Source/JavaScriptCore/runtime/JSSegmentedVariableObject.h - external/github.com/WebKit/webkit - Git at Google

 /*
  * Copyright (C) 2012-2021 Apple Inc. All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions
  * are met:
  *
  * 1.  Redistributions of source code must retain the above copyright
  *     notice, this list of conditions and the following disclaimer.
  * 2.  Redistributions in binary form must reproduce the above copyright
  *     notice, this list of conditions and the following disclaimer in the
  *     documentation and/or other materials provided with the distribution.
  * 3.  Neither the name of Apple Inc. ("Apple") nor the names of
  *     its contributors may be used to endorse or promote products derived
  *     from this software without specific prior written permission.
  *
  * THIS SOFTWARE IS PROVIDED BY APPLE AND ITS CONTRIBUTORS "AS IS" AND ANY
  * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
  * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
  * DISCLAIMED. IN NO EVENT SHALL APPLE OR ITS CONTRIBUTORS BE LIABLE FOR ANY
  * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
  * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
  * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
  * ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
  * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
  * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
  */

 #pragma once

 #include "ConcurrentJSLock.h"
 #include "JSObject.h"
 #include "JSSymbolTableObject.h"
 #include "SymbolTable.h"
 #include <wtf/SegmentedVector.h>

 namespace JSC {

 class LLIntOffsetsExtractor;

 // This is a mostly drop-in replacement for JSLexicalEnvironment, except that it preserves
 // the invariant that after a variable is created, its address in memory will not change
 // so long as the JSSegmentedVariableObject is alive. This allows optimizations based
 // on getting the address of the variable and remembering it. As well, unlike a
 // JSLexicalEnvironment, this will manage the memory for the registers itself and neither
 // requires nor allows for the subclasses to manage that memory. Finally,
 // JSSegmentedVariableObject has its own GC tracing functionality, since it knows the
 // exact dimensions of the variables array at all times.

 class JSSegmentedVariableObject : public JSSymbolTableObject {
     friend class JIT;
     friend class LLIntOffsetsExtractor;
 public:
     using Base = JSSymbolTableObject;

     DECLARE_INFO;

     static constexpr bool needsDestruction = true;
     template<typename CellType, SubspaceAccess>
     static void subspaceFor(VM&) { RELEASE_ASSERT_NOT_REACHED(); }

     bool isValidScopeOffset(ScopeOffset offset)
     {
         return !!offset && offset.offset() < m_variables.size();
     }

     // This is not thread-safe, since m_variables is a segmented vector, and its spine can resize with
     // malloc/free if new variables - unrelated to the one you are accessing - are added. You can get
     // around this by grabbing m_lock, or finding some other way to get to the variable pointer (global
     // variable access bytecode instructions will have a direct pointer already).
     WriteBarrier<Unknown>& variableAt(ScopeOffset offset) { return m_variables[offset.offset()]; }

     // This is a slow method call, which searches the register bank to find the index
     // given a pointer. It will CRASH() if it does not find the register. Only use this
     // in debug code (like bytecode dumping).
     JS_EXPORT_PRIVATE ScopeOffset findVariableIndex(void*);

     WriteBarrier<Unknown>* assertVariableIsInThisObject(WriteBarrier<Unknown>* variablePointer)
     {
         if (ASSERT_ENABLED)
             findVariableIndex(variablePointer);
         return variablePointer;
     }

     // Adds numberOfRegistersToAdd registers, initializes them to Undefined, and returns
     // the index of the first one added.
     JS_EXPORT_PRIVATE ScopeOffset addVariables(unsigned numberOfVariablesToAdd, JSValue);

     DECLARE_VISIT_CHILDREN_WITH_MODIFIER(JS_EXPORT_PRIVATE);
     JS_EXPORT_PRIVATE static void analyzeHeap(JSCell*, HeapAnalyzer&);

 protected:
     JSSegmentedVariableObject(VM&, Structure*, JSScope*);

     ~JSSegmentedVariableObject();

     void finishCreation(VM&);

 private:
     SegmentedVector<WriteBarrier<Unknown>, 16> m_variables;
 #ifndef NDEBUG
     bool m_alreadyDestroyed { false }; // We use these assertions to check that we aren't doing ancient hacks that result in this being destroyed more than once.
 #endif
 };

 } // namespace JSC
	/*
	* Copyright (C) 2012-2021 Apple Inc. All rights reserved.
	*
	* Redistribution and use in source and binary forms, with or without
	* modification, are permitted provided that the following conditions
	* are met:
	*
	* 1. Redistributions of source code must retain the above copyright
	* notice, this list of conditions and the following disclaimer.
	* 2. Redistributions in binary form must reproduce the above copyright
	* notice, this list of conditions and the following disclaimer in the
	* documentation and/or other materials provided with the distribution.
	* 3. Neither the name of Apple Inc. ("Apple") nor the names of
	* its contributors may be used to endorse or promote products derived
	* from this software without specific prior written permission.
	*
	* THIS SOFTWARE IS PROVIDED BY APPLE AND ITS CONTRIBUTORS "AS IS" AND ANY
	* EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
	* WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
	* DISCLAIMED. IN NO EVENT SHALL APPLE OR ITS CONTRIBUTORS BE LIABLE FOR ANY
	* DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
	* (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
	* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
	* ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
	* (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
	* THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
	*/

	#pragma once

	#include "ConcurrentJSLock.h"
	#include "JSObject.h"
	#include "JSSymbolTableObject.h"
	#include "SymbolTable.h"
	#include <wtf/SegmentedVector.h>

	namespace JSC {

	class LLIntOffsetsExtractor;

	// This is a mostly drop-in replacement for JSLexicalEnvironment, except that it preserves
	// the invariant that after a variable is created, its address in memory will not change
	// so long as the JSSegmentedVariableObject is alive. This allows optimizations based
	// on getting the address of the variable and remembering it. As well, unlike a
	// JSLexicalEnvironment, this will manage the memory for the registers itself and neither
	// requires nor allows for the subclasses to manage that memory. Finally,
	// JSSegmentedVariableObject has its own GC tracing functionality, since it knows the
	// exact dimensions of the variables array at all times.

	class JSSegmentedVariableObject : public JSSymbolTableObject {
	friend class JIT;
	friend class LLIntOffsetsExtractor;
	public:
	using Base = JSSymbolTableObject;

	DECLARE_INFO;

	static constexpr bool needsDestruction = true;
	template<typename CellType, SubspaceAccess>
	static void subspaceFor(VM&) { RELEASE_ASSERT_NOT_REACHED(); }

	bool isValidScopeOffset(ScopeOffset offset)
	{
	return !!offset && offset.offset() < m_variables.size();
	}

	// This is not thread-safe, since m_variables is a segmented vector, and its spine can resize with
	// malloc/free if new variables - unrelated to the one you are accessing - are added. You can get
	// around this by grabbing m_lock, or finding some other way to get to the variable pointer (global
	// variable access bytecode instructions will have a direct pointer already).
	WriteBarrier<Unknown>& variableAt(ScopeOffset offset) { return m_variables[offset.offset()]; }

	// This is a slow method call, which searches the register bank to find the index
	// given a pointer. It will CRASH() if it does not find the register. Only use this
	// in debug code (like bytecode dumping).
	JS_EXPORT_PRIVATE ScopeOffset findVariableIndex(void*);

	WriteBarrier<Unknown>* assertVariableIsInThisObject(WriteBarrier<Unknown>* variablePointer)
	{
	if (ASSERT_ENABLED)
	findVariableIndex(variablePointer);
	return variablePointer;
	}

	// Adds numberOfRegistersToAdd registers, initializes them to Undefined, and returns
	// the index of the first one added.
	JS_EXPORT_PRIVATE ScopeOffset addVariables(unsigned numberOfVariablesToAdd, JSValue);

	DECLARE_VISIT_CHILDREN_WITH_MODIFIER(JS_EXPORT_PRIVATE);
	JS_EXPORT_PRIVATE static void analyzeHeap(JSCell*, HeapAnalyzer&);

	protected:
	JSSegmentedVariableObject(VM&, Structure, JSScope);

	~JSSegmentedVariableObject();

	void finishCreation(VM&);

	private:
	SegmentedVector<WriteBarrier<Unknown>, 16> m_variables;
	#ifndef NDEBUG
	bool m_alreadyDestroyed { false }; // We use these assertions to check that we aren't doing ancient hacks that result in this being destroyed more than once.
	#endif
	};

	} // namespace JSC