summaryrefslogtreecommitdiffstats
path: root/fsmonitor.c
diff options
context:
space:
mode:
authorWilliam Baker <William.Baker@microsoft.com>2019-10-11 22:11:23 +0200
committerJunio C Hamano <gitster@pobox.com>2019-10-12 03:16:11 +0200
commit3444ec2eb2be58c285d2bf04f39e6e9ea5eda9a2 (patch)
tree66e71b60020526c9f93d9e3050aae0a290394733 /fsmonitor.c
parentGit 2.23 (diff)
downloadgit-3444ec2eb2be58c285d2bf04f39e6e9ea5eda9a2.tar.xz
git-3444ec2eb2be58c285d2bf04f39e6e9ea5eda9a2.zip
fsmonitor: don't fill bitmap with entries to be removed
While doing some testing with fsmonitor enabled I found that git commands would segfault after staging and unstaging an untracked file. Looking at the crash it appeared that fsmonitor_ewah_callback was attempting to adjust bits beyond the bounds of the index cache. Digging into how this could happen it became clear that the fsmonitor extension must have been written with more bits than there were entries in the index. The root cause ended up being that fill_fsmonitor_bitmap was populating fsmonitor_dirty with bits for all entries in the index, even those that had been marked for removal. To solve this problem fill_fsmonitor_bitmap has been updated to skip entries with the the CE_REMOVE flag set. With this change the bits written for the fsmonitor extension will be consistent with the index entries written by do_write_index. Additionally, BUG checks have been added to detect if the number of bits in fsmonitor_dirty should ever exceed the number of entries in the index again. Another option that was considered was moving the call to fill_fsmonitor_bitmap closer to where the index is written (and where the fsmonitor extension itself is written). However, that did not work as the fsmonitor_dirty bitmap must be filled before the index is split during writing. Signed-off-by: William Baker <William.Baker@microsoft.com> Signed-off-by: Junio C Hamano <gitster@pobox.com>
Diffstat (limited to 'fsmonitor.c')
-rw-r--r--fsmonitor.c29
1 files changed, 24 insertions, 5 deletions
diff --git a/fsmonitor.c b/fsmonitor.c
index 231e83a94d..1f4aa1b150 100644
--- a/fsmonitor.c
+++ b/fsmonitor.c
@@ -14,8 +14,13 @@ struct trace_key trace_fsmonitor = TRACE_KEY_INIT(FSMONITOR);
static void fsmonitor_ewah_callback(size_t pos, void *is)
{
struct index_state *istate = (struct index_state *)is;
- struct cache_entry *ce = istate->cache[pos];
+ struct cache_entry *ce;
+ if (pos >= istate->cache_nr)
+ BUG("fsmonitor_dirty has more entries than the index (%"PRIuMAX" >= %u)",
+ (uintmax_t)pos, istate->cache_nr);
+
+ ce = istate->cache[pos];
ce->ce_flags &= ~CE_FSMONITOR_VALID;
}
@@ -50,17 +55,24 @@ int read_fsmonitor_extension(struct index_state *istate, const void *data,
}
istate->fsmonitor_dirty = fsmonitor_dirty;
+ if (istate->fsmonitor_dirty->bit_size > istate->cache_nr)
+ BUG("fsmonitor_dirty has more entries than the index (%"PRIuMAX" > %u)",
+ (uintmax_t)istate->fsmonitor_dirty->bit_size, istate->cache_nr);
+
trace_printf_key(&trace_fsmonitor, "read fsmonitor extension successful");
return 0;
}
void fill_fsmonitor_bitmap(struct index_state *istate)
{
- unsigned int i;
+ unsigned int i, skipped = 0;
istate->fsmonitor_dirty = ewah_new();
- for (i = 0; i < istate->cache_nr; i++)
- if (!(istate->cache[i]->ce_flags & CE_FSMONITOR_VALID))
- ewah_set(istate->fsmonitor_dirty, i);
+ for (i = 0; i < istate->cache_nr; i++) {
+ if (istate->cache[i]->ce_flags & CE_REMOVE)
+ skipped++;
+ else if (!(istate->cache[i]->ce_flags & CE_FSMONITOR_VALID))
+ ewah_set(istate->fsmonitor_dirty, i - skipped);
+ }
}
void write_fsmonitor_extension(struct strbuf *sb, struct index_state *istate)
@@ -71,6 +83,10 @@ void write_fsmonitor_extension(struct strbuf *sb, struct index_state *istate)
uint32_t ewah_size = 0;
int fixup = 0;
+ if (istate->fsmonitor_dirty->bit_size > istate->cache_nr)
+ BUG("fsmonitor_dirty has more entries than the index (%"PRIuMAX" > %u)",
+ (uintmax_t)istate->fsmonitor_dirty->bit_size, istate->cache_nr);
+
put_be32(&hdr_version, INDEX_EXTENSION_VERSION);
strbuf_add(sb, &hdr_version, sizeof(uint32_t));
@@ -236,6 +252,9 @@ void tweak_fsmonitor(struct index_state *istate)
}
/* Mark all previously saved entries as dirty */
+ if (istate->fsmonitor_dirty->bit_size > istate->cache_nr)
+ BUG("fsmonitor_dirty has more entries than the index (%"PRIuMAX" > %u)",
+ (uintmax_t)istate->fsmonitor_dirty->bit_size, istate->cache_nr);
ewah_each_bit(istate->fsmonitor_dirty, fsmonitor_ewah_callback, istate);
/* Now mark the untracked cache for fsmonitor usage */