From 9f119599a69eb11f0712cab3bdbc2000eb91abd7 Mon Sep 17 00:00:00 2001 From: Patrick Steinhardt Date: Mon, 7 Oct 2024 06:38:15 +0200 Subject: cache-tree: refactor verification to return error codes The function `cache_tree_verify()` will `BUG()` whenever it finds that the cache-tree extension of the index is corrupt. The function is thus inherently untestable because the resulting call to `abort()` will be detected by our testing framework and labelled an error. And rightfully so: it shouldn't ever be possible to hit bugs, as they should indicate a programming error rather than corruption of on-disk state. Refactor the function to instead return error codes. This also ensures that the function can be used e.g. by git-fsck(1) without the whole process dying. Furthermore, this refactoring plugs some memory leaks when returning early by creating a common exit path. Signed-off-by: Patrick Steinhardt Signed-off-by: Junio C Hamano --- read-cache.c | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) (limited to 'read-cache.c') diff --git a/read-cache.c b/read-cache.c index 4e67dc182e..d72a3266b6 100644 --- a/read-cache.c +++ b/read-cache.c @@ -3331,8 +3331,9 @@ int write_locked_index(struct index_state *istate, struct lock_file *lock, int new_shared_index, ret, test_split_index_env; struct split_index *si = istate->split_index; - if (git_env_bool("GIT_TEST_CHECK_CACHE_TREE", 0)) - cache_tree_verify(the_repository, istate); + if (git_env_bool("GIT_TEST_CHECK_CACHE_TREE", 0) && + cache_tree_verify(the_repository, istate) < 0) + return -1; if ((flags & SKIP_IF_UNCHANGED) && !istate->cache_changed) { if (flags & COMMIT_LOCK) -- cgit v1.3