The _REENT_GLOBAL_STDIO_STREAMS was introduced by commit
668a4c8722090fffd10869dbb15b879651c1370d in 2017. Since then it was enabled by
default for RTEMS. Recently, the option was enabled for Cygwin which
previously used an alternative implementation to use global stdio streams.
In Newlib, the stdio streams are defined to thread-specific pointers
_reent::_stdin, _reent::_stdout and _reent::_stderr. If the option is disabled
(the default for most systems), then these pointers are initialized to
thread-specific FILE objects which use file descriptors 0, 1, and 2,
respectively. There are at least three problems with this:
(1) The thread-specific FILE objects are closed by _reclaim_reent(). This
leads to problems with language run-time libraries that provide wrappers to
the C/POSIX stdio streams (for example C++ and Ada), since they use the
thread-specific FILE objects of the initialization thread. In case the
initialization thread is deleted, then they use freed memory.
(2) Since thread-specific FILE objects are used with a common output device via
file descriptors 0, 1 and 2, the locking at FILE object level cannot ensure
atomicity of the output, e.g. a call to printf().
(3) There are resource managment issues, see:
https://sourceware.org/pipermail/newlib/2022/019558.htmlhttps://bugs.linaro.org/show_bug.cgi?id=5841
This patch enables the _REENT_GLOBAL_STDIO_STREAMS behaviour for all Newlib
configurations and removes the option. This removes a couple of #ifdef blocks.
For _REENT_GLOBAL_STDIO_STREAMS, lock/unlock all FILE objects. In the
repository, this function is only used by Cygwin during process forks. Since
Cygwin enabled _REENT_GLOBAL_STDIO_STREAMS recently, without this fix no FILE
object at all was locked.
Do not initialize __sglue with the FILE objects of _GLOBAL_REENT to avoid a
double use in the !_REENT_SMALL and !_REENT_GLOBAL_STDIO_STREAMS configurations
which didn't use a thread-specific reentrancy structure.
The __sFILE::_lock member is present if __SINGLE_THREAD__ is not defined. In
this case, it is initialized in __sfp(). It is a bug to do it sometimes also
in std().
Make sure that the stdio exit handler is set in all stdio initialization paths.
The bug was introduced by commit 26747c47bc0a1137e02e0377306d721cc3478855.
Added a new global __sglue object for all configurations.
Decouples the global file object list from the _GLOBAL_REENT
structure by using this new object instead of the __sglue member
of _GLOBAL_REENT in __sfp() and _fwalk_sglue().
Replaced _fwalk_reent() with _fwalk_sglue(). The change adds an
extra __sglue object as a parameter, which will allow the passing
of a global __sglue object separate from the __sglue member of
struct _reent. The global __sglue object will be added in a
follow-on patch.
Define the configuration-dependent constant CLEANUP_FILE for use in
cleanup_stdio(). This will reduce duplicate code during the addition
of a dedicated stdio atexit handler in a follow-on patch.
Moved last remaining __sglue initializations from __sinit() to
__sfp(). The move better encapsulates access to __sglue and
facilitates its decoupling from struct _reent in a follow-on patch.
Remove __sinit_lock_acquire() and __sinit_lock_release(). Replace these with
__sfp_lock_acquire() and __sfp_lock_release(), respectively. This eliminates a
potential deadlock issue between __sinit() and __sfp(). Remove now unused
__sinit_recursive_mutex and __lock___sinit_recursive_mutex.
Added _REENT_INIT_SGLUE and _REENT_INIT_SGLUE_ZEROED macros
to initialize __sglue member of struct _reent. This allows
further simplification of __sinit() and facilitates the removal
of __sglue as a member of struct _reent for certain configurations
in a follow-on patch.
Removed duplicate sglue initializations from __sinit(). These
are already initialized in the _REENT_INIT macro in sys/reent.h.
This simplification enables the reduction of _GLOBAL_REENT
dependency in a follow-on patch.
Removed duplicate stdio initializations from __sinit(). These
are already initialized in the _REENT_INIT macro in sys/reent.h.
This simplification enables the reduction of _GLOBAL_REENT
dependency in a follow-on patch.
This fixes a bug introduced in a previous patch (Commit 44b60f0c:
Make __sdidinit unused). Removed intitialization of __cleanup from
__smakebuf_r(). All callers of __smakebuf_r() call __sinit()
through the_CHECK_INIT macro, thus __cleanup is already
initialized. This fix also allows _cleanup_r() to be made static.
Changed its name to cleanup_stdio() and removed its declaration
from local.h.
Rename __sfmoreglue() in sfmoreglue() and make it static. This function is
only used by __sfp() in the same translation unit.
Remove use of register keyword.
Remove dependency on __sdidinit member of struct _reent to check
object initialization. Like __sdidinit, the __cleanup member of
struct _reent is initialized in the __sinit() function. Checking
initialization against __cleanup serves the same purpose and will
reduce overhead in the __sfp() function in a follow up patch.
This edits licenses held by Berkeley and NetBSD, both of which
have removed the advertising requirement from their licenses.
Signed-off-by: Keith Packard <keithp@keithp.com>
In Newlib, the stdio streams are defined to thread-specific pointers
_reent::_stdin, _reent::_stdout and _reent::_stderr. In case
_REENT_SMALL is not defined, then these pointers are initialized via
_REENT_INIT_PTR() or _REENT_INIT_PTR_ZEROED() to thread-specific FILE
objects provided via _reent::__sf[3]. There are two problems with this
(at least in case of RTEMS).
(1) The thread-specific FILE objects are closed by _reclaim_reent().
This leads to problems with language run-time libraries that provide
wrappers to the C/POSIX stdio streams (e.g. C++ and Ada), since they
use the thread-specific FILE objects of the initialization thread. In
case the initialization thread is deleted, then they use freed memory.
(2) Since thread-specific FILE objects are used with a common output
device via file descriptors 0, 1 and 2, the locking at FILE object level
cannot ensure atomicity of the output, e.g. a call to printf().
Introduce a new Newlib configuration option _REENT_GLOBAL_STDIO_STREAMS
to enable the use of global stdio FILE objects.
As a side-effect this reduces the size of struct _reent by more than
50%.
The _REENT_GLOBAL_STDIO_STREAMS should not be used without
_STDIO_CLOSE_PER_REENT_STD_STREAMS.
Signed-off-by: Sebastian Huber <sebastian.huber@embedded-brains.de>
In preparation for the patch that would allow retargeting of locking
routines, rename all lock objects to follow this pattern:
"__<name>_[recursive_]mutex".
Following locks were renamed:
__dd_hash_lock -> __dd_hash_mutex
__sfp_lock -> __sfp_recursive_mutex
__sinit_lock -> __sinit_recursive_mutex
__atexit_lock -> __atexit_recursive_mutex
_arc4random_mutex -> __arc4random_mutex
__env_lock_object -> __env_recursive_mutex
__malloc_lock_object -> __malloc_recursive_mutex
__atexit_mutex -> __at_quick_exit_mutex
__tz_lock_object -> __tz_mutex
semantics from POSIX to BSD.
* libc/stdio/fclose.c (_fclose_r): Conditionalize file flushing on
_STDIO_BSD_SEMANTICS. Call __sflush_r rather than _fflush_r. Add
comment.
* libc/stdio/fflush.c (__sflushw_r): New function, only available
if _STDIO_BSD_SEMANTICS is defined.
* libc/stdio/findfp.c (_cleanup_r): Call _fwalk_reent rather than
_fwalk. Conditionalize cleanup function call on _STDIO_BSD_SEMANTICS.
Add comments. Add FIXME.
* libc/stdio/local.h (__sflushw_r): Declare if _STDIO_BSD_SEMANTICS is
defined.
secure stream related critical section against thread cancellation.
(_newlib_flockfile_exit): Ditto.
(_newlib_sfp_lock_end): Ditto.
(_newlib_sfp_lock_start): Ditto for the list of streams.
(_newlib_sfp_lock_exit): Ditto.
(_newlib_sfp_lock_end): Ditto.
Use aforementioned macros in place of _flockfile/_funlockfile
and __sfp_lock_acquire/__sfp_lock_release throughout the code.
* libc/stdio/fclose.c: Explicitely disable and re-enable thread
cancellation. Explain why.
* libc/stdio/freopen.c: Ditto.
* libc/stdio64/freopen64.c: Ditto.
* libc/stdio/findfp.c (__sinit): Open stderr read/write.
* libc/stdio/fdopen.c (_fdopen_r): Set O_APPEND on fd when
requested.
* libc/stdio64/fdopen64.c (_fdopen64_r): Likewise.
* libc/stdio/findfp.c (__sinit): Protect with new lock.
(__sinit_lock): New lock.
(__sinit_lock_acquire, __sinit_lock_release): New functions.
* libc/stdio/local.h: Add reference to new __sinit locking
functions.
* libc/include/sys/_types.h: Include <sys/lock.h> and change
_flock_t to be of type _LOCK_RECURSIVE_T.
* libc/include/sys/reent.h: (_REENT_INIT): Reformat.
(_REENT_INIT_PTR): Ditto. Use memset where appropriate.
(_global_impure_ptr): New declaration.
(_GLOBAL_REENT): Change to be _global_impure_ptr.
* libc/include/sys/stdio.h: Include <sys/lock.h> and
<sys/reent.h>.
(_flockfile)[!_SINGLE_THREAD]: Add code for lock call.
(_funlockfile)[!SINGLE_THREAD]: Ditto.
* libc/reent/impure.c: Set _global_impure_ptr to _impure_ptr.
* libc/stdio/fclose.c: Remove casting of fp lock to
_LOCK_RECURSIVE_T.
* libc/stdio/findfp.c: Ditto.
* libc/stdio/fopen.c: Ditto.
* libc/stdio/freopen.c: Ditto.
* libc/stdio/vfprintf.c: Ditto.
* libc/stdio64/fopen64.c: Ditto.
* libc/stdlib/envlock.c: Add default stubs that use generic
locking code.
* libc/stdlib/mlock.c: Ditto.
Jeff Johnston <jjohnstn@redhat.com>
* libc/sys/linux/sys/_types.h (__flock_mutex_t): New subtype.
(_flock_t): Change to be a struct containing a single member
named mutex which is of type __flock_mutex_t.
