The backtrace when a fortify check failed was not correct. This change
adds all of the necessary directives to get a correct backtrace.
Fix the strcmp directives and change all labels to local labels.
Testing:
- Verify that the runtime can decode the stack for __memcpy_chk, __memset_chk,
__strcpy_chk, __strcat_chk fortify failures.
- Verify that gdb can decode the stack properly when hitting a fortify check.
- Verify that the runtime can decode the stack for a seg fault for all of the
_chk functions and for memcpy/memset.
- Verify that gdb can decode the stack for a seg fault for all of the _chk
functions and for memcpy/memset.
- Verify that the runtime can decode the stack for a seg fault for strcmp.
- Verify that gdb can decode the stack for a seg fault in strcmp.
Bug: 10342460
Bug: 10345269
Change-Id: I1dedadfee207dce4a285e17a21e8952bbc63786a
Introduce __bos0 as a #define for __builtin_object_size((s), 0).
This macro is intended to be used for places where the standard
__bos macro isn't appropriate.
memcpy, memmove, and memset deliberately use __bos0. This is done
for two reasons:
1) I haven't yet tested to see if __bos is safe to use.
2) glibc uses __bos0 for these methods.
Change-Id: Ifbe02efdb10a72fe3529dbcc47ff647bde6feeca
clock_gettime was returning EINVAL for the values
produced by pthread_getcpuclockid.
Bug: 10346183
(cherry picked from commit 9b06cc3c1b)
Change-Id: Ib81a7024c218a4502f256c3002b9030e2aaa278d
We used to just try any iface we'd been told about as a
fallback, but that will end up mistakenly using a secondary
network's dns when we really don't have a default connection.
It also messed up our detection of whether we were doing the
lookup on the default or not (we'd get back our secondary net
iface as the default, do the compare and think we were on default).
Remove the lies and let dns fail if we don't have an iface for it.
bug:10132565
Conflicts:
libc/netbsd/resolv/res_cache.c
Change-Id: I357a9c34dad83215f44c5e0dd41ce2a7d6fe8f3f
Required for x86 build with multilib compiler.
Change-Id: Iac71cdc3461df6fb48cb2a7b713324ca368e6704
Signed-off-by: Pavel Chupin <pavel.v.chupin@intel.com>
We used to just try any iface we'd been told about as a
fallback, but that will end up mistakenly using a secondary
network's dns when we really don't have a default connection.
It also messed up our detection of whether we were doing the
lookup on the default or not (we'd get back our secondary net
iface as the default, do the compare and think we were on default).
Remove the lies and let dns fail if we don't have an iface for it.
bug:10132565
Change-Id: I5f0f2abacaaaaf23c5292b20fba9d8dcb6fb10c5
I've mailed the tz list about this, and will switch to whatever upstream
fix comes along as soon as it's available.
Bug: 10310929
(cherry picked from commit 7843d44a59)
Change-Id: I205e2440703444c50cecd91d3458d33613ddbc59
I've mailed the tz list about this, and will switch to whatever upstream
fix comes along as soon as it's available.
Bug: 10310929
Change-Id: I36bf3fcf11f5ac9b88137597bac3487a7bb81b0f
The libcorkscrew stack unwinder does not understand cfi directives,
so add .save directives so that it can function properly.
Also add the directives in to strcmp.S and fix a missing set of
directives in cortex-a9/memcpy_base.S.
Bug: 10345269
Change-Id: I043f493e0bb6c45bd3f4906fbe1d9f628815b015
clock_gettime was returning EINVAL for the values
produced by pthread_getcpuclockid.
Bug: 10346183
Change-Id: Iabe643d7d46110bb311a0367aa0fc737f653208e
This change pulls the memcpy code out into a new file so that the
__strcpy_chk and __strcat_chk can use it with an include.
The new versions of the two chk functions uses assembly versions
of strlen and memcpy to implement this check. This allows near
parity with the assembly versions of strcpy/strcat. It also means that
as memcpy implementations get faster, so do the chk functions.
Other included changes:
- Change all of the assembly labels to local labels. The other labels
confuse gdb and mess up backtracing.
- Add .cfi_startproc and .cfi_endproc directives so that gdb is not
confused when falling through from one function to another.
- Change all functions to use cfi directives since they are more powerful.
- Move the memcpy_chk fail code outside of the memcpy function definition
so that backtraces work properly.
- Preserve lr before the calls to __fortify_chk_fail so that the backtrace
actually works.
Testing:
- Ran the bionic unit tests. Verified all error messages in logs are set
correctly.
- Ran libc_test, replacing strcpy with __strcpy_chk and replacing
strcat with __strcat_chk.
- Ran the debugger on nexus10, nexus4, and old nexus7. Verified that the
backtrace is correct for all fortify check failures. Also verify that
when falling through from __memcpy_chk to memcpy that the backtrace is
still correct. Also verified the same for __memset_chk and bzero.
Verified the two different paths in the cortex-a9 memset routine that
save variables to the stack still show the backtrace properly.
Bug: 9293744
(cherry-picked from 2be91915dc)
Change-Id: Ia407b74d3287d0b6af0139a90b6eb3bfaebf2155
This change creates assembler versions of __memcpy_chk/__memset_chk
that is implemented in the memcpy/memset assembler code. This change
avoids an extra call to memcpy/memset, instead allowing a simple fall
through to occur from the chk code into the body of the real
implementation.
Testing:
- Ran the libc_test on __memcpy_chk/__memset_chk on all nexus devices.
- Wrote a small test executable that has three calls to __memcpy_chk and
three calls to __memset_chk. First call dest_len is length + 1. Second
call dest_len is length. Third call dest_len is length - 1.
Verified that the first two calls pass, and the third fails. Examined
the logcat output on all nexus devices to verify that the fortify
error message was sent properly.
- I benchmarked the new __memcpy_chk and __memset_chk on all systems. For
__memcpy_chk and large copies, the savings is relatively small (about 1%).
For small copies, the savings is large on cortex-a15/krait devices
(between 5% to 30%).
For cortex-a9 and small copies, the speed up is present, but relatively
small (about 3% to 5%).
For __memset_chk and large copies, the savings is also small (about 1%).
However, all processors show larger speed-ups on small copies (about 30% to
100%).
Bug: 9293744
Merge from internal master.
(cherry-picked from 7c860db074)
Change-Id: I916ad305e4001269460ca6ebd38aaa0be8ac7f52
This change pulls the memcpy code out into a new file so that the
__strcpy_chk and __strcat_chk can use it with an include.
The new versions of the two chk functions uses assembly versions
of strlen and memcpy to implement this check. This allows near
parity with the assembly versions of strcpy/strcat. It also means that
as memcpy implementations get faster, so do the chk functions.
Other included changes:
- Change all of the assembly labels to local labels. The other labels
confuse gdb and mess up backtracing.
- Add .cfi_startproc and .cfi_endproc directives so that gdb is not
confused when falling through from one function to another.
- Change all functions to use cfi directives since they are more powerful.
- Move the memcpy_chk fail code outside of the memcpy function definition
so that backtraces work properly.
- Preserve lr before the calls to __fortify_chk_fail so that the backtrace
actually works.
Testing:
- Ran the bionic unit tests. Verified all error messages in logs are set
correctly.
- Ran libc_test, replacing strcpy with __strcpy_chk and replacing
strcat with __strcat_chk.
- Ran the debugger on nexus10, nexus4, and old nexus7. Verified that the
backtrace is correct for all fortify check failures. Also verify that
when falling through from __memcpy_chk to memcpy that the backtrace is
still correct. Also verified the same for __memset_chk and bzero.
Verified the two different paths in the cortex-a9 memset routine that
save variables to the stack still show the backtrace properly.
Bug: 9293744
Change-Id: Id5aec8c3cb14101d91bd125eaf3770c9c8aa3f57
(cherry picked from commit 2be91915dc)
Create one version of strcat/strcpy/strlen for cortex-a15/krait and another
version for cortex-a9.
Tested with the libc_test strcat/strcpy/strlen tests.
Including new tests that verify that the src for strcat/strcpy do not
overread across page boundaries.
NOTE: The handling of unaligned strcpy (same code in strcat) could probably
be optimized further such that the src is read 64 bits at a time instead of
the partial reads occurring now.
strlen improves slightly since it was recently optimized.
Performance improvements for strcpy and strcat (using an empty dest string):
cortex-a9
- Small copies vary from about 5% to 20% as the size gets above 10 bytes.
- Copies >= 1024, about a 60% improvement.
- Unaligned copies, from about 40% improvement.
cortex-a15
- Most small copies exhibit a 100% improvement, a few copies only
improve by 20%.
- Copies >= 1024, about 150% improvement.
- Unaligned copies, about 100% improvement.
krait
- Most small copies vary widely, but on average 20% improvement, then
the performance gets better, hitting about a 100% improvement when
copies 64 bytes of data.
- Copies >= 1024, about 100% improvement.
- When coping MBs of data, about 50% improvement.
- Unaligned copies, about 90% improvement.
As strcat destination strings get larger in size:
cortex-a9
- about 40% improvement for small dst strings (>= 32).
- about 250% improvement for dst strings >= 1024.
cortex-a15
- about 200% improvement for small dst strings (>=32).
- about 250% improvement for dst strings >= 1024.
krait
- about 25% improvement for small dst strings (>=32).
- about 100% improvement for dst strings >=1024.
Merge from internal master.
(cherry-picked from d119b7b6f4)
Change-Id: I296463b251ef9fab004ee4dded2793feca5b547a
Use the new __bionic_name_mem function to name malloc'd memory as
"libc_malloc" on kernels that support it.
Change-Id: I7235eae6918fa107010039b9ab8b7cb362212272
Only works on some kernels, and only on page-aligned regions of
anonymous memory. It will show up in /proc/pid/maps as
[anon:<name>] and in /proc/pid/smaps as Name: <name>
Change-Id: If31667cf45ff41cc2a79a140ff68707526def80e
This change creates assembler versions of __memcpy_chk/__memset_chk
that is implemented in the memcpy/memset assembler code. This change
avoids an extra call to memcpy/memset, instead allowing a simple fall
through to occur from the chk code into the body of the real
implementation.
Testing:
- Ran the libc_test on __memcpy_chk/__memset_chk on all nexus devices.
- Wrote a small test executable that has three calls to __memcpy_chk and
three calls to __memset_chk. First call dest_len is length + 1. Second
call dest_len is length. Third call dest_len is length - 1.
Verified that the first two calls pass, and the third fails. Examined
the logcat output on all nexus devices to verify that the fortify
error message was sent properly.
- I benchmarked the new __memcpy_chk and __memset_chk on all systems. For
__memcpy_chk and large copies, the savings is relatively small (about 1%).
For small copies, the savings is large on cortex-a15/krait devices
(between 5% to 30%).
For cortex-a9 and small copies, the speed up is present, but relatively
small (about 3% to 5%).
For __memset_chk and large copies, the savings is also small (about 1%).
However, all processors show larger speed-ups on small copies (about 30% to
100%).
Bug: 9293744
Change-Id: I8926d59fe2673e36e8a27629e02a7b7059ebbc98
__memcmp16 was missing in x86. Also added C-version for backward
compatibility. Added bionic test for __memcmp16 and for wmemcmp.
Change-Id: I33718441e7ee343cdb021d91dbeaf9ce2d4d7eb4
Signed-off-by: Alexander Ivchenko <alexander.ivchenko@intel.com>
Create one version of strcat/strcpy/strlen for cortex-a15/krait and another
version for cortex-a9.
Tested with the libc_test strcat/strcpy/strlen tests.
Including new tests that verify that the src for strcat/strcpy do not
overread across page boundaries.
NOTE: The handling of unaligned strcpy (same code in strcat) could probably
be optimized further such that the src is read 64 bits at a time instead of
the partial reads occurring now.
strlen improves slightly since it was recently optimized.
Performance improvements for strcpy and strcat (using an empty dest string):
cortex-a9
- Small copies vary from about 5% to 20% as the size gets above 10 bytes.
- Copies >= 1024, about a 60% improvement.
- Unaligned copies, from about 40% improvement.
cortex-a15
- Most small copies exhibit a 100% improvement, a few copies only
improve by 20%.
- Copies >= 1024, about 150% improvement.
- Unaligned copies, about 100% improvement.
krait
- Most small copies vary widely, but on average 20% improvement, then
the performance gets better, hitting about a 100% improvement when
copies 64 bytes of data.
- Copies >= 1024, about 100% improvement.
- When coping MBs of data, about 50% improvement.
- Unaligned copies, about 90% improvement.
As strcat destination strings get larger in size:
cortex-a9
- about 40% improvement for small dst strings (>= 32).
- about 250% improvement for dst strings >= 1024.
cortex-a15
- about 200% improvement for small dst strings (>=32).
- about 250% improvement for dst strings >= 1024.
krait
- about 25% improvement for small dst strings (>=32).
- about 100% improvement for dst strings >=1024.
Change-Id: Ifd091ebdbce70fe35a7c5d8f71d5914255f3af35
Patch is required in NDK headers as well to be able to build multilib
GCC with libgomp support.
It's here: https://android-review.googlesource.com/#/c/62982
Change-Id: I2bec25d8cbca0e5ef1a0857008ececd92f4911be
Signed-off-by: Pavel Chupin <pavel.v.chupin@intel.com>
A refactor caused us to not tell the resolver about search domains
until after it had done the domain fanout.
bug:6799630
Change-Id: Ibabd8fa5bcc69b1490fc5e329e62eb0f2d1a5e63
Also make sysconf use PTHREAD_STACK_MIN rather than redefining its
own, different, constant.
Bug: 9997352
Change-Id: I9a8e7d2b18e691439abfb45533e82c36eee9e81d
This is needed when passing -mcpu=cortex-a9 or higher on a modern
toolchain for prebuilt library compatibility
Change-Id: I73eb2393377914ae26216a8c2828ad973d1c1225
off_t is signed to support seeking backwards, but that's a liability
when using off_t to represent a subset of a file.
Change-Id: I2a3615166eb16212347eb47f1242e3bfb93c2022
Restoring DEFAULT_MMAP_THRESHOLD to 64k, the way it was before
999089181e.
This forces allocations in the 64k-256k range to be mmaped.
Change-Id: Iace55ed638edd272b3e94fa6cd2ddd349042be84
Signed-off-by: Rom Lemarchand <romlem@google.com>
Global hidden variable __dso_handle is now declared in:
bionic/libc/private/__dso_handle.h
Change-Id: I8e951a8d7c65877bafc1be23a7fff6d44d3a2846
Signed-off-by: Pete Delaney <piet.delaney@imgtec.com>
Signed-off-by: Chao-Ying Fu <chao-ying.fu@imgtec.com>
Yet another archaic relic containing bugs that had been fixed years before the
Android project even started...
Bug: 9935113
Change-Id: I3c9d019a216efd609ee568cf8c70bc360f357403
This updates the MIPS arch to be much more in
sync with the commit Nick Kralevich made last
June; see 9d40326830.
Rewrite
crtbegin.S -> crtbegin.c
crtbegin_so.S -> crtbegin_so.c
__dso_handle.S -> __dso_handle.c
__dso_handle_so.S -> __dso_handle_so.c
atexit.S -> atexit.c
Previously __do_global_dtors_aux was in the tasks
__FINI_ARRAY__ linked with crtbegin.S and it now being
removed as there is no need to call a destructor just
before terminating a process.
Shared libraries, on the other hand, are linked with
crtbegin_so.c and have a hidden destructor declared
to allow the bionic linker to call __on_dlclose().
Change-Id: Ieb4da5199b54573de05743990e309db381a11cb8
Signed-off-by: Pete Delaney <piet.delaney@imgtec.com>
Signed-off-by: Chao-Ying Fu <chao-ying.fu@imgtec.com>
Signed-off-by: Chris Dearman <chris.dearman@imgtec.com>
This reverts commits eb1b07469f and
d14dc3b87f, and fixes the bug where
we were calling mmap (which might cause errno to be set) before
__set_tls (which is required to implement errno).
Bug: 8557703
Change-Id: I2c36d00240c56e156e1bb430d8c22a73a068b70c
Tested using a static version of the strlen libc_test program
on a nexus7 that uses the generic code.
Merge from internal master.
(cherry-picked from d8d10a8994)
Change-Id: I88f7dc01dc5b5c3ac2d5580d92153bc1bc36c564
This optimized version is primarily targeted at cortex-a15.
Tested on all nexus devices using the system/extras/libc_test strlen test.
Tested alignments from 1 to 32 that are powers of 2.
Tested that strlen does not cross page boundaries at all alignments.
Speed improvements listed below:
cortex-a15
- Sizes >= 32 bytes, ~75% improvement.
- Sizes >= 1024 bytes, ~250% improvement.
cortex-a9
- Sizes >= 32 bytes, ~75% improvement.
- Sizes >= 1024 bytes, ~85% improvement.
krait
- Sizes >= 32 bytes, ~95% improvement.
- Sizes >= 1024 bytes, ~160% improvement.
Merge from internal master.
(cherry-picked from 2fc0717977)
Change-Id: I1ceceb4e745fd68e9d946f96d1d42e0cdaff6ccf
We notify debuggerd of problems by installing signal handlers. That's
fine except for when the signal is caused by us running off the end of
a thread's stack and into the guard page.
Bug: 8557703
Change-Id: I1ef65b4bb3bbca7e9a9743056177094921e60ed3
We cleaned up the auto-generated ones a while back to not touch
the stack unnecessarily if they have <= 4 arguments. This patch
cleans up some hand-crafted ones.
Also improve comments in clone.S.
Change-Id: I8850bf98f2b26829385315304472a760e6880ed8
pthread_getattr_np was reporting the values supplied to us, not the values we
actually used, which is kinda the whole point of pthread_getattr_np.
pthread_attr_setguardsize and pthread_attr_setstacksize were reporting EINVAL
for any size that wasn't a multiple of the system page size. This is
unnecessary. We can just round like POSIX suggests and glibc already does.
Also improve the error reporting for pthread_create failures.
Change-Id: I7ebc518628a8a1161ec72e111def911d500bba71
Tested using a static version of the strlen libc_test program
on a nexus7 that uses the generic code.
Change-Id: If04d15dcb6c0b18f27f2fefadca5510ed49016c5
Well, kinda... localtime.c still contains a bunch of Android-specific
hacks, as does strftime.c. But the other files are now exactly the same
as upstream.
This catches up with several years of bug fixes, and fixes most of the
compiler warnings that were in this code. (Just two remain.)
Bug: 1744909
Change-Id: I2ddfecb6fd408c847397c17afb0fff859e27feef
Adds an extra mark parameter to android_getaddrinfoforiface,
android_gethostbyaddrforiface and android_gethostbynameforiface that if set
will cause all packets sent by DNS requests to have that mark
Change-Id: I6f72390e4ce5bfc3cc73183f9b2fb3705a11685f
glibc doesn't have these, and they prevent ping from building out of
the box because it assumes it can define them.
Bug: 9671560
Change-Id: I815f2a9c4fd96a0ea2952eb5a71ddf51e0763660
From the release notes:
Changes affecting future time stamps:
Morocco's midsummer transitions this year are July 7 and August 10,
not July 9 and August 8. (Thanks to Andrew Paprocki.)
Israel now falls back on the last Sunday of October.
(Thanks to Ephraim Silverberg.)
Changes affecting past time stamps:
Specify Jerusalem's location more precisely; this changes the pre-1880
times by 2 s.
Changing affecting metadata only:
Fix typos in the entries for country codes BQ and SX.
Change-Id: I87f992e4c406d4f254dc274f206536e9484024a2
Linux and *BSD kernels use opposite values to indicate pass/block
in ICMPv6 filters, and assign a different value to the
ICMP6_FILTER sockopt.
Bug: 9671560
Bug: 9469682
Change-Id: Ic0f1fcd48891add992acf97632f60aebd172c1d7
On NetBSD and glibc, including sys/ioctl.h provides some
terminal ioctl data structures such as struct winsize. For
compatibility, provide these via sys/ioctl.h in bionic as well.
bionic does not have its own definitions for these structures, so
get them from the Linux kernel definitions.
Change-Id: I01345c23c0bebd60b0a80fc33668e7c0ad7356c3
This picks up the source kernel header change
I984154487c38f6fa827bd78234f7fc2e4e1c383f .
Bug: 9469682
Change-Id: I3b57517cc6442ba4d0b8003d7398617e8226233f
This memcpy code uses NEON/VFP to achieve very good performance
on ARMv7-A processors. It is specifically tuned for A15 but should
provide good performance on A9 also. It is equivalent to the code
in cortex-strings rev 116.
This patch is a follow up the existing gerrit change:
I7f6f77995f3ca903ad9c66d14261441667a2a935
This version includes a tweak for performance on misaligned
buffers and splits the header comment into license and
documentation sections.
Change-Id: Ibd2e23c8d8e01357ba0247be1d05192de3ceba69
Signed-off-by: Will Newton <will.newton@linaro.org>
This is needed to compile open-source code that wants to
expand/compress domain names itself, such as ping6.
Bug: 9469682
Change-Id: I339c6538936d05c031bc6fb0a8793aaf1429dea4
Our intptr_t and uintptr_t aren't "long". Add a compilation test so we remember
to fix this to cope with 32- and 64-bit later.
Bug: http://code.google.com/p/android/issues/detail?id=57218
Change-Id: I2f816d339edb4f7d57e4418b818fb4c602093f38
Fix improper check of return value from __mmap2. On a failed
mmap(), it returns MAP_FAILED, not 0. This ended up clobbering errno
when madvise subsequently failed.
Change-Id: I364fb2f158fe258c55a73e552195384b2c11c193
This memcpy code uses NEON/VFP to achieve very good performance
on ARMv7-A processors. It is specifically tuned for A15 but should
provide good performance on A9 also. It is equivalent to the code
in cortex-strings rev 116.
This patch is a follow up the existing gerrit change:
I7f6f77995f3ca903ad9c66d14261441667a2a935
But this version includes a tweak for performance on misaligned
buffers.
Change-Id: I285abac0068f8ae29a1cbf7862ea8590aadaf0a7
Signed-off-by: Will Newton <will.newton@linaro.org>
This was gated off of "#ifndef ADNROID_CHANGES" (note mispelling)
and is unconditionally defined in libc/include/resolv.h
(which this file includes). No need for duplicate definitions.
Change-Id: I00719bcf39eaa26eb96ab4274f171f3d2b5bae61
Enable FORTIFY_SOURCE protections under clang for the following
functions:
* vsprintf
* vsnprintf
and add unittests.
Change-Id: I90f8a27f7b202c78b5dd8ebf53050bf9e33496f7
* commit 'fbec57d46c42460b2381484d1610ff21922d162e':
bionic: add compatibility mode for properties
bionic: use the size of the file to determine property area size
Allow a new bionic to work with an old init property area by supporting
the old format.
(cherry picked from commit ad76c85b9c)
Change-Id: Ib496e818a62a5834d40c71eb4745783d998be893
On the reader size, don't assume that the property size is PA_SIZE,
read it from the size of the file. Allows init to use a different
property size without recompiling statically linked executables.
(cherry picked from commit 285b42a04c)
Change-Id: I074204e9e6591b35faf7c1c58fb11ec162aff7bf
After download new version from upstream (OpenBSD 1.17) did the
following:
* changed all u_int* types to uint*
* add #include <sys/types.h>
All these changes are Android-specific and had been done before for
previous version (1.14).
Bug: http://code.google.com/p/android/issues/detail?id=54465
Change-Id: Ieb44e7fce4e794d997bb00ee0dd417fb61521720
Signed-off-by: Pavel Chupin <pavel.v.chupin@intel.com>
On the reader size, don't assume that the property size is PA_SIZE,
read it from the size of the file. Allows init to use a different
property size without recompiling statically linked executables.
Change-Id: I87fb0bf40c4724e3759a583fd9ea1f49492bc958
Names are immutable, so the fixed-sized arrays can be replaced with
variable-length ones to save memory (especially on internal tree nodes).
Change-Id: Iddf7856fba579b97f355e9ad4b3663a78767b96d
Signed-off-by: Greg Hackmann <ghackmann@google.com>
If a root process other than init calls __system_property_add, which
it should never do, it will break the design assumption that there is
only one mutator.
Pass O_EXCL to open() in map_prop_region_rw to ensure that only one
process ever has the property pages open for write.
Change-Id: I8233bfe0beaa40a5003ad53b98c661536b15f6b7
d329697 is too complicated. Change the multiple property pages back to
a single 128K property area that's mapped in entirely at initialization
(the memory will not get allocated until the pages are touched).
d329697 has other changes useful for testing (moving property area
initialization inside bionic and adding __system_property_set_filename)
so undo the change manually rather than with git revert.
Change-Id: Icd137669a4f8bc248e9dd2c1e8cc54e9193c9a6d
Signed-off-by: Greg Hackmann <ghackmann@google.com>
See the comments for an explanation of how properties are stored.
The trie structure is designed to scale better than the previous
array-based implementation. Searching an array with n properties
required average O(n) string compares of the entire key; searching the
trie requires average O(log n) string compares of each token (substrings
between '.' characters).
Change-Id: Ic28b3c5246004a3c502eb02d6e1c9b512884d872
Signed-off-by: Greg Hackmann <ghackmann@google.com>
Kernel provides virtual DSO for stack unwinding/exception handlind info for
signal usage case. Stack unwinding routines use 'dl_iterate_phdr' function
for additional DWARF info gathering from DSOs. Patch enables virtual DSO
enumeration via dl_iterate_phdr function.
Signed-off-by: Sergey Melnikov <sergey.melnikov@intel.com>
Change-Id: Ic2882b28f40b456a088bc1e63c50cbfda7e4a102
Fixes apps compiled statically against new libc but running with old
init
Bug: 9558625
Change-Id: I79e6f02575d278d4c7d8e8546d772ed0529bcaab
Signed-off-by: Greg Hackmann <ghackmann@google.com>
* commit '1642edb5208fe02ef64d5734fffaf7c4a724fd2f':
bionic: store property names as variable-length strings
bionic: prevent root processes from calling __system_property_add
bionic: revert to a single (larger) property area
bionic: reimplement property area as hybrid trie/binary tree
bionic: add missing memory barriers to system properties
bionic: make property area expandable
Names are immutable, so the fixed-sized arrays can be replaced with
variable-length ones to save memory (especially on internal tree nodes).
Signed-off-by: Greg Hackmann <ghackmann@google.com>
(cherry picked from commit 492ce95d9f)
Change-Id: Ib074192d1b71150233d78c58e9ffcf7ecf688b6b
If a root process other than init calls __system_property_add, which
it should never do, it will break the design assumption that there is
only one mutator.
Pass O_EXCL to open() in map_prop_region_rw to ensure that only one
process ever has the property pages open for write.
(cherry picked from commit fb9b7b436f)
Change-Id: I6df3afedbfb5d07891b095aa24b78278381a5aaf
d329697 is too complicated. Change the multiple property pages back to
a single 128K property area that's mapped in entirely at initialization
(the memory will not get allocated until the pages are touched).
d329697 has other changes useful for testing (moving property area
initialization inside bionic and adding __system_property_set_filename)
so undo the change manually rather than with git revert.
Signed-off-by: Greg Hackmann <ghackmann@google.com>
(cherry picked from commit 5f05348c18)
Change-Id: I690704552afc07a4dd410277893ca9c40bc13e5f
See the comments for an explanation of how properties are stored.
The trie structure is designed to scale better than the previous
array-based implementation. Searching an array with n properties
required average O(n) string compares of the entire key; searching the
trie requires average O(log n) string compares of each token (substrings
between '.' characters).
Signed-off-by: Greg Hackmann <ghackmann@google.com>
(cherry picked from commit 6ac8e6a46d)
Change-Id: Icbe31908572f33b4d9b85d5b62ac837cbd0f85e0
1) Reading the value must finish before checking whether it's intact
2) Setting the serial's dirty bit must visible before modifying the
value
3) The modified value must be visible before clearing the serial's dirty
bit
4) New properties and their TOC entries must be visible before updating
the property count
Signed-off-by: Greg Hackmann <ghackmann@google.com>
(cherry picked from commit 5bfa3ee8b3)
Change-Id: Id3fa45261fc2df2ae493ab5194bc2b6bff04e966
The property area is initially one 4K region, automatically expanding as
needed up to 64 regions.
To avoid duplicating code, __system_property_area_init() now allocates
and initializes the first region (previously it was allocated in init's
init_property_area() and initialized in bionic). For testing purposes,
__system_property_set_filename() may be used to override the file used
to map in regions.
Signed-off-by: Greg Hackmann <ghackmann@google.com>
(cherry picked from commit d32969701b)
Change-Id: I038d451fe8849b0c4863663eec6f57f6521bf4a7
Names are immutable, so the fixed-sized arrays can be replaced with
variable-length ones to save memory (especially on internal tree nodes).
Change-Id: Iee77874b4b55b0f9c5e531d1334be7f7f40086d2
Signed-off-by: Greg Hackmann <ghackmann@google.com>
If a root process other than init calls __system_property_add, which
it should never do, it will break the design assumption that there is
only one mutator.
Pass O_EXCL to open() in map_prop_region_rw to ensure that only one
process ever has the property pages open for write.
Change-Id: I6b7c118e5e2fd2b92a2b168b8454fe9707325462
d329697 is too complicated. Change the multiple property pages back to
a single 128K property area that's mapped in entirely at initialization
(the memory will not get allocated until the pages are touched).
d329697 has other changes useful for testing (moving property area
initialization inside bionic and adding __system_property_set_filename)
so undo the change manually rather than with git revert.
Change-Id: I0ecb27843404f93af5489f15bfe657d65175e4f0
Signed-off-by: Greg Hackmann <ghackmann@google.com>
See the comments for an explanation of how properties are stored.
The trie structure is designed to scale better than the previous
array-based implementation. Searching an array with n properties
required average O(n) string compares of the entire key; searching the
trie requires average O(log n) string compares of each token (substrings
between '.' characters).
Change-Id: I491305bc7aca59609abcd871a5f33d97f89ce714
Signed-off-by: Greg Hackmann <ghackmann@google.com>
Avoid keeping unnecessary file descriptors around when they're not
needed. Libc doesn't log so much that opening / closing overhead
matters.
Change-Id: I590ec5c27562db9bac025f781c48ec9a7724ce77
1) Reading the value must finish before checking whether it's intact
2) Setting the serial's dirty bit must visible before modifying the
value
3) The modified value must be visible before clearing the serial's dirty
bit
4) New properties and their TOC entries must be visible before updating
the property count
Change-Id: I26c680ec025fdb72362d5f618ec0d2b93d381233
Signed-off-by: Greg Hackmann <ghackmann@google.com>
The property area is initially one 4K region, automatically expanding as
needed up to 64 regions.
To avoid duplicating code, __system_property_area_init() now allocates
and initializes the first region (previously it was allocated in init's
init_property_area() and initialized in bionic). For testing purposes,
__system_property_set_filename() may be used to override the file used
to map in regions.
Change-Id: Ibe00ef52464bfa590953c4699a6d98383b0142b1
Signed-off-by: Greg Hackmann <ghackmann@google.com>
find_nth() will be inefficient on a trie. Since find_nth() is only used
internally and only for enumerating properties, we can add a foreach()
function to do this directly.
Signed-off-by: Greg Hackmann <ghackmann@google.com>
(cherry picked from commit 577418403d)
Change-Id: Iaca97d1182ce2c28863ba85241cbb5cf6185eb2f
find_nth() will be inefficient on a trie. Since find_nth() is only used
internally and only for enumerating properties, we can add a foreach()
function to do this directly.
Change-Id: I66bde9926c193073d74b244cce9fffd52108fff8
Signed-off-by: Greg Hackmann <ghackmann@google.com>
In 829c089f83, we disabled all
FORTIFY_SOURCE support when compiling under clang. At the time,
we didn't have proper test cases, and couldn't easily create targeted
clang tests.
This change re-enables FORTIFY_SOURCE support under clang for a
limited set of functions, where we have explicit unittests available.
The functions are:
* memcpy
* memmove
* strcpy
* strncpy
* strcat
* strncat
* memset
* strlen (with modifications)
* strchr (with modifications)
* strrchr (with modifications)
It may be possible, in the future, to enable other functions. However,
I need to write unittests first.
For strlen, strchr, and strrchr, clang unconditionally calls the
fortified version of the relevant function. If it doesn't know the
size of the buffer it's dealing with, it passes in ((size_t) -1),
which is the largest possible size_t.
I added two new clang specific unittest files, primarily copied
from fortify?_test.cpp.
I've also rebuild the entire system with these changes, and didn't
observe any obvious problems.
Change-Id: If12a15089bb0ffe93824b485290d05b14355fcaa
Define __errordecl and replace __attribute__((__error__("foo")))
with __errordecl. Make sure __errordecl is a no-op on clang, as it
generates a compile time warning.
Change-Id: Ifa1a2d3afd6881de9d479fc2adac6737871a2949
Move the implementation of writing to the system property area
from init to bionic, next to the reader implementation. This
will allow full property testing to be added to bionic tests.
Add new accessor and waiting functions to hide the implementation
from watchprops and various bionic users.
Also hide some of the implementation details of the property area
from init by moving them into _system_properties.h, and other details
from everybody by moving them into system_properties.h.
(cherry picked from commit dc1038b790)
Change-Id: I192d3825ee276c5047bc751039fe6cfe226a7cca
Move the implementation of writing to the system property area
from init to bionic, next to the reader implementation. This
will allow full property testing to be added to bionic tests.
Add new accessor and waiting functions to hide the implementation
from watchprops and various bionic users.
Also hide some of the implementation details of the property area
from init by moving them into _system_properties.h, and other details
from everybody by moving them into system_properties.h.
Change-Id: I9026e604109e30546b2849b60cab2e7e5ff00ba5
We were missing SIG_ATOMIC_MAX, SIG_ATOMIC_MIN, SIZE_MAX,
WCHAR_MAX, WCHAR_MIN, WINT_MAX, and WINT_MIN.
Change-Id: I2535f36bc220fbaea009b483599b7af811c4cb5c
Removed 'join_count' from pthread_internal_t and switched to using the flag
PTHREAD_ATTR_FLAG_JOINED to indicate if a thread is being joined. Combined with
a switch to a while loop in pthread_join, this fixes spurious wake-ups but
prevents a thread from being joined multiple times. This is fine for
two reasons:
1) The pthread_join specification allows for undefined behavior when multiple
threads try to join a single thread.
2) There is no thread safe way to allow multiple threads to join a single
thread with the pthread interface. The second thread calling pthread_join
could be pre-empted until the thread is destroyed and its handle reused for
a different thread. Therefore multi-join is always an error.
Bug: https://code.google.com/p/android/issues/detail?id=52255
Change-Id: I8b6784d47620ffdcdbfb14524e7402e21d46c5f7
This reverts commit d8627af159 which caused build breakage:
In file included from bionic/libc/include/limits.h:86:0,
from bionic/libc/include/stdint.h:33,
from bionic/libc/arch-arm/bionic/crtbegin.c:31:
bionic/libc/include/sys/limits.h:30:26: fatal error: linux/limits.h: No such file or directory
compilation terminated.
make: *** [out/target/product/generic/obj/lib/crtbegin_dynamic1.o] Error 1
Change-Id: I128095ecb99df92626e1f57e34c61e08c98a4078
* A dlmalloc usage error shouldn't call abort(3) because we want to
cause a SIGSEGV by writing the address dlmalloc didn't like to an
address the kernel won't like, so that debuggerd will dump the
memory around the address that upset dlmalloc.
* Switch to the simpler FreeBSD/NetBSD style of registering stdio
cleanup. Hopefully this will let us simplify more of the stdio
implementation.
* Clear the stdio cleanup handler before we abort because of a dlmalloc
corruption error. This fixes the reported bug, where we'd hang inside
dlmalloc because the stdio cleanup reentered dlmalloc.
Bug: 9301265
Change-Id: Ief31b389455d6876e5a68f0f5429567d37277dbc
- Implemented chk_memalign.
- Fixed a few bugs in leak_memalign.
- Implemented {leak,fill,check,qemu}_malloc_usable_size.
- Make malloc_usable_size update at run time.
- Add malloc_test.cpp as a small set of tests for the
malloc debug routines.
- Fix the qemu routines since it's been broken since it moved to C++.
- Add support for the %u format to the out_vformat in libc_logging.cpp.
This is used by the emulator code.
Tested using the bionic-unit-tests with setprop libc.debug.malloc
set to 1, 5, and 10.
I tested as much as possible on the emulator, but tracing doesn't appear
to be working properly.
Bug: 6143477
Merge change from internal master.
(cherry-picked from commit 3d594c2580)
Change-Id: I4ae00fffba82315a8c283f35893fd554460722fb
- Implemented chk_memalign.
- Fixed a few bugs in leak_memalign.
- Implemented {leak,fill,check,qemu}_malloc_usable_size.
- Make malloc_usable_size update at run time.
- Add malloc_test.cpp as a small set of tests for the
malloc debug routines.
- Fix the qemu routines since it's been broken since it moved to C++.
- Add support for the %u format to the out_vformat in libc_logging.cpp.
This is used by the emulator code.
Tested using the bionic-unit-tests with setprop libc.debug.malloc
set to 1, 5, and 10.
I tested as much as possible on the emulator, but tracing doesn't appear
to be working properly.
Bug: 6143477
Change-Id: Ieba99b58c2228c88d80afd264501004a4dadd212
Add methods to attach/detach UID ranges to a specific dns cache/interface.
This mirrors the already existing code for attaching specific processes to
specific interfaces but will be used to push all processes from a given
user to a specific cache/interface.
Change-Id: Ic24391e92d3ca46fcb46cc4fc53e13984dec40b3
sigismember, sigaddset, and sigdelset had mixed code and declarations
which are not allowed in C90 and before.
Change-Id: I662af944fc1489e34bed228ce592e41f50d00e17
Signed-off-by: Erik Gilling <konkers@android.com>
__strcat_chk and __strncat_chk are slightly inefficient,
because they end up traversing over the same memory region
two times.
This change optimizes __strcat_chk / __strncat_chk so they
only access the memory once. Although I haven't benchmarked these
changes, it should improve the performance of these functions.
__strlen_chk - expose this function, even if -D_FORTIFY_SOURCE
isn't defined. This is needed to compile libc itself without
-D_FORTIFY_SOURCE.
Change-Id: Id2c70dff55a276b47c59db27a03734d659f84b74
The function should take a 'const void*' parameter, instead of 'void*'.
Note that the implementation in upstream-dlmalloc/malloc.c already does
this.
For context, see http://b.android.com/55725
Change-Id: Iefd55cdb8996699189e0545f9195972490306227
Fix license clause numbering.
Convert libc/stdio from K&R to ANSI C.
And add '__restrict' where it appeared in the header prototypes.
Change-Id: I5fdb22f79d3effa2298d03f9aa8412b4b087da04
Upstream: http://svnweb.freebsd.org/base?view=revision&revision=249810
Add CLOCK_MONOTONIC_RAW, CLOCK_REALTIME_COARSE, and CLOCK_MONOTONIC_COARSE
as supported by recent linux kernels.
(cherry-pick of 60e5144ca312b210b54ac8e6966108da0c97ff80.)
Bug: 8895727
Change-Id: If79a4d05d1301108f49a37588f9416c4be19277a
Add CLOCK_MONOTONIC_RAW, CLOCK_REALTIME_COARSE, and CLOCK_MONOTONIC_COARSE
as supported by recent linux kernels.
Bug: 8895727
Change-Id: I3d415a2edbcf2928dd855e876337bf2239ac134a