DO NOT MERGE opengl: Fix QemuPipeStream::readFully reading beyond end of buffer

--- This is a back-port of AOSP change 4a7e93da by Yu Ning; the description of the original patch follows below --- When GPU emulation is enabled, the emulator sometimes freezes, with an error message in logcat similar to the following: QemuPipeStream::readFully failed (buf 0x7f9cd8ab8000): Bad address Some users have reported the same issue, e.g.: https://code.google.com/p/android/issues/detail?id=170633 The root cause is that QemuPipeStream::readFully(void *buf, size_t len) may attempt to read beyond (buf + len), resulting in a -EFAULT return value from the goldfish/qemu pipe driver. Fix this bug to improve the stability of the emulator. In addition, - Add more information to the said error message to facilitate future debugging. - Use "%zu" instead of "%d" for logging size_t variables. Change-Id: I8785fee0427fd6c0f25237470b346e769a82c992 Signed-off-by: Yu Ning <yu.ning@intel.com> Signed-off-by: Pengcheng Chen <pengcheng.chen@intel.com>
author: Konstantinos Menychtas <kmenychtas@google.com> 2015-07-17 15:52:33 -0700
committer: Konstantinos Menychtas <kmenychtas@google.com> 2015-07-21 16:56:47 +0000
commit: 5830261a467cbb73e6b8be906d7f29f1af23cdcb (patch)
tree: 0e593aaadf3a4cf6a18be079caaeed2fde316973
parent: d81668725d81d6b3020b08e6fbc72acf3dc1c0c8 (diff)
download: sdk-5830261a467cbb73e6b8be906d7f29f1af23cdcb.zip
sdk-5830261a467cbb73e6b8be906d7f29f1af23cdcb.tar.gz
sdk-5830261a467cbb73e6b8be906d7f29f1af23cdcb.tar.bz2
1 files changed, 6 insertions, 4 deletions
diff --git a/emulator/opengl/system/OpenglSystemCommon/QemuPipeStream.cpp b/emulator/opengl/system/OpenglSystemCommon/QemuPipeStream.cpp
index 5798370..3a53161 100644
--- a/emulator/opengl/system/OpenglSystemCommon/QemuPipeStream.cpp
+++ b/emulator/opengl/system/OpenglSystemCommon/QemuPipeStream.cpp
@@ -122,12 +122,14 @@ const unsigned char *QemuPipeStream::readFully(void *buf, size_t len)
     //DBG(">> QemuPipeStream::readFully %d\n", len);
     if (!valid()) return NULL;
     if (!buf) {
-        if (len>0) ERR("QemuPipeStream::readFully failed, buf=NULL, len %d", len);
+        if (len > 0) {
+            ERR("QemuPipeStream::readFully failed, buf=NULL, len %zu", len);
+        }
         return NULL;  // do not allow NULL buf in that implementation
     }
     size_t res = len;
     while (res > 0) {
-        ssize_t stat = ::read(m_sock, (char *)(buf) + len - res, len);
+        ssize_t stat = ::read(m_sock, (char *)(buf) + len - res, res);
         if (stat == 0) {
             // client shutdown;
             return NULL;
@@ -135,8 +137,8 @@ const unsigned char *QemuPipeStream::readFully(void *buf, size_t len)
             if (errno == EINTR) {
                 continue;
             } else {
-                ERR("QemuPipeStream::readFully failed (buf %p): %s\n",
-                    buf, strerror(errno));
+                ERR("QemuPipeStream::readFully failed (buf %p, len %zu"
+                    ", res %zu): %s\n", buf, len, res, strerror(errno));
                 return NULL;
             }
         } else {
author	Konstantinos Menychtas <kmenychtas@google.com>	2015-07-17 15:52:33 -0700
committer	Konstantinos Menychtas <kmenychtas@google.com>	2015-07-21 16:56:47 +0000
commit	5830261a467cbb73e6b8be906d7f29f1af23cdcb (patch)
tree	0e593aaadf3a4cf6a18be079caaeed2fde316973
parent	d81668725d81d6b3020b08e6fbc72acf3dc1c0c8 (diff)
download	sdk-5830261a467cbb73e6b8be906d7f29f1af23cdcb.zip sdk-5830261a467cbb73e6b8be906d7f29f1af23cdcb.tar.gz sdk-5830261a467cbb73e6b8be906d7f29f1af23cdcb.tar.bz2