Merge "Revert "Remove mips/mips64 headers from the NDK sysroot.""
diff --git a/docs/status.md b/docs/status.md
index 6467143..0aaa0b3 100644
--- a/docs/status.md
+++ b/docs/status.md
@@ -1,6 +1,69 @@
 Android bionic status
 =====================
 
+# Target API level behavioral differences
+
+Most bionic bug fixes and improvements have been made without checks for
+the app's `targetSdkVersion`. As of O there were exactly two exceptions,
+but there are likely to be more in future because of Project Treble.
+
+Invalid `pthread_t` handling (targetSdkVersion >= O)
+----------------------------------------------------
+
+As part of a long-term goal to remove the global thread list,
+and in an attempt to flush out racy code, we changed how an invalid
+`pthread_t` is handled. For `pthread_detach`, `pthread_getcpuclockid`,
+`pthread_getschedparam`/`pthread_setschedparam`, `pthread_join`, and
+`pthread_kill`, instead of returning ESRCH when passed an invalid
+`pthread_t`, if you're targeting O or above, they'll abort with the
+message "attempt to use invalid pthread\_t".
+
+Note that this doesn't change behavior as much as you might think: the
+old lookup only held the global thread list lock for the duration of
+the lookup, so there was still a race between that and the dereference
+in the caller, given that callers actually need the tid to pass to some
+syscall or other, and sometimes update fields in the `pthread_internal_t`
+struct too.
+
+We can't check a thread's tid against 0 to see whether a `pthread_t`
+is still valid because a dead thread gets its thread struct unmapped
+along with its stack, so the dereference isn't safe.
+
+To fix your code, taking the affected functions one by one:
+
+  * `pthread_getcpuclockid` and `pthread_getschedparam`/`pthread_setschedparam`
+    should be fine. Unsafe calls to those seem highly unlikely.
+
+  * Unsafe `pthread_detach` callers probably want to switch to
+    `pthread_attr_setdetachstate` instead, or use
+    `pthread_detach(pthread_self());` from the new thread's start routine
+    rather than calling detach in the parent.
+
+  * `pthread_join` calls should be safe anyway, because a joinable thread
+    won't actually exit and unmap until it's joined. If you're joining an
+    unjoinable thread, the fix is to stop marking it detached. If you're
+    joining an already-joined thread, you need to rethink your design!
+
+  * Unsafe `pthread_kill` calls aren't portably fixable. (And are obviously
+    inherently non-portable as-is.) The best alternative on Android is to
+    use `pthread_gettid_np` at some point that you know the thread to be
+    alive, and then call `kill`/`tgkill` with signal 0 (which checks
+    whether a process exists rather than actually sending a
+    signal). That's still not completely safe because if you're too late
+    the tid may have been reused, but your code is inherently unsafe without
+    a redesign anyway.
+
+Interruptable `sem_wait` (targetSdkVersion >= N)
+------------------------------------------------
+
+POSIX says that `sem_wait` can be interrupted by delivery of a
+signal. This wasn't historically true in Android, and when we fixed this
+bug we found that existing code relied on the old behavior. To preserve
+compatibility, `sem_wait` can only return EINTR on Android if the app
+targets N or later.
+
+# Bionic function availability
+
 libc
 ----
 
@@ -8,18 +71,19 @@
 
 New libc functions in P:
   * `__freading`/`__fwriting` (completing <stdio_ext.h>)
-  * `endhostent`/endnetent`/`endprotoent`/`getnetent`/`getprotoent`/`sethostent`/`setnetent`/`setprotoent` (completing <netdb.h>)
+  * `endhostent`/`endnetent`/`endprotoent`/`getnetent`/`getprotoent`/`sethostent`/`setnetent`/`setprotoent` (completing <netdb.h>)
   * `fexecve`
   * `fflush_unlocked`/`fgetc_unlocked`/`fgets_unlocked`/`fputc_unlocked`/`fputs_unlocked`/`fread_unlocked`/`fwrite_unlocked`
   * `getentropy`/`getrandom` (adding <sys/random.h>)
   * `getlogin_r`
   * `glob`/`globfree` (adding <glob.h>)
-  * `hcreate`/hcreate_r`/`hdestroy`/`hdestroy_r`/`hsearch`/`hsearch_r` (completing <search.h>)
+  * `hcreate`/`hcreate_r`/`hdestroy`/`hdestroy_r`/`hsearch`/`hsearch_r` (completing <search.h>)
   * `iconv`/`iconv_close`/`iconv_open` (adding <iconv.h>)
   * `pthread_attr_getinheritsched`/`pthread_attr_setinheritsched`/`pthread_setschedprio`
   * <spawn.h>
   * `swab`
   * `syncfs`
+  * %C and %S support in the printf family (previously only the wprintf family supported these).
 
 New libc functions in O:
   * `sendto` FORTIFY support
diff --git a/libc/bionic/vdso.cpp b/libc/bionic/vdso.cpp
index 8cdb504..969c39f 100644
--- a/libc/bionic/vdso.cpp
+++ b/libc/bionic/vdso.cpp
@@ -26,11 +26,18 @@
 #include <unistd.h>
 #include "private/KernelArgumentBlock.h"
 
+static inline int vdso_return(int result) {
+  if (__predict_true(result == 0)) return 0;
+
+  errno = -result;
+  return -1;
+}
+
 int clock_gettime(int clock_id, timespec* tp) {
   auto vdso_clock_gettime = reinterpret_cast<decltype(&clock_gettime)>(
     __libc_globals->vdso[VDSO_CLOCK_GETTIME].fn);
   if (__predict_true(vdso_clock_gettime)) {
-    return vdso_clock_gettime(clock_id, tp);
+    return vdso_return(vdso_clock_gettime(clock_id, tp));
   }
   return __clock_gettime(clock_id, tp);
 }
@@ -39,17 +46,15 @@
   auto vdso_gettimeofday = reinterpret_cast<decltype(&gettimeofday)>(
     __libc_globals->vdso[VDSO_GETTIMEOFDAY].fn);
   if (__predict_true(vdso_gettimeofday)) {
-    return vdso_gettimeofday(tv, tz);
+    return vdso_return(vdso_gettimeofday(tv, tz));
   }
   return __gettimeofday(tv, tz);
 }
 
 void __libc_init_vdso(libc_globals* globals, KernelArgumentBlock& args) {
   auto&& vdso = globals->vdso;
-  vdso[VDSO_CLOCK_GETTIME] = { VDSO_CLOCK_GETTIME_SYMBOL,
-                               reinterpret_cast<void*>(__clock_gettime) };
-  vdso[VDSO_GETTIMEOFDAY] = { VDSO_GETTIMEOFDAY_SYMBOL,
-                              reinterpret_cast<void*>(__gettimeofday) };
+  vdso[VDSO_CLOCK_GETTIME] = { VDSO_CLOCK_GETTIME_SYMBOL, nullptr };
+  vdso[VDSO_GETTIMEOFDAY] = { VDSO_GETTIMEOFDAY_SYMBOL, nullptr };
 
   // Do we have a vdso?
   uintptr_t vdso_ehdr_addr = args.getauxval(AT_SYSINFO_EHDR);
diff --git a/tests/dl_test.cpp b/tests/dl_test.cpp
index d56b017..7444e3a 100644
--- a/tests/dl_test.cpp
+++ b/tests/dl_test.cpp
@@ -255,6 +255,6 @@
   ExecTestHelper eth;
   eth.SetArgs({ helper.c_str(), nullptr });
   eth.SetEnv({ env.c_str(), nullptr });
-  eth.Run([&]() { execve(helper.c_str(), eth.GetArgs(), eth.GetEnv()); }, -6, error_message.c_str());
+  eth.Run([&]() { execve(helper.c_str(), eth.GetArgs(), eth.GetEnv()); }, EXIT_FAILURE, error_message.c_str());
 #endif
 }
diff --git a/tests/time_test.cpp b/tests/time_test.cpp
index d553ff5..9218078 100644
--- a/tests/time_test.cpp
+++ b/tests/time_test.cpp
@@ -599,6 +599,53 @@
   ASSERT_EQ(0, clock_gettime(CLOCK_BOOTTIME, &ts));
 }
 
+TEST(time, clock_gettime_unknown) {
+  errno = 0;
+  timespec ts;
+  ASSERT_EQ(-1, clock_gettime(-1, &ts));
+  ASSERT_EQ(EINVAL, errno);
+}
+
+TEST(time, clock_getres_CLOCK_REALTIME) {
+  timespec ts;
+  ASSERT_EQ(0, clock_getres(CLOCK_REALTIME, &ts));
+  ASSERT_EQ(1, ts.tv_nsec);
+  ASSERT_EQ(0, ts.tv_sec);
+}
+
+TEST(time, clock_getres_CLOCK_MONOTONIC) {
+  timespec ts;
+  ASSERT_EQ(0, clock_getres(CLOCK_MONOTONIC, &ts));
+  ASSERT_EQ(1, ts.tv_nsec);
+  ASSERT_EQ(0, ts.tv_sec);
+}
+
+TEST(time, clock_getres_CLOCK_PROCESS_CPUTIME_ID) {
+  timespec ts;
+  ASSERT_EQ(0, clock_getres(CLOCK_PROCESS_CPUTIME_ID, &ts));
+}
+
+TEST(time, clock_getres_CLOCK_THREAD_CPUTIME_ID) {
+  timespec ts;
+  ASSERT_EQ(0, clock_getres(CLOCK_THREAD_CPUTIME_ID, &ts));
+}
+
+TEST(time, clock_getres_CLOCK_BOOTTIME) {
+  timespec ts;
+  ASSERT_EQ(0, clock_getres(CLOCK_BOOTTIME, &ts));
+  ASSERT_EQ(1, ts.tv_nsec);
+  ASSERT_EQ(0, ts.tv_sec);
+}
+
+TEST(time, clock_getres_unknown) {
+  errno = 0;
+  timespec ts = { -1, -1 };
+  ASSERT_EQ(-1, clock_getres(-1, &ts));
+  ASSERT_EQ(EINVAL, errno);
+  ASSERT_EQ(-1, ts.tv_nsec);
+  ASSERT_EQ(-1, ts.tv_sec);
+}
+
 TEST(time, clock) {
   // clock(3) is hard to test, but a 1s sleep should cost less than 1ms.
   clock_t t0 = clock();