Derrick Brashear [Tue, 30 Aug 2011 05:18:37 +0000 (01:18 -0400)]
redhat: mockbuild updates for repoquery
for starters, mock should be careful not to use parent yum cache
when running repoquery, the host runs it, we want the guests's
yum cache. be careful to not attempt to use the parent's yum cache
(in the default config).
additionally, we need to not try to build 64 bit kernel modules in
32 bit chroots. expand the list of rpms while ejecting any which are
64 bit if we're 32.
additionally, blacklist kernels which are the wrong osver.
Michael Meffie [Fri, 12 Aug 2011 18:29:48 +0000 (14:29 -0400)]
xstat: cm xstat time values are 32 bit
The kernel space cm xstat time structures are implemented as 32
bit values in memory and on the wire. Define the client side
xstat userspace structures as 32 bit time values as well to avoid
size mismatches on systems with native 64 bit time values.
Jeffrey Altman [Sun, 28 Aug 2011 16:03:53 +0000 (12:03 -0400)]
Windows: afslogon network provider debug registry value
create a new TransarcAFSDaemon\NetworkProvider "Debug" value
to be used for activating the network provider debugging.
The overlapping use of TransarcAFSDaemon\Parameters "TraceOption"
is just too confusing.
Jeffrey Altman [Fri, 26 Aug 2011 17:57:15 +0000 (13:57 -0400)]
Windows: afslogon.dll is not a file system interface
Do not return a file system network type that corresponds
to a real file system inter since afslogon is in fact not
associated with a file system interface. We can't return
WNNC_NET_NONE (0) because that prevents NPLogonNotify()
from being executed. However, if we return an in use
file system value that can confuse the system when the
actual file system's network provider is also installed.
Jeffrey Altman [Fri, 26 Aug 2011 13:36:04 +0000 (09:36 -0400)]
Windows: torture error reporting
When LeaveThread() is called and GetLastError() has already
been called, pass the last error value to LeaveThread(). Otherwise,
the GetLastError() call in LeaveThread() may return an inaccurrate
result.
Garrett Wollman [Tue, 9 Aug 2011 03:59:17 +0000 (23:59 -0400)]
libafs: crash in a more useful way if nchunks is zero
In afs_CacheStoreDCaches(), if the parameter nchunks is zero, the
main loop will not execute, leaving the XSTATS pointer unchanged,
which will result in a null dereference in XSTATS_END_TIME. Instead
assert that nchunks is nonzero, which will help the static analyzer
and will also generate a more useful panic message should this
error ever be encountered in operation.
There is presently only one call site, and it may be the case that this
condition can never be triggered.
(While in the neighborhood, also avoid dereferencing tdc immediately
before testing whether it is null.)
Garrett Wollman [Thu, 11 Aug 2011 01:52:44 +0000 (21:52 -0400)]
libafs: FillStoreStats doesn't need to be global; avoid pass-by-pointer
FillStoreStats is only used in afs_fetchstore.c, so make it static.
Parameter xferStartTime is an osi_timeval, which should be small
enough to pass by value, so do so.
Andrew Deason [Wed, 24 Aug 2011 17:48:19 +0000 (12:48 -0500)]
ihandle: Fix IH_REALLYCLOSE for positional I/O
Currently, ih_fdclose (which is called by IH_REALLYCLOSE), goes
through every FD_HANDLE_OPEN FdHandle_t and closes it. If it finds
handles that are FD_HANDLE_INUSE, it skips those and sets a flag on
the parent IHandle_t. For non-positional I/O, any future opens cannot
use these _INUSE handles, since _INUSE handles cannot be reused, and
the handle will be actually closed when it is FDH_CLOSE'd.
For positional I/O, the situation is different. Multiple threads can
use the same _INUSE FdHandle_t, and so there is nothing currently
stopping a thread from IH_OPEN'ing an ihandle that has been
IH_REALLYCLOSE'd, and getting back an FdHandle_t that existed before
the IH_REALLYCLOSE was issued. This is important, since IH_REALLYCLOSE
is used on files that are deleted, and future IH_OPENs for the same
inode must not use the cached file descriptor. Getting this wrong can
cause data loss, since it can cause us to read from or write to a file
descriptor referring to a deleted file, when we instead should open a
new copy of that file.
To fix this, we create a new FdHandle_t state called
FD_HANDLE_CLOSING, which is set in IH_REALLYCLOSE if we encounter an
FD_HANDLE_INUSE FdHandle_t. In IH_OPEN, we always skip
FD_HANDLE_CLOSING handles, so we can never get back a cached file
descriptor from before an IH_REALLYCLOSE call.
Andrew Deason [Wed, 24 Aug 2011 17:30:00 +0000 (12:30 -0500)]
ihandle: Actually assert active fdPs are not AVAIL
FdHandle_t's that are on the linked list for an associated IHandle_t
should not be in the state FD_HANDLE_AVAIL. For the non-PIO case, we
assert that this is the case in ih_open (since we assert that if the
FdHandle_t is not in INUSE state, then it must be in OPEN state).
However, for the PIO case, we were just skipping over any FdHandle_t's
that were in the AVAIL state. These should never exist while on that
linked list, so assert for the PIO case, as well.
In the absence of bugs, there is no functional change here, but it
perhaps makes the ih_open loop easier to understand.
Matt Benjamin [Wed, 24 Aug 2011 20:23:37 +0000 (16:23 -0400)]
LINUX vcache lock ordering in afs_linux_readdir
Normalize shared and exclusive lock operations. Take the lock
exclusive immediately, since the code assumes a write lock if
the vcache state is in flux or the entry is being fetched, releasing
-write- rather than shared, since we do not hold a shared lock.
Jeffrey Altman [Tue, 23 Aug 2011 20:02:28 +0000 (16:02 -0400)]
Windows: change buf_Find*() signature to accept cm_fid_t
The buf_Find*() functions require a cm_fid_t to match with the
cm_buf_t objects not a cm_scache_t. Change the signature so
that the cm_scache_t is not required. It should be possible to
search for a buffer even if the cm_scache_t is not present in
the cache.
Jeffrey Altman [Fri, 19 Aug 2011 01:57:12 +0000 (21:57 -0400)]
Windows: be explicit when mapping sharing violation
Only one lock acquistion failure should be mapping to
CM_ERROR_SHARING_VIOLATION. That is CM_ERROR_LOCK_NOT_GRANTED.
Make it clear that is what we are doing.
Jeffrey Altman [Fri, 19 Aug 2011 01:53:45 +0000 (21:53 -0400)]
Windows: Track file server lock count
The fsLockCount field is the lock count reported by the
file server as part of the status info. Lock acquisition
and releasing does not obtain new status info but we can
estimate what the lock count is by tracking it ourselves
for each of our successful RXAFS_SetLock and RXAFS_ReleaseLock
RPCs and failed RXAFS_ExtendLock RPCs.
Jeffrey Altman [Tue, 9 Aug 2011 18:26:33 +0000 (14:26 -0400)]
Windows: avoid duplicate volume update queries
If multiple volume update queries have stacked up in
cm_UpdateVolumeLocation() and the active query failed,
do not re-issued the blocked queries. Instead, prevent new
queries for 60 seconds and fail those that blocked during
the active query.
Marc Dionne [Sun, 21 Aug 2011 16:02:29 +0000 (12:02 -0400)]
dir: verified pathnames fallout
Fix some issues introduced with the verified directory path names
commit in master:
- In GetVerifiedBlob, the output parameter is set to NULL on entry
and dereferenced later on.
- For Linux, the code in afs_linux_readdir was changed to pass a
DirEntry to GetVerifiedBlob. This is incorrect, the function still
expects a DirBuffer pointer.
- In afs_dir_IsEmpty, the assignment of ep was removed, leaving
the function to dereference this pointer which was never set.
doc: generate admin ref from the pod documentation
a bit convoluted but this generates docbook from the pod documentation and
from that pdf, epub and mobi versions. we are using variablelist.as.block
since that looks prettier on smaller devices/screen.
Don't fail to build documentation if kindlegen doesn't exist
Check for kindlegen in configure and do nothing in the MOBI build
rule if the binary didn't exist.
This is still a bit of a hack since the rule will run with every
invocation of make. The target needs to be made conditional. But
at least this way make all in the documentation directory doesn't
fail.
Garrett Wollman [Sat, 13 Aug 2011 22:34:47 +0000 (18:34 -0400)]
libafs: don't crash if afs_write() is called with zero-length uio
If AFS_UIO_RESID(auio) is zero in afs_write(), we could end up
calling afsio_free(NULL). Guard the free. (In the alternative,
perhaps we should just osi_Assert(totalLength > 0) instead?)
Change-Id: Ic218f039e2034b679cb4817a543af2e8307f36f8 Found-by: clang static analyzer with the help of AFS_NONNULL
Reviewed-on: http://gerrit.openafs.org/5259 Tested-by: BuildBot <buildbot@rampaginggeek.com> Reviewed-by: Derrick Brashear <shadow@dementix.org>
docbook2pdf, at least in version 0.6.14-1.1 in Debian, dies while
attempting to build the Admin Guide with an error about TeX capacity
exceeded. dblatex seems to work reliably. If both are installed,
prefer dblatex to docbook2pdf.
Derrick Brashear [Mon, 15 Aug 2011 16:17:06 +0000 (12:17 -0400)]
macos: fix race in afs_root
same race on PutVCache in afs_root as we had on other platforms,
for instance FreeBSD. use a local variable instead to avoid the race.
additionally, make sure we end up with the root flagged VROOT.
Simon Wilkinson [Mon, 15 Aug 2011 09:25:27 +0000 (10:25 +0100)]
rpm: Update CellServDB
The commit (a5d66d05fa0308d505de8bde59442e29be9d04f8) which updated
our in-tree copies of the CellServDB for the 14th August release
failed to update the copy that's referenced from the rpm spec file.
Update the filename used here so that rpms also get to have an
up to date CellServDB
Jeffrey Altman [Mon, 15 Aug 2011 04:23:57 +0000 (00:23 -0400)]
Windows: Save Wix config at start if possible
Save the current configuration at the start of the install
process so the user can be presented with a dialog prior
to installation asking whether the existing or saved
configuration should be used or whether a new configuration
should be created.
Garrett Wollman [Sat, 13 Aug 2011 22:51:02 +0000 (18:51 -0400)]
libafs: don't call afs_PutDCache(NULL) in afs_GetDownD()
It's possible for an eviction candidate to be omitted by the small
for loop (around line 670), leaving its reference in victimDCs
set to NULL. In the big for loop that follows, don't call
afs_PutDCache() when we hit one.
Change-Id: Ib0891636a3479bf97cdeab823189e659cb261aa6 Found-by: clang static analyzer with help from AFS_NONNULL
Reviewed-on: http://gerrit.openafs.org/5260 Tested-by: BuildBot <buildbot@rampaginggeek.com> Reviewed-by: Derrick Brashear <shadow@dementix.org>
Garrett Wollman [Sat, 13 Aug 2011 23:01:26 +0000 (19:01 -0400)]
libafs: don't free a null pointer in an unlikely error condition
It is extremely unlikely that we will ever fail to allocate two
bytes in SRXAFSCB_GetCellServDB() to hold the empty-string return
value for the case where the specified cell can't be found. But
that would result in freeing a null pointer, so check for it.
Change-Id: I47a296148e231b0ef20ecd18b8458b912f22a58c Found-by: clang static analyzer with the help of AFS_NONNULL
Reviewed-on: http://gerrit.openafs.org/5261 Tested-by: BuildBot <buildbot@rampaginggeek.com> Reviewed-by: Derrick Brashear <shadow@dementix.org>
Garrett Wollman [Sat, 13 Aug 2011 23:12:50 +0000 (19:12 -0400)]
libafs: don't free the NULL we get from a failed allocation
In extractPioctlToken(), if we fail to allocate space for
token_opaque_val, don't immediately pass the null pointer
to osi_Free on the error exit path.
Change-Id: Ic95e178cfbc1b1bbcb18701c0bbd5221426342ee Found-by: clang static analyzer with help from AFS_NONNULL
Reviewed-on: http://gerrit.openafs.org/5262 Tested-by: BuildBot <buildbot@rampaginggeek.com> Reviewed-by: Derrick Brashear <shadow@dementix.org>
Jeffrey Altman [Sat, 13 Aug 2011 18:35:53 +0000 (14:35 -0400)]
Windows: Insert Server Reference List changes
When inserting a new cm_serverRef_t object into a server list
perform the following operations:
1. take advantage of the fact that the cm_serverLock is held
exclusively to purge the list of any deleted entries that
could not be removed previously.
2. check to ensure that the item that is being added does not
already exist in the list. If it does, discard it.
Jeffrey Altman [Fri, 12 Aug 2011 23:02:48 +0000 (19:02 -0400)]
Windows: Fix cm_serverRef ref counts
Use Interlocked operations consistently
Simplify cm_ServerInsertList(). It no longer increments the
refCount on the serverRef object. Instead it leaves the refCount
as is. Its the caller's responsibility to add a reference if
required.
Add reference counts and hold locks in places where the
volume server list was used unprotected.
Simon Wilkinson [Sat, 16 Jul 2011 21:59:12 +0000 (22:59 +0100)]
dir: Protect against circular hash chains
The dir package didn't protect against circular hash chains when
performing directory lookups. A corrupt directory could therefore
cause a client or a fileserver to go into an endless loop if that
directory contained a loop in its hash chain pointers.
Fix this by exiting the lookup if the hash chain has more elements
than the total number of entries in a directory. This maximum number
of entries is taken as being (number of entries per page) * (max
number of pages), which is considerably more than the real maximum
value.
Simon Wilkinson [Sat, 16 Jul 2011 21:57:55 +0000 (22:57 +0100)]
libafs/dir: Verify directory pathnames
Provide a new routine, afs_dir_GetVerifiedBlob() which will ensure
that the pathname contained within a directory blob is correctly
terminated before returning it to the caller. For the purposes of this
function, correct termination is defined as having a terminating
\0 character within the same directory page as the blob itself.
Garrett Wollman [Thu, 11 Aug 2011 03:20:57 +0000 (23:20 -0400)]
rx: make queue macros easier to follow
Nothing depends on the queue-manipulation macros having the expression
nature, so make them proper statements and unpack the comma-expressions
to make it easier to read and understand how they work. This should
not change the object code.
Jeffrey Altman [Sun, 7 Aug 2011 18:11:17 +0000 (14:11 -0400)]
Windows: make osi_Log macro safe for if..else
wrap the osi_Log macro's internal if statement with
a do {...} while(0) block in order to ensure that
it is safe for use in if..else controls without bracing.
Garrett Wollman [Thu, 11 Aug 2011 01:21:40 +0000 (21:21 -0400)]
stds.h: __nonnull__ has four underscores
Compile-testing AFS_NONNULL doesn't prove anything until something
actually uses it. Fix 342be3535499c5ecd7d34b4edd43a4655559cb28
to use the spelling that the compilers actually support.
Garrett Wollman [Wed, 10 Aug 2011 04:18:28 +0000 (00:18 -0400)]
FBSD: catch up with the disappearance of VOP_GETVOBJECT
The vnode operation VOP_GETVOBJECT disappeared in FreeBSD 6.0, an
embarrassingly long time ago. Six years ago, a kluge was added
to emulate its behavior, but it did not correctly emulate the
return value of the old VOP implementation. As a result,
osi_VM_StoreAllSegments() could never actually do anything. Since we
don't support FreeBSD before 8.0, remove all references to VOP_GETVOBJECT
and examine vp->v_object directly instead.
This has the result that osi_VM_StoreAllSegments() will actually do
something now, which may not be desirable. (Previously, if somehow
the vnode had no associated VM object, it would crash, and otherwise
it would do nothing at all.)
Garrett Wollman [Wed, 10 Aug 2011 03:50:09 +0000 (23:50 -0400)]
stds.h: introduce AFS_NONNULL
AFS_NONNULL wraps the GCC/Clang function attribute __nonnull__, which
tells the compiler and the static analyzer that the pointer arguments
to a function (or specific ones, if provided) cannot be null. Note
that GCC has only limited support for warning about violations of these
constraints.
Andrew Deason [Wed, 10 Aug 2011 15:23:40 +0000 (10:23 -0500)]
volinfo: Include nfs.h
nfs.h is required for various types used in vol-info.c. Include it. On
namei this header gets pulled in indirectly via other means, but on
inode it does not (and we shouldn't be relying on such anyway).
Simon Wilkinson [Wed, 27 Jul 2011 10:30:51 +0000 (11:30 +0100)]
pts: Add the -config option
Add the -config option to all pts commands, so that the user can set
the location of the configuration directory to use. This is primarily
provided for testing purposes, to make it simpler to build fake AFS
cells with configuration in non-standard locations.
Garrett Wollman [Tue, 9 Aug 2011 03:19:22 +0000 (23:19 -0400)]
dir/vol: Die() really does
Die() is an abort routine shared by the dir and vol modules. Move its
prototype into dir.h to ensure that its declaration matches its three
different definitions, and add an AFS_NORETURN annotation so that the
static analyzer knows that it aborts.
Garrett Wollman [Tue, 9 Aug 2011 02:49:24 +0000 (22:49 -0400)]
vos: eliminate unnecessary global variables
tserver is used by three different functions but not shared by them;
make it private to each one to improve static analysis. tconn is
not used by anything, so just delete it.
Garrett Wollman [Tue, 9 Aug 2011 01:41:57 +0000 (21:41 -0400)]
volser: let it be known that Abort() really aborts
The compiler and static checkers can do a better job if they know that
certain functions never return. Tell it that common.c:Abort() is such
a function. While we're at it, let volser_internal.h provide the
declarations for this function (Log() was already there). This makes
volser parallel to the way the same functions are declared in vol.
Garrett Wollman [Tue, 9 Aug 2011 01:18:15 +0000 (21:18 -0400)]
kdb: don't dereference a null pointer on corrupt database
When iterating through the database, kdb would dereference a
null pointer if it encountered an error retrieving the value
or if the value was not the right length, in code that was clearly
cut-and-pasted from the other branch of an "if" statement where a
specific entry was requested on the command line. Print the name
of the entry with the problem as was apparently intended.
Garrett Wollman [Sun, 7 Aug 2011 04:09:33 +0000 (00:09 -0400)]
afs_pioctl: don't use cell uninitialized in PGetTokens2
An unlikely error condition could lead to the variable cell in
PGetTokens2 being passed uninitialized to afs_PutCell. Initialize
it to NULL beforehand to avoid this.
in the new lwp/pthread/shared universe, well, we have the
opportunity to be correct. and we chose to do it entirely wrong.
we're building a shared object. use the right rules. we need
to add some CFLAGS for PAM. do that using MODULE_CFLAGS instead
of just building a whole new CCRULE
don't define variables on platforms we won't use them on
do prototype functions we call. basically, we compile with warnings
enabled now, so, fix everything so we *can*.
Garrett Wollman [Sun, 7 Aug 2011 03:49:10 +0000 (23:49 -0400)]
butc: avoid testing stack garbage; remove dead initializer
"code" is unconditionally set early in saveDbToTape() so there's
no need to initialize it. On the other hand, dumpEntry.id is used
before dumpEntry is initialized, so set it to what appears to be
the expected value before any non-local exits could cause it to be
inspected.
Garrett Wollman [Sun, 7 Aug 2011 03:36:14 +0000 (23:36 -0400)]
butc: initialize startTime before it is used
In some unusual error situations, startTime may be used uninitialized.
Move the initialization up above the first such error condition.
(None of the intervening code can take measurably long to execute
so this should not make any difference in the non-error case.)
Garrett Wollman [Sun, 7 Aug 2011 03:15:14 +0000 (23:15 -0400)]
vos: don't free stack garbage on error
If wantExtendedInfo is true, then pntr is used uninitialized.
In the other case, UV_ListVolumes will have set it to NULL
before doing anything (even if it returns an error), so this
free() is dead anyway.
Simon Wilkinson [Wed, 3 Aug 2011 18:08:20 +0000 (19:08 +0100)]
libafsauthent: Add volser and vldb
Add the volser and vldb families of functions to libafsauthent. This
allows applications such as per-AFS which are building pthreaded clients
to use a single library, rather than trying to mix LWP and pthreaded
code within the same process.
Simon Wilkinson [Wed, 3 Aug 2011 17:45:01 +0000 (18:45 +0100)]
volser doesn't depend on tviced, but on vlserver
Nothing within the volser/ directory depends on tviced, so remove the
unecessary dependency. Add an explicit dependency on vlserver, so that
libvldb is available to us.
This is required to get rid of some potential circular loops when we
start including volser objects in libafsauthent
Jeffrey Altman [Thu, 4 Aug 2011 21:25:01 +0000 (17:25 -0400)]
Windows: adjust scache LRU postion upon deletion
If the object represented by a scache object is deleted,
update the LRU position of the scache object to make it
the first object in the LRU queue to be recycled. This
preserves the cached objects for those that might prove
useful in the future.
Instead of using malloc() and free() to allocation lock reference
structures, cache allocated objects in a free list. This reduces
memory fragmentation.
Jeffrey Altman [Thu, 4 Aug 2011 21:08:45 +0000 (17:08 -0400)]
Windows: after dir enum adjust dir scache LRU
During a directory enumeration the directory scache object
is reference counted so it can't be recycled. However, if
there are more directory entries than the maximum number
of cached scache objects the directory scache object will
end up being the next object to be recycled after the refcount
is dropped. Since the directory is clearly a hot object, before
dropping the reference, adjust the scache LRU position so that
it is the last object to be recycled.
Fix the variable name for the directory scache to be 'dscp'
for consistency.
projects / packages / o / openafs.git / log