The annotations have been added to SDL_mutex.h and have been made public so applications can enable this for their own code.
Clang assumes that locking and unlocking can't fail, but SDL has the concept of a NULL mutex, so the mutex functions have been changed not to report errors if a mutex hasn't been initialized. We do have mutexes that might be accessed when they are NULL, notably in the event system, so this is an important change.
This commit cleans up a bunch of rare race conditions in the joystick and game controller code so now everything should be completely protected by the joystick lock.
To test this, change the compiler to "clang -Wthread-safety -Werror=thread-safety -DSDL_THREAD_SAFETY_ANALYSIS"
I updated .clang-format and ran clang-format 14 over the src and test directories to standardize the code base.
In general I let clang-format have it's way, and added markup to prevent formatting of code that would break or be completely unreadable if formatted.
The script I ran for the src directory is added as build-scripts/clang-format-src.sh
This fixes:
#6592#6593#6594
(cherry picked from commit 5750bcb174300011b91d1de20edb288fcca70f8c)
* Add braces after if conditions
* More add braces after if conditions
* Add braces after while() conditions
* Fix compilation because of macro being modified
* Add braces to for loop
* Add braces after if/goto
* Move comments up
* Remove extra () in the 'return ...;' statements
* More remove extra () in the 'return ...;' statements
* More remove extra () in the 'return ...;' statements after merge
* Fix inconsistent patterns are xxx == NULL vs !xxx
* More "{}" for "if() break;" and "if() continue;"
* More "{}" after if() short statement
* More "{}" after "if () return;" statement
* More fix inconsistent patterns are xxx == NULL vs !xxx
* Revert some modificaion on SDL_RLEaccel.c
* SDL_RLEaccel: no short statement
* Cleanup 'if' where the bracket is in a new line
* Cleanup 'while' where the bracket is in a new line
* Cleanup 'for' where the bracket is in a new line
* Cleanup 'else' where the bracket is in a new line
(cherry picked from commit 6a2200823c66e53bd3cda4a25f0206b834392652 to reduce conflicts merging between SDL2 and SDL3)
Unopened devices, if removed, now send SDL_AUDIODEVICEREMOVED events with
a `which` field set to zero. Apps can use this to decide if they need to
refresh a list of devices being shown in an options menu, etc.
It's safe to call SDL_CloseAudioDevice(0), so even if they try to clean
up this bogus id, it should be safe.
Fixes#5199.
- drop unnecessary hascapture check
- call SDL_InvalidParamError and return -1 in case the index is out of range
- do not zfill SDL_AudioSpec
- adjust documentation to reflect the behavior
- use SDL_bool if possible
- assume NULL/SDL_FALSE filled impl
- skip zfill of current_audio at the beginning of SDL_AudioInit (done before the init() calls)
The recent change to make SDL_AUDIODRIVER support comma-separated lists
broke the previous behavior where an SDL_AUDIODRIVER that was empty
behaved the same as if it was not set at all. This old behavior was
necessary to paper over differences in platforms where SDL_setenv may
or may not actually delete the env var if an empty string is specified.
This patch just adds a simple check to ensure SDL_AUDIODRIVER is not
empty before using it, restoring the old interpretation of the empty
var.
Originally, SDL 1.2 used "pulse" as the name for its PulseAudio driver.
While it now supports "pulseaudio" as well for compatibility with SDL
2.0 [1], there are still scripts and distro packages which set
SDL_AUDIODRIVER=pulse [2]. While it's possible to remove this in most
circumstances or replace it with "pulseaudio" or a comma-separated list,
this may still conflict if the environment variable is set globally and
old binary builds of SDL 1.2 (e.g. packaged with older games) are being
used.
To fix this on SDL 2.0, add a hardcoded check for "pulse" as an audio
driver name, and replace it with "pulseaudio". This mimics what SDL 1.2
does (but in reverse). Note that setting driver_attempt{,_len} is safe
here as they're reset correctly based on driver_attempt_end on the next
loop.
[1] d951409784
[2] https://bugzilla.opensuse.org/show_bug.cgi?id=1189778
Without this change, driver names don't get matched correctly;
for example "a" can get matched with "alsa" since it only checks
whether the string matches up to the length of the requested
driver name.
While we should normally expect _something_ from the stream based on the
AudioStreamAvailable check, it's possible for a device change to flush the
stream at an inconvenient time, causing this function to return 0.
Thing is, this is harmless. Either data will be NULL and the result won't matter
anyway, or the data buffer will be zeroed out and the output will just be
silence for the brief moment that the device change is occurring. Both scenarios
work themselves out, and testing on Windows shows that this behavior is safe.
