read-cache.con commit combine-diff.c: type sanity (2386c29)
   1/*
   2 * GIT - The information manager from hell
   3 *
   4 * Copyright (C) Linus Torvalds, 2005
   5 */
   6#include "cache.h"
   7#include "cache-tree.h"
   8
   9/* Index extensions.
  10 *
  11 * The first letter should be 'A'..'Z' for extensions that are not
  12 * necessary for a correct operation (i.e. optimization data).
  13 * When new extensions are added that _needs_ to be understood in
  14 * order to correctly interpret the index file, pick character that
  15 * is outside the range, to cause the reader to abort.
  16 */
  17
  18#define CACHE_EXT(s) ( (s[0]<<24)|(s[1]<<16)|(s[2]<<8)|(s[3]) )
  19#define CACHE_EXT_TREE 0x54524545       /* "TREE" */
  20
  21struct cache_entry **active_cache = NULL;
  22static time_t index_file_timestamp;
  23unsigned int active_nr = 0, active_alloc = 0, active_cache_changed = 0;
  24
  25struct cache_tree *active_cache_tree = NULL;
  26
  27/*
  28 * This only updates the "non-critical" parts of the directory
  29 * cache, ie the parts that aren't tracked by GIT, and only used
  30 * to validate the cache.
  31 */
  32void fill_stat_cache_info(struct cache_entry *ce, struct stat *st)
  33{
  34        ce->ce_ctime.sec = htonl(st->st_ctime);
  35        ce->ce_mtime.sec = htonl(st->st_mtime);
  36#ifdef USE_NSEC
  37        ce->ce_ctime.nsec = htonl(st->st_ctim.tv_nsec);
  38        ce->ce_mtime.nsec = htonl(st->st_mtim.tv_nsec);
  39#endif
  40        ce->ce_dev = htonl(st->st_dev);
  41        ce->ce_ino = htonl(st->st_ino);
  42        ce->ce_uid = htonl(st->st_uid);
  43        ce->ce_gid = htonl(st->st_gid);
  44        ce->ce_size = htonl(st->st_size);
  45
  46        if (assume_unchanged)
  47                ce->ce_flags |= htons(CE_VALID);
  48}
  49
  50static int ce_compare_data(struct cache_entry *ce, struct stat *st)
  51{
  52        int match = -1;
  53        int fd = open(ce->name, O_RDONLY);
  54
  55        if (fd >= 0) {
  56                unsigned char sha1[20];
  57                if (!index_fd(sha1, fd, st, 0, NULL))
  58                        match = memcmp(sha1, ce->sha1, 20);
  59                close(fd);
  60        }
  61        return match;
  62}
  63
  64static int ce_compare_link(struct cache_entry *ce, unsigned long expected_size)
  65{
  66        int match = -1;
  67        char *target;
  68        void *buffer;
  69        unsigned long size;
  70        char type[10];
  71        int len;
  72
  73        target = xmalloc(expected_size);
  74        len = readlink(ce->name, target, expected_size);
  75        if (len != expected_size) {
  76                free(target);
  77                return -1;
  78        }
  79        buffer = read_sha1_file(ce->sha1, type, &size);
  80        if (!buffer) {
  81                free(target);
  82                return -1;
  83        }
  84        if (size == expected_size)
  85                match = memcmp(buffer, target, size);
  86        free(buffer);
  87        free(target);
  88        return match;
  89}
  90
  91static int ce_modified_check_fs(struct cache_entry *ce, struct stat *st)
  92{
  93        switch (st->st_mode & S_IFMT) {
  94        case S_IFREG:
  95                if (ce_compare_data(ce, st))
  96                        return DATA_CHANGED;
  97                break;
  98        case S_IFLNK:
  99                if (ce_compare_link(ce, st->st_size))
 100                        return DATA_CHANGED;
 101                break;
 102        default:
 103                return TYPE_CHANGED;
 104        }
 105        return 0;
 106}
 107
 108static int ce_match_stat_basic(struct cache_entry *ce, struct stat *st)
 109{
 110        unsigned int changed = 0;
 111
 112        switch (ntohl(ce->ce_mode) & S_IFMT) {
 113        case S_IFREG:
 114                changed |= !S_ISREG(st->st_mode) ? TYPE_CHANGED : 0;
 115                /* We consider only the owner x bit to be relevant for
 116                 * "mode changes"
 117                 */
 118                if (trust_executable_bit &&
 119                    (0100 & (ntohl(ce->ce_mode) ^ st->st_mode)))
 120                        changed |= MODE_CHANGED;
 121                break;
 122        case S_IFLNK:
 123                changed |= !S_ISLNK(st->st_mode) ? TYPE_CHANGED : 0;
 124                break;
 125        default:
 126                die("internal error: ce_mode is %o", ntohl(ce->ce_mode));
 127        }
 128        if (ce->ce_mtime.sec != htonl(st->st_mtime))
 129                changed |= MTIME_CHANGED;
 130        if (ce->ce_ctime.sec != htonl(st->st_ctime))
 131                changed |= CTIME_CHANGED;
 132
 133#ifdef USE_NSEC
 134        /*
 135         * nsec seems unreliable - not all filesystems support it, so
 136         * as long as it is in the inode cache you get right nsec
 137         * but after it gets flushed, you get zero nsec.
 138         */
 139        if (ce->ce_mtime.nsec != htonl(st->st_mtim.tv_nsec))
 140                changed |= MTIME_CHANGED;
 141        if (ce->ce_ctime.nsec != htonl(st->st_ctim.tv_nsec))
 142                changed |= CTIME_CHANGED;
 143#endif  
 144
 145        if (ce->ce_uid != htonl(st->st_uid) ||
 146            ce->ce_gid != htonl(st->st_gid))
 147                changed |= OWNER_CHANGED;
 148        if (ce->ce_ino != htonl(st->st_ino))
 149                changed |= INODE_CHANGED;
 150
 151#ifdef USE_STDEV
 152        /*
 153         * st_dev breaks on network filesystems where different
 154         * clients will have different views of what "device"
 155         * the filesystem is on
 156         */
 157        if (ce->ce_dev != htonl(st->st_dev))
 158                changed |= INODE_CHANGED;
 159#endif
 160
 161        if (ce->ce_size != htonl(st->st_size))
 162                changed |= DATA_CHANGED;
 163
 164        return changed;
 165}
 166
 167int ce_match_stat(struct cache_entry *ce, struct stat *st, int ignore_valid)
 168{
 169        unsigned int changed;
 170
 171        /*
 172         * If it's marked as always valid in the index, it's
 173         * valid whatever the checked-out copy says.
 174         */
 175        if (!ignore_valid && (ce->ce_flags & htons(CE_VALID)))
 176                return 0;
 177
 178        changed = ce_match_stat_basic(ce, st);
 179
 180        /*
 181         * Within 1 second of this sequence:
 182         *      echo xyzzy >file && git-update-index --add file
 183         * running this command:
 184         *      echo frotz >file
 185         * would give a falsely clean cache entry.  The mtime and
 186         * length match the cache, and other stat fields do not change.
 187         *
 188         * We could detect this at update-index time (the cache entry
 189         * being registered/updated records the same time as "now")
 190         * and delay the return from git-update-index, but that would
 191         * effectively mean we can make at most one commit per second,
 192         * which is not acceptable.  Instead, we check cache entries
 193         * whose mtime are the same as the index file timestamp more
 194         * carefully than others.
 195         */
 196        if (!changed &&
 197            index_file_timestamp &&
 198            index_file_timestamp <= ntohl(ce->ce_mtime.sec))
 199                changed |= ce_modified_check_fs(ce, st);
 200
 201        return changed;
 202}
 203
 204int ce_modified(struct cache_entry *ce, struct stat *st, int really)
 205{
 206        int changed, changed_fs;
 207        changed = ce_match_stat(ce, st, really);
 208        if (!changed)
 209                return 0;
 210        /*
 211         * If the mode or type has changed, there's no point in trying
 212         * to refresh the entry - it's not going to match
 213         */
 214        if (changed & (MODE_CHANGED | TYPE_CHANGED))
 215                return changed;
 216
 217        /* Immediately after read-tree or update-index --cacheinfo,
 218         * the length field is zero.  For other cases the ce_size
 219         * should match the SHA1 recorded in the index entry.
 220         */
 221        if ((changed & DATA_CHANGED) && ce->ce_size != htonl(0))
 222                return changed;
 223
 224        changed_fs = ce_modified_check_fs(ce, st);
 225        if (changed_fs)
 226                return changed | changed_fs;
 227        return 0;
 228}
 229
 230int base_name_compare(const char *name1, int len1, int mode1,
 231                      const char *name2, int len2, int mode2)
 232{
 233        unsigned char c1, c2;
 234        int len = len1 < len2 ? len1 : len2;
 235        int cmp;
 236
 237        cmp = memcmp(name1, name2, len);
 238        if (cmp)
 239                return cmp;
 240        c1 = name1[len];
 241        c2 = name2[len];
 242        if (!c1 && S_ISDIR(mode1))
 243                c1 = '/';
 244        if (!c2 && S_ISDIR(mode2))
 245                c2 = '/';
 246        return (c1 < c2) ? -1 : (c1 > c2) ? 1 : 0;
 247}
 248
 249int cache_name_compare(const char *name1, int flags1, const char *name2, int flags2)
 250{
 251        int len1 = flags1 & CE_NAMEMASK;
 252        int len2 = flags2 & CE_NAMEMASK;
 253        int len = len1 < len2 ? len1 : len2;
 254        int cmp;
 255
 256        cmp = memcmp(name1, name2, len);
 257        if (cmp)
 258                return cmp;
 259        if (len1 < len2)
 260                return -1;
 261        if (len1 > len2)
 262                return 1;
 263
 264        /* Compare stages  */
 265        flags1 &= CE_STAGEMASK;
 266        flags2 &= CE_STAGEMASK;
 267
 268        if (flags1 < flags2)
 269                return -1;
 270        if (flags1 > flags2)
 271                return 1;
 272        return 0;
 273}
 274
 275int cache_name_pos(const char *name, int namelen)
 276{
 277        int first, last;
 278
 279        first = 0;
 280        last = active_nr;
 281        while (last > first) {
 282                int next = (last + first) >> 1;
 283                struct cache_entry *ce = active_cache[next];
 284                int cmp = cache_name_compare(name, namelen, ce->name, ntohs(ce->ce_flags));
 285                if (!cmp)
 286                        return next;
 287                if (cmp < 0) {
 288                        last = next;
 289                        continue;
 290                }
 291                first = next+1;
 292        }
 293        return -first-1;
 294}
 295
 296/* Remove entry, return true if there are more entries to go.. */
 297int remove_cache_entry_at(int pos)
 298{
 299        active_cache_changed = 1;
 300        active_nr--;
 301        if (pos >= active_nr)
 302                return 0;
 303        memmove(active_cache + pos, active_cache + pos + 1, (active_nr - pos) * sizeof(struct cache_entry *));
 304        return 1;
 305}
 306
 307int remove_file_from_cache(const char *path)
 308{
 309        int pos = cache_name_pos(path, strlen(path));
 310        if (pos < 0)
 311                pos = -pos-1;
 312        while (pos < active_nr && !strcmp(active_cache[pos]->name, path))
 313                remove_cache_entry_at(pos);
 314        return 0;
 315}
 316
 317int ce_same_name(struct cache_entry *a, struct cache_entry *b)
 318{
 319        int len = ce_namelen(a);
 320        return ce_namelen(b) == len && !memcmp(a->name, b->name, len);
 321}
 322
 323int ce_path_match(const struct cache_entry *ce, const char **pathspec)
 324{
 325        const char *match, *name;
 326        int len;
 327
 328        if (!pathspec)
 329                return 1;
 330
 331        len = ce_namelen(ce);
 332        name = ce->name;
 333        while ((match = *pathspec++) != NULL) {
 334                int matchlen = strlen(match);
 335                if (matchlen > len)
 336                        continue;
 337                if (memcmp(name, match, matchlen))
 338                        continue;
 339                if (matchlen && name[matchlen-1] == '/')
 340                        return 1;
 341                if (name[matchlen] == '/' || !name[matchlen])
 342                        return 1;
 343                if (!matchlen)
 344                        return 1;
 345        }
 346        return 0;
 347}
 348
 349/*
 350 * We fundamentally don't like some paths: we don't want
 351 * dot or dot-dot anywhere, and for obvious reasons don't
 352 * want to recurse into ".git" either.
 353 *
 354 * Also, we don't want double slashes or slashes at the
 355 * end that can make pathnames ambiguous.
 356 */
 357static int verify_dotfile(const char *rest)
 358{
 359        /*
 360         * The first character was '.', but that
 361         * has already been discarded, we now test
 362         * the rest.
 363         */
 364        switch (*rest) {
 365        /* "." is not allowed */
 366        case '\0': case '/':
 367                return 0;
 368
 369        /*
 370         * ".git" followed by  NUL or slash is bad. This
 371         * shares the path end test with the ".." case.
 372         */
 373        case 'g':
 374                if (rest[1] != 'i')
 375                        break;
 376                if (rest[2] != 't')
 377                        break;
 378                rest += 2;
 379        /* fallthrough */
 380        case '.':
 381                if (rest[1] == '\0' || rest[1] == '/')
 382                        return 0;
 383        }
 384        return 1;
 385}
 386
 387int verify_path(const char *path)
 388{
 389        char c;
 390
 391        goto inside;
 392        for (;;) {
 393                if (!c)
 394                        return 1;
 395                if (c == '/') {
 396inside:
 397                        c = *path++;
 398                        switch (c) {
 399                        default:
 400                                continue;
 401                        case '/': case '\0':
 402                                break;
 403                        case '.':
 404                                if (verify_dotfile(path))
 405                                        continue;
 406                        }
 407                        return 0;
 408                }
 409                c = *path++;
 410        }
 411}
 412
 413/*
 414 * Do we have another file that has the beginning components being a
 415 * proper superset of the name we're trying to add?
 416 */
 417static int has_file_name(const struct cache_entry *ce, int pos, int ok_to_replace)
 418{
 419        int retval = 0;
 420        int len = ce_namelen(ce);
 421        int stage = ce_stage(ce);
 422        const char *name = ce->name;
 423
 424        while (pos < active_nr) {
 425                struct cache_entry *p = active_cache[pos++];
 426
 427                if (len >= ce_namelen(p))
 428                        break;
 429                if (memcmp(name, p->name, len))
 430                        break;
 431                if (ce_stage(p) != stage)
 432                        continue;
 433                if (p->name[len] != '/')
 434                        continue;
 435                retval = -1;
 436                if (!ok_to_replace)
 437                        break;
 438                remove_cache_entry_at(--pos);
 439        }
 440        return retval;
 441}
 442
 443/*
 444 * Do we have another file with a pathname that is a proper
 445 * subset of the name we're trying to add?
 446 */
 447static int has_dir_name(const struct cache_entry *ce, int pos, int ok_to_replace)
 448{
 449        int retval = 0;
 450        int stage = ce_stage(ce);
 451        const char *name = ce->name;
 452        const char *slash = name + ce_namelen(ce);
 453
 454        for (;;) {
 455                int len;
 456
 457                for (;;) {
 458                        if (*--slash == '/')
 459                                break;
 460                        if (slash <= ce->name)
 461                                return retval;
 462                }
 463                len = slash - name;
 464
 465                pos = cache_name_pos(name, ntohs(create_ce_flags(len, stage)));
 466                if (pos >= 0) {
 467                        retval = -1;
 468                        if (ok_to_replace)
 469                                break;
 470                        remove_cache_entry_at(pos);
 471                        continue;
 472                }
 473
 474                /*
 475                 * Trivial optimization: if we find an entry that
 476                 * already matches the sub-directory, then we know
 477                 * we're ok, and we can exit.
 478                 */
 479                pos = -pos-1;
 480                while (pos < active_nr) {
 481                        struct cache_entry *p = active_cache[pos];
 482                        if ((ce_namelen(p) <= len) ||
 483                            (p->name[len] != '/') ||
 484                            memcmp(p->name, name, len))
 485                                break; /* not our subdirectory */
 486                        if (ce_stage(p) == stage)
 487                                /* p is at the same stage as our entry, and
 488                                 * is a subdirectory of what we are looking
 489                                 * at, so we cannot have conflicts at our
 490                                 * level or anything shorter.
 491                                 */
 492                                return retval;
 493                        pos++;
 494                }
 495        }
 496        return retval;
 497}
 498
 499/* We may be in a situation where we already have path/file and path
 500 * is being added, or we already have path and path/file is being
 501 * added.  Either one would result in a nonsense tree that has path
 502 * twice when git-write-tree tries to write it out.  Prevent it.
 503 * 
 504 * If ok-to-replace is specified, we remove the conflicting entries
 505 * from the cache so the caller should recompute the insert position.
 506 * When this happens, we return non-zero.
 507 */
 508static int check_file_directory_conflict(const struct cache_entry *ce, int pos, int ok_to_replace)
 509{
 510        /*
 511         * We check if the path is a sub-path of a subsequent pathname
 512         * first, since removing those will not change the position
 513         * in the array
 514         */
 515        int retval = has_file_name(ce, pos, ok_to_replace);
 516        /*
 517         * Then check if the path might have a clashing sub-directory
 518         * before it.
 519         */
 520        return retval + has_dir_name(ce, pos, ok_to_replace);
 521}
 522
 523int add_cache_entry(struct cache_entry *ce, int option)
 524{
 525        int pos;
 526        int ok_to_add = option & ADD_CACHE_OK_TO_ADD;
 527        int ok_to_replace = option & ADD_CACHE_OK_TO_REPLACE;
 528        int skip_df_check = option & ADD_CACHE_SKIP_DFCHECK;
 529
 530        pos = cache_name_pos(ce->name, ntohs(ce->ce_flags));
 531
 532        /* existing match? Just replace it. */
 533        if (pos >= 0) {
 534                active_cache_changed = 1;
 535                active_cache[pos] = ce;
 536                return 0;
 537        }
 538        pos = -pos-1;
 539
 540        /*
 541         * Inserting a merged entry ("stage 0") into the index
 542         * will always replace all non-merged entries..
 543         */
 544        if (pos < active_nr && ce_stage(ce) == 0) {
 545                while (ce_same_name(active_cache[pos], ce)) {
 546                        ok_to_add = 1;
 547                        if (!remove_cache_entry_at(pos))
 548                                break;
 549                }
 550        }
 551
 552        if (!ok_to_add)
 553                return -1;
 554        if (!verify_path(ce->name))
 555                return -1;
 556
 557        if (!skip_df_check &&
 558            check_file_directory_conflict(ce, pos, ok_to_replace)) {
 559                if (!ok_to_replace)
 560                        return -1;
 561                pos = cache_name_pos(ce->name, ntohs(ce->ce_flags));
 562                pos = -pos-1;
 563        }
 564
 565        /* Make sure the array is big enough .. */
 566        if (active_nr == active_alloc) {
 567                active_alloc = alloc_nr(active_alloc);
 568                active_cache = xrealloc(active_cache, active_alloc * sizeof(struct cache_entry *));
 569        }
 570
 571        /* Add it in.. */
 572        active_nr++;
 573        if (active_nr > pos)
 574                memmove(active_cache + pos + 1, active_cache + pos, (active_nr - pos - 1) * sizeof(ce));
 575        active_cache[pos] = ce;
 576        active_cache_changed = 1;
 577        return 0;
 578}
 579
 580/* Three functions to allow overloaded pointer return; see linux/err.h */
 581static inline void *ERR_PTR(long error)
 582{
 583        return (void *) error;
 584}
 585
 586static inline long PTR_ERR(const void *ptr)
 587{
 588        return (long) ptr;
 589}
 590
 591static inline long IS_ERR(const void *ptr)
 592{
 593        return (unsigned long)ptr > (unsigned long)-1000L;
 594}
 595
 596/*
 597 * "refresh" does not calculate a new sha1 file or bring the
 598 * cache up-to-date for mode/content changes. But what it
 599 * _does_ do is to "re-match" the stat information of a file
 600 * with the cache, so that you can refresh the cache for a
 601 * file that hasn't been changed but where the stat entry is
 602 * out of date.
 603 *
 604 * For example, you'd want to do this after doing a "git-read-tree",
 605 * to link up the stat cache details with the proper files.
 606 */
 607static struct cache_entry *refresh_entry(struct cache_entry *ce, int really)
 608{
 609        struct stat st;
 610        struct cache_entry *updated;
 611        int changed, size;
 612
 613        if (lstat(ce->name, &st) < 0)
 614                return ERR_PTR(-errno);
 615
 616        changed = ce_match_stat(ce, &st, really);
 617        if (!changed) {
 618                if (really && assume_unchanged &&
 619                    !(ce->ce_flags & htons(CE_VALID)))
 620                        ; /* mark this one VALID again */
 621                else
 622                        return NULL;
 623        }
 624
 625        if (ce_modified(ce, &st, really))
 626                return ERR_PTR(-EINVAL);
 627
 628        size = ce_size(ce);
 629        updated = xmalloc(size);
 630        memcpy(updated, ce, size);
 631        fill_stat_cache_info(updated, &st);
 632
 633        /* In this case, if really is not set, we should leave
 634         * CE_VALID bit alone.  Otherwise, paths marked with
 635         * --no-assume-unchanged (i.e. things to be edited) will
 636         * reacquire CE_VALID bit automatically, which is not
 637         * really what we want.
 638         */
 639        if (!really && assume_unchanged && !(ce->ce_flags & htons(CE_VALID)))
 640                updated->ce_flags &= ~htons(CE_VALID);
 641
 642        return updated;
 643}
 644
 645int refresh_cache(unsigned int flags)
 646{
 647        int i;
 648        int has_errors = 0;
 649        int really = (flags & REFRESH_REALLY) != 0;
 650        int allow_unmerged = (flags & REFRESH_UNMERGED) != 0;
 651        int quiet = (flags & REFRESH_QUIET) != 0;
 652        int not_new = (flags & REFRESH_IGNORE_MISSING) != 0;
 653
 654        for (i = 0; i < active_nr; i++) {
 655                struct cache_entry *ce, *new;
 656                ce = active_cache[i];
 657                if (ce_stage(ce)) {
 658                        while ((i < active_nr) &&
 659                               ! strcmp(active_cache[i]->name, ce->name))
 660                                i++;
 661                        i--;
 662                        if (allow_unmerged)
 663                                continue;
 664                        printf("%s: needs merge\n", ce->name);
 665                        has_errors = 1;
 666                        continue;
 667                }
 668
 669                new = refresh_entry(ce, really);
 670                if (!new)
 671                        continue;
 672                if (IS_ERR(new)) {
 673                        if (not_new && PTR_ERR(new) == -ENOENT)
 674                                continue;
 675                        if (really && PTR_ERR(new) == -EINVAL) {
 676                                /* If we are doing --really-refresh that
 677                                 * means the index is not valid anymore.
 678                                 */
 679                                ce->ce_flags &= ~htons(CE_VALID);
 680                                active_cache_changed = 1;
 681                        }
 682                        if (quiet)
 683                                continue;
 684                        printf("%s: needs update\n", ce->name);
 685                        has_errors = 1;
 686                        continue;
 687                }
 688                active_cache_changed = 1;
 689                /* You can NOT just free active_cache[i] here, since it
 690                 * might not be necessarily malloc()ed but can also come
 691                 * from mmap(). */
 692                active_cache[i] = new;
 693        }
 694        return has_errors;
 695}
 696
 697static int verify_hdr(struct cache_header *hdr, unsigned long size)
 698{
 699        SHA_CTX c;
 700        unsigned char sha1[20];
 701
 702        if (hdr->hdr_signature != htonl(CACHE_SIGNATURE))
 703                return error("bad signature");
 704        if (hdr->hdr_version != htonl(2))
 705                return error("bad index version");
 706        SHA1_Init(&c);
 707        SHA1_Update(&c, hdr, size - 20);
 708        SHA1_Final(sha1, &c);
 709        if (memcmp(sha1, (char *) hdr + size - 20, 20))
 710                return error("bad index file sha1 signature");
 711        return 0;
 712}
 713
 714static int read_index_extension(const char *ext, void *data, unsigned long sz)
 715{
 716        switch (CACHE_EXT(ext)) {
 717        case CACHE_EXT_TREE:
 718                active_cache_tree = cache_tree_read(data, sz);
 719                break;
 720        default:
 721                if (*ext < 'A' || 'Z' < *ext)
 722                        return error("index uses %.4s extension, which we do not understand",
 723                                     ext);
 724                fprintf(stderr, "ignoring %.4s extension\n", ext);
 725                break;
 726        }
 727        return 0;
 728}
 729
 730int read_cache(void)
 731{
 732        int fd, i;
 733        struct stat st;
 734        unsigned long size, offset;
 735        void *map;
 736        struct cache_header *hdr;
 737
 738        errno = EBUSY;
 739        if (active_cache)
 740                return active_nr;
 741
 742        errno = ENOENT;
 743        index_file_timestamp = 0;
 744        fd = open(get_index_file(), O_RDONLY);
 745        if (fd < 0) {
 746                if (errno == ENOENT)
 747                        return 0;
 748                die("index file open failed (%s)", strerror(errno));
 749        }
 750
 751        size = 0; // avoid gcc warning
 752        map = MAP_FAILED;
 753        if (!fstat(fd, &st)) {
 754                size = st.st_size;
 755                errno = EINVAL;
 756                if (size >= sizeof(struct cache_header) + 20)
 757                        map = mmap(NULL, size, PROT_READ | PROT_WRITE, MAP_PRIVATE, fd, 0);
 758        }
 759        close(fd);
 760        if (map == MAP_FAILED)
 761                die("index file mmap failed (%s)", strerror(errno));
 762
 763        hdr = map;
 764        if (verify_hdr(hdr, size) < 0)
 765                goto unmap;
 766
 767        active_nr = ntohl(hdr->hdr_entries);
 768        active_alloc = alloc_nr(active_nr);
 769        active_cache = xcalloc(active_alloc, sizeof(struct cache_entry *));
 770
 771        offset = sizeof(*hdr);
 772        for (i = 0; i < active_nr; i++) {
 773                struct cache_entry *ce = (struct cache_entry *) ((char *) map + offset);
 774                offset = offset + ce_size(ce);
 775                active_cache[i] = ce;
 776        }
 777        index_file_timestamp = st.st_mtime;
 778        while (offset <= size - 20 - 8) {
 779                /* After an array of active_nr index entries,
 780                 * there can be arbitrary number of extended
 781                 * sections, each of which is prefixed with
 782                 * extension name (4-byte) and section length
 783                 * in 4-byte network byte order.
 784                 */
 785                unsigned long extsize;
 786                memcpy(&extsize, (char *) map + offset + 4, 4);
 787                extsize = ntohl(extsize);
 788                if (read_index_extension(((const char *) map) + offset,
 789                                         (char *) map + offset + 8,
 790                                         extsize) < 0)
 791                        goto unmap;
 792                offset += 8;
 793                offset += extsize;
 794        }
 795        return active_nr;
 796
 797unmap:
 798        munmap(map, size);
 799        errno = EINVAL;
 800        die("index file corrupt");
 801}
 802
 803#define WRITE_BUFFER_SIZE 8192
 804static unsigned char write_buffer[WRITE_BUFFER_SIZE];
 805static unsigned long write_buffer_len;
 806
 807static int ce_write(SHA_CTX *context, int fd, void *data, unsigned int len)
 808{
 809        while (len) {
 810                unsigned int buffered = write_buffer_len;
 811                unsigned int partial = WRITE_BUFFER_SIZE - buffered;
 812                if (partial > len)
 813                        partial = len;
 814                memcpy(write_buffer + buffered, data, partial);
 815                buffered += partial;
 816                if (buffered == WRITE_BUFFER_SIZE) {
 817                        SHA1_Update(context, write_buffer, WRITE_BUFFER_SIZE);
 818                        if (write(fd, write_buffer, WRITE_BUFFER_SIZE) != WRITE_BUFFER_SIZE)
 819                                return -1;
 820                        buffered = 0;
 821                }
 822                write_buffer_len = buffered;
 823                len -= partial;
 824                data = (char *) data + partial;
 825        }
 826        return 0;
 827}
 828
 829static int write_index_ext_header(SHA_CTX *context, int fd,
 830                                  unsigned int ext, unsigned int sz)
 831{
 832        ext = htonl(ext);
 833        sz = htonl(sz);
 834        if ((ce_write(context, fd, &ext, 4) < 0) ||
 835            (ce_write(context, fd, &sz, 4) < 0))
 836                return -1;
 837        return 0;
 838}
 839
 840static int ce_flush(SHA_CTX *context, int fd)
 841{
 842        unsigned int left = write_buffer_len;
 843
 844        if (left) {
 845                write_buffer_len = 0;
 846                SHA1_Update(context, write_buffer, left);
 847        }
 848
 849        /* Flush first if not enough space for SHA1 signature */
 850        if (left + 20 > WRITE_BUFFER_SIZE) {
 851                if (write(fd, write_buffer, left) != left)
 852                        return -1;
 853                left = 0;
 854        }
 855
 856        /* Append the SHA1 signature at the end */
 857        SHA1_Final(write_buffer + left, context);
 858        left += 20;
 859        if (write(fd, write_buffer, left) != left)
 860                return -1;
 861        return 0;
 862}
 863
 864static void ce_smudge_racily_clean_entry(struct cache_entry *ce)
 865{
 866        /*
 867         * The only thing we care about in this function is to smudge the
 868         * falsely clean entry due to touch-update-touch race, so we leave
 869         * everything else as they are.  We are called for entries whose
 870         * ce_mtime match the index file mtime.
 871         */
 872        struct stat st;
 873
 874        if (lstat(ce->name, &st) < 0)
 875                return;
 876        if (ce_match_stat_basic(ce, &st))
 877                return;
 878        if (ce_modified_check_fs(ce, &st)) {
 879                /* This is "racily clean"; smudge it.  Note that this
 880                 * is a tricky code.  At first glance, it may appear
 881                 * that it can break with this sequence:
 882                 *
 883                 * $ echo xyzzy >frotz
 884                 * $ git-update-index --add frotz
 885                 * $ : >frotz
 886                 * $ sleep 3
 887                 * $ echo filfre >nitfol
 888                 * $ git-update-index --add nitfol
 889                 *
 890                 * but it does not.  Whe the second update-index runs,
 891                 * it notices that the entry "frotz" has the same timestamp
 892                 * as index, and if we were to smudge it by resetting its
 893                 * size to zero here, then the object name recorded
 894                 * in index is the 6-byte file but the cached stat information
 895                 * becomes zero --- which would then match what we would
 896                 * obtain from the filesystem next time we stat("frotz"). 
 897                 *
 898                 * However, the second update-index, before calling
 899                 * this function, notices that the cached size is 6
 900                 * bytes and what is on the filesystem is an empty
 901                 * file, and never calls us, so the cached size information
 902                 * for "frotz" stays 6 which does not match the filesystem.
 903                 */
 904                ce->ce_size = htonl(0);
 905        }
 906}
 907
 908int write_cache(int newfd, struct cache_entry **cache, int entries)
 909{
 910        SHA_CTX c;
 911        struct cache_header hdr;
 912        int i, removed;
 913
 914        for (i = removed = 0; i < entries; i++)
 915                if (!cache[i]->ce_mode)
 916                        removed++;
 917
 918        hdr.hdr_signature = htonl(CACHE_SIGNATURE);
 919        hdr.hdr_version = htonl(2);
 920        hdr.hdr_entries = htonl(entries - removed);
 921
 922        SHA1_Init(&c);
 923        if (ce_write(&c, newfd, &hdr, sizeof(hdr)) < 0)
 924                return -1;
 925
 926        for (i = 0; i < entries; i++) {
 927                struct cache_entry *ce = cache[i];
 928                if (!ce->ce_mode)
 929                        continue;
 930                if (index_file_timestamp &&
 931                    index_file_timestamp <= ntohl(ce->ce_mtime.sec))
 932                        ce_smudge_racily_clean_entry(ce);
 933                if (ce_write(&c, newfd, ce, ce_size(ce)) < 0)
 934                        return -1;
 935        }
 936
 937        /* Write extension data here */
 938        if (active_cache_tree) {
 939                unsigned long sz;
 940                void *data = cache_tree_write(active_cache_tree, &sz);
 941                if (data &&
 942                    !write_index_ext_header(&c, newfd, CACHE_EXT_TREE, sz) &&
 943                    !ce_write(&c, newfd, data, sz))
 944                        ;
 945                else {
 946                        free(data);
 947                        return -1;
 948                }
 949        }
 950        return ce_flush(&c, newfd);
 951}