about summary refs log tree commit diff
Commit message (Collapse)AuthorAgeFilesLines
* CVE-2017-15670: glob: Fix one-byte overflow [BZ #22320]Paul Eggert2018-04-133-1/+12
| | | | (cherry picked from commit c369d66e5426a30e4725b100d5cd28e372754f90)
* posix: Sync glob with gnulib [BZ #1062]Adhemerval Zanella2018-04-1322-461/+739
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This patch syncs posix/glob.c implementation with gnulib version b5ec983 (glob: simplify symlink detection). The only difference to gnulib code is * DT_UNKNOWN, DT_DIR, and DT_LNK definition in the case there were not already defined. Gnulib code which uses HAVE_STRUCT_DIRENT_D_TYPE will redefine them wrongly because GLIBC does not define HAVE_STRUCT_DIRENT_D_TYPE. Instead the patch check for each definition instead. Also, the patch requires additional globfree and globfree64 files for compatibility version on some architectures. Also the code simplification leads to not macro simplification (not need for NO_GLOB_PATTERN_P anymore). Checked on x86_64-linux-gnu and on a build using build-many-glibcs.py for all major architectures. [BZ #1062] * posix/Makefile (routines): Add globfree, globfree64, and glob_pattern_p. * posix/flexmember.h: New file. * posix/glob_internal.h: Likewise. * posix/glob_pattern_p.c: Likewise. * posix/globfree.c: Likewise. * posix/globfree64.c: Likewise. * sysdeps/gnu/globfree64.c: Likewise. * sysdeps/unix/sysv/linux/alpha/globfree.c: Likewise. * sysdeps/unix/sysv/linux/mips/mips64/n64/globfree64.c: Likewise. * sysdeps/unix/sysv/linux/oldglob.c: Likewise. * sysdeps/unix/sysv/linux/wordsize-64/globfree64.c: Likewise. * sysdeps/unix/sysv/linux/x86_64/x32/globfree.c: Likewise. * sysdeps/wordsize-64/globfree.c: Likewise. * sysdeps/wordsize-64/globfree64.c: Likewise. * posix/glob.c (HAVE_CONFIG_H): Use !_LIBC instead. [NDEBUG): Remove comments. (GLOB_ONLY_P, _AMIGA, VMS): Remove define. (dirent_type): New type. Use uint_fast8_t not uint8_t, as C99 does not require uint8_t. (DT_UNKNOWN, DT_DIR, DT_LNK): New macros. (struct readdir_result): Use dirent_type. Do not define skip_entry unless it is needed; this saves a byte on platforms lacking d_ino. (readdir_result_type, readdir_result_skip_entry): New functions, replacing ... (readdir_result_might_be_symlink, readdir_result_might_be_dir): these functions, which were removed. This makes the callers easier to read. All callers changed. (D_INO_TO_RESULT): Now empty if there is no d_ino. (size_add_wrapv, glob_use_alloca): New static functions. (glob, glob_in_dir): Check for size_t overflow in several places, and fix some size_t checks that were not quite right. Remove old code using SHELL since Bash no longer uses this. (glob, prefix_array): Separate MS code better. (glob_in_dir): Remove old Amiga and VMS code. (globfree, __glob_pattern_type, __glob_pattern_p): Move to separate files. (glob_in_dir): Do not rely on undefined behavior in accessing struct members beyond their bounds. Use a flexible array member instead (link_stat): Rename from link_exists2_p and return -1/0 instead of 0/1. Caller changed. (glob): Fix memory leaks. * posix/glob64 (globfree64): Move to separate file. * sysdeps/gnu/glob64.c (NO_GLOB_PATTERN_P): Remove define. (globfree64): Remove hidden alias. * sysdeps/unix/sysv/linux/Makefile (sysdeps_routines): Add oldglob. * sysdeps/unix/sysv/linux/alpha/glob.c (__new_globfree): Move to separate file. * sysdeps/unix/sysv/linux/i386/glob64.c (NO_GLOB_PATTERN_P): Remove define. Move compat code to separate file. * sysdeps/wordsize-64/glob.c (globfree): Move definitions to separate file. (cherry picked from commit c66c908230169c1bab1f83b071eb585baa214b9f)
* Record CVE-2018-6551 in NEWS and ChangeLog [BZ #22774]Florian Weimer2018-04-062-0/+6
| | | | (cherry picked from commit 71aa429b029fdb6f9e65d44050388b51eca460d6)
* Record CVE-2018-6485 in ChangeLog and NEWS [BZ #22343]Florian Weimer2018-04-062-0/+5
| | | | (cherry picked from commit 4590634fd65162568b9f52fb4beb60aa25da37f2)
* Add ChangeLog reference to bug 16750/CVE-2009-5064Florian Weimer2018-04-062-0/+8
| | | | (cherry picked from commit 403143e1df85dadd374f304bd891be0cd7573e3b)
* Fix integer overflows in internal memalign and malloc functions [BZ #22343]Arjun Shankar2018-04-064-9/+271
| | | | | | | | | | | | | | | | | | | | | | | | | | When posix_memalign is called with an alignment less than MALLOC_ALIGNMENT and a requested size close to SIZE_MAX, it falls back to malloc code (because the alignment of a block returned by malloc is sufficient to satisfy the call). In this case, an integer overflow in _int_malloc leads to posix_memalign incorrectly returning successfully. Upon fixing this and writing a somewhat thorough regression test, it was discovered that when posix_memalign is called with an alignment larger than MALLOC_ALIGNMENT (so it uses _int_memalign instead) and a requested size close to SIZE_MAX, a different integer overflow in _int_memalign leads to posix_memalign incorrectly returning successfully. Both integer overflows affect other memory allocation functions that use _int_malloc (one affected malloc in x86) or _int_memalign as well. This commit fixes both integer overflows. In addition to this, it adds a regression test to guard against false successful allocations by the following memory allocation functions when called with too-large allocation sizes and, where relevant, various valid alignments: malloc, realloc, calloc, reallocarray, memalign, posix_memalign, aligned_alloc, valloc, and pvalloc. (cherry picked from commit 8e448310d74b283c5cd02b9ed7fb997b47bf9b22)
* elf: Compute correct array size in _dl_init_paths [BZ #22606]Florian Weimer2018-04-063-7/+20
| | | | (cherry picked from commit 8a0b17e48b83e933960dfeb8fa08b259f03f310e)
* <array_length.h>: New array_length and array_end macrosFlorian Weimer2018-04-062-0/+41
| | | | (cherry picked from commit c94a5688fb1228a862b2d4a3f1239cdc0e3349e5)
* elf: Count components of the expanded path in _dl_init_path [BZ #22607]Florian Weimer2018-04-063-9/+17
| | | | (cherry picked from commit 3ff3dfa5af313a6ea33f3393916f30eece4f0171)
* elf: Check for empty tokens before dynamic string token expansion [BZ #22625]Aurelien Jarno2018-04-063-16/+47
| | | | | | | | | | | | | | | | | | | | | | | | | | | The fillin_rpath function in elf/dl-load.c loops over each RPATH or RUNPATH tokens and interprets empty tokens as the current directory ("./"). In practice the check for empty token is done *after* the dynamic string token expansion. The expansion process can return an empty string for the $ORIGIN token if __libc_enable_secure is set or if the path of the binary can not be determined (/proc not mounted). Fix that by moving the check for empty tokens before the dynamic string token expansion. In addition, check for NULL pointer or empty strings return by expand_dynamic_string_token. The above changes highlighted a bug in decompose_rpath, an empty array is represented by the first element being NULL at the fillin_rpath level, but by using a -1 pointer in decompose_rpath and other functions. Changelog: [BZ #22625] * elf/dl-load.c (fillin_rpath): Check for empty tokens before dynamic string token expansion. Check for NULL pointer or empty string possibly returned by expand_dynamic_string_token. (decompose_rpath): Check for empty path after dynamic string token expansion. (cherry picked from commit 3e3c904daef69b8bf7d5cc07f793c9f07c3553ef)
* sunrpc: Avoid use-after-free read access in clntudp_call [BZ #21115]Florian Weimer2018-04-065-2/+76
| | | | | | | | | | | | | After commit bc779a1a5b3035133024b21e2f339fe4219fb11c (CVE-2016-4429: sunrpc: Do not use alloca in clntudp_call [BZ #20112]), ancillary data is stored on the heap, but it is accessed after it has been freed. The test case must be run under a heap debugger such as valgrind to observe the invalid access. A malloc implementation which immediately calls munmap on free would catch this bug as well. (cherry picked from commit d42eed4a044e5e10dfb885cf9891c2518a72a491)
* ldd: never run file directlyAndreas Schwab2018-04-062-13/+5
| | | | (cherry picked from commit eedca9772e99c72ab4c3c34e43cc764250aa3e3c)
* Synchronize support/ infrastructure with masterArjun Shankar2018-04-06119-3/+7308
| | | | | | | | | | | This commit updates the support/ subdirectory to commit 2714c5f3c95f90977167c1d21326d907fb76b419 on the master branch and modifies Makeconfig, Rules, and extra-lib.mk accordingly. (cherry picked from commit 4c5785aa129a5d195fc1cd5c7fcd6f62c2b0ff0c) Reviewed-by: Carlos O'Donell <carlos@redhat.com>
* powerpc: Sync hwcap.h with kernelCarlos Eduardo Seo2016-10-143-1/+10
| | | | | | | | | | | | | | Linux commit b4b56f9ecab40f3b4ef53e130c9f6663be491894 introduced a new HWCAP2 bit to indicate that the kernel now aborts a memory transaction when a syscall is made. This patch adds that bit to sysdeps/powerpc/bits/hwcap.h. * sysdeps/powerpc/bits/hwcap.h: Add PPC_FEATURE2_HTM_NOSC. * sysdeps/powerpc/dl-procinfo.c: (_dl_powerpc_cap_flags): Added descriptor for this hwcap feature so it shows when LD_SHOW_AUXV=1. (cherry picked from commit 3c13f28c8eac1e5a883d1b3801314430a094fc99)
* powerpc: Add missing hwcap strings.Carlos Eduardo Seo2016-10-143-5/+12
| | | | | | | | | | | | Some features in hwcap.h do not have matching string descriptors to be displayed when LD_SHOW_AUXV=1. This patch fixes the problem. * sysdeps/powerpc/dl-procinfo.c: (_dl_powerpc_cap_flags): Added missing strings for some hwcap features. * sysdeps/powerpc/dl-procinfo.h: Updated hwcap bit count. (cherry picked from commit 94ec7e007f4845de284d4f7569721b225ba77572)
* Don't compile do_test with -mavx/-mavx2/-mavx512.Andrew Senkevich2016-10-1412-78/+204
| | | | | | | Don't compile do_test (in sincos ABI tests) with -mavx, -mavx2 nor -mavx512 since they won't run on non-AVX machines. (cherry-picked from commit fe0cf8614836e2b08b802eb1f55abca75d558545)
* Fixed x86_64 vector sincos/sincosf ABI.Andrew Senkevich2016-10-1433-33/+2586
| | | | | | | | | | Fixed wrong vector sincos/sincosf ABI to have it compatible with current vector function declaration "#pragma omp declare simd notinbranch", according to which vector sincos should have vector of pointers for second and third parameters. It is fixed with implementation as wrapper to version having second and third parameters as pointers. (cherry-picked from commit ee2196bb6766ca7e63a1ba22ebb7619a3266776a)
* nptl/tst-once5: Reduce time to expected failureFlorian Weimer2016-08-182-0/+7
| | | | (cherry picked from commit 1f645571d2db9008b3cd3d5acb9ff93357864283)
* argp: Do not override GCC keywords with macros [BZ #16907]Florian Weimer2016-08-183-55/+14
| | | | | | | | | | | | | glibc provides fallback definitions already. It is not necessary to suppress warnings for unknown attributes because GCC does this automatically for system headers. This commit does not sync with gnulib because gnulib has started to use _GL_* macros in the header file, which are arguably in the gnulib implementation space and not suitable for an installed glibc header file. (cherry picked from commit 2c820533c61fed175390bc6058afbbe42d2edc37)
* fopencookie: Mangle function pointers stored on the heap [BZ #20222]Florian Weimer2016-08-182-14/+46
| | | | (cherry picked from commit 983fd5c41ab7e5a5c33922259ca1ac99b3b413f8)
* nss_db: Propagate ERANGE error if parse_line fails [BZ #19837]Florian Weimer2016-08-182-2/+8
| | | | | | | | | | | | | | | | | | | Reproducer (needs to run as root): perl -e \ 'print "large:x:999:" . join(",", map {"user$_"} (1 .. 135))."\n"' \ >> /etc/group cd /var/db make getent -s db group After the fix, the last command should list the "large" group. The magic number 135 has been chosen so that the line is shorter than 1024 bytes, but the pointers required to encode the member array will cross the threshold, triggering the bug. (cherry picked from commit a6033052d08027f745867e5e346852da1959226c)
* nss_db: Fix initialization of iteration position [BZ #20237]Florian Weimer2016-08-182-1/+14
| | | | | | | | | | | When get*ent is called without a preceding set*ent, we need to set the initial iteration position in get*ent. Reproducer: Add “services: db files” to /etc/nsswitch.conf, then run “perl -e getservent”. It will segfault before this change, and exit silently after it. (cherry picked from commit 31d0a4fa646db8b8c97ce24e0ec0a7b73de4fca1)
* Return proper status from _nss_nis_initgroups_dyn (bug 20262)Andreas Schwab2016-08-182-5/+18
| | | | (cherry picked from commit 73fb56a4d51fd4437e4cde6dd3c8077a610f88a8)
* arm: mark __startcontext as .cantunwind (bug 20435)Andreas Schwab2016-08-183-0/+19
| | | | | | | | | | | __startcontext marks the bottom of the call stack of the contexts created by makecontext. (cherry picked from commit 9e2ff6c9cc54c0b4402b8d49e4abe7000fde7617) Also includes the NEWS update, cherry-picked from commits 056dd72af83f5459ce6d545a49dea6dba7d635dc and 4d047efdbc55b0d68947cde682e5363d16a66294.
* malloc: Avoid premature fallback to mmap [BZ #20284]Florian Weimer2016-08-182-6/+10
| | | | | | | | | Before this change, the while loop in reused_arena which avoids returning a corrupt arena would never execute its body if the selected arena were not corrupt. As a result, result == begin after the loop, and the function returns NULL, triggering fallback to mmap. (cherry picked from commit a3b473373ee43a292f5ec68a7fda6b9cfb26a9b0)
* Do not override objects in libc.a in other static libraries [BZ #20452]Florian Weimer2016-08-1814-1/+50
| | | | | | | With this change, we no longer add sysdep.o and similar objects which are present in libc.a to other static libraries. (cherry picked from commit d9067fca40b8aac156d73cfa44d6875813555a6c)
* malloc: Preserve arena free list/thread count invariant [BZ #20370]Florian Weimer2016-08-042-5/+44
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | It is necessary to preserve the invariant that if an arena is on the free list, it has thread attach count zero. Otherwise, when arena_thread_freeres sees the zero attach count, it will add it, and without the invariant, an arena could get pushed to the list twice, resulting in a cycle. One possible execution trace looks like this: Thread 1 examines free list and observes it as empty. Thread 2 exits and adds its arena to the free list, with attached_threads == 0). Thread 1 selects this arena in reused_arena (not from the free list). Thread 1 increments attached_threads and attaches itself. (The arena remains on the free list.) Thread 1 exits, decrements attached_threads, and adds the arena to the free list. The final step creates a cycle in the usual way (by overwriting the next_free member with the former list head, while there is another list item pointing to the arena structure). tst-malloc-thread-exit exhibits this issue, but it was only visible with a debugger because the incorrect fix in bug 19243 removed the assert from get_free_list. (cherry picked from commit f88aab5d508c13ae4a88124e65773d7d827cd47b)
* hppa: fix loading of global pointer in _start [BZ #20277]John David Anglin2016-07-013-1/+9
| | | | | | | | | The patched change fixes a regression for executables compiled with the -p option and linked with gcrt1.o. The executables crash on startup. This regression was introduced in 2.22 and was noticed in the gcc testsuite. (cherry picked from commit 9765ffa71030efd8bb4f2ea4ed6e020fcb4bb714)
* MIPS, SPARC: more fixes to the vfork aliases in libpthread.soAurelien Jarno2016-06-274-14/+23
| | | | | | | | | | | | | | | | | | | | Commit 43c29487 tried to fix the vfork aliases in libpthread.so on MIPS and SPARC, but failed to do it correctly, introducing an ABI change. This patch does the remaining changes needed to align the MIPS and SPARC vfork implementations with the other architectures. That way the the alpha version of pt-vfork.S works correctly for MIPS and SPARC. The changes for alpha were done in 82aab97c. Changelog: * sysdeps/unix/sysv/linux/mips/vfork.S (__vfork): Rename into __libc_vfork. (__vfork) [IS_IN (libc)]: Remove alias. (__libc_vfork) [IS_IN (libc)]: Define as an alias. * sysdeps/unix/sysv/linux/sparc/sparc32/vfork.S: Likewise. * sysdeps/unix/sysv/linux/sparc/sparc64/vfork.S: Likewise. (cherry picked from commit b87c1ec3fa398646f042a68f0ce0f7d09c1348c7)
* MIPS, SPARC: fix wrong vfork aliases in libpthread.soAurelien Jarno2016-06-194-0/+13
| | | | | | | | | | | | | | | | | | | | | | | | With recent binutils versions the GNU libc fails to build on at least MISP and SPARC, with this kind of error: /home/aurel32/glibc/glibc-build/nptl/libpthread.so:(*IND*+0x0): multiple definition of `vfork@GLIBC_2.0' /home/aurel32/glibc/glibc-build/nptl/libpthread.so::(.text+0xee50): first defined here It appears that on these architectures pt-vfork.S includes vfork.S (through the alpha version of pt-vfork.S) and that the __vfork aliases are not conditionalized on IS_IN (libc) like on other architectures. Therefore the aliases are also wrongly included in libpthread.so. Fix this by properly conditionalizing the aliases like on other architectures. Changelog: * sysdeps/unix/sysv/linux/mips/vfork.S (__vfork): Conditionalize hidden_def, weak_alias and strong_alias on [IS_IN (libc)]. * sysdeps/unix/sysv/linux/sparc/sparc32/vfork.S: Likewise. * sysdeps/unix/sysv/linux/sparc/sparc64/vfork.S: Likewise. (cherry picked from commit 43c2948756bb6e144c7b871e827bba37d61ad3a3)
* S390: Fix build failure in test string/tst-endian.c with gcc 6.Stefan Liebler2016-06-022-0/+30
| | | | | | | | | | | | | | | | | | | | | | | | | | | | Building string/tst-endian.c with gcc 6 produces an build warning/error on s390 (big endian machine): gcc tst-endian.c -c -std=gnu11 -fgnu89-inline -O2 or -O3 ... tst-endian.c: In function ‘do_test’: tst-endian.c:16:30: error: self-comparison always evaluates to false [-Werror=tautological-compare] if (htobe16 (be16toh (i)) != i) ^~ ... See definitions of htobexx, bexxtoh in string/endian.h: ... This patch silences these warnings with DIAG_* macros if build with gcc 6 and newer. The same warnings occur on little endian machines with the "htoleXX (leXXtoh (i)) != i" if-statements. ChangeLog: * string/tst-endian.c: Include <libc-internal.h>. (do_test): Ignore tautological-compare warnings around "htobeXX (beXXtoh (i)) != i" and "htoleXX (leXXtoh (i)) != i" if-statements. (cherry picked from commit f69f887092914f6e1abcc2d622e4f5e56a6e1645)
* Remove unused variable in math/atest-exp2.c.Torvald Riegel2016-06-022-5/+4
| | | | (cherry picked from commit 794950ed1d29853158d783d57f72260f5665afe5)
* sysdeps/unix/sysv/linux/dl-openat64.c: Convert to ISO definitionFlorian Weimer2016-06-022-4/+6
| | | | Partial backport of commit 9dd346ff431fc761f1b748bd4da8bb59f7652094.
* Fix indentation.Steve Ellcey2016-06-022-1/+8
| | | | | | | * sysdeps/ieee754/flt-32/k_rem_pio2f.c (__kernel_rem_pio2f): Fix indentation. (cherry picked from commit 976ef870542580cf5fed896c2c652b3e1a95f9da)
* Fix several build failures with GCC6 due to unused static variables.Wilco Dijkstra2016-06-0211-28/+16
| | | | | | | | | | | | | | | | | | | 2015-09-18 Wilco Dijkstra <wdijkstr@arm.com> * resolv/base64.c (rcsid): Remove unused static. * sysdeps/ieee754/dbl-64/atnat2.h (qpi1): Remove unused static. (tqpi1): Likewise. * sysdeps/ieee754/dbl-64/uexp.h (one): Likewise. * sysdeps/ieee754/dbl-64/upow.h (sqrt_2): Likewise. * sysdeps/ieee754/flt-32/e_log10f.c (one): Likewise. * sysdeps/ieee754/flt-32/s_cosf.c (one): Likewise. * sysdeps/ieee754/ldbl-128/e_lgammal_r.c (zero): Likewise. * sysdeps/ieee754/ldbl-128/s_erfl.c (half): Likewise. * sysdeps/ieee754/ldbl-128/s_log1pl.c (maxlog): Likewise. * timezone/private.h (time_t_min): Likewise. (time_t_max): Likewise. (cherry picked from commit 6565fcb6e189d67b5a3f321453daebb805056d73)
* Suppress GCC 6 warning about ambiguous 'else' with -WparenthesesYvan Roux2016-06-023-21/+30
| | | | (cherry picked from commit df1cf48777fe4cd81ad7fb09ecbe5b31432b7c1c)
* fork in libpthread cannot use IFUNC resolver [BZ #19861]Florian Weimer2016-06-022-33/+19
| | | | | | | | This commit only addresses the fork case, the vfork case has to be a tail call, which is why the generic code needs an IFUNC resolver there. (cherry picked from commit f06f3f05b48c72e2c9b0fa78671f94fd22d67da8)
* CVE-2016-4429: sunrpc: Do not use alloca in clntudp_call [BZ #20112]Florian Weimer2016-05-313-2/+21
| | | | | | | | | | | | The call is technically in a loop, and under certain circumstances (which are quite difficult to reproduce in a test case), alloca can be invoked repeatedly during a single call to clntudp_call. As a result, the available stack space can be exhausted (even though individual alloca sizes are bounded implicitly by what can fit into a UDP packet, as a side effect of the earlier successful send operation). (cherry picked from commit bc779a1a5b3035133024b21e2f339fe4219fb11c)
* hesiod: Always use thread-local resolver state [BZ #19573]Florian Weimer2016-05-1112-158/+91
| | | | | | | | | | | | | | | | | | The Hesiod implementation imported into glibc was enhanced to support caller-supplied resolver states. But its only consumer is nss_hesiod, and it supplies the thread-local resolver state. Therefore, this commit changes the Hesiod implementation to use the thread-local resolver state (_res) directly. This fixes bug 19573 because the Hesiod implementation no longer has to initialize and free any resolver state. To avoid any risk of interposition of ABI-incompatible Hesiod function implementations, this commit marks the Hesiod functions as hidden. (They were already hidden using a linker version script.) (cherry picked from commit 5018f16c6205404ba3aa7298dc8a3d45fbd46bfc)
* hesiod: Remove RCS keywordsFlorian Weimer2016-05-114-12/+6
| | | | (cherry picked from commit dbdc657dc0b962ef3ac61585c81e0828d8da42ee)
* CVE-2016-3706: getaddrinfo: stack overflow in hostent conversion [BZ #20010]Florian Weimer2016-05-113-62/+85
| | | | | | | | | | | | When converting a struct hostent response to struct gaih_addrtuple, the gethosts macro (which is called from gaih_inet) used alloca, without malloc fallback for large responses. This commit changes this code to use calloc unconditionally. This commit also consolidated a second hostent-to-gaih_addrtuple conversion loop (in gaih_inet) to use the new conversion function. (cherry picked from commit 4ab2ab03d4351914ee53248dc5aef4a8c88ff8b9)
* CVE-2016-1234: glob: Do not copy d_name field of struct dirent [BZ #19779]Florian Weimer2016-05-115-101/+186
| | | | | | | | Instead, we store the data we need from the return value of readdir in an object of the new type struct readdir_result. This type is independent of the layout of struct dirent. (cherry picked from commit 5171f3079f2cc53e0548fc4967361f4d1ce9d7ea)
* glob: Simplify the interface for the GLOB_ALTDIRFUNC callback gl_readdirFlorian Weimer2016-05-116-24/+100
| | | | | | | | | | | | | | Previously, application code had to set up the d_namlen member if the target supported it, involving conditional compilation. After this change, glob will use the length of the string in d_name instead of d_namlen to determine the file name length. All glibc targets provide the d_type and d_ino members, and setting them as needed for gl_readdir is straightforward. Changing the behavior with regards to d_ino is left to a future cleanup. (cherry picked from commit 137fe72eca6923a00381a3ca9f0e7672c1f85e3f)
* malloc: Update comment for list_lockFlorian Weimer2016-04-132-3/+8
| | | | (cherry picked from commit 7962541a32eff5597bc4207e781cfac8d1bb0d87)
* tst-malloc-thread-exit: Use fewer system resourcesFlorian Weimer2016-04-132-14/+22
| | | | (cherry picked from commit 2a38688932243b5b16fb12d84c7ac1138ce50363)
* malloc: Fix list_lock/arena lock deadlock [BZ #19182]Florian Weimer2016-04-134-15/+75
| | | | | | | | | | | | | | | | | | | | * malloc/arena.c (list_lock): Document lock ordering requirements. (free_list_lock): New lock. (ptmalloc_lock_all): Comment on free_list_lock. (ptmalloc_unlock_all2): Reinitialize free_list_lock. (detach_arena): Update comment. free_list_lock is now needed. (_int_new_arena): Use free_list_lock around detach_arena call. Acquire arena lock after list_lock. Add comment, including FIXME about incorrect synchronization. (get_free_list): Switch to free_list_lock. (reused_arena): Acquire free_list_lock around detach_arena call and attached threads counter update. Add two FIXMEs about incorrect synchronization. (arena_thread_freeres): Switch to free_list_lock. * malloc/malloc.c (struct malloc_state): Update comments to mention free_list_lock. (cherry picked from commit 90c400bd4904b0240a148f0b357a5cbc36179239)
* malloc: Fix attached thread reference count handling [BZ #19243]Florian Weimer2016-04-135-6/+240
| | | | | | | | | | | | | | | | | | reused_arena can increase the attached thread count of arenas on the free list. This means that the assertion that the reference count is zero is incorrect. In this case, the reference count initialization is incorrect as well and could cause arenas to be put on the free list too early (while they still have attached threads). * malloc/arena.c (get_free_list): Remove assert and adjust reference count handling. Add comment about reused_arena interaction. (reused_arena): Add comments abount get_free_list interaction. * malloc/tst-malloc-thread-exit.c: New file. * malloc/Makefile (tests): Add tst-malloc-thread-exit. (tst-malloc-thread-exit): Link against libpthread. (cherry picked from commit 3da825ce483903e3a881a016113b3e59fd4041de)
* malloc: Prevent arena free_list from turning cyclic [BZ #19048]Florian Weimer2016-04-134-8/+104
| | | | | | | | | | | | | | | | | | | [BZ# 19048] * malloc/malloc.c (struct malloc_state): Update comment. Add attached_threads member. (main_arena): Initialize attached_threads. * malloc/arena.c (list_lock): Update comment. (ptmalloc_lock_all, ptmalloc_unlock_all): Likewise. (ptmalloc_unlock_all2): Reinitialize arena reference counts. (deattach_arena): New function. (_int_new_arena): Initialize arena reference count and deattach replaced arena. (get_free_list, reused_arena): Update reference count and deattach replaced arena. (arena_thread_freeres): Update arena reference count and only put unreferenced arenas on the free list. (cherry picked from commit a62719ba90e2fa1728890ae7dc8df9e32a622e7b)
* Increase internal precision of ldbl-128ibm decimal printf [BZ #19853]Paul E. Murphy2016-04-124-12/+43
| | | | | | | | | | | | | | | | When the signs differ, the precision of the conversion sometimes drops below 106 bits. This strategy is identical to the hexadecimal variant. I've refactored tst-sprintf3 to enable testing a value with more than 30 significant digits in order to demonstrate this failure and its solution. Additionally, this implicitly fixes a typo in the shift quantities when subtracting from the high mantissa to compute the difference. (cherry picked from commit 37a4c70bd4c5c74ac562072e450dc02e8cb4c150)
* configure: fix `test ==` usageMike Frysinger2016-04-095-6/+13
| | | | | | | POSIX defines the = operator, but not ==. Fix the few places where we incorrectly used ==. (cherry picked from commit b2d4456b333970ab4cb01ed8045b9a8d2c4832f3)