On Thu, Oct 19, 2017 at 12:36:50PM +0300, Andrey Okoshkin wrote:
> Add check of the resolved HEAD reference while printing of a commit summary.
> resolve_ref_unsafe() may return NULL pointer if underlying calls of lstat()
> or
> open() fail in files_read_raw_ref().
> Such situation can be caused by race: file becomes inaccessible to this
> moment.
>
> Signed-off-by: Andrey Okoshkin <a.okosh...@samsung.com>
> ---
> Thank you for your review.
>
> Changes since the previous patch:
> * BUG is replaced with die, message;
> * Message is changed.
Thanks, this looks good to me. One other possible minor improvement:
> head = resolve_ref_unsafe("HEAD", 0, junk_oid.hash, NULL);
> + if (!head)
> + die(_("unable to resolve HEAD after creating commit"));
Should we use die_errno() here to report the value of errno? I think
resolve_ref_unsafe() should set it consistently (even an internal
problem, like an illegally-formatted refname, yields EINVAL).
I grepped the code base looking for other instances of the same problem,
and found four of them. Patches to follow.
Unlike this one, I ended up quietly returning an error in most cases.
The individual commit messages discuss the reasoning for each case, but
I do wonder if we ought to simply die() in each case out of an abundance
of caution (either the repo has a broken symref, or some weird
filesystem error occurred, but either way it may be best not to
continue). I dunno.
These are all independent, so can be applied in any order or combination
with respect to each other and to your patch.
[1/4]: test-ref-store: avoid passing NULL to printf
[2/4]: remote: handle broken symrefs
[3/4]: log: handle broken HEAD in decoration check
[4/4]: worktree: handle broken symrefs in find_shared_symref()
builtin/remote.c | 2 +-
log-tree.c | 2 +-
t/helper/test-ref-store.c | 2 +-
worktree.c | 3 ++-
4 files changed, 5 insertions(+), 4 deletions(-)
-Peff
