401 lines
		
	
	
		
			16 KiB
		
	
	
	
		
			Plaintext
		
	
	
	
	
	
			
		
		
	
	
			401 lines
		
	
	
		
			16 KiB
		
	
	
	
		
			Plaintext
		
	
	
	
	
	
| Bionic C Library Overview:
 | |
| ==========================
 | |
| 
 | |
| Introduction:
 | |
| 
 | |
| Core Philosophy:
 | |
| 
 | |
|   The core idea behind Bionic's design is: KEEP IT REALLY SIMPLE.
 | |
| 
 | |
|   This implies that the C library should only provide lightweight wrappers
 | |
|   around kernel facilities and not try to be too smart to deal with edge cases.
 | |
| 
 | |
|   The name "Bionic" comes from the fact that it is part-BSD and part-Linux:
 | |
|   its source code consists in a mix of BSD C library pieces with custom
 | |
|   Linux-specific bits used to deal with threads, processes, signals and a few
 | |
|   others things.
 | |
| 
 | |
|   All original BSD pieces carry the BSD copyright disclaimer. Bionic-specific 
 | |
|   bits carry the Android Open Source Project copyright disclaimer. And
 | |
|   everything is released under the BSD license.
 | |
| 
 | |
| Architectures:
 | |
| 
 | |
|   Bionic currently supports the ARM and x86 instruction sets. In theory, it
 | |
|   should be possible to support more, but this may require a little work (e.g.
 | |
|   adding system call IDs to SYSCALLS.TXT, described below, or modifying the
 | |
|   dynamic linker).
 | |
| 
 | |
|   The ARM-specific code is under arch-arm/ and the x86-specific one is under
 | |
|   arch-x86/
 | |
| 
 | |
|   Note that the x86 version is only meant to run on an x86 Android device. We
 | |
|   make absolutely no claim that you could build and use Bionic on a stock x86
 | |
|   Linux distribution (though that would be cool, so patches are welcomed :-))
 | |
| 
 | |
| Syscall stubs:
 | |
| 
 | |
|   Each system call function is implemented by a tiny assembler source fragment
 | |
|   (called a "syscall stub"), which is generated automatically by
 | |
|   tools/gensyscalls.py which reads the SYSCALLS.TXT file for input.
 | |
| 
 | |
|   SYSCALLS.TXT contains the list of all syscall stubs to generate, along with
 | |
|   the corresponding syscall numeric identifier (which may differ between ARM
 | |
|   and x86), and its signature
 | |
| 
 | |
|   If you modify this file, you may want to use tools/checksyscalls.py which
 | |
|   checks its content against official Linux kernel header files, and will
 | |
|   report errors when invalid syscall ids are used.
 | |
| 
 | |
|   Sometimes, the C library function is really a wrapper that calls the
 | |
|   corresponding syscall with another name. For example, the exit() function
 | |
|   is provided by the C library and calls the _exit() syscall stub.
 | |
| 
 | |
|   See SYSCALLS.TXT for documentation and details.
 | |
| 
 | |
| 
 | |
| time_t:
 | |
| 
 | |
|   time_t is 32-bit as defined by the kernel on 32-bit CPUs. A 64-bit version
 | |
|   would be preferrable to avoid the Y2038 bug, but the kernel maintainers
 | |
|   consider that this is not needed at the moment.
 | |
| 
 | |
|   Instead, Bionic provides a <time64.h> header that defines a time64_t type,
 | |
|   and related functions like mktime64(), localtime64(), etc...
 | |
| 
 | |
|   strftime() uses time64_t internally, so the '%s' format (seconds since the
 | |
|   epoch) is supported for dates >= 2038.
 | |
| 
 | |
| 
 | |
| strftime_tz():
 | |
| 
 | |
|   Bionic also provides the non-standard strftime_tz() function, a variant
 | |
|   of strftime() which also accepts a time locale descriptor as defined
 | |
|   by "struct strftime_locale" in <time.h>.
 | |
| 
 | |
|   This function is used by the low-level framework code in Android.
 | |
| 
 | |
| 
 | |
| Timezone management:
 | |
| 
 | |
|   The name of the current timezone is taken from the TZ environment variable,
 | |
|   if defined. Otherwise, the system property named 'persist.sys.timezone' is
 | |
|   checked instead.
 | |
| 
 | |
|   The zoneinfo timezone database and index files are located under directory
 | |
|   /system/usr/share/zoneinfo, instead of the more Posix-compliant path of
 | |
|   /usr/share/zoneinfo
 | |
| 
 | |
| 
 | |
| off_t:
 | |
| 
 | |
|   For similar reasons, off_t is 32-bit. We define loff_t as the 64-bit variant
 | |
|   due to BSD inheritance, but off64_t should be available as a typedef to ease
 | |
|   porting of current Linux-specific code.
 | |
| 
 | |
| 
 | |
| Linux kernel headers:
 | |
| 
 | |
|   Bionic comes with its own set of "clean" Linux kernel headers to allow
 | |
|   user-space code to use kernel-specific declarations (e.g. IOCTLs, structure
 | |
|   declarations, constants, etc...). They are located in:
 | |
| 
 | |
|      ./kernel/common,
 | |
|      ./kernel/arch-arm
 | |
|      ./kernel/arch-x86
 | |
| 
 | |
|   These headers have been generated by a tool (kernel/tools/update-all.py) to
 | |
|   only include the public definitions from the original Linux kernel headers.
 | |
| 
 | |
|   If you want to know why and how this is done, read kernel/README.TXT to get
 | |
|   all the (gory) details.
 | |
| 
 | |
| 
 | |
| PThread implementation:
 | |
| 
 | |
|    Bionic's C library comes with its own pthread implementation bundled in.
 | |
|    This is different from other historical C libraries which:
 | |
| 
 | |
|     - place it in an external library (-lpthread)
 | |
|     - play linker tricks with weak symbols at dynamic link time
 | |
| 
 | |
|    The support for real-time features (a.k.a. -lrt) is also bundled in the
 | |
|    C library.
 | |
| 
 | |
|    The implementation is based on futexes and strives to provide *very* short
 | |
|    code paths for common operations. Notable features are the following:
 | |
| 
 | |
|       - pthread_mutex_t, pthread_cond_t are only 4 bytes each.
 | |
| 
 | |
|       - Normal, recursive and error-check mutexes are supported, and the code
 | |
|         path is heavily optimized for the normal case, which is used most of
 | |
|         the time.
 | |
| 
 | |
|       - Process-shared mutexes and condition variables are not supported.
 | |
|         Their implementation requires far more complexity and was absolutely
 | |
|         not needed for Android (which uses other inter-process synchronization
 | |
|         capabilities).
 | |
| 
 | |
|         Note that they could be added in the future without breaking the ABI
 | |
|         by specifying more sophisticated code paths (which may make the common
 | |
|         paths slightly slower though).
 | |
| 
 | |
|       - There is currently no support for read/write locks, priority-ceiling in
 | |
|         mutexes and other more advanced features. Again, the main idea being
 | |
|         that this was not needed for Android at all but could be added in the
 | |
|         future.
 | |
| 
 | |
| pthread_cancel():
 | |
| 
 | |
|    pthread_cancel() will *not* be supported in Bionic, because doing this would
 | |
|    involve making the C library significantly bigger for very little benefit.
 | |
| 
 | |
|    Consider that:
 | |
| 
 | |
|      - A proper implementation must insert pthread cancellation checks in a lot
 | |
|        of different places of the C library. And conformance is very difficult
 | |
|        to test properly.
 | |
| 
 | |
|      - A proper implementation must also clean up resources, like releasing
 | |
|        memory, or unlocking mutexes, properly if the cancellation happens in a
 | |
|        complex function (e.g. inside gethostbyname() or fprintf() + complex
 | |
|        formatting rules). This tends to slow down the path of many functions.
 | |
| 
 | |
|      - pthread cancellation cannot stop all threads: e.g. it can't do anything
 | |
|        against an infinite loop
 | |
| 
 | |
|      - pthread cancellation itself has short-comings and isn't very portable
 | |
|        (see http://advogato.org/person/slamb/diary.html?start=49 for example).
 | |
| 
 | |
|    All of this is contrary to the Bionic design goals. If your code depends on
 | |
|    thread cancellation, please consider alternatives.
 | |
| 
 | |
|    Note however that Bionic does implement pthread_cleanup_push() and
 | |
|    pthread_cleanup_pop(), which can be used to handle cleanups that happen when
 | |
|    a thread voluntarily exits through pthread_exit() or returning from its
 | |
|    main function.
 | |
| 
 | |
| 
 | |
| pthread_once():
 | |
| 
 | |
|   Do not call fork() within a callback provided to pthread_once(). Doing this
 | |
|   may result in a deadlock in the child process the next time it calls
 | |
|   pthread_once().
 | |
| 
 | |
|   Also, you can't throw a C++ Exception from the callback (see C++ Exception
 | |
|   Support below).
 | |
| 
 | |
|   The current implementation of pthread_once() lacks the necessary support of
 | |
|   multi-core-safe double-checked-locking (read and write barriers).
 | |
| 
 | |
| 
 | |
| Thread-specific data
 | |
| 
 | |
|   The thread-specific storage only provides for a bit less than 64
 | |
|   pthread_key_t objects to each process. The implementation provides 64 real
 | |
|   slots but also uses about 5 of them (exact number may depend on
 | |
|   implementation) for its own use (e.g. two slots are pre-allocated by the C
 | |
|   library to speed-up the Android OpenGL sub-system).
 | |
| 
 | |
|   Note that Posix mandates a minimum of 128 slots, but we do not claim to be
 | |
|   Posix-compliant.
 | |
| 
 | |
|   Except for the main thread, the TLS area is stored at the top of the stack.
 | |
|   See comments in bionic/libc/bionic/pthread.c for details.
 | |
| 
 | |
|   At the moment, thread-local storage defined through the __thread compiler
 | |
|   keyword is not supported by the Bionic C library and dynamic linker.
 | |
| 
 | |
| 
 | |
| Multi-core support
 | |
| 
 | |
|   At the moment, Bionic does not provide or use read/write memory barriers.
 | |
|   This means that using it on certain multi-core systems might not be
 | |
|   supported, depending on its exact CPU architecture.
 | |
| 
 | |
| 
 | |
| Android-specific features:
 | |
| 
 | |
|   Bionic provides a small number of Android-specific features to its clients:
 | |
| 
 | |
|   - access to system properties:
 | |
| 
 | |
|        Android provides a simple shared value/key space to all processes on the
 | |
|        system. It stores a liberal number of 'properties', each of them being a
 | |
|        simple size-limited string that can be associated to a size-limited
 | |
|        string value.
 | |
| 
 | |
|        The header <sys/system_properties.h> can be used to read system
 | |
|        properties and also defines the maximum size of keys and values.
 | |
| 
 | |
|    - Android-specific user/group management:
 | |
| 
 | |
|        There is no /etc/passwd or /etc/groups in Android. By design, it is
 | |
|        meant to be used by a single handset user. On the other hand, Android
 | |
|        uses the Linux user/group management features extensively to secure
 | |
|        process permissions, like access to various filesystem directories.
 | |
| 
 | |
|        In the Android scheme, each installed application gets its own
 | |
|        uid_t/gid_t starting from 10000; lower numerical ids are reserved for
 | |
|        system daemons.
 | |
| 
 | |
|        getpwnam() recognizes some hard-coded subsystems names (e.g. "radio")
 | |
|        and will translate them to their low-user-id values. It also recognizes
 | |
|        "app_1234" as the synthetic name of the application that was installed
 | |
|        with uid 10000 + 1234, which is 11234. getgrnam() works similarly
 | |
| 
 | |
|        getgrouplist() will always return a single group for any user name,
 | |
|        which is the one passed as an input parameter.
 | |
| 
 | |
|        getgrgid() will similarly only return a structure that contains a
 | |
|        single-element members list, corresponding to the user with the same
 | |
|        numerical value than the group.
 | |
| 
 | |
|        See bionic/libc/bionic/stubs.c for more details.
 | |
| 
 | |
|     - getservent()
 | |
| 
 | |
|        There is no /etc/services on Android. Instead the C library embeds a
 | |
|        constant list of services in its executable, which is parsed on demand
 | |
|        by the various functions that depend on it. See
 | |
|        bionic/libc/netbsd/net/getservent.c and
 | |
|        bionic/libc/netbsd/net/services.h
 | |
| 
 | |
|        The list of services defined internally might change liberally in the
 | |
|        future. This feature is mostly historically and is very rarely used.
 | |
| 
 | |
|        The getservent() returns thread-local data. getservbyport() and
 | |
|        getservbyname() are also implemented in a similar fashion.
 | |
| 
 | |
|      - getprotoent()
 | |
| 
 | |
|        There is no /etc/protocol on Android. Bionic does not currently
 | |
|        implement getprotoent() and related functions. If added, it will
 | |
|        likely be done in a way similar to getservent()
 | |
| 
 | |
| DNS resolver:
 | |
| 
 | |
|   Bionic uses a NetBSD-derived resolver library which has been modified in
 | |
|   the following ways:
 | |
| 
 | |
|      - don't implement the name-server-switch feature (a.k.a. <nsswitch.h>)
 | |
| 
 | |
|      - read /system/etc/resolv.conf instead of /etc/resolv.conf
 | |
| 
 | |
|      - read the list of servers from system properties. the code looks for
 | |
|        'net.dns1', 'net.dns2', etc.. Each property should contain the IP
 | |
|        address of a DNS server.
 | |
| 
 | |
|        these properties are set/modified by other parts of the Android system
 | |
|        (e.g. the dhcpd daemon).
 | |
| 
 | |
|        the implementation also supports per-process DNS server list, using the
 | |
|        properties 'net.dns1.<pid>', 'net.dns2.<pid>', etc... Where <pid> stands
 | |
|        for the numerical ID of the current process.
 | |
| 
 | |
|      - when performing a query, use a properly randomized Query ID (instead of
 | |
|        a incremented one), for increased security.
 | |
| 
 | |
|      - when performing a query, bind the local client socket to a random port
 | |
|        for increased security.
 | |
| 
 | |
|      - get rid of *many* unfortunate thread-safety issues in the original code
 | |
| 
 | |
|   Bionic does *not* expose implementation details of its DNS resolver; the
 | |
|   content of <arpa/nameser.h> is intentionally blank. The resolver
 | |
|   implementation might change completely in the future.
 | |
| 
 | |
| 
 | |
| PThread Real-Time Timers:
 | |
| 
 | |
|   timer_create(), timer_gettime(), timer_settime() and timer_getoverrun() are
 | |
|   supported.
 | |
| 
 | |
|   Bionic also now supports SIGEV_THREAD real-time timers (see timer_create()).
 | |
|   The implementation simply uses a single thread per timer, unlike GLibc which
 | |
|   uses complex heuristics to try to use the less threads possible when several
 | |
|   timers with compatible properties are used.
 | |
| 
 | |
|   This means that if your code uses a lot of SIGEV_THREAD timers, your program
 | |
|   may consume a lot of memory. However, if your program needs many of these
 | |
|   timers, it'd better handle timeout events directly instead.
 | |
| 
 | |
|   Other timers (e.g. SIGEV_SIGNAL) are handled by the kernel and use much less
 | |
|   system resources.
 | |
| 
 | |
| 
 | |
| Binary Compatibility:
 | |
| 
 | |
|   Bionic is *not* in any way binary-compatible with the GNU C Library, ucLibc
 | |
|   or any known Linux C library. This means several things:
 | |
| 
 | |
|   - You cannot expect to build something against the GNU C Library headers and
 | |
|     have it dynamically link properly to Bionic later.
 | |
| 
 | |
|   - You should *really* use the Android toolchain to build your program against
 | |
|     Bionic. The toolchain deals with many important details that are crucial
 | |
|     to get something working properly.
 | |
| 
 | |
|   Failure to do so will usually result in the inability to run or link your
 | |
|   program, or even runtime crashes. Several random web pages on the Internet
 | |
|   describe how you can succesfully write a "hello-world" program with the
 | |
|   ARM GNU toolchain. These examples usually work by chance, if anything else,
 | |
|   and you should not follow these instructions unless you want to waste a lot
 | |
|   of your time in the process.
 | |
| 
 | |
|   Note however that you *can* generate a binary that is built against the
 | |
|   GNU C Library headers and then statically linked to it. The corresponding
 | |
|   executable should be able to run (if it doesn't use dlopen()/dlsym())
 | |
| 
 | |
| 
 | |
| Dynamic Linker:
 | |
| 
 | |
|   Bionic comes with its own dynamic linker (just like ld.so on Linux really
 | |
|   comes from GLibc). This linker does not support all the relocations
 | |
|   generated by other GCC ARM toolchains.
 | |
| 
 | |
| 
 | |
| C++ Exceptions Support:
 | |
| 
 | |
|   At the moment, Bionic doesn't support C++ exceptions, what this really means
 | |
|   is the following:
 | |
| 
 | |
|     - If pthread_once() is called with a C++ callback that throws an exception,
 | |
|       then the C library will keep the corresponding pthread_once_t mutex
 | |
|       locked. Any further call to pthread_once() will result in a deadlock.
 | |
| 
 | |
|       A proper implementation should be able to register a C++ exception
 | |
|       cleanup handler before the callback to properly unlock the
 | |
|       pthread_once_t. Unfortunately this requires tricky assembly code that
 | |
|       is highly dependent on the compiler.
 | |
| 
 | |
|       This feature is not planned to be supported anytime soon.
 | |
| 
 | |
|     - The same problem may arise if you throw an exception within a callback
 | |
|       called from the C library. Fortunately, these cases are very rare in the
 | |
|       real-world, but any callback you provide to the C library should *not*
 | |
|       throw an exception.
 | |
| 
 | |
|     - Bionic lacks a few support functions to have exception support work
 | |
|       properly.
 | |
| 
 | |
| System V IPCs:
 | |
| 
 | |
|   Bionic intentionally does not provide support for System-V IPCs mechanisms,
 | |
|   like the ones provided by semget(), shmget(), msgget(). The reason for this
 | |
|   is to avoid denial-of-service. For a detailed rationale about this, please
 | |
|   read the file docs/SYSV-IPCS.TXT.
 | |
| 
 | |
| Include Paths:
 | |
| 
 | |
|   The Android build system should automatically provide the necessary include
 | |
|   paths required to build against the C library headers. However, if you want
 | |
|   to do that yourself, you will need to add:
 | |
| 
 | |
|       libc/arch-$ARCH/include
 | |
|       libc/include
 | |
|       libc/kernel/common
 | |
|       libc/kernel/arch-$ARCH
 | |
| 
 | |
|   to your C include path.
 | 
