It was discovered that we were building some objects inconsistently due
to an optimization in cc_library to only build objects once and use them
for both the static and shared libraries. But static libraries didn't
get system_shared_libs set automatically, and we didn't notice that we
would have built the objects differently.
So static libraries now get the default system_shared_libs, we allow
adjusting that for static vs shared in a cc_library, and we disable the
optimization if the linked libraries are configured differently between
static and shared in a single cc_library.
This triggers dependency cycles for static libraries that libc/libdl
use, so fix those cycles here.
Test: treehugger
Change-Id: I3cf7fda161a05ec32e0c1e871999720d12a4d38e
These modules have issues running with execute-only memory. Disable it
in them until we can resolve the issues.
Bug: 77958880
Test: No more XOM-related crashes in these binaries
Change-Id: Ie6c957731155566c2bbe7dbb7a91b9583d9aff93
Previous change was reverted in 9690b121e3.
This change added .arch directive to kryo/ to avoid invalid instruction error.
Test: Run bionic unit test.
Test: Use gdb to make sure the right function is selected.
Test: Build previously failed target: make PRODUCT-sdk_phone_arm64-sdk
Change-Id: I14de41851121fc1a0b38c98fda5eb844b6a9695c
This reverts commit ce4ff9c44d.
Reason for revert: broke master in ab/5138164 target sdk_phone_armv7-sdk
Change-Id: Ia4b0c7e6117a37df694509078116963f41d7865e
Adds libc_common_static and libc_common_shared targets. So that static
and shared objects can use different libraries.
In following changes I'll add dynamic dispatch code to
libc_common_shared.
Test: compile and run bionic unit test.
Change-Id: I056742fdf8af76ed7deb274c515951656b176fcb
This commit adds "include" (full path: "bionic/libc/include") to
exported_include_dirs for libc. Without this change,
header-abi-checker will strip all functions from ABI dumps.
Bug: 117963950
Test: libc.so.lsdump has a non-empty functions array
Change-Id: I192a4ec0251f1320ced56c6201818076ebd2a2da
A76 still uses A55 as little core. It should be ok to use the same
setting as A75 for now.
Bug: 117125298
Test: run bionic tests
Change-Id: Idfd15424c20ae60becb6539f6ae855f3e7c264cd
cc_objects are getting support for STL headers, disable them for
crt objects to avoid a circular dependency through libc++.
Test: m checkbuild
Change-Id: I4e0f4a2193ce98ec4b8802492add9014ec0dba98
Originally a BSD extension, now in glibc too. We've used it internally
for a while.
(cherry-pick of e4b13f7e3ca68edfcc5faedc5e7d4e13c4e8edb9.)
Bug: http://b/112163459
Test: ran tests
Change-Id: I813c3a62b13ddb91ba41e32a5a853d09207ea6bc
Merged-In: I813c3a62b13ddb91ba41e32a5a853d09207ea6bc
I stumbled across this because I was looking at the various locks in libc.
Bug: N/A
Test: ran tests
Change-Id: I77c9954f49aaae7519ea7f4917bbe6f138b841ad
* Allow sanitization of libc (excluding existing global sanitizers)
and disallow sanitization of linker. The latter has not been
necessary before because HWASan is the first sanitizer to support
static binaries (with the exception of CFI, which is not used
globally).
* Static binary startup: initialize HWASan shadow very early so that
almost entire libc can be sanitized. The rest of initialization is
done in a global constructor; until that is done sanitized code can
run but can't report errors (will simply crash with SIGTRAP).
* Switch malloc_common from je_* to __sanitizer_*.
* Call hwasan functions when entering and leaving threads. We can not
intercept pthread_create when libc depends on libclang_rt.hwasan.
An alternative to this would be a callback interface like requested
here:
https://sourceware.org/glibc/wiki/ThreadPropertiesAPI
All of the above is behind a compile-time check
__has_feature(hwaddress_sanitizer). This means that HWASan actually
requires libc to be instrumented, and would not work otherwise. It's
an implementation choice that greatly reduces complexity of the tool.
Instrumented libc also guarantees that hwasan is present and
initialized in every process, which allows piecemeal sanitization
(i.e. library w/o main executable, or even individual static
libraries), unlike ASan.
Change-Id: If44c46b79b15049d1745ba46ec910ae4f355d19c
libc had some -Wimplicit-fallthrough warnings. They all seem to be
benign. We're trying to enable this flag globally, so we need to
annotate these breaks here.
Bug: 112564944
Test: Builds
Change-Id: I5afae694cc4cf26ad1a61e2c8ae91f00cda7c733
This change avoids having to run the genseccomp.py script every time a
policy file is edited, and instead generates these files at
compile-time.
Bug: None
Test: m
Test: find out/soong/ -name x86_64_global_policy.cpp # Shows files
Test: generated policies are equivalent to original policies
Change-Id: I12461fe0c5fb02c008c1b2503fbb994b8aa2f56b
Add two functions to allow objects that own a file descriptor to
enforce that only they can close their file descriptor.
Use them in FILE* and DIR*.
Bug: http://b/110100358
Test: bionic_unit_tests
Test: aosp/master boots without errors
Test: treehugger
Change-Id: Iecd6e8b26c62217271e0822dc3d2d7888b091a45
pclose(3) is now an alias for fclose(3). We could add a FORTIFY check
that you use pclose(3) if and only if you used popen(3), but there seems
little value to that when we can just do the right thing.
This patch also adds the missing locking to _fwalk --- we need to lock
both the global list of FILE*s and also each FILE* we touch. POSIX says
that "The popen() function shall ensure that any streams from previous
popen() calls that remain open in the parent process are closed in the
new child process", which we implement via _fwalk(fclose) in the child,
but we might want to just make *all* popen(3) file descriptors O_CLOEXEC
in all cases.
Ignore fewer errors in popen(3) failure cases.
Improve popen(3) test coverage.
Bug: http://b/72470344
Test: ran tests
Change-Id: Ic937594bf28ec88b375f7e5825b9c05f500af438
__libc_sysinfo is hidden, so accessing it doesn't require a relocated GOT.
It is important not to have a relocatable initializer on __libc_sysinfo,
because if it did have one, and if we initialized it before relocating the
linker, then on 32-bit x86 (which uses REL rather than RELA), the
relocation step would calculate the wrong addend and overwrite
__libc_sysinfo with garbage.
Asides:
* It'd be simpler to keep the __libc_sysinfo initializer for static
executables, but the loader pulls in libc_init_static (even though it
uses almost none of the code in that file, like __libc_init).
* The loader has called __libc_init_sysinfo three times by the time it
has relocated itself. A static executable calls it twice, while libc.so
calls it only once.
Bug: none
Test: lunch aosp_x86-userdebug ; emulator
Test: adb shell /data/nativetest/bionic-unit-tests/bionic-unit-tests
Test: adb shell /data/nativetest/bionic-unit-tests-static/bionic-unit-tests-static
Change-Id: I5944f57847db7191608f4f83dde22b49e279e6cb
Global flag --pack-dyn-relocs=android is used with clang lld.
For b/24465209, we need to override that with --pack-dyn-relocs=none.
Bug: 80093890
Bug: 24465209
Test: build with USE_CLANG_LLD=true and run dlext.compat_elf_hash_and_relocation_tables
Change-Id: Ic3837446ff0deccf4e66425b39d3b062abcacc5e
See longer explanation in b/80093890.
Clang lld does not generate expected DT_REL and DT_RELA tags
with --hash-style=both and --pack-dyn-relocs=android.
I am not sure about the extent of b/24465209, so
I would rather not to use lld for these .so files for now.
Bug: 80093890
Bug: 24465209
Test: build with USE_CLANG_LLD=true and run dlext.compat_elf_hash_and_relocation_tables
Change-Id: I94e9fe8d687daeadb0182ae26596ca11d3f8bd9b
Libraries that are direct or indirect dependencies of modules installed
to recovery partition (e.g. toybox) are marked as recovery_available:
true. This allows a recovery variant of the lib is created when it is
depended by other recovery or recovery_available modules.
Bug: 67916654
Bug: 64960723
Bug: 63673171
Bug: 29921292
Test: m -j
Change-Id: I59bf859a10a218af6591025a0fe7d1853e328405
Bug: 78133793
Bug: 78242072
Test: Builds and ran to verify best libc routines.
Change-Id: I2299b8f0f6379c9003072764978ea917b74aee4f
Merged-In: I2299b8f0f6379c9003072764978ea917b74aee4f
(cherry picked from commit 3162eb3b81)
This reverts commit 2e7145c048.
When src is at the end page, the sse2 strlcpy SSE2 optimized version
can issue a movdqu instruction that can cross the page boundary. If
the next page is not allocated to that process, it leads to
segmentation fault. This is a rare but has be caught multiple times
during robustness testing.
We isolated a way to reproduce that issue outside of an Android device
and we have been able to resolve this particular case. However, we
ran some additional compliance and robustness tests and found several
other similar page crossing issues with this implementation.
In conclusion, this optimization needs to be re-written from scratch
because its design is at cause. In the meantime, it is better to
remove it.
Change-Id: If90450de430ba9b7cd9282a422783beabd701f3d
Signed-off-by: Jeremy Compostella <jeremy.compostella@intel.com>
We saw crashes from pthread_exit+debuggerd on LP32
(https://issuetracker.google.com/72291624), and it seems like the
equivalent problem should exist with system(3). I fixed posix_spawn(3)
as part of that bug, so the easiest fix is probably to reuse that.
Bug: http://b/72470344
Test: ran tests
Change-Id: I05f838706f2b4a14ac3ee21292833e6c8579b0d4
Otherwise clang inlines it into pthread_sigmask(3), which breaks libsigchain.
Bug: http://b/73344857
Test: ran tests, plus the app this broke
Change-Id: Ie4a1dc8f9c6ba58d1a2fa69aeff961c70b74767d
Caused problems for some Google source switching to unified headers
because the legacy headers just used #define instead.
Bug: http://b/73210428
Test: builds
Change-Id: If8a36f284031e57af419903610029a8c34a23d91
