read-cache.con commit branch: fix segfault when resolving an invalid HEAD (078f838)
   1/*
   2 * GIT - The information manager from hell
   3 *
   4 * Copyright (C) Linus Torvalds, 2005
   5 */
   6#include "cache.h"
   7#include "cache-tree.h"
   8
   9/* Index extensions.
  10 *
  11 * The first letter should be 'A'..'Z' for extensions that are not
  12 * necessary for a correct operation (i.e. optimization data).
  13 * When new extensions are added that _needs_ to be understood in
  14 * order to correctly interpret the index file, pick character that
  15 * is outside the range, to cause the reader to abort.
  16 */
  17
  18#define CACHE_EXT(s) ( (s[0]<<24)|(s[1]<<16)|(s[2]<<8)|(s[3]) )
  19#define CACHE_EXT_TREE 0x54524545       /* "TREE" */
  20
  21struct cache_entry **active_cache;
  22static time_t index_file_timestamp;
  23unsigned int active_nr, active_alloc, active_cache_changed;
  24
  25struct cache_tree *active_cache_tree;
  26
  27int cache_errno;
  28
  29static void *cache_mmap;
  30static size_t cache_mmap_size;
  31
  32/*
  33 * This only updates the "non-critical" parts of the directory
  34 * cache, ie the parts that aren't tracked by GIT, and only used
  35 * to validate the cache.
  36 */
  37void fill_stat_cache_info(struct cache_entry *ce, struct stat *st)
  38{
  39        ce->ce_ctime.sec = htonl(st->st_ctime);
  40        ce->ce_mtime.sec = htonl(st->st_mtime);
  41#ifdef USE_NSEC
  42        ce->ce_ctime.nsec = htonl(st->st_ctim.tv_nsec);
  43        ce->ce_mtime.nsec = htonl(st->st_mtim.tv_nsec);
  44#endif
  45        ce->ce_dev = htonl(st->st_dev);
  46        ce->ce_ino = htonl(st->st_ino);
  47        ce->ce_uid = htonl(st->st_uid);
  48        ce->ce_gid = htonl(st->st_gid);
  49        ce->ce_size = htonl(st->st_size);
  50
  51        if (assume_unchanged)
  52                ce->ce_flags |= htons(CE_VALID);
  53}
  54
  55static int ce_compare_data(struct cache_entry *ce, struct stat *st)
  56{
  57        int match = -1;
  58        int fd = open(ce->name, O_RDONLY);
  59
  60        if (fd >= 0) {
  61                unsigned char sha1[20];
  62                if (!index_fd(sha1, fd, st, 0, OBJ_BLOB, ce->name))
  63                        match = hashcmp(sha1, ce->sha1);
  64                /* index_fd() closed the file descriptor already */
  65        }
  66        return match;
  67}
  68
  69static int ce_compare_link(struct cache_entry *ce, size_t expected_size)
  70{
  71        int match = -1;
  72        char *target;
  73        void *buffer;
  74        unsigned long size;
  75        enum object_type type;
  76        int len;
  77
  78        target = xmalloc(expected_size);
  79        len = readlink(ce->name, target, expected_size);
  80        if (len != expected_size) {
  81                free(target);
  82                return -1;
  83        }
  84        buffer = read_sha1_file(ce->sha1, &type, &size);
  85        if (!buffer) {
  86                free(target);
  87                return -1;
  88        }
  89        if (size == expected_size)
  90                match = memcmp(buffer, target, size);
  91        free(buffer);
  92        free(target);
  93        return match;
  94}
  95
  96static int ce_modified_check_fs(struct cache_entry *ce, struct stat *st)
  97{
  98        switch (st->st_mode & S_IFMT) {
  99        case S_IFREG:
 100                if (ce_compare_data(ce, st))
 101                        return DATA_CHANGED;
 102                break;
 103        case S_IFLNK:
 104                if (ce_compare_link(ce, xsize_t(st->st_size)))
 105                        return DATA_CHANGED;
 106                break;
 107        default:
 108                return TYPE_CHANGED;
 109        }
 110        return 0;
 111}
 112
 113static int ce_match_stat_basic(struct cache_entry *ce, struct stat *st)
 114{
 115        unsigned int changed = 0;
 116
 117        switch (ntohl(ce->ce_mode) & S_IFMT) {
 118        case S_IFREG:
 119                changed |= !S_ISREG(st->st_mode) ? TYPE_CHANGED : 0;
 120                /* We consider only the owner x bit to be relevant for
 121                 * "mode changes"
 122                 */
 123                if (trust_executable_bit &&
 124                    (0100 & (ntohl(ce->ce_mode) ^ st->st_mode)))
 125                        changed |= MODE_CHANGED;
 126                break;
 127        case S_IFLNK:
 128                if (!S_ISLNK(st->st_mode) &&
 129                    (has_symlinks || !S_ISREG(st->st_mode)))
 130                        changed |= TYPE_CHANGED;
 131                break;
 132        default:
 133                die("internal error: ce_mode is %o", ntohl(ce->ce_mode));
 134        }
 135        if (ce->ce_mtime.sec != htonl(st->st_mtime))
 136                changed |= MTIME_CHANGED;
 137        if (ce->ce_ctime.sec != htonl(st->st_ctime))
 138                changed |= CTIME_CHANGED;
 139
 140#ifdef USE_NSEC
 141        /*
 142         * nsec seems unreliable - not all filesystems support it, so
 143         * as long as it is in the inode cache you get right nsec
 144         * but after it gets flushed, you get zero nsec.
 145         */
 146        if (ce->ce_mtime.nsec != htonl(st->st_mtim.tv_nsec))
 147                changed |= MTIME_CHANGED;
 148        if (ce->ce_ctime.nsec != htonl(st->st_ctim.tv_nsec))
 149                changed |= CTIME_CHANGED;
 150#endif  
 151
 152        if (ce->ce_uid != htonl(st->st_uid) ||
 153            ce->ce_gid != htonl(st->st_gid))
 154                changed |= OWNER_CHANGED;
 155        if (ce->ce_ino != htonl(st->st_ino))
 156                changed |= INODE_CHANGED;
 157
 158#ifdef USE_STDEV
 159        /*
 160         * st_dev breaks on network filesystems where different
 161         * clients will have different views of what "device"
 162         * the filesystem is on
 163         */
 164        if (ce->ce_dev != htonl(st->st_dev))
 165                changed |= INODE_CHANGED;
 166#endif
 167
 168        if (ce->ce_size != htonl(st->st_size))
 169                changed |= DATA_CHANGED;
 170
 171        return changed;
 172}
 173
 174int ce_match_stat(struct cache_entry *ce, struct stat *st, int options)
 175{
 176        unsigned int changed;
 177        int ignore_valid = options & 01;
 178        int assume_racy_is_modified = options & 02;
 179
 180        /*
 181         * If it's marked as always valid in the index, it's
 182         * valid whatever the checked-out copy says.
 183         */
 184        if (!ignore_valid && (ce->ce_flags & htons(CE_VALID)))
 185                return 0;
 186
 187        changed = ce_match_stat_basic(ce, st);
 188
 189        /*
 190         * Within 1 second of this sequence:
 191         *      echo xyzzy >file && git-update-index --add file
 192         * running this command:
 193         *      echo frotz >file
 194         * would give a falsely clean cache entry.  The mtime and
 195         * length match the cache, and other stat fields do not change.
 196         *
 197         * We could detect this at update-index time (the cache entry
 198         * being registered/updated records the same time as "now")
 199         * and delay the return from git-update-index, but that would
 200         * effectively mean we can make at most one commit per second,
 201         * which is not acceptable.  Instead, we check cache entries
 202         * whose mtime are the same as the index file timestamp more
 203         * carefully than others.
 204         */
 205        if (!changed &&
 206            index_file_timestamp &&
 207            index_file_timestamp <= ntohl(ce->ce_mtime.sec)) {
 208                if (assume_racy_is_modified)
 209                        changed |= DATA_CHANGED;
 210                else
 211                        changed |= ce_modified_check_fs(ce, st);
 212        }
 213
 214        return changed;
 215}
 216
 217int ce_modified(struct cache_entry *ce, struct stat *st, int really)
 218{
 219        int changed, changed_fs;
 220        changed = ce_match_stat(ce, st, really);
 221        if (!changed)
 222                return 0;
 223        /*
 224         * If the mode or type has changed, there's no point in trying
 225         * to refresh the entry - it's not going to match
 226         */
 227        if (changed & (MODE_CHANGED | TYPE_CHANGED))
 228                return changed;
 229
 230        /* Immediately after read-tree or update-index --cacheinfo,
 231         * the length field is zero.  For other cases the ce_size
 232         * should match the SHA1 recorded in the index entry.
 233         */
 234        if ((changed & DATA_CHANGED) && ce->ce_size != htonl(0))
 235                return changed;
 236
 237        changed_fs = ce_modified_check_fs(ce, st);
 238        if (changed_fs)
 239                return changed | changed_fs;
 240        return 0;
 241}
 242
 243int base_name_compare(const char *name1, int len1, int mode1,
 244                      const char *name2, int len2, int mode2)
 245{
 246        unsigned char c1, c2;
 247        int len = len1 < len2 ? len1 : len2;
 248        int cmp;
 249
 250        cmp = memcmp(name1, name2, len);
 251        if (cmp)
 252                return cmp;
 253        c1 = name1[len];
 254        c2 = name2[len];
 255        if (!c1 && S_ISDIR(mode1))
 256                c1 = '/';
 257        if (!c2 && S_ISDIR(mode2))
 258                c2 = '/';
 259        return (c1 < c2) ? -1 : (c1 > c2) ? 1 : 0;
 260}
 261
 262int cache_name_compare(const char *name1, int flags1, const char *name2, int flags2)
 263{
 264        int len1 = flags1 & CE_NAMEMASK;
 265        int len2 = flags2 & CE_NAMEMASK;
 266        int len = len1 < len2 ? len1 : len2;
 267        int cmp;
 268
 269        cmp = memcmp(name1, name2, len);
 270        if (cmp)
 271                return cmp;
 272        if (len1 < len2)
 273                return -1;
 274        if (len1 > len2)
 275                return 1;
 276
 277        /* Compare stages  */
 278        flags1 &= CE_STAGEMASK;
 279        flags2 &= CE_STAGEMASK;
 280
 281        if (flags1 < flags2)
 282                return -1;
 283        if (flags1 > flags2)
 284                return 1;
 285        return 0;
 286}
 287
 288int cache_name_pos(const char *name, int namelen)
 289{
 290        int first, last;
 291
 292        first = 0;
 293        last = active_nr;
 294        while (last > first) {
 295                int next = (last + first) >> 1;
 296                struct cache_entry *ce = active_cache[next];
 297                int cmp = cache_name_compare(name, namelen, ce->name, ntohs(ce->ce_flags));
 298                if (!cmp)
 299                        return next;
 300                if (cmp < 0) {
 301                        last = next;
 302                        continue;
 303                }
 304                first = next+1;
 305        }
 306        return -first-1;
 307}
 308
 309/* Remove entry, return true if there are more entries to go.. */
 310int remove_cache_entry_at(int pos)
 311{
 312        active_cache_changed = 1;
 313        active_nr--;
 314        if (pos >= active_nr)
 315                return 0;
 316        memmove(active_cache + pos, active_cache + pos + 1, (active_nr - pos) * sizeof(struct cache_entry *));
 317        return 1;
 318}
 319
 320int remove_file_from_cache(const char *path)
 321{
 322        int pos = cache_name_pos(path, strlen(path));
 323        if (pos < 0)
 324                pos = -pos-1;
 325        while (pos < active_nr && !strcmp(active_cache[pos]->name, path))
 326                remove_cache_entry_at(pos);
 327        return 0;
 328}
 329
 330int add_file_to_index(const char *path, int verbose)
 331{
 332        int size, namelen;
 333        struct stat st;
 334        struct cache_entry *ce;
 335
 336        if (lstat(path, &st))
 337                die("%s: unable to stat (%s)", path, strerror(errno));
 338
 339        if (!S_ISREG(st.st_mode) && !S_ISLNK(st.st_mode))
 340                die("%s: can only add regular files or symbolic links", path);
 341
 342        namelen = strlen(path);
 343        size = cache_entry_size(namelen);
 344        ce = xcalloc(1, size);
 345        memcpy(ce->name, path, namelen);
 346        ce->ce_flags = htons(namelen);
 347        fill_stat_cache_info(ce, &st);
 348
 349        if (trust_executable_bit && has_symlinks)
 350                ce->ce_mode = create_ce_mode(st.st_mode);
 351        else {
 352                /* If there is an existing entry, pick the mode bits and type
 353                 * from it, otherwise assume unexecutable regular file.
 354                 */
 355                struct cache_entry *ent;
 356                int pos = cache_name_pos(path, namelen);
 357
 358                ent = (0 <= pos) ? active_cache[pos] : NULL;
 359                ce->ce_mode = ce_mode_from_stat(ent, st.st_mode);
 360        }
 361
 362        if (index_path(ce->sha1, path, &st, 1))
 363                die("unable to index file %s", path);
 364        if (add_cache_entry(ce, ADD_CACHE_OK_TO_ADD|ADD_CACHE_OK_TO_REPLACE))
 365                die("unable to add %s to index",path);
 366        if (verbose)
 367                printf("add '%s'\n", path);
 368        cache_tree_invalidate_path(active_cache_tree, path);
 369        return 0;
 370}
 371
 372int ce_same_name(struct cache_entry *a, struct cache_entry *b)
 373{
 374        int len = ce_namelen(a);
 375        return ce_namelen(b) == len && !memcmp(a->name, b->name, len);
 376}
 377
 378int ce_path_match(const struct cache_entry *ce, const char **pathspec)
 379{
 380        const char *match, *name;
 381        int len;
 382
 383        if (!pathspec)
 384                return 1;
 385
 386        len = ce_namelen(ce);
 387        name = ce->name;
 388        while ((match = *pathspec++) != NULL) {
 389                int matchlen = strlen(match);
 390                if (matchlen > len)
 391                        continue;
 392                if (memcmp(name, match, matchlen))
 393                        continue;
 394                if (matchlen && name[matchlen-1] == '/')
 395                        return 1;
 396                if (name[matchlen] == '/' || !name[matchlen])
 397                        return 1;
 398                if (!matchlen)
 399                        return 1;
 400        }
 401        return 0;
 402}
 403
 404/*
 405 * We fundamentally don't like some paths: we don't want
 406 * dot or dot-dot anywhere, and for obvious reasons don't
 407 * want to recurse into ".git" either.
 408 *
 409 * Also, we don't want double slashes or slashes at the
 410 * end that can make pathnames ambiguous.
 411 */
 412static int verify_dotfile(const char *rest)
 413{
 414        /*
 415         * The first character was '.', but that
 416         * has already been discarded, we now test
 417         * the rest.
 418         */
 419        switch (*rest) {
 420        /* "." is not allowed */
 421        case '\0': case '/':
 422                return 0;
 423
 424        /*
 425         * ".git" followed by  NUL or slash is bad. This
 426         * shares the path end test with the ".." case.
 427         */
 428        case 'g':
 429                if (rest[1] != 'i')
 430                        break;
 431                if (rest[2] != 't')
 432                        break;
 433                rest += 2;
 434        /* fallthrough */
 435        case '.':
 436                if (rest[1] == '\0' || rest[1] == '/')
 437                        return 0;
 438        }
 439        return 1;
 440}
 441
 442int verify_path(const char *path)
 443{
 444        char c;
 445
 446        goto inside;
 447        for (;;) {
 448                if (!c)
 449                        return 1;
 450                if (c == '/') {
 451inside:
 452                        c = *path++;
 453                        switch (c) {
 454                        default:
 455                                continue;
 456                        case '/': case '\0':
 457                                break;
 458                        case '.':
 459                                if (verify_dotfile(path))
 460                                        continue;
 461                        }
 462                        return 0;
 463                }
 464                c = *path++;
 465        }
 466}
 467
 468/*
 469 * Do we have another file that has the beginning components being a
 470 * proper superset of the name we're trying to add?
 471 */
 472static int has_file_name(const struct cache_entry *ce, int pos, int ok_to_replace)
 473{
 474        int retval = 0;
 475        int len = ce_namelen(ce);
 476        int stage = ce_stage(ce);
 477        const char *name = ce->name;
 478
 479        while (pos < active_nr) {
 480                struct cache_entry *p = active_cache[pos++];
 481
 482                if (len >= ce_namelen(p))
 483                        break;
 484                if (memcmp(name, p->name, len))
 485                        break;
 486                if (ce_stage(p) != stage)
 487                        continue;
 488                if (p->name[len] != '/')
 489                        continue;
 490                retval = -1;
 491                if (!ok_to_replace)
 492                        break;
 493                remove_cache_entry_at(--pos);
 494        }
 495        return retval;
 496}
 497
 498/*
 499 * Do we have another file with a pathname that is a proper
 500 * subset of the name we're trying to add?
 501 */
 502static int has_dir_name(const struct cache_entry *ce, int pos, int ok_to_replace)
 503{
 504        int retval = 0;
 505        int stage = ce_stage(ce);
 506        const char *name = ce->name;
 507        const char *slash = name + ce_namelen(ce);
 508
 509        for (;;) {
 510                int len;
 511
 512                for (;;) {
 513                        if (*--slash == '/')
 514                                break;
 515                        if (slash <= ce->name)
 516                                return retval;
 517                }
 518                len = slash - name;
 519
 520                pos = cache_name_pos(name, ntohs(create_ce_flags(len, stage)));
 521                if (pos >= 0) {
 522                        retval = -1;
 523                        if (!ok_to_replace)
 524                                break;
 525                        remove_cache_entry_at(pos);
 526                        continue;
 527                }
 528
 529                /*
 530                 * Trivial optimization: if we find an entry that
 531                 * already matches the sub-directory, then we know
 532                 * we're ok, and we can exit.
 533                 */
 534                pos = -pos-1;
 535                while (pos < active_nr) {
 536                        struct cache_entry *p = active_cache[pos];
 537                        if ((ce_namelen(p) <= len) ||
 538                            (p->name[len] != '/') ||
 539                            memcmp(p->name, name, len))
 540                                break; /* not our subdirectory */
 541                        if (ce_stage(p) == stage)
 542                                /* p is at the same stage as our entry, and
 543                                 * is a subdirectory of what we are looking
 544                                 * at, so we cannot have conflicts at our
 545                                 * level or anything shorter.
 546                                 */
 547                                return retval;
 548                        pos++;
 549                }
 550        }
 551        return retval;
 552}
 553
 554/* We may be in a situation where we already have path/file and path
 555 * is being added, or we already have path and path/file is being
 556 * added.  Either one would result in a nonsense tree that has path
 557 * twice when git-write-tree tries to write it out.  Prevent it.
 558 * 
 559 * If ok-to-replace is specified, we remove the conflicting entries
 560 * from the cache so the caller should recompute the insert position.
 561 * When this happens, we return non-zero.
 562 */
 563static int check_file_directory_conflict(const struct cache_entry *ce, int pos, int ok_to_replace)
 564{
 565        /*
 566         * We check if the path is a sub-path of a subsequent pathname
 567         * first, since removing those will not change the position
 568         * in the array
 569         */
 570        int retval = has_file_name(ce, pos, ok_to_replace);
 571        /*
 572         * Then check if the path might have a clashing sub-directory
 573         * before it.
 574         */
 575        return retval + has_dir_name(ce, pos, ok_to_replace);
 576}
 577
 578int add_cache_entry(struct cache_entry *ce, int option)
 579{
 580        int pos;
 581        int ok_to_add = option & ADD_CACHE_OK_TO_ADD;
 582        int ok_to_replace = option & ADD_CACHE_OK_TO_REPLACE;
 583        int skip_df_check = option & ADD_CACHE_SKIP_DFCHECK;
 584
 585        pos = cache_name_pos(ce->name, ntohs(ce->ce_flags));
 586
 587        /* existing match? Just replace it. */
 588        if (pos >= 0) {
 589                active_cache_changed = 1;
 590                active_cache[pos] = ce;
 591                return 0;
 592        }
 593        pos = -pos-1;
 594
 595        /*
 596         * Inserting a merged entry ("stage 0") into the index
 597         * will always replace all non-merged entries..
 598         */
 599        if (pos < active_nr && ce_stage(ce) == 0) {
 600                while (ce_same_name(active_cache[pos], ce)) {
 601                        ok_to_add = 1;
 602                        if (!remove_cache_entry_at(pos))
 603                                break;
 604                }
 605        }
 606
 607        if (!ok_to_add)
 608                return -1;
 609        if (!verify_path(ce->name))
 610                return -1;
 611
 612        if (!skip_df_check &&
 613            check_file_directory_conflict(ce, pos, ok_to_replace)) {
 614                if (!ok_to_replace)
 615                        return error("'%s' appears as both a file and as a directory", ce->name);
 616                pos = cache_name_pos(ce->name, ntohs(ce->ce_flags));
 617                pos = -pos-1;
 618        }
 619
 620        /* Make sure the array is big enough .. */
 621        if (active_nr == active_alloc) {
 622                active_alloc = alloc_nr(active_alloc);
 623                active_cache = xrealloc(active_cache, active_alloc * sizeof(struct cache_entry *));
 624        }
 625
 626        /* Add it in.. */
 627        active_nr++;
 628        if (active_nr > pos)
 629                memmove(active_cache + pos + 1, active_cache + pos, (active_nr - pos - 1) * sizeof(ce));
 630        active_cache[pos] = ce;
 631        active_cache_changed = 1;
 632        return 0;
 633}
 634
 635/*
 636 * "refresh" does not calculate a new sha1 file or bring the
 637 * cache up-to-date for mode/content changes. But what it
 638 * _does_ do is to "re-match" the stat information of a file
 639 * with the cache, so that you can refresh the cache for a
 640 * file that hasn't been changed but where the stat entry is
 641 * out of date.
 642 *
 643 * For example, you'd want to do this after doing a "git-read-tree",
 644 * to link up the stat cache details with the proper files.
 645 */
 646struct cache_entry *refresh_cache_entry(struct cache_entry *ce, int really)
 647{
 648        struct stat st;
 649        struct cache_entry *updated;
 650        int changed, size;
 651
 652        if (lstat(ce->name, &st) < 0) {
 653                cache_errno = errno;
 654                return NULL;
 655        }
 656
 657        changed = ce_match_stat(ce, &st, really);
 658        if (!changed) {
 659                if (really && assume_unchanged &&
 660                    !(ce->ce_flags & htons(CE_VALID)))
 661                        ; /* mark this one VALID again */
 662                else
 663                        return ce;
 664        }
 665
 666        if (ce_modified(ce, &st, really)) {
 667                cache_errno = EINVAL;
 668                return NULL;
 669        }
 670
 671        size = ce_size(ce);
 672        updated = xmalloc(size);
 673        memcpy(updated, ce, size);
 674        fill_stat_cache_info(updated, &st);
 675
 676        /* In this case, if really is not set, we should leave
 677         * CE_VALID bit alone.  Otherwise, paths marked with
 678         * --no-assume-unchanged (i.e. things to be edited) will
 679         * reacquire CE_VALID bit automatically, which is not
 680         * really what we want.
 681         */
 682        if (!really && assume_unchanged && !(ce->ce_flags & htons(CE_VALID)))
 683                updated->ce_flags &= ~htons(CE_VALID);
 684
 685        return updated;
 686}
 687
 688int refresh_cache(unsigned int flags)
 689{
 690        int i;
 691        int has_errors = 0;
 692        int really = (flags & REFRESH_REALLY) != 0;
 693        int allow_unmerged = (flags & REFRESH_UNMERGED) != 0;
 694        int quiet = (flags & REFRESH_QUIET) != 0;
 695        int not_new = (flags & REFRESH_IGNORE_MISSING) != 0;
 696
 697        for (i = 0; i < active_nr; i++) {
 698                struct cache_entry *ce, *new;
 699                ce = active_cache[i];
 700                if (ce_stage(ce)) {
 701                        while ((i < active_nr) &&
 702                               ! strcmp(active_cache[i]->name, ce->name))
 703                                i++;
 704                        i--;
 705                        if (allow_unmerged)
 706                                continue;
 707                        printf("%s: needs merge\n", ce->name);
 708                        has_errors = 1;
 709                        continue;
 710                }
 711
 712                new = refresh_cache_entry(ce, really);
 713                if (new == ce)
 714                        continue;
 715                if (!new) {
 716                        if (not_new && cache_errno == ENOENT)
 717                                continue;
 718                        if (really && cache_errno == EINVAL) {
 719                                /* If we are doing --really-refresh that
 720                                 * means the index is not valid anymore.
 721                                 */
 722                                ce->ce_flags &= ~htons(CE_VALID);
 723                                active_cache_changed = 1;
 724                        }
 725                        if (quiet)
 726                                continue;
 727                        printf("%s: needs update\n", ce->name);
 728                        has_errors = 1;
 729                        continue;
 730                }
 731                active_cache_changed = 1;
 732                /* You can NOT just free active_cache[i] here, since it
 733                 * might not be necessarily malloc()ed but can also come
 734                 * from mmap(). */
 735                active_cache[i] = new;
 736        }
 737        return has_errors;
 738}
 739
 740static int verify_hdr(struct cache_header *hdr, unsigned long size)
 741{
 742        SHA_CTX c;
 743        unsigned char sha1[20];
 744
 745        if (hdr->hdr_signature != htonl(CACHE_SIGNATURE))
 746                return error("bad signature");
 747        if (hdr->hdr_version != htonl(2))
 748                return error("bad index version");
 749        SHA1_Init(&c);
 750        SHA1_Update(&c, hdr, size - 20);
 751        SHA1_Final(sha1, &c);
 752        if (hashcmp(sha1, (unsigned char *)hdr + size - 20))
 753                return error("bad index file sha1 signature");
 754        return 0;
 755}
 756
 757static int read_index_extension(const char *ext, void *data, unsigned long sz)
 758{
 759        switch (CACHE_EXT(ext)) {
 760        case CACHE_EXT_TREE:
 761                active_cache_tree = cache_tree_read(data, sz);
 762                break;
 763        default:
 764                if (*ext < 'A' || 'Z' < *ext)
 765                        return error("index uses %.4s extension, which we do not understand",
 766                                     ext);
 767                fprintf(stderr, "ignoring %.4s extension\n", ext);
 768                break;
 769        }
 770        return 0;
 771}
 772
 773int read_cache(void)
 774{
 775        return read_cache_from(get_index_file());
 776}
 777
 778/* remember to discard_cache() before reading a different cache! */
 779int read_cache_from(const char *path)
 780{
 781        int fd, i;
 782        struct stat st;
 783        unsigned long offset;
 784        struct cache_header *hdr;
 785
 786        errno = EBUSY;
 787        if (cache_mmap)
 788                return active_nr;
 789
 790        errno = ENOENT;
 791        index_file_timestamp = 0;
 792        fd = open(path, O_RDONLY);
 793        if (fd < 0) {
 794                if (errno == ENOENT)
 795                        return 0;
 796                die("index file open failed (%s)", strerror(errno));
 797        }
 798
 799        if (!fstat(fd, &st)) {
 800                cache_mmap_size = xsize_t(st.st_size);
 801                errno = EINVAL;
 802                if (cache_mmap_size >= sizeof(struct cache_header) + 20)
 803                        cache_mmap = xmmap(NULL, cache_mmap_size, PROT_READ | PROT_WRITE, MAP_PRIVATE, fd, 0);
 804                else
 805                        die("index file smaller than expected");
 806        } else
 807                die("cannot stat the open index (%s)", strerror(errno));
 808        close(fd);
 809
 810        hdr = cache_mmap;
 811        if (verify_hdr(hdr, cache_mmap_size) < 0)
 812                goto unmap;
 813
 814        active_nr = ntohl(hdr->hdr_entries);
 815        active_alloc = alloc_nr(active_nr);
 816        active_cache = xcalloc(active_alloc, sizeof(struct cache_entry *));
 817
 818        offset = sizeof(*hdr);
 819        for (i = 0; i < active_nr; i++) {
 820                struct cache_entry *ce = (struct cache_entry *) ((char *) cache_mmap + offset);
 821                offset = offset + ce_size(ce);
 822                active_cache[i] = ce;
 823        }
 824        index_file_timestamp = st.st_mtime;
 825        while (offset <= cache_mmap_size - 20 - 8) {
 826                /* After an array of active_nr index entries,
 827                 * there can be arbitrary number of extended
 828                 * sections, each of which is prefixed with
 829                 * extension name (4-byte) and section length
 830                 * in 4-byte network byte order.
 831                 */
 832                unsigned long extsize;
 833                memcpy(&extsize, (char *) cache_mmap + offset + 4, 4);
 834                extsize = ntohl(extsize);
 835                if (read_index_extension(((const char *) cache_mmap) + offset,
 836                                         (char *) cache_mmap + offset + 8,
 837                                         extsize) < 0)
 838                        goto unmap;
 839                offset += 8;
 840                offset += extsize;
 841        }
 842        return active_nr;
 843
 844unmap:
 845        munmap(cache_mmap, cache_mmap_size);
 846        errno = EINVAL;
 847        die("index file corrupt");
 848}
 849
 850int discard_cache(void)
 851{
 852        int ret;
 853
 854        active_nr = active_cache_changed = 0;
 855        index_file_timestamp = 0;
 856        cache_tree_free(&active_cache_tree);
 857        if (cache_mmap == NULL)
 858                return 0;
 859        ret = munmap(cache_mmap, cache_mmap_size);
 860        cache_mmap = NULL;
 861        cache_mmap_size = 0;
 862
 863        /* no need to throw away allocated active_cache */
 864        return ret;
 865}
 866
 867#define WRITE_BUFFER_SIZE 8192
 868static unsigned char write_buffer[WRITE_BUFFER_SIZE];
 869static unsigned long write_buffer_len;
 870
 871static int ce_write_flush(SHA_CTX *context, int fd)
 872{
 873        unsigned int buffered = write_buffer_len;
 874        if (buffered) {
 875                SHA1_Update(context, write_buffer, buffered);
 876                if (write_in_full(fd, write_buffer, buffered) != buffered)
 877                        return -1;
 878                write_buffer_len = 0;
 879        }
 880        return 0;
 881}
 882
 883static int ce_write(SHA_CTX *context, int fd, void *data, unsigned int len)
 884{
 885        while (len) {
 886                unsigned int buffered = write_buffer_len;
 887                unsigned int partial = WRITE_BUFFER_SIZE - buffered;
 888                if (partial > len)
 889                        partial = len;
 890                memcpy(write_buffer + buffered, data, partial);
 891                buffered += partial;
 892                if (buffered == WRITE_BUFFER_SIZE) {
 893                        write_buffer_len = buffered;
 894                        if (ce_write_flush(context, fd))
 895                                return -1;
 896                        buffered = 0;
 897                }
 898                write_buffer_len = buffered;
 899                len -= partial;
 900                data = (char *) data + partial;
 901        }
 902        return 0;
 903}
 904
 905static int write_index_ext_header(SHA_CTX *context, int fd,
 906                                  unsigned int ext, unsigned int sz)
 907{
 908        ext = htonl(ext);
 909        sz = htonl(sz);
 910        return ((ce_write(context, fd, &ext, 4) < 0) ||
 911                (ce_write(context, fd, &sz, 4) < 0)) ? -1 : 0;
 912}
 913
 914static int ce_flush(SHA_CTX *context, int fd)
 915{
 916        unsigned int left = write_buffer_len;
 917
 918        if (left) {
 919                write_buffer_len = 0;
 920                SHA1_Update(context, write_buffer, left);
 921        }
 922
 923        /* Flush first if not enough space for SHA1 signature */
 924        if (left + 20 > WRITE_BUFFER_SIZE) {
 925                if (write_in_full(fd, write_buffer, left) != left)
 926                        return -1;
 927                left = 0;
 928        }
 929
 930        /* Append the SHA1 signature at the end */
 931        SHA1_Final(write_buffer + left, context);
 932        left += 20;
 933        return (write_in_full(fd, write_buffer, left) != left) ? -1 : 0;
 934}
 935
 936static void ce_smudge_racily_clean_entry(struct cache_entry *ce)
 937{
 938        /*
 939         * The only thing we care about in this function is to smudge the
 940         * falsely clean entry due to touch-update-touch race, so we leave
 941         * everything else as they are.  We are called for entries whose
 942         * ce_mtime match the index file mtime.
 943         */
 944        struct stat st;
 945
 946        if (lstat(ce->name, &st) < 0)
 947                return;
 948        if (ce_match_stat_basic(ce, &st))
 949                return;
 950        if (ce_modified_check_fs(ce, &st)) {
 951                /* This is "racily clean"; smudge it.  Note that this
 952                 * is a tricky code.  At first glance, it may appear
 953                 * that it can break with this sequence:
 954                 *
 955                 * $ echo xyzzy >frotz
 956                 * $ git-update-index --add frotz
 957                 * $ : >frotz
 958                 * $ sleep 3
 959                 * $ echo filfre >nitfol
 960                 * $ git-update-index --add nitfol
 961                 *
 962                 * but it does not.  When the second update-index runs,
 963                 * it notices that the entry "frotz" has the same timestamp
 964                 * as index, and if we were to smudge it by resetting its
 965                 * size to zero here, then the object name recorded
 966                 * in index is the 6-byte file but the cached stat information
 967                 * becomes zero --- which would then match what we would
 968                 * obtain from the filesystem next time we stat("frotz"). 
 969                 *
 970                 * However, the second update-index, before calling
 971                 * this function, notices that the cached size is 6
 972                 * bytes and what is on the filesystem is an empty
 973                 * file, and never calls us, so the cached size information
 974                 * for "frotz" stays 6 which does not match the filesystem.
 975                 */
 976                ce->ce_size = htonl(0);
 977        }
 978}
 979
 980int write_cache(int newfd, struct cache_entry **cache, int entries)
 981{
 982        SHA_CTX c;
 983        struct cache_header hdr;
 984        int i, removed;
 985
 986        for (i = removed = 0; i < entries; i++)
 987                if (!cache[i]->ce_mode)
 988                        removed++;
 989
 990        hdr.hdr_signature = htonl(CACHE_SIGNATURE);
 991        hdr.hdr_version = htonl(2);
 992        hdr.hdr_entries = htonl(entries - removed);
 993
 994        SHA1_Init(&c);
 995        if (ce_write(&c, newfd, &hdr, sizeof(hdr)) < 0)
 996                return -1;
 997
 998        for (i = 0; i < entries; i++) {
 999                struct cache_entry *ce = cache[i];
1000                if (!ce->ce_mode)
1001                        continue;
1002                if (index_file_timestamp &&
1003                    index_file_timestamp <= ntohl(ce->ce_mtime.sec))
1004                        ce_smudge_racily_clean_entry(ce);
1005                if (ce_write(&c, newfd, ce, ce_size(ce)) < 0)
1006                        return -1;
1007        }
1008
1009        /* Write extension data here */
1010        if (active_cache_tree) {
1011                unsigned long sz;
1012                void *data = cache_tree_write(active_cache_tree, &sz);
1013                if (data &&
1014                    !write_index_ext_header(&c, newfd, CACHE_EXT_TREE, sz) &&
1015                    !ce_write(&c, newfd, data, sz))
1016                        free(data);
1017                else {
1018                        free(data);
1019                        return -1;
1020                }
1021        }
1022        return ce_flush(&c, newfd);
1023}