Created attachment 8450333 [details] [diff] [review] hwcomposer_sprintf.patch On my Flame, |HwcDebug::HwcDebug| performs a |strncpy| with an incorrect length which leads to a non-null terminated string. It then does a |sprintf| with this value leading to memory corruption. DMD builds are crashing 100% of the time due to this, but it is certainly happening other builds as well. This affects 1.4+ at least.
Sushil can you take a look at this?
Nominating for 1.4. People are still testing/developing 1.4 on QC devices (e.g. Flame) so we need this there to have working tools.
Fix for this issue has landed in HAL. Can you please test with the CAF patch: https://www.codeaurora.org/cgit/quic/la/platform/hardware/qcom/display/commit/?h=b2g_kk_3.5&id=f0366091389b3f0648a92e6a7173237937bc0393
Eric, can you test with above CAF patch and let me know?
(In reply to Sushil from comment #4) > Eric, can you test with above CAF patch and let me know? The patch does not apply to my local checkout, inspecting by hand does indicate that it contains approximately the same fix.
Hi Vincent, Can you check if this patch has any impact on non-caf projects? Thanks
erahm gets a gold star for this one.
(In reply to Wayne Chang [:wchang] from comment #8) > Hi Vincent, > > Can you check if this patch has any impact on non-caf projects? > > Thanks Checked with two other non-caf jrojects and they didn't have HwcDebug::HwcDebug() code implementation.
Taking per comments to improve testing
Hi Eric, I was wondering is this fixed for 1.4+? Or do we need to push it to 2.0, 2.1?
We're still waiting for the fix to land upstream. See bug 1019634 comment 18.