AgeCommit message (Collapse)AuthorLines
2021-04-16fix regression in dl_iterate_phdr reporting of modules with no TLSHEADmasterRich Felker-1/+2
__tls_get_addr should not be called with an invalid TLS module id of 0. in practice it probably "works", returning the DTV length as if it were a pointer, and the callback should probably not inspect dlpi_tls_data in this case, but it's likely that some real-world callbacks use a check on dlpi_tls_data being non-null, rather than on dlpi_tls_modid being nonzero, to conclude that the module has TLS.
2021-04-16nscd: fall back gracefully on kernels without AF_UNIX supportJoakim Sindholt-1/+9
2021-04-16mallocng/aligned_alloc: check for malloc failureDominic Chen-0/+3
With mallocng, calling posix_memalign() or aligned_alloc() will SIGSEGV if the internal malloc() call returns NULL. This does not occur with oldmalloc, which explicitly checks for allocation failure.
2021-04-03make epoll_[p]wait a cancellation pointRich Felker-2/+2
this is a Linux-specific function and not covered by POSIX's requirements for which interfaces are cancellation points, but glibc makes it one and existing software relies on it being one. at some point a review for similar functions that should be made cancellation points should be done.
2021-03-26fix dl_iterate_phdr dlpi_tls_data reporting to match specRich Felker-2/+3
dl_iterate_phdr was wrongly reporting the address of the DSO's PT_TLS image rather than the calling thread's instance of the TLS. the man page, which is essentially normative for a nonstandard function of this sort, clearly specifies the latter. it does not clarify where exactly within/relative-to the image the pointer should point, but the reasonable thing to do is match the ABI's DTP offset, and this seems to be what other implementations do.
2021-03-15remove no-longer-needed special case handling in popenRich Felker-16/+0
popen was special-casing the possibility (only possible when the parent closed stdin and/or stdout) that the child's end of the pipe was already on the final desired fd number, in which case there was no way to get rid of its close-on-exec flag in the child. commit 6fc6ca1a323bc0b6b9e9cdc8fa72221ae18fe206 made this unnecessary by implementing the POSIX-future requirement that dup2 file actions with equal source and destination fd values remove the close-on-exec flag.
2021-03-15use internal malloc for posix_spawn file actions objectsRich Felker-0/+5
this makes it possible to perform actions on file actions objects with a libc-internal lock held without creating lock order relationships that are silently imposed on an application-provided malloc.
2021-03-05don't fail to map library/executable with zero-length segment mapsRich Felker-0/+1
reportedly the GNU linker can emit such segments, causing spurious failure to load due to mmap with a length of zero producing EINVAL. no action is required for such a load map (it's effectively a nop in the program headers table) so just treat it as always successful.
2021-02-25suppress isascii() macro for C++Érico Rolim-0/+2
analogous to commit a60457c84a4b59ab564d7f4abb660a70283ba98d.
2021-02-22guard against compilers failing to handle setjmp specially by defaultRich Felker-3/+11
since 4.1, gcc has had the __returns_twice__ attribute and has required functions which return twice to carry it; however it's always applied it automatically to known setjmp-like function names. clang however does not do this reliably, at least not with -ffreestanding and possibly under other conditions, resulting in silent emission of wrong code. since the symbol name setjmp is in no way special (setjmp is specified as a macro that could expand to use any implementation-specific symbol name or names), a compiler is justified not to do anything special without further hints, and it's reasonable to do what we can to provide such hints. gcc 4.0.x and earlier do not recognize the attribute, so make use conditional on __GNUC__ macros. clang and other gcc-like compilers report (and have always reported) a later "GNUC" version so the preprocessor conditional should function as desired for them as too. undefine the internal macro after use so that nothing abuses it as a public feature.
2021-02-15aarch64/bits/mman.h: add PROT_MTE from linux v5.10Szabolcs Nagy-0/+1
see linux commit 9f3419315f3cdc41a7318e4d50ba18a592b30c8c arm64: mte: Add PROT_MTE support to mmap() and mprotect()
2021-02-15aarch64/bits/hwcap.h: add HWCAP2_MTE from linux v5.10Szabolcs Nagy-0/+1
see linux commit 3b714d24ef173f81c78af16f73dcc9b40428c803 arm64: mte: CPU feature detection and initial sysreg configuration
2021-02-15add aarch64/bits/mman.h with PROT_BTI from linux v5.8Szabolcs Nagy-0/+1
this was missing, see linux commit 8ef8f360cf30be12382f89ff48a57fbbd9b31c14 arm64: Basic Branch Target Identification support
2021-02-15aarch64/bits/hwcap.h: add HWCAP2_BTI from linux v5.8Szabolcs Nagy-0/+1
hwcap for BTI was missing, see linux commit 8ef8f360cf30be12382f89ff48a57fbbd9b31c14 arm64: Basic Branch Target Identification support
2021-02-15signal.h: add MTE specific SIGSEGV codes from linux v5.10Szabolcs Nagy-0/+2
add synchronouse and asynchronous tag check failure codes, see linux commit 74f1082487feb90bbf880af14beb8e29c3030c9f arm64: mte: Add specific SIGSEGV codes
2021-02-15sys/prctl.h: add MTE related constants from linux v5.10Szabolcs Nagy-0/+7
these are for the aarch64 MTE (memory tagging extension), see linux commit 1c101da8b971a36695319dce7a24711dc567a0dd arm64: mte: Allow user control of the tag check mode via prctl() linux commit af5ce95282dc99d08a27a407a02c763dde1c5558 arm64: mte: Allow user control of the generated random tags via prctl()
2021-02-15elf.h: add NT_ARM_TAGGED_ADDR_CTRL from linux v5.10Szabolcs Nagy-0/+1
see linux commit 2200aa7154cb7ef76bac93e98326883ba64bfa2e arm64: mte: ptrace: Add NT_ARM_TAGGED_ADDR_CTRL regset
2021-02-15sys/mman.h: add MAP_HUGE_16KB from linux v5.10Szabolcs Nagy-0/+1
see linux commit e47168f3d1b14af5281cf50c59561d59d28201f9 powerpc/8xx: Support 16k hugepages with 4k pages
2021-02-15sys/mount.h: add MS_NOSYMFOLLOW from linux v5.10Szabolcs Nagy-0/+1
path resolution does not follow symlinks on nosymfollow mounts (but readlink still does), see linux commit dab741e0e02bd3c4f5e2e97be74b39df2523fc6e Add a "nosymfollow" mount option.
2021-02-15sys/membarrier.h: add new constants from linux v5.10Szabolcs Nagy-0/+4
can cause rseq restart on another cpu to synchronize with global memory access from rseq critical sections, see linux commit 2a36ab717e8fe678d98f81c14a0b124712719840 rseq/membarrier: Add MEMBARRIER_CMD_PRIVATE_EXPEDITED_RSEQ
2021-02-15bits/syscall.h: add process_madvise from linux v5.10Szabolcs Nagy-0/+16
mainly added to linux to allow a central process management service in android to give MADV_COLD|PAGEOUT hints for other processes, see linux commit ecb8ac8b1f146915aa6b96449b66dd48984caacc mm/madvise: introduce process_madvise() syscall: an external memory hinting API
2021-02-13fix error return value for cuseridRich Felker-2/+3
the historical function was specified to return an empty string in the caller-provided buffer, not a null pointer, to indicate error when the argument is non-null. only when the argument is null should it return a null pointer on error.
2021-02-13fix misuse of getpwuid_r in cuseridRich Felker-1/+2
getpwuid_r can return 0 but without a result in the case where there was no error but no record exists. in that case cuserid was treating it as success and copying junk out of pw.pw_name to the output buffer.
2021-02-13cuserid: don't return truncated resultsRich Felker-1/+5
checking the length also drops the need to pull in snprintf.
2021-02-13cuserid: support invocation with a null pointer argumentSören Tempel-0/+2
this function was removed from the standard in 2001 but appeared in SUSv2 with an obligation to support calls with a null pointer argument, using a static buffer.
2021-02-12riscv64: define ELF_NFPREGKhem Raj-0/+1
ELF_NFPREG is used by some userspace applications like gdb
2021-02-10math: fix expm1f overflow thresholdSzabolcs Nagy-2/+1
the threshold was wrong so expm1f overflowed to inf a bit too early and on most targets uint32_t compare is faster than float compare so use that. this also fixes sinhf incorrectly returning nan for some values where the internal expm1f overflowed.
2021-02-10math: fix acoshf for negative inputsSzabolcs Nagy-4/+4
on some negative inputs (e.g. -0x1.1e6ae8p+5) acoshf failed to return nan. ensure that negative inputs result nan without introducing new branches. this was tried before in commit 101e6012856918440b5d7474739c3fc22a8d3b85 math: fix acoshf on negative values but that fix was wrong. there are 3 formulas used: log1p(x-1 + sqrt((x-1)*(x-1)+2*(x-1))) log(2*x - 1/(x+sqrt(x*x-1))) log(x) + 0.693147180559945309417232121458176568 the first fails on large negative inputs (may compute log1p(0) or log1p(inf)), the second one fails on some mid range or large negative inputs (may compute log(large) or log(inf)) and the last one fails on -0 (returns -inf).
2021-01-30fix possible fd leak via missing O_CLOEXEC in pthread_setname_npÉrico Rolim-1/+1
the omission of the flag here seems to have been an oversight when the function was added in 8fb28b0b3e7a5e958fb844722a4b2ef9bc244af1
2021-01-30oldmalloc: preserve errno across freeRich Felker-0/+4
as an outcome of Austin Group issue #385, future versions of the standard will require free not to alter the value of errno. save and restore it individually around the calls to madvise and munmap so that the cost is not imposed on calls to free that do not result in any syscall.
2021-01-30fix build regression in oldmallocRich Felker-1/+1
commit 8d37958d58cf36f53d5fcc7a8aa6d633da6071b2 inadvertently broke oldmalloc by having it implement __libc_malloc rather than __libc_malloc_impl.
2021-01-30preserve errno across freeRich Felker-2/+10
as an outcome of Austin Group issue #385, future versions of the standard will require free not to alter the value of errno. save and restore it individually around the calls to madvise and munmap so that the cost is not imposed on calls to free that do not result in any syscall.
2021-01-30fix inconsistent signature of __libc_start_mainRich Felker-1/+2
commit 7586360badcae6e73f04eb1b8189ce630281c4b2 removed the unused arguments from the definition of __libc_start_main, making it incompatible with the declaration at the point of call, which still passed 6 arguments. calls with mismatched function type have undefined behavior, breaking LTO and any other tooling that checks for function signature mismatch. removing the extra arguments from the point of call (crt1) is not an option for fixing this, since that would be a change in ABI surface between application and libc. adding back the extra arguments requires some care. on archs that pass arguments on the stack or that reserve argument spill space for the callee on the stack, it imposes an ABI requirement on the caller to provide such space. the modern crt1.c entry point provides such space, but originally there was arch-specific asm for the call to __libc_start_main. the last of this asm was removed in commit 6fef8cafbd0f6f185897bc87feb1ff66e2e204e1, and manual review of the code removed and its prior history was performed to check that all archs/variants passed the legacy init/fini/ldso_fini arguments.
2021-01-30fail posix_spawn file_actions operations with negative fdsRich Felker-0/+4
these functions are specified to fail with EBADF on negative fd arguments. apart from close, they are also specified to fail if the value exceeds OPEN_MAX, but as written it is not clear that this imposes any requirement when OPEN_MAX is not defined, and it's undesirable to impose a dynamic limit (via setrlimit) here since the limit at the time of posix_spawn may be different from the limit at the time of setting up the file actions. this may require revisiting later.
2021-01-14release 1.2.2v1.2.2Rich Felker-1/+52
2020-12-14fix VIDIOC_DQEVENT (v4l2) ioctl fallback for pre-5.6 kernelsRich Felker-1/+9
commit 2412638bb39eb799b2600393bbd71cca8ae96bb2 got the size of struct v4l2_event wrong and failed to account for the fact that the old struct might be either 120 bytes with time misaligned mod 8, or 128 bytes with time aligned mod 8, due to the contained union having 64-bit members whose alignment is arch-dependent. rather than adding new logic to handle the differences, use an actual stripped-down version of the structure in question to derive the ioctl number, size, and offsets.
2020-12-14fix v4l2 buffer ioctl fallbacks for pre-5.6 kernelsArnd Bergmann-4/+4
commit 2412638bb39eb799b2600393bbd71cca8ae96bb2 got the size of struct v4l2_buffer wrong and omitted the tv_usec member slot from the offset list, so the ioctl numbers never matched and fallback code path was never taken. this caused the affected ioctls to fail with ENOTTY on kernels not new enough to have the native time64 ioctls.
2020-12-12sh: fix incorrect mcontext_t member namingAriadne Conill-4/+13
while the layouts match, the member member naming expected by software using mcontext_t omits the sc_ prefix.
2020-12-09use libc-internal malloc for newlocale/freelocaleRich Felker-0/+10
this is necessary for MT-fork correctness now that the code runs under locale lock. it would not be hard to avoid, but __get_locale is already using libc-internal malloc anyway. this can be reconsidered during locale overhaul later if needed.
2020-12-09drop use of pthread_once in newlocaleRich Felker-9/+7
in general, pthread_once is not compatible with MT-fork constraints (commit 167390f05564e0a4d3fcb4329377fd7743267560). here it actually no longer matters, because it's now called with a lock held, but since the lock is held it's pointless to use pthread_once.
2020-12-09lift locale lock out of internal __get_localeRich Felker-18/+19
this allows the lock to be shared with setlocale, eliminates repeated per-category lock/unlock in newlocale, and will allow the use of pthread_once in newlocale to be dropped (to be done separately).
2020-12-09fix misleading comment in strstrRich Felker-1/+1
the intent here is just to scan at least l bytes forward for the end of the haystack and at least some decent minimum to avoid doing it over and over if the needle is short, with no need to be precise. the comment erroneously stated this as an estimate for MIN when it's actually an estimate for MAX.
2020-12-08drop use of pthread_once for aio thread stack size initRich Felker-10/+8
pthread_once is not compatible with MT-fork constraints (commit 167390f05564e0a4d3fcb4329377fd7743267560) and is not needed here anyway; we already have a lock suitable for initialization. while changing this, fix a corner case where AT_MINSIGSTKSZ gives a value that's more than MINSIGSTKSZ but by a margin of less than 2048, thereby causing the size to be reduced. it shouldn't matter but the intent was to be the larger of a 2048-byte margin over the legacy fixed minimum stack requirement or a 512-byte margin over the minimum the kernel reports at runtime.
2020-12-07fix omission of non-stub pthread_mutexattr_getprotocolRich Felker-1/+1
this change should have been made when priority inheritance mutex support was added. if priority protection is also added at some point the implementation will need to change and will probably no longer be a simple bit shuffling.
2020-12-06riscv64: fix inconsistent ucontext_t struct tagDrew DeVault-2/+2
ucontext.h depends on the internal struct tag name for namespacing reasons, and the intent was always for it to be consistent across archs anyway.
2020-12-04fix failure to preserve r6 in s390x asm; per ABI it is call-savedRich Felker-0/+8
both __clone and __syscall_cp_asm failed to restore the original value of r6 after using it as a syscall argument register. the extent of breakage is not known, and in some cases may be mitigated by the only callers being internal to libc; if they used r6 but no longer needed its value after the call, they may not have noticed the problem. however at least posix_spawn (which uses __clone) was observed returning to the application with the wrong value in r6, leading to crash. since the call frame ABI already provides a place to spill registers, fixing this is just a matter of using it. in __clone, we also spuriously restore r6 in the child, since the parent branch directly returns to the caller. this takes the value from an uninitialized slot of the child's stack, but is harmless since there is no caller to return to in the child.
2020-12-03s390x: derive float_t from compiler or default to floatMarius Hillenbrand-1/+9
float_t should represent the type that is used to evaluate float expressions internally. On s390x, float_t is currently set to double. In contrast, the isa supports single-precision float operations and compilers by default evaluate float in single precision, which violates the C standard (sections and 7.12 in C11/C17, to be precise). With -fexcess-precision=standard, gcc evaluates float in double precision, which aligns with the standard yet at the cost of added conversion instructions. gcc-11 will drop the special case to retrofit double precision behavior for -fexcess-precision=standard so that __FLT_EVAL_METHOD__ will be 0 on s390x in any scenario. To improve standards compliance and compatibility with future compiler direction, this patch changes the definition of float_t to be derived from the compiler's __FLT_EVAL_METHOD__.
2020-11-30implement reallocarrayAriadne Conill-0/+14
reallocarray is an extension introduced by OpenBSD, which introduces calloc overflow checking to realloc. glibc 2.28 introduced support for this function behind _GNU_SOURCE, while glibc 2.29 allows its usage in _DEFAULT_SOURCE.
2020-11-30implement realpath directly instead of using procfs readlinkRich Felker-23/+136
inability to use realpath in chroot/container without procfs access and at early boot prior to mount of /proc has been an ongoing issue, and it turns out realpath was one of the last remaining interfaces that needed procfs for its core functionality. during investigation while reimplementing, it was determined that there were also serious problems with the procfs-based implementation. most seriously it was unsafe on pre-O_PATH kernels, and unlike other places where O_PATH was used, the unsafety was hard or impossible to fix because O_NOFOLLOW can't be used (since the whole purpose was to follow symlinks). the new implementation is a direct one, performing readlink on each path component to resolve it. an explicit stack, as opposed to recursion, is used to represent the remaining components to be processed. the stack starts out holding just the input string, and reading a link pushes the link contents onto the stack. unlike many other implementations, this one does not call getcwd initially for relative pathnames. instead it accumulates initial .. components to be applied to the working directory if the result is still a relative path. this avoids calling getcwd (which may fail) at all when symlink traversal will eventually yield an absolute path. it also doesn't use any form of stat operation; instead it arranges for readlink to tell it when a non-directory is used in a context where a directory is needed. this minimizes the number of syscalls needed, avoids accessing inodes when the directory table suffices, and reduces the amount of code pulled in for static linking.
2020-11-29fix mallocng regression in malloc_usable_size with null argumentDominic Chen-0/+1
commit d1507646975cbf6c3e511ba07b193f27f032d108 added support for null argument in oldmalloc and was overlooked when switching to mallocng.