From: Junio C Hamano <gitster@pobox.com>
To: Patrick Steinhardt <ps@pks.im>
Cc: git@vger.kernel.org, Jeff King <peff@peff.net>,
Taylor Blau <me@ttaylorr.com>
Subject: Re: [PATCH] object-file: fix race in object collision check
Date: Mon, 30 Dec 2024 06:40:53 -0800 [thread overview]
Message-ID: <xmqqy0zxz11m.fsf@gitster.g> (raw)
In-Reply-To: <20241230-b4-pks-object-file-racy-collision-check-v1-1-11571294e60a@pks.im> (Patrick Steinhardt's message of "Mon, 30 Dec 2024 11:32:23 +0100")
Patrick Steinhardt <ps@pks.im> writes:
> By definition, two files cannot collide with each other when one of them
> has been removed. We can thus trivially fix the issue by ignoring ENOENT
> when opening either of the files we're about to check for collision.
Thanks for digging it down to the cause.
It is more like even if these two files collided (i.e. have the same
name based on what the hash function says, with different contents),
when one of them has been removed, we have no way to check if the
collision is benign, and even if it were not, we cannot do anything
about it, isn't it?
I do like the simplicity of the solution. I wonder given bad enough
race, we could fall into a case where both files are missing?
Thanks, will queue.
> Signed-off-by: Patrick Steinhardt <ps@pks.im>
> ---
> Hi,
>
> this patch is the follow-up for [1], where I've mentioned a couple of CI
> flakes that happen rather regularly. As it turns out, this race was a
> real bug hiding in the newly nitroduced object collision check in case
> one of the files got unlinked while performing the check.
>
> Thanks!
>
> Patrick
>
> [1]: <Z2-2dbYVuuLxpNmK@pks.im>
> ---
> object-file.c | 6 ++++--
> 1 file changed, 4 insertions(+), 2 deletions(-)
>
> diff --git a/object-file.c b/object-file.c
> index 5b792b3dd42cecde43a1b18abc164fd368cbcd69..f84dcd2f2a7b88716ab47bc00ee7a605a82e8d21 100644
> --- a/object-file.c
> +++ b/object-file.c
> @@ -1978,13 +1978,15 @@ static int check_collision(const char *filename_a, const char *filename_b)
>
> fd_a = open(filename_a, O_RDONLY);
> if (fd_a < 0) {
> - ret = error_errno(_("unable to open %s"), filename_a);
> + if (errno != ENOENT)
> + ret = error_errno(_("unable to open %s"), filename_a);
> goto out;
> }
>
> fd_b = open(filename_b, O_RDONLY);
> if (fd_b < 0) {
> - ret = error_errno(_("unable to open %s"), filename_b);
> + if (errno != ENOENT)
> + ret = error_errno(_("unable to open %s"), filename_b);
> goto out;
> }
>
>
> ---
> base-commit: 306ab352f4e98f6809ce52fc4e5d63fb947d0635
> change-id: 20241230-b4-pks-object-file-racy-collision-check-62a8d1588116
next prev parent reply other threads:[~2024-12-30 14:40 UTC|newest]
Thread overview: 8+ messages / expand[flat|nested] mbox.gz Atom feed top
2024-12-30 10:32 [PATCH] object-file: fix race in object collision check Patrick Steinhardt
2024-12-30 14:40 ` Junio C Hamano [this message]
2024-12-30 14:50 ` Patrick Steinhardt
2024-12-30 14:54 ` Junio C Hamano
2024-12-31 1:42 ` Jeff King
2025-01-01 16:50 ` Junio C Hamano
2025-01-01 18:19 ` Jeff King
2025-01-03 7:16 ` Patrick Steinhardt
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=xmqqy0zxz11m.fsf@gitster.g \
--to=gitster@pobox.com \
--cc=git@vger.kernel.org \
--cc=me@ttaylorr.com \
--cc=peff@peff.net \
--cc=ps@pks.im \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).