This test is designed to detect code such as:
int main() {
char buf[10];
memcpy(buf, "1234567890", sizeof(buf));
size_t len = strlen(buf); // segfault here with _FORTIFY_SOURCE
printf("%d\n", len);
return 0;
}
or anytime strlen reads beyond an object boundary. This should
help address memory leakage vulnerabilities and make other
unrelated vulnerabilities harder to exploit.
Change-Id: I354b425be7bef4713c85f6bab0e9738445e00182
Two changes:
1) Detect memory read overruns.
For example:
int main() {
char buf[10];
memcpy(buf, "abcde", sizeof(buf));
sprintf("%s\n", buf);
}
because "abcde" is only 6 bytes, copying 10 bytes from it is a bug.
This particular bug will be detected at compile time. Other similar
bugs may be detected at runtime.
2) Detect overlapping buffers on memcpy()
It is a bug to call memcpy() on buffers which overlap. For
example, the following code is buggy:
char buf3[0x800];
char *first_half = &buf3[0x400];
char *second_half = &buf3[1];
memset(buf3, 0, sizeof(buf3));
memcpy(first_half, second_half, 0x400);
printf("1: %s\n", buf3);
We now detect this at compile and run time.
Change-Id: I092bd89f11f18e08e8a9dda0ca903aaea8e06d91
limits.h relies on PAGE_SIZE being defined without actually including
page.h. Make sure this is included to avoid compilation failures.
Signed-off-by: Arun Raghavan <arun.raghavan@collabora.co.uk>
Add fortify_source support for openat(). This change requires that
an argument be supplied when using O_CREAT.
Fix unnecessary call to __open_2. If, at compile time, we know that
"flags" is constant and DOESN'T contain O_CREAT, the call to __open_2
is useless.
Change-Id: Ifcd29c4fb25e25656961d7552d672e161f0cfdbd
Prefix private functions with underscores, to prevent name
conflicts.
Use __error__ instead of error, since occasionally programs will
create their own "#define error ...".
Change-Id: I7bb171df58aec5627e61896032a140db547fd95d
Add a FORTIFY_SOURCE check which requires that you pass a
"mode" argument when calling open(..., O_CREAT). If a mode isn't
passed, then the file is created with "undefined" permissions.
Change-Id: I4427be4f9ce170c69da01af5b00fb05b03613a28
Add strlcpy / strlcat support to FORTIFY_SOURCE. This allows
us to do consistency checks on to ensure we don't overflow buffers
when the compiler is able to tell us the size of the buffer we're
dealing with.
Unlike previous changes, this change DOES NOT use the compiler's
builtin support. Instead, we do everything the compiler would
normally do.
Change-Id: I47c099a911382452eafd711f8e9bfe7c2d0a0d22
According to
http://gcc.gnu.org/onlinedocs/gcc/Function-Attributes.html
realloc should NOT be marked with __attribute__((malloc)). Quoting:
realloc-like functions do not have this property as the memory
pointed to does not have undefined content.
For reference, __mallocfunc is defined in sys/cdefs.h as:
#define __mallocfunc __attribute__((malloc))
Change-Id: I56083542ba92e4608dd7c55fb5596a138eb50cc9
sprintf FORTIFY_SOURCE protections are not available
on clang.
Also add various __attribute__s to stdio functions.
Change-Id: I936d1f9e55fe53a68885c4524b7b59e68fed218d
Add _FORTIFY_SOURCE support for snprintf, vsnprintf
At this time, we opt out of these protections for clang, as clang
does not implement __builtin_va_arg_pack().
http://clang.llvm.org/docs/UsersManual.html#c_unimpl_gcc
Change-Id: I73ebe5ec8dad1dca8898a76d6afb693a25f75375
This was misleading 'configure' into thinking we actually support AF_LINK,
but we're Linux, so we don't, and we never implemented the functions we
declared here either.
Reported to AOSP by Jun-ya Kato.
(cherry-pick of 5056f1fad1187cd67729bb04ba72397d78256f03.)
Change-Id: Ic67f674d2221497c8166994812bb5fc7f0831066
This was misleading 'configure' into thinking we actually support AF_LINK,
but we're Linux, so we don't, and we never implemented the functions we
declared here either.
Reported to AOSP by Jun-ya Kato.
Change-Id: I111f9887f3812469b411b9cf5124d9dd624f19f7
Add _FORTIFY_SOURCE support for the following functions:
* memset
* bzero
Move the __BIONIC_FORTIFY_INLINE definition to cdefs.h so it
can be used from multiple header files.
Change-Id: Iead4d5e35de6ec97786d58ee12573f9b11135bb7
Add initial support for -D_FORTIFY_SOURCE to bionic for the
following functions:
* memcpy
* memmove
* strcpy
* strcat
* strncpy
* strncat
This change adds a new version of the above functions which passes
the size of the destination buffer to __builtin___*_chk.
If the compiler can determine, at compile time, that the destination
buffer is large enough, or the destination buffer can point to an object
of unknown size, then the check call is bypassed.
If the compiler can't make a compile time decision, then it calls
the __*_chk() function, which does a runtime buffer size check
These options are only enabled if the code is compiled with
-D_FORTIFY_SOURCE=1 or 2, and only when optimizations are enabled.
Please see
* http://gcc.gnu.org/onlinedocs/gcc/Object-Size-Checking.html
* http://gcc.gnu.org/ml/gcc-patches/2004-09/msg02055.html
for additional details on FORTIFY_SOURCE.
Testing: Compiled the entire Android tree with -D_FORTIFY_SOURCE=1,
and verified that everything appears to be working properly.
Also created a test buffer overflow, and verified that it was
caught by this change.
Change-Id: I4fddb445bafe92b16845b22458d72e6dedd24fbc
The posix_memalign(3) function is very similar to the traditional
memalign(3) function, but with better error reporting and a guarantee
that the memory it allocates can be freed. In bionic, memalign(3)
allocated memory can be freed, so posix_memalign(3) is just a wrapper
around memalign(3).
Change-Id: I62ee908aa5ba6b887d8446a00d8298d080a6a299
In bionic/libc/SYSCALLS.TXT, the prototype of system call
clock_nanosleep is incorrect.
According to man page:
int clock_nanosleep(clockid_t clock_id, int flags,
const struct timespec *request,
struct timespec *remain);
Change-Id: Ic44c6db3d632293aa17998035554eacd664c2d57
Signed-off-by: Jin Wei <wei.a.jin@intel.com>
Signed-off-by: Jack Ren <jack.ren@intel.com>
Signed-off-by: Bruce Beare <bruce.j.beare@intel.com>
In bionic/libc/SYSCALLS.TXT, the prototypes of system call
getresuid/getresgid are incorrect.
According to man page, they should be:
int getresuid(uid_t *ruid, uid_t *euid, uid_t *suid);
int getresgid(gid_t *rgid, gid_t *egid, gid_t *sgid);
Change-Id: I676098868bb05a9e1fe45419b234cf397626fdad
Signed-off-by: Jin Wei <wei.a.jin@intel.com>
Signed-off-by: Jack Ren <jack.ren@intel.com>
Signed-off-by: Bruce Beare <bruce.j.beare@intel.com>
cdefs.h: Introduce the __purefunc attribute, which allows us to mark
certain functions as being "pure".
http://gcc.gnu.org/onlinedocs/gcc/Function-Attributes.html
Many functions have no effects except the return value and their
return value depends only on the parameters and/or global variables.
Such a function can be subject to common subexpression elimination
and loop optimization just as an arithmetic operator would be.
string.h: Mark many commently used string functions as "pure", to
allow for additional compiler optimizations.
Change-Id: I42961f90f822b6dbcbc3fd72cdbe774a7adc8785
New functions:
tfind
tsearch
tdelete
twalk
tdestroy (GNU extension)
Bug fix: the current implementation for realpath would crash
if the second argument (resolved_path) is NULL.
New headers:
ar.h
search.h
Change-Id: Ib6c1e42fc186a6d597a6e5a9692b16acaa155804
Add support for PT_GNU_RELRO. This allows the static linker to
indicate that certain regions of memory should be marked as
"read-only" after dynamic linking is complete.
See:
* http://www.akkadia.org/drepper/nonselsec.pdf (section 6)
* http://tk-blog.blogspot.com/2009/02/relro-not-so-well-known-memory.html
Note that this change has no effect on Android right now, because
we don't compile our code with relro enabled.
Change-Id: I6541f8775367e8558b4388f7d105b1ae6e8f046b
include/elf.h contains basically the same values as
linux/auxvec.h. Eliminate dups.
include/sys/exec_elf.h contains basically the same
values as linux/elf.h. Eliminate dups.
Change-Id: I66b8358161bb52223bb657f8f73ba28b324f4fa3
include/elf.h contains basically the same values as
linux/auxvec.h. Eliminate dups.
include/sys/exec_elf.h contains basically the same
values as linux/elf.h. Eliminate dups.
Change-Id: I66b8358161bb52223bb657f8f73ba28b324f4fa3
This patch defines a few new macros that can be used to control the
visibility of symbols exported by the C library:
- ENTRY_PRIVATE() can be used in assembly sources to indicate
that an assembler function should have "hidden" visibility, i.e.
will never be exported by the C library's shared library.
This is the equivalent of using __LIBC_HIDDEN__ for a C function,
but ENTRY_PRIVATE() works like ENTRY(), and must be used with
END() to tag the end of the function.
- __LIBC_ABI_PUBLIC__ can be used to tag a C functions as being
part of the C library's public ABI. This is important for a
few functions that must be exposed by the NDK to maintain
binary compatibility.
Once a symbol has been tagged with this macro, it shall
*never* be removed from the library, even if it becomes
directly unused due to implementation changes
(e.g. __is_threaded).
- __LIBC_ABI_PRIVATE__ can be used for C functions that should
always be exported by the C library because they are used by
other libraries in the platform, but should not be exposed
by the NDK. It is possible to remove such symbols from the
implementation if all callers are also modified.
+ Add missing END() assembly macro for x86
Change-Id: Ia96236ea0dbec41d57bea634b39d246b30e5e234
We don't have a toolchain anymore, we don't have working original
kernel headers, and nobody is maintaining this so there is really
no point in keeping this here. Details of the patch:
- removed code paths from Android.mk files related to the SuperH
architecture ("sh")
- removed libc/arch-sh, linker/arch-sh, libc/kernel/arch-sh
- simplified libc/SYSCALLS.TXT
- simplified the scripts in libc/tools/ and libc/kernel/tools
Change-Id: I26b0e1422bdc347489e4573e2fbec0e402f75560
Signed-off-by: David 'Digit' Turner <digit@android.com>
The xattr system calls are required for the SE Android userspace in
order to get and set file security contexts. In particular, libselinux
requires these calls.
Change-Id: I78f5eb3d8f3384aed0a5e7c6a6f001781d982017
linux-unistd.h was here for reference purposes, but shouldn't
have been accessible to client code. Delete it.
Change-Id: I60c264ff6ca489a48117914bdf6daa486737af8c
This patch is used to remove private C library declarations from the
public headers (that are exported to the NDK). It should *only* be
submitted after all other patches modifying the users of said
private functions have been submitted to the tree, to avoid
breakages.
Change-Id: I0a5e3014f8e3ac9ed8df86a5cdae506337c23252
This patch is the first in a series that aims at cleaning up the
public C library headers (which end up being distributed with the NDK).
<resolv.h> and <time.h> contain declarations that should not be public.
They are used by other parts of the platform, but NDK applications should
not use or rely on them.
So copy them to private <bionic_time.h> and <resolv_iface.h> headers
and use a guard macro to avoid conflicts when both headers are included
at the same time.
The idea is that we're going to fix the other platform modules to
include these private headers. After this is done, we will remove the
duplicate definitions from <resolv.h> and <time.h>
Change-Id: I121c11936951c98ca7165e811126ed8a4a3a394d
Add bionic libc to support readahead system call.
This is needed to enable sreadahead to work.
Change-Id: I3856e1a3833db82e6cf42fd34af7631bd40cc723
Author: Winson Yung <winson.w.yung@intel.com>
Signed-off-by: Bruce Beare <bruce.j.beare@intel.com>
The posix_memalign(3) function is very similar to the traditional
memalign(3) function, but with better error reporting and a guarantee
that the memory it allocates can be freed. In bionic, memalign(3)
allocated memory can be freed, so posix_memalign(3) is just a wrapper
around memalign(3).
Change-Id: I62ee908aa5ba6b887d8446a00d8298d080a6a299
Use tgkill instead of tkill to implement pthread_kill.
This is safer in the event that the thread has already terminated
and its id has been reused by a different process.
Change-Id: Ied715e11d7eadeceead79f33db5e2b5722954ac9
__atomic_cmpxchg and other related atomic operations did not
provide memory barriers, which can be a problem for non-platform
code that links against them when it runs on multi-core devices.
This patch does two things to fix this:
- It modifies the existing implementation of the functions
that are exported by the C library to always provide
full memory barriers. We need to keep them exported by
the C library to prevent breaking existing application
machine code.
- It also modifies <sys/atomics.h> to only export
always-inlined versions of the functions, to ensure that
any application code compiled against the new header will
not rely on the platform version of the functions.
This ensure that said machine code will run properly on
all multi-core devices.
This is based on the GCC built-in sync primitives.
The end result should be only slightly slower than the
previous implementation.
Note that the platform code does not use these functions
at all. A previous patch completely removed their usage in
the pthread and libstdc++ code.
+ rename arch-arm/bionic/atomics_arm.S to futex_arm.S
+ rename arch-x86/bionic/atomics_x86.S to futex_x86.S
+ remove arch-x86/include/sys/atomics.h which already
provided inlined functions to the x86 platform.
Change-Id: I752a594475090cf37fa926bb38209c2175dda539
For Honeycomb, we added proper file thread-safety for
all FILE* operations. However, we did implement that by
using an out-of-band hash table to map FILE* pointers
to phtread_mutex_t mutexes, because we couldn't change
the size of 'struct _sFILE' without breaking the ABI.
It turns out that our BSD-derived code already has
some support code to extend FILE* objects, so use it
instead. See libc/stdio/fileext.h
This patch gets rid of the hash table, and put the
mutex directly into the sFILE extension.
Change-Id: If1c3fe0a0a89da49c568e9a7560b7827737ff4d0
Initial commit for dns cache per interface.
Added a type that holds a reference to a
cache and name of associated interface,
address of interface, name server(s)
associated with an interface etc.
New functions to set default interface,
address of name servers etc.
Change-Id: Ie991bc5592fd998409853d8bf77d7fe69035dac5
Make netinet/ip.h have IPTOS_MINCOST which matches what
kernel/common/linux/ip.h has to say.
Fixup gethostbyaddr() 1st arg to match what man has to say.
Change-Id: Iff9647d4a46ea88b1fc32163eb69bb9b27cdf370
This change fixes the prctl() declaration to match GLibc, and allow us
to build gcc-4.6 for Android (among other things). Note that this does
not change the source and binary interfaces.
Change-Id: I3900c957f0da8b3548cbe9da8c41d50099dc19d6
Make netinet/ip.h have IPTOS_MINCOST which matches what
kernel/common/linux/ip.h has to say.
Fixup gethostbyaddr() 1st arg to match what man has to say.
Change-Id: Iff9647d4a46ea88b1fc32163eb69bb9b27cdf370
The kernel has supported this syscall for quite some time now,
but bionic did not. Now that there is a need for it, let's
add it to bionic.
Change-Id: Ifcef3e46f1438d79435b600c4e6063857ab16903
Backport I110b653a58f3
All the other property stuff is already here. Property setting was
only in libcutils previously to leverage a utility function / constant
or two.
Unfortunately in the process of fixing a race condition we would've
had to do break abstraction boundaries and put some libc-internal
details into libcutils so instead of that we'll just move this
into bionic.
Along with Iee1ca9b7, this now passes:
$ adb shell am instrument -w -e class android.os.SystemPropertiesTest \
com.android.frameworks.coretests.systemproperties/android.test.InstrumentationTestRunner
Bug: 3511230
Change-Id: I1b588db3344169621e1279ecc0b660cf4e1015d7
Backport I110b653a58f3
All the other property stuff is already here. Property setting was
only in libcutils previously to leverage a utility function / constant
or two.
Unfortunately in the process of fixing a race condition we would've
had to do break abstraction boundaries and put some libc-internal
details into libcutils so instead of that we'll just move this
into bionic.
Along with Iee1ca9b7, this now passes:
$ adb shell am instrument -w -e class android.os.SystemPropertiesTest \
com.android.frameworks.coretests.systemproperties/android.test.InstrumentationTestRunner
Bug: 3511230
Change-Id: I1b588db3344169621e1279ecc0b660cf4e1015d7
All the other property stuff is already here. Property setting was
only in libcutils previously to leverage a utility function / constant
or two.
Unfortunately in the process of fixing a race condition we would've
had to do break abstraction boundaries and put some libc-internal
details into libcutils so instead of that we'll just move this
into bionic.
Along with Iee1ca9b7, this now passes:
$ adb shell am instrument -w -e class android.os.SystemPropertiesTest \
com.android.frameworks.coretests.systemproperties/android.test.InstrumentationTestRunner
Bug: 3511230
Change-Id: I110b653a58f312fbe069dca59892a877ae9bc911
* commit '638608b11afbd255ddbd15e739f0f638791a4305':
libc: <stdint.h>: Don't make __STD_CONSTANT_MACROS available if only __STD_LIMIT_MACROS is defined.
This patch prevents the definition of various macros when <stdint.h> is
included from C++. The ISO C99 standard mentions that when this header
is included from a C++ source file, limit and constant related macros
should only be defined when asked explicitely by defining
__STDC_LIMIT_MACROS and __STD_CONSTANT_MACROS, respectively.
The <stdint.h> lacked the proper #ifdef .. #endif blocks for the
following macros:
INTPTR_MIN, INTPTR_MAX, UINTPTR_MAX, PTRDIFF_MIN, PTRDIFF_MAX
INTMAX_MIN, INTMAX_MAX, UINTMAX_MAX,
INPTR_C, UINTPR_C, PTRDIFF_C, INTMAX_C, UINTMAX_C
This is intended to fix http://code.google.com/p/android/issues/detail?id=14380
after we copy this file to development/ndk/platforms/android-3/include/
Change-Id: Ia77e0822edfaaf568ea599d7de673b310eeeaa4a
* commit '962dcb22218a1a6d4ebd05e4fc4a69875d037234':
libc: Fix PTHREAD_RWLOCK_INITIALIZER
Proxy getnameinfo through netd
Updated gcc 4.4.3 IA toolchain doesn't require the .ctors list
Convert cname lenght before use
Fix the handle locking in stdio to use flockfile/funlockfile
internally when and where required. Macros in <stdio.h> are updated
to automatically call the underlying functions when the process is
threaded to obtain the necessary locking. A private mutex is added
to protect __sglue, the internal list of FILE handles, and another
to protect the one-time initialization. Some routines in libc that
use getc() change to use getc_unlocked() as they're either protected
by their own lock or aren't thread-safe routines anyway.
Based on OpenBSD change by guenther@openbsd.orghttp://www.mail-archive.com/source-changes@cvs.openbsd.org/msg01015.html
Bug: 3446659
Change-Id: Ie82116e358c541718d6709ec45ca6796be5a007b
Make the scripts use external/kernel-headers/original by default.
clean_header.py: Document -k<path>, add -d<path>
find_headers.py: Make kernel config files optional
update_all.py: Allow setting the path to kernel headers on the command-line
update_all.py: Better formatting of output on ttys
update_all.py: Automatically perform "git add/rm" on affected files.
SYSCALLS.TXT: Fix typo in __socketcall definition.
checksyscalls.py: Add support for superH architecture in the checks.
gensyscalls.py: Automatically perform "git add/rm" on affected files.
cpp.py: Fixed a bug that prevented certain type definitions to
be kept in the generated clean header (e.g.
struct ethtool_drvinfo in <linux/ethtool.h>)
All scripts will use the content of external/kernel-headers/original by default now.
The generated code removes all empty lines and trailing whitespace. This is useful
to ensure a unified output even if we change the parser again in the future.
The top-level disclaimer has been edited with update instructions to regenerate
the headers when needed.
Also, a warning is now inserted every 8th line in the final output:
/* WARNING: DO NOT EDIT, AUTO-GENERATED CODE - SEE TOP FOR INSTRUCTIONS */
Changes under kernel/arch-arm and kernel/arch-x86 should correspond to whitespace
differences and additionnal struct definitions that were missed by the previous
parser implementation.
Change-Id: Icd1c056bacd766759f3e9b7bb5d63a246f3d656a
WARNING: If you run these script, do not submit the result to gerrit for now.
It seems there are discrepancies between the content of original headers
and those currently commited under bionic/libc/kernel/.
(This problem is the main motivation to insert the warning repeatedly).
Current list of issues:
- Missing SuperH headers (i.e. external/kernel-headers/original/asm-sh)
After this change, SIGRTMAX will be set to 64 (instead of 32 currently).
Note that this doesn't change the fact that our sigset_t is still defined
as a 32-bit unsigned integer, so most functions that deal with this type
won't support real-time signals though.
Change-Id: Ie1e2f97d646f1664f05a0ac9cac4a43278c3cfa8
Add missing declarations:
INET_ADDRSTRLEN
IN6_IS_ADDR_MC_NODELOCAL
IN6_IS_ADDR_MC_GLOBAL
It has been reported that these prevent compilation of the Boost libraries
with the NDK. The corresponding patch has already been performed under
development/ndk/platforms/android-3/include.
Change-Id: I4ac514973daf3c06a8ef5538d7df79142a98e562
This patch improves the handling of 64-bit parameters in syscalls on ARM.
The ARM EABI mandates that 64-bit quantities be passed in even/odd register
pairs, which requires special treatment.
This allows us to simplify our implementations of pread() and pwrite()
and remove the C stubs for pread64() and pwrite64().
Also add ftruncate64() to <unistd.h>
Change-Id: I407e2fd223ba0093dd2d0b04c6152fadfc9ce3ef
Bug 3107933
This adds the cpu_set_t type definition and related functions
and macros used to handle CPU thread affinity.
sched_getcpu()
sched_setaffinity()
sched_getaffinity()
Change-Id: If382ecafde8926341a88478062b275553645065b
Add a new header that defines __ANDROID_API__ as a constant integer
corresponding to the current native API level. This header is included
by <sys/cdefs.h>
Change-Id: Ib4774e247b395991266245815a24292afc919848
NOTE: This header is already provided by the NDK's platform headers.
for levels 3 to 9.
The mkdtemp() function is implemented in libc/stdio/mktemp.c but not
exposed in stdlib.h. This change adds the prototype to stdlib.h.
Change-Id: I5a98650c665d2e45b2cf6ed3382742f7bdc7c88a
The above prototypes are missing from libc/include/wchar.h but
the functions are present (although with a limited implementation)
in libc.
Change-Id: I1b7c6accfc59ff0f56f3f41a9d3c075e935ac54a
64-bit pread() and pwrite() is needed for ZipFileRO to be able to read
ludicrously large ZIP files just in case someone is crazy enough to do
it.
Also fix a license header that was apparently mangled.
Change-Id: I6819ef8b36e46b63b40749c95717b1ecf9307033
Merge commit 'ff7d94530db60cf4fe4a4c287ee8821ebdf6263a'
* commit 'ff7d94530db60cf4fe4a4c287ee8821ebdf6263a':
Hide the symbol of helper function __libc_android_abort
Merge commit '1aeeeae166920f871c1e4ecd960bb92dcaef0896'
* commit '1aeeeae166920f871c1e4ecd960bb92dcaef0896':
libc: tag missing functions in system headers.
Merge commit 'f67e5211e045af1b12f646448a5a35f96ba5e8f1' into gingerbread-plus-aosp
* commit 'f67e5211e045af1b12f646448a5a35f96ba5e8f1':
Hide the symbol of helper function __libc_android_abort
Merge commit 'b8d2233e8abc30f33be7d7acc7f3ef6e6aabebac' into gingerbread-plus-aosp
* commit 'b8d2233e8abc30f33be7d7acc7f3ef6e6aabebac':
libc: tag missing functions in system headers.
This matches recent changes in the NDK header.
We enclose missing functions in #if 0 .. #endif blocks
with a clear "MISSING" in comments in order to locate
them later.
Change-Id: I87b3a62e777897e75c9243360fb0a82bcc53d9fb
Merge commit '9aac38249b579282ae8eaa630de3deaf97c4edff'
* commit '9aac38249b579282ae8eaa630de3deaf97c4edff':
libc: remove C++ comments from public headers.
Merge commit '307aadb8473744c3d946add8b3e4947ada5481aa' into gingerbread-plus-aosp
* commit '307aadb8473744c3d946add8b3e4947ada5481aa':
libc: Add missing C++ guards to <pathconf.h>
Merge commit 'bd8d987b3c3aa6d9d00cede2cb091f00bdb42204' into gingerbread-plus-aosp
* commit 'bd8d987b3c3aa6d9d00cede2cb091f00bdb42204':
libc: remove C++ comments from public headers.