For some reason, socketcalls.c was only being compiled for ARM, where
it makes no sense. For x86 we generate stubs for the socket functions
that use __NR_socketcall directly.
Change-Id: I84181e6183fae2314ae3ed862276eba82ad21e8e
We only need one logging API, and I prefer the one that does no
allocation and is thus safe to use in any context.
Also use O_CLOEXEC when opening the /dev/log files.
Move everything logging-related into one header file.
Change-Id: Ic1e3ea8e9b910dc29df351bff6c0aa4db26fbb58
This is actually a slightly newer upstream version than the one I
originally pulled. Hopefully now it's in upstream-freebsd it will
be easier to track upstream, though I still need to sit down and
write the necessary scripts at some point.
Bug: 5110679
Change-Id: I87e563f0f95aa8e68b45578e2a8f448bbf827a33
The old scandir implementation didn't take into account the varying
size of directory entries, and didn't correctly clean up on its
error exits.
Bug: 7339844
Change-Id: Ib40e3564709752241a3119a496cbb2192e3f9abe
We could special-case raise(3) in non-threaded programs, but the more
conservative course is to make pthread_kill(3) work in signal handlers
at the cost of a race shared by other C libraries.
Change-Id: I59fb23d03bdabf403435e731704b33acdf3e0234
imgtec pointed out that pthread_kill(3) was broken, but most of the
other functions that ought to return ESRCH for invalid/exited threads
were equally broken.
Change-Id: I96347f6195549aee0c72dc39063e6c5d06d2e01f
Fix the pthread_setname_np test to take into account that emulator kernels are
so old that they don't support setting the name of other threads.
The CLONE_DETACHED thread is obsolete since 2.5 kernels.
Rename kernel_id to tid.
Fix the signature of __pthread_clone.
Clean up the clone and pthread_setname_np implementations slightly.
Change-Id: I16c2ff8845b67530544bbda9aa6618058603066d
bionic/libc/bionic/ssp.cpp:41:31: warning: converting to non-pointer type 'uintptr_t {aka unsigned int}' from NULL [-Wconversion-null]
Change-Id: Id154ed4a99520cca64ffd3dbe4d743db6e2da28a
This reverts commit 6f94de3ca4
(Doesn't try to increase the number of TLS slots; that leads to
an inability to boot. Adds more tests.)
Change-Id: Ia7d25ba3995219ed6e686463dbba80c95cc831ca
POSIX says pthread_create returns EAGAIN, not ENOMEM.
Also pull pthread_attr_t functions into their own file.
Also pull pthread_setname_np into its own file.
Also remove unnecessary #includes from pthread_key.cpp.
Also account for those pthread keys used internally by bionic,
so they don't count against the number of keys available to user
code. (They do with glibc, but glibc's limit is the much more
generous 1024.)
Also factor out the common errno-restoring idiom to reduce gotos.
Bug: 6702535
Change-Id: I555e66efffcf2c1b5a2873569e91489156efca42
This was originally motivated by noticing that we were setting the
wrong bits for the well-known tls entries. That was a harmless bug
because none of the well-known tls entries has a destructor, but
it's best not to leave land mines lying around.
Also add some missing POSIX constants, a new test, and fix
pthread_key_create's return value when we hit the limit.
Change-Id: Ife26ea2f4b40865308e8410ec803b20bcc3e0ed1
There's now only one place where we deal with this stuff, it only needs to
be parsed once by the dynamic linker (rather than by each recipient), and it's
now easier for us to get hold of auxv data early on.
Change-Id: I6314224257c736547aac2e2a650e66f2ea53bef5
Otherwise people trying to use this are left wondering "did I not leak, or did
the leak checking code not get called when I exited?".
Change-Id: If79b225f8a2e24dd69aba1fb836bf9e81bb00efe
Previously, we'd collect every stack frame and then throw some away
when we came to log them. This meant that stack traces were effectively
shorter than the buffers that had been allocated for them. This patch
only stores frames we'll actually output.
Also dynamically call the C++ demangler so we don't have to try to
read mangled names. Because no one knows the mangling of operator new[]
for int arrays off the top of their head.
Bug: 7291287
Change-Id: I42b022fd7cd61675d05171de4c3b2704d058ef2a
Include the leaky executable's name in the log output. Fix the "sh" test.
Use uintptr_t instead of intptr_t.
Also fix debug formatting of NULL with %s.
Bug: 7291287
Change-Id: I015bf341cd48d43a247173612e6ccb1bf1243d53
Check that the permissions on the properties file
are exactly as we expect them to be.
Make sure we close the fd if fstat fails.
Refactor the code slightly.
Change-Id: I5503fd58c3b8093ce7e6d05920748ed70eaf8e2c
Currently, system properties are passed via the environment
variable ANDROID_PROPERTY_WORKSPACE and a file descriptor passed
from parent to child. This is insecure for setuid executables,
as the environment variable can be changed by the caller.
Modify system property handling so that we get the properties
from a root owned properties file, rather than using an
environment variable. Fall back to the environment variable
if the file doesn't exist.
Bug: 8045561
Change-Id: I54f3efa98cf7d63d88788da5ce0d19e34fd7851a
We don't know that they're not going to be cleaned up by a
C++ global destructor that runs after us. This is the case with
bootanimation, for example.
Bug: 7291287
Change-Id: Iba402514d1735fdc2ae4bc95b65396d816be46c0
When each shell leaks ~240 allocations, you can't see the leaks from
the program you ran with "adb shell".
Bug: 7291287
Change-Id: Ib8780db72ba0114ebdb24768537da74bbb61f354
We had two copies of the backtrace code, and two copies of the
libcorkscrew /proc/pid/maps code. This patch gets us down to one.
We also had hacks so we could log in the malloc debugging code.
This patch pulls the non-allocating "printf" code out of the
dynamic linker so everyone can share.
This patch also makes the leak diagnostics easier to read, and
makes it possible to paste them directly into the 'stack' tool (by
using relative PCs).
This patch also fixes the stdio standard stream leak that was
causing a leak warning every time tf_daemon ran.
Bug: 7291287
Change-Id: I66e4083ac2c5606c8d2737cb45c8ac8a32c7cfe8
The AT_RANDOM changes broke setuid / setgid executables
such as "ping". When the linker executes a setuid program,
it cleans the environment, removing any invalid environment
entries, and adding "NULL"s to the end of the environment
array for each removed variable. Later on, we try to determine
the location of the aux environment variable, and get tripped
up by these extra NULLs.
Reverting this patch will get setuid executables working again,
but getauxval() is still broken for setuid programs because of
this bug.
This reverts commit e3a49a8661.
Change-Id: I05c58a896b1fe32cfb5d95d43b096045cda0aa4a
Populate the stack canaries from the kernel supplied
AT_RANDOM value, which doesn't involve any system calls.
This is slightly faster (6 fewer syscalls) and avoids
unnecessarily reading /dev/urandom, which depletes entropy.
Bug: 7959813
Change-Id: If2b43100a2a9929666df3de56b6139fed969e0f1
The dynamic linker applies relro before the preinit and init
arrays are executed, so we should be consistent for statically
linked executables.
Change-Id: Ia0a49d0e981a6e8791f74eed00280edf576ba139
Add signalfd() call to bionic.
Adding the signalfd call was done in 3 steps:
- add signalfd4 system call (function name and syscall
number) to libc/SYSCALLS.TXT
- generate all necessary headers by calling
libc/tools/gensyscalls.py. This patch is adding
the generated files since the build system
does not call gensyscalls.py.
- create the signalfd wrapper in signalfd.cpp and add
the function prototype to sys/signalfd.h
(cherry-pick of 0c11611c11, modified to
work with older versions of GCC still in use on some branches.)
Change-Id: I4c6c3f12199559af8be63f93a5336851b7e63355
raise() should use pthread_kill() in a pthreads environment.
For bionic this means it should always be used.
Change-Id: Ic679272b664d2b8a7068b628fb83a9f7395c441f
In 9ec0f03a0d, we added dynamic
linker support for GNU_RELRO protections. These protections
make certain regions of memory read-only, helping protect certain
data structures from accidental or deliberate modifications.
This change adds GNU_RELRO support to STATIC executables. We can
determine if we're compiled with relro protections by examining
our own program headers, which is passed to us by the kernel
in the AT_PHDR and AT_PHNUM auxiliary vectors.
Parts of this code were stolen from the dynamic linker.
Change-Id: Ic17eb5f932218538ec25347ece314d4dc7549de1
...and don't pass a non-heap pointer to free(3), either.
This patch replaces the "node** prev" with the clearer "node* prev"
style and fixes the null pointer dereference in the old code. That's
not sufficient to fix the reporter's bug, though. The pthread_internal_t*
for the main thread isn't heap-allocated --- __libc_init_tls causes a
pointer to a statically-allocated pthread_internal_t to be added to
the thread list.
Bug: http://code.google.com/p/android/issues/detail?id=37410
Change-Id: I112b7f22782fc789d58f9c783f7b323bda8fb8b7
Most of these tests were in system/extras, but I've added more to cover other
cases explicitly mentioned by POSIX.
Change-Id: I5e8d77e4179028d77306935cceadbb505515dcde
pthread_no_op_detach_after_join test from bionic-unit-tests hangs
on x86 emulator. There is a race in the pthread_join, pthread_exit,
pthread_detach functions:
- pthread_join waits for the non-detached thread
- pthread_detach sets the detached flag on that thread
- the thread executes pthread_exit which just kills the now-detached
thread, without sending the join notification.
This patch improves the test so it fails on ARM too, and modifies
pthread_detach to behave more like glibc, not setting the detach state if
called on a thread that's already being joined (but not returning an error).
Change-Id: I87dc688221ce979ef5178753dd63d01ac0b108e6
Signed-off-by: Sergey Melnikov <sergey.melnikov@intel.com>
The first NULL pointer check against `attr' suggests that `attr' can
be NULL. Then later `attr' is directly dereferenced, suggesting the
opposite.
if (attr == NULL) {
...
} else {
...
}
...
if (attr->stack_base == ...) { ... }
The public API pthread_create(3) allows NULL, and interprets it as "default".
Our implementation actually swaps in a pointer to the global default
pthread_attr_t, so we don't need any NULL checks in _init_thread. (The other
internal caller passes its own pthread_attr_t.)
Change-Id: I0a4e79b83f5989249556a07eed1f2887e96c915e
Signed-off-by: Xi Wang <xi.wang@gmail.com>
The declaration for alphasort() in <dirent.h> used the deprecated:
int alphasort(const void*, const void*);
while both Posix and GLibc use instead:
int alphasort(const struct dirent** a, const struct dirent** b);
See: http://pubs.opengroup.org/onlinepubs/9699919799/functions/alphasort.html
This patch does the following:
- Update the declaration to match Posix/GLibc
- Get rid of the upstream BSD code which isn't compatible with the new
signature.
- Implement a new trivial alphasort() with the right signature, and
ensure that it uses strcoll() instead of strcmp().
- Remove Bionic-specific #ifdef .. #else .. #endif block in
dirent_test.cpp which uses alphasort().
Even through strcoll() currently uses strcmp(), this does the right
thing in the case where we decide to update strcoll() to properly
implement locale-specific ordered comparison.
Change-Id: I4fd45604d8a940aaf2eb0ecd7d73e2f11c9bca96
Based on a pair of patches from Intel:
https://android-review.googlesource.com/#/c/43909/https://android-review.googlesource.com/#/c/44903/
For x86, this patch supports _both_ the global that ARM/MIPS use
and the per-thread TLS entry (%gs:20) that GCC uses by default. This
lets us support binaries built with any x86 toolchain (right now,
the NDK is emitting x86 code that uses the global).
I've also extended the original tests to cover ARM/MIPS too, and
be a little more thorough for x86.
Change-Id: I02f279a80c6b626aecad449771dec91df235ad01
Also separate out the C++ files so we can use -Werror on them. I'd
rather wait for LOCAL_CPPFLAGS to be in AOSP, but this also lets us
see which files still need to be sorted into one bucket or the other.
Change-Id: I6acc1f7c043935c70a3b089f705d218b9aaaba0a
I gave up trying to use the usual thread-local buffer idiom; calls to
calloc(3) and free(3) from any of the "dl" functions -- which live in
the dynamic linker -- end up resolving to the dynamic linker's stubs.
I tried to work around that, but was just making things more complicated.
This alternative costs us a well-known TLS slot (instead of the
dynamically-allocated TLS slot we'd have used otherwise, so no difference
there), plus an extra buffer inside every pthread_internal_t.
Bug: 5404023
Change-Id: Ie9614edd05b6d1eeaf7bf9172792d616c6361767
The tests for a NULL pointer and size 0 were the wrong way round.
From Intel's patch 9cae4f2ffc4778ed82be04711d8775a84092d4e2.
Change-Id: I118aff3358aa5f34126d74bfaa43f6e2f1a89055
Add unit tests for dlerror(3) in various situations. I think We're at least
as good as glibc now.
Also factor out the ScopedPthreadMutexLock and use it here too.
Bug: http://code.google.com/p/android/issues/detail?id=38398
Change-Id: I040938b4366ab836e3df46d1d8055b92f4ea6ed8
I'll need at least one more pass, because there's some upstream code
lurking in libc/bionic, but this is still a step in the right direction.
Change-Id: I55927315972da8327ae01c5240ed587db17e8462
For applications that share resources across users such as
forward-locked applications, print out their group name correctly.
Change-Id: I06ee0b67e4325cfa415ffd7a03e301700399a66d
Also fix problem with multi-user IDs that the home directory was
returned as "/data" instead of "/" unlike all the other uids.
Change-Id: I914d22052e5a86552989f8969b85aadbc748c65d
Several previous changes conspired to make a mess of the thread list
in static binaries. This was most obvious when trying to call
pthread_key_delete(3) on the main thread.
Bug: http://code.google.com/p/android/issues/detail?id=36893
Change-Id: I2a2f553114d8fb40533c481252b410c10656da2e
Expecting the memory in a forked child process to be sane wrt threading
is a bad idea. An example of a problem is when the parent process has
the malloc lock and a child process is forked. The malloc lock in the
child will appear locked by a thread that doesn't exist.
This change aims to make bionic more compatible with glibc by reseting
the malloc lock in the child forked process, as well as holding it
during the fork. This is a feature in dlmalloc 2.8.6 called
LOCK_AT_FORK. In general this feature isn't necessary as a forked
process will then exec. Some bad applications rely on being able to use
features like malloc before the exec and having multiple threads running
in the parent program. This isn't a problem with glibc and this patch
makes it not a problem for bionic.
Unfortunately for use in bionic, LOCK_AT_FORK has an issue as internally
it uses pthread_atfork that in bionic uses malloc. This leads to the
LOCK_AT_FORK initialization deadlocking with pthread_atfork's call to
malloc due to the malloc lock. This change moves the pthread_atfork logic
in LOCK_AT_FORK to be called without the malloc lock held.
Change-Id: Id68175a564a6abb936ee4488b44d9479f7311f69
None of the supported ARCHs actually populate these sections,
so there is no point in keeping them in the binaries.
Change-Id: I21a364f510118ac1114e1b49c53ec8c895c6bc6b
Signed-off-by: Ard Biesheuvel <ard.biesheuvel@gmail.com>
Move dlmalloc code to upstream-dlmalloc to make pulling upstream changes
easier.
Declare pvalloc and malloc_usable_size routines present in malloc.h but with
missing implementations. Remove other functions from malloc.h that have
no implementation nor use in Android.
Change-Id: Ia6472ec6cbebc9ad1ef99f4669de9d33fcc2efb4
Save thread id to *thread_out before new
thread is allowed to run else there's a
risk that the thread has finished and
been deleted when *thread_out is assigned.
Change-Id: I6b84c61a8df06840877d4ab036f26feace3192d8
This header is used on bionic build and should be propagated into
sysroot on toolchain rebuild. Discussion re. this header is here:
http://gcc.gnu.org/ml/gcc-patches/2012-08/msg00936.html
It is available already in mips NDK platforms:
development/ndk/platforms/android-9/arch-mips/include/link.h
Change-Id: I39ff467cdac9f448e31c11ee3e14a6200e82ab57
Signed-off-by: Pavel Chupin <pavel.v.chupin@intel.com>
In previous commit: 2fd81ef7, .mk file has been modified to
configure MALLOC_ALIGNMENT dynamicly according to board config.
Add the missing macor protection here.
Change-Id: I703cca2ce0504ab3e11aab226b2c61fcc0c6afa1
Author: Jin Wei <wei.a.jin@intel.com>
Signed-off-by: Xiaokang Qin <xiaokang.qin@intel.com>
Signed-off-by: Beare, Bruce J <bruce.j.beare@intel.com>
Signed-off-by: Jack Ren <jack.ren@intel.com>
Add __bionic_clone function for x86, which will be
used for clone system call.
Change-Id: I889dc9bf4b7ebb4358476e17e6f3233e26491f4d
Signed-off-by: Jin Wei <wei.a.jin@intel.com>
Signed-off-by: Xiaokang Qin <xiaokang.qin@intel.com>
Signed-off-by: Beare, Bruce J <bruce.j.beare@intel.com>
Signed-off-by: Jack Ren <jack.ren@intel.com>
Author-tracking-BZ: 51414
Allow naming such as u1_system, u2_radio, u2_media.
Forward and reverse mapping for the above.
(cherry-pick of c60a0027b1ef3bc4929d2023e7083fbce12fafe7.)
Change-Id: I46eeb23fee4f57b2907640570504123d3ce99985
This allows debugging tools to know they are working with Android
binaries and adapt accordingly.
Signed-off-by: Thiago Jung Bauermann <thiago.bauermann@linaro.org>
Signed-off-by: Michael Hope <michael.hope@linaro.org>
Change-Id: Ic906992fcad61c028bb765821637a3e1333bf52b
In particular this affects assert(3) and __cxa_pure_virtual, both of
which have managed to confuse people this week by apparently aborting
without reason. (Because stderr goes nowhere, normally.)
Bug: 6852995
Bug: 6840813
Change-Id: I7f5d17d5ddda439e217b7932096702dc013b9142
RETRY macro may retry command if result is -1. In this
case the command was "connect < 0" instead of just
connect. The comparison will not return -1 and thus
retry is never done. This is now corrected so that
interrupts will cause retry instead of fail.
(There was no other negative side effect of the bug.
The result code from RETRY was used in an if-statement
and it would be true for all negative connect results.
This was according to expectations.)
Change-Id: Ie206b39878e9befea4e3be9a4061ee39eb232d80
I've basically just copied the relevant bits out of liblog and
EventLog.cpp. While this will let us do the uid logging we want
to address the concerns in 245c07027f78565858dd489eb0d94c3d48743e9d
it doesn't give us much else.
Change-Id: Icac6ff20bc0a3ade5927f6f76fedffe1ae6f8522
This patch is a rewrite of libc.debug.malloc = 10 (chk_malloc). It provides
the same features as the original (poison freed memory, detect heap overruns
and underruns), except that it provides more debugging information whenever it
detects a problem.
In addition to the original features, the new chk_malloc() implementation
detects multiple frees within a given range of the last N allocations, N being
configurable via the system property libc.debug.malloc.backlog.
Finally, this patch keeps track of all outstanding memory allocations. On
program exit, we walk that list and report each outstanding allocation.
(There is support (not enabled) for a scanner thread periodically walks over
the list of outstanding allocations as well as the backlog of recently-freed
allocations, checking for heap-usage errors.)
Feature overview:
1) memory leaks
2) multiple frees
3) use after free
4) overrun
Implementation:
-- for each allocation, there is a:
1) stack trace at the time the allocation is made
2) if the memory is freed, there is also a stack trace at the point
3) a front and rear guard (fence)
4) the stack traces are kept together with the allocation
-- the following lists and maintained
1) all outstanding memory allocations
3) a backlog of allocations what are freed; when you call free(), instead of
actually freed, the allocation is moved to this backlog;
4) when the backlog of allocations gets full, the oldest entry gets evicted
from it; at that point, the allocation is checked for overruns or
use-after-free errors, and then actually freed.
5) when the program exits, the list of outstanding allocations and the
backlog are inspected for errors, then freed;
To use this, set the following system properties before running the process or
processes you want to inspect:
libc.malloc.debug.backlog # defaults to 100
libc.malloc.debug 10
When a problem is detected, you will see the following on logcat for a multiple
free:
E/libc ( 7233): +++ ALLOCATION 0x404b9278 SIZE 10 BYTES MULTIPLY FREED!
E/libc ( 7233): +++ ALLOCATION 0x404b9278 SIZE 10 ALLOCATED HERE:
E/libc ( 7233): *** *** *** *** *** *** *** *** *** *** *** *** *** *** *** ***
E/libc ( 7233): #00 pc 0000c35a /system/lib/libc_malloc_debug_leak.so
E/libc ( 7233): #01 pc 0000c658 /system/lib/libc_malloc_debug_leak.so
E/libc ( 7233): #02 pc 00016d80 /system/lib/libc.so
E/libc ( 7233): #03 pc 4009647c /system/bin/malloctest
E/libc ( 7233): #04 pc 00016f24 /system/lib/libc.so
E/libc ( 7233): +++ ALLOCATION 0x404b9278 SIZE 10 FIRST FREED HERE:
E/libc ( 7233): *** *** *** *** *** *** *** *** *** *** *** *** *** *** *** ***
E/libc ( 7233): #00 pc 0000c35a /system/lib/libc_malloc_debug_leak.so
E/libc ( 7233): #01 pc 0000c7d2 /system/lib/libc_malloc_debug_leak.so
E/libc ( 7233): #02 pc 00016d94 /system/lib/libc.so
E/libc ( 7233): #03 pc 40096490 /system/bin/malloctest
E/libc ( 7233): #04 pc 00016f24 /system/lib/libc.so
E/libc ( 7233): +++ ALLOCATION 0x404b9278 SIZE 10 NOW BEING FREED HERE:
E/libc ( 7233): *** *** *** *** *** *** *** *** *** *** *** *** *** *** *** ***
E/libc ( 7233): #00 pc 0000c35a /system/lib/libc_malloc_debug_leak.so
E/libc ( 7233): #01 pc 0000c6ac /system/lib/libc_malloc_debug_leak.so
E/libc ( 7233): #02 pc 00016d94 /system/lib/libc.so
E/libc ( 7233): #03 pc 400964a0 /system/bin/malloctest
E/libc ( 7233): #04 pc 00016f24 /system/lib/libc.so
The following for a heap overrun and underrun:
E/libc ( 7233): +++ REAR GUARD MISMATCH [10, 11)
E/libc ( 7233): +++ ALLOCATION 0x404b9198 SIZE 10 HAS A CORRUPTED REAR GUARD
E/libc ( 7233): +++ ALLOCATION 0x404b9198 SIZE 10 ALLOCATED HERE:
E/libc ( 7233): *** *** *** *** *** *** *** *** *** *** *** *** *** *** *** ***
E/libc ( 7233): #00 pc 0000c35a /system/lib/libc_malloc_debug_leak.so
E/libc ( 7233): #01 pc 0000c658 /system/lib/libc_malloc_debug_leak.so
E/libc ( 7233): #02 pc 00016d80 /system/lib/libc.so
E/libc ( 7233): #03 pc 40096438 /system/bin/malloctest
E/libc ( 7233): #04 pc 00016f24 /system/lib/libc.so
E/libc ( 7233): +++ ALLOCATION 0x404b9198 SIZE 10 FREED HERE:
E/libc ( 7233): *** *** *** *** *** *** *** *** *** *** *** *** *** *** *** ***
E/libc ( 7233): #00 pc 0000c35a /system/lib/libc_malloc_debug_leak.so
E/libc ( 7233): #01 pc 0000c7d2 /system/lib/libc_malloc_debug_leak.so
E/libc ( 7233): #02 pc 00016d94 /system/lib/libc.so
E/libc ( 7233): #03 pc 40096462 /system/bin/malloctest
E/libc ( 7233): #04 pc 00016f24 /system/lib/libc.so
E/libc ( 7233): +++ ALLOCATION 0x404b9358 SIZE 10 HAS A CORRUPTED FRONT GUARD
E/libc ( 7233): +++ ALLOCATION 0x404b9358 SIZE 10 ALLOCATED HERE:
E/libc ( 7233): *** *** *** *** *** *** *** *** *** *** *** *** *** *** *** ***
E/libc ( 7233): #00 pc 0000c35a /system/lib/libc_malloc_debug_leak.so
E/libc ( 7233): #01 pc 0000c658 /system/lib/libc_malloc_debug_leak.so
E/libc ( 7233): #02 pc 00016d80 /system/lib/libc.so
E/libc ( 7233): #03 pc 400964ba /system/bin/malloctest
E/libc ( 7233): #04 pc 00016f24 /system/lib/libc.so
E/libc ( 7233): +++ ALLOCATION 0x404b9358 SIZE 10 FREED HERE:
E/libc ( 7233): *** *** *** *** *** *** *** *** *** *** *** *** *** *** *** ***
E/libc ( 7233): #00 pc 0000c35a /system/lib/libc_malloc_debug_leak.so
E/libc ( 7233): #01 pc 0000c7d2 /system/lib/libc_malloc_debug_leak.so
E/libc ( 7233): #02 pc 00016d94 /system/lib/libc.so
E/libc ( 7233): #03 pc 400964e4 /system/bin/malloctest
E/libc ( 7233): #04 pc 00016f24 /system/lib/libc.so
The following for a memory leak:
E/libc ( 7233): +++ THERE ARE 1 LEAKED ALLOCATIONS
E/libc ( 7233): +++ DELETING 4096 BYTES OF LEAKED MEMORY AT 0x404b95e8 (1 REMAINING)
E/libc ( 7233): +++ ALLOCATION 0x404b95e8 SIZE 4096 ALLOCATED HERE:
E/libc ( 7233): *** *** *** *** *** *** *** *** *** *** *** *** *** *** *** ***
E/libc ( 7233): #00 pc 0000c35a /system/lib/libc_malloc_debug_leak.so
E/libc ( 7233): #01 pc 0000c658 /system/lib/libc_malloc_debug_leak.so
E/libc ( 7233): #02 pc 00016d80 /system/lib/libc.so
E/libc ( 7233): #03 pc 0001bc94 /system/lib/libc.so
E/libc ( 7233): #04 pc 0001edf6 /system/lib/libc.so
E/libc ( 7233): #05 pc 0001b80a /system/lib/libc.so
E/libc ( 7233): #06 pc 0001c086 /system/lib/libc.so
E/libc ( 7233): #07 pc 40096402 /system/bin/malloctest
E/libc ( 7233): #08 pc 00016f24 /system/lib/libc.so
Change-Id: Ic440e9d05a01e2ea86b25e8998714e88bc2d16e0
Signed-off-by: Iliyan Malchev <malchev@google.com>
libc.debug.malloc.program provides an additional level of control over which
processes to enable libc.debug.malloc functionality for. The string value of
libc.debug.malloc.program is matched against the program name; if the value of
libc.debug.malloc.program is a substring of the program name, then malloc debug
is applied to that program at whatever level libc.debug.malloc specifies.
If lib.debug.malloc.program is not specified, then libc.debug.malloc has the
same effect as before.
For example, to enable libc.deubug.malloc = 10 only to the mediaserver, do the
following:
adb root # necessary for setprop
adb setprop libc.debug.malloc.program mediaserver
adb setprop libc.debug.malloc 10
adb kill -9 $(pid mediaserver)
Change-Id: I6f01c12f033c8e2e015d73025369d7f1685ba200
Signed-off-by: Iliyan Malchev <malchev@google.com>
For example:
@@@ ABORTING: INVALID HEAP ADDRESS IN dlfree addr=0x5c3bfbd0
Fatal signal 11 (SIGSEGV) at 0xdeadbaad (code=1), thread 2942
The addr=0x5c3bfbd0 part is new.
Change-Id: I8670144b2b0a3a6182384150d762c97dfee5452f
A call to pthread_key_delete() after pthread_exit() have unmapped the stack of a thread
but before the ongoing pthread_join() have finished executing will result in an access
to unmapped memory.
Avoid this by invalidating the stack_base and tls pointers during pthread_exit().
This is based on the investigation and proprosed solution by
Srinavasa Nagaraju <srinavasa.x.nagaraju@sonyericsson.com>
Change-Id: I145fb5d57930e91b00f1609d7b2cd16a55d5b3a9
The creation of a thread succeeds even if the requested scheduling
parameters can not be set. This is not POSIX compliant, and even
worse, it leads to a wrong behavior. Let pthread_create() fail in this
case.
Change-Id: Ice66e2a720975c6bde9fe86c2cf8f649533a169c
Signed-off-by: Christian Bejram <christian.bejram@stericsson.com>
The allocation size in chk_malloc(), leak_malloc(), and leak_memalign()
functions may be rounded up to a small value, leading to buffer overflows.
The code only runs in debugging mode.
This patch complements commit 6f04a0f4 (CVE-2009-0607).
Change-Id: Id899bcd2bcd2ea2205e5753c433390710032dc83
Signed-off-by: Xi Wang <xi.wang@gmail.com>
The posix_memalign(3) function is very similar to the traditional
memalign(3) function, but with better error reporting and a guarantee
that the memory it allocates can be freed. In bionic, memalign(3)
allocated memory can be freed, so posix_memalign(3) is just a wrapper
around memalign(3).
Change-Id: I62ee908aa5ba6b887d8446a00d8298d080a6a299
Since e19d702b8e, dlsym and friends use recursive mutexes that
require the current thread id, which is not available before the libc
constructor. This prevents us from using dlsym() in .preinit_array.
This change moves TLS initialization from libc constructor to the earliest
possible point - immediately after linker itself is relocated. As a result,
pthread_internal_t for the initial thread is available from the start.
As a bonus, values stored in TLS in .preinit_array are not lost when libc is
initialized.
Change-Id: Iee5a710ee000173bff63e924adeb4a4c600c1e2d
First commit:
Revert "Revert "am be741d47: am 2f460fbe: am 73b5cad9: Merge "bionic: Fix wrong kernel_id in pthread descriptor after fork()"""
This reverts commit 06823da2f0.
Second commit:
bionic: fix atfork hanlder_mutex deadlock
This cherry-picks commit 34e89c232d
After applying the kernel_id fix, the system refused to boot up and we
got following crash log:
I/DEBUG ( 113): pid: 618, tid: 618 >>> org.simalliance.openmobileapi.service:remote <<<
I/DEBUG ( 113): signal 16 (SIGSTKFLT), code -6 (?), fault addr --------
I/DEBUG ( 113): eax fffffe00 ebx b77de994 ecx 00000080 edx 00724002
I/DEBUG ( 113): esi 00000000 edi 00004000
I/DEBUG ( 113): xcs 00000073 xds 0000007b xes 0000007b xfs 00000000 xss 0000007b
I/DEBUG ( 113): eip b7761351 ebp bfdf3de8 esp bfdf3dc4 flags 00000202
I/DEBUG ( 113): #00 eip: 00015351 /system/lib/libc.so
I/DEBUG ( 113): #01 eip: 0000d13c /system/lib/libc.so (pthread_mutex_lock)
I/DEBUG ( 113): #02 eip: 00077b48 /system/lib/libc.so (__bionic_atfork_run_prepare)
I/DEBUG ( 113): #03 eip: 00052cdb /system/lib/libc.so (fork)
I/DEBUG ( 113): #04 eip: 0009ae91 /system/lib/libdvm.so (_Z18dvmOptimizeDexFileillPKcjjb)
I/DEBUG ( 113): #05 eip: 000819d6 /system/lib/libdvm.so (_Z14dvmJarFileOpenPKcS0_PP7JarFileb)
I/DEBUG ( 113): #06 eip: 000b175e /system/lib/libdvm.so (_ZL40Dalvik_dalvik_system_DexFile_openDexFilePKjP6JValue)
I/DEBUG ( 113): #07 eip: 0011fb94 /system/lib/libdvm.so
Root cause:
The atfork uses the mutex handler_mutex to protect the atfork_head. The
parent will call __bionic_atfork_run_prepare() to lock the handler_mutex,
and need both the parent and child to unlock their own copy of handler_mutex
after fork. At that time, the owner of hanlder_mutex is set as the parent.
If we apply the kernel_id fix, then the child's kernel_id will be set as
child's tid.
The handler_mutex is a recursive lock, and pthread_mutex_unlock(&hander_mutex)
will fail because the mutex owner is the parent, while the current tid
(__get_thread()->kernel_id) is child, not matched with the mutex owner.
At that time, the handler_mutex is left in lock state.If the child wants to
fork other process after than, then it will try to lock handler_mutex, and
then be deadlocked.
Fix:
Since the child has its own copy of vm space from the the parent, the
child space's handler_mutex should be reset to the initialized state.
Change-Id: I3907dd9a153418fb78862f2aa6d0302c375d9e27
Signed-off-by: Jack Ren <jack.ren@intel.com>
Signed-off-by: Chenyang Du <chenyang.du@intel.com>
Signed-off-by: Bruce Beare <bruce.j.beare@intel.com>
Change-Id: Ic8072f366a877443a60fe215f3c00b3df5a259c8
New functions:
tfind
tsearch
tdelete
twalk
tdestroy (GNU extension)
Bug fix: the current implementation for realpath would crash
if the second argument (resolved_path) is NULL.
New headers:
ar.h
search.h
Change-Id: Ib6c1e42fc186a6d597a6e5a9692b16acaa155804
After applying the kernel_id fix, the system refused to boot up and we
got following crash log:
I/DEBUG ( 113): pid: 618, tid: 618 >>> org.simalliance.openmobileapi.service:remote <<<
I/DEBUG ( 113): signal 16 (SIGSTKFLT), code -6 (?), fault addr --------
I/DEBUG ( 113): eax fffffe00 ebx b77de994 ecx 00000080 edx 00724002
I/DEBUG ( 113): esi 00000000 edi 00004000
I/DEBUG ( 113): xcs 00000073 xds 0000007b xes 0000007b xfs 00000000 xss 0000007b
I/DEBUG ( 113): eip b7761351 ebp bfdf3de8 esp bfdf3dc4 flags 00000202
I/DEBUG ( 113): #00 eip: 00015351 /system/lib/libc.so
I/DEBUG ( 113): #01 eip: 0000d13c /system/lib/libc.so (pthread_mutex_lock)
I/DEBUG ( 113): #02 eip: 00077b48 /system/lib/libc.so (__bionic_atfork_run_prepare)
I/DEBUG ( 113): #03 eip: 00052cdb /system/lib/libc.so (fork)
I/DEBUG ( 113): #04 eip: 0009ae91 /system/lib/libdvm.so (_Z18dvmOptimizeDexFileillPKcjjb)
I/DEBUG ( 113): #05 eip: 000819d6 /system/lib/libdvm.so (_Z14dvmJarFileOpenPKcS0_PP7JarFileb)
I/DEBUG ( 113): #06 eip: 000b175e /system/lib/libdvm.so (_ZL40Dalvik_dalvik_system_DexFile_openDexFilePKjP6JValue)
I/DEBUG ( 113): #07 eip: 0011fb94 /system/lib/libdvm.so
Root cause:
The atfork uses the mutex handler_mutex to protect the atfork_head. The
parent will call __bionic_atfork_run_prepare() to lock the handler_mutex,
and need both the parent and child to unlock their own copy of handler_mutex
after fork. At that time, the owner of hanlder_mutex is set as the parent.
If we apply the kernel_id fix, then the child's kernel_id will be set as
child's tid.
The handler_mutex is a recursive lock, and pthread_mutex_unlock(&hander_mutex)
will fail because the mutex owner is the parent, while the current tid
(__get_thread()->kernel_id) is child, not matched with the mutex owner.
At that time, the handler_mutex is left in lock state.If the child wants to
fork other process after than, then it will try to lock handler_mutex, and
then be deadlocked.
Fix:
Since the child has its own copy of vm space from the the parent, the
child space's handler_mutex should be reset to the initialized state.
Change-Id: I3907dd9a153418fb78862f2aa6d0302c375d9e27
Signed-off-by: Jack Ren <jack.ren@intel.com>
Signed-off-by: Chenyang Du <chenyang.du@intel.com>
Signed-off-by: Bruce Beare <bruce.j.beare@intel.com>
After forking, the kernel_id field in the phtread_internal_t returned by pthread_self()
is incorrect --- it's the tid from the parent, not the new tid of the
child.
The root cause is that: currently the kernel_id is set by
_init_thread(), which is called in 2 cases:
(1) called by __libc_init_common(). That happens when the execv( ) is
called after fork( ). But when the zygote tries to fork the android
application, the child application doesn't call execv( ), instread, it
tries to call the Java main method directly.
(2) called by pthread_create(). That happens when a new thread is
created.
For the lead thread which is the thread created by fork(), it should
call execv() but it doesn't, as described in (1) above. So its kernel_id
will inherit the parent's kernel_id.
Fixed it in this patch.
Change-Id: I63513e82af40ec5fe51fbb69456b1843e4bc0fc7
Signed-off-by: Chenyang Du <chenyang.du@intel.com>
Signed-off-by: Jack Ren <jack.ren@intel.com>
Signed-off-by: Bruce Beare <bruce.j.beare@intel.com>
This optimization improves the performance of recursive locks
drastically. When running the thread_stress program on a Xoom,
the total time to perform all operations goes from 1500 ms to
500 ms on average after this change is pushed to the device.
Change-Id: I5d9407a9191bdefdaccff7e7edefc096ebba9a9d
This fixes a bug that was introduced in the latest pthread optimization.
It happens when a recursive lock is contented by several threads. The main
issue was that the atomic counter increment in _recursive_increment() could
be annihilated by a non-conditional write in pthread_mutex_lock() used to
update the value's lower bits to indicate contention.
This patch re-introduces the use of the global recursive lock in
_recursive_increment(). This will hit performance, but a future patch
will be provided to remove it from the source code.
Change-Id: Ie22069d376cebf2e7d613ba00b6871567f333544
The posix_memalign(3) function is very similar to the traditional
memalign(3) function, but with better error reporting and a guarantee
that the memory it allocates can be freed. In bionic, memalign(3)
allocated memory can be freed, so posix_memalign(3) is just a wrapper
around memalign(3).
Change-Id: I62ee908aa5ba6b887d8446a00d8298d080a6a299
this works by building a directed graph of acquired
pthread mutexes and making sure there are no loops in
that graph.
this feature is enabled with:
setprop debug.libc.pthread 1
when a potential deadlock is detected, a large warning is
output to the log with appropriate back traces.
currently disabled at compile-time. set PTHREAD_DEBUG_ENABLED=1
to enable.
Change-Id: I916eed2319599e8aaf8f229d3f18a8ddbec3aa8a
This patch provides several small optimizations to the
implementation of mutex locking and unlocking. Note that
a following patch will get rid of the global recursion
lock, and provide a few more aggressive changes, I
though it'd be simpler to split this change in two parts.
+ New behaviour: pthread_mutex_lock et al now detect
recursive mutex overflows and will return EAGAIN in
this case, as suggested by POSIX. Before, the counter
would just wrap to 0.
- Remove un-necessary reloads of the mutex value from memory
by storing it in a local variable (mvalue)
- Remove un-necessary reload of the mutex value by passing
the 'shared' local variable to _normal_lock / _normal_unlock
- Remove un-necessary reload of the mutex value by using a
new macro (MUTEX_VALUE_OWNER()) to compare the thread id
for recursive/errorcheck mutexes
- Use a common inlined function to increment the counter
of a recursive mutex. Also do not use the global
recursion lock in this case to speed it up.
Change-Id: I106934ec3a8718f8f852ef547f3f0e9d9435c816
This patch changes the implementation of pthread_once()
to avoid the use of a single global recursive mutex. This
should also slightly speed up the non-common case where
we have to call the init function, or wait for another
thread to finish the call.
Change-Id: I8a93f4386c56fb89b5d0eb716689c2ce43bdcad9
When forking of a new process in bionic, it is critical that it
does not allocate any memory according to the comment in
java_lang_ProcessManager.c:
"Note: We cannot malloc() or free() after this point!
A no-longer-running thread may be holding on to the heap lock, and
an attempt to malloc() or free() would result in deadlock."
However, as fork is using standard lib calls when tracing it a bit,
they might allocate memory, and thus causing the deadlock.
This is a rewrite so that the function cpuacct_add, that fork calls,
will use system calls instead of standard lib calls.
Signed-off-by: christian bejram <christian.bejram@stericsson.com>
Change-Id: Iff22ea6b424ce9f9bf0ac8e9c76593f689e0cc86
Pass kernel space sigset_t size to __rt_sigprocmask to workaround
the miss-match of NSIG/sigset_t definition between kernel and bionic.
Note: Patch originally from Google...
Change-Id: I4840fdc56d0b90d7ce2334250f04a84caffcba2a
Signed-off-by: Chenyang Du <chenyang.du@intel.com>
Signed-off-by: Bruce Beare <bruce.j.beare@intel.com>
Fix the compile warning to let the libc.debug.malloc=10 works well
Due to unsuitable value comparison, which cause compiler optimize the
code of comparing two digits.
Change-Id: I0bedd596c9ca2ba308fb008da20ecb328d8548f5
Signed-off-by: Bruce Beare <bruce.j.beare@intel.com>
Author: liu chuansheng <chuansheng.liu@intel.com>
(1) in pthread_create:
If the one signal is received before esp is subtracted by 16 and
__thread_entry( ) is called, the stack will be cleared by kernel
when it tries to contruct the signal stack frame. That will cause
that __thread_entry will get a wrong tls pointer from the stack
which leads to the segment fault when trying to access tls content.
(2) in pthread_exit
After pthread_exit called system call unmap(), its stack will be
freed. If one signal is received at that time, there is no stack
available for it.
Fixed by subtracting the child's esp by 16 before the clone system
call and by blocking signal handling before pthread_exit is started.
Author: Jack Ren <jack.ren@intel.com>
Signed-off-by: Bruce Beare <bruce.j.beare@intel.com>
Use tgkill instead of tkill to implement pthread_kill.
This is safer in the event that the thread has already terminated
and its id has been reused by a different process.
Change-Id: Ied715e11d7eadeceead79f33db5e2b5722954ac9
Allow the kernel to choose a memory location to put the
thread stack, rather than hard coding 0x10000000
Change-Id: Ib1f37cf0273d4977e8d274fbdab9431ec1b7cb4f
We're going to modify the __atomic_xxx implementation to provide
full memory barriers, to avoid problems for NDK machine code that
link to these functions.
First step is to remove their usage from our platform code.
We now use inlined versions of the same functions for a slight
performance boost.
+ remove obsolete atomics_x86.c (was never compiled)
NOTE: This improvement was benchmarked on various devices.
Comparing a pthread mutex lock + atomic increment + unlock
we get:
- ARMv7 emulator, running on a 2.4 GHz Xeon:
before: 396 ns after: 288 ns
- x86 emulator in KVM mode on same machine:
before: 27 ns after: 27 ns
- Google Nexus S, in ARMv7 mode (single-core):
before: 82 ns after: 76 ns
- Motorola Xoom, in ARMv7 mode (multi-core):
before: 121 ns after: 120 ns
The code has also been rebuilt in ARMv5TE mode for correctness.
Change-Id: Ic1dc72b173d59b2e7af901dd70d6a72fb2f64b17
The old code didn't work because the kernel expects a 64-bit sigset_t
while the one provided by our ABI is only 32-bit. This is originally
due to the fact that the kernel headers themselves define sigset_t
as a 32-bit type when __KERNEL__ is not defined (apparently to cater
to libc5 or some similarly old C library).
We can't modify the size of sigset_t without breaking the NDK ABI,
so instead perform runtime translation during the call.
Change-Id: Ibfdc3cbceaff864af7a05ca193aa050047b4773f
* commit '6b6ebeca985fb3843b56b507ac4ac1be44080a9c':
enable support for large files (> 2G)
Enable functional DSO object destruction
x86: Enable -fstack-protector
Update X86 Bionic CRT files for unwind/exceptions
bionic, libthread_db x86 fixes
Updated gcc 4.4.3 IA toolchain doesn't require the .ctors list
Remove an extra register move.
Replace __atomic_XXX with GCC __sync_XXX intrinsics.
move some typedefs to procfs.h required by gdbserver build
use consistent guards for off_t and size_t defines for IA
Simplify variable typing for IA builds
sigsetmask.c was not processing the "mask" argument.
Add defines for CAIF support
Remove extra/unneeded copy of fenv.h
Use proper variable typing
Update ATOM string routines to latest
Fix undefined reference to dl_iterate_phdr for x86
Fix missing NL
ptrace.c Fix source file format to unix from dos
* commit '3a13102637c8be53edf28f96598ac11aaa3e14df':
enable support for large files (> 2G)
Enable functional DSO object destruction
x86: Enable -fstack-protector
Update X86 Bionic CRT files for unwind/exceptions
bionic, libthread_db x86 fixes
Updated gcc 4.4.3 IA toolchain doesn't require the .ctors list
Remove an extra register move.
Replace __atomic_XXX with GCC __sync_XXX intrinsics.
move some typedefs to procfs.h required by gdbserver build
use consistent guards for off_t and size_t defines for IA
Simplify variable typing for IA builds
sigsetmask.c was not processing the "mask" argument.
Add defines for CAIF support
Remove extra/unneeded copy of fenv.h
Use proper variable typing
Update ATOM string routines to latest
Fix undefined reference to dl_iterate_phdr for x86
Fix missing NL
ptrace.c Fix source file format to unix from dos
Orig-Change-Id: I3be997f5f1f6a894a3c200d4f325cf3bfd428c66
Author: James Rose <james.rose@intel.com>
Signed-off-by: Bruce Beare <bruce.j.beare@intel.com>
Orig-Change-Id: Ia840a19a45257128eccdcf25d105f500f2d90741
Signed-off-by: H.J. Lu <hjl.tools@gmail.com>
Signed-off-by: Bruce Beare <bruce.j.beare@intel.com>
libcutils/mspace.c includes libc/bionic/dlmalloc.c, we need to
take care of the fact that any internal C library function cannot
be used from it.
Change-Id: I0bc81ae090b7ac2d464f26b97fc6b94a08cdad9c
Our dlmalloc implementation currently calls abort() when it detects
that the heap is corrupted, or that an invalid pointer is passed to
one of its functions.
The only way to detect this is because abort() will force-fully
crash the current program with a magic fault address of '0xdeadbaad'.
However, this is not really well documented, and a frequent topic
on the android-ndk forum (among others).
This change makes our dlmalloc code dump a simple message to the
log just before the abort() call (and hence before the stack trace)
to better help identify the problem.
Change-Id: Iebf7eb7fe26463ecadfaca8f247d237edb441e3c
These functions were already declared in <pwd.h>, but hadn't been implemented
yet.
git cherry-pick --no-commit 081504af74
Change-Id: I316acf4cffb9f2c6788e8e342aa620f9a00886d5
Backport I110b653a58f3
All the other property stuff is already here. Property setting was
only in libcutils previously to leverage a utility function / constant
or two.
Unfortunately in the process of fixing a race condition we would've
had to do break abstraction boundaries and put some libc-internal
details into libcutils so instead of that we'll just move this
into bionic.
Along with Iee1ca9b7, this now passes:
$ adb shell am instrument -w -e class android.os.SystemPropertiesTest \
com.android.frameworks.coretests.systemproperties/android.test.InstrumentationTestRunner
Bug: 3511230
Change-Id: I1b588db3344169621e1279ecc0b660cf4e1015d7
Backport I110b653a58f3
All the other property stuff is already here. Property setting was
only in libcutils previously to leverage a utility function / constant
or two.
Unfortunately in the process of fixing a race condition we would've
had to do break abstraction boundaries and put some libc-internal
details into libcutils so instead of that we'll just move this
into bionic.
Along with Iee1ca9b7, this now passes:
$ adb shell am instrument -w -e class android.os.SystemPropertiesTest \
com.android.frameworks.coretests.systemproperties/android.test.InstrumentationTestRunner
Bug: 3511230
Change-Id: I1b588db3344169621e1279ecc0b660cf4e1015d7
All the other property stuff is already here. Property setting was
only in libcutils previously to leverage a utility function / constant
or two.
Unfortunately in the process of fixing a race condition we would've
had to do break abstraction boundaries and put some libc-internal
details into libcutils so instead of that we'll just move this
into bionic.
Along with Iee1ca9b7, this now passes:
$ adb shell am instrument -w -e class android.os.SystemPropertiesTest \
com.android.frameworks.coretests.systemproperties/android.test.InstrumentationTestRunner
Bug: 3511230
Change-Id: I110b653a58f312fbe069dca59892a877ae9bc911
* commit '962dcb22218a1a6d4ebd05e4fc4a69875d037234':
libc: Fix PTHREAD_RWLOCK_INITIALIZER
Proxy getnameinfo through netd
Updated gcc 4.4.3 IA toolchain doesn't require the .ctors list
Convert cname lenght before use
Added a memmove() variant for Dalvik's System.arraycopy()
implementation. It guarantees 16-bit or 32-bit atomicity depending
on the alignment of the arguments.
Bug 3398352
Change-Id: Ie7bd246305ef0ff8290513663327c5b81680368d
After this change, SIGRTMAX will be set to 64 (instead of 32 currently).
Note that this doesn't change the fact that our sigset_t is still defined
as a 32-bit unsigned integer, so most functions that deal with this type
won't support real-time signals though.
Change-Id: Ie1e2f97d646f1664f05a0ac9cac4a43278c3cfa8
This adds the cpu_set_t type definition and related functions
and macros used to handle CPU thread affinity.
sched_getcpu()
sched_setaffinity()
sched_getaffinity()
Change-Id: If382ecafde8926341a88478062b275553645065b
Originally, there are _rand48 (in libc/bionic/_rand48.c) and __rand48
(in libc/stdlib/_rand48.c) implemented in bionic. Besides the naming,
the functionality is identical. This patch removes the duplicated
_rand48. Also, drand48 and erand48 are modified accordingly.
Change-Id: Ie5761a0a97f45df8538222a77edacb7c3e0125d7
This change allows an executable to call its destructor functions
(declared with __attribute__((destructor))) to be properly called
when it normally exits.
Note that this is different from calling the destructors of a shared
library when it is unloaded with dlclose() or through program exit,
which are already supported.
Bug: 3106500
Change-Id: I1412ef5407f13b613fc6cb6103e0a691dbee4b1a
Merge commit 'ade2a92991d1c7edc32c4a300bd83d622fa1567d' into gingerbread-plus-aosp
* commit 'ade2a92991d1c7edc32c4a300bd83d622fa1567d':
bionic: stubs: Make internal symbol static
The get_malloc_leak_info() currently asssumes that the totalMemory out parameter
was pre-initialized to zero before the routine is called. If it is not then the
accumulated totalMemory value will be incorrect. It is likely that many callers
will simply allocate totalMemory on the stack with no initialization and assume
that get_malloc_leak_info will set the proper value.
As an example, the caller in frameworks/base/core/jni/android_os_Debug.cpp
calls get_malloc_leak_info() with the address uninitiazed stack variable
for totalMemory. It is probably best to fix this in get_malloc_leak_info.
Change-Id: I84c927c3781419585794726115b7d34d8fdd24ae
The implementation was using a double-checked locking approach that
could break on SMP.
In addition to the barriers I also switched to a volatile pointer. I
don't think this will matter unless gcc can conclude that _normal_lock
can't affect *once_control, but I figured it was better to be safe.
(It seems to have no impact whatsoever on the generated code.)
Bug 3022795.
Change-Id: Ib91da25d57ff5bee4288526e39d457153ef6aacd
Merge commit 'b9e49ad56e5776ace7c6eab2e997d5b7acb16792' into gingerbread-plus-aosp
* commit 'b9e49ad56e5776ace7c6eab2e997d5b7acb16792':
Use a recursive lock for pthread_once. DO NOT MERGE.
This adds an explicit memory barrier to condition variable signaling.
It's a little murky as to whether it's strictly required, but it seems
like a wise thing to do.
Change-Id: Id0faa542d61e4b8ffa775e4adf68e4d7471f4fb7
Previously, the malloc leak checking code would crash in qsort()
if null entries existed in its bookkeeping table. This change
makes the comparison function detect null entries and sort them
to the end safely.
Change-Id: I88244a7df1e289dd9d7992ce29606d505bd63079
