summaryrefslogtreecommitdiff
path: root/indra/llcommon
AgeCommit message (Collapse)Author
2012-05-09CHOP-900: Use new apr_procattr_constrain_handle_set() extension.Nat Goodspeed
Now LLProcess explicitly requests APR to limit the handles passed to any child process, instead of wantonly passing whatever happens to be lying around the parent process at the time. This requires the latest APR build. Also revert LLUpdateDownloader::Implementation::mDownloadStream to llofstream (as in rev 1878a57aebd7) instead of apr_file_t*. Using APR for that file was a Band-Aid -- a single whacked mole -- for the problem more systemically addressed by apr_procattr_constrain_handle_set().
2012-04-23IQA-463: Use APR file I/O for downloaded viewer installer .exe.Nat Goodspeed
On Windows, calling CreateProcess(bInheritHandles=FALSE) is the wrong idea. In that case, CreateProcess() passes NO handles -- even the files you've explicitly designated as the child's stdin, stdout, stderr in the STARTUPINFO struct! Remove LLProcess code to tweak bInheritHandles; we should also remove the corresponding (useless) APR extension. Instead, given that the Windows file-locking problem we've observed is specific to the viewer installer .exe file downloaded by the background updater logic, use APR file I/O for that specific file. Empirically, both llofstream and std::ofstream seem to make the open file handle inheritable; but apr_file_open() documentation says: "By default, the returned file descriptor will not be inherited by child processes created by apr_proc_create()." And indeed, it does appear to sidestep the locking problem.
2012-04-23IQA-463: LLError::addRecorder() claims ownership of passed Recorder*.Nat Goodspeed
That is, when the underlying LLError::Settings object is destroyed -- possibly at termination, possibly on LLError::restoreSettings() -- the passed Recorder* is deleted. There was much existing code that seemed as unaware of this alarming fact as I was myself. Passing to addRecorder() a pointer to a stack object, or to a member of some other object, is just Bad. It might be preferable to make addRecorder() accept std::auto_ptr<Recorder> to make the ownership transfer more explicit -- or even boost::shared_ptr<Recorder> instead, which would allow the caller to either forget or retain the passed Recorder. This preliminary pass retains the Recorder* dumb pointer API, but documents the ownership issue, and eliminates known instances of passing pointers to anything but a standalone heap Recorder subclass object.
2012-04-18IQA-463: Make LLProcess call apr_procattr_inherit_set() extension.Nat Goodspeed
On Windows, Bad Things happen when apr_proc_create() is allowed to pass TRUE to CreateProcess(bInheritHandles). For instance, the open handle for a new installer executable file being downloaded by the background updater gets inadvertently passed to a couple slplugin.exe instances. When the viewer finishes downloading, closes the file and tries to remove it, Windows balks because the file is still open by another process. Require an apr_suite package that includes the new Linden apr_procattr_inherit_set() extension, and call it to turn off CreateProcess(bInheritHandles).
2012-04-18IQA-463: Add error logging for certain LLFile operations.Nat Goodspeed
Attempting to debug an observed LLFile::remove() failure, I was floored to find that remove() made no attempt whatsoever to report its lack of success! Add warnif() function to log errno text in platform-dependent way. Support the notion that for some functions, certain errno values are acceptable -- e.g. we expect stat() to frequently hit ENOENT -- and need not be logged. Add commented-out Windows-specific logic to try to provide further information in the case of EACCES ("Permission denied," e.g. another process has the file open). To use, enable the code block, download handle.exe and turn on DEBUG logging for LLFile. handle.exe can be obtained from: http://technet.microsoft.com/en-us/sysinternals/bb896655
2012-04-12Fix misleading comments, per Richard's code review.Nat Goodspeed
2012-04-11Merge daggy fix c167ae699e17 for Linux UI issues.Nat Goodspeed
2012-04-11Fix Linux UI issues introduced by moving llinitparam to llcommon.Nat Goodspeed
In a number of places, the viewer uses a lookup based on std::type_info*. We used to use std::map<std::type_info*, whatever>. But on Linux, &typeid(SomeType) can produce different pointer values, depending on the dynamic load module in which the code is executed. Introduce LLTypeInfoLookup<T>, with an API that deliberately mimics std::map<std::type_info*, T>. LLTypeInfoLookup::find() first tries an efficient search for the specified std::type_info*. But if that fails, it scans the underlying container for a match on the std::type_info::name() string. If found, it caches the new std::type_info* to optimize subsequent lookups with the same pointer. Use LLTypeInfoLookup instead of std::map<std::type_info*, ...> in llinitparam.h and llregistry.h. Introduce LLSortedVector<KEY, VALUE>, a std::vector<std::pair<KEY, VALUE>> maintained in sorted order with binary-search lookup. It presents a subset of the std::map<KEY, VALUE> API.
2012-03-23Rename In[Esc]String helper-class data members, per code review.Nat Goodspeed
2012-03-21Revert llversionviewer.h to current viewer-release.Nat Goodspeed
At various points along the way, before the process changed, we merged up to viewer-development. One of those must have picked up an llversionviewer.h change to viewer version 3.3.1.0. We have no intention of twiddling llversionviewer.h in this repo -- reset so merging into viewer-release doesn't bump its version number.
2012-03-16Introduce LLLeapListener, associating one with each LLLeap object.Nat Goodspeed
Every LEAP plugin gets its own LLLeapListener, managing its own collection of listeners to various LLEventPumps. LLLeapListener's command LLEventPump now has a UUID for a name, both for uniqueness and to make it tough for a plugin to mess with any other.
2012-03-15Make LLLeap intercept LL_ERRS termination and notify LEAP plugin.Nat Goodspeed
Have to pump "mainloop" a few times to flush the buffer to the pipe, a potentially risky strategy: we have to trust that whatever condition led to the LL_ERRS fatal error didn't break anything that listens on "mainloop". But the worst that could happen is that the plugin won't be notified -- just as if we didn't try in the first place. In other words, no harm in trying.
2012-03-15Promote LLProcess::ReadPipe::size() to BasePipe (hence WritePipe).Nat Goodspeed
Certain use cases need to know whether the WritePipe buffer has been flushed to the pipe, or is still pending.
2012-03-15On Windows, make "very large message" test ridiculously small.Nat Goodspeed
This test must not be subject to spurious environmental failures, else some kind soul will disable it entirely. We observe that APR specifies a hard-coded buffer size of 64Kbytes for pipe creation -- use that and cross fingers.
2012-03-14Backed out changeset 22664c76b59e (reinstate Windows pipe workaround)Nat Goodspeed
Sigh, the rejoicing was premature.
2012-03-14Backed out changeset 51205a909e2c (Windows APR pipe bug workaround)Nat Goodspeed
If in fact we've managed to fix the APR bug writing to a Windows named pipe, it should no longer be necessary to try to work around it by testing with a much smaller data volume on Windows!
2012-03-14On Windows, try cutting down the size of a "very large message."Nat Goodspeed
Ideally we'd love to be able to nail the underlying bug, but log output suggests it may actually go all the way down to the OS level. To move forward, try to bypass it.
2012-03-13If very-large-message test fails, search for a size that works.Nat Goodspeed
We want to write a robust test that consistently works. On Windows, that appears to require constraining the max message size. I, the coder, could try submitting test runs of varying sizes to TC until I found a size that works... but that could take quite a while. If I were clever, I might even use a manual binary search. But computers are good at binary searching; there are even prepackaged algorithms in the STL. If I were cleverer still, I could make the test program itself search for size that works.
2012-03-13Protect LLProcess destructor when run after APR shutdown.Nat Goodspeed
A static LLProcessPtr variable won't be destroyed until after procedural code has shut down APR. The trouble is that LLProcess's destructor unregisters itself from APR -- and, for an autokill LLProcess, attempts to kill the child process. All that is ill-advised after APR shutdown. Disable use of apr_pool_note_subprocess() mechanism. This should be another viable way of coping with static autokill LLProcessPtr variables: when the designated APR pool is cleaned up, APR promises to kill the child process. But whether it's an APR bug or a calling error, the present (now disabled) call in LLProcess results in OUR process, the viewer, getting SIGTERM when it asks to clean up the global APR pool.
2012-03-13Increase timeout for very-large-message test.Nat Goodspeed
Apparently, at least on Mac, there are circumstances in which the very-large- message test can take several times longer than normal, yet still complete successfully. This is always the problem with timeouts: does timeout expiration mean that the code in question is actually hung, or would it complete if given a bit longer? If very-large-message test fails, retry a few times with smaller sizes to try to find a size at which the test runs reliably. The default size, ca 1MB, is intended to be substantially larger than anything we'll encounter in the wild. Is that "unreasonably" large? Is there a "reasonable" size at which the test could consistently pass? Is that "reasonable" size still larger than what we expect to encounter in practice? Need more information, hence this code.
2012-03-13Add timeout functionality to waitfor() helper functions.Nat Goodspeed
Otherwise, a stuck child process could potentially hang the test, and thus the whole viewer build.
2012-03-12Normalize LLErrorThread::run() loop exit condition.Nat Goodspeed
2012-03-06Automated merge with http://hg.secondlife.com/viewer-developmentNat Goodspeed
2012-03-05Further reduce the block size that LLProcess writes to child pipe.Nat Goodspeed
It seems that on Windows, even 32K is too big: one in three load-test runs fails with a duplicated block. Empirically, reducing it to 4K makes it much more stable -- at least we can run successfully 100 consecutive times, which is a step in the right direction.
2012-03-05Additional diagnostic code to track down strange Windows pipe error.Nat Goodspeed
It seems that under certain circumstances, write logic was duplicating a chunk of the data being streamed down our pipe. But as this condition is only driven with a very large data stream, eyeballing that data stream is tedious. Add code to compare the raw received data with the expected stream, reporting where and how they first differ.
2012-03-05Introduce (disabled) LLLeap debugging code to validate stdin writes.Nat Goodspeed
While debugging mysterious problem on Windows, one potential failure mode to rule out was the possibility that streaming std::ostringstream << LLSDNotationStreamer(large_LLSD) might itself cause trouble -- even before attempting to write to the LLProcess::WritePipe. The debugging code validated that the correct length is being reported, and that deserializing the resulting buffer produces equivalent LLSD. This code verified correct operation, and so has been disabled, as it's expensive at runtime.
2012-03-05Make test.cpp support LOGFAIL env var: only failed tests show log.Nat Goodspeed
Set LOGFAIL= one of ALL, DEBUG, INFO, WARN, ERROR, NONE. A passing test will run silently, as now; but a failing test will replay log output at the specified level or higher. While at it, support LOGTEST environment variable, same values. This is like setting --debug (or -d), but allows specifying an arbitrary level -- and, unlike --debug, can be set for a TeamCity build config without modifying any scripts or code. Publish LLError::decodeLevel(std::string), previously private to llerror.cpp.
2012-03-05Move std::ostream << CaptureLog logic into CaptureLog::streamto().Nat Goodspeed
That lets us reliably declare the operator<<() free function inline, which permits multiple translation units in the same executable to #include "wrapllerrs.h".
2012-03-04Simplify llleap_test.cpp plugin by reading individual characters.Nat Goodspeed
While we're accumulating the 'length:' prefix, the present socket-based logic reads 20 characters, then reads 'length' more, then discards any excess (in case the whole 'length:data' packet ends up being less than 20 characters). That's probably a bug: whatever characters follow that packet, however short it may be, are probably the 'length:' prefix of the next packet. We probably only get away with it because we probably never send packets that short. Earlier llleap_test.cpp plugin logic still read 20 characters, then, if there were any left after the present packet, cached them as the start of the next packet. This is probably more correct, but complicated. Easier just to read individual characters until we've seen 'length:', then try for exactly the specified length over however many reads that requires.
2012-03-04Make llleap_test.cpp avoid hard limit on MSVC std::ostringstream max.Nat Goodspeed
In load testing, we have observed intermittent failures on Windows in which LLSDNotationStreamer into std::ostringstream seems to bump into a hard limit of 1048590 bytes. ostringstream reports that much buffered data and returns that much -- even though, on examination, the notation-serialized stream is incomplete at that point. It's our intention to load-test LLLeap and LLProcess, not the local iostream implementation; we hope that this kind of data volume is comfortably greater than actual usage. Back off the load-testing max size a bit.
2012-03-03Break large buffer into chunks to write to LLProcess child pipe.Nat Goodspeed
On Windows we ran into trouble trying to write a biggish (~1 MB) buffer of data to the child process's stdin pipe with a single apr_file_write() call. The child actually received corrupted data -- suggesting a possible bug in either APR or Windows pipes; the same test driving the same logic worked fine on Mac and Linux. Empirically, iterating over chunks of the buffered data is more robust.
2012-03-03Add debugging output in case LLLeap writes corrupt data to plugin.Nat Goodspeed
New llleap_test.cpp load testing turned up Windows issue in which plugin process received corrupt packet, producing LLSDParseError. Add code to dump the bad packet in that case -- but if LLSDParseError is willing to state the offset of the problem, not ALL of the packet. Quiet MSVC warning about little internal base class needing virtual destructor.
2012-03-03Add a couple LLLeap DEBUG messages for incoming-events control flow.Nat Goodspeed
2012-03-02Add LLLeap unit test for invalid length prefix from child stdout.Nat Goodspeed
2012-03-02Use LLProcess::ReadPipe::read() in LLLeap.Nat Goodspeed
The code was using LLProcess::ReadPipe::get_istream().read(), but that's much uglier, as it requires constructing a char* buffer etc. etc.
2012-03-02Add LLLeap unit tests for strange data on child stdout.Nat Goodspeed
2012-03-02Add "load test" LLLeap unit tests: many small messages, one large.Nat Goodspeed
These tests rule out corruption as we cross buffer boundaries in OS pipes and the LLLeap implementation itself.
2012-03-02Clarify LLProcess debug log message about reading from child pipe.Nat Goodspeed
Previous "read N of M bytes" wording implied that the child had M bytes to send, but we only read N of them. In reality we have no idea how many bytes the child is trying to send, only how many the OS is willing to deliver at this moment. To me, "filled N of M bytes" more clearly implies that M is the buffer size.
2012-03-02Drag in Python llsd module, which greatly simplifies tests.Nat Goodspeed
It only took a few examples of trying to wrangle notation LLSD as string data to illustrate how clumsy that is. I'd forgotten that a couple other TUT tests already invoke Python code that depends on the llsd module. The trick is to recognize that at least as of now, there's still an obsolete version of the module in the viewer's own source tree. Python code is careful to try importing llbase.llsd before indra.base.llsd, so that if/when we finally do clear indra/lib/python from the viewer repo, we need only require that llbase be installed on every build machine.
2012-03-01Refactor llleap_test.cpp to streamline adding more unit tests.Nat Goodspeed
Migrate logic from specific test to common reader module, notably parsing the wakeup message containing the reply-pump name. Make test script post to Result struct to communicate success/failure to C++ TUT test, rather than just writing to log. Make test script insensitive to key order in serialized LLSD::Map.
2012-03-01Break out std::ostream << CaptureLog routine for general use.Nat Goodspeed
2012-03-01Add LLLeap class, initial implementation, initial unit tests.Nat Goodspeed
Instantiating LLLeap with a command to execute a particular child process sets up machinery to speak LLSD Event API Plugin protocol with that child process. LLLeap is an LLInstanceTracker subclass, so the code that instantiates need not hold the pointer. LLLeap monitors child-process termination and deletes itself when done.
2012-03-01Allow CaptureLog's consumer to specify desired log level.Nat Goodspeed
Of course, given the way the log machinery works, it's really "everything at that level or stronger."
2012-03-01Make CaptureLog::withMessage() raise tut::failure if not found.Nat Goodspeed
All known callers were using ensure(! withMessage(...).empty()). Centralize that logic. Make failure message report the string being sought and the log messages in which it wasn't found. In case someone does want to permit the search to fail, add an optional 'required' parameter, default true. Leverage new functionality in llprocess_test.cpp.
2012-03-01Log better error message in case of apr_proc_create() failure.Nat Goodspeed
We were using uniform macro to report the APR function and its C++ parameter expressions. But specifically for apr_proc_create() failure, better to report the command we're attempting to execute.
2012-03-01Break out TestRecorder class as CaptureLog into wrapllerrs.h.Nat Goodspeed
Giving more unit tests the ability to capture and examine log output is generally useful. Renaming the class just makes it less ambiguous: what's a TestRecorder? Something that records tests?
2012-02-29When constructing a pipe to child stdin on Posix, ignore SIGPIPE.Nat Goodspeed
We can't count on every child process reading everything we try to write to it. And if the child terminates with WritePipe data still pending, unless we explicitly suppress it, Posix will hit us with SIGPIPE. That would terminate the calling process, boom. "Ignoring" it means APR gets the correct errno, passes it back to us, we log it, etc.
2012-02-29increment viewer version to 3.3.1Oz Linden
2012-02-29Guarantee LLProcess::Params::postend listener any ReadPipe data.Nat Goodspeed
Previously one might get process-terminated notification but still have to wait for the child process's final data to arrive on one or more ReadPipes. That required complex consumer timing logic to handle incomplete pending ReadPipe data, e.g. a partial last line with no terminating newline. New code guarantees that by the time LLProcess sends process-terminated notification, all pending pipe data will have been buffered in ReadPipes. Document LLProcess::ReadPipe::getPump() notification event; add "eof" key. Add LLProcess::ReadPipe::getline() and read() convenience methods. Add static LLProcess::getline() and basename() convenience methods, publishing logic already present elsewhere. Use ReadPipe::getline() and read() in unit tests. Add unit test for "eof" event on ReadPipe::getPump(). Add unit test verifying that final data have been buffered by termination notification event.
2012-02-27Reduce redundancy in llprocess_test.cpp using get_test_name().Nat Goodspeed