Adhemerval Zanella [Mon, 6 Nov 2023 20:25:40 +0000 (17:25 -0300)]
elf: Fix _dl_debug_vdprintf to work before self-relocation
The strlen might trigger and invalid GOT entry if it used before
the process is self-relocated (for instance on dl-tunables if any
error occurs).
For i386, _dl_writev with PIE requires to use the old 'int $0x80'
syscall mode because the calling the TLS register (gs) is not yet
initialized.
Checked on x86_64-linux-gnu.
Reviewed-by: Siddhesh Poyarekar <siddhesh@sourceware.org>
Adhemerval Zanella [Mon, 6 Nov 2023 20:25:39 +0000 (17:25 -0300)]
elf: Do not parse ill-formatted strings
Instead of ignoring ill-formatted tunable strings, first, check all the
tunable definitions are correct and then set each tunable value. It
means that partially invalid strings, like "key1=value1:key2=key2=value'
or 'key1=value':key2=value2=value2' do not enable 'key1=value1'. It
avoids possible user-defined errors in tunable definitions.
Checked on x86_64-linux-gnu.
Reviewed-by: Siddhesh Poyarekar <siddhesh@sourceware.org>
Adhemerval Zanella [Mon, 6 Nov 2023 20:25:38 +0000 (17:25 -0300)]
elf: Do not process invalid tunable format
Tunable definitions with more than one '=' on are parsed and enabled,
and any subsequent '=' are ignored. It means that tunables in the form
'tunable=tunable=value' or 'tunable=value=value' are handled as
'tunable=value'. These inputs are likely user input errors, which
should not be accepted.
Checked on x86_64-linux-gnu.
Reviewed-by: Siddhesh Poyarekar <siddhesh@sourceware.org>
Adhemerval Zanella [Mon, 6 Nov 2023 20:25:37 +0000 (17:25 -0300)]
elf: Add all malloc tunable to unsecvars
Some environment variables allow alteration of allocator behavior
across setuid boundaries, where a setuid program may ignore the
tunable, but its non-setuid child can read it and adjust the memory
allocator behavior accordingly.
Most library behavior tunings is limited to the current process and does
not bleed in scope; so it is unclear how pratical this misfeature is.
If behavior change across privilege boundaries is desirable, it would be
better done with a wrapper program around the non-setuid child that sets
these envvars, instead of using the setuid process as the messenger.
The patch as fixes tst-env-setuid, where it fail if any unsecvars is
set. It also adds a dynamic test, although it requires
--enable-hardcoded-path-in-tests so kernel correctly sets the setuid
bit (using the loader command directly would require to set the
setuid bit on the loader itself, which is not a usual deployment).
Co-authored-by: Siddhesh Poyarekar <siddhesh@sourceware.org>
Checked on x86_64-linux-gnu.
Reviewed-by: DJ Delorie <dj@redhat.com>
Adhemerval Zanella [Mon, 6 Nov 2023 20:25:36 +0000 (17:25 -0300)]
elf: Ignore GLIBC_TUNABLES for setuid/setgid binaries
The tunable privilege levels were a retrofit to try and keep the malloc
tunable environment variables' behavior unchanged across security
boundaries. However, CVE-2023-4911 shows how tricky can be
tunable parsing in a security-sensitive environment.
Not only parsing, but the malloc tunable essentially changes some
semantics on setuid/setgid processes. Although it is not a direct
security issue, allowing users to change setuid/setgid semantics is not
a good security practice, and requires extra code and analysis to check
if each tunable is safe to use on all security boundaries.
It also means that security opt-in features, like aarch64 MTE, would
need to be explicit enabled by an administrator with a wrapper script
or with a possible future system-wide tunable setting.
Co-authored-by: Siddhesh Poyarekar <siddhesh@sourceware.org>
Reviewed-by: DJ Delorie <dj@redhat.com>
Adhemerval Zanella [Mon, 6 Nov 2023 20:25:35 +0000 (17:25 -0300)]
elf: Add GLIBC_TUNABLES to unsecvars
setuid/setgid process now ignores any glibc tunables, and filters out
all environment variables that might changes its behavior. This patch
also adds GLIBC_TUNABLES, so any spawned process by setuid/setgid
processes should set tunable explicitly.
Checked on x86_64-linux-gnu.
Reviewed-by: Florian Weimer <fweimer@redhat.com>
Reviewed-by: Siddhesh Poyarekar <siddhesh@sourceware.org>
Adhemerval Zanella [Mon, 6 Nov 2023 20:25:34 +0000 (17:25 -0300)]
elf: Remove /etc/suid-debug support
Since malloc debug support moved to a different library
(libc_malloc_debug.so), the glibc.malloc.check requires preloading the
debug library to enable it. It means that suid-debug support has not
been working since 2.34.
To restore its support, it would require to add additional information
and parsing to where to find libc_malloc_debug.so.
It is one thing less that might change AT_SECURE binaries' behavior
due to environment configurations.
Checked on x86_64-linux-gnu.
Reviewed-by: Siddhesh Poyarekar <siddhesh@sourceware.org>
Florian Weimer [Tue, 21 Nov 2023 15:45:35 +0000 (16:45 +0100)]
stdlib: The qsort implementation needs to use heapsort in more cases
The existing logic avoided internal stack overflow. To avoid
a denial-of-service condition with adversarial input, it is necessary
to fall over to heapsort if tail-recursing deeply, too, which does
not result in a deep stack of pending partitions.
The new test stdlib/tst-qsort5 is based on Douglas McIlroy's paper
on this subject.
Reviewed-by: Adhemerval Zanella <adhemerval.zanella@linaro.org>
Florian Weimer [Tue, 21 Nov 2023 15:45:35 +0000 (16:45 +0100)]
stdlib: Handle various corner cases in the fallback heapsort for qsort
The previous implementation did not consistently apply the rule that
the child nodes of node K are at 2 * K + 1 and 2 * K + 2, or
that the parent node is at (K - 1) / 2.
Add an internal test that targets the heapsort implementation
directly.
Reported-by: Stepan Golosunov <stepan@golosunov.pp.ru>
Reviewed-by: Adhemerval Zanella <adhemerval.zanella@linaro.org>
Florian Weimer [Tue, 21 Nov 2023 15:45:35 +0000 (16:45 +0100)]
stdlib: Avoid another self-comparison in qsort
In the insertion phase, we could run off the start of the array if the
comparison function never runs zero. In that case, it never finds the
initial element that terminates the iteration.
Reviewed-by: Adhemerval Zanella <adhemerval.zanella@linaro.org>
Samuel Thibault [Mon, 20 Nov 2023 23:55:54 +0000 (00:55 +0100)]
hurd: fix restarting reauth_dtable on signal
While inside the critical section, RPCs would not be restarted, so we
have to handle EINTR errors.
Samuel Thibault [Mon, 20 Nov 2023 18:19:50 +0000 (19:19 +0100)]
hurd: Prevent the final file_exec_paths call from signals
Otherwise if the exec server started thrashing the old task,
we won't be able to restart the exec.
This notably fixes building ghc.
Carlos O'Donell [Mon, 20 Nov 2023 18:15:34 +0000 (13:15 -0500)]
manual: Fix termios.c example. (Bug 31078)
Remove the unused 'char *name;' from the example.
Use write instead of putchar to write input as it is read.
Example tested on x86_64 by compiling and running the example.
Tested by building the manual pdf and reviewing the results.
Reviewed-by: Florian Weimer <fweimer@redhat.com>
Joe Ramsay [Thu, 16 Nov 2023 13:24:18 +0000 (13:24 +0000)]
aarch64: Add vector implementations of expm1 routines
May discard sign of 0 - auto tests for -0 and -0x1p-10000 updated accordingly.
Adhemerval Zanella [Thu, 28 Sep 2023 16:56:21 +0000 (13:56 -0300)]
linux: Use fchmodat2 on fchmod for flags different than 0 (BZ 26401)
Linux 6.6 (
09da082b07bbae1c) added support for fchmodat2, which has
similar semantics as fchmodat with an extra flag argument. This
allows fchmodat to implement AT_SYMLINK_NOFOLLOW and AT_EMPTY_PATH
without the need for procfs.
The syscall is registered on all architectures (with value of 452
except on alpha which is 562, commit
78252deb023cf087).
The tst-lchmod.c requires a small fix where fchmodat checks two
contradictory assertions ('(st.st_mode & 0777) == 2' and
'(st.st_mode & 0777) == 3').
Checked on x86_64-linux-gnu on a 6.6 kernel.
Reviewed-by: Florian Weimer <fweimer@redhat.com>
Florian Weimer [Mon, 20 Nov 2023 15:03:11 +0000 (16:03 +0100)]
intl: Add test case for bug 16621
Reviewed-by: Adhemerval Zanella <adhemerval.zanella@linaro.org>
Jan Palus [Mon, 30 Oct 2023 18:57:01 +0000 (19:57 +0100)]
resolv: free only initialized items from gai pool
pool_max_size denotes total allocated rows in pool but possibly not yet
initialized. it's pool_size that represents number of actually occupied
rows hence use it when freeing pool to avoid freeing random addresses.
Signed-off-by: Jan Palus <jpalus@fastmail.com>
Reviewed-by: Florian Weimer <fweimer@redhat.com>
Florian Weimer [Mon, 23 Oct 2023 10:53:16 +0000 (12:53 +0200)]
ldconfig: Fixes for skipping temporary files.
Arguments to a memchr call were swapped, causing incorrect skipping
of files.
Files related to dpkg have different names: they actually end in
.dpkg-new and .dpkg-tmp, not .tmp as I mistakenly assumed.
Fixes commit
2aa0974d2573441bffd59 ("elf: ldconfig should skip
temporary files created by package managers").
Florian Weimer [Mon, 20 Nov 2023 08:22:25 +0000 (09:22 +0100)]
nptl: Link tst-execstack-threads-mod.so with -z execstack
This ensures that the test still links with a linker that refuses
to create an executable stack marker automatically.
Reviewed-by: Adhemerval Zanella <adhemerval.zanella@linaro.org>
Florian Weimer [Mon, 20 Nov 2023 08:22:21 +0000 (09:22 +0100)]
nptl: Rename tst-execstack to tst-execstack-threads
So that the test is harder to confuse with elf/tst-execstack
(although the tests are supposed to be the same).
Reviewed-by: Adhemerval Zanella <adhemerval.zanella@linaro.org>
Flavio Cruz [Sun, 19 Nov 2023 05:08:47 +0000 (00:08 -0500)]
Remove untyped mach RPC code.
Existing MiG does not support untyped messages and the Hurd will
continue to use typed messages for the foreseeable future.
Message-ID: <ZVmYX6j4pYNUfqn4@jupiter.tail36e24.ts.net>
Flavio Cruz [Sat, 18 Nov 2023 23:18:44 +0000 (18:18 -0500)]
_hurd_intr_rpc_mach_msg: handle message iteration correctly.
The `ty` pointer is only set at the end of the loop so that
`msgtl_header.msgt_inline` and `msgtl_header.msgt_deallocate` remain
valid. Also, when deallocating memory, we use the length from the
message directly rather than hard coding mach_port_t since we want to
deallocate any kind of OOL data.
Message-ID: <ZVlGVD6eEN-dXsOr@jupiter.tail36e24.ts.net>
Mike FABIAN [Thu, 16 Nov 2023 14:53:06 +0000 (15:53 +0100)]
localedata: Convert oc_FR locale to UTF-8
Mike FABIAN [Thu, 16 Nov 2023 14:45:50 +0000 (15:45 +0100)]
localedata: Add information for Occitan
Resolves: BZ # 28787
Florian Weimer [Thu, 16 Nov 2023 18:55:35 +0000 (19:55 +0100)]
elf: Fix force_first handling in dlclose (bug 30981)
The force_first parameter was ineffective because the dlclose'd
object was not necessarily the first in the maps array. Also
enable force_first handling unconditionally, regardless of namespace.
The initial object in a namespace should be destructed first, too.
The _dl_sort_maps_dfs function had early returns for relocation
dependency processing which broke force_first handling, too, and
this is fixed in this change as well.
Reviewed-by: Adhemerval Zanella <adhemerval.zanella@linaro.org>
Adhemerval Zanella [Fri, 10 Nov 2023 13:43:12 +0000 (10:43 -0300)]
elf: Handle non-directory name in search path (BZ 31035)
The open_path stops if a relative path in search path contains a
component that is a non directory (for instance, if the component
is an existing file).
For instance:
$ cat > lib.c <<EOF
> void foo (void) {}
> EOF
$ gcc -shared -fPIC -o lib.so lib.c
$ cat > main.c <<EOF
extern void foo ();
int main () { foo (); return 0; }
EOF
$ gcc -o main main.c lib.so
$ LD_LIBRARY_PATH=. ./main
$ LD_LIBRARY_PATH=non-existing/path:. ./main
$ LD_LIBRARY_PATH=$(pwd)/main:. ./main
$ LD_LIBRARY_PATH=./main:. ./main
./main: error while loading shared libraries: lib.so: cannot open shared object file: No such file or directory
The invalid './main' should be ignored as a non-existent one,
instead as a valid but non accessible file.
Absolute paths do not trigger this issue because their status are
initialized as 'unknown' and open_path check if this is a directory.
Checked on x86_64-linux-gnu.
Reviewed-by: Szabolcs Nagy <szabolcs.nagy@arm.com>
Mike FABIAN [Wed, 15 Nov 2023 15:28:01 +0000 (16:28 +0100)]
New Zealand locales (en_NZ & mi_NZ) first day of week should be Monday
Resolves: BZ #29486
Noah Goldstein [Wed, 1 Nov 2023 21:42:07 +0000 (16:42 -0500)]
x86: Fix unchecked AVX512-VBMI2 usage in strrchr-evex-base.S
strrchr-evex-base used `vpcompress{b|d}` in the page cross logic but
was missing the CPU_FEATURE checks for VBMI2 in the
ifunc/ifunc-impl-list.
The fix is either to add those checks or change the logic to not use
`vpcompress{b|d}`. Choosing the latter here so that the strrchr-evex
implementation is usable on SKX.
New implementation is a bit slower, but this is in a cold path so its
probably okay.
Adhemerval Zanella [Wed, 15 Nov 2023 13:28:34 +0000 (10:28 -0300)]
posix: Check pidfd_spawn with tst-spawn7-pid
Without using the macro, posix_spawn is used instead.
Checked on x86_64-linux-gnu.
Andreas Larsson [Wed, 15 Nov 2023 12:29:43 +0000 (13:29 +0100)]
sparc: Fix broken memset for sparc32 [BZ #31068]
Fixes commit
a61933fe27df ("sparc: Remove bzero optimization") that
after moving code jumped to the wrong label 4.
Verfied by successfully running string/test-memset on sparc32.
Signed-off-by: Andreas Larsson <andreas@gaisler.com>
Signed-off-by: Ludwig Rydberg <ludwig.rydberg@gaisler.com>
Reviewed-by: Adhemerval Zanella <adhemerval.zanella@linaro.org>
Gaël PORTAY [Sat, 11 Nov 2023 17:32:36 +0000 (18:32 +0100)]
y2038: Fix support for 64-bit time on legacy ABIs
This fixes a typo.
Reviewed-by: Adhemerval Zanella <adhemerval.zanella@linaro.org>
Samuel Thibault [Tue, 14 Nov 2023 22:55:35 +0000 (23:55 +0100)]
hurd: Fix spawni returning allocation errors.
Samuel Thibault [Tue, 14 Nov 2023 01:03:35 +0000 (02:03 +0100)]
hurd: Make _hurd_intr_rpc_mach_msg avoid returning MACH_SEND_INTERRUPTED
When the given options do not include MACH_SEND_INTERRUPT,
_hurd_intr_rpc_mach_msg (aka mach_msg) is not supposed to return
MACH_SEND_INTERRUPTED. In such a case we thus have to retry sending the
message.
This was observed to fix various occurrences of spurious
"(ipc/send) interrupted" errors when running haskell programs.
Wilco Dijkstra [Thu, 26 Oct 2023 16:30:36 +0000 (17:30 +0100)]
AArch64: Remove Falkor memcpy
The latest implementations of memcpy are actually faster than the Falkor
implementations [1], so remove the falkor/phecda ifuncs for memcpy and
the now unused IS_FALKOR/IS_PHECDA defines.
[1] https://sourceware.org/pipermail/libc-alpha/2022-December/144227.html
Reviewed-by: Adhemerval Zanella <adhemerval.zanella@linaro.org>
Wilco Dijkstra [Thu, 26 Oct 2023 16:07:21 +0000 (17:07 +0100)]
AArch64: Add memset_zva64
Add a specialized memset for the common ZVA size of 64 to avoid the
overhead of reading the ZVA size. Since the code is identical to
__memset_falkor, remove the latter.
Reviewed-by: Adhemerval Zanella <adhemerval.zanella@linaro.org>
Wilco Dijkstra [Thu, 26 Oct 2023 15:34:47 +0000 (16:34 +0100)]
AArch64: Cleanup emag memset
Cleanup emag memset - merge the memset_base64.S file, remove
the unused ZVA code (since it is disabled on emag).
Reviewed-by: Adhemerval Zanella <adhemerval.zanella@linaro.org>
Yanzhang Wang [Thu, 26 Oct 2023 03:26:10 +0000 (11:26 +0800)]
test: Run the tst-tls-allocation-failure-static-patched with test-wrapper.
If we use cross test with ssh, this test needs to be ran on the remote.
Joe Ramsay [Fri, 3 Nov 2023 12:12:23 +0000 (12:12 +0000)]
aarch64: Add vector implementations of log1p routines
May discard sign of zero.
Joe Ramsay [Fri, 3 Nov 2023 12:12:22 +0000 (12:12 +0000)]
aarch64: Add vector implementations of atan2 routines
Joe Ramsay [Fri, 3 Nov 2023 12:12:21 +0000 (12:12 +0000)]
aarch64: Add vector implementations of atan routines
Joe Ramsay [Fri, 3 Nov 2023 12:12:20 +0000 (12:12 +0000)]
aarch64: Add vector implementations of acos routines
Joe Ramsay [Fri, 3 Nov 2023 12:12:19 +0000 (12:12 +0000)]
aarch64: Add vector implementations of asin routines
Paul Eggert [Thu, 9 Nov 2023 02:19:08 +0000 (18:19 -0800)]
Fix type typo in “String/Array Conventions” doc
* manual/string.texi (String/Array Conventions):
Fix typo reported by Alejandro Colomar <alx@kernel.org> in:
https://sourceware.org/pipermail/libc-alpha/2023-November/152646.html
Florian Weimer [Wed, 8 Nov 2023 14:18:02 +0000 (15:18 +0100)]
stdlib: Avoid element self-comparisons in qsort
This improves compatibility with applications which assume that qsort
does not invoke the comparison function with equal pointer arguments.
The newly introduced branches should be predictable, as leading to a
call to the comparison function. If the prediction fails, we avoid
calling the function.
Reviewed-by: Adhemerval Zanella <adhemerval.zanella@linaro.org>
Adhemerval Zanella [Wed, 1 Nov 2023 12:56:11 +0000 (09:56 -0300)]
elf: Add glibc.mem.decorate_maps tunable
The PR_SET_VMA_ANON_NAME support is only enabled through a configurable
kernel switch, mainly because assigning a name to a
anonymous virtual memory area might prevent that area from being
merged with adjacent virtual memory areas.
For instance, with the following code:
void *p1 = mmap (NULL,
1024 * 4096,
PROT_READ | PROT_WRITE,
MAP_PRIVATE | MAP_ANONYMOUS,
-1,
0);
void *p2 = mmap (p1 + (1024 * 4096),
1024 * 4096,
PROT_READ | PROT_WRITE,
MAP_PRIVATE | MAP_ANONYMOUS,
-1,
0);
The kernel will potentially merge both mappings resulting in only one
segment of size 0x800000. If the segment is names with
PR_SET_VMA_ANON_NAME with different names, it results in two mappings.
Although this will unlikely be an issue for pthread stacks and malloc
arenas (since for pthread stacks the guard page will result in
a PROT_NONE segment, similar to the alignment requirement for the arena
block), it still might prevent the mmap memory allocated for detail
malloc.
There is also another potential scalability issue, where the prctl
requires
to take the mmap global lock which is still not fully fixed in Linux
[1] (for pthread stacks and arenas, it is mitigated by the stack
cached and the arena reuse).
So this patch disables anonymous mapping annotations as default and
add a new tunable, glibc.mem.decorate_maps, can be used to enable
it.
[1] https://lwn.net/Articles/906852/
Checked on x86_64-linux-gnu and aarch64-linux-gnu.
Reviewed-by: DJ Delorie <dj@redhat.com>
Adhemerval Zanella [Wed, 1 Nov 2023 12:56:10 +0000 (09:56 -0300)]
linux: Decorate __libc_fatal error buffer
Reviewed-by: DJ Delorie <dj@redhat.com>
Adhemerval Zanella [Wed, 1 Nov 2023 12:56:09 +0000 (09:56 -0300)]
assert: Decorate error message buffer
Reviewed-by: DJ Delorie <dj@redhat.com>
Adhemerval Zanella [Wed, 1 Nov 2023 12:56:08 +0000 (09:56 -0300)]
malloc: Decorate malloc maps
Add anonymous mmap annotations on loader malloc, malloc when it
allocates memory with mmap, and on malloc arena. The /proc/self/maps
will now print:
[anon: glibc: malloc arena]
[anon: glibc: malloc]
[anon: glibc: loader malloc]
On arena allocation, glibc annotates only the read/write mapping.
Checked on x86_64-linux-gnu and aarch64-linux-gnu.
Reviewed-by: DJ Delorie <dj@redhat.com>
Adhemerval Zanella [Wed, 1 Nov 2023 12:56:07 +0000 (09:56 -0300)]
nptl: Decorate thread stack on pthread_create
Linux 4.5 removed thread stack annotations due to the complexity of
computing them [1], and Linux added PR_SET_VMA_ANON_NAME on 5.17
as a way to name anonymous virtual memory areas.
This patch adds decoration on the stack created and used by
pthread_create, for glibc crated thread stack the /proc/self/maps will
now show:
[anon: glibc: pthread stack: <tid>]
And for user-provided stacks:
[anon: glibc: pthread user stack: <tid>]
The guard page is not decorated, and the mapping name is cleared when
the thread finishes its execution (so the cached stack does not have any
name associated).
Checked on x86_64-linux-gnu aarch64 aarch64-linux-gnu.
[1] https://github.com/torvalds/linux/commit/
65376df582174ffcec9e6471bf5b0dd79ba05e4a
Co-authored-by: Ian Rogers <irogers@google.com>
Reviewed-by: DJ Delorie <dj@redhat.com>
Adhemerval Zanella [Wed, 1 Nov 2023 12:56:06 +0000 (09:56 -0300)]
support: Add support_set_vma_name
Check if kernel supports prctl (PR_SET_VMA, PR_SET_VMA_ANON_NAME, ...).
Reviewed-by: DJ Delorie <dj@redhat.com>
Adhemerval Zanella [Wed, 1 Nov 2023 12:56:05 +0000 (09:56 -0300)]
linux: Add PR_SET_VMA_ANON_NAME support
Linux 5.17 added support to naming anonymous virtual memory areas
through the prctl syscall. The __set_vma_name is a wrapper to avoid
optimizing the prctl call if the kernel does not support it.
If the kernel does not support PR_SET_VMA_ANON_NAME, prctl returns
EINVAL. And it also returns the same error for an invalid argument.
Since it is an internal-only API, it assumes well-formatted input:
aligned START, with (START, START+LEN) being a valid memory range,
and NAME with a limit of 80 characters without an invalid one
("\\`$[]").
Reviewed-by: DJ Delorie <dj@redhat.com>
Samuel Thibault [Tue, 7 Nov 2023 11:51:25 +0000 (12:51 +0100)]
hurd: statfsconv: Add missing f_ffree conversion
Flavio Cruz [Mon, 6 Nov 2023 04:13:32 +0000 (23:13 -0500)]
Update BAD_TYPECHECK to work on x86_64
Message-ID: <ZUhn7LOcgLOJjKZr@jupiter.tail36e24.ts.net>
Sergio Durigan Junior [Wed, 1 Nov 2023 22:15:23 +0000 (18:15 -0400)]
sysdeps: sem_open: Clear O_CREAT when semaphore file is expected to exist [BZ #30789]
When invoking sem_open with O_CREAT as one of its flags, we'll end up
in the second part of sem_open's "if ((oflag & O_CREAT) == 0 || (oflag
& O_EXCL) == 0)", which means that we don't expect the semaphore file
to exist.
In that part, open_flags is initialized as "O_RDWR | O_CREAT | O_EXCL
| O_CLOEXEC" and there's an attempt to open(2) the file, which will
likely fail because it won't exist. After that first (expected)
failure, some cleanup is done and we go back to the label "try_again",
which lives in the first part of the aforementioned "if".
The problem is that, in that part of the code, we expect the semaphore
file to exist, and as such O_CREAT (this time the flag we pass to
open(2)) needs to be cleaned from open_flags, otherwise we'll see
another failure (this time unexpected) when trying to open the file,
which will lead the call to sem_open to fail as well.
This can cause very strange bugs, especially with OpenMPI, which makes
extensive use of semaphores.
Fix the bug by simplifying the logic when choosing open(2) flags and
making sure O_CREAT is not set when the semaphore file is expected to
exist.
A regression test for this issue would require a complex and cpu time
consuming logic, since to trigger the wrong code path is not
straightforward due the racy condition. There is a somewhat reliable
reproducer in the bug, but it requires using OpenMPI.
This resolves BZ #30789.
See also: https://bugs.launchpad.net/ubuntu/+source/h5py/+bug/2031912
Signed-off-by: Sergio Durigan Junior <sergiodj@sergiodj.net>
Co-Authored-By: Simon Chopin <simon.chopin@canonical.com>
Co-Authored-By: Adhemerval Zanella Netto <adhemerval.zanella@linaro.org>
Fixes:
533deafbdf189f5fbb280c28562dd43ace2f4b0f ("Use O_CLOEXEC in more places (BZ #15722)")
Joseph Myers [Fri, 3 Nov 2023 16:36:35 +0000 (16:36 +0000)]
Add SEGV_CPERR from Linux 6.6 to bits/siginfo-consts.h
Linux 6.6 adds the constant SEGV_CPERR. Add it to glibc's
bits/siginfo-consts.h.
Tested for x86_64.
Adhemerval Zanella [Tue, 31 Oct 2023 16:32:38 +0000 (13:32 -0300)]
linux: Sync Linux 6.6 elf.h
It adds NT_X86_SHSTK (
2fab02b25ae7cf5), NT_RISCV_CSR/NT_RISCV_VECTOR
(
9300f00439743c4), and NT_LOONGARCH_HW_BREAK/NT_LOONGARCH_HW_WATCH
(
1a69f7a161a78ae).
Adhemerval Zanella [Tue, 31 Oct 2023 16:32:37 +0000 (13:32 -0300)]
linux: Add HWCAP2_HBC from Linux 6.6 to AArch64 bits/hwcap.h
Adhemerval Zanella [Tue, 31 Oct 2023 16:32:36 +0000 (13:32 -0300)]
linux: Add FSCONFIG_CMD_CREATE_EXCL from Linux 6.6 to sys/mount.h
The tst-mount-consts.py does not need to be updated because kernel
exports it as an enum (compare_macro_consts can not parse it).
Adhemerval Zanella [Tue, 31 Oct 2023 16:32:35 +0000 (13:32 -0300)]
linux: Add MMAP_ABOVE4G from Linux 6.6 to sys/mman.h
x86 added the flag (
29f890d1050fc099f) for CET enabled.
Also update tst-mman-consts.py test.
Adhemerval Zanella [Tue, 31 Oct 2023 16:32:34 +0000 (13:32 -0300)]
Update kernel version to 6.6 in header constant tests
There are no new constants covered, the tst-mman-consts.py is
updated separately along with a header constant addition.
Adhemerval Zanella [Tue, 31 Oct 2023 16:32:33 +0000 (13:32 -0300)]
Update syscall lists for Linux 6.6
Linux 6.6 has one new syscall for all architectures, fchmodat2, and
the map_shadow_stack on x86_64.
Maxim Kuvyrkov [Fri, 19 May 2023 08:28:21 +0000 (08:28 +0000)]
Format test results closer to what DejaGnu does
The years of dealing with Binutils, GCC and GDB test results
made the community create good tools for comparison and analysis
of DejaGnu test results. This change allows to use those tools
for Glibc's test results as well.
The motivation for this change is Linaro's pre-commit testers,
which use a modified version of GCC's validate_failures.py
to create test xfail lists with baseline failures and known
flaky tests. See below links for an example xfails file (only
one link is supposed to work at any given time):
- https://ci.linaro.org/job/tcwg_glibc_check--master-arm-build/lastSuccessfulBuild/artifact/artifacts/artifacts.precommit/sumfiles/xfails.xfail/*view*/
- https://ci.linaro.org/job/tcwg_glibc_check--master-arm-build/lastSuccessfulBuild/artifact/artifacts/sumfiles/xfails.xfail/*view*/
Specifacally, this patch changes format of glibc's .sum files from ...
<cut>
FAIL: elf/test1
PASS: string/test2
</cut>
... to ...
<cut>
=== glibc tests ===
Running elf ...
FAIL: elf/test1
Running string ...
PASS: string/test2
</cut>.
And output of "make check" from ...
<cut>
FAIL: elf/test1
</cut>
... to ...
<cut>
FAIL: elf/test1
=== Summary of results ===
1 FAIL
1 PASS
</cut>.
Signed-off-by: Maxim Kuvyrkov <maxim.kuvyrkov@linaro.org>
Reviewed-by: Adhemerval Zanella <adhemerval.zanella@linaro.org>
Wilco Dijkstra [Tue, 24 Oct 2023 12:51:07 +0000 (13:51 +0100)]
AArch64: Cleanup ifuncs
Cleanup ifuncs. Remove uses of libc_hidden_builtin_def, use ENTRY rather than
ENTRY_ALIGN, remove unnecessary defines and conditional compilation. Rename
strlen_mte to strlen_generic. Remove rtld-memset.
Reviewed-by: Szabolcs Nagy <szabolcs.nagy@arm.com>
Arjun Shankar [Tue, 31 Oct 2023 09:44:32 +0000 (10:44 +0100)]
Use correct subdir when building tst-rfc3484* for mach and arm
Commit
7f602256ab5b85db1dbfb5f40bd109c4b37b68c8 moved the tst-rfc3484*
tests from posix/ to nss/, but didn't correct references to point to
their new subdir when building for mach and arm. This commit fixes
that.
Tested with build-many-glibcs.sh for i686-gnu.
Adhemerval Zanella [Tue, 3 Oct 2023 12:22:51 +0000 (09:22 -0300)]
stdlib: Add more qsort{_r} coverage
This patch adds a qsort and qsort_r to trigger the worst case
scenario for the quicksort (which glibc current lacks coverage).
The test is done with random input, dfferent internal types (uint8_t,
uint16_t, uint32_t, uint64_t, large size), and with
different set of element numbers.
Checked on x86_64-linux-gnu and i686-linux-gnu.
Reviewed-by: Noah Goldstein <goldstein.w.n@gmail.com>
Adhemerval Zanella [Tue, 3 Oct 2023 12:22:50 +0000 (09:22 -0300)]
stdlib: Remove use of mergesort on qsort (BZ 21719)
This patch removes the mergesort optimization on qsort implementation
and uses the introsort instead. The mergesort implementation has some
issues:
- It is as-safe only for certain types sizes (if total size is less
than 1 KB with large element sizes also forcing memory allocation)
which contradicts the function documentation. Although not required
by the C standard, it is preferable and doable to have an O(1) space
implementation.
- The malloc for certain element size and element number adds
arbitrary latency (might even be worse if malloc is interposed).
- To avoid trigger swap from memory allocation the implementation
relies on system information that might be virtualized (for instance
VMs with overcommit memory) which might lead to potentially use of
swap even if system advertise more memory than actually has. The
check also have the downside of issuing syscalls where none is
expected (although only once per execution).
- The mergesort is suboptimal on an already sorted array (BZ#21719).
The introsort implementation is already optimized to use constant extra
space (due to the limit of total number of elements from maximum VM
size) and thus can be used to avoid the malloc usage issues.
Resulting performance is slower due the usage of qsort, specially in the
worst-case scenario (partialy or sorted arrays) and due the fact
mergesort uses a slight improved swap operations.
This change also renders the BZ#21719 fix unrequired (since it is meant
to fix the sorted input performance degradation for mergesort). The
manual is also updated to indicate the function is now async-cancel
safe.
Checked on x86_64-linux-gnu.
Reviewed-by: Noah Goldstein <goldstein.w.n@gmail.com>
Adhemerval Zanella [Tue, 3 Oct 2023 12:22:49 +0000 (09:22 -0300)]
stdlib: Implement introsort for qsort (BZ 19305)
This patch makes the quicksort implementation to acts as introsort, to
avoid worse-case performance (and thus making it O(nlog n)). It switch
to heapsort when the depth level reaches 2*log2(total elements). The
heapsort is a textbook implementation.
Checked on x86_64-linux-gnu and aarch64-linux-gnu.
Reviewed-by: Noah Goldstein <goldstein.w.n@gmail.com>
Adhemerval Zanella [Tue, 3 Oct 2023 12:22:48 +0000 (09:22 -0300)]
stdlib: qsort: Move some macros to inline function
Reviewed-by: Noah Goldstein <goldstein.w.n@gmail.com>
Adhemerval Zanella [Tue, 3 Oct 2023 12:22:47 +0000 (09:22 -0300)]
stdlib: Move insertion sort out qsort
Reviewed-by: Noah Goldstein <goldstein.w.n@gmail.com>
Adhemerval Zanella [Tue, 3 Oct 2023 12:22:46 +0000 (09:22 -0300)]
stdlib: Optimization qsort{_r} swap implementation
The optimization takes in consideration both the most common elements
are either 32 or 64 bit in size and inputs are aligned to the word
boundary. This is similar to what msort does.
For large buffer the swap operation uses memcpy/mempcpy with a
small fixed size buffer (so compiler might inline the operations).
Checked on x86_64-linux-gnu.
Reviewed-by: Noah Goldstein <goldstein.w.n@gmail.com>
Adhemerval Zanella [Tue, 3 Oct 2023 12:22:45 +0000 (09:22 -0300)]
string: Add internal memswap implementation
The prototype is:
void __memswap (void *restrict p1, void *restrict p2, size_t n)
The function swaps the content of two memory blocks P1 and P2 of
len N. Memory overlap is NOT handled.
It will be used on qsort optimization.
Checked on x86_64-linux-gnu and aarch64-linux-gnu.
Reviewed-by: Noah Goldstein <goldstein.w.n@gmail.com>
Adhemerval Zanella [Tue, 31 Oct 2023 13:59:04 +0000 (10:59 -0300)]
crypt: Remove manul entry for --enable-crypt
Joseph Myers [Tue, 31 Oct 2023 13:36:51 +0000 (13:36 +0000)]
Use Linux 6.6 in build-many-glibcs.py
This patch makes build-many-glibcs.py use Linux 6.6.
Tested with build-many-glibcs.py (host-libraries, compilers and glibcs
builds).
Adhemerval Zanella [Mon, 2 Oct 2023 12:11:49 +0000 (09:11 -0300)]
crypt: Remove libcrypt support
All the crypt related functions, cryptographic algorithms, and
make requirements are removed, with only the exception of md5
implementation which is moved to locale folder since it is
required by localedef for integrity protection (libc's
locale-reading code does not check these, but localedef does
generate them).
Besides thec code itself, both internal documentation and the
manual is also adjusted. This allows to remove both --enable-crypt
and --enable-nss-crypt configure options.
Checked with a build for all affected ABIs.
Co-authored-by: Zack Weinberg <zack@owlfolio.org>
Reviewed-by: Carlos O'Donell <carlos@redhat.com>
Adhemerval Zanella [Mon, 2 Oct 2023 12:11:48 +0000 (09:11 -0300)]
sparc: Remove optimize md5, sha256, and sha512
The libcrypt was maked to be phase out on 2.38, and a better project
already exist that provide both compatibility and better API
(libxcrypt). The sparc optimizations add the burden to extra
build-many-glibcs.py configurations.
Checked on sparc64 and sparcv9.
Reviewed-by: Carlos O'Donell <carlos@redhat.com>
Adhemerval Zanella [Mon, 30 Oct 2023 16:03:28 +0000 (13:03 -0300)]
build-many-glibcs: Fix traililing whitespace
From commit
d846c2838942297c9644f2f38bdad0fb88f42245.
caiyinyu [Thu, 26 Oct 2023 09:27:21 +0000 (17:27 +0800)]
LoongArch: Delete excessively allocated memory.
caiyinyu [Mon, 23 Oct 2023 07:53:38 +0000 (15:53 +0800)]
LoongArch: Update hwcap.h to sync with LoongArch kernel.
caiyinyu [Fri, 20 Oct 2023 01:20:02 +0000 (09:20 +0800)]
LoongArch: Unify Register Names.
Wilco Dijkstra [Tue, 17 Oct 2023 15:54:21 +0000 (16:54 +0100)]
AArch64: Add support for MOPS memcpy/memmove/memset
Add support for MOPS in cpu_features and INIT_ARCH. Add ifuncs using MOPS for
memcpy, memmove and memset (use .inst for now so it works with all binutils
versions without needing complex configure and conditional compilation).
Reviewed-by: Szabolcs Nagy <szabolcs.nagy@arm.com>
Arjun Shankar [Mon, 2 Oct 2023 12:55:28 +0000 (14:55 +0200)]
Move getnameinfo from 'inet' to 'nss'
getnameinfo is an entry points for nss functionality. This commit moves
it from the 'inet' subdirectory to 'nss'. The corresponding Versions
entry is also moved from 'posix' into 'nss'.
Reviewed-by: Adhemerval Zanella <adhemerval.zanella@linaro.org>
Arjun Shankar [Mon, 2 Oct 2023 12:55:27 +0000 (14:55 +0200)]
Move getaddrinfo from 'posix' into 'nss'
getaddrinfo is an entry point for nss functionality. This commit moves
it from 'sysdeps/posix' to 'nss', gets rid of the stub in 'posix', and
moves all associated tests as well.
Reviewed-by: Adhemerval Zanella <adhemerval.zanella@linaro.org>
Arjun Shankar [Mon, 2 Oct 2023 12:55:26 +0000 (14:55 +0200)]
Move 'services' routines from 'inet' into 'nss'
The getservby* and getservent* routines are entry points for nss
functionality. This commit moves them from the 'inet' subdirectory to
'nss'.
Reviewed-by: Adhemerval Zanella <adhemerval.zanella@linaro.org>
Arjun Shankar [Mon, 2 Oct 2023 12:55:25 +0000 (14:55 +0200)]
Move 'rpc' routines from 'inet' into 'nss'
The getrpcby* and getrpcent* routines are entry points for nss
functionality. This commit moves them from the 'inet' subdirectory to
'nss'. The Versions entries for these routines along with a test,
located in the 'sunrpc' subdirectory, are also moved into 'nss'.
Reviewed-by: Adhemerval Zanella <adhemerval.zanella@linaro.org>
Arjun Shankar [Mon, 2 Oct 2023 12:55:24 +0000 (14:55 +0200)]
Move 'protocols' routines from 'inet' into 'nss'
The getprotoby* and getprotoent* routines are entry points for nss
functionality. This commit moves them from the 'inet' subdirectory to
'nss'.
Reviewed-by: Adhemerval Zanella <adhemerval.zanella@linaro.org>
Arjun Shankar [Mon, 2 Oct 2023 12:55:23 +0000 (14:55 +0200)]
Move 'networks' routines from 'inet' into 'nss'
The getnetby* and getnetent* routines are entry points for nss
functionality. This commit moves them from the 'inet' subdirectory to
'nss'.
Reviewed-by: Adhemerval Zanella <adhemerval.zanella@linaro.org>
Arjun Shankar [Mon, 2 Oct 2023 12:55:22 +0000 (14:55 +0200)]
Move 'netgroup' routines from 'inet' into 'nss'
These netgroup routines are entry points for nss functionality.
This commit moves them along with netgroup.h from the 'inet'
subdirectory to 'nss', and adjusts any references accordingly.
Reviewed-by: Adhemerval Zanella <adhemerval.zanella@linaro.org>
Arjun Shankar [Mon, 2 Oct 2023 12:55:21 +0000 (14:55 +0200)]
Move 'hosts' routines from 'inet' into 'nss'
The gethostby* and gethostent* routines are entry points for nss
functionality. This commit moves them from the 'inet' subdirectory to
'nss'.
Reviewed-by: Adhemerval Zanella <adhemerval.zanella@linaro.org>
Arjun Shankar [Mon, 2 Oct 2023 12:55:20 +0000 (14:55 +0200)]
Move 'ethers' routines from 'inet' into 'nss'
ether_hostton and ether_ntohost are entry points for nss functionality.
This commit moves them from the 'inet' subdirectory to 'nss', and
adjusts any references accordingly.
Reviewed-by: Adhemerval Zanella <adhemerval.zanella@linaro.org>
Arjun Shankar [Mon, 2 Oct 2023 12:55:19 +0000 (14:55 +0200)]
Move 'aliases' routines from 'inet' into 'nss'
The aliases routines are entry points for nss functionality. This
commit moves aliases.h and the aliases routines from the 'inet'
subdirectory to 'nss', and adjusts any external references.
Reviewed-by: Adhemerval Zanella <adhemerval.zanella@linaro.org>
Arjun Shankar [Mon, 2 Oct 2023 12:55:18 +0000 (14:55 +0200)]
Remove 'shadow' and merge into 'nss'
The majority of shadow routines are entry points for nss functionality.
This commit removes the 'shadow' subdirectory and moves all
functionality and tests to 'nss'. References to shadow/ are accordingly
changed.
Reviewed-by: Adhemerval Zanella <adhemerval.zanella@linaro.org>
Arjun Shankar [Mon, 2 Oct 2023 12:55:17 +0000 (14:55 +0200)]
Remove 'pwd' and merge into 'nss'
The majority of pwd routines are entry points for nss functionality.
This commit removes the 'pwd' subdirectory and moves all functionality
and tests to 'nss'. References to pwd/ are accordingly changed.
Reviewed-by: Adhemerval Zanella <adhemerval.zanella@linaro.org>
Arjun Shankar [Mon, 2 Oct 2023 12:55:16 +0000 (14:55 +0200)]
Remove 'gshadow' and merge into 'nss'
The majority of gshadow routines are entry points for nss functionality.
This commit removes the 'gshadow' subdirectory and moves all
functionality and tests to 'nss'. References to gshadow/ are
accordingly changed.
Reviewed-by: Adhemerval Zanella <adhemerval.zanella@linaro.org>
Arjun Shankar [Mon, 2 Oct 2023 12:55:15 +0000 (14:55 +0200)]
Remove 'grp' and merge into 'nss' and 'posix'
The majority of grp routines are entry points for nss functionality.
This commit removes the 'grp' subdirectory and moves all nss-relevant
functionality and all tests to 'nss', and the 'setgroups' stub into
'posix' (alongside the 'getgroups' stub). References to grp/ are
accordingly changed. In addition, compat-initgroups.c, a fallback
implementation of initgroups is renamed to initgroups-fallback.c so that
the build system does not confuse it for nss_compat/compat-initgroups.c.
Build time improves very slightly; e.g. down from an average of 45.5s to
44.5s on an 8-thread mobile x86_64 CPU.
Reviewed-by: Adhemerval Zanella <adhemerval.zanella@linaro.org>
Adhemerval Zanella [Mon, 23 Oct 2023 16:33:47 +0000 (13:33 -0300)]
malloc: Fix tst-tcfree3 build csky-linux-gnuabiv2 with fortify source
With gcc 13.1 with --enable-fortify-source=2, tst-tcfree3 fails to
build on csky-linux-gnuabiv2 with:
../string/bits/string_fortified.h: In function ‘do_test’:
../string/bits/string_fortified.h:26:8: error: inlining failed in call
to ‘always_inline’ ‘memcpy’: target specific option mismatch
26 | __NTH (memcpy (void *__restrict __dest, const void *__restrict
__src,
| ^~~~~~
../misc/sys/cdefs.h:81:62: note: in definition of macro ‘__NTH’
81 | # define __NTH(fct) __attribute__ ((__nothrow__ __LEAF)) fct
| ^~~
tst-tcfree3.c:45:3: note: called from here
45 | memcpy (c, a, 32);
| ^~~~~~~~~~~~~~~~~
Instead of relying on -O0 to avoid malloc/free to be optimized away,
disable the builtin.
Reviewed-by: DJ Delorie <dj@redhat.com>
Simon Chopin [Thu, 5 Oct 2023 12:54:31 +0000 (14:54 +0200)]
test-container: disable ld.so system cache on DSO detection
When building the testroot, the script runs the newly built ld.so on a
couple of binaries in order to copy over any additional libraries
needed. However, if the dependencies are found in the system cache, it
will be copied over using that path.
This is problematic if the system ld.so and the one built don't have the
exact same search configuration. We encountered this in Ubuntu, where we
build a variant of libc with -fno-omit-frame-pointer for accurate
performance profiling.
This variant is built using a non-standard slibdir to be able to be
co-installed with the default library (e.g. slibdir = /lib/libc6-prof).
Since we have /lib pointing to /usr/lib, any additional dependency
should still be reachable via /usr. However, resolving via the cache
might result in the additional DSOs being copied into $testroot/lib, out
of the search path in the container.
The problem has been triggered by
1d5024f4f052c12e404d42d3b5bfe9c3e9fd27c4
("support: Build with exceptions and asynchronous unwind tables [BZ #30587]")
which introduced a dependency on libgcc_s.so.1 under some circumstances.
Downstream bug: https://bugs.launchpad.net/ubuntu/+source/glibc/+bug/2031495
Reviewed-by: Adhemerval Zanella <adhemerval.zanella@linaro.org>
Joe Ramsay [Thu, 5 Oct 2023 16:10:52 +0000 (17:10 +0100)]
aarch64: Add vector implementations of exp10 routines
Double-precision routines either reuse the exp table (AdvSIMD) or use
SVE FEXPA intruction.
Joe Ramsay [Thu, 5 Oct 2023 16:10:51 +0000 (17:10 +0100)]
aarch64: Add vector implementations of log10 routines
A table is also added, which is shared between AdvSIMD and SVE log10.
Joe Ramsay [Thu, 5 Oct 2023 16:10:50 +0000 (17:10 +0100)]
aarch64: Add vector implementations of log2 routines
A table is also added, which is shared between AdvSIMD and SVE log2.
Joe Ramsay [Thu, 5 Oct 2023 16:10:49 +0000 (17:10 +0100)]
aarch64: Add vector implementations of exp2 routines
Some routines reuse table from v_exp_data.c