The personality system call, starting with linux kernel commit
v2.6.29-6609-g11d06b2a1e5658f448a308aa3beb97bacd64a940, always
successfully changes the personality if requested. The syscall
wrapper, however, still can return an error in the following cases:
- the value returned by the system call looks like an error
due to architecture limitations of 32-bit kernels;
- a personality greater than 0xffffffff is passed to the system call,
and the 64-bit kernel does not have commit
v2.6.35-rc1-372-g485d527686850d68a0e9006dd9904f19f122485e
that would truncate this value to unsigned int;
- on sparc64, the value returned by the system call looks like an error
due to sparc64 kernel sign extension bug.
The solution is three-fold:
- move generic syscalls.list personality entry to generic 64-bit
syscalls.list file;
- for each 32-bit architecture that use negated errno semantics,
add a NOERRNO personality entry to their syscalls.list file;
- for sparc64 and 32-bit architectures that use dedicated registers
to flag syscall errors, add a wrapper around personality syscall;
if the system call return value is flagged as an error, this wrapper
returns the negated "would be errno" value, otherwise it returns
the system call return value; on sparc64, it also truncates the
personality argument to unsigned int before passing it to the kernel.
[BZ #19408]
* sysdeps/unix/sysv/linux/personality.c: New file.
* sysdeps/unix/sysv/linux/sparc/sparc64/personality.c: Likewise.
* sysdeps/unix/sysv/linux/tst-personality.c: Likewise.
* sysdeps/unix/sysv/linux/Makefile [$(subdir) == misc]
(sysdep_routines): Add personality.
(tests): Add tst-personality.
* sysdeps/unix/sysv/linux/syscalls.list (personality): Move ...
* sysdeps/unix/sysv/linux/wordsize-64/syscalls.list: ... here.
* sysdeps/unix/sysv/linux/arm/syscalls.list (personality): New entry.
* sysdeps/unix/sysv/linux/hppa/syscalls.list (personality): Likewise.
* sysdeps/unix/sysv/linux/i386/syscalls.list (personality): Likewise.
* sysdeps/unix/sysv/linux/m68k/syscalls.list (personality): Likewise.
* sysdeps/unix/sysv/linux/microblaze/syscalls.list (personality):
Likewise.
* sysdeps/unix/sysv/linux/mips/mips64/n32/syscalls.list (personality):
Likewise.
* sysdeps/unix/sysv/linux/s390/s390-32/syscalls.list (personality):
Likewise.
* sysdeps/unix/sysv/linux/sh/syscalls.list (personality): Likewise.
* sysdeps/unix/sysv/linux/x86_64/x32/syscalls.list (personality):
Likewise.
Since GLIBC requires a minimum 2.6.32 kernel, the sysctl (CTL_BUS,
CTL_BUS_ISA, ISA_*) is always available. We can therefore remove the
fallback code reading /etc/arm_systype or parsing /proc/cpuinfo.
Remove fscanf from localplt.data as it is no longer called from within
GLIBC.
* sysdeps/unix/sysv/linux/arm/ioperm.c: Do not include <string.h>.
(PATH_ARM_SYSTYPE): Remove.
(PATH_CPUINFO): Likewise.
(IO_BASE_FOOTBRIDGE): Likewise.
(IO_SHIFT_FOOTBRIDGE): Likewise.
(struct platform): Likewise.
(init_iosys): Remove compatibility code for 2.4 kernels.
* sysdeps/unix/sysv/linux/arm/localplt.data: Remove fscanf.
This test case exercises unusual code paths in allocation functions,
related to allocation failures. Specifically, the test can reveal
the following bugs:
(a) calloc returns non-zero memory on fallback to sysmalloc.
(b) calloc can self-deadlock because it fails to release
the arena lock on certain allocation failures.
(c) pvalloc can dereference a NULL arena pointer.
(a) and (b) appear specific to a faulty downstream backport.
(c) was fixed as part of commit 10ad46bc65.
The test for (a) was inspired by a reproducer supplied by Jeff Layton.
The only official source is the "Official spelling dictionary of the
Bulgarian language, Prosveta 2012", which states there are three ways
to separate time components: comma, colon and dot. That same dictionary
doesn't say which one is preferred.
So I turned to the mailing list of the translators of free software in
Bulgarian. The consensus is that colon is the only separator that is
widely used in Bulgarian texts and everything else will just be confusing.
URL: http://lists.ludost.net/pipermail/dict/2015-December/000538.html
Resetting defdname (default domain name) before use in __res_vinit
ensures that the default domain name is correctly set to a default
value when it is not set by the LOCALDOMAIN environment variable or
the "domain" or "search" parameters in resolv.conf
Tested using the steps from:
https://sourceware.org/bugzilla/show_bug.cgi?id=19369
The attached patch fixes BZ #19270 and the Debian gmt package now builds
successfully. Aside from the comment, the define of __NO_LONG_DOUBLE_MATH
is similar to that in the generic version of glibc.
Build tested on hppa-unknown-linux-gnu with no observed regressions.
POSIX and C++11 require that a thread can destroy a mutex if no other
thread owns the mutex, is blocked on the mutex, or will try to acquire
it in the future. After destroying the mutex, it can reuse or unmap the
underlying memory. Thus, we must not access a mutex' memory after
releasing it. Currently, we can load the private flag after releasing
the mutex, which is fixed by this patch.
See https://sourceware.org/bugzilla/show_bug.cgi?id=13690 for more
background.
We need to call futex_wake on the lock after releasing it, however. This
is by design, and can lead to spurious wake-ups on unrelated futex words
(e.g., when the mutex memory is reused for another mutex). This behavior
is documented in the glibc-internal futex API and in recent drafts of the
Linux kernel's futex documentation (see the draft_futex branch of
git://git.kernel.org/pub/scm/docs/man-pages/man-pages.git).
Commit 67385a01d2 added a new feature for
powerpc, where we store HWCAP/Platform bits in the TCB. In the dynamic
linking case, we use the versioned symbol
'__parse_hwcap_and_convert_at_platform' to verify if this feature is
available. However, the same symbol was not exported to libc.a, making
it not possible for GCC to check for it prior to link time.
This fixes build when _IO_funlockfile is a macro, fixes build where
_IO_acquire_lock_clear_flags2 is used, and fixes unlocking on unexpected
stack unwind.
* sysdeps/generic/stdio-lock.h [__EXCEPTIONS] (_IO_acquire_lock,
_IO_release_lock ): Use cleanup attribute on new
_IO_acquire_lock_file variable instead of assuming that
_IO_release_lock will be called.
[!__EXCEPTIONS] (_IO_acquire_lock): Define to non-existing
_IO_acquire_lock_needs_exceptions_enabled.
(_IO_acquire_lock_clear_flags2): New macro.
* malloc/arena.c (list_lock): Document lock ordering requirements.
(free_list_lock): New lock.
(ptmalloc_lock_all): Comment on free_list_lock.
(ptmalloc_unlock_all2): Reinitialize free_list_lock.
(detach_arena): Update comment. free_list_lock is now needed.
(_int_new_arena): Use free_list_lock around detach_arena call.
Acquire arena lock after list_lock. Add comment, including FIXME
about incorrect synchronization.
(get_free_list): Switch to free_list_lock.
(reused_arena): Acquire free_list_lock around detach_arena call
and attached threads counter update. Add two FIXMEs about
incorrect synchronization.
(arena_thread_freeres): Switch to free_list_lock.
* malloc/malloc.c (struct malloc_state): Update comments to
mention free_list_lock.
Like the previous change, exploit the fact that computation for sin
and cos is identical except that it is apart by a quadrant. Also
remove csloww, csloww1 and csloww2 since they can easily be expressed
in terms of sloww, sloww1 and sloww2.
The sin and cos computation for this range of input is identical
except for a difference in quadrants by 1. Exploit that fact and the
common argument reduction to reduce computations for sincos.
Range reduction needs to be done only once for sin and cos, so copy
over all of the relevant functions (__sin, __cos, reduce_and_compute)
and consolidate common code.
The i386 ULPs are actually the i686/multiarch ones. The i686/multiarch
float ULPs are more precise as the SSE2 version (when available) uses
double for the cosf and sinf functions.
On the other hand the higher precision of the x86 FPU improves the
precision for a few other math functions.
* sysdeps/i386/fpu/libm-test-ulps: Move to ....
* sysdeps/i386/i686/multiarch/fpu/libm-test-ulps: ...here.
* sysdeps/i386/fpu/libm-test-ulps: Regenerate.
It shows improvement up to 28% over AVX2 memset (performance results
attached at <https://sourceware.org/ml/libc-alpha/2015-12/msg00052.html>).
* sysdeps/x86_64/multiarch/memset-avx512-no-vzeroupper.S: New file.
* sysdeps/x86_64/multiarch/Makefile (sysdep_routines): Added new file.
* sysdeps/x86_64/multiarch/ifunc-impl-list.c: Added new tests.
* sysdeps/x86_64/multiarch/memset.S: Added new IFUNC branch.
* sysdeps/x86_64/multiarch/memset_chk.S: Likewise.
* sysdeps/x86/cpu-features.h (bit_Prefer_No_VZEROUPPER,
index_Prefer_No_VZEROUPPER): New.
* sysdeps/x86/cpu-features.c (init_cpu_features): Set the
Prefer_No_VZEROUPPER for Knights Landing.
This patch fixes the SYSCALL_CANCEL macro for usage with zero argument
number (for instance SYSCALL_CANCEL (pause)) using a similar approach
used for SOCKETCALL_CANCEL.
GLIBC build still does not hit this issue still since SYSCALL_CANCEL
is not currently being used for zero arguments calls.
Tested on i386, x86_64, powerpc64le, aarch64.
* sysdeps/unix/sysdep.h (SYSCALL_CANCEL): Fix macro for zero argument
syscalls.
(__SYSCALL0): New macro.
(__SYSCALL1): Likewise.
(__SYSCALL2): Likewise.
(__SYSCALL3): Likewise.
(__SYSCALL4): Likewise.
(__SYSCALL5): Likewise.
(__SYSCALL6): Likewise.
(__SYSCALL7): Likewise.
(__SYSCALL_CONCAT_X): Likewise.
(__SYSCALL_CONCAT): Likewise.
(__SYSCALL_DIST): Likewise.
(__SYSCALL_CALL): Likewise.
Since times returns 64-bit clock_t on x32, we need to provide x32 times
by redefining INTERNAL_SYSCALL_NCS and INTERNAL_SYSCALL_ERROR_P with
64-bit return type for syscall. All system calls returning 64-bit
integer, which are lseek, time and times, must be handled specially for
x32. lseek is handled by x32 lseek.S and time doesn't check syscall
return. times is the only missed one. Before this patch, there are
0000000 <__times>:
0: b8 64 00 00 40 mov $0x40000064,%eax
5: 0f 05 syscall
7: 48 63 d0 movslq %eax,%rdx
^^^^^^^^^^ Incorrect signed extension
a: 48 83 fa f2 cmp $0xfffffffffffffff2,%rdx
e: 75 07 jne 17 <__times+0x17>
10: 3d 00 f0 ff ff cmp $0xfffff000,%eax
^^^^^^^^^^^^^^^^^^^^^ 32-bit compare
15: 77 11 ja 28 <__times+0x28>
17: 48 83 fa ff cmp $0xffffffffffffffff,%rdx
1b: b8 00 00 00 00 mov $0x0,%eax
20: 48 0f 45 c2 cmovne %rdx,%rax
24: c3 retq
After this patch, there are
00000000 <__times>:
0: b8 64 00 00 40 mov $0x40000064,%eax
5: 0f 05 syscall
7: 48 83 f8 f2 cmp $0xfffffffffffffff2,%rax
b: 75 08 jne 15 <__times+0x15>
d: 48 3d 00 f0 ff ff cmp $0xfffffffffffff000,%rax
13: 77 13 ja 28 <__times+0x28>
15: 48 83 f8 ff cmp $0xffffffffffffffff,%rax
19: ba 00 00 00 00 mov $0x0,%edx
1e: 48 0f 44 c2 cmove %rdx,%rax
22: c3 retq
The incorrect signed extension and 32-bit compare are gone.
[BZ #19363]
* sysdeps/unix/sysv/linux/x86_64/x32/times.c: New file.
The optimized POWER7 logb implementation does not use the absolute
value of the word extracted from the input to apply the leading 0-bits
builtin (to ignore the float sign). This patch fixes it by
clearing the signal bit in the resulting word.
It fixes the subnormal tests failures when running on POWER7 ou
newer chip.
Tested on powerpc64le (POWER8).
[BZ# 19375]
* sysdeps/powerpc/power7/fpu/s_logb.c (__logb): Fix return for
negative subnormals.
X86-64 system calls use a different calling convention, which clobbers
CC, %r11 an %rcx registers. Define REGISTERS_CLOBBERED_BY_SYSCALL for
x86-64 inline asm statements.
* sysdeps/unix/sysv/linux/x86_64/sysdep.h
(REGISTERS_CLOBBERED_BY_SYSCALL): New.
(INTERNAL_SYSCALL_NCS): Use it.
(INTERNAL_SYSCALL_NCS_TYPES): Likewise.
reused_arena can increase the attached thread count of arenas on the
free list. This means that the assertion that the reference count is
zero is incorrect. In this case, the reference count initialization
is incorrect as well and could cause arenas to be put on the free
list too early (while they still have attached threads).
* malloc/arena.c (get_free_list): Remove assert and adjust
reference count handling. Add comment about reused_arena
interaction.
(reused_arena): Add comments abount get_free_list interaction.
* malloc/tst-malloc-thread-exit.c: New file.
* malloc/Makefile (tests): Add tst-malloc-thread-exit.
(tst-malloc-thread-exit): Link against libpthread.
According to Silvermont software optimization guide, for 64-bit
applications, branch prediction performance can be negatively impacted
when the target of a branch is more than 4GB away from the branch. Add
the Prefer_MAP_32BIT_EXEC bit so that mmap will try to map executable
pages with MAP_32BIT first. NB: MAP_32BIT will map to lower 2GB, not
lower 4GB, address. Prefer_MAP_32BIT_EXEC reduces bits available for
address space layout randomization (ASLR), which is always disabled for
SUID programs and can only be enabled by setting environment variable,
LD_PREFER_MAP_32BIT_EXEC.
On Fedora 23, this patch speeds up GCC 5 testsuite by 3% on Silvermont.
[BZ #19367]
* sysdeps/unix/sysv/linux/wordsize-64/mmap.c: New file.
* sysdeps/unix/sysv/linux/x86_64/64/dl-librecon.h: Likewise.
* sysdeps/unix/sysv/linux/x86_64/64/mmap.c: Likewise.
* sysdeps/x86/cpu-features.h (bit_Prefer_MAP_32BIT_EXEC): New.
(index_Prefer_MAP_32BIT_EXEC): Likewise.
Knights Landing processor is based on Silvermont. This patch enables
Silvermont optimizations for Knights Landing.
* sysdeps/x86/cpu-features.c (init_cpu_features): Enable
Silvermont optimizations for Knights Landing.
Various Linux kernel syscalls have become obsolete over time.
Specifically, the following are obsolete in all kernel versions
supported by glibc, are not present for architectures more recently
added to the kernel, and as such, the wrapper functions for them
should be compat symbols, not in static libc and not available for new
links with shared libc.
* bdflush: in Linux 2.6, does nothing if present.
* create_module get_kernel_syms query_module: Linux 2.4 module
interface, syscalls not present in Linux 2.6.
* uselib: part of the mechanism for loading a.out shared libraries,
irrelevant with ELF.
This patch adds support for syscalls.list to list syscall aliases of
the form NAME@VERSION:OBSOLETED, with SHLIB_COMPAT conditionals being
generated for such aliases. Those five syscalls are then made into
compat symbols (obsoleted in glibc 2.23, so future ports won't have
these symbols at all), with the header <sys/kdaemon.h> declaring
bdflush being removed. When we move to 3.2 as minimum kernel version,
the same can be done for nfsservctl (removed in Linux 3.1) as well.
Tested for x86_64 and x86 (testsuite, as well as checking that the
symbols in question indeed become compat symbols, that they are indeed
omitted from static libc, and that the generated SHLIB_COMPAT
conditionals look right).
[BZ #18472]
* sysdeps/unix/Makefile ($(objpfx)stub-syscalls.c): Handle entries
for the form NAME@VERSION:OBSOLETED and generate SHLIB_COMPAT
conditionals for them.
* sysdeps/unix/make-syscalls.sh (emit_weak_aliases): Likewise.
* sysdeps/unix/sysv/linux/sys/kdaemon.h: Remove file.
* sysdeps/unix/sysv/linux/Makefile (sysdep_headers): Remove
sys/kdaemon.h.
* sysdeps/unix/sysv/linux/syscalls.list (bdflush): Make into
compat-only syscall, obsoleted in glibc 2.23.
(create_module): Likewise.
(get_kernel_syms): Likewise.
(query_module): Likewise.
(uselib): Likewise.
* manual/sysinfo.texi (System Parameters): Do not mention bdflush.
This patch makes the automation of Unicode LC_CTYPE generation also
support generating the modified LC_CTYPE used for Turkish (where case
conversions of 'i' and 'I' differ from ASCII conventions), so allowing
that to be more readily kept in sync for future Unicode updates. The
patch includes the locale update generated by the scripts.
Tested for x86_64.
[BZ #18491]
* unicode-gen/unicode_utils.py (to_upper_turkish): New function.
(to_lower_turkish): Likewise.
* unicode-gen/gen_unicode_ctype.py (output_tables): Support
producing output with Turkish case conversions.
(--turkish): New command-line option.
* unicode-gen/Makefile (GENERATED): Add tr_TR.
(tr_TR): New rule.
* locales/tr_TR: Regenerate LC_CTYPE.
According to POSIX the grantpt() function does the following:
The grantpt() function shall change the mode and ownership of the
slave pseudo-terminal device associated with its master
pseudo-terminal counterpart. The fildes argument is a file descriptor
that refers to a master pseudo-terminal device. The user ID of the
slave shall be set to the real UID of the calling process and the
group ID shall be set to an unspecified group ID. The permission
mode of the slave pseudo-terminal shall be set to readable and
writable by the owner, and writable by the group.
Historically the GNU libc has been responsible to setup the permission
mode to 0620 and the group to 'tty' usually number 5, using the pt_chown
helper, badly known for its security issues. With the creation of the
devpts filesytem in the Linux kernel, this responsibility has been moved
to the Linux kernel. The system is responsible to mount the devpts
filesystem in /dev/pts with the options gid=5 and mode=0620. In that
case the GNU libc has nothing to do and pt_chown is not need anymore. So
far so good.
The problem is that by default the devpts filesystem is shared between
all mounts, and that contrary to other filesystem, the mount options are
honored at the second mount, including for the default mount options.
Given it corresponds to mode=0600 without gid parameter (that is the
filesystem GID of the creating process), it's common to see systems
where the devpts filesystem is mounted using these options. It is enough
to run a "mount -t devpts devpts /mychroot/dev/pts" to come into this
situation, and it's unfortunately wrongly used in a lot of scripts
dealing with chroots, or for creating virtual machines images.
When this happens the GNU libc tries to fix the group and permission
mode of the pty nodes, and given it fails to do so for non-root users,
grantpt() almost always fail. It means users are not able to open new
terminals.
This patch changes grantpt() to not enforce this anymore, while still
enforcing minimum security measures to the permission mode. Therefore
the responsibility to follow POSIX is now shared at the system level,
i.e. kernel + system scripts + GNU libc. It stops trying to change the
group, and makes the pty node readable and writable by the owner, and
writable by the group only when originally writable and when the group
is the tty one.
As a result, on a system wrongly mounted with gid=0 and mode=0600, the
pty nodes won't be accessible by the tty group, but the grantpt()
function will succeed and users will have a working system. The system
is not fully POSIX compliant (which might be an admin choice to default
to "mesg n" mode), but the GNU libc is not to blame here, as without the
pt_chown helper it can't do anything.
With this patch there should not be any reason left to build the GNU
libc with the --enable-pt_chown configure option on a GNU/Linux system.
* manual/examples/strncat.c: Remove.
This example was misleading, as the code would have undefined
behavior if "hello" was longer than SIZE. Anyway, the manual
shouldn't encourage strncpy+strncat for this sort of thing.
* manual/string.texi (Copying Strings and Arrays): Split into
three sections Copying Strings and Arrays, Concatenating Strings,
and Truncating Strings, as this section was way too long. All
cross-referenced changed. Add advice about string-truncation
functions. Remove misleading strncat example.
NSS modules which can run in disconnected modes should
return NSS_STATUS_NOTFOUND and SUCCESS in order to follow
best practice for such modules and ensure user applications
can have these modules configured without causing problems
if the data sources are not connected.
Update __STDC_ISO_10646__ to 201505L for Unicode 8.0.0.
Update character encoding, ctype, and transliteration tables.
New scripts autogenerate transliteration tables.
- Remove duplicate transliterations for U+0152 and U+0153 from
C-translit.h.in.
- Change Ö U+00D6 LATIN CAPITAL LETTER O WITH STROKE → O
(instead of → OE)
- Change ö U+00F6 LATIN SMALL LETTER O WITH STROKE → o
(instead of → oe)
- Add ₹ U+20B9 INDIAN RUPEE SIGN → INR
- Add ₫ U+20AB DONG SIGN → Dong (in addition to "₫ → Đồng")
- Add many others from
http://unicode.org/cldr/trac/browser/trunk/common/transforms/Latin-ASCII.xml
- Add some more currency signs suggested by Marko Myllynen
- Add another patch with more characters by Marko Myllynen
The ldbl-128ibm implementation of logl is inaccurate for arguments
near 1, because when deciding whether to bypass a series expansion for
log(1+z), where z = x-1, it compares the square of z rather than z
itself with an epsilon value. This patch fixes that comparison, so
eliminating the test failures for inaccuracy of logl in such cases.
Tested for powerpc.
[BZ #19351]
* sysdeps/ieee754/ldbl-128ibm/e_logl.c (__ieee754_logl): When
expanding log(1+z), compare z rather than its square with epsilon
to determine when to avoid evaluating the expansion.
The ldbl-128ibm implementation of sinhl uses a slightly too small
overflow threshold (similar to bug 16407 for coshl). This patch fixes
it to use a safe threshold (so that values whose high part is above
the value compared with definitely result in an overflow in all
rounding modes).
Tested for powerpc.
[BZ #19350]
* sysdeps/ieee754/ldbl-128ibm/e_sinhl.c (__ieee754_sinhl):
Increase overflow threshold.