Oops when a stale copy is written back, i.e. the processor was yielded
since the copy was made. Such bugs are difficult to spot. Sequence
numbers catch them when they do actual harm (they also catch different
bugs). Generation numbers catch them even when they don't.
New ef_generation to count generations. Call new ef_make_stale() to
increment it whenever the processor may be yielded.
New struct emptypedstr member generation. To conserve space, make it
a bit-field of twelve bits, i.e. generations are only recorded modulo
2^12. Make sure all members of unit empobj_storage share it. It is
only used in copies; its value on disk and in the cache is
meaningless. Copies with generation other than ef_generation are
stale. Stale copies that are a multiple of 2^12 generations old can't
be detected, but that is sufficiently improbable.
Set generation to ef_generation by calling new ef_mark_fresh() when
making copies in ef_read() and ef_blank(). nav_ship() and
fltp_to_list() make copies without going through ef_read(), and
therefore need to call ef_mark_fresh() as well. Also call it in
obj_changed() to make check_sect_ok() & friends freshen their argument
when it is unchanged.
New must_be_fresh() oopses when its argument is stale. Call it in
ef_write() to catch write back of stale copies.
Store them and ef_type in bit-fields.
Allocate eight bits for ef_type. Values range from 0 to EF_GAME
(currently 16), so this is plenty.
Allocate twelve bits for sequence numbers. Sequence number mismatches
are now missed when the numbers are equal modulo 2^12. Still
sufficiently improbable.
Common machines store the bit-fields in a 32 bit word. There are
twelve bits left in that word for future use. Total savings 16 bits,
which is exactly what the previous commit spent on wider uids on
common machines.
Before, they were stored as short. Wider uids use more space, but the
next commit will recover it by narrowing other members.
The use of short has always limited the number of ships, planes, land
units and nukes to SHRT_MAX (commonly 32768). Only the most extreme
games ever came close.
Commit 49780e2c (v4.3.12) added struct sctstr member sct_uid to make
struct empobj member uid work for sectors. This made the limit apply
to sectors as well. We've had games with more than 32768 sectors.
Really belongs there, because it manipulates empfile[].
New ef_open_view() to replace ef_init_view(). Make ef_close() cope
with views, and remove ef_fina_view(). Make ef_extend() and
ef_truncate() oops on views.
Xundump had special hackery to maintain configuration tables'
sentinels: xubody() and getobj() added a sentinel element when
initializing or growing a table, which xubody() stripped off again
before returning. The latter was an unclean hack.
Replace this by building knowledge of sentinels into struct empfile:
new flag EFF_SENTINEL, set for the appropriate members of empfile[],
obeyed by ef_extend() and ef_truncate().
This oopses on output dependency violations, e.g. two threads doing a
read-modify-write without synchronization, or the one thread nesting
several read-modify-writes. Such bugs are difficult to spot, and tend
to be abusable. I figure we have quite a few of them.
New struct emptypedstr member seqno. Make sure all members of unit
empobj_storage share it. Initialize it in files: main() and
file_sct_init(). Set it in ef_blank() and new ef_set_uid() by calling
new get_seqno(). Use ef_set_uid() when copying objects: swaps(),
doland(), doship(), doplane(), dounit(), delete_old_news(). Step it
in ef_write() by calling new new_seqno().
Factor do_read() out of fillcache() to make it available for
get_seqno().
Commit f33b96b1 (v4.3.12) made files again set timestamps. That was
intentionally suppressed in commit 990eb46b (v4.3.10), because it
facilitates attacks against the PRNG. Commit 8f98e53a (v4.3.0) had
added it as a feature.
Fix by making files's main() pass new flag EFF_NOTIME to ef_open().
Implement the flag in do_write().
Certain tables have a fixed size depending on configuration: EF_SECTOR
has WORLD_SZ() elements, EF_NATION, EF_MAP and EF_BMAP have MAXNOC
elements, and EF_REALM has MAXNOC * MAXNOR elements. Bad things
happen if the files backing them are shorter.
Pass expected size to ef_open(), and make it fail when the actual size
differs.
Make sure all members of unit empobj_storage share it.
Add matching timestamp member to struct comstr, struct empobj, struct
gamestr, struct lonstr, struct natstr, struct nwsstr, struct trdstr,
struct trtstr. The timestamp isn't yet set for these. To be fixed.
Move the timestamp member to the right place in struct lndstr, struct
loststr, struct realmstr, struct nukstr, struct plnstr, struct sctstr,
struct shpstr.
Where ordinary selectors specify a value stored in some object,
virtual selectors specify a function to call to compute a value
associated with some object.
Use them to replace the special case xdump ver by new table
EF_VERSION.
Move configkeys[] to lib/common because nsc_init() needs it to
initialize empfile[EF_VERSION].cadef.
New struct emptypedstr to avoid depending on empobj.h there.
Remove now superfluous manual initializations elsewhere.
This doesn't fix any missing initializations.
Read-only was a bit of a misnomer: you could write to the table by
obtaining a pointer into it from ef_ptr(), you just couldn't write to
the backing file.
Semantic changes:
* ef_flush() is now allowed when the table is file-backed or privately
mapped. Before, it had to be file-backed. Flushing a privately
mapped table does nothing, just like flushing a read-only table did.
* ef_write() is now allowed when the table is file-backed or fully
cached. Before, it had to be file-backed and not read-only.
Writing to a privately mapped file-backed table doesn't write to the
file.
* ef_extend() is not implemented for privately mapped tables, just
like it wasn't implemented for read-only tables.
Split ef_init() into two functions: empfile_init() for initialization,
and empfile_fixup() to fix it up for configuration. Put them next to
empfile[]. Move the call to empfile_init() from behind emp_config()
to before it.
(gamestr, EF_GAME, game_ca): New.
(empfile): Declare the table.
(ef_open_srv, ef_close_srv): Open and close it.
(main): Create it.
(empobj_storage): New member game.
(EF_DYNMAX): New.
(EF_IS_GAME_STATE): Use it.
other. Ensure headers in include/ can be included in any order
(except for econfig-spec.h, which is special). New header types.h to
help avoid inclusion cycles. Sort include directives. Remove some
superflous includes.
oprange, show_mission, nameofitem, build_mission_list_type,
unit_map, xdvisible, trdswitchown, ontradingblock, trad, check_trade,
unit_type_name, start_stop_unit, scut, scra, mission, multifire,
perform_mission, fuel, NSC_GENITEM): Replace struct genitem with
struct empobj. Remove genitem.h and create a new file empobj.h.
Replace multiple instances of unions of ef_type structures with
one standard union empobj_storage which is a superset of the individual
instances.
files item.config, product.config, sect.config, infra.config.
(empfile): Declare the new config files. Reorder table entries so
that read_builtin_tables() reads the config files in the right order.
(bigcity_dchr, opt_BIG_CITY, init_dchr): Remove. Deities can edit
sect.config instead.
(ef_elt_byname): New.
(nstr_match_val): Use it to generalize to arbitrary table with
uniquely named elements. Use ca_type to find table, remove parameter
type. Callers changed.
(nstr_mkselval): Adapt sanity check accordingly.
(NSC_TYPEID): No longer needed, remove, users changed to use
appropriate integer type instead. This fixes signedness of sector
selectors des and newdes.
(meta_type): Remove entry for NSC_TYPEID.
(nstr_coerce_val): Can't detect typeid - integer mismatch anymore.
Was nice to have; perhaps revive it later.
(config_tables): New econfig key.
(read_config_tables): New, implements config_tables.
(main): Call it. Need to call ef_init() and chdir(configdir) first.
(ef_init_srv): Don't call ef_init(), since main() did it already.
Remove old way to do the same:
(ef_load): Remove, along with calls.
(empfile): Set configuration tables' member file back to NULL.
