commit a7f234cc34130ea5e99fffe5a18d60a735190926
author Chia-I Wu <olv@google.com> Tue Nov 22 11:37:04 2016 +0800
committer Chia-I Wu <olv@google.com> Wed Nov 23 11:58:23 2016 +0800
tree 54a6ad178dc3b09b99b6e1022c9a37cefbddd7d3
parent a3bea860131dd7c916350dc6852584ba4fa23574

graphics: fix potential leaks for IAllocator

Introduce IAllocatorClient to manage resources owned by a client (e.g., SF
or VTS).  This makes sure there is no resource leak when SF or VTS
crashes.

This also fixes two unrelated bugs

 - sizeof(Buffer) != sizeof(void*) on 32-bit impl.
 - layerCount was not set to 1 in tests

Test: builds and boots
Change-Id: I67f5cdd64b97fb3ce1b931099c25f59cc8517f21

graphics/allocator/2.0/IAllocator.hal

diff --git a/graphics/allocator/2.0/IAllocator.hal b/graphics/allocator/2.0/IAllocator.hal
index 9a45444..00d07d5 100644
--- a/graphics/allocator/2.0/IAllocator.hal
+++ b/graphics/allocator/2.0/IAllocator.hal
@@ -16,7 +16,7 @@
 
 package android.hardware.graphics.allocator@2.0;
 
-import android.hardware.graphics.common@1.0::PixelFormat;
+import IAllocatorClient;
 
 interface IAllocator {
     enum Capability : int32_t {
@@ -24,53 +24,18 @@
         INVALID = 0,
 
         /*
-         * testAllocate will always return UNDEFINED unless this capability
-         * is supported.
+         * IAllocatorClient::testAllocate must always return UNDEFINED unless
+         * this capability is supported.
          */
         TEST_ALLOCATE = 1,
 
         /*
-         * layerCount must be 1 unless this capability is supported.
+         * IAllocatorClient::BufferDescriptorInfo::layerCount must be 1 unless
+         * this capability is supported.
          */
         LAYERED_BUFFERS = 2,
     };
 
-    struct BufferDescriptorInfo {
-        /*
-         * The width specifies how many columns of pixels must be in the
-         * allocated buffer, but does not necessarily represent the offset in
-         * columns between the same column in adjacent rows. The rows may be
-         * padded.
-         */
-        uint32_t width;
-
-       /*
-        * The height specifies how many rows of pixels must be in the
-        * allocated buffer.
-        */
-        uint32_t height;
-
-       /*
-        * The number of image layers that must be in the allocated buffer.
-        */
-        uint32_t layerCount;
-
-        /* Buffer pixel format. */
-        PixelFormat format;
-
-        /*
-         * Buffer producer usage mask; valid flags can be found in the
-         * definition of ProducerUsage.
-         */
-        uint64_t producerUsageMask;
-
-        /*
-         * Buffer consumer usage mask; valid flags can be found in the
-         * definition of ConsumerUsage.
-         */
-        uint64_t consumerUsageMask;
-    };
-
     /*
      * Provides a list of supported capabilities (as described in the
      * definition of Capability above). This list must not change after
@@ -95,110 +60,15 @@
     dumpDebugInfo() generates (string debugInfo);
 
     /*
-     * Creates a new, opaque buffer descriptor.
+     * Creates a client of the allocator. All resources created by the client
+     * are owned by the client and are only visible to the client, unless they
+     * are exported by exportHandle.
      *
-     * @param descriptorInfo specifies the attributes of the buffer
-     *        descriptor.
      * @return error is NONE upon success. Otherwise,
-     *         BAD_VALUE when any attribute in descriptorInfo is invalid.
-     *         NO_RESOURCES when no more descriptors can currently be created.
-     * @return descriptor is the newly created buffer descriptor.
+     *         NO_RESOURCES when no more client can currently be created.
+     * @return client is the newly created client.
      */
     @entry
     @callflow(next="*")
-    createDescriptor(BufferDescriptorInfo descriptorInfo)
-          generates (Error error,
-                     BufferDescriptor descriptor);
-
-    /*
-     * Destroys an existing buffer descriptor.
-     *
-     * @param descriptor is the descriptor to destroy.
-     * @return error is either NONE or BAD_DESCRIPTOR.
-     */
-    @exit
-    @callflow(next="*")
-    destroyDescriptor(BufferDescriptor descriptor) generates (Error error);
-
-    /*
-     * Tests whether a buffer allocation can succeed, ignoring potential
-     * resource contention which might lead to a NO_RESOURCES error.
-     *
-     * @param descriptors is a list of buffer descriptors.
-     * @return error is NONE or NOT_SHARED upon success;
-     *         NONE when buffers can be created and share a backing store.
-     *         NOT_SHARED when buffers can be created but require more than a
-     *                    backing store.
-     *         Otherwise,
-     *         BAD_DESCRIPTOR when any of the descriptors is invalid.
-     *         UNSUPPORTED when any of the descriptors can never be satisfied.
-     *         UNDEFINED when TEST_ALLOCATE is not listed in getCapabilities.
-     */
-    @callflow(next="allocate")
-    testAllocate(vec<BufferDescriptor> descriptors) generates (Error error);
-
-    /*
-     * Attempts to allocate a list of buffers sharing a backing store.
-     *
-     * Each buffer will correspond to one of the descriptors passed into the
-     * function and will hold a reference to its backing store. If the device
-     * is unable to share the backing store between the buffers, it must
-     * attempt to allocate the buffers with different backing stores and
-     * return NOT_SHARED if it is successful.
-     *
-     * @param descriptors is the buffer descriptors to attempt to allocate.
-     * @return error is NONE or NOT_SHARED upon success;
-     *         NONE when buffers can be created and share a backing store.
-     *         NOT_SHARED when buffers can be created but require more than a
-     *                    backing store.
-     *         Otherwise,
-     *         BAD_DESCRIPTOR when any of the descriptors is invalid.
-     *         UNSUPPORTED when any of the descriptors can never be satisfied.
-     *         NO_RESOURCES when any of the buffers cannot be created at this
-     *                      time.
-     * @return buffers is the allocated buffers.
-     */
-    @callflow(next="exportHandle")
-    allocate(vec<BufferDescriptor> descriptors)
-        generates (Error error,
-                   vec<Buffer> buffers);
-
-    /*
-     * Frees a buffer.
-     *
-     * @param buffer is the buffer to be freed.
-     * @return error is NONE upon success. Otherwise,
-     *         BAD_BUFFER when the buffer is invalid.
-     */
-    @exit
-    @callflow(next="*")
-    free(Buffer buffer) generates (Error error);
-
-    /*
-     * Exports a buffer for use in other client libraries or for cross-process
-     * sharing.
-     *
-     * The exported handle is a handle to the backing store of the buffer, not
-     * to the buffer itself. It however may not hold any reference to the
-     * backing store and may be considered invalid by client libraries. To use
-     * it and, in most cases, to save it for later use, a client must make a
-     * clone of the handle and have the cloned handle hold a reference to the
-     * backing store. Such a cloned handle will stay valid even after the
-     * original buffer is freed. Refer to native_handle_clone and IMapper for
-     * how a handle is cloned and how a reference is added.
-     *
-     * @param descriptor is the descriptor used to allocate the buffer.
-     * @param buffer is the buffer to be exported.
-     * @return error is NONE upon success. Otherwise,
-     *         BAD_DESCRIPTOR when the descriptor is invalid.
-     *         BAD_BUFFER when the buffer is invalid.
-     *         BAD_VALUE when descriptor and buffer do not match.
-     *         NO_RESOURCES when the buffer cannot be exported at this time.
-     * @return bufferHandle is the exported handle.
-     */
-    @callflow(next="free")
-    exportHandle(BufferDescriptor descriptor,
-                 Buffer buffer)
-      generates (Error error,
-                 handle bufferHandle);
+    createClient() generates (Error error, IAllocatorClient client);
 };