1. 08 Oct, 2020 1 commit
    • Improve the support of atomics · cc1d7f5c
      This change:
      
      * Starts using GCC's and clang's `__atomic_*` intrinsics instead of the
        `__sync_*` ones, since the former supercede the latter (and can be
        safely replaced by their equivalent `__atomic_*` version with the
        sequentially consistent model).
      * Makes `git_atomic64`'s value `volatile`. Otherwise, this will make
        ThreadSanitizer complain.
      * Adds ways to load the values from atomics. As it turns out,
        unsynchronized read are okay only in some architectures, but if we
        want to be correct (and make ThreadSanitizer happy), those loads
        should also be performed with the atomic builtins.
      * Fixes two ThreadSanitizer warnings, as a proof-of-concept that this
        works:
        - Avoid directly accessing `git_refcount`'s `owner` directly, and
          instead makes all callers go through the `GIT_REFCOUNT_*()` macros,
          which also use the atomic utilities.
        - Makes `pool_system_page_size()` race-free.
      
      Part of: #5592
      lhchavez committed
  2. 30 Jun, 2020 1 commit
  3. 09 Jun, 2020 1 commit
    • tree-wide: do not compile deprecated functions with hard deprecation · c6184f0c
      When compiling libgit2 with -DDEPRECATE_HARD, we add a preprocessor
      definition `GIT_DEPRECATE_HARD` which causes the "git2/deprecated.h"
      header to be empty. As a result, no function declarations are made
      available to callers, but the implementations are still available to
      link against. This has the problem that function declarations also
      aren't visible to the implementations, meaning that the symbol's
      visibility will not be set up correctly. As a result, the resulting
      library may not expose those deprecated symbols at all on some platforms
      and thus cause linking errors.
      
      Fix the issue by conditionally compiling deprecated functions, only.
      While it becomes impossible to link against such a library in case one
      uses deprecated functions, distributors of libgit2 aren't expected to
      pass -DDEPRECATE_HARD anyway. Instead, users of libgit2 should manually
      define GIT_DEPRECATE_HARD to hide deprecated functions. Using "real"
      hard deprecation still makes sense in the context of CI to test we don't
      use deprecated symbols ourselves and in case a dependant uses libgit2 in
      a vendored way and knows it won't ever use any of the deprecated symbols
      anyway.
      Patrick Steinhardt committed
  4. 22 Nov, 2019 2 commits
  5. 20 Jul, 2019 1 commit
  6. 18 Jul, 2019 1 commit
  7. 26 Jun, 2019 1 commit
  8. 15 Jun, 2019 1 commit
  9. 23 Feb, 2019 2 commits
    • odb: provide a free function for custom backends · 459ac856
      Custom backends can allocate memory when reading objects and providing
      them to libgit2.  However, if an error occurs in the custom backend
      after the memory has been allocated for the custom object but before
      it's returned to libgit2, the custom backend has no way to free that
      memory and it must be leaked.
      
      Provide a free function that corresponds to the alloc function so that
      custom backends have an opportunity to free memory before they return an
      error.
      Edward Thomson committed
    • odb: rename git_odb_backend_malloc for consistency · 790aae77
      The `git_odb_backend_malloc` name is a system function that is provided
      for custom ODB backends and allows them to allocate memory for an ODB
      object in the read callback.  This is important so that libgit2 can
      later free the memory used by an ODB object that was read from the
      custom backend.
      
      However, the name _suggests_ that it actually allocates a
      `git_odb_backend`.  It does not; rename it to make it clear that it
      actually allocates backend _data_.
      Edward Thomson committed
  10. 22 Feb, 2019 1 commit
  11. 21 Feb, 2019 1 commit
    • cache: fix misnaming of `git_cache_free` · bbdcd450
      Functions that free a structure's contents but not the structure
      itself shall be named `dispose` in the libgit2 project, but the
      function `git_cache_free` does not follow this naming pattern.
      
      Fix this by renaming it to `git_cache_dispose` and adjusting all
      callers to make use of the new name.
      Patrick Steinhardt committed
  12. 20 Feb, 2019 1 commit
  13. 17 Feb, 2019 1 commit
  14. 25 Jan, 2019 1 commit
  15. 22 Jan, 2019 1 commit
  16. 20 Jan, 2019 1 commit
  17. 17 Jan, 2019 1 commit
  18. 06 Jan, 2019 1 commit
    • Fix a bunch of warnings · 7b453e7e
      This change fixes a bunch of warnings that were discovered by compiling
      with `clang -target=i386-pc-linux-gnu`. It turned out that the
      intrinsics were not necessarily being used in all platforms! Especially
      in GCC, since it does not support __has_builtin.
      
      Some more warnings were gleaned from the Windows build, but I stopped
      when I saw that some third-party dependencies (e.g. zlib) have warnings
      of their own, so we might never be able to enable -Werror there.
      lhchavez committed
  19. 01 Dec, 2018 1 commit
  20. 06 Aug, 2018 1 commit
    • odb: fix use of wrong printf formatters · 0fcd0563
      The `git_odb_stream` members `declared_size` and `received_bytes` are
      both of the type `git_off_t`, which we usually defined to be a 64 bit
      signed integer. Thus, passing these members to "PRIdZ" formatters is not
      correct, as they are not guaranteed to accept big enough numbers.
      Instead, use the "PRId64" formatter, which is able to represent 64 bit
      signed integers.
      Patrick Steinhardt committed
  21. 10 Jun, 2018 1 commit
  22. 23 Mar, 2018 1 commit
    • odb: fix writing to fake write streams · a52b4c51
      In commit 7ec7aa4a (odb: assert on logic errors when writing objects,
      2018-02-01), the check for whether we are trying to overflowing the fake
      stream buffer was changed from returning an error to raising an assert.
      The conversion forgot though that the logic around `assert`s are
      basically inverted. Previously, if the statement
      
          stream->written + len > steram->size
      
      evaluated to true, we would return a `-1`. Now we are asserting that
      this statement is true, and in case it is not we will raise an error. So
      the conversion to the `assert` in fact changed the behaviour to the
      complete opposite intention.
      
      Fix the assert by inverting its condition again and add a regression
      test.
      Patrick Steinhardt committed
  23. 09 Feb, 2018 7 commits
  24. 02 Feb, 2018 1 commit
  25. 26 Jan, 2018 1 commit
    • odb: reject reading and writing null OIDs · 275f103d
      The null OID (hash with all zeroes) indicates a missing object in
      upstream git and is thus not a valid object ID. Add defensive
      measurements to avoid writing such a hash to the object database in the
      very unlikely case where some data results in the null OID. Furthermore,
      add shortcuts when reading the null OID from the ODB to avoid ever
      returning an object when a faulty repository may contain the null OID.
      Patrick Steinhardt committed
  26. 03 Jul, 2017 1 commit
    • Make sure to always include "common.h" first · 0c7f49dd
      Next to including several files, our "common.h" header also declares
      various macros which are then used throughout the project. As such, we
      have to make sure to always include this file first in all
      implementation files. Otherwise, we might encounter problems or even
      silent behavioural differences due to macros or defines not being
      defined as they should be. So in fact, our header and implementation
      files should make sure to always include "common.h" first.
      
      This commit does so by establishing a common include pattern. Header
      files inside of "src" will now always include "common.h" as its first
      other file, separated by a newline from all the other includes to make
      it stand out as special. There are two cases for the implementation
      files. If they do have a matching header file, they will always include
      this one first, leading to "common.h" being transitively included as
      first file. If they do not have a matching header file, they instead
      include "common.h" as first file themselves.
      
      This fixes the outlined problems and will become our standard practice
      for header and source files inside of the "src/" from now on.
      Patrick Steinhardt committed
  27. 12 Jun, 2017 1 commit
    • odb_read_prefix: reset error in backends loop · cb3010c5
      When looking for an object by prefix, we query all the backends so that
      we can ensure that there is no ambiguity.  We need to reset the `error`
      value between backends; otherwise the first backend may find an object
      by prefix, but subsequent backends may not.  If we do not reset the
      `error` value then it will remain at `GIT_ENOTFOUND` and `read_prefix_1`
      will fail, despite having actually found an object.
      Edward Thomson committed
  28. 15 May, 2017 2 commits
    • odb: fix printf formatter for git_off_t · 8d93a11c
      The fields `declared_size` and `received_bytes` of the `git_odb_stream`
      are both of type `git_off_t` which is defined as a signed integer. When
      passing these values to a printf-style string in
      `git_odb_stream__invalid_length`, though, we format these as PRIuZ,
      which is unsigned.
      
      Fix the issue by using PRIdZ instead, silencing warnings on macOS.
      Patrick Steinhardt committed
    • odb: shut up gcc warnings regarding uninitilized variables · 7776db51
      The `error` variable is used as a return value in the out-section of
      both `odb_read_1` and `read_prefix_1`. While the value will actually
      always be initialized inside of this section, GCC fails to realize this
      due to interactions with the `found` variable: if `found` is set, the
      error will always be initialized. If it is not, we return early without
      reaching the out-statements.
      
      Shut up the warnings by initializing the error variable, even though it
      is unnecessary.
      Patrick Steinhardt committed
  29. 28 Apr, 2017 3 commits
    • odb: verify hashes in read_prefix_1 · e0973bc0
      While the function reading an object from the complete OID already
      verifies OIDs, we do not yet do so for reading objects from a partial
      OID. Do so when strict OID verification is enabled.
      Patrick Steinhardt committed
    • odb: improve error handling in read_prefix_1 · 14109620
      The read_prefix_1 function has several return statements springled
      throughout the code. As we have to free memory upon getting an error,
      the free code has to be repeated at every single retrun -- which it is
      not, so we have a memory leak here.
      
      Refactor the code to use the typical `goto out` pattern, which will free
      data when an error has occurred. While we're at it, we can also improve
      the error message thrown when multiple ambiguous prefixes are found. It
      will now include the colliding prefixes.
      Patrick Steinhardt committed
    • odb: add option to turn off hash verification · 35079f50
      Verifying hashsums of objects we are reading from the ODB may be costly
      as we have to perform an additional hashsum calculation on the object.
      Especially when reading large objects, the penalty can be as high as
      35%, as can be seen when executing the equivalent of `git cat-file` with
      and without verification enabled. To mitigate for this, we add a global
      option for libgit2 which enables the developer to turn off the
      verification, e.g. when he can be reasonably sure that the objects on
      disk won't be corrupted.
      Patrick Steinhardt committed