commit	c69275009525254ebc5c0c4009e9b2c458a06e27	[log] [tgz]
author	Adrian DC <radian.dc@gmail.com>	Sat Apr 08 22:40:01 2017 +0200
committer	Jackeagle <jackeagle102@gmail.com>	Tue Nov 14 19:38:55 2017 +0530
tree	0d201fbd87435d7509e1745ec4595f552f3e85b4
parent	a3a66f86cfbe86c2262cebdb3cfd84bb776e69af [diff]

linker: Add support for dynamic SHIM libraries

 * Adapt to latest AOSP bionic linker changes
 * Additional header to avoid unused function

linker: Add support for dynamic "shim" libs

Add a new environment variable

LD_SHIM_LIBS

that is a colon (":") separated list of vertical bar ("|") separated pairs.
The pairs are the name for a soinfo reference (executable or shared library)
followed by the name of the shim library to load.  For example:

LD_SHIM_LIBS=rmt_storage|libshim_ioprio.so:/system/lib/libicuuv.so|libshim_icu53.so

will instruct the linker to load the dynamic library libshim_ioprio.so
whenver rmt_storage is executed [*] and will load libshim_icu53.so whenever
any executable or other shared library links against /system/lib/libicuuv.so.

There are no restrictions against circular references.  In this example,
libshim_icu53.so can link against libicuuv.so which provides a simple and
convenient means of adding compatibility symbols.

[*] Note that the absolute path is not available to the linker and therefore
using the name of executables does depend on the invocation and therefore
should only be used if absolutely necessary.  That is, running
/system/bin/rmt_storage would not load any shim libs in this example because
it does not match the name of the invocation of the command.

If you have trouble determining the sonames being loaded, you can also set
the environment variable LD_DEBUG=1 which will cause additional information
to be logged to help trace the detection of the shim libs.

Change-Id: I0ef80fa466167f7bcb7dac90842bef1c3cf879b6

linker: Fix the fact that shim libs do not properly call constructors

Change-Id: I34333e13443a154e675b853fa41442351bc4243a

linker: Don't try to walk the g_active_shim_libs when doing dlsym

This is a bug in the original shim_lib implementation which was
doing the shim lib resolution both when loading the libraries
and when doing the dynamic symbol resolution.

Change-Id: Ib2df0498cf551b3bbd37d7c351410b9908eb1795

Revert "Revert "linker: Reset the active shim libs each time we do a dlopen""

This reverts commit fd0140b028dedabc572f4659cc015edfeee3cd60.

Change-Id: I42b3acfcdc6b84251a396b9e42604bb5685196bd

Make shim lib load failure non-fatal.

Instead, print an appropriate warning message. Aborting symbol
resolution on shim lib load failure leads to weird symbol lookup
failures, because symbols in libraries referenced after the one loading
the shim won't be loaded anymore without a log message stating why that
happened.

Change-Id: Ic3ad7095ddae7ea1039cb6a18603d5cde8a16143

bionic: Do not allow LD_SHIM_LIBS for setuid executables

That's really not safe...

Change-Id: If79af951830966fc21812cd0f60a8998a752a941

bionic: linker: Load shim libs *before* the self-linked libs

By loading them earlier, this allows us to override a symbol in
a library that is being directly linked.

I believe this explains why some people have had problems shimming
one lib but when the changet he shim to be against a different
lib it magically works.

It also makes it possible to override some symbols that were
nearly impossible to override before this change.  For example, it is
pretty much impossible to override a symbol in libutils without
this change because it's loaded almost everywhere so no matter
where you try to place the shimming, it will be too late and
the other symbol will have priority.

In particularly, this is necessary to be able to correctly
shim the VectorImpl symbols for dlx.

Change-Id: I461ca416bc288e28035352da00fde5f34f8d9ffa

linker: Allow text-relocs for x86 (only)

This effectively reverts

https://android.googlesource.com/platform/bionic/+/e4ad91f86a47b39612e030a162f4793cb3421d31%5E%21/#F0

for x86 platforms.  Unfortunately, this seems like it is required
if we are going to support ffmpeg.  The ffmpeg team decreed that they
require text relocations for x86 (only) and that they would not
fix the fact that android 6.0 makes ffmpeg unusable on x86:

https://trac.ffmpeg.org/ticket/4928

Change-Id: I68397f4d62f4f6acd8e0d41b7ecdc115969b890a

linker: Update find_library call for shimlibs

commits 0cdef7e7f3c6837b56a969120d9098463d1df8d8
"Respect caller DT_RUNPATH in dlopen()."
and 42d5fcb9f494eb45de3b6bf759f4a18076e84728
"Introducing linker namespaces"
added new arguments to find_library, add them here.

Change-Id: I8f35a45b00d14f8b2ce01a0a96d2dc7759be04a6

linker: Update LD_SHIM_LIBS parser function

 * Upgrade the code using the same changes as
    42d5fcb9f494eb45de3b6bf759f4a18076e84728
    bda20e78f0f314dbbf0f0bbcf0740cf2d6a4b85e

Change-Id: Ic8be0871945bd9feccd0f94a6770f3cc78a70a0f

Inject shim libs as if they were DT_NEEDED.

The previous separate approach had one flaw: If the shim lib requires
another lib that's already loaded, find_library_internal() would return
the previously loaded copy, but the later load action would fail as the
ELF reader map of the initial loading round was already discarded and
thus a new ElfReader instance for the soinfo instance was created, which
didn't know about the previous reading/loading state.

Change-Id: Ib224dbd35d114197097e3dee14a077cc9130fedb

linker: Make platform text relocations denial enabled by default

 * msm8960 variant to support relocations by default

 * Partial revert "Remove textrels support for platform libs"
    commit 8068786ae67835291521e52f39c695e40f3ad20d.

Change-Id: I994ab1a600a0b237b496ceebe2dd54febc28a6bd

linker: load shims prior to dt_needed check

This allows shims to override existing symbols, not just
inject new symbols.

Change-Id: Ib9216bcc651d8d38999c593babb94d76dc1dbc95

4 files changed

tree: 0d201fbd87435d7509e1745ec4595f552f3e85b4

README.md

Working on bionic

What are the big pieces of bionic?

libc/ --- libc.so, libc.a

The C library. Stuff like fopen(3) and kill(2).

libm/ --- libm.so, libm.a

The math library. Traditionally Unix systems kept stuff like sin(3) and cos(3) in a separate library to save space in the days before shared libraries.

libdl/ --- libdl.so

The dynamic linker interface library. This is actually just a bunch of stubs that the dynamic linker replaces with pointers to its own implementation at runtime. This is where stuff like dlopen(3) lives.

libstdc++/ --- libstdc++.so

The C++ ABI support functions. The C++ compiler doesn't know how to implement thread-safe static initialization and the like, so it just calls functions that are supplied by the system. Stuff like __cxa_guard_acquire and __cxa_pure_virtual live here.

linker/ --- /system/bin/linker and /system/bin/linker64

The dynamic linker. When you run a dynamically-linked executable, its ELF file has a DT_INTERP entry that says "use the following program to start me". On Android, that's either linker or linker64 (depending on whether it's a 32-bit or 64-bit executable). It's responsible for loading the ELF executable into memory and resolving references to symbols (so that when your code tries to jump to fopen(3), say, it lands in the right place).

tests/ --- unit tests

The tests/ directory contains unit tests. Roughly arranged as one file per publicly-exported header file.

benchmarks/ --- benchmarks

The benchmarks/ directory contains benchmarks.

What's in libc/?

Adding system calls

Adding a system call usually involves:

Add entries to SYSCALLS.TXT. See SYSCALLS.TXT itself for documentation on the format.
Run the gensyscalls.py script.
Add constants (and perhaps types) to the appropriate header file. Note that you should check to see whether the constants are already in kernel uapi header files, in which case you just need to make sure that the appropriate POSIX header file in libc/include/ includes the relevant file or files.
Add function declarations to the appropriate header file.
Add the function name to the correct section in libc/libc.map.txt and run ./libc/tools/genversion-scripts.py.
Add at least basic tests. Even a test that deliberately supplies an invalid argument helps check that we're generating the right symbol and have the right declaration in the header file, and that you correctly updated the maps in step 5. (You can use strace(1) to confirm that the correct system call is being made.)

Updating kernel header files

As mentioned above, this is currently a two-step process:

Use generate_uapi_headers.sh to go from a Linux source tree to appropriate contents for external/kernel-headers/.
Run update_all.py to scrub those headers and import them into bionic.

Updating tzdata

This is fully automated (and these days handled by the libcore team, because they own icu, and that needs to be updated in sync with bionic):

Run update-tzdata.py in external/icu/tools/.

Verifying changes

If you make a change that is likely to have a wide effect on the tree (such as a libc header change), you should run make checkbuild. A regular make will not build the entire tree; just the minimum number of projects that are required for the device. Tests, additional developer tools, and various other modules will not be built. Note that make checkbuild will not be complete either, as make tests covers a few additional modules, but generally speaking make checkbuild is enough.

Running the tests

The tests are all built from the tests/ directory.

Device tests

$ mma # In $ANDROID_ROOT/bionic.
$ adb root && adb remount && adb sync
$ adb shell /data/nativetest/bionic-unit-tests/bionic-unit-tests32
$ adb shell \
    /data/nativetest/bionic-unit-tests-static/bionic-unit-tests-static32
# Only for 64-bit targets
$ adb shell /data/nativetest64/bionic-unit-tests/bionic-unit-tests64
$ adb shell \
    /data/nativetest64/bionic-unit-tests-static/bionic-unit-tests-static64

Note that we use our own custom gtest runner that offers a superset of the options documented at https://github.com/google/googletest/blob/master/googletest/docs/AdvancedGuide.md#running-test-programs-advanced-options, in particular for test isolation and parallelism (both on by default).

Device tests via CTS

Most of the unit tests are executed by CTS. By default, CTS runs as a non-root user, so the unit tests must also pass when not run as root. Some tests cannot do any useful work unless run as root. In this case, the test should check getuid() == 0 and do nothing otherwise (typically we log in this case to prevent accidents!). Obviously, if the test can be rewritten to not require root, that's an even better solution.

Currently, the list of bionic CTS tests is generated at build time by running a host version of the test executable and dumping the list of all tests. In order for this to continue to work, all architectures must have the same number of tests, and the host version of the executable must also have the same number of tests.

Running the gtests directly is orders of magnitude faster than using CTS, but in cases where you really have to run CTS:

$ make cts # In $ANDROID_ROOT.
$ adb unroot # Because real CTS doesn't run as root.
# This will sync any *test* changes, but not *code* changes:
$ cts-tradefed \
    run singleCommand cts --skip-preconditions -m CtsBionicTestCases

Host tests

The host tests require that you have lunched either an x86 or x86_64 target. Note that due to ABI limitations (specifically, the size of pthread_mutex_t), 32-bit bionic requires PIDs less than 65536. To enforce this, set /proc/sys/kernel/pid_max to 65536.

$ ./tests/run-on-host.sh 32
$ ./tests/run-on-host.sh 64   # For x86_64-bit *targets* only.

You can supply gtest flags as extra arguments to this script.

Against glibc

As a way to check that our tests do in fact test the correct behavior (and not just the behavior we think is correct), it is possible to run the tests against the host's glibc.

$ ./tests/run-on-host.sh glibc

Gathering test coverage

For either host or target coverage, you must first:

$ export NATIVE_COVERAGE=true
- Note that the build system is ignorant to this flag being toggled, i.e. if you change this flag, you will have to manually rebuild bionic.
Set bionic_coverage=true in libc/Android.mk and libm/Android.mk.

Coverage from device tests

$ mma
$ adb sync
$ adb shell \
    GCOV_PREFIX=/data/local/tmp/gcov \
    GCOV_PREFIX_STRIP=`echo $ANDROID_BUILD_TOP | grep -o / | wc -l` \
    /data/nativetest/bionic-unit-tests/bionic-unit-tests32
$ acov

acov will pull all coverage information from the device, push it to the right directories, run lcov, and open the coverage report in your browser.

Coverage from host tests

First, build and run the host tests as usual (see above).

$ croot
$ lcov -c -d $ANDROID_PRODUCT_OUT -o coverage.info
$ genhtml -o covreport coverage.info # or lcov --list coverage.info

The coverage report is now available at covreport/index.html.

Running the benchmarks

Device benchmarks

$ mma
$ adb remount
$ adb sync
$ adb shell /data/nativetest/bionic-benchmarks/bionic-benchmarks
$ adb shell /data/nativetest64/bionic-benchmarks/bionic-benchmarks

You can use --benchmark_filter=getpid to just run benchmarks with "getpid" in their name.

Host benchmarks

See the "Host tests" section of "Running the tests" above.

Attaching GDB to the tests

Bionic's test runner will run each test in its own process by default to prevent tests failures from impacting other tests. This also has the added benefit of running them in parallel, so they are much faster.

However, this also makes it difficult to run the tests under GDB. To prevent each test from being forked, run the tests with the flag --no-isolate.

32-bit ABI bugs

This probably belongs in the NDK documentation rather than here, but these are the known ABI bugs in the 32-bit ABI:

time_t is 32-bit. http://b/5819737. In the 64-bit ABI, time_t is 64-bit.
off_t is 32-bit. There is off64_t, and in newer releases there is almost-complete support for _FILE_OFFSET_BITS. Unfortunately our stdio implementation uses 32-bit offsets and -- worse -- function pointers to functions that use 32-bit offsets, so there's no good way to implement the last few pieces http://b/24807045. In the 64-bit ABI, off_t is off64_t.
sigset_t is too small on ARM and x86 (but correct on MIPS), so support for real-time signals is broken. http://b/5828899 In the 64-bit ABI, sigset_t is the correct size for every architecture.