| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
In the course of developing earlier patches in this series I
discovered that clang’s stddef.h does not implement the __need_*
convention correctly: in C++, under some circumstances __need_NULL
will also cause a definition of nullptr_t, and when the “modules”
feature is enabled, all of the __need macros are ignored and all of
stddef.h is exposed. (I’m not sure how to actually make either of
these things happen, I discovered the problem by reading the file.)
Worse, clang’s stdarg.h does not implement __need___va_list *at all*;
including its stdarg.h will always expose all of its definitions.
These are bugs in clang but it seems prudent to work around them, and
the simplest way to do so is to have the bits/types/ headers
introduced in the previous patch make definitions themselves, when
possible. For size_t, ptrdiff_t, and wchar_t, we can use the
predefined macros __SIZE_TYPE__, __PTRDIFF_TYPE__, and __WCHAR_TYPE__,
when available, falling back to the old approach. For __gnuc_va_list,
we have a whitelist of compilers known to provide __builtin_va_list,
falling back to the old approach. NULL and va_list are defined
ab initio.
An additional complication is that we must be able to tell stddef.h
and stdarg.h _not_ to define again things we have already defined. It
appears to me, based on inspection of clang, GCC, and icc stddef.h and
stdarg.h, that we can use the macros _SIZE_T, _PTRDIFF_T, _WCHAR_T,
_VA_LIST, and __GNUC_VA_LIST to accomplish this.
Since we are no longer relying on stdarg.h to define an
implementation-namespace alias for us, I thought it would make sense
also to stop calling it __gnuc_va_list. The bulk of this patch is
a mechanical substitution of __va_list for __gnuc_va_list throughout
our headers.
Copyright boilerplate is added to stdlib/bits/NULL.h and stdlib/bits/types/*.h
because they now contain enough commentary and code that they could
plausibly be copyrightable.
* stdlib/bits/NULL.h: Do not use stddef.h to define NULL.
Define NULL ab initio if not already defined, as `((void *)0)` for C,
and either `__null` or 0 for C++, depending on compiler support.
* stdlib/bits/types/__va_list.h: If __builtin_va_list is known to
be available, use it to define __va_list without including
stdarg.h. Otherwise use __need___va_list to request a definition
of __gnuc_va_list and nothing else from stdarg.h, then use that to
define __va_list.
* stdlib/bits/types/va_list.h: Use __va_list, not __gnuc_va_list,
to define va_list. Improve commentary.
* stdlib/bits/types/ptrdiff_t.h: If __PTRDIFF_TYPE__ is defined,
use it to define ptrdiff_t without including stddef.h. Otherwise
use __need_ptrdiff_t to request a definition of ptrdiff_t and
nothing else from stddef.h. Use _PTRDIFF_T as guard macro to
match behavior of common stddef.h implementations.
* stdlib/bits/types/size_t.h: Similarly for size_t, with
__SIZE_TYPE__, __need_size_t, and _SIZE_T.
* stdlib/bits/types/wchar_t.h: Similarly for wchar_t, with
__WCHAR_TYPE__, __need_wchar_t, and _WCHAR_T. If __cplusplus
is defined, do nothing; wchar_t is built-in in C++.
* conform/data/stdio.h-data, conform/data/wchar.h-data
* include/err.h, include/stdio.h, include/syslog.h, include/wchar.h
* libio/bits/stdio.h, libio/bits/stdio2.h, libio/iolibio.h
* libio/libio.h, libio/stdio.h, libio/vwprintf.c, misc/bits/syslog.h
* misc/err.c, misc/err.h, misc/syslog.h, stdio-common/printf.h
* sysdeps/ieee754/ldbl-opt/nldbl-compat.c
* sysdeps/ieee754/ldbl-opt/nldbl-compat.h
* wcsmbs/bits/wchar2.h, wcsmbs/wchar.h:
Replace all uses of __gnuc_va_list with __va_list.
* scripts/check-obsolete-constructs.py (HEADER_ALLOWED_INCLUDES):
bits/NULL.h is no longer allowed to include stddef.h.
|
|
We rely on the compiler's stddef.h and stdarg.h to define size_t,
ptrdiff_t, wchar_t, NULL, and __gnuc_va_list, and to implement a
convention that allows us to request the definition of a specific one:
for instance
#define __need_size_t
#include <stddef.h>
is expected to define size_t but not any of the other things stddef.h
defines.
This patch hides that convention behind a set of bits/types/ headers,
which allows check-obsolete-constructs.py to verify that none of our
headers include these headers unconditionally. (Both of them define
at least one item in the user namespace that no other header is
supposed to expose.) It will also facilitate coping with compilers
that don’t implement the __need convention. (That scenario is not
hypothetical, see the next patch.)
Only public headers use the new bits headers. Non-public headers and
.c files in our codebase, that were formerly defining __need macros,
now just include stddef.h and/or stdarg.h without any __need macros.
A few files didn’t need to be including stddef.h / stdarg.h at all.
Uses of NULL in public headers that aren’t expected to define NULL
are changed to a bare 0. bits/NULL.h is only used by headers that
are expected to define NULL.
malloc.h and printf.h were, in fact, including stddef.h and/or
stdarg.h unconditionally; they no longer do that. This broke a few of
our test cases, which are fixed by adding appropriate inclusions to
the relevant .c files.
* stdlib/bits/NULL.h
* stdlib/bits/types/__va_list.h
* stdlib/bits/types/ptrdiff_t.h
* stdlib/bits/types/size_t.h
* stdlib/bits/types/va_list.h
* stdlib/bits/types/wchar_t.h:
New headers defining a single type or macro each.
* stdlib/Makefile: Install new headers.
* include/bits/NULL.h
* include/bits/types/__va_list.h
* include/bits/types/ptrdiff_t.h
* include/bits/types/size_t.h
* include/bits/types/va_list.h
* include/bits/types/wchar_t.h:
New wrapper headers.
* malloc/malloc.h: Don’t include stdio.h or stddef.h.
Include bits/NULL.h, bits/types/size_t.h, bits/types/ptrdiff_t.h,
and bits/types/FILE.h.
* stdio-common/printf.h: Don’t include stddef.h or stdarg.h.
Include bits/types/size_t.h, bits/types/wchar_t.h, and
bits/types/__va_list.h. Use __gnuc_va_list instead of va_list
in prototypes.
* libio/bits/types/struct_FILE.h: Include bits/types/size_t.h.
* misc/sys/param.h: Include features.h.
* sysvipc/sys/msg.h: Include bits/msq.h after all bits/types/ headers.
* sysvipc/sys/sem.h: Include bits/sem.h after all bits/types/ headers.
* sysvipc/sys/shm.h: Include bits/shm.h after all bits/types/ headers.
* hurd/hurd/signal.h: Don’t use NULL.
* hurd/hurd/ioctl.h: Don’t include stdarg.h.
* hurd/hurd/userlink.h: Don’t include stddef.h. Don’t use NULL.
* intl/libintl.h: Don’t include stddef.h. Don’t use NULL.
* intl/gettext.c, intl/ngettext.c: Include stddef.h
unconditionally. Don’t define any __need macros first.
Don’t include stdlib.h.
* sysdeps/posix/sigignore.c:, sysdeps/posix/sigset.c:
Don’t include errno.h or string.h.
* malloc/tst-malloc-thread-fail.c: Include stddef.h.
* malloc/tst-malloc_info.c: Include stdio.h.
* stdio-common/tst-vfprintf-user-type.c: Include stdarg.h.
* string/tst-cmp.c: Include stdio.h.
* debug/wcpcpy_chk.c, iconv/loop.c, iconv/skeleton.c
* signal/sighold.c, signal/sigrelse.c, stdio-common/tempname.c
* sysdeps/generic/ldsodefs.h, sysdeps/nptl/libc-lock.h
* sysdeps/nptl/libc-lockP.h, sysdeps/posix/waitid.c
* wcsmbs/wcstol_l.c, wcsmbs/wcstoll_l.c, wcsmbs/wcstoul_l.c
* wcsmbs/wcstoull_l.c, sysdeps/posix/sigignore.c
* sysdeps/posix/sigset.c: Don’t define __need macros before
including stddef.h.
* bits/socket.h, bits/types/stack_t.h, dirent/dirent.h
* dlfcn/dlfcn.h, gmon/sys/profil.h, grp/grp.h, gshadow/gshadow.h
* hurd/hurd/signal.h, hurd/hurd/sigpreempt.h, iconv/gconv.h
* include/set-hooks.h, include/stdio.h, inet/aliases.h
* io/sys/sendfile.h, libio/stdio.h, misc/bits/types/struct_iovec.h
* misc/search.h, misc/sys/mman.h, misc/syslog.h, posix/glob.h
* posix/sched.h, posix/sys/types.h, posix/unistd.h
* posix/wordexp.h, pwd/pwd.h, shadow/shadow.h, signal/signal.h
* socket/sys/socket.h, stdlib/alloca.h, stdlib/monetary.h
* stdlib/stdlib.h, stdlib/sys/random.h, string/string.h
* string/strings.h, sunrpc/rpc/netdb.h
* sysdeps/htl/bits/types/struct___pthread_attr.h
* sysdeps/mach/hurd/bits/socket.h
* sysdeps/unix/sysv/linux/bits/socket.h
* sysdeps/unix/sysv/linux/bits/types/stack_t.h
* sysdeps/unix/sysv/linux/ia64/bits/sigcontext.h
* sysdeps/unix/sysv/linux/mips/bits/types/stack_t.h
* sysdeps/unix/sysv/linux/scsi/sg.h
* sysdeps/unix/sysv/linux/sys/sysctl.h
* sysvipc/sys/msg.h, sysvipc/sys/sem.h, sysvipc/sys/shm.h
* time/time.h, wcsmbs/uchar.h, wcsmbs/wchar.h:
Use bits/types/size_t.h instead of __need_size_t.
* iconv/gconv.h, iconv/iconv.h, libio/libio.h
* stdlib/inttypes.h, stdlib/stdlib.h, wcsmbs/wchar.h:
Use bits/types/wchar_t.h instead of __need_wchar_t.
* libio/stdio.h, locale/locale.h, misc/sys/param.h
* posix/sched.h, posix/unistd.h, stdlib/stdlib.h
* string/string.h, sysdeps/unix/sysv/linux/bits/sigcontext.h
* time/time.h, wcsmbs/wchar.h: Use bits/NULL.h instead of __need_NULL.
* libio/stdio.h, misc/err.h: Use bits/types/__va_list.h instead
of __need___va_list.
* libio/stdio.h: Use bits/types/va_list.h instead of manually
defining va_list.
* hurd/hurd/userlink.h, misc/sys/mman.h, posix/sched.h
* sysdeps/mach/hurd/bits/socket.h
* sysdeps/unix/sysv/linux/ia64/bits/sigcontext.h
* wcsmbs/wchar.h: Reorganize includes; no semantic effect.
* stdlib/stdlib.h: Normalize format of multiple include guard.
* sysdeps/unix/sysv/linux/bits/sigcontext.h: Annotate workarounds
for kernel header bugs.
* sysdeps/unix/sysv/linux/aarch64/sys/user.h
* sysdeps/unix/sysv/linux/arm/sys/user.h
* sysdeps/unix/sysv/linux/m68k/sys/user.h
* sysdeps/unix/sysv/linux/microblaze/sys/user.h
* sysdeps/unix/sysv/linux/nios2/sys/user.h
* sysdeps/unix/sysv/linux/s390/sys/user.h
* sysdeps/unix/sysv/linux/x86/sys/user.h
Include features.h.
* sysdeps/unix/sysv/linux/alpha/sys/user.h
* sysdeps/unix/sysv/linux/ia64/sys/user.h
* sysdeps/unix/sysv/linux/mips/sys/user.h
* sysdeps/unix/sysv/linux/powerpc/sys/user.h
* sysdeps/unix/sysv/linux/sh/sys/user.h
* sysdeps/unix/sysv/linux/sparc/sys/user.h
Include features.h and bits/types/size_t.h, in that order.
Include kernel headers, if any, after those two.
Don’t include stddef.h or sys/types.h.
* scripts/check-obsolete-constructs.py
(UNIVERSAL_ALLOWED_INCLUDES): Remove stddef.h and stdarg.h.
(HEADER_ALLOWED_INCLUDES): Update.
|
|
This doesn't exactly fit the theme but as long as I'm tinkering with
sys/types.h it makes sense to go through and create single-declaration
bits/types/ headers for all of the remaining cases where we have
two or more headers declaring a public type.
The remaining uses of the original __T_defined idiom are:
__error_t_defined in files shared with gnulib, which probably has to
remain as is; ____gwchar_t_defined in inttypes.h, which may not be
necessary anymore and should be addressed separately, and
__ldiv_t_defined and __lldiv_t_defined in stdlib.h, ditto.
Our handling of LFS types is a little inconsistent: some headers
declare both off_t and off64_t (for instance) when
_LARGEFILE64_SOURCE, others will only declare off_t regardless of
_LARGEFILE64_SOURCE. I don't know if this was intentional or not.
I am tempted to centralize responsibility for _LARGEFILE64_SOURCE as
well as _FILE_OFFSET_BITS=64 in bits/types/off_t.h (etc) so that any
header that declares off_t will automatically also declare off64_t
when _LARGEFILE64_SOURCE.
sunrpc/rpc/types.h is special, because it is included in files
compiled by the *build* compiler (cross-rpcgen-objs), and therefore it
cannot unconditionally assume bits/types headers are available. What
I did was have it include the appropriate bits/types headers only if
including sys/types.h did not cause __BIT_TYPES_DEFINED__ to be
defined. This will do the right thing when an installed rpc/types.h
is included by application code compiled without __USE_MISC in effect.
During the build, we rely on the fact that we compile all of our own
code with __USE_MISC in effect. This is fragile, but should be
acceptable for code that's no longer built by default anyway.
scripts/check-obsolete-constructs.py ensures that only sys/types.h and
rpc/types.h include the bits/types/ headers that define obsolete types.
* posix/bits/types/blkcnt64_t.h
* posix/bits/types/blkcnt_t.h
* posix/bits/types/blksize_t.h
* posix/bits/types/dev_t.h
* posix/bits/types/fsblkcnt64_t.h
* posix/bits/types/fsblkcnt_t.h
* posix/bits/types/fsfilcnt64_t.h
* posix/bits/types/fsfilcnt_t.h
* posix/bits/types/fsid_t.h
* posix/bits/types/gid_t.h
* posix/bits/types/id_t.h
* posix/bits/types/ino64_t.h
* posix/bits/types/ino_t.h
* posix/bits/types/intptr_t.h
* posix/bits/types/key_t.h
* posix/bits/types/loff_t.h
* posix/bits/types/mode_t.h
* posix/bits/types/nlink_t.h
* posix/bits/types/off64_t.h
* posix/bits/types/off_t.h
* posix/bits/types/pid_t.h
* posix/bits/types/socklen_t.h
* posix/bits/types/ssize_t.h
* posix/bits/types/suseconds_t.h
* posix/bits/types/uid_t.h
* posix/bits/types/useconds_t.h:
New single-declaration headers for standard types canonically
defined by sys/types.h, sys/socket.h, or inttypes.h but also
exposed by other headers under some circumstances. Code moved
from posix/sys/types.h, socket/sys/socket.h, stdlib/inttypes.h
as appropriate.
* posix/bits/types/uint.h
* posix/bits/types/u_int.h
* posix/bits/types/u_intN_t.h
* posix/bits/types/caddr_t.h
* posix/bits/types/daddr_t.h
* posix/bits/types/loff_t.h
* posix/bits/types/register_t.h:
Similarly, but for obsolete BSD-derived types whose canonical
home is sys/types.h. Some of these headers define more than
one type.
* posix/Makefile (headers): Install the above new headers.
Rewrap the list.
* posix/sys/types.h: All definitions of public types now
accomplished using the above new headers. Consolidate
groups of definitions controlled by the same feature
selection macros.
* inet/arpa/inet.h, bits/socket.h
* sysdeps/mach/hurd/bits/socket.h
* sysdeps/unix/sysv/linux/bits/socket.h:
Use bits/types/socklen_t.h.
* dirent/dirent.h: Use bits/types/ino_t.h and bits/types/ino64_t.h.
* grp/grp.h: Use bits/types/gid_t.h.
* io/fcntl.h: Use bits/types/mode_t.h, bits/types/off_t.h,
bits/types/pid_t.h, and bits/types/off64_t.h.
* io/sys/stat.h: Use bits/types/dev_t.h, bits/types/gid_t.h,
bits/types/ino_t.h, bits/types/mode_t.h, bits/types/nlink_t.h,
bits/types/off_t.h, bits/types/uid_t.h, and bits/types/blkcnt_t.h.
* libio/stdio.h: Use bits/types/off_t.h, bits/types/off64_t.h,
and bits/types/ssize_t.h.
* misc/sys/mman.h: Use bits/types/off_t.h and bits/types/mode_t.h.
* misc/sys/select.h: Use bits/types/suseconds_t.h.
* posix/sched.h: Use bits/types/pid_t.h.
* posix/sys/wait.h: Use bits/types/pid_t.h and bits/types/id_t.h.
* posix/unistd.h: Use bits/types/gid_t.h, bits/types/uid_t.h,
bits/types/off_t.h, bits/types/off64_t.h, bits/types/useconds_t.h,
bits/types/intptr_t.h, and bits/types/socklen_t.h.
* pwd/pwd.h: Use bits/types/gid_t.h and bits/types/uid_t.h.
* resource/sys/resource.h: Use bits/types/id_t.h.
* signal/signal.h: Use bits/types/pid_t.h and bits/types/uid_t.h.
* stdlib/monetary.h: Use bits/types/ssize_t.h.
* sysdeps/gnu/utmpx.h: Use bits/types/pid_t.h.
* sysvipc/sys/ipc.h: Use bits/types/uid_t.h, bits/types/gid_t.h,
bits/types/mode_t.h, and bits/types/key_t.h.
* sysvipc/sys/msg.h: Use bits/types/pid_t.h and bits/types/ssize_t.h.
* sysvipc/sys/shm.h: Use bits/types/pid_t.h.
* termios/termios.h: Use bits/types/pid_t.h.
* time/sys/time.h: Use bits/types/suseconds_t.h.
* time/time.h: Use bits/types/pid_t.h.
* sunrpc/rpc/types.h: Consolidate all #includes at the top of
the file. If __BIT_TYPES_DEFINED__ is not defined after
including sys/types.h, also include bits/types/caddr_t.h,
bits/types/daddr_t.h, bits/types/fsid_t.h, and bits/types/u_int.h.
* scripts/check-obsolete-constructs.py (OBSOLETE_TYPE_HDR_RE_): New.
(ObsoleteIndirectDefinitionsAllowed): New; allows inclusion of
bits/types/ headers that define obsolete typedefs, but not
direct definitions of those types.
(ObsoleteNotAllowed, ObsoletePrivateDefinitionsAllowed)
(ObsoletePublicDefinitionsAllowed): Do not allow inclusion of
bits/types/ headers that define obsolete typedefs.
* include/bits/types/blkcnt64_t.h
* include/bits/types/blkcnt_t.h
* include/bits/types/blksize_t.h
* include/bits/types/caddr_t.h
* include/bits/types/daddr_t.h
* include/bits/types/dev_t.h
* include/bits/types/fsblkcnt64_t.h
* include/bits/types/fsblkcnt_t.h
* include/bits/types/fsfilcnt64_t.h
* include/bits/types/fsfilcnt_t.h
* include/bits/types/fsid_t.h
* include/bits/types/gid_t.h
* include/bits/types/id_t.h
* include/bits/types/ino64_t.h
* include/bits/types/ino_t.h
* include/bits/types/intptr_t.h
* include/bits/types/key_t.h
* include/bits/types/loff_t.h
* include/bits/types/mode_t.h
* include/bits/types/nlink_t.h
* include/bits/types/off64_t.h
* include/bits/types/off_t.h
* include/bits/types/pid_t.h
* include/bits/types/register_t.h
* include/bits/types/socklen_t.h
* include/bits/types/ssize_t.h
* include/bits/types/suseconds_t.h
* include/bits/types/u_char.h
* include/bits/types/u_intN_t.h
* include/bits/types/uchar.h
* include/bits/types/uid_t.h
* include/bits/types/useconds_t.h: New wrappers.
|
|
|
|
It enables and disables cancellation with pthread_setcancelstate
before calling the waitpid. It simplifies the waitpid implementation
for architectures that do not provide either __NR_waitpid or
__NR_wait4.
Checked on x86_64-linux-gnu.
|
|
Commit c402355dfa7807b8e0adb27c009135a7e2b9f1b0 ("libio: Disable
vtable validation in case of interposition [BZ #23313]") only covered
the interposable glibc 2.1 handles, in libio/stdfiles.c. The
parallel code in libio/oldstdfiles.c needs similar detection logic.
Fixes (again) commit db3476aff19b75c4fdefbe65fcd5f0a90588ba51
("libio: Implement vtable verification [BZ #20191]").
Change-Id: Ief6f9f17e91d1f7263421c56a7dc018f4f595c21
|
|
When the commit
commit 03992356e6fedc5a5e9d32df96c1a2c79ea28a8f
Author: Zack Weinberg <zackw@panix.com>
Date: Sat Feb 10 11:58:35 2018 -0500
Use C99-compliant scanf under _GNU_SOURCE with modern compilers.
added the DEPRECATED_SCANF macro to select when redirections of *scanf
functions to their ISO C99 compliant versions should happen, it
accidentally missed doing it for vfwscanf, vwscanf, and vswscanf.
Tested for powerpc64le and with build-many-glibcs (i686-linux-gnu and
nios2-linux-gnu are failing with current master, and with this patch,
but I didn't see a regression).
Change-Id: I706b344a3fb50be017cdab9251d9da18a3ba8c60
|
|
libio can only deal with gconv conversions which consist of a single
step. Not using __gconv_info simplifies the data structures somewhat.
This eliminates a new GCC 10 warning about subscribing an inner
zero-length array.
Tested on x86_64-linux-gnu with mainline GCC. Built with
build-many-glibcs.py, also with mainline GCC. Due to GCC PR 92039,
there are failures left on 32-bit architectures with float128 support.
Change-Id: I8b4c489b619a53154712ff32e1b6f13bb92d4203
|
|
|
|
Also, change sources.redhat.com to sourceware.org.
This patch was automatically generated by running the following shell
script, which uses GNU sed, and which avoids modifying files imported
from upstream:
sed -ri '
s,(http|ftp)(://(.*\.)?(gnu|fsf|sourceware)\.org($|[^.]|\.[^a-z])),https\2,g
s,(http|ftp)(://(.*\.)?)sources\.redhat\.com($|[^.]|\.[^a-z]),https\2sourceware.org\4,g
' \
$(find $(git ls-files) -prune -type f \
! -name '*.po' \
! -name 'ChangeLog*' \
! -path COPYING ! -path COPYING.LIB \
! -path manual/fdl-1.3.texi ! -path manual/lgpl-2.1.texi \
! -path manual/texinfo.tex ! -path scripts/config.guess \
! -path scripts/config.sub ! -path scripts/install-sh \
! -path scripts/mkinstalldirs ! -path scripts/move-if-change \
! -path INSTALL ! -path locale/programs/charmap-kw.h \
! -path po/libc.pot ! -path sysdeps/gnu/errlist.c \
! '(' -name configure \
-execdir test -f configure.ac -o -f configure.in ';' ')' \
! '(' -name preconfigure \
-execdir test -f preconfigure.ac ';' ')' \
-print)
and then by running 'make dist-prepare' to regenerate files built
from the altered files, and then executing the following to cleanup:
chmod a+x sysdeps/unix/sysv/linux/riscv/configure
# Omit irrelevant whitespace and comment-only changes,
# perhaps from a slightly-different Autoconf version.
git checkout -f \
sysdeps/csky/configure \
sysdeps/hppa/configure \
sysdeps/riscv/configure \
sysdeps/unix/sysv/linux/csky/configure
# Omit changes that caused a pre-commit check to fail like this:
# remote: *** error: sysdeps/powerpc/powerpc64/ppc-mcount.S: trailing lines
git checkout -f \
sysdeps/powerpc/powerpc64/ppc-mcount.S \
sysdeps/unix/sysv/linux/s390/s390-64/syscall.S
# Omit change that caused a pre-commit check to fail like this:
# remote: *** error: sysdeps/sparc/sparc64/multiarch/memcpy-ultra3.S: last line does not end in newline
git checkout -f sysdeps/sparc/sparc64/multiarch/memcpy-ultra3.S
|
|
The changes introduce a memory leak for gconv steps arrays whose
first element is an internal conversion, which has a fixed
reference count which is not decremented. As a result, after the
change in commit 50ce3eae5ba304650459d4441d7d246a7cefc26f, the steps
array is never freed, resulting in an unbounded memory leak.
This reverts commit 50ce3eae5ba304650459d4441d7d246a7cefc26f
("gconv: Check reference count in __gconv_release_cache
[BZ #24677]") and commit 7e740ab2e7be7d83b75513aa406e0b10875f7f9c
("libio: Fix gconv-related memory leak [BZ #24583]"). It
reintroduces bug 24583. (Bug 24677 was just a regression caused by
the second commit.)
|
|
On powerpc64le, long double can currently take two formats: the same as
double (-mlong-double-64) or IBM Extended Precision (default with
-mlong-double-128 or explicitly with -mabi=ibmlongdouble). The internal
implementation of printf-like functions is aware of these possibilities
and properly parses floating-point values from the variable arguments,
before making calls to __printf_fp and __printf_fphex. These functions
are also aware of the format possibilities and know how to convert both
formats to string.
When library support for TS 18661-3 was added to glibc, __printf_fp and
__printf_fphex were extended with support for an additional type
(__float128/_Float128) with a different format (binary128). Now that
powerpc64le is getting support for its third long double format, and
taking into account that this format is the same as the format of
__float128/_Float128, this patch extends __vfprintf_internal to properly
call __printf_fp and __printf_fphex with this new format.
Tested for powerpc64le (with additional patches to actually enable the
use of these preparations) and for x86_64.
Reviewed-by: Adhemerval Zanella <adhemerval.zanella@linaro.org>
|
|
Commit a601b74d31ca086de38441d316a3dee24c866305 aka glibc-2.23~693
("In preparation for fixing BZ#16734, fix failure in misc/tst-error1-mem
when _G_HAVE_MMAP is turned off.") introduced a regression:
_IO_unbuffer_all now invokes _IO_wsetb to free wide buffers of all
files, including legacy standard files which are small statically
allocated objects that do not have wide buffers and the _mode member,
causing memory corruption.
Another memory corruption in _IO_unbuffer_all happens when -1
is assigned to the _mode member of legacy standard files that
do not have it.
[BZ #24228]
* libio/genops.c (_IO_unbuffer_all)
[SHLIB_COMPAT (libc, GLIBC_2_0, GLIBC_2_1)]: Do not attempt to free wide
buffers and access _IO_FILE_complete members of legacy libio streams.
* libio/tst-bz24228.c: New file.
* libio/tst-bz24228.map: Likewise.
* libio/Makefile [build-shared] (tests): Add tst-bz24228.
[build-shared] (generated): Add tst-bz24228.mtrace and
tst-bz24228.check.
[run-built-tests && build-shared] (tests-special): Add
$(objpfx)tst-bz24228-mem.out.
(LDFLAGS-tst-bz24228, tst-bz24228-ENV): New variables.
($(objpfx)tst-bz24228-mem.out): New rule.
|
|
As seen with very old i386 GCC binaries.
|
|
struct gconv_fcts for the C locale is statically allocated,
and __gconv_close_transform deallocates the steps object.
Therefore this commit introduces __wcsmbs_close_conv to avoid
freeing the statically allocated steps objects.
|
|
The codecvt vtable is not a real vtable because it also contains the
conversion state data. Furthermore, wide stream support was added to
GCC 3.0, after a C++ ABI bump, so there is no compatibility
requirement with libstdc++.
This change removes several unmangled function pointers which could
be used with a corrupted FILE object to redirect execution. (libio
vtable verification did not cover the codecvt vtable.)
Reviewed-by: Yann Droneaud <ydroneaud@opteya.com>
Reviewed-by: Adhemerval Zanella <adhemerval.zanella@linaro.org>
|
|
When computing the length of the converted part of the stdio buffer, use
the number of consumed wide characters, not the (negative) distance to the
end of the wide buffer.
|
|
This patch makes further coding style fixes where code was breaking
lines after an operator, contrary to the GNU Coding Standards. As
with the previous patch, it is limited to files following a reasonable
approximation to GNU style already, and is not exhaustive; more such
issues remain to be fixed.
Tested for x86_64, and with build-many-glibcs.py.
* dirent/dirent.h [!_DIRENT_HAVE_D_NAMLEN
&& _DIRENT_HAVE_D_RECLEN] (_D_ALLOC_NAMLEN): Break lines before
rather than after operators.
* elf/cache.c (print_cache): Likewise.
* gshadow/fgetsgent_r.c (__fgetsgent_r): Likewise.
* htl/pt-getattr.c (__pthread_getattr_np): Likewise.
* hurd/hurdinit.c (_hurd_setproc): Likewise.
* hurd/hurdkill.c (_hurd_sig_post): Likewise.
* hurd/hurdlookup.c (__file_name_lookup_under): Likewise.
* hurd/hurdsig.c (_hurd_internal_post_signal): Likewise.
(reauth_proc): Likewise.
* hurd/lookup-at.c (__file_name_lookup_at): Likewise.
(__file_name_split_at): Likewise.
(__directory_name_split_at): Likewise.
* hurd/lookup-retry.c (__hurd_file_name_lookup_retry): Likewise.
* hurd/port2fd.c (_hurd_port2fd): Likewise.
* iconv/gconv_dl.c (do_print): Likewise.
* inet/netinet/in.h (struct sockaddr_in): Likewise.
* libio/wstrops.c (_IO_wstr_seekoff): Likewise.
* locale/setlocale.c (new_composite_name): Likewise.
* malloc/memusagestat.c (main): Likewise.
* misc/fstab.c (fstab_convert): Likewise.
* nptl/pthread_mutex_unlock.c (__pthread_mutex_unlock_usercnt):
Likewise.
* nss/nss_compat/compat-grp.c (getgrent_next_nss): Likewise.
(getgrent_next_file): Likewise.
(internal_getgrnam_r): Likewise.
(internal_getgrgid_r): Likewise.
* nss/nss_compat/compat-initgroups.c (getgrent_next_nss):
Likewise.
(internal_getgrent_r): Likewise.
* nss/nss_compat/compat-pwd.c (getpwent_next_nss_netgr): Likewise.
(getpwent_next_nss): Likewise.
(getpwent_next_file): Likewise.
(internal_getpwnam_r): Likewise.
(internal_getpwuid_r): Likewise.
* nss/nss_compat/compat-spwd.c (getspent_next_nss_netgr):
Likewise.
(getspent_next_nss): Likewise.
(internal_getspnam_r): Likewise.
* pwd/fgetpwent_r.c (__fgetpwent_r): Likewise.
* shadow/fgetspent_r.c (__fgetspent_r): Likewise.
* string/strchr.c (STRCHR): Likewise.
* string/strchrnul.c (STRCHRNUL): Likewise.
* sysdeps/aarch64/fpu/fpu_control.h (_FPU_FPCR_IEEE): Likewise.
* sysdeps/aarch64/sfp-machine.h (_FP_CHOOSENAN): Likewise.
* sysdeps/csky/dl-machine.h (elf_machine_rela): Likewise.
* sysdeps/generic/memcopy.h (PAGE_COPY_FWD_MAYBE): Likewise.
* sysdeps/generic/symbol-hacks.h (__stack_chk_fail_local):
Likewise.
* sysdeps/gnu/netinet/ip_icmp.h (ICMP_INFOTYPE): Likewise.
* sysdeps/gnu/updwtmp.c (TRANSFORM_UTMP_FILE_NAME): Likewise.
* sysdeps/gnu/utmp_file.c (TRANSFORM_UTMP_FILE_NAME): Likewise.
* sysdeps/hppa/jmpbuf-unwind.h (_JMPBUF_UNWINDS): Likewise.
* sysdeps/mach/hurd/bits/stat.h (S_ISPARE): Likewise.
* sysdeps/mach/hurd/dl-sysdep.c (_dl_sysdep_start): Likewise.
(open_file): Likewise.
* sysdeps/mach/hurd/htl/pt-mutexattr-setprotocol.c
(pthread_mutexattr_setprotocol): Likewise.
* sysdeps/mach/hurd/ioctl.c (__ioctl): Likewise.
* sysdeps/mach/hurd/mmap.c (__mmap): Likewise.
* sysdeps/mach/hurd/ptrace.c (ptrace): Likewise.
* sysdeps/mach/hurd/spawni.c (__spawni): Likewise.
* sysdeps/microblaze/dl-machine.h (elf_machine_type_class):
Likewise.
(elf_machine_rela): Likewise.
* sysdeps/mips/mips32/sfp-machine.h (_FP_CHOOSENAN): Likewise.
* sysdeps/mips/mips64/sfp-machine.h (_FP_CHOOSENAN): Likewise.
* sysdeps/mips/sys/asm.h (multiple #if conditionals): Likewise.
* sysdeps/posix/rename.c (rename): Likewise.
* sysdeps/powerpc/novmx-sigjmp.c (__novmx__sigjmp_save): Likewise.
* sysdeps/powerpc/sigjmp.c (__vmx__sigjmp_save): Likewise.
* sysdeps/s390/fpu/fenv_libc.h (FPC_VALID_MASK): Likewise.
* sysdeps/s390/utf8-utf16-z9.c (gconv_end): Likewise.
* sysdeps/unix/grantpt.c (grantpt): Likewise.
* sysdeps/unix/sysv/linux/a.out.h (N_TXTOFF): Likewise.
* sysdeps/unix/sysv/linux/updwtmp.c (TRANSFORM_UTMP_FILE_NAME):
Likewise.
* sysdeps/unix/sysv/linux/utmp_file.c (TRANSFORM_UTMP_FILE_NAME):
Likewise.
* sysdeps/x86/cpu-features.c (get_common_indices): Likewise.
* time/tzfile.c (__tzfile_compute): Likewise.
|
|
The GNU Coding Standards specify that line breaks in expressions
should go before an operator, not after one. This patch fixes various
code to do this. It only changes code that appears to be mostly
following GNU style anyway, not files and directories with
substantially different formatting. It is not exhaustive even for
files using GNU style (for example, changes to sysdeps files are
deferred for subsequent cleanups). Some files changed are shared with
gnulib, but most are specific to glibc. Changes were made manually,
with places to change found by grep (so some cases, e.g. where the
operator was followed by a comment at end of line, are particularly
liable to have been missed by grep, but I did include cases where the
operator was followed by backslash-newline).
This patch generally does not attempt to address other coding style
issues in the expressions changed (for example, missing spaces before
'(', or lack of parentheses to ensure indentation of continuation
lines properly reflects operator precedence).
Tested for x86_64, and with build-many-glibcs.py.
* benchtests/bench-memmem.c (simple_memmem): Break lines before
rather than after operators.
* benchtests/bench-skeleton.c (TIMESPEC_AFTER): Likewise.
* crypt/md5.c (md5_finish_ctx): Likewise.
* crypt/sha256.c (__sha256_finish_ctx): Likewise.
* crypt/sha512.c (__sha512_finish_ctx): Likewise.
* elf/cache.c (load_aux_cache): Likewise.
* elf/dl-load.c (open_verify): Likewise.
* elf/get-dynamic-info.h (elf_get_dynamic_info): Likewise.
* elf/readelflib.c (process_elf_file): Likewise.
* elf/rtld.c (dl_main): Likewise.
* elf/sprof.c (generate_call_graph): Likewise.
* hurd/ctty-input.c (_hurd_ctty_input): Likewise.
* hurd/ctty-output.c (_hurd_ctty_output): Likewise.
* hurd/dtable.c (reauth_dtable): Likewise.
* hurd/getdport.c (__getdport): Likewise.
* hurd/hurd/signal.h (_hurd_interrupted_rpc_timeout): Likewise.
* hurd/hurd/sigpreempt.h (HURD_PREEMPT_SIGNAL_P): Likewise.
* hurd/hurdfault.c (_hurdsig_fault_catch_exception_raise):
Likewise.
* hurd/hurdioctl.c (fioctl): Likewise.
* hurd/hurdselect.c (_hurd_select): Likewise.
* hurd/hurdsig.c (_hurdsig_abort_rpcs): Likewise.
(STOPSIGS): Likewise.
* hurd/hurdstartup.c (_hurd_startup): Likewise.
* hurd/intr-msg.c (_hurd_intr_rpc_mach_msg): Likewise.
* hurd/lookup-retry.c (__hurd_file_name_lookup_retry): Likewise.
* hurd/msgportdemux.c (msgport_server): Likewise.
* hurd/setauth.c (_hurd_setauth): Likewise.
* include/features.h (__GLIBC_USE_DEPRECATED_SCANF): Likewise.
* libio/libioP.h [IO_DEBUG] (CHECK_FILE): Likewise.
* locale/programs/ld-ctype.c (set_class_defaults): Likewise.
* localedata/tests-mbwc/tst_swscanf.c (tst_swscanf): Likewise.
* login/tst-utmp.c (do_check): Likewise.
(simulate_login): Likewise.
* mach/lowlevellock.h (lll_lock): Likewise.
(lll_trylock): Likewise.
* math/test-fenv.c (ALL_EXC): Likewise.
* math/test-fenvinline.c (ALL_EXC): Likewise.
* misc/sys/cdefs.h (__attribute_deprecated_msg__): Likewise.
* nis/nis_call.c (__do_niscall3): Likewise.
* nis/nis_callback.c (cb_prog_1): Likewise.
* nis/nis_defaults.c (searchaccess): Likewise.
* nis/nis_findserv.c (__nis_findfastest_with_timeout): Likewise.
* nis/nis_ismember.c (internal_ismember): Likewise.
* nis/nis_local_names.c (nis_local_principal): Likewise.
* nis/nss_nis/nis-rpc.c (_nss_nis_getrpcbyname_r): Likewise.
* nis/nss_nisplus/nisplus-netgrp.c (_nss_nisplus_getnetgrent_r):
Likewise.
* nis/ypclnt.c (yp_match): Likewise.
(yp_first): Likewise.
(yp_next): Likewise.
(yp_master): Likewise.
(yp_order): Likewise.
* nscd/hstcache.c (cache_addhst): Likewise.
* nscd/initgrcache.c (addinitgroupsX): Likewise.
* nss/nss_compat/compat-pwd.c (copy_pwd_changes): Likewise.
(internal_getpwuid_r): Likewise.
* nss/nss_compat/compat-spwd.c (copy_spwd_changes): Likewise.
* posix/glob.h (__GLOB_FLAGS): Likewise.
* posix/regcomp.c (peek_token): Likewise.
(peek_token_bracket): Likewise.
(parse_expression): Likewise.
* posix/regexec.c (sift_states_iter_mb): Likewise.
(check_node_accept_bytes): Likewise.
* posix/tst-spawn3.c (do_test): Likewise.
* posix/wordexp-test.c (testit): Likewise.
* posix/wordexp.c (parse_tilde): Likewise.
(exec_comm): Likewise.
* posix/wordexp.h (__WRDE_FLAGS): Likewise.
* resource/vtimes.c (TIMEVAL_TO_VTIMES): Likewise.
* setjmp/sigjmp.c (__sigjmp_save): Likewise.
* stdio-common/printf_fp.c (__printf_fp_l): Likewise.
* stdio-common/tst-fileno.c (do_test): Likewise.
* stdio-common/vfprintf-internal.c (vfprintf): Likewise.
* stdlib/strfmon_l.c (__vstrfmon_l_internal): Likewise.
* stdlib/strtod_l.c (round_and_return): Likewise.
(____STRTOF_INTERNAL): Likewise.
* stdlib/tst-strfrom.h (TEST_STRFROM): Likewise.
* string/strcspn.c (STRCSPN): Likewise.
* string/test-memmem.c (simple_memmem): Likewise.
* termios/tcsetattr.c (tcsetattr): Likewise.
* time/alt_digit.c (_nl_parse_alt_digit): Likewise.
* time/asctime.c (asctime_internal): Likewise.
* time/strptime_l.c (__strptime_internal): Likewise.
* time/sys/time.h (timercmp): Likewise.
* time/tzfile.c (__tzfile_compute): Likewise.
|
|
These variables are only used to determine if a stdio stream is
a pre-allocated stream, but it is possible to do so by comparing
a FILE * to all pre-allocated stream objects. As a result, it is
not necessary to keep those pointers in separate variables.
Behavior with symbol interposition is unchanged because _IO_stdin_,
_IO_stdout_, _IO_stderr_ are exported, and refer to objects outside of
libc if symbol interposition or copy relocations are involved. (The
removed variables _IO_stdin, _IO_stdout, _IO_stderr were not exported,
of course.)
|
|
One group of warnings seen building glibc with -Wextra is -Wempty-body
warnings about an 'if' body (or in one case an 'else' body) that is
just a semicolon, "warning: suggest braces around empty body in an
'if' statement [-Wempty-body]" - I think the point of the warning
being to make it more visible whether an 'if' body is actually present
or not.
This patch fixes such warnings in glibc. There's one place, with a
semicolon at the end of a comment, where this is clearly making the
presence of an 'else' body more visible. The other cases involve
macro definitions expanding to nothing. While there's no issue there
with visibility at the call sites, I think it's still cleaner to have
a macro that expands to something nonempty appropriate for the context
- so do {} while (0) if it's only intended to be usable as a
statement, or ((void) 0) where the macro definition is an alternative
to a call to a function returning void, so this patch makes those
changes.
Tested for x86_64.
* catgets/gencat.c (normalize_line): Use braces around empty
'else' body.
* include/stap-probe.h [!USE_STAP_PROBE && !__ASSEMBLER__]
(STAP_PROBE0): Use do {} while (0) for do-nothing definition.
[!USE_STAP_PROBE && !__ASSEMBLER__] (STAP_PROBE1): Likewise.
[!USE_STAP_PROBE && !__ASSEMBLER__] (STAP_PROBE2): Likewise.
[!USE_STAP_PROBE && !__ASSEMBLER__] (STAP_PROBE3): Likewise.
[!USE_STAP_PROBE && !__ASSEMBLER__] (STAP_PROBE4): Likewise.
* libio/libio.h (_IO_funlockfile): Use ((void) 0) for do-nothing
definition.
|
|
On big endian systems the test fails with:
tst-bz24153.c:88: numeric comparison failure
left: 1660944385 (0x63000001); from: ch
right: 99 (0x63); from: L'c'
tst-bz24153.c:90: numeric comparison failure
left: 1677721601 (0x64000001); from: ch
right: 100 (0x64); from: L'd'
error: 2 test failures
One 'char' ("%c") is stored to the 'wchar_t *':
ch = 0x00000001 | 0x63000000
This patch is using "%lc" as format specifier to read a wchar_t.
ChangeLog:
* libio/tst-bz24153.c (wide): Use wide char format specifier.
|
|
The internal _IO_stdin_ variable is not updated when the application
assigns to stdin, which is a GNU extension.
|
|
GLIBC explicitly allows one to assign a new FILE pointer to stdout and
other standard streams. printf and wprintf were honouring assignment to
stdout and using the new value, but puts, putchar, and wide char variants
did not.
The stdout part is fixed here. The stdin part will be fixed in a followup.
|
|
The only difference between noncompliant and C99-compliant scanf is
that the former accepts the archaic GNU extension '%as' (also %aS and
%a[...]) meaning to allocate space for the input string with malloc.
This extension conflicts with C99's use of %a as a format _type_
meaning to read a floating-point number; POSIX.1-2008 standardized
equivalent functionality using the modifier letter 'm' instead (%ms,
%mS, %m[...]).
The extension was already disabled in most conformance modes:
specifically, any mode that doesn't involve _GNU_SOURCE and _does_
involve either strict conformance to C99 or loose conformance to both
C99 and POSIX.1-2001 would get the C99-compliant scanf. With
compilers new enough to use -std=gnu11 instead of -std=gnu89, or
equivalent, that includes the default mode.
With this patch, we now provide C99-compliant scanf in all
configurations except when _GNU_SOURCE is defined *and*
__STDC_VERSION__ or __cplusplus (whichever is relevant) indicates
C89/C++98. This leaves the old scanf available under e.g. -std=c89
-D_GNU_SOURCE, but removes it from e.g. -std=gnu11 -D_GNU_SOURCE (it
was already not present under -std=gnu11 without -D_GNU_SOURCE) and
from -std=gnu89 without -D_GNU_SOURCE.
There needs to be an internal override so we can compile the
noncompliant scanf itself. This is the same problem we had when we
removed 'gets' from _GNU_SOURCE and it's dealt with the same way:
there's a new __GLIBC_USE symbol, DEPRECATED_SCANF, which defaults to
off under the appropriate conditions for external code, but can be
overridden by individual files within stdio.
We also run into problems with PLT bypass for internal uses of sscanf,
because libc_hidden_proto uses __REDIRECT and so does the logic in
stdio.h for choosing which implementation of scanf to use; __REDIRECT
isn't transitive, so include/stdio.h needs to bridge the gap with a
macro. As far as I can tell, sscanf is the only function in this
family that's internally called by unrelated code.
Finally, there are several tests in stdio-common that use the
extension. bug21.c is a regression test for a crash; it still
exercises the relevant code when changed to use %ms instead of %as.
scanf14.c through scanf17.c are more complicated since they are
actually testing the subtleties of the extension - under what
circumstances is 'a' treated as a modifier letter, etc. I changed all
of them to use %ms instead of %as as well, but duplicated scanf14.c
and scanf16.c as scanf14a.c and scanf16a.c. These still use %as and
are compiled with -std=gnu89 to access the old extension. A bunch of
diagnostic overrides and manual workarounds for the old stdio.h
behavior become unnecessary. Yay!
* include/features.h (__GLIBC_USE_DEPRECATED_SCANF): New __GLIBC_USE
parameter. Only use deprecated scanf when __USE_GNU is defined
and __STDC_VERSION__ is less than 199901L or __cplusplus is less
than 201103L, whichever is relevant for the language being compiled.
* libio/stdio.h, libio/bits/stdio-ldbl.h: Decide whether to redirect
scanf, fscanf, sscanf, vscanf, vfscanf, and vsscanf to their
__isoc99_ variants based only on __GLIBC_USE (DEPRECATED_SCANF).
* wcsmbs/wchar.h: wcsmbs/bits/wchar-ldbl.h: Likewise for
wscanf, fwscanf, swscanf, vwscanf, vfwscanf, and vswscanf.
* libio/iovsscanf.c
* libio/fwscanf.c
* libio/iovswscanf.c
* libio/swscanf.c
* libio/vscanf.c
* libio/vwscanf.c
* libio/wscanf.c
* stdio-common/fscanf.c
* stdio-common/scanf.c
* stdio-common/vfscanf.c
* stdio-common/vfwscanf.c
* sysdeps/ieee754/ldbl-opt/nldbl-compat.c
* sysdeps/ieee754/ldbl-opt/nldbl-fscanf.c
* sysdeps/ieee754/ldbl-opt/nldbl-fwscanf.c
* sysdeps/ieee754/ldbl-opt/nldbl-iovfscanf.c
* sysdeps/ieee754/ldbl-opt/nldbl-scanf.c
* sysdeps/ieee754/ldbl-opt/nldbl-sscanf.c
* sysdeps/ieee754/ldbl-opt/nldbl-swscanf.c
* sysdeps/ieee754/ldbl-opt/nldbl-vfscanf.c
* sysdeps/ieee754/ldbl-opt/nldbl-vfwscanf.c
* sysdeps/ieee754/ldbl-opt/nldbl-vscanf.c
* sysdeps/ieee754/ldbl-opt/nldbl-vsscanf.c
* sysdeps/ieee754/ldbl-opt/nldbl-vswscanf.c
* sysdeps/ieee754/ldbl-opt/nldbl-vwscanf.c
* sysdeps/ieee754/ldbl-opt/nldbl-wscanf.c:
Override __GLIBC_USE_DEPRECATED_SCANF to 1.
* stdio-common/sscanf.c: Likewise. Remove ldbl_hidden_def for __sscanf.
* stdio-common/isoc99_sscanf.c: Add libc_hidden_def for __isoc99_sscanf.
* include/stdio.h: Provide libc_hidden_proto for __isoc99_sscanf,
not sscanf.
[!__GLIBC_USE (DEPRECATED_SCANF)]: Define sscanf as __isoc99_scanf
with a preprocessor macro.
* stdio-common/bug21.c, stdio-common/scanf14.c:
Use %ms instead of %as, %mS instead of %aS, %m[] instead of %a[];
remove DIAG_IGNORE_NEEDS_COMMENT for -Wformat.
* stdio-common/scanf16.c: Likewise. Add __attribute__ ((format (scanf)))
to xscanf, xfscanf, xsscanf.
* stdio-common/scanf14a.c: New copy of scanf14.c which still uses
%as, %aS, %a[]. Remove DIAG_IGNORE_NEEDS_COMMENT for -Wformat.
* stdio-common/scanf16a.c: New copy of scanf16.c which still uses
%as, %aS, %a[]. Add __attribute__ ((format (scanf))) to xscanf,
xfscanf, xsscanf.
* stdio-common/scanf15.c, stdio-common/scanf17.c: No need to
override feature selection macros or provide definitions of u_char etc.
* stdio-common/Makefile (tests): Add scanf14a and scanf16a.
(CFLAGS-scanf15.c, CFLAGS-scanf17.c): Remove.
(CFLAGS-scanf14a.c, CFLAGS-scanf16a.c): New. Compile these files
with -std=gnu89.
|
|
According to ISO C99, passing the same buffer as source and destination
to sprintf, snprintf, vsprintf, or vsnprintf has undefined behavior.
Until the commit
commit 4e2f43f842ef5e253cc23383645adbaa03cedb86
Author: Zack Weinberg <zackw@panix.com>
Date: Wed Mar 7 14:32:03 2018 -0500
Use PRINTF_FORTIFY instead of _IO_FLAGS2_FORTIFY (bug 11319)
a call to sprintf or vsprintf with overlapping buffers, for instance
vsprintf (buf, "%sTEXT", buf), would append `TEXT' into buf, while a
call to snprintf or vsnprintf would override the contents of buf.
After the aforementioned commit, the behavior of sprintf and vsprintf
changed (so that they also override the contents of buf).
This patch reverts this behavioral change, because it will likely break
applications that rely on the previous behavior, even though it is
undefined by ISO C. As noted by Szabolcs Nagy, this is used in SPEC2017
507.cactuBSSN_r/src/PUGH/PughUtils.c:
sprintf(mess," Size:");
for (i=0;i<dim+1;i++)
{
sprintf(mess,"%s %d",mess,pughGH->GFExtras[dim]->nsize[i]);
}
More important to notice is the fact that the overwriting of the
destination buffer is not the only behavior affected by the refactoring.
Before the refactoring, sprintf and vsprintf would use _IO_str_jumps,
whereas __sprintf_chk and __vsprintf_chk would use _IO_str_chk_jumps.
After the refactoring, all use _IO_str_chk_jumps, which would make
sprintf and vsprintf report buffer overflows and terminate the program.
This patch also reverts this behavior, by installing the appropriate
jump table for each *sprintf functions.
Apart from reverting the changes, this patch adds a test case that has
the old behavior hardcoded, so that regressions are noticed if something
else unintentionally changes the behavior.
Tested for powerpc64le.
|
|
* All files with FSF copyright notices: Update copyright dates
using scripts/update-copyrights.
* locale/programs/charmap-kw.h: Regenerated.
* locale/programs/locfile-kw.h: Likewise.
|
|
Since the commit
commit 698fb75b9ff5ae454a1344b5f9fafa0ca367c555
Author: Zack Weinberg <zackw@panix.com>
Date: Wed Mar 7 14:32:01 2018 -0500
Add __v*printf_internal with flags arguments
_IO_vfprintf is gone. This did not trigger any test case failures on
powerpc and powerpc64le, because there were no tests that covered it.
However, new test cases for nldbl versions of argp.h functions exposed
the problem.
Tested for powerpc64 and powerpc64le.
|
|
On powerpc64le, long double can currently take two formats: the same as
double (-mlong-double-64) or IBM Extended Precision (default with
-mlong-double-128 or explicitly with -mabi=ibmlongdouble). The internal
implementation of scanf-like functions is aware of these possibilites
and, based on the format in use, properly calls __strtold_internal or
__strtod_internal, saving the return to a variable of type double or
long double.
When library support for TS 18661-3 was added to glibc, a new function,
__strtof128_internal, was added to enable reading of floating-point
values with IEEE binary128 format into the _Float128 type. Now that
powerpc64le is getting support for its third long double format, and
taking into account that this format is the same as the format of
_Float128, this patch extends __vfscanf_internal and __vfwscanf_internal
to call __strtof128_internal or __wcstof128_internal when appropriate.
The result gets saved into a variable of _Float128 type.
Tested for powerpc64le.
|
|
The _chk variants of all of the printf functions become much simpler.
This is the last thing that we needed _IO_acquire_lock_clear_flags2
for, so it can go as well. I took the opportunity to make the headers
included and the names of all local variables consistent across all the
affected files.
Since we ultimately want to get rid of __no_long_double as well, it
must be possible to get all of the nontrivial effects of the _chk
functions by calling the _internal functions with appropriate flags.
For most of the __(v)xprintf_chk functions, this is covered by
PRINTF_FORTIFY plus some up-front argument checks that can be
duplicated. However, __(v)sprintf_chk installs a custom jump table so
that it can crash instead of overflowing the output buffer. This
functionality is moved to __vsprintf_internal, which now has a
'maxlen' argument like __vsnprintf_internal; to get the unsafe
behavior of ordinary (v)sprintf, pass -1 for that argument.
obstack_printf_chk and obstack_vprintf_chk are no longer in the same
file.
As a side-effect of the unification of both fortified and non-fortified
vdprintf initialization, this patch fixes bug 11319 for __dprintf_chk
and __vdprintf_chk, which was previously fixed only for dprintf and
vdprintf by the commit
commit 7ca890b88e6ab7624afb1742a9fffb37ad5b3fc3
Author: Ulrich Drepper <drepper@redhat.com>
Date: Wed Feb 24 16:07:57 2010 -0800
Fix reporting of I/O errors in *dprintf functions.
This patch adds a test case to avoid regressions.
Tested for powerpc and powerpc64le.
|
|
There are a lot more printf variants than there are scanf variants,
and the code for setting up and tearing down their custom FILE
variants around the call to __vf(w)printf is more complicated and
variable. Therefore, I have added _internal versions of all the
v*printf variants, rather than introducing helper routines so that
they can all directly call __vf(w)printf_internal, as was done with
scanf.
As with the scanf changes, in this patch the _internal functions still
look at the environmental mode bits and all callers pass 0 for the
flags parameter.
Several of the affected public functions had _IO_ name aliases that
were not exported (but, in one case, appeared in libio.h anyway);
I was originally planning to leave them as aliases to avoid having
to touch internal callers, but it turns out ldbl_*_alias only work
for exported symbols, so they've all been removed instead. It also
turns out there were hardly any internal callers. _IO_vsprintf and
_IO_vfprintf *are* exported, so those two stick around.
Summary for the changes to each of the affected symbols:
_IO_vfprintf, _IO_vsprintf:
All internal calls removed, thus the internal declarations, as well
as uses of libc_hidden_proto and libc_hidden_def, were also removed.
The external symbol is now exposed via uses of ldbl_strong_alias
to __vfprintf_internal and __vsprintf_internal, respectively.
_IO_vasprintf, _IO_vdprintf, _IO_vsnprintf,
_IO_vfwprintf, _IO_vswprintf,
_IO_obstack_vprintf, _IO_obstack_printf:
All internal calls removed, thus declaration in internal headers
were also removed. They were never exported, so there are no
aliases tying them to the internal functions. I.e.: entirely gone.
__vsnprintf:
Internal calls were always preceded by macros such as
#define __vsnprintf _IO_vsnprintf, and
#define __vsnprintf vsnprintf
The macros were removed and their uses replaced with calls to the
new internal function __vsnprintf_internal. Since there were no
internal calls, the internal declaration was also removed. The
external symbol is preserved with ldbl_weak_alias to ___vsnprintf.
__vfwprintf:
All internal calls converted into calls to __vfwprintf_internal,
thus the internal declaration was removed. The function is now a
wrapper that calls __vfwprintf_internal. The external symbol is
preserved.
__vswprintf:
Similarly, but no external symbol.
__vasprintf, __vdprintf, __vfprintf, __vsprintf:
New internal wrappers. Not exported.
vasprintf, vdprintf, vfprintf, vsprintf, vsnprintf,
vfwprintf, vswprintf,
obstack_vprintf, obstack_printf:
These functions used to be aliases to the respective _IO_* function,
they are now aliases to their respective __* functions.
Tested for powerpc and powerpc64le.
|
|
Change the callers of __vfscanf_internal and __vfwscanf_internal that
want C99-compliant behavior to communicate this via the new flags
argument, rather than setting bits on the FILE object. This also
means these functions do not need to do their own locking.
Tested for powerpc and powerpc64le.
|
|
There are two flags currently defined: SCANF_LDBL_IS_DBL is the mode
used by __nldbl_ scanf variants, and SCANF_ISOC99_A is the mode used
by __isoc99_ scanf variants. In this patch, the new functions honor
these flag bits if they're set, but they still also look at the
corresponding bits of environmental state, and callers all pass zero.
The new functions do *not* have the "errp" argument possessed by
_IO_vfscanf and _IO_vfwscanf. All internal callers passed NULL for
that argument. External callers could theoretically exist, so I
preserved wrappers, but they are flagged as compat symbols and they
don't preserve the three-way distinction among types of errors that
was formerly exposed. These functions probably should have been in
the list of deprecated _IO_ symbols in 2.27 NEWS -- they're not just
aliases for vfscanf and vfwscanf.
(It was necessary to introduce ldbl_compat_symbol for _IO_vfscanf.
Please check that part of the patch very carefully, I am still not
confident I understand all of the details of ldbl-opt.)
This patch also introduces helper inlines in libio/strfile.h that
encapsulate the process of initializing an _IO_strfile object for
reading. This allows us to call __vfscanf_internal directly from
sscanf, and __vfwscanf_internal directly from swscanf, without
duplicating the initialization code. (Previously, they called their
v-counterparts, but that won't work if we want to control *both* C99
mode and ldbl-is-dbl mode using the flags argument to__vfscanf_internal.)
It's still a little awkward, especially for wide strfiles, but it's
much better than what we had.
Tested for powerpc and powerpc64le.
|
|
This patch uses posix_spawn on popen instead of fork and execl. On Linux
this has the advantage of much lower memory consumption (usually 32 Kb
minimum for the mmap stack area).
Two issues are also fixed with this change:
* BZ#17490: although POSIX pthread_atfork description only list 'fork'
as the function that should execute the atfork handlers, popen
description states that:
'[...] shall be *as if* a child process were created within the popen()
call using the fork() function [...]'
Other libc/system seems to follow the idea atfork handlers should not be
executed for popen:
libc/system | run atfork handles | notes
------------|----------------------|---------------------------------------
Freebsd | no | uses vfork
Solaris 11 | no |
MacOSX 11 | no | implemented through posix_spawn syscall
------------|----------------------|----------------------------------------
Similar to posix_spawn and system, popen idea is to spawn a different
binary so all the POSIX rationale to run the atfork handlers to avoid
internal process inconsistency is not really required and in some cases
might be unsafe.
* BZ#22834: the described scenario, where the forked process might access
invalid memory due an inconsistent state in multithreaded environment,
should not happen because posix_spawn does not access the affected
data structure (proc_file_chain).
Checked on x86_64-linux-gnu and i686-linux-gnu.
[BZ #22834]
[BZ #17490]
* NEWS: Add new semantic for atfork with popen and system.
* libio/iopopen.c (_IO_new_proc_open): use posix_spawn instead of
fork and execl.
|
|
Signal zero does not terminate a process, so it is safe to use negative
values for signal numbers.
Adjust libio/tst-vtables-common.c to use this new functionality,
instead of determining the termination status for a signal indirectly.
|
|
This removes all overrides of TIMEOUT that are less than or equal to the
default timeout.
|
|
Increase timeout from the default 20s to 100s. This test makes close to
20 million syscalls with distribution:
12327675 read
4143204 lseek
929475 close
929471 openat
92817 fstat
1431 write
...
The default timeout assumes each can finish in 1us on average which
is not true on slow machines.
Reviewed-by: Carlos O'Donell <carlos@redhat.com>
* libio/tst-readline.c (TIMEOUT): Define.
|
|
As POSIX states [1] a freopen call should first flush the stream as if by a
call fflush. C99 (n1256) and C11 (n1570) only states the function should
first close any file associated with the specific stream. Although current
implementation only follow C specification, current BSD and other libc
implementation (musl) are in sync with POSIX and fflush the stream.
This patch change freopen{64} to fflush the stream before actually reopening
it (or returning if the stream does not support reopen). It also changes the
Linux implementation to avoid a dynamic allocation on 'fd_to_filename'.
Checked on x86_64-linux-gnu.
[BZ #21037]
* libio/Makefile (tests): Add tst-memstream4 and tst-wmemstream4.
* libio/freopen.c (freopen): Sync stream before reopen and adjust to
new fd_to_filename interface.
* libio/freopen64.c (freopen64): Likewise.
* libio/tst-memstream.h: New file.
* libio/tst-memstream4.c: Likewise.
* libio/tst-wmemstream4.c: Likewise.
* sysdeps/generic/fd_to_filename.h (fd_to_filename): Change signature.
* sysdeps/unix/sysv/linux/fd_to_filename.h (fd_to_filename): Likewise
and remove internal dynamic allocation.
[1] http://pubs.opengroup.org/onlinepubs/9699919799/
|
|
|
|
This is a variant of fgets which fails with ERANGE if the
buffer is too small, and the buffer length is given as an
argument of type size_t.
This function will be useful for implementing NSS file reading
operations. Compared to a direct implementation using the public API,
it avoids an lseek system call in case the line terminator can be
found in the internal read buffer.
|
|
The implementation falls back to renameat if renameat2 is not available
in the kernel (or in the kernel headers) and the flags argument is zero.
Without kernel support, a non-zero argument returns EINVAL, not ENOSYS.
This mirrors what the kernel does for invalid renameat2 flags.
|
|
|
|
|
|
If the candidate pointer is sufficiently far away from
__start___libc_IO_vtables, the result might not fit into ptrdiff_t.
|
|
These unmangled function pointers reside on the heap and could
be targeted by exploit writers, effectively bypassing libio vtable
validation. Instead, we ignore these pointers and always call
malloc or free.
In theory, this is a backwards-incompatible change, but using the
global heap instead of the user-supplied callback functions should
have little application impact. (The old libstdc++ implementation
exposed this functionality via a public, undocumented constructor
in its strstreambuf class.)
|
|
* hurd/catch-signal.c (__hurd_catch_signal): Call __libc_siglongjmp
instead if siglongjmp.
(hurd_safe_memmove): Call __libc_longjmp instead of longjmp.
* hurd/hurdfault.c (faulted): Call __libc_longjmp instead of longjmp.
* include/setjmp.h (__libc_siglongjmp, __libc_longjmp): New hidden
prototypes.
* libio/iolibio.h (_IO_puts): New hidden prototype.
* libio/ioputs.c (_IO_puts): New hidden def.
* setjmp/longjmp.c (__libc_longjmp, __libc_siglongjmp): New hidden
defs.
* sysdeps/mach/hurd/sigwait.c (__sigwait): Call __libc_longjmp instead
of longjmp.
|
|
C99 specifies that the EOF condition on a file is "sticky": once EOF
has been encountered, all subsequent reads should continue to return
EOF until the file is closed or something clears the "end-of-file
indicator" (e.g. fseek, clearerr). This is arguably a change from
C89, where the wording was ambiguous; the BSDs always had sticky EOF,
but the System V lineage would attempt to read from the underlying fd
again. GNU libc has followed System V for as long as we've been
using libio, but nowadays C99 conformance and BSD compatibility are
more important than System V compatibility.
You might wonder if changing the _underflow impls is sufficient to
apply the C99 semantics to all of the many stdio functions that
perform input. It should be enough to cover all paths to _IO_SYSREAD,
and the only other functions that call _IO_SYSREAD are the _seekoff
impls, which is OK because seeking clears EOF, and the _xsgetn impls,
which, as far as I can tell, are unused within glibc.
The test programs in this patch use a pseudoterminal to set up the
necessary conditions. To facilitate this I added a new test-support
function that sets up a pair of pty file descriptors for you; it's
almost the same as BSD openpty, the only differences are that it
allocates the optionally-returned tty pathname with malloc, and that
it crashes if anything goes wrong.
[BZ #1190]
[BZ #19476]
* libio/fileops.c (_IO_new_file_underflow): Return EOF immediately
if the _IO_EOF_SEEN bit is already set; update commentary.
* libio/oldfileops.c (_IO_old_file_underflow): Likewise.
* libio/wfileops.c (_IO_wfile_underflow): Likewise.
* support/support_openpty.c, support/tty.h: New files.
* support/Makefile (libsupport-routines): Add support_openpty.
* libio/tst-fgetc-after-eof.c, wcsmbs/test-fgetwc-after-eof.c:
New test cases.
* libio/Makefile (tests): Add tst-fgetc-after-eof.
* wcsmbs/Makefile (tests): Add tst-fgetwc-after-eof.
|
|
This patch eliminates a number of #if 0 and #ifdef TODO blocks, macros
that are never used, macros that provide portability to substrates that
lack basic things like EINVAL and off_t, and other such debris.
I preserved IO_DEBUG and CHECK_FILE, even though as far as I can tell
IO_DEBUG is never defined and therefore CHECK_FILE never does
anything, because it seems like we might actually want to turn it _on_.
Installed stripped libraries and executables are unchanged, except,
again, that the line number of an assertion changes (this time it's
somewhere in fileops.c).
* libio/libio.h (_IO_pos_BAD, _IO_pos_0, _IO_pos_adjust):
Define here, unconditionally.
* libio/iolibio.h (_IO_pos_BAD): Don't define here.
* libio/libioP.h: Remove #if 0 blocks.
(_IO_pos_BAD, _IO_pos_0, _IO_pos_adjust): Don't define here.
(_IO_va_start, COERCE_FILE, MAYBE_SET_EINVAL): Don't define.
(CHECK_FILE): Don't use MAYBE_SET_EINVAL or COERCE_FILE. Fix style.
* libio/clearerr.c, libio/fputc.c, libio/getchar.c:
Assume weak_alias is always defined.
* libio/fileops.c, libio/genops.c, libio/oldfileops.c
* libio/oldpclose.c, libio/pclose.c, libio/wfileops.c:
Remove #if 0 and #ifdef TODO blocks.
Assume text_set_element is always defined.
* libio/iofdopen.c, libio/iogetdelim.c, libio/oldiofdopen.c
Use __set_errno (EINVAL) instead of MAYBE_SET_EINVAL.
* libio/tst-mmap-eofsync.c: Make #if 1 block unconditional.
|
|
This entirely mechanical (except for some indentation fixups) patch
replaces all uses of _IO_file_flags with _flags and removes the #define.
Installed stripped libraries and executables are unchanged by this patch.
* libio/libio.h (_IO_file_flags): Remove macro.
All uses changed to _flags.
|
|
This patch eliminates the "compatibility defines"
_IO_UNIFIED_JUMPTABLES (always defined to 1, used in a number of #ifs
which are therefore always false), _STDIO_USES_IOSTREAM (unused),
__HAVE_COLUMN (unused), _IO_BE (replaced with __glibc_unlikely), and
yet another redundant definition of EOF.
Installed stripped libraries are unchanged by this patch.
* libio/libio.h (_IO_UNIFIED_JUMPTABLES, _STDIO_USES_IOSTREAM)
(__HAVE_COLUMN, _IO_BE): Don't define.
(_IO_peekc_unlocked, _IO_getwc_unlocked, _IO_putwc_unlocked)
(_IO_fwide_maybe_incompatible): Use __glibc_unlikely.
* libio/libioP.h (EOF): Don't define.
* libio/iofdopen.c, libio/iofopen.c, libio/iopopen.c
* libio/iovdprintf.c, libio/oldiofdopen.c, libio/oldiofopen.c
* libio/oldiopopen.c, debug/vdprintf_chk.c: Remove #if block
testing _IO_UNIFIED_JUMPTABLES.
|
