Commit Graph

843 Commits

Author SHA1 Message Date
Adhemerval Zanella
448a256359 malloc: Add scratch_buffer_dupfree
It returns a copy of the buffer up to a defined size.  It will be used
on realpath sync with gnulib.
2021-01-05 11:33:16 -03:00
Paul Eggert
9fcdec7386 Update copyright dates not handled by scripts/update-copyrights.
I've updated copyright dates in glibc for 2021.  This is the patch for
the changes not generated by scripts/update-copyrights and subsequent
build / regeneration of generated files.  As well as the usual annual
updates, mainly dates in --version output (minus csu/version.c which
previously had to be handled manually but is now successfully updated
by update-copyrights), there is a small change to the copyright notice
in NEWS which should let NEWS get updated automatically next year.

Please remember to include 2021 in the dates for any new files added
in future (which means updating any existing uncommitted patches you
have that add new files to use the new copyright dates in them).
2021-01-02 12:17:34 -08:00
Paul Eggert
2b778ceb40 Update copyright dates with scripts/update-copyrights
I used these shell commands:

../glibc/scripts/update-copyrights $PWD/../gnulib/build-aux/update-copyright
(cd ../glibc && git commit -am"[this commit message]")

and then ignored the output, which consisted lines saying "FOO: warning:
copyright statement not found" for each of 6694 files FOO.
I then removed trailing white space from benchtests/bench-pthread-locks.c
and iconvdata/tst-iconv-big5-hkscs-to-2ucs4.c, to work around this
diagnostic from Savannah:
remote: *** pre-commit check failed ...
remote: *** error: lines with trailing whitespace found
remote: error: hook declined to update refs/heads/master
2021-01-02 12:17:34 -08:00
Adhemerval Zanella
9835632cf4 malloc: preserve errno on mcheck hooks [BZ #17924]
Similar to the fix 69fda43b8d, save and restore errno for the hook
functions used for MALLOC_CHECK_=3.

It fixes the malloc/tst-free-errno-mcheck regression.

Checked on x86_64-linux-gnu.
2020-12-30 10:37:58 -03:00
Paul Eggert
69fda43b8d free: preserve errno [BZ#17924]
In the next release of POSIX, free must preserve errno
<https://www.austingroupbugs.net/view.php?id=385>.
Modify __libc_free to save and restore errno, so that
any internal munmap etc. syscalls do not disturb the caller's errno.
Add a test malloc/tst-free-errno.c (almost all by Bruno Haible),
and document that free preserves errno.

Reviewed-by: Adhemerval Zanella  <adhemerval.zanella@linaro.org>
2020-12-29 00:46:46 -08:00
Siddhesh Poyarekar
84c202246b MTE: Do not pad size in realloc_check
The MTE patch to add malloc support incorrectly padded the size passed
to _int_realloc by SIZE_SZ when it ought to have sent just the
chunksize.  Revert that bit of the change so that realloc works
correctly with MALLOC_CHECK_ set.

This also brings the realloc_check implementation back in sync with
libc_realloc.
2020-12-24 06:02:05 +05:30
Siddhesh Poyarekar
4f969166ce tests-mcheck: New variable to run tests with MALLOC_CHECK_=3
This new variable allows various subsystems in glibc to run all or
some of their tests with MALLOC_CHECK_=3.  This patch adds
infrastructure support for this variable as well as an implementation
in malloc/Makefile to allow running some of the tests with
MALLOC_CHECK_=3.

At present some tests in malloc/ have been excluded from the mcheck
tests either because they're specifically testing MALLOC_CHECK_ or
they are failing in master even without the Memory Tagging patches
that prompted this work.  Some tests were reviewed and found to need
specific error points that MALLOC_CHECK_ defeats by terminating early
but a thorough review of all tests is needed to bring them into mcheck
coverage.

The following failures are seen in current master:

FAIL: malloc/tst-malloc-fork-deadlock-mcheck
FAIL: malloc/tst-malloc-stats-cancellation-mcheck
FAIL: malloc/tst-malloc-thread-fail-mcheck
FAIL: malloc/tst-realloc-mcheck
FAIL: malloc/tst-reallocarray-mcheck

All of these are due to the Memory Tagging patchset and will be fixed
separately.
2020-12-24 06:02:02 +05:30
Richard Earnshaw
3784dfc098 malloc: Basic support for memory tagging in the malloc() family
This patch adds the basic support for memory tagging.

Various flavours are supported, particularly being able to turn on
tagged memory at run-time: this allows the same code to be used on
systems where memory tagging support is not present without neededing
a separate build of glibc.  Also, depending on whether the kernel
supports it, the code will use mmap for the default arena if morecore
does not, or cannot support tagged memory (on AArch64 it is not
available).

All the hooks use function pointers to allow this to work without
needing ifuncs.

Reviewed-by: DJ Delorie <dj@redhat.com>
2020-12-21 15:25:25 +00:00
Florian Weimer
29a4db291b malloc: Use __libc_initial to detect an inner libc
The secondary/non-primary/inner libc (loaded via dlmopen, LD_AUDIT,
static dlopen) must not use sbrk to allocate member because that would
interfere with allocations in the outer libc.  On Linux, this does not
matter because sbrk itself was changed to fail in secondary libcs.

 _dl_addr occasionally shows up in profiles, but had to be used before
because __libc_multiple_libs was unreliable.  So this change achieves
a slight reduction in startup time.

Reviewed-by: Adhemerval Zanella  <adhemerval.zanella@linaro.org>
2020-12-16 15:13:40 +01:00
W. Hashimoto
0e00b35704 malloc: Detect infinite-loop in _int_free when freeing tcache [BZ#27052]
If linked-list of tcache contains a loop, it invokes infinite
loop in _int_free when freeing tcache. The PoC which invokes
such infinite loop is on the Bugzilla(#27052). This loop
should terminate when the loop exceeds mp_.tcache_count and
the program should abort. The affected glibc version is
2.29 or later.

Reviewed-by: DJ Delorie <dj@redhat.com>
2020-12-11 16:59:10 -05:00
DJ Delorie
f8847d83e1 nsswitch: use new internal API (core)
Core changes to switch the NSS internals to use the new API.

Reviewed-by: Siddhesh Poyarekar <siddhesh@sourceware.org>
2020-12-04 17:15:53 -05:00
Florian Weimer
171689dac7 nss: Introduce <nss_module.h>
This provides the struct nss_module type, which combines the old
struct service_library type with the known_function tree, by
statically allocating space for all function pointers.

struct nss_module is fairly large (536 bytes), but it will be
shared across NSS databases.  The old known_function handling
had non-some per-function overhead (at least 32 bytes per looked-up
function, but more for long function anmes), so overall, this is not
too bad.  Resolving all functions at load time simplifies locking,
and the repeated lookups should be fast because the caches are hot
at this point.

Reviewed-by: Siddhesh Poyarekar <siddhesh@sourceware.org>
2020-12-04 17:15:05 -05:00
Adhemerval Zanella
01bd62517c Remove tls.h inclusion from internal errno.h
The tls.h inclusion is not really required and limits possible
definition on more arch specific headers.

This is a cleanup to allow inline functions on sysdep.h, more
specifically on i386 and ia64 which requires to access some tls
definitions its own.

No semantic changes expected, checked with a build against all
affected ABIs.
2020-11-13 12:59:19 -03:00
liqingqing
961d12d947 malloc debug: fix compile error when enable macro MALLOC_DEBUG > 1
malloc debug: fix compile error when enable macro MALLOC_DEBUG > 1.

this is because commit e9c4fe93b3 has change the struct malloc_chunk's member "size" to "mchunk_size".

the reproduction is like that:
setp1: modify related Makefile.
vim ../glibc/malloc/Makefile
CPPFLAGS-malloc.o += -DMALLOC_DEBUG=2

step2: ../configure --prefix=/usr
       make -j32

this will cause the compile error:
/home/liqingqing/glibc_upstream/buildglibc/malloc/malloc.o
In file included from malloc.c:1899:0:
arena.c: In function 'dump_heap':
arena.c:422:58: error: 'struct malloc_chunk' has no member named 'size'
       fprintf (stderr, "chunk %p size %10lx", p, (long) p->size);
                                                          ^~
arena.c:428:17: error: 'struct malloc_chunk' has no member named 'size'
       else if (p->size == (0 | PREV_INUSE))

Reviewed-by: DJ Delorie <dj@redhat.com>
2020-10-30 14:49:08 -04:00
liqingqing
024f873209 tst-tcfree2: adjust coding style.
tst-tcfree2: adjust coding style.

Reviewed-by: DJ Delorie <dj@redhat.com>
2020-10-30 14:47:29 -04:00
Andreas Schwab
8f8052c2aa Revert "Fix missing redirects in testsuite targets"
This reverts commit d5afb38503.  The log files are actually created by the
various shell scripts that drive the tests.
2020-10-08 10:09:30 +02:00
H.J. Lu
862897d2ad Replace Minumum/minumum with Minimum/minimum
Replace Minumum/minumum in comments with Minimum/minimum.
2020-10-06 05:15:11 -07:00
DJ Delorie
cdf645427d Update mallinfo2 ABI, and test
This patch adds the ABI-related bits to reflect the new mallinfo2
function, and adds a test case to verify basic functionality.

Reviewed-by: Adhemerval Zanella <adhemerval.zanella@linaro.org>
2020-09-17 18:49:30 -04:00
Adhemerval Zanella
30e5069c7d malloc: Fix mallinfo deprecation declaration
It fixes the build issue below introduced by e3960d1c57 (Add
mallinfo2  function that support sizes >= 4GB).  It moves the
__MALLOC_DEPRECATED to the usual place for function attributes:

  In file included from ../include/malloc.h:3,
                   from ../sysdeps/x86_64/multiarch/../../../test-skeleton.c:31,
                   from ../sysdeps/x86_64/multiarch/test-multiarch.c:96:
  ../malloc/malloc.h:118:1: error: empty declaration [-Werror]
    118 | __MALLOC_DEPRECATED;

It also adds the required deprecated warning suppression on the tests.

Checked on x86_64-linux-gnu.
2020-08-31 14:22:06 -03:00
Martin Liska
e3960d1c57 Add mallinfo2 function that support sizes >= 4GB.
The current int type can easily overflow for allocation of more
than 4GB.
2020-08-31 08:58:20 +02:00
Petr Vorel
5500cdba40 Remove --enable-obsolete-rpc configure flag
Sun RPC was removed from glibc. This includes rpcgen program, librpcsvc,
and Sun RPC headers. Also test for bug #20790 was removed
(test for rpcgen).

Backward compatibility for old programs is kept only for architectures
and ABIs that have been added in or before version 2.28.

libtirpc is mature enough, librpcsvc and rpcgen are provided in
rpcsvc-proto project.

NOTE: libnsl code depends on Sun RPC (installed libnsl headers use
installed Sun RPC headers), thus --enable-obsolete-rpc was a dependency
for --enable-obsolete-nsl (removed in a previous commit).

The arc ABI list file has to be updated because the port was added
with the sunrpc symbols

Tested-by: Carlos O'Donell <carlos@redhat.com>
Reviewed-by: Carlos O'Donell <carlos@redhat.com>
2020-07-13 19:36:35 +02:00
Florian Weimer
e72b98e6f8 malloc: Deprecate more hook-related functionality
__morecore, __after_morecore_hook, and __default_morecore had not
been deprecated in commit 7d17596c19
("Mark malloc hook variables as deprecated"), probably by accident.

Reviewed-by: Carlos O'Donell <carlos@redhat.com>
2020-07-13 09:58:37 +02:00
Adhemerval Zanella
725eeb4af1 string: Use tls-internal on strerror_l
The buffer allocation uses the same strategy of strsignal.

Checked on x86-64-linux-gnu, i686-linux-gnu, powerpc64le-linux-gnu,
and s390x-linux-gnu.

Tested-by: Carlos O'Donell <carlos@redhat.com>
Reviewed-by: Carlos O'Donell <carlos@redhat.com>
2020-07-07 14:10:58 -03:00
Adhemerval Zanella
9deec7c8ba string: Remove old TLS usage on strsignal
The per-thread state is refactored two use two strategies:

  1. The default one uses a TLS structure, which will be placed in the
     static TLS space (using __thread keyword).

  2. Linux allocates via struct pthread and access it through THREAD_*
     macros.

The default strategy has the disadvantage of increasing libc.so static
TLS consumption and thus decreasing the possible surplus used in
some scenarios (which might be mitigated by BZ#25051 fix).

It is used only on Hurd, where accessing the thread storage in the in
single thread case is not straightforward (afaiu, Hurd developers could
correct me here).

The fallback static allocation used for allocation failure is also
removed: defining its size is problematic without synchronizing with
translated messages (to avoid partial translation) and the resulting
usage is not thread-safe.

Checked on x86-64-linux-gnu, i686-linux-gnu, powerpc64le-linux-gnu,
and s390x-linux-gnu.

Tested-by: Carlos O'Donell <carlos@redhat.com>
Reviewed-by: Carlos O'Donell <carlos@redhat.com>
2020-07-07 14:10:58 -03:00
DJ Delorie
b9cde4e3aa malloc: ensure set_max_fast never stores zero [BZ #25733]
The code for set_max_fast() stores an "impossibly small value"
instead of zero, when the parameter is zero.  However, for
small values of the parameter (ex: 1 or 2) the computation
results in a zero being stored anyway.

This patch checks for the parameter being small enough for the
computation to result in zero instead, so that a zero is never
stored.

key values which result in zero being stored:

x86-64:  1..7  (or other 64-bit)
i686:    1..11
armhfp:  1..3  (or other 32-bit)

Reviewed-by: Carlos O'Donell <carlos@redhat.com>
2020-04-06 16:27:53 -04:00
Eyal Itkin
6310d570bf Add tests for Safe-Linking
Adding the test "tst-safe-linking" for testing that Safe-Linking works
as expected. The test checks these 3 main flows:
 * tcache protection
 * fastbin protection
 * malloc_consolidate() correctness

As there is a random chance of 1/16 that of the alignment will remain
correct, the test checks each flow up to 10 times, using different random
values for the pointer corruption. As a result, the chance for a false
failure of a given tested flow is 2**(-40), thus highly unlikely.

Reviewed-by: Carlos O'Donell <carlos@redhat.com>
2020-04-03 07:20:56 -04:00
Eyal Itkin
49c3c37651 Fix alignment bug in Safe-Linking
Alignment checks should be performed on the user's buffer and NOT
on the mchunkptr as was done before. This caused bugs in 32 bit
versions, because: 2*sizeof(t) != MALLOC_ALIGNMENT.

As the tcache works on users' buffers it uses the aligned_OK()
check, and the rest work on mchunkptr and therefore check using
misaligned_chunk().

Reviewed-by: Carlos O'Donell <carlos@redhat.com>
2020-03-31 21:48:54 -04:00
Eyal Itkin
768358b6a8 Typo fixes and CR cleanup in Safe-Linking
Removed unneeded '\' chars from end of lines and fixed some
indentation issues that were introduced in the original
Safe-Linking patch.

Reviewed-by: Carlos O'Donell <carlos@redhat.com>
2020-03-31 21:48:54 -04:00
Eyal Itkin
a1a486d70e Add Safe-Linking to fastbins and tcache
Safe-Linking is a security mechanism that protects single-linked
lists (such as the fastbin and tcache) from being tampered by attackers.
The mechanism makes use of randomness from ASLR (mmap_base), and when
combined with chunk alignment integrity checks, it protects the "next"
pointers from being hijacked by an attacker.

While Safe-Unlinking protects double-linked lists (such as the small
bins), there wasn't any similar protection for attacks against
single-linked lists. This solution protects against 3 common attacks:
  * Partial pointer override: modifies the lower bytes (Little Endian)
  * Full pointer override: hijacks the pointer to an attacker's location
  * Unaligned chunks: pointing the list to an unaligned address

The design assumes an attacker doesn't know where the heap is located,
and uses the ASLR randomness to "sign" the single-linked pointers. We
mark the pointer as P and the location in which it is stored as L, and
the calculation will be:
  * PROTECT(P) := (L >> PAGE_SHIFT) XOR (P)
  * *L = PROTECT(P)

This way, the random bits from the address L (which start at the bit
in the PAGE_SHIFT position), will be merged with LSB of the stored
protected pointer. This protection layer prevents an attacker from
modifying the pointer into a controlled value.

An additional check that the chunks are MALLOC_ALIGNed adds an
important layer:
  * Attackers can't point to illegal (unaligned) memory addresses
  * Attackers must guess correctly the alignment bits

On standard 32 bit Linux machines, an attack will directly fail 7
out of 8 times, and on 64 bit machines it will fail 15 out of 16
times.

This proposed patch was benchmarked and it's effect on the overall
performance of the heap was negligible and couldn't be distinguished
from the default variance between tests on the vanilla version. A
similar protection was added to Chromium's version of TCMalloc
in 2012, and according to their documentation it had an overhead of
less than 2%.

Reviewed-by: DJ Delorie <dj@redhat.com>
Reviewed-by: Carlos O'Donell <carlos@redhat.com>
Reviewed-by: Adhemerval Zacnella <adhemerval.zanella@linaro.org>
2020-03-29 13:03:14 -04:00
Adhemerval Zanella
5c8aa3849a malloc/tst-mallocfork2: Kill lingering process for unexpected failures
If the test fails due some unexpected failure after the children
creation, either in the signal handler by calling abort or in the main
loop; the created children might not be killed properly.

This patches fixes it by:

  * Avoid aborting in the signal handler by setting a flag that
    an error has occured and add a check in the main loop.

  * Add a atexit handler to handle kill child processes.

Checked on x86_64-linux-gnu.
2020-02-27 13:43:57 -03:00
Florian Weimer
768c83b7f6 Remove incorrect alloc_size attribute from pvalloc [BZ #25401]
pvalloc is guarantueed to round up the allocation size to the page
size, so applications can assume that the memory region is larger
than the passed-in argument.  The alloc_size attribute cannot express
that.

The test case is based on a suggestion from Jakub Jelinek.

This fixes commit 9bf8e29ca1 ("malloc:
make malloc fail with requests larger than PTRDIFF_MAX (BZ#23741)").

Reviewed-by: Adhemerval Zanella <adhemerval.zanella@linaro.org>
2020-01-17 15:05:34 +01:00
Adhemerval Zanella
1bdda52fe9 elf: Move vDSO setup to rtld (BZ#24967)
This patch moves the vDSO setup from libc to loader code, just after
the vDSO link_map setup.  For static case the initialization
is moved to _dl_non_dynamic_init instead.

Instead of using the mangled pointer, the vDSO data is set as
attribute_relro (on _rtld_global_ro for shared or _dl_vdso_* for
static).  It is read-only even with partial relro.

It fixes BZ#24967 now that the vDSO pointer is setup earlier than
malloc interposition is called.

Also, vDSO calls should not be a problem for static dlopen as
indicated by BZ#20802.  The vDSO pointer would be zero-initialized
and the syscall will be issued instead.

Checked on x86_64-linux-gnu, i686-linux-gnu, aarch64-linux-gnu,
arm-linux-gnueabihf, powerpc64le-linux-gnu, powerpc64-linux-gnu,
powerpc-linux-gnu, s390x-linux-gnu, sparc64-linux-gnu, and
sparcv9-linux-gnu.  I also run some tests on mips.

Reviewed-by: Siddhesh Poyarekar <siddhesh@sourceware.org>
2020-01-03 11:22:07 -03:00
Joseph Myers
5f72f9800b Update copyright dates not handled by scripts/update-copyrights.
I've updated copyright dates in glibc for 2020.  This is the patch for
the changes not generated by scripts/update-copyrights and subsequent
build / regeneration of generated files.  As well as the usual annual
updates, mainly dates in --version output (minus libc.texinfo which
previously had to be handled manually but is now successfully updated
by update-copyrights), there is a fix to
sysdeps/unix/sysv/linux/powerpc/bits/termios-c_lflag.h where a typo in
the copyright notice meant it failed to be updated automatically.

Please remember to include 2020 in the dates for any new files added
in future (which means updating any existing uncommitted patches you
have that add new files to use the new copyright dates in them).
2020-01-01 00:21:22 +00:00
Joseph Myers
d614a75396 Update copyright dates with scripts/update-copyrights. 2020-01-01 00:14:33 +00:00
DJ Delorie
16554464bc Correct range checking in mallopt/mxfast/tcache [BZ #25194]
do_set_tcache_max, do_set_mxfast:
Fix two instances of comparing "size_t < 0"
Both cases have upper limit, so the "negative value" case
is already handled via overflow semantics.

do_set_tcache_max, do_set_tcache_count:
Fix return value on error.  Note: currently not used.

mallopt:
pass return value of helper functions to user.  Behavior should
only be actually changed for mxfast, where we restore the old
(pre-tunables) behavior.

Reviewed-by: Carlos O'Donell <carlos@redhat.com>
2019-12-05 16:46:37 -05:00
DJ Delorie
ff12e0fb91 Base max_fast on alignment, not width, of bins (Bug 24903)
set_max_fast sets the "impossibly small" value based on,
eventually, MALLOC_ALIGNMENT.  The comparisons for the smallest
chunk used is, eventually, MIN_CHUNK_SIZE.  Note that i386
is the only platform where these are the same, so a smallest
chunk *would* be put in a no-fastbins fastbin.

This change calculates the "impossibly small" value
based on MIN_CHUNK_SIZE instead, so that we can know it will
always be impossibly small.
2019-10-30 22:59:11 -04:00
Paul Eggert
5a82c74822 Prefer https to http for gnu.org and fsf.org URLs
Also, change sources.redhat.com to sourceware.org.
This patch was automatically generated by running the following shell
script, which uses GNU sed, and which avoids modifying files imported
from upstream:

sed -ri '
  s,(http|ftp)(://(.*\.)?(gnu|fsf|sourceware)\.org($|[^.]|\.[^a-z])),https\2,g
  s,(http|ftp)(://(.*\.)?)sources\.redhat\.com($|[^.]|\.[^a-z]),https\2sourceware.org\4,g
' \
  $(find $(git ls-files) -prune -type f \
      ! -name '*.po' \
      ! -name 'ChangeLog*' \
      ! -path COPYING ! -path COPYING.LIB \
      ! -path manual/fdl-1.3.texi ! -path manual/lgpl-2.1.texi \
      ! -path manual/texinfo.tex ! -path scripts/config.guess \
      ! -path scripts/config.sub ! -path scripts/install-sh \
      ! -path scripts/mkinstalldirs ! -path scripts/move-if-change \
      ! -path INSTALL ! -path  locale/programs/charmap-kw.h \
      ! -path po/libc.pot ! -path sysdeps/gnu/errlist.c \
      ! '(' -name configure \
            -execdir test -f configure.ac -o -f configure.in ';' ')' \
      ! '(' -name preconfigure \
            -execdir test -f preconfigure.ac ';' ')' \
      -print)

and then by running 'make dist-prepare' to regenerate files built
from the altered files, and then executing the following to cleanup:

  chmod a+x sysdeps/unix/sysv/linux/riscv/configure
  # Omit irrelevant whitespace and comment-only changes,
  # perhaps from a slightly-different Autoconf version.
  git checkout -f \
    sysdeps/csky/configure \
    sysdeps/hppa/configure \
    sysdeps/riscv/configure \
    sysdeps/unix/sysv/linux/csky/configure
  # Omit changes that caused a pre-commit check to fail like this:
  # remote: *** error: sysdeps/powerpc/powerpc64/ppc-mcount.S: trailing lines
  git checkout -f \
    sysdeps/powerpc/powerpc64/ppc-mcount.S \
    sysdeps/unix/sysv/linux/s390/s390-64/syscall.S
  # Omit change that caused a pre-commit check to fail like this:
  # remote: *** error: sysdeps/sparc/sparc64/multiarch/memcpy-ultra3.S: last line does not end in newline
  git checkout -f sysdeps/sparc/sparc64/multiarch/memcpy-ultra3.S
2019-09-07 02:43:31 -07:00
Florian Weimer
f9769a2397 malloc: Various cleanups for malloc/tst-mxfast 2019-08-15 11:37:18 +02:00
DJ Delorie
c48d92b430 Add glibc.malloc.mxfast tunable
* elf/dl-tunables.list: Add glibc.malloc.mxfast.
* manual/tunables.texi: Document it.
* malloc/malloc.c (do_set_mxfast): New.
(__libc_mallopt): Call it.
* malloc/arena.c: Add mxfast tunable.
* malloc/tst-mxfast.c: New.
* malloc/Makefile: Add it.

Reviewed-by: Carlos O'Donell <carlos@redhat.com>
2019-08-09 14:04:03 -04:00
Niklas Hambüchen
b6d2c4475d malloc: Fix missing accounting of top chunk in malloc_info [BZ #24026]
Fixes `<total type="rest" size="..."> incorrectly showing as 0 most
of the time.

The rest value being wrong is significant because to compute the
actual amount of memory handed out via malloc, the user must subtract
it from <system type="current" size="...">. That result being wrong
makes investigating memory fragmentation issues like
<https://bugzilla.redhat.com/show_bug.cgi?id=843478> close to
impossible.
2019-08-08 22:02:27 +02:00
Florian Weimer
b0f6679bcd malloc: Remove unwanted leading whitespace in malloc_info [BZ #24867]
It was introduced in commit 6c8dbf00f5
("Reformat malloc to gnu style.").

Reviewed-by: Carlos O'Donell <carlos@redhat.com>
2019-08-01 14:07:08 +02:00
Andreas Schwab
32b8188ac8 Don't declare __malloc_check_init in <malloc.h> (bug 23352)
The function was never part of the malloc API.
2019-07-10 15:04:05 +02:00
Florian Weimer
27cec9aed9 malloc: Add nptl, htl dependency for the subdirectory [BZ #24757]
memusagestat may indirectly link against libpthread.  The built
libpthread should be used, but that is only possible if it has been
built before the malloc programs.
2019-07-02 16:51:13 +02:00
Joseph Myers
e6e2424390 Fix malloc tests build with GCC 10.
GCC mainline has recently added warn_unused_result attributes to some
malloc-like built-in functions, where glibc previously had them in its
headers only for __USE_FORTIFY_LEVEL > 0.  This results in those
attributes being newly in effect for building the glibc testsuite, so
resulting in new warnings that break the build where tests
deliberately call such functions and ignore the result.  Thus patch
duly adds calls to DIAG_* macros around those calls to disable the
warning.

Tested with build-many-glibcs.py for aarch64-linux-gnu.

	* malloc/tst-calloc.c: Include <libc-diag.h>.
	(null_test): Ignore -Wunused-result around calls to calloc.
	* malloc/tst-mallocfork.c: Include <libc-diag.h>.
	(do_test): Ignore -Wunused-result around call to malloc.
2019-06-10 22:12:08 +00:00
Wilco Dijkstra
1f50f2ad85 Small tcache improvements
Change the tcache->counts[] entries to uint16_t - this removes
the limit set by char and allows a larger tcache.  Remove a few
redundant asserts.

bench-malloc-thread with 4 threads is ~15% faster on Cortex-A72.

Reviewed-by: DJ Delorie <dj@redhat.com>

	* malloc/malloc.c (MAX_TCACHE_COUNT): Increase to UINT16_MAX.
	(tcache_put): Remove redundant assert.
	(tcache_get): Remove redundant asserts.
	(__libc_malloc): Check tcache count is not zero.
	* manual/tunables.texi (glibc.malloc.tcache_count): Update maximum.
2019-05-17 18:16:20 +01:00
Wilco Dijkstra
5ad533e8e6 Fix tcache count maximum (BZ #24531)
The tcache counts[] array is a char, which has a very small range and thus
may overflow.  When setting tcache_count tunable, there is no overflow check.
However the tunable must not be larger than the maximum value of the tcache
counts[] array, otherwise it can overflow when filling the tcache.

	[BZ #24531]
	* malloc/malloc.c (MAX_TCACHE_COUNT): New define.
	(do_set_tcache_count): Only update if count is small enough.
	* manual/tunables.texi (glibc.malloc.tcache_count): Document max value.
2019-05-10 16:38:21 +01:00
Florian Weimer
b2f601ba9a malloc/tst-mallocfork2: Use process-shared barriers
This synchronization method has a lower overhead and makes
it more likely that the signal arrives during one of the critical
functions.

Also test for fork deadlocks explicitly.

Reviewed-by: Szabolcs Nagy <szabolcs.nagy@arm.com>
2019-05-08 15:29:13 +02:00
Mike Frysinger
f9b645b4b0 memusagestat: use local glibc when linking [BZ #18465]
The memusagestat is the only binary that has its own link line which
causes it to be linked against the existing installed C library.  It
has been this way since it was originally committed in 1999, but I
don't see any reason as to why.  Since we want all the programs we
build locally to be against the new copy of glibc, change the build
to be like all other programs.
2019-04-24 13:36:28 +02:00
H.J. Lu
2d398aa272 Remove do_set_mallopt_check prototype
Remove do_set_mallopt_check prototype since it is unused.

	* malloc/arena.c (do_set_mallopt_check): Removed.

Reviewed-by: Carlos O'Donell <carlos@redhat.com>
Reviewed-by: DJ Delorie <dj@redhat.com>
2019-04-23 13:12:25 -07:00
Adhemerval Zanella
9bf8e29ca1 malloc: make malloc fail with requests larger than PTRDIFF_MAX (BZ#23741)
As discussed previously on libc-alpha [1], this patch follows up the idea
and add both the __attribute_alloc_size__ on malloc functions (malloc,
calloc, realloc, reallocarray, valloc, pvalloc, and memalign) and limit
maximum requested allocation size to up PTRDIFF_MAX (taking into
consideration internal padding and alignment).

This aligns glibc with gcc expected size defined by default warning
-Walloc-size-larger-than value which warns for allocation larger than
PTRDIFF_MAX.  It also aligns with gcc expectation regarding libc and
expected size, such as described in PR#67999 [2] and previously discussed
ISO C11 issues [3] on libc-alpha.

From the RFC thread [4] and previous discussion, it seems that consensus
is only to limit such requested size for malloc functions, not the system
allocation one (mmap, sbrk, etc.).

The implementation changes checked_request2size to check for both overflow
and maximum object size up to PTRDIFF_MAX. No additional checks are done
on sysmalloc, so it can still issue mmap with values larger than
PTRDIFF_T depending on the requested size.

The __attribute_alloc_size__ is for functions that return a pointer only,
which means it cannot be applied to posix_memalign (see remarks in GCC
PR#87683 [5]). The runtimes checks to limit maximum requested allocation
size does applies to posix_memalign.

Checked on x86_64-linux-gnu and i686-linux-gnu.

[1] https://sourceware.org/ml/libc-alpha/2018-11/msg00223.html
[2] https://gcc.gnu.org/bugzilla//show_bug.cgi?id=67999
[3] https://sourceware.org/ml/libc-alpha/2011-12/msg00066.html
[4] https://sourceware.org/ml/libc-alpha/2018-11/msg00224.html
[5] https://gcc.gnu.org/bugzilla/show_bug.cgi?id=87683

	[BZ #23741]
	* malloc/hooks.c (malloc_check, realloc_check): Use
	__builtin_add_overflow on overflow check and adapt to
	checked_request2size change.
	* malloc/malloc.c (__libc_malloc, __libc_realloc, _mid_memalign,
	__libc_pvalloc, __libc_calloc, _int_memalign): Limit maximum
	allocation size to PTRDIFF_MAX.
	(REQUEST_OUT_OF_RANGE): Remove macro.
	(checked_request2size): Change to inline function and limit maximum
	requested size to PTRDIFF_MAX.
	(__libc_malloc, __libc_realloc, _int_malloc, _int_memalign): Limit
	maximum allocation size to PTRDIFF_MAX.
	(_mid_memalign): Use _int_memalign call for overflow check.
	(__libc_pvalloc): Use __builtin_add_overflow on overflow check.
	(__libc_calloc): Use __builtin_mul_overflow for overflow check and
	limit maximum requested size to PTRDIFF_MAX.
	* malloc/malloc.h (malloc, calloc, realloc, reallocarray, memalign,
	valloc, pvalloc): Add __attribute_alloc_size__.
	* stdlib/stdlib.h (malloc, realloc, reallocarray, valloc): Likewise.
	* malloc/tst-malloc-too-large.c (do_test): Add check for allocation
	larger than PTRDIFF_MAX.
	* malloc/tst-memalign.c (do_test): Disable -Walloc-size-larger-than=
	around tests of malloc with negative sizes.
	* malloc/tst-posix_memalign.c (do_test): Likewise.
	* malloc/tst-pvalloc.c (do_test): Likewise.
	* malloc/tst-valloc.c (do_test): Likewise.
	* malloc/tst-reallocarray.c (do_test): Replace call to reallocarray
	with resulting size allocation larger than PTRDIFF_MAX with
	reallocarray_nowarn.
	(reallocarray_nowarn): New function.
	* NEWS: Mention the malloc function semantic change.
2019-04-18 17:30:06 -03:00