2026-03-02T23:11:28.5676353Z In file included from ../src/notify/notify.c:30:
2026-03-02T23:11:28.5694607Z In function ‘strv_isempty’,
2026-03-02T23:11:28.5695481Z inlined from ‘action_fork’ at ../src/notify/notify.c:440:9,
2026-03-02T23:11:28.5696266Z inlined from ‘run’ at ../src/notify/notify.c:541:24,
2026-03-02T23:11:28.5696929Z inlined from ‘main’ at ../src/notify/notify.c:682:1:
2026-03-02T23:11:28.5697877Z ../src/basic/strv.h:108:23: error: ‘args’ may be used uninitialized [-Werror=maybe-uninitialized]
2026-03-02T23:11:28.5698655Z 108 | return !l || !*l;
2026-03-02T23:11:28.5699052Z | ^~
2026-03-02T23:11:28.5700020Z ../src/notify/notify.c: In function ‘main’:
2026-03-02T23:11:28.5700681Z ../src/notify/notify.c:531:16: note: ‘args’ was declared here
2026-03-02T23:11:28.5701217Z 531 | char **args;
2026-03-02T23:11:28.5701574Z | ^~~~
2026-03-02T23:11:28.5701960Z cc1: all warnings being treated as errors
Apply the same column width for different option groups
This feel a bit like a hack, but it works OK. The width of the first
column of verbs or options in different sections is measured and
applied to the other tables. This makes the second column aligned.
options: only consume "--" immediately after an option that stops parsing
The behaviour that was implemented in systemd-dissect was that
both '--exec -- cmd' and '--exec cmd' result in 'cmd' as the command,
and '--' anywhere later is as a positional argument, so nesting is
possible, e.g.:
--exec -- cmd --opt -- another-cmd --another-opt
This is not obvious, so add some tests for this and keep it as a separate
commit.
test-options: add tests for option macros and flags
Add tests for OPTION_STOPS_PARSING, OPTION_GROUP_MARKER, and
OPTION_OPTIONAL_ARG flags with manual Option arrays, and a separate
test exercising the OPTION, OPTION_LONG, OPTION_SHORT, OPTION_FULL,
and OPTION_GROUP macros via FOREACH_OPTION_FULL in a switch statement,
as they would be used in real code.
Co-developed-by: Claude Opus 4.6 <noreply@anthropic.com>
test-option-parser: "translate" test-getopt for the new parser
The test cases are the same in both files. To make the test
more through, add case where "--" is used more than once and
also when options are present after "--".
Add "option parser" infrastracture that helps with cmdline option parsing
The basic idea is that we'll have "one source of truth" for the list of
options. Currently, this is split between:
1. struct option options[] array for long options
2. the short option parameter to getopt_long()
3. --help
so it is easy to forget to add or update one of those places where
appropriate.
An option is defined through a macro that includes the option short
and long codes, and also the metavar and help. Those four items can
be used to generate the help string automatically.
The code is easier to read when various parts are written in the same
order.
We can define common options through a macro in the header file,
reducing boilerplate repeated in different files. Over time, if we
discover that the same pattern is used in multiple files, we can add
another "common option".
The macro is defined in a way that the editor can indent it like a
normal case statement.
The error message for ambiguous options is formatted a bit differently:
$ systemd-id128 --no-
systemd-id128: option '--no-' is ambiguous; possibilities: '--no-pager' '--no-legend'
$ build/systemd-id128 --no-
option '--no-' is ambiguous; possibilities: --no-pager, --no-legend
I think the formatting without commas is ugly, but OTOH, the quotes
around option names are superfluous, real option names are easy to
distinguish.
Also, in general we prefer variables that are always defined over
checking with #ifdef, so #if defined(HAVE_NO_STACK_PROTECTOR_ATTRIBUTE)
is something that we want to avoid.
meson: disable __attribute__((__retain__)) on old compilers
This attribute was introduced in gcc 11, and our baseline is currently
8.4. So let's allow using _retain_ everywhere, but make it into a noop
if not supported.
Using __has_attribute was suggested, but with gcc-11.5.0-14.el9.x86_64,
__has__attribute(__retain__) is true, but we get a warning when the
attribute is actually used.
In one of the reviews one of the LLMs noticed that the pragma is set but
never unset, so it remains in effect for the rest of the translation
unit. From the comment, it's not clear how old those "old compilers" were,
so let's try if things work without this workaround.
Daan De Meyer [Wed, 18 Mar 2026 13:32:21 +0000 (14:32 +0100)]
ci: Add back subagents and stop using --json-schema in claude-review
Let's stop using --json-schema and instead have claude write a JSON
file in the repo root which we pass around as an artifact similar to
how we pass around the input. This works around the bug where claude
receives task notifications after producing structured output which
breaks the structured output.
Rename verb functions for consistency and add per-verb constant parameter (#41003)
We often have a pattern where the same verb function is used for
multiple actions. This leads to an antipattern where we figure out what
action needs to be taken from argv[0] multiple times: often once in
arse_argv() to figure out what options are allowed, then once again
implicitly in dispatch_verb(), and then again in the action verb itself.
Let's allow passing a parameter into the verb to simplify this.
Daan De Meyer [Wed, 18 Mar 2026 11:55:45 +0000 (12:55 +0100)]
ci: Stop using subagents in claude-review workflow
As it seems impossible to prevent claude from receiving notifications
about subagents finishing after it has produced structured output, which
breaks the structured output as it has to be the final reply, let's stop
using subagents and background tasks completely to avoid the issue.
Vitaly Kuznetsov [Fri, 13 Mar 2026 12:02:51 +0000 (13:02 +0100)]
measure: make tpm_log_tagged_event() measure CC as well
tpm_log_tagged_event() only measures the event to the TPM while
tpm_log_ipl_event() measures the event both to the TPM and CC. Fix the
inconsistency.
Note, this is a potentially breaking change for TDX guests as systemd will
now measure more stuff to the MRTD/RTMRs, reference values for attestation may
need to be adjusted.
Luca Boccassi [Wed, 18 Mar 2026 12:33:58 +0000 (12:33 +0000)]
sd-dlopen: make macros to generate .notes.dlopen sections public API (#41047)
If this new scheme of adding dependencies is supposed to be used more
widely we need to start making it easy to add them. So add a new
self-contained header that projects can simply include without the need
to link against libsystemd itself. This will allow them to generate
`.notes.dlopen` sections:
```
> readelf -p .note.dlopen ./l2md
String dump of section '.note.dlopen':
[ a] |@FDO
[ 10] [{"feature":"manifest-json","description":"Manifest-based change detection via gzip and JSON parsing","priority":"suggested","soname":["libz.so.1","libsystemd.so.0"]}]
[ c2] |@FDO
[ c8] [{"feature":"manifest-http","description":"HTTP transport for lore.kernel.org manifest fetch","priority":"suggested","soname":["libcurl.so.4"]}]
```
ansi-color: fix SYSTEMD_COLORS=true regression when output is piped
The SYSTEMD_COLORS=true/1/yes no longer forced colors
when stdout was not a TTY (e.g. piped), because the COLOR_TRUE bypass
of the terminal_is_dumb() check was accidentally dropped.
Restore the old behavior by guarding the TTY check with
`m != COLOR_TRUE`, so an explicit boolean "true" value continues to
unconditionally force color output regardless of whether stdout is a TTY
or whether $NO_COLOR is set.
Daan De Meyer [Wed, 18 Mar 2026 10:46:01 +0000 (11:46 +0100)]
ci: Bump number of turns for claude and mention turns in prompt
claude keeps failing by its subagents completing after it has already
written the review for large prs. It seems to run out of turns, tries
to get the subagents to post partial reviews but doesn't seem to stop
them.
Let's insist that it waits for background tasks to stop but let's also
increase the max turns a bit so it doesn't run out as quickly.
Daan De Meyer [Wed, 18 Mar 2026 10:28:55 +0000 (11:28 +0100)]
ci: Enable network isolation for claude and allow most tools
claude wants to use python to access the JSON context so let's allow
it. Since python3 basically allows you to reimplement every other tool,
let's just enable all tools except the web related ones but enable network
isolation so it can't try to exfiltrate anything via python.
repart: add --grain-size= option for partition alignment
Add a --grain-size= CLI option to override the default 4 KiB partition
alignment grain. Setting --grain-size=1M matches the alignment used by
fdisk/parted and fixes misaligned partitions after small fixed-size
partitions like the 16 KiB verity-sig partition.
Also fix context_place_partitions() to re-align the start offset after
each partition, not just once per free area. Without this, a small
partition would cause all subsequent partitions in the same free area
to start at an unaligned offset.
ci: reeanble compilation test with clang -O2, disable -Wmaybe-uninitialized for old gcc
In CI we get spurious failures about unitialized variables with gcc
versions older then (depending on the case) 12, 13, or 14. Let's only
try to do this check with newer gcc which returns more useful results.
At the same time, do compile with both gcc and clang at -O2, just
disable the warning.
The old logic seems to have been confused. We compile with -Wall, at
least in some cases, which includes -Wmaybe-unitialized. So if we
_don't_ want it, we need to explicitly disable it.
tree-wide: extend verbs functions with extra per-verb data parameter
We often have a pattern where the same verb function is used for
multiple actions. This leads to an antipattern where we figure out what
action needs to be taken from argv[0] multiple times: often once in
parse_argv() to figure out what options are allowed, then once again
implicitly in dispatch_verb(), and then again in the action verb itself.
Let's allow passing a parameter into the verb to simplify this.
This matches a pattern we have in conf-parser.h, where we have both
void *userdata (more global) and void *data (per-config item). Here,
I opted for uintptr_t userdata. It seems that most of the time we'll
want to just pass an enum value. This works OK with no casts. I also
tried a void* and union. In both cases, much more boilerplate is needed:
either a cast or a macro to help avoid compiler warnings. uintptr_t
seems generic enough to cover foreseeable usecases with no fuss.
This is a noop refactoring. See next commit for an example.
This series of renaming patches has a few overlapping motivations:
- when functions are named uniformly, it code is more obvious
- I want to add a parameter to all verb functions
- in #40880 uniform naming of verb functions will be necessary too.
So let's do this cleanup. Some tools had a mix of functions w/ and
w/o "verb_", which looked messy.
Relicense sd-dlopen.h from LGPL-2.1-or-later to MIT-0 so that
downstream projects can copy/paste the macros directly without
introducing a build dependency on the systemd headers.
Acked-by: Lennart Poettering <lennart@amutable.com> Acked-by: Luca Boccassi <luca.boccassi@gmail.com> Signed-off-by: Christian Brauner <brauner@kernel.org>
man: add sd-dlopen(3) and SD_ELF_NOTE_DLOPEN(3) man pages
Document the new public sd-dlopen.h header and SD_ELF_NOTE_DLOPEN()
macro with associated constants. Includes usage examples for single
and multiple soname annotations.
Signed-off-by: Christian Brauner <brauner@kernel.org>
dlfcn-util: migrate to public SD_ELF_NOTE_DLOPEN() API
Switch all internal callers from the private ELF_NOTE_DLOPEN() macro to
the new public SD_ELF_NOTE_DLOPEN() API from sd-dlopen.h, and remove
the now-redundant macro definitions from dlfcn-util.h.
Signed-off-by: Christian Brauner <brauner@kernel.org>
sd-dlopen: add header-only public API for FDO .note.dlopen ELF metadata
Expose ELF note dlopen annotation macros as a public header-only API in
sd-dlopen.h. This allows any project to embed .note.dlopen metadata in
their ELF binaries by simply including the header - no runtime linkage
against libsystemd is required.
The header provides SD_ELF_NOTE_DLOPEN() and associated macros/constants
implementing the ELF dlopen metadata specification for declaring optional
shared library dependencies loaded via dlopen() at runtime.
Signed-off-by: Christian Brauner <brauner@kernel.org>
noxiouz [Fri, 13 Mar 2026 00:36:08 +0000 (00:36 +0000)]
coredump: capture crashing thread ID and name
Add %I (TID in initial PID namespace) to the core_pattern, so the
kernel passes the crashing thread's TID to systemd-coredump. Use it
to read the thread's comm name from /proc/<tid>/comm and log both as
new journal fields:
COREDUMP_TID= — TID of the crashing thread
COREDUMP_THREAD_NAME= — comm name of the crashing thread
These fields are also stored as xattrs on external coredump files
(user.coredump.tid, user.coredump.thread_name) and displayed by
coredumpctl info alongside the PID line.
For single-threaded processes the TID equals the PID and thread_name
equals comm; for multi-threaded programs with named worker threads
(pthread_setname_np / PR_SET_NAME) this identifies which thread
crashed without needing to open the coredump file itself.
The new fields are optional in the socket forwarding path, so older
systemd-coredump senders are handled gracefully.
find-esp: introduce _full() flavour of ESP/XBOOTLDR discovery functions
These functions take so many return paramaters, and in many of our cases
we don't actually needt them. Hence introduce _full() flavours of the
funcs, and hide the params by default.
Daan De Meyer [Wed, 18 Mar 2026 07:59:48 +0000 (08:59 +0100)]
ci: Enable users without write action to the repo to access claude review
The labelling approach introduced in 6089075265765b43e6666e4d5978292a32501496
means contributors can now trigger the workflow on their own when the label
is added by a maintainer and they update the PR. Hence we need to allow all
users to access the claude code action. This is safe because we already gate
the workflow ourselves to only the contributors that we want to allow.
Additionally, the claude code job has no permissions anymore except read access
to the repository and can execute very limited tools, so this should be safe.
Daan De Meyer [Wed, 18 Mar 2026 08:11:09 +0000 (09:11 +0100)]
ci: Fix artifact name in claude-review workflow
The name doesn't actually matter, it gets replaced with the name
of the file when not archiving. So stop passing a name and pass in
the filename as the name when downloading the artifact.
Daan De Meyer [Tue, 17 Mar 2026 21:14:15 +0000 (22:14 +0100)]
ci: Fetch context for claude-review job in setup job
Rather than have claude fetch the context itself, let's fetch the
context for it in the setup job. This has the following advantages:
- We can reduce the permissions granted to the claude job
- claude has less opportunity to mess up trying to fetch the context
itself. Specifically, it keeps spawsning a background task to fetch
the PR branch which messes up the structured output at the end, causing
the review job to fail. By pre-fetching the context it won't have to
spawn the background task. Additionally, we limit the git commands it
can execute to local ones to ensure it doesn't try to fetch the PR branch.
Finally, we fetch the branch ourselves as pr-review so claude can look at it
to review the PR.
huchangzai [Tue, 17 Mar 2026 02:01:42 +0000 (10:01 +0800)]
hwdb: fix ABS_PRESSURE axis range for Goodix GXTP5100 touchpad
The Goodix GXTP5100 touchpad (HID bus 0x0018, vendor 0x27C6, product
0x01E9), found in the Lenovo ThinkBook 16 G7+ IAH and ThinkPad X9 15
Gen 1, has a kernel driver bug where ABS_PRESSURE (axis 24 / 0x18) is
reported with min=0, max=0.
This invalid axis range causes libinput to reject the device with:
"kernel bug: ABS_PRESSURE has min == max (both 0)"
The touchpad hardware itself is functional and reports valid ranges for
all other axes:
ABS_X: min=0, max=4149, resolution=31
ABS_Y: min=0, max=2147, resolution=27
ABS_MT_POSITION_X/Y: valid ranges
Root cause: the kernel hid-multitouch driver applies a "GT7868Q report
descriptor fixup" to this device (the HID descriptor is malformed and
fails hid-generic probe with EINVAL). The fixup corrects most axes but
leaves ABS_PRESSURE with an invalid 0:0 range.
This hwdb entry overrides ABS_PRESSURE to a valid 0:255 range, allowing
libinput to accept and initialize the device.
Daan De Meyer [Tue, 17 Mar 2026 18:47:35 +0000 (19:47 +0100)]
ci: Allow attaching claude-review label to PRs for automatic review
- If a pr is labeled with claude-review, review it immediately
- If a pr labeled with claude-review is updated, review it regardless
of the author
- If a pr is opened by a maintainer, review it and add the claude-review
label. If the claude-review label is later removed, the pr won't be
auto-reviewed anymore.
Daan De Meyer [Tue, 17 Mar 2026 18:46:31 +0000 (19:46 +0100)]
ci: Fix allowed tools in claude-review
Bash(gh:api *) wasn't actually working. Turns out the colon syntax
is deprecated and unnecessary. Let's stop using it which also fixes
the bug so that gh api calls are allowed now.
Daan De Meyer [Mon, 16 Mar 2026 19:44:28 +0000 (20:44 +0100)]
ci: Add automatic review thread resolution to claude-review workflow
Claude now identifies which existing review comment threads should be
resolved (because the issue was addressed or someone disagreed) and
returns their REST API IDs in a new `resolve` array in the structured
output. The post job uses GraphQL to map comment IDs to threads and
resolve them.
Also switches all GitHub data fetching from MCP tools to `gh api` calls,
since the MCP tool strips comment IDs during its GraphQL-to-minimal
conversion and cannot be used for thread resolution.
The thread resolution GraphQL pagination is wrapped in a try/catch so
that a failure to fetch threads degrades gracefully instead of aborting
the entire post job. Unmatched comment IDs are logged for debuggability.
Adds explicit instructions to complete all data fetching before starting
review and to cancel background tasks before returning structured output,
working around a claude-code-action issue where a late-completing
background task triggers a new conversation turn that overwrites the
structured JSON result.
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Daan De Meyer [Mon, 16 Mar 2026 14:33:11 +0000 (15:33 +0100)]
ci: Review PRs per-commit and attach comments to correct commits
Switch claude-review from reviewing the entire PR diff at once to
reviewing each commit individually via subagents. Each commit review
subagent receives the PR context, preceding commit diffs, and its own
commit diff, then returns comments tagged with the commit SHA. This
ensures review comments are attached to the correct commit via the
GitHub API rather than all pointing at HEAD.
Also add Bash(gh:*) to allowed tools so subagents can fetch per-commit
diffs via `gh api` without needing local git objects, and remove CI
analysis (needs to be delayed until CI finishes to be useful).
Co-developed-by: Claude Opus 4.6 <noreply@anthropic.com>
Daan De Meyer [Mon, 16 Mar 2026 12:49:31 +0000 (13:49 +0100)]
ci: Fix several issues in claude-review workflow
Address feedback from facebook/bpfilter#472:
- Fix setFailed error message counting file-level comments (without
line numbers) that are intentionally skipped, use inlineComments.length
instead of comments.length
- Fix double severity prefix in inline comments: the prompt told Claude
to prefix body with **must-fix**/etc but the post job also prepended
"Claude: ", producing "Claude: **must-fix**: ...". Now the prompt says
not to prefix and the post job adds "Claude **severity**: " using the
structured severity field
- Move error tracking instructions to a top-level section after all phases
so they apply to all runs, not just the first run
- Clarify that line is optional: use "should be" instead of "must be"
and document that omitting line still surfaces the comment in the
tracking comment summary
- Distinguish cancelled vs failed in tracking comment message
- Add side: "RIGHT" and subject_type: "line" to createReviewComment
per GitHub API recommendations
- Downgrade partial inline comment posting failures to warnings; only
fail the job when no comments at all could be posted
Co-developed-by: Claude Opus 4.6 <noreply@anthropic.com>
ci: Fix several robustness issues in claude-review workflow (#41115)
- Use github.paginate() for listComments to handle PRs with 100+
comments
- Make line optional in review schema to allow file-level comments
- Skip createReviewComment for comments without a line number
- Fix failed count to exclude skipped file-level comments
- Pass review result via env var instead of expression injection
- Use core.warning() instead of console.log() for JSON parse failures
- Fix MARKER insertion for single-line summaries that have no newline
- Require "@claude review" instead of just "@claude" to trigger
Daan De Meyer [Sun, 15 Mar 2026 20:53:01 +0000 (21:53 +0100)]
ci: Fix several robustness issues in claude-review workflow
- Use github.paginate() for listComments to handle PRs with 100+ comments
- Make line optional in review schema to allow file-level comments
- Skip createReviewComment for comments without a line number
- Fix failed count to exclude skipped file-level comments
- Pass review result via env var instead of expression injection
- Use core.warning() instead of console.log() for JSON parse failures
- Fix MARKER insertion for single-line summaries that have no newline
- Require "@claude review" instead of just "@claude" to trigger
Frantisek Sumsal [Fri, 13 Mar 2026 16:09:40 +0000 (17:09 +0100)]
coccinelle: simplify file exclusions
Use Coccinelle's "depends on" directive to exclude files from certain
transformations. This should make them a bit simpler and possibly
faster, since we don't have to shell out to Python.
Unfortunately, this works only for file/directory exclusions. For
function and other more complex exclusions we still need to use Python,
at least for now.
Also, completely drop the file exclusion for man/ in the xsprintf
transformation, since we filter out everything under man/ before we even
run Coccinelle (in run-coccinelle.sh).
projects / thirdparty / systemd.git / log
