- 29 Aug, 2017 3 commits
-
-
Damien Grassart authored
The memmove() call should be using the index argument to determine the number of bytes to copy. To be consistent with the rest of the code, we should also not evaluate the index parameter multiple times. Calling this with rand() % arr.size would otherwise generally segfault. Finally, we want to avoid using "index" as an identifier so as to not shadow index(3) in the C library. Signed-off-by: Damien Grassart <damien@grassart.com> Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
-
Damien Grassart authored
Identifiers starting with underscores are technically reserved for system use, so rename all of them to end with one instead. Signed-off-by: Damien Grassart <damien@grassart.com> Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
-
Damien Grassart authored
This module currently supports removing but not inserting at a specified index, so this adds that along with some tests. Inserting a value moves all existing data beyond index over one element. Signed-off-by: Damien Grassart <damien@grassart.com> Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
-
- 15 Aug, 2017 2 commits
-
-
Rusty Russell authored
You can use SHACHAIN_BITS to contrain the size. Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
-
Rusty Russell authored
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
-
- 23 Jul, 2017 4 commits
-
-
David Gibson authored
TCON() uses flexible-array members which aren't allowed in the middle of structures, except as a gcc extension. TCON_WRAP() avoids this and so is more portable. This doesn't change the objset interface, only its internals. Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
-
David Gibson authored
TCON() uses flexible-array members which aren't allowed in the middle of structures, except as a gcc extension. TCON_WRAP() avoids this and so is more portable. This doesn't change the jmap interface, only its internals. Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
-
David Gibson authored
TCON() uses flexible-array members which aren't allowed in the middle of structures, except as a gcc extension. TCON_WRAP() avoids this and so is more portable. This doesn't change the jset interface, only its internals. Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
-
David Gibson authored
TCON() uses flexible-array members which aren't allowed in the middle of structures, except as a gcc extension. TCON_WRAP() avoids this and so is more portable. This doesn't change the tlist interface, only its internals. Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
-
- 27 Jun, 2017 1 commit
-
-
Rusty Russell authored
It's a common thing to want to do, so add helper here. Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
-
- 16 Jun, 2017 1 commit
-
-
Rusty Russell authored
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
-
- 31 May, 2017 1 commit
-
-
Rusty Russell authored
If we're duplex and one io_always callback makes the other io_always, we screwed up and hit an assertion later when the conn was in the always list but didn't actually want to be. io_wake() uses io_always(), so this is how it happened. Writing a test case for this was a bit fun, too. Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
-
- 05 Apr, 2017 6 commits
-
-
David Gibson authored
At this point the construction of the function above means that nn cannot be NULL. Found by Coverity Scan. Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
-
David Gibson authored
make_listen_fd() didn't check for failure of setsockopt(). There's no real reason not to, since we have an obvious way to report an error to the caller. Found with Coverity Scan. Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
-
David Gibson authored
options_avail and options_used get freed, but options does not. Found by Coverity scan. Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
-
David Gibson authored
struct ripemd160_ctx has a union for converting between u8[] and u32[] data. Unfortunately the u32 array has a miscalculated size, half the size of the u8 array. That means some accesses which are within the union can technically overrun the u32 array. Found by Coverity scan. Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
-
David Gibson authored
compile_info() can leak an open file descriptor write_all() fails. This corrects it. Found by Coverity. Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
-
David Gibson authored
Somewhat ironically, a path in failtest related to detecting leaks in the tested program itself leaks memory. This corrects it. Detected by Coverity. Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
-
- 03 Apr, 2017 2 commits
-
-
Rusty Russell authored
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
-
Rusty Russell authored
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
-
- 31 Mar, 2017 4 commits
-
-
David Gibson authored
This corrects several places in ccan where stdarg.h is used but there is a missing va_end(). You can get away with this on many platforms, but not all. Caught by Coverity scan. Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
-
David Gibson authored
lbalance uses the tlist module. tlist causes compile warnings on clang if you're not careful, because it can put 0 length arrays in the middle of structures. tlist2 doesn't have the problem, and also has a slightly cleaner interface. Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
-
David Gibson authored
tools/ccanlint/async.c uses kill(2), but doesn't include the signal.h header it comes from. One some platforms we get away with this via indirect includes, but not on all. Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
-
David Gibson authored
tools/manifest.c uses asort(), but the asort module is not in TOOLS_CCAN_MODULES. That causes compile failures on some platforms, so correct it. Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
-
- 15 Mar, 2017 4 commits
-
-
Rusty Russell authored
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
-
Rusty Russell authored
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
-
Rusty Russell authored
commit 25b7406d tried to make the tests depend on the info file, but that broke .fast.ok, which used the same pattern: %.ok: $(LINT) %info This is what happens when you're too tricky! Simply duplicate the rule, and change .fast.ok to .fast-ok so it doesn't match both. Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
-
Rusty Russell authored
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
-
- 14 Mar, 2017 3 commits
-
-
Rusty Russell authored
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
-
Rusty Russell authored
This is needed for emergency handling in lightningd: we want to output a (fatal) error packet on the socket, but we don't want to do so in the middle of another packet. Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
-
Martin Milata authored
Signed-off-by: Martin Milata <martin@martinmilata.cz>
-
- 24 Jan, 2017 7 commits
-
-
David Gibson authored
This enables clang compiler builds for the trusty Travis environment. Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
-
David Gibson authored
At present, coroutine stacks must be allocated explicitly by the user, then initialized with coroutine_stack_init(). This adds a new coroutine_stack_alloc() function which allocates a stack, making life easier for users. coroutine_stack_release() will automatically determine if the given stack was set up with _init() or alloc() and act accordingly. The stacks are allocate with mmap() rather than a plain malloc(), and a guard page is added, so an overflow of the stack should result in a relatively debuggable SEGV instead of random data corruption. Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
-
David Gibson authored
Currently valgrind checks are disabled on the coroutine module, because switching stacks tends to confuse it. We can work around this by using the valgrind client interface to explicitly inform it about the stacks we create. Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
-
David Gibson authored
In preparation for enabling valgrind tests, remove instances where we allocate a coroutine's stack from a buffer itself on the stack. Not all that surprisingly, valgrind gets very, very confused by having one "thread"'s stack embedded within another's. Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
-
David Gibson authored
The sample coroutine in api-3 initializes a total to 0, then adds up the pseudo-random data it has placed into a stack buffer, to ensure that the compiler won't elide the reading and writing of that buffer. After the coroutine has completed, we verify that total is non-zero so that we'll detect if the coroutine failed to execute entirely. Except that the initialization of total is within the coroutine itself, so it could also be non-zero due to it simply being uninitialized. This moves the initialization outside the coroutine, to make the test a little more robust. Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
-
David Gibson authored
The api-3 testcase devotes most of its available stack space to a test buffer, leaving only a small amount (COROUTINE_MIN_STKSZ) for the actual stack usage of the coroutine. It turns out that the ccan/tap diag() function can - depending on compiler version and flags, and on whether diagnostics are enabled - exceed that limited stack space. That leads to a stack overrun, and in turn corruption of the parent routine's stack, generating unpredictable and hard to debug SEGVs. At present, this bug seems to be tripped by clang-3.8 when diagnostic messages are printed. This removes the troublesome diag() call. Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
-
Rusty Russell authored
Previously it crashed, but if you're always dealing with tal arrays, this is painful. Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
-
- 19 Jan, 2017 1 commit
-
-
David Gibson authored
Now that we have a way to correctly set a matching coverage tool, we can add more recent compiler versions to the Travis build. Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
-
- 18 Jan, 2017 1 commit
-
-
David Gibson authored
Currently ccanlint defaults to using "gcov" as the coverage analysis tool for any compiler defining __GNUC__. That's generally correct for the (system default) gcc. However, clang also defines __GNUC__ because it implements the GCC langauge extensions. For clang, "gcov" is not the correct coverage tool (clang does use roughly the gcov format, but unless you're very lucky the system gcc and system clang won't use the same gcov versions). This changes the default coverage tool in the case of clang to the correct "llvm-cov gcov". Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
-