How can I fix a Git error broken link from tree to tree?

by

With Git 2.10 (Q3 2016), you can know more about the origin of those broken links.

git fsck --name-objects

See commit 90cf590, commit 1cd772c, commit 7b35efd, commit 993a21b (17 Jul 2016) by Johannes Schindelin (dscho).
(Merged by Junio C Hamano — gitster in commit 9db3979, 25 Jul 2016)

fsck: optionally show more helpful info for broken links

When reporting broken links between commits/trees/blobs, it would be quite helpful at times if the user would be told how the object is supposed to be reachable.

With the new --name-objects option, git-fsck will try to do exactly that:
name the objects in a way that shows how they are reachable.

For example, when some reflog got corrupted and a blob is missing that should not be, the user might want to remove the corresponding reflog entry.
This option helps them find that entry: git fsck --name-objects will now report something like this:

  broken link from    tree b5eb6ff...  (refs/stash@{<date>}~37:)
                to    blob ec5cf80...

If those broken links don’t come from a local stash but a remote repo, fetching those pack objects can then solve the situation.
See also “How to recover Git objects damaged by hard disk failure?“.

With Git 2.31 (Q1 2021), fix “git fsck --name-objects(man) which apparently has not been used by anybody who is motivated enough to report breakage.

See commit e89f893, commit 8c891ee (10 Feb 2021) by Johannes Schindelin (dscho).
(Merged by Junio C Hamano — gitster in commit 9e634a9, 17 Feb 2021)

fsck --name-objects: be more careful parsing generation numbers

Signed-off-by: Johannes Schindelin

In 7b35efd (fsck_walk(): optionally name objects on the go, 2016-07-17, Git v2.10.0-rc0 — merge listed in batch #7) (fsck_walk(): optionally name objects on the go, 2016-07-17), the fsck machinery learned to optionally name the objects, so that it is easier to see what part of the repository is in a bad shape, say, when objects are missing.

To save on complexity, this machinery uses a parser to determine the name of a parent given a commit’s name: any ~<n> suffix is parsed and the parent’s name is formed from the prefix together with ~<n+1>.

However, this parser has a bug: if it finds a suffix <n> that is not ~<n>, it will mistake the empty string for the prefix and <n> for the generation number.
In other words, it will generate a name of the form ~<bogus-number>.

Let’s fix this.

With Git 2.40 (Q1 2023), “git hash-object(man) now checks that the resulting object is well formed with the same code as git fsck“.

See commit 8e43090 (19 Jan 2023), and commit 69bbbe4, commit 35ff327, commit 34959d8, commit ad5dfea, commit 61cc4be, commit 6e26460 (18 Jan 2023) by Jeff King (peff).
(Merged by Junio C Hamano — gitster in commit abf2bb8, 30 Jan 2023)

hash-object: use fsck for object checks

Signed-off-by: Jeff King

Since c879daa (“Make hash-object more robust against malformed objects”, 2011-02-05, Git v1.7.5-rc0 — merge), we’ve done some rudimentary checks against objects we’re about to write by running them through our usual parsers for trees, commits, and tags.

These parsers catch some problems, but they are not nearly as careful as the fsck functions (which make sense; the parsers are designed to be fast and forgiving, bailing only when the input is unintelligible).
We are better off doing the more thorough fsck checks when writing objects.
Doing so at write time is much better than writing garbage only to find out later (after building more history atop it!) that fsck complains about it, or hosts with transfer.fsckObjects reject it.

This is obviously going to be a user-visible behavior change, and the test changes earlier in this series show the scope of the impact.
But I’d argue that this is OK:

  • the documentation for hash-object is already vague about which checks we might do, saying that --literally will allow any garbage[…] which might not otherwise pass standard object parsing or git-fsck(man) checks”.
    So we are already covered under the documented behavior.
  • users don’t generally run hash-object anyway.
    There are a lot of spots in the tests that needed to be updated because creating garbage objects is something that Git’s tests disproportionately do.
  • it’s hard to imagine anyone thinking the new behavior is worse.
    Any object we reject would be a potential problem down the road for the user.
    And if they really want to create garbage, --literally is already the escape hatch they need.

Note that the change here is actually in index_mem(), which handles the HASH_FORMAT_CHECK flag passed by hash-object.
That flag is also used by “git-replace --edit(man) to sanity-check the result.
Covering that with more thorough checks likewise seems like a good thing.

Besides being more thorough, there are a few other bonuses:

  • we get rid of some questionable stack allocations of object structs.
    These don’t seem to currently cause any problems in practice, but they subtly violate some of the assumptions made by the rest of the code (e.g., the “struct commit” we put on the stack and zero-initialize will not have a proper index from alloc_comit_index().

  • likewise, those parsed object structs are the source of some small memory leaks

  • the resulting messages are much better.
    For example:

    [before]
$ echo 'tree 123' | git hash-object -t commit --stdin
error: bogus commit object 0000000000000000000000000000000000000000
fatal: corrupt commit

[after]
$ echo 'tree 123' | git.compile hash-object -t commit --stdin
error: object fails fsck: badTreeSha1: invalid 'tree' line format - bad sha1
fatal: refusing to create malformed object

More Related Contents:

  1. What exactly do we mean by “branch”?
  2. git submodule tracking latest
  3. Changing capitalization of filenames in Git
  4. How do I resolve git saying “Commit your changes or stash them before you can merge”?
  5. How to configure Git post commit hook
  6. Create a branch in Git from another branch
  7. Resetting remote to a certain commit
  8. How do I fetch only one branch of a remote Git repository?
  9. Github file size limit changed 6/18/13. Can’t push now
  10. Trying to understand `git diff` and `git mv` rename detection mechanism
  11. How do you remove an invalid remote branch reference from Git?
  12. Is there a way of having git show lines added, lines changed and lines removed?
  13. How can I solve this invalid credentials problem on Bitbucket?
  14. What’s git’s heuristic for assigning content modifications to file paths?
  15. How do I undo a checkout in git?
  16. Adding a collaborator to my free GitHub account?
  17. Which is the smarter git protocol, ssh or git(over ssh) or https protocol?
  18. Mark a file in the GIT repo as temporarily ignored
  19. How can I stage and commit all files, including newly added files, using a single command?
  20. How to get default Git branch?
  21. Git is moving to new hashing algorithm SHA-256 but why git community settled on SHA‑256
  22. Make .git directory web inaccessible
  23. Git: Set local user.name and user.email different for each repo
  24. Git on Bitbucket: Always asked for password, even after uploading my public SSH key
  25. Why call git branch –unset-upstream to fixup?
  26. Git diff says subproject is dirty
  27. git pull keeping local uncommitted changes
  28. Is it possible to set a git commit to have a timestamp prior to 1970?
  29. How to make ‘git diff’ ignore comments
  30. Git slows down Emacs to Death – How to Fix this?

Leave a Comment