From: Michael Haggerty <mhagger@alum.mit.edu>
To: Jeff King <peff@peff.net>
Cc: git@vger.kernel.org, "Stefan Beller" <sbeller@google.com>,
"Junio C Hamano" <gitster@pobox.com>,
"Jakub Narębski" <jnareb@gmail.com>,
"Jacob Keller" <jacob.keller@gmail.com>
Subject: Re: [PATCH 5/8] xdl_change_compact(): fix compaction heuristic to adjust io
Date: Wed, 10 Aug 2016 19:09:32 +0200 [thread overview]
Message-ID: <b4c4b955-f461-4828-f83a-7caaf3c3d6be@alum.mit.edu> (raw)
In-Reply-To: <7dea0a1e-a1b4-efe4-c86d-152f6c96604a@alum.mit.edu>
On 08/10/2016 06:58 PM, Michael Haggerty wrote:
> On 08/04/2016 09:27 AM, Jeff King wrote:
>> On Thu, Aug 04, 2016 at 12:00:33AM +0200, Michael Haggerty wrote:
>>
>>> The code branch used for the compaction heuristic incorrectly forgot to
>>> keep io in sync while the group was shifted. I think that could have
>>> led to reading past the end of the rchgo array.
>>>
>>> Signed-off-by: Michael Haggerty <mhagger@alum.mit.edu>
>>> ---
>>> I didn't actually try to verify the presence of a bug, because it
>>> seems like more work than worthwhile. But here is my reasoning:
>>>
>>> If io is not decremented correctly during one iteration of the outer
>>> `while` loop, then it will loose sync with the `end` counter. In
>>> particular it will be too large.
>>>
>>> Suppose that the next iterations of the outer `while` loop (i.e.,
>>> processing the next block of add/delete lines) don't have any sliders.
>>> Then the `io` counter would be incremented by the number of
>>> non-changed lines in xdf, which is the same as the number of
>>> non-changed lines in xdfo that *should have* followed the group that
>>> experienced the malfunction. But since `io` was too large at the end
>>> of that iteration, it will be incremented past the end of the
>>> xdfo->rchg array, and will try to read that memory illegally.
>>
>> Hmm. In the loop:
>>
>> while (rchgo[io])
>> io++;
>>
>> that implies that rchgo has a zero-marker that we can rely on hitting.
>
> I agree.
>
>> And it looks like rchgo[io] always ends the loop on a 0. So it seems
>> like we would just hit that condition again.
>
> Correct...in this loop. But there is another place where `io` is
> incremented unconditionally. In the version before my changes, it is via
> the preincrement operator in this while statement conditional:
>
> https://github.com/mhagger/git/blob/a28705da929ad746abcb34270947f738549d3246/xdiff/xdiffi.c#L502
>
> After my changes, the unconditional increment is more obvious because I
> took it out of the while condition:
>
> https://github.com/mhagger/git/blob/39a135da93834fd72ee923d95d0cebfe525dfe7a/xdiff/xdiffi.c#L541
>
> (BTW, I think this is a good example of how patch 2/8 makes the code
> easier to reason about.)
Actually, for the case that no more sliders are found in the file, the
key lines where io is incremented unconditionally are
https://github.com/mhagger/git/blob/a28705da929ad746abcb34270947f738549d3246/xdiff/xdiffi.c#L438
before the change (note that the post-increment happens even if the
while condition returns false), and
https://github.com/mhagger/git/blob/39a135da93834fd72ee923d95d0cebfe525dfe7a/xdiff/xdiffi.c#L443-L444
after the change. (The lines I mentioned in my previous email are also
unconditional increments, but those are only executed in the case that
more sliders are found.)
Michael
next prev parent reply other threads:[~2016-08-10 18:13 UTC|newest]
Thread overview: 57+ messages / expand[flat|nested] mbox.gz Atom feed top
2016-08-03 22:00 [PATCH 0/8] Better heuristics make prettier diffs Michael Haggerty
2016-08-03 22:00 ` [PATCH 1/8] xdl_change_compact(): rename some local variables for clarity Michael Haggerty
2016-08-04 7:06 ` Jeff King
2016-08-04 18:24 ` Junio C Hamano
2016-08-13 19:38 ` Michael Haggerty
2016-08-14 12:26 ` Jeff King
2016-08-03 22:00 ` [PATCH 2/8] xdl_change_compact(): clarify code Michael Haggerty
2016-08-03 22:11 ` Stefan Beller
2016-08-03 23:14 ` Michael Haggerty
2016-08-03 23:50 ` Stefan Beller
2016-08-04 7:13 ` Jeff King
2016-08-10 16:39 ` Michael Haggerty
2016-08-10 16:58 ` Stefan Beller
2016-08-03 22:00 ` [PATCH 3/8] xdl_change_compact(): rename i to end Michael Haggerty
2016-08-04 7:16 ` Jeff King
2016-08-03 22:00 ` [PATCH 4/8] xdl_change_compact(): do one final shift or the other, not both Michael Haggerty
2016-08-03 22:00 ` [PATCH 5/8] xdl_change_compact(): fix compaction heuristic to adjust io Michael Haggerty
2016-08-04 7:27 ` Jeff King
2016-08-10 16:58 ` Michael Haggerty
2016-08-10 17:09 ` Michael Haggerty [this message]
2016-08-11 4:16 ` Jeff King
2016-08-04 18:43 ` Junio C Hamano
2016-08-10 17:13 ` Michael Haggerty
2016-08-03 22:00 ` [PATCH 6/8] xdl_change_compact(): keep track of the earliest end Michael Haggerty
2016-08-04 18:46 ` Junio C Hamano
2016-08-10 17:16 ` Michael Haggerty
2016-08-03 22:00 ` [PATCH 7/8] is_blank_line: take a single xrecord_t as argument Michael Haggerty
2016-08-04 18:48 ` Junio C Hamano
2016-08-03 22:00 ` [PATCH 8/8] diff: improve positioning of add/delete blocks in diffs Michael Haggerty
2016-08-03 22:29 ` Jacob Keller
2016-08-03 22:36 ` Michael Haggerty
2016-08-04 4:47 ` Jacob Keller
2016-08-04 19:39 ` Junio C Hamano
2016-08-10 19:01 ` Michael Haggerty
2016-08-10 21:28 ` Junio C Hamano
2016-08-03 22:30 ` Stefan Beller
2016-08-03 22:41 ` Michael Haggerty
2016-08-03 22:51 ` Stefan Beller
2016-08-03 23:30 ` Michael Haggerty
2016-08-04 0:04 ` Stefan Beller
2016-08-10 19:12 ` Michael Haggerty
2016-08-04 7:56 ` Jeff King
2016-08-04 16:55 ` Stefan Beller
2016-08-04 19:47 ` Junio C Hamano
2016-08-13 0:09 ` Michael Haggerty
2016-08-12 23:25 ` Michael Haggerty
2016-08-13 8:59 ` Jeff King
2016-08-13 15:59 ` Junio C Hamano
2016-08-14 7:21 ` Jacob Keller
2016-08-15 6:33 ` Stefan Beller
2016-08-15 20:24 ` Junio C Hamano
2016-08-04 19:52 ` Junio C Hamano
2016-08-13 0:11 ` Michael Haggerty
2016-08-03 22:08 ` [PATCH 0/8] Better heuristics make prettier diffs Michael Haggerty
2016-08-04 7:38 ` Jeff King
2016-08-04 19:54 ` Junio C Hamano
2016-08-04 20:01 ` Jeff King
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
List information: http://vger.kernel.org/majordomo-info.html
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=b4c4b955-f461-4828-f83a-7caaf3c3d6be@alum.mit.edu \
--to=mhagger@alum.mit.edu \
--cc=git@vger.kernel.org \
--cc=gitster@pobox.com \
--cc=jacob.keller@gmail.com \
--cc=jnareb@gmail.com \
--cc=peff@peff.net \
--cc=sbeller@google.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
Code repositories for project(s) associated with this public inbox
https://80x24.org/mirrors/git.git
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).