Commit Graph

67 Commits

Author SHA1 Message Date
Ben Cheng
d640f89205 Initialize bwr.read_buffer in IPCThreadState::talkWithDriver.
I/valgrind( 1309): ==1310== Syscall param
ioctl(BINDER_WRITE_READ).read_buffer points to uninitialised byte(s)
I/valgrind( 1309): ==1310==    at 0x480E670: __ioctl (__ioctl.S:10)
I/valgrind( 1309): ==1310==  Address 0xbda651b4 is on thread 1's stack

Change-Id: I02893df7b5786b6b2dbd9659f5706d7171295ab2
2011-12-01 17:11:32 -08:00
Jeff Brown
efd912c05c am 5462bc63: Fix a leak in Parcel::writeBlob.
* commit '5462bc6318b4b70e7a58c66994e2bd79f59d9739':
  Fix a leak in Parcel::writeBlob.
2011-11-05 02:35:57 +00:00
Jeff Brown
93ff1f985e Fix a leak in Parcel::writeBlob.
Was mistakenly assuming that Parcel::writeFileDescriptor took
ownership of the fd that was passed in.  It does not!
Added some comments and a default parameter to allow the caller
to specify whether it wishes the Parcel to take ownership.

Bug: 5563374
Change-Id: I5a12f51d582bf246ce90133cce7690bb9bca93f6
2011-11-04 19:26:03 -07:00
Jeff Brown
9897b46138 resolved conflicts for merge of 2d280f75 to ics-mr1
Change-Id: I459e1cb0b60fb94dfb12862fedb9f8d949c226a7
2011-10-30 14:24:02 -07:00
Jeff Brown
27a852b620 Improve the slow query instrumentation.
On user-debug and eng builds, you can set the
"db.log.slow_query_threshold" system property to queries that
take longer than the specified number of milliseconds.
Set it to 0 to log all queries.

This property has been around for a while but it was implemented
poorly.  In particular, it *changed* the behavior of the query
by calling getCount() while holding the Db connection.
In normal operation, the query will not actually run until later.

By putting the timing logic into fillWindow() instead, we ensure
that we only measure queries that actually ran.  We also capture
cases where the cursor window gets filled multiple times.

Bug: 5520301
Change-Id: I174f5e1ea15831a1d22a36e9a804d7755f230b38
2011-10-28 14:58:39 -07:00
Jeff Brown
3e2fb7056a Deprecate local-only CursorWindows.
There is no difference and has never really been a difference
between local-only and remotable CursorWindows.  By removing the
distinction officially in the API, we will make it easier to
implement CrossProcessCursor correctly.  CrossProcessCursor
is problematic currently because it's not clear whether a call
to getWindow() will return a local-only window or a remotable window.
As a result, the bulk cursor adaptor has special case handling
for AbstractWindowedCursors vs. ordinary CrossProcessCursors
so that it can set a remotable window before the cursor fills it.
All these problems go away if we just forget about local-only
windows being special in any way.

Change-Id: Ie59f517968e33d0ecb239c3c4f60206495e8f376
2011-10-12 22:19:41 -07:00
Jeff Brown
ec4e0063a1 Use ashmem for CursorWindows.
Bug: 5332296

The memory dealer introduces additional delays for reclaiming
the memory owned by CursorWindows because the Binder object must
be finalized.  Using ashmem instead gives CursorWindow more
direct control over the lifetime of the shared memory region.

The provider now allocates the CursorWindows and returns them
to clients with a read-only protection bit set on the ashmem
region.

Improved the encapsulation of CursorWindow.  Callers shouldn't
need to care about details like how string fields are allocated.

Removed the compile-time configuration of string and numeric
storage modes to remove some dead weight.

Change-Id: I07c2bc2a9c573d7e435dcaecd269d25ea9807acd
2011-10-11 11:03:19 -07:00
Jeff Brown
cc0bf53f21 Clean up CursorWindow code.
Bug: 5332296

The code is functionally equivalent, but a little more efficient
and much easier to maintain.

Change-Id: I90670a13799df05831843a5137ab234929281b7c
2011-10-06 14:40:13 -07:00
Dianne Hackborn
7746cc3188 Fix handling of "allow fds" state.
Didn't take into account nesting of bundles.  Boo.

Change-Id: Ic8cf21ad8d6f4938a3e105128624c9d162310d01
2011-10-03 21:09:35 -07:00
Jeff Brown
5707dbf15d Transfer large bitmaps using ashmem.
Bug: 5224703

Change-Id: If385a66adf4c6179a0bb49c0e6d09a9567e23808
2011-10-03 17:28:13 -07:00
Dianne Hackborn
8938ed2c8e Add mechanism for Parcel to not allow FDs to be written to it.
This is to help implement issue #5224703.

Change-Id: I026a5890495537d15b57fe61227a640aac806d46
2011-10-03 16:58:41 -07:00
Bart Sears
8acda78034 Revert "Transfer large bitmaps using ashmem. Bug: 5224703"
This reverts commit 56c58f66b97d22fe7e7de1f7d9548bcbe1973029

This CL was causing the browser to crash when adding bookmarks, visiting the bookmarks page, and sharing pages (see bug http://b/issue?id=5369231
2011-09-25 14:30:21 -07:00
Jeff Brown
f4c1088d75 Transfer large bitmaps using ashmem.
Bug: 5224703

Change-Id: Ic7481dd9f173986f085a8bbdcc59bbe9830d7a44
2011-09-23 21:20:47 -07:00
Andy McFadden
aefc9cda45 Resurrect verbose binder logging
Updated the command name lists, and masked off the additional bits in
the command word when doing the name lookup.

Made descriptor values easier to grep for and consistent with kernel
output (i.e. decimal rather than hex).  Attempt to show transaction
descriptors as such (they're in a union with a pointer).

Also, the writeLines() function in Static was using a no-op
logging call to write an iovec.  It looks like all callers are using
N=1, so I just added a log for the first string.

Bug 5155269

Change-Id: I417b8d77da3eb6ee1d2069ba94047210f75738bc
2011-09-07 16:45:03 -07:00
Mike Lockwood
c2be743a9c Remove some #ifdef HAVE_ANDROID_OS that were needed for the simulator build
Change-Id: I13d9f251f86c05ae5405f37adbf6b8e9660935ba
Signed-off-by: Mike Lockwood <lockwood@android.com>
2011-07-13 19:45:44 -04:00
Jeff Brown
e16986cae2 Eliminate single-process mode.
Bug: 5010576

Change-Id: Id450dc83efed4897d1e4ff451530fed14457aace
2011-07-08 19:54:07 -07:00
Mathias Agopian
99b49840d3 PermissionCache caches permission checks
This is intended to absorb the cost of the IPC
to the permission controller.
Cached permission checks cost about 3us, while
full blown ones are two orders of magnitude slower.

CAVEAT: PermissionCache can only handle system
permissions safely for now, because the cache is
not purged upon global permission changes.

Change-Id: I8b8a5e71e191e3c01e8f792f253c379190eee62e
2011-06-27 17:42:15 -07:00
Anu Sundararajan
5728a92e29 MemoryHeapBase: Save and binderize the offset
The offset that is used in the creation of the MemoryHeapBase must be saved, so
that it can be used to recreate the Heap when an IMemory object is passed
across process boundary through the binder.

Change-Id: Ie618fb5c0718e6711f55ed9235616fd801e648dc
Signed-off-by: Anu Sundararajan <sanuradha@ti.com>
Signed-off-by: Iliyan Malchev <malchev@google.com>
2011-06-27 13:48:51 -07:00
Evgeniy Stepanov
d547432f98 Make sure binder ioctl structs don't contain uninitialized values.
Change-Id: I8a678f91262417bb120e65e32c244ce1512b46c2
2011-04-21 14:37:15 +04:00
Andreas Huber
6e9eb7453f Merge "Parcel::appendFrom({const } Parcel *parcel, size_t, size_t)" 2011-04-18 08:12:36 -07:00
Dianne Hackborn
97e2bcd760 Rewrite battery history storage.
We now write battery history directly into a buffer, instead of
creating objects.  This allows for more efficient storage; later
it can be even better because we can only write deltas.

The old code is still there temporarily for validation.

Change-Id: I9707d4d8ff30855be8ebdc93bc078911040d8e0b
2011-04-14 10:57:22 -07:00
Andreas Huber
51faf46e29 Parcel::appendFrom({const } Parcel *parcel, size_t, size_t)
As far as I can tell "parcel" isn't actually modified by the implementation.

Change-Id: Ib806eefdc13c97b932773e1dc9ca3a4aad4422b2
2011-04-13 10:21:56 -07:00
Kenny Root
af1cf07134 Clean up use of HAVE_ANDROID_OS
HAVE_ANDROID_OS was defined as "1" for targets, but never defined as "0"
for non-targets. Changing them to #ifdef should be safe and matches
all the other uses of HAVE_ANDROID_OS throughout the system.

Change-Id: I82257325a8ae5e4e4371ddfc4dbf51cea8ea0abb
2011-02-16 10:56:32 -08:00
Jean-Baptiste Queru
1ee57e397f am 6637e307: am bfb5f596: Merge "Fix for writing empty strings to Parcel::writeString8()"
* commit '6637e307494475b85afe8869d312d4a2f832d8f4':
  Fix for writing empty strings to Parcel::writeString8()
2010-12-28 11:54:08 -08:00
Pravat Dalbehera
d1dff8d4d4 Fix for writing empty strings to Parcel::writeString8()
If writeString8 is called with the following sequence:

 writeString8(String8(""));
 writeString8(String8("TempString"));

Then in the readString8, the 2nd String i.e. "TempString" is not read,
instead an empty string is read.

The bug comes because of the write call for String8("") where there are
no String bytes present. In the write Statement, an extra ‘\0’ is
written. During the Marshalling, Following bytes are written:

1        2         3        4       5   ...
0x0      0x0       0xB      ‘T’     ‘e’  ...

The readString8 function has a check that, if String length is 0, don’t
read anything. So the first byte is read as the length for the first
string. The second byte i.e. ‘\0’ is read as the length for the second
string and hence the second string becomes empty too.

Change-Id: Id7acc0c80ae16e77be4331f1ddf69ea87e758420
2010-12-22 12:57:31 +01:00
Brad Fitzpatrick
1b60843547 Framework-side support for Dalvik "isSensitiveThread" hook.
Used in lock contention stats.

Bug: 3226270
Change-Id: Ie6f58d130a29079a59bdefad40b80304d9bc3623
2010-12-14 09:28:16 -08:00
Vasu Nori
7c4f09db4c fix messages from sqlite layer in c++ code to be useful.
Change-Id: Ib13f86f3481aae391f5e887bb14877f12bf48034
2010-11-29 11:53:55 -08:00
Vasu Nori
82bd26d904 convert one of the LOGE to LOG_WINDOW msg to reduce grief
grief from people who think this message is bad news.
but in reality, this message is really just an informational message
to aid in debugging

Change-Id: I1a2ab1666a27adb7d3fd210528b2c5218640d53d
2010-10-26 16:44:44 -07:00
Vasu Nori
91abfdd3ed turn off some useless messages
Change-Id: I5ed5696cd052b70e7cf7b872205470cd56fada90
2010-10-05 16:50:51 -07:00
Dianne Hackborn
be8bf0ced4 am deaa8ff1: am a7ef18fc: Merge "Some debugging support." into gingerbread
Merge commit 'deaa8ff1b10d38add4f7c276e7be2ffc19359a14'

* commit 'deaa8ff1b10d38add4f7c276e7be2ffc19359a14':
  Some debugging support.
2010-09-24 15:58:25 -07:00
Dianne Hackborn
67f78c4fe8 Some debugging support.
- New feature to "am monitor" to have it automatically launch
  gdbserv for you when a crash/ANR happens, and tell you how to
  run the client.

- Update dumpstate to match new location of binder debug logs

- Various commented out logs that are being used to track down
  issues.

Change-Id: Ia5dd0cd2df983a1fc6be697642a4590aa02a26a5
2010-09-24 13:11:55 -07:00
Brad Fitzpatrick
f3372f7ca3 am ae087369: am 63070856: Merge "Don\'t propagate StrictMode over one-way Binder calls." into gingerbread
Merge commit 'ae087369c56a270c33c1c1af5be7d3c5d7f94e80'

* commit 'ae087369c56a270c33c1c1af5be7d3c5d7f94e80':
  Don't propagate StrictMode over one-way Binder calls.
2010-08-31 15:06:24 -07:00
Brad Fitzpatrick
5273603e98 Don't propagate StrictMode over one-way Binder calls.
This was causing stack stitching problems where a one-way call with
violations followed by a two-way call without violations was getting
the previous one-way call's violation stack stitched on to the second
caller's stack.

The solution is a little more indirect than I would've liked
(preserving the binder's onTransact flags until enforceInterface) but
was seemingly necessary to work without changing the AIDL compiler.
It should also be sufficiently cheap, since no new calls to
thread-local IPCThreadState lookups were required.  The additional
work is just same-thread getter/setters on the existing
IPCThreadState.

Change-Id: I4b6db1d445c56e868e6d0d7be3ba6849f4ef23ae
2010-08-31 13:16:49 -07:00
Brad Fitzpatrick
b8f4015c0a am 245cb784: am 84c924a6: Merge "Replace several IPCThreadState::get() lookups with one." into gingerbread
Merge commit '245cb7846c82f7c0840e13f0b994d356846b1678'

* commit '245cb7846c82f7c0840e13f0b994d356846b1678':
  Replace several IPCThreadState::get() lookups with one.
2010-07-27 14:04:14 -07:00
Brad Fitzpatrick
70081a1511 Replace several IPCThreadState::get() lookups with one.
Also, make StrictMode's ThreadLocal final.

Change-Id: I08d400ed254fa67bb7a3dae1227f205a54c00df0
2010-07-27 12:28:57 -07:00
Brad Fitzpatrick
e9f1a6478f am 3e5e21d4: am 1772c34e: Merge "StrictMode: gather and return violating stacks in Binder replies" into gingerbread
Merge commit '3e5e21d4dc74751e64d17379c5563ece39a7e35d'

* commit '3e5e21d4dc74751e64d17379c5563ece39a7e35d':
  StrictMode: gather and return violating stacks in Binder replies
2010-07-15 23:05:39 -07:00
Brad Fitzpatrick
721c4162c3 am cc52121c: am c4b204bd: Merge "More StrictMode work, keeping Binder & BlockGuard\'s thread-locals in-sync." into gingerbread
Merge commit 'cc52121c4f88e9feb8404937bcbfff6e73084666'

* commit 'cc52121c4f88e9feb8404937bcbfff6e73084666':
  More StrictMode work, keeping Binder & BlockGuard's thread-locals in-sync.
2010-07-15 23:05:35 -07:00
Brad Fitzpatrick
d36f4a5f13 StrictMode: gather and return violating stacks in Binder replies
Now, when Thread A has a strict mode policy in effect and does a
Binder call to Thread B (most likely in another process), the strict
mode policy is passed along, but with the GATHER penalty bit set which
overrides other policies and instead gathers all offending stack
traces to a threadlocal which are then written back in the Parcel's
reply header.

Change-Id: I7d4497032a0609b37b1a2a15855f5c929ba0584d
2010-07-15 13:18:05 -07:00
Brad Fitzpatrick
a877cd85b5 More StrictMode work, keeping Binder & BlockGuard's thread-locals in-sync.
Change-Id: Ia67cabcc17a73a0f15907ffea683d06bc41b90e5
2010-07-15 13:18:05 -07:00
Brad Fitzpatrick
0c2aaca5d6 am 706623dd: am c0a7e690: Add Parcel::readExceptionCode() and Parcel::writeNoException()
Merge commit '706623ddb8314850c0551f0b66e24b5f0bd28620'

* commit '706623ddb8314850c0551f0b66e24b5f0bd28620':
  Add Parcel::readExceptionCode() and Parcel::writeNoException()
2010-07-13 15:57:20 -07:00
Brad Fitzpatrick
837a0d0fb2 Add Parcel::readExceptionCode() and Parcel::writeNoException()
Add native Parcel methods analogous to the Java versions.

Currently, these don't do much, but upcoming StrictMode work changes
the RPC calling conventions in some cases, so it's important that
everybody uses these consistently, rather than having a lot of code
trying to parse RPC responses out of Parcels themselves.

As a summary, the current convention that Java Binder services use is
to prepend the reply Parcel with an int32 signaling the exception
status:

     0: no exception
     -1: Security exception
     -2: Bad Parcelable
     -3: ...
     -4: ...
     -5: ...

... followed by Parceled String if the exception code is non-zero.

With an upcoming change, it'll be the case that a response Parcel can,
non-exceptionally return rich data in the header, and also return data
to the caller.  The important thing to note in this new case is that
the first int32 in the reply parcel *will not be zero*, so anybody
manually checking for it with reply.readInt32() will get false
negative failures.

Short summary: If you're calling into a Java service and manually
checking the exception status with reply.readInt32(), change it to
reply.readExceptionCode().

Change-Id: I23f9a0e53a8cfbbd9759242cfde16723641afe04
2010-07-13 15:45:18 -07:00
Brad Fitzpatrick
f9e01ea481 am efcf68aa: am ef8f96a7: Merge "Start of work on passing around StrictMode policy over Binder calls." into gingerbread
Merge commit 'efcf68aa1fd7fcfd52cf3d2837ed8db8e797194b'

* commit 'efcf68aa1fd7fcfd52cf3d2837ed8db8e797194b':
  Start of work on passing around StrictMode policy over Binder calls.
2010-06-23 10:18:18 -07:00
Brad Fitzpatrick
702ea9d42f Start of work on passing around StrictMode policy over Binder calls.
This is (intendend to be) a no-op change.

At this stage, Binder RPCs just have an additional uint32 passed around
in the header, right before the interface name.  But nothing is actually
done with them yet.  That value should right now always be 0.

This now boots and seems to work.

Change-Id: I135b7c84f07575e6b9717fef2424d301a450df7b
2010-06-21 12:56:35 -07:00
Mike Lockwood
244a7655ae Move CursorWindow class from core/jni to libbinder
To allow use of the native CursorWindow class outside of the core framework jni

Change-Id: I72e8dcb91a2c691130c33cdfd9a25d343da1c592
Signed-off-by: Mike Lockwood <lockwood@android.com>
2010-05-28 10:08:21 -04:00
Dan Egnor
386a332b4f Make static versions of libutils and libbinder.
Fix some small static-initialization-order issues (and a static-
initializers-missing issue) that result from doing so.  The static
libraries don't actually get used for anything real at the moment --
they're used for perf tests of bug 2660235.

Bug: 2660235
Change-Id: Iee2f38f79cc93b395e8d0a5a144ed92461f5ada0
2010-05-06 01:03:31 -07:00
Mathias Agopian
3c772b706d fix [2599939] "cannot play video" after open/close a video player a dozen of times
get rid off the MAP_ONCE flag is MemoryHeapBase (as well as it's functionality),
this feature should not be used anymore.

the software renderer was incorrectly using the default ctor which set MAP_ONCE,
causing the leak. the software renderer itself is incorrectly used while coming
back from sleep.

Change-Id: I123621f8d140550b864f352bbcd8a5729db12b57
2010-04-19 19:09:03 -07:00
Christopher Tate
440fd870b2 Ensure that binder incalls to the system process keep the fg cgroup
On binder incalls, the handler thread is given the caller's priority by the
driver, but not the caller's cgroup.  We have explicit code that sets the
handler's cgroup to match the caller's, *except* that the system process
explicitly disables this behavior.  This led to a siuation in which we were
running binder incalls to the system process at nice=10 but cgroup=fg.

That's fine as far as it goes, except that if a GC happened in the handler
thread, it would be promoted to foreground priority and cgroup both, to avoid
having the GC take forever.  Then, when GC finished, the original priority
is reset, and the cgroup set *based on that priority*.  This would push the
handler thread into nice=10 cgroup=bg_non_interactive -- which matches the
caller, but is supposed to be impossible in the system process.

The end result of this was that we could be running "lengthy" operations in
the system process in the background.  Unfortunately, some of the operations
that wound up like this would hold important global system locks for up to
twenty seconds as a result, making the entire device unresponsive to input
for that period.

This CL fixes the binder incall setup to ensure that within the system process,
a binder incall is always begun from the normal foreground priority as well
as cgroup.  In practice now the device still becomes laggy/sluggish when the
offending lock-holding time-consuming incall occurs, but since it still runs
as a foreground task it is able to proceed to completion within a short time
rather than taking 20 seconds.

Fixes bug #2403717

Change-Id: Id046aeabd0e80c48eef94accc37842835eab308d
2010-03-18 18:13:57 -07:00
Mathias Agopian
98e71ddaed remove a dependency of GraphicBuffer (libui) on Parcel (libbinder).
Add a Flattenable interface to libutils which can be used to flatten
an object into bytestream + filedescriptor stream.
Parcel is modified to handle Flattenable. And GraphicBuffer implements
Flattenable.

Except for the overlay classes libui is now independent of libbinder.
2010-02-21 23:27:25 -08:00
Mathias Agopian
0dd0d2944a Simplify the MemoryDealer implementation
At some point the implementation became complicated because of
SurfaceFlinger's special needs, since we are now relying on gralloc
we can go back to much simpler MemoryDealer.

Removed HeapInterface and AllocatorInterface, since those don't need
to be paramterized anymore. Merged SimpleMemory and Allocation.
Made SimplisticAllocator non virtual.

Removed MemoryDealer flags (READ_ONLY, PAGE_ALIGNED)

Removed a lot of unneeded code.
2010-01-29 14:51:06 -08:00
Dianne Hackborn
8c6cedc9bc Propagate background scheduling class across processes.
This is a very simply implementation: upon receiving an IPC, if the handling
thread is at a background priority (the driver will have taken care of
propagating this from the calling thread), then stick it in to the background
scheduling group.  Plus an API to turn this off for the process, which is
used by the system process.

This also pulls some of the code for managing scheduling classes out of
the Process JNI wrappers and in to some convenience methods in thread.h.
2009-12-07 19:11:14 -08:00