Hi Stolee, On Wed, Jun 03, 2020 at 09:08:26AM -0400, Derrick Stolee wrote: > On 6/3/2020 1:16 AM, Taylor Blau wrote: > > On Tue, Jun 02, 2020 at 10:52:48PM -0600, Taylor Blau wrote: > >> Hi Jonathan, > >> > >> On Tue, Jun 02, 2020 at 08:42:13PM -0700, Jonathan Nieder wrote: > >>> Hi, > >>> > >>> Taylor Blau wrote: > >>> > >>>> Signed-off-by: Taylor Blau <me@xxxxxxxxxxxx> > >>>> --- > >>>> builtin/receive-pack.c | 4 ++-- > >>>> commit.h | 2 ++ > >>>> fetch-pack.c | 10 +++++----- > >>>> shallow.c | 30 +++++++++++++++++++++--------- > >>>> t/t5537-fetch-shallow.sh | 29 +++++++++++++++++++++++++++++ > >>>> 5 files changed, 59 insertions(+), 16 deletions(-) > >>> > >>> I haven't investigated the cause yet, but I've run into an interesting > >>> bug that bisects to this commit. Jay Conrod (cc-ed) reports: > >>> > >>> | I believe this is also the cause of Go toolchain test failures we've > >>> | been seeing. Go uses git to fetch dependencies. > >>> | > >>> | The problem we're seeing can be reproduced with the script below. It > >>> | should print "success". Instead, the git merge-base command fails > >>> | because the commit 7303f77963648d5f1ec5e55eccfad8e14035866c > >>> | (origin/master) has no history. > >>> > >>> -- 8< -- > >>> #!/bin/bash > >>> > >>> set -euxo pipefail > >>> if [ -d legacytest ]; then > >>> echo "legacytest directory already exists" >&2 > >>> exit 1 > >>> fi > >>> mkdir legacytest > >>> cd legacytest > >>> git init --bare > >>> git config protocol.version 2 > >>> git config fetch.writeCommitGraph true > >>> git remote add origin -- https://github.com/rsc/legacytest > >>> git fetch -f --depth=1 origin refs/heads/master:refs/heads/master > >>> git fetch -f origin 'refs/heads/*:refs/heads/*' 'refs/tags/*:refs/tags/*' > >>> git fetch --unshallow -f origin > >>> git merge-base --is-ancestor -- v2.0.0 7303f77963648d5f1ec5e55eccfad8e14035866c > >>> echo success > >>> -- >8 -- > >> > >> Thanks to you and Jay for the report and reproduction script. Indeed, I > >> can reproduce this on the tip of master (which is equivalent to v2.27.0 > >> at the time of writing). > >> > >>> The fetch.writeCommitGraph part is interesting. When does a commit > >>> graph file get written in this sequence of operations? In an > >>> unshallow operation, does the usual guard against writing a commit > >>> graph in a shallow repo get missed? > >> > >> The last 'git fetch' is the one that writes the commit-graph. You can > >> verify this by sticking a 'ls objects/info' after each 'git' invocation > >> in your script. > >> > >> Here's where things get weird, though. Prior to this patch, Git would > >> pick up that the repository is shallow before unshallowing, but never > >> invalidate this fact after unshallowing. That means that once we got to > >> 'write_commit_graph', we'd exit immediately since it appears as if the > >> repository is shallow. > >> > >> In this patch, we don't do that anymore, since we rightly unset the fact > >> that we are (were) shallow. > >> > >> In a debugger, I ran your script and a 'git commit-graph write --split > >> --reachable' side-by-side, and found an interesting discrepancy: some > >> commits (loaded from 'copy_oids_to_commits') *don't* have their parents > >> set when invoked from 'git fetch', but *do* when invoked as 'git > >> commit-graph write ...'. > >> > >> I'm not an expert in the object cache, but my hunch is that when we > >> fetch these objects they're marked as parsed without having loaded their > >> parents. When we load them again via 'lookup_object', we get objects > >> that look parsed, but don't have parents where they otherwise should. > > > > Ah, this only sort of has to do with the object cache. In > > 'parse_commit_buffer()' we stop parsing parents in the case that the > > repository is shallow (this goes back to 7f3140cd23 (git repack: keep > > commits hidden by a graft, 2009-07-23)). > > > > That makes me somewhat nervous. We're going to keep any objects opened > > prior to unshallowing in the cache, along with their hidden parents. I > > suspect that this is why Git has kept the shallow bit as sticky for so > > long. > > > > I'm not quite sure what to do here. I think that any of the following > > would work: > > > > * Keep the shallow bit sticky, at least for fetch.writeCommitGraph > > (i.e., pretend as if fetch.writecommitgraph=0 in the case of > > '--unshallow'). > > I'm in favor of this option, if possible. Anything that alters the > commit history in-memory at any point in the Git process is unsafe to > combine with a commit-graph read _or_ write. I'm sorry that the guards > in commit_graph_compatible() are not enough here. > > > * Dump the object cache upon un-shallowing, forcing us to re-discover > > the parents when they are no longer hidden behind a graft. > > > > The latter seems like the most complete feasible fix. The former should > > work fine to address this case, but I wonder if there are other > > call-sites that are affected by this behavior. My hunch is that this is > > a unique case, since it requires going from shallow to unshallow in the > > same process. > > The latter would solve issues that could arise outside of the commit-graph > space. But it also presents an opportunity for another gap if someone edits > the shallow logic without putting in the proper guards. > > To be extra safe, I'd be in favor of adding an "if (grafts_ever_existed)" > condition in commit_graph_compatible() based on a global that is assigned > a non-zero value whenever grafts are loaded at any point in the process, > mostly because it would be easy to guarantee that it is safe. It could > even be localized to the repository struct. > > > I have yet to create a smaller test case, but the following should be > > sufficient to dump the cache of parsed objects upon shallowing or > > un-shallowing: > > > > diff --git a/shallow.c b/shallow.c > > index b826de9b67..06db857f53 100644 > > --- a/shallow.c > > +++ b/shallow.c > > @@ -90,6 +90,9 @@ static void reset_repository_shallow(struct repository *r) > > { > > r->parsed_objects->is_shallow = -1; > > stat_validity_clear(r->parsed_objects->shallow_stat); > > + > > + parsed_object_pool_clear(r->parsed_objects); > > + r->parsed_objects = parsed_object_pool_new(); > > } > > > > int commit_shallow_file(struct repository *r, struct shallow_lock *lk) > > > > Is this something we want to go forward with? Are there some > > far-reaching implications that I'm missing? > > I'd like to see the extra-careful check, in addition to this one. This > is such a rarely-used and narrowly-tested case that we need to be really > really careful to avoid regressions. I'm a little confused at which suggestion you're in favor of ;-). For clarity, are you suggesting that we add a new 'r->grafts_ever_existed' bit in addition to doing a hard reset of the object pool? > Thanks, > -Stolee Thanks, Taylor
