Commit Graph

61 Commits

Author SHA1 Message Date
Zack Weinberg
2cc7bad0ae [BZ 1190] Make EOF sticky in stdio.
C99 specifies that the EOF condition on a file is "sticky": once EOF
has been encountered, all subsequent reads should continue to return
EOF until the file is closed or something clears the "end-of-file
indicator" (e.g. fseek, clearerr).  This is arguably a change from
C89, where the wording was ambiguous; the BSDs always had sticky EOF,
but the System V lineage would attempt to read from the underlying fd
again.  GNU libc has followed System V for as long as we've been
using libio, but nowadays C99 conformance and BSD compatibility are
more important than System V compatibility.

You might wonder if changing the _underflow impls is sufficient to
apply the C99 semantics to all of the many stdio functions that
perform input.  It should be enough to cover all paths to _IO_SYSREAD,
and the only other functions that call _IO_SYSREAD are the _seekoff
impls, which is OK because seeking clears EOF, and the _xsgetn impls,
which, as far as I can tell, are unused within glibc.

The test programs in this patch use a pseudoterminal to set up the
necessary conditions.  To facilitate this I added a new test-support
function that sets up a pair of pty file descriptors for you; it's
almost the same as BSD openpty, the only differences are that it
allocates the optionally-returned tty pathname with malloc, and that
it crashes if anything goes wrong.

	[BZ #1190]
        [BZ #19476]
	* libio/fileops.c (_IO_new_file_underflow): Return EOF immediately
	if the _IO_EOF_SEEN bit is already set; update commentary.
	* libio/oldfileops.c (_IO_old_file_underflow): Likewise.
	* libio/wfileops.c (_IO_wfile_underflow): Likewise.

	* support/support_openpty.c, support/tty.h: New files.
	* support/Makefile (libsupport-routines): Add support_openpty.

	* libio/tst-fgetc-after-eof.c, wcsmbs/test-fgetwc-after-eof.c:
	New test cases.
	* libio/Makefile (tests): Add tst-fgetc-after-eof.
	* wcsmbs/Makefile (tests): Add tst-fgetwc-after-eof.
2018-03-13 08:31:56 -04:00
Florian Weimer
1a51e46e4a support: Preserve errno in write_message, TEST_VERIFY and other checks
These facilities could clobber errno, which makes it difficult to write
certain checks because a specific order has to be used.
2018-01-12 13:35:01 +01:00
Florian Weimer
401311cfba resolv: Support binary labels in test framework
The old implementation based on hsearch_r used an ad-hoc C string
encoding and produced an incorrect format on the wire for domain
names which contained bytes which needed escaping when printed.

This commit switches to ns_name_pton for the wire format conversion
(now that we have separate tests for it) and uses a tsearch tree
with a suitable comparison function to locate compression targets.
2018-01-08 20:07:24 +01:00
Florian Weimer
2b3aa44656 support: Increase usability of TEST_COMPARE
The previous implementation of the TEST_COMPARE macro would fail
to compile code like this:

  int ret = res_send (query, sizeof (query), buf, sizeof (buf));
  TEST_COMPARE (ret,
                sizeof (query)
                + 2             /* Compression reference.  */
                + 2 + 2 + 4 + 2 /* Type, class, TTL, RDATA length.  */
                + 1             /* Pascal-style string length.  */
                + strlen (expected_name));

This resulted in a failed static assertion, "integer conversions
may alter sign of operands".  A user of the TEST_COMPARE would have
to add a cast to fix this.

This patch reverts to the original proposed solution of a run-time
check, making TEST_COMPARE usable for comparisons of numbers with
types with different signedness in more contexts.
2018-01-08 20:07:24 +01:00
Florian Weimer
dabd75b6a1 support: Define support_static_assert for use with C and C++
And update TEST_COMPARE to use it, to make it usable from C++.
2018-01-08 14:39:51 +01:00
Samuel Thibault
7abf02f3ee support_enter_mount_namespace: Fix indentation
* support/support_enter_mount_namespace.c: Fix indentation.
2018-01-04 15:11:41 +01:00
Samuel Thibault
1714fc06e0 hurd: Fix support/support_enter_mount_namespace.c build
* support/support_enter_mount_namespace.c [!CLONE_NEWNS]: Do not
	include <sys/mount.h>.
2018-01-04 00:54:13 +01:00
Joseph Myers
688903eb3e Update copyright dates with scripts/update-copyrights.
* All files with FSF copyright notices: Update copyright dates
	using scripts/update-copyrights.
	* locale/programs/charmap-kw.h: Regenerated.
	* locale/programs/locfile-kw.h: Likewise.
2018-01-01 00:32:25 +00:00
Florian Weimer
bad7a0c81f copy_file_range: New function to copy file data
The semantics are based on the Linux system call, but a very close
emulation in user space is provided.
2017-12-22 10:55:40 +01:00
Florian Weimer
f58bd7f055 support: Simplify compiling most of support/ outside of glibc
Some include files were missing because they are implied by the
in-tree build process.

Reviewed-by: Adhemerval Zanella  <adhemerval.zanella@linaro.org>
2017-12-14 13:48:56 +01:00
Florian Weimer
446d22e91d Linux: Implement interfaces for memory protection keys
This adds system call wrappers for pkey_alloc, pkey_free, pkey_mprotect,
and x86-64 implementations of pkey_get and pkey_set, which abstract over
the PKRU CPU register and hide the actual number of memory protection
keys supported by the CPU.  pkey_mprotect with a -1 key is implemented
using mprotect, so it will work even if the kernel does not support the
pkey_mprotect system call.

The system call wrapers use unsigned int instead of unsigned long for
parameters, so that no special treatment for x32 is needed.  The flags
argument is currently unused, and the access rights bit mask is limited
to two bits by the current PKRU register layout anyway.

Reviewed-by: Adhemerval Zanella <adhemerval.zanella@linaro.org>
2017-12-05 15:20:35 +01:00
Florian Weimer
da616c1496 support/tst-test_compare: Fix 32-bit/64-bit expected output mismatch
The use of a long type resulted in test output differences between
32-bit and 64-bit architectures, causing the test to fail on 32-bit
architectures.
2017-12-05 15:08:59 +01:00
Florian Weimer
934855246d support: Add TEST_COMPARE macro 2017-12-04 20:56:08 +01:00
Christian Brauner
5f9d19490b
support_become_root: Fix comment style 2017-11-18 17:54:24 +01:00
Christian Brauner
ea69a5c874
support_become_root: Don't fail when /proc/<pid/setgroups is missing
The requirement to write "deny" to /proc/<pid>/setgroups for a given user
namespace before being able to write a gid mapping was introduced in Linux
3.19.  Before that this requirement including the file did not exist.
So don't fail when errno == ENOENT.
2017-11-18 16:23:01 +01:00
Florian Weimer
273a0c4983 support_enter_mount_namespace: Unshare with mount --make-rprivate
System defaults vary, and a mere unshare (CLONE_NEWNS) (which is part of
support_become_root) is no longer sufficient.

Reviewed-by: Christian Brauner <christian.brauner@ubuntu.com>
2017-11-18 14:30:20 +01:00
Florian Weimer
8adfb0eeff support_create_temp_directory: Align behavior with create_temp_file
create_temp_file automatically supplies the test directory and the
XXXXXX suffix.  support_create_temp_directory required the caller to
specify them, which was confusing.

Reviewed-by: Jonathan Nieder <jrnieder@gmail.com>
2017-11-18 14:11:09 +01:00
Florian Weimer
ce003e5d4c support_become_root: Enable file creation in user namespaces
Without UID/GID maps, file creation will file with EOVERFLOW.

This patch is based on DJ Delorie's work on container testing.

Reviewed-by: Jonathan Nieder <jrnieder@gmail.com>
2017-11-17 22:11:28 +01:00
Florian Weimer
cae87e64dc support: Add <support/next_to_fault.h>
Based on the implementation in resolv/tst-inet_pton.c.
2017-11-13 19:29:32 +01:00
Florian Weimer
1ffe1ccb6e support: Add xstrndup, xunlink, xreadlink, support_create_temp_directory 2017-11-12 09:53:06 +01:00
Florian Weimer
84d0e6f052 support_format_hostent: Add more error information for NETDB_INTERNAL 2017-10-05 12:20:19 +02:00
Samuel Thibault
5af1e931bf Revert "resolv_test.c: also cope with CONNREFUSED errors returned by recvfrom"
This reverts commit 6174537c24.
2017-09-25 20:47:51 +02:00
Samuel Thibault
6174537c24 resolv_test.c: also cope with CONNREFUSED errors returned by recvfrom
server_thread_udp_process_one already takes care of calling sendto()
instead of xsendto to be able to ignore the case where the client has
closed the socket.  Depending on the TCP/IP stack behavior, this error
could be notified later through recvfrom(), so we need to ignore it
there too.

* support/resolv_test.c (server_thread_udp_process_one): Call recvfrom
instead of xrecvfrom, and ignore ECONNREFUSED errors.
2017-09-25 01:11:43 +02:00
Paul Pluzhnikov
1cc9e59a93 Implement xdlopen, xdlsym and xdlclose routines which terminate test
program with appropriate message if the corresponding dlfcn.h routine
returns an error.

Use them in stdlib/tst-tls-atexit.c
2017-09-20 19:37:45 -07:00
Florian Weimer
65329bd233 support_chroot_create: Add support for /etc/hosts, /etc/host.conf 2017-09-01 08:58:07 +02:00
Carlos O'Donell
faf8c066df rwlock: Fix explicit hand-over (bug 21298)
Without this fix, the rwlock can fail to execute the explicit hand-over
in certain cases (e.g., empty critical sections that switch quickly between
read and write phases).  This can then lead to errors in how __wrphase_futex
is accessed, which in turn can lead to deadlocks.
2017-07-28 00:23:58 -04:00
Florian Weimer
cb3c27e87b support: Add resolver testing mode which does not patch _res 2017-07-05 19:04:40 +02:00
Florian Weimer
d4165eedf5 support: Add support_chroot_create and support_chroot_free 2017-07-05 19:04:40 +02:00
Florian Weimer
76637a921f support: Check isolation of loopback addresses in tst-support-namespace 2017-07-05 19:04:39 +02:00
Florian Weimer
5f17245d3e support: Report actual exit status in support_capture_subprocess_check 2017-06-30 11:30:48 +02:00
Florian Weimer
60149b2859 __inet_pton_length: Implement new internal helper function 2017-06-21 13:09:08 +02:00
Adhemerval Zanella
244361ebae support: Add optstring support
This patch adds an option to test to add small command line option
through CMDLINE_OPTSTRING define.  For instance:

  #define CMDLINE_OPTSTRING "vd"

  static void
  cmdline_process_function (int c)
  {
    switch (c):
      'v':
        /* process '-v' option.  */
      break;
      'd':
        /* process '-d' option.  */
      break;
  }
  #define CMDLINE_PROCESS cmdline_process_function

It will add both '-v' and '-d' along with already default long options.

	* support/support_test_main.c (support_test_main):  Use optstring
	member for option string in getopt_long.
	* support/test-driver.c: Add comment about CMDLINE_OPTSTRING.
	(CMDLINE_OPTSTRING): New define.
	* support/test-driver.h (test_config): Add optstring member.
2017-06-15 16:01:38 -03:00
Adhemerval Zanella
0edbf12301 nptl: Invert the mmap/mprotect logic on allocated stacks (BZ#18988)
Current allocate_stack logic for create stacks is to first mmap all
the required memory with the desirable memory and then mprotect the
guard area with PROT_NONE if required.  Although it works as expected,
it pessimizes the allocation because it requires the kernel to actually
increase commit charge (it counts against the available physical/swap
memory available for the system).

The only issue is to actually check this change since side-effects are
really Linux specific and to actually account them it would require a
kernel specific tests to parse the system wide information.  On the kernel
I checked /proc/self/statm does not show any meaningful difference for
vmm and/or rss before and after thread creation.  I could only see
really meaningful information checking on system wide /proc/meminfo
between thread creation: MemFree, MemAvailable, and Committed_AS shows
large difference without the patch.  I think trying to use these
kind of information on a testcase is fragile.

The BZ#18988 reports shows that the commit pages are easily seen with
mlockall (MCL_FUTURE) (with lock all pages that become mapped in the
process) however a more straighfoward testcase shows that pthread_create
could be faster using this patch:

--
static const int inner_count = 256;
static const int outer_count = 128;

static
void *thread1(void *arg)
{
  return NULL;
}

static
void *sleeper(void *arg)
{
  pthread_t ts[inner_count];
  for (int i = 0; i < inner_count; i++)
    pthread_create (&ts[i], &a, thread1, NULL);
  for (int i = 0; i < inner_count; i++)
    pthread_join (ts[i], NULL);

  return NULL;
}

int main(void)
{
  pthread_attr_init(&a);
  pthread_attr_setguardsize(&a, 1<<20);
  pthread_attr_setstacksize(&a, 1134592);

  pthread_t ts[outer_count];
  for (int i = 0; i < outer_count; i++)
    pthread_create(&ts[i], &a, sleeper, NULL);
  for (int i = 0; i < outer_count; i++)
    pthread_join(ts[i], NULL);
    assert(r == 0);
  }
  return 0;
}

--

On x86_64 (4.4.0-45-generic, gcc 5.4.0) running the small benchtests
I see:

$ time ./test

real	0m3.647s
user	0m0.080s
sys	0m11.836s

While with the patch I see:

$ time ./test

real	0m0.696s
user	0m0.040s
sys	0m1.152s

So I added a pthread_create benchtest (thread_create) which check
the thread creation latency.  As for the simple benchtests, I saw
improvements in thread creation on all architectures I tested the
change.

Checked on x86_64-linux-gnu, i686-linux-gnu, aarch64-linux-gnu,
arm-linux-gnueabihf, powerpc64le-linux-gnu, sparc64-linux-gnu,
and sparcv9-linux-gnu.

	[BZ #18988]
	* benchtests/thread_create-inputs: New file.
	* benchtests/thread_create-source.c: Likewise.
	* support/xpthread_attr_setguardsize.c: Likewise.
	* support/Makefile (libsupport-routines): Add
	xpthread_attr_setguardsize object.
	* support/xthread.h: Add xpthread_attr_setguardsize prototype.
	* benchtests/Makefile (bench-pthread): Add thread_create.
	* nptl/allocatestack.c (allocate_stack): Call mmap with PROT_NONE and
	then mprotect the required area.
2017-06-14 17:22:35 -03:00
Florian Weimer
48bd8cda09 support: Expose TEST_VERIFY_EXIT behavior to GCC optimizers
Previously, the implementation would conditionally exit based on the
status argument, which GCC did not know about.  This leads to
false uninitialized variable warnings when data is accessed after a
TEST_VERIFY_EXIT failure (from code which would never execute).
2017-06-09 14:08:13 +02:00
Florian Weimer
2714c5f3c9 resolv: Tests for various versions of res_init 2017-06-02 15:50:36 +02:00
Florian Weimer
91b6eb1140 Add internal facility for dynamic array handling
This is intended as a type-safe alternative to obstacks and
hand-written realloc constructs.  The implementation avoids
writing function pointers to the heap.
2017-06-02 11:59:28 +02:00
Florian Weimer
8ec69bb7ec support_format_addrinfo: Fix flags and canonname formatting
The address family splitting via format_ai_family made unpredictable
the place where the canonname field was printed.  This commit adjusts
the implementation so that the ai_flags is checked for consistency
across the list, and ai_canonname must only be present on the first
list element.

Tests for AI_CANONNAME are added to resolv/tst-resolv-basic.
2017-05-11 11:51:34 +02:00
Florian Weimer
c22553effb support: Prevent multiple deletion of temporary files
Otherwise, another user might recreate these files after the first
deletion.  Particularly with temporary directories, this could result
in the removal of unintended files through symbol link attacks.
2017-05-08 16:20:40 +02:00
Florian Weimer
706256afb6 support: Delete temporary files in LIFO order
This is required to remove temporary directories which contain
temporary files.  Previously, FIFO order meant that directory
removal was attempted when the directory still contained files,
which meant that temporary directory cleanup was essentially
unsupported.
2017-05-08 15:54:10 +02:00
Joseph Myers
9fe3c80c7c Fix sys/socket.h namespace issues from sys/uio.h inclusion (bug 21426).
sys/socket.h includes sys/uio.h to get the definition of the iovec
structure.

POSIX allows sys/socket.h to make all sys/uio.h symbols visible.
However, all of sys/uio.h is XSI-shaded, so for non-XSI POSIX this
results in conformtest failures (for sys/socket.h and other headers
that include it):

    Namespace violation: "UIO_MAXIOV"
    Namespace violation: "readv"
    Namespace violation: "writev"

Now, there is some ambiguity in POSIX about what namespace
reservations apply in this case - see
http://austingroupbugs.net/view.php?id=1127 - but glibc convention
would still avoid declaring readv and writev, for example, for feature
test macros that don't include them (if only headers from the relevant
standard are included), even if such declarations are permitted, so
there is a bug here according to glibc conventions.

This patch moves the struct iovec definition to a new
bits/types/struct_iovec.h header and includes that from sys/socket.h
instead of including the whole of sys/uio.h.  This fixes the namespace
issue; however, three files in glibc that were relying on the implicit
inclusion needed to be updated to include sys/uio.h explicitly.  So
there is a question of whether sys/socket.h should continue to include
sys/uio.h under some conditions, such as __USE_XOPEN or __USE_MISC or
__USE_XOPEN || __USE_MISC, for greater compatibility with code that
(wrongly) expects this optional inclusion to be present there.  (I
think the three affected files in glibc should still have explicit
sys/uio.h inclusions added in any case, however.)

Tested for x86_64.

	[BZ #21426]
	* misc/bits/types/struct_iovec.h: New file.
	* misc/Makefile (headers): Add bits/types/struct_iovec.h.
	* include/bits/types/struct_iovec.h: New file.
	* bits/uio.h (struct iovec): Replace by inclusion of
	<bits/types/struct_iovec.h>.
	* sysdeps/unix/sysv/linux/bits/uio.h (struct iovec): Likewise.
	* socket/sys/socket.h: Include <bits/types/struct_iovec.h> instead
	of <sys/uio.h>.
	* nptl/tst-cancel4.c: Include <sys/uio.h>
	* posix/test-errno.c: Likewise.
	* support/resolv_test.c: Likewise.
	* conform/Makefile (test-xfail-POSIX2008/arpa/inet.h/conform):
	Remove.
	(test-xfail-POSIX2008/netdb.h/conform): Likewise.
	(test-xfail-POSIX2008/netinet/in.h/conform): Likewise.
	(test-xfail-POSIX2008/sys/socket.h/conform): Likewise.
2017-04-25 17:52:47 +00:00
Florian Weimer
e92030239a Assume that accept4 is always available and works
Simplify the Linux accept4 implementation based on the assumption
that it is available in some way.  __ASSUME_ACCEPT4_SOCKETCALL was
previously unused, so remove it.

For ia64, the accept4 system call (and socket call) were backported
in kernel version 3.2.18.  Reflect this in the installation
instructions.
2017-04-19 07:44:48 +02:00
Florian Weimer
e14a27723c resolv: Reduce EDNS payload size to 1200 bytes [BZ #21361]
This hardens the stub resolver against fragmentation-based attacks.
2017-04-13 13:09:38 +02:00
Zack Weinberg
b9e8c90875 Another round of inclusion fixes for _ISOMAC testsuite.
* stdio-common/bug25.c: Include stdlib.h.
	* support/tst-support_format_dns_packet.c: Include stdio.h,
	stdlib.h, and string.h.
	* support/tst-support_record_failure.c: Include string.h.
	* support/tst-support_record_failure-2.sh: Adjust line number
	expectations and correct a typo in an error message.
2017-03-22 08:44:32 -04:00
Florian Weimer
2bda2d820d support: Explain ignored failures of temporary file removal [BZ #21243] 2017-03-15 13:33:40 +01:00
Florian Weimer
ed3ea040ba support: Add error checking to close system calls [BZ #21244] 2017-03-15 13:33:40 +01:00
Florian Weimer
f889e73f60 support_format_dns_packet: Fix CNAME and multiple RR handling
Before this change, the loop iterating over RRs in the answer
section stopped at the first CNAME record, never printing them.
The CNAME and PTR record contents was extracted from the wrong
buffer (whole packet instead RDATA).  This desynced the parsing
after the first CNAME or PTR record.

Also fix the AAAA record parsing by checking their sizes.
2017-03-15 13:33:40 +01:00
Carlos O'Donell
f8bf15febc Bug 20116: Fix use after free in pthread_create()
The commit documents the ownership rules around 'struct pthread' and
when a thread can read or write to the descriptor. With those ownership
rules in place it becomes obvious that pd->stopped_start should not be
touched in several of the paths during thread startup, particularly so
for detached threads. In the case of detached threads, between the time
the thread is created by the OS kernel and the creating thread checks
pd->stopped_start, the detached thread might have already exited and the
memory for pd unmapped. As a regression test we add a simple test which
exercises this exact case by quickly creating detached threads with
large enough stacks to ensure the thread stack cache is bypassed and the
stacks are unmapped. Before the fix the testcase segfaults, after the
fix it works correctly and completes without issue.

For a detailed discussion see:
https://www.sourceware.org/ml/libc-alpha/2017-01/msg00505.html
2017-01-28 19:21:44 -05:00
Florian Weimer
faf0e9c841 nptl: Add tst-robust-fork 2017-01-27 06:53:20 +01:00
Florian Weimer
73dfd08893 support: struct netent portability fix for support_format_netent 2017-01-01 09:35:45 +01:00
Florian Weimer
8e2c31b57f support: Use %td for pointer difference in xwrite 2017-01-01 09:27:54 +01:00