Mercurial > hg
view mercurial/dirstateguard.py @ 37443:65250a66b55c
revlog: move censor logic into main revlog class
Previously, the revlog class implemented dummy methods for
various censor-related functionality. Revision censoring was
(and will continue to be) only possible on filelog instances.
So filelog implemented these methods to perform something
reasonable.
A problem with implementing censoring on filelog is that
it assumes filelog is a revlog. Upcoming work to formalize
the filelog interface will make this not true.
Furthermore, the censoring logic is security-sensitive. I
think action-at-a-distance with custom implementation of core
revlog APIs in derived classes is a bit dangerous. I think at
a minimum the censor logic should live in revlog.py.
I was tempted to created a "censored revlog" class that
basically pulled these methods out of filelog. But, I wasn't
a huge fan of overriding core methods in child classes. A
reason to do that would be performance. However, the censoring
code only comes into play when:
* hash verification fails
* delta generation
* applying deltas from changegroups
The new code is conditional on an instance attribute. So the
overhead for running the censored code when the revlog isn't
censorable is an attribute lookup. All of these operations are
at least a magnitude slower than a Python attribute lookup. So
there shouldn't be a performance concern.
Differential Revision: https://phab.mercurial-scm.org/D3151
author | Gregory Szorc <gregory.szorc@gmail.com> |
---|---|
date | Thu, 05 Apr 2018 16:31:45 -0700 |
parents | bbbbd3c30bfc |
children | ad24b581e4d9 |
line wrap: on
line source
# dirstateguard.py - class to allow restoring dirstate after failure # # Copyright 2005-2007 Matt Mackall <mpm@selenic.com> # # This software may be used and distributed according to the terms of the # GNU General Public License version 2 or any later version. from __future__ import absolute_import from .i18n import _ from . import ( error, util, ) class dirstateguard(util.transactional): '''Restore dirstate at unexpected failure. At the construction, this class does: - write current ``repo.dirstate`` out, and - save ``.hg/dirstate`` into the backup file This restores ``.hg/dirstate`` from backup file, if ``release()`` is invoked before ``close()``. This just removes the backup file at ``close()`` before ``release()``. ''' def __init__(self, repo, name): self._repo = repo self._active = False self._closed = False self._backupname = 'dirstate.backup.%s.%d' % (name, id(self)) repo.dirstate.savebackup(repo.currenttransaction(), self._backupname) self._active = True def __del__(self): if self._active: # still active # this may occur, even if this class is used correctly: # for example, releasing other resources like transaction # may raise exception before ``dirstateguard.release`` in # ``release(tr, ....)``. self._abort() def close(self): if not self._active: # already inactivated msg = (_("can't close already inactivated backup: %s") % self._backupname) raise error.Abort(msg) self._repo.dirstate.clearbackup(self._repo.currenttransaction(), self._backupname) self._active = False self._closed = True def _abort(self): self._repo.dirstate.restorebackup(self._repo.currenttransaction(), self._backupname) self._active = False def release(self): if not self._closed: if not self._active: # already inactivated msg = (_("can't release already inactivated backup: %s") % self._backupname) raise error.Abort(msg) self._abort()