grep: protect packed_git [re-]initialization

Some fields in struct raw_object_store are lazy initialized by the
thread-unsafe packfile.c:prepare_packed_git(). Although this function is
present in the call stack of git-grep threads, all paths to it are
currently protected by obj_read_lock() (and the main thread usually
indirectly calls it before firing the worker threads, anyway). However,
it's possible that future modifications add new unprotected paths to it,
introducing a race condition. Because errors derived from it wouldn't
happen often, it could be hard to detect. So to prevent future
headaches, let's force eager initialization of packed_git when setting
git-grep up. There'll be a small overhead in the cases where we didn't
really need to prepare packed_git during execution but this shouldn't be
very noticeable.

Also, packed_git may be re-initialized by
packfile.c:reprepare_packed_git(). Again, all paths to it in git-grep
are already protected by obj_read_lock() but it may suffer from the same
problem in the future. So let's also internally protect it with
obj_read_lock() (which is a recursive mutex).

Signed-off-by: Matheus Tavares <matheus.bernardino@usp.br>
Signed-off-by: Junio C Hamano <gitster@pobox.com>

diff --git a/builtin/grep.c b/builtin/grep.c
index ac3d86c2e5299be9c2b89037d18f7a2ab09828df..1535fd50f87582705a108cbfed2527469fc895ba 100644 (file)
--- a/builtin/grep.c
+++ b/builtin/grep.c
@@ -24,6 +24,7 @@
 #include "submodule.h"
 #include "submodule-config.h"
 #include "object-store.h"
+#include "packfile.h"
 
 static char const * const grep_usage[] = {
        N_("git grep [<options>] [-e] <pattern> [<rev>...] [[--] <path>...]"),
@@ -1074,11 +1075,14 @@ int cmd_grep(int argc, const char **argv, const char *prefix)
                        skip_first_line = 1;
 
                /*
-                * Pre-read gitmodules (if not read already) to prevent racy
-                * lazy reading in worker threads.
+                * Pre-read gitmodules (if not read already) and force eager
+                * initialization of packed_git to prevent racy lazy
+                * reading/initialization once worker threads are started.
                 */
                if (recurse_submodules)
                        repo_read_gitmodules(the_repository, 1);
+               if (startup_info->have_repository)
+                       (void)get_packed_git(the_repository);
 
                start_threads(&opt);
        } else {

diff --git a/packfile.c b/packfile.c
index 24a73fc33af7e21747d0485bdca65b3d5624a621..946ca83e7ae59fa9c859d2cc808fd3da18ef274e 100644 (file)
--- a/packfile.c
+++ b/packfile.c
@@ -1004,12 +1004,14 @@ void reprepare_packed_git(struct repository *r)
 {
        struct object_directory *odb;
 
+       obj_read_lock();
        for (odb = r->objects->odb; odb; odb = odb->next)
                odb_clear_loose_cache(odb);
 
        r->objects->approximate_object_count_valid = 0;
        r->objects->packed_git_initialized = 0;
        prepare_packed_git(r);
+       obj_read_unlock();
 }
 
 struct packed_git *get_packed_git(struct repository *r)