Commit Graph

40130 Commits

Author SHA1 Message Date
Andreas Schwab
6f962278e2 elf: Update list of RISC-V relocations 2023-06-26 16:11:16 +02:00
Maxim Kuvyrkov
7c507f4473 Fix tests-clean Makefile target (bug 30545)
This patch improves tests-clean Makefile target to reliably clean
test artifacts from a build directory.  Before this patch tests-clean
missed around 3k (out of total 9k) .out and .test-result files.

Signed-off-by: Maxim Kuvyrkov <maxim.kuvyrkov@linaro.org>
Reviewed-by: Adhemerval Zanella  <adhemerval.zanella@linaro.org>
Reviewed-by: Carlos O'Donell <carlos@redhat.com>
2023-06-26 10:37:25 -03:00
Joe Simmons-Talbott
9a17a193b4 check_native: Get rid of alloca
Use malloc rather than alloca to avoid potential stack overflow.

Reviewed-by: Adhemerval Zanella  <adhemerval.zanella@linaro.org>
2023-06-26 10:17:47 -03:00
Joe Simmons-Talbott
48170127d9 ifaddrs: Get rid of alloca
Use scratch_buffer and malloc rather than alloca to avoid potential stack
overflows.
Reviewed-by: Adhemerval Zanella  <adhemerval.zanella@linaro.org>
2023-06-26 10:17:39 -03:00
Sergey Bugaev
45e2483a6c x86: Make dl-cache.h and readelflib.c not Linux-specific
These files could be useful to any port that wants to use ld.so.cache.

Signed-off-by: Sergey Bugaev <bugaevc@gmail.com>
Reviewed-by: Adhemerval Zanella  <adhemerval.zanella@linaro.org>
2023-06-26 10:04:31 -03:00
Sergey Bugaev
daf7b53a3c elf: Port ldconfig away from stack-allocated paths
ldconfig was allocating PATH_MAX bytes on the stack for the library file
name. The issues with PATH_MAX usage are well documented [0][1]; even if
a program does not rely on paths being limited to PATH_MAX bytes,
allocating 4096 bytes on the stack for paths that are typically rather
short (strlen ("/lib64/libc.so.6") is 16) is wasteful and dangerous.

[0]: https://insanecoding.blogspot.com/2007/11/pathmax-simply-isnt.html
[1]: https://eklitzke.org/path-max-is-tricky

Instead, make use of asprintf to dynamically allocate memory of just the
right size on the heap.

Reviewed-by: Adhemerval Zanella <adhemerval.zanella@linaro.org>
Reviewed-by: Florian Weimer <fweimer@redhat.com>
Signed-off-by: Sergey Bugaev <bugaevc@gmail.com>
2023-06-26 10:04:31 -03:00
Paul Eggert
21fbc0a193 Call "CST" a time zone abbreviation, not a name
In documentation, call strings like "CST" time zone abbreviations, not
time zone names.  This terminology is more precise, and is what tzdb uses.
A string like "CST" is ambiguous and does not fully name a time zone.
2023-06-22 13:49:09 -07:00
Frederic Berat
99f9ae4ed0 benchtests: fix warn unused result
Few tests needed to properly check for asprintf and system calls return
values with _FORTIFY_SOURCE enabled.

Reviewed-by: Siddhesh Poyarekar <siddhesh@sourceware.org>
2023-06-22 00:21:19 -04:00
Frederic Berat
d636339306 sysdeps/powerpc/fpu/tst-setcontext-fpscr.c: Fix warn unused result
The fread routine return value needs to be checked when fortification
is enabled, hence use xfread helper.

Reviewed-by: Siddhesh Poyarekar <siddhesh@sourceware.org>
2023-06-22 00:21:17 -04:00
Frederic Berat
131af38694 rt/tst-mqueue4.c: Fix wrong number of argument for mq_open
The mq_open routine should only get either 2 or 4 arguments, this test
wrongly passed 3.

Reviewed-by: Siddhesh Poyarekar <siddhesh@sourceware.org>
2023-06-22 00:21:13 -04:00
Frederic Berat
0371c23623 debug/readlink{, at}_chk.c: Harmonize declaration and definition
The declaration and definition of these routines aren't consistent.

Make the definition of __readlink_chk and __readlinkat_chk match the
declaration of the routines they fortify.  While there are no problems
today this avoids any future potential problems related to the mismatch.

Reviewed-by: Siddhesh Poyarekar <siddhesh@sourceware.org>
2023-06-22 00:21:06 -04:00
Frederic Berat
04d85febb9 wcsmbs/bits/wchar2{, -decl}.h: Clearly separate declaration from definitions
This will enable __REDIRECT_FORTIFY* macros to be used when _FORTIFY_SOURCE
is set.

Routine declarations that were in bits/wchar2.h are moved into the
bits/wchar2-decl.h file.
The file is now included into include/wchar.h irrespectively from
fortification.

Reviewed-by: Siddhesh Poyarekar <siddhesh@sourceware.org>
2023-06-22 00:21:01 -04:00
Frederic Berat
427dbaee86 stdio-common: tests: Incorrect maxlen parameter for swprintf
Few tests using swprintf are passing incorrect maxlen parameter.
This triggers an abort when _FORTIFY_SOURCE is enabled.

Reviewed-by: Siddhesh Poyarekar <siddhesh@sourceware.org>
2023-06-22 00:20:55 -04:00
Frederic Berat
1bc85effd5 sysdeps/{i386, x86_64}/mempcpy_chk.S: fix linknamespace for __mempcpy_chk
On i386 and x86_64, for libc.a specifically, __mempcpy_chk calls
mempcpy which leads POSIX routines to call non-POSIX mempcpy indirectly.

This leads the linknamespace test to fail when glibc is built with
__FORTIFY_SOURCE=3.

Since calling mempcpy doesn't bring any benefit for libc.a, directly
call __mempcpy instead.

Reviewed-by: Siddhesh Poyarekar <siddhesh@sourceware.org>
2023-06-22 00:20:52 -04:00
Joe Simmons-Talbott
9e6863a537 hurd: readv: Get rid of alloca
Replace alloca with a scratch_buffer to avoid potential stack overflows.

Checked on i686-gnu and x86_64-linux-gnu
Message-Id: <20230619144334.2902429-1-josimmon@redhat.com>
2023-06-20 19:15:10 +02:00
Joe Simmons-Talbott
c6957bddb9 hurd: writev: Add back cleanup handler
There is a potential memory leak for large writes due to writev being a
"shall occur" cancellation point.  Add back the cleanup handler removed
in cf30aa43a5.

Checked on i686-gnu and x86_64-linux-gnu.
Message-Id: <20230619143842.2901522-1-josimmon@redhat.com>
2023-06-20 18:37:04 +02:00
Paul Pluzhnikov
4290aed051 Fix misspellings -- BZ 25337 2023-06-19 21:58:33 +00:00
Joseph Myers
2d88df5411 C2x scanf %b support
ISO C2x defines scanf %b for input of binary integers (with an
optional 0b or 0B prefix).  Implement such support, along with the
corresponding SCNb* macros in <inttypes.h>.  Unlike the support for
binary integers with 0b or 0B prefix with scanf %i, this is supported
in all versions of scanf (independent of the standards mode used for
compilation), because there are no backwards compatibility concerns
(%b wasn't previously a supported format) the way there were for %i.

Tested for x86_64 and x86.
2023-06-19 19:40:34 +00:00
Joseph Myers
5f83b2674e C2x printf %wN, %wfN support (bug 24466)
ISO C2x defines printf length modifiers wN (for intN_t / int_leastN_t
/ uintN_t / uint_leastN_t) and wfN (for int_fastN_t / uint_fastN_t).
Add support for those length modifiers (such a feature was previously
requested in bug 24466).  scanf support is to be added separately.
GCC 13 has format checking support for these modifiers.

When used with the support for registering format specifiers, these
modifiers are translated to existing flags in struct printf_info,
rather than trying to add some way of distinguishing them without
breaking the printf_info ABI.  C2x requires an error to be returned
for unsupported values of N; this is implemented for printf-family
functions, but the parse_printf_format interface doesn't support error
returns, so such an error gets discarded by that function.

Tested for x86_64 and x86.
2023-06-19 18:52:12 +00:00
Frédéric Bérat
8022fc7d51 tests: replace system by xsystem
With fortification enabled, system calls return result needs to be checked,
has it gets the __wur macro enabled.
Reviewed-by: Siddhesh Poyarekar <siddhesh@sourceware.org>
2023-06-19 09:15:05 -04:00
Frédéric Bérat
20b6b8e8a5 tests: replace read by xread
With fortification enabled, read calls return result needs to be checked,
has it gets the __wur macro enabled.

Note on read call removal from  sysdeps/pthread/tst-cancel20.c and
sysdeps/pthread/tst-cancel21.c:
It is assumed that this second read call was there to overcome the race
condition between pipe closure and thread cancellation that could happen
in the original code. Since this race condition got fixed by
d0e3ffb7a5 the second call seems
superfluous. Hence, instead of checking for the return value of read, it
looks reasonable to simply remove it.
Reviewed-by: Siddhesh Poyarekar <siddhesh@sourceware.org>
2023-06-19 09:14:56 -04:00
Joe Simmons-Talbott
cf30aa43a5 hurd: writev: Get rid of alloca
Use a scratch_buffer rather than alloca to avoid potential stack
overflows.

Checked on i686-gnu and x86_64-linux-gnu
Message-Id: <20230608155844.976554-1-josimmon@redhat.com>
2023-06-19 02:45:19 +02:00
Joe Simmons-Talbott
01dd2875f8 grantpt: Get rid of alloca
Replace alloca with a scratch_buffer to avoid potential stack overflows.
Message-Id: <20230613191631.1080455-1-josimmon@redhat.com>
2023-06-18 01:08:04 +02:00
Florian Weimer
1d44530a5b string: strerror must not return NULL (bug 30555)
For strerror, this fixes commit 28aff04781 ("string:
Implement strerror in terms of strerror_l").  This commit avoids
returning NULL for strerror_l as well, although POSIX allows this
behavior for strerror_l.

Reviewed-by: Arjun Shankar <arjun@redhat.com>
2023-06-15 19:54:09 +02:00
Florian Weimer
388ae538dd hurd: Add strlcpy, strlcat, wcslcpy, wcslcat to libc.abilist 2023-06-15 10:05:25 +02:00
Paul Eggert
d2fda60e7c manual: Manual update for strlcat, strlcpy, wcslcat, wclscpy
Co-authored-by: Florian Weimer <fweimer@redhat.com>
Reviewed-by: Siddhesh Poyarekar <siddhesh@sourceware.org>
2023-06-14 18:10:27 +02:00
Florian Weimer
b54e5d1c92 Add the wcslcpy, wcslcat functions
These functions are about to be added to POSIX, under Austin Group
issue 986.

Reviewed-by: Siddhesh Poyarekar <siddhesh@sourceware.org>
2023-06-14 18:10:24 +02:00
Florian Weimer
454a20c875 Implement strlcpy and strlcat [BZ #178]
These functions are about to be added to POSIX, under Austin Group
issue 986.

The fortified strlcat implementation does not raise SIGABRT if the
destination buffer does not contain a null terminator, it just
inherits the non-failing regular strlcat behavior.

Reviewed-by: Siddhesh Poyarekar <siddhesh@sourceware.org>
2023-06-14 18:10:08 +02:00
Frederic Berat
7ba426a111 tests: replace fgets by xfgets
With fortification enabled, fgets calls return result needs to be checked,
has it gets the __wur macro enabled.
Reviewed-by: Siddhesh Poyarekar <siddhesh@sourceware.org>
2023-06-13 19:59:08 -04:00
Frederic Berat
a84dcb4bdf tests: replace fread by xfread
With fortification enabled, fread calls return result needs to be checked,
has it gets the __wur macro enabled.
Reviewed-by: Siddhesh Poyarekar <siddhesh@sourceware.org>
2023-06-13 19:59:08 -04:00
Dridi Boukelmoune
127c21c0e2 posix: Add test case for gai_strerror()
Signed-off-by: Dridi Boukelmoune <dridi.boukelmoune@gmail.com>
Reviewed-by: Arjun Shankar <arjun@redhat.com>
2023-06-13 20:55:02 +02:00
Dridi Boukelmoune
658f601f2a posix: Handle success in gai_strerror()
Signed-off-by: Dridi Boukelmoune <dridi.boukelmoune@gmail.com>
Reviewed-by: Arjun Shankar <arjun@redhat.com>
2023-06-13 20:54:49 +02:00
caiyinyu
eaa5b1cce8 LoongArch: Add support for dl_runtime_profile
This commit can fix the FAIL item: elf/tst-sprof-basic.
2023-06-13 10:27:45 +08:00
Adhemerval Zanella Netto
94384bdf39 malloc: Decrease resource usage for malloc tests
The tst-mallocfork2 and tst-mallocfork3 create large number of
subprocesss, around 11k for former and 20k for latter, to check
for malloc async-signal-safeness on both fork and _Fork.  However
they do not really exercise allocation patterns different than
other tests fro malloc itself, and the spawned process just exit
without any extra computation.

The tst-malloc-tcache-leak is similar, but creates 100k threads
and already checks the resulting with mallinfo.

These tests are also very sensitive to system load (since they
estresss heavy the kernel resource allocation), and adding them
on THP tunable and mcheck tests increase the pressure even more.

For THP the fork tests do not add any more coverage than other
tests.  The mcheck is also not enable for tst-malloc-tcache-leak.

Checked on x86_64-linux-gnu.
Reviewed-by: Carlos O'Donell <carlos@redhat.com>
2023-06-12 14:45:24 -03:00
Adhemerval Zanella Netto
e6ce346d07 stdlib: Tune down fork arc4random tests
There is no fork detection on current arc4random implementation, so
use lower subprocess on fork tests.  The tests now run on 0.1s
instead of 8s on a Ryzen9 5900X.

Checked on x86_64-linux-gnu.
Reviewed-by: Carlos O'Donell <carlos@redhat.com>
2023-06-12 14:45:16 -03:00
Joe Simmons-Talbott
31df9fa8ff tst-getdate: Improve testcase flexibility and add test.
The getdate testcases all expect successful results.  Add support for
negative testcases and testcases where a full date and time are not
supplied by skipping the tm checks in the test.  Add a testcase that
would catch a use-after-free that was recently found.

Reviewed-by: Arjun Shankar <arjun@redhat.com>
2023-06-12 18:36:02 +02:00
Noah Goldstein
180897c161 x86: Make the divisor in setting non_temporal_threshold cpu specific
Different systems prefer a different divisors.

From benchmarks[1] so far the following divisors have been found:
    ICX     : 2
    SKX     : 2
    BWD     : 8

For Intel, we are generalizing that BWD and older prefers 8 as a
divisor, and SKL and newer prefers 2. This number can be further tuned
as benchmarks are run.

[1]: https://github.com/goldsteinn/memcpy-nt-benchmarks
Reviewed-by: DJ Delorie <dj@redhat.com>
2023-06-12 11:33:39 -05:00
Noah Goldstein
f193ea20ed x86: Refactor Intel init_cpu_features
This patch should have no affect on existing functionality.

The current code, which has a single switch for model detection and
setting prefered features, is difficult to follow/extend. The cases
use magic numbers and many microarchitectures are missing. This makes
it difficult to reason about what is implemented so far and/or
how/where to add support for new features.

This patch splits the model detection and preference setting stages so
that CPU preferences can be set based on a complete list of available
microarchitectures, rather than based on model magic numbers.
Reviewed-by: DJ Delorie <dj@redhat.com>
2023-06-12 11:33:39 -05:00
Noah Goldstein
af992e7abd x86: Increase non_temporal_threshold to roughly sizeof_L3 / 4
Current `non_temporal_threshold` set to roughly '3/4 * sizeof_L3 /
ncores_per_socket'. This patch updates that value to roughly
'sizeof_L3 / 4`

The original value (specifically dividing the `ncores_per_socket`) was
done to limit the amount of other threads' data a `memcpy`/`memset`
could evict.

Dividing by 'ncores_per_socket', however leads to exceedingly low
non-temporal thresholds and leads to using non-temporal stores in
cases where REP MOVSB is multiple times faster.

Furthermore, non-temporal stores are written directly to main memory
so using it at a size much smaller than L3 can place soon to be
accessed data much further away than it otherwise could be. As well,
modern machines are able to detect streaming patterns (especially if
REP MOVSB is used) and provide LRU hints to the memory subsystem. This
in affect caps the total amount of eviction at 1/cache_associativity,
far below meaningfully thrashing the entire cache.

As best I can tell, the benchmarks that lead this small threshold
where done comparing non-temporal stores versus standard cacheable
stores. A better comparison (linked below) is to be REP MOVSB which,
on the measure systems, is nearly 2x faster than non-temporal stores
at the low-end of the previous threshold, and within 10% for over
100MB copies (well past even the current threshold). In cases with a
low number of threads competing for bandwidth, REP MOVSB is ~2x faster
up to `sizeof_L3`.

The divisor of `4` is a somewhat arbitrary value. From benchmarks it
seems Skylake and Icelake both prefer a divisor of `2`, but older CPUs
such as Broadwell prefer something closer to `8`. This patch is meant
to be followed up by another one to make the divisor cpu-specific, but
in the meantime (and for easier backporting), this patch settles on
`4` as a middle-ground.

Benchmarks comparing non-temporal stores, REP MOVSB, and cacheable
stores where done using:
https://github.com/goldsteinn/memcpy-nt-benchmarks

Sheets results (also available in pdf on the github):
https://docs.google.com/spreadsheets/d/e/2PACX-1vS183r0rW_jRX6tG_E90m9qVuFiMbRIJvi5VAE8yYOvEOIEEc3aSNuEsrFbuXw5c3nGboxMmrupZD7K/pubhtml
Reviewed-by: DJ Delorie <dj@redhat.com>
Reviewed-by: Carlos O'Donell <carlos@redhat.com>
2023-06-12 11:33:39 -05:00
Martin Coufal
5e8d1b0328 Remove unused DATEMSK file for tst-getdate
tst-getdate used to rely on an in-tree datemsk file that was
subsequently replaced by a file created during test execution.  This
commit removes the unused file and corresponding env-var and uses a more
appropriate name for the temp file.
Reviewed-by: Carlos O'Donell <carlos@redhat.com>
2023-06-09 16:25:36 +02:00
Andreas Schwab
abcf8db7fa resolv_conf: release lock on allocation failure (bug 30527)
When the initial allocation of global fails, the local lock is left
locked.

Reported by Steffen Lammel of SAP HANA development.
2023-06-07 12:44:25 +02:00
Arjun Shankar
85e6d8b417 time: Fix use-after-free in getdate
getdate would free the buffer pointed to by the result of its call to
strptime, then reference the same buffer later on -- leading to a
use-after-free.  This commit fixes that.

Reported-by: Martin Coufal <mcoufal@redhat.com>
Reviewed-by: Adhemerval Zanella  <adhemerval.zanella@linaro.org>
2023-06-06 21:14:46 +02:00
Frédéric Bérat
200ae471b6 Move {read,write}_all functions to a dedicated header
Since these functions are used in both catgets/gencat.c and
malloc/memusage{,stat}.c, it make sense to move them into a dedicated
header where they can be inlined.

Reviewed-by: Siddhesh Poyarekar <siddhesh@sourceware.org>
2023-06-06 08:23:53 -04:00
Frédéric Bérat
f6a532fbd0 tests: Replace various function calls with their x variant
With fortification enabled, few function calls return result need to be
checked, has they get the __wur macro enabled.

Reviewed-by: Siddhesh Poyarekar <siddhesh@sourceware.org>
2023-06-06 08:23:53 -04:00
Frédéric Bérat
8c4f69d711 tests: fix warn unused result on asprintf calls
When enabling _FORTIFY_SOURCE, some functions now lead to warnings when
their result is not checked.

Reviewed-by: Siddhesh Poyarekar <siddhesh@sourceware.org>
2023-06-06 08:23:53 -04:00
Florian Weimer
7d42120928 pthreads: Use _exit to terminate the tst-stdio1 test
Previously, the exit function was used, but this causes the test to
block (until the timeout) once exit is changed to lock stdio streams
during flush.
2023-06-06 11:39:06 +02:00
Florian Weimer
047703fbb8 support: Add delayed__exit (with two underscores)
It calls _exit instead of exit once the timeout expires.
2023-06-06 11:37:30 +02:00
Adhemerval Zanella
e3622a8f39 time: Also check for EPERM while trying to clock_settime
Container management default seccomp filter [1] only accepts
clock_settime if process has also CAP_SYS_TIME.  So also handle
EPERM as well.

Also adapt the test to libsupport and add a proper Copyright header.

Checked on aarch64-linux-gnu.
Reviewed-by: Carlos O'Donell <carlos@redhat.com>
2023-06-05 12:51:48 -03:00
Adhemerval Zanella
d4963a844d linux: Fail as unsupported if personality call is filtered
Container management default seccomp filter [1] only accepts
personality(2) with PER_LINUX, (0x0), UNAME26 (0x20000),
PER_LINUX32 (0x8), UNAME26 | PER_LINUX32, and 0xffffffff (to query
current personality)

Although the documentation only state it is blocked to prevent
'enabling BSD emulation' (PER_BSD, not implemented by Linux), checking
on repository log the real reason is to block ASLR disable flag
(ADDR_NO_RANDOMIZE) and other poorly support emulations.

So handle EPERM and fail as UNSUPPORTED if we can really check for
BZ#19408.

Checked on aarch64-linux-gnu.

[1] https://github.com/moby/moby/blob/master/profiles/seccomp/default.json

Reviewed-by: Florian Weimer <fweimer@redhat.com>
2023-06-05 12:51:48 -03:00
Joseph Myers
be9b883ddd Remove MAP_VARIABLE from hppa bits/mman.h
As suggested in
<https://sourceware.org/pipermail/libc-alpha/2023-February/145890.html>,
remove the MAP_VARIABLE define from the hppa bits/mman.h, for
consistency with Linux 6.2 which removed the define there.

Tested with build-many-glibcs.py for hppa-linux-gnu.
2023-06-05 14:35:25 +00:00