Fixes to address issues from BZ #15022 resolution, as follows:
* TLS updates to csu/libc-tls.c -- we now have a proper main map, so
there's no longer a need to create a separate fake one to keep TLS
structures,
* random updates to elf/dl-close.c -- LM_ID_BASE is now a valid name
space ID for static executables as well, so assert that we don't
unload the main map. Similarly dl_nns isn't supposed to be 0 for
static executables anymore,
* actual BZ #16046 fix to elf/dl-iteratephdr.c -- the dl_iterate_phdr
special function for static executables isn't needed anymore, provided
that l_phdr and l_phnum members of the main map have been properly
initialized (done in _dl_non_dynamic_init in elf/dl-support.c now),
* ld.so.cache loader update to elf/dl-load.c --
GL(dl_ns)[LM_ID_BASE]._ns_loaded is now always initialized in static
executables so can become the fallback loader map to check for
DF_1_NODEFLIB, provided that the l_flags_1 member of the main map has
been properly initialized (done in elf/dl-support.c now); this also
ensures previous semantics elsewhere in elf/dl-load.c,
* matching updates to elf/dl-support.c -- to complement the two fixes
above.
When i386 and x86-64 mathinline.h was merged into a single mathinline.h,
"gcc -m32" enables x87 inline functions on x86-64 even when -mfpmath=sse
and SSE2 is enabled. It is a regression on x86-64. We should check
__SSE2_MATH__ instead of __x86_64__ when disabling x87 inline functions.
The netgroups file parsing code tries to access the character before
the newline in parsed lines to see if it is a backslash (\). This
results in an access before the block allocated for the line if the
line is blank, i.e. does not have anything other than the newline
character. This doesn't seem like it will cause any crashes because
the byte belongs to the malloc metadata block and hence access to it
will always succeed.
There could be an invalid alteration in code flow where a blank line
is seen as a continuation due to the preceding byte *happening* to be
'\\'. This could be done by interposing malloc, but that's not really
a security problem since one could interpose getnetgrent_r itself and
achieve a similar 'exploit'.
The possibility of actually exploiting this is remote to impossible
since it also requires the previous line to end with a '\\', which
would happen only on invalid configurations.
The _nss_*_getnetgrent_r query populates the netgroup results in the
allocated buffer and then sets the result triplet to point to strings
in the buffer. This is a problem when the buffer is reallocated since
the pointers to the triplet strings are no longer valid. The pointers
need to be adjusted so that they now point to strings in the
reallocated buffer.
In BZ #15605 fix with addding memset/memmove alias in symbol-hacks.h,
x32 symbol-hacks.h change was missing. Fixed by including
<sysdeps/generic/symbol-hacks.h> in x32 symbol-hacks.h.
The IFUNC selector for gettimeofday runs before _libc_vdso_platform_setup where
__vdso_gettimeofday is set. The selector then sets __gettimeofday (the internal
version used within GLIBC) to use the system call version instead of the vDSO one.
This patch changes the check if vDSO is available to get its value directly
instead of rely on __vdso_gettimeofday.
This patch changes it by getting the vDSO value directly.
It fixes BZ#16431.
See commit 41b1792698 for testcase.
Note: while this works on s390x, the s390 code hangs when using -e.
But it hangs regardless of this code (the hang seems to occur before
the exit func is even called). I didn't look too closely at it as
it seems to be an issue external to this file, so this code shouldn't
make the situation any worse.
Reviewed-by: Carlos O'Donell <carlos@redhat.com>
Signed-off-by: Mike Frysinger <vapier@gentoo.org>
This patches fixes BZ#16430 by setting a different symbol for internal
GLIBC calls that points to ifunc resolvers. For PPC32, if the symbol
is defined as hidden (which is the case for gettimeofday and time) the
compiler will create local branches (symbol@local) and linker will not
create PLT calls (required for IFUNC). This will leads to internal symbol
calling the IFUNC resolver instead of the resolved symbol.
For PPC64 this behavior does not occur because a call to a function in
another translation unit might use a different toc pointer thus requiring
a PLT call.
ARM has an override of the test math/test-fpucw.c, to disable (for
soft-float testing) definitions of hard-float macros in fpu_control.h
that the header normally defines not only when building for
hard-float, but also when building for soft-float with _LIBC defined
so that libc code can dynamically test whether VFP hardware is
present. (_LIBC is defined when building tests, although ideally it
wouldn't be.)
The override doesn't work for the derived tests test-fpucw-*.c because
they use #include "" instead of <> to include test-fpucw.c, so always
get the math/ version instead of the ARM sysdeps override. This patch
changes them to use <> so the sysdeps override is effective.
(test-fpucw-ieee-static.c doesn't need a change because it includes
test-fpucw-ieee.c, which isn't itself being overridden, which in turn
includes test-fpucw.c with a #include changed by this patch.)
Tested for ARM (big-endian soft-float, non-VFP hardware).
* math/test-fpucw-ieee.c: Use <> in #include of test-fpucw.c.
* math/test-fpucw-static.c: Likewise.
addgetnetgrentX has a buffer which is grown as per the needs of the
requested size either by using alloca or by falling back to malloc if
the size is larger than 1K. There are two problems with the alloca
bits: firstly, it doesn't really extend the buffer since it does not
use the return value of the extend_alloca macro, which is the location
of the reallocated buffer. Due to this the buffer does not actually
extend itself and hence a subsequent write may overwrite stuff on the
stack.
The second problem is more subtle - the buffer growth on the stack is
discontinuous due to block scope local variables. Combine that with
the fact that unlike realloc, extend_alloca does not copy over old
content and you have a situation where the buffer just has garbage in
the space where it should have had data.
This could have been fixed by adding code to copy over old data
whenever we call extend_alloca, but it seems unnecessarily
complicated. This code is not exactly a performance hotspot (it's
called when there is a cache miss, so factors like network lookup or
file reads will dominate over memory allocation/reallocation), so this
premature optimization is unnecessary.
Thanks Brad Hubbard <bhubbard@redhat.com> for his help with debugging
the problem.
The Translation Project has asked us to rename the
pot header file `header.pot' to something else. Their
scripts automatically look for pot files and the
file `header.pot' is not actually a pot file but a
header that we use when regenerating `libc.pot.'
This commit renames `header.pot' to `pot.header' to
avoid causing errors or complicating the TP project
scripts.
The truncl assembly implementation (sysdeps/powerpc/powerpc64/fpu/s_truncl.S)
returns wrong results for some inputs where first double is a exact integer
and the precision is determined by second long double.
Checking on implementation comments and history, I am very confident the
assembly implementation was based on a version before commit
5c68d40169 that fixes BZ#2423 (Errors in
long double (ldbl-128ibm) rounding functions in glibc-2.4).
By just removing the implementation and make the build select
sysdeps/ieee754/ldbl-128ibm/s_truncl.c instead it fixes tgammal
issues regarding wrong result sign.
This patch fixes bug 16408, ldbl-128ibm expm1l returning NaN for some
large arguments.
The basic problem is that the approach of converting the exponent to
the form n * log(2) + y, where -0.5 <= y <= 0.5, then computing 2^n *
expm1(y) + (2^n - 1) falls over when 2^n overflows (starting slightly
before the point where expm1 overflows, when y is negative and n is
the least integer for which 2^n overflows). The ldbl-128 code, and
the x86/x86_64 code, make expm1l fall back to expl for large positive
arguments to avoid this issue. This patch makes the ldbl-128ibm code
do the same. (The problem appears for the particular argument in the
testsuite because the ldbl-128ibm code also uses an overflow threshold
that's for ldbl-128 and is too big for ldbl-128ibm, but the problem
described applies for large non-overflowing cases as well, although
during the freeze is not a suitable time for making the expm1 tests
cover cases close to overflow more thoroughly.)
This leaves some code for large positive arguments in expm1l that is
now dead. To keep the code for ldbl-128 and ldbl-128ibm similar, and
to avoid unnecessary changes during the freeze, the patch doesn't
remove it; instead I propose to file a bug in Bugzilla as a reminder
that this code (for overflow, including errno setting, and for
arguments of +Inf) is no longer needed and should be removed from both
those expm1l implementations.
Tested powerpc32.
* sysdeps/ieee754/ldbl-128ibm/s_expm1l.c (__expm1l): Use __expl
for large positive arguments.
This patch marks more libm tests as expected to fail for ldbl-128ibm
in non-default rounding modes. Given this, my expm1l fix
<https://sourceware.org/ml/libc-alpha/2014-01/msg00135.html> and my
libgcc fix <http://gcc.gnu.org/ml/gcc-patches/2014-01/msg00157.html>
for spurious overflows, the remaining failures in test-ldouble.out
(for powerpc32 hard float) are small ulps, spurious underflow and
inexact exceptions (the former probably arising from libgcc bugs
though I haven't checked each case; the latter are barely meaningful
for this format anyway when basic arithmetic isn't correctly rounding,
though most of them are probably GCC bug 59412 which doesn't actually
involve long double), missing underflow exceptions from clog, ctan and
ctanh (probably one of the known bugs for another function), and logb
in round-downward mode (bug 887, though it's really a GCC bug that
we're not currently working around).
Tested for powerpc32 hard float.
* math/auto-libm-test-in: Mark various tests with
xfail-rounding:ldbl-128ibm.
* math/auto-libm-test-out: Regenerated.
This patch fixes bug 16407, spurious overflows from ldbl-128ibm coshl.
The implementation assumed that a high part (reinterpreted as an
integer) of the absolute value of the argument of 0x408633ce8fb9f87dLL
or more meant overflow, but the actual threshold has high part
0x408633ce8fb9f87eLL (and a negative low part). The patch adjusts the
threshold accordingly.
sinhl probably has the same issue, but I didn't get that far in adding
tests of special cases (such as just below and above overflow) before
the freeze and during the freeze is not a suitable time to add them
(as they'd require ulps to be regenerated again), so I'm not changing
that function for now; when I add more tests of special cases, we'll
discover whether sinhl indeed has this problem.
Tested powerpc32.
* sysdeps/ieee754/ldbl-128ibm/e_coshl.c (__ieee754_coshl):
Increase overflow threshold.
This patch fixes bug 16400, spurious underflow exceptions for ldbl-128
/ ldbl-128ibm lgammal with small positive arguments, by just using
-__logl (x) as the result in the problem cases (similar to the
previous fix for problems with small negative arguments).
Tested powerpc32, and also tested on mips64 that this does not require
ulps regeneration for the ldbl-128 case.
* sysdeps/ieee754/ldbl-128/e_lgammal_r.c (__ieee754_lgammal_r):
Return -__logl (x) for small positive arguments without evaluating
a polynomial.
All the other ptrace structures in this file have a __ prefix except this
new one. This in turn causes build problems for most packages that try to
use ptrace such as strace:
gcc -DHAVE_CONFIG_H -I. -I../.. -I../../linux/x86_64 -I../../linux \
-I./linux -Wall -Wwrite-strings -g -O2 -MT process.o -MD -MP \
-MF .deps/process.Tpo -c -o process.o ../../process.c
In file included from ../../process.c:63:0:
/usr/include/linux/ptrace.h:58:8: error: redefinition of 'struct ptrace_peeksiginfo_args'
struct ptrace_peeksiginfo_args {
^
In file included from ../../defs.h:159:0,
from ../../process.c:37:
/usr/include/sys/ptrace.h:191:8: note: originally defined here
struct ptrace_peeksiginfo_args
^
Since this struct was introduced in glibc-2.18, there shouldn't be any
real regressions with adding the __ prefix.
Signed-off-by: Mike Frysinger <vapier@gentoo.org>
Usage output for option --invalidate=TABLE is not helpful without
list of tables. The list is also missing from nscd(8) manual which
made it pretty difficult to know what are the tables.
This patch fixes bug 16390, incorrect signs of zero results from
ldbl-128ibm atan2l, soft-float only. The problem is a longstanding
GCC bug with fabsl not being correct for signed zero for soft float,
and the fix is using -fno-builtin-fabsl as a workaround, as already
done for various other source files. Tested powerpc-nofpu.
* sysdeps/powerpc/nofpu/Makefile [$(subdir) = math]
(CFLAGS-e_atan2l.c): Use -fno-builtin-fabsl.
This patch marks various libm tests with xfail-rounding:ldbl-128ibm,
where the failures appear to relate to GCC bug 59666 (bad libgcc
handling of directed rounding), so as to allow clean libm-test-ulps
regeneration without needing to edit out large ulps for various
functions manually.
Note that this only deals with the cases problematic for ulps
regeneration. There are plenty of test failures left that do not
affect ulps regeneration - results that are infinities or NaNs but
should be finite, or vice versa, and missing and spurious exceptions -
which should also be resolved during the release testing period.
Tested for powerpc32 (hard float).
* math/auto-libm-test-in: Mark various tests with
xfail-rounding:ldbl-128ibm.
* math/auto-libm-test-out: Regenerated.
This patch fixes bug 16386, ldbl-128ibm logl inaccuracy (with
consequent inaccuracy for lgammal) for arguments where the high double
is subnormal, which showed up while attempting to regenerate ulps for
powerpc-nofpu for 2.19. The problem here is logic failing to allow
for subnormals when calculating the exponent of the argument. Tested
for powerpc-nofpu.
* sysdeps/ieee754/ldbl-128ibm/e_logl.c (__ieee754_logl): Adjust
numbers with subnormal high part when calculating exponent.
This patch fixes bug 16385, ldbl-128ibm asinhl inaccuracy, which
showed up while attempting to regenerate ulps for powerpc-nofpu for
2.19. The problem here was use of fabs instead of fabsl meaning large
arguments were reduced to the precision of double. Tested for
powerpc-nofpu.
* sysdeps/ieee754/ldbl-128ibm/s_asinhl.c (__asinhl): Use fabsl not
fabs.
This patch fixes bug 16384, ldbl-128ibm acoshl inaccuracy, which
showed up while attempting to regenerate ulps for powerpc-nofpu for
2.19. There were two separate problems, use of __log1p instead of
__log1pl and an insufficiently accurate constant value for log 2
(which this patch replaces by use of M_LN2l), each of which could
cause substantial inaccuracy in affected cases.
Tested for powerpc-nofpu.
* sysdeps/ieee754/ldbl-128ibm/e_acoshl.c (ln2): Initialize with
M_LN2l.
(__ieee754_acoshl): Use __log1pl not __log1p.
nscd incorrectly returns a success even when the netgroup in question
is not found and adds a positive result in the cache. this patch
fixes this behaviour by adding a negative lookup entry to cache and
returning an error when the netgroup is not found.
Currently, when a user looks up a netgroup that does not have any
members, nscd goes into an infinite loop trying to find members in the
group. This is because it does not handle cases when getnetgrent
returns an NSS_STATUS_NOTFOUND (which is what it does on empty group).
Fixed to handle this in the same way as NSS_STATUS_RETURN, similar to
what getgrent does by itself.
We support older kernels that lack this header, so check for it
before we try to use it.
Reported-by: Adhemerval Zanella <azanella@linux.vnet.ibm.com>
Signed-off-by: Mike Frysinger <vapier@gentoo.org>
Add a comprehensive number of inputs for all branches in sin and cos
computation, excluding the fast paths. This also adds a number of
inputs for the multiple precision slow paths.
Add a more comprehensive set of inputs for the atan function. I have
also fixed the name on the multiple precision fallback inputs (I
couldn't find any new inputs there) to reflect the fact that the
fallback is only 144bits and not 768bits as I had earlier mentioned.
