diff: skip GITLINK when lazy fetching missing objs

Commit Message

Jonathan Tan Aug. 20, 2019, 8:53 p.m. UTC

In 7fbbcb21b1 ("diff: batch fetching of missing blobs", 2019-04-08),

Comments

Junio C Hamano Aug. 20, 2019, 9:18 p.m. UTC | #1

Jonathan Tan <jonathantanmy@google.com> writes:

> In 7fbbcb21b1 ("diff: batch fetching of missing blobs", 2019-04-08),
> diff was taught to batch the fetching of missing objects when operating
> on a partial clone, but was not taught to refrain from fetching
> GITLINKs. Teach diff to check if an object is a GITLINK before including
> it in the set to be fetched.

OK, so in a lazy repository, running "git diff" (or "git log") could
have resulted in "git fetch" of a history of a submodule, which may
likely have failed?

> (As stated in the commit message of that commit, unpack-trees was also
> taught a similar thing prior, but unpack-trees correctly checks for
> GITLINK before including objects in the set to be fetched.)
> ---

Sign-off?

> One of my colleagues noticed this when switching branches in a
> superproject with a dirty working tree (hence triggering the diff
> mechanism). The test I included in this commit tests a simpler use case,
> but I've verified that this solves my colleague's case too.
> ---
>  diff.c                        |  1 +
>  t/t4067-diff-partial-clone.sh | 31 +++++++++++++++++++++++++++++++
>  2 files changed, 32 insertions(+)
>
> diff --git a/diff.c b/diff.c
> index efe42b341a..e28b463f57 100644
> --- a/diff.c
> +++ b/diff.c
> @@ -6512,6 +6512,7 @@ static void add_if_missing(struct repository *r,
>  			   const struct diff_filespec *filespec)
>  {
>  	if (filespec && filespec->oid_valid &&
> +	    !S_ISGITLINK(filespec->mode) &&
>  	    oid_object_info_extended(r, &filespec->oid, NULL,
>  				     OBJECT_INFO_FOR_PREFETCH))
>  		oid_array_append(to_fetch, &filespec->oid);

Makes sense.

Thanks.

Jonathan Tan Aug. 20, 2019, 9:39 p.m. UTC | #2

> Jonathan Tan <jonathantanmy@google.com> writes:
> 
> > In 7fbbcb21b1 ("diff: batch fetching of missing blobs", 2019-04-08),
> > diff was taught to batch the fetching of missing objects when operating
> > on a partial clone, but was not taught to refrain from fetching
> > GITLINKs. Teach diff to check if an object is a GITLINK before including
> > it in the set to be fetched.
> 
> OK, so in a lazy repository, running "git diff" (or "git log") could
> have resulted in "git fetch" of a history of a submodule, which may
> likely have failed?

Yes - it would attempt to fetch the submodule commit (as stated in the
GITLINK) from the superproject, which is very unlikely to succeed. (And
succeeding would allow the operation to continue, but will cause the
superproject to have unrelated objects in its object store, which is not
what we want anyway.)

> Sign-off?

Oops...here you go.

Signed-off-by: Jonathan Tan <jonathantanmy@google.com>

> Makes sense.
> 
> Thanks.

Thanks for looking at this.

Jeff King Aug. 22, 2019, 4:15 a.m. UTC | #3

On Tue, Aug 20, 2019 at 02:39:24PM -0700, Jonathan Tan wrote:

> > Jonathan Tan <jonathantanmy@google.com> writes:
> > 
> > > In 7fbbcb21b1 ("diff: batch fetching of missing blobs", 2019-04-08),
> > > diff was taught to batch the fetching of missing objects when operating
> > > on a partial clone, but was not taught to refrain from fetching
> > > GITLINKs. Teach diff to check if an object is a GITLINK before including
> > > it in the set to be fetched.
> > 
> > OK, so in a lazy repository, running "git diff" (or "git log") could
> > have resulted in "git fetch" of a history of a submodule, which may
> > likely have failed?
> 
> Yes - it would attempt to fetch the submodule commit (as stated in the
> GITLINK) from the superproject, which is very unlikely to succeed. (And
> succeeding would allow the operation to continue, but will cause the
> superproject to have unrelated objects in its object store, which is not
> what we want anyway.)

I wondered what would happen when it does not succeed. It looks like the
whole diff process just dies.

The batch fetch is purely an optimization, because we'd eventually fetch
the individual objects on demand. If the batch one fails, should we
continue with the operation? That leaves any error-handling for the
overall operation to the "real" code. And it would also mean that this
bug became an annoying error message,

But certainly your fix is the right thing to do regardless.

Tangential to your fix, but I also noticed while poking at this that
we're pretty aggressive about fetching objects, even if they won't be
needed. I know we touched on this briefly when discussing the original
patch, and the logic can get pretty complicated, so we punted. But there
are a few cases that I think might have a good cost/benefit ratio:

  1. a --raw diff without renames doesn't need the blobs (and even with
     renames, it only needs added/deleted entries). I imagine that being
     able to "git log --raw" on a full history without pulling in a
     bunch of blobs might be worthwhile (and a fairly common operation).

  2. Files that exceed bigFileThreshold or are marked as binary via
     gitattributes will generally be skipped during the file-level diff,
     without even loading them. These are the minority of files, but
     they also have an outsized cost to fetching them (and in fact may
     be the very thing people are trying to avoid with a blob filter).

Again, not anything to hold up your patch, but just cataloging some
future work for this area.

-Peff

Jonathan Tan Aug. 22, 2019, 4:25 p.m. UTC | #4

> I wondered what would happen when it does not succeed. It looks like the
> whole diff process just dies.
> 
> The batch fetch is purely an optimization, because we'd eventually fetch
> the individual objects on demand. If the batch one fails, should we
> continue with the operation? That leaves any error-handling for the
> overall operation to the "real" code. And it would also mean that this
> bug became an annoying error message,

On the one hand, if the batch fetch fails, then the individual
prefetching would likely fail as well. But on the other hand, as you
said below, we sometimes extraneously fetch objects, so making the batch
fetch non-fatal might be a good idea too.

> But certainly your fix is the right thing to do regardless.
> 
> Tangential to your fix, but I also noticed while poking at this that
> we're pretty aggressive about fetching objects, even if they won't be
> needed. I know we touched on this briefly when discussing the original
> patch, and the logic can get pretty complicated, so we punted. But there
> are a few cases that I think might have a good cost/benefit ratio:
> 
>   1. a --raw diff without renames doesn't need the blobs (and even with
>      renames, it only needs added/deleted entries). I imagine that being
>      able to "git log --raw" on a full history without pulling in a
>      bunch of blobs might be worthwhile (and a fairly common operation).
> 
>   2. Files that exceed bigFileThreshold or are marked as binary via
>      gitattributes will generally be skipped during the file-level diff,
>      without even loading them. These are the minority of files, but
>      they also have an outsized cost to fetching them (and in fact may
>      be the very thing people are trying to avoid with a blob filter).
> 
> Again, not anything to hold up your patch, but just cataloging some
> future work for this area.

Good points. Thanks.

Jeff King Aug. 22, 2019, 5:10 p.m. UTC | #5

On Thu, Aug 22, 2019 at 09:25:34AM -0700, Jonathan Tan wrote:

> > The batch fetch is purely an optimization, because we'd eventually fetch
> > the individual objects on demand. If the batch one fails, should we
> > continue with the operation? That leaves any error-handling for the
> > overall operation to the "real" code. And it would also mean that this
> > bug became an annoying error message,
> 
> On the one hand, if the batch fetch fails, then the individual
> prefetching would likely fail as well. But on the other hand, as you
> said below, we sometimes extraneously fetch objects, so making the batch
> fetch non-fatal might be a good idea too.

Yeah, I'd expect it to fail again on the individual fetch[1]. But then
we are leaving that code to handle the error as it sees fit, which might
not be to die(). Though TBH, the diff code is pretty eager to die() on
missing objects anyway.

Of course the die() we see in this case is not really in your new code
at all, but somewhere deep in the fetch stack. So there's probably a
fair bit of work in making a failed fetch a recoverable error in the
first place.

[1] You'd incur two attempts to fetch, which are expensive, but if
    we care about that it would be easy enough to keep an in-memory list
    of "I tried to fetch this once already and could not", and just
    quickly return failure on the second attempt.

-Peff

Patch

diff was taught to batch the fetching of missing objects when operating
on a partial clone, but was not taught to refrain from fetching
GITLINKs. Teach diff to check if an object is a GITLINK before including
it in the set to be fetched.

(As stated in the commit message of that commit, unpack-trees was also
taught a similar thing prior, but unpack-trees correctly checks for
GITLINK before including objects in the set to be fetched.)
---
One of my colleagues noticed this when switching branches in a
superproject with a dirty working tree (hence triggering the diff
mechanism). The test I included in this commit tests a simpler use case,
but I've verified that this solves my colleague's case too.
---
 diff.c                        |  1 +
 t/t4067-diff-partial-clone.sh | 31 +++++++++++++++++++++++++++++++
 2 files changed, 32 insertions(+)

diff --git a/diff.c b/diff.c
index efe42b341a..e28b463f57 100644
--- a/diff.c
+++ b/diff.c
@@ -6512,6 +6512,7 @@  static void add_if_missing(struct repository *r,
 			   const struct diff_filespec *filespec)
 {
 	if (filespec && filespec->oid_valid &&
+	    !S_ISGITLINK(filespec->mode) &&
 	    oid_object_info_extended(r, &filespec->oid, NULL,
 				     OBJECT_INFO_FOR_PREFETCH))
 		oid_array_append(to_fetch, &filespec->oid);
diff --git a/t/t4067-diff-partial-clone.sh b/t/t4067-diff-partial-clone.sh
index 90c8fb2901..4831ad35e6 100755
--- a/t/t4067-diff-partial-clone.sh
+++ b/t/t4067-diff-partial-clone.sh
@@ -75,6 +75,37 @@  test_expect_success 'diff skips same-OID blobs' '
 	! grep "want $(cat hash-b)" trace
 '
 
+test_expect_success 'when fetching missing objects, diff skips GITLINKs' '
+	test_when_finished "rm -rf sub server client trace" &&
+
+	test_create_repo sub &&
+	test_commit -C sub first &&
+
+	test_create_repo server &&
+	echo a >server/a &&
+	git -C server add a &&
+	git -C server submodule add "file://$(pwd)/sub" &&
+	git -C server commit -m x &&
+
+	test_commit -C server/sub second &&
+	echo another-a >server/a &&
+	git -C server add a sub &&
+	git -C server commit -m x &&
+
+	test_config -C server uploadpack.allowfilter 1 &&
+	test_config -C server uploadpack.allowanysha1inwant 1 &&
+	git clone --bare --filter=blob:limit=0 "file://$(pwd)/server" client &&
+
+	echo a | git hash-object --stdin >hash-old-a &&
+	echo another-a | git hash-object --stdin >hash-new-a &&
+
+	# Ensure that a and another-a are fetched, and check (by successful
+	# execution of the diff) that no invalid OIDs are sent.
+	GIT_TRACE_PACKET="$(pwd)/trace" git -C client diff HEAD^ HEAD &&
+	grep "want $(cat hash-old-a)" trace &&
+	grep "want $(cat hash-new-a)" trace
+'
+
 test_expect_success 'diff with rename detection batches blobs' '
 	test_when_finished "rm -rf server client trace" &&