summaryrefslogtreecommitdiff
AgeCommit message (Collapse)AuthorFilesLines
2012-10-06TLS fixes, mainly alignment handlingRich Felker1-39/+48
compute offsets from the thread pointer statically when loading the library, rather than repeating the logic on each thread creation. not only is the latter less efficient at runtime; it also fails to provide solid guarantees that the offsets will remain the same when the initial alignment of memory is different. the new alignment handling is both more rigorous and simpler. the old code was also clobbering TLS bss with random image data in some cases due to using tls_size (size of TLS segment) instead of tls_len (length of the TLS data image).
2012-10-05fix/improve shared library ctor/dtor handling, allow recursive dlopenRich Felker1-7/+29
some libraries call dlopen from their constructors, resulting in recursive calls to dlopen. previously, this resulted in deadlock. I'm now unlocking the dlopen lock before running constructors (this is especially important since the lock also blocked pthread_create and was being held while application code runs!) and using a separate recursive mutex protecting the ctor/dtor state instead. in order to prevent the same ctor from being called more than once, a module is considered "constructed" just before the ctor runs. also, switch from using atexit to register each dtor to using a single atexit call to register the dynamic linker's dtor processing as just one handler. this is necessary because atexit performs allocation and may fail, but the library has already been loaded and cannot be backed-out at the time dtor registration is performed. this change also ensures that all dtors run after all atexit functions, rather than in mixed order.
2012-10-05small dynamic linker module search fixRich Felker1-1/+2
libraries loaded more than once by pathname should not get shortnames that would cause them to later be used to satisfy non-pathname load requests.
2012-10-05support for TLS in dynamic-loaded (dlopen) modulesRich Felker7-47/+115
unlike other implementations, this one reserves memory for new TLS in all pre-existing threads at dlopen-time, and dlopen will fail with no resources consumed and no new libraries loaded if memory is not available. memory is not immediately distributed to running threads; that would be too complex and too costly. instead, assurances are made that threads needing the new TLS can obtain it in an async-signal-safe way from a buffer belonging to the dynamic linker/new module (via atomic fetch-and-add based allocator). I've re-appropriated the lock that was previously used for __synccall (synchronizing set*id() syscalls between threads) as a general pthread_create lock. it's a "backwards" rwlock where the "read" operation is safe atomic modification of the live thread count, which multiple threads can perform at the same time, and the "write" operation is making sure the count does not increase during an operation that depends on it remaining bounded (__synccall or dlopen). in static-linked programs that don't use __synccall, this lock is a no-op and has no cost.
2012-10-05fix race condition in dlopenRich Felker1-1/+3
orig_tail was being saved before the lock was obtained, allowing dlopen failure to roll-back other dlopens that had succeeded.
2012-10-05fix incorrect TLS reloc macro names in x86_64 reloc.hRich Felker1-3/+3
2012-10-04dynamic-linked TLS support for everything but dlopen'd libsRich Felker6-43/+121
currently, only i386 is tested. x86_64 and arm should probably work. the necessary relocation types for mips and microblaze have not been added because I don't understand how they're supposed to work, and I'm not even sure if it's defined yet on microblaze. I may be able to reverse engineer the requirements out of gcc/binutils output.
2012-10-04remove freeing of dynamic linker data when dlopen/dlsym are not usedRich Felker1-11/+0
this was an optimization to save/recover a minimal amount of extra memory for use by malloc, that's becoming increasingly costly to keep around. freeing this data: 1. breaks debugging with gdb (it can't find library symbols) 2. breaks thread-local storage in shared libraries it would be possible to disable freeing when TLS is used, but in addition to the above breakages, tracking whether dlopen/dlsym is used adds a cost to every symbol lookup, possibly making program startup slower for large programs. combined with the complexity, it's not worth it. we already save/recover plenty of memory in the dynamic linker with reclaim_gaps.
2012-10-04beginnings of full TLS support in shared librariesRich Felker4-1/+19
this code will not work yet because the necessary relocations are not supported, and cannot be supported without some internal changes to how relocation processing works (coming soon).
2012-10-04partial TLS support for dynamic-linked programsRich Felker2-27/+77
only TLS in the main program is supported so far; TLS defined in shared libraries will not work yet.
2012-10-04TLS (GNU/C11 thread-local storage) support for static-linked programsRich Felker6-14/+117
the design for TLS in dynamic-linked programs is mostly complete too, but I have not yet implemented it. cost is nonzero but still low for programs which do not use TLS and/or do not use threads (a few hundred bytes of new code, plus dependency on memcpy). i believe it can be made smaller at some point by merging __init_tls and __init_security into __libc_start_main and avoiding duplicate auxv-parsing code. at the same time, I've also slightly changed the logic pthread_create uses to allocate guard pages to ensure that guard pages are not counted towards commit charge.
2012-10-03tell the assembler to mark all files as not requiring executable stackRich Felker1-0/+7
for some reason this option is undocumented. not sure when it was added, so I'm using a configure test. gcc was already setting the mark correctly for C files, but assembler source files would need ugly .note boilerplate in every single file to achieve this without the option to the assembler. blame whoever thought it would be a good idea to make the stack executable by default rather than doing it the other way around...
2012-09-30add getopt reset supportRich Felker3-3/+19
based on proposed patches by Daniel Cegiełka, with minor changes: - use a weak symbol for optreset so it doesn't clash with namespace - also reset optpos (position in multi-option arg like -lR) - also make getopt_long support reset
2012-09-30protect sem_open against cancellationRich Felker1-13/+19
also fix one minor bug: failure to free the early-reserved slot when the semaphore later found to already be mapped.
2012-09-30overhaul sem_openRich Felker2-108/+99
this function was overly complicated and not even obviously correct. avoid using openat/linkat just like in shm_open, and instead expand pathname using code shared with shm_open. remove bogus (and dangerous, with priorities) use of spinlocks. this commit also heavily streamlines the code and ensures there are no failure cases that can happen after a new semaphore has been created in the filesystem, since that case is unreportable.
2012-09-30clean up, bugfixes, and general improvement for shm_open/shm_unlinkRich Felker2-30/+28
1. don't make non-cloexec file descriptors 2. cancellation safety (cleanup handlers were missing, now unneeded) 3. share name validation/mapping code between open/unlink functions 4. avoid wasteful/slow syscalls
2012-09-30define some _POSIX_* macros that were omitted; required for XSI conformanceRich Felker1-0/+3
2012-09-29more close-on-exec fixes, mostly using new "e" flag to fopenRich Felker8-9/+9
2012-09-29add 'e' modifier (close-on-exec) to fopen and fdopenRich Felker2-2/+5
this feature will be in the next version of POSIX, and can be used internally immediately. there are many internal uses of fopen where close-on-exec is needed to fix bugs.
2012-09-29fix some more O_CLOEXEC/SOCK_CLOEXEC issuesRich Felker4-7/+5
2012-09-29always expose accept4Rich Felker1-4/+1
it will be in the next version of POSIX
2012-09-29always expose dup3 and pipe2Rich Felker1-2/+2
they will be in the next version of POSIX
2012-09-29move accept4, dup3, and pipe2 to non-linux-specific locationsRich Felker3-0/+0
these interfaces have been adopted by the Austin Group for inclusion in the next version of POSIX.
2012-09-29emulate SOCK_CLOEXEC and SOCK_NONBLOCK for old (pre-2.6.27) kernelsRich Felker2-3/+15
also update syslog to use SOCK_CLOEXEC rather than separate fcntl step, to make it safe in multithreaded programs that run external programs. emulation is not atomic; it could be made atomic by holding a lock on forking during the operation, but this seems like overkill. my goal is not to achieve perfect behavior on old kernels (which have plenty of other imperfect behavior already) but to avoid catastrophic breakage in (1) syslog, which would give no output on old kernels with the change to use SOCK_CLOEXEC, and (2) programs built on a new kernel where configure scripts detected a working SOCK_CLOEXEC, which later get run on older kernels (they may otherwise fail to work completely).
2012-09-29sem_open should make process-shared semaphoresRich Felker1-1/+1
this did not matter because we don't yet treat process-shared special. when private futex support is added, however, it will matter.
2012-09-29use O_CLOEXEC to open semaphore files in sem_openRich Felker1-2/+2
2012-09-29fix some indention-with-spaces that crept inRich Felker4-9/+9
2012-09-29microblaze portRich Felker45-0/+2213
based on initial work by rdp, with heavy modifications. some features including threads are untested because qemu app-level emulation seems to be broken and I do not have a proper system image for testing.
2012-09-27fix arm clone syscall bug (no effect unless app uses clone)Rich Felker1-2/+1
the code to exit the new thread/process after the start function returns was mixed up in its syscall convention.
2012-09-27optimize strchrnul/strcspn not to scan string twice on no-matchRich Felker3-25/+29
when strchr fails, and important piece of information already computed, the string length, is thrown away. have strchrnul (with namespace protection) be the underlying function so this information can be kept, and let strchr be a wrapper for it. this also allows strcspn to be considerably faster in the case where the match set has a single element that's not matched.
2012-09-27slightly cleaner strlen, also seems to compile to better codeRich Felker1-6/+4
testing with gcc 4.6.3 on x86, -Os, the old version does a duplicate null byte check after the first loop. this is purely the compiler being stupid, but the old code was also stupid and unintuitive in how it expressed the check.
2012-09-26fix dirname to handle input of form "foo/" correctlyRich Felker1-6/+5
also optimized a bit.
2012-09-24fix handling of EINTR during close()Rich Felker1-1/+4
austin group interpretation for defect #529 (http://austingroupbugs.net/view.php?id=529) tightens the requirements on close such that, if it returns with EINTR, the file descriptor must not be closed. the linux kernel developers vehemently disagree with this, and will not change it. we catch and remap EINTR to EINPROGRESS, which the standard allows close() to return when the operation was not finished but the file descriptor has been closed.
2012-09-22fix getaddrinfo to accept port 0 (zero)Rich Felker1-2/+2
new behavior can be summarized as: inputs that parse completely as a decimal number are treated as one, and rejected only if the result is out of 16-bit range. inputs that do not parse as a decimal number (where strtoul leaves anything left over in the input) are searched in /etc/services.
2012-09-22fix remaining IPC_64 issue (shmctl)Rich Felker2-4/+2
also cleanup cruft related to the issue
2012-09-22fix IPC_64 in msgctl tooRich Felker3-6/+4
2012-09-22fix broken semctl on systems that don't use IPC_64 flagRich Felker4-2/+12
not tested on mips and arm; they may still be broken. x86_64 should be ok now.
2012-09-21offer REALGCC variable to configure musl-gcc wrapper at runtimeRich Felker1-1/+1
this is useful when the underlying gcc is already a wrapper, which is the case at least on some uclibc-based system images. it's also useful for running an older/newer/nondefault version of gcc.
2012-09-21LFS64 alias for prlimitRich Felker2-0/+4
issue reported/requested by Justin Cormack
2012-09-16add clock_adjtime, remap_file_pages, and syncfs syscall wrappersRich Felker6-0/+36
patch by Justin Cormack, with slight modification
2012-09-16release notes for 0.9.6v0.9.6Rich Felker1-0/+11
2012-09-15add O_EXEC open modeRich Felker4-0/+4
the linux O_PATH mode provides the necessary semantics for both the O_SEARCH and O_EXEC modes defined and required by POSIX 2008.
2012-09-15add crypt_md5 password hashRich Felker2-2/+285
contributed by nsz
2012-09-15fix stupid bug in updating of O_ACCMODE for O_SEARCH supportRich Felker1-1/+1
this could cause major bugs, and warrants a fix release right away.
2012-09-150.9.5 release notesv0.9.5Rich Felker1-0/+32
2012-09-15fix syscall asm constraints for arm tooRich Felker1-4/+4
no problems were detected so far, but the constraints seem to have been invalid just like the mips ones.
2012-09-15revert low rounds-count limits in crypt hashesRich Felker4-4/+4
it was determined in discussion that these kind of limits are not sufficient to protect single-threaded servers against denial of service attacks from maliciously large round counts. the time scales simply vary too much; many users will want login passwords with rounds counts on a scale that gives decisecond latency, while highly loaded webservers will need millisecond latency or shorter. still some limit is left in place; the idea is not to protect against attacks, but to avoid the runtime of a single call to crypt being, for all practical purposes, infinite, so that configuration errors can be caught and fixed without bringing down whole systems. these limits are very high, on the order of minute-long runtimes for modest systems.
2012-09-15update mips cancellation-point syscall asm with 7-arg and r25 fixesRich Felker1-2/+5
these fixes were already made to the normal syscall asm but not the cancellation point version.
2012-09-15fix buggy constraints in mips inline syscall asmRich Felker1-2/+2
if same register is used for input/output, the compiler must be told. otherwise is generates random junk code that clobbers the result. in pure syscall-wrapper functions, nothing went wrong, but in more complex functions where register allocation is non-trivial, things broke badly.
2012-09-14workaround gcc got-register-reload performance problems in mallocRich Felker1-4/+8
with this patch, the malloc in libc.so built with -Os is nearly the same speed as the one built with -O3. thus it solves the performance regression that resulted from removing the forced -O3 when building libc.so; now libc.so can be both small and fast.