nptl: pthread_kill needs to return ESRCH for old programs (bug 19193)
The fix for bug 19193 breaks some old applications which appear
to use pthread_kill to probe if a thread is still running, something
that is not supported by POSIX.
posix: Fix attribute access mode on getcwd [BZ #27476]
There is a GNU extension that allows to call getcwd(NULL, >0). It is
described in the documentation, but also directly in the unistd.h
header, just above the declaration.
Therefore the attribute access mode added in commit 06febd8c6705
is not correct. Drop it.
Joseph Myers [Tue, 14 Sep 2021 14:19:24 +0000 (14:19 +0000)]
Add MADV_POPULATE_READ and MADV_POPULATE_WRITE from Linux 5.14 to bits/mman-linux.h
Linux 5.14 adds constants MADV_POPULATE_READ and MADV_POPULATE_WRITE
(with the same values on all architectures). Add these to glibc's
bits/mman-linux.h.
Joseph Myers [Tue, 14 Sep 2021 13:51:58 +0000 (13:51 +0000)]
Update kernel version to 5.14 in tst-mman-consts.py
This patch updates the kernel version in the test tst-mman-consts.py
to 5.14. (There are no new MAP_* constants covered by this test in
5.14 that need any other header changes.)
Joseph Myers [Wed, 8 Sep 2021 12:42:06 +0000 (12:42 +0000)]
Update syscall lists for Linux 5.14
Linux 5.14 has two new syscalls, memfd_secret (on some architectures
only) and quotactl_fd. Update syscall-names.list and regenerate the
arch-syscall.h headers with build-many-glibcs.py update-syscalls.
Fix failing nss/tst-nss-files-hosts-long with local resolver
When a local resolver like unbound is listening on the IPv4 loopback
address 127.0.0.1, the nss/tst-nss-files-hosts-long test fails. This is
due to:
- the default resolver in the absence of resolv.conf being 127.0.0.1
- the default DNS NSS database configuration in the absence of
nsswitch.conf being 'hosts: dns [!UNAVAIL=return] file'
This causes the requests for 'test4' and 'test6' to first be sent to the
local resolver, which responds with NXDOMAIN in the likely case those
records do no exist. In turn that causes the access to /etc/hosts to be
skipped, which is the purpose of that test.
Fix that by providing a simple nsswitch.conf file forcing access to
/etc/hosts for that test. I have tested that the only changed result in
the testsuite is that test.
iconvconfig: Fix behaviour with --prefix [BZ #28199]
The consolidation of configuration parsing broke behaviour with
--prefix, where the prefix bled into the modules cache. Accept a
prefix which, when non-NULL, is prepended to the path when looking for
configuration files but only the original directory is added to the
modules cache.
This has no effect on the codegen of gconv_conf since it passes NULL.
Reported-by: Patrick McCarty <patrick.mccarty@intel.com> Reported-by: Michael Hudson-Doyle <michael.hudson@canonical.com> Reviewed-by: Andreas Schwab <schwab@linux-m68k.org>
(cherry picked from commit 43cea6d5652b6b9e61ac6ecc69419c909b504f47)
nptl: Fix race between pthread_kill and thread exit (bug 12889)
A new thread exit lock and flag are introduced. They are used to
detect that the thread is about to exit or has exited in
__pthread_kill_internal, and the signal is not sent in this case.
The test sysdeps/pthread/tst-pthread_cancel-select-loop.c is derived
from a downstream test originally written by Marek Polacek.
nptl: pthread_kill, pthread_cancel should not fail after exit (bug 19193)
This closes one remaining race condition related to bug 12889: if
the thread already exited on the kernel side, returning ESRCH
is not correct because that error is reserved for the thread IDs
(pthread_t values) whose lifetime has ended. In case of a
kernel-side exit and a valid thread ID, no signal needs to be sent
and cancellation does not have an effect, so just return 0.
sysdeps/pthread/tst-kill4.c triggers undefined behavior and is
removed with this commit.
Jiaxun Yang [Tue, 7 Sep 2021 05:31:42 +0000 (13:31 +0800)]
MIPS: Setup errno for {f,l,}xstat
{f,l,}xstat stub for MIPS is using INTERNAL_SYSCALL
to do xstat syscall for glibc ver, However it leaves
errno untouched and thus giving bad errno output.
Setup errno properly when syscall returns non-zero.
Signed-off-by: Jiaxun Yang <jiaxun.yang@flygoat.com> Reviewed-by: Adhemerval Zanella <adhemerval.zanella@linaro.org>
(cherry picked from commit 66016ec8aeefd40e016d7040d966484c764b0e9c)
Nikita Popov [Thu, 12 Aug 2021 10:39:50 +0000 (16:09 +0530)]
librt: add test (bug 28213)
This test implements following logic:
1) Create POSIX message queue.
Register a notification with mq_notify (using NULL attributes).
Then immediately unregister the notification with mq_notify.
Helper thread in a vulnerable version of glibc
should cause NULL pointer dereference after these steps.
2) Once again, register the same notification.
Try to send a dummy message.
Test is considered successfulif the dummy message
is successfully received by the callback function.
Nikita Popov [Mon, 9 Aug 2021 14:47:34 +0000 (20:17 +0530)]
librt: fix NULL pointer dereference (bug 28213)
Helper thread frees copied attribute on NOTIFY_REMOVED message
received from the OS kernel. Unfortunately, it fails to check whether
copied attribute actually exists (data.attr != NULL). This worked
earlier because free() checks passed pointer before actually
attempting to release corresponding memory. But
__pthread_attr_destroy assumes pointer is not NULL.
So passing NULL pointer to __pthread_attr_destroy will result in
segmentation fault. This scenario is possible if
notification->sigev_notify_attributes == NULL (which means default
thread attributes should be used).
Florian Weimer [Fri, 6 Aug 2021 07:51:38 +0000 (09:51 +0200)]
Linux: Fix fcntl, ioctl, prctl redirects for _TIME_BITS=64 (bug 28182)
__REDIRECT and __THROW are not compatible with C++ due to the ordering of the
__asm__ alias and the throw specifier. __REDIRECT_NTH has to be used
instead.
x86-64: Avoid rep movsb with short distance [BZ #27130]
introduced some regressions on Intel processors without Fast Short REP
MOV (FSRM). Add Avoid_Short_Distance_REP_MOVSB to avoid rep movsb with
short distance only on Intel processors with FSRM. bench-memmove-large
on Skylake server shows that cycles of __memmove_evex_unaligned_erms
improves for the following data size:
tests: use xmalloc to allocate implementation array
The benchmark and tests must fail in case of allocation failure in the
implementation array. Also annotate the x* allocators in support.h so
that the compiler has more information about them.
Tell the compiler that xmalloc family of allocators always return
non-NULL. xrealloc in locale/programs also always returns non-NULL,
but that conflicts with default realloc behaviour and that of xrealloc
in libsupport, so keep it as is for now and resolve the differences
later.
mcheck and malloc-check no longer work with static binaries, so drop
those tests.
Reported-by: Samuel Thibault <samuel.thibault@gnu.org> Tested-by: Samuel Thibault <samuel.thibault@gnu.org> Reviewed-by: Samuel Thibault <samuel.thibault@ens-lyon.org>
manual: Document unsupported cases for interposition
These functions call the core allocator functions (realloc and malloc
respectively) and are hence guaranteed to allocate memory using the
correct functions when multiple allocators are interposed. Having
these functions interposed in one allocator and not another may result
in confusion, hence discourage interposing them altogether.
H.J. Lu [Sat, 5 Jun 2021 13:42:20 +0000 (06:42 -0700)]
x86: Install <bits/platform/x86.h> [BZ #27958]
1. Install <bits/platform/x86.h> for <sys/platform/x86.h> which includes
<bits/platform/x86.h>.
2. Rename HAS_CPU_FEATURE to CPU_FEATURE_PRESENT which checks if the
processor has the feature.
3. Rename CPU_FEATURE_USABLE to CPU_FEATURE_ACTIVE which checks if the
feature is active. There may be other preconditions, like sufficient
stack space or further setup for AMX, which must be satisfied before the
feature can be used.
Samuel Thibault [Thu, 22 Jul 2021 18:29:57 +0000 (18:29 +0000)]
hurd: Fix glob lstat compatibility
84f7ce84474c ("posix: Add glob64 with 64-bit time_t support") replaced
GLOB_NO_LSTAT with defining GLOB_LSTAT and GLOB_LSTAT64, but the posix
and gnu versions of the change were missing in the commit.
Make malloc hooks symbols compat-only so that new applications cannot
link against them and remove the declarations from the API. Also
remove the unused malloc-hooks.h.
Finally, mark all symbols in libc_malloc_debug.so as compat so that
the library cannot be linked against.
Add a note about the deprecation in NEWS.
Reviewed-by: Carlos O'Donell <carlos@redhat.com> Tested-by: Carlos O'Donell <carlos@redhat.com>
These deprecated functions are only safe to call from
__malloc_initialize_hook and as a result, are not useful in the
general case. Move the implementations to libc_malloc_debug so that
existing binaries that need it will now have to preload the debug DSO
to work correctly.
This also allows simplification of the core malloc implementation by
dropping all the undumping support code that was added to make
malloc_set_state work.
One known breakage is that of ancient emacs binaries that depend on
this. They will now crash when running with this libc. With
LD_BIND_NOW=1, it will terminate immediately because of not being able
to find malloc_set_state but with lazy binding it will crash in
unpredictable ways. It will need a preloaded libc_malloc_debug.so so
that its initialization hook is executed to allow its malloc
implementation to work properly.
Reviewed-by: Carlos O'Donell <carlos@redhat.com> Tested-by: Carlos O'Donell <carlos@redhat.com>
The malloc-check debugging feature is tightly integrated into glibc
malloc, so thanks to an idea from Florian Weimer, much of the malloc
implementation has been moved into libc_malloc_debug.so to support
malloc-check. Due to this, glibc malloc and malloc-check can no
longer work together; they use altogether different (but identical)
structures for heap management. This should not make a difference
though since the malloc check hook is not disabled anywhere.
malloc_set_state does, but it does so early enough that it shouldn't
cause any problems.
The malloc check tunable is now in the debug DSO and has no effect
when the DSO is not preloaded.
Reviewed-by: Carlos O'Donell <carlos@redhat.com> Tested-by: Carlos O'Donell <carlos@redhat.com>
Wean mtrace away from the malloc hooks and move them into the debug
DSO. Split the API away from the implementation so that we can add
the API to libc.so as well as libc_malloc_debug.so, with the libc
implementations being empty.
Update localplt data since memalign no longer has any callers after
this change.
Reviewed-by: Carlos O'Donell <carlos@redhat.com> Tested-by: Carlos O'Donell <carlos@redhat.com>
Now that mcheck no longer needs to check __malloc_initialized (and no
other third party hook can since the symbol is not exported), make the
variable boolean and static so that it is used strictly within malloc.
Reviewed-by: Carlos O'Donell <carlos@redhat.com> Tested-by: Carlos O'Donell <carlos@redhat.com>
Split the mcheck implementation into the debugging hooks and API so
that the API can be replicated in libc and libc_malloc_debug.so. The
libc APIs always result in failure.
The mcheck implementation has also been moved entirely into
libc_malloc_debug.so and with it, all of the hook initialization code
can now be moved into the debug library. Now the initialization can
be done independently of libc internals.
With this patch, libc_malloc_debug.so can no longer be used with older
libcs, which is not its goal anyway. tst-vfork3 breaks due to this
since it spawns shell scripts, which in turn execute using the system
glibc. Move the test to tests-container so that only the built glibc
is used.
This move also fixes bugs in the mcheck version of memalign and
realloc, thus allowing removal of the tests from tests-mcheck
exclusion list.
Reviewed-by: Carlos O'Donell <carlos@redhat.com> Tested-by: Carlos O'Donell <carlos@redhat.com>
Remove all malloc hook uses from core malloc functions and move it
into a new library libc_malloc_debug.so. With this, the hooks now no
longer have any effect on the core library.
libc_malloc_debug.so is a malloc interposer that needs to be preloaded
to get hooks functionality back so that the debugging features that
depend on the hooks, i.e. malloc-check, mcheck and mtrace work again.
Without the preloaded DSO these debugging features will be nops.
These features will be ported away from hooks in subsequent patches.
Similarly, legacy applications that need hooks functionality need to
preload libc_malloc_debug.so.
The symbols exported by libc_malloc_debug.so are maintained at exactly
the same version as libc.so.
Finally, static binaries will no longer be able to use malloc
debugging features since they cannot preload the debugging DSO.
Reviewed-by: Carlos O'Donell <carlos@redhat.com> Tested-by: Carlos O'Donell <carlos@redhat.com>
Make the __morecore and __default_morecore symbols compat-only and
remove their declarations from the API. Also, include morecore.c
directly into malloc.c; this should ideally get merged into malloc in
a future cleanup.
Reviewed-by: Carlos O'Donell <carlos@redhat.com> Tested-by: Carlos O'Donell <carlos@redhat.com>
Remove __after_morecore_hook from the API and finalize the symbol so
that it can no longer be used in new applications. Old applications
using __after_morecore_hook will find that their hook is no longer
called.
Reviewed-by: Carlos O'Donell <carlos@redhat.com> Tested-by: Carlos O'Donell <carlos@redhat.com>
Make mcheck tests conditional on GLIBC_2.23 or earlier
Targets with base versions of 2.24 or later won't have
__malloc_initialize_hook because of which the tests will essentially
be the same as the regular malloc tests. Avoid running them instead
and save time.
Reviewed-by: Carlos O'Donell <carlos@redhat.com> Tested-by: Carlos O'Donell <carlos@redhat.com>
ARC: fp: (micro)optimize FPU_STATUS read by eliding FWE bit clearing
Any FPU_STATUS write needs setting the FWE bit (31) whcih just provides
a "control signal" to enable explicit write (vs. the side-effect of FPU
instructions). However this bit is RAZ and write-only, thus effectively
never stored in FPU_STATUS register. Thus when reading the register
there is no need to clear it. This shaves off a BCLR instruction from
the fe*exceptino family of functions and while no big deal still makes
sense to do.
This came up when debugging a race in math/test-fenv-tls [1]
elf: Fix tst-cpu-features-cpuinfo on some AMD systems (BZ #28090)
The SSBD feature is implemented in 2 different ways on AMD processors:
newer systems (Zen3) provides AMD_SSBD (function 8000_0008, EBX[24]),
while older system provides AMD_VIRT_SSBD (function 8000_0008, EBX[25]).
However for AMD_VIRT_SSBD, kernel shows both 'ssdb' and 'virt_ssdb' on
/proc/cpuinfo; while for AMD_SSBD only 'ssdb' is provided.
This now check is AMD_SSBD is set to check for 'ssbd', otherwise check
if AMD_VIRT_SSDB is set to check for 'virt_ssbd'.
nss: Directly load nss_dns, without going through dlsym/dlopen
This partially fixes static-only NSS support (bug 27959): The dns
module no longer needs dlopen. Support for disabling dlopen altogher
remains to be added.
This commit introduces module_load_builtin into nss/nss_module.c, which
handles the common parts of loading the built-in nss_files and nss_dns
modules.
Reviewed-by: Carlos O'Donell <carlos@redhat.com> Tested-by: Carlos O'Donell <carlos@redhat.com>
This switches to public symbols without __ prefixes, due to improved
namespace management in glibc.
The script was used with --no-new-version to move the symbols
__res_nquery, __res_nquerydomain, __res_nsearch, __res_query,
__res_querydomain, __res_search, res_query, res_querydomain,
res_search. The public symbols res_nquery, res_nquerydomain,
res_nsearch, res_ownok, res_query, res_querydomain, res_search
were added with make update-all-abi.
Reviewed-by: Carlos O'Donell <carlos@redhat.com> Tested-by: Carlos O'Donell <carlos@redhat.com>
This switches to public symbols without __ prefixes, due to improved
namespace management in glibc.
The symbols res_mkquery, __res_mkquery, __res_nmkquery were
moved with the script (using --no-new-version).
res_mkquery@@GLIBC_2.34, res_nmkquery@@GLIBC_2.34 were added using
make update-all-abi.
Reviewed-by: Carlos O'Donell <carlos@redhat.com> Tested-by: Carlos O'Donell <carlos@redhat.com>
Switch to public symbols without __ prefix (due to improved
namespace management).
__res_send, __res_nsend were moved using the script (with
--no-new-version). res_send@@GLIBC_2.34 and res_nsend@@GLIBC_2.34
were added using make update-all-abi.
resolv: Move res_nameinquery to its own file and into libc
And reformat to GNU style.
This deprecated function is used in the implementation of the stub
resolver (for now). Keep the public symbol in libresolv for now
(so that no new symbol version is needed), and add a forwarder to
libresolv.
Reviewed-by: Carlos O'Donell <carlos@redhat.com> Tested-by: Carlos O'Donell <carlos@redhat.com>
resolv: Move ns_samename into its own file, and into libc
But only as an internal symbol, __libc_ns_samename. The libresolv
ABI is preserved. This is because the function is deprecated, and
it does not make sense to add new symbol versions for deprecated
functions.
Also reformat the implementation to GNU style.
Reviewed-by: Carlos O'Donell <carlos@redhat.com> Tested-by: Carlos O'Donell <carlos@redhat.com>
resolv: Move ns_makecanon into its own file, and into libc
But only as an internal symbol, __libc_ns_makecanon. The libresolv
ABI is preserved. This is because the function is deprecated, and
it does not make sense to add new symbol versions for deprecated
functions.
Also reformat the implementation to GNU style.
Reviewed-by: Carlos O'Donell <carlos@redhat.com> Tested-by: Carlos O'Donell <carlos@redhat.com>
resolv: Move __res_get_nsaddr to its own file and into libc
Eliminate the use of the EXT macro from it because it does not
add clarity. The function was added to res_send.c in 2015, and
the copyright year reflects that.
Reviewed-by: Carlos O'Donell <carlos@redhat.com> Tested-by: Carlos O'Donell <carlos@redhat.com>
resolv: Rename res_comp.c to res-name-checking.c and move into libc
This reflects what the remaining functions in the file do.
The __res_dnok, __res_hnok, __res_mailok, __res_ownok were moved
with the script, using --no-new-version, and turned into compat
symbols. __libc_res_dnok@@GLIBC_PRIVATE and
__libc_res_hnok@@GLIBC_PRIVATE are added for internal use, to avoid
accidentally binding to compatibility symbols. The new public
symbols res_dnok, res_hnok, res_mailok, res_ownok were added using
make update-all-abi.
Reviewed-by: Carlos O'Donell <carlos@redhat.com> Tested-by: Carlos O'Donell <carlos@redhat.com>
resolv: Move dn_skipname to its own file and into libc
And reformat it to GNU style.
dn_skipname is used outside glibc, so do not deprecate it,
and export it as dn_skipname (not __dn_skipname). Due to internal
users, provide a __libc_dn_skipname alias, and keep __dn_skipname
as a pure compatibility symbol.
__dn_skipname@GLIBC_2.0 was moved using the script, and
dn_skipname@@GLIBC_2.34 was added using make update-all-abi.
Reviewed-by: Carlos O'Donell <carlos@redhat.com> Tested-by: Carlos O'Donell <carlos@redhat.com>
resolv: Move dn_comp to its own file and into libc
And reformat it to GNU style.
dn_comp is used in various programs, so keep it as a non-deprecated
symbol. Switch to dn_comp (not __dn_comp) for the ABI name. There
are no internal users, so interposition is not a problem.
The __dn_comp symbol was moved with scripts/move-symbol-to-libc.py
--no-new-version. dn_comp@@GLIBC_2.34 was added with
make update-all-abi.
Reviewed-by: Carlos O'Donell <carlos@redhat.com> Tested-by: Carlos O'Donell <carlos@redhat.com>
resolv: Move dn_expand to its own file and into libc
And reformat to GNU style.
This switches back to the dn_expand name for the ABI symbol and turns
__dn_expand into a compatibility symbol. With the improved namespace
management in current glibc, it is no longer necessary to use a
private namespace symbol. To avoid old code binding to a
GLIBC_PRIVATE symbol by accident, use __libc_dn_expand for the
internal symbol name.
The symbols dn_expand, __dnexpand were moved using
scripts/move-symbol-to-libc.py, followed by an adjustment to make
dn_expand the only GLIBC_2.34 symbol.
Reviewed-by: Carlos O'Donell <carlos@redhat.com> Tested-by: Carlos O'Donell <carlos@redhat.com>
Debugging interfaces: p_*, fp_*, and sym_* could conceivably be
used to produce debug out, but these functions have not been
updated to parse more resource records, so they are not very useful
today. Likewise for ns_sprintrr and ns_sprintrrf. ns_format_ttl and
ns_parse_ttl are related to these.
Internal implementation details: res_isourserver is probably only
useful in the implementation of a stub resolver, and so is
res_nameinquery.
Unclear semantics and bad performance: ns_samedomain, ns_subdomain,
ns_makecanon, ns_samename do textual converions & copies instead of
checking equivalence of the wire format.
inet_neta cannot handle IPv6 addresses.
res_hostalias has been superseded by getaddrinfo with AI_CANONNAME.
hostalias is not thread-safe.
Some functions have int as size arguments instead of size_t, so they
do not follow current coding practices. However, dn_expand and
b64_ntop are somewhat widely used (to name just two examples), so
deprecating them seems problematic.
Reviewed-by: Carlos O'Donell <carlos@systemhalted.org>
tst-safe-linking: make false positives even more improbable
There is a 1 in 16 chance of a corruption escaping safe-linking and to
guard against spurious failures, tst-safe-linking runs each subtest 10
times to ensure that the chance is reduced to 1 in 2^40. However, in
the 1 in 16 chance that a corruption does escape safe linking, it
could well be caught by other sanity checks we do in malloc, which
then results in spurious test failures like below:
test test_fastbin_consolidate failed with a different error
expected: malloc_consolidate(): unaligned fastbin chunk detected
actual: malloc_consolidate(): invalid chunk size
This failure is seen more frequently on i686; I was able to reproduce
it in about 5 min of running it in a loop.
Guard against such failures by recording them and retrying the test.
Also, do not fail the test if we happened to get defeated by the 1 in
2^40 odds if in at least one of the instances it was detected by other
checks.
Finally, bolster the odds to 2^64 by running 16 times instead of 10.
The test still has a chance of failure so it is still flaky in theory.
However in practice if we see a failure here then it's more likely
that there's a bug than it being an issue with the test. Add more
printfs and also dump them to stdout so that in the event the test
actually fails, we will have some data to try and understand why it
may have failed.
projects / thirdparty / glibc.git / log
