Merge branch 'maint' This fixes two old bugs related to signal handling which bite only rarely. But if they do, it hurts plenty. * maint: server: Fix race condition in com_stat(). server: Avoid deadlock in daemon_log().
server: Avoid deadlock in daemon_log(). Currently both the generic signal handler in signal.c and the signal handler for the stat command handler in command.c call daemon_log() via PARA_EMERG_LOG(). This is problematic because daemon_log() takes the log mutex and the signal might arrive while daemon_log() is executing. If this race condition is hit, the process deadlocks because daemon_log() tries to acquire a mutex which it already holds. All three types of server processes (main, afs and command handler) are susceptible to this bug, but regardless of which process happens to hit the race window, the server process hangs waiting on the mutex, and no longer accepts connections. Fix this by removing the problematic log call in the generic case and by printing it out of interrupt context in the command handler case. This bug was introduced together with the log mutex five years ago. Fixes: ced0c17d1a3ee0336dc7b35e69faff131dabecac
Merge topic branch t/overflow into master This series implements a new memory allocation API which checks for overflows. The first part of the series just renames the main allocation functions. Later patches in the series implement allocators which take two size_t arguments (like calloc(3)) and check whether the multiplication overflows by employing the __builtin_mul_overflow() primitive supported by gcc and clang. This requires us to bump the lowest supported gcc and clang version. * refs/heads/t/overflow: build: Compile with -ftrapv. string: Introduce arr_zalloc(). string: Introduce arr_alloc(). string: Introduce arr_realloc() and check for integer overflow. string: Rename para_calloc() -> zalloc(). string: Rename para_malloc() -> alloc(). string: Overhaul para_strdup().
Misc documentation cleanups related to select(). Assorted comment cleanups which avoid to talk about select(2) and fd sets. No code changes.
fd: Drop fd_set parameter from read_nonblock() and friends. This parameter is not necessary because its only purpose is to avoid the readv(2) system call in case it would likely return EAGAIN because we just called select(2) which reported that there is no data to read. Since the parameter is an obstacle for the conversion of the code base from select(2) to poll(2), get rid of it for the time being. If needed we can add back an equivalent optimization which checks for POLLIN after the conversion.
string: Rename para_calloc() -> zalloc(). Reword the documentation a bit since the function has never been a wrapper for calloc(3). No code changes.
Shorten copyright notice. The GPLv2 line does not add any additional information, so drop it. This leaves a single line of legalese text for most files, which is about the amount of screen real estate it deserves. This patch was created with the following script (plus some manual fixups): awk '{ if (NR <= 5) { gs = gensub(/.*Copyright.* ([0-9]+).*Andre Noll.*/, "\\1", "g") if (gs != $0) year = gs next } if (NR == 6 && year != "") printf("/* Copyright (C) %s Andre Noll <maan@tuebingen.mpg.de>, see file COPYING. */\n", year) print }'
Improve documentation of signal_init_or_die(). Prefix the reference to para_install_sighandler() with \ref to make sure doxygen warns if the reference becomes stale, and fix the man section of exit(): it is not a system call (but _exit() is).
Improve signal init and shutdown. Currently all users of the signal subsystem define their own signal_task structure and initialize the ->fd field from the return value of para_signal_init(). It is more natural to let the signal subsystem perform the allocation and the initialization. This commit renames para_signal_init() to signal_init_or_die() and changes the function to allocate, initialize and return a signal task structure (rather than only the file descriptor of the signal pipe as para_signal_init() did). Similarly, para_signal_shutdown() is renamed to signal_shutdown() and now takes a pointer to the signal_task structure which was obtained in an earlier call to signal_init_or_die(), and frees it. Conversion of all users is straight forward. The patch also adds a missing call to signal_shutdown() to audiod.c, closing an fd leak.
Update year in copyright headers. Done with files=$(git grep -l 'Copyright (C) [0-9]\{4\}\(-2014\)* Andre Noll') sed --in-place= -e 's/Copyright (C) \([0-9]\{4\}\)-2014 Andre Noll/Copyright (C) \1 Andre Noll/1' $files In previous years we ran a similar script to set the second year in the range to the current year. This is kind of silly, so let's get rid of this useless information. This commit replaces "Copyright (C) A-B" by "Copyright (C) A" in all file headers, i.e. only the first year (A) is left in. Accurate information including time stamps for each change can be obtained from the git history.
doc: Change email address to maan@tuebingen.mpg.de The mail server on systemlinux.org was down for more than a week lately, so let's use an alternative official address. This commit changes all maan@systemlinux.org addresses to maan@tuebingen.mpg.de. Most .c and .h files contain the email address in the copyright header, so they must all be patched. Three other files contain the address for a different reason: * README lists email and git, gitweb and home page URLs * configure.ac needs it for configure -h * version.c contains it for the -V option of all commands
Change copyright year to 2014. This year, we're really on time. The changes in this patch were created by the following silly script: files=$(git grep -l 'Copyright (C) [0-9]\{4\}\(-2013\)* Andre Noll') sed --in-place= -e 's/Copyright (C) \([0-9]\{4\}\)-2013 Andre Noll/Copyright (C) \1-2014 Andre Noll/1' $files sed --in-place= -e 's/Copyright (C) 2013 Andre Noll/Copyright (C) 2013-2014 Andre Noll/1' $files
Add some missing includes. Letting .c files include their "own" header file guarantees that the declaration in the header file stays in sync with the definition. Eventually we may even enable gcc's -Wmissing-declarations, but we're not there yet, mainly due to command handlers, init functions and completers. Note that including signal.h in signal.c required two other includes since the header file defines a task structure.
Change copyright year to 2013. Better late than never.
signal: Restore errno on exit from signal handler. This probably is not necessary since generic_signal_handler() calls exit(3) if the write to the signal pipe fails. However, nobody is going to stop write(2) from setting errno also on success, so let's play safe and always restore its value on exit.
signal: Improve documentation of para_signal_init(). para_signal_init() does not install any signal handlers, so this part of the documentation is incorrect. The patch fixes this flaw, mentions which end of the signal pipe is returned to the caller and improves the wording a bit.
Change year in copyright message to 2012.
server: Kill temporary SIGCHLD handler. During startup, para_server sets up a temporary signal handler for SIGCHLD in order to notice if the afs child process terminates immediately (doing the signal setup after the fork would be too late). This patch makes it block this signal during this period instead. This works equally well and it fixes a weird problem on Mac OS where the temporary SIGCHLD handler was executed although it had been replaced by the generic signal handler of signal.c.
Trivial: Fix typo in documentation of para_next_signal().
Remove some unnecessary includes. This gets rid of quite some inclusions of <dirent.h> which are not needed as most .c files do not deal with directories at all. afs.c doe not mmap anything and needs nothing from sys/time.h so remove these includes as well.