From patchwork Fri Jun  3 18:37:38 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
X-Patchwork-Submitter: =?utf-8?b?w4Z2YXIgQXJuZmrDtnLDsCBCamFybWFzb24=?=
 <avarab@gmail.com>
X-Patchwork-Id: 12869315
Return-Path: <git-owner@kernel.org>
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on
	aws-us-west-2-korg-lkml-1.web.codeaurora.org
Received: from vger.kernel.org (vger.kernel.org [23.128.96.18])
	by smtp.lore.kernel.org (Postfix) with ESMTP id B4C37C43334
	for <git@archiver.kernel.org>; Fri,  3 Jun 2022 18:39:19 +0000 (UTC)
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S243941AbiFCSjS (ORCPT <rfc822;git@archiver.kernel.org>);
        Fri, 3 Jun 2022 14:39:18 -0400
Received: from lindbergh.monkeyblade.net ([23.128.96.19]:40562 "EHLO
        lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S1345588AbiFCSjA (ORCPT <rfc822;git@vger.kernel.org>);
        Fri, 3 Jun 2022 14:39:00 -0400
Received: from mail-wr1-x42b.google.com (mail-wr1-x42b.google.com
 [IPv6:2a00:1450:4864:20::42b])
        by lindbergh.monkeyblade.net (Postfix) with ESMTPS id A85B813EAA
        for <git@vger.kernel.org>; Fri,  3 Jun 2022 11:38:03 -0700 (PDT)
Received: by mail-wr1-x42b.google.com with SMTP id h5so11495907wrb.0
        for <git@vger.kernel.org>; Fri, 03 Jun 2022 11:38:03 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=gmail.com; s=20210112;
        h=from:to:cc:subject:date:message-id:in-reply-to:references
         :mime-version:content-transfer-encoding;
        bh=a09JlpZT0ogRdnez4hhbLajAYxgnZVENMSQ3BEgDdRQ=;
        b=W7MMOfhQrI9BrhJr8d9/7ATVOrubU6snYcFdzcV3fs3F/V0+PJ3txN0YvSGNxRHrBU
         +aXPA0iEN/9zVO/PqL0/DNZ/7bmyQkPJgE85FSf6MbsFEvLbgq3EyVF8ol8GxjUMVpGb
         qKHj6pFvmCA9FwY2FB0Kcbpy0QWGnXcMKrWnSLmhJ5Du2cbxn6Ul5Ar9xP2/eRGzCEtG
         wo+wJYXbms5dk6EwLP9jrAoYY2PMnKPgVwkGIMgVqSmG8WlcIJB7t3bnibjXsROOltWN
         vCqfKSD0PWBpjbPz4orttto5xHJwUOoMA92kJzHqauy+LFj9oM5gbLzT+EjCAb1Fy0GV
         6KjA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20210112;
        h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to
         :references:mime-version:content-transfer-encoding;
        bh=a09JlpZT0ogRdnez4hhbLajAYxgnZVENMSQ3BEgDdRQ=;
        b=DlxNpVI2akingtMIMkOfCpPrMW0kEGZ9l0l2sI6ZDBgXtVHe8tHXhYSg3pQRPn21VO
         7R2IFlPvPA5nLOE2m0LiQYWpIaBZXnhixIl+apkcQPtX/HjsJxHirRkKQtCRsP0Qcvnt
         Hk7tm6XWGkai3FIRId1qJ6uUQaF4+GSWAadjAzba4s3mZGQqppbjB08tj+kwbqICziSE
         XJdz2MGj0OcmoSI3UeUgvIxkpHgcuoxRMf3z5DSdWVXYLPUzBZKLYpPal9ZOLeLx1Pgh
         Wf0Kitka21AeRK1PP+1rtXVrHNCFc2VfcJNFJBKAWAh5RX+OqkZGvPxRACx4GlEMjT3g
         V0Hw==
X-Gm-Message-State: AOAM532PdWr8XnjVWxPpO35Wt7llsCyi/5VPHoILLrK1UsVI3RVnKan0
        64ff7IReYLUjO7cERUiHBTuhzWCmwNDp0w==
X-Google-Smtp-Source: 
 ABdhPJwSNy6n2ZvbJvK3yzVcyIIhHDVEB2Yx/w+3ywkID3nwzAIi/JhFh/e6wFA+G7tpeLsAE5jhKA==
X-Received: by 2002:adf:e6d0:0:b0:20f:ca28:2849 with SMTP id
 y16-20020adfe6d0000000b0020fca282849mr9639994wrm.381.1654281481447;
        Fri, 03 Jun 2022 11:38:01 -0700 (PDT)
Received: from vm.nix.is (vm.nix.is. [2a01:4f8:120:2468::2])
        by smtp.gmail.com with ESMTPSA id
 y5-20020adff6c5000000b0020c5253d926sm8232636wrp.114.2022.06.03.11.38.00
        (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
        Fri, 03 Jun 2022 11:38:00 -0700 (PDT)
From: =?utf-8?b?w4Z2YXIgQXJuZmrDtnLDsCBCamFybWFzb24=?=  <avarab@gmail.com>
To: git@vger.kernel.org
Cc: Junio C Hamano <gitster@pobox.com>,
 =?utf-8?q?Ren=C3=A9_Scharfe?= <l.s.r@web.de>,
 Jinoh Kang <luke1337@theori.io>, Phillip Wood <phillip.wood@talktalk.net>,
 Glen Choo <chooglen@google.com>, Paul Tan <pyokagan@gmail.com>,
 Han-Wen Nienhuys <hanwen@google.com>, Karthik Nayak <karthik.188@gmail.com>,
 Jeff Smith <whydoubt@gmail.com>, Taylor Blau <me@ttaylorr.com>,
	=?utf-8?b?w4Z2YXIgQXJuZmrDtnLDsCBCamFybWFzb24=?=  <avarab@gmail.com>
Subject: [RFC PATCH 01/15] remote.c: don't dereference NULL in freeing loop
Date: Fri,  3 Jun 2022 20:37:38 +0200
Message-Id: <RFC-patch-01.15-b3a678d934a-20220603T183608Z-avarab@gmail.com>
X-Mailer: git-send-email 2.36.1.1124.g577fa9c2ebd
In-Reply-To: <RFC-cover-00.15-00000000000-20220603T183608Z-avarab@gmail.com>
References: <RFC-cover-00.15-00000000000-20220603T183608Z-avarab@gmail.com>
MIME-Version: 1.0
Precedence: bulk
List-ID: <git.vger.kernel.org>
X-Mailing-List: git@vger.kernel.org

Fix a bug in fd3cb0501e1 (remote: move static variables into
per-repository struct, 2021-11-17) where we'd free(remote->pushurl[i])
after having NULL'd out remote->pushurl. itself.

While we're at it let's get rid of the redundant braces per the
CodingGuidelines, which also serves to show in the diff context that
we were doing a FREE_AND_NULL(remote->pushurl) afterwards too, let's
keep that one.

Signed-off-by: Ævar Arnfjörð Bjarmason <avarab@gmail.com>
---
 remote.c | 8 ++------
 1 file changed, 2 insertions(+), 6 deletions(-)

diff --git a/remote.c b/remote.c
index 930fdc9c2f6..61240562df1 100644
--- a/remote.c
+++ b/remote.c
@@ -144,14 +144,10 @@ static void remote_clear(struct remote *remote)
 	free((char *)remote->name);
 	free((char *)remote->foreign_vcs);
 
-	for (i = 0; i < remote->url_nr; i++) {
+	for (i = 0; i < remote->url_nr; i++)
 		free((char *)remote->url[i]);
-	}
-	FREE_AND_NULL(remote->pushurl);
-
-	for (i = 0; i < remote->pushurl_nr; i++) {
+	for (i = 0; i < remote->pushurl_nr; i++)
 		free((char *)remote->pushurl[i]);
-	}
 	FREE_AND_NULL(remote->pushurl);
 	free((char *)remote->receivepack);
 	free((char *)remote->uploadpack);

From patchwork Fri Jun  3 18:37:39 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
X-Patchwork-Submitter: =?utf-8?b?w4Z2YXIgQXJuZmrDtnLDsCBCamFybWFzb24=?=
 <avarab@gmail.com>
X-Patchwork-Id: 12869316
Return-Path: <git-owner@kernel.org>
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on
	aws-us-west-2-korg-lkml-1.web.codeaurora.org
Received: from vger.kernel.org (vger.kernel.org [23.128.96.18])
	by smtp.lore.kernel.org (Postfix) with ESMTP id 78169C43334
	for <git@archiver.kernel.org>; Fri,  3 Jun 2022 18:39:22 +0000 (UTC)
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1345709AbiFCSjU (ORCPT <rfc822;git@archiver.kernel.org>);
        Fri, 3 Jun 2022 14:39:20 -0400
Received: from lindbergh.monkeyblade.net ([23.128.96.19]:39486 "EHLO
        lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S1347499AbiFCSjA (ORCPT <rfc822;git@vger.kernel.org>);
        Fri, 3 Jun 2022 14:39:00 -0400
Received: from mail-wr1-x432.google.com (mail-wr1-x432.google.com
 [IPv6:2a00:1450:4864:20::432])
        by lindbergh.monkeyblade.net (Postfix) with ESMTPS id A8AC713EB4
        for <git@vger.kernel.org>; Fri,  3 Jun 2022 11:38:04 -0700 (PDT)
Received: by mail-wr1-x432.google.com with SMTP id m26so18303wrb.4
        for <git@vger.kernel.org>; Fri, 03 Jun 2022 11:38:04 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=gmail.com; s=20210112;
        h=from:to:cc:subject:date:message-id:in-reply-to:references
         :mime-version:content-transfer-encoding;
        bh=/Mhctn5kYJQ082mzR0HtUxB+5kUYU8ydqKsBXQzJ6nE=;
        b=Mh3w9f5Oo7X2s3qps27IfBhcgUH178azn2/SHpqcoNhZtLscv/XcQ4Mqu5IN6by5KC
         HZZIn9N0Ru8CoWX6bZtEp9xpyp092ewO73A5GFqvF7nqSvpkVtr33n+SCF9R6qr5hYSo
         ghU8PiEAyaflG6meBYRqe/gElwvy2bxD5Jt9evGdf+OYjJ2w+vDAGJWd0Qu3ODdE3RKv
         zIvIHewUXy6CLkTbdbaN40E6nO5luhEE/cM5aJPgd8vAT/NC8YI37IaWS3yWGWKdf6EL
         ptSPEZmgCobxT+snbVTmPh26d4C7ArIDhNeAL0oQKpyGjqBiWLPqQwsv2LIA1eGzVSeJ
         Jgjg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20210112;
        h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to
         :references:mime-version:content-transfer-encoding;
        bh=/Mhctn5kYJQ082mzR0HtUxB+5kUYU8ydqKsBXQzJ6nE=;
        b=MRezADBKe38R+YJjM05V1j+/XLx/ISEoHxC1TbgvFGCg/XoYv9WttcCdMMCsRRRtuX
         qBhwCzHwOyscfwpVcZLYKXYHUy2ht5yH91efLiwmp3XlutwVVwm+n1elkvNaAqOwOkBn
         8EYC0J4hzXeqN0llVCiLMO0A+7qDkGN0GgQA9LH5N/Boo/xEiEU/3+XQMLoJ0cPABclA
         b6/kt2EH+cwilJct8AmblvtddMD8DVZZmmXcdsM/jPy96S9Yk7wWoggGqiKtoIrsxWlB
         R8Wc6h52S1hELFmXkyhZS5Y5Z2qhduOegxVdJODYyCO2MWo8Wmn/JvBsUckklhy4zi+3
         8fTg==
X-Gm-Message-State: AOAM532YR5skPYVrPSDV8fxsLRrKUngXdrtIqwQ+cl/tPhX16/Qxj8u0
        lHo98/izQ4UDMaxaxFW+dteOVBU4Nyaj4Q==
X-Google-Smtp-Source: 
 ABdhPJxWW7BRM5KIxYf/i6TvH8BA4xpw3YQQocjasHKZ7Q2yFkB+Iwk3+GA6OZJ5XLSTiZXyhjRRJQ==
X-Received: by 2002:adf:dc92:0:b0:20f:e1a9:9d92 with SMTP id
 r18-20020adfdc92000000b0020fe1a99d92mr9289691wrj.199.1654281482351;
        Fri, 03 Jun 2022 11:38:02 -0700 (PDT)
Received: from vm.nix.is (vm.nix.is. [2a01:4f8:120:2468::2])
        by smtp.gmail.com with ESMTPSA id
 y5-20020adff6c5000000b0020c5253d926sm8232636wrp.114.2022.06.03.11.38.01
        (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
        Fri, 03 Jun 2022 11:38:01 -0700 (PDT)
From: =?utf-8?b?w4Z2YXIgQXJuZmrDtnLDsCBCamFybWFzb24=?=  <avarab@gmail.com>
To: git@vger.kernel.org
Cc: Junio C Hamano <gitster@pobox.com>,
 =?utf-8?q?Ren=C3=A9_Scharfe?= <l.s.r@web.de>,
 Jinoh Kang <luke1337@theori.io>, Phillip Wood <phillip.wood@talktalk.net>,
 Glen Choo <chooglen@google.com>, Paul Tan <pyokagan@gmail.com>,
 Han-Wen Nienhuys <hanwen@google.com>, Karthik Nayak <karthik.188@gmail.com>,
 Jeff Smith <whydoubt@gmail.com>, Taylor Blau <me@ttaylorr.com>,
	=?utf-8?b?w4Z2YXIgQXJuZmrDtnLDsCBCamFybWFzb24=?=  <avarab@gmail.com>
Subject: [RFC PATCH 02/15] pull.c: don't feed NULL to strcmp() on
 get_rebase_fork_point() path
Date: Fri,  3 Jun 2022 20:37:39 +0200
Message-Id: <RFC-patch-02.15-4a055969ea5-20220603T183608Z-avarab@gmail.com>
X-Mailer: git-send-email 2.36.1.1124.g577fa9c2ebd
In-Reply-To: <RFC-cover-00.15-00000000000-20220603T183608Z-avarab@gmail.com>
References: <RFC-cover-00.15-00000000000-20220603T183608Z-avarab@gmail.com>
MIME-Version: 1.0
Precedence: bulk
List-ID: <git.vger.kernel.org>
X-Mailing-List: git@vger.kernel.org

Fix an issue with feeding NULL to strcmp() noted by GCC's -fanalyzer,
this fixes a bug in 1678b81ecce (pull: teach git pull about --rebase,
2015-06-18).

In cmd_pull() we could go through the function without initializing
the "repo" argument (the -fanalyzer output shows how exactly), we'd
then call get_rebase_fork_point (), which would in turn call
get_tracking_branch() with that "NULL" repo argument.

Let's avoid this potential issue by returning NULL in this case, which
will have get_rebase_fork_point() return -1 in turn.

Signed-off-by: Ævar Arnfjörð Bjarmason <avarab@gmail.com>
---
 builtin/pull.c | 14 ++++++++------
 1 file changed, 8 insertions(+), 6 deletions(-)

diff --git a/builtin/pull.c b/builtin/pull.c
index 01155ba67b2..ed8df004028 100644
--- a/builtin/pull.c
+++ b/builtin/pull.c
@@ -756,14 +756,16 @@ static const char *get_tracking_branch(const char *remote, const char *refspec)
 		starts_with(spec_src, "remotes/"))
 		spec_src = "";
 
-	if (*spec_src) {
-		if (!strcmp(remote, "."))
-			merge_branch = mkpath("refs/heads/%s", spec_src);
-		else
-			merge_branch = mkpath("refs/remotes/%s/%s", remote, spec_src);
-	} else
+	if ((*spec_src && !remote) || !*spec_src) {
 		merge_branch = NULL;
+		goto cleanup;
+	}
 
+	if (!strcmp(remote, "."))
+		merge_branch = mkpath("refs/heads/%s", spec_src);
+	else
+		merge_branch = mkpath("refs/remotes/%s/%s", remote, spec_src);
+cleanup:
 	refspec_item_clear(&spec);
 	return merge_branch;
 }

From patchwork Fri Jun  3 18:37:40 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
X-Patchwork-Submitter: =?utf-8?b?w4Z2YXIgQXJuZmrDtnLDsCBCamFybWFzb24=?=
 <avarab@gmail.com>
X-Patchwork-Id: 12869317
Return-Path: <git-owner@kernel.org>
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on
	aws-us-west-2-korg-lkml-1.web.codeaurora.org
Received: from vger.kernel.org (vger.kernel.org [23.128.96.18])
	by smtp.lore.kernel.org (Postfix) with ESMTP id DEA73C433EF
	for <git@archiver.kernel.org>; Fri,  3 Jun 2022 18:39:25 +0000 (UTC)
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1347372AbiFCSjY (ORCPT <rfc822;git@archiver.kernel.org>);
        Fri, 3 Jun 2022 14:39:24 -0400
Received: from lindbergh.monkeyblade.net ([23.128.96.19]:37778 "EHLO
        lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S1347502AbiFCSjA (ORCPT <rfc822;git@vger.kernel.org>);
        Fri, 3 Jun 2022 14:39:00 -0400
Received: from mail-wm1-x32b.google.com (mail-wm1-x32b.google.com
 [IPv6:2a00:1450:4864:20::32b])
        by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 10A8613EBB
        for <git@vger.kernel.org>; Fri,  3 Jun 2022 11:38:04 -0700 (PDT)
Received: by mail-wm1-x32b.google.com with SMTP id
 67-20020a1c1946000000b00397382b44f4so4762875wmz.2
        for <git@vger.kernel.org>; Fri, 03 Jun 2022 11:38:04 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=gmail.com; s=20210112;
        h=from:to:cc:subject:date:message-id:in-reply-to:references
         :mime-version:content-transfer-encoding;
        bh=5kQaq8aoN2KquAKRvLv3TfTAXf6cBsSa7ll9ndy6N+s=;
        b=ROxqI+OTEy2I2wWIJqlp6aPb0axwzduAq6T+XguyPsKSA1+XPopjEJx13Q0YXdfTP5
         6sov9sQ4m43/hllpcVZ4krR0R5xHNJeqC1BOSxNSF57GzKWaP9LiuBGsbNeNVNEU681U
         Uk/YrQkw71lU9+MoiQlLc8fdMZK/uHhyg0izAj3ekZ1vHY8JzQRxgmBfFpowKj+WWU1J
         pmjJ6+Wa5fDxxYQHcotvlcb9yYUGXhcF9zHvoxAhSxA6zNj+B3lV5yBdBOhn81W+M8/x
         aXl5RhFHBIeguDcBhfn1203mCXjp/Hcq/Y6isx45Uq8Pcm2heRXSp9+G3funaSaTW4X3
         RHBg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20210112;
        h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to
         :references:mime-version:content-transfer-encoding;
        bh=5kQaq8aoN2KquAKRvLv3TfTAXf6cBsSa7ll9ndy6N+s=;
        b=VT736gFWRY33YCKDRKucL/P/cd9iBW/wvBu64mJYTpphWiZDjSRCQLpZuwi5CuHLCl
         gmgkBXyErvd/E1cNaBHE0N2pElHseBlSLwnQyzRjf3/MutcJP558NQ49fXcYCXDL9Hz2
         ThW7sl3YI+dP/jVI5UB6kNX+TRSW1WSegwgJqZB9KrYBCW7LQB6VKpk9n0A0JvIeSouo
         9KYMui6UyJhUEnq0dVLayy9UGEQMyfXYvAF6sPq5gNBB35Fgvj7i6/bRY6VjanAKlEsH
         Abm4gQhtoPFhipHYZCD8g/gch4OpOQKeps2aeVV/iYEqvIonI7eFUvBNT6zXZb/jJl4n
         eISw==
X-Gm-Message-State: AOAM531eefxKQGyzeHkgNr9Ri3kPurVBj+K/Lypx2DIRDWf9F8Lpm6ql
        vneIfbiSCkNdBelpc3jWxyu8rADy7uTwRA==
X-Google-Smtp-Source: 
 ABdhPJxu+UL17f9N8JOHHh43rjnBNrcKk+muw5CPrcNtXW+xpbMRw88zrqU0Jikbmn2MR8qODR1rcw==
X-Received: by 2002:a05:600c:3b9a:b0:397:60e7:2774 with SMTP id
 n26-20020a05600c3b9a00b0039760e72774mr9918500wms.120.1654281483240;
        Fri, 03 Jun 2022 11:38:03 -0700 (PDT)
Received: from vm.nix.is (vm.nix.is. [2a01:4f8:120:2468::2])
        by smtp.gmail.com with ESMTPSA id
 y5-20020adff6c5000000b0020c5253d926sm8232636wrp.114.2022.06.03.11.38.02
        (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
        Fri, 03 Jun 2022 11:38:02 -0700 (PDT)
From: =?utf-8?b?w4Z2YXIgQXJuZmrDtnLDsCBCamFybWFzb24=?=  <avarab@gmail.com>
To: git@vger.kernel.org
Cc: Junio C Hamano <gitster@pobox.com>,
 =?utf-8?q?Ren=C3=A9_Scharfe?= <l.s.r@web.de>,
 Jinoh Kang <luke1337@theori.io>, Phillip Wood <phillip.wood@talktalk.net>,
 Glen Choo <chooglen@google.com>, Paul Tan <pyokagan@gmail.com>,
 Han-Wen Nienhuys <hanwen@google.com>, Karthik Nayak <karthik.188@gmail.com>,
 Jeff Smith <whydoubt@gmail.com>, Taylor Blau <me@ttaylorr.com>,
	=?utf-8?b?w4Z2YXIgQXJuZmrDtnLDsCBCamFybWFzb24=?=  <avarab@gmail.com>
Subject: [RFC PATCH 03/15] reftable: don't memset() a NULL from failed
 malloc()
Date: Fri,  3 Jun 2022 20:37:40 +0200
Message-Id: <RFC-patch-03.15-0b570d112fc-20220603T183608Z-avarab@gmail.com>
X-Mailer: git-send-email 2.36.1.1124.g577fa9c2ebd
In-Reply-To: <RFC-cover-00.15-00000000000-20220603T183608Z-avarab@gmail.com>
References: <RFC-cover-00.15-00000000000-20220603T183608Z-avarab@gmail.com>
MIME-Version: 1.0
Precedence: bulk
List-ID: <git.vger.kernel.org>
X-Mailing-List: git@vger.kernel.org

Return NULL instead of possibly feeding a NULL to memset() in
reftable_calloc(). This issue was noted by GCC 12's -fanalyzer:

	reftable/publicbasics.c: In function ‘reftable_calloc’:
	reftable/publicbasics.c:43:9: error: use of possibly-NULL ‘p’ where non-null expected [CWE-690] [-Werror=analyzer-possible-null-argument]
	   43 |         memset(p, 0, sz);
	      |         ^~~~~~~~~~~~~~~~
	[...]

This bug has been with us ever since this code was added in
ef8a6c62687 (reftable: utility functions, 2021-10-07).

Signed-off-by: Ævar Arnfjörð Bjarmason <avarab@gmail.com>
Signed-off-by: René Scharfe <l.s.r@web.de>
---
 reftable/publicbasics.c | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/reftable/publicbasics.c b/reftable/publicbasics.c
index 0ad7d5c0ff2..a18167f5ab7 100644
--- a/reftable/publicbasics.c
+++ b/reftable/publicbasics.c
@@ -40,6 +40,8 @@ void reftable_free(void *p)
 void *reftable_calloc(size_t sz)
 {
 	void *p = reftable_malloc(sz);
+	if (!p)
+		return NULL;
 	memset(p, 0, sz);
 	return p;
 }

From patchwork Fri Jun  3 18:37:41 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
X-Patchwork-Submitter: =?utf-8?b?w4Z2YXIgQXJuZmrDtnLDsCBCamFybWFzb24=?=
 <avarab@gmail.com>
X-Patchwork-Id: 12869318
Return-Path: <git-owner@kernel.org>
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on
	aws-us-west-2-korg-lkml-1.web.codeaurora.org
Received: from vger.kernel.org (vger.kernel.org [23.128.96.18])
	by smtp.lore.kernel.org (Postfix) with ESMTP id 537B4C43334
	for <git@archiver.kernel.org>; Fri,  3 Jun 2022 18:39:27 +0000 (UTC)
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1347426AbiFCSj0 (ORCPT <rfc822;git@archiver.kernel.org>);
        Fri, 3 Jun 2022 14:39:26 -0400
Received: from lindbergh.monkeyblade.net ([23.128.96.19]:41018 "EHLO
        lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S237867AbiFCSjB (ORCPT <rfc822;git@vger.kernel.org>);
        Fri, 3 Jun 2022 14:39:01 -0400
Received: from mail-wm1-x329.google.com (mail-wm1-x329.google.com
 [IPv6:2a00:1450:4864:20::329])
        by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 2421513CF7
        for <git@vger.kernel.org>; Fri,  3 Jun 2022 11:38:06 -0700 (PDT)
Received: by mail-wm1-x329.google.com with SMTP id
 f23-20020a7bcc17000000b003972dda143eso6785343wmh.3
        for <git@vger.kernel.org>; Fri, 03 Jun 2022 11:38:05 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=gmail.com; s=20210112;
        h=from:to:cc:subject:date:message-id:in-reply-to:references
         :mime-version:content-transfer-encoding;
        bh=cOjzncUXNGtW9lgx42kgxYpyu4kURDQz/nl+++pJmq4=;
        b=J/Sj5e6KJC/5eqT+H0ZTnvMPUEzXr/Xvy1Bj0OAAX9McUE9ig+FsnR2c3elL+T0kDL
         kZWpy94YyIOzriE3AQVygm0izzQXCF8HNVG4hcWHokaC6M8GUvQoXHeaet1ccFTWx+Ng
         U4nc9O098pO4WwZU8d6auWNTknByc8wwJK1DIFEkis8XGluu0HWpMTpuo2Tay7zWbAmX
         wez8osqK2jC3US/gyMeEBU3LH9eeuLbw338KiYXaL1QCn85DvnxUXzMH3dQlXDWUhKKm
         +EaepNkNFLabilA8ZzWZjn9ujjjExivvlt7hPfjn7VBPpnTbQ7SXFgKog4UkQjd1XN+s
         e0LQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20210112;
        h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to
         :references:mime-version:content-transfer-encoding;
        bh=cOjzncUXNGtW9lgx42kgxYpyu4kURDQz/nl+++pJmq4=;
        b=CSZdBTmDOHTHPGl4jj7FlAZt+zkGM6TacoehuoHnJEBZ7TTGDw8JeuIiNufV7Nt4AV
         HvY/FjHZax3+XOdXBtZi7eGUa929f9pMsjSuuAEP+UfBZrOkVBAJFY/BSRHoGmkLyI6a
         1xqoAArTHFBdSd7EMtH1U0kp36mQK+PALAege72RzNFamzJNVDzDfmXiK/BFEKx4+59/
         x5OuAGeyMKbyOldHevDk53eqSdhN55yMLidz6bjJCuhlwXKsNiHRtGDlM/aICWXOajeC
         IPavHAQPGexmw/PW9qV8ZRSF4r3o1gz8ZLFf6IgHPdTwQU0H6r0jpVTAJvgnfUE26gUT
         JZ8g==
X-Gm-Message-State: AOAM530r06gb2/CHc4U3oCZKB+6aaKrvUl038oWk5EW38XYePrGyDvu8
        Qj7odZ/v8+p7l1ClqGSeo7IMqUF9DYZijA==
X-Google-Smtp-Source: 
 ABdhPJxWNfBBgLs45Iin1OX9c8QbCcEo/aQP5goO4NWEO1BJLcYvm8vmOpOvnopkv6a9UTAlIMo8RA==
X-Received: by 2002:a05:600c:3ac9:b0:397:70f8:bd65 with SMTP id
 d9-20020a05600c3ac900b0039770f8bd65mr39155484wms.194.1654281484277;
        Fri, 03 Jun 2022 11:38:04 -0700 (PDT)
Received: from vm.nix.is (vm.nix.is. [2a01:4f8:120:2468::2])
        by smtp.gmail.com with ESMTPSA id
 y5-20020adff6c5000000b0020c5253d926sm8232636wrp.114.2022.06.03.11.38.03
        (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
        Fri, 03 Jun 2022 11:38:03 -0700 (PDT)
From: =?utf-8?b?w4Z2YXIgQXJuZmrDtnLDsCBCamFybWFzb24=?=  <avarab@gmail.com>
To: git@vger.kernel.org
Cc: Junio C Hamano <gitster@pobox.com>,
 =?utf-8?q?Ren=C3=A9_Scharfe?= <l.s.r@web.de>,
 Jinoh Kang <luke1337@theori.io>, Phillip Wood <phillip.wood@talktalk.net>,
 Glen Choo <chooglen@google.com>, Paul Tan <pyokagan@gmail.com>,
 Han-Wen Nienhuys <hanwen@google.com>, Karthik Nayak <karthik.188@gmail.com>,
 Jeff Smith <whydoubt@gmail.com>, Taylor Blau <me@ttaylorr.com>,
	=?utf-8?b?w4Z2YXIgQXJuZmrDtnLDsCBCamFybWFzb24=?=  <avarab@gmail.com>
Subject: [RFC PATCH 04/15] diff-lib.c: don't dereference NULL in oneway_diff()
Date: Fri,  3 Jun 2022 20:37:41 +0200
Message-Id: <RFC-patch-04.15-3a287c19d7e-20220603T183608Z-avarab@gmail.com>
X-Mailer: git-send-email 2.36.1.1124.g577fa9c2ebd
In-Reply-To: <RFC-cover-00.15-00000000000-20220603T183608Z-avarab@gmail.com>
References: <RFC-cover-00.15-00000000000-20220603T183608Z-avarab@gmail.com>
MIME-Version: 1.0
Precedence: bulk
List-ID: <git.vger.kernel.org>
X-Mailing-List: git@vger.kernel.org

Fix a control flow issue dating back to d1f2d7e8ca6 (Make
run_diff_index() use unpack_trees(), not read_tree(), 2008-01-19)
where we'd assume "tree" must be non-NULL if idx was NULL. As
-fanalyzer shows we'd end up dereferencing "tree" in that case in
ce_path_match():

dir.h:541:41: warning: dereference of NULL ‘ce’ [CWE-476] [-Wanalyzer-null-dereference]
  541 |                               S_ISDIR(ce->ce_mode) || S_ISGITLINK(ce->ce_mode));
      |                                         ^
  ‘oneway_diff’: events 1-2
    |
    |diff-lib.c:493:12:
    |  493 | static int oneway_diff(const struct cache_entry * const *src,
    |      |            ^~~~~~~~~~~
    |      |            |
    |      |            (1) entry to ‘oneway_diff’
    |......
    |  506 |         if (tree == o->df_conflict_entry)
    |      |            ~
    |      |            |
    |      |            (2) following ‘true’ branch...
    |
  ‘oneway_diff’: event 3
    |
    |  507 |                 tree = NULL;
    |      |                      ^
    |      |                      |
    |      |                      (3) ...to here
    |
  ‘oneway_diff’: events 4-8
    |
    |  507 |                 tree = NULL;
    |      |                      ^
    |      |                      |
    |      |                      (4) ‘tree’ is NULL
    |  508 |
    |  509 |         if (ce_path_match(revs->diffopt.repo->index,
    |      |             ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    |      |             |
    |      |             (5) following ‘false’ branch (when ‘idx’ is NULL)...
    |      |             (6) ...to here
    |      |             (7) ‘tree’ is NULL
    |      |             (8) calling ‘ce_path_match’ from ‘oneway_diff’
    |  510 |                           idx ? idx : tree,
    |      |                           ~~~~~~~~~~~~~~~~~
    |  511 |                           &revs->prune_data, NULL)) {
    |      |                           ~~~~~~~~~~~~~~~~~~~~~~~~
    |
    +--> ‘ce_path_match’: event 9
           |
           |dir.h:535:19:
           |  535 | static inline int ce_path_match(struct index_state *istate,
           |      |                   ^~~~~~~~~~~~~
           |      |                   |
           |      |                   (9) entry to ‘ce_path_match’
           |
         ‘ce_path_match’: event 10
           |
           |  541 |                               S_ISDIR(ce->ce_mode) || S_ISGITLINK(ce->ce_mode));
           |      |                                         ^
           |      |                                         |
           |      |                                         (10) dereference of NULL ‘ce

Signed-off-by: Ævar Arnfjörð Bjarmason <avarab@gmail.com>
---
 diff-lib.c | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/diff-lib.c b/diff-lib.c
index ca085a03efc..8373ad7e3ea 100644
--- a/diff-lib.c
+++ b/diff-lib.c
@@ -506,6 +506,9 @@ static int oneway_diff(const struct cache_entry * const *src,
 	if (tree == o->df_conflict_entry)
 		tree = NULL;
 
+	if (!idx && !tree)
+		return 0;
+
 	if (ce_path_match(revs->diffopt.repo->index,
 			  idx ? idx : tree,
 			  &revs->prune_data, NULL)) {

From patchwork Fri Jun  3 18:37:42 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
X-Patchwork-Submitter: =?utf-8?b?w4Z2YXIgQXJuZmrDtnLDsCBCamFybWFzb24=?=
 <avarab@gmail.com>
X-Patchwork-Id: 12869319
Return-Path: <git-owner@kernel.org>
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on
	aws-us-west-2-korg-lkml-1.web.codeaurora.org
Received: from vger.kernel.org (vger.kernel.org [23.128.96.18])
	by smtp.lore.kernel.org (Postfix) with ESMTP id E817BC43334
	for <git@archiver.kernel.org>; Fri,  3 Jun 2022 18:39:29 +0000 (UTC)
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1347502AbiFCSj3 (ORCPT <rfc822;git@archiver.kernel.org>);
        Fri, 3 Jun 2022 14:39:29 -0400
Received: from lindbergh.monkeyblade.net ([23.128.96.19]:37080 "EHLO
        lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S240715AbiFCSjB (ORCPT <rfc822;git@vger.kernel.org>);
        Fri, 3 Jun 2022 14:39:01 -0400
Received: from mail-wm1-x32e.google.com (mail-wm1-x32e.google.com
 [IPv6:2a00:1450:4864:20::32e])
        by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 3AADB13F0C
        for <git@vger.kernel.org>; Fri,  3 Jun 2022 11:38:06 -0700 (PDT)
Received: by mail-wm1-x32e.google.com with SMTP id n185so4503077wmn.4
        for <git@vger.kernel.org>; Fri, 03 Jun 2022 11:38:06 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=gmail.com; s=20210112;
        h=from:to:cc:subject:date:message-id:in-reply-to:references
         :mime-version:content-transfer-encoding;
        bh=0JJxGL1rDDAGdKw7XWP799MeueAOlkIeCKlogo8sTk4=;
        b=TqKj3ZHTTNuBV6AHIqmG0CAlh9AYJ6T3M4mW/c1pRm4w9rmSm4cDagzjd7xUXHvj2Z
         zmuOBBZMMUqqDM+R3pWyng5c6yJJ7UTGM86Aly1nPhO5oHC22j7sdLc84uh6QKKga7lV
         hpYYWFXJaA5v+o3R5c1+8EA2fCAmF+afHorMGOQHjymfoPYjfxPmHzu5MNfjLRPl3Zmm
         eOWiDGHzECUqKL/SEd3YTaIjatIlggkwXhZj7WTJy9J0Jlc+guV+2moOLTacmtymWYfM
         6K6BkvIg1H82E6sXNNktgHwD5isp0vAVVlAgZ/9gzzW7EZjh+jR+bnK/3oe0/VjxHR/3
         QFuA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20210112;
        h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to
         :references:mime-version:content-transfer-encoding;
        bh=0JJxGL1rDDAGdKw7XWP799MeueAOlkIeCKlogo8sTk4=;
        b=VKs2/r7EHHvbq/gZ+6lIFOThrYHqEtT+5pN5T4BrpzKXVtnGU1rCqVprBWOGcRmQ6+
         nAI0J9Lm9+xQpa+jY8h3RrcfysJOsJzuwIYwgaW6oh40byJeHmwPGjnxJuCfsYXKKs14
         VqcDHDUtutCgSR9WBkPzr2ymj4NuVaWXEwoCCqDX8IWsOPOpxNbT7EjrGDcyPtjMSYaj
         5b0xTynzhRtN6qhL6fSoDhA+Bcr1NKq4wr1CZ79Yzx5OATmZX7XPdQNJeFlW7UsZEGyY
         q06LWFajzjaMAtJwSRyvrQmgZiMzzsPihILSLpkRcWP/VWxZDCvxlmpmQl8cgHt27LA+
         AA+Q==
X-Gm-Message-State: AOAM530OJ8q7m5+wdWggOl0IRMtF30Ou+O7AAfl1GQlAHJIu1CrUGc/C
        oiVItpVMLR7gJxSD6ZZ8WfScGUkjyNhZqA==
X-Google-Smtp-Source: 
 ABdhPJwlwZYCHKqbbwGk/1ALmRaZGQ4K04U5BwgnT+TaRfEGRIsvp+MTlybvJ8Ktmze84fjnINfuvA==
X-Received: by 2002:a05:600c:104a:b0:397:3385:898a with SMTP id
 10-20020a05600c104a00b003973385898amr10077294wmx.7.1654281485127;
        Fri, 03 Jun 2022 11:38:05 -0700 (PDT)
Received: from vm.nix.is (vm.nix.is. [2a01:4f8:120:2468::2])
        by smtp.gmail.com with ESMTPSA id
 y5-20020adff6c5000000b0020c5253d926sm8232636wrp.114.2022.06.03.11.38.04
        (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
        Fri, 03 Jun 2022 11:38:04 -0700 (PDT)
From: =?utf-8?b?w4Z2YXIgQXJuZmrDtnLDsCBCamFybWFzb24=?=  <avarab@gmail.com>
To: git@vger.kernel.org
Cc: Junio C Hamano <gitster@pobox.com>,
 =?utf-8?q?Ren=C3=A9_Scharfe?= <l.s.r@web.de>,
 Jinoh Kang <luke1337@theori.io>, Phillip Wood <phillip.wood@talktalk.net>,
 Glen Choo <chooglen@google.com>, Paul Tan <pyokagan@gmail.com>,
 Han-Wen Nienhuys <hanwen@google.com>, Karthik Nayak <karthik.188@gmail.com>,
 Jeff Smith <whydoubt@gmail.com>, Taylor Blau <me@ttaylorr.com>,
	=?utf-8?b?w4Z2YXIgQXJuZmrDtnLDsCBCamFybWFzb24=?=  <avarab@gmail.com>
Subject: [RFC PATCH 05/15] refs/packed-backend.c: add a BUG() if iter is NULL
Date: Fri,  3 Jun 2022 20:37:42 +0200
Message-Id: <RFC-patch-05.15-46e0c307941-20220603T183608Z-avarab@gmail.com>
X-Mailer: git-send-email 2.36.1.1124.g577fa9c2ebd
In-Reply-To: <RFC-cover-00.15-00000000000-20220603T183608Z-avarab@gmail.com>
References: <RFC-cover-00.15-00000000000-20220603T183608Z-avarab@gmail.com>
MIME-Version: 1.0
Precedence: bulk
List-ID: <git.vger.kernel.org>
X-Mailing-List: git@vger.kernel.org

Adjust code added in 2775d8724d7 (packed_ref_store: implement
reference transactions, 2017-09-08) to BUG() out in a case there GCC
v12's -fanalyzer flagged that the "iter->oid" seen in the context was
reachable where iter was NULL.

Signed-off-by: Ævar Arnfjörð Bjarmason <avarab@gmail.com>
---
 refs/packed-backend.c | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/refs/packed-backend.c b/refs/packed-backend.c
index 97b68377673..65991bbcaf5 100644
--- a/refs/packed-backend.c
+++ b/refs/packed-backend.c
@@ -1226,6 +1226,8 @@ static int write_with_updates(struct packed_ref_store *refs,
 			struct object_id peeled;
 			int peel_error = ref_iterator_peel(iter, &peeled);
 
+			if (!iter)
+				BUG("must have iter if cmp < 0");
 			if (write_packed_entry(out, iter->refname,
 					       iter->oid,
 					       peel_error ? NULL : &peeled))

From patchwork Fri Jun  3 18:37:43 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
X-Patchwork-Submitter: =?utf-8?b?w4Z2YXIgQXJuZmrDtnLDsCBCamFybWFzb24=?=
 <avarab@gmail.com>
X-Patchwork-Id: 12869320
Return-Path: <git-owner@kernel.org>
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on
	aws-us-west-2-korg-lkml-1.web.codeaurora.org
Received: from vger.kernel.org (vger.kernel.org [23.128.96.18])
	by smtp.lore.kernel.org (Postfix) with ESMTP id 01025C43334
	for <git@archiver.kernel.org>; Fri,  3 Jun 2022 18:39:35 +0000 (UTC)
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1347573AbiFCSja (ORCPT <rfc822;git@archiver.kernel.org>);
        Fri, 3 Jun 2022 14:39:30 -0400
Received: from lindbergh.monkeyblade.net ([23.128.96.19]:39572 "EHLO
        lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S243433AbiFCSjC (ORCPT <rfc822;git@vger.kernel.org>);
        Fri, 3 Jun 2022 14:39:02 -0400
Received: from mail-wm1-x330.google.com (mail-wm1-x330.google.com
 [IPv6:2a00:1450:4864:20::330])
        by lindbergh.monkeyblade.net (Postfix) with ESMTPS id E0ECF13F1A
        for <git@vger.kernel.org>; Fri,  3 Jun 2022 11:38:07 -0700 (PDT)
Received: by mail-wm1-x330.google.com with SMTP id n185so4503102wmn.4
        for <git@vger.kernel.org>; Fri, 03 Jun 2022 11:38:07 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=gmail.com; s=20210112;
        h=from:to:cc:subject:date:message-id:in-reply-to:references
         :mime-version:content-transfer-encoding;
        bh=i+vCK8o7px1kCstZ5ngL34U5AbL7VdjT8ve8LuDQXrI=;
        b=faK4nYfv2Jd/dKTVFhNyqYxqcPG+7cAJMvgRhyjsEYIdM+KA5N0lzF0tVulvEj6jHZ
         82zAr69Ctexq7kCYhm8nKOFLluV2aJY2xEdtq3pa1+1pD6tErsMsJXl7abF95P6UamIp
         DBLaoFFDdghR02VvpF7taXRvbfgjmrmFieLA3aoFvKdv9vdVHx85SkwK3q8s377o9Vbg
         Ojxba6C2Z9vMIqOgRvXHd2a0LllW9WQPlghC+aFKzJxFSKM7DOHD5j+RGhE7HdQYtRmV
         9arHgDPXc6rWJlEWzbUkgOJK/XWGzA9slponZ50DpSsXsKZXbUrbr0eJfmTXhFBL4TpP
         dfWA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20210112;
        h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to
         :references:mime-version:content-transfer-encoding;
        bh=i+vCK8o7px1kCstZ5ngL34U5AbL7VdjT8ve8LuDQXrI=;
        b=sTAredZQaNx4/aAvV6Taoyli9JPiEvjHWWu4C7u7yWIyXewSS+gbp9/cSr/9phgUks
         68LhFmOadkw7fhJjSzGynj4NeUS3XiCC/3RdjyjIRm9ByMqCWrV0K9PzQGjY2giHOZDD
         hGs624Hd4Un59r21Z2URiXSJRm/wKwyv4Cl57dBZMbJQz969ctehwQXQ2pg3/59a/D8a
         xUojkbmAzftsGIz0aIYaUtNc5sG1A/P0XwPGdWUFtnKzEKuiyCWutzYizFcgIkvBgooI
         gfb7omCI46S/MHFhHLEVEoCe04xLGlgAeEfBjLJPqS7dLOI7/oDHUOJ5NLnBnByqVIKL
         WKNA==
X-Gm-Message-State: AOAM533uJARzRX2zXwYAXsaebynePWtn890c9UP9jGu2Udb2OlDAaiBA
        UhoT/R+y/PcHsf7tSfRO7HYuHr/mf8ONdQ==
X-Google-Smtp-Source: 
 ABdhPJyA+dnqMupAvnl3T0r4s1ydecthJCmBEosIFOeDD6q5A7jD/pGX2UU5GuDEZmoLAAetTKvFpg==
X-Received: by 2002:a05:600c:3843:b0:397:476f:ceb8 with SMTP id
 s3-20020a05600c384300b00397476fceb8mr38913776wmr.200.1654281486044;
        Fri, 03 Jun 2022 11:38:06 -0700 (PDT)
Received: from vm.nix.is (vm.nix.is. [2a01:4f8:120:2468::2])
        by smtp.gmail.com with ESMTPSA id
 y5-20020adff6c5000000b0020c5253d926sm8232636wrp.114.2022.06.03.11.38.05
        (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
        Fri, 03 Jun 2022 11:38:05 -0700 (PDT)
From: =?utf-8?b?w4Z2YXIgQXJuZmrDtnLDsCBCamFybWFzb24=?=  <avarab@gmail.com>
To: git@vger.kernel.org
Cc: Junio C Hamano <gitster@pobox.com>,
 =?utf-8?q?Ren=C3=A9_Scharfe?= <l.s.r@web.de>,
 Jinoh Kang <luke1337@theori.io>, Phillip Wood <phillip.wood@talktalk.net>,
 Glen Choo <chooglen@google.com>, Paul Tan <pyokagan@gmail.com>,
 Han-Wen Nienhuys <hanwen@google.com>, Karthik Nayak <karthik.188@gmail.com>,
 Jeff Smith <whydoubt@gmail.com>, Taylor Blau <me@ttaylorr.com>,
	=?utf-8?b?w4Z2YXIgQXJuZmrDtnLDsCBCamFybWFzb24=?=  <avarab@gmail.com>
Subject: [RFC PATCH 06/15] ref-filter.c: BUG() out on show_ref() with NULL
 refname
Date: Fri,  3 Jun 2022 20:37:43 +0200
Message-Id: <RFC-patch-06.15-2d04035d7aa-20220603T183608Z-avarab@gmail.com>
X-Mailer: git-send-email 2.36.1.1124.g577fa9c2ebd
In-Reply-To: <RFC-cover-00.15-00000000000-20220603T183608Z-avarab@gmail.com>
References: <RFC-cover-00.15-00000000000-20220603T183608Z-avarab@gmail.com>
MIME-Version: 1.0
Precedence: bulk
List-ID: <git.vger.kernel.org>
X-Mailing-List: git@vger.kernel.org

Adjust code originally added in 5339bdad96a (ref-filter: introduce
remote_ref_atom_parser(), 2016-02-17) to BUG() out rather than
potentially segfault if we get a NULL refname here.

As noted by GCC v12's -fanalyzer that will happen if this follows the
"refname = NULL" branch added in cc72385fe35 (for-each-ref: let
upstream/push optionally report the remote name, 2017-10-05).

Signed-off-by: Ævar Arnfjörð Bjarmason <avarab@gmail.com>
---
 ref-filter.c | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/ref-filter.c b/ref-filter.c
index 2413f889f48..91aa8e89268 100644
--- a/ref-filter.c
+++ b/ref-filter.c
@@ -1644,7 +1644,9 @@ static void fill_remote_ref_details(struct used_atom *atom, const char *refname,
 				    struct branch *branch, const char **s)
 {
 	int num_ours, num_theirs;
-	if (atom->u.remote_ref.option == RR_REF)
+	if (atom->u.remote_ref.option == RR_REF && !refname)
+		BUG("must get refname with [...]remote_ref.option == RR_REF");
+	else if (atom->u.remote_ref.option == RR_REF)
 		*s = show_ref(&atom->u.remote_ref.refname, refname);
 	else if (atom->u.remote_ref.option == RR_TRACK) {
 		if (stat_tracking_info(branch, &num_ours, &num_theirs,

From patchwork Fri Jun  3 18:37:44 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
X-Patchwork-Submitter: =?utf-8?b?w4Z2YXIgQXJuZmrDtnLDsCBCamFybWFzb24=?=
 <avarab@gmail.com>
X-Patchwork-Id: 12869321
Return-Path: <git-owner@kernel.org>
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on
	aws-us-west-2-korg-lkml-1.web.codeaurora.org
Received: from vger.kernel.org (vger.kernel.org [23.128.96.18])
	by smtp.lore.kernel.org (Postfix) with ESMTP id A9955C433EF
	for <git@archiver.kernel.org>; Fri,  3 Jun 2022 18:39:37 +0000 (UTC)
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1347612AbiFCSjg (ORCPT <rfc822;git@archiver.kernel.org>);
        Fri, 3 Jun 2022 14:39:36 -0400
Received: from lindbergh.monkeyblade.net ([23.128.96.19]:37830 "EHLO
        lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S1347534AbiFCSjD (ORCPT <rfc822;git@vger.kernel.org>);
        Fri, 3 Jun 2022 14:39:03 -0400
Received: from mail-wm1-x32c.google.com (mail-wm1-x32c.google.com
 [IPv6:2a00:1450:4864:20::32c])
        by lindbergh.monkeyblade.net (Postfix) with ESMTPS id E21ED13F1F
        for <git@vger.kernel.org>; Fri,  3 Jun 2022 11:38:08 -0700 (PDT)
Received: by mail-wm1-x32c.google.com with SMTP id
 n124-20020a1c2782000000b003972dfca96cso4753292wmn.4
        for <git@vger.kernel.org>; Fri, 03 Jun 2022 11:38:08 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=gmail.com; s=20210112;
        h=from:to:cc:subject:date:message-id:in-reply-to:references
         :mime-version:content-transfer-encoding;
        bh=/fGAJYhyHSfcmSlYQArD7fG/6FhVph4XUP7NNo8Iewk=;
        b=GN2AO5ZWxiMpQZYWkg+sB8fVC49L1MdU52ULpzHMfO84iUVsnsf3d8cZLyhIqxj8+9
         sB/KgY10t/8QRXW4uPoGzQsERahiinJDpM6bB4tNbAUNyuZPeJ+L/lnDWFkRHParFAKA
         u7QACdTmmh3CjXM3267b+4szMzfUJUotroVeuCpuNBjd2M72G12jbz2DGnPWA/EOLneB
         3UbcEokbJfvSD53vAxxNs8s+VRuj2lp2app+Kutwga6el+UZ2hok5YD37tcq8dgvXOlj
         e3Y5hVpeCm5xQ6fDq+IsWMKXGbqb2FZHKaYTteeyfpT9yG7RWXYcS45OkyU1pk4zWGR7
         Nkfg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20210112;
        h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to
         :references:mime-version:content-transfer-encoding;
        bh=/fGAJYhyHSfcmSlYQArD7fG/6FhVph4XUP7NNo8Iewk=;
        b=f2Tiqa8+isDX/TyD2LEgJ7gNCnJ/ymaIJyej9nCDwf5VR1qFGyuFU5zpzNi6RAnZFw
         QiLgUlOpadlDmihZ1Uz6Hnz4c/8Bqjo0l5rmJpay7MB1vDlSEkNDWiO7mIBXA2+9XrSw
         s3Q8FBMSCBpVPfveCbYIzD2Z78iEAT9MbMlTYyC3bOQRoGzVPMmWaR6QOB6/xyjgVAHM
         6s27Zuo4FxS3val7XJoweOVopYfUmOqw+uux+6/3i2KTj351Uh+EjxSwZcoAEEtNtOV4
         9dcnf6ruWzesQ+z+RcWTUFrZ3a2FeajCQFKsKZ32CjxGa5LxQk52pCmi6xARGPKsMLoh
         rODA==
X-Gm-Message-State: AOAM532nLOV9IwGxzP52RH1kDdzaQ1FRU6pyZPjF7M3UBkf4z42YrnBT
        sHSQ9G0zb7Kr/DSYFV1CT1KS13c30mbtdw==
X-Google-Smtp-Source: 
 ABdhPJxiJnJvK20pbeCQ5OR8RqdFqX713rAe2lKEchW+TU3OiQmriipAP3++Cu3Moco+tzw+NaBNmg==
X-Received: by 2002:a1c:5444:0:b0:39c:3761:ac37 with SMTP id
 p4-20020a1c5444000000b0039c3761ac37mr6687316wmi.144.1654281487244;
        Fri, 03 Jun 2022 11:38:07 -0700 (PDT)
Received: from vm.nix.is (vm.nix.is. [2a01:4f8:120:2468::2])
        by smtp.gmail.com with ESMTPSA id
 y5-20020adff6c5000000b0020c5253d926sm8232636wrp.114.2022.06.03.11.38.06
        (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
        Fri, 03 Jun 2022 11:38:06 -0700 (PDT)
From: =?utf-8?b?w4Z2YXIgQXJuZmrDtnLDsCBCamFybWFzb24=?=  <avarab@gmail.com>
To: git@vger.kernel.org
Cc: Junio C Hamano <gitster@pobox.com>,
 =?utf-8?q?Ren=C3=A9_Scharfe?= <l.s.r@web.de>,
 Jinoh Kang <luke1337@theori.io>, Phillip Wood <phillip.wood@talktalk.net>,
 Glen Choo <chooglen@google.com>, Paul Tan <pyokagan@gmail.com>,
 Han-Wen Nienhuys <hanwen@google.com>, Karthik Nayak <karthik.188@gmail.com>,
 Jeff Smith <whydoubt@gmail.com>, Taylor Blau <me@ttaylorr.com>,
	=?utf-8?b?w4Z2YXIgQXJuZmrDtnLDsCBCamFybWFzb24=?=  <avarab@gmail.com>
Subject: [RFC PATCH 07/15] strbuf.c: placate -fanalyzer in strbuf_grow()
Date: Fri,  3 Jun 2022 20:37:44 +0200
Message-Id: <RFC-patch-07.15-cf1a5f3ed0f-20220603T183608Z-avarab@gmail.com>
X-Mailer: git-send-email 2.36.1.1124.g577fa9c2ebd
In-Reply-To: <RFC-cover-00.15-00000000000-20220603T183608Z-avarab@gmail.com>
References: <RFC-cover-00.15-00000000000-20220603T183608Z-avarab@gmail.com>
MIME-Version: 1.0
Precedence: bulk
List-ID: <git.vger.kernel.org>
X-Mailing-List: git@vger.kernel.org

Change the strbuf_grow() function so that GCC v12's -fanalyze doesn't
yell at us about sb->buf[0] dereferencing NULL, this also makes this
code easier to follow.

This BUG() should be unreachable since the state of our "sb->buf" and
"sb->alloc" goes hand-in-hand, but -fanalyzer isn't smart enough to
know that, and adding the BUG() also makes it clearer to human readers
that that's what happens here.

Signed-off-by: Ævar Arnfjörð Bjarmason <avarab@gmail.com>
---
 strbuf.c | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/strbuf.c b/strbuf.c
index dd9eb85527a..61c4630aeeb 100644
--- a/strbuf.c
+++ b/strbuf.c
@@ -97,6 +97,8 @@ void strbuf_grow(struct strbuf *sb, size_t extra)
 	if (new_buf)
 		sb->buf = NULL;
 	ALLOC_GROW(sb->buf, sb->len + extra + 1, sb->alloc);
+	if (new_buf && !sb->buf)
+		BUG("for a new buffer ALLOC_GROW() should always do work!");
 	if (new_buf)
 		sb->buf[0] = '\0';
 }

From patchwork Fri Jun  3 18:37:45 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
X-Patchwork-Submitter: =?utf-8?b?w4Z2YXIgQXJuZmrDtnLDsCBCamFybWFzb24=?=
 <avarab@gmail.com>
X-Patchwork-Id: 12869322
Return-Path: <git-owner@kernel.org>
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on
	aws-us-west-2-korg-lkml-1.web.codeaurora.org
Received: from vger.kernel.org (vger.kernel.org [23.128.96.18])
	by smtp.lore.kernel.org (Postfix) with ESMTP id C73EDC433EF
	for <git@archiver.kernel.org>; Fri,  3 Jun 2022 18:39:39 +0000 (UTC)
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1347615AbiFCSji (ORCPT <rfc822;git@archiver.kernel.org>);
        Fri, 3 Jun 2022 14:39:38 -0400
Received: from lindbergh.monkeyblade.net ([23.128.96.19]:39704 "EHLO
        lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S1347121AbiFCSjE (ORCPT <rfc822;git@vger.kernel.org>);
        Fri, 3 Jun 2022 14:39:04 -0400
Received: from mail-wm1-x332.google.com (mail-wm1-x332.google.com
 [IPv6:2a00:1450:4864:20::332])
        by lindbergh.monkeyblade.net (Postfix) with ESMTPS id DDBD165C0
        for <git@vger.kernel.org>; Fri,  3 Jun 2022 11:38:09 -0700 (PDT)
Received: by mail-wm1-x332.google.com with SMTP id
 m32-20020a05600c3b2000b0039756bb41f2so4753124wms.3
        for <git@vger.kernel.org>; Fri, 03 Jun 2022 11:38:09 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=gmail.com; s=20210112;
        h=from:to:cc:subject:date:message-id:in-reply-to:references
         :mime-version:content-transfer-encoding;
        bh=I78BFi8lWbxsFfO4i7U+p+E1Z5D4ikxyRJc6zcGg/gE=;
        b=Ob8p8kGo8x3N47zphHQwUHXyxzXOErZX8GI2v2Y41lVqY/WUke9+Sv9U9ckb+phvSA
         uk60LEjCTOenNBPWBxJ3a7+Y/PSJ6ZH9s96KywdD7XqM/Y88KqcNoRsR9Yp5oRLQSIu9
         HEyRUWa5c3i7GzIS4ahCgy7TVHVkqd9l7d6y/EQzD8CwzlTOaalseknda8xLWZWYsGWy
         RolCC+KS5E4Cbs1u7OaO3RFxtZdI2EBRj64euO5StITAIF389nmwbpzw7NSLNyZMr6yO
         tvHWSQbL20oC8bLXF19EXCllUFeJAFGjm9gpAoV1lNjJ8IhlN63CexTokEypGeTGO+CC
         q1lQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20210112;
        h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to
         :references:mime-version:content-transfer-encoding;
        bh=I78BFi8lWbxsFfO4i7U+p+E1Z5D4ikxyRJc6zcGg/gE=;
        b=t6E0DF7FT1t+RZhTyoqdsXm+sVQ6a6DY/HM6733GJ3EHT6lvhkjiLPLi04MZCOYnGF
         FDLT553b43Gq41+Am/E9lLJ1OtujiQGnj8NWikS+087KhqzJiffsdDAaxInW2Og2bL16
         5FL+SlUBTeNP3RLH6n02kK8NpkcogSYWrx1Db4NMjN+8Bv+PJQSZtucI65HZqSiuTYXy
         lbtJD9P/frfshs2WZqgK2y6XqmGid2YHqkUAIa3bS6d7vmL3vyuT76A0MTuvEIiyLI9T
         j2oVR/UiSnBE0Z4ml+qfNOmvsId0wJMoAxj8RxtUp8Z6RjDdUBmPTjyv0mGQksJpVJ94
         E3cg==
X-Gm-Message-State: AOAM531fkaIj1zIWA278tLi7Dvqvcjx5fEJ3br27gh75a5PRKsPucWRM
        LE4J8UyN+PdoabVbkFFQalDOE+qKMxkS9w==
X-Google-Smtp-Source: 
 ABdhPJwK4oxVliGgj6XIdXq6Ziqq5i9JnTNvtgtY2oeySUjIcEtCRtHp7Rntik3YAfXa84ii+6KIjw==
X-Received: by 2002:a05:600c:583:b0:39c:3637:b9f with SMTP id
 o3-20020a05600c058300b0039c36370b9fmr7126192wmd.79.1654281488216;
        Fri, 03 Jun 2022 11:38:08 -0700 (PDT)
Received: from vm.nix.is (vm.nix.is. [2a01:4f8:120:2468::2])
        by smtp.gmail.com with ESMTPSA id
 y5-20020adff6c5000000b0020c5253d926sm8232636wrp.114.2022.06.03.11.38.07
        (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
        Fri, 03 Jun 2022 11:38:07 -0700 (PDT)
From: =?utf-8?b?w4Z2YXIgQXJuZmrDtnLDsCBCamFybWFzb24=?=  <avarab@gmail.com>
To: git@vger.kernel.org
Cc: Junio C Hamano <gitster@pobox.com>,
 =?utf-8?q?Ren=C3=A9_Scharfe?= <l.s.r@web.de>,
 Jinoh Kang <luke1337@theori.io>, Phillip Wood <phillip.wood@talktalk.net>,
 Glen Choo <chooglen@google.com>, Paul Tan <pyokagan@gmail.com>,
 Han-Wen Nienhuys <hanwen@google.com>, Karthik Nayak <karthik.188@gmail.com>,
 Jeff Smith <whydoubt@gmail.com>, Taylor Blau <me@ttaylorr.com>,
	=?utf-8?b?w4Z2YXIgQXJuZmrDtnLDsCBCamFybWFzb24=?=  <avarab@gmail.com>
Subject: [RFC PATCH 08/15] strbuf.c: use st_add3(),
 not unsigned_add_overflows()
Date: Fri,  3 Jun 2022 20:37:45 +0200
Message-Id: <RFC-patch-08.15-2c4b7832144-20220603T183608Z-avarab@gmail.com>
X-Mailer: git-send-email 2.36.1.1124.g577fa9c2ebd
In-Reply-To: <RFC-cover-00.15-00000000000-20220603T183608Z-avarab@gmail.com>
References: <RFC-cover-00.15-00000000000-20220603T183608Z-avarab@gmail.com>
MIME-Version: 1.0
Precedence: bulk
List-ID: <git.vger.kernel.org>
X-Mailing-List: git@vger.kernel.org

Change the strbuf_grow() function to use st_add3() instead of doing
its own unsigned_add_overflows() checks.  The overflow checking here
was originally added in b449f4cfc97 (Rework strbuf API and semantics.,
2007-09-06) and adjusted in 1368f65002b (compat: helper for detecting
unsigned overflow, 2010-10-10). Instead we compute a "sz" with
st_add3().

That was done at a time when the underlying xrealloc() in
git-compat-util.h didn't use st_mult() yet, that has been the case
since the later e7792a74bcf (harden REALLOC_ARRAY and xcalloc against
size_t overflow, 2016-02-22).

The only behavior change here should be the very obscure edge case
that we'd previously die() in cases where we strictly didn't need to,
as we'd check both "extra + 1" and "sb->len + extra + 1" for
overflow. If we overflowed only on the latter but were doing the
former we'd needlessly die() die. I don't think that difference
mattered, but it's noted here for completeness.

While we're at it add an inline comment about why we're adding 1 to
the values, that's also explained in the API documentation in
strbuf.h, but since we're using that magic constant here...

Signed-off-by: Ævar Arnfjörð Bjarmason <avarab@gmail.com>
---
 strbuf.c | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/strbuf.c b/strbuf.c
index 61c4630aeeb..f0a74d2bfb1 100644
--- a/strbuf.c
+++ b/strbuf.c
@@ -91,12 +91,12 @@ void strbuf_attach(struct strbuf *sb, void *buf, size_t len, size_t alloc)
 void strbuf_grow(struct strbuf *sb, size_t extra)
 {
 	int new_buf = !sb->alloc;
-	if (unsigned_add_overflows(extra, 1) ||
-	    unsigned_add_overflows(sb->len, extra + 1))
-		die("you want to use way too much memory");
+	const size_t sz_buf = new_buf ? 0 : sb->len;
+	const size_t sz = st_add3(sz_buf, extra, 1 /* for \0 */);
+
 	if (new_buf)
 		sb->buf = NULL;
-	ALLOC_GROW(sb->buf, sb->len + extra + 1, sb->alloc);
+	ALLOC_GROW(sb->buf, sz, sb->alloc);
 	if (new_buf && !sb->buf)
 		BUG("for a new buffer ALLOC_GROW() should always do work!");
 	if (new_buf)

From patchwork Fri Jun  3 18:37:46 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
X-Patchwork-Submitter: =?utf-8?b?w4Z2YXIgQXJuZmrDtnLDsCBCamFybWFzb24=?=
 <avarab@gmail.com>
X-Patchwork-Id: 12869323
Return-Path: <git-owner@kernel.org>
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on
	aws-us-west-2-korg-lkml-1.web.codeaurora.org
Received: from vger.kernel.org (vger.kernel.org [23.128.96.18])
	by smtp.lore.kernel.org (Postfix) with ESMTP id F0B64C43334
	for <git@archiver.kernel.org>; Fri,  3 Jun 2022 18:39:40 +0000 (UTC)
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1347618AbiFCSjj (ORCPT <rfc822;git@archiver.kernel.org>);
        Fri, 3 Jun 2022 14:39:39 -0400
Received: from lindbergh.monkeyblade.net ([23.128.96.19]:39826 "EHLO
        lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S1347126AbiFCSjE (ORCPT <rfc822;git@vger.kernel.org>);
        Fri, 3 Jun 2022 14:39:04 -0400
Received: from mail-wm1-x32a.google.com (mail-wm1-x32a.google.com
 [IPv6:2a00:1450:4864:20::32a])
        by lindbergh.monkeyblade.net (Postfix) with ESMTPS id BDBAB13F25
        for <git@vger.kernel.org>; Fri,  3 Jun 2022 11:38:10 -0700 (PDT)
Received: by mail-wm1-x32a.google.com with SMTP id a10so1971900wmj.5
        for <git@vger.kernel.org>; Fri, 03 Jun 2022 11:38:10 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=gmail.com; s=20210112;
        h=from:to:cc:subject:date:message-id:in-reply-to:references
         :mime-version:content-transfer-encoding;
        bh=PsGsuBMAovNiuP7QvF/Ok9NhvF1e7/FuNyYcE1xH5c8=;
        b=fzkKvqypsnpagZsCUDONwdSltPPrg6dFUBTlLU8TbqI+oHeb4Td9ysgERKR3Plk5/j
         ddMCwDPmFTEhYcWSniXTfKuIqHtr6UYdXk0cK9LLCM7MknnAS8yocBFQOu9VBqN9XH0D
         6dB6WNopxulrIrHf817wts4sAe9aEnrGStTZLyTMbh7oG8Ikz4zic7Fbcf5EPuRbw8CO
         4mKKnlL0LLK/N/nEVgALwMxmdN/uQfRrYJHQVnQRZRgbn8YPV+AzHAZMEwmTqkVC2WV7
         +bkQ3pqxDXqcc4ZrysWDEHOBmu49BzzTV+HjbuRH0TWcMMZ8NF2hxWgUVO1z2ZXjmBt5
         3M5A==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20210112;
        h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to
         :references:mime-version:content-transfer-encoding;
        bh=PsGsuBMAovNiuP7QvF/Ok9NhvF1e7/FuNyYcE1xH5c8=;
        b=A9RrIGlIXoibvaVclZA8YWDHYsANBR++ttlXlBZQtzi82E6vq/bKygEeVFzP7CGkaI
         Bi7IxNOG0+257/Nmdocustx8kp+BG0fuky77fTr3X7mTrVW5oEWQlI/IS3bt1ISJuyL0
         /4JrsDXN/HooxS3KRhQxe9hL95cZDrH51f87dOCEl8ignXU1LfxN6mNo+q0ELOh9iPxx
         ESd/M9I/t6ibNlodqbZZgPURKMrNNuPokfCuBNAwEmtq/CCva/oB1VKjLp6QGD5fvEp5
         IZMOSKg9+FFo9pY4a6m/skyOWksOrKvt2s2bGpj11MFofK7u4Os8TJPzaohjZaalRxmO
         JifQ==
X-Gm-Message-State: AOAM530KmtXoPTwdsFkFquIJrs30D/8fxQ+w59ESi/YY1F5gwProfvN4
        OGHjcOS2d6l/mOv+YFEj1sAb8uKRFqJZ/A==
X-Google-Smtp-Source: 
 ABdhPJxbXUPpfcHRU6sg+TCKYtOBqfaH20luHy5258b12+OaROiRrdmkTg/0F7p9sUEIg62Niez1KA==
X-Received: by 2002:a05:600c:502a:b0:397:44d1:d5b6 with SMTP id
 n42-20020a05600c502a00b0039744d1d5b6mr10073458wmr.57.1654281489148;
        Fri, 03 Jun 2022 11:38:09 -0700 (PDT)
Received: from vm.nix.is (vm.nix.is. [2a01:4f8:120:2468::2])
        by smtp.gmail.com with ESMTPSA id
 y5-20020adff6c5000000b0020c5253d926sm8232636wrp.114.2022.06.03.11.38.08
        (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
        Fri, 03 Jun 2022 11:38:08 -0700 (PDT)
From: =?utf-8?b?w4Z2YXIgQXJuZmrDtnLDsCBCamFybWFzb24=?=  <avarab@gmail.com>
To: git@vger.kernel.org
Cc: Junio C Hamano <gitster@pobox.com>,
 =?utf-8?q?Ren=C3=A9_Scharfe?= <l.s.r@web.de>,
 Jinoh Kang <luke1337@theori.io>, Phillip Wood <phillip.wood@talktalk.net>,
 Glen Choo <chooglen@google.com>, Paul Tan <pyokagan@gmail.com>,
 Han-Wen Nienhuys <hanwen@google.com>, Karthik Nayak <karthik.188@gmail.com>,
 Jeff Smith <whydoubt@gmail.com>, Taylor Blau <me@ttaylorr.com>,
	=?utf-8?b?w4Z2YXIgQXJuZmrDtnLDsCBCamFybWFzb24=?=  <avarab@gmail.com>
Subject: [RFC PATCH 09/15] add-patch: assert parse_diff() expectations with
 BUG()
Date: Fri,  3 Jun 2022 20:37:46 +0200
Message-Id: <RFC-patch-09.15-de0f7722608-20220603T183608Z-avarab@gmail.com>
X-Mailer: git-send-email 2.36.1.1124.g577fa9c2ebd
In-Reply-To: <RFC-cover-00.15-00000000000-20220603T183608Z-avarab@gmail.com>
References: <RFC-cover-00.15-00000000000-20220603T183608Z-avarab@gmail.com>
MIME-Version: 1.0
Precedence: bulk
List-ID: <git.vger.kernel.org>
X-Mailing-List: git@vger.kernel.org

Assert that this code added in [1], [2] and other related commits
expects that once we see a "diff " line we should have a non-NULL
"file_diff" and "hunk".

In practice this would have always been the case, as we are parsing
our own "diff" output, but e.g. GCC v12's -fanalyzer doesn't know
that, and will alert us that in the "else if" and below in this
function we could be dereferencing NULL if we were processing anything
except our expected input.

1. f6aa7ecc343 (built-in add -i: start implementing the `patch`
   functionality in C, 2019-12-13)
2. 80399aec5ab (built-in add -p: support multi-file diffs, 2019-12-13)

Signed-off-by: Ævar Arnfjörð Bjarmason <avarab@gmail.com>
---
 add-patch.c | 7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)

diff --git a/add-patch.c b/add-patch.c
index 55d719f7845..087bf317b07 100644
--- a/add-patch.c
+++ b/add-patch.c
@@ -478,11 +478,16 @@ static int parse_diff(struct add_p_state *s, const struct pathspec *ps)
 	while (p != pend) {
 		char *eol = memchr(p, '\n', pend - p);
 		const char *deleted = NULL, *mode_change = NULL;
+		const char *const diff_l = "diff ";
+		int is_diff_line = starts_with(p, diff_l);
 
 		if (!eol)
 			eol = pend;
 
-		if (starts_with(p, "diff ")) {
+		if (!is_diff_line && (!file_diff || !hunk))
+			BUG("expected '%s' line to follow a '%s' line", p, diff_l);
+
+		if (is_diff_line) {
 			complete_file(marker, hunk);
 			ALLOC_GROW_BY(s->file_diff, s->file_diff_nr, 1,
 				   file_diff_alloc);

From patchwork Fri Jun  3 18:37:47 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
X-Patchwork-Submitter: =?utf-8?b?w4Z2YXIgQXJuZmrDtnLDsCBCamFybWFzb24=?=
 <avarab@gmail.com>
X-Patchwork-Id: 12869324
Return-Path: <git-owner@kernel.org>
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on
	aws-us-west-2-korg-lkml-1.web.codeaurora.org
Received: from vger.kernel.org (vger.kernel.org [23.128.96.18])
	by smtp.lore.kernel.org (Postfix) with ESMTP id AF408C43334
	for <git@archiver.kernel.org>; Fri,  3 Jun 2022 18:39:43 +0000 (UTC)
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1347623AbiFCSjl (ORCPT <rfc822;git@archiver.kernel.org>);
        Fri, 3 Jun 2022 14:39:41 -0400
Received: from lindbergh.monkeyblade.net ([23.128.96.19]:39762 "EHLO
        lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S1345061AbiFCSjE (ORCPT <rfc822;git@vger.kernel.org>);
        Fri, 3 Jun 2022 14:39:04 -0400
Received: from mail-wm1-x329.google.com (mail-wm1-x329.google.com
 [IPv6:2a00:1450:4864:20::329])
        by lindbergh.monkeyblade.net (Postfix) with ESMTPS id BAF5DB868
        for <git@vger.kernel.org>; Fri,  3 Jun 2022 11:38:10 -0700 (PDT)
Received: by mail-wm1-x329.google.com with SMTP id
 f23-20020a7bcc17000000b003972dda143eso6785343wmh.3
        for <git@vger.kernel.org>; Fri, 03 Jun 2022 11:38:10 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=gmail.com; s=20210112;
        h=from:to:cc:subject:date:message-id:in-reply-to:references
         :mime-version:content-transfer-encoding;
        bh=qbKbe3zMB/lMcyq/ZzIEa/zohUIpI1QQEk+Txu7we4A=;
        b=STPmg7FdRTRDHv80+Hthz00i8AzWPRw976iVomzIQ0NbzFtyzyGhMCVtBm9heqMRYJ
         CYThFvamie9385jXNOf25VK9YU3kBNNkdJvkfR05jDfrKZOorFI8bPBXmeh8CWbpiA1r
         ajBIeGjncNafNMqVEhDDJGQLQFbwkVwU/sQvipyr5xfR7J1n119heMte3PkHvlTEJkvY
         hBCi9TKX3f3RgUQIMvnMu+AhXp9JSEaqy94OCOtzq+aN0rxJXhdTw5PWQ19bnzYKlt70
         DoPY/Pn0IJdejdFvmY9zQYkBLAiz0kME70XTEBNESYjE+N/KvdCc2D0oHR0YGyhyfVoi
         rq6A==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20210112;
        h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to
         :references:mime-version:content-transfer-encoding;
        bh=qbKbe3zMB/lMcyq/ZzIEa/zohUIpI1QQEk+Txu7we4A=;
        b=gUXnREhSqOaZj8UXd8rlKhawHkA2o1UF9H0puE74I8XiPLqpdiNnWiaeEiBWOGdMmS
         EjYPKkM9dQS1Mb5WVlbEGZHHTm4uJEJoYvCCH7dU4t2SJAmtLPItH0gr7DCz3sdfSXC7
         qSD4RbIlvD5bOizHqt8Ek9NuRj0+qzvRDZbb3T5XWbvJh+uGxbVG11dxn/2w1YDK6hxI
         hNSWmrpQ2Aos8T+Aqq0x3OsPOPDb4p8LMmILVdVyNSeyKTSsanOAN3UoiXeZ03a+SvE3
         r919kuGAIeoptRCihZ9pBYLg7TKE6IrcbrHJyxJ+4UpUucMw2YMynN5ly05Z5HOLPvPZ
         M0PA==
X-Gm-Message-State: AOAM530SIbuaWJZJ68Kg+tnZOTNjWOFaWGXXdcoUUQVDf+NfK4DCmFXe
        FnNTW9YVQC+ht5i/c4KT3DRX9lgq2LBuUQ==
X-Google-Smtp-Source: 
 ABdhPJxBtiS/Gns7hTT9BF8MPCy/3i+C+zpvJhY6Yiic3CUGyMLyDWJVeQ5i6mFx3oQa1vKPw0ZVxQ==
X-Received: by 2002:a05:600c:4e13:b0:397:6214:ee35 with SMTP id
 b19-20020a05600c4e1300b003976214ee35mr38669015wmq.153.1654281490032;
        Fri, 03 Jun 2022 11:38:10 -0700 (PDT)
Received: from vm.nix.is (vm.nix.is. [2a01:4f8:120:2468::2])
        by smtp.gmail.com with ESMTPSA id
 y5-20020adff6c5000000b0020c5253d926sm8232636wrp.114.2022.06.03.11.38.09
        (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
        Fri, 03 Jun 2022 11:38:09 -0700 (PDT)
From: =?utf-8?b?w4Z2YXIgQXJuZmrDtnLDsCBCamFybWFzb24=?=  <avarab@gmail.com>
To: git@vger.kernel.org
Cc: Junio C Hamano <gitster@pobox.com>,
 =?utf-8?q?Ren=C3=A9_Scharfe?= <l.s.r@web.de>,
 Jinoh Kang <luke1337@theori.io>, Phillip Wood <phillip.wood@talktalk.net>,
 Glen Choo <chooglen@google.com>, Paul Tan <pyokagan@gmail.com>,
 Han-Wen Nienhuys <hanwen@google.com>, Karthik Nayak <karthik.188@gmail.com>,
 Jeff Smith <whydoubt@gmail.com>, Taylor Blau <me@ttaylorr.com>,
	=?utf-8?b?w4Z2YXIgQXJuZmrDtnLDsCBCamFybWFzb24=?=  <avarab@gmail.com>
Subject: [RFC PATCH 10/15] reftable: don't have reader_get_block() confuse
 -fanalyzer
Date: Fri,  3 Jun 2022 20:37:47 +0200
Message-Id: <RFC-patch-10.15-b50558d3b24-20220603T183608Z-avarab@gmail.com>
X-Mailer: git-send-email 2.36.1.1124.g577fa9c2ebd
In-Reply-To: <RFC-cover-00.15-00000000000-20220603T183608Z-avarab@gmail.com>
References: <RFC-cover-00.15-00000000000-20220603T183608Z-avarab@gmail.com>
MIME-Version: 1.0
Precedence: bulk
List-ID: <git.vger.kernel.org>
X-Mailing-List: git@vger.kernel.org

Change the control flow in reftable code add in 46bc0e731a7 (reftable:
read reftable files, 2021-10-07) to work around a false positive
spotted by GCC's -fanalyzer option[1]. The code was added in
46bc0e731a7 (reftable: read reftable files, 2021-10-07).

Usually we'd just leave such false positives alone, but having looked
at it the control flow was also odd and confusing to humans, so let's
change it.

What -fanalyzer complained about was:

	|......
	|  294 |         if (next_off >= r_size)
	|      |            ~
	|      |            |
	|      |            (24) following ‘false’ branch (when ‘next_off < r_size’)...
	|......
	|  294 |         if (next_off >= r_size)
	|      |            ~
	|      |            |
	|      |            (24) following ‘false’ branch (when ‘next_off < r_size’)...
	|......
	|  297 |         err = reader_get_block(r, &block, next_off, guess_block_size, r->size);
	|      |               ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
	|      |               |
	|      |               (25) ...to here
	|      |               (26) calling ‘reader_get_block’ from ‘reader_init_block_reader’
	|
	+--> ‘reader_get_block’: events 27-29
	       |
	       |   59 | static int reader_get_block(struct reftable_reader *r,
	       |      |            ^~~~~~~~~~~~~~~~
	       |      |            |
	       |      |            (27) entry to ‘reader_get_block’
	       |......
	       |   63 |         if (off >= r_size)
	       |      |            ~
	       |      |            |
	       |      |            (28) following ‘true’ branch (when ‘off >= r_size’)...
	       |   64 |                 return 0;
	       |      |                        ~
	       |      |                        |
	       |      |                        (29) ...to here
	       [...]
	       |  275 |         *typ = data[0];
	       |      |                ~~~~~~~
	       |      |                    |
	       |      |                    (37) ...to here
	       |      |                    (38) dereference of NULL ‘data’

I.e. it thought that we could take the "return 0" in
reader_get_block() due to "(off >= r->size)", which followed the
identical "(next_off >= r_size)" check in reader_init_block_reader()
just before reader_get_block() was called.

But whatever GCC's -fanalyzer thinks it's confusing that we're
checking this twice, and making it look as though these parameters
might change within the reader_init_block_reader() function, but they
won't. So let's just do the check once early, and use "const" types to
assert that they'll be constant throughout.

1. https://gcc.gnu.org/bugzilla/show_bug.cgi?id=105285

Signed-off-by: Ævar Arnfjörð Bjarmason <avarab@gmail.com>
---
 reftable/reader.c | 11 ++++++-----
 1 file changed, 6 insertions(+), 5 deletions(-)

diff --git a/reftable/reader.c b/reftable/reader.c
index 54b4025105c..e1649929b30 100644
--- a/reftable/reader.c
+++ b/reftable/reader.c
@@ -58,9 +58,9 @@ reader_offsets_for(struct reftable_reader *r, uint8_t typ)
 
 static int reader_get_block(struct reftable_reader *r,
 			    struct reftable_block *dest, uint64_t off,
-			    uint32_t sz)
+			    uint32_t sz, uint64_t r_size)
 {
-	if (off >= r->size)
+	if (off >= r_size)
 		return 0;
 
 	if (off + sz > r->size) {
@@ -281,6 +281,7 @@ static int32_t extract_block_size(uint8_t *data, uint8_t *typ, uint64_t off,
 int reader_init_block_reader(struct reftable_reader *r, struct block_reader *br,
 			     uint64_t next_off, uint8_t want_typ)
 {
+	const uint64_t r_size = r->size;
 	int32_t guess_block_size = r->block_size ? r->block_size :
 							 DEFAULT_BLOCK_SIZE;
 	struct reftable_block block = { NULL };
@@ -289,10 +290,10 @@ int reader_init_block_reader(struct reftable_reader *r, struct block_reader *br,
 	uint32_t header_off = next_off ? 0 : header_size(r->version);
 	int32_t block_size = 0;
 
-	if (next_off >= r->size)
+	if (next_off >= r_size)
 		return 1;
 
-	err = reader_get_block(r, &block, next_off, guess_block_size);
+	err = reader_get_block(r, &block, next_off, guess_block_size, r_size);
 	if (err < 0)
 		goto done;
 
@@ -309,7 +310,7 @@ int reader_init_block_reader(struct reftable_reader *r, struct block_reader *br,
 
 	if (block_size > guess_block_size) {
 		reftable_block_done(&block);
-		err = reader_get_block(r, &block, next_off, block_size);
+		err = reader_get_block(r, &block, next_off, block_size, r_size);
 		if (err < 0) {
 			goto done;
 		}

From patchwork Fri Jun  3 18:37:48 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
X-Patchwork-Submitter: =?utf-8?b?w4Z2YXIgQXJuZmrDtnLDsCBCamFybWFzb24=?=
 <avarab@gmail.com>
X-Patchwork-Id: 12869326
Return-Path: <git-owner@kernel.org>
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on
	aws-us-west-2-korg-lkml-1.web.codeaurora.org
Received: from vger.kernel.org (vger.kernel.org [23.128.96.18])
	by smtp.lore.kernel.org (Postfix) with ESMTP id 350F7CCA47C
	for <git@archiver.kernel.org>; Fri,  3 Jun 2022 18:40:15 +0000 (UTC)
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1347003AbiFCSkN (ORCPT <rfc822;git@archiver.kernel.org>);
        Fri, 3 Jun 2022 14:40:13 -0400
Received: from lindbergh.monkeyblade.net ([23.128.96.19]:33714 "EHLO
        lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S1347176AbiFCSjE (ORCPT <rfc822;git@vger.kernel.org>);
        Fri, 3 Jun 2022 14:39:04 -0400
Received: from mail-wm1-x32b.google.com (mail-wm1-x32b.google.com
 [IPv6:2a00:1450:4864:20::32b])
        by lindbergh.monkeyblade.net (Postfix) with ESMTPS id B94B013F44
        for <git@vger.kernel.org>; Fri,  3 Jun 2022 11:38:12 -0700 (PDT)
Received: by mail-wm1-x32b.google.com with SMTP id
 k36-20020a05600c1ca400b0039c2a3394caso3108216wms.2
        for <git@vger.kernel.org>; Fri, 03 Jun 2022 11:38:12 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=gmail.com; s=20210112;
        h=from:to:cc:subject:date:message-id:in-reply-to:references
         :mime-version:content-transfer-encoding;
        bh=nxVxL0Ex2NaBT4cMayReerAGfZHkk+5kSL5DT13ZbVo=;
        b=jZYo9I6f8tE9mZJnqPKAOUPA5rd9ifqGXXzOt0jwZ02f3B7gHRdLGXH1QZg6J6BJvX
         3hNqspIP/AeOuKjYE2FMhKvC2xzfI+Ib8ESCgZMC/G8dKZvo2OO9bXsrvPQSNNQfPFQe
         NUj5HWUVKa2PV/X3kqN8N17SRMRY9/cec056JDOnRGKrq414oWwUBhjThi1Tu+9/SN6V
         grlM9P6R0fto09VYn72dGSB9g0mmM8zzZ++jdSzvk55fdWdd11MDRhBJOfYgDGwdJX3h
         1NwsCUUuwPKDB+i7KAOMHOoPHOjGy33I6/FqfKyh+RmnyeGQ8JcG/D2U8dcqTxuUCtKE
         Tr+Q==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20210112;
        h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to
         :references:mime-version:content-transfer-encoding;
        bh=nxVxL0Ex2NaBT4cMayReerAGfZHkk+5kSL5DT13ZbVo=;
        b=Z69MsdtjuUfTHW2vftNd239WqJv2gyfA66F+3kVdvC5XAMfVoJ+UeGVnNcIrfu3wa1
         ule+3tS+a6voPlQKxYRWqjLiiKXSFv3EoYbHH3Ix/ffNrzURRbjB5xZg28sO+8fLuGQg
         ibn1tl8lPmve6Zd7/ZncP7TjZdY7lsFxwsoPRHKquFejRrrPYJ9py37G7JGbQXE04z3T
         0wAHkmKwcYx/TkV8l8qXD65DLlXy0Yeu8mH48b2n5R8O7UDm/0LvhJjnSFBdsLQlty8i
         jZ+D++OuKiCXly+/J0ocLGXtPe97MyXcyQ1I/JZPFJjRh+BV8ghWk6BPxLbnkhIvVpUz
         T4ng==
X-Gm-Message-State: AOAM531rjwdiNW1q6KWhMojuzSqPpNRW2Pt5Ezy1a+5hm2yuoSClx1ZF
        oYCv104rwb7Q+K7e0wcQWSL9aHHDgeBsoA==
X-Google-Smtp-Source: 
 ABdhPJz0Lx3LParGDjw/UJ7z0y+lQaZDWnOfigvSktLW1xuDGvVcAbM4kMCXaOFpePppiMROZT5AAQ==
X-Received: by 2002:a05:600c:3513:b0:39c:2a32:37a6 with SMTP id
 h19-20020a05600c351300b0039c2a3237a6mr8855845wmq.161.1654281490954;
        Fri, 03 Jun 2022 11:38:10 -0700 (PDT)
Received: from vm.nix.is (vm.nix.is. [2a01:4f8:120:2468::2])
        by smtp.gmail.com with ESMTPSA id
 y5-20020adff6c5000000b0020c5253d926sm8232636wrp.114.2022.06.03.11.38.10
        (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
        Fri, 03 Jun 2022 11:38:10 -0700 (PDT)
From: =?utf-8?b?w4Z2YXIgQXJuZmrDtnLDsCBCamFybWFzb24=?=  <avarab@gmail.com>
To: git@vger.kernel.org
Cc: Junio C Hamano <gitster@pobox.com>,
 =?utf-8?q?Ren=C3=A9_Scharfe?= <l.s.r@web.de>,
 Jinoh Kang <luke1337@theori.io>, Phillip Wood <phillip.wood@talktalk.net>,
 Glen Choo <chooglen@google.com>, Paul Tan <pyokagan@gmail.com>,
 Han-Wen Nienhuys <hanwen@google.com>, Karthik Nayak <karthik.188@gmail.com>,
 Jeff Smith <whydoubt@gmail.com>, Taylor Blau <me@ttaylorr.com>,
	=?utf-8?b?w4Z2YXIgQXJuZmrDtnLDsCBCamFybWFzb24=?=  <avarab@gmail.com>
Subject: [RFC PATCH 11/15] blame.c: clarify the state of "final_commit" for
 -fanalyzer
Date: Fri,  3 Jun 2022 20:37:48 +0200
Message-Id: <RFC-patch-11.15-66518467e1d-20220603T183608Z-avarab@gmail.com>
X-Mailer: git-send-email 2.36.1.1124.g577fa9c2ebd
In-Reply-To: <RFC-cover-00.15-00000000000-20220603T183608Z-avarab@gmail.com>
References: <RFC-cover-00.15-00000000000-20220603T183608Z-avarab@gmail.com>
MIME-Version: 1.0
Precedence: bulk
List-ID: <git.vger.kernel.org>
X-Mailing-List: git@vger.kernel.org

Change code added in d0d0ef1f67c (blame: create scoreboard setup
function, 2017-05-24) so that GCC v12's -fanalyzer doesn't think that
we can have a "NULL" final_commit in the modified branch.

This happens because the analyzer gives up in the
prepare_revision_walk() function, and thinks that the "sb->reverse &&
sb->revs->first_parent_only" condition we already checked a few lines
above can have a different result at this point.

That isn't the case, but what we really mean here is "if we previously
set up the final commit [because that was true]", so let's do that
instead.

Signed-off-by: Ævar Arnfjörð Bjarmason <avarab@gmail.com>
---
 blame.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/blame.c b/blame.c
index da1052ac94b..f6b1865ba65 100644
--- a/blame.c
+++ b/blame.c
@@ -2816,7 +2816,7 @@ void setup_scoreboard(struct blame_scoreboard *sb,
 	if (prepare_revision_walk(sb->revs))
 		die(_("revision walk setup failed"));
 
-	if (sb->reverse && sb->revs->first_parent_only) {
+	if (final_commit) {
 		struct commit *c = final_commit;
 
 		sb->revs->children.name = "children";

From patchwork Fri Jun  3 18:37:49 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
X-Patchwork-Submitter: =?utf-8?b?w4Z2YXIgQXJuZmrDtnLDsCBCamFybWFzb24=?=
 <avarab@gmail.com>
X-Patchwork-Id: 12869327
Return-Path: <git-owner@kernel.org>
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on
	aws-us-west-2-korg-lkml-1.web.codeaurora.org
Received: from vger.kernel.org (vger.kernel.org [23.128.96.18])
	by smtp.lore.kernel.org (Postfix) with ESMTP id 3D283CCA47E
	for <git@archiver.kernel.org>; Fri,  3 Jun 2022 18:40:17 +0000 (UTC)
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1347047AbiFCSkQ (ORCPT <rfc822;git@archiver.kernel.org>);
        Fri, 3 Jun 2022 14:40:16 -0400
Received: from lindbergh.monkeyblade.net ([23.128.96.19]:36524 "EHLO
        lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S1347200AbiFCSjG (ORCPT <rfc822;git@vger.kernel.org>);
        Fri, 3 Jun 2022 14:39:06 -0400
Received: from mail-wm1-x32c.google.com (mail-wm1-x32c.google.com
 [IPv6:2a00:1450:4864:20::32c])
        by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 9AFA613F49
        for <git@vger.kernel.org>; Fri,  3 Jun 2022 11:38:13 -0700 (PDT)
Received: by mail-wm1-x32c.google.com with SMTP id
 f7-20020a1c3807000000b0039c1a10507fso4755897wma.1
        for <git@vger.kernel.org>; Fri, 03 Jun 2022 11:38:13 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=gmail.com; s=20210112;
        h=from:to:cc:subject:date:message-id:in-reply-to:references
         :mime-version:content-transfer-encoding;
        bh=Hkdc787LRpHpSDso7keEmdNGwBBbmtxF/p+XO/zhR1w=;
        b=i1zV5Du3c0+0a3Rg/dL4v8aqvDIsJusxPFhH3B5wGRd5jCuSH9IynduEYz4/sLYo0J
         gcH/hYvI6iHlvui6Dc6Z06zztLeulPRICodPnuH2X699MOw2T2nUJGsZJ9qB3SwuFJTr
         6nYzCPs56/SjY3V+Xpkb4DyaaYq9l1nKrESFQOxGgwdS3PiXi27CQDBhJJjiwyLQKyR0
         I0eKWnwzFvegm9HVXICikZ/IkrChhohaqyq8sskSyFMmxEZxp1C0pFGUYNm6yNRMFxqQ
         QksZT2Hjsd+FdsgCrLlR7vYGPuj07Pf0galRPmnnK/D/+PfaaP/omjZoUhWHpTNq41vo
         dYPw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20210112;
        h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to
         :references:mime-version:content-transfer-encoding;
        bh=Hkdc787LRpHpSDso7keEmdNGwBBbmtxF/p+XO/zhR1w=;
        b=bPVMk6czXlCtEPtaDYjSVXjTZMKbDlLlAr6wEC6D9zKaGGGInjto8rv3s0hLFvsWzy
         ynNWATaz92LtIN4mhyNBrYfCT7qVw3RrX25CSxTxWDiGivGcB3JmHPZQgN1iRDuVncpI
         ihPTGyCR7eUNw86ATKq0KAgNR5ePdYz/m1w/0kP4fZEeX5uYm1T3JIDdFP/Nv5Oz9X40
         f5N/pgnLCxTiCvW55V/zV+5nYHns3tWSIFuZbfPcNC4g+Ny/4SI8pQJ5Ahdmf53RAjsN
         8FFitv4dCe5FsM5sDtplhF4FUjhhTflxI+mXVGG+s2ktVFNGuiMs/dE21FLLjXtG0HzM
         4mzA==
X-Gm-Message-State: AOAM532t0qiSEVYRtOdVcPU012kif/eZxS+LJbjdhtvBjGfgMB70rInu
        06l0iuLaQqw9DmOVOw6zGaMUcGUxI8dNXg==
X-Google-Smtp-Source: 
 ABdhPJzqQIuQHMKwlWDxE16uTmI/b4AsAZ6cKrBgDvPicvWZQ9cIxUnQ4/B/gj6pWCxCWUPgYthkww==
X-Received: by 2002:a05:600c:a03:b0:395:bc75:61eb with SMTP id
 z3-20020a05600c0a0300b00395bc7561ebmr9952755wmp.46.1654281491921;
        Fri, 03 Jun 2022 11:38:11 -0700 (PDT)
Received: from vm.nix.is (vm.nix.is. [2a01:4f8:120:2468::2])
        by smtp.gmail.com with ESMTPSA id
 y5-20020adff6c5000000b0020c5253d926sm8232636wrp.114.2022.06.03.11.38.11
        (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
        Fri, 03 Jun 2022 11:38:11 -0700 (PDT)
From: =?utf-8?b?w4Z2YXIgQXJuZmrDtnLDsCBCamFybWFzb24=?=  <avarab@gmail.com>
To: git@vger.kernel.org
Cc: Junio C Hamano <gitster@pobox.com>,
 =?utf-8?q?Ren=C3=A9_Scharfe?= <l.s.r@web.de>,
 Jinoh Kang <luke1337@theori.io>, Phillip Wood <phillip.wood@talktalk.net>,
 Glen Choo <chooglen@google.com>, Paul Tan <pyokagan@gmail.com>,
 Han-Wen Nienhuys <hanwen@google.com>, Karthik Nayak <karthik.188@gmail.com>,
 Jeff Smith <whydoubt@gmail.com>, Taylor Blau <me@ttaylorr.com>,
	=?utf-8?b?w4Z2YXIgQXJuZmrDtnLDsCBCamFybWFzb24=?=  <avarab@gmail.com>
Subject: [RFC PATCH 12/15] pack.h: wrap write_*file*() functions
Date: Fri,  3 Jun 2022 20:37:49 +0200
Message-Id: <RFC-patch-12.15-9f0f515ed3a-20220603T183608Z-avarab@gmail.com>
X-Mailer: git-send-email 2.36.1.1124.g577fa9c2ebd
In-Reply-To: <RFC-cover-00.15-00000000000-20220603T183608Z-avarab@gmail.com>
References: <RFC-cover-00.15-00000000000-20220603T183608Z-avarab@gmail.com>
MIME-Version: 1.0
Precedence: bulk
List-ID: <git.vger.kernel.org>
X-Mailing-List: git@vger.kernel.org

Whitespace-wrap some overly long write_*file*() lines in preparation
for changing their signatures in a subsequent commit. I named the
"opts" argument to "write_idx_file()" while I was at it for
consistency.

Signed-off-by: Ævar Arnfjörð Bjarmason <avarab@gmail.com>
---
 pack.h | 15 ++++++++++++---
 1 file changed, 12 insertions(+), 3 deletions(-)

diff --git a/pack.h b/pack.h
index b22bfc4a18e..802c047efe6 100644
--- a/pack.h
+++ b/pack.h
@@ -81,7 +81,10 @@ struct progress;
 /* Note, the data argument could be NULL if object type is blob */
 typedef int (*verify_fn)(const struct object_id *, enum object_type, unsigned long, void*, int*);
 
-const char *write_idx_file(const char *index_name, struct pack_idx_entry **objects, int nr_objects, const struct pack_idx_option *, const unsigned char *sha1);
+const char *write_idx_file(const char *index_name,
+			   struct pack_idx_entry **objects, int nr_objects,
+			   const struct pack_idx_option *opts,
+			   const unsigned char *sha1);
 int check_pack_crc(struct packed_git *p, struct pack_window **w_curs, off_t offset, off_t len, unsigned int nr);
 int verify_pack_index(struct packed_git *);
 int verify_pack(struct repository *, struct packed_git *, verify_fn fn, struct progress *, uint32_t);
@@ -93,8 +96,14 @@ struct ref;
 
 void write_promisor_file(const char *promisor_name, struct ref **sought, int nr_sought);
 
-const char *write_rev_file(const char *rev_name, struct pack_idx_entry **objects, uint32_t nr_objects, const unsigned char *hash, unsigned flags);
-const char *write_rev_file_order(const char *rev_name, uint32_t *pack_order, uint32_t nr_objects, const unsigned char *hash, unsigned flags);
+const char *write_rev_file(const char *rev_name,
+			   struct pack_idx_entry **objects,
+			   uint32_t nr_objects,
+			   const unsigned char *hash, unsigned flags);
+const char *write_rev_file_order(const char *rev_name, uint32_t *pack_order,
+				 uint32_t nr_objects,
+				 const unsigned char *hash,
+				 unsigned flags);
 
 /*
  * The "hdr" output buffer should be at least this big, which will handle sizes

From patchwork Fri Jun  3 18:37:50 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
X-Patchwork-Submitter: =?utf-8?b?w4Z2YXIgQXJuZmrDtnLDsCBCamFybWFzb24=?=
 <avarab@gmail.com>
X-Patchwork-Id: 12869328
Return-Path: <git-owner@kernel.org>
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on
	aws-us-west-2-korg-lkml-1.web.codeaurora.org
Received: from vger.kernel.org (vger.kernel.org [23.128.96.18])
	by smtp.lore.kernel.org (Postfix) with ESMTP id 44C4FC433EF
	for <git@archiver.kernel.org>; Fri,  3 Jun 2022 18:40:54 +0000 (UTC)
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1346920AbiFCSkx (ORCPT <rfc822;git@archiver.kernel.org>);
        Fri, 3 Jun 2022 14:40:53 -0400
Received: from lindbergh.monkeyblade.net ([23.128.96.19]:37968 "EHLO
        lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S1347239AbiFCSjG (ORCPT <rfc822;git@vger.kernel.org>);
        Fri, 3 Jun 2022 14:39:06 -0400
Received: from mail-wr1-x42a.google.com (mail-wr1-x42a.google.com
 [IPv6:2a00:1450:4864:20::42a])
        by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 9348AB50
        for <git@vger.kernel.org>; Fri,  3 Jun 2022 11:38:14 -0700 (PDT)
Received: by mail-wr1-x42a.google.com with SMTP id x17so11456622wrg.6
        for <git@vger.kernel.org>; Fri, 03 Jun 2022 11:38:14 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=gmail.com; s=20210112;
        h=from:to:cc:subject:date:message-id:in-reply-to:references
         :mime-version:content-transfer-encoding;
        bh=yb3ozS1/FnP3aHyFJ0qlNVf7HdVtI6nw/qrFNBu94Q8=;
        b=TxzQO1UFl6XhpM3q5O//zBnxBAWqDmNi+5vjS3OB9i9iRgRcQ7RKSwDdkQ6M569hU4
         mbGgjmMQkkevwTNh2e/zr163fm/OTmKY55sNBt4PQYXnR1KcPHgI7ZbZfLQeIPd7FIYx
         3kSzZU/PlQOPAwt/sJdVJVfimVICrkgOJdpXjsWJJaoIyCYph4iIkbEgetKYgq47mBOl
         4dHRS9phb7K/SddgCD9isj1DPRs3LJy5NnaZCWWKPO1SNUoAqQBSTBd3Zq/Z4/8LfP18
         tuXYxG0K93eDxLtl1Ho/A9QEj9r2I4vxMWjWgEztmnijQ3IXo9HfbYbyKgfXaPOvgSD8
         x06g==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20210112;
        h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to
         :references:mime-version:content-transfer-encoding;
        bh=yb3ozS1/FnP3aHyFJ0qlNVf7HdVtI6nw/qrFNBu94Q8=;
        b=xeFw3bP1or8e6e/XHM3rA8YApFCeJW2yz8HcvQy7dDlt3EuvMNnfwJGWAcl7k1OPTC
         6rdbO9f02SOJWr8eH/u+YjfhE1XwVWOmkNp3FXBbYUgrrmL9JMgWpFdzYLBRLSHM5vGv
         DLJRFiPjmaeUTKcXBCArM85U6zTPvmvMvmDOjQxtCzm2UxT4atOmJwCV3Nzs0Cb7Iw1w
         KUIONsfZD+0Ldy8bcZx7+C7RynJ0shr2pEUkZ9MuE27myNFYlPuY0URAo8LE5ys9a+e+
         D8gVQxQ+pTlGGiV0G6Zm2EWm18V9j9UCTb9gKBtllWP9OvXI6LoiY3bjBUwCAAE+xSmc
         fSPw==
X-Gm-Message-State: AOAM531GV3+88ewu8pTBnzan3s+0uz3hB/j4ntT45LAU/om6bjMN3hMS
        LJ1IfWQ71QcE03h3C/0qV+aRQJRTvns9GA==
X-Google-Smtp-Source: 
 ABdhPJyf/PVC3IwEiK3m2k6eeS1Sqjyv1hhoJXtbNshwCLTvBYmxdF16TkQR2rDh3zQmE4jtz0RsMw==
X-Received: by 2002:a5d:4d8f:0:b0:210:3e14:ff27 with SMTP id
 b15-20020a5d4d8f000000b002103e14ff27mr9517679wru.81.1654281492768;
        Fri, 03 Jun 2022 11:38:12 -0700 (PDT)
Received: from vm.nix.is (vm.nix.is. [2a01:4f8:120:2468::2])
        by smtp.gmail.com with ESMTPSA id
 y5-20020adff6c5000000b0020c5253d926sm8232636wrp.114.2022.06.03.11.38.11
        (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
        Fri, 03 Jun 2022 11:38:12 -0700 (PDT)
From: =?utf-8?b?w4Z2YXIgQXJuZmrDtnLDsCBCamFybWFzb24=?=  <avarab@gmail.com>
To: git@vger.kernel.org
Cc: Junio C Hamano <gitster@pobox.com>,
 =?utf-8?q?Ren=C3=A9_Scharfe?= <l.s.r@web.de>,
 Jinoh Kang <luke1337@theori.io>, Phillip Wood <phillip.wood@talktalk.net>,
 Glen Choo <chooglen@google.com>, Paul Tan <pyokagan@gmail.com>,
 Han-Wen Nienhuys <hanwen@google.com>, Karthik Nayak <karthik.188@gmail.com>,
 Jeff Smith <whydoubt@gmail.com>, Taylor Blau <me@ttaylorr.com>,
	=?utf-8?b?w4Z2YXIgQXJuZmrDtnLDsCBCamFybWFzb24=?=  <avarab@gmail.com>
Subject: [RFC PATCH 13/15] pack-write API: pass down "verify" not arbitrary
 flags
Date: Fri,  3 Jun 2022 20:37:50 +0200
Message-Id: <RFC-patch-13.15-63eeb66185a-20220603T183608Z-avarab@gmail.com>
X-Mailer: git-send-email 2.36.1.1124.g577fa9c2ebd
In-Reply-To: <RFC-cover-00.15-00000000000-20220603T183608Z-avarab@gmail.com>
References: <RFC-cover-00.15-00000000000-20220603T183608Z-avarab@gmail.com>
MIME-Version: 1.0
Precedence: bulk
List-ID: <git.vger.kernel.org>
X-Mailing-List: git@vger.kernel.org

Change the pack-write API to accept a boolean "verify" parameter
instead of passing down the "struct pack_idx_option" flags directly.

This simplifies the code for both humans and machines, e.g. GCC's
-fanalyzer would correctly note that there were potential paths
through this code where we'd deference NULL, but in reality we
wouldn't hit them because certain flags would always go hand-in-hand.

Let's instead separate the underlying API from the total set of flags,
and stop passing the flags down to functions that don't need the full
set of flags, they'll just get the specific state they need.

See e37d0b8730b (builtin/index-pack.c: write reverse indexes,
2021-01-25) for the initial implementation, and [1] for the initial
WIP version of this commit on the ML.

1. https://lore.kernel.org/git/87v93bidhn.fsf@evledraar.gmail.com/

Signed-off-by: Ævar Arnfjörð Bjarmason <avarab@gmail.com>
---
 builtin/fast-import.c  |  2 +-
 builtin/index-pack.c   | 35 ++++++++++++++---------------------
 builtin/pack-objects.c |  9 +++------
 midx.c                 |  2 +-
 pack-write.c           | 38 +++++++++++++++++---------------------
 pack.h                 | 15 ++++++---------
 6 files changed, 42 insertions(+), 59 deletions(-)

diff --git a/builtin/fast-import.c b/builtin/fast-import.c
index 28d3193c380..7cd2a3b8203 100644
--- a/builtin/fast-import.c
+++ b/builtin/fast-import.c
@@ -787,7 +787,7 @@ static const char *create_index(void)
 		die("internal consistency error creating the index");
 
 	tmpfile = write_idx_file(NULL, idx, object_count, &pack_idx_opts,
-				 pack_data->hash);
+				 pack_data->hash, 0);
 	free(idx);
 	return tmpfile;
 }
diff --git a/builtin/index-pack.c b/builtin/index-pack.c
index 3e385b48002..6691c5836e4 100644
--- a/builtin/index-pack.c
+++ b/builtin/index-pack.c
@@ -1589,12 +1589,9 @@ static int git_index_pack_config(const char *k, const char *v, void *cb)
 		}
 		return 0;
 	}
-	if (!strcmp(k, "pack.writereverseindex")) {
-		if (git_config_bool(k, v))
-			opts->flags |= WRITE_REV;
-		else
-			opts->flags &= ~WRITE_REV;
-	}
+	if (!strcmp(k, "pack.writereverseindex"))
+		opts->write_rev = git_config_bool(k, v);
+
 	return git_default_config(k, v, cb);
 }
 
@@ -1713,7 +1710,7 @@ static void show_pack_info(int stat_only)
 
 int cmd_index_pack(int argc, const char **argv, const char *prefix)
 {
-	int i, fix_thin_pack = 0, verify = 0, stat_only = 0, rev_index;
+	int i, fix_thin_pack = 0, verify = 0, stat_only = 0;
 	const char *curr_index;
 	const char *curr_rev_index = NULL;
 	const char *index_name = NULL, *pack_name = NULL, *rev_index_name = NULL;
@@ -1747,10 +1744,8 @@ int cmd_index_pack(int argc, const char **argv, const char *prefix)
 	if (prefix && chdir(prefix))
 		die(_("Cannot come back to cwd"));
 
-	if (git_env_bool(GIT_TEST_WRITE_REV_INDEX, 0))
-		rev_index = 1;
-	else
-		rev_index = !!(opts.flags & (WRITE_REV_VERIFY | WRITE_REV));
+	opts.write_rev = git_env_bool(GIT_TEST_WRITE_REV_INDEX,
+				       opts.write_rev);
 
 	for (i = 1; i < argc; i++) {
 		const char *arg = argv[i];
@@ -1835,9 +1830,9 @@ int cmd_index_pack(int argc, const char **argv, const char *prefix)
 					die(_("unknown hash algorithm '%s'"), arg);
 				repo_set_hash_algo(the_repository, hash_algo);
 			} else if (!strcmp(arg, "--rev-index")) {
-				rev_index = 1;
+				opts.write_rev = 1;
 			} else if (!strcmp(arg, "--no-rev-index")) {
-				rev_index = 0;
+				opts.write_rev = 0;
 			} else
 				usage(index_pack_usage);
 			continue;
@@ -1859,9 +1854,7 @@ int cmd_index_pack(int argc, const char **argv, const char *prefix)
 	if (!index_name && pack_name)
 		index_name = derive_filename(pack_name, "pack", "idx", &index_name_buf);
 
-	opts.flags &= ~(WRITE_REV | WRITE_REV_VERIFY);
-	if (rev_index) {
-		opts.flags |= verify ? WRITE_REV_VERIFY : WRITE_REV;
+	if (opts.write_rev) {
 		if (index_name)
 			rev_index_name = derive_filename(index_name,
 							 "idx", "rev",
@@ -1872,10 +1865,9 @@ int cmd_index_pack(int argc, const char **argv, const char *prefix)
 		if (!index_name)
 			die(_("--verify with no packfile name given"));
 		read_idx_option(&opts, index_name);
-		opts.flags |= WRITE_IDX_VERIFY | WRITE_IDX_STRICT;
 	}
 	if (strict)
-		opts.flags |= WRITE_IDX_STRICT;
+		opts.write_idx_strict = 1;
 
 	if (HAVE_THREADS && !nr_threads) {
 		nr_threads = online_cpus();
@@ -1919,11 +1911,12 @@ int cmd_index_pack(int argc, const char **argv, const char *prefix)
 	ALLOC_ARRAY(idx_objects, nr_objects);
 	for (i = 0; i < nr_objects; i++)
 		idx_objects[i] = &objects[i].idx;
-	curr_index = write_idx_file(index_name, idx_objects, nr_objects, &opts, pack_hash);
-	if (rev_index)
+	curr_index = write_idx_file(index_name, idx_objects, nr_objects, &opts,
+				    pack_hash, verify);
+	if (opts.write_rev)
 		curr_rev_index = write_rev_file(rev_index_name, idx_objects,
 						nr_objects, pack_hash,
-						opts.flags);
+						verify);
 	free(idx_objects);
 
 	if (!verify)
diff --git a/builtin/pack-objects.c b/builtin/pack-objects.c
index 014dcd4bc98..6aeaad8560f 100644
--- a/builtin/pack-objects.c
+++ b/builtin/pack-objects.c
@@ -3160,10 +3160,7 @@ static int git_pack_config(const char *k, const char *v, void *cb)
 		return 0;
 	}
 	if (!strcmp(k, "pack.writereverseindex")) {
-		if (git_config_bool(k, v))
-			pack_idx_opts.flags |= WRITE_REV;
-		else
-			pack_idx_opts.flags &= ~WRITE_REV;
+		pack_idx_opts.write_rev = git_config_bool(k, v);
 		return 0;
 	}
 	if (!strcmp(k, "uploadpack.blobpackfileuri")) {
@@ -4007,8 +4004,8 @@ int cmd_pack_objects(int argc, const char **argv, const char *prefix)
 
 	reset_pack_idx_option(&pack_idx_opts);
 	git_config(git_pack_config, NULL);
-	if (git_env_bool(GIT_TEST_WRITE_REV_INDEX, 0))
-		pack_idx_opts.flags |= WRITE_REV;
+	pack_idx_opts.write_rev = git_env_bool(GIT_TEST_WRITE_REV_INDEX,
+					       pack_idx_opts.write_rev);
 
 	progress = isatty(2);
 	argc = parse_options(argc, argv, prefix, pack_objects_options,
diff --git a/midx.c b/midx.c
index 3db0e47735f..f0bb56b2c64 100644
--- a/midx.c
+++ b/midx.c
@@ -905,7 +905,7 @@ static void write_midx_reverse_index(char *midx_name, unsigned char *midx_hash,
 	strbuf_addf(&buf, "%s-%s.rev", midx_name, hash_to_hex(midx_hash));
 
 	tmp_file = write_rev_file_order(NULL, ctx->pack_order, ctx->entries_nr,
-					midx_hash, WRITE_REV);
+					midx_hash, 0);
 
 	if (finalize_object_file(tmp_file, buf.buf))
 		die(_("cannot store reverse index file"));
diff --git a/pack-write.c b/pack-write.c
index 51812cb1299..7973aa75579 100644
--- a/pack-write.c
+++ b/pack-write.c
@@ -44,7 +44,7 @@ static int need_large_offset(off_t offset, const struct pack_idx_option *opts)
  */
 const char *write_idx_file(const char *index_name, struct pack_idx_entry **objects,
 			   int nr_objects, const struct pack_idx_option *opts,
-			   const unsigned char *sha1)
+			   const unsigned char *sha1, int verify)
 {
 	struct hashfile *f;
 	struct pack_idx_entry **sorted_by_sha, **list, **last;
@@ -65,7 +65,7 @@ const char *write_idx_file(const char *index_name, struct pack_idx_entry **objec
 	else
 		sorted_by_sha = list = last = NULL;
 
-	if (opts->flags & WRITE_IDX_VERIFY) {
+	if (verify) {
 		assert(index_name);
 		f = hashfd_check(index_name);
 	} else {
@@ -117,7 +117,7 @@ const char *write_idx_file(const char *index_name, struct pack_idx_entry **objec
 		if (index_version < 2)
 			hashwrite_be32(f, obj->offset);
 		hashwrite(f, obj->oid.hash, the_hash_algo->rawsz);
-		if ((opts->flags & WRITE_IDX_STRICT) &&
+		if (opts->write_idx_strict &&
 		    (i && oideq(&list[-2]->oid, &obj->oid)))
 			die("The same object %s appears twice in the pack",
 			    oid_to_hex(&obj->oid));
@@ -159,9 +159,10 @@ const char *write_idx_file(const char *index_name, struct pack_idx_entry **objec
 	}
 
 	hashwrite(f, sha1, the_hash_algo->rawsz);
+
 	finalize_hashfile(f, NULL, FSYNC_COMPONENT_PACK_METADATA,
 			  CSUM_HASH_IN_STREAM | CSUM_CLOSE |
-			  ((opts->flags & WRITE_IDX_VERIFY) ? 0 : CSUM_FSYNC));
+			  (verify ? 0 : CSUM_FSYNC));
 	return index_name;
 }
 
@@ -216,22 +217,19 @@ const char *write_rev_file(const char *rev_name,
 			   struct pack_idx_entry **objects,
 			   uint32_t nr_objects,
 			   const unsigned char *hash,
-			   unsigned flags)
+			   int verify)
 {
 	uint32_t *pack_order;
 	uint32_t i;
 	const char *ret;
 
-	if (!(flags & WRITE_REV) && !(flags & WRITE_REV_VERIFY))
-		return NULL;
-
 	ALLOC_ARRAY(pack_order, nr_objects);
 	for (i = 0; i < nr_objects; i++)
 		pack_order[i] = i;
 	QSORT_S(pack_order, nr_objects, pack_order_cmp, objects);
 
 	ret = write_rev_file_order(rev_name, pack_order, nr_objects, hash,
-				   flags);
+				   verify);
 
 	free(pack_order);
 
@@ -242,15 +240,12 @@ const char *write_rev_file_order(const char *rev_name,
 				 uint32_t *pack_order,
 				 uint32_t nr_objects,
 				 const unsigned char *hash,
-				 unsigned flags)
+				 int verify)
 {
 	struct hashfile *f;
 	int fd;
 
-	if ((flags & WRITE_REV) && (flags & WRITE_REV_VERIFY))
-		die(_("cannot both write and verify reverse index"));
-
-	if (flags & WRITE_REV) {
+	if (!verify) {
 		if (!rev_name) {
 			struct strbuf tmp_file = STRBUF_INIT;
 			fd = odb_mkstemp(&tmp_file, "pack/tmp_rev_XXXXXX");
@@ -260,7 +255,7 @@ const char *write_rev_file_order(const char *rev_name,
 			fd = xopen(rev_name, O_CREAT|O_EXCL|O_WRONLY, 0600);
 		}
 		f = hashfd(fd, rev_name);
-	} else if (flags & WRITE_REV_VERIFY) {
+	} else {
 		struct stat statbuf;
 		if (stat(rev_name, &statbuf)) {
 			if (errno == ENOENT) {
@@ -270,8 +265,7 @@ const char *write_rev_file_order(const char *rev_name,
 				die_errno(_("could not stat: %s"), rev_name);
 		}
 		f = hashfd_check(rev_name);
-	} else
-		return NULL;
+	}
 
 	write_rev_header(f);
 
@@ -283,7 +277,8 @@ const char *write_rev_file_order(const char *rev_name,
 
 	finalize_hashfile(f, NULL, FSYNC_COMPONENT_PACK_METADATA,
 			  CSUM_HASH_IN_STREAM | CSUM_CLOSE |
-			  ((flags & WRITE_IDX_VERIFY) ? 0 : CSUM_FSYNC));
+			  (verify ? 0 : CSUM_FSYNC));
+
 
 	return rev_name;
 }
@@ -494,12 +489,13 @@ void stage_tmp_packfiles(struct strbuf *name_buffer,
 		die_errno("unable to make temporary pack file readable");
 
 	*idx_tmp_name = (char *)write_idx_file(NULL, written_list, nr_written,
-					       pack_idx_opts, hash);
+					       pack_idx_opts, hash, 0);
 	if (adjust_shared_perm(*idx_tmp_name))
 		die_errno("unable to make temporary index file readable");
 
-	rev_tmp_name = write_rev_file(NULL, written_list, nr_written, hash,
-				      pack_idx_opts->flags);
+	if (pack_idx_opts->write_rev)
+		rev_tmp_name = write_rev_file(NULL, written_list, nr_written, hash,
+					      0);
 
 	rename_tmp_packfile(name_buffer, pack_tmp_name, "pack");
 	if (rev_tmp_name)
diff --git a/pack.h b/pack.h
index 802c047efe6..ccc4c129b0c 100644
--- a/pack.h
+++ b/pack.h
@@ -38,12 +38,8 @@ struct pack_header {
 #define PACK_IDX_SIGNATURE 0xff744f63	/* "\377tOc" */
 
 struct pack_idx_option {
-	unsigned flags;
-	/* flag bits */
-#define WRITE_IDX_VERIFY 01 /* verify only, do not write the idx file */
-#define WRITE_IDX_STRICT 02
-#define WRITE_REV 04
-#define WRITE_REV_VERIFY 010
+	unsigned int write_idx_strict:1,
+		     write_rev:1;
 
 	uint32_t version;
 	uint32_t off32_limit;
@@ -84,7 +80,8 @@ typedef int (*verify_fn)(const struct object_id *, enum object_type, unsigned lo
 const char *write_idx_file(const char *index_name,
 			   struct pack_idx_entry **objects, int nr_objects,
 			   const struct pack_idx_option *opts,
-			   const unsigned char *sha1);
+			   const unsigned char *sha1,
+			   int verify);
 int check_pack_crc(struct packed_git *p, struct pack_window **w_curs, off_t offset, off_t len, unsigned int nr);
 int verify_pack_index(struct packed_git *);
 int verify_pack(struct repository *, struct packed_git *, verify_fn fn, struct progress *, uint32_t);
@@ -99,11 +96,11 @@ void write_promisor_file(const char *promisor_name, struct ref **sought, int nr_
 const char *write_rev_file(const char *rev_name,
 			   struct pack_idx_entry **objects,
 			   uint32_t nr_objects,
-			   const unsigned char *hash, unsigned flags);
+			   const unsigned char *hash, int verify);
 const char *write_rev_file_order(const char *rev_name, uint32_t *pack_order,
 				 uint32_t nr_objects,
 				 const unsigned char *hash,
-				 unsigned flags);
+				 int verify);
 
 /*
  * The "hdr" output buffer should be at least this big, which will handle sizes

From patchwork Fri Jun  3 18:37:51 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
X-Patchwork-Submitter: =?utf-8?b?w4Z2YXIgQXJuZmrDtnLDsCBCamFybWFzb24=?=
 <avarab@gmail.com>
X-Patchwork-Id: 12869325
Return-Path: <git-owner@kernel.org>
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on
	aws-us-west-2-korg-lkml-1.web.codeaurora.org
Received: from vger.kernel.org (vger.kernel.org [23.128.96.18])
	by smtp.lore.kernel.org (Postfix) with ESMTP id 23EB1CCA473
	for <git@archiver.kernel.org>; Fri,  3 Jun 2022 18:40:16 +0000 (UTC)
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1345061AbiFCSkP (ORCPT <rfc822;git@archiver.kernel.org>);
        Fri, 3 Jun 2022 14:40:15 -0400
Received: from lindbergh.monkeyblade.net ([23.128.96.19]:39840 "EHLO
        lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S1347221AbiFCSjG (ORCPT <rfc822;git@vger.kernel.org>);
        Fri, 3 Jun 2022 14:39:06 -0400
Received: from mail-wm1-x334.google.com (mail-wm1-x334.google.com
 [IPv6:2a00:1450:4864:20::334])
        by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 38DFB2616
        for <git@vger.kernel.org>; Fri,  3 Jun 2022 11:38:15 -0700 (PDT)
Received: by mail-wm1-x334.google.com with SMTP id
 r123-20020a1c2b81000000b0039c1439c33cso4745992wmr.5
        for <git@vger.kernel.org>; Fri, 03 Jun 2022 11:38:15 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=gmail.com; s=20210112;
        h=from:to:cc:subject:date:message-id:in-reply-to:references
         :mime-version:content-transfer-encoding;
        bh=vPWxm4jewQr4g5pmSjkl40nxw8y46JPP5i4gCPXmvec=;
        b=khcfuuDbTU3QC38Ven46lVMZEK7cl3HFZ8y06We5FMH8KRw+kZikIwiqYwsy/GmF6u
         yZTa4ZhQEsnPrBpIVFA33WrpMuHKOTkW7hEC6P52N//AUbKdcCLCODCsVkyH/O+5u8aN
         A/u3SOHSe4lxvHiE+dEyz6PiKonqWiPB1s+hEPvsq57SyCwJUCGtjDNDIsSLSUDdIqHX
         ecql4i7iZ4IkUCPMp/aKJ6sIPYxPwTz8w3va0jbKD1W7GTT2Gx0nYOXUNU27JP8lH4Uk
         /Q3Y6dz4rUeoJ4ggE9iUu0vXWdCVOb/eLTzFWcSOHrf7KAvCgqvzn10auKFt/4mxWXIX
         IgOg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20210112;
        h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to
         :references:mime-version:content-transfer-encoding;
        bh=vPWxm4jewQr4g5pmSjkl40nxw8y46JPP5i4gCPXmvec=;
        b=FSmMWRQbG/oDf9YITb50fJ+Z8QU5cxt1QeSBs4N96ABEYaUOyaH4J/yEmRD+HygnGk
         6rA5DVYOLiAkfbTX/l+FX/WP47TCBTM6VxZ6t8jE6mTf+PPpARQyj87ay83eLGH5f0+O
         7QasOdlBB/0Z5T1hGQgDY7AlVke7lJIAiAk6A5cz7EgoR6m9ZvH576UfrWuNe9fx7+Hq
         J79cNK5tExIJJTWrMVz6ZGGcWCaYY6vrBzH69x7Kx5nHlcD9b9nRVeaDuaFENSqKEthi
         i+Qb+9WtDrUqjGLG0zl4bmfkVyF5lrP4yvXF7TDXaSKhaA9G4qchAHC62j0Z2vGYdKCo
         jJkQ==
X-Gm-Message-State: AOAM530tIziCBCvYzOrcdy2OnZylch00AU5A8sV8PfVO2r8VFMSQtA2i
        nasbFdcSkjeWXv6Tb4SH584b8IQUl7teug==
X-Google-Smtp-Source: 
 ABdhPJw3JVSI4ZTGWu6zuLvJMqjHs37nQLsP2pPdg42UDmkAuthw0/JqEQITVk8ZSgtsssksLDmHSQ==
X-Received: by 2002:a05:600c:1f07:b0:397:8dea:ee74 with SMTP id
 bd7-20020a05600c1f0700b003978deaee74mr10033854wmb.148.1654281493538;
        Fri, 03 Jun 2022 11:38:13 -0700 (PDT)
Received: from vm.nix.is (vm.nix.is. [2a01:4f8:120:2468::2])
        by smtp.gmail.com with ESMTPSA id
 y5-20020adff6c5000000b0020c5253d926sm8232636wrp.114.2022.06.03.11.38.12
        (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
        Fri, 03 Jun 2022 11:38:13 -0700 (PDT)
From: =?utf-8?b?w4Z2YXIgQXJuZmrDtnLDsCBCamFybWFzb24=?=  <avarab@gmail.com>
To: git@vger.kernel.org
Cc: Junio C Hamano <gitster@pobox.com>,
 =?utf-8?q?Ren=C3=A9_Scharfe?= <l.s.r@web.de>,
 Jinoh Kang <luke1337@theori.io>, Phillip Wood <phillip.wood@talktalk.net>,
 Glen Choo <chooglen@google.com>, Paul Tan <pyokagan@gmail.com>,
 Han-Wen Nienhuys <hanwen@google.com>, Karthik Nayak <karthik.188@gmail.com>,
 Jeff Smith <whydoubt@gmail.com>, Taylor Blau <me@ttaylorr.com>,
	=?utf-8?b?w4Z2YXIgQXJuZmrDtnLDsCBCamFybWFzb24=?=  <avarab@gmail.com>
Subject: [RFC PATCH 14/15] config.mak.dev: add a DEVOPTS=analyzer mode to use
 GCC's -fanalyzer
Date: Fri,  3 Jun 2022 20:37:51 +0200
Message-Id: <RFC-patch-14.15-9cf550688d4-20220603T183608Z-avarab@gmail.com>
X-Mailer: git-send-email 2.36.1.1124.g577fa9c2ebd
In-Reply-To: <RFC-cover-00.15-00000000000-20220603T183608Z-avarab@gmail.com>
References: <RFC-cover-00.15-00000000000-20220603T183608Z-avarab@gmail.com>
MIME-Version: 1.0
Precedence: bulk
List-ID: <git.vger.kernel.org>
X-Mailing-List: git@vger.kernel.org

Add an option to compile with GCC's -fanalyzer, which as noted in [1]
and [2] has become much more useful in the recently released GCC v12
series.

Here we're quieting a few outstanding -fanalyzer issues that require
us to use -Wno-error=* on an entire file:

 * range-diff.c, because it involves loop variables and would be
   painfully verbose to instrument with the ASSERT_FOR_FANALYZER() macro
   introduced in the subsequent commit.

 * http-fetch.c and fsmonitor-settings.c, because those aren't issues
   where we're referencing NULL, and therefore we can't quiet it with an
   assert().

For non-GCC compilers I considered wrapping the DEVOPTS logic in:

	ifneq ($(filter gcc10,$(COMPILER_FEATURES)),)
	endif

Which would make it OK to specify DEVOPTS=analyzer under other
compilers, or on older GCC. But then we'd silently ignore the option
on those. Let's instead trust the compiler to error out if it doesn't
support -fanalyzer.

There are various limitations and bugs in the analyzer engine, e.g. I
filed [3] for a false positive in builtin/merge-file.c before GCC v12
was released, which was subsequently fixed in GCC 12 trunk in [4], but
many other issues remain.

1. https://developers.redhat.com/articles/2022/04/12/state-static-analysis-gcc-12-compiler
2. https://gcc.gnu.org/gcc-12/changes.html
3. https://gcc.gnu.org/bugzilla/show_bug.cgi?id=105264
4. https://gcc.gnu.org/git/gitweb.cgi?p=gcc.git;h=a358e4b60815b41e27f3508014ceb592f86b9b45

Signed-off-by: Ævar Arnfjörð Bjarmason <avarab@gmail.com>
---
 Makefile       | 14 ++++++++++++
 config.mak.dev | 61 ++++++++++++++++++++++++++++++++++++++++++++++++++
 2 files changed, 75 insertions(+)

diff --git a/Makefile b/Makefile
index 18ca6744a50..129d55f5992 100644
--- a/Makefile
+++ b/Makefile
@@ -507,6 +507,20 @@ include shared.mak
 #    no-pedantic:
 #
 #        Disable -pedantic compilation.
+#
+#    analyzer:
+#
+#        Compile with GCC's -fanalyzer, this analysis is much more
+#        expensive than other GCC warnings.
+#
+#        The set of analysis flags is curated based on known issues
+#        and compiler version. Known issues are made into non-fatal
+#        warnings (even "no-error" isn't set).
+#
+#    no-suppress-analyzer:
+#
+#        When using "analyzer" disable the suppression of known
+#        -fanalyzer issues.
 
 GIT-VERSION-FILE: FORCE
 	@$(SHELL_PATH) ./GIT-VERSION-GEN
diff --git a/config.mak.dev b/config.mak.dev
index c3104f400b2..d6f5be92297 100644
--- a/config.mak.dev
+++ b/config.mak.dev
@@ -72,3 +72,64 @@ DEVELOPER_CFLAGS += -Wno-error=dangling-pointer
 endif
 
 GIT_TEST_PERL_FATAL_WARNINGS = YesPlease
+
+# GCC's -fanalyzer mode
+ifeq ($(filter analyzer,$(DEVOPTS)),analyzer)
+
+ifeq ($(filter gcc1,$(COMPILER_FEATURES)),)
+$(error you must be using a new-ish version of GCC for DEVOPTS=analyzer, your \
+$(CC) is not GCC at all!)
+endif
+
+DEVELOPER_CFLAGS += -fanalyzer
+
+## -fanalyzer exists exists as of gcc10, but versions older than gcc12
+## have a lot of false positives.
+ifeq ($(filter gcc12,$(COMPILER_FEATURES)),)
+DEVELOPER_CFLAGS += -Wno-analyzer-double-free
+DEVELOPER_CFLAGS += -Wno-analyzer-free-of-non-heap
+endif
+
+## Helper templates to whitelist existing issues
+define fn_disable_analyzer_tmpl
+$(1).sp $(1).s $(1).o: EXTRA_CPPFLAGS += $(2)
+
+endef
+
+define fn_disable_analyzer
+$(foreach f,$(2),$(call fn_disable_analyzer_tmpl,$(f),$(1)))
+endef
+
+## -Wno-error=analyzer-null-dereference
+$(eval $(call fn_disable_analyzer, \
+	-Wno-error=analyzer-null-dereference, \
+	range-diff \
+))
+## -Wno-error=analyzer-malloc-leak
+$(eval $(call fn_disable_analyzer, \
+	-Wno-error=analyzer-malloc-leak, \
+	fsmonitor-settings \
+))
+## per-GCC version annotations
+### -Wno-error=analyzer-use-of-uninitialized-value: gcc >= 12
+ifneq ($(filter gcc12,$(COMPILER_FEATURES)),)
+$(eval $(call fn_disable_analyzer, \
+	-Wno-error=analyzer-use-of-uninitialized-value, \
+	http-fetch \
+))
+else # gcc < 12
+### -Wno-error=analyzer-null-dereference: gcc == 11
+ifneq ($(filter gcc11,$(COMPILER_FEATURES)),)
+$(eval $(call fn_disable_analyzer, \
+	-Wno-error=analyzer-null-dereference, \
+	merge \
+	xdiff/xemit \
+	reftable/reader \
+))
+else
+$(error Your GCC version is too old for -fanalyze, or you are using \
+gcc10 which has it, but has too many false positives!)
+endif
+endif # gcc < 12
+
+endif

From patchwork Fri Jun  3 18:37:52 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
X-Patchwork-Submitter: =?utf-8?b?w4Z2YXIgQXJuZmrDtnLDsCBCamFybWFzb24=?=
 <avarab@gmail.com>
X-Patchwork-Id: 12869329
Return-Path: <git-owner@kernel.org>
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on
	aws-us-west-2-korg-lkml-1.web.codeaurora.org
Received: from vger.kernel.org (vger.kernel.org [23.128.96.18])
	by smtp.lore.kernel.org (Postfix) with ESMTP id 330C3C43334
	for <git@archiver.kernel.org>; Fri,  3 Jun 2022 18:40:55 +0000 (UTC)
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1347142AbiFCSky (ORCPT <rfc822;git@archiver.kernel.org>);
        Fri, 3 Jun 2022 14:40:54 -0400
Received: from lindbergh.monkeyblade.net ([23.128.96.19]:37838 "EHLO
        lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S1347230AbiFCSjG (ORCPT <rfc822;git@vger.kernel.org>);
        Fri, 3 Jun 2022 14:39:06 -0400
Received: from mail-wr1-x42b.google.com (mail-wr1-x42b.google.com
 [IPv6:2a00:1450:4864:20::42b])
        by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 5032826FA
        for <git@vger.kernel.org>; Fri,  3 Jun 2022 11:38:15 -0700 (PDT)
Received: by mail-wr1-x42b.google.com with SMTP id h5so11495907wrb.0
        for <git@vger.kernel.org>; Fri, 03 Jun 2022 11:38:15 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=gmail.com; s=20210112;
        h=from:to:cc:subject:date:message-id:in-reply-to:references
         :mime-version:content-transfer-encoding;
        bh=vEuiqLtIctBAQu/LqPfXZF5wFKtHXlmthNmIHjhYQlU=;
        b=buP+mXP6CSmRPsWOCydbn7r8ymYOHLOTKzvwAqd34vVfz3ggdyzHmsPBoUs3oVtwEK
         PjeQU7aGrkeElVLHX83zLvU9Re2UoMTMqcZnGjAglxJpDTL8ug32+S9ofeiAYJkXhxoW
         Iv6tbXUhxMaOy9qaC7i0h8//U12twpE+/4M6/SGUfWcwPD7ju5SvC9UJEnhcVnvpg8Gq
         UhiBa9/TB70s82OqM40k+3CiR+Kp8txr3IJt9I0uhTA4qjuXiEtBmSJoXzBAbTVIl1xF
         bq5gtLyPHJLMEWMkcsOKf40BoAPtOvxFR7dn2gmzENt9uYLQNGQmH3Ttra9LPTlR638d
         CGww==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20210112;
        h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to
         :references:mime-version:content-transfer-encoding;
        bh=vEuiqLtIctBAQu/LqPfXZF5wFKtHXlmthNmIHjhYQlU=;
        b=3XMH/AUY2KY+ZHn2x0/pw/yBqg6hLsQsPBjgUIo1YDzp5ZZT5lg46BpQiortaLV2Mj
         7zAHt+VFfVpdNmD6W8W9lH7YZafJBB+zmC3wcA9+Jij6CDzNPSCjWKqpls3u73xi5nxf
         peGnggts0MGWLsLt4ebcM6vgglChH5OMN4nCQpZvyEK45jzY/IkJx0JEvFZztINfZ8Ip
         9f274FcBPrZyLvEoiaBpDOoC/Lez9teUc/SEraE2nHoiTaFywFr7KGWUax5R2UdhOMqH
         60t+EPkXymD4L6MeSOEBdGEkIUc1I5SUAT9bcx9S3HVZZTaSnutYSWTzmI/C2g902sgs
         jIrw==
X-Gm-Message-State: AOAM533FjMvZZeG6/ok+Ri1mLG3ey9BZObiGpL9bq7puABsMwUAo8SOb
        iB5YMUwlyXiDApL/mx2gLtKsJdgVYRKPJw==
X-Google-Smtp-Source: 
 ABdhPJzqoE6oBIysCRBzT0ZIDWCqsGYBMyGxRf6Gw28Pk2bLk+zOMOi8LrDLPIDPTIHl3nmlLR97Pw==
X-Received: by 2002:a05:6000:2a9:b0:210:2530:be32 with SMTP id
 l9-20020a05600002a900b002102530be32mr9667568wry.153.1654281494624;
        Fri, 03 Jun 2022 11:38:14 -0700 (PDT)
Received: from vm.nix.is (vm.nix.is. [2a01:4f8:120:2468::2])
        by smtp.gmail.com with ESMTPSA id
 y5-20020adff6c5000000b0020c5253d926sm8232636wrp.114.2022.06.03.11.38.13
        (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
        Fri, 03 Jun 2022 11:38:13 -0700 (PDT)
From: =?utf-8?b?w4Z2YXIgQXJuZmrDtnLDsCBCamFybWFzb24=?=  <avarab@gmail.com>
To: git@vger.kernel.org
Cc: Junio C Hamano <gitster@pobox.com>,
 =?utf-8?q?Ren=C3=A9_Scharfe?= <l.s.r@web.de>,
 Jinoh Kang <luke1337@theori.io>, Phillip Wood <phillip.wood@talktalk.net>,
 Glen Choo <chooglen@google.com>, Paul Tan <pyokagan@gmail.com>,
 Han-Wen Nienhuys <hanwen@google.com>, Karthik Nayak <karthik.188@gmail.com>,
 Jeff Smith <whydoubt@gmail.com>, Taylor Blau <me@ttaylorr.com>,
	=?utf-8?b?w4Z2YXIgQXJuZmrDtnLDsCBCamFybWFzb24=?=  <avarab@gmail.com>
Subject: [RFC PATCH 15/15] config.mak.dev: add and use ASSERT_FOR_FANALYZER()
 macro
Date: Fri,  3 Jun 2022 20:37:52 +0200
Message-Id: <RFC-patch-15.15-16bd2270b4c-20220603T183608Z-avarab@gmail.com>
X-Mailer: git-send-email 2.36.1.1124.g577fa9c2ebd
In-Reply-To: <RFC-cover-00.15-00000000000-20220603T183608Z-avarab@gmail.com>
References: <RFC-cover-00.15-00000000000-20220603T183608Z-avarab@gmail.com>
MIME-Version: 1.0
Precedence: bulk
List-ID: <git.vger.kernel.org>
X-Mailing-List: git@vger.kernel.org

Add an ASSERT_FOR_FANALYZER() macro to quiet those -fanalyzer issues
that haven't been diagnosed yet to either change the code involved, or
to add an assert() or BUG() to it to placate GCC v12's -fanalyzer
mode.

As in the preceding commit we could also use -Wno-error=* here, which
was the initial implementation in config.mak.dev, i.e. something like:

	## -Wno-error=analyzer-null-dereference
	$(eval $(call fn_disable_analyzer, \
		-Wno-error=analyzer-null-dereference, \
		dir \
		gpg-interface \
		graph \
		range-diff \
		utf8 \
	))
	## -Wno-error=analyzer-null-dereference: pre-gcc12
	ifeq ($(filter gcc12,$(COMPILER_FEATURES)),)
	$(eval $(call fn_disable_analyzer, \
		-Wno-error=analyzer-null-dereference, \
		merge \
		builtin/name-rev \
	))
	endif

But any such approach will unfortunately quiet *all* in the relevant
files, including any new ones. Instead we want to quiet specific
issues involved with ASSERT_FOR_FANALYZER().

A drawback of this overall approach is that this only works under
e.g. CFLAGS=-O0, but not CFLAGS=-O3. The compiler takes the liberty to
re-arrange our code to get around these assert()s, and other new
issues will also crop up. All of this is expected (-fanalyzer is
subject to optimization passes, like most other options), but let's
focus on -O0 for now.

Commentary on specific cases:

 * builtin/name-rev.c: Since 45a14f578e1 (Revert "name-rev: release
   unused name strings", 2022-04-22) GCC v12's -fanalyzer has complained
   about this code, per René's analysis in [1] it's incorrect to do
   so. So let's add an ASSERT_FOR_FANALYZER() to placate it.

 * graph.c: In 0f0f389f120 (graph: tidy up display of left-skewed
   merges, 2019-10-15) a previous "assert" was removed, and another
   unconditional deference of the return value of
   first_interesting_parent() was added without checking it. Since it
   can return NULL let's add ASSERT_FOR_FANALYZER()'s here to note for
   -fanalyzer that we won't be dereferencing these in practice.

1. https://lore.kernel.org/git/dece627d-ccf8-2375-0c50-c59637e561d3@web.de/

Signed-off-by: Ævar Arnfjörð Bjarmason <avarab@gmail.com>
---
 builtin/name-rev.c |  1 +
 config.mak.dev     |  4 ++++
 dir.c              |  1 +
 git-compat-util.h  | 16 ++++++++++++++++
 gpg-interface.c    |  2 ++
 graph.c            |  2 ++
 line-log.c         |  2 ++
 unpack-trees.c     |  1 +
 utf8.c             |  1 +
 9 files changed, 30 insertions(+)

diff --git a/builtin/name-rev.c b/builtin/name-rev.c
index 02ea9d16330..419159961b9 100644
--- a/builtin/name-rev.c
+++ b/builtin/name-rev.c
@@ -223,6 +223,7 @@ static void name_rev(struct commit *start_commit,
 			if (commit_is_before_cutoff(parent))
 				continue;
 
+			ASSERT_FOR_FANALYZER(name);
 			if (parent_number > 1) {
 				generation = 0;
 				distance = name->distance + MERGE_TRAVERSAL_WEIGHT;
diff --git a/config.mak.dev b/config.mak.dev
index d6f5be92297..1d47fc04163 100644
--- a/config.mak.dev
+++ b/config.mak.dev
@@ -83,6 +83,10 @@ endif
 
 DEVELOPER_CFLAGS += -fanalyzer
 
+ifeq ($(filter no-suppress-analyzer,$(DEVOPTS)),)
+DEVELOPER_CFLAGS += -DSUPPRESS_FSANITIZER
+endif
+
 ## -fanalyzer exists exists as of gcc10, but versions older than gcc12
 ## have a lot of false positives.
 ifeq ($(filter gcc12,$(COMPILER_FEATURES)),)
diff --git a/dir.c b/dir.c
index 3633c0852ee..c80b584b4a7 100644
--- a/dir.c
+++ b/dir.c
@@ -3781,6 +3781,7 @@ static void invalidate_one_directory(struct untracked_cache *uc,
 				     struct untracked_cache_dir *ucd)
 {
 	uc->dir_invalidated++;
+	ASSERT_FOR_FANALYZER(ucd);
 	ucd->valid = 0;
 	ucd->untracked_nr = 0;
 }
diff --git a/git-compat-util.h b/git-compat-util.h
index 96293b6c43a..a553884c048 100644
--- a/git-compat-util.h
+++ b/git-compat-util.h
@@ -984,6 +984,21 @@ static inline unsigned long cast_size_t_to_ulong(size_t a)
 	return (unsigned long)a;
 }
 
+/**
+ * Transitory helper macro to quiet currently known GCC -fsanitizer
+ * issues.
+ *
+ * We lie to it and say that we're confident that the given "expr" to
+ * ASSERT_FOR_FANALYZER() cannot be NULL (or 0). Those
+ * grandfathered-in issues should be fixed, but at least we're
+ * stemming the tide.
+ */
+#ifdef SUPPRESS_FSANITIZER
+#define ASSERT_FOR_FANALYZER(expr) assert((expr))
+#else
+#define ASSERT_FOR_FANALYZER(expr) do {} while (0)
+#endif
+
 #ifdef HAVE_ALLOCA_H
 # include <alloca.h>
 # define xalloca(size)      (alloca(size))
@@ -1037,6 +1052,7 @@ int xstrncmpz(const char *s, const char *t, size_t len);
 	BUILD_ASSERT_OR_ZERO(sizeof(*(dst)) == sizeof(*(src))))
 static inline void copy_array(void *dst, const void *src, size_t n, size_t size)
 {
+	ASSERT_FOR_FANALYZER(dst);
 	if (n)
 		memcpy(dst, src, st_mult(size, n));
 }
diff --git a/gpg-interface.c b/gpg-interface.c
index 280f1fa1a58..9cba3b86e45 100644
--- a/gpg-interface.c
+++ b/gpg-interface.c
@@ -242,6 +242,7 @@ static void parse_gpg_output(struct signature_check *sigc)
 					next = strchrnul(line, ' ');
 					replace_cstring(&sigc->key, line, next);
 					/* Do we have signer information? */
+					ASSERT_FOR_FANALYZER(next);
 					if (*next && (sigcheck_gpg_status[i].flags & GPG_STATUS_UID)) {
 						line = next + 1;
 						next = strchrnul(line, '\n');
@@ -283,6 +284,7 @@ static void parse_gpg_output(struct signature_check *sigc)
 					 */
 					limit = strchrnul(line, '\n');
 					for (j = 9; j > 0; j--) {
+						ASSERT_FOR_FANALYZER(next);
 						if (!*next || limit <= next)
 							break;
 						line = next + 1;
diff --git a/graph.c b/graph.c
index 568b6e7cd41..39f7e95d4ab 100644
--- a/graph.c
+++ b/graph.c
@@ -1105,6 +1105,7 @@ static void graph_output_post_merge_line(struct git_graph *graph, struct graph_l
 			seen_this = 1;
 
 			for (j = 0; j < graph->num_parents; j++) {
+				ASSERT_FOR_FANALYZER(parents);
 				par_column = graph_find_new_column_by_commit(graph, parents->item);
 				assert(par_column >= 0);
 
@@ -1138,6 +1139,7 @@ static void graph_output_post_merge_line(struct git_graph *graph, struct graph_l
 			}
 		}
 
+		ASSERT_FOR_FANALYZER(first_parent);
 		if (col_commit == first_parent->item)
 			parent_col = col;
 	}
diff --git a/line-log.c b/line-log.c
index 51d93310a4d..1295f46deaf 100644
--- a/line-log.c
+++ b/line-log.c
@@ -154,6 +154,7 @@ static void range_set_union(struct range_set *out,
 	while (i < a->nr || j < b->nr) {
 		struct range *new_range;
 		if (i < a->nr && j < b->nr) {
+			ASSERT_FOR_FANALYZER(rb);
 			if (ra[i].start < rb[j].start)
 				new_range = &ra[i++];
 			else if (ra[i].start > rb[j].start)
@@ -166,6 +167,7 @@ static void range_set_union(struct range_set *out,
 			new_range = &ra[i++];
 		else                       /* a exhausted */
 			new_range = &rb[j++];
+		ASSERT_FOR_FANALYZER(new_range);
 		if (new_range->start == new_range->end)
 			; /* empty range */
 		else if (!out->nr || out->ranges[out->nr-1].end < new_range->start) {
diff --git a/unpack-trees.c b/unpack-trees.c
index a1d0ff3a4d3..b6e10b05a00 100644
--- a/unpack-trees.c
+++ b/unpack-trees.c
@@ -2195,6 +2195,7 @@ static int verify_clean_subdirectory(const struct cache_entry *ce,
 	char *pathbuf;
 	int cnt = 0;
 
+	ASSERT_FOR_FANALYZER(ce);
 	if (S_ISGITLINK(ce->ce_mode)) {
 		struct object_id oid;
 		int sub_head = resolve_gitlink_ref(ce->name, "HEAD", &oid);
diff --git a/utf8.c b/utf8.c
index de4ce5c0e68..3ffc0a97f3b 100644
--- a/utf8.c
+++ b/utf8.c
@@ -130,6 +130,7 @@ static ucs_char_t pick_one_utf8_char(const char **start, size_t *remainder_p)
 	 */
 	remainder = (remainder_p ? *remainder_p : 999);
 
+	ASSERT_FOR_FANALYZER(remainder < 1 || s);
 	if (remainder < 1) {
 		goto invalid;
 	} else if (*s < 0x80) {