about summary refs log tree commit diff
path: root/src
Commit message (Collapse)AuthorAgeFilesLines
* add put*ent functions for passwd/group files and similar for shadowRich Felker2013-04-043-0/+34
| | | | | | | | | since shadow does not yet support enumeration (getspent), the corresponding FILE-based get and put versions are also subbed out for now. this is partly out of laziness and partly because it's not clear how they should work in the presence of TCB shadow files. the stubs should make it possible to compile some software that expects them to exist, but such software still may not work properly.
* cleanup wcstombsRich Felker2013-04-041-12/+1
| | | | | remove redundant headers and comments; this file is completely trivial now. also, avoid temp var.
* cleanup mbstowcs wrapperRich Felker2013-04-041-10/+0
| | | | | remove unneeded headers. this file is utterly trivial now and there's no sense in having a comment to state that it's in the public domain.
* minor optimization to mbstowcsRich Felker2013-04-041-2/+1
| | | | | | there is no need to zero-fill an mbstate_t object in the caller; mbsrtowcs will automatically treat a null pointer as the initial state.
* fix incorrect range checks in wcsrtombsRich Felker2013-04-041-3/+3
| | | | | | negative values of wchar_t need to be treated in the non-ASCII case so that they can properly generate EILSEQ rather than getting truncated to 8bit values and stored in the output.
* overhaul mbsrtowcsRich Felker2013-04-041-69/+64
| | | | | | | | | | | | | | | | | these changes fix at least two bugs: - misaligned access to the input as uint32_t for vectorized ASCII test - incorrect src pointer after stopping on EILSEQ in addition, the text of the standard makes it unclear whether the mbstate_t object is to be modified when the destination pointer is null; previously it was cleared either way; now, it's only cleared when the destination is non-null. this change may need revisiting, but it should not affect most applications, since calling mbsrtowcs with non-zero state can only happen when the head of the string was already processed with mbrtowc. finally, these changes shave about 20% size off the function and seem to improve performance by 1-5%.
* __time_to_tm: initialize tm_zone and tm_gmtoffrofl0r2013-04-021-0/+2
|
* fix typo in setpriority syscall wrapperRich Felker2013-04-011-1/+1
|
* implement pthread_getattr_npRich Felker2013-03-313-2/+31
| | | | | | this function is mainly (purely?) for obtaining stack address information, but we also provide the detach state since it's easy to do anyway.
* remove __SYSCALL_SSLEN arch macro in favor of using public _NSIGRich Felker2013-03-2615-23/+27
| | | | | | | | | | | | | | the issue at hand is that many syscalls require as an argument the kernel-ABI size of sigset_t, intended to allow the kernel to switch to a larger sigset_t in the future. previously, each arch was defining this size in syscall_arch.h, which was redundant with the definition of _NSIG in bits/signal.h. as it's used in some not-quite-portable application code as well, _NSIG is much more likely to be recognized and understood immediately by someone reading the code, and it's also shorter and less cluttered. note that _NSIG is actually 65/129, not 64/128, but the division takes care of throwing away the off-by-one part.
* provide emulation of fcntl F_DUPFD_CLOEXEC on old kernelsRich Felker2013-03-261-0/+16
| | | | | | | | | I'm not entirely happy with the amount of ugliness here, but since F_DUPFD_CLOEXEC is used elsewhere in code that's expected to work on old kernels (popen), it seems necessary. reportedly even some modern kernels went back and broke F_DUPFD_CLOEXEC (making it behave like plain F_DUPFD), so it might be necessary to add some additional fixup code later to deal with that issue too.
* in pipe2, use pipe() rather than __syscall(SYS_pipe, ...) for fallbackRich Felker2013-03-251-3/+3
| | | | | | | SYS_pipe is not usable directly in general, since mips has a very broken calling convention for the pipe syscall. instead, just call the function, so that the mips-specific ugliness is isolated in mips/pipe.s and not copied elsewhere.
* rewrite popen to use posix_spawn instead of fragile vfork hacksRich Felker2013-03-241-41/+41
|
* remove cruft from pre-posix_spawn version of the system functionRich Felker2013-03-241-6/+0
|
* fix multiple bugs in syslog interfacesRich Felker2013-03-231-24/+27
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | 1. as reported by William Haddon, the value returned by snprintf was wrongly used as a length passed to sendto, despite it possibly exceeding the buffer length. this could lead to invalid reads and leaking additional data to syslog. 2. openlog was storing a pointer to the ident string passed by the caller, rather than copying it. this bug is shared with (and even documented in) other implementations like glibc, but such behavior does not seem to meet the requirements of the standard. 3. extremely long ident provided to openlog, or corrupt ident due to the above issue, could possibly have resulted in buffer overflows. despite having the potential for smashing the stack, i believe the impact is low since ident points to a short string literal in typical application usage (and per the above bug, other usages will break horribly on other implementations). 4. when used with LOG_NDELAY, openlog was not connecting the newly-opened socket; sendto was being used instead. this defeated the main purpose of LOG_NDELAY: preparing for chroot. 5. the default facility was not being used at all, so all messages without an explicit facility passed to syslog were getting logged at the kernel facility. 6. setlogmask was not thread-safe; no synchronization was performed updating the mask. the fix uses atomics rather than locking to avoid introducing a lock in the fast path for messages whose priority is not in the mask. 7. in some code paths, the syslog lock was being unlocked twice; this could result in releasing a lock that was actually held by a different thread. some additional enhancements to syslog such as a default identifier based on argv[0] or similar may still be desired; at this time, only the above-listed bugs have been fixed.
* fix types for wctype_t and wctrans_tRich Felker2013-03-041-4/+4
| | | | | | | | | | | | | | | | | | | | wctype_t was incorrectly "int" rather than "long" on x86_64. not only is this an ABI incompatibility; it's also a major design flaw if we ever wanted wctype_t to be implemented as a pointer, which would be necessary if locales support custom character classes, since int is too small to store a converted pointer. this commit fixes wctype_t to be unsigned long on all archs, matching the LSB ABI; this change does not matter for C code, but for C++ it affects mangling. the same issue applied to wctrans_t. glibc/LSB defines this type as const __int32_t *, but since no such definition is visible, I've just expanded the definition, int, everywhere. it would be nice if these types (which don't vary by arch) could be in wctype.h, but the OB XSI requirement in POSIX that wchar.h expose some types and functions from wctype.h precludes doing so. glibc works around this with some hideous hacks, but trying to duplicate that would go against the intent of musl's headers.
* fix integer type issue in strverscmpRich Felker2013-02-261-1/+3
| | | | | | | | | lenl-lenr is not a valid expression for a signed int return value from strverscmp, since after implicit conversion from size_t to int this difference could have the wrong sign or might even be zero. using the difference for char values works since they're bounded well within the range of differences representable by int, but it does not work for size_t values.
* implement non-stub strverscmpRich Felker2013-02-261-2/+35
| | | | patch by Isaac Dunham.
* replace stub with working strcasestrRich Felker2013-02-211-2/+4
|
* fix wrong return value from wmemmove on forward copiesRich Felker2013-02-211-1/+2
|
* use memcmp instead of str[n]cmp for temp function XXXXXX checkingRich Felker2013-02-202-2/+2
|
* fix error cases in mkostemps coreRich Felker2013-02-201-6/+3
| | | | | | 1. wrong return value and missing errno for negative suffix len 2. failure to catch suffix len > strlen 3. remove unwanted clearing of input string in invalid case
* remove leftover unused variable in mktemp after refactoringRich Felker2013-02-201-1/+0
|
* add mkostemp, mkstemps, and mkostemps functions and reorganize temp internalsRich Felker2013-02-206-29/+83
| | | | | | | | | based on patch contributed by Anthony G. Basile (blueness) some issues remain with the filename generation algorithm and other small bugs, but this patch has been sitting around long enough that I feel it's best to get it committed and then work out any remaining issues.
* remove unused #undef environ now that libc.h no longer #defines itRich Felker2013-02-171-1/+0
|
* consistently use the internal name __environ for environRich Felker2013-02-173-5/+4
| | | | | | | | | | | patch by Jens Gustedt. previously, the intended policy was to use __environ in code that must conform to the ISO C namespace requirements, and environ elsewhere. this policy was not followed in practice anyway, making things confusing. on top of that, Jens reported that certain combinations of link-time optimization options were breaking with the inconsistent references; this seems to be a compiler or linker bug, but having it go away is a nice side effect of the changes made here.
* add fgetgrent functionRich Felker2013-02-171-0/+9
| | | | | | based on patch by Isaac Dunham, moved to its own file to avoid increasing bss on static linked programs not using this nonstandard function but using the standard getgrent function, and vice versa.
* fix typo in newly-added error message for EOWNERDEADRich Felker2013-02-071-1/+1
|
* improve error stringsRich Felker2013-02-071-27/+30
| | | | | | | | | | | | | | | | | | | | | | | this definitely has the potential to be a bikeshed topic, so some justification is in order. most of the changes made fit into one of the following categories: 1. alignment with text in posix, xsh 2.3 2. eliminating overly-specific text for shared error codes 3. making the message match more closely with the macro name 4. removing extraneous words in particular, the EAGAIN/EWOULDBLOCK text is updated to match the description of EAGAIN (which covers both uses) rather than saying the operation would block, and ENOTSUP/EOPNOTSUPP is updated not to mention sockets. the distinction between ENFILE/EMFILE has also been clarified; ENFILE is aligned with the posix text, and EMFILE, which lacks concise posix text matching any historic message, is updated to emphasize that the exhausted resource is not open files/open file descriptions, but rather the integer 'address space' of file descriptors. some messages may be further tweaked based on feedback.
* base system() on posix_spawnRich Felker2013-02-031-41/+26
| | | | | this avoids duplicating the fragile logic for executing an external program without fork.
* fix unsigned comparison bug in posix_spawnRich Felker2013-02-031-1/+1
| | | | | | | read should never return anything but 0 or sizeof ec here, but if it does, we want to treat any other return as "success". then the caller will get back the pid and is responsible for waiting on it when it immediately exits.
* overhaul posix_spawn to use CLONE_VM instead of vforkRich Felker2013-02-033-55/+125
| | | | | | | | | | | | | | | | | | | | | the proposed change was described in detail in detail previously on the mailing list. in short, vfork is unsafe because: 1. the compiler could make optimizations that cause the child to clobber the parent's local vars. 2. strace is buggy and allows the vforking parent to run before the child execs when run under strace. the new design uses a close-on-exec pipe instead of vfork semantics to synchronize the parent and child so that the parent does not return before the child has finished using its arguments (and now, also its stack). this also allows reporting exec failures to the caller instead of giving the caller a child that mysteriously exits with status 127 on exec error. basic testing has been performed on both the success and failure code paths. further testing should be done.
* streamline old-kernel fallback path of pipe2 to use syscalls directlyRich Felker2013-02-031-4/+4
| | | | | | also, don't waste code/time on F_GETFL since pipes always have blank flags initially (at least on old kernels, which are all this fallback code matters for).
* dynamically allocate storage for gethostby* buffersRich Felker2013-02-022-10/+32
| | | | | | | | | | this change shaves ~1k off libc.so bss size, and also avoids hard errors in the case where the static buffer was not large enough to hold the result. this whole framework is really ugly and might should be replaced or at least heavily overhauled when some changes/factorizations are made to getaddrinfo internals in the future.
* fix blank ai_canonname from getaddrinfo for non-CNAMEsRich Felker2013-02-021-1/+1
|
* fix memory leak due to double call to getaddrinfo in gethostbyname*Rich Felker2013-02-021-1/+0
|
* fix error returns in gethostby*_r functionsRich Felker2013-02-022-17/+10
| | | | they're supposed to return an error code rather than using errno.
* fix uninitialized map_len being used in munmap failure paths in load_libraryRich Felker2013-02-021-3/+2
| | | | | | this bug seems to have been introduced when the map_library signatures was changed to return the mapping in a temp dso structure instead of into separate variables.
* fix stale locks left behind when pthread_create failsRich Felker2013-02-011-3/+6
| | | | this bug seems to have been around a long time.
* if pthread_create fails, it must not attempt mmap if there is no mappingRich Felker2013-02-011-1/+1
| | | | | this bug was introduced when support for application-provided stacks was originally added.
* pthread stack treatment overhaul for application-provided stacks, etc.Rich Felker2013-02-013-23/+33
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | the main goal of these changes is to address the case where an application provides a stack of size N, but TLS has size M that's a significant portion of the size N (or even larger than N), thus giving the application less stack space than it expected or no stack at all! the new strategy pthread_create now uses is to only put TLS on the application-provided stack if TLS is smaller than 1/8 of the stack size or 2k, whichever is smaller. this ensures that the application always has "close enough" to what it requested, and the threshold is chosen heuristically to make sure "sane" amounts of TLS still end up in the application-provided stack. if TLS does not fit the above criteria, pthread_create uses mmap to obtain space for TLS, but still uses the application-provided stack for actual call frame stack. this is to avoid wasting memory, and for the sake of supporting ugly hacks like garbage collection based on assumptions that the implementation will use the provided stack range. in order for the above heuristics to ever succeed, the amount of TLS space wasted on POSIX TSD (pthread_key_create based) needed to be reduced. otherwise, these changes would preclude any use of pthread_create without mmap, which would have serious memory usage and performance costs for applications trying to create huge numbers of threads using pre-allocated stack space. the new value of PTHREAD_KEYS_MAX is the minimum allowed by POSIX, 128. this should still be plenty more than real-world applications need, especially now that C11/gcc-style TLS is now supported in musl, and most apps and libraries choose to use that instead of POSIX TSD when available. at the same time, PTHREAD_STACK_MIN has been decreased. it was originally set to PAGE_SIZE back when there was no support for TLS or application-provided stacks, and requests smaller than a whole page did not make sense. now, there are two good reasons to support requests smaller than a page: (1) applications could provide pre-allocated stacks smaller than a page, and (2) with smaller stack sizes, stack+TLS+TSD can all fit in one page, making it possible for applications which need huge numbers of threads with minimal stack needs to allocate exactly one page per thread. the new value of PTHREAD_STACK_MIN, 2k, is aligned with the minimum size for sigaltstack.
* make some arrays constrofl0r2013-02-027-8/+8
| | | | this way they'll go into .rodata, decreasing memory pressure.
* replace __wake function with macro that performs direct syscallRich Felker2013-02-012-10/+2
| | | | | | | | | | | this should generate faster and smaller code, especially with inline syscalls. the conditional with cnt is ugly, but thankfully cnt is always a constant anyway so it gets evaluated at compile time. it may be preferable to make separate __wake and __wakeall macros without a count argument. priv flag is not used yet; private futex support still needs to be done at some point in the future.
* fix up minor misplacement of restrict keyword in spawnattr sched stubsRich Felker2013-02-011-2/+2
|
* revert regex "cleanup" that seems unjustified and may break backtrackingRich Felker2013-02-011-0/+3
| | | | | | it's not clear to me at the moment whether the code that was removed (and which is now being re-added) is needed, but it's far from being a no-op, and i don't want to risk breaking regex in this release.
* fix tm_to_time logic for number of days in novemberRich Felker2013-01-261-1/+1
| | | | report/patch by Hiltjo Posthuma <hiltjo@codemadness.org>
* add support for RTLD_NOLOAD to dlopenRich Felker2013-01-231-3/+7
| | | | | | | | based on patch by Pierre Carrier <pierre@gcarrier.fr> that just added the flag constant, but with minimal additional code so that it actually works as documented. this is a nonstandard option but some major software (reportedly, Firefox) uses it and it was easy to add anyway.
* fix regression in dlsym: rejection of special RTLD_* handles as invalidRich Felker2013-01-231-1/+2
|
* fix warning building dynlink.c stub for static libcRich Felker2013-01-161-2/+2
| | | | | struct dso was not defined in this case, and it's not needed in the code that was using it anyway; void pointers work just as well.
* fix bug in dladdr that prevented resolving addresses in the PLTRich Felker2013-01-161-1/+1
|