mirrors/git-annex
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages 1 Wiki Activity Actions

Improve repair of git-annex index file.

Browse source 
Fixes a test case I received where a corrupted repo was repaired, but the
git-annex branch was not. The root of the problem was that the
MissingObject returned by the repair code was not necessarily a complete
set of all objects that might have been deleted during the repair.

So, stop trying to return that at all, and instead make the index file
checking code explicitly verify that each object the index uses is present.
This commit is contained in:
Joey Hess 2013-12-10 15:40:01 -04:00
parent 714e031d19
commit ce045a51af
6 changed files with 53 additions and 50 deletions
Download patch file Download diff file Expand all files Collapse all files

4
Assistant/Repair.hs
View file

@ -98,10 +98,10 @@ runRepair u mrmt destructiverepair = do
liftIO $ catchBoolIO a liftIO $ catchBoolIO a
repair fsckresults referencerepo = do repair fsckresults referencerepo = do
(ok, stillmissing, modifiedbranches) <- inRepo $ (ok, modifiedbranches) <- inRepo $
runRepairOf fsckresults destructiverepair referencerepo runRepairOf fsckresults destructiverepair referencerepo
when destructiverepair $ when destructiverepair $
repairAnnexBranch stillmissing modifiedbranches repairAnnexBranch modifiedbranches
return ok return ok
backgroundfsck params = liftIO $ void $ async $ do backgroundfsck params = liftIO $ void $ async $ do

3
Assistant/Threads/SanityChecker.hs
View file

@ -29,7 +29,6 @@ import Git.Repair
import Git.Index import Git.Index
import Data.Time.Clock.POSIX import Data.Time.Clock.POSIX
import qualified Data.Set as S
{- This thread runs once at startup, and most other threads wait for it {- This thread runs once at startup, and most other threads wait for it
- to finish. (However, the webapp thread does not, to prevent the UI - to finish. (However, the webapp thread does not, to prevent the UI
@ -41,7 +40,7 @@ sanityCheckerStartupThread startupdelay = namedThreadUnchecked "SanityCheckerSta
{- A corrupt index file can prevent the assistant from working at {- A corrupt index file can prevent the assistant from working at
- all, so detect and repair. -} - all, so detect and repair. -}
ifM (not <$> liftAnnex (inRepo (checkIndex S.empty))) ifM (not <$> liftAnnex (inRepo checkIndexFast))
( do ( do
notice ["corrupt index file found at startup; removing and restaging"] notice ["corrupt index file found at startup; removing and restaging"]
liftAnnex $ inRepo $ nukeFile . indexFile liftAnnex $ inRepo $ nukeFile . indexFile

12
Command/Repair.hs
View file

@ -12,7 +12,6 @@ import Command
import qualified Annex import qualified Annex
import qualified Git.Repair import qualified Git.Repair
import qualified Annex.Branch import qualified Annex.Branch
import Git.Fsck (MissingObjects)
import Git.Types import Git.Types
import Annex.Version import Annex.Version
@ -28,12 +27,12 @@ start = next $ next $ runRepair =<< Annex.getState Annex.force
runRepair :: Bool -> Annex Bool runRepair :: Bool -> Annex Bool
runRepair forced = do runRepair forced = do
(ok, stillmissing, modifiedbranches) <- inRepo $ (ok, modifiedbranches) <- inRepo $
Git.Repair.runRepair forced Git.Repair.runRepair forced
-- This command can be run in git repos not using git-annex, -- This command can be run in git repos not using git-annex,
-- so avoid git annex branch stuff in that case. -- so avoid git annex branch stuff in that case.
whenM (isJust <$> getVersion) $ whenM (isJust <$> getVersion) $
repairAnnexBranch stillmissing modifiedbranches repairAnnexBranch modifiedbranches
return ok return ok
{- After git repository repair, the .git/annex/index file could {- After git repository repair, the .git/annex/index file could
@ -50,8 +49,8 @@ runRepair forced = do
- yet reflected in the index, this does properly merge those into the - yet reflected in the index, this does properly merge those into the
- index before committing. - index before committing.
-} -}
repairAnnexBranch :: MissingObjects -> [Branch] -> Annex () repairAnnexBranch :: [Branch] -> Annex ()
repairAnnexBranch missing modifiedbranches repairAnnexBranch modifiedbranches
| Annex.Branch.fullname `elem` modifiedbranches = ifM okindex | Annex.Branch.fullname `elem` modifiedbranches = ifM okindex
( commitindex ( commitindex
, do , do
@ -63,8 +62,7 @@ repairAnnexBranch missing modifiedbranches
, nukeindex , nukeindex
) )
where where
okindex = Annex.Branch.withIndex $ okindex = Annex.Branch.withIndex $ inRepo $ Git.Repair.checkIndex
inRepo $ Git.Repair.checkIndex missing
commitindex = do commitindex = do
Annex.Branch.forceCommit "committing index after git repository repair" Annex.Branch.forceCommit "committing index after git repository repair"
liftIO $ putStrLn "Successfully recovered the git-annex branch using .git/annex/index" liftIO $ putStrLn "Successfully recovered the git-annex branch using .git/annex/index"

14
Git/Fsck.hs
View file

@ -11,6 +11,7 @@ module Git.Fsck (
findBroken, findBroken,
foundBroken, foundBroken,
findMissing, findMissing,
isMissing,
knownMissing, knownMissing,
) where ) where
@ -25,6 +26,7 @@ import qualified Data.Set as S
type MissingObjects = S.Set Sha type MissingObjects = S.Set Sha
data FsckResults = FsckFoundMissing MissingObjects | FsckFailed data FsckResults = FsckFoundMissing MissingObjects | FsckFailed
deriving (Show)
{- Runs fsck to find some of the broken objects in the repository. {- Runs fsck to find some of the broken objects in the repository.
- May not find all broken objects, if fsck fails on bad data in some of - May not find all broken objects, if fsck fails on bad data in some of
@ -59,15 +61,17 @@ knownMissing (FsckFoundMissing s) = s
{- Finds objects that are missing from the git repsitory, or are corrupt. {- Finds objects that are missing from the git repsitory, or are corrupt.
- -
- This does not use git cat-file --batch, because catting a corrupt - This does not use git cat-file --batch, because catting a corrupt
- object can cause it to crash, or to report incorrect size information.a - object can cause it to crash, or to report incorrect size information.
-} -}
findMissing :: [Sha] -> Repo -> IO MissingObjects findMissing :: [Sha] -> Repo -> IO MissingObjects
findMissing objs r = S.fromList <$> filterM (not <$$> present) objs findMissing objs r = S.fromList <$> filterM (`isMissing` r) objs
isMissing :: Sha -> Repo -> IO Bool
isMissing s r = either (const True) (const False) <$> tryIO dump
where where
present o = either (const False) (const True) <$> tryIO (dump o) dump = runQuiet
dump o = runQuiet
[ Param "show" [ Param "show"
, Param (show o) , Param (show s)
] r ] r
findShas :: String -> [Sha] findShas :: String -> [Sha]

69
Git/Repair.hs
View file

@ -1,4 +1,5 @@
{- git repository recovery {- git repository recovery
import qualified Data.Set as S
- -
- Copyright 2013 Joey Hess <joey@kitenet.net> - Copyright 2013 Joey Hess <joey@kitenet.net>
- -
@ -335,8 +336,8 @@ verifyTree missing treesha r
{- Checks that the index file only refers to objects that are not missing, {- Checks that the index file only refers to objects that are not missing,
- and is not itself corrupt. Note that a missing index file is not - and is not itself corrupt. Note that a missing index file is not
- considered a problem (repo may be new). -} - considered a problem (repo may be new). -}
checkIndex :: MissingObjects -> Repo -> IO Bool checkIndex :: Repo -> IO Bool
checkIndex missing r = do checkIndex r = do
(bad, _good, cleanup) <- partitionIndex missing r (bad, _good, cleanup) <- partitionIndex missing r
if null bad if null bad
then cleanup then cleanup
@ -347,23 +348,22 @@ checkIndex missing r = do
missingIndex :: Repo -> IO Bool missingIndex :: Repo -> IO Bool
missingIndex r = not <$> doesFileExist (localGitDir r </> "index") missingIndex r = not <$> doesFileExist (localGitDir r </> "index")
partitionIndex :: MissingObjects -> Repo -> IO ([LsFiles.StagedDetails], [LsFiles.StagedDetails], IO Bool) {- Finds missing and ok files staged in the index. -}
partitionIndex missing r = do partitionIndex :: Repo -> IO ([LsFiles.StagedDetails], [LsFiles.StagedDetails], IO Bool)
partitionIndex r = do
(indexcontents, cleanup) <- LsFiles.stagedDetails [repoPath r] r (indexcontents, cleanup) <- LsFiles.stagedDetails [repoPath r] r
let (bad, good) = partition ismissing indexcontents l <- forM_ indexcontents $ \i -> case i of
return (bad, good, cleanup) (_file, Just sha, Just _mode) -> (,) <$> isMissing sha r <*> pure i
where _ _> pure (False, i)
getblob (_file, Just sha, Just _mode) = Just sha return (map snd bad, map snd good, cleanup)
getblob _ = Nothing
ismissing = maybe False (`S.member` missing) . getblob
{- Rewrites the index file, removing from it any files whose blobs are {- Rewrites the index file, removing from it any files whose blobs are
- missing. Returns the list of affected files. -} - missing. Returns the list of affected files. -}
rewriteIndex :: MissingObjects -> Repo -> IO [FilePath] rewriteIndex :: Repo -> IO [FilePath]
rewriteIndex missing r rewriteIndex r
| repoIsLocalBare r = return [] | repoIsLocalBare r = return []
| otherwise = do | otherwise = do
(bad, good, cleanup) <- partitionIndex missing r (bad, good, cleanup) <- partitionIndex r
unless (null bad) $ do unless (null bad) $ do
nukeFile (indexFile r) nukeFile (indexFile r)
UpdateIndex.streamUpdateIndex r UpdateIndex.streamUpdateIndex r
@ -425,7 +425,7 @@ preRepair g = do
validhead s = "ref: refs/" `isPrefixOf` s || isJust (extractSha s) validhead s = "ref: refs/" `isPrefixOf` s || isJust (extractSha s)
{- Put it all together. -} {- Put it all together. -}
runRepair :: Bool -> Repo -> IO (Bool, MissingObjects, [Branch]) runRepair :: Bool -> Repo -> IO (Bool, [Branch])
runRepair forced g = do runRepair forced g = do
preRepair g preRepair g
putStrLn "Running git fsck ..." putStrLn "Running git fsck ..."
@ -434,23 +434,23 @@ runRepair forced g = do
then runRepair' fsckresult forced Nothing g then runRepair' fsckresult forced Nothing g
else do else do
putStrLn "No problems found." putStrLn "No problems found."
return (True, S.empty, []) return (True, [])
runRepairOf :: FsckResults -> Bool -> Maybe FilePath -> Repo -> IO (Bool, MissingObjects, [Branch]) runRepairOf :: FsckResults -> Bool -> Maybe FilePath -> Repo -> IO (Bool, [Branch])
runRepairOf fsckresult forced referencerepo g = do runRepairOf fsckresult forced referencerepo g = do
preRepair g preRepair g
runRepair' fsckresult forced referencerepo g runRepair' fsckresult forced referencerepo g
runRepair' :: FsckResults -> Bool -> Maybe FilePath -> Repo -> IO (Bool, MissingObjects, [Branch]) runRepair' :: FsckResults -> Bool -> Maybe FilePath -> Repo -> IO (Bool, [Branch])
runRepair' fsckresult forced referencerepo g = do runRepair' fsckresult forced referencerepo g = do
missing <- cleanCorruptObjects fsckresult g missing <- cleanCorruptObjects fsckresult g
stillmissing <- retrieveMissingObjects missing referencerepo g stillmissing <- retrieveMissingObjects missing referencerepo g
case stillmissing of case stillmissing of
FsckFoundMissing s FsckFoundMissing s
| S.null s -> if repoIsLocalBare g | S.null s -> if repoIsLocalBare g
then successfulfinish S.empty [] then successfulfinish []
else ifM (checkIndex S.empty g) else ifM (checkIndex g)
( successfulfinish s [] ( successfulfinish []
, do , do
putStrLn "No missing objects found, but the index file is corrupt!" putStrLn "No missing objects found, but the index file is corrupt!"
if forced if forced
@ -458,7 +458,7 @@ runRepair' fsckresult forced referencerepo g = do
else needforce S.empty else needforce S.empty
) )
| otherwise -> if forced | otherwise -> if forced
then ifM (checkIndex s g) then ifM (checkIndex g)
( continuerepairs s ( continuerepairs s
, corruptedindex , corruptedindex
) )
@ -467,17 +467,18 @@ runRepair' fsckresult forced referencerepo g = do
[ show (S.size s) [ show (S.size s)
, "missing objects could not be recovered!" , "missing objects could not be recovered!"
] ]
unsuccessfulfinish s unsuccessfulfinish
FsckFailed FsckFailed
| forced -> ifM (pure (repoIsLocalBare g) <||> checkIndex S.empty g) | forced -> ifM (pure (repoIsLocalBare g) <||> checkIndex g)
( do ( do
missing' <- cleanCorruptObjects FsckFailed g missing' <- cleanCorruptObjects FsckFailed g
case missing' of case missing' of
FsckFailed -> return (False, S.empty, []) FsckFailed -> return (False, S.empty, [])
FsckFoundMissing stillmissing' -> continuerepairs stillmissing' FsckFoundMissing stillmissing' ->
continuerepairs stillmissing'
, corruptedindex , corruptedindex
) )
| otherwise -> unsuccessfulfinish S.empty | otherwise -> unsuccessfulfinish
where where
continuerepairs stillmissing = do continuerepairs stillmissing = do
(remotebranches, goodcommits) <- removeTrackingBranches stillmissing emptyGoodCommits g (remotebranches, goodcommits) <- removeTrackingBranches stillmissing emptyGoodCommits g
@ -492,12 +493,12 @@ runRepair' fsckresult forced referencerepo g = do
"Reset these local branches to old versions before the missing objects were committed:" "Reset these local branches to old versions before the missing objects were committed:"
displayList (map show deletedbranches) displayList (map show deletedbranches)
"Deleted these local branches, which could not be recovered due to missing objects:" "Deleted these local branches, which could not be recovered due to missing objects:"
deindexedfiles <- rewriteIndex stillmissing g deindexedfiles <- rewriteIndex g
displayList deindexedfiles displayList deindexedfiles
"Removed these missing files from the index. You should look at what files are present in your working tree and git add them back to the index when appropriate." "Removed these missing files from the index. You should look at what files are present in your working tree and git add them back to the index when appropriate."
let modifiedbranches = resetbranches ++ deletedbranches let modifiedbranches = resetbranches ++ deletedbranches
if null resetbranches && null deletedbranches if null resetbranches && null deletedbranches
then successfulfinish stillmissing modifiedbranches then successfulfinish modifiedbranches
else do else do
unless (repoIsLocalBare g) $ do unless (repoIsLocalBare g) $ do
mcurr <- Branch.currentUnsafe g mcurr <- Branch.currentUnsafe g
@ -511,7 +512,7 @@ runRepair' fsckresult forced referencerepo g = do
] ]
putStrLn "Successfully recovered repository!" putStrLn "Successfully recovered repository!"
putStrLn "Please carefully check that the changes mentioned above are ok.." putStrLn "Please carefully check that the changes mentioned above are ok.."
return (True, stillmissing, modifiedbranches) return (True, modifiedbranches)
corruptedindex = do corruptedindex = do
nukeFile (indexFile g) nukeFile (indexFile g)
@ -522,22 +523,22 @@ runRepair' fsckresult forced referencerepo g = do
putStrLn "Removed the corrupted index file. You should look at what files are present in your working tree and git add them back to the index when appropriate." putStrLn "Removed the corrupted index file. You should look at what files are present in your working tree and git add them back to the index when appropriate."
return result return result
successfulfinish stillmissing modifiedbranches = do successfulfinish modifiedbranches = do
mapM_ putStrLn mapM_ putStrLn
[ "Successfully recovered repository!" [ "Successfully recovered repository!"
, "You should run \"git fsck\" to make sure, but it looks like everything was recovered ok." , "You should run \"git fsck\" to make sure, but it looks like everything was recovered ok."
] ]
return (True, stillmissing, modifiedbranches) return (True, modifiedbranches)
unsuccessfulfinish stillmissing = do unsuccessfulfinish = do
if repoIsLocalBare g if repoIsLocalBare g
then do then do
putStrLn "If you have a clone of this bare repository, you should add it as a remote of this repository, and retry." putStrLn "If you have a clone of this bare repository, you should add it as a remote of this repository, and retry."
putStrLn "If there are no clones of this repository, you can instead retry with the --force parameter to force recovery to a possibly usable state." putStrLn "If there are no clones of this repository, you can instead retry with the --force parameter to force recovery to a possibly usable state."
return (False, stillmissing, []) return (False, [])
else needforce stillmissing else needforce stillmissing
needforce stillmissing = do needforce = do
putStrLn "To force a recovery to a usable state, retry with the --force parameter." putStrLn "To force a recovery to a usable state, retry with the --force parameter."
return (False, stillmissing, []) return (False, [])
successfulRepair :: (Bool, MissingObjects, [Branch]) -> Bool successfulRepair :: (Bool, MissingObjects, [Branch]) -> Bool
successfulRepair = fst3 successfulRepair = fst3

1
debian/changelog vendored
View file

@ -22,6 +22,7 @@ git-annex (5.20131131) UNRELEASED; urgency=low
* Windows: Support annex.diskreserve. * Windows: Support annex.diskreserve.
* Fix bad behavior in Firefox, which was caused by an earlier fix to * Fix bad behavior in Firefox, which was caused by an earlier fix to
bad behavior in Chromium. bad behavior in Chromium.
* Improve repair of git-annex index file.
-- Joey Hess <joeyh@debian.org> Sun, 01 Dec 2013 13:57:58 -0400 -- Joey Hess <joeyh@debian.org> Sun, 01 Dec 2013 13:57:58 -0400