Times can be invalid: non-normalized, or negative.
--- /dev/null
+#define DEBUG
+#include <ccan/time/time.h>
+#include <ccan/time/time.c>
+#include <ccan/tap/tap.h>
+#include <unistd.h>
+#include <stdlib.h>
+#include <signal.h>
+#include <sys/types.h>
+#include <sys/wait.h>
+
+/* If we really abort, we don't get coverage info! */
+void abort(void)
+{
+ exit(7);
+}
+
+int main(void)
+{
+ struct timespec t1, t2, t3, zero = { 0, 0 };
+ int fds[2];
+
+ plan_tests(62);
+
+ /* Test time_now */
+ t1 = time_now();
+ t2 = time_now();
+
+ /* Test time_sub. */
+ t3 = time_sub(t2, t1);
+ ok1(t3.tv_sec > 0 || t3.tv_nsec >= 0);
+ t3 = time_sub(t2, t2);
+ ok1(t3.tv_sec == 0 && t3.tv_nsec == 0);
+ t3 = time_sub(t1, t1);
+ ok1(t3.tv_sec == 0 && t3.tv_nsec == 0);
+
+ /* Test time_eq */
+ ok1(time_eq(t1, t1));
+ ok1(time_eq(t2, t2));
+ ok1(!time_eq(t1, t3));
+ ok1(!time_eq(t2, t3));
+
+ /* Make sure t2 > t1. */
+ t3.tv_sec = 0;
+ t3.tv_nsec = 1;
+ t2 = time_add(t2, t3);
+
+ /* Test time_less and time_greater. */
+ ok1(!time_eq(t1, t2));
+ ok1(!time_greater(t1, t2));
+ ok1(time_less(t1, t2));
+ ok1(time_greater(t2, t1));
+ ok1(!time_less(t2, t1));
+ t3.tv_sec = 0;
+ t3.tv_nsec = 999999999;
+ t2 = time_add(t2, t3);
+ ok1(!time_eq(t1, t2));
+ ok1(!time_greater(t1, t2));
+ ok1(time_less(t1, t2));
+ ok1(time_greater(t2, t1));
+ ok1(!time_less(t2, t1));
+
+ t3 = time_sub(t2, zero);
+ ok1(time_eq(t3, t2));
+ t3 = time_sub(t2, t2);
+ ok1(time_eq(t3, zero));
+
+ /* time_from_msec / time_to_msec */
+ t3 = time_from_msec(500);
+ ok1(t3.tv_sec == 0);
+ ok1(t3.tv_nsec == 500000000);
+ ok1(time_to_msec(t3) == 500);
+
+ t3 = time_from_msec(1000);
+ ok1(t3.tv_sec == 1);
+ ok1(t3.tv_nsec == 0);
+ ok1(time_to_msec(t3) == 1000);
+
+ t3 = time_from_msec(1500);
+ ok1(t3.tv_sec == 1);
+ ok1(t3.tv_nsec == 500000000);
+ ok1(time_to_msec(t3) == 1500);
+
+ /* time_from_usec */
+ t3 = time_from_usec(500000);
+ ok1(t3.tv_sec == 0);
+ ok1(t3.tv_nsec == 500000000);
+ ok1(time_to_usec(t3) == 500000);
+
+ t3 = time_from_usec(1000000);
+ ok1(t3.tv_sec == 1);
+ ok1(t3.tv_nsec == 0);
+ ok1(time_to_usec(t3) == 1000000);
+
+ t3 = time_from_usec(1500000);
+ ok1(t3.tv_sec == 1);
+ ok1(t3.tv_nsec == 500000000);
+ ok1(time_to_usec(t3) == 1500000);
+
+ /* time_from_nsec */
+ t3 = time_from_nsec(500000000);
+ ok1(t3.tv_sec == 0);
+ ok1(t3.tv_nsec == 500000000);
+ ok1(time_to_nsec(t3) == 500000000);
+
+ t3 = time_from_nsec(1000000000);
+ ok1(t3.tv_sec == 1);
+ ok1(t3.tv_nsec == 0);
+ ok1(time_to_nsec(t3) == 1000000000);
+
+ t3 = time_from_nsec(1500000000);
+ ok1(t3.tv_sec == 1);
+ ok1(t3.tv_nsec == 500000000);
+ ok1(time_to_nsec(t3) == 1500000000);
+
+ /* Test wrapunder */
+ t3 = time_sub(time_sub(t2, time_from_msec(500)), time_from_msec(500));
+ ok1(t3.tv_sec == t2.tv_sec - 1);
+ ok1(t3.tv_nsec == t2.tv_nsec);
+
+ /* time_divide and time_multiply */
+ t1.tv_nsec = 100;
+ t1.tv_sec = 100;
+
+ t3 = time_divide(t1, 2);
+ ok1(t3.tv_sec == 50);
+ ok1(t3.tv_nsec == 50);
+
+ t3 = time_divide(t1, 100);
+ ok1(t3.tv_sec == 1);
+ ok1(t3.tv_nsec == 1);
+
+ t3 = time_multiply(t3, 100);
+ ok1(time_eq(t3, t1));
+
+ t3 = time_divide(t1, 200);
+ ok1(t3.tv_sec == 0);
+ ok1(t3.tv_nsec == 500000000);
+
+ /* Divide by huge number. */
+ t1.tv_sec = (1U << 31) - 1;
+ t1.tv_nsec = 999999999;
+ t2 = time_divide(t1, 1 << 30);
+ /* Allow us to round either way. */
+ ok1((t2.tv_sec == 2 && t2.tv_nsec == 0)
+ || (t2.tv_sec == 1 && t2.tv_nsec == 999999999));
+
+ /* Multiply by huge number. */
+ t1.tv_sec = 0;
+ t1.tv_nsec = 1;
+ t2 = time_multiply(t1, 1UL << 31);
+ ok1(t2.tv_sec == 2);
+ ok1(t2.tv_nsec == 147483648);
+
+ pipe(fds);
+
+ fflush(stdout);
+ switch (fork()) {
+ case 0:
+ close(fds[0]);
+ dup2(fds[1], 1);
+ dup2(fds[1], 2);
+ t1.tv_sec = 7;
+ t1.tv_nsec = 1000000001;
+ t2 = time_check(t1, NULL);
+ if (t2.tv_sec != 8 || t2.tv_nsec != 1)
+ exit(1);
+ t1.tv_sec = -1;
+ t1.tv_nsec = 5;
+ t2 = time_check(t1, NULL);
+ if (t2.tv_sec != 0 || t2.tv_nsec != 5)
+ exit(1);
+ t1.tv_sec = 8;
+ t1.tv_nsec = 1000000002;
+ /* We expect this to abort! */
+ t2 = time_check(t1, "abortstr");
+ exit(1);
+
+ default: {
+ char readbuf[1024];
+ int r, len = 0;
+
+ close(fds[1]);
+ while ((r = read(fds[0], readbuf + len, 1023 - len)) > 0)
+ len += r;
+ readbuf[len] = '\0';
+ ok1(strcmp(readbuf,
+ "WARNING: malformed time"
+ " 7 seconds 1000000001 ns converted to 8.000000001.\n"
+ "WARNING: malformed time"
+ " -1 seconds 5 ns converted to 0.000000005.\n"
+ "abortstr: malformed time 8.1000000002\n") == 0);
+ ok1(wait(&r) != -1);
+ ok1(WIFEXITED(r));
+ ok1(WEXITSTATUS(r) == 7);
+ }
+ }
+
+ return exit_status();
+}
/* Licensed under BSD-MIT - see LICENSE file for details */
#include <ccan/time/time.h>
#include <stdlib.h>
-#include <assert.h>
+#include <stdio.h>
+
+#ifdef DEBUG
+#include <ccan/str/str.h>
+#define TIME_CHECK(t) time_check((t), __FILE__ ":" stringify(__LINE__))
+#else
+#define TIME_CHECK(t) (t)
+#endif
#if !HAVE_CLOCK_GETTIME && !HAVE_CLOCK_GETTIME_IN_LIBRT
#include <sys/time.h>
gettimeofday(&now, NULL);
ret.tv_sec = now.tv_sec;
ret.tv_nsec = now.tv_usec * 1000;
- return ret;
+ return TIME_CHECK(ret);
}
#else
#include <time.h>
{
struct timespec ret;
clock_gettime(CLOCK_REALTIME, &ret);
- return ret;
+ return TIME_CHECK(ret);
}
#endif /* HAVE_CLOCK_GETTIME || HAVE_CLOCK_GETTIME_IN_LIBRT */
bool time_greater(struct timespec a, struct timespec b)
{
- if (a.tv_sec > b.tv_sec)
+ if (TIME_CHECK(a).tv_sec > TIME_CHECK(b).tv_sec)
return true;
else if (a.tv_sec < b.tv_sec)
return false;
bool time_less(struct timespec a, struct timespec b)
{
- if (a.tv_sec < b.tv_sec)
+ if (TIME_CHECK(a).tv_sec < TIME_CHECK(b).tv_sec)
return true;
else if (a.tv_sec > b.tv_sec)
return false;
bool time_eq(struct timespec a, struct timespec b)
{
- return a.tv_sec == b.tv_sec && a.tv_nsec == b.tv_nsec;
+ return TIME_CHECK(a).tv_sec == TIME_CHECK(b).tv_sec && a.tv_nsec == b.tv_nsec;
}
struct timespec time_sub(struct timespec recent, struct timespec old)
{
struct timespec diff;
- diff.tv_sec = recent.tv_sec - old.tv_sec;
+ diff.tv_sec = TIME_CHECK(recent).tv_sec - TIME_CHECK(old).tv_sec;
if (old.tv_nsec > recent.tv_nsec) {
diff.tv_sec--;
diff.tv_nsec = 1000000000 + recent.tv_nsec - old.tv_nsec;
} else
diff.tv_nsec = recent.tv_nsec - old.tv_nsec;
- assert(diff.tv_sec >= 0);
- return diff;
+ return TIME_CHECK(diff);
}
struct timespec time_add(struct timespec a, struct timespec b)
{
struct timespec sum;
- sum.tv_sec = a.tv_sec + b.tv_sec;
+ sum.tv_sec = TIME_CHECK(a).tv_sec + TIME_CHECK(b).tv_sec;
sum.tv_nsec = a.tv_nsec + b.tv_nsec;
if (sum.tv_nsec >= 1000000000) {
sum.tv_sec++;
sum.tv_nsec -= 1000000000;
}
- return sum;
+ return TIME_CHECK(sum);
}
struct timespec time_divide(struct timespec t, unsigned long div)
uint64_t rem, ns;
/* Dividing seconds is simple. */
- res.tv_sec = t.tv_sec / div;
+ res.tv_sec = TIME_CHECK(t).tv_sec / div;
rem = t.tv_sec % div;
/* If we can't fit remainder * 1,000,000,000 in 64 bits? */
ns = rem * 1000000000 + t.tv_nsec;
res.tv_nsec = ns / div;
}
- return res;
+ return TIME_CHECK(res);
}
struct timespec time_multiply(struct timespec t, unsigned long mult)
res.tv_nsec = nsec % 1000000000;
res.tv_sec = nsec / 1000000000;
}
- res.tv_sec += t.tv_sec * mult;
- return res;
+ res.tv_sec += TIME_CHECK(t).tv_sec * mult;
+ return TIME_CHECK(res);
}
uint64_t time_to_msec(struct timespec t)
{
uint64_t msec;
- msec = t.tv_nsec / 1000000 + (uint64_t)t.tv_sec * 1000;
+ msec = TIME_CHECK(t).tv_nsec / 1000000 + (uint64_t)t.tv_sec * 1000;
return msec;
}
{
uint64_t usec;
- usec = t.tv_nsec / 1000 + (uint64_t)t.tv_sec * 1000000;
+ usec = TIME_CHECK(t).tv_nsec / 1000 + (uint64_t)t.tv_sec * 1000000;
return usec;
}
{
uint64_t nsec;
- nsec = t.tv_nsec + (uint64_t)t.tv_sec * 1000000000;
+ nsec = TIME_CHECK(t).tv_nsec + (uint64_t)t.tv_sec * 1000000000;
return nsec;
}
t.tv_nsec = (msec % 1000) * 1000000;
t.tv_sec = msec / 1000;
- return t;
+ return TIME_CHECK(t);
}
struct timespec time_from_usec(uint64_t usec)
t.tv_nsec = (usec % 1000000) * 1000;
t.tv_sec = usec / 1000000;
- return t;
+ return TIME_CHECK(t);
}
struct timespec time_from_nsec(uint64_t nsec)
t.tv_nsec = nsec % 1000000000;
t.tv_sec = nsec / 1000000000;
+ return TIME_CHECK(t);
+}
+
+struct timespec time_check(struct timespec t, const char *abortstr)
+{
+ if (t.tv_sec < 0 || t.tv_nsec >= 1000000000) {
+ if (abortstr) {
+ fprintf(stderr, "%s: malformed time %li.%09li\n",
+ abortstr,
+ (long)t.tv_sec, (long)t.tv_nsec);
+ abort();
+ } else {
+ struct timespec old = t;
+
+ if (t.tv_nsec >= 1000000000) {
+ t.tv_sec += t.tv_nsec / 1000000000;
+ t.tv_nsec %= 1000000000;
+ }
+ if (t.tv_sec < 0)
+ t.tv_sec = 0;
+
+ fprintf(stderr, "WARNING: malformed time"
+ " %li seconds %li ns converted to %li.%09li.\n",
+ (long)old.tv_sec, (long)old.tv_nsec,
+ (long)t.tv_sec, (long)t.tv_nsec);
+ }
+ }
return t;
}
ts.tv_nsec = tv.tv_usec * 1000;
return ts;
}
+
+/**
+ * time_check - check if a time is malformed.
+ * @in: the time to check (returned)
+ * @abortstr: the string to print to stderr before aborting (if set).
+ *
+ * This can be used to make sure a time isn't negative and doesn't
+ * have a tv_nsec >= 1000000000. If it is, and @abortstr is non-NULL,
+ * that will be printed and abort() is called. Otherwise, if
+ * @abortstr is NULL then the returned timespec will be normalized and
+ * tv_sec set to 0 if it was negative.
+ *
+ * Note that if ccan/time is compiled with DEBUG, then it will call this
+ * for all passed and returned times.
+ *
+ * Example:
+ * printf("Now is %lu seconds since epoch\n",
+ * (long)time_check(time_now(), "time_now() failed?").tv_sec);
+ */
+struct timespec time_check(struct timespec in, const char *abortstr);
+
#endif /* CCAN_TIME_H */
projects / ccan / commitdiff