Most C and Posix API clobber errno. By failing to save
it immediately after invoking an API we risk simply
reporting the result of an arbitrary subsequent API call.
This adds LOG_SYS_ERRNO to take errno explicitly.
This is necessary because sometimes logging is not done
immediately after calling the function for which we
want to report errno. Similarly, log macros that log
errno need to save errno before calling any functions.
This is necessary as the argements might contain calls
that clobber errno.
This also converts some LOG_SYS entries to LOG_ERR
because there can be no relevant errno in that context
(f.e. in a catch clause).
A couple of LOG_ macros have been folded into others,
reducing redundancy.
Finally, both of these log macros append errno to the
log message, so there is little point in ending the
messages with a period.
Change-Id: Iecc656f67115fec78b65cad4e7c17a17623ecf43
Signed-off-by: Ashod Nakashian <ashod.nakashian@collabora.co.uk>
Also, makes the logging of units much less error prone.
The overloaded streaming operators are temporary as
they are provided in C++20. The ones here (though
incomplete) are fashioned after the C++20 specs.
Change-Id: Ieb499282ccb6e63fa939ba07bed3e5a4fbef1bd0
Signed-off-by: Ashod Nakashian <ashod.nakashian@collabora.co.uk>
Useful (like LOG_TRC_NOFILE) in cases where the source file location
of the LOG_INF call is uninteresting. (Like if the message to be
logged has originated somewhere else.)
Change-Id: Id6d8c137be073a958943f01b3d7b98143fcd7dfd
Reviewed-on: https://gerrit.libreoffice.org/c/online/+/98735
Tested-by: Jenkins
Tested-by: Jenkins CollaboraOffice <jenkinscollaboraoffice@gmail.com>
Reviewed-by: Tor Lillqvist <tml@collabora.com>
loolmount now works and supports mounting and
unmounting, plus numerous improvements,
refactoring, logging, etc.. When enabled,
binding improves the jail setup time by anywhere
from 2x to orders of magnitude (in docker, f.e.).
A new config entry mount_jail_tree controls
whether mounting is used or the old method of
linking/copying of jail contents. It is set to
true by default and falls back to linking/copying.
A test mount is done when the setting is enabled,
and if mounting fails, it's disabled to avoid noise.
Temporarily disabled for unit-tests until we can
cleanup lingering mounts after Jenkins aborts our
build job. In a future patch we will have mount/jail
cleanup as part of make.
The network/system files in /etc that need frequent
refreshing are now updated in systemplate to make
their most recent version available in the jails.
These files can change during the course of loolwsd
lifetime, and are unlikely to be updated in
systemplate after installation at all. We link to
them in the systemplate/etc directory, and if that
fails, we copy them before forking each kit
instance to have the latest.
This reworks the approach used to bind-mount the
jails and the templates such that the total is
now down to only three mounts: systemplate, lo, tmp.
As now systemplate and lotemplate are shared, they
must be mounted as readonly, this means that user/
must now be moved into tmp/user/ which is writable.
The mount-points must be recursive, because we mount
lo/ within the mount-point of systemplate (which is
the root of the jail). But because we (re)bind
recursively, and because both systemplate and
lotemplate are mounted for each jails, we need to
make them unbindable, so they wouldn't multiply the
mount-points for each jails (an explosive growth!)
Contrarywise, we don't want the mount-points to
be shared, because we don't expect to add/remove
mounts after a jail is created.
The random temp directory is now created and set
correctly, plus many logging and other improvements.
Change-Id: Iae3fda5e876cf47d2cae6669a87b5b826a8748df
Reviewed-on: https://gerrit.libreoffice.org/c/online/+/92829
Tested-by: Jenkins
Tested-by: Jenkins CollaboraOffice <jenkinscollaboraoffice@gmail.com>
Reviewed-by: Ashod Nakashian <ashnakash@gmail.com>
We now don't need to call snprintf (which is best
for signal-safetly), and are much faster thanks
to a custom replacement.
Change-Id: Iae5861e42e8e335967499f93b71b39b0b4b09bf6
Reviewed-on: https://gerrit.libreoffice.org/c/online/+/94146
Tested-by: Jenkins CollaboraOffice <jenkinscollaboraoffice@gmail.com>
Tested-by: Jenkins
Reviewed-by: Ashod Nakashian <ashnakash@gmail.com>
LibreOffice core uses that, too, and we support an even more
restricted set of compilers.
Change-Id: I0d0e2c8608e323eb5ef0f35ee8c46d02ab49a745
Reviewed-on: https://gerrit.libreoffice.org/c/online/+/92467
Tested-by: Jenkins CollaboraOffice <jenkinscollaboraoffice@gmail.com>
Reviewed-by: Tor Lillqvist <tml@collabora.com>
Always log when we set the termination flag
so we can trace how (and implicitly why) we
terminated. In practice trace logging is not
enabled, so a key event such as termination
should be logged at info level.
Reviewed-on: https://gerrit.libreoffice.org/80324
Reviewed-by: Andras Timar <andras.timar@collabora.com>
Tested-by: Andras Timar <andras.timar@collabora.com>
(cherry picked from commit 3f8d516e1399df687c2935fc551b171cbd850b7b)
Change-Id: Id6615181c81ea56777f44b551b39925065b0e578
Reviewed-on: https://gerrit.libreoffice.org/81562
Reviewed-by: Michael Meeks <michael.meeks@collabora.com>
Tested-by: Michael Meeks <michael.meeks@collabora.com>
We never exit an app process intentionally, so Log::isShutdownCalled()
can always return false.
Change-Id: I6b3cce85ccac5e3ffbb7b29ca552cb9e4441df2a
Reviewed-on: https://gerrit.libreoffice.org/78979
Reviewed-by: Tor Lillqvist <tml@collabora.com>
Tested-by: Tor Lillqvist <tml@collabora.com>
net/Socket.hpp:405:9: runtime error: member call on address 0x6070007a2210 which does not point to an object of type 'Poco::Logger'
0x6070007a2210: note: object has invalid vptr
05 00 80 0e 7c 01 80 6f 3c 7f 00 00 c8 b8 0f 01 3c 7f 00 00 00 00 00 00 be be be be 38 22 7a 00
^~~~~~~~~~~~~~~~~~~~~~~
invalid vptr
SUMMARY: UndefinedBehaviorSanitizer: undefined-behavior net/Socket.hpp:405:9 in
Which is use-after-free: once Poco::Logger::shutdown() is called, we
need to tolerate LOG_DBG() and other similar calls, even if they don't
go anywhere.
Change-Id: Ic76433743177dd2b604ff34e340309c506d83350
Added functions to get file timestamp and to convert
chrono timestamp in ISO8601 fraction format and some
test cases.
Change-Id: I58961a31f7262b367cff9f33cffdec7571a2f8f7
The process never exists voluntarily. It is killed by the OS when
inactive and its resources are needed.
Change-Id: I9a7fa8200a44bba8dfcd2b09882f1b87814025be
Cleaning up the thread variable with the shared string stream is
something of a nightmare, for a rather marginal gain.
==9296== Invalid write of size 1
...
==9296== by 0x738C092: str (sstream:195)
==9296== by 0x738C092: std::__cxx11::basic_ostringstream<char, std::char_traits<char>, std::allocator<char> >::str(std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> > const&) (sstream:649)
==9296== by 0x65383A: Log::beginLog[abi:cxx11](char const*) (Log.cpp:141)
==9296== by 0x551823: Admin::~Admin() (Admin.cpp:381)
==9296== by 0x7D9ECF7: __run_exit_handlers (exit.c:83)
==9296== by 0x7D9ED49: exit (exit.c:105)
==9296== by 0x7D86F50: (below main) (libc-start.c:342)
==9296== Address 0x8ba41c0 is 0 bytes inside a block of size 513 free'd
==9296== at 0x4C2FA1D: operator delete(void*) (vg_replace_malloc.c:576)
...
==9296== by 0x738784A: ~basic_stringbuf (sstream:65)
==9296== by 0x738784A: std::__cxx11::basic_ostringstream<char, std::char_traits<char>, std::allocator<char> >::~basic_ostringstream() (sstream:591)
==9296== by 0x7D9F27E: __call_tls_dtors (cxa_thread_atexit_impl.c:155)
==9296== by 0x7D9EC0A: __run_exit_handlers (exit.c:41)
==9296== by 0x7D9ED49: exit (exit.c:105)
==9296== by 0x7D86F50: (below main) (libc-start.c:342)
Good to log during shutdown / exit.
This reverts commit c315d219d5967f23fb1769e78021f61b8f9da6ec.
This reverts commit ce78fec310.
Change-Id: Ia4a15be336d89d8d883530943724d48e4b0ec9fe
Reviewed-on: https://gerrit.libreoffice.org/71444
Reviewed-by: Michael Meeks <michael.meeks@collabora.com>
Tested-by: Michael Meeks <michael.meeks@collabora.com>
Avoids some N^2 log-line explosion; also make the method name
more findable.
Change-Id: I3ee8c521f1ac98a939cd4d758c720b577d3bfa57
Reviewed-on: https://gerrit.libreoffice.org/71443
Reviewed-by: Michael Meeks <michael.meeks@collabora.com>
Tested-by: Michael Meeks <michael.meeks@collabora.com>
This is faster and reduces memory fragmentation.
Also, cleans up the logging macros and implementation.
Change-Id: I7fb00da041d1261c694c4b48b67a3c66ad0cbf8d
Reviewed-on: https://gerrit.libreoffice.org/71020
Reviewed-by: Ashod Nakashian <ashnakash@gmail.com>
Tested-by: Ashod Nakashian <ashnakash@gmail.com>
This is important for when we abort with some explanation.
Often said explanation doesn't show up anywhere to be useful.
Also, issue fatal logs for abnormal exist and use SFL to log errno.
Reviewed-on: https://gerrit.libreoffice.org/57540
Reviewed-by: Jan Holesovsky <kendy@collabora.com>
Tested-by: Jan Holesovsky <kendy@collabora.com>
(cherry picked from commit ad7964393eadb68873b820e0a620fb40f1e1b06a)
Change-Id: Ic67064ef40ef6e93d26e5847ecd32bdd49c3cc8b
The async-signal-safe functions to get thread-id
and thread-name, which cache the results, are
faster, cleaner, and signal-safe. No reason why
we shouldn't always use them.
Especially since it appears the logic was
inverted in Log::prefix, such that the signal
un-safe calls were made during signal-handling,
and the safe ones were called otherwise!
Instead of passing the signal-safe flag to
Log::prefix, we pass the buffer size, for
improved security.
Furthermore, reduce header dependencies
and reduce clutter.
Change-Id: I697689b2f0a290b6d8cce4babc3ac1e576141da6
I think the general policy should be to always log errno using both
Util::symbolicErrno() and std::strerror(), never log a naked errno.
But only in cases where we know that it is highly likely that it is
the most recent system call that has failed, so errno makes sense.
Change-Id: I4a1fb31e375ea949e7da17687464361efe7c1761
And improve the logging support in unit-tests to
help troubleshoot issues faster and more accurately.
Also makes the code more readable (hopefully).
Change-Id: I4f8aafb5245e2f774b03231591a74544f9ec84aa
Reviewed-on: https://gerrit.libreoffice.org/48645
Reviewed-by: Ashod Nakashian <ashnakash@gmail.com>
Tested-by: Ashod Nakashian <ashnakash@gmail.com>
Now all logging is done after checking if the
level in question is enabled or not (thanks to
the macros LOG_XXX), which saves unnecessary
conversions and stringification when said level
is disabled.
Change-Id: Icde31e067f60269563896f04f8b0d65643720766
Reviewed-on: https://gerrit.libreoffice.org/47885
Reviewed-by: Michael Meeks <michael.meeks@collabora.com>
Tested-by: Michael Meeks <michael.meeks@collabora.com>