gvfs: clear DIE_IF_CORRUPT in streaming incore fallback#873
Merged
dscho merged 1 commit intomicrosoft:vfs-2.53.0from Mar 28, 2026
Merged
gvfs: clear DIE_IF_CORRUPT in streaming incore fallback#873dscho merged 1 commit intomicrosoft:vfs-2.53.0from
dscho merged 1 commit intomicrosoft:vfs-2.53.0from
Conversation
The upstream refactoring in 4c89d31 (streaming: rely on object sources to create object stream, 2025-11-23) changed how istream_source() discovers objects. Previously, it called odb_read_object_info_extended() with flags=0 to locate the object, then tried the source-specific opener (e.g. open_istream_loose). If that failed (e.g. corrupt loose object), it fell back to open_istream_incore which re-read the object — by which time the read-object hook had already re-fetched a clean copy. After the refactoring, istream_source() iterates over sources directly. When a corrupt loose object is found, odb_source_loose_read_object_stream fails and the loop continues to the next source. When no source has the object, it falls through to open_istream_incore, which calls odb_read_object_info_extended with OBJECT_INFO_DIE_IF_CORRUPT. This encounters the same corrupt loose file still on disk and dies before the read-object hook gets a chance to re-download a clean replacement. Fix this by clearing OBJECT_INFO_DIE_IF_CORRUPT in open_istream_incore when GVFS_MISSING_OK is set, matching the existing pattern in odb_read_object. This fixes the GitCorruptObjectTests functional test failures (GitRequestsReplacementForAllNullObject, GitRequestsReplacementForObjectCorruptedWithBadData, GitRequestsReplacementForTruncatedObject) that appeared when upgrading from v2.50.1.vfs.0.1 to v2.53.0.vfs.0.0. Signed-off-by: Tyler Vella <tyvella@microsoft.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
The upstream refactoring in 4c89d31 (streaming: rely on object sources to create object stream, 2025-11-23) changed how istream_source() discovers objects. Previously, it called odb_read_object_info_extended() with flags=0 to locate the object, then tried the source-specific opener (e.g. open_istream_loose). If that failed (e.g. corrupt loose object), it fell back to open_istream_incore which re-read the object — by which time the read-object hook had already re-fetched a clean copy.
After the refactoring, istream_source() iterates over sources directly. When a corrupt loose object is found, odb_source_loose_read_object_stream fails and the loop continues to the next source. When no source has the object, it falls through to open_istream_incore, which calls odb_read_object_info_extended with OBJECT_INFO_DIE_IF_CORRUPT. This encounters the same corrupt loose file still on disk and dies before the read-object hook gets a chance to re-download a clean replacement.
Fix this by clearing OBJECT_INFO_DIE_IF_CORRUPT in open_istream_incore when GVFS_MISSING_OK is set, matching the existing pattern in odb_read_object.
This fixes the GitCorruptObjectTests functional test failures (GitRequestsReplacementForAllNullObject,
GitRequestsReplacementForObjectCorruptedWithBadData, GitRequestsReplacementForTruncatedObject) that appeared when upgrading from v2.50.1.vfs.0.1 to v2.53.0.vfs.0.0.