This is an archive of the discontinued Mercurial Phabricator instance.

transaction: detect an attempt to truncate-to-extend on playback, raise error
ClosedPublic

Authored by spectral on Sep 17 2019, 6:58 PM.

Details

Summary

On some networked filesystems, writes can have delayed finalization/confirmation
and write races can occur such that a remote modification will "win" and
modifications will be lost. There is no functionality for providing this
feedback to userspace programs (in fact, there's not even functionality for
providing this information to the Linux kernel...), so these programs may see
the files suddenly change.

We've noticed that there have been cases where Mercurial has detected something
has gone wrong and attempts to abort (rolling back the transaction), which is
good. However, when rolling back the transaction, for the append-only files,
we attempt to "truncate" the file back to the size it was in before the hg
transaction started, but end up *extending* it. This may be harmless, but if
this happens to the 00changelog.i file, we get a bunch of nulls on the end of
the file and this causes hg to become *really* confused. :)

If we detect that some modification of the file outside of this Mercurial
process has caused the file to be smaller than the size we are attempting to
truncate to, let's just exit and stop trying to clean up the repository -
continuing will likely just cause more damage.

Diff Detail

Repository
rHG Mercurial
Lint
Automatic diff as part of commit; lint not applicable.
Unit
Automatic diff as part of commit; unit tests not applicable.

Event Timeline

spectral created this revision.Sep 17 2019, 6:58 PM

I feel like there's room for doing better, but it'll require very careful reasoning and may not be worthwhile.

This revision was not accepted when it landed; it landed in state Needs Review.
This revision was automatically updated to reflect the committed changes.