signal can arrive before the thread is woken from it's wait4. In this
case, don't return an EINTR, just set the thread state to running and
the wait4 wrapper will loop and get the exit status of the process.
propagates a bug (that there is no poll wrapper in libc_r), but it
prevents GNU configure scripts from trying to use it in preference
to select. libc_r really needs to change it's wait interface to use
poll instead of select because poll is more a superset of select that
the other way around.
This should allow the Roxen web server to work out-of-the-box. It's
configuration intercae is kinda neat. The code isn't. Shiver. 8-)
includes and interfaces have been merged with the 8.1.2 update.
This essentially leaves the isc/* files that named and named-xfer use.
It might be best to just compile them with .PATH in both cases rather than
bothering with libbind.
copy to bring these files into libc from libcompat. I will enable
them and kill off the libcompat versions on the main branch soon.
PR: step one toward closing misc/6763
line number every time a file descriptor is locked.
This looks like a big change but it isn't. It should reduce the size
of libc_r and make it run slightly faster.
time that a thread keeps the file descriptor table locked. In particular,
perform malloc/free calls outside the lock and handle the situation
where two threads can race to initialise the table entry for the same
file descriptor.
with -D_LOCK_DEBUG. This adds the file name and line number to each lock
call and these are stored in the spinlock structure. When using debug
mode, the lock function will check if the thread is trying to lock
something it has already locked. This is not supposed to happen because
the lock will be freed too early.
Without lock debug, libc_r should be smaller and slightly faster.
cleanup destructor, so trap this case to prevent me from being being
burnt again by applications that try to do this. With this change, an
application (like one using a mis-configured ACE) will exit the process
after displaying a message quoting the POSIX section that the application
has violated.
is allocated or not, rather than keeping a count and attempting to
know it it is in-use. POSIX says that once a key is deleted, using the
key again results in undefined behaviour.
available and the kernel MIB setting is zero.
Return the result from getpagesize() if the p1003_1b.pagesize MIB
value is zero.
Suggested by: Joerg Schilling <schilling@fokus.gmd.de>
Here is a some example for avoiding a confusion.
It asssumes a logged host domain is "spec.co.jp". All
example is longer than UT_HOSTNAMELEN value.
1) turbo.tama.spec.co.jp: 192.19.0.2 -> trubo.tama
2) turbo.tama.foo.co.jp : 192.19.0.2 -> 192.19.0.2
3) specgw.spec.co.jp : 202.32.13.1 -> specgw
Submitted by: Atsushi Murai <amurai@spec.co.jp>
point to it rather than libscrypt.
This was how it was done prior to libscrypt being added in. This should
stop more people getting burnt with the /usr/lib -> /usr/lib/aout
transition, and the same when the ELF libs come online.
Move a.out libraries to /usr/lib/aout to make space for ELF libs.
Make rtld usr /usr/lib/aout as default library path.
Make ldconfig reject /usr/lib as an a.out library path.
Fix various Makefiles for LIBDIR!=/usr/lib breakage.
This will after a make world & reboot give a system that no
longer uses /usr/lib/*, infact one could remove all the old
libraries there, they are not used anymore.
We are getting close to an ELF make world, but I'll let this
all settle for a week or two...
written without returning to the caller. This only occurs on pipes
where either the number of bytes written is greater than the pipe
buffer or if there is insufficient space in the pipe buffer because the
reader is reading slower than the writer is writing.
size we receive here should fit into the receive buffer. Unfortunately,
there's no 100% foolproof way to distinguish a ridiculously large record
size that a client actually meant to send us from a ridiculously large
record size that was sent as a spoof attempt.
The one value that we can positively identify as bogus is zero. A
zero-sized record makes absolutely no sense, and sending an endless
supply of zeroes will cause the server to loop forever trying to
fill its receive buffer.
Note that the changes made to readtcp() make it okay to revert this
sanity test since the deadlock case where a client can keep the server
occupied forever in the readtcp() select() loop can't happen anymore.
This solution is not ideal, but is relatively easy to implement. The
ideal solution would be to re-arrange the way dispatching is handled
so that the select() loop in readtcp() can be eliminated, but this is
difficult to implement. I do plan to implement the complete solution
eventually but in the meantime I don't want to leave the RPC library
totally vulnerable.
That you very much Sun, may I have another.
uses readtcp() to gather data from the network; readtcp() uses select(),
with a timeout of 35 seconds. The problem with this is that if you
connect to a TCP server, send two bytes of data, then just pause, the
server will remain blocked in readtcp() for up to 35 seconds, which is
sort of a long time. If you keep doing this every 35 seconds, you can
keep the server occupied indefinitely.
To fix this, I modified readtcp() (and its cousin, readunix() in svc_unix.c)
to monitor all service transport handles instead of just the current socket.
This allows the server to keep handling new connections that arrive while
readtcp() is running. This prevents one client from potentially monopolizing
a server.
Also, while I was here, I fixed a bug in the timeout calculations. Someone
attempted to adjust the timeout so that if select() returned EINTR and the
loop was restarted, the timeout would be reduced so that rather than waiting
for another 35 seconds, you could never wait for more than 35 seconds total.
Unfortunately, the calculation was wrong, and the timeout could expire much
sooner than 35 seconds.
recently in BUGTRAQ. The set_input_fragment() routine in the XDR record
marking code blindly trusts that the first two bytes it sees will in fact
be an actual record header and that the specified size will be sane. In
fact, if you just telnet to a listening port of an RPC service and send a
few carriage returns, set_input_fragment() will obtain a ridiculously large
record size and sit there for a long time trying to read from the network.
A sanity test is required: if the record size is larger than the receive
buffer, punt.
recently in BUGTRAQ. If a stream oriented transport fails to properly decode
an RPC message header structure where there should be one, it should mark
the stream as dead so that the connection will be dropped.
dereferenced. This is because 'SP' is only initialized via 'newterm()'
(which is not required if you are going to interact with the 'terminfo'
database without using 'ncurses').
PR: 6648
Submitted by: Max Euston <meuston@jmrodgers.com>
Use rpcgen's -C option, although using it for non-headers breaks K&R
support. A local copy of yp.h is built to avoid adding
-I/usr/include/rpcsvc to CFLAGS. This version of yp.h differed from
<rpcsvc/yp.h> only in not declaring prototypes.
Fixed style bugs.
but also assumes that they are 32-bits. This is one place where I don't
think it is appropriate to change 'long' to 'int'. I don't see why the
code couldn't be fixed so that using natural long variables does the
right thing. It's spaggetti code so it'll take some effort. Obviously
NetBSD thought so too because they change 'long' to 'int32_t' etc
and left it at that. As a temporary measure FreeBSD/Alpha can use the
NetBSD code and put this on the list of things to fix.
in termios.h, but it's prototype in termcap.h and the main file use
the underlying definition (which is now an int, not a long for
compatibility with NetBSD). Really termcap.h should use speed_t too,
but I guess that this might break sources that don't include termios.h
first.
One bug was relatively harmless (select's timeout had an uninitialized
tv_usec), the other I'm not so sure.. (neglected to catch select returns
less than zero). Both of these were irrelevant on kernels with poll().
chunks of res_comp.c and replacing it with chunks of bind-8.1.1's resolver
code. (There are no interface changes though)
The other parts are better bounds checking related.
default syscall asm, so add it to NOASM. The other syscalls that manipulate
kernel threads use the default asm code, so they just get built
automatically.
file works with libpthread, but when built into libc_r which has a non-weak
symbol of the same name, the linker behaves unpredicatably and sometimes
links the wrong symbol. The linker behaviour is a byproduct of what
the program calls from object to object so it is like winning a lottery
if the program actually works. The odds are quite good - 95:1, I think.
We need a sure thing, though, so weak symbols can't be used instead
of renaming things.
of the one in libc that contains the weak symbol for __error. FreeBSD's
make accumulates paths to the point that it can find *anything*, possibly
including the car keys.
for the process, not a separate set for each thread). By default, the
process now only has signal handlers installed for SIGVTALRM, SIGINFO
and SIGCHLD. The thread kernel signal handler is installed for other
signals on demand. This means that SIG_IGN and SIG_DFL processing is now
left to the kernel, not the thread kernel.
Change the signal dispatch to no longer use a signal thread, and
call the signal handler using the stack of the thread that has the
signal pending.
Change the atomic lock method to use test-and-set asm code with
a yield if blocked. This introduces separate locks for each type
of object instead of blocking signals to prevent a context
switch. It was this blocking of signals that caused the performance
degradation the people have noted.
This is a *big* change!
Note odd `sigmask()' line in synopsis. `sigsetops(3)' is better suited
for `sigprocmask' and is already referenced from the manual page.
(`sigmask()' is useful for the older (& deprecated) `sigsetmask()' API).
PR: 6395
Reviewed by: phk
Submitted by: Joseph Koshy <koshy@india.hp.com>
leading XXX's. It could wrap an uppercase character through chars
like: [ \ ] ^ _ ` in between Z and a. The backslash and back tick
might be particularly nasty in a shell script context. Also, since
we've been using upper-case generated values for a while now, go with
the flow and use them in the pathname search rotation.
it was. Add a FILE_WAIT state and queue threads waiting for a FILE
lock. Start using the sys/queue.h macros instead of the way that MIT
pthreads did it.
Add a thread name to the private thread structure and a non-POSIX
function to set this. This helps (me at least) when sending a SIGINFO
to a threaded process to get a /tmp/uthread.dump to see what the
<expletive deleted> threads are doing this time. It is nice to be
able to recognise (yes, I spell that with an 's' too) which threads
are which.
Change the FILE locking to support kernel threads when linked with
libpthread (which you haven't see yet). This requires that libc become
thread-safe and thread-aware, testing __isthreaded before attempting
to do lock/unlock calls. The impact on non-threaded programs is minor.
This change works with libc_r, so it's the best compromise.
libc to determine if locking is required. This is needed in libc
for use with kernel threads, but until a thread is created, we don't
really want to bother locking things. The variable was added here
because the crt code calls exit(main()) so all programs will get the
variable.
threads from invalid ones. The pthread structure is opaque to the user
so this change does not cause any incompatibilities.
Hopefully this change will help code that was written for draft 4
fail gracefully if the programmer ignores the compiler warning about
the change in the level of indirection for the argument passed to
pthread_detach(). I got burnt, so I fixed then (expletive deleted)
thing.
These functions comply with the revised standard. That should shut
Terry up!
Add a note about not touching errno and warn about previous drafts
of the standard which changed the level of indirection to the thread
argument. POSIX had a bit of trouble deciding what to do. So anyone
coding to both draft 4 and draft 10 (the final draft) will get burnt
by this function. I did. Grrr.
_KPOSIX_PRIORITY_SCHEDULING options to work. Changes:
Change all "posix4" to "p1003_1b". Misnamed files are left
as "posix4" until I'm told if I can simply delete them and add
new ones;
Add _POSIX_PRIORITY_SCHEDULING system calls for FreeBSD and Linux;
Add man pages for _POSIX_PRIORITY_SCHEDULING system calls;
Add options to LINT;
Minor fixes to P1003_1B code during testing.
Commented out docmentation of nonexistent authenticate() and
auth_timesok(). authenticate() seems to be obsolete and
auth_timesok() never existed in FreeBSD.