Oops when a stale copy is written back, i.e. the processor was yielded
since the copy was made. Such bugs are difficult to spot. Sequence
numbers catch them when they do actual harm (they also catch different
bugs). Generation numbers catch them even when they don't.
New ef_generation to count generations. Call new ef_make_stale() to
step it whenever the processor may be yielded.
New struct emptypedstr member generation. Make sure all members of
unit empobj_storage share it. It is only used in copies; its value on
disk and in the cache is meaningless. Set it to ef_generation by
calling new ef_mark_fresh() when making copies in ef_read() and
ef_blank(). Do the same in obj_changed() to make check_sect_ok() &
friends freshen their argument when it is unchanged. Copies with
generation other than ef_generation are stale.
Oops in ef_write() when a stale copy is written back.
New tel_read_header(), tel_read_body(). Use them in rea(),
show_first_tel(), copy_and_expire().
rea() now stops when it encounters a corrupt telegram, and logs the
problem. Before, error detection was incomplete, and errors were not
logged. Corrupt mailboxes could make it crash.
show_first_tel() and copy_and_expire() can now cope with telegrams of
arbitrary length, like rea(), and sanity-check the header fields they
don't actually use.
Change nstr_mkselval() to generate values with promoted types only,
and replace nstr_coerce_val() by new and simpler nstr_optype() in
nstr_comp().
Replace the only remaining use of nstr_coerce_val() in surv() by
nstr_promote(), and remove nstr_coerce_val().
This loses one half of the unimplemented sketch of coercions to
NSC_STRING. Drop the other half from nstr_exec_val().
Land unit reactions are overly complex because we have two different
concepts controlling them: reaction radius (set with lrange) and
reserve mission (set with mission). You need to deal with both to set
up or query reactions.
Commit 8d0e1af5 "fixed" this by making reserve missions meaningless.
The previous commit made reserve missions meaningful again: they
support an op-area now. This brought back the problem of having to
deal with two separate commands to accomplish one thing.
Fix this for good by removing non-mission land unit reaction
alltogether. The only feature we lose by that is the ability to order
land units to react until the order is explicitely cancelled. That's
because missions are implicitely cleared by many commands and events,
while non-mission reaction wasn't. Closes#858121 and #858122.
Remove the non-mission reaction case from att_reacting_units().
Don't limit reserve missions to the land unit's reaction radius: make
lnd_reaction_range() return the type's maximum radius instead of
lnd_rad_max.
The reaction radius is now useless. Remove the lrange command, and
struct lndstr member lnd_rad_max along with its selector react.
Remove land command's column rd. Make ldump show column react as
zero. Deprecate edit key 'P' in dounit(), and don't show it in
pr_land().
Replace daychange() and gettimeleft() by update_timeused_login(),
update_timeused() and enforce_minimum_session_time(). The new
code doesn't assume the day is always 24 hours long which can
occur when transitioning into or out of DST and such. Logging
in after more a multiple of 128 days now resets nat_timeused
properly.
Fix nat_timeused calculation on midnight rollover to include
the time since midnight.
struct natstr member nat_dayno and struct player member timeleft
are now unused, remove them.
daytime() rejects 24:00 as invalid. This makes daytime_range()
fail, is_daytime_allowed() ignore this and later ranges silently.
Broken in commit acdee1e3, v4.2.15.
With RAILWAYS, highway-like sectors double as rail. They need to be
at least 5% efficient to be operational, and then they additionally
extend rail into adjacent sectors that are at least 60% efficient.
New opt_RAILWAYS, SCT_HAS_RAIL(), sct_rail_track(). Update
sector_mcost(), bp_neighbors(), lnd_mar_one_sector() for RAILWAYS
mobility rules. Update sinfra(), spyline(), satdisp_sect() to show
rail track instead of rail infrastructure for RAILWAYS.
New virtual sector selector track, implemented by nsc_sct_track().
A sector type's terrain (struct dchrstr member d_terrain) is the
sector type of its underlying terrain. Sector types occuring in
d_terrain are terrain types, and must have their own type in
d_terrain. Players can change sector types only to those with the
same terrain.
The builtin configuration defines terrain types sea, mountain,
wasteland, wilderness and plains. It gives bridge span and tower
terrain sea, and everything else terrain wilderness. Hence, the stock
game remains unchanged.
Deities can use terrain to create sector types that can be developed
only in limited ways.
This simplifies things. In particular, it gets rid of random rounding
in getcommand(), which created a variation in the nightly build
depending on whether the update starts before or after the deity logs
out.
Replace struct natstr member nat_minused by nat_timeused, and update
cou_ca[] accordingly (this affects xdump nat). Replace player member
minleft by timeleft, and getminleft() by gettimeleft(). Update
getcommand(), daychange(), player_main(), status() accordingly, taking
care not to change player output. Change edit country key 'u' to work
in seconds.
EF_PLANE is closed before EF_LAND: if a land unit carries a plane, the
plane goes away before its carrier, and unit_onresize() oopses. Fix
by not checking cargo list consistency there when the file is already
gone.
unit_cargo_init() has a similar issue, at least theoretically: it
rebuilds cargo lists one after the other. Zap them all first.
The former ensures that next links are valid even for uids not on any
list. The latter oopses on adding an uid to a list when it is already
on a list, unless it is at the tail.
Load counters are redundant; they can be computed from the carrier
uids. Keeping them up-to-date as the carriers change is a pain, and
we never got that quite complete.
Computing load counters straight from the carrier uids every time we
need them would be rather inefficient, but computing them from cargo
lists is not. So do that.
Remove the load counters: struct shpstr members shp_nplane,
shp_nchoppers, shp_nxlight, shp_nland, and struct lndstr members
lnd_nxlight and lnd_nland.
Don't compute/update load counters in build_ship(), build_land(),
land(), ldump(), load_plane_ship(), load_land_ship(),
load_plane_land(), load_land_land(), lstat(), sdump(), shi(), sstat(),
tend_land(), check_trade(), put_combat(), pln_oneway_to_carrier_ok),
pln_newlanding(), fit_plane_on_ship(), fit_plane_on_land(),
unit_list().
Nothing left in fit_plane_off_ship(), fit_plane_off_land(), so remove
them.
load_land_ship(), load_land_land(), check_trade(), pln_newlanding(),
put_plane_on_ship(), take_plane_off_ship(), put_plane_on_land(),
take_plane_off_land() no longer change the carrier, so don't put it.
Remove functions to recompute the load counters from carrier uids:
count_units(), lnd_count_units(), count_planes(), count_land_planes(),
pln_fixup() and lnd_fixup(), along with the latter two's private
copies of fit_plane_on_ship() and fit_plane_on_land().
New cargo list functions to compute load counts: unit_cargo_count()
and unit_nplane(), with convenience wrappers shp_nplane(),
shp_nland(), lnd_nxlight(), lnd_nland().
Use them to make ship selectors nplane, nchoppers, nxlight, nland
virtual. They now reflect what is loaded, not how the load uses the
available slots. This makes a difference when x-light planes or
choppers use plane slots.
Use them to make land unit selectors nxlight and nland virtual.
Use them to get load counts in land(), ldump(), load_plane_ship(),
load_land_ship(), load_plane_land(), load_land_land(), sdump(), shi(),
tend_land(), fit_plane_on_land(), trade_desc(), unit_list().
Rewrite fit_plane_on_ship() and could_be_on_ship() to use
shp_nplane(). could_be_on_ship() now takes load count arguments, as
computed by shp_nplane(), so it can be used for checking against an
existing load as well.
pln_nuktype is redundant; it can be computed from the nuke's
nuk_plane.
Make plane selector nuketype virtual and NSC_EXTRA. It should have
been NSC_EXTRA all along. This changes xdump plane.
Don't set it in arm(), disarm(), build_plane(), pln_damage() and
nuk_fixup(). The latter no longer does anything, remove it.
Deprecate edit key 'n' in doplane(), and don't show it in pr_plane().
The key never made much sense.
eff_bomb(), comm_bomb(), ship_bomb(), plane_bomb(), land_bomb(),
strat_bomb(), mission_pln_equip(), air_damage(), msl_hit(),
pln_equip() tested pln_nuketype to check whether a plane carries a
nuke. Test nuk_on_plane() instead.
pdump(), plan(), trade_desc() print whether and what kind of nuke a
plane carries. Adapt that to use nuk_on_plane().
Persistent game state encodes "who carries what" by storing the
carrier uid in the cargo. Cargo lists augment that: they store lists
of cargo for each carrier. They are not persistent.
New unit_cargo_init() to compute the cargo lists from game state.
Call it in ef_init_srv() and at the end of update_main().
New unit_onresize() to resize the cargo list data structure.
Installed as units' struct empfile callback onresize to make them
resize automatically with the unit files.
New unit_carrier_change() to update cargo lists when carriers change
in game state. Convenience wrappers pln_carrier_change(),
lnd_carrier_change() and nuk_carrier_change(). Call them from
prewrite callbacks to keep cargo lists in sync with game state.
To make that work, unused units must not point to a carrier. Add new
pln_oninit(), lnd_oninit() and nuk_oninit() take care of newly created
units. Change lnd_prewrite() and nuk_prewrite() to take dead land
units and nukes off their carrier. pln_prewrite() did that already.
New unit_cargo_first(), unit_cargo_next() to traverse cargo lists.
Convenience wrappers lnd_first_on_ship(), lnd_first_on_land(),
lnd_next_on_unit(), pln_first_on_ship(), pln_first_on_land(),
pln_next_on_unit() and nuk_on_plane(). The latter is disabled for now
because it clashes with an existing function.
Future virtual selectors will need to access game state. This depends
on common/file.c, which can't be used from global without creating a
cyclic dependency between libglobal.a and libcommon.a.
Move nsc.c to src/lib/common. file.c depends on it, so move it as
well, renamed to filetable.c so it doesn't clash with the existing
file.c.
Really belongs there, because it manipulates empfile[].
New ef_open_view() to replace ef_init_view(). Make ef_close() cope
with views, and remove ef_fina_view(). Make ef_extend() and
ef_truncate() oops on views.
ef_elt_by_name(), xdprval_sym() and symval() checked whether a file
type T is a symbol table by comparing ef_cadef(T) to symbol_ca, even
though T may be EF_BAD. Before commit 50cfdcb5, ef_cadef(EF_BAD)
accessed empfile[] out of bounds, which could conceivably crash or
somehow happen to yield symbol_ca. Since then, it oopses and returns
null.
Fix by testing the file type before calling ef_cadef().
Xundump had special hackery to maintain configuration tables'
sentinels: xubody() and getobj() added a sentinel element when
initializing or growing a table, which xubody() stripped off again
before returning. The latter was an unclean hack.
Replace this by building knowledge of sentinels into struct empfile:
new flag EFF_SENTINEL, set for the appropriate members of empfile[],
obeyed by ef_extend() and ef_truncate().
Change ef_close() to log ep->file instead of ep->name, to match
ef_open().
Fix ef_extend() to log ep->name instead of ep->file, which could be
null. Also fix ef_ensure_space()'s function comment. Both broken in
commit 2eb8672b.
ef_truncate()'s error logging lacked detail when ef_realloc_cache()
failed, fix.
It became needlessly complicated in 4.0.1 to fix a "bug in mapdist not
taking world edges into account nicely enough." That "fix" had no
effect, which was good, because it wasn't broken.
Change struct range from exclusive to inclusive upper bounds, for
consistency with struct realmstr and the area syntax. Also fix many
bugs.
real()'s conversion from struct range's exclusive upper bounds to
struct realmstr's inclusive upper bounds could underflow and store -1
in the realms file. Harmless, because its users didn't mind:
list_realm() and nstr_exec_val() convert back to relative coordinates,
and sarg_getrange() is only used by sarg_area(), which happened to
undo the damage. The change to inclusive upper bounds gets rid of the
broken conversion.
xyinrange() incorrectly treated the upper bound as inclusive, unless
the bounds were equal. Impact:
* nxtitem() and nxtitemp() cases NS_AREA and NS_DIST attempted to hack
around xyinrange()'s lossage(!), but screwed up: sectors on the
lower bound of of a range spanning the the whole world were skipped.
This affected all command arguments that support area or distance
syntax for items. In sufficiently small worlds, it could also make
radar miss satellites and ships, sonar miss ships, satellite miss
ships and land units, nuclear detonations miss ships, planes, land
units and nukes, automatic supply miss ship and land unit supply
sources, ships and land units fail to return fire, ships fail to
fire support.
* draw_map() could draw units sitting just right or just below of the
mapped area. No effect, as these parts of the map weren't actually
shown.
xydist_range() produced an inclusive upper bound when it decided that
the range covers everything in that dimension (which it didn't get
quite right either). This could make snxtsct_dist() and
snxtitem_dist() initialize the iterator with an incorrect upper bound.
Similar impact as the xyinrange() / nxtitem() lossage.
border() could print the hundreds line unnecessarily.
snxtsct() and snxtsct_all() screwed up for odd WORLD_Y: they failed to
include (WORLD_Y - 1) / 2 in the y-range. This affected all command
arguments that support "*" syntax for sectors, plus add ... c, power
n, and break.
snxtsct_all() failed to normalize the bounds (presumed harmless).
There were a few correct, but somewhat unclean uses of struct range
with inclusive upper bounds:
* nat_reset() used one internally.
* pathrange() worked with inclusive upper bounds internally, but
corrected to exclusive upper bounds before passing the range out.
* sarg_getrange() worked with inclusive upper bounds. Its only caller
sarg_area() corrected that to exclusive upper bounds.
The change to inclusive upper bounds cleans this up.
unit_map() and xysize_range() had no issues (isn't that amazing?), but
need to be updated for the changed struct range semantics.
Missile interdiction leaves behind used up missiles with the
PLN_LAUNCHED flag set. This can lead to a bogus warning from
pln_zap_transient_flags() on server restart.
Change pln_zap_transient_flags() to ignore dead planes.
This oopses on output dependency violations, e.g. two threads doing a
read-modify-write without synchronization, or the one thread nesting
several read-modify-writes. Such bugs are difficult to spot, and tend
to be abusable. I figure we have quite a few of them.
New struct emptypedstr member seqno. Make sure all members of unit
empobj_storage share it. Initialize it in files: main() and
file_sct_init(). Set it in ef_blank() and new ef_set_uid() by calling
new get_seqno(). Use ef_set_uid() when copying objects: swaps(),
doland(), doship(), doplane(), dounit(), delete_old_news(). Step it
in ef_write() by calling new new_seqno().
Factor do_read() out of fillcache() to make it available for
get_seqno().
Commit f33b96b1 (v4.3.12) made files again set timestamps. That was
intentionally suppressed in commit 990eb46b (v4.3.10), because it
facilitates attacks against the PRNG. Commit 8f98e53a (v4.3.0) had
added it as a feature.
Fix by making files's main() pass new flag EFF_NOTIME to ef_open().
Implement the flag in do_write().
do_write() sets the timestamp from a parameter. All callers pass
time(), and don't use that value themselves. Call time() in do_write
and remove the parameter.
Commit f33b96b1 made ef_flush(), ef_write() and ef_extend() update
timestamps automatically. Change ef_write() and ef_extend() to do
that even when table is privately mapped, by making do_write() cope
with privately mapped tables. Current users don't care, but it's a
saner interface.
Certain tables have a fixed size depending on configuration: EF_SECTOR
has WORLD_SZ() elements, EF_NATION, EF_MAP and EF_BMAP have MAXNOC
elements, and EF_REALM has MAXNOC * MAXNOR elements. Bad things
happen if the files backing them are shorter.
Pass expected size to ef_open(), and make it fail when the actual size
differs.
