blob: 753e48a5b7fae55ca122701b76a0fa03e6057e8f [file] [log] [blame]
Bionic C Library Overview:
==========================
Introduction:
Core Philosophy:
The core idea behind Bionic's design is: KEEP IT REALLY SIMPLE.
This implies that the C library should only provide lightweight wrappers
around kernel facilities and not try to be too smart to deal with edge cases.
The name "Bionic" comes from the fact that it is part-BSD and part-Linux:
its source code consists in a mix of BSD C library pieces with custom
Linux-specific bits used to deal with threads, processes, signals and a few
others things.
All original BSD pieces carry the BSD copyright disclaimer. Bionic-specific
bits carry the Android Open Source Project copyright disclaimer. And
everything is released under the BSD license.
Architectures:
Bionic currently supports the ARM and x86 instruction sets. In theory, it
should be possible to support more, but this may require a little work (e.g.
adding system call IDs to SYSCALLS.TXT, described below, or modifying the
dynamic linker).
The ARM-specific code is under arch-arm/ and the x86-specific one is under
arch-x86/
Note that the x86 version is only meant to run on an x86 Android device. We
make absolutely no claim that you could build and use Bionic on a stock x86
Linux distribution (though that would be cool, so patches are welcomed :-))
Syscall stubs:
Each system call function is implemented by a tiny assembler source fragment
(called a "syscall stub"), which is generated automatically by
tools/gensyscalls.py which reads the SYSCALLS.TXT file for input.
SYSCALLS.TXT contains the list of all syscall stubs to generate, along with
the corresponding syscall numeric identifier (which may differ between ARM
and x86), and its signature
If you modify this file, you may want to use tools/checksyscalls.py which
checks its content against official Linux kernel header files, and will
report errors when invalid syscall ids are used.
Sometimes, the C library function is really a wrapper that calls the
corresponding syscall with another name. For example, the exit() function
is provided by the C library and calls the _exit() syscall stub.
See SYSCALLS.TXT for documentation and details.
time_t:
time_t is 32-bit as defined by the kernel on 32-bit CPUs. A 64-bit version
would be preferrable to avoid the Y2038 bug, but the kernel maintainers
consider that this is not needed at the moment.
Instead, Bionic provides a <time64.h> header that defines a time64_t type,
and related functions like mktime64(), localtime64(), etc...
strftime() uses time64_t internally, so the '%s' format (seconds since the
epoch) is supported for dates >= 2038.
strftime_tz():
Bionic also provides the non-standard strftime_tz() function, a variant
of strftime() which also accepts a time locale descriptor as defined
by "struct strftime_locale" in <time.h>.
This function is used by the low-level framework code in Android.
Timezone management:
The name of the current timezone is taken from the TZ environment variable,
if defined. Otherwise, the system property named 'persist.sys.timezone' is
checked instead.
The zoneinfo timezone database and index files are located under directory
/system/usr/share/zoneinfo, instead of the more Posix-compliant path of
/usr/share/zoneinfo
off_t:
For similar reasons, off_t is 32-bit. We define loff_t as the 64-bit variant
due to BSD inheritance, but off64_t should be available as a typedef to ease
porting of current Linux-specific code.
Linux kernel headers:
Bionic comes with its own set of "clean" Linux kernel headers to allow
user-space code to use kernel-specific declarations (e.g. IOCTLs, structure
declarations, constants, etc...). They are located in:
./kernel/common,
./kernel/arch-arm
./kernel/arch-x86
These headers have been generated by a tool (kernel/tools/update-all.py) to
only include the public definitions from the original Linux kernel headers.
If you want to know why and how this is done, read kernel/README.TXT to get
all the (gory) details.
PThread implementation:
Bionic's C library comes with its own pthread implementation bundled in.
This is different from other historical C libraries which:
- place it in an external library (-lpthread)
- play linker tricks with weak symbols at dynamic link time
The support for real-time features (a.k.a. -lrt) is also bundled in the
C library.
The implementation is based on futexes and strives to provide *very* short
code paths for common operations. Notable features are the following:
- pthread_mutex_t, pthread_cond_t are only 4 bytes each.
- Normal, recursive and error-check mutexes are supported, and the code
path is heavily optimized for the normal case, which is used most of
the time.
- Process-shared mutexes and condition variables are not supported.
Their implementation requires far more complexity and was absolutely
not needed for Android (which uses other inter-process synchronization
capabilities).
Note that they could be added in the future without breaking the ABI
by specifying more sophisticated code paths (which may make the common
paths slightly slower though).
- There is currently no support for read/write locks, priority-ceiling in
mutexes and other more advanced features. Again, the main idea being
that this was not needed for Android at all but could be added in the
future.
pthread_cancel():
pthread_cancel() will *not* be supported in Bionic, because doing this would
involve making the C library significantly bigger for very little benefit.
Consider that:
- A proper implementation must insert pthread cancellation checks in a lot
of different places of the C library. And conformance is very difficult
to test properly.
- A proper implementation must also clean up resources, like releasing
memory, or unlocking mutexes, properly if the cancellation happens in a
complex function (e.g. inside gethostbyname() or fprintf() + complex
formatting rules). This tends to slow down the path of many functions.
- pthread cancellation cannot stop all threads: e.g. it can't do anything
against an infinite loop
- pthread cancellation itself has short-comings and isn't very portable
(see http://advogato.org/person/slamb/diary.html?start=49 for example).
All of this is contrary to the Bionic design goals. If your code depends on
thread cancellation, please consider alternatives.
Note however that Bionic does implement pthread_cleanup_push() and
pthread_cleanup_pop(), which can be used to handle cleanups that happen when
a thread voluntarily exits through pthread_exit() or returning from its
main function.
pthread_once():
Do not call fork() within a callback provided to pthread_once(). Doing this
may result in a deadlock in the child process the next time it calls
pthread_once().
Also, you can't throw a C++ Exception from the callback (see C++ Exception
Support below).
The current implementation of pthread_once() lacks the necessary support of
multi-core-safe double-checked-locking (read and write barriers).
Thread-specific data
The thread-specific storage only provides for a bit less than 64
pthread_key_t objects to each process. The implementation provides 64 real
slots but also uses about 5 of them (exact number may depend on
implementation) for its own use (e.g. two slots are pre-allocated by the C
library to speed-up the Android OpenGL sub-system).
Note that Posix mandates a minimum of 128 slots, but we do not claim to be
Posix-compliant.
Except for the main thread, the TLS area is stored at the top of the stack.
See comments in bionic/libc/bionic/pthread.c for details.
At the moment, thread-local storage defined through the __thread compiler
keyword is not supported by the Bionic C library and dynamic linker.
Multi-core support
At the moment, Bionic does not provide or use read/write memory barriers.
This means that using it on certain multi-core systems might not be
supported, depending on its exact CPU architecture.
Android-specific features:
Bionic provides a small number of Android-specific features to its clients:
- access to system properties:
Android provides a simple shared value/key space to all processes on the
system. It stores a liberal number of 'properties', each of them being a
simple size-limited string that can be associated to a size-limited
string value.
The header <sys/system_properties.h> can be used to read system
properties and also defines the maximum size of keys and values.
- Android-specific user/group management:
There is no /etc/passwd or /etc/groups in Android. By design, it is
meant to be used by a single handset user. On the other hand, Android
uses the Linux user/group management features extensively to secure
process permissions, like access to various filesystem directories.
In the Android scheme, each installed application gets its own
uid_t/gid_t starting from 10000; lower numerical ids are reserved for
system daemons.
getpwnam() recognizes some hard-coded subsystems names (e.g. "radio")
and will translate them to their low-user-id values. It also recognizes
"app_1234" as the synthetic name of the application that was installed
with uid 10000 + 1234, which is 11234. getgrnam() works similarly
getgrouplist() will always return a single group for any user name,
which is the one passed as an input parameter.
getgrgid() will similarly only return a structure that contains a
single-element members list, corresponding to the user with the same
numerical value than the group.
See bionic/libc/bionic/stubs.c for more details.
- getservent()
There is no /etc/services on Android. Instead the C library embeds a
constant list of services in its executable, which is parsed on demand
by the various functions that depend on it. See
bionic/libc/netbsd/net/getservent.c and
bionic/libc/netbsd/net/services.h
The list of services defined internally might change liberally in the
future. This feature is mostly historically and is very rarely used.
The getservent() returns thread-local data. getservbyport() and
getservbyname() are also implemented in a similar fashion.
- getprotoent()
There is no /etc/protocol on Android. Bionic does not currently
implement getprotoent() and related functions. If added, it will
likely be done in a way similar to getservent()
DNS resolver:
Bionic uses a NetBSD-derived resolver library which has been modified in
the following ways:
- don't implement the name-server-switch feature (a.k.a. <nsswitch.h>)
- read /system/etc/resolv.conf instead of /etc/resolv.conf
- read the list of servers from system properties. the code looks for
'net.dns1', 'net.dns2', etc.. Each property should contain the IP
address of a DNS server.
these properties are set/modified by other parts of the Android system
(e.g. the dhcpd daemon).
the implementation also supports per-process DNS server list, using the
properties 'net.dns1.<pid>', 'net.dns2.<pid>', etc... Where <pid> stands
for the numerical ID of the current process.
- when performing a query, use a properly randomized Query ID (instead of
a incremented one), for increased security.
- when performing a query, bind the local client socket to a random port
for increased security.
- get rid of *many* unfortunate thread-safety issues in the original code
Bionic does *not* expose implementation details of its DNS resolver; the
content of <arpa/nameser.h> is intentionally blank. The resolver
implementation might change completely in the future.
PThread Real-Time Timers:
timer_create(), timer_gettime(), timer_settime() and timer_getoverrun() are
supported.
Bionic also now supports SIGEV_THREAD real-time timers (see timer_create()).
The implementation simply uses a single thread per timer, unlike GLibc which
uses complex heuristics to try to use the less threads possible when several
timers with compatible properties are used.
This means that if your code uses a lot of SIGEV_THREAD timers, your program
may consume a lot of memory. However, if your program needs many of these
timers, it'd better handle timeout events directly instead.
Other timers (e.g. SIGEV_SIGNAL) are handled by the kernel and use much less
system resources.
Binary Compatibility:
Bionic is *not* in any way binary-compatible with the GNU C Library, ucLibc
or any known Linux C library. This means several things:
- You cannot expect to build something against the GNU C Library headers and
have it dynamically link properly to Bionic later.
- You should *really* use the Android toolchain to build your program against
Bionic. The toolchain deals with many important details that are crucial
to get something working properly.
Failure to do so will usually result in the inability to run or link your
program, or even runtime crashes. Several random web pages on the Internet
describe how you can succesfully write a "hello-world" program with the
ARM GNU toolchain. These examples usually work by chance, if anything else,
and you should not follow these instructions unless you want to waste a lot
of your time in the process.
Note however that you *can* generate a binary that is built against the
GNU C Library headers and then statically linked to it. The corresponding
executable should be able to run (if it doesn't use dlopen()/dlsym())
Dynamic Linker:
Bionic comes with its own dynamic linker (just like ld.so on Linux really
comes from GLibc). This linker does not support all the relocations
generated by other GCC ARM toolchains.
C++ Exceptions Support:
At the moment, Bionic doesn't support C++ exceptions, what this really means
is the following:
- If pthread_once() is called with a C++ callback that throws an exception,
then the C library will keep the corresponding pthread_once_t mutex
locked. Any further call to pthread_once() will result in a deadlock.
A proper implementation should be able to register a C++ exception
cleanup handler before the callback to properly unlock the
pthread_once_t. Unfortunately this requires tricky assembly code that
is highly dependent on the compiler.
This feature is not planned to be supported anytime soon.
- The same problem may arise if you throw an exception within a callback
called from the C library. Fortunately, these cases are very rare in the
real-world, but any callback you provide to the C library should *not*
throw an exception.
- Bionic lacks a few support functions to have exception support work
properly.
System V IPCs:
Bionic intentionally does not provide support for System-V IPCs mechanisms,
like the ones provided by semget(), shmget(), msgget(). The reason for this
is to avoid denial-of-service. For a detailed rationale about this, please
read the file docs/SYSV-IPCS.TXT.
Include Paths:
The Android build system should automatically provide the necessary include
paths required to build against the C library headers. However, if you want
to do that yourself, you will need to add:
libc/arch-$ARCH/include
libc/include
libc/kernel/common
libc/kernel/arch-$ARCH
to your C include path.