1/* 2 * Copyright (c) 2005, Junio C Hamano 3 */ 4 5/* 6 * State diagram and cleanup 7 * ------------------------- 8 * 9 * This module keeps track of all locked files in `lock_file_list` for 10 * use at cleanup. This list and the `lock_file` objects that comprise 11 * it must be kept in self-consistent states at all time, because the 12 * program can be interrupted any time by a signal, in which case the 13 * signal handler will walk through the list attempting to clean up 14 * any open lock files. 15 * 16 * The possible states of a `lock_file` object are as follows: 17 * 18 * - Uninitialized. In this state the object's `on_list` field must be 19 * zero but the rest of its contents need not be initialized. As 20 * soon as the object is used in any way, it is irrevocably 21 * registered in `lock_file_list`, and `on_list` is set. 22 * 23 * - Locked, lockfile open (after `hold_lock_file_for_update()`, 24 * `hold_lock_file_for_append()`, or `reopen_lock_file()`). In this 25 * state: 26 * 27 * - the lockfile exists 28 * - `active` is set 29 * - `filename` holds the filename of the lockfile 30 * - `fd` holds a file descriptor open for writing to the lockfile 31 * - `fp` holds a pointer to an open `FILE` object if and only if 32 * `fdopen_lock_file()` has been called on the object 33 * - `owner` holds the PID of the process that locked the file 34 * 35 * - Locked, lockfile closed (after successful `close_lock_file()`). 36 * Same as the previous state, except that the lockfile is closed 37 * and `fd` is -1. 38 * 39 * - Unlocked (after `commit_lock_file()`, `commit_lock_file_to()`, 40 * `rollback_lock_file()`, a failed attempt to lock, or a failed 41 * `close_lock_file()`). In this state: 42 * 43 * - `active` is unset 44 * - `filename` is empty (usually, though there are transitory 45 * states in which this condition doesn't hold). Client code should 46 * *not* rely on the filename being empty in this state. 47 * - `fd` is -1 48 * - the object is left registered in the `lock_file_list`, and 49 * `on_list` is set. 50 * 51 * A lockfile is owned by the process that created it. The `lock_file` 52 * has an `owner` field that records the owner's PID. This field is 53 * used to prevent a forked process from closing a lockfile created by 54 * its parent. 55 */ 56 57#include"cache.h" 58#include"lockfile.h" 59#include"sigchain.h" 60 61static struct lock_file *volatile lock_file_list; 62 63static voidremove_lock_files(int skip_fclose) 64{ 65 pid_t me =getpid(); 66 67while(lock_file_list) { 68if(lock_file_list->owner == me) { 69/* fclose() is not safe to call in a signal handler */ 70if(skip_fclose) 71 lock_file_list->fp = NULL; 72rollback_lock_file(lock_file_list); 73} 74 lock_file_list = lock_file_list->next; 75} 76} 77 78static voidremove_lock_files_on_exit(void) 79{ 80remove_lock_files(0); 81} 82 83static voidremove_lock_files_on_signal(int signo) 84{ 85remove_lock_files(1); 86sigchain_pop(signo); 87raise(signo); 88} 89 90/* 91 * path = absolute or relative path name 92 * 93 * Remove the last path name element from path (leaving the preceding 94 * "/", if any). If path is empty or the root directory ("/"), set 95 * path to the empty string. 96 */ 97static voidtrim_last_path_component(struct strbuf *path) 98{ 99int i = path->len; 100 101/* back up past trailing slashes, if any */ 102while(i && path->buf[i -1] =='/') 103 i--; 104 105/* 106 * then go backwards until a slash, or the beginning of the 107 * string 108 */ 109while(i && path->buf[i -1] !='/') 110 i--; 111 112strbuf_setlen(path, i); 113} 114 115 116/* We allow "recursive" symbolic links. Only within reason, though */ 117#define MAXDEPTH 5 118 119/* 120 * path contains a path that might be a symlink. 121 * 122 * If path is a symlink, attempt to overwrite it with a path to the 123 * real file or directory (which may or may not exist), following a 124 * chain of symlinks if necessary. Otherwise, leave path unmodified. 125 * 126 * This is a best-effort routine. If an error occurs, path will 127 * either be left unmodified or will name a different symlink in a 128 * symlink chain that started with the original path. 129 */ 130static voidresolve_symlink(struct strbuf *path) 131{ 132int depth = MAXDEPTH; 133static struct strbuf link = STRBUF_INIT; 134 135while(depth--) { 136if(strbuf_readlink(&link, path->buf, path->len) <0) 137break; 138 139if(is_absolute_path(link.buf)) 140/* absolute path simply replaces p */ 141strbuf_reset(path); 142else 143/* 144 * link is a relative path, so replace the 145 * last element of p with it. 146 */ 147trim_last_path_component(path); 148 149strbuf_addbuf(path, &link); 150} 151strbuf_reset(&link); 152} 153 154/* Make sure errno contains a meaningful value on error */ 155static intlock_file(struct lock_file *lk,const char*path,int flags) 156{ 157size_t pathlen =strlen(path); 158 159if(!lock_file_list) { 160/* One-time initialization */ 161sigchain_push_common(remove_lock_files_on_signal); 162atexit(remove_lock_files_on_exit); 163} 164 165if(lk->active) 166die("BUG: cannot lock_file(\"%s\") using active struct lock_file", 167 path); 168if(!lk->on_list) { 169/* Initialize *lk and add it to lock_file_list: */ 170 lk->fd = -1; 171 lk->fp = NULL; 172 lk->active =0; 173 lk->owner =0; 174strbuf_init(&lk->filename, pathlen + LOCK_SUFFIX_LEN); 175 lk->next = lock_file_list; 176 lock_file_list = lk; 177 lk->on_list =1; 178}else if(lk->filename.len) { 179/* This shouldn't happen, but better safe than sorry. */ 180die("BUG: lock_file(\"%s\") called with improperly-reset lock_file object", 181 path); 182} 183 184if(flags & LOCK_NO_DEREF) { 185strbuf_add_absolute_path(&lk->filename, path); 186}else{ 187struct strbuf resolved_path = STRBUF_INIT; 188 189strbuf_add(&resolved_path, path, pathlen); 190resolve_symlink(&resolved_path); 191strbuf_add_absolute_path(&lk->filename, resolved_path.buf); 192strbuf_release(&resolved_path); 193} 194 195strbuf_addstr(&lk->filename, LOCK_SUFFIX); 196 lk->fd =open(lk->filename.buf, O_RDWR | O_CREAT | O_EXCL,0666); 197if(lk->fd <0) { 198strbuf_reset(&lk->filename); 199return-1; 200} 201 lk->owner =getpid(); 202 lk->active =1; 203if(adjust_shared_perm(lk->filename.buf)) { 204int save_errno = errno; 205error("cannot fix permission bits on%s", lk->filename.buf); 206rollback_lock_file(lk); 207 errno = save_errno; 208return-1; 209} 210return lk->fd; 211} 212 213static intsleep_microseconds(long us) 214{ 215struct timeval tv; 216 tv.tv_sec =0; 217 tv.tv_usec = us; 218returnselect(0, NULL, NULL, NULL, &tv); 219} 220 221/* 222 * Constants defining the gaps between attempts to lock a file. The 223 * first backoff period is approximately INITIAL_BACKOFF_MS 224 * milliseconds. The longest backoff period is approximately 225 * (BACKOFF_MAX_MULTIPLIER * INITIAL_BACKOFF_MS) milliseconds. 226 */ 227#define INITIAL_BACKOFF_MS 1L 228#define BACKOFF_MAX_MULTIPLIER 1000 229 230/* 231 * Try locking path, retrying with quadratic backoff for at least 232 * timeout_ms milliseconds. If timeout_ms is 0, try locking the file 233 * exactly once. If timeout_ms is -1, try indefinitely. 234 */ 235static intlock_file_timeout(struct lock_file *lk,const char*path, 236int flags,long timeout_ms) 237{ 238int n =1; 239int multiplier =1; 240long remaining_us =0; 241static int random_initialized =0; 242 243if(timeout_ms ==0) 244returnlock_file(lk, path, flags); 245 246if(!random_initialized) { 247srandom((unsigned int)getpid()); 248 random_initialized =1; 249} 250 251if(timeout_ms >0) { 252/* avoid overflow */ 253if(timeout_ms <= LONG_MAX /1000) 254 remaining_us = timeout_ms *1000; 255else 256 remaining_us = LONG_MAX; 257} 258 259while(1) { 260long backoff_ms, wait_us; 261int fd; 262 263 fd =lock_file(lk, path, flags); 264 265if(fd >=0) 266return fd;/* success */ 267else if(errno != EEXIST) 268return-1;/* failure other than lock held */ 269else if(timeout_ms >0&& remaining_us <=0) 270return-1;/* failure due to timeout */ 271 272 backoff_ms = multiplier * INITIAL_BACKOFF_MS; 273/* back off for between 0.75*backoff_ms and 1.25*backoff_ms */ 274 wait_us = (750+random() %500) * backoff_ms; 275sleep_microseconds(wait_us); 276 remaining_us -= wait_us; 277 278/* Recursion: (n+1)^2 = n^2 + 2n + 1 */ 279 multiplier +=2*n +1; 280if(multiplier > BACKOFF_MAX_MULTIPLIER) 281 multiplier = BACKOFF_MAX_MULTIPLIER; 282else 283 n++; 284} 285} 286 287voidunable_to_lock_message(const char*path,int err,struct strbuf *buf) 288{ 289if(err == EEXIST) { 290strbuf_addf(buf,"Unable to create '%s.lock':%s.\n\n" 291"If no other git process is currently running, this probably means a\n" 292"git process crashed in this repository earlier. Make sure no other git\n" 293"process is running and remove the file manually to continue.", 294absolute_path(path),strerror(err)); 295}else 296strbuf_addf(buf,"Unable to create '%s.lock':%s", 297absolute_path(path),strerror(err)); 298} 299 300NORETURN voidunable_to_lock_die(const char*path,int err) 301{ 302struct strbuf buf = STRBUF_INIT; 303 304unable_to_lock_message(path, err, &buf); 305die("%s", buf.buf); 306} 307 308/* This should return a meaningful errno on failure */ 309inthold_lock_file_for_update_timeout(struct lock_file *lk,const char*path, 310int flags,long timeout_ms) 311{ 312int fd =lock_file_timeout(lk, path, flags, timeout_ms); 313if(fd <0&& (flags & LOCK_DIE_ON_ERROR)) 314unable_to_lock_die(path, errno); 315return fd; 316} 317 318inthold_lock_file_for_append(struct lock_file *lk,const char*path,int flags) 319{ 320int fd, orig_fd; 321 322 fd =lock_file(lk, path, flags); 323if(fd <0) { 324if(flags & LOCK_DIE_ON_ERROR) 325unable_to_lock_die(path, errno); 326return fd; 327} 328 329 orig_fd =open(path, O_RDONLY); 330if(orig_fd <0) { 331if(errno != ENOENT) { 332int save_errno = errno; 333 334if(flags & LOCK_DIE_ON_ERROR) 335die("cannot open '%s' for copying", path); 336rollback_lock_file(lk); 337error("cannot open '%s' for copying", path); 338 errno = save_errno; 339return-1; 340} 341}else if(copy_fd(orig_fd, fd)) { 342int save_errno = errno; 343 344if(flags & LOCK_DIE_ON_ERROR) 345die("failed to prepare '%s' for appending", path); 346close(orig_fd); 347rollback_lock_file(lk); 348 errno = save_errno; 349return-1; 350}else{ 351close(orig_fd); 352} 353return fd; 354} 355 356FILE*fdopen_lock_file(struct lock_file *lk,const char*mode) 357{ 358if(!lk->active) 359die("BUG: fdopen_lock_file() called for unlocked object"); 360if(lk->fp) 361die("BUG: fdopen_lock_file() called twice for file '%s'", lk->filename.buf); 362 363 lk->fp =fdopen(lk->fd, mode); 364return lk->fp; 365} 366 367const char*get_lock_file_path(struct lock_file *lk) 368{ 369if(!lk->active) 370die("BUG: get_lock_file_path() called for unlocked object"); 371return lk->filename.buf; 372} 373 374intget_lock_file_fd(struct lock_file *lk) 375{ 376if(!lk->active) 377die("BUG: get_lock_file_fd() called for unlocked object"); 378return lk->fd; 379} 380 381FILE*get_lock_file_fp(struct lock_file *lk) 382{ 383if(!lk->active) 384die("BUG: get_lock_file_fp() called for unlocked object"); 385return lk->fp; 386} 387 388char*get_locked_file_path(struct lock_file *lk) 389{ 390if(!lk->active) 391die("BUG: get_locked_file_path() called for unlocked object"); 392if(lk->filename.len <= LOCK_SUFFIX_LEN) 393die("BUG: get_locked_file_path() called for malformed lock object"); 394returnxmemdupz(lk->filename.buf, lk->filename.len - LOCK_SUFFIX_LEN); 395} 396 397intclose_lock_file(struct lock_file *lk) 398{ 399int fd = lk->fd; 400FILE*fp = lk->fp; 401int err; 402 403if(fd <0) 404return0; 405 406 lk->fd = -1; 407if(fp) { 408 lk->fp = NULL; 409 410/* 411 * Note: no short-circuiting here; we want to fclose() 412 * in any case! 413 */ 414 err =ferror(fp) |fclose(fp); 415}else{ 416 err =close(fd); 417} 418 419if(err) { 420int save_errno = errno; 421rollback_lock_file(lk); 422 errno = save_errno; 423return-1; 424} 425 426return0; 427} 428 429intreopen_lock_file(struct lock_file *lk) 430{ 431if(0<= lk->fd) 432die(_("BUG: reopen a lockfile that is still open")); 433if(!lk->active) 434die(_("BUG: reopen a lockfile that has been committed")); 435 lk->fd =open(lk->filename.buf, O_WRONLY); 436return lk->fd; 437} 438 439intcommit_lock_file_to(struct lock_file *lk,const char*path) 440{ 441if(!lk->active) 442die("BUG: attempt to commit unlocked object to\"%s\"", path); 443 444if(close_lock_file(lk)) 445return-1; 446 447if(rename(lk->filename.buf, path)) { 448int save_errno = errno; 449rollback_lock_file(lk); 450 errno = save_errno; 451return-1; 452} 453 454 lk->active =0; 455strbuf_reset(&lk->filename); 456return0; 457} 458 459intcommit_lock_file(struct lock_file *lk) 460{ 461static struct strbuf result_file = STRBUF_INIT; 462int err; 463 464if(!lk->active) 465die("BUG: attempt to commit unlocked object"); 466 467if(lk->filename.len <= LOCK_SUFFIX_LEN || 468strcmp(lk->filename.buf + lk->filename.len - LOCK_SUFFIX_LEN, LOCK_SUFFIX)) 469die("BUG: lockfile filename corrupt"); 470 471/* remove ".lock": */ 472strbuf_add(&result_file, lk->filename.buf, 473 lk->filename.len - LOCK_SUFFIX_LEN); 474 err =commit_lock_file_to(lk, result_file.buf); 475strbuf_reset(&result_file); 476return err; 477} 478 479voidrollback_lock_file(struct lock_file *lk) 480{ 481if(!lk->active) 482return; 483 484if(!close_lock_file(lk)) { 485unlink_or_warn(lk->filename.buf); 486 lk->active =0; 487strbuf_reset(&lk->filename); 488} 489}