| blob | e649a64c502bec06dc8f520caea3c3b673cf7e9a |
1 /* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*-
2 * vim: set ts=8 sts=2 et sw=2 tw=80:
3 * This Source Code Form is subject to the terms of the Mozilla Public
4 * License, v. 2.0. If a copy of the MPL was not distributed with this
5 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
7 #ifndef js_Utility_h
8 #define js_Utility_h
17 #include <stdlib.h>
18 #include <string.h>
19 #include <type_traits>
20 #include <utility>
26 /* The public JS engine namespace. */
29 /* The mozilla-shared reusable template/utility namespace. */
32 /* The private JS engine namespace. */
39 /*
40 * Custom allocator support for SpiderMonkey
41 */
42 #if defined JS_USE_CUSTOM_ALLOCATOR
44 #else
48 /*
49 * Thread types are used to tag threads for certain kinds of testing (see
50 * below), and also used to characterize threads in the thread scheduler (see
51 * js/src/vm/HelperThreads.cpp).
52 *
53 * Please update oom::FirstThreadTypeToTest and oom::LastThreadTypeToTest when
54 * adding new thread types.
55 */
69 THREAD_TYPE_MAX // Used to check shell function arguments
70 };
74 /*
75 * Theads are tagged only in certain debug contexts. Notably, to make testing
76 * OOM in certain helper threads more effective, we allow restricting the OOM
77 * testing to a certain helper thread type. This allows us to fail e.g. in
78 * off-thread script parsing without causing an OOM in the active thread first.
79 *
80 * Getter/Setter functions to encapsulate mozilla::ThreadLocal, implementation
81 * is in util/Utility.cpp.
82 */
83 # if defined(DEBUG) || defined(JS_OOM_BREAKPOINT)
85 // Define the range of threads tested by simulated OOM testing and the
86 // like. Testing worker threads is not supported.
94 # else
103 # endif
108 # if defined(DEBUG) || defined(JS_OOM_BREAKPOINT)
110 # ifdef JS_OOM_BREAKPOINT
111 # if defined(_MSC_VER)
113 __asm {}
114 ;
115 }
116 # else
118 # endif
119 # define JS_OOM_CALL_BP_FUNC() js_failedAllocBreakpoint()
120 # else
121 # define JS_OOM_CALL_BP_FUNC() \
122 do { \
123 } while (0)
124 # endif
129 /*
130 * Out of memory testing support. We provide various testing functions to
131 * simulate OOM conditions and so we can test that they are handled correctly.
132 */
151 }
156 }
159 }
163 }
165 }
168 }
172 }
173 counter_++;
177 }
179 }
184 };
189 }
193 }
197 }
199 /*
200 * Out of stack space testing support, similar to OOM testing functions.
201 */
205 }
209 }
213 }
215 /*
216 * Interrupt testing support, similar to OOM testing functions.
217 */
221 }
225 }
229 }
234 # define JS_OOM_POSSIBLY_FAIL() \
235 do { \
236 if (js::oom::ShouldFailWithOOM()) return nullptr; \
237 } while (0)
239 # define JS_OOM_POSSIBLY_FAIL_BOOL() \
240 do { \
241 if (js::oom::ShouldFailWithOOM()) return false; \
242 } while (0)
244 # define JS_STACK_OOM_POSSIBLY_FAIL() \
245 do { \
246 if (js::oom::ShouldFailWithStackOOM()) return false; \
247 } while (0)
249 # define JS_INTERRUPT_POSSIBLY_FAIL() \
250 do { \
251 if (MOZ_UNLIKELY(js::oom::ShouldFailWithInterrupt())) { \
252 cx->requestInterrupt(js::InterruptReason::CallbackUrgent); \
253 return cx->handleInterrupt(); \
254 } \
255 } while (0)
257 # else
259 # define JS_OOM_POSSIBLY_FAIL() \
260 do { \
261 } while (0)
262 # define JS_OOM_POSSIBLY_FAIL_BOOL() \
263 do { \
264 } while (0)
265 # define JS_STACK_OOM_POSSIBLY_FAIL() \
266 do { \
267 } while (0)
268 # define JS_INTERRUPT_POSSIBLY_FAIL() \
269 do { \
270 } while (0)
280 # ifdef FUZZING
288 # define JS_CHECK_LARGE_ALLOC(x) \
289 do { \
290 if (js::oom::largeAllocLimit && x > js::oom::largeAllocLimit) { \
293 } else { \
294 return nullptr; \
295 } \
296 } \
297 } while (0)
298 # else
299 # define JS_CHECK_LARGE_ALLOC(x) \
300 do { \
301 } while (0)
302 # endif
306 /* Disable OOM testing in sections which are not OOM safe. */
313 annotateOOMSizeCallback;
315 AnnotateOOMAllocationSizeCallback callback) {
317 }
319 # if defined(DEBUG) || defined(JS_OOM_BREAKPOINT)
325 }
326 }
332 }
333 }
336 // Used to catch concurrent use from other threads.
340 # endif
341 };
345 // Malloc allocation.
356 // This is a no-op if built without MOZ_MEMORY and MOZ_DEBUG.
365 }
369 }
375 }
382 }
386 }
390 }
393 // realloc() with zero size is not portable, as some implementations may
394 // return nullptr on success and free |p| for this. We assume nullptr
395 // indicates failure and that |p| is still valid.
401 }
405 }
408 // TODO: This should call |moz_arena_free(js::MallocArena, p)| but we
409 // currently can't enforce that all memory freed here was allocated by
410 // js_malloc().
412 }
415 #include <new>
417 /*
418 * [SMDOC] Low-level memory management in SpiderMonkey
419 *
420 * ** Do not use the standard malloc/free/realloc: SpiderMonkey allows these
421 * to be redefined (via JS_USE_CUSTOM_ALLOCATOR) and Gecko even #define's
422 * these symbols.
423 *
424 * ** Do not use the builtin C++ operator new and delete: these throw on
425 * error and we cannot override them not to.
426 *
427 * Allocation:
428 *
429 * - If the lifetime of the allocation is tied to the lifetime of a GC-thing
430 * (that is, finalizing the GC-thing will free the allocation), call one of
431 * the following functions:
432 *
433 * JSContext::{pod_malloc,pod_calloc,pod_realloc}
434 * Zone::{pod_malloc,pod_calloc,pod_realloc}
435 *
436 * These functions accumulate the number of bytes allocated which is used as
437 * part of the GC-triggering heuristics.
438 *
439 * The difference between the JSContext and Zone versions is that the
440 * cx version report an out-of-memory error on OOM. (This follows from the
441 * general SpiderMonkey idiom that a JSContext-taking function reports its
442 * own errors.)
443 *
444 * If you don't want to report an error on failure, there are maybe_ versions
445 * of these methods available too, e.g. maybe_pod_malloc.
446 *
447 * The methods above use templates to allow allocating memory suitable for an
448 * array of a given type and number of elements. There are _with_extra
449 * versions to allow allocating an area of memory which is larger by a
450 * specified number of bytes, e.g. pod_malloc_with_extra.
451 *
452 * These methods are available on a JSRuntime, but calling them is
453 * discouraged. Memory attributed to a runtime can only be reclaimed by full
454 * GCs, and we try to avoid those where possible.
455 *
456 * - Otherwise, use js_malloc/js_realloc/js_calloc/js_new
457 *
458 * Deallocation:
459 *
460 * - Ordinarily, use js_free/js_delete.
461 *
462 * - For deallocations during GC finalization, use one of the following
463 * operations on the JSFreeOp provided to the finalizer:
464 *
465 * JSFreeOp::{free_,delete_}
466 */
468 /*
469 * Given a class which should provide a 'new' method, add
470 * JS_DECLARE_NEW_METHODS (see js::MallocProvider for an example).
471 *
472 * Note: Do not add a ; at the end of a use of JS_DECLARE_NEW_METHODS,
473 * or the build will break.
474 */
475 #define JS_DECLARE_NEW_METHODS(NEWNAME, ALLOCATOR, QUALIFIERS) \
476 template <class T, typename... Args> \
477 QUALIFIERS T* MOZ_HEAP_ALLOCATOR NEWNAME(Args&&... args) { \
478 void* memory = ALLOCATOR(sizeof(T)); \
479 return MOZ_LIKELY(memory) ? new (memory) T(std::forward<Args>(args)...) \
480 : nullptr; \
481 }
483 /*
484 * Given a class which should provide a 'new' method that takes an arena as
485 * its first argument, add JS_DECLARE_NEW_ARENA_METHODS
486 * (see js::MallocProvider for an example).
487 *
488 * Note: Do not add a ; at the end of a use of JS_DECLARE_NEW_ARENA_METHODS,
489 * or the build will break.
490 */
491 #define JS_DECLARE_NEW_ARENA_METHODS(NEWNAME, ALLOCATOR, QUALIFIERS) \
492 template <class T, typename... Args> \
493 QUALIFIERS T* MOZ_HEAP_ALLOCATOR NEWNAME(arena_id_t arena, Args&&... args) { \
494 void* memory = ALLOCATOR(arena, sizeof(T)); \
495 return MOZ_LIKELY(memory) ? new (memory) T(std::forward<Args>(args)...) \
496 : nullptr; \
497 }
499 /*
500 * Given a class which should provide 'make' methods, add
501 * JS_DECLARE_MAKE_METHODS (see js::MallocProvider for an example). This
502 * method is functionally the same as JS_DECLARE_NEW_METHODS: it just declares
503 * methods that return mozilla::UniquePtr instances that will singly-manage
504 * ownership of the created object.
505 *
506 * Note: Do not add a ; at the end of a use of JS_DECLARE_MAKE_METHODS,
507 * or the build will break.
508 */
509 #define JS_DECLARE_MAKE_METHODS(MAKENAME, NEWNAME, QUALIFIERS) \
510 template <class T, typename... Args> \
511 QUALIFIERS mozilla::UniquePtr<T, JS::DeletePolicy<T>> MOZ_HEAP_ALLOCATOR \
512 MAKENAME(Args&&... args) { \
513 T* ptr = NEWNAME<T>(std::forward<Args>(args)...); \
514 return mozilla::UniquePtr<T, JS::DeletePolicy<T>>(ptr); \
515 }
523 /*
524 * Calculate the number of bytes needed to allocate |numElems| contiguous
525 * instances of type |T|. Return false if the calculation overflowed.
526 */
532 }
534 /*
535 * Calculate the number of bytes needed to allocate a single instance of type
536 * |T| followed by |numExtra| contiguous instances of type |Extra|. Return
537 * false if the calculation overflowed.
538 */
545 }
554 }
555 }
563 }
564 }
572 }
574 }
579 }
587 }
589 }
594 }
604 }
606 }
612 }
626 };
630 };
638 /* sixgill annotation defines */
639 #ifndef HAVE_STATIC_ANNOTATIONS
640 # define HAVE_STATIC_ANNOTATIONS
641 # ifdef XGILL_PLUGIN
642 # define STATIC_PRECONDITION(COND) __attribute__((precondition(# COND)))
643 # define STATIC_PRECONDITION_ASSUME(COND) \
644 __attribute__((precondition_assume(#COND)))
645 # define STATIC_POSTCONDITION(COND) __attribute__((postcondition(# COND)))
646 # define STATIC_POSTCONDITION_ASSUME(COND) \
647 __attribute__((postcondition_assume(#COND)))
648 # define STATIC_INVARIANT(COND) __attribute__((invariant(# COND)))
649 # define STATIC_INVARIANT_ASSUME(COND) \
650 __attribute__((invariant_assume(#COND)))
651 # define STATIC_ASSUME(COND) \
652 JS_BEGIN_MACRO \
653 __attribute__((assume_static(#COND), unused)) int STATIC_PASTE1( \
654 assume_static_, __COUNTER__); \
655 JS_END_MACRO
663 # define STATIC_ASSUME(COND) \
665 JS_END_MACRO
667 # define STATIC_SKIP_INFERENCE STATIC_INVARIANT(skip_inference())