If xports is NULL in xprt_register we malloc it but if sock >
_rpc_dtablesize() that memory does not get initialised and may in theory
contain any value. Later we make a conditional jump in svc_getreq_common
based on the uninitialised memory and this caused a general protection
fault in rpc.statd on an older version of glibc but this code has not
changed since that version.
Following is the valgrind warning.
==26802== Conditional jump or move depends on uninitialised value(s)
==26802== at 0x5343A25: svc_getreq_common (in /lib64/libc-2.5.so)
==26802== by 0x534357B: svc_getreqset (in /lib64/libc-2.5.so)
==26802== by 0x10DE1F: ??? (in /sbin/rpc.statd)
==26802== by 0x10D0EF: main (in /sbin/rpc.statd)
==26802== Uninitialised value was created by a heap allocation
==26802== at 0x4C2210C: malloc (vg_replace_malloc.c:195)
==26802== by 0x53438BE: xprt_register (in /lib64/libc-2.5.so)
==26802== by 0x53450DF: svcudp_bufcreate (in /lib64/libc-2.5.so)
==26802== by 0x10FE32: ??? (in /sbin/rpc.statd)
==26802== by 0x10D13E: main (in /sbin/rpc.statd)
for ChangeLog
[BZ #17090]
[BZ #17620]
[BZ #17621]
[BZ #17628]
* NEWS: Update.
* elf/dl-tls.c (_dl_update_slotinfo): Clean up outdated DTV
entries with Static TLS too. Skip entries past the end of the
allocated DTV, from Alan Modra.
(tls_get_addr_tail): Update to glibc_likely/unlikely. Move
Static TLS DTV entry set up from...
(_dl_allocate_tls_init): ... here (fix modid assertion), ...
* elf/dl-reloc.c (_dl_nothread_init_static_tls): ... here...
* nptl/allocatestack.c (init_one_static_tls): ... and here...
* elf/dlopen.c (dl_open_worker): Drop l_tls_modid upper bound
for Static TLS.
* elf/tlsdeschtab.h (map_generation): Return size_t. Check
that the slot we find is associated with the given map before
using its generation count.
* nptl_db/db_info.c: Include ldsodefs.h.
(rtld_global, dtv_slotinfo_list, dtv_slotinfo): New typedefs.
* nptl_db/structs.def (DB_RTLD_VARIABLE): New macro.
(DB_MAIN_VARIABLE, DB_RTLD_GLOBAL_FIELD): Likewise.
(link_map::l_tls_offset): New struct field.
(dtv_t::counter): Likewise.
(rtld_global): New struct.
(_rtld_global): New rtld variable.
(dl_tls_dtv_slotinfo_list): New rtld global field.
(dtv_slotinfo_list): New struct.
(dtv_slotinfo): Likewise.
* nptl_db/td_symbol_list.c: Drop gnu/lib-names.h include.
(td_lookup): Rename to...
(td_mod_lookup): ... this. Use new mod parameter instead of
LIBPTHREAD_SO.
* nptl_db/td_thr_tlsbase.c: Include link.h.
(dtv_slotinfo_list, dtv_slotinfo): New functions.
(td_thr_tlsbase): Check DTV generation. Compute Static TLS
addresses even if the DTV is out of date or missing them.
* nptl_db/fetch-value.c (_td_locate_field): Do not refuse to
index zero-length arrays.
* nptl_db/thread_dbP.h: Include gnu/lib-names.h.
(td_lookup): Make it a macro implemented in terms of...
(td_mod_lookup): ... this declaration.
* nptl_db/db-symbols.awk (DB_RTLD_VARIABLE): Override.
(DB_MAIN_VARIABLE): Likewise.
We need to add a BND prefix before indirect branch at the end of
_dl_runtime_resolve to preserve bound registers.
[BZ #18134]
* sysdeps/x86_64/dl-trampoline.S (PRESERVE_BND_REGS_PREFIX): New.
(_dl_runtime_resolve): Add a BND prefix before indirect branch.
In bug 14906 the user complains that the inotify support in nscd
is not sufficient when it comes to detecting changes in the
configurationfiles that should be watched for the various databases.
The current nscd implementation uses inotify to watch for changes in
the configuration files, but adds watches only for IN_DELETE_SELF and
IN_MODIFY. These watches are insufficient to cover even the most basic
uses by a system administrator. For example using emacs or vim to edit
a configuration file should trigger a reload but it might not if
the editors use move to atomically update the file. This atomic update
changes the inode and thus removes the notification on the file (as
inotify is based on inodes). Thus the inotify support in nscd for
configuration files is insufficient to account for the average use
cases of system administrators and users.
The inotify support is significantly enhanced and described here:
https://www.sourceware.org/ml/libc-alpha/2015-02/msg00504.html
Tested on x86_64 with and without inotify support.
This patch makes soft-fp use static assertions in place of conditional
calls to abort, in places where there are checks for conditions (on
the types for which a macro is used) that the code is not prepared to
handle. The fallback definition of _FP_STATIC_ASSERT (for kernel use
only, as only relevant to compilers not supported for building glibc)
is as in misc/sys/cdefs.h.
This means that soft-fp only ever calls abort for _FP_UNREACHABLE
calls in builds with GCC versions before 4.5. Thus, there is no need
for an abort declaration or <stdlib.h> include, since the kernel code
handles defining abort as a macro itself - and so this avoids any need
for an __KERNEL__ condition on the abort declaration to avoid it
breaking with the kernel's macro definition. That is, this patch is
intended to make glibc's soft-fp code suitable for kernel use with no
kernel-local changes to the soft-fp code needed at all.
Tested for powerpc-nofpu that installed stripped shared libraries are
unchanged by the patch. One explicit <stdlib.h> include had to be
added to a file that was relying on the include from soft-fp.h.
* soft-fp/soft-fp.h (_FP_STATIC_ASSERT): New macro.
[_LIBC]: Do not include <stdlib.h>.
[!_LIBC] (abort): Remove declaration.
* soft-fp/op-2.h (_FP_MUL_MEAT_2_120_240_double): Use
_FP_STATIC_ASSERT instead of conditionally calling abort.
* soft-fp/op-common.h (_FP_FROM_INT): Likewise.
(_FP_EXTEND_CNAN): Likewise.
(FP_TRUNC): Likewise.
(__FP_CLZ): Likewise.
* sysdeps/powerpc/nofpu/flt-rounds.c: Include <stdlib.h>.
ldconfig is using an aux-cache to speed up the ld.so.cache update. It
is read by mmaping the file to a structure which contains data offsets
used as pointers. As they are not checked, it is not hard to get
ldconfig to segfault with a corrupted file. This happens for instance if
the file is truncated, which is common following a filesystem check
following a system crash.
This can be reproduced for example by truncating the file to roughly
half of it's size.
There is already some code in elf/cache.c (load_aux_cache) to check
for a corrupted aux cache, but it happens to be broken and not enough.
The test (aux_cache->nlibs >= aux_cache_size) compares the number of
libs entry with the cache size. It's a non sense, as it basically
assumes that each library entry is a 1 byte... Instead this commit
computes the theoretical cache size using the headers and compares it
to the real size.
With AIX port deprecated there is no need to check/define
HAVE_ASM_GLOBAL_DOT_NAME anymore since the current minimum binutils
supported (2.22) does not emit global symbol with dot.
This patch removes all the HAVE_ASM_GLOBAL_DOT_NAME definition and
checks for powerpc64 port.
The function feupdateenv has been fixed to correctly handle FE_DFL_ENV
and FE_NOMASK_ENV.
The fesetexceptflag function has been fixed to correctly handle setting
the new flags instead of just OR-ing the existing flags.
This fixes the test-fenv-return and test-fenvinline failures on hppa.
The constraints in the inline assembly in feholdexcept and fesetenv
are incorrect. The assembly modifies the buffer pointer, but doesn't
express that in the constraints. The simple fix is to remove the
modification of the buffer pointer which is no longer required by
the existing code, and adjust the one constraint that did express
the modification of bufptr.
The change fixes test-fenv when glibc is compiled with recent gcc.
This patch makes soft-fp use a new macro _FP_UNREACHABLE in place of
calling abort in unreachable default cases of switch statements.
_FP_UNREACHABLE expands to call __builtin_unreachable for GCC 4.5 and
later; the fallback to abort is thus only for kernel use.
Tested for powerpc-nofpu that installed stripped shared libraries are
unchanged by this patch. Also tested with the math/ tests for mips64
(in the case of fma there *was* previously an abort call generated,
unlike for the other operations - one switch only deals with a subset
of classes for one operand based on what could have been generated in
the earlier part of fma, whereas the other switches deal with all
combinations of two classes - and this is apparently too complicated
for the default case to have been optimized away).
* soft-fp/soft-fp.h (_FP_UNREACHABLE): New macro.
* soft-fp/op-common.h (_FP_MUL): Use _FP_UNREACHABLE instead of
abort.
(_FP_FMA): Likewise.
(_FP_DIV): Likewise.
This patch makes soft-fp headers consistently use multiple-include
guards, something previously done mainly only in the Linux kernel
version. The guard macros aren't the same as those used in the Linux
kernel, but there seems to be enough variation in such guards in Linux
kernel code that hopefully this version will be acceptable there.
Tested for powerpc-nofpu that installed stripped shared libraries are
unchanged by this patch.
* soft-fp/double.h [SOFT_FP_DOUBLE_H]: New multiple-include guard.
* soft-fp/extended.h [SOFT_FP_EXTENDED_H]: Likewise.
* soft-fp/op-1.h [SOFT_FP_OP_1_H]: Likewise.
* soft-fp/op-2.h [SOFT_FP_OP_2_H]: Likewise.
* soft-fp/op-4.h [SOFT_FP_OP_4_H]: Likewise.
* soft-fp/op-8.h [SOFT_FP_OP_8_H]: Likewise.
* soft-fp/op-common.h [SOFT_FP_OP_COMMON_H]: Likewise.
* soft-fp/quad.h [SOFT_FP_QUAD_H]: Likewise.
* soft-fp/single.h [SOFT_FP_SINGLE_H]: Likewise.
* soft-fp/soft-fp.h (SOFT_FP_H): Define to 1 rather than empty.
Add comment on closing #endif.
In the Linux kernel, some architectures have a single function that
uses different kinds of unpacking and packing depending on the
instruction being emulated, meaning it is not readily visible to the
compiler that variables from _FP_DECL and _FP_FRAC_DECL_* macros are
only used in cases where they were initialized. The existing copy of
soft-fp in the Linux kernel uses zero-initialization to avoid warnings
in this case, so while frowned upon as a warning suppression mechanism
in code built for glibc it seems appropriate to have such
zero-initialization conditional on __KERNEL__. This patch duly adds
it, via a macro _FP_ZERO_INIT that expands to empty for non-kernel
compilations.
Tested for powerpc-nofpu that installed stripped shared libraries are
unchanged by this patch.
* soft-fp/soft-fp.h (_FP_ZERO_INIT): New macro. Define depending
on [__KERNEL__].
* soft-fp/op-1.h (_FP_FRAC_DECL_1): Use _FP_ZERO_INIT.
* soft-fp/op-2.h (_FP_FRAC_DECL_2): Likewise.
* soft-fp/op-common.h (_FP_DECL): Likewise.
With copy relocation, address of protected data defined in the shared
library may be external. Compiler shouldn't asssume protected data will
be local. But due to
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=65248
__attribute__((visibility("protected"))) doesn't work correctly, we need
to use asm (".protected xxx") instead.
* elf/ifuncdep2.c (global): Replace
__attribute__((visibility("protected"))) with
asm (".protected global").
* elf/ifuncmod1.c (global): Likewise.
* elf/ifuncmod5.c (global): Likewise.
My Linux kernel patch to update the kernel to current glibc soft-fp
<https://sourceware.org/ml/libc-alpha/2015-02/msg00107.html> still
leaves a few small differences between the two copies of soft-fp.
I think it's desirable to avoid such differences completely if
possible by having one set of sources suitable for use in both places.
To that end, this patch introduces a conditional on __KERNEL__ for the
path by which sfp-machine.h is included.
Tested for powerpc-nofpu that installed stripped shared libraries are
unchanged by this patch.
* soft-fp/soft-fp.h [!_LIBC && __KERNEL__]: Include
<asm/sfp-machine.h> instead of <sfp-machine.h>.
The manual gives "an example showing how to handle failure to open a
file correctly." The example function, open_sesame, uses the
newly-introduced strerror function and errno and
program_invocation_short_name variables. It fails to specify GNU
extensions, however, so attempts to use it in the following way:
int main (void) {open_sesame ("badname");}
fail during compilation with "error: ‘program_invocation_short_name’
undeclared", indicating the example is incomplete. The presence of
"#include"s suggest everything neccesary for the function to work should
be present. For completeness, the example is lacking the following line:
#define _GNU_SOURCE
as the declarations of program_invocation_*name in errno.h are wrapped
in an "#ifdef __USE_GNU" conditional.
The documentation of the variables is also expanded, adding that their
definition lies in errno.h and noting specifically they are GNU
extensions.