Clean up abort.
* A dlmalloc usage error shouldn't call abort(3) because we want to
cause a SIGSEGV by writing the address dlmalloc didn't like to an
address the kernel won't like, so that debuggerd will dump the
memory around the address that upset dlmalloc.
* Switch to the simpler FreeBSD/NetBSD style of registering stdio
cleanup. Hopefully this will let us simplify more of the stdio
implementation.
* Clear the stdio cleanup handler before we abort because of a dlmalloc
corruption error. This fixes the reported bug, where we'd hang inside
dlmalloc because the stdio cleanup reentered dlmalloc.
Bug: 9301265
Change-Id: Ief31b389455d6876e5a68f0f5429567d37277dbc
diff --git a/libc/bionic/dlmalloc.c b/libc/bionic/dlmalloc.c
index 51c62a7..78f2e1d 100644
--- a/libc/bionic/dlmalloc.c
+++ b/libc/bionic/dlmalloc.c
@@ -28,13 +28,17 @@
// Ugly inclusion of C file so that bionic specific #defines configure dlmalloc.
#include "../upstream-dlmalloc/malloc.c"
+extern void (*__cleanup)();
+
static void __bionic_heap_corruption_error(const char* function) {
- __libc_fatal("@@@ ABORTING: heap corruption detected by %s", function);
+ __cleanup = NULL; // The heap is corrupt. We can forget trying to shut down stdio.
+ __libc_fatal("heap corruption detected by %s", function);
}
static void __bionic_heap_usage_error(const char* function, void* address) {
- __libc_fatal("@@@ ABORTING: invalid address or address of corrupt block %p passed to %s",
+ __libc_fatal_no_abort("invalid address or address of corrupt block %p passed to %s",
address, function);
- // So that we can get a memory dump around the specific address.
+ // So that debuggerd gives us a memory dump around the specific address.
+ // TODO: improve the debuggerd protocol so we can tell it to dump an address when we abort.
*((int**) 0xdeadbaad) = (int*) address;
}