diff options
| author | 2019-05-10 13:03:57 -0700 | |
|---|---|---|
| committer | 2019-05-10 13:37:45 -0700 | |
| commit | bcc984d38e9c054b6b047f7ec43b8816f0f27ba8 (patch) | |
| tree | e38e6ea70738b767393f22a3486bed6da7f1f834 | |
| parent | 30bdc20734f4dbd28e6fa8eee68a940538cfbdda (diff) | |
Call ScopedLocalFrame in JNI methods
Objects were leaking in InputManagerService JNI since there were calls
from the native process without clearing the local reference.
Call ScopedLocalFrame before extrating the reference so the object
references get removed when the function returns.
Test: No longer leaking IWindow when opening/closing apps
Fixes: 131355264
Change-Id: Ib57398c833ba373b9c092e23bc965ed6d56c9fa5
| -rw-r--r-- | services/core/jni/com_android_server_input_InputManagerService.cpp | 9 |
1 files changed, 7 insertions, 2 deletions
diff --git a/services/core/jni/com_android_server_input_InputManagerService.cpp b/services/core/jni/com_android_server_input_InputManagerService.cpp index 204a1ea977e7..fb3076ba9ddd 100644 --- a/services/core/jni/com_android_server_input_InputManagerService.cpp +++ b/services/core/jni/com_android_server_input_InputManagerService.cpp @@ -59,6 +59,7 @@ #include <android_view_PointerIcon.h> #include <android/graphics/GraphicsJNI.h> +#include <nativehelper/ScopedLocalFrame.h> #include <nativehelper/ScopedLocalRef.h> #include <nativehelper/ScopedPrimitiveArray.h> #include <nativehelper/ScopedUtfChars.h> @@ -723,6 +724,7 @@ nsecs_t NativeInputManager::notifyANR(const sp<InputApplicationHandle>& inputApp ATRACE_CALL(); JNIEnv* env = jniEnv(); + ScopedLocalFrame localFrame(env); jobject tokenObj = javaObjectForIBinder(env, token); jstring reasonObj = env->NewStringUTF(reason.c_str()); @@ -735,8 +737,6 @@ nsecs_t NativeInputManager::notifyANR(const sp<InputApplicationHandle>& inputApp } else { assert(newTimeout >= 0); } - - env->DeleteLocalRef(reasonObj); return newTimeout; } @@ -747,6 +747,7 @@ void NativeInputManager::notifyInputChannelBroken(const sp<IBinder>& token) { ATRACE_CALL(); JNIEnv* env = jniEnv(); + ScopedLocalFrame localFrame(env); jobject tokenObj = javaObjectForIBinder(env, token); if (tokenObj) { @@ -764,6 +765,7 @@ void NativeInputManager::notifyFocusChanged(const sp<IBinder>& oldToken, ATRACE_CALL(); JNIEnv* env = jniEnv(); + ScopedLocalFrame localFrame(env); jobject oldTokenObj = javaObjectForIBinder(env, oldToken); jobject newTokenObj = javaObjectForIBinder(env, newToken); @@ -1139,6 +1141,7 @@ nsecs_t NativeInputManager::interceptKeyBeforeDispatching( nsecs_t result = 0; if (policyFlags & POLICY_FLAG_TRUSTED) { JNIEnv* env = jniEnv(); + ScopedLocalFrame localFrame(env); // Token may be null jobject tokenObj = javaObjectForIBinder(env, token); @@ -1173,6 +1176,7 @@ bool NativeInputManager::dispatchUnhandledKey(const sp<IBinder>& token, bool result = false; if (policyFlags & POLICY_FLAG_TRUSTED) { JNIEnv* env = jniEnv(); + ScopedLocalFrame localFrame(env); // Note: tokenObj may be null. jobject tokenObj = javaObjectForIBinder(env, token); @@ -1224,6 +1228,7 @@ bool NativeInputManager::checkInjectEventsPermissionNonReentrant( void NativeInputManager::onPointerDownOutsideFocus(const sp<IBinder>& touchedToken) { ATRACE_CALL(); JNIEnv* env = jniEnv(); + ScopedLocalFrame localFrame(env); jobject touchedTokenObj = javaObjectForIBinder(env, touchedToken); env->CallVoidMethod(mServiceObj, gServiceClassInfo.onPointerDownOutsideFocus, touchedTokenObj); |