- 05 7月, 2013 1 次提交
-
-
由 Rich Felker 提交于
C11 has no requirement that the alignment be a multiple of sizeof(void*), and in fact seems to require any "valid alignment supported by the implementation" to work. since the alignment of char is 1 and thus a valid alignment, an alignment argument of 1 should be accepted.
-
- 04 7月, 2013 3 次提交
- 02 7月, 2013 2 次提交
-
-
由 Rich Felker 提交于
these would not be expensive to actually implement, but reading /etc/ethers does not sound like a particularly useful feature, so for now I'm leaving them as stubs.
-
由 Rich Felker 提交于
previously, determination of the list of header files for installation depended on the include/bits symlink (to the arch-specific files) already having been created. in other words, running "make install" immediately after configure without first running "make" caused the bits headers not to be installed. the solution I have applied is to pull the list of headers directly from arch/$(ARCH)/bits rather than include/bits, and likewise to install directly from arch/$(ARCH)/bits rather than via the symlink. at this point, the only purpose served by keeping the symlink around is that it enables use of the in-tree headers and libs directly via -I and -L, which can be useful when testing against a new version of the library before installing it. on the other hand, removing the bits symlink would be beneficial if we ever want to support building multiple archs in the same source tree.
-
- 30 6月, 2013 5 次提交
-
-
由 Rich Felker 提交于
-
由 Rich Felker 提交于
-
由 Rich Felker 提交于
in theory this should not be an issue, since major() should only be applied to type dev_t, which is 64-bit. however, it appears some applications are not using dev_t but a smaller integer type (which works on Linux because the kernel's dev_t is really only 32-bit). to avoid the undefined behavior, do it as two shifts.
-
由 Rich Felker 提交于
-
由 Rich Felker 提交于
-
- 29 6月, 2013 7 次提交
-
-
由 Rich Felker 提交于
this change is needed to correctly handle the case where a constructor creates a new thread which calls dlopen. previously, the lock was not held in this case. the reason for the complex logic to avoid locking whenever possible is that, since the mutex is recursive, it will need to inspect the thread pointer to get the current thread's tid, and this requires initializing the thread pointer. we do not want non-multi-threaded programs to attempt to access the thread pointer unnecessarily; doing so could make them crash on ancient kernels that don't support threads but which may otherwise be capable of running the program.
-
由 Rich Felker 提交于
rather than returning an error, we have to increase the size argument so high that the kernel will have no choice but to fail. this is because POSIX only permits the EINVAL error for size errors when a new shared memory segment would be created; if it already exists, the size argument must be ignored. unfortunately Linux is non-conforming in this regard, but I want to keep the code correct in userspace anyway so that if/when Linux is fixed, the behavior applications see will be conforming.
-
由 Rich Felker 提交于
rejecting invalid values for n is fine even in the case where a new sem will not be created, since the kernel does its range checks on n even in this case as well. by default, the kernel will bound the limit well below USHRT_MAX anyway, but it's presumably possible that an administrator could override this limit and break things.
-
由 Rich Felker 提交于
this type is not really intended to be used; it's just there to allow implementations to choose the type for the shm_nattch member of struct shmid_sh, presumably since historical implementations disagreed on the type. in any case, it needs to be there, so now it is.
-
由 Rich Felker 提交于
in the process, I refactored the week-number code so it can be used by the week-based-year formats to determine year adjustments at the boundary values. this also improves indention/code readability.
-
由 Rich Felker 提交于
that's what I get for changing a hard-coded threshold to a proper non-magic-number without testing.
-
由 Rich Felker 提交于
output for plain week numbers (%U and %W) has been sanity-checked, and output for the week-based-year week numbers (%V) has been checked extensively against known-good data for the full non-negative range of 32-bit time_t. year numbers for week-based years (%g and %G) are not yet implemented.
-
- 28 6月, 2013 2 次提交
-
-
由 Rich Felker 提交于
the pathnames prefixed with /dev/null/ are guaranteed never to be valid. the previous use of /dev/null alone was mildly dangerous in that bad software might attempt to unlink the name when it found a non-regular file there and create a new file.
-
由 Rich Felker 提交于
internally, other parts of the library assume sizes don't overflow ssize_t and/or ptrdiff_t, and the way this assumption is made valid is by preventing creating of such large objects. malloc already does so, but the check was missing from mmap. this is also a quality of implementation issue: even if the implementation internally could handle such objects, applications could inadvertently invoke undefined behavior by subtracting pointers within an object. it is very difficult to guard against this in applications, so a good implementation should simply ensure that it does not happen.
-
- 27 6月, 2013 7 次提交
-
-
由 Rich Felker 提交于
the address of the pointer to the sched param, rather than the pointer, was being passed to the kernel.
-
由 Rich Felker 提交于
-
由 Rich Felker 提交于
-
由 Rich Felker 提交于
fstat should not fail under normal circumstances, so this fix is mostly theoretical.
-
由 Rich Felker 提交于
the address of the pointer, rather than the pointer, was being passed. this was probably a copy-and-paste error from corresponding get code.
-
由 Rich Felker 提交于
-
由 Rich Felker 提交于
this seems to have been a simple copy-and-paste error from the code for converting from legacy codepages.
-
- 26 6月, 2013 6 次提交
-
-
由 Rich Felker 提交于
-
由 Rich Felker 提交于
previously, the path string was being used despite being invalid. with this change, empty path file or error reading the path file is treated as an empty path. this is preferable to falling back to a default path, so that attacks to prevent reading of the path file could not result in loading incorrect and possibly dangerous (outdated or mismatching ABI) libraries from. the code to strip the final newline has also been removed; now that newline is accepted as a delimiter, it's harmless to leave it in place.
-
由 Rich Felker 提交于
despite declaring functions that take arguments of type va_list, these headers are not permitted by the c standard to expose the definition of va_list, so an alias for the type must be used. the name __isoc_va_list was chosen to convey that the purpose of this alternate name is for iso c conformance, and to avoid the multitude of names which gcc mangles with its hideous "fixincludes" monstrosity, leading to serious header breakage if these "fixes" are run.
-
由 Rich Felker 提交于
apparently the original commit was never tested properly, since getline was only ever reading one line. the intent was to read the entire file, so use getdelim with the null byte as delimiter as a cheap way to read a whole file into memory.
-
由 Rich Felker 提交于
also move all legacy inet_* functions into a single file to avoid wasting object file and compile time overhead on them. the added functions are legacy interfaces for working with classful ipv4 network addresses. they have no modern usefulness whatsoever, but some programs unconditionally use them anyway, and they're tiny.
-
由 Rich Felker 提交于
based on patch by Strake with minor stylistic changes, and combined into a single file. this patch remained open for a long time due to some question as to whether ether_aton would be better implemented in terms of sscanf, and it's time something was committed, so here it is.
-
- 23 6月, 2013 2 次提交
-
-
由 Rich Felker 提交于
this seems to have been a regression from the refactoring which added the 'm' modifier.
-
由 Rich Felker 提交于
the shgetc api, used internally in scanf and int/float scanning code to handle field width limiting and pushback, was designed assuming that pushback could be achieved via a simple decrement on the file buffer pointer. this only worked by chance for regular FILE streams, due to the linux readv bug workaround in __stdio_read which moves the last requested byte through the buffer rather than directly back to the caller. for unbuffered streams and streams not using __stdio_read but some other underlying read function, the first character read could be completely lost, and replaced by whatever junk happened to be in the unget buffer. to fix this, simply have shgetc, when it performs an underlying read operation on the stream, store the character read at the -1 offset from the read buffer pointer. this is valid even for unbuffered streams, as they have an unget buffer located just below the start of the zero-length buffer. the check to avoid storing the character when it is already there is to handle the possibility of read-only buffers. no application-exposed FILE types are allowed to use read-only buffers, but sscanf and strto* may use them internally when calling functions which use the shgetc api.
-
- 16 6月, 2013 2 次提交
-
-
由 Rich Felker 提交于
issue found and patch provided by Jens Gustedt. after the atomic store to the error code field of the aiocb, the application is permitted to free or reuse the storage, so further access is invalid. instead, use the local copy that was already made.
-
由 Rich Felker 提交于
-
- 13 6月, 2013 1 次提交
-
-
由 Rich Felker 提交于
due to the interface requirement of having the full state contained in a single object of type unsigned int, it is difficult to provide a reasonable-quality implementation; most good PRNGs are immediately ruled out because they need larger state. the old rand_r gave very poor output (very short period) in its lower bits; normally, it's desirable to throw away the low bits (as in rand()) when using a LCG, but this is not possible since the state is only 32 bits and we need 31 bits of output. glibc's rand_r uses the same LCG as musl's, but runs it for 3 iterations and only takes 10-11 bits from each iteration to construct the output value. this partially fixes the period issue, but introduces bias: not all outputs have the same frequency, and many do not appear at all. with such a low period, the bias is likely to be observable. I tried many approaches to "fix" rand_r, and the simplest I found which made it pass the "dieharder" tests was applying this transformation to the output. the "temper" function is taken from mersenne twister, where it seems to have been chosen for some rigorous properties; here, the only formal property I'm using is that it's one-to-one and thus avoids introducing bias. should further deficiencies in rand_r be reported, the obvious "best" solution is applying a 32-bit cryptographic block cipher in CTR mode. I identified several possible ciphers that could be used directly or adapted, but as they would be a lot slower and larger, I do not see a justification for using them unless the current rand_r proves deficient for some real-world use.
-
- 08 6月, 2013 2 次提交
-
-
由 Rich Felker 提交于
arguably CLOCK_MONOTONIC should be redirected to CLOCK_BOOTTIME with a fallback for old kernels that don't support it, since Linux's CLOCK_BOOTTIME semantics seem to match the spirit of the POSIX requirements for CLOCK_MONOTONIC better than Linux's version of CLOCK_MONOTONIC does. however, this is a change that would require further discussion and research, so for now, I'm simply making them all available.
-
由 Rich Felker 提交于
originally it was right on 32-bit archs and wrong on 64-bit, but after recent changes it was wrong everywhere. with this commit, it's now right everywhere.
-