Switch the __x86.get_pc_thunk.{bx,cx} functions from .gnu.linkonce to
comdat section groups. lld doesn't implement .gnu.linkonce and will
instead discard the input sections. Currently, it might produce a
faulty binary that has no get_pc_thunk function in it, which would
crash.
Normally, these functions are generated by GCC and are present in many
object files compiled with PIC. Clang doesn't use them, and instead
initializes the PIC base register with a "call 1f; 1: pop %ebx" pair.
Bug: http://b/154376560
Bug: https://bugs.llvm.org/show_bug.cgi?id=45594
Test: bionic-unit-tests
Change-Id: I3e4857aecdc281b32232270bff4880433e5b6afa
This constant is used by the experimental ptrace API for reading
tags in other processes.
Also expose the platform headers to libunwindstack.
Bug: 135772972
Change-Id: I2daecdaa4c8b557b42222f65fc6b68d13da84ad4
The unwinder is still exported from libc.so.
Previously, the object files from libunwind_llvm.a were repackaged into
arm32's libc.a. For a static library output, whole_static_libs did not
repackage the symbols from libgcc_stripped, which is a
toolchain_library, so only the arm32 libc.a exported an unwinder.
Bug: http://b/153028957
Test: bionic-unit-tests / bionic-unit-tests-static
Change-Id: I3048179032d8bc08e1cbad7cd7e2b1fd2e213f7f
The header library is used by some libraries, such as libunwind_llvm,
which are automatically added as dependencies when stl is set to
libc++_static. Since such dependencies are not specificy to any APEX,
let's mark the header library be available (can be directly or
indirectly be part of an APEX) to any APEX. At the same time, limit the
visibility of the header library so that its uses are strictly limited
to the certain places that we acknowledge. (the places would be reduced
further when we will be successful in dropping the dependency to
libc_headers.)
Bug: 152668052
Test: m
Change-Id: I85ee900947df2c9ce076e2f3aa3145645da77d2b
GWP-ASan is part of libc, and the tests (in future) will have to access
the internal headers of libc (particularly, the frame pointer unwinder).
Allow GWP-ASan to have access to the header package.
Bug: 152414185
Test: N/A
Change-Id: I09f771a667be867ec0acc90ddd6b52a432098c57
The marked library(ies) were available to the APEXes via the hand-written
whitelist in build/soong/apex/apex.go. Trying to remove the whitelist
by adding apex_available property to the Android.bp of the libraries.
Bug: 150999716
Test: m
Change-Id: Id5691b02c107ed7b844a186f0a5effa3cb0fe52a
Simplify:
- Use a single memory-mapped region to hold the table of destructors.
Double its capacity each time it is expanded.
- Add a recompaction pass at the end of __cxa_finalize that shifts
entries forward and uses madvise to clean pages.
Bug: http://b/148055738
Test: bionic-unit-tests
Change-Id: Ieb9da2b88640a8a5277d217b43826b5b7e246781
Stubs of version 29 should be provided to those APEX modules targeting
previous SDK release.
Bug: 145796956
Test: m
Change-Id: I9454fbf81377aba25e75a6fdfc77cbb070eaadde
This includes optimized strrchr and strchrnul routines, and an MTE-compatible
strlen routine.
Bug: 135772972
Change-Id: I48499f757cdc6d3e77e5649123d45b17dfa3c6b0
Scudo still isn't quite at the same RSS as jemalloc for the svelte config
so only enable this for normal config.
Bug: 137795072
Test: Built svelte config and verified it is still jemalloc.
Test: Ran performance tests on normal config (bionic benchmarks).
Test: Ran trace tests (system/extras/memory_replay).
Test: Ran scudo unit tests.
Test: Ran bionic unit tests.
Test: Ran libmemunreachable tests.
Test: Ran atest CtsRsBlasTestCases on cuttlefish.
Test: Ran atest AslrMallocTest.
Test: Ran atest CtsHiddenApiKillswitchWildcardTestCases and verified it has
Test: the same runtime as the jemalloc.
Change-Id: I241165feb8fe9ea814b7b166e3aaa6563d18524a
This patch introduces GWP-ASan - a sampled allocator framework that
finds use-after-free and heap-buffer-overflow bugs in production
environments.
GWP-ASan is being introduced in an always-disabled mode. This means that
GWP-ASan will be permanently disabled until a further patch turns on
support. As such, there should be no visible functional change for the
time being.
GWP-ASan requires -fno-emulated-tls wherever it's linked from. We
intentionally link GWP-ASan into libc so that it's part of the initial
set of libraries, and thus has static TLS storage (so we can use
Initial-Exec TLS instead of Global-Dynamic). As a benefit, this reduces
overhead for a sampled process.
GWP-ASan is always initialised via. a call to
mallopt(M_INITIALIZE_GWP_ASAN, which must be done before a process is
multithreaded).
More information about GWP-ASan can be found in the upstream
documentation: http://llvm.org/docs/GwpAsan.html
Bug: 135634846
Test: atest bionic
Change-Id: Ib9bd33337d17dab39ac32f4536bff71bd23498b0
These just cause confusion because they often have different
values/layouts, but they're never actually used.
Test: treehugger
Change-Id: I424034088e017c919f62fcefa7d6d3f903f31cfb
This function will be used by Scudo and GWP-ASan to efficiently collect
stack traces for frames built with frame pointers.
Bug: 135634846
Bug: 135772972
Change-Id: Ic63efdbafe11dfbb1226b5b4b403d53c4dbf28f3
Merged-In: Ic63efdbafe11dfbb1226b5b4b403d53c4dbf28f3
Add a hook that's called upon file descriptor creation to libc, and a
library that uses it to capture backtraces for file descriptor creation,
to make it easier to hunt down file descriptor leaks.
Currently, this doesn't capture all of the ways of creating a file
descriptor, but completeness isn't required for this to be useful as
long as leaked file descriptors are created with a function that is
tracked. The primary unhandled case is binder, which receives file
descriptors as a payload in a not-trivially-parsable byte blob, but
there's a chance that the leak we're currently trying to track down
isn't of a file descriptor received over binder, so leave that for
later.
Bug: http://b/140703823
Test: manual
Change-Id: I308a14c2e234cdba4207157b634ab6b8bc539dd9
(cherry picked from commit b7eccd4b15)
In order to support scudo for non-svelte malloc and jemalloc5 for
svelte malloc, do not include jemalloc_new directly. Move that to
the export_include_dirs for libjemalloc5.
Also, change the way to enable scudo so that it only enables it
for the non-svelte config for now.
Bug: 137795072
Test: Builds
Change-Id: I3d68b443fe4d6b21729795649d0dcf66b7e95e03
Use O_PATH like musl to let the kernel do the hard work, rather than the
traditional BSD manual scheme.
Also add the most obvious missing tests from reading the man page, plus
a non-obvious test for deleted files.
Bug: http://b/131435126
Test: treehugger
Change-Id: Ie8a8986fea55f045952a81afee377ce8288a49d5
This patch refactors heapprofd_malloc to make it easier to reuse the
reserved signal for multiple purposes. We define a new generic signal
handler for profilers, which dispatches to more specific logic based on
the signal's payload (si_value).
The profiler signal handler is installed during libc preinit, after
malloc initialization (so races against synchronous heapprofd
initialization need not be considered). In terms of code organization, I
copied the existing approach with a loosely referenced function in
bionic_globals.h. Do tell if you'd rather a different approach here.
The profileability of a process is quite tied to the malloc
files/interfaces in bionic - in particular, it's set through
android_mallopt. I do not change that, but instead introduce a new
android_mallopt option to be able to query profileability of the
process (which is now used by the new profiler signal handler). As part
of that, gZygoteChildProfileable is moved from heapprofd_malloc to
common (alongside gZygoteChild).
I've removed the masking and reraising of the heapprofd signal when
racing against malloc_limit init. We're ok with taking a simpler
approach and dropping the heapprofd signal in such an unlikely race.
Note: this requires a corresponding change in heapprofd to use sigqueue()
instead of kill(), as the latter leaves the si_value uninitialized(?) on
the receiving side.
Bug: 144281346
Change-Id: I93bb2e82cff5870e5ca499cf86439860aca9dfa5
This is attempt number two, all known failures and issues have
been fixed.
Bug: 137795072
Test: Built both svelte and non-svelte versions. Ran enormous numbers
Test: of performance testing.
Test: Ran scudo unit tests.
Test: Ran bionic unit tests.
Test: Ran libmemunreachable tests.
Test: Ran atest CtsRsBlasTestCases on cuttlefish instance.
Change-Id: Ib0c6ef38b63b7a1f39f4431ed8414afe3a92f9b5
This supports the soong commit which causes most platform binaries to stop
statically linking against the unwinder implementation. The soong commit
message has more motivation for this change.
ARM32 uses LLVM libunwind, while all other platforms use libgcc as the
unwinder implementation. This matches the current choices of unwinders on
the various architectures, but means that apps which were directly linking
against the libc.so unwinder symbols on ARM32 are now using LLVM libunwind
instead of libgcc.
Set libc_headers sdk_version to 1 so that libunwind_llvm can depend on it,
and stop statically linking libunwind into libc_malloc_debug.
Bug: 144430859
Change-Id: I52c7f7893d93f500383aeb0b76086c3b6f1935a5
This doesn't add any functionality for now, but there are
a couple of changes in flight that will want to add enumerators
to the mallopt, so let's give them a place to add them.
Bug: 135772972
Bug: 135754954
Change-Id: I6e810020f66070e844500c6fa99b703963365659
This reverts commit 6ffbe97859.
Reason for revert: Droidcop-triggered revert due to breakage b/146543543
Change-Id: Ie9a5b2f6ca5dbc8d3c6cafe70e34838d74e45c56
Bug: 146543543
Bug: 137795072
Test: Built both svelte and non-svelte versions. Ran enormous numbers
Test: of performance testing.
Test: Ran scudo unit tests.
Test: Ran bionic unit tests.
Change-Id: Iec6c98f2bdf6e0d5a6d18dff0c0883fac391c6d5
This CL exports bionic/libc/kernel/android/scsi directory
to enable the usage of header files (e.g. sg.h) on that directory.
Test: Build AOSP 1187028
Change-Id: If580fcbc67378fab42d4f14cca1de337b603b673
We are about to introduce code into ndk_cruft that uses dlfcn.h, which isn't
available in static executables. Besides, none of the users of libc.a ought
to be depending on ndk_cruft anyway.
Bug: 144430859
Change-Id: Ic1f2e554e1fdbfee768c859acac032c1306d71fc
This library was previously being statically linked into both libraries as a
consequence of the relocation to __aeabi_unwind_cpp_prX present in most object
files. However, after LLVM commit 1549b469, we no longer emit these relocations
on Android, so we need to link the library explicitly with --whole-archive. The
intent is to eventually stop linking libgcc into these libraries altogether,
but for now, we need to keep linking them in order to avoid breaking the build.
Change-Id: I275109527b7cbd6c4247b3fe348975d720626273
aosp/144287300 set it to a global cppflag.
The compiler upgrade can now check for this warning in C code.
This patch should be reverted once the BSD sources with instances of
-Wimplicit-fallthrough have been fixed.
Remove it from cflags, so that it's not re-enabled for C code until
fixed.
Bug: 139945549
Bug: 144287300
Test: mm
Change-Id: Ieca0d5b41634636477392e5209a41807f9b44bd4
Signed-off-by: Nick Desaulniers <ndesaulniers@google.com>
Using ifuncs allows the linker to select faster versions of libc functions
like strcmp, making linking faster.
The linker continues to first initialize TLS, then call the ifunc
resolvers. There are small amounts of code in Bionic that need to avoid
calling functions selected using ifuncs (generally string.h APIs). I've
tried to compile those pieces with -ffreestanding. Maybe it's unnecessary,
but maybe it could help avoid compiler-inserted memset calls, and maybe
it will be useful later on.
The ifuncs are called in a special early pass using special
__rel[a]_iplt_start / __rel[a]_iplt_end symbols. The linker will encounter
the ifuncs again as R_*_IRELATIVE dynamic relocations, so they're skipped
on the second pass.
Break linker_main.cpp into its own liblinker_main library so it can be
compiled with -ffreestanding.
On walleye, this change fixes a recent 2.3% linker64 start-up time
regression (156.6ms -> 160.2ms), but it also helps the 32-bit time by
about 1.9% on the same benchmark. I'm measuring the run-time using a
synthetic benchmark based on loading libandroid_servers.so.
Test: bionic unit tests, manual benchmarking
Bug: none
Merged-In: Ieb9446c2df13a66fc0d377596756becad0af6995
Change-Id: Ieb9446c2df13a66fc0d377596756becad0af6995
(cherry picked from commit 772bcbb0c2)
This will activate code in bionic that uses the experimental MTE
userspace interface.
Bug: 135772972
Change-Id: I9ac641b9528de5376cdb920bee0e900a1b1fa9c2
This flag prevents the compiler from inserting calls to libc functions in
the ifunc resolver code, which will definitely cause problems if the libc
function is itself an ifunc, but other calls that use the PLT may also be
affected, since libc may not have been fully resolved yet. As it turns out,
newer versions of clang will insert calls to memcmp in the body of the
init_cpu_variant() function in arch-arm/dynamic_function_dispatch.cpp.
Change-Id: I91f18d450835adc4b74565e9f48d5834f594a0c4
As it turns out, our "generic" arm64 implementations of certain string.h
functions are not actually generic, since they will eagerly read memory
possibly outside of the bounds of an MTE granule, which may lead to a segfault
on MTE-enabled hardware. Therefore, move the implementations into a "default"
directory and use ifuncs to select between them and a new set of "mte"
implementations, conditional on whether the hardware and kernel support MTE.
The MTE implementations are currently naive implementations written in C
but will later be replaced with a set of optimized assembly implementations.
Bug: 135772972
Change-Id: Ife37c4e0e6fd60ff20a34594cc09c541af4d1dd7
Upstream keeps rearranging the deckchairs for these, so let's just
switch to the [roughly] one-liners rather than track that...
Test: treehugger
Change-Id: If655cf7a7f316657de44d41fadd43a8c55ee6f23
