Joseph Myers [Wed, 25 May 2022 14:37:28 +0000 (14:37 +0000)]
Update syscall-names.list for Linux 5.18
Linux 5.18 has no new syscalls. Update the version number in
syscall-names.list to reflect that it is still current for 5.18.
Tested with build-many-glibcs.py.
Arjun Shankar [Tue, 24 May 2022 15:57:36 +0000 (17:57 +0200)]
Fix deadlock when pthread_atfork handler calls pthread_atfork or dlclose
In multi-threaded programs, registering via pthread_atfork,
de-registering implicitly via dlclose, or running pthread_atfork
handlers during fork was protected by an internal lock. This meant
that a pthread_atfork handler attempting to register another handler or
dlclose a dynamically loaded library would lead to a deadlock.
This commit fixes the deadlock in the following way:
During the execution of handlers at fork time, the atfork lock is
released prior to the execution of each handler and taken again upon its
return. Any handler registrations or de-registrations that occurred
during the execution of the handler are accounted for before proceeding
with further handler execution.
If a handler that hasn't been executed yet gets de-registered by another
handler during fork, it will not be executed. If a handler gets
registered by another handler during fork, it will not be executed
during that particular fork.
The possibility that handlers may now be registered or deregistered
during handler execution means that identifying the next handler to be
run after a given handler may register/de-register others requires some
bookkeeping. The fork_handler struct has an additional field, 'id',
which is assigned sequentially during registration. Thus, handlers are
executed in ascending order of 'id' during 'prepare', and descending
order of 'id' during parent/child handler execution after the fork.
Two tests are included:
* tst-atfork3: Adhemerval Zanella <adhemerval.zanella@linaro.org>
This test exercises calling dlclose from prepare, parent, and child
handlers.
* tst-atfork4: This test exercises calling pthread_atfork and dlclose
from the prepare handler.
[BZ #24595, BZ #27054]
Co-authored-by: Adhemerval Zanella <adhemerval.zanella@linaro.org>
Reviewed-by: Adhemerval Zanella <adhemerval.zanella@linaro.org>
Joseph Myers [Tue, 24 May 2022 13:51:24 +0000 (13:51 +0000)]
Use Linux 5.18 in build-many-glibcs.py
This patch makes build-many-glibcs.py use Linux 5.18.
Tested with build-many-glibcs.py (host-libraries, compilers and glibcs
builds).
Florian Weimer [Tue, 24 May 2022 06:03:11 +0000 (08:03 +0200)]
stdio-common: Simplify printf_unknown interface in vfprintf-internal.c
The called function does not use the args array, so there is no need
to produce it.
Reviewed-by: Adhemerval Zanella <adhemerval.zanella@linaro.org>
Florian Weimer [Tue, 24 May 2022 06:03:11 +0000 (08:03 +0200)]
stdio-common: Move union printf_arg int <printf.h>
The type does not depend on wide vs narrow preprocessor macros,
so it does not need to be customized in stdio-common/printf-parse.h.
Reviewed-by: Adhemerval Zanella <adhemerval.zanella@linaro.org>
Florian Weimer [Tue, 24 May 2022 06:03:11 +0000 (08:03 +0200)]
stdio-common: Add printf specifier registry to <printf.h>
Add __printf_arginfo_table, __printf_function_table,
__printf_va_arg_table, __register_printf_specifier to
include/printf.h.
Fangrui Song [Tue, 24 May 2022 02:16:05 +0000 (19:16 -0700)]
elf/dl-reloc.c: Copyright The GNU Toolchain Authors
by following 3.5. Update copyright information
on https://sourceware.org/glibc/wiki/Contribution%20checklist .
The change is advised by Carlos O'Donell.
Note: commit
a8b11bd1f8dc68795b377138b5d94638ef75a50d missed Signed-off-by tag
from Nicholas Guriev <nicholas@guriev.su>.
Noah Goldstein [Mon, 23 May 2022 22:41:55 +0000 (17:41 -0500)]
benchtests: Improve bench-strnlen.c
1. Output results in json format so its easier to parse
2. Increase max alignment to `getpagesize () - 1` to make it possible
to test page cross cases.
Reviewed-by: H.J. Lu <hjl.tools@gmail.com>
Adhemerval Zanella [Fri, 1 Apr 2022 13:19:57 +0000 (10:19 -0300)]
math: Add math-use-builtins-fabs (BZ#29027)
Both float, double, and _Float128 are assumed to be supported
(float and double already only uses builtins). Only long double
is parametrized due GCC bug 29253 which prevents its usage on
powerpc.
It allows to remove i686, ia64, x86_64, powerpc, and sparc arch
specific implementation.
On ia64 it also fixes the sNAN handling:
math/test-float64x-fabs
math/test-ldouble-fabs
Checked on x86_64-linux-gnu, i686-linux-gnu, powerpc-linux-gnu,
powerpc64-linux-gnu, sparc64-linux-gnu, and ia64-linux-gnu.
Adhemerval Zanella [Tue, 10 May 2022 16:59:48 +0000 (13:59 -0300)]
linux: Add CLONE_NEWTIME from Linux 5.6 to bits/sched.h
It was added in commit
769071ac9f20b6a447410c7eaa55d1a5233ef40c.
Fangrui Song [Mon, 23 May 2022 20:42:10 +0000 (13:42 -0700)]
Revert "[ARM][BZ #17711] Fix extern protected data handling"
This reverts commit
3bcea719ddd6ce399d7bccb492c40af77d216e42.
Similar to commit
e555954e026df1b85b8ef6c101d05f97b1520d7e for aarch64.
Reviewed-by: Szabolcs Nagy <szabolcs.nagy@arm.com>
Fangrui Song [Mon, 23 May 2022 20:37:05 +0000 (13:37 -0700)]
Revert "[AArch64][BZ #17711] Fix extern protected data handling"
This reverts commit
0910702c4d2cf9e8302b35c9519548726e1ac489.
Say both a.so and b.so define protected data symbol `var` and the executable
copy relocates var. ELF_RTYPE_CLASS_EXTERN_PROTECTED_DATA has strange
semantics: a.so accesses the copy in the executable while b.so accesses its
own. This behavior requires that (a) the compiler emits GOT-generating
relocations (b) the linker produces GLOB_DAT instead of RELATIVE.
Without the ELF_RTYPE_CLASS_EXTERN_PROTECTED_DATA code, b.so's GLOB_DAT
will bind to the executable (normal behavior).
For aarch64 it makes sense to restore the original behavior and don't
pay the ELF_RTYPE_CLASS_EXTERN_PROTECTED_DATA cost. The behavior is very
unlikely used by anyone.
* Clang code generator treats STV_PROTECTED the same way as STV_HIDDEN:
no GOT-generating relocation in the first place.
* gold and lld reject copy relocation on a STV_PROTECTED symbol.
* Nowadays -fpie/-fpic modes are popular. GCC/Clang's codegen uses
GOT-generating relocation when accessing an default visibility
external symbol which avoids copy relocation.
Reviewed-by: Szabolcs Nagy <szabolcs.nagy@arm.com>
Nicholas Guriev [Mon, 23 May 2022 19:06:44 +0000 (12:06 -0700)]
elf: Rewrite long RESOLVE_MAP macro to an always_inline static function
An __always_inline static function is better to find where exactly a
crash happens, so one can step into the function with GDB.
Reviewed-by: Fangrui Song <maskray@google.com>
Fangrui Song [Mon, 23 May 2022 17:23:23 +0000 (10:23 -0700)]
dlfcn: Move RTLD_DEFAULT/RTLD_NEXT outside __USE_GNU
POSIX reserves the RTLD_ namespace, and this is already reflected in our
conform tests.
Note: RTLD_DEFAULT and RTLD_NEXT appear in IEEE Std 1003.1-2004. Many
systems (e.g. FreeBSD, musl) just define the macros unconditionally.
Reviewed-by: Florian Weimer <fweimer@redhat.com>
Tested-by: Florian Weimer <fweimer@redhat.com>
Noah Goldstein [Thu, 19 May 2022 22:18:03 +0000 (17:18 -0500)]
elf: Optimize _dl_new_hash in dl-new-hash.h
Unroll slightly and enforce good instruction scheduling. This improves
performance on out-of-order machines. The unrolling allows for
pipelined multiplies.
As well, as an optional sysdep, reorder the operations and prevent
reassosiation for better scheduling and higher ILP. This commit
only adds the barrier for x86, although it should be either no
change or a win for any architecture.
Unrolling further started to induce slowdowns for sizes [0, 4]
but can help the loop so if larger sizes are the target further
unrolling can be beneficial.
Results for _dl_new_hash
Benchmarked on Tigerlake: 11th Gen Intel(R) Core(TM) i7-1165G7 @ 2.80GHz
Time as Geometric Mean of N=30 runs
Geometric of all benchmark New / Old: 0.674
type, length, New Time, Old Time, New Time / Old Time
fixed, 0, 2.865, 2.72, 1.053
fixed, 1, 3.567, 2.489, 1.433
fixed, 2, 2.577, 3.649, 0.706
fixed, 3, 3.644, 5.983, 0.609
fixed, 4, 4.211, 6.833, 0.616
fixed, 5, 4.741, 9.372, 0.506
fixed, 6, 5.415, 9.561, 0.566
fixed, 7, 6.649, 10.789, 0.616
fixed, 8, 8.081, 11.808, 0.684
fixed, 9, 8.427, 12.935, 0.651
fixed, 10, 8.673, 14.134, 0.614
fixed, 11, 10.69, 15.408, 0.694
fixed, 12, 10.789, 16.982, 0.635
fixed, 13, 12.169, 18.411, 0.661
fixed, 14, 12.659, 19.914, 0.636
fixed, 15, 13.526, 21.541, 0.628
fixed, 16, 14.211, 23.088, 0.616
fixed, 32, 29.412, 52.722, 0.558
fixed, 64, 65.41, 142.351, 0.459
fixed, 128, 138.505, 295.625, 0.469
fixed, 256, 291.707, 601.983, 0.485
random, 2, 12.698, 12.849, 0.988
random, 4, 16.065, 15.857, 1.013
random, 8, 19.564, 21.105, 0.927
random, 16, 23.919, 26.823, 0.892
random, 32, 31.987, 39.591, 0.808
random, 64, 49.282, 71.487, 0.689
random, 128, 82.23, 145.364, 0.566
random, 256, 152.209, 298.434, 0.51
Co-authored-by: Alexander Monakov <amonakov@ispras.ru>
Reviewed-by: Siddhesh Poyarekar <siddhesh@sourceware.org>
Noah Goldstein [Thu, 19 May 2022 22:18:02 +0000 (17:18 -0500)]
nss: Optimize nss_hash in nss_hash.c
The prior unrolling didn't really do much as it left the dependency
chain between iterations. Unrolled the loop for 4 so 4x multiplies
could be pipelined in out-of-order machines.
Results for __nss_hash
Benchmarked on Tigerlake: 11th Gen Intel(R) Core(TM) i7-1165G7 @ 2.80GHz
Time as Geometric Mean of N=25 runs
Geometric of all benchmark New / Old: 0.845
type, length, New Time, Old Time, New Time / Old Time
fixed, 0, 4.019, 3.729, 1.078
fixed, 1, 4.95, 5.707, 0.867
fixed, 2, 5.152, 5.657, 0.911
fixed, 3, 4.641, 5.721, 0.811
fixed, 4, 5.551, 5.81, 0.955
fixed, 5, 6.525, 6.552, 0.996
fixed, 6, 6.711, 6.561, 1.023
fixed, 7, 6.715, 6.767, 0.992
fixed, 8, 7.874, 7.915, 0.995
fixed, 9, 8.888, 9.767, 0.91
fixed, 10, 8.959, 9.762, 0.918
fixed, 11, 9.188, 9.987, 0.92
fixed, 12, 9.708, 10.618, 0.914
fixed, 13, 10.393, 11.14, 0.933
fixed, 14, 10.628, 12.097, 0.879
fixed, 15, 10.982, 12.965, 0.847
fixed, 16, 11.851, 14.429, 0.821
fixed, 32, 24.334, 34.414, 0.707
fixed, 64, 55.618, 86.688, 0.642
fixed, 128, 118.261, 224.36, 0.527
fixed, 256, 256.183, 538.629, 0.476
random, 2, 11.194, 11.556, 0.969
random, 4, 17.516, 17.205, 1.018
random, 8, 23.501, 20.985, 1.12
random, 16, 28.131, 29.212, 0.963
random, 32, 35.436, 38.662, 0.917
random, 64, 45.74, 58.868, 0.777
random, 128, 75.394, 121.963, 0.618
random, 256, 139.524, 260.726, 0.535
Reviewed-by: Siddhesh Poyarekar <siddhesh@sourceware.org>
Noah Goldstein [Thu, 19 May 2022 22:18:01 +0000 (17:18 -0500)]
benchtests: Add benchtests for dl_elf_hash, dl_new_hash and nss_hash
Benchtests are for throughput and include random / fixed size
benchmarks.
Reviewed-by: Siddhesh Poyarekar <siddhesh@sourceware.org>
Noah Goldstein [Thu, 19 May 2022 22:18:00 +0000 (17:18 -0500)]
nss: Add tests for the nss_hash in nss_hash.h
If we want to further optimize the function tests are needed.
Reviewed-by: Siddhesh Poyarekar <siddhesh@sourceware.org>
Noah Goldstein [Thu, 19 May 2022 22:17:59 +0000 (17:17 -0500)]
elf: Add tests for the dl hash funcs (_dl_new_hash and _dl_elf_hash)
If we want to further optimize the functions tests are needed.
Reviewed-by: Siddhesh Poyarekar <siddhesh@sourceware.org>
Noah Goldstein [Thu, 19 May 2022 22:17:58 +0000 (17:17 -0500)]
elf: Refactor dl_new_hash so it can be tested / benchmarked
No change to the code other than moving the function to
dl-new-hash.h. Changed name so its now in the reserved namespace.
Reviewed-by: Siddhesh Poyarekar <siddhesh@sourceware.org>
Florian Weimer [Mon, 23 May 2022 08:08:18 +0000 (10:08 +0200)]
locale: Add more cached data to LC_CTYPE
This data will be used in number formatting.
Reviewed-by: Adhemerval Zanella <adhemerval.zanella@linaro.org>
Florian Weimer [Mon, 23 May 2022 08:08:18 +0000 (10:08 +0200)]
locale: Remove private union from struct __locale_data
This avoids an alias violation later. This commit also fixes
an incorrect double-checked locking idiom in _nl_init_era_entries.
Reviewed-by: Adhemerval Zanella <adhemerval.zanella@linaro.org>
Florian Weimer [Mon, 23 May 2022 08:08:18 +0000 (10:08 +0200)]
locale: Remove cleanup function pointer from struct __localedata
We can call the cleanup functions directly from _nl_unload_locale
if we pass the category to it.
Reviewed-by: Adhemerval Zanella <adhemerval.zanella@linaro.org>
Florian Weimer [Mon, 23 May 2022 08:08:18 +0000 (10:08 +0200)]
locale: Call _nl_unload_locale from _nl_archive_subfreeres
The function performs the same steps for ld_archive locales
(mapped from an archive), and this code is not performance-critical,
so the specialization does not add value.
Reviewed-by: Adhemerval Zanella <adhemerval.zanella@linaro.org>
Florian Weimer [Mon, 23 May 2022 08:08:18 +0000 (10:08 +0200)]
stdio-common: Add tst-memstream-string for open_memstream overflow
This code path is exercised indirectly by some of the DNS stub
resolver tests, via their own use of xopen_memstream for constructing
strings describing result data. The relative lack of test suite
coverage became apparent when these tests starting failing after a
printf changes uncovered bug 28949.
Reviewed-by: Adhemerval Zanella <adhemerval.zanella@linaro.org>
Florian Weimer [Mon, 23 May 2022 08:08:18 +0000 (10:08 +0200)]
__printf_fphex always uses LC_NUMERIC
There is no hexadecimal currency printing. strfmon uses
__printf_fp_l exclusively.
Reviewed-by: Adhemerval Zanella <adhemerval.zanella@linaro.org>
Florian Weimer [Mon, 23 May 2022 08:08:18 +0000 (10:08 +0200)]
vfprintf: Consolidate some multibyte/wide character processing
form_character and form_string processing a sufficiently similar
that the logic can be shared.
Reviewed-by: Adhemerval Zanella <adhemerval.zanella@linaro.org>
Florian Weimer [Mon, 23 May 2022 08:08:18 +0000 (10:08 +0200)]
vfprintf: Move argument processing into vfprintf-process-arg.c
This simplies formatting and helps with debugging. It also allows
the use of localized COMPILE_WPRINTF preprocessor conditionals.
Reviewed-by: Adhemerval Zanella <adhemerval.zanella@linaro.org>
Florian Weimer [Mon, 23 May 2022 08:08:18 +0000 (10:08 +0200)]
stdio-common: Add tst-vfprintf-width-i18n to cover numeric field width
Related to bug 28943 and bug 28944.
Reviewed-by: Adhemerval Zanella <adhemerval.zanella@linaro.org>
Sergei Trofimovich [Mon, 23 May 2022 08:26:43 +0000 (13:56 +0530)]
string.h: fix __fortified_attr_access macro call [BZ #29162]
commit
e938c0274 "Don't add access size hints to fortifiable functions"
converted a few '__attr_access ((...))' into '__fortified_attr_access (...)'
calls.
But one of conversions had double parentheses of '__fortified_attr_access (...)'.
Noticed as a gnat6 build failure:
/<<NIX>>-glibc-2.34-210-dev/include/bits/string_fortified.h:110:50: error: macro "__fortified_attr_access" requires 3 arguments, but only 1 given
The change fixes parentheses.
This is seen when using compilers that do not support
__builtin___stpncpy_chk, e.g. gcc older than 4.7, clang older than 2.6
or some compiler not derived from gcc or clang.
Signed-off-by: Sergei Trofimovich <slyich@gmail.com>
Reviewed-by: Siddhesh Poyarekar <siddhesh@sourceware.org>
H.J. Lu [Mon, 16 May 2022 13:17:14 +0000 (06:17 -0700)]
Enable DT_RELR in glibc shared libraries and PIEs automatically
Enable DT_RELR in glibc shared libraries and position independent
executables (PIE) automatically if linker supports -z pack-relative-relocs.
Reviewed-by: Florian Weimer <fweimer@redhat.com>
Stefan Liebler [Tue, 17 May 2022 14:12:18 +0000 (16:12 +0200)]
S390: Enable static PIE
This commit enables static PIE on 64bit. On 31bit, static PIE is
not supported.
A new configure check in sysdeps/s390/s390-64/configure.ac also performs
a minimal test for requirements in ld:
Ensure you also have those patches for:
- binutils (ld)
- "[PR ld/22263] s390: Avoid dynamic TLS relocs in PIE"
https://sourceware.org/git/?p=binutils-gdb.git;a=commit;h=
26b1426577b5dcb32d149c64cca3e603b81948a9
(Tested by configure check above)
Otherwise there will be a R_390_TLS_TPOFF relocation, which fails to
be processed in _dl_relocate_static_pie() as static TLS map is not setup.
- "s390: Add DT_JMPREL pointing to .rela.[i]plt with static-pie"
https://sourceware.org/git/?p=binutils-gdb.git;a=commit;h=
d942d8db12adf4c9e5c7d9ed6496a779ece7149e
(We can't test it in configure as we are not able to link a static PIE
executable if the system glibc lacks static PIE support)
Otherwise there won't be DT_JMPREL, DT_PLTRELA, DT_PLTRELASZ entries
and the IFUNC symbols are not processed, which leads to crashes.
- kernel (the mentioned links to the commits belong to 5.19 merge window):
- "s390/mmap: increase stack/mmap gap to 128MB"
https://git.kernel.org/pub/scm/linux/kernel/git/s390/linux.git/commit/?h=features&id=
f2f47d0ef72c30622e62471903ea19446ea79ee2
- "s390/vdso: move vdso mapping to its own function"
https://git.kernel.org/pub/scm/linux/kernel/git/s390/linux.git/commit/?h=features&id=
57761da4dc5cd60bed2c81ba0edb7495c3c740b8
- "s390/vdso: map vdso above stack"
https://git.kernel.org/pub/scm/linux/kernel/git/s390/linux.git/commit/?h=features&id=
9e37a2e8546f9e48ea76c839116fa5174d14e033
- "s390/vdso: add vdso randomization"
https://git.kernel.org/pub/scm/linux/kernel/git/s390/linux.git/commit/?h=features&id=
41cd81abafdc4e58a93fcb677712a76885e3ca25
(We can't test the kernel of the target system)
Otherwise if /proc/sys/kernel/randomize_va_space is turned off (0),
static PIE executables like ldconfig will crash. While startup sbrk is
used to enlarge the HEAP. Unfortunately the underlying brk syscall fails
as there is not enough space after the HEAP. Then the address of the TLS
image is invalid and the following memcpy in __libc_setup_tls() leads
to a segfault.
If /proc/sys/kernel/randomize_va_space is activated (default: 2), there
is enough space after HEAP.
- glibc
- "Linux: Define MMAP_CALL_INTERNAL"
https://sourceware.org/git/?p=glibc.git;a=commit;h=
c1b68685d438373efe64e5f076f4215723004dfb
- "i386: Remove OPTIMIZE_FOR_GCC_5 from Linux libc-do-syscall.S"
https://sourceware.org/git/?p=glibc.git;a=commit;h=
6e5c7a1e262961adb52443ab91bd2c9b72316402
- "i386: Honor I386_USE_SYSENTER for 6-argument Linux system calls"
https://sourceware.org/git/?p=glibc.git;a=commit;h=
60f0f2130d30cfd008ca39743027f1e200592dff
- "ia64: Always define IA64_USE_NEW_STUB as a flag macro"
https://sourceware.org/git/?p=glibc.git;a=commit;h=
18bd9c3d3b1b6a9182698c85354578d1d58e9d64
- "Linux: Implement a useful version of _startup_fatal"
https://sourceware.org/git/?p=glibc.git;a=commit;h=
a2a6bce7d7e52c1c34369a7da62c501cc350bc31
- "Linux: Introduce __brk_call for invoking the brk system call"
https://sourceware.org/git/?p=glibc.git;a=commit;h=
b57ab258c1140bc45464b4b9908713e3e0ee35aa
- "csu: Implement and use _dl_early_allocate during static startup"
https://sourceware.org/git/?p=glibc.git;a=commit;h=
f787e138aa0bf677bf74fa2a08595c446292f3d7
The mentioned patch series by Florian Weimer avoids the mentioned failing
sbrk syscall by falling back to mmap.
This commit also adjusts startup code in start.S to be ready for static PIE.
We have to add a wrapper function for main as we are not allowed to use
GOT relocations before __libc_start_main is called.
(Compare also to:
- commit
14d886edbd3d80b771e1c42fbd9217f9074de9c6
"aarch64: fix start code for static pie"
- commit
3d1d79283e6de4f7c434cb67fb53a4fd28359669
"aarch64: fix static pie enabled libc when main is in a shared library"
)
Adhemerval Zanella [Fri, 28 Jan 2022 20:46:21 +0000 (17:46 -0300)]
linux: Add tst-pidfd.c
To check for the pidfd functions pidfd_open, pidfd_getfd, pid_send_signal,
and waitid with P_PIDFD.
Checked on x86_64-linux-gnu and i686-linux-gnu.
Reviewed-by: Carlos O'Donell <carlos@redhat.com>
Tested-by: Carlos O'Donell <carlos@redhat.com>
Adhemerval Zanella [Fri, 28 Jan 2022 20:38:38 +0000 (17:38 -0300)]
linux: Add P_PIDFD
It was added on Linux 5.4 (
3695eae5fee0605f316fbaad0b9e3de791d7dfaf)
to extend waitid to wait on pidfd.
Reviewed-by: Carlos O'Donell <carlos@redhat.com>
Tested-by: Carlos O'Donell <carlos@redhat.com>
Adhemerval Zanella [Fri, 28 Jan 2022 20:13:41 +0000 (17:13 -0300)]
linux: Add pidfd_send_signal
This was added on Linux 5.1(
3eb39f47934f9d5a3027fe00d906a45fe3a15fad)
as a way to avoid the race condition of using kill (where PID might be
reused by the kernel between between obtaining the pid and sending the
signal).
If the siginfo_t argument is NULL then pidfd_send_signal is equivalent
to kill. If it is not NULL pidfd_send_signal is equivalent to
rt_sigqueueinfo.
Reviewed-by: Carlos O'Donell <carlos@redhat.com>
Tested-by: Carlos O'Donell <carlos@redhat.com>
Adhemerval Zanella [Fri, 28 Jan 2022 19:59:42 +0000 (16:59 -0300)]
linux: Add pidfd_getfd
This was added on Linux 5.6 (
8649c322f75c96e7ced2fec201e123b2b073bf09)
as a way to retrieve a file descriptors for another process though
pidfd (created either with CLONE_PIDFD or pidfd_getfd). The
functionality is similar to recvmmsg SCM_RIGHTS.
Reviewed-by: Carlos O'Donell <carlos@redhat.com>
Tested-by: Carlos O'Donell <carlos@redhat.com>
Adhemerval Zanella [Fri, 28 Jan 2022 18:27:40 +0000 (15:27 -0300)]
linux: Add pidfd_open
This was added on Linux 5.3 (
32fcb426ec001cb6d5a4a195091a8486ea77e2df)
as a way to retrieve a pid file descriptors for process that has not
been created CLONE_PIDFD (by usual fork/clone).
Reviewed-by: Carlos O'Donell <carlos@redhat.com>
Tested-by: Carlos O'Donell <carlos@redhat.com>
Szabolcs Nagy [Thu, 30 Dec 2021 17:08:36 +0000 (17:08 +0000)]
aarch64: Move ld.so _start to separate file and drop _dl_skip_args
A separate asm file is easier to maintain than a macro that expands to
inline asm.
The RTLD_START macro is only needed now because _dl_start is local in
rtld.c, but _start has to call it, if _dl_start was made hidden then it
could be empty.
_dl_skip_args is no longer needed.
Reviewed-by: Adhemerval Zanella <adhemerval.zanella@linaro.org>
Szabolcs Nagy [Tue, 3 May 2022 12:18:04 +0000 (13:18 +0100)]
linux: Add a getauxval test [BZ #23293]
This is for bug 23293 and it relies on the glibc test system running
tests via explicit ld.so invokation by default.
Reviewed-by: Florian Weimer <fweimer@redhat.com>
Reviewed-by: Adhemerval Zanella <adhemerval.zanella@linaro.org>
Szabolcs Nagy [Tue, 3 May 2022 16:01:44 +0000 (17:01 +0100)]
rtld: Remove DL_ARGV_NOT_RELRO and make _dl_skip_args const
_dl_skip_args is always 0, so the target specific code that modifies
argv after relro protection is applied is no longer used.
After the patch relro protection is applied to _dl_argv consistently
on all targets.
Reviewed-by: Florian Weimer <fweimer@redhat.com>
Reviewed-by: Adhemerval Zanella <adhemerval.zanella@linaro.org>
Szabolcs Nagy [Fri, 15 Jun 2018 15:14:58 +0000 (16:14 +0100)]
rtld: Use generic argv adjustment in ld.so [BZ #23293]
When an executable is invoked as
./ld.so [ld.so-args] ./exe [exe-args]
then the argv is adujusted in ld.so before calling the entry point of
the executable so ld.so args are not visible to it. On most targets
this requires moving argv, env and auxv on the stack to ensure correct
stack alignment at the entry point. This had several issues:
- The code for this adjustment on the stack is written in asm as part
of the target specific ld.so _start code which is hard to maintain.
- The adjustment is done after _dl_start returns, where it's too late
to update GLRO(dl_auxv), as it is already readonly, so it points to
memory that was clobbered by the adjustment. This is bug 23293.
- _environ is also wrong in ld.so after the adjustment, but it is
likely not used after _dl_start returns so this is not user visible.
- _dl_argv was updated, but for this it was moved out of relro, which
changes security properties across targets unnecessarily.
This patch introduces a generic _dl_start_args_adjust function that
handles the argument adjustments after ld.so processed its own args
and before relro protection is applied.
The same algorithm is used on all targets, _dl_skip_args is now 0, so
existing target specific adjustment code is no longer used. The bug
affects aarch64, alpha, arc, arm, csky, ia64, nios2, s390-32 and sparc,
other targets don't need the change in principle, only for consistency.
The GNU Hurd start code relied on _dl_skip_args after dl_main returned,
now it checks directly if args were adjusted and fixes the Hurd startup
data accordingly.
Follow up patches can remove _dl_skip_args and DL_ARGV_NOT_RELRO.
Tested on aarch64-linux-gnu and cross tested on i686-gnu.
Reviewed-by: Adhemerval Zanella <adhemerval.zanella@linaro.org>
Florian Weimer [Mon, 16 May 2022 19:59:24 +0000 (21:59 +0200)]
scripts/glibcelf.py: Add *T_RISCV_* constants
SHT_RISCV_ATTRIBUTES, PT_RISCV_ATTRIBUTES, DT_RISCV_VARIANT_CC were
added in commit
0b6c6750732483b4d59c2fcb45484079cd84157d
("Update RISC-V specific ELF definitions"). This caused the
elf/tst-glibcelf consistency check to fail.
Reviewed-by: Adhemerval Zanella <adhemerval.zanella@linaro.org>
Adhemerval Zanella [Mon, 21 Feb 2022 16:52:20 +0000 (13:52 -0300)]
Remove dl-librecon.h header.
The Linux version used by i686 and m68k provide three overrrides for
generic code:
1. DISTINGUISH_LIB_VERSIONS to print additional information when
libc5 is used by a dependency.
2. EXTRA_LD_ENVVARS to that enabled LD_LIBRARY_VERSION environment
variable.
3. EXTRA_UNSECURE_ENVVARS to add two environment variables related
to aout support.
None are really requires, it has some decades since libc5 or aout
suppported was removed and Linux even remove support for aout files.
The LD_LIBRARY_VERSION is also dead code, dl_correct_cache_id is not
used anywhere.
Checked on x86_64-linux-gnu and i686-linux-gnu.
Reviewed-by: Florian Weimer <fweimer@redhat.com>
Adhemerval Zanella [Fri, 4 Mar 2022 13:27:15 +0000 (10:27 -0300)]
elf: Remove ldconfig kernel version check
Now that it was removed on libc.so.
Adhemerval Zanella [Mon, 21 Feb 2022 11:32:32 +0000 (08:32 -0300)]
Remove kernel version check
The kernel version check is used to avoid glibc to run on older
kernels where some syscall are not available and fallback code are
not enabled to handle graciously fail. However, it does not prevent
if the kernel does not correctly advertise its version through
vDSO note, uname or procfs.
Also kernel version checks are sometime not desirable by users,
where they want to deploy on different system with different kernel
version knowing the minimum set of syscall is always presented on
such systems.
The kernel version check has been removed along with the
LD_ASSUME_KERNEL environment variable. The minimum kernel used to
built glibc is still provided through NT_GNU_ABI_TAG ELF note and
also printed when libc.so is issued.
Checked on x86_64-linux-gnu.
Adhemerval Zanella [Wed, 23 Mar 2022 20:29:03 +0000 (17:29 -0300)]
linux: Use /sys/devices/system/cpu on __get_nprocs_conf (BZ#28991)
Currently on Linux __get_nprocs_conf first tries to enumerate the
cpus present in the system by iterating on /sys/devices/system/cpuX
directories. This only enumerates the CPUs that are present in
system (but possibly offline), not taking in account possible CPU
that might added in the system through hotplugging.
Linux provides the maximum number of configured cpus on the
/sys/devices/system/cpu file. Although it might present a larger
value of possible active CPUs on some system (where kernel either
get the information from firmaware or is configured at boot time),
the information is what kernel presents to userland.
This also change the returned value of _SC_NPROCESSORS_CONF, which
aligns as the maximum configure cpu in the system.
Checked on x86_64-linux-gnu.
Reviewed-by: Florian Weimer <fweimer@redhat.com>
Florian Weimer [Mon, 16 May 2022 16:41:43 +0000 (18:41 +0200)]
csu: Implement and use _dl_early_allocate during static startup
This implements mmap fallback for a brk failure during TLS
allocation.
scripts/tls-elf-edit.py is updated to support the new patching method.
The script no longer requires that in the input object is of ET_DYN
type.
Reviewed-by: Adhemerval Zanella <adhemerval.zanella@linaro.org>
Florian Weimer [Mon, 16 May 2022 16:41:43 +0000 (18:41 +0200)]
Linux: Introduce __brk_call for invoking the brk system call
Alpha and sparc can now use the generic implementation.
Reviewed-by: Adhemerval Zanella <adhemerval.zanella@linaro.org>
Jonathan Wakely [Fri, 13 May 2022 13:16:34 +0000 (14:16 +0100)]
sys/cdefs.h: Do not require C++ compilers to define __STDC__
The check for an ISO C compiler assumes that anything GCC-like will
define __STDC__, even if it's actually a C++ compiler. That's currently
true for G++ and compilers like clang++ that also define __GNUC__, but
it might not always be true.
The C++ standard leaves it implementation-defined whether or not
__STDC__ is defined by C++ compilers. And really the check should be
"ISO C or ISO C++ conforming compiler" anyway. So only give an error if
__GNUC__ is defined and neither __STDC__ nor __cplusplus is defined.
Reviewed-by: Fangrui Song <maskray@google.com>
Siddhesh Poyarekar [Fri, 13 May 2022 04:31:47 +0000 (10:01 +0530)]
fortify: Ensure that __glibc_fortify condition is a constant [BZ #29141]
The fix
c8ee1c85 introduced a -1 check for object size without also
checking that object size is a constant. Because of this, the tree
optimizer passes in gcc fail to fold away one of the branches in
__glibc_fortify and trips on a spurious Wstringop-overflow. The warning
itself is incorrect and the branch does go away eventually in DCE in the
rtl passes in gcc, but the constant check is a helpful hint to simplify
code early, so add it in.
Resolves: BZ #29141
Signed-off-by: Siddhesh Poyarekar <siddhesh@sourceware.org>
Andreas Schwab [Mon, 16 May 2022 13:51:21 +0000 (15:51 +0200)]
Update RISC-V specific ELF definitions
The definitions are taken from the 1.0-rc2 version of the ELF psABI.
Adhemerval Zanella [Fri, 13 May 2022 12:33:30 +0000 (09:33 -0300)]
x86_64: Remove bzero optimization
Both symbols are marked as legacy in POSIX.1-2001 and removed on
POSIX.1-2008, although the prototypes are defined for _GNU_SOURCE
or _DEFAULT_SOURCE.
GCC also replaces bcopy with a memmove and bzero with memset on default
configuration (to actually get a bzero libc call the code requires
to omit string.h inclusion and built with -fno-builtin), so it is
highly unlikely programs are actually calling libc bzero symbol.
On a recent Linux distro (Ubuntu 22.04), there is no bzero calls
by the installed binaries.
$ cat count_bstring.sh
#!/bin/bash
files=`IFS=':';for i in $PATH; do test -d "$i" && find "$i" -maxdepth 1 -executable -type f; done`
total=0
for file in $files; do
symbols=`objdump -R $file 2>&1`
if [ $? -eq 0 ]; then
ncalls=`echo $symbols | grep -w $1 | wc -l`
((total=total+ncalls))
if [ $ncalls -gt 0 ]; then
echo "$file: $ncalls"
fi
fi
done
echo "TOTAL=$total"
$ ./count_bstring.sh bzero
TOTAL=0
Checked on x86_64-linux-gnu.
Maciej W. Rozycki [Fri, 13 May 2022 16:07:23 +0000 (17:07 +0100)]
RISC-V: Use an autoconf template to produce `preconfigure'
Avoid fiddling with autoconf internals and use AC_DEFINE_UNQUOTED to
define macros in the configuration headers rather than handcoding an
equivalent shell sequence with the use of the `as_echo' undocumented
variable.
Switch to using AC_MSG_ERROR rather than `echo' and `exit' directly for
error handling. Owing to the lack of any kind of error annotation it
makes it difficult to spot the message in the flood in a parallel build
and neither it is logged in `config.log'.
Reviewed-by: Palmer Dabbelt <palmer@rivosinc.com>
Acked-by: Palmer Dabbelt <palmer@rivosinc.com>
Maciej W. Rozycki [Fri, 13 May 2022 16:07:23 +0000 (17:07 +0100)]
MIPS: Use an autoconf template to produce `preconfigure'
Avoid fiddling with autoconf internals and use AC_DEFINE_UNQUOTED to
define macros in the configuration headers rather than handcoding an
equivalent shell sequence with the use of the `as_echo' undocumented
variable.
Similarly use AC_MSG_ERROR for error handling rather than the internal
undocumented `as_fn_error' variable. Switch to using 1 as the exit code
as it makes no sense to refer $? in the contexts involved, it's not a
command failure handled there.
Maciej W. Rozycki [Fri, 13 May 2022 16:07:23 +0000 (17:07 +0100)]
m68k: Use an autoconf template to produce `preconfigure'
Switch to using AC_MSG_ERROR rather than `echo' and `exit' directly for
error handling. Owing to the lack of any kind of error annotation it
makes it difficult to spot the message in the flood in a parallel build
and neither it is logged in `config.log'.
Maciej W. Rozycki [Fri, 13 May 2022 16:07:23 +0000 (17:07 +0100)]
C-SKY: Use an autoconf template to produce `preconfigure'
Avoid fiddling with autoconf internals and use AC_DEFINE_UNQUOTED to
define macros in the configuration headers rather than handcoding an
equivalent shell sequence with the use of the `as_echo' undocumented
variable.
Switch to using AC_MSG_ERROR rather than `echo' and `exit' directly for
error handling. Owing to the lack of any kind of error annotation it
makes it difficult to spot the message in the flood in a parallel build
and neither it is logged in `config.log'.
Adhemerval Zanella [Wed, 11 May 2022 19:09:52 +0000 (16:09 -0300)]
Remove configure fno_unit_at_a_time
Since it is not used any longer.
Reviewed-by: Fangrui Song <maskray@google.com>
Adhemerval Zanella [Thu, 7 Apr 2022 20:15:56 +0000 (17:15 -0300)]
stdio: Remove the usage of $(fno-unit-at-a-time) for siglist.c
The siglist.c is built with -fno-toplevel-reorder to avoid compiler
to reorder the compat assembly directives due an assembler
issue [1] (fixed on 2.39).
This patch removes the compiler flags by split the compat symbol
generation in two phases. First the __sys_siglist and __sys_sigabbrev
without any compat symbol directive is preprocessed to generate an
assembly source code. This generate assembly is then used as input
on a platform agnostic siglist.S which then creates the compat
definitions. This prevents compiler to move any compat directive
prior the _sys_errlist definition itself.
Checked on a make check run-built-tests=no on all affected ABIs.
Reviewed-by: Fangrui Song <maskray@google.com>
Adhemerval Zanella [Wed, 6 Apr 2022 15:09:42 +0000 (12:09 -0300)]
stdio: Remove the usage of $(fno-unit-at-a-time) for errlist.c
The errlist.c is built with -fno-toplevel-reorder to avoid compiler to
reorder the compat assembly directives due an assembler issue [1]
(fixed on 2.39).
This patch removes the compiler flags by split the compat symbol
generation in two phases. First the _sys_errlist_internal internal
without any compat symbol directive is preprocessed to generate an
assembly source code. This generate assembly is then used as input
on a platform agnostic errlist-data.S which then creates the compat
definitions. This prevents compiler to move any compat directive
prior the _sys_errlist_internal definition itself.
Checked on a make check run-built-tests=no on all affected ABIs.
[1] https://sourceware.org/bugzilla/show_bug.cgi?id=29012
H.J. Lu [Wed, 6 Apr 2022 13:06:37 +0000 (10:06 -0300)]
Add declare_object_symbol_alias for assembly codes (BZ #28128)
There are 2 problems in:
#define declare_symbol_alias(symbol, original, type, size) \
declare_symbol_alias_1 (symbol, original, type, size)
#ifdef __ASSEMBLER__
# define declare_symbol_alias_1(symbol, original, type, size) \
strong_alias (original, symbol); \
.type C_SYMBOL_NAME (symbol), %##type; \
.size C_SYMBOL_NAME (symbol), size
1. .type and .size are substituted by arguments.
2. %##type is expanded to "% type" due to the GCC bug:
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=101613
But assembler doesn't support "% type".
Workaround BZ #28128 by
1. Don't define declare_symbol_alias for assembly codes.
2. Define declare_object_symbol_alias for assembly codes.
Reviewed-by: Fangrui Song <maskray@google.com>
Siddhesh Poyarekar [Fri, 13 May 2022 13:40:15 +0000 (19:10 +0530)]
wcrtomb: Make behavior POSIX compliant
The GNU implementation of wcrtomb assumes that there are at least
MB_CUR_MAX bytes available in the destination buffer passed to wcrtomb
as the first argument. This is not compatible with the POSIX
definition, which only requires enough space for the input wide
character.
This does not break much in practice because when users supply buffers
smaller than MB_CUR_MAX (e.g. in ncurses), they compute and dynamically
allocate the buffer, which results in enough spare space (thanks to
usable_size in malloc and padding in alloca) that no actual buffer
overflow occurs. However when the code is built with _FORTIFY_SOURCE,
it runs into the hard check against MB_CUR_MAX in __wcrtomb_chk and
hence fails. It wasn't evident until now since dynamic allocations
would result in wcrtomb not being fortified but since _FORTIFY_SOURCE=3,
that limitation is gone, resulting in such code failing.
To fix this problem, introduce an internal buffer that is MB_LEN_MAX
long and use that to perform the conversion and then copy the resultant
bytes into the destination buffer. Also move the fortification check
into the main implementation, which checks the result after conversion
and aborts if the resultant byte count is greater than the destination
buffer size.
One complication is that applications that assume the MB_CUR_MAX
limitation to be gone may not be able to run safely on older glibcs if
they use static destination buffers smaller than MB_CUR_MAX; dynamic
allocations will always have enough spare space that no actual overruns
will occur. One alternative to fixing this is to bump symbol version to
prevent them from running on older glibcs but that seems too strict a
constraint. Instead, since these users will only have made this
decision on reading the manual, I have put a note in the manual warning
them about the pitfalls of having static buffers smaller than
MB_CUR_MAX and running them on older glibc.
Benchmarking:
The wcrtomb microbenchmark shows significant increases in maximum
execution time for all locales, ranging from 10x for ar_SA.UTF-8 to
1.5x-2x for nearly everything else. The mean execution time however saw
practically no impact, with some results even being quicker, indicating
that cache locality has a much bigger role in the overhead.
Given that the additional copy uses a temporary buffer inside wcrtomb,
it's likely that a hot path will end up putting that buffer (which is
responsible for the additional overhead) in a similar place on stack,
giving the necessary cache locality to negate the overhead. However in
situations where wcrtomb ends up getting called at wildly different
spots on the call stack (or is on different call stacks, e.g. with
threads or different execution contexts) and is still a hotspot, the
performance lag will be visible.
Signed-off-by: Siddhesh Poyarekar <siddhesh@sourceware.org>
Wangyang Guo [Fri, 6 May 2022 01:50:10 +0000 (01:50 +0000)]
nptl: Add backoff mechanism to spinlock loop
When mutiple threads waiting for lock at the same time, once lock owner
releases the lock, waiters will see lock available and all try to lock,
which may cause an expensive CAS storm.
Binary exponential backoff with random jitter is introduced. As try-lock
attempt increases, there is more likely that a larger number threads
compete for adaptive mutex lock, so increase wait time in exponential.
A random jitter is also added to avoid synchronous try-lock from other
threads.
v2: Remove read-check before try-lock for performance.
v3:
1. Restore read-check since it works well in some platform.
2. Make backoff arch dependent, and enable it for x86_64.
3. Limit max backoff to reduce latency in large critical section.
v4: Fix strict-prototypes error in sysdeps/nptl/pthread_mutex_backoff.h
v5: Commit log updated for regression in large critical section.
Result of pthread-mutex-locks bench
Test Platform: Xeon 8280L (2 socket, 112 CPUs in total)
First Row: thread number
First Col: critical section length
Values: backoff vs upstream, time based, low is better
non-critical-length: 1
1 2 4 8 16 32 64 112 140
0 0.99 0.58 0.52 0.49 0.43 0.44 0.46 0.52 0.54
1 0.98 0.43 0.56 0.50 0.44 0.45 0.50 0.56 0.57
2 0.99 0.41 0.57 0.51 0.45 0.47 0.48 0.60 0.61
4 0.99 0.45 0.59 0.53 0.48 0.49 0.52 0.64 0.65
8 1.00 0.66 0.71 0.63 0.56 0.59 0.66 0.72 0.71
16 0.97 0.78 0.91 0.73 0.67 0.70 0.79 0.80 0.80
32 0.95 1.17 0.98 0.87 0.82 0.86 0.89 0.90 0.90
64 0.96 0.95 1.01 1.01 0.98 1.00 1.03 0.99 0.99
128 0.99 1.01 1.01 1.17 1.08 1.12 1.02 0.97 1.02
non-critical-length: 32
1 2 4 8 16 32 64 112 140
0 1.03 0.97 0.75 0.65 0.58 0.58 0.56 0.70 0.70
1 0.94 0.95 0.76 0.65 0.58 0.58 0.61 0.71 0.72
2 0.97 0.96 0.77 0.66 0.58 0.59 0.62 0.74 0.74
4 0.99 0.96 0.78 0.66 0.60 0.61 0.66 0.76 0.77
8 0.99 0.99 0.84 0.70 0.64 0.66 0.71 0.80 0.80
16 0.98 0.97 0.95 0.76 0.70 0.73 0.81 0.85 0.84
32 1.04 1.12 1.04 0.89 0.82 0.86 0.93 0.91 0.91
64 0.99 1.15 1.07 1.00 0.99 1.01 1.05 0.99 0.99
128 1.00 1.21 1.20 1.22 1.25 1.31 1.12 1.10 0.99
non-critical-length: 128
1 2 4 8 16 32 64 112 140
0 1.02 1.00 0.99 0.67 0.61 0.61 0.61 0.74 0.73
1 0.95 0.99 1.00 0.68 0.61 0.60 0.60 0.74 0.74
2 1.00 1.04 1.00 0.68 0.59 0.61 0.65 0.76 0.76
4 1.00 0.96 0.98 0.70 0.63 0.63 0.67 0.78 0.77
8 1.01 1.02 0.89 0.73 0.65 0.67 0.71 0.81 0.80
16 0.99 0.96 0.96 0.79 0.71 0.73 0.80 0.84 0.84
32 0.99 0.95 1.05 0.89 0.84 0.85 0.94 0.92 0.91
64 1.00 0.99 1.16 1.04 1.00 1.02 1.06 0.99 0.99
128 1.00 1.06 0.98 1.14 1.39 1.26 1.08 1.02 0.98
There is regression in large critical section. But adaptive mutex is
aimed for "quick" locks. Small critical section is more common when
users choose to use adaptive pthread_mutex.
Signed-off-by: Wangyang Guo <wangyang.guo@intel.com>
Reviewed-by: H.J. Lu <hjl.tools@gmail.com>
Florian Weimer [Mon, 9 May 2022 16:15:16 +0000 (18:15 +0200)]
Linux: Implement a useful version of _startup_fatal
On i386 and ia64, the TCB is not available at this point.
Reviewed-by: Adhemerval Zanella <adhemerval.zanella@linaro.org>
Florian Weimer [Mon, 9 May 2022 16:15:16 +0000 (18:15 +0200)]
ia64: Always define IA64_USE_NEW_STUB as a flag macro
And keep the previous definition if it exists. This allows
disabling IA64_USE_NEW_STUB while keeping USE_DL_SYSINFO defined.
Reviewed-by: Adhemerval Zanella <adhemerval.zanella@linaro.org>
Adhemerval Zanella [Mon, 2 May 2022 15:39:43 +0000 (12:39 -0300)]
linux: Fix posix_spawn return code if clone fails (BZ#29109)
The __clone_internal returns the error on errno.
Checked on x86_64-linux-gnu.
Siddhesh Poyarekar [Fri, 6 May 2022 12:46:43 +0000 (18:16 +0530)]
benchtests: Add wcrtomb microbenchmark
Add a simple benchmark that measures wcrtomb performance with various
locales with 1-4 byte characters.
Signed-off-by: Siddhesh Poyarekar <siddhesh@sourceware.org>
Reviewed-by: Florian Weimer <fweimer@redhat.com>
Xiaoming Ni [Thu, 5 May 2022 03:01:11 +0000 (11:01 +0800)]
clock_settime/clock_gettime: Use __nonnull to avoid null pointer
clock_settime()
clock_settime64()
clock_gettime()
clock_gettime64()
Add __nonnull((2)) to avoid null pointer access.
Link: https://sourceware.org/bugzilla/show_bug.cgi?id=27662
Link: https://sourceware.org/bugzilla/show_bug.cgi?id=29084
Signed-off-by: Xiaoming Ni <nixiaoming@huawei.com>
Reviewed-by: Siddhesh Poyarekar <siddhesh@sourceware.org>
Xiaoming Ni [Thu, 5 May 2022 03:01:10 +0000 (11:01 +0800)]
clock_adjtime: Use __nonnull to avoid null pointer
clock_adjtime()/clock_adjtime64()
Add __nonnull((2)) to avoid null pointer access.
Link: https://sourceware.org/bugzilla/show_bug.cgi?id=27662
Link: https://sourceware.org/bugzilla/show_bug.cgi?id=29084
Signed-off-by: Xiaoming Ni <nixiaoming@huawei.com>
Reviewed-by: Siddhesh Poyarekar <siddhesh@sourceware.org>
Xiaoming Ni [Thu, 5 May 2022 03:01:09 +0000 (11:01 +0800)]
ntp_xxxtimex: Use __nonnull to avoid null pointer
ntp_gettime()
ntp_gettime64()
ntp_gettimex()
ntp_gettimex64()
ntp_adjtime()
Add __nonnull((1)) to avoid null pointer access.
Link: https://sourceware.org/bugzilla/show_bug.cgi?id=27662
Link: https://sourceware.org/bugzilla/show_bug.cgi?id=29084
Signed-off-by: Xiaoming Ni <nixiaoming@huawei.com>
Reviewed-by: Siddhesh Poyarekar <siddhesh@sourceware.org>
Xiaoming Ni [Thu, 5 May 2022 03:01:08 +0000 (11:01 +0800)]
adjtimex/adjtimex64: Use __nonnull to avoid null pointer
Add __nonnull((1)) to the adjtimex()/adjtimex64() function declaration
to avoid null pointer access.
Link: https://sourceware.org/bugzilla/show_bug.cgi?id=27662
Link: https://sourceware.org/bugzilla/show_bug.cgi?id=29084
Signed-off-by: Xiaoming Ni <nixiaoming@huawei.com>
Reviewed-by: Siddhesh Poyarekar <siddhesh@sourceware.org>
Samuel Thibault [Thu, 5 May 2022 00:14:43 +0000 (02:14 +0200)]
hurd spawni: Fix reauthenticating closed fds
When an fd is closed, the port cell remains, but the port becomes
MACH_PORT_NULL, so we have to guard against it.
Florian Weimer [Wed, 4 May 2022 13:37:21 +0000 (15:37 +0200)]
Linux: Define MMAP_CALL_INTERNAL
Unlike MMAP_CALL, this avoids a TCB dependency for an errno update
on failure.
<mmap_internal.h> cannot be included as is on several architectures
due to the definition of page_unit, so introduce a separate header
file for the definition of MMAP_CALL and MMAP_CALL_INTERNAL,
<mmap_call.h>.
Reviewed-by: Stefan Liebler <stli@linux.ibm.com>
Florian Weimer [Wed, 4 May 2022 13:37:21 +0000 (15:37 +0200)]
i386: Honor I386_USE_SYSENTER for 6-argument Linux system calls
Introduce an int-80h-based version of __libc_do_syscall and use
it if I386_USE_SYSENTER is defined as 0.
Reviewed-by: H.J. Lu <hjl.tools@gmail.com>
Florian Weimer [Wed, 4 May 2022 13:37:21 +0000 (15:37 +0200)]
i386: Remove OPTIMIZE_FOR_GCC_5 from Linux libc-do-syscall.S
After commit
a78e6a10d0b50d0ca80309775980fc99944b1727
("i386: Remove broken CAN_USE_REGISTER_ASM_EBP (bug 28771)"),
it is never defined.
Reviewed-by: H.J. Lu <hjl.tools@gmail.com>
Siddhesh Poyarekar [Wed, 4 May 2022 10:26:47 +0000 (15:56 +0530)]
manual: Clarify that abbreviations of long options are allowed
The man page and code comments clearly state that abbreviations of long
option names are recognized correctly as long as they are unique.
Document this fact in the glibc manual as well.
Signed-off-by: Siddhesh Poyarekar <siddhesh@sourceware.org>
Reviewed-by: Florian Weimer <fweimer@redhat.com>
Reviewed-by: Andreas Schwab <schwab@linux-m68k.org>
Fangrui Song [Mon, 2 May 2022 16:06:39 +0000 (09:06 -0700)]
elf: Remove fallback to the start of DT_STRTAB for dladdr
When neither DT_HASH nor DT_GNU_HASH is present, the code scans
[DT_SYMTAB, DT_STRTAB). However, there is no guarantee that .dynstr
immediately follows .dynsym (e.g. lld typically places .gnu.version
after .dynsym).
In the absence of a hash table, symbol lookup will always fail
(map->l_nbuckets == 0 in dl-lookup.c) as if the object has no symbol, so
it seems fair for dladdr to do the same.
Reviewed-by: Florian Weimer <fweimer@redhat.com>
Fangrui Song [Mon, 2 May 2022 15:55:36 +0000 (08:55 -0700)]
powerpc32: Remove unused HAVE_PPC_SECURE_PLT
82a79e7d1843f9d90075a0bf2f04557040829bb0 removed the only user of
HAVE_PPC_SECURE_PLT.
Reviewed-by: Florian Weimer <fweimer@redhat.com>
Florian Weimer [Fri, 29 Apr 2022 15:00:53 +0000 (17:00 +0200)]
dlfcn: Implement the RTLD_DI_PHDR request type for dlinfo
The information is theoretically available via dl_iterate_phdr as
well, but that approach is very slow if there are many shared
objects.
Reviewed-by: Carlos O'Donell <carlos@redhat.com>
Tested-by: Carlos O'Donell <carlos@rehdat.com>
Florian Weimer [Fri, 29 Apr 2022 15:00:48 +0000 (17:00 +0200)]
manual: Document the dlinfo function
Reviewed-by: Carlos O'Donell <carlos@redhat.com>
Tested-by: Carlos O'Donell <carlos@rehdat.com>
Florian Weimer [Fri, 29 Apr 2022 14:37:51 +0000 (16:37 +0200)]
Do not use --hash-style=both for building glibc shared objects
The comment indicates that --hash-style=both was used to maintain
compatibility with static dlopen, but we had many internal ABI
changes since then, so this compatiblity does not add value anymore.
Reviewed-by: Carlos O'Donell <carlos@redhat.com>
Siddhesh Poyarekar [Fri, 29 Apr 2022 06:15:56 +0000 (11:45 +0530)]
benchtests: Better libmvec integration
Improve libmvec benchmark integration so that in future other
architectures may be able to run their libmvec benchmarks as well. This
now allows libmvec benchmarks to be run with `make BENCHSET=bench-math`.
Signed-off-by: Siddhesh Poyarekar <siddhesh@sourceware.org>
Siddhesh Poyarekar [Fri, 29 Apr 2022 05:36:00 +0000 (11:06 +0530)]
benchtests: Add UNSUPPORTED benchmark status
The libmvec benchmarks print a message indicating that a certain CPU
feature is unsupported and exit prematurelyi, which breaks the JSON in
bench.out.
Handle this more elegantly in the bench makefile target by adding
support for an UNSUPPORTED exit status (77) so that bench.out continues
to have output for valid tests.
Signed-off-by: Siddhesh Poyarekar <siddhesh@sourceware.org>
Adhemerval Zanella [Wed, 27 Apr 2022 16:40:30 +0000 (13:40 -0300)]
linux: Fix fchmodat with AT_SYMLINK_NOFOLLOW for 64 bit time_t (BZ#29097)
The AT_SYMLINK_NOFOLLOW emulation ues the default 32 bit stat internal
calls, which fails with EOVERFLOW if the file constains timestamps
beyond 2038.
Checked on i686-linux-gnu.
Alan Modra [Wed, 27 Apr 2022 05:09:10 +0000 (14:39 +0930)]
Use __ehdr_start rather than _begin in _dl_start_final
__ehdr_start is already used in rltld.c:dl_main, and can serve the
same purpose as _begin. Besides tidying the code, using linker
defined section relative symbols rather than "-defsym _begin=0" better
reflects the intent of _dl_start_final use of _begin, which is to
refer to the load address of ld.so rather than absolute address zero.
Reviewed-by: Florian Weimer <fweimer@redhat.com>
Noah Goldstein [Wed, 27 Apr 2022 20:13:02 +0000 (15:13 -0500)]
sysdeps: Add 'get_fast_jitter' interace in fast-jitter.h
'get_fast_jitter' is meant to be used purely for performance
purposes. In all cases it's used it should be acceptable to get no
randomness (see default case). An example use case is in setting
jitter for retries between threads at a lock. There is a
performance benefit to having jitter, but only if the jitter can
be generated very quickly and ultimately there is no serious issue
if no jitter is generated.
The implementation generally uses 'HP_TIMING_NOW' iff it is
inlined (avoid any potential syscall paths).
Reviewed-by: H.J. Lu <hjl.tools@gmail.com>
DJ Delorie [Wed, 30 Mar 2022 21:44:02 +0000 (17:44 -0400)]
posix/glob.c: update from gnulib
Copied from gnulib/lib/glob.c in order to fix rhbz 1982608
Also fixes swbz 25659
Reviewed-by: Carlos O'Donell <carlos@redhat.com>
Tested-by: Carlos O'Donell <carlos@redhat.com>
Wangyang Guo [Thu, 21 Apr 2022 03:28:41 +0000 (03:28 +0000)]
benchtests: Add pthread-mutex-locks bench
Benchmark for testing pthread mutex locks performance with different
threads and critical sections.
The test configuration consists of 3 parts:
1. thread number
2. critical-section length
3. non-critical-section length
Thread number starts from 1 and increased by 2x until num of CPU cores
(nprocs). An additional over-saturation case (1.25 * nprocs) is also
included.
Critical-section is represented by a loop of shared do_filler(),
length can be determined by the loop iters.
Non-critical-section is similiar to the critical-section, except it's
based on non-shared do_filler().
Currently, adaptive pthread_mutex lock is tested.
Adhemerval Zanella [Wed, 27 Apr 2022 16:59:26 +0000 (13:59 -0300)]
linux: Fix missing internal 64 bit time_t stat usage
These are two missing spots initially done by
52a5fe70a2c77935.
Checked on i686-linux-gnu.
Adhemerval Zanella [Tue, 8 Feb 2022 18:22:49 +0000 (15:22 -0300)]
elf: Fix DFS sorting algorithm for LD_TRACE_LOADED_OBJECTS with missing libraries (BZ #28868)
On _dl_map_object the underlying file is not opened in trace mode
(in other cases where the underlying file can't be opened,
_dl_map_object quits with an error). If there any missing libraries
being processed, they will not be considered on final nlist size
passed on _dl_sort_maps later in the function. And it is then used by
_dl_sort_maps_dfs on the stack allocated working maps:
222 /* Array to hold RPO sorting results, before we copy back to maps[]. */
223 struct link_map *rpo[nmaps];
224
225 /* The 'head' position during each DFS iteration. Note that we start at
226 one past the last element due to first-decrement-then-store (see the
227 bottom of above dfs_traversal() routine). */
228 struct link_map **rpo_head = &rpo[nmaps];
However while transversing the 'l_initfini' on dfs_traversal it will
still consider the l_faked maps and thus update rpo more times than the
allocated working 'rpo', overflowing the stack object.
As suggested in bugzilla, one option would be to avoid sorting the maps
for trace mode. However I think ignoring l_faked object does make
sense (there is one less constraint to call the sorting function), it
allows a slight less stack usage for trace, and it is slight simpler
solution.
The tests does trigger the stack overflow, however I tried to make
it more generic to check different scenarios or missing objects.
Checked on x86_64-linux-gnu.
Reviewed-by: Siddhesh Poyarekar <siddhesh@sourceware.org>
Adhemerval Zanella [Tue, 26 Apr 2022 17:20:11 +0000 (14:20 -0300)]
posix: Remove unused definition on _Fork
Checked on x86_64-linux-gnu.
H.J. Lu [Thu, 3 Feb 2022 18:04:22 +0000 (10:04 -0800)]
NEWS: Mention DT_RELR support
H.J. Lu [Thu, 14 Apr 2022 17:46:53 +0000 (10:46 -0700)]
elf: Add more DT_RELR tests
Verify that:
1. A DT_RELR shared library without DT_NEEDED works.
2. A DT_RELR shared library without DT_VERNEED works.
3. A DT_RELR shared library without libc.so on DT_NEEDED works.
H.J. Lu [Tue, 4 Jan 2022 13:47:21 +0000 (05:47 -0800)]
elf: Properly handle zero DT_RELA/DT_REL values
With DT_RELR, there may be no relocations in DT_RELA/DT_REL and their
entry values are zero. Don't relocate DT_RELA/DT_REL and update the
combined relocation start address if their entry values are zero.
Fangrui Song [Wed, 5 Jan 2022 02:41:03 +0000 (18:41 -0800)]
elf: Support DT_RELR relative relocation format [BZ #27924]
PIE and shared objects usually have many relative relocations. In
2017/2018, SHT_RELR/DT_RELR was proposed on
https://groups.google.com/g/generic-abi/c/bX460iggiKg/m/GxjM0L-PBAAJ
("Proposal for a new section type SHT_RELR") and is a pre-standard. RELR
usually takes 3% or smaller space than R_*_RELATIVE relocations. The
virtual memory size of a mostly statically linked PIE is typically 5~10%
smaller.
---
Notes I will not include in the submitted commit:
Available on https://sourceware.org/git/?p=glibc.git;a=shortlog;h=refs/heads/maskray/relr
"pre-standard": even Solaris folks are happy with the refined generic-abi
proposal. Cary Coutant will apply the change
https://sourceware.org/pipermail/libc-alpha/2021-October/131781.html
This patch is simpler than Chrome OS's glibc patch and makes ELF_DYNAMIC_DO_RELR
available to all ports. I don't think the current glibc implementation
supports ia64 in an ELFCLASS32 container. That said, the style I used is
works with an ELFCLASS32 container for 64-bit machine if ElfW(Addr) is
64-bit.
* Chrome OS folks have carried a local patch since 2018 (latest version:
https://chromium.googlesource.com/chromiumos/overlays/chromiumos-overlay/+/refs/heads/main/sys-libs/glibc/files/local/glibc-2.32).
I.e. this feature has been battle tested.
* Android bionic supports 2018 and switched to DT_RELR==36 in 2020.
* The Linux kernel has supported CONFIG_RELR since 2019-08
(https://git.kernel.org/linus/
5cf896fb6be3effd9aea455b22213e27be8bdb1d).
* A musl patch (by me) exists but is not applied:
https://www.openwall.com/lists/musl/2019/03/06/3
* rtld-elf from FreeBSD 14 will support DT_RELR.
I believe upstream glibc should support DT_RELR to benefit all Linux
distributions. I filed some feature requests to get their attention:
* Gentoo: https://bugs.gentoo.org/818376
* Arch Linux: https://bugs.archlinux.org/task/72433
* Debian https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=996598
* Fedora https://bugzilla.redhat.com/show_bug.cgi?id=2014699
As of linker support (to the best of my knowledge):
* LLD support DT_RELR.
* https://chromium.googlesource.com/chromiumos/overlays/chromiumos-overlay/+/refs/heads/main/sys-devel/binutils/files/
has a gold patch.
* GNU ld feature request https://sourceware.org/bugzilla/show_bug.cgi?id=27923
Changes from the original patch:
1. Check the linker option, -z pack-relative-relocs, which add a
GLIBC_ABI_DT_RELR symbol version dependency on the shared C library if
it provides a GLIBC_2.XX symbol version.
2. Change make variale to have-dt-relr.
3. Rename tst-relr-no-pie to tst-relr-pie for --disable-default-pie.
4. Use TEST_VERIFY in tst-relr.c.
5. Add the check-tst-relr-pie.out test to check for linker generated
libc.so version dependency on GLIBC_ABI_DT_RELR.
6. Move ELF_DYNAMIC_DO_RELR before ELF_DYNAMIC_DO_REL.
H.J. Lu [Fri, 19 Nov 2021 14:18:56 +0000 (06:18 -0800)]
Add GLIBC_ABI_DT_RELR for DT_RELR support
The EI_ABIVERSION field of the ELF header in executables and shared
libraries can be bumped to indicate the minimum ABI requirement on the
dynamic linker. However, EI_ABIVERSION in executables isn't checked by
the Linux kernel ELF loader nor the existing dynamic linker. Executables
will crash mysteriously if the dynamic linker doesn't support the ABI
features required by the EI_ABIVERSION field. The dynamic linker should
be changed to check EI_ABIVERSION in executables.
Add a glibc version, GLIBC_ABI_DT_RELR, to indicate DT_RELR support so
that the existing dynamic linkers will issue an error on executables with
GLIBC_ABI_DT_RELR dependency. When there is a DT_VERNEED entry with
libc.so on DT_NEEDED, issue an error if there is a DT_RELR entry without
GLIBC_ABI_DT_RELR dependency.
Support __placeholder_only_for_empty_version_map as the placeholder symbol
used only for empty version map to generate GLIBC_ABI_DT_RELR without any
symbols.
H.J. Lu [Tue, 29 Mar 2022 21:08:54 +0000 (14:08 -0700)]
elf: Define DT_RELR related macros and types
Fangrui Song [Tue, 26 Apr 2022 16:26:22 +0000 (09:26 -0700)]
elf: Replace PI_STATIC_AND_HIDDEN with opposite HIDDEN_VAR_NEEDS_DYNAMIC_RELOC
PI_STATIC_AND_HIDDEN indicates whether accesses to internal linkage
variables and hidden visibility variables in a shared object (ld.so)
need dynamic relocations (usually R_*_RELATIVE). PI (position
independent) in the macro name is a misnomer: a code sequence using GOT
is typically position-independent as well, but using dynamic relocations
does not meet the requirement.
Not defining PI_STATIC_AND_HIDDEN is legacy and we expect that all new
ports will define PI_STATIC_AND_HIDDEN. Current ports defining
PI_STATIC_AND_HIDDEN are more than the opposite. Change the configure
default.
No functional change.
Reviewed-by: Adhemerval Zanella <adhemerval.zanella@linaro.org>
Carlos O'Donell [Tue, 26 Apr 2022 14:52:41 +0000 (10:52 -0400)]
i386: Regenerate ulps
These failures were caught while building glibc master for Fedora
Rawhide which is built with '-mtune=generic -msse2 -mfpmath=sse'
using gcc 11.3 (gcc-11.3.1-2.fc35) on a Cascadelake Intel Xeon
processor.
Florian Weimer [Tue, 26 Apr 2022 12:23:02 +0000 (14:23 +0200)]
dlfcn: Do not use rtld_active () to determine ld.so state (bug 29078)
When audit modules are loaded, ld.so initialization is not yet
complete, and rtld_active () returns false even though ld.so is
mostly working. Instead, the static dlopen hook is used, but that
does not work at all because this is not a static dlopen situation.
Commit
466c1ea15f461edb8e3ffaf5d86d708876343bbf ("dlfcn: Rework
static dlopen hooks") moved the hook pointer into _rtld_global_ro,
which means that separate protection is not needed anymore and the
hook pointer can be checked directly.
The guard for disabling libio vtable hardening in _IO_vtable_check
should stay for now.
Fixes commit
8e1472d2c1e25e6eabc2059170731365f6d5b3d1 ("ld.so:
Examine GLRO to detect inactive loader [BZ #20204]").
Reviewed-by: Adhemerval Zanella <adhemerval.zanella@linaro.org>
Florian Weimer [Tue, 26 Apr 2022 12:22:10 +0000 (14:22 +0200)]
INSTALL: Rephrase -with-default-link documentation
Reviewed-by: Carlos O'Donell <carlos@redhat.com>