mercurial-scm/hg-stable: mercurial/revlog.py comparison

comparison mercurial/revlog.py @ 40057:324b4b10351e

revlog: rewrite censoring logic I was able to corrupt a revlog relatively easily with the existing censoring code. The underlying problem is that the existing code doesn't fully take delta chains into account. When copying revisions that occur after the censored revision, the delta base can refer to a censored revision. Then at read time, things blow up due to the revision data not being a compressed delta. This commit rewrites the revlog censoring code to take a higher-level approach. We now create a new revlog instance pointing at temp files. We iterate through each revision in the source revlog and insert those revisions into the new revlog, replacing the censored revision's data along the way. The new implementation isn't as efficient as the old one. This is because it will fully engage delta computation on insertion. But I don't think it matters. The new implementation is a bit hacky because it attempts to reload the revlog instance with a new revlog index/data file. This is fragile. But this is needed because the index (which could be backed by C) would have a cached copy of the old, possibly changed data and that could lead to problems accessing index or revision data later. One benefit of the new approach is that we integrate with the transaction. The old revlog is backed up and if the transaction is rolled back, the original revlog is restored. As part of this, we had to teach the transaction about the store vfs. I'm not super keen about this. But this was the easiest way to hook things up to the transaction. We /could/ just ignore the transaction like we were doing before. But any file mutation should be governed by transaction semantics, including undo during rollback. Differential Revision: https://phab.mercurial-scm.org/D4869

author	Gregory Szorc <gregory.szorc@gmail.com>
date	Tue, 02 Oct 2018 17:34:34 -0700
parents	0a4625ffd6c0
children	adbf8ca239e4

comparison

equal deleted inserted replaced

-:0a4625ffd6c0
+:324b4b10351e
 addrevisioncb(self, rev, node)
 finally:
 destrevlog._lazydeltabase = oldlazydeltabase
 destrevlog._deltabothparents = oldamd
-def censorrevision(self, node, tombstone=b''):
+def censorrevision(self, tr, censornode, tombstone=b''):
 if (self.version & 0xFFFF) == REVLOGV0:
 raise error.RevlogError(_('cannot censor with version %d revlogs') %
 self.version)
-rev = self.rev(node)
+censorrev = self.rev(censornode)
 tombstone = storageutil.packmeta({b'censored': tombstone}, b'')
-if len(tombstone) > self.rawsize(rev):
+if len(tombstone) > self.rawsize(censorrev):
 raise error.Abort(_('censor tombstone must be no longer than '
 'censored data'))
-# Using two files instead of one makes it easy to rewrite entry-by-entry
+# Rewriting the revlog in place is hard. Our strategy for censoring is
-idxread = self.opener(self.indexfile, 'r')
+# to create a new revlog, copy all revisions to it, then replace the
-idxwrite = self.opener(self.indexfile, 'wb', atomictemp=True)
+# revlogs on transaction close.
-if self.version & FLAG_INLINE_DATA:
-dataread, datawrite = idxread, idxwrite
+newindexfile = self.indexfile + b'.tmpcensored'
-else:
+newdatafile = self.datafile + b'.tmpcensored'
-dataread = self.opener(self.datafile, 'r')
-datawrite = self.opener(self.datafile, 'wb', atomictemp=True)
+# This is a bit dangerous. We could easily have a mismatch of state.
+newrl = revlog(self.opener, newindexfile, newdatafile,
-# Copy all revlog data up to the entry to be censored.
+censorable=True)
-offset = self.start(rev)
+newrl.version = self.version
+newrl._generaldelta = self._generaldelta
-for chunk in util.filechunkiter(idxread, limit=rev * self._io.size):
+newrl._io = self._io
-idxwrite.write(chunk)
-for chunk in util.filechunkiter(dataread, limit=offset):
+for rev in self.revs():
-datawrite.write(chunk)
+node = self.node(rev)
+p1, p2 = self.parents(node)
-def rewriteindex(r, newoffs, newdata=None):
-"""Rewrite the index entry with a new data offset and new data.
+if rev == censorrev:
+newrl.addrawrevision(tombstone, tr, self.linkrev(censorrev),
-The newdata argument, if given, is a tuple of three positive
+p1, p2, censornode, REVIDX_ISCENSORED)
-integers: (new compressed, new uncompressed, added flag bits).
-"""
+if newrl.deltaparent(rev) != nullrev:
-offlags, comp, uncomp, base, link, p1, p2, nodeid = self.index[r]
+raise error.Abort(_('censored revision stored as delta; '
-flags = gettype(offlags)
+'cannot censor'),
-if newdata:
+hint=_('censoring of revlogs is not '
-comp, uncomp, nflags = newdata
+'fully implemented; please report '
-flags |= nflags
+'this bug'))
-offlags = offset_type(newoffs, flags)
+continue
-e = (offlags, comp, uncomp, r, link, p1, p2, nodeid)
-idxwrite.write(self._io.packentry(e, None, self.version, r))
+if self.iscensored(rev):
-idxread.seek(self._io.size, 1)
+if self.deltaparent(rev) != nullrev:
+raise error.Abort(_('cannot censor due to censored '
-def rewrite(r, offs, data, nflags=REVIDX_DEFAULT_FLAGS):
+'revision having delta stored'))
-"""Write the given fulltext with the given data offset.
+rawtext = self._chunk(rev)
-Returns:
-The integer number of data bytes written, for tracking data
-offsets.
-"""
-flag, compdata = self.compress(data)
-newcomp = len(flag) + len(compdata)
-rewriteindex(r, offs, (newcomp, len(data), nflags))
-datawrite.write(flag)
-datawrite.write(compdata)
-dataread.seek(self.length(r), 1)
-return newcomp
-# Rewrite censored entry with (padded) tombstone data.
-pad = ' ' * (self.rawsize(rev) - len(tombstone))
-offset += rewrite(rev, offset, tombstone + pad, REVIDX_ISCENSORED)
-# Rewrite all following filelog revisions fixing up offsets and deltas.
-for srev in pycompat.xrange(rev + 1, len(self)):
-if rev in self.parentrevs(srev):
-# Immediate children of censored node must be re-added as
-# fulltext.
-try:
-revdata = self.revision(srev)
-except error.CensoredNodeError as e:
-revdata = e.tombstone
-dlen = rewrite(srev, offset, revdata)
 else:
-# Copy any other revision data verbatim after fixing up the
+rawtext = self.revision(rev, raw=True)
-# offset.
-rewriteindex(srev, offset)
+newrl.addrawrevision(rawtext, tr, self.linkrev(rev), p1, p2, node,
-dlen = self.length(srev)
+self.flags(rev))
-for chunk in util.filechunkiter(dataread, limit=dlen):
-datawrite.write(chunk)
+tr.addbackup(self.indexfile, location='store')
-offset += dlen
+if not self._inline:
+tr.addbackup(self.datafile, location='store')
-idxread.close()
-idxwrite.close()
+self.opener.rename(newrl.indexfile, self.indexfile)
-if dataread is not idxread:
+if not self._inline:
-dataread.close()
+self.opener.rename(newrl.datafile, self.datafile)
-datawrite.close()
+self.clearcaches()
+self._loadindex(self.version, None)
 def verifyintegrity(self, state):
 """Verifies the integrity of the revlog.
 Yields ``revlogproblem`` instances describing problems that are

Mercurial > public > mercurial-scm > hg-stable

comparison mercurial/revlog.py @ 40057:324b4b10351e