To help prevent people from missing running this script, integrate it
into the build via maintainer mode.
Also fix the inverted exit status to make this work correctly -- for
some reason, it exited 1 when it worked, and 0 when it failed.
Convert all the libc/ subdir makes into the top-level Makefile. This
allows us to build all of libc from the top Makefile without using any
recursive make calls. This is faster and avoids the funky lib.a logic
where we unpack subdir archives to repack into a single libc.a. The
machine override logic is maintained though by way of Makefile include
ordering, and source file accumulation in libc_a_SOURCES.
There's a few dummy.c files that are no longer necessary since we aren't
doing the lib.a accumulating, so punt them.
The winsup code has been pulling the internal newlib ssp library out,
but that doesn't exist anymore, so change that to pull the objects.
Rather than define per-object rules in the Makefile, have small files
that define & include the right content. This simplifies the build
rules, and makes understanding the source a little easier (imo) as it
makes all the subdirs behave the same: you have 1 source file and it
produces 1 object. It's also about the same amount of boiler plate,
without having to define custom build rules that can fall out of sync.
We also realign the free & pvalloc definitions: common code puts these
in malloc.o & valloc.o respectively, not in free.o & pvalloc.o objects.
This will also be important as we merge the libc.a build into the top
dir since it relies on a single flat list of objects for overrides.
The mallopt symbol is defined in tiny-malloc.c, not mallocr.c, but
the Makefile in here tries to compile it out of the latter. This
leads to mallopt never being defined.
The build also creates mallinfo.o & mallopt.o & mallstats.o objects
to override common ones, but the common dir doesn't use these names.
Instead, it places these all in mstats.o.
So move the build define logic to a dedicated file and compile it
directly to make things a bit simpler while fixing the missing func
and aligning objects with the cmomon code.
Rather than define per-object rules in the Makefile, have small files
that define & include the right content. This simplifies the build
rules, and makes understanding the source a little easier (imo) as it
makes all the subdirs behave the same: you have 1 source file and it
produces 1 object. It's also about the same amount of boiler plate,
without having to define custom build rules that can fall out of sync.
This will also be important as we merge the libc.a build into the top
dir since it relies on a single flat list of objects for overrides.
Also take the opportunity to clean up the unnecessary header deps in
here. Automake provides dependency generation for free now.
This file is a little confusing: it provides all of the mallocr logic,
but is compiled multiple times to produce a unique symbol each time.
For example, building mallocr.c with -DDEFINE_FREER produces freer.o
that only defines _free_r(). This is fine for most symbols, but it's
a little confusing when defining mallocr itself -- we produce a file
with the same symbol name, but we still need -DDEFINE_MALLOCR. In
order to move the logic from the build rules to source files, using
mallocr.c both as a multiplexer and for defining a single symbol is a
bit tricky. It's possible (if we add a lot of redundant preprocessor
checks to mallocr.c, or we add complicated build flags just for this
one files), but it's easier if we simply rename this to a dedicated
file. So let's do that.
We do this as a dedicated commit because the next one will create a
new mallocr.c file and git's automatic diff algorithms can handle
trivial renames, but it can't handle renames+creates in the same
commit.
Simplify the build system logic a bit by moving the mallocr.c ->
nano-mallocr.c redirection from the Makefile to the source files.
This allows for consistent object name usage regardless of the
configuration options used in case a machine dir wants to define
its own override.
Since we already set up _LIBC to indicate source files are building
for newlib, we don't need this malloc-specific symbol. Convert it
over to simplify the build a bit.
Rather than define per-object rules in the Makefile, have small files
that define & include the right content. This simplifies the build
rules, and makes understanding the source a little easier (imo) as it
makes all the subdirs behave the same: you have 1 source file and it
produces 1 object. It's also about the same amount of boiler plate,
without having to define custom build rules that can fall out of sync.
Some of these rules were already unnecessary as they were compiling a
single source file into the same named object w/out custom flags, and
Automake handles that for us completely.
This will also be important as we merge the libc.a build into the top
dir since it relies on a single flat list of objects for overrides.
Also take the opportunity to clean up the unnecessary header deps in
here. Automake provides dependency generation for free now.
This kills off the last configure script under libc/ and folds it
into the top newlib configure script. The a lot of the logic was
already in the top configure script, so move what's left into a
libc/acinclude.m4 file.
Remove dependency on __sdidinit member of struct _reent to check
object initialization. Like __sdidinit, the __cleanup member of
struct _reent is initialized in the __sinit() function. Checking
initialization against __cleanup serves the same purpose and will
reduce overhead in the __sfp() function in a follow up patch.
The crt0.o was handled in a subdir-by-subdir basis: it would be compiled
in one (e.g. libc/sys/$arch/), then copied up one level (libc/sys/), then
copied up another (libc/) before finally being copied & installed in the
top newlib dir. The libc/sys/ copy was cleaned up, and then the top dir
was changed to copy it directly out of the libc/sys/$arch/ dir. But the
libc/sys/ copy to libc/ was left behind. Clean that up now too.
These headers aren't installed, so use "" includes instead of <> so
we don't search system header paths. This matches the style used
elsewhere in the tree for these local headers, and makes it work
w/out explicit -I flags (as needed with non-recursive make).
When migrating the manual to the top-level, the include order was
sorted by name of the subdir. But this changed the chapter order
of the manual in the process. Change the sorting back to match
existing chapters and update the comments to explain.
Using xxx_LIBADD, xxx_DEPENDENCIES, and EXTRA_xxx_SOURCES is one way of
conditionally including files into a target. But it's meant more for the
cases where the variables added to LIBADD & DEPENDENCIES are constructed
via substitution (e.g. AC_SUBST) or other dynamic methods. With Automake
conditionals, then the much simpler form is to conditionally append to
the xxx_SOURCES variable and let Automake sort everything out.
The top-level newlib dir already takes care of recursing into the
sys/xxx/include/ subdirs and installing any headers found, so the
rtems subdir doesn't need to do this itself.
Replace the custom build rules (which require copying & pasting from the
current Makefile) with small stub files. This allows us to drop the rules
entirely and let Automake provide everything.
These subdirs don't actually use anything from libm. The common dir
in particular only has 4 header files, and none are included here.
The xstormy16 code has a comment mentioning why this hack is here, but
it refers to code that was removed when its configure script was merged
up a level.
This is used in a bunch of places, but nowhere is it ever set, and
nowhere can I find any documentation, nor can I find any other project
using it. So delete the flags to simplify.
These targets don't actually cross-compile -- they try to pull some
objects out of the host's /lib/libc.a, /lib/libm.a, and /lib/crt0.o
directly and merge them into newlib's own libraries. This is hard
to keep working and impossible to test. Considering the vintage of
such targets, and gcc dropping them many many years ago, drop them
from newlib too. This will make cleaning up the build a lot easier.
The machine/{configure,Makefile} files exist only to fan out to the
specific machine/$arch/ subdir. We already have all that same info
in the phoenix/ dir itself, so by moving the recursive configure and
make calls into it, we can cut off this logic entirely and save the
overhead.
These were never added to the tree, and as we transition from autoconf
to automake, it really wants the latter subdirs to always exist. These
don't, so delete the logic.
Make sure we depend on the right name of mkdoc all the time, and that
the rules that need it (e.g. .def files) depend on it.
Reported-by: Jon Turney <jon.turney@dronecode.org.uk>
This was only ever used for i?86-pc-linux-gnu targets, but that's been
broken for years, and has since been dropped. So clean this up too.
This also deletes the funky objectlist logic since it only existed for
the libtool libraries. Since it was the only thing left in the small
Makefile.shared file, we can punt that too.
This was only used by the i?86-pc-linux-gnu target which we've removed,
and even though it's using a "sys/linux/" dir to make it sound like it
only depends on the Linux kernel, it's actually tied to glibc APIs built
on top of Linux. Since the code relies on internal glibc APIs and has
been broken for some time, punt it all. If someone wants to bring it
back, they can try and actually keep the Linux-vs-glibc APIs separate.
Now that we use AC_NO_EXECUTABLES, and we require a recent version of
autoconf, we don't need to define our own copies of these macros. So
switch to the standard AC_PROG_CC.
This logic was added to libc & libm to get it working again after some
reworks in the CPP handling, but now that that's settled, let's move
this to the common newlib configure logic. This will make it easier
to consolidate all the configure calls into the top-level newlib dir.
This does create a lot of noise in the generate scripts, but that's
because of the ordering of the calls, not because of correctness. We
will try to draw that back down in follow up commits as we modernize
the toolchain calls in here.
This allows building the libc & libm pages in parallel, and drops
the duplication in the subdirs with the chew/chapter settings.
The unused rules in Makefile.shared are left in place to minimize
noise in the change.
This doesn't migrate all the docs, just the libc's manual (pdf/info).
This is to show the basic form of migrating the chew files.
For subdirs that didn't have any docs, I've stripped their settings
for clarity. If someone wanted to suddenly add docs, they can add
the corresponding Makefile.inc files easily.
THe stdio subdir is actually required by the documentation. The
stdio/def is handled dynamically, but libc.texi always expects it
to be included, and fails if it isn't. So making it required when
building docs is safe.
The xdr subdir is handled dynamically, but it doesn't include any
docs, so the dynamic logic isn't (currently) adding any value. So
making it required when building docs is safe.
That leaves: iconv, stdio64, posix, and signal subdirs. The chapters
have a little disclaimer saying they are system-dependent, but even
then, imo having stable manuals regardless of the target is preferable,
and we can add more disclaimer language to these chapters if we want.
This doesn't touch the man page codepaths, just the info/pdf.
Let automake manage whether the objects are included in lib.a. This
fixes failures after to commit 71086e8b2d
("newlib: delete (most) redundant lib_a_CCASFLAGS=$(AM_CCASFLAGS)") due
to automake generating different set of implicit rules, and the code in
here assuming the names of the generated objects.
This isn't strictly necessary, but it makes for much clearer logs as
to what the target is doing, and provides cache vars for anyone who
wants to force the test a different way, and it lets the build cache
its own results when rerunning config.status.
Restore the call to AC_NO_EXECUTABLES -- I naively assumed in commit
2e9aa5f56c ("newlib: update preprocessor
configure checks") that checking for a preprocessor would not involve
linking code. Unfortunately, autoconf will implicitly check that the
compiler "works" before allowing it to be used, and that involves a
link test, and that fails because newlib provides the C library which
is needed to pass a link test.
There is some code in NEWLIB_CONFIGURE specifically to help mitigate
these, but it's not kicking in here for some reason, so let's just add
the AC_NO_EXECUTABLES call back until we can unwind that custom logic.
Additionally, we have to call AC_PROG_CPP explicitly. This was being
invoked later on, but only in the use_libtool=yes codepath, and that
is almost never enabled.
When we had configure scripts in subdirs, the newlib_basedir value
was computed relative to that, and it'd be the same when used in the
Makefile in the same dir. With many subdir configure scripts removed,
the top-level configure & Makefile can't use the same relative path.
So switch the subdir Makefiles over to abs_newlib_basedir when they
use -I to find source headers.
Do this for all subdirs, even ones with configure scripts and where
newlib_basedir works. This makes the code consistent, and avoids
surprises if the configure script is ever removed in the future as
part of merging to the higher level.
Some of the subdirs were using -I$(newlib_basedir)/../newlib/ for
some reason. Collapse those too since newlib_basedir points to the
newlib source tree already.
When using the top-level configure script but subdir Makefiles, the
newlib_basedir value gets a bit out of sync: it's relative to where
configure lives, not where the Makefile lives. Move the abs setting
from the top-level configure script into acinclude.m4 so we can rely
on it being available everywhere. Although this commit doesn't use
it anywhere, just lays the groundwork.
The work to merge libc/machine/ up a dir lost the stub doc targets.
So when libc/ recursed into machine/, it would stop going deeper as
the doc rules were empty. But now that libc/ goes directly into the
libc/machine/$arch/ and those have never had doc stubs, the build
fails. Add a quick hack to the top dir to ignore all machine/$arch/
dirs when generating docs. A follow up series will delete all of
this code as it merges all the doc rules into the top newlib dir.
The machine configure scripts are all effectively stub scripts that
pass the higher level options to its own makefile. There were only
three doing custom tests. The rest were all effectively the same as
the libc/ configure script.
So instead of recursively running configure in all of these subdirs,
generate their makefiles from the top-level configure. For the few
unique ones, deploy a pattern of including subdir logic via m4:
m4_include([machine/nds32/acinclude.m4])
Some of the generated machine makefiles have a bunch of extra stuff
added to them, but that's because they were inconsistent in their
configure libtool calls. The top-level has it, so it exports some
new vars to the ones that weren't already.
The sys configure scripts are almost all effectively stub scripts that
pass the higher level options to its own makefile. The phoenix & linux
ones are a bit more complicated with nested subdirs, so those have been
left alone for now. Plus, I don't really have a way of testing them.
There's no need to have a sys/ subdir just to copy the sys/$arch/crt0.o
up to sys/crt0.o, and then have libc/ copy sys/crt0.o up again. Just
have libc/ refer to sys/$arch/crt0.o directly and drop the intermediate
makefile entirely.
The sys/{configure,Makefile} files exist to fan out to the specific
sys/$arch/ subdir, and to possibly generate a crt0. We already have
all that same info in the libc/ dir itself, so by moving the recursive
configure and make calls into it, we can cut off some of this logic
entirely and save the overhead.
For arches that don't have a sys subdir, it means they can skip the
logic entirely.
The sys subdir itself is kept for the crt0 logic, for now. We'll try
and clean that up next.
The machine/{configure,Makefile} files exist only to fan out to the
specific machine/$arch/ subdir. We already have all that same info
in the libc/ dir itself, so by moving the recursive configure and
make calls into it, we can cut off this logic entirely and save the
overhead.
For arches that don't have a machine subdir, it means they can skip
the logic entirely. Although there's prob not too many of those.
This makes the makefile logic a bit cleaner so we don't have two
files maintaining lists of sources & objects. Since the logic is
tied to cpu capabilities, past those boolean settings down from
the configure logic to the makefile logic.
This will also make it easier to throw away the configure script
in a follow up commit and just keep the makefile.
The nds32 & spu dirs are using compile tests to look for some
preprocessor defines, but we don't need to compile the code,
just preprocess it. So switch to AC_PREPROC_IFELSE.
The sh dir is using a preprocessor test via grep, but let's
switch it to AC_PREPROC_IFELSE too to be consistent.
This should allow us to drop the uncommon AC_NO_EXECUTABLES call.
This was added decades ago, but the commit message lacks any
explanation, and it was unused when it was merged. It's still
unused today. So punt it all.
Generating these files is very cheap, so let's just do it all the time.
This makes the build logic simpler, and keeps errors for slipping in in
codepaths that are not well tested. Creating these files doesn't mean
they'll be included in the manual implicitly.
For example, some of the nano stdio files break documentation because
they don't have any chew directives in them. But no one noticed since
that code path is rarely enabled. So drop the _i and _float def files.
It's unclear why this was added originally, but assuming it was needed
20 years ago, it shouldn't be explicitly required nowadays. Current
versions of autotools already take care of exporting LDFLAGS to the
Makefile as needed (things are actually getting linked). That's why
the configure diffs show LDFLAGS still here, but shifted to a diff
place in the output list. A few dirs stop exporting LDFLAGS, but
that's because they don't do any linking, only compiling, so it's
correct.
As for the use of $ldflags instead of the standard $LDFLAGS, I can't
really explain that at all. Just use the right name so users don't
have to dig into why their setting isn't respected, and then use a
non-standard name instead. Adjust the testsuite to match.
Now that we require a recent version of autoconf, we can rely on this
macro working. This change was already made to libm, but these other
dirs were missed as I didn't notice it being duplicated in 3 places.
The list of iconv to/from defines is hand maintained in newlib.hin.
Lets leverage mkdeps.pl to generate this list automatically from the
list of known encodings. The newlib.hin list is up-to-date, so the
list in iconv.m4 matches the list already generated.
This define is only used by newlib internally, so stop exporting it
as HAVE_INITFINI_ARRAY since this can conflict with defines packages
use themselves.
We don't really need to add _ to HAVE_INIT_FINI too since it isn't
exported in newlib.h, but might as well be consistent here.
We can't (easily) add this to newlib_cflags like HAVE_INIT_FINI is
because this is based on a compile-time test in the top configure,
not on plain shell code in configure.host. We'd have to replicate
the test in every subdir in order to have it passed down.
Currently this is only enabled in the top-level as that's the only
place where it seemed to be used. But the libc/sys/phoenix/ dir
also uses this functionality, but fails to explicitly enable it.
Automake workedaround it, but generated warnings. Move the option
to NEWLIB_CONFIGURE so all dirs get it automatically iff they end
up using the option. If they don't use the option, there's no
difference to the generated code.
Since AM_INIT_AUTOMAKE calls AC_PROG_AWK, and some configure.ac
scripts call it too, we end up testing for awk multiple times. If
we change NEWLIB_CONFIGURE to require the macro instead, then it
makes sure it's always expanded, but only once.
While we're here, do the same thing with AC_PROG_INSTALL since it
is also called by AM_INIT_AUTOMAKE, although it doesn't currently
result in duplicate configure checks.
The AC_LIBTOOL_WIN32_DLL macro has been deprecated for a while and code
should call LT_INIT with win32-dll instead. Update the calls to match.
The generated code is noisy not because of substantial differences, but
because the order of some macros change (i.e. instead of calling AS and
then CC, CC is called first and then AS).
Since automake already sets per-library CCASFLAGS to $(AM_CCASFLAGS)
by default, there's no need to explicitly set it here.
Many of these dirs don't have .S files in the first place, so the rule
doesn't even do anything. That can easily be seen when Makefile.in has
no changes as a result.
For the dirs with .S files, the custom rules are the same as the pattern
.S.o rules, so this is a nice cleanup.
The only dir that was adding extra flags (newlib/libc/machine/mn10300/)
to the per-library setting can have it moved to the global AM_CCASFLAGS
since the subdir only has one target. Although the setting just adds
extra debugging flags, so maybe it should be deleted in general.
There are a few dirs that we leave the redundant setting in place. This
is to workaround an automake limitation in subdirs that support building
with & w/out libtool:
https://www.gnu.org/software/automake/manual/html_node/Objects-created-both-with-libtool-and-without.html
This matches what the other GNU toolchain projects have done already.
The generated diff in practice isn't terribly large. This will allow
more use of subdir local.mk includes due to fixes & improvements that
came after the 1.11 release series.
The newlib & libgloss dirs are already generated using autoconf-2.69.
To avoid merging new code and/or accidental regeneration using diff
versions, leverage config/override.m4 to pin to 2.69 exactly. This
matches what gcc/binutils/gdb are already doing.
The README file already says to use autoconf-2.69.
To accomplish this, it's just as simple as adding -I flags to the
top-level config/ dir when running aclocal. This is because the
override.m4 file overrides AC_INIT to first require the specific
autoconf version before calling the real AC_INIT.
Libtool needs to get BSD-format (or MS-format) output out of the system
nm, so that it can scan generated object files for symbol names for
-export-symbols-regex support. Some nms need specific flags to turn on
BSD-formatted output, so libtool checks for this in its AC_PATH_NM.
Unfortunately the code to do this has a pair of interlocking flaws:
- it runs the test by doing an nm of /dev/null. Some platforms
reasonably refuse to do an nm on a device file, but before now this
has only been worked around by assuming that the error message has a
specific textual form emitted by Tru64 nm, and that getting this
error means this is Tru64 nm and that nm -B would work to produce
BSD-format output, even though the test never actually got anything
but an error message out of nm -B. This is fixable by nm'ing *nm
itself* (since we necessarily have a path to it).
- the test is entirely skipped if NM is set in the environment, on the
grounds that the user has overridden the test: but the user cannot
reasonably be expected to know that libtool wants not only nm but
also flags forcing BSD-format output. Worse yet, one such "user" is
the top-level Cygnus configure script, which neither tests for
nor specifies any BSD-format flags. So platforms needing BSD-format
flags always fail to set them when run in a Cygnus tree, breaking
-export-symbols-regex on such platforms. Libtool also needs to
augment $LD on some platforms, but this is done unconditionally,
augmenting whatever the user specified: the nm check should do the
same.
One wrinkle: if the user has overridden $NM, a path might have been
provided: so we use the user-specified path if there was one, and
otherwise do the path search as usual. (If the nm specified doesn't
work, this might lead to a few extra pointless path searches -- but
the test is going to fail anyway, so that's not a problem.)
(Tested with NM unset, and set to nm, /usr/bin/nm, my-nm where my-nm is a
symlink to /usr/bin/nm on the PATH, and /not-on-the-path/my-nm where
*that* is a symlink to /usr/bin/nm.)
ChangeLog
2021-09-27 Nick Alcock <nick.alcock@oracle.com>
PR libctf/27967
* libtool.m4 (LT_PATH_NM): Try BSDization flags with a user-provided
NM, if there is one. Run nm on itself, not on /dev/null, to avoid
errors from nms that refuse to work on non-regular files. Remove
other workarounds for this problem. Strip out blank lines from the
nm output.
This reports common symbols like GNU nm, via a type code of 'C'.
ChangeLog
2021-09-27 Nick Alcock <nick.alcock@oracle.com>
PR libctf/27967
* libtool.m4 (lt_cv_sys_global_symbol_pipe): Augment symcode for
Solaris 11.
AR from older binutils doesn't work with --plugin and rc:
[hjl@gnu-cfl-2 bin]$ touch foo.c
[hjl@gnu-cfl-2 bin]$ ar --plugin /usr/libexec/gcc/x86_64-redhat-linux/10/liblto_plugin.so rc libfoo.a foo.c
[hjl@gnu-cfl-2 bin]$ ./ar --plugin /usr/libexec/gcc/x86_64-redhat-linux/10/liblto_plugin.so rc libfoo.a foo.c
./ar: no operation specified
[hjl@gnu-cfl-2 bin]$ ./ar --version
GNU ar (Linux/GNU Binutils) 2.29.51.0.1.20180112
Copyright (C) 2018 Free Software Foundation, Inc.
This program is free software; you may redistribute it under the terms of
the GNU General Public License version 3 or (at your option) any later version.
This program has absolutely no warranty.
[hjl@gnu-cfl-2 bin]$
Check if AR works with --plugin and rc before passing --plugin to AR and
RANLIB.
PR ld/27173
* configure: Regenerated.
* libtool.m4 (_LT_CMD_OLD_ARCHIVE): Check if AR works with
--plugin and rc before enabling --plugin.
config/
PR ld/27173
* gcc-plugin.m4 (GCC_PLUGIN_OPTION): Check if AR works with
--plugin and rc before enabling --plugin.
libiberty/
PR ld/27173
* configure: Regenerated.
zlib/
PR ld/27173
* configure: Regenerated.
The configure scripts were regenerated with 2.69 for the newlib-4.2.0
release in 484d2ebf8d, but the aclocal
files were not. Do that now to avoid confusion between the two as to
which version of autoconf was used.
32 bit Cygwin still exports function calls to support old applications.
E. g., when switching from 16 to 32 bit uid/gid values, new function
like getuid32 have been added and the old getuid function still only
provides 16 bit values. Newly built applications using getuid are
actually calling getuid32.
However, this link magic isn't performed inside Cygwin itself, so if
newlib functions call getuid, they actually call the old getuid, not
the new getuid32. This leads to truncated uid/gid values.
https://cygwin.com/pipermail/cygwin/2022-January/250453.html reports
how this leads to problems in posix_spawn.
Fix this temporarily. i686 support will go away soon in Cygwin and the
fix can be dropped.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
For some RTEMS multilibs, the FPU and Altivec units are disabled during
interrupt handling. Do not save and restore the corresponding registers in
this case.
Since automake deprecated the INCLUDES name in favor of AM_CPPFLAGS,
change all existing users over. The generated code is the same since
the two variables have been used in the same exact places by design.
There are other cleanups to be done, but lets focus on just renaming
here so we can upgrade to a newer automake version w/out triggering
new warnings.
The 'cygnus' option was removed from automake 1.13 in 2012, so the
presence of this option prevents that or a later version of automake
being used.
A check-list of the effects of '--cygnus' from the automake 1.12
documentation, and steps taken (where possible) to preserve those
effects (See also this thread [1] for discussion on that):
[1] https://lists.gnu.org/archive/html/bug-automake/2012-03/msg00048.html
1. The foreign strictness is implied.
Already present in AM_INIT_AUTOMAKE in newlib/acinclude.m4
2. The options no-installinfo, no-dependencies and no-dist are implied.
Already present in AM_INIT_AUTOMAKE in newlib/acinclude.m4
Future work: Remove no-dependencies and any explicit header dependencies,
and use automatic dependency tracking instead. Are there explicit rules
which are now redundant to removing no-installinfo and no-dist?
3. The macro AM_MAINTAINER_MODE is required.
Already present in newlib/acinclude.m4
Note that maintainer-mode is still disabled by default.
4. Info files are always created in the build directory, and not in the
source directory.
This appears to be an error in the automake documentation describing
'--cygnus' [2]. newlib's info files are generated in the source
directory, and no special steps are needed to keep doing that.
[2] https://lists.gnu.org/archive/html/bug-automake/2012-04/msg00028.html
5. texinfo.tex is not required if a Texinfo source file is specified.
(The assumption is that the file will be supplied, but in a place that
automake cannot find.)
This effect is overriden by an explicit setting of the TEXINFO_TEX
variable (the directory part of which is fed into texi2X via the
TEXINPUTS environment variable).
6. Certain tools will be searched for in the build tree as well as in the
user's PATH. These tools are runtest, expect, makeinfo and texi2dvi.
For obscure automake reasons, this effect of '--cygnus' is not active
for makeinfo in newlib's configury.
However, there appears to be top-level configury which selects in-tree
runtest, expect and makeinfo, if present. So, if that works as it
appears, this effect is preserved. If not, this may cause problem if
anyone is building those tools in-tree.
This effect is not preserved for texi2dvi. This may cause problems if
anyone is building texinfo in-tree.
If needed, explicit checks for those tools looking in places relative to
$(top_srcdir)/../ as well as in PATH could be added.
7. The check target doesn't depend on all.
This effect is not preseved. The check target now depends on the all
target.
This concern seems somewhat academic given the current state of the
testsuite.
Also note that this doesn't touch libgloss.
Add all the effects of 'cygnus' for which there exists an explicit way
to request that behaviour:
* Implied foreign strictness and options no-installinfo, no-dependencies
and no-dist are added to AM_INIT_AUTOMAKE in newlib/acinclude.m4.
* macro AM_MAINTAINER_MODE is added to newlib/acinclude.m4.
* For the implied TEXINFO_TEX of '$(top_srcdir)/../texinfo/texinfo.tex',
an explicit TEXINFO_TEX is always relative to $(srcdir), so write the
same pathname in that form.
This is to prepare for the removal of the automake option '--cygnus'.
- This patch uses gdtoa imported from OpenBSD if newlib configure
option "--enable-newlib-use-gdtoa=no" is NOT specified. gdtoa
provides more accurate output and faster conversion than legacy
ldtoa, while it requires more heap memory.
This patch fixed a problem which isn't in newlib, but in projects
incorrectly using symbols from the reserved namespace.
This reverts commit 3ba1bd0d9d.
- Currently, printf("%La\n", 1e1000L) crashes with segv due to lack
of frexpl() function. With this patch, frexpl() function has been
implemented in libm to solve this issue.
Addresses: https://sourceware.org/pipermail/newlib/2021/018718.html
- If the number has large integer part and small fraction part is
specified in output format, e.g. printf("%.3f", sqrt(2)*1e60);,
valid output digits were insufficient. This patch fixes the issue.
https://cygwin.com/pipermail/cygwin/2021-November/249930.html
reported a regression introduce by using a dynamically sized local
char array in favor of a statically sized array.
Fix this by reverting to a statically sized array, using a small
buffer on the stack for a reasonable number of requested digits, a
big mallocated buffer otherwise. This should work for small targets
as well, given that malloc is used in printf anyway right now.
This is *still* hopefully just a temporary measure, unless somebody
actually provides a new ldtoa.
Fixes: 4d90e53359 ("ldtoa: fix dropping too many digits from output")
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
Use the same name as glibc & gnulib to indicate "newlib itself is
being compiled". This also harmonizes the codebase a bit in that
_LIBC was already used in places instead of _COMPILING_NEWLIB.
Building for bfin-elf, mips-elf, and x86_64-pc-cygwin produces
the same object code.
Some distros enable _FORTIFY_SOURCE by default which upsets building
newlib which itself implements the logic for this define. For example,
building gets.c fails because the includes set up a gets() macro which
expands in the definition.
Since newlib isn't prepared to build itself with _FORTIFY_SOURCE, and
it's not clear if it's even useful, ignore it when building the code.
This also matches what glibc is doing.
The _COMPILING_NEWLIB symbol is for declaring "the code is being
compiled for newlib itself" so headers can change behavior vs the
header being used by users (who should get the normal clean API).
Unfortunately, this symbol is defined inconsistently leading to it
only being useful for a few subsections of the tree.
Pull it out so that it's defined all the time for all targets.
We're seeing a build failure in GNU sim code which is using _P locally
but the ctype.h define clashes with it. Rename these to use the same
symbols that glibc does. They're a bit more verbose, but seems likely
that we'll have fewer conflicts if glibc isn't seeing them.
However, these shortnames are still used internally by ctype modules
to produce pretty concise source code, so move the short names to the
internal ctype_.h where short name conflicts shouldn't show up.
This code looks like it's written to be copied & pasted between diff
C libraries and relies on _LIBC only being used with glibc. This will
break when newlib changes from _COMPILING_NEWLIB to _LIBC, so delete
the glibc-specific logic ahead of time.
ldtoa cuts the number of digits it returns based on a computation of
number of supported bits (144) divide by log10(2). Not only is the
integer approximation of log10(2) ~= 8/27 missing a digit here, it
also fails to take really small double and long double values into
account.
Allow for the full potential precision of long double values. At the
same time, change the local string array allocation to request only as
much bytes as necessary to support the caller-requested number of
digits, to keep the stack size low on small targets.
In the long run a better fix would be to switch to gdtoa, as the BSD
variants, as well as Mingw64 do.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
Currently, newlib does not declare strsignal if DEFS_H is defined,
ostensibly to work around a gdb bug. However, gdb itself compiles
even with this ifndef removed, and this makes sim (another part of
gdb) fail to compile.
Since it is not clear exactly what issue this was working around,
this patch just replaces that ifdef with the correct check,
i.e. __POSIX_VISIBLE >= 200809.
Reported by prodisDown:
In picolibc/newlib/libc/string/strrchr.c
if (i) { while ((s=strchr(s, i))) { last = s; s++; } } else { last = strchr(s, i); }
Value (for example 0xFFFFFF00) in if (i) can pass test and
then be typecasted to char inside strchr(). Then s++ and then
buffer overrun.
It can be fixed by preventive typecast i = (int) (char) i; or
typecasting inside expression if ((char) i).
Fixed by casting to char.
Signed-off-by: Keith Packard <keithp@keithp.com>
Add specialized rotations RB_RED_ROTATE_LEFT() and RB_RED_ROTATE_RIGHT() which
may be used if we rotate a red child which has a black sibling. Such a red
node must have at least two child nodes so that the following red-black tree
invariant is fulfilled:
Every path from a given node to any of its descendant NULL nodes goes through
the same number of black nodes.
PARENT
/ \
BLACK RED
/ \
BLACK BLACK
Add specialized rotations RB_PARENT_ROTATE_LEFT() and RB_PARENT_ROTATE_RIGHT()
which may be used if the parent node exists and the direction of the child is
known. The specialized rotations are derived from RB_ROTATE_LEFT() and
RB_ROTATE_RIGHT() where the RB_SWAP_CHILD() was replaced by a simple
assignment.
In RB_GENERATE_REMOVE_COLOR() simplify a chain of conditions of the following
pattern
if (x) {
...
} else if (!x) {
...
}
to
if (x) {
...
} else {
...
}
We have
#define RB_ISRED(elm, field) \
((elm) != NULL && RB_COLOR(elm, field) == RB_RED)
So, the RB_ISRED() contains an implicit check for NULL. In
RB_GENERATE_REMOVE_COLOR() the "elm" pointer cannot be NULL in the while
condition. Use RB_COLOR(elm) == RB_BLACK instead.
When newlib is configured with --enable-newlib-reent-check-verify,
the assert macro is already defined in the nano-mallocr.c compile unit.
Contributed by STMicroelectronics
Signed-off-by: Torbjörn SVENSSON <torbjorn.svensson@st.com>
unused function warning for two_way_short_needle,
different char type warnings for standard string functions
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
_STDIO_WITH_THREAD_CANCELLATION_SUPPORT was never defined.
Include ../stdio/local.h to get the right definition per target.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
__STDINT_EXP() is provided by newlib but not by stdint-gcc.h. stdint-gcc.h
is used when the GCC argument -ffreestanding is used and this results in this
file not compiling.
This patch to the libc/machine/nvptx port of newlib implements an
approximation of "clock" and provides some additional stub routines.
These changes not only reduce the number of (link) failures in the GCC
testsuite when targeting nvptx-none, but also allow the NIST scimark4
benchmark to compile and run without modification.
newlib already contains support for backends to provide their own
clock implementations via -DCLOCK_PROVIDED. That functionality is
used here to return an approximate elapsed time based on the NVidia
GPU's clock64 cycle counter. Although not great, this is better than
the current behaviour of link error from the unresolved symbol
_times_r.
The other part of the patch is to add a small number of stub functions
to nvptx's misc.c. Adding isatty, for example, resolves linking
problems in libc from the dependency in __smakebuf_r, and the sync
stub, for example, fixes the failure with GCC's
testsuite/gfortran.dg/ISO_Fortran_binding_14.f90 [which simply tests
that gfortran can call a/any C function].
newlib/
configure.host: Add -DCLOCK_PROVIDED to newlib_cflags on nvptx*.
newlib/libc/machine/nvptx
Makefile.am: Add clock.c to lib_a_SOURCES.
clock.c: New source file to implement/approximate clock().
misc.c: Add stubs for fstat, isatty, open, sync and unlink.
_strtod_l as well as the gethex function both fetch the decimal point
from the current LC_NUMERIC locale info. This pulls in _C_numeric_locale
unconditionally even on targets not supporting locales at all.
Another problem is that strtod.c and gdtoa-gethex.c are ELIX 1, while
locale information in general isn't. This leads to potential build
breakage on bare metal targets.
Fix this by setting the decimal point to "." on all targets not
defining __HAVE_LOCALE_INFO__.
While at it, const'ify the entire local decimal point info in the
affected functions.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
svfwscanf replaces getwc and ungetwc_r. The comments in the code talk
about avoiding file operations, but they also need to bypass the
mbtowc calls as svfwscanf operates on wchar_t, not multibyte data,
which is a more important reason here; they would not work correctly
otherwise.
The ungetwc replacement has code which uses the 3 byte FILE _ubuf
field, but if wchar_t is 32-bits, this field is not large enough to
hold even one wchar_t value. Building in this mode generates warnings
about array overflow:
In file included from ../../newlib/libc/stdio/svfiwscanf.c:35:
../../newlib/libc/stdio/vfwscanf.c: In function '_sungetwc_r.isra':
../../newlib/libc/stdio/vfwscanf.c:316:12: warning: array subscript 4294967295 is above array bounds of 'unsigned char[3]' [-Warray-bounds]
316 | fp->_p = &fp->_ubuf[sizeof (fp->_ubuf) - sizeof (wchar_t)];
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
In file included from ../../newlib/libc/stdio/stdio.h:46,
from ../../newlib/libc/stdio/vfwscanf.c:82,
from ../../newlib/libc/stdio/svfiwscanf.c:35:
../../newlib/libc/include/sys/reent.h:216:17: note: while referencing '_ubuf'
216 | unsigned char _ubuf[3]; /* guarantee an ungetc() buffer */
| ^~~~~
However, the vfwscanf code *never* ungets data before the start of the
scanning operation, and *always* ungets data which matches the input
at that point, so the code always hits the block which backs up over
the input data and never hits the block which uses the _ubuf field.
In addition, the svfwscanf code will always start with the unget
buffer empty, so the ungetwc replacement never needs to support an
unget buffer at all.
Simplify the code by removing support for everything other than
backing up over the input data, leaving the check to make sure it
doesn't get underflowed in case the vfscanf code has a bug in it.
Signed-off-by: Keith Packard <keithp@keithp.com>
Added function prototypes to newlib/libc/include/pthread.h
for the following Issue 8 Standard APIs:
pthread_cond_clockwait()
pthread_mutex_clocklock()
pthread_rwlock_clockrdlock()
pthread_rwlock_clockwrlock()
A recent patch introduced new code for sig2str/str2sig.
This code does not properly exclude code that requires
SIGRTMIN/SIGRTMAX to be defined and triggers the following
compile error:
newlib/libc/signal/sig2str.c:199:8: error: 'SIGRTMIN' undeclared
newlib/libc/signal/sig2str.c:200:29: error: 'SIGRTMAX' undeclared
Let's add the missing guards.
Fixes: 2b50ec0cd2 ("libc: Fix compilation for new sig2str/str2sig implementation")
Signed-off-by: Christoph Muellner <cmuellner@gcc.gnu.org>
Added implementations for sig2str() and str2sig() in libc/signal
in order to improve POSIX compliance. Added fucntion prototypes
in libc/include/sys/signal.h.
riscv64-unknown-elf-g++-11.1.0 regression suite reports the following
failures for
$ make check-gcc-c++ RUNTESTFLAGS='dg.exp=Wstringop-overflow-6.C'
```
FAIL: g++.dg/warn/Wstringop-overflow-6.C -std=gnu++14 (test for excess errors)
FAIL: g++.dg/warn/Wstringop-overflow-6.C -std=gnu++17 (test for excess errors)
FAIL: g++.dg/warn/Wstringop-overflow-6.C -std=gnu++2a (test for excess errors)
UNSUPPORTED: g++.dg/warn/Wstringop-overflow-6.C -std=gnu++98
```
The "excess errors" being
```
output is In file included from /home/maxim/prj/riscv-upstream/install/riscv64-unknown-elf/include/wchar.h:6,
from /home/maxim/prj/riscv-upstream/build/gcc-stage2/riscv64-unknown-elf/libstdc++-v3/include/cwchar:44,
from /home/maxim/prj/riscv-upstream/build/gcc-stage2/riscv64-unknown-elf/libstdc++-v3/include/bits/postypes.h:40,
from /home/maxim/prj/riscv-upstream/build/gcc-stage2/riscv64-unknown-elf/libstdc++-v3/include/iosfwd:40,
from /home/maxim/prj/riscv-upstream/build/gcc-stage2/riscv64-unknown-elf/libstdc++-v3/include/ios:38,
from /home/maxim/prj/riscv-upstream/build/gcc-stage2/riscv64-unknown-elf/libstdc++-v3/include/ostream:38,
from /home/maxim/prj/riscv-upstream/build/gcc-stage2/riscv64-unknown-elf/libstdc++-v3/include/iostream:39,
from /home/maxim/prj/riscv-upstream/gcc-11.1.0/gcc/testsuite/g++.dg/warn/Wstringop-overflow-6.C:6:
/home/maxim/prj/riscv-upstream/install/riscv64-unknown-elf/include/sys/reent.h:685:11: warning: unnecessary parentheses in declaration of '_sig_func' [-Wparentheses]
```
- GCC will set __FLT_EVAL_METHOD__ to 16 if __fp16 supported, e.g.
cortex-a55/aarch64.
- $ aarch64-unknown-elf-gcc -v 2>&1 |grep version
gcc version 9.2.0 (GCC)
- $ aarch64-unknown-elf-gcc -E -dM -mcpu=cortex-a55 - < /dev/null |grep FLT_EVAL_METHOD
#define __FLT_EVAL_METHOD__ 16
#define __FLT_EVAL_METHOD_TS_18661_3__ 16
#define __FLT_EVAL_METHOD_C99__ 16
- The behavior of __FLT_EVAL_METHOD__ == 16 is same as
__FLT_EVAL_METHOD__ == 0 except for float16_t, but newlib didn't
support float16_t.
ISO/IEC TS 18661-3:
http://www.open-std.org/jtc1/sc22/wg14/www/docs/n2405.pdf
V2 Changes:
- List Howland, Craig D as co-author since he provide the draft of comment
in math.h.
Co-authored-by: "Howland, Craig D" <howland@LGSInnovations.com>
The C standard says that errno may acquire the value ERANGE if the
result from strtod underflows. According to IEEE 754, underflow occurs
whenever the value cannot be represented in normalized form.
Newlib is inconsistent in this, setting errno to ERANGE only if the
value underflows to zero, but not for denorm values, and never for hex
format floats.
This patch attempts to consistently set errno to ERANGE for all
'underflow' conditions, which is to say all values which are not
exactly zero and which cannot be represented in normalized form.
This matches glibc behavior, as well as the Linux, Mac OS X, OpenBSD,
FreeBSD and SunOS strtod man pages.
Signed-off-by: Keith Packard <keithp@keithp.com>
The scanf code was skipping the '0' after the 'x' causing the
resulting buffer to contain an invalid number when passed to strtod.
Signed-off-by: Keith Packard <keithp@keithp.com>
Newlib for aarch64 uses libgloss for the backend. One common libgloss
implementation is the 'rdimon' implementation, which uses the Arm
Semihosting protocol. In order to support a remote host that runs on
Windows we need to know whether a file is to be opened in binary or
text mode. That means that we need to preserve this information via
O_BINARY until we know what the libgloss binding will be.
This patch simply copies the arm implementation from sys/arm/sys and
puts it in machine/aarch64/sys, because we don't have a 'sys' subtree
on aarch64.
The only reason why it is tough for us to use nano malloc
is because of the small shortcoming where nano_malloc()
splits a bigger chunk from the free list into two pieces
while handing back the second one (the tail) to the user.
This is error prone and especially bad for smaller heaps,
where nano malloc is supposed to be superior. The normal
malloc doesn't have this issue and we need to use it even
though it costs us ~2k bytes compared to nano-malloc.
The problem arise especially after giving back _every_
malloced memory to the heap and then starting to exercise
the heap again by allocating something small. This small
item might split the whole heap in two equally big parts
depending on how the heap has been exercised before.
I have uploaded the smallest possible application
(only tested on ST and Nordic devices) to show the issue
while the real customer applications are far more complicated:
https://drive.google.com/file/d/1kfSC2KOm3Os3mI7EBd-U0j63qVs8xMbt/view?usp=sharing
The application works like the following pseudo code,
where we assume a heap of 100 bytes
(I haven't taken padding and other nitty and gritty
details into account. Everything to simplify understanding):
void *ptr = malloc(52); // We get 52 bytes and we have
// 48 bytes to use.
free(ptr); // Hand back the 52 bytes to nano_malloc
// This is the magic line that shows the issue of
// nano_malloc
ptr = malloc(1); // Nano malloc will split the 52 bytes
// in the free list and hand you a pointer
// somewhere in the
// middle of the heap.
ptr2 = malloc(52); // Out of memory...
I have done a fix which hands back the first part of the
splitted chunk. Once this is fixed we obviously
have the 1 byte placed in position 0 of the heap instead
of somewhere in the middle.
However, this won't let us malloc 52 new bytes even though
we potentially have 99 bytes left to use in the heap. The
reason is that when we try to do the allocation,
nano-malloc looks into the free list and sees a 51 byte
chunk to be used.
This is not big enough so nano-malloc decides to call
sbrk for _another_ 52 bytes which is not possible since
there is only 48 bytes left to ask for.
The solution for this problem is to check if the last
item in the free list is adjacent to sbrk(0). If it is,
as it is in this case, we can just ask sbrk for the
remainder of what is needed. In this case 1 byte.
NB! I have only tested the solution on our ST device.
Use the more official fesetenv(FE_DFL_ENV) from _dll_crt0, thus
allowing to drop the _feinitialise declaration from fenv.h.
Provide a no-op _feinitialise in Cygwin as exportable symbol for really
old applications when _feinitialise was called from mainCRTStartup in
crt0.o.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
Drop the Cygwin-specific fenv.cc and fenv.h file and use the equivalent
newlib functionality now, so we have at least one example of a user for
this new mechanism.
fenv.c: allow _feinitialise to be called from Cygwin startup code
fenv.h: add declarations for fegetprec and fesetprec for Cygwin only.
Fix a comment.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
So far the build mechanism in newlib only allowed to either define
machine-specific headers, or headers shared between all machines.
In some cases, architectures are sufficiently alike to share header
files between them, but not with other architectures. A good example
is ix86 vs. x86_64, which share certain traits with each other, but
not with other architectures.
Introduce a new configure variable called "shared_machine_dir". This
dir can then be used for headers shared between architectures.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
Without this, for a bare-iron/simulator target such as cris-elf,
you'll see, at newlib build time:
/x/gccobj/./gcc/xgcc -B/x/gccobj/./gcc/ <many options elided> -c -o lib_a-aligned_alloc.o \
`test -f 'aligned_alloc.c' || echo '/y/newlib/libc/stdlib/'`aligned_alloc.c
/y/newlib/libc/stdlib/aligned_alloc.c: In function 'aligned_alloc':
/y/newlib/libc/stdlib/aligned_alloc.c:35:10: warning: implicit declaration of function \
'_memalign_r' [-Wimplicit-function-declaration]
35 | return _memalign_r (_REENT, align, size);
| ^~~~~~~~~~~
The revert-part of the revert-and-fix commit, b99887c428 a.k.a.
"Revert previous change to sys/stat.h and fix cris libgloss",
apparently intending to revert f75aa67851 a.k.a. "Fix regression in
cris-elf caused by sys/stat.h change" and fix it in another way,
wasn't complete. Although the fix-part added the prerequisite "#undef
st_atime" (et al) to gensyscalls, the revert-part didn't revert the
"&& !defined(__cris__)" in sys/stat.h, stopping st_atime (et al) from
being defined.
The effect of the unreverted change is that accessing the struct stat
compatibility member names "st_atime" (et al) as in "struct stat
mystat; mystat.st_atime;" yields errors, observable for example when
building libgfortran in gcc:
/x/gcc/libgfortran/intrinsics/stat.c:114:42: error: 'struct stat' has \
no member named 'st_atime'; did you mean 'st_atim'?
114 | sarray->base_addr[8 * stride] = sb.st_atime;
| ^~~~~~~~
| st_atim
(etc.)
Trivially fixed by completing the reversion, removing the "&&
!defined(__cris__)" in sys/stat.h.
Beware: the net effect of the earlier related change to struct stat in
sys/stat.h, leading up to the fix, *does* change its definition as a
type. Thankfully, replacing members like "time_t st_atime; long
st_spare1;" by "struct timespec st_atim;", ditto st_mtim and st_ctim,
is layout-compatible. To wit, that change is "binary compatible".
Incidentally, related to the simulator / Linux ABI, there's a
transitional stage (see gensyscalls), reloading between "struct stat"
(sys/stat.h) and "struct new_stat" (kernel/simulator) as necessary.
Tested by a cris-elf gcc build (including libgfortran).
This Patch removes Soft Float code from MIPS.
Instead It adds the soft float code from RISCV
The code came from FreeBSD and assumes the FreeBSD softfp
implementation not the one with GCC. That was an overlooked and
fixed in the other fenv code already.
Signed-off-by: Eshan Dhawan <eshandhawan51@gmail.com>
Change the prototypes to be in line with POSIX/glibc. This may fix
issues with new warnings produced by GCC 11.
Signed-off-by: Sebastian Huber <sebastian.huber@embedded-brains.de>
Add the POSIX header file <poll.h> which is used by the GCC 11 Ada
runtime support.
Signed-off-by: Sebastian Huber <sebastian.huber@embedded-brains.de>
The Cortex-R52 processor is an Armv8-R processor with a NEON unit. This
fix prevents conflicting architecture profiles A/R errors issued by the
linker.
Signed-off-by: Sebastian Huber <sebastian.huber@embedded-brains.de>
The overflow check in mEMALIGn erroneously checks for INT_MAX,
albeit the input parameter is size_t. Fix this to check for
__SIZE_MAX__ instead. Also, it misses to check the req against
adding the alignment before calling mALLOc.
While at it, add out-of-bounds checks to pvALLOc, nano_memalign,
nano_valloc, and Cygwin's (unused) dlpvalloc.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
to rb parent pointers. Define RB_SWAP_CHILD to replace the child of a parent
with its twin, and use it in 4 places. Use RB_SET in rb_link_node to remove the
only linuxkpi reference to color, and then drop color- and parent-related
definitions that are defined and used only in rbtree.h.
This is intended to be entirely cosmetic, with no impact on program
behavior, and leave RB_PARENT and RB_SET_PARENT as the only ways to
read and write rb parent pointers.
Reviewed by: markj, kib
Tested by: pho
Differential Revision: https://reviews.freebsd.org/D25264
the sibling of the root of the too-short tree is black and at least one of the
children of that sibling is red, either one or two rotations finish the
rebalancing. In the case when both of the children are red, the current
implementation uses two rotations where only one is necessary. This change
removes that extra rotation, and in that case also removes a needless
black-to-red-to-black recoloring.
Reviewed by: markj
Differential Revision: https://reviews.freebsd.org/D25335
without using their interfaces, making them break when the representation
changes. Revert changes that eliminated the color field from rb-trees, leaving
everything as it was before.
Reviewed by: markj
Differential Revision: https://reviews.freebsd.org/D25250
a bit of DIAGNOSTIC code that depends on it.
Reported by: rpokala, mjguzik
Reviewed by: markj
Differential Revision: https://reviews.freebsd.org/D25204
field. Set the least significant bit in the pointer to the node from its parent
to indicate that the node is red. Have the tree rotation macros leave the
old-parent/new-child node red and the new-parent/old-child node black.
This change makes RB_LEFT and RB_RIGHT no longer assignable, and
RB_COLOR no longer defined. Any code that modifies the tree or
examines a node color would have to be modified after this change.
Reviewed by: markj
Tested by: pho
Differential Revision: https://reviews.freebsd.org/D25105
where the pointer checked is provably never null. Restructure the surrounding
code just enough to make the non-nullness obvious.
Reviewed by: markj
Tested by: pho
Differential Revision: https://reviews.freebsd.org/D25089
child is red or child is null. In the first case, RB_REMOVE_COLOR just changes
the child to black and returns. With this change, RB_REMOVE handles that case,
and drops the child argument to RB_REMOVE_COLOR, since that value is always
null.
RB_REMOVE_COLOR is changed to remove a couple of unneeded tests, and
to eliminate some deep indentation.
RB_ISRED is defined to combine a null check with a test for redness,
to replace that combination in several places.
Reviewed by: markj
Tested by: pho
Differential Revision: https://reviews.freebsd.org/D25032
search to find the node to replace the one being removed, restructure to first
remove the replacement node and correct the parent pointers around it, and then
let the all-cases code at the end deal with the parent of the deleted node,
making it point to the replacement node. This removes one or two conditional
branches.
Reviewed by: markj
Tested by: pho
Differential Revision: https://reviews.freebsd.org/D24845
macros so that is invoked at the root of every subtree that changes in an
insert or delete, and only once, and ordered from the bottom of the tree to the
top. For intel_gas.c, the only user of RB_AUGMENT I can find, change the
augmenting routine so that it does not climb from entry to tree root on every
call, and remove a 'tree correcting' function that can be supplanted by proper
tree augmentation.
Reviewed by: kib
Tested by: pho
Differential Revision: https://reviews.freebsd.org/D23189
removing a node and reinserting it back with an updated key.
This is one of dependencies for the upcoming stats(3) code.
Reviewed by: cem
Obtained from: Netflix
MFC after: 2 weeks
Sponsored by: Klara Inc, Netflix
Differential Revision: https://reviews.freebsd.org/D21786
For configurations without x2APIC support (guests, older hardware), the global
LAPIC MMIO mapping will trigger false-positive KCSan reports as it will appear
that multiple CPUs are concurrently reading and writing the same address.
This isn't actually true, as the underlying physical access will be performed
on the local CPU's APIC. Additionally, because LAPIC access can happen during
event timer configuration, the resulting KCSan printf can produce a panic due
to attempted recursion on event timer resources.
Add a __nosanitizethread preprocessor define to prevent the compiler from
inserting TSan hooks, and apply it to the x86 LAPIC accessors.
PR: 249149
Reported by: gbe
Reviewed by: andrew, kib
Tested by: gbe
Differential Revision: https://reviews.freebsd.org/D26354
This is an unfortunate instance where the __has_attribute check does
not function usefully. Gcc does have the attribute, but for gcc it only
applies to functions, not variables, and trying to apply it to a
variable generates Wattribute. So far we only apply the attribute to
variables. Only enable the attribute for clang, for now.
Reviewed by: Anton Rang <rang at acm.org>
Sponsored by: Dell EMC Isilon
Differential Revision: https://reviews.freebsd.org/D22875
The assumptions of linker_set don't play nicely with
AddressSanitizer. AddressSanitizer adds a 'redzone' of zeros around
globals (including those in named sections), whereas linker_set
assumes they are all packed consecutively like a pointer array. So:
let's annotate linker_set so that AddressSanitizer ignores it.
Submitted by: Matthew Bryan <matthew.bryan@isilon.com>
Reviewed by: kib, rang_acm.org
Sponsored by: Dell EMC Isilon
Differential Revision: https://reviews.freebsd.org/D22239
The <sys/cdefs.h> and <stdatomic.h> headers already included support for
C11 atomics via intrinsincs in modern versions of GCC, but these versions
tried to "hide" atomic variables inside a wrapper structure. This wrapper
is not compatible with GCC's internal <stdatomic.h> header, so that if
GCC's <stdatomic.h> was used together with <sys/cdefs.h>, use of C11
atomics would fail to compile. Fix this by not hiding atomic variables
in a structure for modern versions of GCC. The headers already avoid
using a wrapper structure on clang.
Note that this wrapper was only used if C11 was not enabled (e.g.
via -std=c99), so this also fixes compile failures if a modern version
of GCC was used with -std=c11 but with FreeBSD's <stdatomic.h> instead
of GCC's <stdatomic.h> and this change fixes that case as well.
Reported by: Mark Millard
Reviewed by: kib
Differential Revision: https://reviews.freebsd.org/D16585
As discussed in GCC bug 97088
(https://gcc.gnu.org/bugzilla/show_bug.cgi?id=97088), parameters in
prototypes of library functions should use reserved names, or no name
at all.
This patch moves the internal struct __tzrule_struct to its own
internal header sys/_tz_structs.h. This is included from newlib's
time code as well as from Cygwin's localtime wrapper.
Signed-off-by: Torbjörn SVENSSON <torbjorn.svensson@st.com>
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
As discussed in GCC bug 97088
(https://gcc.gnu.org/bugzilla/show_bug.cgi?id=97088), parameters in
prototypes of library functions should use reserved names, or no name
at all.
This patch removes the 'ptr' parameter name from
wint_t _getwchar_r (struct _reent *);
wint_t _getwchar_unlocked_r (struct _reent *);
to avoid possible clashes with user code in case someone uses
before including Newlib's wchar.h (or uses some other conflicting
definition)
Signed-off-by: Torbjörn SVENSSON <torbjorn.svensson@st.com>
As discussed in GCC bug 97088
(https://gcc.gnu.org/bugzilla/show_bug.cgi?id=97088), parameters in
prototypes of library functions should use reserved names, or no name
at all.
This patch removes the 'j' parameter name from
extern intmax_t imaxabs(intmax_t);
to avoid possible clashes with user code in case someone uses
before including Newlib's inttypes.h (or uses some other conflicting
definition)
Signed-off-by: Torbjörn SVENSSON <torbjorn.svensson@st.com>
As discussed in GCC bug 97088
(https://gcc.gnu.org/bugzilla/show_bug.cgi?id=97088), parameters in
prototypes of library functions should use reserved names, or no name
at all.
This patch removes the 'x' parameter name from
extern int __isinff (float);
extern int __isinfd (double);
extern int __isnanf (float);
extern int __isnand (double);
extern int __fpclassifyf (float);
extern int __fpclassifyd (double);
extern int __signbitf (float);
extern int __signbitd (double);
to avoid possible clashes with user code in case someone uses
before including Newlib's math.h (or uses some other conflicting
definition)
The current gamma, gamma_r, gammaf and gammaf_r functions return
|gamma(x)| instead of ln(|gamma(x)|) due to a change made back in 2002
to the __ieee754_gamma_r implementation. This patch fixes that, making
all of these functions map too their lgamma equivalents.
To fix the underlying bug, the __ieee754_gamma functions have been
changed to return gamma(x), removing the _r variants as those are no
longer necessary. Their names have been changed to __ieee754_tgamma to
avoid potential confusion from users.
Now that the __ieee754_tgamma functions return the correctly signed
value, the tgamma functions have been modified to use them.
libm.a now exposes the following gamma functions:
ln(|gamma(x)|):
__ieee754_lgamma_r
__ieee754_lgammaf_r
lgamma
lgamma_r
gamma
gamma_r
lgammaf
lgammaf_r
gammaf
gammaf_r
lgammal (on machines where long double is double)
gamma(x):
__ieee754_tgamma
__ieee754_tgammaf
tgamma
tgammaf
tgammal (on machines where long double is double)
Additional aliases for any of the above functions can be added if
necessary; in particular, I'm not sure if we need to include
__ieee754_gamma*_r functions (which would return ln(|(gamma(x)|).
Signed-off-by: Keith Packard <keithp@keithp.com>
----
v2:
Switch commit message to ASCII
The MSP430 target supports both 16-bit and 20-bit size_t and intptr_t.
Some implicit casts in Newlib expect these types to be
"long", (a 32-bit type on MSP430) which causes warnings during
compilation such as:
"cast from pointer to integer of different size"
commit 588a5e1dde added a non-reentrant
call to nano_malloc which causes a build failure if INTERNAL_NEWLIB is
defined.
Here is a snippet of the error:
In file included from .../newlib/newlib/libc/stdlib/nano-mallocr.c:38:
.../newlib/newlib/libc/include/malloc.h:42:25: note: expected 'struct _reent *' but argument is of type 'ptrdiff_t' {aka 'int'}
42 | extern void *_malloc_r (struct _reent *, size_t);
| ^~~~~~~~~~~~~~~
.../newlib/newlib/libc/stdlib/nano-mallocr.c:67:22: error: too few arguments to function '_malloc_r'
67 | #define nano_malloc _malloc_r
| ^~~~~~~~~
.../newlib/newlib/libc/stdlib/nano-mallocr.c:456:11: note: in expansion of macro 'nano_malloc'
456 | mem = nano_malloc(bytes);
| ^~~~~~~~~~~
In file included from .../newlib/newlib/libc/stdlib/nano-mallocr.c:38:
.../newlib/newlib/libc/include/malloc.h:42:14: note: declared here
42 | extern void *_malloc_r (struct _reent *, size_t);
| ^~~~~~~~~
.../newlib/newlib/libc/stdlib/nano-mallocr.c:43: warning: "assert" redefined
43 | #define assert(x) ((void)0)
|
This patch adds a missing RCALL to the args when calling nano_malloc
from nano_calloc, so that if the call is reentrant, reent_ptr is passed
as the first argument.
The variable `bytes` (also added in 588a5e1d) has been changed from a
`ptrdiff_t` to `malloc_size_t` as it does not need to be signed. It is
used to store the product of two unsigned malloc_size_t variables and
then iff there was no overflow is it passed to malloc and memset which
both expect size_t which is unsigned.
Signed-off-by: Craig Blackmore <craig.blackmore@embecosm.com>
This built-in function (available in both gcc and clang) is more
efficient and generates shorter code than open-coding the test.
Signed-off-by: Keith Packard <keithp@keithp.com>
This removes the run-time configuration of errno support present in
portions of the math library and unifies all of the compile-time errno
configuration under a single parameter so that the whole library
is consistent.
The run-time support provided by _LIB_VERSION is no longer present in
the public API, although it is still used internally to disable errno
setting in some functions. Now that it is a constant, the compiler should
remove that code when errno is not supported.
This removes s_lib_ver.c as _LIB_VERSION is no longer variable.
Signed-off-by: Keith Packard <keithp@keithp.com>
math_errhandling is specified to contain two bits of information:
1. MATH_ERRNO -- Set when the library sets errno
2. MATH_ERREXCEPT -- Set when math operations report exceptions
MATH_ERRNO should match whether the original math code is compiled in
_IEEE_LIBM mode and the new math code has WANT_ERRNO == 1.
MATH_ERREXCEPT should match whether the underlying hardware has
exception support. This patch adds configurations of this value for
RISC-V, ARM, Aarch64, x86 and x86_64 when using HW float.
Signed-off-by: Keith Packard <keithp@keithp.com>
Compiling
#include <sys/select.h>
void f(int X)
{
fd_set set;
FD_ZERO(&set);
FD_SET(X,&set);
FD_CLR(X+1,&set);
(void)FD_ISSET(X+2,&set);
}
results in plenty of gcc warnings when compiled with
-Wconversion -Wsign-conversion:
fds.c:7:2: warning: conversion to ‘long unsigned int’ from ‘int’ may
FD_SET(X,&set);
^~~~~~
[...]
The unsigned NFDBITS macro combined with the signed 1L constant
are causing lots of implicit signed/unsigned type conversions.
Fix this by updating the FD_* macro code to the latest from FreeBSD
and adding an (int) cast to _NFDBITS.
As a side-effect, this fixes the visibility of NFDBITS and
fds_bits (only if __BSD_VISIBLE).
This also eliminates the old, outdated fd_set workaround.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
Newlib's posix_spawn has been taken from FreeBSD. The code relies on
BSD-specific behaviour of vfork, namely the fact that vfork blocks
the parent until the child exits or calls execve as well as the fact
that the child shares parent memory in non-COW mode.
This behaviour can't be emulated by Cygwin. Cygwin's vfork is
equivalent to fork. This is POSIX-compliant, but it's lacking BSD's
vfork ingrained synchronization of the parent to wait for the child
calling execve, or the chance to just write a variable and the parent
will see the result.
So this requires a Cygwin-specific solution. The core function of
posix_spawn, called do_posix_spawn is now implemented twice, once using
the BSD method, and once for Cygwin using Windows synchronization under
the hood waiting for the child to call execve and signalling errors
upstream. The Windows specifics are hidden inside Cygwin, so newlib
only calls internal Cygwin functions.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
The previous fenv support for ARM used the soft-float implementation of
FreeBSD. Newlib uses the one from libgcc by default. They are not
compatible. Having an GCC incompatible soft-float fenv support in
Newlib makes no sense. A long-term solution could be to provide a
libgcc compatible soft-float support. This likely requires changes in
the GCC configuration. For now, provide a stub implementation for
soft-float multilibs similar to RISC-V.
Move implementation to one file and delete now unused files. Hide
implementation details. Remove function parameter names from header
file to avoid name conflicts.
Provide VFP support if __SOFTFP__ is not defined like glibc.
Reviewed-by: Sebastian Huber <sebastian.huber@embedded-brains.de>
Signed-off-by: Eshan dhawan <eshandhawan51@gmail.com>
This patch fixes a bug in RISC-V's memcpy implementation where an
integer wraparound occurs when src + size < 8 * sizeof(long), causing
the word-sized copy loop to be incorrectly entered.
Signed-off-by: Chih-Mao Chen <cmchen@andestech.com>
If __HAVE_LOCALE_INFO__ is not defined, then the locale in the
locale-specific ctype functions is ignored. In the previous
implementation this resulted in compiler warnings. For example:
int main()
{
locale_t locale;
locale = duplocale(uselocale((locale_t)0));
isspace_l('x', locale);
return 0;
}
gcc -Wall main.c
main.c: In function 'main':
main.c:6:11: warning: variable 'locale' set but not used [-Wunused-but-set-variable]
6 | locale_t locale;
| ^~~~~~
This caused the strnstr to walk off the end of the alias array and
fetch invalid data. Instead of attempting to update 'len', just
re-compute it based on the table end pointer that is already known.
Signed-off-by: Keith Packard <keithp@keithp.com>
The pointer value for the iconv alias data never changes, so get rid
of the pointer and make it an array instead.
Signed-off-by: Keith Packard <keithp@keithp.com>
Fix the code checking for character set loading failure so that
it checks the return value from the init function.
Signed-off-by: Keith Packard <keithp@keithp.com>
The original implementation had multiple issues:
- Only worked when posix_memalign was available (Linux, RTEMS).
- Violated C11 link namespace rules by calling posix_memalign.
- Failed to set errno on error.
These can be fixed by essentially using the same implementation
for aligned_alloc as for memalign, i.e. simply calling _memalign_r
(which is always available and a "more reserved name" although
technically still not in the reserved link namespace, at least
code written in c cannot define a colliding symbol, newlib has
plenty such namespace issues so this is fine).
It is not clear what the right policy is when MALLOC_PROVIDED is set,
currently that does not cover aligned_alloc so it is kept that way.
Tested on aarch64-none-elf
Most code in newlib already uses unified syntax, but just a couple of
laggards remain. This patch removes these and means the the entire
code base has now been converted.
This edits licenses held by Berkeley and NetBSD, both of which
have removed the advertising requirement from their licenses.
Signed-off-by: Keith Packard <keithp@keithp.com>
This reverts commit 59362c80e3.
This breaks gnulib's autoconf test for POSIX compatibility of
fflush/fseek. After fflush/fseek, ftello and lseek are out of
sync, with lseek having the wrong offset. This breaks backward
compatibility with Cygwin applications.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
If we had architecture-specific exception bits, we could just set them
to match the processor, but instead ieeefp.h is shared by all targets
so we need to map between the public values and the register contents.
Signed-off-by: Keith Packard <keithp@keithp.com>
This makes the fpsetround function actually do something rather than
just return -1 due to the default 'fall-through' behavior of the switch
statement.
Signed-off-by: Keith Packard <keithp@keithp.com>
In the two helper functions that _dcvt calls for 'f' and 'e' mode, if
there are no digits to display after the decimal point, don't add one.
Signed-off-by: Keith Packard <keithp@keithp.com>
Leading zeros after the decimal point should not count
towards the 'ndigits' limit.
This makes gcvt match glibc and the posix gcvt man page.
Signed-off-by: Keith Packard <keithp@keithp.com>
Even if the number is really small and this means showing *no* digits.
This makes newlib match glibc, and the fcvt posix man page.
Signed-off-by: Keith Packard <keithp@keithp.com>
newlib wide char conversion functions were updated to
Unicode 11 on 2019-01-12
update standard symbol __STDC_ISO_10646__ to
Unicode 11 release date 2018-06-05 for Cygwin
The call to fflush was invalidating the read buffer, preventing relative
seeks to positions that would have been inside the read buffer from
being optimized. The call to srefill would then re-read mostly the same
data that was initially in the read buffer.
s[0:3] contain a descriptor used to set up the initial value of the
stack, but only the lower 48 bits of s[0:1] are currently used.
The reent marker is currently set in s3, but by stashing it in the
upper 16 bits of s[0:1] instead, s3 can be freed up for other purposes.
This change is based on the FreeBSD commit:
Author: asomers <asomers@FreeBSD.org>
Date: Mon Jul 30 15:46:40 2018 +0000
Make timespecadd(3) and friends public
The timespecadd(3) family of macros were imported from NetBSD back in
r35029. However, they were initially guarded by #ifdef _KERNEL. In the
meantime, we have grown at least 28 syscalls that use timespecs in some
way, leading many programs both inside and outside of the base system to
redefine those macros. It's better just to make the definitions public.
Our kernel currently defines two-argument versions of timespecadd and
timespecsub. NetBSD, OpenBSD, and FreeDesktop.org's libbsd, however, define
three-argument versions. Solaris also defines a three-argument version, but
only in its kernel. This revision changes our definition to match the
common three-argument version.
Bump _FreeBSD_version due to the breaking KPI change.
Discussed with: cem, jilles, ian, bde
Differential Revision: https://reviews.freebsd.org/D14725
- change sys/reent.h to replace _REENT_CHECK_DEBUG with
_REENT_CHECK_VERIFY which when set asserts that any memory
allocated is non-NULL and calls __assert_func directly
- add new --enable-newlib-reent-check-verify configure option
- add support for configure.host to specify default for
newlib_reent_check_verify
- add _REENT_CHECK_VERIFY macro support to acconfig.h and newlib.hin
- add new eBalloc macro to mprec.h which calls Balloc and
aborts if Balloc fails due to out of memory
- change mprec.c functions that use Balloc without checking to use eBalloc instead
- fix dtoa.c to use eBalloc
The ioctl(2) is intended to provide more details about the cause of
the down for the link.
Eventually we might define a comprehensive list of codes for the
situations. But interface also allows the driver to provide free-form
null-terminated ASCII string to provide arbitrary non-formalized
information. Sample implementation exists for mlx5(4), where the
string is fetched from firmware controlling the port.
Reviewed by: hselasky, rrs
Sponsored by: Mellanox Technologies
MFC after: 1 week
Differential revision: https://reviews.freebsd.org/D21527
KTLS adds support for in-kernel framing and encryption of Transport
Layer Security (1.0-1.2) data on TCP sockets. KTLS only supports
offload of TLS for transmitted data. Key negotation must still be
performed in userland. Once completed, transmit session keys for a
connection are provided to the kernel via a new TCP_TXTLS_ENABLE
socket option. All subsequent data transmitted on the socket is
placed into TLS frames and encrypted using the supplied keys.
Any data written to a KTLS-enabled socket via write(2), aio_write(2),
or sendfile(2) is assumed to be application data and is encoded in TLS
frames with an application data type. Individual records can be sent
with a custom type (e.g. handshake messages) via sendmsg(2) with a new
control message (TLS_SET_RECORD_TYPE) specifying the record type.
At present, rekeying is not supported though the in-kernel framework
should support rekeying.
KTLS makes use of the recently added unmapped mbufs to store TLS
frames in the socket buffer. Each TLS frame is described by a single
ext_pgs mbuf. The ext_pgs structure contains the header of the TLS
record (and trailer for encrypted records) as well as references to
the associated TLS session.
KTLS supports two primary methods of encrypting TLS frames: software
TLS and ifnet TLS.
Software TLS marks mbufs holding socket data as not ready via
M_NOTREADY similar to sendfile(2) when TLS framing information is
added to an unmapped mbuf in ktls_frame(). ktls_enqueue() is then
called to schedule TLS frames for encryption. In the case of
sendfile_iodone() calls ktls_enqueue() instead of pru_ready() leaving
the mbufs marked M_NOTREADY until encryption is completed. For other
writes (vn_sendfile when pages are available, write(2), etc.), the
PRUS_NOTREADY is set when invoking pru_send() along with invoking
ktls_enqueue().
A pool of worker threads (the "KTLS" kernel process) encrypts TLS
frames queued via ktls_enqueue(). Each TLS frame is temporarily
mapped using the direct map and passed to a software encryption
backend to perform the actual encryption.
(Note: The use of PHYS_TO_DMAP could be replaced with sf_bufs if
someone wished to make this work on architectures without a direct
map.)
KTLS supports pluggable software encryption backends. Internally,
Netflix uses proprietary pure-software backends. This commit includes
a simple backend in a new ktls_ocf.ko module that uses the kernel's
OpenCrypto framework to provide AES-GCM encryption of TLS frames. As
a result, software TLS is now a bit of a misnomer as it can make use
of hardware crypto accelerators.
Once software encryption has finished, the TLS frame mbufs are marked
ready via pru_ready(). At this point, the encrypted data appears as
regular payload to the TCP stack stored in unmapped mbufs.
ifnet TLS permits a NIC to offload the TLS encryption and TCP
segmentation. In this mode, a new send tag type (IF_SND_TAG_TYPE_TLS)
is allocated on the interface a socket is routed over and associated
with a TLS session. TLS records for a TLS session using ifnet TLS are
not marked M_NOTREADY but are passed down the stack unencrypted. The
ip_output_send() and ip6_output_send() helper functions that apply
send tags to outbound IP packets verify that the send tag of the TLS
record matches the outbound interface. If so, the packet is tagged
with the TLS send tag and sent to the interface. The NIC device
driver must recognize packets with the TLS send tag and schedule them
for TLS encryption and TCP segmentation. If the the outbound
interface does not match the interface in the TLS send tag, the packet
is dropped. In addition, a task is scheduled to refresh the TLS send
tag for the TLS session. If a new TLS send tag cannot be allocated,
the connection is dropped. If a new TLS send tag is allocated,
however, subsequent packets will be tagged with the correct TLS send
tag. (This latter case has been tested by configuring both ports of a
Chelsio T6 in a lagg and failing over from one port to another. As
the connections migrated to the new port, new TLS send tags were
allocated for the new port and connections resumed without being
dropped.)
ifnet TLS can be enabled and disabled on supported network interfaces
via new '[-]txtls[46]' options to ifconfig(8). ifnet TLS is supported
across both vlan devices and lagg interfaces using failover, lacp with
flowid enabled, or lacp with flowid enabled.
Applications may request the current KTLS mode of a connection via a
new TCP_TXTLS_MODE socket option. They can also use this socket
option to toggle between software and ifnet TLS modes.
In addition, a testing tool is available in tools/tools/switch_tls.
This is modeled on tcpdrop and uses similar syntax. However, instead
of dropping connections, -s is used to force KTLS connections to
switch to software TLS and -i is used to switch to ifnet TLS.
Various sysctls and counters are available under the kern.ipc.tls
sysctl node. The kern.ipc.tls.enable node must be set to true to
enable KTLS (it is off by default). The use of unmapped mbufs must
also be enabled via kern.ipc.mb_use_ext_pgs to enable KTLS.
KTLS is enabled via the KERN_TLS kernel option.
This patch is the culmination of years of work by several folks
including Scott Long and Randall Stewart for the original design and
implementation; Drew Gallatin for several optimizations including the
use of ext_pgs mbufs, the M_NOTREADY mechanism for TLS records
awaiting software encryption, and pluggable software crypto backends;
and John Baldwin for modifications to support hardware TLS offload.
Reviewed by: gallatin, hselasky, rrs
Obtained from: Netflix
Sponsored by: Netflix, Chelsio Communications
Differential Revision: https://reviews.freebsd.org/D21277
IPPROTO 33 is DCCP in the IANA Registry:
https://www.iana.org/assignments/protocol-numbers/protocol-numbers.xhtml
IPPROTO_SEP was added about 20 years ago in r33804. The entries were added
straight from RFC1700, without regard to whether they were used.
The reference in RFC1700 for SEP is '[JC120] <mystery contact>', this is an
indication that the protocol number was probably in use in a private network.
As RFC1700 is no longer the authoritative list of internet numbers and that
IANA assinged 33 to DCCP in RFC4340, change the header to the actual
authoritative source.
Reviewed by: Richard Scheffenegger, bz
Approved by: bz (mentor)
MFC after: 1 week
Differential Revision: https://reviews.freebsd.org/D21178
being used at NF as well as sets in some of the groundwork for
committing BBR. The hpts system is updated as well as some other needed
utilities for the entrance of BBR. This is actually part 1 of 3 more
needed commits which will finally complete with BBRv1 being added as a
new tcp stack.
Sponsored by: Netflix Inc.
Differential Revision: https://reviews.freebsd.org/D20834
multiple unmapped pages.
Unmapped mbufs allow sendfile to carry multiple pages of data in a
single mbuf, without mapping those pages. It is a requirement for
Netflix's in-kernel TLS, and provides a 5-10% CPU savings on heavy web
serving workloads when used by sendfile, due to effectively
compressing socket buffers by an order of magnitude, and hence
reducing cache misses.
For this new external mbuf buffer type (EXT_PGS), the ext_buf pointer
now points to a struct mbuf_ext_pgs structure instead of a data
buffer. This structure contains an array of physical addresses (this
reduces cache misses compared to an earlier version that stored an
array of vm_page_t pointers). It also stores additional fields needed
for in-kernel TLS such as the TLS header and trailer data that are
currently unused. To more easily detect these mbufs, the M_NOMAP flag
is set in m_flags in addition to M_EXT.
Various functions like m_copydata() have been updated to safely access
packet contents (using uiomove_fromphys()), to make things like BPF
safe.
NIC drivers advertise support for unmapped mbufs on transmit via a new
IFCAP_NOMAP capability. This capability can be toggled via the new
'nomap' and '-nomap' ifconfig(8) commands. For NIC drivers that only
transmit packet contents via DMA and use bus_dma, adding the
capability to if_capabilities and if_capenable should be all that is
required.
If a NIC does not support unmapped mbufs, they are converted to a
chain of mapped mbufs (using sf_bufs to provide the mapping) in
ip_output or ip6_output. If an unmapped mbuf requires software
checksums, it is also converted to a chain of mapped mbufs before
computing the checksum.
Submitted by: gallatin (earlier version)
Reviewed by: gallatin, hselasky, rrs
Discussed with: ae, kp (firewalls)
Relnotes: yes
Sponsored by: Netflix
Differential Revision: https://reviews.freebsd.org/D20616
into using a STAILQ instead of a linear array.
The multicast memberships for the inpcb structure are protected by a
non-sleepable lock, INP_WLOCK(), which needs to be dropped when
calling the underlying possibly sleeping if_ioctl() method. When using
a linear array to keep track of multicast memberships, the computed
memory location of the multicast filter may suddenly change, due to
concurrent insertion or removal of elements in the linear array. This
in turn leads to various invalid memory access issues and kernel
panics.
To avoid this problem, put all multicast memberships on a STAILQ based
list. Then the memory location of the IPv4 and IPv6 multicast filters
become fixed during their lifetime and use after free and memory leak
issues are easier to track, for example by: vmstat -m | grep multi
All list manipulation has been factored into inline functions
including some macros, to easily allow for a future hash-list
implementation, if needed.
This patch has been tested by pho@ .
Differential Revision: https://reviews.freebsd.org/D20080
Reviewed by: markj @
MFC after: 1 week
Sponsored by: Mellanox Technologies