From: Junio C Hamano <gitster@pobox.com>
To: Jeff King <peff@peff.net>
Cc: Elijah Newren <newren@gmail.com>,
Elijah Newren via GitGitGadget <gitgitgadget@gmail.com>,
Git Mailing List <git@vger.kernel.org>,
Jonathan Nieder <jrnieder@gmail.com>,
Sergey Organov <sorganov@gmail.com>
Subject: Re: [PATCH 5/7] tmp-objdir: new API for creating and removing primary object dirs
Date: Thu, 30 Sep 2021 13:00:30 -0700 [thread overview]
Message-ID: <xmqqfstlbzq9.fsf@gitster.g> (raw)
In-Reply-To: <YVVmssXlaFM6yD5W@coredump.intra.peff.net> (Jeff King's message of "Thu, 30 Sep 2021 03:26:42 -0400")
Jeff King <peff@peff.net> writes:
>> > If not, then I think the solution is probably not to install this as the
>> > "primary", but rather:
>> >
>> > - do the specific remerge-diff writes we want using a special "write
>> > to this object dir" variant of write_object_file()
>> >
>> > - install the tmp_objdir as an alternate, so the reading side (which
>> > is diff code that doesn't otherwise know about our remerge-diff
>> > trickery) can find them
>> >
>> > And that lets other writers avoid writing into the temporary area
>> > accidentally.
>>
>> ...
>
> The key thing here is in the first step, where remerge-diff is
> explicitly saying "I want to write to this temporary object-dir". But
> the textconv-cache code does not; it gets to write to the normal spot.
> So it avoids problem (1).
>
> You're right that it does not avoid problem (3) exactly. But triggering
> that would require some code not just writing other objects or
> references while the tmp-objdir is in place, but specifically
> referencing the objects that remerge-diff did put into the tmp-objdir.
> That seems a lot less likely to me (because the thing we're most worried
> about is unrelated code that just happens to write while the tmp-objdir
> is in place).
I do not offhand remember if a new object creation codepath that
avoids writing an object that we already have considers an object we
find in an alternate as "we have it". If it does not and we make a
duplicated copy in our primary object store, then it would be OK,
but otherwise, those that know tmp_objdir is an alternate may still
try to write a new object and find that the same object already
exists in an alternate. Once tmp_objdir is gone, we would end up
with a corrupt repository, right?
freshen_loose_object() seems to go to check_and_freshen() which
consult check_and_freshen_nonlocal() before returning yes/no, so
having the same object in an alternate does seem to count as having
one.
> So hopefully it's clearer now from what I wrote above, but just
> connecting the dots:
>
> 1. Unrelated code calling write_object_file() would still write real,
> durable objects, as usual.
>
> 2. The write_object_file() "skip this write" optimization already
> ignores the pretend_object_file() objects while checking "do we
> have this object".
Yup for (2)---the pretend interface is safer than alternate in that
sense.
But the pretend interface was designed to just hold a handful of
phoney objects in core. I am not sure if it is a good fit for this
use case.
> But this is all scary and error-prone enough that I'd prefer an approach
> that has the "least surprise". So any solution where random code calling
> write_object_file() _can't_ accidentally write to a throw-away directory
> seems like a safer less surprising thing.
>
> It does mean that the remerge-diff code needs to be explicit in its
> object writes to say "this needs to go to the temporary area" (whether
> it's a flag, or calling into a totally different function or subsystem).
... and also writes by others that happens to write the same object
as what is already in the temporary area should be made to the real
object store. Then we would be much safer.
> I'm hoping that's not hard to do (because its writes are done explicitly
> by the remerge-diff code), but I worry that it may be (because you are
> relying on more generic tree code to the write under the hood).
Thanks.
next prev parent reply other threads:[~2021-09-30 20:00 UTC|newest]
Thread overview: 64+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-08-31 2:26 [PATCH 0/7] Add a new --remerge-diff capability to show & log Elijah Newren via GitGitGadget
2021-08-31 2:26 ` [PATCH 1/7] merge-ort: mark a few more conflict messages as omittable Elijah Newren via GitGitGadget
2021-08-31 21:06 ` Junio C Hamano
2021-09-01 0:03 ` Elijah Newren
2021-09-01 17:19 ` Junio C Hamano
2021-08-31 2:26 ` [PATCH 2/7] merge-ort: add ability to record conflict messages in a file Elijah Newren via GitGitGadget
2021-09-28 22:29 ` Jeff King
2021-09-29 6:25 ` Elijah Newren
2021-09-29 16:14 ` Junio C Hamano
2021-09-29 16:31 ` Elijah Newren
2021-09-30 7:58 ` Jeff King
2021-09-30 8:09 ` Ævar Arnfjörð Bjarmason
2021-10-01 2:07 ` Elijah Newren
2021-10-01 5:28 ` Jeff King
2021-08-31 2:26 ` [PATCH 3/7] ll-merge: add API for capturing warnings in a strbuf instead of stderr Elijah Newren via GitGitGadget
2021-09-28 22:37 ` Jeff King
2021-09-28 23:49 ` Junio C Hamano
2021-09-29 4:03 ` Elijah Newren
2021-08-31 2:26 ` [PATCH 4/7] merge-ort: capture and print ll-merge warnings in our preferred fashion Elijah Newren via GitGitGadget
2021-09-28 22:39 ` Jeff King
2021-09-30 16:53 ` Ævar Arnfjörð Bjarmason
2021-10-01 1:54 ` Elijah Newren
2021-10-01 7:23 ` Ævar Arnfjörð Bjarmason
2021-08-31 2:26 ` [PATCH 5/7] tmp-objdir: new API for creating and removing primary object dirs Elijah Newren via GitGitGadget
2021-09-28 7:55 ` Ævar Arnfjörð Bjarmason
2021-09-29 4:22 ` Elijah Newren
2021-09-30 7:41 ` Jeff King
2021-09-30 14:17 ` Ævar Arnfjörð Bjarmason
2021-10-01 3:55 ` Elijah Newren
2021-09-28 23:17 ` Jeff King
2021-09-29 4:08 ` Junio C Hamano
2021-09-30 7:33 ` Jeff King
2021-09-30 13:16 ` Ævar Arnfjörð Bjarmason
2021-09-30 21:00 ` Jeff King
2021-10-01 3:11 ` Elijah Newren
2021-10-01 7:30 ` Ævar Arnfjörð Bjarmason
2021-10-01 8:03 ` Elijah Newren
2021-10-01 4:26 ` Elijah Newren
2021-10-01 5:27 ` Jeff King
2021-10-01 7:43 ` Ævar Arnfjörð Bjarmason
2021-09-29 5:05 ` Elijah Newren
2021-09-30 7:26 ` Jeff King
2021-09-30 7:46 ` Jeff King
2021-09-30 20:06 ` Junio C Hamano
2021-10-01 3:59 ` Elijah Newren
2021-10-01 16:36 ` Junio C Hamano
2021-10-01 2:31 ` Elijah Newren
2021-10-01 5:21 ` Jeff King
2021-09-30 19:25 ` Neeraj Singh
2021-09-30 20:19 ` Junio C Hamano
2021-09-30 20:00 ` Junio C Hamano [this message]
2021-10-01 2:23 ` Elijah Newren
2021-08-31 2:26 ` [PATCH 6/7] show, log: provide a --remerge-diff capability Elijah Newren via GitGitGadget
2021-08-31 9:19 ` Sergey Organov
2021-09-28 8:01 ` Ævar Arnfjörð Bjarmason
2021-09-29 4:00 ` Elijah Newren
2021-08-31 2:26 ` [PATCH 7/7] doc/diff-options: explain the new --remerge-diff option Elijah Newren via GitGitGadget
2021-08-31 11:05 ` [PATCH 0/7] Add a new --remerge-diff capability to show & log Bagas Sanjaya
2021-08-31 16:16 ` Elijah Newren
2021-08-31 20:03 ` Junio C Hamano
2021-08-31 20:23 ` Elijah Newren
2021-09-01 21:07 ` Junio C Hamano
2021-09-01 21:42 ` Elijah Newren
2021-09-01 21:55 ` Junio C Hamano
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=xmqqfstlbzq9.fsf@gitster.g \
--to=gitster@pobox.com \
--cc=git@vger.kernel.org \
--cc=gitgitgadget@gmail.com \
--cc=jrnieder@gmail.com \
--cc=newren@gmail.com \
--cc=peff@peff.net \
--cc=sorganov@gmail.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).