worktree: make "move" refuse to move atop missing registered worktree

"git worktree add" takes special care to avoid creating a new worktree
at a location already registered to an existing worktree even if that
worktree is missing (which can happen, for instance, if the worktree
resides on removable media). "git worktree move", however, is not so
careful when validating the destination location and will happily move
the source worktree atop the location of a missing worktree. This leads
to the anomalous situation of multiple worktrees being associated with
the same path, which is expressly forbidden by design. For example:

    $ git clone foo.git
    $ cd foo
    $ git worktree add ../bar
    $ git worktree add ../baz
    $ rm -rf ../bar
    $ git worktree move ../baz ../bar
    $ git worktree list
    .../foo beefd00f [master]
    .../bar beefd00f [bar]
    .../bar beefd00f [baz]
    $ git worktree remove ../bar
    fatal: validation failed, cannot remove working tree:
        '.../bar' does not point back to '.git/worktrees/bar'

Fix this shortcoming by enhancing "git worktree move" to perform the
same additional validation of the destination directory as done by "git
worktree add".

While at it, add a test to verify that "git worktree move" won't move a
worktree atop an existing (non-worktree) path -- a restriction which has
always been in place but was never tested.

Signed-off-by: Eric Sunshine <sunshine@sunshineco.com>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
This commit is contained in:
Eric Sunshine 2020-06-10 02:30:49 -04:00 committed by Junio C Hamano
parent d179af679b
commit 810382ed37
3 changed files with 25 additions and 3 deletions

View File

@ -126,7 +126,9 @@ OPTIONS
locked working tree path, specify `--force` twice.
+
`move` refuses to move a locked working tree unless `--force` is specified
twice.
twice. If the destination is already assigned to some other working tree but is
missing (for instance, if `<new-path>` was deleted manually), then `--force`
allows the move to proceed; use --force twice if the destination is locked.
+
`remove` refuses to remove an unclean working tree unless `--force` is used.
To remove a locked working tree, specify `--force` twice.

View File

@ -860,8 +860,7 @@ static int move_worktree(int ac, const char **av, const char *prefix)
strbuf_trim_trailing_dir_sep(&dst);
strbuf_addstr(&dst, sep);
}
if (file_exists(dst.buf))
die(_("target '%s' already exists"), dst.buf);
check_candidate_path(dst.buf, force, worktrees, "move");
validate_no_submodules(wt);

View File

@ -112,6 +112,27 @@ test_expect_success 'move locked worktree (force)' '
git worktree move --force --force flump ploof
'
test_expect_success 'refuse to move worktree atop existing path' '
>bobble &&
git worktree add --detach beeble &&
test_must_fail git worktree move beeble bobble
'
test_expect_success 'move atop existing but missing worktree' '
git worktree add --detach gnoo &&
git worktree add --detach pneu &&
rm -fr pneu &&
test_must_fail git worktree move gnoo pneu &&
git worktree move --force gnoo pneu &&
git worktree add --detach nu &&
git worktree lock nu &&
rm -fr nu &&
test_must_fail git worktree move pneu nu &&
test_must_fail git worktree --force move pneu nu &&
git worktree move --force --force pneu nu
'
test_expect_success 'move a repo with uninitialized submodule' '
git init withsub &&
(