Linux's documentation (robust-futex-ABI.txt) claims that, when a
process dies with a futex on the robust list, bit 30 (0x40000000) is
set to indicate the status. however, what actually happens is that
bits 0-30 are replaced with the value 0x40000000, i.e. bits 0-29
(containing the old owner tid) are cleared at the same time bit 30 is
set.

our userspace-side code for robust mutexes was written based on that
documentation, assuming that kernel would never produce a futex value
of 0x40000000, since the low (owner) bits would always be non-zero.
commit d338b506 introduced this
assumption explicitly while fixing another bug in how non-recoverable
status for robust mutexes was tracked. presumably the tests conducted
at that time only checked non-process-shared robust mutexes, which are
handled in pthread_exit (which implemented the documented kernel
protocol, not the actual one) rather than by the kernel.

change pthread_exit robust list processing to match the kernel
behavior, clearing bits 0-29 while setting bit 30, and use the value
0x7fffffff instead of 0x40000000 to encode non-recoverable status. the
choice of value here is arbitrary; any value with at least one of bits
0-29 set should work just as well,

despite clarifications made to the COPYRIGHT file in commit
f0a61399, there continues to be
confusion about whether the permissions granted actually apply to all
files. I am the sole author of these files and clearly intend, and
have always intended, for the grant of permission to apply to them.

compilers are free not to copy, or in some cases to clobber, padding
bytes in a structure. while it's an aliasing violation, and thus
undefined behavior, to copy or manipulate other sockaddr types using
sockaddr_storage, it seems likely that traditional code attempts to do
so, and the original intent of the sockaddr_storage structure was
probably to allow such usage.

in the interest of avoiding silent and potentially dangerous breakage,
ensure that there are no actual padding bytes in sockaddr_storage by
moving and adjusting the size of the __ss_padding member so that it
fits exactly.

this change also removes a silent assumption that the alignment of
long is equal to its size.

kernel connection multiplexor macros AF_KCM, PF_KCM, SOL_KCM were
added in linux commit ab7ac4eb9832e32a09f4e8042705484d2fb0aad3

MSG_BATCH sendmsg flag for performance optimization was added
in linux commit f092276d85b82504e8a07498f4e9e0c51f06745c

SOL_* macros are now synced with linux socket.h which is not a uapi
header and glibc did not have the macros either, but that has changed
http://sourceware.org/ml/libc-alpha/2016-05/msg00322.html

new fields and associated linux commit:
tcpi_notsent_bytes, tcpi_min_rtt cd9b266095f422267bddbec88f9098b48ea548fc
tcpi_data_segs_in, tcpi_data_segs_out a44d6eacdaf56f74fad699af7f4925a5f5ac0e7f

flag for new cgroup namespace, added in linux commit
5e2bec7c2248ae27c5b16cd97215ae05c1d39179

x86 protection key faults are reported in the si_pkey field,
added in linux commit cd0ea35ff5511cde299a61c21a95889b4a71464e

ethertype for macsec added in linux commit
dece8d2b78d19df7fe5e4e965f1f0d1a3e188d1b

new socket option so application can give advice about routing
path quality of connected udp sockets, added in linux commit
a87cb3e48ee86d29868d3f59cfb9ce1a8fa63314

the syscalls take an additional flag argument, they were added in commit
f17d8b35452cab31a70d224964cd583fb2845449 and a RWF_HIPRI priority hint
flag was added to linux/fs.h in 97be7ebe53915af504fb491fb99f064c7cf3cb09.

the syscall is not allocated for microblaze and sh yet.

the difference of pointers is a signed type ptrdiff_t; if it is only
32-bit, left-shifting it by 30 bits produces undefined behavior. cast
the difference to an appropriate unsigned type, uint32_t, before
shifting to avoid this.

the a64l function is specified to return a signed 32-bit result in
type long. as noted in the bug report by Ed Schouten, converting
implicitly from uint32_t only produces the desired result when long is
a 32-bit type. since the computation has to be done in unsigned
arithmetic to avoid overflow, simply cast the result to int32_t.

further, POSIX leaves the behavior on invalid input unspecified but
not undefined, so we should not take the difference between the
potentially-null result of strchr and the base pointer without first
checking the result. the simplest behavior is just returning the
partial conversion already performed in this case, so do that.

previously, the only way the stopping condition could be met with
correct lengths in the headers invoked undefined behavior, adding
sizeof(struct cmsghdr) beyond the end of the cmsg buffer.

instead, compute and compare sizes rather than pointers.

the num_submatches field of some ast nodes was not initialized in
tre_add_tag_{left,right}, but was accessed later.

this was a benign bug since the uninitialized values were never used
(these values are created during tre_add_tags and copied around during
tre_expand_ast where they are also used in computations, but nothing
in the final tnfa depends on them).

These system calls are already all remapped in an arch-agnostic manner in
src/internal/syscall.h

The --build flag is listed in two case statement entries in configure,
which causes the second entry to be ignored. This patch removes it
from the first entry.
Signed-off-by: NMichael LeMay <michael.lemay@intel.com>

previously if you called getprotobyname("egp") you would get
NULL because \008 is invalid octal and so the protocol id was
interpreted as 0 and name as "8egp".

the standard configure interface, which our configure script tries to
implement, identifies cross compiling (build != host) and searches for
the properly-prefixed cross tools. our script was not doing that,
forcing users to explicitly provide either CC or a CROSS_COMPILE tool
prefix, and the more common choice, just providing CC, was incomplete
because the Makefile would still invoke the native ar and ranlib
programs. this happened to work when building on ELF-based systems
with GNU binutils, but could easily fail when cross-compiling from
dissimilar systems.

like before, and like the standard configure behavior, an explicit CC
or CROSS_COMPILE variable on the command line or in the environment
overrides the automatic prefixing.

these changes are the outcome of a long mailing list thread that took
place March 2016, "musl licensing". among minor other issues,
prospective users were not confident that the whole-project MIT
license would grant permission for files to which the COPYRIGHT file
expressed a belief that copyright not apply, if it turned out that
these files were actually subject to copyright.

in accordance with the original intent of applying a permissive
license to the project, which was that license issues not be an
obstacle to use, the text which was causing confusion is removed. no
new claims of copyright are made, but new text is added to clarify
that the grant of permissions applies to all files, and an explicit
grant of permission to use public headers and crt files without
attribution has been made.

this patch was reviewed and approved by all substantial contributors
to the affected files: Bobby Bingham, John Spencer (rofl0r), Nicholas
J. Kain, Rich Felker, Richard Pennington, Stefan Kristiansson, and
Szabolcs Nagy.

commit 7e816a64 (version 1.1.11
release cycle) moved the code that performs wchar_t to multibyte
conversion across code that used the resulting length in bytes,
thereby breaking the unget buffer space check in ungetwc and
clobbering up to three bytes below the start of the buffer.

for allocated FILEs (all read-enabled FILEs except stdin), the
underflow clobbers at most the FILE-specific locale pointer. no stores
are performed through this pointer, but subsequent loads may result in
a crash or mismatching encoding rule (UTF-8 multibyte vs byte-based).

for stdin, the buffer lies in .bss and the underflow may clobber
another object. in practice, for libc.so the adjacent object seems to
be stderr's buffer, which is completely unused, but this could vary
with linking options, or when static linking.

applications which do not attempt to use more than one character of
ungetwc pushback, or which do not use ungetwc, are not affected.

per the powerpc psabi, offset 4 of the stack at call time belongs to
the callee and is used for spilling lr (return address). in addition,
offset 0 on the stack must contain a pointer to the previous stack
frame, or a null pointer for the initial stack frame of a thread.
__clone failed to setup any stack frame on the new thread's stack,
thereby allowing the start function it called to clobber offset 4 of
the new thread's struct __pthread, which contains the dtv pointer.

add code to setup a proper stack frame and align the stack pointer to
a multiple of 16 (also an abi requirement) if it was not already
aligned.

The variable nss is set to zero in following line.

based on patch submitted by Jaydeep Patil, with minor changes.

mips32r6 and mips64r6 are actually new isas at both the asm source and
opcode levels (pre-r6 code cannot run on r6) and thus need to be
treated as a new subarch. the following changes are made, some of
which yield code generation improvements for non-r6 targets too:

- add subarch logic in configure script and reloc.h files for dynamic
  linker name.

- suppress use of .set mips2 asm directives (used to allow mips2
  atomic instructions on baseline mips1 builds; the kernel has to
  emulate them on mips1) except when actually needed. they cause wrong
  instruction encodings on r6, and pessimize inlining on at least some
  compilers.

- only hard-code sync instruction encoding on mips1.

- use "ZC" constraint instead of "m" constraint for llsc memory
  operands on r6, where the ll/sc instructions no longer accept full
  16-bit offsets.

- only hard-code rdhwr instruction encoding with .word on targets
  (pre-r2) where it may need trap-and-emulate by the kernel.
  otherwise, just use the instruction mnemonic, and allow an arbitrary
  destination register to be used.

the two/three/four byte memmem specializations are not prepared to
handle haystacks shorter than the needle; they unconditionally read at
least up to the needle length and subtract from the haystack length.
if the haystack is shorter, the remaining haystack length underflows
and produces an unbounded search which will eventually either crash or
find a spurious match.

the top-level memmem function attempted to avoid this case already by
checking for haystack shorter than needle, but it failed to re-check
after using memchr to remove the maximal prefix not containing the
first byte of the needle.

commits e24984ef and
16b55298 inadvertently disabled the
a_spin implementations for i386, x86_64, and x32 by defining a macro
named a_pause instead of a_spin. this should not have caused any
functional regression, but it inhibited cpu relaxation while spinning
for locks.

bug reported by George Kulakowski.

the comparison f->wpos > f->buf has undefined behavior when f->wpos is
a null pointer, despite the intuition (and actual compiler behavior,
for all known compilers) being that NULL > ptr is false for all valid
pointers ptr.

the purpose of the comparison is to determine if the write buffer is
non-empty, and the idiom used elsewhere for that is comparison against
f->wbase, which is either a null pointer when not writing, or equal to
f->buf when writing. in the former case, both f->wpos and f->wbase are
null; in the latter they are both non-null and point into the same
array.

allows the os to free the marked pages lazily on memory pressure.
expected to increase malloc performance.
new in linux commit 854e9ed09dedf0c19ac8640e91bcc74bc3f9e5c9

new flag for exclusive wakeup mode when an event source fd is attached
to multiple epoll fds but they should not all receive the events.
new in linux commit df0108c5da561c66c333bb46bfe3c1fc65905898

new socket options for setting classic or extended BPF program
for sockets in a SO_REUSEPORT group.  added in linux commit
538950a1b7527a0a52ccd9337e3fcd304f027f13

new in linux commit 715f504b118998c41a2079a17e16bf5a8a114885
same as IP_HDRINCL but for SOL_IPV6 sockets.

it was introduced for offloading copying between regular files
in linux commit 29732938a6289a15e907da234d6692a2ead71855

(microblaze and sh does not yet have the syscall number.)

add userfaultfd, membarrier and mlock2 system call numbers.

currently five targets use the same mman.h constants and the rest
share most constants too, so move them to sys/mman.h before the
bits/mman.h include where the differences can be corrected by
redefinition of the macros.

this fixes two minor bugs: POSIX_MADV_DONTNEED was wrong on most
targets (it should be the same as MADV_DONTNEED), and sh defined
the x86-only MAP_32BIT mmap flag.

the idiom fprintf(f, "%.*s", n, "") was wrongly used in vfwprintf as a
means of producing n spaces; instead it produces no output. the
correct form is fprintf(f, "%*s", n, ""), using width instead of
precision, since for %s the later is a maximum rather than a minimum.