Commit Graph

6622 Commits

Author SHA1 Message Date
Philip Withnall
e4e88688a0 kqueue: Fix unlocked access to shared variable
And drop the `volatile` qualifier because it doesn’t help.

Signed-off-by: Philip Withnall <pwithnall@endlessos.org>

Helps: #600
2020-11-20 14:40:19 +00:00
Philip Withnall
74250cd9c9 gio: Drop unnecessary volatile qualifiers from internal variables
These variables were already (correctly) accessed atomically. The
`volatile` qualifier doesn’t help with that.

Signed-off-by: Philip Withnall <pwithnall@endlessos.org>

Helps: #600
2020-11-20 14:40:19 +00:00
Philip Withnall
7c7623c4a3 gdbuserror: Drop unnecessary volatile qualifiers from variables
This should introduce no API changes. The
`g_dbus_error_register_error_domain()` function still (incorrectly) has
a `volatile` argument, but dropping that qualifier would be an API
break.

Signed-off-by: Philip Withnall <pwithnall@endlessos.org>

Helps: #600
2020-11-20 14:40:19 +00:00
Philip Withnall
3361240439 gdbusconnection: Drop unnecessary volatile qualifiers from variables
This should introduce no API changes; there are public functions
exported by `GDBusConnection` which still have some (incorrectly)
`volatile` arguments, but dropping those qualifiers would be an API
break.

Signed-off-by: Philip Withnall <pwithnall@endlessos.org>

Helps: #600
2020-11-20 14:40:19 +00:00
Philip Withnall
f4607def16 tests: Drop unnecessary volatile qualifiers from tests
These variables were already (correctly) accessed atomically. The
`volatile` qualifier doesn’t help with that.

Signed-off-by: Philip Withnall <pwithnall@endlessos.org>

Helps: #600
2020-11-20 14:40:19 +00:00
Philip Withnall
7f905ff1fa tests: Fix non-atomic access to some shared variables
And drop the `volatile` qualifier from the variables, as that doesn’t
help with thread safety.

Signed-off-by: Philip Withnall <pwithnall@endlessos.org>

Helps: #600
2020-11-20 14:40:19 +00:00
Philip Withnall
fab561f8d0 gobject: Drop use of volatile from get_type() macros
http://isvolatileusefulwiththreads.in/c/

It’s possible that the variables here are only marked as volatile
because they’re arguments to `g_once_*()`. Those arguments will be
modified in a subsequent commit.

Signed-off-by: Philip Withnall <pwithnall@endlessos.org>

Helps: #600
2020-11-20 14:40:19 +00:00
Simon McVittie
066e68001e Merge branch '1963-gdbus-test-validity' into 'master'
tests: Improve validity of binary GDBusMessage parsing tests

Closes #1963

See merge request GNOME/glib!1762
2020-11-19 11:26:07 +00:00
Simon McVittie
524696c4e6 Merge branch 'dbus-auth-setuid' into 'master'
gdbusauthmechanismsha1: Don’t create keyring dir when running as setuid

See merge request GNOME/glib!1733
2020-11-19 11:13:25 +00:00
Emmanuele Bassi
6e9ed964c3 Merge branch 'task-trace' into 'master'
Add some tracing to GTask

See merge request GNOME/glib!1629
2020-11-18 13:53:41 +00:00
Philip Withnall
f936bba0d1 tests: Improve validity of binary GDBusMessage parsing tests
These tests were originally written using the output directly from a
fuzzer which had triggered the bugs we’re testing for. However, that
means they’re liable to no longer test what they’re intended to test if
the `GDBusMessage` parsing code is changed to (for example) check for
certain errors earlier in future.

It’s better to only have one invalidity in each binary blob, so change
the test messages to all be valid apart from the specific thing they’re
testing for.

The changes were based on reading the D-Bus specification directly:
https://dbus.freedesktop.org/doc/dbus-specification.html

During these changes I found one problem in
`test_message_parse_deep_header_nesting()` where it wasn’t actually
nesting variants in the header deeply enough to trigger the bug it was
supposed to be testing for. Fixed that.

Signed-off-by: Philip Withnall <pwithnall@endlessos.org>

Fixes: #1963
2020-11-18 13:19:13 +00:00
Philip Withnall
c16e1db576 Merge branch 'appinfo-shellany-thread-pool' into 'master'
GWin32AppInfo: Use a thread pool for async appinfo tree rebuilds

See merge request GNOME/glib!1754
2020-11-18 09:38:24 +00:00
Руслан Ижбулатов
427d4fad24 GWin32AppInfo: Use a thread for async appinfo tree rebuilds 2020-11-17 18:11:56 +00:00
Frederic Martinsons
e817a049f0 Correct shellcheck errors (and ignore world splitting when we want it)
Signed-off-by: Frederic Martinsons <frederic.martinsons@sigfox.com>
2020-11-15 17:34:27 +01:00
Sebastian Dröge
728c591d76 Merge branch '1560-converter-zero-size' into 'master'
gresource: Fix handling of zero-sized compressed resource entries

Closes #1560

See merge request GNOME/glib!1752
2020-11-14 21:35:18 +00:00
Matthias Clasen
e53e8b28dd gio: Add some tracing to GTask
Set counters for the number of running tasks and
for the max. threadpool size. These are meant to
get a sense for whether G_TASK_POOL_SIZE and related
constants are still suitable for current gio and
GTask usage patterns.
2020-11-14 19:04:45 +00:00
Matthias Clasen
89d45c7f6a gio: Include sysprof tracing support
Include gtrace.c in the sources, so we can
use the same g_trace_ apis in GIO when sysprof
support is enabled.
2020-11-14 19:04:45 +00:00
Philip Withnall
353020928c gresource: Fix handling of zero-sized compressed resource entries
The zlib `GConverter` can’t handle an output buffer of size 0.

Add tests.

Signed-off-by: Philip Withnall <pwithnall@endlessos.org>

Fixes: #1560
2020-11-14 19:03:18 +00:00
Niels De Graef
6fa5c13c30 gio, glib: Use g_assert_cmpstrv where it makes sense 2020-11-14 18:17:32 +00:00
Sebastian Dröge
fbfb067375 Document that the get_default() functions for the various GIO modules will never return NULL 2020-11-14 17:32:41 +02:00
Sebastian Dröge
ec9fb90b2b Mark g_subprocess_get_std{in,out,err}_pipe() return value as nullable
Previously it was considered a programming error to call these on
subprocesses created without the correct flags, but for bindings this
distinction is difficult to handle automatically.

Returning NULL instead does not cause any inconsistent behaviour and
simplifies the API.
2020-11-14 17:32:41 +02:00
Sebastian Dröge
e2fbb74301 Assert that GFileIcon::file is always set after construction 2020-11-11 13:15:24 +02:00
Sebastian Dröge
705a59a315 gio: Add missing nullable annotations 2020-11-11 13:15:21 +02:00
Norbert Pocs
a879c46a39 gdbus: Add FD support for gdbus call
Gdbus call could not take file handle (parameter 'h') as a parameter.

Original patch from Tim Waugh <twaugh@redhat.com>.

Fixes: #961
2020-11-06 17:19:27 +00:00
Philip Withnall
e1e32e9b0b Merge branch 'wip/carlosg/shared-hidden-cache-timeout' into 'master'
glocalfileinfo: Use a single timeout source at a time for hidden file cache

See merge request GNOME/glib!1734
2020-11-03 15:09:44 +00:00
Carlos Garnacho
c1e0e6a055 glocalfileinfo: Use a single timeout source at a time for hidden file cache
As hidden file caches currently work, every look up on a directory caches
its .hidden file contents, and sets a 5s timeout to prune the directory
from the cache.

This creates a problem for usecases like Tracker Miners, which is in the
business of inspecting as many files as possible from as many directories
as possible in the shortest time possible. One timeout is created for each
directory, which possibly means gobbling thousands of entries in the hidden
file cache. This adds as many GSources to the glib worker thread, with the
involved CPU overhead in iterating those in its main context.

To fix this, use a unique timeout that will keep running until the cache
is empty. This will keep the overhead constant with many files/folders
being queried.
2020-11-03 14:16:36 +01:00
Philip Withnall
4f7c6e1ec8 gdbusauthmechanismsha1: Don’t create keyring dir when running as setuid
Continue to allow overriding the keyring dir, but don’t automatically
create it when running as root.

Signed-off-by: Philip Withnall <pwithnall@endlessos.org>

Coverity CID: #1432485
2020-11-02 12:23:50 +00:00
Simon McVittie
f53aaeac9f gio/tests/gsettings: Assert that temporary directory ends up empty
If there are stray files left over, g_rmdir() will fail with ENOTEMPTY.

Signed-off-by: Simon McVittie <smcv@collabora.com>
2020-10-31 12:26:01 +00:00
Simon McVittie
782c1b424e gio/tests/gsettings: Assert that g_chmod succeeds
Signed-off-by: Simon McVittie <smcv@collabora.com>
2020-10-31 12:24:59 +00:00
Simon McVittie
3f9f7da0f1 gio/tests/gsettings: Use g_assert_no_errno()
Signed-off-by: Simon McVittie <smcv@collabora.com>
2020-10-31 12:24:22 +00:00
Simon McVittie
3468369625 gio/tests/appmonitor: Use g_assert_no_errno()
Signed-off-by: Simon McVittie <smcv@collabora.com>
2020-10-31 12:24:05 +00:00
Simon McVittie
b3b4ad4f94 gio/tests/live-g-file: Use g_assert_no_errno()
Signed-off-by: Simon McVittie <smcv@collabora.com>
2020-10-31 12:20:53 +00:00
Michael Catanzaro
c2b8fa8a34 gsocketclient: fix crash when async connection step fails
This is a regression from !1686. The tmp_error is no longer valid after
it is "considered" and cannot be used at this point. We should print the
error earlier instead.

Fixes #2233
2020-10-28 10:43:43 -05:00
Philip Withnall
35ffbf953d Merge branch 'wip/smcv/big-dbus-write-with-fds' into 'master'
gdbus: Cope with sending fds in a message that takes multiple writes

Closes #2074

See merge request GNOME/glib!1725
2020-10-28 13:12:19 +00:00
Simon McVittie
e5cee9ce5a gio/tests/gdbus-peer: Exercise fds attached to a large message
This incidentally also exercises the intended pattern for sending fds in
a D-Bus message: the fd list is meant to contain exactly those fds that
are referenced by a handle (type 'h') in the body of the message, with
numeric handle value n corresponding to g_unix_fd_list_peek_fds(...)[n].

Being able to send and receive file descriptors that are not referenced by
a handle (as in OpenFile here) is a quirk of the GDBus API, and while it's
entirely possible in the wire protocol, other D-Bus implementations like
libdbus and sd-bus typically don't provide APIs that make this possible.

Reproduces: https://gitlab.gnome.org/GNOME/glib/-/issues/2074
Signed-off-by: Simon McVittie <smcv@collabora.com>
2020-10-28 12:03:59 +00:00
Simon McVittie
fc1f4969bf gdbus: Document the intended semantics of handles and fds
In the D-Bus wire protocol, the handle type (G_VARIANT_TYPE_HANDLE, h)
is intended to be an index/pointer into the implementation's closest
equivalent of GUnixFDList: its numeric value has no semantic meaning
(in the same way that the numeric values of pointers have no semantic
meaning), but a handle with value n acts as a reference to the nth fd
in the fd list.

GDBus provides a fairly direct mapping from the wire protocol to the
C API, which makes it technically possible to attach and use fds
without ever referring to them in the message body, and some
GLib-centric D-Bus APIs rely on this.

However, the other major implementations of D-Bus (libdbus and sd-bus)
transparently replace file descriptors with handles when building
messages, and transparently replace handles with file descriptors when
parsing messages. This means they cannot implement D-Bus APIs that do
not follow the conventional meaning of handles as indexes/pointers into
an equivalent of GUnixFDList.

For interoperability, we should encourage D-Bus API designers to follow
the convention, even though code written against GDBus doesn't strictly
need to do so.

Signed-off-by: Simon McVittie <smcv@collabora.com>
2020-10-28 11:52:22 +00:00
Simon McVittie
70279f8446 gdbus: Cope with sending fds in a message that takes multiple writes
Suppose we are sending a 5K message with fds (so data->blob points
to 5K of data, data->blob_size is 5K, and fd_list is non-null), but
the kernel is only accepting up to 4K with each sendmsg().

The first time we get into write_message_continue_writing(),
data->total_written will be 0. We will try to write the entire message,
plus the attached file descriptors; or if the stream doesn't support
fd-passing (not a socket), we need to fail with
"Tried sending a file descriptor on unsupported stream".

Because the kernel didn't accept the entire message, we come back in.
This time, we won't enter the Unix-specific block that involves sending
fds, because now data->total_written is 4K, and it would be wrong to try
to attach the same fds again. However, we also need to avoid failing
with "Tried sending a file descriptor on unsupported stream" in this
case. We just want to write out the data of the rest of the message,
starting from (blob + total_written) (in this exaple, the last 1K).

Resolves: https://gitlab.gnome.org/GNOME/glib/-/issues/2074
Signed-off-by: Simon McVittie <smcv@collabora.com>
2020-10-28 11:06:52 +00:00
Philip Withnall
2d008e4645 Merge branch 'mcatanzaro/#2221' into 'master'
Fix race in socketclient-slow test

Closes #2221

See merge request GNOME/glib!1711
2020-10-26 15:40:49 +00:00
Sebastian Dröge
4926948aa9 Merge branch 'app-info-docs' into 'master'
gio: Fix some remaining DocBook syntax in a documentation comment

See merge request GNOME/glib!1701
2020-10-26 15:20:03 +00:00
Philip Withnall
159a9c215a gio: Fix various typos of the name ‘D-Bus’
This introduces no functional changes.

Signed-off-by: Philip Withnall <pwithnall@endlessos.org>
2020-10-26 14:28:15 +00:00
Michael Catanzaro
1d28fd530c Fix race in socketclient-slow test
This test ensures that g_socket_client_connect_to_host_async() fails if
it is cancelled, but it's not cancelled until after 1 millisecond. Our
CI testers are hitting that race window, and Milan is able to reproduce
the crash locally as well. Switching it from 1ms to 0ms is enough for
Milan to avoid the crash, but not enough for our CI, so let's move the
cancellation to a GSocketClientEvent callback where the timing is
completely deterministic.

Hopefully fixes #2221
2020-10-26 14:18:06 +00:00
Philip Withnall
4590b4932a gio: Fix some remaining DocBook syntax in a documentation comment
Convert it to Markdown.

Signed-off-by: Philip Withnall <pwithnall@endlessos.org>
2020-10-15 16:21:01 +01:00
Philip Withnall
e2e8339e0a Merge branch 'typeof' into 'master'
Use C++11 decltype where possible

See merge request GNOME/glib!1575
2020-10-15 08:52:47 +00:00
Xavier Claessens
5b2bee3f53 Replace __typeof__ with glib_typeof macro
g_has_typeof macro is wrongly in the public g_ namespace, internaly
symbols are usually in the glib_ namespace. This will also allow to
define glib_typeof differently on non-GNUC compilers (e.g. c++11
decltype).
2020-10-14 14:48:36 -04:00
Philip Withnall
2996d0d689 gfile: Clarify refcount handling for g_file_replace_contents_bytes_async()
This introduces no functional changes, but makes the refcount handling a
little easier to follow by no longer splitting a ref/unref pair across
three callbacks. Now, the ref/unref pairs are all within function-local
scopes.

Coverity CID: #1430783

Signed-off-by: Philip Withnall <pwithnall@endlessos.org>
2020-10-14 11:50:42 +01:00
Philip Withnall
06587fbfd7 Merge branch 'mcatanzaro/#2211' into 'master'
Various improvements in GSocketClient

Closes #2211 and #1994

See merge request GNOME/glib!1686
2020-10-14 10:20:07 +00:00
Sergio Costas
c12762a091 GSubprocessLauncher: allow to close passed FDs
By default, when using g_subprocess_launcher_take_fd() to pass an
FD to a child, the GSubprocessLauncher object also takes ownership
of the FD in the parent, and closes it during finalize(). This is
a reasonable assumption in the majority of the cases, but sometimes
it isn't a good idea.

An example is when creating a GSubprocessLauncher in JavaScript:
here, the destruction process is managed by the Garbage Collector,
which means that those sockets will remain opened for some time
after all the references to the object has been droped. This means
that it could be not possible to detect when the child has closed
that same FD, because in order to make that work, both FDs
instances (the one in the parent and the one in the children) must
be closed. This can be a problem in, as an example, a process that
launches a child that communicates with Wayland using an specific
socket (like when using the new API MetaWaylandClient).

Of course, it isn't a valid solution to manually call close() in
the parent process just after the call to spawn(), because the FD
number could be reused in the time between it is manually closed,
and when the object is destroyed and closes again that FD. If that
happens, it will close an incorrect FD.

One solution could be to call run_dispose() from Javascript on the
GSubprocessLauncher object, to force freeing the resources.
Unfortunately, the current code frees them in the finalize()
method, not in dispose() (this is fixed in !1670 (merged) ) but it
isn't a very elegant solution.

This proposal adds a new method, g_subprocess_launcher_close(),
that allows to close the FDs passed to the child. To avoid problems,
after closing an FD with this method, no more spawns are allowed.

Fix: https://gitlab.gnome.org/GNOME/glib/-/merge_requests/1677
2020-10-12 20:29:48 +02:00
Michael Catanzaro
b88b3712e0 gsocketclient: return best errors possible
Originally, GSocketClient returned whatever error occured last. Turns
out this doesn't work well in practice. Consider the following case:
DNS returns an IPv4 and IPv6 address. First we'll connect() to the
IPv4 address, and say that succeeds, but TLS is enabled and the TLS
handshake fails. Then we try the IPv6 address and receive ENETUNREACH
because IPv6 isn't supported. We wind up returning NETWORK_UNREACHABLE
even though the address can be pinged and a TLS error would be more
appropriate. So instead, we now try to return the error corresponding
to the latest attempted GSocketClientEvent in the connection process.
TLS errors take precedence over proxy errors, which take precedence
over connect() errors, which take precedence over DNS errors.

In writing this commit, I made several mistakes that were caught by
proxy-test.c, which tests using GSocketClient to make a proxy
connection. So although adding a new test to ensure we get the
best-possible error would be awkward, at least we have some test
coverage for the code that helped avoid introducing bugs.

Fixes #2211
2020-10-09 10:50:22 -05:00
Michael Catanzaro
14f7b5e590 gsocketclient: Crash on error if error is missing
We should never return unknown errors to the application. This would be
a glib bug.

I don't think it's currently possible to hit these cases, so asserts
should be OK. For this to happen, either (a) a GSocketAddressEnumerator
would have to return NULL on its first enumeration, without returning an
error, or (b) there would have to be a bug in our GSocketClient logic.
Either way, if such a bug were to exist, it would be better to surface
it rather than hide it.

These changes are actually going to be effectively undone in a
subsequent commit, as I'm refactoring the error handling, but the commit
history is a bit nicer with two separate commits, so let's go with two.
2020-10-09 10:50:22 -05:00
Michael Catanzaro
f0a7b14780 gsocketclient: emit RESOLVING/RESOLVED events only once
GSocketAddressEnumerator encapsulates the details of how DNS happens, so
we don't have to think about it. But we may have taken encapsulation a
bit too far, here. Usually, we resolve a domain name to a list of IPv4
and IPv6 addresses. Then we go through each address in the list and try
to connect to it. Name resolution happens exactly once, at the start.
It doesn't happen each time we enumerate the enumerator. In theory, it
*could*, because we've designed these APIs to be agnostic of underlying
implementation details like DNS and network protocols. But in practice,
we know that's not really what's happening. It's weird to say that we
are RESOLVING what we know to be the same name multiple times. Behind
the scenes, we're not doing that.

This also fixes #1994, where enumeration can end with a RESOLVING event,
even though this is supposed to be the first event rather than the last.
I thought this would be hard to fix, even requiring new public API in
GSocketAddressEnumerator to peek ahead to see if the next enumeration is
going to return NULL. Then I decided we should just fake it: always emit
both RESOLVING and RESOLVED at the same time right after each
enumeration. Finally, I realized we can emit them at the correct time if
we simply assume resolving only happens the first time. This seems like
the most elegant of the possible solutions.

Now, this is a behavior change, and arguably an API break, but it should
align better with reasonable expectations of how GSocketClientEvent
ought to work. I don't expect it to break anything besides tests that
check which order GSocketClientEvent events are emitted in. (Currently,
libsoup has such tests, which will need to be updated.) Ideally we would
have GLib-level tests as well, but in a concession to pragmatism, it's a
lot easier to keep network tests in libsoup.
2020-10-09 10:50:22 -05:00