libc @ Savannah: The GNU C Library version 2.40 is now available

The GNU C Library

The GNU C Library version 2.40 is now available.

The GNU C Library is used as the C library in the GNU system and

in GNU/Linux systems, as well as many other systems that use Linux

as the kernel.

The GNU C Library is primarily designed to be a portable

and high performance C library. It follows all relevant

standards including ISO C11 and POSIX.1-2017. It is also

internationalized and has one of the most complete

internationalization interfaces known.

The GNU C Library webpage is at http://www.gnu.org/software/libc/

Packages for the 2.40 release may be downloaded from:

http://ftpmirror.gnu.org/libc/

http://ftp.gnu.org/gnu/libc/

The mirror list is at http://www.gnu.org/order/ftp.html

Distributions are encouraged to track the release/* branches

corresponding to the releases they are using. The release

branches will be updated with conservative bug fixes and new

features while retaining backwards compatibility.

NEWS for version 2.40

Major new features:

  • The header type-generic macros have been changed when using

GCC 14.1 or later to use __builtin_stdc_bit_ceil etc. built-in functions

in order to support unsigned __int128 and/or unsigned _BitInt(N) operands

with arbitrary precisions when supported by the target.

  • The GNU C Library now supports a feature test macro _ISOC23_SOURCE to

enable features from the ISO C23 standard. Only some features from

this standard are supported by the GNU C Library. The older name

_ISOC2X_SOURCE is still supported. Features from C23 are also enabled

by _GNU_SOURCE, or by compiling with the GCC options -std=c23,

-std=gnu23, -std=c2x or -std=gnu2x.

  • The following ISO C23 function families (introduced in TS

18661-4:2015) are now supported in . Each family includes

functions for float, double, long double, _FloatN and _FloatNx, and a

type-generic macro in .

- Exponential functions: exp2m1, exp10m1.

- Logarithmic functions: log2p1, log10p1, logp1.

  • A new tunable, glibc.rtld.enable_secure, can be used to run a program

as if it were a setuid process. This is currently a testing tool to allow

more extensive verification tests for AT_SECURE programs and not meant to

be a security feature.

  • On Linux, the epoll header was updated to include epoll ioctl definitions

and the related structure added in Linux kernel 6.9.

  • The fortify functionality has been significantly enhanced for building

programs with clang against the GNU C Library.

  • Many functions have been added to the vector library for aarch64:

acosh, asinh, atanh, cbrt, cosh, erf, erfc, hypot, pow, sinh, tanh

  • On x86, memset can now use non-temporal stores to improve the performance

of large writes. This behaviour is controlled by a new tunable

x86_memset_non_temporal_threshold.

Deprecated and removed features, and other changes affecting compatibility:

  • Architectures which use a 32-bit seconds-since-epoch field in struct

lastlog, struct utmp, struct utmpx (such as i386, powerpc64le, rv32,

rv64, x86-64) switched from a signed to an unsigned type for that

field. This allows these fields to store timestamps beyond the year

2038, until the year 2106. Please note that applications are still

expected to migrate off the interfaces declared in and

(except for login_tty) due to locking and session management

problems.

  • __rseq_size now denotes the size of the active rseq area (20 bytes

initially), not the size of struct rseq (32 bytes initially).

Security related changes:

The following CVEs were fixed in this release, details of which can be

found in the advisories directory of the release tarball:

GLIBC-SA-2024-0004:

ISO-2022-CN-EXT: fix out-of-bound writes when writing escape

sequence (CVE-2024-2961)

GLIBC-SA-2024-0005:

nscd: Stack-based buffer overflow in netgroup cache (CVE-2024-33599)

GLIBC-SA-2024-0006:

nscd: Null pointer crash after notfound response (CVE-2024-33600)

GLIBC-SA-2024-0007:

nscd: netgroup cache may terminate daemon on memory allocation

failure (CVE-2024-33601)

GLIBC-SA-2024-0008:

nscd: netgroup cache assumes NSS callback uses in-buffer strings

(CVE-2024-33602)

The following bugs were resolved with this release:

[19622] network: Support aliasing with struct sockaddr

[21271] localedata: cv_RU: update translations

[23774] localedata: lv_LV collates Y/y incorrectly

[23865] string: wcsstr is quadratic-time

[25119] localedata: Change Czech weekday names to lowercase

[27777] stdio: fclose does a linear search, takes ages when many FILE*

are opened

[29770] libc: prctl does not match manual page ABI on powerpc64le-

linux-gnu

[29845] localedata: Update hr_HR locale currency to €

[30701] time: getutxent misbehaves on 32-bit x86 when TIME_BITS=64

[31316] build: Fails test misc/tst-dirname "Didn't expect signal from

child: got `Illegal instruction'" on non SSE CPUs

[31317] dynamic-link: [RISCV] static PIE crashes during self

relocation

[31325] libc: mips: clone3 is wrong for o32

[31335] math: Compile glibc with -march=x86-64-v3 should disable FMA4

multi-arch version

[31339] libc: arm32 loader crash after cleanup in 2.36

[31340] manual: A bad sentence in section 22.3.5 (resource.texi)

[31357] dynamic-link: $(objpfx)tst-rtld-list-diagnostics.out rule

doesn't work with test wrapper

[31370] localedata: wcwidth() does not treat

DEFAULT_IGNORABLE_CODE_POINTs as zero-width

[31371] dynamic-link: x86-64: APX and Tile registers aren't preserved

in ld.so trampoline

[31372] dynamic-link: _dl_tlsdesc_dynamic doesn't preserve all caller-

saved registers

[31383] libc: _FORTIFY_SOURCE=3 and __fortified_attr_access vs size of

0 and zero size types

[31385] build: sort-makefile-lines.py doesn't check variable with _

nor with "^# variable"

[31402] libc: clone (NULL, NULL, ...) clobbers %r7 register on

s390{,x}

[31405] libc: Improve dl_iterate_phdr using _dl_find_object

[31411] localedata: Add Latgalian locale

[31412] build: GCC 6 failed to build i386 glibc on Fedora 39

[31429] build: Glibc failed to build with -march=x86-64-v3

[31468] libc: sigisemptyset returns true when the set contains signals

larger than 34

[31476] network: Automatic activation of single-request options break

resolv.conf reloading

[31479] libc: Missing #include in sched_getcpu.c may

result in a loss of rseq acceleration

[31501] dynamic-link: _dl_tlsdesc_dynamic_xsavec may clobber %rbx

[31518] manual: documentation: FLT_MAX_10_EXP questionable text, evtl.

wrong,

[31530] localedata: Locale file for Moksha - mdf_RU

[31553] malloc: elf/tst-decorate-maps fails on ppc64el

[31596] libc: On the llvm-arm32 platform, dlopen("not_exist.so", -1)

triggers segmentation fault

[31600] math: math: x86 ceill traps when FE_INEXACT is enabled

[31601] math: math: x86 floor traps when FE_INEXACT is enabled

[31603] math: math: x86 trunc traps when FE_INEXACT is enabled

[31612] libc: arc4random fails to fallback to /dev/urandom if

getrandom is not present

[31629] build: powerpc64: Configuring with "--with-cpu=power10" and

'CFLAGS=-O2 -mcpu=power9' fails to build glibc

[31640] dynamic-link: POWER10 ld.so crashes in

elf_machine_load_address with GCC 14

[31661] libc: NPROCESSORS_CONF and NPROCESSORS_ONLN not available in

getconf

[31676] dynamic-link: Configuring with CC="gcc -march=x86-64-v3"

--with-rtld-early-cflags=-march=x86-64 results in linker failure

[31677] nscd: nscd: netgroup cache: invalid memcpy under low

memory/storage conditions

[31678] nscd: nscd: Null pointer dereferences after failed netgroup

cache insertion

[31679] nscd: nscd: netgroup cache may terminate daemon on memory

allocation failure

[31680] nscd: nscd: netgroup cache assumes NSS callback uses in-buffer

strings

[31682] math: [PowerPC] Floating point exception error for math test

test-ceil-except-2 test-floor-except-2 test-trunc-except-2

[31686] dynamic-link: Stack-based buffer overflow in

parse_tunables_string

[31695] libc: pidfd_spawn/pidfd_spawnp leak an fd if clone3 succeeds

but execve fails

[31719] dynamic-link: --enable-hardcoded-path-in-tests doesn't work

with -Wl,--enable-new-dtags

[31730] libc: backtrace_symbols_fd prints different strings than

backtrace_symbols returns

[31753] build: FAIL: link-static-libc with GCC 6/7/8

[31755] libc: procutils_read_file doesn't start with a leading

underscore

[31756] libc: write_profiling is only in libc.a

[31757] build: Should XXXf128_do_not_use functions be excluded?

[31759] math: Extra nearbyint symbols in libm.a

[31760] math: Missing math functions

[31764] build: _res_opcodes should be a compat symbol only

[31765] dynamic-link: _dl_mcount_wrapper is exported without prototype

[31766] stdio: _IO_stderr
IO_stdin _IO_stdout should be compat

symbols

[31768] string: Extra stpncpy symbol in libc.a

[31770] libc: clone3 is in libc.a

[31774] libc: Missing __isnanf128 in libc.a

[31775] math: Missing exp10 exp10f32x exp10f64 fmod fmodf fmodf32

fmodf32x fmodf64 in libm.a

[31777] string: Extra memchr strlen symbols in libc.a

[31781] math: Missing math functions in libm.a

[31782] build: Test build failure with recent GCC trunk (x86/tst-cpu-

features-supports.c:69:3: error: parameter to builtin not valid:

avx5124fmaps)

[31785] string: loongarch: Extra strnlen symbols in libc.a

[31786] string: powerpc: Extra strchrnul and strncasecmp_l symbols in

libc.a

[31787] math: powerpc: Extra llrintf, llrintf, llrintf32, and

llrintf32 symbols in libc.a

[31788] libc: microblaze: Extra cacheflush symbol in libc.a

[31789] libc: powerpc: Extra versionsort symbol in libc.a

[31790] libc: s390: Extra getutent32, getutent32_r, getutid32,

getutid32_r, getutline32, getutline32_r, getutmp32, getutmpx32,

getutxent32, getutxid32, getutxline32, pututline32, pututxline32,

updwtmp32, updwtmpx32 in libc.a

[31797] build: g++ -static requirement should be able to opt-out

[31798] libc: pidfd_getpid.c is miscompiled by GCC 6.4

[31802] time: difftime is pure not const

[31808] time: The supported time_t range is not documented.

[31840] stdio: Memory leak in _IO_new_fdopen (fdopen) on seek failure

[31867] build: "CPU ISA level is lower than required" on SSE2-free

CPUs

[31876] time: "Date and time" documentation fixes for POSIX.1-2024 etc

[31883] build: ISA level support configure check relies on bashism /

is otherwise broken for arithmetic

[31892] build: Always install mtrace.

[31917] libc: clang mq_open fortify wrapper does not handle 4 argument

correctly

[31927] libc: clang open fortify wrapper does not handle argument

correctly

[31931] time: tzset may fault on very short TZ string

[31934] string: wcsncmp crash on s390x on vlbb instruction

[31963] stdio: Crash in _IO_link_in within __gcov_exit

[31965] dynamic-link: rseq extension mechanism does not work as

intended

[31980] build: elf/tst-tunables-enable_secure-env fails on ppc

Release Notes

https://sourceware.org/glibc/wiki/Release/2.40

Contributors

This release was made possible by the contributions of many people.

The maintainers are grateful to everyone who has contributed

changes or bug reports. These include:

Adam Sampson

Adhemerval Zanella

Alejandro Colomar

Alexandre Ferrieux

Amrita H S

Andreas K. Hüttel

Andreas Schwab

Andrew Pinski

Askar Safin

Aurelien Jarno

Avinal Kumar

Carlos Llamas

Carlos O'Donell

Charles Fol

Christoph Müllner

DJ Delorie

Daniel Cederman

Darius Rad

David Paleino

Dragan Stanojević (Nevidljivi)

Evan Green

Fangrui Song

Flavio Cruz

Florian Weimer

Gabi Falk

H.J. Lu

Jakub Jelinek

Jan Kurik

Joe Damato

Joe Ramsay

Joe Simmons-Talbott

Joe Talbott

John David Anglin

Joseph Myers

Jules Bertholet

Julian Zhu

Junxian Zhu

Konstantin Kharlamov

Luca Boccassi

Maciej W. Rozycki

Manjunath Matti

Mark Wielaard

MayShao-oc

Meng Qinggang

Michael Jeanson

Michel Lind

Mike FABIAN

Mohamed Akram

Noah Goldstein

Palmer Dabbelt

Paul Eggert

Philip Kaludercic

Samuel Dobron

Samuel Thibault

Sayan Paul

Sergey Bugaev

Sergey Kolosov

Siddhesh Poyarekar

Simon Chopin

Stafford Horne

Stefan Liebler

Sunil K Pandey

Szabolcs Nagy

Wilco Dijkstra

Xi Ruoyao

Xin Wang

Yinyu Cai

YunQiang Su

We would like to call out the following and thank them for their

tireless patch review:

Adhemerval Zanella

Alejandro Colomar

Andreas K. Hüttel

Arjun Shankar

Aurelien Jarno

Bruno Haible

Carlos O'Donell

DJ Delorie

Dmitry V. Levin

Evan Green

Fangrui Song

Florian Weimer

H.J. Lu

Jonathan Wakely

Joseph Myers

Mathieu Desnoyers

Maxim Kuvyrkov

Michael Jeanson

Noah Goldstein

Palmer Dabbelt

Paul Eggert

Paul E. Murphy

Peter Bergner

Philippe Mathieu-Daudé

Sam James

Siddhesh Poyarekar

Simon Chopin

Stefan Liebler

Sunil K Pandey

Szabolcs Nagy

Xi Ruoyao

Zack Weinberg

--

Andreas K. Hüttel

dilfridge@gentoo.org

Gentoo Linux developer

(council, toolchain, base-system, perl, releng)

https://wiki.gentoo.org/wiki/User:Dilfridge

https://www.akhuettel.de/

#gnu #gnuorg #opensource

There are no comments yet.