1.1.24 release notes new features: - GLOB_TILDE extension to glob - non-stub catgets localization API, using netbsd binary catalog format - posix_spawn file actions for [f]chdir (extension, pending future standard) - secure_getenv function (extension) - copy_file_range syscall wrapper (Linux extension) - header-level support for new linux features in 5.2 performance: - new fast path for lrint (generic C version) on 32-bit archs major internal changes: - functions involving time are overhauled to be time64-ready in 32-bit archs - x32 uses the new time64 code paths to replace nasty hacks in syscall glue compatibility & conformance: - support for powerpc[64] unaligned relocation types - powerpc[64] and sh sys/user.h no longer clash with kernel asm/ptrace.h - select no longer modifies timeout on failure (or at all) - mips64 stat results are no longer limited to 32-bit time range - optreset (BSD extension) now has a public declaration - support for clang inconsistencies in wchar_t type vs some 32-bit archs - mips r6 syscall asm no longer has invalid lo/hi register clobbers - vestigial asm declarations of __tls_get_new are removed (broke some tooling) - riscv64 mcontext_t mismatch glibc's member naming is corrected bugs fixed: - glob failed to match broken symlinks consistently - invalid use of interposed calloc to allocate initial TLS - various dlsym symbol resolution logic errors - semctl with SEM_STAT_ANY didn't work - pthread_create with explicit scheduling was subject to priority inversion - pthread_create failure path had data race for thread count - timer_create with SIGEV_THREAD notification had data race getting timer id - wide printf family failed to support l modifier for float formats arch-specific bugs fixed: - x87 floating point stack imbalance in math asm (i386-only CVE-2019-14697) - x32 clock_adjtime, getrusage, wait3, wait4 produced junk (struct mismatches) - lseek broken on x32 and mipsn32 with large file offsets - riscv64 atomics weren't compiler barriers - riscv64 atomics had broken asm constraints (missing earlyclobber flag) - arm clone() was broken when compiled as thumb if start function returned - mipsr6 setjmp/longjmp did not preserve fpu register state correctly Refreshed all patches. Removed upstreamed. Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>master
parent
4c92859945
commit
00f96dcddb
@ -1,136 +0,0 @@ |
|||||||
>From a57cd35acf26ba6202ed6534a57f496464f431a1 Mon Sep 17 00:00:00 2001
|
|
||||||
From: Szabolcs Nagy <nsz@port70.net>
|
|
||||||
Date: Sat, 10 Aug 2019 23:14:40 +0000
|
|
||||||
Subject: [PATCH] make relocation time symbol lookup and dlsym consistent
|
|
||||||
|
|
||||||
Using common code path for all symbol lookups fixes three dlsym issues:
|
|
||||||
|
|
||||||
- st_shndx of STT_TLS symbols were not checked and thus an undefined
|
|
||||||
tls symbol reference could be incorrectly treated as a definition
|
|
||||||
(the sysv hash lookup returns undefined symbols, gnu does not, so should
|
|
||||||
be rare in practice).
|
|
||||||
|
|
||||||
- symbol binding was not checked so a hidden symbol may be returned
|
|
||||||
(in principle STB_LOCAL symbols may appear in the dynamic symbol table
|
|
||||||
for hidden symbols, but linkers most likely don't produce it).
|
|
||||||
|
|
||||||
- mips specific behaviour was not applied (ARCH_SYM_REJECT_UND) so
|
|
||||||
undefined symbols may be returned on mips.
|
|
||||||
|
|
||||||
always_inline is used to avoid relocation performance regression, the
|
|
||||||
code generation for find_sym should not be affected.
|
|
||||||
---
|
|
||||||
ldso/dynlink.c | 84 +++++++++++++++++++-------------------------------
|
|
||||||
1 file changed, 31 insertions(+), 53 deletions(-)
|
|
||||||
|
|
||||||
--- a/ldso/dynlink.c
|
|
||||||
+++ b/ldso/dynlink.c
|
|
||||||
@@ -283,12 +283,16 @@ static Sym *gnu_lookup_filtered(uint32_t
|
|
||||||
#define ARCH_SYM_REJECT_UND(s) 0
|
|
||||||
#endif
|
|
||||||
|
|
||||||
-static struct symdef find_sym(struct dso *dso, const char *s, int need_def)
|
|
||||||
+#if defined(__GNUC__)
|
|
||||||
+__attribute__((always_inline))
|
|
||||||
+#endif
|
|
||||||
+static inline struct symdef find_sym2(struct dso *dso, const char *s, int need_def, int use_deps)
|
|
||||||
{
|
|
||||||
uint32_t h = 0, gh = gnu_hash(s), gho = gh / (8*sizeof(size_t)), *ght;
|
|
||||||
size_t ghm = 1ul << gh % (8*sizeof(size_t));
|
|
||||||
struct symdef def = {0};
|
|
||||||
- for (; dso; dso=dso->syms_next) {
|
|
||||||
+ struct dso **deps = use_deps ? dso->deps : 0;
|
|
||||||
+ for (; dso; dso=use_deps ? *deps++ : dso->syms_next) {
|
|
||||||
Sym *sym;
|
|
||||||
if ((ght = dso->ghashtab)) {
|
|
||||||
sym = gnu_lookup_filtered(gh, ght, dso, s, gho, ghm);
|
|
||||||
@@ -313,6 +317,11 @@ static struct symdef find_sym(struct dso
|
|
||||||
return def;
|
|
||||||
}
|
|
||||||
|
|
||||||
+static struct symdef find_sym(struct dso *dso, const char *s, int need_def)
|
|
||||||
+{
|
|
||||||
+ return find_sym2(dso, s, need_def, 0);
|
|
||||||
+}
|
|
||||||
+
|
|
||||||
static void do_relocs(struct dso *dso, size_t *rel, size_t rel_size, size_t stride)
|
|
||||||
{
|
|
||||||
unsigned char *base = dso->base;
|
|
||||||
@@ -2118,58 +2127,27 @@ static void *addr2dso(size_t a)
|
|
||||||
|
|
||||||
static void *do_dlsym(struct dso *p, const char *s, void *ra)
|
|
||||||
{
|
|
||||||
- size_t i;
|
|
||||||
- uint32_t h = 0, gh = 0, *ght;
|
|
||||||
- Sym *sym;
|
|
||||||
- if (p == head || p == RTLD_DEFAULT || p == RTLD_NEXT) {
|
|
||||||
- if (p == RTLD_DEFAULT) {
|
|
||||||
- p = head;
|
|
||||||
- } else if (p == RTLD_NEXT) {
|
|
||||||
- p = addr2dso((size_t)ra);
|
|
||||||
- if (!p) p=head;
|
|
||||||
- p = p->next;
|
|
||||||
- }
|
|
||||||
- struct symdef def = find_sym(p, s, 0);
|
|
||||||
- if (!def.sym) goto failed;
|
|
||||||
- if ((def.sym->st_info&0xf) == STT_TLS)
|
|
||||||
- return __tls_get_addr((tls_mod_off_t []){def.dso->tls_id, def.sym->st_value-DTP_OFFSET});
|
|
||||||
- if (DL_FDPIC && (def.sym->st_info&0xf) == STT_FUNC)
|
|
||||||
- return def.dso->funcdescs + (def.sym - def.dso->syms);
|
|
||||||
- return laddr(def.dso, def.sym->st_value);
|
|
||||||
- }
|
|
||||||
- if (__dl_invalid_handle(p))
|
|
||||||
+ int use_deps = 0;
|
|
||||||
+ if (p == head || p == RTLD_DEFAULT) {
|
|
||||||
+ p = head;
|
|
||||||
+ } else if (p == RTLD_NEXT) {
|
|
||||||
+ p = addr2dso((size_t)ra);
|
|
||||||
+ if (!p) p=head;
|
|
||||||
+ p = p->next;
|
|
||||||
+ } else if (__dl_invalid_handle(p)) {
|
|
||||||
+ return 0;
|
|
||||||
+ } else
|
|
||||||
+ use_deps = 1;
|
|
||||||
+ struct symdef def = find_sym2(p, s, 0, use_deps);
|
|
||||||
+ if (!def.sym) {
|
|
||||||
+ error("Symbol not found: %s", s);
|
|
||||||
return 0;
|
|
||||||
- if ((ght = p->ghashtab)) {
|
|
||||||
- gh = gnu_hash(s);
|
|
||||||
- sym = gnu_lookup(gh, ght, p, s);
|
|
||||||
- } else {
|
|
||||||
- h = sysv_hash(s);
|
|
||||||
- sym = sysv_lookup(s, h, p);
|
|
||||||
- }
|
|
||||||
- if (sym && (sym->st_info&0xf) == STT_TLS)
|
|
||||||
- return __tls_get_addr((tls_mod_off_t []){p->tls_id, sym->st_value-DTP_OFFSET});
|
|
||||||
- if (DL_FDPIC && sym && sym->st_shndx && (sym->st_info&0xf) == STT_FUNC)
|
|
||||||
- return p->funcdescs + (sym - p->syms);
|
|
||||||
- if (sym && sym->st_value && (1<<(sym->st_info&0xf) & OK_TYPES))
|
|
||||||
- return laddr(p, sym->st_value);
|
|
||||||
- for (i=0; p->deps[i]; i++) {
|
|
||||||
- if ((ght = p->deps[i]->ghashtab)) {
|
|
||||||
- if (!gh) gh = gnu_hash(s);
|
|
||||||
- sym = gnu_lookup(gh, ght, p->deps[i], s);
|
|
||||||
- } else {
|
|
||||||
- if (!h) h = sysv_hash(s);
|
|
||||||
- sym = sysv_lookup(s, h, p->deps[i]);
|
|
||||||
- }
|
|
||||||
- if (sym && (sym->st_info&0xf) == STT_TLS)
|
|
||||||
- return __tls_get_addr((tls_mod_off_t []){p->deps[i]->tls_id, sym->st_value-DTP_OFFSET});
|
|
||||||
- if (DL_FDPIC && sym && sym->st_shndx && (sym->st_info&0xf) == STT_FUNC)
|
|
||||||
- return p->deps[i]->funcdescs + (sym - p->deps[i]->syms);
|
|
||||||
- if (sym && sym->st_value && (1<<(sym->st_info&0xf) & OK_TYPES))
|
|
||||||
- return laddr(p->deps[i], sym->st_value);
|
|
||||||
}
|
|
||||||
-failed:
|
|
||||||
- error("Symbol not found: %s", s);
|
|
||||||
- return 0;
|
|
||||||
+ if ((def.sym->st_info&0xf) == STT_TLS)
|
|
||||||
+ return __tls_get_addr((tls_mod_off_t []){def.dso->tls_id, def.sym->st_value-DTP_OFFSET});
|
|
||||||
+ if (DL_FDPIC && (def.sym->st_info&0xf) == STT_FUNC)
|
|
||||||
+ return def.dso->funcdescs + (def.sym - def.dso->syms);
|
|
||||||
+ return laddr(def.dso, def.sym->st_value);
|
|
||||||
}
|
|
||||||
|
|
||||||
int dladdr(const void *addr_arg, Dl_info *info)
|
|
@ -1,179 +0,0 @@ |
|||||||
From f3ed8bfe8a82af1870ddc8696ed4cc1d5aa6b441 Mon Sep 17 00:00:00 2001
|
|
||||||
From: Rich Felker <dalias@aerifal.cx>
|
|
||||||
Date: Mon, 5 Aug 2019 18:41:47 -0400
|
|
||||||
Subject: fix x87 stack imbalance in corner cases of i386 math asm
|
|
||||||
|
|
||||||
commit 31c5fb80b9eae86f801be4f46025bc6532a554c5 introduced underflow
|
|
||||||
code paths for the i386 math asm, along with checks on the fpu status
|
|
||||||
word to skip the underflow-generation instructions if the underflow
|
|
||||||
flag was already raised. unfortunately, at least one such path, in
|
|
||||||
log1p, returned with 2 items on the x87 stack rather than just 1 item
|
|
||||||
for the return value. this is a violation of the ABI's calling
|
|
||||||
convention, and could cause subsequent floating point code to produce
|
|
||||||
NANs due to x87 stack overflow. if floating point results are used in
|
|
||||||
flow control, this can lead to runaway wrong code execution.
|
|
||||||
|
|
||||||
rather than reviewing each "underflow already raised" code path for
|
|
||||||
correctness, remove them all. they're likely slower than just
|
|
||||||
performing the underflow code unconditionally, and significantly more
|
|
||||||
complex.
|
|
||||||
|
|
||||||
all of this code should be ripped out and replaced by C source files
|
|
||||||
with inline asm. doing so would preclude this kind of error by having
|
|
||||||
the compiler perform all x87 stack register allocation and stack
|
|
||||||
manipulation, and would produce comparable or better code. however
|
|
||||||
such a change is a much larger project.
|
|
||||||
---
|
|
||||||
src/math/i386/asin.s | 10 ++--------
|
|
||||||
src/math/i386/atan.s | 7 ++-----
|
|
||||||
src/math/i386/atan2.s | 5 +----
|
|
||||||
src/math/i386/atan2f.s | 5 +----
|
|
||||||
src/math/i386/atanf.s | 7 ++-----
|
|
||||||
src/math/i386/exp.s | 10 ++--------
|
|
||||||
src/math/i386/log1p.s | 7 ++-----
|
|
||||||
src/math/i386/log1pf.s | 7 ++-----
|
|
||||||
8 files changed, 14 insertions(+), 44 deletions(-)
|
|
||||||
|
|
||||||
--- a/src/math/i386/asin.s
|
|
||||||
+++ b/src/math/i386/asin.s
|
|
||||||
@@ -7,13 +7,10 @@ asinf:
|
|
||||||
cmp $0x01000000,%eax
|
|
||||||
jae 1f
|
|
||||||
# subnormal x, return x with underflow
|
|
||||||
- fnstsw %ax
|
|
||||||
- and $16,%ax
|
|
||||||
- jnz 2f
|
|
||||||
fld %st(0)
|
|
||||||
fmul %st(1)
|
|
||||||
fstps 4(%esp)
|
|
||||||
-2: ret
|
|
||||||
+ ret
|
|
||||||
|
|
||||||
.global asinl
|
|
||||||
.type asinl,@function
|
|
||||||
@@ -30,11 +27,8 @@ asin:
|
|
||||||
cmp $0x00200000,%eax
|
|
||||||
jae 1f
|
|
||||||
# subnormal x, return x with underflow
|
|
||||||
- fnstsw %ax
|
|
||||||
- and $16,%ax
|
|
||||||
- jnz 2f
|
|
||||||
fsts 4(%esp)
|
|
||||||
-2: ret
|
|
||||||
+ ret
|
|
||||||
1: fld %st(0)
|
|
||||||
fld1
|
|
||||||
fsub %st(0),%st(1)
|
|
||||||
--- a/src/math/i386/atan.s
|
|
||||||
+++ b/src/math/i386/atan.s
|
|
||||||
@@ -10,8 +10,5 @@ atan:
|
|
||||||
fpatan
|
|
||||||
ret
|
|
||||||
# subnormal x, return x with underflow
|
|
||||||
-1: fnstsw %ax
|
|
||||||
- and $16,%ax
|
|
||||||
- jnz 2f
|
|
||||||
- fsts 4(%esp)
|
|
||||||
-2: ret
|
|
||||||
+1: fsts 4(%esp)
|
|
||||||
+ ret
|
|
||||||
--- a/src/math/i386/atan2.s
|
|
||||||
+++ b/src/math/i386/atan2.s
|
|
||||||
@@ -10,8 +10,5 @@ atan2:
|
|
||||||
cmp $0x00200000,%eax
|
|
||||||
jae 1f
|
|
||||||
# subnormal x, return x with underflow
|
|
||||||
- fnstsw %ax
|
|
||||||
- and $16,%ax
|
|
||||||
- jnz 1f
|
|
||||||
fsts 4(%esp)
|
|
||||||
-1: ret
|
|
||||||
+ ret
|
|
||||||
--- a/src/math/i386/atan2f.s
|
|
||||||
+++ b/src/math/i386/atan2f.s
|
|
||||||
@@ -10,10 +10,7 @@ atan2f:
|
|
||||||
cmp $0x01000000,%eax
|
|
||||||
jae 1f
|
|
||||||
# subnormal x, return x with underflow
|
|
||||||
- fnstsw %ax
|
|
||||||
- and $16,%ax
|
|
||||||
- jnz 1f
|
|
||||||
fld %st(0)
|
|
||||||
fmul %st(1)
|
|
||||||
fstps 4(%esp)
|
|
||||||
-1: ret
|
|
||||||
+ ret
|
|
||||||
--- a/src/math/i386/atanf.s
|
|
||||||
+++ b/src/math/i386/atanf.s
|
|
||||||
@@ -10,10 +10,7 @@ atanf:
|
|
||||||
fpatan
|
|
||||||
ret
|
|
||||||
# subnormal x, return x with underflow
|
|
||||||
-1: fnstsw %ax
|
|
||||||
- and $16,%ax
|
|
||||||
- jnz 2f
|
|
||||||
- fld %st(0)
|
|
||||||
+1: fld %st(0)
|
|
||||||
fmul %st(1)
|
|
||||||
fstps 4(%esp)
|
|
||||||
-2: ret
|
|
||||||
+ ret
|
|
||||||
--- a/src/math/i386/exp.s
|
|
||||||
+++ b/src/math/i386/exp.s
|
|
||||||
@@ -7,13 +7,10 @@ expm1f:
|
|
||||||
cmp $0x01000000,%eax
|
|
||||||
jae 1f
|
|
||||||
# subnormal x, return x with underflow
|
|
||||||
- fnstsw %ax
|
|
||||||
- and $16,%ax
|
|
||||||
- jnz 2f
|
|
||||||
fld %st(0)
|
|
||||||
fmul %st(1)
|
|
||||||
fstps 4(%esp)
|
|
||||||
-2: ret
|
|
||||||
+ ret
|
|
||||||
|
|
||||||
.global expm1l
|
|
||||||
.type expm1l,@function
|
|
||||||
@@ -30,11 +27,8 @@ expm1:
|
|
||||||
cmp $0x00200000,%eax
|
|
||||||
jae 1f
|
|
||||||
# subnormal x, return x with underflow
|
|
||||||
- fnstsw %ax
|
|
||||||
- and $16,%ax
|
|
||||||
- jnz 2f
|
|
||||||
fsts 4(%esp)
|
|
||||||
-2: ret
|
|
||||||
+ ret
|
|
||||||
1: fldl2e
|
|
||||||
fmulp
|
|
||||||
mov $0xc2820000,%eax
|
|
||||||
--- a/src/math/i386/log1p.s
|
|
||||||
+++ b/src/math/i386/log1p.s
|
|
||||||
@@ -16,9 +16,6 @@ log1p:
|
|
||||||
fyl2x
|
|
||||||
ret
|
|
||||||
# subnormal x, return x with underflow
|
|
||||||
-2: fnstsw %ax
|
|
||||||
- and $16,%ax
|
|
||||||
- jnz 1f
|
|
||||||
- fsts 4(%esp)
|
|
||||||
+2: fsts 4(%esp)
|
|
||||||
fstp %st(1)
|
|
||||||
-1: ret
|
|
||||||
+ ret
|
|
||||||
--- a/src/math/i386/log1pf.s
|
|
||||||
+++ b/src/math/i386/log1pf.s
|
|
||||||
@@ -16,10 +16,7 @@ log1pf:
|
|
||||||
fyl2x
|
|
||||||
ret
|
|
||||||
# subnormal x, return x with underflow
|
|
||||||
-2: fnstsw %ax
|
|
||||||
- and $16,%ax
|
|
||||||
- jnz 1f
|
|
||||||
- fxch
|
|
||||||
+2: fxch
|
|
||||||
fmul %st(1)
|
|
||||||
fstps 4(%esp)
|
|
||||||
-1: ret
|
|
||||||
+ ret
|
|
@ -1,28 +0,0 @@ |
|||||||
From 6818c31c9bc4bbad5357f1de14bedf781e5b349e Mon Sep 17 00:00:00 2001
|
|
||||||
From: Rich Felker <dalias@aerifal.cx>
|
|
||||||
Date: Mon, 5 Aug 2019 19:57:07 -0400
|
|
||||||
Subject: fix build regression in i386 asm for atan2, atan2f
|
|
||||||
|
|
||||||
commit f3ed8bfe8a82af1870ddc8696ed4cc1d5aa6b441 inadvertently removed
|
|
||||||
labels that were still needed.
|
|
||||||
---
|
|
||||||
src/math/i386/atan2.s | 2 +-
|
|
||||||
src/math/i386/atan2f.s | 2 +-
|
|
||||||
2 files changed, 2 insertions(+), 2 deletions(-)
|
|
||||||
|
|
||||||
--- a/src/math/i386/atan2.s
|
|
||||||
+++ b/src/math/i386/atan2.s
|
|
||||||
@@ -11,4 +11,4 @@ atan2:
|
|
||||||
jae 1f
|
|
||||||
# subnormal x, return x with underflow
|
|
||||||
fsts 4(%esp)
|
|
||||||
- ret
|
|
||||||
+1: ret
|
|
||||||
--- a/src/math/i386/atan2f.s
|
|
||||||
+++ b/src/math/i386/atan2f.s
|
|
||||||
@@ -13,4 +13,4 @@ atan2f:
|
|
||||||
fld %st(0)
|
|
||||||
fmul %st(1)
|
|
||||||
fstps 4(%esp)
|
|
||||||
- ret
|
|
||||||
+1: ret
|
|
Loading…
Reference in new issue