When __SINGLE_THREAD__ is not defined, stdin, stdout and stderr needs
to have their _lock instance initialized. The __sfp() method is not
invoked for the 3 mentioned fds thus, the std() method needs to handle
the initialization of the lock.
This is more or less a revert of 382550072b49430f8c69adee937a0ba07bd385e6
Contributed by STMicroelectronics
Signed-off-by: Torbjörn SVENSSON <torbjorn.svensson@foss.st.com>
By default, Newlib uses a huge object of type struct _reent to store
thread-specific data. This object is returned by __getreent() if the
__DYNAMIC_REENT__ Newlib configuration option is defined.
The reentrancy structure contains for example errno and the standard input,
output, and error file streams. This means that if an application only uses
errno it has a dependency on the file stream support even if it does not use
it. This is an issue for lower end targets and applications which need to
qualify the software according to safety standards (for example ECSS-E-ST-40C,
ECSS-Q-ST-80C, IEC 61508, ISO 26262, DO-178, DO-330, DO-333).
If the new _REENT_THREAD_LOCAL configuration option is enabled, then struct
_reent is replaced by dedicated thread-local objects for each struct _reent
member. The thread-local objects are defined in translation units which use
the corresponding object.
Add a _REENT_CLEANUP() macro to encapsulate access to the
__cleanup member of struct reent. This will help to replace the
struct member with a thread-local storage object in a follow up
patch.
Add a _REENT_STDERR() macro to encapsulate access to the _stderr
member of struct reent. This will help to replace the struct
member with a thread-local storage object in a follow up patch.
Add a _REENT_STDOUT() macro to encapsulate access to the _stdout
member of struct reent. This will help to replace the struct
member with a thread-local storage object in a follow up patch.
Add a _REENT_STDIN() macro to encapsulate access to the _stdin
member of struct reent. This will help to replace the struct
member with a thread-local storage object in a follow up patch.
Add a _REENT_ERRNO() macro to encapsulate the access to the
_errno member of struct reent. This will help to replace the
structure member with a thread-local storage object in a follow
up patch.
Replace uses of __errno_r() with _REENT_ERRNO(). Keep __errno_r() macro for
potential users outside of Newlib.
The _REENT_GLOBAL_STDIO_STREAMS was introduced by commit
668a4c8722090fffd10869dbb15b879651c1370d in 2017. Since then it was enabled by
default for RTEMS. Recently, the option was enabled for Cygwin which
previously used an alternative implementation to use global stdio streams.
In Newlib, the stdio streams are defined to thread-specific pointers
_reent::_stdin, _reent::_stdout and _reent::_stderr. If the option is disabled
(the default for most systems), then these pointers are initialized to
thread-specific FILE objects which use file descriptors 0, 1, and 2,
respectively. There are at least three problems with this:
(1) The thread-specific FILE objects are closed by _reclaim_reent(). This
leads to problems with language run-time libraries that provide wrappers to
the C/POSIX stdio streams (for example C++ and Ada), since they use the
thread-specific FILE objects of the initialization thread. In case the
initialization thread is deleted, then they use freed memory.
(2) Since thread-specific FILE objects are used with a common output device via
file descriptors 0, 1 and 2, the locking at FILE object level cannot ensure
atomicity of the output, e.g. a call to printf().
(3) There are resource managment issues, see:
https://sourceware.org/pipermail/newlib/2022/019558.htmlhttps://bugs.linaro.org/show_bug.cgi?id=5841
This patch enables the _REENT_GLOBAL_STDIO_STREAMS behaviour for all Newlib
configurations and removes the option. This removes a couple of #ifdef blocks.
For _REENT_GLOBAL_STDIO_STREAMS, lock/unlock all FILE objects. In the
repository, this function is only used by Cygwin during process forks. Since
Cygwin enabled _REENT_GLOBAL_STDIO_STREAMS recently, without this fix no FILE
object at all was locked.
Do not initialize __sglue with the FILE objects of _GLOBAL_REENT to avoid a
double use in the !_REENT_SMALL and !_REENT_GLOBAL_STDIO_STREAMS configurations
which didn't use a thread-specific reentrancy structure.
The __sFILE::_lock member is present if __SINGLE_THREAD__ is not defined. In
this case, it is initialized in __sfp(). It is a bug to do it sometimes also
in std().
Make sure that the stdio exit handler is set in all stdio initialization paths.
The bug was introduced by commit 26747c47bc0a1137e02e0377306d721cc3478855.
Added a new global __sglue object for all configurations.
Decouples the global file object list from the _GLOBAL_REENT
structure by using this new object instead of the __sglue member
of _GLOBAL_REENT in __sfp() and _fwalk_sglue().
Replaced _fwalk_reent() with _fwalk_sglue(). The change adds an
extra __sglue object as a parameter, which will allow the passing
of a global __sglue object separate from the __sglue member of
struct _reent. The global __sglue object will be added in a
follow-on patch.
Define the configuration-dependent constant CLEANUP_FILE for use in
cleanup_stdio(). This will reduce duplicate code during the addition
of a dedicated stdio atexit handler in a follow-on patch.
Moved last remaining __sglue initializations from __sinit() to
__sfp(). The move better encapsulates access to __sglue and
facilitates its decoupling from struct _reent in a follow-on patch.
Remove __sinit_lock_acquire() and __sinit_lock_release(). Replace these with
__sfp_lock_acquire() and __sfp_lock_release(), respectively. This eliminates a
potential deadlock issue between __sinit() and __sfp(). Remove now unused
__sinit_recursive_mutex and __lock___sinit_recursive_mutex.
Added _REENT_INIT_SGLUE and _REENT_INIT_SGLUE_ZEROED macros
to initialize __sglue member of struct _reent. This allows
further simplification of __sinit() and facilitates the removal
of __sglue as a member of struct _reent for certain configurations
in a follow-on patch.
Removed duplicate sglue initializations from __sinit(). These
are already initialized in the _REENT_INIT macro in sys/reent.h.
This simplification enables the reduction of _GLOBAL_REENT
dependency in a follow-on patch.
Removed duplicate stdio initializations from __sinit(). These
are already initialized in the _REENT_INIT macro in sys/reent.h.
This simplification enables the reduction of _GLOBAL_REENT
dependency in a follow-on patch.
This fixes a bug introduced in a previous patch (Commit 44b60f0c:
Make __sdidinit unused). Removed intitialization of __cleanup from
__smakebuf_r(). All callers of __smakebuf_r() call __sinit()
through the_CHECK_INIT macro, thus __cleanup is already
initialized. This fix also allows _cleanup_r() to be made static.
Changed its name to cleanup_stdio() and removed its declaration
from local.h.
Rename __sfmoreglue() in sfmoreglue() and make it static. This function is
only used by __sfp() in the same translation unit.
Remove use of register keyword.
Remove dependency on __sdidinit member of struct _reent to check
object initialization. Like __sdidinit, the __cleanup member of
struct _reent is initialized in the __sinit() function. Checking
initialization against __cleanup serves the same purpose and will
reduce overhead in the __sfp() function in a follow up patch.
This edits licenses held by Berkeley and NetBSD, both of which
have removed the advertising requirement from their licenses.
Signed-off-by: Keith Packard <keithp@keithp.com>
In Newlib, the stdio streams are defined to thread-specific pointers
_reent::_stdin, _reent::_stdout and _reent::_stderr. In case
_REENT_SMALL is not defined, then these pointers are initialized via
_REENT_INIT_PTR() or _REENT_INIT_PTR_ZEROED() to thread-specific FILE
objects provided via _reent::__sf[3]. There are two problems with this
(at least in case of RTEMS).
(1) The thread-specific FILE objects are closed by _reclaim_reent().
This leads to problems with language run-time libraries that provide
wrappers to the C/POSIX stdio streams (e.g. C++ and Ada), since they
use the thread-specific FILE objects of the initialization thread. In
case the initialization thread is deleted, then they use freed memory.
(2) Since thread-specific FILE objects are used with a common output
device via file descriptors 0, 1 and 2, the locking at FILE object level
cannot ensure atomicity of the output, e.g. a call to printf().
Introduce a new Newlib configuration option _REENT_GLOBAL_STDIO_STREAMS
to enable the use of global stdio FILE objects.
As a side-effect this reduces the size of struct _reent by more than
50%.
The _REENT_GLOBAL_STDIO_STREAMS should not be used without
_STDIO_CLOSE_PER_REENT_STD_STREAMS.
Signed-off-by: Sebastian Huber <sebastian.huber@embedded-brains.de>
In preparation for the patch that would allow retargeting of locking
routines, rename all lock objects to follow this pattern:
"__<name>_[recursive_]mutex".
Following locks were renamed:
__dd_hash_lock -> __dd_hash_mutex
__sfp_lock -> __sfp_recursive_mutex
__sinit_lock -> __sinit_recursive_mutex
__atexit_lock -> __atexit_recursive_mutex
_arc4random_mutex -> __arc4random_mutex
__env_lock_object -> __env_recursive_mutex
__malloc_lock_object -> __malloc_recursive_mutex
__atexit_mutex -> __at_quick_exit_mutex
__tz_lock_object -> __tz_mutex
semantics from POSIX to BSD.
* libc/stdio/fclose.c (_fclose_r): Conditionalize file flushing on
_STDIO_BSD_SEMANTICS. Call __sflush_r rather than _fflush_r. Add
comment.
* libc/stdio/fflush.c (__sflushw_r): New function, only available
if _STDIO_BSD_SEMANTICS is defined.
* libc/stdio/findfp.c (_cleanup_r): Call _fwalk_reent rather than
_fwalk. Conditionalize cleanup function call on _STDIO_BSD_SEMANTICS.
Add comments. Add FIXME.
* libc/stdio/local.h (__sflushw_r): Declare if _STDIO_BSD_SEMANTICS is
defined.
secure stream related critical section against thread cancellation.
(_newlib_flockfile_exit): Ditto.
(_newlib_sfp_lock_end): Ditto.
(_newlib_sfp_lock_start): Ditto for the list of streams.
(_newlib_sfp_lock_exit): Ditto.
(_newlib_sfp_lock_end): Ditto.
Use aforementioned macros in place of _flockfile/_funlockfile
and __sfp_lock_acquire/__sfp_lock_release throughout the code.
* libc/stdio/fclose.c: Explicitely disable and re-enable thread
cancellation. Explain why.
* libc/stdio/freopen.c: Ditto.
* libc/stdio64/freopen64.c: Ditto.
* libc/stdio/findfp.c (__sinit): Open stderr read/write.
* libc/stdio/fdopen.c (_fdopen_r): Set O_APPEND on fd when
requested.
* libc/stdio64/fdopen64.c (_fdopen64_r): Likewise.