Re: a bug when execute "git status" in git version 1.7.7.431.g89633

git.vger.kernel.org archive mirror
 help / color / mirror / Atom feed

From: "René Scharfe" <rene.scharfe@lsrfire.ath.cx>
To: unlisted-recipients:; (no To-header on input)
Cc: John Hsing <tsyj2007@gmail.com>,
	Matthieu Moy <matthieu.moy@grenoble-inp.fr>,
	git@vger.kernel.org, Jeff King <peff@peff.net>
Subject: Re: a bug when execute "git status" in git version 1.7.7.431.g89633
Date: Sun, 23 Oct 2011 16:28:00 +0200	[thread overview]
Message-ID: <4EA42470.1070501@lsrfire.ath.cx> (raw)
In-Reply-To: <4EA415BD.1040109@lsrfire.ath.cx>

Am 23.10.2011 15:25, schrieb René Scharfe:
> Am 23.10.2011 10:35, schrieb John Hsing:
>> ok,when i finish compiling git 1.7.7.431.g89633，I use it to check
>> Cyanogenod（an Android mod source） by “git status”，it happend this
>> error！but when i reuse git v1.7.7，it is OK！so i think it is a bug in
>> git 1.7.7.431.g89633！My OS is Ubuntu Linux 10.10，sorry for my bad
>> english！ If you want to reproduce this error,please excute "git status"
>> in https://github.com/CyanogenMod/android_packages_apps_DSPManager.git
>> repo!
> 
> I can reproduce the malloc crash on Ubuntu 11.10 with these simple steps:
> 
> 	$ a=android_packages_apps_DSPManager
> 	$ git-v1.7.7 clone https://github.com/CyanogenMod/$a.git
> 	Cloning into android_packages_apps_DSPManager...
> 	remote: Counting objects: 902, done.
> 	remote: Compressing objects: 100% (412/412), done.
> 	remote: Total 902 (delta 367), reused 838 (delta 324)
> 	Receiving objects: 100% (902/902), 136.78 KiB | 264 KiB/s, done.
> 	Resolving deltas: 100% (367/367), done.
> 	$ cd $a
> 
> 	$ git-v1.7.7 status
> 	# On branch gingerbread
> 	nothing to commit (working directory clean)
> 
> 	$ git-master status
> 	git: malloc.c:3096: sYSMALLOc: Assertion `(old_top == (((mbinptr) (((char *) &((av)->bins[((1) - 1) * 2])) - __builtin_offsetof (struct malloc_chunk, fd)))) && old_size == 0) || ((unsigned long) (old_size) >= (unsigned long)((((__builtin_offsetof (struct malloc_chunk, fd_nextsize))+((2 * (sizeof(size_t))) - 1)) & ~((2 * (sizeof(size_t))) - 1))) && ((old_top)->size & 0x1) && ((unsigned long)old_end & pagemask) == 0)' failed.
> 	Aborted

And valgrind reports the following errors (git was compiled with -O0 and
-g) for master, but not for 1.7.7 nor master plus my ugly patch:

Invalid write of size 1
   at 0x4029DE5: memcpy (mc_replace_strmem.c:635)
   by 0x81159A5: convert_from_disk (read-cache.c:1247)
   by 0x8115BE4: read_index_from (read-cache.c:1326)
   by 0x81157D7: read_index (read-cache.c:1202)
   by 0x813A802: gitmodules_config (submodule.c:105)
   by 0x806857E: cmd_status (commit.c:1209)
   by 0x804B7F8: run_builtin (git.c:308)
   by 0x804B956: handle_internal_command (git.c:466)
   by 0x804BA4E: run_argv (git.c:512)
   by 0x804BBC0: main (git.c:585)
 Address 0x41f2d5e is 2 bytes after a block of size 6,356 alloc'd
   at 0x4028876: malloc (vg_replace_malloc.c:236)
   by 0x814C070: xmalloc (wrapper.c:35)
   by 0x8115B8E: read_index_from (read-cache.c:1315)
   by 0x81157D7: read_index (read-cache.c:1202)
   by 0x813A802: gitmodules_config (submodule.c:105)
   by 0x806857E: cmd_status (commit.c:1209)
   by 0x804B7F8: run_builtin (git.c:308)
   by 0x804B956: handle_internal_command (git.c:466)
   by 0x804BA4E: run_argv (git.c:512)
   by 0x804BBC0: main (git.c:585)

Syscall param lstat64(file_name) points to unaddressable byte(s)
   at 0x4131D32: __lxstat64@@GLIBC_2.2 (lxstat64.c:48)
   by 0x81154DE: refresh_index (read-cache.c:1133)
   by 0x8068687: cmd_status (commit.c:1226)
   by 0x804B7F8: run_builtin (git.c:308)
   by 0x804B956: handle_internal_command (git.c:466)
   by 0x804BA4E: run_argv (git.c:512)
   by 0x804BBC0: main (git.c:585)
 Address 0x41f2d5c is 0 bytes after a block of size 6,356 alloc'd
   at 0x4028876: malloc (vg_replace_malloc.c:236)
   by 0x814C070: xmalloc (wrapper.c:35)
   by 0x8115B8E: read_index_from (read-cache.c:1315)
   by 0x81157D7: read_index (read-cache.c:1202)
   by 0x813A802: gitmodules_config (submodule.c:105)
   by 0x806857E: cmd_status (commit.c:1209)
   by 0x804B7F8: run_builtin (git.c:308)
   by 0x804B956: handle_internal_command (git.c:466)
   by 0x804BA4E: run_argv (git.c:512)
   by 0x804BBC0: main (git.c:585)

Invalid read of size 1
   at 0x402A682: bcmp (mc_replace_strmem.c:679)
   by 0x8113D12: df_name_compare (read-cache.c:387)
   by 0x81478F9: do_compare_entry (unpack-trees.c:499)
   by 0x814791B: compare_entry (unpack-trees.c:504)
   by 0x8148086: unpack_callback (unpack-trees.c:747)
   by 0x8145EA5: traverse_trees (tree-walk.c:407)
   by 0x81477EB: traverse_trees_recursive (unpack-trees.c:460)
   by 0x814823D: unpack_callback (unpack-trees.c:809)
   by 0x8145EA5: traverse_trees (tree-walk.c:407)
   by 0x81477EB: traverse_trees_recursive (unpack-trees.c:460)
   by 0x814823D: unpack_callback (unpack-trees.c:809)
   by 0x8145EA5: traverse_trees (tree-walk.c:407)
 Address 0x41f2d5c is 0 bytes after a block of size 6,356 alloc'd
   at 0x4028876: malloc (vg_replace_malloc.c:236)
   by 0x814C070: xmalloc (wrapper.c:35)
   by 0x8115B8E: read_index_from (read-cache.c:1315)
   by 0x81157D7: read_index (read-cache.c:1202)
   by 0x813A802: gitmodules_config (submodule.c:105)
   by 0x806857E: cmd_status (commit.c:1209)
   by 0x804B7F8: run_builtin (git.c:308)
   by 0x804B956: handle_internal_command (git.c:466)
   by 0x804BA4E: run_argv (git.c:512)
   by 0x804BBC0: main (git.c:585)

Invalid read of size 1
   at 0x8100E0E: hash_name (name-hash.c:28)
   by 0x8100F3D: hash_index_entry (name-hash.c:78)
   by 0x8100FD3: lazy_init_name_hash (name-hash.c:96)
   by 0x8101197: index_name_exists (name-hash.c:159)
   by 0x80EADA9: dir_add_name (dir.c:596)
   by 0x80EB8CD: read_directory_recursive (dir.c:994)
   by 0x80EB895: read_directory_recursive (dir.c:983)
   by 0x80EB895: read_directory_recursive (dir.c:983)
   by 0x80EB895: read_directory_recursive (dir.c:983)
   by 0x80EB895: read_directory_recursive (dir.c:983)
   by 0x80EB895: read_directory_recursive (dir.c:983)
   by 0x80EBCED: read_directory (dir.c:1101)
 Address 0x41f2d5c is 0 bytes after a block of size 6,356 alloc'd
   at 0x4028876: malloc (vg_replace_malloc.c:236)
   by 0x814C070: xmalloc (wrapper.c:35)
   by 0x8115B8E: read_index_from (read-cache.c:1315)
   by 0x81157D7: read_index (read-cache.c:1202)
   by 0x813A802: gitmodules_config (submodule.c:105)
   by 0x806857E: cmd_status (commit.c:1209)
   by 0x804B7F8: run_builtin (git.c:308)
   by 0x804B956: handle_internal_command (git.c:466)
   by 0x804BA4E: run_argv (git.c:512)
   by 0x804BBC0: main (git.c:585)

Invalid read of size 1
   at 0x402A687: bcmp (mc_replace_strmem.c:679)
   by 0x8113DF4: cache_name_compare (read-cache.c:413)
   by 0x81010F8: same_name (name-hash.c:134)
   by 0x81011E0: index_name_exists (name-hash.c:164)
   by 0x80EADA9: dir_add_name (dir.c:596)
   by 0x80EB8CD: read_directory_recursive (dir.c:994)
   by 0x80EB895: read_directory_recursive (dir.c:983)
   by 0x80EB895: read_directory_recursive (dir.c:983)
   by 0x80EB895: read_directory_recursive (dir.c:983)
   by 0x80EB895: read_directory_recursive (dir.c:983)
   by 0x80EB895: read_directory_recursive (dir.c:983)
   by 0x80EB895: read_directory_recursive (dir.c:983)
 Address 0x41f2d5c is 0 bytes after a block of size 6,356 alloc'd
   at 0x4028876: malloc (vg_replace_malloc.c:236)
   by 0x814C070: xmalloc (wrapper.c:35)
   by 0x8115B8E: read_index_from (read-cache.c:1315)
   by 0x81157D7: read_index (read-cache.c:1202)
   by 0x813A802: gitmodules_config (submodule.c:105)
   by 0x806857E: cmd_status (commit.c:1209)
   by 0x804B7F8: run_builtin (git.c:308)
   by 0x804B956: handle_internal_command (git.c:466)
   by 0x804BA4E: run_argv (git.c:512)
   by 0x804BBC0: main (git.c:585)

next prev parent reply	other threads:[~2011-10-23 14:31 UTC|newest]

Thread overview: 17+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2011-10-22  0:20 a bug when execute "git status" in git version 1.7.7.431.g89633 John Hsing
2011-10-23  8:25 ` Matthieu Moy
2011-10-23  8:35   ` John Hsing
2011-10-23 13:25     ` René Scharfe
2011-10-23 14:28       ` René Scharfe [this message]
2011-10-23 16:29       ` Jeff King
2011-10-23 17:50         ` René Scharfe
2011-10-24  1:01           ` [PATCH] read-cache.c: fix index memory allocation René Scharfe
2011-10-24  7:07             ` Junio C Hamano
2011-10-24 15:59               ` René Scharfe
2011-10-24 21:59               ` René Scharfe
2011-10-24 23:34                 ` Nguyen Thai Ngoc Duy
2011-10-25  0:01                   ` Nguyen Thai Ngoc Duy
2011-10-25 18:00                     ` René Scharfe
2011-10-25 16:24                 ` Junio C Hamano
2011-10-24  7:28             ` Junio C Hamano
2011-10-24 15:52               ` René Scharfe

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=4EA42470.1070501@lsrfire.ath.cx \
    --to=rene.scharfe@lsrfire.ath.cx \
    --cc=git@vger.kernel.org \
    --cc=matthieu.moy@grenoble-inp.fr \
    --cc=peff@peff.net \
    --cc=tsyj2007@gmail.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).