search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
commit_lock_file(): use get_locked_file_path()
[git.git] / lockfile.c
blob3904803686587725d4ea219b6139a566fbace6e9
1 /*
2 * Copyright (c) 2005, Junio C Hamano
3 */
4
5 /*
6 * State diagram and cleanup
7 * -------------------------
8 *
9 * This module keeps track of all locked files in `lock_file_list` for
10 * use at cleanup. This list and the `lock_file` objects that comprise
11 * it must be kept in self-consistent states at all time, because the
12 * program can be interrupted any time by a signal, in which case the
13 * signal handler will walk through the list attempting to clean up
14 * any open lock files.
15 *
16 * The possible states of a `lock_file` object are as follows:
17 *
18 * - Uninitialized. In this state the object's `on_list` field must be
19 * zero but the rest of its contents need not be initialized. As
20 * soon as the object is used in any way, it is irrevocably
21 * registered in `lock_file_list`, and `on_list` is set.
22 *
23 * - Locked, lockfile open (after `hold_lock_file_for_update()`,
24 * `hold_lock_file_for_append()`, or `reopen_lock_file()`). In this
25 * state:
26 *
27 * - the lockfile exists
28 * - `active` is set
29 * - `filename` holds the filename of the lockfile
30 * - `fd` holds a file descriptor open for writing to the lockfile
31 * - `fp` holds a pointer to an open `FILE` object if and only if
32 * `fdopen_lock_file()` has been called on the object
33 * - `owner` holds the PID of the process that locked the file
34 *
35 * - Locked, lockfile closed (after successful `close_lock_file()`).
36 * Same as the previous state, except that the lockfile is closed
37 * and `fd` is -1.
38 *
39 * - Unlocked (after `commit_lock_file()`, `commit_lock_file_to()`,
40 * `rollback_lock_file()`, a failed attempt to lock, or a failed
41 * `close_lock_file()`). In this state:
42 *
43 * - `active` is unset
44 * - `filename` is empty (usually, though there are transitory
45 * states in which this condition doesn't hold). Client code should
46 * *not* rely on the filename being empty in this state.
47 * - `fd` is -1
48 * - the object is left registered in the `lock_file_list`, and
49 * `on_list` is set.
50 *
51 * A lockfile is owned by the process that created it. The `lock_file`
52 * has an `owner` field that records the owner's PID. This field is
53 * used to prevent a forked process from closing a lockfile created by
54 * its parent.
55 */
56
57 #include "cache.h"
58 #include "lockfile.h"
59 #include "sigchain.h"
60
61 static struct lock_file *volatile lock_file_list;
62
63 static void remove_lock_files(int skip_fclose)
64 {
65 pid_t me = getpid();
66
67 while (lock_file_list) {
68 if (lock_file_list->owner == me) {
69 /* fclose() is not safe to call in a signal handler */
70 if (skip_fclose)
71 lock_file_list->fp = NULL;
72 rollback_lock_file(lock_file_list);
73 }
74 lock_file_list = lock_file_list->next;
75 }
76 }
77
78 static void remove_lock_files_on_exit(void)
79 {
80 remove_lock_files(0);
81 }
82
83 static void remove_lock_files_on_signal(int signo)
84 {
85 remove_lock_files(1);
86 sigchain_pop(signo);
87 raise(signo);
88 }
89
90 /*
91 * path = absolute or relative path name
92 *
93 * Remove the last path name element from path (leaving the preceding
94 * "/", if any). If path is empty or the root directory ("/"), set
95 * path to the empty string.
96 */
97 static void trim_last_path_component(struct strbuf *path)
98 {
99 int i = path->len;
100
101 /* back up past trailing slashes, if any */
102 while (i && path->buf[i - 1] == '/')
103 i--;
104
105 /*
106 * then go backwards until a slash, or the beginning of the
107 * string
108 */
109 while (i && path->buf[i - 1] != '/')
110 i--;
111
112 strbuf_setlen(path, i);
113 }
114
115
116 /* We allow "recursive" symbolic links. Only within reason, though */
117 #define MAXDEPTH 5
118
119 /*
120 * path contains a path that might be a symlink.
121 *
122 * If path is a symlink, attempt to overwrite it with a path to the
123 * real file or directory (which may or may not exist), following a
124 * chain of symlinks if necessary. Otherwise, leave path unmodified.
125 *
126 * This is a best-effort routine. If an error occurs, path will
127 * either be left unmodified or will name a different symlink in a
128 * symlink chain that started with the original path.
129 */
130 static void resolve_symlink(struct strbuf *path)
131 {
132 int depth = MAXDEPTH;
133 static struct strbuf link = STRBUF_INIT;
134
135 while (depth--) {
136 if (strbuf_readlink(&link, path->buf, path->len) < 0)
137 break;
138
139 if (is_absolute_path(link.buf))
140 /* absolute path simply replaces p */
141 strbuf_reset(path);
142 else
143 /*
144 * link is a relative path, so replace the
145 * last element of p with it.
146 */
147 trim_last_path_component(path);
148
149 strbuf_addbuf(path, &link);
150 }
151 strbuf_reset(&link);
152 }
153
154 /* Make sure errno contains a meaningful value on error */
155 static int lock_file(struct lock_file *lk, const char *path, int flags)
156 {
157 size_t pathlen = strlen(path);
158
159 if (!lock_file_list) {
160 /* One-time initialization */
161 sigchain_push_common(remove_lock_files_on_signal);
162 atexit(remove_lock_files_on_exit);
163 }
164
165 if (lk->active)
166 die("BUG: cannot lock_file(\"%s\") using active struct lock_file",
167 path);
168 if (!lk->on_list) {
169 /* Initialize *lk and add it to lock_file_list: */
170 lk->fd = -1;
171 lk->fp = NULL;
172 lk->active = 0;
173 lk->owner = 0;
174 strbuf_init(&lk->filename, pathlen + LOCK_SUFFIX_LEN);
175 lk->next = lock_file_list;
176 lock_file_list = lk;
177 lk->on_list = 1;
178 } else if (lk->filename.len) {
179 /* This shouldn't happen, but better safe than sorry. */
180 die("BUG: lock_file(\"%s\") called with improperly-reset lock_file object",
181 path);
182 }
183
184 if (flags & LOCK_NO_DEREF) {
185 strbuf_add_absolute_path(&lk->filename, path);
186 } else {
187 struct strbuf resolved_path = STRBUF_INIT;
188
189 strbuf_add(&resolved_path, path, pathlen);
190 resolve_symlink(&resolved_path);
191 strbuf_add_absolute_path(&lk->filename, resolved_path.buf);
192 strbuf_release(&resolved_path);
193 }
194
195 strbuf_addstr(&lk->filename, LOCK_SUFFIX);
196 lk->fd = open(lk->filename.buf, O_RDWR | O_CREAT | O_EXCL, 0666);
197 if (lk->fd < 0) {
198 strbuf_reset(&lk->filename);
199 return -1;
200 }
201 lk->owner = getpid();
202 lk->active = 1;
203 if (adjust_shared_perm(lk->filename.buf)) {
204 int save_errno = errno;
205 error("cannot fix permission bits on %s", lk->filename.buf);
206 rollback_lock_file(lk);
207 errno = save_errno;
208 return -1;
209 }
210 return lk->fd;
211 }
212
213 static int sleep_microseconds(long us)
214 {
215 struct timeval tv;
216 tv.tv_sec = 0;
217 tv.tv_usec = us;
218 return select(0, NULL, NULL, NULL, &tv);
219 }
220
221 /*
222 * Constants defining the gaps between attempts to lock a file. The
223 * first backoff period is approximately INITIAL_BACKOFF_MS
224 * milliseconds. The longest backoff period is approximately
225 * (BACKOFF_MAX_MULTIPLIER * INITIAL_BACKOFF_MS) milliseconds.
226 */
227 #define INITIAL_BACKOFF_MS 1L
228 #define BACKOFF_MAX_MULTIPLIER 1000
229
230 /*
231 * Try locking path, retrying with quadratic backoff for at least
232 * timeout_ms milliseconds. If timeout_ms is 0, try locking the file
233 * exactly once. If timeout_ms is -1, try indefinitely.
234 */
235 static int lock_file_timeout(struct lock_file *lk, const char *path,
236 int flags, long timeout_ms)
237 {
238 int n = 1;
239 int multiplier = 1;
240 long remaining_us = 0;
241 static int random_initialized = 0;
242
243 if (timeout_ms == 0)
244 return lock_file(lk, path, flags);
245
246 if (!random_initialized) {
247 srandom((unsigned int)getpid());
248 random_initialized = 1;
249 }
250
251 if (timeout_ms > 0) {
252 /* avoid overflow */
253 if (timeout_ms <= LONG_MAX / 1000)
254 remaining_us = timeout_ms * 1000;
255 else
256 remaining_us = LONG_MAX;
257 }
258
259 while (1) {
260 long backoff_ms, wait_us;
261 int fd;
262
263 fd = lock_file(lk, path, flags);
264
265 if (fd >= 0)
266 return fd; /* success */
267 else if (errno != EEXIST)
268 return -1; /* failure other than lock held */
269 else if (timeout_ms > 0 && remaining_us <= 0)
270 return -1; /* failure due to timeout */
271
272 backoff_ms = multiplier * INITIAL_BACKOFF_MS;
273 /* back off for between 0.75*backoff_ms and 1.25*backoff_ms */
274 wait_us = (750 + random() % 500) * backoff_ms;
275 sleep_microseconds(wait_us);
276 remaining_us -= wait_us;
277
278 /* Recursion: (n+1)^2 = n^2 + 2n + 1 */
279 multiplier += 2*n + 1;
280 if (multiplier > BACKOFF_MAX_MULTIPLIER)
281 multiplier = BACKOFF_MAX_MULTIPLIER;
282 else
283 n++;
284 }
285 }
286
287 void unable_to_lock_message(const char *path, int err, struct strbuf *buf)
288 {
289 if (err == EEXIST) {
290 strbuf_addf(buf, "Unable to create '%s.lock': %s.\n\n"
291 "If no other git process is currently running, this probably means a\n"
292 "git process crashed in this repository earlier. Make sure no other git\n"
293 "process is running and remove the file manually to continue.",
294 absolute_path(path), strerror(err));
295 } else
296 strbuf_addf(buf, "Unable to create '%s.lock': %s",
297 absolute_path(path), strerror(err));
298 }
299
300 NORETURN void unable_to_lock_die(const char *path, int err)
301 {
302 struct strbuf buf = STRBUF_INIT;
303
304 unable_to_lock_message(path, err, &buf);
305 die("%s", buf.buf);
306 }
307
308 /* This should return a meaningful errno on failure */
309 int hold_lock_file_for_update_timeout(struct lock_file *lk, const char *path,
310 int flags, long timeout_ms)
311 {
312 int fd = lock_file_timeout(lk, path, flags, timeout_ms);
313 if (fd < 0 && (flags & LOCK_DIE_ON_ERROR))
314 unable_to_lock_die(path, errno);
315 return fd;
316 }
317
318 int hold_lock_file_for_append(struct lock_file *lk, const char *path, int flags)
319 {
320 int fd, orig_fd;
321
322 fd = lock_file(lk, path, flags);
323 if (fd < 0) {
324 if (flags & LOCK_DIE_ON_ERROR)
325 unable_to_lock_die(path, errno);
326 return fd;
327 }
328
329 orig_fd = open(path, O_RDONLY);
330 if (orig_fd < 0) {
331 if (errno != ENOENT) {
332 int save_errno = errno;
333
334 if (flags & LOCK_DIE_ON_ERROR)
335 die("cannot open '%s' for copying", path);
336 rollback_lock_file(lk);
337 error("cannot open '%s' for copying", path);
338 errno = save_errno;
339 return -1;
340 }
341 } else if (copy_fd(orig_fd, fd)) {
342 int save_errno = errno;
343
344 if (flags & LOCK_DIE_ON_ERROR)
345 die("failed to prepare '%s' for appending", path);
346 close(orig_fd);
347 rollback_lock_file(lk);
348 errno = save_errno;
349 return -1;
350 } else {
351 close(orig_fd);
352 }
353 return fd;
354 }
355
356 FILE *fdopen_lock_file(struct lock_file *lk, const char *mode)
357 {
358 if (!lk->active)
359 die("BUG: fdopen_lock_file() called for unlocked object");
360 if (lk->fp)
361 die("BUG: fdopen_lock_file() called twice for file '%s'", lk->filename.buf);
362
363 lk->fp = fdopen(lk->fd, mode);
364 return lk->fp;
365 }
366
367 const char *get_lock_file_path(struct lock_file *lk)
368 {
369 if (!lk->active)
370 die("BUG: get_lock_file_path() called for unlocked object");
371 return lk->filename.buf;
372 }
373
374 int get_lock_file_fd(struct lock_file *lk)
375 {
376 if (!lk->active)
377 die("BUG: get_lock_file_fd() called for unlocked object");
378 return lk->fd;
379 }
380
381 FILE *get_lock_file_fp(struct lock_file *lk)
382 {
383 if (!lk->active)
384 die("BUG: get_lock_file_fp() called for unlocked object");
385 return lk->fp;
386 }
387
388 char *get_locked_file_path(struct lock_file *lk)
389 {
390 if (!lk->active)
391 die("BUG: get_locked_file_path() called for unlocked object");
392 if (lk->filename.len <= LOCK_SUFFIX_LEN ||
393 strcmp(lk->filename.buf + lk->filename.len - LOCK_SUFFIX_LEN, LOCK_SUFFIX))
394 die("BUG: get_locked_file_path() called for malformed lock object");
395 /* remove ".lock": */
396 return xmemdupz(lk->filename.buf, lk->filename.len - LOCK_SUFFIX_LEN);
397 }
398
399 int close_lock_file(struct lock_file *lk)
400 {
401 int fd = lk->fd;
402 FILE *fp = lk->fp;
403 int err;
404
405 if (fd < 0)
406 return 0;
407
408 lk->fd = -1;
409 if (fp) {
410 lk->fp = NULL;
411
412 /*
413 * Note: no short-circuiting here; we want to fclose()
414 * in any case!
415 */
416 err = ferror(fp) | fclose(fp);
417 } else {
418 err = close(fd);
419 }
420
421 if (err) {
422 int save_errno = errno;
423 rollback_lock_file(lk);
424 errno = save_errno;
425 return -1;
426 }
427
428 return 0;
429 }
430
431 int reopen_lock_file(struct lock_file *lk)
432 {
433 if (0 <= lk->fd)
434 die(_("BUG: reopen a lockfile that is still open"));
435 if (!lk->active)
436 die(_("BUG: reopen a lockfile that has been committed"));
437 lk->fd = open(lk->filename.buf, O_WRONLY);
438 return lk->fd;
439 }
440
441 int commit_lock_file_to(struct lock_file *lk, const char *path)
442 {
443 if (!lk->active)
444 die("BUG: attempt to commit unlocked object to \"%s\"", path);
445
446 if (close_lock_file(lk))
447 return -1;
448
449 if (rename(lk->filename.buf, path)) {
450 int save_errno = errno;
451 rollback_lock_file(lk);
452 errno = save_errno;
453 return -1;
454 }
455
456 lk->active = 0;
457 strbuf_reset(&lk->filename);
458 return 0;
459 }
460
461 int commit_lock_file(struct lock_file *lk)
462 {
463 char *result_path = get_locked_file_path(lk);
464
465 if (commit_lock_file_to(lk, result_path)) {
466 int save_errno = errno;
467 free(result_path);
468 errno = save_errno;
469 return -1;
470 }
471 free(result_path);
472 return 0;
473 }
474
475 void rollback_lock_file(struct lock_file *lk)
476 {
477 if (!lk->active)
478 return;
479
480 if (!close_lock_file(lk)) {
481 unlink_or_warn(lk->filename.buf);
482 lk->active = 0;
483 strbuf_reset(&lk->filename);
484 }
485 }
The Best VCS Around