Martin von Zweigbergk <martinvonz@google.com> [Tue, 20 Nov 2018 14:43:27 -0800] rev 40816
rebase: fix path auditing to audit path relative to repo root (
issue5818)
Before this patch, when rebasing a file called "foo/bar", we would
check e.g. if "/foo" (i.e. rooted at the file system root) was a
symlink.
Differential Revision: https://phab.mercurial-scm.org/D5361
Martin von Zweigbergk <martinvonz@google.com> [Tue, 04 Dec 2018 08:56:43 -0800] rev 40815
tests: show bad path auditing in in-memory rebase
Thanks to Yuya for providing this test case in
https://bz.mercurial-scm.org/show_bug.cgi?id=5818.
Differential Revision: https://phab.mercurial-scm.org/D5368
Martin von Zweigbergk <martinvonz@google.com> [Tue, 04 Dec 2018 08:55:48 -0800] rev 40814
tests: add a missing "cd .." to test-rebase-inmemory.t
Differential Revision: https://phab.mercurial-scm.org/D5367
Yuya Nishihara <yuya@tcha.org> [Sun, 28 Oct 2018 21:29:04 +0900] rev 40813
rust: fix possible out-of-bounds read through index_get_parents()
index_get_parents() is an internal function, which doesn't check if the
specified rev is valid. If rustlazyancestors() were instantiated with an
invalid stoprev, it would access to invalid memory region.
This is NOT a security fix as there's no Python code triggering the bug,
but included in this series to not give a notion about the memory issue
fixed by the previous patch.
Yuya Nishihara <yuya@tcha.org> [Thu, 01 Nov 2018 20:32:59 +0900] rev 40812
revlog: fix out-of-bounds access by negative parents read from revlog (SEC)
82d6a35cf432 wasn't enough. Several callers don't check negative revisions
but for -1 (nullrev), which would directly lead to out-of-bounds read, and
buffer overflow could follow. RCE might be doable with carefully crafted
revlog structure, though I don't think this would be useful attack surface.
Georges Racinet <gracinet@anybox.fr> [Thu, 29 Nov 2018 09:13:13 +0000] rev 40811
rust: peek_mut optim for lazy ancestors
This is one of the two optimizations that are also
present in the Python code: replacing pairs of pop/push
on the BinaryHeap by single updates, hence having it
under the hood maintain its consistency (sift) only once.
On Mozilla central, the measured gain (see details below)
is around 7%.
Creating the PeekMut object by calling peek_mut() right away
instead of peek() first is less efficient (gain is only 4%, stats
not included).
Our interpretation is that its creation has a cost which is vasted
in the cases where it ends by droping the value (Peekmut::pop()
just does self.heap.pop() anyway). On the other hand, the immutable
peek() is very fast: it's just taking a reference in the
underlying vector.
The Python version still has another optimization:
if parent(current) == current-1, then the heap doesn't need
to maintain its consistency, since we already know that
it's bigger than all the others in the heap.
Rust's BinaryHeap doesn't allow us to mutate its biggest
element with no housekeeping, but we tried it anyway, with a
copy of the BinaryHeap implementation with a dedicaded added
method: it's not worth the technical debt in our opinion
(we measured only a further 1.6% improvement).
One possible explanation would be that the sift is really fast
anyway in that case, whereas it's not in the case of Python,
because it's at least partly done in slow Python code.
Still it's possible that replacing BinaryHeap by something more
dedicated to discrete ordered types could be faster.
Measurements on mozilla-central:
Three runs of 'hg perfancestors' on the parent changeset:
Moyenne des médianes: 0.100587
! wall 0.100062 comb 0.100000 user 0.100000 sys 0.000000 (best of 98)
! wall 0.135804 comb 0.130000 user 0.130000 sys 0.000000 (max of 98)
! wall 0.102864 comb 0.102755 user 0.099286 sys 0.003469 (avg of 98)
! wall 0.101486 comb 0.110000 user 0.110000 sys 0.000000 (median of 98)
! wall 0.096804 comb 0.090000 user 0.090000 sys 0.000000 (best of 100)
! wall 0.132235 comb 0.130000 user 0.120000 sys 0.010000 (max of 100)
! wall 0.100258 comb 0.100300 user 0.096000 sys 0.004300 (avg of 100)
! wall 0.098384 comb 0.100000 user 0.100000 sys 0.000000 (median of 100)
! wall 0.099925 comb 0.100000 user 0.100000 sys 0.000000 (best of 98)
! wall 0.133518 comb 0.140000 user 0.130000 sys 0.010000 (max of 98)
! wall 0.102381 comb 0.102449 user 0.098265 sys 0.004184 (avg of 98)
! wall 0.101891 comb 0.090000 user 0.090000 sys 0.000000 (median of 98)
Mean of the medians: 0.100587
On the present changeset:
! wall 0.091344 comb 0.090000 user 0.090000 sys 0.000000 (best of 100)
! wall 0.122728 comb 0.120000 user 0.110000 sys 0.010000 (max of 100)
! wall 0.093268 comb 0.093300 user 0.089300 sys 0.004000 (avg of 100)
! wall 0.092567 comb 0.100000 user 0.090000 sys 0.010000 (median of 100)
! wall 0.093294 comb 0.080000 user 0.080000 sys 0.000000 (best of 100)
! wall 0.144887 comb 0.150000 user 0.140000 sys 0.010000 (max of 100)
! wall 0.097708 comb 0.097700 user 0.093400 sys 0.004300 (avg of 100)
! wall 0.094980 comb 0.100000 user 0.090000 sys 0.010000 (median of 100)
! wall 0.091262 comb 0.090000 user 0.080000 sys 0.010000 (best of 100)
! wall 0.123772 comb 0.130000 user 0.120000 sys 0.010000 (max of 100)
! wall 0.093188 comb 0.093200 user 0.089300 sys 0.003900 (avg of 100)
! wall 0.092364 comb 0.100000 user 0.090000 sys 0.010000 (median of 100)
Mean of the medians is 0.0933
Differential Revision: https://phab.mercurial-scm.org/D5358
Augie Fackler <augie@google.com> [Mon, 03 Dec 2018 18:07:09 -0500] rev 40810
fuzz: grep away HAVE_GETC_UNLOCKED in pyconfig.h to avoid msan badness
Per discussion with Greg Smith and the patches on
https://bugs.python.org/
issue35214. This, combined with the previous
patch, fixes msan builds on oss-fuzz.
Differential Revision: https://phab.mercurial-scm.org/D5363
Augie Fackler <augie@google.com> [Tue, 13 Nov 2018 09:19:05 -0500] rev 40809
fuzz: more correctly specify CFLAGS and LDFLAGS when building Python
Gets us closer to a working msan build alongside our asan build.
Differential Revision: https://phab.mercurial-scm.org/D5362