These files were segregated because they were lacking a little cleanup.
Unfortunately that means this change has to do some of the cleanup, but
that's probably for the best.
Test: treehugger
Change-Id: I2dd33504787fc3313995de99e0745a0df22915b3
The only remaining differences between vfprintf.cpp and vfwprintf.cpp
after this are the wide/narrow conversions for %c, %m, and %s. I've used
"chars" and "bytes" for the named constants for the directions because
(a) I find -1 and 1 pretty confusing and (b) although "narrow" is the
obvious opposite of "wide", only Windows actually moved to wide
characters, so "narrow" (aka "multibyte", and probably "utf8") is the
default/normal case. Even though C confuses bytes and characters via its
`char` type, "bytes" versus "chars" seems like the appropriate
terminology (and it's what Java/Python use).
Also improve the swprintf tests assertion so failures are readable.
Test: treehugger
Change-Id: Ife8f70f65ec28d96058a7d68df353945524835d2
These are just one-liners, and the _FLOCK() macro seemed to me more
obscure than just inlining it (especially because there are only four
call sites total, so it's not like anyone's going to see that macro very
often).
Also add the missing CHECK_FP() calls. I don't expect this to break
anything, but if it does we can add a target API level check.
Test: treehugger
Change-Id: Ifa1a39d5d9eee46cca783acbe9ec3b3a1e6283d9
The locking can fail in a couple of ways:
- A concurrent fread from an unbuffered or line-buffered file flushes
the output of other line-buffered files, and if _fwalk locks every
file, then the fread blocks until other file reads have completed.
- __sfp can initialize a file lock while _fwalk is locking/unlocking it.
For now, revert to the behavior Bionic had in previous releases. This
commit reverts the file locking parts of commit
468efc80da.
Bug: http://b/131251441
Bug: http://b/130189834
Test: bionic unit tests
Change-Id: I9e20b9cd8ccd14e7962f7308e174f08af72b56c6
pclose(3) is now an alias for fclose(3). We could add a FORTIFY check
that you use pclose(3) if and only if you used popen(3), but there seems
little value to that when we can just do the right thing.
This patch also adds the missing locking to _fwalk --- we need to lock
both the global list of FILE*s and also each FILE* we touch. POSIX says
that "The popen() function shall ensure that any streams from previous
popen() calls that remain open in the parent process are closed in the
new child process", which we implement via _fwalk(fclose) in the child,
but we might want to just make *all* popen(3) file descriptors O_CLOEXEC
in all cases.
Ignore fewer errors in popen(3) failure cases.
Improve popen(3) test coverage.
Bug: http://b/72470344
Test: ran tests
Change-Id: Ic937594bf28ec88b375f7e5825b9c05f500af438
We've ignored %n for a long time, but that's dangerous too because it
makes it unclear whether the corresponding pointer argument should be
supplied or not.
Remove the ambiguity by just rejecting %n outright.
Bug: http://b/31832608
Test: ran tests
Change-Id: Ic046ad3436a30c6f8f580ea738bdcaeb01c858f8
We've been using #pragma once for new internal files, but let's be more bold.
Bug: N/A
Test: builds
Change-Id: I7e2ee2730043bd884f9571cdbd8b524043030c07
This patch switches to C++ (in anticipation of needing it later), removes
a little duplication (via a macro for now), and ensures uniform support
for %C/%lc and %S/%ls between regular and wide (with new tests).
Since it's so hard to debug problems in printf (as the time I've wasted
already today will testify), that's all I want to do in this change. The
other 500 lines of diff can wait...
(Also merge "floatio.h" into "local.h" now all the users are in forked
code.)
Bug: http://b/67371539
Test: ran tests
Change-Id: I083353d89c32b9302d759ca6967cc6d8a62cd8a5
Also simplify trivial one-liners like perror/puts/fputs, and clean up
fread/fwrite slightly.
Fix perror to match POSIX.
Add basic perror and *_unlocked tests.
Bug: N/A
Test: ran tests
Change-Id: I63f83c8e0c15c3c4096509d17421ac331b6fc23d
Move all the new checks over to the existing __fortify_fatal.
Bug: http://b/67455242
Test: ran tests
Change-Id: Idb899c58c32d52d3b423caf1a91feb7defcba9b3
Applications fopening files and then blindly trying to read are
widespread, leading to a recurring problem of SELinux tightening
resulting in segfaults. Add a friendly diagnostic for this case.
Bug: http://b/67455242
Test: bionic-unit-tests32/64 on sailfish
Change-Id: I1734fa94487c4eff9b55a02c6b01baf6b265d236
Implement __freading and __fwriting, and clarify the documentation that was
the cause of these not being implemented for years.
Bug: http://b/17157253
Test: ran tests
Change-Id: I89542c8131b13889e2585417a024050ecf2abcb7
We've never really used __restrict: only <string.h> and <stdio.h> (which
are still very similar to upstream BSD headers) consistently have these
annotations. Neither clang nor GCC warns for trivial cases, and there's
little obvious documentation benefit.
Bug: http://b/30833514
Test: builds
Change-Id: I3e4384281865475d0c55d764b546d8166419ee31
"Although not explicitly required by this volume of POSIX.1-2008, a good
implementation of append (a) mode would cause the O_APPEND flag to be set."
Yeah, about that...
Bug: N/A
Test: ran tests
Change-Id: I23c4bc5c1ebc92e0cb44025d2d313f321f9ffa68
The parsefloat routines -- which let us pass NaNs and infinities on to
strto(f|d|ld) -- come from NetBSD.
Also fix LP64's strtold to return a NaN, and fix all the architectures
to return quiet NaNs.
Also fix wcstof/wcstod/wcstold to use parsefloat so they support hex
floats.
Lots of new tests.
Bug: http://b/31101647
Change-Id: Id7d46ac2d8acb8770b5e8c445e87cfabfde6f111
Move fdopen/fopen/freopen and change them to initialize _seek64 instead
of the legacy _seek. The in-memory streams can stick with _seek for now,
since you're not going to fit a > 4GiB in-memory stream on a 32-bit device
anyway.
Bug: http://b/24807045
Change-Id: I09dcb426817b571415ce24d4d15f364cdda395b3
The first rule of stdio is you never change struct FILE. This broke all
NDK-built apps that used stdin/stdout/stderr. (Which is more than you
might think, given that those streams don't go anywhere useful. Svelte!)
I've added a big code comment because I knew when I removed the field that
doing so was a mistake, but I couldn't think why.
Bug: http://b/24807045
Bug: http://b/26747402
Change-Id: Ie1233586b223bb1cdf8e354c66d5ff23487a833a
BSD doesn't invalidate the fd stored in struct FILE, which can make
it possible (via fileno(3), for example), to perform operations on
an fd you didn't intend to (rather than just failing with EBADF).
Fixing this makes the code slightly simpler anyway, and might help
catch bad code before it ships.
Bug: http://stackoverflow.com/questions/10816837/fclose-works-differently-on-android-and-linux
Change-Id: I9db74584038229499197a2695c70b58ed0372a87
This reverts commit c8bae05f3f.
We were breaking init (ueventd) because we initialize system properties
before we initialize stdio. The new system property implementation uses
stdio to read from /property_contexts, so we end up touching stdio data
structures before they've been initialized.
This second attempt takes things further by removing the stdio initialization
function altogether. The data structures for stdin/stdout/stderr can be
statically initialized as data, and -- since we already had to give the
atexit implementation a backdoor for stdio -- we can just admit that we
need to clean up stdio, and that we always do so last.
This patch also removes the 17 statically pre-allocated file structures,
so the first fopen will now allocate a block of 10 (the usual overflow
behavior). I did this just to make my life simpler, but it's not actually
necessary to remove it if we want it back.
Change-Id: I936b2eb5e88e4ebaf5516121872b71fc88e5609c
This reverts commit 4371961e00.
This broke booting; ueventd crashes with a null pointer dereference
somewhere in __sfp (but the kernel doesn't unwind, so I don't know
what was calling __sfp).
Change-Id: I65375fdfdf1d339a06558b4057b580cacd6324e2
It is reported by tsan that funlockfile() can unlock an unlocked mutex.
It happens when printf() is called before fopen() or other stdio stuff.
As FLOCKFILE(fp) is called before __sinit(), _stdio_handles_locking is false,
and _FLOCK(fp) will not be locked. But then cantwrite(fp) in __vfprintf()
calls__sinit(), which makes _stdio_handles_locking become true, and
FUNLOCKFILE(fp) unlocks _FLOCK(fp).
Change _stdio_handles_locking into _caller_handles_locking,
so __sinit() won't change its value. Add test due to my previous fault.
Bug: 25392375
Change-Id: I483e3c3cdb28da65e62f1fd9615bf58c5403b4dd
The old __isthreaded hack was never very useful on Android because all user
code runs in a VM where there are lots of threads running. But __fsetlocking
lets a caller say "I'll worry about the locking for this FILE*", which is
useful for the normal case where you don't share a FILE* between threads
so you don't need any locking.
Bug: 17154740
Bug: 18593728
Change-Id: I2a8dddc29d3edff39a3d7d793387f2253608a68d
stdin/stdout/stderr are special; their mutexes are initialized by
__sinit. There's no unit test for this, because __sinit has already
been called by the time the first unit test runs, but you could
reproduce this failure with a trivial main() that calls flockfile
or ftrylockfile on one of the standard streams before otherwise
using stdio.
Bug: 18208568
Change-Id: I28d232cf05a9f198a2bed61854d8047b23d2091d
Keeps a variety of apps running.
(cherry-pick of 5def2f5aecd968e4022b0afbe4441fa7ba3e7c7e.)
Bug: 17047819
Change-Id: I55882ec95f2b59a5df76e5a89c23aa315609e01d
The LP64 has a duplicate copy of part of stdio, and relies
on bionic supplying this part. We should remove the hack from
the NDK, at least for LP64, and then revert this.
Bug: 15291317
Change-Id: I75e06e130188ca0aeb9d50dfe3a3e48a1d3968b7
The NDK apparently includes an android_support.a library that
refers to __srefill in its copy of the vsnprintf implementation.
Bug: 15249361
Change-Id: Ic2cf6f21290b3146c42fbe0624f5e4d54f6194b4
Anthony King <anthonydking@slimroms.net> reports that for Grouper the
Nvidia GL blobs need access to __swbuf. This is because the old <stdio.h>
had inline getc and putc implementations that directly referred to these
symbols.
Change-Id: I11a7b5550018ecc93d8f195c99857759669b2906
I've left __sF exposed since that's how the OpenBSD stdin, stdout, stderr
are implemented. Other BSDs and glibc use a separate global for each instead
of an array.
Bug: 11156955
Change-Id: I9f3d2d4314a8d4a78c3197b9acd9258820c5f150
