The GNU C Library version 2.35 is now available (original) (raw)
Carlos O'Donell carlos@redhat.com
Thu Feb 3 07:28:33 GMT 2022
- Previous message (by thread): Open for glibc 2.36 development
- Next message (by thread): glibc 2.35 failure
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
The GNU C Library version 2.35 is now available The GNU C Library
The GNU C Library version 2.35 is now available.
The GNU C Library is used as the C library in the GNU system and in GNU/Linux systems, as well as many other systems that use Linux as the kernel.
The GNU C Library is primarily designed to be a portable and high performance C library. It follows all relevant standards including ISO C11 and POSIX.1-2017. It is also internationalized and has one of the most complete internationalization interfaces known.
The GNU C Library webpage is at http://www.gnu.org/software/libc/
Packages for the 2.35 release may be downloaded from: http://ftpmirror.gnu.org/libc/ http://ftp.gnu.org/gnu/libc/
The mirror list is at http://www.gnu.org/order/ftp.html
NEWS for version 2.35
Major new features:
Unicode 14.0.0 Support: Character encoding, character type info, and transliteration tables are all updated to Unicode 14.0.0, using generator scripts contributed by Mike FABIAN (Red Hat).
Bump r_version in the debugger interface to 2 and add a new field, r_next, support multiple namespaces.
Support for the C.UTF-8 locale has been added to glibc. The locale supports full code-point sorting for all valid Unicode code points. A limitation in the framework for fnmatch, regexec, and regcomp requires a compromise to save space and only ASCII-based range expressions are supported for now (see bug 28255). The full size of the locale is only ~400KiB, with 346KiB coming from LC_CTYPE information for Unicode. This locale harmonizes downstream C.UTF-8 already shipping in various downstream distributions. The locale is not built into glibc, and must be installed.
<math.h> functions that round their results to a narrower type, and corresponding <tgmath.h> macros, are added from TS 18661-1:2014, TS 18661-3:2015 and draft ISO C2X:
fsqrt, fsqrtl, dsqrtl and corresponding fMsqrtfN, fMsqrtfNx, fMxsqrtfN and fMxsqrtfNx functions.
ffma, ffmal, dfmal and corresponding fMfmafN, fMfmafNx, fMxfmafN and fMxfmafNx functions.
<math.h> functions for floating-point maximum and minimum, corresponding to new operations in IEEE 754-2019, and corresponding <tgmath.h> macros, are added from draft ISO C2X: fmaximum, fmaximum_num, fmaximum_mag, fmaximum_mag_num, fminimum, fminimum_num, fminimum_mag, fminimum_mag_num and corresponding functions for float, long double, _FloatN and _FloatNx.
<math.h> macros for single-precision float constants are added as a GNU extension: M_Ef, M_LOG2Ef, M_LOG10Ef, M_LN2f, M_LN10f, M_PIf, M_PI_2f, M_PI_4f, M_1_PIf, M_2_PIf, M_2_SQRTPIf, M_SQRT2f and M_SQRT1_2f.
The STDC_IEC_60559_BFP and STDC_IEC_60559_COMPLEX macros are predefined as specified in TS 18661-1:2014.
The exp10 functions in <math.h> now have a corresponding type-generic macro in <tgmath.h>.
The ISO C2X macro _PRINTF_NAN_LEN_MAX has been added to <stdio.h>.
printf-family functions now support the %b format for output of integers in binary, as specified in draft ISO C2X, and the %B variant of that format recommended by draft ISO C2X.
A new DSO sorting algorithm has been added in the dynamic linker that uses topological sorting by depth-first search (DFS), solving performance issues of the existing sorting algorithm when encountering particular circular object dependency cases.
A new tunable, glibc.rtld.dynamic_sort, can be used to select between the two DSO sorting algorithms. The default setting of '2' uses the new DFS-based algorithm. The setting '1' switches to the old algorithm used in glibc 2.33 and earlier.
ABI support for a new function '__memcmpeq'. '__memcmpeq' is meant to be used by compilers for optimizing usage of 'memcmp' when its return value is only used for its boolean status.
Support for automatically registering threads with the Linux rseq system call has been added. This system call is implemented starting from Linux 4.18. The Restartable Sequences ABI accelerates user-space operations on per-cpu data. It allows user-space to perform updates on per-cpu data without requiring heavy-weight atomic operations. Automatically registering threads allows all libraries, including libc, to make immediate use of the rseq support by using the documented ABI, via the __rseq_flags, __rseq_offset, and __rseq_size variables. The GNU C Library manual has details on integration of Restartable Sequences.
A symbolic link to the dynamic linker is now installed under /usr/bin/ld.so (or more precisely, '${bindir}/ld.so').
All programs and the testsuite in glibc are now built as position independent executables (PIE) by default on toolchains and architectures that support it. Further, if the toolchain and architecture supports it, even static programs are built as PIE and the resultant glibc can be used to build static PIE executables. A new option --disable-default-pie has been added to disable this behavior and get a non-PIE build. This option replaces --enable-static-pie, which no longer has any effect on the build configuration.
On Linux, a new tunable, glibc.malloc.hugetlb, can be used to either make malloc issue madvise plus MADV_HUGEPAGE on mmap and sbrk or to use huge pages directly with mmap calls with the MAP_HUGETLB flags). The former can improve performance when Transparent Huge Pages is set to 'madvise' mode while the latter uses the system reserved huge pages.
The printf family of functions now handles the flagged %#m conversion specifier, printing errno as an error constant (similar to strerrorname_np).
The function _dl_find_object has been added. In-process unwinders can use it to efficiently locate unwinding information for a code address.
Support for OpenRISC running on Linux has been added. This port requires as least binutils 2.35, GCC 11, and Linux 5.4. Currently only soft-float ABI is supported:
- or1k-linux-gnu
The OpenRISC ABI is 32-bit big-endian and uses 64-bit time (y2038 safe) and 64-bit file offsets (LFS default).
A new configure option, --with-rtld-early-cflags, can be used to specify additional compiler flags for building the early startup code of the dynamic linker. On targets which have CPU compatibility checks, this can help to ensure that proper diagnostics are printed if the dynamic loader runs on an incompatible CPU.
On Linux, the epoll_pwait2 function has been added. It is similar to epoll_wait with the difference the timeout has nanoseconds resolution.
The function posix_spawn_file_actions_addtcsetpgrp_np has been added, enabling posix_spawn and posix_spawnp to set the controlling terminal in the new process in a race free manner. This function is a GNU extension.
Source fortification (_FORTIFY_SOURCE) level 3 is now available for applications compiling with glibc and gcc 12 and later. Level 3 leverages the __builtin_dynamic_object_size function to deliver additional fortification balanced against additional runtime cost (checking non-constant bounds).
Deprecated and removed features, and other changes affecting compatibility:
On x86-64, the LD_PREFER_MAP_32BIT_EXEC environment variable support has been removed since the first PT_LOAD segment is no longer executable due to defaulting to -z separate-code.
The r_version update in the debugger interface makes the glibc binary incompatible with GDB binaries built without the following commits:
c0154a4a21a gdb: Don't assume r_ldsomap when r_version > 1 on Linux 4eb629d50d4 gdbserver: Check r_version < 1 for Linux debugger interface
when audit modules or dlmopen are used.
Intel MPX support (lazy PLT, ld.so profile, and LD_AUDIT) has been removed.
The --enable-static-pie option is no longer available. The glibc build configuration script now automatically detects static-pie support in the toolchain and architecture and enables it if available.
The catchsegv script and associated libSegFault.so shared object have been removed. There are widely-deployed out-of-process alternatives for catching coredumps and backtraces.
Support for prelink will be removed in the next release; this includes removal of the LD_TRACE_PRELINKING, and LD_USE_LOAD_BIAS, environment variables and their functionality in the dynamic loader.
Changes to build and runtime requirements:
The audit module interface version LAV_CURRENT is increased to enable proper bind-now support. The loader now advertises via the la_symbind flags that PLT trace is not possible. New audit modules require the new dynamic loader supporing the latest LAV_CURRENT version. Old audit modules are still loaded for all targets except aarch64.
The audit interface on aarch64 is extended to support both the indirect result location register (x8) and NEON Q register. Old audit modules are rejected by the loader. Audit modules must be rebuilt to use the newer structure sizes and the latest module interface version for LAV_CURRENT.
Security related changes:
CVE-2022-23219: Passing an overlong file name to the clnt_create legacy function could result in a stack-based buffer overflow when using the "unix" protocol. Reported by Martin Sebor.
CVE-2022-23218: Passing an overlong file name to the svcunix_create legacy function could result in a stack-based buffer overflow.
CVE-2021-3998: Passing a path longer than PATH_MAX to the realpath function could result in a memory leak and potential access of uninitialized memory. Reported by Qualys.
CVE-2021-3999: Passing a buffer of size exactly 1 byte to the getcwd function may result in an off-by-one buffer underflow and overflow when the current working directory is longer than PATH_MAX and also corresponds to the / directory through an unprivileged mount namespace. Reported by Qualys.
The following bugs are resolved with this release:
[12889] nptl: Race condition in pthread_kill [14232] nptl: tst-cancel7 and tst-cancelx7 race condition [14913] libc: [mips] Clean up MIPS 64-bit register-dump.h output [15310] dynamic-link: _dl_sort_fini is O(n^3) causing slow exit when many dsos [15333] libc: Use 64-bit stat functions in installed programs [15533] dynamic-link: LD_AUDIT introduces an avoidable performance degradation [15971] dynamic-link: No interface for debugger access to libraries loaded with dlmopen [17318] locale: [RFE] Provide a C.UTF-8 locale by default [17645] dynamic-link: RFE: Improve performance of dynamic loader for deeply nested DSO dependencies. [19193] nptl: pthread_kill, pthread_cancel return ESRCH for a thread ID whose lifetime has not ended [22542] network: buffer overflow in sunrpc clnt_create (CVE-2022-23219) [22716] malloc: [PATCH] mtrace.pl: use TRACE_PRELINKING instead of TRACE_LOADED_OBJECTS [25947] malloc: memory leak in muntrace [26045] math: fmaxf(inf, nan) does not always work [26108] math: exp10() has problems with <tgmath.h> [26779] build: benign use after realloc at localealias.c:329 [27609] dynamic-link: [2.32/2.33/2.34 Regression] In elf/dl-open.c (_dl_open) we might use __LM_ID_CALLER to index GL(dl_ns)[] [27945] build: build-many-glibcs.py doesn't configure GCC with --enable-initfini-array [27991] build: x86: sysdeps/x86/configure.ac breaks when libc_cv_include_x86_isa_level is loaded from cache [28036] nptl: Incorrect types for pthread_mutexattr_set/getrobust_np in __REDIRECT_NTH macro [28061] dynamic-link: A failing dlmopen called by an auditor crashed [28062] dynamic-link: Suppress audit calls when a (new) namespace is empty [28126] libc: nftw aborts for paths longer than PATH_MAX [28129] dynamic-link: Unnecessary check DT_DEBUG in ld.so [28153] libc: [test] gmon/tst-gmon-gprof* may have a f3 line when built with ld.lld [28182] libc: TIME_BITS=64 in C++ has issues with fcntl, ioctl, prctl [28185] math: Inaccurate j0f function (again) [28199] locale: iconvconfig prefix flag behaves differently in glibc 2.34 [28203] dynamic-link: aarch64: elf_machine{load_address,dynamic} should drop GLOBAL_OFFSET_TABLE[0] in favor of __ehdr_start for robustness [28213] librt: NULL pointer dereference in mq_notify (CVE-2021-38604) [28223] libc: mips: clone does not align stack [28253] dynamic-link: Missing colon in LD_SHOW_AUXV output after AT_MINSIGSTKSZ [28256] malloc: Conditional jump or move depends on uninitialised value(s) in __GI___tunables_init [28260] build: io/tst-closefrom, misc/tst-close_range, posix/tst- spawn5 fail if stray fds are open [28310] libc: Do not use affinity mask for sysconf (_SC_NPROCESSORS_CONF) [28338] time: undefined behavior in __tzfile_compute with oddball TZif file [28340] dynamic-link: ld.so crashes while loading a DSO with a read- only dynamic section [28349] libc: Segfault for ping -R on qemux86 caused by recvmsg() [28350] libc: ping receives SIGABRT on lib32-qemux86-64 caused by recvmsg() [28353] network: Race condition on __opensock [28357] dynamic-link: deadlock between pthread_create and ctors [28358] math: f64xdivf128 and f64xmulf128 spurious underflows [28361] nptl: Fix for bug 12889 causes setxid deadlock [28368] build: -Waddress instances in stdio-common/vfprintf-internal.c [28390] localedata: Update locale data to Unicode 14.0.0 [28397] math: tgmath.h should not define fmaxmag, fminmag macros for C2X [28400] libc: [2.35 Regression] string/test-strncasecmp: cannot set locale "en_US.UTF-8" [28407] nptl: pthread_kill assumes that kill (getpid ()) is equivalent to tgkill (getpid (), gettid()) [28455] dynamic-link: -Wl,--enable-new-dtags doesn't work [28457] dynamic-link: Missing reldepmod4.so dependency for globalmod1.so [28469] time: linux: struct timex is not correctly set for 32-bit systems with TIMESIZE=64 [28470] regex: Buffer read overrun in regular expression searching [28475] string: Incorrect access attribute on memfrob [28524] libc: Conversion from ISO-2022-JP-3 with iconv may emit spurious NUL character on state reset [28532] libc: powerpc64[le]: CFI for assembly templated syscalls is incorrect [28550] dynamic-link: FAIL: tst-dso- ordering9_112-ecbda(GLIBC_TUNABLES=glibc.rtld.dynamic_sort=1) execution test [28554] build: Undefined generate-md5 [28572] libc: Misaligned accesses in test-memcpy and test-mempcpy on hppa [28607] nptl: Masked signals are delivered on thread exit [28624] libc: openjdk 8/9 assume uni processor and gets stuck due to lack of cpu counting /proc fallback with glibc 2.34 [28646] string: [2.35 Regression] mock -r fedora-36-x86_64 /tmp/java-1.8.0-openjdk-1.8.0.312.b07-2.fc36.src.rpm& fails to build [28648] dynamic-link: Running ld.so on statically linked binaries crashes [28656] dynamic-link: LD_PREFER_MAP_32BIT_EXEC no longer works due to binutils changes [28676] dynamic-link: p_align on PT_LOAD segment in DSO isn't honored [28678] nptl: nptl/tst-create1 hangs sporadically [28688] dynamic-link: PT_LOAD p_align check is too strict [28700] nss: "dns [!UNAVAIL=return] files" default for hosts database is not useful [28707] time: assert in tzfile.c __tzfile_read striking with truncated timezones generated by tzcode-2021d and later [28713] math: GCC 12 miscompiles libm [28732] dynamic-link: FAIL: elf/tst-dl_find_object [28738] build: LIBC_LINKER_FEATURE doesn't work on linker -z option [28745] dynamic-link: _dl_find_object miscompilation on powerpc64le [28746] libc: _FORTIFY_SOURCE does not work for stpcpy [28749] libc: Inconsistency detected by ld.so: rtld.c: 1632: dl_main: Assertion `GL(dl_rtld_map).l_libname' failed! [28755] string: overflow bug in wcsncmp_avx2 and wcsncmp_evex [28757] nptl: GDB printer tests failed with new GDB [28765] math: x86_64 libmvec atan2 accuracy [28766] manual: Document libmvec accuracy [28768] network: Buffer overflow in svcunix_create with long pathnames (CVE-2022-23218) [28769] libc: Off-by-one buffer overflow/underflow in getcwd() (CVE-2021-3999) [28770] libc: Unexpected return value from realpath() for too long results (CVE-2021-3998) [28771] libc: %ebx optimization macros are incompatible with .altmacro in Systemtap probes [28780] build: --disable-default-pie doesn't work on static programs [28782] libc: x86-64 ISA level for glibc itself is always x86-64-baseline [28792] glob: possible wrong behaviour with patterns with double [ with no closing ] [28837] libc: FAIL: socket/tst-socket-timestamp-compat [28847] locale: Empty mon_decimal_point in LC_MONETARY results in non- empty mon_decimal_point_wc
Release Notes
https://sourceware.org/glibc/wiki/Release/2.35
Contributors
This release was made possible by the contributions of many people. The maintainers are grateful to everyone who has contributed changes or bug reports. These include:
Adhemerval Zanella Akila Welihinda Alexandra Hájková Andrea Monaco Andreas Schwab Anton Blanchard Arjun Shankar Aurelien Jarno Ben Woodard Carlos O'Donell Chung-Lin Tang Cristian Rodríguez DJ Delorie Fangrui Song Florian Weimer H.J. Lu Hans-Peter Nilsson Jangwoong Kim Jiaxun Yang John David Anglin Jonathan Wakely Joseph Myers Khem Raj Kurt Kanzenbach Luca Boccassi Mark Wielaard Martin Sebor Matheus Castanho Matt Whitlock Maxim Kuvyrkov Michael Kerrisk Mike FABIAN Naohiro Tamura Naohiro Tamura via Libc-alpha Nart Tlisha Nikita Popov Noah Goldstein Patrick McGehearty Paul A. Clarke Paul E. Murphy Paul Eggert Paul Zimmermann Robbie Harwood Romain GEISSLER Rongwei Wang Samuel Thibault Sergey Bugaev Siddhesh Poyarekar Stafford Horne Stefan Liebler Sunil K Pandey Szabolcs Nagy Thomas Petazzoni Tulio Magno Quites Machado Filho Wilco Dijkstra Xi Ruoyao maminjie
- Previous message (by thread): Open for glibc 2.36 development
- Next message (by thread): glibc 2.35 failure
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]