Tokstyle no longer allows:
* Includes inside an `extern "C"`
* Comments on function definition and declaration to be different.
* Doxygen comments commenting on other doxygen comments.
* `crypto_memcmp` was replaced by more specific functions. We never want
to compare arbitrary amounts of data this way. We use these functions
to compare key material.
* apidsl has been bothering people, so now we un-bother them. You're
welcome.
* Added the memlock/unlock functions from the New Group Chats branch.
* Remove some system dependencies in crypto_core_mem.c.
* Renamed UPPERCASE_NAMES to Snake_Camel_Case names.
Currently only `crypto_core_mem.c` needs this. We should try not to
depend on configure'd values. Also note: config.h is only created and
used in the autotools build. In CMake, we pass `-D` flags directly.
The android warnings are disabled now because they suggest using
linux-only extensions of libc. Useful for android indeed, but we're
targeting non-android and non-linux systems as well.
All for-loops must have an init-decl, a condition, and an increment
statement. Any loop that doesn't have one of these should be a while
loop (only 2 of these exist in toxav, none in toxcore).
The default stack size for musl-libc is 128kb. Therefore we should try to keep stack
allocations well below this limit in order to avoid stack overflows.
* Use-after-free because we free network before dht in one case.
* Various unchecked allocs in tests (not so important).
* We used to not check whether ping arrays were actually allocated in DHT.
* `ping_kill` and `ping_array_kill` used to crash when passing NULL.
Also:
* Added an assert in all public API functions to ensure tox isn't NULL.
The error message you get from that is a bit nicer than "Segmentation
fault" when clients (or our tests) do things wrong.
* Decreased the sleep time in iterate_all_wait from 20ms to 5ms.
Everything seems to still work with 5ms, and this greatly decreases
the amount of time spent per test run, making oomer run much faster.
We put some tokstyle exemptions into the source files themselves,
instead. This way we can check some of the code in those files, and more
in the future when tokstyle supports more constructs (like apidsl).
Also: hacked ping_array.api.h to not emit `_array` as parameter names.
We'll need to fix apidsl to do this better. This works for now.
https://github.com/TokTok/hs-tokstyle/pull/43 implements a validation for
this. We should avoid locally declaring functions from another
translation unit, and instead use header files to export/import them.
* make static functions return bool rather than int to indicate success
* add peer_in_list() to factor out uniformity over peer and frozen lists
* reduce repetition in send_lossy_all_close
* rename 'close' to 'connections'
* use uint32_t for peernumber (in accord with tox.c)
* explain persistence in tox_conference_get_chatlist documentation
* clarify "connectedness" in group API documentation
* clarify that tox_conference_peer_count counts only online peers
* refactor variously
In windows network code, we implement inet_pton and inet_ntop, which take
void pointers. We can do slightly better because we already know the type
when we call these functions, so we can avoid casting between void
pointer and the addr struct types.
Tokstyle (check-cimple) will start enforcing comment formats at some
point. It will not support arbitrary stuff in comments, and will parse
them. The result can then be semantically analysed.
* Use Camel_Snake_Case for type names.
* Use at least 4 characters for constant names. I.e. `END` is a type
name, but `RETURN` is a constant name. This is because `DHT` is a type
name (yay consistency).
* Using `min_*` functions instead of MIN, we can avoid a cast.
* Use `for`-loops for for-each-frame semantics instead of `while`.
* Don't use assignments as expressions.
* `++i` instead of `i++`.
* Function pointers are dereferenced automatically, so no need to
manually do so.
* Avoid void pointers that lie about not being spaghetti code. Toxcore
and toxav are both spaghetti and shouldn't pretend anything else.
* Don't use empty statements (e.g. no `;;` anywhere in the code).
* Fix `toxav_get_tox` to return tox, not messenger.
* Fix the casts from Tox* to Messenger* in toxav_old.c.
* Pass Tox instead of Messenger to public group AV callbacks.
* Constant-style macros can't be function call expressions. These must be
function calls themselves.
* Assignments can't be used as expressions.
* Therefore: `while` loops should not be used as a `for-each`
construct. Use `for`, instead.
* No anonymous structs.
* No assignment expressions.
* Only one declarator per struct member declaration.
* Named callback types only, no inline types.
* No `;` empty statements.
* `++i` instead of `i++`.
Avoiding a cast in toxav_old.c avoids some potential (and real) bugs.
* Named callback types only.
* No anonymous enums or structs.
* `++i` instead of `i++`.
* Don't use enums to specify integer constants. Enums should be
enumerations. All values of an enum type should be listed[1].
[1] I don't know what to do about bit masks yet, but given that enums by
C standard can only go up to 32767 portably and 2^31 in reality, they are
probably not useful for 64 bit bit masks.
* Don't use anonymous enums (`typedef enum { ... } Name;`).
* Don't use macros to generate structs (too magical, hard to grep).
* Assign output parameter once, and don't access it a lot in the
function body.
* Don't pass type names as parameters to macros (this is C, we don't have
templates, sorry).
* All function-like macros must be do-while(0).
* `++i` instead of `i++`.
* No assignment-expressions.
* No void-casts.
The void pointer here only adds opportunity to introduce bugs and doesn't
actually make things more layered. It's just the code lying about being
layered while it's actually spaghetti.
This allows Tox to contain additional data on top of Messenger, making
Messenger not necessarily the most top-level object. E.g. groups are
built on Messenger and currently awkwardly void-pointered into it to
pretend there is no cyclic dependency.
* Moved PAIR to toxav, where it's used (but really this should die).
* Replace most MIN calls with typed `min_*` calls. Didn't replace the
ones where the desired semantics are unclear. Moved the MIN macro to
the one place where it's still used.
* Avoid assignments in `while` loops. Instead, factored out the loop body
into a separate `bool`-returning function.
* Use named types for callbacks (`_cb` types).
* Avoid assignments in `if` conditions.
* Removed `MAKE_REALLOC` and expanded its two calls. We can't have
templates in C, and this fake templating is ugly and hard to analyse
and debug (it expands on a single line).
* Moved epoll system include to the .c file, out of the .h file.
* Avoid assignments in expressions (`a = b = c;`).
* Avoid multiple declarators per struct member declaration.
* Fix naming inconsistencies.
* Replace `net_to_host` macro with function.
It turns out, `unix_time` is also monotonic, and is used as such, so I've
renamed the new functions to `mono_time_*`.
2018-07-08:
```
00:01 <@irungentoo> the idea used to be that the unix_time() function
could go backward in time but I think I might have started using it like
if it could not after I changed it so that it would never go back in time
```