From: Karsten Blees <karsten.blees@gmail.com>
To: Junio C Hamano <gitster@pobox.com>
Cc: Jens Lehmann <Jens.Lehmann@web.de>,
git@vger.kernel.org, Thomas Rast <tr@thomasrast.ch>
Subject: Re: What's cooking in git.git (Oct 2013, #03; Wed, 16)
Date: Tue, 22 Oct 2013 15:13:22 +0200 [thread overview]
Message-ID: <526679F2.4060701@gmail.com> (raw)
In-Reply-To: <xmqqfvrywg4y.fsf@gitster.dls.corp.google.com>
Am 18.10.2013 21:09, schrieb Junio C Hamano:
> Karsten Blees <karsten.blees@gmail.com> writes:
>
>> The coredumps are caused by my patch #10, which free()s
>> cache_entries when they are removed, in combination with ...
>
> Looking at that patch, it makes me wonder if remove_index_entry_at()
> and replace_index_entry() should be the ones that frees the old
> entry in the first place. A caller may already have a ce pointing
> at an old entry and use the information from old_ce to update a new
> one after it installed it, e.g.
>
> old_ce = ...
> new_ce = make_cache_entry(... old_ce->name, ...);
> replace_index_entry(... new_ce);
> new_ce->ce_mode = old_ce->cd_mode;
> free(old_ce);
>
> The same goes for the functions that remove the entry.
>
Moving free() to the callers or caller's callers would make it much more complicated (more places to change). Besides, most callers don't even have a reference to old_ce and simply remove by position. Of course, this doesn't prevent caller's caller's callers to keep a reference to a removed / replaced entry, as found by Thomas.
>
> Going forward, I do agree with your patch #10 that removal or
> replacing that may make an existing entry unreferenced should free
> entries that are no longer used, and "use after free" should be
> forbidden.
>
OK, I'll spend some more time analyzing the call hierarchies to see if there are more uses of removed cache_entries. I'll try to post an updated v4 by the end of the week.
Karsten
next prev parent reply other threads:[~2013-10-22 13:13 UTC|newest]
Thread overview: 10+ messages / expand[flat|nested] mbox.gz Atom feed top
2013-10-16 21:43 What's cooking in git.git (Oct 2013, #03; Wed, 16) Junio C Hamano
2013-10-17 9:48 ` Karsten Blees
2013-10-17 20:40 ` Junio C Hamano
2013-10-17 21:07 ` Junio C Hamano
2013-10-18 0:42 ` Karsten Blees
2013-10-18 19:09 ` Junio C Hamano
2013-10-18 19:52 ` Jens Lehmann
2013-10-18 20:31 ` [PATCH] submodule: don't access the .gitmodules cache entry after removing it Jens Lehmann
2013-10-22 13:13 ` Karsten Blees [this message]
2013-10-18 19:37 ` What's cooking in git.git (Oct 2013, #03; Wed, 16) Jens Lehmann
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=526679F2.4060701@gmail.com \
--to=karsten.blees@gmail.com \
--cc=Jens.Lehmann@web.de \
--cc=git@vger.kernel.org \
--cc=gitster@pobox.com \
--cc=tr@thomasrast.ch \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.