From nobody Thu Jun  9 03:21:48 2022
X-Original-To: freebsd-hackers@mlmmj.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
	by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4B1B3840CE0
	for <freebsd-hackers@mlmmj.nyi.freebsd.org>; Thu,  9 Jun 2022 03:22:14 +0000 (UTC)
	(envelope-from nc@FreeBSD.org)
Received: from thunderstorm.neelc.org (thunderstorm.neelc.org [IPv6:2001:19f0:8001:174b:5400:3ff:febf:260b])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
	(Client did not present a certificate)
	by mx1.freebsd.org (Postfix) with ESMTPS id 4LJTsw5Xnxz3Jrl
	for <freebsd-hackers@freebsd.org>; Thu,  9 Jun 2022 03:22:12 +0000 (UTC)
	(envelope-from nc@FreeBSD.org)
Received: from mail.neelc.org (thunderstorm.neelc.org [IPv6:2001:19f0:8001:174b:5400:3ff:febf:260b])
	by thunderstorm.neelc.org (Postfix) with ESMTPSA id 238EB2FAF13
	for <freebsd-hackers@freebsd.org>; Wed,  8 Jun 2022 20:21:49 -0700 (PDT)
List-Id: Technical discussions relating to FreeBSD <freebsd-hackers.freebsd.org>
List-Archive: https://lists.freebsd.org/archives/freebsd-hackers
List-Help: <mailto:freebsd-hackers+help@freebsd.org>
List-Post: <mailto:freebsd-hackers@freebsd.org>
List-Subscribe: <mailto:freebsd-hackers+subscribe@freebsd.org>
List-Unsubscribe: <mailto:freebsd-hackers+unsubscribe@freebsd.org>
Sender: owner-freebsd-hackers@freebsd.org
MIME-Version: 1.0
Date: Wed, 08 Jun 2022 20:21:48 -0700
From: Neel Chauhan <nc@FreeBSD.org>
To: freebsd-hackers@freebsd.org
Subject: Potential USB bug with read() (while updating android-tools-adb)
Message-ID: <9b3dbdddb02e65c5ff4b3dc0f117c3c6@neelc.org>
X-Sender: nc@FreeBSD.org
Content-Type: text/plain; charset=US-ASCII;
 format=flowed
Content-Transfer-Encoding: 7bit
X-Rspamd-Queue-Id: 4LJTsw5Xnxz3Jrl
X-Spamd-Bar: /
Authentication-Results: mx1.freebsd.org;
	dkim=none;
	dmarc=none;
	spf=softfail (mx1.freebsd.org: 2001:19f0:8001:174b:5400:3ff:febf:260b is neither permitted nor denied by domain of nc@FreeBSD.org) smtp.mailfrom=nc@FreeBSD.org
X-Spamd-Result: default: False [-1.00 / 15.00];
	 ARC_NA(0.00)[];
	 RCVD_VIA_SMTP_AUTH(0.00)[];
	 ONCE_RECEIVED(0.10)[];
	 FREEFALL_USER(0.00)[nc];
	 FROM_HAS_DN(0.00)[];
	 TO_MATCH_ENVRCPT_ALL(0.00)[];
	 NEURAL_HAM_LONG(-1.00)[-0.999];
	 MIME_GOOD(-0.10)[text/plain];
	 PREVIOUSLY_DELIVERED(0.00)[freebsd-hackers@freebsd.org];
	 TO_DN_NONE(0.00)[];
	 R_SPF_SOFTFAIL(0.00)[~all:c];
	 RCPT_COUNT_ONE(0.00)[1];
	 NEURAL_SPAM_MEDIUM(1.00)[1.000];
	 DMARC_NA(0.00)[FreeBSD.org];
	 NEURAL_HAM_SHORT(-1.00)[-1.000];
	 MLMMJ_DEST(0.00)[freebsd-hackers];
	 RCVD_COUNT_ONE(0.00)[1];
	 FROM_EQ_ENVFROM(0.00)[];
	 R_DKIM_NA(0.00)[];
	 MIME_TRACE(0.00)[0:+];
	 ASN(0.00)[asn:20473, ipnet:2001:19f0:8000::/38, country:US];
	 RCVD_TLS_ALL(0.00)[];
	 TO_DOM_EQ_FROM_DOM(0.00)[]
X-ThisMailContainsUnwantedMimeParts: N

Hi hackers@,

While attempting to update android-tools-(fastboot/adb) to a newer 
version, I noticed a potential bug with the FreeBSD USB subsystem.

After two reads from a particular function in a USB device, read() reads 
0 bytes even with it should read 8 bytes and returns 0 respectively 
instead of 8.

The branch is: 
https://github.com/neelchauhan/freebsd-android-tools/tree/fbsd-31.0.3p1

The offending lines are:
vendor/adb/client/commandline.cpp:928 (ReadFdExactly call)
vendor/adb/adb_io.cpp:83 (adb_read call)
vendor/adb/sysdeps.h:526 (adb_read definition, this calls read())

This happens when I attempt to flash LineageOS 19.1 (Android Custom ROM) 
to a Google Pixel 3 smartphone via the so-called "recovery", which is 
the "test" device used to test if this port works (my main device, a 
Google Pixel 6 Pro while rooted can't be used since I'm not willing to 
live without a phone).

On Android, recoveries are used to update, root, or replace an Android 
installation. The `adb sideload` in the recovery causes read() to fail 
prematurely, whereas `adb push` in a recovery works perfectly.

However, LineageOS requires the "sideload" function to install on many 
devices, and I don't want a broken port in the Ports tree either.

On FreeBSD, this exact adb_read() routine works fine on other `adb` 
calls. On Linux (or macOS when I had a M1 Mac Mini before donating it to 
kevans@), `adb sideload` works perfectly, period.

I doubt most of you are rooted Android users, so if you need help 
understanding how Android flashing works feel free to ping me, I'm no 
"expert" either but have been doing this for 8+ years.

This error also happens with the Ports version, which is why I initially 
wanted to update.

Is there anything FreeBSD does in its USB implementation that's funky, 
or even in libusb? Especially in the last 2-3 year? Or is it more adb 
issues.

I am using an AMD Ryzen 5800X-based HP Omen 30L running FreeBSD 
14.0-CURRENT with Git revision 0817c8dc2a4 (May 14), but this also 
happens on other Intel-based and AMD-based systems, with both USB-A and 
USB-C Ports.

I'm not *really* a kernel person, and not at all a USB hacker. I'll 
probably update my CURRENT but this issue has been happening for 2 or so 
years now and rebooting into Linux USBs isn't exactly fun to flash my 
Android.

-Neel (nc@)