111 Commits

Author SHA1 Message Date
pfg
35335c1009 Use the __alloc_size2 attribute where relevant.
This follows the documented use in GCC. It is basically only relevant for
calloc(3), reallocarray(3) and  mallocarray(9).

Suggested by:	Mark Millard

Reference:
https://docs.freebsd.org/cgi/mid.cgi?9DE674C6-EAA3-4E8A-906F-446E74D82FC4
2018-01-22 01:50:10 +00:00
pfg
91992f5f35 Use the __result_use_check attribute also for reallocf(3).
The GCC attribute causes a warning to be emitted if a caller of the
function with this attribute does not use its return value. Unlike the
traditional realloc, with reallocf(3) we don't have to check for NULL
values but we still have to make sure the result is used.

MFC after:	3 days
2018-01-09 22:48:13 +00:00
oshogbo
60da446a21 Introduce the daemonfd function.
The daemonfd function is equivalent to the daemon(3) function expect that
arguments are descriptors. For example dhclient(8) which is sandboxed is
unable to open /dev/null to close stdio instead it's allows to fail
daemon(3) function to close the descriptors and then do it explicit in code.
Instead of such hacks we can use now daemonfd.

This API can be also helpful to migrate system to platforms like CheriBSD.

Reviewed by:	brooks@, bcr@, jilles@ (earlier version)
Differential Revision:	https://reviews.freebsd.org/D13433
2017-12-23 18:07:43 +00:00
kib
873f304292 Remove lint support from system headers and MD x86 headers.
Reviewed by:	dim, jhb
Discussed with:	imp
Sponsored by:	The FreeBSD Foundation
Differential revision:	https://reviews.freebsd.org/D13156
2017-11-23 11:40:16 +00:00
pfg
6b22553e16 include: further adoption of SPDX licensing ID tags.
Mainly focus on files that use BSD 3-Clause license.

The Software Package Data Exchange (SPDX) group provides a specification
to make it easier for automated tools to detect and summarize well known
opensource licenses. We are gradually adopting the specification, noting
that the tags are considered only advisory and do not, in any way,
superceed or replace the license texts.

Special thanks to Wind River for providing access to "The Duke of
Highlander" tool: an older (2014) run over FreeBSD tree was useful as a
starting point.
2017-11-20 19:45:28 +00:00
kib
4774ca6be0 Implement the memset_s(3) function as specified by the C11 ISO/IEC
9899:2011 Appendix K 3.7.4.1.

Other needed supporting types, defines and constraint_handler
infrastructure is added as specified in the C11 spec.

Submitted by:	Tom Rix <trix@juniper.net>
Sponsored by:	Juniper Networks
Discussed with:	ed
MFC after:	3 weeks
Differential revision:	https://reviews.freebsd.org/D9903
Differential revision:	https://reviews.freebsd.org/D10161
2017-03-30 04:57:26 +00:00
pfg
b6f2f57efd Remove outdated claim.
Despite wishful thinking the removal of these old function hasn't
happened yet.

MFC after:	3 days
2017-02-16 20:30:55 +00:00
pfg
74d3e29a11 Make use of clang nullability attributes.
Replace uses of the GCC __nonnull__ attribute with the clang nullability
qualifiers. The replacement should be transparent for clang developers as
the new qualifiers will produce the same warnings and will be useful for
static checkers but will not cause aggressive optimizations.

GCC will not produce such warnings and developers will have to use
upgraded GCC ports built with the system headers from r312538.

Hinted by:	Apple's Libc-1158.20.4, Bionic libc
MFC after:	11.1 Release

Differential Revision:	https://reviews.freebsd.org/D9004
2017-01-28 20:54:43 +00:00
pfg
a4528e838d Remove some uses of the GCC __nonnull() attribute.
While the checks are considered useful, the attribute does dangerous
optimizations, removing NULL checks where they can be needed. Remove the
uses of this attribute introduced in r281130: the changes were inspired on
Google's bionic where this attribute is not used anymore.

The __nonnull() attribute will be deprecrated from our headers and
replaced with the Clang _Nonnull qualifier in the future.

MFC after:	3 days
2017-01-01 17:16:47 +00:00
ed
8a78a9d9ce Remove setkey(), encrypt(), des_setkey() and des_cipher().
The setkey() and encrypt() functions are part of XSI, not the POSIX base
definitions. There is no strict requirement for us to provide these,
especially if we're only going to keep these around as undocumented
stubs. The same holds for des_setkey() and des_cipher().

Instead of providing functions that only generate warnings when linking,
simply disallow linking against them. The impact of this is relatively
low. It only causes two leaf ports to break. I'll see what I can do to
help out to get those fixed.

PR:		211626
2016-10-03 18:20:58 +00:00
ed
53168ffb1b Change type of MB_CUR_MAX and MB_CUR_MAX_L() to size_t.
POSIX requires that MB_CUR_MAX expands to an expression of type size_t.
It currently expands to an int. As these are already macros, don't
change the underlying type of these functions. There is no ned to touch
those.

Differential Revision:	https://reviews.freebsd.org/D6645
2016-07-28 09:50:19 +00:00
ed
a663be12a0 Fix typing of srandom() and initstate().
POSIX requires that these functions have an unsigned int for their first
argument; not an unsigned long.

My reasoning is that we can safely change these functions without
breaking the ABI. As far as I know, our supported architectures either
use registers for passing function arguments that are at least as big as
long (e.g., amd64), or int and long are of the same size (e.g., i386).

Reviewed by:	ache
Differential Revision:	https://reviews.freebsd.org/D6644
2016-07-26 20:11:29 +00:00
pfg
215099e03f Remove incorrect attributes from posix_memalign(3) declaration.
Both __alloc_align and __alloc_size can't be used when the function
returns a pointer to memory. This fixes breakage when building with
clang 3.4:

In file included from /usr/src/svn/usr.sbin/bhyve/atkbdc.c:40:
/usr/include/stdlib.h:176:6: error: '__alloc_size__' attribute only
applies to functions that return a pointer [-Werror,-Wignored-attributes]

Pointed out by:	ngie, cem
Approved by:	re (gjb)
2016-07-05 22:30:29 +00:00
dim
e135c6f227 For C++, expose long long types and functions (lldiv_t, llabs, lldiv,
etc) in stdlib.h.  These will be needed for newer versions of libc++,
which uses them for defining overloaded versions of abs() and div().

MFC after:	1 week
2016-03-23 19:17:12 +00:00
pfg
db5663c131 Make use of GCC alloc_align attribute
This lets the compiler know about the alignment of pointers returned
by aligned_alloc(3), posix_memalign(3). and contigmalloc(9)

Currently this is only supported in recent gcc but we are ready to
use it if clang implements it.

Relnotes:	yes
2015-05-15 20:43:37 +00:00
pfg
79bc57e501 No need for result_use_check attribute in reallocf(3). 2015-05-01 20:40:48 +00:00
bapt
41e541e0de Move reallocarray definition to the _BSD_VISIBLE block
Add the required __alloc_size attributes

Requested by:	pfg
2015-05-01 19:14:32 +00:00
bapt
c63c2c39eb Import reallocarray(3) from OpenBSD
Add a manpage for it, assign the copyright to the OpenBSD project on it since it
is mostly copy/paste from OpenBSD manpage.
style(9) fixes

Differential Revision:	https://reviews.freebsd.org/D2420
Reviewed by:	kib
2015-05-01 18:32:16 +00:00
pfg
cb4cf650b0 Make use of gcc attributes in some standard include headers.
The `nonnull' attribute specifies that some function parameters should be
non-null pointers.  This is very useful as it helps the compiler generate
warnings on suspicious code and can also enable some small optimizations.

Also start using 'alloc_size' attribute in the allocator functions.

This is an initial step to better integrate our libc with the compiler:
these attributes are fully supported by clang and they are also useful
for the static analyzer.

Note that due to some bogus internal procedure in the way gcc ports
are built they may require updating if they were built before r280801.

Relnotes:		yes
Hinted by:		Android's bionic libc
Differential Revision:	https://reviews.freebsd.org/D2107
2015-04-06 01:39:16 +00:00
pfg
bfa2c0962c Clean sparse spaces. 2015-03-25 16:54:37 +00:00
pfg
2eca2e9569 Add bsearch_b to the libc map and the stdlib header.
bsearch_b is the Apple blocks enabled version of bsearch(3).
This was added to libc in Revision 264042 but the commit
missed the declaration required to make use of it.

While here move some other block-related functions to the
BSD_VISIBLE block as these are non-standard.

Phabric:	D638
Reviewed by:	theraven, wollman
2014-09-01 22:25:42 +00:00
theraven
0127b103f2 Add support for some block functions that come from OS X. These are
intended to build with any C compiler.

Reviewed by:	pfg
MFC after:	3 weeks
2014-04-02 16:07:48 +00:00
tijl
606babe108 Rename __wchar_t so it no longer conflicts with __wchar_t from clang 3.4
-fms-extensions.

MFC after:	2 weeks
2014-04-01 14:46:11 +00:00
jilles
2895e1352c Add mkostemp() and mkostemps().
These are like mkstemp() and mkstemps() but allow passing open(2) flags like
O_CLOEXEC.
2013-08-09 17:24:23 +00:00
jilles
1523d4a961 stdlib.h: Add correct POSIX version for POSIX extensions to C. 2013-07-05 14:16:04 +00:00
ache
295fb8ce1a 1) POSIX requires rand(3) return values to be in the [0, RAND_MAX] range,
but ACM formula we use have internal state (and return value) in the
[1, 0x7ffffffe] range, so our RAND_MAX (0x7fffffff) is never reached
because it is off by one, zero is not reached too.

Correct both RAND_MAX and rand(3) return value, shifting last one
to the 0 by 1 subtracted, resulting POSIXed [0, 0x7ffffffd(=new RAND_MAX)]
range.

2) Add a checks for not overflowing on too big seeds. It may happens on
the machines, where sizeof(unsigned int) > 32 bits.

Reviewed by:    bde [1]
MFC after:      2 weeks
2013-07-03 21:21:54 +00:00
jasone
cbeacb7c46 Import jemalloc 9ef7f5dc34ff02f50d401e41c8d9a4a928e7c2aa (dev branch,
prior to 3.0.0 release) as contrib/jemalloc, and integrate it into libc.
The code being imported by this commit diverged from
lib/libc/stdlib/malloc.c in March 2010, which means that a portion of
the jemalloc 1.0.0 ChangeLog entries are relevant, as are the entries
for all subsequent releases.
2012-04-17 07:22:14 +00:00
theraven
de5013d7b6 Correctly expose xlocale functions if people include the headers in the wrong
order (as some ports apparently do).

Approved by:	dim (mentor)
2012-03-28 12:11:54 +00:00
theraven
ff1fc6fb5c Expose some C11 stuff that is also C++11 stuff in C++11 mode.
Approved by:	dim (mentor)
2012-03-14 14:39:07 +00:00
ed
990fc2900c Add aligned_alloc(3).
The C11 folks reinvented the wheel by introducing an aligned version of
malloc(3) called aligned_alloc(3), instead of posix_memalign(3). Instead
of returning the allocation by reference, it returns the address, just
like malloc(3).

Reviewed by:	jasone@
2012-01-09 06:36:28 +00:00
ed
e107daf653 Fix spelling of C11 and sort functions by name. 2012-01-08 12:03:46 +00:00
ed
62cadb3ee6 Improve C11 bits in <stdlib.h>:
- Add missing semicolon to quick_exit(),
- Remove `func' parameter name from at_quick_exit(),
- Fix indentation.
- Compare against 2011 value.
2011-12-26 18:55:37 +00:00
ed
0bcfe62162 Replace __const by const in all non-contributed source code.
As C1X is close to being released, there is no need to wrap around a
feature that is already part of C90. Most of these files already use
`const' in different placed as well.
2011-12-13 13:32:56 +00:00
theraven
cac815ea05 As per das@'s suggestion, s/__noreturn/_Noreturn/, since the latter is an
identifier reserved for the implementation in C99 and earlier so there is
no sensible reason for introducing yet another reserved identifier when we
could just use the one C1x uses.

Approved by:	brooks (mentor)
2011-12-07 21:17:50 +00:00
theraven
ded93cd9e7 Implement quick_exit() / at_quick_exit() from C++11 / C1x. Also add a
__noreturn macro and modify the other exiting functions to use it.

The __noreturn macro, unlike __dead2, must be used BEFORE the function.
This is in line with the C and C++ specifications that place _Noreturn (c1x)
and [[noreturn]] (C++11) in front of the functions.  As with __dead2, this
macro falls back to using the GCC attribute.

Unfortunately, clang currently sets the same value for the C version macro
in C99 and C1x modes, so these functions are hidden by default.  At some
point before 10.0, I need to go through the headers and clean up the C1x /
C++11 visibility.

Reviewed by:	brooks (mentor)
2011-12-07 15:25:48 +00:00
theraven
0f6ef690b3 Implement xlocale APIs from Darwin, mainly for use by libc++. This adds a
load of _l suffixed versions of various standard library functions that use
the global locale, making them take an explicit locale parameter.  Also
adds support for per-thread locales.  This work was funded by the FreeBSD
Foundation.

Please test any code you have that uses the C standard locale functions!

Reviewed by:    das (gdtoa changes)
Approved by:    dim (mentor)
2011-11-20 14:45:42 +00:00
kib
1c6a4e2943 Move realpath(3) prototype to a POSIX section.
Noted by:	bde
MFC after:	2 weeks
2010-04-21 16:38:37 +00:00
kib
0be03f320b Slightly modernize realpath(3).
SUSv4 requires that implementation returns EINVAL if supplied path is NULL,
and ENOENT if path is empty string [1].
Bring prototype in conformance with SUSv4, adding restrict keywords.
Allow the resolved path buffer pointer be NULL, in which case realpath(3)
allocates storage with malloc().

PR:	kern/121897 [1]
MFC after:	2 weeks
2010-04-20 10:16:44 +00:00
imp
7d79e30fb2 Remove the Berkeley clause 3's.
Add a few $FreeBSD$
2010-02-16 19:39:50 +00:00
das
f29890082d Namespace: abort2() is a BSD extension. 2009-03-14 19:13:30 +00:00
das
08eb82238e r189349 removed mktemp() from the XSI namespace when
__XOPEN_SOURCE >= 700, since mktemp() was withdrawn
from the standard. However, __XSI_VISIBLE is set to
700 in the default BSD envrionment, where mktemp()
should still exist; hence, check for this.
2009-03-14 02:31:48 +00:00
das
83a21fcd3a - Add getsubopt and mkdtemp to the POSIX.1-2008 namespace.
- Add mkstemp to the POSIX.1-2008 and BSD namespaces.
- Remove mktemp from the XSI namespace.
2009-03-04 03:31:10 +00:00
ed
de78bbbfe8 Add two new routines: fdevname() and fdevname_r().
A more elegant way of obtaining a name of a character device by its file
descriptor on FreeBSD, is to use the FIODGNAME ioctl. Because a valid
file descriptor implies a file descriptor is visible in /dev, it will
always resolve a valid device name.

I'm adding a more friendly wrapper for this ioctl, called fdevname(). It
is a lot easier to use than devname() and also has better error
handling. When a device name cannot be resolved, it will just return
NULL instead of a generated device name that makes no sense.

Discussed with:	kib
2009-02-11 20:24:59 +00:00
das
61dc3e056c Add a function attribute called `__malloc_like', which informs gcc
that the annotated function returns a pointer that doesn't alias any
extant pointer. This results in a 50%+ speedup in microbenchmarks such
as the following:

    char *cp = malloc(1), *buf = malloc(BUF);
    for (i = 0; i < BUF; i++) buf[i] = *cp;

In real programs, your mileage will vary. Note that gcc already
performs this optimization automatically for any function called
`malloc', `calloc', `strdup', or `strndup' unless -fno-builtins is
used.
2009-01-31 18:27:02 +00:00
ache
e1bf8eba27 Add arc4random_uniform()
Obtained from:  OpenBSD
2008-07-22 11:40:42 +00:00
ache
fc34cf9d89 Add arc4random_buf.
Style: remove arg names from arc4random_addrandom.
2008-07-21 14:03:04 +00:00
scf
196b6346ba Significantly reduce the memory leak as noted in BUGS section for
setenv(3) by tracking the size of the memory allocated instead of using
strlen() on the current value.

Convert all calls to POSIX from historic BSD API:
 - unsetenv returns an int.
 - putenv takes a char * instead of const char *.
 - putenv no longer makes a copy of the input string.
 - errno is set appropriately for POSIX.  Exceptions involve bad environ
   variable and internal initialization code.  These both set errno to
   EFAULT.

Several patches to base utilities to handle the POSIX changes from
Andrey Chernov's previous commit.  A few I re-wrote to use setenv()
instead of putenv().

New regression module for tools/regression/environ to test these
functions.  It also can be used to test the performance.

Bump __FreeBSD_version to 700050 due to API change.

PR:		kern/99826
Approved by:	wes
Approved by:	re (kensmith)
2007-07-04 00:00:41 +00:00
ache
6ccaf050cc Back out all POSIXified *env() changes.
Not because I admit they are technically wrong and not because of bug
reports (I receive nothing). But because I surprisingly meets so
strong opposition and resistance so lost any desire to continue that.

Anyone who interested in POSIX can dig out what changes and how
through cvs diffs.
2007-05-01 16:02:44 +00:00
ache
027819c292 Fix unsetenv and putenv prototypes to conform Open Group specs Issue 6
(also IEEE Std 1003.1-2001)
2007-04-30 02:27:43 +00:00
andre
9ec6603878 Import of OpenBSD's strtonum(3) which is a nicer version of strtoll(3)
providing proper error checking and other improvements.

Obtained from:	OpenBSD
Requested by:	flz (to port Open[BGP|OSPF]D)
MFC after:	3 days
2006-03-14 16:57:30 +00:00