diff options
| author | Hans Boehm <hboehm@google.com> | 2016-09-19 22:31:29 -0700 |
|---|---|---|
| committer | Hans Boehm <hboehm@google.com> | 2016-09-23 10:33:23 -0700 |
| commit | 0e90812b64239054c61b4a018d9ca559f8bb1658 (patch) | |
| tree | e6c74f004cb23a3e1d6073fd91112685b35c5957 | |
| parent | d0638817a349df0e72bb97e14be8b22332d5b346 (diff) | |
| download | skia-0e90812b64239054c61b4a018d9ca559f8bb1658.tar.gz | |
Make reference counted assignment check for races.
If SkRefCnt_SafeAssign is erroneously invoked simultaneously by two
threads on the same destination, a likely outcome is that the
reference count of an object other than the replaced dst will
be decremented. This results in an extra reference count decrement,
which usually means that the final reference count decrement will
be applied to a random location in an object that has already been
reallocated. This is exceedingly hard to debug.
We add a hack to detect such data races with sufficiently high
probability, so that such a data race bug should sometimes actually
generate bug reports that lend themselves to diagnosis.
We detect changes within a relatively larger range that normally
includes several (typically slow) memory fences. Not all such changes
would provoke a crash. Even if we decrement the wrong reference count,
there's a chance we would decrement a dead location. Thus, to
avoid potentially adding instability, we currently only log.
This change tries to minimize additional runtime overhead.
The macro is only expanded a few dozen times, so we do not worry too
much about code size.
Bug: 31227650
Change-Id: Ieb7150cbe75654d312667bac27837e489591ee0e
| -rw-r--r-- | include/core/SkRefCnt.h | 22 |
1 files changed, 22 insertions, 0 deletions
diff --git a/include/core/SkRefCnt.h b/include/core/SkRefCnt.h index 9d1e5f1f02..422770c86d 100644 --- a/include/core/SkRefCnt.h +++ b/include/core/SkRefCnt.h @@ -136,6 +136,26 @@ class SK_API SkRefCnt : public SkRefCntBase { }; null in on each side of the assignment, and ensuring that ref() is called before unref(), in case the two pointers point to the same object. */ + +#if defined(SK_BUILD_FOR_ANDROID_FRAMEWORK) || defined(SK_DEBUG) +// This version heuristically detects data races, since those otherwise result +// in redundant reference count decrements, which are exceedingly +// difficult to debug. + +#define SkRefCnt_SafeAssign(dst, src) \ + do { \ + typedef std::remove_reference<decltype(dst)>::type T; \ + T old_dst = *const_cast<T volatile *>(&dst); \ + if (src) src->ref(); \ + if (old_dst) old_dst->unref(); \ + if (old_dst != *const_cast<T volatile *>(&dst)) { \ + SkDebugf("Detected racing Skia calls at %s:%d\n", __FILE__, __LINE__); \ + } \ + dst = src; \ + } while (0) + +#else /* !(SK_BUILD_FOR_ANDROID_FRAMEWORK || SK_DEBUG) */ + #define SkRefCnt_SafeAssign(dst, src) \ do { \ if (src) src->ref(); \ @@ -143,6 +163,8 @@ class SK_API SkRefCnt : public SkRefCntBase { }; dst = src; \ } while (0) +#endif + /** Call obj->ref() and return obj. The obj must not be nullptr. */ |