mirror of
https://github.com/mozilla/gecko-dev.git
synced 2024-11-26 22:32:46 +00:00
265e672179
# ignore-this-changeset --HG-- extra : amend_source : 4d301d3b0b8711c4692392aa76088ba7fd7d1022
51 lines
2.2 KiB
C++
51 lines
2.2 KiB
C++
/* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
|
|
/* vim: set ts=8 sts=2 et sw=2 tw=80: */
|
|
/* This Source Code Form is subject to the terms of the Mozilla Public
|
|
* License, v. 2.0. If a copy of the MPL was not distributed with this
|
|
* file, You can obtain one at http://mozilla.org/MPL/2.0/. */
|
|
|
|
/* A version of |operator new| that eschews mandatory null-checks. */
|
|
|
|
#ifndef mozilla_OperatorNewExtensions_h
|
|
#define mozilla_OperatorNewExtensions_h
|
|
|
|
#include "mozilla/Assertions.h"
|
|
|
|
// Credit goes to WebKit for this implementation, cf.
|
|
// https://bugs.webkit.org/show_bug.cgi?id=74676
|
|
namespace mozilla {
|
|
enum NotNullTag {
|
|
KnownNotNull,
|
|
};
|
|
} // namespace mozilla
|
|
|
|
/*
|
|
* The logic here is a little subtle. [expr.new] states that if the allocation
|
|
* function being called returns null, then object initialization must not be
|
|
* done, and the entirety of the new expression must return null. Non-throwing
|
|
* (noexcept) functions are defined to return null to indicate failure. The
|
|
* standard placement operator new is defined in such a way, and so it requires
|
|
* a null check, even when that null check would be extraneous. Functions
|
|
* declared without such a specification are defined to throw std::bad_alloc if
|
|
* they fail, and return a non-null pointer otherwise. We compile without
|
|
* exceptions, so any placement new overload we define that doesn't declare
|
|
* itself as noexcept must therefore avoid generating a null check. Below is
|
|
* just such an overload.
|
|
*
|
|
* You might think that MOZ_NONNULL might perform the same function, but
|
|
* MOZ_NONNULL isn't supported on all of our compilers, and even when it is
|
|
* supported, doesn't work on all the versions we support. And even keeping
|
|
* those limitations in mind, we can't put MOZ_NONNULL on the global,
|
|
* standardized placement new function in any event.
|
|
*
|
|
* We deliberately don't add MOZ_NONNULL(3) to tag |p| as non-null, to benefit
|
|
* hypothetical static analyzers. Doing so makes |MOZ_ASSERT(p)|'s internal
|
|
* test vacuous, and some compilers warn about such vacuous tests.
|
|
*/
|
|
inline void* operator new(size_t, mozilla::NotNullTag, void* p) {
|
|
MOZ_ASSERT(p);
|
|
return p;
|
|
}
|
|
|
|
#endif // mozilla_OperatorNewExtensions_h
|