When we enable free_track option, one thread is in AddFreed->RemoveBacktrace
flow (hold free_pointer_mutex_ first and try to lock frame_mutex_), and
other thread do fork and enter PrepareFork flow (hold frame_mutex_ first
and try to lock free_pointer_mutex_), this situation may result in mutex
deadlock issue.
Bug: 127733115
Test: build pass and stress test pass
Change-Id: Ie5fcc4ef6c169372ad73d81978cfb2a726b6c03e
malloc_info needs to be per native allocator, but the code treated it
like a global function that doesn't depend on the native memory allocator.
Update malloc debug to dump the actual pointers that it has been tracking.
Test: bionic-unit-tests pass.
Test: malloc debug tests pass.
Test: malloc hook tests pass.
Change-Id: I3b0d4d748489dd84c16d16933479dc8b8d79013e
Merged-In: I3b0d4d748489dd84c16d16933479dc8b8d79013e
(cherry picked from commit a3656a98b1)
Jemalloc does not verify that the size parameter is a multiple of
alignment. Fix this since it only went into P.
Fix the unit tests, and fix malloc debug/malloc hooks to handle this
new restrictive behavior.
Bug: 126944692
Test: Ran bionic unit tests.
Test: Ran bionic unit tests with malloc hooks enabled (no new tests fail).
Test: Ran bionic unit tests with malloc debug enabled (no new tests fail).
Test: Ran malloc debug unit tests.
Change-Id: I4d50785928815679c781ca729f998454d76b9192
The upcoming compiler warns against adding string and int:
In file included from bionic/libc/bionic/strsignal.cpp:41:
bionic/libc/private/bionic_sigdefs.h:58:1: error: adding 'int' to a string does not append to the string [-Werror,-Wstring-plus-int]
__BIONIC_SIGDEF(SIGWINCH, "Window size changed")
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
bionic/libc/bionic/strsignal.cpp:40:83: note: expanded from macro '__BIONIC_SIGDEF'
#define __BIONIC_SIGDEF(signal_number, unused) [ signal_number ] = #signal_number + 3,
~~~~~~~~~~~~~~~^~~
Use array indexing index to avoid this warning.
Test: m checkbuild
Change-Id: Ib5e20edbf5bac76352df0484dd233d0621beb4e9
File descriptor confusion can result if a process is exec()d and
STDIN/STDOUT/STDERR do not exist. In those situations, the first,
second, and third files opened by the exec()d application will have FD
0, 1, and 2 respectively. Code which reads / writes to these STD* file
descriptors may end up reading / writing to unintended files.
To prevent this, guarantee that FDs 0, 1, and 2 always exist. Bionic
only currently guarantees this for AT_SECURE programs (eg, a setuid
binary, setgid binary, filesystem capabilities, or SELinux domain
transition).
Extending this to all exec()s adds robustness against this class of
bugs. Additionally, it allows a caller to do:
close(STDIN_FILENO);
close(STDOUT_FILENO);
close(STDERR_FILENO);
and know that the exec()d process will reopen these file descriptors on
its own. This has the potential to simplify other parts of Android, eg
https://android-review.googlesource.com/c/platform/system/apex/+/915694
Steps to reproduce:
sleep 100 <&- >&- 2>&- & BGPID=$! && ls -la /proc/$BGPID/fd && kill $BGPID
Expected:
$ sleep 100 <&- >&- 2>&- & BGPID=$! && ls -la /proc/$BGPID/fd && kill $BGPID
[1] 3154
total 0
dr-x------ 2 shell shell 0 1970-04-17 12:15 .
dr-xr-xr-x 9 shell shell 0 1970-04-17 12:15 ..
lrwx------ 1 shell shell 64 1970-04-17 12:15 0 -> /dev/null
lrwx------ 1 shell shell 64 1970-04-17 12:15 1 -> /dev/null
lrwx------ 1 shell shell 64 1970-04-17 12:15 2 -> /dev/null
$
[1] + Terminated \sleep 100 <&- >&- 2>&-
Actual:
$ sleep 100 <&- >&- 2>&- & BGPID=$! && ls -la /proc/$BGPID/fd && kill $BGPID
[1] 16345
total 0
dr-x------ 2 shell shell 0 2019-02-28 20:22 .
dr-xr-xr-x 9 shell shell 0 2019-02-28 20:22 ..
$
[1] + Terminated \sleep 100 <&- >&- 2>&-
Test: manual (see above)
Change-Id: I3e05700a1e8ebc7fc9d192211dd9fc030cc40139
After switching libm from libgcc to libcrt.builtins, some of the symbols
are no longer getting included in libm, causing the compiler to complain
about missing symbols from the version script. Explicitly export them in
libc (since libm depends on libc).
Bug: 122993571
Test: m checkbuild
Test: bionic-unit-tests
Change-Id: Ie91765874d20df605f557b1a8c4236619553c549
Bug: 125891203
Test: Verify that setting the program property to "" doesn't trigger
Test: heapprofd.
Change-Id: Id27cbb92c7a120d02151e29be993f369230c2de8
Introduce a new flag ANDROID_DLEXT_RESERVED_ADDRESS_RECURSIVE which
instructs the linker to use the reserved address space to load all of
the newly-loaded libraries required by a dlopen() call instead of only
the main library. They will be loaded consecutively into that region if
they fit. The RELRO sections of all the loaded libraries will also be
considered for reading/writing shared RELRO data.
This will allow the WebView implementation to potentially consist of
more than one .so file while still benefiting from the RELRO sharing
optimisation, which would otherwise only apply to the "root" .so file.
Test: bionic-unit-tests (existing and newly added)
Bug: 110790153
Change-Id: I61da775c29fd5017d9a1e2b6b3757c3d20a355b3
Gold isn't emitting these symbols, so we don't necessarily have the
support for them (gold is still the default for most architectures in
the NDK).
Test: bionic static unit tests
Bug: None
Change-Id: Ifc360cb6c26571fb3f0309adb0faf0af7ee5b36f
This target is needed by linux_bionic targets and so should support
it.
Test: ./art/tools/build_linux_bionic.sh com.android.runtime.host
Change-Id: Ib12f1cf1d70e606b0921f507b3e460f5d543017e
With the switch to libcrt.builtins, some symbols no longer becomes
exported. Add dummy references to them to force them to be exported.
This is to maintain backwards binary compatibility with ancient Android
versions.
x86 and x86_64 crashes with libcrt, keep using libgcc for now.
Test: bionic-unit-tests
Bug: 29275768
Bug: 122993569
Change-Id: Ieab5af354e3924af4a03d888b28c6e75090cb613
When free_track option is enabled and malloc debug detects error in
VerifyFreedPointer flow, if freed pointer's usable_size is more than
g_debug->config().fill_on_free_bytes(), the error log is not correct.
The max. bytes printed to error message should be the max bytes to
cmp, not usable size.
Bug: 124420174
Test: build pass and test pass
Change-Id: I41f35ab3330e49e0a6ad276d405bf4f6c3f0ea92
The log priorities and ids are in an NDK header, available to everyone.
Move CHECK into its own header for now. This would be better if it was
more like the <android-base/logging.h> CHECK family, but I don't have an
easy way to do that without lots of copy & paste, so punting for now.
Bug: https://issuetracker.google.com/issues/119713191
Test: boots
Change-Id: I4566be8a0a024fede0e2d257c98b908ec67af2a8
All of the heapprofd code assumes that it's the only hook that
has been enabled. Enforce that by disallowing heapprofd from
enabling if malloc debug or malloc hooks have been enabled.
Test: Ran all unit tests (bionic/malloc hooks/malloc debug/perfetto).
Test: Enabled malloc debug ran perfetto integration tests and verified
Test: that an error message goes to the log.
Change-Id: I506fbf1c5b8e4052855531fa0d161f5de06e6c1a
The pieces:
- The malloc common shared by static and dynamic code (malloc_common.cpp).
- The code for shared libraries that includes any dlopen'ing
(malloc_common_dynamic.cpp).
- The implementation of perfetto's heapprofd (malloc_heapprofd.cpp).
This makes it easier to see what's going on in the many different areas.
It should also make it easier to add the allocation capping option.
Other related changes:
- Update the unit tests for android_mallopt. All of the current options
don't work on static binaries, so make sure that is reflected in the test.
- A few names changes to make sure that all code is consistent.
Test: Ran tests (malloc hooks/malloc debug/perfetto/bionic unit tests).
Change-Id: I0893bfbc0f83d82506fac5d1f37cf92fbdef6f59
When the linker is invoked on itself, (`linker64 /system/bin/linker64`),
the linker prints an error, because self-invocation isn't allowed. The
current method for detecting self-invocation fails because the second
linker instance can crash in a constructor function before reaching
__linker_init.
Fix the problem by moving the error check into a constructor function,
which finishes initializing libc sufficiently to call async_safe_fatal.
The only important thing missing is __libc_sysinfo on 32-bit x86. The aux
vector isn't readily accessible, so use the fallback int 0x80.
Bug: http://b/123637025
Test: bionic unit tests (32-bit x86)
Change-Id: I8be6369e8be3938906628ae1f82be13e6c510119
Instead of every function being its own atomic, have a single
pointer that can be used to flip all pointers at once. This avoid cases
where the set of pointers can be in an partial switched state.
Also fix a few inconsistent naming of functions in the file.
Test: Ran unit tests (malloc debug, malloc hooks, perfetto).
Change-Id: I3f66da395414586a3fa87874d80dcdf5f702ed39
Merged-In: I3f66da395414586a3fa87874d80dcdf5f702ed39
(cherry picked from commit 77184aedaf)
Before this CL bionic did the following:
* Finds the ICU .dat file with scandir()
* Extracts the ICU version number from the file name. e.g. _63
* dlopen() libicuuc
* dlsym() necessary symbols, e.g. <symbol name>_<icu version>
Right now such ICU symbols are stored in libandroidicu.so and suffixed
with "_android", so it is responsible for "redirecting" to functions
with approriate version and we do not need to lookup the version on our
own. libicuuc is still available for NDK (and apps), and libandroidicu is
a subset of libicuuc and libicui18n.
After this CL bionic will do the following:
* dlopen() libandroiicu
* dlsym() <symbol_name>_android (without specific version suffix)
Bug: 122822987
Test: cts-tradefed run cts-dev -m CtsBionicTestCases
Change-Id: Iabd9f35b9c3462739fd2b18e60dcdc3e202031ac
NetBSD seems to be the least well maintained of our three BSD upstreams,
and it's already the one we use the least. Let's push a little further
in that direction...
Test: new smoke tests
Change-Id: Idfebd11794445fe14cbfa07177a7392a7b36a5e4
On http://b/122082295 we had this abort:
12-27 15:29:31.237 10222 10814 10848 F libc : invalid pthread_t 0xb1907960 passed to libc
This wasn't super helpful. We can do better. Now you get something like
this instead:
03-27 02:34:58.754 25329 25329 W libc : invalid pthread_t (0) passed to pthread_join
Test: adb shell crasher
Bug: http://b/123255692
Change-Id: I1d545665a233308480cc3747ec3120e2b6de0453
This change adds following files and symlinks:
Files:
/bionic/lib[64]/lib{c|dl|m}.so
/bionic/bin/linker[64]
Symlinks:
/system/lib[64]/lib{c|dl|m}.so -> /bionic/lib[64]/lib{c|dl|m}.so
/system/bin/linker[64] -> /bionic/bin/linker[64]
/system/bin/linker_asan[64] -> /bionic/bin/linker[64]
The files serve as mount points for either the bootstrap Bionic or the
default Bionic from the runtime APEX. init does the bind-mounting during
booting.
The symlinks are there to not change the ordinary paths to the bionic
files; there are many places that the paths are implied or hard-coded,
e.g., dlopen("/system/lib/libc.so") or DT_INTERP pointing to
/system/bin/linker in the vendor prebuilts.
Bug: 120266448
Test: m blueline, cf_x86, aosp_arm
The aforementioned files and symlinks are found
Change-Id: I97e38c29409ac0610dde285db8df6e94a7930094
