From 411951c341ec169312ee3fbc4bee3aaa662156d2 Mon Sep 17 00:00:00 2001 From: Kevin Tang Date: Thu, 11 Feb 2016 14:50:58 -0800 Subject: [PATCH] make LocSharedLock::mRef ops atomic The current share() and drop() calls are not thread safe, which can cause memory heap correuption. This changes the read / write ops to be atomic. Change-Id: Ic241d4573bdf2e58c4e264e97bd41b56f882c791 CRs-Fixed: 975372 --- utils/LocSharedLock.h | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/utils/LocSharedLock.h b/utils/LocSharedLock.h index 6b9e27f1..7fe62376 100644 --- a/utils/LocSharedLock.h +++ b/utils/LocSharedLock.h @@ -30,6 +30,7 @@ #define __LOC_SHARED_LOCK__ #include +#include #include // This is a utility created for use cases such that there are more than @@ -39,16 +40,16 @@ // this share lock's share() method has to be called, so that the obj // can maintain an accurate client count. class LocSharedLock { - uint32_t mRef; + volatile int32_t mRef; pthread_mutex_t mMutex; inline ~LocSharedLock() { pthread_mutex_destroy(&mMutex); } public: // first client to create this LockSharedLock inline LocSharedLock() : mRef(1) { pthread_mutex_init(&mMutex, NULL); } // following client(s) are to *share()* this lock created by the first client - inline LocSharedLock* share() { mRef++; return this; } + inline LocSharedLock* share() { android_atomic_inc(&mRef); return this; } // whe a client no longer needs this shared lock, drop() shall be called. - inline void drop() { if (0 == --mRef) delete this; } + inline void drop() { if (1 == android_atomic_dec(&mRef)) delete this; } // locking the lock to enter critical section inline void lock() { pthread_mutex_lock(&mMutex); } // unlocking the lock to leave the critical section