built with clang. When these are defined the lists are defined similar to:
asm(".section .ctors");
STATIC func_ptr __CTOR_LIST__[1] = { (func_ptr) (-1) };
asm(".section .dtors");
STATIC func_ptr __DTOR_LIST__[1] = { (func_ptr) (-1) };
The problem is clang will move the two arrays out of the .ctors and .dtors
sections causing these sections to contain a single null address. By not
defining these macros we use the version of the code that places the arrays
is their sections by using __attribute__((section(".ctors"))) and similar
for .dtors.
Submitted by: Daisuke Aoyama <aoyama AT peach.ne.jp>
included various upstreamed patches from the FreeBSD base to make OpenBSM
compile more easily with bmake, higher warning levels, clang, and several
other loose ends.
Obtained from: TrustedBSD Project
Security Fixes
Prevents named from aborting with a require assertion failure
on servers with DNS64 enabled. These crashes might occur as a
result of specific queries that are received.
New Features
* Elliptic Curve Digital Signature Algorithm keys and signatures in
DNSSEC are now supported per RFC 6605. [RT #21918]
Feature Changes
* Improves OpenSSL error logging [RT #29932]
* nslookup now returns a nonzero exit code when it is unable to get
an answer. [RT #29492]
Other critical bug fixes are included.
Approved by: delphij (mentor)
MFC after: 3 days
Security: CVE-2012-5688
Sponsored by: DK Hostmaster A/S
share/mk/sys.mk instead.
This is part of a medium term project to permit deterministic builds of
FreeBSD.
Submitted by: Erik Cederstrand <erik@cederstrand.dk>
Reviewed by: imp, toolchain@
Approved by: cperciva
MFC after: 2 weeks
When using libc++ headers on FreeBSD, in combination with -std=c++98,
-ansi or -std=c++03, the long long type is not supported. So in this
case, several functions and types, like lldiv_t, strtoll(), are not
declared.
This should make it possible to use the libc++ headers in c++98 mode.
Note: libc++ is originally designed as a c++0x or higher library, so you
should still take care when using it with c++98 or c++03.
Noted by: Yamaya Takashi <yamayan@kbh.biglobe.ne.jp>
MFC after: 1 week
This improves GDB usability when debugging code compiled with
optimization.
Upstream GDB revision f0031b6d3ae9b164b3747986ab898190bd4dcf8c (prior
to GDB's switch to GPLv3), with frame_debug_got_null_frame expanded
inline.
| 2004-12-12 Andrew Cagney <cagney@gnu.org>
|
| * frame.c (get_prev_frame): When unwinding normal frames, check
| that the PC isn't zero.
Sponsored by: ADARA Networks
MFC After: 1 month
X86: fcmov doesn't handle all possible EFLAGS, fall back to a branch
for the others.
Otherwise it will try to use SSE patterns and fail horribly if sse is
disabled.
Fixes PR14035.
This should fix the following assertion failure:
Assertion failed: (Reg >= X86::FP0 && Reg <= X86::FP6 && "Expected FP
register!"), function getFPReg, file
contrib/llvm/lib/Target/X86/X86FloatingPoint.cpp, line 330.
which can show up when compiling contrib/compiler-rt, using -march=i686
through -march=pentium3 (CPU's which do support fcmov, but don't support
SSE2).
MFC after: 1 week
Add a new warning -Wmissing-variable-declarations, to warn about variables
defined without a previous declaration. This is similar to
-Wmissing-prototypes, but for variables instead of functions.
Make sure always-inline functions get inlined. <rdar://problem/12423986>
Without this change, when the estimated cost for inlining a function with
an "alwaysinline" attribute was lower than the inlining threshold, the
getInlineCost function was returning that estimated cost rather than the
special InlineCost::AlwaysInlineCost value. That is fine in the normal
inlining case, but it can fail when the inliner considers the opportunity
cost of inlining into an internal or linkonce-odr function. It may decide
not to inline the always-inline function in that case. The fix here is just
to make getInlineCost always return the special value for always-inline
functions. I ran into this building clang with libc++. Tablegen failed to
link because of an always-inline function that was not inlined. I have been
unable to reduce the testcase down to a reasonable size.
This should fix the link errors that were reported when atf-run was
compiled with clang -stdlib=libc++. In this case, at -O3 optimization,
some calls to basic_ios::clear() were not inlined, even when the
function was marked __always_inline__.
Reported by: Jan Beich <jbeich@tormail.org>
MFC after: 1 week
when building other C++ software with it. Also fix one actual bug in
libsupc++, which was exposed by such a warning. This latter fix is the
only functional change.
MFC after: 1 week
this has many visibility problems fixed, which should help with
compiling certain ports that exercise C++11 mode (i.e. Firefox).
Also, belatedly add the LICENSE.TXT and accompanying CREDITS.TXT files,
which are referred to in all the source files.
MFC after: 1 month
X86: Disable long nops for all cpus prior to pentiumpro/i686.
This is the safest approach for now. If you think long nops matter a
lot for performance, compile with -march=i686 or higher. :)
MFC after: 3 days
This adds two features:
* uid_from_user() and gid_from_group() as the reverse of user_from_uid()
and groups_from_gid().
* pwcache_userdb() and pwcache_groupdb() which allow alternative lookup
functions to be used. For example lookups from passwd and group
databases in a non-standard location.
When creating MCAsmBackend pass the CPU string as well. In X86AsmBackend
store this and use it to not emit long nops when the CPU is geode which
doesnt support them.
Fixes PR11212.
Pull in r164133 from upstream clang trunk:
Follow up on llvm r164132.
This should prevent illegal instructions when building world on Geode
CPUs (e.g. Soekris).
MFC after: 3 days
Prevents a lockup when queried a deliberately constructed combination
of records. [CVE-2012-5166]
For more information: https://kb.isc.org/article/AA-00801
doesn't mean supporting IFT_PFSYNC (which I hope will eventually
die). This means decoding packets with IP protocol of 240 caught
on any normal interface like Ethernet.
The code is based on couple of files from OpenBSD, significantly
modified by myself.
Parser differentiates for four levels of verbosity: no -v, -v,
-vv and -vvv.
We don't yet forward this code upstream, because currently it
strongly relies on if_pfsync.h and even on pfvar.h. I hope that
this can be fixed in future.
Reviewed by: gnn, delphij
- Set IP_RECVDSTADDR sockopt on the socket only in case if
it is INADDR_ANY bound.
- Supply IP_SENDSRCADDR control message only if we did receive
IP_RECVDSTADDR control message.
This fixes operation of snmpd bound to a specific local IP address.
PR: bin/171279
Prevents a crash when queried for a record whose RDATA exceeds
65535 bytes.
Prevents a crash when validating caused by using "Bad cache" data
before it has been initialized.
ISC_QUEUE handling for recursive clients was updated to address
a race condition that could cause a memory leak. This rarely
occurred with UDP clients, but could be a significant problem
for a server handling a steady rate of TCP queries.
A condition has been corrected where improper handling of
zero-length RDATA could cause undesirable behavior, including
termination of the named process.
For more information: https://kb.isc.org/article/AA-00788
X86: Emitting x87 fsin/fcos for sinf/cosf is not safe without unsafe
fp math.
This should make clang emit calls to libm for sinf/cosf by default.
MFC after: 1 week
reside, and move there ipfw(4) and pf(4).
o Move most modified parts of pf out of contrib.
Actual movements:
sys/contrib/pf/net/*.c -> sys/netpfil/pf/
sys/contrib/pf/net/*.h -> sys/net/
contrib/pf/pfctl/*.c -> sbin/pfctl
contrib/pf/pfctl/*.h -> sbin/pfctl
contrib/pf/pfctl/pfctl.8 -> sbin/pfctl
contrib/pf/pfctl/*.4 -> share/man/man4
contrib/pf/pfctl/*.5 -> share/man/man5
sys/netinet/ipfw -> sys/netpfil/ipfw
The arguable movement is pf/net/*.h -> sys/net. There are
future plans to refactor pf includes, so I decided not to
break things twice.
Not modified bits of pf left in contrib: authpf, ftp-proxy,
tftp-proxy, pflogd.
The ipfw(4) movement is planned to be merged to stable/9,
to make head and stable match.
Discussed with: bz, luigi
- Pacific/Fiji will go into DST from 21 October 2012 till 20 January 2013.
- Fix offset for Pacific/Tokelau.
- Gaza and West Bank had DST from 29 March to 28 September 2012.
- Syria has DST from April till October
- Morocco had DST from April to September 2012 except for 20 July to 20 August.
- Cuba changed to DST from 1 April 2012 only.
- Haiti has DST between 8 March and 1 November in 2012.
Obtained from: ftp://ftp.iana.org/tz/releases/
IP_SENDSRCADDR control with datagram message we reply with. This makes
bsnmpd reply from exactly same address that request was sent to, thus
successfully bypassing stateful firewalls or other kinds of strict checking.
PR: bin/171279
from the control message, actually never worked. This means check_priv()
didn't work for local dgram sockets.
The SCM_CREDS control messages is received only in two cases:
1) If we did setsockopt(LOCAL_CREDS) on our socket, and in this case
the message is struct sockcred.
2) If sender did supplied SCM_CREDS control message in his sendmsg()
syscall. In this case the message is struct cmsgcred.
We can't rely on 2), so we will use 1) for dgram sockets. For stream
sockets it is more reliable to obtain accept-time credentials, since
SCM_CREDS control message is attached only on first read. Thus:
o Do setsockopt(LOCAL_CREDS) on local dgram sockets.
o Split check_priv() into check_priv_stream() and check_priv_dgram(),
and call them from recv_stream() and recv_dgram() respectively.
o Don't provide space for SCM_CREDS control message in recv_stream().
o Provide space for SCM_CREDS control message in recv_dgram(), but there
is no need to initialize anything in it.
o In recv_dgram() do not blindly expect that first message is SCM_CREDS,
instead use correct search cycle through control messages.
encounters a DT_RUNPATH entry, the global dynamic_info[] array is
overrun, causing some other global variable to be overwritten.
In my testcase, this was the section_headers variable, leading to
segfaults or jemalloc assertions when it was freed later on.
Thanks to Koop Mast for providing samples of a few "bad" .so files.
MFC after: 1 week
Merge existing attributes before processing pragmas in friend template
declarations.
Fixes pr13662.
This should help when building Firefox with libc++.
Magic tests containing "search" or "regex" directives were incorrectly
compiled by "mkmagic" and were effectively ignored. This caused troff
files (for example) to be detected as simply "ASCII text" instead of
as "troff or preprocessor input, ASCII text".
PR: bin/170415
Approved by: consensus on developers@
MFC after: 3 days
r238211:
Support TARGET_ARCH=armv6 and TARGET_ARCH=armv6eb
This adds a new TARGET_ARCH for building on ARM
processors that support the ARMv6K multiprocessor
extensions. In particular, these processors have
better support for TLS and mutex operations.
This mostly touches a lot of Makefiles to extend
existing patterns for inferring CPUARCH from ARCH.
It also configures:
* GCC to default to arm1176jz-s
* GCC to predefine __FreeBSD_ARCH_armv6__
* gas to default to ARM_ARCH_V6K
* uname -p to return 'armv6'
* make so that MACHINE_ARCH defaults to 'armv6'
It also changes a number of headers to use
the compiler __ARM_ARCH_XXX__ macros to configure
processor-specific support routines.
Submitted by: Tim Kientzle <kientzle@freebsd.org>
folding to 64 bits, while SHA1 code is big endian. Therefore, a bswap32
is required before using the value.
Without this change, the implementation does not conform to test vector
found in RFC 2289.
PR: bin/170519
Submitted by: Arthur Mesh <arthurmesh gmail com> (with changes)
MFC after: 1 week
This is mostly a no-op other than for ARM where it adds missing
__aeabi_mem* and __aeabi_*divmod functions. Even on ARM these will remain
unused until the rest of the ARM EABI code is merged.
unused -g, -emit-llvm or -w arguments when doing linking. E.g. invoking
"clang -g foo.o -o foo" will now be silent.
Reported by: Jakub Lach <jakub_lach@mailplus.pl>
MFC after: 1 week
in BIND9
High numbers of queries with DNSSEC validation enabled can cause an
assertion failure in named, caused by using a "bad cache" data structure
before it has been initialized.
CVE: CVE-2012-3817
Posting date: 24 July, 2012
including the include directive.
Fix minor build issue corrected by converting yypush_buffer_state and
yypop_buffer_state to yy_set_buffer_state and a hard-coded 100-deep
stack. It was easier to fix it here than to import that support into
our flex.
The new tools and test hardness remain unsupported at the moment.
desired, one can turn off the generation of post-ELF standard dtags by
overriding it with --disable-new-dtags after the default switch.
Immediate effect of the change is that -rpath path is now stored both
in DT_RPATH and DT_RUNPATH tags, which is the right way to provide
rpath for dynamic linker supporting DT_RUNPATH per specification.
Reviewed by: kan
MFC after: 1 month
When marking virtual functions as used for a class' vtable, mark all functions
which will appear in the vtable as used, not just those ones which were
declared within the class itself. Fixes an issue reported as comment#3 in
PR12763 -- we sometimes assert in codegen if we try to emit a reference to a
function declaration which we've not marked as referenced. This also matches
gcc's observed behavior.
This should fix clang assertions when building certain components of the
LibreOffice port.
MFC after: 3 days
adding appropriate table entries, the assembler had to be adjusted as
these are the first non-SSE instructions to use a 3-byte opcode (and a
mandatory prefix to boot).
MFC after: 1 month
instructions. I reimplemented this from scratch based on the Intel
manuals and the existing support for handling the fxsave and fxrstor
instructions. This will let us use these instructions natively with GCC
rather than hardcoding the opcodes in hex.
Reviewed by: kib
MFC after: 1 month
usage on hosts using ZFS. The new line displays the total amount of RAM
used by the ARC along with the size of MFU, MRU, anonymous (in flight),
headers, and other (miscellaneous) sub-categories. The line is not
displayed on systems that are not using ZFS.
Reviewed by: avg, fs@
MFC after: 3 days
The GCC4.3 branch contains some optimization fixes
that were not considered regressions and therefore
were never backported. We are bringing a couple of
them that are under GPLv2 since they were made
before the license switch upstream.
While here, add the GCC revision numbers in the
log.
Discussed with: jkim
MFC after: 1 week
The patches are unexpectedly causing gcc to fail while
building ports/graphics/ImageMagick even when the cpu
flags are not used.
Reported by: Andreas Tobler
Initial support for the AMD barcelona chipsets has been available in the
gcc43 branch under GPLv2 but was not included when the Core 2 support
was brought to the system gcc.
AMD and some linux distributions (OpenSUSE) did a backport of the amdfam10
support and made them available. Unfortunately this is still experimental
and while it can improve performance, enabling the CPUTYPE may break some
C++ ports (like clang).
Special care was taken to make sure that the patches predate the GPLv3
switch upstream.
Tested by: Vladimir Kushnir
Reviewed by: mm
Approved by: jhb (mentor)
MFC after: 2 weeks
Modified Fri Jul 10 07:44:34 2009 CDT by rafael
backport part of
http://gcc.gnu.org/ml/gcc-cvs/2007-10/msg00118.html
The patch is for libstdc++ and it was GPL2 at the time.
Modified Tue Apr 29 01:20:19 2008 CDT by asl
Backport from mainline (pre-GPLv3).
Fix for sizeof(const void*) > sizeof(unsigned long).
Approved by: jhb (mentor)
MFC after: 2 weeks
a critical bugfix:
Processing of DNS resource records where the rdata field is zero length
may cause various issues for the servers handling them.
Processing of these records may lead to unexpected outcomes. Recursive
servers may crash or disclose some portion of memory to the client.
Secondary servers may crash on restart after transferring a zone
containing these records. Master servers may corrupt zone data if the
zone option "auto-dnssec" is set to "maintain". Other unexpected
problems that are not listed here may also be encountered.
All BIND users are strongly encouraged to upgrade.
Allow unique_file to take a mode for file permissions, but default
to user only read/write.
and r156592 from upstream clang trunk:
For final output files create them with mode 0664 to match other
compilers and expected defaults.
This should fix clang creating files with mode 0600.
Reported by: James <james@hicag.org>
MFC after: 3 days
Feature Change
* BIND now recognizes the TLSA resource record type, created to
support IETF DANE (DNS-based Authentication of Named Entities)
Bug Fix
* The locking strategy around the handling of iterative queries
has been tuned to reduce unnecessary contention in a multi-
threaded environment.
Other critical bug fixes are included.
All BIND users are encouraged to upgrade.
Revert r115805. An array type is required to have a range type,
however, the range can be unknown for the upper bound.
Testcase to follow.
Part of rdar://11457152
This should fix ctfconvert producing error messages during kernel
builds, similar to:
ERROR: scsi_all.c: die 24561: failed to retrieve array bounds
These were caused by incorrect debug information for flexible array
members of structs.
MFC after: 3 days
bison, keeping full compatibility with our previous yacc implementation.
Also bring the ability to create reentrant parser
This fix bin/140309 [1]
PR: bin/140309 [1]
Submitted by: Philippe Pepiot <ksh@philpep.org> [1]
Approved by: des (mentor)
MFC after: 1 month
the GCC 4.1 branch and are available under GPLv2.
2007-11-07 Eric Botcazou <ebotcazou@libertysurf.fr>
PR rtl-optimization/33822
* rtl.h (REG_OFFSET): Fix comment.
* var-tracking.c (INT_MEM_OFFSET): New macro.
(var_mem_set): Use it.
(var_mem_delete_and_set): Likewise.
(var_mem_delete): Likewise.
(vt_get_decl_and_offset): Likewise.
(offset_valid_for_tracked_p): New predicate.
(count_uses): Do not track locations with invalid offsets.
(add_uses): Likewise.
(add_stores): Likewise.
http://gcc.gnu.org/viewcvs?root=gcc&view=rev&rev=129972
2007-11-16 Richard Guenther <rguenther@suse.de>
PR middle-end/34030
* fold-const.c (fold_binary): Use correct types for folding
1 << X & Y to Y >> X & 1.
http://gcc.gnu.org/viewcvs?root=gcc&view=rev&rev=130242
2008-01-14 Eric Botcazou <ebotcazou@adacore.com>
PR rtl-optimization/31944
* cse.c (remove_pseudo_from_table): New function.
(merge_equiv_classes): Use above function to remove pseudo-registers.
(invalidate): Likewise
http://gcc.gnu.org/viewcvs?root=gcc&view=rev&rev=131524
2008-01-24 Kaveh R. Ghazi <ghazi@caip.rutgers.edu>
Backport:
2007-11-07 Kenneth Zadeck <zadeck@naturalbridge.com>
PR middle-end/33826
* ipa-pure-const (static_execute): Added code to keep recursive
functions from being marked as pure or const.
* ipa-utils (searchc): Fixed comment.
http://gcc.gnu.org/viewcvs?root=gcc&view=rev&rev=131807
2008-02-01 Kaveh R. Ghazi <ghazi@caip.rutgers.edu>
Backport:
2007-08-02 Nathan Froyd <froydnj@codesourcery.com>
PR middle-end/25445
* varasm.c (default_binds_local_p_1): Consult flag_whole_program
if we are compiling with -fPIC.
http://gcc.gnu.org/viewcvs?root=gcc&view=rev&rev=132061
2008-02-04 Richard Guenther <rguenther@suse.de>
PR middle-end/33631
* expr.c (count_type_elements): Give for unions instead of
guessing.
http://gcc.gnu.org/viewcvs?root=gcc&view=rev&rev=132101
2008-02-14 Alan Modra <amodra@bigpond.net.au>
PR target/34393
* config/rs6000/rs6000.md (restore_stack_block): Force operands[1]
to a reg.
http://gcc.gnu.org/viewcvs?root=gcc&view=rev&rev=132309
2008-03-25 Richard Guenther <rguenther@suse.de>
Backport from mainline:
2008-02-12 Richard Guenther <rguenther@suse.de>
PR middle-end/35163
* fold-const.c (fold_widened_comparison): Use get_unwidened in
value-preserving mode. Disallow final truncation.
http://gcc.gnu.org/viewcvs?root=gcc&view=rev&rev=133509
2008-11-30 Eric Botcazou <ebotcazou@adacore.com>
PR target/38287
* config/sparc/sparc.md (divsi3 expander): Remove constraints.
(divsi3_sp32): Add new alternative with 'K' for operand #2.
(cmp_sdiv_cc_set): Factor common string.
(udivsi3_sp32): Add new alternative with 'K' for operand #2.
Add TARGET_V9 case.
(cmp_udiv_cc_set): Factor common string.
http://gcc.gnu.org/viewcvs?root=gcc&view=rev&rev=142298
Reviewed by: mm
Approved by: jhb (mentor)
MFC after: 1 week
compiler frame size used there so this whole thing is V8/V9-agnostic.
- Use 32-bit function alignment as GCC does when using UltraSPARC I or
higher optimizations.
- Don't waste delay slots when possible.
Unfortunately, this still doesn't make libcompiler_rt a viable replacement
for libgcc on sparc64 though as once installed instead, buildworld times
increase by nearly 60% (which isn't related to these assembler functions).
sometimes disappear from the resulting object file, if compiled with
clang. In particular, this can lead to errors when building world with
clang and -g, similar to:
/usr/obj/usr/src/tmp/usr/lib/libc.so: undefined reference to `_malloc_options'
Reported by: Conrad J. Sabatier <conrads@.no.cox.net>
Reviewed by: jasone
prior to 3.0.0 release). This fixes several bugs related to memory
initialization.
Mangle __jemalloc_a0{malloc,calloc,free}() just like all the other
library-internal symbols in jemalloc, and adjust the tls allocation code
in libc to use the mangled names.
prior to 3.0.0 release) as contrib/jemalloc, and integrate it into libc.
The code being imported by this commit diverged from
lib/libc/stdlib/malloc.c in March 2010, which means that a portion of
the jemalloc 1.0.0 ChangeLog entries are relevant, as are the entries
for all subsequent releases.
we can free it later, instead of trying to free a pointer that points
to the end of the buffer.
Committed to head because this code no longer exists upstream.
Submitted by: jasone@
leak when iterating over possible audit trail directories. This fix will
be merged upstream in an identical form, but hasn't yet appeared in an
OpenBSM release.
Submitted by: guido
Obtained from: TrustedBSD Project
MFC after: 3 days
The fix is similar to the one applied in GCC-4.3 in
GCCSVN-r117929 under the GPLv2.
Submitted by: Andrey Simonenko
Reviewed by: mm
Approved by: jhb (mentor)
MFC after: 3 days
- Updates to various locations in Antarctica.
- Armenia will abolish DST this year.
- Not only Samoa has moved to UTC+14, also Fakaofo did.
- There will be a leap second in 30 June 2012.
- Historical updates of 1918 to Canada, Winn, Regina, Edm, Vanc, Creston.
- Chili stays on DST until 28 April 2012
- The Falkland islands will stay on DST this year.
Unfortunately, the ABI was broken upstream for the 4.2 release, which we
imported. We then shipped the broken version for several years and certain
ports (e.g. libobjc2) depend on it, so we're stuck with it for now...
We should revisit this for 10.0, since we're allowed to break the ABI then, but
until then we should keep the ABI we shipped with 8.x and 9.x.
Reviewed by: kan
Approved by: dim (mentor)
MFC after: 1 week
several new kerberos related libraries and applications to FreeBSD:
o kgetcred(1) allows one to manually get a ticket for a particular service.
o kf(1) securily forwards ticket to another host through an authenticated
and encrypted stream.
o kcc(1) is an umbrella program around klist(1), kswitch(1), kgetcred(1)
and other user kerberos operations. klist and kswitch are just symlinks
to kcc(1) now.
o kswitch(1) allows you to easily switch between kerberos credentials if
you're running KCM.
o hxtool(1) is a certificate management tool to use with PKINIT.
o string2key(1) maps a password into key.
o kdigest(8) is a userland tool to access the KDC's digest interface.
o kimpersonate(8) creates a "fake" ticket for a service.
We also now install manpages for some lirbaries that were not installed
before, libheimntlm and libhx509.
- The new HEIMDAL version no longer supports Kerberos 4. All users are
recommended to switch to Kerberos 5.
- Weak ciphers are now disabled by default. To enable DES support (used
by telnet(8)), use "allow_weak_crypto" option in krb5.conf.
- libtelnet, pam_ksu and pam_krb5 are now compiled with error on warnings
disabled due to the function they use (krb5_get_err_text(3)) being
deprecated. I plan to work on this next.
- Heimdal's KDC now require sqlite to operate. We use the bundled version
and install it as libheimsqlite. If some other FreeBSD components will
require it in the future we can rename it to libbsdsqlite and use for these
components as well.
- This is not a latest Heimdal version, the new one was released while I was
working on the update. I will update it to 1.5.2 soon, as it fixes some
important bugs and security issues.
the following warning produced by clang trunk:
In file included from /usr/src/sbin/devd/devd.cc:91:
In file included from /usr/obj/usr/src/tmp/usr/include/c++/4.2/map:64:
/usr/obj/usr/src/tmp/usr/include/c++/4.2/bits/stl_tree.h:987:2: error: add explicit braces to avoid dangling else [-Werror,-Wdangling-else]
else
^
MFC after: 3 days
Make our handling of MMX x SSE closer to what gcc does:
* Enabling sse enables mmx.
* Disabling (-mno-mmx) mmx, doesn't disable sse (we got this right already).
* The order in not important. -msse -mno-mmx is the same as -mno-mmx -msse.
Some configure scripts depend on this.
PR: i386/165968
MFC after: 3 days
When ntp switched between PLL and FLL mode it produced a log message
"kernel time sync status change %04x". This issue is reported in ntp
bug 452[1] which claims that this behaviour is normal and the log
message isn't necessary. I'm not sure exactly when it was removed, but
it's gone in the latest ntp release (4.2.6p5).
[1] http://bugs.ntp.org/show_bug.cgi?id=452
Approved by: roberto
socket is used. The previous code structure assumed that AF_INET sockets
were always available, which is an invalid assumption on IPv6-only systems.
This merges the fololowing revisions from NetBSD:
src/usr.bin/ftp/main.c 1.120
src/usr.bin/ftp/util.c 1.156
PR: bin/162661
Tested by: bz
Obtained from: NetBSD
MFC after: 1 week
of arming timer and then pausing. If SIGALRM is delivered before pause(3)
is entered, top hangs.
Submitted by: Andrey Zonov <andrey zonov org>
MFC after: 1 week
Some of new features:
- New readers: RAR, LHA/LZH, CAB reader, 7-Zip
- New writers: ISO9660, XAR
- Improvements to many formats, especially including ISO9660 and Zip
- Stackable write filters to write, e.g., tar.gz.uu in a single pass
- Exploit seekable input; new "seekable" Zip reader can exploit the Zip
Central Directory when it's available; the old "streamable" Zip reader
is still fully supported for cases where seeking is not possible.
Full release notes available at:
https://github.com/libarchive/libarchive/wiki/ReleaseNotes
with SO_SETFIB to only tag the socket with the right FIB.
That way either setfib(1) or nc -V can be used depending on what wants to be
achieved. This also allows nc to be used for simple regression testing of
either feature.
Sponsored by: Cisco Systems, Inc.
but used by some Linux boot loaders). This option prints
out the directory holding the include files needed by
a freestanding program. The default implementation of
this doesn't work on FreeBSD because of the different
include file layout. But it's easy to implement:
just return /usr/include (or the cross-compiling equivalent).
Reviewed by: kan
MFC after: 1 week
Make sure the non-SSE lowering for fences correctly clobbers EFLAGS.
PR11768.
In particular, this fixes segfaults during the build of devel/icu on
i386. The __sync_synchronize() builtin used for implementing icu's
internal barrier could lead to incorrect behaviour.
MFC after: 3 days
This version is similar to the code shipped with libgcc. It is based on
the code from the SPARC64 architecture manual, provided without any
restrictions.
Tested by: flo@
SPARC and MIPS CPUs don't have special instructions to count
leading/trailing zeroes. The compiler-rt library provides fallback
rountines for these. The 64-bit routines, __clzdi2 and __ctzdi2, are
implemented as simple wrappers around the compiler built-in
__builtin_clz(), assuming these will expand to either 32-bit
CPU instructions or calls to __clzsi2 and __ctzsi2.
Unfortunately, our GCC 4.2 probably thinks that because the operand is
stored in a 64-bit register, it might just be a better idea to invoke
its 64-bit equivalent, simply resulting into endless recursion. Fix this
by defining __builtin_clz and __builtin_ctz to __clzsi2 and __ctzsi2
explicitly.
This switches us to using -isoC-2011 as the symbol name which is used by
groff and mdocml. It follows the change to 4 digit years as done with
IEEE Std 1003 post-1999.
MFC after: 2 weeks (groff changes only)
This version of libcompiler_rt adds support for __mulo[sdt]i4(), which
computes a multiply and its overflow flag. There are also a lot of
cleanup fixes to headers that don't really affect us.
Updating to this revision should make it a bit easier to contribute
changes back to the LLVM developers.
Vendor has integrated most of our local changes in revisions 3976-3979 so
future updates are going to be easier.
Thanks to Tim Kientzle <kientzle@FreeBSD.org>.
MFC after: 8 days
This library implements the C11 threads interface on top of the pthreads
library. As discussed on the lists, the preferred way to implement
this, is as a separate library.
It is unlikely that these functions will be used a lot in the future. It
would have been easier if the C11 working group standardized (a subset
of) pthreads and clock_nanosleep(). Having it as a separate library
allows the embedded people to omit it from their system.
Discussed on: arch@, threads@
Add an API for alerting internal libc routines to the presence of
"unsafe" paths post-chroot, and use it in ftpd. [11:07]
Fix a buffer overflow in telnetd. [11:08]
Make pam_ssh ignore unpassphrased keys unless the "nullok" option is
specified. [11:09]
Add sanity checking of service names in pam_start. [11:10]
Approved by: so (cperciva)
Approved by: re (bz)
Security: FreeBSD-SA-11:06.bind
Security: FreeBSD-SA-11:07.chroot
Security: FreeBSD-SA-11:08.telnetd
Security: FreeBSD-SA-11:09.pam_ssh
Security: FreeBSD-SA-11:10.pam
from the gcc 4.2 branch.
The libraries in the gcc-4_2-branch remained under the LGPLv2.
The changes can be reproduced with the following command:
svn diff svn://gcc.gnu.org/svn/gcc/branches/gcc-4_2-branch/libstdc++-v3
-r 127959:135556
Reviewed by: mm
Approved by: jhb (mentor)
MFC after: 2 weeks
r204111 (uqs):
Fix common misspelling of hierarchy
r211054 (kientzle);
Fix -R when used with -p. Previously, the
uname and gname weren't overwritten, so the
disk restore would use those to lookup the
original uid/gid again. Clearing the uname
and gname prevents this.
r212263 (gjb):
Fix typo in bsdcpio manual:
s/libarchive_formats/libarchive-formats
MFC after: 2 weeks
r204111 (uqs):
Fix common misspelling of hierarchy
r207786 (kientzle):
Various manpage updates, including many long-option synonyms that were
previously undocumented.
r208028 (uqs):
mdoc: move remaining sections into consistent order
This pertains mostly to FILES, HISTORY, EXIT STATUS and AUTHORS sections.
r209152 (kientzle):
If the compressed data is larger than the uncompressed,
report the compression ratio as 0% instead of displaying
nonsense triggered by numeric overflow. This is common
when dealing with uncompressed files when the I/O blocking
causes there to be small transient differences in the
accounting.
r210720 (joel):
Fix typos.
r223541 (kientzle):
If there is a read error reading Y/N confirmation from the keyboard,
exit immediately with an error.
If there is an error opening or reading a file to put into the archive,
set the return value for a deferred error exit.
r223573 (kientzle):
The --newer-than test should descend into old
directories to look for new files.
r226636 (kientzle):
Typo from previous commit. Urgh.
r224153 (mm, partial):
Update bsdtar.1 manpage
MFC after: 2 weeks
r204111 (uqs):
Fix common misspelling of hierarchy
r208027 (uqs):
mdoc: move CAVEATS, BUGS and SECURITY CONSIDERATIONS sections to the
bottom of the manpages and order them consistently.
GNU groff doesn't care about the ordering, and doesn't even mention
CAVEATS and SECURITY CONSIDERATIONS as common sections and where to put
them.
r208291 (uqs):
mdoc: consistently spell our email addresses <foo@FreeBSD.org>
r209031 (uqs):
mdoc nitpicking: the title argument shall be uppercase
r214822 (kientzle):
Clarify the naming: Methods that free an object should
be called "free". Retain the old "finish" names to preserve
source compatibility for now.
r214905 (kientzle):
If the Zip reader doesn't see a PK signature block
because there's inter-entry garbage, just scan forward
to find the next one. This allows us to handle a lot
of Zip archives that have been modified in-place.
Thanks to: Gleb Kurtsou for sending me a sample archive
r216258 (kientzle):
Don't write data into an empty "file."
In particular, this check avoids a warning when
extracting directory entries from certain GNU tar
archives that store directory contents.
r225525 (kientzle):
Fix cpio on ARM.
MFC after: 2 weeks
Add compatibility for ISO images created with unfixed makefs that
violated ECMA-119 (ISO9660): allow reserved4 to be 0x20 in PVD.
This allows tar to read FreeBSD distribution ISO images created
with makefs prior to NetBSD bin/45217 bugfix (up to 9.0-BETA1).
MFC after: 2 weeks
Backported from the gcc-4_3-branch, revision 118001,
under the GPLv2.
This issue was also fixed in Apple's gcc.
PR: 157025
Reviewed by: mm
Approved by: jhb (mentor)
MFC: 2 weeks
7.x, 8.x and 9.x with pf(4) imports: pfsync(4) should suppress CARP
preemption, while it is running its bulk update.
However, reimplement the feature in more elegant manner, that is
partially inspired by newer OpenBSD:
- Rename term "suppression" to "demotion", to match with OpenBSD.
- Keep a global demotion factor, that can be raised by several
conditions, for now these are:
- interface goes down
- carp(4) has problems with ip_output() or ip6_output()
- pfsync performs bulk update
- Unlike in OpenBSD the demotion factor isn't a counter, but
is actual value added to advskew. The adjustment values for
particular error conditions are also configurable, and their
defaults are maximum advskew value, so a single failure bumps
demotion to maximum. This is for POLA compatibility, and should
satisfy most users.
- Demotion factor is a writable sysctl, so user can do
foot shooting, if he desires to.
against icmp6_hdr::icmp6_type is done incorrectly. (This fix has
already been applied upstream, but we do not have the latest version of
tcpdump.)
MFC after: 1 week
without conversion warnings. This code desparately needs a good dose of
const poison, but fixing all the issues would be rather disruptive.
MFC after: 1 week
literals. Also, change the direction argument to move_rel() from char
to int; K&R function definions cause it to be promoted to an int anyway,
and this way we avoid clang warning about it.
MFC after: 1 week
__COUNTER__ allows one to obtain incrementing (read: unique) numbers
from the C preprocesor. This is useful when implementing things like a
robust implementation of CTASSERT(), which currently fails when using
it more than once on a single line of code. Probably not likely to cause
any breakage, but still.
__COUNTER__ was also added to GCC 4.3, but since that implementation is
GPLv3 licensed, I took the liberty of implementing it without looking at
any upstream sources. Therefore, this version is licensed under the same
license as the rest of the code; GPLv2.
attack vector against applications that allow the applicant to specify
which policy to apply.
Submitted by: Matthias Drochner <drochner@netbsd.org>
MFC after: 1 week
with clang, by removing two unneeded using declarations. Otherwise, you
would get errors similar to:
/usr/include/c++/4.2/debug/map.h:77:20: error: dependent using declaration resolved to type without 'typename'
using _Base::value_compare;
^
N.B.: Take care when you actually use the debug versions of any
libstdc++ header. They are more likely to contain problems, because
they are exercised far less often, and since the standard library
complexity guarantees don't always apply anymore, compile times can
drastically increase.
MFC after: 2 weeks
MK_LIBCPLUSPLUS=yes to enable). This is a work-in-progress. It works for
me, but is not guaranteed to work for anyone else and may eat your dog.
To build C++ using libc++, add -stdlib=libc++ to your CXX and LD flags.
Bug reports welcome, bug fixes even more welcome...
Approved by: dim (mentor)
load of _l suffixed versions of various standard library functions that use
the global locale, making them take an explicit locale parameter. Also
adds support for per-thread locales. This work was funded by the FreeBSD
Foundation.
Please test any code you have that uses the C standard locale functions!
Reviewed by: das (gdtoa changes)
Approved by: dim (mentor)
Fix the signature of the getcontext builtin, eliminating incorrect
warnings about its prototype.
This also adds a -W(no-)builtin-requires-header option, which can be
used to enable or disable warnings of this kind.
MFC after: 1 week
Mark the overloaded atomic builtins as having custom type checking,
which they do. This avoids all of the default argument promotions that
we (1) don't want, and (2) undo during that custom type checking, and
makes sure that we don't run into trouble during template
instantiation. Fixes llvm/clang PR11320.
MFC after: 1 week
Recursive name servers are failing with an assertion:
INSIST(! dns_rdataset_isassociated(sigrdataset))
At this time it is not thought that authoritative-only servers
are affected, but information about this bug is evolving rapidly.
Because it may be possible to trigger this bug even on networks
that do not allow untrusted users to access the recursive name
servers (perhaps via specially crafted e-mail messages, and/or
malicious web sites) it is recommended that ALL operators of
recursive name servers upgrade immediately.
For more information see:
https://www.isc.org/software/bind/advisories/cve-2011-tbd
which will be updated as more information becomes available.
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4313
declares the proper size of a function. Without this macro recent GNU as will
complain about with:
'Error: .size expression for main does not evaluate to a constant.'
Up to now we produce this:
.L.main:
....
.size main, .-main
With the macro defined the output is this:
.L.main:
....
.size main,.-.L.main
This affects only the 64-bit compiler.
Tested with world and kernel on both, 32 and 64-bit powerpc.
- Fiji will end DST on 22 January 2012.
- Moldova split into two timezones has been cancelled.
- Cuba will end DST on 13 November 2011
Obtained from: ftp://ftp.iana.org/tz/releases/
-march=native" on AMD K10 family processors no longer errors out with
"unknown target CPU 'amdfam10'". This also enables use of SSE4A.
Reported by: David Marec <david.marec@davenulle.org>
MFC after: 3 days
Europe:
- Pridnestrovian Moldavian Republic (PMR, also known as
"Pridnestrovie") has abolished seasonal clock change (no transition
to the Winter Time).
- The recent change to the Ukranian time zone (Europe/Kiev) to
introduce permanent daylight saving time (similar to Russia) was
reverted.
South America:
- Bahia: The President signed a decree that includes Bahia in summer
time.
zone.tab:
- Add Europe/Tiraspol Pridnestrovie
Obtained from: ftp://ftp.iana.org/tz/releases/
Changes in 2011i:
Africa
- Added South Sudan: Africa/Juba
Australasia:
- Samoa will go forward 24 hours at 30 December 2011 to better match
the day of the week with its neighbours.
Europe:
- Europe/Kaliningrad will have the timezone KALT.
North America:
- Updates to Metlakatla historical data
- Newfoundland, Labrador and Resolute will do something which I
can't figure out.
iso3166tab;
- Add SS for South Sudan.
Changes in 2011j:
- Samoa will go from 29 December 23:59:59 to 31 December 00:00:00.
- Samoa DST will end on 1 April 2012
Changes in 2011k:
- Gaza / West Bank goes back to standard time on 02 August 2011.
- West Bank went bac kto DST on 30 August 2011.
- Lots of changes in Minsk (GMT+3 without DST) and other Russian
regions. A new timezone has been created for them, FET: Further-eastern
European Time aka GMT+3.
- Add Asian/Hebron to the zone.tab file.
Changes in 2011l:
- West Bank came out of DST on 30 September 2011.
- Fiji will g oin DST on 23 October and out of it on 26 Februari
- State Bahia might go back to DST in 16 October 2011
Due to legal problems, ado and Paul Eggert have to temporary suspend
their work on the timezone database
(http://thread.gmane.org/gmane.comp.time.tz/4133). Their work has
been continued by volunteers on the tz community and the hosting
of the data files is done by Robert Elz at ftp://munnari.oz.au/pub/.
Obtained from: ftp://munnari.oz.au/pub, ftp://elsie.nci.nih.gov/pub/
too-thorough cleanup of unused files, in r213695. Also make sure these
get installed under /usr/share/doc.
Submitted by: rwatson, brooks
Pointy hat to: dim
MFC after: 3 days
which is less likely to block a remote system from boot.
Submitted by: Garrett Cooper <yanegomi@gmail.com>
PR: doc/160775
MFC after: 1 month
Approved by: re (kib)
as anonymous namespaces are local to the current translation.
GCC PR: c++/33094
Reviewed by: uqs
Approved by: re (kib)
Obtained from: gcc (branches/redhat/gcc-4_1-branch, rev. 129554, GPLv2)
MFC after: 1 week
to the maximum number of CPUs to ensure that lcpustates[] array is always
allocated to the maximum size. Previously, if top was started without
per-CPU stats it would allocate a smaller lcpustates[] array. When
per-CPU stats were then enabled, it would overflow the array and trash
the cpustates_columns[] array causing the CPU stats to be printed in the
wrong locations.
Approved by: re (kib)
MFC after: 1 week
'C' and 'H' flags at runtime. This matches messages output for other
toggles which leave the first column in the message blank to hold the
cursor.
PR: bin/158775
Submitted by: arundel
MFC after: 3 days
ALL BIND USERS ARE ENCOURAGED TO UPGRADE IMMEDIATELY
This update addresses the following vulnerability:
CVE-2011-2464
=============
Severity: High
Exploitable: Remotely
Description:
A defect in the affected BIND 9 versions allows an attacker to remotely
cause the "named" process to exit using a specially crafted packet. This
defect affects both recursive and authoritative servers. The code location
of the defect makes it impossible to protect BIND using ACLs configured
within named.conf or by disabling any features at compile-time or run-time.
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2464https://www.isc.org/software/bind/advisories/cve-2011-2464
- Implement -Wvariable-decl.
- Port -Wtrampolines support from gcc3.
(all three also via OpenBSD)
PR: gnu/127136, gnu/157019
Submitted by: Henning Petersen, Pedro Giffuni
MFC after: 6 weeks
for resolving by a child process that, upon success, will add the entry
to the config of the running running parent process.
Unfortunately there are a couple of bugs with this, fixed in various
later versions of upstream in potentially different ways due to other
code changes:
1) Upon server [-46] <FQDN> the [-46] are used as FQDN for later resolving
which does not work. Make sure we always pass the name (or IP there).
2) The intermediate file to carry the information to the child process
does not know about -4/-6 restrictions, so that a dual-stacked host
could resolve to an IPv6 address but that might be unreachable (see
r223626) leading to no working synchronization ignoring a IPv4 record.
Thus alter the intermediate format to also pass the address family
(AF_UNSPEC (default), AF_INET or AF_INET6) to the child process
depending on -4 or -6.
3) Make the child process to parse the new intermediate file format and
save the address family for getaddrinfo() hints flags.
4) Change child to always reload resolv.conf calling res_init() before
trying to resolve names. This will pick up resolv.conf changes or
new resolv.confs should they have not existed or been empty or
unusable on ntp startup. This fix is more conditional in upstream
versions but given FreeBSD has res_init there is no need for the
configure logic as well.
Approved by: roberto
Sponsored by: Sandvine Incorporated
MFC after: 9 days
in host byte order, so we need to compare them as such.
Properly compare IPv6 addresses as well.
This allows the, by default, 8 badaddrs slots per address
family to work correctly and only print sendto() errors once.
The change is no longer applicable to any latest upstream versions.
Approved by: roberto
Sponsored by: Sandvine Incorporated
MFC after: 1 week
In userland, sign extend the offset for JA instructions.
We currently use that to implement "ip6 protochain", and "pc" might be
wider than "pc->k", in which case we need to arrange that "pc->k" be
sign-extended, by casting it to bpf_int32.
PR: kern/157188
Submitted by: plosher
MFC after: 2 weeks
is defined, but then proceeds to use a hardcoded maximum hostname length
of 64 anyway. Fix this by checking against MAXHOSTNAMELEN instead.
PR: bin/157732
MFC after: 3 days
64-bit PowerPC or 32-bit PowerPC.
- Make gdb work on powerpc64, the code for this is obtained from
ppc-linux-tdep.c.
- Remove non-elf core read functionality. Implement core read functionality
similar like other FreeBSD targets.
- Set long double limitations.
This allows one to force consistent printing of numeric port numbers like
we do with -n for other tools like netstat (just that -n was already taken)
rather than the service names.
-P is currently unused in OpenBSD so the change is eligible for upstreaming.
PR: misc/151015
Submitted by: Matt Koivisto (mkoivisto sandvine.com)
Sponsored by: Sandvine Incorporated
MFC after: 1 week
This also replaces the local fix in r219209 that made .Ac emit
ASCII angle quotes with an official fix. In the official fix,
ASCII quotes are output when using the .Aq, .Ao and .Ac calls,
but only when nested into the .An macro.
PR: gnu/154822
It seems there have only been a small amount to the compiler-rt source
code in the mean time. I'd rather have the code in sync as much as
possible by the time we release 9.0. Changes:
- The libcompiler_rt library is now dual licensed under both the
University of Illinois "BSD-Like" license and the MIT license.
- Our local modifications for using .hidden instead of .private_extern
have been upstreamed, meaning our changes to lib/assembly.h can now be
reverted.
- A possible endless recursion in __modsi3() has been fixed.
- Support for ARM EABI has been added, but it has no effect on FreeBSD
(yet).
- The functions __udivmodsi4 and __divmodsi4 have been added.
Requested by: many, including bf@ and Pedro Giffuni
buffers. This fixes a segfault on exit due to calling free on a bogus pointer.
This should be considered a temporary stop gap fix to avoid the crash. The
complete fix re-shuffles the initializations of some of the clean-up pointers.
The details of the fix can be found in the libpcap git repository:
commit bc8209b71e928870b0f172d43b174ab27ba24394
Proded by: kevlo, rpaulo
MFC after: 2 weeks
Submitted by: Anton Yuzhaninov
The binutils update in r218822 caused the MIPS n64 dynamic binaries to
fail because the ".interp" section is not in the initial sections.
This happens because elf64bmip-defs.sh overrides INITIAL_READONLY_SECTIONS
to add ".MIPS.options" sections instead of the ".reginfo" section used
by n32.
This used to work fine, but after r218822, INITIAL_READONLY_SECTIONS also
contains the .interp section, so the override has to be done differently.
Reported by : aduane at juniper
Obtained from: gonzo (Initial version)
rather than at the bottom of the manpage.
- Remove an obsolete comment about SWAIT being a stale state. It was
resurrected for a different purpose in FreeBSD 5 to mark idle ithreads.
- Add a comment documenting that the SLEEP and LOCK states typically
display the name of the event being waited on with lock names being
prefixed with an asterisk and sleep event names not having a prefix.
MFC after: 1 week
idle threads). The process is displayed by default (subject to whether or
not system processes are displayed) to preserve existing behavior. The
system idle process can be hidden via the '-z' command line argument or the
'z' key while top is running. When it is hidden, top more closely matches
the behavior of FreeBSD <= 4.x where idle time was not accounted to any
process.
MFC after: 2 weeks
system and is decided upon by configure and could be an u_int or a
u_char. For FreeBSD it is a u_char.
For IPv6 however RFC 3493, 5.2 defines the argument to
IPV6_MULTICAST_LOOP to be an unsigned integer so make sure we always
use that using a second variable for the IPV6 case.
This is to get rid of these error messages every 5 minutes on some
systems:
ntpd[1530]: setsockopt IPV6_MULTICAST_LOOP failure: Invalid argument
on socket 22, addr fe80::... for multicast address ff02::101
While here also fix the copy&paste error in the log message for
IPV6_MULTICAST_LOOP.
Reviewed by: roberto
Sponsored by: The FreeBSD Foundation
Sponsored by: iXsystems
MFC after: 10 days
Filed as: Bug 1936 on ntp.org
1. Very large RRSIG RRsets included in a negative cache can trigger
an assertion failure that will crash named (BIND 9 DNS) due to an
off-by-one error in a buffer size check.
This bug affects all resolving name servers, whether DNSSEC validation
is enabled or not, on all BIND versions prior to today. There is a
possibility of malicious exploitation of this bug by remote users.
2. Named could fail to validate zones listed in a DLV that validated
insecure without using DLV and had DS records in the parent zone.
Add a patch provided by ru@ and confirmed by ISC to fix a crash at
shutdown time when a SIG(0) key is being used.
