Rusty Russell [Tue, 1 Mar 2011 12:49:19 +0000 (23:19 +1030)]
tdb2: rework hash.c functions to return enum TDB_ERROR.
This time we have to use our tri-value "tdb_bool_err" type to indicate
true, false, or error, which now allows us to correctly handle errors
in key matching (rather than treating it as a non-match).
Rusty Russell [Tue, 1 Mar 2011 12:49:19 +0000 (23:19 +1030)]
tdb2: rework some io.c functions to encode errors in their pointer returns.
This causes a subtle enhancement in tdb_direct(): it previously
returned NULL on both "can't use direct access" or "some error
occurred", as the caller always uses read/write functions as a
fallback anyway. Now we distinguish the error case.
Rusty Russell [Tue, 1 Mar 2011 12:49:19 +0000 (23:19 +1030)]
tdb2: rework io functions to return enum TDB_ERROR.
We have a series of I/O functions which change depending on whether we're
inside a transaction or not. This makes them return enum TDB_ERROR instead
of int.
Rusty Russell [Tue, 1 Mar 2011 12:49:19 +0000 (23:19 +1030)]
tdb2: restore file filling code.
This snuck in fe55330a which added the stats attribute. Without it,
TDB works but is vulnerable to segmenation faults or write errors when
disk is exhausted.
Rusty Russell [Tue, 1 Mar 2011 12:49:19 +0000 (23:19 +1030)]
tdb2: Internal error helpers.
I use the "high pointers hold error numbers" trick, and also make
tdb_logerr return the error code, which enables the common case of
"return tdb_logerr(...)".
Rusty Russell [Tue, 1 Mar 2011 12:49:20 +0000 (23:19 +1030)]
tdb2: simplify logging levels, rename TDB_DEBUG_* to TDB_LOG_*
It was never clear to me which levels should be used for what cases.
I can only usefully distinguish three at the moment:
(1) TDB errors, which render the TDB unreliable.
(2) TDB user errors, caused by API misuse.
(3) TDB notifications of strange behaviour, from which we have recovered.
Rusty Russell [Tue, 1 Mar 2011 12:49:20 +0000 (23:19 +1030)]
tdb2: use failtest for opening and checking database.
This is a fairly sophisticated use of failtest:
1) There are a few places where we can inject failures without revealing it
at the API level, eg. opening /dev/urandom, or allocation failure in logging.
2) We want to be sure that (almost) all failures cause a message to be logged.
3) We need to exit as soon as possible when a failure is injected, to avoid
combinatorial explosion.
4) We don't want to simply exit on any log message, since we want to be sure
that cleanup happens.
This test found four different bugs failure paths. Erk!
Rusty Russell [Tue, 1 Mar 2011 07:20:32 +0000 (17:50 +1030)]
ccanlint: check for #ifdef
Old habits die hard; it's better to use #if <FEATURE> than #ifdef <FEATURE>;
they're similar, because undefined identifiers evaluate to zero, but with
GCC's -Wundef flag you can detect mis-spelled or missing features with
#if.
autoconf-style config.h leave unset features undefined, so this works for
those config.h too.
Rusty Russell [Tue, 1 Mar 2011 07:18:11 +0000 (17:48 +1030)]
ccanlint: create reduce-feature config.h
A common mistake is not to try compiling with features disabled in
config.h. The ideal case would determine how features interact and
test all combinations of them: this simply disables any features
mentioned in the code which were previously enabled.
Rusty Russell [Tue, 1 Mar 2011 05:31:20 +0000 (16:01 +1030)]
ccanlint: handle weird directories.
David Gibson reports (and I confirmed) that running ccanlint in /tmp
causes an very uninformative segv. Fix that, and add a more useful message,
as well as delaying recursing until we're confident there's code around.
Rusty Russell [Thu, 24 Feb 2011 02:50:01 +0000 (13:20 +1030)]
ccanlint: fix more potential segvs when reporting ccanlint errors.
When I changed score_file_error() to printf-style, I didn't audit all
the callers who were handing string literals. I've finally done that;
I should have broken the compile by renaming it.
Rusty fails refactoring 101. Reported-by: Andreas Schlick
Joey Adams [Sat, 19 Feb 2011 10:36:14 +0000 (05:36 -0500)]
darray: Renamed array module to darray and made several improvements.
* Removed talloc support.
* Added a synopsis and rearranged macro definitions.
* Switched allocation strategy from increments of 64 to powers of 2.
* Replaced array_for and array_rof with the more useful
and portable macros array_foreach and array_foreach_reverse.
* Added typedefs array_* for common types.
Rusty Russell [Tue, 15 Feb 2011 13:01:29 +0000 (23:31 +1030)]
failtest: hook can return FAIL_PROBE
tdb2 has various places where it recovers from failure (eg. falling
back when it can't open /dev/urandom, or allocation for error
logging). We want to test those paths, but doing so thoroughly causes
cominatorial explosion.
Add FAIL_PROBE for such cases: in this case it goes only 3 more calls
deep.
Rusty Russell [Tue, 15 Feb 2011 12:55:03 +0000 (23:25 +1030)]
failtest: don't insist parents and children write the same thing to files.
We insist they write the same things to pipes, since we can't "undo" them,
but strictly speaking we don't care if they write different things into
files.
Rusty Russell [Tue, 15 Feb 2011 12:53:16 +0000 (23:23 +1030)]
failtest: save entire file contents.
The idea of saving files as we do writes doesn't work with mmap: this just
saves the entire contents of all open files before forking child, and
restores them afterwards.
Rusty Russell [Tue, 15 Feb 2011 12:51:42 +0000 (23:21 +1030)]
failtest: generic cleanup hooks
Each function in the history stores a cleanup function, rather than storing
extra structures. In particular, we save writes and file offsets using
this.
Sam Vilain [Tue, 22 Feb 2011 04:56:36 +0000 (15:26 +1030)]
net: fix tests on hosts where 'localhost' is v4 _and_ v6
If 'localhost' exists in /etc/hosts with a v4 and a v6 address, the hack
which joins two addrinfo entries together is not necessary. Detect to see
if 'localhost' returned a v6 address, and if so, just return the single
linked list result from getaddrinfo()
(Reworked by Rusty Russell) Signed-off-by: Sam Vilain <sam@vilain.net>
Joel Stanley [Mon, 7 Feb 2011 04:06:15 +0000 (14:36 +1030)]
opt: Fix -Wmissing-field-initializers warning
OPT_ENDTABLE does not initalise all the elements in stuct opt_table.
When compliling with -Wextra -Wmissing-field-initializers is enabled,
which produces the following warning:
iviewiir.c:299:9: error: missing field 'cb' initializer
[-Wmissing-field-initializers]
OPT_ENDTABLE
^
In file included from iviewiir.c:12:
./ccan/opt/opt.h:82:38: note: instantiated from:
#define OPT_ENDTABLE { NULL, OPT_END }
^
By changing the definition of OPT_ENDTABLE to initalise all 7 elements
of struct opt_table, the warning is silenced.