Re: [PATCH] pack-bitmap.c: avoid uninitialized `pack_int_id` during reuse

All of lore.kernel.org
 help / color / mirror / Atom feed

From: Taylor Blau <me@ttaylorr.com>
To: Patrick Steinhardt <ps@pks.im>
Cc: git@vger.kernel.org, Jeff King <peff@peff.net>,
	Junio C Hamano <gitster@pobox.com>,
	Kyle Lippincott <spectral@google.com>
Subject: Re: [PATCH] pack-bitmap.c: avoid uninitialized `pack_int_id` during reuse
Date: Mon, 10 Jun 2024 10:57:54 -0400	[thread overview]
Message-ID: <ZmcUclCErqwyad9D@nand.local> (raw)
In-Reply-To: <ZmaVYnmgyAr0vapK@tanuki>

On Mon, Jun 10, 2024 at 07:55:46AM +0200, Patrick Steinhardt wrote:
> On Sun, Jun 09, 2024 at 11:27:35AM -0400, Taylor Blau wrote:
> > In 795006fff4 (pack-bitmap: gracefully handle missing BTMP chunks,
> > 2024-04-15), we refactored the reuse_partial_packfile_from_bitmap()
> > function and stopped assigning the pack_int_id field when reusing only
> > the MIDX's preferred pack. This results in an uninitialized read down in
> > try_partial_reuse() like so:
>
> I feel like I'm blind, but I cannot see how the patch changed what we do
> with `pack_int_id`. It's not mentioned a single time in the diff, so how
> did it have the effect of not setting it anymore?

It's because prior to 795006fff4, we handled reusing a single pack from
a MIDX differently than in the post-image of that commit. Prior to
795006fff4, the loop looked like:

    if (bitmap_is_midx(bitmap_git)) {
            for (i = 0; i < bitmap_git->midx->num_packs; i++) {
                    struct bitmapped_pack pack;
                    if (nth_bitmapped_pack(r, bitmap_git->midx, &pack, i) < 0) {
                          /* ... */
                          return;
                    }
                    if (!pack.bitmap_nr)
                          continue;
                    if (!multi_pack_reuse && pack.bitmap_pos)
                          continue;

                    ALLOC_GROW(packs, packs_nr + 1, packs_alloc);
                    memcpy(&packs[packs_nr++], &pack, sizeof(pack));
            }
    }

Since nth_bitmapped_pack() fills out the pack_int_id field, we got it
automatically since we just memcpy()'d the result of
nth_bitmapped_pack() into our array.

In the single pack bitmap case, we don't need to initialize the
pack_int_id field because we never read it, hence the lack of MSan
failures in that mode.

But since 795006fff4 combined these two single pack cases (that is,
single-pack bitmaps, and reusing only a single pack out of a MIDX
bitmap) into one, 795006fff4 neglected to initialize the pack_int_id
field, causing this issue.

Thanks,
Taylor

next prev parent reply	other threads:[~2024-06-10 14:57 UTC|newest]

Thread overview: 15+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2024-06-09 15:27 [PATCH] pack-bitmap.c: avoid uninitialized `pack_int_id` during reuse Taylor Blau
2024-06-10  5:55 ` Patrick Steinhardt
2024-06-10 14:57   ` Taylor Blau [this message]
2024-06-11  8:12     ` Patrick Steinhardt
2024-06-10 20:10 ` [PATCH v2 0/3] midx: various brown paper bag fixes Taylor Blau
2024-06-10 20:10   ` [PATCH v2 1/3] midx-write.c: do not read existing MIDX with `packs_to_include` Taylor Blau
2024-06-10 20:10   ` [PATCH v2 2/3] pack-bitmap.c: avoid uninitialized `pack_int_id` during reuse Taylor Blau
2024-06-11  9:11     ` Jeff King
2024-06-11 17:03       ` Junio C Hamano
2024-06-10 20:10   ` [PATCH v2 3/3] pack-revindex.c: guard against out-of-bounds pack lookups Taylor Blau
2024-06-11 17:28 ` [PATCH v2 0/3] midx: various brown paper bag fixes Taylor Blau
2024-06-11 17:28   ` [PATCH v2 1/3] midx-write.c: do not read existing MIDX with `packs_to_include` Taylor Blau
2024-06-11 17:28   ` [PATCH v2 2/3] pack-bitmap.c: avoid uninitialized `pack_int_id` during reuse Taylor Blau
2024-06-11 17:28   ` [PATCH v2 3/3] pack-revindex.c: guard against out-of-bounds pack lookups Taylor Blau
2024-06-11 17:31   ` [PATCH v2 0/3] midx: various brown paper bag fixes Taylor Blau

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=ZmcUclCErqwyad9D@nand.local \
    --to=me@ttaylorr.com \
    --cc=git@vger.kernel.org \
    --cc=gitster@pobox.com \
    --cc=peff@peff.net \
    --cc=ps@pks.im \
    --cc=spectral@google.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.