tree 05fab90263f11960834b9a3b20ba3cdaaf6bbd2f
parent f3c6e327fa3973cea10dc27179dfadc757de7068
author Steven Moreland <smoreland@google.com> 1671583534 +0000
committer Alexander Martinz <alex@amartinz.at> 1709141889 +0100
gpgsig -----BEGIN PGP SIGNATURE-----
 
 iQIzBAABCAAdFiEEpJShu+9pnB0vSPYRH4MFVmchqx4FAmXfb4EACgkQH4MFVmch
 qx4ZJw//XBwg5NsGJ3BeNWbfXsZFunKDULYGqCzExyobTB6Iarqpkjds/fKjrDp9
 5aS7eS0psD2wT4dHoAcqoYFt79Cvp/jSLDpUbXaIIimIiGt5FQdhlCjn5ioA8VM/
 SjKIBR0WEU5anqsEv6tmWg9xRgBJbmJJ4+CLFgmSHqo79Yi6Opf609dziYhRKwt3
 j19rnRx2jnyw6kVYWvq+LGUvmaoBDavFHPNUW8Kyoh3WRHT56WqcmZ4Zz/dPLt9P
 NeJu5lk3t+dY4WyNbBVEishHHvVjT5sBasb4+6jQz0EKa10oZqwJuLOg69wqVq3K
 ODxYI/lLNPqxg4FfM1OXldqiRz0U3mUpBvdHTdFpoY9VByO+KJLG5na7deCw4OgD
 MROl+e7kOGRvjH5RqupFZWuaURc4P76EGPWDYUB5GV+kWmH9j/jFwCxqUNEQRb+U
 08bw2Wmuq1ZC3oIrOgNru5+geQRWOezNP3IaiLbMvY3VvU/OEJaKuC7zOYhOEBrA
 mMPsm3C3L3wr5uggxweWZk5vu7Izue/Rxux5hI0kLtjoAKrmAnxeMuL8nPqG5huR
 xzQ0YGmWDSeEG9w8N1IT9RsGUWO6fTrTrEYO4rhqTgKLFZafguMWu7MUNFP9OwQ0
 thr2c1RARiHc5xcpX2+HYLbrUmASFrCKvQaCWmlpYT43S+Z26rE=
 =u9tc
 -----END PGP SIGNATURE-----

libbinder: cache interface descriptor if empty

This adds a few additional bytes of .ro data to store the warning
message in the String, but worrying about re-fetching the interface
descriptor when it is empty (which happens less often in native
code after BBinder has a default descriptor, but still happens in
Java, or in custom implementations) adds complexity to other code.
Since we guarantee to always cache the descriptor, we don't need
to think about this case as much.

One alternative implementation would be to drop BpBinder mObitsSent
and use both !mAlive and an empty obituary list to represent the
obituaries being sent. However, due to sendObituary using mObitsSent
in order to avoid taking a lock in some cases (something that
should have never been done, because it's optimizing a fast path
and the way it does it means that certain races will take a lock
part of the time - which is flake prone), I couldn't find a way to
remove this variable without introducing the possibility that
we take an extra lock after linkToDeath fires, which could prevent
system recovery and cause a deadlock. Moving this variable would
have to be done more carefully.

For now, we can avoid repeated binder calls for an empty interface
descriptor. This is intended to help justify (perhaps overly so)
other changes being made in the bug, but I'm submitting it for
review entirely independently, because it's not strictly necessary
for correctness assuming that the corresponding Bn implementation
of getInterfaceDescriptor is correct. If the implementation of this
function is adverserial, it could lead to a deadlock in some
situations, but a far easier way to cause this same deadlock would
be to not return from getInterfaceDescriptor at all, which is
well-known.

Bug: 262463798
Test: binderAllocationLimits
Change-Id: I07aee55f6092b52189ad2fadbbcd0880e2e3cbf4
