From: Johannes Schindelin <Johannes.Schindelin@gmx.de>
To: Junio C Hamano <gitster@pobox.com>
Cc: "René Scharfe" <l.s.r@web.de>,
git@vger.kernel.org, "Stefan Beller" <sbeller@google.com>,
"Johannes Sixt" <j6t@kdbg.org>, "Jeff King" <peff@peff.net>
Subject: Re: [PATCH v4 11/25] checkout: fix memory leak
Date: Tue, 9 May 2017 15:42:17 +0200 (CEST) [thread overview]
Message-ID: <alpine.DEB.2.21.1.1705091540130.146734@virtualbox> (raw)
In-Reply-To: <xmqqk25sch89.fsf@gitster.mtv.corp.google.com>
[-- Attachment #1: Type: text/plain, Size: 3391 bytes --]
Hi Junio & René,
On Mon, 8 May 2017, Junio C Hamano wrote:
> René Scharfe <l.s.r@web.de> writes:
>
> >> /*
> >> * NEEDSWORK:
> >> * There is absolutely no reason to write this as a blob object
> >> - * and create a phony cache entry just to leak. This hack is
> >> - * primarily to get to the write_entry() machinery that massages
> >> - * the contents to work-tree format and writes out which only
> >> - * allows it for a cache entry. The code in write_entry() needs
> >> - * to be refactored to allow us to feed a <buffer, size, mode>
> >> - * instead of a cache entry. Such a refactoring would help
> >> - * merge_recursive as well (it also writes the merge result to the
> >> - * object database even when it may contain conflicts).
> >> + * and create a phony cache entry. This hack is primarily to get
> >> + * to the write_entry() machinery that massages the contents to
> >> + * work-tree format and writes out which only allows it for a
> >> + * cache entry. The code in write_entry() needs to be refactored
> >> + * to allow us to feed a <buffer, size, mode> instead of a cache
> >> + * entry. Such a refactoring would help merge_recursive as well
> >> + * (it also writes the merge result to the object database even
> >> + * when it may contain conflicts).
> >> */
> >> if (write_sha1_file(result_buf.ptr, result_buf.size,
> >> blob_type, oid.hash))
> >
> > Random observation: Using pretend_sha1_file here would at least avoid
> > writing the blob.
>
> Yup, you should have told that to me back in Aug 2008 ;-) when I did
> 0cf8581e ("checkout -m: recreate merge when checking out of unmerged
> index", 2008-08-30); pretend_sha1_file() was available since early
> 2007, and there is no excuse that this codepath did not use it.
I hope y'all agree that this is outside the scope of my patch series...
> >> @@ -251,6 +251,7 @@ static int checkout_merged(int pos, const struct checkout *state)
> >> if (!ce)
> >> die(_("make_cache_entry failed for path '%s'"), path);
> >> status = checkout_entry(ce, state, NULL);
> >> + free(ce);
> >> return status;
> >> }
> >
> > I wonder if that's safe. Why document a leak when it could have been
> > plugged this easily instead?
> >
> > A leak is better than a use after free, so
> > let's be extra careful here. Would it leave the index inconsistent? Or
> > perhaps freeing it has become safe in the meantime?
> >
> > @Junio: Do you remember the reason for the leaks in 0cf8581e330
> > (checkout -m: recreate merge when checking out of unmerged index).
>
> Yes.
>
> In the very old days it was not allowed to free(3) contents of
> active_cache[] and this was an old brain fart that came out of
> inertia. We are manufacturing a brand new ce, only to feed it to
> checkout_entry() without even registering it to the active_cache[]
> array, and the ancient rule doesn't even apply to such a case.
>
> So I think it was safe to free(3) even back then.
So this patch is good, then?
> > And result_buf is still leaked here, right?
>
> Good spotting. It typically would make a larger leak than a single
> ce, I would suppose ;-)
I saw you added this as a fixup! commit. If you don't mind, and if no
other changes are requested, would you mind rebase'ing this yourself?
Thanks,
Dscho
next prev parent reply other threads:[~2017-05-09 13:42 UTC|newest]
Thread overview: 178+ messages / expand[flat|nested] mbox.gz Atom feed top
2017-04-26 20:19 [PATCH 00/26] Address a couple of issues identified by Coverity Johannes Schindelin
2017-04-26 20:19 ` [PATCH 01/26] mingw: avoid memory leak when splitting PATH Johannes Schindelin
2017-04-26 20:19 ` [PATCH 02/26] winansi: avoid use of uninitialized value Johannes Schindelin
2017-04-26 20:19 ` [PATCH 03/26] winansi: avoid buffer overrun Johannes Schindelin
2017-04-26 20:19 ` [PATCH 04/26] add_commit_patch_id(): avoid allocating memory unnecessarily Johannes Schindelin
2017-04-26 20:19 ` [PATCH 05/26] git_config_rename_section_in_file(): avoid resource leak Johannes Schindelin
2017-04-26 20:19 ` [PATCH 06/26] get_mail_commit_oid(): " Johannes Schindelin
2017-04-26 21:06 ` Stefan Beller
2017-04-27 5:53 ` Junio C Hamano
2017-04-28 13:39 ` Johannes Schindelin
2017-04-27 6:14 ` Johannes Sixt
2017-04-28 10:02 ` Johannes Schindelin
2017-04-26 20:19 ` [PATCH 07/26] http-backend: avoid memory leaks Johannes Schindelin
2017-04-27 6:00 ` Junio C Hamano
2017-04-28 9:40 ` Johannes Schindelin
2017-05-01 1:19 ` Junio C Hamano
2017-05-01 19:05 ` Johannes Schindelin
2017-04-26 20:19 ` [PATCH 08/26] difftool: close file descriptors after reading Johannes Schindelin
2017-04-27 6:05 ` Junio C Hamano
2017-04-28 9:51 ` Johannes Schindelin
2017-04-26 20:19 ` [PATCH 09/26] status: close file descriptor after reading git-rebase-todo Johannes Schindelin
2017-04-26 20:20 ` [PATCH 10/26] Check for EOF while parsing mails Johannes Schindelin
2017-04-27 6:07 ` Junio C Hamano
2017-04-28 9:55 ` Johannes Schindelin
2017-04-27 6:20 ` Johannes Sixt
2017-04-28 10:41 ` Johannes Schindelin
2017-04-28 11:20 ` Jeff King
2017-04-28 13:33 ` Johannes Schindelin
2017-04-28 13:45 ` Jeff King
2017-04-27 6:21 ` Jeff King
2017-04-28 10:44 ` Johannes Schindelin
2017-04-28 11:08 ` Jeff King
2017-04-28 13:37 ` Johannes Schindelin
2017-04-26 20:20 ` [PATCH 11/26] cat-file: fix memory leak Johannes Schindelin
2017-04-27 6:10 ` Junio C Hamano
2017-04-28 9:59 ` Johannes Schindelin
2017-04-26 20:20 ` [PATCH 12/26] checkout: " Johannes Schindelin
2017-04-27 6:40 ` Junio C Hamano
2017-04-28 10:51 ` Johannes Schindelin
2017-04-26 20:20 ` [PATCH 13/26] split_commit_in_progress(): " Johannes Schindelin
2017-04-26 20:20 ` [PATCH 14/26] setup_bare_git_dir(): " Johannes Schindelin
2017-04-26 21:20 ` Stefan Beller
2017-04-27 22:54 ` Johannes Schindelin
2017-04-27 6:27 ` Johannes Sixt
2017-04-27 22:57 ` Johannes Schindelin
2017-04-26 20:20 ` [PATCH 15/26] setup_discovered_git_dir(): " Johannes Schindelin
2017-04-26 20:20 ` [PATCH 16/26] pack-redundant: plug " Johannes Schindelin
2017-04-26 20:21 ` [PATCH 17/26] mktree: plug memory leaks reported by Coverity Johannes Schindelin
2017-04-26 20:21 ` [PATCH 18/26] fast-export: avoid leaking memory in handle_tag() Johannes Schindelin
2017-04-27 16:39 ` Johannes Sixt
2017-04-28 10:58 ` Johannes Schindelin
2017-04-26 20:21 ` [PATCH 19/26] receive-pack: plug memory leak in update() Johannes Schindelin
2017-04-26 20:21 ` [PATCH 20/26] line-log: avoid memory leak Johannes Schindelin
2017-04-27 17:14 ` Johannes Sixt
2017-04-28 11:02 ` Johannes Schindelin
2017-04-26 20:21 ` [PATCH 21/26] shallow: " Johannes Schindelin
2017-04-26 20:21 ` [PATCH 22/26] add_reflog_for_walk: " Johannes Schindelin
2017-04-27 17:24 ` Johannes Sixt
2017-04-28 11:33 ` Johannes Schindelin
2017-04-26 20:21 ` [PATCH 23/26] remote: plug memory leak in match_explicit() Johannes Schindelin
2017-04-26 20:21 ` [PATCH 24/26] name-rev: avoid leaking memory in the `deref` case Johannes Schindelin
2017-04-26 20:21 ` [PATCH 25/26] show_worktree(): plug memory leak Johannes Schindelin
2017-04-26 20:22 ` [PATCH 26/26] submodule_uses_worktrees(): " Johannes Schindelin
2017-04-26 21:34 ` [PATCH 00/26] Address a couple of issues identified by Coverity Stefan Beller
2017-04-27 22:50 ` Johannes Schindelin
2017-04-28 18:05 ` Stefan Beller
2017-04-28 20:29 ` Automating Coverity, was " Johannes Schindelin
2017-05-01 11:22 ` Lars Schneider
2017-05-02 11:46 ` Johannes Schindelin
2017-05-05 20:30 ` Johannes Schindelin
2017-05-10 19:48 ` Johannes Schindelin
2017-05-10 19:54 ` Stefan Beller
2017-05-11 11:33 ` Johannes Schindelin
2017-04-27 17:36 ` Johannes Sixt
2017-04-28 11:36 ` Johannes Schindelin
2017-04-28 13:49 ` [PATCH v2 00/25] " Johannes Schindelin
2017-04-28 13:49 ` [PATCH v2 01/25] mingw: avoid memory leak when splitting PATH Johannes Schindelin
2017-04-28 13:49 ` [PATCH v2 02/25] winansi: avoid use of uninitialized value Johannes Schindelin
2017-04-28 13:49 ` [PATCH v2 03/25] winansi: avoid buffer overrun Johannes Schindelin
2017-04-28 13:50 ` [PATCH v2 04/25] add_commit_patch_id(): avoid allocating memory unnecessarily Johannes Schindelin
2017-04-28 13:50 ` [PATCH v2 05/25] git_config_rename_section_in_file(): avoid resource leak Johannes Schindelin
2017-04-28 13:50 ` [PATCH v2 06/25] get_mail_commit_oid(): " Johannes Schindelin
2017-04-28 13:50 ` [PATCH v2 07/25] difftool: address a couple of resource/memory leaks Johannes Schindelin
2017-04-28 13:50 ` [PATCH v2 08/25] status: close file descriptor after reading git-rebase-todo Johannes Schindelin
2017-04-28 14:02 ` [PATCH v2 09/25] mailinfo & mailsplit: check for EOF while parsing Johannes Schindelin
2017-05-02 4:11 ` Junio C Hamano
2017-05-02 13:57 ` Johannes Schindelin
2017-04-28 14:03 ` [PATCH v2 10/25] cat-file: fix memory leak Johannes Schindelin
2017-04-28 14:03 ` [PATCH v2 11/25] checkout: " Johannes Schindelin
2017-04-28 14:03 ` [PATCH v2 12/25] split_commit_in_progress(): " Johannes Schindelin
2017-04-28 14:03 ` [PATCH v2 13/25] setup_bare_git_dir(): help static analysis Johannes Schindelin
2017-04-28 14:03 ` [PATCH v2 14/25] setup_discovered_git_dir(): " Johannes Schindelin
2017-05-02 3:57 ` Junio C Hamano
2017-05-02 12:38 ` Johannes Schindelin
2017-04-28 14:03 ` [PATCH v2 15/25] pack-redundant: plug memory leak Johannes Schindelin
2017-04-28 14:03 ` [PATCH v2 16/25] mktree: plug memory leaks reported by Coverity Johannes Schindelin
2017-04-28 14:03 ` [PATCH v2 17/25] fast-export: avoid leaking memory in handle_tag() Johannes Schindelin
2017-04-28 14:03 ` [PATCH v2 18/25] receive-pack: plug memory leak in update() Johannes Schindelin
2017-04-28 14:04 ` [PATCH v2 19/25] line-log: avoid memory leak Johannes Schindelin
2017-04-28 14:04 ` [PATCH v2 20/25] shallow: " Johannes Schindelin
2017-04-28 14:04 ` [PATCH v2 21/25] add_reflog_for_walk: " Johannes Schindelin
2017-04-28 14:04 ` [PATCH v2 22/25] remote: plug memory leak in match_explicit() Johannes Schindelin
2017-04-28 14:04 ` [PATCH v2 23/25] name-rev: avoid leaking memory in the `deref` case Johannes Schindelin
2017-05-02 3:26 ` Junio C Hamano
2017-05-02 3:42 ` Junio C Hamano
2017-05-02 14:00 ` Johannes Schindelin
2017-05-04 4:22 ` Junio C Hamano
2017-04-28 14:04 ` [PATCH v2 24/25] show_worktree(): plug memory leak Johannes Schindelin
2017-05-02 3:22 ` Junio C Hamano
2017-04-28 14:04 ` [PATCH v2 25/25] submodule_uses_worktrees(): " Johannes Schindelin
2017-05-02 3:17 ` Junio C Hamano
2017-05-02 16:00 ` [PATCH v3 00/25] Address a couple of issues identified by Coverity Johannes Schindelin
2017-05-02 16:00 ` [PATCH v3 01/25] mingw: avoid memory leak when splitting PATH Johannes Schindelin
2017-05-03 19:48 ` René Scharfe
2017-05-04 10:29 ` Johannes Schindelin
2017-05-02 16:01 ` [PATCH v3 02/25] winansi: avoid use of uninitialized value Johannes Schindelin
2017-05-03 19:48 ` René Scharfe
2017-05-04 10:23 ` Johannes Schindelin
2017-05-02 16:01 ` [PATCH v3 03/25] winansi: avoid buffer overrun Johannes Schindelin
2017-05-02 16:01 ` [PATCH v3 04/25] add_commit_patch_id(): avoid allocating memory unnecessarily Johannes Schindelin
2017-05-02 16:01 ` [PATCH v3 05/25] git_config_rename_section_in_file(): avoid resource leak Johannes Schindelin
2017-05-02 16:01 ` [PATCH v3 06/25] get_mail_commit_oid(): " Johannes Schindelin
2017-05-02 16:01 ` [PATCH v3 07/25] difftool: address a couple of resource/memory leaks Johannes Schindelin
2017-05-02 16:01 ` [PATCH v3 08/25] status: close file descriptor after reading git-rebase-todo Johannes Schindelin
2017-05-02 16:01 ` [PATCH v3 09/25] mailinfo & mailsplit: check for EOF while parsing Johannes Schindelin
2017-05-02 16:01 ` [PATCH v3 10/25] cat-file: fix memory leak Johannes Schindelin
2017-05-02 16:02 ` [PATCH v3 11/25] checkout: " Johannes Schindelin
2017-05-02 16:02 ` [PATCH v3 12/25] split_commit_in_progress(): " Johannes Schindelin
2017-05-03 20:59 ` René Scharfe
2017-05-04 10:59 ` Johannes Schindelin
2017-05-06 17:13 ` René Scharfe
2017-05-09 13:39 ` Johannes Schindelin
2017-05-02 16:02 ` [PATCH v3 13/25] setup_bare_git_dir(): help static analysis Johannes Schindelin
2017-05-02 16:02 ` [PATCH v3 14/25] setup_discovered_git_dir(): plug memory leak Johannes Schindelin
2017-05-02 17:20 ` Stefan Beller
2017-05-02 18:15 ` Jeff King
2017-05-03 9:35 ` Johannes Schindelin
2017-05-02 16:02 ` [PATCH v3 15/25] pack-redundant: " Johannes Schindelin
2017-05-02 16:02 ` [PATCH v3 16/25] mktree: plug memory leaks reported by Coverity Johannes Schindelin
2017-05-02 16:02 ` [PATCH v3 17/25] fast-export: avoid leaking memory in handle_tag() Johannes Schindelin
2017-05-02 16:02 ` [PATCH v3 18/25] receive-pack: plug memory leak in update() Johannes Schindelin
2017-05-02 16:02 ` [PATCH v3 19/25] line-log: avoid memory leak Johannes Schindelin
2017-05-02 16:02 ` [PATCH v3 20/25] shallow: " Johannes Schindelin
2017-05-02 16:02 ` [PATCH v3 21/25] add_reflog_for_walk: " Johannes Schindelin
2017-05-02 16:02 ` [PATCH v3 22/25] remote: plug memory leak in match_explicit() Johannes Schindelin
2017-05-02 16:02 ` [PATCH v3 23/25] name-rev: avoid leaking memory in the `deref` case Johannes Schindelin
2017-05-02 16:03 ` [PATCH v3 24/25] show_worktree(): plug memory leak Johannes Schindelin
2017-05-02 16:03 ` [PATCH v3 25/25] submodule_uses_worktrees(): " Johannes Schindelin
2017-05-04 13:54 ` [PATCH v4 00/25] Address a couple of issues identified by Coverity Johannes Schindelin
2017-05-04 13:55 ` [PATCH v4 01/25] mingw: avoid memory leak when splitting PATH Johannes Schindelin
2017-05-04 13:55 ` [PATCH v4 02/25] winansi: avoid use of uninitialized value Johannes Schindelin
2017-05-04 13:55 ` [PATCH v4 03/25] winansi: avoid buffer overrun Johannes Schindelin
2017-05-04 13:55 ` [PATCH v4 04/25] add_commit_patch_id(): avoid allocating memory unnecessarily Johannes Schindelin
2017-05-04 13:55 ` [PATCH v4 05/25] git_config_rename_section_in_file(): avoid resource leak Johannes Schindelin
2017-05-04 13:55 ` [PATCH v4 06/25] get_mail_commit_oid(): " Johannes Schindelin
2017-05-04 13:55 ` [PATCH v4 07/25] difftool: address a couple of resource/memory leaks Johannes Schindelin
2017-05-04 13:55 ` [PATCH v4 08/25] status: close file descriptor after reading git-rebase-todo Johannes Schindelin
2017-05-04 13:56 ` [PATCH v4 09/25] mailinfo & mailsplit: check for EOF while parsing Johannes Schindelin
2017-05-04 13:56 ` [PATCH v4 10/25] cat-file: fix memory leak Johannes Schindelin
2017-05-04 13:56 ` [PATCH v4 11/25] checkout: " Johannes Schindelin
2017-05-06 17:14 ` René Scharfe
2017-05-08 0:41 ` Junio C Hamano
2017-05-09 13:42 ` Johannes Schindelin [this message]
2017-05-09 22:51 ` Junio C Hamano
2017-05-04 13:56 ` [PATCH v4 12/25] split_commit_in_progress(): simplify & " Johannes Schindelin
2017-05-04 13:56 ` [PATCH v4 13/25] setup_bare_git_dir(): help static analysis Johannes Schindelin
2017-05-04 13:56 ` [PATCH v4 14/25] setup_discovered_git_dir(): plug memory leak Johannes Schindelin
2017-05-04 13:56 ` [PATCH v4 15/25] pack-redundant: " Johannes Schindelin
2017-05-04 13:57 ` [PATCH v4 16/25] mktree: plug memory leaks reported by Coverity Johannes Schindelin
2017-05-04 13:57 ` [PATCH v4 17/25] fast-export: avoid leaking memory in handle_tag() Johannes Schindelin
2017-05-04 13:57 ` [PATCH v4 18/25] receive-pack: plug memory leak in update() Johannes Schindelin
2017-05-04 13:58 ` [PATCH v4 19/25] line-log: avoid memory leak Johannes Schindelin
2017-05-04 13:58 ` [PATCH v4 20/25] shallow: " Johannes Schindelin
2017-05-04 13:58 ` [PATCH v4 21/25] add_reflog_for_walk: " Johannes Schindelin
2017-05-04 13:59 ` [PATCH v4 22/25] remote: plug memory leak in match_explicit() Johannes Schindelin
2017-05-04 13:59 ` [PATCH v4 23/25] name-rev: avoid leaking memory in the `deref` case Johannes Schindelin
2017-05-04 13:59 ` [PATCH v4 24/25] show_worktree(): plug memory leak Johannes Schindelin
2017-05-04 13:59 ` [PATCH v4 25/25] submodule_uses_worktrees(): " Johannes Schindelin
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=alpine.DEB.2.21.1.1705091540130.146734@virtualbox \
--to=johannes.schindelin@gmx.de \
--cc=git@vger.kernel.org \
--cc=gitster@pobox.com \
--cc=j6t@kdbg.org \
--cc=l.s.r@web.de \
--cc=peff@peff.net \
--cc=sbeller@google.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox