2013-11-11 11:37:55 +04:00
|
|
|
# vim: set ts=8 sts=4 et sw=4 tw=79:
|
|
|
|
# This Source Code Form is subject to the terms of the Mozilla Public
|
|
|
|
# License, v. 2.0. If a copy of the MPL was not distributed with this
|
|
|
|
# file, You can obtain one at http://mozilla.org/MPL/2.0/.
|
|
|
|
|
2018-05-22 16:22:46 +03:00
|
|
|
# ----------------------------------------------------------------------------
|
2013-11-11 11:37:55 +04:00
|
|
|
# All heap allocations in SpiderMonkey must go through js_malloc, js_calloc,
|
|
|
|
# js_realloc, and js_free. This is so that any embedder who uses a custom
|
|
|
|
# allocator (by defining JS_USE_CUSTOM_ALLOCATOR) will see all heap allocation
|
|
|
|
# go through that custom allocator.
|
|
|
|
#
|
|
|
|
# Therefore, the presence of any calls to "vanilla" allocation/free functions
|
2019-09-10 19:22:33 +03:00
|
|
|
# from within SpiderMonkey itself (e.g. malloc(), free()) is a bug. Calls from
|
|
|
|
# within mozglue and non-SpiderMonkey locations are fine; there is a list of
|
|
|
|
# exceptions that can be added to as the need arises.
|
2013-11-11 11:37:55 +04:00
|
|
|
#
|
|
|
|
# This script checks for the presence of such disallowed vanilla
|
|
|
|
# allocation/free function in SpiderMonkey when it's built as a library. It
|
|
|
|
# relies on |nm| from the GNU binutils, and so only works on Linux, but one
|
|
|
|
# platform is good enough to catch almost all violations.
|
|
|
|
#
|
|
|
|
# This checking is only 100% reliable in a JS_USE_CUSTOM_ALLOCATOR build in
|
|
|
|
# which the default definitions of js_malloc et al (in Utility.h) -- which call
|
|
|
|
# malloc et al -- are replaced with empty definitions. This is because the
|
|
|
|
# presence and possible inlining of the default js_malloc et al can cause
|
|
|
|
# malloc/calloc/realloc/free calls show up in unpredictable places.
|
|
|
|
#
|
|
|
|
# Unfortunately, that configuration cannot be tested on Mozilla's standard
|
|
|
|
# testing infrastructure. Instead, by default this script only tests that none
|
|
|
|
# of the other vanilla allocation/free functions (operator new, memalign, etc)
|
|
|
|
# are present. If given the --aggressive flag, it will also check for
|
|
|
|
# malloc/calloc/realloc/free.
|
|
|
|
#
|
|
|
|
# Note: We don't check for |operator delete| and |operator delete[]|. These
|
|
|
|
# can be present somehow due to virtual destructors, but this is not too
|
|
|
|
# because vanilla delete/delete[] calls don't make sense without corresponding
|
|
|
|
# vanilla new/new[] calls, and any explicit calls will be caught by Valgrind's
|
|
|
|
# mismatched alloc/free checking.
|
2018-05-22 16:22:46 +03:00
|
|
|
# ----------------------------------------------------------------------------
|
2013-11-11 11:37:55 +04:00
|
|
|
|
2020-05-05 23:32:12 +03:00
|
|
|
from __future__ import absolute_import, print_function, unicode_literals
|
2013-11-11 11:37:55 +04:00
|
|
|
|
|
|
|
import argparse
|
|
|
|
import re
|
|
|
|
import subprocess
|
|
|
|
import sys
|
2018-04-27 18:25:35 +03:00
|
|
|
import buildconfig
|
2013-11-11 11:37:55 +04:00
|
|
|
|
|
|
|
# The obvious way to implement this script is to search for occurrences of
|
|
|
|
# malloc et al, succeed if none are found, and fail is some are found.
|
|
|
|
# However, "none are found" does not necessarily mean "none are present" --
|
|
|
|
# this script could be buggy. (Or the output format of |nm| might change in
|
|
|
|
# the future.)
|
|
|
|
#
|
2019-11-08 16:24:15 +03:00
|
|
|
# So util/Utility.cpp deliberately contains a (never-called) function that
|
|
|
|
# contains a single use of all the vanilla allocation/free functions. And this
|
|
|
|
# script fails if it (a) finds uses of those functions in files other than
|
|
|
|
# util/Utility.cpp, *or* (b) fails to find them in util/Utility.cpp.
|
2013-11-11 11:37:55 +04:00
|
|
|
|
|
|
|
# Tracks overall success of the test.
|
|
|
|
has_failed = False
|
|
|
|
|
|
|
|
|
|
|
|
def fail(msg):
|
|
|
|
print("TEST-UNEXPECTED-FAIL | check_vanilla_allocations.py |", msg)
|
|
|
|
global has_failed
|
|
|
|
has_failed = True
|
|
|
|
|
|
|
|
|
|
|
|
def main():
|
|
|
|
parser = argparse.ArgumentParser()
|
|
|
|
parser.add_argument(
|
|
|
|
"--aggressive",
|
|
|
|
action="store_true",
|
|
|
|
help="also check for malloc, calloc, realloc and free",
|
|
|
|
)
|
|
|
|
parser.add_argument("file", type=str, help="name of the file to check")
|
|
|
|
args = parser.parse_args()
|
|
|
|
|
|
|
|
# Run |nm|. Options:
|
|
|
|
# -u: show only undefined symbols
|
|
|
|
# -C: demangle symbol names
|
2015-09-16 18:13:00 +03:00
|
|
|
# -A: show an object filename for each undefined symbol
|
2018-04-27 18:25:35 +03:00
|
|
|
nm = buildconfig.substs.get("NM") or "nm"
|
|
|
|
cmd = [nm, "-u", "-C", "-A", args.file]
|
2013-11-11 11:37:55 +04:00
|
|
|
lines = subprocess.check_output(
|
|
|
|
cmd, universal_newlines=True, stderr=subprocess.PIPE
|
|
|
|
).split("\n")
|
|
|
|
|
|
|
|
# alloc_fns contains all the vanilla allocation/free functions that we look
|
|
|
|
# for. Regexp chars are escaped appropriately.
|
|
|
|
|
|
|
|
alloc_fns = [
|
|
|
|
# Matches |operator new(unsigned T)|, where |T| is |int| or |long|.
|
|
|
|
r"operator new\(unsigned",
|
|
|
|
# Matches |operator new[](unsigned T)|, where |T| is |int| or |long|.
|
|
|
|
r"operator new\[\]\(unsigned",
|
|
|
|
r"memalign",
|
2014-12-17 04:34:56 +03:00
|
|
|
# These three aren't available on all Linux configurations.
|
2018-05-22 01:01:01 +03:00
|
|
|
# r'posix_memalign',
|
|
|
|
# r'aligned_alloc',
|
|
|
|
# r'valloc',
|
2013-11-11 11:37:55 +04:00
|
|
|
]
|
|
|
|
|
|
|
|
if args.aggressive:
|
|
|
|
alloc_fns += [r"malloc", r"calloc", r"realloc", r"free", r"strdup"]
|
|
|
|
|
|
|
|
# This is like alloc_fns, but regexp chars are not escaped.
|
2020-05-05 23:32:12 +03:00
|
|
|
alloc_fns_unescaped = [fn.replace("\\", "") for fn in alloc_fns]
|
2013-11-11 11:37:55 +04:00
|
|
|
|
|
|
|
# This regexp matches the relevant lines in the output of |nm|, which look
|
|
|
|
# like the following.
|
|
|
|
#
|
2019-11-08 16:24:15 +03:00
|
|
|
# js/src/libjs_static.a:Utility.o: U malloc
|
2013-11-11 11:37:55 +04:00
|
|
|
#
|
2015-09-16 18:13:00 +03:00
|
|
|
alloc_fns_re = r"([^:/ ]+):\s+U (" + r"|".join(alloc_fns) + r")"
|
2013-11-11 11:37:55 +04:00
|
|
|
|
2019-11-08 16:24:15 +03:00
|
|
|
# This tracks which allocation/free functions have been seen in
|
|
|
|
# util/Utility.cpp.
|
|
|
|
util_Utility_cpp = set([])
|
2013-11-11 11:37:55 +04:00
|
|
|
|
2015-09-16 18:13:00 +03:00
|
|
|
# Would it be helpful to emit detailed line number information after a failure?
|
|
|
|
emit_line_info = False
|
|
|
|
|
2013-11-11 11:37:55 +04:00
|
|
|
for line in lines:
|
|
|
|
m = re.search(alloc_fns_re, line)
|
|
|
|
if m is None:
|
|
|
|
continue
|
|
|
|
|
2015-09-16 18:13:00 +03:00
|
|
|
filename = m.group(1)
|
2017-09-01 01:59:13 +03:00
|
|
|
|
2017-12-21 03:50:16 +03:00
|
|
|
# The stdc++compat library has an implicit call to operator new in
|
|
|
|
# thread::_M_start_thread.
|
|
|
|
if "stdc++compat" in filename:
|
|
|
|
continue
|
|
|
|
|
2017-09-22 02:57:23 +03:00
|
|
|
# The memory allocator code contains calls to memalign. These are ok, so
|
|
|
|
# we whitelist them.
|
|
|
|
if "_memory_" in filename:
|
2017-09-01 01:59:13 +03:00
|
|
|
continue
|
|
|
|
|
2018-01-22 23:23:47 +03:00
|
|
|
# Ignore the fuzzing code imported from m-c
|
|
|
|
if "Fuzzer" in filename:
|
|
|
|
continue
|
|
|
|
|
2018-03-18 18:58:44 +03:00
|
|
|
# Ignore the profiling pseudo-stack, since it needs to run even when
|
|
|
|
# SpiderMonkey's allocator isn't initialized.
|
|
|
|
if "ProfilingStack" in filename:
|
|
|
|
continue
|
|
|
|
|
2019-04-04 11:52:54 +03:00
|
|
|
# Ignore implicit call to operator new in std::condition_variable_any.
|
|
|
|
#
|
|
|
|
# From intl/icu/source/common/umutex.h:
|
|
|
|
# On Linux, the default constructor of std::condition_variable_any
|
|
|
|
# produces an in-line reference to global operator new(), [...].
|
|
|
|
if filename == "umutex.o":
|
|
|
|
continue
|
|
|
|
|
2019-09-10 19:22:33 +03:00
|
|
|
# Ignore allocations from decimal conversion functions inside mozglue.
|
|
|
|
if filename == "Decimal.o":
|
|
|
|
continue
|
|
|
|
|
2021-05-12 20:22:51 +03:00
|
|
|
# Ignore allocations from the m-c intl/components implementations.
|
|
|
|
if "intl_components" in filename:
|
|
|
|
continue
|
|
|
|
|
2015-09-16 18:13:00 +03:00
|
|
|
fn = m.group(2)
|
2019-11-08 16:24:15 +03:00
|
|
|
if filename == "Utility.o":
|
|
|
|
util_Utility_cpp.add(fn)
|
2013-11-11 11:37:55 +04:00
|
|
|
else:
|
|
|
|
# An allocation is present in a non-special file. Fail!
|
2015-09-16 18:13:00 +03:00
|
|
|
fail("'" + fn + "' present in " + filename)
|
|
|
|
# Try to give more precise information about the offending code.
|
|
|
|
emit_line_info = True
|
2013-11-11 11:37:55 +04:00
|
|
|
|
2019-11-08 16:24:15 +03:00
|
|
|
# Check that all functions we expect are used in util/Utility.cpp. (This
|
|
|
|
# will fail if the function-detection code breaks at any point.)
|
2013-11-11 11:37:55 +04:00
|
|
|
for fn in alloc_fns_unescaped:
|
2019-11-08 16:24:15 +03:00
|
|
|
if fn not in util_Utility_cpp:
|
|
|
|
fail("'" + fn + "' isn't used as expected in util/Utility.cpp")
|
2013-11-11 11:37:55 +04:00
|
|
|
else:
|
2019-11-08 16:24:15 +03:00
|
|
|
util_Utility_cpp.remove(fn)
|
2013-11-11 11:37:55 +04:00
|
|
|
|
|
|
|
# This should never happen, but check just in case.
|
2019-11-08 16:24:15 +03:00
|
|
|
if util_Utility_cpp:
|
|
|
|
fail(
|
|
|
|
"unexpected allocation fns used in util/Utility.cpp: "
|
|
|
|
+ ", ".join(util_Utility_cpp)
|
2020-10-26 21:34:53 +03:00
|
|
|
)
|
2013-11-11 11:37:55 +04:00
|
|
|
|
2015-09-16 18:13:00 +03:00
|
|
|
# If we found any improper references to allocation functions, try to use
|
|
|
|
# DWARF debug info to get more accurate line number information about the
|
|
|
|
# bad calls. This is a lot slower than 'nm -A', and it is not always
|
|
|
|
# precise when building with --enable-optimized.
|
|
|
|
if emit_line_info:
|
|
|
|
print("check_vanilla_allocations.py: Source lines with allocation calls:")
|
2019-11-08 16:24:15 +03:00
|
|
|
print(
|
|
|
|
"check_vanilla_allocations.py: Accurate in unoptimized builds; "
|
|
|
|
"util/Utility.cpp expected."
|
|
|
|
)
|
2015-09-16 18:13:00 +03:00
|
|
|
|
|
|
|
# Run |nm|. Options:
|
|
|
|
# -u: show only undefined symbols
|
|
|
|
# -C: demangle symbol names
|
|
|
|
# -l: show line number information for each undefined symbol
|
|
|
|
cmd = ["nm", "-u", "-C", "-l", args.file]
|
|
|
|
lines = subprocess.check_output(
|
|
|
|
cmd, universal_newlines=True, stderr=subprocess.PIPE
|
|
|
|
).split("\n")
|
|
|
|
|
|
|
|
# This regexp matches the relevant lines in the output of |nm -l|,
|
|
|
|
# which look like the following.
|
|
|
|
#
|
2019-11-08 16:24:15 +03:00
|
|
|
# U malloc util/Utility.cpp:117
|
2015-09-16 18:13:00 +03:00
|
|
|
#
|
|
|
|
alloc_lines_re = r"U ((" + r"|".join(alloc_fns) + r").*)\s+(\S+:\d+)$"
|
|
|
|
|
|
|
|
for line in lines:
|
|
|
|
m = re.search(alloc_lines_re, line)
|
|
|
|
if m:
|
2018-05-22 01:01:01 +03:00
|
|
|
print(
|
|
|
|
"check_vanilla_allocations.py:", m.group(1), "called at", m.group(3)
|
2020-10-26 21:34:53 +03:00
|
|
|
)
|
2015-09-16 18:13:00 +03:00
|
|
|
|
2013-11-11 11:37:55 +04:00
|
|
|
if has_failed:
|
|
|
|
sys.exit(1)
|
|
|
|
|
|
|
|
print("TEST-PASS | check_vanilla_allocations.py | ok")
|
|
|
|
sys.exit(0)
|
|
|
|
|
|
|
|
|
|
|
|
if __name__ == "__main__":
|
|
|
|
main()
|