The testcase provided on BZ#19366 may update __nptl_nthreads in a wrong
order, triggering an early process exit because the thread decrement
the value twice.
The issue is once the thread exits without acting on cancellation,
it decreaments '__nptl_nthreads' and then atomically set
'cancelhandling' with EXITING_BIT (thus preventing further cancellation
handler to act). The issue happens if a SIGCANCEL is received between
checking '__ntpl_nthreads' and setting EXITING_BIT. To avoid it, the
'__nptl_nthreads' decrement is moved after EXITING_BIT.
It does fully follow the POSIX XSH 2.9.5 Thread Cancellation under
the heading Thread Cancellation Cleanup Handlers that states that
when a cancellation request is acted upon, or when a thread calls
pthread_exit(), the thread first disables cancellation by setting its
cancelability state to PTHREAD_CANCEL_DISABLE and its cancelability type
to PTHREAD_CANCEL_DEFERRED. The issue is '__pthread_enable_asynccancel'
explicit enabled assynchrnous cancellation, so an interrupted syscall
within the cancellation cleanup handlers might see an invalid cancelling
type (a possible fix might be possible with my proposed solution to
BZ#12683).
Trying to come up with a test is quite hard since it requires to
mimic the timing issue described below, however I see that the
bug report reproducer does not early exit anymore.
Checked on x86_64-linux-gnu.
It consolidates the tgkill call and it is the first step of making
pthread_cancel async-signal-safe. It also fix a possible issue
where the 'struct pthread' tid is not read atomically, which might
send an invalid cancellation signal (similar to what
db988e50a8 fixed for pthread_join).
Checked on x86_64-linux-gnu and aarch64-linux-gnu.
Now that pthread_kill is provided by libc.so it is possible to
implement the generic POSIX implementation as
'pthread_kill(pthread_self(), sig)'.
For Linux implementation, pthread_kill read the targeting TID from
the TCB. For raise, this it not possible because it would make raise
fail when issue after vfork (where creates the resulting process
has a different TID from the parent, but its TCB is not updated as
for pthread_create). To make raise use pthread_kill, it is make
usable from vfork by getting the target thread id through gettid
syscall.
Checked on x86_64-linux-gnu and aarch64-linux-gnu.
Now that the thread cancellation type is not accessed concurrently
anymore, it is possible to move it out the cancelhandling.
By removing the cancel state out of the internal thread cancel handling
state there is no need to check if cancelled bit was set in CAS
operation.
It allows simplifing the cancellation wrappers and the
CANCEL_CANCELED_AND_ASYNCHRONOUS is removed.
Checked on x86_64-linux-gnu and aarch64-linux-gnu.
Now that thread cancellation state is not accessed concurrently anymore,
it is possible to move it out the 'cancelhandling'.
The code is also simplified: CANCELLATION_P is replaced with a
internal pthread_testcancel call and the CANCELSTATE_BIT{MASK} is
removed.
With this behavior pthread_setcancelstate does not require to act on
cancellation if cancel type is asynchronous (is already handled either
by pthread_setcanceltype or by the signal handler).
Checked on x86_64-linux-gnu and aarch64-linux-gnu.
The CANCELING_BITMASK is used as an optimization to avoid sending
the signal when pthread_cancel is called in a concurrent manner.
This requires then to put both the cancellation state and type on a
shared state (cancelhandling), since 'pthread_cancel' checks whether
cancellation is enabled and asynchrnous to either cancel itself of
sending the signal.
It also requires handle the CANCELING_BITMASK on
__pthread_disable_asynccancel, however this incurs in the same issues
described on BZ#12683: the cancellation is acted upon even *after*
syscall returns with user visible side-effects.
This patch removes this optimization and simplifies the pthread
cancellation implementation: pthread_cancel now first checks if
cancellation is already pending and if not always, sends a signal
if the target is not itself. The SIGCANCEL handler is also simpified
since there is not need to setup a CAS loop.
It also allows to move both the cancellation state and mode out of
'cancelhadling' (it is done in subsequent patches).
Checked on x86_64-linux-gnu and aarch64-linux-gnu.
Now that cancellation is not used anymore to handle thread setup
creation failure, the sighandle can be installed only when
pthread_cancel is actually used.
Checked on x86_64-linux-gnu and aarch64-linux-gnu.
To setup either the thread scheduling parameters or affinity,
pthread_create enforce synchronization on created thread to wait until
its parent either release PD ownership or send a cancellation signal if
a failure occurs.
However, cancelling the thread does not deallocate the newly created
stack since cancellation expects that a pthread_join to deallocate any
allocated thread resouces (threads stack or TLS).
This patch changes on how the thread resource is deallocate in case of
failure to be synchronous, where the creating thread will signal the
created thread to exit early so it could be joined. The creating thread
will be reponsible for the resource cleanup before returning to the
caller.
To signal the creating thread that a failure has occured, an unused
'struct pthread' member, parent_cancelhandling_unsed, now indicates
whether the setup has failed so creating thread can proper exit.
This strategy also simplifies by not using thread cancellation and
thus not running libgcc_so load in the signal handler (which is
avoided in thread cancellation since 'pthread_cancel' is the one
responsible to dlopen libgcc_s). Another advantage is since the
early exit is move to first step at thread creation, the signal
mask is not already set and thus it can not act on change ID setxid
handler.
Checked on x86_64-linux-gnu and aarch64-linux-gnu.
Since commit 0c1c3a771e
("dlfcn: Move dlopen into libc") libdl.a is empty, so linking
against it is no longer necessary.
Reviewed-by: Adhemerval Zanella <adhemerval.zanella@linaro.org>
The testcase elf/tst-tls9-static sometimes fails with:
cannot open 'tst-tlsmod5.so': tst-tlsmod5.so: cannot open shared object file: No such file or directory
cannot open 'tst-tlsmod6.so': tst-tlsmod6.so: cannot open shared object file: No such file or directory
After recent commit
6f1c701026
"dlfcn: Cleanups after -ldl is no longer required"
the libdl variable is not set anymore and thus the
dependencies were missing.
Split module configuration so that only the bare minimum charsets,
i.e. ANSI_X3.110, ISO8859-15, ISO8859-1, CP1252, UNICODE, UTF-16,
UTF-32 and UTF-7 are configured in gconv-modules.conf. The remaining
module configurations are now in gconv-modules-extra.conf.
Reviewed-by: DJ Delorie <dj@redhat.com>
Move all gconv-modules configuration files to gconv-modules.conf.
That is, the S390 extensions now become gconv-modules-s390.conf. Move
both configuration files into gconv-modules.d.
Now GCONV_PATH/gconv-modules is read only for backward compatibility
for third-party gconv modules directories.
Reviewed-by: DJ Delorie <dj@redhat.com>
Read configuration files with names ending in .conf in
GCONV_PATH/gconv-modules.d to mirror configuration flexibility in
iconvconfig into the iconv program and function.
Reviewed-by: DJ Delorie <dj@redhat.com>
In addition to GCONV_PATH/gconv-modules, also read module
configuration from *.conf files in GCONV_PATH/gconv-modules.d. This
allows a single gconv directory to have multiple sets of gconv modules
but at the same time, a single modules cache.
With this feature, one could separate the glibc supported gconv
modules into a minimal essential set (ISO-8859-*, UTF, etc.) from the
remaining modules. In future, these could be further segregated into
langpack-associated sets with their own
gconv-modules.d/someconfig.conf.
Reviewed-by: DJ Delorie <dj@redhat.com>
Split out configuration file handling code from handle_dir into its
own function so that it can be reused for multiple configuration
files.
Reviewed-by: DJ Delorie <dj@redhat.com>
Add inline assembler for the roundeven functions.
Passes GLIBC regression. Note GCC does not inline the builtin (PR100966),
so this cannot be used for now.
This patch replaced obsolete AC_TRY_COMPILE to AC_COMPILE_IFELSE or
AC_PREPROC_IFELSE.
It has been confirmed that GNU 'autoconf' 2.69 suppressed obsolete
warnings, updated the following files:
- configure
- sysdeps/mach/configure
- sysdeps/mach/hurd/configure
- sysdeps/s390/configure
- sysdeps/unix/sysv/linux/configure
and didn't change the following files:
- sysdeps/ieee754/ldbl-opt/configure
- sysdeps/unix/sysv/linux/powerpc/configure
Reviewed-by: Adhemerval Zanella <adhemerval.zanella@linaro.org>
This patch covers the following condition:
Strings start with different alignments and end with length less than or
equal to 512 byte.
Reviewed-by: H.J. Lu <hjl.tools@gmail.com>
Consolidate all hooks structures into a single one. There are
no static dlopen ABI concerns because glibc 2.34 already comes
with substantial ABI-incompatible changes in this area. (Static
dlopen requires the exact same dynamic glibc version that was used
for static linking.)
The new approach uses a pointer to the hooks structure into
_rtld_global_ro and initalizes it in __rtld_static_init. This avoids
a back-and-forth with various callback functions.
Reviewed-by: Adhemerval Zanella <adhemerval.zanella@linaro.org>
The test appears to use _dlfcn_hook@@GLIBC_PRIVATE as a way to
test dlvsym without having to know the appropriate symbol version.
With <first-versions.h>, we can use a public symbol and the symbol
version at which it was defined first.
Reviewed-by: Adhemerval Zanella <adhemerval.zanella@linaro.org>
This commit removes the ELF constructor and internal variables from
dlfcn/dlfcn.c. The file now serves the same purpose as
nptl/libpthread-compat.c, so it is renamed to dlfcn/libdl-compat.c.
The use of libdl-shared-only-routines ensures that libdl.a is empty.
This commit adjusts the test suite not to use $(libdl). The libdl.so
symbolic link is no longer installed.
Reviewed-by: Adhemerval Zanella <adhemerval.zanella@linaro.org>
The symbol was moved using scripts/move-symbol-to-libc.py.
In elf/Makefile, remove the $(libdl) dependency from testobj1.so
because it the unused libdl DSO now causes elf/tst-unused-deps to
fail.
Reviewed-by: Adhemerval Zanella <adhemerval.zanella@linaro.org>
This patch covers the following conditions:
- Strings start with different alignments and end at the page boundary
with less than 64 byte length.
- Strings starts with different alignments and cross page boundary with
fixed length.
Reviewed-by: H.J. Lu <hjl.tools@gmail.com>
The symbol was moved using scripts/move-symbol-to-libc.py.
There is a minor functionality enhancement: dlerror now sets
errno if it was set as part of the exception. (This is the result
of using %m in asprintf, to avoid the strerror PLT call.) The
previous errno value upon function return was unpredictable.
Documenting this as a feature is premature; we need to make sure
that the error codes are meaningful when they are set by the dynamic
loader.
Reviewed-by: Adhemerval Zanella <adhemerval.zanella@linaro.org>
Some targets have a GLIBC_2.0 baseline for libdl, while using
GLIBC_2.2 for libc. This means that the generated libc.map file
does not have any version nodes for GLIBC_2.0 or GLIBC_2.1. However,
moving symbols from libdl into libc needs such version nodes.
(Future symbol moves from librt will need this as well.)
This kludge is only necessary for symbols predating GLIBC_2.2 because
the affected targets use GLIBC_2.2 as the baseline for libc. Given
the small number and fixed set of affected architectures, no generic
mechanism is implemented, and instead the map file fragment is
hard-coded in scripts/versions.mk.
The compat_symbol macro already emits the appropriate version strings,
so no adjustments are needed there.
Reviewed-by: Adhemerval Zanella <adhemerval.zanella@linaro.org>
This requires that all exported symbol versions are listed in
Versions files. It results in more consistent behavior across
architectures because previously, symbols could be exported
via explicit versioned_symbol and compat_symbol macros if the
version node existed in some Versions file (without listing the
symbol), and it was not the base version for the library (which
already had the local: * directive).
Reviewed-by: Adhemerval Zanella <adhemerval.zanella@linaro.org>
Some symbols have explicit versioned_symbol or compat_symbol markers
in the sources, but no corresponding entry in the Versions files.
This presently works because the local: * directive is only applied
to the base version.
Reviewed-by: Adhemerval Zanella <adhemerval.zanella@linaro.org>
__pthread_attr_copy can fail and does not initialize the attribute
structure in that case.
If __pthread_attr_copy is never called and there is no allocated
attribute, pthread_attr_destroy should not be called, otherwise
there is a null pointer dereference in rt/tst-mqueue6.
Fixes commit 42d3593505
("Use __pthread_attr_copy in mq_notify (bug 27896)").
Reviewed-by: Siddhesh Poyarekar <siddhesh@sourceware.org>
ISO C2X has made some changes to the handling of feature test macros
related to features from the floating-point TSes, and to exactly what
such features are present in what headers, that require corresponding
changes in glibc.
* For the few features that were controlled by
__STDC_WANT_IEC_60559_BFP_EXT__ (and the corresponding DFP macro) in
C2X, there is now instead a new feature test macro
__STDC_WANT_IEC_60559_EXT__ covering both binary and decimal FP.
This controls CR_DECIMAL_DIG in <float.h> (provided by GCC; I
implemented support for the new feature test macro for GCC 11) and
the totalorder and payload functions in <math.h>. C2X no longer
says anything about __STDC_WANT_IEC_60559_BFP_EXT__ (so it's
appropriate for that macro to continue to enable exactly the
features from TS 18661-1).
* The SNAN macros for each floating-point type have moved to <float.h>
(and been renamed in the process). Thus, the copies in <math.h>
should only be defined for __STDC_WANT_IEC_60559_BFP_EXT__, not for
C2X.
* The fmaxmag and fminmag functions have been removed (replaced by new
functions for the new min/max operations in IEEE 754-2019). Thus
those should also only be declared for
__STDC_WANT_IEC_60559_BFP_EXT__.
* The _FloatN / _FloatNx handling for the last two points in glibc is
trickier, since __STDC_WANT_IEC_60559_TYPES_EXT__ is still in C2X
(the integration of TS 18661-3 as an Annex, that is, which hasn't
yet been merged into the C standard git repository but has been
accepted by WG14), so C2X with that macro should not declare some
things that are declared for older standards with that macro. The
approach taken here is to provide the declarations (when
__STDC_WANT_IEC_60559_TYPES_EXT__ is enabled) only when (defined
__USE_GNU || !__GLIBC_USE (ISOC2X)), so if C2X features are enabled
then those declarations (that are only in TS 18661-3 and not in C2X)
will only be provided if _GNU_SOURCE is defined as well. Thus
_GNU_SOURCE remains a superset of the TS features as well as of C2X.
Some other somewhat related changes in C2X are not addressed here.
There's an open proposal not to include the fmin and fmax functions
for the _FloatN / _FloatNx types, given the new min/max operations,
which could be handled like the previous point if adopted. And the
fromfp functions have been changed to return a result in floating type
rather than intmax_t / uintmax_t; my inclination there is to treat
that like that change of totalorder type (new symbol versions etc. for
the ABI change; old versions become compat symbols and are no longer
supported as an API).
Tested for x86_64 and x86.
The symbol has never been exported, so no compatibility symbol is
needed. Removing this file prevents ld from creation an exported
symbol in case GLIBC_2_0 expands to a symbol version which
does not have a local: *; directive in the symbol version map file.
Reviewed-by: Adhemerval Zanella <adhemerval.zanella@linaro.org>
This patch was based on the __memcmp_power8 and the recent
__strlen_power10.
Improvements from __memcmp_power8:
1. Don't need alignment code.
On POWER10 lxvp and lxvl do not generate alignment interrupts, so
they are safe for use on caching-inhibited memory. Notice that the
comparison on the main loop will wait for both VSR to be ready.
Therefore aligning one of the input address does not improve
performance. In order to align both registers a vperm is necessary
which add too much overhead.
2. Uses new POWER10 instructions
This code uses lxvp to decrease contention on load by loading 32 bytes
per instruction.
The vextractbm is used to have a smaller tail code for calculating the
return value.
3. Performance improvement
This version has around 35% better performance on average. I saw no
performance regressions for any length or alignment.
Thanks Matheus for helping me out with some details.
Co-authored-by: Matheus Castanho <msc@linux.ibm.com>
Reviewed-by: Raphael M Zinsly <rzinsly@linux.ibm.com>
It checks whether an invalid affinity mask does return an error,
similar to what sysdeps/pthread/tst-bad-schedattr.c does for
pthread_attr_setschedparam.
Checked on x86_64-linux-gnu.
The 'create_thread' function is moved to pthread_create.c. It removes
the START_THREAD_DEFN and START_THREAD_SELF macros and make the
lock usage more clear (no need to cross-reference multiple files).
No functional change.
The signal is sent to all threads, some of which may have switched
to very small stacks. If they have also installed an alternate
signal stack, SA_ONSTACK makes this work. The Go runtime needs this:
runtime: C.setuid/C.setgid smashes Go stack
<https://github.com/golang/go/issues/9400>
Doing this for SIGCANCEL is less obviously beneficial and needs further
testing.
Reviewed-by: Carlos O'Donell <carlos@redhat.com>
