1. 01 4月, 2013 2 次提交
  2. 27 3月, 2013 2 次提交
    • R
      remove __SYSCALL_SSLEN arch macro in favor of using public _NSIG · ccc7b4c3
      Rich Felker 提交于
      the issue at hand is that many syscalls require as an argument the
      kernel-ABI size of sigset_t, intended to allow the kernel to switch to
      a larger sigset_t in the future. previously, each arch was defining
      this size in syscall_arch.h, which was redundant with the definition
      of _NSIG in bits/signal.h. as it's used in some not-quite-portable
      application code as well, _NSIG is much more likely to be recognized
      and understood immediately by someone reading the code, and it's also
      shorter and less cluttered.
      
      note that _NSIG is actually 65/129, not 64/128, but the division takes
      care of throwing away the off-by-one part.
      ccc7b4c3
    • R
      provide emulation of fcntl F_DUPFD_CLOEXEC on old kernels · 00f1521f
      Rich Felker 提交于
      I'm not entirely happy with the amount of ugliness here, but since
      F_DUPFD_CLOEXEC is used elsewhere in code that's expected to work on
      old kernels (popen), it seems necessary. reportedly even some modern
      kernels went back and broke F_DUPFD_CLOEXEC (making it behave like
      plain F_DUPFD), so it might be necessary to add some additional fixup
      code later to deal with that issue too.
      00f1521f
  3. 25 3月, 2013 3 次提交
  4. 24 3月, 2013 1 次提交
    • R
      fix multiple bugs in syslog interfaces · 427c0ca7
      Rich Felker 提交于
      1. as reported by William Haddon, the value returned by snprintf was
      wrongly used as a length passed to sendto, despite it possibly
      exceeding the buffer length. this could lead to invalid reads and
      leaking additional data to syslog.
      
      2. openlog was storing a pointer to the ident string passed by the
      caller, rather than copying it. this bug is shared with (and even
      documented in) other implementations like glibc, but such behavior
      does not seem to meet the requirements of the standard.
      
      3. extremely long ident provided to openlog, or corrupt ident due to
      the above issue, could possibly have resulted in buffer overflows.
      despite having the potential for smashing the stack, i believe the
      impact is low since ident points to a short string literal in typical
      application usage (and per the above bug, other usages will break
      horribly on other implementations).
      
      4. when used with LOG_NDELAY, openlog was not connecting the
      newly-opened socket; sendto was being used instead. this defeated the
      main purpose of LOG_NDELAY: preparing for chroot.
      
      5. the default facility was not being used at all, so all messages
      without an explicit facility passed to syslog were getting logged at
      the kernel facility.
      
      6. setlogmask was not thread-safe; no synchronization was performed
      updating the mask. the fix uses atomics rather than locking to avoid
      introducing a lock in the fast path for messages whose priority is not
      in the mask.
      
      7. in some code paths, the syslog lock was being unlocked twice; this
      could result in releasing a lock that was actually held by a different
      thread.
      
      some additional enhancements to syslog such as a default identifier
      based on argv[0] or similar may still be desired; at this time, only
      the above-listed bugs have been fixed.
      427c0ca7
  5. 05 3月, 2013 1 次提交
    • R
      fix types for wctype_t and wctrans_t · da1442c9
      Rich Felker 提交于
      wctype_t was incorrectly "int" rather than "long" on x86_64. not only
      is this an ABI incompatibility; it's also a major design flaw if we
      ever wanted wctype_t to be implemented as a pointer, which would be
      necessary if locales support custom character classes, since int is
      too small to store a converted pointer. this commit fixes wctype_t to
      be unsigned long on all archs, matching the LSB ABI; this change does
      not matter for C code, but for C++ it affects mangling.
      
      the same issue applied to wctrans_t. glibc/LSB defines this type as
      const __int32_t *, but since no such definition is visible, I've just
      expanded the definition, int, everywhere.
      
      it would be nice if these types (which don't vary by arch) could be in
      wctype.h, but the OB XSI requirement in POSIX that wchar.h expose some
      types and functions from wctype.h precludes doing so. glibc works
      around this with some hideous hacks, but trying to duplicate that
      would go against the intent of musl's headers.
      da1442c9
  6. 26 2月, 2013 2 次提交
    • R
      fix integer type issue in strverscmp · 5afc74fb
      Rich Felker 提交于
      lenl-lenr is not a valid expression for a signed int return value from
      strverscmp, since after implicit conversion from size_t to int this
      difference could have the wrong sign or might even be zero. using the
      difference for char values works since they're bounded well within the
      range of differences representable by int, but it does not work for
      size_t values.
      5afc74fb
    • R
      implement non-stub strverscmp · 4853c1f7
      Rich Felker 提交于
      patch by Isaac Dunham.
      4853c1f7
  7. 22 2月, 2013 2 次提交
  8. 21 2月, 2013 4 次提交
  9. 18 2月, 2013 3 次提交
    • R
      f78cdbe8
    • R
      consistently use the internal name __environ for environ · 23ccb80f
      Rich Felker 提交于
      patch by Jens Gustedt.
      previously, the intended policy was to use __environ in code that must
      conform to the ISO C namespace requirements, and environ elsewhere.
      this policy was not followed in practice anyway, making things
      confusing. on top of that, Jens reported that certain combinations of
      link-time optimization options were breaking with the inconsistent
      references; this seems to be a compiler or linker bug, but having it
      go away is a nice side effect of the changes made here.
      23ccb80f
    • R
      add fgetgrent function · cac87295
      Rich Felker 提交于
      based on patch by Isaac Dunham, moved to its own file to avoid
      increasing bss on static linked programs not using this nonstandard
      function but using the standard getgrent function, and vice versa.
      cac87295
  10. 07 2月, 2013 2 次提交
    • R
      fix typo in newly-added error message for EOWNERDEAD · b9e08308
      Rich Felker 提交于
      b9e08308
    • R
      improve error strings · d75348dd
      Rich Felker 提交于
      this definitely has the potential to be a bikeshed topic, so some
      justification is in order. most of the changes made fit into one of
      the following categories:
      1. alignment with text in posix, xsh 2.3
      2. eliminating overly-specific text for shared error codes
      3. making the message match more closely with the macro name
      4. removing extraneous words
      
      in particular, the EAGAIN/EWOULDBLOCK text is updated to match the
      description of EAGAIN (which covers both uses) rather than saying the
      operation would block, and ENOTSUP/EOPNOTSUPP is updated not to
      mention sockets.
      
      the distinction between ENFILE/EMFILE has also been clarified; ENFILE
      is aligned with the posix text, and EMFILE, which lacks concise posix
      text matching any historic message, is updated to emphasize that the
      exhausted resource is not open files/open file descriptions, but
      rather the integer 'address space' of file descriptors.
      
      some messages may be further tweaked based on feedback.
      d75348dd
  11. 04 2月, 2013 4 次提交
    • R
      base system() on posix_spawn · a8799356
      Rich Felker 提交于
      this avoids duplicating the fragile logic for executing an external
      program without fork.
      a8799356
    • R
      fix unsigned comparison bug in posix_spawn · 4862864f
      Rich Felker 提交于
      read should never return anything but 0 or sizeof ec here, but if it
      does, we want to treat any other return as "success". then the caller
      will get back the pid and is responsible for waiting on it when it
      immediately exits.
      4862864f
    • R
      overhaul posix_spawn to use CLONE_VM instead of vfork · fb6b159d
      Rich Felker 提交于
      the proposed change was described in detail in detail previously on
      the mailing list. in short, vfork is unsafe because:
      
      1. the compiler could make optimizations that cause the child to
      clobber the parent's local vars.
      
      2. strace is buggy and allows the vforking parent to run before the
      child execs when run under strace.
      
      the new design uses a close-on-exec pipe instead of vfork semantics to
      synchronize the parent and child so that the parent does not return
      before the child has finished using its arguments (and now, also its
      stack). this also allows reporting exec failures to the caller instead
      of giving the caller a child that mysteriously exits with status 127
      on exec error.
      
      basic testing has been performed on both the success and failure code
      paths. further testing should be done.
      fb6b159d
    • R
      streamline old-kernel fallback path of pipe2 to use syscalls directly · 89d3df6e
      Rich Felker 提交于
      also, don't waste code/time on F_GETFL since pipes always have blank
      flags initially (at least on old kernels, which are all this fallback
      code matters for).
      89d3df6e
  12. 02 2月, 2013 11 次提交
    • R
      dynamically allocate storage for gethostby* buffers · a47ad3eb
      Rich Felker 提交于
      this change shaves ~1k off libc.so bss size, and also avoids hard
      errors in the case where the static buffer was not large enough to
      hold the result.
      
      this whole framework is really ugly and might should be replaced or at
      least heavily overhauled when some changes/factorizations are made to
      getaddrinfo internals in the future.
      a47ad3eb
    • R
      c0193550
    • R
      b0302863
    • R
      fix error returns in gethostby*_r functions · 70b584bc
      Rich Felker 提交于
      they're supposed to return an error code rather than using errno.
      70b584bc
    • R
      fix uninitialized map_len being used in munmap failure paths in load_library · 74025c80
      Rich Felker 提交于
      this bug seems to have been introduced when the map_library signatures
      was changed to return the mapping in a temp dso structure instead of
      into separate variables.
      74025c80
    • R
      fix stale locks left behind when pthread_create fails · 72768ea9
      Rich Felker 提交于
      this bug seems to have been around a long time.
      72768ea9
    • R
      if pthread_create fails, it must not attempt mmap if there is no mapping · 077549e0
      Rich Felker 提交于
      this bug was introduced when support for application-provided stacks
      was originally added.
      077549e0
    • R
      pthread stack treatment overhaul for application-provided stacks, etc. · d5142642
      Rich Felker 提交于
      the main goal of these changes is to address the case where an
      application provides a stack of size N, but TLS has size M that's a
      significant portion of the size N (or even larger than N), thus giving
      the application less stack space than it expected or no stack at all!
      
      the new strategy pthread_create now uses is to only put TLS on the
      application-provided stack if TLS is smaller than 1/8 of the stack
      size or 2k, whichever is smaller. this ensures that the application
      always has "close enough" to what it requested, and the threshold is
      chosen heuristically to make sure "sane" amounts of TLS still end up
      in the application-provided stack.
      
      if TLS does not fit the above criteria, pthread_create uses mmap to
      obtain space for TLS, but still uses the application-provided stack
      for actual call frame stack. this is to avoid wasting memory, and for
      the sake of supporting ugly hacks like garbage collection based on
      assumptions that the implementation will use the provided stack range.
      
      in order for the above heuristics to ever succeed, the amount of TLS
      space wasted on POSIX TSD (pthread_key_create based) needed to be
      reduced. otherwise, these changes would preclude any use of
      pthread_create without mmap, which would have serious memory usage and
      performance costs for applications trying to create huge numbers of
      threads using pre-allocated stack space. the new value of
      PTHREAD_KEYS_MAX is the minimum allowed by POSIX, 128. this should
      still be plenty more than real-world applications need, especially now
      that C11/gcc-style TLS is now supported in musl, and most apps and
      libraries choose to use that instead of POSIX TSD when available.
      
      at the same time, PTHREAD_STACK_MIN has been decreased. it was
      originally set to PAGE_SIZE back when there was no support for TLS or
      application-provided stacks, and requests smaller than a whole page
      did not make sense. now, there are two good reasons to support
      requests smaller than a page: (1) applications could provide
      pre-allocated stacks smaller than a page, and (2) with smaller stack
      sizes, stack+TLS+TSD can all fit in one page, making it possible for
      applications which need huge numbers of threads with minimal stack
      needs to allocate exactly one page per thread. the new value of
      PTHREAD_STACK_MIN, 2k, is aligned with the minimum size for
      sigaltstack.
      d5142642
    • R
      make some arrays const · c5092507
      rofl0r 提交于
      this way they'll go into .rodata, decreasing memory pressure.
      c5092507
    • R
      replace __wake function with macro that performs direct syscall · facc6acb
      Rich Felker 提交于
      this should generate faster and smaller code, especially with inline
      syscalls. the conditional with cnt is ugly, but thankfully cnt is
      always a constant anyway so it gets evaluated at compile time. it may
      be preferable to make separate __wake and __wakeall macros without a
      count argument.
      
      priv flag is not used yet; private futex support still needs to be
      done at some point in the future.
      facc6acb
    • R
  13. 01 2月, 2013 1 次提交
  14. 27 1月, 2013 1 次提交
  15. 24 1月, 2013 1 次提交
    • R
      add support for RTLD_NOLOAD to dlopen · 4d07e552
      Rich Felker 提交于
      based on patch by Pierre Carrier <pierre@gcarrier.fr> that just added
      the flag constant, but with minimal additional code so that it
      actually works as documented. this is a nonstandard option but some
      major software (reportedly, Firefox) uses it and it was easy to add
      anyway.
      4d07e552