The overflow check in mEMALIGn erroneously checks for INT_MAX,
albeit the input parameter is size_t. Fix this to check for
__SIZE_MAX__ instead. Also, it misses to check the req against
adding the alignment before calling mALLOc.
While at it, add out-of-bounds checks to pvALLOc, nano_memalign,
nano_valloc, and Cygwin's (unused) dlpvalloc.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
The MSP430 target supports both 16-bit and 20-bit size_t and intptr_t.
Some implicit casts in Newlib expect these types to be
"long", (a 32-bit type on MSP430) which causes warnings during
compilation such as:
"cast from pointer to integer of different size"
commit 588a5e1dde added a non-reentrant
call to nano_malloc which causes a build failure if INTERNAL_NEWLIB is
defined.
Here is a snippet of the error:
In file included from .../newlib/newlib/libc/stdlib/nano-mallocr.c:38:
.../newlib/newlib/libc/include/malloc.h:42:25: note: expected 'struct _reent *' but argument is of type 'ptrdiff_t' {aka 'int'}
42 | extern void *_malloc_r (struct _reent *, size_t);
| ^~~~~~~~~~~~~~~
.../newlib/newlib/libc/stdlib/nano-mallocr.c:67:22: error: too few arguments to function '_malloc_r'
67 | #define nano_malloc _malloc_r
| ^~~~~~~~~
.../newlib/newlib/libc/stdlib/nano-mallocr.c:456:11: note: in expansion of macro 'nano_malloc'
456 | mem = nano_malloc(bytes);
| ^~~~~~~~~~~
In file included from .../newlib/newlib/libc/stdlib/nano-mallocr.c:38:
.../newlib/newlib/libc/include/malloc.h:42:14: note: declared here
42 | extern void *_malloc_r (struct _reent *, size_t);
| ^~~~~~~~~
.../newlib/newlib/libc/stdlib/nano-mallocr.c:43: warning: "assert" redefined
43 | #define assert(x) ((void)0)
|
This patch adds a missing RCALL to the args when calling nano_malloc
from nano_calloc, so that if the call is reentrant, reent_ptr is passed
as the first argument.
The variable `bytes` (also added in 588a5e1d) has been changed from a
`ptrdiff_t` to `malloc_size_t` as it does not need to be signed. It is
used to store the product of two unsigned malloc_size_t variables and
then iff there was no overflow is it passed to malloc and memset which
both expect size_t which is unsigned.
Signed-off-by: Craig Blackmore <craig.blackmore@embecosm.com>
This built-in function (available in both gcc and clang) is more
efficient and generates shorter code than open-coding the test.
Signed-off-by: Keith Packard <keithp@keithp.com>
The original implementation had multiple issues:
- Only worked when posix_memalign was available (Linux, RTEMS).
- Violated C11 link namespace rules by calling posix_memalign.
- Failed to set errno on error.
These can be fixed by essentially using the same implementation
for aligned_alloc as for memalign, i.e. simply calling _memalign_r
(which is always available and a "more reserved name" although
technically still not in the reserved link namespace, at least
code written in c cannot define a colliding symbol, newlib has
plenty such namespace issues so this is fine).
It is not clear what the right policy is when MALLOC_PROVIDED is set,
currently that does not cover aligned_alloc so it is kept that way.
Tested on aarch64-none-elf
This edits licenses held by Berkeley and NetBSD, both of which
have removed the advertising requirement from their licenses.
Signed-off-by: Keith Packard <keithp@keithp.com>
In the two helper functions that _dcvt calls for 'f' and 'e' mode, if
there are no digits to display after the decimal point, don't add one.
Signed-off-by: Keith Packard <keithp@keithp.com>
Leading zeros after the decimal point should not count
towards the 'ndigits' limit.
This makes gcvt match glibc and the posix gcvt man page.
Signed-off-by: Keith Packard <keithp@keithp.com>
Even if the number is really small and this means showing *no* digits.
This makes newlib match glibc, and the fcvt posix man page.
Signed-off-by: Keith Packard <keithp@keithp.com>
- add new eBalloc macro to mprec.h which calls Balloc and
aborts if Balloc fails due to out of memory
- change mprec.c functions that use Balloc without checking to use eBalloc instead
- fix dtoa.c to use eBalloc
Commit fbace81684
("Import correctly working strtold from David M. Gay.")
introduced two new files, strtorx.c and strtodg.c. The functions
are only called from strtold.c. However, while strtold.c is only
built if HAVE_LONG_DOUBLE is defined, the patch erroneously added
the two new files to GENERAL_SOURCES unconditionally.
Fix this by building both files only if HAVE_LONG_DOUBLE has been
defined.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
Commit 6c212a8b78
("Fix strtod ("nan") and strtold ("nan") returns wrong negative NaN")
introduced an unconditional dependency to nanl and, in turn, to libm.
Rather than including nanl in libc as well, just call __builtin_nanl
from here. Requires GCC 3.3 or later.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
The string/float conversion functions need to get the locale decimal
point. Instead of calling __localeconv_l (which copies locale data
into lconv form from __get_numeric_locale), use __get_numeric_locale
directly.
Signed-off-by: Keith Packard <keithp@keithp.com>
strtof ("-nan") returned positive NaN instead of negative NaN.
strtod ("-nan") and strtold ("-nan") return negative NaN.
Linux glibc has been fixed
that strto{f|d|ld} ("-nan") returns negative NaN.
https://sourceware.org/bugzilla/show_bug.cgi?id=23007
This commit makes strtof preserves the negative sign bit
when parsing "-nan" like glibc.
By previous commit, strto{d|ld} ("nan")
does not use the definition of NaN.
There is no other function that uses the definitions.
This commit remove the definitions.
The definition of qNaN for x86_64 and i386 was wrong.
strto{d|ld} ("nan") returned wrong negative NaN
instead of correct positive NaN
since it used the wrong definition.
On the other hand, strtof ("nan") returns correct positive NaN
since it uses nanf ("") instead of the wrong definition.
This commit makes strto{d|ld} ("nan") uses {nan|nanl} ("")
like strtof ("nan") using.
So strto{d|ld} ("nan") returns positive NaN.
Previously, "test 1 2 3 -a -b -c" was permuted to "test -a -b -c 1 2 3",
but "test 1 2 3 -abc" was left as "test 1 2 3 -abc".
Signed-off-by: Thomas Kindler <mail+newlib@t-kindler.de>
- when calculating a correction to align next brk to page boundary,
ensure that the correction is less than a page size
- if allocating the correction fails, ensure that the top size is
set to brk + sbrk_size (minus any front alignment made)
Signed-off-by: Jeff Johnston <jjohnstn@redhat.com>
- From: Cesar Philippidis <cesar@codesourcery.com>
Date: Tue, 10 Apr 2018 14:43:42 -0700
Subject: [PATCH] nvptx port
This port adds support for Nvidia GPU's, which are primarily used as
offload accelerators in OpenACC and OpenMP.
The gdtoa implementation uses the type long, defined as Long, in lots
of code. For historical reason newlib defines Long as int32_t instead.
This works fine, as long as floating point exceptions are not enabled.
The conversion to 32 bit int can lead to a FE_INVALID situation.
Example:
const char *str = "121645100408832000.0";
char *ptr;
feenableexcept (FE_INVALID);
strtod (str, &ptr);
This leads to the following situation in strtod
double aadj;
Long L;
[...]
L = (Long)aadj;
For instance, on x86_64 the code here is
cvttsd2si %xmm0,%eax
At this point, aadj is 2529648000.0 in our example. The conversion to
32 bit %eax results in a negative int value, thus the conversion is
invalid. With feenableexcept (FE_INVALID), a SIGFPE is raised.
Fix this by always using 64 bit ints here if double is not a 32 bit type
to avoid this type of FP exceptions.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
This patch fixes a syntax error in exit.c that was introduced during the
ANSI-fication of newlib. The patch fixes a compile-time issue that arises when
newlib is configured with the --enable-lite-exit feature.
Discard QUICKREF sections, rather than writing them to stderr
Discard MATHREF sections, rather than discarding as an error
Pass NOTES sections through to texinfo, rather than discarding as an error
Don't redirect makedoc stderr to .ref file
Remove makedoc output on error
Remove .ref files from CLEANFILES
Regenerate Makefile.ins
Signed-off-by: Jon Turney <jon.turney@dronecode.org.uk>
The variable doesn't follow the convention of having the same name as
the function it's bundled with. Furthermore, it clashes with the
variable of the same name in newlib/libc/stdlib/calloc.c.
Signed-off-by: Florian Schmidt <florian.schmidt@neclab.eu>
Some architectures like ARM encode the short enum option state in the
object file and the linker checks that this option is consistent for all
objects of an executable. In case applications use -fno-short-enums,
then this leads to linker warnings. Use the enum __packed attribute for
the relevent enums to avoid the -fshort-enums compiler option. This
attribute is at least available on GCC, LLVM/clang and the Intel
compiler.
Signed-off-by: Sebastian Huber <sebastian.huber@embedded-brains.de>
Newlib build system defines __SINGLE_THREAD__ to allow concurrency code
to be only compiled when newlib is configured for multithread. One such
example are locks which become useless in single thread mode. Although
most static locks are indeed guarded by !defined(__SINGLE_THREAD__),
some are not.
This commit adds these missing guards to __dd_hash_mutex,
__atexit_recursive_mutex, __at_quick_exit_mutex and __arc4random_mutex.
It also makes sure locking macros in lock.h are noop in single thread
mode.
In preparation for the patch that would allow retargeting of locking
routines, rename all lock objects to follow this pattern:
"__<name>_[recursive_]mutex".
Following locks were renamed:
__dd_hash_lock -> __dd_hash_mutex
__sfp_lock -> __sfp_recursive_mutex
__sinit_lock -> __sinit_recursive_mutex
__atexit_lock -> __atexit_recursive_mutex
_arc4random_mutex -> __arc4random_mutex
__env_lock_object -> __env_recursive_mutex
__malloc_lock_object -> __malloc_recursive_mutex
__atexit_mutex -> __at_quick_exit_mutex
__tz_lock_object -> __tz_mutex
Hi,
With the patch to allow newlib's locking routine to be retargeted currently
under discussion, we need to start thinking of locks as part of newlib's ABI
since newlib depends on specific names being provided by the OS. This patch
renames 2 locks so that they follow the same naming convention as other locks.
It needs to be applied before the retargeting patch, while locks are still an
internal consideration.
Newlib builds successfully with this change.
Ok for master branch?
Best regards,
Thomas
This patch adds further comments to nano-mallocr.c, to more comprehensively
explain how padding works in the malloc_chunk structure.
It was originally discussed in the following thread:
https://sourceware.org/ml/newlib/2017/msg00031.html
2017-01-13 Joe Seymour <joe.s@somniumtech.com>
newlib/
* libc/stdlib/nano-mallocr.c (malloc_chunk, get_chunk_from_ptr)
(nano_malloc): Add comments.
As described in nano-mallocr.c, chunks of heap are represented in memory
as a size (of type long), followed by some optional padding containing a
negative offset to size, followed by the data area.
get_chunk_from_ptr is responsible for taking a pointer to the data area
(as returned by malloc) and finding the start of the chunk. It does this
by assuming there is no padding and trying to read the size, if the size
is negative then it uses that as an offset to find the true size.
Crucially, it reads the padding area as a long.
nano_malloc is responsible for populating the optional padding area. It
does so by casting a pointer to an (int *) and writing the negative
offset into it.
This means that padding is being written as an int but read as a long.
On msp430 an int is 2 bytes, while a long is 4 bytes. This means that 2
bytes are written to the padding, but 4 bytes are read from it: it has
only been partially initialised.
nano_malloc is the default malloc implementation for msp430.
This patch changes the cast from (int *) to (long *). The change to
nano_malloc has has been observed to fix a TI Energia project that
had been malfunctioning because malloc was returning invalid addresses.
The change to nano_memalign is based entirely on code inspection.
I've built and tested as follows:
Configured (gcc+newlib) with: --target=msp430-elf --enable-languages=c
gcc testsuite variations:
msp430-sim/-mcpu=msp430
msp430-sim/-mcpu=msp430x
msp430-sim/-mcpu=msp430x/-mlarge/-mdata-region=either/-mcode-region=either
msp430-sim/-mhwmult=none
msp430-sim/-mhwmult=f5series
My testing has shown no regressions, however I don't know if the gcc
testsuite provides sufficient coverage for this patch?
I don't have write access, so if this patch is acceptable after review,
I would appreciate it if someone would commit it for me.
Thanks,
2017-01-XX Joe Seymour <joe.s@somniumtech.com>
newlib/
* libc/stdlib/nano-mallocr.c (nano_malloc): Fix incorrect cast.
(nano_memalign): Likewise.
* libc/stdlib/strtod.c (strtof_l): Set errno to ERANGE when double to
float conversion results in infinity.
(strtof): Likewise.
* libc/stdlib/wcstod.c (wcstof_l): Likewise.
(wcstof): Likewise.
make pdf on arm-none-eabi targets fails to build after the reorganization in
baf0c9fcb5 to fold is*_l documentation in their
is* counterpart. This is due two issues:
1) newlib/libc/ctype/ctype.tex still including the def file for the long versions
2) missing angle brackets in .c files for some of is*_l functions
This patch fixes the issues and allows make pdf to succeeds.
- Remove charset parameter from low level __foo_wctomb/__foo_mbtowc calls.
- Instead, create array of function for ISO and Windows codepages to point
to function which does not require to evaluate the charset string on
each call. Create matching helper functions. I.e., __iso_wctomb,
__iso_mbtowc, __cp_wctomb and __cp_mbtowc are functions returning the
right function pointer now.
- Create __WCTOMB/__MBTOWC macros utilizing per-reent locale and replace
calls to __wctomb/__mbtowc with calls to __WCTOMB/__MBTOWC.
- Drop global __wctomb/__mbtowc vars.
- Utilize aforementioned changes in Cygwin to get rid of charset in other,
calling functions and simplify the code.
- In Cygwin restrict global cygheap locale info to the job performed
by internal_setlocale. Use UTF-8 instead of ASCII on the fly in
internal conversion functions.
- In Cygwin dll_entry, make sure to initialize a TLS area with a NULL
_REENT->_locale pointer. Add comment to explain why.
Signed-off by: Corinna Vinschen <corinna@vinschen.de>
Newlib defines defaults for internal types via <sys/_types.h> and uses
<machine/_types.h> to let targets define their own type if necessary.
Previously for example
#ifndef __dev_t_defined
typedef short __dev_t;
#endif
However, the __*_t_defined pattern conflicts with the glibc type guard
pattern for user types, e.g. dev_t in this example. Introduce a
__machine_*_t_defined pattern for internal types (defined by
<machine/_types.h>, used by <sys/_types.h>). For example
#ifndef __machine_dev_t_defined
typedef short __dev_t;
#endif
Signed-off-by: Sebastian Huber <sebastian.huber@embedded-brains.de>
Intel MCU System V ABI are incompartible with i386 System V ABI:
o Minimum instruction set is Intel Pentium ISA minus x87 instructions
o No x87 or vector registers
o First three args are passed in %eax, %edx and %ecx
o Full specification available here:
https://github.com/hjl-tools/x86-psABI/wiki/iamcu-psABI-0.7.pdf
newlib/
* configure.host: Add new ix86-*-elfiamcu target
newlib/libc/include/
* setjmp.h: Change _JBLEN for Intel MCU target
newlib/libc/machine/i386/
* memchr.S: (memchr) Target-specific size-optimized version
* memcmp.S: (memcmp) Likewise
* memcpy.S: (memcpy) Likewise
* memmove.S: (memmove) Likewise
* memset.S: (memset) Likewise
* setjmp.S: (setjmp) Likewise
* strchr.S: (strchr) Likewise
* strlen.S: (strlen) Likewise
newlib/libc/stdlib/
* srtold.c: (__flt_rounds) Disable for Intel MCU
Prototypes also added for initstate() and setstate() but they
were not implemented in the shared newlib code.
* newlib/libc/include/cygwin/stdlib.h: Prototypes added.
* winsup/cygwin/include/cygwin/stdlib.h: Prototypes removed.
* newlib/libc/stdlib/random.c: New file.
* newlib/libc/machine/epiphany/machine/stdlib.h: Removed
* newlib/libc/stdlib/Makefile.am: Added random.c.
* newlib/libc/stdlib/stdlib.tex: Added random.def.
* newlib/libc/stdlib/Makefile.in: Regenerated.
Infinity returned from strtold is recognized as NaN by GCC builtin
functions. The reason is that ULtox is missing to set a bit.
* libc/stdlib/strtorx.c (ULtox): Set high bit in second word
to create valid Infinity value.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
newlib:
* libc/stdlib/arc4random.h: Remove Cygwin-specific locking code.
Conditionalize arc4 locking. Check for _ARC4_LOCK_INIT being
undefined to fall back to default implementation.
cygwin:
* include/machine/_arc4random.h: New file.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
According to the OpenBSD man page, "A Replacement Call for Random". It
offers high quality random numbers derived from input data obtained by
the OpenBSD specific getentropy() system call which is declared in
<unistd.h> and must be implemented for each Newlib port externally. The
arc4random() functions are used for example in LibreSSL and OpenSSH.
Cygwin provides currently its own implementation of the arc4random
family. Maybe it makes sense to use this getentropy() implementation:
http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/lib/libcrypto/crypto/getentropy_win.c?rev=1.4&content-type=text/x-cvsweb-markup
* libc/include/stdlib.h (arc4random): Declare if __BSD_VISIBLE.
(arc4random_buf): Likewise.
(arc4random_uniform): Likewise.
* libc/include/sys/unistd.h (getentropy): Likewise.
* libc/include/machine/_arc4random.h: New file.
* libc/stdlib/arc4random.c: Likewise.
* libc/stdlib/arc4random.h: Likewise.
* libc/stdlib/arc4random_uniform.c: Likewise.
* libc/stdlib/chacha_private.h: Likewise.
* libc/sys/rtems/include/machine/_arc4random.h: Likewise.
* libc/stdlib/Makefile.am (EXTENDED_SOURCES): Add arc4random.c
and arc4random_uniform.c.
* libc/stdlib/Makefile.in: Regenerate.
Throughout, simplify the C99/C11 conditionals, and replace
__STRICT_ANSI__ with the proper internal POSIX macros. The _*_r
reentrant functions need not be guarded (and most haven't been) because
such names in the global scope are reserved to the implementation.
atoff is unique to newlib.
dtoa is not actually exported (_dtoa_r is used internally), is
nonstandard, and the declaration conflicts with the code included in
MySQL, NSPR, and SpiderMonkey.
mktemp was removed in POSIX.1-2001.
The qsort_r declarations are reordered so that the GNU version retains
precedence.
Signed-off-by: Yaakov Selkowitz <yselkowi@redhat.com>
Non-reentrant system calls version implies both MISSING_SYSCALL_NAMES
and REENTRANT_SYSCALL_PROVIDED macros to be defined.
Being coupled with --enable-newlib-nano-malloc knob it breaks the build:
bash-4.3$ ../newlib-2.3.0.20160104/configure CC_FOR_TARGET=gcc
AR_FOR_TARGET=ar RANLIB_FOR_TARGET=ranlib CFLAGS_FOR_TARGET="-m32
-DMISSING_SYSCALL_NAMES -DREENTRANT_SYSCALLS_PROVIDED"
--target=i386-elf --enable-newlib-nano-malloc && make
<...omitted output...>
../../../../../../newlib-2.3.0.20160104/newlib/libc/stdlib/nano-mallocr.c:
In function ‘_mallinfo_r’:
../../../../../../newlib-2.3.0.20160104/newlib/libc/stdlib/nano-mallocr.c:489:35:
error: macro "_sbrk_r" requires 2 arguments, but only 1 given
sbrk_now = _sbrk_r(RCALL 0);
^
../../../../../../newlib-2.3.0.20160104/newlib/libc/stdlib/nano-mallocr.c:489:20:
error: ‘_sbrk_r’ undeclared (first use in this function)
sbrk_now = _sbrk_r(RCALL 0);
^
../../../../../../newlib-2.3.0.20160104/newlib/libc/stdlib/nano-mallocr.c:489:20:
note: each undeclared identifier is reported only once for each
function it appears in
Makefile:1512: recipe for target 'lib_a-nano-mallinfor.o' failed
make[8]: *** [lib_a-nano-mallinfor.o] Error 1
In case of non-reentrant system calls _sbrk_r became a macro with TWO
args (defined in reent.h):
#define _sbrk_r(__reent, __incr) sbrk(__incr)
But in our case only one argument is present. (RCALL 0) is considered
as a single argument despite RCALL itself is a macro:)
So intermediate one-arg macro will be enough to expand args before
final _sbrk_r expansion:
#define _SBRK_R(X) _sbrk_r(X)
Here is a patch:
If small reent is enabled (_REENT_SMALL is defined) then malloc() was
used in __register_exitproc() even if user requested it to be disabled
(_ATEXIT_DYNAMIC_ALLOC is defined). With this fix, function fails when
_ATEXIT_DYNAMIC_ALLOC is defined and whole static storage is already
used.
2015-12-21 Freddie Chopin <freddie.chopin@gmail.com>
* libc/stdlib/__atexit.c (__register_exitproc): Fix for
_ATEXIT_DYNAMIC_ALLOC.
2015-12-21 Freddie Chopin <freddie.chopin@gmail.com>
* libc/stdlib/on_exit_args.{c,h}: New files.
* libc/stdlib/Makefile.am: Add new source file.
* libc/stdlib/Makefile.in: Regenerate.
* libc/stdlib/__atexit.c (__register_exitproc): Initialize
_on_exit_args_ptr field of _GLOBAL_ATEXIT on first run.
* libc/stdlib/on_exit.c: Force linking of static instance of
_on_exit_args.
* libc/stdlib/cxa_atexit.c: Likewise.
In some code paths the __atexit_lock held by this function was not
released when returning with an error.
* libc/stdlib/__atexit.c (__register_exitproc): Always release
lock before return.