Hello,
Clemens Fruhwirth píše v Po 05. 07. 2021 v 17:46 +0200:
> What did you do before the bug happened? (Steps to reproduce your
> issue)
>
> Run "git pull origin nixos-unstable --rebase --set-upstream"
> on a repo that had no branch set, e.g. when running "git branch" gave
> "* (no branch)"
>
> What did you expect to happen? (Expected behavior)
> Pull from upstream and set upstream.
>
> What happened instead? (Actual behavior)
> Segfault with the following trace:
> (gdb) bt
> #0 0x000000000044a8c9 in do_fetch (transport=0x2557920, rs=rs@entry=0x7ffd42335c00) at builtin/fetch.c:1568
> #1 0x000000000044ac61 in fetch_one (remote=<optimized out>, argc=1110662144, argv=0x7ffd42335fc8, prune_tags_ok=<optimized out>, use_stdin_refspecs=0) at builtin/fetch.c:1892
> #2 0x000000000044af15 in cmd_fetch (argc=0, argv=0x7ffd42335fc8, prefix=0x0) at builtin/fetch.c:1992
> #3 0x0000000000406354 in run_builtin (p=0x70d3e0 <commands+960>, argc=argc@entry=5, argv=argv@entry=0x7ffd42335fc0) at git.c:453
> #4 0x00000000004065c3 in handle_builtin (argc=5, argv=0x7ffd42335fc0) at git.c:704
> #5 0x0000000000407c4a in run_argv (argcp=argcp@entry=0x7ffd42335e8c, argv=argv@entry=0x7ffd42335e80) at git.c:771
> #6 0x00000000004080a4 in cmd_main (argc=<optimized out>, argc@entry=6, argv=<optimized out>, argv@entry=0x7ffd42335fb8) at git.c:902
> #7 0x00000000004c614c in main (argc=6, argv=0x7ffd42335fb8) at common-main.c:52
> (gdb) p branch
> $1 = (struct branch *) 0x0
>
> What's different between what you expected and what actually happened?
> Not segfault
>
> Anything else you want to add:
>
> Dropping the "--set-upstream" makes the segfault go away. Looking at
> builtin/fetch.c around L1568 I see,
>
> if (set_upstream) {
> struct branch *branch = branch_get("HEAD");
> [..]
> if (source_ref) {
> if (!strcmp(source_ref->name, "HEAD") ||
> starts_with(source_ref->name, "refs/heads/"))
> install_branch_config(0,
> branch->name, // <- SEGFAULT HERE
> transport->remote->name,
> source_ref->name);
> [..]
> }
> }
>
> It's rather clear that branch is just NULL from the gdb session above,
> and the branch->name dereference fails.
> It might be useful to catch branch == NULL.
>
> Please review the rest of the bug report below.
> You can delete any lines you don't wish to share.
>
> [System Info]
> git version:
> git version 2.31.1
> [...]
observed something pretty similar on Fedora, with both
git-2.32.0-0.3.rc2.fc35.x86_64 and git-2.32.0-1.fc35.x86_64, e.g.:
$ git clone https://github.com/git/git.git
[...]
$ cd git
$ git checkout --detach v2.1.0
HEAD is now at 6c4ab27f23 Git 2.1
$ git pull --set-upstream origin master
>From https://github.com/git/git
* branch master -> FETCH_HEAD
error: fetch died of signal 11
1625 if (source_ref) {
1626 if (!strcmp(source_ref->name, "HEAD") ||
1627 starts_with(source_ref->name, "refs/heads/"))
=>1628 install_branch_config(0,
1629 branch->name,
1630 transport->remote->name,
1631 source_ref->name);
(gdb) p branch
$1 = <optimized out>
(gdb) p branch->name
value has been optimized out
0x000055b5bceba921 <+8705>: nopl 0x0(%rax)
0x000055b5bceba928 <+8712>: mov (%rsp),%rax
=> 0x000055b5bceba92c <+8716>: mov (%r8),%rsi
0x000055b5bceba92f <+8719>: xor %edi,%edi
0x000055b5bceba931 <+8721>: mov 0x8(%rax),%rax
0x000055b5bceba935 <+8725>: mov 0x10(%rax),%rdx
0x000055b5bceba939 <+8729>: call 0x55b5bcf75d40 <install_branch_config>
(gdb) info registers r8 rsi
r8 0x0 0
rsi 0x55b5bdbe430b 94239060804363
This is just a generic reproducer; original use case revolved around
the use of submodules (also happened to be in a detached state within,
"--set-upstream" attempt was then my rushed response to "You are
not currently on a branch." error message on a plain pull there).
> (Please cc me on replies, not subscribe to the mailing list).
(ditto, please)
-- poki
