For the raw pointer constructor, check that the argument is not on the
stack. Passing a stack pointer as an sp<> parameter is dangerous,
since we will attempt to deallocate the object once the sp<> is no
longer needed. We approximate ste stack ccheck by testing whether it
is on the same page as the frame pointer.
Do the same for raw pointer assignment.
Bug: 138956784
Test: Boot AOSP
Change-Id: I2c2405be443389af7e6a713aadcb3ee1f372a85e
Force assignment to read the old pointer value twice, and check
that it didn't change in the interim. Previous experience with
Skia suggests that this has a high probability of correctly detecting
a data race when it occurs, instead of potentially letting the
count associated with the old pointer value get decremented twice,
and corrupting the heap.
This does increase the size of sp assignments, which seem to
commonly get inlined. For the general case, we add a third
comparison and function call.
Some code reformatting to make this consistent with modern conventions
and pass automated checks.
Test: Booted aosp build. Ran libutils tests. Looked at generated code.
Bug: 31227650
Change-Id: Id93a05c6bf10f01ee15ff1bb409611f2058f988f
