From: Karsten Blees <karsten.blees@gmail.com>
To: Junio C Hamano <gitster@pobox.com>
Cc: Jens Lehmann <Jens.Lehmann@web.de>,
git@vger.kernel.org, Thomas Rast <tr@thomasrast.ch>
Subject: Re: What's cooking in git.git (Oct 2013, #03; Wed, 16)
Date: Tue, 22 Oct 2013 15:13:22 +0200 [thread overview]
Message-ID: <526679F2.4060701@gmail.com> (raw)
In-Reply-To: <xmqqfvrywg4y.fsf@gitster.dls.corp.google.com>
Am 18.10.2013 21:09, schrieb Junio C Hamano:
> Karsten Blees <karsten.blees@gmail.com> writes:
>
>> The coredumps are caused by my patch #10, which free()s
>> cache_entries when they are removed, in combination with ...
>
> Looking at that patch, it makes me wonder if remove_index_entry_at()
> and replace_index_entry() should be the ones that frees the old
> entry in the first place. A caller may already have a ce pointing
> at an old entry and use the information from old_ce to update a new
> one after it installed it, e.g.
>
> old_ce = ...
> new_ce = make_cache_entry(... old_ce->name, ...);
> replace_index_entry(... new_ce);
> new_ce->ce_mode = old_ce->cd_mode;
> free(old_ce);
>
> The same goes for the functions that remove the entry.
>
Moving free() to the callers or caller's callers would make it much more complicated (more places to change). Besides, most callers don't even have a reference to old_ce and simply remove by position. Of course, this doesn't prevent caller's caller's callers to keep a reference to a removed / replaced entry, as found by Thomas.
>
> Going forward, I do agree with your patch #10 that removal or
> replacing that may make an existing entry unreferenced should free
> entries that are no longer used, and "use after free" should be
> forbidden.
>
OK, I'll spend some more time analyzing the call hierarchies to see if there are more uses of removed cache_entries. I'll try to post an updated v4 by the end of the week.
Karsten
next prev parent reply other threads:[~2013-10-22 13:13 UTC|newest]
Thread overview: 10+ messages / expand[flat|nested] mbox.gz Atom feed top
2013-10-16 21:43 What's cooking in git.git (Oct 2013, #03; Wed, 16) Junio C Hamano
2013-10-17 9:48 ` Karsten Blees
2013-10-17 20:40 ` Junio C Hamano
2013-10-17 21:07 ` Junio C Hamano
2013-10-18 0:42 ` Karsten Blees
2013-10-18 19:09 ` Junio C Hamano
2013-10-18 19:52 ` Jens Lehmann
2013-10-18 20:31 ` [PATCH] submodule: don't access the .gitmodules cache entry after removing it Jens Lehmann
2013-10-22 13:13 ` Karsten Blees [this message]
2013-10-18 19:37 ` What's cooking in git.git (Oct 2013, #03; Wed, 16) Jens Lehmann
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=526679F2.4060701@gmail.com \
--to=karsten.blees@gmail.com \
--cc=Jens.Lehmann@web.de \
--cc=git@vger.kernel.org \
--cc=gitster@pobox.com \
--cc=tr@thomasrast.ch \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).