tor-browser

lib.rs (21384B)

---

/* This Source Code Form is subject to the terms of the Mozilla Public
* License, v. 2.0. If a copy of the MPL was not distributed with this
* file, You can obtain one at https://mozilla.org/MPL/2.0/. */

//! Trait for cloning data into a shared memory buffer.
//!
//! This module contains the SharedMemoryBuilder type and ToShmem trait.
//!
//! We put them here (and not in style_traits) so that we can derive ToShmem
//! from the selectors and style crates.

#![crate_name = "to_shmem"]
#![crate_type = "rlib"]

use std::alloc::Layout;
use std::collections::HashSet;
use std::ffi::CString;
use std::isize;
use std::marker::PhantomData;
use std::mem::{self, ManuallyDrop};
use std::num::Wrapping;
use std::ops::Range;
use std::os::raw::c_char;
use std::ptr::{self, NonNull};
use std::slice;
use std::str;

/// Result type for ToShmem::to_shmem.
///
/// The String is an error message describing why the call failed.
pub type Result<T> = std::result::Result<ManuallyDrop<T>, String>;

// Various pointer arithmetic functions in this file can be replaced with
// functions on `Layout` once they have stabilized:
//
// https://github.com/rust-lang/rust/issues/55724

/// A builder object that transforms and copies values into a fixed size buffer.
pub struct SharedMemoryBuilder {
   /// The buffer into which values will be copied.
   buffer: *mut u8,
   /// The size of the buffer.
   capacity: usize,
   /// The current position in the buffer, where the next value will be written
   /// at.
   index: usize,
   /// Pointers to every shareable value that we store in the shared memory
   /// buffer.  We use this to assert against encountering the same value
   /// twice, e.g. through another Arc reference, so that we don't
   /// inadvertently store duplicate copies of values.
   #[cfg(all(debug_assertions, feature = "servo_arc"))]
   shared_values: HashSet<*const std::os::raw::c_void>,
}

/// Amount of padding needed after `size` bytes to ensure that the following
/// address will satisfy `align`.
fn padding_needed_for(size: usize, align: usize) -> usize {
   padded_size(size, align).wrapping_sub(size)
}

/// Rounds up `size` so that the following address will satisfy `align`.
fn padded_size(size: usize, align: usize) -> usize {
   size.wrapping_add(align).wrapping_sub(1) & !align.wrapping_sub(1)
}

impl SharedMemoryBuilder {
   /// Creates a new SharedMemoryBuilder using the specified buffer.
   pub unsafe fn new(buffer: *mut u8, capacity: usize) -> SharedMemoryBuilder {
       SharedMemoryBuilder {
           buffer,
           capacity,
           index: 0,
           #[cfg(all(debug_assertions, feature = "servo_arc"))]
           shared_values: HashSet::new(),
       }
   }

   /// Returns the number of bytes currently used in the buffer.
   #[inline]
   pub fn len(&self) -> usize {
       self.index
   }

   /// Writes a value into the shared memory buffer and returns a pointer to
   /// it in the buffer.
   ///
   /// The value is cloned and converted into a form suitable for placing into
   /// a shared memory buffer by calling ToShmem::to_shmem on it.
   ///
   /// Panics if there is insufficient space in the buffer.
   pub fn write<T: ToShmem>(&mut self, value: &T) -> std::result::Result<*mut T, String> {
       // Reserve space for the value.
       let dest: *mut T = self.alloc_value();

       // Make a clone of the value with all of its heap allocations
       // placed in the shared memory buffer.
       let value = value.to_shmem(self)?;

       unsafe {
           // Copy the value into the buffer.
           ptr::write(dest, ManuallyDrop::into_inner(value));
       }

       // Return a pointer to the shared value.
       Ok(dest)
   }

   /// Reserves space in the shared memory buffer to fit a value of type T,
   /// and returns a pointer to that reserved space.
   ///
   /// Panics if there is insufficient space in the buffer.
   pub fn alloc_value<T>(&mut self) -> *mut T {
       self.alloc(Layout::new::<T>())
   }

   /// Reserves space in the shared memory buffer to fit an array of values of
   /// type T, and returns a pointer to that reserved space.
   ///
   /// Panics if there is insufficient space in the buffer.
   pub fn alloc_array<T>(&mut self, len: usize) -> *mut T {
       if len == 0 {
           return NonNull::dangling().as_ptr();
       }

       let size = mem::size_of::<T>();
       let align = mem::align_of::<T>();

       self.alloc(Layout::from_size_align(padded_size(size, align) * len, align).unwrap())
   }

   /// Reserves space in the shared memory buffer that conforms to the
   /// specified layout, and returns a pointer to that reserved space.
   ///
   /// Panics if there is insufficient space in the buffer.
   pub fn alloc<T>(&mut self, layout: Layout) -> *mut T {
       // Amount of padding to align the value.
       //
       // The addition can't overflow, since self.index <= self.capacity, and
       // for us to have successfully allocated the buffer, `buffer + capacity`
       // can't overflow.
       let padding = padding_needed_for(self.buffer as usize + self.index, layout.align());

       // Reserve space for the padding.
       let start = self.index.checked_add(padding).unwrap();
       assert!(start <= std::isize::MAX as usize); // for the cast below

       // Reserve space for the value.
       let end = start.checked_add(layout.size()).unwrap();
       assert!(end <= self.capacity);

       self.index = end;
       unsafe { self.buffer.add(start) as *mut T }
   }
}

/// A type that can be copied into a SharedMemoryBuilder.
pub trait ToShmem: Sized {
   /// Clones this value into a form suitable for writing into a
   /// SharedMemoryBuilder.
   ///
   /// If this value owns any heap allocations, they should be written into
   /// `builder` so that the return value of this function can point to the
   /// copy in the shared memory buffer.
   ///
   /// The return type is wrapped in ManuallyDrop to make it harder to
   /// accidentally invoke the destructor of the value that is produced.
   ///
   /// Returns a Result so that we can gracefully recover from unexpected
   /// content.
   fn to_shmem(&self, builder: &mut SharedMemoryBuilder) -> Result<Self>;
}

#[macro_export]
macro_rules! impl_trivial_to_shmem {
   ($($ty:ty),*) => {
       $(
           impl $crate::ToShmem for $ty {
               fn to_shmem(
                   &self,
                   _builder: &mut $crate::SharedMemoryBuilder,
               ) -> $crate::Result<Self> {
                   $crate::Result::Ok(::std::mem::ManuallyDrop::new(*self))
               }
           }
       )*
   };
}

impl_trivial_to_shmem!(
   (),
   bool,
   f32,
   f64,
   i8,
   i16,
   i32,
   i64,
   u8,
   u16,
   u32,
   u64,
   isize,
   usize,
   std::num::NonZeroUsize
);

impl<T> ToShmem for PhantomData<T> {
   fn to_shmem(&self, _builder: &mut SharedMemoryBuilder) -> Result<Self> {
       Ok(ManuallyDrop::new(*self))
   }
}

impl<T: ToShmem> ToShmem for Range<T> {
   fn to_shmem(&self, builder: &mut SharedMemoryBuilder) -> Result<Self> {
       Ok(ManuallyDrop::new(Range {
           start: ManuallyDrop::into_inner(self.start.to_shmem(builder)?),
           end: ManuallyDrop::into_inner(self.end.to_shmem(builder)?),
       }))
   }
}

impl<T: ToShmem, U: ToShmem> ToShmem for (T, U) {
   fn to_shmem(&self, builder: &mut SharedMemoryBuilder) -> Result<Self> {
       Ok(ManuallyDrop::new((
           ManuallyDrop::into_inner(self.0.to_shmem(builder)?),
           ManuallyDrop::into_inner(self.1.to_shmem(builder)?),
       )))
   }
}

impl<T: ToShmem> ToShmem for Wrapping<T> {
   fn to_shmem(&self, builder: &mut SharedMemoryBuilder) -> Result<Self> {
       Ok(ManuallyDrop::new(Wrapping(ManuallyDrop::into_inner(
           self.0.to_shmem(builder)?,
       ))))
   }
}

impl<T: ToShmem> ToShmem for Box<T> {
   fn to_shmem(&self, builder: &mut SharedMemoryBuilder) -> Result<Self> {
       // Reserve space for the boxed value.
       let dest: *mut T = builder.alloc_value();

       // Make a clone of the boxed value with all of its heap allocations
       // placed in the shared memory buffer.
       let value = (**self).to_shmem(builder)?;

       unsafe {
           // Copy the value into the buffer.
           ptr::write(dest, ManuallyDrop::into_inner(value));

           Ok(ManuallyDrop::new(Box::from_raw(dest)))
       }
   }
}

/// Converts all the items in `src` into shared memory form, writes them into
/// the specified buffer, and returns a pointer to the slice.
unsafe fn to_shmem_slice_ptr<'a, T, I>(
   src: I,
   dest: *mut T,
   builder: &mut SharedMemoryBuilder,
) -> std::result::Result<*mut [T], String>
where
   T: 'a + ToShmem,
   I: ExactSizeIterator<Item = &'a T>,
{
   let dest = slice::from_raw_parts_mut(dest, src.len());

   // Make a clone of each element from the iterator with its own heap
   // allocations placed in the buffer, and copy that clone into the buffer.
   for (src, dest) in src.zip(dest.iter_mut()) {
       ptr::write(dest, ManuallyDrop::into_inner(src.to_shmem(builder)?));
   }

   Ok(dest)
}

/// Writes all the items in `src` into a slice in the shared memory buffer and
/// returns a pointer to the slice.
pub unsafe fn to_shmem_slice<'a, T, I>(
   src: I,
   builder: &mut SharedMemoryBuilder,
) -> std::result::Result<*mut [T], String>
where
   T: 'a + ToShmem,
   I: ExactSizeIterator<Item = &'a T>,
{
   let dest = builder.alloc_array(src.len());
   to_shmem_slice_ptr(src, dest, builder)
}

impl<T: ToShmem> ToShmem for Box<[T]> {
   fn to_shmem(&self, builder: &mut SharedMemoryBuilder) -> Result<Self> {
       unsafe {
           let dest = to_shmem_slice(self.iter(), builder)?;
           Ok(ManuallyDrop::new(Box::from_raw(dest)))
       }
   }
}

impl ToShmem for Box<str> {
   fn to_shmem(&self, builder: &mut SharedMemoryBuilder) -> Result<Self> {
       // Reserve space for the string bytes.
       let dest: *mut u8 = builder.alloc_array(self.len());

       unsafe {
           // Copy the value into the buffer.
           ptr::copy(self.as_ptr(), dest, self.len());

           Ok(ManuallyDrop::new(Box::from_raw(
               str::from_utf8_unchecked_mut(slice::from_raw_parts_mut(dest, self.len())),
           )))
       }
   }
}

impl ToShmem for String {
   fn to_shmem(&self, builder: &mut SharedMemoryBuilder) -> Result<Self> {
       // Reserve space for the string bytes.
       let dest: *mut u8 = builder.alloc_array(self.len());

       unsafe {
           // Copy the value into the buffer.
           ptr::copy(self.as_ptr(), dest, self.len());

           Ok(ManuallyDrop::new(String::from_raw_parts(
               dest,
               self.len(),
               self.len(),
           )))
       }
   }
}

impl ToShmem for CString {
   fn to_shmem(&self, builder: &mut SharedMemoryBuilder) -> Result<Self> {
       let len = self.as_bytes_with_nul().len();

       // Reserve space for the string bytes.
       let dest: *mut c_char = builder.alloc_array(len);

       unsafe {
           // Copy the value into the buffer.
           ptr::copy(self.as_ptr(), dest, len);

           Ok(ManuallyDrop::new(CString::from_raw(dest)))
       }
   }
}

impl<T: ToShmem> ToShmem for Vec<T> {
   fn to_shmem(&self, builder: &mut SharedMemoryBuilder) -> Result<Self> {
       unsafe {
           let dest = to_shmem_slice(self.iter(), builder)? as *mut T;
           let dest_vec = Vec::from_raw_parts(dest, self.len(), self.len());
           Ok(ManuallyDrop::new(dest_vec))
       }
   }
}

impl<T: ToShmem, S> ToShmem for HashSet<T, S>
where
   Self: Default,
{
   fn to_shmem(&self, _builder: &mut SharedMemoryBuilder) -> Result<Self> {
       if !self.is_empty() {
           return Err(format!(
               "ToShmem failed for HashSet: We only support empty sets \
                (we don't expect custom properties in UA sheets, they're observable by content)",
           ));
       }
       Ok(ManuallyDrop::new(Self::default()))
   }
}

impl<T: ToShmem> ToShmem for Option<T> {
   fn to_shmem(&self, builder: &mut SharedMemoryBuilder) -> Result<Self> {
       let v = match self {
           Some(v) => Some(ManuallyDrop::into_inner(v.to_shmem(builder)?)),
           None => None,
       };

       Ok(ManuallyDrop::new(v))
   }
}

#[cfg(feature = "smallvec")]
impl<T: ToShmem, A: smallvec::Array<Item = T>> ToShmem for smallvec::SmallVec<A> {
   fn to_shmem(&self, builder: &mut SharedMemoryBuilder) -> Result<Self> {
       let dest_vec = unsafe {
           if self.spilled() {
               // Place the items in a separate allocation in the shared memory
               // buffer.
               let dest = to_shmem_slice(self.iter(), builder)? as *mut T;
               Self::from_raw_parts(dest, self.len(), self.len())
           } else {
               // Place the items inline.
               let mut s = Self::new();
               to_shmem_slice_ptr(self.iter(), s.as_mut_ptr(), builder)?;
               s.set_len(self.len());
               s
           }
       };

       Ok(ManuallyDrop::new(dest_vec))
   }
}

#[cfg(feature = "servo_arc")]
impl<A: 'static, B: 'static> ToShmem for servo_arc::ArcUnion<A, B>
where
   servo_arc::Arc<A>: ToShmem,
   servo_arc::Arc<B>: ToShmem,
{
   fn to_shmem(&self, builder: &mut SharedMemoryBuilder) -> Result<Self> {
       use servo_arc::ArcUnionBorrow;

       Ok(ManuallyDrop::new(match self.borrow() {
           ArcUnionBorrow::First(first) => Self::from_first(ManuallyDrop::into_inner(
               first.with_arc(|a| a.to_shmem(builder))?,
           )),
           ArcUnionBorrow::Second(second) => Self::from_second(ManuallyDrop::into_inner(
               second.with_arc(|a| a.to_shmem(builder))?,
           )),
       }))
   }
}
#[cfg(feature = "servo_arc")]
impl<T: ToShmem> ToShmem for servo_arc::Arc<T> {
   fn to_shmem(&self, builder: &mut SharedMemoryBuilder) -> Result<Self> {
       // Assert that we don't encounter any shared references to values we
       // don't expect.
       #[cfg(debug_assertions)]
       assert!(
           !builder.shared_values.contains(&self.heap_ptr()),
           "ToShmem failed for Arc<{}>: encountered a value with multiple \
           references.",
           std::any::type_name::<T>()
       );

       // Make a clone of the Arc-owned value with all of its heap allocations
       // placed in the shared memory buffer.
       let value = (**self).to_shmem(builder)?;

       // Create a new Arc with the shared value and have it place its
       // ArcInner in the shared memory buffer.
       unsafe {
           let static_arc = Self::new_static(
               |layout| builder.alloc(layout),
               ManuallyDrop::into_inner(value),
           );

           #[cfg(debug_assertions)]
           builder.shared_values.insert(self.heap_ptr());

           Ok(ManuallyDrop::new(static_arc))
       }
   }
}
#[cfg(feature = "servo_arc")]
impl<H: ToShmem, T: ToShmem> ToShmem for servo_arc::Arc<servo_arc::HeaderSlice<H, T>> {
   fn to_shmem(&self, builder: &mut SharedMemoryBuilder) -> Result<Self> {
       // We don't currently have any shared ThinArc values in stylesheets,
       // so don't support them for now.
       #[cfg(debug_assertions)]
       assert!(
           !builder.shared_values.contains(&self.heap_ptr()),
           "ToShmem failed for ThinArc<T>: encountered a value with multiple references, which \
            is not currently supported",
       );

       // Make a clone of the Arc-owned header and slice values with all of
       // their heap allocations placed in the shared memory buffer.
       let header = self.header.to_shmem(builder)?;
       let mut values = Vec::with_capacity(self.len());
       for v in self.slice().iter() {
           values.push(v.to_shmem(builder)?);
       }

       // Create a new ThinArc with the shared value and have it place
       // its ArcInner in the shared memory buffer.
       let len = values.len();
       let static_arc = Self::from_header_and_iter_alloc(
           |layout| builder.alloc(layout),
           ManuallyDrop::into_inner(header),
           values.into_iter().map(ManuallyDrop::into_inner),
           len,
           /* is_static = */ true,
       );

       #[cfg(debug_assertions)]
       builder.shared_values.insert(self.heap_ptr());

       Ok(ManuallyDrop::new(static_arc))
   }
}

#[cfg(feature = "thin-vec")]
impl<T: ToShmem> ToShmem for thin_vec::ThinVec<T> {
   fn to_shmem(&self, builder: &mut SharedMemoryBuilder) -> Result<Self> {
       assert_eq!(mem::size_of::<Self>(), mem::size_of::<*const ()>());

       // NOTE: We need to do the work of allocating the header in shared memory even if the
       // length is zero, because an empty ThinVec, even though it doesn't allocate, references
       // static memory which will not be mapped to other processes, see bug 1841011.
       let len = self.len();

       // nsTArrayHeader size.
       // FIXME: Would be nice not to hard-code this, but in practice thin-vec crate also relies
       // on this.
       let header_size = 2 * mem::size_of::<u32>();
       let header_align = mem::size_of::<u32>();

       let item_size = mem::size_of::<T>();
       let item_align = mem::align_of::<T>();

       // We don't need to support underalignment for now, this could be supported if needed.
       assert!(item_align >= header_align);

       // This is explicitly unsupported by ThinVec, see:
       // https://searchfox.org/mozilla-central/rev/ad732108b073742d7324f998c085f459674a6846/third_party/rust/thin-vec/src/lib.rs#375-386
       assert!(item_align <= header_size);
       let header_padding = 0;

       let layout = Layout::from_size_align(
           header_size + header_padding + padded_size(item_size, item_align) * len,
           item_align,
       )
       .unwrap();

       let shmem_header_ptr = builder.alloc::<u8>(layout);
       let shmem_data_ptr = unsafe { shmem_header_ptr.add(header_size + header_padding) };

       let data_ptr = self.as_ptr() as *const T as *const u8;
       let header_ptr = unsafe { data_ptr.sub(header_size + header_padding) };

       unsafe {
           // Copy the header. Note this might copy a wrong capacity, but it doesn't matter,
           // because shared memory ptrs are immutable anyways, and we can't relocate.
           ptr::copy(header_ptr, shmem_header_ptr, header_size);
           // ToShmem + copy the contents into the shared buffer.
           to_shmem_slice_ptr(self.iter(), shmem_data_ptr as *mut T, builder)?;
           // Return the new ThinVec, which is just a pointer to the shared memory buffer.
           let shmem_thinvec: Self = mem::transmute(shmem_header_ptr);

           // Sanity-check that the ptr and length match.
           debug_assert_eq!(shmem_thinvec.as_ptr(), shmem_data_ptr as *const T);
           debug_assert_eq!(shmem_thinvec.len(), len);

           Ok(ManuallyDrop::new(shmem_thinvec))
       }
   }
}

#[cfg(feature = "smallbitvec")]
impl ToShmem for smallbitvec::SmallBitVec {
   fn to_shmem(&self, builder: &mut SharedMemoryBuilder) -> Result<Self> {
       use smallbitvec::InternalStorage;

       let storage = match self.clone().into_storage() {
           InternalStorage::Spilled(vs) => {
               // Reserve space for the boxed slice values.
               let len = vs.len();
               let dest: *mut usize = builder.alloc_array(len);

               unsafe {
                   // Copy the value into the buffer.
                   let src = vs.as_ptr() as *const usize;
                   ptr::copy(src, dest, len);

                   let dest_slice =
                       Box::from_raw(slice::from_raw_parts_mut(dest, len) as *mut [usize]);
                   InternalStorage::Spilled(dest_slice)
               }
           },
           InternalStorage::Inline(x) => InternalStorage::Inline(x),
       };
       Ok(ManuallyDrop::new(unsafe { Self::from_storage(storage) }))
   }
}

#[cfg(feature = "string_cache")]
impl<Static: string_cache::StaticAtomSet> ToShmem for string_cache::Atom<Static> {
   fn to_shmem(&self, _: &mut SharedMemoryBuilder) -> Result<Self> {
       // NOTE(emilio): In practice, this can be implemented trivially if
       // string_cache could expose the implementation detail of static atoms
       // being an index into the static table (and panicking in the
       // non-static, non-inline cases).
       unimplemented!(
           "If servo wants to share stylesheets across processes, \
            then ToShmem for Atom needs to be implemented"
       )
   }
}

#[cfg(feature = "cssparser")]
impl_trivial_to_shmem!(
   cssparser::SourceLocation,
   cssparser::SourcePosition,
   cssparser::TokenSerializationType
);
#[cfg(feature = "cssparser")]
impl ToShmem for cssparser::UnicodeRange {
   fn to_shmem(&self, _builder: &mut SharedMemoryBuilder) -> Result<Self> {
       Ok(ManuallyDrop::new(Self {
           start: self.start,
           end: self.end,
       }))
   }
}