From: Daniel Barkalow <barkalow@iabervon.org>
To: Ben Lynn <benlynn@gmail.com>
Cc: git@vger.kernel.org
Subject: Re: git bugs
Date: Tue, 10 Jun 2008 12:58:34 -0400 (EDT) [thread overview]
Message-ID: <alpine.LNX.1.00.0806101236120.19665@iabervon.org> (raw)
In-Reply-To: <832adb090806100141n69c086a2v2f59fe94b2f4ead3@mail.gmail.com>
On Tue, 10 Jun 2008, Ben Lynn wrote:
> 2. Kudos to everyone who figured out the nasty race condition and its
> complex solution as described in Documentation/technical/racy-git.txt
> and the comments of read-cache.c. It took me a while to get my head
> around it.
>
> Unfortunately, the solution isn't perfect. Try this:
>
> $ echo xyzzy > file
> $ git update-index --add file # don't zero size since contents match
> $ echo frotz > file # all stats still match, contents don't
> $ echo nitfol > other # can be done much earlier
> $ git update-index --add other # now the cached size is zeroed
> $ : > file # zero the file size muahahaha
> $ # Type fast! The above must take place within the same second! ;-)
> $ sleep 2
> $ echo filfre > other
> $ git update-index --add other # stats of "file" match, hash is wrong
>
> Essentially, we trigger two index writes that avoid operations on
> "file": one immediately after "file" is first committed and identified
> as racily clean, and the second some time later, after we have
> sneakily zeroed the file behind git's back (after previously editing
> its contents in place). We defeat the safeguards and end up with a bad
> hash in the index that appears valid.
>
> The"other" file merely causes index writes without reading the "file"
> entry. It is also racily clean in the above, but this is irrelevant.
>
> It's unlikely this sequence of operations would occur in real usage,
> but I'd sleep better if this index corruption bug were eliminated. One
> practical but unsatisfactory easy "fix" is to mark racily clean
> entries with SIZE_MAX instead of 0.
We could distinguish a "racily clean" entry from a 0-length file entry
based on the hash. That is, say that a file isn't clean even though the
size matches, if the size is 0 and the entry's hash isn't the same as the
file's hash, which is e69de29bb2d1d6434b8b29ae775ad8c2e48c5391. Nice thing
about 0-length files is that you can compute their hashes without reading
them.
-Daniel
*This .sig left intentionally blank*
next prev parent reply other threads:[~2008-06-10 16:59 UTC|newest]
Thread overview: 37+ messages / expand[flat|nested] mbox.gz Atom feed top
2008-06-10 8:41 git bugs Ben Lynn
2008-06-10 16:58 ` Daniel Barkalow [this message]
2008-06-10 17:44 ` Linus Torvalds
2008-06-10 18:45 ` Ben Lynn
2008-06-10 20:06 ` Linus Torvalds
2008-06-10 23:09 ` Ben Lynn
2008-06-10 23:38 ` Junio C Hamano
2008-06-11 0:02 ` Ben Lynn
2008-06-11 0:20 ` Junio C Hamano
2008-06-11 0:24 ` Ben Lynn
2008-06-11 0:53 ` Ben Lynn
2008-06-11 12:46 ` Stephen R. van den Berg
2008-06-12 6:51 ` Ben Lynn
2008-06-11 1:36 ` Linus Torvalds
2008-06-11 2:04 ` Ben Lynn
2008-06-11 2:12 ` Linus Torvalds
2008-06-11 2:31 ` Ben Lynn
2008-06-11 2:39 ` Linus Torvalds
2008-06-11 5:58 ` Ben Lynn
2008-06-11 6:18 ` Ben Lynn
2008-06-11 14:54 ` Linus Torvalds
2008-06-11 17:52 ` Ben Lynn
2008-06-11 18:10 ` Linus Torvalds
2008-06-11 18:48 ` Ben Lynn
2008-06-11 18:53 ` Linus Torvalds
2008-06-11 20:57 ` Ben Lynn
2008-06-11 21:50 ` Junio C Hamano
2008-06-11 14:52 ` Linus Torvalds
2008-06-12 20:06 ` Junio C Hamano
2008-06-13 10:10 ` Jeff King
2008-06-13 23:09 ` Junio C Hamano
2008-06-14 6:25 ` Jeff King
2008-06-12 3:17 ` Shawn O. Pearce
2008-06-12 6:46 ` Ben Lynn
2008-06-12 7:12 ` Johannes Schindelin
-- strict thread matches above, loose matches on Subject: below --
2017-02-23 20:27 Sean Hunt
2017-02-24 16:52 ` Johannes Schindelin
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
List information: http://vger.kernel.org/majordomo-info.html
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=alpine.LNX.1.00.0806101236120.19665@iabervon.org \
--to=barkalow@iabervon.org \
--cc=benlynn@gmail.com \
--cc=git@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
Code repositories for project(s) associated with this public inbox
https://80x24.org/mirrors/git.git
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).