From fae51c438827ae0a55c1b83c0e9be348254bfbd4 Mon Sep 17 00:00:00 2001 From: Chia-I Wu Date: Thu, 15 Jun 2017 12:53:59 -0700 Subject: surfaceflinger: fix a potential child layer leak We should not remove a child layer from its already removed parent. Call p->removeChild only after we've checked that the ancestor is alive. Apply e6b63e1ae12692327f7e46d5f10d6ade5a7bf192 and this fix to SurfaceFlinger_hwc1.cpp as well. Bug: 37121786 Test: manual stress test Change-Id: I7b811450a998acc4ad9690bd4eda058ce6588e14 --- services/surfaceflinger/SurfaceFlinger.cpp | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'services/surfaceflinger/SurfaceFlinger.cpp') diff --git a/services/surfaceflinger/SurfaceFlinger.cpp b/services/surfaceflinger/SurfaceFlinger.cpp index 6174185969..29e7bd6792 100644 --- a/services/surfaceflinger/SurfaceFlinger.cpp +++ b/services/surfaceflinger/SurfaceFlinger.cpp @@ -2689,8 +2689,6 @@ status_t SurfaceFlinger::removeLayer(const sp& layer, bool topLevelOnly) return NO_ERROR; } - index = p->removeChild(layer); - sp ancestor = p; while (ancestor->getParent() != nullptr) { ancestor = ancestor->getParent(); @@ -2699,6 +2697,8 @@ status_t SurfaceFlinger::removeLayer(const sp& layer, bool topLevelOnly) ALOGE("removeLayer called with a layer whose parent has been removed"); return NAME_NOT_FOUND; } + + index = p->removeChild(layer); } else { index = mCurrentState.layersSortedByZ.remove(layer); } -- cgit v1.2.3-59-g8ed1b