| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| ... | |
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Fix some related minor problems involving "//", vfork.
* callproc.c (encode_current_directory): New function.
(call_process): Don't append "/"; not needed.
* fileio.c (file_name_as_directory_slop): New constant.
(file_name_as_directory): Allow SRC to be longer than SRCLEN;
this can save the caller having to alloca.
(Ffile_name_as_directory, Fdirectory_file_name, Fexpand_file_name):
Use SAFE_ALLOCA, not alloca.
(directory_file_name, Fexpand_file_name): Leave leading "//"
alone, since it can be special even on POSIX platforms.
* callproc.c (call_process):
* process.c (Fformat_network_address):
* sysdep.c (sys_subshell):
Use encode_current_directory rather than rolling our own.
(create_process): No need to encode directory; caller does that now.
* process.h (encode_current_directory): New decl.
* sysdep.c (sys_subshell): Work even if vfork trashes saved_handlers.
Rework to avoid 'goto xyzzy;'.
|
| |
|
|
|
|
|
|
|
| |
(call_process): New arg TEMPFILE_INDEX. Callers changed.
Record deleted process-id in critical section, not afterwards.
Don't mistakenly kill process created by a call-process invocation
that discards output and does not wait.
Fixes: debbugs:15144
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Fix bugs that can leak files or file descriptors on errors.
Don't unlink open temp files, as that's hard for users to diagnose
when things go awry (e.g., temp disk exhausted).
Don't bother to lock temp files. Check for invalid recursion.
* callproc.c (synch_process_fd): Remove. All uses removed.
(synch_process_tempfile): New var or macro.
(CALLPROC_STDOUT, CALLPROC_STDERR, CALLPROC_PIPEREAD, CALLPROC_FDS):
New constants.
(record_kill_process): New arg, the temp name. All callers changed.
(delete_temp_file): Now just a simple wrapper around unlink.
(call_process_kill): New arg, the call_process_fd array.
Close them all. Clear synch_process_pid. Remove the temp file,
or arrange for it to be removed.
(call_process_cleanup) [MSDOS]: Arg no longer contains file name;
that's been moved to synch_process_tempfile. Caller changed.
Do not remove the tempfile; that's now call_process_kill's
responsibility.
(call_process_cleanup) [!MSDOS]: Do not record unwind-protect for
call_process_kill; the caller now does that.
(call_process_cleanup): Do not close the process fd; that's now
call_process_kill's responsibility.
(Fcall_process): Implement via new function call_process, which
has most of the old body of Fcall_process, but with a different API.
(call_process): New function that does not open or close filefd if
it is nonnegative. Record which fds need to be closed, and let
call_process_kill close (and remove the tempfile, on MSDOS) on error.
Signal an error if invoked recursively (could be done via a hook).
Simplify creation of the tempfile in the MSDOS case.
Don't create the output file until after checking for the executable.
Report any failure to open /dev/null.
Don't open /dev/null for writing twice; once is enough.
Don't create pipe if all output is being discarded or sent to file.
Don't worry about setting up the coding system or reading from the
pipe if all output is being discarded.
Hoist fd_error local into top level, to lessen block nesting.
Don't record deleted pid here; now done by Fcall_process_region.
(Fcall_process) [MSDOS]: Report mktemp failure immediately,
and note its success in synch_process_tempfile.
Do not leak resources when child_setup fails.
(Fcall_process) [!MSDOS && !WINDOWSNT]: Remove duplicate assignment
to child_errno. Remove unnecessary close of fd0; it's close-on-exec.
(create_temp_file): Now returns open fd, with an additional
Lisp_Object * argument to return the name. All callers changed.
Do not close the file; rewind it instead, and leave it open for
the caller. Do not lock the temp file. Unwind-protect the file
and the file-descriptor.
(Fcall_process_region): If the input is /dev/null, unwind-protect it.
If an asynchrounous process, record it here, not in call_process.
(syms_of_callproc) [MSDOS]: Initialize synch_process_tempfile.
* eval.c (set_unwind_protect): New function.
* fileio.c (write_region): New function, generalized from the
old Fwrite_region. Do not lock temp files.
(Fwrite_region): Use it.
* lisp.h (set_unwind_protect, write_region): New decls.
* process.c: Include <verify.h>.
(make_process): Mark fds as initially closed.
(deleted_pid_list): Now a list of pid-filename pairs.
All uses changed.
(close_process_fd): New function.
(SUBPROCESS_STDIN, WRITE_TO_SUBPROCESS, READ_FROM_SUBPROCESS)
(SUBPROCESS_STDOUT, READ_FROM_EXEC_MONITOR, EXEC_MONITOR_OUTPUT):
New constants. Verify that their number matches PROCESS_OPEN_FDS.
(create_process, create_pty, Fmake_serial_process)
(server_accept_connection): Record which fds need to be closed,
and let deactivate_process close them.
(Fmake_network_process): Do not discard the unwind-protect
until it's safe to do so.
(deactivate_process): Close the fds opened by create_process etc.
(Fprocess_send_eof): Adjust to new way of recording open fds.
Report an error if /dev/null can't be opened, instead of aborting.
* process.h (PROCESS_OPEN_FDS): New constant.
(struct Lisp_Process): New member open_fds.
(record_kill_process, record_deleted_pid): Adjust signatures.
(record_deleted_pid): Move decl here ...
* syswait.h (record_deleted_pid): ... from here.
Fixes: debbugs:15035
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Gnulib's emulation of mkostemp doesn't have races that Emacs's does.
* configure.ac (mkostemp): Remove check for this function;
gnulib does the check now.
(mkstemp): Remove check for this no-longer-used function.
* lib/mkostemp.c, lib/secure_getenv.c, lib/tempname.c, lib/tempname.h:
* m4/mkostemp.m4, m4/secure_getenv.m4, m4/tempname.m4:
New files, copied from Gnulib.
* lib/gnulib.mk, m4/gnulib-comp.m4: Regenerate.
* admin/merge-gnulib (GNULIB_MODULES): Add mkostemp.
* lib-src/movemail.c (main):
* lib-src/update-game-score.c (write_scores):
Use mkostemp (which now works on all platforms, due to changes
in the portability layer) rather than mktemp (which has a race)
or mkstemp (which we no longer bother with).
* src/callproc.c (create_temp_file):
* src/filelock.c (create_lock_file):
Assume mkostemp, since it's now provided by Gnulib.
Fixes: debbugs:15015
|
| |
|
|
|
|
|
| |
* callproc.c (create_temp_file) [! (HAVE_MKOSTEMP || HAVE_MKSTEMP)]:
Do not assume that emacs_close (INT_MAX) is a no-op.
Fixes: debbugs:14986
|
| | |
|
| |
|
|
|
|
|
|
|
| |
* callproc.c (child_setup): When the child's exec fails, output
the program name, as that's more useful. Use O_NONBLOCK to avoid
deadlock.
* process.c (create_process_1): Remove; no longer needed.
(create_process): Remove timer hack; no longer needed, now that
the child avoids deadlock.
|
| |
|
|
|
|
|
|
|
| |
* callproc.c (Fcall_process):
* doc.c (Fsnarf_documentation):
* fileio.c (Frename_file, Fadd_name_to_file, Fmake_symbolic_link):
* process.c (set_socket_option):
Don't let a constructor trash errno.
* doc.c: Include <errno.h>.
|
| |
|
|
|
|
|
|
|
| |
* callproc.c (Fcall_process_region): Pass nil, not "/dev/null",
to Fcall_process when the input is empty. This simplifies the
code a bit. It makes no difference on POSIXish platforms but
apparently it fixes a bug on w32.
Fixes: debbugs:14885
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This also lessens the need to write wrappers for callbacks,
and the need for make_save_pointer.
* alloca.c (free_save_value):
* atimer.c (run_all_atimers):
Now extern.
* alloc.c (safe_alloca_unwind):
* atimer.c (unwind_stop_other_atimers):
* keyboard.c (cancel_hourglass_unwind) [HAVE_WINDOW_SYSTEM]:
* menu.c (cleanup_popup_menu) [HAVE_NS]:
* minibuf.c (choose_minibuf_frame_1):
* process.c (make_serial_process_unwind):
* xdisp.h (pop_message_unwind):
* xselect.c (queue_selection_requests_unwind):
Remove no-longer-needed wrapper. All uses replaced by the wrappee.
* alloca.c (record_xmalloc):
Prefer record_unwind_protect_ptr to record_unwind_protect with
make_save_pointer.
* alloca.c (Fgarbage_collect):
Prefer record_unwind_protect_void to passing a dummy.
* buffer.c (restore_buffer):
* window.c (restore_window_configuration):
* xfns.c, w32fns.c (do_unwind_create_frame)
New wrapper. All record-unwind uses of wrappee changed.
* buffer.c (set_buffer_if_live):
* callproc.c (call_process_cleanup, delete_temp_file):
* coding.c (code_conversion_restore):
* dired.c (directory_files_internal_w32_unwind) [WINDOWSNT]:
* editfns.c (save_excursion_restore)
(subst_char_in_region_unwind, subst_char_in_region_unwind_1)
(save_restriction_restore):
* eval.c (restore_stack_limits, un_autoload):
* fns.c (require_unwind):
* keyboard.c (recursive_edit_unwind, tracking_off):
* lread.c (record_load_unwind, load_warn_old_style_backquotes):
* macros.c (pop_kbd_macro, restore_menu_items):
* nsfns.m (unwind_create_frame):
* print.c (print_unwind):
* process.c (start_process_unwind):
* search.c (unwind_set_match_data):
* window.c (select_window_norecord, select_frame_norecord):
* xdisp.c (unwind_with_echo_area_buffer, unwind_format_mode_line)
(fast_set_selected_frame):
* xfns.c, w32fns.c (unwind_create_tip_frame):
Return void, not a dummy Lisp_Object. All uses changed.
* buffer.h (set_buffer_if_live): Move decl here from lisp.h.
* callproc.c (call_process_kill):
* fileio.c (restore_point_unwind, decide_coding_unwind)
(build_annotations_unwind):
* insdel.c (Fcombine_after_change_execute_1):
* keyboard.c (read_char_help_form_unwind):
* menu.c (unuse_menu_items):
* minibuf.c (run_exit_minibuf_hook, read_minibuf_unwind):
* sound.c (sound_cleanup):
* xdisp.c (unwind_redisplay):
* xfns.c (clean_up_dialog):
* xselect.c (x_selection_request_lisp_error, x_catch_errors_unwind):
Accept no args and return void, instead of accepting and returning
a dummy Lisp_Object. All uses changed.
* cygw32.c (fchdir_unwind):
* fileio.c (close_file_unwind):
* keyboard.c (restore_kboard_configuration):
* lread.c (readevalllop_1):
* process.c (wait_reading_process_output_unwind):
Accept int and return void, rather than accepting an Emacs integer
and returning a dummy object. In some cases this fixes an
unlikely bug when the corresponding int is outside Emacs integer
range. All uses changed.
* dired.c (directory_files_internal_unwind):
* fileio.c (do_auto_save_unwind):
* gtkutil.c (pop_down_dialog):
* insdel.c (reset_var_on_error):
* lread.c (load_unwind):
* xfns.c (clean_up_file_dialog):
* xmenu.c, nsmenu.m (pop_down_menu):
* xmenu.c (cleanup_widget_value_tree):
* xselect.c (wait_for_property_change_unwind):
Accept pointer and return void, rather than accepting an Emacs
save value encapsulating the pointer and returning a dummy object.
All uses changed.
* editfns.c (Fformat): Update the saved pointer directly via
set_unwind_protect_ptr rather than indirectly via make_save_pointer.
* eval.c (specpdl_func): Remove. All uses replaced by definiens.
(unwind_body): New function.
(record_unwind_protect): First arg is now a function returning void,
not a dummy Lisp_Object.
(record_unwind_protect_ptr, record_unwind_protect_int)
(record_unwind_protect_void): New functions.
(unbind_to): Support SPECPDL_UNWIND_PTR etc.
* fileio.c (struct auto_save_unwind): New type.
(do_auto_save_unwind): Use it.
(do_auto_save_unwind_1): Remove; subsumed by new do_auto_save_unwind.
* insdel.c (struct rvoe_arg): New type.
(reset_var_on_error): Use it.
* lisp.h (SPECPDL_UNWIND_PTR, SPECPDL_UNWIND_INT, SPECPDL_UNWIND_VOID):
New constants.
(specbinding_func): Remove; there are now several such functions.
(union specbinding): New members unwind_ptr, unwind_int, unwind_void.
(set_unwind_protect_ptr): New function.
* xselect.c: Remove unnecessary forward decls, to simplify maintenance.
|
| |
|
|
|
|
|
|
| |
If the file name is neither null nor a pair, package it up as a
singleton list. All callers changed, both to this function and to
report_file_error. This fixes a bug where the memory allocator
invoked by list1 set errno so that the immediately following
report_file_error reported the wrong errno value.
|
| |
|
|
|
|
|
|
|
| |
* sysdep.c (emacs_pipe): New function, that implements
pipe2 (fd, O_CLOEXEC) even on hosts that lack O_CLOEXEC.
This should port better to CentOS 5 and to Mac OS X 10.6.
All calls to pipe2 changed.
Fixes: debbugs:14862
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This makes the code easier to read and the executable a bit smaller.
Do not replace all calls to Fcons that happen to create lists,
just calls that are intended to create lists. For example, when
creating an alist that maps FOO to nil, use list1 (Fcons (FOO, Qnil))
rather than list1 (list1 (FOO)) or Fcons (Fcons (FOO, Qnil), Qnil).
Similarly for list2 through list5.
* buffer.c (Fget_buffer_create, Fmake_indirect_buffer):
* bytecode.c (exec_byte_code):
* callint.c (quotify_arg, Fcall_interactively):
* callproc.c (Fcall_process, create_temp_file):
* charset.c (load_charset_map_from_file)
(Fdefine_charset_internal, init_charset):
* coding.c (get_translation_table, detect_coding_system)
(Fcheck_coding_systems_region)
(Fset_terminal_coding_system_internal)
(Fdefine_coding_system_internal, Fdefine_coding_system_alias):
* composite.c (update_compositions, Ffind_composition_internal):
* dired.c (directory_files_internal, file_name_completion)
(Fsystem_users):
* dispnew.c (Fopen_termscript, bitch_at_user, init_display):
* doc.c (Fsnarf_documentation):
* editfns.c (Fmessage_box):
* emacs.c (main):
* eval.c (do_debug_on_call, signal_error, maybe_call_debugger)
(Feval, eval_sub, Ffuncall, apply_lambda):
* fileio.c (make_temp_name, Fcopy_file, Faccess_file)
(Fset_file_selinux_context, Fset_file_acl, Fset_file_modes)
(Fset_file_times, Finsert_file_contents)
(Fchoose_write_coding_system, Fwrite_region):
* fns.c (Flax_plist_put, Fyes_or_no_p, syms_of_fns):
* font.c (font_registry_charsets, font_parse_fcname)
(font_prepare_cache, font_update_drivers, Flist_fonts):
* fontset.c (Fset_fontset_font, Ffontset_info, syms_of_fontset):
* frame.c (make_frame, Fmake_terminal_frame)
(x_set_frame_parameters, x_report_frame_params)
(x_default_parameter, Fx_parse_geometry):
* ftfont.c (syms_of_ftfont):
* image.c (gif_load):
* keyboard.c (command_loop_1):
* keymap.c (Fmake_keymap, Fmake_sparse_keymap, access_keymap_1)
(Fcopy_keymap, append_key, Fcurrent_active_maps)
(Fminor_mode_key_binding, accessible_keymaps_1)
(Faccessible_keymaps, Fwhere_is_internal):
* lread.c (read_emacs_mule_char):
* menu.c (find_and_return_menu_selection):
* minibuf.c (get_minibuffer):
* nsfns.m (Fns_perform_service):
* nsfont.m (ns_script_to_charset):
* nsmenu.m (ns_popup_dialog):
* nsselect.m (ns_get_local_selection, ns_string_from_pasteboard)
(Fx_own_selection_internal):
* nsterm.m (append2):
* print.c (Fredirect_debugging_output)
(print_prune_string_charset):
* process.c (Fdelete_process, Fprocess_contact)
(Fformat_network_address, set_socket_option)
(read_and_dispose_of_process_output, write_queue_push)
(send_process, exec_sentinel):
* sound.c (Fplay_sound_internal):
* textprop.c (validate_plist, add_properties)
(Fput_text_property, Fadd_face_text_property)
(copy_text_properties, text_property_list, syms_of_textprop):
* unexaix.c (report_error):
* unexcoff.c (report_error):
* unexsol.c (unexec):
* xdisp.c (redisplay_tool_bar, store_mode_line_string)
(Fformat_mode_line, syms_of_xdisp):
* xfaces.c (set_font_frame_param)
(Finternal_lisp_face_attribute_values)
(Finternal_merge_in_global_face, syms_of_xfaces):
* xfns.c (x_default_scroll_bar_color_parameter)
(x_default_font_parameter, x_create_tip_frame):
* xfont.c (xfont_supported_scripts):
* xmenu.c (Fx_popup_dialog, xmenu_show, xdialog_show)
(menu_help_callback, xmenu_show):
* xml.c (make_dom):
* xterm.c (set_wm_state):
Prefer list1 (FOO) to Fcons (FOO, Qnil) when creating a list,
and similarly for list2 through list5.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
(create_temp_file): New function, with the temp-file-creation part
of the old Fcall_process_region. Use Fcopy_sequence to create the
temp file name, rather than alloca + build_string, for simplicity.
Don't bother to block input around the temp file creation;
shouldn't be needed. Simplify use of mktemp. Use
record_unwind_protect immediately after creating the temp file;
this closes an unlikely race where the temp file was not removed.
Use memcpy rather than an open-coded loop.
(Fcall_process_region): Use the new function. If the input is
empty, redirect from /dev/null rather than from a newly created
empty temp file; this avoids unnecessary file system traffic.
|
| |
|
|
|
| |
* process.c (create_process) [!DOS_NT]:
Remove now-unnecessary calls to emacs_close.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* callproc.c (Fcall_process):
* fileio.c (Fcopy_file, Finsert_file_contents, Fwrite_region):
* process.c (create_process, Fmake_network_process):
* unexaix.c (report_error):
* unexcoff.c (report_error):
Be more careful about reporting the errno of failed operations.
The code previously reported the wrong errno sometimes.
Also, prefer report_file_errno to setting errno + report_file_error.
(Fcall_process): Look at openp return value rather than at path,
as that's a bit faster and clearer when there's a numeric predicate.
* fileio.c (report_file_errno): New function, with most of the
old contents of report_file_error.
(report_file_error): Use it.
(Ffile_exists_p, Ffile_accessible_directory_p):
Set errno to 0 when it is junk.
* fileio.c (Faccess_file):
* image.c (x_create_bitmap_from_file):
Use faccessat rather than opening the file, to avoid the hassle of
having a file descriptor open.
* lisp.h (report_file_errno): New decl.
* lread.c (Flocate_file_internal): File descriptor 0 is valid, too.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* configure.ac (PTY_TTY_NAME_SPRINTF): Use emacs_close, not close.
* src/callproc.c (Fcall_process_region):
* src/dired.c (open_directory):
* src/emacs.c (main, Fdaemon_initialized):
* src/image.c (x_find_image_file):
* src/inotify.c (Finotify_rm_watch):
* src/lread.c (Flocate_file_internal):
* src/process.c (Fnetwork_interface_list, Fnetwork_interface_info):
* src/term.c (term_mouse_moveto, init_tty):
* src/termcap.c (tgetent):
* src/unexaix.c, src/unexcoff.c (report_error, report_error_1, adjust_lnnoptrs)
* src/unexaix.c, src/unexcoff.c, src/unexcw.c, src/unexelf.c (unexec):
* src/unexhp9k800.c, src/unexmacosx.c (unexec):
* src/callproc.c (Fcall_process_region):
Use emacs_close, not close.
* src/sysdep.c (POSIX_CLOSE_RESTART, posix_close) [!POSIX_CLOSE_RESTART]:
New macro and function, which emulates the POSIX_CLOSE_RESTART macro
and posix_close function on current platforms (which all lack them).
(emacs_close): Use it. This should fix the races on GNU/Linux and
on AIX and on future platforms that support POSIX_CLOSE_RESTART,
and it should avoid closing random victim file descriptors on
other platforms.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* lib/ignore-value.h: Remove this gnulib-imported file.
* lib/gnulib.mk, m4/gnulib-comp.m4: Regenerate.
* admin/merge-gnulib (GNULIB_MODULES): Remove ignore-value.
* src/callproc.c (child_setup) [!DOS_NT]: Don't try to stuff an error
number into an exit status. Instead, use EXIT_CANCELED.
(child_setup) [!MSDOS]: Avoid possible deadlock with vfork.
* src/callproc.c (relocate_fd):
* src/emacs.c (close_output_streams, main):
* src/process.c (create_process):
* src/sysdep.c (sys_subshell) [!DOS_NT || !WINDOWSNT]:
Use emacs_perror for simplicity.
* src/callproc.c (relocate_fd, main):
* src/sysdep.c (sys_subshell):
Exit with EXIT_CANCELED etc., not 1, when exec setup fails.
(shut_down_emacs): Use emacs_write, not write.
* src/emacs.c, src/sysdep.c: Don't include <ignore-value.h>.
* src/fileio.c (Fcopy_file, e_write):
* src/nsterm.m (ns_select):
* src/process.c (send_process):
* src/sound.c (vox_write):
Use emacs_write_sig, not emacs_write.
* src/lisp.h (emacs_write_sig, emacs_perror): New decls.
* src/process.h (EXIT_CANCELED), EXIT_CANNOT_INVOKE, EXIT_ENOENT):
New constants.
* src/sysdep.c (emacs_backtrace): Use emacs_write, not ignore_value
of write.
(emacs_full_write): New function.
(emacs_write): Rewrite to use it.
(emacswrite_sig, emacs_perror): New functions.
* src/xrdb.c (fatal): Don't invoke perror, since errno might be garbage.
|
| |
|
|
|
|
|
|
|
|
|
| |
nt/inc/sys/socket.h (F_SETFD, O_CLOEXEC, F_DUPFD_CLOEXEC)
(FD_CLOEXEC): New macros.
src/w32.c (sys_dup): Declare prototype.
src/filelock.c:
src/emacs.c:
src/callproc.c [WINDOWSNT]: Include sys/socket.h.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This simplifies Emacs a bit, since it no longer needs to worry
about closing file descriptors by hand in some cases.
It also fixes some unlikely races. Not all such races, as
libraries often open files internally without setting
close-on-exec, but it's an improvement.
* admin/merge-gnulib (GNULIB_MODULES): Add fcntl, pipe2.
(GNULIB_TOOL_FLAGS): Avoid binary-io, close. Do not avoid fcntl.
* configure.ac (mkostemp): New function to check for.
(PTY_OPEN): Pass O_CLOEXEC to posix_openpt.
* lib/fcntl.c, lib/getdtablesize.c, lib/pipe2.c, m4/fcntl.m4:
* m4/getdtablesize.m4, m4/pipe2.m4: New files, taken from gnulib.
* lib/gnulib.mk, m4/gnulib-comp.m4: Regenerate.
* nt/gnulib.mk: Remove empty gl_GNULIB_ENABLED_verify section;
otherwise, gnulib-tool complains given close-on-exec changes.
* nt/inc/ms-w32.h (pipe): Remove.
* nt/mingw-cfg.site (ac_cv_func_fcntl, gl_cv_func_fcntl_f_dupfd_cloexec)
(gl_cv_func_fcntl_f_dupfd_works, ac_cv_func_pipe2): New vars.
* src/alloc.c (valid_pointer_p) [!WINDOWSNT]:
* src/callproc.c (Fcall_process) [!MSDOS]:
* src/emacs.c (main) [!DOS_NT]:
* src/nsterm.m (ns_term_init):
* src/process.c (create_process):
Use 'pipe2' with O_CLOEXEC instead of 'pipe'.
* src/emacs.c (Fcall_process_region) [HAVE_MKOSTEMP]:
* src/filelock.c (create_lock_file) [HAVE_MKOSTEMP]:
Prefer mkostemp with O_CLOEXEC to mkstemp.
* src/callproc.c (relocate_fd) [!WINDOWSNT]:
* src/emacs.c (main): Use F_DUPFD_CLOEXEC, not plain F_DUPFD.
No need to use fcntl (..., F_SETFD, FD_CLOEXEC), since we're
now using pipe2.
* src/filelock.c (create_lock_file) [! HAVE_MKOSTEMP]:
Make the resulting file descriptor close-on-exec.
* src/lisp.h, src/lread.c, src/process.c (close_load_descs, close_process_descs):
* src/lread.c (load_descriptor_list, load_descriptor_unwind):
Remove; no longer needed. All uses removed.
* src/process.c (SOCK_CLOEXEC): Define to 0 if not supplied by system.
(close_on_exec, accept4, process_socket) [!SOCK_CLOEXEC]:
New functions.
(socket) [!SOCK_CLOEXEC]: Supply a substitute.
(Fmake_network_process, Fnetwork_interface_list):
(Fnetwork_interface_info, server_accept_connection):
Make newly-created socket close-on-exec.
* src/sysdep.c (emacs_open, emacs_fopen):
Make new-created descriptor close-on-exec.
* src/w32.c (fcntl): Support F_DUPFD_CLOEXEC well enough for Emacs.
* src/w32.c, src/w32.h (pipe2): Rename from 'pipe', with new flags arg.
Fixes: debbugs:14803
|
| |
|
|
|
|
| |
* callproc.c (Fcall_process): Preserve openp errno around close.
* lread.c (openp): Set errno when returning -1, as some callers
expect this.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This handles EINTR more consistently now, and makes it easier
to introduce other uniform changes to file descriptor handling.
* src/systdio.h: New file.
* src/buffer.c (mmap_init):
* cygw32.c (chdir_to_default_directory):
* dispnew.c (Fopen_termscript):
* emacs.c (Fdaemon_initialized):
* fileio.c (Fdo_auto_save):
* image.c (slurp_file, png_load_body, jpeg_load_body):
* keyboard.c (Fopen_dribble_file):
* lread.c (Fload):
* print.c (Fredirect_debugging_output):
* sysdep.c (get_up_time, procfs_ttyname, procfs_get_total_memory):
* termcap.c (tgetent):
* unexaix.c, unexcoff.c (unexec, adjust_lnnoptrs):
* unexcw.c, unexelf.c, unexhp9k800.c, unexmacosx.c (unexec):
* w32term.c (w32_initialize) [CYGWIN]:
* xfaces.c (Fx_load_color_file):
Use emacs_open instead of plain open, and emacs_fopen instead of
plain fopen.
* dispnew.c, fileio.c, image.c, keyboard.c, lread.c, print.c, sysdep.c:
* xfaces.c: Include sysstdio.h rather than stdio.h, for emacs_fopen.
* callproc.c (default_output_mode): New constant.
(Fcall_process): Use it to call emacs_open instead of plain creat.
* dispnew.c (Fopen_termscript): Fix minor race in opening termscript.
* sysdep.c (emacs_open): Add commentary and don't call file name "path".
(emacs_fopen): New function.
* unexaix.c, unexcoff.c, unexelf.c, unexhp9k800.c, unexmacosx.c:
Include <lisp.h>, for emacs_open.
* unexelf.c (fatal): Remove decl; not needed with <lisp.h> included.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This mostly consists of undoing recent changes.
* callproc.c (Fcall_process):
* process.c (create_process):
Do not worry about catching SIGCHLD here, undoing previous change.
* nsterm.m (ns_term_init): Re-catch SIGCHLD, undoing previous change.
* process.c, process.h (catch_child_signal):
No longer extern if !NS_IMPL_GNUSTEP, undoing 06-22 change.
* process.c (catch_child_handler): Don't worry about being called
lazily and do not assume caller has blocked SIGCHLD, undoing
previous change. Move first-time stuff back to
init_process_emacs, undoing 06-22 change. If CYGWIN, do not
tickle glib, as that causes Cygwin bootstrap to fail. Do not
set lib_child_handler if it's already initialized, which may
help avoid problems on GNUStep.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* callproc.c (Fcall_process):
* process.c (create_process):
Make sure SIGCHLD is caught before we fork,
since Emacs startup no arranges to catch SIGCHLD.
* process.c (lib_child_handler): Initialize to null, not to
dummy_handler.
(catch_child_signal): Allow self to be called lazily.
Do nothing if it's already been called.
Assume caller has blocked SIGCHLD (all callers do now).
* emacs.c (main): Do not catch SIGCHLD here; defer it until
just before it's really needed.
* nsterm.m (ns_term_init): No need to re-catch SIGCHLD here,
since it hasn't been caught yet.
Fixes: debbugs:14569
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
* callproc.c, process.h (block_child_signal, unblock_child_signal):
Now extern.
* emacs.c (main): Catch SIGCHLD just before initializing gfilenotify.
* process.c (catch_child_signal): Block SIGCHLD while futzing with
the SIGCHLD handler, since the code is not atomic and (due to glib)
signals may be arriving now.
* sysdep.c (init_signals): Do not catch child signals here;
'main' now does that later, at a safer time.
Fixes: debbugs:14569
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* alloc.c (xpalloc, Fgarbage_collect): Reorder conditions that are
written backwards.
* blockinput.h (input_blocked_p): Likewise.
* bytecode.c (exec_byte_code): Likewise.
* callproc.c (call_process_kill, call_process_cleanup)
(Fcall_process): Likewise.
* ccl.c (ccl_driver, resolve_symbol_ccl_program)
(Fccl_execute_on_string): Likewise.
* character.c (string_escape_byte8): Likewise.
* charset.c (read_hex): Likewise.
* cm.c (calccost): Likewise.
* data.c (cons_to_unsigned): Likewise.
* dired.c (directory_files_internal, file_name_completion):
Likewise.
* dispnew.c (scrolling_window, update_frame_1, Fsleep_for)
(sit_for): Likewise.
* doc.c (Fsubstitute_command_keys): Likewise.
* doprnt.c (doprnt): Likewise.
* editfns.c (hi_time, decode_time_components, Fformat): Likewise.
* emacsgtkfixed.c: Likewise.
* fileio.c (file_offset, Fwrite_region): Likewise.
* floatfns.c (Fexpt, fmod_float): Likewise.
* fns.c (larger_vector, make_hash_table, Fmake_hash_table):
Likewise.
* font.c (font_intern_prop): Likewise.
* frame.c (x_set_alpha): Likewise.
* gtkutil.c (get_utf8_string): Likewise.
* indent.c (check_display_width): Likewise.
* intervals.c (create_root_interval, rotate_right, rotate_left)
(split_interval_right, split_interval_left)
(adjust_intervals_for_insertion, delete_node)
(interval_deletion_adjustment, adjust_intervals_for_deletion)
(merge_interval_right, merge_interval_left, copy_intervals)
(set_intervals_multibyte_1): Likewise.
* keyboard.c (gobble_input, append_tool_bar_item): Likewise.
* keymap.c (Fkey_description): Likewise.
* lisp.h (FIXNUM_OVERFLOW_P, vcopy): Likewise.
* lread.c (openp, read_integer, read1, string_to_number):
Likewise.
* menu.c (ensure_menu_items): Likewise.
* minibuf.c (read_minibuf_noninteractive): Likewise.
* print.c (printchar, strout): Likewise.
* process.c (create_process, Faccept_process_output)
(wait_reading_process_output, read_process_output, send_process)
(wait_reading_process_output): Likewise.
* profiler.c (make_log, handle_profiler_signal): Likewise.
* regex.c (re_exec): Likewise.
* regex.h: Likewise.
* search.c (looking_at_1, Freplace_match): Likewise.
* sysdep.c (get_child_status, procfs_ttyname)
(procfs_get_total_memory): Likewise.
* systime.h (EMACS_TIME_VALID_P): Likewise.
* term.c (dissociate_if_controlling_tty): Likewise.
* window.c (get_phys_cursor_glyph): Likewise.
* xdisp.c (init_iterator, redisplay_internal, redisplay_window)
(try_window_reusing_current_matrix, try_window_id, pint2hrstr):
Likewise.
* xfns.c (Fx_window_property): Likewise.
* xmenu.c (set_frame_menubar): Likewise.
* xselect.c (x_get_window_property, x_handle_dnd_message):
Likewise.
* xsmfns.c (smc_save_yourself_CB): Likewise.
* xterm.c (x_scroll_bar_set_handle): Likewise.
|
| |
|
|
|
|
|
|
|
| |
* callproc.c (Fcall_process_region) [!DOS_NT]:
Avoid unnecessary duplicate call to getenv.
* callproc.c (init_callproc):
* dispnew.c (init_display):
* sysdep.c (sys_subshell):
Omit unnecessary cast of getenv or egetenv.
|
| |
|
|
|
|
| |
src/callproc.c (Fcall_process_region): Make sure the XXXXXX part of
the temporary file pattern is not downcased even when
w32-downcase-file-names is non-nil.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
src/w32.c (normalize_filename): Accept an additional argument
MULTIBYTE; if non-zero, traverse the file name by bytes and don't
downcase it even if w32-downcase-file-names is non-nil.
(dostounix_filename): Accept an additional argument MULTIBYTE and
pass it to normalize_filename.
(emacs_root_dir): Adjust.
src/msdos.h (dostounix_filename): Adjust prototype.
src/w32.h (dostounix_filename): Adjust prototype.
src/msdos.c (dostounix_filename): Accept an additional argument and
ignore it.
(init_environment): Adjust callers of dostounix_filename.
src/fileio.c (Ffile_name_directory, file_name_as_directory)
(directory_file_name, Fexpand_file_name)
(Fsubstitute_in_file_name): [DOS_NT] Adjust call to
dostounix_filename.
[WINDOWSNT]: Downcase file names if w32-downcase-file-names is
non-nil.
(Fsubstitute_in_file_name): [DOS_NT] Don't downcase environment
variables, as egetenv is case-insensitive for DOS_NT.
src/dired.c (file_name_completion): Don't call Fdirectory_file_name
with an encoded file name.
src/w32proc.c (Fw32_short_file_name, Fw32_long_file_name): Adjust
calls to dostounix_filename.
src/w32fns.c (Fx_file_dialog): Adjust call to dostounix_filename.
src/unexw32.c (unexec): Adjust call to dostounix_filename.
src/termcap.c (tgetent) [MSDOS]: Adjust call to dostounix_filename.
src/emacs.c (decode_env_path) [DOS_NT]: Adjust call to
dostounix_filename.
src/callproc.c (Fcall_process) [MSDOS]: Adjust call to
dostounix_filename.
|
| |\ |
|
| | |
| |
| |
| |
| |
| |
| | |
src/callproc.c (Fcall_process): Make sure program name in PATH and
new_argv[0] is encoded, if needed. Otherwise, un-encoded string
is passed to exec/spawnve, which fails unless the file-name
encoding is UTF-8.
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
src/w32.h (_child_process): New members input_file and
pending_deletion.
(register_child): First argument is now pid_t.
(record_infile, record_pending_deletion): New prototypes.
src/w32proc.c (new_child): Initialize input_file and
pending_deletion members of the child.
(delete_child): Delete the child's temporary input file, if any,
that is pending deletion.
(register_child): First argument is now pid_t.
(record_infile, record_pending_deletion): New functions.
(reap_subprocess): Fix a typo in DebPrint string.
(sys_spawnve, sys_kill): Use pid_t for PID arguments.
src/fileio.c (internal_delete_file): Return an int again: non-zero
if delete-file succeeds, zero otherwise.
src/lisp.h (internal_delete_file): Adjust prototype.
src/callproc.c (Fcall_process): Don't overwrite infile with result
of DECODE_FILE.
[WINDOWSNT] If BUFFER is an integer, i.e. we are launching an
asynchronous subprocess, record the name of the input file name,
if any.
(delete_temp_file) [WINDOWSNT]: If internal_delete_file fails to
delete the file, record it as pending deletion when the subprocess
exits.
nt/inc/ms-w32.h (sys_unlink): Provide prototype.
|
| | | |
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Exceptions: do not assume SIGCONT, SIGSTOP, SIGTSTP, SIGTTIN,
SIGTTOU, SIGUSR1, SIGUSR2, as Microsoft platforms lack these.
* admin/CPP-DEFINES (SIGALRM, SIGCHLD, SIGHUP, SIGKILL, SIGPIPE, SIGQUIT):
Remove.
(SIGTRAP): Remove this one too, as config.h no longer defines it.
* admin/merge-gnulib (GNULIB_MODULES): Add sig2str.
* configure.ac (PTY_OPEN, PTY_TTY_NAME_SPRINTF):
Use SIGCHLD rather than SIGCLD.
* lib/sig2str.c, lib/sig2str.h, m4/sig2str.m4: New files, from gnulib.
* lib/gnulib.mk, m4/gnulib-comp.m4: Regenerate.
* lib/makefile.w32-in (GNULIBOBJS): Add $(BUILD)/sig2str.$(O).
* src/process.c [subprocesses]: Include <c-ctype.h>, <sig2str.h>.
(deleted_pid_list, Fdelete_process, create_process)
(record_child_status_change, handle_child_signal, deliver_child_signal)
(init_process_emacs, syms_of_process):
Assume SIGCHLD is defined.
(parse_signal): Remove. All uses removed.
(abbr_to_signal): New static function.
(Fsignal_process): Use it to convert signal names to ints.
* src/sysdep.c (sys_suspend) [!DOS_NT]: Use kill (0, ...) rather than
kill (getpgrp (), ...).
(emacs_sigaction_init): Assume SIGCHLD is defined.
(init_signals): Assume SIGALRM, SIGCHLD, SIGHUP, SIGKILL,
SIGPIPE, and SIGQUIT are defined. Do not worry about SIGCLD any more.
* src/syssignal.h (EMACS_KILLPG): Remove.
All uses replaced by 'kill' with a negative pid.
(SIGCHLD): Remove definition, as we now assume SIGCHLD.
* src/w32proc.c (sys_kill): Support negative pids compatibly with POSIX.
Fixes: debbugs:13026
|
| | |
| |
| |
| |
| |
| |
| |
| |
| | |
* callproc.c, process.h (record_kill_process):
New function, containing part of the old call_process_kill.
(call_process_kill): Use it.
This does not change call_process_kill's behavior.
* process.c (Fdelete_process): Use record_kill_process to fix a
race condition that could cause Emacs to lose track of a child.
|
| |\| |
|
| | |
| |
| |
| |
| | |
src/callproc.c (Fcall_process_region): Encode expanded temp file
pattern before passing it to mkstemp or mktemp.
|
| | |
| |
| |
| |
| |
| | |
src/callproc.c (Fcall_process_region) [!HAVE_MKSTEMP]: If mktemp
fails, signal an error instead of continuing with an empty
string.
|
| | |
| |
| |
| |
| |
| |
| | |
* callproc.c (Fcall_process): Do record-unwind-protect on MSDOS
at the same time as other platforms, to simplify analysis.
No need for fd0_volatile since we have synch_process_fd.
Avoid needless emacs_close; arg is always negative.
|
| | |
| |
| |
| | |
processes.
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Fixing this bug required some cleanup of the signal-handling code.
As a side effect, this change also fixes a longstanding rare race
condition whereby Emacs could mistakenly kill unrelated processes,
and it fixes a bug where a second C-g does not kill a recalcitrant
synchronous process in GNU/Linux and similar platforms.
The patch should also fix the last vestiges of Bug#9488,
a bug which has mostly been fixed on the trunk by other changes.
* callproc.c, process.h (synch_process_alive, synch_process_death)
(synch_process_termsig, sync_process_retcode):
Remove. All uses removed, to simplify analysis and so that
less consing is done inside critical sections.
* callproc.c (call_process_exited): Remove. All uses replaced
with !synch_process_pid.
* callproc.c (synch_process_pid, synch_process_fd): New static vars.
These take the role of what used to be in unwind-protect arg.
All uses changed.
(block_child_signal, unblock_child_signal):
New functions, to avoid races that could kill innocent-victim processes.
(call_process_kill, call_process_cleanup, Fcall_process): Use them.
(call_process_kill): Record killed processes as deleted, so that
zombies do not clutter up the system. Do this inside a critical
section, to avoid a race that would allow the clutter.
(call_process_cleanup): Fix code so that the second C-g works again
on common platforms such as GNU/Linux.
(Fcall_process): Create the child process in a critical section,
to fix a race condition. If creating an asynchronous process,
record it as deleted so that zombies do not clutter up the system.
Do unwind-protect for WINDOWSNT too, as that's simpler in the
light of these changes. Omit unnecessary call to emacs_close
before failure, as the unwind-protect code does that.
* callproc.c (call_process_cleanup):
* w32proc.c (waitpid): Simplify now that synch_process_alive is gone.
* process.c (record_deleted_pid): New function, containing
code refactored out of Fdelete_process.
(Fdelete_process): Use it.
(process_status_retrieved): Remove. All callers changed to use
child_status_change.
(record_child_status_change): Remove, folding its contents into ...
(handle_child_signal): ... this signal handler. Now, this
function is purely a handler for SIGCHLD, and is not called after
a synchronous waitpid returns; the synchronous code is moved to
wait_for_termination. There is no need to worry about reaping
more than one child now.
* sysdep.c (get_child_status, child_status_changed): New functions.
(wait_for_termination): Now takes int * status and bool
interruptible arguments, too. Do not record child status change;
that's now the caller's responsibility. All callers changed.
Reimplement in terms of get_child_status.
(wait_for_termination_1, interruptible_wait_for_termination):
Remove. All callers changed to use wait_for_termination.
* syswait.h: Include <stdbool.h>, for bool.
(record_child_status_change, interruptible_wait_for_termination):
Remove decls.
(record_deleted_pid, child_status_changed): New decls.
(wait_for_termination): Adjust to API changes noted above.
Fixes: debbugs:12980
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
* callproc.c (Fcall_process):
* process.c (create_process):
Don't save and restore environ; no longer needed.
* callproc.c (child_setup):
Use execve, not execvp, to preserve environ.
Fixes: debbugs:13054
|
| | | |
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Do not assume that fd[0], count, filefd, and save_environ survive
vfork. Fix bug whereby wrong errno value could be reported for
pipe failure. Some minor cleanups, too, as follows. Move buf and
bufsize to the context where they're needed. Change new_argv to
be of type char **, as this is more convenient and avoids casts.
(CALLPROC_BUFFER_SIZE_MIN, CALLPROC_BUFFER_SIZE_MAX):
Now local constants, not macros.
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
* admin/CPP-DEFINES (O_RDONLY, O_RDWR, HAVE_FCNTL_H): Remove.
* admin/merge-gnulib (GNULIB_MODULES): Add fcntl-h.
* configure.ac: Do not check for fcntl.h.
* lib/gnulib.mk: Regenerate.
* lib-src/movemail.c, lib-src/update-game-score.c: Assume <fcntl.h> exists.
* nt/inc/sys/socket.h (O_NONBLOCK): Rename from O_NDELAY, since the
POSIX name for this flag is O_NONBLOCK. All uses changed.
* nt/inc/unistd.h (O_RDWR, O_NOCTTY): New macros. Like AT_FDCWD etc.
these really should be moved to a replacement <fcntl.h> if and
when that gets implemented. In the meantime, include <fcntl.h>
to make sure we don't override its definitions.
* src/callproc.c (relocate_fd): Assume F_DUPFD.
* src/emacs.c, src/term.c (O_RDWR): Remove.
* src/keyboard.c (tty_read_avail_input): Use O_NONBLOCK rather than
O_NDELAY, since O_NONBLOCK is the standard name for this flag.
* src/nsterm.m: Assume <fcntl.h> exists.
* src/process.c (NON_BLOCKING_CONNECT, allocate_pty, create_process)
(create_pty, Fmake_network_process, server_accept_connection)
(wait_reading_process_output, init_process_emacs):
Assume O_NONBLOCK.
(wait_reading_process_output): Put in a special case for WINDOWSNT
to mimick the older behavior where it had O_NDELAY but not O_NONBLOCK.
It's not clear this is needed, but it's a more-conservative change.
(create_process): Assume FD_CLOEXEC.
(create_process, create_pty): Assume O_NOCTTY.
* src/sysdep.c (init_sys_modes, reset_sys_modes): Assume F_SETFL.
(reset_sys_modes): Use O_NONBLOCK rather than O_NDELAY.
Omit if not DOS_NT, since F_GETFL is not defined there.
(serial_open): Assume O_NONBLOCK and O_NOCTTY.
* src/term.c: Include <fcntl.h>, for flags like O_NOCTTY.
(O_NOCTTY): Remove.
(init_tty): Assume O_IGNORE_CTTY is defined to 0 on platforms that
lack it, since gnulib guarantees this.
* src/w32.c (fcntl): Test for O_NONBLOCK rather than O_NDELAY.
Fixes: debbugs:12881
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
This fixes a bug that has been present in Emacs since its creation.
It was reported by Chris Torek in 1983 even before GNU Emacs existed,
which must set some sort of record. (Torek's bug report was against
a predecessor of GNU Emacs, but GNU Emacs happened to have the
same common flaw.) See Torek's Usenet posting
"setuid/setgid programs & Emacs" Article-I.D.: sri-arpa.858
Posted: Fri Apr 8 14:18:56 1983.
* .bzrignore: Add lib/fcntl.h.
* configure.ac (euidaccess): Remove check; gnulib does this for us now.
(gl_FCNTL_O_FLAGS): Define a dummy version.
* lib/at-func.c, lib/euidaccess.c, lib/faccessat.c, lib/fcntl.in.h:
* lib/getgroups.c, lib/group-member.c, lib/root-uid.h:
* lib/xalloc-oversized.h, m4/euidaccess.m4, m4/faccessat.m4:
* m4/fcntl_h.m4, m4/getgroups.m4, m4/group-member.m4:
New files, from gnulib.
* lib/gnulib.mk, m4/gnulib-comp.m4: Regenerate.
* admin/merge-gnulib (GNULIB_MODULES): Add faccessat.
(GNULIB_TOOL_FLAGS): Avoid at-internal, fchdir, malloc-posix,
openat-die, openat-h, save-cwd. Do not avoid fcntl-h.
Omit gnulib's m4/fcntl-o.m4.
* nt/inc/ms-w32.h (AT_FDCWD, AT_EACCESS): New symbols.
(access): Remove.
(faccessat): New macro.
* src/Makefile.in (LIB_EACCESS): New macro.
(LIBES): Use it.
* src/callproc.c (init_callproc):
* src/charset.c (init_charset):
* src/fileio.c (check_existing, check_executable, check_writable)
(Ffile_readable_p):
* src/lread.c (openp, load_path_check):
* src/process.c (allocate_pty):
* src/xrdb.c (file_p):
Use effective UID when checking permissions, not real UID.
* src/callproc.c (init_callproc):
* src/charset.c (init_charset):
* src/lread.c (load_path_check, init_lread):
Test whether directories are accessible, not merely whether they exist.
* src/conf_post.h (GNULIB_SUPPORT_ONLY_AT_FDCWD): New macro.
* src/fileio.c (check_existing, check_executable, check_writable)
(Ffile_readable_p):
Use symbolic names instead of integers for the flags, as they're
portable now.
(check_writable): New arg AMODE. All uses changed.
Set errno on failure.
(Ffile_readable_p): Use faccessat, not stat + open + close.
(Ffile_writable_p): No need to call check_existing + check_writable.
Just call check_writable and then look at errno. This saves a syscall.
dir should never be nil; replace an unnecessary runtime check
with an eassert. When checking the parent directory of a nonexistent
file, check that the directory is searchable as well as writable, as
we can't create files in unsearchable directories.
(file_directory_p): New function, which uses 'stat' on most platforms
but faccessat with D_OK (for efficiency) if WINDOWSNT.
(Ffile_directory_p, Fset_file_times): Use it.
(file_accessible_directory_p): New function, which uses a single
syscall for efficiency.
(Ffile_accessible_directory_p): Use it.
* src/xrdb.c (file_p): Use file_directory_p.
* src/lisp.h (file_directory_p, file_accessible_directory_p): New decls.
* src/lread.c (openp): When opening a file, use fstat rather than
stat, as that avoids a permissions race. When not opening a file,
use file_directory_p rather than stat.
(dir_warning): First arg is now a usage string, not a format.
Use errno. All uses changed.
* src/nsterm.m (ns_term_init): Remove unnecessary call to file-readable
that merely introduced a race.
* src/process.c, src/sysdep.c, src/term.c: All uses of '#ifdef O_NONBLOCK'
changed to '#if O_NONBLOCK', to accommodate gnulib O_* style,
and similarly for the other O_* flags.
* src/w32.c (sys_faccessat): Rename from sys_access and switch to
faccessat's API. All uses changed.
* src/xrdb.c: Do not include <sys/stat.h>; no longer needed.
(magic_db): Rename from magic_file_p.
(magic_db, search_magic_path): Return an XrmDatabase rather than a
char *, so that we don't have to test for file existence
separately from opening the file for reading. This removes a race
fixes a permission-checking problem, and simplifies the code.
All uses changed.
(file_p): Remove; no longer needed.
Fixes: debbugs:12632
|
| |/
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This removes code that has been obsolete since around 1990.
* admin/CPP-DEFINES (HAVE_SETPGID, HAVE_SETSID, SETPGRP_RELEASES_CTTY):
Remove; obsolete.
* configure.ac (setpgid, setsid): Assume their existence.
(AC_FUNC_GETPGRP, SETPGRP_RELEASES_CTTY): Remove; obsolete.
* src/callproc.c (Fcall_process):
* src/emacs.c (main):
* src/process.c (create_process):
* src/term.c (dissociate_if_controlling_tty):
Assume setsid exists.
* src/callproc.c (child_setup): Assume setpgid exists and behaves as
per POSIX.1-1988 or later.
* src/conf_post.h (setpgid) [!HAVE_SETPGID]: Remove.
* src/emacs.c (shut_down_emacs):
* src/sysdep.c (sys_suspend, init_foreground_group):
Assume getpgrp behaves as per POSIX.1-1998 or later.
* src/msdos.c (setpgrp): Remove.
(tcgetpgrp, setpgid, setsid): New functions.
* src/systty.h (EMACS_GETPGRP): Remove. All callers now use getpgrp.
* src/term.c (no_controlling_tty): Remove; unused.
* src/w32proc.c (setpgrp): Remove.
(setsid, tcgetpgrp): New functions.
Fixes: debbugs:12800
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* callproc.c (setpgrp): Remove macro, as we now use setpgid
and it is configured in conf_post.h.
(Fcall_process): Don't invoke both setsid and setpgid; the former
is enough, if it exists.
* callproc.c (Fcall_process, child_setup):
* process.c (create_process): Use setpgid.
* conf_post.h (setpgid) [!HAVE_SETPGID]: New macro, which substitutes
for the real thing.
* dispnew.c (init_display): Initialize the foreground group
if we are running a tty display.
* emacs.c (main): Do not worry about setpgrp; init_display does it now.
* lisp.h (init_foreground_group): New decl.
* sysdep.c (inherited_pgroup): New static var.
(init_foreground_group, tcsetpgrp_without_stopping)
(narrow_foreground_group, widen_foreground_group): New functions.
(init_sys_modes): Narrow foreground group.
(reset_sys_modes): Widen foreground group.
Fixes: debbugs:12697
|
| |
|
|
|
|
|
|
|
| |
* lisp.h, syswait.h (record_child_status_change, wait_for_termination)
(interruptible_wait_for_termination):
Move these decls from lisp.h to syswait.h, since they use pid_t.
Needed on FreeBSD; see Herbert J. Skuhra in
<http://lists.gnu.org/archive/html/emacs-devel/2012-09/msg00571.html>.
* callproc.c: Include syswait.h.
|
