From 56e46134d364f7f293158979765336721a6c752c Mon Sep 17 00:00:00 2001 From: Michael Plass Date: Thu, 13 Jul 2017 10:09:07 -0700 Subject: [PATCH] [AsyncChannel] Fix race in handling of sync result Bug: 63074860 Test: wifi unit tests Change-Id: I1d59eb8d599de9d9041e0b9b7d731363675a40c9 --- .../android/internal/util/AsyncChannel.java | 19 ++++++++++++------- 1 file changed, 12 insertions(+), 7 deletions(-) diff --git a/core/java/com/android/internal/util/AsyncChannel.java b/core/java/com/android/internal/util/AsyncChannel.java index d8be9fdc33bda..6fbfff8f381dd 100644 --- a/core/java/com/android/internal/util/AsyncChannel.java +++ b/core/java/com/android/internal/util/AsyncChannel.java @@ -768,9 +768,10 @@ public class AsyncChannel { /** Handle of the reply message */ @Override public void handleMessage(Message msg) { - mResultMsg = Message.obtain(); - mResultMsg.copyFrom(msg); + Message msgCopy = Message.obtain(); + msgCopy.copyFrom(msg); synchronized(mLockObject) { + mResultMsg = msgCopy; mLockObject.notify(); } } @@ -812,22 +813,26 @@ public class AsyncChannel { */ private static Message sendMessageSynchronously(Messenger dstMessenger, Message msg) { SyncMessenger sm = SyncMessenger.obtain(); + Message resultMsg = null; try { if (dstMessenger != null && msg != null) { msg.replyTo = sm.mMessenger; synchronized (sm.mHandler.mLockObject) { + if (sm.mHandler.mResultMsg != null) { + Slog.wtf(TAG, "mResultMsg should be null here"); + sm.mHandler.mResultMsg = null; + } dstMessenger.send(msg); sm.mHandler.mLockObject.wait(); + resultMsg = sm.mHandler.mResultMsg; + sm.mHandler.mResultMsg = null; } - } else { - sm.mHandler.mResultMsg = null; } } catch (InterruptedException e) { - sm.mHandler.mResultMsg = null; + Slog.e(TAG, "error in sendMessageSynchronously", e); } catch (RemoteException e) { - sm.mHandler.mResultMsg = null; + Slog.e(TAG, "error in sendMessageSynchronously", e); } - Message resultMsg = sm.mHandler.mResultMsg; sm.recycle(); return resultMsg; }