From: Junio C Hamano <gitster@pobox.com>
To: Jeff King <peff@peff.net>
Cc: "Ævar Arnfjörð Bjarmason" <avarab@gmail.com>,
"Git Mailing List" <git@vger.kernel.org>,
"John Szakmeister" <john@szakmeister.net>,
"Dennis Kaarsemaker" <dennis@kaarsemaker.net>
Subject: Re: Infinite loop regression in git-fsck in v2.12.0
Date: Wed, 31 Oct 2018 07:28:00 +0900 [thread overview]
Message-ID: <xmqq4ld3134f.fsf@gitster-ct.c.googlers.com> (raw)
In-Reply-To: <20181030213505.GA11319@sigill.intra.peff.net> (Jeff King's message of "Tue, 30 Oct 2018 17:35:05 -0400")
Jeff King <peff@peff.net> writes:
> The problem isn't actually a sha1 mismatch, though that's what
> parse_object() will report. The issue is actually that the file is
> truncated. So zlib does not say "this is corrupt", but rather "I need
> more bytes to keep going". And unfortunately it returns Z_BUF_ERROR both
> for "I need more bytes" (in which we know we are truncated, because we
> fed the whole mmap'd file in the first place) as well as "I need more
> output buffer space" (which just means we should keep looping!).
>
> So we need to distinguish those cases. I think this is the simplest fix:
>
> diff --git a/sha1-file.c b/sha1-file.c
> index dd0b6aa873..a7ff5fe25d 100644
> --- a/sha1-file.c
> +++ b/sha1-file.c
> @@ -2199,6 +2199,7 @@ static int check_stream_sha1(git_zstream *stream,
> * see the comment in unpack_sha1_rest for details.
> */
> while (total_read <= size &&
> + stream->avail_in > 0 &&
> (status == Z_OK || status == Z_BUF_ERROR)) {
> stream->next_out = buf;
> stream->avail_out = sizeof(buf);
Hmph. If the last round consumed the final input byte and needed
output space of N bytes, but only M (< N) bytes of the output space
was available, then it would have reduced both avail_in and
avail_out down to zero and yielded Z_BUF_ERROR, no? Or would zlib
refrain from consuming that final byte (leaving avail_in to at least
one) and give us Z_BUF_ERROR in such a case?
> This works just by checking that we are making forward progress in the
> output buffer. I think that would _probably_ be OK for this case, since
> we know we have all of the input available. But in a case where we're
> feeding the input in a stream, it would not be. It's possible there that
> we would not create any output in one round, but would do so after
> feeding more input bytes.
Yes, exactly.
> I think the patch I showed above addresses the root cause more directly.
> I'll wrap that up in a real commit, but I think there may be some
> related work:
>
> - "git show 19f9c827" does complain with "sha1 mismatch" (which isn't
> strictly correct, but is probably good enough). However, "git
> cat-file blob 19f9c827" exits non-zero without printing anything. It
> probably should complain more loudly.
>
> - the offending loop comes from f6371f9210. But that commit was mostly
> cargo-culting other parts of sha1-file.c. I'm worried that this bug
> exists elsewhere, too. I'll dig around to see if I can find other
> instances.
Thanks.
next prev parent reply other threads:[~2018-10-30 22:28 UTC|newest]
Thread overview: 39+ messages / expand[flat|nested] mbox.gz Atom feed top
2017-01-07 12:50 "git fsck" not detecting garbage at the end of blob object files John Szakmeister
2017-01-07 21:47 ` Dennis Kaarsemaker
2017-01-08 5:26 ` Jeff King
2017-01-13 9:15 ` John Szakmeister
2017-01-13 17:52 ` [PATCH 0/6] loose-object fsck fixes/tightening Jeff King
2017-01-13 17:54 ` [PATCH 1/6] t1450: refactor loose-object removal Jeff King
2017-01-13 17:54 ` [PATCH 2/6] sha1_file: fix error message for alternate objects Jeff King
2017-01-13 17:55 ` [PATCH 3/6] t1450: test fsck of packed objects Jeff King
2017-01-13 17:58 ` [PATCH 4/6] sha1_file: add read_loose_object() function Jeff King
2017-01-13 17:59 ` [PATCH 5/6] fsck: parse loose object paths directly Jeff King
2018-10-30 20:03 ` Infinite loop regression in git-fsck in v2.12.0 Ævar Arnfjörð Bjarmason
2018-10-30 21:35 ` Jeff King
2018-10-30 22:28 ` Junio C Hamano [this message]
2018-10-30 22:56 ` Jeff King
2018-10-30 23:12 ` Jeff King
2018-10-30 23:18 ` [PATCH 1/3] t1450: check large blob in trailing-garbage test Jeff King
2018-10-30 23:23 ` [PATCH 2/3] check_stream_sha1(): handle input underflow Jeff King
2018-10-31 4:23 ` Junio C Hamano
2018-10-31 4:30 ` Jeff King
2018-10-31 4:44 ` Junio C Hamano
2018-10-31 5:03 ` Jeff King
2018-10-31 5:13 ` Jeff King
2018-10-31 5:31 ` Junio C Hamano
2018-10-30 23:23 ` [PATCH 3/3] cat-file: handle streaming failures consistently Jeff King
2018-10-31 12:42 ` [PATCH 0/3] Add a GIT_TEST_FSCK test mode Ævar Arnfjörð Bjarmason
2018-10-31 12:42 ` [PATCH 1/3] tests: add a "env-bool" helper to test-tool Ævar Arnfjörð Bjarmason
2018-10-31 12:42 ` [PATCH 2/3] tests: mark those tests where "git fsck" fails at the end Ævar Arnfjörð Bjarmason
2018-11-01 3:37 ` Junio C Hamano
2018-10-31 12:42 ` [PATCH 3/3] tests: add a special test setup that runs "git fsck" before exiting Ævar Arnfjörð Bjarmason
2018-10-31 13:33 ` [PATCH 3/3] cat-file: handle streaming failures consistently Torsten Bögershausen
2018-10-31 14:23 ` Junio C Hamano
2018-10-31 14:37 ` Jeff King
2018-10-31 17:38 ` Eric Sunshine
2018-10-31 20:29 ` Jeff King
2018-10-30 21:56 ` Infinite loop regression in git-fsck in v2.12.0 Ævar Arnfjörð Bjarmason
2018-10-30 23:08 ` Jeff King
2017-01-13 18:00 ` [PATCH 6/6] fsck: detect trailing garbage in all object types Jeff King
2017-01-19 11:18 ` [PATCH 0/6] loose-object fsck fixes/tightening John Szakmeister
2017-01-13 9:16 ` "git fsck" not detecting garbage at the end of blob object files John Szakmeister
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
List information: http://vger.kernel.org/majordomo-info.html
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=xmqq4ld3134f.fsf@gitster-ct.c.googlers.com \
--to=gitster@pobox.com \
--cc=avarab@gmail.com \
--cc=dennis@kaarsemaker.net \
--cc=git@vger.kernel.org \
--cc=john@szakmeister.net \
--cc=peff@peff.net \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
Code repositories for project(s) associated with this public inbox
https://80x24.org/mirrors/git.git
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).