From: Patrick Steinhardt <ps@pks.im>
To: Jeff King <peff@peff.net>
Cc: git@vger.kernel.org, "Rubén Justo" <rjusto@gmail.com>,
"Toon Claes" <toon@iotcl.com>
Subject: Re: [PATCH v3 07/27] bisect: fix various cases where we leak commit list items
Date: Mon, 25 Nov 2024 13:38:28 +0100 [thread overview]
Message-ID: <Z0RvxAkmfZhgo_LJ@pks.im> (raw)
In-Reply-To: <20241125112746.GA1069812@coredump.intra.peff.net>
On Mon, Nov 25, 2024 at 06:27:46AM -0500, Jeff King wrote:
> On Wed, Nov 20, 2024 at 02:39:36PM +0100, Patrick Steinhardt wrote:
>
> > diff --git a/bisect.c b/bisect.c
> > index 12efcff2e3c1836ab6e63d36e4d42269fbcaeaab..f6fa5c235ffb351011ed5e81771fbcdad9ca0917 100644
> > --- a/bisect.c
> > +++ b/bisect.c
> > @@ -442,9 +442,12 @@ void find_bisection(struct commit_list **commit_list, int *reaches,
> > best->next = NULL;
> > }
> > *reaches = weight(best);
> > + } else {
> > + free_commit_list(*commit_list);
> > }
>
> Coverity complains about this hunk being a potential double-free, and
> I'm not sure it's wrong.
Sigh. The whole bisection code has been a bit of a nightmare to
make sense of for me.
[snip]
> We iterate over commit_list using "p". If the entry is UNINTERESTING, we
> free that node immediately and skip it. That's OK for a node in the
> middle of the list, since after we reverse the list by modifying the
> next pointers, nobody will refer to it anymore.
>
> But we never updated commit_list. What if the first entry in the list is
> UNINTERESTING? We'll have freed it, but *commit_list will still point to
> it, and your free_commit_list() will be a double-free.
>
> And for that matter, I am confused about what should be in commit_list
> after the reverse anyway. Even if we didn't free that first entry, it
> will now be the final entry in the reversed list. So wouldn't
> *commit_list always be pointing to a single node?
>
> Should the code be freeing "list" and not "*commit_list"? Should the
> reversal be assigning "*commit_list = last" (in which case do we still
> need "list" at all)?
Mh. By now I wonder whether this code can be hit in the first place. Is
there ever a case where `do_find_bisection()` returns `NULL`? Replacing
the whole branch with `BUG()` doesn't make even a single test case fail.
Anyway. I'm not familiar enough with the code in question to tell, and
it's clear that `*commit_list = best;` will leak `*commit_list` if it is
not free'd beforehand. So I think freeing `list` is the right thing to
do. Do you want to send a follow-up patch or shall I do this?
Patrick
next prev parent reply other threads:[~2024-11-25 12:38 UTC|newest]
Thread overview: 117+ messages / expand[flat|nested] mbox.gz Atom feed top
2024-11-06 15:10 [PATCH 00/26] Memory leak fixes (pt.10, final) Patrick Steinhardt
2024-11-06 15:10 ` [PATCH 01/26] builtin/blame: fix leaking blame entries with `--incremental` Patrick Steinhardt
2024-11-06 15:10 ` [PATCH 02/26] bisect: fix leaking good/bad terms when reading multipe times Patrick Steinhardt
2024-11-06 15:10 ` [PATCH 03/26] bisect: fix leaking string in `handle_bad_merge_base()` Patrick Steinhardt
2024-11-06 15:10 ` [PATCH 04/26] bisect: fix leaking `current_bad_oid` Patrick Steinhardt
2024-11-06 15:10 ` [PATCH 05/26] bisect: fix multiple leaks in `bisect_next_all()` Patrick Steinhardt
2024-11-06 15:10 ` [PATCH 06/26] bisect: fix leaking commit list items in `check_merge_base()` Patrick Steinhardt
2024-11-06 15:10 ` [PATCH 07/26] bisect: fix various cases where we leak commit list items Patrick Steinhardt
2024-11-06 15:10 ` [PATCH 08/26] line-log: fix leak when rewriting commit parents Patrick Steinhardt
2024-11-06 15:10 ` [PATCH 09/26] strvec: introduce new `strvec_splice()` function Patrick Steinhardt
2024-11-10 21:39 ` Rubén Justo
2024-11-11 9:09 ` Patrick Steinhardt
2024-11-06 15:10 ` [PATCH 10/26] git: refactor alias handling to use a `struct strvec` Patrick Steinhardt
2024-11-10 21:41 ` Rubén Justo
2024-11-06 15:10 ` [PATCH 11/26] git: refactor builtin " Patrick Steinhardt
2024-11-06 15:10 ` [PATCH 12/26] split-index: fix memory leak in `move_cache_to_base_index()` Patrick Steinhardt
2024-11-10 21:45 ` Rubén Justo
2024-11-06 15:10 ` [PATCH 13/26] builtin/sparse-checkout: fix leaking sanitized patterns Patrick Steinhardt
2024-11-06 15:11 ` [PATCH 14/26] help: refactor to not use globals for reading config Patrick Steinhardt
2024-11-06 15:11 ` [PATCH 15/26] help: fix leaking `struct cmdnames` Patrick Steinhardt
2024-11-10 21:46 ` Rubén Justo
2024-11-11 9:09 ` Patrick Steinhardt
2024-11-06 15:11 ` [PATCH 16/26] help: fix leaking return value from `help_unknown_cmd()` Patrick Steinhardt
2024-11-06 15:11 ` [PATCH 17/26] builtin/help: fix leaks in `check_git_cmd()` Patrick Steinhardt
2024-11-06 15:11 ` [PATCH 18/26] builtin/init-db: fix leaking directory paths Patrick Steinhardt
2024-11-10 21:47 ` Rubén Justo
2024-11-06 15:11 ` [PATCH 19/26] builtin/branch: fix leaking sorting options Patrick Steinhardt
2024-11-10 21:47 ` Rubén Justo
2024-11-06 15:11 ` [PATCH 20/26] t/helper: fix leaking commit graph in "read-graph" subcommand Patrick Steinhardt
2024-11-06 15:11 ` [PATCH 21/26] git-compat-util: drop `UNLEAK()` annotation Patrick Steinhardt
2024-11-10 21:47 ` Rubén Justo
2024-11-11 9:09 ` Patrick Steinhardt
2024-11-06 15:11 ` [PATCH 22/26] t5601: work around leak sanitizer issue Patrick Steinhardt
2024-11-06 15:11 ` [PATCH 23/26] t: mark some tests as leak free Patrick Steinhardt
2024-11-06 15:11 ` [PATCH 24/26] t: remove unneeded !SANITIZE_LEAK prerequisites Patrick Steinhardt
2024-11-06 15:11 ` [PATCH 25/26] test-lib: unconditionally enable leak checking Patrick Steinhardt
2024-11-06 15:11 ` [PATCH 26/26] t: remove TEST_PASSES_SANITIZE_LEAK annotations Patrick Steinhardt
2024-11-10 21:48 ` [PATCH 00/26] Memory leak fixes (pt.10, final) Rubén Justo
2024-11-11 9:09 ` Patrick Steinhardt
2024-11-11 10:38 ` [PATCH v2 00/27] " Patrick Steinhardt
2024-11-11 10:38 ` [PATCH v2 01/27] builtin/blame: fix leaking blame entries with `--incremental` Patrick Steinhardt
2024-11-11 10:38 ` [PATCH v2 02/27] bisect: fix leaking good/bad terms when reading multipe times Patrick Steinhardt
2024-11-11 10:38 ` [PATCH v2 03/27] bisect: fix leaking string in `handle_bad_merge_base()` Patrick Steinhardt
2024-11-11 10:38 ` [PATCH v2 04/27] bisect: fix leaking `current_bad_oid` Patrick Steinhardt
2024-11-11 10:38 ` [PATCH v2 05/27] bisect: fix multiple leaks in `bisect_next_all()` Patrick Steinhardt
2024-11-11 10:38 ` [PATCH v2 06/27] bisect: fix leaking commit list items in `check_merge_base()` Patrick Steinhardt
2024-11-11 10:38 ` [PATCH v2 07/27] bisect: fix various cases where we leak commit list items Patrick Steinhardt
2024-11-20 10:32 ` Toon Claes
2024-11-20 12:41 ` Patrick Steinhardt
2024-11-11 10:38 ` [PATCH v2 08/27] line-log: fix leak when rewriting commit parents Patrick Steinhardt
2024-11-11 10:38 ` [PATCH v2 09/27] strvec: introduce new `strvec_splice()` function Patrick Steinhardt
2024-11-20 8:37 ` Toon Claes
2024-11-20 12:41 ` Patrick Steinhardt
2024-11-20 23:13 ` Junio C Hamano
2024-11-21 8:11 ` Jeff King
2024-11-21 8:22 ` Jeff King
2024-11-21 10:23 ` Doxygen-styled comments [was: Re: [PATCH v2 09/27] strvec: introduce new `strvec_splice()` function] Toon Claes
2024-11-21 10:32 ` Jeff King
2024-11-11 10:38 ` [PATCH v2 10/27] git: refactor alias handling to use a `struct strvec` Patrick Steinhardt
2024-11-11 10:38 ` [PATCH v2 11/27] git: refactor builtin " Patrick Steinhardt
2024-11-20 10:38 ` Toon Claes
2024-11-11 10:38 ` [PATCH v2 12/27] split-index: fix memory leak in `move_cache_to_base_index()` Patrick Steinhardt
2024-11-11 10:38 ` [PATCH v2 13/27] builtin/sparse-checkout: fix leaking sanitized patterns Patrick Steinhardt
2024-11-11 10:38 ` [PATCH v2 14/27] help: refactor to not use globals for reading config Patrick Steinhardt
2024-11-11 10:38 ` [PATCH v2 15/27] help: fix leaking `struct cmdnames` Patrick Steinhardt
2024-11-11 10:38 ` [PATCH v2 16/27] help: fix leaking return value from `help_unknown_cmd()` Patrick Steinhardt
2024-11-11 10:38 ` [PATCH v2 17/27] builtin/help: fix leaks in `check_git_cmd()` Patrick Steinhardt
2024-11-11 10:38 ` [PATCH v2 18/27] builtin/init-db: fix leaking directory paths Patrick Steinhardt
2024-11-11 10:38 ` [PATCH v2 19/27] builtin/branch: fix leaking sorting options Patrick Steinhardt
2024-11-11 10:38 ` [PATCH v2 20/27] t/helper: fix leaking commit graph in "read-graph" subcommand Patrick Steinhardt
2024-11-11 10:38 ` [PATCH v2 21/27] global: drop `UNLEAK()` annotation Patrick Steinhardt
2024-11-12 8:26 ` Jeff King
2024-11-12 8:53 ` Patrick Steinhardt
2024-11-12 9:03 ` Jeff King
2024-11-11 10:38 ` [PATCH v2 22/27] git-compat-util: drop now-unused `UNLEAK()` macro Patrick Steinhardt
2024-11-11 10:38 ` [PATCH v2 23/27] t5601: work around leak sanitizer issue Patrick Steinhardt
2024-11-11 10:38 ` [PATCH v2 24/27] t: mark some tests as leak free Patrick Steinhardt
2024-11-11 10:38 ` [PATCH v2 25/27] t: remove unneeded !SANITIZE_LEAK prerequisites Patrick Steinhardt
2024-11-11 10:38 ` [PATCH v2 26/27] test-lib: unconditionally enable leak checking Patrick Steinhardt
2024-11-11 10:38 ` [PATCH v2 27/27] t: remove TEST_PASSES_SANITIZE_LEAK annotations Patrick Steinhardt
2024-11-20 10:40 ` Toon Claes
2024-11-20 12:41 ` Patrick Steinhardt
2024-11-11 23:33 ` [PATCH v2 00/27] Memory leak fixes (pt.10, final) Rubén Justo
2024-11-12 8:06 ` Rubén Justo
2024-11-20 13:39 ` [PATCH v3 " Patrick Steinhardt
2024-11-20 13:39 ` [PATCH v3 01/27] builtin/blame: fix leaking blame entries with `--incremental` Patrick Steinhardt
2024-11-20 13:39 ` [PATCH v3 02/27] bisect: fix leaking good/bad terms when reading multipe times Patrick Steinhardt
2024-11-20 13:39 ` [PATCH v3 03/27] bisect: fix leaking string in `handle_bad_merge_base()` Patrick Steinhardt
2024-11-20 13:39 ` [PATCH v3 04/27] bisect: fix leaking `current_bad_oid` Patrick Steinhardt
2024-11-20 13:39 ` [PATCH v3 05/27] bisect: fix multiple leaks in `bisect_next_all()` Patrick Steinhardt
2024-11-20 13:39 ` [PATCH v3 06/27] bisect: fix leaking commit list items in `check_merge_base()` Patrick Steinhardt
2024-11-20 13:39 ` [PATCH v3 07/27] bisect: fix various cases where we leak commit list items Patrick Steinhardt
2024-11-25 11:27 ` Jeff King
2024-11-25 12:38 ` Patrick Steinhardt [this message]
2024-11-25 13:17 ` Jeff King
2024-11-25 14:08 ` Patrick Steinhardt
2024-11-20 13:39 ` [PATCH v3 08/27] line-log: fix leak when rewriting commit parents Patrick Steinhardt
2024-11-20 13:39 ` [PATCH v3 09/27] strvec: introduce new `strvec_splice()` function Patrick Steinhardt
2024-11-20 13:39 ` [PATCH v3 10/27] git: refactor alias handling to use a `struct strvec` Patrick Steinhardt
2024-11-20 13:39 ` [PATCH v3 11/27] git: refactor builtin " Patrick Steinhardt
2024-11-20 13:39 ` [PATCH v3 12/27] split-index: fix memory leak in `move_cache_to_base_index()` Patrick Steinhardt
2024-11-20 13:39 ` [PATCH v3 13/27] builtin/sparse-checkout: fix leaking sanitized patterns Patrick Steinhardt
2024-11-20 13:39 ` [PATCH v3 14/27] help: refactor to not use globals for reading config Patrick Steinhardt
2024-11-20 13:39 ` [PATCH v3 15/27] help: fix leaking `struct cmdnames` Patrick Steinhardt
2024-11-20 13:39 ` [PATCH v3 16/27] help: fix leaking return value from `help_unknown_cmd()` Patrick Steinhardt
2024-11-20 13:39 ` [PATCH v3 17/27] builtin/help: fix leaks in `check_git_cmd()` Patrick Steinhardt
2024-11-20 13:39 ` [PATCH v3 18/27] builtin/init-db: fix leaking directory paths Patrick Steinhardt
2024-11-20 13:39 ` [PATCH v3 19/27] builtin/branch: fix leaking sorting options Patrick Steinhardt
2024-11-20 13:39 ` [PATCH v3 20/27] t/helper: fix leaking commit graph in "read-graph" subcommand Patrick Steinhardt
2024-11-20 13:39 ` [PATCH v3 21/27] global: drop `UNLEAK()` annotation Patrick Steinhardt
2024-11-20 13:39 ` [PATCH v3 22/27] git-compat-util: drop now-unused `UNLEAK()` macro Patrick Steinhardt
2024-11-20 13:39 ` [PATCH v3 23/27] t5601: work around leak sanitizer issue Patrick Steinhardt
2024-11-20 13:39 ` [PATCH v3 24/27] t: mark some tests as leak free Patrick Steinhardt
2024-11-20 13:39 ` [PATCH v3 25/27] t: remove unneeded !SANITIZE_LEAK prerequisites Patrick Steinhardt
2024-11-20 13:39 ` [PATCH v3 26/27] test-lib: unconditionally enable leak checking Patrick Steinhardt
2024-11-20 13:39 ` [PATCH v3 27/27] t: remove TEST_PASSES_SANITIZE_LEAK annotations Patrick Steinhardt
2024-11-21 10:32 ` [PATCH v3 00/27] Memory leak fixes (pt.10, final) Toon Claes
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=Z0RvxAkmfZhgo_LJ@pks.im \
--to=ps@pks.im \
--cc=git@vger.kernel.org \
--cc=peff@peff.net \
--cc=rjusto@gmail.com \
--cc=toon@iotcl.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).