about summary refs log tree commit diff
Commit message (Collapse)AuthorAgeFilesLines
...
* remove sporadic server members from struct sched_paramRich Felker2019-08-141-4/+6
| | | | | | | | these members are associated with an unsupported option group. with time_t changing size on 32-bit archs, all interfaces taking struct sched_param arguments would need redirection and compat shims in order to be able to continue offering these members, for no benefit. just convert them to reserved space instead.
* re-add ELF gregs and fpregs types to riscv64 user.hKhem Raj2019-08-131-0/+8
| | | | | | d493206de7df4db07ad34f24701539ba0a6ed38c deleted all the content of user.h, but sys/procfs.h expects this from sys/user.h threfore we retain the non conflicting parts
* fix regression whereby main thread didn't get TLS relocationsRich Felker2019-08-131-7/+13
| | | | | | | | | | | | | | commit ffab43602b5900c86b7040abdda8ccf6cdec95f5 broke this by moving relocations after not only the allocation of storage for the main thread's static TLS, but after the copying of the TLS image. thus, relocation results were not reflected in the main thread's copy. this could be fixed by calling __reset_tls after relocations, but instead split the allocation and installation before/after relocations so that there's not a redundant copy. due to commit 71af5309874269bcc9e4b84ea716fab33d888c1d, updating of static_tls_cnt needs to be kept with allocation of static TLS, before relocations, rather than after installation.
* fix accidentlly-external cmp symbol introduced with catgetsRich Felker2019-08-131-1/+1
| | | | commit 7590203c486d9002522019045d34ee3dee0a66f5 omitted static here.
* make relocation time symbol lookup and dlsym consistentSzabolcs Nagy2019-08-121-53/+31
| | | | | | | | | | | | | | | | | | | Using common code path for all symbol lookups fixes three dlsym issues: - st_shndx of STT_TLS symbols were not checked and thus an undefined tls symbol reference could be incorrectly treated as a definition (the sysv hash lookup returns undefined symbols, gnu does not, so should be rare in practice). - symbol binding was not checked so a hidden symbol may be returned (in principle STB_LOCAL symbols may appear in the dynamic symbol table for hidden symbols, but linkers most likely don't produce it). - mips specific behaviour was not applied (ARCH_SYM_REJECT_UND) so undefined symbols may be returned on mips. always_inline is used to avoid relocation performance regression, the code generation for find_sym should not be affected.
* ldso: correct condition for local symbol handling in do_relocsRich Felker2019-08-121-1/+1
| | | | | | | | | | | | | | | | commit 7a9669e977e5f750cf72ccbd2614f8b72ce02c4c added use of the symbol reference as the definition, in place of performing a lookup, for STT_SECTION symbol references that were first found used in FDPIC. such references may happen in certain other cases, such as local-dynamic TLS and with relocation types that require a symbol but that are being used for non-symbolic purposes, like the powerpc unaligned address relocations. in all such cases I'm aware of, the symbol referenced is a section symbol (STT_SECTION); however, the important semantic property is not its being a section, but rather its binding local (STB_LOCAL). check the latter instead of the former for greater generality and semantic correctness.
* add support for powerpc/powerpc64 unaligned relocationsSamuel Holland2019-08-114-0/+6
| | | | | | | | | | | | | | | | | | | | | | | | R_PPC_UADDR32 (R_PPC64_UADDR64) has the same meaning as R_PPC_ADDR32 (R_PPC64_ADDR64), except that its address need not be aligned. For powerpc64, BFD ld(1) will automatically convert between ADDR<->UADDR relocations when the address is/isn't at its native alignment. This will happen if, for example, there is a pointer in a packed struct. gold and lld do not currently generate R_PPC64_UADDR64, but pass through misaligned R_PPC64_ADDR64 relocations from object files, possibly relaxing them to misaligned R_PPC64_RELATIVE. In both cases (relaxed or not) this violates the PSABI, which defines the relevant field type as "a 64-bit field occupying 8 bytes, the alignment of which is 8 bytes unless otherwise specified." All three linkers violate the PSABI on 32-bit powerpc, where the only difference is that the field is 32 bits wide, aligned to 4 bytes. Currently musl fails to load executables linked by BFD ld containing R_PPC64_UADDR64, with the error "unsupported relocation type 43". This change provides compatibility with BFD ld on powerpc64, and any static linker on either architecture that starts following the PSABI more closely.
* ldso: remove redundant runtime checks in static TLS logicRich Felker2019-08-111-2/+2
| | | | | | | as a result of commit ffab43602b5900c86b7040abdda8ccf6cdec95f5, static_tls_cnt is now valid during relocations at program startup, so it's no longer necessary to condition the check against static_tls_cnt on this being a runtime (dlopen) relocation.
* ldso: fix calloc misuse allocating initial tlsRich Felker2019-08-111-5/+7
| | | | | | | | | | | this is analogous to commit 2f1f51ae7b2d78247568e7fdb8462f3c19e469a4, and should have been caught at the same time since it was right next to the code moved in that commit. between final stage 3 reloc_all and the jump to the main program's entry point, it is not valid to call any functions which may be interposed by the application; doing so results in execution of application code before ctors have run, and on fdpic archs, before the main program's fdpic self-fixups have taken place, which will produce runaway wrong execution.
* add secure_getenv functionPetr Vaněk2019-08-082-0/+9
| | | | This function is a GNU extension introduced in glibc 2.17.
* in clock_getres, check for null pointer before storing resultRich Felker2019-08-071-1/+1
| | | | | POSIX allows a null pointer, in which case the function only checks the validity of the clock id argument.
* remove spurious null check in clock_settimeRich Felker2019-08-071-1/+1
| | | | | at the point of this check, the pointer has already been dereferenced. clock_settime is not defined for null pointer arguments.
* fix regression in recvmmsg with no timeoutRich Felker2019-08-071-1/+1
| | | | | | somewhat analogous to commit d0b547dfb5f7678cab6bc39dd736ed6454357ca4, but here the omission of the null timeout check was in the time64 syscall code path. this code is not yet used except on x32.
* add non-stub implementation of catgets localization functionsRich Felker2019-08-073-3/+114
| | | | | | | | | | | | these accept the netbsd/openbsd message catalog file format, consisting of a sorted list of set headers and a sorted list of message headers for each set, admitting trivial binary search for lookups. the gnu format was not chosen because it's unusably bad. it does not admit efficient (log time or better) lookups; rather, it requires linear search or hash table lookups, and the hash function is awful: it's literally set_id*msg_id.
* fix regression in select with no timeoutRich Felker2019-08-071-1/+2
| | | | | | | commit 722a1ae3351a03ab25010dbebd492eced664853b inadvertently passed a copy of {s,us} to the syscall even if the timeout argument tv was null, thereby causing immediate timeout (polling) in place of unlimited timeout. only archs using SYS_select were affected.
* fix failure of glob to match broken symlinks under some conditionsRich Felker2019-08-071-5/+12
| | | | | | | | | | | | | | | | | when the pattern ended with one or more literal path components, or when the GLOB_MARK flag was passed to request that glob flag directory results and the type obtained by readdir was unknown or inconclusive (symlink), the stat function was called to evaluate existence and/or determine type. however, stat fails with ENOENT for broken symlinks, and this caused the match to be omitted from the results. instead, use stat only for the unknown/inconclusive cases with GLOB_MARK, and otherwise, or if stat fails, use lstat existence still needs to be determined. this minimizes the number of costly syscalls, performing both only in the case where GLOB_MARK is in use and there is a final literal path component which is a broken symlink. based on/simplified from patch by James Y Knight.
* remove riscv64 bits/user.h contentsRich Felker2019-08-061-43/+0
| | | | | | | the contents conflicted with asm/ptrace.h. glibc does not provide anything in user.h for riscv, so software cannot be depending on it. simplified from patch submitted by Baruch Siach.
* fix risc64 conflict with kernel headersBaruch Siach2019-08-061-8/+8
| | | | | | Rename user registers struct definitions to avoid conflict with the asm/ptrace.h kernel header that defines the same structs. Use the __riscv_mc prefix as glibc does.
* in arm cancellation point asm, don't unnecessarily preserve link registerPatrick Oppenlander2019-08-061-4/+4
| | | | | | | The only reason we needed to preserve the link register was because we were using a branch-link instruction to branch to __cp_cancel. Replacing this with a branch means we can avoid the save/restore as the link register is no longer modified.
* glob: implement GLOB_TILDE and GLOB_TILDE_CHECKIsmael Luceno2019-08-062-1/+44
|
* use setitimer function rather than syscall to implement alarmRich Felker2019-08-051-3/+3
| | | | | | otherwise alarm will break on 32-bit archs when time_t is changed to 64-bit. a second itimerval object is introduced for retrieving the old value, since the setitimer function has restrict-qualified arguments.
* fix build regression in i386 asm for atan2, atan2fRich Felker2019-08-052-2/+2
| | | | | commit f3ed8bfe8a82af1870ddc8696ed4cc1d5aa6b441 inadvertently removed labels that were still needed.
* fix x87 stack imbalance in corner cases of i386 math asmRich Felker2019-08-058-44/+14
| | | | | | | | | | | | | | | | | | | | | | | commit 31c5fb80b9eae86f801be4f46025bc6532a554c5 introduced underflow code paths for the i386 math asm, along with checks on the fpu status word to skip the underflow-generation instructions if the underflow flag was already raised. unfortunately, at least one such path, in log1p, returned with 2 items on the x87 stack rather than just 1 item for the return value. this is a violation of the ABI's calling convention, and could cause subsequent floating point code to produce NANs due to x87 stack overflow. if floating point results are used in flow control, this can lead to runaway wrong code execution. rather than reviewing each "underflow already raised" code path for correctness, remove them all. they're likely slower than just performing the underflow code unconditionally, and significantly more complex. all of this code should be ripped out and replaced by C source files with inline asm. doing so would preclude this kind of error by having the compiler perform all x87 stack register allocation and stack manipulation, and would produce comparable or better code. however such a change is a much larger project.
* fix regression in clock_gettime on 32-bit archs without vdsoRich Felker2019-08-051-0/+1
| | | | | commit 72f50245d018af0c31b38dec83c557a4e5dd1ea8 broke this by creating a code path where r is uninitialized.
* update riscv64 syscall numbers to linux v5.1Rich Felker2019-08-031-0/+8
| | | | | | | | commit f3f96f2daa4d00f0e38489fb465cd0244b531abe added these for the rest of the archs, but the patch it corresponded to missed riscv64 since riscv64 was not yet upstream at the time. this caused commit dfc81828f7ab41da08f744c44117a1bb20a05749 to break riscv64 build, due to a wrong assumption that SYS_statx was unconditionally defined.
* clock_gettime: add support for 32-bit vdso with 64-bit time_tRich Felker2019-08-021-0/+32
| | | | | | | | | | | | | | | this fixes a major upcoming performance regression introduced by commit 72f50245d018af0c31b38dec83c557a4e5dd1ea8, whereby 32-bit archs would lose vdso clock_gettime after switching to 64-bit time_t, unless the kernel supports time64 and provides a time64 version of the vdso function. this would incur not just one but two syscalls: first, the failed time64 syscall, then the fallback time32 one. overflow of the 32-bit result is detected and triggers a revert to syscalls. normally, on a system that's not Y2038-ready, this would still overflow, but if the process has been migrated to a time64-capable kernel or if the kernel has been hot-patched to add time64 syscalls, it may conceivably work.
* move IPC_STAT definition to a new bits/ipcstat.h fileRich Felker2019-08-0211-3/+11
| | | | | | | | | | | | | | | otherwise, 32-bit archs that could otherwise share the generic bits/ipc.h would need to duplicate the struct ipc_perm definition, obscuring the fact that it's the same. sysvipc is not widely used and these headers are not commonly included, so there is no performance gain to be had by limiting the number of indirectly included files here. files with the existing time32 definition of IPC_STAT are added to all current 32-bit archs now, so that when it's changed the change will show up as a change rather than addition of a new file where it's less obvious that the value is changing vs the generic one that was used before.
* fix missing declarations for pthread_join extensions in source fileRich Felker2019-08-021-0/+1
| | | | | | | | per policy, define the feature test macro to get declarations for the pthread_tryjoin_np and pthread_timedjoin_np functions. in the past this has been only for checking; with 32-bit archs getting 64-bit time_t it will also be necessary for symbols to get redirected correctly.
* allow archs to define IPC_STAT, propagate time64 bit to other macrosRich Felker2019-08-024-6/+8
| | | | | | | | to make use of {sem,shm,msg}ctl IPC_STAT functionality to provide 64-bit time_t on 32-bit archs, IPC_STAT and related macros must be defined with bit 8 (0x100) set. allow archs to define IPC_STAT in bits/ipc.h, and define the other macros in terms of it so that they all get the same value of the time64 bit.
* clock_gettime: add time64 syscall support, decouple 32-bit time_tRich Felker2019-08-021-0/+19
| | | | | | | | | | | | | | | | | | | | | | the time64 syscall has to be used if time_t is 64-bit, since there's no way of knowing before making a syscall whether the result will fit in 32 bits, and the 32-bit syscalls do not report overflow as an error. on 64-bit archs, there is no change to the code after preprocessing. on current 32-bit archs, the result is now read from the kernel through long[2] array, then copied into the timespec, to remove the assumption that time_t is the same as long. vdso clock_gettime is still used in place of a syscall if available. 32-bit archs with 64-bit time_t must use the time64 version of the vdso function; if it's not available, performance will significantly suffer. support for both vdso functions could be added, but would break the ability to move a long-lived process from a pre-time64 kernel to one that can outlast Y2038 with checkpoint/resume, at least without added hacks to identify that the 32-bit function is no longer usable and stop using it (e.g. by seeing negative tv_sec). this possibility may be explored in future work on the function.
* clock_adjtime: add time64 support, decouple 32-bit time_t, fix x32Rich Felker2019-08-021-0/+110
| | | | | | | | | | | | | | | | | | | | the 64-bit/time64 version of the syscall is not API-compatible with the userspace timex structure definition; fields specified as long have type long long. so when using the time64 syscall, we have to convert the entire structure. this was always the case for x32 as well, but went unnoticed, meaning that clock_adjtime just passed junk to the kernel on x32. it should be fixed now. for the fallback case, we avoid encoding any assumptions about the new location of the time member or naming of the legacy slots by accessing them through a union of the kernel type and the new userspace type. the only assumption is that the non-time members live at the same offsets as in the (non-time64, long-based) kernel timex struct. this property saves us from having to convert the whole thing, and avoids a lot of additional work in compat shims. the new code is statically unreachable for now except on x32, where it fixes major brokenness. it is permanently unreachable on 64-bit.
* ioctl: add fallback for new time64 SIOCGSTAMP[NS]Rich Felker2019-07-313-1/+34
| | | | | | | | | | | without this, the SIOCGSTAMP and SIOCGSTAMPNS ioctl commands, for obtaining timestamps, would stop working on pre-5.1 kernels after time_t is switched to 64-bit and their values are changed to the new time64 versions. new code is written such that it's statically unreachable on 64-bit archs, and on existing 32-bit archs until the macro values are changed to activate 64-bit time_t.
* get/setsockopt: add fallback for new time64 SO_RCVTIMEO/SO_SNDTIMEORich Felker2019-07-318-2/+79
| | | | | | | | | | without this, the SO_RCVTIMEO and SO_SNDTIMEO socket options would stop working on pre-5.1 kernels after time_t is switched to 64-bit and their values are changed to the new time64 versions. new code is written such that it's statically unreachable on 64-bit archs, and on existing 32-bit archs until the macro values are changed to activate 64-bit time_t.
* make __socketcall analogous to __syscall, error-returningRich Felker2019-07-311-6/+6
| | | | | | | | | | | the __socketcall and __socketcall_cp macros are remnants from a really old version of the syscall-mechanism infrastructure, and don't follow the pattern that the "__" version of the macro returns the raw negated error number rather than setting errno and returning -1. for time64 purposes, some socket syscalls will need to operate on the error value rather than returning immediately, so fix this up so they can use it.
* sysvipc: overhaul {sem,shm,msg}ctl for time64Rich Felker2019-07-314-12/+41
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | being "ctl" functions that take command numbers, these will be handled like ioctl/sockopt/etc., using new command numbers for the time64 variants with an "IPC_TIME64" bit added to their values. to obtain such a reserved bit, we reuse the IPC_64 bit, 0x100, which served only as part of the libc-to-kernel interface, not as a public interface of the libc functions. using new command numbers avoids the need for compat shims (in ABIs doing time64 through symbol redirection and compat shims) and, by virtue of having a fixed time64 bit for all commands, we can ensure that libc can perform the appropriate translations, even if the application is using new commands from a newer version of the libc headers than the libc available at runtime. for the vast majority of 32-bit archs, the kernel {sem,shm,msq}id64_ds definitions left padding space intended for expanding their time_t fields to 64 bits in-place, and it would have been really nice to be able to do time64 support that way. however the padding was almost always in little-endian order (except on powerpc, and for msqid_ds only on mips, where it matched the arch's byte order), and more importantly, the alignment was overlooked. in semid_ds and msqid_ds, the time_t members were not suitably aligned to be expanded to 64-bit, due to the ipc_perm header consisting of 9 32-bit words -- except on powerpc where ipc_perm contains an extra padding word. in shmid_ds, the time_t members were suitably aligned, except that mips (accidentally?) omitted the padding for them alltogether. as a result, we're stuck with adding new time_t fields on the end of the structures, and assembling the 32-bit lo/hi parts (or 16-bit hi parts, for mips shmid_ds, which lacked sufficient reserved space for full 32-bit hi parts) to fill them in. all of the functional changes here are conditional on the IPC_TIME64 macro having a nonzero definition, which will only happen when IPC_STAT is redefined for 32-bit archs, and on time_t being larger than long, so for now the new code is all dead code.
* fix semctl with SEM_STAT_ANYRich Felker2019-07-311-1/+1
| | | | | | due to the variadic signature, semctl needs to be made aware of any new commands that take arguments. this was overlooked when commit af55070eae5438476f921d827b7ae49e8141c3fe added SEM_STAT_ANY.
* remove gratuitously-different arch-specific bits/ipc.h filesRich Felker2019-07-303-36/+0
| | | | | | | | these differ from generic only in using endian-matched padding with a short __ipc_perm_seq field in place of the int field in generic. this is not a documented public interface anyway, and the original intent was to use int here. some ports just inadvertently slipped in the kernel short+padding form.
* remove arch-specific bits/ipc.h that are identical to genericRich Felker2019-07-302-22/+0
| | | | | | previously these differed from generic because they needed their own definitions of IPC_64. now that it's no longer in public header, they're identical.
* move IPC_64 from public bits/ipc.h to syscall_arch.hRich Felker2019-07-3016-22/+16
| | | | | | | | | | | | | | | | | | | | the definition of the IPC_64 macro controls the interface between libc and the kernel through syscalls; it's not a public API. the meaning is rather obscure. long ago, Linux's sysvipc *id_ds structures used 16-bit uids/gids and wrong types for a few other fields. this was in the libc5 era, before glibc. the IPC_64 flag (64 is a misnomer; it's more like 32) tells the kernel to use the modern[-ish] versions of the structures. the definition of IPC_64 has nothing to do with whether the arch is 32- or 64-bit. rather, due to either historical accident or intentional obnoxiousness, the kernel only accepts and masks off the 0x100 IPC_64 flag conditional on CONFIG_ARCH_WANT_IPC_PARSE_VERSION, i.e. for archs that want to provide, or that accidentally provided, both. for archs which don't define this option, no masking is performed and commands with the 0x100 bit set will fail as invalid. so ultimately, the definition is just a matter of matching an arbitrary switch defined per-arch in the kernel.
* select: overhaul for time64Rich Felker2019-07-301-13/+31
| | | | | | | | | | | | | | | | | | | | | | | | | | | major changes are made alongside adding time64 syscall support to account for issues found during research. select historically accepts non-normalized (tv_usec not restricted to less than 1000000) timeouts, and the kernel normalizes them, but the normalization code is buggy and subject to integer overflows. since normalization is needed anyway when using SYS_pselect6 or SYS_pselect6_time64 as the backend, simply do it up-front to eliminate both code path complexity and the possibility of kernel bugs. as a side effect, select no longer updates the caller's timeout timeval with the remaining time. previously, archs that used SYS_select updated it and archs that used SYS_pselect6 didn't. this change may turn out to be controversial and may need revisiting, but in any case the old behavior was not strictly conforming. POSIX allows modification of the timeout "upon successful completion", but the Linux syscall modifies it upon unsuccessful completion (EINTR) as well (and presumably each time the syscall stops and restarts before it's known whether completion will be successful). it's possible that this language does not reflect the actual intent of the standard, since other historical implementations probably behaved like Linux, but that should be clarified if there's a desire to bring the old behavior back. regardless, programs that are depending on this are not correct and are already broken on some archs we support.
* recvmmsg: add time64 syscall support, decouple 32-bit time_tRich Felker2019-07-291-0/+18
| | | | | | | | | | | | | the time64 syscall is used only if the timeout does not fit in 32 bits. after preprocessing, the code is unchanged on 64-bit archs. for 32-bit archs, the timeout now goes through an intermediate copy, meaning that the caller does not get back the updated timeout. this is based on my reading of the documentation, which does not document the updating as a contract you can rely on, and mentions that the whole recvmmsg timeout mechanism is buggy and unlikely to be useful. if it turns out that there's interest in making the remaining time officially available to callers, such functionality could be added back later.
* setitimer, getitimer: decouple time_t from longRich Felker2019-07-294-0/+44
| | | | | | | | | | | | | | | | these functions have no new time64 syscall, so the existence of a time64 syscall cannot be used as the condition for the new code. instead, assume the syscall takes timevals as longs, which is true everywhere but x32, and interface with the kernel through long[4] objects. rather than adding new hacks to special-case x32 here, just add x32-specific source files since a trivial syscall wrapper suffices there. the new code paths added in this commit are statically unreachable on all current archs, but will become reachable when 32-bit archs get 64-bit time_t.
* remove duplicates of new generic bits/msg.hRich Felker2019-07-296-75/+0
|
* use 64-bit msqid_ds layout in the generic version of bits/msg.hRich Felker2019-07-291-3/+0
| | | | | | this layout is more common already than the old generic, and should become even more common in the future with new archs added and with 64-bit time_t on 32-bit archs.
* duplicate generic bits/msg.h for each arch using it, in prep to changeRich Felker2019-07-295-0/+75
|
* remove duplicates of new generic bits/sem.hRich Felker2019-07-295-57/+0
| | | | | | some of these were not exact duplicates, but had gratuitously different naming for padding, or omitted the endian checks because the arch is fixed-endian.
* use 64-bit semid_ds layout in the generic version of bits/sem.hRich Felker2019-07-291-2/+0
| | | | | | | | this layout is slightly less common than the old generic one, but only because x86_64 and x32 wrongly (according to comments in the kernel headers) copied the i386 padding. for future archs, and with 64-bit time_t on 32-bit archs, the new layout here will become the most common, and it makes sense to treat it as the generic.
* collapse out byte order conditions in bits/sem.h for fixed-endian archsRich Felker2019-07-294-20/+0
| | | | | having preprocessor conditionals on byte order in the bits headers for fixed-endian archs is confusing at best. remove them.
* duplicate generic bits/sem.h for each arch using it, in prep to changeRich Felker2019-07-297-0/+112
|
* extricate bits/sem.h from x32 time_t hackRich Felker2019-07-297-25/+36
| | | | | | | | | | | | | | various padding fields in the generic bits/sem.h were defined in terms of time_t as a cheap hack standing in for "kernel long", to allow x32 to use the generic version of the file. this was a really bad idea, as it ended up getting copied into lots of arch-specific versions of the bits file, and is a blocker to changing time_t to 64-bit on 32-bit archs. this commit adds an x32-specific version of the header, and changes padding type back from time_t to long (currently the same type on all archs but x32) in the generic header and all the others the hack got copied into.