summaryrefslogtreecommitdiff
path: root/arch
AgeCommit message (Collapse)AuthorLines
2015-03-03make all objects used with atomic operations volatileRich Felker-63/+63
the memory model we use internally for atomics permits plain loads of values which may be subject to concurrent modification without requiring that a special load function be used. since a compiler is free to make transformations that alter the number of loads or the way in which loads are performed, the compiler is theoretically free to break this usage. the most obvious concern is with atomic cas constructs: something of the form tmp=*p;a_cas(p,tmp,f(tmp)); could be transformed to a_cas(p,*p,f(*p)); where the latter is intended to show multiple loads of *p whose resulting values might fail to be equal; this would break the atomicity of the whole operation. but even more fundamental breakage is possible. with the changes being made now, objects that may be modified by atomics are modeled as volatile, and the atomic operations performed on them by other threads are modeled as asynchronous stores by hardware which happens to be acting on the request of another thread. such modeling of course does not itself address memory synchronization between cores/cpus, but that aspect was already handled. this all seems less than ideal, but it's the best we can do without mandating a C11 compiler and using the C11 model for atomics. in the case of pthread_once_t, the ABI type of the underlying object is not volatile-qualified. so we are assuming that accessing the object through a volatile-qualified lvalue via casts yields volatile access semantics. the language of the C standard is somewhat unclear on this matter, but this is an assumption the linux kernel also makes, and seems to be the correct interpretation of the standard.
2015-02-09add syscall numbers for the new execveat syscallSzabolcs Nagy-4/+19
this syscall allows fexecve to be implemented without /proc, it is new in linux v3.19, added in commit 51f39a1f0cea1cacf8c787f652f26dfee9611874 (sh and microblaze do not have allocated syscall numbers yet) added a x32 fix as well: the io_setup and io_submit syscalls are no longer common with x86_64, so use the x32 specific numbers.
2015-02-07remove cruft from x86_64 syscall.hSzabolcs Nagy-23/+0
x86_64 syscall.h defined some musl internal syscall names and made them public. These defines were already moved to src/internal/syscall.h (except for SYS_fadvise which is added now) so the cruft in x86_64 syscall.h is not needed.
2015-02-01fix typo in x86_64/x32 user_fpregs_structFelix Janda-2/+2
mxcs_mask should be mxcr_mask
2015-01-30move MREMAP_MAYMOVE and MREMAP_FIXED out of bitsTrutz Behn-27/+0
the definitions are generic for all kernel archs. exposure of these macros now only occurs on the same feature test as for the function accepting them, which is believed to be more correct.
2015-01-30remove mips-only EINIT and EREMDEV errnosTrutz Behn-2/+0
the errno values are unused by the kernel and the macro definitions were never exposed by glibc.
2014-12-23add new syscall numbers for bpf and kexec_file_loadSzabolcs Nagy-0/+20
these syscalls are new in linux v3.18, bpf is present on all supported archs except sh, kexec_file_load is only allocted for x86_64 and x32 yet. bpf was added in linux commit 99c55f7d47c0dc6fc64729f37bf435abf43f4c60 kexec_file_load syscall number was allocated in commit f0895685c7fd8c938c91a9d8a6f7c11f22df58d2
2014-12-21move wint_t definition to the shared part of alltypes.h.inRich Felker-9/+0
2014-12-03add arm private syscall numbersTimo Teräs-0/+5
it is part of kernel uapi, and some programs (e.g. nodejs) do use them
2014-11-22unify non-inline version of syscall code across archsRich Felker-104/+6
except powerpc, which still lacks inline syscalls simply because nobody has written the code, these are all fallbacks used to work around a clang bug that probably does not exist in versions of clang that can compile musl. however, it's useful to have the generic non-inline code anyway, as it eases the task of porting to new archs: writing inline syscall code is now optional. this approach could also help support compilers which don't understand inline asm or lack support for the needed register constraints. mips could not be unified because it has special fixup code for broken layout of the kernel's struct stat.
2014-11-22inline 5- and 6-argument syscalls on armRich Felker-2/+15
2014-11-22remove old clang workarounds from arm syscall implementationRich Felker-31/+0
the register constraints in the non-clang case were tested to work on clang back to 3.2, and earlier versions of clang have known bugs that preclude building musl. there may be other reasons to prefer not to use inline syscalls, but if so the function-call-based implementations should be added back in a unified way for all archs.
2014-11-22fix __aeabi_read_tp oversight in arm atomics/tls overhaulRich Felker-6/+5
calls to __aeabi_read_tp may be generated by the compiler to access TLS on pre-v6 targets. previously, this function was hard-coded to call the kuser helper, which would crash on kernels with kuser helper removed. to fix the problem most efficiently, the definition of __aeabi_read_tp is moved so that it's an alias for the new __a_gettp. however, on v7+ targets, code to initialize the runtime choice of thread-pointer loading code is not even compiled, meaning that defining __aeabi_read_tp would have caused an immediate crash due to using the default implementation of __a_gettp with a HCF instruction. fortunately there is an elegant solution which reduces overall code size: putting the native thread-pointer loading instruction in the default code path for __a_gettp, so that separate default/native code paths are not needed. this function should never be called before __set_thread_area anyway, and if it is called early on pre-v6 hardware, the old behavior (crashing) is maintained. ideally __aeabi_read_tp would not be called at all on v7+ targets anyway -- in fact, prior to the overhaul, the same problem existed, but it was never caught by users building for v7+ with kuser disabled. however, it's possible for calls to __aeabi_read_tp to end up in a v7+ binary if some of the object files were built for pre-v7 targets, e.g. in the case of static libraries that were built separately, so this case needs to be handled.
2014-11-19overhaul ARM atomics/tls for performance and compatibilityRich Felker-44/+330
previously, builds for pre-armv6 targets hard-coded use of the "kuser helper" system for atomics and thread-pointer access, resulting in binaries that fail to run (crash) on systems where this functionality has been disabled (as a security/hardening measure) in the kernel. additionally, builds for armv6 hard-coded an outdated/deprecated memory barrier instruction which may require emulation (extremely slow) on future models. this overhaul replaces the behavior for all pre-armv7 builds (both of the above cases) to perform runtime detection of the appropriate mechanisms for barrier, atomic compare-and-swap, and thread pointer access. detection is based on information provided by the kernel in auxv: presence of the HWCAP_TLS bit for AT_HWCAP and the architecture version encoded in AT_PLATFORM. direct use of the instructions is preferred when possible, since probing for the existence of the kuser helper page would be difficult and would incur runtime cost. for builds targeting armv7 or later, the runtime detection code is not compiled at all, and much more efficient versions of the non-cas atomic operations are provided by using ldrex/strex directly rather than wrapping cas.
2014-11-05fix 64-bit syscall argument passing on or1kRich Felker-1/+1
the kernel syscall interface for or1k does not expect 64-bit arguments to be aligned to "even" register boundaries. this incorrect alignment broke truncate/ftruncate and as well as a few less-common syscalls.
2014-10-10add explicit barrier operation to internal atomic.h APIRich Felker-6/+33
2014-10-08add new syscall numbers for seccomp, getrandom, memfd_createSzabolcs Nagy-0/+50
these syscalls are new in linux v3.17 and present on all supported archs except sh. seccomp was added in commit 48dc92b9fc3926844257316e75ba11eb5c742b2c it has operation, flags and pointer arguments (if flags==0 then it is the same as prctl(PR_SET_SECCOMP,...)), the uapi header for flag definitions is linux/seccomp.h getrandom was added in commit c6e9d6f38894798696f23c8084ca7edbf16ee895 it provides an entropy source when open("/dev/urandom",..) would fail, the uapi header for flags is linux/random.h memfd_create was added in commit 9183df25fe7b194563db3fec6dc3202a5855839c it allows anon mmap to have an fd, that can be shared, sealed and needs no mount point, the uapi header for flags is linux/memfd.h
2014-09-11fix C++ incompatibility in i386 definition of max_align_tRich Felker-0/+4
the C11 _Alignas keyword is not present in C++, and despite it being in the reserved namespace and thus reasonable to support even in non-C11 modes, compilers seem to fail to support it.
2014-09-06add threads.h and needed per-arch types for mtx_t and cnd_tRich Felker-0/+18
based on patch by Jens Gustedt. mtx_t and cnd_t are defined in such a way that they are formally "compatible types" with pthread_mutex_t and pthread_cond_t, respectively, when accessed from a different translation unit. this makes it possible to implement the C11 functions using the pthread functions (which will dereference them with the pthread types) without having to use the same types, which would necessitate either namespace violations (exposing pthread type names in threads.h) or incompatible changes to the C++ name mangling ABI for the pthread types. for the rest of the types, things are much simpler; using identical types is possible without any namespace considerations.
2014-08-25fix build error on arm due to new a_spin codeRich Felker-1/+1
this was broken by commit ea818ea8340c13742a4f41e6077f732291aea4bc.
2014-08-25add working a_spin() atomic for non-x86 targetsRich Felker-0/+6
conceptually, a_spin needs to be at least a compiler barrier, so the compiler will not optimize out loops (and the load on each iteration) while spinning. it should also be a memory barrier, or the spinning thread might keep spinning without noticing stores from other threads, thus delaying for longer than it should. ideally, an optimal a_spin implementation that avoids unnecessary cache/memory contention should be chosen for each arch, but for now, the easiest thing is to perform a useless a_cas on the calling thread's stack.
2014-08-20add max_align_t definition for C11 and C++11Rich Felker-0/+18
unfortunately this needs to be able to vary by arch, because of a huge mess GCC made: the GCC definition, which became the ABI, depends on quirks in GCC's definition of __alignof__, which does not match the formal alignment of the type. GCC's __alignof__ unexpectedly exposes the an implementation detail, its "preferred alignment" for the type, rather than the formal/ABI alignment of the type, which it only actually uses in structures. on most archs the two values are the same, but on some (at least i386) the preferred alignment is greater than the ABI alignment. I considered using _Alignas(8) unconditionally, but on at least one arch (or1k), the alignment of max_align_t with GCC's definition is only 4 (even the "preferred alignment" for these types is only 4).
2014-08-17make pointers used in robust list volatileRich Felker-9/+9
when manipulating the robust list, the order of stores matters, because the code may be asynchronously interrupted by a fatal signal and the kernel will then access the robust list in what is essentially an async-signal context. previously, aliasing considerations made it seem unlikely that a compiler could reorder the stores, but proving that they could not be reordered incorrectly would have been extremely difficult. instead I've opted to make all the pointers used as part of the robust list, including those in the robust list head and in the individual mutexes, volatile. in addition, the format of the robust list has been changed to point back to the head at the end, rather than ending with a null pointer. this is to match the documented kernel robust list ABI. the null pointer, which was previously used, only worked because faults during access terminate the robust list processing.
2014-07-30fix broken offset argument to the mmap2 syscall on or1kRich Felker-0/+2
for or1k, the kernel expects the offset passed to mmap2 in units of the 8k page size, not the standard unit of 4k used on most other archs.
2014-07-30provide PAGE_SIZE as a constant value of 8192 on or1kRich Felker-0/+1
according to Stefan Kristiansson, or1k page size is not actually variable and the value of 8192 is part of the ABI.
2014-07-29fix terminal control ioctl constants for shRich Felker-4/+8
this commit changes the names to match the kernel names, exposing under the normal names the "old" versions which work with a smaller termios structure compatible with the userspace structure, and renaming the "new" versions with "2" on the end like the kernel has. this fixes spurious warnings "Unsupported ioctl: cmd=0x802c542a" from qemu-sh4 and should be more correct anyway, since our userspace termios structure does not have meaningful information in the part which the kernel would be interpreting as speeds with the new ioctl.
2014-07-27remove unused a_cas_l from or1k atomic.hRich Felker-5/+0
this follows the same logic as in the previous commit for other archs.
2014-07-27clean up unused and inconsistent atomics in arch dirsRich Felker-100/+0
the a_cas_l, a_swap_l, a_swap_p, and a_store_l operations were probably used a long time ago when only i386 and x86_64 were supported. as other archs were added, support for them was inconsistent, and they are obviously not in use at present. having them around potentially confuses readers working on new ports, and the type-punning hacks and inconsistent use of types in their definitions is not a style I wish to perpetuate in the source tree, so removing them seems appropriate.
2014-07-27fix insufficient synchronization in sh atomic asmRich Felker-1/+2
while other usage I've seen only has the synco instruction after the atomic operation, I cannot find any documentation indicating that this is correct. certainly all stores before the atomic need to have been synchronized before the atomic operation takes place.
2014-07-20add syscall numbers for the new renameat2 syscallSzabolcs Nagy-0/+19
it's like rename but with flags eg. to allow atomic exchange of two files, introduced in linux 3.15 commit 520c8b16505236fc82daa352e6c5e73cd9870cff
2014-07-20fix regression that negated some mips syscall error returnsRich Felker-5/+5
due to what was essentially a copy and paste error, the changes made in commit f61be1f875a2758509d6e9e2cf6f1d9603b28b65 caused syscalls with 5 or 6 arguments (and syscalls with 2, 3, or 4 arguments when compiled with clang compatibility) to negate the returned error code a second time, breaking errno reporting.
2014-07-19fix mips struct stat dev_t members for big endianRich Felker-20/+81
the mips version of this structure on the kernel side wrongly has 32-bit type rather than 64-bit type. fortunately there is adjacent padding to bring it up to 64 bits, and on little-endian, this allows us to treat the adjacent kernel st_dev and st_pad0[0] as as single 64-bit dev_t. however, on big endian, such treatment results in the upper and lower 32-bit parts of the dev_t value being swapped. for the purpose of just comparing st_dev values this did not break anything, but it precluded actually processing the device numbers as major/minor values. since the broken kernel behavior that needs to be worked around is isolated to one arch, I put the workarounds in syscall_arch.h rather than adding a stat fixup path in the common code. on little endian mips, the added code optimizes out completely. the changes necessary were incompatible with the way the __asm_syscall macro was factored so I just removed it and flattened the individual __syscallN functions. this arguably makes the code easier to read and understand, anyway.
2014-07-19fix or1k atomic storeRich Felker-1/+1
at the very least, a compiler barrier is required no matter what, and that was missing. current or1k implementations have strong ordering, but this is not guaranteed as part of the ISA, so some sort of synchronizing operation is necessary. in principle we should use l.msync, but due to misinterpretation of the spec, it was wrongly treated as an optional instruction and is not supported by some implementations. if future kernels trap it and treat it as a nop (rather than illegal instruction) when the hardware/emulator does not support it, we could consider using it. in the absence of l.msync support, the l.lwa/l.swa instructions, which are specified to have a built-in l.msync, need to be used. the easiest way to use them to implement atomic store is to perform an atomic swap and throw away the result. using compare-and-swap would be lighter, and would probably be sufficient for all actual usage cases, but checking this is difficult and error-prone: with store implemented in terms of swap, it's guaranteed that, when another atomic operation is performed at the same time as the store, either the result of the store followed by the other operation, or just the store (clobbering the other operation's result) is seen. if store were implemented in terms of cas, there are cases where this invariant would fail to hold, and we would need detailed rules for the situations in which the store operation is well-defined.
2014-07-19fix missing barriers in powerpc atomic storeRich Felker-1/+5
2014-07-19fix microblaze atomic storeRich Felker-1/+3
as far as I can tell, microblaze is strongly ordered, but this does not seem to be well-documented and the assumption may need revisiting. even with strong ordering, however, a volatile C assignment is not sufficient to implement atomic store, since it does not preclude reordering by the compiler with respect to non-volatile stores and loads. simply flanking a C store with empty volatile asm blocks with memory clobbers would achieve the desired result, but is likely to result in worse code generation, since the address and value for the store may need to be spilled. actually writing the store in asm, so that there's only one asm block, should give optimal code generation while satisfying the requirement for having a compiler barrier.
2014-07-19fix missing barrier instructions in powerpc atomic asmRich Felker-1/+4
2014-07-19fix missing barrier instructions in mips atomic asmRich Felker-14/+18
previously I had wrongly assumed the ll/sc instructions also provided memory synchronization; apparently they do not. this commit adds sync instructions before and after each atomic operation and changes the atomic store to simply use sync before and after a plain store, rather than a useless compare-and-swap.
2014-07-19use memory constraints for mips atomic asmRich Felker-24/+24
despite lacking the semantic content that the asm accesses the pointed-to object rather than just using its address as a value, the mips asm was not actually broken. the asm blocks were declared volatile, meaning that the compiler must treat them as having unknown side effects. however changing the asm to use memory constraints is desirable not just from a semantic correctness and consistency standpoint, but also produces better code. the compiler is able to use base/offset addressing expressions for the atomic object's address rather than having to load the address into a single register. this improves access to global locks in static libc, and access to non-zero-offset atomic fields in synchronization primitives, etc.
2014-07-19fix build breakage from ppc asm constraints changeRich Felker-3/+3
due to a mistake in my testing procedure, the changes in the previous commit were not correctly tested and wrongly assumed to be valid. the lwarx and stwcx. instructions do not accept general ppc memory address expressions and thus the argument associated with the memory constraint cannot be used directly. instead, the memory constraint can be left as an argument that the asm does not actually use, and the address can be provided in a separate register constraint.
2014-07-19remove cruft from microblaze atomic.hRich Felker-13/+0
2014-07-19fix broken constraints for powerpc atomic cas asmRich Felker-1/+1
the register constraint for the address to be accessed did not convey that the asm can access the pointed-to object. as far as the compiler could tell, the result of the asm was just a pure function of the address and the values passed in, and thus the asm could be hoisted out of loops or omitted entirely if the result was not used.
2014-07-18fix microblaze definition of struct statRich Felker-3/+2
the erroneous definition was missed because with works with qemu user-level emulation, which also has the wrong definition. the actual kernel uses the asm-generic generic definition.
2014-07-18add or1k (OpenRISC 1000) architecture portStefan Kristiansson-0/+1737
With the exception of a fenv implementation, the port is fully featured. The port has been tested in or1ksim, the golden reference functional simulator for OpenRISC 1000. It passes all libc-test tests (except the math tests that requires a fenv implementation). The port assumes an or1k implementation that has support for atomic instructions (l.lwa/l.swa). Although it passes all the libc-test tests, the port is still in an experimental state, and has yet experienced very little 'real-world' use.
2014-06-30fix regression in mips dynamic linkerRich Felker-0/+1
this issue caused the address of functions in shared libraries to resolve to their PLT thunks in the main program rather than their correct addresses. it was observed causing crashes, though the mechanism of the crash was not thoroughly investigated. since the issue is very subtle, it calls for some explanation: on all well-behaved archs, GOT entries that belong to the PLT use a special relocation type, typically called JMP_SLOT, so that the dynamic linker can avoid having the jump destinations for the PLT resolve to PLT thunks themselves (they also provide a definition for the symbol, which must be used whenever the address of the function is taken so that all DSOs see the same address). however, the traditional mips PIC ABI lacked such a JMP_SLOT relocation type, presumably because, due to the way PIC works, the address of the PLT thunk was never needed and could always be ignored. prior to commit adf94c19666e687a728bbf398f9a88ea4ea19996, the mips version of reloc.h contained a hack that caused all symbol lookups to be treated like JMP_SLOT, inhibiting undefined symbols from ever being used to resolve symbolic relocations. this hack goes all the way back to commit babf820180368f00742ec65b2050a82380d7c542, when the mips dynamic linker was first made usable. during the recent refactoring to eliminate arch-specific relocation processing (commit adf94c19666e687a728bbf398f9a88ea4ea19996), this hack was overlooked and no equivalent functionality was provided in the new code. fixing the problem is not as simple as adding back an equivalent hack, since there is now also a "non-PIC ABI" that can be used for the main executable, which actually does use a PLT. the closest thing to official documentation I could find for this ABI is nonpic.txt, attached to Message-ID: 20080701202236.GA1534@caradoc.them.org, which can be found in the gcc mailing list archives and elsewhere. per this document, undefined symbols corresponding to PLT thunks have the STO_MIPS_PLT bit set in the symbol's st_other field. thus, I have added an arch-specific rule for mips, applied at the find_sym level rather than the relocation level, to reject undefined symbols with the STO_MIPS_PLT bit clear. the previous hack of treating all mips relocations as JMP_SLOT-like, rather than rejecting the unwanted symbols in find_sym, probably also caused dlsym to wrongly return PLT thunks in place of the correct address of a function under at least some conditions. this should now be fixed, at least for global-scope symbol lookups.
2014-06-19add tlsdesc support for x86_64Rich Felker-0/+2
2014-06-19add tlsdesc support for i386Rich Felker-0/+2
2014-06-18refactor to remove arch-specific relocation code from dynamic linkerRich Felker-200/+98
this was one of the main instances of ugly code duplication: all archs use basically the same types of relocations, but roughly equivalent logic was duplicated for each arch to account for the different naming and numbering of relocation types and variation in whether REL or RELA records are used. as an added bonus, both REL and RELA are now supported on all archs, regardless of which is used by the standard toolchain.
2014-06-17fix powerpc dynamic linker thread-pointer-relative relocationsRich Felker-3/+3
processing of R_PPC_TPREL32 was ignoring the addend provided by the RELA-style relocation and instead using the inline value as the addend. this presumably broke dynamic-linked access to initial TLS in cases where the addend was nonzero.
2014-06-17multiple fixes to sh (superh) dynamic linker relocationsRich Felker-10/+8
the following issues are fixed: - R_SH_REL32 was adding the load address of the module being relocated to the result. this seems to have been a mistake in the original port, since it does not match other dynamic linker implementations and since adding a difference between two addresses (the symbol value and the relocation address) to a load address does not make sense. - R_SH_TLS_DTPMOD32 was wrongly accepting an inline addend (i.e. using += rather than = on *reloc_addr) which makes no sense; addition is not an operation that's defined on module ids. - R_SH_TLS_DTPOFF32 and R_SH_TLS_TPOFF32 were wrongly using inline addends rather than the RELA-provided addends. in addition, handling of R_SH_GLOB_DAT, R_SH_JMP_SLOT, and R_SH_DIR32 are merged to all honor the addend. the first two should not need it for correct usage generated by toolchains, but other dynamic linkers allow addends here, and it simplifies the code anyway. these issues were spotted while reviewing the code for the purpose of refactoring this part of the dynamic linker. no testing was performed.
2014-06-16dynamic linker: permit error returns from arch-specific reloc functionRich Felker-8/+16
the immediate motivation is supporting TLSDESC relocations which require allocation and thus may fail (unless we pre-allocate), but this mechanism should also be used for throwing an error on unsupported or invalid relocation types, and perhaps in certain cases, for reporting when a relocation is not satisfiable.