continue;
		}
		return nr;
	}
}

/*
 * xwrite() is the same a write(), but it automatically restarts write()
 * operations with a recoverable error (EAGAIN and EINTR). xwrite() DOES NOT
 * GUARANTEE that "len" bytes is written even if the operation is successful.
 */
ssize_t xwrite(int fd, const void *buf, size_t len)
{
	ssize_t nr;
	if (len > MAX_IO_SIZE)
	    len = MAX_IO_SIZE;
	while (1) {
		nr = write(fd, buf, len);
		if (nr < 0) {
			if (errno == EINTR)
				continue;
			if (handle_nonblock(fd, POLLOUT, errno))
				continue;
		}

		return nr;
	}
}

/*
 * xpread() is the same as pread(), but it automatically restarts pread()
 * operations with a recoverable error (EAGAIN and EINTR). xpread() DOES
 * NOT GUARANTEE that "len" bytes is read even if the data is available.
 */
ssize_t xpread(int fd, void *buf, size_t len, off_t offset)
{
	ssize_t nr;
	if (len > MAX_IO_SIZE)
		len = MAX_IO_SIZE;
	while (1) {
		nr = pread(fd, buf, len, offset);
		if ((nr < 0) && (errno == EAGAIN || errno == EINTR))
			continue;
		return nr;
	}
}

ssize_t read_in_full(int fd, void *buf, size_t count)
{
	char *p = buf;
	ssize_t total = 0;

	while (count > 0) {
		ssize_t loaded = xread(fd, p, count);
		if (loaded < 0)
			return -1;
		if (loaded == 0)
			return total;
		count -= loaded;
		p += loaded;
		total += loaded;
	}

	return total;
}

ssize_t write_in_full(int fd, const void *buf, size_t count)
{
	const char *p = buf;
	ssize_t total = 0;

	while (count > 0) {
		ssize_t written = xwrite(fd, p, count);
		if (written < 0)
			return -1;
		if (!written) {
			errno = ENOSPC;
			return -1;
		}
		count -= written;
		p += written;
		total += written;
	}

	return total;
}

ssize_t pread_in_full(int fd, void *buf, size_t count, off_t offset)
{
	char *p = buf;
	ssize_t total = 0;

	while (count > 0) {
		ssize_t loaded = xpread(fd, p, count, offset);
		if (loaded < 0)
			return -1;
		if (loaded == 0)
			return total;
		count -= loaded;
		p += loaded;
		total += loaded;
		offset += loaded;
	}

	return total;
}

int xdup(int fd)
{
	int ret = dup(fd);
	if (ret < 0)
		die_errno("dup failed");
	return ret;
}

/**
 * xfopen() is the same as fopen(), but it die()s if the fopen() fails.
 */
FILE *xfopen(const char *path, const char *mode)
{
	for (;;) {
		FILE *fp = fopen(path, mode);
		if (fp)
			return fp;
		if (errno == EINTR)
			continue;

		if (*mode && mode[1] == '+')
			die_errno(_("could not open '%s' for reading and writing"), path);
		else if (*mode == 'w' || *mode == 'a')
			die_errno(_("could not open '%s' for writing"), path);
		else
			die_errno(_("could not open '%s' for reading"), path);
	}
}

FILE *xfdopen(int fd, const char *mode)
{
	FILE *stream = fdopen(fd, mode);
	if (stream == NULL)
		die_errno("Out of memory? fdopen failed");
	return stream;
}

FILE *fopen_for_writing(const char *path)
{
	FILE *ret = fopen(path, "w");

	if (!ret && errno == EPERM) {
		if (!unlink(path))
			ret = fopen(path, "w");
		else
			errno = EPERM;
	}
	return ret;
}

static void warn_on_inaccessible(const char *path)
{
	warning_errno(_("unable to access '%s'"), path);
}

int warn_on_fopen_errors(const char *path)
{
	if (errno != ENOENT && errno != ENOTDIR) {
		warn_on_inaccessible(path);
		return -1;
	}

	return 0;
}

FILE *fopen_or_warn(const char *path, const char *mode)
{
	FILE *fp = fopen(path, mode);

	if (fp)
		return fp;

	warn_on_fopen_errors(path);
	return NULL;
}

int xmkstemp(char *filename_template)
{
	int fd;
	char origtemplate[PATH_MAX];
	strlcpy(origtemplate, filename_template, sizeof(origtemplate));

	fd = mkstemp(filename_template);
	if (fd < 0) {
		int saved_errno = errno;
		const char *nonrelative_template;

		if (strlen(filename_template) != strlen(origtemplate))
			filename_template = origtemplate;

		nonrelative_template = absolute_path(filename_template);
		errno = saved_errno;
		die_errno("Unable to create temporary file '%s'",
			nonrelative_template);
	}
	return fd;
}

/* Adapted from libiberty's mkstemp.c. */

#undef TMP_MAX
#define TMP_MAX 16384

int git_mkstemps_mode(char *pattern, int suffix_len, int mode)
{
	static const char letters[] =
		"abcdefghijklmnopqrstuvwxyz"
		"ABCDEFGHIJKLMNOPQRSTUVWXYZ"
		"0123456789";
	static const int num_letters = 62;
	uint64_t value;
	struct timeval tv;
	char *filename_template;
	size_t len;
	int fd, count;

	len = strlen(pattern);

	if (len < 6 + suffix_len) {
		errno = EINVAL;
		return -1;
	}

	if (strncmp(&pattern[len - 6 - suffix_len], "XXXXXX", 6)) {
		errno = EINVAL;
		return -1;
	}

	/*
	 * Replace pattern's XXXXXX characters with randomness.
	 * Try TMP_MAX different filenames.
	 */
	gettimeofday(&tv, NULL);
	value = ((size_t)(tv.tv_usec << 16)) ^ tv.tv_sec ^ getpid();
	filename_template = &pattern[len - 6 - suffix_len];
	for (count = 0; count < TMP_MAX; ++count) {
		uint64_t v = value;
		/* Fill in the random bits. */
		filename_template[0] = letters[v % num_letters]; v /= num_letters;
		filename_template[1] = letters[v % num_letters]; v /= num_letters;
		filename_template[2] = letters[v % num_letters]; v /= num_letters;
		filename_template[3] = letters[v % num_letters]; v /= num_letters;
		filename_template[4] = letters[v % num_letters]; v /= num_letters;
		filename_template[5] = letters[v % num_letters]; v /= num_letters;

		fd = open(pattern, O_CREAT | O_EXCL | O_RDWR, mode);
		if (fd >= 0)
			return fd;
		/*
		 * Fatal error (EPERM, ENOSPC etc).
		 * It doesn't make sense to loop.
		 */
		if (errno != EEXIST)
			break;
		/*
		 * This is a random value.  It is only necessary that
		 * the next TMP_MAX values generated by adding 7777 to
		 * VALUE are different with (module 2^32).
		 */
		value += 7777;
	}
	/* We return the null string if we can't find a unique file name.  */
	pattern[0] = '\0';
	return -1;
}

int git_mkstemp_mode(char *pattern, int mode)
{
	/* mkstemp is just mkstemps with no suffix */
	return git_mkstemps_mode(pattern, 0, mode);
}

int xmkstemp_mode(char *filename_template, int mode)
{
	int fd;
	char origtemplate[PATH_MAX];
	strlcpy(origtemplate, filename_template, sizeof(origtemplate));

	fd = git_mkstemp_mode(filename_template, mode);
	if (fd < 0) {
		int saved_errno = errno;
		const char *nonrelative_template;

		if (!filename_template[0])
			filename_template = origtemplate;

		nonrelative_template = absolute_path(filename_template);
		errno = saved_errno;
		die_errno("Unable to create temporary file '%s'",
			nonrelative_template);
	}
	return fd;
}

static int warn_if_unremovable(const char *op, const char *file, int rc)
{
	int err;
	if (!rc || errno == ENOENT)
		return 0;
	err = errno;
	warning_errno("unable to %s '%s'", op, file);
	errno = err;
	return rc;
}

int unlink_or_msg(const char *file, struct strbuf *err)
{
	int rc = unlink(file);

	assert(err);

	if (!rc || errno == ENOENT)
		return 0;

	strbuf_addf(err, "unable to unlink '%s': %s",
		    file, strerror(errno));
	return -1;
}

int unlink_or_warn(const char *file)
{
	return warn_if_unremovable("unlink", file, unlink(file));
}

int rmdir_or_warn(const char *file)
{
	return warn_if_unremovable("rmdir", file, rmdir(file));
}

int remove_or_warn(unsigned int mode, const char *file)
{
	return S_ISGITLINK(mode) ? rmdir_or_warn(file) : unlink_or_warn(file);
}

static int access_error_is_ok(int err, unsigned flag)
{
	return (is_missing_file_error(err) ||
		((flag & ACCESS_EACCES_OK) && err == EACCES));
}

int access_or_warn(const char *path, int mode, unsigned flag)
{
	int ret = access(path, mode);
	if (ret && !access_error_is_ok(errno, flag))
		warn_on_inaccessible(path);
	return ret;
}

int access_or_die(const char *path, int mode, unsigned flag)
{
	int ret = access(path, mode);
	if (ret && !access_error_is_ok(errno, flag))
		die_errno(_("unable to access '%s'"), path);
	return ret;
}

char *xgetcwd(void)
{
	struct strbuf sb = STRBUF_INIT;
	if (strbuf_getcwd(&sb))
		die_errno(_("unable to get current working directory"));
	return strbuf_detach(&sb, NULL);
}

int xsnprintf(char *dst, size_t max, const char *fmt, ...)
{
	va_list ap;
	int len;

	va_start(ap, fmt);
	len = vsnprintf(dst, max, fmt, ap);
	va_end(ap);

	if (len < 0)
		die("BUG: your snprintf is broken");
	if (len >= max)
		die("BUG: attempt to snprintf into too-small buffer");
	return len;
}

void write_file_buf(const char *path, const char *buf, size_t len)
{
	int fd = xopen(path, O_WRONLY | O_CREAT | O_TRUNC, 0666);
	if (write_in_full(fd, buf, len) < 0)
		die_errno(_("could not write to '%s'"), path);
	if (close(fd))
		die_errno(_("could not close '%s'"), path);
}

void write_file(const char *path, const char *fmt, ...)
{
	va_list params;
	struct strbuf sb = STRBUF_INIT;

	va_start(params, fmt);
	strbuf_vaddf(&sb, fmt, params);
	va_end(params);

	strbuf_complete_line(&sb);

	write_file_buf(path, sb.buf, sb.len);
	strbuf_release(&sb);
}

void sleep_millisec(int millisec)
{
	poll(NULL, 0, millisec);
}

int xgethostname(char *buf, size_t len)
{
	/*
	 * If the full hostname doesn't fit in buf, POSIX does not
	 * specify whether the buffer will be null-terminated, so to
	 * be safe, do it ourselves.
	 */
	int ret = gethostname(buf, len);
	if (!ret)
		buf[len - 1] = 0;
	return ret;
}
Commit	Line	Data
112db553 LT	1	/*
	2	* Various trivial helper wrappers around standard functions
	3	*/
	4	#include "cache.h"
b2141fc1	5	#include "config.h"
112db553	6
e0500293	7	static void do_nothing(size_t size)
a9a74636	8	{
a9a74636 NP	9	}
a9a74636 NP	10
e0500293	11	static void (*try_to_free_routine)(size_t size) = do_nothing;
a9a74636	12
f8bb1d94	13	static int memory_limit_check(size_t size, int gentle)
d41489a6	14	{
9927d962 SP	15	static size_t limit = 0;
	16	if (!limit) {
	17	limit = git_env_ulong("GIT_ALLOC_LIMIT", 0);
	18	if (!limit)
	19	limit = SIZE_MAX;
d41489a6	20	}
f0d89001	21	if (size > limit) {
f8bb1d94	22	if (gentle) {
f0d89001 JH	23	error("attempting to allocate %"PRIuMAX" over limit %"PRIuMAX,
f0d89001 JH	24	(uintmax_t)size, (uintmax_t)limit);
f8bb1d94 NTND	25	return -1;
f8bb1d94 NTND	26	} else
f0d89001 JH	27	die("attempting to allocate %"PRIuMAX" over limit %"PRIuMAX,
f0d89001 JH	28	(uintmax_t)size, (uintmax_t)limit);
f8bb1d94 NTND	29	}
f8bb1d94 NTND	30	return 0;
d41489a6 NTND	31	}
d41489a6 NTND	32
851c34b0	33	try_to_free_t set_try_to_free_routine(try_to_free_t routine)
a9a74636	34	{
851c34b0	35	try_to_free_t old = try_to_free_routine;
00b0d7f7 JH	36	if (!routine)
00b0d7f7 JH	37	routine = do_nothing;
851c34b0 JS	38	try_to_free_routine = routine;
851c34b0 JS	39	return old;
a9a74636 NP	40	}
a9a74636 NP	41
112db553 LT	42	char xstrdup(const char str)
	43	{
	44	char *ret = strdup(str);
	45	if (!ret) {
a9a74636	46	try_to_free_routine(strlen(str) + 1);
112db553 LT	47	ret = strdup(str);
	48	if (!ret)
	49	die("Out of memory, strdup failed");
	50	}
	51	return ret;
	52	}
	53
f8bb1d94	54	static void *do_xmalloc(size_t size, int gentle)
112db553	55	{
d41489a6 NTND	56	void *ret;
d41489a6 NTND	57
f8bb1d94 NTND	58	if (memory_limit_check(size, gentle))
f8bb1d94 NTND	59	return NULL;
d41489a6	60	ret = malloc(size);
112db553 LT	61	if (!ret && !size)
	62	ret = malloc(1);
	63	if (!ret) {
a9a74636	64	try_to_free_routine(size);
112db553 LT	65	ret = malloc(size);
	66	if (!ret && !size)
	67	ret = malloc(1);
f8bb1d94 NTND	68	if (!ret) {
	69	if (!gentle)
	70	die("Out of memory, malloc failed (tried to allocate %lu bytes)",
	71	(unsigned long)size);
	72	else {
	73	error("Out of memory, malloc failed (tried to allocate %lu bytes)",
	74	(unsigned long)size);
	75	return NULL;
	76	}
	77	}
112db553 LT	78	}
	79	#ifdef XMALLOC_POISON
	80	memset(ret, 0xA5, size);
	81	#endif
	82	return ret;
	83	}
	84
f8bb1d94 NTND	85	void *xmalloc(size_t size)
	86	{
	87	return do_xmalloc(size, 0);
	88	}
	89
	90	static void *do_xmallocz(size_t size, int gentle)
5bf9219d IL	91	{
5bf9219d IL	92	void *ret;
f8bb1d94 NTND	93	if (unsigned_add_overflows(size, 1)) {
	94	if (gentle) {
	95	error("Data too large to fit into virtual memory space.");
	96	return NULL;
	97	} else
	98	die("Data too large to fit into virtual memory space.");
	99	}
	100	ret = do_xmalloc(size + 1, gentle);
	101	if (ret)
	102	((char*)ret)[size] = 0;
5bf9219d IL	103	return ret;
	104	}
	105
f8bb1d94 NTND	106	void *xmallocz(size_t size)
	107	{
	108	return do_xmallocz(size, 0);
	109	}
	110
	111	void *xmallocz_gently(size_t size)
	112	{
	113	return do_xmallocz(size, 1);
	114	}
	115
112db553 LT	116	/*
	117	* xmemdupz() allocates (len + 1) bytes of memory, duplicates "len" bytes of
	118	* "data" to the allocated memory, zero terminates the allocated memory,
	119	* and returns a pointer to the allocated memory. If the allocation fails,
	120	* the program dies.
	121	*/
	122	void xmemdupz(const void data, size_t len)
	123	{
5bf9219d	124	return memcpy(xmallocz(len), data, len);
112db553 LT	125	}
	126
	127	char xstrndup(const char str, size_t len)
	128	{
	129	char *p = memchr(str, '\0', len);
	130	return xmemdupz(str, p ? p - str : len);
	131	}
	132
	133	void xrealloc(void ptr, size_t size)
	134	{
d41489a6 NTND	135	void *ret;
d41489a6 NTND	136
f8bb1d94	137	memory_limit_check(size, 0);
d41489a6	138	ret = realloc(ptr, size);
112db553 LT	139	if (!ret && !size)
	140	ret = realloc(ptr, 1);
	141	if (!ret) {
a9a74636	142	try_to_free_routine(size);
112db553 LT	143	ret = realloc(ptr, size);
	144	if (!ret && !size)
	145	ret = realloc(ptr, 1);
	146	if (!ret)
	147	die("Out of memory, realloc failed");
	148	}
	149	return ret;
	150	}
	151
	152	void *xcalloc(size_t nmemb, size_t size)
	153	{
d41489a6 NTND	154	void *ret;
d41489a6 NTND	155
e7792a74 JK	156	if (unsigned_mult_overflows(nmemb, size))
	157	die("data too large to fit into virtual memory space");
	158
f8bb1d94	159	memory_limit_check(size * nmemb, 0);
d41489a6	160	ret = calloc(nmemb, size);
112db553 LT	161	if (!ret && (!nmemb \|\| !size))
	162	ret = calloc(1, 1);
	163	if (!ret) {
a9a74636	164	try_to_free_routine(nmemb * size);
112db553 LT	165	ret = calloc(nmemb, size);
	166	if (!ret && (!nmemb \|\| !size))
	167	ret = calloc(1, 1);
	168	if (!ret)
	169	die("Out of memory, calloc failed");
	170	}
	171	return ret;
	172	}
	173
0b6806b9 SP	174	/*
	175	* Limit size of IO chunks, because huge chunks only cause pain. OS X
	176	* 64-bit is buggy, returning EINVAL if len >= INT_MAX; and even in
382d20e3	177	* the absence of bugs, large chunks can result in bad latencies when
0b6806b9	178	* you decide to kill the process.
a983e6ac JH	179	*
	180	* We pick 8 MiB as our default, but if the platform defines SSIZE_MAX
	181	* that is smaller than that, clip it to SSIZE_MAX, as a call to
	182	* read(2) or write(2) larger than that is allowed to fail. As the last
	183	* resort, we allow a port to pass via CFLAGS e.g. "-DMAX_IO_SIZE=value"
	184	* to override this, if the definition of SSIZE_MAX given by the platform
	185	* is broken.
0b6806b9	186	*/
a983e6ac JH	187	#ifndef MAX_IO_SIZE
	188	# define MAX_IO_SIZE_DEFAULT (810241024)
	189	# if defined(SSIZE_MAX) && (SSIZE_MAX < MAX_IO_SIZE_DEFAULT)
	190	# define MAX_IO_SIZE SSIZE_MAX
	191	# else
	192	# define MAX_IO_SIZE MAX_IO_SIZE_DEFAULT
	193	# endif
	194	#endif
0b6806b9	195
3ff53df7 PT	196	/**
	197	* xopen() is the same as open(), but it die()s if the open() fails.
	198	*/
	199	int xopen(const char *path, int oflag, ...)
	200	{
	201	mode_t mode = 0;
	202	va_list ap;
	203
	204	/*
	205	* va_arg() will have undefined behavior if the specified type is not
	206	* compatible with the argument type. Since integers are promoted to
	207	* ints, we fetch the next argument as an int, and then cast it to a
	208	* mode_t to avoid undefined behavior.
	209	*/
	210	va_start(ap, oflag);
	211	if (oflag & O_CREAT)
	212	mode = va_arg(ap, int);
	213	va_end(ap);
	214
	215	for (;;) {
	216	int fd = open(path, oflag, mode);
	217	if (fd >= 0)
	218	return fd;
	219	if (errno == EINTR)
	220	continue;
	221
	222	if ((oflag & O_RDWR) == O_RDWR)
	223	die_errno(_("could not open '%s' for reading and writing"), path);
	224	else if ((oflag & O_WRONLY) == O_WRONLY)
	225	die_errno(_("could not open '%s' for writing"), path);
	226	else
	227	die_errno(_("could not open '%s' for reading"), path);
	228	}
	229	}
	230
d751dd11 EW	231	static int handle_nonblock(int fd, short poll_events, int err)
	232	{
	233	struct pollfd pfd;
	234
	235	if (err != EAGAIN && err != EWOULDBLOCK)
	236	return 0;
	237
	238	pfd.fd = fd;
	239	pfd.events = poll_events;
	240
	241	/*
	242	* no need to check for errors, here;
	243	* a subsequent read/write will detect unrecoverable errors
	244	*/
	245	poll(&pfd, 1, -1);
	246	return 1;
	247	}
	248
112db553 LT	249	/*
	250	* xread() is the same a read(), but it automatically restarts read()
	251	* operations with a recoverable error (EAGAIN and EINTR). xread()
	252	* DOES NOT GUARANTEE that "len" bytes is read even if the data is available.
	253	*/
	254	ssize_t xread(int fd, void *buf, size_t len)
	255	{
	256	ssize_t nr;
0b6806b9 SP	257	if (len > MAX_IO_SIZE)
0b6806b9 SP	258	len = MAX_IO_SIZE;
112db553 LT	259	while (1) {
112db553 LT	260	nr = read(fd, buf, len);
1079c4be SB	261	if (nr < 0) {
	262	if (errno == EINTR)
	263	continue;
d751dd11	264	if (handle_nonblock(fd, POLLIN, errno))
c22f6202	265	continue;
1079c4be	266	}
112db553 LT	267	return nr;
	268	}
	269	}
	270
	271	/*
	272	* xwrite() is the same a write(), but it automatically restarts write()
	273	* operations with a recoverable error (EAGAIN and EINTR). xwrite() DOES NOT
	274	* GUARANTEE that "len" bytes is written even if the operation is successful.
	275	*/
	276	ssize_t xwrite(int fd, const void *buf, size_t len)
	277	{
	278	ssize_t nr;
0b6806b9 SP	279	if (len > MAX_IO_SIZE)
0b6806b9 SP	280	len = MAX_IO_SIZE;
112db553 LT	281	while (1) {
112db553 LT	282	nr = write(fd, buf, len);
ef1cf016 EW	283	if (nr < 0) {
	284	if (errno == EINTR)
	285	continue;
d751dd11	286	if (handle_nonblock(fd, POLLOUT, errno))
ef1cf016	287	continue;
ef1cf016 EW	288	}
ef1cf016 EW	289
9aa91af0 YM	290	return nr;
	291	}
	292	}
	293
	294	/*
	295	* xpread() is the same as pread(), but it automatically restarts pread()
	296	* operations with a recoverable error (EAGAIN and EINTR). xpread() DOES
	297	* NOT GUARANTEE that "len" bytes is read even if the data is available.
	298	*/
	299	ssize_t xpread(int fd, void *buf, size_t len, off_t offset)
	300	{
	301	ssize_t nr;
	302	if (len > MAX_IO_SIZE)
	303	len = MAX_IO_SIZE;
	304	while (1) {
	305	nr = pread(fd, buf, len, offset);
	306	if ((nr < 0) && (errno == EAGAIN \|\| errno == EINTR))
112db553 LT	307	continue;
	308	return nr;
	309	}
	310	}
	311
559e840b JH	312	ssize_t read_in_full(int fd, void *buf, size_t count)
	313	{
	314	char *p = buf;
	315	ssize_t total = 0;
	316
	317	while (count > 0) {
	318	ssize_t loaded = xread(fd, p, count);
56d7c27a JK	319	if (loaded < 0)
	320	return -1;
	321	if (loaded == 0)
	322	return total;
559e840b JH	323	count -= loaded;
	324	p += loaded;
	325	total += loaded;
	326	}
	327
	328	return total;
	329	}
	330
	331	ssize_t write_in_full(int fd, const void *buf, size_t count)
	332	{
	333	const char *p = buf;
	334	ssize_t total = 0;
	335
	336	while (count > 0) {
	337	ssize_t written = xwrite(fd, p, count);
	338	if (written < 0)
	339	return -1;
	340	if (!written) {
	341	errno = ENOSPC;
	342	return -1;
	343	}
	344	count -= written;
	345	p += written;
	346	total += written;
	347	}
	348
	349	return total;
	350	}
	351
426ddeea YM	352	ssize_t pread_in_full(int fd, void *buf, size_t count, off_t offset)
	353	{
	354	char *p = buf;
	355	ssize_t total = 0;
	356
	357	while (count > 0) {
	358	ssize_t loaded = xpread(fd, p, count, offset);
	359	if (loaded < 0)
	360	return -1;
	361	if (loaded == 0)
	362	return total;
	363	count -= loaded;
	364	p += loaded;
	365	total += loaded;
	366	offset += loaded;
	367	}
	368
	369	return total;
	370	}
	371
112db553 LT	372	int xdup(int fd)
	373	{
	374	int ret = dup(fd);
	375	if (ret < 0)
d824cbba	376	die_errno("dup failed");
112db553 LT	377	return ret;
	378	}
	379
260eec29 PT	380	/**
	381	* xfopen() is the same as fopen(), but it die()s if the fopen() fails.
	382	*/
	383	FILE xfopen(const char path, const char *mode)
	384	{
	385	for (;;) {
	386	FILE *fp = fopen(path, mode);
	387	if (fp)
	388	return fp;
	389	if (errno == EINTR)
	390	continue;
	391
	392	if (*mode && mode[1] == '+')
	393	die_errno(_("could not open '%s' for reading and writing"), path);
	394	else if (mode == 'w' \|\| mode == 'a')
	395	die_errno(_("could not open '%s' for writing"), path);
	396	else
	397	die_errno(_("could not open '%s' for reading"), path);
	398	}
	399	}
	400
112db553 LT	401	FILE xfdopen(int fd, const char mode)
	402	{
	403	FILE *stream = fdopen(fd, mode);
	404	if (stream == NULL)
d824cbba	405	die_errno("Out of memory? fdopen failed");
112db553 LT	406	return stream;
	407	}
	408
79d7582e JS	409	FILE fopen_for_writing(const char path)
	410	{
	411	FILE *ret = fopen(path, "w");
	412
	413	if (!ret && errno == EPERM) {
	414	if (!unlink(path))
	415	ret = fopen(path, "w");
	416	else
	417	errno = EPERM;
	418	}
	419	return ret;
	420	}
	421
382fb07f NTND	422	static void warn_on_inaccessible(const char *path)
	423	{
	424	warning_errno(_("unable to access '%s'"), path);
	425	}
	426
11dc1fcb NTND	427	int warn_on_fopen_errors(const char *path)
	428	{
	429	if (errno != ENOENT && errno != ENOTDIR) {
	430	warn_on_inaccessible(path);
	431	return -1;
	432	}
	433
	434	return 0;
	435	}
	436
e9d983f1 NTND	437	FILE fopen_or_warn(const char path, const char *mode)
	438	{
	439	FILE *fp = fopen(path, mode);
	440
	441	if (fp)
	442	return fp;
	443
	444	warn_on_fopen_errors(path);
	445	return NULL;
	446	}
	447
eb78e23f	448	int xmkstemp(char *filename_template)
112db553 LT	449	{
112db553 LT	450	int fd;
6cf6bb3e	451	char origtemplate[PATH_MAX];
eb78e23f	452	strlcpy(origtemplate, filename_template, sizeof(origtemplate));
112db553	453
eb78e23f	454	fd = mkstemp(filename_template);
6cf6bb3e AE	455	if (fd < 0) {
	456	int saved_errno = errno;
	457	const char *nonrelative_template;
	458
eb78e23f BW	459	if (strlen(filename_template) != strlen(origtemplate))
eb78e23f BW	460	filename_template = origtemplate;
6cf6bb3e	461
eb78e23f	462	nonrelative_template = absolute_path(filename_template);
6cf6bb3e AE	463	errno = saved_errno;
	464	die_errno("Unable to create temporary file '%s'",
	465	nonrelative_template);
	466	}
112db553 LT	467	return fd;
112db553 LT	468	}
39c68542	469
33f23936 JN	470	/* Adapted from libiberty's mkstemp.c. */
	471
	472	#undef TMP_MAX
	473	#define TMP_MAX 16384
	474
	475	int git_mkstemps_mode(char *pattern, int suffix_len, int mode)
	476	{
	477	static const char letters[] =
	478	"abcdefghijklmnopqrstuvwxyz"
	479	"ABCDEFGHIJKLMNOPQRSTUVWXYZ"
	480	"0123456789";
	481	static const int num_letters = 62;
	482	uint64_t value;
	483	struct timeval tv;
eb78e23f	484	char *filename_template;
33f23936 JN	485	size_t len;
	486	int fd, count;
	487
	488	len = strlen(pattern);
	489
	490	if (len < 6 + suffix_len) {
	491	errno = EINVAL;
	492	return -1;
	493	}
	494
	495	if (strncmp(&pattern[len - 6 - suffix_len], "XXXXXX", 6)) {
	496	errno = EINVAL;
	497	return -1;
	498	}
	499
	500	/*
	501	* Replace pattern's XXXXXX characters with randomness.
	502	* Try TMP_MAX different filenames.
	503	*/
	504	gettimeofday(&tv, NULL);
	505	value = ((size_t)(tv.tv_usec << 16)) ^ tv.tv_sec ^ getpid();
eb78e23f	506	filename_template = &pattern[len - 6 - suffix_len];
33f23936 JN	507	for (count = 0; count < TMP_MAX; ++count) {
	508	uint64_t v = value;
	509	/* Fill in the random bits. */
eb78e23f BW	510	filename_template[0] = letters[v % num_letters]; v /= num_letters;
	511	filename_template[1] = letters[v % num_letters]; v /= num_letters;
	512	filename_template[2] = letters[v % num_letters]; v /= num_letters;
	513	filename_template[3] = letters[v % num_letters]; v /= num_letters;
	514	filename_template[4] = letters[v % num_letters]; v /= num_letters;
	515	filename_template[5] = letters[v % num_letters]; v /= num_letters;
33f23936 JN	516
33f23936 JN	517	fd = open(pattern, O_CREAT \| O_EXCL \| O_RDWR, mode);
a2cb86c1	518	if (fd >= 0)
33f23936 JN	519	return fd;
	520	/*
	521	* Fatal error (EPERM, ENOSPC etc).
	522	* It doesn't make sense to loop.
	523	*/
	524	if (errno != EEXIST)
	525	break;
	526	/*
	527	* This is a random value. It is only necessary that
	528	* the next TMP_MAX values generated by adding 7777 to
	529	* VALUE are different with (module 2^32).
	530	*/
	531	value += 7777;
	532	}
	533	/* We return the null string if we can't find a unique file name. */
	534	pattern[0] = '\0';
	535	return -1;
	536	}
	537
	538	int git_mkstemp_mode(char *pattern, int mode)
	539	{
	540	/* mkstemp is just mkstemps with no suffix */
	541	return git_mkstemps_mode(pattern, 0, mode);
	542	}
	543
eb78e23f	544	int xmkstemp_mode(char *filename_template, int mode)
b862b61c MM	545	{
b862b61c MM	546	int fd;
6cf6bb3e	547	char origtemplate[PATH_MAX];
eb78e23f	548	strlcpy(origtemplate, filename_template, sizeof(origtemplate));
b862b61c	549
eb78e23f	550	fd = git_mkstemp_mode(filename_template, mode);
6cf6bb3e AE	551	if (fd < 0) {
	552	int saved_errno = errno;
	553	const char *nonrelative_template;
	554
eb78e23f BW	555	if (!filename_template[0])
eb78e23f BW	556	filename_template = origtemplate;
6cf6bb3e	557
eb78e23f	558	nonrelative_template = absolute_path(filename_template);
6cf6bb3e AE	559	errno = saved_errno;
	560	die_errno("Unable to create temporary file '%s'",
	561	nonrelative_template);
	562	}
b862b61c MM	563	return fd;
	564	}
	565
10e13ec8	566	static int warn_if_unremovable(const char op, const char file, int rc)
fc71db39	567	{
1054af7d RS	568	int err;
	569	if (!rc \|\| errno == ENOENT)
	570	return 0;
	571	err = errno;
0a288d1e	572	warning_errno("unable to %s '%s'", op, file);
1054af7d	573	errno = err;
fc71db39 AR	574	return rc;
	575	}
	576
9ccc0c08 RS	577	int unlink_or_msg(const char file, struct strbuf err)
	578	{
	579	int rc = unlink(file);
	580
	581	assert(err);
	582
	583	if (!rc \|\| errno == ENOENT)
	584	return 0;
	585
0a288d1e	586	strbuf_addf(err, "unable to unlink '%s': %s",
9ccc0c08 RS	587	file, strerror(errno));
	588	return -1;
	589	}
	590
10e13ec8 PC	591	int unlink_or_warn(const char *file)
	592	{
	593	return warn_if_unremovable("unlink", file, unlink(file));
	594	}
d1723296 PC	595
	596	int rmdir_or_warn(const char *file)
	597	{
	598	return warn_if_unremovable("rmdir", file, rmdir(file));
	599	}
80d706af PC	600
	601	int remove_or_warn(unsigned int mode, const char *file)
	602	{
	603	return S_ISGITLINK(mode) ? rmdir_or_warn(file) : unlink_or_warn(file);
	604	}
2f705875	605
4698c8fe JN	606	static int access_error_is_ok(int err, unsigned flag)
4698c8fe JN	607	{
c7054209 JH	608	return (is_missing_file_error(err) \|\|
c7054209 JH	609	((flag & ACCESS_EACCES_OK) && err == EACCES));
4698c8fe JN	610	}
	611
	612	int access_or_warn(const char *path, int mode, unsigned flag)
ba8bd830 JK	613	{
ba8bd830 JK	614	int ret = access(path, mode);
4698c8fe	615	if (ret && !access_error_is_ok(errno, flag))
55b38a48	616	warn_on_inaccessible(path);
ba8bd830 JK	617	return ret;
	618	}
	619
4698c8fe	620	int access_or_die(const char *path, int mode, unsigned flag)
96b9e0e3 JN	621	{
96b9e0e3 JN	622	int ret = access(path, mode);
4698c8fe	623	if (ret && !access_error_is_ok(errno, flag))
96b9e0e3 JN	624	die_errno(_("unable to access '%s'"), path);
	625	return ret;
	626	}
	627
aa14e980 RS	628	char *xgetcwd(void)
	629	{
	630	struct strbuf sb = STRBUF_INIT;
	631	if (strbuf_getcwd(&sb))
	632	die_errno(_("unable to get current working directory"));
	633	return strbuf_detach(&sb, NULL);
	634	}
316e53e6	635
7b03c89e JK	636	int xsnprintf(char dst, size_t max, const char fmt, ...)
	637	{
	638	va_list ap;
	639	int len;
	640
	641	va_start(ap, fmt);
	642	len = vsnprintf(dst, max, fmt, ap);
	643	va_end(ap);
	644
	645	if (len < 0)
	646	die("BUG: your snprintf is broken");
	647	if (len >= max)
	648	die("BUG: attempt to snprintf into too-small buffer");
	649	return len;
	650	}
	651
52563d7e	652	void write_file_buf(const char path, const char buf, size_t len)
316e53e6	653	{
52563d7e	654	int fd = xopen(path, O_WRONLY \| O_CREAT \| O_TRUNC, 0666);
06f46f23	655	if (write_in_full(fd, buf, len) < 0)
0a288d1e	656	die_errno(_("could not write to '%s'"), path);
52563d7e	657	if (close(fd))
0a288d1e	658	die_errno(_("could not close '%s'"), path);
316e53e6	659	}
2024d317	660
ef22318c	661	void write_file(const char path, const char fmt, ...)
12d6ce1d	662	{
12d6ce1d	663	va_list params;
316e53e6	664	struct strbuf sb = STRBUF_INIT;
12d6ce1d JH	665
12d6ce1d JH	666	va_start(params, fmt);
ef22318c	667	strbuf_vaddf(&sb, fmt, params);
12d6ce1d	668	va_end(params);
12d6ce1d	669
ef22318c	670	strbuf_complete_line(&sb);
12d6ce1d	671
52563d7e	672	write_file_buf(path, sb.buf, sb.len);
ef22318c	673	strbuf_release(&sb);
12d6ce1d JH	674	}
12d6ce1d JH	675
2024d317 JS	676	void sleep_millisec(int millisec)
	677	{
	678	poll(NULL, 0, millisec);
	679	}
5781a9a2 DT	680
	681	int xgethostname(char *buf, size_t len)
	682	{
	683	/*
	684	* If the full hostname doesn't fit in buf, POSIX does not
	685	* specify whether the buffer will be null-terminated, so to
	686	* be safe, do it ourselves.
	687	*/
	688	int ret = gethostname(buf, len);
	689	if (!ret)
	690	buf[len - 1] = 0;
	691	return ret;
	692	}