1850984: Fix: crash when running am.jar without parameters


Fix: crash when running am.jar without parameters

记录第一次给aosp提代码哈哈哈
https://android-review.googlesource.com/c/platform/frameworks/base/+/1850984

下面是issue:https://issuetracker.google.com/issues/202471754

  • wa...@hisense.comwa...@hisense.com #2Oct 9, 2021 10:43AM

    Crash when running am.jar without parameters

    • Steps to reproduce the problem (including sample code if appropriate).

    1.use the following .sh to run am.jar,and without parameters

    test.sh

    #!/system/bin/sh
    base=/system
    export CLASSPATH=$base/framework/am.jar
    exec app_process $base/bin com.android.commands.am.Am "$@"
    

    2.The crash is as follows

    10-08 21:55:12.475  2698  2698 D AndroidRuntime: Calling main entry com.android.commands.am.Am
    10-08 21:55:12.476  2698  2698 D AndroidRuntime: Shutting down VM
    10-08 21:55:12.476  2698  2698 E AndroidRuntime: FATAL EXCEPTION: main
    10-08 21:55:12.476  2698  2698 E AndroidRuntime: PID: 2698
    10-08 21:55:12.476  2698  2698 E AndroidRuntime: java.lang.NullPointerException: Attempt to invoke interface method 'android.os.IBinder android.app.IActivityManager.asBinder()' on a null object reference
    10-08 21:55:12.476  2698  2698 E AndroidRuntime: 	at com.android.commands.am.Am.runAmCmd(Am.java:141)
    10-08 21:55:12.476  2698  2698 E AndroidRuntime: 	at com.android.commands.am.Am.onShowUsage(Am.java:56)
    10-08 21:55:12.476  2698  2698 E AndroidRuntime: 	at com.android.internal.os.BaseCommand.run(BaseCommand.java:52)
    10-08 21:55:12.476  2698  2698 E AndroidRuntime: 	at com.android.commands.am.Am.main(Am.java:50)
    10-08 21:55:12.476  2698  2698 E AndroidRuntime: 	at com.android.internal.os.RuntimeInit.nativeFinishInit(Native Method)
    10-08 21:55:12.476  2698  2698 E AndroidRuntime: 	at com.android.internal.os.RuntimeInit.main(RuntimeInit.java:399)
    10-08 21:55:12.477  2698  2698 E AndroidRuntime: Error reporting crash
    10-08 21:55:12.477  2698  2698 E AndroidRuntime: java.lang.RuntimeException: Bad file descriptor
    10-08 21:55:12.477  2698  2698 E AndroidRuntime: 	at android.os.BinderProxy.transactNative(Native Method)
    10-08 21:55:12.477  2698  2698 E AndroidRuntime: 	at android.os.BinderProxy.transact(BinderProxy.java:550)
    10-08 21:55:12.477  2698  2698 E AndroidRuntime: 	at android.os.IServiceManager$Stub$Proxy.checkService(IServiceManager.java:348)
    10-08 21:55:12.477  2698  2698 E AndroidRuntime: 	at android.os.ServiceManagerProxy.getService(ServiceManagerNative.java:63)
    10-08 21:55:12.477  2698  2698 E AndroidRuntime: 	at android.os.ServiceManager.rawGetService(ServiceManager.java:306)
    10-08 21:55:12.477  2698  2698 E AndroidRuntime: 	at android.os.ServiceManager.getService(ServiceManager.java:134)
    10-08 21:55:12.477  2698  2698 E AndroidRuntime: 	at android.app.ActivityManager$1.create(ActivityManager.java:4558)
    10-08 21:55:12.477  2698  2698 E AndroidRuntime: 	at android.app.ActivityManager$1.create(ActivityManager.java:4555)
    10-08 21:55:12.477  2698  2698 E AndroidRuntime: 	at android.util.Singleton.get(Singleton.java:43)
    10-08 21:55:12.477  2698  2698 E AndroidRuntime: 	at android.app.ActivityManager.getService(ActivityManager.java:4546)
    10-08 21:55:12.477  2698  2698 E AndroidRuntime: 	at com.android.internal.os.RuntimeInit$KillApplicationHandler.uncaughtException(RuntimeInit.java:158)
    10-08 21:55:12.477  2698  2698 E AndroidRuntime: 	at java.lang.ThreadGroup.uncaughtException(ThreadGroup.java:1073)
    10-08 21:55:12.477  2698  2698 E AndroidRuntime: 	at java.lang.ThreadGroup.uncaughtException(ThreadGroup.java:1068)
    10-08 21:55:12.477  2698  2698 E AndroidRuntime: 	at java.lang.Thread.dispatchUncaughtException(Thread.java:2203)
    10-08 21:55:12.477  2698  2698 I Process : Sending signal. PID: 2698 SIG: 9
    Killed 
    
    • What happened.

    As the crash log shows,Attempt to invoke interface method asBinder() on a null object reference

    When no args to run am.jar, the code flow is :

    -->Am.java#main()
    -->BaseCommand.java#run()
    -->Am.java#onShowUsage()
    -->Am.java#runAmCmd(){
    	mAm.asBinder().shellCommand()
    }
    

    mAm is not initialized at this time, so process will crash in NRE

    • What you think the correct behavior should be.

    mAm should be Initialize before use, for example, put it in the constructor, Instead of initializing in the original onRun() function

        Am() {
            svcInit();
        }
    
        private void svcInit() {
            mAm = ActivityManager.getService();
            if (mAm == null) {
                System.err.println(NO_SYSTEM_ERROR_CODE);
                return;
            }
    
            mPm = IPackageManager.Stub.asInterface(ServiceManager.getService("package"));
            if (mPm == null) {
                System.err.println(NO_SYSTEM_ERROR_CODE);
                return;
            }
        }
    
    • Don't forget to mention which version of Android you're using, and/or which device the problem appears on (model and Android version).

    I found this bug from android-8.0.0_r1 to now master :Am.java, emlutor generic_x86_64

    The bug originated from this submission(android-8.0.0_r1):

    Switch am command to go through "cmd activity".

    • attachment crash.log: the crash logcat test.sh: sh script to run am.jar

    crash.log Restricted

    3.8 KB View Download

    test.sh Restricted

    128 B View Download

  • wa...@hisense.comwa...@hisense.com #3Oct 9, 2021 03:20PM

    This is my fix patch:
    https://android-review.googlesource.com/c/platform/frameworks/base/+/1850984
    Can you plz review it?

  • vi...@google.comvi...@google.comOct 11, 2021 12:54PM

    Assigned to vi...@google.com.