Commit message (Collapse)AuthorAgeFilesLines
* kernel: Fix NULL dereference in ThreadTimeUserTimer::Schedule().hrev50759Michael Lotz2016-12-121-1/+1
The SpinLocker was always initialized to fThread->time_lock even though fThread may be NULL. This looks like a simple oversight as the rest of the method handles fThread being NULL and the team variants of these timers have very similar logic and do the NULL check as well. This fixes the last remaining KDL in the posixtestsuite.
* FreeBSD compat: Align allocations according to FreeBSD man page.hrev50755Michael Lotz2016-12-111-1/+8
According to the FreeBSD kernel malloc man page the allocator is expected to return power of two aligned addresses for allocations up to one page size. While it also states that this shouldn't be relied upon, at least our (directly copied) bus_dmamem_alloc expects it and drivers may depend on it as well. Looking through the FreeBSD commit logs, this expectation seems to be rooted quite deeply. This fixes watchdog timeouts in the ipro1000 driver under KVM and may help with #11953. It might also be related to #9099 and #9601 as those seem memory allocation related as well.
* ioapic: Fix 64 bit build with tracing enabled, some cleanup.hrev50147Michael Lotz2016-03-121-15/+17
| | | | | | | * Use print format macros to fix the 64 bit build. * Correct a typo in the shift of the trigger mode definition. As the value is 0 either way, this does not make a functional difference. * Use macros instead of values in comparisons.
* usb_ecm: Use the current configuration instead of a fixed one.hrev50146Michael Lotz2016-03-121-5/+5
| | | | | | This allows usb_ecm to work in case it is part of a device using different configurations for different types of interfaces and ECM is not the first configuration.
* USB: Force spec mandated control pipe max packet sizes.Michael Lotz2016-03-122-0/+37
| | | | | | | | | | While the USB descriptors are specifically built in such a way that it's always possible to correctly query the max packet size, some devices unfortunatley use bogus values in their descriptors and rely on the stack to use the mandated values. This fixes USB devices in VirtualBox when EHCI emulation is used. This really is a bug in their descriptor emulation though.
* EHCI: Current qtd field in qh overlay has no terminate bit.Michael Lotz2016-03-121-3/+2
| | | | | | Don't initialize the current qtd field with the terminate bit as it does not exist in this field. While the lower 5 bits are documented as being ignored anyway, this is more correct. Should cause no functional change.
* EHCI: Fix alignment check, the mask wasn't wide enough.Michael Lotz2016-03-121-1/+1
| | | | | As this is only an assert that shouldn't ever be triggered, this doesn't change anything in normal operation.
* EHCI: Style cleanup only, no functional change.Michael Lotz2016-03-121-32/+31
Change < B_OK to != B_OK for status_t results and to < 0 for ids.
* runtime_loader: Resync heap impl with the one of the bootloader.hrev49944Michael Lotz2015-12-271-209/+277
| | | | | | | | | | | | | | | | | | The heap implementation of the runtime_loader was switched to the one of the bootloader in 6f0994d but was since updated independently. To keep the diff between the two implementations as small as possible, the bootloader implementation was first copied to the runtime_loader and then some features not relevant in the runtime_loader (like the special large allocation handling) have been removed and the runtime_loader specific features (grow_heap, add_area) have been reintegrated. But basically this applies 96689a5..HEAD of src/system/boot/loader/heap.cpp to the runtime_loader heap. This brings in the switch from a linked list to a splay tree based free chunk management. Since the allocation counts in the runtime_loader are rather small, this does not perceptibly affect performance in either direction though.
* runtime_loader: Fix endless rld heap grow loop in edge case.Michael Lotz2015-12-271-1/+1
The needed storage space for tracking the allocation size was not accounted for when growing the heap. Since the growth size is always rounded up to a multiple of 32KiB, this did almost never matter as the new allocation wouldn't need the full size. If the allocation did happen to need the full size however, the newly added area would always be too small. As the allocation attempt was simply restarted after each successful growth, this lead to an endless loop creating small new areas, which would then quickly starve the system for memory.
* BPathMonitor: Fix locking order reversal introduced in 8599f4b.hrev49798Michael Lotz2015-11-091-22/+8
The sLocker was used as an outer lock with the sLooper locked within. The sLocker therefore can't be used within MessageReceived() as that could lead to deadlocks due to reversal of the locking order. Instead of two locks, just use locking the looper for all serialization. While this has a higher overhead to using a BLocker (due to the looper list locking and lookups) this shouldn't be too problematic.
* vfs: Cleanup: Move functions around for more logical grouping.hrev49787Michael Lotz2015-11-081-93/+93
| | | | | Move static internal functions out of the API functions block and drop their vfs_ prefix and move an API function into the API functions block.
* kernel: Use anonymous namespaces to avoid type collisions.Michael Lotz2015-11-0815-81/+154
The anonymous namespace makes type definitions local to the translation unit (like static does for objects). For pretty much any type not shared across multiple files this is what one wants to happen (and might erroneously expect to happen automatically). This commit solves some actual collisions that were present: * The VFS and the rootfs both used an incompatible VnodeHash struct for their BOpenHashTable. * XSI semaphores and message queues both used queued_thread, Ipc and IpcHashTableDefinition. For release builds these did not cause problems as the types were fully inlined. Debug builds would crash at boot however because parts of a BOpenHashTable<VnodeHash> from the rootfs meant to operate on struct rootfs_vnode would be applied to one from the VFS expecting struct vnode. As such collisions are violations of the one definition rule, the code is at fault and unfortunatley the compiler isn't required to diagnose such problems across translation units (which isn't actually trivial). This can lead to subtle and hard to debug problems and it's therefore best to avoid leaking types into the global namespace whenever possible.
* BPathMonitor: Remove unused headers, some whitespace cleanup.hrev49756Michael Lotz2015-11-071-7/+3
* BPathMonitor: Lock on incoming node monitor messages.Michael Lotz2015-11-071-0/+1
The lock was only acquired when paths to watch were added or removed, protecting the data structures against concurrent modification due to addition/removal of entries by the API user. Locking is also required for node monitor messages since these can trigger the data structures to be modified (due to recursive watching and new directories becoming available or due to resyncing of modified ancestor chains). Previously it was possible to corrupt the data structures when node monitor messages were received while still starting to watch a directory structure. This was especially likely in the case of watching devfs directories, as accessing these can trigger device scanning which in turn could possibly add new device entries. Either the path monitor looper or the API user would then trip over the corrupted data structures. Probably fixes #11280. Although I was only able to reproduce crashes on the API side, corruption of the hash tables and corresponding endless loops are quite plausible. Possibly also fixes #12412 if the input_server was in the process of starting to watch entries. It's hard to tell due to the lack of a back trace but would fit the crashes I was able to reproduce with a synthetic test case.
* BLocker: Make misuse warning more useful.hrev49751Michael Lotz2015-11-031-3/+7
| | | | | | | | Also print the locker sem (for manual name lookup) and the involved threads. It was also missing the line terminator which messed up the following output. Also fix a typo in a comment.
* BLocker: Fix recursive count for "unusual" use cases.Michael Lotz2015-11-031-2/+5
| | | | | | | | | | | | | | | | | | | | | | | | | Since a BLocker can be unlocked from other threads than the one holding the lock, it can also be further unlocked even when already unlocked. This caused the recursive count to become negative. The first lock then needs to reinitialize the count to 1 for the lock balance to work again. Just incrementing the negative recursive count lead to it never counting back down from one to zero in the unlock case, which made the BLocker impossible to unlock. This makes the Haiku BLocker behave exactly like the BeOS one, including the negative recursive count and reinitialization, as evidenced by its debugging features showing the internal counts. Alternatively to reinitializing the recursive count it could be prevented from going below zero in the first place, but I don't see why we should deviate from BeOS there while allowing its awkward unlock behaviour. This makes some more exotic use cases work like the BGLView <-> SDL combination that previously would always just hang. While these abuses should be reviewed/corrected, just hanging the BLocker doesn't seem useful.
* listsem: Clean up format strings to use format macros.Michael Lotz2015-11-031-5/+8
Fixes printing values on x86_64.
* Update fifechan package to include non 32 bit screen mode fixes.hrev49741Michael Lotz2015-10-312-4/+4
* Update libsdl packages to include 24 bit screen mode fixes.hrev49730Michael Lotz2015-10-273-8/+9
* Add package for Unknown Horizons and dependencies for x86[_64].hrev49721Michael Lotz2015-10-252-0/+33
While the game is pure python and packaged for any architecture, the engine (FIFE) is C++ with python binding via swig, making the game only installable on x86 and x86_64. We'd need to provide a python_x86 to support secondary architecture python modules.
* Add sdl_{gfx|image|mixer|net|sound|ttf}, dependencies for x86.hrev49711Michael Lotz2015-10-191-0/+33
* Add boost packages for x86.hrev49710Michael Lotz2015-10-191-0/+25
* BPicture: Fix archive constructor on 64 bit.hrev49621Michael Lotz2015-09-051-13/+10
| | | | | | | | The int32 was cast to a ssize_t which has a different size on 64 bit, therefore clobbering the stack. Also remove the use of basic type references in arguments, which probably was the reason for doing the above in the first place.
* Various whitespace cleanup only.hrev49620Michael Lotz2015-09-055-23/+23
* BPicture: Fix archive constructor.Michael Lotz2015-09-051-1/+1
| | | | | | | | | | | The cleanup commit df48d3f9a839a18e16b3d7036935bef621b4fbb6 broke constructing a BPicture from an archive due to an incomplete rename. The passed in BMessage was used as the data buffer instead of the extracted data field. Fixes the application side crash of #12340. Seeing how long this was broken without anyone noticing, the feature doesn't seem to be very popular.
* app_server: Port ServerPicture to the new PicturePlayer API.Michael Lotz2015-09-051-248/+177
| | | | | | This allows for bounds checks on strings and bitmap data to avoid crashing due to corrupted user data. It also avoids copying the data where possible.
* PicturePlayer: Rework to be more safe against corrupted data.Michael Lotz2015-09-052-247/+949
This introduces a more sane API (currently private) that allows for safer and possibly more efficient implementations: * It uses a struct of named and typed function pointers instead of just a void pointer array. This adds type safety to the callbacks so the compiler can figure out if things match up before subtle bugs get introduced. * It provides bounds for all strings/buffers passed to the callbacks. * It uses const references instead of implicitly copying arguments. * It folds stroke_x/fill_x pairs into draw_x functions with a fill argument to reduce the amount of functions needed. * It uses unsigned values where negative values make no sense. The old API has been implemented on top of the new one using adapter functions. It makes copies of all data passed to the callbacks which effectively keeps the picture data from being modified. This matches with the R5 behaviour. This also reimplements the buffer parsing to be safe against corrupted data by validating that the types actually fit in the provided sizes and buffers (using a templated reader). Since this class is used from the app_server with user provided data, making it more safe is important even though it comes with a slight overhead (replicating R5 behaviour, i.e. crashing the app_server when corrupted data is fed, doesn't seem very appropriate here).
* Update haikuwebkit packages to 1.4.12 on x86[_(gcc2|64)].hrev49606Michael Lotz2015-08-303-6/+6
* ahci: Replace use of bit field with shifts and masks.hrev49602Michael Lotz2015-08-302-27/+35
| | | | | | It's a 32 bit register which needs properly aligned 32 bit writes. Using a bit field does not guarantee that, so replace it with shifts and masks. Should fix #12338.
* ahci: Whitespace and line length cleanup only.Michael Lotz2015-08-301-64/+69
* Add system_time to the Jamfile, missed in hrev49598.hrev49599Michael Lotz2015-08-291-0/+1
* Add script that prints the uptime after waiting for all servers.hrev49598Michael Lotz2015-08-291-0/+34
| | | | | | | | It waits for the message port of each application to become available using waitfor and then waits for the application to actually reply using hey. This establishes the criterion of the boot process being complete as "all servers (and Tracker & Deskbar) are started and respond to messages".
* Add system_time bin command which just prints system_time().Michael Lotz2015-08-292-1/+20
This can be used by scripts to do verious performance measurements. Specifically it can be used to measure the boot time since it represents the uptime.
* BMessage: Fix precedence of KMessage vs. size check.hrev49595Michael Lotz2015-08-291-7/+7
| | | | | | | | A KMessage request always needs to be honoured, regardless of the data size. KMessage does not currently protect against messages that are too large, but this needs to be solved in KMessage when it becomes a problem.
* keystore_server: Fix crash on request window close.hrev49594Michael Lotz2015-08-294-0/+20
| | | | | The outside waiting mechanism is responsible for quitting the dialog so prevent it from quitting itself.
* keystore_server: Use B_CLOSE_ON_ESCAPE in request dialogs.Michael Lotz2015-08-294-34/+4
| | | | Instead of doing it manually.
* keystore_server: Resize request windows to preferred size.Michael Lotz2015-08-292-2/+4
Long application signatures and paths could previously take up too much space, causing the buttons to be cut off or become completely invisible. Actually fixes #11367.
* launch_daemon: Create/inject ports on launch instead of upfront.hrev49591Michael Lotz2015-08-282-52/+87
| | | | | | | | | | | | | | | | | | | | | The application is now launched suspended and the ports are created and transferred to the launched team before its main thread is resumed. The ports are therefore owned by the launched team instead of the launch_daemon. This is important when sending messages by area, as the port owner is used to determine where the data area needs to be transferred to. This commit therefore fixes #12285. Note that it is still possible to get at the ports with find_port() while they are still owned by the launch_daemon. This should not be a problem however, as these ports are not supposed to be found this way but only through BLaunchRoster::GetData(), which is synchronized with the above process. Creating the ports in the launch_daemon still has the benefit of returning valid communication ports earlier, i.e. without having to wait for the launched application to actually become ready.
* BRoster: Add launchSuspended option to _LaunchApp().Michael Lotz2015-08-284-14/+30
It allows to launch the app, but keep its main thread suspended instead of automatically resuming it. Also add appThread argument which allows to retrieve the main thread of the launched team.
* launch_daemon: Delegate launch data replies to Job.hrev49583Michael Lotz2015-08-263-25/+107
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Previously the LaunchDaemon would send out its own team id when a given job was not yet launched, leading to invalid BMessengers once the port owner changed to the actually launched team. The launch of the target team and the launch data replies were also not synchronized, which could lead to the launched team getting a reply pointing to the launch_daemon when requesting data for itself. This is the case for the BRoster init of the registrar. The fix in hrev49561 therefore didn't always work, because the registrar would sometimes get the launch_daemon team id instead of the id of itself. It would later try talking to the launch_daemon, which obviously never replied, leading to #12237. The LaunchDaemon now delegates the launch data reply to the Job instead. The Job either replies directly, in case it has already been launched, or queues the reply for when the launch completes. This causes launch data requesters to block until the launch attempt is completed, but won't block the LaunchDaemon message loop. This commit introduces the seperate fLaunchStatus to properly handle the ambiguity of fTeam being < 0, which is the case for both, when no launch was attempted and when the launch failed. This new field now determines what IsLaunched() returns and how launch data replies are handled. The new launch status is additionally protected by the launch status lock, which will later probably be made broader in scope to protect against race conditions once service monitoring is implemented.
* BRoster: Apply no-registrar mode in a few more cases.Michael Lotz2015-08-261-2/+5
Avoids some more attempts at communicating with the registrar if the no-registrar flag has been set.
* launch_daemon: Remove extra quoting around env variables.hrev49573Michael Lotz2015-08-231-2/+1
| | | | | | | | | | The extra quotes aren't needed and cause problems when not parsed through a shell. For example LD_PRELOAD which is handled by the runtime_loader directly failed to work as there was no way to remove the extra single quotes. Note that quotes and single quotes can still be added to the variables through respective quoting in the driver settings syntax.
* libroot_debug: Replace two more uses of printf in guarded heap.hrev49572Michael Lotz2015-08-231-2/+2
| | | | | Use the internal print_stdout() instead as done when printing the stack traces.
* libroot_debug: Track freeing thread in guarded heap separatley.Michael Lotz2015-08-231-12/+18
| | | | | | | | | | Previously the thread member was overwritten with the freeing thread when a page was freed, leading to confusion when hitting unallocated pages due to the debugger message still stating "allocated by thread". Track the freeing thread separately as it might be interesting to know both, which thread initially allocated and which thread eventually freed an allocation.
* launch_daemon: Replace the remaining putenv() calls by setenv().hrev49571Michael Lotz2015-08-231-5/+2
* registrar: Use the safer strlcpy instead of strcpy.Michael Lotz2015-08-231-1/+1
* registrar: Fix race condition on MimeUpdateThread termination.hrev49570Michael Lotz2015-08-231-0/+3
| | | | | | | | | | | | | | | | | | When the MimeUpdateThread is done, it marks itself as finished and notifies the thread manager to clean up finished threads. Since multiple such threads might finish at the same time and trigger the cleanup notification, other threads that already marked themselves finished but haven't actually exited yet might already be deleted and removed. This would then lead to a use-after-free when they subsequently tried to send their own cleanup message. To solve the race condition, the thread manager will now wait for the thread to actually exit before cleaning it up. The introduction of the launch_daemon has made this race condition more likely due to more applications starting in parallel, each triggering a CreateAppMetaMimeThread which is a subclass of MimeUpdateThread. This commit might therefore fix #12237.
* registrar: Whitespace and style cleanup only.Michael Lotz2015-08-236-106/+116
Generally this code still looks horrible (both from a style and from a complexity point of view) and should eventually be reworked.
* launch_daemon: Add env vars from sourced files to correct list.hrev49567Michael Lotz2015-08-221-1/+1
The environment variables were always added to the static environment list instead of the one supplied as argument. This worked for targets, as there the scripts are evaluated before the static environment is used. For services and jobs this isn't the case, causing sourced environment variables to be missing.