9696bd32be247924dc68c677982a248e778fd17d - platform_frameworks_base

commit	9696bd32be247924dc68c677982a248e778fd17d	[log] [tgz]
author	Shibin George <shibing@codeaurora.org>	Mon Feb 26 20:29:44 2018 +0530
committer	Shibin George <shibing@codeaurora.org>	Thu Mar 08 22:59:40 2018 +0530
tree	d281c8d97509842b7a3b386b7e44b1ec550dbdb1
parent	73200d9ac9438d95f28f0b9df3a7eddbfbf18eae [diff]

Check if mSurface is valid before create SurfaceSession If mSurface has already been released in another thread, this would result in a null-pointer dereference in SurfaceSession contructor i.e. in nativeCreateScoped(). 7757 7757 F DEBUG : pid: 1402, tid: 1583, name: android.anim >>> system_server <<< 7757 7757 F DEBUG : signal 11 (SIGSEGV), code 1 (SEGV_MAPERR), fault addr 0xd0 7757 7757 F DEBUG : Cause: null pointer dereference ... <trimmed> 7757 7757 F DEBUG : backtrace: 7757 7757 F DEBUG : #00 pc 000000000007fe58 /system/lib64/libgui.so (android::Surface::getIGraphicBufferProducer() const) 7757 7757 F DEBUG : #01 pc 00000000000ff000 /system/lib64/libandroid_runtime.so (android::nativeCreateScoped(_JNIEnv*, _jclass*, long)+52) 7757 7757 F DEBUG : #02 pc 0000000000ac8968 /system/framework/arm64/boot-framework.oat (offset 0x614000) (android.content.res.XmlBlock.nativeCreateParseState [DEDUPED]+152) 7757 7757 F DEBUG : #03 pc 0000000001327d24 /system/framework/arm64/boot-framework.oat (offset 0x614000) (android.view.SurfaceSession.<init>+52) 7757 7757 F DEBUG : #04 pc 00000000014b7320 /system/framework/oat/arm64/services.odex (offset 0x5be000) (com.android.server.wm.TaskSnapshotSurface.drawSizeMismatchSnapshot+128) 7757 7757 F DEBUG : #05 pc 00000000014b784c /system/framework/oat/arm64/services.odex (offset 0x5be000) (com.android.server.wm.TaskSnapshotSurface.drawSnapshot+188) 7757 7757 F DEBUG : #06 pc 00000000014b6f2c /system/framework/oat/arm64/services.odex (offset 0x5be000) (com.android.server.wm.TaskSnapshotSurface.create+2684) 7757 7757 F DEBUG : #07 pc 00000000014b0158 /system/framework/oat/arm64/services.odex (offset 0x5be000) (com.android.server.wm.TaskSnapshotController.createStartingSurface+72) 7757 7757 F DEBUG : #08 pc 00000000014a5ca0 /system/framework/oat/arm64/services.odex (offset 0x5be000) (com.android.server.wm.SnapshotStartingData.createStartingSurface+96) 7757 7757 F DEBUG : #09 pc 000000000144b030 /system/framework/oat/arm64/services.odex (offset 0x5be000) (com.android.server.wm.AppWindowContainerController.lambda$-com_android_server_wm_AppWindowContainerController_4735+496) ... <trimmed> Bug: 74129970 Change-Id: I41268c7680d3885c85fc3b682d0eba7415674062