about summary refs log tree commit diff
path: root/src
Commit message (Collapse)AuthorAgeFilesLines
* remove incorrectly-made-visible internal dst offset variableRich Felker2011-09-141-1/+0
|
* fix inconsistent signature for aio_errorRich Felker2011-09-141-1/+1
|
* fix return types for aio_read and aio_write againRich Felker2011-09-131-2/+2
| | | | | previous fix was backwards and propagated the wrong type rather than the right one...
* fix various errors in function signatures/prototypes found by nszRich Felker2011-09-135-8/+11
|
* add missing posix_spawnattr_init/destroy functionsRich Felker2011-09-132-0/+13
|
* remove some stray trailing space charactersRich Felker2011-09-134-4/+4
|
* implement gnu sigisemptysetRich Felker2011-09-121-0/+9
|
* add dummied strverscmp (obnoxious GNU function)Rich Felker2011-09-111-0/+7
| | | | | | programs that use this tend to horribly botch international text support, so it's questionable whether we want to support it even in the long term... for now, it's just a dummy that calls strcmp.
* fix serious bug in pthread_joinRich Felker2011-09-111-2/+2
| | | | | | | | | | | | | on spurious wakeups/returns from __timedwait, pthread_join would "succeed" and unmap the thread's stack while it was still running. at best this would lead to SIGSEGV when the thread resumed execution, but in the worst case, the thread would later resume executing on top of another new thread's stack mapped at the same address. spent about 4 hours tracking this bug down, chasing rare difficult-to-reproduce stack corruption in a stress test program. still no idea *what* caused the spurious wakeups; i suspect it's a kernel bug.
* fix pthread_join wait call: thread termination tid futex is not privateRich Felker2011-09-091-1/+1
| | | | | | | | | this seeme to be the bug that prevented enabling of private futex support. i'm going to hold off on switching to private futexes until after the next release, and until i get a chance to audit all wait/wake calls to make sure they're using the correct private argument, but with this change it should be safe to enable private futex support.
* implement POSIX asynchronous ioRich Felker2011-09-097-0/+338
| | | | | some features are not yet supported, and only minimal testing has been performed. should be considered experimental at this point.
* fix incorrect overflow errors on strtoul, etc.Rich Felker2011-09-054-8/+20
|
* strptime: fix use of uninitialized dest field in converting integerRich Felker2011-09-051-1/+1
|
* more fmemopen null termination fixesRich Felker2011-09-041-2/+3
| | | | | | | | null termination is only added when current size grows. in update modes, null termination is not added if it does not fit (i.e. it is not allowed to clobber data). these rules make very little sense, but that's how it goes..
* fix some fmemopen behaviorsRich Felker2011-09-041-4/+7
| | | | | | read should not be allowed past "current size". append mode should write at "current size", not buffer size. null termination should not be written except when "current size" grows.
* handle pending cancellation when enabling async cancellationRich Felker2011-09-041-0/+1
| | | | | | | | | | | this is not strictly required by the standard, but without it, there is a race condition where cancellation arriving just before async cancellation is enabled might not be acted upon. it is impossible for a conforming application to work around this race condition since calling pthread_testcancel after setting async cancellation mode is not allowed (pthread_testcancel is not specified to be async-cancel-safe). thus the implementation should be responsible for eliminating the race, from a quality-of-implementation standpoint.
* fmemopen: fix eof handling, hopefully right this timeRich Felker2011-09-041-3/+4
|
* fmemopen fixesRich Felker2011-09-041-1/+3
| | | | | | disallow seek past end of buffer (per posix) fix position accounting to include data buffered for read don't set eof flag when no data was requested
* memstreams: fix incorrect handling of file pos > current sizeRich Felker2011-09-042-4/+4
| | | | | the addition is safe and cannot overflow because both operands are positive when considered as signed quantities.
* optimize seek function for memory streamsRich Felker2011-09-042-24/+6
|
* fix twos complement overflow bug in mem streams boundary checkRich Felker2011-09-042-2/+2
| | | | | | the expression -off is not safe in case off is the most-negative value. instead apply - to base which is known to be non-negative and bounded within sanity.
* implement fmemopenRich Felker2011-09-031-18/+66
| | | | testing so far has been minimal. may need further work.
* fix some length calculations in memory streamsRich Felker2011-09-032-3/+3
|
* implement open_wmemstreamRich Felker2011-09-031-0/+95
| | | | | | not heavily tested, but it seems to be correct, including the odd behavior that seeking is in terms of wide character count. this precludes any simple buffering, so we just make the stream unbuffered.
* fix RTLD_NEXT on x86_64Rich Felker2011-09-031-1/+1
| | | | | the return address was being truncated to 32 bits, preventing the dlsym code from determining which module contains the calling code.
* implement open_memstreamRich Felker2011-09-031-0/+94
| | | | | this is the first attempt, and may have bugs. only minimal testing has been performed.
* fix missing prototypes/wrong signature for psiginfo, psignalRich Felker2011-09-021-1/+1
|
* bring back ___environ symbol (3 underscores)Rich Felker2011-08-231-0/+1
| | | | | | its existence doesn't hurt anything, and dynamic-linked binaries using previous versions of musl were wrongly binding to it instead of __environ.
* use new a_crash() asm to optimize double-free handler.Rich Felker2011-08-231-2/+2
| | | | | | | gcc generates extremely bad code (7 byte immediate mov) for the old null pointer write approach. it should be generating something like "xor %eax,%eax ; mov %al,(%eax)". in any case, using a dedicated crashing opcode accomplishes the same thing in one byte.
* security hardening: ensure suid programs have valid stdin/out/errRich Felker2011-08-234-15/+42
| | | | | | | | | | | this behavior (opening fds 0-2 for a suid program) is explicitly allowed (but not required) by POSIX to protect badly-written suid programs from clobbering files they later open. this commit does add some cost in startup code, but the availability of auxv and the security flag will be useful elsewhere in the future. in particular auxv is needed for static-linked vdso support, which is still waiting to be committed (sorry nik!)
* in pathconf, -1, not 0, means unsupported.. syncio presumably works, too.Rich Felker2011-08-161-3/+3
|
* fix bogus pathconf result for file size bitsRich Felker2011-08-161-1/+1
|
* partially working strptimeRich Felker2011-08-161-148/+149
| | | | | | | | it's missing at least: - derived fields - week numbers - short year (without century) support - locale modifiers
* ldso: move the suid/secure check code closer to env/auxv processingRich Felker2011-08-161-7/+7
| | | | | | this does not change behavior, but the idea is to avoid letting other code build up between these two points, whereby the environment variables might get used before security it checked.
* honor AT_SECURE aux vector flagRich Felker2011-08-161-2/+2
|
* RTLD_NEXT supportRich Felker2011-08-164-3/+32
| | | | | the asm wrapper is needed to get the return address without compiler-specific extensions.
* LD_PRELOAD supportRich Felker2011-08-161-0/+20
|
* simplify and improve double-free checkRich Felker2011-08-151-2/+2
| | | | | | | | | | | | a valid mmapped block will have an even (actually aligned) "extra" field, whereas a freed chunk on the heap will always have an in-use neighbor. this fixes a potential bug if mmap ever allocated memory below the main program/brk (in which case it would be wrongly-detected as a double-free by the old code) and allows the double-free check to work for donated memory outside of the brk area (or, in the future, secondary heap zones if support for their creation is added).
* macro for pthread_equalRich Felker2011-08-141-1/+1
| | | | no sense bloating apps with a function call for an equality comparison...
* fix missing include in last commitRich Felker2011-08-131-0/+1
|
* fix clock() functionRich Felker2011-08-131-2/+7
| | | | | | | | | | it previously was returning the pseudo-monotonic-realtime clock returned by times() rather than process cputime. it also violated C namespace by pulling in times(). we now use clock_gettime() if available because times() has ridiculously bad resolution. still provide a fallback for ancient kernels without clock_gettime.
* implement forkallRich Felker2011-08-121-0/+66
| | | | | | | | | | | | this is a "nonstandard" function that was "rejected" by POSIX, but nonetheless had its behavior documented in the POSIX rationale for fork. it's present on solaris and possibly some other systems, and duplicates the whole calling process, not just a single thread. glibc does not have this function. it should not be used in programs intending to be portable, but may be useful for testing, checkpointing, etc. and it's an interesting (and quite small) example of the usefulness of the __synccall framework originally written to work around deficiencies in linux's setuid syscall.
* pthread and synccall cleanup, new __synccall_wait opRich Felker2011-08-124-7/+13
| | | | | | | | | fix up clone signature to match the actual behavior. the new __syncall_wait function allows a __synccall callback to wait for other threads to continue without returning, so that it can resume action after the caller finishes. this interface could be made significantly more general/powerful with minimal effort, but i'll wait to do that until it's actually useful for something.
* more efficient signal blocking for timer threadsRich Felker2011-08-121-4/+4
| | | | | due to the barrier, it's safe just to block signals in the new thread, rather than blocking and unblocking in the parent thread.
* normal exit from timer thread should run dtors, restore cancel stateRich Felker2011-08-111-1/+1
|
* block signals in timer threadsRich Felker2011-08-111-0/+4
| | | | | | | if a timer thread leaves signals unblocked, any future attempt by the main thread to prevent the process from being terminated by blocking signals will fail, since the signal can still be delivered to the timer thread.
* condition variable signal/bcast need not wake unless there are waitersRich Felker2011-08-072-4/+4
|
* use weak aliase rather than weak reference for vdso clock_gettimeRich Felker2011-08-071-8/+12
| | | | | | | | this works around pcc's lack of working support for weak references, and in principle is nice because it gets us back to the stage where the only weak symbol feature we use is weak aliases, nothing else. having fewer dependencies on fancy linker features is a good thing.
* simplify unified timed wait code, drop support for newer methodRich Felker2011-08-071-31/+28
| | | | | | | | | | | | the new absolute-time-based wait kernelside was hard to get right and basically just code duplication. it could only improve "performance" when waiting, and even then, the improvement was just slight drop in cpu usage during a wait. actually, with vdso clock_gettime, the "old" way will be even faster than the "new" way if the time has already expired, since it will not invoke any syscalls. it can determine entirely in userspace that it needs to return ETIMEDOUT.
* add fast path for normal mutexes back to pthread_mutex_lockRich Felker2011-08-071-0/+3
|