No bug. Just seem like relevant cases given that strnlen will
use s + maxlen in many implementations.
Signed-off-by: Noah Goldstein <goldstein.w.n@gmail.com>
Reviewed-by: H.J. Lu <hjl.tools@gmail.com>
This commit adds tests for a bug in the wide char variant of the
functions where the implementation may assume that maxlen for wcsnlen
or n for wmemchr/strncat will not overflow when multiplied by
sizeof(wchar_t).
These tests show the following implementations failing on x86_64:
wcsnlen-sse4_1
wcsnlen-avx2
wmemchr-sse2
wmemchr-avx2
strncat would fail as well if it where on a system that prefered
either of the wcsnlen implementations that failed as it relies on
wcsnlen.
Signed-off-by: Noah Goldstein <goldstein.w.n@gmail.com>
Reviewed-by: H.J. Lu <hjl.tools@gmail.com>
This patch covers the following condition:
Strings start with different alignments and end with length less than or
equal to 512 byte.
Reviewed-by: H.J. Lu <hjl.tools@gmail.com>
This commit removes the ELF constructor and internal variables from
dlfcn/dlfcn.c. The file now serves the same purpose as
nptl/libpthread-compat.c, so it is renamed to dlfcn/libdl-compat.c.
The use of libdl-shared-only-routines ensures that libdl.a is empty.
This commit adjusts the test suite not to use $(libdl). The libdl.so
symbolic link is no longer installed.
Reviewed-by: Adhemerval Zanella <adhemerval.zanella@linaro.org>
This patch covers the following conditions:
- Strings start with different alignments and end at the page boundary
with less than 64 byte length.
- Strings starts with different alignments and cross page boundary with
fixed length.
Reviewed-by: H.J. Lu <hjl.tools@gmail.com>
No bug. This commit adds some additional performance test cases to
bench-memcmp.c and test-memcmp.c. The new benchtests include some
medium range sizes, as well as small sizes near page cross. The new
correctness tests correspond with the new benchtests though add some
additional cases for checking the page cross logic.
Signed-off-by: Noah Goldstein <goldstein.w.n@gmail.com>
Reviewed-by: H.J. Lu <hjl.tools@gmail.com>
No bug. This commit adds tests cases and benchmarks for page cross and
for memset to the end of the page without crossing. As well in
test-memset.c this commit adds sentinel on start/end of tstbuf to test
for overwrites
Signed-off-by: Noah Goldstein <goldstein.w.n@gmail.com>
No Bug. This commit expanding the range of tests / benchmarks for
memmove and memcpy. The test expansion is mostly in the vein of
increasing the maximum size, increasing the number of unique
alignments tested, and testing both source < destination and vice
versa. The benchmark expansaion is just to increase the number of
unique alignments. test-memcpy, test-memccpy, test-mempcpy,
test-memmove, and tst-memmove-overflow all pass.
Signed-off-by: Noah Goldstein <goldstein.w.n@gmail.com>
I used these shell commands:
../glibc/scripts/update-copyrights $PWD/../gnulib/build-aux/update-copyright
(cd ../glibc && git commit -am"[this commit message]")
and then ignored the output, which consisted lines saying "FOO: warning:
copyright statement not found" for each of 6694 files FOO.
I then removed trailing white space from benchtests/bench-pthread-locks.c
and iconvdata/tst-iconv-big5-hkscs-to-2ucs4.c, to work around this
diagnostic from Savannah:
remote: *** pre-commit check failed ...
remote: *** error: lines with trailing whitespace found
remote: error: hook declined to update refs/heads/master
The builtin has been available in gcc since 4.7.0 and in clang since
2.6. This fixes stpncpy fortification with clang since it does a
better job of plugging in __stpncpy_chk in the right place than the
header hackery.
This has been tested by building and running all tests with gcc 10.2.1
and also with clang tip as of a few days ago (just the tests in debug/
since running all tests don't work with clang at the moment) to make
sure that both compilers pass the stpncpy tests.
Non-gcc compilers (clang and possibly other compilers that do not
masquerade as gcc 5.0 or later) are unable to use
__warn_memset_zero_len since the symbol is no longer available on
glibc built with gcc 5.0 or later. While it was likely an oversight
that caused this omission, the fact that it wasn't noticed until
recently (when clang closed the gap on _FORTIFY_SUPPORT) that the
symbol was missing.
Given that both gcc and clang are capable of doing this check in the
compiler, drop all remaining signs of __warn_memset_zero_len from
glibc so that no more objects are built with this symbol in future.
Add a strncmp testcase to cover cases where one of strings ends on the
page boundary with the maximum string length less than the number bytes
of each AVX2 loop iteration and different offsets from page boundary.
The updated string/test-strncmp fails on Intel Core i7-8559U without
ommit 1c6432316bc434a72108d7b0c7cfbfdde64c3124
Author: Sunil K Pandey <skpgkp1@gmail.com>
Date: Fri Jun 12 08:57:16 2020 -0700
Fix avx2 strncmp offset compare condition check [BZ #25933]
Similarly to Maciej's changes to fix the build of rawmemchr in the
presence of GCC 11's -Wstringop-overread, also disable that option in
two string function tests that have similar warnings and other string
function warnings already disabled.
Tested with build-many-glibcs.py for aarch64-linux-gnu and
arm-linux-gnueabi that it fixes building the glibc testsuite.
Fix a compilation error:
In function '__rawmemchr',
inlined from '__rawmemchr' at rawmemchr.c:27:1:
rawmemchr.c:36:12: error: 'memchr' specified bound 18446744073709551615 exceeds maximum object size 9223372036854775807 [-Werror=stringop-overread]
36 | return memchr (s, c, (size_t)-1);
| ^~~~~~~~~~~~~~~~~~~~~~~~~
cc1: all warnings being treated as errors
../o-iterator.mk:9: recipe for target '.../string/rawmemchr.o' failed
introduced with GCC 11 commit d14c547abd48 ("Add -Wstringop-overread
for reading past the end by string functions.").
Without msgfmt libc.mo files are not generated and its loading failure
is silent ignored with xsetlocale.
Also unset LANGUAGE environment variable to avoid it taking precedence
when loading the message catalog. Although not strictly required
(since the test is issued with test-container and it sets a strict
environment variable) it follows other tests that deal with
translation.
Checked on x86_64-linux-gnu.
* string/tst-strsignal.c (do_test): Actually check that RT signals are
available by comparing SIGRTMAX to SIGRTMIN. Check that SIGRTMAX is 64
before testing for a message reporting 65 for SIGRTMAX+1.
The strerrorname_np returns error number name (e.g. "EINVAL" for EINVAL)
while strerrordesc_np returns string describing error number (e.g
"Invalid argument" for EINVAL). Different than strerror,
strerrordesc_np does not attempt to translate the return description,
both functions return NULL for an invalid error number.
They should be used instead of sys_errlist and sys_nerr, both are
thread and async-signal safe. These functions are GNU extensions.
Checked on x86-64-linux-gnu, i686-linux-gnu, powerpc64le-linux-gnu,
and s390x-linux-gnu.
Tested-by: Carlos O'Donell <carlos@redhat.com>
Reviewed-by: Carlos O'Donell <carlos@redhat.com>
The sigabbrev_np returns the abbreviated signal name (e.g. "HUP" for
SIGHUP) while sigdescr_np returns the string describing the error
number (e.g "Hangup" for SIGHUP). Different than strsignal,
sigdescr_np does not attempt to translate the return description and
both functions return NULL for an invalid signal number.
They should be used instead of sys_siglist or sys_sigabbrev and they
are both thread and async-signal safe. They are added as GNU
extensions on string.h header (same as strsignal).
Checked on x86-64-linux-gnu, i686-linux-gnu, powerpc64le-linux-gnu,
and s390x-linux-gnu.
Tested-by: Carlos O'Donell <carlos@redhat.com>
Reviewed-by: Carlos O'Donell <carlos@redhat.com>
Checked on x86-64-linux-gnu, i686-linux-gnu, powerpc64le-linux-gnu,
and s390x-linux-gnu.
Tested-by: Carlos O'Donell <carlos@redhat.com>
Reviewed-by: Carlos O'Donell <carlos@redhat.com>
Checked on x86-64-linux-gnu, i686-linux-gnu, powerpc64le-linux-gnu,
and s390x-linux-gnu.
Tested-by: Carlos O'Donell <carlos@redhat.com>
Reviewed-by: Carlos O'Donell <carlos@redhat.com>
Checked on x86-64-linux-gnu, i686-linux-gnu, powerpc64le-linux-gnu,
and s390x-linux-gnu.
Tested-by: Carlos O'Donell <carlos@redhat.com>
Reviewed-by: Carlos O'Donell <carlos@redhat.com>
Use snprintf instead of mempcpy plus itoa_word and remove unused
definitions. There is no potential for infinite recursion because
snprintf only use strerror_r for the %m specifier.
Checked on x86-64-linux-gnu, i686-linux-gnu, powerpc64le-linux-gnu,
and s390x-linux-gnu.
Tested-by: Carlos O'Donell <carlos@redhat.com>
Reviewed-by: Carlos O'Donell <carlos@redhat.com>
The buffer allocation uses the same strategy of strsignal.
Checked on x86-64-linux-gnu, i686-linux-gnu, powerpc64le-linux-gnu,
and s390x-linux-gnu.
Tested-by: Carlos O'Donell <carlos@redhat.com>
Reviewed-by: Carlos O'Donell <carlos@redhat.com>
If the thread is terminated then __libc_thread_freeres will free the
storage via __glibc_tls_internal_free.
It is only within the calling thread that this matters. It makes
strerror MT-safe.
Checked on x86-64-linux-gnu, i686-linux-gnu, powerpc64le-linux-gnu,
and s390x-linux-gnu.
Tested-by: Carlos O'Donell <carlos@redhat.com>
Reviewed-by: Carlos O'Donell <carlos@redhat.com>
The per-thread state is refactored two use two strategies:
1. The default one uses a TLS structure, which will be placed in the
static TLS space (using __thread keyword).
2. Linux allocates via struct pthread and access it through THREAD_*
macros.
The default strategy has the disadvantage of increasing libc.so static
TLS consumption and thus decreasing the possible surplus used in
some scenarios (which might be mitigated by BZ#25051 fix).
It is used only on Hurd, where accessing the thread storage in the in
single thread case is not straightforward (afaiu, Hurd developers could
correct me here).
The fallback static allocation used for allocation failure is also
removed: defining its size is problematic without synchronizing with
translated messages (to avoid partial translation) and the resulting
usage is not thread-safe.
Checked on x86-64-linux-gnu, i686-linux-gnu, powerpc64le-linux-gnu,
and s390x-linux-gnu.
Tested-by: Carlos O'Donell <carlos@redhat.com>
Reviewed-by: Carlos O'Donell <carlos@redhat.com>
The symbol is deprecated by strerror since its usage imposes some issues
such as copy relocations.
Its internal name is also changed to _sys_errlist_internal to avoid
static linking usage. The compat code is also refactored by removing
the over enginered errlist-compat.c generation from manual entried and
extra comment token in linker script file. It disantangle the code
generation from manual and simplify both Linux and Hurd compat code.
The definitions from errlist.c are moved to errlist.h and a new test
is added to avoid a new errno entry without an associated one in manual.
Checked on x86_64-linux-gnu and i686-linux-gnu. I also run a check-abi
on all affected platforms.
Tested-by: Carlos O'Donell <carlos@redhat.com>
Reviewed-by: Carlos O'Donell <carlos@redhat.com>
The symbol was deprecated by strsignal and its usage imposes issues
such as copy relocations.
Its internal name is changed to __sys_siglist and __sys_sigabbrev to
avoid static linking usage. The compat code is also refactored, since
both Linux and Hurd usage the same strategy: export the same array with
different object sizes.
The libSegfault change avoids calling strsignal on the SIGFAULT signal
handler (the current usage is already sketchy, adding a call that
potentially issue locale internal function is even sketchier).
Checked on x86_64-linux-gnu and i686-linux-gnu. I also run a check-abi
on all affected platforms.
Reviewed-by: Carlos O'Donell <carlos@redhat.com>
GCC 8 relaxed what kind of expressions can be used in initializers,
and the previous use of static const variables relied on that. Switch
to wide (non-int) enum constants instead, which is another GCC
extension that is more widely implemented.
Reviewed-by: Carlos O'Donell <carlos@redhat.com>
Tested-by: Carlos O'Donell <carlos@redhat.com>
Adds the access attribute newly introduced in GCC 10 to the subset of
function declarations that are already covered by _FORTIFY_SOURCE and
that don't have corresponding GCC built-in equivalents.
Reviewed-by: DJ Delorie <dj@redhat.com>
Without the asm redirects, strchr et al. are not const-correct.
libc++ has a wrapper header that works with and without
__CORRECT_ISO_CPP_STRING_H_PROTO (using a Clang extension). But when
Clang is used with libstdc++ or just C headers, the overloaded functions
with the correct types are not declared.
This change does not impact current GCC (with libstdc++ or libc++).
If the specified needle crosses a page-boundary, the s390-z15 ifunc variant of
strstr truncates the needle which results in invalid results.
This is fixed by loading the needle beyond the page boundary to v18 instead of v16.
The bug is sometimes observable in test-strstr.c in check1 and check2 as the
haystack and needle is stored on stack. Thus the needle can be on a page boundary.
check2 is now extended to test haystack / needles located on stack, at end of page
and on two pages.
This bug was introduced with commit 6f47401bd5
("S390: Add arch13 strstr ifunc variant.") and is already released in glibc 2.30.
As for gettimeofday, time will be implemented based on clock_gettime
on all platforms and internal code should use clock_gettime
directly. In addition to removing a layer of indirection, this will
allow us to remove the PLT-bypass gunk for gettimeofday.
The changed code always assumes __clock_gettime (CLOCK_REALTIME)
or __clock_gettime (CLOCK_REALTIME_COARSE) (for Linux case) cannot
fail, using the same rationale for gettimeofday change. And internal
helper was added (time_now).
Checked on x86_64-linux-gnu, i686-linux-gnu, powerpc64le-linux-gnu,
powerpc64-linux-gnu, and powerpc-linux-gnu.
Reviewed-by: Lukasz Majewski <lukma@denx.de>
Commit 69fd157a3 "time: Add padding for the timespec if required"
caused a breakage in the glibc tests as the endian.h include file was
kept in the networking headers while the __USE_MISC #ifdefs had been
removed. This resulted in namespace violations in the networking
headers.
This patche restores the __USE_MISC conditionals in endian.h to fix the
test failures.
* string/endian.h: Restore the __USE_MISC conditionals.
string/tester.c contains code that correctly triggers various GCC
warnings about dubious uses of string functions (uses that are being
deliberately tested there), and duly disables those warnings around
the relevant code.
A change in GCC mainline resulted in this code failing to compile with
a -Warray-bounds error, despite the location with the error having
-Warray-bounds already disabled. This has been reported as
<https://gcc.gnu.org/bugzilla/show_bug.cgi?id=91890>. This patch
avoids that problem and possible future issues with these diagnostics
by moving all the warning disabling in this file to top level, as
suggested by Florian in
<https://sourceware.org/ml/libc-alpha/2019-10/msg00033.html>, rather
than only doing it locally around specific function calls.
Tested with build-many-glibcs.py for aarch64-linux-gnu with GCC
mainline (with only the conform/ failures noted in
<https://sourceware.org/ml/libc-alpha/2019-10/msg00043.html>).
* string/tester.c: Ignore -Warray-bounds and
-Wmemset-transposed-args at top level.
[__GNUC_PREREQ (7, 0)]: Ignore -Wrestrict and -Wstringop-overflow=
at top level.
[__GNUC_PREREQ (8, 0)]: Ignore -Wstringop-truncation at top level.
(test_stpncpy): Do not ignore warnings here.
(test_strncat): Likewise.
(test_strncpy): Likewise.
(test_memset): Likewise.