avcodec/refstruct: Add simple API for refcounted objects
For now, this API is supposed to replace all the internal uses
of reference counted objects in libavcodec; "internal" here
means that the object is created in libavcodec and is never
put directly in the hands of anyone outside of it.
It is intended to be made public eventually, but for now
I enjoy the ability to modify it freely.
Several shortcomings of the AVBuffer API motivated this API:
a) The unnecessary allocations (and ensuing error checks)
when using the API. Besides the need for runtime checks it
imposes upon the developer the burden of thinking through
what happens in case an error happens. Furthermore, these
error paths are typically not covered by FATE.
b) The AVBuffer API is designed with buffers and not with
objects in mind: The type for the actual buffers used
is uint8_t*; it pretends to be able to make buffers
writable, but this is wrong in case the buffer is not a POD.
Another instance of this thinking is the lack of a reset
callback in the AVBufferPool API.
c) The AVBuffer API incurs unnecessary indirections by
going through the AVBufferRef.data pointer. In case the user
tries to avoid this indirection and stores a pointer to
AVBuffer.data separately (which also allows to use the correct
type), the user has to keep these two pointers in sync
in case they can change (and in any case has two pointers
occupying space in the containing context). See the following
commit using this API for H.264 parameter sets for an example
of the removal of such syncing code as well as the casts
involved in the parts where only the AVBufferRef* pointer
was stored.
d) Given that the AVBuffer API allows custom allocators,
creating refcounted objects with dedicated free functions
often involves a lot of boilerplate like this:
obj = av_mallocz(sizeof(*obj));
ref = av_buffer_create((uint8_t*)obj, sizeof(*obj), free_func, opaque, 0);
if (!ref) {
av_free(obj);
return AVERROR(ENOMEM);
}
(There is also a corresponding av_free() at the end of free_func().)
This is now just
obj = ff_refstruct_alloc_ext(sizeof(*obj), 0, opaque, free_func);
if (!obj)
return AVERROR(ENOMEM);
See the subsequent patch for the framepool (i.e. get_buffer.c)
for an example.
This API does things differently; it is designed to be lightweight*
as well as geared to the common case where the allocator of the
underlying object does not matter as long as it is big enough and
suitably aligned. This allows to allocate the user data together
with the API's bookkeeping data which avoids an allocation as well
as the need for separate pointers to the user data and the API's
bookkeeping data. This entails that the actual allocation of the
object is performed by RefStruct, not the user. This is responsible
for avoiding the boilerplate code mentioned in d).
As a downside, custom allocators are not supported, but it will
become apparent in subsequent commits that there are enough
usecases to make it worthwhile.
Another advantage of this API is that one only needs to include
the relevant header if one uses the API and not when one includes
the header or some other component that uses it. This is because there
is no RefStruct type analog of AVBufferRef. This brings with it
one further downside: It is not apparent from the pointer itself
whether the underlying object is managed by the RefStruct API
or whether this pointer is a reference to it (or merely a pointer
to it).
Finally, this API supports const-qualified opaque pointees;
this will allow to avoid casting const away by the CBS code.
*: Basically the only exception to the you-only-pay-for-what-you-use
rule is that it always uses atomics for the refcount.
Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@outlook.com>
2022-08-04 01:07:58 +00:00
|
|
|
/*
|
|
|
|
|
* This file is part of FFmpeg.
|
|
|
|
|
*
|
|
|
|
|
* FFmpeg is free software; you can redistribute it and/or
|
|
|
|
|
* modify it under the terms of the GNU Lesser General Public
|
|
|
|
|
* License as published by the Free Software Foundation; either
|
|
|
|
|
* version 2.1 of the License, or (at your option) any later version.
|
|
|
|
|
*
|
|
|
|
|
* FFmpeg is distributed in the hope that it will be useful,
|
|
|
|
|
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
|
|
|
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
|
|
|
|
|
* Lesser General Public License for more details.
|
|
|
|
|
*
|
|
|
|
|
* You should have received a copy of the GNU Lesser General Public
|
|
|
|
|
* License along with FFmpeg; if not, write to the Free Software
|
|
|
|
|
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
|
|
|
|
|
*/
|
|
|
|
|
|
|
|
|
|
#include <stdatomic.h>
|
|
|
|
|
#include <stdint.h>
|
|
|
|
|
#include <string.h>
|
|
|
|
|
|
|
|
|
|
#include "internal.h"
|
|
|
|
|
#include "refstruct.h"
|
|
|
|
|
|
|
|
|
|
#include "libavutil/avassert.h"
|
|
|
|
|
#include "libavutil/macros.h"
|
|
|
|
|
#include "libavutil/mem.h"
|
|
|
|
|
|
|
|
|
|
#ifndef REFSTRUCT_CHECKED
|
|
|
|
|
#ifndef ASSERT_LEVEL
|
|
|
|
|
#define ASSERT_LEVEL 0
|
|
|
|
|
#endif
|
|
|
|
|
#define REFSTRUCT_CHECKED (ASSERT_LEVEL >= 1)
|
|
|
|
|
#endif
|
|
|
|
|
|
|
|
|
|
#if REFSTRUCT_CHECKED
|
|
|
|
|
#define ff_assert(cond) av_assert0(cond)
|
|
|
|
|
#else
|
|
|
|
|
#define ff_assert(cond) ((void)0)
|
|
|
|
|
#endif
|
|
|
|
|
|
|
|
|
|
#define REFSTRUCT_COOKIE AV_NE((uint64_t)MKBETAG('R', 'e', 'f', 'S') << 32 | MKBETAG('t', 'r', 'u', 'c'), \
|
|
|
|
|
MKTAG('R', 'e', 'f', 'S') | (uint64_t)MKTAG('t', 'r', 'u', 'c') << 32)
|
|
|
|
|
|
|
|
|
|
#if __STDC_VERSION__ >= 201112L
|
|
|
|
|
#define REFCOUNT_OFFSET FFALIGN(sizeof(RefCount), FFMAX3(STRIDE_ALIGN, 16, _Alignof(max_align_t)))
|
|
|
|
|
#else
|
|
|
|
|
#define REFCOUNT_OFFSET FFALIGN(sizeof(RefCount), FFMAX(STRIDE_ALIGN, 16))
|
|
|
|
|
#endif
|
|
|
|
|
|
|
|
|
|
typedef struct RefCount {
|
|
|
|
|
/**
|
|
|
|
|
* An uintptr_t is big enough to hold the address of every reference,
|
|
|
|
|
* so no overflow can happen when incrementing the refcount as long as
|
|
|
|
|
* the user does not throw away references.
|
|
|
|
|
*/
|
|
|
|
|
atomic_uintptr_t refcount;
|
|
|
|
|
FFRefStructOpaque opaque;
|
|
|
|
|
void (*free_cb)(FFRefStructOpaque opaque, void *obj);
|
|
|
|
|
|
|
|
|
|
#if REFSTRUCT_CHECKED
|
|
|
|
|
uint64_t cookie;
|
|
|
|
|
#endif
|
|
|
|
|
} RefCount;
|
|
|
|
|
|
|
|
|
|
static RefCount *get_refcount(void *obj)
|
|
|
|
|
{
|
|
|
|
|
RefCount *ref = (RefCount*)((char*)obj - REFCOUNT_OFFSET);
|
|
|
|
|
ff_assert(ref->cookie == REFSTRUCT_COOKIE);
|
|
|
|
|
return ref;
|
|
|
|
|
}
|
|
|
|
|
|
2022-08-04 06:40:57 +00:00
|
|
|
static const RefCount *cget_refcount(const void *obj)
|
|
|
|
|
{
|
|
|
|
|
const RefCount *ref = (const RefCount*)((const char*)obj - REFCOUNT_OFFSET);
|
|
|
|
|
ff_assert(ref->cookie == REFSTRUCT_COOKIE);
|
|
|
|
|
return ref;
|
|
|
|
|
}
|
|
|
|
|
|
avcodec/refstruct: Add simple API for refcounted objects
For now, this API is supposed to replace all the internal uses
of reference counted objects in libavcodec; "internal" here
means that the object is created in libavcodec and is never
put directly in the hands of anyone outside of it.
It is intended to be made public eventually, but for now
I enjoy the ability to modify it freely.
Several shortcomings of the AVBuffer API motivated this API:
a) The unnecessary allocations (and ensuing error checks)
when using the API. Besides the need for runtime checks it
imposes upon the developer the burden of thinking through
what happens in case an error happens. Furthermore, these
error paths are typically not covered by FATE.
b) The AVBuffer API is designed with buffers and not with
objects in mind: The type for the actual buffers used
is uint8_t*; it pretends to be able to make buffers
writable, but this is wrong in case the buffer is not a POD.
Another instance of this thinking is the lack of a reset
callback in the AVBufferPool API.
c) The AVBuffer API incurs unnecessary indirections by
going through the AVBufferRef.data pointer. In case the user
tries to avoid this indirection and stores a pointer to
AVBuffer.data separately (which also allows to use the correct
type), the user has to keep these two pointers in sync
in case they can change (and in any case has two pointers
occupying space in the containing context). See the following
commit using this API for H.264 parameter sets for an example
of the removal of such syncing code as well as the casts
involved in the parts where only the AVBufferRef* pointer
was stored.
d) Given that the AVBuffer API allows custom allocators,
creating refcounted objects with dedicated free functions
often involves a lot of boilerplate like this:
obj = av_mallocz(sizeof(*obj));
ref = av_buffer_create((uint8_t*)obj, sizeof(*obj), free_func, opaque, 0);
if (!ref) {
av_free(obj);
return AVERROR(ENOMEM);
}
(There is also a corresponding av_free() at the end of free_func().)
This is now just
obj = ff_refstruct_alloc_ext(sizeof(*obj), 0, opaque, free_func);
if (!obj)
return AVERROR(ENOMEM);
See the subsequent patch for the framepool (i.e. get_buffer.c)
for an example.
This API does things differently; it is designed to be lightweight*
as well as geared to the common case where the allocator of the
underlying object does not matter as long as it is big enough and
suitably aligned. This allows to allocate the user data together
with the API's bookkeeping data which avoids an allocation as well
as the need for separate pointers to the user data and the API's
bookkeeping data. This entails that the actual allocation of the
object is performed by RefStruct, not the user. This is responsible
for avoiding the boilerplate code mentioned in d).
As a downside, custom allocators are not supported, but it will
become apparent in subsequent commits that there are enough
usecases to make it worthwhile.
Another advantage of this API is that one only needs to include
the relevant header if one uses the API and not when one includes
the header or some other component that uses it. This is because there
is no RefStruct type analog of AVBufferRef. This brings with it
one further downside: It is not apparent from the pointer itself
whether the underlying object is managed by the RefStruct API
or whether this pointer is a reference to it (or merely a pointer
to it).
Finally, this API supports const-qualified opaque pointees;
this will allow to avoid casting const away by the CBS code.
*: Basically the only exception to the you-only-pay-for-what-you-use
rule is that it always uses atomics for the refcount.
Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@outlook.com>
2022-08-04 01:07:58 +00:00
|
|
|
static void *get_userdata(void *buf)
|
|
|
|
|
{
|
|
|
|
|
return (char*)buf + REFCOUNT_OFFSET;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
static void refcount_init(RefCount *ref, FFRefStructOpaque opaque,
|
|
|
|
|
void (*free_cb)(FFRefStructOpaque opaque, void *obj))
|
|
|
|
|
{
|
|
|
|
|
atomic_init(&ref->refcount, 1);
|
|
|
|
|
ref->opaque = opaque;
|
|
|
|
|
ref->free_cb = free_cb;
|
|
|
|
|
|
|
|
|
|
#if REFSTRUCT_CHECKED
|
|
|
|
|
ref->cookie = REFSTRUCT_COOKIE;
|
|
|
|
|
#endif
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
void *ff_refstruct_alloc_ext_c(size_t size, unsigned flags, FFRefStructOpaque opaque,
|
|
|
|
|
void (*free_cb)(FFRefStructOpaque opaque, void *obj))
|
|
|
|
|
{
|
|
|
|
|
void *buf, *obj;
|
|
|
|
|
|
|
|
|
|
if (size > SIZE_MAX - REFCOUNT_OFFSET)
|
|
|
|
|
return NULL;
|
|
|
|
|
buf = av_malloc(size + REFCOUNT_OFFSET);
|
|
|
|
|
if (!buf)
|
|
|
|
|
return NULL;
|
|
|
|
|
refcount_init(buf, opaque, free_cb);
|
|
|
|
|
obj = get_userdata(buf);
|
|
|
|
|
if (!(flags & FF_REFSTRUCT_FLAG_NO_ZEROING))
|
|
|
|
|
memset(obj, 0, size);
|
|
|
|
|
|
|
|
|
|
return obj;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
void ff_refstruct_unref(void *objp)
|
|
|
|
|
{
|
|
|
|
|
void *obj;
|
|
|
|
|
RefCount *ref;
|
|
|
|
|
|
|
|
|
|
memcpy(&obj, objp, sizeof(obj));
|
|
|
|
|
if (!obj)
|
|
|
|
|
return;
|
|
|
|
|
memcpy(objp, &(void *){ NULL }, sizeof(obj));
|
|
|
|
|
|
|
|
|
|
ref = get_refcount(obj);
|
|
|
|
|
if (atomic_fetch_sub_explicit(&ref->refcount, 1, memory_order_acq_rel) == 1) {
|
|
|
|
|
if (ref->free_cb)
|
|
|
|
|
ref->free_cb(ref->opaque, obj);
|
|
|
|
|
av_free(ref);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
void *ff_refstruct_ref(void *obj)
|
|
|
|
|
{
|
|
|
|
|
RefCount *ref = get_refcount(obj);
|
|
|
|
|
|
|
|
|
|
atomic_fetch_add_explicit(&ref->refcount, 1, memory_order_relaxed);
|
|
|
|
|
|
|
|
|
|
return obj;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
const void *ff_refstruct_ref_c(const void *obj)
|
|
|
|
|
{
|
|
|
|
|
/* Casting const away here is fine, as it is only supposed
|
|
|
|
|
* to apply to the user's data and not our bookkeeping data. */
|
|
|
|
|
RefCount *ref = get_refcount((void*)obj);
|
|
|
|
|
|
|
|
|
|
atomic_fetch_add_explicit(&ref->refcount, 1, memory_order_relaxed);
|
|
|
|
|
|
|
|
|
|
return obj;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
void ff_refstruct_replace(void *dstp, const void *src)
|
|
|
|
|
{
|
|
|
|
|
const void *dst;
|
|
|
|
|
memcpy(&dst, dstp, sizeof(dst));
|
|
|
|
|
|
|
|
|
|
if (src == dst)
|
|
|
|
|
return;
|
|
|
|
|
ff_refstruct_unref(dstp);
|
|
|
|
|
if (src) {
|
|
|
|
|
dst = ff_refstruct_ref_c(src);
|
|
|
|
|
memcpy(dstp, &dst, sizeof(dst));
|
|
|
|
|
}
|
|
|
|
|
}
|
2022-08-04 06:40:57 +00:00
|
|
|
|
|
|
|
|
int ff_refstruct_exclusive(const void *obj)
|
|
|
|
|
{
|
|
|
|
|
const RefCount *ref = cget_refcount(obj);
|
|
|
|
|
/* Casting const away here is safe, because it is a load.
|
|
|
|
|
* It is necessary because atomic_load_explicit() does not
|
|
|
|
|
* accept const atomics in C11 (see also N1807). */
|
|
|
|
|
return atomic_load_explicit((atomic_uintptr_t*)&ref->refcount, memory_order_acquire) == 1;
|
|
|
|
|
}
|