Re: [PATCH] read-cache.c: fix index memory allocation

["René Scharfe" <rene.scharfe@lsrfire.ath.cx>]

Am 24.10.2011 09:28, schrieb Junio C Hamano:
> René Scharfe <rene.scharfe@lsrfire.ath.cx> writes:
> 
>>  t/t7510-status-index.sh |   50 +++++++++++++++++++++++++++++++++++++++++++++++
>>  2 files changed, 53 insertions(+), 3 deletions(-)
>>  create mode 100755 t/t7510-status-index.sh
> 
>> diff --git a/t/t7510-status-index.sh b/t/t7510-status-index.sh
>> new file mode 100755
>> index 0000000..bca359d
>> --- /dev/null
>> +++ b/t/t7510-status-index.sh
>> @@ -0,0 +1,50 @@
> 
> Hmm, I cannot seem to make this fail this test without the fix on my
> Fedora 14 i686 VM when applied to v1.7.6.4 (estimation code originates
> cf55870 back in v1.7.6.1 days), but it does break on 'master'.

Err, yes, I forgot to mention in the commit message that on my test
system the breakage occurs only after 2548183ba, "fix phantom untracked
files when core.ignorecase is set", which adds the pointer dir_next to
struct cache_entry.  This seems to have caused an unlucky constellation
of offsets and struct sizes for the size estimator.

> By the way, I'll move this to 7511.
> 
> Also would a patch like this help?

Only a little, I suspect.  If we've moved past the end then it's too
late.  And if we catch the error before it happens, dying is only
slightly better than crashing.

> -- >8 --
> Subject: [PATCH] read_index(): die on estimation error
> 
> Signed-off-by: Junio C Hamano <gitster@pobox.com>
> ---
>  read-cache.c |    7 ++++++-
>  1 files changed, 6 insertions(+), 1 deletions(-)
> 
> diff --git a/read-cache.c b/read-cache.c
> index 0a64103..2926615 100644
> --- a/read-cache.c
> +++ b/read-cache.c
> @@ -1270,6 +1270,7 @@ int read_index_from(struct index_state *istate, const char *path)
>  	int fd, i;
>  	struct stat st;
>  	unsigned long src_offset, dst_offset;
> +	size_t bulk_alloc_size;
>  	struct cache_header *hdr;
>  	void *mmap;
>  	size_t mmap_size;
> @@ -1315,7 +1316,8 @@ int read_index_from(struct index_state *istate, const char *path)
>  	 * has room for a few  more flags, we can allocate using the same
>  	 * index size
>  	 */
> -	istate->alloc = xmalloc(estimate_cache_size(mmap_size, istate->cache_nr));
> +	bulk_alloc_size = estimate_cache_size(mmap_size, istate->cache_nr);
> +	istate->alloc = xmalloc(bulk_alloc_size);
>  	istate->initialized = 1;
>  
>  	src_offset = sizeof(*hdr);
> @@ -1331,7 +1333,9 @@ int read_index_from(struct index_state *istate, const char *path)
>  
>  		src_offset += ondisk_ce_size(ce);
>  		dst_offset += ce_size(ce);
> +		if (bulk_alloc_size <= dst_offset)
> +			die("cache size estimation error");
>  	}
>  	istate->timestamp.sec = st.st_mtime;
>  	istate->timestamp.nsec = ST_MTIME_NSEC(st);
>