musl/src/thread, branch v1.1.9 musl - an implementation of the standard library for Linux-based systems fix stack protector crashes on x32 & powerpc due to misplaced TLS canary 2015-05-06T22:37:19+00:00 Rich Felker dalias@aerifal.cx 2015-05-06T22:37:19+00:00 484194dbf41758eec0ef62fef5fe9350c21b9241 i386, x86_64, x32, and powerpc all use TLS for stack protector canary values in the default stack protector ABI, but the location only matched the ABI on i386 and x86_64. on x32, the expected location for the canary contained the tid, thus producing spurious mismatches (resulting in process termination) upon fork. on powerpc, the expected location contained the stdio_locks list head, so returning from a function after calling flockfile produced spurious mismatches. in both cases, the random canary was not present, and a predictable value was used instead, making the stack protector hardening much less effective than it should be. in the current fix, the thread structure has been expanded to have canary fields at all three possible locations, and archs that use a non-default location must define a macro in pthread_arch.h to choose which location is used. for most archs (which lack TLS canary ABI) the choice does not matter. 
i386, x86_64, x32, and powerpc all use TLS for stack protector canary
values in the default stack protector ABI, but the location only
matched the ABI on i386 and x86_64. on x32, the expected location for
the canary contained the tid, thus producing spurious mismatches
(resulting in process termination) upon fork. on powerpc, the expected
location contained the stdio_locks list head, so returning from a
function after calling flockfile produced spurious mismatches. in both
cases, the random canary was not present, and a predictable value was
used instead, making the stack protector hardening much less effective
than it should be.

in the current fix, the thread structure has been expanded to have
canary fields at all three possible locations, and archs that use a
non-default location must define a macro in pthread_arch.h to choose
which location is used. for most archs (which lack TLS canary ABI) the
choice does not matter.
fix x32 __set_thread_area failure due to junk in upper bits 2015-05-02T15:53:45+00:00 Rich Felker dalias@aerifal.cx 2015-05-02T15:53:45+00:00 2d5c74c21e0483128624c43d4399ef49e057e264 the kernel does not properly clear the upper bits of the syscall argument, so we have to do it before the syscall. 
the kernel does not properly clear the upper bits of the syscall
argument, so we have to do it before the syscall.
minor optimization to pthread_spin_trylock 2015-04-22T07:24:37+00:00 Rich Felker dalias@aerifal.cx 2015-04-22T07:24:37+00:00 afbcac6826988d12d9a874359cab735049c17500 use CAS instead of swap since it's lighter for most archs, and keep EBUSY in the lock value so that the old value obtained by CAS can be used directly as the return value for pthread_spin_trylock. 
use CAS instead of swap since it's lighter for most archs, and keep
EBUSY in the lock value so that the old value obtained by CAS can be
used directly as the return value for pthread_spin_trylock.
optimize spin lock not to dirty cache line while spinning 2015-04-22T07:16:50+00:00 Rich Felker dalias@aerifal.cx 2015-04-22T07:16:50+00:00 7b1fb0c526936873a260e860ce3bca82113c3d4c 






fix mmap leak in sem_open failure path for link call
2015-04-21T17:24:46+00:00

Rich Felker
dalias@aerifal.cx

2015-04-21T17:24:46+00:00

086793ad99dc625fd1c47f96fc31ea8aa316b438

the leak was found by static analysis (reported by Alexander Monakov),
not tested/observed, but seems to have occured both when failing due
to O_EXCL, and in a race condition with O_CREAT but not O_EXCL where a
semaphore by the same name was created concurrently.





the leak was found by static analysis (reported by Alexander Monakov),
not tested/observed, but seems to have occured both when failing due
to O_EXCL, and in a race condition with O_CREAT but not O_EXCL where a
semaphore by the same name was created concurrently.







make dlerror state and message thread-local and dynamically-allocated
2015-04-18T22:00:22+00:00

Rich Felker
dalias@aerifal.cx

2015-04-18T22:00:22+00:00

01d42747118522b7a486ece1736b93c6d5751344

this fixes truncation of error messages containing long pathnames or
symbol names.

the dlerror state was previously required by POSIX to be global. the
resolution of bug 97 relaxed the requirements to allow thread-safe
implementations of dlerror with thread-local state and message buffer.





this fixes truncation of error messages containing long pathnames or
symbol names.

the dlerror state was previously required by POSIX to be global. the
resolution of bug 97 relaxed the requirements to allow thread-safe
implementations of dlerror with thread-local state and message buffer.







fix sh build regressions in asm
2015-04-18T02:18:06+00:00

Rich Felker
dalias@aerifal.cx

2015-04-18T02:16:30+00:00

33615cd5ca4d40286d3000a941f96c5bebdf39fb

even hidden functions need @PLT symbol references; otherwise an
absolute address is produced instead of a PC-relative one.





even hidden functions need @PLT symbol references; otherwise an
absolute address is produced instead of a PC-relative one.







fix sh __set_thread_area uninitialized return value
2015-04-18T02:14:03+00:00

Rich Felker
dalias@aerifal.cx

2015-04-18T02:14:03+00:00

64fbd15fc5274d4e87d27496ddfb5d064c056585

this caused the dynamic linker/startup code to abort when r0 happened
to contain a negative value.





this caused the dynamic linker/startup code to abort when r0 happened
to contain a negative value.







use hidden __tls_get_new for tls/tlsdesc lookup fallback cases
2015-04-15T03:45:08+00:00

Rich Felker
dalias@aerifal.cx

2015-04-15T03:45:08+00:00

81e18eb3cd61f7b68a8f99b3e6c728f2a4d79221

previously, the dynamic tlsdesc lookup functions and the i386
special-ABI ___tls_get_addr (3 underscores) function called
__tls_get_addr when the slot they wanted was not already setup;
__tls_get_addr would then in turn also see that it's not setup and
call __tls_get_new.

calling __tls_get_new directly is both more efficient and avoids the
issue of calling a non-hidden (public API/ABI) function from asm.

for the special i386 function, a weak reference to __tls_get_new is
used since this function is not defined when static linking (the code
path that needs it is unreachable in static-linked programs).





previously, the dynamic tlsdesc lookup functions and the i386
special-ABI ___tls_get_addr (3 underscores) function called
__tls_get_addr when the slot they wanted was not already setup;
__tls_get_addr would then in turn also see that it's not setup and
call __tls_get_new.

calling __tls_get_new directly is both more efficient and avoids the
issue of calling a non-hidden (public API/ABI) function from asm.

for the special i386 function, a weak reference to __tls_get_new is
used since this function is not defined when static linking (the code
path that needs it is unreachable in static-linked programs).







cleanup use of visibility attributes in pthread_cancel.c
2015-04-14T17:49:05+00:00

Rich Felker
dalias@aerifal.cx

2015-04-14T17:49:05+00:00

9c738dc183f44de40d263e4ff8dc540915a41aed

applying the attribute to a weak_alias macro was a hack. instead use a
separate declaration to apply the visibility, and consolidate
declarations together to avoid having visibility mess all over the
file.





applying the attribute to a weak_alias macro was a hack. instead use a
separate declaration to apply the visibility, and consolidate
declarations together to avoid having visibility mess all over the
file.