Patchwork [11,of,21,RFC] verify: report censored node integrity failures as warnings if config allows

login
register
mail settings
Submitter michaeljedgar@gmail.com
Date Sept. 11, 2014, 12:26 a.m.
Message ID <00627d21f79b34b2d0fc.1410395172@adgar-macbookpro3.roam.corp.google.com>
Download mbox | patch
Permalink /patch/5786/
State Changes Requested
Headers show

Comments

michaeljedgar@gmail.com - Sept. 11, 2014, 12:26 a.m.
# HG changeset patch
# User Mike Edgar <adgar@google.com>
# Date 1410380696 14400
#      Wed Sep 10 16:24:56 2014 -0400
# Node ID 00627d21f79b34b2d0fc95e295047ed4feebbcd7
# Parent  0e39cc243f575ec9b0b7e3c49e852952a146e34a
verify: report censored node integrity failures as warnings if config allows

Verify is one of the most significant code paths which must handle censored
revlog nodes, and must do so safely. Since we eventually wish to support
configurable verification of tombstoned nodes, it is sensible that `hg verify`
should consult a new configuration option in its exception handler. I chose
"censor.allow" for this new option.

To provide flexible/pluggable verification, the "allow" option takes a string
value. If the allow value is "all" then verify only emits a warning. The
default value is "hgcensored" which will check that a censor tombstone
references a changeset where the ".hgcensored" file lists the that revision.

Naturally, values for this new configuration option must be trusted to affect
verify's behavior.

Patch

diff -r 0e39cc243f57 -r 00627d21f79b mercurial/verify.py
--- a/mercurial/verify.py	Wed Sep 10 16:24:34 2014 -0400
+++ b/mercurial/verify.py	Wed Sep 10 16:24:56 2014 -0400
@@ -8,7 +8,7 @@ 
 from node import nullid, short
 from i18n import _
 import os
-import revlog, util, error
+import censor, revlog, util, error
 
 def verify(repo):
     lock = repo.lock()
@@ -267,6 +267,11 @@ 
                     if len(fl.revision(n)) != fl.size(i):
                         err(lr, _("unpacked size is %s, %s expected") %
                             (l, fl.size(i)), f)
+            except revlog.CensoredNodeError, e:
+                if censor.allowed(repo, f, n):
+                    warn(_("warning: node %s censored from %s") % (short(n), f))
+                else:
+                    err(lr, _("node %s censored from %s") % (short(n), f))
             except Exception, inst:
                 exc(lr, _("unpacking %s") % short(n), inst, f)