106 Commits

Author SHA1 Message Date
Konstantin Belousov
9851b3400a Implement the memset_s(3) function as specified by the C11 ISO/IEC
9899:2011 Appendix K 3.7.4.1.

Other needed supporting types, defines and constraint_handler
infrastructure is added as specified in the C11 spec.

Submitted by:	Tom Rix <trix@juniper.net>
Sponsored by:	Juniper Networks
Discussed with:	ed
MFC after:	3 weeks
Differential revision:	https://reviews.freebsd.org/D9903
Differential revision:	https://reviews.freebsd.org/D10161
2017-03-30 04:57:26 +00:00
Pedro F. Giffuni
10723054ce Remove outdated claim.
Despite wishful thinking the removal of these old function hasn't
happened yet.

MFC after:	3 days
2017-02-16 20:30:55 +00:00
Pedro F. Giffuni
649702c5a3 Make use of clang nullability attributes.
Replace uses of the GCC __nonnull__ attribute with the clang nullability
qualifiers. The replacement should be transparent for clang developers as
the new qualifiers will produce the same warnings and will be useful for
static checkers but will not cause aggressive optimizations.

GCC will not produce such warnings and developers will have to use
upgraded GCC ports built with the system headers from r312538.

Hinted by:	Apple's Libc-1158.20.4, Bionic libc
MFC after:	11.1 Release

Differential Revision:	https://reviews.freebsd.org/D9004
2017-01-28 20:54:43 +00:00
Pedro F. Giffuni
f1b298ad46 Remove some uses of the GCC __nonnull() attribute.
While the checks are considered useful, the attribute does dangerous
optimizations, removing NULL checks where they can be needed. Remove the
uses of this attribute introduced in r281130: the changes were inspired on
Google's bionic where this attribute is not used anymore.

The __nonnull() attribute will be deprecrated from our headers and
replaced with the Clang _Nonnull qualifier in the future.

MFC after:	3 days
2017-01-01 17:16:47 +00:00
Ed Schouten
1a466ddc79 Remove setkey(), encrypt(), des_setkey() and des_cipher().
The setkey() and encrypt() functions are part of XSI, not the POSIX base
definitions. There is no strict requirement for us to provide these,
especially if we're only going to keep these around as undocumented
stubs. The same holds for des_setkey() and des_cipher().

Instead of providing functions that only generate warnings when linking,
simply disallow linking against them. The impact of this is relatively
low. It only causes two leaf ports to break. I'll see what I can do to
help out to get those fixed.

PR:		211626
2016-10-03 18:20:58 +00:00
Ed Schouten
822b22a9bf Change type of MB_CUR_MAX and MB_CUR_MAX_L() to size_t.
POSIX requires that MB_CUR_MAX expands to an expression of type size_t.
It currently expands to an int. As these are already macros, don't
change the underlying type of these functions. There is no ned to touch
those.

Differential Revision:	https://reviews.freebsd.org/D6645
2016-07-28 09:50:19 +00:00
Ed Schouten
8de6c26711 Fix typing of srandom() and initstate().
POSIX requires that these functions have an unsigned int for their first
argument; not an unsigned long.

My reasoning is that we can safely change these functions without
breaking the ABI. As far as I know, our supported architectures either
use registers for passing function arguments that are at least as big as
long (e.g., amd64), or int and long are of the same size (e.g., i386).

Reviewed by:	ache
Differential Revision:	https://reviews.freebsd.org/D6644
2016-07-26 20:11:29 +00:00
Pedro F. Giffuni
9143e6e49a Remove incorrect attributes from posix_memalign(3) declaration.
Both __alloc_align and __alloc_size can't be used when the function
returns a pointer to memory. This fixes breakage when building with
clang 3.4:

In file included from /usr/src/svn/usr.sbin/bhyve/atkbdc.c:40:
/usr/include/stdlib.h:176:6: error: '__alloc_size__' attribute only
applies to functions that return a pointer [-Werror,-Wignored-attributes]

Pointed out by:	ngie, cem
Approved by:	re (gjb)
2016-07-05 22:30:29 +00:00
Dimitry Andric
4ec98362ae For C++, expose long long types and functions (lldiv_t, llabs, lldiv,
etc) in stdlib.h.  These will be needed for newer versions of libc++,
which uses them for defining overloaded versions of abs() and div().

MFC after:	1 week
2016-03-23 19:17:12 +00:00
Pedro F. Giffuni
ee90489bc4 Make use of GCC alloc_align attribute
This lets the compiler know about the alignment of pointers returned
by aligned_alloc(3), posix_memalign(3). and contigmalloc(9)

Currently this is only supported in recent gcc but we are ready to
use it if clang implements it.

Relnotes:	yes
2015-05-15 20:43:37 +00:00
Pedro F. Giffuni
d0e9981e39 No need for result_use_check attribute in reallocf(3). 2015-05-01 20:40:48 +00:00
Baptiste Daroussin
8f0baadaa0 Move reallocarray definition to the _BSD_VISIBLE block
Add the required __alloc_size attributes

Requested by:	pfg
2015-05-01 19:14:32 +00:00
Baptiste Daroussin
450dfafb15 Import reallocarray(3) from OpenBSD
Add a manpage for it, assign the copyright to the OpenBSD project on it since it
is mostly copy/paste from OpenBSD manpage.
style(9) fixes

Differential Revision:	https://reviews.freebsd.org/D2420
Reviewed by:	kib
2015-05-01 18:32:16 +00:00
Pedro F. Giffuni
153cbcd657 Make use of gcc attributes in some standard include headers.
The `nonnull' attribute specifies that some function parameters should be
non-null pointers.  This is very useful as it helps the compiler generate
warnings on suspicious code and can also enable some small optimizations.

Also start using 'alloc_size' attribute in the allocator functions.

This is an initial step to better integrate our libc with the compiler:
these attributes are fully supported by clang and they are also useful
for the static analyzer.

Note that due to some bogus internal procedure in the way gcc ports
are built they may require updating if they were built before r280801.

Relnotes:		yes
Hinted by:		Android's bionic libc
Differential Revision:	https://reviews.freebsd.org/D2107
2015-04-06 01:39:16 +00:00
Pedro F. Giffuni
1693a59a64 Clean sparse spaces. 2015-03-25 16:54:37 +00:00
Pedro F. Giffuni
f4189cd649 Add bsearch_b to the libc map and the stdlib header.
bsearch_b is the Apple blocks enabled version of bsearch(3).
This was added to libc in Revision 264042 but the commit
missed the declaration required to make use of it.

While here move some other block-related functions to the
BSD_VISIBLE block as these are non-standard.

Phabric:	D638
Reviewed by:	theraven, wollman
2014-09-01 22:25:42 +00:00
David Chisnall
46cdc14062 Add support for some block functions that come from OS X. These are
intended to build with any C compiler.

Reviewed by:	pfg
MFC after:	3 weeks
2014-04-02 16:07:48 +00:00
Tijl Coosemans
0a4c54d606 Rename __wchar_t so it no longer conflicts with __wchar_t from clang 3.4
-fms-extensions.

MFC after:	2 weeks
2014-04-01 14:46:11 +00:00
Jilles Tjoelker
65ba8dff5f Add mkostemp() and mkostemps().
These are like mkstemp() and mkstemps() but allow passing open(2) flags like
O_CLOEXEC.
2013-08-09 17:24:23 +00:00
Jilles Tjoelker
e45e1f2730 stdlib.h: Add correct POSIX version for POSIX extensions to C. 2013-07-05 14:16:04 +00:00
Andrey A. Chernov
476d9314d6 1) POSIX requires rand(3) return values to be in the [0, RAND_MAX] range,
but ACM formula we use have internal state (and return value) in the
[1, 0x7ffffffe] range, so our RAND_MAX (0x7fffffff) is never reached
because it is off by one, zero is not reached too.

Correct both RAND_MAX and rand(3) return value, shifting last one
to the 0 by 1 subtracted, resulting POSIXed [0, 0x7ffffffd(=new RAND_MAX)]
range.

2) Add a checks for not overflowing on too big seeds. It may happens on
the machines, where sizeof(unsigned int) > 32 bits.

Reviewed by:    bde [1]
MFC after:      2 weeks
2013-07-03 21:21:54 +00:00
Jason Evans
a4bd5210d5 Import jemalloc 9ef7f5dc34ff02f50d401e41c8d9a4a928e7c2aa (dev branch,
prior to 3.0.0 release) as contrib/jemalloc, and integrate it into libc.
The code being imported by this commit diverged from
lib/libc/stdlib/malloc.c in March 2010, which means that a portion of
the jemalloc 1.0.0 ChangeLog entries are relevant, as are the entries
for all subsequent releases.
2012-04-17 07:22:14 +00:00
David Chisnall
3ac9d65989 Correctly expose xlocale functions if people include the headers in the wrong
order (as some ports apparently do).

Approved by:	dim (mentor)
2012-03-28 12:11:54 +00:00
David Chisnall
79d09835dd Expose some C11 stuff that is also C++11 stuff in C++11 mode.
Approved by:	dim (mentor)
2012-03-14 14:39:07 +00:00
Ed Schouten
9e16bab42a Add aligned_alloc(3).
The C11 folks reinvented the wheel by introducing an aligned version of
malloc(3) called aligned_alloc(3), instead of posix_memalign(3). Instead
of returning the allocation by reference, it returns the address, just
like malloc(3).

Reviewed by:	jasone@
2012-01-09 06:36:28 +00:00
Ed Schouten
5d8c5f69f1 Fix spelling of C11 and sort functions by name. 2012-01-08 12:03:46 +00:00
Ed Schouten
b1214a51cc Improve C11 bits in <stdlib.h>:
- Add missing semicolon to quick_exit(),
- Remove `func' parameter name from at_quick_exit(),
- Fix indentation.
- Compare against 2011 value.
2011-12-26 18:55:37 +00:00
Ed Schouten
f6ab8089c6 Replace __const by const in all non-contributed source code.
As C1X is close to being released, there is no need to wrap around a
feature that is already part of C90. Most of these files already use
`const' in different placed as well.
2011-12-13 13:32:56 +00:00
David Chisnall
57979d1bd8 As per das@'s suggestion, s/__noreturn/_Noreturn/, since the latter is an
identifier reserved for the implementation in C99 and earlier so there is
no sensible reason for introducing yet another reserved identifier when we
could just use the one C1x uses.

Approved by:	brooks (mentor)
2011-12-07 21:17:50 +00:00
David Chisnall
0a31efe016 Implement quick_exit() / at_quick_exit() from C++11 / C1x. Also add a
__noreturn macro and modify the other exiting functions to use it.

The __noreturn macro, unlike __dead2, must be used BEFORE the function.
This is in line with the C and C++ specifications that place _Noreturn (c1x)
and [[noreturn]] (C++11) in front of the functions.  As with __dead2, this
macro falls back to using the GCC attribute.

Unfortunately, clang currently sets the same value for the C version macro
in C99 and C1x modes, so these functions are hidden by default.  At some
point before 10.0, I need to go through the headers and clean up the C1x /
C++11 visibility.

Reviewed by:	brooks (mentor)
2011-12-07 15:25:48 +00:00
David Chisnall
3c87aa1d3d Implement xlocale APIs from Darwin, mainly for use by libc++. This adds a
load of _l suffixed versions of various standard library functions that use
the global locale, making them take an explicit locale parameter.  Also
adds support for per-thread locales.  This work was funded by the FreeBSD
Foundation.

Please test any code you have that uses the C standard locale functions!

Reviewed by:    das (gdtoa changes)
Approved by:    dim (mentor)
2011-11-20 14:45:42 +00:00
Konstantin Belousov
585b8e0f8a Move realpath(3) prototype to a POSIX section.
Noted by:	bde
MFC after:	2 weeks
2010-04-21 16:38:37 +00:00
Konstantin Belousov
9d79ec20fb Slightly modernize realpath(3).
SUSv4 requires that implementation returns EINVAL if supplied path is NULL,
and ENOENT if path is empty string [1].
Bring prototype in conformance with SUSv4, adding restrict keywords.
Allow the resolved path buffer pointer be NULL, in which case realpath(3)
allocates storage with malloc().

PR:	kern/121897 [1]
MFC after:	2 weeks
2010-04-20 10:16:44 +00:00
Warner Losh
f2556687c6 Remove the Berkeley clause 3's.
Add a few $FreeBSD$
2010-02-16 19:39:50 +00:00
David Schultz
b38a55d49d Namespace: abort2() is a BSD extension. 2009-03-14 19:13:30 +00:00
David Schultz
d9c4315930 r189349 removed mktemp() from the XSI namespace when
__XOPEN_SOURCE >= 700, since mktemp() was withdrawn
from the standard. However, __XSI_VISIBLE is set to
700 in the default BSD envrionment, where mktemp()
should still exist; hence, check for this.
2009-03-14 02:31:48 +00:00
David Schultz
65e8b12988 - Add getsubopt and mkdtemp to the POSIX.1-2008 namespace.
- Add mkstemp to the POSIX.1-2008 and BSD namespaces.
- Remove mktemp from the XSI namespace.
2009-03-04 03:31:10 +00:00
Ed Schouten
26d4f5e969 Add two new routines: fdevname() and fdevname_r().
A more elegant way of obtaining a name of a character device by its file
descriptor on FreeBSD, is to use the FIODGNAME ioctl. Because a valid
file descriptor implies a file descriptor is visible in /dev, it will
always resolve a valid device name.

I'm adding a more friendly wrapper for this ioctl, called fdevname(). It
is a lot easier to use than devname() and also has better error
handling. When a device name cannot be resolved, it will just return
NULL instead of a generated device name that makes no sense.

Discussed with:	kib
2009-02-11 20:24:59 +00:00
David Schultz
544048ecef Add a function attribute called `__malloc_like', which informs gcc
that the annotated function returns a pointer that doesn't alias any
extant pointer. This results in a 50%+ speedup in microbenchmarks such
as the following:

    char *cp = malloc(1), *buf = malloc(BUF);
    for (i = 0; i < BUF; i++) buf[i] = *cp;

In real programs, your mileage will vary. Note that gcc already
performs this optimization automatically for any function called
`malloc', `calloc', `strdup', or `strndup' unless -fno-builtins is
used.
2009-01-31 18:27:02 +00:00
Andrey A. Chernov
c0046493c9 Add arc4random_uniform()
Obtained from:  OpenBSD
2008-07-22 11:40:42 +00:00
Andrey A. Chernov
3204108bc3 Add arc4random_buf.
Style: remove arg names from arc4random_addrandom.
2008-07-21 14:03:04 +00:00
Sean Farley
2966d28c32 Significantly reduce the memory leak as noted in BUGS section for
setenv(3) by tracking the size of the memory allocated instead of using
strlen() on the current value.

Convert all calls to POSIX from historic BSD API:
 - unsetenv returns an int.
 - putenv takes a char * instead of const char *.
 - putenv no longer makes a copy of the input string.
 - errno is set appropriately for POSIX.  Exceptions involve bad environ
   variable and internal initialization code.  These both set errno to
   EFAULT.

Several patches to base utilities to handle the POSIX changes from
Andrey Chernov's previous commit.  A few I re-wrote to use setenv()
instead of putenv().

New regression module for tools/regression/environ to test these
functions.  It also can be used to test the performance.

Bump __FreeBSD_version to 700050 due to API change.

PR:		kern/99826
Approved by:	wes
Approved by:	re (kensmith)
2007-07-04 00:00:41 +00:00
Andrey A. Chernov
ba174a5e38 Back out all POSIXified *env() changes.
Not because I admit they are technically wrong and not because of bug
reports (I receive nothing). But because I surprisingly meets so
strong opposition and resistance so lost any desire to continue that.

Anyone who interested in POSIX can dig out what changes and how
through cvs diffs.
2007-05-01 16:02:44 +00:00
Andrey A. Chernov
86580aa6fc Fix unsetenv and putenv prototypes to conform Open Group specs Issue 6
(also IEEE Std 1003.1-2001)
2007-04-30 02:27:43 +00:00
Andre Oppermann
c74dfa2faf Import of OpenBSD's strtonum(3) which is a nicer version of strtoll(3)
providing proper error checking and other improvements.

Obtained from:	OpenBSD
Requested by:	flz (to port Open[BGP|OSPF]D)
MFC after:	3 days
2006-03-14 16:57:30 +00:00
Jason Evans
b3d51d3afc Expose the posix_memalign() prototype, now that the function is implemented
by libc.
2006-01-12 07:58:59 +00:00
Tom Rhodes
257551c6a0 Add a64l(), l64a(), and l64a_r() XSI extentions. These functions convert
between a 32-bit integer and a radix-64 ASCII string.  The l64a_r() function
is a NetBSD addition.

PR:		51209 (based on submission, but very different)
Reviewed by:	bde, ru
2005-12-24 22:37:59 +00:00
Poul-Henning Kamp
866196b69d Add abort2() prototype 2005-12-23 12:28:10 +00:00
Stefan Farfeleder
9d301680d6 Fix the prototypes for devname() and devname_r(), the first two argument
types are supposed to be dev_t and mode_t (prefixed with __ due to
namespace reasons).
2005-09-12 15:58:15 +00:00
Tim J. Robbins
17ebe40096 Implement rpmatch(), a semi-standard interface (as found on AIX, Tru64,
GNU) for determining whether a string is an affirmative or negative
response to a question according to the current locale. This is done
by matching the response against nl_langinfo(3) items YESEXPR and NOEXPR.
2005-01-09 03:55:13 +00:00