Except the following functions, NPTL implementation assume sem_t
argument (or other arguments) are not NULL, so they would benefit
from having the nonnull attribute.
- sem_close(): can cope with a NULL sem_t and return -1 with error EINVAL;
- sem_destroy(): does nothing at all
* sysdeps/pthread/semaphore.h (sem_init): Add __nonnull attribute.
(sem_destroy, sem_open, sem_close, sem_unlink): Likewise.
(sem_wait, sem_timedwait, sem_trywait, sem_post): Likewise.
(sem_getvalue): Likewise.
The audit module itself can be linked with BIND_NOW; it does not
affect its functionality.
This should complete the leftovers from commit
2d6ab5df3b ("Document and fix
--enable-bind-now [BZ #21015]").
Previously, the -Wl,-rpath-link options came after the libraries
injected using LDLIBS-* variables on the link editor command line for
main programs. As a result, it could happen that installed libraries
that reference glibc libraries used the installed glibc from the system
directories, instead of the glibc from the build tree. This can lead to
link failures if the wrong version of libpthread.so.0 is used, for
instance, due to differences in the internal GLIBC_PRIVATE interfaces,
as seen with memusagestat and -lgd after commit
f9b645b4b0 ("memusagestat: use local glibc
when linking [BZ #18465]").
The isolation is necessarily imperfect because these installed
libraries are linked against the installed glibc in the system
directories. However, in most cases, the built glibc will be newer
than the installed glibc, and this link is permitted because of the
ABI backwards compatibility glibc provides.
This change is needed to add linker flags which come very early in the
command linke (before LDFLAGS) and are not applied to test programs
(only to installed programs).
While working on enabling D front-end (GDC) in GCC we noticed that
druntime was segfaulting if it is linked dynamically. This was tracked
to DL_RO_DYN_SECTION.
DL_RO_DYN_SECTION lines seem to be copied from MIPS file (which is the
only user of it), but the comment doesn't apply to RISC-V. There is no
such requirement in RISC-V ABI.
[BZ#24484]
* sysdeps/riscv/ldsodefs.h: Remove DL_RO_DYN_SECTION as it is not
required by RISC-V ABI.
Benchmarks should reflect distribution build policies, so it makes
sense to honor the BIND_NOW configuration for them.
This commit keeps using $(+link-tests), so that the benchmarks are
linked according to the --enable-hardcoded-path-in-tests configure
option.
Reviewed-by: Carlos O'Donell <carlos@redhat.com>
Commit 2d6ab5df3b ("Document and fix
--enable-bind-now [BZ #21015]") extended BIND_NOW to all installed
shared objects. This change also covers installed programs.
Reviewed-by: Carlos O'Donell <carlos@redhat.com>
Reduce the total time taken by benchtests. The malloc thread test takes 4
minutes to run which is significantly more than most other tests. Reduce
this to a more reasonable 40 seconds. The math tests take 10 seconds each,
eventhough all they do is loop on the same input. Anything more than 1
second runtime is way overkill, so set the limit to 1 second.
* benchtests/Makefile (BENCH_DURATION): Set to 1 second.
* benchtests/bench-malloc-thread.c (BENCH_DURATION): Set to 10 seconds.
The memusagestat is the only binary that has its own link line which
causes it to be linked against the existing installed C library. It
has been this way since it was originally committed in 1999, but I
don't see any reason as to why. Since we want all the programs we
build locally to be against the new copy of glibc, change the build
to be like all other programs.
Since 9182aa6799 (Fix vDSO l_name for GDB's, BZ#387) the initial link_map
for executable itself and loader will have both l_name and l_libname->name
holding the same value due:
elf/dl-object.c
95 new->l_name = *realname ? realname : (char *) newname->name + libname_len - 1;
Since newname->name points to new->l_libname->name.
This leads to pldd to an infinite call at:
elf/pldd-xx.c
203 again:
204 while (1)
205 {
206 ssize_t n = pread64 (memfd, tmpbuf.data, tmpbuf.length, name_offset);
228 /* Try the l_libname element. */
229 struct E(libname_list) ln;
230 if (pread64 (memfd, &ln, sizeof (ln), m.l_libname) == sizeof (ln))
231 {
232 name_offset = ln.name;
233 goto again;
234 }
Since the value at ln.name (l_libname->name) will be the same as previously
read. The straightforward fix is just avoid the check and read the new list
entry.
I checked also against binaries issues with old loaders with fix for BZ#387,
and pldd could dump the shared objects.
Checked on x86_64-linux-gnu, i686-linux-gnu, aarch64-linux-gnu, and
powerpc64le-linux-gnu.
[BZ #18035]
* elf/Makefile (tests-container): Add tst-pldd.
* elf/pldd-xx.c: Use _Static_assert in of pldd_assert.
(E(find_maps)): Avoid use alloca, use default read file operations
instead of explicit LFS names, and fix infinite loop.
* elf/pldd.c: Explicit set _FILE_OFFSET_BITS, cleanup headers.
(get_process_info): Use _Static_assert instead of assert, use default
directory operations instead of explicit LFS names, and free some
leadek pointers.
* elf/tst-pldd.c: New file.
Remove do_set_mallopt_check prototype since it is unused.
* malloc/arena.c (do_set_mallopt_check): Removed.
Reviewed-by: Carlos O'Donell <carlos@redhat.com>
Reviewed-by: DJ Delorie <dj@redhat.com>
As discussed previously on libc-alpha [1], this patch follows up the idea
and add both the __attribute_alloc_size__ on malloc functions (malloc,
calloc, realloc, reallocarray, valloc, pvalloc, and memalign) and limit
maximum requested allocation size to up PTRDIFF_MAX (taking into
consideration internal padding and alignment).
This aligns glibc with gcc expected size defined by default warning
-Walloc-size-larger-than value which warns for allocation larger than
PTRDIFF_MAX. It also aligns with gcc expectation regarding libc and
expected size, such as described in PR#67999 [2] and previously discussed
ISO C11 issues [3] on libc-alpha.
From the RFC thread [4] and previous discussion, it seems that consensus
is only to limit such requested size for malloc functions, not the system
allocation one (mmap, sbrk, etc.).
The implementation changes checked_request2size to check for both overflow
and maximum object size up to PTRDIFF_MAX. No additional checks are done
on sysmalloc, so it can still issue mmap with values larger than
PTRDIFF_T depending on the requested size.
The __attribute_alloc_size__ is for functions that return a pointer only,
which means it cannot be applied to posix_memalign (see remarks in GCC
PR#87683 [5]). The runtimes checks to limit maximum requested allocation
size does applies to posix_memalign.
Checked on x86_64-linux-gnu and i686-linux-gnu.
[1] https://sourceware.org/ml/libc-alpha/2018-11/msg00223.html
[2] https://gcc.gnu.org/bugzilla//show_bug.cgi?id=67999
[3] https://sourceware.org/ml/libc-alpha/2011-12/msg00066.html
[4] https://sourceware.org/ml/libc-alpha/2018-11/msg00224.html
[5] https://gcc.gnu.org/bugzilla/show_bug.cgi?id=87683
[BZ #23741]
* malloc/hooks.c (malloc_check, realloc_check): Use
__builtin_add_overflow on overflow check and adapt to
checked_request2size change.
* malloc/malloc.c (__libc_malloc, __libc_realloc, _mid_memalign,
__libc_pvalloc, __libc_calloc, _int_memalign): Limit maximum
allocation size to PTRDIFF_MAX.
(REQUEST_OUT_OF_RANGE): Remove macro.
(checked_request2size): Change to inline function and limit maximum
requested size to PTRDIFF_MAX.
(__libc_malloc, __libc_realloc, _int_malloc, _int_memalign): Limit
maximum allocation size to PTRDIFF_MAX.
(_mid_memalign): Use _int_memalign call for overflow check.
(__libc_pvalloc): Use __builtin_add_overflow on overflow check.
(__libc_calloc): Use __builtin_mul_overflow for overflow check and
limit maximum requested size to PTRDIFF_MAX.
* malloc/malloc.h (malloc, calloc, realloc, reallocarray, memalign,
valloc, pvalloc): Add __attribute_alloc_size__.
* stdlib/stdlib.h (malloc, realloc, reallocarray, valloc): Likewise.
* malloc/tst-malloc-too-large.c (do_test): Add check for allocation
larger than PTRDIFF_MAX.
* malloc/tst-memalign.c (do_test): Disable -Walloc-size-larger-than=
around tests of malloc with negative sizes.
* malloc/tst-posix_memalign.c (do_test): Likewise.
* malloc/tst-pvalloc.c (do_test): Likewise.
* malloc/tst-valloc.c (do_test): Likewise.
* malloc/tst-reallocarray.c (do_test): Replace call to reallocarray
with resulting size allocation larger than PTRDIFF_MAX with
reallocarray_nowarn.
(reallocarray_nowarn): New function.
* NEWS: Mention the malloc function semantic change.
This patch just refactor the assembly implementation to use compiler
builtins instead.
Checked on powerpc-linux-gnu (built without --with-cpu, with
--with-cpu=power4 and with --with-cpu=power5+ and --disable-multi-arch),
powerpc64-linux-gnu (built without --with-cp and with --with-cpu=power5+
and --disable-multi-arch).
* sysdeps/powerpc/fpu/s_fma.S: Remove file.
* sysdeps/powerpc/fpu/s_fmaf.S: Likewise.
* sysdeps/powerpc/fpu/s_fma.c: New file.
* sysdeps/powerpc/fpu/s_fmaf.c: Likewise.
Since be2e25bbd7 the generic ieee754 implementation uses
compiler builtin which generates fabs{f} for all supported targets.
Checked on powerpc-linux-gnu (built without --with-cpu, with
--with-cpu=power4 and with --with-cpu=power5+ and --disable-multi-arch),
powerpc64-linux-gnu (built without --with-cp and with --with-cpu=power5+
and --disable-multi-arch).
* sysdeps/powerpc/fpu/s_fabs.S: Remove file.
* sysdeps/powerpc/fpu/s_fabsf.S: Likewise.
Similar to powerpc, mips also issues rt_sigreturn for setcontext
case the v0 value saved is not the one set by setcontext or
makecontext. As for powerpc, it is intention is no really supported
since setcontext is not async-signal-safe.
Checked the context tests on mips64-linux-gnu and mips-linux-gnu.
* sysdeps/unix/sysv/linux/mips/getcontext.S (__getcontext): Remove
the magic flag store.
* sysdeps/unix/sysv/linux/mips/makecontext.S (__makecontext):
Likewise.
* sysdeps/unix/sysv/linux/mips/swapcontext.S (__swapcontext):
Likewise.
* sysdeps/unix/sysv/linux/mips/setcontext.S (__setcontext):
Remove rt_sigreturn call.
As described in a recent glibc thread [1], the rt_sigreturn syscall
on setcontext and swapcontext is not used on default use and its
intention is no really supported since neither setcontext nor
swapcontext are async-signal-safe.
Checked on powerpc64-linux-gnu and powerpc-linux-gnu.
* sysdeps/unix/sysv/linux/powerpc/powerpc32/setcontext-common.S:
Remove rt_sigreturn call.
* sysdeps/unix/sysv/linux/powerpc/powerpc32/swapcontext-common.S:
Likewise.
* sysdeps/unix/sysv/linux/powerpc/powerpc64/setcontext.S: Likewie.
* sysdeps/unix/sysv/linux/powerpc/powerpc64/swapcontext.S: Likewise.
[1] https://sourceware.org/ml/libc-alpha/2019-02/msg00367.html
Its API is similar to support_capture_subprocess, but rather creates a
new process based on the input path and arguments. Under the hoods it
uses posix_spawn to create the new process.
It also allows the use of other support_capture_* functions to check
for expected results and free the resources.
Checked on x86_64-linux-gnu.
* support/Makefile (libsupport-routines): Add support_subprocess,
xposix_spawn, xposix_spawn_file_actions_addclose, and
xposix_spawn_file_actions_adddup2.
(tst-support_capture_subprocess-ARGS): New rule.
* support/capture_subprocess.h (support_capture_subprogram): New
prototype.
* support/support_capture_subprocess.c (support_capture_subprocess):
Refactor to use support_subprocess and support_capture_poll.
(support_capture_subprogram): New function.
* support/tst-support_capture_subprocess.c (write_mode_to_str,
str_to_write_mode, test_common, parse_int, handle_restart,
do_subprocess, do_subprogram, do_multiple_tests): New functions.
(do_test): Add support_capture_subprogram tests.
* support/subprocess.h: New file.
* support/support_subprocess.c: Likewise.
* support/xposix_spawn.c: Likewise.
* support/xposix_spawn_file_actions_addclose.c: Likewise.
* support/xposix_spawn_file_actions_adddup2.c: Likewise.
* support/xspawn.h: Likewise.
Reviewed-by: Carlos O'Donell <carlos@redhat.com>
This test would fail unnecessarily if the user running it had more than
64 groups since getgroups returns EINVAL if the size provided is less
than the number of supplementary group IDs. Instead dynamically
determine the number of supplementary groups the user has.
The purpose of the bp[0] == '.' check is unclear. Only the root domain
starts with '.'. The empty string is accepted as a domain name in many
places, denoting the root, but using it implicitly is confusing.
alloc_buffer_next is useful for peeking to the remaining part of the
buffer and update it, with subsequent allocation (once the length
is known) using alloc_buffer_alloc_bytes. This is not as robust
as the other interfaces, but it allows using alloc_buffer with
string-writing interfaces such as snprintf and ns_name_ntop.
If an error occurs during the tracing operation, particularly during a
call to lock_and_info() which calls _dl_addr, we may end up calling back
into the malloc-subsystem and relock the loader lock and deadlock. For
all intents and purposes the call to _dl_addr can call any of the malloc
family API functions and so we should disable all tracing before calling
such loader functions. This is similar to the strategy that the new
malloc tracer takes when calling the real malloc, namely that all
tracing ceases at the boundary to the real function and any faults at
that point are the purvue of the library (though the new tracer does
this on a per-thread basis in an MT-safe fashion). Since the new tracer
and the hook deprecation are not yet complete we must fix these issues
where we can.
Tested on x86_64 with no regressions.
Co-authored-by: Kwok Cheung Yeung <kcy@codesourcery.com>
Reviewed-by: DJ Delorie <dj@redhat.com>
Replace slow byte-oriented tests in several string benchmarks with the
generic implementations from the string/ directory so the comparisons
are more realistic and useful.
* benchtests/bench-stpcpy.c (SIMPLE_STPCPY): Remove function.
(generic_stpcpy): New function.
* benchtests/bench-stpncpy.c (SIMPLE_STPNCPY): Remove function.
(generic_stpncpy): New function.
* benchtests/bench-strcat.c (SIMPLE_STRCAT): Remove function.
(generic_strcat): New function.
* benchtests/bench-strcpy.c (SIMPLE_STRCPY): Remove function.
(generic_strcpy): New function.
* benchtests/bench-strncat.c (SIMPLE_STRNCAT): Remove function.
(STUPID_STRNCAT): Remove function.
(generic_strncat): New function.
* benchtests/bench-strncpy.c (SIMPLE_STRNCPY): Remove function.
(STUPID_STRNCPY): Remove function.
(generic_strncpy): New function.
* benchtests/bench-strnlen.c (SIMPLE_STRNLEN): Remove function.
(generic_strnlen): New function.
(memchr_strnlen): New function.
* benchtests/bench-strlen.c (generic_strlen): Define for WIDE.
(memchr_strlen): Likewise.
Improve bench-strstr by using an extract from the manual as the input
to make the test more realistic. Use the same input for both found and
fail cases rather than using a memset of '0' for most of the string,
which measures performance of strchr rather than strstr. Add result
checking to catch potential errors. Remove the repeated tests at slightly
different alignments and add more large needle and haystack testcases.
Replace stupid_strstr with an efficient basic implementation. Add the
Two-way implementation to simplify comparisons with much faster generic
implementations.
* benchtests/bench-strstr.c (input): Add realistic input text.
(stupid_strstr): Remove function.
(basic_strstr): Add function.
(twoway_strstr): Add function.
(do_one_test): Add result checking.
(do_test): Use new input text. Remove accidental early matches.
(test_main): Improve range of tests, reduce unaligned cases.
Improve bench-memmem by replacing simple_memmem with a more efficient
implementation. Add the Two-way implementation to enable direct comparison
with the optimized memmem.
* benchtests/bench-memmem.c (simple_memmem): Remove function.
(basic_memmem): Add function.
(twoway_memmem): Add function.
This functionality was deprecated in glibc 2.25.
This commit only includes the core changes to remove the
functionality. It does not remove the RES_USE_INET6 handling in the
individual NSS service modules and the res_use_inet6 function.
These changes will happen in future commits.
Here is the updated patch for improving the long unaligned
code path (the one using "ext" instruction).
1. Always taken conditional branch at the beginning is
removed.
2. Epilogue code is placed after the end of the loop to
reduce the number of branches.
3. The redundant "mov" instructions inside the loop are
gone due to the changed order of the registers in the "ext"
instructions inside the loop, the prologue has additional
"ext" instruction.
4.Updating count in the prologue was hoisted out as
it is the same update for each prologue.
5. Invariant code of the loop epilogue was hoisted out.
6. As the current size of the ext chunk is exactly 16
instructions long "nop" was added at the beginning
of the code sequence so that the loop entry for all the
chunks be aligned.
* sysdeps/aarch64/multiarch/memcpy_thunderx2.S: Cleanup branching
and remove redundant code.
This allows an architecture to set explicit loop unrolling.
Checked on aarch64-linux-gnu.
* wcsmbs/wcsrchr.c (WCSRCHR): Use loop_unroll.h to parametrize
the loop unroll.
This allows an architecture to set explicit loop unrolling.
Checked on aarch64-linux-gnu.
* wcsmbs/wcschr.c (WCSCHR): Use loop_unroll.h to parametrize
the loop unroll.
This allows an architecture to use the old generic implementation
and also set explicit loop unrolling.
Checked on aarch64-linux-gnu.
* include/loop_unroll.h: New file.
* wcsmbs/wcscpy (__wcscpy): Add option to use loop unrolling
besides generic implementation.
snprintf will only truncate the output if the data its given
is corrupted, but a truncated buffer will not match the
"pristine" data's buffer, which is all we need. So just
disable the warning via the DIAG macros.
The Japanese era name will be changed on May 1, 2019. The Japanese
government made a preliminary announcement on April 1, 2019.
The glibc ja_JP locale must be updated to include the new era name for
strftime's alternative year format support.
Checked on x86_64-linux-gnu.
Reviewed-by: Carlos O'Donell <carlos@redhat.com>
ChangeLog:
[BZ #22964]
* localedata/locales/ja_JP (LC_TIME): Add entry for the new Japanese
era.
* time/tst-strftime2.c (dates): Add 2019-04-30 and 2019-05-01.
(mkreftable): Add rules for the new Japanese era and the new dates.
Co-authored-by: Rafal Luzynski <digitalfreak@lingonborough.com>
Reviewed-by: Carlos O'Donell <carlos@redhat.com>
ChangeLog:
[BZ #24293]
* time/Makefile (LOCALES): Add zh_TW.UTF-8, cmn_TW.UTF-8,
hak_TW.UTF-8, nan_TW.UTF-8, and lzh_TW.UTF-8.
* time/tst-strftime2.c (locales): Likewise.
(dates): Add 1910-04-01, 1911-12-31, 1912-01-01, 1913-04-01,
2010-04-01, and 2011-04-01.
(mkreftable): Add rules for the new locales and the new dates.
Express the years as full Gregorian years (e.g., 1988 instead of 88)
and months with natural numbers (1-12 rather than 0-11).
Compare actual dates rather than indexes when selecting the era name.
Declare the local variable era as a string character pointer rather
than an array of chars where the actual string is copied which might
lead to potential buffer overflows in future.
Co-authored-by: Rafal Luzynski <digitalfreak@lingonborough.com>
Reviewed-by: Carlos O'Donell <carlos@redhat.com>
ChangeLog:
* time/tst-strftime2.c (date_t): Explicitly define the type.
(dates): Use natural month and year numbers to express a date.
(is_before): New function to compare dates.
(mkreftable): Minor improvements to simplify maintenance.
(do_test): Reflect the changes in dates array.
