Commit graph

109 commits

Author SHA1 Message Date
George Burgess IV
7cc779f15c libc: add clang FORTIFY support
This patch adds clang-style FORTIFY to Bionic. For more information on
FORTIFY, please see https://goo.gl/8HS2dW . This implementation works
for versions of clang that don't support diagnose_if, so please see the
"without diagnose_if" sections. We plan to swap to a diagnose_if-based
FORTIFY later this year (since it doesn't really add any features; it
just simplifies the implementation a lot, and it gives us much prettier
diagnostics)

Bug: 32073964
Test: Builds on angler, bullhead, marlin, sailfish. Bionic CTS tests
pass on Angler and Bullhead.

Change-Id: I607aecbeee81529709b1eee7bef5b0836151eb2b
2017-02-09 15:49:32 -08:00
Dan Albert
3037ea43fc Fix stdin/stdout/stderr for pre-M.
This wasn't an array of pointers, it was an array of structs.
Unfortunately we need a complete type to index into the struct for
stdin/stdout/stderr, so add a phony struct that matches the size and
alignment of `struct __sFILE`. This property is guaranteed by the
static_asserts in libc/bionic/struct_file_test.cpp.

Test: mma
Bug: http://b/30465923
Change-Id: I8ce851dd64a261703bb44f9b5cd23b7caff4dd68
2016-10-20 10:10:45 -07:00
Elliott Hughes
a9209d7a0e Fix some easy cases of __ANDROID__ versus __BIONIC__.
We need to make a clearer distinction for bionic on the host. This patch
doesn't fully address things like "should host bionic try to talk to netd?"
for now, but is a step in the right direction.

Bug: http://b/31559095
Test: bionic tests.
Change-Id: I49812f8b75d9d78c4fd8a8ddf5df1201d63771d6
2016-09-16 18:27:07 -07:00
Elliott Hughes
7f0849fd11 Fix sscanf/wcstod parsing of NaNs.
The parsefloat routines -- which let us pass NaNs and infinities on to
strto(f|d|ld) -- come from NetBSD.

Also fix LP64's strtold to return a NaN, and fix all the architectures
to return quiet NaNs.

Also fix wcstof/wcstod/wcstold to use parsefloat so they support hex
floats.

Lots of new tests.

Bug: http://b/31101647
Change-Id: Id7d46ac2d8acb8770b5e8c445e87cfabfde6f111
2016-09-07 15:01:54 -07:00
Elliott Hughes
fb3873d4db Fortify vsnprintf in more cases.
Bug: http://b/30445072
Change-Id: I1893890f0e3b56533eef053eda1bd96a0b9a5119
2016-08-10 11:50:12 -07:00
Elliott Hughes
53cf348c82 Remove more stdio copy/paste.
Change-Id: Ia92629b75d2c153ecf1cec711e2f9575eef604ab
2016-08-09 16:27:23 -07:00
Elliott Hughes
d1f25a7eb1 Reimplement remove(3) without the lstat(2).
This assumes that it's more likely we're unlinking a file than a directory,
though even if that's not true, as long as a failed unlink(2) is cheaper
than a successful lstat(2) -- which seems likely since there's no data to
copy -- we still win.

Change-Id: I0210e9cd3d31b8cf1813c55c810262ef327382ed
2016-08-05 15:53:03 -07:00
Elliott Hughes
70715da453 More stdio one-liners.
This actually turns up a bug in fmemopen, so I guess that's what I'll
look at next...

Change-Id: I2971ecd1b5a3a3c7f43c22d985f88e389af89e97
2016-08-01 18:06:38 -07:00
Elliott Hughes
cceaf069c7 More stdio cleanup.
Time to get back to cleaning up stdio, so start with a bunch of easy
one-liners...

Change-Id: I8df5fdc72500a89b977bfaa6c64c3639198d4e3e
2016-07-29 16:31:52 -07:00
Elliott Hughes
7b737e43f8 Remove #pragma GCC visibility.
We have better control over visibility now.

Bug: http://b/24767418
Change-Id: Ifa9a1e5af4bd4217db08422050908770247b3b69
2016-07-25 15:57:02 -07:00
Elliott Hughes
20788aec00 Add ctermid.
Change-Id: I7c7c815c2725df222932db923632c8b6419741ab
2016-06-09 15:16:32 -07:00
Chih-Hung Hsieh
62e3a078aa Fix google-explicit-constructor warnings.
Bug: 28341362
Change-Id: I84effbdfa1b9b39328a909b7f70fe17e7ee316c8
2016-05-03 12:08:05 -07:00
Elliott Hughes
f226ee59e0 Add fopen64/freopen64/tmpfile64 aliases.
Our fopen/freopen/tmpfile are already always O_LARGEFILE, but let's add
the aliases for _LARGEFILE_SOURCE compatibility.

Bug: http://b/24807045
Change-Id: I5d99b3ef3c9f27ce70f13313f6a92e96c7f21f80
2016-02-03 11:24:28 -08:00
Elliott Hughes
955426ef79 Fix a sign extension bug in stdio.
This also lets us test the EOVERFLOW behavior, which pointed out that the
fgetpos/fsetpos return on failure has always been wrong...

Bug: http://b/24807045
Change-Id: I35273eb07c8c9155af858adb27569983397580b6
2016-01-26 18:25:52 -08:00
Elliott Hughes
03e65eb03b Implement funopen64.
Bug: http://b/24807045
Change-Id: I161920978161389be34b707cc6ce8e05f760d552
2016-01-26 14:45:13 -08:00
Elliott Hughes
9677fab88c Support _FILE_OFFSET_BITS=64 for most of <stdio.h>.
This doesn't address funopen, but does add fgetpos/fsetpos/fseeko/ftello.

Bug: http://b/24807045
Change-Id: Ibff6f00df5fb699c8e8f13b91a75caf024540b73
2016-01-26 09:14:41 -08:00
Elliott Hughes
e70e0e9267 Move internal FILE flags macros to "local.h" from <stdio.h>.
Bug: http://b/24807045
Change-Id: Ia42ec1907370b4af957ece94a856f71c7ee27cb7
2016-01-25 11:10:47 -08:00
Elliott Hughes
023c3071a0 Add _seek64 to FILE.
Move fdopen/fopen/freopen and change them to initialize _seek64 instead
of the legacy _seek. The in-memory streams can stick with _seek for now,
since you're not going to fit a > 4GiB in-memory stream on a 32-bit device
anyway.

Bug: http://b/24807045
Change-Id: I09dcb426817b571415ce24d4d15f364cdda395b3
2016-01-22 23:54:10 -08:00
Elliott Hughes
b877601bff Put struct FILE back how NDK-built apps expect it.
The first rule of stdio is you never change struct FILE. This broke all
NDK-built apps that used stdin/stdout/stderr. (Which is more than you
might think, given that those streams don't go anywhere useful. Svelte!)

I've added a big code comment because I knew when I removed the field that
doing so was a mistake, but I couldn't think why.

Bug: http://b/24807045
Bug: http://b/26747402
Change-Id: Ie1233586b223bb1cdf8e354c66d5ff23487a833a
2016-01-22 19:23:40 -08:00
Elliott Hughes
2704bd1340 Simplify fseek/ftell.
Another step towards _FILE_OFFSET_BITS=64 support.

Bug: http://b/24807045
Change-Id: I00b83c81a7b108176c4d9437bc32611f73b7e967
2016-01-21 10:34:35 -08:00
Elliott Hughes
021335ebda Move stdio implementation details around a little.
Change-Id: I24594426d5479bdd55cbef0ab1b7d76c249dbd0c
2016-01-20 08:50:51 -08:00
Elliott Hughes
923f165b29 Make FILE*s less usable after fclose(3).
BSD doesn't invalidate the fd stored in struct FILE, which can make
it possible (via fileno(3), for example), to perform operations on
an fd you didn't intend to (rather than just failing with EBADF).

Fixing this makes the code slightly simpler anyway, and might help
catch bad code before it ships.

Bug: http://stackoverflow.com/questions/10816837/fclose-works-differently-on-android-and-linux
Change-Id: I9db74584038229499197a2695c70b58ed0372a87
2016-01-19 15:46:05 -08:00
Elliott Hughes
29ee6397a8 Fix stdio static initializers to make both clang and GCC happy.
Previously only clang was happy. GCC said:

  error: missing initializer for field 'wcio_mbstate_in' of 'struct wchar_io_data'

Change-Id: I25a11b64f4dfa22a5dd5daded152191fe2cfacaf
2015-12-07 11:07:15 -08:00
Elliott Hughes
bb46afd6c4 Revert "Revert "Remove __sinit and __sdidinit.""
This reverts commit c8bae05f3f.

We were breaking init (ueventd) because we initialize system properties
before we initialize stdio. The new system property implementation uses
stdio to read from /property_contexts, so we end up touching stdio data
structures before they've been initialized.

This second attempt takes things further by removing the stdio initialization
function altogether. The data structures for stdin/stdout/stderr can be
statically initialized as data, and -- since we already had to give the
atexit implementation a backdoor for stdio -- we can just admit that we
need to clean up stdio, and that we always do so last.

This patch also removes the 17 statically pre-allocated file structures,
so the first fopen will now allocate a block of 10 (the usual overflow
behavior). I did this just to make my life simpler, but it's not actually
necessary to remove it if we want it back.

Change-Id: I936b2eb5e88e4ebaf5516121872b71fc88e5609c
2015-12-05 07:30:59 -08:00
Elliott Hughes
c8bae05f3f Revert "Remove __sinit and __sdidinit."
This reverts commit 4371961e00.

This broke booting; ueventd crashes with a null pointer dereference
somewhere in __sfp (but the kernel doesn't unwind, so I don't know
what was calling __sfp).

Change-Id: I65375fdfdf1d339a06558b4057b580cacd6324e2
2015-12-04 17:47:20 -08:00
Elliott Hughes
4371961e00 Remove __sinit and __sdidinit.
We're eagerly initializing stdio now, so this can all be simplified.

Change-Id: Icb288f8dd0ee08f02bea0d23670f75e78bed6b99
2015-12-03 13:23:03 -08:00
Yabin Cui
76144aaa63 Change _stdio_handles_locking into _caller_handles_locking.
It is reported by tsan that funlockfile() can unlock an unlocked mutex.
It happens when printf() is called before fopen() or other stdio stuff.
As FLOCKFILE(fp) is called before __sinit(), _stdio_handles_locking is false,
and _FLOCK(fp) will not be locked. But then cantwrite(fp) in __vfprintf()
calls__sinit(), which makes _stdio_handles_locking become true, and
FUNLOCKFILE(fp) unlocks _FLOCK(fp).

Change _stdio_handles_locking into _caller_handles_locking,
so __sinit() won't change its value. Add test due to my previous fault.

Bug: 25392375
Change-Id: I483e3c3cdb28da65e62f1fd9615bf58c5403b4dd
2015-11-20 17:44:26 -08:00
Yabin Cui
fb994f4c04 Add fileno_unlocked to support thread sanitizer.
Bug: 25392375
Change-Id: If3f92a0e08a53f4b59e01397e8efa307d8572349
2015-11-06 16:13:47 -08:00
Christopher Ferris
a818445622 Rename LIBC64_HIDDEN to LIBC32_LEGACY_PUBLIC.
Change-Id: If4da9e46398ca5524f6f0680d70588e3dc7e80b4
2015-10-23 12:32:52 -07:00
Elliott Hughes
f0141dfab1 Make struct FILE opaque.
Bug: http://b/24807045
Change-Id: I3cb4e436325a65bef3b203e3970e4d967101fcce
2015-10-12 12:53:42 -07:00
Elliott Hughes
8ab433df13 Fix stdio read after EOF behavior.
Bug: https://code.google.com/p/android/issues/detail?id=184847
Change-Id: Ia20ce94007c2a09649f0763b1dc7ba959f2f618d
2015-10-09 17:57:26 -07:00
Elliott Hughes
4e8ef698d0 Don't use TEMP_FAILURE_RETRY on close in bionic.
Bug: http://b/20501816
Change-Id: Id64b5109cc2b165fa0351b6edbb865a5e5058008
2015-05-15 16:20:07 -07:00
Yabin Cui
17393b06ba Hide internal of pthread_mutex_t.
Bug: 19249079
Change-Id: Iffb79c8d861b698d474f212dc80c638fc2cf1620
2015-03-25 17:54:17 -07:00
Christopher Ferris
cc9ca1051d Fix fread returning bad data.
Bug: 19172514
Change-Id: I05016577858a02aca7d14e75e6ec28abc925037c
2015-02-27 18:22:45 -08:00
Elliott Hughes
e6bb5a2776 Fix optimized fread.
gcov does writes after reads on the same stream, but the bulk read optimization
was clobbering the FILE _flags, causing fwrite to fail.

Bug: 19129055
Change-Id: I9650cb7de4bb173a706b502406266ed0d2b654d7
2015-01-24 12:35:41 -08:00
Elliott Hughes
8b5df3920f Turn on -Wold-style-cast and fix the errors.
A couple of dodgy cases where we cast away const, but otherwise pretty boring.

Change-Id: Ibc39ebd525377792b5911464be842121c20f03b9
2015-01-21 17:09:58 -08:00
Elliott Hughes
8c4994bbc1 Implement __fsetlocking.
The old __isthreaded hack was never very useful on Android because all user
code runs in a VM where there are lots of threads running. But __fsetlocking
lets a caller say "I'll worry about the locking for this FILE*", which is
useful for the normal case where you don't share a FILE* between threads
so you don't need any locking.

Bug: 17154740
Bug: 18593728
Change-Id: I2a8dddc29d3edff39a3d7d793387f2253608a68d
2015-01-21 10:33:30 -08:00
Elliott Hughes
e69e6458cc Fix signed/unsigned comparison that was upsetting clang.
bionic/libc/stdio/fread.c:86:27: error: comparison of integers of different signs: 'int' and 'size_t' (aka 'unsigned int') [-Werror,-Wsign-compare]

Change-Id: Ia7e1e053e0cb13113e8f2eede820be013acbab82
2015-01-20 16:52:04 -08:00
Elliott Hughes
8885dcc779 Add TEMP_FAILURE_RETRY to stdio's low-level read/write functions.
This is correctness rather than performance, but found while investigating
performance.

Bug: 18593728
Change-Id: Idbdfed89d1931fcfae65db29d662108d4bbd9b65
2015-01-20 16:18:32 -08:00
Elliott Hughes
75b99387dd Optimized fread.
This makes us competitive with glibc for fully-buffered and unbuffered reads,
except in single-threaded situations where glibc avoids locking, but since
we're never really single-threaded anyway, that isn't a priority.

Bug: 18593728
Change-Id: Ib776bfba422ccf46209581fc0dc54f3567645b8f
2015-01-20 15:59:17 -08:00
Elliott Hughes
20841a137b Avoid pathological behavior in OpenBSD's fread.
Bug: https://code.google.com/p/android/issues/detail?id=81155
Bug: 18556607
Change-Id: Idc60976b79610e2202cc42dc393dcb4ca6c42e05
2014-12-02 14:22:02 -08:00
Elliott Hughes
c48c3e4bb3 Fix flockfile(3) and friends for stdin/stdout/stderr too.
stdin/stdout/stderr are special; their mutexes are initialized by
__sinit. There's no unit test for this, because __sinit has already
been called by the time the first unit test runs, but you could
reproduce this failure with a trivial main() that calls flockfile
or ftrylockfile on one of the standard streams before otherwise
using stdio.

Bug: 18208568
Change-Id: I28d232cf05a9f198a2bed61854d8047b23d2091d
2014-11-19 15:16:51 -08:00
Elliott Hughes
168667c972 Add non-macro stdin/stdout/stderr too.
Various C and C++ standards explicitly say that stdin/stdout/stderr
should be macros, but glibc makes them global variables too. This
means it's possible to write code that uses those names as locals,
but that code (toybox being an example) won't build on bionic.

If we'd done this earlier, we could have hidden __sF for LP64, but
it's too late now.

Change-Id: I90cf8c73f52b66e1760b8fa2e135b9f9f9651230
2014-11-14 14:42:59 -08:00
Chih-Hung Hsieh
dc6599e20f Fix warning of missing field initializer.
BUG: 18241135
Change-Id: I91304eb608bc3336ce5fcd5744fbe080d64f1cc2
2014-11-04 12:09:35 -08:00
Elliott Hughes
6a03abcfd2 Ensure we initialize stdin/stdout/stderr's recursive mutexes.
Bug: 18208568
Change-Id: I9da16ce0f9375bc363d1d02be706d73fd3b1e150
2014-11-03 12:32:17 -08:00
Christopher Ferris
78ba823033 Add back symbols to fix Greed for Glory franchise.
Bug: 17813018

(cherry picked from commit c891e24073)

Change-Id: I4e891c2dbad9ea00d2377c5175317d9ae3840153
2014-10-09 22:23:50 -07:00
Elliott Hughes
abefc93ff3 Re-expose more stdio implementation details for LP32.
Keeps a variety of apps running.

(cherry-pick of 5def2f5aecd968e4022b0afbe4441fa7ba3e7c7e.)

Bug: 17047819
Change-Id: I55882ec95f2b59a5df76e5a89c23aa315609e01d
2014-09-24 20:07:10 -07:00
Elliott Hughes
c08c25b4c9 Sync with upstream findfp.c.
Change-Id: Ib298f46de0c4d0fd4ce0a9b456c163e8b8b06342
2014-09-24 10:32:30 -07:00
Elliott Hughes
5f35710fad Expose __swsetup for LP32 binary compatibility.
(cherry-pick of 7e00b44e80d6e38b8ab86d0ebc86b666c0ac2ef6.)

Bug: 17476127
Change-Id: I0ef1355ac913d782c268a638f88642d6cfc236c2
2014-09-11 18:23:46 -07:00
Elliott Hughes
2b021e1066 Add <stdio_ext.h> for elfutils.
Bug: 17139679
Change-Id: I1605ac382dbb6f23b2d874dbb9769f3cde4a6a99
2014-08-20 10:23:52 -07:00