malloc and realloc may set errno to ENOMEM even if they are successful.
The scandir code wrongly assume that they do not change errno, this
causes scandir to fail with ENOMEM even if malloc succeed.
The code already handles that readdir might set errno by calling
__set_errno (0) to clear the error. Move that part at the end of the
loop to also take malloc and realloc into account.
Changelog:
[BZ #17804]
* dirent/scandir-tail.c (SCANDIR_TAIL): Move __set_errno (0) at the
end of the loop. Improve comments.
The current glibc manual is ambiguous about the errno value on success
and suggests that it is left unchanged. Some functions might and
sometimes do change the errno value, however they never set it to 0.
This patch from Zack Weinberg clarifies this section of the manual.
Changelog:
[BZ #22615]
* manual/errno.texi (Checking for Errors): Explicitly say that errno
might be set on success.
POSIX explicitly says that applications should check errno only after
failure, so the errno value can be clobbered on success as long as it
is not set to zero.
Changelog:
[BZ #22611]
* malloc/tst-realloc.c (do_test): Remove the test checking that errno
is unchanged on success.
is_path argument is no longer used and could be safely removed.
* elf/dl-dst.h (DL_DST_COUNT): Remove is_path argument, all callers
updated.
* elf/dl-load.c (is_dst, _dl_dst_count, _dl_dst_substitute,
expand_dynamic_string_token): Likewise.
* sysdeps/generic/ldsodefs.h (_dl_dst_count, _dl_dst_substitute): Remove
is_path argument.
is_dst is called either by _dl_dst_count or by _dl_dst_substitute.
_dl_dst_count is called by DL_DST_COUNT only.
DL_DST_COUNT is called either by expand_dst with is_path == 0
or by expand_dynamic_string_token.
_dl_dst_substitute is called either from expand_dst with is_path == 0
or from expand_dynamic_string_token.
The latter function is called either from _dl_map_object with is_path == 0
or from fillin_rpath with is_path == 1 and name containing no ':'.
In any case (is_path && name[i] == ':') is always false and all code
depending on it can be safely removed.
* elf/dl-load.c (is_dst): Remove checks that is_path is set and name
contains ':', and all code depending on these checks.
There are just two users of _dl_dst_substitute: one is expand_dst that
sets is_path argument to 0, another one is expand_dynamic_string_token.
The latter function also has just two users: one is _dl_map_object that
sets is_path argument to 0, another one is fillin_rpath that sets
is_path argument to 1 and name argument contains no ':'.
In any case (is_path && name[i] == ':') is always false and all code
depending on it can be safely removed.
* elf/dl-load.c (_dl_dst_substitute): Remove checks that is_path
is set and name contains ':', and all code depending on these checks.
libio.h was originally the header for a set of supported GNU
extensions, but they have not been maintained as such in many years,
they are now standing in the way of improvements to stdio, and we
don't think there are any remaining external users. _G_config.h was
never intended for public use, but predates the bits convention.
Move both of these headers into the bits directory and provide stubs
at top level which issue deprecation warnings.
The contents of (bits/)libio.h and (bits/)_G_config.h are still
exposed to external software via stdio.h; changing that requires more
complex surgery than I have time to attempt right now.
* libio/libio.h, libio/_G_config.h: New stub headers which issue a
deprecation warning and then include <bits/libio.h>, <bits/_G_config.h>
respectively.
* libio/libio.h: Rename the original version of this file to
libio/bits/libio.h. Error out if not included by stdio.h or the
stub libio.h.
* include/libio.h: Move to include/bits. Forward to libio/bits/libio.h.
* sysdeps/generic/_G_config.h: Move to top-level bits/. Error out
if not included by bits/libio.h or the stub _G_config.h.
* sysdeps/unix/sysv/linux/_G_config.h: Move to
sysdeps/unix/sysv/linux/bits. Error out if not included by
bits/libio.h or the stub _G_config.h.
* libio/stdio.h: Include bits/libio.h, not libio.h.
* libio/Makefile: Install bits/libio.h and bits/_G_config.h as
well as libio.h and _G_config.h.
* csu/init.c, libio/fmemopen.c, libio/iolibio.h, libio/oldfmemopen.c
* libio/strfile.h, stdio-common/vfscanf.c
* sysdeps/pthread/flockfile.c, sysdeps/pthread/funlockfile.c
Include stdio.h, not _G_config.h nor libio.h.
* libio/iofgetpos.c: Also rename fgetpos64 out of the way.
* libio/iofsetpos.c: Also rename fsetpos64 out of the way.
* scripts/check-installed-headers.sh: Skip libio.h and _G_config.h.
That way it matches the standard and the behaviour of the finite
function.
Changelog:
[BZ #22596]
* manual/arith.texi (finite): Fix the description of the return
value.
aarch64 has several ifuncs now so test it without multiarch support separately.
* scripts/build-many-glibcs.py (Context.add_all_configs): Add
disable-multi-arch variant to aarch64-linux-gnu.
This patch updates various miscellaneous files from their upstream
sources.
Tested for x86_64, including "make pdf".
* manual/texinfo.tex: Update to version 2017-12-18.20 with
trailing whitespace removed.
* scripts/config.guess: Update to version 2017-12-17.
* scripts/config.sub: Update to version 2017-11-23.
* scripts/install-sh: Update to version 2017-09-23.17.
* scripts/move-if-change: Update to version 2017-09-13 06:45.
With tilepro removal, the uppercase instruction are not anymore
required to be defines as potentially macros. This is a
mechanical change done by the following shell script:
---
INSNS="LD LD4U ST ST4 BNEZ BEQZ BEQZT BGTZ CMPEQI CMPEQ CMOVEQZ CMOVNEZ"
FILES=$(find sysdeps/tile sysdeps/unix/sysv/linux/tile -iname *.S)
for insn in $INSNS; do
repl=$(echo $insn | tr '[:upper:]' '[:lower:]')
sed -i 's/\b'$insn'\b/'$repl'/g' $FILES
done
---
Checked with a build for tilegx-linux-gnu and tilegx-linux-gnu-32 with
and without the patch, there is no difference in generated binary with
a dissassemble.
* sysdeps/tile/__longjmp.S (__longjmp): Use lowercase instructions.
* sysdeps/tile/__tls_get_addr.S (__tls_get_addr): Likewise.
* sysdeps/tile/_mcount.S (__mcount): Likewise.
* sysdeps/tile/crti.S (_init, _fini): Likewise.
* sysdeps/tile/crtn.S: Likewise.
* sysdeps/tile/dl-start.S (_start): Likewise.
* sysdeps/tile/dl-trampoline.S: Likewise.
* sysdeps/tile/setjmp.S (__sigsetjmp): Likewise.
* sysdeps/tile/start.S (_start): Likewise.
* sysdeps/unix/sysv/linux/tile/clone.S (_clone): Likewise.
* sysdeps/unix/sysv/linux/tile/getcontext.S (__getcontext): Likewise.
* sysdeps/unix/sysv/linux/tile/ioctl.S (__ioctl): Likewise.
* sysdeps/unix/sysv/linux/tile/setcontext.S (__setcontext): Likewise.
* sysdeps/unix/sysv/linux/tile/swapcontext.S (__swapcontext): Likewise.
* sysdeps/unix/sysv/linux/tile/syscall.S (syscall): Likewise.
* sysdeps/unix/sysv/linux/tile/vfork.S (__vfork): Likewise.
With tilepro support removal we can now simplify internal tile support by
moving the directory structure to avoid the unnecessary directory levels
in tile/tilegx both on generic and linux folders.
Checked with a build for tilegx-linux-gnu and tilegx-linux-gnu-32 with
and without the patch, there is no difference in generated binary with
a dissassemble.
* stdlib/bug-getcontext.c (do_test): Remove tilepro mention in
comment.
* sysdeps/tile/preconfigure: Remove tilegx folder.
* sysdeps/tile/tilegx/Implies: Move definitions to ...
* sysdeps/tile/Implies: ... here.
* sysdeps/tile/tilegx/Makefile: Move rules to ...
* sysdeps/tile/Makefile: ... here.
* sysdeps/tile/tilegx/atomic-machine.h: Move definitions to ...
* sysdeps/tile/atomic-machine.h: ... here. Add include guards.
* sysdeps/tile/tilegx/bits/wordsize.h: Move to ...
* sysdeps/tile/bits/wordsize.h: ... here.
* sysdeps/tile/tilegx/*: Move to ...
* sysdeps/tile/*: ... here.
* sysdeps/tile/tilegx/tilegx32/Implies: Move to ...
* sysdeps/tile/tilegx32/Implies: ... here.
* sysdeps/tile/tilegx/tilegx64/Implies: Move to ...
* sysdeps/tile/tilegx64/Implies: ... here.
* sysdeps/unix/sysv/linux/tile/tilegx/Makefile: Move definitions
to ...
* sysdeps/unix/sysv/linux/tile/Makefile: ... here.
* sysdeps/unix/sysv/linux/tile/tilegx/*: Move to ...
* sysdeps/unix/sysv/linux/tile/*: ... here.
* sysdeps/unix/sysv/linux/tile/tilegx/tilegx32/*: Move to ...
* sysdeps/unix/sysv/linux/tile/tilegx32/*: ... here.
* sysdeps/unix/sysv/linux/tile/tilegx/tilegx64/*: Move to ...
* sysdeps/unix/sysv/linux/tile/tilegx64/*: ... here.
This patch consolidates the pthread_join and gnu extensions to avoid
code duplication. The function pthread_join, pthread_tryjoin_np, and
pthread_timedjoin_np are now based on pthread_timedjoin_ex.
It also fixes some inconsistencies on ESRCH, EINVAL, EDEADLK handling
(where each implementation differs from each other) and also on
clenup handler (which now always use a CAS).
Checked on i686-linux-gnu and x86_64-linux-gnu.
* nptl/pthreadP.h (__pthread_timedjoin_np): Define.
* nptl/pthread_join.c (pthread_join): Use __pthread_timedjoin_np.
* nptl/pthread_tryjoin.c (pthread_tryjoin): Likewise.
* nptl/pthread_timedjoin.c (cleanup): Use CAS on argument setting.
(pthread_timedjoin_np): Define internal symbol and common code from
pthread_join.
* sysdeps/unix/sysv/linux/i386/lowlevellock.h (__lll_timedwait_tid):
Remove superflous checks.
* sysdeps/unix/sysv/linux/x86_64/lowlevellock.h (__lll_timedwait_tid):
Likewise.
Signed-off-by: Adhemerval Zanella <adhemerval.zanella@linaro.org>
Reviewed-by: Carlos O'Donell <carlos@redhat.com>
All binaries use TLS and thus need a properly set up TCB, so we can
simply return its address directly, instead of forwarding to the
libpthread implementation from libc.
For versioned symbols, the dynamic linker checks that the soname matches
the name supplied by the link editor, so a compatibility symbol in
libpthread is needed.
To avoid linking against the libpthread function in all cases, we would
have to bump the symbol version of libpthread in libc.so and supply a
compat symbol. This commit does not do that because the function
implementation is so small, so the overhead by two active copies of the
same function might well be smaller than the increase in symbol table
size.
In C++ mode, __MATH_TG cannot be used for defining iseqsig, because
__MATH_TG relies on __builtin_types_compatible_p, which is a C-only
builtin. This is true when float128 is provided as an ABI-distinct type
from long double.
Moreover, the comparison macros from ISO C take two floating-point
arguments, which need not have the same type. Choosing what underlying
function to call requires evaluating the formats of the arguments, then
selecting which is wider. The macro __MATH_EVAL_FMT2 provides this
information, however, only the type of the macro expansion is relevant
(actually evaluating the expression would be incorrect).
This patch provides a C++ version of iseqsig, in which only the type of
__MATH_EVAL_FMT2 (__typeof or decltype) is used as a template parameter
for __iseqsig_type. This function calls the appropriate underlying
function.
Tested for powerpc64le and x86_64.
[BZ #22377]
* math/Makefile [C++] (tests): Add test for iseqsig.
* math/math.h [C++] (iseqsig): New implementation, which does
not rely on __MATH_TG/__builtin_types_compatible_p.
* math/test-math-iseqsig.cc: New file.
* sysdeps/powerpc/powerpc64le/Makefile
(CFLAGS-test-math-iseqsig.cc): New variable.
There are just two users of fillin_rpath: one is decompose_rpath that
sets check_trusted argument to 0, another one is _dl_init_paths that
sets check_trusted argument to __libc_enable_secure and invokes
fillin_rpath only when LD_LIBRARY_PATH is non-empty.
Starting with commit
glibc-2.25.90-512-gf6110a8fee2ca36f8e2d2abecf3cba9fa7b8ea7d,
LD_LIBRARY_PATH is ignored for __libc_enable_secure executables,
so check_trusted argument of fillin_rpath is always zero.
* elf/dl-load.c (is_trusted_path): Remove.
(fillin_rpath): Remove check_trusted argument and its use,
all callers changed.
After
commit 9d7a3741c9
Author: H.J. Lu <hjl.tools@gmail.com>
Date: Fri Dec 15 16:59:33 2017 -0800
Add --enable-static-pie configure option to build static PIE [BZ #19574]
and
commit 00c714df39
Author: H.J. Lu <hjl.tools@gmail.com>
Date: Mon Dec 18 12:24:26 2017 -0800
Pass -no-pie to GCC only if GCC defaults to PIE [BZ #22614]
$(no-pie-ldflag) is no longer effective since no-pie-ldflag is defined
to -no-pie only if GCC defaults to PIE. When --enable-static-pie is
used to configure glibc build and GCC doesn't default to PIE. no-pie-ldflag
is undefined and these tests:
elf/Makefile:LDFLAGS-tst-dlopen-aout = $(no-pie-ldflag)
elf/Makefile:LDFLAGS-tst-prelink = $(no-pie-ldflag)
elf/Makefile:LDFLAGS-tst-main1 = $(no-pie-ldflag)
gmon/Makefile:LDFLAGS-tst-gmon := $(no-pie-ldflag)
may fail to link. This patch replaces "-pie" with
$(if $($(@F)-no-pie),$(no-pie-ldflag),-pie)
and repleces
LDFLAGS-* = $(no-pie-ldflag)
with
tst-*-no-pie = yes
so that tst-dlopen-aout, tst-prelink, tst-main1 and tst-gmon are always
built as non-PIE, with and without --enable-static-pie, regardless if
GCC defaults to PIE or non-PIE.
Tested with build-many-glibcs.py without --enable-static-pie as well as
with --enable-static-pie for x86_64, x32 and i686.
[BZ #22630]
* Makeconfig (link-pie-before-libc): Replace -pie with
$(if $($(@F)-no-pie),$(no-pie-ldflag),-pie).
* elf/Makefile (LDFLAGS-tst-dlopen-aout): Removed.
(tst-dlopen-aout-no-pie): New.
(LDFLAGS-tst-prelink): Removed.
(tst-prelink-no-pie): New.
(LDFLAGS-tst-main1): Removed.
(tst-main1-no-pie): New.
* gmon/Makefile (LDFLAGS-tst-gmon): Removed.
(tst-gmon-no-pie): New.
To build static PIE, all .o files are compiled with -fPIE. Since
--enable-static-pie is designed to provide additional security hardening
benefits, it also implies that glibc programs and tests are created as
dynamic position independent executables (PIE) by default for better
security hardening.
Reviewed-by: Jonathan Nieder <jrnieder@gmail.com>
* manual/install.texi: Document that --enable-static-pie
implies PIE.
* INSTALL: Regenerated.
As noted in bug 21309, dbl-64/e_pow.c contains signed int shifts that,
although the shift count is in the range [0, 31], shift bits into and
beyond the sign bit and so are undefined in ISO C. Although this is
defined in GNU C, this patch from the bug cleans up the code to avoid
those shifts.
Tested for x86_64.
[BZ #21309]
* sysdeps/ieee754/dbl-64/e_pow.c (checkint): Make m and n
unsigned.
Sync with gnulib 0e14f025d2.
Checked on x86_64-linux-gnu.
* lib/glob.c (glob): Use a 'char *', not a 'void *', in pointer
arithmetic.
Signed-off-by: Adhemerval Zanella <adhemerval.zanella@linaro.org>
Problem reported by Tim Rühsen [1]. Sync with gnulib 0e14f025d2.
[1] https://lists.gnu.org/archive/html/bug-gnulib/2017-10/msg00054.html
Checked on x86_64-linux-gnu.
* lib/glob.c (glob): Do not pass NULL to mempcpy.
Signed-off-by: Adhemerval Zanella <adhemerval.zanella@linaro.org>
These changes will be active for all platforms that don't provide
their own exp() routines. They will also be active for ieee754
versions of ccos, ccosh, cosh, csin, csinh, sinh, exp10, gamma, and
erf.
Typical performance gains is typically around 5x when measured on
Sparc s7 for common values between exp(1) and exp(40).
Using the glibc perf tests on sparc,
sparc (nsec) x86 (nsec)
old new old new
max 17629 395 5173 144
min 399 54 15 13
mean 5317 200 1349 23
The extreme max times for the old (ieee754) exp are due to the
multiprecision computation in the old algorithm when the true value is
very near 0.5 ulp away from an value representable in double
precision. The new algorithm does not take special measures for those
cases. The current glibc exp perf tests overrepresent those values.
Informal testing suggests approximately one in 200 cases might
invoke the high cost computation. The performance advantage of the new
algorithm for other values is still large but not as large as indicated
by the chart above.
Glibc correctness tests for exp() and expf() were run. Within the
test suite 3 input values were found to cause 1 bit differences (ulp)
when "FE_TONEAREST" rounding mode is set. No differences in exp() were
seen for the tested values for the other rounding modes.
Typical example:
exp(-0x1.760cd2p+0) (-1.46113312244415283203125)
new code: 2.31973271630014299393707e-01 0x1.db14cd799387ap-3
old code: 2.31973271630014271638132e-01 0x1.db14cd7993879p-3
exp = 2.31973271630014285508337 (high precision)
Old delta: off by 0.49 ulp
New delta: off by 0.51 ulp
In addition, because ieee754_exp() is used by other routines, cexp()
showed test results with very small imaginary input values where the
imaginary portion of the result was off by 3 ulp when in upward
rounding mode, but not in the other rounding modes. For x86, tgamma
showed a few values where the ulp increased to 6 (max ulp for tgamma
is 5). Sparc tgamma did not show these failures. I presume the tgamma
differences are due to compiler optimization differences within the
gamma function.The gamma function is known to be difficult to compute
accurately.
* sysdeps/ieee754/dbl-64/e_exp.c: Include <math-svid-compat.h> and
<errno.h>. Include "eexp.tbl".
(half): New constant.
(one): Likewise.
(__ieee754_exp): Rewrite.
(__slowexp): Remove prototype.
* sysdeps/ieee754/dbl-64/eexp.tbl: New file.
* sysdeps/ieee754/dbl-64/slowexp.c: Remove file.
* sysdeps/i386/fpu/slowexp.c: Likewise.
* sysdeps/ia64/fpu/slowexp.c: Likewise.
* sysdeps/m68k/m680x0/fpu/slowexp.c: Likewise.
* sysdeps/x86_64/fpu/multiarch/slowexp-avx.c: Likewise.
* sysdeps/x86_64/fpu/multiarch/slowexp-fma.c: Likewise.
* sysdeps/x86_64/fpu/multiarch/slowexp-fma4.c: Likewise.
* sysdeps/generic/math_private.h (__slowexp): Remove prototype.
* sysdeps/ieee754/dbl-64/e_pow.c: Remove mention of slowexp.c in
comment.
* sysdeps/powerpc/power4/fpu/Makefile [$(subdir) = math]
(CPPFLAGS-slowexp.c): Remove variable.
* sysdeps/x86_64/fpu/multiarch/Makefile (libm-sysdep_routines):
Remove slowexp-fma, slowexp-fma4 and slowexp-avx.
(CFLAGS-slowexp-fma.c): Remove variable.
(CFLAGS-slowexp-fma4.c): Likewise.
(CFLAGS-slowexp-avx.c): Likewise.
* sysdeps/x86_64/fpu/multiarch/e_exp-avx.c (__slowexp): Do not
define as macro.
* sysdeps/x86_64/fpu/multiarch/e_exp-fma.c (__slowexp): Likewise.
* sysdeps/x86_64/fpu/multiarch/e_exp-fma4.c (__slowexp): Likewise.
* math/Makefile (type-double-routines): Remove slowexp.
* manual/probes.texi (slowexp_p6): Remove.
(slowexp_p32): Likewise.
Current optimized ia64 memchr uses a strategy to check for last address
by adding the input one with expected size. However it does not take
care for possible overflow.
It was triggered by 3038145ca2 where default rawmemchr now uses memchr
(p, c, (size_t)-1).
This patch fixes it by implement a satured addition where overflows
sets the maximum pointer size to UINTPTR_MAX.
Checked on ia64-linux-gnu where it fixes both stratcliff and
test-rawmemchr failures.
Adhemerval Zanella <adhemerval.zanella@linaro.org>
James Clarke <jrtc27@jrtc27.com>
[BZ #22603]
* sysdeps/ia64/memchr.S (__memchr): Avoid overflow in pointer
addition.
Since 3f823e87cc (Call exit directly in clone (BZ #21512)) SH clone
implementation fails to set the exit code resulting in the failures:
FAIL: nptl/tst-align-clone
FAIL: nptl/tst-getpid1
This patch fixes the both testcases.
[BZ #22605]
* sysdeps/unix/sysv/linux/sh/clone.S (__clone): Fix exit return
code.
Signed-off-by: Adhemerval Zanella <adhemerval.zanella@linaro.org>
On x86, padding in struct __jmp_buf_tag is used for shadow stack pointer
to support Shadow Stack in Intel Control-flow Enforcemen Technology.
cancel_jmp_buf has been updated to include saved_mask so that it is as
large as struct __jmp_buf_tag. We must suport the old cancel_jmp_buf
in existing binaries. Since symbol versioning doesn't work on
cancel_jmp_buf, feature_1 is added to tcbhead_t so that setjmp and
longjmp can check if shadow stack is enabled. NB: Shadow stack is
enabled only if all modules are shadow stack enabled.
[BZ #22563]
* sysdeps/i386/nptl/tcb-offsets.sym (FEATURE_1_OFFSET): New.
* sysdeps/i386/nptl/tls.h (tcbhead_t): Add feature_1.
* sysdeps/x86_64/nptl/tcb-offsets.sym (FEATURE_1_OFFSET): New.
* sysdeps/x86_64/nptl/tls.h (tcbhead_t): Rename __glibc_unused1
to feature_1.
On x86, padding in struct __jmp_buf_tag is used for shadow stack pointer
to support shadow stack in Intel Control-flow Enforcemen Technology.
Since the cancel_jmp_buf array is passed to setjmp and longjmp by
casting it to pointer to struct __jmp_buf_tag, it should be as large
as struct __jmp_buf_tag. Otherwise when shadow stack is enabled,
setjmp and longjmp will write and read beyond cancel_jmp_buf when saving
and restoring shadow stack pointer.
This patch adds bits/types/__cancel_jmp_buf_tag.h to define struct
__cancel_jmp_buf_tag so that Linux/x86 can add saved_mask to
cancel_jmp_buf.
Tested natively on i386, x86_64 and x32. Tested hppa-linux-gnu with
build-many-glibcs.py.
[BZ #22563]
* bits/types/__cancel_jmp_buf_tag.h: New file.
* sysdeps/unix/sysv/linux/x86/bits/types/__cancel_jmp_buf_tag.h
* sysdeps/unix/sysv/linux/x86/pthreaddef.h: Likewise.
* sysdeps/unix/sysv/linux/x86/nptl/pthreadP.h: Likewise.
* nptl/Makefile (headers): Add
bits/types/__cancel_jmp_buf_tag.h.
* nptl/descr.h [NEED_SAVED_MASK_IN_CANCEL_JMP_BUF]
(pthread_unwind_buf): Add saved_mask to cancel_jmp_buf.
* sysdeps/nptl/pthread.h: Include
<bits/types/__cancel_jmp_buf_tag.h>.
(__pthread_unwind_buf_t): Use struct __cancel_jmp_buf_tag with
__cancel_jmp_buf.
* sysdeps/unix/sysv/linux/hppa/pthread.h: Likewise.
Since the default GCC and binutils versions used by build-many-glibcs.py,
which are GCC 7 branch and binutils 2.29 branch, support static PIE on
x86_64, x32 and i686, this patch adds --enable-static-pie glibc variants
to x86_64, x32 and i686 to get some coverage for static PIE.
Tested with build-many-glibcs.py.
* scripts/build-many-glibcs.py (Context.add_all_configs): Add
--enable-static-pie variants to x86_64, x32 and i686.
m68k bits/mathinline.h declares various functions with const
attributes. These are inappropriate for functions that have results
depending on the rounding mode; the machine-independent
bits/mathcalls.h only uses const attributes for a very few functions
with no rounding mode dependence, and the m68k header should do
likewise. GCC uses pure for such functions with -frounding-math,
resulting in GCC mainline warning for conflicts with between the
header and the built-in attributes and glibc failing to build for m68k
with GCC mainline.
This patch fixes the attributes to avoid using const except when
bits/mathcalls.h does so. (There are a few functions where maybe
bits/mathcalls.h could do so but doesn't, but keeping the headers in
sync in this regard seems to be the safe approach.)
Tested compilation with build-many-glibcs.py with GCC mainline.
[BZ #22631]
* sysdeps/m68k/m680x0/fpu/bits/mathinline.h (__m81_defun): Add
argument for attrubutes. All callers changed.
(__inline_mathop1): Likewise. All callers changed.
(__inline_mathop): Likewise. All callers changed.
[__USE_MISC] (scalbn): Use __inline_forward instead of
__inline_forward_c.
[__USE_ISOC99] (scalbln): Likewise.
[__USE_ISOC99] (nearbyint): Likewise.
[__USE_ISOC99] (lrint): Likewise.
[__USE_MISC] (scalbnf): Likewise.
[__USE_ISOC99] (scalblnf): Likewise.
[__USE_ISOC99] (nearbyintf): Likewise.
[__USE_ISOC99] (lrintf): Likewise.
[__USE_MISC] (scalbnl): Likewise.
[__USE_ISOC99] (scalblnl): Likewise.
[__USE_ISOC99] (nearbyintl): Likewise.
[__USE_ISOC99] (lrintl): Likewise.
* sysdeps/m68k/m680x0/fpu/mathimpl.h: All callers of
__inline_mathop and __m81_defun changed.
My fix to make the arm-linux-gnueabihf build-many-glibcs.py builds
actually use the hard-float ABI as intended showed up another issue
when building with mainline GCC: GCC now determines an FPU based on
the selected CPU or architecture and gives an error for
-mfloat-abi=hard when the CPU does not imply a choice of FPU. This
patch fixes all the affected configurations to specify a suitable
--with-cpu, --with-fpu or -mfpu option explicitly to avoid that error
from GCC.
Tested the relevant configurations with build-many-glibcs.py with
mainline GCC.
* scripts/build-many-glibcs.py (Context.add_all_configs): Specify
CPU or FPU for ARM hard-float configurations.
nptl/tst-attr3 fails to build with GCC mainline because of
(deliberate) aliasing between the second (attributes) and fourth
(argument to thread start routine) arguments to pthread_create.
Although both those arguments are restrict-qualified in POSIX,
pthread_create does not actually dereference its fourth argument; it's
an opaque pointer passed to the thread start routine. Thus, the
aliasing is actually valid in this case, and it's deliberate in the
test. So this patch makes the test disable -Wrestrict for the two
pthread_create calls in question. (-Wrestrict was added in GCC 7,
hence the __GNUC_PREREQ conditions, but the particular warning in
question is new in GCC 8.)
Tested compilation with build-many-glibcs.py for aarch64-linux-gnu.
* nptl/tst-attr3.c: Include <libc-diag.h>.
(do_test) [__GNUC_PREREQ (7, 0)]: Ignore -Wrestrict for two tests.
The test posix/tst-glob_symlinks.c fails to build with GCC mainline:
tst-glob_symlinks.c: In function 'do_test':
tst-glob_symlinks.c:124:30: error: 'snprintf' output may be truncated before the last format character [-Werror=format-truncation=]
snprintf (buf, sizeof buf, "%s?", dangling_link);
^~~~~
tst-glob_symlinks.c:124:3: note: 'snprintf' output between 2 and 4097 bytes into a destination of size 4096
snprintf (buf, sizeof buf, "%s?", dangling_link);
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
tst-glob_symlinks.c:128:30: error: 'snprintf' output may be truncated before the last format character [-Werror=format-truncation=]
snprintf (buf, sizeof buf, "%s*", dangling_link);
^~~~~
tst-glob_symlinks.c:128:3: note: 'snprintf' output between 2 and 4097 bytes into a destination of size 4096
snprintf (buf, sizeof buf, "%s*", dangling_link);
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
This patch fixes the test to avoid such truncation warnings by
increasing the buffer in question by one byte, to ensure it can hold
any possible result of %s? or %s* formats where %s comes from a buffer
of size PATH_MAX.
Tested compilation with build-many-glibcs.py for aarch64-linux-gnu.
* posix/tst-glob_symlinks.c (do_test): Increase size of buf.
Some strncat tests fail to build with GCC 8 because of -Warray-bounds
warnings. These tests are deliberately test over-large size arguments
passed to strncat, and already disable -Wstringop-overflow warnings,
but now the warnings for these tests come under -Warray-bounds so that
option needs disabling for them as well, which this patch does (with
an update on the comments; the DIAG_IGNORE_NEEDS_COMMENT call for
-Warray-bounds doesn't need to be conditional itself, because that
option is supported by all versions of GCC that can build glibc).
Tested compilation with build-many-glibcs.py for aarch64-linux-gnu.
* string/tester.c (test_strncat): Also disable -Warray-bounds
warnings for two tests.
After --enable-static-pie is added to configure, libc_cv_pie_default is
set to yes when either --enable-static-pie is used to configure glibc
or GCC defaults to PIE. We should set no-pie-ldflag to -no-pie, which
is supported on GCC 6 and later, only if GCC defaults to PIE, not when
--enable-static-pie is used to configure glibc.
Tested on x32 with --enable-static-pie using GCC 5 and without
--enable-static-pie using GCC 7.
[BZ #22614]
* Makeconfig (no-pie-ldflag): Set to -no-pie only if
$(cc-pie-default) == yes.
* config.make.in (cc-pie-default): New.
* configure.ac (libc_cv_pie_default): Renamed to ...
(libc_cv_cc_pie_default): This.
(libc_cv_pie_default): Set to $libc_cv_cc_pie_default.
* configure: Regenerated.
GLRO (_rtld_global_ro) is read-only after initialization and can
therefore not be patched at run time, unlike the hook table addresses
and their contents, so this is a desirable hardening feature.
The hooks are only needed if ld.so has not been initialized, and this
happens only after static dlopen (dlmopen uses a single ld.so object
across all namespaces).
Reviewed-by: Carlos O'Donell <carlos@redhat.com>
Current GCC mainline detects that nscd calls readlink with the same
buffer for both input and output, which is not valid (those arguments
are both restrict-qualified in POSIX). This patch makes it use a
separate buffer for readlink's input (with a size that is sufficient
to avoid truncation, so there should be no problems with warnings
about possible truncation, though not strictly minimal, but much
smaller than the buffer for output) to avoid this problem.
Tested compilation for aarch64-linux-gnu with build-many-glibcs.py.
[BZ #22446]
* nscd/connections.c (handle_request) [SO_PEERCRED]: Use separate
buffers for readlink input and output.
Similar to commit 1ab47db00dfbc0128119e3503d3ed640ffc4830b
("mips64: fix clobbering s0 in setjmp() [BZ #22624]")
as sysdeps/mips/setjmp_aux.c is almost an identical copy
of sysdeps/mips/mips64/setjmp_aux.c.
[BZ #22624]
* sysdeps/mips/setjmp_aux.c (__sigsetjmp_aux): Use
inhibit_stack_protector.
When configured as --enable-stack-protector=all glibc
inserts stack checking canary into every function
including __sigsetjmp_aux(). Stack checking code
ends up using s0 register to temporary hold address
of global canary value.
Unfortunately __sigsetjmp_aux assumes no caller' caller-save
registers should be clobbered as it stores them as-is.
The fix is to disable stack protection of __sigsetjmp_aux.
Tested on the following test:
#include <setjmp.h>
#include <stdio.h>
int main() {
jmp_buf jb;
volatile register long s0 asm ("$s0");
s0 = 1234;
if (setjmp(jb) == 0)
longjmp(jb, 1);
printf ("$s0 = %lu\n", s0);
}
Without the fix:
$ qemu-mipsn32 -L . ./mips-longjmp-bug
$s0 = 1082346228
With the fix:
$ qemu-mipsn32 -L . ./mips-longjmp-bug
$s0 = 1234
[BZ #22624]
* sysdeps/mips/mips64/setjmp_aux.c (__sigsetjmp_aux): Use
inhibit_stack_protector.
Starting with commit
glibc-2.18.90-470-g2a939a7e6d81f109d49306bc2e10b4ac9ceed8f9 that
introduced substitution of dynamic string tokens in fillin_rpath,
_dl_init_paths invokes _dl_dst_substitute for $LD_LIBRARY_PATH twice:
the first time it's called directly, the second time the result
is passed on to fillin_rpath which calls expand_dynamic_string_token
which in turn calls _dl_dst_substitute, leading to the following
behaviour:
$ mkdir -p /tmp/'$ORIGIN' && cd /tmp/'$ORIGIN' &&
echo 'int main(){}' |gcc -xc - &&
strace -qq -E LD_LIBRARY_PATH='$ORIGIN' -e /open ./a.out
open("/tmp//tmp/$ORIGIN/tls/x86_64/libc.so.6", O_RDONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory)
open("/tmp//tmp/$ORIGIN/tls/libc.so.6", O_RDONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory)
open("/tmp//tmp/$ORIGIN/x86_64/libc.so.6", O_RDONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory)
open("/tmp//tmp/$ORIGIN/libc.so.6", O_RDONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory)
open("/etc/ld.so.cache", O_RDONLY|O_CLOEXEC) = 3
open("/lib64/libc.so.6", O_RDONLY|O_CLOEXEC) = 3
Fix this by removing the direct _dl_dst_substitute invocation.
* elf/dl-load.c (_dl_init_paths): Remove _dl_dst_substitute preparatory
code and invocation.
There are three flavors of the crt startup code:
1) crt1.o used for non-pie,
2) Scrt1.o used for dynamic linked pie (dynamic linker relocates),
3) rcrt1.o used for static linked pie (self relocation is needed)
In the --enable-static-pie case crt1.o is built with -DPIC and in case
of static linking it interposes _dl_relocate_static_pie in libc to
avoid self relocation.
Scrt1.o is built with -DPIC -DSHARED and it relies on GOT entries that
the static linker cannot relax and thus need relocation before the
start code is executed, so rcrt1.o needs separate implementation.
This implementation does not work for .text > 4G position independent
executables, which is fine since the toolchain does not support
-mcmodel=large with -fPIE.
Tests pass with ld/22269 and ld/22263 binutils bugs fixed.
* sysdeps/aarch64/start.S (_start): Handle PIC && !SHARED case.