Type punning is used on the existing implementation, which hides errors
such as:
GSList *list = NULL;
g_clear_pointer (&list, g_error_free);
Let's use __typeof__ to cast the passed-in pointer before it's passed to
the free function so it trips -Wincompatible-pointer-types if it's wrong.
Fixes#1425
PEP8 says that:
"Comparisons to singletons like None should always be done with is or
is not, never the equality operators."
glib uses a mix of "== None" and "is None". This patch changes all
cases to the latter.
If G_DISABLE_ASSERT is defined, g_assert() is a no-op. Despite it now
being standard practice to *not* use g_assert() in unit tests (use
g_assert_*() instead), a lot of existing unit tests still use it.
Compiling those tests with G_DISABLE_ASSERT would make them silently
no-ops. Avoid that by warning the user loudly.
Note that it’s pretty rare for people to compile with G_DISABLE_ASSERT,
so it’s not expected that this will be hit often.
Signed-off-by: Philip Withnall <withnall@endlessm.com>
https://gitlab.gnome.org/GNOME/glib/issues/976
g_assert() must not be used in tests. g_assert_*() must not be used in
production code.
Signed-off-by: Philip Withnall <withnall@endlessm.com>
https://gitlab.gnome.org/GNOME/glib/issues/976
If the fileutils test was run in a directory which is a symlink (for
example, on macOS, /tmp is often a symlink to /private/tmp), a path
comparison was failing. Compare the paths as inodes instead.
Signed-off-by: Philip Withnall <withnall@endlessm.com>
https://gitlab.gnome.org/GNOME/glib/issues/889
Type punning is used on the existing implementation, which hides errors
such as:
GSList *list = NULL;
g_clear_pointer (&list, g_error_free);
Let's use __typeof__ to cast the passed-in pointer before it's passed to
the free function so it trips -Wincompatible-pointer-types if it's wrong.
Fixes#1425
When compiling third-party projects with -Wbad-function-cast, the inline
g_atomic_pointer_get() implementation which uses C11 __atomic_load*()
calls on GCC was causing compilation errors like:
error: cast from function call of type ‘long unsigned int’ to non-matching type ‘void *’
While we don’t want to compile all of GLib with -Wbad-function-cast, we
should support its headers being included in projects which do enable
that warning.
It doesn’t seem to be possible to cast away the warning (e.g. by casting
the function’s result through (void)), so we have to assign to an
intermediate integer of the right size first.
The same has to be done for the bool return value from
__sync_bool_compare_and_swap(). In that case, casting from bool to
gboolean raises a -Wbad-function-cast warning, since gboolean is
secretly int.
The atomic tests have been modified to enable -Wbad-function-cast to
catch regressions of this in future. The GLib build has conversely been
modified to set -Wno-bad-function-cast, just in case people have it set
in their environment CFLAGS.
Signed-off-by: Philip Withnall <withnall@endlessm.com>
https://gitlab.gnome.org/GNOME/glib/issues/1041
A lot of GLib APIs provide a string length and explicitly say that the strings
are not NUL terminated. For instance, parsing XML using GMarkupParser or
reading packed binary strings from mmapped data files.
Use either g_get_real_time() or g_date_time_new_now_local(). This means
we don’t need to worry about time_t being 32b in future (the year 2038
problem), and it makes the need for error handling a bit more explicit.
Improve the error handling in several cases.
Based on a patch by Niels De Graef
(https://gitlab.gnome.org/GNOME/glib/merge_requests/142).
Signed-off-by: Philip Withnall <withnall@endlessm.com>
https://gitlab.gnome.org/GNOME/glib/issues/1402
The accepted behaviour for reference counting functions can be described
as such:
- acquire: takes a pointer to a memory area and returns the same
pointer with its reference count increased; this means that the
returned value's ownership is fully transfered from the callee
to the caller
- release: takes a pointer to a memory area and drops the reference
count; this means that the caller transfers the ownership of the
argument to the callee
These annotations are mostly meant for documentation purposes: high
level language bindings are unlikely to use them, as they have their own
reference counting semantics on top of GLib's own, and they should not
expose this API to their own consumers.
The global hash table we use for interned strings should not own a
reference on the strings themselves, as otherwise we'd leak them all
over the place.
Instead, it should keep a "weak" reference to them; once the last
strong reference goes away, we drop remove the weak reference from the
hash table.
Both g_rc_box_release_full() and g_atomic_rc_box_release_full() should
allow passing NULL as the clear function, to conform to the existing
coding practices in GLib.
Additionally, this allows us to reimplement release() in terms of
release_full(), and improve test coverage.
The last part of the reference counting saga.
Now that we have:
- reference counter types
- reference counted allocations
we can finally add reference counted strings using reference counted
allocations to avoid creating a new String type, and reimplementing
every single string-based API.
It's more useful to have a dup() function that copies any blob of memory
into a reference counted allocation, than to have a dup() that only
copies a reference counted allocation.
GArcBox is the atomic reference counting version of GRcBox. Unlike
GRcBox, the reference acquisition and release on GArcBox are guaranteed
to be atomic, and thus they can be performed from different threads.
This is similar to Rust's Arc<Box<T>> combination of traits.
It is useful to provide a "reference counted allocation" API that can
add reference counting semantics to any memory allocation. This allows
turning data structures that usually are placed on the stack into memory
that can be placed on the heap without:
- adding a public reference count field
- implementing copy/free semantics
This mechanism is similar to Rust's Rc<Box<T>> combination of traits,
and uses a Valgrind-friendly overallocation mechanism to store the
reference count into a private data segment, like we do with GObject's
private instance data.
They’re all 8 bytes long, and integer constants that large need a suffix
on 32-bit platforms.
Signed-off-by: Philip Withnall <withnall@endlessm.com>
https://gitlab.gnome.org/GNOME/glib/issues/977
Philip Withnall suggests that glib should treat all negative
file descriptors as unset/invalid, rather than explicitly requiring
them to be -1.
This can simplify the logic for some users of this code.
https://gitlab.gnome.org/GNOME/gnome-shell/merge_requests/132
It’s been de-facto deprecated for a long time, due to emitting a
critical warning when used in a non-internal context. Make that official
in the documentation and with a deprecation annotation.
Split the implementation into an internal helper and an external
wrapper, so the two remaining internal uses don’t emit deprecation
warnings.
Signed-off-by: Philip Withnall <withnall@endlessm.com>
https://gitlab.gnome.org/GNOME/glib/issues/903
For the purposes of debugging, it is quite useful for every GSource to
have a name set. Ensure that any GSource we construct inside GLib has a
name set. For GSources which are then returned to the caller, this name
can then be overridden with something even more useful by the caller.
Since this data is only used for debugging, avoid doing any allocations
for it; just use static strings.
https://gitlab.gnome.org/GNOME/glib/issues/1175
It’s good to know *which* GMainContext is used to determine the ID, and
the preconditions for calling this method.
Using wording suggested by Emmanuele Bassi <ebassi@gmail.com>.
Signed-off-by: Philip Withnall <withnall@endlessm.com>
Function do_posix_spawn uses environ, but gspawn.c doesn't declare it.
Since there is no system header declaring this global variable, this
causes compilation error on FreeBSD.
Code added in this commit is copied from genviron.c.
G_SPAWN_LEAVE_DESCRIPTORS_OPEN must be set to enable the optimized
posix_spawn codepath, so this flag is likely to see more usage now.
Document that FD_CLOEXEC can be used to cause file descriptors to be
automatically closed while this flag is used.
When the amount of free memory on the system is somewhat low, gnome-shell
will sometimes fail to launch apps, reporting the error:
fork(): Cannot allocate memory
fork() is failing here because while cloning the process virtual address
space, Linux worries that the thread being forked may end up COWing the
entire address space of the parent process (gnome-shell, which is
memory-hungry), and there is not enough free memory to permit that to
happen.
In this case we are simply calling fork() in order to quickly call exec(),
which will throw away the entirity of the duplicated VM, so we should
look for ways to avoid the overcommit check.
The well known solution to this is to use clone(CLONE_VM) or vfork(), which
completely avoids creating a new memory address space for the child.
However, that comes with a bunch of caveats and complications:
https://gist.github.com/nicowilliams/a8a07b0fc75df05f684c23c18d7db234https://ewontfix.com/7/
In 2016, glibc's posix_spawn() was rewritten to use this approach
while also resolving the concerns.
https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=9ff72da471a509a8c19791efe469f47fa6977410
I experimented with a similar approach in glib, but it was not practical
because glibc has several items of important internal knowledge (such as
knowing which signals should be given special treatment because they are
NPTL implementation details) that are not cleanly exposed elsewhere.
Instead, this patch adapts the gspawn code to use posix_spawn() where
possible, which will reap the benefits of that implementation.
The posix_spawn API is more limited than the gspawn API though,
partly due to natural limitations of using CLONE_VM, so the posix_spawn
path is added as a separate codepath which is only executed when the
conditions are right. Callers such as gnome-shell will have to be modified
to meet these conditions, such as not having a child_setup function.
In addition to allowing for the gnome-shell "Cannot allocate memory"
failure to be avoided, this should result in a general speedup in this
area, because fork()'s behaviour of cloning the entire VM space
has a cost which is now avoided. posix_spawn() has also recently
been optimized on OpenSolaris as the most performant way to spawn
a child process.
Add a new process spawning function variant which allows the caller
to pass specific file descriptors for stdin, stdout and stderr.
It is otherwise identical to g_spawn_async_with_pipes.
Allow the same fd to be passed in multiple parameters. To make this
workable, the child process logic that closes the fd after the first time
it has been dup2'ed needed tweaking; we now just set those fds to be
closed upon exec using the CLOEXEC flag. Add a test for this case.
This will be used by gnome-shell to avoid performing equivalent
dup2 actions in a child_setup function. Dropping use of child_setup will
enable use of an upcoming optimized process spawning codepath.
Nevertheless it accepts "w+b".
When checking the Win32 documentation of fopen()/_wfopen(), it clearly
states:
> In addition to the earlier values, the following characters can be
> appended to mode to specify the translation mode for newline
> characters.
This implementation expects 'b' or 't' to be appended, and therefore
"wb+" ends up with an error, whereas the alias "w+b" works perfectly
while it is exactly the same thing. So let's just have glib "translate"
the mode when it can to have it working transparently the same way on
every platform.
Using g_assert_cmpfloat() with a float or double causes warnings on the
newest Clang version, because the macro internally promotes all values to
a long double, which Clang warns about. Casting explicitly removes the
warning.
Closes: #1377
This commit adds two W32-only environmental variable checks:
* G_WIN32_ALLOC_CONSOLE, if set to 1, will force glib to create
a new console if the process has no console by itself.
This option is for GUI apps that are launched from GUI
processes, in which case there's no console anywhere near them.
* G_WIN32_ATTACH_CONSOLE, if set to a comma-separated list of
standard stream names (stdint, stdout, stderr), will reopen
a given std stream and tie it to the console (using existing console
or parent console).
This works either with the other option (to create a console),
or if the app is launched from a console process (often the
case for developers).
The redirection is done with freopen(), dup() and dup2().
If everything goes well, C file descriptors 0, 1 or 2 will
be bound to stdin, stdout and stderr respectively (only for
streams listed in the envrionmental variable), and so will
be stdio streams by the same names.
With these it's possible to see the output of g_log*() functions
when running GTK4 applications, which are linked as GUI applications,
and thus do not get a console by default.
https://bugzilla.gnome.org/show_bug.cgi?id=790857
Fixes issue #1304
This function only calls fsync() if @target exists and is non-empty. If
not, it doesn't provide the "old contents or new contents" guarantee
that one might expect. This has been the case since
d20a188b12, and is justified either as a
performance optimization or by asserting that this function only
guarantees to not destroy existing data (implicitly defining
non-existence or emptiness as not data).
In addition, explicitly spell out that whether it's atomic in the
non-empty case is system-dependent. If the system administrator has
configured some funky filesystem options, they may be out of luck on the
atomicity front.
https://gitlab.gnome.org/GNOME/glib/issues/1302
This fits better with the convention in the rest of GLib where arbitrary
8-bit values are represented as guint8, avoiding the potential confusing
of a name which references ‘char’s.
This is not an API break, as both guint8 and guchar are unconditionally
typedeffed to unsigned char.
https://gitlab.gnome.org/GNOME/glib/issues/896
People do (and should) use g_str_equal() for string comparisons outside
of hash tables, because it’s easier to read than
`strcmp (str1, str2) == 0`. That should not be discouraged.
However, we should still be careful to point out that g_str_equal() is
not NULL-safe, and g_strcmp0() is.
Signed-off-by: Philip Withnall <withnall@endlessm.com>
A slightly modified patch originally written by Morten Welinder
<terra@gnome.org> to make the error codes returned by g_spawn_*()
functions more specific when on Windows. They are already this specific
on Linux.
Add a unit test for the ENOENT case.
https://gitlab.gnome.org/GNOME/glib/issues/303
Signed-off-by: Philip Withnall <withnall@endlessm.com>
The error number was saved after some g_debug() and g_free() calls, in
various places, which meant it could have been overwritten since the
error we care about happened.
https://gitlab.gnome.org/GNOME/glib/issues/303
Signed-off-by: Philip Withnall <withnall@endlessm.com>
This allows test calls to produce output with \n
line separators on Windows, instead of \r\n.
Reduces the number of ifdefs, since all checks
can be done against one template on all platforms.
Test that the API behaves as expected, especially when we get to
saturation.
Additionally, check that both the function and the macro versions of the
API behave identically.
If we're using GCC we can use __extension__ to inline the grefcount and
gatomicrefcount API, and avoid the function call.
These macros are only enabled if G_DISABLE_CHECKS is defined, as they
remove critical warnings when the reference counters achieve saturation.
We have a common pattern for reference counting in GLib, but we always
implement it with ad hoc code. This is a good chance at trying to
standardise the implementation and make it public, so that other code
using GLib can take advantage of shared behaviour and semantics.
Instead of simply taking an integer variable, we should create type
aliases, to immediately distinguish the reference counting semantics of
the code; we can handle mixing atomic reference counting with a
non-atomic type (and vice versa) by using differently signed values for
the atomic and non-atomic cases.
The gatomicrefcount type is modelled on the Linux kernel refcount_t
type; the grefcount type is added to let single-threaded code bases to
avoid paying the price of atomic memory barriers on reference counting
operations.
Meson has the ability to classify tests according to "suites", a list of
tags. This is especially useful when we want to run specific sets of
tests — e.g. only GLib's tests — instead of the whole test suite. It
also allows us to classify special tests, like "slow" ones, so that we
can only run them when needed.
In master, it is already possible to build GLib using Visual Studio
using Meson[1] for some time, so we should focus on maintaining only the
Meson build files for building GLib with Visual Studio.
[1]: There are caveats when building with Visual Studio 2008, namely
that one needs to use the mt command to embed the manifests that
are generated with the .exe/DLLs, for all builds, and that in the
case where the compilation hangs on Visual Studio 2008 x64, as a
workaround, should stop the build by terminating all cl.exe tasks
and change the compiler optimization flag from /O2 (full speed) to
/O1 (optimize for size), due to compiler optimization issues.
When over-allocating by inserting values off the end of an array, maybe
expand the array once, rather than twice (once for setting the size and
once for appending the values).
Suggestion by Peter Bloomfield (@peterb) as a follow-up to #1374.
Signed-off-by: Philip Withnall <withnall@endlessm.com>
Previously, there was very little coverage of GArray behaviour with
either of the zero_terminated or clear_ arguments to g_array_new() set
to TRUE.
Parameterise the tests and exhaustively expand the coverage to cover all
possible GArray configurations.
This was made possible by the online code coverage report for GLib which
we now have:
https://gnome.pages.gitlab.gnome.org/glib/coverage/glib/garray.c.gcov.html.
Signed-off-by: Philip Withnall <withnall@endlessm.com>
https://bugzilla.gnome.org/show_bug.cgi?id=795975
Previously, g_array_insert_vals() would crash if called with an index
off the end of the array. This is inconsistent with the behaviour of
other methods (like g_array_set_size()), which will expand the array as
necessary.
Modify g_array_insert_vals() to expand the array as necessary. New array
elements will be cleared to zero if the GArray was constructed with
(clear_ == TRUE).
Signed-off-by: Philip Withnall <withnall@endlessm.com>
https://bugzilla.gnome.org/show_bug.cgi?id=795975
They do both accept NULL value arrays, but only if the number of
elements in the value array is zero. Fix the annotations and mention
this in the documentation.
Signed-off-by: Philip Withnall <withnall@endlessm.com>
https://bugzilla.gnome.org/show_bug.cgi?id=795975
It's mostly not used anymore and doesn't do what it says it does.
The docs state that it affects GList, GSList, GNode, GMemChunks, GSignal,
GType n_preallocs and GBSearchArray while:
* GList, GSList and GNode use GSlice and are not affected
* GMemChunks is gone
* GType npreallocs is ignored
It also states that it can be used to force the usage of g_malloc/g_free,
which is handled by G_SLICE=always-malloc now.
The only places where it's used is in signal handling through GBSearchArray
and in GValueArray (deprecated). Since it's unlikely that anyone wants to
reduce allocation sizes just for those cases remove the build option.
See commit 4c2928a544 for why checking AT_SECURE is preferable compared
to UID checks as currently done in the fallback case.
getauxval() was added with glibc 2.16
While glibc <2.19 didn't provide a way to differentiate a 0 return value from an error,
passing AT_SECURE should always succeed according to
https://sourceware.org/ml/libc-alpha/2014-07/msg00407.html
I've added an errno check anyway, to be on the safe side.
It was added in 4c2928a544 to potentially enable accessing
AT_SECURE through __libc_enable_secure, but was never enabled.
Newer glibc provides getauxval(AT_SECURE) which should be used instead.
Add a TODO note for that.
ENABLE_GC_FRIENDLY_DEFAULT was supposed to set the default for the gc friendliness
while still allowing to force enable it at runtime with G_DEBUG=gc-friendly.
With commit 943a18b564 (6 years ago) things were changed to always set it
according to the content of G_DEBUG in glib_init(), making the default unused.
Since nobody complained since then just remove the macro and the build option.
g_date_strftime() on Windows uses the SYSTEMTIME structure which requires the
year to be >=1601. Passing 1 results in a negative SYSTEMTIME.wYear
which makes GetDateFormatW() fail and crashes due to missing error handling.
Just use 1976 as that's already used a few lines down.
Add a test macro that allows comparing two floating point values for
equality within a certain tolerance.
This macro has been independently reimplemented by various projects:
* Clutter
* Graphene
* colord
https://gitlab.gnome.org/GNOME/glib/issues/914
valgrind.h is a verbatim copy taken from Valgrind project. Previously
that file had local changes that got dropped by last update. To avoid
regressing again, do not edit valgrind.h anymore and instead add a
gvalgrind.h wrapper that gets included instead.
This fix 2 errors:
- uintptr_t is not defined when including valgrind.h on mingw.
- MSVC compiler is not supported on amd64-Win64 platform.
Better not modify copy/paster files otherwise this will regress again
later. It's better to not include valgrind.h at all when using MSVC.
This reverts commit bbcce75d4e.
The tests in test_async_queue_timed() assume that g_async_queue_timeout_pop()
and in turn g_cond_wait_until() wait at least until end_time
before returning, i.e. calling g_get_monotonic_time() after the timeout should result
in a value equal or larger than the timeout end time.
For the win32 implementation of g_cond_wait_until() this isn't the case which
makes those tests fail.
There are three reasons why the function returns early:
1) The underlying API works with milliseconds and the timeout gets rounded
down, resulting in a too small timeout value.
2) In case the timeout is too large to be passed to the API it gets limited
(there is also a bug because it converts INFINITE to milliseconds while
they already are, but using INFINITE would be wrong as well, as passing
a large timeout is not the same as blocking forever really)
3) Even with the rounding changed the underlying API still returns a bit early
sometimes on my machine (relative to g_get_monotonic_time())
This changes the implementation to round up to the next millisecond (fixing 1)
and to wait again in case a timeout occurs but the end time hasn't been
reached yet (fixing 2 and 3).
This makes the test_async_queue_timed() tests pass.
https://bugzilla.gnome.org/show_bug.cgi?id=795569
The timer tests expect that a small value for sleep does not result in
no sleep at all. Round up to the next millisecond to bring it more in line
with other platforms.
This fixes the glib/timer tests.
This makes the 'threadtests' time out since that uses small usleeps a lot and
until now didn't wait at all, but now always waits a msec. Reduce the amount
of tests done on Windows to get the runtime down to something reasonable again.
https://bugzilla.gnome.org/show_bug.cgi?id=795569
For g_autolist and g_autoslist, the cleanup func was cast to
GDestroyNotify before being passed to g_(s)list_free_full. This cast
provokes GCC 8 to emit a warning if the return type is not void:
…/gmacros.h:462:99: warning: cast between incompatible function types
from … to 'void (*)(void *)' [-Wcast-function-type]
Cast to 'void (*)(void)' first, which suppresses the warning as
recommended by the GCC documentation. g_autoptr remains untouched.
Fixes https://gitlab.gnome.org/GNOME/glib/issues/1382
In commit f49a93b207
from bug https://bugzilla.gnome.org/show_bug.cgi?id=791342
we added two new static inline cleanup helpers in case a type was
used inside a list.
These functions will commonly be unused.
In rpm-ostree, we run a build using `CC=clang -Werror=unused` because
it catches `g_autofree char *foo = NULL;` as unused, but GCC doesn't.
When trying to update to F28 with a newer glib, our CI fell over on this.
Mark all of the autocleanups as "maybe unused".
Visual Studio x64 builds do not allow inline assembly code, so we need
to re-add the code that disables inline assembly when we build with
Visual Studio for x64 builds, as we did before. This is necessary when
we update the included valgrind.h.
The output of the %p type is implementation defined and on Windows we get
leading zeros depending on the pointer type size. Instead of adding
ifdeffery use g_snprintf() to generate the expected message.
https://bugzilla.gnome.org/show_bug.cgi?id=795569
g_steal_pointer is both an inline function, returning gpointer, and a
macro that casts the return value to the type of its argument. The first
version of the macro uses '0 ? (*(pp)) : (g_steal_pointer) (pp)' to cast
the return value to the type of *pp, but this fails to yield warnings
about incompatible pointer types with current gcc. Apparently the
ternary operator is optimized away before the type of the expression is
determined.
The typeof() (or __typeof__()) operator allows an explicit cast.
https://bugzilla.gnome.org/show_bug.cgi?id=742456https://bugzilla.gnome.org/show_bug.cgi?id=796341
Previous version of this function started with a call to g_utf8_to_utf16(),
which also served as a NULL check, since g_utf8_to_utf16() just returns NULL
on NULL strings. Current version of this function does some filename string
checks first and converts it to utf16 only after these checks are done, and
these checks do not take into account the possibility of filename being NULL.
Fix this by explicitly checking for NULL.
The current docs implied, by using the printf name, that the macros would
be compatible with printf(), but that's not always the case.
On Windows we use gnulib if the system printf isn't good enough.
This can happen on MinGW without __USE_MINGW_ANSI_STDIO set or with MSVC
with a varrying degree of incompatibility.
https://bugzilla.gnome.org/show_bug.cgi?id=795569
This allows building with posix threads on Windows. It is generally
better to use win32 threads implementation on Windows, but this option
can be used in case it causes issues, or for performance comparison for
example.
https://bugzilla.gnome.org/show_bug.cgi?id=784995
win32_cflags gets used globally as cflags and exposed in the .pc file.
win32_ldflags gets passed to glib-2.0 and exposed in the .pc file.
This should match what the autotools build is currently doing with
GLIB_EXTRA_CFLAGS and G_LIBS_EXTRA.
https://bugzilla.gnome.org/show_bug.cgi?id=784995
• A leak of filename on an error path
• A leak of resolved_identifier if no out_identifier return location
was provided
The latter was spotted by Peter Bloomfield
(8945227743 (note_111254)).
Thanks!
Signed-off-by: Philip Withnall <withnall@endlessm.com>
Reviewed-by: nobody
__MINGW32__ is defined on all MinGW variants including MinGW-w64.
__MINGW64_VERSION_MAJOR is only defined on MinGW-w64.
This difference is important because on MinGW-w64 we must #include
winternl.h because including ntdef.h results in compiler errors
about symbol redefinition, and the header warns that it is deprecated
and may be removed in the future.
https://bugzilla.gnome.org/show_bug.cgi?id=795849
On non-glibc platforms gettext is provided by extra libintl dependency.
We wrongly thought libintl is an internal dependency and applications
needs to explicitly link on it, but turns out that breaks many
applications and with autotools the .pc generated actually has -lintl in
public "Libs:".
https://bugzilla.gnome.org/show_bug.cgi?id=796085
These make it easy to steal elements from pointer arrays without having
the array’s GDestroyNotify called on them, similarly to what’s possible
with g_hash_table_steal().
Signed-off-by: Philip Withnall <withnall@endlessm.com>
https://bugzilla.gnome.org/show_bug.cgi?id=795376
If using g_ptr_array_remove*() with a non-NULL GDestroyNotify function,
the value returned will probably be freed memory (depending on what the
GDestroyNotify) function actually does. Warn about that in the
documentation. We can’t just unconditionally return NULL in these cases,
though, since the user might have set the GDestroyNotify to a nifty
function which doesn’t actually free the element; so returning it might
still be valid and useful.
Also add missing (nullable) annotations to that documentation.
Signed-off-by: Philip Withnall <withnall@endlessm.com>
https://bugzilla.gnome.org/show_bug.cgi?id=795376
They were almost identically the same. This introduces no functional
changes, but will help with upcoming additions to GPtrArray.
Signed-off-by: Philip Withnall <withnall@endlessm.com>
https://bugzilla.gnome.org/show_bug.cgi?id=795376
-z nodelete breaks the libresourceplugin module usage in the resources.c
test, which expects to be able to unload it.
Make the Meson build match what the autotools build does: only pass
glib_link_flags to the headline libraries (glib-2.0, gio-2.0,
gobject-2.0, gthread-2.0, gmodule-2.0) and omit it from all other build
targets.
https://bugzilla.gnome.org/show_bug.cgi?id=788771
This is a combination of g_hash_table_lookup_extended() and
g_hash_table_steal(), so that users can combine the two to reduce code
and eliminate a pointless second hash table lookup by
g_hash_table_steal().
Signed-off-by: Philip Withnall <withnall@endlessm.com>
https://bugzilla.gnome.org/show_bug.cgi?id=795302
Update our copy of valgrind.h from the Valgrind 3.13 release tarball.
This seems to include fixes for PPC and Solaris. No changes made to the
header file.
Signed-off-by: Philip Withnall <withnall@endlessm.com>
https://bugzilla.gnome.org/show_bug.cgi?id=736741
Make it a bit clearer that all lengths passed to GRegex methods are in
bytes (not characters). This is mentioned in the section overview, but
who reads that?
Signed-off-by: Philip Withnall <withnall@endlessm.com>
https://bugzilla.gnome.org/show_bug.cgi?id=748620
On Windows we use gnulib and elsewhere we use glibc or similar.
Also change G_GNUC_PRINTF to use gnu_printf instead of __format__ if
possible because __format__ evaluates to ms_printf under MinGW,
but we use gnulib there and not the system printf.
gnu_printf is only available with GCC>=4.4 and not with clang.
https://bugzilla.gnome.org/show_bug.cgi?id=795569
The timezone setup utility of FreeBSD, tzsetup, which is run during the
installation, creates /etc/localtime by copying the chosen timezone file
from /usr/share/zoneinfo. Although it can correctly deal with the case
where /etc/localtime is a symlink, it is not the default and there is no
user interface to change the default copying behaviour.
Fortunately, tzsetup has been modified to write the name of the chosen
timezone to /var/db/zoneinfo in 2009, so we can know the name of the
current timezone by reading it. DragonflyBSD also seems to do the same
thing in its tzsetup.
https://svnweb.freebsd.org/changeset/base/198267https://bugzilla.gnome.org/show_bug.cgi?id=795165
It seems that the test expects g_date_time_format to return formatted
results in English, and there is no setlocale (LC_ALL, "") call in the
file so the test does run in the default C locale. However, gettext
seems to read the value of LC_MESSAGES from the environment by itself.
Even if the value of LC_MESSAGES locale is C because of not calling
setlocale, gettext still translates the name of the month according to
the LC_MESSAGES environment variable, causing g_date_time_format_locale
to fail on the "%b" test case because it cannot convert UTF-8 text
returned by get_month_name_with_day to ASCII.
To avoid the test failure, we set the LC_MESSAGES environment variable
to C before format tests and restore it at the end of the function.
https://bugzilla.gnome.org/show_bug.cgi?id=795165
The return value of g_file_read_link ("/etc/localtime") can
be a relative path in the form of "../usr/share/zoneinfo".
This breaks the prefix check that is performed, and makes
the timezone identifier be "../usr/share/zoneinfo/America/Sao_Paulo",
for example, which breaks other parts of the system.
Fix that by canonicalizing the symlink path if we detect
is it a relative path.
(Tweaked by Philip Withnall <withnall@endlessm.com> to remove a
conditional which was unnecessary.)
https://bugzilla.gnome.org/show_bug.cgi?id=111848
Getting the canonical filename is a relatively common
operation when dealing with symbolic links.
This commit exposes GLocalFile's implementation of a
filename canonicalizer function, with a few additions
to make it more useful for consumers of it.
Instead of always assuming g_get_current_dir(), the
exposed function allows passing it as an additional
parameter.
This will be used to fix the GTimeZone code to retrieve
the local timezone from a zoneinfo symlink.
(Tweaked by Philip Withnall <withnall@endlessm.com> to drop g_autofree
usage and add some additional tests.)
https://bugzilla.gnome.org/show_bug.cgi?id=111848
All those logging functions already add a newline to any message they
print, so there’s no need to add a trailing newline in the message
passed to them.
Signed-off-by: Philip Withnall <withnall@endlessm.com>
Reviewed-by: nobody
This continues one of the const-correctness fixes from the previous
commit (it needed some more transitive fixes), and reverts another of
them, since it was over-zealous.
This fixes CI failure: https://gitlab.gnome.org/GNOME/glib/-/jobs/27125.
Signed-off-by: Philip Withnall <withnall@endlessm.com>
Reviewed-by: nobody
Spotted when temporarily compiling with -Wwrite-strings. This only goes
a small way towards making the code base -Wwrite-strings–clean. It
introduces no functional changes, and fixes no bugs.
Signed-off-by: Philip Withnall <withnall@endlessm.com>
Reviewed-by: nobody
If g_get_home_dir() calculated a NULL home directory (due to $HOME being
unset and /etc/passwd being inaccessible, for example due to an
overly-zealous LSM), it would call g_once_init_leave (&home_dir, NULL),
which would emit a critical and fail to leave the GOnce critical
section. That meant that the following call to g_get_home_dir() would
deadlock in g_once_init_enter().
Fix that by setting the home directory to a made-up value in such cases
(which the documentation handily already explicitly allows).
Thanks to Simon McVittie for the analysis leading to an easy patch.
Signed-off-by: Philip Withnall <withnall@endlessm.com>
https://bugzilla.gnome.org/show_bug.cgi?id=773435
Fix various warnings regarding unused variables, duplicated
branches etc by adjusting the ifdeffery and some missing casts.
gnulib triggers -Wduplicated-branches in one of the copied files,
disable as that just makes updating the code harder.
The warning indicating missing features are made none fatal through
pragmas. They still show but don't abort the build.
https://bugzilla.gnome.org/show_bug.cgi?id=793729
glib enables -Werror=format-nonliteral by default which is triggered
by the embedded gnulib (in vasnprintf.c). Disable that warning
for gnulib alone. The gnulib code is there to handle user provided
format strings, so the warning doesn't add anything anyway.
This fixes the build under MinGW.
https://bugzilla.gnome.org/show_bug.cgi?id=793729
For a long time we've had it as 'common knowledge' that criticals are
for programmer errors and warnings are for external errors, but we've
never documented that. Do so.
(Modified by Philip Withnall <withnall@endlessm.com> to apply cleanly to
master; rearranged to fit in with current master documentation.)
https://bugzilla.gnome.org/show_bug.cgi?id=741049
And warn in other parts of the code if the caller attempts
to change the array bounds during destruction, this is not
a valid operation.
(Tweaked by Philip Withnall <withnall@endlessm.com> to not use inline
for loop declarations, since we can’t support them in GLib at the
moment.)
https://bugzilla.gnome.org/show_bug.cgi?id=769064
The tests which check permissions and errors like EACCES aren’t going to
work as root, since root always has permission to do things. Skip them
if running as root.
Signed-off-by: Philip Withnall <withnall@endlessm.com>
https://bugzilla.gnome.org/show_bug.cgi?id=766390
Make it more obvious that an explicit check isn’t needed for the upper
bound on years, since it’s limited by the type width.
Add a unit test to demonstrate this.
Signed-off-by: Philip Withnall <withnall@endlessm.com>
https://bugzilla.gnome.org/show_bug.cgi?id=540013
GDate.dmy is a 1-bit bitfield which is treated as a boolean. However,
it’s still an integer, and we can’t really treat it like a gboolean
because it’s a bitfield. Make the comparisons with it explicitly compare
integers, rather than implicitly, to make it more obvious that it is
actually an integer.
This introduces no functional changes.
Signed-off-by: Philip Withnall <withnall@endlessm.com>
https://bugzilla.gnome.org/show_bug.cgi?id=335731
These turn undefined or hard-to-detect misbehaviour into a well-defined
critical warning and early return.
Signed-off-by: Philip Withnall <withnall@endlessm.com>
https://bugzilla.gnome.org/show_bug.cgi?id=335731
It’s possible to get a -Wmaybe-uninitialized warning out of this code
with some GCC versions. Rework the code to avoid needing the conditional
free.
Signed-off-by: Philip Withnall <withnall@endlessm.com>
https://bugzilla.gnome.org/show_bug.cgi?id=728108
This was a small leak of a GDateTime instance from an internal helper
function, which was using it to calculate week numbers, and then forgot
to free it.
Signed-off-by: Philip Withnall <withnall@endlessm.com>
https://bugzilla.gnome.org/show_bug.cgi?id=795165
This is a non-trivial accessor which gets the identifier string used to
create the GTimeZone — unless the string passed to g_time_zone_new() was
invalid, in which case the identifier will be `UTC`.
Implementing this required reworking how timezone information was loaded
so that the tz->name is always set at the same time as tz->t_info, so
they are in sync. Previously, the tz->name was unconditionally set to
whatever was passed to g_time_zone_new(), and then not updated if the
tz->t_info was eventually set to the default UTC information.
This includes tests for the new g_time_zone_get_identifier() API, and
for the g_date_time_get_timezone() API added in the previous commit.
Signed-off-by: Philip Withnall <withnall@endlessm.com>
https://bugzilla.gnome.org/show_bug.cgi?id=795165
gdatetime testcase uses glib (which uses libintl), but *alsi* calls
libintl functions on its own, as part of the testing process.
Therefore it must be linked to libintl like any other program that
uses it.
https://bugzilla.gnome.org/show_bug.cgi?id=794556
We do not need to use FindFirstFileW() to get a reparse tag if the
file that is being examined is not a reparse point.
This is a quick and relatively painless fix for the fact that
FindFirstFileW() fails on root directories. Since root directories
are unlikely to be reparse points (is it even possible?), not using
this function on non-reparse-points just sidesteps the issue.
https://bugzilla.gnome.org/show_bug.cgi?id=795153
If a handle was obtained from a fd that we got from up the stack,
we shouldn't call CloseHandle() on it in case of an error.
This is a bug. Luckily, it happens only on the error codepath, so,
hopefully, no one had hit it yet.
Accurate G_HAVE_GNUC_VISIBILITY is needed to correctly
define G_GNUC_INTERNAL later on. Autotools did that,
meson currently doesn't and opts to just set
G_HAVE_GNUC_VISIBILITY to 1 for all compilers except MSVC.
This leads to MinGW GCC having G_HAVE_GNUC_VISIBILITY=1,
which results in G_GNUC_INTERNAL being defined to
__attribute__((visibility("hidden"))), which is not supported.
Because cc.compiles() does not support override_options or
anything like that, we just feed it '-Werror' as-is, since
MSVC is known as not supporting visibility attributes anyway.
https://bugzilla.gnome.org/show_bug.cgi?id=794636
This pollutes the reserved compiler namespace and breaks applications
trying to do their own feature detection. For instance, this falsely
detects that alloca is not a builtin on gcc:
#include <glib.h>
#if defined(__has_builtin)
# if !__has_builtin(alloca)
# error "wtf glib?"
# endif
#else
/* version-checking to determine alloca existence */
#endif
Instead, define our own g_macro__has_* versions that have the
behaviour that we need.
https://bugzilla.gnome.org/show_bug.cgi?id=794635
date.c uses SUBLANG_LITHUANIAN_LITHUANIA which is Vista+
Include config.h so that _WIN32_WINNT is defined and the newer macros
are exposed.
This fixes the build under MinGW.
https://bugzilla.gnome.org/show_bug.cgi?id=793729
This patch relaxes the comparison rules and allow the month names to be
in a mixed case.
Translators should be allowed to provide the month names in a different
case (lower/upper case, not grammatical case) from the content of glibc
because it is disputable at the moment whether the month names should
follow the language rules strictly and be titlecased only if it is
obligatory to titlecase them or they should be also titlecased in the
standalone case. Hopefully in future a conversion specifier will be
invented to control the upper/lower case individually.
https://bugzilla.gnome.org/show_bug.cgi?id=793645
See the previous commit. By convention, GLib assumes strings loaded from
gettext are always in UTF-8, but we do need to tell gettext this. In
most other tests, it doesn’t matter; but in the gdatetime test, we test
re-encoding month names from EUC-JP, so we need to ensure the
translations start in UTF-8 correctly.
Signed-off-by: Philip Withnall <withnall@endlessm.com>
https://bugzilla.gnome.org/show_bug.cgi?id=793578
With the various macros we use to provide fallbacks for missing
nl_langinfo() fields, the locale handling can become quite complex:
nl_langinfo() returns strings encoded in the current locale, but C_()
returns strings encoded in UTF-8 (by GLib convention — you do actually
need to call bind_textdomain_codeset() to achieve this).
There are various format specifiers, especially with the new %Ob, %OB,
%Oh specifiers, which conditionally call nl_langinfo() or something
based on C_(). This makes encoding handling difficult.
Add additional macros which indicate whether the macros they’re paired
with return something encoded in the current locale, or encoded in
UTF-8. The user of the macro can then use these to work out whether to
re-encode.
Signed-off-by: Philip Withnall <withnall@endlessm.com>
https://bugzilla.gnome.org/show_bug.cgi?id=793578
If adding months or years to a date, the day of the month of the result
is supposed to be the same as in the input — but that doesn’t work if
that day doesn’t exist in the result month.
Clarify the documentation about what happens here (the day of the month
is clamped to the length of that month).
Signed-off-by: Philip Withnall <withnall@endlessm.com>
Reviewed-by: nobody
Some source code comments amended to avoid possible future confusion.
It has been explained that a month name is used in a genitive case
only if it is required by the language rules. Also it has been
explained that %OB is also supported by other platforms (e.g., BSD)
but for this test we are focused on glibc 2.27 vs. Windows.
https://bugzilla.gnome.org/show_bug.cgi?id=749206
The CI infrastructure is shared and running inside a containerised
environment, which means tests may take more time to finish on it
than they would on a faster, personal machine.
https://bugzilla.gnome.org/show_bug.cgi?id=793635
The test for %OB with g_date_strftime() fails with old libc versions
which don’ŧ support the ‘O’ modifier. g_date_strftime() explicitly
doesn’t add additional format placeholders over what’s supported by the
system strftime(), so just disable the test in that case.
The test remains useful on systems with newer libc versions, or on
Windows, where the win32 fallback path is taken.
Signed-off-by: Philip Withnall <withnall@endlessm.com>
https://bugzilla.gnome.org/show_bug.cgi?id=749206
Add tests for g_date_strftime() and g_dat_set_parse() formatting and parsing
month names in both nominative and genitive case in several locales, both
needing these two grammatical cases and not needing them.
https://bugzilla.gnome.org/show_bug.cgi?id=749206
A similar change to the commit be4f96b650,
supports %OB, %Ob, %Oh (alternative, standalone, nominative) month names
along with the old %B, %b, %h (primary, in full date format context,
genitive) month names.
https://bugzilla.gnome.org/show_bug.cgi?id=749206
On platforms other than Win32, the g_abort symbol is #def'd to abort.
C99 specifies that this function prototype resides in stdlib.h, but the
required include is absent from gutils.h.
https://bugzilla.gnome.org/show_bug.cgi?id=793555
One of the “quick” or “slow” test run modes is always added to the
argument list, making the branching pointless, which, coincidentally,
now causes a warning.
https://bugzilla.gnome.org/show_bug.cgi?id=793399
Supports %OB (alternative, standalone, nominative) month name along
with the old %B (primary, in a complete date format context, genitive)
month name. Similarly %Ob and %Oh for abbreviated month names.
Depending on the underlying operating system uses nl_langinfo()
or provides our custom implementation.
(Tweaked by Philip Withnall <withnall@endlessm.com> to add test case
comment and bug reference.)
https://bugzilla.gnome.org/show_bug.cgi?id=749206
The return value of the g_hash_table_add(), g_hash_table_insert(), and
g_hash_table_replace() functions was changed from void to gboolean in
GLib 2.40, but it was not mentioned in the API reference or the release
notes.
https://bugzilla.gnome.org/show_bug.cgi?id=793300
The test_GDateTime_new_from_unix() test creates a UNIX timestamp
representing 1990-01-01 00:00:00 in the local timezone, and then turns
it into a GDateTime using g_date_time_new_from_unix_local(). This should
succeed regardless of the current local timezone (TZ environment
variable).
However, it was failing for TZ=America/Lima, and *only* for that
timezone.
As it turns out, Lima used to have a DST leap at exactly 00:00:00 on the
1st of January — but this stopped in 1994, which made investigation a
bit harder. See:
https://www.timeanddate.com/time/change/peru/lima?year=1990.
What was happening is that 1990-01-01 00:00:00 was being converted to
the timestamp 631170000, but GDateTime was converting that timestamp to
1990-01-01 01:00:00 when loading it. Both conversions are correct: a DST
leap creates an equivalence between an hour’s worth of timestamps.
We can somewhat validate this by seeing that timestamp 631169999 maps to
1989-12-31 23:59:59, and timestamp 631170001 maps to 1990-01-01
01:00:01.
Fix this by changing the date used by the test to one where no timezone
was undergoing a DST leap in 1990. This should never change, as all that
data is now historical.
Signed-off-by: Philip Withnall <withnall@endlessm.com>
https://bugzilla.gnome.org/show_bug.cgi?id=793319
The existing array annotation is inconsistent with the other
conversion functions. Now that the implementation guarantees
no embedded NULs, the return value can be re-annotated.
https://bugzilla.gnome.org/show_bug.cgi?id=756128
Note that the g_convert() API works with byte arrays. It's wrong to
default to utf8 there, because iconv can read and produce strings with
interior nul characters which are not allowed in (type utf8).
The documentation was misleading about that in some places, so that got
corrected as well.
Strings in the locale encoding are annotated as dynamic-length byte
arrays because they don't have any guaranteed format and can contain
nul bytes. For UTF-8 strings in g_*_{from,to}_utf8(), GLib assumes
no embedded nul bytes and the (type utf8) annotations on the UTF-8
parameters and return values remain as they were. Likewise for
(type filename).
https://bugzilla.gnome.org/show_bug.cgi?id=756128
Introduced in commit 1574321e51.
This fix introduces no functional changes (just a cast).
Signed-off-by: Philip Withnall <withnall@endlessm.com>
Reviewed-by: nobody
This seems to have been present since the code was introduced in commit
cedc82290f. The attr variable is defined
under one #ifdef, but destroyed under another, which doesn’t make any
sense. The second #ifdef variable is actually an enum value, rather than
the static initialiser value which makes more sense in the context.
Note that GMutex used to be statically initialised to the value of
PTHREAD_ADAPTIVE_MUTEX_INITIALIZER_NP in gthread.h, before this was
reworked in commit e081eadda5.
Signed-off-by: Philip Withnall <withnall@endlessm.com>
https://bugzilla.gnome.org/show_bug.cgi?id=793026
g_key_file_get_locale_string() returns a translated string from the
keyfile. In some cases, it may be useful to know the locale that that
string came from.
Add a new API, g_key_file_get_locale_for_key(), that returns the locale
of the string.
Include tests.
(Modified by Philip Withnall to rename the API and fix some minor review
issues. Squash in a separate test case commit.)
https://bugzilla.gnome.org/show_bug.cgi?id=605700
When compiling with G_LOG_USE_STRUCTURED, g_message(), g_debug(), etc.
use g_log_structured(). The message format string and its format
arguments are passed as the final set of arguments in a longer varargs
list, which includes the log domain and level (and other) fields.
Passing the message format in this way means it’s not possible for the
compiler to know to check its format placeholders when compiling with
-Wformat.
Fix support for this by adding a new semi-private helper function,
_g_log_structured_standard(), which only uses varargs for the message
format and its arguments, and uses fixed arguments for the other fields.
This is then converted to a set of GLogFields and passed to
g_log_structured() as normal.
Support for -Wformat when compiling *without* G_LOG_USE_STRUCTURED was
never broken.
Signed-off-by: Philip Withnall <withnall@endlessm.com>
https://bugzilla.gnome.org/show_bug.cgi?id=793074
The behaviour of upstream iconv() when faced with a character which is
valid in the input encoding, but not representable in the output
encoding, is implementation defined:
http://pubs.opengroup.org/onlinepubs/9699919799/
Specifically:
If iconv() encounters a character in the input buffer that is valid,
but for which an identical character does not exist in the target
codeset, iconv() shall perform an implementation-defined conversion
on this character.
This behaviour was being exposed in our g_iconv() wrapper and also in
g_convert_with_iconv() — but users of g_convert_with_iconv() (both the
GLib unit tests, and the implementation of g_convert_with_fallback())
were assuming that iconv() would return EILSEQ if faced with an
unrepresentable character.
On platforms like NetBSD, this is not the case: NetBSD’s iconv()
finishes the conversion successfully, and outputs a string containing
replacement characters. It signals those replacements in its return
value from iconv(), which is positive (specifically, non-zero) in such a
case.
Let’s codify the existing assumed behaviour of g_convert_with_iconv(),
documenting that it will return G_CONVERT_ERROR_INVALID_SEQUENCE if
faced with an unrepresentable character. As g_iconv() is a thin wrapper
around iconv(), leave the behaviour there implementation-defined (but
document it as such).
Signed-off-by: Philip Withnall <withnall@endlessm.com>
https://bugzilla.gnome.org/show_bug.cgi?id=790698
Fix capitalisation of GLib, make some text less gender-specific, and add
some missing colons.
Signed-off-by: Philip Withnall <withnall@endlessm.com>
https://bugzilla.gnome.org/show_bug.cgi?id=790698
off64_t doesn’t exist in any standard (definitely not C99), and so
goffset is actually closer to off_t in 64-bit mode.
However, goffset is always defined as gint64, so make that clear.
Signed-off-by: Philip Withnall <withnall@endlessm.com>
https://bugzilla.gnome.org/show_bug.cgi?id=792856
This adds two new tests for g_bytes_new_from_bytes().
One test ensures that when creating a new GBytes that is a slice of
the entire base bytes, we just return the base bytes with it's reference
count incremented by one.
The other test ensures that when performing sub-slices of GBytes, for
which the parent GBytes also references a GBytes, that we skip the
intermediate GBytes and reference the base GBytes. Additional testing
of the internal state of the GBytes structure is performed to prove
the correctness of the implementation.
https://bugzilla.gnome.org/show_bug.cgi?id=792780
When referencing a GBytes that is already a slice of another GBytes, we
can avoid referencing the intermediate GBytes and instead reference the
root bytes.
Doing so helps avoid keeping N GBytes instances alive when the
intermediates would have otherwise been finalized.
https://bugzilla.gnome.org/show_bug.cgi?id=792780
String inputs to convenience conversion functions g_locale_from_utf8(),
g_filename_from_utf8(), and g_filename_to_utf8(), are annotated for the
bindings as NUL-terminated strings of (type utf8) or (type filename).
There is also a len parameter that allows converting part of the string,
but it is exposed to the bindings as a value independent from the string
buffer. Absent any more sophisticated ways to annotate, the way to
provide a safeguard against len argument values longer than the
string length is to check that no nul is encountered within the first
len bytes of the string. strdup_len() includes this check as part of
UTF-8 validation, but g_convert() permits embedded nuls.
For g_filename_from_utf8(), also check the output to prevent embedded NUL
bytes. It's not safe to allow embedded NULs in a string that is going
to be used as (type filename), and no known bytestring encoding for
file names allows them.
https://bugzilla.gnome.org/show_bug.cgi?id=792516
The character encoding conversion utility functions g_locale_to_utf8()
and g_filename_to_utf8() had inconsistent behavior on producing strings
with inner NUL bytes: in the all-UTF-8 strdup path, the input string
validation prohibits embedded NULs, while g_convert(), using iconv(),
can produce UTF-8 output with NUL bytes inside the output buffer.
This, while valid UTF-8 per the Unicode standard, is not valid for
the nul-terminated (type utf8) return value format that the *_to_utf8()
functions are annotated with (as per discussion in bug 756128).
Check the output of g_convert() for embedded NUL bytes, and if any
are found, set the newly introduced error
G_CONVERT_ERROR_EMBEDDED_NUL.
Also document the error set by g_{locale,filename}_{from,to}_utf8()
when the input string contains nul bytes.
https://bugzilla.gnome.org/show_bug.cgi?id=792516
In the strdup_len() path, no need to do what g_utf8_validate()
already does: locate the string-terminating nul byte.
Also in strdup_len(), make the out parameter bytes_read receive the length
of the valid (meaning also nul-free) part of the input string, as the
documentation on g_{locale,filename}_{from,to}_utf8() says it does.
https://bugzilla.gnome.org/show_bug.cgi?id=792516
This reverts the following commits (but keeps the other recent changes
to gmain.c):
• e4ee3079c Do not wake up main loop if change is from same thread
• 208702404 main: Create a helper function for "owner wakeup" optimization
• 0c0469b56 gmain: Signal wakeups if context has never been acquired as well
• 9ba95e25b gmain: only signal GWakeup right before or during a blocking poll
Some combination of them is causing problems with LibreOffice and/or
WebKit, and the safest thing to do at the moment is revert them all
until we work out what’s going on. The previous revert (4976e8109) was
not sufficient (it fixed WebKit, but re-broken LibreOffice).
By reverting, we gain some spurious wakeups, but avoid dropping
necessary wakeups, which is presumably what’s causing problems in the
other modules.
Signed-off-by: Philip Withnall <withnall@endlessm.com>
https://bugzilla.gnome.org/show_bug.cgi?id=761102
It was documented at strange places: in g_sequence_search*() and
g_sequence_lookup*(), but how to insert and sort data is not done by
those functions.
So instead, add the information to the class description (since it
involves several functions), and add also the information in
g_sequence_insert_sorted() and g_sequence_insert_sorted_iter() as a kind
of warning when using those functions.
Note that before this commit, it was not explained *why* it is better to
call g_sequence_sort() after doing a lot of unsorted insertions. Now it
is documented as "more efficient" (I think it's the only reason that
makes sense, otherwise why was it documented?).
https://bugzilla.gnome.org/show_bug.cgi?id=792455
When debug output is enabled then certain messages will be logged to
stdout. stdout however is block buffered by default when it isn't going
to a TTY meaning that debug logging will not be flushed out properly
when it is being redirected. One example of this happening may be tests
that rely on parsing g_debug messages.
Adding an explicit fflush ensures all log messages will reach the output.
https://bugzilla.gnome.org/show_bug.cgi?id=792432
On i386, we were seeing that this calculation was producing an incorrect
result, probably because usec was being stored in an 80-bit register
before being written back into a 64-bit float in memory. If we mark the
variables as volatile, they are not stored in registers and we avoid
this bug.
gtk-doc doesn’t support them any more since it was ported to Markdown,
so they end up appearing in the generated documentation, which isn’t
great.
Mostly, they were used to split up things invisibly, which we can do in
other ways.
Signed-off-by: Philip Withnall <withnall@endlessm.com>
Reviewed-by: nobody
There is no requirement that groups is NULL terminated, so we should check
that the bounds are within the specified length before checking for a
NULL terminating value.
https://bugzilla.gnome.org/show_bug.cgi?id=792351
gpointer* cannot be aliased with arbitrary types. In order to fix
-Wstrict-aliasing=2 warnings with the g_clear_pointer() macro, we need
to cast through char*, which is allowed to alias with anything.
Even if we don’t make GLib strict-aliasing safe, it’s important to
ensure this macro is safe, since it could be used from projects which do
compile with -fstrict-aliasing.
Signed-off-by: Philip Withnall <withnall@endlessm.com>
https://bugzilla.gnome.org/show_bug.cgi?id=791622
Fix various strict aliasing problems caused by casting between (struct
sockaddr *) and (struct sockaddr_storage *): the correct code here is to
keep the two in a union.
Signed-off-by: Philip Withnall <withnall@endlessm.com>
https://bugzilla.gnome.org/show_bug.cgi?id=791622
When using g_key_file_get_locale_string() or get_locale_string_list(),
the GKeyFile must have been loaded with G_KEY_FILE_KEEP_TRANSLATIONS if
the lookup locale differs from the one which was current when the key
file was loaded.
Document that.
Signed-off-by: Philip Withnall <withnall@endlessm.com>
https://bugzilla.gnome.org/show_bug.cgi?id=792324
Commit 281e3010 narrowed the race between GCancellable::cancelled and
GCancellableSource's finalize(), but did not prevent it: there was
nothing to stop cancellation from occurring after the refcount drops
to 0, but before g_source_unref_internal() bumps it back up to 1 to
run finalize().
GCancellable cannot be expected to detect that situation, because the
only way it has to detect last-unref is finalize(), but in that
situation finalize() hasn't happened yet.
Instead of detecting last-unref, relax the precondition a little
to make it detect finalization: priv is only poisoned (set to NULL)
after the finalize() function has been called, so we can assume that
GCancellable has already seen finalize() by then.
Signed-off-by: Simon McVittie <smcv@collabora.com>
Bug: https://bugzilla.gnome.org/show_bug.cgi?id=791754
Bug-Debian: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=884654
If we don't take the lock, then we don't have the necessary
"happens before" relationships to avoid this situation:
* source->priv->ready_time was equal to ready_time until recently
* another thread has set source->priv->ready_time to a different value
* that write hasn't become visible to this thread yet
* result: we should reset the ready_time, but we don't
Signed-off-by: Simon McVittie <smcv@collabora.com>
Bug: https://bugzilla.gnome.org/show_bug.cgi?id=791754
Bug-Debian: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=884654
Properly define GLIB/GOBJECT_STATIC_COMPILATION when static build is enabled.
Use library() instead of shared_library() to allow selecting static builds.
https://bugzilla.gnome.org/show_bug.cgi?id=784995
The introspection scanner chokes fairly badly on the types we create,
and that got even worse when the autolist support landed. Now, every
time we declare a new GObject type we automatically get incomplete
aliases to container types that gobject-introspection and Vala do not
know how to handle.
Since the autoptr machinery is not really introspectable to begin with,
as it's a C utility extension that depends on the C compiler being used
to compile a C project that depends on GLib, we can mark the whole
section as non-introspectable using the __GI_SCANNER__ pre-processor
symbol.
https://bugzilla.gnome.org/show_bug.cgi?id=791342
WCOREDUMP is not a separate "mode" as suggested by the previous
code to interpret wait status: instead, it is an extra bit of
information if the "mode" is WIFSIGNALED.
(Modified by Philip Withnall to fix a nitpick missing space.)
https://bugzilla.gnome.org/show_bug.cgi?id=748534
This avoids losing information that might be useful for later debugging.
(Modified by Philip Withnall to add comments to child_status and
test_trap_last_status.)
https://bugzilla.gnome.org/show_bug.cgi?id=748534
When using python3 as interpreter, range only takes integer arguments or
it results in errors like:
File "/usr/bin/gtester-report", line 78, in html_indent_string
for i in range (0, (n + 1) / 2):
TypeError: 'float' object cannot be interpreted as an integer
https://bugzilla.gnome.org/show_bug.cgi?id=791296
Clarify that the return value may be floating, or may not be (depends
on whether the input @value was in normal form).
Signed-off-by: Philip Withnall <withnall@endlessm.com>
https://bugzilla.gnome.org/show_bug.cgi?id=741167
Divide first, *then* cast. Otherwise a very long "now", which is
64-bit, gets truncated into a 32-bit time_t, which can't hold the
value, and turns negative more often than not.
https://bugzilla.gnome.org/show_bug.cgi?id=791128
Rather than unreffing them _after_ finalising the GSource and freeing
its struct. This fixes the case where the GSourceCallbackFuncs data
contains a pointer to the GSource, and the unref() function operates on
that pointer, e.g. by calling g_source_destroy(). This happens when
using g_source_set_dummy_callback() on a GSource, as the generated
GClosure needs to destroy the GSource when it is invalidated, which
could happen (at latest) when the GSourceCallbackFuncs.unref() function
is called during finalisation of the GSource.
By moving the GSourceCallbackFuncs.unref() invocation higher up in
g_source_unref_internal(), it becomes re-entrancy-safe for GSource
methods.
https://bugzilla.gnome.org/show_bug.cgi?id=692034
This is happening since f591366eee, that
changed the way tests were skipped to use g_test_skip() instead of just
ignoring them. They are now reported to the log with G_TEST_RUN_SKIPPED
as result.
https://bugzilla.gnome.org/show_bug.cgi?id=790934
If nl_langinfo() doesn’t support a particular item, it returns the empty
string. We should check for that and return NULL from
g_date_time_format() accordingly, otherwise the user could unwittingly
end up with a formatted date/time which is missing some or all of its
components.
This arose with %r in de_DE, which is unsupported by nl_langinfo()
because Germans almost never write time in 12-hour format.
Add a unit test.
Signed-off-by: Philip Withnall <withnall@endlessm.com>
https://bugzilla.gnome.org/show_bug.cgi?id=790416
When doing a level traverse of a GNode with depth of -1, the depth was
implicitly being converted to an unsigned integer. This worked (making
the depth limit G_MAXUINT), but was a bit mystical.
Change g_node_depth_traverse_level() to explicitly take a signed depth
and handle it appropriately.
Coverity issue: #1159465https://bugzilla.gnome.org/show_bug.cgi?id=732003
Otherwise there is a race in finalising the GSourceCallback if one
thread is finishing off a g_main_dispatch() while another thread is
destroying the GSource which owns the GSourceCallback.
A helgrind log:
==21707== Possible data race during write of size 4 at 0x54EACB0 by
thread #12
==21707== Locks held: none
==21707== at 0x4ECC174: g_source_callback_unref (gmain.c:1528)
==21707== by 0x4ECD953: g_main_dispatch (gmain.c:3081)
==21707== by 0x4ECE667: g_main_context_dispatch (gmain.c:3673)
==21707== by 0x4ECE859: g_main_context_iterate (gmain.c:3744)
==21707== by 0x4ECEC7F: g_main_loop_run (gmain.c:3938)
==21707== by 0x41C197: some_thread (some-code.c:224)
==21707==
==21707== This conflicts with a previous write of size 4 by thread #5
==21707== Locks held: 1, at address 0x54CF320
==21707== at 0x4ECC174: g_source_callback_unref (gmain.c:1528)
==21707== by 0x4ECB86F: g_source_destroy_internal (gmain.c:1178)
==21707== by 0x4ECB9D4: g_source_destroy (gmain.c:1227)
==21707== by 0x41CF09: some_other_thread (some-other-code.c:410)
https://bugzilla.gnome.org/show_bug.cgi?id=737677
This removes the use of defined() in a macro expansion, which may not be
portable to some pre-processors. Instead, we hoist the defined check
outside the macro expansion.
https://bugzilla.gnome.org/show_bug.cgi?id=790877
