To enable -O2 compilation we have to disable some optimizations:
- strict-aliasing (TODO: introduce required unions to enable this)
- aggressive-loop-optimizations
- array-bounds
Affected builds are
- sys/src/cmd/dossrv/build.json
- sys/src/cmd/ip/build.json
- sys/src/lib/authsrv/build.json
- sys/src/lib/memdraw/build.json
This way sleep() knows that it should not interrupt the process
to serve awake().
Also rename Proc.insyscall to Proc.inkernel since that's the meaning
of the flag, which is only read to serve awake()'s mechanics and
to accounttime(). Indeed faultAmd64 was setting insyscall to 1.
The "write on closed pipe" note should be posted only
if the write occurred on a closed pipe.
Before this fix, on any interrupt caused the note to be sent,
despite the pipe being open and fully working.
Awake can now interrupt several blocking syscalls (even
during note handling).
Among others, it can interrupt await, pread and pwrite.
It cannot interrupt several others for different reasons:
- awake cannot be interrupted by awake;
- syscalls like remove and create can be used for kernel comunication
and it would be hard to know if the effect occurred in the
receiving fs if they were interrupted;
- other syscalls do not need awake since they just provide access
to kernel infos (eg seek or fd2path)
NOTE: awakes registered before a note cannot occur during the note
handling and will be deferred till the next call to noted.
With this commit all functions declared in libc.h have been renamed
with the "jehanne_" prefix. This is done for several reason:
- it removes conflicts during symbol resolution when linking
standard C libraries like newlib or musl
- it allows programs depending on a standard C library to directly
link to a library depending on our non standard libc (eg libsec).
To ease transiction two files are provided:
- sys/include/lib9.h that can be included instead of <libc.h> to use
the old names (via a simple set of macros)
- sys/src/lib/c/lib9.c that can be compiled with a program where the
macro provided by lib9.h are too dumb (see for example rc or grep).
In the kernel port/lib.h has been modified accordingly and some of
the functions it directly provides has been renamed too (eg malloc
in qmalloc.c and print in devcons.c).
These new implementations
- do several validity check on input parameters
- allow a bit larger variable names (127 bytes, aka sizeof(Proc.genbuf)-1)
- preserve nulls in the content (the original version used to replace
'\0' with ' '). I can't see why they did, actually.
See also http://marc.info/?l=9fans&m=148475801229908&w=2
Should also fix CID 155718
According to http://man.cat-v.org/9front/2/mp mptole either take p or pp:
> Mptobe and mptole convert an mpint to a byte array. The
> former creates a big endian representation, the latter a
> little endian one. If the destination buf is not nil, it
> specifies the buffer of length blen for the result. If the
> representation is less than blen bytes, the rest of the
> buffer is zero filled. **If buf is nil**, then a buffer is
> allocated and a pointer to it is deposited in the location
> pointed to by **bufp**. Sign is ignored in these conversions,
> i.e., the byte array version is always positive.
Assert accordingly.
As noted ty Cinap Lenrek Finished.n is only set by setVersion and can only
be either 0 before setVersion() as emalloc() zeros the TlsConnection struct
or SSL3FinishedLen/TLSFinishedLen after when we got the client/server hello.
Introducing FinishedLength enum we make the domain of the field explicit.
CID 49221 (#1 of 1): Identical code for different branches (IDENTICAL_BRANCHES)
identical_branches: The same code is executed when the condition p == NULL is true or false, because the code in the if-then branch and after the if statement is identical. Should the if statement be removed?
In aesXCBCmac fix (potential) out of bound write in padding.
CID 155904 (#1 of 1): Out-of-bounds write (OVERRUN)
7. overrun-local: Overrunning array of 16 bytes at byte offset 16 by dereferencing pointer p2++.
CID 155471 (#1 of 1): Buffer not null terminated (BUFFER_SIZE_WARNING)67.
buffer_size_warning: Calling strncpy with a maximum size argument of 256 bytes on destination array envcopy of size 256 bytes might leave the destination string unterminated.
CID 155910 (#1 of 1): Out-of-bounds access (OVERRUN)1.
overrun-buffer-val: Overrunning buffer pointed to by key of 7 bytes by passing it to a function which accesses it at byte offset 63.
OREAD and OWRITE are used as array indexes assuming that OREAD was zero
and OWRITE was one. Thus each related allocation reserved just 2 slot and
even Ep struct in usb.h reserved just 2 int for toggles.
Since OREAD is now 1 and OWRITE is 2 we have to allocate/reserve 3 slot
as long as we use them as array indexes (which we could change in the future).
Unfortunately this means we waste the index zero in those arrays that will
always be unused. This also means that, to loop in such arrays we must begin
with OREAD as index zero is always empty.
PRO-MEMORIA: if/when we introduce the walk() syscall, OSTAT might turn useless.
In that case we might remove it and thus consider to move back OREAD/OWRITE
to 0/1 respectively (which might or might not be a good idea, to be analyzed).
Giacomo Tesio