diff options
| author | Ævar Arnfjörð Bjarmason <avarab@gmail.com> | 2022-02-01 20:52:52 (GMT) |
|---|---|---|
| committer | Junio C Hamano <gitster@pobox.com> | 2022-02-01 23:21:19 (GMT) |
| commit | 6798b08e8480f3caff9b7a32e2631f586728f11a (patch) | |
| tree | 9dd05ee5fa4edbd7a9b7ac9077413fc08b918f16 /perl | |
| parent | 4c53a8c20f8984adb226293a3ffd7b88c3f4ac1a (diff) | |
| download | git-6798b08e8480f3caff9b7a32e2631f586728f11a.zip git-6798b08e8480f3caff9b7a32e2631f586728f11a.tar.gz git-6798b08e8480f3caff9b7a32e2631f586728f11a.tar.bz2 | |
perl Git.pm: don't ignore signalled failure in _cmd_close()
Fix misbehavior in Git.pm that dates back to the very first version of
the library in git.git added in b1edc53d062 (Introduce Git.pm (v4),
2006-06-24). When we fail to execute a command we shouldn't ignore all
signals, those can happen e.g. if abort() is called, or if the command
segfaults.
Because of this we'd consider e.g. a command that died due to LSAN
exiting with abort() successful, as is the case with the tests listed
as running successfully with SANITIZE=leak in 9081a421a6d (checkout:
fix "branch info" memory leaks, 2021-11-16). We did run them
successfully, but only because we ignored these errors.
This was then made worse by the use of "abort_on_error=1" for LSAN
added in 85b81b35ff9 (test-lib: set LSAN_OPTIONS to abort by default,
2017-09-05). Doing that makes sense, but without providing that option
we'd have a "$? >> 8" of "23" on failure, with abort_on_error=1 we'll
get "0".
All of our tests pass even without the SIGPIPE exception being added
here, but as the code appears to have been trying to ignore it let's
keep ignoring it for now.
Signed-off-by: Ævar Arnfjörð Bjarmason <avarab@gmail.com>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
Diffstat (limited to 'perl')
| -rw-r--r-- | perl/Git.pm | 21 |
1 files changed, 19 insertions, 2 deletions
diff --git a/perl/Git.pm b/perl/Git.pm index 090a7df..080cdc2 100644 --- a/perl/Git.pm +++ b/perl/Git.pm @@ -1686,6 +1686,16 @@ sub _setup_git_cmd_env { # by searching for it at proper places. sub _execv_git_cmd { exec('git', @_); } +sub _is_sig { + my ($v, $n) = @_; + + # We are avoiding a "use POSIX qw(SIGPIPE SIGABRT)" in the hot + # Git.pm codepath. + require POSIX; + no strict 'refs'; + $v == *{"POSIX::$n"}->(); +} + # Close pipe to a subprocess. sub _cmd_close { my $ctx = shift @_; @@ -1698,9 +1708,16 @@ sub _cmd_close { } elsif ($? >> 8) { # The caller should pepper this. throw Git::Error::Command($ctx, $? >> 8); + } elsif ($? & 127 && _is_sig($? & 127, "SIGPIPE")) { + # we might e.g. closed a live stream; the command + # dying of SIGPIPE would drive us here. + } elsif ($? & 127 && _is_sig($? & 127, "SIGABRT")) { + die sprintf('BUG?: got SIGABRT ($? = %d, $? & 127 = %d) when closing pipe', + $?, $? & 127); + } elsif ($? & 127) { + die sprintf('got signal ($? = %d, $? & 127 = %d) when closing pipe', + $?, $? & 127); } - # else we might e.g. closed a live stream; the command - # dying of SIGPIPE would drive us here. } } |