Rich Felker [Thu, 9 Jun 2016 17:42:06 +0000 (13:42 -0400)]
avoid padding gaps in struct sockaddr_storage
compilers are free not to copy, or in some cases to clobber, padding
bytes in a structure. while it's an aliasing violation, and thus
undefined behavior, to copy or manipulate other sockaddr types using
sockaddr_storage, it seems likely that traditional code attempts to do
so, and the original intent of the sockaddr_storage structure was
probably to allow such usage.
in the interest of avoiding silent and potentially dangerous breakage,
ensure that there are no actual padding bytes in sockaddr_storage by
moving and adjusting the size of the __ss_padding member so that it
fits exactly.
this change also removes a silent assumption that the alignment of
long is equal to its size.
SOL_* macros are now synced with linux socket.h which is not a uapi
header and glibc did not have the macros either, but that has changed
http://sourceware.org/ml/libc-alpha/2016-05/msg00322.html
Szabolcs Nagy [Thu, 26 May 2016 20:05:25 +0000 (22:05 +0200)]
add SO_CNX_ADVICE to sys/socket.h, new in linux v4.6
new socket option so application can give advice about routing
path quality of connected udp sockets, added in linux commit a87cb3e48ee86d29868d3f59cfb9ce1a8fa63314
Rich Felker [Mon, 23 May 2016 22:19:11 +0000 (18:19 -0400)]
fix a64l undefined behavior on ILP32 archs, wrong results on LP64 archs
the difference of pointers is a signed type ptrdiff_t; if it is only
32-bit, left-shifting it by 30 bits produces undefined behavior. cast
the difference to an appropriate unsigned type, uint32_t, before
shifting to avoid this.
the a64l function is specified to return a signed 32-bit result in
type long. as noted in the bug report by Ed Schouten, converting
implicitly from uint32_t only produces the desired result when long is
a 32-bit type. since the computation has to be done in unsigned
arithmetic to avoid overflow, simply cast the result to int32_t.
further, POSIX leaves the behavior on invalid input unspecified but
not undefined, so we should not take the difference between the
potentially-null result of strchr and the base pointer without first
checking the result. the simplest behavior is just returning the
partial conversion already performed in this case, so do that.
Rich Felker [Sun, 22 May 2016 22:49:59 +0000 (18:49 -0400)]
fix undefined pointer arithmetic in CMSG_NXTHDR macro
previously, the only way the stopping condition could be met with
correct lengths in the headers invoked undefined behavior, adding
sizeof(struct cmsghdr) beyond the end of the cmsg buffer.
instead, compute and compare sizes rather than pointers.
Szabolcs Nagy [Sat, 21 May 2016 13:21:38 +0000 (15:21 +0200)]
fix the use of uninitialized value in regcomp
the num_submatches field of some ast nodes was not initialized in
tre_add_tag_{left,right}, but was accessed later.
this was a benign bug since the uninitialized values were never used
(these values are created during tre_add_tags and copied around during
tre_expand_ast where they are also used in computations, but nothing
in the final tnfa depends on them).
LeMay, Michael [Wed, 4 May 2016 03:29:42 +0000 (03:29 +0000)]
fix redundant processing of --build flag in configure script
The --build flag is listed in two case statement entries in configure,
which causes the second entry to be ignored. This patch removes it
from the first entry.
Signed-off-by: Michael LeMay <michael.lemay@intel.com>
Andrew Kelley [Wed, 4 May 2016 20:29:11 +0000 (13:29 -0700)]
fix incorrect protocol name and number for egp
previously if you called getprotobyname("egp") you would get
NULL because \008 is invalid octal and so the protocol id was
interpreted as 0 and name as "8egp".
follow standard configure behavior for cross compile prefix
the standard configure interface, which our configure script tries to
implement, identifies cross compiling (build != host) and searches for
the properly-prefixed cross tools. our script was not doing that,
forcing users to explicitly provide either CC or a CROSS_COMPILE tool
prefix, and the more common choice, just providing CC, was incomplete
because the Makefile would still invoke the native ar and ranlib
programs. this happened to work when building on ELF-based systems
with GNU binutils, but could easily fail when cross-compiling from
dissimilar systems.
like before, and like the standard configure behavior, an explicit CC
or CROSS_COMPILE variable on the command line or in the environment
overrides the automatic prefixing.
update COPYRIGHT file to clarify that permissions apply for all files
these changes are the outcome of a long mailing list thread that took
place March 2016, "musl licensing". among minor other issues,
prospective users were not confident that the whole-project MIT
license would grant permission for files to which the COPYRIGHT file
expressed a belief that copyright not apply, if it turned out that
these files were actually subject to copyright.
in accordance with the original intent of applying a permissive
license to the project, which was that license issues not be an
obstacle to use, the text which was causing confusion is removed. no
new claims of copyright are made, but new text is added to clarify
that the grant of permissions applies to all files, and an explicit
grant of permission to use public headers and crt files without
attribution has been made.
this patch was reviewed and approved by all substantial contributors
to the affected files: Bobby Bingham, John Spencer (rofl0r), Nicholas
J. Kain, Rich Felker, Richard Pennington, Stefan Kristiansson, and
Szabolcs Nagy.
commit 7e816a6487932cbb3cb71d94b609e50e81f4e5bf (version 1.1.11
release cycle) moved the code that performs wchar_t to multibyte
conversion across code that used the resulting length in bytes,
thereby breaking the unget buffer space check in ungetwc and
clobbering up to three bytes below the start of the buffer.
for allocated FILEs (all read-enabled FILEs except stdin), the
underflow clobbers at most the FILE-specific locale pointer. no stores
are performed through this pointer, but subsequent loads may result in
a crash or mismatching encoding rule (UTF-8 multibyte vs byte-based).
for stdin, the buffer lies in .bss and the underflow may clobber
another object. in practice, for libc.so the adjacent object seems to
be stderr's buffer, which is completely unused, but this could vary
with linking options, or when static linking.
applications which do not attempt to use more than one character of
ungetwc pushback, or which do not use ungetwc, are not affected.
fix thread structure/dtv-pointer corruption on powerpc
per the powerpc psabi, offset 4 of the stack at call time belongs to
the callee and is used for spilling lr (return address). in addition,
offset 0 on the stack must contain a pointer to the previous stack
frame, or a null pointer for the initial stack frame of a thread.
__clone failed to setup any stack frame on the new thread's stack,
thereby allowing the start function it called to clobber offset 4 of
the new thread's struct __pthread, which contains the dtv pointer.
add code to setup a proper stack frame and align the stack pointer to
a multiple of 16 (also an abi requirement) if it was not already
aligned.
mips32r6 and mips64r6 are actually new isas at both the asm source and
opcode levels (pre-r6 code cannot run on r6) and thus need to be
treated as a new subarch. the following changes are made, some of
which yield code generation improvements for non-r6 targets too:
- add subarch logic in configure script and reloc.h files for dynamic
linker name.
- suppress use of .set mips2 asm directives (used to allow mips2
atomic instructions on baseline mips1 builds; the kernel has to
emulate them on mips1) except when actually needed. they cause wrong
instruction encodings on r6, and pessimize inlining on at least some
compilers.
- only hard-code sync instruction encoding on mips1.
- use "ZC" constraint instead of "m" constraint for llsc memory
operands on r6, where the ll/sc instructions no longer accept full
16-bit offsets.
- only hard-code rdhwr instruction encoding with .word on targets
(pre-r2) where it may need trap-and-emulate by the kernel.
otherwise, just use the instruction mnemonic, and allow an arbitrary
destination register to be used.
fix read past end of haystack buffer for short needles in memmem
the two/three/four byte memmem specializations are not prepared to
handle haystacks shorter than the needle; they unconditionally read at
least up to the needle length and subtract from the haystack length.
if the haystack is shorter, the remaining haystack length underflows
and produces an unbounded search which will eventually either crash or
find a spurious match.
the top-level memmem function attempted to avoid this case already by
checking for haystack shorter than needle, but it failed to re-check
after using memchr to remove the maximal prefix not containing the
first byte of the needle.
Rich Felker [Wed, 30 Mar 2016 01:22:52 +0000 (21:22 -0400)]
fix regression disabling use of pause instruction for x86 a_spin
commits e24984efd5c6ac5ea8e6cb6cd914fa8435d458bc and 16b55298dc4b6a54d287d7494e04542667ef8861 inadvertently disabled the
a_spin implementations for i386, x86_64, and x32 by defining a macro
named a_pause instead of a_spin. this should not have caused any
functional regression, but it inhibited cpu relaxation while spinning
for locks.
Rich Felker [Tue, 29 Mar 2016 03:41:17 +0000 (23:41 -0400)]
fix undefined pointer comparison in stdio-internal __toread
the comparison f->wpos > f->buf has undefined behavior when f->wpos is
a null pointer, despite the intuition (and actual compiler behavior,
for all known compilers) being that NULL > ptr is false for all valid
pointers ptr.
the purpose of the comparison is to determine if the write buffer is
non-empty, and the idiom used elsewhere for that is comparison against
f->wbase, which is either a null pointer when not writing, or equal to
f->buf when writing. in the former case, both f->wpos and f->wbase are
null; in the latter they are both non-null and point into the same
array.
Szabolcs Nagy [Sat, 19 Mar 2016 12:37:37 +0000 (13:37 +0100)]
add MADV_FREE madvise command from linux v4.5
allows the os to free the marked pages lazily on memory pressure.
expected to increase malloc performance.
new in linux commit 854e9ed09dedf0c19ac8640e91bcc74bc3f9e5c9
Szabolcs Nagy [Sat, 19 Mar 2016 12:37:03 +0000 (13:37 +0100)]
add EPOLLEXCLUSIVE epoll flag from linux v4.5
new flag for exclusive wakeup mode when an event source fd is attached
to multiple epoll fds but they should not all receive the events.
new in linux commit df0108c5da561c66c333bb46bfe3c1fc65905898
Szabolcs Nagy [Sat, 19 Mar 2016 12:36:42 +0000 (13:36 +0100)]
add SO_ATTACH_REUSEPORT_[CE]BPF socket options from linux v4.5
new socket options for setting classic or extended BPF program
for sockets in a SO_REUSEPORT group. added in linux commit 538950a1b7527a0a52ccd9337e3fcd304f027f13
Szabolcs Nagy [Fri, 18 Mar 2016 00:57:52 +0000 (00:57 +0000)]
deduplicate bits/mman.h
currently five targets use the same mman.h constants and the rest
share most constants too, so move them to sys/mman.h before the
bits/mman.h include where the differences can be corrected by
redefinition of the macros.
this fixes two minor bugs: POSIX_MADV_DONTNEED was wrong on most
targets (it should be the same as MADV_DONTNEED), and sh defined
the x86-only MAP_32BIT mmap flag.
Rich Felker [Wed, 16 Mar 2016 20:35:22 +0000 (16:35 -0400)]
fix padding string formats to width in wide printf variants
the idiom fprintf(f, "%.*s", n, "") was wrongly used in vfwprintf as a
means of producing n spaces; instead it produces no output. the
correct form is fprintf(f, "%*s", n, ""), using width instead of
precision, since for %s the later is a maximum rather than a minimum.
Rich Felker [Fri, 11 Mar 2016 05:12:56 +0000 (05:12 +0000)]
correct pointer types for a_ll_p and a_sc_p primitives on mips64
these changes should not affect generated code, but they reflect that
the underlying objects operated on by a_cas_p are supposed to have
type volatile void *, not volatile long. in theory a compiler could
treat the effective type mismatch in the "m" memory operands as
undefined behavior.
Rich Felker [Sun, 6 Mar 2016 22:11:29 +0000 (17:11 -0500)]
make configure check for unsupported (SPE) powerpc hard-float models
the SPE ABI may be compatible with soft-float, but actually making it
work requires some additional work, so for now it's best to make sure
broken builds don't happen.
Felix Fietkau [Mon, 25 Jan 2016 12:20:52 +0000 (13:20 +0100)]
add powerpc soft-float support
Some PowerPC CPUs (e.g. Freescale MPC85xx) have a completely different
instruction set for floating point operations (SPE).
Executing regular PowerPC floating point instructions results in
"Illegal instruction" errors.
Make it possible to run these devices in soft-float mode.
This is the minimal fix for __putenv leaving a pointer to freed heap
storage in __env_map array, which could later on lead to errors such
as double-free.
Rich Felker [Sun, 6 Mar 2016 17:25:52 +0000 (17:25 +0000)]
generalize mips-specific reloc code not to hard-code sym/type encoding
this change is made in preparation for adding the mips64 port, which
needs a 64-bit (and mips64-specific) form of the R_INFO macro, but
it's a better abstraction anyway.
based on part of the mips64 port patch by Mahesh Bodapati and Jaydeep
Patil of Imagination Technologies.
Szabolcs Nagy [Mon, 29 Feb 2016 16:36:25 +0000 (16:36 +0000)]
fix ^* at the start of a complete BRE
This is a workaround to treat * as literal * at the start of a BRE.
Ideally ^ would be treated as an anchor at the start of any BRE
subexpression and similarly $ would be an anchor at the end of any
subexpression. This is not required by the standard and hard to do
with the current code, but it's the existing practice. If it is
changed, * should be treated as literal after such anchor as well.
Szabolcs Nagy [Mon, 29 Feb 2016 15:04:46 +0000 (15:04 +0000)]
fix * at the start of a BRE subexpression
commit 7eaa76fc2e7993582989d3838b1ac32dd8abac09 made * invalid at
the start of a BRE subexpression, but it should be accepted as
literal * there according to the standard.
This patch does not fix subexpressions starting with ^*.
Rich Felker [Wed, 2 Mar 2016 05:34:51 +0000 (00:34 -0500)]
handle non-matching address family entries in hosts file
name_from_hosts failed to account for the possibility of an address
family error from name_from_numeric, wrongly counting such a return as
success and using the uninitialized address data as part of the
results passed up to the caller.
non-matching address family entries cannot simply be ignored or
results would be inconsistent with respect to whether AF_UNSPEC or a
specific address family is queried. instead, record that a
non-matching entry was seen, and fail the lookup with EAI_NONAME of no
matching-family entries are found.
Rich Felker [Tue, 23 Feb 2016 18:04:56 +0000 (13:04 -0500)]
make aarch64 atomic_arch.h report that it defines pointer-sized ll/sc
at present this is done only for consistency, since this file defines
its own a_cas_p rather than using the new generic one from atomic.h
added in commit 225f6a6b5b7173b6655e4f5d49b5b9fea70bf3bb. these
definitions may however be useful if we ever need to add other
pointer-sized atomic operations.
Rich Felker [Fri, 19 Feb 2016 19:16:33 +0000 (14:16 -0500)]
generate list of crt files to install instead of hard-coding in makefile
this follows the principle of having the source tree layout define
build semantics. it also makes it possible for crt/$(ARCH) to define
additional installable files, which may be needed for midipix and
other future targets.
Rich Felker [Fri, 19 Feb 2016 05:10:23 +0000 (00:10 -0500)]
add arch tuple matching for nt32 and nt64 in configure
the nt32 and nt64 archs will be provided by the midipix project for
building musl on top of its posix-like syscall layer for windows. at
present the needed arch files are in a separate repository, but having
the tuple matching in the upstream configure script should make it
possible to overlay the arch files without needing any further
patching.
Rich Felker [Fri, 19 Feb 2016 01:20:07 +0000 (01:20 +0000)]
work around regression building for armhf with clang (compiler bug)
commit e4355bd6bec89688e8c739cd7b4c76e675643dca moved the math asm
from external source files to inline asm, but unfortunately, all
current releases of clang use the wrong inline asm constraint codes
for float and double ("w" and "P" instead of "t" and "w",
respectively). this patch adds detection for the bug in configure,
and, for now, just disables the affected asm on broken clang versions.
Rich Felker [Thu, 18 Feb 2016 23:53:03 +0000 (23:53 +0000)]
improve macro logic for enabling arm math asm
in order to take advantage of the fpu in -mfloat-abi=softfp mode, the
__VFP_FP__ (presence of vfp fpu) was checked instead of checking for
__ARM_PCS_VFP (hardfloat EABI variant). however, the latter macro is
the one that's actually specified by the ABI documents rather than
being compiler-specific, and should also be checked in case __VFP_FP__
is not defined on some compilers or some configurations.
Rich Felker [Thu, 18 Feb 2016 20:14:15 +0000 (15:14 -0500)]
update authors/contributors list
these additions were made based on scanning commit authors since the
last update, at the time of the 1.1.7 release, and adding everyone
with either substantial code contributions or a pattern of ongoing
simple patch submission.
Rich Felker [Thu, 18 Feb 2016 04:13:05 +0000 (04:13 +0000)]
fix regression in SH/FDPIC dynamic linker
the dynamic linker was found to hang when used as the PT_INTERP, but
not when invoked as a command. the mechanism of this failure was not
determined, but the cause is clear:
commit 5552ce52000855906a5cb4f08f2e456573cca51f removed the SHARED
macro, but arch/sh/crt_arch.h is still using it to choose the right
form of the crt/ldso entry point code. moving the forced definition
from rcrt1.c to dlstart.c restores the old behavior. eventually the
logic should be changed to fully remove the SHARED macro or at least
rename it to something more reasonable.
Rich Felker [Thu, 18 Feb 2016 04:09:33 +0000 (04:09 +0000)]
partly revert detection of broken float in configure
commit 80fbaac4cd1930e9545a5d36bf46ae49011d2ce8 broke all soft-float
archs, where gcc defines __GCC_IEC_559==0 because rounding modes and
exception flags are not supported. for now, just check for
__FAST_MATH__ as an indication of broken float. this won't detect all
possible misconfigurations but it probably catches the most common
one.
Rich Felker [Wed, 17 Feb 2016 21:11:45 +0000 (16:11 -0500)]
support clean/distclean make targets in unconfigured tree
commit 2f853dd6b9a95d5b13ee8f9df762125e0588df5d moved the error
handling for $(ARCH) not being set such that it applied to all
targets, including clean and distclean. previously these targets
worked even in an unconfigured tree. to restore the old behavior, make
most of the makefile body conditional on $(ARCH) being set/non-empty
and produce the error via a fake "all" target in the conditional
branch for the case where $(ARCH) is empty.
Rich Felker [Wed, 17 Feb 2016 18:56:27 +0000 (13:56 -0500)]
adjust makefile to make crt/ and ldso/ sources arch-replaceable
prior to commit 2f853dd6b9a95d5b13ee8f9df762125e0588df5d which
overhauled the makefile for out-of-tree builds, crt/*.c files were
replaceable by crt/$(ARCH)/*.s, and top-level ldso/ did not exist (its
files were under src/ldso). since then, crti.o and crtn.o have been
hard-coded as arch-specific, but none of the other files in crt/ or
ldso/ were replaceable at all.
in preparation for easy integration with midipix, which has a port of
musl to windows, it needs to be possible to override the ELF-specific
code in these files. making the same arch-replacements system work
throughout the whole source tree also improves consistency and removes
the need for some file-specific rules (crti.o and crtn.o) in the
makefile.
Rich Felker [Tue, 16 Feb 2016 22:38:07 +0000 (17:38 -0500)]
in crypt-sha*, reject excessive rounds as error rather than clamping
the reference implementation clamps rounds to [1000,999999999]. we
further limited rounds to at most 9999999 as a defense against extreme
run times, but wrongly clamped instead of treating out-of-bounds
values as an error, thereby producing implementation-specific hash
results. fixing this should not break anything since values of rounds
this high are not useful anyway.
Rich Felker [Tue, 16 Feb 2016 18:27:24 +0000 (13:27 -0500)]
fix unlikely corner cases in getopt's message printing
like fputs (see commit 10a17dfbad2c267d885817abc9c7589fc7ff630b), the
message printing code for getopt assumed that fwrite only returns 0 on
failure, but it can also happen on success if the total length to be
written is zero. programs with zero-length argv[0] were affected.
commit 500c6886c654fd45e4926990fee2c61d816be197 introduced this
problem in getopt by fixing the fwrite behavior to conform to the
requirements of ISO C. previously the wrong expectations of the getopt
code were met by the fwrite implementation.
Rich Felker [Tue, 16 Feb 2016 18:26:16 +0000 (13:26 -0500)]
fix assumption in fputs that fwrite returning 0 implies an error
internally, the idiom of passing nmemb=1 to fwrite and interpreting
the return value of fwrite (which is necessarily 0 or 1) as
failure/success is fairly widely used. this is not correct, however,
when the size argument is unknown and may be zero, since C requires
fwrite to return 0 in that special case. previously fwrite always
returned nmemb on success, but this was changed for conformance with
ISO C by commit 500c6886c654fd45e4926990fee2c61d816be197.
Rich Felker [Fri, 12 Feb 2016 15:11:40 +0000 (10:11 -0500)]
do not define static_assert macro for pre-C11 compilers
some software simply uses static_assert if the macro is defined, and
this breaks if the compiler does not recognize the _Static_assert
keyword used to define it.
Rich Felker [Fri, 12 Feb 2016 14:58:50 +0000 (09:58 -0500)]
add declarations for utmpname/utmpxname to appropriate headers
commit 378f8cb5222b63e4f8532c757ce54e4074567e1f added these functions
(as stubs) but left them without declarations. this broke some
autoconf based software that detected linkability of the symbols but
didn't check for a declaration.
Rich Felker [Thu, 11 Feb 2016 00:44:19 +0000 (19:44 -0500)]
fix return value for fread/fwrite when size argument is 0
when the size argument was zero but nmemb was nonzero, these functions
were returning nmemb, despite no data having been written.
conceptually this is not wrong, but the standard requires a return
value of zero in this case.
Rich Felker [Thu, 11 Feb 2016 00:10:34 +0000 (19:10 -0500)]
fix line-buffered flush omission for odd usage of putc-family functions
as specified, the int argument providing the character to write is
converted to type unsigned char. for the actual write to buffer,
conversion happened implicitly via the assignment operator; however,
the logic to check whether the argument was a newline used the
original int value. thus usage such as putchar('\n'+0x100) failed to
produce a flush.
Rich Felker [Wed, 10 Feb 2016 18:51:05 +0000 (13:51 -0500)]
fix failed write reporting by fwrite in line-buffered mode
when a write error occurred while flushing output due to a newline,
fwrite falsely reported all bytes up to and including the newline as
successfully written. in general, due to buffering such "spurious
success" returns are acceptable for stdio; however for line-buffered
mode it was subtly wrong. errors were still visible via ferror() or as
a short-write return if there was more data past the newline that
should have been written, but since the contract for line-buffered
mode is that everything up through the newline be written out
immediately, a discrepency was observable in the actual file contents.
Rich Felker [Mon, 8 Feb 2016 21:07:09 +0000 (21:07 +0000)]
remove workaround for broken mips assemblers
the workaround was for a bug that botched .gpword references to local
labels, applying a nonsensical random offset of -0x4000 to them.
this reverses commit 5e396fb996a80b035d0f6ecf7fed50f68aa3ebb7 and a
removes a similar hack that was added to syscall_cp.s in the later
commit 756c8af8589265e99e454fe3adcda1d0bc5e1963. it turns out one
additional instance of the same idiom, the GETFUNCSYM macro in
arch/mips/reloc.h, was still affected by the assembler bug and does
not admit an easy workaround without making assumptions about how the
macro is used. the previous workarounds made static linking work but
left the early-stage dynamic linker broken and thus had limited
usefulness.
instead, affected users (using binutils versions older than 2.20) will
need to fix the bug on the binutils side; the trivial patch is commit 453f5985b13e35161984bf1bf657bbab11515aa4 in the binutils-gdb
repository.
Rich Felker [Thu, 4 Feb 2016 23:01:03 +0000 (23:01 +0000)]
in mips cancellable syscall asm, don't assume gp register is valid
the old __cp_cancel code path loaded the address of __cancel from the
GOT using the $gp register, which happened to be set to point to the
correct GOT by the calling C function, but there is no ABI requirement
that this happen. instead, go the roundabout way and compute the
address of __cancel via pc-relative and gp-relative addressing
starting with a fake return address generated by a bal instruction,
which is the same trick crt1 uses to bootstrap.
Rich Felker [Tue, 2 Feb 2016 22:35:06 +0000 (17:35 -0500)]
update INSTALL file with new archs, compiler info
add aarch64 and or1k archs, upgrade sh from experimental, and note
that sh now supports the FDPIC ABI.
the old advice on compiler versions was outdated and more specific
than made sense. presence of compiler bugs varies a lot by arch, so
it's hard to make any good recommendations beyond "recent". if we want
to document specific known-good/bad compiler versions, a much larger
section in the documentation than what's appropriate for the INSTALL
file would be needed.
Szabolcs Nagy [Sun, 31 Jan 2016 16:31:03 +0000 (17:31 +0100)]
fix malloc_usable_size for NULL input
the linux man page specifies malloc_usable_size(0) to return 0 and
this is the semantics other implementations follow (jemalloc).
reported by Alexander Monakov.
Szabolcs Nagy [Sun, 31 Jan 2016 15:46:46 +0000 (16:46 +0100)]
regex: increase the stack tre uses for tnfa creation
10k elements stack is increased to 1000k, otherwise tnfa creation fails
for reasonable sized patterns: a single literal char can add 7 elements
to this stack, so regcomp of an 1500 char long pattern (with only litral
chars) fails with REG_ESPACE. (the new limit allows about < 150k chars,
this arbitrary limit allows most command line regex usage.)
ideally there would be no upper bound: regcomp dynamically reallocates
this buffer, every reallocation checks for allocation failure and at
the end this stack is freed so there is no reason for special bound.
however that may have unwanted effect on regcomp and regexec runtime
so this is a conservative change.
Szabolcs Nagy [Sun, 31 Jan 2016 15:33:44 +0000 (16:33 +0100)]
better a_sc inline asm constraint on aarch64 and arm
"Q" input constraint was used for the written object, instead of "=Q"
output constraint. this should not cause problems because "memory"
is on the clobber list, but "=Q" better documents the intent and more
consistent with the actual asm code.
this changes the generated code, because different registers are used,
but other than the register names nothing should change.
Rich Felker [Sun, 31 Jan 2016 05:40:33 +0000 (00:40 -0500)]
don't suppress shared libc when linker lacks -Bsymbolic-functions
previous work overhauling the dynamic linker made it so that linking
libc with -Bsymbolic-functions was no longer mandatory, but the
configure logic that forced --disable-shared when ld failed to accept
the option was left in place.
this commit removes the hard-coded -Bsymbolic-functions from the
Makefile and changes the configure test to one that simply adds it to
the auto-detected LDFLAGS on success.
Szabolcs Nagy [Sat, 18 Apr 2015 16:47:17 +0000 (16:47 +0000)]
regex: treat \| in BRE as alternation
The standard does not define semantics for \| in BRE, but some code
depends on it meaning alternation. Empty alternative expression is
allowed to be consistent with ERE.
Szabolcs Nagy [Sat, 18 Apr 2015 15:51:16 +0000 (15:51 +0000)]
regex: reject repetitions in some cases with REG_BADRPT
Previously repetitions were accepted after empty expressions like
in (*|?)|{2}, but in BRE the handling of * and \{\} were not
consistent: they were accepted as literals in some cases and
repetitions in others.
It is better to treat repetitions after an empty expression as an
error (this is allowed by the standard, and glibc mostly does the
same). This is hard to do consistently with the current logic so
the new rule is:
Reject repetitions after empty expressions, except after assertions
^*, $? and empty groups ()+ and never treat them as literals.
Empty alternation (|a) is undefined by the standard, but it can be
useful so that should be accepted.
Rich Felker [Sun, 31 Jan 2016 00:42:08 +0000 (19:42 -0500)]
fix misaligned pointer-like objects in arm atomics asm source file
this file's .data section was not aligned, and just happened to get
the correct alignment with past builds. it's likely that the move of
atomic.s from arch/arm/src to src/thread/arm caused the change in
alignment, which broke the atomic and thread-pointer access fragments
on actual armv5 hardware.
Rich Felker [Sat, 30 Jan 2016 19:34:45 +0000 (14:34 -0500)]
fix regression in dynamic-linked tls when both main app & libs have tls
commit d56460c939c94a6c547abe8238f442b8de10bfbd introduced this bug by
setting up the tls module chain incorrectly when the main app has tls.
the singly-linked list head pointer was setup correctly, but the tail
pointer was not, so the first attempt to append to the list (for a
shared library with tls) would treat the list as empty and effectively
removed the main app from the list. this left all tls module id
numbers off-by-one.
Rich Felker [Fri, 29 Jan 2016 00:50:48 +0000 (19:50 -0500)]
add support for search domains to dns resolver
search is only performed if the search or domain keyword is used in
resolv.conf and the queried name has fewer than ndots dots. there is
no default domain and names with >=ndots dots are never subjected to
search; failure in the root scope is final.
the (non-POSIX) res_search API presently does not honor search. this
may be added at some point in the future if needed.
resolv.conf is now parsed twice, at two different layers of the code
involved. this will be fixed in a subsequent patch.
Rich Felker [Fri, 29 Jan 2016 00:23:06 +0000 (19:23 -0500)]
fix handling of dns response codes
rcode of 3 (NxDomain) was treated as a hard EAI_NONAME failure, but it
should instead return 0 (no results) so the caller can continue
searching. this will be important for adding search domain support.
the top-level caller will automatically return EAI_NONAME if there are
zero results at the end.
also, the case where rcode is 0 (success) but there are no results was
not handled. this happens when the domain exists but there are no A or
AAAA records for it. in this case a hard EAI_NONAME should be imposed
to inhibit further search, since the name was defined and just does
not have any address associated with it. previously a misleading hard
failure of EAI_FAIL was reported.
Rich Felker [Thu, 28 Jan 2016 23:24:34 +0000 (18:24 -0500)]
factor resolv.conf parsing out of res_msend to its own file
this change is made in preparation for adding search domains, for
which higher-level code will need to parse resolv.conf. simply parsing
it twice for each lookup would be one reasonable option, but the
existing parser code was buggy anyway, which suggested to me that it's
a bad idea to have two variants of this code in two different places.
the old code in res_msend potentially misinterpreted overly long lines
in resolv.conf, and stopped parsing after it found 3 nameservers, even
if there were relevant options left to be parsed later in the file.