1. 04 7月, 2012 2 次提交
    • R
      configure: only use -ffloat-store on i386 · 2121b8a4
      Rich Felker 提交于
      this option is expensive and only used on old gcc's that lack
      -fexcess-precision=standed, but it's not needed on non-i386 archs
      where floating point does not have excess precision anyway.
      
      if musl ever supports m68k, i think it will need to be special-cased
      too. i'm not aware of any other archs with excess precision.
      2121b8a4
    • R
      jmp_buf overhaul fixing several issues · d6c0efe1
      Rich Felker 提交于
      on arm, the location of the saved-signal-mask flag and mask were off
      by one between sigsetjmp and siglongjmp, causing incorrect behavior
      restoring the signal mask. this is because the siglongjmp code assumed
      an extra slot was in the non-sig jmp_buf for the flag, but arm did not
      have this. now, the extra slot is removed for all archs since it was
      useless.
      
      also, arm eabi requires jmp_buf to have 8-byte alignment. we achieve
      that using long long as the type rather than with non-portable gcc
      attribute tags.
      d6c0efe1
  2. 03 7月, 2012 4 次提交
  3. 29 6月, 2012 1 次提交
    • R
      replace old and ugly crypt implementation · cdf51506
      Rich Felker 提交于
      the new version is largely the work of Solar Designer, with minor
      changes for integration with musl. compared to the old code, text size
      is reduced by about 7k, stack space usage by about 70k, and
      performance is greatly improved by avoiding expensive calculation of
      constant tables on each run.
      
      this version also adds support for extended des-based password hashes,
      which allow for unlimited key (password) length and configurable
      iteration counts.
      
      i've also published the interface for crypt_r in a new crypt.h header.
      especially since this is not a standard interface, i did not feel
      compelled to match the glibc abi for the crypt_data structure. the
      glibc structure is way too big to allocate on the stack; in fact it's
      so big that the first usage may cause the main thread to exceed its
      pre-committed stack size of 128k and thus could cause the program to
      crash even on systems with overcommit disabled. the only legitimate
      use of crypt_data for crypt_r is to store the hash string to return,
      so i've reserved 256 bytes, which should be more than sufficient
      (longest known password hashes are ~60 characters, and beyond that is
      possibly even exceeding some implementations' passwd file field size
      limit).
      cdf51506
  4. 26 6月, 2012 1 次提交
    • R
      fix arm crti/crtn code · 9abab94b
      Rich Felker 提交于
      lr must be saved because init/fini-section code from the compiler
      clobbers it. this was not a problem when i tested without gcc's
      crtbegin/crtend files present, but with them, musl on arm fails to
      work (infinite loop in _init).
      9abab94b
  5. 25 6月, 2012 1 次提交
  6. 24 6月, 2012 2 次提交
  7. 21 6月, 2012 12 次提交
    • R
      proper error handling for fcntl F_GETOWN on modern kernels · 4e8b0938
      Rich Felker 提交于
      on old kernels, there's no way to detect errors; we must assume
      negative syscall return values are pgrp ids. but if the F_GETOWN_EX
      fcntl works, we can get a reliable answer.
      4e8b0938
    • N
      math: fix fma bug on x86 (found by Bruno Haible with gnulib) · e5fb6820
      nsz 提交于
      The long double adjustment was wrong:
      The usual check is
        mant_bits & 0x7ff == 0x400
      before doing a mant_bits++ or mant_bits-- adjustment since
      this is the only case when rounding an inexact ld80 into
      double can go wrong. (only in nearest rounding mode)
      
      After such a check the ++ and -- is ok (the mantissa will end
      in 0x401 or 0x3ff).
      
      fma is a bit different (we need to add 3 numbers with correct
      rounding: hi_xy + lo_xy + z so we should survive two roundings
      at different places without precision loss)
      
      The adjustment in fma only checks for zero low bits
        mant_bits & 0x3ff == 0
      this way the adjusted value is correct when rounded to
      double or *less* precision.
      (this is an important piece in the fma puzzle)
      
      Unfortunately in this case the -- is not a correct adjustment
      because mant_bits might underflow so further checks are needed
      and this was the source of the bug.
      e5fb6820
    • R
      fix broken wcwidth tables · ac4fb51d
      Rich Felker 提交于
      unicode char data has both "W" and "F" wide types and the old table
      only included the "W" ones. this omitted U+3000 (ideographic space)
      and all the wide-ascii, etc.
      ac4fb51d
    • R
      support ld80 pseudo-denormal invalid bit patterns; treat them as nan · fad231b9
      Rich Felker 提交于
      this is silly, but it makes apps that read binary junk and interpret
      it as ld80 "safer", and it gets gnulib to stop replacing printf...
      fad231b9
    • R
      fix ptsname_r to conform to the upcoming posix requirements · c21a19d5
      Rich Felker 提交于
      it should return the error code rather than 0/-1 and setting errno.
      c21a19d5
    • R
      cea106fb
    • R
      avoid cancellation in pclose · 1af8c255
      Rich Felker 提交于
      at the point pclose might receive and act on cancellation, it has
      already invalidated the FILE passed to it. thus, per musl's QOI
      guarantees about cancellation and resource allocation/deallocation,
      it's not a candidate for cancellation.
      
      if it were required to be a cancellation point by posix, we would have
      to switch the order of deallocation, but somehow still close the pipe
      in order to trigger the child process to exit. i looked into doing
      this, but the logic gets ugly, and i'm not sure the semantics are
      conformant, so i'd rather just leave it alone unless there's a need to
      change it.
      1af8c255
    • R
      fix invalid memory access in pclose · 9799560f
      Rich Felker 提交于
      9799560f
    • R
      make popen cancellation-safe · 9c21f434
      Rich Felker 提交于
      close was the only cancellation point called from popen, but it left
      popen with major resource leaks if any call to close got cancelled.
      the easiest, cheapest fix is just to use a non-cancellable close
      function.
      9c21f434
    • R
      popen: handle issues with fd0/1 being closed · f305467a
      Rich Felker 提交于
      also check for failure of dup2 and abort the child rather than
      reading/writing the wrong file.
      f305467a
    • R
      duplocale: don't crash when called with LC_GLOBAL_LOCALE · b3d7d062
      Rich Felker 提交于
      posix has resolved to add this usage; for now, we just avoid writing
      anything to the new locale object since it's not used anyway.
      b3d7d062
    • R
      make strerror_r behave nicer on failure · f313a162
      Rich Felker 提交于
      if the buffer is too short, at least return a partial string. this is
      helpful if the caller is lazy and does not check for failure. care is
      taken to avoid writing anything if the buffer length is zero, and to
      always null-terminate when the buffer length is non-zero.
      f313a162
  8. 20 6月, 2012 9 次提交
    • R
      fix another oob pointer arithmetic issue in printf floating point · 839bff64
      Rich Felker 提交于
      this one could never cause any problems unless the compiler/machine
      goes to extra trouble to break oob pointer arithmetic, but it's best
      to fix it anyway.
      839bff64
    • R
      minor perror behavior fix · 82a4499e
      Rich Felker 提交于
      patch by nsz
      82a4499e
    • R
      fix localeconv values and implementation · 85a3ba3a
      Rich Felker 提交于
      dynamic-allocation of the structure is not valid; it can crash an
      application if malloc fails. since localeconv is not specified to have
      failure conditions, the object needs to have static storage duration.
      
      need to review whether all the values are right or not still..
      85a3ba3a
    • R
      fix mistake in length test in getlogin_r · ee96c50d
      Rich Felker 提交于
      this was actually dangerously wrong, but presumably nobody uses this
      broken function anymore anyway..
      ee96c50d
    • R
      fix dummied-out fsync · ee1f69a3
      Rich Felker 提交于
      if we eventually have build options, it might be nice to make an
      option to dummy this out again, in case anybody needs a system-wide
      disable for disk/ssd-thrashing, etc. that some daemons do when
      logging...
      ee1f69a3
    • R
      fix dummied-out fdatasync · ca1773d8
      Rich Felker 提交于
      ca1773d8
    • R
      fix pointer overflow bug in floating point printf · 914949d3
      Rich Felker 提交于
      large precision values could cause out-of-bounds pointer arithmetic in
      computing the precision cutoff (used to avoid expensive long-precision
      arithmetic when the result will be discarded). per the C standard,
      this is undefined behavior. one would expect that it works anyway, and
      in fact it did in most real-world cases, but it was randomly
      (depending on aslr) crashing in i386 binaries running on x86_64
      kernels. this is because linux puts the userspace stack near 4GB
      (instead of near 3GB) when the kernel is 64-bit, leading to the
      out-of-bounds pointer arithmetic overflowing past the end of address
      space and giving a very low pointer value, which then compared lower
      than a pointer it should have been higher than.
      
      the new code rearranges the arithmetic so that no overflow can occur.
      
      while this bug could crash printf with memory corruption, it's
      unlikely to have security impact in real-world applications since the
      ability to provide an extremely large field precision value under
      attacker-control is required to trigger the bug.
      914949d3
    • R
      add vhangup syscall wrapper · 25c84449
      Rich Felker 提交于
      request/patch by william haddonthethird, slightly modifed to add
      _GNU_SOURCE feature test macro so that the compiler can verify the
      prototype matches.
      25c84449
    • R
      5bc8e845
  9. 19 6月, 2012 7 次提交
  10. 18 6月, 2012 1 次提交
    • R
      change stdio_ext __freading/__fwriting semantics slightly · deb90c79
      Rich Felker 提交于
      the old behavior was to only consider a stream to be "reading" or
      "writing" if it had buffered, unread/unwritten data. this reportedly
      differs from the traditional behavior of these functions, which is
      essentially to return true as much as possible without creating the
      possibility that both __freading and __fwriting could return true.
      
      gnulib expects __fwriting to return true as soon as a file is opened
      write-only, and possibly expects other cases that depend on the
      traditional behavior. and since these functions exist mostly for
      gnulib (does anything else use them??), they should match the expected
      behavior to avoid even more ugly hacks and workarounds...
      deb90c79