htl: Make __pthread_create_internal directly call __pthread_sigmask

__pthread_sigmask will already know to pass our current ss to
__sigthreadmask.

.b4-config

@@ -0,0 +1,4 @@
+[b4]
+    midmask = https://inbox.sourceware.org/%s
+    linkmask = https://inbox.sourceware.org/%s
+    send-series-to = libc-alpha@sourceware.org

.clang-format

@@ -1,5 +1,5 @@
 #  clang-format file for GLIBC
-#  Copyright (C) 2022-2023 Free Software Foundation, Inc.
+#  Copyright (C) 2022-2025 Free Software Foundation, Inc.
 #  This file is part of the GNU C Library.
 #
 #  The GNU C Library is free software; you can redistribute it and/or

CONTRIBUTED-BY

@@ -24,21 +24,6 @@ catgets/gencat.c:
 catgets/open_catalog.c:
     Contributed by Ulrich Drepper, <drepper@gnu.org>.
 
-crypt/md5-crypt.c:
-    Contributed by Ulrich Drepper <drepper@cygnus.com>, 1996.
-
-crypt/sha256-crypt.c:
-    Contributed by Ulrich Drepper <drepper@redhat.com>, 2007.
-
-crypt/sha256.c:
-    Written by Ulrich Drepper <drepper@redhat.com>, 2007.
-
-crypt/sha512-crypt.c:
-    Contributed by Ulrich Drepper <drepper@redhat.com>, 2007.
-
-crypt/sha512.c:
-    Written by Ulrich Drepper <drepper@redhat.com>, 2007.
-
 debug/backtrace.c:
     Contributed by Jakub Jelinek <jakub@redhat.com>, 2003.
 

INSTALL

@@ -49,6 +49,12 @@ if 'CFLAGS' is specified it must enable optimization.  For example:
 
      $ ../glibc-VERSION/configure CC="gcc -m32" CFLAGS="-O3"
 
+   To test the GNU C Library with a different set of C and C++
+compilers, 'TEST_CC=COMPILER' and 'TEST_CXX=COMPILER' arguments can be
+passed to 'configure'.  For example:
+
+     $ ../glibc-VERSION/configure TEST_CC="gcc-6.4.1" TEST_CXX="g++-6.4.1"
+
    The following list describes all of the available options for
 'configure':
 
@@ -90,12 +96,6 @@ if 'CFLAGS' is specified it must enable optimization.  For example:
      library will still be usable, but functionality may be lost--for
      example, you can't build a shared libc with old binutils.
 
-'--with-default-link'
-     With '--with-default-link', the build system does not use a custom
-     linker script for linking shared objects.  The default is
-     '--without-default-link', because the custom linker script is
-     needed for full RELRO protection.
-
 '--with-nonshared-cflags=CFLAGS'
      Use additional compiler flags CFLAGS to build the parts of the
      library which are always statically linked into applications and
@@ -147,17 +147,13 @@ if 'CFLAGS' is specified it must enable optimization.  For example:
      indirect branch tracking (IBT) and shadow stack (SHSTK).  When CET
      is enabled, the GNU C Library is compatible with all existing
      executables and shared libraries.  This feature is currently
-     supported on i386, x86_64 and x32 with GCC 8 and binutils 2.29 or
-     later.  Note that when CET is enabled, the GNU C Library requires
-     CPUs capable of multi-byte NOPs, like x86-64 processors as well as
-     Intel Pentium Pro or newer.  With '--enable-cet', it is an error to
-     dlopen a non CET enabled shared library in CET enabled application.
-     With '--enable-cet=permissive', CET is disabled when dlopening a
-     non CET enabled shared library in CET enabled application.
+     supported on x86_64 and x32 with GCC 8 and binutils 2.29 or later.
+     With '--enable-cet', it is an error to dlopen a non CET enabled
+     shared library in CET enabled application.  With
+     '--enable-cet=permissive', CET is disabled when dlopening a non CET
+     enabled shared library in CET enabled application.
 
-     NOTE: '--enable-cet' has been tested for i686, x86_64 and x32 on
-     non-CET processors.  '--enable-cet' has been tested for i686,
-     x86_64 and x32 on CET processors.
+     NOTE: '--enable-cet' is only supported on x86_64 and x32.
 
 '--enable-memory-tagging'
      Enable memory tagging support if the architecture supports it.
@@ -189,7 +185,7 @@ if 'CFLAGS' is specified it must enable optimization.  For example:
      dynamic tests so that they can be invoked directly.
 
 '--disable-timezone-tools'
-     By default, timezone related utilities ('zic', 'zdump', and
+     By default, time zone related utilities ('zic', 'zdump', and
      'tzselect') are installed with the GNU C Library.  If you are
      building these independently (e.g.  by using the 'tzcode' package),
      then this option will allow disabling the install of these.
@@ -234,41 +230,22 @@ if 'CFLAGS' is specified it must enable optimization.  For example:
      By default for x86_64, the GNU C Library is built with the vector
      math library.  Use this option to disable the vector math library.
 
-'--enable-tunables'
-     Tunables support allows additional library parameters to be
-     customized at runtime.  This feature is enabled by default.  This
-     option can take the following values:
+'--disable-static-c++-tests'
+     By default, if the C++ toolchain lacks support for static linking,
+     configure fails to find the C++ header files and the glibc build
+     fails.  '--disable-static-c++-link-check' allows the glibc build to
+     finish, but static C++ tests will fail if the C++ toolchain doesn't
+     have the necessary static C++ libraries.  Use this option to skip
+     the static C++ tests.  This option implies
+     '--disable-static-c++-link-check'.
 
-     'yes'
-          This is the default if no option is passed to configure.  This
-          enables tunables and selects the default frontend (currently
-          'valstring').
-
-     'no'
-          This option disables tunables.
-
-     'valstring'
-          This enables tunables and selects the 'valstring' frontend for
-          tunables.  This frontend allows users to specify tunables as a
-          colon-separated list in a single environment variable
-          'GLIBC_TUNABLES'.
-
-'--disable-crypt'
-     Do not install the passphrase-hashing library 'libcrypt' or the
-     header file 'crypt.h'.  'unistd.h' will still declare the function
-     'crypt'.  Using this option does not change the set of programs
-     that may need to be linked with '-lcrypt'; it only means that the
-     GNU C Library will not provide that library.
-
-     This option is for hackers and distributions experimenting with
-     independently-maintained implementations of libcrypt.  It may
-     become the default in a future release.
-
-'--disable-experimental-malloc'
-     By default, a per-thread cache is enabled in 'malloc'.  While this
-     cache can be disabled on a per-application basis using tunables
-     (set glibc.malloc.tcache_count to zero), this option can be used to
-     remove it from the build completely.
+'--disable-static-c++-link-check'
+     By default, if the C++ toolchain lacks support for static linking,
+     configure fails to find the C++ header files and the glibc build
+     fails.  Use this option to disable the static C++ link check so
+     that the C++ header files can be located.  The newly built libc.a
+     can be used to create static C++ tests if the C++ toolchain has the
+     necessary static C++ libraries.
 
 '--disable-scv'
      Disable using 'scv' instruction for syscalls.  All syscalls will
@@ -307,6 +284,14 @@ if 'CFLAGS' is specified it must enable optimization.  For example:
      the GNU C Library.  The default value refers to the main
      bug-reporting information for the GNU C Library.
 
+'--enable-fortify-source'
+'--enable-fortify-source=LEVEL'
+     Use -D_FORTIFY_SOURCE='LEVEL' to control hardening in the GNU C
+     Library.  If not provided, 'LEVEL' defaults to highest possible
+     value supported by the build compiler.
+
+     Default is to disable fortification.
+
    To build the library and related programs, type 'make'.  This will
 produce a lot of output, some of which may look like errors from 'make'
 but aren't.  Look for error messages from 'make' containing '***'.
@@ -455,9 +440,9 @@ a pseudoterminal so it can be used by the calling process.  If you are
 using a Linux kernel with the 'devpts' filesystem enabled and mounted at
 '/dev/pts', you don't need this program.
 
-   After installation you should configure the timezone and install
-locales for your system.  The time zone configuration ensures that your
-system time matches the time for your current timezone.  The locales
+   After installation you should configure the time zone ruleset and
+install locales for your system.  The time zone ruleset ensures that
+timestamps are processed correctly for your location.  The locales
 ensure that the display of information on your system matches the
 expectations of your language and geographic region.
 
@@ -483,11 +468,11 @@ root use 'DESTDIR' e.g. 'make localedata/install-locale-files
 DESTDIR=/opt/glibc', but note that this does not change the configured
 prefix.
 
-   To configure the locally used timezone, set the 'TZ' environment
+   To configure the time zone ruleset, set the 'TZ' environment
 variable.  The script 'tzselect' helps you to select the right value.
 As an example, for Germany, 'tzselect' would tell you to use
 'TZ='Europe/Berlin''.  For a system wide installation (the given paths
-are for an installation with '--prefix=/usr'), link the timezone file
+are for an installation with '--prefix=/usr'), link the time zone file
 which is in '/usr/share/zoneinfo' to the file '/etc/localtime'.  For
 Germany, you might execute 'ln -s /usr/share/zoneinfo/Europe/Berlin
 /etc/localtime'.
@@ -500,30 +485,34 @@ build the GNU C Library:
 
    * GNU 'make' 4.0 or newer
 
-     As of relase time, GNU 'make' 4.4 is the newest verified to work to
-     build the GNU C Library.
+     As of release time, GNU 'make' 4.4.1 is the newest verified to work
+     to build the GNU C Library.
 
    * GCC 6.2 or newer
 
      GCC 6.2 or higher is required.  In general it is recommended to use
      the newest version of the compiler that is known to work for
      building the GNU C Library, as newer compilers usually produce
-     better code.  As of release time, GCC 13.0 is the newest compiler
+     better code.  As of release time, GCC 14.2.1 is the newest compiler
      verified to work to build the GNU C Library.
 
      For PowerPC 64-bits little-endian (powerpc64le), a GCC version with
      support for '-mno-gnu-attribute', '-mabi=ieeelongdouble', and
-     '-mabi=ibmlondouble' is required.  Likewise, the compiler must also
-     support passing '-mlong-double-128' with the preceding options.  As
-     of release, this implies GCC 7.4 and newer (excepting GCC 7.5.0,
-     see GCC PR94200).  These additional features are required for
-     building the GNU C Library with support for IEEE long double.
+     '-mabi=ibmlongdouble' is required.  Likewise, the compiler must
+     also support passing '-mlong-double-128' with the preceding
+     options.  As of release, this implies GCC 7.4 and newer (excepting
+     GCC 7.5.0, see GCC PR94200).  These additional features are
+     required for building the GNU C Library with support for IEEE long
+     double.
 
      For ARC architecture builds, GCC 8.3 or higher is needed.
 
      For s390x architecture builds, GCC 7.1 or higher is needed (See gcc
      Bug 98269).
 
+     For AArch64 architecture builds with mathvec enabled, GCC 10 or
+     higher is needed due to dependency on arm_sve.h.
+
      For multi-arch support it is recommended to use a GCC which has
      been built with support for GNU indirect functions.  This ensures
      that correct debugging information is generated for functions
@@ -543,7 +532,7 @@ build the GNU C Library:
 
      You must use GNU 'binutils' (as and ld) to build the GNU C Library.
      No other assembler or linker has the necessary functionality at the
-     moment.  As of release time, GNU 'binutils' 2.39 is the newest
+     moment.  As of release time, GNU 'binutils' 2.43.1 is the newest
      verified to work to build the GNU C Library.
 
      For PowerPC 64-bits little-endian (powerpc64le), 'objcopy' is
@@ -559,7 +548,7 @@ build the GNU C Library:
      need this version of the 'texinfo' package.  Earlier versions do
      not understand all the tags used in the document, and the
      installation mechanism for the info files is not present or works
-     differently.  As of release time, 'texinfo' 7.0.2 is the newest
+     differently.  As of release time, 'texinfo' 7.2 is the newest
      verified to work to build the GNU C Library.
 
    * GNU 'awk' 3.1.2, or higher
@@ -567,9 +556,13 @@ build the GNU C Library:
      'awk' is used in several places to generate files.  Some 'gawk'
      extensions are used, including the 'asorti' function, which was
      introduced in version 3.1.2 of 'gawk'.  As of release time, 'gawk'
-     version 5.1.1 is the newest verified to work to build the GNU C
+     version 5.3.1 is the newest verified to work to build the GNU C
      Library.
 
+     Testing the GNU C Library requires 'gawk' to be compiled with
+     support for high precision arithmetic via the 'MPFR'
+     multiple-precision floating-point computation library.
+
    * GNU 'bison' 2.7 or later
 
      'bison' is used to generate the 'yacc' parser code in the 'intl'
@@ -580,36 +573,43 @@ build the GNU C Library:
 
      Perl is not required, but if present it is used in some tests and
      the 'mtrace' program, to build the GNU C Library manual.  As of
-     release time 'perl' version 5.36.0 is the newest verified to work
+     release time 'perl' version 5.40.0 is the newest verified to work
      to build the GNU C Library.
 
    * GNU 'sed' 3.02 or newer
 
      'Sed' is used in several places to generate files.  Most scripts
      work with any version of 'sed'.  As of release time, 'sed' version
-     4.8 is the newest verified to work to build the GNU C Library.
+     4.9 is the newest verified to work to build the GNU C Library.
 
    * Python 3.4 or later
 
      Python is required to build the GNU C Library.  As of release time,
-     Python 3.11 is the newest verified to work for building and testing
-     the GNU C Library.
+     Python 3.12.8 is the newest verified to work for building and
+     testing the GNU C Library.
 
    * PExpect 4.0
 
      The pretty printer tests drive GDB through test programs and
      compare its output to the printers'.  PExpect is used to capture
      the output of GDB, and should be compatible with the Python version
-     in your system.  As of release time PExpect 4.8.0 is the newest
+     in your system.  As of release time PExpect 4.9.0 is the newest
      verified to work to test the pretty printers.
 
+   * The Python 'abnf' module.
+
+     This module is optional and used to verify some ABNF grammars in
+     the manual.  Version 2.2.0 has been confirmed to work as expected.
+     A missing 'abnf' module does not reduce the test coverage of the
+     library itself.
+
    * GDB 7.8 or later with support for Python 2.7/3.4 or later
 
      GDB itself needs to be configured with Python support in order to
      use the pretty printers.  Notice that your system having Python
      available doesn't imply that GDB supports it, nor that your
      system's Python and GDB's have the same version.  As of release
-     time GNU 'debugger' 12.1 is the newest verified to work to test the
+     time GNU 'debugger' 14.2 is the newest verified to work to test the
      pretty printers.
 
      Unless Python, PExpect and GDB with Python support are present, the
@@ -619,13 +619,13 @@ build the GNU C Library:
 
 If you change any of the 'configure.ac' files you will also need
 
-   * GNU 'autoconf' 2.69 (exactly)
+   * GNU 'autoconf' 2.72 (exactly)
 
 and if you change any of the message translation files you will need
 
    * GNU 'gettext' 0.10.36 or later
 
-     As of release time, GNU 'gettext' version 0.21.1 is the newest
+     As of release time, GNU 'gettext' version 0.23 is the newest
      version verified to work to build the GNU C Library.
 
 You may also need these packages if you upgrade your source tree using
@@ -636,15 +636,13 @@ Specific advice for GNU/Linux systems
 
 If you are installing the GNU C Library on GNU/Linux systems, you need
 to have the header files from a 3.2 or newer kernel around for
-reference.  (For the ia64 architecture, you need version 3.2.18 or newer
-because this is the first version with support for the 'accept4' system
-call.)  These headers must be installed using 'make headers_install';
-the headers present in the kernel source directory are not suitable for
-direct use by the GNU C Library.  You do not need to use that kernel,
-just have its headers installed where the GNU C Library can access them,
-referred to here as INSTALL-DIRECTORY.  The easiest way to do this is to
-unpack it in a directory such as '/usr/src/linux-VERSION'.  In that
-directory, run 'make headers_install
+reference.  These headers must be installed using 'make
+headers_install'; the headers present in the kernel source directory are
+not suitable for direct use by the GNU C Library.  You do not need to
+use that kernel, just have its headers installed where the GNU C Library
+can access them, referred to here as INSTALL-DIRECTORY.  The easiest way
+to do this is to unpack it in a directory such as
+'/usr/src/linux-VERSION'.  In that directory, run 'make headers_install
 INSTALL_HDR_PATH=INSTALL-DIRECTORY'.  Finally, configure the GNU C
 Library with the option '--with-headers=INSTALL-DIRECTORY/include'.  Use
 the most recent kernel you can get your hands on.  (If you are
@@ -673,7 +671,7 @@ components of the GNU C Library installation to be in '/lib' and some in
 Library with '--prefix=/usr'.  If you set some other prefix or allow it
 to default to '/usr/local', then all the components are installed there.
 
-   As of release time, Linux version 6.1.5 is the newest stable version
+   As of release time, Linux version 6.12 is the newest stable version
 verified to work to build the GNU C Library.
 
 Reporting Bugs

LICENSES

@@ -165,44 +165,8 @@ The file if_ppp.h is under the following CMU license:
  OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN
  IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 
-The following license covers the files from Intel's "Highly Optimized
-Mathematical Functions for Itanium" collection:
-
-Intel License Agreement
-
-Copyright (c) 2000, Intel Corporation
-
-All rights reserved.
-
-Redistribution and use in source and binary forms, with or without
-modification, are permitted provided that the following conditions are
-met:
-
-* Redistributions of source code must retain the above copyright
-notice, this list of conditions and the following disclaimer.
-
-* Redistributions in binary form must reproduce the above copyright
-notice, this list of conditions and the following disclaimer in the
-documentation and/or other materials provided with the distribution.
-
-* The name of Intel Corporation may not be used to endorse or promote
-products derived from this software without specific prior written
-permission.
-
-THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
-"AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
-LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
-A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL INTEL OR
-CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL,
-EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
-PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
-PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
-LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
-NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
-SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
-
-The files inet/getnameinfo.c and sysdeps/posix/getaddrinfo.c are copyright
-(C) by Craig Metz and are distributed under the following license:
+The files nss/getnameinfo.c and nss/getaddrinfo.c are copyright (C) by
+Craig Metz and are distributed under the following license:
 
 /* The Inner Net License, Version 2.00
 
@@ -389,3 +353,48 @@ Copyright 2001 by Stephen L. Moshier <moshier@na-net.ornl.gov>
  You should have received a copy of the GNU Lesser General Public
  License along with this library; if not, see
  <https://www.gnu.org/licenses/>.  */
+
+Copyright (c) 1995 IBM Corporation
+
+Permission is hereby granted, free of charge, to any person obtaining
+a copy of this software and associated documentation files (the
+'Software'), to deal in the Software without restriction, including
+without limitation the rights to use, copy, modify, merge, publish,
+distribute, sublicense, and/or sell copies of the Software, and to
+permit persons to whom the Software is furnished to do so, subject to
+the following conditions:
+
+The above copyright notice and this permission notice shall be
+included in all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED 'AS IS', WITHOUT WARRANTY OF ANY KIND,
+EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.
+IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY
+CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT,
+TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE
+SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
+
+Various files in sysdeps/ieee754/flt-32, taken from the CORE-MATH project
+<https://core-math.gitlabpages.inria.fr/>, are distributed under the
+following license:
+
+Copyright (c) 2022-2024 Alexei Sibidanov. Paul Zimmermann.
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.

Makeconfig

@@ -1,4 +1,4 @@
-# Copyright (C) 1991-2023 Free Software Foundation, Inc.
+# Copyright (C) 1991-2025 Free Software Foundation, Inc.
 # Copyright The GNU Toolchain Authors.
 # This file is part of the GNU C Library.
 
@@ -360,6 +360,8 @@ whole-archive = -Wl,--whole-archive
 # Installed name of the startup code.
 # The ELF convention is that the startfile is called crt1.o
 start-installed-name = crt1.o
+# Similar to crt1.o, but without _IO_stdin_used.
+start-name-2.0 = crt1-2.0.o
 # On systems that do not need a special startfile for statically linked
 # binaries, simply set it to the normal name.
 ifndef static-start-installed-name
@@ -537,18 +539,38 @@ else  # build-static
 endif  # build-shared
 endif  # +link
 
+# Command for linking test programs with crt1.o from glibc 2.0.
++link-2.0-before-inputs = -nostdlib -nostartfiles $(no-pie-ldflag) \
+	      $(sysdep-LDFLAGS) $(LDFLAGS) $(LDFLAGS-$(@F)) \
+	      $(relro-LDFLAGS) $(hashstyle-LDFLAGS) \
+	      $(firstword $(CRT-$(@F)) $(csu-objpfx)$(start-name-2.0)) \
+	      $(+preinit) $(+prector)
++link-2.0-before-libc = -o $@ $(+link-2.0-before-inputs) \
+	      $(filter-out $(addprefix $(csu-objpfx),start.o \
+						     $(start-name-2.0))\
+			   $(+preinit) $(link-extra-libs) \
+			   $(common-objpfx)libc% $(+postinit),$^) \
+	      $(link-extra-libs)
++link-after-libc = $(+postctor) $(+postinit)
+define +link-2.0-tests
+$(CC) $(+link-2.0-before-libc) $(rtld-tests-LDFLAGS) $(link-libc-tests) \
+  $(+link-after-libc)
+$(call after-link,$@)
+endef
+
 # The pretty printer test programs need to be compiled without optimizations
 # so they won't confuse gdb.  We could use either the 'GCC optimize' pragma
 # or the 'optimize' function attribute to achieve this; however, at least on
 # ARM, gcc always produces different debugging symbols when invoked with
 # a -O greater than 0 than when invoked with -O0, regardless of anything else
 # we're using to suppress optimizations.  Therefore, we need to explicitly pass
-# -O0 to it through CFLAGS.
+# -O0 to it through CFLAGS. As a result, any fortification needs to be disabled
+# as it needs -O greater than 0.
 # Additionally, the build system will try to -include $(common-objpfx)/config.h
 # when compiling the tests, which will throw an error if some special macros
 # (such as __OPTIMIZE__ and IS_IN_build) aren't defined.  To avoid this, we
 # tell gcc to define IS_IN_build.
-CFLAGS-printers-tests := -O0 -ggdb3 -DIS_IN_build
+CFLAGS-printers-tests := -O0 -ggdb3 -DIS_IN_build $(no-fortify-source)
 
 ifeq (yes,$(build-shared))
 # These indicate whether to link using the built ld.so or the installed one.
@@ -585,10 +607,13 @@ link-libc-rpath-link = -Wl,-rpath-link=$(rpath-link)
 # before the expansion of LDLIBS-* variables).
 
 # Tests use -Wl,-rpath instead of -Wl,-rpath-link for
-# build-hardcoded-path-in-tests.
+# build-hardcoded-path-in-tests.  Add -Wl,--disable-new-dtags to force
+# DT_RPATH instead of DT_RUNPATH which only applies to DT_NEEDED entries
+# in the executable and doesn't applies to DT_NEEDED entries in shared
+# libraries which are loaded via DT_NEEDED entries in the executable.
 ifeq (yes,$(build-hardcoded-path-in-tests))
-link-libc-tests-rpath-link = $(link-libc-rpath)
-link-test-modules-rpath-link = $(link-libc-rpath)
+link-libc-tests-rpath-link = $(link-libc-rpath) -Wl,--disable-new-dtags
+link-test-modules-rpath-link = $(link-libc-rpath) -Wl,--disable-new-dtags
 else
 link-libc-tests-rpath-link = $(link-libc-rpath-link)
 link-test-modules-rpath-link =
@@ -608,7 +633,7 @@ link-libc-printers-tests = $(link-libc-rpath) \
 			   $(link-libc-tests-after-rpath-link)
 
 # This is how to find at build-time things that will be installed there.
-rpath-dirs = math elf dlfcn nss nis rt resolv mathvec support
+rpath-dirs = math elf dlfcn nss nis rt resolv mathvec support misc
 rpath-link = \
 $(common-objdir):$(subst $(empty) ,:,$(patsubst ../$(subdir),.,$(rpath-dirs:%=$(common-objpfx)%)))
 else  # build-static
@@ -704,13 +729,15 @@ endif
 +prectorS = `$(CC) $(sysdep-LDFLAGS) --print-file-name=crtbeginS.o`
 +postctorS = `$(CC) $(sysdep-LDFLAGS) --print-file-name=crtendS.o`
 # Variants of the two previous definitions for statically linking programs.
+static-prector = `$(CC) $(sysdep-LDFLAGS) --print-file-name=crtbeginT.o`
+static-postctor = `$(CC) $(sysdep-LDFLAGS) --print-file-name=crtend.o`
 ifeq (yes,$(enable-static-pie))
 # Static PIE must use PIE variants.
-+prectorT = $(+prectorS)
-+postctorT = $(+postctorS)
++prectorT = $(if $($(@F)-no-pie),$(static-prector),$(+prectorS))
++postctorT = $(if $($(@F)-no-pie),$(static-postctor),$(+postctorS))
 else
-+prectorT = `$(CC) $(sysdep-LDFLAGS) --print-file-name=crtbeginT.o`
-+postctorT = `$(CC) $(sysdep-LDFLAGS) --print-file-name=crtend.o`
++prectorT = $(static-prector)
++postctorT =$(static-postctor)
 endif
 csu-objpfx = $(common-objpfx)csu/
 elf-objpfx = $(common-objpfx)elf/
@@ -741,6 +768,11 @@ run-built-tests = yes
 endif
 endif
 
+# Whether to build the static math tests
+ifndef build-math-static-tests
+build-math-static-tests = no
+endif
+
 # Whether to stop immediately when a test fails.  Nonempty means to
 # stop, empty means not to stop.
 ifndef stop-on-test-failure
@@ -856,12 +888,7 @@ host-test-program-cmd = $(host-built-program-cmd)
 endif
 
 # Extra flags to pass to GCC.
-ifeq ($(all-warnings),yes)
-+gccwarn := -Wall -Wwrite-strings -Wcast-qual -Wbad-function-cast -Wmissing-noreturn -Wmissing-prototypes -Wmissing-declarations -Wcomment -Wcomments -Wtrigraphs -Wsign-compare -Wfloat-equal -Wmultichar
-else
-+gccwarn := -Wall -Wwrite-strings
-endif
-+gccwarn += -Wundef
++gccwarn := -Wall -Wwrite-strings -Wundef $(cc-option-wimplicit-fallthrough)
 ifeq ($(enable-werror),yes)
 +gccwarn += -Werror
 endif
@@ -877,9 +904,10 @@ endif
 +math-flags = -frounding-math
 
 # Logically only "libnldbl", "nonlib" and "testsuite" should be using
-# -fno-math-errno. However due to GCC bug #88576, only "libm" can use
-# -fno-math-errno.
-+extra-math-flags = $(if $(filter libm,$(in-module)),-fno-math-errno,-fmath-errno)
+# -fno-math-errno. However due to GCC bug #88576, only "libm" and
+# "libmvec" can use -fno-math-errno.
++extra-math-flags = $(if $(filter libmvec libm,$(in-module)),\
+                      -fno-math-errno,-fmath-errno)
 
 # Use 64 bit time_t support for installed programs
 installed-modules = nonlib nscd ldconfig locale_programs \
@@ -901,6 +929,16 @@ define elide-stack-protector
 $(if $(filter $(@F),$(patsubst %,%$(1),$(2))), $(no-stack-protector))
 endef
 
+# We might want to compile with fortify-source
+ifneq ($(fortify-source),)
++fortify-source=$(fortify-source)
+endif
+
+# Some routine can't be fortified like the ones used by fortify
+define elide-fortify-source
+$(if $(filter $(@F),$(patsubst %,%$(1),$(2))), $(no-fortify-source))
+endef
+
 # The program that makes Emacs-style TAGS files.
 ETAGS	:= etags
 
@@ -961,6 +999,24 @@ endif	# $(+cflags) == ""
 	   $(+stack-protector) -fno-common
 +gcc-nowarn := -w
 
+# We must filter out elf because the early bootstrap of the dynamic loader
+# cannot be fortified. Likewise we exclude dlfcn because it is entangled
+# with the loader. We must filter out csu because early startup, like the
+# loader, cannot be fortified. Lastly debug is the fortification routines
+# themselves and they cannot be fortified.
+do-fortify = $(filter-out elf dlfcn csu debug,$(subdir))
+ifeq ($(do-fortify),$(subdir))
++cflags += $(+fortify-source)
+else
++cflags += $(no-fortify-source)
+endif
+
+# Filter out LFS flags if compiler defines it by default.
++cflags += $(no-file-offset-bits-source)
+
+# Filter out 64 bit time_t flags if compiler defines it by default.
++cflags += $(no-time-bits-source)
+
 # Each sysdeps directory can contain header files that both will be
 # used to compile and will be installed.  Each can also contain an
 # include/ subdirectory, whose header files will be used to compile
@@ -975,7 +1031,8 @@ endif	# $(+cflags) == ""
 # current directory.
 +includes = -I$(..)include $(if $(subdir),$(objpfx:%/=-I%)) \
 	    $(+sysdep-includes) $(includes) \
-	    $(patsubst %/,-I%,$(..)) $(libio-include) -I. $(sysincludes)
+	    $(patsubst %/,-I%,$(..)) $(libio-include) \
+	    $(if $($(<F)-no-include-dot),,-I.) $(sysincludes)
 
 # Since libio has several internal header files, we use a -I instead
 # of many little headers in the include directory.
@@ -1010,18 +1067,15 @@ module-cppflags = $(if $(filter %.mk.i %.v.i,$(@F)),,$(module-cppflags-real))
 # Note that we can't use -std=* in CPPFLAGS, because it overrides
 # the implicit -lang-asm and breaks cpp behavior for .S files--notably
 # it causes cpp to stop predefining __ASSEMBLER__.
-CPPFLAGS = $(config-extra-cppflags) $(CPPUNDEFS) $(CPPFLAGS-config) \
+CPPFLAGS = $(config-extra-cppflags) $(CPPFLAGS-config) \
 	   $($(subdir)-CPPFLAGS) \
 	   $(+includes) $(defines) $(module-cppflags) \
 	   -include $(..)include/libc-symbols.h $(sysdep-CPPFLAGS) \
 	   $(CPPFLAGS-$(suffix $@)) \
 	   $(foreach lib,$(libof-$(basename $(@F))) \
 			 $(libof-$(<F)) $(libof-$(@F)),$(CPPFLAGS-$(lib))) \
-	   $(CPPFLAGS-$(<F)) $(CPPFLAGS-$(@F)) $(CPPFLAGS-$(basename $(@F)))
-
-ifneq (no,$(have-tunables))
-CPPFLAGS += -DTOP_NAMESPACE=glibc
-endif
+	   $(CPPFLAGS-$(<F)) $(CPPFLAGS-$(@F)) $(CPPFLAGS-$(basename $(@F))) \
+	   -DTOP_NAMESPACE=glibc
 
 override CFLAGS	= -std=gnu11 -fgnu89-inline $(config-extra-cflags) \
 		  $(filter-out %frame-pointer,$(+cflags)) $(+gccwarn-c) \
@@ -1052,6 +1106,8 @@ object-suffixes :=
 CPPFLAGS-.o = $(pic-default)
 # libc.a must be compiled with -fPIE/-fpie for static PIE.
 CFLAGS-.o = $(filter %frame-pointer,$(+cflags)) $(pie-default)
+CFLAGS-.o += $(call elide-fortify-source,.o,$(routines_no_fortify))
+CFLAGS-.o += $(call elide-fortify-source,_chk.o,$(routines_no_fortify))
 libtype.o := lib%.a
 object-suffixes += .o
 ifeq (yes,$(build-shared))
@@ -1061,6 +1117,8 @@ object-suffixes += .os
 pic-cppflags = -DPIC -DSHARED
 CPPFLAGS-.os = $(pic-cppflags)
 CFLAGS-.os = $(filter %frame-pointer,$(+cflags)) $(pic-ccflag)
+CFLAGS-.os += $(call elide-fortify-source,.os,$(routines_no_fortify))
+CFLAGS-.os += $(call elide-fortify-source,_chk.os,$(routines_no_fortify))
 libtype.os := lib%_pic.a
 # This can be changed by a sysdep makefile
 pic-ccflag = -fPIC
@@ -1080,6 +1138,8 @@ object-suffixes += .op
 CPPFLAGS-.op = -DPROF $(pic-default)
 # libc_p.a must be compiled with -fPIE/-fpie for static PIE.
 CFLAGS-.op = -pg $(pie-default)
+CFLAGS-.op += $(call elide-fortify-source,.op,$(routines_no_fortify))
+CFLAGS-.op += $(call elide-fortify-source,_chk.op,$(routines_no_fortify))
 libtype.op = lib%_p.a
 endif
 
@@ -1107,10 +1167,6 @@ ASFLAGS := $(filter -g% -fdebug-prefix-map=%,$(CFLAGS))
 endif
 override ASFLAGS += -Werror=undef $(ASFLAGS-config) $(asflags-cpu)
 
-ifndef BUILD_CC
-BUILD_CC = $(CC)
-endif
-
 move-if-change = $(SHELL) $(..)scripts/move-if-change
 
 -include $(common-objpfx)sysd-sorted
@@ -1203,7 +1259,6 @@ endif
 
 # Build the tunables list header early since it could be used by any module in
 # glibc.
-ifneq (no,$(have-tunables))
 before-compile += $(common-objpfx)dl-tunable-list.h
 common-generated += dl-tunable-list.h dl-tunable-list.stmp
 
@@ -1213,10 +1268,9 @@ $(common-objpfx)dl-tunable-list.stmp: \
 		$(..)elf/dl-tunables.list \
 		$(wildcard $(subdirs:%=$(..)%/dl-tunables.list)) \
 		$(wildcard $(sysdirs:%=%/dl-tunables.list))
-	$(AWK) -f $^ > ${@:stmp=T}
+	LC_ALL=C $(AWK) -f $^ > ${@:stmp=T}
 	$(move-if-change) ${@:stmp=T} ${@:stmp=h}
 	touch $@
-endif
 
 # Dump the GCC macros used by the default compiler flags to a header
 # file, so that they can be inspected when using different compiler
@@ -1333,16 +1387,11 @@ endif
 # dependencies and generate sorted-subdirs dynamically.
 all-subdirs = csu assert ctype locale intl catgets math setjmp signal	    \
 	      stdlib stdio-common libio malloc string wcsmbs time dirent    \
-	      grp pwd posix io termios resource misc socket sysvipc gmon    \
-	      gnulib iconv iconvdata wctype manual shadow gshadow po argp   \
+	      posix io termios resource misc socket sysvipc gmon            \
+	      gnulib iconv iconvdata wctype manual po argp                  \
 	      localedata timezone rt conform debug mathvec support	    \
 	      dlfcn elf
 
-ifeq ($(build-crypt),yes)
-all-subdirs += crypt
-rpath-dirs += crypt
-endif
-
 ifndef avoid-generated
 # sysd-sorted itself will contain rules making the sysd-sorted target
 # depend on Depend files.  But if you just added a Depend file to an

Makefile

@@ -1,4 +1,4 @@
-# Copyright (C) 1991-2023 Free Software Foundation, Inc.
+# Copyright (C) 1991-2025 Free Software Foundation, Inc.
 # This file is part of the GNU C Library.
 
 # The GNU C Library is free software; you can redistribute it and/or
@@ -518,7 +518,10 @@ mostlyclean: parent-mostlyclean
 	@$(MAKE) subdir_mostlyclean no_deps=t
 	-rm -f $(postclean)
 
-tests-clean:
+# Remove test artifacts from the whole glibc build.
+# do-tests-clean removes test artifacts from top-level directory, and
+# subdir_testclean removes them from individual sub-directories.
+tests-clean: do-tests-clean
 	@$(MAKE) subdir_testclean no_deps=t
 
 ifneq (,$(CXX))
@@ -542,8 +545,9 @@ tests-special += $(objpfx)check-installed-headers-c.out
 libof-check-installed-headers-c := testsuite
 $(objpfx)check-installed-headers-c.out: \
     scripts/check-installed-headers.sh $(headers)
-	$(SHELL) $(..)scripts/check-installed-headers.sh c \
-	  "$(CC) $(filter-out -std=%,$(CFLAGS)) -D_ISOMAC $(+includes)" \
+	$(SHELL) $(..)scripts/check-installed-headers.sh c $(supported-fortify) \
+	  "$(CC) $(test-config-cflags-finput-charset-ascii) \
+	     $(filter-out -std=%,$(CFLAGS)) -D_ISOMAC $(+includes)" \
 	  $(headers) > $@; \
 	$(evaluate-test)
 
@@ -552,8 +556,9 @@ tests-special += $(objpfx)check-installed-headers-cxx.out
 libof-check-installed-headers-cxx := testsuite
 $(objpfx)check-installed-headers-cxx.out: \
     scripts/check-installed-headers.sh $(headers)
-	$(SHELL) $(..)scripts/check-installed-headers.sh c++ \
-	  "$(CXX) $(filter-out -std=%,$(CXXFLAGS)) -D_ISOMAC $(+includes)" \
+	$(SHELL) $(..)scripts/check-installed-headers.sh c++ $(supported-fortify) \
+	  "$(CXX) $(test-config-cxxflags-finput-charset-ascii) \
+	     $(filter-out -std=%,$(CXXFLAGS)) -D_ISOMAC $(+includes)" \
 	  $(headers) > $@; \
 	$(evaluate-test)
 endif # $(CXX)
@@ -564,11 +569,32 @@ $(objpfx)check-wrapper-headers.out: scripts/check-wrapper-headers.py $(headers)
 	  --generated $(common-generated) > $@; $(evaluate-test)
 endif # $(headers)
 
+# Lint all Makefiles; including this one.  Pass `pwd` as the source
+# directory since the top-level Makefile is in the root of the source
+# tree and these tests are run from there.  We add light-weight linting
+# to the 'check' target to support the existing developer workflow of:
+# edit -> make -> make check; without needing an additional step.
+tests-special += $(objpfx)lint-makefiles.out
+$(objpfx)lint-makefiles.out: scripts/lint-makefiles.sh
+	$(SHELL) $< "$(PYTHON)" `pwd` > $@ ; \
+	$(evaluate-test)
+
+# Link libc.a as a whole to verify that it does not contain multiple
+# definitions of any symbols.
+tests-special += $(objpfx)link-static-libc.out
+$(objpfx)link-static-libc.out:
+	$(LINK.o) $(whole-archive) -nostdlib -nostartfiles -r \
+	  $(objpfx)libc.a -o /dev/null > $@ 2>&1; \
+	$(evaluate-test)
+
+# Print test summary for tests in $1 .sum file;
+# $2 is optional test identifier.
+# Fail if there are unexpected failures in the test results.
 define summarize-tests
-@grep -E -v '^(PASS|XFAIL):' $(objpfx)$1 || true
-@echo "Summary of test results$2:"
-@sed 's/:.*//' < $(objpfx)$1 | sort | uniq -c
-@! grep -E -q -v '^(X?PASS|XFAIL|UNSUPPORTED):' $(objpfx)$1
+@grep -E '^[A-Z]+:' $(objpfx)$1 | grep -E -v '^(PASS|XFAIL):' || true
+@echo "		=== Summary of results$2 ==="
+@sed -e '/:.*/!d' -e 's/:.*//' < $(objpfx)$1 | sort | uniq -c
+@! grep -E '^[A-Z]+:' $(objpfx)$1 | grep -E -q -v '^(X?PASS|XFAIL|UNSUPPORTED):'
 endef
 
 # The intention here is to do ONE install of our build into the
@@ -611,7 +637,7 @@ $(objpfx)testroot.pristine/install.stamp :
 ifeq ($(run-built-tests),yes)
 	# Copy these DSOs first so we can overwrite them with our own.
 	for dso in `$(test-wrapper-env) LD_TRACE_LOADED_OBJECTS=1  \
-		$(rtld-prefix) \
+		$(rtld-prefix) --inhibit-cache \
 		$(objpfx)testroot.pristine/bin/sh \
 	        | sed -n '/\//{s@.*=> /@/@;s/^[^/]*//;s/ .*//p;}'` ;\
 	  do \
@@ -620,7 +646,7 @@ ifeq ($(run-built-tests),yes)
 	    $(test-wrapper) cp $$dso $(objpfx)testroot.pristine$$dso ;\
 	  done
 	for dso in `$(test-wrapper-env) LD_TRACE_LOADED_OBJECTS=1  \
-		$(rtld-prefix) \
+		$(rtld-prefix) --inhibit-cache \
 		$(objpfx)support/$(LINKS_DSO_PROGRAM) \
 	        | sed -n '/\//{s@.*=> /@/@;s/^[^/]*//;s/ .*//p;}'` ;\
 	  do \
@@ -721,7 +747,7 @@ endif
 INSTALL: manual/install-plain.texi manual/macros.texi \
 	 $(common-objpfx)manual/pkgvers.texi manual/install.texi
 	makeinfo --no-validate --plaintext --no-number-sections \
-		 -I$(common-objpfx)manual $< -o $@-tmp
+		 --disable-encoding -I$(common-objpfx)manual $< -o $@-tmp
 	$(AWK) 'NF == 0 { ++n; next } \
 		NF != 0 { while (n-- > 0) print ""; n = 0; print }' \
 	  < $@-tmp > $@-tmp2

Makefile.help

@@ -1,4 +1,4 @@
-# Copyright (C) 2019-2023 Free Software Foundation, Inc.
+# Copyright (C) 2019-2025 Free Software Foundation, Inc.
 # This file is part of the GNU C Library.
 
 # The GNU C Library is free software; you can redistribute it and/or
@@ -33,6 +33,10 @@ test
 	Note that this will rebuild the test if needed, but will not
 	rebuild what "make all" would have rebuilt.
 
+build-math-static-tests
+	Enable extra math tests for static linking.  Use like this:
+		make test t=math/test-float-exp10-static build-math-static-tests=yes
+
 --
 Other useful hints:
 

Makefile.in

@@ -1,5 +1,16 @@
 srcdir = @srcdir@
 
+TEST_CC = @TEST_CC@
+TEST_CXX = @TEST_CXX@
+test-cc-option-wimplicit-fallthrough = @libc_cv_test_cc_wimplicit_fallthrough@
+test-config-cflags-mprefer-vector-width = @libc_cv_test_cc_mprefer_vector_width@
+test-config-cflags-signaling-nans = @libc_cv_test_cc_signaling_nans@
+test-config-cflags-wno-ignored-attributes = @libc_cv_test_wno_ignored_attributes@
+test-enable-cet = @test_enable_cet@
+test-have-mamx-tile = @libc_cv_test_x86_have_amx_tile@
+test-have-static-pie = @libc_cv_test_static_pie@
+test-supported-fortify = @libc_cv_test_supported_fortify_source@
+
 # Uncomment the line below if you want to do parallel build.
 # PARALLELMFLAGS = -j 4
 
@@ -8,6 +19,19 @@ srcdir = @srcdir@
 all .DEFAULT:
 	$(MAKE) -r PARALLELMFLAGS="$(PARALLELMFLAGS)" -C $(srcdir) objdir=`pwd` $@
 
+check xcheck test:
+	$(MAKE) -r PARALLELMFLAGS="$(PARALLELMFLAGS)" -C $(srcdir) \
+		CC="$(TEST_CC)" CXX="$(TEST_CXX)" \
+		cc-option-wimplicit-fallthrough="$(test-cc-option-wimplicit-fallthrough)" \
+		config-cflags-mprefer-vector-width="$(test-config-cflags-mprefer-vector-width)" \
+		config-cflags-signaling-nans="$(test-config-cflags-signaling-nans)" \
+		config-cflags-wno-ignored-attributes="$(test-config-cflags-wno-ignored-attributes)" \
+		enable-cet="$(test-enable-cet)" \
+		have-mamx-tile="$(test-have-mamx-tile)" \
+		have-static-pie="$(test-have-static-pie)" \
+		supported-fortify="$(test-supported-fortify)" \
+		objdir=`pwd` $@
+
 install:
 	LC_ALL=C; export LC_ALL; \
 	$(MAKE) -r PARALLELMFLAGS="$(PARALLELMFLAGS)" -C $(srcdir) objdir=`pwd` $@

Makerules

@@ -1,4 +1,4 @@
-# Copyright (C) 1991-2023 Free Software Foundation, Inc.
+# Copyright (C) 1991-2025 Free Software Foundation, Inc.
 # This file is part of the GNU C Library.
 
 # The GNU C Library is free software; you can redistribute it and/or
@@ -200,7 +200,7 @@ endif
 ifndef subdir
 # If a makefile needs to do something conditional on something that
 # can only be figured out from headers, write a FOO.make.c input
-# file that uses cpp contructs and contains @@@ LINE @@@ for each LINE
+# file that uses cpp constructs and contains @@@ LINE @@@ for each LINE
 # to emit in the generated makefile, and use -include $(common-objpfx)FOO.make.
 #
 # We only generate these in the top-level makefile, to avoid any weirdness
@@ -447,10 +447,12 @@ native-compile-mkdep-flags = -MMD -MP -MF $@.dt -MT $@
 compile.c = $(CC) $< -c $(CFLAGS) $(CPPFLAGS)
 compile.cc = $(CXX) $< -c $(CXXFLAGS) $(CPPFLAGS)
 compile.S = $(CC) $< -c $(CPPFLAGS) $(S-CPPFLAGS) \
-		  $(ASFLAGS) $(ASFLAGS-$(suffix $@))
+		  $(ASFLAGS) $(ASFLAGS-$(suffix $@)) $(sysdep-ASFLAGS) \
+		  $(ASFLAGS-$(<F)) $(ASFLAGS-$(@F))
 COMPILE.c = $(CC) -c $(CFLAGS) $(CPPFLAGS)
 COMPILE.S = $(CC) -c $(CPPFLAGS) $(S-CPPFLAGS) \
-		  $(ASFLAGS) $(ASFLAGS-$(suffix $@))
+		  $(ASFLAGS) $(ASFLAGS-$(suffix $@)) $(sysdep-ASFLAGS) \
+		  $(ASFLAGS-$(<F)) $(ASFLAGS-$(@F))
 
 # We need this for the output to go in the right place.  It will default to
 # empty if make was configured to work with a cc that can't grok -c and -o
@@ -467,9 +469,14 @@ S-CPPFLAGS = -DASSEMBLER $(asm-CPPFLAGS)
 
 ifneq (,$(objpfx))
 # Continuation lines here are dangerous because they introduce spaces!
+# Also remove the /usr/include/tgmath.h dependency generated by Clang
+# even though Clang never reads /usr/include/tgmath.h.
+# https://github.com/llvm/llvm-project/issues/120891
 define sed-remove-objpfx
 -e 's@ $(subst .,\.,$(subst @,\@,$(common-objpfx)))@ $$(common-objpfx)@g' \
--e 's@^$(subst .,\.,$(subst @,\@,$(common-objpfx)))@$$(common-objpfx)@g'
+-e 's@^$(subst .,\.,$(subst @,\@,$(common-objpfx)))@$$(common-objpfx)@g' \
+-e 's@/usr/include/tgmath.h:@@' \
+-e 's@ /usr/include/tgmath.h@@'
 endef
 endif
 
@@ -544,44 +551,8 @@ $(LINK.o) -shared -static-libgcc -Wl,-O1 $(sysdep-LDFLAGS) \
 	  -L$(subst :, -L,$(rpath-link)) -Wl,-rpath-link=$(rpath-link)
 endef
 
-ifeq (yes,$(use-default-link))
-# If the linker is good enough, we can let it use its default linker script.
-# In the long term the custom linker script will be removed.
-shlib-lds =
-shlib-lds-flags =
-else
-# binutils only position loadable notes into the first page for binaries,
-# not for shared objects
-# lld --verbose does not dump a linker script.  Use -fuse-ld=bfd.
-$(common-objpfx)shlib.lds: $(common-objpfx)config.make $(..)Makerules
-	$(LINK.o) -shared -Wl,-O1 \
-		  -nostdlib -nostartfiles -fuse-ld=bfd \
-		  $(sysdep-LDFLAGS) $(rtld-LDFLAGS) $(LDFLAGS.so) \
-		  -Wl,--verbose 2>/dev/null | \
-	  sed > $@T \
-	      -e '/^=========/,/^=========/!d;/^=========/d' \
-	      -e 's/^.*\*(\.dynbss).*$$/& \
-		 PROVIDE(__start___libc_freeres_ptrs = .); \
-		 *(__libc_freeres_ptrs) \
-		 PROVIDE(__stop___libc_freeres_ptrs = .);/'\
-	      -e 's@^.*\*(\.jcr).*$$@& \
-		 PROVIDE(__start___libc_subfreeres = .);\
-		 __libc_subfreeres : { *(__libc_subfreeres) }\
-		 PROVIDE(__stop___libc_subfreeres = .);\
-		 PROVIDE(__start___libc_IO_vtables = .);\
-		 __libc_IO_vtables : { *(__libc_IO_vtables) }\
-		 PROVIDE(__stop___libc_IO_vtables = .);\
-		 /DISCARD/ : { *(.gnu.glibc-stub.*) }@'
-	test -s $@T
-	mv -f $@T $@
-common-generated += shlib.lds
-
-shlib-lds = $(common-objpfx)shlib.lds
-shlib-lds-flags = -T $(shlib-lds)
-endif
-
 define build-shlib
-$(build-shlib-helper) -o $@ $(shlib-lds-flags) \
+$(build-shlib-helper) -o $@ \
 	  $(csu-objpfx)abi-note.o $(build-shlib-objlist)
 endef
 
@@ -600,12 +571,12 @@ endef
 # binutils only position loadable notes into the first page for binaries,
 # not for shared objects
 define build-module
-$(build-module-helper) -o $@ $(shlib-lds-flags) \
+$(build-module-helper) -o $@ \
 	  $(csu-objpfx)abi-note.o $(build-module-objlist) $(link-libc-args)
 $(call after-link,$@)
 endef
 define build-module-asneeded
-$(build-module-helper) -o $@ $(shlib-lds-flags) \
+$(build-module-helper) -o $@ \
 	  $(csu-objpfx)abi-note.o \
 	  -Wl,--as-needed $(build-module-objlist) -Wl,--no-as-needed \
 	  $(link-libc-args)
@@ -637,7 +608,6 @@ $(common-objpfx)libc_pic.os: $(common-objpfx)libc_pic.a
 	$(LINK.o) -nostdlib -nostartfiles -r -o $@ \
 	$(LDFLAGS-c_pic.os) $(whole-archive) $^ -o $@
 
-ifeq (,$(strip $(shlib-lds-flags)))
 # Generate a list of -R options to excise .gnu.glibc-stub.* sections.
 $(common-objpfx)libc_pic.opts: $(common-objpfx)libc_pic.os
 	$(OBJDUMP) -h $< | \
@@ -651,7 +621,6 @@ $(common-objpfx)libc_pic.os.clean: $(common-objpfx)libc_pic.opts \
 generated += libc_pic.opts libc_pic.os.clean
 
 libc_pic_clean := .clean
-endif
 
 # Build a possibly-modified version of libc_pic.a for use in building
 # linkobj/libc.so.
@@ -681,16 +650,14 @@ $(common-objpfx)linkobj/libc.so: link-libc-deps = # empty
 $(common-objpfx)libc.so: $(common-objpfx)libc_pic.os$(libc_pic_clean) \
 			 $(elf-objpfx)sofini.os \
 			 $(elf-objpfx)interp.os \
-			 $(elf-objpfx)ld.so \
-			 $(shlib-lds)
+			 $(elf-objpfx)ld.so
 	$(build-shlib)
 	$(call after-link,$@)
 
 $(common-objpfx)linkobj/libc.so: $(common-objpfx)linkobj/libc_pic.a \
 			 $(elf-objpfx)sofini.os \
 			 $(elf-objpfx)interp.os \
-			 $(elf-objpfx)ld.so \
-			 $(shlib-lds)
+			 $(elf-objpfx)ld.so
 	$(build-shlib)
 	$(call after-link,$@)
 
@@ -751,7 +718,7 @@ endif
 
 extra-modules-build := $(filter-out $(modules-names-nobuild),$(modules-names))
 $(extra-modules-build:%=$(objpfx)%.so): $(objpfx)%.so: \
-		$(objpfx)%.os $(shlib-lds) $(link-libs-deps)
+		$(objpfx)%.os $(link-libs-deps)
 	$(build-module)
 endif
 
@@ -1162,8 +1129,6 @@ $(inst_includedir)/%.h: $(common-objpfx)%.h $(+force)
 	$(do-install)
 $(inst_includedir)/%.h: %.h $(+force)
 	$(do-install)
-$(inst_includedir)/%.h: $(..)include/%.h $(+force)
-	$(do-install)
 headers-nonh := $(filter-out %.h,$(headers))
 ifdef headers-nonh
 $(addprefix $(inst_includedir)/,$(headers-nonh)): $(inst_includedir)/%: \
@@ -1358,46 +1323,6 @@ endif
 
 endif
 
-# These will have been set by sysdeps/posix/Makefile.
-L_tmpnam  ?= 1
-TMP_MAX   ?= 0
-L_ctermid ?= 1
-L_cuserid ?= 1
-
-stdio_lim = $(common-objpfx)bits/stdio_lim.h
-
-$(stdio_lim:lim.h=%.h) $(stdio_lim:lim.h=%.d): $(stdio_lim:lim.h=%.st); @:
-$(stdio_lim:h=st): $(..)stdio-common/stdio_lim.h.in $(..)Rules \
-		   $(common-objpfx)config.make
-	$(make-target-directory)
-	{ echo '#include "$(..)posix/bits/posix1_lim.h"';		\
-	} |								\
-	$(CC) -E -dM -MD -MP -MF $(@:st=dT) -MT '$(@:st=h) $(@:st=d)' 	\
-	      $(CPPUNDEFS) $(+includes) -xc - -o $(@:st=hT)
-	sed $(sed-remove-objpfx) $(sed-remove-dotdot)			\
-	    $(@:st=dT) > $(@:st=dt)
-	mv -f $(@:st=dt) $(@:st=d)
-	fopen_max=`sed -n 's/^#define OPEN_MAX //1p' $(@:st=hT)`; 	\
-	filename_max=`sed -n 's/^#define PATH_MAX //1p' $(@:st=hT)`;	\
-	fopen_max=$${fopen_max:-16};					\
-	filename_max=$${filename_max:-1024};				\
-	sed -e "s/@FOPEN_MAX@/$$fopen_max/"				\
-	    -e "s/@FILENAME_MAX@/$$filename_max/"			\
-	    -e "s/@L_tmpnam@/$(L_tmpnam)/"				\
-	    -e "s/@TMP_MAX@/$(TMP_MAX)/"				\
-	    -e "s/@L_ctermid@/$(L_ctermid)/"				\
-	    -e "s/@L_cuserid@/$(L_cuserid)/"				\
-	    $< > $(@:st=h.new)
-	$(move-if-change) $(@:st=h.new) $(@:st=h)
-# Remove these last so that they can be examined if something went wrong.
-	rm -f $(@:st=hT) $(@:st=dT) $(@:st=dt)
-	touch $@
-# Get dependencies.
-ifndef no_deps
--include $(stdio_lim:h=d)
-endif
-common-generated += bits/stdio_lim.h bits/stdio_lim.d bits/stdio_lim.st
-
 FORCE:
 
 .PHONY: echo-headers
@@ -1414,18 +1339,13 @@ echo-headers:
 clean: common-clean
 mostlyclean: common-mostlyclean
 
+# Remove test artifacts from a given directory
 do-tests-clean:
-	-rm -f $(addprefix $(objpfx),$(addsuffix .out,$(tests) \
-						      $(tests-internal) \
-						      $(xtests) \
-						      $(test-srcs)) \
-				     $(addsuffix .test-result,$(tests) \
-							      $(tests-internal) \
-							      $(xtests) \
-							      $(test-srcs)))
+	-find $(objpfx) -name '*.out' -delete
+	-find $(objpfx) -name '*.test-result' -delete
 
 # Remove the object files.
-common-mostlyclean:
+common-mostlyclean: do-tests-clean
 	-rm -f $(addprefix $(objpfx),$(tests) $(tests-internal) $(xtests) \
 				     $(test-srcs) \
 				     $(others) $(sysdep-others) stubs \
@@ -1434,15 +1354,7 @@ common-mostlyclean:
 						    $(xtests) \
 						    $(test-srcs) \
 						    $(others) \
-						    $(sysdep-others)) \
-				     $(addsuffix .out,$(tests) \
-						      $(tests-internal) \
-						      $(xtests) \
-						      $(test-srcs)) \
-				     $(addsuffix .test-result,$(tests) \
-							      $(tests-internal) \
-							      $(xtests) \
-							      $(test-srcs)))
+						    $(sysdep-others)))
 	-rm -f $(addprefix $(objpfx),$(extra-objs) $(extra-test-objs) \
 				     $(install-lib) $(install-lib.so) \
 				     $(install-lib.so:%.so=%_pic.a))

README

@@ -12,7 +12,7 @@ implement the operating system behavior seen by user applications.
 In GNU/Hurd systems, it works with a microkernel and Hurd servers.
 
 The GNU C Library implements much of the POSIX.1 functionality in the
-GNU/Hurd system, using configurations i[4567]86-*-gnu.
+GNU/Hurd system, using configurations i[4567]86-*-gnu and x86_64-gnu.
 
 When working with Linux kernels, this version of the GNU C Library
 requires Linux kernel version 3.2 or later.
@@ -30,7 +30,6 @@ The GNU C Library supports these configurations for using Linux kernels:
 	hppa-*-linux-gnu
 	i[4567]86-*-linux-gnu
 	x86_64-*-linux-gnu	Can build either x86_64 or x32
-	ia64-*-linux-gnu
 	loongarch64-*-linux-gnu Hardware floating point, LE only.
 	m68k-*-linux-gnu
 	microblaze*-*-linux-gnu

Rules

@@ -1,4 +1,4 @@
-# Copyright (C) 1991-2023 Free Software Foundation, Inc.
+# Copyright (C) 1991-2025 Free Software Foundation, Inc.
 # This file is part of the GNU C Library.
 
 # The GNU C Library is free software; you can redistribute it and/or
@@ -60,9 +60,6 @@ ifneq	"$(findstring env,$(origin common-generated))" ""
 common-generated :=
 endif
 
-# See below.  This must be set before Makerules processes it.
-before-compile += $(common-objpfx)bits/stdio_lim.h
-
 include $(..)Makerules
 
 .PHONY: subdir_lib
@@ -88,8 +85,9 @@ tests-special += $(objpfx)check-installed-headers-c.out
 libof-check-installed-headers-c := testsuite
 $(objpfx)check-installed-headers-c.out: \
     $(..)scripts/check-installed-headers.sh $(headers)
-	$(SHELL) $(..)scripts/check-installed-headers.sh c \
-	  "$(CC) $(filter-out -std=%,$(CFLAGS)) -D_ISOMAC $(+includes)" \
+	$(SHELL) $(..)scripts/check-installed-headers.sh c $(supported-fortify) \
+	  "$(CC) $(test-config-cflags-finput-charset-ascii) \
+	     $(filter-out -std=%,$(CFLAGS)) -D_ISOMAC $(+includes)" \
 	  $(headers) > $@; \
 	$(evaluate-test)
 
@@ -100,8 +98,9 @@ tests-special += $(objpfx)check-installed-headers-cxx.out
 libof-check-installed-headers-cxx := testsuite
 $(objpfx)check-installed-headers-cxx.out: \
     $(..)scripts/check-installed-headers.sh $(headers)
-	$(SHELL) $(..)scripts/check-installed-headers.sh c++ \
-	  "$(CXX) $(filter-out -std=%,$(CXXFLAGS)) -D_ISOMAC $(+includes)" \
+	$(SHELL) $(..)scripts/check-installed-headers.sh c++ $(supported-fortify) \
+	  "$(CXX) $(test-config-cxxflags-finput-charset-ascii) \
+	     $(filter-out -std=%,$(CXXFLAGS)) -D_ISOMAC $(+includes)" \
 	  $(headers) > $@; \
 	$(evaluate-test)
 endif # $(CXX)
@@ -146,14 +145,21 @@ endif
 others: $(py-const)
 
 ifeq ($(run-built-tests),no)
+# The $(xtests) dependency ensures that xtests are always built.
 tests: $(addprefix $(objpfx),$(filter-out $(tests-unsupported), \
-                                          $(tests) $(tests-internal) \
-					  $(tests-container)) \
+                                          $(tests) $(tests-internal) $(xtests) \
+					  $(tests-container) \
+					  $(tests-mcheck:%=%-mcheck) \
+					  $(tests-malloc-check:%=%-malloc-check) \
+					  $(tests-malloc-hugetlb1:%=%-malloc-hugetlb1) \
+					  $(tests-malloc-hugetlb2:%=%-malloc-hugetlb2)) \
 			     $(test-srcs)) $(tests-special) \
 			     $(tests-printers-programs)
 xtests: tests $(xtests-special)
-else
+else # $(run-built-tests) != no
+# The $(xtests) dependency ensures that xtests are always built.
 tests: $(tests:%=$(objpfx)%.out) $(tests-internal:%=$(objpfx)%.out) \
+       $(addprefix $(objpfx),$(filter-out $(tests-unsupported), $(xtests))) \
        $(tests-container:%=$(objpfx)%.out) \
        $(tests-mcheck:%=$(objpfx)%-mcheck.out) \
        $(tests-malloc-check:%=$(objpfx)%-malloc-check.out) \
@@ -161,26 +167,28 @@ tests: $(tests:%=$(objpfx)%.out) $(tests-internal:%=$(objpfx)%.out) \
        $(tests-malloc-hugetlb2:%=$(objpfx)%-malloc-hugetlb2.out) \
        $(tests-special) $(tests-printers-out)
 xtests: tests $(xtests:%=$(objpfx)%.out) $(xtests-special)
-endif
+endif # $(run-built-tests) != no
 
 tests-special-notdir = $(patsubst $(objpfx)%, %, $(tests-special))
 xtests-special-notdir = $(patsubst $(objpfx)%, %, $(xtests-special))
 ifeq ($(run-built-tests),no)
 tests-expected =
-else
+xtests-expected =
+else # $(run-built-tests) != no
 tests-expected = $(tests) $(tests-internal) $(tests-printers) \
 	$(tests-container) $(tests-malloc-check:%=%-malloc-check) \
 	$(tests-malloc-hugetlb1:%=%-malloc-hugetlb1) \
 	$(tests-malloc-hugetlb2:%=%-malloc-hugetlb2) \
 	$(tests-mcheck:%=%-mcheck)
-endif
+xtests-expected = $(xtests)
+endif # $(run-built-tests) != no
 tests:
 	$(..)scripts/merge-test-results.sh -s $(objpfx) $(subdir) \
 	  $(sort $(tests-expected) $(tests-special-notdir:.out=)) \
 	  > $(objpfx)subdir-tests.sum
 xtests:
 	$(..)scripts/merge-test-results.sh -s $(objpfx) $(subdir) \
-	  $(sort $(xtests) $(xtests-special-notdir:.out=)) \
+	  $(sort $(xtests-expected) $(xtests-special-notdir:.out=)) \
 	  > $(objpfx)subdir-xtests.sum
 
 ifeq ($(build-programs),yes)
@@ -191,6 +199,7 @@ binaries-all = $(binaries-all-notests) $(binaries-all-tests)
 binaries-static-notests = $(others-static)
 binaries-static-tests = $(tests-static) $(xtests-static)
 binaries-static = $(binaries-static-notests) $(binaries-static-tests)
+binaries-shared-2.0-tests = $(tests-2.0)
 ifeq (yesyes,$(have-fpie)$(build-shared))
 binaries-pie-tests = $(tests-pie) $(xtests-pie)
 binaries-pie-notests = $(others-pie)
@@ -218,7 +227,8 @@ binaries-malloc-hugetlb2-tests =
 endif
 
 binaries-pie = $(binaries-pie-tests) $(binaries-pie-notests)
-binaries-shared-tests = $(filter-out $(binaries-pie) $(binaries-static), \
+binaries-shared-tests = $(filter-out $(binaries-pie) $(binaries-static) \
+				     $(binaries-shared-2.0-tests), \
 				     $(binaries-all-tests))
 binaries-shared-notests = $(filter-out $(binaries-pie) $(binaries-static), \
 				       $(binaries-all-notests))
@@ -238,6 +248,15 @@ $(addprefix $(objpfx),$(binaries-shared-tests)): %: %.o \
 	$(+link-tests)
 endif
 
+# Linking test programs with crt1.o from glibc 2.0.
+ifneq "$(strip $(binaries-shared-2.0-tests))" ""
+$(addprefix $(objpfx),$(binaries-shared-2.0-tests)): %: %.o \
+  $(link-extra-libs-tests) \
+  $(sort $(filter $(common-objpfx)lib%,$(link-libc))) \
+  $(addprefix $(csu-objpfx),start.o) $(+preinit) $(+postinit)
+	$(+link-2.0-tests)
+endif
+
 ifneq "$(strip $(binaries-mcheck-tests))" ""
 $(addprefix $(objpfx),$(binaries-mcheck-tests)): %-mcheck: %.o \
   $(link-extra-libs-tests) \

SECURITY.md

@@ -0,0 +1,176 @@
+# The GNU C Library Security Policy
+
+This document describes the policy followed by the GNU C Library maintainers
+to handle bugs that may have a security impact.  This includes determining if a
+bug has a security impact, reporting such bugs to the community and handling
+such bugs all the way to resolution.  This policy may evolve over time, so if
+you're reading this from a release tarball, be sure to check the latest copy of
+the [SECURITY.md in the
+repository](https://sourceware.org/git/?p=glibc.git;a=blob;f=SECURITY.md),
+especially for instructions on reporting issues privately.
+
+## What is a security bug?
+
+Most security vulnerabilities in the GNU C Library materialize only after an
+application uses functionality in a specific way.  Therefore, it is sometimes
+difficult to determine if a defect in the GNU C Library constitutes a
+vulnerability as such.  The follow guidelines can help with a decision.
+
+* Buffer overflows should be treated as security bugs if it is conceivable that
+  the data triggering them can come from an untrusted source.
+* Other bugs that cause memory corruption which is likely exploitable should be
+  treated as security bugs.
+* Information disclosure can be security bugs, especially if exposure through
+  applications can be determined.
+* Memory leaks and races are security bugs if they cause service breakage.
+* Stack overflow through unbounded alloca calls or variable-length arrays are
+  security bugs if it is conceivable that the data triggering the overflow
+  could come from an untrusted source.
+* Stack overflow through deep recursion and other crashes are security bugs if
+  they cause service breakage.
+* Bugs that cripple the whole system (so that it doesn't even boot or does not
+  run most applications) are not security bugs because they will not be
+  exploitable in practice, due to general system instability.
+* Bugs that crash `nscd` are generally security bugs, except if they can only
+  be triggered by a trusted data source (DNS is not trusted, but NIS and LDAP
+  probably are).
+* The [Security Exceptions](#SecurityExceptions) section below describes
+  subsystems for which determining the security status of bugs is especially
+  complicated.
+* For consistency, if the bug has received a CVE name attributing it to the GNU
+  C library, it should be flagged `security+`.
+* Duplicates of security bugs (flagged with `security+`) should be flagged
+  `security-`, to avoid cluttering the reporting.
+
+In this context, _service breakage_ means client-side privilege escalation
+(code execution) or server-side denial of service or privilege escalation
+through actual, concrete, non-synthetic applications. Or put differently, if
+the GNU C Library causes a security bug in an application (and the application
+uses the library in a standard-conforming manner or according to the manual),
+the GNU C Library bug should be treated as security-relevant.
+
+### Security Exceptions
+
+It may be especially complicated to determine the security status of bugs in
+some subsystems in the GNU C Library.  This subsection describes such
+subsystems and the special considerations applicable during security bug
+classification in them.
+
+#### Regular expression processing
+
+Regular expression processing comes in two parts, compilation (through regcomp)
+and execution (through regexec).
+
+Implementing regular expressions efficiently, in a standard-conforming way, and
+without denial-of-service vulnerabilities is very difficult and impossible for
+Basic Regular Expressions. Most implementation strategies have issues dealing
+with certain classes of patterns.
+
+Consequently, certain issues which can be triggered only with crafted patterns
+(either during compilation or execution) are treated as regular bugs and not
+security issues.  Examples of such issues would include (but is not limited
+to):
+
+ * Running out of memory through valid use of malloc
+ * Quadratic or exponential behaviour resulting in slow execution time
+ * Stack overflows due to recursion when processing patterns
+
+Crashes, infinite loops (and not merely exponential behavior), buffer overflows
+and overreads, memory leaks and other bugs resulting from the regex
+implementation relying on undefined behavior should be treated as security
+vulnerabilities.
+
+#### wordexp patterns
+
+`wordexp` inherently has exponential memory consumption in terms of the input
+size.  This means that denial of service flaws from crafted patterns are not
+security issues (even if they lead to other issues, such as NULL pointer
+dereferences).
+
+#### Asynchronous I/O
+
+The GNU C Library tries to implement asynchronous I/O without kernel support,
+which means that several operations are not fully standard conforming.  Several
+known races can cause crashes and resource leaks.  Such bugs are only treated
+as security bugs if applications (as opposed to synthetic test cases) have
+security exposures due to these bugs.
+
+#### Asynchronous cancellation
+
+The implementation of asynchronous cancellation is not fully
+standard-conforming and has races and leaks.  Again, such bugs are only treated
+as security bugs if applications (as opposed to synthetic test cases) have
+security exposures due to these bugs.
+
+#### Crafted binaries and ldd
+
+The `ldd` tool is not expected to be used with untrusted executables.
+
+#### Post-exploitation countermeasures
+
+Certain features have been added to the library only to make exploitation of
+security bugs (mainly for code execution) more difficult.  Examples includes
+the stack smashing protector, function pointer obfuscation, vtable validation
+for stdio stream handles, and various heap consistency checks.  Failure of such
+countermeasures to stop exploitation of a different vulnerability is not a
+security vulnerability in itself.  By their nature, these countermeasures are
+based on heuristics and will never offer complete protection, so the original
+vulnerability needs to be fixed anyway.
+
+## Reporting security bugs
+
+The process to report security bugs is documented on the glibc [security
+page](https://sourceware.org/glibc/security.html).  In general, most security
+bugs may be reported publicly in the [glibc
+bugzilla](https://sourceware.org/glibc/bugs.html), but if in doubt, please feel
+free to report security issues privately first.
+
+## Triaging security bugs
+
+This section is aimed at developers, not reporters.
+
+Security-relevant bugs should be marked with `security+`, as per the [Bugzilla
+security flag
+documentation](https://sourceware.org/glibc/wiki/Bugzilla%20Procedures#security),
+following the guidelines above.  If you set the `security+` flag, you should
+make sure the following information is included in the bug (usually in a bug
+comment):
+
+* The first glibc version which includes the vulnerable code.  If the
+  vulnerability was introduced before glibc 2.4 (released in 2006), this
+  information is not necessary.
+* The commit or commits (identified by hash) that fix this vulnerability in the
+  master branch, and (for historic security bugs) the first release that
+  includes this fix.
+* The summary should include the CVE names (if any), in parentheses at the end.
+* If there is a single CVE name assigned to this bug, it should be set as an
+  alias.
+
+The following links are helpful for finding untriaged bugs:
+
+* [Unprocessed bugs](https://sourceware.org/bugzilla/buglist.cgi?f1=flagtypes.name&o1=notsubstring&product=glibc&query_format=advanced&v1=security)
+* [`security?` review requests](https://sourceware.org/bugzilla/buglist.cgi?f1=flagtypes.name&o1=substring&product=glibc&query_format=advanced&v1=security%3f)
+* [Open `security+` bugs](https://sourceware.org/bugzilla/buglist.cgi?bug_status=UNCONFIRMED&bug_status=NEW&bug_status=ASSIGNED&bug_status=SUSPENDED&bug_status=WAITING&bug_status=REOPENED&bug_status=VERIFIED&f1=flagtypes.name&o1=substring&product=glibc&query_format=advanced&v1=security%2B)
+
+## Fixing security bugs
+
+For changes to master, the regular [consensus-driven
+process](https://sourceware.org/glibc/wiki/Consensus) must be followed.  It
+makes sense to obtain consensus in private, to ensure that the patch is likely
+in a committable state, before disclosing an emboargoed vulnerability.
+
+Security backports to release branches need to follow the
+[release process](https://sourceware.org/glibc/wiki/Release#General_policy).
+
+Contact the [website
+maintainers](https://sourceware.org/glibc/wiki/MAINTAINERS#Maintainers_for_the_website)
+and have them draft a news entry for the website frontpage to direct users to
+the bug, the fix, or the mailing list discussions.
+
+## CVE assignment
+
+Security bugs flagged with `security+` should have [CVE
+identifiers](http://cve.mitre.org/about/). Please reach out to the glibc
+security team using the documented [security
+process](https://sourceware.org/glibc/security.html) and they work on getting a
+CVE number.

SHARED-FILES

@@ -27,8 +27,6 @@ gnulib:
   argp/argp-pvh.c
   argp/argp-xinl.c
   argp/argp.h
-  crypt/md5.c
-  crypt/md5.h
   dirent/alphasort.c
   dirent/scandir.c
   # Merged from gnulib 2021-09-21
@@ -113,6 +111,9 @@ gnulib:
   string/strstr.c
   string/strtok_r.c
   string/strverscmp.c
+  # Merged from gnulib 2024-04-08 (gnulib commit 3238349628)
+  stdio-common/tmpdir.c
+  stdio-common/tmpdir.h
   sysdeps/generic/pty-private.h
   sysdeps/generic/siglist.h
   sysdeps/posix/euidaccess.c
@@ -120,7 +121,7 @@ gnulib:
   sysdeps/posix/getcwd.c
   sysdeps/posix/pwrite.c
   sysdeps/posix/spawni.c
-  # Merged from gnulib 2014-6-23
+  # Merged from gnulib 2024-04-08 (gnulib commit 3238349628)
   sysdeps/posix/tempname.c
   # Merged from gnulib 2014-6-27
   time/mktime.c
@@ -165,37 +166,47 @@ gettext:
   intl/plural.y
   intl/textdomain.c
 
+# The following files are bundled from upstream Linux 6.10 for FUSE testing
+# support.
+linux:
+  support/bundled/linux/COPYING
+  support/bundled/linux/LICENSES
+  support/bundled/linux/LICENSES/exceptions/Linux-syscall-note
+  support/bundled/linux/LICENSES/preferred/GPL-2.0
+  support/bundled/linux/include/uapi/linux/fuse.h
+
 # The following files are shared with the upstream Unicode project and must be
 # updated regularly to stay in sync with the upstream unicode releases.
 #
-# Merged from Unicode 13.0.0 release.
+# Merged from Unicode 16.0.0 release.
 unicode:
   localedata/unicode-gen/UnicodeData.txt
   localedata/unicode-gen/unicode-license.txt
   localedata/unicode-gen/DerivedCoreProperties.txt
   localedata/unicode-gen/EastAsianWidth.txt
-  localedata/unicode-gen/PropList.txt
+  localedata/unicode-gen/HangulSyllableType.txt
 
 # The following files are shared with the upstream tzcode project and must be
 # updated regularly to stay in sync with the upstream releases.
 #
-# Update from tzcode 2017b.
-# Latest is 2018g:
-#   https://mm.icann.org/pipermail/tz-announce/2018-October/000052.html
+# Currently synced to TZDB 2024b, announced and distributed here:
+#	https://github.com/eggert/tz/releases/tag/2024b
 tzcode:
   timezone/private.h
   timezone/tzfile.h
+  timezone/tzselect.ksh
+  timezone/version
   timezone/zdump.c
   timezone/zic.c
-  timezone/tzselect.ksh
 
 # The following files are shared with the upstream tzdata project but is not
 # synchronized regularly. The data files themselves are used only for testing
 # purposes and their data is never used to generate any output. We synchronize
 # them only to stay on top of newer data that might help with testing.
 #
-# Currently synced to 2009i.  Latest is 2018g.
-# https://mm.icann.org/pipermail/tz-announce/2018-October/000052.html
+# Currently synced to tzcode 2009i, announced and distributed here:
+#	https://mm.icann.org/pipermail/tz/2009-June/040697.html
+#	https://data.iana.org/time-zones/releases/tzdata2009i.tar.gz
 tzdata:
   timezone/africa
   timezone/antarctica
@@ -217,3 +228,137 @@ tzdata:
   timezone/leapseconds
   # This is yearistype.sh in the parent project
   timezone/yearistype
+
+# The following files are shared with the CORE-MATH project
+sysdeps/ieee754/flt-32/e_gammaf_r.c
+  (file src/binary32/tgamma/tgammaf.c in CORE-MATH)
+  Instructions to merge new versions:
+  - change the function name from cr_tgammaf to __ieee754_gammaf_r
+  - add "int *signgamp" as 2nd argument and add at the beginning:
+    if (signgamp != NULL) *signgamp = 1;
+  - remove the errno stuff (this is done by the wrapper)
+  - replace 0x1p127f * 0x1p127f by math_narrow_eval (x * 0x1p127f)
+  - replace 0x1p-127f * sgn[k&1] by math_narrow_eval (0x1p-127f * sgn[k&1])
+  - add libm_alias_finite (__ieee754_gammaf_r, __gammaf_r) at the end
+sysdeps/ieee754/flt-32/s_exp10m1f.c
+  (file src/binary32/exp10m1/exp10m1f.c in CORE-MATH)
+  - The code was adapted to use glibc code style and internal
+    functions to handle errno, overflow, and underflow.
+sysdeps/ieee754/flt-32/s_exp2m1f.c
+  (file src/binary32/exp2m1/exp2m1f.c in CORE-MATH)
+  - The code was adapted to use glibc code style and internal
+    functions to handle errno, overflow, and underflow.
+sysdeps/ieee754/flt-32/s_expm1f.c
+  (file src/binary32/expm1/expm1f.c in CORE-MATH)
+  - The code was adapted to use glibc code style and internal
+    functions to handle errno, overflow, and underflow.
+sysdeps/ieee754/flt-32/e_log10f.c
+  (file src/binary32/log10/log10f.c in CORE-MATH)
+  - The code was adapted to use glibc code style and internal
+    functions to handle errno, overflow, and underflow.
+sysdeps/ieee754/flt-32/s_log2p1f.c
+  (file src/binary32/log2p1/log2p1f.c in CORE-MATH)
+  - The code was adapted to use glibc code style and internal
+    functions to handle errno, overflow, and underflow.
+sysdeps/ieee754/flt-32/s_log1pf.c
+  (file src/binary32/log1p/log1pf.c in CORE-MATH)
+  - The code was adapted to use glibc code style and internal
+    functions to handle errno, overflow, and underflow.
+sysdeps/ieee754/flt-32/s_log10p1f.c
+  (file src/binary32/log10p1/log10p1f.c in CORE-MATH)
+  - The code was adapted to use glibc code style and internal
+    functions to handle errno, overflow, and underflow.
+sysdeps/ieee754/flt-32/s_cbrtf.c
+  (file src/binary32/cbrt/cbrtf.c in CORE-MATH)
+  - The code was adapted to use glibc code style and internal
+    functions to handle errno, overflow, and underflow.
+sysdeps/ieee754/flt-32/s_erff.c
+  (file src/binary32/erf/erff.c in CORE-MATH)
+  - The code was adapted to use glibc code style and internal
+    functions to handle errno, overflow, and underflow.
+sysdeps/ieee754/flt-32/s_erfcf.c
+  (file src/binary32/erfc/erfcf.c in CORE-MATH)
+  - The code was adapted to use glibc code style and internal
+    functions to handle errno, overflow, and underflow.
+sysdeps/ieee754/flt-32/e_lgammaf_r.c:
+  (file src/binary32/lgamma/lgammaf.c in CORE-MATH)
+  - change the function name from cr_lgammaf to __ieee754_lgammaf_r
+  - add "int *signgamp" as 2nd argument and add at the beginning:
+    if (signgamp != NULL) *signgamp = 1;
+  - remove the errno stuff (this is done by the wrapper)
+  - replace 0x1p127f * 0x1p127f by math_narrow_eval (x * 0x1p127f)
+  - add libm_alias_finite (__ieee754_lgammaf_r, __lgammaf_r) at the end
+sysdeps/ieee754/flt-32/s_tanf.c:
+  (src/binary32/tan/tanf.c in CORE-MATH)
+  - The code was adapted to use glibc code style and internal
+    functions to handle errno, overflow, and underflow.  It was changed
+    to use an internal wrapper for 128 bit unsigned integer operations
+    for ABIs that do not support the type natively.
+sysdeps/ieee754/flt-32/e_acosf.c:
+  (src/binary32/acos/acosf.c in CORE-MATH)
+  - The code was adapted to use glibc code style and internal
+    functions to handle errno, overflow, and underflow.
+sysdeps/ieee754/flt-32/e_acoshf.c:
+  (src/binary32/acosh/acoshf.c in CORE-MATH)
+  - The code was adapted to use glibc code style and internal
+    functions to handle errno, overflow, and underflow.
+sysdeps/ieee754/flt-32/e_asinf.c:
+  (src/binary32/asin/asinf.c in CORE-MATH)
+  - The code was adapted to use glibc code style and internal
+    functions to handle errno, overflow, and underflow.
+sysdeps/ieee754/flt-32/s_asinhf.c:
+  (src/binary32/asinh/asinhf.c in CORE-MATH)
+  - The code was adapted to use glibc code style and internal
+    functions to handle errno, overflow, and underflow.
+sysdeps/ieee754/flt-32/s_atanf.c:
+  (src/binary32/atan/atanf.c in CORE-MATH)
+  - The code was adapted to use glibc code style and internal
+    functions to handle errno, overflow, and underflow.
+sysdeps/ieee754/flt-32/e_atan2f.c:
+  (src/binary32/atan2/atan2f.c in CORE-MATH)
+  - The code was adapted to use glibc code style and internal
+    functions to handle errno, overflow, and underflow.
+sysdeps/ieee754/flt-32/e_atanhf.c:
+  (src/binary32/atanh/atanhf.c in CORE-MATH)
+  - The code was adapted to use glibc code style and internal
+    functions to handle errno, overflow, and underflow.
+sysdeps/ieee754/flt-32/e_coshf.c:
+  (src/binary32/cosh/coshf.c in CORE-MATH)
+  - the code was adapted to use glibc code style and internal
+    functions to handle errno, overflow, and underflow.
+sysdeps/ieee754/flt-32/e_sinhf.c:
+  (src/binary32/sinh/sinhf.c in CORE-MATH)
+  - the code was adapted to use glibc code style and internal
+    functions to handle errno, overflow, and underflow.
+sysdeps/ieee754/flt-32/s_tanhf.c:
+  (src/binary32/tanh/tanhf.c in CORE-MATH)
+  - the code was adapted to use glibc code style and internal
+    functions to handle errno, overflow, and underflow.
+sysdeps/ieee754/flt-32/s_acospif.c:
+  (src/binary32/acospi/acospif.c in CORE-MATH)
+  - the code was adapted to use glibc code style and internal
+    functions to handle errno, overflow, and underflow.
+sysdeps/ieee754/flt-32/s_asinpif.c:
+  (src/binary32/asinpi/asinpif.c in CORE-MATH)
+  - the code was adapted to use glibc code style and internal
+    functions to handle errno, overflow, and underflow.
+sysdeps/ieee754/flt-32/s_atan2pif.c:
+  (src/binary32/atan2pi/atan2pif.c in CORE-MATH)
+  - the code was adapted to use glibc code style and internal
+    functions to handle errno, overflow, and underflow.
+sysdeps/ieee754/flt-32/s_atanpif.c:
+  (src/binary32/atanpi/atanpif.c in CORE-MATH)
+  - the code was adapted to use glibc code style and internal
+    functions to handle errno, overflow, and underflow.
+sysdeps/ieee754/flt-32/s_cospif.c:
+  (src/binary32/cospi/cospif.c in CORE-MATH)
+  - the code was adapted to use glibc code style and internal
+    functions to handle errno, overflow, and underflow.
+sysdeps/ieee754/flt-32/s_sinpif.c:
+  (src/binary32/sinpi/sinpif.c in CORE-MATH)
+  - the code was adapted to use glibc code style and internal
+    functions to handle errno, overflow, and underflow.
+sysdeps/ieee754/flt-32/s_tanpif.c:
+  (src/binary32/tanpi/tanpif.c in CORE-MATH)
+  - the code was adapted to use glibc code style and internal
+    functions to handle errno, overflow, and underflow.

aclocal.m4

@@ -2,7 +2,7 @@ dnl We require that everyone use exactly the same Autoconf version so that
 dnl the internal functions defined and used by the main configure script
 dnl match those expected by the fragments.  When changing this version,
 dnl install.texi also needs to be updated.
-m4_define([GLIBC_AUTOCONF_VERSION], [2.69])
+m4_define([GLIBC_AUTOCONF_VERSION], [2.72])
 m4_if(m4_defn([AC_AUTOCONF_VERSION]), GLIBC_AUTOCONF_VERSION, [],
       [m4_fatal(m4_flatten(
 Exactly version GLIBC_AUTOCONF_VERSION of Autoconf is required but you have
@@ -167,6 +167,12 @@ AC_DEFUN([LIBC_TRY_CC_OPTION],
 [AS_IF([AC_TRY_COMMAND([${CC-cc} $1 -xc /dev/null -S -o /dev/null])],
 	[$2], [$3])])
 
+dnl Test a C++ compiler option or options with an empty input file.
+dnl LIBC_TRY_CXX_OPTION([options], [action-if-true], [action-if-false])
+AC_DEFUN([LIBC_TRY_CXX_OPTION],
+[AS_IF([AC_TRY_COMMAND([${CXX-c++} $1 -xc++ /dev/null -S -o /dev/null])],
+	[$2], [$3])])
+
 dnl Find and source sysdeps/*/preconfigure.
 dnl LIBC_PRECONFIGURE([$srcdir], [for])
 AC_DEFUN([LIBC_PRECONFIGURE], [dnl
@@ -315,3 +321,158 @@ case "$prefix" in
   fi
   ;;
 esac])
+
+dnl Run a test with TEST_CC.
+dnl LIBC_CHECK_TEST_CC([commands])
+AC_DEFUN([LIBC_CHECK_TEST_CC],
+[
+saved_CC="$CC"
+CC="$TEST_CC"
+[$1]
+CC="$saved_CC"
+])
+
+dnl Run a test with TEST_CXX.
+dnl LIBC_CHECK_TEST_CXX([commands])
+AC_DEFUN([LIBC_CHECK_TEST_CXX],
+[
+saved_CXX="$CXX"
+CXX="$TEST_CXX"
+[$1]
+CXX="$saved_CXX"
+])
+
+dnl Test a CC and TEST_CC compiler option or options with an empty input
+dnl file.
+dnl LIBC_TRY_CC_AND_TEST_CC_OPTION([message], [options],
+dnl   [CC-cache-id], [CC-action-if-true], [CC-action-if-false]
+dnl   [TEST_CC-cache-id], [TEST_CC-action-if-true], [TEST_CC-action-if-false])
+AC_DEFUN([LIBC_TRY_CC_AND_TEST_CC_OPTION],
+[
+AC_CACHE_CHECK([$1], $3,
+  [LIBC_TRY_CC_OPTION([$2], [$4], [$5])])
+if test "$TEST_CC" = "$CC"; then
+  $6=$[$3]
+else
+  LIBC_CHECK_TEST_CC(
+    AC_CACHE_CHECK([$1 in testing], $6,
+      [LIBC_TRY_CC_OPTION([$2], [$7], [$8])])
+  )
+fi
+])
+
+dnl Test a CC and TEST_CC compiler option or options with an input file.
+dnl LIBC_TRY_CC_AND_TEST_CC_COMMAND([message], [code], [options],
+dnl   [CC-cache-id], [CC-action-if-true], [CC-action-if-false]
+dnl   [TEST_CC-cache-id], [TEST_CC-action-if-true], [TEST_CC-action-if-false])
+AC_DEFUN([LIBC_TRY_CC_AND_TEST_CC_COMMAND],
+[
+cat > conftest.c <<EOF
+$2
+EOF
+AC_CACHE_CHECK([$1], $4, [dnl
+  if AC_TRY_COMMAND([${CC-cc} $CFLAGS $CPPFLAGS $3 conftest.c -o conftest 1>&AS_MESSAGE_LOG_FD])
+  then
+    [$5]
+  else
+    [$6]
+  fi
+])
+if test "$TEST_CC" = "$CC"; then
+  $7=$[$4]
+else
+  LIBC_CHECK_TEST_CC(
+    AC_CACHE_CHECK([$1 in testing], $7, [dnl
+      if AC_TRY_COMMAND([${CC-cc} $CFLAGS $CPPFLAGS $3 conftest.c -o conftest 1>&AS_MESSAGE_LOG_FD])
+      then
+	[$8]
+      else
+	[$9]
+      fi])
+  )
+fi
+rm -f conftest*])
+
+dnl Test if CC and TEST_CC can link with an input file.
+dnl LIBC_TRY_CC_AND_TEST_LINK([message], [code],
+dnl   [CC-cache-id], [CC-action-if-true], [CC-action-if-false]
+dnl   [TEST_CC-cache-id], [TEST_CC-action-if-true], [TEST_CC-action-if-false])
+AC_DEFUN([LIBC_TRY_CC_AND_TEST_LINK],
+[
+AC_CACHE_CHECK([$1], $3, [
+  AC_LINK_IFELSE([AC_LANG_PROGRAM([], [$2])],
+   [$4], [$5])
+])
+if test "$TEST_CC" = "$CC"; then
+  $6=$[$3]
+else
+  LIBC_CHECK_TEST_CC(
+    AC_CACHE_CHECK([$1 in testing], $6, [
+      AC_LINK_IFELSE([AC_LANG_PROGRAM([], [$2])],
+      [$7], [$8])
+    ])
+  )
+fi
+])
+
+dnl Test a TEST_CC compiler option or options with an input file.
+dnl LIBC_TRY_TEST_CC_COMMAND([message], [code], [options],
+dnl   [TEST_CC-cache-id], [TEST_CC-action-if-true], [TEST_CC-action-if-false])
+AC_DEFUN([LIBC_TRY_TEST_CC_COMMAND],
+[
+cat > conftest.c <<EOF
+$2
+EOF
+LIBC_CHECK_TEST_CC(
+  AC_CACHE_CHECK([$1 in testing], $4, [dnl
+    if AC_TRY_COMMAND([${CC-cc} $CFLAGS $CPPFLAGS $3 conftest.c -o conftest 1>&AS_MESSAGE_LOG_FD])
+    then
+      [$5]
+    else
+      [$6]
+    fi])
+)
+rm -f conftest*])
+
+dnl Test a TEST_CXX compiler option or options with an input file.
+dnl LIBC_TRY_TEST_CXX_COMMAND([message], [code], [options],
+dnl   [TEST_CXX-cache-id], [TEST_CXX-action-if-true],
+dnl   [TEST_CXX-action-if-false])
+AC_DEFUN([LIBC_TRY_TEST_CXX_COMMAND],
+[
+cat > conftest.cc <<EOF
+$2
+EOF
+LIBC_CHECK_TEST_CXX(
+  AC_CACHE_CHECK([$1 in testing], $4, [dnl
+    if AC_TRY_COMMAND([${CXX-c++} $CXXFLAGS $CPPFLAGS $3 conftest.cc -o conftest 1>&AS_MESSAGE_LOG_FD])
+    then
+      [$5]
+    else
+      [$6]
+    fi])
+)
+rm -f conftest*])
+
+dnl Test a TEST_CC compiler option or options with an empty input file.
+dnl LIBC_TRY_TEST_CC_OPTION([message], [options],
+dnl   [TEST_CC-cache-id], [TEST_CC-action-if-true], [TEST_CC-action-if-false])
+AC_DEFUN([LIBC_TRY_TEST_CC_OPTION],
+[
+LIBC_CHECK_TEST_CC(
+  AC_CACHE_CHECK([$1 in testing], $3,
+    [LIBC_TRY_CC_OPTION([$2], [$4], [$5])])
+  )
+])
+
+dnl Test a TEST_CXX compiler option or options with an empty input file.
+dnl LIBC_TRY_TEST_CXX_OPTION([message], [options],
+dnl   [TEST_CXX-cache-id], [TEST_CXX-action-if-true],
+dnl   [TEST_CXX-action-if-false])
+AC_DEFUN([LIBC_TRY_TEST_CXX_OPTION],
+[
+LIBC_CHECK_TEST_CXX(
+  AC_CACHE_CHECK([$1 in testing], $3,
+    [LIBC_TRY_CXX_OPTION([$2], [$4], [$5])])
+  )
+])

advisories/GLIBC-SA-2023-0001

@@ -0,0 +1,14 @@
+printf: incorrect output for integers with thousands separator and width field
+
+When the printf family of functions is called with a format specifier
+that uses an <apostrophe> (enable grouping) and a minimum width
+specifier, the resulting output could be larger than reasonably expected
+by a caller that computed a tight bound on the buffer size.  The
+resulting larger than expected output could result in a buffer overflow
+in the printf family of functions.
+
+CVE-Id: CVE-2023-25139
+Public-Date: 2023-02-02
+Vulnerable-Commit: e88b9f0e5cc50cab57a299dc7efe1a4eb385161d (2.37)
+Fix-Commit: c980549cc6a1c03c23cc2fe3e7b0fe626a0364b0 (2.38)
+Fix-Commit: 07b9521fc6369d000216b96562ff7c0ed32a16c4 (2.37-4)

advisories/GLIBC-SA-2023-0002

@@ -0,0 +1,15 @@
+getaddrinfo: Stack read overflow in no-aaaa mode
+
+If the system is configured in no-aaaa mode via /etc/resolv.conf,
+getaddrinfo is called for the AF_UNSPEC address family, and a DNS
+response is received over TCP that is larger than 2048 bytes,
+getaddrinfo may potentially disclose stack contents via the returned
+address data, or crash.
+
+CVE-Id: CVE-2023-4527
+Public-Date: 2023-09-12
+Vulnerable-Commit: f282cdbe7f436c75864e5640a409a10485e9abb2 (2.36)
+Fix-Commit: bd77dd7e73e3530203be1c52c8a29d08270cb25d (2.39)
+Fix-Commit: 4ea972b7edd7e36610e8cde18bf7a8149d7bac4f (2.36-113)
+Fix-Commit: b7529346025a130fee483d42178b5c118da971bb (2.37-38)
+Fix-Commit: b25508dd774b617f99419bdc3cf2ace4560cd2d6 (2.38-19)

advisories/GLIBC-SA-2023-0003

@@ -0,0 +1,15 @@
+getaddrinfo: Potential use-after-free
+
+When an NSS plugin only implements the _gethostbyname2_r and
+_getcanonname_r callbacks, getaddrinfo could use memory that was freed
+during buffer resizing, potentially causing a crash or read or write to
+arbitrary memory.
+
+CVE-Id: CVE-2023-4806
+Public-Date: 2023-09-12
+Fix-Commit: 973fe93a5675c42798b2161c6f29c01b0e243994 (2.39)
+Fix-Commit: e09ee267c03e3150c2c9ba28625ab130705a485e (2.34-420)
+Fix-Commit: e3ccb230a961b4797510e6a1f5f21fd9021853e7 (2.35-270)
+Fix-Commit: a9728f798ec7f05454c95637ee6581afaa9b487d (2.36-115)
+Fix-Commit: 6529a7466c935f36e9006b854d6f4e1d4876f942 (2.37-39)
+Fix-Commit: 00ae4f10b504bc4564e9f22f00907093f1ab9338 (2.38-20)

advisories/GLIBC-SA-2023-0004

@@ -0,0 +1,16 @@
+tunables: local privilege escalation through buffer overflow
+
+If a tunable of the form NAME=NAME=VAL is passed in the environment of a
+setuid program and NAME is valid, it may result in a buffer overflow,
+which could be exploited to achieve escalated privileges.  This flaw was
+introduced in glibc 2.34.
+
+CVE-Id: CVE-2023-4911
+Public-Date: 2023-10-03
+Vulnerable-Commit: 2ed18c5b534d9e92fc006202a5af0df6b72e7aca (2.34)
+Fix-Commit: 1056e5b4c3f2d90ed2b4a55f96add28da2f4c8fa (2.39)
+Fix-Commit: dcc367f148bc92e7f3778a125f7a416b093964d9 (2.34-423)
+Fix-Commit: c84018a05aec80f5ee6f682db0da1130b0196aef (2.35-274)
+Fix-Commit: 22955ad85186ee05834e47e665056148ca07699c (2.36-118)
+Fix-Commit: b4e23c75aea756b4bddc4abcf27a1c6dca8b6bd3 (2.37-45)
+Fix-Commit: 750a45a783906a19591fb8ff6b7841470f1f5701 (2.38-27)

advisories/GLIBC-SA-2023-0005

@@ -0,0 +1,18 @@
+getaddrinfo: DoS due to memory leak
+
+The fix for CVE-2023-4806 introduced a memory leak when an application
+calls getaddrinfo for AF_INET6 with AI_CANONNAME, AI_ALL and AI_V4MAPPED
+flags set.
+
+CVE-Id: CVE-2023-5156
+Public-Date: 2023-09-25
+Vulnerable-Commit: e09ee267c03e3150c2c9ba28625ab130705a485e (2.34-420)
+Vulnerable-Commit: e3ccb230a961b4797510e6a1f5f21fd9021853e7 (2.35-270)
+Vulnerable-Commit: a9728f798ec7f05454c95637ee6581afaa9b487d (2.36-115)
+Vulnerable-Commit: 6529a7466c935f36e9006b854d6f4e1d4876f942 (2.37-39)
+Vulnerable-Commit: 00ae4f10b504bc4564e9f22f00907093f1ab9338 (2.38-20)
+Fix-Commit: 8006457ab7e1cd556b919f477348a96fe88f2e49 (2.34-421)
+Fix-Commit: 17092c0311f954e6f3c010f73ce3a78c24ac279a (2.35-272)
+Fix-Commit: 856bac55f98dc840e7c27cfa82262b933385de90 (2.36-116)
+Fix-Commit: 4473d1b87d04b25cdd0e0354814eeaa421328268 (2.37-42)
+Fix-Commit: 5ee59ca371b99984232d7584fe2b1a758b4421d3 (2.38-24)

advisories/GLIBC-SA-2024-0001

@@ -0,0 +1,15 @@
+syslog: Heap buffer overflow in __vsyslog_internal
+
+__vsyslog_internal did not handle a case where printing a SYSLOG_HEADER
+containing a long program name failed to update the required buffer
+size, leading to the allocation and overflow of a too-small buffer on
+the heap.
+
+CVE-Id: CVE-2023-6246
+Public-Date: 2024-01-30
+Vulnerable-Commit: 52a5be0df411ef3ff45c10c7c308cb92993d15b1 (2.37)
+Fix-Commit: 6bd0e4efcc78f3c0115e5ea9739a1642807450da (2.39)
+Fix-Commit: 23514c72b780f3da097ecf33a793b7ba9c2070d2 (2.38-42)
+Fix-Commit: 97a4292aa4a2642e251472b878d0ec4c46a0e59a (2.37-57)
+Vulnerable-Commit: b0e7888d1fa2dbd2d9e1645ec8c796abf78880b9 (2.36-16)
+Fix-Commit: d1a83b6767f68b3cb5b4b4ea2617254acd040c82 (2.36-126)

advisories/GLIBC-SA-2024-0002

@@ -0,0 +1,15 @@
+syslog: Heap buffer overflow in __vsyslog_internal
+
+__vsyslog_internal used the return value of snprintf/vsnprintf to
+calculate buffer sizes for memory allocation.  If these functions (for
+any reason) failed and returned -1, the resulting buffer would be too
+small to hold output.
+
+CVE-Id: CVE-2023-6779
+Public-Date: 2024-01-30
+Vulnerable-Commit: 52a5be0df411ef3ff45c10c7c308cb92993d15b1 (2.37)
+Fix-Commit: 7e5a0c286da33159d47d0122007aac016f3e02cd (2.39)
+Fix-Commit: d0338312aace5bbfef85e03055e1212dd0e49578 (2.38-43)
+Fix-Commit: 67062eccd9a65d7fda9976a56aeaaf6c25a80214 (2.37-58)
+Vulnerable-Commit: b0e7888d1fa2dbd2d9e1645ec8c796abf78880b9 (2.36-16)
+Fix-Commit: 2bc9d7c002bdac38b5c2a3f11b78e309d7765b83 (2.36-127)

advisories/GLIBC-SA-2024-0003

@@ -0,0 +1,13 @@
+syslog: Integer overflow in __vsyslog_internal
+
+__vsyslog_internal calculated a buffer size by adding two integers, but
+did not first check if the addition would overflow.
+
+CVE-Id: CVE-2023-6780
+Public-Date: 2024-01-30
+Vulnerable-Commit: 52a5be0df411ef3ff45c10c7c308cb92993d15b1 (2.37)
+Fix-Commit: ddf542da94caf97ff43cc2875c88749880b7259b (2.39)
+Fix-Commit: d37c2b20a4787463d192b32041c3406c2bd91de0 (2.38-44)
+Fix-Commit: 2b58cba076e912961ceaa5fa58588e4b10f791c0 (2.37-59)
+Vulnerable-Commit: b0e7888d1fa2dbd2d9e1645ec8c796abf78880b9 (2.36-16)
+Fix-Commit: b9b7d6a27aa0632f334352fa400771115b3c69b7 (2.36-128)

advisories/GLIBC-SA-2024-0004

@@ -0,0 +1,28 @@
+ISO-2022-CN-EXT: fix out-of-bound writes when writing escape sequence
+
+The iconv() function in the GNU C Library versions 2.39 and older may 
+overflow the output buffer passed to it by up to 4 bytes when converting 
+strings to the ISO-2022-CN-EXT character set, which may be used to 
+crash an application or overwrite a neighbouring variable.
+
+ISO-2022-CN-EXT uses escape sequences to indicate character set changes
+(as specified by RFC 1922).  While the SOdesignation has the expected
+bounds checks, neither SS2designation nor SS3designation have its;
+allowing a write overflow of 1, 2, or 3 bytes with fixed values:
+'$+I', '$+J', '$+K', '$+L', '$+M', or '$*H'.
+
+CVE-Id: CVE-2024-2961
+Public-Date: 2024-04-17
+Vulnerable-Commit: 755104edc75c53f4a0e7440334e944ad3c6b32fc (2.1.93-169)
+Fix-Commit: f9dc609e06b1136bb0408be9605ce7973a767ada (2.40)
+Fix-Commit: 31da30f23cddd36db29d5b6a1c7619361b271fb4 (2.39-31)
+Fix-Commit: e1135387deded5d73924f6ca20c72a35dc8e1bda (2.38-66)
+Fix-Commit: 89ce64b269a897a7780e4c73a7412016381c6ecf (2.37-89)
+Fix-Commit: 4ed98540a7fd19f458287e783ae59c41e64df7b5 (2.36-164)
+Fix-Commit: 36280d1ce5e245aabefb877fe4d3c6cff95dabfa (2.35-315)
+Fix-Commit: a8b0561db4b9847ebfbfec20075697d5492a363c (2.34-459)
+Fix-Commit: ed4f16ff6bed3037266f1fa682ebd32a18fce29c (2.33-263)
+Fix-Commit: 682ad4c8623e611a971839990ceef00346289cc9 (2.32-140)
+Fix-Commit: 3703c32a8d304c1ee12126134ce69be965f38000 (2.31-154)
+
+Reported-By: Charles Fol

advisories/GLIBC-SA-2024-0005

@@ -0,0 +1,22 @@
+nscd: Stack-based buffer overflow in netgroup cache
+
+If the Name Service Cache Daemon's (nscd) fixed size cache is exhausted
+by client requests then a subsequent client request for netgroup data
+may result in a stack-based buffer overflow.  This flaw was introduced
+in glibc 2.15 when the cache was added to nscd.
+
+This vulnerability is only present in the nscd binary.
+
+CVE-Id: CVE-2024-33599
+Public-Date: 2024-04-23
+Vulnerable-Commit: 684ae515993269277448150a1ca70db3b94aa5bd (2.15)
+Fix-Commit: 69c58d5ef9f584ea198bd00f7964d364d0e6b921 (2.31-155)
+Fix-Commit: a77064893bfe8a701770e2f53a4d33805bc47a5a (2.32-141)
+Fix-Commit: 5c75001a96abcd50cbdb74df24c3f013188d076e (2.33-264)
+Fix-Commit: 52f73e5c4e29b14e79167272297977f360ae1e97 (2.34-460)
+Fix-Commit: 7a95873543ce225376faf13bb71c43dea6d24f86 (2.35-316)
+Fix-Commit: caa3151ca460bdd9330adeedd68c3112d97bffe4 (2.36-165)
+Fix-Commit: f75c298e747b2b8b41b1c2f551c011a52c41bfd1 (2.37-91)
+Fix-Commit: 5968aebb86164034b8f8421b4abab2f837a5bdaf (2.38-72)
+Fix-Commit: 1263d583d2e28afb8be53f8d6922f0842036f35d (2.39-35)
+Fix-Commit: 87801a8fd06db1d654eea3e4f7626ff476a9bdaa (2.40)

advisories/GLIBC-SA-2024-0006

@@ -0,0 +1,32 @@
+nscd: Null pointer crash after notfound response
+
+If the Name Service Cache Daemon's (nscd) cache fails to add a not-found
+netgroup response to the cache, the client request can result in a null
+pointer dereference.  This flaw was introduced in glibc 2.15 when the
+cache was added to nscd.
+
+This vulnerability is only present in the nscd binary.
+
+CVE-Id: CVE-2024-33600
+Public-Date: 2024-04-24
+Vulnerable-Commit: 684ae515993269277448150a1ca70db3b94aa5bd (2.15)
+Fix-Commit: b048a482f088e53144d26a61c390bed0210f49f2 (2.40)
+Fix-Commit: 7835b00dbce53c3c87bbbb1754a95fb5e58187aa (2.40)
+Fix-Commit: c99f886de54446cd4447db6b44be93dabbdc2f8b (2.39-37)
+Fix-Commit: 5a508e0b508c8ad53bd0d2fb48fd71b242626341 (2.39-36)
+Fix-Commit: 2ae9446c1b7a3064743b4a51c0bbae668ee43e4c (2.38-74)
+Fix-Commit: 541ea5172aa658c4bd5c6c6d6fd13903c3d5bb0a (2.38-73)
+Fix-Commit: a8070b31043c7585c36ba68a74298c4f7af075c3 (2.37-93)
+Fix-Commit: 5eea50c4402e39588de98aa1d4469a79774703d4 (2.37-92)
+Fix-Commit: f205b3af56740e3b014915b1bd3b162afe3407ef (2.36-167)
+Fix-Commit: c34f470a615b136170abd16142da5dd0c024f7d1 (2.36-166)
+Fix-Commit: bafadc589fbe21ae330e8c2af74db9da44a17660 (2.35-318)
+Fix-Commit: 4370bef52b0f3f3652c6aa13d7a9bb3ac079746d (2.35-317)
+Fix-Commit: 1f94122289a9bf7dba573f5d60327aaa2b85cf2e (2.34-462)
+Fix-Commit: 966d6ac9e40222b84bb21674cc4f83c8d72a5a26 (2.34-461)
+Fix-Commit: e3eef1b8fbdd3a7917af466ca9c4b7477251ca79 (2.33-266)
+Fix-Commit: f20a8d696b13c6261b52a6434899121f8b19d5a7 (2.33-265)
+Fix-Commit: be602180146de37582a3da3a0caa4b719645de9c (2.32-143)
+Fix-Commit: 394eae338199078b7961b051c191539870742d7b (2.32-142)
+Fix-Commit: 8d7949183760170c61e55def723c1d8050187874 (2.31-157)
+Fix-Commit: 304ce5fe466c4762b21b36c26926a4657b59b53e (2.31-156)

advisories/GLIBC-SA-2024-0007

@@ -0,0 +1,28 @@
+nscd: netgroup cache may terminate daemon on memory allocation failure
+
+The Name Service Cache Daemon's (nscd) netgroup cache uses xmalloc or
+xrealloc and these functions may terminate the process due to a memory
+allocation failure resulting in a denial of service to the clients.  The
+flaw was introduced in glibc 2.15 when the cache was added to nscd.
+
+This vulnerability is only present in the nscd binary.
+
+Subsequent refactoring of the netgroup cache only added more uses of
+xmalloc and xrealloc. Uses of xmalloc and xrealloc in other parts of
+nscd only occur during startup of the daemon and so are not affected by
+client requests that could trigger an out of memory followed by
+termination.
+
+CVE-Id: CVE-2024-33601
+Public-Date: 2024-04-24
+Vulnerable-Commit: 684ae515993269277448150a1ca70db3b94aa5bd (2.15)
+Fix-Commit: c04a21e050d64a1193a6daab872bca2528bda44b (2.40)
+Fix-Commit: a9a8d3eebb145779a18d90e3966009a1daa63cd8 (2.39-38)
+Fix-Commit: 71af8ca864345d39b746d5cee84b94b430fad5db (2.38-75)
+Fix-Commit: 6e106dc214d6a033a4e945d1c6cf58061f1c5f1f (2.37-94)
+Fix-Commit: b6742463694b1dfdd5120b91ee21cf05d15ec2e2 (2.36-168)
+Fix-Commit: 7a5864cac60e06000394128a5a2817b03542f5a3 (2.35-319)
+Fix-Commit: 86f1d5f4129c373ac6fb6df5bcf38273838843cb (2.34-463)
+Fix-Commit: 4d27d4b9a188786fc6a56745506cec2acfc51f83 (2.33-267)
+Fix-Commit: 3ed195a8ec89da281e3c4bf887a13d281b72d8f4 (2.32-144)
+Fix-Commit: bbf5a58ccb55679217f94de706164d15372fbbc0 (2.31-158)

advisories/GLIBC-SA-2024-0008

@@ -0,0 +1,26 @@
+nscd: netgroup cache assumes NSS callback uses in-buffer strings
+
+The Name Service Cache Daemon's (nscd) netgroup cache can corrupt memory
+when the NSS callback does not store all strings in the provided buffer.
+The flaw was introduced in glibc 2.15 when the cache was added to nscd.
+
+This vulnerability is only present in the nscd binary.
+
+There is no guarantee from the NSS callback API that the returned
+strings are all within the buffer. However, the netgroup cache code
+assumes that the NSS callback uses in-buffer strings and if it doesn't
+the buffer resizing logic could lead to potential memory corruption.
+
+CVE-Id: CVE-2024-33602
+Public-Date: 2024-04-24
+Vulnerable-Commit: 684ae515993269277448150a1ca70db3b94aa5bd (2.15)
+Fix-Commit: c04a21e050d64a1193a6daab872bca2528bda44b (2.40)
+Fix-Commit: a9a8d3eebb145779a18d90e3966009a1daa63cd8 (2.39-38)
+Fix-Commit: 71af8ca864345d39b746d5cee84b94b430fad5db (2.38-75)
+Fix-Commit: 6e106dc214d6a033a4e945d1c6cf58061f1c5f1f (2.37-94)
+Fix-Commit: b6742463694b1dfdd5120b91ee21cf05d15ec2e2 (2.36-168)
+Fix-Commit: 7a5864cac60e06000394128a5a2817b03542f5a3 (2.35-319)
+Fix-Commit: 86f1d5f4129c373ac6fb6df5bcf38273838843cb (2.34-463)
+Fix-Commit: 4d27d4b9a188786fc6a56745506cec2acfc51f83 (2.33-267)
+Fix-Commit: 3ed195a8ec89da281e3c4bf887a13d281b72d8f4 (2.32-144)
+Fix-Commit: bbf5a58ccb55679217f94de706164d15372fbbc0 (2.31-158)

advisories/GLIBC-SA-2025-0001

@@ -0,0 +1,40 @@
+assert: Buffer overflow when printing assertion failure message
+
+When the assert() function fails, it does not allocate enough space for the
+assertion failure message string and size information, which may lead to a
+buffer overflow if the message string size aligns to page size.
+
+This bug can be triggered when an assertion in a program fails.  The assertion
+failure message is allocated to allow developers to see this failure in core
+dumps and it typically includes, in addition to the invariant assertion
+string and function name, the name of the program.  If the name of the failing
+program is user controlled, for example on a local system, this could allow an
+attacker to control the assertion failure to trigger this buffer overflow.
+
+The only viable vector for exploitation of this bug is local, if a setuid
+program exists that has an existing bug that results in an assertion failure.
+No such program has been discovered at the time of publishing this advisory,
+but the presence of custom setuid programs, although strongly discouraged as a
+security practice, cannot be discounted.
+
+CVE-Id: CVE-2025-0395
+Public-Date: 2025-01-22
+Vulnerable-Commit: f8a3b5bf8fa1d0c43d2458e03cc109a04fdef194 (2.13-175)
+Fix-Commit: 68ee0f704cb81e9ad0a78c644a83e1e9cd2ee578 (2.41)
+Fix-Commit: cdb9ba84191ce72e86346fb8b1d906e7cd930ea2 (2.42)
+Fix-Commit: 69fda28279b497bd405fdd442a6d8e4d3d5f681b (2.41-7)
+Fix-Commit: 7d4b6bcae91f29d7b4daf15bab06b66cf1d2217c (2.40-66)
+Fix-Commit: d6c156c326999f144cb5b73d29982108d549ad8a (2.40-71)
+Fix-Commit: 808a84a8b81468b517a4d721fdc62069cb8c211f (2.39-146)
+Fix-Commit: f6d48470aef9264d2d56f4c4533eb76db7f9c2e4 (2.39-150)
+Fix-Commit: c32fd59314c343db88c3ea4a203870481d33c3d2 (2.38-122)
+Fix-Commit: f984e2d7e8299726891a1a497a3c36cd5542a0bf (2.38-124)
+Fix-Commit: a3d7865b098a3a67c44f7812208d9ce4718873ba (2.37-143)
+Fix-Commit: b989519fe1683c204ac24ec92830e3fe3bfaccad (2.37-146)
+Fix-Commit: 7971add7ee4171fdd8dfd17e7c04c4ed77a18845 (2.36-216)
+Fix-Commit: 0487893d5c5bc6710d83d7c3152d888a0339559e (2.36-219)
+Fix-Commit: 8b5d4be762419c4f6176261c6fea40ac559b88dc (2.35-370)
+Fix-Commit: 8b3d09dc0d350191985f9d291cc30ce96f034b49 (2.35-373)
+Fix-Commit: df4e1f4a5096b385c9bcc94424cf2eaa227b3761 (2.34-500)
+Fix-Commit: 31eb872cb21449832ab47ad5db83281d240e1d03 (2.34-503)
+Reported-By: Qualys Security Advisory

advisories/README

@@ -0,0 +1,77 @@
+GNU C Library Security Advisory Format
+======================================
+
+Security advisories in this directory follow a simple git commit log
+format, with a heading and free-format description augmented with tags
+to allow parsing key information.  References to code changes are
+specific to the glibc repository and follow a specific format:
+
+  Tag-name: <commit-ref> (release-version)
+
+The <commit-ref> indicates a specific commit in the repository.  The
+release-version indicates the publicly consumable release in which this
+commit is known to exist.  The release-version is derived from the
+git-describe format, (i.e. stripped out from glibc-2.34.NNN-gxxxx) and
+is of the form 2.34-NNN.  If the -NNN suffix is absent, it means that
+the change is in that release tarball, otherwise the change is on the
+release/2.YY/master branch and not in any released tarball.
+
+The following tags are currently being used:
+
+CVE-Id:
+This is the CVE-Id assigned under the CVE Program
+(https://www.cve.org/).
+
+Public-Date:
+The date this issue became publicly known.
+
+Vulnerable-Commit:
+The commit that introduced this vulnerability.  There could be multiple
+entries, one for each release branch in the glibc repository; the
+release-version portion of this tag should tell you which branch this is
+on.
+
+Fix-Commit:
+The commit that fixed this vulnerability.  There could be multiple
+entries for each release branch in the glibc repository, indicating that
+all of those commits contributed to fixing that issue in each of those
+branches.
+
+Reported-By:
+The entity that reported this issue. There could be multiple entries, one for
+each reporter.
+
+Adding an Advisory
+------------------
+
+An advisory for a CVE needs to be added on the master branch in two steps:
+
+1. Add the text of the advisory without any Fix-Commit tags along with
+   the fix for the CVE.  Add the Vulnerable-Commit tag, if applicable.
+   The advisories directory does not exist in release branches, so keep
+   the advisory text commit distinct from the code changes, to ease
+   backports.  Ask for the GLIBC-SA advisory number from the security
+   team.
+
+2. Finish all backports on release branches and then back on the msater
+   branch, add all commit refs to the advisory using the Fix-Commit
+   tags.  Don't bother adding the release-version subscript since the
+   next step will overwrite it.
+
+3. Run the process-advisories.sh script in the scripts directory on the
+   advisory:
+
+     scripts/process-advisories.sh update GLIBC-SA-YYYY-NNNN
+
+   (replace YYYY-NNNN with the actual advisory number).
+
+4. Verify the updated advisory and push the result.
+
+Getting a NEWS snippet from advisories
+--------------------------------------
+
+Run:
+
+  scripts/process-advisories.sh news
+
+and copy the content into the NEWS file.

argp/Makefile

@@ -1,4 +1,4 @@
-# Copyright (C) 1997-2023 Free Software Foundation, Inc.
+# Copyright (C) 1997-2025 Free Software Foundation, Inc.
 # This file is part of the GNU C Library.
 
 # The GNU C Library is free software; you can redistribute it and/or
@@ -22,12 +22,30 @@ subdir	:= argp
 
 include ../Makeconfig
 
-headers		= argp.h bits/argp-ldbl.h
-routines	= $(addprefix argp-, ba fmtstream fs-xinl help parse pv \
-				     pvh xinl eexst)
+headers = \
+  argp.h \
+  bits/argp-ldbl.h \
+  # headers
+routines = \
+  argp-ba \
+  argp-eexst \
+  argp-fmtstream \
+  argp-fs-xinl \
+  argp-help \
+  argp-parse \
+  argp-pv \
+  argp-pvh \
+  argp-xinl \
+  # routines
 
-tests		= argp-test tst-argp1 bug-argp1 tst-argp2 bug-argp2 \
-		  tst-ldbl-argp
+tests = \
+  argp-test \
+  bug-argp1 \
+  bug-argp2 \
+  tst-argp1 \
+  tst-argp2 \
+  tst-ldbl-argp \
+  # tests
 
 CFLAGS-argp-help.c += $(uses-callbacks) -fexceptions $(config-cflags-wno-ignored-attributes)
 CFLAGS-argp-parse.c += $(uses-callbacks) $(config-cflags-wno-ignored-attributes)

argp/argp-ba.c

@@ -1,5 +1,5 @@
 /* Default definition for ARGP_PROGRAM_BUG_ADDRESS.
-   Copyright (C) 1996-2023 Free Software Foundation, Inc.
+   Copyright (C) 1996-2025 Free Software Foundation, Inc.
    This file is part of the GNU C Library.
    Written by Miles Bader <miles@gnu.ai.mit.edu>.
 

argp/argp-eexst.c

@@ -1,5 +1,5 @@
 /* Default definition for ARGP_ERR_EXIT_STATUS
-   Copyright (C) 1997-2023 Free Software Foundation, Inc.
+   Copyright (C) 1997-2025 Free Software Foundation, Inc.
    This file is part of the GNU C Library.
    Written by Miles Bader <miles@gnu.ai.mit.edu>.
 

argp/argp-fmtstream.c

@@ -1,5 +1,5 @@
 /* Word-wrapping and line-truncating streams
-   Copyright (C) 1997-2023 Free Software Foundation, Inc.
+   Copyright (C) 1997-2025 Free Software Foundation, Inc.
    This file is part of the GNU C Library.
    Written by Miles Bader <miles@gnu.ai.mit.edu>.
 
@@ -74,7 +74,7 @@ __argp_make_fmtstream (FILE *stream,
       if (! fs->buf)
 	{
 	  free (fs);
-	  fs = 0;
+	  fs = NULL;
 	}
       else
 	{

argp/argp-fmtstream.h

@@ -1,5 +1,5 @@
 /* Word-wrapping and line-truncating streams.
-   Copyright (C) 1997-2023 Free Software Foundation, Inc.
+   Copyright (C) 1997-2025 Free Software Foundation, Inc.
    This file is part of the GNU C Library.
    Written by Miles Bader <miles@gnu.ai.mit.edu>.
 

argp/argp-fs-xinl.c

@@ -1,5 +1,5 @@
 /* Real definitions for extern inline functions in argp-fmtstream.h
-   Copyright (C) 1997-2023 Free Software Foundation, Inc.
+   Copyright (C) 1997-2025 Free Software Foundation, Inc.
    This file is part of the GNU C Library.
    Written by Miles Bader <miles@gnu.ai.mit.edu>.
 

argp/argp-help.c

@@ -1,5 +1,5 @@
 /* Hierarchial argument parsing help output
-   Copyright (C) 1995-2023 Free Software Foundation, Inc.
+   Copyright (C) 1995-2025 Free Software Foundation, Inc.
    This file is part of the GNU C Library.
    Written by Miles Bader <miles@gnu.ai.mit.edu>.
 
@@ -443,7 +443,7 @@ make_hol (const struct argp *argp, struct hol_cluster *cluster)
   assert (hol);
 
   hol->num_entries = 0;
-  hol->clusters = 0;
+  hol->clusters = NULL;
 
   if (opts)
     {
@@ -615,7 +615,7 @@ static char
 hol_entry_first_short (const struct hol_entry *entry)
 {
   return hol_entry_short_iterate (entry, until_short,
-				  entry->argp->argp_domain, 0);
+				  entry->argp->argp_domain, NULL);
 }
 
 /* Returns the first valid long option in ENTRY, or NULL if there is none.  */
@@ -627,7 +627,7 @@ hol_entry_first_long (const struct hol_entry *entry)
   for (opt = entry->opt, num = entry->num; num > 0; opt++, num--)
     if (opt->name && ovisible (opt))
       return opt->name;
-  return 0;
+  return NULL;
 }
 
 /* Returns the entry in HOL with the long option name NAME, or NULL if there is
@@ -652,7 +652,7 @@ hol_find_entry (struct hol *hol, const char *name)
       entry++;
     }
 
-  return 0;
+  return NULL;
 }
 
 /* If an entry with the long option NAME occurs in HOL, set it's special
@@ -926,7 +926,7 @@ hol_append (struct hol *hol, struct hol *more)
   while (*cl_end)
     cl_end = &(*cl_end)->next;
   *cl_end = more->clusters;
-  more->clusters = 0;
+  more->clusters = NULL;
 
   /* Merge entries.  */
   if (more->num_entries > 0)
@@ -1299,7 +1299,7 @@ hol_entry_help (struct hol_entry *entry, const struct argp_state *state,
     {
       const char *tstr = real->doc ? dgettext (state == NULL ? NULL
 					       : state->root_argp->argp_domain,
-					       real->doc) : 0;
+					       real->doc) : NULL;
       const char *fstr = filter_doc (tstr, real->key, entry->argp, state);
       if (fstr && *fstr)
 	{
@@ -1339,7 +1339,7 @@ hol_help (struct hol *hol, const struct argp_state *state,
 {
   unsigned num;
   struct hol_entry *entry;
-  struct hol_help_state hhstate = { 0, 0, 0 };
+  struct hol_help_state hhstate = { NULL, 0, 0 };
 
   for (entry = hol->entries, num = hol->num_entries; num > 0; entry++, num--)
     hol_entry_help (entry, state, stream, &hhstate);
@@ -1351,7 +1351,7 @@ hol_help (struct hol *hol, const struct argp_state *state,
 Mandatory or optional arguments to long options are also mandatory or \
 optional for any corresponding short options.");
       const char *fstr = filter_doc (tstr, ARGP_KEY_HELP_DUP_ARGS_NOTE,
-				     state ? state->root_argp : 0, state);
+				     state ? state->root_argp : NULL, state);
       if (fstr && *fstr)
 	{
 	  __argp_fmtstream_putc (stream, '\n');
@@ -1511,7 +1511,7 @@ argp_args_usage (const struct argp *argp, const struct argp_state *state,
   char *our_level = *levels;
   int multiple = 0;
   const struct argp_child *child = argp->children;
-  const char *tdoc = dgettext (argp->argp_domain, argp->args_doc), *nl = 0;
+  const char *tdoc = dgettext (argp->argp_domain, argp->args_doc), *nl = NULL;
   const char *fdoc = filter_doc (tdoc, ARGP_KEY_HELP_ARGS_DOC, argp, state);
 
   if (fdoc)
@@ -1560,7 +1560,7 @@ argp_args_usage (const struct argp *argp, const struct argp_state *state,
 }
 
 /* Print the documentation for ARGP to STREAM; if POST is false, then
-   everything preceeding a `\v' character in the documentation strings (or
+   everything preceding a `\v' character in the documentation strings (or
    the whole string, for those with none) is printed, otherwise, everything
    following the `\v' character (nothing for strings without).  Each separate
    bit of documentation is separated a blank line, and if PRE_BLANK is true,
@@ -1573,7 +1573,7 @@ argp_doc (const struct argp *argp, const struct argp_state *state,
 {
   const char *text;
   const char *inp_text;
-  void *input = 0;
+  void *input = NULL;
   int anything = 0;
   size_t inp_text_limit = 0;
   const char *doc = dgettext (argp->argp_domain, argp->doc);
@@ -1582,11 +1582,11 @@ argp_doc (const struct argp *argp, const struct argp_state *state,
   if (doc)
     {
       char *vt = strchr (doc, '\v');
-      inp_text = post ? (vt ? vt + 1 : 0) : doc;
+      inp_text = post ? (vt ? vt + 1 : NULL) : doc;
       inp_text_limit = (!post && vt) ? (vt - doc) : 0;
     }
   else
-    inp_text = 0;
+    inp_text = NULL;
 
   if (argp->help_filter)
     /* We have to filter the doc strings.  */
@@ -1628,7 +1628,7 @@ argp_doc (const struct argp *argp, const struct argp_state *state,
   if (post && argp->help_filter)
     /* Now see if we have to output a ARGP_KEY_HELP_EXTRA text.  */
     {
-      text = (*argp->help_filter) (ARGP_KEY_HELP_EXTRA, 0, input);
+      text = (*argp->help_filter) (ARGP_KEY_HELP_EXTRA, NULL, input);
       if (text)
 	{
 	  if (anything || pre_blank)
@@ -1661,7 +1661,7 @@ _help (const struct argp *argp, const struct argp_state *state, FILE *stream,
        unsigned flags, char *name)
 {
   int anything = 0;		/* Whether we've output anything.  */
-  struct hol *hol = 0;
+  struct hol *hol = NULL;
   argp_fmtstream_t fs;
 
   if (! stream)
@@ -1684,7 +1684,7 @@ _help (const struct argp *argp, const struct argp_state *state, FILE *stream,
 
   if (flags & (ARGP_HELP_USAGE | ARGP_HELP_SHORT_USAGE | ARGP_HELP_LONG))
     {
-      hol = argp_hol (argp, 0);
+      hol = argp_hol (argp, NULL);
 
       /* If present, these options always come last.  */
       hol_set_group (hol, "help", -1);
@@ -1801,7 +1801,7 @@ Try `%s --help' or `%s --usage' for more information.\n"),
 void __argp_help (const struct argp *argp, FILE *stream,
 		  unsigned flags, char *name)
 {
-  _help (argp, 0, stream, flags, name);
+  _help (argp, NULL, stream, flags, name);
 }
 #ifdef weak_alias
 weak_alias (__argp_help, argp_help)
@@ -1843,7 +1843,7 @@ __argp_state_help (const struct argp_state *state, FILE *stream, unsigned flags)
       if (state && (state->flags & ARGP_LONG_ONLY))
 	flags |= ARGP_HELP_LONG_ONLY;
 
-      _help (state ? state->root_argp : 0, state, stream, flags,
+      _help (state ? state->root_argp : NULL, state, stream, flags,
 	     state ? state->name : __argp_short_program_name ());
 
       if (!state || ! (state->flags & ARGP_NO_EXIT))

argp/argp-namefrob.h

@@ -1,5 +1,5 @@
 /* Name frobnication for compiling argp outside of glibc
-   Copyright (C) 1997-2023 Free Software Foundation, Inc.
+   Copyright (C) 1997-2025 Free Software Foundation, Inc.
    This file is part of the GNU C Library.
    Written by Miles Bader <miles@gnu.ai.mit.edu>.
 

argp/argp-parse.c

@@ -1,5 +1,5 @@
 /* Hierarchial argument parsing, layered over getopt
-   Copyright (C) 1995-2023 Free Software Foundation, Inc.
+   Copyright (C) 1995-2025 Free Software Foundation, Inc.
    This file is part of the GNU C Library.
    Written by Miles Bader <miles@gnu.ai.mit.edu>.
 
@@ -21,21 +21,6 @@
 #include <config.h>
 #endif
 
-/* AIX requires this to be the first thing in the file.  */
-#ifndef __GNUC__
-# if HAVE_ALLOCA_H || defined _LIBC
-#  include <alloca.h>
-# else
-#  ifdef _AIX
-#pragma alloca
-#  else
-#   ifndef alloca /* predefined by HP cc +Olibcalls */
-char *alloca ();
-#   endif
-#  endif
-# endif
-#endif
-
 #include <stdlib.h>
 #include <string.h>
 #include <unistd.h>
@@ -98,13 +83,13 @@ static volatile int _argp_hang;
 
 static const struct argp_option argp_default_options[] =
 {
-  {"help",	  '?',	  	0, 0,  N_("Give this help list"), -1},
-  {"usage",	  OPT_USAGE,	0, 0,  N_("Give a short usage message")},
+  {"help",	  '?',	  	NULL, 0,  N_("Give this help list"), -1},
+  {"usage",	  OPT_USAGE,	NULL, 0,  N_("Give a short usage message")},
   {"program-name",OPT_PROGNAME, N_("NAME"), OPTION_HIDDEN,
    N_("Set the program name")},
   {"HANG",	  OPT_HANG,    N_("SECS"), OPTION_ARG_OPTIONAL | OPTION_HIDDEN,
    N_("Hang for SECS seconds (default 3600)")},
-  {0, 0}
+  {NULL, 0}
 };
 
 static error_t
@@ -164,8 +149,8 @@ static const struct argp argp_default_argp =
 
 static const struct argp_option argp_version_options[] =
 {
-  {"version",	  'V',	  	0, 0,  N_("Print program version"), -1},
-  {0, 0}
+  {"version",	  'V',	  	NULL, 0,  N_("Print program version"), -1},
+  {NULL, 0}
 };
 
 static error_t
@@ -228,7 +213,7 @@ struct group
      particular short options is from.  */
   char *short_end;
 
-  /* The number of non-option args sucessfully handled by this parser.  */
+  /* The number of non-option args successfully handled by this parser.  */
   unsigned args_processed;
 
   /* This group's parser's parent's group.  */
@@ -356,7 +341,7 @@ convert_options (const struct argp *argp,
 			  ? optional_argument
 			  : required_argument)
 		       : no_argument);
-		    cvt->long_end->flag = 0;
+		    cvt->long_end->flag = NULL;
 		    /* we add a disambiguating code to all the user's
 		       values (which is removed before we actually call
 		       the function to parse the value); this means that
@@ -379,9 +364,9 @@ convert_options (const struct argp *argp,
       group->args_processed = 0;
       group->parent = parent;
       group->parent_index = parent_index;
-      group->input = 0;
-      group->hook = 0;
-      group->child_inputs = 0;
+      group->input = NULL;
+      group->hook = NULL;
+      group->child_inputs = NULL;
 
       if (children)
 	/* Assign GROUP's CHILD_INPUTS field some space from
@@ -397,7 +382,7 @@ convert_options (const struct argp *argp,
       parent = group++;
     }
   else
-    parent = 0;
+    parent = NULL;
 
   if (children)
     {
@@ -432,7 +417,7 @@ parser_convert (struct parser *parser, const struct argp *argp, int flags)
   parser->argp = argp;
 
   if (argp)
-    parser->egroup = convert_options (argp, 0, 0, parser->groups, &cvt);
+    parser->egroup = convert_options (argp, NULL, 0, parser->groups, &cvt);
   else
     parser->egroup = parser->groups; /* No parsers at all! */
 }
@@ -545,7 +530,7 @@ parser_init (struct parser *parser, const struct argp *argp,
 	   makes very simple wrapper argps more convenient).  */
 	group->child_inputs[0] = group->input;
 
-      err = group_parse (group, &parser->state, ARGP_KEY_INIT, 0);
+      err = group_parse (group, &parser->state, ARGP_KEY_INIT, NULL);
     }
   if (err == EBADKEY)
     err = 0;			/* Some parser didn't understand.  */
@@ -597,11 +582,11 @@ parser_finalize (struct parser *parser,
 	       group < parser->egroup && (!err || err==EBADKEY);
 	       group++)
 	    if (group->args_processed == 0)
-	      err = group_parse (group, &parser->state, ARGP_KEY_NO_ARGS, 0);
+	      err = group_parse (group, &parser->state, ARGP_KEY_NO_ARGS, NULL);
 	  for (group = parser->egroup - 1;
 	       group >= parser->groups && (!err || err==EBADKEY);
 	       group--)
-	    err = group_parse (group, &parser->state, ARGP_KEY_END, 0);
+	    err = group_parse (group, &parser->state, ARGP_KEY_END, NULL);
 
 	  if (err == EBADKEY)
 	    err = 0;		/* Some parser didn't understand.  */
@@ -640,7 +625,7 @@ parser_finalize (struct parser *parser,
 
       /* Since we didn't exit, give each parser an error indication.  */
       for (group = parser->groups; group < parser->egroup; group++)
-	group_parse (group, &parser->state, ARGP_KEY_ERROR, 0);
+	group_parse (group, &parser->state, ARGP_KEY_ERROR, NULL);
     }
   else
     /* Notify parsers of success, and propagate back values from parsers.  */
@@ -651,14 +636,14 @@ parser_finalize (struct parser *parser,
       for (group = parser->egroup - 1
 	   ; group >= parser->groups && (!err || err == EBADKEY)
 	   ; group--)
-	err = group_parse (group, &parser->state, ARGP_KEY_SUCCESS, 0);
+	err = group_parse (group, &parser->state, ARGP_KEY_SUCCESS, NULL);
       if (err == EBADKEY)
 	err = 0;		/* Some parser didn't understand.  */
     }
 
   /* Call parsers once more, to do any final cleanup.  Errors are ignored.  */
   for (group = parser->egroup - 1; group >= parser->groups; group--)
-    group_parse (group, &parser->state, ARGP_KEY_FINI, 0);
+    group_parse (group, &parser->state, ARGP_KEY_FINI, NULL);
 
   if (err == EBADKEY)
     err = EINVAL;
@@ -697,7 +682,7 @@ parser_parse_arg (struct parser *parser, char *val)
 	{
 	  parser->state.next--;	/* For ARGP_KEY_ARGS, put back the arg.  */
 	  key = ARGP_KEY_ARGS;
-	  err = group_parse (group, &parser->state, key, 0);
+	  err = group_parse (group, &parser->state, key, NULL);
 	}
     }
 
@@ -807,11 +792,11 @@ parser_parse_next (struct parser *parser, int *arg_ebadkey)
       parser->opt_data.optopt = KEY_END;
       if (parser->state.flags & ARGP_LONG_ONLY)
 	opt = _getopt_long_only_r (parser->state.argc, parser->state.argv,
-				   parser->short_opts, parser->long_opts, 0,
+				   parser->short_opts, parser->long_opts, NULL,
 				   &parser->opt_data);
       else
 	opt = _getopt_long_r (parser->state.argc, parser->state.argv,
-			      parser->short_opts, parser->long_opts, 0,
+			      parser->short_opts, parser->long_opts, NULL,
 			      &parser->opt_data);
       /* And see what getopt did.  */
       parser->state.next = parser->opt_data.optind;
@@ -884,6 +869,9 @@ __argp_parse (const struct argp *argp, int argc, char **argv, unsigned flags,
   error_t err;
   struct parser parser;
 
+  struct argp_child child[4];
+  struct argp top_argp;
+
   /* If true, then err == EBADKEY is a result of a non-option argument failing
      to be parsed (which in some cases isn't actually an error).  */
   int arg_ebadkey = 0;
@@ -891,24 +879,23 @@ __argp_parse (const struct argp *argp, int argc, char **argv, unsigned flags,
   if (! (flags & ARGP_NO_HELP))
     /* Add our own options.  */
     {
-      struct argp_child *child = alloca (4 * sizeof (struct argp_child));
-      struct argp *top_argp = alloca (sizeof (struct argp));
+      int child_index = 0;
 
       /* TOP_ARGP has no options, it just serves to group the user & default
 	 argps.  */
-      memset (top_argp, 0, sizeof (*top_argp));
-      top_argp->children = child;
+      memset (&top_argp, 0, sizeof (struct argp));
+      top_argp.children = child;
 
       memset (child, 0, 4 * sizeof (struct argp_child));
 
       if (argp)
-	(child++)->argp = argp;
-      (child++)->argp = &argp_default_argp;
+	child[child_index++].argp = argp;
+      child[child_index++].argp = &argp_default_argp;
       if (argp_program_version || argp_program_version_hook)
-	(child++)->argp = &argp_version_argp;
-      child->argp = 0;
+	child[child_index++].argp = &argp_version_argp;
+      child[child_index].argp = NULL;
 
-      argp = top_argp;
+      argp = &top_argp;
     }
 
   /* Construct a parser for these arguments.  */
@@ -943,7 +930,7 @@ __argp_input (const struct argp *argp, const struct argp_state *state)
 	  return group->input;
     }
 
-  return 0;
+  return NULL;
 }
 #ifdef weak_alias
 weak_alias (__argp_input, _argp_input)

argp/argp-pv.c

@@ -1,5 +1,5 @@
 /* Default definition for ARGP_PROGRAM_VERSION.
-   Copyright (C) 1996-2023 Free Software Foundation, Inc.
+   Copyright (C) 1996-2025 Free Software Foundation, Inc.
    This file is part of the GNU C Library.
    Written by Miles Bader <miles@gnu.ai.mit.edu>.
 

argp/argp-pvh.c

@@ -1,5 +1,5 @@
 /* Default definition for ARGP_PROGRAM_VERSION_HOOK.
-   Copyright (C) 1996-2023 Free Software Foundation, Inc.
+   Copyright (C) 1996-2025 Free Software Foundation, Inc.
    This file is part of the GNU C Library.
    Written by Miles Bader <miles@gnu.ai.mit.edu>.
 

argp/argp-test.c

@@ -1,5 +1,5 @@
 /* Test program for argp argument parser
-   Copyright (C) 1997-2023 Free Software Foundation, Inc.
+   Copyright (C) 1997-2025 Free Software Foundation, Inc.
    This file is part of the GNU C Library.
 
    The GNU C Library is free software; you can redistribute it and/or
@@ -25,6 +25,8 @@
 #include <string.h>
 #include <argp.h>
 
+#include <support/support.h>
+
 const char *argp_program_version = "argp-test 1.0";
 
 struct argp_option sub_options[] =
@@ -178,12 +180,12 @@ help_filter (int key, const char *text, void *input)
   if (key == ARGP_KEY_HELP_POST_DOC && text)
     {
       time_t now = time (0);
-      asprintf (&new_text, text, ctime (&now));
+      new_text = xasprintf (text, ctime (&now));
     }
   else if (key == 'f')
     /* Show the default for the --foonly option.  */
-    asprintf (&new_text, "%s (ZOT defaults to %x)",
-	      text, params->foonly_default);
+    new_text = xasprintf ("%s (ZOT defaults to %x)",
+		          text, params->foonly_default);
   else
     new_text = (char *)text;
 

argp/argp-xinl.c

@@ -1,5 +1,5 @@
 /* Real definitions for extern inline functions in argp.h
-   Copyright (C) 1997-2023 Free Software Foundation, Inc.
+   Copyright (C) 1997-2025 Free Software Foundation, Inc.
    This file is part of the GNU C Library.
    Written by Miles Bader <miles@gnu.ai.mit.edu>.
 

argp/argp.h

@@ -1,5 +1,5 @@
 /* Hierarchical argument parsing, layered over getopt.
-   Copyright (C) 1995-2023 Free Software Foundation, Inc.
+   Copyright (C) 1995-2025 Free Software Foundation, Inc.
    This file is part of the GNU C Library.
    Written by Miles Bader <miles@gnu.ai.mit.edu>.
 

argp/bits/argp-ldbl.h

@@ -1,5 +1,5 @@
 /* Redirections for argp functions for -mlong-double-64.
-   Copyright (C) 2019-2023 Free Software Foundation, Inc.
+   Copyright (C) 2019-2025 Free Software Foundation, Inc.
    This file is part of the GNU C Library.
 
    The GNU C Library is free software; you can redistribute it and/or

argp/tst-argp1.c

@@ -1,4 +1,4 @@
-/* Copyright (C) 2002-2023 Free Software Foundation, Inc.
+/* Copyright (C) 2002-2025 Free Software Foundation, Inc.
    This file is part of the GNU C Library.
 
    The GNU C Library is free software; you can redistribute it and/or
@@ -30,7 +30,7 @@
 static const struct argp_option test_options[] =
   {
     { NULL, 0, NULL, 0, "\
-This is a test for threads so we allow ther user to selection the number of \
+This is a test for threads so we allow the user to select the number of \
 threads which are used at any one time.  Independently the total number of \
 rounds can be selected.  This is the total number of threads which will have \
 run when the process terminates:" },

argp/tst-argp2.c

@@ -1,4 +1,4 @@
-/* Copyright (C) 2007-2023 Free Software Foundation, Inc.
+/* Copyright (C) 2007-2025 Free Software Foundation, Inc.
    This file is part of the GNU C Library.
 
    The GNU C Library is free software; you can redistribute it and/or

argp/tst-ldbl-argp.c

@@ -1,5 +1,5 @@
 /* Testing of long double conversions in argp.h functions.
-   Copyright (C) 2018-2023 Free Software Foundation, Inc.
+   Copyright (C) 2018-2025 Free Software Foundation, Inc.
    This file is part of the GNU C Library.
 
    The GNU C Library is free software; you can redistribute it and/or

assert/Makefile

@@ -1,4 +1,4 @@
-# Copyright (C) 1991-2023 Free Software Foundation, Inc.
+# Copyright (C) 1991-2025 Free Software Foundation, Inc.
 # This file is part of the GNU C Library.
 
 # The GNU C Library is free software; you can redistribute it and/or
@@ -22,7 +22,9 @@ subdir	:= assert
 
 include ../Makeconfig
 
-headers	:= assert.h
+headers := \
+  assert.h
+  # headers
 
 routines := \
   __assert \
@@ -30,7 +32,15 @@ routines := \
   assert \
   assert-perr \
   # routines
-tests := test-assert test-assert-perr tst-assert-c++ tst-assert-g++
+
+tests := \
+  test-assert \
+  test-assert-2 \
+  test-assert-perr \
+  tst-assert-c++ \
+  tst-assert-g++ \
+  tst-assert-sa-2025-0001 \
+  # tests
 
 ifeq ($(have-cxx-thread_local),yes)
 CFLAGS-tst-assert-c++.o = -std=c++11
@@ -38,7 +48,10 @@ LDLIBS-tst-assert-c++ = -lstdc++
 CFLAGS-tst-assert-g++.o = -std=gnu++11
 LDLIBS-tst-assert-g++ = -lstdc++
 else
-tests-unsupported += tst-assert-c++ tst-assert-g++
+tests-unsupported += \
+  tst-assert-c++ \
+  tst-assert-g++ \
+  # tests-unsupported
 endif
 
 include ../Rules

assert/__assert.c

@@ -1,4 +1,4 @@
-/* Copyright (C) 2000-2023 Free Software Foundation, Inc.
+/* Copyright (C) 2000-2025 Free Software Foundation, Inc.
    This file is part of the GNU C Library.
 
    The GNU C Library is free software; you can redistribute it and/or

assert/__libc_assert_fail.c

@@ -1,5 +1,5 @@
 /* libc-internal assert that calls __libc_message.
-   Copyright (C) 2022-2023 Free Software Foundation, Inc.
+   Copyright (C) 2022-2025 Free Software Foundation, Inc.
    This file is part of the GNU C Library.
 
    The GNU C Library is free software; you can redistribute it and/or

assert/assert-perr.c

@@ -1,4 +1,4 @@
-/* Copyright (C) 1994-2023 Free Software Foundation, Inc.
+/* Copyright (C) 1994-2025 Free Software Foundation, Inc.
    This file is part of the GNU C Library.
 
    The GNU C Library is free software; you can redistribute it and/or
@@ -32,7 +32,7 @@ __assert_perror_fail (int errnum,
   char errbuf[1024];
 
   char *e = __strerror_r (errnum, errbuf, sizeof errbuf);
-  __assert_fail_base (_("%s%s%s:%u: %s%sUnexpected error: %s.\n%n"),
+  __assert_fail_base (_("%s%s%s:%u: %s%sUnexpected error: %s.\n"),
 		      e, file, line, function);
 }
 libc_hidden_def (__assert_perror_fail)

assert/assert.c

@@ -1,4 +1,4 @@
-/* Copyright (C) 1991-2023 Free Software Foundation, Inc.
+/* Copyright (C) 1991-2025 Free Software Foundation, Inc.
    This file is part of the GNU C Library.
 
    The GNU C Library is free software; you can redistribute it and/or
@@ -15,21 +15,18 @@
    License along with the GNU C Library; if not, see
    <https://www.gnu.org/licenses/>.  */
 
-#include <assert.h>
-#include <atomic.h>
+#include <intprops.h>
 #include <ldsodefs.h>
+#include <libc-pointer-arith.h>
 #include <libintl.h>
-#include <stdio.h>
-#include <stdlib.h>
-#include <sysdep.h>
+#include <libio/iolibio.h>
+#include <setvmaname.h>
+#include <sys/uio.h>
 #include <unistd.h>
-#include <sys/mman.h>
 
 
 extern const char *__progname;
 
-#include <wchar.h>
-#include <libio/iolibio.h>
 #define fflush(s) _IO_fflush (s)
 
 /* This function, when passed a string containing an asserted
@@ -53,24 +50,26 @@ __assert_fail_base (const char *fmt, const char *assertion, const char *file,
   FATAL_PREPARE;
 #endif
 
-  int total;
-  if (__asprintf (&str, fmt,
-		  __progname, __progname[0] ? ": " : "",
-		  file, line,
-		  function ? function : "", function ? ": " : "",
-		  assertion, &total) >= 0)
+  int total = __asprintf (&str, fmt,
+			  __progname, __progname[0] ? ": " : "",
+			  file, line,
+			  function ? function : "", function ? ": " : "",
+			  assertion);
+  if (total >= 0)
     {
       /* Print the message.  */
       (void) __fxprintf (NULL, "%s", str);
       (void) fflush (stderr);
 
-      total = (total + 1 + GLRO(dl_pagesize) - 1) & ~(GLRO(dl_pagesize) - 1);
+      total = ALIGN_UP (total + sizeof (struct abort_msg_s) + 1,
+			GLRO(dl_pagesize));
       struct abort_msg_s *buf = __mmap (NULL, total, PROT_READ | PROT_WRITE,
 					MAP_ANON | MAP_PRIVATE, -1, 0);
       if (__glibc_likely (buf != MAP_FAILED))
 	{
 	  buf->size = total;
 	  strcpy (buf->msg, str);
+	  __set_vma_name (buf, total, " glibc: assert");
 
 	  /* We have to free the old buffer since the application might
 	     catch the SIGABRT signal.  */
@@ -85,8 +84,35 @@ __assert_fail_base (const char *fmt, const char *assertion, const char *file,
   else
     {
       /* At least print a minimal message.  */
-      static const char errstr[] = "Unexpected error.\n";
-      __libc_write (STDERR_FILENO, errstr, sizeof (errstr) - 1);
+      char linebuf[INT_STRLEN_BOUND (int) + sizeof ":: "];
+      struct iovec v[9];
+      int i = 0;
+
+#define WS(s) (v[i].iov_len = strlen (v[i].iov_base = (void *) (s)), i++)
+
+      if (__progname)
+	{
+	  WS (__progname);
+	  WS (": ");
+	}
+
+      WS (file);
+      v[i++] = (struct iovec) {.iov_base = linebuf,
+	.iov_len = sprintf (linebuf, ":%d: ", line)};
+
+      if (function)
+	{
+	  WS (function);
+	  WS (": ");
+	}
+
+      WS ("Assertion `");
+      WS (assertion);
+      /* We omit the '.' here so that the assert tests can tell when
+         this code path is taken.  */
+      WS ("' failed\n");
+
+      (void) __writev (STDERR_FILENO, v, i);
     }
 
   abort ();
@@ -98,6 +124,6 @@ void
 __assert_fail (const char *assertion, const char *file, unsigned int line,
 	       const char *function)
 {
-  __assert_fail_base (_("%s%s%s:%u: %s%sAssertion `%s' failed.\n%n"),
+  __assert_fail_base (_("%s%s%s:%u: %s%sAssertion `%s' failed.\n"),
 		      assertion, file, line, function);
 }

assert/assert.h

@@ -1,4 +1,4 @@
-/* Copyright (C) 1991-2023 Free Software Foundation, Inc.
+/* Copyright (C) 1991-2025 Free Software Foundation, Inc.
    This file is part of the GNU C Library.
 
    The GNU C Library is free software; you can redistribute it and/or
@@ -66,18 +66,18 @@ __BEGIN_DECLS
 /* This prints an "Assertion failed" message and aborts.  */
 extern void __assert_fail (const char *__assertion, const char *__file,
 			   unsigned int __line, const char *__function)
-     __THROW __attribute__ ((__noreturn__));
+     __THROW __attribute__ ((__noreturn__)) __COLD;
 
 /* Likewise, but prints the error text for ERRNUM.  */
 extern void __assert_perror_fail (int __errnum, const char *__file,
 				  unsigned int __line, const char *__function)
-     __THROW __attribute__ ((__noreturn__));
+     __THROW __attribute__ ((__noreturn__)) __COLD;
 
 
 /* The following is not at all used here but needed for standard
    compliance.  */
 extern void __assert (const char *__assertion, const char *__file, int __line)
-     __THROW __attribute__ ((__noreturn__));
+     __THROW __attribute__ ((__noreturn__)) __COLD;
 
 
 __END_DECLS
@@ -86,10 +86,21 @@ __END_DECLS
    parentheses around EXPR.  Otherwise, those added parentheses would
    suppress warnings we'd expect to be detected by gcc's -Wparentheses.  */
 # if defined __cplusplus
+#  if defined __has_builtin
+#   if __has_builtin (__builtin_FILE)
+#    define __ASSERT_FILE __builtin_FILE ()
+#    define __ASSERT_LINE __builtin_LINE ()
+#   endif
+#  endif
+#  if !defined __ASSERT_FILE
+#   define __ASSERT_FILE __FILE__
+#   define __ASSERT_LINE __LINE__
+#  endif
 #  define assert(expr)							\
      (static_cast <bool> (expr)						\
       ? void (0)							\
-      : __assert_fail (#expr, __FILE__, __LINE__, __ASSERT_FUNCTION))
+      : __assert_fail (#expr, __ASSERT_FILE, __ASSERT_LINE,             \
+                       __ASSERT_FUNCTION))
 # elif !defined __GNUC__ || defined __STRICT_ANSI__
 #  define assert(expr)							\
     ((expr)								\

assert/test-assert-2.c

@@ -0,0 +1,167 @@
+/* Test assert's compliance with POSIX requirements.
+   Copyright (C) 2024-2025 Free Software Foundation, Inc.
+   This file is part of the GNU C Library.
+
+   The GNU C Library is free software; you can redistribute it and/or
+   modify it under the terms of the GNU Lesser General Public
+   License as published by the Free Software Foundation; either
+   version 2.1 of the License, or (at your option) any later version.
+
+   The GNU C Library is distributed in the hope that it will be useful,
+   but WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+   Lesser General Public License for more details.
+
+   You should have received a copy of the GNU Lesser General Public
+   License along with the GNU C Library; if not, see
+   <https://www.gnu.org/licenses/>.  */
+
+/* This test verifies that a failed assertion acts in accordance with
+   the POSIX requirements, despite any internal failures.  We do so by
+   calling test routines via fork() and monitoring their exit codes
+   and stderr, while possibly forcing internal functions (malloc) to
+   fail.  */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <dlfcn.h>
+#include <string.h>
+#include <signal.h>
+#include <unistd.h>
+
+#undef NDEBUG
+#include <assert.h>
+
+#include <support/check.h>
+#include <support/support.h>
+#include <support/capture_subprocess.h>
+#include <support/xstdio.h>
+
+/* We need to be able to make malloc() "fail" so that __asprintf
+   fails.  */
+
+void * (*next_malloc)(size_t sz) = 0;
+static volatile bool fail_malloc = 0;
+
+void *
+malloc (size_t sz)
+{
+  if (fail_malloc)
+    return NULL;
+  if (next_malloc == 0)
+    next_malloc = dlsym (RTLD_NEXT, "malloc");
+  if (next_malloc == 0)
+    return NULL;
+  return next_malloc (sz);
+}
+
+/* We can tell if abort() is called by looking for the custom return
+   value.  */
+
+void
+abort_handler(int s)
+{
+  _exit(5);
+}
+
+static int do_lineno;
+static const char *do_funcname;
+
+/* Hack to get the line of the assert.  */
+#define GET_INFO_1(l)	      \
+  if (closure != NULL)	      \
+    {			      \
+      do_lineno = l;	      \
+      do_funcname = __func__; \
+      return; \
+    }
+#define GET_INFO() GET_INFO_1(__LINE__+1)
+
+/* These are the two test cases.  */
+
+static void
+test_assert_normal (void *closure)
+{
+  if (closure == NULL)
+    signal (SIGABRT, abort_handler);
+
+  GET_INFO ();
+  assert (1 == 2);
+}
+
+
+static void
+test_assert_nomalloc (void *closure)
+{
+  if (closure == NULL)
+    {
+      signal (SIGABRT, abort_handler);
+      fail_malloc = 1;
+    }
+
+  GET_INFO ();
+  assert (1 == 2);
+}
+
+static void
+check_posix (const char *buf, int rv, int line,
+	     const char *funcname, const char *testarg)
+{
+  /* POSIX requires that a failed assertion write a diagnostic to
+     stderr and call abort.  The diagnostic must include the filename,
+     line number, and function where the assertion failed, along with
+     the text of the assert() argument.
+  */
+  char linestr[100];
+
+  sprintf (linestr, "%d", line);
+
+  /* If abort is called, our handler will return 5.  */
+  TEST_VERIFY (rv == 5);
+
+  TEST_VERIFY (strstr (buf, __FILE__) != NULL);
+  TEST_VERIFY (strstr (buf, linestr) != NULL);
+  TEST_VERIFY (strstr (buf, funcname) != NULL);
+  TEST_VERIFY (strstr (buf, testarg) != NULL);
+
+}
+
+static void
+one_test (void (*func)(void *), int which_path)
+{
+  struct support_capture_subprocess sp;
+  int rv;
+
+  func (&do_lineno);
+  printf("running test for %s, line %d\n", do_funcname, do_lineno);
+
+  sp = support_capture_subprocess (func, NULL);
+  rv = WEXITSTATUS (sp.status);
+
+  check_posix (sp.err.buffer, rv, do_lineno, do_funcname, "1 == 2");
+
+  /* Look for intentional subtle differences in messages to verify
+     that the intended code path was taken.  */
+  switch (which_path)
+    {
+    case 0:
+      TEST_VERIFY (strstr (sp.err.buffer, "failed.\n") != NULL);
+      break;
+    case 1:
+      TEST_VERIFY (strstr (sp.err.buffer, "failed\n") != NULL);
+      break;
+    }
+
+  support_capture_subprocess_free (&sp);
+}
+
+static int
+do_test(void)
+{
+  one_test (test_assert_normal, 0);
+  one_test (test_assert_nomalloc, 1);
+
+  return 0;
+}
+
+#include <support/test-driver.c>

assert/test-assert-perr.c

@@ -11,6 +11,8 @@
 #include <string.h>
 #include <setjmp.h>
 
+#include <support/xstdio.h>
+
 jmp_buf rec;
 char buf[160];
 
@@ -70,15 +72,15 @@ main(void)
     failed = 1; /* should not happen */
 
   rewind (stderr);
-  fgets (buf, 160, stderr);
+  xfgets (buf, 160, stderr);
   if (!strstr(buf, strerror (1)))
     failed = 1;
 
-  fgets (buf, 160, stderr);
+  xfgets (buf, 160, stderr);
   if (strstr (buf, strerror (0)))
     failed = 1;
 
-  fgets (buf, 160, stderr);
+  xfgets (buf, 160, stderr);
   if (strstr (buf, strerror (2)))
     failed = 1;
 

assert/test-assert.c

@@ -11,6 +11,8 @@
 #include <string.h>
 #include <setjmp.h>
 
+#include <support/xstdio.h>
+
 jmp_buf rec;
 char buf[160];
 
@@ -72,15 +74,15 @@ main (void)
     failed = 1; /* should not happen */
 
   rewind (stderr);
-  fgets (buf, 160, stderr);
+  xfgets (buf, 160, stderr);
   if (!strstr (buf, "1 == 2"))
     failed = 1;
 
-  fgets (buf, 160, stderr);
+  xfgets (buf, 160, stderr);
   if (strstr (buf, "1 == 1"))
     failed = 1;
 
-  fgets (buf, 160, stderr);
+  xfgets (buf, 160, stderr);
   if (strstr (buf, "2 == 3"))
     failed = 1;
 

assert/tst-assert-c++.cc

@@ -1,5 +1,5 @@
 /* Tests for interactions between C++ and assert.
-   Copyright (C) 2017-2023 Free Software Foundation, Inc.
+   Copyright (C) 2017-2025 Free Software Foundation, Inc.
    This file is part of the GNU C Library.
 
    The GNU C Library is free software; you can redistribute it and/or
@@ -21,6 +21,7 @@
 #undef NDEBUG
 #include <assert.h>
 
+#if __GNUC_PREREQ (5, 0)
 /* The C++ standard requires that if the assert argument is a constant
    subexpression, then the assert itself is one, too.  */
 constexpr int
@@ -77,5 +78,14 @@ do_test ()
 
   return 0;
 }
+#else
+#include <support/test-driver.h>
+
+static int
+do_test ()
+{
+  return EXIT_UNSUPPORTED;
+}
+#endif
 
 #include <support/test-driver.c>

assert/tst-assert-g++.cc

@@ -1,5 +1,5 @@
 /* Tests for interactions between C++ and assert.  GNU C++11 version.
-   Copyright (C) 2017-2023 Free Software Foundation, Inc.
+   Copyright (C) 2017-2025 Free Software Foundation, Inc.
    This file is part of the GNU C Library.
 
    The GNU C Library is free software; you can redistribute it and/or

assert/tst-assert-sa-2025-0001.c

@@ -0,0 +1,92 @@
+/* Test for CVE-2025-0395.
+   Copyright The GNU Toolchain Authors.
+   This file is part of the GNU C Library.
+
+   The GNU C Library is free software; you can redistribute it and/or
+   modify it under the terms of the GNU Lesser General Public
+   License as published by the Free Software Foundation; either
+   version 2.1 of the License, or (at your option) any later version.
+
+   The GNU C Library is distributed in the hope that it will be useful,
+   but WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+   Lesser General Public License for more details.
+
+   You should have received a copy of the GNU Lesser General Public
+   License along with the GNU C Library; if not, see
+   <https://www.gnu.org/licenses/>.  */
+
+/* Test that a large enough __progname does not result in a buffer overflow
+   when printing an assertion failure.  This was CVE-2025-0395.  */
+#include <assert.h>
+#include <inttypes.h>
+#include <signal.h>
+#include <stdbool.h>
+#include <string.h>
+#include <sys/mman.h>
+#include <support/check.h>
+#include <support/support.h>
+#include <support/xstdio.h>
+#include <support/xunistd.h>
+
+extern const char *__progname;
+
+int
+do_test (int argc, char **argv)
+{
+
+  support_need_proc ("Reads /proc/self/maps to add guards to writable maps.");
+  ignore_stderr ();
+
+  /* XXX assumes that the assert is on a 2 digit line number.  */
+  const char *prompt = ": %s:99: do_test: Assertion `argc < 1' failed.\n";
+
+  int ret = fprintf (stderr, prompt, __FILE__);
+  if (ret < 0)
+    FAIL_EXIT1 ("fprintf failed: %m\n");
+
+  size_t pagesize = getpagesize ();
+  size_t namesize = pagesize - 1 - ret;
+
+  /* Alter the progname so that the assert message fills the entire page.  */
+  char progname[namesize];
+  memset (progname, 'A', namesize - 1);
+  progname[namesize - 1] = '\0';
+  __progname = progname;
+
+  FILE *f = xfopen ("/proc/self/maps", "r");
+  char *line = NULL;
+  size_t len = 0;
+  uintptr_t prev_to = 0;
+
+  /* Pad the beginning of every writable mapping with a PROT_NONE map.  This
+     ensures that the mmap in the assert_fail path never ends up below a
+     writable map and will terminate immediately in case of a buffer
+     overflow.  */
+  while (xgetline (&line, &len, f))
+    {
+      uintptr_t from, to;
+      char perm[4];
+
+      sscanf (line, "%" SCNxPTR "-%" SCNxPTR " %c%c%c%c ",
+	      &from, &to,
+	      &perm[0], &perm[1], &perm[2], &perm[3]);
+
+      bool writable = (memchr (perm, 'w', 4) != NULL);
+
+      if (prev_to != 0 && from - prev_to > pagesize && writable)
+	xmmap ((void *) from - pagesize, pagesize, PROT_NONE,
+	       MAP_ANONYMOUS | MAP_PRIVATE, 0);
+
+      prev_to = to;
+    }
+
+  xfclose (f);
+
+  assert (argc < 1);
+  return 0;
+}
+
+#define EXPECTED_SIGNAL SIGABRT
+#define TEST_FUNCTION_ARGV do_test
+#include <support/test-driver.c>

benchtests/Makefile

@@ -1,4 +1,4 @@
-# Copyright (C) 2013-2023 Free Software Foundation, Inc.
+# Copyright (C) 2013-2025 Free Software Foundation, Inc.
 # Copyright The GNU Toolchain Authors.
 # This file is part of the GNU C Library.
 
@@ -25,29 +25,54 @@ include ../Makeconfig
 
 bench-math := \
   acos \
+  acosf \
   acosh \
+  acoshf \
+  acospif \
   asin \
+  asinf \
   asinh \
+  asinhf \
+  asinpif \
   atan \
   atan2 \
+  atan2f \
+  atan2pif \
+  atanf \
   atanh \
+  atanhf \
+  atanpif \
   cbrt \
+  cbrtf \
+  ceil \
+  ceilf \
   cos \
   cosf \
   cosh \
+  coshf \
+  cospif \
   erf \
   erfc \
+  erfcf \
+  erff \
   exp \
   exp10 \
   exp10f \
+  exp10m1f \
   exp2 \
   exp2f \
+  exp2m1f \
   expf \
   expm1 \
+  expm1f \
+  floor \
+  floorf \
   fmax \
   fmaxf \
   fmin \
   fminf \
+  fmod \
+  fmodf \
   hypot \
   hypotf \
   ilogb \
@@ -58,18 +83,30 @@ bench-math := \
   j0 \
   j1 \
   lgamma \
+  lgammaf \
+  llrint \
+  llrintf \
   log \
   log10 \
+  log10f \
+  log10p1f \
   log1p \
+  log1pf \
   log2 \
   log2f \
+  log2p1f \
   logb \
   logbf \
   logf \
+  lrint \
+  lrintf \
   modf \
+  nearbyint \
+  nearbyintf \
   pow \
   powf \
   rint \
+  rintf \
   roundeven \
   roundevenf \
   sin \
@@ -77,19 +114,26 @@ bench-math := \
   sincosf \
   sinf \
   sinh \
+  sinhf \
+  sinpif \
   sqrt \
   tan \
+  tanf \
   tanh \
+  tanhf \
+  tanpif \
   tgamma \
+  tgammaf \
   trunc \
   truncf \
   y0 \
   y1 \
+  # bench-math
 
 ifneq (,$(filter yes,$(float96-fcts)))
 bench-math += \
   cbrtl \
-# bench-math
+  # bench-math
 endif
 
 ifneq (,$(filter yes,$(float128-fcts) $(float128-alias-fcts)))
@@ -98,7 +142,7 @@ bench-math += \
   ilogbf128 \
   powf128 \
   sinf128 \
-# bench-math
+  # bench-math
 endif
 
 bench-pthread := \
@@ -109,7 +153,7 @@ bench-pthread := \
   pthread-spin-trylock \
   pthread_once \
   thread_create \
-# bench-pthread
+  # bench-pthread
 
 LDLIBS-bench-pthread-mutex-lock += -lm
 LDLIBS-bench-pthread-mutex-trylock += -lm
@@ -119,13 +163,12 @@ LDLIBS-bench-pthread-spin-trylock += -lm
 bench-string := \
   ffs \
   ffsll \
-# bench-string
+  # bench-string
 
 # String function benchmarks.
 string-benchset := \
   bzero \
   bzero-large \
-  bzero-walk \
   memccpy \
   memchr \
   memcmp \
@@ -133,19 +176,16 @@ string-benchset := \
   memcpy \
   memcpy-large \
   memcpy-random \
-  memcpy-walk \
   memmem \
   memmove \
   memmove-large \
-  memmove-walk \
   mempcpy \
   memrchr \
   memset \
   memset-large \
-  memset-walk \
+  memset-random \
   memset-zero \
   memset-zero-large \
-  memset-zero-walk \
   rawmemchr \
   stpcpy \
   stpcpy_chk \
@@ -161,6 +201,7 @@ string-benchset := \
   strcpy_chk \
   strcspn \
   strlen \
+  strlen-random \
   strncasecmp \
   strncat \
   strncmp \
@@ -172,7 +213,7 @@ string-benchset := \
   strspn \
   strstr \
   strtok \
-# string-benchset
+  # string-benchset
 
 # Build and run locale-dependent benchmarks only if we're building natively.
 ifeq (no,$(cross-compiling))
@@ -197,7 +238,7 @@ wcsmbs-benchset := \
   wmemchr \
   wmemcmp \
   wmemset \
-# wcsmbs-benchset
+  # wcsmbs-benchset
 else
 wcsmbs-benchset :=
 endif
@@ -231,7 +272,7 @@ LOCALES := \
   tr_TR.UTF-8 \
   vi_VN.UTF-8 \
   zh_CN.UTF-8 \
-# LOCALES
+  # LOCALES
 include ../gen-locales.mk
 endif
 
@@ -239,20 +280,32 @@ hash-benchset := \
   dl-elf-hash \
   dl-new-hash \
   nss-hash \
-# hash-benchset
+  # hash-benchset
 
 stdlib-benchset := \
   arc4random \
+  bsearch \
+  random-lock \
   strtod \
   # stdlib-benchset
 
+stdio-benchset := \
+  fclose \
+  # stdio-benchset
+
 stdio-common-benchset := sprintf
 
 math-benchset := math-inlines
 
 ifeq (${BENCHSET},)
-benchset := $(string-benchset-all) $(stdlib-benchset) $(stdio-common-benchset) \
-	    $(math-benchset) $(hash-benchset)
+benchset := \
+  $(hash-benchset) \
+  $(math-benchset) \
+  $(stdio-benchset) \
+  $(stdio-common-benchset) \
+  $(stdlib-benchset) \
+  $(string-benchset-all) \
+  # benchset
 else
 benchset := $(foreach B,$(filter %-benchset,${BENCHSET}), ${${B}})
 endif
@@ -273,9 +326,15 @@ CFLAGS-bench-isinf.c += $(config-cflags-signaling-nans)
 CFLAGS-bench-isfinite.c += $(config-cflags-signaling-nans)
 
 ifeq (${BENCHSET},)
-bench-malloc := malloc-thread malloc-simple
+bench-malloc := \
+  calloc-simple \
+  calloc-thread \
+  malloc-simple \
+  malloc-thread \
+  # bench-malloc
 else
 bench-malloc := $(filter malloc-%,${BENCHSET})
+bench-malloc += $(filter calloc-%,${BENCHSET})
 endif
 
 ifeq (${STATIC-BENCHTESTS},yes)
@@ -350,7 +409,11 @@ include ../Rules
 bench-math += $(bench-libmvec)
 
 ifeq (${BENCHSET},)
-bench := $(bench-math) $(bench-pthread) $(bench-string)
+bench := \
+  $(bench-math) \
+  $(bench-pthread) \
+  $(bench-string) \
+  # bench
 else
 bench := $(foreach B,$(filter bench-%,${BENCHSET}), ${${B}})
 endif
@@ -366,8 +429,12 @@ extra-objs += $(addsuffix .o,$(addprefix bench-,$(bench-malloc)))
 
 # This makes sure CPPFLAGS-nonlib and CFLAGS-nonlib are passed
 # for all these modules.
-cpp-srcs-left := $(binaries-benchset:=.c) $(binaries-bench:=.c) \
-		 $(binaries-bench-malloc:=.c) $(timing-type:=.c)
+cpp-srcs-left := \
+  $(binaries-bench-malloc:=.c) \
+  $(binaries-bench:=.c) \
+  $(binaries-benchset:=.c) \
+  $(timing-type:=.c) \
+  # cpp-srcs-left
 lib := nonlib
 include $(patsubst %,$(..)libof-iterator.mk,$(cpp-srcs-left))
 
@@ -384,15 +451,18 @@ VALIDBENCHSETNAMES := \
   bench-math \
   bench-pthread \
   bench-string \
+  calloc-simple \
+  calloc-thread \
   hash-benchset \
   malloc-simple \
   malloc-thread \
   math-benchset \
+  stdio-benchset \
   stdio-common-benchset \
   stdlib-benchset \
   string-benchset \
   wcsmbs-benchset \
-# VALIDBENCHSETNAMES
+  # VALIDBENCHSETNAMES
 
 INVALIDBENCHSETNAMES := $(filter-out ${VALIDBENCHSETNAMES},${BENCHSET})
 ifneq (${INVALIDBENCHSETNAMES},)
@@ -423,7 +493,7 @@ bench-set: $(binaries-benchset)
 bench-malloc: $(binaries-bench-malloc)
 	for run in $^; do \
 	  echo "$${run}"; \
-	  if [ `basename $${run}` = "bench-malloc-thread" ]; then \
+	  if [[ `basename $${run}` =~ bench-[cm]alloc-thread ]]; then \
 		for thr in 1 8 16 32; do \
 			echo "Running $${run} $${thr}"; \
 			$(run-bench) $${thr} > $${run}-$${thr}.out; \

benchtests/README

@@ -87,6 +87,7 @@ where BENCHSET may be a space-separated list of the following values:
     hash-benchset
     malloc-thread
     math-benchset
+    stdio-benchset
     stdio-common-benchset
     stdlib-benchset
     string-benchset

benchtests/bench-arc4random.c

@@ -1,5 +1,5 @@
 /* arc4random benchmarks.
-   Copyright (C) 2022-2023 Free Software Foundation, Inc.
+   Copyright (C) 2022-2025 Free Software Foundation, Inc.
    This file is part of the GNU C Library.
 
    The GNU C Library is free software; you can redistribute it and/or

benchtests/bench-bsearch.c

@@ -0,0 +1,137 @@
+/* Measure bsearch functions.
+   Copyright (C) 2022-2025 Free Software Foundation, Inc.
+   This file is part of the GNU C Library.
+
+   The GNU C Library is free software; you can redistribute it and/or
+   modify it under the terms of the GNU Lesser General Public
+   License as published by the Free Software Foundation; either
+   version 2.1 of the License, or (at your option) any later version.
+
+   The GNU C Library is distributed in the hope that it will be useful,
+   but WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+   Lesser General Public License for more details.
+
+   You should have received a copy of the GNU Lesser General Public
+   License along with the GNU C Library; if not, see
+   <https://www.gnu.org/licenses/>.  */
+
+#define TEST_MAIN
+#define TEST_NAME "bsearch"
+
+#define ARRAY_SIZE 100000
+#define LOOP_ITERS 100000000
+
+/* Directly including <stdlib.h> leads to the use of an inline version
+   of bsearch(), which may cause our test cases to be optimized away by
+   the compiler due to predictability. To address this, we should
+   include <bits/stdlib-bsearch.h> directly and replace __extern_inline
+   with __attribute__((noinline)) to ensure the compiler does not
+   inline the function. Additionally, we need to add some macros
+   required for compilation. */
+#include <stddef.h>
+#define __extern_inline __attribute__((noinline))
+#define __GNUC_PREREQ(x, y) 0
+typedef int (*__compar_fn_t) (const void *, const void *);
+#include <bits/stdlib-bsearch.h>
+#undef __extern_inline
+#undef __GNUC_PREREQ
+
+#include "json-lib.h"
+#include "bench-timing.h"
+
+int arr[ARRAY_SIZE];
+
+static int
+comp_asc (const void *p1, const void *p2)
+{
+  int x1 = *(int *) p1;
+  int x2 = *(int *) p2;
+
+  if (x1 < x2)
+    return -1;
+  if (x1 > x2)
+    return 1;
+  return 0;
+}
+
+static int
+comp_desc (const void *p1, const void *p2)
+{
+  int x1 = *(int *) p1;
+  int x2 = *(int *) p2;
+
+  if (x1 > x2)
+    return -1;
+  if (x1 < x2)
+    return 1;
+  return 0;
+}
+
+static void
+do_bench (json_ctx_t *json_ctx, bool ascending, bool contained)
+{
+  size_t i, iters = LOOP_ITERS;
+  timing_t start, stop, cur;
+  int key;
+  volatile __attribute__((__unused__)) void *res;
+
+  for (i = 0; i < ARRAY_SIZE; ++i)
+    {
+      arr[i] = (ascending ? i : ARRAY_SIZE - 1 - i) << 1;
+    }
+
+  json_element_object_begin (json_ctx);
+  json_attr_uint (json_ctx, "array-size", ARRAY_SIZE);
+  json_attr_uint (json_ctx, "element-size", sizeof(arr[0]));
+  json_attr_string (json_ctx, "key-pattern", ascending ? "ascending" : "descending");
+  json_attr_string (json_ctx, "contained", contained ? "yes" : "no");
+  json_attr_string (json_ctx, "simple", "yes");
+
+  TIMING_NOW (start);
+
+  for (i = 0; i < iters; ++i)
+    {
+      key = (i % ARRAY_SIZE << 1) + !contained;
+      res = bsearch(&key, arr, ARRAY_SIZE, sizeof(arr[0]), ascending ? comp_asc : comp_desc);
+    }
+
+  TIMING_NOW (stop);
+
+  TIMING_DIFF (cur, start, stop);
+
+  json_attr_double (json_ctx, "timing", (double) cur / (double) iters);
+  json_element_object_end (json_ctx);
+}
+
+int
+do_test (void)
+{
+  json_ctx_t json_ctx;
+
+  json_init (&json_ctx, 0, stdout);
+
+  json_document_begin (&json_ctx);
+  json_attr_string (&json_ctx, "timing_type", TIMING_TYPE);
+  json_attr_object_begin (&json_ctx, "functions");
+  json_attr_object_begin (&json_ctx, TEST_NAME);
+  json_attr_string (&json_ctx, "bench-variant", "default");
+  json_array_begin (&json_ctx, "results");
+
+  for (int ascending = 0; ascending < 2; ++ascending)
+    {
+      for (int contained = 0; contained < 2; ++contained)
+        {
+          do_bench(&json_ctx, ascending, contained);
+        }
+    }
+
+  json_array_end (&json_ctx);
+  json_attr_object_end (&json_ctx);
+  json_attr_object_end (&json_ctx);
+  json_document_end (&json_ctx);
+
+  return 0;
+}
+
+#include <support/test-driver.c>

benchtests/bench-bzero-large.c

@@ -1,5 +1,5 @@
 /* Measure bzero functions with large data sizes.
-   Copyright (C) 2022-2023 Free Software Foundation, Inc.
+   Copyright (C) 2022-2025 Free Software Foundation, Inc.
    This file is part of the GNU C Library.
 
    The GNU C Library is free software; you can redistribute it and/or
@@ -22,9 +22,8 @@
 #else
 # define TEST_NAME "bzero"
 #endif
-#define START_SIZE (128 * 1024)
-#define MIN_PAGE_SIZE (getpagesize () + 64 * 1024 * 1024)
-#define TIMEOUT (20 * 60)
+#define START_SIZE (64 * 1024)
+#define MIN_PAGE_SIZE (getpagesize () + 16 * 1024 * 1024)
 #include "bench-string.h"
 
 #include "json-lib.h"
@@ -52,7 +51,7 @@ IMPL (memset_zero, 0)
 static void
 do_one_test (json_ctx_t *json_ctx, impl_t *impl, CHAR *s, size_t n)
 {
-  size_t i, iters = 16;
+  size_t i, iters = (MIN_PAGE_SIZE * 64) / n;
   timing_t start, stop, cur;
 
   TIMING_NOW (start);
@@ -74,20 +73,13 @@ do_one_test (json_ctx_t *json_ctx, impl_t *impl, CHAR *s, size_t n)
 static void
 do_test (json_ctx_t *json_ctx, size_t align, size_t len)
 {
-  align &= 63;
-  if ((align + len) * sizeof (CHAR) > page_size)
-    return;
-
   json_element_object_begin (json_ctx);
   json_attr_uint (json_ctx, "length", len);
   json_attr_uint (json_ctx, "alignment", align);
   json_array_begin (json_ctx, "timings");
 
   FOR_EACH_IMPL (impl, 0)
-    {
-      do_one_test (json_ctx, impl, (CHAR *) (buf1) + align, len);
-      alloc_bufs ();
-    }
+    do_one_test (json_ctx, impl, (CHAR *) (buf1) + align, len);
 
   json_array_end (json_ctx);
   json_element_object_end (json_ctx);

benchtests/bench-bzero-walk.c

@@ -1,143 +0,0 @@
-/* Measure memset function throughput with large data sizes.
-   Copyright (C) 2017-2023 Free Software Foundation, Inc.
-   This file is part of the GNU C Library.
-
-   The GNU C Library is free software; you can redistribute it and/or
-   modify it under the terms of the GNU Lesser General Public
-   License as published by the Free Software Foundation; either
-   version 2.1 of the License, or (at your option) any later version.
-
-   The GNU C Library is distributed in the hope that it will be useful,
-   but WITHOUT ANY WARRANTY; without even the implied warranty of
-   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
-   Lesser General Public License for more details.
-
-   You should have received a copy of the GNU Lesser General Public
-   License along with the GNU C Library; if not, see
-   <https://www.gnu.org/licenses/>.  */
-
-#define TEST_MAIN
-#ifdef DO_MEMSET
-# define TEST_NAME "memset"
-#else
-# define TEST_NAME "bzero"
-#endif
-#define START_SIZE 128
-#define MIN_PAGE_SIZE (getpagesize () + 32 * 1024 * 1024)
-#define TIMEOUT (20 * 60)
-#include "bench-string.h"
-
-#include "json-lib.h"
-
-#ifdef DO_MEMSET
-void *generic_memset (void *, int, size_t);
-
-typedef void *(*proto_t) (void *, int, size_t);
-
-IMPL (memset, 1)
-IMPL (generic_memset, 0)
-
-#else
-static void
-memset_zero (void * s, size_t len)
-{
-  memset (s, '\0', len);
-}
-
-typedef void (*proto_t) (void *, size_t);
-
-IMPL (bzero, 1)
-IMPL (memset_zero, 0)
-#endif
-
-static void
-do_one_test (json_ctx_t *json_ctx, impl_t *impl, CHAR *s, CHAR *s_end,
-	     size_t n)
-{
-  size_t i, iters = MIN_PAGE_SIZE / n;
-  timing_t start, stop, cur;
-
-  TIMING_NOW (start);
-  for (i = 0; i < iters && s <= s_end; s_end -= n, i++)
-#ifdef DO_MEMSET
-    CALL (impl, s, 0, n);
-#else
-    CALL (impl, s, n);
-#endif
-  TIMING_NOW (stop);
-
-  TIMING_DIFF (cur, start, stop);
-
-  /* Get time taken per function call.  */
-  json_element_double (json_ctx, (double) cur / i);
-}
-
-static void
-do_test (json_ctx_t *json_ctx, size_t len)
-{
-  json_element_object_begin (json_ctx);
-  json_attr_uint (json_ctx, "length", len);
-  json_array_begin (json_ctx, "timings");
-
-  FOR_EACH_IMPL (impl, 0)
-    {
-      do_one_test (json_ctx, impl, (CHAR *) buf1,
-		   (CHAR *) buf1 + MIN_PAGE_SIZE - len, len);
-      alloc_bufs ();
-    }
-
-  json_array_end (json_ctx);
-  json_element_object_end (json_ctx);
-}
-
-int
-test_main (void)
-{
-  json_ctx_t json_ctx;
-  size_t i;
-
-  test_init ();
-
-  json_init (&json_ctx, 0, stdout);
-
-  json_document_begin (&json_ctx);
-  json_attr_string (&json_ctx, "timing_type", TIMING_TYPE);
-
-  json_attr_object_begin (&json_ctx, "functions");
-  json_attr_object_begin (&json_ctx, TEST_NAME);
-  json_attr_string (&json_ctx, "bench-variant", "walk");
-
-  json_array_begin (&json_ctx, "ifuncs");
-  FOR_EACH_IMPL (impl, 0)
-    json_element_string (&json_ctx, impl->name);
-  json_array_end (&json_ctx);
-
-  json_array_begin (&json_ctx, "results");
-  for (i = 1; i <= 64; i++)
-    do_test (&json_ctx, i);
-
-  for (i = START_SIZE; i <= MIN_PAGE_SIZE; i <<= 1)
-    {
-      do_test (&json_ctx, i);
-      do_test (&json_ctx, i + 1);
-    }
-
-  json_array_end (&json_ctx);
-  json_attr_object_end (&json_ctx);
-  json_attr_object_end (&json_ctx);
-  json_document_end (&json_ctx);
-
-  return ret;
-}
-
-#include <support/test-driver.c>
-
-#ifdef DO_MEMSET
-# define libc_hidden_builtin_def(X)
-# define libc_hidden_def(X)
-# define libc_hidden_weak(X)
-# define weak_alias(X,Y)
-# undef MEMSET
-# define MEMSET generic_memset
-# include <string/memset.c>
-#endif

benchtests/bench-bzero.c

@@ -1,5 +1,5 @@
 /* Measure bzero functions.
-   Copyright (C) 2022-2023 Free Software Foundation, Inc.
+   Copyright (C) 2022-2025 Free Software Foundation, Inc.
    This file is part of the GNU C Library.
 
    The GNU C Library is free software; you can redistribute it and/or
@@ -51,7 +51,7 @@ IMPL (memset_zero, 0)
 static void
 do_one_test (json_ctx_t *json_ctx, impl_t *impl, CHAR *s, size_t n)
 {
-  size_t i, iters = INNER_LOOP_ITERS_LARGE;
+  size_t i, iters = INNER_LOOP_ITERS8;
   timing_t start, stop, cur;
 
   TIMING_NOW (start);

benchtests/bench-calloc-simple.c

@@ -0,0 +1,22 @@
+/* Benchmark calloc and free functions.
+   Copyright (C) 2024-2025 Free Software Foundation, Inc.
+   This file is part of the GNU C Library.
+
+   The GNU C Library is free software; you can redistribute it and/or
+   modify it under the terms of the GNU Lesser General Public
+   License as published by the Free Software Foundation; either
+   version 2.1 of the License, or (at your option) any later version.
+
+   The GNU C Library is distributed in the hope that it will be useful,
+   but WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+   Lesser General Public License for more details.
+
+   You should have received a copy of the GNU Lesser General Public
+   License along with the GNU C Library; if not, see
+   <https://www.gnu.org/licenses/>.  */
+
+#define TEST_FUNC(size) calloc (1, size)
+#define TEST_NAME "calloc"
+
+#include "bench-malloc-simple.c"

benchtests/bench-calloc-thread.c

@@ -0,0 +1,22 @@
+/* Benchmark calloc and free functions.
+   Copyright (C) 2024-2025 Free Software Foundation, Inc.
+   This file is part of the GNU C Library.
+
+   The GNU C Library is free software; you can redistribute it and/or
+   modify it under the terms of the GNU Lesser General Public
+   License as published by the Free Software Foundation; either
+   version 2.1 of the License, or (at your option) any later version.
+
+   The GNU C Library is distributed in the hope that it will be useful,
+   but WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+   Lesser General Public License for more details.
+
+   You should have received a copy of the GNU Lesser General Public
+   License along with the GNU C Library; if not, see
+   <https://www.gnu.org/licenses/>.  */
+
+#define TEST_FUNC(size) calloc (1, size)
+#define TEST_NAME "calloc"
+
+#include "bench-malloc-thread.c"

benchtests/bench-dl-elf-hash.c

@@ -1,5 +1,5 @@
 /* Measure __dl_new_hash runtime
-   Copyright (C) 2022-2023 Free Software Foundation, Inc.
+   Copyright (C) 2022-2025 Free Software Foundation, Inc.
    This file is part of the GNU C Library.
 
    The GNU C Library is free software; you can redistribute it and/or

benchtests/bench-dl-new-hash.c

@@ -1,5 +1,5 @@
 /* Measure __dl_new_hash runtime
-   Copyright (C) 2022-2023 Free Software Foundation, Inc.
+   Copyright (C) 2022-2025 Free Software Foundation, Inc.
    This file is part of the GNU C Library.
 
    The GNU C Library is free software; you can redistribute it and/or

benchtests/bench-fclose.c

@@ -0,0 +1,75 @@
+/* Benchmark fclose.
+   Copyright (C) 2024-2025 Free Software Foundation, Inc.
+   Copyright The GNU Toolchain Authors.
+   This file is part of the GNU C Library.
+
+   The GNU C Library is free software; you can redistribute it and/or
+   modify it under the terms of the GNU Lesser General Public
+   License as published by the Free Software Foundation; either
+   version 2.1 of the License, or (at your option) any later version.
+
+   The GNU C Library is distributed in the hope that it will be useful,
+   but WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+   Lesser General Public License for more details.
+
+   You should have received a copy of the GNU Lesser General Public
+   License along with the GNU C Library; if not, see
+   <https://www.gnu.org/licenses/>.  */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <unistd.h>
+#include "bench-timing.h"
+#include "json-lib.h"
+
+#define NUM_FILES	1000000
+#define NUM_FCLOSE	100
+
+int
+main (int argc, char **argv)
+{
+  json_ctx_t json_ctx;
+  json_init (&json_ctx, 0, stdout);
+  json_document_begin (&json_ctx);
+
+  json_attr_string (&json_ctx, "timing_type", TIMING_TYPE);
+  json_attr_object_begin (&json_ctx, "functions");
+  json_attr_object_begin (&json_ctx, "fclose");
+
+  FILE *ff, *keep[NUM_FCLOSE];
+  int i;
+
+  for (i = 0; i < NUM_FILES; i++)
+    {
+      ff = fdopen (STDIN_FILENO, "r");
+      if (!ff)
+	{
+	  fprintf (stderr, "### failed to fdopen: %m\n");
+	  return EXIT_FAILURE;
+	}
+      if (i < NUM_FCLOSE)
+	keep[i] = ff;
+    }
+
+  timing_t start, stop, elapsed;
+
+  TIMING_NOW (start);
+
+  for (i = 0; i < NUM_FCLOSE; i++)
+    fclose (keep[i]);
+
+  TIMING_NOW (stop);
+
+  TIMING_DIFF (elapsed, start, stop);
+
+  json_attr_uint (&json_ctx, "number of FILEs", NUM_FILES);
+  json_attr_uint (&json_ctx, "number of fclose calls", NUM_FCLOSE);
+  json_attr_uint (&json_ctx, "duration", elapsed);
+
+  json_attr_object_end (&json_ctx);
+  json_attr_object_end (&json_ctx);
+  json_document_end (&json_ctx);
+
+  return 0;
+}

benchtests/bench-hash-funcs-kernel.h

@@ -1,5 +1,5 @@
 /* Actual benchmark kernels used by bench-hash-funcs.h
-   Copyright (C) 2022-2023 Free Software Foundation, Inc.
+   Copyright (C) 2022-2025 Free Software Foundation, Inc.
    This file is part of the GNU C Library.
 
    The GNU C Library is free software; you can redistribute it and/or
@@ -35,7 +35,7 @@
 #define PRIMITIVE_CAT(x, y) x ## y
 #define CAT(x, y) PRIMITIVE_CAT (x, y)
 
-static double __attribute__ ((noinline, noclone))
+static double __attribute_optimization_barrier__
 CAT (do_one_test_kernel, POSTFIX) (const char *s, size_t len)
 {
 
@@ -58,7 +58,7 @@ CAT (do_one_test_kernel, POSTFIX) (const char *s, size_t len)
   return (double) cur / (double) NFIXED_ITERS;
 }
 
-static double __attribute__ ((noinline, noclone))
+static double __attribute_optimization_barrier__
 CAT (do_rand_test_kernel, POSTFIX) (char const *bufs,
 				    unsigned int const *sizes)
 {

benchtests/bench-hash-funcs.c

@@ -1,5 +1,5 @@
 /* Measure hash functions runtime.
-   Copyright (C) 2022-2023 Free Software Foundation, Inc.
+   Copyright (C) 2022-2025 Free Software Foundation, Inc.
    This file is part of the GNU C Library.
 
    The GNU C Library is free software; you can redistribute it and/or
@@ -42,7 +42,7 @@ enum
 {
   NFIXED_ITERS = 1048576,
   NRAND_BUFS = 16384,
-  NRAND_ITERS = 2048,
+  NRAND_ITERS = 256,
   RAND_BENCH_MAX_LEN = 128
 };
 
@@ -67,7 +67,7 @@ do_one_test (json_ctx_t *json_ctx, size_t len)
   json_element_object_end (json_ctx);
 }
 
-static void __attribute__ ((noinline, noclone))
+static void __attribute_optimization_barrier__
 do_rand_test (json_ctx_t *json_ctx)
 {
   size_t i, sz, offset;

benchtests/bench-libmvec-skeleton.c

@@ -1,5 +1,5 @@
 /* Skeleton for libmvec benchmark programs.
-   Copyright (C) 2021-2023 Free Software Foundation, Inc.
+   Copyright (C) 2021-2025 Free Software Foundation, Inc.
    This file is part of the GNU C Library.
 
    The GNU C Library is free software; you can redistribute it and/or
@@ -26,9 +26,10 @@
 #include <json-lib.h>
 #include <bench-util.h>
 #include <math-tests-arch.h>
+#include <bench-libmvec-arch.h>
 
 #include <bench-util.c>
-#define D_ITERS 10000
+#define D_ITERS 200000
 
 int
 main (int argc, char **argv)
@@ -37,24 +38,8 @@ main (int argc, char **argv)
   timing_t start, end;
   json_ctx_t json_ctx;
 
-#if defined REQUIRE_AVX
-  if (!CPU_FEATURE_ACTIVE (AVX))
-    {
-      printf ("AVX not supported.");
-      return 77;
-    }
-#elif defined REQUIRE_AVX2
-  if (!CPU_FEATURE_ACTIVE (AVX2))
-    {
-      printf ("AVX2 not supported.");
-      return 77;
-    }
-#elif defined REQUIRE_AVX512F
-  if (!CPU_FEATURE_ACTIVE (AVX512F))
-    {
-      printf ("AVX512F not supported.");
-      return 77;
-    }
+#ifdef INIT_ARCH
+  INIT_ARCH ();
 #endif
 
   bench_start ();

benchtests/bench-malloc-simple.c

@@ -1,5 +1,5 @@
 /* Benchmark malloc and free functions.
-   Copyright (C) 2019-2023 Free Software Foundation, Inc.
+   Copyright (C) 2019-2025 Free Software Foundation, Inc.
    This file is part of the GNU C Library.
 
    The GNU C Library is free software; you can redistribute it and/or
@@ -16,6 +16,11 @@
    License along with the GNU C Library; if not, see
    <https://www.gnu.org/licenses/>.  */
 
+#ifndef TEST_FUNC
+# define TEST_FUNC(size) malloc(size)
+# define TEST_NAME "malloc"
+#endif
+
 #include <pthread.h>
 #include <stdio.h>
 #include <stdlib.h>
@@ -55,7 +60,7 @@ do_benchmark (malloc_args *args, int **arr)
   for (int j = 0; j < iters; j++)
     {
       for (int i = 0; i < n; i++)
-	arr[i] = malloc (size);
+	arr[i] = TEST_FUNC (size);
 
       for (int i = 0; i < n; i++)
 	free (arr[i]);
@@ -124,7 +129,7 @@ bench (unsigned long size)
 
   json_attr_object_begin (&json_ctx, "functions");
 
-  json_attr_object_begin (&json_ctx, "malloc");
+  json_attr_object_begin (&json_ctx, TEST_NAME);
 
   char s[100];
   double iters2 = iters;

benchtests/bench-malloc-thread.c

@@ -1,5 +1,5 @@
 /* Benchmark malloc and free functions.
-   Copyright (C) 2013-2023 Free Software Foundation, Inc.
+   Copyright (C) 2013-2025 Free Software Foundation, Inc.
    This file is part of the GNU C Library.
 
    The GNU C Library is free software; you can redistribute it and/or
@@ -16,6 +16,11 @@
    License along with the GNU C Library; if not, see
    <https://www.gnu.org/licenses/>.  */
 
+#ifndef TEST_FUNC
+# define TEST_FUNC(size) malloc(size)
+# define TEST_NAME "malloc"
+#endif
+
 #include <errno.h>
 #include <math.h>
 #include <pthread.h>
@@ -137,7 +142,7 @@ malloc_benchmark_loop (void **ptr_arr)
 
       free (ptr_arr[next_idx]);
 
-      ptr_arr[next_idx] = malloc (next_block);
+      ptr_arr[next_idx] = TEST_FUNC (next_block);
 
       iters++;
     }
@@ -256,7 +261,7 @@ main (int argc, char **argv)
 
   json_attr_object_begin (&json_ctx, "functions");
 
-  json_attr_object_begin (&json_ctx, "malloc");
+  json_attr_object_begin (&json_ctx, TEST_NAME);
 
   json_attr_object_begin (&json_ctx, "");
 

benchtests/bench-math-inlines.c

@@ -1,5 +1,5 @@
 /* Measure math inline functions.
-   Copyright (C) 2015-2023 Free Software Foundation, Inc.
+   Copyright (C) 2015-2025 Free Software Foundation, Inc.
    This file is part of the GNU C Library.
 
    The GNU C Library is free software; you can redistribute it and/or

benchtests/bench-memccpy.c

@@ -1,5 +1,5 @@
 /* Measure memccpy functions.
-   Copyright (C) 2013-2023 Free Software Foundation, Inc.
+   Copyright (C) 2013-2025 Free Software Foundation, Inc.
    This file is part of the GNU C Library.
 
    The GNU C Library is free software; you can redistribute it and/or
@@ -41,7 +41,7 @@ static void
 do_one_test (impl_t *impl, void *dst, const void *src, int c, size_t len,
 	     size_t n)
 {
-  size_t i, iters = INNER_LOOP_ITERS_LARGE;
+  size_t i, iters = INNER_LOOP_ITERS_LARGE * 4;
   timing_t start, stop, cur;
 
   TIMING_NOW (start);

benchtests/bench-memchr.c

@@ -1,5 +1,5 @@
 /* Measure memchr functions.
-   Copyright (C) 2013-2023 Free Software Foundation, Inc.
+   Copyright (C) 2013-2025 Free Software Foundation, Inc.
    This file is part of the GNU C Library.
 
    The GNU C Library is free software; you can redistribute it and/or
@@ -16,6 +16,8 @@
    License along with the GNU C Library; if not, see
    <https://www.gnu.org/licenses/>.  */
 
+#include "json-lib.h"
+
 #ifndef WIDE
 # define SMALL_CHAR 127
 #else
@@ -31,35 +33,25 @@
 # endif /* WIDE */
 # include "bench-string.h"
 
-# ifndef WIDE
-#  define SIMPLE_MEMCHR simple_memchr
-# else
-#  define SIMPLE_MEMCHR simple_wmemchr
-# endif /* WIDE */
+typedef void *(*proto_t) (const void *, int, size_t);
 
-typedef CHAR *(*proto_t) (const CHAR *, int, size_t);
-CHAR *SIMPLE_MEMCHR (const CHAR *, int, size_t);
+void *
+generic_memchr (const void *, int, size_t);
 
-IMPL (SIMPLE_MEMCHR, 0)
 IMPL (MEMCHR, 1)
 
-CHAR *
-SIMPLE_MEMCHR (const CHAR *s, int c, size_t n)
-{
-  while (n--)
-    if (*s++ == (CHAR) c)
-      return (CHAR *) s - 1;
-  return NULL;
-}
+# ifndef WIDE
+IMPL (generic_memchr, 0)
+# endif
+
 #endif /* !USE_AS_MEMRCHR */
 
-#include "json-lib.h"
 
 static void
 do_one_test (json_ctx_t *json_ctx, impl_t *impl, const CHAR *s, int c,
 	     size_t n)
 {
-  size_t i, iters = INNER_LOOP_ITERS_LARGE;
+  size_t i, iters = INNER_LOOP_ITERS8 / 2;
   timing_t start, stop, cur;
 
   TIMING_NOW (start);
@@ -250,3 +242,15 @@ test_main (void)
 }
 
 #include <support/test-driver.c>
+
+#ifndef WIDE
+# ifndef USE_AS_MEMRCHR
+#  undef MEMCHR
+#  define MEMCHR generic_memchr
+#  include <string/memchr.c>
+# else
+#  undef MEMRCHR
+#  define MEMRCHR generic_memrchr
+#  include <string/memrchr.c>
+# endif
+#endif

benchtests/bench-memcmp.c

@@ -1,5 +1,5 @@
 /* Measure memcmp functions.
-   Copyright (C) 2013-2023 Free Software Foundation, Inc.
+   Copyright (C) 2013-2025 Free Software Foundation, Inc.
    This file is part of the GNU C Library.
 
    The GNU C Library is free software; you can redistribute it and/or
@@ -19,46 +19,16 @@
 #define TEST_MAIN
 #ifdef TEST_MEMCMPEQ
 # define TEST_NAME "__memcmpeq"
-# define SIMPLE_MEMCMP simple_memcmpeq
 #elif defined WIDE
 # define TEST_NAME "wmemcmp"
-# define SIMPLE_MEMCMP simple_wmemcmp
 #else
 # define TEST_NAME "memcmp"
-# define SIMPLE_MEMCMP simple_memcmp
 #endif
 #include "bench-string.h"
-#ifdef WIDE
-
-int
-SIMPLE_MEMCMP (const wchar_t *s1, const wchar_t *s2, size_t n)
-{
-  int ret = 0;
-  /* Warning!
-	wmemcmp has to use SIGNED comparison for elements.
-	memcmp has to use UNSIGNED comparison for elemnts.
-  */
-  while (n-- && (ret = *s1 < *s2 ? -1 : *s1 == *s2 ? 0 : 1) == 0) {s1++; s2++;}
-  return ret;
-}
-#else
-# include <limits.h>
-
-int
-SIMPLE_MEMCMP (const char *s1, const char *s2, size_t n)
-{
-  int ret = 0;
-
-  while (n-- && (ret = *(unsigned char *) s1++ - *(unsigned char *) s2++) == 0);
-  return ret;
-}
-#endif
-
-# include "json-lib.h"
+#include "json-lib.h"
 
 typedef int (*proto_t) (const CHAR *, const CHAR *, size_t);
 
-IMPL (SIMPLE_MEMCMP, 0)
 IMPL (MEMCMP, 1)
 
 static void

benchtests/bench-memcmpeq.c

@@ -1,5 +1,5 @@
 /* Measure __memcmpeq functions.
-   Copyright (C) 2015-2023 Free Software Foundation, Inc.
+   Copyright (C) 2015-2025 Free Software Foundation, Inc.
    This file is part of the GNU C Library.
 
    The GNU C Library is free software; you can redistribute it and/or

benchtests/bench-memcpy-large.c

@@ -1,5 +1,5 @@
 /* Measure memcpy functions with large data sizes.
-   Copyright (C) 2016-2023 Free Software Foundation, Inc.
+   Copyright (C) 2016-2025 Free Software Foundation, Inc.
    This file is part of the GNU C Library.
 
    The GNU C Library is free software; you can redistribute it and/or
@@ -19,10 +19,9 @@
 #ifndef MEMCPY_RESULT
 # define MEMCPY_RESULT(dst, len) dst
 # define START_SIZE (64 * 1024)
-# define MIN_PAGE_SIZE (getpagesize () + 32 * 1024 * 1024)
+# define MIN_PAGE_SIZE (getpagesize () + 16 * 1024 * 1024)
 # define TEST_MAIN
 # define TEST_NAME "memcpy"
-# define TIMEOUT (20 * 60)
 # include "bench-string.h"
 
 IMPL (memcpy, 1)
@@ -36,7 +35,7 @@ static void
 do_one_test (json_ctx_t *json_ctx, impl_t *impl, char *dst, const char *src,
 	     size_t len)
 {
-  size_t i, iters = 16;
+  size_t i, iters = (MIN_PAGE_SIZE * 8) / len;
   timing_t start, stop, cur;
 
   TIMING_NOW (start);
@@ -59,12 +58,7 @@ do_test (json_ctx_t *json_ctx, size_t align1, size_t align2, size_t len,
   char *s1, *s2;
   size_t repeats;
   align1 &= 4095;
-  if (align1 + len >= page_size)
-    return;
-
   align2 &= 4095;
-  if (align2 + len >= page_size)
-    return;
 
   s1 = (char *) (buf1 + align1);
   s2 = (char *) (buf2 + align2);

benchtests/bench-memcpy-random.c

@@ -1,5 +1,5 @@
 /* Measure memcpy performance.
-   Copyright (C) 2016-2023 Free Software Foundation, Inc.
+   Copyright (C) 2016-2025 Free Software Foundation, Inc.
    This file is part of the GNU C Library.
 
    The GNU C Library is free software; you can redistribute it and/or
@@ -127,7 +127,7 @@ do_one_test (json_ctx_t *json_ctx, impl_t *impl, char *dst, char *src,
 	     copy_t *copy, size_t n)
 {
   timing_t start, stop, cur;
-  size_t iters = INNER_LOOP_ITERS_MEDIUM;
+  size_t iters = INNER_LOOP_ITERS_MEDIUM / 2;
 
   for (int j = 0; j < n; j++)
     CALL (impl, dst + copy[j].dst, src + copy[j].src, copy[j].len);