about summary refs log tree commit diff
Commit message (Collapse)AuthorAgeFilesLines
* make sh clone asm fdpic-compatibleRich Felker2015-09-122-3/+14
| | | | | | | | | | | clone calls back to a function pointer provided by the caller, which will actually be a pointer to a function descriptor on fdpic. the obvious solution is to have a separate version of clone for fdpic, but I have taken a simpler approach to go around the problem. instead of calling the pointed-to function from asm, a direct call is made to an internal C function which then calls the pointed-to function. this lets the C compiler generate the appropriate calling convention for an indirect call with no need for ABI-specific assembly.
* make sh crti/crtn init/fini fragments setup proper stack frameRich Felker2015-09-122-2/+14
| | | | | | for fdpic support is is essential that the got pointer be saved at a known, ABI-dictated offset from the frame pointer, since there is no way to recover it once it's lost.
* add sh relocation types needed for fdpic to elf.hRich Felker2015-09-121-0/+8
|
* fix uninitialized scopeid in lookups from hosts file and ip literalsTimo Teräs2015-09-111-2/+2
|
* fix missing earlyclobber flag in i386 a_ctz_64 asmRich Felker2015-09-091-1/+1
| | | | | | | | | this error was only found by reading the code, but it seems to have been causing gcc to produce wrong code in malloc: the same register was used for the output and the high word of the input. in principle this could have caused an infinite loop searching for an available bin, but in practice most x86 models seem to implement the "undefined" result of the bsf instruction as "unchanged".
* remove unused (and invalid) C version of sigsetjmpRich Felker2015-09-091-17/+0
| | | | | | | | | originally, the comment in this code was correct and it would likely work if the compiler generated a tail call to setjmp. however, commit 583e55122e767b1586286a0d9c35e2a4027998ab redesigned sigsetjmp and siglongjmp such that the old C implementation (which was not intended to be used) is not even conceptually correct. remove it in the interest of avoiding confusion when porting to new archs.
* fix breakage in nl_langinfo from previous commitRich Felker2015-09-091-1/+1
|
* make nl_langinfo(CODESET) always return "UTF-8"Rich Felker2015-09-091-2/+1
| | | | | | | | | | | | | | | | | | | | | | | this restores the original behavior prior to the addition of the byte-based C locale and fixes what is effectively a regression in musl's property of always providing working UTF-8 support. commit 1507ebf837334e9e07cfab1ca1c2e88449069a80 introduced the codeset name "UTF-8-CODE-UNITS" for the byte-based C locale to represent that the semantic content is UTF-8 but that it is being processed as code units (bytes) rather than whole multibyte characters. however, many programs assume that the codeset name is usable with iconv and/or comes from a set of standard/widely-used names known to the application. such programs are likely to produce warnings or errors, run with reduced functionality, or mangle character data when run explicitly in the C locale. the standard places basically no requirements for the string returned by nl_langinfo(CODESET) and how it interacts with other interfaces, so returning "UTF-8" is permissible. moreover, it seems like the right thing to do, since the identity of the character encoding as "UTF-8" is independent of whether it is being processed as bytes of characters by the standard library functions.
* fix fclose of permanent (stdin/out/err) streamsRich Felker2015-09-091-2/+3
| | | | | | | | | | | | | | | | this fixes a bug reported by Nuno Gonçalves. previously, calling fclose on stdin or stdout resulted in deadlock at exit time, since __stdio_exit attempts to lock these streams to flush/seek them, and has no easy way of knowing that they were closed. conceptually, leaving a FILE stream locked on fclose is valid since, in the abstract machine, it ceases to exist. but to satisfy the implementation-internal assumption in __stdio_exit that it can access these streams unconditionally, we need to unlock them. it's also necessary that fclose leaves permanent streams in a state where __stdio_exit will not attempt any further operations on them. fortunately, the call to fflush already yields this property.
* implement arm eabi mem* functionsTimo Teräs2015-08-314-0/+36
| | | | | | | these functions are part of the ARM EABI, meaning compilers may generate references to them. known versions of gcc do not use them, but llvm does. they are not provided by libgcc, and the de facto standard seems to be that libc provides them.
* remove use of buggy .SECONDARY special target in makefileRich Felker2015-08-301-2/+0
| | | | | | | | | | | | | this functionality is affected by GNU make bug #30653, "intermediate files incorrectly pruned in parallel builds". on affected versions of make, parallel builds attempt to compile source files before alltypes.h is generated. as noted with commit a91ebdcfac6804714a1fe39f4375e2b4ebab085b, which added the use of .SECONDARY, suppression of removal of "intermediate" files does not seem to be needed at present. if it is needed in the future, it should be achievable by explicitly mentioning their names as targets or prerequisites.
* release 1.1.11 v1.1.11Rich Felker2015-08-302-1/+44
|
* fix makefile suppression of intermediate file removalRich Felker2015-08-271-1/+1
| | | | | | | | | | | at one point, GNU make was removing crt/*.o after producing the copies in lib/ due to an arcane misfeature for handling "intermediate" files. the circumstances that caused this are no longer present in our makefile, but the previous workaround using .PRECIOUS was wrong and could result in corrupt/partial files being left behind during an interrupted build. using .SECONDARY is the correct, documented fix that will prevent deletion of "intermediate" files from ever resurfacing.
* Build process uses script to add CFI directives to x86 asmAlex Dowad2015-08-263-2/+254
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Some functions implemented in asm need to use EBP for purposes other than acting as a frame pointer. (Notably, it is used for the 6th argument to syscalls with 6 arguments.) Without frame pointers, GDB can only show backtraces if it gets CFI information from a .debug_frame or .eh_frame ELF section. Rather than littering our asm with ugly .cfi directives, use an awk script to insert them in the right places during the build process, so GDB can keep track of where the current stack frame is relative to the stack pointer. This means GDB can produce beautiful stack traces at any given point when single-stepping through asm functions. Additionally, when registers are saved on the stack and later overwritten, emit ..cfi directives so GDB will know where they were saved relative to the stack pointer. This way, when you look back up the stack from within an asm function, you can still reliably print the values of local variables in the caller. If this awk script were to understand every possible wild and crazy contortion that an asm programmer can do with the stack and registers, and always emit the exact ..cfi directives needed for GDB to know what the register values were in the preceding stack frame, it would necessarily be as complex as a full x86 emulator. That way lies madness. Hence, we assume that the stack pointer will _only_ ever be adjusted using push/pop or else add/sub with a constant. We do not attempt to detect every possible way that a register value could be saved for later use, just the simple and common ways. Thanks to Szabolcs Nagy for suggesting numerous improvements to this code.
* getsubopt: don't include leading = in value stringSteven Barth2015-08-211-1/+1
| | | | | | | getsubopt incorrectly returns the delimiting = in the value string, this patch fixes it by increasing the pointer position by one. Signed-off-by: Steven Barth <cyrus@openwrt.org>
* mitigate performance regression in libc-internal locks on x86_64Rich Felker2015-08-162-2/+2
| | | | | | | | | commit 3c43c0761e1725fd5f89a9c028cbf43250abb913 fixed missing synchronization in the atomic store operation for i386 and x86_64, but opted to use mfence for the barrier on x86_64 where it's always available. however, in practice mfence is significantly slower than the barrier approach used on i386 (a nop-like lock orl operation). this commit changes x86_64 (and x32) to use the faster barrier.
* match historical behavior for tm_gmtoff member of struct tmNatanael Copa2015-08-144-12/+12
| | | | | | | | | | | | | | tm_gmtoff is a nonstandard field, but on historical systems which have this field, it stores the offset of the local time zone from GMT or UTC. this is the opposite of the POSIX extern long timezone object and the offsets used in POSIX-form TZ strings, which represent the offset from local time to UTC. previously we were storing these negated offsets in tm_gmtoff too. programs which only used this field indirectly via strftime were not affected since strftime performed the negation for presentation. however, some programs and libraries accesse tm_gmtoff directly and were obtaining negated time zone offsets.
* aarch64: fix 64-bit syscall argument passingSzabolcs Nagy2015-08-111-4/+2
| | | | | | | | | On 32bit systems long long arguments are passed in a special way to some syscalls; this accidentally got copied to the AArch64 port. The following interfaces were broken: fallocate, fanotify, ftruncate, posix_fadvise, posix_fallocate, pread, pwrite, readahead, sync_file_range, truncate.
* fix failure of tempnam to null-terminate resultRich Felker2015-08-091-0/+1
| | | | | | | tempnam uses an uninitialized buffer which is filled using memcpy and __randname. It is therefore necessary to explicitly null-terminate it. based on patch by Felix Janda.
* mitigate blow-up of heap size under malloc/free contentionRich Felker2015-08-071-14/+14
| | | | | | | | | | | | | | | | | | | | | | | during calls to free, any free chunks adjacent to the chunk being freed are momentarily held in allocated state for the purpose of merging, possibly leaving little or no available free memory for other threads to allocate. under this condition, other threads will attempt to expand the heap rather than waiting to use memory that will soon be available. the race window where this happens is normally very small, but became huge when free chooses to use madvise to release unused physical memory, causing unbounded heap size growth. this patch drastically shrinks the race window for unwanted heap expansion by performing madvise with the bin lock held and marking the bin non-empty in the binmask before making the expensive madvise syscall. testing by Timo Teräs has shown this approach to be a suitable mitigation. more invasive changes to the synchronization between malloc and free would be needed to completely eliminate the problem. it's not clear whether such changes would improve or worsen typical-case performance, or whether this would be a worthwhile direction to take malloc development.
* fix missing synchronization in atomic store on i386 and x86_64Rich Felker2015-07-283-3/+3
| | | | | | | | | | | | | | | | | despite being strongly ordered, the x86 memory model does not preclude reordering of loads across earlier stores. while a plain store suffices as a release barrier, we actually need a full barrier, since users of a_store subsequently load a waiter count to determine whether to issue a futex wait, and using a stale count will result in soft (fail-to-wake) deadlocks. these deadlocks were observed in malloc and possible with stdio locks and other libc-internal locking. on i386, an atomic operation on the caller's stack is used as the barrier rather than performing the store itself using xchg; this avoids the need to read the cache line on which the store is being performed. mfence is used on x86_64 where it's always available, and could be used on i386 with the appropriate cpu model checks if it's shown to perform better.
* fix undefined left-shift of negative values in utf-8 state tableRich Felker2015-07-251-1/+1
|
* fix atexit when it is called from an atexit handlerRich Felker2015-07-241-12/+9
| | | | | | | | | | | | | | | The old code accepted atexit handlers after exit, but did not run them reliably. C11 seems to explicitly allow atexit to fail (and report such failure) in this case, but this situation can easily come up in C++ if a destructor has a local static object with a destructor so it should be handled. Note that the memory usage can grow linearly with the overall number of registered atexit handlers instead of with the worst case list length. (This only matters if atexit handlers keep registering atexit handlers which should not happen in practice). Commit message/rationale based on text by Szabolcs Nagy.
* socket.h: cleanup/reorder mips and powerpc bits/socket.hRoman Yeryomin2015-07-212-18/+20
| | | | | | ....to be somewhat consistent and easily comparable with asm/socket.h Signed-off-by: Roman Yeryomin <roman@ubnt.com>
* socket.h: fix SO_* for mipsRoman Yeryomin2015-07-213-4/+9
| | | | Signed-off-by: Roman Yeryomin <roman@ubnt.com>
* mips: fix mcontext_t register array field nameFelix Fietkau2015-07-211-1/+1
| | | | | | glibc and uclibc use gregs instead of regs Signed-off-by: Felix Fietkau <nbd@openwrt.org>
* handle loss of syslog socket connectionRich Felker2015-07-091-7/+11
| | | | | | | | | | | | | | | | | | | | | | | | | when traditional syslogd implementations are restarted, the old server socket ceases to exist and a new unix socket with the same pathname is created. when this happens, the default destination address associated with the client socket via connect is no longer valid, and attempts to send produce errors. this happens despite the socket being datagram type, and is in contrast to the behavior that would be seen with an IP datagram (UDP) socket. in order to avoid a situation where the application is unable to send further syslog messages without calling closelog, this patch makes syslog attempt to reconnect the socket when send returns an error indicating a lost connection. additionally, initial failure to connect the socket no longer results in the socket being closed. this ensures that an application which calls openlog to reserve the socket file descriptor will not run into a situation where transient connection failure (e.g. due to syslogd restart) prevents fd reservation. however, applications which may be unable to connect the socket later (e.g. due to chroot, restricted permissions, seccomp, etc.) will still fail to log if the syslog socket cannot be connected at openlog time or if it has to be reconnected later.
* fix incorrect void return type for syncfs functionRich Felker2015-07-092-3/+3
| | | | | | being nonstandard, the closest thing to a specification for this function is its man page, which documents it as returning int. it can fail with EBADF if the file descriptor passed is invalid.
* fix negated return value of ns_skiprr, breakage in related functionsRich Felker2015-07-081-1/+1
| | | | | | | | due to a reversed pointer difference computation, ns_skiprr always returned a negative value, which functions using it would interpret as an error. patch by Yu Lu.
* add musl-clang, a wrapper for system clang installsShiz2015-07-065-1/+105
| | | | | | | | | | | | | | musl-clang allows the user to compile musl-powered programs using their already existent clang install, without the need of a special cross compiler. it achieves this by wrapping around both the system clang install and the linker and passing them special flags to re-target musl at runtime. it does only affect invocations done through the special musl-clang wrapper script, so that the user setup remains fully intact otherwise. the clang wrapper consists of the compiler frontend wrapper script, musl-clang, and the linker wrapper script, ld.musl-clang. musl-clang makes sure clang invokes ld.musl-clang to link objects; neither script needs to be in PATH for the wrapper to work.
* build: fix musl-targeting toolchain testShiz2015-07-061-9/+8
| | | | | | | | | | | | | | | the old test was broken in that it would never fail on a toolchains built without dynamic linking support, leading to the wrapper script possibly being installed on compilers that do not support it. in addition, the new test is portable across compilers: the old test only worked on GCC. the new test works by testing whether the toolchain libc defines __GLIBC__: most non-musl Linux libc's do define this for compatibility even when they are not glibc, so this is a safe bet to check for musl. in addition, the compiler runtime would need to have a somewhat glibc-compatible ABI in the first place, so any non-glibc compatible libc's compiler runtime might not work. it is safer to disable these cases by default and have the user enable the wrappers manually there using --enable-wrapper if they certain it works.
* build: overhaul wrapper script system for multiple wrapper supportShiz2015-07-062-21/+39
| | | | | | | | | | | | | | | this overhauls part of the build system in order to support multiple toolchain wrapper scripts, as opposed to solely the musl-gcc wrapper as before. it thereby replaces --enable-gcc-wrapper with --enable-wrapper=..., which has the options 'auto' (the default, detect whether to use wrappers), 'all' (build and install all wrappers), 'no' (don't build any) and finally the options named after the individual compiler scripts (currently only 'gcc' is available) to build and install only that wrapper. the old --enable-gcc-wrapper is removed from --help, but still available. it also modifies the wrappers to use the C compiler specified to the build system as 'inner' compiler, when applicable. as wrapper detection works by probing this compiler, it may not work with any other.
* treat empty TZ environment variable as GMT rather than defaultRich Felker2015-07-061-1/+2
| | | | | | this improves compatibility with the behavior of other systems and with some applications which set an empty TZ var to disable use of local time by mktime, etc.
* dynlink.c: pass gnu-hash table pointer to gnu_lookupAlexander Monakov2015-06-281-13/+11
| | | | | | | | | | The callers need to check the value of the pointer anyway, so make them pass the pointer to gnu_lookup instead of reloading it there. Reorder gnu_lookup arguments so that always-used ones are listed first. GCC can choose a calling convention with arguments in registers (e.g. up to 3 arguments in eax, ecx, edx on x86), but cannot reorder the arguments for static functions.
* dynlink.c: slim down gnu_lookupAlexander Monakov2015-06-281-9/+5
| | | | | Do not reference dso->syms and dso->strings until point of use. Check 'h1 == (h2|1)', the simplest condition, before the others.
* dynlink.c: use bloom filter in gnu hash lookupAlexander Monakov2015-06-281-3/+22
| | | | | | | | Introduce gnu_lookup_filtered and use it to speed up symbol lookups in find_sym (do_dlsym is left as is, based on an expectation that frequently dlsym queries will use a dlopen handle rather than RTLD_NEXT or RTLD_DEFAULT, and will not need to look at more than one DSO).
* dynlink.c: use a faster expression in gnu_hashAlexander Monakov2015-06-271-1/+1
| | | | | With -Os, GCC uses a multiply rather than a shift and addition for 'h*33'. Use a more efficient expression explicitely.
* fix local-dynamic model TLS on mips and powerpcRich Felker2015-06-255-5/+13
| | | | | | | | | | | | | | | | | | | | | | | | | | the TLS ABI spec for mips, powerpc, and some other (presently unsupported) RISC archs has the return value of __tls_get_addr offset by +0x8000 and the result of DTPOFF relocations offset by -0x8000. I had previously assumed this part of the ABI was actually just an implementation detail, since the adjustments cancel out. however, when the local dynamic model is used for accessing TLS that's known to be in the same DSO, either of the following may happen: 1. the -0x8000 offset may already be applied to the argument structure passed to __tls_get_addr at ld time, without any opportunity for runtime relocations. 2. __tls_get_addr may be used with a zero offset argument to obtain a base address for the module's TLS, to which the caller then applies immediate offsets for individual objects accessed using the local dynamic model. since the immediate offsets have the -0x8000 adjustment applied to them, the base address they use needs to include the +0x8000 offset. it would be possible, but more complex, to store the pointers in the dtv[] array with the +0x8000 offset pre-applied, to avoid the runtime cost of adding 0x8000 on each call to __tls_get_addr. this change could be made later if measurements show that it would help.
* make dynamic linker work around MAP_FAILED mmap failure on nommu kernelsRich Felker2015-06-231-2/+24
| | | | | | previously, loading of additional libraries beyond libc/ldso did not work on nommu kernels, nor did loading programs via invocation of the dynamic linker as a command.
* reimplement strverscmp to fix corner casesRich Felker2015-06-231-32/+25
| | | | | | | | | | | | | | | | | this interface is non-standardized and is a GNU invention, and as such, our implementation should match the behavior of the GNU function. one peculiarity the old implementation got wrong was the handling of all-zero digit sequences: they are supposed to compare greater than digit sequences of which they are a proper prefix, as in 009 < 00. in addition, high bytes were treated with char signedness rather than as unsigned. this was wrong regardless of what the GNU function does since the resulting order relation varied by arch. the new strverscmp implementation makes explicit the cases where the order differs from what strcmp would produce, of which there are only two.
* fix regression/typo that disabled __simple_malloc when calloc is usedRich Felker2015-06-221-1/+1
| | | | | | commit ba819787ee93ceae94efd274f7849e317c1bff58 introduced this regression. since the __malloc0 weak alias was not properly provided by __simple_malloc, use of calloc forced the full malloc to be linked.
* fix calloc when __simple_malloc implementation is usedRich Felker2015-06-223-12/+15
| | | | | | | | | | | | | | | | | previously, calloc's implementation encoded assumptions about the implementation of malloc, accessing a size_t word just prior to the allocated memory to determine if it was obtained by mmap to optimize out the zero-filling. when __simple_malloc is used (static linking a program with no realloc/free), it doesn't matter if the result of this check is wrong, since all allocations are zero-initialized anyway. but the access could be invalid if it crosses a page boundary or if the pointer is not sufficiently aligned, which can happen for very small allocations. this patch fixes the issue by moving the zero-fill logic into malloc.c with the full malloc, as a new function named __malloc0, which is provided by a weak alias to __simple_malloc (which always gives zero-filled memory) when the full malloc is not in use.
* provide __stack_chk_fail_local in libc.aRich Felker2015-06-201-0/+4
| | | | | | | | | | | | | | this symbol is needed only on archs where the PLT call ABI is klunky, and only for position-independent code compiled with stack protector. thus references usually only appear in shared libraries or PIE executables, but they can also appear when linking statically if some of the object files being linked were built as PIC/PIE. normally libssp_nonshared.a from the compiler toolchain should provide __stack_chk_fail_local, but reportedly it appears prior to -lc in the link order, thus failing to satisfy references from libc itself (which arise only if libc.a was built as PIC/PIE with stack protector enabled).
* work around mips detached thread exit breakage due to kernel regressionRich Felker2015-06-201-0/+1
| | | | | | | | | linux kernel commit 46e12c07b3b9603c60fc1d421ff18618241cb081 caused the mips syscall mechanism to fail with EFAULT when the userspace stack pointer is invalid, breaking __unmapself used for detached thread exit. the workaround is to set $sp to a known-valid, readable address, and the simplest one to obtain is the address of the current function, which is available (per o32 calling convention) in $25.
* ignore ENOSYS error from mprotect in pthread_create and dynamic linkerRich Felker2015-06-172-3/+6
| | | | | this error simply indicated a system without memory protection (NOMMU) and should not cause failure in the caller.
* switch to using trap number 31 for syscalls on shRich Felker2015-06-168-11/+11
| | | | | | | | | | | | | | | | | | | nominally the low bits of the trap number on sh are the number of syscall arguments, but they have never been used by the kernel, and some code making syscalls does not even know the number of arguments and needs to pass an arbitrary high number anyway. sh3/sh4 traditionally used the trap range 16-31 for syscalls, but part of this range overlapped with hardware exceptions/interrupts on sh2 hardware, so an incompatible range 32-47 was chosen for sh2. using trap number 31 everywhere, since it's in the existing sh3/sh4 range and does not conflict with sh2 hardware, is a proposed unification of the kernel syscall convention that will allow binaries to be shared between sh2 and sh3/sh4. if this is not accepted into the kernel, we can refit the sh2 target with runtime selection mechanisms for the trap number, but doing so would be invasive and would entail non-trivial overhead.
* switch sh port's __unmapself to generic version when running on sh2/nommuRich Felker2015-06-162-3/+22
| | | | | | | | | | | | | due to the way the interrupt and syscall trap mechanism works, userspace on sh2 must never set the stack pointer to an invalid value. thus, the approach used on most archs, where __unmapself executes with no stack for the interval between SYS_munmap and SYS_exit, is not viable on sh2. in order not to pessimize sh3/sh4, the sh asm version of __unmapself is not removed. instead it's renamed and redirected through code that calls either the generic (safe) __unmapself or the sh3/sh4 asm, depending on compile-time and run-time conditions.
* add support for sh2 interrupt-masking-based atomics to sh portRich Felker2015-06-164-14/+113
| | | | | | | | | | | | | | | | | | | the sh2 target is being considered an ISA subset of sh3/sh4, in the sense that binaries built for sh2 are intended to be usable on later cpu models/kernels with mmu support. so rather than hard-coding sh2-specific atomics, the runtime atomic selection mechanisms that was already in place has been extended to add sh2 atomics. at this time, the sh2 atomics are not SMP-compatible; since the ISA lacks actual atomic operations, the new code instead masks interrupts for the duration of the atomic operation, producing an atomic result on single-core. this is only possible because the kernel/hardware does not impose protections against userspace doing so. additional changes will be needed to support future SMP systems. care has been taken to avoid producing significant additional code size in the case where it's known at compile-time that the target is not sh2 and does not need sh2-specific code.
* refactor stdio open file list handling, move it out of global libc structRich Felker2015-06-1612-41/+42
| | | | | | | | | | | | | functions which open in-memory FILE stream variants all shared a tail with __fdopen, adding the FILE structure to stdio's open file list. replacing this common tail with a function call reduces code size and duplication of logic. the list is also partially encapsulated now. function signatures were chosen to facilitate tail call optimization and reduce the need for additional accessor functions. with these changes, static linked programs that do not use stdio no longer have an open file list at all.
* byte-based C locale, phase 3: make MB_CUR_MAX variable to activate codeRich Felker2015-06-162-1/+5
| | | | | | | | this patch activates the new byte-based C locale (high bytes treated as abstract code unit "characters" rather than decoded as multibyte characters) by making the value of MB_CUR_MAX depend on the active locale. for the C locale, the LC_CTYPE category pointer is null, yielding a value of 1. all other locales yield a value of 4.