review.tizen.org Git - platform/upstream/glibc.git/log

LoongArch: Fix static PIE condition for toolchain bootstrapping.

This patch allows the static PIE startfile rcrt1.o to be built
without requiring libgcc_s.so from GCC, which depends on libc
in the first place.

chk: Add and fix hidden builtin definitions for *_chk

Otherwise on gnu-i686 there are unwanted PLT entries in libc.so when
fortification is enabled.

Tested for i686-gnu, x86_64-gnu, i686-linux-gnu and x86_64-linux-gnu

tst-realpath-toolong: return "unsupported" when PATH_MAX is undefined

When PATH_MAX is undefined, realpath cannot ever ENAMETOOLONG, so
this test is unsupported.

Subject: hurd: Make __realpath return EINVAL on NULL buf

As Posix and stdlib/test-canon.c expects it, and rather than letting
pathconf crash.

tst-*glob*: Do not check d_name size

Posix says that d_name is of unspecified size, and sizeof(d_name)
should not be used. It is indeed only 1-byte long in bits/dirent.h. We
can instead explictly provide the actual allocated size to
__strcpy_chk.

hurd: Do not include full <stdarg.h> in <hurd.h>

This fixes a hurd/check-installed-headers-c failure with
-std=c89 #define _FORTIFY_SOURCE 1:

In file included from ../hurd/hurd.h:354,
                 from ../sysdeps/hurd/include/hurd.h:2,
                 from /tmp/cih_test_9IaUwa.c:10:
/home/bmg/install/compilers/i686-gnu/lib/gcc/i686-glibc-gnu/13.2.1/include/stdarg.h:54:34: error: "__STDC_VERSION__" is not defined, evaluates to 0 [-Werror=undef]
   54 | #if !defined(__STRICT_ANSI__) || __STDC_VERSION__ + 0 >= 199900L \
      |                                  ^~~~~~~~~~~~~~~~
/home/bmg/install/compilers/i686-gnu/lib/gcc/i686-glibc-gnu/13.2.1/include/stdarg.h:55:8: error: "__cplusplus" is not defined, evaluates to 0 [-Werror=undef]
   55 |     || __cplusplus + 0 >= 201103L
      |        ^~~~~~~~~~~
cc1: all warnings being treated as errors

Reviewed-by: Samuel Thibault <samuel.thibault@ens-lyon.org>

iconv: restore verbosity with unrecognized encoding names (bug 30694)

Commit 91927b7c76 ("Rewrite iconv option parsing [BZ #19519]") changed the
iconv program to call __gconv_open directly instead of the iconv_open
wrapper, but the former does not set errno. Update the caller to
interpret the return codes like iconv_open does.

configure: Remove --enable-all-warnings option

The option is not activelly tested and has bitrotten, to fix it
would require a lot of work and multiple fixes. A better option
would to evaluate each option and enable the warning if it makes
sense.
Reviewed-by: Siddhesh Poyarekar <siddhesh@sourceware.org>

Add IP_PROTOCOL from Linux 6.4 to bits/in.h

Linux 6.4 adds a new constant IP_PROTOCOL; add it to glibc's
bits/in.h.

Tested for x86_64.

Update kernel version to 6.4 in header constant tests

This patch updates the kernel version in the tests tst-mman-consts.py,
tst-mount-consts.py and tst-pidfd-consts.py to 6.4. (There are no new
constants covered by these tests in 6.4 that need any other header
changes.)

Tested with build-many-glibcs.py.

PowerPC: Influence cpu/arch hwcap features via GLIBC_TUNABLES

This patch enables the option to influence hwcaps used by PowerPC.
The environment variable, GLIBC_TUNABLES=glibc.cpu.hwcaps=-xxx,yyy,-zzz....,
can be used to enable CPU/ARCH feature yyy, disable CPU/ARCH feature xxx
and zzz, where the feature name is case-sensitive and has to match the ones
mentioned in the file{sysdeps/powerpc/dl-procinfo.c}.

Note that the hwcap tunables only used in the IFUNC selection.
Reviewed-by: Adhemerval Zanella <adhemerval.zanella@linaro.org>

vfprintf-internal: Get rid of alloca.

Avoid potential stack overflow from unbounded alloca. Use the existing
scratch_buffer instead.

Add testcases to exercise the code as suggested by Adhemerval Zanella Netto.

Reviewed-by: Adhemerval Zanella <adhemerval.zanella@linaro.org>

stdlib: Improve tst-realpath compatibility with source fortification

On GCC before 11, IPA can make the fortified realpath aware that the
buffer size is not large enough (8 bytes instead of PATH_MAX bytes).
Fix this by using a buffer that is large enough.

Open master branch for glibc 2.39 development

Signed-off-by: Andreas K. Hüttel <dilfridge@gentoo.org>

NEWS: Fix typos

Signed-off-by: Andreas K. Hüttel <dilfridge@gentoo.org>

Create ChangeLog.old/ChangeLog.27

Signed-off-by: Andreas K. Hüttel <dilfridge@gentoo.org>

Increase version numbers

Signed-off-by: Andreas K. Hüttel <dilfridge@gentoo.org>

INSTALL: regenerate

Signed-off-by: Andreas K. Hüttel <dilfridge@gentoo.org>

NEWS: minor wording fixes

Signed-off-by: Andreas K. Hüttel <dilfridge@gentoo.org>

install.texi: Build was tested with binutils 2.41 (just released)

Signed-off-by: Andreas K. Hüttel <dilfridge@gentoo.org>

install.texi: Update versions of most recent build tools

Signed-off-by: Andreas K. Hüttel <dilfridge@gentoo.org>

contrib.texi: Update for 2.38

Signed-off-by: Andreas K. Hüttel <dilfridge@gentoo.org>

<sys/platform/x86.h>: Add APX support

Add support for Intel Advanced Performance Extensions:

https://www.intel.com/content/www/us/en/developer/articles/technical/advanced-performance-extensions-apx.html

to <sys/platform/x86.h>.

translations: update cs, nl, vi

Signed-off-by: Andreas K. Hüttel <dilfridge@gentoo.org>

string: Fix tester build with fortify enable with gcc 6

When building with fortify enabled, GCC 6 issues an warning the fortify
wrapper might overflow the destination buffer. However, GCC does not
provide a specific flag to disable the warning (the failure is tied to
-Werror). So to avoid disable all errors, only enable the check for
GCC 7 or newer.

Checked on i686-linux-gnu.
Reviewed-by: Carlos O'Donell <carlos@redhat.com>

linux: Fix i686 with gcc6

On __convert_scm_timestamps GCC 6 issues an warning that tvts[0]/tvts[1]
maybe be used uninitialized, however it would be used if type is set to a
value different than 0 (done by either COMPAT_SO_TIMESTAMP_OLD or
COMPAT_SO_TIMESTAMPNS_OLD) which will fallthrough to 'common' label.

It does not show with gcc 7 or more recent versions.

Checked on i686-linux-gnu.
Reviewed-by: Carlos O'Donell <carlos@redhat.com>

i386: Remove memset_chk-nonshared.S

Similar to memcpy, mempcpy, and memmove there is no need for an
specific memset_chk-nonshared.S. It can be provided by
memset-ia32.S itself for static library.

Checked on i686-linux-gnu.
Reviewed-by: Carlos O'Donell <carlos@redhat.com>

i386: Fix build with --enable-fortify=3

The i386 string routines provide multiple internal definitions
for memcpy, memmove, and mempcpy chk routines:

  $ objdump -t libc.a | grep __memcpy_chk
  00000000 g     F .text  0000000e __memcpy_chk
  00000000 g     F .text  00000013 __memcpy_chk
  $ objdump -t libc.a | grep __mempcpy_chk
  00000000 g     F .text  0000000e __mempcpy_chk
  00000000 g     F .text  00000013 __mempcpy_chk
  $ objdump -t libc.a | grep __memmove_chk
  00000000 g     F .text  0000000e __memmove_chk
  00000000 g     F .text  00000013 __memmove_chk

Although is not an issue for normal static builds, with fortify=3
glibc itself might use the fortify chk functions and thus static
build might fail with multiple definitions.  For instance:

x86_64-glibc-linux-gnu-gcc -m32 -march=i686 -o [...]math/test-signgam-uchar-static -nostdlib -nostartfiles -static -static-pie [...]
x86_64-glibc-linux-gnu/bin/ld: [...]/libc.a(mempcpy-ia32.o):
in function `__mempcpy_chk': [...]/glibc-git/string/../sysdeps/i386/i686/mempcpy.S:32: multiple definition of `__mempcpy_chk';
[...]/libc.a(mempcpy_chk-nonshared.o):[...]/debug/../sysdeps/i386/mempcpy_chk.S:28: first defined here
collect2: error: ld returned 1 exit status
make[2]: *** [../Rules:298:

There is no need for mem*-nonshared.S, the __mem*_chk routines
are already provided by the assembly routines.

Checked on i686-linux-gnu with gcc 13 built with fortify=1,2,3 and
without fortify.
Reviewed-by: Carlos O'Donell <carlos@redhat.com>

posix: Fix test-errno build with fortify enable

With gcc 11.3.1, building with -D_FORTIFY_SOURCE=2 shows:

In function ‘getgroups’,
    inlined from ‘do_test’ at test-errno.c:129:12:
../misc/sys/cdefs.h:195:6: error: argument 1 value -1 is negative
[-Werror=stringop-overflow=]
  195 |    ? __ ## f ## _alias (__VA_ARGS__)
      \
      |      ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
../posix/bits/unistd.h:115:10: note: in expansion of macro
‘__glibc_fortify’
  115 |   return __glibc_fortify (getgroups, __size, sizeof (__gid_t),
      |          ^~~~~~~~~~~~~~~
../posix/bits/unistd.h: In function ‘do_test’:
../posix/bits/unistd-decl.h:135:28: note: in a call to function
‘__getgroups_alias’ declared with attribute ‘access (write_only, 2, 1)’
  135 | extern int __REDIRECT_NTH (__getgroups_alias, (int __size,
      __gid_t __list[]),
      |                            ^~~~~~~~~~~~~~~~~
../misc/sys/cdefs.h:264:6: note: in definition of macro ‘__REDIRECT_NTH’
  264 |      name proto __asm__ (__ASMNAME (#alias)) __THROW

It builds fine with gcc 12 and gcc 13.

Checked on x86_64-linux-gnu.
Reviewed-by: Carlos O'Donell <carlos@redhat.com>

powerpc: Fix powerpc64 strchrnul build with old gcc

The compiler might not see that internal definition is an alias
due the libc_ifunc macro, which redefines __strchrnul.  With
gcc 6 it fails with:

In file included from <command-line>:0:0:
./../include/libc-symbols.h:472:33: error: ‘__EI___strchrnul’ aliased to
undefined symbol ‘__GI___strchrnul’
   extern thread __typeof (name) __EI_##name \
                                 ^
./../include/libc-symbols.h:468:3: note: in expansion of macro
‘__hidden_ver2’
   __hidden_ver2 (, local, internal, name)
   ^~~~~~~~~~~~~
./../include/libc-symbols.h:476:29: note: in expansion of macro
‘__hidden_ver1’
#  define hidden_def(name)  __hidden_ver1(__GI_##name, name, name);
                             ^~~~~~~~~~~~~
./../include/libc-symbols.h:557:32: note: in expansion of macro
‘hidden_def’
# define libc_hidden_def(name) hidden_def (name)
                                ^~~~~~~~~~
../sysdeps/powerpc/powerpc64/multiarch/strchrnul.c:38:1: note: in
expansion of macro ‘libc_hidden_def’
libc_hidden_def (__strchrnul)
^~~~~~~~~~~~~~~

Use libc_ifunc_hidden as stpcpy.  Checked on powerpc64 with
gcc 6 and gcc 13.
Reviewed-by: Carlos O'Donell <carlos@redhat.com>

sunrpc: Fix netname build with older gcc

The -Wformat-overflow was added by gcc 8.
Reviewed-by: Carlos O'Donell <carlos@redhat.com>

malloc: Fix set-freeres.c with gcc 6

Old GCC might trigger the the comparison will always evaluate as ‘true’
warnig for static build:

set-freeres.c:87:14: error: the comparison will always evaluate as
‘true’ for the address of ‘__libc_getgrgid_freemem_ptr’ will never be
NULL [-Werror=address]
if (&__ptr != NULL) \

So add pragma weak for all affected usages.

Checked on x86_64 and i686 with gcc 6 and 13.
Reviewed-by: Carlos O'Donell <carlos@redhat.com>

NEWS: Insert autogenerated list of fixed bugs

Signed-off-by: Andreas K. Hüttel <dilfridge@gentoo.org>

NEWS: Mention AArch64 libmvec under build requirements again

Signed-off-by: Andreas K. Hüttel <dilfridge@gentoo.org>

NEWS: Minor editorial changes

Signed-off-by: Andreas K. Hüttel <dilfridge@gentoo.org>

MIPS: Update mips32 and mip64 libm test ulps

Generated on a Cavium Octeon III 2 board running Linux version 4.19.249
and GCC 13.1.0.

Needed due to commit cf7ffdd8a5f6 ("added pair of inputs for hypotf in
binary32").

nscd: cleanup obsolete _FORTIFY_SOURCE setting

This was added in 233399bce2e79e5af3b344782e9943d5f1a9cdcb just for warn_if_unused
warnings rather than anything substantial.

Now that we have a proper configure argument for F_S (--enable-fortify-source),
just drop this entirely, to avoid conflicting with e.g. detected --enable-fortify-source
finding F_S=3, then nscd's Makefile setting F_S=2, resulting in a build-failure
because of the redefinition.

Signed-off-by: Sam James <sam@gentoo.org>
Signed-off-by: Andreas K. Hüttel <dilfridge@gentoo.org>
Reviewed-by: Andreas K. Hüttel <dilfridge@gentoo.org>

Include sys/rseq.h in tst-rseq-disable.c

Starting with commit 2c6b4b272e6b4d07303af25709051c3e96288f2d
"nptl: Unconditionally use a 32-byte rseq area", the testcase
misc/tst-rseq-disable is UNSUPPORTED as RSEQ_SIG is not defined.

The mentioned commit removes inclusion of sys/rseq.h in nptl/descr.h.
Thus just include sys/rseq.h in the tst-rseq-disable.c as also done
in tst-rseq.c and tst-rseq-nptl.c.
Reviewed-by: Florian Weimer <fweimer@redhat.com>

string: Fix tester with fortify enabled

If fortify is enabled, the truncated output warning is issued by
the wrapper itself:

In function ‘strncpy’,
    inlined from ‘test_strncpy’ at tester.c:505:10:
../string/bits/string_fortified.h:95:10: error: ‘__builtin_strncpy’
destination unchanged after copying no bytes from a string of length 3
[-Werror=stringop-truncation]
   95 |   return __builtin___strncpy_chk (__dest, __src, __len,
      |          ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
   96 |                                   __glibc_objsize (__dest));
      |                                   ~~~~~~~~~~~~~~~~~~~~~~~~~
In file included from ../include/bits/string_fortified.h:1,
                 from ../string/string.h:548,
                 from ../include/string.h:60,
                 from tester.c:33,
                 from inl-tester.c:6:
In function ‘strncpy’,
    inlined from ‘test_strncpy’ at tester.c:505:10:

Checked on x86_64-linux-gnu.
Reviewed-by: Carlos O'Donell <carlos@redhat.com>

string: Fix bug-strncat1 with fortify enabled

If fortify is enabled, the truncated output warning is issued by
the wrapper itself:

bug-strncat1.c: In function ‘main’:
bug-strncat1.c:14:3: error: ‘__builtin___strncat_chk’ output truncated
copying 1 byte from a string of length 2 [-Werror=stringop-truncation]
14 | strncat (d, "\5\6", 1);
| ^

Checked on x86_64-linux-gnu.
Reviewed-by: Carlos O'Donell <carlos@redhat.com>

nscd: Use errval, not errno to guide cache update (bug 30662)

The errno variable is potentially clobbered by the preceding
send call. It is not related to the to-be-cached information.
The parallel code in hstcache.c and servicescache.c already uses
errval.

Reviewed-by: Siddhesh Poyarekar <siddhesh@sourceware.org>

Restore lookup of IPv4 mapped addresses in files database (bug 25457)

This was broken by commit 9c02d0784d ("nss_files: Remove RES_USE_INET6
from hosts processing"), which removed too much.

Revert "MIPS: Sync elf.h from binutils"

Leads to build failures (preprocessor redefinitions), and there is not
enough time to address this properly. Deferred until after 2.38 release.

This reverts commit 59dc07637fa1a693bd7599a98b0735697544077b.

Signed-off-by: Andreas K. Hüttel <dilfridge@gentoo.org>

riscv: Update rvd libm test ulps

Generated on a VisionFive 2 board running Linux version 6.4.2 and
GCC 13.1.0.

Needed due to commit cf7ffdd8a5f6 ("added pair of inputs for hypotf in
binary32").

MIPS: Sync elf.h from binutils

Add new definitions for the MIPS target, specifically: relocation
types, machine flags, section type names, and object attribute tags
and values. On MIPS64, up to three relocations may be specified
within r_info, by the r_type, r_type2, and r_type3 fields, so add new
macros to get the respective reloc types for MIPS64.

Merge translations (bg, hr, pl, sv)

Signed-off-by: Andreas K. Hüttel <dilfridge@gentoo.org>

nptl: Unconditionally use a 32-byte rseq area

If the kernel headers provide a larger struct rseq, we used that
size as the argument to the rseq system call. As a result,
rseq registration would fail on older kernels which only accept
size 32.

hurd: Fix tst-openloc

On GNU/Hurd, O_RDWR actually is O_WRONLY|O_RDONLY, so checking through
bitness really is wrong. O_ACCMODE is there for this.

Fixes: 5324d258427f ("fileops: Don't process ,ccs= as individual mode flags (BZ#18906)")

scripts: Fix fortify checks if compiler does not support _FORTIFY_SOURCE=3

The 30379efad1 added _FORTIFY_SOURCE checks without check if compiler
does support all used fortify levels. This patch fixes it by first
checking at configure time the maximum support fortify level and using
it instead of a pre-defined one.

Checked on x86_64 with gcc 11, 12, and 13.

Reviewed-by: Siddhesh Poyarekar <siddhesh@sourceware.org>
Tested-by: Florian Weimer <fweimer@redhat.com>

configure: Disable building libcrypt by default

We mentioned eventual dropping of libcrypt in the 2.28 NEWS. Actually
put that plan in motion by first disabling building libcrypt by default.
note in NEWS that the library will be dropped completely in a future
release.

Also add a couple of builds into build-many-glibcs.py.

Signed-off-by: Siddhesh Poyarekar <siddhesh@sourceware.org>
Reviewed-by: Andreas K. Hüttel <dilfridge@gentoo.org>

nptl: Make tst-tls3mod.so explicitly lazy

Fixes the following test-time errors, that lead to FAILs, on toolchains
that set -z now out o the box, such as the one used on Gentoo Hardened:

  .../build-x86-x86_64-pc-linux-gnu-nptl $ grep '' nptl/tst-tls3*.out
  nptl/tst-tls3.out:dlopen failed
  nptl/tst-tls3-malloc.out:dlopen failed

Reviewed-by: Florian Weimer <fweimer@redhat.com>
Signed-off-by: Andreas K. Hüttel <dilfridge@gentoo.org>

make ‘struct pthread’ a complete type

* nptl/descr.h (struct pthread): Remove end_padding member, which
made this type incomplete.
(PTHREAD_STRUCT_END_PADDING): Stop using end_padding.

Reviewed-by: Siddhesh Poyarekar <siddhesh@sourceware.org>

scripts: Add fortify checks on installed headers

The _FORTIFY_SOURCE is used as default by some system compilers,
and there is no way to check if some fortify extension does not
trigger any conformance issue.

Checked on x86_64-linux-gnu.

Reviewed-by: Carlos O'Donell <carlos@redhat.com>

Update x86_64 libm-test-ulps (x32 ABI)

Based on feedback by Mike Gilbert <floppym@gentoo.org>
Linux-6.1.38-dist x86_64 AMD Phenom-tm- II X6 1055T Processor
-march=amdfam10
failures occur for x32 ABI

Signed-off-by: Andreas K. Hüttel <dilfridge@gentoo.org>

Fix getting return address in elf/tst-audit28.c.

Starting with commit 1bcfe0f732066ae5336b252295591ebe7e51c301, the
test was enhanced and the object for __builtin_return_address (0)
is searched with _dl_find_object.

Unfortunately on e.g. s390 (31bit), a postprocessing step is needed
as the highest bit has to be masked out. This can be done with
__builtin_extract_return_addr.

Without this postprocessing, _dl_find_object returns with -1 and the
content of dlfo is invalid, which may lead to segfaults in basename.
Therefore those checks are now only done on success.
Reviewed-by: Florian Weimer <fweimer@redhat.com>

[PATCH v1] x86: Use `3/4*sizeof(per-thread-L3)` as low bound for NT threshold.

On some machines we end up with incomplete cache information. This can
make the new calculation of `sizeof(total-L3)/custom-divisor` end up
lower than intended (and lower than the prior value). So reintroduce
the old bound as a lower bound to avoid potentially regressing code
where we don't have complete information to make the decision.
Reviewed-by: DJ Delorie <dj@redhat.com>

x86: Fix slight bug in `shared_per_thread` cache size calculation.

After:
```
    commit af992e7abdc9049714da76cae1e5e18bc4838fb8
    Author: Noah Goldstein <goldstein.w.n@gmail.com>
    Date:   Wed Jun 7 13:18:01 2023 -0500

        x86: Increase `non_temporal_threshold` to roughly `sizeof_L3 / 4`
```

Split `shared` (cumulative cache size) from `shared_per_thread` (cache
size per socket), the `shared_per_thread` *can* be slightly off from
the previous calculation.

Previously we added `core` even if `threads_l2` was invalid, and only
used `threads_l2` to divide `core` if it was present. The changed
version only included `core` if `threads_l2` was valid.

This change restores the old behavior if `threads_l2` is invalid by
adding the entire value of `core`.
Reviewed-by: DJ Delorie <dj@redhat.com>

Update i686 libm-test-ulps (again)

Based on feedback by Arsen Arsenović <arsen@gentoo.org>
Linux-6.1.38-gentoo-dist-hardened x86_64 AMD Ryzen 7 3800X 8-Core Processor
-march=x86-64-v2

Signed-off-by: Andreas K. Hüttel <dilfridge@gentoo.org>

Update i686 libm-test-ulps

Signed-off-by: Andreas K. Hüttel <dilfridge@gentoo.org>

Merge translations (de, ro, uk, zh_TW)

Line numbers, version numbers, template date changed everywhere
Nontrivial changes in de, ro, uk, zh_TW

Signed-off-by: Andreas K. Hüttel <dilfridge@gentoo.org>

Regenerate libc.pot

Signed-off-by: Andreas K. Hüttel <dilfridge@gentoo.org>

configure: Use autoconf 2.71

Bump autoconf requirement to 2.71 to allow regenerating configure on
more recent distributions. autoconf 2.71 has been in Fedora since F36
and is the current version in Debian stable (bookworm). It appears to
be current in Gentoo as well.

All sysdeps configure and preconfigure scripts have also been
regenerated; all changes are trivial transformations that do not affect
functionality.

Signed-off-by: Siddhesh Poyarekar <siddhesh@sourceware.org>
Reviewed-by: Carlos O'Donell <carlos@redhat.com>

Update sparc libm-test-ulps

s390: Add the clone3 wrapper

It follows the internal signature:

extern int clone3 (struct clone_args *__cl_args, size_t __size,
int (*__func) (void *__arg), void *__arg);

Checked on s390x-linux-gnu and s390-linux-gnu.

manual: Fix typos in struct dl_find_object

Signed-off-by: Bert Wesarg <bert.wesarg@googlemail.com>
Reviewed-by: Florian Weimer <fweimer@redhat.com>

sparc: Fix la_symbind for bind-now (BZ 23734)

The sparc ABI has multiple cases on how to handle JMP_SLOT relocations,
(sparc_fixup_plt/sparc64_fixup_plt).  For BINDNOW, _dl_audit_symbind
will be responsible to setup the final relocation value; while for
lazy binding _dl_fixup/_dl_profile_fixup will call the audit callback
and tail cail elf_machine_fixup_plt (which will call
sparc64_fixup_plt).

This patch fixes by issuing the SPARC specific routine on bindnow and
forwarding the audit value to elf_machine_fixup_plt for lazy resolution.
It fixes the la_symbind for bind-now tests on sparc64 and sparcv9:

  elf/tst-audit24a
  elf/tst-audit24b
  elf/tst-audit24c
  elf/tst-audit24d

Checked on sparc64-linux-gnu and sparcv9-linux-gnu.
Tested-by: John Paul Adrian Glaubitz <glaubitz@physik.fu-berlin.de>

i386: make debug wrappers compatible with static PIE

Static PIE requires the use of PLT relocation.

LoongArch: Fix soft-float bug about _dl_runtime_resolve{,lsx,lasx}

LoongArch: Add vector implementation for _dl_runtime_resolve.

LoongArch: config: Added HAVE_LOONGARCH_VEC_ASM.

This patch checks if assembler supports vector instructions to
generate LASX/LSX code or not, and then define HAVE_LOONGARCH_VEC_ASM macro

We have added support for vector instructions in binutils-2.41
See:
https://sourceware.org/git/?p=binutils-gdb.git;a=commit;h=75b2f521b101d974354f6ce9ed7c054d8b2e3b7a

commit 75b2f521b101d974354f6ce9ed7c054d8b2e3b7a
Author: mengqinggang <mengqinggang@loongson.cn>
Date:   Thu Jun 22 10:35:28 2023 +0800

LoongArch: gas: Add lsx and lasx instructions support

gas/ChangeLog:

        * config/tc-loongarch.c (md_parse_option): Add lsx and lasx option.
        (loongarch_after_parse_args): Add lsx and lasx option.

opcodes/ChangeLog:

        * loongarch-opc.c (struct loongarch_ase): Add lsx and lasx
        instructions.

sysdeps: Add missing hidden definitions for i386

Add missing libc_hidden_builtin_def for memset_chk and MEMCPY_CHK on
i386.

sysdeps/s390: Exclude fortified routines from being built with _FORTIFY_SOURCE

Depending on build configuration, the [routine]-c.c files may be chosen
to provide fortified routines implementation. While [routines].c
implementation were automatically excluded, the [routines]-c.c ones were
not. This patch fixes that by adding these file to the list to be
filtered.

Translations: Add new ro support and update others.

This brings in the new Romanian language translations, and updates
nine other translations. Important translations in this update
include the Italian and Japanese translations for ESTALE which
remove the mention of "NFS" from the error message translation.

elf: _dl_find_object may return 1 during early startup (bug 30515)

Success is reported with a 0 return value, and failure is -1.
Enhance the kitchen sink test elf/tst-audit28 to cover
_dl_find_object as well.

Fixes commit 5d28a8962dcb ("elf: Add _dl_find_object function")
and bug 30515.

Reviewed-by: Carlos O'Donell <carlos@redhat.com>
Tested-by: Carlos O'Donell <carlos@redhat.com>

LoongArch: config: Rewrite check on static PIE.

It's better to add "\" before "EOF" and remove "\"
before "$".

Revert "hppa: Drop 16-byte pthread lock alignment"

This change reverts commits c4468cd3995b4236ea886901109b194641132b08
and ab991a3d1b401ded6bd4f027352da8262b021a11.

realloc: Limit chunk reuse to only growing requests [BZ #30579]

The trim_threshold is too aggressive a heuristic to decide if chunk
reuse is OK for reallocated memory; for repeated small, shrinking
allocations it leads to internal fragmentation and for repeated larger
allocations that fragmentation may blow up even worse due to the dynamic
nature of the threshold.

Limit reuse only when it is within the alignment padding, which is 2 *
size_t for heap allocations and a page size for mmapped allocations.
There's the added wrinkle of THP, but this fix ignores it for now,
pessimizing that case in favor of keeping fragmentation low.

This resolves BZ #30579.

Signed-off-by: Siddhesh Poyarekar <siddhesh@sourceware.org>
Reported-by: Nicolas Dusart <nicolas@freedelity.be>
Reported-by: Aurelien Jarno <aurelien@aurel32.net>
Reviewed-by: Aurelien Jarno <aurelien@aurel32.net>
Tested-by: Aurelien Jarno <aurelien@aurel32.net>

vfscanf-internal: Remove potentially unbounded allocas

Some locales define a list of mapping pairs of alternate digits and
separators for input digits (to_inpunct). This require the scanf
to create a list of all possible inputs for the optional type
modifier 'I'.

Checked on x86_64-linux-gnu.

Reviewed-by: Joe Simmons-Talbott <josimmon@redhat.com>

fileops: Don't process ,ccs= as individual mode flags (BZ#18906)

In processing the first 7 individual characters of the mode for fopen
if ,ccs= is used those characters will be processed as well.  Stop
processing individual mode flags once a comma is encountered.  This has
the effect of requiring ,ccs= to be the last mode flag in the mode
string.  Add a testcase to check that the ,ccs= mode flag is not
processed as individual mode flags.

Reviewed-by: DJ Delorie <dj@redhat.com>

sysdeps/ieee754/ldbl-128ibm-compat: Fix warn unused result

Return value from *scanf and *asprintf routines are now properly checked
in test-scanf-ldbl-compat-template.c and test-printf-ldbl-compat.c.

Reviewed-by: Siddhesh Poyarekar <siddhesh@sourceware.org>

libio/bits/stdio2-decl.h: Avoid PLT entries with _FORTIFY_SOURCE

The change is meant to avoid unwanted PLT entry for the fgets_unlocked
routine when _FORTIFY_SOURCE is set.

Reviewed-by: Siddhesh Poyarekar <siddhesh@sourceware.org>

libio/bits/stdio2.h: Clearly separate declaration from definitions

Move declarations from libio/bits/stdio.h to existing
libio/bits/stdio2-decl.h. This will enable future use of
__REDIRECT_FORTIFY in place of some __REDIRECT.

Reviewed-by: Siddhesh Poyarekar <siddhesh@sourceware.org>

misc/bits/syslog.h: Clearly separate declaration from definition

This allows to include bits/syslog-decl.h in include/sys/syslog.h and
therefore be able to create the libc_hidden_builtin_proto (__syslog_chk)
prototype.

Reviewed-by: Siddhesh Poyarekar <siddhesh@sourceware.org>

misc/bits/select2.h: Clearly separate declaration from definitions

The __fdelt_chk declaration needs to be available so that
libc_hidden_proto can be used while not redefining __FD_ELT.
Thus, misc/bits/select-decl.h is created to hold the corresponding
prototypes.

Reviewed-by: Siddhesh Poyarekar <siddhesh@sourceware.org>

unistd: Avoid PLT entries with _FORTIFY_SOURCE

The change is meant to avoid unwanted PLT entries for the read_chk,
getdomainname_chk and getlogin_r_chk routines when _FORTIFY_SOURCE is set.

Reviewed-by: Siddhesh Poyarekar <siddhesh@sourceware.org>

posix/bits/unistd.h: Clearly separate declaration from definitions

This change is similar to what was done for bits/wchar2.h.
Routines declaration are moved into a dedicated bits/unistd-decl.h file
which is then included into the bits/unistd.h file.

This will allow to adapt the files so that PLT entries are not created when
_FORTIFY_SOURCE is enabled.

Reviewed-by: Siddhesh Poyarekar <siddhesh@sourceware.org>

wchar: Avoid PLT entries with _FORTIFY_SOURCE

The change is meant to avoid unwanted PLT entries for the wmemset and
wcrtomb routines when _FORTIFY_SOURCE is set.

On top of that, ensure that *_chk routines have their hidden builtin
definitions available.

Reviewed-by: Siddhesh Poyarekar <siddhesh@sourceware.org>

misc/sys/cdefs.h: Create FORTIFY redirects for internal calls

The __REDIRECT* macros are creating aliases which may lead to unwanted
PLT entries when fortification is enabled.
To prevent these entries, the REDIRECT alias should be set to point to the
existing __GI_* aliases.
This is done transparently by creating a __REDIRECT_FORTIFY* version of
these macros, that can be overwritten internally when necessary.

Reviewed-by: Siddhesh Poyarekar <siddhesh@sourceware.org>

stdio: Ensure *_chk routines have their hidden builtin definition available

If libc_hidden_builtin_{def,proto} isn't properly set for *_chk routines,
there are unwanted PLT entries in libc.so.

There is a special case with __asprintf_chk:
If ldbl_* macros are used for asprintf, ABI gets broken on s390x,
if it isn't, ppc64le isn't building due to multiple asm redirections.

This is due to the inclusion of bits/stdio-lbdl.h for ppc64le whereas it
isn't for s390x. This header creates redirections, which are not
compatible with the ones generated using libc_hidden_def.
Yet, we can't use libc_hidden_ldbl_proto on s390x since it will not
create a simple strong alias (e.g. as done on x86_64), but a versioned
alias, leading to ABI breakage.

This results in errors on s390x:
/usr/bin/ld: glibc/iconv/../libio/bits/stdio2.h:137: undefined reference
to `__asprintf_chk'

Original __asprintf_chk symbols:
00000000001395b0 T __asprintf_chk
0000000000177e90 T __nldbl___asprintf_chk

__asprintf_chk symbols with ldbl_* macros:
000000000012d590 t ___asprintf_chk
000000000012d590 t __asprintf_chk@@GLIBC_2.4
000000000012d590 t __GI___asprintf_chk
000000000012d590 t __GL____asprintf_chk___asprintf_chk
0000000000172240 T __nldbl___asprintf_chk

__asprintf_chk symbols with the patch:
000000000012d590 t ___asprintf_chk
000000000012d590 T __asprintf_chk
000000000012d590 t __GI___asprintf_chk
0000000000172240 T __nldbl___asprintf_chk

Reviewed-by: Carlos O'Donell <carlos@redhat.com>

string: Ensure *_chk routines have their hidden builtin definition available

If libc_hidden_builtin_{def,proto} isn't properly set for *_chk routines,
there are unwanted PLT entries in libc.so.

Reviewed-by: Siddhesh Poyarekar <siddhesh@sourceware.org>

sysdeps: Ensure ieee128*_chk routines to be properly named

The *_chk routines naming doesn't match the name that would be generated
using libc_hidden_ldbl_proto. Since the macro is needed for some of
these *_chk functions for _FORTIFY_SOURCE to be enabled, that needed to
be fixed.
While at it, all the *_chk function get renamed appropriately for
consistency, even if not strictly necessary.

Reviewed-by: Siddhesh Poyarekar <siddhesh@sourceware.org>
Reviewed-by: Paul E. Murphy <murphyp@linux.ibm.com>

Exclude routines from fortification

Since the _FORTIFY_SOURCE feature uses some routines of Glibc, they need to
be excluded from the fortification.

On top of that:
- some tests explicitly verify that some level of fortification works
appropriately, we therefore shouldn't modify the level set for them.
- some objects need to be build with optimization disabled, which
prevents _FORTIFY_SOURCE to be used for them.

Assembler files that implement architecture specific versions of the
fortified routines were not excluded from _FORTIFY_SOURCE as there is no
C header included that would impact their behavior.

Reviewed-by: Siddhesh Poyarekar <siddhesh@sourceware.org>

Allow glibc to be built with _FORTIFY_SOURCE

Add --enable-fortify-source option.

It is now possible to enable fortification through a configure option.
The level may be given as parameter, if none is provided, the configure
script will determine what is the highest level possible that can be set
considering GCC built-ins availability and set it.
If level is explicitly set to 3, configure checks if the compiler
supports the built-in function necessary for it or raise an error if it
isn't.

If the configure option isn't explicitly enabled, it _FORTIFY_SOURCE is
forcibly undefined (and therefore disabled).

The result of the configure checks are new variables, ${fortify_source}
and ${no_fortify_source} that can be used to appropriately populate
CFLAGS.

A dedicated patch will follow to make use of this variable in Makefiles
when necessary.

Updated NEWS and INSTALL.

Adding dedicated x86_64 variant that enables the configuration.

Reviewed-by: Siddhesh Poyarekar <siddhesh@sourceware.org>

manual: Update documentation of strerror and related functions

The current implementation of strerror is thread-safe, but this
has implications for the lifetime of the return string.

Describe the strerror_l function.  Describe both variants of the
strerror_r function.  Mention the lifetime of the returned string
for strerrorname_np and strerrordesc_np.  Clarify that perror
output depends on the current locale.

Reviewed-by: Carlos O'Donell <carlos@redhat.com>

manual: Enhance documentation of the <ctype.h> functions

Describe the problems with signed characters, and the glibc extension
to deal with most of them. Mention that the is* functions return
zero for the special argument EOF.

Reviewed-by: Carlos O'Donell <carlos@redhat.com>

Always do locking when accessing streams (bug 15142, bug 14697)

Now that abort no longer calls fflush there is no reason to avoid locking
the stdio streams anywhere. This fixes a conformance issue and potential
heap corruption during exit.

hurd: Implement MAP_EXCL

MAP_FIXED is defined to silently replace any existing mappings at the
address range being mapped over. This, however, is a dangerous, and only
rarely desired behavior.

Various Unix systems provide replacements or additions to MAP_FIXED:

* SerenityOS and Linux provide MAP_FIXED_NOREPLACE. If the address space
  already contains a mapping in the requested range, Linux returns
  EEXIST. SerenityOS returns ENOMEM, however that is a bug, as the
  MAP_FIXED_NOREPLACE implementation is intended to be compatible with
  Linux.

* FreeBSD provides the MAP_EXCL flag that has to be used in combination
  with MAP_FIXED. It returns EINVAL if the requested range already
  contains existing mappings. This is directly analogous to the O_EXCL
  flag in the open () call.

* DragonFly BSD, NetBSD, and OpenBSD provide MAP_TRYFIXED, but with
  different semantics. DragonFly BSD returns ENOMEM if the requested
  range already contains existing mappings. NetBSD does not return an
  error, but instead creates the mapping at a different address if the
  requested range contains mappings. OpenBSD behaves the same, but also
  notes that this is the default behavior even without MAP_TRYFIXED
  (which is the case on the Hurd too).

Since the Hurd leans closer to the BSD side, add MAP_EXCL as the primary
API to request the behavior of not replacing existing mappings. Declare
MAP_FIXED_NOREPLACE and MAP_TRYFIXED as aliases of (MAP_FIXED|MAP_EXCL),
so any existing software that checks for either of those macros will
pick them up automatically. For compatibility with Linux, return EEXIST
if a mapping already exists.

Signed-off-by: Sergey Bugaev <bugaevc@gmail.com>
Message-Id: <20230625231751.404120-5-bugaevc@gmail.com>

hurd: Fix mapping at address 0 with MAP_FIXED

Zero address passed to mmap () typically means the caller doesn't have
any specific preferred address. Not so if MAP_FIXED is passed: in this
case 0 means literal 0. Fix this case to pass anywhere = 0 into vm_map.

Also add some documentation.

Signed-off-by: Sergey Bugaev <bugaevc@gmail.com>
Message-Id: <20230625231751.404120-4-bugaevc@gmail.com>

hurd: Fix calling vm_deallocate (NULL)

Only call vm_deallocate when we do have the old buffer, and check for
unexpected errors.

Spotted while debugging a msgids/readdir issue on x86_64-gnu.

Signed-off-by: Sergey Bugaev <bugaevc@gmail.com>
Message-Id: <20230625231751.404120-3-bugaevc@gmail.com>

hurd: Map brk non-executable

The rest of the heap (backed by individual pages) is already mapped RW.
Mapping these pages RWX presents a security hazard.

Also, in another branch memory gets allocated using vm_allocate, which
sets memory protection to VM_PROT_DEFAULT (which is RW). The mismatch
between protections prevents Mach from coalescing the VM map entries.

Signed-off-by: Sergey Bugaev <bugaevc@gmail.com>
Message-Id: <20230625231751.404120-2-bugaevc@gmail.com>