Rather than using the fixed-type compiler builtins
(`__builtin_uadd_overflow()`, etc.), use the generic versions
(`__builtin_add_overflow()`). This avoids issues with matching the
definition of GLib types (such as `guint` and particularly `gsize`) to
basic C types (`int`, `long`, `long long`), as the mapping can vary
between platforms.
See https://gcc.gnu.org/onlinedocs/gcc/Integer-Overflow-Builtins.html
Adjust the fallback inline functions similarly.
Signed-off-by: Philip Withnall <pwithnall@endlessos.org>
Fixes: #2523
We now guarantee that GObjects will always be allocated at least as
aligned as the basic types. If you want to put an element in your
GObject which has higher alignment requirements, we can’t guarantee it
will be aligned*. If you need it to be aligned, you’ll need to put it on
the heap (aligned appropriately), or add appropriate padding in your
GObject struct.
*Actually, GSlice will guarantee that the whole GObject is aligned to at
least the power of 2 greater than or equal to the size of the GObject,
which means any element in the GObject struct should always be
appropriate aligned if the compiler pads it appropriately. If malloc()
is used, however, it doesn’t make that guarantee, so we can’t make that
guarantee overall.
Signed-off-by: Philip Withnall <withnall@endlessm.com>
Helps: #1231
Regardless of the actual alignment of the GTypeInstance in question,
these do a runtime check on the type, so if the type was originally
aligned correctly when allocated, it should be aligned correctly if the
type check succeeds. -Wcast-align is meant to warn about casts between
types, which this isn’t (if the check succeeds).
Signed-off-by: Philip Withnall <withnall@endlessm.com>
Fixes: #1231
See the reasoning in the patch for why we believe GObjects *are*
(already) as aligned as the basic types.
We want to make this guarantee so that it’s guaranteed to be safe for
people to ignore -Wcast-align warnings for GObjects which contain basic
types. This typically happens with gdouble on 32-bit ARM platforms.
The checks are slightly complicated by the need to support GObjects with
custom constructors. We should expect that a custom construction
function will chain up to g_object_constructor (which calls
g_type_create_instance() as normal), but it’s possible that someone has
done something crazy and uses a custom allocator which doesn’t return
with the same alignment as GSlice. Hand them a warning in that case. If
that is true, the code which uses their custom-constructed GObject can
presumably already deal with the alignment it gets given.
Signed-off-by: Philip Withnall <withnall@endlessm.com>
Helps: #1231
This should remove some warnings from the CI, making it easier to see
legitimate CI failures.
For example, see https://gitlab.gnome.org/GNOME/glib/-/jobs/1621041.
Signed-off-by: Philip Withnall <pwithnall@endlessos.org>
This was previously done (by commit 63038d1e4c) in one of the cases
where `kill_test_service()` was called — but not the other.
This meant that one instance of `gdbus-testserver` could still be
around when (as it happens, due to the order of the tests) the
`/gdbus/proxy/no-match-rule` test was run. It would start a second
instance of `gdbus-testserver`, which would exit early due to the test
name still being owned on the bus. The first (killed) instance of
`gdbus-testserver` would then exit, leaving no test servers running, and
hence the new test would fail.
This was being seen as frequent CI failures, particularly on FreeBSD
(must have slightly different timing for process signalling and
termination from Linux).
Signed-off-by: Philip Withnall <pwithnall@endlessos.org>
Once upon a time, we tried to return all possible certificate errors,
but it never actually worked reliably and nowadays we have given up.
This needs to be documented because a reasonable developer would not
expect it.
Because mistakes could be security-critical, I decided to copy the same
warning in several different places rather than relying only on
cross-referencese.
Use g_macro__has_attribute to detect it instead of
hardcoding __GNUC__ || __clang__. This adds support
for a few compiler and is consistent with the rest
of the gmacros.h file.
This is an attempt to fix a persistent error on the macOS CI:
```
Objective-C compiler for the host machine: cc (clang 10.0.0)
Objective-C linker for the host machine: APPLE ld 409.12
WARNING: No include directory found parsing "cc -xobjc -E -v -" output
meson.build:761:2: ERROR: Fatal warnings enabled, aborting
```
For example, seen on https://gitlab.gnome.org/GNOME/glib/-/jobs/1618966.
Signed-off-by: Philip Withnall <pwithnall@endlessos.org>
These are known leaks, as they were being done in tests which were
checking precondition failures.
However, since we know what happens when the failures occur, we can
still free the input data reliably, so do that.
This improves the valgrind output for `actions` to show zero definite
leaks.
Signed-off-by: Philip Withnall <pwithnall@endlessos.org>
The `actions` test previously waited an arbitrary 100ms for various
D-Bus messages to be sent/received, before checking the results of those
messages.
Normally, this would work, but on heavily loaded CI systems, it would
sometimes fail. For example,
https://gitlab.gnome.org/GNOME/glib/-/jobs/1611701.
Fix that by waiting for the condition being checked to evaluate to true,
rather than waiting an arbitrary period of time. On faster machines,
this will speed the tests up too.
Assume that the global default `GMainContext` is in use, so a
`GMainContext*` pointer doesn’t have to be passed around.
Signed-off-by: Philip Withnall <pwithnall@endlessos.org>
gio/gcontenttype-win32.c: In function 'get_registry_classes_key':
gio/gcontenttype-win32.c:66:78: warning: comparison of integer expressions of different signedness: 'DWORD' {aka 'long unsigned int'} and 'int'
if (ExpandEnvironmentStringsW (wc_temp, wc_temp_expanded, len) == len)
^~
This allows the flag to allow interactive auth to be set. Previously, it
was unconditionally unset.
Signed-off-by: Philip Withnall <pwithnall@endlessos.org>
glib.git/glib/garray.c: In function ‘g_array_new’:
glib.git/glib/garray.c:184:34: error: comparison is always true due to limited range of data type [-Werror=type-limits]
184 | g_return_val_if_fail (elt_size <= G_MAXSIZE / 2 - 1, NULL);
| ^~
glib.git/glib/gmacros.h:1090:25: note: in definition of macro ‘G_LIKELY’
1090 | #define G_LIKELY(expr) (expr)
| ^~~~
glib.git/glib/garray.c:184:3: note: in expansion of macro ‘g_return_val_if_fail’
184 | g_return_val_if_fail (elt_size <= G_MAXSIZE / 2 - 1, NULL);
| ^~~~~~~~~~~~~~~~~~~~
glib.git/glib/garray.c: In function ‘g_array_sized_new’:
glib.git/glib/garray.c:265:34: error: comparison is always true due to limited range of data type [-Werror=type-limits]
265 | g_return_val_if_fail (elt_size <= G_MAXSIZE, NULL);
| ^~
glib.git/glib/gmacros.h:1090:25: note: in definition of macro ‘G_LIKELY’
1090 | #define G_LIKELY(expr) (expr)
| ^~~~
glib.git/glib/garray.c:265:3: note: in expansion of macro ‘g_return_val_if_fail’
265 | g_return_val_if_fail (elt_size <= G_MAXSIZE, NULL);
| ^~~~~~~~~~~~~~~~~~~~
D-Bus has an upper limit on number of Match rules and it's rather easy to hit
with a big number of proxies with signal subscriptions. This happens with
NetworkManager with hundreds of devices or connection settings. By passing
G_DBUS_SIGNAL_FLAGS_NO_MATCH_RULE to g_dbus_connection_signal_subscribe(), the
user can call AddMatch with a less granular match instead of a match per every
proxy.
Tests subsequently added by Philip Withnall.
Fixes: #1109
The documentation about validity did not match the code. Since the code
hasn’t changed in a long time (since 1998 or 2011), change the
documentation to match it.
Signed-off-by: Philip Withnall <pwithnall@endlessos.org>
Fixes: #2520
It’s a programmer error for `NULL` to reach `is_group_name()` or
`is_key_name()`, so rework the preconditions so that all programmer
error checks are wrapped in a `g_return_if_fail()`. The coverage
scanning is set up to ignore anything inside that.
Signed-off-by: Philip Withnall <pwithnall@endlessos.org>