Silence narrowing warnings by manually casting to a smaller type,
convert static_asserts to CHECKs, and switch from using MSG_CMSG_CLOEXEC
to manually setting FD_CLOEXEC.
Test: mma
Change-Id: I8aa02804179d754de860279fe34773800b937ab6
Almost all of the uses of cmsg(3) in our source tree are wrong in at
least one of the following ways:
- not aligning the cmsg buffer
- leaking fds if more fds are received than expected
- blindly dereferencing CMSG_DATA without checking the header
- using CMSG_SPACE instead of CMSG_LEN for .cmsg_len
- using CMSG_LEN instead of CMSG_SPACE for .msg_controllen
- using a length specified in number of fds instead of bytes
Implement wrapper functions that implement this dumpster fire of an
API correctly.
Bug: http://b/122047630
Test: libbase_test32
Change-Id: I6ac34d67bbbf1bfa9727ab598248fc178ea19df9
This is a useful helper for anyone that's using thread safety
annotations alongside std::condition_variable, extract it from adb and
move it to libbase.
Test: mma
Change-Id: Ic51e2f2a0e6a16628034b29d8ff32bf2155afccd
unique_fd's destructor potentially mangling errno makes it difficult to
use correctly in code that sets errno (or, in reality, it makes it so
that errno values get randomly stomped upon if close actually sets
errno, because no one accounts for this case).
Preserve errno ourselves to avoid this.
Test: treehugger
Change-Id: Ib06e6f65866d86fff4032b2311021eaf9226a1af
sehr points out that we already have two bugs caused by not doing this:
file.cpp has a call to pread with an off64_t that gets truncated, and
mapped_file.cpp does similar with mmap.
Bug: N/A
Test: ran tests
Change-Id: Ia098a836457e5adf109541235ad71c0ad7219da8
Currently bionic only stores the first invocation of
android_set_abort_message, libbase splits the logging invocations
into discrete lines, and liblog automatically calls bionic when
fatal severity is used. This leads to only the first line of
LOG(FATAL) being stored for tombstoned.
Eagerly set the abort message directly before logging when the
severity is FATAL. This ensures the complete message will be
available.
Bug: 120506942
Test: m
Test: manual
Change-Id: I104d6960a2b1f66f21f5ada383fb4ab0f35e96a9
Recursively delete all contents in a temporary directory in the
destructor. If the caller wants the contents preserved, then
call DoNotRemove().
Test: compile
Bug: 119313545
Change-Id: I3601c06334920055a60dd3074b249824f4d6f510
Recursively delete all contents in a temporary directory in the
destructor.
Test: compile
Bug: 119313545
Change-Id: I9570a8591f4e51f8f4f1157e75ccc1b781f8a19d
Allow a wider legitimate audience to use TemporaryFile and
TemporaryDir by moving them from android-base/test_utils.h to
android-base/file.h.
Test: compile
Bug: 119313545
Change-Id: Ie558c5873ce5b3937914918b6bfb427e5b61d0da
Using fdopendir with unique_fd correctly is more annoying than it
should be, because fdopendir doesn't close the file descriptor
received upon failure.
Add an android::base::Fdopendir that does that handles the failure
case.
Bug: 118818285
Test: treehugger
Change-Id: I5dbbe0eb82242bc7716f84735ffc7644febcfd65
Given that I can't actually go back in time and just make bionic's
`off_t` be 64-bit.
Bug: N/A
Test: builds
Change-Id: Ic93336b07bffc0977bd0e9caad6a22ce29ca06ed
This allows us to remove libziparchive's dependency on libutils.
Bug: http://b/79112958
Test: ran libbase and libziparchive tests, ran fastboot manually
Change-Id: I95c651976dad222863e5b8c37d4514b778f5dce7
Let's use LOG(FATAL)/PLOG(FATAL) for actual fatal stuff.
Add a Windows error(3) and move folks who didn't really mean "abort"
fatal over to it. Also get rid of syntax_error which wasn't adding a
lot of value, and most of the places it was adding "usage: " didn't seem
entirely appropriate anyway.
In particular, we seemed to have confused fastdeploy.cpp into aborting
in most user error cases, and none of the reviewers noticed. Clearly
we'd all lost track of far too many options.
(I've also cleaned up a few random instances of fprintf(3) + exit(2).)
Bug: N/A
Test: manual
Change-Id: I3e8440848a24e30d928de9eded505916bc324786
Add FALLTHROUGH_INTENDED for clang compiler.
Bug: 112564944
Test: build with global -Wimplicit-fallthrough.
Change-Id: I40f8bbf94e207c9dd90921e9b762ba51abab5777
Move the fd() function to be private since it should not have been
exposed in the first place.
Fix the way logging_test uses CapturedXXX.
Adding this because the new isolated testing doesn't print errors to
stderr so the ASSERT_ EXPECT_ messages can get swallowed. Also, it's easier
to reuse a CapturedXXX object in a test with these functions.
Test: New unit tests pass.
Change-Id: I38b113fc184146ce434802f80a9b7997fa83e78a
Using fdopen with unique_fd correctly is more annoying than it should
be, because fdopen doesn't close the file descriptor received upon
failure, which means you have to something like the following:
unique_fd ufd = ...;
int fd = ufd.release();
FILE* file = fdopen(fd, "...");
if (!file) {
close(fd);
return;
}
Add an android::base::Fdopen that does that dance for you.
Bug: http://b/113880863
Test: treehugger
Change-Id: I6325acf1ff06484005c1053fe09672c5eeeecaa1
This test means to check both that ParseInt() and ParseUint() do not
change the result on failure, however it erroneously tested ParseInt()
twice.
Test: unit tests
Change-Id: If534e2525827e19aba6cae0eef45668d57623efb
1) ParseInt and ParseUint accept strings that have spaces followed by
a valid number, however the base check for determining hex numbers
does not take this into account currently, but now does this this
change.
2) ParseUint rejects negative numbers except in the case that the
template argument is unsigned long long. That is a mistake; it
should reject negative numbers in all cases and this change does
that by rejecting any string with a - prefix.
Bug: 112668205
Test: new (and old) unit tests
Change-Id: I0179b42e50adc1b169cf0e6d830283b71210a029
I originally accidentally created this file with the execute bit on.
Test: mma
Change-Id: I8075ffdbb114475434ad48912a9dd24f19a9025b
Signed-off-by: Spencer Low <CompareAndSwap@gmail.com>
EXPECT_DEATH forks behind the scenes, which turns off fdsan, leading to
these tests failing. Instead of duplicating the special
EXPECT_FDSAN_DEATH macro, just move these tests into the bionic fdsan
tests.
Test: none
Change-Id: Ia7b65d4560601d5a78d143aced887a6773b401c0
This change also updates documentation for Parse(Ui|I)nt functions
which recently had a corresponding change applied.
Bug: 110758329
Test: libbase_test
Change-Id: I4842c0500a6e49498eeb8a63d1117c06727fffdf
Use __attribute__((weak)) to check for fdsan availability at runtime,
to support being used when built with the NDK while targeting older
platform versions.
This reverts commit af798acaea49b8d9150b94eb9f5f11450a6b8893.
Bug: http://b/110100358
Test: m libjnitest
Change-Id: Ie59d041d69cc3d4b6c59412d706f702dd1d2dab2
Removes segfault if T* out != nullptr and just
returns validation result.
Bug: 110758329
Test: libbase_test
Change-Id: I0f304533a7076bba977fbd1a715b9cc0d9e58e75
This reverts commit fcf2c01b55.
Commit broke full-eng, because libbase is being compiled against the NDK.
Test: treehugger
Change-Id: I8447b6a7fc33e6aa34cec0f037727322fa824446
In the RemoveFileIfExists it always return true even if error appeared
when using stat function.
It should distinguish different error. Such as ENOENT and ENOTDIR
we exactly know the file does not exist. But EACCES(current user has not
all search permission in the file path) and other errors appeared
we can't know whether file exits. So we should return false indicate
there are some error appeared.
Test: ran unit tests
Change-Id: I75788bf0621040812413d52596b5effb628fd0b1
Signed-off-by: liwugang <liwugang@xiaomi.com>
There's still <cutils/atomic.h> in a test, but I don't understand why
that isn't just std::atomic.
Also add a shared tgkill wrapper to libbase.
Bug: N/A
Test: ran tests
Change-Id: Idd4baa1e1670a84b3a8f35803cc5ffe5aae008a6
Bug: http://b/69933090
Bug: http://b/69933068
MinGW uses gnu_printf to force C99 printf analysis with GCC, but clang
does not support gnu_printf. So just use the default that's used for
other platforms. This also mirrors upstream commit
015e637b4b/.
Test: m native-host-cross with Clang.
Change-Id: I3deb266d70e25296c4ae1d58637afbabc3d949c1
Bug: http://b/69933068
Bug: http://b/91353691: std::chrono_utils is not available in the
libstdc++ in the mingw/gcc prebuilts. They can be used once we switch
to using libc++ for Windows host.
Test: m native-host-cross with Clang
Change-Id: If9f0f1f201d5e4e445890075ad64c2d6086b0491
I don't think the StdioLogger test ever passed. Move GetFileBasename
to where we can use it from StdioLogger, and undo the mix of anonymous
namespace vs static to consistently use static (which is the majority)
while we're touching those lines.
Bug: N/A
Test: ran tests
Change-Id: I95b3966cdb8af642bed71752bd7d4e3a86ac84ca
adbd (and its dependencies) are marked as recovery_available:true so
that recovery version of the binary is built separately from the one for
system partition. This allows us to stop copying the system version to
the recovery partition and also opens up the way to enable shared
libraries in the recovery partition. Then we can also build adbd as a
dynamic executable.
Bug: 79146551
Test: m -j adbd.recovery
Change-Id: Ib95614c7435f9d0afc02a0c7d5ae1a94e439e32a
Libraries that are direct or indirect dependencies of modules installed
to recovery partition (e.g. toybox) are marked as recovery_available:
true. This allows a recovery variant of the lib is created when it is
depended by other recovery or recovery_available modules.
Bug: 67916654
Bug: 64960723
Test: m -j
Change-Id: Ie59155c08890e96ce1893fa3687afcf763d7aea3
If the environment has an instance of /dev/kmsg pre-opened, pick up.
This happens when an init script has 'file w /dev/kmsg' in the
daemon's recipe.
libcutils android_get_control_file operations are open-coded to
prevent a dependency on libcutils itself. Also check that /dev/kmsg
file descriptor is valid and open'd for write only.
Test: check to make sure init() kernel logging still works
Bug: 77541952
Bug: 77661605
Change-Id: I007553acd594ef0815d23f32f8aa2867518570ba
This change lets android::base::ScopeGuard be useful in STL containers
(e.g. std::vector<android::base::ScopeGuard<std::function<void()>>>). It
also provides perfect forwarding for android::base::make_scope_guard.
Bug: 34764308
Test: libbase_test
Change-Id: I7d1e5494b0f0695763cff0700efdb9ec18ae85c8
Allow the default tag (the program name) to be overwritten.
Bug: 34867873
Test: m
Test: logging_test
Test: manual
Change-Id: I4ef32bad413a7cc82e46ce16a2f26212925964b1
Since 'struct timespec' members (time_t and long) are both 32bit on
32bit systems, and std::chrono::{seconds,nanoseconds}::rep are both
>32bit, timespec members assigned in DurationToTimeSpec() can have a
negative value, especially when WaitForProperty() is called with the
default timeout value which is std::chrono::milliseconds::max().
Regarding functionality, passing a negative value to
__system_property_wait() is okay because WaitForProperty() still
waits for the property value (so unit tests are passing), but while
WaitForProperty() does that, the function, to be more exact,
SystemProperties::Wait() in bionic/, consumes ~100% of CPU time. This
happens because SystemProperties::Wait() which implements
__system_property_wait() has a tight while-loop with a __futex_wait()
call, and the futex call immediately returns EINVAL when the timespec
passed in has a negative value.
With this CL, WaitForProperty() will never pass a negative timespec
to __system_property_wait(), and therefore the __futex_wait() call
in bionic works as expected without consuming too much CPU time even
on 32bit systems.
Bug: None
Test: libbase_test32 still passes
Test: strace no longer shows repeated EINVALs from __futex_wait
Change-Id: Id1834fac8cd2876b02dbe4479bf3d3eda2fa7da1
Windows build of adb is broken because of the lack of
std::chrono_literals and for an implementation of
android::boot_clock::now().
Test: make -j vts
Bug: 72941624
Change-Id: Ie65fed098633eb45a94ea553de6903f8d55fc5b2
If LOG_TAG was not defined, falling back to a default
behaviour (using binary name).
Bug: 35361699
Test: manual
Change-Id: I209a6ebaf0df882f98642f6d1831766cb296c951
We should have done this from the beginning. Thanks to Windows, we're not
going to be able to switch libbase over to std::string_view any time soon.
Bug: N/A
Test: ran tests
Change-Id: Iff2f56986e39de53f3ac484415378af17dacf26b
Add some helper macros that perform regex string matching to
<android-base/test_utils.h>.
Test: libbase_test32/64 on host
Change-Id: I1b0f03dc73f8b4fdfb8ac6c75d59ef421e0e9640
Now in Android.bp files, target.linux applies to all targets running a
linux kernel (android, linux_glibc, linux_bionic). So common
flags/sources/etc can be combined instead of copying them to each
target.
Test: m
Change-Id: If7ad138ea1c540c160731f86b6ccc0daa5c69b83
This is needed if they will ever handle ro. properties that have
values longer than 92 characters.
Bug: 23102347
Bug: 34954705
Test: read and write properties with value length > 92 characters
Change-Id: I44aa135c97ec010f12162c30f743387810ae2c5d
