From 4b4c3171d9369ef4cb0491ac6f9b481787110022 Mon Sep 17 00:00:00 2001 From: oreo639 Date: Tue, 12 Nov 2024 00:10:55 -0800 Subject: [PATCH] glibc: update to 2.41. (nocross) https://lists.gnu.org/archive/html/info-gnu/2025-01/msg00014.html --- common/shlibs | 60 +- ...1a0047fb26a65a9b2a7b8cd977243f7d353c.patch | 262 --------- srcpkgs/glibc/patches/2.41-math.patch | 259 +++++++++ ...2cb5e9d713ab0f4135dd8776a201f7a53f24.patch | 81 +++ ...159626b67fe11f39e83e222cf4348a3962f3.patch | 80 --- ...d9020fdad925297c9e133055bd8804028f32.patch | 26 + ...5e4fda1f6dab4bf7442706fe303bf283036c.patch | 37 -- ...f8e93964a99db3e3fa4b8a7aba179185ef0a.patch | 61 ++ ...12855d6606d078aaabaa7ef24b695c3f0349.patch | 46 ++ srcpkgs/glibc/patches/CVE-2024-2961.patch | 56 -- srcpkgs/glibc/patches/CVE-2024-335XX.patch | 535 ------------------ ...20653724029be89224ed3a35d627cc5b4163.patch | 37 ++ ...765522f014daa0392099dd9ba1f7ddcc511d.patch | 53 ++ ...132484ea49be0478e4dcbd108d433d70f64c.patch | 58 ++ srcpkgs/glibc/template | 7 +- 15 files changed, 655 insertions(+), 1003 deletions(-) delete mode 100644 srcpkgs/glibc/patches/1b9c1a0047fb26a65a9b2a7b8cd977243f7d353c.patch create mode 100644 srcpkgs/glibc/patches/2.41-math.patch create mode 100644 srcpkgs/glibc/patches/30992cb5e9d713ab0f4135dd8776a201f7a53f24.patch delete mode 100644 srcpkgs/glibc/patches/312e159626b67fe11f39e83e222cf4348a3962f3.patch create mode 100644 srcpkgs/glibc/patches/33bfd9020fdad925297c9e133055bd8804028f32.patch delete mode 100644 srcpkgs/glibc/patches/63295e4fda1f6dab4bf7442706fe303bf283036c.patch create mode 100644 srcpkgs/glibc/patches/746ef8e93964a99db3e3fa4b8a7aba179185ef0a.patch create mode 100644 srcpkgs/glibc/patches/98c712855d6606d078aaabaa7ef24b695c3f0349.patch delete mode 100644 srcpkgs/glibc/patches/CVE-2024-2961.patch delete mode 100644 srcpkgs/glibc/patches/CVE-2024-335XX.patch create mode 100644 srcpkgs/glibc/patches/cb7f20653724029be89224ed3a35d627cc5b4163.patch create mode 100644 srcpkgs/glibc/patches/ce9b765522f014daa0392099dd9ba1f7ddcc511d.patch create mode 100644 srcpkgs/glibc/patches/e22c132484ea49be0478e4dcbd108d433d70f64c.patch diff --git a/common/shlibs b/common/shlibs index 744f3c6d960..f683c807f06 100644 --- a/common/shlibs +++ b/common/shlibs @@ -17,36 +17,36 @@ # one (order top->bottom) is preferred over the next ones. # libc.so musl-1.1.24_7 -libc.so.6 glibc-2.39_1 -libm.so.6 glibc-2.39_1 -libpthread.so.0 glibc-2.39_1 -librt.so.1 glibc-2.39_1 -libdl.so.2 glibc-2.39_1 -ld-linux-x86-64.so.2 glibc-2.39_1 x86_64 -ld-linux.so.2 glibc-2.39_1 i686 -ld-linux.so.3 glibc-2.39_1 armv5tel -ld-linux-aarch64.so.1 glibc-2.39_1 aarch64 -ld-linux-riscv64-lp64d.so.1 glibc-2.39_1 riscv64 -ld64.so.2 glibc-2.39_1 ppc64 -ld.so.1 glibc-2.39_1 mips -ld.so.1 glibc-2.39_1 ppc -ld-linux-armhf.so.3 glibc-2.39_1 -libresolv.so.2 glibc-2.39_1 -libanl.so.1 glibc-2.39_1 -libthread_db.so.1 glibc-2.39_1 -libutil.so.1 glibc-2.39_1 -libnsl.so.1 glibc-2.39_1 -libnss_db.so.2 glibc-2.39_1 -libnss_files.so.2 glibc-2.39_1 -libnss_compat.so.2 glibc-2.39_1 -libnss_dns.so.2 glibc-2.39_1 -libnss_hesiod.so.2 glibc-2.39_1 -libBrokenLocale.so.1 glibc-2.39_1 -libmemusage.so glibc-2.39_1 -libSegFault.so glibc-2.39_1 -libpcprofile.so glibc-2.39_1 -libcidn.so.1 glibc-2.39_1 -libmvec.so.1 glibc-2.39_1 +libc.so.6 glibc-2.41_1 +libm.so.6 glibc-2.41_1 +libpthread.so.0 glibc-2.41_1 +librt.so.1 glibc-2.41_1 +libdl.so.2 glibc-2.41_1 +ld-linux-x86-64.so.2 glibc-2.41_1 x86_64 +ld-linux.so.2 glibc-2.41_1 i686 +ld-linux.so.3 glibc-2.41_1 armv5tel +ld-linux-aarch64.so.1 glibc-2.41_1 aarch64 +ld-linux-riscv64-lp64d.so.1 glibc-2.41_1 riscv64 +ld64.so.2 glibc-2.41_1 ppc64 +ld.so.1 glibc-2.41_1 mips +ld.so.1 glibc-2.41_1 ppc +ld-linux-armhf.so.3 glibc-2.41_1 +libresolv.so.2 glibc-2.41_1 +libanl.so.1 glibc-2.41_1 +libthread_db.so.1 glibc-2.41_1 +libutil.so.1 glibc-2.41_1 +libnsl.so.1 glibc-2.41_1 +libnss_db.so.2 glibc-2.41_1 +libnss_files.so.2 glibc-2.41_1 +libnss_compat.so.2 glibc-2.41_1 +libnss_dns.so.2 glibc-2.41_1 +libnss_hesiod.so.2 glibc-2.41_1 +libBrokenLocale.so.1 glibc-2.41_1 +libmemusage.so glibc-2.41_1 +libSegFault.so glibc-2.41_1 +libpcprofile.so glibc-2.41_1 +libcidn.so.1 glibc-2.41_1 +libmvec.so.1 glibc-2.41_1 libcrypt.so.2 libxcrypt-4.4.36_1 libcrypt.so.1 libxcrypt-compat-4.4.36_1 libSimGearCore.so.2020.3.17 simgear-2020.3.17_1 diff --git a/srcpkgs/glibc/patches/1b9c1a0047fb26a65a9b2a7b8cd977243f7d353c.patch b/srcpkgs/glibc/patches/1b9c1a0047fb26a65a9b2a7b8cd977243f7d353c.patch deleted file mode 100644 index f0a67b1939d..00000000000 --- a/srcpkgs/glibc/patches/1b9c1a0047fb26a65a9b2a7b8cd977243f7d353c.patch +++ /dev/null @@ -1,262 +0,0 @@ -From 1b9c1a0047fb26a65a9b2a7b8cd977243f7d353c Mon Sep 17 00:00:00 2001 -From: Jakub Jelinek -Date: Wed, 31 Jan 2024 19:17:27 +0100 -Subject: [PATCH] Use gcc __builtin_stdc_* builtins in stdbit.h if possible - -The following patch uses the GCC 14 __builtin_stdc_* builtins in stdbit.h -for the type-generic macros, so that when compiled with GCC 14 or later, -it supports not just 8/16/32/64-bit unsigned integers, but also 128-bit -(if target supports them) and unsigned _BitInt (any supported precision). -And so that the macros don't expand arguments multiple times and can be -evaluated in constant expressions. - -The new testcase is gcc's gcc/testsuite/gcc.dg/builtin-stdc-bit-1.c -adjusted to test stdbit.h and the type-generic macros in there instead -of the builtins and adjusted to use glibc test framework rather than -gcc style tests with __builtin_abort (). - -Signed-off-by: Jakub Jelinek -Reviewed-by: Joseph Myers -(cherry picked from commit da89496337b97e6a2aaf1e81d55cf998f6db1070) ---- - manual/stdbit.texi | 8 +- - stdlib/Makefile | 1 + - stdlib/stdbit.h | 84 +++- - stdlib/tst-stdbit-builtins.c | 778 +++++++++++++++++++++++++++++++++++ - 4 files changed, 856 insertions(+), 15 deletions(-) - create mode 100644 stdlib/tst-stdbit-builtins.c - -diff --git a/manual/stdbit.texi b/manual/stdbit.texi -index fe41c671d8..6c75ed9a20 100644 ---- a/manual/stdbit.texi -+++ b/manual/stdbit.texi -@@ -32,7 +32,13 @@ and @code{unsigned long long int}. In addition, there is a - corresponding type-generic macro (not listed below), named the same as - the functions but without any suffix such as @samp{_uc}. The - type-generic macro can only be used with an argument of an unsigned --integer type with a width of 8, 16, 32 or 64 bits. -+integer type with a width of 8, 16, 32 or 64 bits, or when using -+a compiler with support for -+@uref{https://gcc.gnu.org/onlinedocs/gcc/Other-Builtins.html,@code{__builtin_stdc_bit_ceil}}, -+etc.@:, built-in functions such as GCC 14.1 or later -+any unsigned integer type those built-in functions support. -+In GCC 14.1 that includes support for @code{unsigned __int128} and -+@code{unsigned _BitInt(@var{n})} if supported by the target. - - @deftypefun {unsigned int} stdc_leading_zeros_uc (unsigned char @var{x}) - @deftypefunx {unsigned int} stdc_leading_zeros_us (unsigned short @var{x}) -diff --git a/stdlib/stdbit.h b/stdlib/stdbit.h -index f334eb174d..2801590c63 100644 ---- a/stdlib/stdbit.h -+++ b/stdlib/stdbit.h -@@ -64,9 +64,13 @@ extern unsigned int stdc_leading_zeros_ul (unsigned long int __x) - __extension__ - extern unsigned int stdc_leading_zeros_ull (unsigned long long int __x) - __THROW __attribute_const__; --#define stdc_leading_zeros(x) \ -+#if __glibc_has_builtin (__builtin_stdc_leading_zeros) -+# define stdc_leading_zeros(x) (__builtin_stdc_leading_zeros (x)) -+#else -+# define stdc_leading_zeros(x) \ - (stdc_leading_zeros_ull (x) \ - - (unsigned int) (8 * (sizeof (0ULL) - sizeof (x)))) -+#endif - - #if __GNUC_PREREQ (3, 4) || __glibc_has_builtin (__builtin_clzll) - static __always_inline unsigned int -@@ -116,9 +120,13 @@ extern unsigned int stdc_leading_ones_ul (unsigned long int __x) - __extension__ - extern unsigned int stdc_leading_ones_ull (unsigned long long int __x) - __THROW __attribute_const__; --#define stdc_leading_ones(x) \ -+#if __glibc_has_builtin (__builtin_stdc_leading_ones) -+# define stdc_leading_ones(x) (__builtin_stdc_leading_ones (x)) -+#else -+# define stdc_leading_ones(x) \ - (stdc_leading_ones_ull ((unsigned long long int) (x) \ - << 8 * (sizeof (0ULL) - sizeof (x)))) -+#endif - - #if __GNUC_PREREQ (3, 4) || __glibc_has_builtin (__builtin_clzll) - static __always_inline unsigned int -@@ -168,11 +176,15 @@ extern unsigned int stdc_trailing_zeros_ul (unsigned long int __x) - __extension__ - extern unsigned int stdc_trailing_zeros_ull (unsigned long long int __x) - __THROW __attribute_const__; --#define stdc_trailing_zeros(x) \ -+#if __glibc_has_builtin (__builtin_stdc_trailing_zeros) -+# define stdc_trailing_zeros(x) (__builtin_stdc_trailing_zeros (x)) -+#else -+# define stdc_trailing_zeros(x) \ - (sizeof (x) == 8 ? stdc_trailing_zeros_ull (x) \ - : sizeof (x) == 4 ? stdc_trailing_zeros_ui (x) \ - : sizeof (x) == 2 ? stdc_trailing_zeros_us (__pacify_uint16 (x)) \ - : stdc_trailing_zeros_uc (__pacify_uint8 (x))) -+#endif - - #if __GNUC_PREREQ (3, 4) || __glibc_has_builtin (__builtin_ctzll) - static __always_inline unsigned int -@@ -222,7 +234,11 @@ extern unsigned int stdc_trailing_ones_ul (unsigned long int __x) - __extension__ - extern unsigned int stdc_trailing_ones_ull (unsigned long long int __x) - __THROW __attribute_const__; --#define stdc_trailing_ones(x) (stdc_trailing_ones_ull (x)) -+#if __glibc_has_builtin (__builtin_stdc_trailing_ones) -+# define stdc_trailing_ones(x) (__builtin_stdc_trailing_ones (x)) -+#else -+# define stdc_trailing_ones(x) (stdc_trailing_ones_ull (x)) -+#endif - - #if __GNUC_PREREQ (3, 4) || __glibc_has_builtin (__builtin_ctzll) - static __always_inline unsigned int -@@ -272,11 +288,15 @@ extern unsigned int stdc_first_leading_zero_ul (unsigned long int __x) - __extension__ - extern unsigned int stdc_first_leading_zero_ull (unsigned long long int __x) - __THROW __attribute_const__; --#define stdc_first_leading_zero(x) \ -+#if __glibc_has_builtin (__builtin_stdc_first_leading_zero) -+# define stdc_first_leading_zero(x) (__builtin_stdc_first_leading_zero (x)) -+#else -+# define stdc_first_leading_zero(x) \ - (sizeof (x) == 8 ? stdc_first_leading_zero_ull (x) \ - : sizeof (x) == 4 ? stdc_first_leading_zero_ui (x) \ - : sizeof (x) == 2 ? stdc_first_leading_zero_us (__pacify_uint16 (x)) \ - : stdc_first_leading_zero_uc (__pacify_uint8 (x))) -+#endif - - #if __GNUC_PREREQ (3, 4) || __glibc_has_builtin (__builtin_clzll) - static __always_inline unsigned int -@@ -326,11 +346,15 @@ extern unsigned int stdc_first_leading_one_ul (unsigned long int __x) - __extension__ - extern unsigned int stdc_first_leading_one_ull (unsigned long long int __x) - __THROW __attribute_const__; --#define stdc_first_leading_one(x) \ -+#if __glibc_has_builtin (__builtin_stdc_first_leading_one) -+# define stdc_first_leading_one(x) (__builtin_stdc_first_leading_one (x)) -+#else -+# define stdc_first_leading_one(x) \ - (sizeof (x) == 8 ? stdc_first_leading_one_ull (x) \ - : sizeof (x) == 4 ? stdc_first_leading_one_ui (x) \ - : sizeof (x) == 2 ? stdc_first_leading_one_us (__pacify_uint16 (x)) \ - : stdc_first_leading_one_uc (__pacify_uint8 (x))) -+#endif - - #if __GNUC_PREREQ (3, 4) || __glibc_has_builtin (__builtin_clzll) - static __always_inline unsigned int -@@ -380,11 +404,15 @@ extern unsigned int stdc_first_trailing_zero_ul (unsigned long int __x) - __extension__ - extern unsigned int stdc_first_trailing_zero_ull (unsigned long long int __x) - __THROW __attribute_const__; --#define stdc_first_trailing_zero(x) \ -+#if __glibc_has_builtin (__builtin_stdc_first_trailing_zero) -+# define stdc_first_trailing_zero(x) (__builtin_stdc_first_trailing_zero (x)) -+#else -+# define stdc_first_trailing_zero(x) \ - (sizeof (x) == 8 ? stdc_first_trailing_zero_ull (x) \ - : sizeof (x) == 4 ? stdc_first_trailing_zero_ui (x) \ - : sizeof (x) == 2 ? stdc_first_trailing_zero_us (__pacify_uint16 (x)) \ - : stdc_first_trailing_zero_uc (__pacify_uint8 (x))) -+#endif - - #if __GNUC_PREREQ (3, 4) || __glibc_has_builtin (__builtin_ctzll) - static __always_inline unsigned int -@@ -434,11 +462,15 @@ extern unsigned int stdc_first_trailing_one_ul (unsigned long int __x) - __extension__ - extern unsigned int stdc_first_trailing_one_ull (unsigned long long int __x) - __THROW __attribute_const__; --#define stdc_first_trailing_one(x) \ -+#if __glibc_has_builtin (__builtin_stdc_first_trailing_one) -+# define stdc_first_trailing_one(x) (__builtin_stdc_first_trailing_one (x)) -+#else -+# define stdc_first_trailing_one(x) \ - (sizeof (x) == 8 ? stdc_first_trailing_one_ull (x) \ - : sizeof (x) == 4 ? stdc_first_trailing_one_ui (x) \ - : sizeof (x) == 2 ? stdc_first_trailing_one_us (__pacify_uint16 (x)) \ - : stdc_first_trailing_one_uc (__pacify_uint8 (x))) -+#endif - - #if __GNUC_PREREQ (3, 4) || __glibc_has_builtin (__builtin_ctzll) - static __always_inline unsigned int -@@ -488,9 +520,13 @@ extern unsigned int stdc_count_zeros_ul (unsigned long int __x) - __extension__ - extern unsigned int stdc_count_zeros_ull (unsigned long long int __x) - __THROW __attribute_const__; --#define stdc_count_zeros(x) \ -+#if __glibc_has_builtin (__builtin_stdc_count_zeros) -+# define stdc_count_zeros(x) (__builtin_stdc_count_zeros (x)) -+#else -+# define stdc_count_zeros(x) \ - (stdc_count_zeros_ull (x) \ - - (unsigned int) (8 * (sizeof (0ULL) - sizeof (x)))) -+#endif - - #if __GNUC_PREREQ (3, 4) || __glibc_has_builtin (__builtin_popcountll) - static __always_inline unsigned int -@@ -540,7 +576,11 @@ extern unsigned int stdc_count_ones_ul (unsigned long int __x) - __extension__ - extern unsigned int stdc_count_ones_ull (unsigned long long int __x) - __THROW __attribute_const__; --#define stdc_count_ones(x) (stdc_count_ones_ull (x)) -+#if __glibc_has_builtin (__builtin_stdc_count_ones) -+# define stdc_count_ones(x) (__builtin_stdc_count_ones (x)) -+#else -+# define stdc_count_ones(x) (stdc_count_ones_ull (x)) -+#endif - - #if __GNUC_PREREQ (3, 4) || __glibc_has_builtin (__builtin_popcountll) - static __always_inline unsigned int -@@ -590,10 +630,14 @@ extern bool stdc_has_single_bit_ul (unsigned long int __x) - __extension__ - extern bool stdc_has_single_bit_ull (unsigned long long int __x) - __THROW __attribute_const__; --#define stdc_has_single_bit(x) \ -+#if __glibc_has_builtin (__builtin_stdc_has_single_bit) -+# define stdc_has_single_bit(x) (__builtin_stdc_has_single_bit (x)) -+#else -+# define stdc_has_single_bit(x) \ - ((bool) (sizeof (x) <= sizeof (unsigned int) \ - ? stdc_has_single_bit_ui (x) \ - : stdc_has_single_bit_ull (x))) -+#endif - - static __always_inline bool - __hsb64_inline (uint64_t __x) -@@ -641,7 +685,11 @@ extern unsigned int stdc_bit_width_ul (unsigned long int __x) - __extension__ - extern unsigned int stdc_bit_width_ull (unsigned long long int __x) - __THROW __attribute_const__; --#define stdc_bit_width(x) (stdc_bit_width_ull (x)) -+#if __glibc_has_builtin (__builtin_stdc_bit_width) -+# define stdc_bit_width(x) (__builtin_stdc_bit_width (x)) -+#else -+# define stdc_bit_width(x) (stdc_bit_width_ull (x)) -+#endif - - #if __GNUC_PREREQ (3, 4) || __glibc_has_builtin (__builtin_clzll) - static __always_inline unsigned int -@@ -691,7 +739,11 @@ extern unsigned long int stdc_bit_floor_ul (unsigned long int __x) - __extension__ - extern unsigned long long int stdc_bit_floor_ull (unsigned long long int __x) - __THROW __attribute_const__; --#define stdc_bit_floor(x) ((__typeof (x)) stdc_bit_floor_ull (x)) -+#if __glibc_has_builtin (__builtin_stdc_bit_floor) -+# define stdc_bit_floor(x) (__builtin_stdc_bit_floor (x)) -+#else -+# define stdc_bit_floor(x) ((__typeof (x)) stdc_bit_floor_ull (x)) -+#endif - - #if __GNUC_PREREQ (3, 4) || __glibc_has_builtin (__builtin_clzll) - static __always_inline uint64_t -@@ -743,7 +795,11 @@ extern unsigned long int stdc_bit_ceil_ul (unsigned long int __x) - __extension__ - extern unsigned long long int stdc_bit_ceil_ull (unsigned long long int __x) - __THROW __attribute_const__; --#define stdc_bit_ceil(x) ((__typeof (x)) stdc_bit_ceil_ull (x)) -+#if __glibc_has_builtin (__builtin_stdc_bit_ceil) -+# define stdc_bit_ceil(x) (__builtin_stdc_bit_ceil (x)) -+#else -+# define stdc_bit_ceil(x) ((__typeof (x)) stdc_bit_ceil_ull (x)) -+#endif - - #if __GNUC_PREREQ (3, 4) || __glibc_has_builtin (__builtin_clzll) - static __always_inline uint64_t diff --git a/srcpkgs/glibc/patches/2.41-math.patch b/srcpkgs/glibc/patches/2.41-math.patch new file mode 100644 index 00000000000..d42b96f4eb5 --- /dev/null +++ b/srcpkgs/glibc/patches/2.41-math.patch @@ -0,0 +1,259 @@ +From bdccbfbc52d3f6957768a0b9d5bd7bc4c90f2744 Mon Sep 17 00:00:00 2001 +From: Adhemerval Zanella +Date: Fri, 31 Jan 2025 10:27:39 -0300 +Subject: [PATCH] math: Fix log10p1f internal table value (BZ 32626) + +It was copied wrong from CORE-MATH. + +(cherry picked from commit c79277a16785c8ae96d821414f4d31d654a0177c) +--- + NEWS | 3 ++- + math/auto-libm-test-in | 2 ++ + math/auto-libm-test-out-log10p1 | 25 +++++++++++++++++++++++++ + sysdeps/ieee754/flt-32/s_log10p1f.c | 2 +- + 4 files changed, 30 insertions(+), 2 deletions(-) + +diff --git a/sysdeps/ieee754/flt-32/s_log10p1f.c b/sysdeps/ieee754/flt-32/s_log10p1f.c +index 64deb1eeda5..4e11d55d49a 100644 +--- a/sysdeps/ieee754/flt-32/s_log10p1f.c ++++ b/sysdeps/ieee754/flt-32/s_log10p1f.c +@@ -70,7 +70,7 @@ __log10p1f (float x) + }; + static const double tl[] = + { +- 0x1.562ec497ef351p-43, 0x1.b9476892ea99cp-8, 0x1.b5e909c959eecp-7, ++ -0x1.562ec497ef351p-43, 0x1.b9476892ea99cp-8, 0x1.b5e909c959eecp-7, + 0x1.45f4f59ec84fp-6, 0x1.af5f92cbcf2aap-6, 0x1.0ba01a6069052p-5, + 0x1.3ed119b99dd41p-5, 0x1.714834298a088p-5, 0x1.a30a9d98309c1p-5, + 0x1.d41d51266b9d9p-5, 0x1.02428c0f62dfcp-4, 0x1.1a23444eea521p-4, + +From d85a7719536f4892f2b53d4594e18f6d096c2882 Mon Sep 17 00:00:00 2001 +From: Adhemerval Zanella +Date: Fri, 31 Jan 2025 10:34:32 -0300 +Subject: [PATCH] math: Fix sinhf for some inputs (BZ 32627) + +The logic was copied wrong from CORE-MATH. +--- + math/auto-libm-test-in | 1 + + math/auto-libm-test-out-sinh | 25 +++++++++++++++++++++++++ + sysdeps/ieee754/flt-32/e_sinhf.c | 2 +- + 3 files changed, 27 insertions(+), 1 deletion(-) + +diff --git a/sysdeps/ieee754/flt-32/e_sinhf.c b/sysdeps/ieee754/flt-32/e_sinhf.c +index c007c7d1742..dee96fc7cbf 100644 +--- a/sysdeps/ieee754/flt-32/e_sinhf.c ++++ b/sysdeps/ieee754/flt-32/e_sinhf.c +@@ -83,7 +83,7 @@ __ieee754_sinhf (float x) + { /* |x| <= 0x1.250bfep-11 */ + if (__glibc_unlikely (ux < 0x66000000u)) /* |x| < 0x1p-24 */ + return fmaf (x, fabsf (x), x); +- if (__glibc_unlikely (st.uarg == asuint (ux))) ++ if (__glibc_unlikely (st.uarg == ux)) + { + float sgn = copysignf (1.0f, x); + return sgn * st.rh + sgn * st.rl; + + +From cf88351b685da86667e17d344414a70696ac82f1 Mon Sep 17 00:00:00 2001 +From: Adhemerval Zanella +Date: Sun, 2 Feb 2025 16:57:49 -0300 +Subject: [PATCH] math: Fix tanf for some inputs (BZ 32630) + +The logic was copied wrong from CORE-MATH. + +(cherry picked from commit 09e7f4d594b4308fbea18e3044148d67b59757c9) +--- + NEWS | 2 ++ + math/auto-libm-test-in | 1 + + math/auto-libm-test-out-tan | 25 +++++++++++++++++++++++++ + sysdeps/ieee754/flt-32/s_tanf.c | 2 +- + 4 files changed, 29 insertions(+), 1 deletion(-) + +diff --git a/sysdeps/ieee754/flt-32/s_tanf.c b/sysdeps/ieee754/flt-32/s_tanf.c +index dfe56fc2a0f..5ee1d6f35e7 100644 +--- a/sysdeps/ieee754/flt-32/s_tanf.c ++++ b/sysdeps/ieee754/flt-32/s_tanf.c +@@ -166,7 +166,7 @@ __tanf (float x) + uint32_t sgn = t >> 31; + for (int j = 0; j < array_length (st); j++) + { +- if (__glibc_unlikely (asfloat (st[j].arg) == ax)) ++ if (__glibc_unlikely (asuint (st[j].arg) == ax)) + { + if (sgn) + return -st[j].rh - st[j].rl; + +From 66fc3bd75871d7239245c767abf44fb96d772f66 Mon Sep 17 00:00:00 2001 +From: Aurelien Jarno +Date: Thu, 6 Mar 2025 19:34:15 +0100 +Subject: [PATCH] math: Remove an extra semicolon in math function declarations + +Commit 6bc301672bfbd ("math: Remove __XXX math functions from installed +math.h [BZ #32418]") left an extra semicolon after macro expansion. For +instance the ceil declaration after expansion is: + + extern double ceil (double __x) __attribute__ ((__nothrow__ , __leaf__)) __attribute__ ((__const__));; + +This chokes very naive parsers like gauche c-wrapper. Fix that by +removing that extra semicolon in the macro. + +Reviewed-by: Adhemerval Zanella +(cherry picked from commit 443cb0b5f25129dd0f1e9f9101299d31c4700b7f) +--- + math/bits/mathcalls-macros.h | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/math/bits/mathcalls-macros.h b/math/bits/mathcalls-macros.h +index 1ef07f1f58..321ae00ec8 100644 +--- a/math/bits/mathcalls-macros.h ++++ b/math/bits/mathcalls-macros.h +@@ -34,7 +34,7 @@ + #define __MATHCALLX(function,suffix, args, attrib) \ + __MATHDECLX (_Mdouble_,function,suffix, args, attrib) + #define __MATHDECLX(type, function,suffix, args, attrib) \ +- __MATHDECL_1(type, function,suffix, args) __attribute__ (attrib); ++ __MATHDECL_1(type, function,suffix, args) __attribute__ (attrib) + #define __MATHDECL_1_IMPL(type, function, suffix, args) \ + extern type __MATH_PRECNAME(function,suffix) args __THROW + #define __MATHDECL_1(type, function, suffix, args) \ + +From 07288c7445bba747f65380066b1b5bdb2df5b630 Mon Sep 17 00:00:00 2001 +From: John David Anglin +Date: Tue, 25 Feb 2025 15:57:53 -0500 +Subject: [PATCH 11] math: Add optimization barrier to ensure a1 + u.d is + not reused [BZ #30664] + +A number of fma tests started to fail on hppa when gcc was changed to +use Ranger rather than EVRP. Eventually I found that the value of +a1 + u.d in this is block of code was being computed in FE_TOWARDZERO +mode and not the original rounding mode: + + if (TININESS_AFTER_ROUNDING) + { + w.d = a1 + u.d; + if (w.ieee.exponent == 109) + return w.d * 0x1p-108; + } + +This caused the exponent value to be wrong and the wrong return path +to be used. + +Here we add an optimization barrier after the rounding mode is reset +to ensure that the previous value of a1 + u.d is not reused. + +Signed-off-by: John David Anglin +--- + sysdeps/ieee754/dbl-64/s_fma.c | 3 +++ + 1 file changed, 3 insertions(+) + +diff --git a/sysdeps/ieee754/dbl-64/s_fma.c b/sysdeps/ieee754/dbl-64/s_fma.c +index 20f617b996e..42351c6b343 100644 +--- a/sysdeps/ieee754/dbl-64/s_fma.c ++++ b/sysdeps/ieee754/dbl-64/s_fma.c +@@ -244,6 +244,9 @@ __fma (double x, double y, double z) + /* Reset rounding mode and test for inexact simultaneously. */ + int j = libc_feupdateenv_test (&env, FE_INEXACT) != 0; + ++ /* Ensure value of a1 + u.d is not reused. */ ++ a1 = math_opt_barrier (a1); ++ + if (__glibc_likely (adjust == 0)) + { + if ((u.ieee.mantissa1 & 1) == 0 && u.ieee.exponent != 0x7ff) + +From a900dbaf70f0a957f56b52caa69173592ad7596e Mon Sep 17 00:00:00 2001 +From: "H.J. Lu" +Date: Thu, 20 Feb 2025 07:08:26 +0800 +Subject: [PATCH 09] x86 (__HAVE_FLOAT128): Defined to 0 for Intel SYCL + compiler [BZ #32723] + +Intel compiler always defines __INTEL_LLVM_COMPILER. When SYCL is +enabled by -fsycl, it also defines SYCL_LANGUAGE_VERSION. Since Intel +SYCL compiler doesn't support _Float128: + +https://github.com/intel/llvm/issues/16903 + +define __HAVE_FLOAT128 to 0 for Intel SYCL compiler. + +This fixes BZ #32723. + +Signed-off-by: H.J. Lu +Reviewed-by: Sam James +(cherry picked from commit 5a4573be6f96ff49111bb6cae767676b5aafa7a8) +--- + sysdeps/x86/bits/floatn.h | 8 ++++++-- + 1 file changed, 6 insertions(+), 2 deletions(-) + +diff --git a/sysdeps/x86/bits/floatn.h b/sysdeps/x86/bits/floatn.h +index d197cb10dde..adc7ed2e9e8 100644 +--- a/sysdeps/x86/bits/floatn.h ++++ b/sysdeps/x86/bits/floatn.h +@@ -25,11 +25,15 @@ + floating-point type with the IEEE 754 binary128 format, and this + glibc includes corresponding *f128 interfaces for it. The required + libgcc support was added some time after the basic compiler +- support, for x86_64 and x86. */ ++ support, for x86_64 and x86. Intel SYCL compiler doesn't support ++ _Float128: https://github.com/intel/llvm/issues/16903 ++ */ + #if (defined __x86_64__ \ + ? __GNUC_PREREQ (4, 3) \ + : (defined __GNU__ ? __GNUC_PREREQ (4, 5) : __GNUC_PREREQ (4, 4))) \ +- || __glibc_clang_prereq (3, 4) ++ || (__glibc_clang_prereq (3, 4) \ ++ && (!defined __INTEL_LLVM_COMPILER \ ++ || !defined SYCL_LANGUAGE_VERSION)) + # define __HAVE_FLOAT128 1 + #else + # define __HAVE_FLOAT128 0 + +From 2cb04444b934e000a4e36c1876ef2bf03dd80d66 Mon Sep 17 00:00:00 2001 +From: koraynilay +Date: Sat, 22 Feb 2025 15:55:59 +0100 +Subject: [PATCH 10] math: Fix `unknown type name '__float128'` for clang + 3.4 to 3.8.1 (bug 32694) + +When compiling a program that includes using a clang version +between 3.4 (included) and 3.8.1 (included), clang will fail with `unknown type +name '__float128'; did you mean '__cfloat128'?`. This changes fixes the clang +prerequirements macro call in floatn.h to check for clang 3.9 instead of 3.4, +since support for __float128 was actually enabled in 3.9 by: + +commit 50f29e06a1b6a38f0bba9360cbff72c82d46cdd4 +Author: Nemanja Ivanovic +Date: Wed Apr 13 09:49:45 2016 +0000 + + Enable support for __float128 in Clang + +This fixes bug 32694. + +Signed-off-by: koraynilay +Reviewed-by: H.J. Lu +(cherry picked from commit 29803ed3ce420f01e7c567c97fc8945d5e5e5992) +--- + sysdeps/x86/bits/floatn.h | 4 ++-- + 1 file changed, 2 insertions(+), 2 deletions(-) + +diff --git a/sysdeps/x86/bits/floatn.h b/sysdeps/x86/bits/floatn.h +index adc7ed2e9e8..4674165bd77 100644 +--- a/sysdeps/x86/bits/floatn.h ++++ b/sysdeps/x86/bits/floatn.h +@@ -31,7 +31,7 @@ + #if (defined __x86_64__ \ + ? __GNUC_PREREQ (4, 3) \ + : (defined __GNU__ ? __GNUC_PREREQ (4, 5) : __GNUC_PREREQ (4, 4))) \ +- || (__glibc_clang_prereq (3, 4) \ ++ || (__glibc_clang_prereq (3, 9) \ + && (!defined __INTEL_LLVM_COMPILER \ + || !defined SYCL_LANGUAGE_VERSION)) + # define __HAVE_FLOAT128 1 +@@ -93,7 +93,7 @@ typedef _Complex float __cfloat128 __attribute__ ((__mode__ (__TC__))); + /* The type _Float128 exists only since GCC 7.0. */ + # if !__GNUC_PREREQ (7, 0) \ + || (defined __cplusplus && !__GNUC_PREREQ (13, 0)) \ +- || __glibc_clang_prereq (3, 4) ++ || __glibc_clang_prereq (3, 9) + typedef __float128 _Float128; + # endif + + diff --git a/srcpkgs/glibc/patches/30992cb5e9d713ab0f4135dd8776a201f7a53f24.patch b/srcpkgs/glibc/patches/30992cb5e9d713ab0f4135dd8776a201f7a53f24.patch new file mode 100644 index 00000000000..51fd0dd610c --- /dev/null +++ b/srcpkgs/glibc/patches/30992cb5e9d713ab0f4135dd8776a201f7a53f24.patch @@ -0,0 +1,81 @@ +From 30992cb5e9d713ab0f4135dd8776a201f7a53f24 Mon Sep 17 00:00:00 2001 +From: Yangyu Chen +Date: Tue, 25 Feb 2025 01:12:19 +0800 +Subject: [PATCH] RISC-V: Fix IFUNC resolver cannot access gp pointer + +In some cases, an IFUNC resolver may need to access the gp pointer to +access global variables. Such an object may have l_relocated == 0 at +this time. In this case, an IFUNC resolver will fail to access a global +variable and cause a SIGSEGV. + +This patch fixes this issue by relaxing the check of l_relocated in +elf_machine_runtime_setup, but added a check for SHARED case to avoid +using this code in static-linked executables. Such object have already +set up the gp pointer in load_gp function and l->l_scope will be NULL if +it is a pie object. So if we use these code to set up the gp pointer +again for static-pie, it will causing a SIGSEGV in glibc as original bug +on BZ #31317. + +I have also reproduced and checked BZ #31317 using the mold commit +bed5b1731b ("illumos: Treat absolute symbols specially"), this patch can +fix the issue. + +Also, we used the wrong gp pointer previously because ref->st_value is +not the relocated address but just the offset from the base address of +ELF. An edge case may happen if we reference gp pointer in a IFUNC +resolver in a PIE object, but it will not happen in compiler-generated +codes since -pie will disable relax to gp. In this case, the GP will be +initialized incorrectly since the ref->st_value is not the address after +relocation. This patch fixes this issue by adding the l->l_addr to +ref->st_value to get the relocated address for the gp pointer. We don't +use SYMBOL_ADDRESS macro here because __global_pointer$ is a special +symbol that has SHN_ABS type, but it will use PC-relative addressing in +the load_gp function using lla. + +Closes: BZ #32269 +Fixes: 96d1b9ac23 ("RISC-V: Fix the static-PIE non-relocated object check") + +Co-authored-by: Vivian Wang +Signed-off-by: Yangyu Chen +(cherry picked from commit 3fd2ff7685e3ee85c8cd2896f28ad62f67d7c483) +--- + NEWS | 1 + + sysdeps/riscv/dl-machine.h | 17 +++++++++++------ + 2 files changed, 12 insertions(+), 6 deletions(-) + +diff --git a/sysdeps/riscv/dl-machine.h b/sysdeps/riscv/dl-machine.h +index a30892f080..dcc3e0883b 100644 +--- a/sysdeps/riscv/dl-machine.h ++++ b/sysdeps/riscv/dl-machine.h +@@ -348,7 +348,8 @@ elf_machine_runtime_setup (struct link_map *l, struct r_scope_elem *scope[], + gotplt[1] = (ElfW(Addr)) l; + } + +- if (l->l_type == lt_executable && l->l_relocated) ++#ifdef SHARED ++ if (l->l_type == lt_executable) + { + /* The __global_pointer$ may not be defined by the linker if the + $gp register does not be used to access the global variable +@@ -362,12 +363,16 @@ elf_machine_runtime_setup (struct link_map *l, struct r_scope_elem *scope[], + _dl_lookup_symbol_x ("__global_pointer$", l, &ref, + l->l_scope, NULL, 0, 0, NULL); + if (ref) +- asm ( +- "mv gp, %0\n" +- : +- : "r" (ref->st_value) +- ); ++ asm ( ++ "mv gp, %0\n" ++ : ++ : "r" (ref->st_value + l->l_addr) ++ /* Don't use SYMBOL_ADDRESS here since __global_pointer$ ++ can be SHN_ABS type, but we need the address relative to ++ PC, not the absolute address. */ ++ ); + } ++#endif + #endif + return lazy; + } diff --git a/srcpkgs/glibc/patches/312e159626b67fe11f39e83e222cf4348a3962f3.patch b/srcpkgs/glibc/patches/312e159626b67fe11f39e83e222cf4348a3962f3.patch deleted file mode 100644 index 930d1fd9702..00000000000 --- a/srcpkgs/glibc/patches/312e159626b67fe11f39e83e222cf4348a3962f3.patch +++ /dev/null @@ -1,80 +0,0 @@ -From 312e159626b67fe11f39e83e222cf4348a3962f3 Mon Sep 17 00:00:00 2001 -From: Adhemerval Zanella -Date: Thu, 1 Feb 2024 14:29:53 -0300 -Subject: [PATCH] mips: FIx clone3 implementation (BZ 31325) - -For o32 we need to setup a minimal stack frame to allow cprestore -on __thread_start_clone3 (which instruct the linker to save the -gp for PIC). Also, there is no guarantee by kABI that $8 will be -preserved after syscall execution, so we need to save it on the -provided stack. - -Checked on mipsel-linux-gnu. - -Reported-by: Khem Raj -Tested-by: Khem Raj -(cherry picked from commit bbd248ac0d75efdef8fe61ea69b1fb25fb95b6e7) ---- - sysdeps/unix/sysv/linux/mips/clone3.S | 32 ++++++++++++++++++++++----- - 1 file changed, 27 insertions(+), 5 deletions(-) - -diff --git a/sysdeps/unix/sysv/linux/mips/clone3.S b/sysdeps/unix/sysv/linux/mips/clone3.S -index e9fec2fa47..481b8ae963 100644 ---- a/sysdeps/unix/sysv/linux/mips/clone3.S -+++ b/sysdeps/unix/sysv/linux/mips/clone3.S -@@ -37,11 +37,6 @@ - - .text - .set nomips16 --#if _MIPS_SIM == _ABIO32 --# define EXTRA_LOCALS 1 --#else --# define EXTRA_LOCALS 0 --#endif - #define FRAMESZ ((NARGSAVE*SZREG)+ALSZ)&ALMASK - GPOFF= FRAMESZ-(1*SZREG) - NESTED(__clone3, SZREG, sp) -@@ -68,8 +63,31 @@ NESTED(__clone3, SZREG, sp) - beqz a0, L(error) /* No NULL cl_args pointer. */ - beqz a2, L(error) /* No NULL function pointer. */ - -+#if _MIPS_SIM == _ABIO32 -+ /* Both stack and stack_size on clone_args are defined as uint64_t, and -+ there is no need to handle values larger than to 32 bits for o32. */ -+# if __BYTE_ORDER == __BIG_ENDIAN -+# define CL_STACKPOINTER_OFFSET 44 -+# define CL_STACKSIZE_OFFSET 52 -+# else -+# define CL_STACKPOINTER_OFFSET 40 -+# define CL_STACKSIZE_OFFSET 48 -+# endif -+ -+ /* For o32 we need to setup a minimal stack frame to allow cprestore -+ on __thread_start_clone3. Also there is no guarantee by kABI that -+ $8 will be preserved after syscall execution (so we need to save it -+ on the provided stack). */ -+ lw t0, CL_STACKPOINTER_OFFSET(a0) /* Load the stack pointer. */ -+ lw t1, CL_STACKSIZE_OFFSET(a0) /* Load the stack_size. */ -+ addiu t1, -32 /* Update the stack size. */ -+ addu t2, t1, t0 /* Calculate the thread stack. */ -+ sw a3, 0(t2) /* Save argument pointer. */ -+ sw t1, CL_STACKSIZE_OFFSET(a0) /* Save the new stack size. */ -+#else - move $8, a3 /* a3 is set to 0/1 for syscall success/error - while a4/$8 is returned unmodified. */ -+#endif - - /* Do the system call, the kernel expects: - v0: system call number -@@ -125,7 +143,11 @@ L(thread_start_clone3): - - /* Restore the arg for user's function. */ - move t9, a2 /* Function pointer. */ -+#if _MIPS_SIM == _ABIO32 -+ PTR_L a0, 0(sp) -+#else - move a0, $8 /* Argument pointer. */ -+#endif - - /* Call the user's function. */ - jal t9 diff --git a/srcpkgs/glibc/patches/33bfd9020fdad925297c9e133055bd8804028f32.patch b/srcpkgs/glibc/patches/33bfd9020fdad925297c9e133055bd8804028f32.patch new file mode 100644 index 00000000000..726b245c595 --- /dev/null +++ b/srcpkgs/glibc/patches/33bfd9020fdad925297c9e133055bd8804028f32.patch @@ -0,0 +1,26 @@ +From 33bfd9020fdad925297c9e133055bd8804028f32 Mon Sep 17 00:00:00 2001 +From: Florian Weimer +Date: Wed, 12 Mar 2025 10:23:47 +0100 +Subject: [PATCH] Linux: Remove attribute access from sched_getattr (bug 32781) + +The GCC attribute expects an element count, not bytes. + +(cherry picked from commit 74c68fa61b5ebf4c64605a3cc5e47154a66671ce) +--- + NEWS | 1 + + sysdeps/unix/sysv/linux/bits/sched.h | 2 +- + 2 files changed, 2 insertions(+), 1 deletion(-) + +diff --git a/sysdeps/unix/sysv/linux/bits/sched.h b/sysdeps/unix/sysv/linux/bits/sched.h +index 3656e98eda..39b0b3d19c 100644 +--- a/sysdeps/unix/sysv/linux/bits/sched.h ++++ b/sysdeps/unix/sysv/linux/bits/sched.h +@@ -152,7 +152,7 @@ int sched_setattr (pid_t tid, struct sched_attr *attr, unsigned int flags) + store it in *ATTR. */ + int sched_getattr (pid_t tid, struct sched_attr *attr, unsigned int size, + unsigned int flags) +- __THROW __nonnull ((2)) __attr_access ((__write_only__, 2, 3)); ++ __THROW __nonnull ((2)); + + #endif + diff --git a/srcpkgs/glibc/patches/63295e4fda1f6dab4bf7442706fe303bf283036c.patch b/srcpkgs/glibc/patches/63295e4fda1f6dab4bf7442706fe303bf283036c.patch deleted file mode 100644 index c92485ba4d5..00000000000 --- a/srcpkgs/glibc/patches/63295e4fda1f6dab4bf7442706fe303bf283036c.patch +++ /dev/null @@ -1,37 +0,0 @@ -From 63295e4fda1f6dab4bf7442706fe303bf283036c Mon Sep 17 00:00:00 2001 -From: Adhemerval Zanella -Date: Mon, 5 Feb 2024 16:10:24 +0000 -Subject: [PATCH] arm: Remove wrong ldr from _dl_start_user (BZ 31339) - -The commit 49d877a80b29d3002887b084eec6676d9f5fec18 (arm: Remove -_dl_skip_args usage) removed the _SKIP_ARGS literal, which was -previously loader to r4 on loader _start. However, the cleanup did not -remove the following 'ldr r4, [sl, r4]' on _dl_start_user, used to check -to skip the arguments after ld self-relocations. - -In my testing, the kernel initially set r4 to 0, which makes the -ldr instruction just read the _GLOBAL_OFFSET_TABLE_. However, since r4 -is a callee-saved register; a different runtime might not zero -initialize it and thus trigger an invalid memory access. - -Checked on arm-linux-gnu. - -Reported-by: Adrian Ratiu -Reviewed-by: Szabolcs Nagy -(cherry picked from commit 1e25112dc0cb2515d27d8d178b1ecce778a9d37a) ---- - sysdeps/arm/dl-machine.h | 1 - - 1 file changed, 1 deletion(-) - -diff --git a/sysdeps/arm/dl-machine.h b/sysdeps/arm/dl-machine.h -index b857bbc868..dd1a0f6b6e 100644 ---- a/sysdeps/arm/dl-machine.h -+++ b/sysdeps/arm/dl-machine.h -@@ -139,7 +139,6 @@ _start:\n\ - _dl_start_user:\n\ - adr r6, .L_GET_GOT\n\ - add sl, sl, r6\n\ -- ldr r4, [sl, r4]\n\ - @ save the entry point in another register\n\ - mov r6, r0\n\ - @ get the original arg count\n\ diff --git a/srcpkgs/glibc/patches/746ef8e93964a99db3e3fa4b8a7aba179185ef0a.patch b/srcpkgs/glibc/patches/746ef8e93964a99db3e3fa4b8a7aba179185ef0a.patch new file mode 100644 index 00000000000..40f6b05b9aa --- /dev/null +++ b/srcpkgs/glibc/patches/746ef8e93964a99db3e3fa4b8a7aba179185ef0a.patch @@ -0,0 +1,61 @@ +From 746ef8e93964a99db3e3fa4b8a7aba179185ef0a Mon Sep 17 00:00:00 2001 +From: "H.J. Lu" +Date: Wed, 5 Mar 2025 10:19:59 +0800 +Subject: [PATCH] static-pie: Skip the empty PT_LOAD segment at offset 0 [BZ + #32763] + +As shown in + +https://sourceware.org/bugzilla/show_bug.cgi?id=25237 + +linker may generate an empty PT_LOAD segments at offset 0: + +Elf file type is EXEC (Executable file) +Entry point 0x4000e8 +There are 3 program headers, starting at offset 64 + +Program Headers: + Type Offset VirtAddr PhysAddr + FileSiz MemSiz Flags Align + LOAD 0x0000000000000000 0x0000000000400000 0x0000000000400000 + 0x00000000000000f0 0x00000000000000f0 R E 0x1000 + LOAD 0x0000000000000000 0x0000000000410000 0x0000000000410000 + 0x0000000000000000 0x0000000000b5dce8 RW 0x10000 + GNU_STACK 0x0000000000000000 0x0000000000000000 0x0000000000000000 + 0x0000000000000000 0x0000000000000000 RW 0x10 + + Section to Segment mapping: + Segment Sections... + 00 .text + 01 .bss + 02 + +Skip the empty PT_LOAD segment at offset 0 to support such binaries. +This fixes BZ #32763. + +Signed-off-by: H.J. Lu +Reviewed-by: Sam James +(cherry picked from commit 596130591ae4b058a529cc1318b95e624559054c) +--- + elf/Makefile | 5 +++++ + elf/dl-reloc-static-pie.c | 3 ++- + elf/tst-pie-bss-static.c | 19 +++++++++++++++++++ + elf/tst-pie-bss.c | 30 ++++++++++++++++++++++++++++++ + 4 files changed, 56 insertions(+), 1 deletion(-) + create mode 100644 elf/tst-pie-bss-static.c + create mode 100644 elf/tst-pie-bss.c + +diff --git a/elf/dl-reloc-static-pie.c b/elf/dl-reloc-static-pie.c +index e34bf5f7ce..758bf9893e 100644 +--- a/elf/dl-reloc-static-pie.c ++++ b/elf/dl-reloc-static-pie.c +@@ -51,7 +51,8 @@ _dl_relocate_static_pie (void) + switch (ph->p_type) + { + case PT_LOAD: +- if (ph->p_offset == 0) ++ /* Skip the empty PT_LOAD segment at offset 0. */ ++ if (ph->p_filesz != 0 && ph->p_offset == 0) + file_p_vaddr = ph->p_vaddr; + break; + case PT_DYNAMIC: diff --git a/srcpkgs/glibc/patches/98c712855d6606d078aaabaa7ef24b695c3f0349.patch b/srcpkgs/glibc/patches/98c712855d6606d078aaabaa7ef24b695c3f0349.patch new file mode 100644 index 00000000000..0e67b8943f8 --- /dev/null +++ b/srcpkgs/glibc/patches/98c712855d6606d078aaabaa7ef24b695c3f0349.patch @@ -0,0 +1,46 @@ +From 98c712855d6606d078aaabaa7ef24b695c3f0349 Mon Sep 17 00:00:00 2001 +From: Florian Weimer +Date: Thu, 13 Mar 2025 06:07:07 +0100 +Subject: [PATCH] nptl: PTHREAD_COND_INITIALIZER compatibility with pre-2.41 + versions (bug 32786) + +The new initializer and struct layout does not initialize the +__g_signals field in the old struct layout before the change in +commit c36fc50781995e6758cae2b6927839d0157f213c ("nptl: Remove +g_refs from condition variables"). Bring back fields at the end +of struct __pthread_cond_s, so that they are again zero-initialized. + +Reviewed-by: Sam James +(cherry picked from commit dbc5a50d12eff4cb3f782129029d04b8a76f58e7) +--- + NEWS | 1 + + sysdeps/nptl/bits/thread-shared-types.h | 2 ++ + sysdeps/nptl/pthread.h | 2 +- + 3 files changed, 4 insertions(+), 1 deletion(-) + +diff --git a/sysdeps/nptl/bits/thread-shared-types.h b/sysdeps/nptl/bits/thread-shared-types.h +index 7c24c0a6be..e614c7f3c9 100644 +--- a/sysdeps/nptl/bits/thread-shared-types.h ++++ b/sysdeps/nptl/bits/thread-shared-types.h +@@ -99,6 +99,8 @@ struct __pthread_cond_s + unsigned int __g1_orig_size; + unsigned int __wrefs; + unsigned int __g_signals[2]; ++ unsigned int __unused_initialized_1; ++ unsigned int __unused_initialized_2; + }; + + typedef unsigned int __tss_t; +diff --git a/sysdeps/nptl/pthread.h b/sysdeps/nptl/pthread.h +index 050b4ab8d1..9ad36cabe9 100644 +--- a/sysdeps/nptl/pthread.h ++++ b/sysdeps/nptl/pthread.h +@@ -152,7 +152,7 @@ enum + + + /* Conditional variable handling. */ +-#define PTHREAD_COND_INITIALIZER { { {0}, {0}, {0, 0}, 0, 0, {0, 0} } } ++#define PTHREAD_COND_INITIALIZER { { {0}, {0}, {0, 0}, 0, 0, {0, 0}, 0, 0 } } + + + /* Cleanup buffers */ diff --git a/srcpkgs/glibc/patches/CVE-2024-2961.patch b/srcpkgs/glibc/patches/CVE-2024-2961.patch deleted file mode 100644 index a2d909c0a5c..00000000000 --- a/srcpkgs/glibc/patches/CVE-2024-2961.patch +++ /dev/null @@ -1,56 +0,0 @@ -From 31da30f23cddd36db29d5b6a1c7619361b271fb4 Mon Sep 17 00:00:00 2001 -From: Charles Fol -Date: Thu, 28 Mar 2024 12:25:38 -0300 -Subject: [PATCH] iconv: ISO-2022-CN-EXT: fix out-of-bound writes when writing - escape sequence (CVE-2024-2961) - -ISO-2022-CN-EXT uses escape sequences to indicate character set changes -(as specified by RFC 1922). While the SOdesignation has the expected -bounds checks, neither SS2designation nor SS3designation have its; -allowing a write overflow of 1, 2, or 3 bytes with fixed values: -'$+I', '$+J', '$+K', '$+L', '$+M', or '$*H'. - -Checked on aarch64-linux-gnu. - -Co-authored-by: Adhemerval Zanella -Reviewed-by: Carlos O'Donell -Tested-by: Carlos O'Donell - -(cherry picked from commit f9dc609e06b1136bb0408be9605ce7973a767ada) ---- - iconvdata/Makefile | 5 +- - iconvdata/iso-2022-cn-ext.c | 12 +++ - iconvdata/tst-iconv-iso-2022-cn-ext.c | 128 ++++++++++++++++++++++++++ - 3 files changed, 144 insertions(+), 1 deletion(-) - create mode 100644 iconvdata/tst-iconv-iso-2022-cn-ext.c - -diff --git a/iconvdata/iso-2022-cn-ext.c b/iconvdata/iso-2022-cn-ext.c -index b34c8a36f4..cce29b1969 100644 ---- a/iconvdata/iso-2022-cn-ext.c -+++ b/iconvdata/iso-2022-cn-ext.c -@@ -574,6 +574,12 @@ DIAG_IGNORE_Os_NEEDS_COMMENT (5, "-Wmaybe-uninitialized"); - { \ - const char *escseq; \ - \ -+ if (outptr + 4 > outend) \ -+ { \ -+ result = __GCONV_FULL_OUTPUT; \ -+ break; \ -+ } \ -+ \ - assert (used == CNS11643_2_set); /* XXX */ \ - escseq = "*H"; \ - *outptr++ = ESC; \ -@@ -587,6 +593,12 @@ DIAG_IGNORE_Os_NEEDS_COMMENT (5, "-Wmaybe-uninitialized"); - { \ - const char *escseq; \ - \ -+ if (outptr + 4 > outend) \ -+ { \ -+ result = __GCONV_FULL_OUTPUT; \ -+ break; \ -+ } \ -+ \ - assert ((used >> 5) >= 3 && (used >> 5) <= 7); \ - escseq = "+I+J+K+L+M" + ((used >> 5) - 3) * 2; \ - *outptr++ = ESC; \ diff --git a/srcpkgs/glibc/patches/CVE-2024-335XX.patch b/srcpkgs/glibc/patches/CVE-2024-335XX.patch deleted file mode 100644 index 042907f741f..00000000000 --- a/srcpkgs/glibc/patches/CVE-2024-335XX.patch +++ /dev/null @@ -1,535 +0,0 @@ -From 1263d583d2e28afb8be53f8d6922f0842036f35d Mon Sep 17 00:00:00 2001 -From: Florian Weimer -Date: Thu, 25 Apr 2024 15:00:45 +0200 -Subject: [PATCH] CVE-2024-33599: nscd: Stack-based buffer overflow in netgroup - cache (bug 31677) - -Using alloca matches what other caches do. The request length is -bounded by MAXKEYLEN. - -Reviewed-by: Carlos O'Donell -(cherry picked from commit 87801a8fd06db1d654eea3e4f7626ff476a9bdaa) ---- - nscd/netgroupcache.c | 5 +++-- - 1 file changed, 3 insertions(+), 2 deletions(-) - -diff --git a/nscd/netgroupcache.c b/nscd/netgroupcache.c -index 0c6e46f15c..f227dc7fa2 100644 ---- a/nscd/netgroupcache.c -+++ b/nscd/netgroupcache.c -@@ -502,12 +502,13 @@ addinnetgrX (struct database_dyn *db, int fd, request_header *req, - = (struct indataset *) mempool_alloc (db, - sizeof (*dataset) + req->key_len, - 1); -- struct indataset dataset_mem; - bool cacheable = true; - if (__glibc_unlikely (dataset == NULL)) - { - cacheable = false; -- dataset = &dataset_mem; -+ /* The alloca is safe because nscd_run_worker verfies that -+ key_len is not larger than MAXKEYLEN. */ -+ dataset = alloca (sizeof (*dataset) + req->key_len); - } - - datahead_init_pos (&dataset->head, sizeof (*dataset) + req->key_len, -From c99f886de54446cd4447db6b44be93dabbdc2f8b Mon Sep 17 00:00:00 2001 -From: Florian Weimer -Date: Thu, 25 Apr 2024 15:01:07 +0200 -Subject: [PATCH] CVE-2024-33600: nscd: Avoid null pointer crashes after - notfound response (bug 31678) - -The addgetnetgrentX call in addinnetgrX may have failed to produce -a result, so the result variable in addinnetgrX can be NULL. -Use db->negtimeout as the fallback value if there is no result data; -the timeout is also overwritten below. - -Also avoid sending a second not-found response. (The client -disconnects after receiving the first response, so the data stream did -not go out of sync even without this fix.) It is still beneficial to -add the negative response to the mapping, so that the client can get -it from there in the future, instead of going through the socket. - -Reviewed-by: Siddhesh Poyarekar -(cherry picked from commit b048a482f088e53144d26a61c390bed0210f49f2) ---- - nscd/netgroupcache.c | 11 +++++++---- - 1 file changed, 7 insertions(+), 4 deletions(-) - -diff --git a/nscd/netgroupcache.c b/nscd/netgroupcache.c -index c18fe111f3..e22ffa5884 100644 ---- a/nscd/netgroupcache.c -+++ b/nscd/netgroupcache.c -@@ -511,14 +511,15 @@ addinnetgrX (struct database_dyn *db, int fd, request_header *req, - - datahead_init_pos (&dataset->head, sizeof (*dataset) + req->key_len, - sizeof (innetgroup_response_header), -- he == NULL ? 0 : dh->nreloads + 1, result->head.ttl); -+ he == NULL ? 0 : dh->nreloads + 1, -+ result == NULL ? db->negtimeout : result->head.ttl); - /* Set the notfound status and timeout based on the result from - getnetgrent. */ -- dataset->head.notfound = result->head.notfound; -+ dataset->head.notfound = result == NULL || result->head.notfound; - dataset->head.timeout = timeout; - - dataset->resp.version = NSCD_VERSION; -- dataset->resp.found = result->resp.found; -+ dataset->resp.found = result != NULL && result->resp.found; - /* Until we find a matching entry the result is 0. */ - dataset->resp.result = 0; - -@@ -566,7 +567,9 @@ addinnetgrX (struct database_dyn *db, int fd, request_header *req, - goto out; - } - -- if (he == NULL) -+ /* addgetnetgrentX may have already sent a notfound response. Do -+ not send another one. */ -+ if (he == NULL && dataset->resp.found) - { - /* We write the dataset before inserting it to the database - since while inserting this thread might block and so would -From 5a508e0b508c8ad53bd0d2fb48fd71b242626341 Mon Sep 17 00:00:00 2001 -From: Florian Weimer -Date: Thu, 25 Apr 2024 15:01:07 +0200 -Subject: [PATCH] CVE-2024-33600: nscd: Do not send missing not-found response - in addgetnetgrentX (bug 31678) - -If we failed to add a not-found response to the cache, the dataset -point can be null, resulting in a null pointer dereference. - -Reviewed-by: Siddhesh Poyarekar -(cherry picked from commit 7835b00dbce53c3c87bbbb1754a95fb5e58187aa) ---- - nscd/netgroupcache.c | 14 ++++++-------- - 1 file changed, 6 insertions(+), 8 deletions(-) - -diff --git a/nscd/netgroupcache.c b/nscd/netgroupcache.c -index f227dc7fa2..c18fe111f3 100644 ---- a/nscd/netgroupcache.c -+++ b/nscd/netgroupcache.c -@@ -147,7 +147,7 @@ addgetnetgrentX (struct database_dyn *db, int fd, request_header *req, - /* No such service. */ - cacheable = do_notfound (db, fd, req, key, &dataset, &total, &timeout, - &key_copy); -- goto writeout; -+ goto maybe_cache_add; - } - - memset (&data, '\0', sizeof (data)); -@@ -348,7 +348,7 @@ addgetnetgrentX (struct database_dyn *db, int fd, request_header *req, - { - cacheable = do_notfound (db, fd, req, key, &dataset, &total, &timeout, - &key_copy); -- goto writeout; -+ goto maybe_cache_add; - } - - total = buffilled; -@@ -410,14 +410,12 @@ addgetnetgrentX (struct database_dyn *db, int fd, request_header *req, - } - - if (he == NULL && fd != -1) -- { -- /* We write the dataset before inserting it to the database -- since while inserting this thread might block and so would -- unnecessarily let the receiver wait. */ -- writeout: -+ /* We write the dataset before inserting it to the database since -+ while inserting this thread might block and so would -+ unnecessarily let the receiver wait. */ - writeall (fd, &dataset->resp, dataset->head.recsize); -- } - -+ maybe_cache_add: - if (cacheable) - { - /* If necessary, we also propagate the data to disk. */ -From a9a8d3eebb145779a18d90e3966009a1daa63cd8 Mon Sep 17 00:00:00 2001 -From: Florian Weimer -Date: Thu, 25 Apr 2024 15:01:07 +0200 -Subject: [PATCH] CVE-2024-33601, CVE-2024-33602: nscd: netgroup: Use two - buffers in addgetnetgrentX (bug 31680) - -This avoids potential memory corruption when the underlying NSS -callback function does not use the buffer space to store all strings -(e.g., for constant strings). - -Instead of custom buffer management, two scratch buffers are used. -This increases stack usage somewhat. - -Scratch buffer allocation failure is handled by return -1 -(an invalid timeout value) instead of terminating the process. -This fixes bug 31679. - -Reviewed-by: Siddhesh Poyarekar -(cherry picked from commit c04a21e050d64a1193a6daab872bca2528bda44b) ---- - nscd/netgroupcache.c | 219 ++++++++++++++++++++++++------------------- - 1 file changed, 121 insertions(+), 98 deletions(-) - -diff --git a/nscd/netgroupcache.c b/nscd/netgroupcache.c -index e22ffa5884..e8fe041846 100644 ---- a/nscd/netgroupcache.c -+++ b/nscd/netgroupcache.c -@@ -23,6 +23,7 @@ - #include - #include - #include -+#include - - #include "../nss/netgroup.h" - #include "nscd.h" -@@ -65,6 +66,16 @@ struct dataset - char strdata[0]; - }; - -+/* Send a notfound response to FD. Always returns -1 to indicate an -+ ephemeral error. */ -+static time_t -+send_notfound (int fd) -+{ -+ if (fd != -1) -+ TEMP_FAILURE_RETRY (send (fd, ¬found, sizeof (notfound), MSG_NOSIGNAL)); -+ return -1; -+} -+ - /* Sends a notfound message and prepares a notfound dataset to write to the - cache. Returns true if there was enough memory to allocate the dataset and - returns the dataset in DATASETP, total bytes to write in TOTALP and the -@@ -83,8 +94,7 @@ do_notfound (struct database_dyn *db, int fd, request_header *req, - total = sizeof (notfound); - timeout = time (NULL) + db->negtimeout; - -- if (fd != -1) -- TEMP_FAILURE_RETRY (send (fd, ¬found, total, MSG_NOSIGNAL)); -+ send_notfound (fd); - - dataset = mempool_alloc (db, sizeof (struct dataset) + req->key_len, 1); - /* If we cannot permanently store the result, so be it. */ -@@ -109,11 +119,78 @@ do_notfound (struct database_dyn *db, int fd, request_header *req, - return cacheable; - } - -+struct addgetnetgrentX_scratch -+{ -+ /* This is the result that the caller should use. It can be NULL, -+ point into buffer, or it can be in the cache. */ -+ struct dataset *dataset; -+ -+ struct scratch_buffer buffer; -+ -+ /* Used internally in addgetnetgrentX as a staging area. */ -+ struct scratch_buffer tmp; -+ -+ /* Number of bytes in buffer that are actually used. */ -+ size_t buffer_used; -+}; -+ -+static void -+addgetnetgrentX_scratch_init (struct addgetnetgrentX_scratch *scratch) -+{ -+ scratch->dataset = NULL; -+ scratch_buffer_init (&scratch->buffer); -+ scratch_buffer_init (&scratch->tmp); -+ -+ /* Reserve space for the header. */ -+ scratch->buffer_used = sizeof (struct dataset); -+ static_assert (sizeof (struct dataset) < sizeof (scratch->tmp.__space), -+ "initial buffer space"); -+ memset (scratch->tmp.data, 0, sizeof (struct dataset)); -+} -+ -+static void -+addgetnetgrentX_scratch_free (struct addgetnetgrentX_scratch *scratch) -+{ -+ scratch_buffer_free (&scratch->buffer); -+ scratch_buffer_free (&scratch->tmp); -+} -+ -+/* Copy LENGTH bytes from S into SCRATCH. Returns NULL if SCRATCH -+ could not be resized, otherwise a pointer to the copy. */ -+static char * -+addgetnetgrentX_append_n (struct addgetnetgrentX_scratch *scratch, -+ const char *s, size_t length) -+{ -+ while (true) -+ { -+ size_t remaining = scratch->buffer.length - scratch->buffer_used; -+ if (remaining >= length) -+ break; -+ if (!scratch_buffer_grow_preserve (&scratch->buffer)) -+ return NULL; -+ } -+ char *copy = scratch->buffer.data + scratch->buffer_used; -+ memcpy (copy, s, length); -+ scratch->buffer_used += length; -+ return copy; -+} -+ -+/* Copy S into SCRATCH, including its null terminator. Returns false -+ if SCRATCH could not be resized. */ -+static bool -+addgetnetgrentX_append (struct addgetnetgrentX_scratch *scratch, const char *s) -+{ -+ if (s == NULL) -+ s = ""; -+ return addgetnetgrentX_append_n (scratch, s, strlen (s) + 1) != NULL; -+} -+ -+/* Caller must initialize and free *SCRATCH. If the return value is -+ negative, this function has sent a notfound response. */ - static time_t - addgetnetgrentX (struct database_dyn *db, int fd, request_header *req, - const char *key, uid_t uid, struct hashentry *he, -- struct datahead *dh, struct dataset **resultp, -- void **tofreep) -+ struct datahead *dh, struct addgetnetgrentX_scratch *scratch) - { - if (__glibc_unlikely (debug_level > 0)) - { -@@ -132,14 +209,10 @@ addgetnetgrentX (struct database_dyn *db, int fd, request_header *req, - - char *key_copy = NULL; - struct __netgrent data; -- size_t buflen = MAX (1024, sizeof (*dataset) + req->key_len); -- size_t buffilled = sizeof (*dataset); -- char *buffer = NULL; - size_t nentries = 0; - size_t group_len = strlen (key) + 1; - struct name_list *first_needed - = alloca (sizeof (struct name_list) + group_len); -- *tofreep = NULL; - - if (netgroup_database == NULL - && !__nss_database_get (nss_database_netgroup, &netgroup_database)) -@@ -151,8 +224,6 @@ addgetnetgrentX (struct database_dyn *db, int fd, request_header *req, - } - - memset (&data, '\0', sizeof (data)); -- buffer = xmalloc (buflen); -- *tofreep = buffer; - first_needed->next = first_needed; - memcpy (first_needed->name, key, group_len); - data.needed_groups = first_needed; -@@ -195,8 +266,8 @@ addgetnetgrentX (struct database_dyn *db, int fd, request_header *req, - while (1) - { - int e; -- status = getfct.f (&data, buffer + buffilled, -- buflen - buffilled - req->key_len, &e); -+ status = getfct.f (&data, scratch->tmp.data, -+ scratch->tmp.length, &e); - if (status == NSS_STATUS_SUCCESS) - { - if (data.type == triple_val) -@@ -204,68 +275,10 @@ addgetnetgrentX (struct database_dyn *db, int fd, request_header *req, - const char *nhost = data.val.triple.host; - const char *nuser = data.val.triple.user; - const char *ndomain = data.val.triple.domain; -- -- size_t hostlen = strlen (nhost ?: "") + 1; -- size_t userlen = strlen (nuser ?: "") + 1; -- size_t domainlen = strlen (ndomain ?: "") + 1; -- -- if (nhost == NULL || nuser == NULL || ndomain == NULL -- || nhost > nuser || nuser > ndomain) -- { -- const char *last = nhost; -- if (last == NULL -- || (nuser != NULL && nuser > last)) -- last = nuser; -- if (last == NULL -- || (ndomain != NULL && ndomain > last)) -- last = ndomain; -- -- size_t bufused -- = (last == NULL -- ? buffilled -- : last + strlen (last) + 1 - buffer); -- -- /* We have to make temporary copies. */ -- size_t needed = hostlen + userlen + domainlen; -- -- if (buflen - req->key_len - bufused < needed) -- { -- buflen += MAX (buflen, 2 * needed); -- /* Save offset in the old buffer. We don't -- bother with the NULL check here since -- we'll do that later anyway. */ -- size_t nhostdiff = nhost - buffer; -- size_t nuserdiff = nuser - buffer; -- size_t ndomaindiff = ndomain - buffer; -- -- char *newbuf = xrealloc (buffer, buflen); -- /* Fix up the triplet pointers into the new -- buffer. */ -- nhost = (nhost ? newbuf + nhostdiff -- : NULL); -- nuser = (nuser ? newbuf + nuserdiff -- : NULL); -- ndomain = (ndomain ? newbuf + ndomaindiff -- : NULL); -- *tofreep = buffer = newbuf; -- } -- -- nhost = memcpy (buffer + bufused, -- nhost ?: "", hostlen); -- nuser = memcpy ((char *) nhost + hostlen, -- nuser ?: "", userlen); -- ndomain = memcpy ((char *) nuser + userlen, -- ndomain ?: "", domainlen); -- } -- -- char *wp = buffer + buffilled; -- wp = memmove (wp, nhost ?: "", hostlen); -- wp += hostlen; -- wp = memmove (wp, nuser ?: "", userlen); -- wp += userlen; -- wp = memmove (wp, ndomain ?: "", domainlen); -- wp += domainlen; -- buffilled = wp - buffer; -+ if (!(addgetnetgrentX_append (scratch, nhost) -+ && addgetnetgrentX_append (scratch, nuser) -+ && addgetnetgrentX_append (scratch, ndomain))) -+ return send_notfound (fd); - ++nentries; - } - else -@@ -317,8 +330,8 @@ addgetnetgrentX (struct database_dyn *db, int fd, request_header *req, - } - else if (status == NSS_STATUS_TRYAGAIN && e == ERANGE) - { -- buflen *= 2; -- *tofreep = buffer = xrealloc (buffer, buflen); -+ if (!scratch_buffer_grow (&scratch->tmp)) -+ return send_notfound (fd); - } - else if (status == NSS_STATUS_RETURN - || status == NSS_STATUS_NOTFOUND -@@ -351,10 +364,17 @@ addgetnetgrentX (struct database_dyn *db, int fd, request_header *req, - goto maybe_cache_add; - } - -- total = buffilled; -+ /* Capture the result size without the key appended. */ -+ total = scratch->buffer_used; -+ -+ /* Make a copy of the key. The scratch buffer must not move after -+ this point. */ -+ key_copy = addgetnetgrentX_append_n (scratch, key, req->key_len); -+ if (key_copy == NULL) -+ return send_notfound (fd); - - /* Fill in the dataset. */ -- dataset = (struct dataset *) buffer; -+ dataset = scratch->buffer.data; - timeout = datahead_init_pos (&dataset->head, total + req->key_len, - total - offsetof (struct dataset, resp), - he == NULL ? 0 : dh->nreloads + 1, -@@ -363,11 +383,7 @@ addgetnetgrentX (struct database_dyn *db, int fd, request_header *req, - dataset->resp.version = NSCD_VERSION; - dataset->resp.found = 1; - dataset->resp.nresults = nentries; -- dataset->resp.result_len = buffilled - sizeof (*dataset); -- -- assert (buflen - buffilled >= req->key_len); -- key_copy = memcpy (buffer + buffilled, key, req->key_len); -- buffilled += req->key_len; -+ dataset->resp.result_len = total - sizeof (*dataset); - - /* Now we can determine whether on refill we have to create a new - record or not. */ -@@ -398,7 +414,7 @@ addgetnetgrentX (struct database_dyn *db, int fd, request_header *req, - if (__glibc_likely (newp != NULL)) - { - /* Adjust pointer into the memory block. */ -- key_copy = (char *) newp + (key_copy - buffer); -+ key_copy = (char *) newp + (key_copy - (char *) dataset); - - dataset = memcpy (newp, dataset, total + req->key_len); - cacheable = true; -@@ -439,7 +455,7 @@ addgetnetgrentX (struct database_dyn *db, int fd, request_header *req, - } - - out: -- *resultp = dataset; -+ scratch->dataset = dataset; - - return timeout; - } -@@ -460,6 +476,9 @@ addinnetgrX (struct database_dyn *db, int fd, request_header *req, - if (user != NULL) - key = strchr (key, '\0') + 1; - const char *domain = *key++ ? key : NULL; -+ struct addgetnetgrentX_scratch scratch; -+ -+ addgetnetgrentX_scratch_init (&scratch); - - if (__glibc_unlikely (debug_level > 0)) - { -@@ -475,12 +494,8 @@ addinnetgrX (struct database_dyn *db, int fd, request_header *req, - group, group_len, - db, uid); - time_t timeout; -- void *tofree; - if (result != NULL) -- { -- timeout = result->head.timeout; -- tofree = NULL; -- } -+ timeout = result->head.timeout; - else - { - request_header req_get = -@@ -489,7 +504,10 @@ addinnetgrX (struct database_dyn *db, int fd, request_header *req, - .key_len = group_len - }; - timeout = addgetnetgrentX (db, -1, &req_get, group, uid, NULL, NULL, -- &result, &tofree); -+ &scratch); -+ result = scratch.dataset; -+ if (timeout < 0) -+ goto out; - } - - struct indataset -@@ -603,7 +621,7 @@ addinnetgrX (struct database_dyn *db, int fd, request_header *req, - } - - out: -- free (tofree); -+ addgetnetgrentX_scratch_free (&scratch); - return timeout; - } - -@@ -613,11 +631,12 @@ addgetnetgrentX_ignore (struct database_dyn *db, int fd, request_header *req, - const char *key, uid_t uid, struct hashentry *he, - struct datahead *dh) - { -- struct dataset *ignore; -- void *tofree; -- time_t timeout = addgetnetgrentX (db, fd, req, key, uid, he, dh, -- &ignore, &tofree); -- free (tofree); -+ struct addgetnetgrentX_scratch scratch; -+ addgetnetgrentX_scratch_init (&scratch); -+ time_t timeout = addgetnetgrentX (db, fd, req, key, uid, he, dh, &scratch); -+ addgetnetgrentX_scratch_free (&scratch); -+ if (timeout < 0) -+ timeout = 0; - return timeout; - } - -@@ -661,5 +680,9 @@ readdinnetgr (struct database_dyn *db, struct hashentry *he, - .key_len = he->len - }; - -- return addinnetgrX (db, -1, &req, db->data + he->key, he->owner, he, dh); -+ int timeout = addinnetgrX (db, -1, &req, db->data + he->key, he->owner, -+ he, dh); -+ if (timeout < 0) -+ timeout = 0; -+ return timeout; - } diff --git a/srcpkgs/glibc/patches/cb7f20653724029be89224ed3a35d627cc5b4163.patch b/srcpkgs/glibc/patches/cb7f20653724029be89224ed3a35d627cc5b4163.patch new file mode 100644 index 00000000000..26456925a36 --- /dev/null +++ b/srcpkgs/glibc/patches/cb7f20653724029be89224ed3a35d627cc5b4163.patch @@ -0,0 +1,37 @@ +From cb7f20653724029be89224ed3a35d627cc5b4163 Mon Sep 17 00:00:00 2001 +From: John David Anglin +Date: Wed, 29 Jan 2025 16:51:16 -0500 +Subject: [PATCH] nptl: Correct stack size attribute when stack grows up [BZ + #32574] + +Set stack size attribute to the size of the mmap'd region only +when the size of the remaining stack space is less than the size +of the mmap'd region. + +This was reversed. As a result, the initial stack size was only +135168 bytes. On architectures where the stack grows down, the +initial stack size is approximately 8384512 bytes with the default +rlimit settings. The small main stack size on hppa broke +applications like ruby that check for stack overflows. + +Signed-off-by: John David Anglin +--- + nptl/pthread_getattr_np.c | 4 ++-- + 1 file changed, 2 insertions(+), 2 deletions(-) + +diff --git a/nptl/pthread_getattr_np.c b/nptl/pthread_getattr_np.c +index e98e2df152..43dd16d59c 100644 +--- a/nptl/pthread_getattr_np.c ++++ b/nptl/pthread_getattr_np.c +@@ -145,9 +145,9 @@ __pthread_getattr_np (pthread_t thread_id, pthread_attr_t *attr) + > (size_t) iattr->stackaddr - last_to) + iattr->stacksize = (size_t) iattr->stackaddr - last_to; + #else +- /* The limit might be too high. */ ++ /* The limit might be too low. */ + if ((size_t) iattr->stacksize +- > to - (size_t) iattr->stackaddr) ++ < to - (size_t) iattr->stackaddr) + iattr->stacksize = to - (size_t) iattr->stackaddr; + #endif + /* We succeed and no need to look further. */ diff --git a/srcpkgs/glibc/patches/ce9b765522f014daa0392099dd9ba1f7ddcc511d.patch b/srcpkgs/glibc/patches/ce9b765522f014daa0392099dd9ba1f7ddcc511d.patch new file mode 100644 index 00000000000..8fcee8c1ef5 --- /dev/null +++ b/srcpkgs/glibc/patches/ce9b765522f014daa0392099dd9ba1f7ddcc511d.patch @@ -0,0 +1,53 @@ +From ce9b765522f014daa0392099dd9ba1f7ddcc511d Mon Sep 17 00:00:00 2001 +From: Adhemerval Zanella +Date: Wed, 12 Mar 2025 10:59:17 -0300 +Subject: [PATCH] nptl: Check if thread is already terminated in + sigcancel_handler (BZ 32782) + +The SIGCANCEL signal handler should not issue __syscall_do_cancel, +which calls __do_cancel and __pthread_unwind, if the cancellation +is already in proces (and libgcc unwind is not reentrant). Any +cancellation signal received after is ignored. + +Checked on x86_64-linux-gnu and aarch64-linux-gnu. + +Tested-by: Aurelien Jarno +Reviewed-by: Florian Weimer + +(cherry picked from commit 360cce0b066f34e85e473c04cdc16e6fa426021b) +--- + NEWS | 1 + + nptl/pthread_cancel.c | 14 ++++--- + sysdeps/pthread/Makefile | 1 + + sysdeps/pthread/tst-cancel32.c | 73 ++++++++++++++++++++++++++++++++++ + 4 files changed, 83 insertions(+), 6 deletions(-) + create mode 100644 sysdeps/pthread/tst-cancel32.c + +diff --git a/nptl/pthread_cancel.c b/nptl/pthread_cancel.c +index f7ce3ec51b..b838273881 100644 +--- a/nptl/pthread_cancel.c ++++ b/nptl/pthread_cancel.c +@@ -41,15 +41,17 @@ sigcancel_handler (int sig, siginfo_t *si, void *ctx) + || si->si_code != SI_TKILL) + return; + +- /* Check if asynchronous cancellation mode is set or if interrupted +- instruction pointer falls within the cancellable syscall bridge. For +- interruptable syscalls with external side-effects (i.e. partial reads), +- the kernel will set the IP to after __syscall_cancel_arch_end, thus +- disabling the cancellation and allowing the process to handle such ++ /* Check if asynchronous cancellation mode is set and cancellation is not ++ already in progress, or if interrupted instruction pointer falls within ++ the cancellable syscall bridge. ++ For interruptable syscalls with external side-effects (i.e. partial ++ reads), the kernel will set the IP to after __syscall_cancel_arch_end, ++ thus disabling the cancellation and allowing the process to handle such + conditions. */ + struct pthread *self = THREAD_SELF; + int oldval = atomic_load_relaxed (&self->cancelhandling); +- if (cancel_async_enabled (oldval) || cancellation_pc_check (ctx)) ++ if (cancel_enabled_and_canceled_and_async (oldval) ++ || cancellation_pc_check (ctx)) + __syscall_do_cancel (); + } + diff --git a/srcpkgs/glibc/patches/e22c132484ea49be0478e4dcbd108d433d70f64c.patch b/srcpkgs/glibc/patches/e22c132484ea49be0478e4dcbd108d433d70f64c.patch new file mode 100644 index 00000000000..67752a1d40e --- /dev/null +++ b/srcpkgs/glibc/patches/e22c132484ea49be0478e4dcbd108d433d70f64c.patch @@ -0,0 +1,58 @@ +From e22c132484ea49be0478e4dcbd108d433d70f64c Mon Sep 17 00:00:00 2001 +From: Michael Jeanson +Date: Fri, 14 Feb 2025 13:54:22 -0500 +Subject: [PATCH] nptl: clear the whole rseq area before registration + +Due to the extensible nature of the rseq area we can't explictly +initialize fields that are not part of the ABI yet. It was agreed with +upstream that all new fields will be documented as zero initialized by +userspace. Future kernels configured with CONFIG_DEBUG_RSEQ will +validate the content of all fields during registration. + +Replace the explicit field initialization with a memset of the whole +rseq area which will cover fields as they are added to future kernels. + +Signed-off-by: Michael Jeanson +Reviewed-by: Florian Weimer +(cherry picked from commit 689a62a4217fae78b9ce0db781dc2a421f2b1ab4) +--- + sysdeps/nptl/dl-tls_init_tp.c | 1 + + sysdeps/unix/sysv/linux/rseq-internal.h | 11 +++++------ + 2 files changed, 6 insertions(+), 6 deletions(-) + +diff --git a/sysdeps/nptl/dl-tls_init_tp.c b/sysdeps/nptl/dl-tls_init_tp.c +index f487bfb66e7..8629b5d41b0 100644 +--- a/sysdeps/nptl/dl-tls_init_tp.c ++++ b/sysdeps/nptl/dl-tls_init_tp.c +@@ -23,6 +23,7 @@ + #include + #include + #include ++#include + + #define TUNABLE_NAMESPACE pthread + #include +diff --git a/sysdeps/unix/sysv/linux/rseq-internal.h b/sysdeps/unix/sysv/linux/rseq-internal.h +index f89e7842431..d2ab4cb829b 100644 +--- a/sysdeps/unix/sysv/linux/rseq-internal.h ++++ b/sysdeps/unix/sysv/linux/rseq-internal.h +@@ -108,13 +108,12 @@ rseq_register_current_thread (struct pthread *self, bool do_rseq) + if (size < RSEQ_AREA_SIZE_INITIAL) + size = RSEQ_AREA_SIZE_INITIAL; + +- /* Initialize the rseq fields that are read by the kernel on +- registration, there is no guarantee that struct pthread is +- cleared on all architectures. */ ++ /* Initialize the whole rseq area to zero prior to registration. */ ++ memset (RSEQ_SELF (), 0, size); ++ ++ /* Set the cpu_id field to RSEQ_CPU_ID_UNINITIALIZED, this is checked by ++ the kernel at registration when CONFIG_DEBUG_RSEQ is enabled. */ + RSEQ_SETMEM (cpu_id, RSEQ_CPU_ID_UNINITIALIZED); +- RSEQ_SETMEM (cpu_id_start, 0); +- RSEQ_SETMEM (rseq_cs, 0); +- RSEQ_SETMEM (flags, 0); + + int ret = INTERNAL_SYSCALL_CALL (rseq, RSEQ_SELF (), size, 0, RSEQ_SIG); + if (!INTERNAL_SYSCALL_ERROR_P (ret)) + diff --git a/srcpkgs/glibc/template b/srcpkgs/glibc/template index 128704dcd1a..4d4d7ad4968 100644 --- a/srcpkgs/glibc/template +++ b/srcpkgs/glibc/template @@ -1,14 +1,14 @@ # Template file for 'glibc' pkgname=glibc -version=2.39 -revision=4 +version=2.41 +revision=1 bootstrap=yes short_desc="GNU C library" maintainer="Enno Boland " license="GPL-2.0-or-later, LGPL-2.1-or-later, BSD-3-Clause" homepage="http://www.gnu.org/software/libc" distfiles="${GNU_SITE}/libc/glibc-${version}.tar.xz" -checksum=f77bd47cf8170c57365ae7bf86696c118adb3b120d3259c64c502d3dc1e2d926 +checksum=a5a26b22f545d6b7d7b3dd828e11e428f24f4fac43c934fb071b6a7d0828e901 # Do not strip these files, objcopy errors out. nostrip_files=" XBS5_ILP32_OFFBIG @@ -41,6 +41,7 @@ nostrip_files=" libnss_dns.so.2 libnss_files.so.2 libnss_hesiod.so.2" +nocross=temporarily conf_files=" /etc/rpc