fsck: detect trailing garbage in all object types
[gitweb.git] / refs / files-backend.c
index 396647b396c0362126cc0eae19ab0330d386b9cb..f9023939d5884e0f975d5997336313695e407ca1 100644 (file)
@@ -501,7 +501,7 @@ static void sort_ref_dir(struct ref_dir *dir)
        if (dir->sorted == dir->nr)
                return;
 
-       qsort(dir->entries, dir->nr, sizeof(*dir->entries), ref_entry_cmp);
+       QSORT(dir->entries, dir->nr, ref_entry_cmp);
 
        /* Remove any duplicates: */
        for (i = 0, j = 0; j < dir->nr; j++) {
@@ -997,22 +997,6 @@ static struct files_ref_store *files_downcast(
        return (struct files_ref_store *)ref_store;
 }
 
-/*
- * Return a pointer to the reference store for the specified
- * submodule. For the main repository, use submodule==NULL; such a
- * call cannot fail. For a submodule, the submodule must exist and be
- * a nonbare repository, otherwise return NULL. Verify that the
- * reference store is a files_ref_store, and cast it to that type
- * before returning it.
- */
-static struct files_ref_store *get_files_ref_store(const char *submodule,
-                                                  const char *caller)
-{
-       struct ref_store *refs = get_ref_store(submodule);
-
-       return refs ? files_downcast(refs, 1, caller) : NULL;
-}
-
 /* The length of a peeled reference line in packed-refs, including EOL: */
 #define PEELED_LINE_LENGTH 42
 
@@ -1217,13 +1201,19 @@ static void read_loose_refs(const char *dirname, struct ref_dir *dir)
        struct strbuf refname;
        struct strbuf path = STRBUF_INIT;
        size_t path_baselen;
+       int err = 0;
 
        if (*refs->base.submodule)
-               strbuf_git_path_submodule(&path, refs->base.submodule, "%s", dirname);
+               err = strbuf_git_path_submodule(&path, refs->base.submodule, "%s", dirname);
        else
                strbuf_git_path(&path, "%s", dirname);
        path_baselen = path.len;
 
+       if (err) {
+               strbuf_release(&path);
+               return;
+       }
+
        d = opendir(path.buf);
        if (!d) {
                strbuf_release(&path);
@@ -1363,6 +1353,7 @@ static int files_read_raw_ref(struct ref_store *ref_store,
        int fd;
        int ret = -1;
        int save_errno;
+       int remaining_retries = 3;
 
        *type = 0;
        strbuf_reset(&sb_path);
@@ -1383,8 +1374,14 @@ static int files_read_raw_ref(struct ref_store *ref_store,
         * <-> symlink) between the lstat() and reading, then
         * we don't want to report that as an error but rather
         * try again starting with the lstat().
+        *
+        * We'll keep a count of the retries, though, just to avoid
+        * any confusing situation sending us into an infinite loop.
         */
 
+       if (remaining_retries-- <= 0)
+               goto out;
+
        if (lstat(path, &st) < 0) {
                if (errno != ENOENT)
                        goto out;
@@ -1413,6 +1410,11 @@ static int files_read_raw_ref(struct ref_store *ref_store,
                        ret = 0;
                        goto out;
                }
+               /*
+                * It doesn't look like a refname; fall through to just
+                * treating it like a non-symlink, and reading whatever it
+                * points to.
+                */
        }
 
        /* Is it a directory? */
@@ -1436,7 +1438,7 @@ static int files_read_raw_ref(struct ref_store *ref_store,
         */
        fd = open(path, O_RDONLY);
        if (fd < 0) {
-               if (errno == ENOENT)
+               if (errno == ENOENT && !S_ISLNK(st.st_mode))
                        /* inconsistent with lstat; retry */
                        goto stat_ref;
                else
@@ -1814,6 +1816,10 @@ static int files_ref_iterator_advance(struct ref_iterator *ref_iterator)
        int ok;
 
        while ((ok = ref_iterator_advance(iter->iter0)) == ITER_OK) {
+               if (iter->flags & DO_FOR_EACH_PER_WORKTREE_ONLY &&
+                   ref_type(iter->iter0->refname) != REF_TYPE_PER_WORKTREE)
+                       continue;
+
                if (!(iter->flags & DO_FOR_EACH_INCLUDE_BROKEN) &&
                    !ref_resolves_to_object(iter->iter0->refname,
                                            iter->iter0->oid,
@@ -1862,12 +1868,12 @@ static struct ref_iterator_vtable files_ref_iterator_vtable = {
        files_ref_iterator_abort
 };
 
-struct ref_iterator *files_ref_iterator_begin(
-               const char *submodule,
+static struct ref_iterator *files_ref_iterator_begin(
+               struct ref_store *ref_store,
                const char *prefix, unsigned int flags)
 {
        struct files_ref_store *refs =
-               get_files_ref_store(submodule, "ref_iterator_begin");
+               files_downcast(ref_store, 1, "ref_iterator_begin");
        struct ref_dir *loose_dir, *packed_dir;
        struct ref_iterator *loose_iter, *packed_iter;
        struct files_ref_iterator *iter;
@@ -1954,14 +1960,14 @@ static int verify_lock(struct ref_lock *lock,
                        errno = save_errno;
                        return -1;
                } else {
-                       hashclr(lock->old_oid.hash);
+                       oidclr(&lock->old_oid);
                        return 0;
                }
        }
        if (old_sha1 && hashcmp(lock->old_oid.hash, old_sha1)) {
                strbuf_addf(err, "ref '%s' is at %s but expected %s",
                            lock->ref_name,
-                           sha1_to_hex(lock->old_oid.hash),
+                           oid_to_hex(&lock->old_oid),
                            sha1_to_hex(old_sha1));
                errno = EBUSY;
                return -1;
@@ -2451,10 +2457,11 @@ static int delete_ref_loose(struct ref_lock *lock, int flag, struct strbuf *err)
        return 0;
 }
 
-int delete_refs(struct string_list *refnames, unsigned int flags)
+static int files_delete_refs(struct ref_store *ref_store,
+                            struct string_list *refnames, unsigned int flags)
 {
        struct files_ref_store *refs =
-               get_files_ref_store(NULL, "delete_refs");
+               files_downcast(ref_store, 0, "delete_refs");
        struct strbuf err = STRBUF_INIT;
        int i, result = 0;
 
@@ -2579,9 +2586,12 @@ static int commit_ref_update(struct files_ref_store *refs,
                             const unsigned char *sha1, const char *logmsg,
                             struct strbuf *err);
 
-int rename_ref(const char *oldrefname, const char *newrefname, const char *logmsg)
+static int files_rename_ref(struct ref_store *ref_store,
+                           const char *oldrefname, const char *newrefname,
+                           const char *logmsg)
 {
-       struct files_ref_store *refs = get_files_ref_store(NULL, "rename_ref");
+       struct files_ref_store *refs =
+               files_downcast(ref_store, 0, "rename_ref");
        unsigned char sha1[20], orig_sha1[20];
        int flag = 0, logmoved = 0;
        struct ref_lock *lock;
@@ -2777,11 +2787,16 @@ static int log_ref_setup(const char *refname, struct strbuf *logfile, struct str
 }
 
 
-int safe_create_reflog(const char *refname, int force_create, struct strbuf *err)
+static int files_create_reflog(struct ref_store *ref_store,
+                              const char *refname, int force_create,
+                              struct strbuf *err)
 {
        int ret;
        struct strbuf sb = STRBUF_INIT;
 
+       /* Check validity (but we don't need the result): */
+       files_downcast(ref_store, 0, "create_reflog");
+
        ret = log_ref_setup(refname, &sb, err, force_create);
        strbuf_release(&sb);
        return ret;
@@ -3075,16 +3090,24 @@ int set_worktree_head_symref(const char *gitdir, const char *target)
        return ret;
 }
 
-int reflog_exists(const char *refname)
+static int files_reflog_exists(struct ref_store *ref_store,
+                              const char *refname)
 {
        struct stat st;
 
+       /* Check validity (but we don't need the result): */
+       files_downcast(ref_store, 0, "reflog_exists");
+
        return !lstat(git_path("logs/%s", refname), &st) &&
                S_ISREG(st.st_mode);
 }
 
-int delete_reflog(const char *refname)
+static int files_delete_reflog(struct ref_store *ref_store,
+                              const char *refname)
 {
+       /* Check validity (but we don't need the result): */
+       files_downcast(ref_store, 0, "delete_reflog");
+
        return remove_path(git_path("logs/%s", refname));
 }
 
@@ -3127,13 +3150,19 @@ static char *find_beginning_of_line(char *bob, char *scan)
        return scan;
 }
 
-int for_each_reflog_ent_reverse(const char *refname, each_reflog_ent_fn fn, void *cb_data)
+static int files_for_each_reflog_ent_reverse(struct ref_store *ref_store,
+                                            const char *refname,
+                                            each_reflog_ent_fn fn,
+                                            void *cb_data)
 {
        struct strbuf sb = STRBUF_INIT;
        FILE *logfp;
        long pos;
        int ret = 0, at_tail = 1;
 
+       /* Check validity (but we don't need the result): */
+       files_downcast(ref_store, 0, "for_each_reflog_ent_reverse");
+
        logfp = fopen(git_path("logs/%s", refname), "r");
        if (!logfp)
                return -1;
@@ -3229,12 +3258,17 @@ int for_each_reflog_ent_reverse(const char *refname, each_reflog_ent_fn fn, void
        return ret;
 }
 
-int for_each_reflog_ent(const char *refname, each_reflog_ent_fn fn, void *cb_data)
+static int files_for_each_reflog_ent(struct ref_store *ref_store,
+                                    const char *refname,
+                                    each_reflog_ent_fn fn, void *cb_data)
 {
        FILE *logfp;
        struct strbuf sb = STRBUF_INIT;
        int ret = 0;
 
+       /* Check validity (but we don't need the result): */
+       files_downcast(ref_store, 0, "for_each_reflog_ent");
+
        logfp = fopen(git_path("logs/%s", refname), "r");
        if (!logfp)
                return -1;
@@ -3313,22 +3347,19 @@ static struct ref_iterator_vtable files_reflog_iterator_vtable = {
        files_reflog_iterator_abort
 };
 
-struct ref_iterator *files_reflog_iterator_begin(void)
+static struct ref_iterator *files_reflog_iterator_begin(struct ref_store *ref_store)
 {
        struct files_reflog_iterator *iter = xcalloc(1, sizeof(*iter));
        struct ref_iterator *ref_iterator = &iter->base;
 
+       /* Check validity (but we don't need the result): */
+       files_downcast(ref_store, 0, "reflog_iterator_begin");
+
        base_ref_iterator_init(ref_iterator, &files_reflog_iterator_vtable);
        iter->dir_iterator = dir_iterator_begin(git_path("logs"));
        return ref_iterator;
 }
 
-int for_each_reflog(each_ref_fn fn, void *cb_data)
-{
-       return do_for_each_ref_iterator(files_reflog_iterator_begin(),
-                                       fn, cb_data);
-}
-
 static int ref_update_reject_duplicates(struct string_list *refnames,
                                        struct strbuf *err)
 {
@@ -3401,7 +3432,8 @@ static int split_head_update(struct ref_update *update,
  * Note that the new update will itself be subject to splitting when
  * the iteration gets to it.
  */
-static int split_symref_update(struct ref_update *update,
+static int split_symref_update(struct files_ref_store *refs,
+                              struct ref_update *update,
                               const char *referent,
                               struct ref_transaction *transaction,
                               struct string_list *affected_refnames,
@@ -3470,6 +3502,38 @@ static const char *original_update_refname(struct ref_update *update)
        return update->refname;
 }
 
+/*
+ * Check whether the REF_HAVE_OLD and old_oid values stored in update
+ * are consistent with oid, which is the reference's current value. If
+ * everything is OK, return 0; otherwise, write an error message to
+ * err and return -1.
+ */
+static int check_old_oid(struct ref_update *update, struct object_id *oid,
+                        struct strbuf *err)
+{
+       if (!(update->flags & REF_HAVE_OLD) ||
+                  !hashcmp(oid->hash, update->old_sha1))
+               return 0;
+
+       if (is_null_sha1(update->old_sha1))
+               strbuf_addf(err, "cannot lock ref '%s': "
+                           "reference already exists",
+                           original_update_refname(update));
+       else if (is_null_oid(oid))
+               strbuf_addf(err, "cannot lock ref '%s': "
+                           "reference is missing but expected %s",
+                           original_update_refname(update),
+                           sha1_to_hex(update->old_sha1));
+       else
+               strbuf_addf(err, "cannot lock ref '%s': "
+                           "is at %s but expected %s",
+                           original_update_refname(update),
+                           oid_to_hex(oid),
+                           sha1_to_hex(update->old_sha1));
+
+       return -1;
+}
+
 /*
  * Prepare for carrying out update:
  * - Lock the reference referred to by update.
@@ -3510,20 +3574,19 @@ static int lock_ref_for_update(struct files_ref_store *refs,
 
        ret = lock_raw_ref(refs, update->refname, mustexist,
                           affected_refnames, NULL,
-                          &update->lock, &referent,
+                          &lock, &referent,
                           &update->type, err);
-
        if (ret) {
                char *reason;
 
                reason = strbuf_detach(err, NULL);
                strbuf_addf(err, "cannot lock ref '%s': %s",
-                           update->refname, reason);
+                           original_update_refname(update), reason);
                free(reason);
                return ret;
        }
 
-       lock = update->lock;
+       update->backend_data = lock;
 
        if (update->type & REF_ISSYMREF) {
                if (update->flags & REF_NODEREF) {
@@ -3532,28 +3595,17 @@ static int lock_ref_for_update(struct files_ref_store *refs,
                         * the transaction, so we have to read it here
                         * to record and possibly check old_sha1:
                         */
-                       if (read_ref_full(update->refname,
-                                         mustexist ? RESOLVE_REF_READING : 0,
+                       if (read_ref_full(referent.buf, 0,
                                          lock->old_oid.hash, NULL)) {
                                if (update->flags & REF_HAVE_OLD) {
                                        strbuf_addf(err, "cannot lock ref '%s': "
-                                                   "can't resolve old value",
-                                                   update->refname);
-                                       return TRANSACTION_GENERIC_ERROR;
-                               } else {
-                                       hashclr(lock->old_oid.hash);
+                                                   "error reading reference",
+                                                   original_update_refname(update));
+                                       return -1;
                                }
-                       }
-                       if ((update->flags & REF_HAVE_OLD) &&
-                           hashcmp(lock->old_oid.hash, update->old_sha1)) {
-                               strbuf_addf(err, "cannot lock ref '%s': "
-                                           "is at %s but expected %s",
-                                           update->refname,
-                                           sha1_to_hex(lock->old_oid.hash),
-                                           sha1_to_hex(update->old_sha1));
+                       } else if (check_old_oid(update, &lock->old_oid, err)) {
                                return TRANSACTION_GENERIC_ERROR;
                        }
-
                } else {
                        /*
                         * Create a new update for the reference this
@@ -3562,7 +3614,8 @@ static int lock_ref_for_update(struct files_ref_store *refs,
                         * of processing the split-off update, so we
                         * don't have to do it here.
                         */
-                       ret = split_symref_update(update, referent.buf, transaction,
+                       ret = split_symref_update(refs, update,
+                                                 referent.buf, transaction,
                                                  affected_refnames, err);
                        if (ret)
                                return ret;
@@ -3570,6 +3623,9 @@ static int lock_ref_for_update(struct files_ref_store *refs,
        } else {
                struct ref_update *parent_update;
 
+               if (check_old_oid(update, &lock->old_oid, err))
+                       return TRANSACTION_GENERIC_ERROR;
+
                /*
                 * If this update is happening indirectly because of a
                 * symref update, record the old SHA-1 in the parent
@@ -3578,21 +3634,8 @@ static int lock_ref_for_update(struct files_ref_store *refs,
                for (parent_update = update->parent_update;
                     parent_update;
                     parent_update = parent_update->parent_update) {
-                       oidcpy(&parent_update->lock->old_oid, &lock->old_oid);
-               }
-
-               if ((update->flags & REF_HAVE_OLD) &&
-                   hashcmp(lock->old_oid.hash, update->old_sha1)) {
-                       if (is_null_sha1(update->old_sha1))
-                               strbuf_addf(err, "cannot lock ref '%s': reference already exists",
-                                           original_update_refname(update));
-                       else
-                               strbuf_addf(err, "cannot lock ref '%s': is at %s but expected %s",
-                                           original_update_refname(update),
-                                           sha1_to_hex(lock->old_oid.hash),
-                                           sha1_to_hex(update->old_sha1));
-
-                       return TRANSACTION_GENERIC_ERROR;
+                       struct ref_lock *parent_lock = parent_update->backend_data;
+                       oidcpy(&parent_lock->old_oid, &lock->old_oid);
                }
        }
 
@@ -3613,9 +3656,9 @@ static int lock_ref_for_update(struct files_ref_store *refs,
                         * The lock was freed upon failure of
                         * write_ref_to_lockfile():
                         */
-                       update->lock = NULL;
+                       update->backend_data = NULL;
                        strbuf_addf(err,
-                                   "cannot update the ref '%s': %s",
+                                   "cannot update ref '%s': %s",
                                    update->refname, write_err);
                        free(write_err);
                        return TRANSACTION_GENERIC_ERROR;
@@ -3731,7 +3774,7 @@ static int files_transaction_commit(struct ref_store *ref_store,
        /* Perform updates first so live commits remain referenced */
        for (i = 0; i < transaction->nr; i++) {
                struct ref_update *update = transaction->updates[i];
-               struct ref_lock *lock = update->lock;
+               struct ref_lock *lock = update->backend_data;
 
                if (update->flags & REF_NEEDS_COMMIT ||
                    update->flags & REF_LOG_ONLY) {
@@ -3744,7 +3787,7 @@ static int files_transaction_commit(struct ref_store *ref_store,
                                            lock->ref_name, old_msg);
                                free(old_msg);
                                unlock_ref(lock);
-                               update->lock = NULL;
+                               update->backend_data = NULL;
                                ret = TRANSACTION_GENERIC_ERROR;
                                goto cleanup;
                        }
@@ -3754,7 +3797,7 @@ static int files_transaction_commit(struct ref_store *ref_store,
                        if (commit_ref(lock)) {
                                strbuf_addf(err, "couldn't set '%s'", lock->ref_name);
                                unlock_ref(lock);
-                               update->lock = NULL;
+                               update->backend_data = NULL;
                                ret = TRANSACTION_GENERIC_ERROR;
                                goto cleanup;
                        }
@@ -3763,17 +3806,18 @@ static int files_transaction_commit(struct ref_store *ref_store,
        /* Perform deletes now that updates are safely completed */
        for (i = 0; i < transaction->nr; i++) {
                struct ref_update *update = transaction->updates[i];
+               struct ref_lock *lock = update->backend_data;
 
                if (update->flags & REF_DELETING &&
                    !(update->flags & REF_LOG_ONLY)) {
-                       if (delete_ref_loose(update->lock, update->type, err)) {
+                       if (delete_ref_loose(lock, update->type, err)) {
                                ret = TRANSACTION_GENERIC_ERROR;
                                goto cleanup;
                        }
 
                        if (!(update->flags & REF_ISPRUNING))
                                string_list_append(&refs_to_delete,
-                                                  update->lock->ref_name);
+                                                  lock->ref_name);
                }
        }
 
@@ -3789,8 +3833,8 @@ static int files_transaction_commit(struct ref_store *ref_store,
        transaction->state = REF_TRANSACTION_CLOSED;
 
        for (i = 0; i < transaction->nr; i++)
-               if (transaction->updates[i]->lock)
-                       unlock_ref(transaction->updates[i]->lock);
+               if (transaction->updates[i]->backend_data)
+                       unlock_ref(transaction->updates[i]->backend_data);
        string_list_clear(&refs_to_delete, 0);
        free(head_ref);
        string_list_clear(&affected_refnames, 0);
@@ -3806,11 +3850,12 @@ static int ref_present(const char *refname,
        return string_list_has_string(affected_refnames, refname);
 }
 
-int initial_ref_transaction_commit(struct ref_transaction *transaction,
-                                  struct strbuf *err)
+static int files_initial_transaction_commit(struct ref_store *ref_store,
+                                           struct ref_transaction *transaction,
+                                           struct strbuf *err)
 {
        struct files_ref_store *refs =
-               get_files_ref_store(NULL, "initial_ref_transaction_commit");
+               files_downcast(ref_store, 0, "initial_ref_transaction_commit");
        int ret = 0, i;
        struct string_list affected_refnames = STRING_LIST_INIT_NODUP;
 
@@ -3923,15 +3968,16 @@ static int expire_reflog_ent(unsigned char *osha1, unsigned char *nsha1,
        return 0;
 }
 
-int reflog_expire(const char *refname, const unsigned char *sha1,
-                unsigned int flags,
-                reflog_expiry_prepare_fn prepare_fn,
-                reflog_expiry_should_prune_fn should_prune_fn,
-                reflog_expiry_cleanup_fn cleanup_fn,
-                void *policy_cb_data)
+static int files_reflog_expire(struct ref_store *ref_store,
+                              const char *refname, const unsigned char *sha1,
+                              unsigned int flags,
+                              reflog_expiry_prepare_fn prepare_fn,
+                              reflog_expiry_should_prune_fn should_prune_fn,
+                              reflog_expiry_cleanup_fn cleanup_fn,
+                              void *policy_cb_data)
 {
        struct files_ref_store *refs =
-               get_files_ref_store(NULL, "reflog_expire");
+               files_downcast(ref_store, 0, "reflog_expire");
        static struct lock_file reflog_lock;
        struct expire_reflog_cb cb;
        struct ref_lock *lock;
@@ -4032,16 +4078,46 @@ int reflog_expire(const char *refname, const unsigned char *sha1,
        return -1;
 }
 
+static int files_init_db(struct ref_store *ref_store, struct strbuf *err)
+{
+       /* Check validity (but we don't need the result): */
+       files_downcast(ref_store, 0, "init_db");
+
+       /*
+        * Create .git/refs/{heads,tags}
+        */
+       safe_create_dir(git_path("refs/heads"), 1);
+       safe_create_dir(git_path("refs/tags"), 1);
+       if (get_shared_repository()) {
+               adjust_shared_perm(git_path("refs/heads"));
+               adjust_shared_perm(git_path("refs/tags"));
+       }
+       return 0;
+}
+
 struct ref_storage_be refs_be_files = {
        NULL,
        "files",
        files_ref_store_create,
+       files_init_db,
        files_transaction_commit,
+       files_initial_transaction_commit,
 
        files_pack_refs,
        files_peel_ref,
        files_create_symref,
+       files_delete_refs,
+       files_rename_ref,
 
+       files_ref_iterator_begin,
        files_read_raw_ref,
-       files_verify_refname_available
+       files_verify_refname_available,
+
+       files_reflog_iterator_begin,
+       files_for_each_reflog_ent,
+       files_for_each_reflog_ent_reverse,
+       files_reflog_exists,
+       files_create_reflog,
+       files_delete_reflog,
+       files_reflog_expire
 };