Gitiles
Code Review Sign In
gerrit.omnirom.org / android_frameworks_native / bfab5055f7ce4d89d49e71620e075ed39ce14602^! / . / services
commitbfab5055f7ce4d89d49e71620e075ed39ce14602[log] [tgz]
authorLeon Scroggins III <scroggo@google.com>Fri Mar 24 15:45:46 2023 -0400
committerLeon Scroggins III <scroggo@google.com>Fri Mar 24 15:52:16 2023 -0400
tree634954d4e94587b688a6fd806d3b4c3ef73df999
parent3b8613e5b75bf0e6d2581fb1be04770dd0e034e8 [diff]
Use the FuzzImplVSyncDispatch for fuzzing

This class seems to have been written for fuzzing, but it wasn't used
anywhere. Icdb80253436b4d0034fc20fcae8583efb7c30292 introduced new
attempts to use the VSyncDispatch, resulting in a null pointer
dereference in the fuzzer.

Override update, which is an abstract method added since this class was.

Ignore warnings for unused functions. surfaceflinger_scheduler_fuzzer.h
contains a static method, Now(), which is used by other code that pulls
in this header, but not by this executable.

Fixes: 270785319
Test: surfaceflinger_layer_fuzzer
Change-Id: I4e67e3f6383f466fbb092e7c7e9a0f867732c1f5

diff --git a/services/surfaceflinger/fuzzer/Android.bp b/services/surfaceflinger/fuzzer/Android.bp
index 7350e09..f76a8d7 100644
--- a/services/surfaceflinger/fuzzer/Android.bp
+++ b/services/surfaceflinger/fuzzer/Android.bp

@@ -69,6 +69,7 @@
         "-Wno-unused-result",
         "-Wno-conversion",
         "-Wno-sign-compare",
+        "-Wno-unused-function",
     ],
     fuzz_config: {
         cc: [

diff --git a/services/surfaceflinger/fuzzer/surfaceflinger_fuzzers_utils.h b/services/surfaceflinger/fuzzer/surfaceflinger_fuzzers_utils.h
index 6074bb7..c1bab0e 100644
--- a/services/surfaceflinger/fuzzer/surfaceflinger_fuzzers_utils.h
+++ b/services/surfaceflinger/fuzzer/surfaceflinger_fuzzers_utils.h

@@ -49,6 +49,7 @@
 #include "SurfaceFlingerDefaultFactory.h"
 #include "ThreadContext.h"
 #include "TimeStats/TimeStats.h"
+#include "surfaceflinger_scheduler_fuzzer.h"
 
 #include "renderengine/mock/RenderEngine.h"
 #include "scheduler/TimeKeeper.h"
@@ -237,7 +238,8 @@
         const auto displayId = selectorPtr->getActiveMode().modePtr->getPhysicalDisplayId();
         registerDisplayInternal(displayId, std::move(selectorPtr),
                                 std::shared_ptr<VsyncSchedule>(
-                                        new VsyncSchedule(displayId, std::move(tracker), nullptr,
+                                        new VsyncSchedule(displayId, std::move(tracker),
+                                                          std::make_shared<FuzzImplVSyncDispatch>(),
                                                           std::move(controller))));
     }
 

diff --git a/services/surfaceflinger/fuzzer/surfaceflinger_scheduler_fuzzer.h b/services/surfaceflinger/fuzzer/surfaceflinger_scheduler_fuzzer.h
index e6be9a8..a32750e 100644
--- a/services/surfaceflinger/fuzzer/surfaceflinger_scheduler_fuzzer.h
+++ b/services/surfaceflinger/fuzzer/surfaceflinger_scheduler_fuzzer.h

@@ -129,6 +129,11 @@
         return (scheduler::ScheduleResult)0;
     }
 
+    scheduler::ScheduleResult update(CallbackToken /* token */,
+                                     ScheduleTiming /* scheduleTiming */) override {
+        return (scheduler::ScheduleResult)0;
+    }
+
     scheduler::CancelResult cancel(CallbackToken /* token */) override {
         return (scheduler::CancelResult)0;
     }