Commit Graph

41242 Commits

Author SHA1 Message Date
Michael Lotz
97680106f0 Add a userland version of the guarded heap to libroot_debug.
The guarded heap uses mprotect() to protect freed/unallocated pages so
that any access to such a page results in a segfault. It also installs
a segfault handler that in such an event prints some info about the
accessed page and then calls the debugger with a meaningful message.

It implements the same interface as the debug heap so it can simply be
swapped out by changing the Jamfile. As it doesn't support most of the
extra debug features (wall checking is obviously superfluous, but it
also doesn't help in leak checking) and as it is hugely space
inefficient I left it disabled for now.
2011-12-07 00:40:47 +01:00
Michael Lotz
674e76845d Returning a string stored in a local BMessage doesn't work.
Instead use a BString object as return type that copies the string
so that it stays valid after return.
2011-12-07 00:26:07 +01:00
Michael Lotz
f28e19f5be Use the right value as id for the BTranslatorRoster call.
The loop counter was used as the id directly instead of using it as the
index into the translator_id array.
2011-12-07 00:21:21 +01:00
Michael Lotz
e6f323bb57 Strings owned by local stack objects can't be returned.
The BString is destroyed when the function returns and takes the
storage pointed to by BString::String() with it, so returning such a
pointer is bogus. Instead the return type is now a BString which takes
over ownership of the string.
2011-12-07 00:16:23 +01:00
Michael Lotz
f589e913a7 Fix end of range check to not read beyond the allocation.
The counter j is equal to fTeamCount if no matching team was found in
the team array. Therefore using it as an index into the team array was
invalid.
2011-12-07 00:10:17 +01:00
Michael Lotz
5e5eef0b5b Fix the page need calculation, it was possibly off by one. 2011-12-07 00:09:31 +01:00
Siarzhuk Zharski
02e8a1d136 Fix stdc++ linkage problem for setmime.
* Adding setmime was incorrect - the wrong [non-stdc++] section was
  used. Sorry.
2011-12-06 21:49:33 +01:00
Aleksas Pantechovskis
e9c0da3452 Haiku clone of the BeOS setmime tool added
* This tool was created and implemented in draft during GCI 2011
  by Aleksas Pantechovskis, <alexp.frl@gmail.com>;
* Later it was heavily refactored and optimized to Haiku Coding
  Standards by Siarzhuk Zharski;
* Icons support still missing;
* Thank you for the contribution, Aleksas!

Signed-off-by: Siarzhuk Zharski <zharik@gmx.li>
2011-12-06 20:55:53 +01:00
Michael Lotz
da3ce43440 Erase the entry only after its last use. CID 11042. 2011-12-06 20:00:48 +01:00
Michael Lotz
011002e5e4 Fix uses of member after deleting the object. CID 10535, 10534. 2011-12-06 19:37:46 +01:00
Michael Lotz
8eec72dcab Use safe length measure function and fix length usage.
* We may get non-terminated strings so we need to use the
  UTF8NextCharLen() version that works with a length. Previously we may
  have read beyond buffers, possibly leading to crashes.
* Also the length parameter is used as an actual length and not as
  buffer size. The length check was wrong before, which resulted in the
  function returning too early if an offset was supplied.
* Added a comment about the guaranteed 0 termination in one case.
* Minor cleanup.
2011-12-06 19:15:36 +01:00
Michael Lotz
9f65f3dd66 Rename variable so it is clear what is measured (bytes). 2011-12-06 19:13:26 +01:00
Michael Lotz
dd26f81c56 Add an UTF8NextCharLen() version that takes a string length.
This one works with non-terminated strings that we may need to handle.
It also validates that the sequence is valid UTF-8 so it results in
the same behaviour as the version that is used when converting to
codes (syncing the enumeration and drawing behaviour).
2011-12-06 19:09:56 +01:00
Michael Lotz
fb3c47ebad Fix passing non-terminated string to font functions.
The string that is built for hashing the escapements for missing
chars was not 0 terminated, leading to accesses past the string.
Depending on what followed an allocation that could lead to too long
strings being sent to the app_server for evaluation (where, due to
defensive, programming nothing bad would actually happen). In the
unfortunate case that nothing followed the allocation (i.e. end of
heap area), it could also lead to an application crash.

Therefore ensure 0 termination of the string, check for allocation
failure and use memcpy() instead of a for loop to copy the bytes from
one string to the other.
2011-12-06 15:46:36 +01:00
Michael Lotz
ded69b4c3a Only the to be protected range needs to be non-wired.
When setting memory protection, only ensure/wait for the range that
needs to be protected to not be wired instead of requiering the whole
area to be non-wired. The memory protection is done page wise and
having some parts of the area wired shouldn't preclude other parts to
be protected.
2011-12-06 15:39:56 +01:00
Michael Lotz
62bb375688 Restructure wait_for_thread_etc() to make it easier to follow.
* Avoid needless adding of the death entry if the sem is gone already.
* Delete objects as soon as they aren't needed anymore and return
  early where possible.
* Contain the thread == NULL case in its block and return from there as
  well instead of non-obviously figuring out what happened later.
* Pull out the return code asignment.
* Minor cleanup.
2011-12-06 02:30:17 +01:00
Michael Lotz
da329fc012 Add missing asignment of return code in wait_for_thread_etc().
While it was detected that the thread is in the destruction phase
and that it was necessary to wait and then have a valid status code
in the death entry, that status code wasn't actually returned. This
lead to uninitialized values for the return code even though
wait_for_thread[_etc]() would return B_OK.
2011-12-06 01:53:27 +01:00
Siarzhuk Zharski
7f4de88213 GLTeapot 3D model "teapot.data" is not needed anymore.
* 'teapot.data' was obsoleted by completing GCI 2011 task and should not
  be installed on the target systems.
2011-12-05 23:36:59 +01:00
Aleksas Pantechovskis
1bc51c2392 Teapot 3D model data moved to app resources
* GLTeapot 3D model data moved from the text file "teapot.data" into
  Application resources;
* Fixes #4934 and completes GCI 2011 task made by Aleksas Pantechovskis.
  Thanks for contribution!!!

Signed-off-by: Siarzhuk Zharski <zharik@gmx.li>
2011-12-05 22:35:20 +01:00
Humdinger
a2ef4fa88a Updated Finnish catkeys. 2011-12-05 15:20:24 +01:00
Niels Sascha Reedijk
496c0f946d Update catalogs from Pootle. 2011-12-05 09:26:19 +01:00
Michael Lotz
ebdb8247fd Move mutex initialization earlier, analogous to hrev43320.
Avoids crashing if the bus manager init fails. Also fixes CID 10846.
2011-12-05 03:00:24 +01:00
Michael Lotz
a395486027 Fix leaking the report items. CID 10880, 10881 and 10882. 2011-12-05 02:53:15 +01:00
Michael Lotz
500553860e Fix missing null check. CID 10937. 2011-12-05 02:37:35 +01:00
Michael Lotz
04c140226c Use the right form of delete. Fixes CID 11037. 2011-12-05 02:29:26 +01:00
Michael Lotz
ef2eaedc2e Account for full-/lowspeed errors and ensure an error is set.
For full- and lowspeed devices the unused ping status bit works as an
additional error bit (albeit it's so generic that it isn't really
useful). Include that bit when the error counter counts down to zero.

Also ensure that an error is returned if the error counter reaches
zero, but print a warning if none of the describing bits are set.
2011-12-05 01:42:23 +01:00
François Revol
30fc876c38 Only use PCI strings for x86 for now. On m68k at least those make the boot tgz exceed the floppy image size.
Maybe this should be moved to BuildSetup, or just discarded, they are only used for printing vendor names at boot...
2011-12-05 00:41:34 +01:00
Stephan Aßmus
80abc6322c Fall back to running test_registrar from the same directory.
As a last fall-back, try to launch the test_registrar from the same
directory as run_test_registrar. This makes launching the app_server
test environment from a volume without Query support work.
2011-12-04 22:13:12 +01:00
Michael Lotz
2872aba0a7 Fix missing reference to the old group with lock still held.
Removing the team from the group may have released the last reference
to the group and freed it. Since we still have a locker on that group
it would later crash on unlock, therefore we need a reference to the
old group before removing the team from it.
2011-12-04 20:14:24 +01:00
Michael Lotz
336967aafd Add more debugger commands to closer inspect the guarded heap. 2011-12-04 18:47:55 +01:00
Michael Lotz
4a7b48203e Try smaller sizes if creating an area failed.
Depending on the use case the grow size may be too large to fit into
address space holes. Instead of failing try with smaller sizes until
it either worked or doesn't make sense anymore (< 1MB).
2011-12-04 18:43:20 +01:00
Michael Lotz
01eb710a91 Use a free list to make the guarded heap perform less horribly.
Pages that are freed are added to the tail of the list while allocation
candidates are taken from the head. Therefore pages that have been free
the longest are preferred, making immediate re-use less likely.

Also avoid looking for pages if the free count already tells that the
allocation can't be fulfilled.
2011-12-04 18:40:11 +01:00
Stephan Aßmus
df30e677a7 Replaced mention of "SVN" with "version control system". 2011-12-04 14:51:47 +01:00
Michael Lotz
5cbe06f482 Allow replacing the object cache with the guarded heap.
This allows to use the debug features of the guarded heap also on
allocations made through the object cache API. This is obivously
horrible for performance and uses up huge amounts of memory, so the
initial and grow sizes are adjusted accordingly.

Note that this is a rather simple hack, using the object_cache pointer
to transport the allocation size. The alignment is neglected completely.
2011-12-04 13:52:06 +01:00
Michael Lotz
390a6e2e02 Add support for optional inline stack traces in guarded heap. 2011-12-04 12:56:59 +01:00
Humdinger
aabb32e118 Make the enclosure string in the mail body translatable. 2011-12-04 09:04:35 +01:00
Yourself
068e156490 Added Dvorak (programmer's) keymap. Patch by Duggan. Fixes #8177. 2011-12-03 21:45:52 +00:00
Michael Lotz
24a15a69a8 Fix use of a potentially freed net_buffer.
The buffer may have been freed if its data was added to the queue, but
later the buffer size was still read from the object. A spurious
acknowledge may have been sent, or one would have gone missing,
depending on what happened with the allocation after it was freed.
2011-12-04 02:34:35 +01:00
Michael Lotz
01762bd57f Fix possibly harmful use of stale pointer in edge case.
The call to _MakeSpace() may move the extent data from the indirect
array (kept in a heap allocation) to the direct one kept inside the
class. In that case the lastExtent pointer would become stale and
further use of it would've lead to suboptimal extents in the best case
to reading/writing at the wrong point in files and possibly corruption
of another allocation in the worst (both unlikely though).

To mitigate that we now re-initialize the pointer to the correct location
if we hit the cache limit.

Also made the use of the start variable more understandable. Instaed of
decrementing it (possibly wrapping) when an extent wasn't going to be
used and later adding the vector index again, just increment whenever
we actually move to the next extent.

For bad things to happen a few conditions needed to come together though:
1. There needed to be multiple vectors that could be combined with the
existing last extent.
2. There first needed to be more extents than the cache limit and that
number then had to decrease below the cache limit again.
3. The memory needed to stay intact after being freed up until after the
evaluation (or similar enough data had to be written to it).

At least the last one was guaranteed to not be true anymore since we
re-introduced overwritting freed memory with 0xdeadbeef in the slab,
therefore nastily hiding this. I'm not sure that the first condition is
ever met either (probably the vectors are combined beforehand so that
there never are multiple adjacent ones) at least for the normal use case
(the page writer writing back pages). I was at least unable to reproduce
an actual file corruption in my testing.

Just the out of bounds access to the stale pointer happened rather easily
though and is now at least fixed.
2011-12-03 23:30:16 +01:00
Michael Lotz
e62d9911ea Allocate as much as is later read, didn't do harm though.
Further in the process the flat argument size is rounded up, but the
actual allocation was done with the unaligned size causing an access
beyond the allocation when later copying the flat arguments. It didn't
do any actual harm as the block sizes of our allocator(s) use elements
that have at least such an alignment.
2011-12-03 23:13:52 +01:00
Michael Lotz
b39f919dbf Remove the root device from the root devices list.
The device is added to the root devices list when initializing, but was
not removed from there again when the root device was removed and freed,
causing the list to have a stale entry. Probably fixes #3305.

The list is populated once for the _fbsd_init_hardware iteration and, if
a device was found, again for _fbsd_init_drivers. The only thing I don't
understand is why it didn't just always crash, as there should have been
a stale list entry in any case when a supported device actually was found...
2011-12-03 23:05:30 +01:00
Michael Lotz
4495409499 Abort the request instead of crashing when out of memory. 2011-12-03 22:54:48 +01:00
Niels Sascha Reedijk
e6f22646a3 Update userguide and welcome documentation with the latest additions and translations from i18n.haiku-os.org. 2011-12-03 21:12:53 +01:00
Michael Lotz
1fe24d0cd0 Add heap with guard pages to detect out of bound reads/writes.
This is a very simple heap implementation that allocates memory so that
the end of each allocation always coincides with a page end and is
followed by a guard page which is marked non-present. Out of bounds
access (both read and write) therefore cause a crash (unhandled page
fault).

Note that this allocator is neither speed nor space efficient, indeed it
wastes huge amounts of pages and address space so it is quite easy to
hit limits. It is intended as a pure debug feature.
2011-12-03 20:09:13 +01:00
Siarzhuk Zharski
d79b659e26 Terminal:Fix printing and windows settings path.
* Fixes #7986 - behavior of Print command fixed to be consistent
  with other application, like StyledEdit. This change
  display the print job settings dialog instead of "Printing
  was cancelled" alert;
* Fixes #6998 - the path to storing windows settings changed from
  ~/config/settings/Terminal_windows to ~/c/s/Terminal/Windows;

  This patch was created during GCI 2011 by doctorkohaku.
  Thanks for the contribution!
2011-12-03 20:00:39 +01:00
Michael Lotz
7418dbd908 Introduce debug page wise kernel area protection functions.
This adds a pair of functions vm_prepare_kernel_area_debug_protection()
and vm_set_kernel_area_debug_protection() to set a kernel area up for
page wise protection and to actually protect individual pages
respectively.

It was already possible to read and write protect full areas via area
protection flags and not mapping any actual pages. For areas that
actually have mapped pages this doesn't work however as no fault, at
which the permissions could be checked, is generated on access.

These new functions use the debug helpers of the translation map to mark
individual pages as non-present without unmapping them. This allows them
to be "protected", i.e. causing a fault on read and write access. As they
aren't actually unmapped they can later be marked present again.

Note that these are debug helpers and have quite a few restrictions as
described in the comment above the function and is only useful for some
very specific and constrained use cases.
2011-12-03 19:49:18 +01:00
Michael Lotz
643cf35ee8 Add debug helper functions to mark pages present.
They can be used to mark pages as present/non-present without actually
unmapping them. Marking pages as non-present causes every access to
fault. We can use that for debugging as it allows us to "read protect"
individual kernel pages.
2011-12-03 19:45:31 +01:00
Humdinger
f990399943 Added Rimas and Simonas as Lithuanian translators. Thanks guys. 2011-12-03 16:53:58 +01:00
Niels Sascha Reedijk
cf8407428a Update translations from Pootle. 2011-12-03 15:59:54 +01:00
Alexander von Gluck IV
bdd1989348 Add lookup of encoder id -> name for debugging 2011-12-02 20:23:13 -06:00