don't ever allow SHA1 collisions to exist by fetching a pack
[git/haiku.git] / read-cache.c
blob6339a278da1ae1b323b5abf7d2604c7afdfde4e4
1 /*
2 * GIT - The information manager from hell
4 * Copyright (C) Linus Torvalds, 2005
5 */
6 #include "cache.h"
7 #include "cache-tree.h"
9 /* Index extensions.
11 * The first letter should be 'A'..'Z' for extensions that are not
12 * necessary for a correct operation (i.e. optimization data).
13 * When new extensions are added that _needs_ to be understood in
14 * order to correctly interpret the index file, pick character that
15 * is outside the range, to cause the reader to abort.
18 #define CACHE_EXT(s) ( (s[0]<<24)|(s[1]<<16)|(s[2]<<8)|(s[3]) )
19 #define CACHE_EXT_TREE 0x54524545 /* "TREE" */
21 struct cache_entry **active_cache;
22 static time_t index_file_timestamp;
23 unsigned int active_nr, active_alloc, active_cache_changed;
25 struct cache_tree *active_cache_tree;
27 int cache_errno;
29 static void *cache_mmap;
30 static size_t cache_mmap_size;
33 * This only updates the "non-critical" parts of the directory
34 * cache, ie the parts that aren't tracked by GIT, and only used
35 * to validate the cache.
37 void fill_stat_cache_info(struct cache_entry *ce, struct stat *st)
39 ce->ce_ctime.sec = htonl(st->st_ctime);
40 ce->ce_mtime.sec = htonl(st->st_mtime);
41 #ifdef USE_NSEC
42 ce->ce_ctime.nsec = htonl(st->st_ctim.tv_nsec);
43 ce->ce_mtime.nsec = htonl(st->st_mtim.tv_nsec);
44 #endif
45 ce->ce_dev = htonl(st->st_dev);
46 ce->ce_ino = htonl(st->st_ino);
47 ce->ce_uid = htonl(st->st_uid);
48 ce->ce_gid = htonl(st->st_gid);
49 ce->ce_size = htonl(st->st_size);
51 if (assume_unchanged)
52 ce->ce_flags |= htons(CE_VALID);
55 static int ce_compare_data(struct cache_entry *ce, struct stat *st)
57 int match = -1;
58 int fd = open(ce->name, O_RDONLY);
60 if (fd >= 0) {
61 unsigned char sha1[20];
62 if (!index_fd(sha1, fd, st, 0, OBJ_BLOB, ce->name))
63 match = hashcmp(sha1, ce->sha1);
64 /* index_fd() closed the file descriptor already */
66 return match;
69 static int ce_compare_link(struct cache_entry *ce, size_t expected_size)
71 int match = -1;
72 char *target;
73 void *buffer;
74 unsigned long size;
75 enum object_type type;
76 int len;
78 target = xmalloc(expected_size);
79 len = readlink(ce->name, target, expected_size);
80 if (len != expected_size) {
81 free(target);
82 return -1;
84 buffer = read_sha1_file(ce->sha1, &type, &size);
85 if (!buffer) {
86 free(target);
87 return -1;
89 if (size == expected_size)
90 match = memcmp(buffer, target, size);
91 free(buffer);
92 free(target);
93 return match;
96 static int ce_modified_check_fs(struct cache_entry *ce, struct stat *st)
98 switch (st->st_mode & S_IFMT) {
99 case S_IFREG:
100 if (ce_compare_data(ce, st))
101 return DATA_CHANGED;
102 break;
103 case S_IFLNK:
104 if (ce_compare_link(ce, xsize_t(st->st_size)))
105 return DATA_CHANGED;
106 break;
107 default:
108 return TYPE_CHANGED;
110 return 0;
113 static int ce_match_stat_basic(struct cache_entry *ce, struct stat *st)
115 unsigned int changed = 0;
117 switch (ntohl(ce->ce_mode) & S_IFMT) {
118 case S_IFREG:
119 changed |= !S_ISREG(st->st_mode) ? TYPE_CHANGED : 0;
120 /* We consider only the owner x bit to be relevant for
121 * "mode changes"
123 if (trust_executable_bit &&
124 (0100 & (ntohl(ce->ce_mode) ^ st->st_mode)))
125 changed |= MODE_CHANGED;
126 break;
127 case S_IFLNK:
128 if (!S_ISLNK(st->st_mode) &&
129 (has_symlinks || !S_ISREG(st->st_mode)))
130 changed |= TYPE_CHANGED;
131 break;
132 default:
133 die("internal error: ce_mode is %o", ntohl(ce->ce_mode));
135 if (ce->ce_mtime.sec != htonl(st->st_mtime))
136 changed |= MTIME_CHANGED;
137 if (ce->ce_ctime.sec != htonl(st->st_ctime))
138 changed |= CTIME_CHANGED;
140 #ifdef USE_NSEC
142 * nsec seems unreliable - not all filesystems support it, so
143 * as long as it is in the inode cache you get right nsec
144 * but after it gets flushed, you get zero nsec.
146 if (ce->ce_mtime.nsec != htonl(st->st_mtim.tv_nsec))
147 changed |= MTIME_CHANGED;
148 if (ce->ce_ctime.nsec != htonl(st->st_ctim.tv_nsec))
149 changed |= CTIME_CHANGED;
150 #endif
152 if (ce->ce_uid != htonl(st->st_uid) ||
153 ce->ce_gid != htonl(st->st_gid))
154 changed |= OWNER_CHANGED;
155 if (ce->ce_ino != htonl(st->st_ino))
156 changed |= INODE_CHANGED;
158 #ifdef USE_STDEV
160 * st_dev breaks on network filesystems where different
161 * clients will have different views of what "device"
162 * the filesystem is on
164 if (ce->ce_dev != htonl(st->st_dev))
165 changed |= INODE_CHANGED;
166 #endif
168 if (ce->ce_size != htonl(st->st_size))
169 changed |= DATA_CHANGED;
171 return changed;
174 int ce_match_stat(struct cache_entry *ce, struct stat *st, int options)
176 unsigned int changed;
177 int ignore_valid = options & 01;
178 int assume_racy_is_modified = options & 02;
181 * If it's marked as always valid in the index, it's
182 * valid whatever the checked-out copy says.
184 if (!ignore_valid && (ce->ce_flags & htons(CE_VALID)))
185 return 0;
187 changed = ce_match_stat_basic(ce, st);
190 * Within 1 second of this sequence:
191 * echo xyzzy >file && git-update-index --add file
192 * running this command:
193 * echo frotz >file
194 * would give a falsely clean cache entry. The mtime and
195 * length match the cache, and other stat fields do not change.
197 * We could detect this at update-index time (the cache entry
198 * being registered/updated records the same time as "now")
199 * and delay the return from git-update-index, but that would
200 * effectively mean we can make at most one commit per second,
201 * which is not acceptable. Instead, we check cache entries
202 * whose mtime are the same as the index file timestamp more
203 * carefully than others.
205 if (!changed &&
206 index_file_timestamp &&
207 index_file_timestamp <= ntohl(ce->ce_mtime.sec)) {
208 if (assume_racy_is_modified)
209 changed |= DATA_CHANGED;
210 else
211 changed |= ce_modified_check_fs(ce, st);
214 return changed;
217 int ce_modified(struct cache_entry *ce, struct stat *st, int really)
219 int changed, changed_fs;
220 changed = ce_match_stat(ce, st, really);
221 if (!changed)
222 return 0;
224 * If the mode or type has changed, there's no point in trying
225 * to refresh the entry - it's not going to match
227 if (changed & (MODE_CHANGED | TYPE_CHANGED))
228 return changed;
230 /* Immediately after read-tree or update-index --cacheinfo,
231 * the length field is zero. For other cases the ce_size
232 * should match the SHA1 recorded in the index entry.
234 if ((changed & DATA_CHANGED) && ce->ce_size != htonl(0))
235 return changed;
237 changed_fs = ce_modified_check_fs(ce, st);
238 if (changed_fs)
239 return changed | changed_fs;
240 return 0;
243 int base_name_compare(const char *name1, int len1, int mode1,
244 const char *name2, int len2, int mode2)
246 unsigned char c1, c2;
247 int len = len1 < len2 ? len1 : len2;
248 int cmp;
250 cmp = memcmp(name1, name2, len);
251 if (cmp)
252 return cmp;
253 c1 = name1[len];
254 c2 = name2[len];
255 if (!c1 && S_ISDIR(mode1))
256 c1 = '/';
257 if (!c2 && S_ISDIR(mode2))
258 c2 = '/';
259 return (c1 < c2) ? -1 : (c1 > c2) ? 1 : 0;
262 int cache_name_compare(const char *name1, int flags1, const char *name2, int flags2)
264 int len1 = flags1 & CE_NAMEMASK;
265 int len2 = flags2 & CE_NAMEMASK;
266 int len = len1 < len2 ? len1 : len2;
267 int cmp;
269 cmp = memcmp(name1, name2, len);
270 if (cmp)
271 return cmp;
272 if (len1 < len2)
273 return -1;
274 if (len1 > len2)
275 return 1;
277 /* Compare stages */
278 flags1 &= CE_STAGEMASK;
279 flags2 &= CE_STAGEMASK;
281 if (flags1 < flags2)
282 return -1;
283 if (flags1 > flags2)
284 return 1;
285 return 0;
288 int cache_name_pos(const char *name, int namelen)
290 int first, last;
292 first = 0;
293 last = active_nr;
294 while (last > first) {
295 int next = (last + first) >> 1;
296 struct cache_entry *ce = active_cache[next];
297 int cmp = cache_name_compare(name, namelen, ce->name, ntohs(ce->ce_flags));
298 if (!cmp)
299 return next;
300 if (cmp < 0) {
301 last = next;
302 continue;
304 first = next+1;
306 return -first-1;
309 /* Remove entry, return true if there are more entries to go.. */
310 int remove_cache_entry_at(int pos)
312 active_cache_changed = 1;
313 active_nr--;
314 if (pos >= active_nr)
315 return 0;
316 memmove(active_cache + pos, active_cache + pos + 1, (active_nr - pos) * sizeof(struct cache_entry *));
317 return 1;
320 int remove_file_from_cache(const char *path)
322 int pos = cache_name_pos(path, strlen(path));
323 if (pos < 0)
324 pos = -pos-1;
325 while (pos < active_nr && !strcmp(active_cache[pos]->name, path))
326 remove_cache_entry_at(pos);
327 return 0;
330 int add_file_to_index(const char *path, int verbose)
332 int size, namelen;
333 struct stat st;
334 struct cache_entry *ce;
336 if (lstat(path, &st))
337 die("%s: unable to stat (%s)", path, strerror(errno));
339 if (!S_ISREG(st.st_mode) && !S_ISLNK(st.st_mode))
340 die("%s: can only add regular files or symbolic links", path);
342 namelen = strlen(path);
343 size = cache_entry_size(namelen);
344 ce = xcalloc(1, size);
345 memcpy(ce->name, path, namelen);
346 ce->ce_flags = htons(namelen);
347 fill_stat_cache_info(ce, &st);
349 if (trust_executable_bit && has_symlinks)
350 ce->ce_mode = create_ce_mode(st.st_mode);
351 else {
352 /* If there is an existing entry, pick the mode bits and type
353 * from it, otherwise assume unexecutable regular file.
355 struct cache_entry *ent;
356 int pos = cache_name_pos(path, namelen);
358 ent = (0 <= pos) ? active_cache[pos] : NULL;
359 ce->ce_mode = ce_mode_from_stat(ent, st.st_mode);
362 if (index_path(ce->sha1, path, &st, 1))
363 die("unable to index file %s", path);
364 if (add_cache_entry(ce, ADD_CACHE_OK_TO_ADD|ADD_CACHE_OK_TO_REPLACE))
365 die("unable to add %s to index",path);
366 if (verbose)
367 printf("add '%s'\n", path);
368 cache_tree_invalidate_path(active_cache_tree, path);
369 return 0;
372 int ce_same_name(struct cache_entry *a, struct cache_entry *b)
374 int len = ce_namelen(a);
375 return ce_namelen(b) == len && !memcmp(a->name, b->name, len);
378 int ce_path_match(const struct cache_entry *ce, const char **pathspec)
380 const char *match, *name;
381 int len;
383 if (!pathspec)
384 return 1;
386 len = ce_namelen(ce);
387 name = ce->name;
388 while ((match = *pathspec++) != NULL) {
389 int matchlen = strlen(match);
390 if (matchlen > len)
391 continue;
392 if (memcmp(name, match, matchlen))
393 continue;
394 if (matchlen && name[matchlen-1] == '/')
395 return 1;
396 if (name[matchlen] == '/' || !name[matchlen])
397 return 1;
398 if (!matchlen)
399 return 1;
401 return 0;
405 * We fundamentally don't like some paths: we don't want
406 * dot or dot-dot anywhere, and for obvious reasons don't
407 * want to recurse into ".git" either.
409 * Also, we don't want double slashes or slashes at the
410 * end that can make pathnames ambiguous.
412 static int verify_dotfile(const char *rest)
415 * The first character was '.', but that
416 * has already been discarded, we now test
417 * the rest.
419 switch (*rest) {
420 /* "." is not allowed */
421 case '\0': case '/':
422 return 0;
425 * ".git" followed by NUL or slash is bad. This
426 * shares the path end test with the ".." case.
428 case 'g':
429 if (rest[1] != 'i')
430 break;
431 if (rest[2] != 't')
432 break;
433 rest += 2;
434 /* fallthrough */
435 case '.':
436 if (rest[1] == '\0' || rest[1] == '/')
437 return 0;
439 return 1;
442 int verify_path(const char *path)
444 char c;
446 goto inside;
447 for (;;) {
448 if (!c)
449 return 1;
450 if (c == '/') {
451 inside:
452 c = *path++;
453 switch (c) {
454 default:
455 continue;
456 case '/': case '\0':
457 break;
458 case '.':
459 if (verify_dotfile(path))
460 continue;
462 return 0;
464 c = *path++;
469 * Do we have another file that has the beginning components being a
470 * proper superset of the name we're trying to add?
472 static int has_file_name(const struct cache_entry *ce, int pos, int ok_to_replace)
474 int retval = 0;
475 int len = ce_namelen(ce);
476 int stage = ce_stage(ce);
477 const char *name = ce->name;
479 while (pos < active_nr) {
480 struct cache_entry *p = active_cache[pos++];
482 if (len >= ce_namelen(p))
483 break;
484 if (memcmp(name, p->name, len))
485 break;
486 if (ce_stage(p) != stage)
487 continue;
488 if (p->name[len] != '/')
489 continue;
490 retval = -1;
491 if (!ok_to_replace)
492 break;
493 remove_cache_entry_at(--pos);
495 return retval;
499 * Do we have another file with a pathname that is a proper
500 * subset of the name we're trying to add?
502 static int has_dir_name(const struct cache_entry *ce, int pos, int ok_to_replace)
504 int retval = 0;
505 int stage = ce_stage(ce);
506 const char *name = ce->name;
507 const char *slash = name + ce_namelen(ce);
509 for (;;) {
510 int len;
512 for (;;) {
513 if (*--slash == '/')
514 break;
515 if (slash <= ce->name)
516 return retval;
518 len = slash - name;
520 pos = cache_name_pos(name, ntohs(create_ce_flags(len, stage)));
521 if (pos >= 0) {
522 retval = -1;
523 if (!ok_to_replace)
524 break;
525 remove_cache_entry_at(pos);
526 continue;
530 * Trivial optimization: if we find an entry that
531 * already matches the sub-directory, then we know
532 * we're ok, and we can exit.
534 pos = -pos-1;
535 while (pos < active_nr) {
536 struct cache_entry *p = active_cache[pos];
537 if ((ce_namelen(p) <= len) ||
538 (p->name[len] != '/') ||
539 memcmp(p->name, name, len))
540 break; /* not our subdirectory */
541 if (ce_stage(p) == stage)
542 /* p is at the same stage as our entry, and
543 * is a subdirectory of what we are looking
544 * at, so we cannot have conflicts at our
545 * level or anything shorter.
547 return retval;
548 pos++;
551 return retval;
554 /* We may be in a situation where we already have path/file and path
555 * is being added, or we already have path and path/file is being
556 * added. Either one would result in a nonsense tree that has path
557 * twice when git-write-tree tries to write it out. Prevent it.
559 * If ok-to-replace is specified, we remove the conflicting entries
560 * from the cache so the caller should recompute the insert position.
561 * When this happens, we return non-zero.
563 static int check_file_directory_conflict(const struct cache_entry *ce, int pos, int ok_to_replace)
566 * We check if the path is a sub-path of a subsequent pathname
567 * first, since removing those will not change the position
568 * in the array
570 int retval = has_file_name(ce, pos, ok_to_replace);
572 * Then check if the path might have a clashing sub-directory
573 * before it.
575 return retval + has_dir_name(ce, pos, ok_to_replace);
578 int add_cache_entry(struct cache_entry *ce, int option)
580 int pos;
581 int ok_to_add = option & ADD_CACHE_OK_TO_ADD;
582 int ok_to_replace = option & ADD_CACHE_OK_TO_REPLACE;
583 int skip_df_check = option & ADD_CACHE_SKIP_DFCHECK;
585 pos = cache_name_pos(ce->name, ntohs(ce->ce_flags));
587 /* existing match? Just replace it. */
588 if (pos >= 0) {
589 active_cache_changed = 1;
590 active_cache[pos] = ce;
591 return 0;
593 pos = -pos-1;
596 * Inserting a merged entry ("stage 0") into the index
597 * will always replace all non-merged entries..
599 if (pos < active_nr && ce_stage(ce) == 0) {
600 while (ce_same_name(active_cache[pos], ce)) {
601 ok_to_add = 1;
602 if (!remove_cache_entry_at(pos))
603 break;
607 if (!ok_to_add)
608 return -1;
609 if (!verify_path(ce->name))
610 return -1;
612 if (!skip_df_check &&
613 check_file_directory_conflict(ce, pos, ok_to_replace)) {
614 if (!ok_to_replace)
615 return error("'%s' appears as both a file and as a directory", ce->name);
616 pos = cache_name_pos(ce->name, ntohs(ce->ce_flags));
617 pos = -pos-1;
620 /* Make sure the array is big enough .. */
621 if (active_nr == active_alloc) {
622 active_alloc = alloc_nr(active_alloc);
623 active_cache = xrealloc(active_cache, active_alloc * sizeof(struct cache_entry *));
626 /* Add it in.. */
627 active_nr++;
628 if (active_nr > pos)
629 memmove(active_cache + pos + 1, active_cache + pos, (active_nr - pos - 1) * sizeof(ce));
630 active_cache[pos] = ce;
631 active_cache_changed = 1;
632 return 0;
636 * "refresh" does not calculate a new sha1 file or bring the
637 * cache up-to-date for mode/content changes. But what it
638 * _does_ do is to "re-match" the stat information of a file
639 * with the cache, so that you can refresh the cache for a
640 * file that hasn't been changed but where the stat entry is
641 * out of date.
643 * For example, you'd want to do this after doing a "git-read-tree",
644 * to link up the stat cache details with the proper files.
646 struct cache_entry *refresh_cache_entry(struct cache_entry *ce, int really)
648 struct stat st;
649 struct cache_entry *updated;
650 int changed, size;
652 if (lstat(ce->name, &st) < 0) {
653 cache_errno = errno;
654 return NULL;
657 changed = ce_match_stat(ce, &st, really);
658 if (!changed) {
659 if (really && assume_unchanged &&
660 !(ce->ce_flags & htons(CE_VALID)))
661 ; /* mark this one VALID again */
662 else
663 return ce;
666 if (ce_modified(ce, &st, really)) {
667 cache_errno = EINVAL;
668 return NULL;
671 size = ce_size(ce);
672 updated = xmalloc(size);
673 memcpy(updated, ce, size);
674 fill_stat_cache_info(updated, &st);
676 /* In this case, if really is not set, we should leave
677 * CE_VALID bit alone. Otherwise, paths marked with
678 * --no-assume-unchanged (i.e. things to be edited) will
679 * reacquire CE_VALID bit automatically, which is not
680 * really what we want.
682 if (!really && assume_unchanged && !(ce->ce_flags & htons(CE_VALID)))
683 updated->ce_flags &= ~htons(CE_VALID);
685 return updated;
688 int refresh_cache(unsigned int flags)
690 int i;
691 int has_errors = 0;
692 int really = (flags & REFRESH_REALLY) != 0;
693 int allow_unmerged = (flags & REFRESH_UNMERGED) != 0;
694 int quiet = (flags & REFRESH_QUIET) != 0;
695 int not_new = (flags & REFRESH_IGNORE_MISSING) != 0;
697 for (i = 0; i < active_nr; i++) {
698 struct cache_entry *ce, *new;
699 ce = active_cache[i];
700 if (ce_stage(ce)) {
701 while ((i < active_nr) &&
702 ! strcmp(active_cache[i]->name, ce->name))
703 i++;
704 i--;
705 if (allow_unmerged)
706 continue;
707 printf("%s: needs merge\n", ce->name);
708 has_errors = 1;
709 continue;
712 new = refresh_cache_entry(ce, really);
713 if (new == ce)
714 continue;
715 if (!new) {
716 if (not_new && cache_errno == ENOENT)
717 continue;
718 if (really && cache_errno == EINVAL) {
719 /* If we are doing --really-refresh that
720 * means the index is not valid anymore.
722 ce->ce_flags &= ~htons(CE_VALID);
723 active_cache_changed = 1;
725 if (quiet)
726 continue;
727 printf("%s: needs update\n", ce->name);
728 has_errors = 1;
729 continue;
731 active_cache_changed = 1;
732 /* You can NOT just free active_cache[i] here, since it
733 * might not be necessarily malloc()ed but can also come
734 * from mmap(). */
735 active_cache[i] = new;
737 return has_errors;
740 static int verify_hdr(struct cache_header *hdr, unsigned long size)
742 SHA_CTX c;
743 unsigned char sha1[20];
745 if (hdr->hdr_signature != htonl(CACHE_SIGNATURE))
746 return error("bad signature");
747 if (hdr->hdr_version != htonl(2))
748 return error("bad index version");
749 SHA1_Init(&c);
750 SHA1_Update(&c, hdr, size - 20);
751 SHA1_Final(sha1, &c);
752 if (hashcmp(sha1, (unsigned char *)hdr + size - 20))
753 return error("bad index file sha1 signature");
754 return 0;
757 static int read_index_extension(const char *ext, void *data, unsigned long sz)
759 switch (CACHE_EXT(ext)) {
760 case CACHE_EXT_TREE:
761 active_cache_tree = cache_tree_read(data, sz);
762 break;
763 default:
764 if (*ext < 'A' || 'Z' < *ext)
765 return error("index uses %.4s extension, which we do not understand",
766 ext);
767 fprintf(stderr, "ignoring %.4s extension\n", ext);
768 break;
770 return 0;
773 int read_cache(void)
775 return read_cache_from(get_index_file());
778 /* remember to discard_cache() before reading a different cache! */
779 int read_cache_from(const char *path)
781 int fd, i;
782 struct stat st;
783 unsigned long offset;
784 struct cache_header *hdr;
786 errno = EBUSY;
787 if (cache_mmap)
788 return active_nr;
790 errno = ENOENT;
791 index_file_timestamp = 0;
792 fd = open(path, O_RDONLY);
793 if (fd < 0) {
794 if (errno == ENOENT)
795 return 0;
796 die("index file open failed (%s)", strerror(errno));
799 if (!fstat(fd, &st)) {
800 cache_mmap_size = xsize_t(st.st_size);
801 errno = EINVAL;
802 if (cache_mmap_size >= sizeof(struct cache_header) + 20)
803 cache_mmap = xmmap(NULL, cache_mmap_size, PROT_READ | PROT_WRITE, MAP_PRIVATE, fd, 0);
804 else
805 die("index file smaller than expected");
806 } else
807 die("cannot stat the open index (%s)", strerror(errno));
808 close(fd);
810 hdr = cache_mmap;
811 if (verify_hdr(hdr, cache_mmap_size) < 0)
812 goto unmap;
814 active_nr = ntohl(hdr->hdr_entries);
815 active_alloc = alloc_nr(active_nr);
816 active_cache = xcalloc(active_alloc, sizeof(struct cache_entry *));
818 offset = sizeof(*hdr);
819 for (i = 0; i < active_nr; i++) {
820 struct cache_entry *ce = (struct cache_entry *) ((char *) cache_mmap + offset);
821 offset = offset + ce_size(ce);
822 active_cache[i] = ce;
824 index_file_timestamp = st.st_mtime;
825 while (offset <= cache_mmap_size - 20 - 8) {
826 /* After an array of active_nr index entries,
827 * there can be arbitrary number of extended
828 * sections, each of which is prefixed with
829 * extension name (4-byte) and section length
830 * in 4-byte network byte order.
832 unsigned long extsize;
833 memcpy(&extsize, (char *) cache_mmap + offset + 4, 4);
834 extsize = ntohl(extsize);
835 if (read_index_extension(((const char *) cache_mmap) + offset,
836 (char *) cache_mmap + offset + 8,
837 extsize) < 0)
838 goto unmap;
839 offset += 8;
840 offset += extsize;
842 return active_nr;
844 unmap:
845 munmap(cache_mmap, cache_mmap_size);
846 errno = EINVAL;
847 die("index file corrupt");
850 int discard_cache(void)
852 int ret;
854 active_nr = active_cache_changed = 0;
855 index_file_timestamp = 0;
856 cache_tree_free(&active_cache_tree);
857 if (cache_mmap == NULL)
858 return 0;
859 ret = munmap(cache_mmap, cache_mmap_size);
860 cache_mmap = NULL;
861 cache_mmap_size = 0;
863 /* no need to throw away allocated active_cache */
864 return ret;
867 #define WRITE_BUFFER_SIZE 8192
868 static unsigned char write_buffer[WRITE_BUFFER_SIZE];
869 static unsigned long write_buffer_len;
871 static int ce_write_flush(SHA_CTX *context, int fd)
873 unsigned int buffered = write_buffer_len;
874 if (buffered) {
875 SHA1_Update(context, write_buffer, buffered);
876 if (write_in_full(fd, write_buffer, buffered) != buffered)
877 return -1;
878 write_buffer_len = 0;
880 return 0;
883 static int ce_write(SHA_CTX *context, int fd, void *data, unsigned int len)
885 while (len) {
886 unsigned int buffered = write_buffer_len;
887 unsigned int partial = WRITE_BUFFER_SIZE - buffered;
888 if (partial > len)
889 partial = len;
890 memcpy(write_buffer + buffered, data, partial);
891 buffered += partial;
892 if (buffered == WRITE_BUFFER_SIZE) {
893 write_buffer_len = buffered;
894 if (ce_write_flush(context, fd))
895 return -1;
896 buffered = 0;
898 write_buffer_len = buffered;
899 len -= partial;
900 data = (char *) data + partial;
902 return 0;
905 static int write_index_ext_header(SHA_CTX *context, int fd,
906 unsigned int ext, unsigned int sz)
908 ext = htonl(ext);
909 sz = htonl(sz);
910 return ((ce_write(context, fd, &ext, 4) < 0) ||
911 (ce_write(context, fd, &sz, 4) < 0)) ? -1 : 0;
914 static int ce_flush(SHA_CTX *context, int fd)
916 unsigned int left = write_buffer_len;
918 if (left) {
919 write_buffer_len = 0;
920 SHA1_Update(context, write_buffer, left);
923 /* Flush first if not enough space for SHA1 signature */
924 if (left + 20 > WRITE_BUFFER_SIZE) {
925 if (write_in_full(fd, write_buffer, left) != left)
926 return -1;
927 left = 0;
930 /* Append the SHA1 signature at the end */
931 SHA1_Final(write_buffer + left, context);
932 left += 20;
933 return (write_in_full(fd, write_buffer, left) != left) ? -1 : 0;
936 static void ce_smudge_racily_clean_entry(struct cache_entry *ce)
939 * The only thing we care about in this function is to smudge the
940 * falsely clean entry due to touch-update-touch race, so we leave
941 * everything else as they are. We are called for entries whose
942 * ce_mtime match the index file mtime.
944 struct stat st;
946 if (lstat(ce->name, &st) < 0)
947 return;
948 if (ce_match_stat_basic(ce, &st))
949 return;
950 if (ce_modified_check_fs(ce, &st)) {
951 /* This is "racily clean"; smudge it. Note that this
952 * is a tricky code. At first glance, it may appear
953 * that it can break with this sequence:
955 * $ echo xyzzy >frotz
956 * $ git-update-index --add frotz
957 * $ : >frotz
958 * $ sleep 3
959 * $ echo filfre >nitfol
960 * $ git-update-index --add nitfol
962 * but it does not. When the second update-index runs,
963 * it notices that the entry "frotz" has the same timestamp
964 * as index, and if we were to smudge it by resetting its
965 * size to zero here, then the object name recorded
966 * in index is the 6-byte file but the cached stat information
967 * becomes zero --- which would then match what we would
968 * obtain from the filesystem next time we stat("frotz").
970 * However, the second update-index, before calling
971 * this function, notices that the cached size is 6
972 * bytes and what is on the filesystem is an empty
973 * file, and never calls us, so the cached size information
974 * for "frotz" stays 6 which does not match the filesystem.
976 ce->ce_size = htonl(0);
980 int write_cache(int newfd, struct cache_entry **cache, int entries)
982 SHA_CTX c;
983 struct cache_header hdr;
984 int i, removed;
986 for (i = removed = 0; i < entries; i++)
987 if (!cache[i]->ce_mode)
988 removed++;
990 hdr.hdr_signature = htonl(CACHE_SIGNATURE);
991 hdr.hdr_version = htonl(2);
992 hdr.hdr_entries = htonl(entries - removed);
994 SHA1_Init(&c);
995 if (ce_write(&c, newfd, &hdr, sizeof(hdr)) < 0)
996 return -1;
998 for (i = 0; i < entries; i++) {
999 struct cache_entry *ce = cache[i];
1000 if (!ce->ce_mode)
1001 continue;
1002 if (index_file_timestamp &&
1003 index_file_timestamp <= ntohl(ce->ce_mtime.sec))
1004 ce_smudge_racily_clean_entry(ce);
1005 if (ce_write(&c, newfd, ce, ce_size(ce)) < 0)
1006 return -1;
1009 /* Write extension data here */
1010 if (active_cache_tree) {
1011 unsigned long sz;
1012 void *data = cache_tree_write(active_cache_tree, &sz);
1013 if (data &&
1014 !write_index_ext_header(&c, newfd, CACHE_EXT_TREE, sz) &&
1015 !ce_write(&c, newfd, data, sz))
1016 free(data);
1017 else {
1018 free(data);
1019 return -1;
1022 return ce_flush(&c, newfd);