To enable -O2 compilation we have to disable some optimizations:
- strict-aliasing (TODO: introduce required unions to enable this)
- aggressive-loop-optimizations
- array-bounds
Affected builds are
- sys/src/cmd/dossrv/build.json
- sys/src/cmd/ip/build.json
- sys/src/lib/authsrv/build.json
- sys/src/lib/memdraw/build.json
With this commit all functions declared in libc.h have been renamed
with the "jehanne_" prefix. This is done for several reason:
- it removes conflicts during symbol resolution when linking
standard C libraries like newlib or musl
- it allows programs depending on a standard C library to directly
link to a library depending on our non standard libc (eg libsec).
To ease transiction two files are provided:
- sys/include/lib9.h that can be included instead of <libc.h> to use
the old names (via a simple set of macros)
- sys/src/lib/c/lib9.c that can be compiled with a program where the
macro provided by lib9.h are too dumb (see for example rc or grep).
In the kernel port/lib.h has been modified accordingly and some of
the functions it directly provides has been renamed too (eg malloc
in qmalloc.c and print in devcons.c).
These new implementations
- do several validity check on input parameters
- allow a bit larger variable names (127 bytes, aka sizeof(Proc.genbuf)-1)
- preserve nulls in the content (the original version used to replace
'\0' with ' '). I can't see why they did, actually.
See also http://marc.info/?l=9fans&m=148475801229908&w=2
Should also fix CID 155718
According to http://man.cat-v.org/9front/2/mp mptole either take p or pp:
> Mptobe and mptole convert an mpint to a byte array. The
> former creates a big endian representation, the latter a
> little endian one. If the destination buf is not nil, it
> specifies the buffer of length blen for the result. If the
> representation is less than blen bytes, the rest of the
> buffer is zero filled. **If buf is nil**, then a buffer is
> allocated and a pointer to it is deposited in the location
> pointed to by **bufp**. Sign is ignored in these conversions,
> i.e., the byte array version is always positive.
Assert accordingly.
As noted ty Cinap Lenrek Finished.n is only set by setVersion and can only
be either 0 before setVersion() as emalloc() zeros the TlsConnection struct
or SSL3FinishedLen/TLSFinishedLen after when we got the client/server hello.
Introducing FinishedLength enum we make the domain of the field explicit.
CID 49221 (#1 of 1): Identical code for different branches (IDENTICAL_BRANCHES)
identical_branches: The same code is executed when the condition p == NULL is true or false, because the code in the if-then branch and after the if statement is identical. Should the if statement be removed?
In aesXCBCmac fix (potential) out of bound write in padding.
CID 155904 (#1 of 1): Out-of-bounds write (OVERRUN)
7. overrun-local: Overrunning array of 16 bytes at byte offset 16 by dereferencing pointer p2++.
CID 155910 (#1 of 1): Out-of-bounds access (OVERRUN)1.
overrun-buffer-val: Overrunning buffer pointed to by key of 7 bytes by passing it to a function which accesses it at byte offset 63.
In Plan9 the create syscall fallback on a open(OTRUNC) if the
path provided already exists. This is actually a common requirement
as most programs (editors, cat...) simply requires that a file is
there and is empty, and doesn't care overwriting existing contents
(note that this is particularily sensible with something like fossil).
In Jehanne the application is responsible of actually handle this
"file exists" error but libc provides ocreate() to mimic the Plan9
behaviour. Note that ocreate introduce a subtle race too: the path
is walked several times if the file exists, thus it could misbehave
on concurrent namespace changes. However I guess this is not going to
happen often enough to care now.
NOTE we will probably address this rare race too, with a more drammatic change
to syscalls: a new walk() syscall that will provide an unopen fd.
Added wdir to devself and devproc:
- read '#0/wdir' to get the working directory of the calling process
NOTE that a read(fd, nil, -1) will return the negated length
of the working directory, just in case you want to
allocate the memory required
- read '/proc/n/wdir' to know the working directory of process n
(read(fd, nil, -1) still returns the negated length)
- write '#0/wdir' to change the working directory of the calling process
NOTE: no offset is allowed and the provided string must
be null terminated
- write '/proc/n/wdir' to change the working directory of process n
NOTE: no offset is allowed and the provided string must
be null terminated; moreover if another process change the working
directory change during the write, the current process will
receive an error.
In libc updated getwd() and chdir().
Also modified pwd to get advantage of the new file.
To test, run /arch/amd64/qa/kern/wdir.rc or simply try
% pwd
/usr/glenda
% echo -n /tmp > /proc/$pid/wdir
% pwd
/tmp
% cat '#0/wdir' && echo
/tmp
The expected use cases for wdir in devproc are rio and acme.
Also, note that we could theoretically remove the cd builtin
from rc and simply implement it as a rc function.
We don't do that to preserve rc portability to other OS.
Devself provides to each process access to its own structures.
So far it contains four files:
- pid
- ppid
- pipes used to implement pipe(2)
- segments used to implement segattach, segdetach and segfree
Jehanne is going to use a new file protocol, but Plan 9 is really
coupled with 9P2000.
Renamed fcall.h as 9P2000.h and introduced specific constants such
as NP_OREAD, NP_OWRITE and so on, so that we can use different values
in the kernel and new protocol.
Renamed devmnt to devninep, since it's actually a device serving 9P2000
file systems.
Also, fixed 9P2000 support in Jehanne, that was broken with the introduction
of OSTAT.