Age | Commit message (Collapse) | Author |
|
In commit be8759e68b337524c056b8bb757ea68c9996d863, a buffer overflow
was fixed in erlc and the erlc_SUITE:arg_overflow/1 test case was
added. That test cases invokes erlc with 10000 -D options, which will
result in 'erl' being invoked with more than 30000 arguments.
On some platforms, the test case will fail for the wrong reason:
* 64-bit Linux kernels before 2.6.23 limit the number of arguments in
an excvp() call to 16383. (See "Number of arguments and maximum length
of one argument" in http://www.in-ulm.de/~mascheck/various/argmax/.)
* The command shell in Windows limits the size of the command line to
8191 characters.
Depending on the platform, pass a different number of -D options
to erlc. Since the size of the options does not matter for this
test case, make the options as short as possible by generating
numbers in base 36.
|
|
* ta/configure-fdatasync:
Document fdatasync -lrt requirement (SunOS <= 5.10)
Move fdatasync autoconf checks to proper place
OTP-9512
|
|
* ms/epmd-fix-compiler-warnings:
epmd: fix compiler warnings
OTP-9500
|
|
Add erlang:check_old_code/1 to quickly check whether a module
has old code. If there is no old code, there is no need to call
erlang:check_process_code/2 for all processes, which will save
some time if there are many processes.
|
|
There is no need to suspend the process if the module has no old
code. Measurements show that this change will make
erlang:check_process_code/2 in an SMP emulator about four times
faster if the module has no old code.
|
|
* rc/r14-gc-fix:
fix 64-bit issues in the garbage collection
OTP-9488
|
|
Use a union for pointer type conversion to avoid compiler warnings
about strict-aliasing violations with gcc-4.1. gcc >= 4.2 does not
emit the warning.
TODO: Reconsider use of union once gcc-4.1 is obsolete?
|
|
|
|
We discovered that if a single Erlang process tried to grow above 32
GB (i.e., more 64-bit words than can be counted by a 32-bit number),
the VM failed to find the next larger heap size, even though there
were plenty more heap sizes left to pick from and even though we had a
lot more memory available on the machine. (Obviously, this is only
applicable on 64-bit Erlang.)
It turned out to be due to some 'int' variables in the heap resizing
parts of erl_gc.c not being properly updated to 'Uint' or 'Sint'. Once
that was fixed, I got segfaults instead as soon as the heap got larger
than 2^32 words, due to even more 'int' declarations in the same file,
but now in the GC code.
After fixing this as well, I successfully ran an Erlang node in which
a single Erlang process had a heap so large that I'm not at liberty to
divulge the exact size, but I think the scientific term is
"humongous", and I'm confident that there are no further immediate
problems with very very large individual process heaps.
|
|
* ms/inet-socket-domain-error:
inet: error if fd does not match socket domain
OTP-9455
|
|
* cg/fix-constant-logical-operand:
Fix use of logical operator && with constant operand instead of bitwise &.
OTP-9454
|
|
* pg/fix-freebsd-dualcore-detection:
Fix bug in FreeBSD topology detection code
OTP-9453
|
|
* pg/fix-hibernate-scheduling-with-hipe:
Fix bug related to hibernate and HiPE (clear F_HIBERNATE_SCHED flag)
OTP-9452
|
|
Constructing binaries using the bit syntax with literals sizes
that would not fit in an Uint will either cause an emulator crash
or the loading to be aborted.
Use the new TAG_o tag introduced in the previous commit to make sure
that the attempt to create huge binary literals will generate a
system_limit exception at run-time.
|
|
The handling of large values for other tags than TAG_i (integer) is
buggy. Any tag value equal to or greater than 2^40 (5 bytes) will
abort loading. Tag values fitting in 5 bytes will be truncated to 4
bytes values.
Those bugs cause real problems because the bs_init2/6 and
bs_init_bits/6 instructions unfortunately use TAG_u to encode literal
sizes (using TAG_i would have been a better choice, but it is too late
to change that now). Any binary size that cannot fit in an Uint
should cause a system_limit exception at run-time, but instead the
buggy handling will either cause an emulator crash (for values in the
range 2^32 to 2^40-1) or abort loading.
In this commit, implement overflow checking of tag values as a
preparation for fixing the binary construction instructions. If any
tag value cannot fit in an Uint (except for TAG_i), change the
tag to the special TAG_o overflow tag.
|
|
We want to make sure that a tag/type name is not defined more than
once and that we don't define too many primitive tags. Primitive
tags must be named with lowercase letters (or they will be confused
with variable names in transformations in the ops.tab file).
|
|
Attempting to construct <<0:((1 bsl 32)-1)>>, the largest bitstring
allowed in a 32 bit emulator, would cause an emulator crash because
of integer overflow.
Fix the problem by using an Uint64 to avoid integer overflow.
Do not attempt to handle construction of <<0:((1 bsl 64)-1>> in
a 64-bit emulator, because that will certainly cause the emulator
to terminate anyway because of insufficient memory.
|
|
* sverker/allocator-aoff/OTP-9424:
New allocator: Address order first fit (aoff)
|
|
* sverker/fun_SUITE-refc_dist-gcfix:
Fix test case fun_SUITE:refc_dist
|
|
* sverker/epmd-vxworks-select-bug/OTP-9427:
Fix epmd crash on vxworks caused by faulty argument to select
|
|
The first argument g->max_conn to select() in epmd_srv.c seems to be
wrong as it excludes the listening socket(s). Instead we keep track of
the highest fd seen.
However I still don't understand why select() started to fail for
vxworks with R14B03 when the feature of more than one listening socket
was introduced. The default is still 1 listening socket (num_sockets=1),
which would make the first argument to select() unchanged.
|
|
* sverker/testcase/OTP-9422:
Test case for OTP-9422
|
|
It failed sometimes depending on GC invocation.
|
|
|
|
alloc_no of sbmbc_low_alloc was set to ERTS_ALC_A_STANDARD_LOW
|
|
|
|
* sverker/enif_make_int64-halfword/OTP-9394:
Fix halfword bug in enif_make_int64
|
|
Conflicts:
erts/vsn.mk
|
|
|
|
* rickard/sbmbc/OTP-9339:
Use separate memory carriers for small blocks
|
|
* sverker/ets_delete-deadlock-race/OTP-9423:
Fix bug in ets:delete for write_concurrency that could lead to deadlock
|
|
|
|
A trace matchspec with 'enable_trace' or 'disable_trace' in body could
cause an emulator crash if a concurrent process altered the trace
setting of the traced function by calling erlang:trace_pattern.
The effect was a deallocation of the binary holding the matchspec
program while it was running. Fixed by increasing reference count of
ms-binary in the cases when 'enable_trace' or 'disable_trace' may
cause a system block that may alter the ongoing trace.
The paradox here is that db_prog_match() is using erts_smp_block_system()
to do 'enable_trace' and 'disable_trace' in a safe (atomic) way. But that
also have the (non-atomic) effect that racing thread might block the
system and change the trace settings with erlang:trace_pattern.
|
|
Relocking in ets_delete_1() and remove_named_tab() was done by
unlocking the table without clearing the is_thread_safe flag. A racing
thread could then read-lock the table and then incorrectly
write-unlock the table as db_unlock() looked at is_thread_safe to
determine which kind of lock to unlock.
Several fixes:
1. Make db_unlock() use argument 'kind' instead of is_thread_safe to
determine lock type.
2. Make relock logic use db_lock() and db_unlock() instead of directly
accessing lock primitives.
3. Do ownership transfer earlier in ets_delete_1 to avoid racing owner
process to also start deleting the same table.
|
|
The bug was creating an invalid bignum instead of a small integer,
causing strange comparing behavior (=:= failed but == succeeded).
|
|
* hw/fix-doc-typos:
Fix typos in the epmd documentation
OTP-9387
|
|
An incorrect spec, rpc:yield/1, has been fixed.
|
|
* siri/sasl/release_handler-windows/OTP-9306:
Make release_handler work with windows services
|
|
This commit adds test cases from release_handler_SUITE on windows,
including some corrections in erlsrv and release_handler.
|
|
|
|
|
|
|
|
An experimental version of Dialyzer discovered that the atom that
replaced the DRV macro in prim_file ends up in calls to
erlang:open_port({spawn, Driver}, Portopts) as the Driver argument. The
documentation states that this call requires a string there.
This change is also consistent with the one introduced in commit
0f03b1e9d2bef3bc830c31a369261af4c5234727 by Kostis Sagonas.
|
|
Suppress compiler warnings about ignored return values.
|
|
|
|
|
|
|
|
If an IPv4 fd is opened as an IPv6 socket, unexpected behaviour can
occur. For example, if an IPv4 UDP socket is opened and passed into
Erlang as an IPv6 socket, the first 3 bytes (corresponding to 1 byte
representing the protocol family, 2 bytes set to the port) are stripped
from the payload. The cause of the UDP payload truncation happens in
inet_drv.c:packet_inet_input when a call to inet_get_address fails
silently because the family is set to PF_INET6 but the buffer len is
the size of an IPv4 struct sockaddr_in.
Prevent this behaviour by checking that the protocol family of the file
descriptor matches the family of the requested Erlang socket.
{ok, S1} = gen_udp:open(0, [binary, inet]),
{ok, FD} = inet:getfd(S1),
{ok, Port} = inet:port(S1),
{ok, S} = gen_udp:open(Port, [binary, {fd, FD}, inet6]),
{ok, C} = gen_udp:open(0, [binary]),
Msg = <<1,2,3,4,5>>,
gen_udp:send(C, "127.0.0.1", Port, Msg),
receive
{udp, S, _, _, Msg} -> ok;
{udp, S, _, _, NewMsg} -> {error, Msg, NewMsg}
end.
This test results in: {error,<<1,2,3,4,5>>,<<4,5>>}
Thanks to Andrew Tunnell-Jones for finding the bug and the test case!
|
|
|
|
|