Commit graph

17 commits

Author SHA1 Message Date
Elliott Hughes
53420fb21e x86-64's va_list is not a pointer type.
Change-Id: I680feeb641d5411ac481daaae6fa1580e74c5563
2016-06-30 13:47:16 -07:00
Elliott Hughes
8ed118db61 Apparently mips and x86's va_list is a pointer type.
And clang won't let you have a function declaration where some arguments
have nullability specifiers and others don't.

Change-Id: I450b0221a3f7f068d5fe971dfbc0ba91d25710e8
2016-06-30 12:46:21 -07:00
Elliott Hughes
9eb3ae122f Remove __nonnull (in favor of _Nonnull).
It's a dangerous pain in the ass, and we're only using it in one place, and
that's a mistake too.

Change-Id: Ida1d1286aaa1343bdee95fa092fcb45ff3258f77
2016-06-30 10:37:03 -07:00
Elliott Hughes
b83d6747fa Improve FORTIFY failure diagnostics.
Our FORTIFY _chk functions' implementations were very repetitive and verbose
but not very helpful. We'd also screwed up and put the SSIZE_MAX checks where
they would never fire unless you actually had a buffer as large as half your
address space, which probably doesn't happen very often.

Factor out the duplication and take the opportunity to actually show details
like how big the overrun buffer was, or by how much it was overrun.

Also remove the obsolete FORTIFY event logging.

Also remove the unused __libc_fatal_no_abort.

This change doesn't improve the diagnostics from the optimized assembler
implementations.

Change-Id: I176a90701395404d50975b547a00bd2c654e1252
2016-02-26 22:06:17 -08:00
Colin Cross
2c75991359 Add backtrace_string and export to libmemunreachable
Add backtrace_string to convert a malloc_debug backtrace to a string.
Also move the backtrace functions to libc_malloc_debug_backtrace so that
libmemunreachable can reuse them.

Change-Id: I5ad67001c0b4d184903c762863a8588181d4873b
2016-02-18 16:09:17 -08:00
Dan Albert
ce6b1abbb1 Expose android_set_abort_message().
Removes the leading underscores from __android_set_abort_message() and
moves its declaration into a public header file.

Bug: 17059126
Change-Id: I470c79db47ec783ea7a54b800f8b78ecbe7479ab
2014-08-18 14:37:42 -07:00
Elliott Hughes
91570ce987 Slim down static binaries by avoiding stdio.
It's okay for a program to choose to drag in stdio, but it's unfortunate
if even the minimal "int main() { return 42; }" drags in stdio...

This brings the minimal static binary on ARM down from 78KiB to 46KiB.

Given that we don't have a separate -lpthread it's not obvious to me that
we can shave this down any further. I'm not sure whether this is a worthwhile
change for that reason. (And the fact that dynamic binaries, the usual case,
are unaffected either way.)

Change-Id: I02f91dcff37d14354314a30b72fed2563f431c88
2014-07-10 12:34:23 -07:00
Elliott Hughes
ae0a62b014 Fix LOG_ID_CRASH build failure.
Change-Id: I66517e30c568d7f36f6bf6b1e4507ecf14f01226
2014-05-07 17:12:40 -07:00
Elliott Hughes
c78368f04f Change the interface for fatal logging.
This more general interface lets liblog give us any fatal log message,
regardless of source. This means we can remove the special case for
LOG_ALWAYS_FATAL with a simpler scheme that automatically works for
the VM too.

Change-Id: Ia6dbf7c3dbabf223081bd5159294835d954bb067
2014-05-06 20:37:22 -07:00
Elliott Hughes
2e3b7108b5 Allow liblog to pass failure reasons to debuggerd.
assert(3) already does this, but LOG_ALWAYS_FATAL and LOG_ALWAYS_FATAL_IF
have been missing out.

Change-Id: I1d6214c4f792fa0d4ba3c14eded3fc9c332bd3c5
2014-04-23 14:52:49 -07:00
Mark Salyzyn
0336e35368 libc: Make calls to new user-space logger
* libc (fatal) logging now makes socket connection to the
  user-space logging service.
* Add a TARGET_USES_LOGD make flag for BoardConfig.mk to manage
  whether logd is enabled for use or not.

Change-Id: I96ab598c76d6eec86f9d0bc81094c1fb3fb0d9b4
2014-02-26 15:33:13 -08:00
Christopher Ferris
59a13c122e Optimize __memset_chk, __memcpy_chk. DO NOT MERGE.
This change creates assembler versions of __memcpy_chk/__memset_chk
that is implemented in the memcpy/memset assembler code. This change
avoids an extra call to memcpy/memset, instead allowing a simple fall
through to occur from the chk code into the body of the real
implementation.

Testing:

- Ran the libc_test on __memcpy_chk/__memset_chk on all nexus devices.
- Wrote a small test executable that has three calls to __memcpy_chk and
  three calls to __memset_chk. First call dest_len is length + 1. Second
  call dest_len is length. Third call dest_len is length - 1.
  Verified that the first two calls pass, and the third fails. Examined
  the logcat output on all nexus devices to verify that the fortify
  error message was sent properly.
- I benchmarked the new __memcpy_chk and __memset_chk on all systems. For
  __memcpy_chk and large copies, the savings is relatively small (about 1%).
  For small copies, the savings is large on cortex-a15/krait devices
  (between 5% to 30%).
  For cortex-a9 and small copies, the speed up is present, but relatively
  small (about 3% to 5%).
  For __memset_chk and large copies, the savings is also small (about 1%).
  However, all processors show larger speed-ups on small copies (about 30% to
  100%).

Bug: 9293744

Merge from internal master.

(cherry-picked from 7c860db074)

Change-Id: I916ad305e4001269460ca6ebd38aaa0be8ac7f52
2013-08-14 18:14:43 -07:00
Elliott Hughes
61e699a133 Clean up abort.
* A dlmalloc usage error shouldn't call abort(3) because we want to
  cause a SIGSEGV by writing the address dlmalloc didn't like to an
  address the kernel won't like, so that debuggerd will dump the
  memory around the address that upset dlmalloc.

* Switch to the simpler FreeBSD/NetBSD style of registering stdio
  cleanup. Hopefully this will let us simplify more of the stdio
  implementation.

* Clear the stdio cleanup handler before we abort because of a dlmalloc
  corruption error. This fixes the reported bug, where we'd hang inside
  dlmalloc because the stdio cleanup reentered dlmalloc.

Bug: 9301265
Change-Id: Ief31b389455d6876e5a68f0f5429567d37277dbc
2013-06-12 14:14:53 -07:00
Nick Kralevich
cf870199d5 FORTIFY_SOURCE: strcat / strncat optimize
__strcat_chk and __strncat_chk are slightly inefficient,
because they end up traversing over the same memory region
two times.

This change optimizes __strcat_chk / __strncat_chk so they
only access the memory once. Although I haven't benchmarked these
changes, it should improve the performance of these functions.

__strlen_chk - expose this function, even if -D_FORTIFY_SOURCE
isn't defined. This is needed to compile libc itself without
-D_FORTIFY_SOURCE.

Change-Id: Id2c70dff55a276b47c59db27a03734d659f84b74
2013-05-31 09:07:46 -07:00
Elliott Hughes
d04c183979 Add more __restricts, clean up __format__ attributes.
Change-Id: I7e2d270cc722d339d221eaea92747eaff3b51403
2013-05-14 16:08:43 -07:00
Elliott Hughes
0d787c1fa1 Make abort messages available to debuggerd.
This adds __libc_fatal, cleans up the internal logging code a bit more,
and switches suitable callers over to __libc_fatal. In addition to logging,
__libc_fatal stashes the message somewhere that the debuggerd signal handler
can find it before calling abort.

In the debuggerd signal handler, we pass this address to debuggerd so that
it can come back with ptrace to read the message and present it to the user.

Bug: 8531731
Change-Id: I416ec1da38a8a1b0d0a582ccd7c8aaa681ed4a29
2013-04-05 11:24:19 -07:00
Elliott Hughes
8f2a5a0b40 Clean up internal libc logging.
We only need one logging API, and I prefer the one that does no
allocation and is thus safe to use in any context.

Also use O_CLOEXEC when opening the /dev/log files.

Move everything logging-related into one header file.

Change-Id: Ic1e3ea8e9b910dc29df351bff6c0aa4db26fbb58
2013-03-15 16:12:58 -07:00
Renamed from libc/private/debug_format.h (Browse further)