- Change the lock on uvm_object, vm_amap and vm_anon to be a RW lock.
- Break v_interlock and vmobjlock apart. v_interlock remains a mutex.
- Do partial PV list locking in the x86 pmap. Others to follow later.
On the first call to fread(3), just after fopen(3) the internal buffers
are empty. This means that _r and _p (among others) are zeroed.
Passing NULL to the 2nd argument of memcpy(3) for the zero length is
undefined. Calling _p += 0 triggers LLVM UBSan (NULL pointer arithmetic).
Calling _p += 0, p += 0 and resid -= 0 has no effect.
Replace the "fp->_r = 0;" logic with a short circuit jump to __srefill()
that sets _r internally and refills the FILE buffers.
No functional change from an end user point of view, except skipping a few
dummy operations on the first call, for a FILE pointer, to fread(3).
Instead of implicid promotion to signed int,
explicitly cast the arguments to unsigned int.
_rand48.c:53:27, signed integer overflow:
58989 * 58970 cannot be represented in type 'int'
_rand48.c:53:38, signed integer overflow:
-2093025904 + -1496809120 cannot be represented in type 'int'
_rand48.c:53:57, signed integer overflow:
57068 * 42787 cannot be represented in type 'int'
New and old code produce the same code as tested with:
#include <stdio.h>
#include <stdlib.h>
#define COUNT 1000 * 1000
int
main(void)
{
FILE *fp;
int i;
fp = fopen("numbers.txt", "w+");
if (!fp)
abort();
for(i = 0; i < COUNT; i++) {
fprintf(fp, "%f\n", drand48());
fprintf(fp, "%ld\n", lrand48());
fprintf(fp, "%ld\n", mrand48());
}
fclose(fp);
return 0;
}
hash_page.c:792:2, left shift of 1 by 31 places cannot be represented in type 'int'
hash_page.c:855:2, left shift of 1 by 31 places cannot be represented in type 'int'
hash_page.c:779:3, left shift of 1 by 31 places cannot be represented in type 'int'
value differs b/w oea/booke/ibm4xx, and there's no way to obtain it
from userland. Therefore, this initial value should be corrected by
cpu_setmcontext().
- Comment this in libpthread
- Add KASSERT in cpu_mcontext_validate()
Separate the pthread_atfork(3) call from pthread_tsd_init()
and move it into a distinct function.
Call inside pthread__init() late TSD initialization route, just after
"pthread_atfork(NULL, NULL, pthread__fork_callback);".
Document that malloc(3) initialization is now controlled again and called
during the first pthread_atfork(3) call.
Remove #if 0 code from pthread_mutex.c as we no longer initialize malloc
prematurely.
On error when not aborting, do not return EINVAL as it has a side effect
of being interpreted as matching threads. For invalid threads return
unmatched.
Check pthreads for NULL, before accessing pt_magic field. This avoids
faults on comparision with a NULL pointer.
This behavior is in the scope of UB, but should be easier to deal with
buggy software.
It is enabled unconditionally since 2003 and used only for rwlocks and
spinlocks.
LLVM sanitizers make assumptions that these checks are enabled always.
This avoid bootstrapping malloc too early when libc+libpthread are not
ready. It is called through pthread__init() -> _pthread_atfork().
This also helps LLVM Leak Sanitizer to pacify false positive reports.
make pthread_mutexattr_init do always a full initialization, so that the
attribute that will be used later when we become threaded is properly
initialized.
Set respectively _PT_BARRIER_DEAD for pthread_barrier_destroy() and
_PT_BARRIERATTR_DEAD for pthread_barrierattr_destroy().
Validate _PT_BARRIER_MAGIC in pthread_barrier_t and _PT_BARRIERATTR_MAGIC
in pthread_barrierattr_t accordingly.
a thread can exit with waiters still hanging off it (cancellation when
waiting on a condvar) so deal with all/any crappy failure like that and
make sure there are never any waiters left before exiting. Maybe of help
for:
PR: bin/50350: rump/rumpkern/t_sp/stress_{long,short} fail on Core 2
is to get the thread to go through the slow path. If there are waiters,
process them there and then. Should not affect well behaved apps. Maybe
of help for:
PR bin/50350: rump/rumpkern/t_sp/stress_{long,short} fail on Core 2 Quad
life without its self->pt_lid being filled in.
- Fix an error path in _lwp_create(). If the new LID can't be copied out,
then get rid of the new LWP (i.e. either succeed or fail, not both).
- Mark l_dopreempt and l_nopreempt volatile in struct lwp.
The prototypes in libexecinfo's unwind.h do not match those commonly
used (e.g. by gcc, clang, GNU libunwind, LLVM libunwind...), causing
C++ programs to fail to build on type mismatches (e.g. compiler-rt,
libc++abi). Rather than providing our own header, reuse the one
included in gcc.
Instead of returning -1, return errno on error.
Catch up after the fix in libpthread by Andrew Doran in 2008
in lib/libpthread/pthread_misc.c r.1.9.
It's an open question whether this function shall be used without linked
in the POSIX thread library.
Detected by Bruno Haible (GNU) and documented in gnulib in commit
"pthread_sigmask: Avoid test failure on NetBSD 8.0. " r. 4d16a83b0c1fcb6c.
The file name matching code in libedit tries to adjust to the presence
of explicit " or ' characters in the input line, but tries too hard.
Remove a conditional that goes overboard, and causes the completion
code to fail if a quoted string is seen before the filename to be
expanded, as in
grep 'foo' bar<TAB>
Before this change, the above would not expand any possible
completions, even if they existed, because it would choose to look for
files whose names started with " bar".
There was a formatting issue with mandoc showing the
literal "Ss" macros. I reported this bug to mandoc since groff
didn't have same formatting. It was recommended to simplify
the formatting due to the weird feature.
Note because of this for groff I didn't use the Ux macro but spelled
out UNIX literally for these subsection headers
(since the macro reset the subsection formatting which was why
the Ss macro was repeated before to reactivate it).
It's more pedantically correct to check RW_WRITE_LOCKED before
obtaining the thread id of the owner. And since there must be an
owner annotate the guard NULL check as unlinkely.
No functional change intended. Ok ad@.
They were brought along with the rwlock flags but never used and never
even adapted to the new home (the struct member name is different
here). I looked at adapting and using them, but they don't really
help readability that much and there are cases where we need to deal
with "fused" owner values anyway and so can't use them.
rwlock uses lower bits of a thread pointer for flags in the lock owner
field. Assert that the pointer is properly aligned and those bits are
actually free to use. This may not be the case when a program uses
its own allocator that can return less aligned pointers.
_SC_SEM_NSEMS_MAX. Report no limit for getconf(3). The ressource is
naturally limited by the backing file descriptor, so no separate limit
is necessary. Keep the accounting for debugging as it is part of the
sysctl ABI exposed by the kernel.
match, the expected space is not being added. Problem observed with
"chronyc" and "sqlite3" tab completion. That functionality got
moved to escape_filename() for the !attempted_completion_function
case, but the non-NULL 'attempted_completion_function' case must
also be handled. (Lonnie Abelbeck)
Most noticable, recompute the start of the TLS area for variant I
relative to the TCB. This makes a difference when the segment size and
base alignment don't agree.
not if it has root privileges, but if the /dev/nvmm device was opened with
write permissions. Introduce the undocumented nvmm_root_init() function to
achieve that.
The goal is to simplify the logic and have more granularity, eg if we want
a monitoring agent to access VMs but don't want to give this agent real
root access on the system.
TPR change. This is supported on all Intel CPUs, and not-too-old AMD CPUs.
The reason for wanting this option is that certain OSes (like Win10 64bit)
manage interrupt priority in hardware via CR8 directly, and for these OSes,
the emulator may want to sync its internal TPR state on each change.
Add two new fields in cap.arch, to report the conf capabilities. Report TPR
only on Intel for now, not AMD, because I don't have a recent AMD CPU on
which to test.
- Sync the naming with reality.
- Replace "relevant" by "desired" and "virtualizer" by "emulator", closer
to what I meant.
- Add a "VCPU Configuration" section.
- Add a "Machine Ownership" section.
Remove const from the 2nd argument.
const char ** and char ** are incompatible types and it was a cost to keep
the technically incompatible form for a more purist variation. NetBSD was
almost the last alive OS to still keep the const argument (known leftovers:
Minix and Illumos).
Keep the const form for the internal purposes inside citrus and rump.
Address the build breakage fallout in the same change.
There are no ABI changes.
Change accepted by core@.
- Add 'mach' and 'vcpu' backpointers in the nvmm_io and nvmm_mem
structures.
- Rename 'nvmm_callbacks' to 'nvmm_assist_callbacks'.
- Rename and migrate NVMM_MACH_CONF_CALLBACKS to NVMM_VCPU_CONF_CALLBACKS,
it now becomes per-VCPU.
issues in the libnvmm API.
- Rename NVMM_CAPABILITY_VERSION to NVMM_KERN_VERSION, and check it in
libnvmm. Introduce NVMM_USER_VERSION, for future use.
- In libnvmm, open "/dev/nvmm" as read-only and with O_CLOEXEC. This is to
avoid sharing the VMs with the children if the process forks. In the
NVMM driver, force O_CLOEXEC on open().
- Rename the following things for consistency:
nvmm_exit* -> nvmm_vcpu_exit*
nvmm_event* -> nvmm_vcpu_event*
NVMM_EXIT_* -> NVMM_VCPU_EXIT_*
NVMM_EVENT_INTERRUPT_HW -> NVMM_VCPU_EVENT_INTR
NVMM_EVENT_EXCEPTION -> NVMM_VCPU_EVENT_EXCP
Delete NVMM_EVENT_INTERRUPT_SW, unused already.
- Slightly reorganize the MI/MD definitions, for internal clarity.
- Split NVMM_VCPU_EXIT_MSR in two: NVMM_VCPU_EXIT_{RD,WR}MSR. Also provide
separate u.rdmsr and u.wrmsr fields. This is more consistent with the
other exit reasons.
- Change the types of several variables:
event.type enum -> u_int
event.vector uint64_t -> uint8_t
exit.u.*msr.msr: uint64_t -> uint32_t
exit.u.io.type: enum -> bool
exit.u.io.seg: int -> int8_t
cap.arch.mxcsr_mask: uint64_t -> uint32_t
cap.arch.conf_cpuid_maxops: uint64_t -> uint32_t
- Delete NVMM_VCPU_EXIT_MWAIT_COND, it is AMD-only and confusing, and we
already intercept 'monitor' so it is never armed.
- Introduce vmx_exit_insn() for NVMM-Intel, similar to svm_exit_insn().
The 'npc' field wasn't getting filled properly during certain VMEXITs.
- Introduce nvmm_vcpu_configure(). Similar to nvmm_machine_configure(),
but as its name indicates, the configuration is per-VCPU and not per-VM.
Migrate and rename NVMM_MACH_CONF_X86_CPUID to NVMM_VCPU_CONF_CPUID.
This becomes per-VCPU, which makes more sense than per-VM.
- Extend the NVMM_VCPU_CONF_CPUID conf to allow triggering VMEXITs on
specific leaves. Until now we could only mask the leaves. An uint32_t
is added in the structure:
uint32_t mask:1;
uint32_t exit:1;
uint32_t rsvd:30;
The two first bits select the desired behavior on the leaf. Specifying
zero on both resets the leaf to the default behavior. The new
NVMM_VCPU_EXIT_CPUID exit reason is added.
address size is 16 bits, regardless of the actual operating mode. With
this special map there can be two registers referenced at once, and
also disp16-only.
Implement this special behavior, and add associated tests. While here
simplify a few things.
With this in place, the Windows 95 installer initializes correctly.
Part of PR/54611.
GCC_NO_FORMAT_TRUNCATION -Wno-format-truncation (GCC 7/8)
GCC_NO_STRINGOP_TRUNCATION -Wno-stringop-truncation (GCC 8)
GCC_NO_STRINGOP_OVERFLOW -Wno-stringop-overflow (GCC 8)
GCC_NO_CAST_FUNCTION_TYPE -Wno-cast-function-type (GCC 8)
use these to turn off warnings for most GCC-8 complaints. many
of these are false positives, most of the real bugs are already
commited, or are yet to come.
we plan to introduce versions of (some?) of these that use the
"-Wno-error=" form, which still displays the warnings but does
not make it an error, and all of the above will be re-considered
as either being "fix me" (warning still displayed) or "warning
is wrong."
gcc 8 -Wstringop-overflow is uhappy when the specified bounds depend
on the length of the source and is not smart enough to see the check
we do. Besides we don't want the padding effect of strncpy() here.
The new member is caled f_mntfromlabel and it is the dkw_wname
of the corresponding wedge. This is now used by df -W to display
the mountpoint name as NAME=
by /sbin/{zfs,zpool,mount_zfs}. The general effect is to move them
from /usr/lib to /lib. Compatibility links are installed in /usr/lib
and nothing that is installed, say in /usr/pkg, appears to break.
With this, it is possible to have a /var and /usr mount using ZFS
legacy mounting early on in the boot process.
Run tested on amd64 and i386 and compile tested on evbarm.
There is an ongoing discussion to unify unreturn attribute between C and
C++, making a compatible version, shared between languages. Instead of
picking C11-only approach here, switch back to __dead that wraps the
compiler extension for the same purpose.
This change makes this header more compatible with C++ and pre-C11.
Reference:
http://www.open-std.org/jtc1/sc22/wg14/www/docs/n2410.pdf
While there also fix handling character appending in the file completions when
inside quotes. For example when inside a quote, if the completion is a directory then
append a '/' but don't close the quote. On the other hand when inside a quote if the
completion is a file name and it is the only match then we can close the quote.
Similar to __NetBSD_Version__ from sys/param.h but has no
correlation to it or the ELF symver libcurses is built as.
If we say that v1 was everything prior to this, it makes sense to
start this from v2.
Define _REENTRANT for MKSANITIZER build. This is needed for at least stdio
code. This caused new build issued with duplicated symbols in few places
and rump kernel code picking different code paths borrowed from libc.
Handle all this in one go.
Add bsd.sanitizer.mk to share common code used by programs and libraries.
Switch from realall to beforeinstall target in .syms files. This is more
reliable in MKSANITIZER.
- Don't touch the trap flags (though on all ARMv8 I know they have no
effect anyway).
- Don't clear any existing raised exception flags; just add to them.
XXX atf test
XXX pullup-9
- fesetenv is supposed to set the stored rounding mode (and stored trap
settings, but they have no effect on any ARMv8 I know).
- feupdateenv is supposed to re-raise the exceptions that were raised
in the environment when it was called.
XXX atf test
XXX pullup-9
libfuse has a different usage of filehandles for files and directories.
A directory filehandle is valid only for directory operations such
as OPENDIR, READDIR, RELEASEDIR, FSYNCDIR. Change of src/lib/libperfuse/ops.c
1.85-1.86 made sure filehandles of directories were only sent for that
operations.
However, the status of lock operations GETLK, SETLK, SETLKW was overlooked.
The only FUSE filesystem I found using locks is GlusterFS, and it needs
directory filehandles to be provided on lock operations, otherwise locking
crashes the filesystem. Hence this change brings back filehandles for
lock operations on directories.
C99, Sec. 7.19.6.1 `The fprintf function', paragraph 13, p. 281:
(Recommended practice)
For e, E, f, F, g, and G conversions, if the number of significant
decimal digits is at most DECIMAL_DIG, then the result should be
correctly rounded. If the number of significant decimal digits is
more than DECIMAL_DIG but the source value is exactly
representable with DECIMAL_DIG digits, then the result should be
an exact representation with trailing zeros. Otherwise, the
source value is bounded by two adjacent decimal strings L < U,
both having DECIMAL_DIG significant idgits; the value of the
resultant decimal string D should satisfy L <= D <= U, _with the
extra stipulation that the error should have a correct sign for
the current rounding direction_. [emphasis added]
The gdtoa code base already supports respecting the floating-point
rounding mode, as long as we compile it with Honor_FLT_ROUNDS
defined. However, for this to work, fegetround must be available in
libc, which it is not currently -- the fenv logic is in libm.
Fortunately, we don't have to move all of fenv from libm to libc --
programs that do not link against libm don't have fesetround, so the
rounding mode is always the default (barring asm shenanigans that
bypass the API -- tough). So use a weak reference to fegetround; by
default, assume FE_TONEAREST if it is not defined.
christos