Paul Eggert [Wed, 1 Jan 2025 18:31:31 +0000 (10:31 -0800)]
Update copyright dates not handled by scripts/update-copyrights
I've updated copyright dates in glibc for 2025. This is the patch for
the changes not generated by scripts/update-copyrights and subsequent
build / regeneration of generated files.
Paul Eggert [Wed, 1 Jan 2025 19:16:35 +0000 (11:16 -0800)]
Pass glibc pre-commit checks
This is needed for the next patch which updates copyright dates.
* assert/test-assert-2.c: Remove trailing white space.
* elf/tst-startup-errno.c: Remove trailing empty lines.
Xi Ruoyao [Thu, 26 Dec 2024 04:51:18 +0000 (12:51 +0800)]
mlock, mlock2, munlock: Tell the compiler we don't dereference the pointer
Since https://gcc.gnu.org/r11-959, the compiler emits
-Wmaybe-uninitialized if a const pointer to an uninitialized buffer is
passed. Tell the compiler we don't dereference the pointer to remove
the false alarm.
Link: https://gcc.gnu.org/PR118194 Signed-off-by: Xi Ruoyao <xry111@xry111.site> Reviewed-by: Sam James <sam@gentoo.org>
The new tunable can be used to control whether executable stacks are
allowed from either the main program or dependencies. The default is
to allow executable stacks.
The executable stacks default permission is checked agains the one
provided by the PT_GNU_STACK from program headers (if present). The
tunable also disables the stack permission change if any dependency
requires an executable stack at loading time.
Checked on x86_64-linux-gnu, i686-linux-gnu, and aarch64-linux-gnu.
elf: Do not change stack permission on dlopen/dlmopen
If some shared library loaded with dlopen/dlmopen requires an executable
stack, either implicitly because of a missing GNU_STACK ELF header
(where the ABI default flags implies in the executable bit) or explicitly
because of the executable bit from GNU_STACK; the loader will try to set
the both the main thread and all thread stacks (from the pthread cache)
as executable.
Besides the issue where any __nptl_change_stack_perm failure does not
undo the previous executable transition (meaning that if the library
fails to load, there can be thread stacks with executable stacks), this
behavior was used on a CVE [1] as a vector for RCE.
This patch changes that if a shared library requires an executable
stack, and the current stack is not executable, dlopen fails. The
change is done only for dynamically loaded modules, if the program
or any dependency requires an executable stack, the loader will still
change the main thread before program execution and any thread created
with default stack configuration.
Florian Weimer [Mon, 30 Dec 2024 11:41:51 +0000 (12:41 +0100)]
x86-64: Reorder dynamic linker list in ldd script (bug 32508)
Move the x86-64 loader first, before the i386 and x32 loaders. In
most cases, it's the loader the script needs. This avoids an error
message if the i386 loader does not work.
The effect of this change to the generated ldd script looks like this:
Michael Jeanson [Fri, 27 Dec 2024 16:41:02 +0000 (17:41 +0100)]
nptl: Add <thread_pointer.h> for hppa
This will be required by the rseq extensible ABI implementation on all
Linux architectures exposing the '__rseq_size' and '__rseq_offset'
symbols to set the initial value of the 'cpu_id' field which can be used
by applications to test if rseq is available and registered. As long as
the symbols are exposed it is valid for an application to perform this
test even if rseq is not yet implemented in libc for this architecture.
Compile tested with build-many-glibcs.py but I don't have access to any
hardware to run the tests.
Signed-off-by: Michael Jeanson <mjeanson@efficios.com>
I don't think we need a compatibility symbol for this. As the
GStreamer example shows, this change is much more likely to fix bugs
than cause compatibility issues.
Suggested-by: Dmitry V. Levin <ldv@altlinux.org> Suggested-by: Archie Cobbs <archie.cobbs@gmail.com> Suggested-by: Solar Designer <solar@openwall.com> Reviewed-by: Sam James <sam@gentoo.org>
Florian Weimer [Tue, 17 Dec 2024 08:20:20 +0000 (09:20 +0100)]
nptl: More useful padding in struct pthread
The previous use of padding within a union made it impossible to
re-use the padding for GLIBC_PRIVATE ABI preservation because
tcbhead_t could use up all of the padding (as was historically the
case on x86-64). Allocating padding unconditionally addresses this
issue.
Florian Weimer [Mon, 23 Dec 2024 12:55:49 +0000 (13:55 +0100)]
elf: Remove the GET_ADDR_ARGS and related macros from the TLS code
This was used to manage an IA-64 ABI divergence is no longere needed
after the IA-64 removal.
(It should be possible to encode all the required information in
one machine word, so the pointer indirection is really unnecessary.
Technically, none of this is part of the ABI, so perhaps it's
possible to do this retroactively. See bug 27404.)
Miao Wang [Mon, 23 Dec 2024 09:30:43 +0000 (10:30 +0100)]
io: statx, fstatat: Drop nonnull attribute on the path argument
Since Linux 6.11 the kernel allows path to be NULL if flags &
AT_EMPTY_PATH. Let's allow users to take the advantage if they don't
care running on old kernels.
Signed-off-by: Miao Wang <shankerwangmiao@gmail.com> Signed-off-by: Xi Ruoyao <xry111@xry111.site> Reviewed-by: Florian Weimer <fweimer@redhat.com>
Add valid_decimal_value to check valid decimal value in a string to
avoid uninitialized endp in add_prefixlist and gaiconf_init as reported
by Clang 19:
./getaddrinfo.c:1884:11: error: variable 'endp' is used uninitialized whenever '||' condition is true [-Werror,-Wsometimes-uninitialized]
1884 | && (cp == NULL
| ^~~~~~~~~~
./getaddrinfo.c:1887:11: note: uninitialized use occurs here
1887 | && *endp == '\0'
| ^~~~
./getaddrinfo.c:1884:11: note: remove the '||' if its condition is always false
1884 | && (cp == NULL
| ^~~~~~~~~~
1885 | || (bits = strtoul (cp, &endp, 10)) != ULONG_MAX
| ~~
./getaddrinfo.c:1875:13: note: initialize the variable 'endp' to silence this warning
1875 | char *endp;
| ^
| = NULL
This fixes BZ #32465.
Signed-off-by: H.J. Lu <hjl.tools@gmail.com> Reviewed-by: Sam James <sam@gentoo.org>
H.J. Lu [Sun, 22 Dec 2024 21:12:03 +0000 (05:12 +0800)]
stdio-common: Suppress Clang warnings on scanf13.c
Suppress Clang warnings on stdio-common/scanf13.c:
1. Before this commit:
scanf13.c:43:17: error: invalid conversion specifier 'l' [-Werror,-Wformat-invalid-specifier]
43 | "A%mS%10mls%4ml[bcd]%4mCB", &lsp1, &lsp2, &lsp3, &lsp4) != 4)
| ~~~~^
scanf13.c:43:22: error: invalid conversion specifier 'l' [-Werror,-Wformat-invalid-specifier]
43 | "A%mS%10mls%4ml[bcd]%4mCB", &lsp1, &lsp2, &lsp3, &lsp4) != 4)
| ~~~~^
scanf13.c:43:50: error: data argument not used by format string [-Werror,-Wformat-extra-args]
43 | "A%mS%10mls%4ml[bcd]%4mCB", &lsp1, &lsp2, &lsp3, &lsp4) != 4)
| ~~~~~~~~~~~~~~~~~~~~~~~~~~ ^
scanf13.c:145:27: error: invalid conversion specifier 'l' [-Werror,-Wformat-invalid-specifier]
145 | if (sscanf (buf, "%2048mls%mlc", &lsp3, &lsp4) != 2)
| ~~~~~~^
scanf13.c:145:31: error: invalid conversion specifier 'l' [-Werror,-Wformat-invalid-specifier]
145 | if (sscanf (buf, "%2048mls%mlc", &lsp3, &lsp4) != 2)
| ~~~^
scanf13.c:145:43: error: data argument not used by format string [-Werror,-Wformat-extra-args]
145 | if (sscanf (buf, "%2048mls%mlc", &lsp3, &lsp4) != 2)
| ~~~~~~~~~~~~~~ ^
scanf13.c:161:31: error: invalid conversion specifier 'l' [-Werror,-Wformat-invalid-specifier]
161 | if (sscanf (buf, "%4mC%1500ml[dr/]%548ml[abc/d]%3mlc",
| ~~~~~~^
scanf13.c:161:42: error: invalid conversion specifier 'l' [-Werror,-Wformat-invalid-specifier]
161 | if (sscanf (buf, "%4mC%1500ml[dr/]%548ml[abc/d]%3mlc",
| ~~~~~~~~~~^
scanf13.c:161:53: error: invalid conversion specifier 'l' [-Werror,-Wformat-invalid-specifier]
161 | if (sscanf (buf, "%4mC%1500ml[dr/]%548ml[abc/d]%3mlc",
| ~~~~~~~~~~^
scanf13.c:162:15: error: data argument not used by format string [-Werror,-Wformat-extra-args]
161 | if (sscanf (buf, "%4mC%1500ml[dr/]%548ml[abc/d]%3mlc",
| ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
162 | &lsp1, &lsp2, &lsp3, &lsp4) != 4)
| ^
10 errors generated.
2. With DIAG_IGNORE_NEEDS_COMMENT_CLANG changes in stdio-common/scanf13.c:
scanf13.c:28:40: error: 'sscanf' may overflow; destination buffer in argument 4 has size 8, but the corresponding specifier may require size 11 [-Werror,-Wfortify-source]
28 | "A%ms%10ms%4m[bcd]%4mcB", &sp1, &sp2, &sp3, &sp4) != 4)
| ^
scanf13.c:94:34: error: 'sscanf' may overflow; destination buffer in argument 3 has size 8, but the corresponding specifier may require size 2049 [-Werror,-Wfortify-source]
94 | if (sscanf (buf, "%2048ms%mc", &sp3, &sp4) != 2)
| ^
scanf13.c:110:61: error: 'sscanf' may overflow; destination buffer in argument 4 has size 8, but the corresponding specifier may require size 1501 [-Werror,-Wfortify-source]
110 | if (sscanf (buf, "%4mc%1500m[dr/]%548m[abc/d]%3mc", &sp1, &sp2, &sp3, &sp4)
| ^
scanf13.c:110:67: error: 'sscanf' may overflow; destination buffer in argument 5 has size 8, but the corresponding specifier may require size 549 [-Werror,-Wfortify-source]
110 | if (sscanf (buf, "%4mc%1500m[dr/]%548m[abc/d]%3mc", &sp1, &sp2, &sp3, &sp4)
| ^
4 errors generated.
Co-Authored-By: Adhemerval Zanella <adhemerval.zanella@linaro.org> Signed-off-by: H.J. Lu <hjl.tools@gmail.com> Reviewed-by: Sam James <sam@gentoo.org>
H.J. Lu [Sun, 22 Dec 2024 19:58:54 +0000 (03:58 +0800)]
Fix build without stack protector [BZ #32494]
Without stack protector, inhibit_stack_protector is undefined during build:
In file included from <command-line>:
./../include/libc-symbols.h:665:3: error: expected ';' before '__typeof'
665 | __typeof (type_name) *name##_ifunc (__VA_ARGS__)
\
| ^~~~~~~~
./../include/libc-symbols.h:676:3: note: in expansion of macro
'__ifunc_resolver'
676 | __ifunc_resolver (type_name, name, expr, init, static, __VA_ARGS__)
| ^~~~~~~~~~~~~~~~
./../include/libc-symbols.h:703:3: note: in expansion of macro '__ifunc_args'
703 | __ifunc_args (type_name, name, expr, init, arg)
| ^~~~~~~~~~~~
./../include/libc-symbols.h:790:3: note: in expansion of macro '__ifunc'
790 | __ifunc (redirected_name, name, expr, void, INIT_ARCH)
| ^~~~~~~
../sysdeps/x86_64/multiarch/memchr.c:29:1: note: in expansion of macro
'libc_ifunc_redirected'
29 | libc_ifunc_redirected (__redirect_memchr, memchr, IFUNC_SELECTOR ());
| ^~~~~~~~~~~~~~~~~~~~~
1. Fix a typo in include/libc-symbols.h to define inhibit_stack_protector
for build.
2. Don't include <config.h> in include/libc-symbols.h since it has been
included in include/libc-misc.h.
3. Change #include "libc-misc.h" to #include <libc-misc.h> in
string/test-string.h.
This fixes BZ #32494.
Signed-off-by: H.J. Lu <hjl.tools@gmail.com> Reviewed-by: Sam James <sam@gentoo.org>
H.J. Lu [Thu, 19 Dec 2024 21:52:56 +0000 (05:52 +0800)]
Compile tst-deadline.c with -Wno-ignored-attributes for Clang
Since tst-deadline.c is an internal test, compile tst-deadline.c with
-Wno-ignored-attributes for Clang to silence -Werror,-Wunknown-attributes
errors. Also suppress -Wmaybe-uninitialized only for GCC in net-internal.h.
Signed-off-by: H.J. Lu <hjl.tools@gmail.com> Reviewed-by: Sam James <sam@gentoo.org>
math: Fix clang warnings for math/test-tgmath-ret.c
clang warns that since the global variables are only used to function
calls (without being actually used), they are not needed and will
not be emitted.
Signed-off-by: H.J. Lu <hjl.tools@gmail.com> Reviewed-by: Sam James <sam@gentoo.org>
Suppress Clang warning on adding an integer to a string
Suppress Clang warning on adding an integer to a string, like:
tst-iconv-sticky-input-error.c:125:42: error: adding 'int' to a string does not append to the string [-Werror,-Wstring-plus-int]
125 | expected_output = "ABXY" + skip;
| ~~~~~~~^~~~~~
tst-iconv-sticky-input-error.c:125:42: note: use array indexing to silence this warning
125 | expected_output = "ABXY" + skip;
| ^
| & [ ]
Co-Authored-By: H.J. Lu <hjl.tools@gmail.com> Reviewed-by: Sam James <sam@gentoo.org>
clang does not handle %Z on print, and just suppressing
-Wformat-invalid-specifier might trigger another warning for extra
arguments (since %Z is ignored). So suppress -Wformat-extra-args
as well.
For tst-fphex.c a heavy hammer is used since the printf is more
complex and clang throws a more generic warning. Reviewed-by: Sam James <sam@gentoo.org>
H.J. Lu [Thu, 19 Dec 2024 20:32:49 +0000 (04:32 +0800)]
elf: Enable tst-dlopen-nodelete-reloc if TEST_CXX supports STB_GNU_UNIQUE
tst-dlopen-nodelete-reloc requires STB_GNU_UNIQUE support so that NODELETE
is propagated by do_lookup_unique. Enable it only if TEST_CXX supports
STB_GNU_UNIQUE,
Signed-off-by: H.J. Lu <hjl.tools@gmail.com> Reviewed-by: Sam James <sam@gentoo.org>
Fangrui Song [Sun, 10 Oct 2021 21:38:00 +0000 (14:38 -0700)]
x86: Define __HAVE_FLOAT128 for Clang and use __builtin_*f128 code path
Clang supports __builtin_fabsf128 (despite not supporting _Float128) but
it does not support __builtin_fabsq. Fallback to back to
`typedef __float128 _Float128;` it clang is used.
Originally developed by Fangrui Song <maskray@google.com>. Co-Authored-By: H.J. Lu <hjl.tools@gmail.com> Reviewed-by: Sam James <sam@gentoo.org>
* DIAG_{PUSH,POP}_NEEDS_COMMENT_CLANG are similar to
DIAG_{PUSH,POP}_NEEDS_COMMENT, but enable clang specific pragmas to
handle warnings for options only supported by clang.
* DIAG_IGNORE_NEEDS_COMMENT_{CLANG,GCC} are similar to
DIAG_IGNORE_NEEDS_COMMENT, but enable the warning suppression only
for the referenced compiler.
H.J. Lu [Tue, 17 Dec 2024 23:24:38 +0000 (07:24 +0800)]
elf: Compile test modules with -fsemantic-interposition
Compiler may default to -fno-semantic-interposition. But some elf test
modules must be compiled with -fsemantic-interposition to function properly.
Add a TEST_CC check for -fsemantic-interposition and use it on elf test
modules. This fixed
dirent: Remove variable length array structure for tst-getdents64.c
Clang emits the following warnings:
../sysdeps/unix/sysv/linux/tst-getdents64.c:111:18: error: fields must
have a constant size: 'variable length array in structure' extension
will never be supported
char buffer[buffer_size];
^
Co-Authored-By: H.J. Lu <hjl.tools@gmail.com> Reviewed-by: Sam James <sam@gentoo.org>
H.J. Lu [Thu, 19 Dec 2024 21:31:05 +0000 (05:31 +0800)]
Add include/libc-misc.h
Add include/libc-misc.h to provide miscellaneous definitions for both
glibc build and test:
1. Move inhibit_stack_protector to libc-misc.h and add Clang support.
2. Add test_inhibit_stack_protector for glibc testing.
3. Move inhibit_loop_to_libcall to libc-misc.h.
4. Add test_cc_inhibit_loop_to_libcall to handle TEST_CC != CC and
replace inhibit_loop_to_libcall with test_cc_inhibit_loop_to_libcall
in glibc tests.
Signed-off-by: H.J. Lu <hjl.tools@gmail.com> Co-Authored-By: Adhemerval Zanella <adhemerval.zanella@linaro.org> Reviewed-by: Sam James <sam@gentoo.org>
H.J. Lu [Sun, 15 Dec 2024 21:11:26 +0000 (05:11 +0800)]
x86-64: Disable libmvec ABI test for Clang
Unlike GCC, libmvec support in Clang is hard-coded. Clang doesn't use
macros defined in <bits/libm-simd-decl-stubs.h> to support new libmvec
functions added to glibc and can't vectorize all test loops to test
libmvec ABI:
H.J. Lu [Sun, 15 Dec 2024 01:56:34 +0000 (09:56 +0800)]
Don't redefine INFINITY nor NAN
Since math/math.h isn't a system header, clang issues errors:
In file included from test-flt-eval-method.c:20:
In file included from ../include/math.h:7:
../math/math.h:91:11: error: 'INFINITY' macro redefined [-Werror,-Wmacro-redefined]
91 | # define INFINITY (__builtin_inff ())
| ^
/usr/bin/../lib/clang/19/include/float.h:173:11: note: previous definition is here
173 | # define INFINITY (__builtin_inff())
| ^
In file included from test-flt-eval-method.c:20:
In file included from ../include/math.h:7:
../math/math.h:98:11: error: 'NAN' macro redefined [-Werror,-Wmacro-redefined]
98 | # define NAN (__builtin_nanf (""))
| ^
/usr/bin/../lib/clang/19/include/float.h:174:11: note: previous definition is here
174 | # define NAN (__builtin_nanf(""))
Don't define INFINITY nor NAN if they are defined.
Signed-off-by: H.J. Lu <hjl.tools@gmail.com> Reviewed-by: Sam James <sam@gentoo.org>
H.J. Lu [Wed, 18 Dec 2024 10:56:14 +0000 (18:56 +0800)]
Check if -mamx-tile works for testing
Since -mamx-tile is used only for testing, use LIBC_TRY_TEST_CC_COMMAND,
instead of LIBC_TRY_CC_AND_TEST_CC_COMMAND to check it and don't check
__builtin_ia32_ldtilecfg for Clang.
Signed-off-by: H.J. Lu <hjl.tools@gmail.com> Reviewed-by: Sam James <sam@gentoo.org>
DJ Delorie [Thu, 14 Nov 2024 20:12:57 +0000 (15:12 -0500)]
assert: ensure posix compliance, add tests for such
Fix assert.c so that even the fallback
case conforms to POSIX, although not exactly the same as
the default case so a test can tell the difference.
Add a test that verifies that abort is called, and that the
message printed to stderr has all the info that POSIX requires.
Verify this even when malloc isn't usable.
Aurelien Jarno [Thu, 19 Dec 2024 22:55:15 +0000 (23:55 +0100)]
posix: fix system when a child cannot be created [BZ #32450]
POSIX states that "if a child process cannot be created, or if the
termination status for the command language interpreter cannot be
obtained, system() shall return -1 and set errno to indicate the error."
In the glibc implementation it could happen when posix_spawn fails,
which happens when the underlying fork, vfork, or clone call fails. They
could fail with EAGAIN and ENOMEM.
H.J. Lu [Wed, 18 Dec 2024 10:58:34 +0000 (18:58 +0800)]
Don't use glibc <tgmath.h> when testing with Clang
Clang has its own <tgmath.h> and doesn't use <tgmath.h> from glibc. Pass
"-I." to compiler only if $($(<F)-no-include-dot) are undefined. Define
it to yes for tgmath tests when testing with Clang.
Signed-off-by: H.J. Lu <hjl.tools@gmail.com> Reviewed-by: Sam James <sam@gentoo.org>
elf: Update DSO list, write audit log to elf/tst-audit23.out
After commit 1d5024f4f052c12e404d42d3b5bfe9c3e9fd27c4
("support: Build with exceptions and asynchronous unwind tables
[BZ #30587]"), libgcc_s is expected to show up in the DSO
list on 32-bit Arm. Do not update max_objs because vdso is not
tracked (and which is the reason why the test currently passes
even with libgcc_s present).
Also write the log output from the auditor to standard output,
for easier test debugging.
projects / thirdparty / glibc.git / log
