Gitiles
Code Review Sign In
review.evervolv.com / android_frameworks_av / d46758b6ec99533babbd24f62e381eae0a2a66a6^! / . / include / private / ui / SharedBufferStack.h
commitd46758b6ec99533babbd24f62e381eae0a2a66a6[log] [tgz]
authorMathias Agopian <mathias@google.com>Tue Oct 06 19:00:57 2009 -0700
committerMathias Agopian <mathias@google.com>Tue Oct 06 19:00:57 2009 -0700
treef48945f39c8c6883f56389743770091cd0060914
parent5bffa09d4483ac31de42077d05d24ba26fab928d [diff] [blame]
fix [2152536] ANR in browser

A window is created and the browser is about to render into it the
very first time, at that point it does an IPC to SF to request a new
buffer. Meanwhile, the window manager removes that window from the
list and the shared memory block it uses is marked as invalid.
However, at that point, another window is created and is given the
same index (that just go freed), but a different identity and resets
the "invalid" bit in the shared block. When we go back to the buffer
allocation code, we're stuck because the surface we're allocating for
is gone and we don't detect it's invalid because the invalid bit has
been reset.

It is not sufficient to check for the invalid bit, I should
also check that identities match.

diff --git a/include/private/ui/SharedBufferStack.h b/include/private/ui/SharedBufferStack.h
index 59cf31c..f6824d9 100644
--- a/include/private/ui/SharedBufferStack.h
+++ b/include/private/ui/SharedBufferStack.h

@@ -139,7 +139,8 @@
 class SharedBufferBase
 {
 public:
-    SharedBufferBase(SharedClient* sharedClient, int surface, int num);
+    SharedBufferBase(SharedClient* sharedClient, int surface, int num,
+            int32_t identity);
     ~SharedBufferBase();
     uint32_t getIdentity();
     status_t getStatus() const;
@@ -150,6 +151,7 @@
     SharedClient* const mSharedClient;
     SharedBufferStack* const mSharedStack;
     const int mNumBuffers;
+    const int mIdentity;
 
     friend struct Update;
     friend struct QueueUpdate;
@@ -180,7 +182,10 @@
     SharedClient& client( *mSharedClient );
     const nsecs_t TIMEOUT = s2ns(1);
     Mutex::Autolock _l(client.lock);
-    while ((condition()==false) && (stack.status == NO_ERROR)) {
+    while ((condition()==false) &&
+            (stack.identity == mIdentity) &&
+            (stack.status == NO_ERROR))
+    {
         status_t err = client.cv.waitRelative(client.lock, TIMEOUT);
         
         // handle errors and timeouts
@@ -190,13 +195,13 @@
                     LOGE("waitForCondition(%s) timed out (identity=%d), "
                         "but condition is true! We recovered but it "
                         "shouldn't happen." , T::name(),
-                        mSharedStack->identity);
+                        stack.identity);
                     break;
                 } else {
                     LOGW("waitForCondition(%s) timed out "
                         "(identity=%d, status=%d). "
                         "CPU may be pegged. trying again.", T::name(),
-                        mSharedStack->identity, mSharedStack->status);
+                        stack.identity, stack.status);
                 }
             } else {
                 LOGE("waitForCondition(%s) error (%s) ",
@@ -205,7 +210,7 @@
             }
         }
     }
-    return stack.status;
+    return (stack.identity != mIdentity) ? status_t(BAD_INDEX) : stack.status;
 }
 
 
@@ -223,8 +228,9 @@
 class SharedBufferClient : public SharedBufferBase
 {
 public:
-    SharedBufferClient(SharedClient* sharedClient, int surface, int num);
-    
+    SharedBufferClient(SharedClient* sharedClient, int surface, int num,
+            int32_t identity);
+
     ssize_t dequeue();
     status_t undoDequeue(int buf);