about summary refs log tree commit diff
path: root/src
Commit message (Collapse)AuthorAgeFilesLines
* fix clobber of edx in i386 vsyscall asmRich Felker2012-11-111-1/+2
| | | | | | | this function does not obey the normal calling convention; like a syscall instruction, it's expected not to clobber any registers except the return value. clobbering edx could break callers that were reusing the value cached in edx after the syscall returns.
* always add memory streams to stdio open file listRich Felker2012-11-093-18/+21
| | | | | | | | | | | | per interpretation for austin group issue #626, fflush(0) and exit() must block waiting for a lock if another thread has locked a memory stream with flockfile. this adds some otherwise-unnecessary synchronization cost to use of memory streams, but there was already a synchronization cost calling malloc anyway. previously the stream was only added to the open file list in single-threaded programs, so that upon subsequent call to pthread_create, locking could be turned on for the stream.
* support ldso path files without final newlineRich Felker2012-11-091-2/+5
|
* change ldso path file logic to replace rather than add to search pathRich Felker2012-11-081-2/+2
| | | | | | | | | | | this change was originally intended just to avoid repeated attempts to open a nonexistant /etc/ls-musl-$(ARCH).path file, but I realized it also prevents the default paths from being searched when such a path file exists. despite the potential to break existing usage, I believe the new behavior is the right behavior, and it's better to fix it sooner rather than later. with the old behavior, it was impossible to inhibit search of default paths which might contain musl-incompatible libs (or even libs from a different cpu arch, on multi-arch machines).
* clean up sloppy nested inclusion from pthread_impl.hRich Felker2012-11-0821-16/+28
| | | | | | | | | | | | | | this mirrors the stdio_impl.h cleanup. one header which is not strictly needed, errno.h, is left in pthread_impl.h, because since pthread functions return their error codes rather than using errno, nearly every single pthread function needs the errno constants. in a few places, rather than bringing in string.h to use memset, the memset was replaced by direct assignment. this seems to generate much better code anyway, and makes many functions which were previously non-leaf functions into leaf functions (possibly eliminating a great deal of bloat on some platforms where non-leaf functions require ugly prologue and/or epilogue).
* clean up stdio_impl.hRich Felker2012-11-0841-19/+93
| | | | | | | | | | | this header evolved to facilitate the extremely lazy practice of omitting explicit includes of the necessary headers in individual stdio source files; not only was this sloppy, but it also increased build time. now, stdio_impl.h is only including the headers it needs for its own use; any further headers needed by source files are included directly where needed.
* fix dlsym asm for mipsRich Felker2012-11-081-1/+2
| | | | | | saving the return address from the delay slot is not valid -- by the time the instruction executes, the return address has already been replaced.
* improve SOCK_NONBLOCK/SOCK_CLOEXEC fallback codeRich Felker2012-11-051-1/+2
| | | | | | | | | | | | | | | | checking for EINVAL should be sufficient, but qemu user emulation returns EPROTONOSUPPORT in some of the failure cases, and it seems conceivable that other kernels doing linux-emulation could make the same mistake. since DNS lookups and other important code might break if the fallback does not get invoked, be extra careful and check for either error. note that it's important NOT to perform the fallback code on other errors such as resource-exhaustion cases, since the fallback is not atomic and will lead to file-descriptor leaks in multi-threaded programs that use exec. the fallback code is only "safe" to run when the initial failure is caused by the application's choice of arguments, not the system state.
* mips cache flush/ctl syscall support and headerRich Felker2012-11-041-0/+18
|
* remove one unnecessary static var from dynamic linkerRich Felker2012-11-011-2/+2
|
* fix more unused variable warningsRich Felker2012-11-014-6/+5
| | | | | | | some of these were coming from stdio functions locking files without unlocking them. I believe it's useful for this to throw a warning, so I added a new macro that's self-documenting that the file will never be unlocked to avoid the warning in the few places where it's wrong.
* fix unused variable warningsRich Felker2012-11-012-2/+1
|
* add dl_iterate_phdr interfaceRich Felker2012-10-312-7/+87
| | | | | | | | | | patches by Alex Caudill (npx). the dynamic-linked version is almost identical to the final submitted patch; I just added a couple missing lines for saving the phdr address when the dynamic linker is invoked directly to run a program, and removed a couple to avoid introducing another unnecessary type. the static-linked version is based on npx's draft. it could use some improvements which are contingent on the startup code saving some additional information for later use.
* system is a cancellation pointRich Felker2012-10-281-0/+3
| | | | | | | | | | ideally, system would also be cancellable while running the external command, but I cannot find any way to make that work without either leaking zombie processes or introducing behavior that is far outside what the standard specifies. glibc handles cancellation by killing the child process with SIGKILL, but this could be unsafe in that it could leave the data being manipulated by the command in an inconsistent state.
* fix shmdt syscall calling convention on old archsRich Felker2012-10-281-1/+1
|
* separate getc/putc from fgetc/fputcRich Felker2012-10-274-6/+25
| | | | | | | | | for conformance, two functions should not have the same address. a conforming program could use the addresses of getc and fgetc in ways that assume they are distinct. normally i would just use a wrapper, but these functions are so small and performance-critical that an extra layer of function call could make the one that's a wrapper nearly twice as slow, so I'm just duplicating the code instead.
* use explicit visibility to optimize a few hot-path function callsRich Felker2012-10-253-11/+13
| | | | | | | | | | | | | | | | | | | | | | on x86 and some other archs, functions which make function calls which might go through a PLT incur a significant overhead cost loading the GOT register prior to making the call. this load is utterly useless in musl, since all calls are bound at library-creation time using -Bsymbolic-functions, but the compiler has no way of knowing this, and attempts to set the default visibility to protected have failed due to bugs in GCC and binutils. this commit simply manually assigns hidden/protected visibility, as appropriate, to a few internal-use-only functions which have many callers, or which have callers that are hot paths like getc/putc. it shaves about 5k off the i386 libc.so with -Os. many of the improvements are in syscall wrappers, where the benefit is just size and performance improvement is unmeasurable noise amid the syscall overhead. however, stdio may be measurably faster. if in the future there are toolchains that can do the same thing globally without introducing linking bugs, it might be worth considering removing these workarounds.
* correct locking in stdio functions that tried to be lock-freeRich Felker2012-10-246-16/+36
| | | | | | | | | | | | | these functions must behave as if they obtain the lock via flockfile to satisfy POSIX requirements. since another thread can provably hold the lock when they are called, they must wait to obtain the lock before they can return, even if the correct return value could be obtained without locking. in the case of fclose and freopen, failure to do so could cause correct (albeit obscure) programs to crash or otherwise misbehave; in the case of feof, ferror, and fwide, failure to obtain the lock could sometimes return incorrect results. in any case, having these functions proceed and return while another thread held the lock was wrong.
* greatly improve freopen behaviorRich Felker2012-10-245-17/+41
| | | | | | | | | | | | | 1. don't open /dev/null just as a basis to copy flags; use shared __fmodeflags function to get the right file flags for the mode. 2. handle the case (probably invalid, but whatever) case where the original stream's file descriptor was closed; previously, the logic re-closed it. 3. accept the "e" mode flag for close-on-exec; update dup3 to fallback to using dup2 so we can simply call __dup3 instead of putting fallback logic in freopen itself.
* remove useless failure-check from freopen (can't happen)Rich Felker2012-10-241-2/+2
|
* simplify logic in stpcpy; avoid copying first aligned byte twiceRich Felker2012-10-221-4/+4
| | | | | gcc seems to be generating identical or near-identical code for both versions, but the newer code is more expressive of what it's doing.
* as an extension, have putenv("VAR") behave as unsetenv("VAR")Rich Felker2012-10-211-5/+5
| | | | | | the behavior of putenv is left undefined if the argument does not contain an equal sign, but traditional implementations behave this way and gnulib replaces putenv if it doesn't do this.
* accept "nan(n-char-sequence)" in strtod/scanf functionsRich Felker2012-10-211-1/+19
| | | | | this will prevent gnulib from wrapping our strtod to handle this useless feature.
* fix copy/paste error in popen changes that broke signalsRich Felker2012-10-211-1/+1
| | | | signal mask was not being restored after fork, but instead blocked again.
* support looking up thread-local objects with dlsymRich Felker2012-10-191-0/+6
|
* fix breakage in dlsym for looking up RTLD_DEFAULT, etc.Rich Felker2012-10-191-2/+5
| | | | | this was broken during the early dynamic-linked TLS commits, which rearranged some of the code for handling new relocation types.
* fix usage of locks with vforkRich Felker2012-10-193-3/+4
| | | | | | __release_ptc() is only valid in the parent; if it's performed in the child, the lock will be unlocked early then double-unlocked later, corrupting the lock state.
* fix crashes in static-linked multithreaded programs without TLSRich Felker2012-10-191-0/+2
|
* fix order of syscall args for microblaze clone syscallRich Felker2012-10-191-3/+2
| | | | | with this commit, based on testing with patches to qemu which are not yet upstream,
* ensure microblaze __set_thread_area returns successRich Felker2012-10-181-1/+2
| | | | | since it did not set the return-value register, the caller could wrongly interpret this as failure.
* avoid raising spurious division-by-zero exception in printfRich Felker2012-10-181-1/+1
|
* floating point environment/exceptions support for mipsRich Felker2012-10-181-0/+60
|
* fix parent-memory-clobber in posix_spawn (environ)Rich Felker2012-10-183-9/+17
|
* overhaul system() and popen() to use vfork; fix various related bugsRich Felker2012-10-184-56/+110
| | | | | | | | | | | | | | | | since we target systems without overcommit, special care should be taken that system() and popen(), like posix_spawn(), do not fail in processes whose commit charges are too high to allow ordinary forking. this in turn requires special precautions to ensure that the parent process's signal handlers do not end up running in the shared-memory child, where they could corrupt the state of the parent process. popen has also been updated to use pipe2, so it does not have a fd-leak race in multi-threaded programs. since pipe2 is missing on older kernels, (non-atomic) emulation has been added. some silly bugs in the old code should be gone too.
* fix (hopefully; untested) completely broken/incomplete microblaze sigsetjmpRich Felker2012-10-181-3/+12
|
* fix microblaze asm relocations for shared libcRich Felker2012-10-174-6/+6
| | | | | | only @PLT relocations are considered functions for purposes of -Bsymbolic-functions, so always use @PLT. it should not hurt in the static-linked case.
* add memmem function (gnu extension)Rich Felker2012-10-151-0/+148
| | | | based on strstr. passes gnulib tests and a few quick checks of my own.
* add support for TLS variant I, presently needed for arm and mipsRich Felker2012-10-155-6/+46
| | | | | | | | | | | | | | | | | | | | | | despite documentation that makes it sound a lot different, the only ABI-constraint difference between TLS variants II and I seems to be that variant II stores the initial TLS segment immediately below the thread pointer (i.e. the thread pointer points to the end of it) and variant I stores the initial TLS segment above the thread pointer, requiring the thread descriptor to be stored below. the actual value stored in the thread pointer register also tends to have per-arch random offsets applied to it for silly micro-optimization purposes. with these changes applied, TLS should be basically working on all supported archs except microblaze. I'm still working on getting the necessary information and a working toolchain that can build TLS binaries for microblaze, but in theory, static-linked programs with TLS and dynamic-linked programs where only the main executable uses TLS should already work on microblaze. alignment constraints have not yet been heavily tested, so it's possible that this code does not always align TLS segments correctly on archs that need TLS variant I.
* block uid/gid changes during posix_spawnRich Felker2012-10-151-0/+10
| | | | | | | | | | | | | | | | | | usage of vfork creates a situation where a process of lower privilege may momentarily have write access to the memory of a process of higher privilege. consider the case of a multi-threaded suid program which is calling posix_spawn in one thread while another thread drops the elevated privileges then runs untrusted (relative to the elevated privilege) code as the original invoking user. this untrusted code can then potentially modify the data the child process will use before calling exec, for example changing the pathname or arguments that will be passed to exec. note that if vfork is implemented as fork, the lock will not be held until the child execs, but since memory is not shared it does not matter.
* fix overlap of thread stacks with thread tls segmentsRich Felker2012-10-141-2/+1
|
* fix main program TLS alignment for dynamic-linked programsRich Felker2012-10-141-6/+5
| | | | | this change brings the behavior in line with the static-linked code, which seems to be correct.
* workaround broken hidden-visibility handling in pccRich Felker2012-10-131-1/+1
| | | | | | | | | | | | | with this change, pcc-built musl libc.so seems to work correctly. the problem is that pcc generates GOT lookups for external-linkage symbols even if they are hidden, rather than using GOT-relative addressing. the entire reason we're using hidden visibility on the __libc object is to make it accessible prior to relocations -- not to mention inexpensive to access. unfortunately, the workaround makes it even more expensive on pcc. when the pcc issue is fixed, an appropriate version test should be added so new pcc can use the much more efficient variant.
* fix namespace clash (libc) in dynlink.cRich Felker2012-10-131-14/+13
| | | | | | | this makes it so the #undef libc and __libc name are no longer needed, which were problematic because the "accessor function" mode for accessing the libc struct could not be used, breaking build on any compiler without (working) visibility.
* remove dead code from dynamic linkerRich Felker2012-10-131-10/+0
|
* comment possibly-confusing i386 vsyscall asmRich Felker2012-10-111-1/+13
|
* avoid the thread-ptr-init behavior of sigaction when not installing handlerRich Felker2012-10-111-1/+2
| | | | | | this is necessary because posix_spawn calls sigaction after vfork, and if the thread pointer is not already initialized, initializing it in the child corrupts the parent process's state.
* i386 vsyscall support (vdso-provided sysenter/syscall instruction based)Rich Felker2012-10-113-16/+62
| | | | | | this doubles the performance of the fastest syscalls on the atom I tested it on; improvement is reportedly much more dramatic on worst-case cpus. cannot be used for cancellable syscalls.
* ensure that buffer for decoding auxv at startup is initially zeroRich Felker2012-10-081-1/+1
|
* clean up and refactor program initializationRich Felker2012-10-076-34/+33
| | | | | | | | | | | | | | | the code in __libc_start_main is now responsible for parsing auxv, rather than duplicating the parsing all over the place. this should shave off a few cycles and some code size. __init_libc is left as an external-linkage function despite the fact that it could be static, to prevent it from being inlined and permanently wasting stack space when main is called. a few other minor changes are included, like eliminating per-thread ssp canaries (they were likely broken when combined with certain dlopen usages, and completely unnecessary) and some other unnecessary checks. since this code gets linked into every program, it should be as small and simple as possible.
* fix breakage due to initializing thread pointer when loading libsRich Felker2012-10-071-1/+1
| | | | | | at initial program load, all libraries must be loaded before the thread pointer can be setup, since the TP-relative addresses of all initial TLS objects must be constant.