Commit Graph

8095 Commits

Author SHA1 Message Date
Don Lewis
2b34ca7d10 Don't leak olinep if malloc() fails.
If malloc() fails to allocate linep, then free olinep (if it exists)
before returning to avoid a memory leak.

Reported by:	Coverity
CID:		1016716
Reviewed by:	kib
MFC after:	1 week
Differential Revision:	https://reviews.freebsd.org/D6755
2016-06-08 10:25:16 +00:00
Don Lewis
d7f12eacbb Don't leak addrinfo if ai->ai_addrlen <= minsiz test fails.
If the ai->ai_addrlen <= minsiz test fails, then freeaddrinfo()
does not get called to free the memory just allocated by getaddrinfo().
Fix by moving ai->ai_addrlen <= minsiz to a separate nested if
block, and keep freeaddrinfo() in the outer block so that freeaddrinfo()
will be called whenever getaddrinfo() succeeds.

Reported by:	Coverity
CID:		1273652
Reviewed by:	ume
MFC after:	1 week
Differential Revision:	https://reviews.freebsd.org/D6756
2016-06-08 09:40:06 +00:00
Mariusz Zaborski
b3a734483e Introduce the PD_CLOEXEC for pdfork(2).
Reviewed by:	mjg
2016-06-08 02:09:14 +00:00
Pedro F. Giffuni
3c2c0c0443 libc/locale: Fix type breakage in __collate_range_cmp().
When collation support was brought in, the second and third
arguments in __collate_range_cmp() were changed from int to
wchar_t, breaking the ABI. Change them to a "char" type which
makes more sense and keeps the ABI compatible.

Also introduce __wcollate_range_cmp() which does work with wide
characters. This function is used only internally in libc so
we don't export it. Use the new function in glob(3), fnmatch(3),
and regexec(3).

PR:		179721
Suggested by:	ache. jilles
MFC after:	3 weeks (perhaps partial only)
2016-06-05 19:12:52 +00:00
Andrey A. Chernov
16bf528dc2 Reflect error indication according to POSIX and what those functions
currently do.
2016-06-05 15:46:14 +00:00
Konstantin Belousov
7d6906b804 Fix markup.
Sponsored by:	The FreeBSD Foundation
2016-06-04 20:20:14 +00:00
Eric van Gyzen
28e3357884 Improve errno documentation in pthread_create(3) and thr_new(2)
Add some missing errno values to thr_new(2) and pthread_create(3).
In particular, EDEADLK was not documented in the latter.
While I'm here, improve some English and cross-references.

Reviewed by:	kib
Sponsored by:	Dell Inc.
Differential Revision:	https://reviews.freebsd.org/D6663
2016-06-03 14:30:32 +00:00
Pedro F. Giffuni
546781a748 citrus: Remove redundant code in _citrus_esdb_get_list().
It appears "sorted" may have not been implemented. Sorted or not,
we always follow the same action so simplify the code.
Leave a note for future generations.

CID:	1347084
2016-06-02 17:28:39 +00:00
Jilles Tjoelker
9de9fa32c9 thr_*(2): Add xrefs to what libthr implements using each syscall.
Add text to thr_exit(2) and thr_new(2) discouraging their use in
applications since calling these in a process with libthr loaded will
confuse libthr and is likely to cause hangs or crashes.

The thr_kill2(2) call is not used by libthr and may be useful in special
applications.

The other calls can be used in applications but it should not be necessary.
2016-06-01 21:58:13 +00:00
Mariusz Zaborski
eaf7c645b3 Document behavior of wait introduced in the r286698.
Suggested by:		glebius
Reviewed by:		wblock, bjk
Differential Revision:	https://reviews.freebsd.org/D6080
2016-06-01 19:49:38 +00:00
Andrey A. Chernov
69c526f46e Don't use fixup for C99 and up, the compiler result is already correct.
Suggested by: bde

MFC after:      1 week
2016-06-01 10:14:25 +00:00
Andrey A. Chernov
2f423a266a For EILSEQ case in mbsnrtowcs() and wcsnrtombs() update src to point to
the character after the one this conversion stopped at.

PR:     209907
Submitted by: Roel Standaert <roel@abittechnical.com> (partially)
MFC after:      3 days
2016-05-31 18:44:33 +00:00
Ed Schouten
de1d269583 Fix prototype of dbm_open().
The last argument of dbm_open() should be a mode_t according to POSIX;
not an int.

Reviewed by:	pfg, kib
Differential Revision:	https://reviews.freebsd.org/D6650
2016-05-31 18:32:57 +00:00
Ed Schouten
2fed5061db Let dbm's datum::dptr use the right type.
According to POSIX, it should use void *, not char *. Unfortunately, the
dsize field also has the wrong type. It should be size_t. I'm not going
to change that, as that will break the ABI.

Reviewed by:	pfg
Differential Revision:	https://reviews.freebsd.org/D6647
2016-05-30 16:52:23 +00:00
Ed Schouten
0977bd1e88 Fix the signature of the psignal() function.
POSIX 2008 added the psignal() function which has already been part of
the BSDs for a long time. The only difference is, the POSIX version uses
an 'int' for the signal number, unlike our version which uses an
'unsigned int'. Fix up the function to use an 'int'. This should not
affect the ABI.
2016-05-30 13:51:27 +00:00
Jamie Gritton
ee8d6bd352 Mark jail(2), and the sysctls that it (and only it) uses as deprecated.
jail(8) has long used jail_set(2), and those sysctl only cause confusion.
2016-05-30 05:21:24 +00:00
Andrey A. Chernov
b8ac3f201d Micro optimize: C standard guarantees that right shift for unsigned value
fills left bits with zero, and we have exact 32bit unsigned value
(uint32_t), so there is no reason to add "& 0x7fffffff" here.

MFC after:      1 week
2016-05-29 16:39:28 +00:00
Jilles Tjoelker
764be64b12 _umtx_op(2): Note deprecation of UMTX_OP_MUTEX_WAKE. 2016-05-29 15:02:55 +00:00
Jilles Tjoelker
8e44e0ab19 _umtx_op(2),thr_*(2): Various spelling, grammar and mdoc fixes. 2016-05-29 14:16:23 +00:00
Andrey A. Chernov
44f8773834 1) Unifdef USE_WEAK_SEEDING since it is too obsolete to support and makes
reading hard.

2) Instead of doing range transformation in each and every function here,
do it single time directly in do_rand(). One "mod" operation overhead is not
a big deal, but the code looks nicer and possible future functions additions
or PRNG change do not miss range transformations neither have unneeded ones.

3) Use POSIX argument types for visible functions (cosmetic).

MFC after:      1 week
2016-05-29 13:57:06 +00:00
Andrey A. Chernov
e44ffdb207 1) Unifdef USE_WEAK_SEEDING it is too obsolete to support and makes reading
harder.

2) ACM paper require seed to be in [1, 2^31-2] range, so use the same range
shifting as already done for rand(3). Also protect srandomdev() + TYPE_0 case
(non default) from negative seeds.

3) Don't check for valid "type" range in setstate(), it is always valid as
calculated. Instead add a check that rear pointer not exceeed end pointer.

MFC after:      1 week
2016-05-29 11:54:09 +00:00
Ed Schouten
3005a8755a Let l64a() properly null terminate its result.
Though the buffer used by l64a() is initialized with null bytes,
repetetive calls may end up having trailing garbage of previous
invocations because we don't end up terminating the string.

Instead of importing NetBSD's fix, use this opportunity to simplify this
function dramatically, for example by just storing the Base64 character
set in a string. There is also no need to do the bitmasking, as we can
just use the proper integer type from <stdint.h>.

MFC after:	1 month
Differential Revision:	https://reviews.freebsd.org/D6511
2016-05-26 20:55:15 +00:00
Ruslan Bukin
7813f8309c Do not generate code for sbrk syscall -- sbrk support was removed.
Pointed out by:	andrew
2016-05-25 16:38:10 +00:00
Pedro F. Giffuni
93ea9f9fa1 libc: regexec(3) adjustment.
Change the behavior of when REG_STARTEND is combined with REG_NOTBOL.

From the original posting[1]:

"Enable the assumption that pmatch[0].rm_so is a continuation offset
to  a string and allows us to do a proper assessment of the character
in  regards to it's word position ('^' or '\<'), without risking going
into unallocated memory."

This change makes us similar to how glibc handles REG_STARTEND |
REG_NOTBOL, and is closely related to a soon-to-land fix to sed.

Special thanks to Martijn van Duren and Ingo Schwarze for working
out some consistent behaviour.

Differential Revision:	https://reviews.freebsd.org/D6257
Taken from:	openbsd-tech 2016-05-24 [1]  (Martijn van Duren)
Relnotes:	yes
MFC after:	1 month
2016-05-25 15:35:23 +00:00
Ruslan Bukin
b7b46892f9 Remove legacy brk and sbrk from RISC-V.
Discussed with:	andrew
Sponsored by:	DARPA, AFRL
Sponsored by:	HEIF5
2016-05-25 14:08:21 +00:00
Don Lewis
9b842193f9 Fix Coverity CID 1016714 Resource leak in process_file_actions_entry()
Don't leak a file descriptor of _dup2() fails (shouldn't happen).

Reported by:	Coverity
CID:		1016714
MFC after:	1 week
2016-05-25 07:13:53 +00:00
Don Lewis
015f4df218 Fix 1016718 Resource leak.
Don't leak a file descriptor if fchdir() fails.

Reported by:	Coverity
CID:		1016718
MFC after:	1 week
2016-05-25 06:55:53 +00:00
Enji Cooper
8f5cc69027 Fix up r300385
I accidentally glossed over the fact that tmp is manipulated via strchr, so
if we tried to free `tmp` after r300385, it would have crashed.

Create a separate pointer (tmp2) to track the original allocation of `tmp`,
and free `tmp2` if `p->nc_lookups` can't be malloced

MFC after: 4 days
X-MFC with: r300385
Reported by: Coverity
CID: 1356026
Sponsored by: EMC / Isilon Storage Division
2016-05-24 19:52:05 +00:00
Enji Cooper
3c048026b5 Remove redundant NULLing of outbuf_pmap
If reallocf ever failed, outbuf_pmap would already be NULL

MFC after: 1 week
X-MFC with: r300620
Reported by: cem
Sponsored by: EMC / Isilon Storage Division
2016-05-24 18:53:06 +00:00
Enji Cooper
75cd48a1c1 Use reallocf instead of malloc to fix leak with outbuf_pmap
The previous code overwrote outbuf_pmap's memory with malloc once per
loop iteration, which leaked its memory; use reallocf instead to ensure
that memory is properly free'd each loop iteration.

Add a outbuf_pmap = NULL in the failure case to avoid a double-free
at the bottom of the function.

Differential Revision: https://reviews.freebsd.org/D6495
MFC after: 1 week
Reported by: Coverity
CID: 1038776
Reviewed by: markj, pfgj
Sponsored by: EMC / Isilon Storage Division
2016-05-24 18:44:50 +00:00
Jilles Tjoelker
050c87f9a1 vfork(2): Mention some risks of calling vfork() from application code.
MFC after:	1 week
2016-05-22 13:32:45 +00:00
Andrey A. Chernov
fbd6b95ef9 1) POSIX prohibits printing errors to stderr here and require
returning NULL:

"Upon successful completion, initstate() and setstate() shall return a
pointer to the previous state array; otherwise, a null pointer shall
be returned.

Although some implementations of random() have written messages to
standard error, such implementations do not conform to POSIX.1-2008."

2) Move error detections earlier to prevent state modifying.

MFC after:      1 week
2016-05-22 06:18:59 +00:00
Enji Cooper
f1209420eb nis_rpcent: don't leak resultbuf from yp_first(..)/yp_next(..)
If the buffer couldn't be adequately resized to accomodate an additional "\n",
it would leak resultbuf by breaking from the loop early

MFC after: 2 weeks
Reported by: Coverity
CID: 1016702
Sponsored by: EMC / Isilon Storage Division
2016-05-22 03:05:27 +00:00
Enji Cooper
b70cb0694b Call endnetconfig on nc_handle sooner to avoid leaking nc_handle if tmpnconf
was NULL

This would theoretically happen if the netconfig protocol family and protocol
semantics were never matched.

MFC after: 2 weeks
Reported by: Coverity
CID: 978179
Sponsored by: EMC / Isilon Storage Division
2016-05-22 02:53:11 +00:00
Enji Cooper
99d498608a getnetid(..): consistently fclose fd at the end of the function
This mutes a false positive with cppcheck, but also helps eliminate future
potential issues with this variable

MFC after: 2 weeks
Sponsored by: EMC / Isilon Storage Division
2016-05-22 02:24:38 +00:00
Enji Cooper
3552a02626 Don't leak handle if svc_tp_create(..) succeeds and allocating a new
struct xlist object fails

MFC after: 1 week
Reported by: Coverity
CID: 978277
Sponsored by: EMC / Isilon Storage Division
2016-05-22 02:02:18 +00:00
Enji Cooper
9c11e6b093 Don't leak tmp if p->nc_lookups can't be malloced
MFC after: 1 week
Reported by: cppcheck
Sponsored by: EMC / Isilon Storage Division
2016-05-22 01:45:15 +00:00
Pedro F. Giffuni
e9fe9edde7 libc/regex: fix two buffer underruns.
Fix some rather complex regex issues found on OpenBSD as part of some
ongoing work to fix a sed(1) bug.

Curiously the OpenBSD tests don't trigger segfaults on FreeBSD but the
bugs were confirmed by running a port of FreeBSD's regex under OpenBSD's
malloc. Huge thanks to Ingo for confirming the behavior.

Taken from:	Ingo Schwarze (through openbsd-tech 2016-05-15)
MFC after:	1 week
2016-05-21 19:54:10 +00:00
Bryan Drewery
487c4f4f36 FTS: Remove stale reference to nfs4 fs which was removed in r192578.
MFC after:	2 weeks
2016-05-21 01:31:41 +00:00
Andrew Turner
94098ab7c3 Remove brk and sbrk from arm64. They were defined in The Single UNIX
Specification, Version 2, but marked as legacy, and have been removed from
later specifications. After 12 years it is time to remove them from new
architectures when the main use for sbrk is an invalid method to attempt
to find how much memory has been allocated from malloc.

There are a few places in the tree that still call sbrk, however they are
not used on arm64. They will need to be fixed to cross build from arm64,
but these will be fixed in a follow up commit.

Old copies of binutils from ports called into sbrk, however this has been
fixed around 6 weeks ago. It is advised to update binutils on arm64 before
installing a world that includes this change.

Reviewed by:	brooks, emaste
Obtained from:	brooks
Relnotes:	yes
Sponsored by:	ABT Systems Ltd
Differential Revision:	https://reviews.freebsd.org/D6464
2016-05-20 15:04:48 +00:00
Konstantin Belousov
41ea34a25c Document _umtx_op(2) interface for the implementation of robust mutexes.
In libthr(3), list added knobs.

Reviewed by:	emaste
Sponsored by:	The FreeBSD Foundation
Differential revision:	https://reviews.freebsd.org/D6427
2016-05-19 17:40:00 +00:00
Warner Losh
2c0e9e2a09 Make armv6 hard float abi by default. Kill armv6hf.
Allow CPUTYPE=soft to build the current soft-float abi libraries.
Add UPDATING entry to announce this.

Approved by: re@ (gjb)
2016-05-18 06:01:18 +00:00
Konstantin Belousov
2a339d9e3d Add implementation of robust mutexes, hopefully close enough to the
intention of the POSIX IEEE Std 1003.1TM-2008/Cor 1-2013.

A robust mutex is guaranteed to be cleared by the system upon either
thread or process owner termination while the mutex is held.  The next
mutex locker is then notified about inconsistent mutex state and can
execute (or abandon) corrective actions.

The patch mostly consists of small changes here and there, adding
neccessary checks for the inconsistent and abandoned conditions into
existing paths.  Additionally, the thread exit handler was extended to
iterate over the userspace-maintained list of owned robust mutexes,
unlocking and marking as terminated each of them.

The list of owned robust mutexes cannot be maintained atomically
synchronous with the mutex lock state (it is possible in kernel, but
is too expensive).  Instead, for the duration of lock or unlock
operation, the current mutex is remembered in a special slot that is
also checked by the kernel at thread termination.

Kernel must be aware about the per-thread location of the heads of
robust mutex lists and the current active mutex slot.  When a thread
touches a robust mutex for the first time, a new umtx op syscall is
issued which informs about location of lists heads.

The umtx sleep queues for PP and PI mutexes are split between
non-robust and robust.

Somewhat unrelated changes in the patch:
1. Style.
2. The fix for proper tdfind() call use in umtxq_sleep_pi() for shared
   pi mutexes.
3. Removal of the userspace struct pthread_mutex m_owner field.
4. The sysctl kern.ipc.umtx_vnode_persistent is added, which controls
   the lifetime of the shared mutex associated with a vnode' page.

Reviewed by:	jilles (previous version, supposedly the objection was fixed)
Discussed with:	brooks, Martin Simmons <martin@lispworks.com> (some aspects)
Tested by:	pho
Sponsored by:	The FreeBSD Foundation
2016-05-17 09:56:22 +00:00
Don Lewis
705458afae Don't call free_addrselectpolicy(&policyhead) before policyhead has been
initialized.

Reported by:	Coverity
CID:		1018727
2016-05-16 08:13:30 +00:00
Don Lewis
0ee6da55a6 Since rdata is only used as an argument to the immediately following
call to res_nopt_rdata(), revert r299879 and fix CID 603941 by moving
	rdata = &buf[n];
inside the if block.

Reported by:	Coverity
CID:		603941
2016-05-16 01:38:24 +00:00
Don Lewis
0abffcb5f8 Likely a false positive ... but make sure that -1 can't be used as an
array index by splitting up a test.

Reported by:	Coverity
CID:		603941
MFC after:	1 week
2016-05-16 01:30:32 +00:00
Konstantin Belousov
d21ea7daaa Add thr*.2 and _umtx_op.2 manpages to the build.
Sponsored by:	The FreeBSD Foundation
2016-05-14 09:43:28 +00:00
Konstantin Belousov
10a21ce6a9 Document the non-obsoleted kernel interfaces used by libthr.
Reviewed by:	emaste
Sponsored by:	The FreeBSD Foundation
Differential revision:	https://reviews.freebsd.org/D6335
2016-05-14 08:36:37 +00:00
Eric van Gyzen
079171874c iconvctl(3): remove superfluous NULL pointer tests
convname and dst are guaranteed to be non-NULL by iconv_open(3).
src is an array. Remove these tests for NULL pointers.
While I'm here, eliminate a strlcpy with a correct but suspicious-looking
calculation for the third parameter (i.e. not a simple sizeof).
Compare the strings in-place instead of copying.

Found by:	bdrewery
Found by:	Coverity
CID:		1130050, 1130056
MFC after:	3 days
Sponsored by:	Dell Inc.
Differential Revision:	 https://reviews.freebsd.org/D6338
2016-05-14 00:35:35 +00:00
Enji Cooper
32855711ef Read the contents of the snapshot files properly
- Use fgetln instead of fgets; localize complexity related to fgetln(3)
  inside the loop.
- Skip over blank lines.
- Skip over lines (properly) that start with a "#"

MFC after: 1 week
Sponsored by: EMC / Isilon Storage Division
2016-05-13 10:52:02 +00:00