/* This Source Code Form is subject to the terms of the Mozilla Public * License, v. 2.0. If a copy of the MPL was not distributed with this * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ //! Smart pointers for the JS-managed DOM objects. //! //! The DOM is made up of DOM objects whose lifetime is entirely controlled by //! the whims of the SpiderMonkey garbage collector. The types in this module //! are designed to ensure that any interactions with said Rust types only //! occur on values that will remain alive the entire time. //! //! Here is a brief overview of the important types: //! //! - `Root`: a stack-based reference to a rooted DOM object. //! - `JS`: a reference to a DOM object that can automatically be traced by //! the GC when encountered as a field of a Rust structure. //! //! `JS` does not allow access to their inner value without explicitly //! creating a stack-based root via the `root` method. This returns a `Root`, //! which causes the JS-owned value to be uncollectable for the duration of the //! `Root` object's lifetime. A reference to the object can then be obtained //! from the `Root` object. These references are not allowed to outlive their //! originating `Root`. //! use core::nonzero::NonZero; use dom::bindings::conversions::DerivedFrom; use dom::bindings::inheritance::Castable; use dom::bindings::reflector::{DomObject, Reflector}; use dom::bindings::trace::JSTraceable; use dom::bindings::trace::trace_reflector; use dom::node::Node; use heapsize::HeapSizeOf; use js::jsapi::{JSObject, JSTracer}; use script_layout_interface::TrustedNodeAddress; use script_thread::STACK_ROOTS; use std::cell::UnsafeCell; use std::default::Default; use std::hash::{Hash, Hasher}; #[cfg(debug_assertions)] use std::intrinsics::type_name; use std::mem; use std::ops::Deref; use std::ptr; use std::rc::Rc; use style::thread_state; /// A traced reference to a DOM object /// /// This type is critical to making garbage collection work with the DOM, /// but it is very dangerous; if garbage collection happens with a `JS` /// on the stack, the `JS` can point to freed memory. /// /// This should only be used as a field in other DOM objects. #[must_root] pub struct JS { ptr: NonZero<*const T>, } // JS is similar to Rc, in that it's not always clear how to avoid double-counting. // For now, we choose not to follow any such pointers. impl HeapSizeOf for JS { fn heap_size_of_children(&self) -> usize { 0 } } impl JS { /// Returns `LayoutJS` containing the same pointer. pub unsafe fn to_layout(&self) -> LayoutJS { debug_assert!(thread_state::get().is_layout()); LayoutJS { ptr: self.ptr.clone(), } } } impl JS { /// Create a JS from a &T #[allow(unrooted_must_root)] pub fn from_ref(obj: &T) -> JS { debug_assert!(thread_state::get().is_script()); JS { ptr: unsafe { NonZero::new(&*obj) }, } } } impl<'root, T: DomObject + 'root> RootedReference<'root> for JS { type Ref = &'root T; fn r(&'root self) -> &'root T { &self } } impl Deref for JS { type Target = T; fn deref(&self) -> &T { debug_assert!(thread_state::get().is_script()); // We can only have &JS from a rooted thing, so it's safe to deref // it to &T. unsafe { &*self.ptr.get() } } } unsafe impl JSTraceable for JS { unsafe fn trace(&self, trc: *mut JSTracer) { #[cfg(debug_assertions)] let trace_str = format!("for {} on heap", type_name::()); #[cfg(debug_assertions)] let trace_info = &trace_str[..]; #[cfg(not(debug_assertions))] let trace_info = "for DOM object on heap"; trace_reflector(trc, trace_info, (*self.ptr.get()).reflector()); } } /// An unrooted reference to a DOM object for use in layout. `Layout*Helpers` /// traits must be implemented on this. #[allow_unrooted_interior] pub struct LayoutJS { ptr: NonZero<*const T>, } impl LayoutJS { /// Cast a DOM object root upwards to one of the interfaces it derives from. pub fn upcast(&self) -> LayoutJS where U: Castable, T: DerivedFrom { debug_assert!(thread_state::get().is_layout()); let ptr: *const T = self.ptr.get(); LayoutJS { ptr: unsafe { NonZero::new(ptr as *const U) }, } } /// Cast a DOM object downwards to one of the interfaces it might implement. pub fn downcast(&self) -> Option> where U: DerivedFrom { debug_assert!(thread_state::get().is_layout()); unsafe { if (*self.unsafe_get()).is::() { let ptr: *const T = self.ptr.get(); Some(LayoutJS { ptr: NonZero::new(ptr as *const U), }) } else { None } } } } impl LayoutJS { /// Get the reflector. pub unsafe fn get_jsobject(&self) -> *mut JSObject { debug_assert!(thread_state::get().is_layout()); (*self.ptr.get()).reflector().get_jsobject().get() } } impl Copy for LayoutJS {} impl PartialEq for JS { fn eq(&self, other: &JS) -> bool { self.ptr == other.ptr } } impl Eq for JS {} impl PartialEq for LayoutJS { fn eq(&self, other: &LayoutJS) -> bool { self.ptr == other.ptr } } impl Eq for LayoutJS {} impl Hash for JS { fn hash(&self, state: &mut H) { self.ptr.hash(state) } } impl Hash for LayoutJS { fn hash(&self, state: &mut H) { self.ptr.hash(state) } } impl Clone for JS { #[inline] #[allow(unrooted_must_root)] fn clone(&self) -> JS { debug_assert!(thread_state::get().is_script()); JS { ptr: self.ptr.clone(), } } } impl Clone for LayoutJS { #[inline] fn clone(&self) -> LayoutJS { debug_assert!(thread_state::get().is_layout()); LayoutJS { ptr: self.ptr.clone(), } } } impl LayoutJS { /// Create a new JS-owned value wrapped from an address known to be a /// `Node` pointer. pub unsafe fn from_trusted_node_address(inner: TrustedNodeAddress) -> LayoutJS { debug_assert!(thread_state::get().is_layout()); let TrustedNodeAddress(addr) = inner; LayoutJS { ptr: NonZero::new(addr as *const Node), } } } /// A holder that provides interior mutability for GC-managed values such as /// `JS`. Essentially a `Cell>`, but safer. /// /// This should only be used as a field in other DOM objects; see warning /// on `JS`. #[must_root] #[derive(JSTraceable)] pub struct MutJS { val: UnsafeCell>, } impl MutJS { /// Create a new `MutJS`. pub fn new(initial: &T) -> MutJS { debug_assert!(thread_state::get().is_script()); MutJS { val: UnsafeCell::new(JS::from_ref(initial)), } } /// Set this `MutJS` to the given value. pub fn set(&self, val: &T) { debug_assert!(thread_state::get().is_script()); unsafe { *self.val.get() = JS::from_ref(val); } } /// Get the value in this `MutJS`. pub fn get(&self) -> Root { debug_assert!(thread_state::get().is_script()); unsafe { Root::from_ref(&*ptr::read(self.val.get())) } } } impl HeapSizeOf for MutJS { fn heap_size_of_children(&self) -> usize { // See comment on HeapSizeOf for JS. 0 } } impl PartialEq for MutJS { fn eq(&self, other: &Self) -> bool { unsafe { *self.val.get() == *other.val.get() } } } impl PartialEq for MutJS { fn eq(&self, other: &T) -> bool { unsafe { **self.val.get() == *other } } } /// A holder that provides interior mutability for GC-managed values such as /// `JS`, with nullability represented by an enclosing Option wrapper. /// Essentially a `Cell>>`, but safer. /// /// This should only be used as a field in other DOM objects; see warning /// on `JS`. #[must_root] #[derive(JSTraceable)] pub struct MutNullableJS { ptr: UnsafeCell>>, } impl MutNullableJS { /// Create a new `MutNullableJS`. pub fn new(initial: Option<&T>) -> MutNullableJS { debug_assert!(thread_state::get().is_script()); MutNullableJS { ptr: UnsafeCell::new(initial.map(JS::from_ref)), } } /// Retrieve a copy of the current inner value. If it is `None`, it is /// initialized with the result of `cb` first. pub fn or_init(&self, cb: F) -> Root where F: FnOnce() -> Root { debug_assert!(thread_state::get().is_script()); match self.get() { Some(inner) => inner, None => { let inner = cb(); self.set(Some(&inner)); inner }, } } /// Retrieve a copy of the inner optional `JS` as `LayoutJS`. /// For use by layout, which can't use safe types like Temporary. #[allow(unrooted_must_root)] pub unsafe fn get_inner_as_layout(&self) -> Option> { debug_assert!(thread_state::get().is_layout()); ptr::read(self.ptr.get()).map(|js| js.to_layout()) } /// Get a rooted value out of this object #[allow(unrooted_must_root)] pub fn get(&self) -> Option> { debug_assert!(thread_state::get().is_script()); unsafe { ptr::read(self.ptr.get()).map(|o| Root::from_ref(&*o)) } } /// Set this `MutNullableJS` to the given value. pub fn set(&self, val: Option<&T>) { debug_assert!(thread_state::get().is_script()); unsafe { *self.ptr.get() = val.map(|p| JS::from_ref(p)); } } /// Gets the current value out of this object and sets it to `None`. pub fn take(&self) -> Option> { let value = self.get(); self.set(None); value } } impl PartialEq for MutNullableJS { fn eq(&self, other: &Self) -> bool { unsafe { *self.ptr.get() == *other.ptr.get() } } } impl<'a, T: DomObject> PartialEq> for MutNullableJS { fn eq(&self, other: &Option<&T>) -> bool { unsafe { *self.ptr.get() == other.map(JS::from_ref) } } } impl Default for MutNullableJS { #[allow(unrooted_must_root)] fn default() -> MutNullableJS { debug_assert!(thread_state::get().is_script()); MutNullableJS { ptr: UnsafeCell::new(None), } } } impl HeapSizeOf for MutNullableJS { fn heap_size_of_children(&self) -> usize { // See comment on HeapSizeOf for JS. 0 } } impl LayoutJS { /// Returns an unsafe pointer to the interior of this JS object. This is /// the only method that be safely accessed from layout. (The fact that /// this is unsafe is what necessitates the layout wrappers.) pub unsafe fn unsafe_get(&self) -> *const T { debug_assert!(thread_state::get().is_layout()); self.ptr.get() } /// Returns a reference to the interior of this JS object. This method is /// safe to call because it originates from the layout thread, and it cannot /// mutate DOM nodes. pub fn get_for_script(&self) -> &T { debug_assert!(thread_state::get().is_script()); unsafe { &*self.ptr.get() } } } /// Get a reference out of a rooted value. pub trait RootedReference<'root> { /// The type of the reference. type Ref: 'root; /// Obtain a reference out of the rooted value. fn r(&'root self) -> Self::Ref; } impl<'root, T: JSTraceable + DomObject + 'root> RootedReference<'root> for [JS] { type Ref = &'root [&'root T]; fn r(&'root self) -> &'root [&'root T] { unsafe { mem::transmute(self) } } } impl<'root, T: DomObject + 'root> RootedReference<'root> for Rc { type Ref = &'root T; fn r(&'root self) -> &'root T { self } } impl<'root, T: RootedReference<'root> + 'root> RootedReference<'root> for Option { type Ref = Option; fn r(&'root self) -> Option { self.as_ref().map(RootedReference::r) } } /// A rooting mechanism for reflectors on the stack. /// LIFO is not required. /// /// See also [*Exact Stack Rooting - Storing a GCPointer on the CStack*] /// (https://developer.mozilla.org/en-US/docs/Mozilla/Projects/SpiderMonkey/Internals/GC/Exact_Stack_Rooting). pub struct RootCollection { roots: UnsafeCell>, } /// A pointer to a RootCollection, for use in global variables. pub struct RootCollectionPtr(pub *const RootCollection); impl Copy for RootCollectionPtr {} impl Clone for RootCollectionPtr { fn clone(&self) -> RootCollectionPtr { *self } } impl RootCollection { /// Create an empty collection of roots pub fn new() -> RootCollection { debug_assert!(thread_state::get().is_script()); RootCollection { roots: UnsafeCell::new(vec![]), } } /// Start tracking a stack-based root unsafe fn root(&self, untracked_reflector: *const Reflector) { debug_assert!(thread_state::get().is_script()); let mut roots = &mut *self.roots.get(); roots.push(untracked_reflector); assert!(!(*untracked_reflector).get_jsobject().is_null()) } /// Stop tracking a stack-based reflector, asserting if it isn't found. unsafe fn unroot(&self, tracked_reflector: *const Reflector) { assert!(!tracked_reflector.is_null()); assert!(!(*tracked_reflector).get_jsobject().is_null()); debug_assert!(thread_state::get().is_script()); let mut roots = &mut *self.roots.get(); match roots.iter().rposition(|r| *r == tracked_reflector) { Some(idx) => { roots.remove(idx); }, None => panic!("Can't remove a root that was never rooted!"), } } } /// SM Callback that traces the rooted reflectors pub unsafe fn trace_roots(tracer: *mut JSTracer) { debug!("tracing stack roots"); STACK_ROOTS.with(|ref collection| { let RootCollectionPtr(collection) = collection.get().unwrap(); let collection = &*(*collection).roots.get(); for root in collection { trace_reflector(tracer, "on stack", &**root); } }); } /// A rooted reference to a DOM object. /// /// The JS value is pinned for the duration of this object's lifetime; roots /// are additive, so this object's destruction will not invalidate other roots /// for the same JS value. `Root`s cannot outlive the associated /// `RootCollection` object. #[allow_unrooted_interior] pub struct Root { /// Reference to rooted value that must not outlive this container ptr: NonZero<*const T>, /// List that ensures correct dynamic root ordering root_list: *const RootCollection, } impl Root { /// Cast a DOM object root upwards to one of the interfaces it derives from. pub fn upcast(root: Root) -> Root where U: Castable, T: DerivedFrom { unsafe { mem::transmute(root) } } /// Cast a DOM object root downwards to one of the interfaces it might implement. pub fn downcast(root: Root) -> Option> where U: DerivedFrom { if root.is::() { Some(unsafe { mem::transmute(root) }) } else { None } } } impl Root { /// Create a new stack-bounded root for the provided JS-owned value. /// It cannot outlive its associated `RootCollection`, and it gives /// out references which cannot outlive this new `Root`. pub fn new(unrooted: NonZero<*const T>) -> Root { debug_assert!(thread_state::get().is_script()); STACK_ROOTS.with(|ref collection| { let RootCollectionPtr(collection) = collection.get().unwrap(); unsafe { (*collection).root(&*(*unrooted.get()).reflector()) } Root { ptr: unrooted, root_list: collection, } }) } /// Generate a new root from a reference pub fn from_ref(unrooted: &T) -> Root { Root::new(unsafe { NonZero::new(unrooted) }) } } impl<'root, T: DomObject + 'root> RootedReference<'root> for Root { type Ref = &'root T; fn r(&'root self) -> &'root T { self } } impl Deref for Root { type Target = T; fn deref(&self) -> &T { debug_assert!(thread_state::get().is_script()); unsafe { &*self.ptr.get() } } } impl HeapSizeOf for Root { fn heap_size_of_children(&self) -> usize { (**self).heap_size_of_children() } } impl PartialEq for Root { fn eq(&self, other: &Self) -> bool { self.ptr == other.ptr } } impl Clone for Root { fn clone(&self) -> Root { Root::from_ref(&*self) } } impl Drop for Root { fn drop(&mut self) { unsafe { (*self.root_list).unroot(self.reflector()); } } } unsafe impl JSTraceable for Root { unsafe fn trace(&self, _: *mut JSTracer) { // Already traced. } }