MISC: Abort on border case errors with the stack.

In case of invalid parameter and out of memory, it is preferable to exit
before continuing on a strange and invalid state.

inc/lektor/stack.h

@@ -7,23 +7,33 @@ extern "C" {
 
 #include <stddef.h>
 
-// clang-format off
-
 struct stack {
     volatile void **contents;
     volatile size_t size;
     volatile size_t len;
 };
 
-int  stack_new  (struct stack *ret);
+/* Create a new stack. Can't fail because it will avort on out of memory or
+ * invalid parameter. */
+void stack_new(struct stack *ret);
+
+/* Free a stack */
 void stack_free(struct stack *lst);
+
+/* Check if a stack is empty, return 1 if it is empty or invalid, 0 otherwise. */
 int stack_empty(struct stack *lst);
 
-int stack_push(struct stack *lst, void *item);
+/* Push an item to the stack. If it failed (incorrect lst parameter or out of
+ * memory), will abort. */
+void stack_push(struct stack *lst, void *item);
+
+/* Pop an item from the stack, if the pointer was retreived with malloc, you
+ * must free it yourself. If no item is available will return 1, and return 0
+ * uppon successfull pop. */
 int stack_pop(struct stack *lst, void **item);
-int stack_head(struct stack *lst, void **item);
 
-// clang-format on
+/* Peek the head of the stack, don't free the pointer if it was allocated! */
+int stack_head(struct stack *lst, void **item);
 
 #if defined(__cplusplus)
 }

src/base/stack.c

@@ -4,11 +4,10 @@
 #include <stdlib.h>
 #include <unistd.h>
 
-int
+void
 stack_new(struct stack *ret)
 {
-    if (!ret)
-        return 1;
+    assert(ret);
 
     struct stack _ret = {
         .contents = safe_malloc(LKT_DEFAULT_LIST_SIZE * sizeof(void *)),
@@ -16,11 +15,7 @@ stack_new(struct stack *ret)
         .len      = 0,
     };
 
-    if (_ret.contents == NULL)
-        return 1;
-
     *ret = _ret;
-    return 0;
 }
 
 void
@@ -44,11 +39,10 @@ stack_empty(struct stack *lst)
     return 0;
 }
 
-int
+void
 stack_push(struct stack *lst, void *item)
 {
-    if (!lst)
-        return 1;
+    assert(lst);
 
     if (lst->size == lst->len) {
         volatile void **new = realloc(lst->contents, lst->size * 2 * sizeof(void *));
@@ -63,7 +57,6 @@ stack_push(struct stack *lst, void *item)
     }
 
     lst->contents[(lst->len)++] = item;
-    return 0;
 }
 
 int

src/database/open.c

@@ -65,16 +65,15 @@ __inc(volatile sqlite3 *db, const char *name, bool check)
 {
     SQLITE_EXEC(db, "UPDATE misc SET opened = (SELECT opened + 1 FROM misc);", error);
 
-    if (db_stack_init == 0 && stack_new(&db_stack)) {
-        exit(EXIT_FAILURE);
-    }
+    if (db_stack_init == 0) {
+        stack_new(&db_stack);
         db_stack_init = 1;
+    }
 
     struct named_db *item = safe_malloc(sizeof(struct stack));
     item->name            = strdup(name);
     item->db              = db;
-    if (stack_push(&db_stack, item))
-        exit(EXIT_FAILURE);
+    stack_push(&db_stack, item);
     return;
 error:
     LOG_ERROR("DB", "Database already in use");

src/module/thread.h

@@ -56,8 +56,8 @@ poller_new(struct poller_thread *th, void *(*func)(struct poller_thread_arg *),
         .output_lock = mtx2,
     };
 
-    if (stack_new(&th_.input) || stack_new(&th_.output))
-        goto out_of_memory;
+    stack_new(&th_.input);
+    stack_new(&th_.output);
 
     struct ___poller_thread_args *__args;
     *th               = th_;
@@ -73,12 +73,6 @@ poller_new(struct poller_thread *th, void *(*func)(struct poller_thread_arg *),
 
     LOG_INFO("THREAD", "Create a new poller thread");
     return 0;
-
-out_of_memory:
-    LOG_ERROR("MEMORY", "Out of memory");
-    stack_free(&th_.input);
-    stack_free(&th_.output);
-    return 1;
 }
 
 UNUSED static int
@@ -101,9 +95,9 @@ UNUSED static int
 th_append(struct stack *lst, pthread_mutex_t *lock, void *ptr)
 {
     RETURN_IF(pthread_mutex_lock(lock), "Failed to lock", 1);
-    int ret = stack_push(lst, ptr);
+    stack_push(lst, ptr);
     RETURN_IF(pthread_mutex_unlock(lock), "Failed to lock", 1);
-    return ret;
+    return 0;
 }
 
 UNUSED static int