Commit Graph

959 Commits

Author SHA1 Message Date
christos 4496cdcb87 toolify. 2018-08-16 12:03:10 +00:00
christos 143603fad0 Add nbotool stuff. 2018-08-11 16:25:32 +00:00
kamil a36fdb1010 Try to fix the evbppc-powerpc64 build
Avoid "comparison between signed and unsigned integer expressions" on
Big-Endian hosts.
2018-08-03 16:31:04 +00:00
kamil 7adf6ec6dd Register a new directory in common/lib/libc/misc
Registe misc/ with ubsan.c.
2018-08-03 03:35:17 +00:00
kamil aee9a63f2a Tidy up the comment in ubsan.c
As noted, style has no impact on the comparison of a similar code.
This version is a reimplementation from scratch with no code and no
algirithm (whenever possible) reuse.

Public symbols and struct layout must be kept in sync with the code
generation part. It casues violation of the style like with long filenames.

My previous comment was 'too perfect' and could trigger some unnecessary
attention.
2018-08-03 03:12:32 +00:00
kamil 9aff107674 Import micro-UBSan (ubsan.c)
This is a reimplementation of the Undefined Behavior Sanitizer with the
following properties:
 - pure and clean-room C implementation,
 - no -fsanitize=vpts support, as it requires RTTI support and C++
   low-level routies to validate whether C++ objects are compatible
 - designed to be used inside libc and known as uUBSan or user-UBSan
 - designed to be shared with kernel and known as kUBSan or kernel-UBSan
 - designed to be usable with ATF tests as a standalone runtime,
   reachable without any MK* switches
 - designed to be safer for hardening as it does not have side effects on
   executables like writing to a selected location on demand
 - controllable with environment variable LIBC_UBSAN with options:
   * a - abort on report
   * A - do not abort on a report (unless a failure is unrecoverable)
   * e - output report to stderr
   * E - do not output report on stderr
   * l - output report on syslog (LOG_DEBUG | LOG_USER)
   * L - do not output report on syslog
   * o - output report on stdout
   * O - do not output report on stdout
   The default options are: "AeLO".
 - compatible with Clang (3.8, 7.x) and GCC (6.x) code generation
 - all handlers (except =vptr) from Clang/LLVM up to 7svn are supported

Tested with Clang amd64+i386 and GCC amd64+i386.
2018-08-03 02:05:43 +00:00
ryo 82b677e373 strnlen(s, (size_t)-1) returned -1. it must return the length of s. 2018-08-01 17:09:26 +00:00
kamil 38a0dc974f Avoid undefined behavior in snprintb.c
Do not change the signedness bit with a left shift operation.
Switch to unsigned integer to prevent this.

snprintb.c:178:17, left shift of 1 by 31 places cannot be represented in type 'int'

Detected with micro-UBSan in the user mode.
2018-07-26 00:33:26 +00:00
kamil 4fb9e183e5 Avoid undefined behavior in an inet_addr.c
Do not change the signedness bit with a left shift operation.
Cast to unsigned integer to prevent this.

inet_addr.c:218:20, left shift of 131 by 24 places cannot be represented in type 'int'

Detected with micro-UBSan in the user mode.
2018-07-26 00:20:41 +00:00
kamil 4581cca75c Avoid undefined behavior in an cpuset.c
Do not change the signedness bit with a left shift operation.
Switch to unsigned integer to prevent this.

cpuset.c:112:18, left shift of 1 by 31 places cannot be represented in type 'int'

Detected with micro-UBSan in the user mode.
2018-07-26 00:13:19 +00:00
bouyer efd0e73e34 On Xen, always alias _atomic_cas_64 to _atomic_cas_cx8. AFAIK Xen doesn't
support CPUs that don't support cx8.
i386 XENPAE_DOMU boots again.
2018-07-18 13:39:36 +00:00
ryo 6c83813761 avoid reading from out of range that may cause access fault. 2018-07-09 06:07:06 +00:00
christos 3aee54a15e switch to FreeBSD's memmem (faster) 2018-07-08 17:53:12 +00:00
martin 23e81d3280 Complete previous by complteley removing the _DIAGASSERT from memmove -
the accidental left over from previous fired on all legitimate calls
and caused PR bin/52986 and PR lib/52987.
2018-02-12 11:14:15 +00:00
mrg 240c43e6ba - remove two more _DIAGASSERT() checks against not NULL for functions
with arguments with nonnull attributes.  in two cases, leave
  code behind that should set defaults to "(null)".
2018-02-06 09:28:48 +00:00
skrll b07568df9e Working / new versions from Ryo Shimizu 2018-02-04 21:52:16 +00:00
mrg 51502cf62d updates for GCC 6.4:
- remove many _DIAGASSERT() checks against not NULL for functions
  with arguments with nonnull attributes.  (probably more to come,
  the set between x86 and sparc us disjoint.)

- port libsanitizer's GetPcSpBp() to sparc, sparc64 and amd64.
2018-02-04 20:22:17 +00:00
mrg 8fdd01b3ee fixes for GCC 6:
- -Wstrict-prototypes is not available for C++, so don't try to
  ignore it for C++.
- remove many _DIAGASSERT() checks against not NULL for functions
  with arguments with nonnull attributes.  in two cases, leave
  code behind that should set defaults to "(null)".
- use -Wno-error=frame-address for i386 mcount, as it seems valid
  to assume the caller will have a frame.fair
2018-02-04 01:13:45 +00:00
kamil c5b83981a9 Add bunch of missing includes of namespace.h in libc
The NetBSD Standard C Library uses internally some of its functions with
a mangled symbol name, usually "_symbol". The internal functions shall not
use the global (public) symbols.

This change eliminates usage of the global changes of the following symbols:
 - strlcat -> _strlcat
 - sysconf -> __sysconf
 - closedir -> _closedir
 - fparseln -> _fparseln
 - kill -> _kill
 - mkstemp -> _mkstemp
 - reallocarr -> _reallocarr
 - strcasecmp -> _strcasecmp
 - strncasecmp -> _strncasecmp
 - strptime -> _strptime
 - strtok_r -> _strtok_r
 - sysctl -> _sysctl
 - dlopen -> __dlopen
 - dlclose -> __dlclose
 - dlsym -> __dlsym

Sponsored by <The NetBSD Foundation>
2018-01-04 20:57:28 +00:00
riastradh 969998948d Import SHA-3 code into libc and libkern.
No new public symbols in libc, but publishing the symbols is a simple
matter if/when we decide to do so.

Proposed on tech-kern and tech-userlevel with no objections:

https://mail-index.NetBSD.org/tech-kern/2017/11/11/msg022581.html
https://mail-index.NetBSD.org/tech-userlevel/2017/11/11/msg010968.html
2017-11-30 05:47:24 +00:00
tsutsui 6dd94d2a84 Restore a local change (in rev1.4) that was lost on zlib 1.12.10 merge.
The rev 1.4 changelog:
> Disable a sanity check output buffer != NULL in _STANDALONE case.
> Some kernels are loaded at address 0x0 by bootloaders and
> output buffer address could be zero in such case.
>
> Fixes "read text" errors on loading install floppy of NetBSD/news68k 4.0,
> reported by KIYOHARA Takashi on port-news68k.

This problem may also affect other m68k ports which use a gzipped install
kernel and kernel text address located at PA 0x0.

Should be pulled up to netbsd-8.
2017-11-12 07:55:05 +00:00
wiz aa4b308c77 Simplify, and comment out xrefs to non-existing pages. 2017-10-23 00:59:44 +00:00
abhinav bc341be216 Remove comma after last Nm entry in the NAME section 2017-10-22 15:34:13 +00:00
ryo 40a86c4b50 doesn't work new format 'F' with a strings of length 1, or a string beginning with 'F' 2017-10-14 18:41:41 +00:00
ryo 782b3eac39 * aarch64/memset.S didn't work! fixed some bugs.
* maximum size of DCZID_EL0:BS (2048) supported.
2017-08-29 15:00:23 +00:00
ryo f8d7b48458 aarch64/strlen.S didn't work. fixed some bugs. 2017-08-22 06:45:07 +00:00
joerg d88dcd0fdc Fix ISO C compliance: strtol of "0xX" should give the largest valid
numeric prefix, which is 0.
2017-07-06 21:08:44 +00:00
skrll 1c01928083 Comment alignment. No functional change. 2017-04-13 07:49:52 +00:00
njoly 656b88f2b5 Fix commas in NAME section. 2017-03-07 19:10:07 +00:00
joerg 6fbd2a0be4 Switch from __ABICALLS__ to __mips_abicalls like upstream GCC does in
the generic MIPS target logic.
2017-02-25 21:16:50 +00:00
abhinav b9a7c39267 Add entry for prop_ingest in the NAME section. 2017-02-12 16:18:48 +00:00
abhinav 3ed54b8d62 Use .Fn to refer a function name instead of Nm.
Also, use Xr to refer problib(3) in the HISTORY section instead of Nm.

While parsing the man pages, any .Nm occurrence gets replaced by the
value specified in the NAME section. Referencing individual function
names with .Nm was causing makemandb(8) to replicate the complete
NAME section for every such occurrence. This was leading to an
ugly looking snippet in apropos(1)'s output when searched for
any of these man pages.
2017-02-12 16:00:53 +00:00
pgoyette accf810fc9 Add the *_size() variants to the .Nm list so it will be found by
apropos(1).

While here, reorder the function lists to improve readability.
2017-02-05 00:47:33 +00:00
wiz 4cb81f1b9d Use just the right amount of commas. 2017-02-04 23:32:43 +00:00
christos 0d0d359801 call the proper size functions 2017-01-29 02:29:06 +00:00
christos fc9eacac98 missing brace 2017-01-29 02:07:57 +00:00
christos b87b6dbc49 fix args 2017-01-29 02:07:44 +00:00
pgoyette 7a4cf709e4 Update for the new *_size() functions recently added. Mention the
implicit size limit (128KB) for the functions which do not take an
explicit limit argument.
2017-01-29 01:38:02 +00:00
christos d185461508 add sized versions of the copyin ioctls 2017-01-29 00:16:42 +00:00
christos de9e5b2f0e add sized versions of the copyin ioctls. 2017-01-29 00:16:19 +00:00
wiz 7d1bc67258 Sort errors. 2017-01-15 22:14:22 +00:00
pgoyette 4545115c63 Document E2BIG error when copying a large object. 2017-01-15 21:42:09 +00:00
christos 0c925f5c13 bump to 128K (because of npf large rules) and return E2BIG. 2017-01-15 18:15:45 +00:00
christos 7b9289ca62 fix standalone 2017-01-14 04:54:42 +00:00
christos 2663d7ef18 fix standalone 2017-01-14 04:53:25 +00:00
christos 8787f9ad9e fix rump 2017-01-14 03:35:21 +00:00
christos 53daaf6b96 fix weak symbols. More work needs to be done for memcpy/strlen etc. 2017-01-14 03:00:13 +00:00
christos 7602642e76 No need to include namespace.h; no other assembly code does. 2017-01-13 13:14:54 +00:00
christos 9616dacfef mark parameter as unused. 2017-01-10 23:06:06 +00:00
christos 6db8c6e988 merge conflicts 2017-01-10 01:27:41 +00:00