Merge "Revert "Remove mips/mips64 headers from the NDK sysroot.""
diff --git a/docs/status.md b/docs/status.md
index 6467143..0aaa0b3 100644
--- a/docs/status.md
+++ b/docs/status.md
@@ -1,6 +1,69 @@
Android bionic status
=====================
+# Target API level behavioral differences
+
+Most bionic bug fixes and improvements have been made without checks for
+the app's `targetSdkVersion`. As of O there were exactly two exceptions,
+but there are likely to be more in future because of Project Treble.
+
+Invalid `pthread_t` handling (targetSdkVersion >= O)
+----------------------------------------------------
+
+As part of a long-term goal to remove the global thread list,
+and in an attempt to flush out racy code, we changed how an invalid
+`pthread_t` is handled. For `pthread_detach`, `pthread_getcpuclockid`,
+`pthread_getschedparam`/`pthread_setschedparam`, `pthread_join`, and
+`pthread_kill`, instead of returning ESRCH when passed an invalid
+`pthread_t`, if you're targeting O or above, they'll abort with the
+message "attempt to use invalid pthread\_t".
+
+Note that this doesn't change behavior as much as you might think: the
+old lookup only held the global thread list lock for the duration of
+the lookup, so there was still a race between that and the dereference
+in the caller, given that callers actually need the tid to pass to some
+syscall or other, and sometimes update fields in the `pthread_internal_t`
+struct too.
+
+We can't check a thread's tid against 0 to see whether a `pthread_t`
+is still valid because a dead thread gets its thread struct unmapped
+along with its stack, so the dereference isn't safe.
+
+To fix your code, taking the affected functions one by one:
+
+ * `pthread_getcpuclockid` and `pthread_getschedparam`/`pthread_setschedparam`
+ should be fine. Unsafe calls to those seem highly unlikely.
+
+ * Unsafe `pthread_detach` callers probably want to switch to
+ `pthread_attr_setdetachstate` instead, or use
+ `pthread_detach(pthread_self());` from the new thread's start routine
+ rather than calling detach in the parent.
+
+ * `pthread_join` calls should be safe anyway, because a joinable thread
+ won't actually exit and unmap until it's joined. If you're joining an
+ unjoinable thread, the fix is to stop marking it detached. If you're
+ joining an already-joined thread, you need to rethink your design!
+
+ * Unsafe `pthread_kill` calls aren't portably fixable. (And are obviously
+ inherently non-portable as-is.) The best alternative on Android is to
+ use `pthread_gettid_np` at some point that you know the thread to be
+ alive, and then call `kill`/`tgkill` with signal 0 (which checks
+ whether a process exists rather than actually sending a
+ signal). That's still not completely safe because if you're too late
+ the tid may have been reused, but your code is inherently unsafe without
+ a redesign anyway.
+
+Interruptable `sem_wait` (targetSdkVersion >= N)
+------------------------------------------------
+
+POSIX says that `sem_wait` can be interrupted by delivery of a
+signal. This wasn't historically true in Android, and when we fixed this
+bug we found that existing code relied on the old behavior. To preserve
+compatibility, `sem_wait` can only return EINTR on Android if the app
+targets N or later.
+
+# Bionic function availability
+
libc
----
@@ -8,18 +71,19 @@
New libc functions in P:
* `__freading`/`__fwriting` (completing <stdio_ext.h>)
- * `endhostent`/endnetent`/`endprotoent`/`getnetent`/`getprotoent`/`sethostent`/`setnetent`/`setprotoent` (completing <netdb.h>)
+ * `endhostent`/`endnetent`/`endprotoent`/`getnetent`/`getprotoent`/`sethostent`/`setnetent`/`setprotoent` (completing <netdb.h>)
* `fexecve`
* `fflush_unlocked`/`fgetc_unlocked`/`fgets_unlocked`/`fputc_unlocked`/`fputs_unlocked`/`fread_unlocked`/`fwrite_unlocked`
* `getentropy`/`getrandom` (adding <sys/random.h>)
* `getlogin_r`
* `glob`/`globfree` (adding <glob.h>)
- * `hcreate`/hcreate_r`/`hdestroy`/`hdestroy_r`/`hsearch`/`hsearch_r` (completing <search.h>)
+ * `hcreate`/`hcreate_r`/`hdestroy`/`hdestroy_r`/`hsearch`/`hsearch_r` (completing <search.h>)
* `iconv`/`iconv_close`/`iconv_open` (adding <iconv.h>)
* `pthread_attr_getinheritsched`/`pthread_attr_setinheritsched`/`pthread_setschedprio`
* <spawn.h>
* `swab`
* `syncfs`
+ * %C and %S support in the printf family (previously only the wprintf family supported these).
New libc functions in O:
* `sendto` FORTIFY support
diff --git a/libc/bionic/vdso.cpp b/libc/bionic/vdso.cpp
index 8cdb504..969c39f 100644
--- a/libc/bionic/vdso.cpp
+++ b/libc/bionic/vdso.cpp
@@ -26,11 +26,18 @@
#include <unistd.h>
#include "private/KernelArgumentBlock.h"
+static inline int vdso_return(int result) {
+ if (__predict_true(result == 0)) return 0;
+
+ errno = -result;
+ return -1;
+}
+
int clock_gettime(int clock_id, timespec* tp) {
auto vdso_clock_gettime = reinterpret_cast<decltype(&clock_gettime)>(
__libc_globals->vdso[VDSO_CLOCK_GETTIME].fn);
if (__predict_true(vdso_clock_gettime)) {
- return vdso_clock_gettime(clock_id, tp);
+ return vdso_return(vdso_clock_gettime(clock_id, tp));
}
return __clock_gettime(clock_id, tp);
}
@@ -39,17 +46,15 @@
auto vdso_gettimeofday = reinterpret_cast<decltype(&gettimeofday)>(
__libc_globals->vdso[VDSO_GETTIMEOFDAY].fn);
if (__predict_true(vdso_gettimeofday)) {
- return vdso_gettimeofday(tv, tz);
+ return vdso_return(vdso_gettimeofday(tv, tz));
}
return __gettimeofday(tv, tz);
}
void __libc_init_vdso(libc_globals* globals, KernelArgumentBlock& args) {
auto&& vdso = globals->vdso;
- vdso[VDSO_CLOCK_GETTIME] = { VDSO_CLOCK_GETTIME_SYMBOL,
- reinterpret_cast<void*>(__clock_gettime) };
- vdso[VDSO_GETTIMEOFDAY] = { VDSO_GETTIMEOFDAY_SYMBOL,
- reinterpret_cast<void*>(__gettimeofday) };
+ vdso[VDSO_CLOCK_GETTIME] = { VDSO_CLOCK_GETTIME_SYMBOL, nullptr };
+ vdso[VDSO_GETTIMEOFDAY] = { VDSO_GETTIMEOFDAY_SYMBOL, nullptr };
// Do we have a vdso?
uintptr_t vdso_ehdr_addr = args.getauxval(AT_SYSINFO_EHDR);
diff --git a/tests/dl_test.cpp b/tests/dl_test.cpp
index d56b017..7444e3a 100644
--- a/tests/dl_test.cpp
+++ b/tests/dl_test.cpp
@@ -255,6 +255,6 @@
ExecTestHelper eth;
eth.SetArgs({ helper.c_str(), nullptr });
eth.SetEnv({ env.c_str(), nullptr });
- eth.Run([&]() { execve(helper.c_str(), eth.GetArgs(), eth.GetEnv()); }, -6, error_message.c_str());
+ eth.Run([&]() { execve(helper.c_str(), eth.GetArgs(), eth.GetEnv()); }, EXIT_FAILURE, error_message.c_str());
#endif
}
diff --git a/tests/time_test.cpp b/tests/time_test.cpp
index d553ff5..9218078 100644
--- a/tests/time_test.cpp
+++ b/tests/time_test.cpp
@@ -599,6 +599,53 @@
ASSERT_EQ(0, clock_gettime(CLOCK_BOOTTIME, &ts));
}
+TEST(time, clock_gettime_unknown) {
+ errno = 0;
+ timespec ts;
+ ASSERT_EQ(-1, clock_gettime(-1, &ts));
+ ASSERT_EQ(EINVAL, errno);
+}
+
+TEST(time, clock_getres_CLOCK_REALTIME) {
+ timespec ts;
+ ASSERT_EQ(0, clock_getres(CLOCK_REALTIME, &ts));
+ ASSERT_EQ(1, ts.tv_nsec);
+ ASSERT_EQ(0, ts.tv_sec);
+}
+
+TEST(time, clock_getres_CLOCK_MONOTONIC) {
+ timespec ts;
+ ASSERT_EQ(0, clock_getres(CLOCK_MONOTONIC, &ts));
+ ASSERT_EQ(1, ts.tv_nsec);
+ ASSERT_EQ(0, ts.tv_sec);
+}
+
+TEST(time, clock_getres_CLOCK_PROCESS_CPUTIME_ID) {
+ timespec ts;
+ ASSERT_EQ(0, clock_getres(CLOCK_PROCESS_CPUTIME_ID, &ts));
+}
+
+TEST(time, clock_getres_CLOCK_THREAD_CPUTIME_ID) {
+ timespec ts;
+ ASSERT_EQ(0, clock_getres(CLOCK_THREAD_CPUTIME_ID, &ts));
+}
+
+TEST(time, clock_getres_CLOCK_BOOTTIME) {
+ timespec ts;
+ ASSERT_EQ(0, clock_getres(CLOCK_BOOTTIME, &ts));
+ ASSERT_EQ(1, ts.tv_nsec);
+ ASSERT_EQ(0, ts.tv_sec);
+}
+
+TEST(time, clock_getres_unknown) {
+ errno = 0;
+ timespec ts = { -1, -1 };
+ ASSERT_EQ(-1, clock_getres(-1, &ts));
+ ASSERT_EQ(EINVAL, errno);
+ ASSERT_EQ(-1, ts.tv_nsec);
+ ASSERT_EQ(-1, ts.tv_sec);
+}
+
TEST(time, clock) {
// clock(3) is hard to test, but a 1s sleep should cost less than 1ms.
clock_t t0 = clock();