-
Notifications
You must be signed in to change notification settings - Fork 695
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Memory corruption in index handling #1970
Comments
I'm also able to reproduce this in a source checkout of HEAD with both Debug and Release builds. |
Running valgrind on the test case above reports a bunch of errors like this:
The exact end of the stack trace in the invalid read changes a bit (sometimes there's another frame with |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
The following setup pretty reliably produces error messages that are indicative of memory corruption somewhere in
Index
orIndexEntry
, I suspect related to a use-after-free ofIndex
. Save the following file astest.mjs
:and then set up a test repo with a fairly large index (it is possible, but much rarer, to hit it with a smaller index):
This is a minimized version of the overwriteIndexFromFile function in twosigma/git-meta. See twosigma/git-meta#882 for a few more of my notes if you're curious - notably, leaking
newIndex
(by appending it to a global array) appears to avoid the problem, as does running GC in some spots. I think theoverwriteIndexFromFile
function is validly written and doesn't do anything unusual, but If the answer is "you're holding it wrong," that's still helpful (though I'd still claim that it shouldn't be possible to cause memory corruption by holding it wrong :) ).The specific errors vary depending on your luck, at least in the un-minimized version: it's usually an invalid path or an invalid mode. If you are careful to log the
IndexEntry
's contents you will notice other corruption in the filename (@
signs and other weirdness clobbering bytes from the original filename) that doesn't actually trigger a validation error in libgit2 and presumably goes ahead and constructs an erroneous index. And exactly one time, I got a segfault instrlen
as called fromv8::String::NewFromUtf8
.If there's anything I can provide or try out to be helpful for debugging this, let me know!
System information
The text was updated successfully, but these errors were encountered: