mirror of
https://github.com/git/git
synced 2024-10-30 04:01:21 +00:00
d1efefa46f
Tim Ansell discovered his Debian server didn't permit git-daemon to use as much memory as it needed to handle cloning a project with a 128 MiB packfile. Filtering the strace provided by Tim of the rev-list child showed this gem of a sequence: open("./objects/pack/pack-*.pack", O_RDONLY|O_LARGEFILE <unfinished ...> <... open resumed> ) = 5 OK, so the packfile is fd 5... mmap2(NULL, 33554432, PROT_READ, MAP_PRIVATE, 5, 0 <unfinished ...> <... mmap2 resumed> ) = 0xb5e2d000 and we mapped one 32 MiB window from it at position 0... mmap2(NULL, 31020635, PROT_READ, MAP_PRIVATE, 5, 0x6000 <unfinished ...> <... mmap2 resumed> ) = -1 ENOMEM (Cannot allocate memory) And we asked for another window further into the file. But got denied. In Tim's case this was due to a resource limit on the git-daemon process, and its children. Now where are we in the code? We're down inside use_pack(), after we have called unuse_one_window() enough times to make sure we stay within our allowed maximum window size. However since we didn't unmap the prior window at 0xb5e2d000 we aren't exceeding the current limit (which probably was just the defaults). But we're actually down inside xmmap()... So we release the window we do have (by calling release_pack_memory), assuming there is some memory pressure... munmap(0xb5e2d000, 33554432 <unfinished ...> <... munmap resumed> ) = 0 close(5 <unfinished ...> <... close resumed> ) = 0 And that was the last window in this packfile. So we closed it. Way to go us. Our xmmap did not expect release_pack_memory to close the fd its about to map... mmap2(NULL, 31020635, PROT_READ, MAP_PRIVATE, 5, 0x6000 <unfinished ...> <... mmap2 resumed> ) = -1 EBADF (Bad file descriptor) And so the Linux kernel happily tells us f' off. write(2, "fatal: ", 7 <unfinished ...> <... write resumed> ) = 7 write(2, "Out of memory? mmap failed: Bad "..., 47 <unfinished ...> <... write resumed> ) = 47 And we report the bad file descriptor error, and not the ENOMEM, and die, claiming we are out of memory. But actually that mmap should have succeeded, as we had enough memory for that window, seeing as how we released the prior one. Originally when I developed the sliding window mmap feature I had this exact same bug in fast-import, and I dealt with it by handing in the struct packed_git* we want to open the new window for, as the caller wasn't prepared to reopen the packfile if unuse_one_window closed it. The same is true here from xmmap, but the caller doesn't have the struct packed_git* handy. So I'm using the file descriptor instead to perform the same test. Signed-off-by: Shawn O. Pearce <spearce@spearce.org> Signed-off-by: Junio C Hamano <junkio@cox.net>
317 lines
7.2 KiB
C
317 lines
7.2 KiB
C
#ifndef GIT_COMPAT_UTIL_H
|
|
#define GIT_COMPAT_UTIL_H
|
|
|
|
#define _FILE_OFFSET_BITS 64
|
|
|
|
#ifndef FLEX_ARRAY
|
|
#if defined(__GNUC__) && (__GNUC__ < 3)
|
|
#define FLEX_ARRAY 0
|
|
#else
|
|
#define FLEX_ARRAY /* empty */
|
|
#endif
|
|
#endif
|
|
|
|
#define ARRAY_SIZE(x) (sizeof(x)/sizeof(x[0]))
|
|
|
|
#if !defined(__APPLE__) && !defined(__FreeBSD__)
|
|
#define _XOPEN_SOURCE 600 /* glibc2 and AIX 5.3L need 500, OpenBSD needs 600 for S_ISLNK() */
|
|
#define _XOPEN_SOURCE_EXTENDED 1 /* AIX 5.3L needs this */
|
|
#endif
|
|
#define _ALL_SOURCE 1
|
|
#define _GNU_SOURCE 1
|
|
#define _BSD_SOURCE 1
|
|
|
|
#include <unistd.h>
|
|
#include <stdio.h>
|
|
#include <sys/stat.h>
|
|
#include <fcntl.h>
|
|
#include <stddef.h>
|
|
#include <stdlib.h>
|
|
#include <stdarg.h>
|
|
#include <string.h>
|
|
#include <errno.h>
|
|
#include <limits.h>
|
|
#include <sys/param.h>
|
|
#include <sys/types.h>
|
|
#include <dirent.h>
|
|
#include <sys/time.h>
|
|
#include <time.h>
|
|
#include <signal.h>
|
|
#include <sys/wait.h>
|
|
#include <fnmatch.h>
|
|
#include <sys/poll.h>
|
|
#include <sys/socket.h>
|
|
#include <assert.h>
|
|
#include <regex.h>
|
|
#include <netinet/in.h>
|
|
#include <netinet/tcp.h>
|
|
#include <arpa/inet.h>
|
|
#include <netdb.h>
|
|
#include <pwd.h>
|
|
#include <inttypes.h>
|
|
#if defined(__CYGWIN__)
|
|
#undef _XOPEN_SOURCE
|
|
#include <grp.h>
|
|
#define _XOPEN_SOURCE 600
|
|
#else
|
|
#undef _ALL_SOURCE /* AIX 5.3L defines a struct list with _ALL_SOURCE. */
|
|
#include <grp.h>
|
|
#define _ALL_SOURCE 1
|
|
#endif
|
|
|
|
#ifndef NO_ICONV
|
|
#include <iconv.h>
|
|
#endif
|
|
|
|
/* On most systems <limits.h> would have given us this, but
|
|
* not on some systems (e.g. GNU/Hurd).
|
|
*/
|
|
#ifndef PATH_MAX
|
|
#define PATH_MAX 4096
|
|
#endif
|
|
|
|
#ifndef PRIuMAX
|
|
#define PRIuMAX "llu"
|
|
#endif
|
|
|
|
#ifdef __GNUC__
|
|
#define NORETURN __attribute__((__noreturn__))
|
|
#else
|
|
#define NORETURN
|
|
#ifndef __attribute__
|
|
#define __attribute__(x)
|
|
#endif
|
|
#endif
|
|
|
|
/* General helper functions */
|
|
extern void usage(const char *err) NORETURN;
|
|
extern void die(const char *err, ...) NORETURN __attribute__((format (printf, 1, 2)));
|
|
extern int error(const char *err, ...) __attribute__((format (printf, 1, 2)));
|
|
extern void warning(const char *err, ...) __attribute__((format (printf, 1, 2)));
|
|
|
|
extern void set_usage_routine(void (*routine)(const char *err) NORETURN);
|
|
extern void set_die_routine(void (*routine)(const char *err, va_list params) NORETURN);
|
|
extern void set_error_routine(void (*routine)(const char *err, va_list params));
|
|
extern void set_warn_routine(void (*routine)(const char *warn, va_list params));
|
|
|
|
#ifdef NO_MMAP
|
|
|
|
#ifndef PROT_READ
|
|
#define PROT_READ 1
|
|
#define PROT_WRITE 2
|
|
#define MAP_PRIVATE 1
|
|
#define MAP_FAILED ((void*)-1)
|
|
#endif
|
|
|
|
#define mmap git_mmap
|
|
#define munmap git_munmap
|
|
extern void *git_mmap(void *start, size_t length, int prot, int flags, int fd, off_t offset);
|
|
extern int git_munmap(void *start, size_t length);
|
|
|
|
/* This value must be multiple of (pagesize * 2) */
|
|
#define DEFAULT_PACKED_GIT_WINDOW_SIZE (1 * 1024 * 1024)
|
|
|
|
#else /* NO_MMAP */
|
|
|
|
#include <sys/mman.h>
|
|
|
|
/* This value must be multiple of (pagesize * 2) */
|
|
#define DEFAULT_PACKED_GIT_WINDOW_SIZE \
|
|
(sizeof(void*) >= 8 \
|
|
? 1 * 1024 * 1024 * 1024 \
|
|
: 32 * 1024 * 1024)
|
|
|
|
#endif /* NO_MMAP */
|
|
|
|
#define DEFAULT_PACKED_GIT_LIMIT \
|
|
((1024L * 1024L) * (sizeof(void*) >= 8 ? 8192 : 256))
|
|
|
|
#ifdef NO_PREAD
|
|
#define pread git_pread
|
|
extern ssize_t git_pread(int fd, void *buf, size_t count, off_t offset);
|
|
#endif
|
|
|
|
#ifdef NO_SETENV
|
|
#define setenv gitsetenv
|
|
extern int gitsetenv(const char *, const char *, int);
|
|
#endif
|
|
|
|
#ifdef NO_UNSETENV
|
|
#define unsetenv gitunsetenv
|
|
extern void gitunsetenv(const char *);
|
|
#endif
|
|
|
|
#ifdef NO_STRCASESTR
|
|
#define strcasestr gitstrcasestr
|
|
extern char *gitstrcasestr(const char *haystack, const char *needle);
|
|
#endif
|
|
|
|
#ifdef NO_STRLCPY
|
|
#define strlcpy gitstrlcpy
|
|
extern size_t gitstrlcpy(char *, const char *, size_t);
|
|
#endif
|
|
|
|
#ifdef NO_STRTOUMAX
|
|
#define strtoumax gitstrtoumax
|
|
extern uintmax_t gitstrtoumax(const char *, char **, int);
|
|
#endif
|
|
|
|
extern void release_pack_memory(size_t, int);
|
|
|
|
static inline char* xstrdup(const char *str)
|
|
{
|
|
char *ret = strdup(str);
|
|
if (!ret) {
|
|
release_pack_memory(strlen(str) + 1, -1);
|
|
ret = strdup(str);
|
|
if (!ret)
|
|
die("Out of memory, strdup failed");
|
|
}
|
|
return ret;
|
|
}
|
|
|
|
static inline void *xmalloc(size_t size)
|
|
{
|
|
void *ret = malloc(size);
|
|
if (!ret && !size)
|
|
ret = malloc(1);
|
|
if (!ret) {
|
|
release_pack_memory(size, -1);
|
|
ret = malloc(size);
|
|
if (!ret && !size)
|
|
ret = malloc(1);
|
|
if (!ret)
|
|
die("Out of memory, malloc failed");
|
|
}
|
|
#ifdef XMALLOC_POISON
|
|
memset(ret, 0xA5, size);
|
|
#endif
|
|
return ret;
|
|
}
|
|
|
|
static inline void *xrealloc(void *ptr, size_t size)
|
|
{
|
|
void *ret = realloc(ptr, size);
|
|
if (!ret && !size)
|
|
ret = realloc(ptr, 1);
|
|
if (!ret) {
|
|
release_pack_memory(size, -1);
|
|
ret = realloc(ptr, size);
|
|
if (!ret && !size)
|
|
ret = realloc(ptr, 1);
|
|
if (!ret)
|
|
die("Out of memory, realloc failed");
|
|
}
|
|
return ret;
|
|
}
|
|
|
|
static inline void *xcalloc(size_t nmemb, size_t size)
|
|
{
|
|
void *ret = calloc(nmemb, size);
|
|
if (!ret && (!nmemb || !size))
|
|
ret = calloc(1, 1);
|
|
if (!ret) {
|
|
release_pack_memory(nmemb * size, -1);
|
|
ret = calloc(nmemb, size);
|
|
if (!ret && (!nmemb || !size))
|
|
ret = calloc(1, 1);
|
|
if (!ret)
|
|
die("Out of memory, calloc failed");
|
|
}
|
|
return ret;
|
|
}
|
|
|
|
static inline void *xmmap(void *start, size_t length,
|
|
int prot, int flags, int fd, off_t offset)
|
|
{
|
|
void *ret = mmap(start, length, prot, flags, fd, offset);
|
|
if (ret == MAP_FAILED) {
|
|
if (!length)
|
|
return NULL;
|
|
release_pack_memory(length, fd);
|
|
ret = mmap(start, length, prot, flags, fd, offset);
|
|
if (ret == MAP_FAILED)
|
|
die("Out of memory? mmap failed: %s", strerror(errno));
|
|
}
|
|
return ret;
|
|
}
|
|
|
|
static inline ssize_t xread(int fd, void *buf, size_t len)
|
|
{
|
|
ssize_t nr;
|
|
while (1) {
|
|
nr = read(fd, buf, len);
|
|
if ((nr < 0) && (errno == EAGAIN || errno == EINTR))
|
|
continue;
|
|
return nr;
|
|
}
|
|
}
|
|
|
|
static inline ssize_t xwrite(int fd, const void *buf, size_t len)
|
|
{
|
|
ssize_t nr;
|
|
while (1) {
|
|
nr = write(fd, buf, len);
|
|
if ((nr < 0) && (errno == EAGAIN || errno == EINTR))
|
|
continue;
|
|
return nr;
|
|
}
|
|
}
|
|
|
|
static inline size_t xsize_t(off_t len)
|
|
{
|
|
return (size_t)len;
|
|
}
|
|
|
|
static inline int has_extension(const char *filename, const char *ext)
|
|
{
|
|
size_t len = strlen(filename);
|
|
size_t extlen = strlen(ext);
|
|
return len > extlen && !memcmp(filename + len - extlen, ext, extlen);
|
|
}
|
|
|
|
/* Sane ctype - no locale, and works with signed chars */
|
|
#undef isspace
|
|
#undef isdigit
|
|
#undef isalpha
|
|
#undef isalnum
|
|
#undef tolower
|
|
#undef toupper
|
|
extern unsigned char sane_ctype[256];
|
|
#define GIT_SPACE 0x01
|
|
#define GIT_DIGIT 0x02
|
|
#define GIT_ALPHA 0x04
|
|
#define sane_istest(x,mask) ((sane_ctype[(unsigned char)(x)] & (mask)) != 0)
|
|
#define isspace(x) sane_istest(x,GIT_SPACE)
|
|
#define isdigit(x) sane_istest(x,GIT_DIGIT)
|
|
#define isalpha(x) sane_istest(x,GIT_ALPHA)
|
|
#define isalnum(x) sane_istest(x,GIT_ALPHA | GIT_DIGIT)
|
|
#define tolower(x) sane_case((unsigned char)(x), 0x20)
|
|
#define toupper(x) sane_case((unsigned char)(x), 0)
|
|
|
|
static inline int sane_case(int x, int high)
|
|
{
|
|
if (sane_istest(x, GIT_ALPHA))
|
|
x = (x & ~0x20) | high;
|
|
return x;
|
|
}
|
|
|
|
static inline int prefixcmp(const char *str, const char *prefix)
|
|
{
|
|
return strncmp(str, prefix, strlen(prefix));
|
|
}
|
|
|
|
static inline int strtoul_ui(char const *s, int base, unsigned int *result)
|
|
{
|
|
unsigned long ul;
|
|
char *p;
|
|
|
|
errno = 0;
|
|
ul = strtoul(s, &p, base);
|
|
if (errno || *p || p == s || (unsigned int) ul != ul)
|
|
return -1;
|
|
*result = ul;
|
|
return 0;
|
|
}
|
|
|
|
#endif
|