Fix race condition in GetPreResolvedStrings DexCache::VisitReferences had a race condition where a null pointer could be accessed if there was another concurrent caller doing ClearPreResolvedStrings. Fix is to add an extra null check that prevents the race. Bug: 152716138 Test: test-art-host Change-Id: Ib447ce689e23f7c20d4cda8b457abeb89ade9291

commit: ca1c39addf4446c8eff3cf0b304112c59b400b18 [log] [tgz]
author: Mathieu Chartier <mathieuc@google.com> Mon Mar 30 17:57:26 2020 -0700
committer: Mathieu Chartier <mathieuc@google.com> Tue Mar 31 10:17:58 2020 -0700
tree: cba9fb59cf4126222a50aa40357f8e1f7121336d
parent: 1abd3ec2c338bf3d0c7e68399d94554e468a8e3f [diff]
diff --git a/runtime/mirror/dex_cache-inl.h b/runtime/mirror/dex_cache-inl.h
index 80b5a34..4f23273 100644
--- a/runtime/mirror/dex_cache-inl.h
+++ b/runtime/mirror/dex_cache-inl.h

@@ -382,9 +382,11 @@
     }
 
     GcRoot<mirror::String>* const preresolved_strings = GetPreResolvedStrings();
-    const size_t num_preresolved_strings = NumPreResolvedStrings();
-    for (size_t i = 0; i != num_preresolved_strings; ++i) {
-      visitor.VisitRootIfNonNull(preresolved_strings[i].AddressWithoutBarrier());
+    if (preresolved_strings != nullptr) {
+      const size_t num_preresolved_strings = NumPreResolvedStrings();
+      for (size_t i = 0; i != num_preresolved_strings; ++i) {
+        visitor.VisitRootIfNonNull(preresolved_strings[i].AddressWithoutBarrier());
+      }
     }
   }
 }
commit	ca1c39addf4446c8eff3cf0b304112c59b400b18	[log] [tgz]
author	Mathieu Chartier <mathieuc@google.com>	Mon Mar 30 17:57:26 2020 -0700
committer	Mathieu Chartier <mathieuc@google.com>	Tue Mar 31 10:17:58 2020 -0700
tree	cba9fb59cf4126222a50aa40357f8e1f7121336d
parent	1abd3ec2c338bf3d0c7e68399d94554e468a8e3f [diff]