Fix threading bugs: recv pointer arithmetic, signal handler safety, dead macro

renderd.c slave_thread recv loop: apply the same fix as upstream commit
fddb0a9 applied to mod_tile.c -- the loop was overwriting ret_size with
each recv() return value instead of accumulating it, and using struct
pointer arithmetic (resp + ret_size) instead of byte arithmetic
((char*)resp + ret_size), so partial reads wrote into the wrong memory
location. Also handle EINTR and separate n==0 (EOF) from n<0 (error).

renderd.c request_exit: remove g_logger/strerror calls from this signal
handler. Both functions are non-async-signal-safe (they use mutexes and
malloc internally). Only write(2) -- which is async-signal-safe -- is
needed here.

render_config.h: remove dead HASHIDX_SIZE 22123 definition in the
#else branch of #ifdef METATILE. METATILE is defined unconditionally
two lines above, so this branch is unreachable. The authoritative value
2213 lives in request_queue.h. The dead definition caused confusion
about which value would be used if METATILE were ever undefined.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>

Author: stevekennedyuk

includes/render_config.h

@@ -121,7 +121,6 @@
 #define QUEUE_MAX (1024)
 #define REQ_LIMIT (512)
 #define DIRTY_LIMIT (10000)
-#define HASHIDX_SIZE 22123
 #endif
 
 // Penalty for client making an invalid request (in seconds)

src/renderd.c

@@ -170,14 +170,11 @@ enum protoCmd rx_request(struct protocol *req, int fd)
 
 void request_exit(void)
 {
-	// Any write to the exit pipe will trigger a graceful exit
+	// Any write to the exit pipe will trigger a graceful exit.
+	// This function is called from a signal handler, so only async-signal-safe
+	// functions (write(2)) may be used here — no g_logger, no strerror.
 	char c = 0;
-
-	g_logger(G_LOG_LEVEL_INFO, "Sending exit request");
-
-	if (write(exit_pipe_fd, &c, sizeof(c)) < 0) {
-		g_logger(G_LOG_LEVEL_ERROR, "Failed to write to the exit pipe: %s", strerror(errno));
-	}
+	(void)write(exit_pipe_fd, &c, sizeof(c));
 }
 
 void process_loop(int listen_fd)
@@ -683,18 +680,35 @@ void *slave_thread(void * arg)
 			retry = 10;
 
 			while ((ret_size < sizeof(struct protocol)) && (retry > 0)) {
-				ret_size = recv(pfd, resp + ret_size, (sizeof(struct protocol)
-								       - ret_size), 0);
+				ssize_t n = recv(pfd, (char *)resp + ret_size,
+						 sizeof(struct protocol) - ret_size, 0);
+
+				if (n < 0) {
+					if (errno == EINTR) {
+						continue;
+					}
+
+					if (errno == EPIPE) {
+						close(pfd);
+						pfd = FD_INVALID;
+						ret_size = 0;
+						g_logger(G_LOG_LEVEL_ERROR, "Pipe to Renderd slave closed");
+						break;
+					}
+
+					retry--;
+					continue;
+				}
 
-				if ((errno == EPIPE) || ret_size == 0) {
+				if (n == 0) {
 					close(pfd);
 					pfd = FD_INVALID;
 					ret_size = 0;
 					g_logger(G_LOG_LEVEL_ERROR, "Pipe to Renderd slave closed");
 					break;
 				}
 
-				retry--;
+				ret_size += n;
 			}
 
 			if (ret_size < sizeof(struct protocol)) {