Re: [PATCH v2 1/1] config: work around bug with includeif:onbranch and early config
To
Jeff King
Cc
Johannes Schindelin via GitGitGadget
git@vger.kernel.org
Junio C Hamano
From
Johannes Schindelin
See Also
Prev Ref 1 Ref 2 Ref 3
Date
2019-07-31 22:13:19 UTC
Hi Peff,

On Wed, 31 Jul 2019, Jeff King wrote:

> On Wed, Jul 31, 2019 at 01:06:42PM -0700, Johannes Schindelin via GitGitGadget wrote:
>
> > Technically, there is a way to solve this properly: teach the refs
> > machinery to initialize the ref_store from a given gitdir/commondir pair
> > (which we _do_ have in the early config code path), and then use that in
> > `include_by_branch()`. This, however, is a pretty involved project, and
> > we're already in the feature freeze for Git v2.23.0.
>
> This gets tricky, because some commands are intentionally avoiding the
> normal lookup procedure (e.g., clone or init, and probably things like
> upload-pack that want to enter another repo). So I think it is OK as
> long as the early-config code is explicitly saying "and please look at
> the refs in this specific direectory now", and it doesn't affect other
> possible code paths that might look at refs. I _think_ that's what
> you're suggesting above, but I just want to make sure (not that it
> matters either way for this patch).

I think we already have the `git clone` problem with
`includeif.gitdir:`. AFAICT we _will_ discover a Git directory when
cloning inside an existing Git worktree.

> As a workaround, I suspect in many cases it might work to simply do a
> gentle setup (e.g., in "help"), but we simply weren't doing it before
> because there was no use case. That obviously wouldn't work for
> something like clone, though.

Right.

And as you say, there was no use case, and I would even contend that
there still is no use case. In the cover letter, I tried to concoct
something (using a branch-dependent pager) that sounds _really_
far-fetched to even me.
>
> > diff --git a/config.c b/config.c
> > index ed7f58e0fc..3900e4947b 100644
> > --- a/config.c
> > +++ b/config.c
> > @@ -275,7 +275,8 @@ static int include_by_branch(const char *cond, size_t cond_len)
> >  	int flags;
> >  	int ret;
> >  	struct strbuf pattern = STRBUF_INIT;
> > -	const char *refname = resolve_ref_unsafe("HEAD", 0, NULL, &flags);
> > +	const char *refname = !the_repository || !the_repository->gitdir ?
> > +		NULL : resolve_ref_unsafe("HEAD", 0, NULL, &flags);
>
> I think the_repository is always non-NULL.

No, it totally can be `NULL`. I know because my first version of the
patch did not have that extra check, and `git help -a` would segfault
outside a Git worktree when I had an `includeif.onbranch:` in my
`~/.gitconfig`.

I tried to explain that in the commit message, but obviously did a poor
job:

    Note: when calling above-mentioned two commands _outside_ of any Git
    worktree (passing the `--global` flag to `git config`, as there is
    obviously no repository config available), at the point when
    `include_by_branch()` is called, `the_repository` is `NULL`, therefore
    we have to be extra careful not to dereference it in that case.

> The way similar sites check this is withV
> "!startup_info->have_repository" or have_git_dir(). The early-config
> code uses the latter, so we should probably match it here.

Quite frankly, I'd rather not. At this point, it is not important
whether or not we discovered a Git directory, but whether or not we have
populated a dereference'able `the_repository`. Those are two different
things.

>   Side note: I suspect there are some cleanup opportunities. IIRC, I had
>   to add have_git_dir() to cover some cases where $GIT_DIR was set but
>   we hadn't explicitly done a setup step, but there's been a lot of
>   refactoring and cleanup in the initialization code since then. I'm not
>   sure if it's still necessary.

Yeah, well, I am not necessarily certain that we always ask the right
questions, such as asking whether we found a startup repository when we
need, in fact, to know whether `the_repository->refs` would cause a
segmentation fault because we would dereference a `NULL` pointer ;-)
>
> > diff --git a/t/t1309-early-config.sh b/t/t1309-early-config.sh
> > index 413642aa56..0c37e7180d 100755
> > --- a/t/t1309-early-config.sh
> > +++ b/t/t1309-early-config.sh
> > @@ -89,4 +89,9 @@ test_expect_failure 'ignore .git/ with invalid config' '
> >  	test_with_config "["
> >  '
> >
> > +test_expect_success 'early config and onbranch' '
> > +	echo "[broken" >broken &&
> > +	test_with_config "[includeif \"onbranch:refs/heads/master\"]path=../broken"
> > +'
>
> OK, so we know we didn't see the broken config because we'd have barfed
> if we actually included it. Makes sense.

That was the idea :-)

Thanks for the review!
Dscho