Commit Graph

40797 Commits

Author SHA1 Message Date
Stefan Liebler
fa3eb7d5e7 string: Add hidden builtin definition for __strcpy_chk.
Otherwise on at least x86_64 and s390x there is an unwanted PLT entry
in libc.so when configured with --enable-fortify-source=3 and build
with -Os.

This is observed in elf/check-localplt
Extra PLT reference: libc.so: __strcpy_chk

The call to PLT entry is in inet/ruserpass.c.
Reviewed-by: Adhemerval Zanella  <adhemerval.zanella@linaro.org>
2024-02-06 09:17:04 +01:00
Adhemerval Zanella
1e25112dc0 arm: Remove wrong ldr from _dl_start_user (BZ 31339)
The commit 49d877a80b (arm: Remove
_dl_skip_args usage) removed the _SKIP_ARGS literal, which was
previously loader to r4 on loader _start.  However, the cleanup did not
remove the following 'ldr r4, [sl, r4]' on _dl_start_user, used to check
to skip the arguments after ld self-relocations.

In my testing, the kernel initially set r4 to 0, which makes the
ldr instruction just read the _GLOBAL_OFFSET_TABLE_.  However, since r4
is a callee-saved register; a different runtime might not zero
initialize it and thus trigger an invalid memory access.

Checked on arm-linux-gnu.

Reported-by: Adrian Ratiu <adrian.ratiu@collabora.com>
Reviewed-by: Szabolcs Nagy <szabolcs.nagy@arm.com>
2024-02-05 15:29:23 -03:00
Xi Ruoyao
2e80f13937 LoongArch: Use builtins for ffs and ffsll
On LoongArch GCC compiles __builtin_ffs{,ll} to basically
`(x ? __builtin_ctz (x) : -1) + 1`.  Since a hardware ctz instruction is
available, this is much better than the table-driven generic
implementation.

Tested on loongarch64.

Signed-off-by: Xi Ruoyao <xry111@xry111.site>
Reviewed-by: Adhemerval Zanella  <adhemerval.zanella@linaro.org>
2024-02-05 15:19:41 -03:00
Xi Ruoyao
814ed22eab Remove sysdeps/ia64/math-use-builtins-ffs.h
IA64 is gone.

Signed-off-by: Xi Ruoyao <xry111@xry111.site>
2024-02-05 15:19:41 -03:00
Stefan Liebler
ab0db3b884 Fix stringop-overflow warning in tst-strlcat2.
On s390x, I get warnings like this when do_one_test is inlined with SIZE_MAX:
In function ‘do_one_test’,
    inlined from ‘do_overflow_tests’ at tst-strlcat2.c:184:2:
tst-strlcat2.c:49:18: error: ‘strnlen’ specified bound [18446744073709550866, 18446744073709551615] exceeds maximum object size 9223372036854775807 [-Werror=stringop-overflow=]
   49 | # define STRNLEN strnlen
      |                  ^
tst-strlcat2.c:89:23: note: in expansion of macro ‘STRNLEN’
   89 |   size_t dst_length = STRNLEN (dst, n);
      |                       ^~~~~~~

This patch just marks the do_one_test function as noinline as also done in test-strncat.c:
Fix stringop-overflow warning in test-strncat.
https://sourceware.org/git/?p=glibc.git;a=commit;h=51aeab9a363a0d000d0912aa3d6490463a26fba2
2024-02-05 15:04:26 +01:00
Adhemerval Zanella
bbd248ac0d mips: FIx clone3 implementation (BZ 31325)
For o32 we need to setup a minimal stack frame to allow cprestore
on __thread_start_clone3 (which instruct the linker to save the
gp for PIC).  Also, there is no guarantee by kABI that $8 will be
preserved after syscall execution, so we need to save it on the
provided stack.

Checked on mipsel-linux-gnu.

Reported-by: Khem Raj <raj.khem@gmail.com>
Tested-by: Khem Raj <raj.khem@gmail.com>
2024-02-02 10:28:16 -03:00
Paul Eggert
e7b90e6e60 stdlib: fix qsort example in manual
* manual/search.texi (Comparison Functions, Array Sort Function):
Sort an array of long ints, not doubles, to avoid hassles
with NaNs.

Reviewed-by: Siddhesh Poyarekar <siddhesh@sourceware.org>
2024-02-01 17:54:21 -08:00
Jakub Jelinek
275607a07f soft-fp: Add brain format support
In https://gcc.gnu.org/r13-3292 I've added brain format support
(std::bfloat16_t) on the GCC side, but as glibc has the master copy
of soft-fp, the following patch adds the files from that commit
and from https://gcc.gnu.org/r13-6598 and https://gcc.gnu.org/r13-6622
The files are not used by glibc right now.
2024-02-01 19:06:54 +01:00
Joseph Myers
83d8d289b2 Rename c2x / gnu2x tests to c23 / gnu23
Complete the internal renaming from "C2X" and related names in GCC by
renaming *-c2x and *-gnu2x tests to *-c23 and *-gnu23.

Tested for x86_64, and with build-many-glibcs.py for powerpc64le.
2024-02-01 17:55:57 +00:00
Jakub Jelinek
c62b6265a6 manual: Fix up stdbit.texi
My recent change broke make pdf and in other documentation formats
results in weird rendering and invalid URL, all because of a forgotten
comma to separate @uref arguments.
2024-02-01 16:36:55 +01:00
Adhemerval Zanella Netto
ae4b8d6a0e string: Use builtins for ffs and ffsll
It allows to remove a lot of arch-specific implementations.

Checked on x86_64, aarch64, powerpc64.
Reviewed-by: Carlos O'Donell <carlos@redhat.com>
2024-02-01 09:31:33 -03:00
Adhemerval Zanella
26d01172f5 misc: tst-poll: Proper synchronize with child before sending the signal
When running the testsuite in parallel, for instance running make -j
$(nproc) check, occasionally tst-epoll fails with a timeout.  It happens
because it sometimes takes a bit more than 10ms for the process to get
cloned and blocked by the syscall.  In that case the signal is
sent to early, and the test fails with a timeout.

Checked on x86_64-linux-gnu.
2024-02-01 09:31:33 -03:00
Adhemerval Zanella
9c61303ebb math: Remove bogus math implementations
The exp10, exp10l, fma, fmaf, and fmal default implementation do not
implement the appropriate semantics nor with an reasonable accuracy.
They are also not used by any supported port.
2024-02-01 09:31:33 -03:00
Joseph Myers
42cc619dfb Refer to C23 in place of C2X in glibc
WG14 decided to use the name C23 as the informal name of the next
revision of the C standard (notwithstanding the publication date in
2024).  Update references to C2X in glibc to use the C23 name.

This is intended to update everything *except* where it involves
renaming files (the changes involving renaming tests are intended to
be done separately).  In the case of the _ISOC2X_SOURCE feature test
macro - the only user-visible interface involved - support for that
macro is kept for backwards compatibility, while adding
_ISOC23_SOURCE.

Tested for x86_64.
2024-02-01 11:02:01 +00:00
Florian Weimer
7c8df0b944 elf: Remove _dl_sysdep_open_object hook function
It is currently not used by any target.
2024-02-01 08:59:02 +01:00
Fangrui Song
0d70accc06 build-many-glibcs: relax version check to allow non-digit characters
A version string may contain non-digit characters, commonly found in
built-from-VCS tools, e.g.
```
git version 2.39.GIT
git version 2.43.0.493.gbc7ee2e5e1
```

`int()` will raise a ValueError, leading to a spurious 'missing'.

Reviewed-by: DJ Delorie <dj@redhat.com>
2024-01-31 15:46:23 -08:00
Jakub Jelinek
da89496337 Use gcc __builtin_stdc_* builtins in stdbit.h if possible
The following patch uses the GCC 14 __builtin_stdc_* builtins in stdbit.h
for the type-generic macros, so that when compiled with GCC 14 or later,
it supports not just 8/16/32/64-bit unsigned integers, but also 128-bit
(if target supports them) and unsigned _BitInt (any supported precision).
And so that the macros don't expand arguments multiple times and can be
evaluated in constant expressions.

The new testcase is gcc's gcc/testsuite/gcc.dg/builtin-stdc-bit-1.c
adjusted to test stdbit.h and the type-generic macros in there instead
of the builtins and adjusted to use glibc test framework rather than
gcc style tests with __builtin_abort ().

Signed-off-by: Jakub Jelinek <jakub@redhat.com>
Reviewed-by: Joseph Myers <josmyers@redhat.com>
2024-01-31 19:17:27 +01:00
Andreas K. Hüttel
903cd86606
Open master branch for glibc 2.40 development
Signed-off-by: Andreas K. Hüttel <dilfridge@gentoo.org>
2024-01-31 02:07:20 +01:00
Andreas K. Hüttel
ef321e23c2
Create ChangeLog.old/ChangeLog.28
Signed-off-by: Andreas K. Hüttel <dilfridge@gentoo.org>
2024-01-31 01:34:58 +01:00
Andreas K. Hüttel
3e941ef87e
version.h, include/features.h: Bump version to 2.39
Signed-off-by: Andreas K. Hüttel <dilfridge@gentoo.org>
2024-01-31 01:29:11 +01:00
Andreas K. Hüttel
64263d2b44
po: Update translations
Signed-off-by: Andreas K. Hüttel <dilfridge@gentoo.org>
2024-01-31 01:10:02 +01:00
Andreas K. Hüttel
73563a906f
libc.pot: regenerate
Signed-off-by: Andreas K. Hüttel <dilfridge@gentoo.org>
2024-01-31 00:52:00 +01:00
Andreas K. Hüttel
068b04eaed
INSTALL, install.texi: minor updates, regenerate
Signed-off-by: Andreas K. Hüttel <dilfridge@gentoo.org>
2024-01-31 00:13:43 +01:00
Andreas K. Hüttel
1eed32f366
contrib.texi: update
Signed-off-by: Andreas K. Hüttel <dilfridge@gentoo.org>
2024-01-30 23:48:12 +01:00
Andreas K. Hüttel
62150d038d
NEWS: insert advisories and fixed bugs for 2.39
Signed-off-by: Andreas K. Hüttel <dilfridge@gentoo.org>
2024-01-30 22:40:34 +01:00
Stefan Liebler
cc1b91eabd
S390: Fix building with --disable-mutli-arch [BZ #31196]
Starting with commits
- 7ea510127e
string: Add libc_hidden_proto for strchrnul
- 22999b2f0f
string: Add libc_hidden_proto for memrchr

building glibc on s390x with --disable-multi-arch fails if only
the C-variant of strchrnul / memrchr is used.  This is the case
if gcc uses -march < z13.

The build fails with:
../sysdeps/s390/strchrnul-c.c:28:49: error: ‘__strchrnul_c’ undeclared here (not in a function); did you mean ‘__strchrnul’?
   28 | __hidden_ver1 (__strchrnul_c, __GI___strchrnul, __strchrnul_c);

With --disable-multi-arch, __strchrnul_c is not available as string/strchrnul.c
is just included without defining STRCHRNUL and thus we also don't have to create
the internal hidden symbol.

Tested-by: Andreas K. Hüttel <dilfridge@gentoo.org>
2024-01-30 22:28:51 +01:00
Andreas K. Hüttel
feeb729754
Fix typo
Signed-off-by: Andreas K. Hüttel <dilfridge@gentoo.org>
2024-01-30 22:18:42 +01:00
Joe Simmons-Talbott
7765034db2
manual/io: Fix swapped reading and writing phrase.
Reviewed-by: Andreas K. Hüttel <dilfridge@gentoo.org>
2024-01-30 20:10:38 +01:00
Siddhesh Poyarekar
443c10018c Update advisory format and introduce some automation
Simplify the advisory format by dropping the -Backport tags and instead
stick to using just the -Commit tags.  To identify backports, put a
substring of git-describe into the release version in the brackets next
to the commit ref.  This way, it not only identifies that the fix (or
regression) is on the release/2.YY/master branch, it also disambiguates
regressions/fixes in the branch from those in the tarball.

Add a README to make it easier for consumers to understand the format.
Additionally, the Release wiki needs to be updated to inform the release
manager to:

1. Generate a NEWS snipped from the advisories directory

AND

2. on release/2.YY/master, replace the advisories directory with a text
   file pointing to the advisories directory in master so that we don't
   have to update multiple locations.

Signed-off-by: Siddhesh Poyarekar <siddhesh@sourceware.org>
Reviewed-by: Andreas K. Hüttel <dilfridge@gentoo.org>
2024-01-30 13:58:57 -05:00
Arjun Shankar
6cdc442142 Document CVE-2023-6246, CVE-2023-6779, and CVE-2023-6780
This commit adds "advisories" entries for the above three CVEs.
2024-01-30 19:32:59 +01:00
Arjun Shankar
ddf542da94 syslog: Fix integer overflow in __vsyslog_internal (CVE-2023-6780)
__vsyslog_internal calculated a buffer size by adding two integers, but
did not first check if the addition would overflow.  This commit fixes
that.

Reviewed-by: Carlos O'Donell <carlos@redhat.com>
Tested-by: Carlos O'Donell <carlos@redhat.com>
2024-01-30 15:53:37 +01:00
Arjun Shankar
7e5a0c286d syslog: Fix heap buffer overflow in __vsyslog_internal (CVE-2023-6779)
__vsyslog_internal used the return value of snprintf/vsnprintf to
calculate buffer sizes for memory allocation.  If these functions (for
any reason) failed and returned -1, the resulting buffer would be too
small to hold output.  This commit fixes that.

All snprintf/vsnprintf calls are checked for negative return values and
the function silently returns upon encountering them.

Reviewed-by: Carlos O'Donell <carlos@redhat.com>
2024-01-30 15:53:37 +01:00
Arjun Shankar
6bd0e4efcc syslog: Fix heap buffer overflow in __vsyslog_internal (CVE-2023-6246)
__vsyslog_internal did not handle a case where printing a SYSLOG_HEADER
containing a long program name failed to update the required buffer
size, leading to the allocation and overflow of a too-small buffer on
the heap.  This commit fixes that.  It also adds a new regression test
that uses glibc.malloc.check.

Reviewed-by: Adhemerval Zanella  <adhemerval.zanella@linaro.org>
Reviewed-by: Carlos O'Donell <carlos@redhat.com>
Tested-by: Carlos O'Donell <carlos@redhat.com>
2024-01-30 15:53:37 +01:00
Joseph Myers
8aeec0eb5a Use binutils 2.42 branch in build-many-glibcs.py
This patch makes build-many-glibcs.py use binutils 2.42 branch.

Tested with build-many-glibcs.py (host-libraries, compilers and glibcs
builds).
2024-01-30 14:20:35 +00:00
Andreas Schwab
9c72830eb3 elf: correct relocation statistics for !ELF_MACHINE_START_ADDRESS
Fixes: 6628c742b2 ("elf: Remove prelink support")
2024-01-29 18:27:35 +01:00
Carlos O'Donell
ae49a7b29a Relicense IBM portions of resolv/base64.c resolv/res_debug.c.
This change relicenses the IBM portions of resolv/base64.c and
resolv/res_debug.c to a new license that does not have use-limited
patent language.  The top-level LICENSE file is updated with the
license.

The relicensing was approved by IBM.

Signed-off-by: Brad Topol, IBM Director of Open Technologies <btopol@us.ibm.com>
Signed-off-by: Richard Fontana <rfontana@redhat.com>
Signed-off-by: Carlos O'Donell <carlos@redhat.com>
2024-01-26 13:33:36 -05:00
Mike FABIAN
5176a830e7 localedata: Use consistent values for grouping and mon_grouping
Resolves: BZ # 31205

Adapt test cases in test-grouping_iterator.c
2024-01-25 11:41:02 +01:00
Dennis Brendel
c06c8aeb61 manual: fix order of arguments of memalign and aligned_alloc (Bug 27547)
On the summary page the order of the function arguments was reversed, but it is
in correct order in the other places of the manual.

Reviewed-by: Carlos O'Donell <carlos@redhat.com>
2024-01-24 12:10:38 -05:00
Florian Weimer
486452affb manual, NEWS: Document malloc side effect of dynamic TLS changes
The increased malloc subsystem usage is a side effect of
commit d2123d6827 ("elf: Fix slow tls
access after dlopen [BZ #19924]").

Reviewed-by: Szabolcs Nagy <szabolcs.nagy@arm.com>
2024-01-24 09:34:15 +01:00
Florian Weimer
aeb497d1fe NEWS: Update temporary files ignored by ldconfig
Fixes commit 2aa0974d25 ("elf: ldconfig
should skip temporary files created by package managers") and
commit cfb5a97a93 ("ldconfig: Fixes for
skipping temporary files.").

Reported-by: Guillem Jover <guillem@debian.org>
Reviewed-by: Adhemerval Zanella  <adhemerval.zanella@linaro.org>
2024-01-24 09:34:15 +01:00
Andreas K. Hüttel
e73ac3fca1
po: Incorporate translations (sr)
Signed-off-by: Andreas K. Hüttel <dilfridge@gentoo.org>
2024-01-23 22:28:23 +01:00
Adhemerval Zanella
77c6a2717d string: Disable stack protector for memset in early static initialization
For ports that use the default memset, the compiler might generate early
calls before the stack protector is initialized (for instance, riscv
with -fstack-protector-all on _dl_aux_init).

Checked on riscv64-linux-gnu-rv64imafdc-lp64d.

Reviewed-by: Florian Weimer <fweimer@redhat.com>
2024-01-23 10:22:59 -03:00
Xi Ruoyao
dfa3394a60 qsort: Fix a typo causing unnecessary malloc/free (BZ 31276)
In qsort_r we allocate a buffer sized QSORT_STACK_SIZE (1024) on stack
and we intend to use it if all elements can fit into it.  But there is a
typo:

    if (total_size < sizeof buf)
      buf = tmp;
    else
      /* allocate a buffer on heap and use it ... */

Here "buf" is a pointer, thus sizeof buf is just 4 or 8, instead of
1024.  There is also a minor issue that we should use "<=" instead of
"<".

This bug is detected debugging some strange heap corruption running the
Ruby-3.3.0 test suite (on an experimental Linux From Scratch build using
Binutils-2.41.90 and Glibc trunk, and also Fedora Rawhide [1]).  It
seems Ruby is doing some wild "optimization" by jumping into somewhere
in qsort_r instead of calling it normally, resulting in a double free of
buf if we allocate it on heap.  The issue can be reproduced
deterministically with:

    LD_PRELOAD=/usr/lib/libc_malloc_debug.so MALLOC_CHECK_=3 \
    LD_LIBRARY_PATH=. ./ruby test/runner.rb test/ruby/test_enum.rb

in Ruby-3.3.0 tree after building it.  This change would hide the issue
for Ruby, but Ruby is likely still buggy (if using this "optimization"
sorting larger arrays).

[1]:https://kojipkgs.fedoraproject.org/work/tasks/9729/111889729/build.log

Signed-off-by: Xi Ruoyao <xry111@xry111.site>
2024-01-23 05:17:31 -08:00
Andreas Schwab
6edaa12b41 riscv: add support for static PIE
In order to support static PIE the startup code must avoid relocations
before __libc_start_main is called.
2024-01-22 14:58:23 +01:00
Adhemerval Zanella
bcf2abd43b sh: Fix static build with --enable-fortify
For static the internal symbols should not be prepended with the
internal __GI_.

Checked with a make check for sh4-linux-gnu.
2024-01-22 10:04:53 -03:00
Adhemerval Zanella
926a4bdbb5 sparc: Fix sparc64 memmove length comparison (BZ 31266)
The small counts copy bytes comparsion should be unsigned (as the
memmove size argument).  It fixes string/tst-memmove-overflow on
sparcv9, where the input size triggers an invalid code path.

Checked on sparc64-linux-gnu and sparcv9-linux-gnu.
2024-01-22 09:34:50 -03:00
Adhemerval Zanella
369efd8177 sparc64: Remove unwind information from signal return stubs [BZ#31244]
Similar to sparc32 fix, remove the unwind information on the signal
return stubs.  This fixes the regressions:

FAIL: nptl/tst-cancel24-static
FAIL: nptl/tst-cond8-static
FAIL: nptl/tst-mutex8-static
FAIL: nptl/tst-mutexpi8-static
FAIL: nptl/tst-mutexpi9

On sparc64-linux-gnu.
2024-01-22 09:34:50 -03:00
Adhemerval Zanella
dd57f5e7b6 sparc: Remove 64 bit check on sparc32 wordsize (BZ 27574)
The sparc32 is always 32 bits.

Checked on sparcv9-linux-gnu.
2024-01-22 09:34:50 -03:00
Adhemerval Zanella
3bffe5aa2d Use --disable-default-pie for sparc in build-many-glibcs.py
The staticcally built binaries fails without this option [1].

Checked on sparc64-linux-gnu and sparcv9-linux-gnu.

[1] https://sourceware.org/bugzilla/show_bug.cgi?id=29575
2024-01-22 09:34:50 -03:00
Joseph Myers
b86cb494f9 Further build-many-glibcs.py fixes for utcnow() deprecation
It turns out that the replacement of datetime.datetime.utcnow(), for a
warning produced early in running build-many-glibcs.py with Python
3.12, (a) wasn't complete (there were other uses elsewhere in the
script also needing updating) and (b) broke reading of build-time from
build-state.json, because an aware datetime was written out including
+00:00 for the timezone, which was not expected by the strptime call.

Fix the first by making the change to
datetime.datetime.now(datetime.timezone.utc) for all the remaining
utcnow() calls.  Fix the second by using strftime with an explicit
format instead of just str() when formatting build times for
build-state.json and and email subjects, and then setting the timezone
explicitly when reading from build-state.json.  (Other uses, in
particular messages output by the bot, continue to use str() as the
precise format should not matter in those cases; it shouldn't actually
matter for email subjects either but it seems a good idea to keep
those short.)

Tested with a bot-cycle run and checking the format of times in
build-state.json afterwards.
2024-01-19 13:30:34 +00:00