this has many visibility problems fixed, which should help with
compiling certain ports that exercise C++11 mode (i.e. Firefox).
Also, belatedly add the LICENSE.TXT and accompanying CREDITS.TXT files,
which are referred to in all the source files.
MFC after: 1 month
X86: Disable long nops for all cpus prior to pentiumpro/i686.
This is the safest approach for now. If you think long nops matter a
lot for performance, compile with -march=i686 or higher. :)
MFC after: 3 days
This adds two features:
* uid_from_user() and gid_from_group() as the reverse of user_from_uid()
and groups_from_gid().
* pwcache_userdb() and pwcache_groupdb() which allow alternative lookup
functions to be used. For example lookups from passwd and group
databases in a non-standard location.
When creating MCAsmBackend pass the CPU string as well. In X86AsmBackend
store this and use it to not emit long nops when the CPU is geode which
doesnt support them.
Fixes PR11212.
Pull in r164133 from upstream clang trunk:
Follow up on llvm r164132.
This should prevent illegal instructions when building world on Geode
CPUs (e.g. Soekris).
MFC after: 3 days
Prevents a lockup when queried a deliberately constructed combination
of records. [CVE-2012-5166]
For more information: https://kb.isc.org/article/AA-00801
doesn't mean supporting IFT_PFSYNC (which I hope will eventually
die). This means decoding packets with IP protocol of 240 caught
on any normal interface like Ethernet.
The code is based on couple of files from OpenBSD, significantly
modified by myself.
Parser differentiates for four levels of verbosity: no -v, -v,
-vv and -vvv.
We don't yet forward this code upstream, because currently it
strongly relies on if_pfsync.h and even on pfvar.h. I hope that
this can be fixed in future.
Reviewed by: gnn, delphij
- Set IP_RECVDSTADDR sockopt on the socket only in case if
it is INADDR_ANY bound.
- Supply IP_SENDSRCADDR control message only if we did receive
IP_RECVDSTADDR control message.
This fixes operation of snmpd bound to a specific local IP address.
PR: bin/171279
Prevents a crash when queried for a record whose RDATA exceeds
65535 bytes.
Prevents a crash when validating caused by using "Bad cache" data
before it has been initialized.
ISC_QUEUE handling for recursive clients was updated to address
a race condition that could cause a memory leak. This rarely
occurred with UDP clients, but could be a significant problem
for a server handling a steady rate of TCP queries.
A condition has been corrected where improper handling of
zero-length RDATA could cause undesirable behavior, including
termination of the named process.
For more information: https://kb.isc.org/article/AA-00788
X86: Emitting x87 fsin/fcos for sinf/cosf is not safe without unsafe
fp math.
This should make clang emit calls to libm for sinf/cosf by default.
MFC after: 1 week
reside, and move there ipfw(4) and pf(4).
o Move most modified parts of pf out of contrib.
Actual movements:
sys/contrib/pf/net/*.c -> sys/netpfil/pf/
sys/contrib/pf/net/*.h -> sys/net/
contrib/pf/pfctl/*.c -> sbin/pfctl
contrib/pf/pfctl/*.h -> sbin/pfctl
contrib/pf/pfctl/pfctl.8 -> sbin/pfctl
contrib/pf/pfctl/*.4 -> share/man/man4
contrib/pf/pfctl/*.5 -> share/man/man5
sys/netinet/ipfw -> sys/netpfil/ipfw
The arguable movement is pf/net/*.h -> sys/net. There are
future plans to refactor pf includes, so I decided not to
break things twice.
Not modified bits of pf left in contrib: authpf, ftp-proxy,
tftp-proxy, pflogd.
The ipfw(4) movement is planned to be merged to stable/9,
to make head and stable match.
Discussed with: bz, luigi
- Pacific/Fiji will go into DST from 21 October 2012 till 20 January 2013.
- Fix offset for Pacific/Tokelau.
- Gaza and West Bank had DST from 29 March to 28 September 2012.
- Syria has DST from April till October
- Morocco had DST from April to September 2012 except for 20 July to 20 August.
- Cuba changed to DST from 1 April 2012 only.
- Haiti has DST between 8 March and 1 November in 2012.
Obtained from: ftp://ftp.iana.org/tz/releases/
IP_SENDSRCADDR control with datagram message we reply with. This makes
bsnmpd reply from exactly same address that request was sent to, thus
successfully bypassing stateful firewalls or other kinds of strict checking.
PR: bin/171279
from the control message, actually never worked. This means check_priv()
didn't work for local dgram sockets.
The SCM_CREDS control messages is received only in two cases:
1) If we did setsockopt(LOCAL_CREDS) on our socket, and in this case
the message is struct sockcred.
2) If sender did supplied SCM_CREDS control message in his sendmsg()
syscall. In this case the message is struct cmsgcred.
We can't rely on 2), so we will use 1) for dgram sockets. For stream
sockets it is more reliable to obtain accept-time credentials, since
SCM_CREDS control message is attached only on first read. Thus:
o Do setsockopt(LOCAL_CREDS) on local dgram sockets.
o Split check_priv() into check_priv_stream() and check_priv_dgram(),
and call them from recv_stream() and recv_dgram() respectively.
o Don't provide space for SCM_CREDS control message in recv_stream().
o Provide space for SCM_CREDS control message in recv_dgram(), but there
is no need to initialize anything in it.
o In recv_dgram() do not blindly expect that first message is SCM_CREDS,
instead use correct search cycle through control messages.
encounters a DT_RUNPATH entry, the global dynamic_info[] array is
overrun, causing some other global variable to be overwritten.
In my testcase, this was the section_headers variable, leading to
segfaults or jemalloc assertions when it was freed later on.
Thanks to Koop Mast for providing samples of a few "bad" .so files.
MFC after: 1 week
Merge existing attributes before processing pragmas in friend template
declarations.
Fixes pr13662.
This should help when building Firefox with libc++.
Magic tests containing "search" or "regex" directives were incorrectly
compiled by "mkmagic" and were effectively ignored. This caused troff
files (for example) to be detected as simply "ASCII text" instead of
as "troff or preprocessor input, ASCII text".
PR: bin/170415
Approved by: consensus on developers@
MFC after: 3 days
r238211:
Support TARGET_ARCH=armv6 and TARGET_ARCH=armv6eb
This adds a new TARGET_ARCH for building on ARM
processors that support the ARMv6K multiprocessor
extensions. In particular, these processors have
better support for TLS and mutex operations.
This mostly touches a lot of Makefiles to extend
existing patterns for inferring CPUARCH from ARCH.
It also configures:
* GCC to default to arm1176jz-s
* GCC to predefine __FreeBSD_ARCH_armv6__
* gas to default to ARM_ARCH_V6K
* uname -p to return 'armv6'
* make so that MACHINE_ARCH defaults to 'armv6'
It also changes a number of headers to use
the compiler __ARM_ARCH_XXX__ macros to configure
processor-specific support routines.
Submitted by: Tim Kientzle <kientzle@freebsd.org>
folding to 64 bits, while SHA1 code is big endian. Therefore, a bswap32
is required before using the value.
Without this change, the implementation does not conform to test vector
found in RFC 2289.
PR: bin/170519
Submitted by: Arthur Mesh <arthurmesh gmail com> (with changes)
MFC after: 1 week
This is mostly a no-op other than for ARM where it adds missing
__aeabi_mem* and __aeabi_*divmod functions. Even on ARM these will remain
unused until the rest of the ARM EABI code is merged.
unused -g, -emit-llvm or -w arguments when doing linking. E.g. invoking
"clang -g foo.o -o foo" will now be silent.
Reported by: Jakub Lach <jakub_lach@mailplus.pl>
MFC after: 1 week
in BIND9
High numbers of queries with DNSSEC validation enabled can cause an
assertion failure in named, caused by using a "bad cache" data structure
before it has been initialized.
CVE: CVE-2012-3817
Posting date: 24 July, 2012
including the include directive.
Fix minor build issue corrected by converting yypush_buffer_state and
yypop_buffer_state to yy_set_buffer_state and a hard-coded 100-deep
stack. It was easier to fix it here than to import that support into
our flex.
The new tools and test hardness remain unsupported at the moment.
desired, one can turn off the generation of post-ELF standard dtags by
overriding it with --disable-new-dtags after the default switch.
Immediate effect of the change is that -rpath path is now stored both
in DT_RPATH and DT_RUNPATH tags, which is the right way to provide
rpath for dynamic linker supporting DT_RUNPATH per specification.
Reviewed by: kan
MFC after: 1 month
When marking virtual functions as used for a class' vtable, mark all functions
which will appear in the vtable as used, not just those ones which were
declared within the class itself. Fixes an issue reported as comment#3 in
PR12763 -- we sometimes assert in codegen if we try to emit a reference to a
function declaration which we've not marked as referenced. This also matches
gcc's observed behavior.
This should fix clang assertions when building certain components of the
LibreOffice port.
MFC after: 3 days
adding appropriate table entries, the assembler had to be adjusted as
these are the first non-SSE instructions to use a 3-byte opcode (and a
mandatory prefix to boot).
MFC after: 1 month
instructions. I reimplemented this from scratch based on the Intel
manuals and the existing support for handling the fxsave and fxrstor
instructions. This will let us use these instructions natively with GCC
rather than hardcoding the opcodes in hex.
Reviewed by: kib
MFC after: 1 month
usage on hosts using ZFS. The new line displays the total amount of RAM
used by the ARC along with the size of MFU, MRU, anonymous (in flight),
headers, and other (miscellaneous) sub-categories. The line is not
displayed on systems that are not using ZFS.
Reviewed by: avg, fs@
MFC after: 3 days
The GCC4.3 branch contains some optimization fixes
that were not considered regressions and therefore
were never backported. We are bringing a couple of
them that are under GPLv2 since they were made
before the license switch upstream.
While here, add the GCC revision numbers in the
log.
Discussed with: jkim
MFC after: 1 week
The patches are unexpectedly causing gcc to fail while
building ports/graphics/ImageMagick even when the cpu
flags are not used.
Reported by: Andreas Tobler
Initial support for the AMD barcelona chipsets has been available in the
gcc43 branch under GPLv2 but was not included when the Core 2 support
was brought to the system gcc.
AMD and some linux distributions (OpenSUSE) did a backport of the amdfam10
support and made them available. Unfortunately this is still experimental
and while it can improve performance, enabling the CPUTYPE may break some
C++ ports (like clang).
Special care was taken to make sure that the patches predate the GPLv3
switch upstream.
Tested by: Vladimir Kushnir
Reviewed by: mm
Approved by: jhb (mentor)
MFC after: 2 weeks
Modified Fri Jul 10 07:44:34 2009 CDT by rafael
backport part of
http://gcc.gnu.org/ml/gcc-cvs/2007-10/msg00118.html
The patch is for libstdc++ and it was GPL2 at the time.
Modified Tue Apr 29 01:20:19 2008 CDT by asl
Backport from mainline (pre-GPLv3).
Fix for sizeof(const void*) > sizeof(unsigned long).
Approved by: jhb (mentor)
MFC after: 2 weeks
a critical bugfix:
Processing of DNS resource records where the rdata field is zero length
may cause various issues for the servers handling them.
Processing of these records may lead to unexpected outcomes. Recursive
servers may crash or disclose some portion of memory to the client.
Secondary servers may crash on restart after transferring a zone
containing these records. Master servers may corrupt zone data if the
zone option "auto-dnssec" is set to "maintain". Other unexpected
problems that are not listed here may also be encountered.
All BIND users are strongly encouraged to upgrade.
Allow unique_file to take a mode for file permissions, but default
to user only read/write.
and r156592 from upstream clang trunk:
For final output files create them with mode 0664 to match other
compilers and expected defaults.
This should fix clang creating files with mode 0600.
Reported by: James <james@hicag.org>
MFC after: 3 days
Feature Change
* BIND now recognizes the TLSA resource record type, created to
support IETF DANE (DNS-based Authentication of Named Entities)
Bug Fix
* The locking strategy around the handling of iterative queries
has been tuned to reduce unnecessary contention in a multi-
threaded environment.
Other critical bug fixes are included.
All BIND users are encouraged to upgrade.
Revert r115805. An array type is required to have a range type,
however, the range can be unknown for the upper bound.
Testcase to follow.
Part of rdar://11457152
This should fix ctfconvert producing error messages during kernel
builds, similar to:
ERROR: scsi_all.c: die 24561: failed to retrieve array bounds
These were caused by incorrect debug information for flexible array
members of structs.
MFC after: 3 days
bison, keeping full compatibility with our previous yacc implementation.
Also bring the ability to create reentrant parser
This fix bin/140309 [1]
PR: bin/140309 [1]
Submitted by: Philippe Pepiot <ksh@philpep.org> [1]
Approved by: des (mentor)
MFC after: 1 month
the GCC 4.1 branch and are available under GPLv2.
2007-11-07 Eric Botcazou <ebotcazou@libertysurf.fr>
PR rtl-optimization/33822
* rtl.h (REG_OFFSET): Fix comment.
* var-tracking.c (INT_MEM_OFFSET): New macro.
(var_mem_set): Use it.
(var_mem_delete_and_set): Likewise.
(var_mem_delete): Likewise.
(vt_get_decl_and_offset): Likewise.
(offset_valid_for_tracked_p): New predicate.
(count_uses): Do not track locations with invalid offsets.
(add_uses): Likewise.
(add_stores): Likewise.
http://gcc.gnu.org/viewcvs?root=gcc&view=rev&rev=129972
2007-11-16 Richard Guenther <rguenther@suse.de>
PR middle-end/34030
* fold-const.c (fold_binary): Use correct types for folding
1 << X & Y to Y >> X & 1.
http://gcc.gnu.org/viewcvs?root=gcc&view=rev&rev=130242
2008-01-14 Eric Botcazou <ebotcazou@adacore.com>
PR rtl-optimization/31944
* cse.c (remove_pseudo_from_table): New function.
(merge_equiv_classes): Use above function to remove pseudo-registers.
(invalidate): Likewise
http://gcc.gnu.org/viewcvs?root=gcc&view=rev&rev=131524
2008-01-24 Kaveh R. Ghazi <ghazi@caip.rutgers.edu>
Backport:
2007-11-07 Kenneth Zadeck <zadeck@naturalbridge.com>
PR middle-end/33826
* ipa-pure-const (static_execute): Added code to keep recursive
functions from being marked as pure or const.
* ipa-utils (searchc): Fixed comment.
http://gcc.gnu.org/viewcvs?root=gcc&view=rev&rev=131807
2008-02-01 Kaveh R. Ghazi <ghazi@caip.rutgers.edu>
Backport:
2007-08-02 Nathan Froyd <froydnj@codesourcery.com>
PR middle-end/25445
* varasm.c (default_binds_local_p_1): Consult flag_whole_program
if we are compiling with -fPIC.
http://gcc.gnu.org/viewcvs?root=gcc&view=rev&rev=132061
2008-02-04 Richard Guenther <rguenther@suse.de>
PR middle-end/33631
* expr.c (count_type_elements): Give for unions instead of
guessing.
http://gcc.gnu.org/viewcvs?root=gcc&view=rev&rev=132101
2008-02-14 Alan Modra <amodra@bigpond.net.au>
PR target/34393
* config/rs6000/rs6000.md (restore_stack_block): Force operands[1]
to a reg.
http://gcc.gnu.org/viewcvs?root=gcc&view=rev&rev=132309
2008-03-25 Richard Guenther <rguenther@suse.de>
Backport from mainline:
2008-02-12 Richard Guenther <rguenther@suse.de>
PR middle-end/35163
* fold-const.c (fold_widened_comparison): Use get_unwidened in
value-preserving mode. Disallow final truncation.
http://gcc.gnu.org/viewcvs?root=gcc&view=rev&rev=133509
2008-11-30 Eric Botcazou <ebotcazou@adacore.com>
PR target/38287
* config/sparc/sparc.md (divsi3 expander): Remove constraints.
(divsi3_sp32): Add new alternative with 'K' for operand #2.
(cmp_sdiv_cc_set): Factor common string.
(udivsi3_sp32): Add new alternative with 'K' for operand #2.
Add TARGET_V9 case.
(cmp_udiv_cc_set): Factor common string.
http://gcc.gnu.org/viewcvs?root=gcc&view=rev&rev=142298
Reviewed by: mm
Approved by: jhb (mentor)
MFC after: 1 week
compiler frame size used there so this whole thing is V8/V9-agnostic.
- Use 32-bit function alignment as GCC does when using UltraSPARC I or
higher optimizations.
- Don't waste delay slots when possible.
Unfortunately, this still doesn't make libcompiler_rt a viable replacement
for libgcc on sparc64 though as once installed instead, buildworld times
increase by nearly 60% (which isn't related to these assembler functions).
sometimes disappear from the resulting object file, if compiled with
clang. In particular, this can lead to errors when building world with
clang and -g, similar to:
/usr/obj/usr/src/tmp/usr/lib/libc.so: undefined reference to `_malloc_options'
Reported by: Conrad J. Sabatier <conrads@.no.cox.net>
Reviewed by: jasone
prior to 3.0.0 release). This fixes several bugs related to memory
initialization.
Mangle __jemalloc_a0{malloc,calloc,free}() just like all the other
library-internal symbols in jemalloc, and adjust the tls allocation code
in libc to use the mangled names.
prior to 3.0.0 release) as contrib/jemalloc, and integrate it into libc.
The code being imported by this commit diverged from
lib/libc/stdlib/malloc.c in March 2010, which means that a portion of
the jemalloc 1.0.0 ChangeLog entries are relevant, as are the entries
for all subsequent releases.
we can free it later, instead of trying to free a pointer that points
to the end of the buffer.
Committed to head because this code no longer exists upstream.
Submitted by: jasone@
leak when iterating over possible audit trail directories. This fix will
be merged upstream in an identical form, but hasn't yet appeared in an
OpenBSM release.
Submitted by: guido
Obtained from: TrustedBSD Project
MFC after: 3 days
The fix is similar to the one applied in GCC-4.3 in
GCCSVN-r117929 under the GPLv2.
Submitted by: Andrey Simonenko
Reviewed by: mm
Approved by: jhb (mentor)
MFC after: 3 days
- Updates to various locations in Antarctica.
- Armenia will abolish DST this year.
- Not only Samoa has moved to UTC+14, also Fakaofo did.
- There will be a leap second in 30 June 2012.
- Historical updates of 1918 to Canada, Winn, Regina, Edm, Vanc, Creston.
- Chili stays on DST until 28 April 2012
- The Falkland islands will stay on DST this year.
Unfortunately, the ABI was broken upstream for the 4.2 release, which we
imported. We then shipped the broken version for several years and certain
ports (e.g. libobjc2) depend on it, so we're stuck with it for now...
We should revisit this for 10.0, since we're allowed to break the ABI then, but
until then we should keep the ABI we shipped with 8.x and 9.x.
Reviewed by: kan
Approved by: dim (mentor)
MFC after: 1 week
several new kerberos related libraries and applications to FreeBSD:
o kgetcred(1) allows one to manually get a ticket for a particular service.
o kf(1) securily forwards ticket to another host through an authenticated
and encrypted stream.
o kcc(1) is an umbrella program around klist(1), kswitch(1), kgetcred(1)
and other user kerberos operations. klist and kswitch are just symlinks
to kcc(1) now.
o kswitch(1) allows you to easily switch between kerberos credentials if
you're running KCM.
o hxtool(1) is a certificate management tool to use with PKINIT.
o string2key(1) maps a password into key.
o kdigest(8) is a userland tool to access the KDC's digest interface.
o kimpersonate(8) creates a "fake" ticket for a service.
We also now install manpages for some lirbaries that were not installed
before, libheimntlm and libhx509.
- The new HEIMDAL version no longer supports Kerberos 4. All users are
recommended to switch to Kerberos 5.
- Weak ciphers are now disabled by default. To enable DES support (used
by telnet(8)), use "allow_weak_crypto" option in krb5.conf.
- libtelnet, pam_ksu and pam_krb5 are now compiled with error on warnings
disabled due to the function they use (krb5_get_err_text(3)) being
deprecated. I plan to work on this next.
- Heimdal's KDC now require sqlite to operate. We use the bundled version
and install it as libheimsqlite. If some other FreeBSD components will
require it in the future we can rename it to libbsdsqlite and use for these
components as well.
- This is not a latest Heimdal version, the new one was released while I was
working on the update. I will update it to 1.5.2 soon, as it fixes some
important bugs and security issues.
the following warning produced by clang trunk:
In file included from /usr/src/sbin/devd/devd.cc:91:
In file included from /usr/obj/usr/src/tmp/usr/include/c++/4.2/map:64:
/usr/obj/usr/src/tmp/usr/include/c++/4.2/bits/stl_tree.h:987:2: error: add explicit braces to avoid dangling else [-Werror,-Wdangling-else]
else
^
MFC after: 3 days
Make our handling of MMX x SSE closer to what gcc does:
* Enabling sse enables mmx.
* Disabling (-mno-mmx) mmx, doesn't disable sse (we got this right already).
* The order in not important. -msse -mno-mmx is the same as -mno-mmx -msse.
Some configure scripts depend on this.
PR: i386/165968
MFC after: 3 days
When ntp switched between PLL and FLL mode it produced a log message
"kernel time sync status change %04x". This issue is reported in ntp
bug 452[1] which claims that this behaviour is normal and the log
message isn't necessary. I'm not sure exactly when it was removed, but
it's gone in the latest ntp release (4.2.6p5).
[1] http://bugs.ntp.org/show_bug.cgi?id=452
Approved by: roberto
socket is used. The previous code structure assumed that AF_INET sockets
were always available, which is an invalid assumption on IPv6-only systems.
This merges the fololowing revisions from NetBSD:
src/usr.bin/ftp/main.c 1.120
src/usr.bin/ftp/util.c 1.156
PR: bin/162661
Tested by: bz
Obtained from: NetBSD
MFC after: 1 week
