In order to use mozilla::Result with integral, pointer, or enum, without
consuming extra space or introducing extra instruction, reserve 0 as error value
in the underlying representation.
Differential Revision: https://phabricator.services.mozilla.com/D191537
In order to use mozilla::Result with integral, pointer, or enum, without
consuming extra space or introducing extra instruction, reserve 0 as error value
in the underlying representation.
Differential Revision: https://phabricator.services.mozilla.com/D191537
If someone tried to serialize a zero-size ByteBuf, it could add a
zero-length segment to the `BufferList` and cause an assertion failure
later when trying to send the message. This patch makes it a no-op (and
frees the supplied buffer, because the BufferList becomes its owner).
We previously asserted against adding zero-*capacity* segments (likely
also zero size, but possibly not) with WriteBytesZeroCopy, but only on
debug builds, and it was likely happening on release builds despite
that. That case is now allowed.
Also, error handling for `BufferList::WriteBytesZeroCopy` has been
improved. (This doesn't affect `Pickle` because it's using infallible
allocation, and no other instances of `BufferList` seem to use
`WriteBytesZeroCopy` at this time.)
Differential Revision: https://phabricator.services.mozilla.com/D192531
Without this, the necessary synchronization must be provided externally.
This fixes the memory order in the following case of changing producer thread:
- Thread A does SPSCQueue::Enqueue
- non-atomic write into the ring buffer, at memory location X
- mWriteIndex.load(relaxed)
- mWriteIndex.store(release)
- Producer thread is switched to B, no external memory order synchronization is
provided, but thread B is guaranteed to run after thread A has finished its
Enqueue task.
- Thread B does SPSCQueue::Enqueue
- mWriteIndex.load(relaxed)
- mWriteIndex.store(release)
- Thread C does SPSCQueue::Dequeue
- mWriteIndex.load(acquire)
- non-atomic read from the ring buffer, at memory location X
In this scenario, there is no memory synchronization between threads A and B,
and therefore the non-atomic read on C is a data race, and flagged as such by
TSAN.
A similar scenario can be applied to changing the consumer thread, if first A
enqueues, then B dequeues, then C dequeues. However, since Dequeue doesn't
necessarily (MoveOrCopy) do non-atomic writes to the ring buffer, and more
importantly, since Enqueue doesn't do non-atomic reads from the ring buffer,
this is less of a problem.
Differential Revision: https://phabricator.services.mozilla.com/D190084
Starting with Windows 11 22H2, Microsoft has made internal changes in
msctf.dll. The TF_Notify function, also known as CtfImmNotify from
imm32.dll, uses a new convention for its third argument. These changes
are incompatible with current versions of ZoneAlarm Anti-Keylogger,
resulting in crashes in our main process.
This patch converts messages forwarded by ZoneAlarm Anti-Keylogger to
the new convention. If we detect the product and an incompatible version
of msctf.dll, then we hook TF_Notify and detect any message using the
old convention, and convert it to the new convention.
Differential Revision: https://phabricator.services.mozilla.com/D189518
Arbitrary capability names weren't allowed until clang 11, and while we
could probably make things somehow work with earlier versions of clang,
it's not that interesting, as long as we keep the thread safety analysis
running with newer versions of clang on our CI (which we obviously do).
Differential Revision: https://phabricator.services.mozilla.com/D188791
* DefaultHasher<T*> used HashGeneric<size_t>
* nsPtrHashKey<T> used HashGeneric<T*>
* nsRefPtrHashKey<T> used NS_PTR_TO_UINT32 >> 2
Make sure to always use HashGeneric<T*> for these.
Remove unused / redundant hash keys.
Differential Revision: https://phabricator.services.mozilla.com/D186553
In bug 1839743, we made the build system prefer packed relative
relocations to elfhack when both the system libc and linker support
them. Unfortunately, while that covers most of the benefits from
elfhack, it doesn't cover bug 651892.
To cover it, we make every C++ executable contain its own copy of
the symbol, so that all relocations related to it become relative.
And because this is actually (slightly) beneficial on macos, and because
it's also an advantage to have our own abort called rather than the
system's, we apply the same to all platforms.
Differential Revision: https://phabricator.services.mozilla.com/D184068
In bug 1839743, we made the build system prefer packed relative
relocations to elfhack when both the system libc and linker support
them. Unfortunately, while that covers most of the benefits from
elfhack, it doesn't cover bug 651892.
To cover it, we make every C++ executable contain its own copy of
the symbol, so that all relocations related to it become relative.
And because this is actually (slightly) beneficial on macos, and because
it's also an advantage to have our own abort called rather than the
system's, we apply the same to all platforms.
Differential Revision: https://phabricator.services.mozilla.com/D184068
All event targets should be threadsafe and implemented in C++, and so should be
able to be used in `Sync` types in Rust code.
This also required annotating all interfaces deriving from `nsIEventTarget`, as
well as adding some associated constants to specific types to indicate to the
static assertion that they have threadsafe reference counts.
Differential Revision: https://phabricator.services.mozilla.com/D183592
All event targets should be threadsafe and implemented in C++, and so should be
able to be used in `Sync` types in Rust code.
This also required annotating all interfaces deriving from `nsIEventTarget`, as
well as adding some associated constants to specific types to indicate to the
static assertion that they have threadsafe reference counts.
Differential Revision: https://phabricator.services.mozilla.com/D183592
Replace the existing callers of `JS::NewArrayBufferWithContents` with the new
`UniquePtr` alternative.
Three callers to the old `JS::NewArrayBufferWithContents` function were left
unchanged:
- `mozilla::dom::FileReader::OnLoadEndArrayBuffer()` and
`mozilla::dom::ArrayBufferBuilder::TakeArrayBuffer()` both store the data
buffer as members and therefore have a more complicated lifetime.
- `JSStructuredCloneReader::readTransferMap()` because it's not clear if the
data can be free'ed when `ArrayBuffectObject` allocation fails.
Differential Revision: https://phabricator.services.mozilla.com/D182588
Replace the existing callers of `JS::NewArrayBufferWithContents` with the new
`UniquePtr` alternative.
Three callers to the old `JS::NewArrayBufferWithContents` function were left
unchanged:
- `mozilla::dom::FileReader::OnLoadEndArrayBuffer()` and
`mozilla::dom::ArrayBufferBuilder::TakeArrayBuffer()` both store the data
buffer as members and therefore have a more complicated lifetime.
- `JSStructuredCloneReader::readTransferMap()` because it's not clear if the
data can be free'ed when `ArrayBuffectObject` allocation fails.
Differential Revision: https://phabricator.services.mozilla.com/D182588
Replace the existing callers of `JS::NewArrayBufferWithContents` with the new
`UniquePtr` alternative.
Three callers to the old `JS::NewArrayBufferWithContents` function were left
unchanged:
- `mozilla::dom::FileReader::OnLoadEndArrayBuffer()` and
`mozilla::dom::ArrayBufferBuilder::TakeArrayBuffer()` both store the data
buffer as members and therefore have a more complicated lifetime.
- `JSStructuredCloneReader::readTransferMap()` because it's not clear if the
data can be free'ed when `ArrayBuffectObject` allocation fails.
Differential Revision: https://phabricator.services.mozilla.com/D182588
* Add validation for requested features and devices for
adapter.requestDevice().
* Promote webgl's AutoAssertCast to mfbt/Casting.h/LazyAssertedCast.
Differential Revision: https://phabricator.services.mozilla.com/D177110
* Add validation for requested features and devices for
adapter.requestDevice().
* Promote webgl's AutoAssertCast to mfbt/Casting.h/LazyAssertedCast.
Differential Revision: https://phabricator.services.mozilla.com/D177110
clang is warning that C++20 expects comparison operators to be commutative: `a == b` and `b == a` should resolve to the same comparison operator function. Warnings about the comparison of const and non-const objects can be fixed by making the comparison operator function const.
mfbt/tests/TestDoublyLinkedList.cpp:158:36 [-Wambiguous-reversed-operator] ISO C++20 considers use of overloaded operator '==' (with operand types 'SomeClass' and 'SomeClass') to be ambiguous despite there being a unique best viable function
mfbt/tests/TestDoublyLinkedList.cpp:159:38 [-Wambiguous-reversed-operator] ISO C++20 considers use of overloaded operator '==' (with operand types 'SomeClass' and 'SomeClass') to be ambiguous despite there being a unique best viable function
Depends on D179022
Differential Revision: https://phabricator.services.mozilla.com/D179023
In bug 1788004, we started hooking BCryptGenRandom on the machines where
calling it for the first time fails. This was useful to mitigate Rust
panics linked to RNG function failures in the Rust stdlib and
in the getrandom crate. Both now have proper fallbacks again, so we can
remove our hook.
Differential Revision: https://phabricator.services.mozilla.com/D174966