On Mon, Jun 10, 2024 at 10:57:54AM -0400, Taylor Blau wrote:
> On Mon, Jun 10, 2024 at 07:55:46AM +0200, Patrick Steinhardt wrote:
> > On Sun, Jun 09, 2024 at 11:27:35AM -0400, Taylor Blau wrote:
> > > In 795006fff4 (pack-bitmap: gracefully handle missing BTMP chunks,
> > > 2024-04-15), we refactored the reuse_partial_packfile_from_bitmap()
> > > function and stopped assigning the pack_int_id field when reusing only
> > > the MIDX's preferred pack. This results in an uninitialized read down in
> > > try_partial_reuse() like so:
> >
> > I feel like I'm blind, but I cannot see how the patch changed what we do
> > with `pack_int_id`. It's not mentioned a single time in the diff, so how
> > did it have the effect of not setting it anymore?
>
> It's because prior to 795006fff4, we handled reusing a single pack from
> a MIDX differently than in the post-image of that commit. Prior to
> 795006fff4, the loop looked like:
>
> if (bitmap_is_midx(bitmap_git)) {
> for (i = 0; i < bitmap_git->midx->num_packs; i++) {
> struct bitmapped_pack pack;
> if (nth_bitmapped_pack(r, bitmap_git->midx, &pack, i) < 0) {
> /* ... */
> return;
> }
> if (!pack.bitmap_nr)
> continue;
> if (!multi_pack_reuse && pack.bitmap_pos)
> continue;
>
> ALLOC_GROW(packs, packs_nr + 1, packs_alloc);
> memcpy(&packs[packs_nr++], &pack, sizeof(pack));
> }
> }
>
> Since nth_bitmapped_pack() fills out the pack_int_id field, we got it
> automatically since we just memcpy()'d the result of
> nth_bitmapped_pack() into our array.
>
> In the single pack bitmap case, we don't need to initialize the
> pack_int_id field because we never read it, hence the lack of MSan
> failures in that mode.
>
> But since 795006fff4 combined these two single pack cases (that is,
> single-pack bitmaps, and reusing only a single pack out of a MIDX
> bitmap) into one, 795006fff4 neglected to initialize the pack_int_id
> field, causing this issue.
Makes sense, thanks for the explanation!
Patrick
Attachment:
signature.asc
Description: PGP signature
