about summary refs log tree commit diff
Commit message (Collapse)AuthorAgeFilesLines
* fix the prototype of settimeofday to follow the original BSD declarationSzabolcs Nagy2013-05-262-6/+7
|
* fix ioctl _IOR, _IOW, etc macros to avoid signed overflow (2<<30)Szabolcs Nagy2013-05-266-38/+19
|
* on x86_64 use long instead of long long for 64bit posix typesSzabolcs Nagy2013-05-261-4/+4
| | | | | following glibc use the lowest rank 64bit integer type for ino_t etc. this is eg. useful for printf format compatibility
* math: add fma TODO comments about the underflow issueSzabolcs Nagy2013-05-193-2/+14
| | | | | | | | | The underflow exception is not raised correctly in some cornercases (see previous fma commit), added comments with examples for fmaf, fmal and non-x86 fma. In fmaf store the result before returning so it has the correct precision when FLT_EVAL_METHOD!=0
* math: fix two fma issues (only affects non-nearest rounding mode, x86)Szabolcs Nagy2013-05-191-4/+38
| | | | | | | | | | | | | | | | | | | | | | 1) in downward rounding fma(1,1,-1) should be -0 but it was 0 with gcc, the code was correct but gcc does not support FENV_ACCESS ON so it used common subexpression elimination where it shouldn't have. now volatile memory access is used as a barrier after fesetround. 2) in directed rounding modes there is no double rounding issue so the complicated adjustments done for nearest rounding mode are not needed. the only exception to this rule is raising the underflow flag: assume "small" is an exactly representible subnormal value in double precision and "verysmall" is a much smaller value so that (long double)(small plus verysmall) == small then (double)(small plus verysmall) raises underflow because the result is an inexact subnormal, but (double)(long double)(small plus verysmall) does not because small is not a subnormal in long double precision and it is exact in double precision. now this problem is fixed by checking inexact using fenv when the result is subnormal
* Merge remote-tracking branch 'nsz/review'Rich Felker2013-05-1815-213/+203
|\
| * math: sin cos cleanupSzabolcs Nagy2013-05-1810-112/+128
| | | | | | | | | | | | | | | | * use unsigned arithmetics * use unsigned to store arg reduction quotient (so n&3 is understood) * remove z=0.0 variables, use literal 0 * raise underflow and inexact exceptions properly when x is small * fix spurious underflow in tanl
| * math: tan cleanupsSzabolcs Nagy2013-05-186-106/+80
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * use unsigned arithmetics on the representation * store arg reduction quotient in unsigned (so n%2 would work like n&1) * use different convention to pass the arg reduction bit to __tan (this argument used to be 1 for even and -1 for odd reduction which meant obscure bithacks, the new n&1 is cleaner) * raise inexact and underflow flags correctly for small x (tanl(x) may still raise spurious underflow for small but normal x) (this exception raising code increases codesize a bit, similar fixes are needed in many other places, it may worth investigating at some point if the inexact and underflow flags are worth raising correctly as this is not strictly required by the standard) * tanf manual reduction optimization is kept for now * tanl code path is cleaned up to follow similar logic to tan and tanf
* | make err.h functions print __prognameRich Felker2013-05-181-0/+4
|/ | | | | | | patch by Strake. previously is was not feasible to duplicate this functionality of the functions these were modeled on, since argv[0] was not saved at program startup, but now that it's available it's easy to use.
* add FLT_TRUE_MIN, etc. macros from C11Rich Felker2013-05-177-0/+8
| | | | | | | | there was some question as to how many decimal places to use, since one decimal place is always sufficient to identify the smallest denormal uniquely. for now, I'm following the example in the C standard which is consistent with the other min/max macros we already had in place.
* remove the __STDC_FORMAT_MACROS nonsense from inttypes.hRich Felker2013-05-171-4/+0
| | | | | | | somehow I missed this when removing the corresponding __STDC_LIMIT_MACROS and __STDC_CONSTANT_MACROS nonsense from stdint.h. these were all attempts by the C committee to guess what the C++ committee would want, and the guesses turned out to be wrong.
* fix mknod and mknodat to accept large dev_t valuesRich Felker2013-05-162-5/+2
| | | | | | | | support for these was recently added to sysmacros.h. note that the syscall argument is a long, despite dev_t being 64-bit, so on 32-bit archs the high bits will be lost. it appears the high bits are just glibc silliness and not part of the kernel api, anyway, but it's nice that we have them there for future expansion if needed.
* math: use double_t for temporaries to avoid stores on i386Szabolcs Nagy2013-05-1521-28/+31
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | When FLT_EVAL_METHOD!=0 (only i386 with x87 fp) the excess precision of an expression must be removed in an assignment. (gcc needs -fexcess-precision=standard or -std=c99 for this) This is done by extra load/store instructions which adds code bloat when lot of temporaries are used and it makes the result less precise in many cases. Using double_t and float_t avoids these issues on i386 and it makes no difference on other archs. For now only a few functions are modified where the excess precision is clearly beneficial (mostly polynomial evaluations with temporaries). object size differences on i386, gcc-4.8: old new __cosdf.o 123 95 __cos.o 199 169 __sindf.o 131 95 __sin.o 225 203 __tandf.o 207 151 __tan.o 605 499 erff.o 1470 1416 erf.o 1703 1649 j0f.o 1779 1745 j0.o 2308 2274 j1f.o 1602 1568 j1.o 2286 2252 tgamma.o 1431 1424 math/*.o 64164 63635
* support full range of dev_t major/minor numbers in makedev, etc. macrosRich Felker2013-05-151-3/+10
|
* remove compound literals from math.h to please c++Szabolcs Nagy2013-05-061-5/+10
| | | | | | __FLOAT_BITS and __DOUBLE_BITS macros used union compound literals, now they are changed into static inline functions. A good C compiler generates the same code for both and the later is C++ conformant.
* fix incorrect clock tick scaling in fallback case of clock()Rich Felker2013-05-051-1/+1
| | | | | | | since CLOCKS_PER_SEC is 1000000 (required by XSI) and the times syscall reports values in 1/100 second units (Linux), the correct scaling factor is 10000, not 100. note that only ancient kernels which lack clock_gettime are affected.
* do not interpret errors in return value of times() syscallRich Felker2013-05-051-1/+1
| | | | | | | | all return values are valid, and on 32-bit systems, values that look like errors can and will occur. since the only actual error this function could return is EFAULT, and it is only returnable when the application has invoked undefined behavior, simply ignore the possibility that the return value is actually an error code.
* transition to using functions for internal signal blocking/restoringRich Felker2013-04-265-12/+57
| | | | | | | | | | there are several reasons for this change. one is getting rid of the repetition of the syscall signature all over the place. another is sharing the constant masks without costly GOT accesses in PIC. the main motivation, however, is accurately representing whether we want to block signals that might be handled by the application, or all signals.
* optimize/debloat raiseRich Felker2013-04-261-2/+2
| | | | | use __syscall rather than syscall when failure is not possible or not to be considered.
* prevent code from running under a thread id which already gave ESRCHRich Felker2013-04-261-1/+7
|
* synccall signal handler need not handle dead threads anymoreRich Felker2013-04-261-9/+0
| | | | | | they have already blocked signals before decrementing the thread count, so the code being removed is unreachable in the case where the thread is no longer counted.
* fix clobbering of signal mask when creating thread with sched attributesRich Felker2013-04-261-1/+1
| | | | this was simply a case of saving the state in the wrong place.
* make last thread's pthread_exit give exit(0) a consistent stateRich Felker2013-04-261-3/+13
| | | | | the previous few commits ended up leaving the thread count and signal mask wrong for atexit handlers and stdio cleanup.
* use atomic decrement rather than cas in pthread_exit thread countRich Felker2013-04-261-4/+1
| | | | | | now that blocking signals prevents any application code from running while the last thread is exiting, the cas logic is no longer needed to prevent decrementing below zero.
* add comments on some of the pthread_exit logicRich Felker2013-04-261-2/+15
|
* always block signals in pthread_exit before decrementing thread countRich Felker2013-04-261-2/+2
| | | | | | | | | | | | | | | | | | | | | | the thread count (1+libc.threads_minus_1) must always be greater than or equal to the number of threads which could have application code running, even in an async-signal-safe sense. there is at least one dangerous race condition if this invariant fails to hold: dlopen could allocate too little TLS for existing threads, and a signal handler running in the exiting thread could claim the allocated TLS for itself (via __tls_get_addr), leaving too little for the other threads it was allocated for and thereby causing out-of-bounds access. there may be other situations where it's dangerous for the thread count to be too low, particularly in the case where only one thread should be left, in which case locking may be omitted. however, all such code paths seem to arise from undefined behavior, since async-signal-unsafe functions are not permitted to be called from a signal handler that interrupts pthread_exit (which is itself async-signal-unsafe). this change may also simplify logic in __synccall and improve the chances of making __synccall async-signal-safe.
* remove explicit locking to prevent __synccall setuid during posix_spawnRich Felker2013-04-261-13/+0
| | | | | | | | | | | | | | | for the duration of the vm-sharing clone used by posix_spawn, all signals are blocked in the parent process, including implementation-internal signals. since __synccall cannot do anything until successfully signaling all threads, the fact that signals are blocked automatically yields the necessary safety. aside from debloating and general simplification, part of the motivation for removing the explicit lock is to simplify the synchronization logic of __synccall in hopes that it can be made async-signal-safe, which is needed to make setuid and setgid, which depend on __synccall, conform to the standard. whether this will be possible remains to be seen.
* remove __STDC_LIMIT_MACROS and __STDC_CONSTANT_MACROS checks in stdint.hRich Felker2013-04-221-8/+0
| | | | | | | C++11, the first C++ with stdint.h, requires the previously protected macros to be exposed unconditionally by stdint.h. apparently these checks were an early attempt by the C committee to guess what the C++ committee would want, and they guessed wrong.
* fix reversed argument order x86_64 sigsetjmp's call to sigprocmaskRich Felker2013-04-221-2/+2
| | | | | | this caused sigsetjmp not to save the signal mask but instead to clobber it with whatever happened to be in the sigjmb_buf prior to the call.
* comment potentially-confusing use of struct crypt_data typeRich Felker2013-04-202-1/+10
|
* mention bits headers in another part of copyright fileRich Felker2013-04-201-1/+1
|
* update copyright yearRich Felker2013-04-201-2/+2
|
* clarify that bits headers are included as public headersRich Felker2013-04-201-6/+6
|
* make dynamic linker accept : or \n as path separatorRich Felker2013-04-201-8/+8
| | | | | | | | | | | | | this allows /etc/ld-musl-$(ARCH).path to contain one path per line, which is much more convenient for users than the :-delimited format, which was a source of repeated and unnecessary confusion. for simplicity, \n is also accepted in environment variables, though it should probably not be used there. at the same time, issues with overly long paths invoking UB or getting truncated have been fixed. such issues should not have arisen with the environment (which is size-limited) but could have been generated by a path file larger than 2**31 bytes in length.
* release notes for 0.9.10 v0.9.10Rich Felker2013-04-141-0/+52
|
* make ifaddrs.h expose sys/socket.hRich Felker2013-04-101-0/+1
| | | | | | the getifaddrs interface seems to have been invented by glibc, and they expose socket.h, so for us not to do so is just gratuitous incompatibility with the interface we're mimicing.
* getifaddrs: implement proper ipv6 netmasksrofl0r2013-04-091-2/+11
|
* mbrtowc: do not leave mbstate_t in permanent-fail state after EILSEQRich Felker2013-04-081-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | the standard is clear that the old behavior is conforming: "In this case, [EILSEQ] shall be stored in errno and the conversion state is undefined." however, the specification of mbrtowc has one peculiarity when the source argument is a null pointer: in this case, it's required to behave as mbrtowc(NULL, "", 1, ps). no motivation is provided for this requirement, but the natural one that comes to mind is that the intent is to reset the mbstate_t object. for stateful encodings, such behavior is actually specified: "If the corresponding wide character is the null wide character, the resulting state described shall be the initial conversion state." but in the case of UTF-8 where the mbstate_t object contains a partially-decoded character rather than a shift state, a subsequent '\0' byte indicates that the previous partial character is incomplete and thus an illegal sequence. naturally, applications using their own mbstate_t object should clear it themselves after an error, but the standard presently provides no way to clear the builtin mbstate_t object used when the ps argument is a null pointer. I suspect this issue may be addressed in the future by specifying that a null source argument resets the state, as this seems to have been the intent all along. for what it's worth, this change also slightly reduces code size.
* implement mbtowc directly, not as a wrapper for mbrtowcRich Felker2013-04-081-5/+39
| | | | | | | | | | | the interface contract for mbtowc admits a much faster implementation than mbrtowc can achieve; wrapping mbrtowc with an extra call frame only made the situation worse. since the regex implementation uses mbtowc already, this change should improve regex performance too. it may be possible to improve performance in other places internally by switching from mbrtowc to mbtowc.
* optimize mbrtowcRich Felker2013-04-081-3/+2
| | | | | | | | | | | this simple change, in my measurements, makes about a 7% performance improvement. at first glance this change would seem like a compiler-specific hack, since the modified code is not even used. however, I suspect the reason is that I'm eliminating a second path into the main body of the code, allowing the compiler more flexibility to optimize the normal (hot) path into the main body. so even if it weren't for the measurable (and quite notable) difference in performance, I think the change makes sense.
* fix out-of-bounds access in UTF-8 decodingRich Felker2013-04-081-1/+1
| | | | | | | | | | | | | | | | | | SA and SB are used as the lowest and highest valid starter bytes, but the value of SB was one-past the last valid starter. this caused access past the end of the state table when the illegal byte '\xf5' was encountered in a starter position. the error did not show up in full-character decoding tests, since the bogus state read from just past the table was unlikely to admit any continuation bytes as valid, but would have shown up had we tested feeding '\xf5' to the byte-at-a-time decoding in mbrtowc: it would cause the funtion to wrongly return -2 rather than -1. I may eventually go back and remove all references to SA and SB, replacing them with the values; this would make the code more transparent, I think. the original motivation for using macros was to allow misguided users of the code to redefine them for the purpose of enlarging the set of accepted sequences past the end of Unicode...
* fix signalfd not to ignore flagsRich Felker2013-04-071-1/+12
| | | | | | also include fallback code for broken kernels that don't support the flags. as usual, the fallback has a race condition that can leak file descriptors.
* silence nonsensical warnings in timer_createRich Felker2013-04-061-2/+2
|
* add support for program_invocation[_short]_nameRich Felker2013-04-063-2/+18
| | | | | | | | | | this is a bit ugly, and the motivation for supporting it is questionable. however the main factors were: 1. it will be useful to have this for certain internal purposes anyway -- things like syslog. 2. applications can just save argv[0] in main, but it's hard to fix non-portable library code that's depending on being able to get the invocation name without the main application's help.
* fix argument omission in ABI-compat weak_alias for fscanfRich Felker2013-04-061-1/+1
|
* Add ABI compatability aliases.Isaac Dunham2013-04-0513-0/+38
| | | | | | | | GNU used several extensions that were incompatible with C99 and POSIX, so they used alternate names for the standard functions. The result is that we need these to run standards-conformant programs that were linked with glibc.
* fix type error in pthread_create, introduced with pthread_getattr_npRich Felker2013-04-061-1/+1
|
* getifaddrs: remove unused labelrofl0r2013-04-061-1/+0
|
* getifaddrs: use if_nameindex to enumerate interfacesrofl0r2013-04-051-23/+9
|
* getifaddrs: one less indent levelrofl0r2013-04-051-30/+28
|