| blob | f91f0ed12f6487593e9ea7fe52e499fb0316e2bd |
1 /* -*- Mode: C; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 4 -*-
2 *
3 * ***** BEGIN LICENSE BLOCK *****
4 * Version: MPL 1.1/GPL 2.0/LGPL 2.1
5 *
6 * The contents of this file are subject to the Mozilla Public License Version
7 * 1.1 (the "License"); you may not use this file except in compliance with
8 * the License. You may obtain a copy of the License at
9 * http://www.mozilla.org/MPL/
10 *
11 * Software distributed under the License is distributed on an "AS IS" basis,
12 * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
13 * for the specific language governing rights and limitations under the
14 * License.
15 *
16 * The Original Code is Mozilla Communicator client code, released
17 * March 31, 1998.
18 *
19 * The Initial Developer of the Original Code is
20 * Netscape Communications Corporation.
21 * Portions created by the Initial Developer are Copyright (C) 1998
22 * the Initial Developer. All Rights Reserved.
23 *
24 * Contributor(s):
25 *
26 * Alternatively, the contents of this file may be used under the terms of
27 * either of the GNU General Public License Version 2 or later (the "GPL"),
28 * or the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
29 * in which case the provisions of the GPL or the LGPL are applicable instead
30 * of those above. If you wish to allow use of your version of this file only
31 * under the terms of either the GPL or the LGPL, and not to allow others to
32 * use your version of this file under the terms of the MPL, indicate your
33 * decision by deleting the provisions above and replace them with the notice
34 * and other provisions required by the GPL or the LGPL. If you do not delete
35 * the provisions above, a recipient may use your version of this file under
36 * the terms of any one of the MPL, the GPL or the LGPL.
37 *
38 * ***** END LICENSE BLOCK ***** */
40 #ifdef JS_THREADSAFE
42 /*
43 * JS locking stubs.
44 */
46 #include <stdlib.h>
47 #include <string.h>
60 #define ReadWord(W) (W)
62 /* Implement NativeCompareAndSwap. */
64 #if defined(_WIN32) && defined(_M_IX86)
65 #pragma warning( disable : 4035 )
66 JS_BEGIN_EXTERN_C
69 JS_END_EXTERN_C
70 #pragma intrinsic(_InterlockedCompareExchange)
74 {
76 __asm {
77 sete al
78 }
79 }
83 {
85 }
87 #elif defined(XP_MACOSX) || defined(DARWIN)
89 #include <libkern/OSAtomic.h>
93 {
94 /* Details on these functions available in the manpage for atomic */
95 #if JS_BYTES_PER_WORD == 8 && JS_BYTES_PER_LONG != 8
97 #else
99 #endif
100 }
102 #elif defined(__GNUC__) && defined(__i386__)
104 /* Note: This fails on 386 cpus, cmpxchgl is a >= 486 instruction */
107 {
119 }
121 #elif defined(__GNUC__) && defined(__x86_64__)
124 {
136 }
138 #elif defined(SOLARIS) && defined(sparc) && defined(ULTRA_SPARC)
142 {
143 #if defined(__GNUC__)
153 1:"
161 #endif
162 }
164 #elif defined(AIX)
166 #include <sys/atomic_op.h>
170 {
172 }
174 #elif defined(USE_ARM_KUSER)
176 /* See https://bugzilla.mozilla.org/show_bug.cgi?id=429387 for a
177 * description of this ABI; this is a function provided at a fixed
178 * location by the kernel in the memory space of each process.
179 */
181 #define __kernel_cmpxchg (*(__kernel_cmpxchg_t *)0xffff0fc0)
187 {
191 /* Loop until a __kernel_cmpxchg succeeds. See bug 446169 */
196 }
198 #elif JS_HAS_NATIVE_COMPARE_AND_SWAP
200 #error "JS_HAS_NATIVE_COMPARE_AND_SWAP should be 0 if your platform lacks a compare-and-swap instruction."
204 #if JS_HAS_NATIVE_COMPARE_AND_SWAP
206 JSBool
208 {
210 }
212 #elif defined(NSPR_LOCK)
214 # ifdef __GNUC__
216 # endif
218 JSBool
220 {
230 }
236 #endif
238 #ifndef NSPR_LOCK
246 };
253 #define GLOBAL_LOCK_INDEX(id) (((uint32)(jsuword)(id)>>2) & global_locks_mask)
255 static void
263 static void
265 {
268 }
270 static void
272 {
275 }
279 void
281 {
282 #ifdef NSPR_LOCK
285 #else
287 #endif
288 }
290 void
292 {
293 #ifdef NSPR_LOCK
297 #else
300 #endif
301 }
303 #ifdef DEBUG_SCOPE_COUNT
305 #include <stdio.h>
312 JSDHashEntryStub stub;
318 static void
320 {
328 }
335 }
343 }
345 void
347 {
351 }
353 # define LOGIT(scope,op) logit(scope, op, __FILE__, __LINE__)
355 #else
361 /*
362 * Return true if scope's ownercx, or the ownercx of a single-threaded scope
363 * for which ownercx is waiting to become multi-threaded and shared, is cx.
364 * That condition implies deadlock in ClaimScope if cx's thread were to wait
365 * to share scope.
366 *
367 * (i) rt->gcLock held
368 */
369 static JSBool
371 {
379 }
382 }
384 /*
385 * Make title multi-threaded, i.e. share its ownership among contexts in rt
386 * using a "thin" or (if necessary due to contention) "fat" lock. Called only
387 * from ClaimTitle, immediately below, when we detect deadlock were we to wait
388 * for title's lock, because its ownercx is waiting on a title owned by the
389 * calling cx.
390 *
391 * (i) rt->gcLock held
392 */
393 static void
395 {
404 }
408 }
412 }
414 /*
415 * js_FinishSharingTitle is the tail part of ShareTitle, split out to become a
416 * subroutine of JS_EndRequest too. The bulk of the work here involves making
417 * mutable strings in the title's object's slots be immutable. We have to do
418 * this because such strings will soon be available to multiple threads, so
419 * their buffers can't be realloc'd any longer in js_ConcatStrings, and their
420 * members can't be modified by js_ConcatStrings, js_MinimizeDependentStrings,
421 * or js_UndependString.
422 *
423 * The last bit of work done by js_FinishSharingTitle nulls title->ownercx and
424 * updates rt->sharedTitles.
425 */
427 void
429 {
434 jsval v;
448 /*
449 * FIXME bug 363059: The following error recovery changes
450 * runtime execution semantics, arbitrarily and silently
451 * ignoring errors except out-of-memory, which should have been
452 * reported through JS_ReportOutOfMemory at this point.
453 */
455 }
456 }
457 }
461 }
463 /*
464 * Given a title with apparently non-null ownercx different from cx, try to
465 * set ownercx to cx, claiming exclusive (single-threaded) ownership of title.
466 * If we claim ownership, return true. Otherwise, we wait for ownercx to be
467 * set to null (indicating that title is multi-threaded); or if waiting would
468 * deadlock, we set ownercx to null ourselves via ShareTitle. In any case,
469 * once ownercx is null we return false.
470 */
471 static JSBool
473 {
476 jsrefcount saveDepth;
477 PRStatus stat;
483 /* Reload in case ownercx went away while we blocked on the lock. */
485 /*
486 * Avoid selflock if ownercx is dead, or is not running a request, or
487 * has the same thread as cx. Set title->ownercx to cx so that the
488 * matching JS_UNLOCK_SCOPE or JS_UNLOCK_OBJ macro call will take the
489 * fast path around the corresponding js_UnlockTitle or js_UnlockObj
490 * function call.
491 *
492 * If title->u.link is non-null, title has already been inserted on
493 * the rt->titleSharingTodo list, because another thread's context
494 * already wanted to lock title while ownercx was running a request.
495 * We can't claim any title whose u.link is non-null at this point,
496 * even if ownercx->requestDepth is 0 (see below where we suspend our
497 * request before waiting on rt->titleSharingDone).
498 */
508 }
510 /*
511 * Avoid deadlock if title's owner context is waiting on a title that
512 * we own, by revoking title's ownership. This approach to deadlock
513 * avoidance works because the engine never nests title locks.
514 *
515 * If cx could hold locks on ownercx->titleToShare, or if ownercx could
516 * hold locks on title, we would need to keep reentrancy counts for all
517 * such "flyweight" (ownercx != NULL) locks, so that control would
518 * unwind properly once these locks became "thin" or "fat". The engine
519 * promotes a title from exclusive to shared access only when locking,
520 * never when holding or unlocking.
521 *
522 * Avoid deadlock before any of this title/context cycle detection if
523 * cx is on the active GC's thread, because in that case, no requests
524 * will run until the GC completes. Any title wanted by the GC (from
525 * a finalizer) that can't be claimed must become shared.
526 */
532 }
534 /*
535 * Thanks to the non-zero NO_TITLE_SHARING_TODO link terminator, we
536 * can decide whether title is on rt->titleSharingTodo with a single
537 * non-null test, and avoid double-insertion bugs.
538 */
543 }
545 /*
546 * Inline JS_SuspendRequest before we wait on rt->titleSharingDone,
547 * saving and clearing cx->requestDepth so we don't deadlock if the
548 * GC needs to run on ownercx.
549 *
550 * Unlike JS_SuspendRequest and JS_EndRequest, we must take care not
551 * to decrement rt->requestCount if cx is active on the GC's thread,
552 * because the GC has already reduced rt->requestCount to exclude all
553 * such such contexts.
554 */
563 }
564 }
566 /*
567 * We know that some other thread's context owns title, which is now
568 * linked onto rt->titleSharingTodo, awaiting the end of that other
569 * thread's request. So it is safe to wait on rt->titleSharingDone.
570 */
575 /*
576 * Inline JS_ResumeRequest after waiting on rt->titleSharingDone,
577 * restoring cx->requestDepth. Same note as above for the inlined,
578 * specialized JS_SuspendRequest code: beware rt->gcThread.
579 */
585 }
587 }
589 /*
590 * Don't clear cx->titleToShare until after we're through waiting on
591 * all condition variables protected by rt->gcLock -- that includes
592 * rt->titleSharingDone *and* rt->gcDone (hidden in JS_AWAIT_GC_DONE,
593 * in the inlined JS_ResumeRequest code immediately above).
594 *
595 * Otherwise, the GC could easily deadlock with another thread that
596 * owns a title wanted by a finalizer. By keeping cx->titleToShare
597 * set till here, we ensure that such deadlocks are detected, which
598 * results in the finalized object's title being shared (it must, of
599 * course, have other, live objects sharing it).
600 */
602 }
606 }
608 /* Exported to js.c, which calls it via OBJ_GET_* and JSVAL_IS_* macros. */
611 {
612 jsval v;
615 #ifndef NSPR_LOCK
617 jsword me;
618 #endif
620 /*
621 * We handle non-native objects via JSObjectOps.getRequiredSlot, treating
622 * all slots starting from 0 as required slots. A property definition or
623 * some prior arrangement must have allocated slot.
624 *
625 * Note once again (see jspubtd.h, before JSGetRequiredSlotOp's typedef)
626 * the crucial distinction between a |required slot number| that's passed
627 * to the get/setRequiredSlot JSObjectOps, and a |reserved slot index|
628 * passed to the JS_Get/SetReservedSlot APIs.
629 */
633 /*
634 * Native object locking is inlined here to optimize the single-threaded
635 * and contention-free multi-threaded cases.
636 */
642 /*
643 * Avoid locking if called from the GC. Also avoid locking an object
644 * owning a sealed scope. If neither of those special cases applies, try
645 * to claim scope's flyweight lock from whatever context may have had it in
646 * an earlier request.
647 */
652 }
654 #ifndef NSPR_LOCK
659 /*
660 * Got the lock with one compare-and-swap. Even so, someone else may
661 * have mutated obj so it now has its own scope and lock, which would
662 * require either a restart from the top of this routine, or a thin
663 * lock release followed by fat lock acquisition.
664 */
668 /* Assert that scope locks never revert to flyweight. */
673 }
675 }
678 }
681 }
682 #endif
687 /*
688 * Test whether cx took ownership of obj's scope during js_LockObj.
689 *
690 * This does not mean that a given scope reverted to flyweight from "thin"
691 * or "fat" -- it does mean that obj's map pointer changed due to another
692 * thread setting a property, requiring obj to cease sharing a prototype
693 * object's scope (whose lock was not flyweight, else we wouldn't be here
694 * in the first place!).
695 */
700 }
702 void
704 {
707 #ifndef NSPR_LOCK
709 jsword me;
710 #endif
712 /* Any string stored in a thread-safe object must be immutable. */
715 /* FIXME bug 363059: See comments in js_FinishSharingScope. */
717 }
719 /*
720 * We handle non-native objects via JSObjectOps.setRequiredSlot, as above
721 * for the Get case.
722 */
726 }
728 /*
729 * Native object locking is inlined here to optimize the single-threaded
730 * and contention-free multi-threaded cases.
731 */
737 /*
738 * Avoid locking if called from the GC. Also avoid locking an object
739 * owning a sealed scope. If neither of those special cases applies, try
740 * to claim scope's flyweight lock from whatever context may have had it in
741 * an earlier request.
742 */
748 }
750 #ifndef NSPR_LOCK
758 /* Assert that scope locks never revert to flyweight. */
763 }
765 }
768 }
772 }
773 #endif
778 /*
779 * Same drill as above, in js_GetSlotThreadSafe.
780 */
784 }
786 #ifndef NSPR_LOCK
790 {
799 }
801 static void
803 {
807 }
811 {
821 }
823 }
825 static void
827 {
832 }
833 }
841 {
846 #ifdef DEBUG
849 #endif
851 }
861 }
863 static void
865 {
866 uint32 i;
870 /* Unlink m from fl_list_table[i].taken. */
875 /* Insert m in fl_list_table[i].free. */
879 }
883 JSBool
885 {
886 #ifndef NSPR_LOCK
887 uint32 i;
891 #ifdef DEBUG
896 #endif
909 }
910 }
915 }
922 }
924 void
926 {
927 #ifndef NSPR_LOCK
928 uint32 i;
938 }
945 }
949 }
951 }
953 #ifdef NSPR_LOCK
957 {
960 }
964 {
967 }
969 #else
971 /*
972 * Fast locking and unlocking is implemented by delaying the allocation of a
973 * system lock (fat lock) until contention. As long as a locking thread A
974 * runs uncontended, the lock is represented solely by storing A's identity in
975 * the object being locked.
976 *
977 * If another thread B tries to lock the object currently locked by A, B is
978 * enqueued into a fat lock structure (which might have to be allocated and
979 * pointed to by the object), and suspended using NSPR conditional variables
980 * (wait). A wait bit (Bacon bit) is set in the lock word of the object,
981 * signalling to A that when releasing the lock, B must be dequeued and
982 * notified.
983 *
984 * The basic operation of the locking primitives (js_Lock, js_Unlock,
985 * js_Enqueue, and js_Dequeue) is compare-and-swap. Hence, when locking into
986 * the word pointed at by p, compare-and-swap(p, 0, A) success implies that p
987 * is unlocked. Similarly, when unlocking p, if compare-and-swap(p, A, 0)
988 * succeeds this implies that p is uncontended (no one is waiting because the
989 * wait bit is not set).
990 *
991 * When dequeueing, the lock is released, and one of the threads suspended on
992 * the lock is notified. If other threads still are waiting, the wait bit is
993 * kept (in js_Enqueue), and if not, the fat lock is deallocated.
994 *
995 * The functions js_Enqueue, js_Dequeue, js_SuspendThread, and js_ResumeThread
996 * are serialized using a global lock. For scalability, a hashtable of global
997 * locks is used, which is indexed modulo the thin lock pointer.
998 */
1000 /*
1001 * Invariants:
1002 * (i) global lock is held
1003 * (ii) fl->susp >= 0
1004 */
1005 static int
1007 {
1009 PRStatus stat;
1013 else
1027 }
1029 }
1031 /*
1032 * (i) global lock is held
1033 * (ii) fl->susp > 0
1034 */
1035 static void
1037 {
1039 PRStatus stat;
1048 }
1050 static void
1052 {
1062 else
1064 }
1068 }
1069 }
1070 }
1072 static void
1074 {
1075 jsword o;
1084 }
1088 {
1094 #ifdef DEBUG
1095 else
1097 #endif
1098 }
1102 {
1105 /*
1106 * Since we can race with the NativeCompareAndSwap in js_Enqueue, we need
1107 * to use a C_A_S here as well -- Arjan van de Ven 30/1/08
1108 */
1115 #ifdef DEBUG
1116 else
1118 #endif
1119 }
1123 void
1125 {
1127 }
1129 void
1131 {
1133 }
1135 void
1137 {
1139 #ifdef DEBUG
1141 #endif
1142 }
1144 void
1146 {
1147 #ifdef DEBUG
1149 #endif
1151 }
1153 void
1155 {
1174 }
1175 }
1177 void
1179 {
1182 /* We hope compilers use me instead of reloading cx->thread in the macro. */
1188 }
1190 /*
1191 * If title->ownercx is not null, it's likely that two contexts not using
1192 * requests nested locks for title. The first context, cx here, claimed
1193 * title; the second, title->ownercx here, re-claimed it because the first
1194 * was not in a request, or was on the same thread. We don't want to keep
1195 * track of such nesting, because it penalizes the common non-nested case.
1196 * Instead of asserting here and silently coping, we simply re-claim title
1197 * for cx and return.
1198 *
1199 * See http://bugzilla.mozilla.org/show_bug.cgi?id=229200 for a real world
1200 * case where an asymmetric thread model (Mozilla's main thread is known
1201 * to be the only thread that runs the GC) combined with multiple contexts
1202 * per thread has led to such request-less nesting.
1203 */
1209 }
1215 }
1219 }
1221 /*
1222 * NB: oldtitle may be null if our caller is js_GetMutableScope and it just
1223 * dropped the last reference to oldtitle.
1224 */
1225 void
1227 {
1230 /*
1231 * If the last reference to oldtitle went away, newtitle needs no lock
1232 * state update.
1233 */
1238 /*
1239 * Special case in js_LockTitle and js_UnlockTitle for the GC calling
1240 * code that locks, unlocks, or mutates. Nothing to do in these cases,
1241 * because title and newtitle were "locked" by the GC thread, so neither
1242 * was actually locked.
1243 */
1247 /*
1248 * Special case in js_LockObj and js_UnlockTitle for locking the sealed
1249 * scope of an object that owns that scope (the prototype or mutated obj
1250 * for which OBJ_SCOPE(obj)->object == obj), and unlocking it.
1251 */
1258 }
1260 /*
1261 * If oldtitle is single-threaded, there's nothing to do.
1262 */
1268 }
1270 /*
1271 * We transfer oldtitle->u.count only if newtitle is not single-threaded.
1272 * Flow unwinds from here through some number of JS_UNLOCK_TITLE and/or
1273 * JS_UNLOCK_OBJ macro calls, which will decrement newtitle->u.count only
1274 * if they find newtitle->ownercx != cx.
1275 */
1279 }
1281 /*
1282 * Reset oldtitle's lock state so that it is completely unlocked.
1283 */
1287 }
1289 void
1291 {
1297 /*
1298 * We must test whether the GC is calling and return without mutating any
1299 * state, especially cx->lockedSealedScope. Note asymmetry with respect to
1300 * js_UnlockObj, which is a thin-layer on top of js_UnlockTitle.
1301 */
1312 }
1316 /* If obj still has this scope, we're done. */
1320 /* Lost a race with a mutator; retry with obj's new scope. */
1322 }
1323 }
1325 void
1327 {
1330 }
1332 void
1334 {
1335 #ifdef JS_THREADSAFE
1339 /*
1340 * Set u.link = NULL, not u.count = 0, in case the target architecture's
1341 * null pointer has a non-zero integer representation.
1342 */
1345 #ifdef JS_DEBUG_TITLE_LOCKS
1348 #endif
1349 #endif
1350 }
1352 void
1354 {
1355 #ifdef JS_THREADSAFE
1356 /* Title must be single-threaded at this point, so set ownercx. */
1360 #endif
1361 }
1363 #ifdef DEBUG
1365 JSBool
1367 {
1369 }
1371 JSBool
1373 {
1377 }
1379 JSBool
1381 {
1382 /* Special case: the GC locking any object's title, see js_LockTitle. */
1386 /* Special case: locked object owning a sealed scope, see js_LockObj. */
1390 /*
1391 * General case: the title is either exclusively owned (by cx), or it has
1392 * a thin or fat lock to cope with shared (concurrent) ownership.
1393 */
1397 }
1400 }
1402 #ifdef JS_DEBUG_TITLE_LOCKS
1403 void
1405 {
1413 }
1414 }