The commit documents the ownership rules around 'struct pthread' and
when a thread can read or write to the descriptor. With those ownership
rules in place it becomes obvious that pd->stopped_start should not be
touched in several of the paths during thread startup, particularly so
for detached threads. In the case of detached threads, between the time
the thread is created by the OS kernel and the creating thread checks
pd->stopped_start, the detached thread might have already exited and the
memory for pd unmapped. As a regression test we add a simple test which
exercises this exact case by quickly creating detached threads with
large enough stacks to ensure the thread stack cache is bypassed and the
stacks are unmapped. Before the fix the testcase segfaults, after the
fix it works correctly and completes without issue.
For a detailed discussion see:
https://www.sourceware.org/ml/libc-alpha/2017-01/msg00505.html
The problem is basically that sys/ucontext.h is defining R0..R15
which happens to conflict with some packages like Firefox when
trying to build on SH.
The very same problem existed on arm back then [1] and it was fixed by
renaming R0..R15 to REG_R0..REG_R15. This patch imploy a similar
strategy for SH.
Checked on sh4-linux-gnu with run-built-tests=no and I also got reports
that it fixes Firefox build on Debian sh4.
* sysdeps/unix/sysv/linux/sh/sh3/ucontext_i.sym: Use new REG_R*
constants instead of the old R* ones.
* sysdeps/unix/sysv/linux/sh/sh4/ucontext_i.sym: Likewise.
* sysdeps/unix/sysv/linux/sh/sys/ucontext.h (NGPREG): Rename...
(NGREG): ... to this, to fit in with other architectures.
(gpregset_t): Use new NGREG macro.
[__USE_GNU]: Remove condition; all architectures other than tile
are unconditional.
(R*): Rename to REG_R*.
(tunable_set_val_if_valid_range_signed) ... this, and ...
(tunable_set_val_if_valid_range_unsigned) ... this.
(tunable_initialize): Call the correct one of the above based on type.
I noticed that some libm-test-ulps files still had long-obsolete
entries for *_tonearest functions, which will no longer be used since
functions with FE_TONEAREST explicitly set aren't tested separately
from those functions with it as the default rounding mode any more.
This patch removes those obsolete entries. However, as they are a
sign of libm-test-ulps not having been regenerated from scratch for a
long time, I strongly advise people testing on those platforms to
remove / truncate the libm-test-ulps file, run "make regen-ulps" and
commit the regenerated-from-scratch file. (Ideally any failures of
libm tests still present after regeneration would be investigated /
fixed - there are several open "math" bugs spread across these
platforms - but simply regenerating from scratch improves things.)
* sysdeps/hppa/fpu/libm-test-ulps: Remove *_tonearest entries.
* sysdeps/ia64/fpu/libm-test-ulps: Likewise.
* sysdeps/m68k/m680x0/fpu/libm-test-ulps: Likewise.
* sysdeps/microblaze/libm-test-ulps: Likewise.
* sysdeps/sh/libm-test-ulps: Likewise.
This patch updates math/README.libm-test to have a more complete and
up-to-date list of the characters used in TEST_* macros to indicate
the types of function inputs and outputs.
* math/README.libm-test: Update list of characters for input and
output types.
This fixes the mutex pretty printer so that, if the owner ID isn't recorded
(such as in the current lock elision implementation), "Owner ID" will be shown
as "Unknown" instead of 0. It also changes the mutex printer output so that it
says "Acquired" instead of "Locked". The mutex tests are updated accordingly.
In addition, this adds a paragraph to the "Known issues" section of the
printers README explaining that the printer output isn't guaranteed to cover
every detail.
2017-01-14 Martin Galvan <martingalvan@sourceware.org>
* README.pretty-printers (Known issues): Warn about printers not
always covering everything.
* nptl/nptl-printers.py (MutexPrinter): Change output.
* nptl/test-mutex-printers.py: Fix test and adapt to changed output.
This patch adjusts s390 specific lock elision code after review
of the following patches:
-S390: Use own tbegin macro instead of __builtin_tbegin.
(8bfc4a2ab4)
-S390: Use new __libc_tbegin_retry macro in elision-lock.c.
(53c5c3d5ac)
-S390: Optimize lock-elision by decrementing adapt_count at unlock.
(dd037fb3df)
The futex value is not tested before starting a transaction,
__glibc_likely is used instead of __builtin_expect and comments
are adjusted.
ChangeLog:
* sysdeps/unix/sysv/linux/s390/htm.h: Adjust comments.
* sysdeps/unix/sysv/linux/s390/elision-unlock.c: Likewise.
* sysdeps/unix/sysv/linux/s390/elision-lock.c: Adjust comments.
(__lll_lock_elision): Do not test futex before starting a
transaction. Use __glibc_likely instead of __builtin_expect.
* sysdeps/unix/sysv/linux/s390/elision-trylock.c: Adjust comments.
(__lll_trylock_elision): Do not test futex before starting a
transaction. Use __glibc_likely instead of __builtin_expect.
Add a convenience target for maintainers to download and incorporate
translation updates from translations.org. Invoke as follows:
make -r PARALLELMFLAGS="" -C ../po objdir=`pwd` update-translations
similar to generating libc.pot.
* po/Makefile (update-translations): New target.
MicroBlaze had clock_* functions exported from librt in glibc 2.18 and
2.19, as confirmed in
<https://sourceware.org/ml/libc-alpha/2017-01/msg00369.html>, and they
then disappeared in 2.20, presumably as a result of the fix
<https://sourceware.org/ml/libc-alpha/2014-02/msg00598.html> for a
Versions.def bug that had resulted in their unintended inclusion in
2.18 (followed by removal of the Versions.def mechanism that allowed
such bugs).
As they were released in that library, they should be considered part
of the GLIBC_2.18 ABI and so restored for the sake of any binaries
that expect them in that library. This patch restores them by adding
a MicroBlaze version of clock-compat.c that overrides SHLIB_COMPAT.
Tested (compilation only) with build-many-glibcs.py (where this fixes
the librt ABI test failure; elf/check-execstack still fails and still
needs architecture maintainer attention to fix it or XFAIL it with an
appropriate explanatory comment).
[BZ #21061]
* sysdeps/unix/sysv/linux/microblaze/clock-compat.c: New file.
The condition when the value of an envvar is empty (not just '\0'),
the loop in tunables_init gets stuck infinitely because envp is not
incremented. Fix that by always incrementing envp in the loop.
Added test case (tst-empty-env.c) verifies the fix when the source is
configured with --enable-hardcoded-path-in-tests, thanks Josh Stone for
providing the test case. Verified on x86_64.
* elf/dl-tunables (get_next_env): Always advance envp.
* stdlib/tst-empty-env.c: New test case.
* stdlib/Makefile (tests): Use it.
Bug 21047 reports that the clang assembler disallows the ARM
implementations of _FPU_GETCW and _FPU_SETCW.
These are deliberately written the way they are, using generic
coprocessor instructions (from the days when VFP was just one possible
coprocessor for ARM) that have the right encodings, to handle the case
of the instructions being used runtime-conditionally inside glibc,
where use of these macros is not meant to result in either the
assembler requiring VFP to be enabled at assembly time or in it
marking the object as using VFP. However, more recent ARM ARM
versions have restricted the definitions of the coprocessor
instructions and reportedly the clang assembler follows that in
disallowing those names for VFP instructions.
In the non-__SOFTFP__ case - which in fact is the only case where
these macro definitions can be used outside the build of glibc itself
- using VFP instruction names is of course fine, since we know that
VFP is enabled for that compilation. Thus, this patch uses the
current VFP names for these instructions in that case to improve
compatibility for this header file.
Tested for hard-float and soft-float builds of glibc, including that
installed stripped shared libraries are unchanged by the patch.
[BZ #21047]
* sysdeps/arm/fpu_control.h [!__SOFTFP__] (_FPU_GETCW): Use VFP
name for instruction.
[!__SOFTFP__] (_FPU_SETCW): Likewise.
A recent build-many-glibcs.py build
<https://sourceware.org/ml/libc-testresults/2017-q1/msg00067.html> ran
into what proves to be an old known bug
<https://gcc.gnu.org/bugzilla/show_bug.cgi?id=42980> with parallel
install of GCC (one which as discussed there might require automake
changes to fix). This patch makes build-many-glibcs.py avoid such
intermittent failures from parallel install by using -j1 for GCC make
install (the code in question also applies to binutils make install,
but it doesn't seem worth trying to avoid -j1 there; the builds and
installs of different toolchains are still fully parallel with each
other, this is only about the case when there are few enough of those
that multiple jobs can get used within a single make install).
* scripts/build-many-glibcs.py (Config.build_cross_tool): Use -j1
for make install.
On s390x this test failed with:
FAIL: explicit clear/test: expected 0 got 1
In setup_explicit_clear, the buffer is filled with the test_pattern.
On s390x the memcpy in prepare_test_buffer is done by loading
r4 / r5 with the test_pattern and using store multiple instruction
to store r4 / r5 to buf.
If explicit_bzero is resolved in setup_explicit_clear, r4 / r5 is
stored to stack by _dl_runtime_resolve and the call to memmem in
count_test_patterns finds a hit of the test_pattern on the stack.
This patch resolves all symbols at program startup by linking with
-z now. This omits the call of _dl_runtime_resolve within
setup_explicit_clear and the test passes.
ChangeLog:
[BZ #21006]
* string/Makefile (LDFLAGS-tst-xbzero-opt): New variable.
The soft-float powerpc version of swapcontext does not restore the
signal mask, resulting in stdlib/tst-setcontext2 failing:
after getcontext
after setcontext
after swapcontext
FAIL: SIGUSR2 is blocked after swapcontext.
This patch fixes this by adjusting the arguments passed to
__sigprocmask so that it restores the saved signal mask as well as
saving the existing one. (For hard-float, this code is only used for
a compat symbol, not for the current version of swapcontext.)
Tested for soft-float powerpc.
[BZ #21045]
* sysdeps/unix/sysv/linux/powerpc/powerpc32/swapcontext-common.S
(__CONTEXT_FUNC_NAME): Pass address of signal mask to be restored
to __sigprocmask.
As was done in b224637928, check for large size causing an overflow
in the loop that walks over the array.
Branching out of line here is the fastest approach for handling this
problem, since tile can bundle the instructions to compute the branch
test in parallel with doing the required memchr loop setup computation.
Unfortunately, the existing saturated ops (e.g. tilegx addxsc) are
all signed saturing ops, so don't help with unsigned saturation.
In 1e5834c38a ("Refactor Linux ipc_priv header") a different
approach to passing __IPC_64 as zero was created. The tile
architecture also needs to pass __IPC_64 as zero since it does
not set CONFIG_ARCH_WANT_IPC_PARSE_VERSION in the kernel.
So create a minimal ipc_priv.h that specifies __IPC_64 as zero.
The ip6-bytestring resolver corresponds to the RES_USEBSTRING flag and
not RES_NOIP6DOTINT. Thank you Michael Kerrisk for noticing and
pointing it out.
Any changes to the per-thread list of robust mutexes currently acquired as
well as the pending-operations entry are not simply sequential code but
basically concurrent with any actions taken by the kernel when it tries
to clean up after a crash. This is not quite like multi-thread concurrency
but more like signal-handler concurrency.
This patch fixes latent bugs by adding compiler barriers where necessary so
that it is ensured that the kernel crash handling sees consistent data.
This is meant to be easy to backport, so we do not use C11-style signal
fences yet.
* nptl/descr.h (ENQUEUE_MUTEX_BOTH, DEQUEUE_MUTEX): Add compiler
barriers and comments.
* nptl/pthread_mutex_lock.c (__pthread_mutex_lock_full): Likewise.
* nptl/pthread_mutex_timedlock.c (pthread_mutex_timedlock): Likewise.
* nptl/pthread_mutex_unlock.c (__pthread_mutex_unlock_full): Likewise.
Robust mutexes acquired at the time of a call to fork() do not remain
acquired by the forked child process. We have to clear the list of
acquired robust mutexes before registering this list with the kernel;
otherwise, if some of the robust mutexes are process-shared, the parent
process can alter the child's robust mutex list, which can lead to
deadlocks or even modification of memory that may not be occupied by a
mutex anymore.
[BZ #19402]
* sysdeps/nptl/fork.c (__libc_fork): Clear list of acquired robust
mutexes.
lll_robust_unlock on i386 and x86_64 first sets the futex word to
FUTEX_WAITERS|0 before calling __lll_unlock_wake, which will set the
futex word to 0. If the thread is killed between these steps, then the
futex word will be FUTEX_WAITERS|0, and the kernel (at least current
upstream) will not set it to FUTEX_OWNER_DIED|FUTEX_WAITERS because 0 is
not equal to the TID of the crashed thread.
The lll_robust_lock assembly code on i386 and x86_64 is not prepared to
deal with this case because the fastpath tries to only CAS 0 to TID and
not FUTEX_WAITERS|0 to TID; the slowpath simply waits until it can CAS 0
to TID or the futex_word has the FUTEX_OWNER_DIED bit set.
This issue is fixed by removing the custom x86 assembly code and using
the generic C code instead. However, instead of adding more duplicate
code to the custom x86 lowlevellock.h, the code of the lll_robust* functions
is inlined into the single call sites that exist for each of these functions
in the pthread_mutex_* functions. The robust mutex paths in the latter
have been slightly reorganized to make them simpler.
This patch is meant to be easy to backport, so C11-style atomics are not
used.
[BZ #20985]
* nptl/Makefile: Adapt.
* nptl/pthread_mutex_cond_lock.c (LLL_ROBUST_MUTEX_LOCK): Remove.
(LLL_ROBUST_MUTEX_LOCK_MODIFIER): New.
* nptl/pthread_mutex_lock.c (LLL_ROBUST_MUTEX_LOCK): Remove.
(LLL_ROBUST_MUTEX_LOCK_MODIFIER): New.
(__pthread_mutex_lock_full): Inline lll_robust* functions and adapt.
* nptl/pthread_mutex_timedlock.c (pthread_mutex_timedlock): Inline
lll_robust* functions and adapt.
* nptl/pthread_mutex_unlock.c (__pthread_mutex_unlock_full): Likewise.
* sysdeps/nptl/lowlevellock.h (__lll_robust_lock_wait,
__lll_robust_lock, lll_robust_cond_lock, __lll_robust_timedlock_wait,
__lll_robust_timedlock, __lll_robust_unlock): Remove.
* sysdeps/unix/sysv/linux/i386/lowlevellock.h (lll_robust_lock,
lll_robust_cond_lock, lll_robust_timedlock, lll_robust_unlock): Remove.
* sysdeps/unix/sysv/linux/x86_64/lowlevellock.h (lll_robust_lock,
lll_robust_cond_lock, lll_robust_timedlock, lll_robust_unlock): Remove.
* sysdeps/unix/sysv/linux/sparc/lowlevellock.h (__lll_robust_lock_wait,
__lll_robust_lock, lll_robust_cond_lock, __lll_robust_timedlock_wait,
__lll_robust_timedlock, __lll_robust_unlock): Remove.
* nptl/lowlevelrobustlock.c: Remove file.
* nptl/lowlevelrobustlock.sym: Likewise.
* sysdeps/unix/sysv/linux/i386/lowlevelrobustlock.S: Likewise.
* sysdeps/unix/sysv/linux/x86_64/lowlevelrobustlock.S: Likewise.
After this update, math/test-ildouble, math/test-ldouble and
math/test-ldouble-finite pass on hard float, POWER < 7 builds.
Tested on powerpc, powerpc64 and powerpc64le.
The posix_fadvise consolidation broke posix_fadvise for MIPS o32, so
resulting in posix/tst-posix_fadvise failing.
MIPS o32 (and the other ABIs) has only the posix_fadvise64 syscall,
which acts like posix_fadvise64_64 (in the o32 case, because of the
alignment argument it's actually a 7-argument syscall). The generic
posix_fadvise implementation presumes that if __NR_fadvise64 is
defined, it's for the case where a single len argument is passed to
the syscall rather than two syscall arguments in the case of a 32-bit
system.
The generic posix_fadvise64 works fine for this case (defining
__NR_fadvise64_64 to __NR_fadvise64 as needed). ARM has a
posix_fadvise.c that uses __posix_fadvise64_l64 in posix_fadvise, and
that approach also works for MIPS o32, so this patch makes MIPS o32
include the ARM file.
Tested for MIPS o32.
* sysdeps/unix/sysv/linux/mips/mips32/posix_fadvise.c: New file.
The generic implementation of fetestexceptflag does:
int
fetestexceptflag (const fexcept_t *flagp, int excepts)
{
/* Most versions of fegetexceptflag store exceptions in a form such
that this works. */
return *flagp & excepts & FE_ALL_EXCEPT;
}
In the case where FE_ALL_EXCEPT is nonzero but exceptions may not be
supported at runtime, this only works if fegetexceptflag cleared all
the bits of FE_ALL_EXCEPT in *flagp; otherwise it accesses
uninitialized data. This showed up as a failure of
math/test-fetestexceptflag for MIPS o32 soft-float. This patch makes
the fallback fegetexceptflag store 0 (fexcept_t is an integer type
everywhere) so that this works. (No bug report in Bugzilla because
this wasn't user-visible - at least, without using tools to detect
uninitialized memory use at runtime - without fetestexceptflag, which
is new in 2.25.)
Tested for MIPS o32 soft-float.
* math/fgetexcptflg.c (__fegetexceptflag): Store 0 in fexcept_t
object.
Bug 16458 reports that the endian-conversion macros in <endian.h> and
<netinet/in.h>, in the case where no endian conversion is needed, just
return their arguments without converting to the expected return type,
so failing to act as expected for a macro version of a function. (The
<netinet/in.h> macros, in particular, are described with prototypes in
POSIX so should act like correspondingly prototyped functions.)
Where previously this was a fairly obscure issue, it now results in
glibc build with GCC mainline breaking for big-endian systems:
nss_hesiod/hesiod-service.c: In function '_nss_hesiod_getservbyport_r':
nss_hesiod/hesiod-service.c:142:39: error: '%d' directive output may be truncated writing between 1 and 11 bytes into a region of size 6 [-Werror=format-truncation=]
snprintf (portstr, sizeof portstr, "%d", ntohs (port));
^~
nss_hesiod/hesiod-service.c:142:38: note: using the range [1, -2147483648] for directive argument
snprintf (portstr, sizeof portstr, "%d", ntohs (port));
^~~~
nss_hesiod/hesiod-service.c:142:3: note: format output between 2 and 12 bytes into a destination of size 6
snprintf (portstr, sizeof portstr, "%d", ntohs (port));
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
The port argument is passed as int to this function, so when ntohs
does not convert the compiler cannot tell that the result is within
the range of uint16_t. (I don't know if in fact it's possible for
out-of-range values to reach this function and so get truncated as
strings without this patch or as integers with it.)
This patch arranges for these macros to use identity functions to
ensure appropriate conversions while having warnings for implicit
conversions of function arguments that might not occur with a cast.
Tested for x86_64 and x86; with build-many-glibcs.py with GCC 6; and
with build-many-glibcs.py with GCC mainline for powerpc to test the
build fix.
[BZ #16458]
* bits/uintn-identity.h: New file.
* inet/netinet/in.h: Include <bits/uintn-identity.h>.
[__BYTE_ORDER == __BIG_ENDIAN] (ntohl): Use __uint32_identity.
[__BYTE_ORDER == __BIG_ENDIAN] (ntohs): Use __uint16_identity.
[__BYTE_ORDER == __BIG_ENDIAN] (htonl): Use __uint32_identity.
[__BYTE_ORDER == __BIG_ENDIAN] (htohs): Use __uint16_identity.
* string/endian.h: Include <bits/uintn-identity.h>.
[__BYTE_ORDER == __LITTLE_ENDIAN] (htole16): Use
__uint16_identity.
[__BYTE_ORDER == __LITTLE_ENDIAN] (le16toh): Likewise.
[__BYTE_ORDER == __LITTLE_ENDIAN] (htole32): Use
__uint32_identity.
[__BYTE_ORDER == __LITTLE_ENDIAN] (le32toh): Likewise.
[__BYTE_ORDER == __LITTLE_ENDIAN] (htole64): Use
__uint64_identity.
[__BYTE_ORDER == __LITTLE_ENDIAN] (le64toh): Likewise.
[__BYTE_ORDER != __LITTLE_ENDIAN] (htobe16): Use
__uint16_identity.
[__BYTE_ORDER != __LITTLE_ENDIAN] (be16toh): Likewise.
[__BYTE_ORDER != __LITTLE_ENDIAN] (htobe32): Use
__uint32_identity.
[__BYTE_ORDER != __LITTLE_ENDIAN] (be32toh): Likewise.
[__BYTE_ORDER != __LITTLE_ENDIAN] (htobe64): Use
__uint64_identity.
[__BYTE_ORDER != __LITTLE_ENDIAN] (be64toh): Likewise.
* string/Makefile (headers): Add bits/uintn-identity.h.
(tests): Add test-endian-types.
* string/test-endian-types.c: New file.
* inet/Makefile (tests): Add test-hnto-types.
* inet/test-hnto-types.c: New file.
This patch fixes the glibc testsuite build for GCC 7
-Wformat-truncation, newly moved out of -Wformat-length and with some
further warnings that didn't previously appear. Two tests that
previously disabled -Wformat-length are changed to disable
-Wformat-truncation instead; two others are made to disable that
option as well.
Tested (compilation only) with build-many-glibcs.py for aarch64 with
GCC mainline.
* stdio-common/tst-printf.c [__GNUC_PREREQ (7, 0)]: Ignore
-Wformat-truncation instead of -Wformat-length.
* time/tst-strptime2.c (mkbuf) [__GNUC_PREREQ (7, 0)]: Likewise.
* stdio-common/tstdiomisc.c (F): Ignore -Wformat-truncation for
GCC 7.
* wcsmbs/tst-wcstof.c: Include <libc-internal.h>.
(do_test): Ignore -Wformat-truncation for GCC 7.
With the elf/sotruss-lib.c failure fixed, building 64-bit glibc with
GCC mainline fails with another format-truncation error in
locale/programs/ld-address.c, where 11 bytes are allocated for a
buffer to print a long int value.
This patch changes that code to allocate 21 bytes. Treating this
value as signed is questionable and I don't think large values are
actually useful here, but I think those can be considered as instances
of bug 21036 which I've filed for overflow checks for numeric values
in localedef in general, and don't need to be addressed to fix the
build.
Tested with GCC mainline with compilation for aarch64 with
build-many-glibcs.py, and with glibc testsuite for x86_64 (built with
GCC 6).
(Note that while this fixes the build of 64-bit glibc with GCC
mainline, further fixes will be needed to get the testsuite building
with GCC mainline again.)
* locale/programs/ld-address.c (INT_STR_ELEM): Increase size of
buffer used to print long int value.
Building 64-bit glibc with GCC mainline fails with:
../elf/sotruss-lib.c: In function 'la_version':
../elf/sotruss-lib.c:91:28: error: '%lu' directive output may be truncated writing between 1 and 20 bytes into a region of size 11 [-Werror=format-truncation=]
snprintf (endp, 12, ".%lu", (unsigned long int) pid);
^~~
../elf/sotruss-lib.c:91:26: note: using the range [1, 18446744073709551615] for directive argument
snprintf (endp, 12, ".%lu", (unsigned long int) pid);
^~~~~~
../elf/sotruss-lib.c:91:6: note: format output between 3 and 22 bytes into a destination of size 12
snprintf (endp, 12, ".%lu", (unsigned long int) pid);
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Pids from getpid cannot actually be negative, but the compiler doesn't
know this. Other places in this file use (signed) long int for
printing, so this patch makes this place do so as well. Then it
increases the buffer size by one byte to allow for the minus sign that
can't actually occur. It doesn't seem worth using diagnostic pragmas
to save one byte; other place in this file just use a cruder 3 *
sizeof (pid_t) calculation for number of digits.
Tested with GCC mainline with compilation for aarch64 with
build-many-glibcs.py, and with glibc testsuite for x86_64 (built with
GCC 6).
* elf/sotruss-lib.c (init): Increase space allocated for pid by
one byte. Print it with %ld, cast to long int.
I used this patch to run the new build script with python3.2, it may be worth
adding this hack if python3.5 is not widespread (might work with older python,
i haven't tested that).
This patch make build-many-glibcs.py work with python 3.2 by
adding fallback implementation to python 3.5 facilities if they
are not present.
Checked building a x86_64-linux-gnu toolchain with python 3.2.
2016-11-22 Szabolcs Nagy <szabolcs.nagy@arm.com>
* scripts/build-many-glibcs.py (os.cpu_count): Add compatibility definition.
(re.fullmatch, subprocess.run): Likewise.
Builds with --enable-tunables failed on i686 because a call to getenv
got snuck into tunables, which pulled in strncmp. This patch fixes
this build failure by making the glibc.malloc.check check even
simpler. The previous approach was convoluted where the tunable was
disabled using an unsetenv and overwriting the tunable value with
colons. The easier way is to simply mark the tunable as insecure by
default (i.e. won't be read for AT_SECURE programs) and then enabled
only when the /etc/suid-debug file is found.
This also ends up removing a bunch of functions that were specially
reimplemented (strlen, unsetenv) to avoid calling into string
routines.
Tested on x86_64 and i686.
* elf/dl-tunables.c (tunables_unsetenv): Remove function.
(min_strlen): Likewise.
(disable_tunable): Likewise.
(maybe_disable_malloc_check): Rename to
maybe_enable_malloc_check.
(maybe_enable_malloc_check): Enable glibc.malloc.check tunable
if /etc/suid-debug file exists.
(__tunables_init): Update caller.
* elf/dl-tunables.list (glibc.malloc.check): Don't mark as
secure.
This patch arranges for various libm-test.inc tests to be XFAILed for
ibm128-libgcc in non-default rounding modes. The tests are marked
with XFAIL_ROUNDING_IBM128_LIBGCC and gen-libm-test.pl is made to
transform that to XFAIL_IBM128_LIBGCC or 0 depending on the rounding
mode.
This should allow test-ldouble, test-ildouble and test-ldouble-finite
to pass with unmodified libgcc, given an ulps regeneration. (The case
of patched libgcc was already clean up to ulps and possibly hypot
cases very close to the overflow threshold that may need more
XFAILing; patched libgcc, which should work with
TEST_COND_ibm128_libgcc defined to 0 to disable all these XFAILs, does
need slightly different ulps from unpatched.) Note that soft-float
powerpc will still fail because of
<https://gcc.gnu.org/bugzilla/show_bug.cgi?id=64811> resulting in
spurious "invalid" exceptions in the libgcc code (for hard float,
<https://gcc.gnu.org/bugzilla/show_bug.cgi?id=58684> hides that bug).
Tested for powerpc.
* math/libm-test.inc (XFAIL_IBM128_LIBGCC): New macro.
(fdim_test_data): Use XFAIL_ROUNDING_IBM128_LIBGCC for some tests.
(fma_test_data): Likewise.
(hypot_test_data): Likewise.
(log1p_test_data): Likewise.
(modf_test_data): Likewise.
(pow_test_data): Likewise.
(remainder_test_data): Likewise.
(remquo_test_data): Likewise.
(scalb_test_data): Likewise.
(scalbn_test_data): Likewise.
(scalbln_test_data): Likewise.
* math/gen-libm-test.pl (parse_args): Transform
XFAIL_ROUNDING_IBM128_LIBGCC to XFAIL_IBM128_LIBGCC or 0 depending
on the rounding mode.
This patch further improves XFAILing for ibm128-libgcc of tests in
auto-libm-test-*.
The bulk of the cases needing XFAILing are
xfail-rounding:ibm128-libgcc used for inputs where (possibly after
rounding the inputs to another floating-point type) the result
overflows (and the result in non-default rounding modes may be wildly
wrong with unpatched libgcc) or underflows near 0 (and the result in
non-default rounding modes may end up having the wrong sign). This
patch makes gen-auto-libm-tests detect such cases and apply
xfail-rounding:ibm128-libgcc automatically to them, so most of the
manual XFAILs in auto-libm-test-in are no longer needed (some are
still needed if e.g. the result is very close to overflow, resulting
in an internal overflow in libgcc in some rounding modes). A few
manual XFAILs are added for cases not covered by this
gen-auto-libm-tests change, and a few existing such XFAILs are left
in.
Tested for powerpc.
* math/gen-auto-libm-tests.c (output_for_one_input_case): Apply
xfail-rounding:ibm128-libgcc automatically to tests overflowing
and those that can underflow to zero.
* math/auto-libm-test-in: Remove most XFAILs for ibm128-libgcc and
add others.
* math/auto-libm-test-out: Regenerated.
This patch fixes math/test-fenv.c to check EXCEPTION_TESTS and
ROUNDING_TESTS to avoid failing in cases where some exceptions or
rounding modes are defined but not supported at runtime.
Tested for mips64 soft float and for x86_64.
* math/test-fenv.c (fe_tests): Skip most tests when exceptions not
supported.
(feholdexcept_tests): Skip tests requiring exceptions or rounding
modes support if not supported.
This patch updates the MicroBlaze localplt.data based on the results
of a build with build-many-glibcs.py. This is simply an empirical
update; quite possibly the port could be optimized to remove more
local PLT entry usage.
Tested (compilation tests) with build-many-glibcs.py.
* sysdeps/unix/sysv/linux/microblaze/localplt.data (__pread64):
Add libc.so PLT entry.
(__tls_get_addr): Make ld.so PLT entry optional.
Commit 38765ab68f moved the bzero, bcopy, and explicit_bzero
fortified macros to a common header (strings_fortified.h). However
the side effect is a fortified explicit_bzero is defined when including
only strings.h.
This patch moves back the fortified explicit_bzero definition to
strings3.h header.
Checked on x86_64-linux-gnu.
* string/bits/strings_fortified.h (explicit_bzero): Move back to ..
* string/bits/string3.h: ... here.
The fallback implementation of fesetexceptflag currently fails if any
exceptions are specified. It should always succeed, because the
exception state is always that all exceptions (if any are defined in
<fenv.h> but not supported in this configuration) are always clear,
just as fallback fetestexcept always succeeds and fallback fesetenv
always succeeds unless asked to set FE_NOMASK_ENV.
This patch fixes it accordingly. Together with the patch to
test-fexcept.c to allow feraiseexcept to fail in another place, this
stops that test from failing for MIPS soft-float.
Tested for mips64 soft-float.
[BZ #21028]
* math/fsetexcptflg.c (__fesetexceptflag): Always return 0.
* math/test-fexcept.c (test_set): Allow failure of feraiseexcept
if EXCEPTION_TESTS returns false.
As described in BZ#20558, bzero and bcopy declaration can only benefit
from fortified macros when decl came from string.h and when __USE_MISC
is defined (default behaviour).
This is due no standard includes those functions in string.h, so they
are only declared if __USE_MISC is defined (as pointed out in comment 4).
However fortification should be orthogona to other features test macros,
i.e, any function should be fortified if that function is declared.
To fix this behavior, the patch moved the bzero, bcopy, and
__explicit_bzero_chk to a common header (string/bits/strings_fortified.h)
and explicit fortified inclusion macros similar to string.h is added
on strings.h. This allows to get fortified declarions by only including
strings.h.
Checked on x86_64-linux-gnu and along on a bootstrap installation to check
if the fortified are correctly triggered with example from bug report.
[BZ #20558]
* string/bits/string3.h [__USE_MISC] (bcopy): Move to
strings_fortified.h.
[__USE_MISC] (bzero): Likewise.
[__USE_MISC] (explicit_bzero): Likewise.
* string/strings.h: Include strings_fortified.h.
* string/Makefile (headers): Add strings_fortified.h.
* string/bits/strings_fortified.h: New file.
* include/bits/strings_fortified.h: Likewise.
This patch increases timeouts on some tests I've observed timing out.
elf/tst-tls13 and iconvdata/tst-loading both dynamically load many
objects and so are slow when testing over NFS. They had timeouts set
from before the default changed from 2 to 20 seconds; this patch
removes those old settings, so effectively increasing the timeout to
20 seconds (from 3 and 10 seconds respectively).
malloc/tst-malloc-thread-fail.c and malloc/tst-mallocfork2.c are slow
on slow systems and so I set a fairly arbitrary 100 second timeout,
which seems to suffice on the system where I saw them timing out.
nss/tst-cancel-getpwuid_r.c and nss/tst-nss-getpwent.c are slow on
systems with a large passwd file; I set timeouts that empirically
worked for me. (It seems tst-cancel-getpwuid_r.c is hitting the
100000 getpwuid_r call limit in my testing, with each call taking a
bit over 0.007 seconds, so 700 seconds for the test.)
* elf/tst-tls13.c (TIMEOUT): Remove.
* iconvdata/tst-loading.c (TIMEOUT): Likewise.
* malloc/tst-malloc-thread-fail.c (TIMEOUT): Increase to 100.
* malloc/tst-mallocfork2.c (TIMEOUT): Define to 100.
* nss/tst-cancel-getpwuid_r.c (TIMEOUT): Define to 900.
* nss/tst-nss-getpwent.c (TIMEOUT): Define to 300.
As noted in bug 20126, MIPS n64 uses an incorrect implementation of
readahead intended for 32-bit systems. This patch adds a
syscalls.list entry to fix this. An updated version of the
consolidation patch
<https://sourceware.org/ml/libc-alpha/2016-09/msg00527.html> could
remove this syscalls.list entry again.
Tested with compilation (only) for mips64; the nature of the syscall
doesn't allow for a glibc test to detect this issue.
[BZ #21026]
* sysdeps/unix/sysv/linux/mips/mips64/n64/syscalls.list
(readahead): New syscall entry.
GCC 7 has a -Wstringop-overflow= warning that includes warning for
strncat with a size specified that is larger than the size of the
buffer (which is dubious usage, but valid at runtime if in fact there
isn't an overflow with the particular buffer contents present).
string/tester.c tests such cases; this patch arranges for this warning
to be ignored around relevant strncat calls.
Tested compilation for aarch64 (GCC mainline) with
build-many-glibcs.py; did execution testing for x86_64 (GCC 5).
* string/tester.c (test_strncat): Disable -Wstringop-overflow=
around tests of strncat with large sizes.