- added grp_pwd.cpp containing POSIX passwd and group functions,
colocated because they share with the Android ID (AID) roots.
- stubs.cpp contains all the truly empty functions (network and
protocol accessors)
Bug: 27999086
Change-Id: I036f9e2dd246f48302cb7c97d23176fa24d19c33
Collect statistics about DNS query success state and delay. Ignore
servers that have been tried at least five times and have a success rate
of < 0.25. Retry these servers once every 180s.
Bug: 25731675
Change-Id: I78e24f43e388dca82fb81835e1796f4c7dce8da3
Implement the legacy SysV signal handling functions sighold(),
sigignore(), sigpause(), sigrelse(), and sigset() in terms of the newer
POSIX signal APIs. As of POSIX 2013 the SysV signal APIs are deprecated
but still required.
Change-Id: I4ca40e3d706605a7d1a30dc76c78b2b24586387d
Signed-off-by: Greg Hackmann <ghackmann@google.com>
The code to calculate thread stack and signal stack looks weird:
the thread stack size and signal stack size are related with
each other on 32-bit mode, but not on 64-bit mode. So change the
code to make the logic more resonable. This doesn't change anything
as we have defined SIGSTKSZ to 16K on arm64.
Bug: 28005110
Change-Id: I04d2488cfb96ee7e2d894d062c66cef950fec418
This function only exists for backwards compatibility, so leave it as it was.
Bug: http://b/26944282
Change-Id: I31973d1402660933103ee2d815649ab9569e4dfc
MIPS still have ld128 and 16-bit atomics issues with clang, so we can't
just remove this yet.
Bug: http://b/25291096
Change-Id: I2645ebf3af04e1a4008d70da780c04240e3d7a85
We're the C library. Nothing could be more deprecated.
bionic/libc/bionic/pthread_cond.cpp:243:10: error: 'int pthread_cond_timedwait_relative_np(pthread_cond_t*, pthread_mutex_t*, const timespec*)' is deprecated (declared at bionic/libc/bionic/pthread_cond.cpp:227): use pthread_cond_timedwait instead [-Werror=deprecated-declarations]
return pthread_cond_timedwait_relative_np(cond_interface, mutex, &ts);
^
bionic/libc/bionic/pthread_cond.cpp:243:71: error: 'int pthread_cond_timedwait_relative_np(pthread_cond_t*, pthread_mutex_t*, const timespec*)' is deprecated (declared at bionic/libc/bionic/pthread_cond.cpp:227): use pthread_cond_timedwait instead [-Werror=deprecated-declarations]
return pthread_cond_timedwait_relative_np(cond_interface, mutex, &ts);
^
Change-Id: Idb3d445e053c44180773f59774df19b324f6817f
This (and other stuff still to come) prevented xfstests from building out
of the box.
Bug: http://b/27952303
Change-Id: Id38fd37386d43fc351c56dca18785a465e3e6145
Although there is a test pthread.pthread_mutex_owner_tid_limit
to check pid_max, but bionic-unit-tests hangs before reaching
that test. So abort at libc initialization if not able to reach
the test when running bionic-unit-tests32. It is more friendly
for debugging.
Bug: 24016357
Change-Id: Ia70c2e36fd8a3a040d41ea5722c7b48a6134e102
Previously, the implementation of setjmp on x86_64 claimed that
sigprocmask would write to two longs' worth of bytes.
Bug: http://b/27856501
Change-Id: I9f32b40ac773a0cd91a976aace5bfba6e67fb0f8
POSIX makes "the CPU-time clock of the calling thread" (i.e.,
CLOCK_THREAD_CPUTIME_ID) a special case which returns EINVAL instead of
ENOTSUP.
However, the clock_nanosleep syscall treats this clock just like any
other, and returns -EOPNOTSUPP to indicate an unimplemented nanosleep
handler. So we need to handle this ourselves in userspace.
This change fixes the LTP clock_nanosleep01 testcase.
Change-Id: If3bed940d276834bcd114d8c17f96197e9384711
Signed-off-by: Greg Hackmann <ghackmann@google.com>
Make it easier to diagnose applications mucking with the contents of
jmp_buf by checksumming its contents.
Bug: http://b/27417786
Change-Id: I473bc2871dece23a9b9d02481945246160d671c6
Both be91052932 and
e2faf07d65 were submitted about
two days ago. The former changed how the syscalls stubs were
generated, but the latter was submitted using the old stub
format.
Use the new stub format for setdomainname.S
Change-Id: I578acd7053f57a275f6831dd2404ef04826c578e
bionic has the Linux-specific mntent.h but is missing hasmntopt().
Change-Id: I0ab7b83626c969704add4e64b37a6fc715d4a723
Signed-off-by: Greg Hackmann <ghackmann@google.com>
{get,set}domainname aren't in POSIX but are widely-implemented
extensions.
The Linux kernel provides a setdomainname syscall but not a symmetric
getdomainname syscall, since it expects userspace to get the domain name
from uname(2).
Change-Id: I96726c242f4bb646c130b361688328b0b97269a0
Signed-off-by: Greg Hackmann <ghackmann@google.com>
This patch uses __kernel_vsyscall instead of "int 0x80"
as the syscall entry point. AT_SYSINFO points to
an adapter to mask the arch specific difference and gives a
performance boost on i386 architecture.
Change-ID: Ib340c604d02c6c25714a95793737e3cfdc3fc5d7
Signed-off-by: Mingwei Shi <mingwei.shi@intel.com>
The stack offsets assumed we'd pushed %ebx. Unlike x86-64 we can't fall
through, but we can avoid repeating work we've already done.
Change-Id: I7e5f9be50983ed6178dd0c0534042da7ea30ad0c
Even though the size parameter to epoll_create(2) is (otherwise) unused,
passing in size <= 0 is explicitly documented as an error.
This change fixes the LTP epoll01 testcase.
Change-Id: I044a38be823c2fa956b57e77cc66571dfae8a4bb
Signed-off-by: Greg Hackmann <ghackmann@google.com>
The clone syscall accepts NULL child stacks, interpreting this to mean
the child gets a copy of the parent's stack with copy-on-write
semantics. However clone(2) is explicitly documented to treat this an
an error.
"Fortunately" every architecture's __bionic_clone implementation pushes
something onto the child stack before making the clone syscall. So we
know fixing this won't break legacy apps, because any app that tried
using a NULL child stack would have died with SIGSEGV.
This change fixes the LTP clone04 testcase.
Change-Id: I663b34f34bc8dad2aa405c46e4eed4418cccca0d
Signed-off-by: Greg Hackmann <ghackmann@google.com>
Caused build breakage, but not spotted by TreeHugger:
external/libnfc-nxp/Linux_x86/phDal4Nfc.c:737:5: error: implicit declaration of function 'pthread_setname_np' is invalid in C99 [-Werror,-Wimplicit-function-declaration]
pthread_setname_np(pthread_self(), "reader");
^
Nice file name.
Change-Id: I102e55718babf4e4f2f2c64066c6a83ed3ac86d3
Also guard both these GNU extensions with _GNU_SOURCE.
Also improve the tests to test each case on both the current thread and
another thread, since the code paths are totally different.
Bug: http://b/27810459
Change-Id: I72b05bca5c5b6ca8ba4585b8edfb716a1c252f92
The free track mechanism could fail if, at the same time a free occurs,
another thread is trying to free and verify the same allocation. This
doesn't work if the freed allocation is added to the list and we still
do work on it. The fix is to only add to the free list when we are done
with the allocation.
Also fix a problem where the usable size is computed incorrectly because
two of the arguments where reversed.
In addition, add a check that the allocation being verified has the correct
tag before trying to check the body of the allocation.
Add a test to catch the original failure.
Add a test for the tag being different.
Bug: 27601650
Change-Id: Ie9200677d066255b8e668a48422f23f909f4ddee
We don't have a compile-time limit on the number of threads,
and we don't have a definite run-time limit either.
Bug: http://b/27617302
Change-Id: I6a6fe083e7b655d24eb9e7ef7f3e0280d483080b
If the first option is found, then any unknown options are simply
ignored, but do not produce an error. Fixed this so that each
option found is actually verified to exist.
Bug: 27620263
Change-Id: If58732df3285eeae72188162c505e0e202fada8c
Do not initialize all of the global function pointers associated with
debug malloc until the initialization has completed correctly.
Bug: 27600760
Change-Id: I0621b54bc2d9fab63805d7992d384e550d6fed2a
The over flow check for nmemb * bytes in debug_calloc is incorrect,
use the builtin overflow functions to check for multiplication and
addition overflow.
Change-Id: I3f1c13102621bc5380be1f69caa88dba2118f3cb
(cherry picked from commit 239838608d)
0 byte allocations can cause problems if they are immediately followed
by another allocation with no header, as both allocations will have the
same address. Treat 0 byte allocations as 1 byte allocations so that
debug_iterate will return separate addresses for them.
Bug: 27578580
Change-Id: Ia8dc3481fa7062391e9b3ae58a36e8d47e7ee557
(cherry picked from commit 15af478080)
malloc_iterate with malloc debug enabled was returning allocation sizes
using the requested size instead of usable size. If anything wrote
pointers above the requested size but below the usable size, those
pointers would be invisible to libmemunreachable and referenced
allocations could be reported as a leak.
Bug: 27107100
Change-Id: I6b19fd631f68ce93b3aee408cc3d296ec457bd01
(cherry picked from commit b23c6606d2)
Don't ask the kernel to copy data to userspace if we don't need it.
(Noticed while cleaning up sysconf to not call clock_getres.)
Change-Id: Icc0f7559775b8a2dcefe638ce831d06b75d67122
There are a hundred other reasons why we can't run on kernels old enough
to not have all the clocks covered by sysconf.
This was causing trouble for jemalloc 4.1.0 in a seccomp-constrained process
because jemalloc 4.1.0 introduced a call to sysconf that caused us to make
clock_getres syscalls for the first time, leading to SIGSYS.
Bug: http://b/27408522
Change-Id: I2eb6986d871bc03cbef278e5617734409c39e057
glibc, FreeBSD, OpenBSD, and Darwin all just leave the fd unchanged and
possibly uninitialized. Setting it to -1 seems friendlier, though.
Bug: http://b/27506278
Change-Id: I7acdc8eecbea4404d5fb4ba0b4d572245a323886
I can only assume I was testing the 32-bit implementation when I claimed
this worked. While improving the 32-bit code I realized that I'd used
signed comparisons instead of unsigned, and came back to find that the
64-bit code didn't work.
By way of apology, make x86-64 the first architecture where __memset_chk
falls through to memset.
Change-Id: I54d9eee5349b6a2abb2ce81e161fdcde09556561
Make it easier to diagnose applications mucking with the contents of
jmp_buf by checksumming its contents.
Bug: http://b/27417786
Change-Id: I9989e2ea3979a36ae0bc4c9e1bacafddbacc731b
This involves actually implementing assembler __memset_chk for arm64,
but that's easily done.
Obviously I'd like this for all architectures (and all the string functions),
but this is low-hanging fruit...
Change-Id: I70ec48c91aafd1f0feb974a2555c51611de9ef82
Also remove an if that implied that IFA_BROADCAST is a possibility for
AF_INET6.
The existing tests fail if you have a point-to-point interface configured,
so no new test necessary.
Bug: http://b/27442503
Change-Id: I4c5823b32204ae6c15527853414c2a0cef320b53
The DNS search string contains zeros as domain separator. The resolver
code erroneously used strlcpy(), which resulted in only the first domain
to be copied. The code uses pointers into this string to access the
individual domains. Since the structure is zero-initialized, this bug only
resulted in zero-length domains instead of accessing unitialized memory.
BUG: 27312811
Change-Id: Ia9d066c405dfcc5e82d6766d93ead2ce574e7b0d
Our FORTIFY _chk functions' implementations were very repetitive and verbose
but not very helpful. We'd also screwed up and put the SSIZE_MAX checks where
they would never fire unless you actually had a buffer as large as half your
address space, which probably doesn't happen very often.
Factor out the duplication and take the opportunity to actually show details
like how big the overrun buffer was, or by how much it was overrun.
Also remove the obsolete FORTIFY event logging.
Also remove the unused __libc_fatal_no_abort.
This change doesn't improve the diagnostics from the optimized assembler
implementations.
Change-Id: I176a90701395404d50975b547a00bd2c654e1252
Change all of the hard-coded config values to be defined constants.
Also make sure to use these constants in the usage output.
Bug: 26739265
Change-Id: I597a6d71279a2df9cc7e98c42ac70224261bac99
...so memset it is, then.
I'll be glad when GCC is dead and we can use "= {}" like it's the 21st century.
Change-Id: I28d820d3926ac9bf44bf7c1e89e184726c840391
The purpose of this change is to silence Valgrind's warning about a
syscall parameter pointing to uninitialised bytes.
Change-Id: I2737235f9ac288dbc8ec4be0c6f1cef181c9b7d7
Changes affecting future time stamps
America/Cayman will not observe daylight saving this year after all.
Revert our guess that it would. (Thanks to Matt Johnson.)
Asia/Chita switches from +0800 to +0900 on 2016-03-27 at 02:00.
(Thanks to Alexander Krivenyshev.)
Asia/Tehran now has DST predictions for the year 2038 and later,
to be March 21 00:00 to September 21 00:00. This is likely better
than predicting no DST, albeit off by a day every now and then.
Changes affecting past and future time stamps
America/Metlakatla switched from PST all year to AKST/AKDT on
2015-11-01 at 02:00. (Thanks to Steffen Thorsen.)
America/Santa_Isabel has been removed, and replaced with a
backward compatibility link to America/Tijuana. Its contents were
apparently based on a misreading of Mexican legislation.
Changes affecting past time stamps
Asia/Karachi's two transition times in 2002 were off by a minute.
(Thanks to Matt Johnson.)
Bug: 26833368
(cherry-picked from commit 5408d8f39a)
Change-Id: I568ae45e0b38382507db3c244392ccc2edff29d3
I added the code to force alignments of 8 for 32 bit and 16 for 64 bit,
but I missed a couple of tests that failed due to this change. Fix the
failing tests.
Bug: 26739265
Change-Id: Ice9932d1419e59c07483c4c9fcdb84970844f0a6
When using sscanf and "%4s", the array passed in must include space for
a nul terminator.
Bug: 26739265
Change-Id: I0140a6100ca370666ae61689087ba41b4914789d
Add backtrace_string to convert a malloc_debug backtrace to a string.
Also move the backtrace functions to libc_malloc_debug_backtrace so that
libmemunreachable can reuse them.
Change-Id: I5ad67001c0b4d184903c762863a8588181d4873b
In order to enforce this constraint:
The pointer returned if the allocation succeeds shall be suitably
aligned so that it may be assigned to a pointer to any type of object
and then used to access such an object in the space allocated.
Force all allocations on 32 bit systems to have 8 byte alignment,
and all allocations on 64 bit systems to have 16 byte alignment.
Add a test to verify that the allocator returns the correct alignments.
Bug: 26739265
Change-Id: I9af53279617408676b94e4ec6481b3ed7ffafc6a
Add a pthread_atfork handler to malloc_debug to lock the TrackData mutex
during fork and reset it in the child. Ensures that the TrackData is
consistent when forking from a multi-threaded process, and that the
mutex is in a defined state in the child.
Change-Id: I0dfed30045a28551217ceac227d33b2e18894932
Found by passing a bad regular expression to the Google benchmark
code (https://github.com/google/benchmark).
Change-Id: I475db71c25706bbf02091b754acabe8254062f3a
Since we set both fields to NULL all the time, we can alias the two
fields together on LP32 to provide build-time compatibility.
BUG=24918750
TEST=python now builds for Brillo boards
Change-Id: I3394aea80c9a5288669389f71d0e4132f2157e3c
Small modifications needed to allow compilation with the new headers:
- Manually modify bionic/libc/kernel/uapi/asm-mips/asm/siginfo.h to
remove the uapi from the include.
- PR_XXX defines are now available for mips, so remove the definition
from linker_mips.cpp.
Bug: 23789423
Change-Id: I6dc8a03b012426d3a937db15cb24d3a50fab5a8c
Check if thread_id is in fact pthread_self before
locking on g_thread_list_lock in __pthread_internal_find.
The main reason for doing this is not performance but to allow
the linker use raise() which was not working because pthread_kill()
couldn't find pthread_self() thread because the global thread
list is initialized in libc.so and the linker's version of this
list is empty.
Bug: http://b/25867917
Change-Id: I18fe620e8cd465b30f0e1ff45fff32958f3c5c00
Our fopen/freopen/tmpfile are already always O_LARGEFILE, but let's add
the aliases for _LARGEFILE_SOURCE compatibility.
Bug: http://b/24807045
Change-Id: I5d99b3ef3c9f27ce70f13313f6a92e96c7f21f80
__size_mul_overflow generates warning under following compilation envrionment:
-OX -D_FORTIFY_SOURCE=2 (X=1, 2, 3)
For example:
echo '#include <stdio.h>' | \
prebuilts/gcc/linux-x86/arm/arm-linux-androideabi-4.9/bin/arm-linux-androideabi-gcc \
-I bionic/libc/arch-arm/include \
-I bionic/libc/include \
-I bionic/libc/kernel/uapi \
-I bionic/libc/kernel/common \
-I bionic/libc/kernel/uapi/asm-arm \
-I bionic/libm/include \
-I bionic/libm/include/arm \
-I bionic/libc/include \
-Werror \
-O1 \
-D_FORTIFY_SOURCE=2 \
-c \
-x c \
-
bionic/libc/include/stdio.h:360:13: error: '__size_mul_overflow' is
static but used in inline function 'fread' which is not static [-Werror]
if (__size_mul_overflow(size, count, &total)) {
^
C99 - 6.7.4
"An inline definition of a function with external linkage shall not contain
a definition of a modifiable object with static storage duration, and shall
not contain a reference to an identifier with internal linkage."
As standard does not require compiler to determine when it is safe to
reference an internal function in an external inline function, but instead
delegalizes such reference as a whole, gcc throws a warning for such code
under C99 compilation. Warning produced by libc header is inhereted widely
and strips the option of using -Werror to track code sanity.
Replace static inline specifier with gnu89 extern inline. Latter "is used
only for inlining. In no case is the function compiled on its own", which
is slightly different from former semantically, but should produce the same
result here.
Change-Id: I6a3374498e5499d110e54468cf9d0d67d2debbe2
Included in this change:
- Change the tag when a pointer is freed so it's easy to detect if
an already freed pointer is being used.
- Move the free backtrace out of the header. This backtrace is only
used under only some circumstances, so no need to allocate space
in all headers for it.
- Add new option free_track_backtrace_num_frames to specify how many
frames to record when the free occurs. This removes the dependency
on the backtrace option to get backtraces.
Bug: 26739265
Change-Id: I76f5209507dcf46af67ada162a7cb2bf282116f2
This was a regression since kati has been introduced. Without
this, touching libc/arch-common/bionic/__dso_handle.h doesn't
let ninja rebuild object files.
Bug: 26839129
Change-Id: Ie9ef4559c0d1ff0910a4d250ea36938b291d15db
This file should have been deleted with the malloc debug rewrite, but
popped back into existence due to a merge conflict.
Change-Id: I74e53daaf3febf650b20e3da5329558ac84c5bcd
This also lets us test the EOVERFLOW behavior, which pointed out that the
fgetpos/fsetpos return on failure has always been wrong...
Bug: http://b/24807045
Change-Id: I35273eb07c8c9155af858adb27569983397580b6
If snprintf() is called from the linker, it may erroneously return a
null string. The libc internal __libc_format_buffer() does not have
this problem, so it is now used instead.
Bug: 26756577
Change-Id: I37a97e27f59b3c0a087f54a6603cc3aff7f07522
This has been requested a few times over the years. This is basically
a very late rebase of https://android-review.googlesource.com/45470
which was abandoned years ago. One addition is that this version has
_FILE_OFFSET_BITS=64 support.
POSIX puts this in <unistd.h>. glibc also has it in <fcntl.h>.
Bug: http://b/13077650
Change-Id: I5862b1dc326e326c01ad92438ecc1578d19ba739
Broke the build. There's no such file as bionic_sdk_version.h anywhere in the tree.
This reverts commit 892b61d340.
Change-Id: Iec3f4588edfb1d1524bb5f16451fd05dc6ebe44a
Gcc doesn't like the brace object initialization, so make all of
the Feature objects explicit.
Also, no arguments to the error_log macros make gcc unhappy, so add
an option to turn these into warnings. These will be fixed when we
add the explicit _error and _warn log functions.
Change-Id: I35af834dabb5548923e893dd980a751fdebfa13a
Posix standards says sem_wait is interruptible by the delivery
of a signal. To keep compatiblity with old apps, only fix that
in newer sdk versions.
Bug: 26743454
Change-Id: I924cbb436658e3e0f397c922d866ece99b8241a3
The major components of the rewrite:
- Completely remove the qemu shared library code. Nobody was using it
and it appears to have broken at some point.
- Adds the ability to enable/disable different options independently.
- Adds a new option that can enable the backtrace on alloc/free when
a process gets a specific signal.
- Adds a new way to enable malloc debug. If a special property is
set, and the process has an environment variable set, then debug
malloc will be enabled. This allows something that might be
a derivative of app_process to be started with an environment variable
being enabled.
- get_malloc_leak_info() used to return one element for each pointer that
had the exact same backtrace. The new version returns information for
every one of the pointers with same backtrace. It turns out ddms already
automatically coalesces these, so the old method simply hid the fact
that there where multiple pointers with the same amount of backtrace.
- Moved all of the malloc debug specific code into the library.
Nothing related to the malloc debug data structures remains in libc.
- Removed the calls to the debug malloc cleanup routine. Instead, I
added an atexit call with the debug malloc cleanup routine. This gets
around most problems related to the timing of doing the cleanup.
The new properties and environment variables:
libc.debug.malloc.options
Set by option name (such as "backtrace"). Setting this to a bad value
will cause a usage statement to be printed to the log.
libc.debug.malloc.program
Same as before. If this is set, then only the program named will
be launched with malloc debug enabled. This is not a complete match,
but if any part of the property is in the program name, malloc debug is
enabled.
libc.debug.malloc.env_enabled
If set, then malloc debug is only enabled if the running process has the
environment variable LIBC_DEBUG_MALLOC_ENABLE set.
Bug: 19145921
Change-Id: I7b0e58cc85cc6d4118173fe1f8627a391b64c0d7
Move fdopen/fopen/freopen and change them to initialize _seek64 instead
of the legacy _seek. The in-memory streams can stick with _seek for now,
since you're not going to fit a > 4GiB in-memory stream on a 32-bit device
anyway.
Bug: http://b/24807045
Change-Id: I09dcb426817b571415ce24d4d15f364cdda395b3
The first rule of stdio is you never change struct FILE. This broke all
NDK-built apps that used stdin/stdout/stderr. (Which is more than you
might think, given that those streams don't go anywhere useful. Svelte!)
I've added a big code comment because I knew when I removed the field that
doing so was a mistake, but I couldn't think why.
Bug: http://b/24807045
Bug: http://b/26747402
Change-Id: Ie1233586b223bb1cdf8e354c66d5ff23487a833a
BSD doesn't invalidate the fd stored in struct FILE, which can make
it possible (via fileno(3), for example), to perform operations on
an fd you didn't intend to (rather than just failing with EBADF).
Fixing this makes the code slightly simpler anyway, and might help
catch bad code before it ships.
Bug: http://stackoverflow.com/questions/10816837/fclose-works-differently-on-android-and-linux
Change-Id: I9db74584038229499197a2695c70b58ed0372a87
* Default to clang when USE_CLANG_PLATFORM_BUILD is not set
and the target has no clang bug.
BUG: 26102335
Change-Id: Ied6c9dc5593bfbadbb8d8b38e66ea237d649bae5
This is just a subset of the recently-implemented getifaddrs(3), though if
we want to handle interfaces (such as "rmnet_*") that don't have an address,
we need to either expose ifaddrs_storage and keep track of which interfaces
we've already seen (which is pretty messy), or refactor the netlink code so
we can reuse it and just extract the information we need for if_nameindex(3).
This patch goes the latter route.
Also clean up if_nametoindex(3) and if_indextoname(3).
Change-Id: I5ffc5df0bab62286cdda2e7af06f032c767119a8