Refactor IOBuffer code #57570
Refactor IOBuffer code #57570
Conversation
jakobnissen
force-pushed
the
iobuffer
branch
from
34340d4 to
033e2d4
Compare
base/iobuffer.jl
Outdated
| @@ -329,6 +404,7 @@ function _resize!(io::GenericIOBuffer, sz::Int) | |||
| a = io.data | |||
| offset = io.offset | |||
| if applicable(resize!, a, sz) | |||
| # TODO: This is buggy: The buffer should never touch data before the offset. | |||
There was a problem hiding this comment.
This seems like you're claiming something as a bug which was never part of the contract. When using an IOBuffer with writing (especially if a resize is needed), it is allowed to destroy the underlying object to make more space
There was a problem hiding this comment.
That is good to know - adding the comments is precisely to learn what is part of the contract! Okay, so the IOBuffer takes ownership of its underlying array - and, in the case of being passed a Vector, it then transitively takes control of the underlying Memory.
base/iobuffer.jl
Outdated
|
|
||
| # Data is read/written from/to ptr, except in situations where append is true, in which case | ||
| # data is still read from ptr, but written to size+1. | ||
| # This value is alwaus in offset+1 : size+1 |
There was a problem hiding this comment.
This is actually a bug in the current implementation. The ptr is not supposed to be restricted to be inside the file size, and any calls to write that happen should then automatically zero-pad the file from size:ptr (https://pubs.opengroup.org/onlinepubs/009695399/functions/lseek.html)
There was a problem hiding this comment.
Hmm how does that work? Would the user have to seek first to beyond size? That doesn't correspond to how seek normally works in Julia: Normally, you can't seek beyond the filesize. Should that be allowed? Then what happens if the user seeks beyond lastindex(buffer.data)?
There was a problem hiding this comment.
How is it supposed to work with IOStream? What file should the following script create?
f = open("/tmp/foo", "w+")
write(f, "abcd")
flush(f)
seek(f, 10)
write(f, 'a')
flush(f)
close(f)
jakobnissen
force-pushed
the
iobuffer
branch
2 times, most recently
from
21008ca to
7274c10
Compare
jakobnissen
added
the
status: waiting for PR reviewer
|
Let's stop the PR here - tests pass, the most pressing issues has been addressed, and it's already a fairly large (too large?) PR. I'll make a followup PR with some more tests and a few more optimisations and bugfixes after this is merged and I get code coverage. |
|
Adding @nhz2 because you've been a thorough reviewer on previous IO related PRs. Feel free to unassign yourself. |
base/iobuffer.jl
Outdated
| buf.size = length(data) + offset | ||
| buf.offset = offset | ||
| if !iszero(offset) | ||
| unsafe_copyto!(mem, 1, mem, offset+1, len) |
There was a problem hiding this comment.
I think it is safe for src and dst to alias here, but from what I can tell the alias behavior of unsafe_copyto! is not documented.
There was a problem hiding this comment.
It's safe, yes. Not documented, but I think that may be beyond the scope of this PR. Except if you suggest handling it another way?
| # Data is read/written from/to ptr, except in situations where append is true, in which case | ||
| # data is still read from ptr, but written to size+1. | ||
| # This value is always in 1 : size+1 | ||
| ptr::Int |
There was a problem hiding this comment.
I wonder if we could make this a MemoryRef If possible, doing so might save a few cycles.
There was a problem hiding this comment.
That can't be done, because a MemoryRef can't point to one past the end, which ptr needs to do to signal EOF
There was a problem hiding this comment.
Oscar seems probably right that we could replace the Memory+offset fields with a single MemoryRef field, since that may express almost the same concept
There was a problem hiding this comment.
That would require a new struct which is not generic over the array type. Otherwise I can try to give it a go.
|
The removal of offset is a breaking change and performance regression. That probably shouldn't be mixed in with a PR that claims to be just bug fixes and refactoring for clarity |
|
I would argue against it being a performance regression, but surely, it's not a breaking change. How is it breaking to remove a non-documented field of a struct? One which was added only in the current release? Which documented behaviour does that break? Edit: I see it now. The documentation says that the buffer only controls any input array if write is true. |
|
|
||
| # Position is zero-indexed, but ptr is one-indexed, hence the -1 | ||
| # TODO: Document that position for an unseekable stream is invalid, or | ||
| # make it error | ||
| position(io::GenericIOBuffer) = io.ptr - io.offset - 1 |
There was a problem hiding this comment.
mark returns the "marked position" of the stream, so erroring will also make mark error.
|
Thanks for the review. All comments has now been addressed (except the one about endianness which I don't understand) |
|
The build failure (segfault) on 32-bit linux looks unrelated. |
|
Bump. This is done now - a few people have reviewed it, but none have approved. It would be nice to get this in early in 1.13's cycle, so any bugs are detected early. Once this PR has landed, and #57668 has been fixed, I can make a followup PR to get test coverage closer to 100% |
This allows e.g. reading from an IOBuffer backed by a UnitRange or whatever.
* For non-memory backed buffers, do not use invalid inbounds. * For memory-backed buffers, use unsafe_copyto!, which is much faster
Use the existing implementation of in directly with the buffer. This should already be fast
This fixes a bug introduced somewhere earlier in this chain of commits. However, the previous behaviour wasn't great either. In the changed code, correctness relied on the buffer having very specific resizing behaviour, i.e. a mercurial implementation detail. The current solution is more robust. However: 1. This workaround copies the data one extra time, which is not great 2. It's possible that the bug surfaced here due to another bug in the resizing behaviour. However, if so, I haven't been able to find it.
* Outline slow path in ensureoom. * Do not uses memcpy when writing short arrays
This is due to some sketchy behaviour by some other code which relies on IOBuffer internals, but shouldn't.
Before Julia 1.11, observing uninit bitstypes was UB. Now, it's no longer UB, so no need.
Also test the behaviour that depends on this field
Only copy the used bytes, not unreachable bytes.
* Remove unsafe trait objects, to avoid adding private methods to public functions * Remove a superfluous style change
jakobnissen
added
status: waiting for author
Since it needs to write all its content, this would cause an infinite loop, exhausing all memory. Throw an error instead.
This makes the method write(::IOBuffer, ::IOBuffer) work like the generic fallback.
I've been a little frustrated with the IOBuffer code. It contains a whole bunch of implicit invariants, and is poorly commented. It also has several bugs that ultimately stems from the code being unclear about its own assumptions.
This is a refactoring of IOBuffer. The primary goals are:
The secondary goals are
This is a purely internal refactoring with be no change in behaviour of
IOBuffer, except straight up bugfixes. However, note that previous code may have relied on buggy behaviour. Fixing bugs may therefore cause breakage.Current changes
BEHAVIOUR CHANGES
IOBuffer(b"abc"; maxsize=2). I consider this a bugfix. It should not be possible to construct an IOBuffer with a buffersize larger thanmaxsize.maxindex, which could trigger a bug causing data loss. The bug has been fixed, but as a result, some IOBuffers may reach full capacity faster (really: reach it at the correct point), changing writing behaviour.Bugfixes
take!copylineon a non-appending buffermaxsizeeven aftertake!(fix IOBuffer does not respect maxsize after the first take! #57549)truncatemay throw a wrong BoundsErrortruncate=falsemakes it contain the full bufferChanges to brittle code
PipeBufferbehaviour, which did not respect writable IOBuffer's ownership of their buffer and therefore failed spuriouslyPerformance improvements
Closes #57549