Natanael Copa [Thu, 8 Sep 2016 17:07:31 +0000 (19:07 +0200)]
use dynamic buffer for getmntent
overlayfs may have fairly long lines so we use getline to allocate a
buffer dynamically. The buffer will be allocated on first use, expand as
needed, but will never be free'ed.
Downstream bug: http://bugs.alpinelinux.org/issues/5703
Signed-off-by: Natanael Copa <ncopa@alpinelinux.org>
Rich Felker [Thu, 20 Oct 2016 04:22:09 +0000 (00:22 -0400)]
fix integer overflows and uncaught EOVERFLOW in printf core
this patch fixes a large number of missed internal signed-overflow
checks and errors in determining when the return value (output length)
would exceed INT_MAX, which should result in EOVERFLOW. some of the
issues fixed were reported by Alexander Cherepanov; others were found
in subsequent review of the code.
aside from the signed overflows being undefined behavior, the
following specific bugs were found to exist in practice:
- overflows computing length of floating point formats with huge
explicit precisions, integer formats with prefix characters and huge
explicit precisions, or string arguments or format strings longer
than INT_MAX, resulted in wrong return value and wrong %n results.
- literal width and precision values outside the range of int were
misinterpreted, yielding wrong behavior in at least one well-defined
case: string formats with precision greater than INT_MAX were
sometimes truncated.
- in cases where EOVERFLOW is produced, incorrect values could be
written for %n specifiers past the point of exceeding INT_MAX.
in addition to fixing these bugs, we now stop producing output
immediately when output length would exceed INT_MAX, rather than
continuing and returning an error only at the end.
Rich Felker [Thu, 20 Oct 2016 00:17:16 +0000 (20:17 -0400)]
fix integer overflow in float printf needed-precision computation
if the requested precision is close to INT_MAX, adding
LDBL_MANT_DIG/3+8 overflows. in practice the resulting undefined
behavior manifests as a large negative result, which is then used to
compute the new end pointer (z) with a wildly out-of-bounds value
(more overflow, more undefined behavior). the end result is at least
incorrect output and character count (return value); worse things do
not seem to happen, but detailed analysis has not been done.
this patch fixes the overflow by performing the intermediate
computation as unsigned; after division by 9, the final result
necessarily fits in int.
Rich Felker [Thu, 6 Oct 2016 16:15:47 +0000 (12:15 -0400)]
fix regexec with haystack strings longer than INT_MAX
we inherited from TRE regexec code that's utterly wrong with respect
to the integer types it's using. while it doesn't appear that
compilers are producing unsafe output, signed integer overflows seem
to happen, and regexec fails to find matches past offset INT_MAX.
this patch fixes the type of all variables/fields used to store
offsets in the string from int to regoff_t. after the changes, basic
testing showed that regexec can now find matches past 2GB (INT_MAX)
and past 4GB on x86_64, and code generation is unchanged on i386.
Rich Felker [Thu, 6 Oct 2016 22:34:58 +0000 (18:34 -0400)]
fix missing integer overflow checks in regexec buffer size computations
most of the possible overflows were already ruled out in practice by
regcomp having already succeeded performing larger allocations.
however at least the num_states*num_tags multiplication can clearly
overflow in practice. for safety, check them all, and use the proper
type, size_t, rather than int.
also improve comments, use calloc in place of malloc+memset, and
remove bogus casts.
Szabolcs Nagy [Tue, 4 Oct 2016 17:14:57 +0000 (17:14 +0000)]
fix strftime %y for negative tm_year
Daniel Sabogal [Sat, 24 Sep 2016 01:10:07 +0000 (21:10 -0400)]
fix getservby*_r result pointer value on error
this is a clone of the fix to the gethostby*_r functions in
commit
fe82bb9b921be34370e6b71a1c6f062c20999ae0. the man pages
document that the getservby*_r functions set this pointer to
NULL if there was an error or if no record was found.
Daniel Sabogal [Sat, 24 Sep 2016 04:38:06 +0000 (00:38 -0400)]
remove dead case in gethostbyname2_r
this case statement was accidently left behind when this function
was refactored in commit
e8f39ca4898237cf71657500f0b11534c47a0521.
Rich Felker [Mon, 19 Sep 2016 15:15:51 +0000 (11:15 -0400)]
fix undefined behavior in sched.h cpu_set_t usage
since cpu sets can be dynamically allocated and have variable size,
accessing their contents via ->__bits is not valid; performing pointer
arithmetic outside the range of the size of the declared __bits array
results in undefined beahavior. instead, only use cpu_set_t for
fixed-size cpu set objects (instantiated by the caller) and as an
abstract pointer type for dynamically allocated ones. perform all
accesses simply by casting the abstract pointer type cpuset_t * back
to unsigned long *.
Rich Felker [Mon, 19 Sep 2016 01:45:47 +0000 (21:45 -0400)]
simplify/refactor fflush and make fflush_unlocked an alias for fflush
previously, fflush_unlocked was an alias for an internal backend that
was called by fflush, either for its argument or in a loop for each
file if a null pointer was passed. since the logic for the latter was
in the main fflush function, fflush_unlocked crashed when passed a
null pointer, rather than flushing all open files. since
fflush_unlocked is not a standard function and has no specification,
it's not clear whether it should be expected to accept null pointers
like fflush does, but a reasonable argument could be made that it
should.
this patch eliminates the helper function, simplifying fflush, and
makes fflush_unlocked an alias for fflush, which is valid because the
two functions agree in their behavior in all cases where their
behavior is defined (the unlocked version has undefined behavior if
another thread could hold locks).
Daniel Sabogal [Sat, 10 Sep 2016 01:23:17 +0000 (21:23 -0400)]
add missing *_unlocked and wcsftime_l prototypes to wchar.h
these functions had been implemented, but prototypes were not made available
Daniel Sabogal [Thu, 15 Sep 2016 15:27:30 +0000 (11:27 -0400)]
fix if_indextoname error case
posix requires errno to be set to ENXIO if the interface does not exist.
linux returns ENODEV instead so we handle this.
Daniel Sabogal [Fri, 16 Sep 2016 17:34:24 +0000 (13:34 -0400)]
fix ifru_data and ifcu_buf types in net/if.h
glibc, freebsd, and openbsd use character pointers (caddr_t) for
these fields. only linux uses void pointer for the ifru_data type.
Rich Felker [Fri, 16 Sep 2016 21:40:08 +0000 (17:40 -0400)]
fix printf regression with alt-form octal, zero flag, and field width
commit
b91cdbe2bc8b626aa04dc6e3e84345accf34e4b1, in fixing another
issue, changed the logic for how alt-form octal adds the leading zero
to adjust the precision rather than using a prefix character. this
wrongly suppressed the zero flag by mimicing an explicit precision
given by the format string. switch back to using a prefix character.
based on bug report and patch by Dmitry V. Levin, but simplified.
Rich Felker [Tue, 30 Aug 2016 20:39:54 +0000 (16:39 -0400)]
restore _Noreturn to __assert_fail
this reverts commit
2c1f8fd5da3306fd7c8a2267467e44eb61f12dd4. without
the _Noreturn attribute, the compiler cannot use asserts to perform
reachability/range analysis. this leads to missed optimizations and
spurious warnings.
the original backtrace problem that prompted the removal of _Noreturn
was not clearly documented at the time, but it seems to happen only
when libc was built without -g, which also breaks many other
backtracing cases.
Olivier Brunel [Sat, 13 Aug 2016 18:31:49 +0000 (20:31 +0200)]
getdtablesize: fix returning hard instead of soft rlimit
This makes the result consistent with sysconf(_SC_OPEN_MAX).
Duncan Overbruck [Thu, 18 Aug 2016 15:06:16 +0000 (17:06 +0200)]
fix FFSYNC by changing it to O_SYNC
O_FSYNC was never defined and is legacy/wrong, nothing seems to use it.
Szabolcs Nagy [Wed, 24 Aug 2016 10:40:10 +0000 (12:40 +0200)]
configure: handle mipsisa64* triplet as a mips64 target
the gnu config.sub script recognizes several mipsisa64* cpu types
that musl supports as mips64 targets.
Szabolcs Nagy [Tue, 23 Aug 2016 19:47:53 +0000 (21:47 +0200)]
math: fix 128bit long double inverse trigonometric functions
there was a copy paste error that could cause large ulp errors
in atan2l, atanl, asinl and acosl on aarch64, mips64 and mipsn32.
(the implementation is from freebsd fdlibm, but the tail end
of the polynomial was wrong. 128 bit long double functions
are not yet tested so this went undetected.)
Szabolcs Nagy [Sat, 20 Aug 2016 19:04:31 +0000 (21:04 +0200)]
verify that ttyname refers to the same file as the fd
linux containers use separate mount namespace so the /proc
symlink might not point to the right device if the fd was
opened in the parent namespace, in this case return ENOENT.
Szabolcs Nagy [Sat, 20 Aug 2016 15:05:06 +0000 (17:05 +0200)]
microblaze: add syscall numbers from linux v4.7
userfaultfd, membarrier and mlock2 syscalls got wired up in linux
commit
fbce3befd60d40639bf3c6b60f7477b2f988f92d
Szabolcs Nagy [Sat, 20 Aug 2016 15:04:44 +0000 (17:04 +0200)]
add SS_AUTODISARM sigaltstack ss_flags from linux v4.7 to signal.h
only matters if swapcontext is used in a signal handler running on an
altstack, new in linux commit
2a74213838104a41588d86fd5e8d344972891ace
Szabolcs Nagy [Sat, 20 Aug 2016 15:04:25 +0000 (17:04 +0200)]
add UDP_ENCAP_GTP0, UDP_ENCAP_GTP1U from linux v4.7 to netinet/udp.h
for GPRS tunneling protocol, new in linux commit
459aa660eb1d8ce67080da1983bb81d716aa5a69
Szabolcs Nagy [Sat, 20 Aug 2016 15:04:05 +0000 (17:04 +0200)]
add PF_QIPCRTR, AF_QIPCRTR from linux v4.7 to sys/socket.h
macros for qualcom ip router protocol, new in linux commit
bdabad3e363d825ddf9679dd431cca0b2c30f881
Rich Felker [Thu, 11 Aug 2016 22:36:46 +0000 (18:36 -0400)]
fix pread/pwrite syscall calling convention on sh
despite sh not generally using register-pair alignment for 64-bit
syscall arguments, there are arch-specific versions of the syscall
entry points for pread and pwrite which include a dummy argument for
alignment before the 64-bit offset argument.
Rich Felker [Wed, 13 Jul 2016 19:23:01 +0000 (15:23 -0400)]
revert unrelated change that slipped into last commit
Rich Felker [Wed, 13 Jul 2016 19:04:30 +0000 (15:04 -0400)]
fix regression in tcsetattr on all mips archs
revert commit
8c316e9e49d37ad92c2e7493e16166a2afca419f. it was wrong
and does not match how the kernel API works.
Rich Felker [Thu, 7 Jul 2016 20:51:37 +0000 (16:51 -0400)]
fix asctime day/month names not to vary by locale
the FIXME comment here was overlooked at the time locale support was
added.
Rich Felker [Thu, 7 Jul 2016 01:15:00 +0000 (21:15 -0400)]
remove obsolete and unused gethostbyaddr implementation
this code was already under #if 0, but could be confusing if a reader
didn't notice that, and it's almost surely full of bugs and/or
inconsistencies with the current code that uses the gethostbyname2_r
backend.
Bobby Bingham [Wed, 6 Jul 2016 03:53:58 +0000 (22:53 -0500)]
remove obsolete gitignore rules
Since commit
2f853dd6b9a95d5b13ee8f9df762125e0588df5d, all generated
headers are generated under the obj directory, which is already ignored.
Bobby Bingham [Wed, 6 Jul 2016 03:53:32 +0000 (22:53 -0500)]
remove or1k version of sem.h
It's identical to the generic version, after evaluating the endian
preprocessor checks in the generic version.
Rich Felker [Tue, 5 Jul 2016 21:58:46 +0000 (17:58 -0400)]
release 1.1.15
Rich Felker [Mon, 4 Jul 2016 00:03:30 +0000 (20:03 -0400)]
add stdc-predef.h for library-level predefined macros
modern compilers (for gcc, versions 4.8 and later) automatically
pre-include <stdc-predef.h> to obtain the values of certain predefined
macros specified by ISO C but which reflect properties of the library
implementation, not just the compiler. provide values indicating that
wchar_t is Unicode-encoded and that Annex F (IEEE floating point) is
supported unless the compiler indicates otherwise.
based on patch by Masanori Ogino.
Rich Felker [Sun, 3 Jul 2016 21:42:05 +0000 (17:42 -0400)]
improve abort fallback behavior when raising SIGABRT fails to terminate
these changes still do not yield a fully-conforming abort, but they
fix two known issues:
- per POSIX, termination via SIGKILL is not "abnormal", but both ISO C
and POSIX require abort to yield abnormal termination.
- raising SIGKILL fails to do anything to pid 1 in some containers.
now, the trapping instruction produced by a_crash() is expected to
produce abnormal termination, without the risk of invoking a signal
handler since SIGILL and SIGSEGV are blocked, and _Exit, which
contains an infinite loop analogous to the one being removed from
abort itself, is used as a last resort.
this implementation still fails to produce an exit status as if the
process terminated via SIGABRT in cases where SIGABRT is blocked or
ignored, but fixing that is not easy; the obvious pseudo-solutions all
have subtle race conditions where a concurrent fork or exec can expose
incorrect signal state.
Rich Felker [Sun, 3 Jul 2016 20:19:28 +0000 (16:19 -0400)]
make brace placement in public header typedef'd structs consistent
commit
befa5866ee30d09c0c96e88af2eabff5911342ea performed this change
for struct definitions that did not also involve typedef, but omitted
the latter.
Szabolcs Nagy [Wed, 20 Apr 2016 11:20:50 +0000 (13:20 +0200)]
add EF_SH_ sh specific macros to elf.h
last time elf.h was thoroughly updated sh was not yet supported
so these processor specific e_flags were missing.
Szabolcs Nagy [Wed, 20 Apr 2016 11:20:36 +0000 (13:20 +0200)]
add NT_ARM_SYSTEM_CALL to elf.h
new regset in linux v3.18 for ptrace.
Szabolcs Nagy [Wed, 20 Apr 2016 11:19:45 +0000 (13:19 +0200)]
add missing x86 relocs to elf.h
see
https://sourceware.org/ml/libc-alpha/2016-01/msg00822.html
Szabolcs Nagy [Wed, 20 Apr 2016 11:19:27 +0000 (13:19 +0200)]
add DT_MIPS_RLD_MAP_REL to elf.h
marks different RLD_MAP for debugging PIE binaries.
Szabolcs Nagy [Wed, 20 Apr 2016 11:19:08 +0000 (13:19 +0200)]
add SHF_COMPRESSED section flag to elf.h
following
http://www.sco.com/developers/gabi/latest/ch4.sheader.html
Szabolcs Nagy [Wed, 20 Apr 2016 11:17:54 +0000 (13:17 +0200)]
add powerpc tls optimization related definitions to elf.h
see
https://sourceware.org/ml/libc-alpha/2015-03/msg00580.html
Szabolcs Nagy [Wed, 20 Apr 2016 11:17:31 +0000 (13:17 +0200)]
add nios2 definitions to elf.h
Szabolcs Nagy [Wed, 20 Apr 2016 11:17:11 +0000 (13:17 +0200)]
update elf.h with mips abi flags support
following
https://sourceware.org/ml/libc-alpha/2014-05/msg00332.html
Szabolcs Nagy [Sun, 3 Jul 2016 20:13:44 +0000 (22:13 +0200)]
update elf.h with new aarch64 relocs
add ilp32 related relocs and alternative names for a few macros following
https://sourceware.org/ml/libc-alpha/2014-11/msg00455.html
Szabolcs Nagy [Wed, 20 Apr 2016 11:15:16 +0000 (13:15 +0200)]
update elf.h with powerpc64 elfv2 abi related macros
see
https://sourceware.org/ml/libc-alpha/2013-11/msg00315.html
https://sourceware.org/ml/libc-alpha/2013-11/msg00314.html
Szabolcs Nagy [Wed, 20 Apr 2016 11:14:53 +0000 (13:14 +0200)]
add new powerpc64 relocations to elf.h
following the corresponding binutils and glibc changes
https://sourceware.org/ml/binutils/2013-10/msg00372.html
Szabolcs Nagy [Wed, 20 Apr 2016 11:14:13 +0000 (13:14 +0200)]
add EM_OPENRISC again to elf.h
it was changed to EM_OR1K in
200d15479c0bc48471ee7b8e538ce33af990f82e
as that was meant to be the official name, but glibc and the latest
gabi spec still uses the EM_OPENRISC name:
http://www.sco.com/developers/gabi/latest/ch4.eheader.html
binutils defines both macros so we should do the same for backward
compatibility.
Rich Felker [Sun, 3 Jul 2016 18:40:11 +0000 (14:40 -0400)]
make brace placement in public header struct definitions consistent
placing the opening brace on the same line as the struct keyword/tag
is the style I prefer and seems to be the prevailing practice in more
recent additions.
these changes were generated by the command:
find include/ arch/*/bits -name '*.h' \
-exec sed -i '/^struct [^;{]*$/{N;s/\n/ /;}' {} +
and subsequently checked by hand to ensure that the regex did not pick
up any false positives.
Rich Felker [Sun, 3 Jul 2016 18:38:53 +0000 (14:38 -0400)]
fix misplaced indention in sys/procfs.h
Rich Felker [Sun, 3 Jul 2016 18:12:09 +0000 (14:12 -0400)]
format mips bits/termios.h consistently mips64 and n32 versions
with this change, all three files are identical.
Szabolcs Nagy [Sun, 3 Jul 2016 15:09:51 +0000 (17:09 +0200)]
fix CBAUDEX in powerpc termios.h
it seems it was a typo.
Szabolcs Nagy [Sun, 3 Jul 2016 15:09:29 +0000 (17:09 +0200)]
fix TCS* definitions in mips termios.h
these were incorrectly using the generic definitions.
Szabolcs Nagy [Sun, 3 Jul 2016 15:08:54 +0000 (17:08 +0200)]
fix mips termios.h macro exposure/namespace issues
same changes to the defined macros as in powerpc and generic bits.
Szabolcs Nagy [Sun, 3 Jul 2016 15:08:24 +0000 (17:08 +0200)]
fix powerpc termios.h macro exposure/namespace issues
same changes as in the generic header.
and BOTHER and IBSHIFT were removed (present in linux uapi but not
in glibc) and TIOCSER_TEMT was added (present in glibc).
Szabolcs Nagy [Sun, 3 Jul 2016 15:07:56 +0000 (17:07 +0200)]
fix generic termios.h macro exposure/namespace issues
add EXTA, EXTB, CIBAUD, CMSPAR, XCASE macros and hide them as well as
CBAUD, ECHOCTL, ECHOPRT, ECHOKE, FLUSHO, PENDIN in standard mode.
the new macros are both in glibc termios.h and in linux asm/termbits.h,
the later also contains IBSHIFT and BOTHER, those were not added.
these are not standard macros, but some of them are in the reserved
namespace so could be exposed, the ones which are not reserved are
CIBAUD, CMSPAR and XCASE (which was removed in issue 6), the rest
got hidden to be consistent with glibc.
Rich Felker [Sun, 3 Jul 2016 19:01:04 +0000 (15:01 -0400)]
define appropriate feature test macros to get CBAUD from termios.h
Szabolcs Nagy [Sun, 3 Jul 2016 15:07:30 +0000 (17:07 +0200)]
fix FIOQSIZE in arm ioctl.h
arm ioctl.h is the same as the generic one except this macro,
so a workaround solution is used to avoid another ioctl.h copy.
Szabolcs Nagy [Sun, 3 Jul 2016 15:06:36 +0000 (17:06 +0200)]
remove termios2 related ioctls from sh ioctl.h
musl does not define these on other targets either.
Szabolcs Nagy [Sun, 3 Jul 2016 15:06:03 +0000 (17:06 +0200)]
fix TIOCMSET in mips ioctl.h
it seems it was a typo.
Szabolcs Nagy [Sun, 3 Jul 2016 15:05:36 +0000 (17:05 +0200)]
fix mips, mips64, mipsn32 TIOCM_* macros in ioctl.h
TIOCM_ macros were wrongly using the asm-generic/termios.h definitions
instead of the mips specific ones from asm/termios.h
Szabolcs Nagy [Sun, 3 Jul 2016 15:05:08 +0000 (17:05 +0200)]
remove mips and powerpc ioctls that are missing from linux uapi
mips and powerpc use their own asm/ioctls.h, not the asm-generic/ioctls.h
and they lack termiox macros that are available on other targets.
see kernel commit
1d65b4a088de407e99714fdc27862449db04fb5c
Szabolcs Nagy [Sun, 3 Jul 2016 15:04:32 +0000 (17:04 +0200)]
add missing TIOC* macros to ioctl.h
these are defined in linux asm/ioctls.h.
(powerpc64 and powerpc bits/ioctl.h are now identical)
Szabolcs Nagy [Sun, 3 Jul 2016 15:03:56 +0000 (17:03 +0200)]
add missing SIOCSIFNAME from linux/sockios.h to ioctl.h
glibc ioctl.h has it too.
Szabolcs Nagy [Sun, 3 Jul 2016 15:03:19 +0000 (17:03 +0200)]
remove ioctl macros that were removed from linux uapi
TIOCTTYGSTRUCT, TIOCGHAYESESP, TIOCSHAYESESP and TIOCM_MODEM_BITS
were removed from the linux uapi and not present in glibc ioctl.h
Szabolcs Nagy [Sun, 3 Jul 2016 15:02:23 +0000 (17:02 +0200)]
use the generic ioctl.h for x86_64, x32 and aarch64
they were slightly different in musl, but should be the same:
the linux uapi and glibc headers are not different.
Rich Felker [Sun, 3 Jul 2016 14:49:52 +0000 (10:49 -0400)]
add consistent reserved fields in mips64/n32 termios structures
the (unused) speed fields were omitted when these ports were first
added (within this release cycle, so not present in any release yet)
in accordance with how glibc defines the structure on mips archs.
however their omission does not match existing musl practice/intent.
glibc provides its own, mostly-unified termios structure definition
and performs translation in userspace to match the kernel structure
for the arch, but has gratuitous differences on a few archs like mips,
presumably as a result of historical mistakes. some other libcs use
the kernel definitions directly. musl essentially does that, by
matching the kernel layout in the part of the structure the kernel
will read/write, but leaves additional space at the end for
extensibility. these are nominally the (nonstandard) speed fields and
(on most archs) extra c_cc elements, but since they are not used they
could be repurposed if there's ever a need.
Rich Felker [Fri, 1 Jul 2016 17:32:35 +0000 (13:32 -0400)]
fix posix_fadvise syscall args on powerpc, unify with arm fix
commit
6d38c9cf80f47623e5e48190046673bbd0dc410b provided an
arm-specific version of posix_fadvise to address the alternate
argument order the kernel expects on arm, but neglected to address
that powerpc (32-bit) has the same issue. instead of having arch
variant files in duplicate, simply put the alternate version in the
top-level file under the control of a macro defined in syscall_arch.h.
Bobby Bingham [Sat, 7 May 2016 18:48:21 +0000 (13:48 -0500)]
pthread: implement try/timed join variants
Rich Felker [Wed, 29 Jun 2016 22:21:36 +0000 (18:21 -0400)]
fix misordered syscall arguments for posix_fadvise on arm
the arm version of the syscall has a custom argument ordering to avoid
needing a 7-argument syscall due to 64-bit argument alignment.
Rich Felker [Wed, 29 Jun 2016 21:45:40 +0000 (17:45 -0400)]
in posix_fadvise, don't bypass __syscall macro infrastructure
when commit
0b6eb2dfb2e84a8a51906e7634f3d5edc230b058 added the
parentheses around __syscall to invoke the function directly, there
was no __syscall7 in the syscall macro infrastructure, so this hack
was needed. commit
9a3bbce447403d735282586786dc436ec1ffbad4 fixed that
but failed to remove the hack.
Natanael Copa [Wed, 15 Jun 2016 18:27:46 +0000 (20:27 +0200)]
refactor name_from_dns in hostname lookup backend
loop over an address family / resource record mapping to avoid
repetitive code.
Natanael Copa [Wed, 25 May 2016 09:22:13 +0000 (11:22 +0200)]
in performing dns lookups, check result from res_mkquery
don't send a query that may be malformed.
Rich Felker [Wed, 29 Jun 2016 15:55:41 +0000 (11:55 -0400)]
add RUSAGE_THREAD (Linux extension) definition to sys/resource.h
Rich Felker [Wed, 29 Jun 2016 15:54:03 +0000 (11:54 -0400)]
fix incorrect definition of RUSAGE_CHILDREN in sys/resource.h
the kernel ABI value for RUSAGE_CHILDREN is -1, not 1. the latter is
actually interpreted as RUSAGE_THREAD, to obtain values for just the
calling thread and not the whole process.
Rich Felker [Mon, 27 Jun 2016 21:11:30 +0000 (17:11 -0400)]
fix misaligned address buffers in gethostbyname[2][_r] results
mistakenly ordering strings before addresses in the result buffer
broke the alignment that the preceding code had set up.
Rich Felker [Mon, 27 Jun 2016 19:18:13 +0000 (15:18 -0400)]
fix failure to obtain EOWNERDEAD status for process-shared robust mutexes
Linux's documentation (robust-futex-ABI.txt) claims that, when a
process dies with a futex on the robust list, bit 30 (0x40000000) is
set to indicate the status. however, what actually happens is that
bits 0-30 are replaced with the value 0x40000000, i.e. bits 0-29
(containing the old owner tid) are cleared at the same time bit 30 is
set.
our userspace-side code for robust mutexes was written based on that
documentation, assuming that kernel would never produce a futex value
of 0x40000000, since the low (owner) bits would always be non-zero.
commit
d338b506e39b1e2c68366b12be90704c635602ce introduced this
assumption explicitly while fixing another bug in how non-recoverable
status for robust mutexes was tracked. presumably the tests conducted
at that time only checked non-process-shared robust mutexes, which are
handled in pthread_exit (which implemented the documented kernel
protocol, not the actual one) rather than by the kernel.
change pthread_exit robust list processing to match the kernel
behavior, clearing bits 0-29 while setting bit 30, and use the value
0x7fffffff instead of 0x40000000 to encode non-recoverable status. the
choice of value here is arbitrary; any value with at least one of bits
0-29 set should work just as well,
Rich Felker [Tue, 21 Jun 2016 20:33:14 +0000 (16:33 -0400)]
remove comments on copyright status from UTF-8 implementation files
despite clarifications made to the COPYRIGHT file in commit
f0a61399330bae42beeb27d6ecd05570b3382a60, there continues to be
confusion about whether the permissions granted actually apply to all
files. I am the sole author of these files and clearly intend, and
have always intended, for the grant of permission to apply to them.
Rich Felker [Thu, 9 Jun 2016 17:42:06 +0000 (13:42 -0400)]
avoid padding gaps in struct sockaddr_storage
compilers are free not to copy, or in some cases to clobber, padding
bytes in a structure. while it's an aliasing violation, and thus
undefined behavior, to copy or manipulate other sockaddr types using
sockaddr_storage, it seems likely that traditional code attempts to do
so, and the original intent of the sockaddr_storage structure was
probably to allow such usage.
in the interest of avoiding silent and potentially dangerous breakage,
ensure that there are no actual padding bytes in sockaddr_storage by
moving and adjusting the size of the __ss_padding member so that it
fits exactly.
this change also removes a silent assumption that the alignment of
long is equal to its size.
Szabolcs Nagy [Thu, 26 May 2016 20:07:32 +0000 (22:07 +0200)]
update sys/socket.h to linux v4.6
kernel connection multiplexor macros AF_KCM, PF_KCM, SOL_KCM were
added in linux commit
ab7ac4eb9832e32a09f4e8042705484d2fb0aad3
MSG_BATCH sendmsg flag for performance optimization was added
in linux commit
f092276d85b82504e8a07498f4e9e0c51f06745c
SOL_* macros are now synced with linux socket.h which is not a uapi
header and glibc did not have the macros either, but that has changed
http://sourceware.org/ml/libc-alpha/2016-05/msg00322.html
Szabolcs Nagy [Thu, 26 May 2016 20:07:09 +0000 (22:07 +0200)]
add new tcp_info fields from linux v4.6
new fields and associated linux commit:
tcpi_notsent_bytes, tcpi_min_rtt
cd9b266095f422267bddbec88f9098b48ea548fc
tcpi_data_segs_in, tcpi_data_segs_out
a44d6eacdaf56f74fad699af7f4925a5f5ac0e7f
Szabolcs Nagy [Thu, 26 May 2016 20:06:44 +0000 (22:06 +0200)]
add CLONE_NEWCGROUP clone flag, new in linux v4.6
flag for new cgroup namespace, added in linux commit
5e2bec7c2248ae27c5b16cd97215ae05c1d39179
Szabolcs Nagy [Thu, 26 May 2016 20:06:10 +0000 (22:06 +0200)]
update siginfo struct for linux v4.6
x86 protection key faults are reported in the si_pkey field,
added in linux commit
cd0ea35ff5511cde299a61c21a95889b4a71464e
Szabolcs Nagy [Thu, 26 May 2016 20:05:45 +0000 (22:05 +0200)]
add ETH_P_MACSEC netinet/if_ether.h, new in linux v4.6
ethertype for macsec added in linux commit
dece8d2b78d19df7fe5e4e965f1f0d1a3e188d1b
Szabolcs Nagy [Thu, 26 May 2016 20:05:25 +0000 (22:05 +0200)]
add SO_CNX_ADVICE to sys/socket.h, new in linux v4.6
new socket option so application can give advice about routing
path quality of connected udp sockets, added in linux commit
a87cb3e48ee86d29868d3f59cfb9ce1a8fa63314
Szabolcs Nagy [Thu, 26 May 2016 20:04:56 +0000 (22:04 +0200)]
add preadv2 and pwritev2 syscall numbers for linux v4.6
the syscalls take an additional flag argument, they were added in commit
f17d8b35452cab31a70d224964cd583fb2845449 and a RWF_HIPRI priority hint
flag was added to linux/fs.h in
97be7ebe53915af504fb491fb99f064c7cf3cb09.
the syscall is not allocated for microblaze and sh yet.
Rich Felker [Mon, 23 May 2016 22:19:11 +0000 (18:19 -0400)]
fix a64l undefined behavior on ILP32 archs, wrong results on LP64 archs
the difference of pointers is a signed type ptrdiff_t; if it is only
32-bit, left-shifting it by 30 bits produces undefined behavior. cast
the difference to an appropriate unsigned type, uint32_t, before
shifting to avoid this.
the a64l function is specified to return a signed 32-bit result in
type long. as noted in the bug report by Ed Schouten, converting
implicitly from uint32_t only produces the desired result when long is
a 32-bit type. since the computation has to be done in unsigned
arithmetic to avoid overflow, simply cast the result to int32_t.
further, POSIX leaves the behavior on invalid input unspecified but
not undefined, so we should not take the difference between the
potentially-null result of strchr and the base pointer without first
checking the result. the simplest behavior is just returning the
partial conversion already performed in this case, so do that.
Rich Felker [Sun, 22 May 2016 22:49:59 +0000 (18:49 -0400)]
fix undefined pointer arithmetic in CMSG_NXTHDR macro
previously, the only way the stopping condition could be met with
correct lengths in the headers invoked undefined behavior, adding
sizeof(struct cmsghdr) beyond the end of the cmsg buffer.
instead, compute and compare sizes rather than pointers.
Szabolcs Nagy [Sat, 21 May 2016 13:21:38 +0000 (15:21 +0200)]
fix the use of uninitialized value in regcomp
the num_submatches field of some ast nodes was not initialized in
tre_add_tag_{left,right}, but was accessed later.
this was a benign bug since the uninitialized values were never used
(these values are created during tre_add_tags and copied around during
tre_expand_ast where they are also used in computations, but nothing
in the final tnfa depends on them).
Bobby Bingham [Thu, 12 May 2016 05:34:05 +0000 (00:34 -0500)]
deduplicate __NR_* and SYS_* syscall number definitions
Bobby Bingham [Thu, 12 May 2016 04:00:02 +0000 (23:00 -0500)]
x32: eliminate __X32_SYSCALL_BIT constant
Bobby Bingham [Thu, 12 May 2016 05:30:51 +0000 (00:30 -0500)]
x32: remove arch-specific syscall remapping
These system calls are already all remapped in an arch-agnostic manner in
src/internal/syscall.h
Rich Felker [Mon, 9 May 2016 03:16:14 +0000 (23:16 -0400)]
fix spurious trailing whitespace in powerpc & powerpc64 bits/errno.h
Bobby Bingham [Sun, 1 May 2016 00:18:17 +0000 (19:18 -0500)]
add powerpc64 port
LeMay, Michael [Wed, 4 May 2016 03:29:42 +0000 (03:29 +0000)]
fix redundant processing of --build flag in configure script
The --build flag is listed in two case statement entries in configure,
which causes the second entry to be ignored. This patch removes it
from the first entry.
Signed-off-by: Michael LeMay <michael.lemay@intel.com>
Andrew Kelley [Wed, 4 May 2016 20:29:11 +0000 (13:29 -0700)]
fix incorrect protocol name and number for egp
previously if you called getprotobyname("egp") you would get
NULL because \008 is invalid octal and so the protocol id was
interpreted as 0 and name as "8egp".
Rich Felker [Fri, 29 Apr 2016 23:50:33 +0000 (19:50 -0400)]
follow standard configure behavior for cross compile prefix
the standard configure interface, which our configure script tries to
implement, identifies cross compiling (build != host) and searches for
the properly-prefixed cross tools. our script was not doing that,
forcing users to explicitly provide either CC or a CROSS_COMPILE tool
prefix, and the more common choice, just providing CC, was incomplete
because the Makefile would still invoke the native ar and ranlib
programs. this happened to work when building on ELF-based systems
with GNU binutils, but could easily fail when cross-compiling from
dissimilar systems.
like before, and like the standard configure behavior, an explicit CC
or CROSS_COMPILE variable on the command line or in the environment
overrides the automatic prefixing.
Rich Felker [Fri, 29 Apr 2016 00:41:45 +0000 (20:41 -0400)]
update COPYRIGHT file to clarify that permissions apply for all files
these changes are the outcome of a long mailing list thread that took
place March 2016, "musl licensing". among minor other issues,
prospective users were not confident that the whole-project MIT
license would grant permission for files to which the COPYRIGHT file
expressed a belief that copyright not apply, if it turned out that
these files were actually subject to copyright.
in accordance with the original intent of applying a permissive
license to the project, which was that license issues not be an
obstacle to use, the text which was causing confusion is removed. no
new claims of copyright are made, but new text is added to clarify
that the grant of permissions applies to all files, and an explicit
grant of permission to use public headers and crt files without
attribution has been made.
this patch was reviewed and approved by all substantial contributors
to the affected files: Bobby Bingham, John Spencer (rofl0r), Nicholas
J. Kain, Rich Felker, Richard Pennington, Stefan Kristiansson, and
Szabolcs Nagy.
Rich Felker [Tue, 26 Apr 2016 19:26:40 +0000 (15:26 -0400)]
fix FILE buffer underflow in ungetwc
commit
7e816a6487932cbb3cb71d94b609e50e81f4e5bf (version 1.1.11
release cycle) moved the code that performs wchar_t to multibyte
conversion across code that used the resulting length in bytes,
thereby breaking the unget buffer space check in ungetwc and
clobbering up to three bytes below the start of the buffer.
for allocated FILEs (all read-enabled FILEs except stdin), the
underflow clobbers at most the FILE-specific locale pointer. no stores
are performed through this pointer, but subsequent loads may result in
a crash or mismatching encoding rule (UTF-8 multibyte vs byte-based).
for stdin, the buffer lies in .bss and the underflow may clobber
another object. in practice, for libc.so the adjacent object seems to
be stderr's buffer, which is completely unused, but this could vary
with linking options, or when static linking.
applications which do not attempt to use more than one character of
ungetwc pushback, or which do not use ungetwc, are not affected.
Rich Felker [Mon, 25 Apr 2016 23:37:06 +0000 (19:37 -0400)]
fix thread structure/dtv-pointer corruption on powerpc
per the powerpc psabi, offset 4 of the stack at call time belongs to
the callee and is used for spilling lr (return address). in addition,
offset 0 on the stack must contain a pointer to the previous stack
frame, or a null pointer for the initial stack frame of a thread.
__clone failed to setup any stack frame on the new thread's stack,
thereby allowing the start function it called to clobber offset 4 of
the new thread's struct __pthread, which contains the dtv pointer.
add code to setup a proper stack frame and align the stack pointer to
a multiple of 16 (also an abi requirement) if it was not already
aligned.
Petr Vaněk [Sun, 17 Apr 2016 14:53:08 +0000 (14:53 +0000)]
remove dead store in res_msend
The variable nss is set to zero in following line.