]> git.saurik.com Git - apple/objc4.git/blob - runtime/NSObject.mm
objc4-750.tar.gz
[apple/objc4.git] / runtime / NSObject.mm
1 /*
2 * Copyright (c) 2010-2012 Apple Inc. All rights reserved.
3 *
4 * @APPLE_LICENSE_HEADER_START@
5 *
6 * This file contains Original Code and/or Modifications of Original Code
7 * as defined in and that are subject to the Apple Public Source License
8 * Version 2.0 (the 'License'). You may not use this file except in
9 * compliance with the License. Please obtain a copy of the License at
10 * http://www.opensource.apple.com/apsl/ and read it before using this
11 * file.
12 *
13 * The Original Code and all software distributed under the License are
14 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
15 * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
16 * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
17 * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
18 * Please see the License for the specific language governing rights and
19 * limitations under the License.
20 *
21 * @APPLE_LICENSE_HEADER_END@
22 */
23
24 #include "objc-private.h"
25 #include "NSObject.h"
26
27 #include "objc-weak.h"
28 #include "llvm-DenseMap.h"
29 #include "NSObject.h"
30
31 #include <malloc/malloc.h>
32 #include <stdint.h>
33 #include <stdbool.h>
34 #include <mach/mach.h>
35 #include <mach-o/dyld.h>
36 #include <mach-o/nlist.h>
37 #include <sys/types.h>
38 #include <sys/mman.h>
39 #include <libkern/OSAtomic.h>
40 #include <Block.h>
41 #include <map>
42 #include <execinfo.h>
43
44 @interface NSInvocation
45 - (SEL)selector;
46 @end
47
48
49 /***********************************************************************
50 * Weak ivar support
51 **********************************************************************/
52
53 static id defaultBadAllocHandler(Class cls)
54 {
55 _objc_fatal("attempt to allocate object of class '%s' failed",
56 cls->nameForLogging());
57 }
58
59 static id(*badAllocHandler)(Class) = &defaultBadAllocHandler;
60
61 static id callBadAllocHandler(Class cls)
62 {
63 // fixme add re-entrancy protection in case allocation fails inside handler
64 return (*badAllocHandler)(cls);
65 }
66
67 void _objc_setBadAllocHandler(id(*newHandler)(Class))
68 {
69 badAllocHandler = newHandler;
70 }
71
72
73 namespace {
74
75 // The order of these bits is important.
76 #define SIDE_TABLE_WEAKLY_REFERENCED (1UL<<0)
77 #define SIDE_TABLE_DEALLOCATING (1UL<<1) // MSB-ward of weak bit
78 #define SIDE_TABLE_RC_ONE (1UL<<2) // MSB-ward of deallocating bit
79 #define SIDE_TABLE_RC_PINNED (1UL<<(WORD_BITS-1))
80
81 #define SIDE_TABLE_RC_SHIFT 2
82 #define SIDE_TABLE_FLAG_MASK (SIDE_TABLE_RC_ONE-1)
83
84 // RefcountMap disguises its pointers because we
85 // don't want the table to act as a root for `leaks`.
86 typedef objc::DenseMap<DisguisedPtr<objc_object>,size_t,true> RefcountMap;
87
88 // Template parameters.
89 enum HaveOld { DontHaveOld = false, DoHaveOld = true };
90 enum HaveNew { DontHaveNew = false, DoHaveNew = true };
91
92 struct SideTable {
93 spinlock_t slock;
94 RefcountMap refcnts;
95 weak_table_t weak_table;
96
97 SideTable() {
98 memset(&weak_table, 0, sizeof(weak_table));
99 }
100
101 ~SideTable() {
102 _objc_fatal("Do not delete SideTable.");
103 }
104
105 void lock() { slock.lock(); }
106 void unlock() { slock.unlock(); }
107 void forceReset() { slock.forceReset(); }
108
109 // Address-ordered lock discipline for a pair of side tables.
110
111 template<HaveOld, HaveNew>
112 static void lockTwo(SideTable *lock1, SideTable *lock2);
113 template<HaveOld, HaveNew>
114 static void unlockTwo(SideTable *lock1, SideTable *lock2);
115 };
116
117
118 template<>
119 void SideTable::lockTwo<DoHaveOld, DoHaveNew>
120 (SideTable *lock1, SideTable *lock2)
121 {
122 spinlock_t::lockTwo(&lock1->slock, &lock2->slock);
123 }
124
125 template<>
126 void SideTable::lockTwo<DoHaveOld, DontHaveNew>
127 (SideTable *lock1, SideTable *)
128 {
129 lock1->lock();
130 }
131
132 template<>
133 void SideTable::lockTwo<DontHaveOld, DoHaveNew>
134 (SideTable *, SideTable *lock2)
135 {
136 lock2->lock();
137 }
138
139 template<>
140 void SideTable::unlockTwo<DoHaveOld, DoHaveNew>
141 (SideTable *lock1, SideTable *lock2)
142 {
143 spinlock_t::unlockTwo(&lock1->slock, &lock2->slock);
144 }
145
146 template<>
147 void SideTable::unlockTwo<DoHaveOld, DontHaveNew>
148 (SideTable *lock1, SideTable *)
149 {
150 lock1->unlock();
151 }
152
153 template<>
154 void SideTable::unlockTwo<DontHaveOld, DoHaveNew>
155 (SideTable *, SideTable *lock2)
156 {
157 lock2->unlock();
158 }
159
160
161 // We cannot use a C++ static initializer to initialize SideTables because
162 // libc calls us before our C++ initializers run. We also don't want a global
163 // pointer to this struct because of the extra indirection.
164 // Do it the hard way.
165 alignas(StripedMap<SideTable>) static uint8_t
166 SideTableBuf[sizeof(StripedMap<SideTable>)];
167
168 static void SideTableInit() {
169 new (SideTableBuf) StripedMap<SideTable>();
170 }
171
172 static StripedMap<SideTable>& SideTables() {
173 return *reinterpret_cast<StripedMap<SideTable>*>(SideTableBuf);
174 }
175
176 // anonymous namespace
177 };
178
179 void SideTableLockAll() {
180 SideTables().lockAll();
181 }
182
183 void SideTableUnlockAll() {
184 SideTables().unlockAll();
185 }
186
187 void SideTableForceResetAll() {
188 SideTables().forceResetAll();
189 }
190
191 void SideTableDefineLockOrder() {
192 SideTables().defineLockOrder();
193 }
194
195 void SideTableLocksPrecedeLock(const void *newlock) {
196 SideTables().precedeLock(newlock);
197 }
198
199 void SideTableLocksSucceedLock(const void *oldlock) {
200 SideTables().succeedLock(oldlock);
201 }
202
203 void SideTableLocksPrecedeLocks(StripedMap<spinlock_t>& newlocks) {
204 int i = 0;
205 const void *newlock;
206 while ((newlock = newlocks.getLock(i++))) {
207 SideTables().precedeLock(newlock);
208 }
209 }
210
211 void SideTableLocksSucceedLocks(StripedMap<spinlock_t>& oldlocks) {
212 int i = 0;
213 const void *oldlock;
214 while ((oldlock = oldlocks.getLock(i++))) {
215 SideTables().succeedLock(oldlock);
216 }
217 }
218
219 //
220 // The -fobjc-arc flag causes the compiler to issue calls to objc_{retain/release/autorelease/retain_block}
221 //
222
223 id objc_retainBlock(id x) {
224 return (id)_Block_copy(x);
225 }
226
227 //
228 // The following SHOULD be called by the compiler directly, but the request hasn't been made yet :-)
229 //
230
231 BOOL objc_should_deallocate(id object) {
232 return YES;
233 }
234
235 id
236 objc_retain_autorelease(id obj)
237 {
238 return objc_autorelease(objc_retain(obj));
239 }
240
241
242 void
243 objc_storeStrong(id *location, id obj)
244 {
245 id prev = *location;
246 if (obj == prev) {
247 return;
248 }
249 objc_retain(obj);
250 *location = obj;
251 objc_release(prev);
252 }
253
254
255 // Update a weak variable.
256 // If HaveOld is true, the variable has an existing value
257 // that needs to be cleaned up. This value might be nil.
258 // If HaveNew is true, there is a new value that needs to be
259 // assigned into the variable. This value might be nil.
260 // If CrashIfDeallocating is true, the process is halted if newObj is
261 // deallocating or newObj's class does not support weak references.
262 // If CrashIfDeallocating is false, nil is stored instead.
263 enum CrashIfDeallocating {
264 DontCrashIfDeallocating = false, DoCrashIfDeallocating = true
265 };
266 template <HaveOld haveOld, HaveNew haveNew,
267 CrashIfDeallocating crashIfDeallocating>
268 static id
269 storeWeak(id *location, objc_object *newObj)
270 {
271 assert(haveOld || haveNew);
272 if (!haveNew) assert(newObj == nil);
273
274 Class previouslyInitializedClass = nil;
275 id oldObj;
276 SideTable *oldTable;
277 SideTable *newTable;
278
279 // Acquire locks for old and new values.
280 // Order by lock address to prevent lock ordering problems.
281 // Retry if the old value changes underneath us.
282 retry:
283 if (haveOld) {
284 oldObj = *location;
285 oldTable = &SideTables()[oldObj];
286 } else {
287 oldTable = nil;
288 }
289 if (haveNew) {
290 newTable = &SideTables()[newObj];
291 } else {
292 newTable = nil;
293 }
294
295 SideTable::lockTwo<haveOld, haveNew>(oldTable, newTable);
296
297 if (haveOld && *location != oldObj) {
298 SideTable::unlockTwo<haveOld, haveNew>(oldTable, newTable);
299 goto retry;
300 }
301
302 // Prevent a deadlock between the weak reference machinery
303 // and the +initialize machinery by ensuring that no
304 // weakly-referenced object has an un-+initialized isa.
305 if (haveNew && newObj) {
306 Class cls = newObj->getIsa();
307 if (cls != previouslyInitializedClass &&
308 !((objc_class *)cls)->isInitialized())
309 {
310 SideTable::unlockTwo<haveOld, haveNew>(oldTable, newTable);
311 _class_initialize(_class_getNonMetaClass(cls, (id)newObj));
312
313 // If this class is finished with +initialize then we're good.
314 // If this class is still running +initialize on this thread
315 // (i.e. +initialize called storeWeak on an instance of itself)
316 // then we may proceed but it will appear initializing and
317 // not yet initialized to the check above.
318 // Instead set previouslyInitializedClass to recognize it on retry.
319 previouslyInitializedClass = cls;
320
321 goto retry;
322 }
323 }
324
325 // Clean up old value, if any.
326 if (haveOld) {
327 weak_unregister_no_lock(&oldTable->weak_table, oldObj, location);
328 }
329
330 // Assign new value, if any.
331 if (haveNew) {
332 newObj = (objc_object *)
333 weak_register_no_lock(&newTable->weak_table, (id)newObj, location,
334 crashIfDeallocating);
335 // weak_register_no_lock returns nil if weak store should be rejected
336
337 // Set is-weakly-referenced bit in refcount table.
338 if (newObj && !newObj->isTaggedPointer()) {
339 newObj->setWeaklyReferenced_nolock();
340 }
341
342 // Do not set *location anywhere else. That would introduce a race.
343 *location = (id)newObj;
344 }
345 else {
346 // No new value. The storage is not changed.
347 }
348
349 SideTable::unlockTwo<haveOld, haveNew>(oldTable, newTable);
350
351 return (id)newObj;
352 }
353
354
355 /**
356 * This function stores a new value into a __weak variable. It would
357 * be used anywhere a __weak variable is the target of an assignment.
358 *
359 * @param location The address of the weak pointer itself
360 * @param newObj The new object this weak ptr should now point to
361 *
362 * @return \e newObj
363 */
364 id
365 objc_storeWeak(id *location, id newObj)
366 {
367 return storeWeak<DoHaveOld, DoHaveNew, DoCrashIfDeallocating>
368 (location, (objc_object *)newObj);
369 }
370
371
372 /**
373 * This function stores a new value into a __weak variable.
374 * If the new object is deallocating or the new object's class
375 * does not support weak references, stores nil instead.
376 *
377 * @param location The address of the weak pointer itself
378 * @param newObj The new object this weak ptr should now point to
379 *
380 * @return The value stored (either the new object or nil)
381 */
382 id
383 objc_storeWeakOrNil(id *location, id newObj)
384 {
385 return storeWeak<DoHaveOld, DoHaveNew, DontCrashIfDeallocating>
386 (location, (objc_object *)newObj);
387 }
388
389
390 /**
391 * Initialize a fresh weak pointer to some object location.
392 * It would be used for code like:
393 *
394 * (The nil case)
395 * __weak id weakPtr;
396 * (The non-nil case)
397 * NSObject *o = ...;
398 * __weak id weakPtr = o;
399 *
400 * This function IS NOT thread-safe with respect to concurrent
401 * modifications to the weak variable. (Concurrent weak clear is safe.)
402 *
403 * @param location Address of __weak ptr.
404 * @param newObj Object ptr.
405 */
406 id
407 objc_initWeak(id *location, id newObj)
408 {
409 if (!newObj) {
410 *location = nil;
411 return nil;
412 }
413
414 return storeWeak<DontHaveOld, DoHaveNew, DoCrashIfDeallocating>
415 (location, (objc_object*)newObj);
416 }
417
418 id
419 objc_initWeakOrNil(id *location, id newObj)
420 {
421 if (!newObj) {
422 *location = nil;
423 return nil;
424 }
425
426 return storeWeak<DontHaveOld, DoHaveNew, DontCrashIfDeallocating>
427 (location, (objc_object*)newObj);
428 }
429
430
431 /**
432 * Destroys the relationship between a weak pointer
433 * and the object it is referencing in the internal weak
434 * table. If the weak pointer is not referencing anything,
435 * there is no need to edit the weak table.
436 *
437 * This function IS NOT thread-safe with respect to concurrent
438 * modifications to the weak variable. (Concurrent weak clear is safe.)
439 *
440 * @param location The weak pointer address.
441 */
442 void
443 objc_destroyWeak(id *location)
444 {
445 (void)storeWeak<DoHaveOld, DontHaveNew, DontCrashIfDeallocating>
446 (location, nil);
447 }
448
449
450 /*
451 Once upon a time we eagerly cleared *location if we saw the object
452 was deallocating. This confuses code like NSPointerFunctions which
453 tries to pre-flight the raw storage and assumes if the storage is
454 zero then the weak system is done interfering. That is false: the
455 weak system is still going to check and clear the storage later.
456 This can cause objc_weak_error complaints and crashes.
457 So we now don't touch the storage until deallocation completes.
458 */
459
460 id
461 objc_loadWeakRetained(id *location)
462 {
463 id obj;
464 id result;
465 Class cls;
466
467 SideTable *table;
468
469 retry:
470 // fixme std::atomic this load
471 obj = *location;
472 if (!obj) return nil;
473 if (obj->isTaggedPointer()) return obj;
474
475 table = &SideTables()[obj];
476
477 table->lock();
478 if (*location != obj) {
479 table->unlock();
480 goto retry;
481 }
482
483 result = obj;
484
485 cls = obj->ISA();
486 if (! cls->hasCustomRR()) {
487 // Fast case. We know +initialize is complete because
488 // default-RR can never be set before then.
489 assert(cls->isInitialized());
490 if (! obj->rootTryRetain()) {
491 result = nil;
492 }
493 }
494 else {
495 // Slow case. We must check for +initialize and call it outside
496 // the lock if necessary in order to avoid deadlocks.
497 if (cls->isInitialized() || _thisThreadIsInitializingClass(cls)) {
498 BOOL (*tryRetain)(id, SEL) = (BOOL(*)(id, SEL))
499 class_getMethodImplementation(cls, SEL_retainWeakReference);
500 if ((IMP)tryRetain == _objc_msgForward) {
501 result = nil;
502 }
503 else if (! (*tryRetain)(obj, SEL_retainWeakReference)) {
504 result = nil;
505 }
506 }
507 else {
508 table->unlock();
509 _class_initialize(cls);
510 goto retry;
511 }
512 }
513
514 table->unlock();
515 return result;
516 }
517
518 /**
519 * This loads the object referenced by a weak pointer and returns it, after
520 * retaining and autoreleasing the object to ensure that it stays alive
521 * long enough for the caller to use it. This function would be used
522 * anywhere a __weak variable is used in an expression.
523 *
524 * @param location The weak pointer address
525 *
526 * @return The object pointed to by \e location, or \c nil if \e location is \c nil.
527 */
528 id
529 objc_loadWeak(id *location)
530 {
531 if (!*location) return nil;
532 return objc_autorelease(objc_loadWeakRetained(location));
533 }
534
535
536 /**
537 * This function copies a weak pointer from one location to another,
538 * when the destination doesn't already contain a weak pointer. It
539 * would be used for code like:
540 *
541 * __weak id src = ...;
542 * __weak id dst = src;
543 *
544 * This function IS NOT thread-safe with respect to concurrent
545 * modifications to the destination variable. (Concurrent weak clear is safe.)
546 *
547 * @param dst The destination variable.
548 * @param src The source variable.
549 */
550 void
551 objc_copyWeak(id *dst, id *src)
552 {
553 id obj = objc_loadWeakRetained(src);
554 objc_initWeak(dst, obj);
555 objc_release(obj);
556 }
557
558 /**
559 * Move a weak pointer from one location to another.
560 * Before the move, the destination must be uninitialized.
561 * After the move, the source is nil.
562 *
563 * This function IS NOT thread-safe with respect to concurrent
564 * modifications to either weak variable. (Concurrent weak clear is safe.)
565 *
566 */
567 void
568 objc_moveWeak(id *dst, id *src)
569 {
570 objc_copyWeak(dst, src);
571 objc_destroyWeak(src);
572 *src = nil;
573 }
574
575
576 /***********************************************************************
577 Autorelease pool implementation
578
579 A thread's autorelease pool is a stack of pointers.
580 Each pointer is either an object to release, or POOL_BOUNDARY which is
581 an autorelease pool boundary.
582 A pool token is a pointer to the POOL_BOUNDARY for that pool. When
583 the pool is popped, every object hotter than the sentinel is released.
584 The stack is divided into a doubly-linked list of pages. Pages are added
585 and deleted as necessary.
586 Thread-local storage points to the hot page, where newly autoreleased
587 objects are stored.
588 **********************************************************************/
589
590 // Set this to 1 to mprotect() autorelease pool contents
591 #define PROTECT_AUTORELEASEPOOL 0
592
593 // Set this to 1 to validate the entire autorelease pool header all the time
594 // (i.e. use check() instead of fastcheck() everywhere)
595 #define CHECK_AUTORELEASEPOOL (DEBUG)
596
597 BREAKPOINT_FUNCTION(void objc_autoreleaseNoPool(id obj));
598 BREAKPOINT_FUNCTION(void objc_autoreleasePoolInvalid(const void *token));
599
600 namespace {
601
602 struct magic_t {
603 static const uint32_t M0 = 0xA1A1A1A1;
604 # define M1 "AUTORELEASE!"
605 static const size_t M1_len = 12;
606 uint32_t m[4];
607
608 magic_t() {
609 assert(M1_len == strlen(M1));
610 assert(M1_len == 3 * sizeof(m[1]));
611
612 m[0] = M0;
613 strncpy((char *)&m[1], M1, M1_len);
614 }
615
616 ~magic_t() {
617 m[0] = m[1] = m[2] = m[3] = 0;
618 }
619
620 bool check() const {
621 return (m[0] == M0 && 0 == strncmp((char *)&m[1], M1, M1_len));
622 }
623
624 bool fastcheck() const {
625 #if CHECK_AUTORELEASEPOOL
626 return check();
627 #else
628 return (m[0] == M0);
629 #endif
630 }
631
632 # undef M1
633 };
634
635
636 class AutoreleasePoolPage
637 {
638 // EMPTY_POOL_PLACEHOLDER is stored in TLS when exactly one pool is
639 // pushed and it has never contained any objects. This saves memory
640 // when the top level (i.e. libdispatch) pushes and pops pools but
641 // never uses them.
642 # define EMPTY_POOL_PLACEHOLDER ((id*)1)
643
644 # define POOL_BOUNDARY nil
645 static pthread_key_t const key = AUTORELEASE_POOL_KEY;
646 static uint8_t const SCRIBBLE = 0xA3; // 0xA3A3A3A3 after releasing
647 static size_t const SIZE =
648 #if PROTECT_AUTORELEASEPOOL
649 PAGE_MAX_SIZE; // must be multiple of vm page size
650 #else
651 PAGE_MAX_SIZE; // size and alignment, power of 2
652 #endif
653 static size_t const COUNT = SIZE / sizeof(id);
654
655 magic_t const magic;
656 id *next;
657 pthread_t const thread;
658 AutoreleasePoolPage * const parent;
659 AutoreleasePoolPage *child;
660 uint32_t const depth;
661 uint32_t hiwat;
662
663 // SIZE-sizeof(*this) bytes of contents follow
664
665 static void * operator new(size_t size) {
666 return malloc_zone_memalign(malloc_default_zone(), SIZE, SIZE);
667 }
668 static void operator delete(void * p) {
669 return free(p);
670 }
671
672 inline void protect() {
673 #if PROTECT_AUTORELEASEPOOL
674 mprotect(this, SIZE, PROT_READ);
675 check();
676 #endif
677 }
678
679 inline void unprotect() {
680 #if PROTECT_AUTORELEASEPOOL
681 check();
682 mprotect(this, SIZE, PROT_READ | PROT_WRITE);
683 #endif
684 }
685
686 AutoreleasePoolPage(AutoreleasePoolPage *newParent)
687 : magic(), next(begin()), thread(pthread_self()),
688 parent(newParent), child(nil),
689 depth(parent ? 1+parent->depth : 0),
690 hiwat(parent ? parent->hiwat : 0)
691 {
692 if (parent) {
693 parent->check();
694 assert(!parent->child);
695 parent->unprotect();
696 parent->child = this;
697 parent->protect();
698 }
699 protect();
700 }
701
702 ~AutoreleasePoolPage()
703 {
704 check();
705 unprotect();
706 assert(empty());
707
708 // Not recursive: we don't want to blow out the stack
709 // if a thread accumulates a stupendous amount of garbage
710 assert(!child);
711 }
712
713
714 void busted(bool die = true)
715 {
716 magic_t right;
717 (die ? _objc_fatal : _objc_inform)
718 ("autorelease pool page %p corrupted\n"
719 " magic 0x%08x 0x%08x 0x%08x 0x%08x\n"
720 " should be 0x%08x 0x%08x 0x%08x 0x%08x\n"
721 " pthread %p\n"
722 " should be %p\n",
723 this,
724 magic.m[0], magic.m[1], magic.m[2], magic.m[3],
725 right.m[0], right.m[1], right.m[2], right.m[3],
726 this->thread, pthread_self());
727 }
728
729 void check(bool die = true)
730 {
731 if (!magic.check() || !pthread_equal(thread, pthread_self())) {
732 busted(die);
733 }
734 }
735
736 void fastcheck(bool die = true)
737 {
738 #if CHECK_AUTORELEASEPOOL
739 check(die);
740 #else
741 if (! magic.fastcheck()) {
742 busted(die);
743 }
744 #endif
745 }
746
747
748 id * begin() {
749 return (id *) ((uint8_t *)this+sizeof(*this));
750 }
751
752 id * end() {
753 return (id *) ((uint8_t *)this+SIZE);
754 }
755
756 bool empty() {
757 return next == begin();
758 }
759
760 bool full() {
761 return next == end();
762 }
763
764 bool lessThanHalfFull() {
765 return (next - begin() < (end() - begin()) / 2);
766 }
767
768 id *add(id obj)
769 {
770 assert(!full());
771 unprotect();
772 id *ret = next; // faster than `return next-1` because of aliasing
773 *next++ = obj;
774 protect();
775 return ret;
776 }
777
778 void releaseAll()
779 {
780 releaseUntil(begin());
781 }
782
783 void releaseUntil(id *stop)
784 {
785 // Not recursive: we don't want to blow out the stack
786 // if a thread accumulates a stupendous amount of garbage
787
788 while (this->next != stop) {
789 // Restart from hotPage() every time, in case -release
790 // autoreleased more objects
791 AutoreleasePoolPage *page = hotPage();
792
793 // fixme I think this `while` can be `if`, but I can't prove it
794 while (page->empty()) {
795 page = page->parent;
796 setHotPage(page);
797 }
798
799 page->unprotect();
800 id obj = *--page->next;
801 memset((void*)page->next, SCRIBBLE, sizeof(*page->next));
802 page->protect();
803
804 if (obj != POOL_BOUNDARY) {
805 objc_release(obj);
806 }
807 }
808
809 setHotPage(this);
810
811 #if DEBUG
812 // we expect any children to be completely empty
813 for (AutoreleasePoolPage *page = child; page; page = page->child) {
814 assert(page->empty());
815 }
816 #endif
817 }
818
819 void kill()
820 {
821 // Not recursive: we don't want to blow out the stack
822 // if a thread accumulates a stupendous amount of garbage
823 AutoreleasePoolPage *page = this;
824 while (page->child) page = page->child;
825
826 AutoreleasePoolPage *deathptr;
827 do {
828 deathptr = page;
829 page = page->parent;
830 if (page) {
831 page->unprotect();
832 page->child = nil;
833 page->protect();
834 }
835 delete deathptr;
836 } while (deathptr != this);
837 }
838
839 static void tls_dealloc(void *p)
840 {
841 if (p == (void*)EMPTY_POOL_PLACEHOLDER) {
842 // No objects or pool pages to clean up here.
843 return;
844 }
845
846 // reinstate TLS value while we work
847 setHotPage((AutoreleasePoolPage *)p);
848
849 if (AutoreleasePoolPage *page = coldPage()) {
850 if (!page->empty()) pop(page->begin()); // pop all of the pools
851 if (DebugMissingPools || DebugPoolAllocation) {
852 // pop() killed the pages already
853 } else {
854 page->kill(); // free all of the pages
855 }
856 }
857
858 // clear TLS value so TLS destruction doesn't loop
859 setHotPage(nil);
860 }
861
862 static AutoreleasePoolPage *pageForPointer(const void *p)
863 {
864 return pageForPointer((uintptr_t)p);
865 }
866
867 static AutoreleasePoolPage *pageForPointer(uintptr_t p)
868 {
869 AutoreleasePoolPage *result;
870 uintptr_t offset = p % SIZE;
871
872 assert(offset >= sizeof(AutoreleasePoolPage));
873
874 result = (AutoreleasePoolPage *)(p - offset);
875 result->fastcheck();
876
877 return result;
878 }
879
880
881 static inline bool haveEmptyPoolPlaceholder()
882 {
883 id *tls = (id *)tls_get_direct(key);
884 return (tls == EMPTY_POOL_PLACEHOLDER);
885 }
886
887 static inline id* setEmptyPoolPlaceholder()
888 {
889 assert(tls_get_direct(key) == nil);
890 tls_set_direct(key, (void *)EMPTY_POOL_PLACEHOLDER);
891 return EMPTY_POOL_PLACEHOLDER;
892 }
893
894 static inline AutoreleasePoolPage *hotPage()
895 {
896 AutoreleasePoolPage *result = (AutoreleasePoolPage *)
897 tls_get_direct(key);
898 if ((id *)result == EMPTY_POOL_PLACEHOLDER) return nil;
899 if (result) result->fastcheck();
900 return result;
901 }
902
903 static inline void setHotPage(AutoreleasePoolPage *page)
904 {
905 if (page) page->fastcheck();
906 tls_set_direct(key, (void *)page);
907 }
908
909 static inline AutoreleasePoolPage *coldPage()
910 {
911 AutoreleasePoolPage *result = hotPage();
912 if (result) {
913 while (result->parent) {
914 result = result->parent;
915 result->fastcheck();
916 }
917 }
918 return result;
919 }
920
921
922 static inline id *autoreleaseFast(id obj)
923 {
924 AutoreleasePoolPage *page = hotPage();
925 if (page && !page->full()) {
926 return page->add(obj);
927 } else if (page) {
928 return autoreleaseFullPage(obj, page);
929 } else {
930 return autoreleaseNoPage(obj);
931 }
932 }
933
934 static __attribute__((noinline))
935 id *autoreleaseFullPage(id obj, AutoreleasePoolPage *page)
936 {
937 // The hot page is full.
938 // Step to the next non-full page, adding a new page if necessary.
939 // Then add the object to that page.
940 assert(page == hotPage());
941 assert(page->full() || DebugPoolAllocation);
942
943 do {
944 if (page->child) page = page->child;
945 else page = new AutoreleasePoolPage(page);
946 } while (page->full());
947
948 setHotPage(page);
949 return page->add(obj);
950 }
951
952 static __attribute__((noinline))
953 id *autoreleaseNoPage(id obj)
954 {
955 // "No page" could mean no pool has been pushed
956 // or an empty placeholder pool has been pushed and has no contents yet
957 assert(!hotPage());
958
959 bool pushExtraBoundary = false;
960 if (haveEmptyPoolPlaceholder()) {
961 // We are pushing a second pool over the empty placeholder pool
962 // or pushing the first object into the empty placeholder pool.
963 // Before doing that, push a pool boundary on behalf of the pool
964 // that is currently represented by the empty placeholder.
965 pushExtraBoundary = true;
966 }
967 else if (obj != POOL_BOUNDARY && DebugMissingPools) {
968 // We are pushing an object with no pool in place,
969 // and no-pool debugging was requested by environment.
970 _objc_inform("MISSING POOLS: (%p) Object %p of class %s "
971 "autoreleased with no pool in place - "
972 "just leaking - break on "
973 "objc_autoreleaseNoPool() to debug",
974 pthread_self(), (void*)obj, object_getClassName(obj));
975 objc_autoreleaseNoPool(obj);
976 return nil;
977 }
978 else if (obj == POOL_BOUNDARY && !DebugPoolAllocation) {
979 // We are pushing a pool with no pool in place,
980 // and alloc-per-pool debugging was not requested.
981 // Install and return the empty pool placeholder.
982 return setEmptyPoolPlaceholder();
983 }
984
985 // We are pushing an object or a non-placeholder'd pool.
986
987 // Install the first page.
988 AutoreleasePoolPage *page = new AutoreleasePoolPage(nil);
989 setHotPage(page);
990
991 // Push a boundary on behalf of the previously-placeholder'd pool.
992 if (pushExtraBoundary) {
993 page->add(POOL_BOUNDARY);
994 }
995
996 // Push the requested object or pool.
997 return page->add(obj);
998 }
999
1000
1001 static __attribute__((noinline))
1002 id *autoreleaseNewPage(id obj)
1003 {
1004 AutoreleasePoolPage *page = hotPage();
1005 if (page) return autoreleaseFullPage(obj, page);
1006 else return autoreleaseNoPage(obj);
1007 }
1008
1009 public:
1010 static inline id autorelease(id obj)
1011 {
1012 assert(obj);
1013 assert(!obj->isTaggedPointer());
1014 id *dest __unused = autoreleaseFast(obj);
1015 assert(!dest || dest == EMPTY_POOL_PLACEHOLDER || *dest == obj);
1016 return obj;
1017 }
1018
1019
1020 static inline void *push()
1021 {
1022 id *dest;
1023 if (DebugPoolAllocation) {
1024 // Each autorelease pool starts on a new pool page.
1025 dest = autoreleaseNewPage(POOL_BOUNDARY);
1026 } else {
1027 dest = autoreleaseFast(POOL_BOUNDARY);
1028 }
1029 assert(dest == EMPTY_POOL_PLACEHOLDER || *dest == POOL_BOUNDARY);
1030 return dest;
1031 }
1032
1033 static void badPop(void *token)
1034 {
1035 // Error. For bincompat purposes this is not
1036 // fatal in executables built with old SDKs.
1037
1038 if (DebugPoolAllocation || sdkIsAtLeast(10_12, 10_0, 10_0, 3_0, 2_0)) {
1039 // OBJC_DEBUG_POOL_ALLOCATION or new SDK. Bad pop is fatal.
1040 _objc_fatal
1041 ("Invalid or prematurely-freed autorelease pool %p.", token);
1042 }
1043
1044 // Old SDK. Bad pop is warned once.
1045 static bool complained = false;
1046 if (!complained) {
1047 complained = true;
1048 _objc_inform_now_and_on_crash
1049 ("Invalid or prematurely-freed autorelease pool %p. "
1050 "Set a breakpoint on objc_autoreleasePoolInvalid to debug. "
1051 "Proceeding anyway because the app is old "
1052 "(SDK version " SDK_FORMAT "). Memory errors are likely.",
1053 token, FORMAT_SDK(sdkVersion()));
1054 }
1055 objc_autoreleasePoolInvalid(token);
1056 }
1057
1058 static inline void pop(void *token)
1059 {
1060 AutoreleasePoolPage *page;
1061 id *stop;
1062
1063 if (token == (void*)EMPTY_POOL_PLACEHOLDER) {
1064 // Popping the top-level placeholder pool.
1065 if (hotPage()) {
1066 // Pool was used. Pop its contents normally.
1067 // Pool pages remain allocated for re-use as usual.
1068 pop(coldPage()->begin());
1069 } else {
1070 // Pool was never used. Clear the placeholder.
1071 setHotPage(nil);
1072 }
1073 return;
1074 }
1075
1076 page = pageForPointer(token);
1077 stop = (id *)token;
1078 if (*stop != POOL_BOUNDARY) {
1079 if (stop == page->begin() && !page->parent) {
1080 // Start of coldest page may correctly not be POOL_BOUNDARY:
1081 // 1. top-level pool is popped, leaving the cold page in place
1082 // 2. an object is autoreleased with no pool
1083 } else {
1084 // Error. For bincompat purposes this is not
1085 // fatal in executables built with old SDKs.
1086 return badPop(token);
1087 }
1088 }
1089
1090 if (PrintPoolHiwat) printHiwat();
1091
1092 page->releaseUntil(stop);
1093
1094 // memory: delete empty children
1095 if (DebugPoolAllocation && page->empty()) {
1096 // special case: delete everything during page-per-pool debugging
1097 AutoreleasePoolPage *parent = page->parent;
1098 page->kill();
1099 setHotPage(parent);
1100 } else if (DebugMissingPools && page->empty() && !page->parent) {
1101 // special case: delete everything for pop(top)
1102 // when debugging missing autorelease pools
1103 page->kill();
1104 setHotPage(nil);
1105 }
1106 else if (page->child) {
1107 // hysteresis: keep one empty child if page is more than half full
1108 if (page->lessThanHalfFull()) {
1109 page->child->kill();
1110 }
1111 else if (page->child->child) {
1112 page->child->child->kill();
1113 }
1114 }
1115 }
1116
1117 static void init()
1118 {
1119 int r __unused = pthread_key_init_np(AutoreleasePoolPage::key,
1120 AutoreleasePoolPage::tls_dealloc);
1121 assert(r == 0);
1122 }
1123
1124 void print()
1125 {
1126 _objc_inform("[%p] ................ PAGE %s %s %s", this,
1127 full() ? "(full)" : "",
1128 this == hotPage() ? "(hot)" : "",
1129 this == coldPage() ? "(cold)" : "");
1130 check(false);
1131 for (id *p = begin(); p < next; p++) {
1132 if (*p == POOL_BOUNDARY) {
1133 _objc_inform("[%p] ################ POOL %p", p, p);
1134 } else {
1135 _objc_inform("[%p] %#16lx %s",
1136 p, (unsigned long)*p, object_getClassName(*p));
1137 }
1138 }
1139 }
1140
1141 static void printAll()
1142 {
1143 _objc_inform("##############");
1144 _objc_inform("AUTORELEASE POOLS for thread %p", pthread_self());
1145
1146 AutoreleasePoolPage *page;
1147 ptrdiff_t objects = 0;
1148 for (page = coldPage(); page; page = page->child) {
1149 objects += page->next - page->begin();
1150 }
1151 _objc_inform("%llu releases pending.", (unsigned long long)objects);
1152
1153 if (haveEmptyPoolPlaceholder()) {
1154 _objc_inform("[%p] ................ PAGE (placeholder)",
1155 EMPTY_POOL_PLACEHOLDER);
1156 _objc_inform("[%p] ################ POOL (placeholder)",
1157 EMPTY_POOL_PLACEHOLDER);
1158 }
1159 else {
1160 for (page = coldPage(); page; page = page->child) {
1161 page->print();
1162 }
1163 }
1164
1165 _objc_inform("##############");
1166 }
1167
1168 static void printHiwat()
1169 {
1170 // Check and propagate high water mark
1171 // Ignore high water marks under 256 to suppress noise.
1172 AutoreleasePoolPage *p = hotPage();
1173 uint32_t mark = p->depth*COUNT + (uint32_t)(p->next - p->begin());
1174 if (mark > p->hiwat && mark > 256) {
1175 for( ; p; p = p->parent) {
1176 p->unprotect();
1177 p->hiwat = mark;
1178 p->protect();
1179 }
1180
1181 _objc_inform("POOL HIGHWATER: new high water mark of %u "
1182 "pending releases for thread %p:",
1183 mark, pthread_self());
1184
1185 void *stack[128];
1186 int count = backtrace(stack, sizeof(stack)/sizeof(stack[0]));
1187 char **sym = backtrace_symbols(stack, count);
1188 for (int i = 0; i < count; i++) {
1189 _objc_inform("POOL HIGHWATER: %s", sym[i]);
1190 }
1191 free(sym);
1192 }
1193 }
1194
1195 #undef POOL_BOUNDARY
1196 };
1197
1198 // anonymous namespace
1199 };
1200
1201
1202 /***********************************************************************
1203 * Slow paths for inline control
1204 **********************************************************************/
1205
1206 #if SUPPORT_NONPOINTER_ISA
1207
1208 NEVER_INLINE id
1209 objc_object::rootRetain_overflow(bool tryRetain)
1210 {
1211 return rootRetain(tryRetain, true);
1212 }
1213
1214
1215 NEVER_INLINE bool
1216 objc_object::rootRelease_underflow(bool performDealloc)
1217 {
1218 return rootRelease(performDealloc, true);
1219 }
1220
1221
1222 // Slow path of clearDeallocating()
1223 // for objects with nonpointer isa
1224 // that were ever weakly referenced
1225 // or whose retain count ever overflowed to the side table.
1226 NEVER_INLINE void
1227 objc_object::clearDeallocating_slow()
1228 {
1229 assert(isa.nonpointer && (isa.weakly_referenced || isa.has_sidetable_rc));
1230
1231 SideTable& table = SideTables()[this];
1232 table.lock();
1233 if (isa.weakly_referenced) {
1234 weak_clear_no_lock(&table.weak_table, (id)this);
1235 }
1236 if (isa.has_sidetable_rc) {
1237 table.refcnts.erase(this);
1238 }
1239 table.unlock();
1240 }
1241
1242 #endif
1243
1244 __attribute__((noinline,used))
1245 id
1246 objc_object::rootAutorelease2()
1247 {
1248 assert(!isTaggedPointer());
1249 return AutoreleasePoolPage::autorelease((id)this);
1250 }
1251
1252
1253 BREAKPOINT_FUNCTION(
1254 void objc_overrelease_during_dealloc_error(void)
1255 );
1256
1257
1258 NEVER_INLINE
1259 bool
1260 objc_object::overrelease_error()
1261 {
1262 _objc_inform_now_and_on_crash("%s object %p overreleased while already deallocating; break on objc_overrelease_during_dealloc_error to debug", object_getClassName((id)this), this);
1263 objc_overrelease_during_dealloc_error();
1264 return false; // allow rootRelease() to tail-call this
1265 }
1266
1267
1268 /***********************************************************************
1269 * Retain count operations for side table.
1270 **********************************************************************/
1271
1272
1273 #if DEBUG
1274 // Used to assert that an object is not present in the side table.
1275 bool
1276 objc_object::sidetable_present()
1277 {
1278 bool result = false;
1279 SideTable& table = SideTables()[this];
1280
1281 table.lock();
1282
1283 RefcountMap::iterator it = table.refcnts.find(this);
1284 if (it != table.refcnts.end()) result = true;
1285
1286 if (weak_is_registered_no_lock(&table.weak_table, (id)this)) result = true;
1287
1288 table.unlock();
1289
1290 return result;
1291 }
1292 #endif
1293
1294 #if SUPPORT_NONPOINTER_ISA
1295
1296 void
1297 objc_object::sidetable_lock()
1298 {
1299 SideTable& table = SideTables()[this];
1300 table.lock();
1301 }
1302
1303 void
1304 objc_object::sidetable_unlock()
1305 {
1306 SideTable& table = SideTables()[this];
1307 table.unlock();
1308 }
1309
1310
1311 // Move the entire retain count to the side table,
1312 // as well as isDeallocating and weaklyReferenced.
1313 void
1314 objc_object::sidetable_moveExtraRC_nolock(size_t extra_rc,
1315 bool isDeallocating,
1316 bool weaklyReferenced)
1317 {
1318 assert(!isa.nonpointer); // should already be changed to raw pointer
1319 SideTable& table = SideTables()[this];
1320
1321 size_t& refcntStorage = table.refcnts[this];
1322 size_t oldRefcnt = refcntStorage;
1323 // not deallocating - that was in the isa
1324 assert((oldRefcnt & SIDE_TABLE_DEALLOCATING) == 0);
1325 assert((oldRefcnt & SIDE_TABLE_WEAKLY_REFERENCED) == 0);
1326
1327 uintptr_t carry;
1328 size_t refcnt = addc(oldRefcnt, extra_rc << SIDE_TABLE_RC_SHIFT, 0, &carry);
1329 if (carry) refcnt = SIDE_TABLE_RC_PINNED;
1330 if (isDeallocating) refcnt |= SIDE_TABLE_DEALLOCATING;
1331 if (weaklyReferenced) refcnt |= SIDE_TABLE_WEAKLY_REFERENCED;
1332
1333 refcntStorage = refcnt;
1334 }
1335
1336
1337 // Move some retain counts to the side table from the isa field.
1338 // Returns true if the object is now pinned.
1339 bool
1340 objc_object::sidetable_addExtraRC_nolock(size_t delta_rc)
1341 {
1342 assert(isa.nonpointer);
1343 SideTable& table = SideTables()[this];
1344
1345 size_t& refcntStorage = table.refcnts[this];
1346 size_t oldRefcnt = refcntStorage;
1347 // isa-side bits should not be set here
1348 assert((oldRefcnt & SIDE_TABLE_DEALLOCATING) == 0);
1349 assert((oldRefcnt & SIDE_TABLE_WEAKLY_REFERENCED) == 0);
1350
1351 if (oldRefcnt & SIDE_TABLE_RC_PINNED) return true;
1352
1353 uintptr_t carry;
1354 size_t newRefcnt =
1355 addc(oldRefcnt, delta_rc << SIDE_TABLE_RC_SHIFT, 0, &carry);
1356 if (carry) {
1357 refcntStorage =
1358 SIDE_TABLE_RC_PINNED | (oldRefcnt & SIDE_TABLE_FLAG_MASK);
1359 return true;
1360 }
1361 else {
1362 refcntStorage = newRefcnt;
1363 return false;
1364 }
1365 }
1366
1367
1368 // Move some retain counts from the side table to the isa field.
1369 // Returns the actual count subtracted, which may be less than the request.
1370 size_t
1371 objc_object::sidetable_subExtraRC_nolock(size_t delta_rc)
1372 {
1373 assert(isa.nonpointer);
1374 SideTable& table = SideTables()[this];
1375
1376 RefcountMap::iterator it = table.refcnts.find(this);
1377 if (it == table.refcnts.end() || it->second == 0) {
1378 // Side table retain count is zero. Can't borrow.
1379 return 0;
1380 }
1381 size_t oldRefcnt = it->second;
1382
1383 // isa-side bits should not be set here
1384 assert((oldRefcnt & SIDE_TABLE_DEALLOCATING) == 0);
1385 assert((oldRefcnt & SIDE_TABLE_WEAKLY_REFERENCED) == 0);
1386
1387 size_t newRefcnt = oldRefcnt - (delta_rc << SIDE_TABLE_RC_SHIFT);
1388 assert(oldRefcnt > newRefcnt); // shouldn't underflow
1389 it->second = newRefcnt;
1390 return delta_rc;
1391 }
1392
1393
1394 size_t
1395 objc_object::sidetable_getExtraRC_nolock()
1396 {
1397 assert(isa.nonpointer);
1398 SideTable& table = SideTables()[this];
1399 RefcountMap::iterator it = table.refcnts.find(this);
1400 if (it == table.refcnts.end()) return 0;
1401 else return it->second >> SIDE_TABLE_RC_SHIFT;
1402 }
1403
1404
1405 // SUPPORT_NONPOINTER_ISA
1406 #endif
1407
1408
1409 id
1410 objc_object::sidetable_retain()
1411 {
1412 #if SUPPORT_NONPOINTER_ISA
1413 assert(!isa.nonpointer);
1414 #endif
1415 SideTable& table = SideTables()[this];
1416
1417 table.lock();
1418 size_t& refcntStorage = table.refcnts[this];
1419 if (! (refcntStorage & SIDE_TABLE_RC_PINNED)) {
1420 refcntStorage += SIDE_TABLE_RC_ONE;
1421 }
1422 table.unlock();
1423
1424 return (id)this;
1425 }
1426
1427
1428 bool
1429 objc_object::sidetable_tryRetain()
1430 {
1431 #if SUPPORT_NONPOINTER_ISA
1432 assert(!isa.nonpointer);
1433 #endif
1434 SideTable& table = SideTables()[this];
1435
1436 // NO SPINLOCK HERE
1437 // _objc_rootTryRetain() is called exclusively by _objc_loadWeak(),
1438 // which already acquired the lock on our behalf.
1439
1440 // fixme can't do this efficiently with os_lock_handoff_s
1441 // if (table.slock == 0) {
1442 // _objc_fatal("Do not call -_tryRetain.");
1443 // }
1444
1445 bool result = true;
1446 RefcountMap::iterator it = table.refcnts.find(this);
1447 if (it == table.refcnts.end()) {
1448 table.refcnts[this] = SIDE_TABLE_RC_ONE;
1449 } else if (it->second & SIDE_TABLE_DEALLOCATING) {
1450 result = false;
1451 } else if (! (it->second & SIDE_TABLE_RC_PINNED)) {
1452 it->second += SIDE_TABLE_RC_ONE;
1453 }
1454
1455 return result;
1456 }
1457
1458
1459 uintptr_t
1460 objc_object::sidetable_retainCount()
1461 {
1462 SideTable& table = SideTables()[this];
1463
1464 size_t refcnt_result = 1;
1465
1466 table.lock();
1467 RefcountMap::iterator it = table.refcnts.find(this);
1468 if (it != table.refcnts.end()) {
1469 // this is valid for SIDE_TABLE_RC_PINNED too
1470 refcnt_result += it->second >> SIDE_TABLE_RC_SHIFT;
1471 }
1472 table.unlock();
1473 return refcnt_result;
1474 }
1475
1476
1477 bool
1478 objc_object::sidetable_isDeallocating()
1479 {
1480 SideTable& table = SideTables()[this];
1481
1482 // NO SPINLOCK HERE
1483 // _objc_rootIsDeallocating() is called exclusively by _objc_storeWeak(),
1484 // which already acquired the lock on our behalf.
1485
1486
1487 // fixme can't do this efficiently with os_lock_handoff_s
1488 // if (table.slock == 0) {
1489 // _objc_fatal("Do not call -_isDeallocating.");
1490 // }
1491
1492 RefcountMap::iterator it = table.refcnts.find(this);
1493 return (it != table.refcnts.end()) && (it->second & SIDE_TABLE_DEALLOCATING);
1494 }
1495
1496
1497 bool
1498 objc_object::sidetable_isWeaklyReferenced()
1499 {
1500 bool result = false;
1501
1502 SideTable& table = SideTables()[this];
1503 table.lock();
1504
1505 RefcountMap::iterator it = table.refcnts.find(this);
1506 if (it != table.refcnts.end()) {
1507 result = it->second & SIDE_TABLE_WEAKLY_REFERENCED;
1508 }
1509
1510 table.unlock();
1511
1512 return result;
1513 }
1514
1515
1516 void
1517 objc_object::sidetable_setWeaklyReferenced_nolock()
1518 {
1519 #if SUPPORT_NONPOINTER_ISA
1520 assert(!isa.nonpointer);
1521 #endif
1522
1523 SideTable& table = SideTables()[this];
1524
1525 table.refcnts[this] |= SIDE_TABLE_WEAKLY_REFERENCED;
1526 }
1527
1528
1529 // rdar://20206767
1530 // return uintptr_t instead of bool so that the various raw-isa
1531 // -release paths all return zero in eax
1532 uintptr_t
1533 objc_object::sidetable_release(bool performDealloc)
1534 {
1535 #if SUPPORT_NONPOINTER_ISA
1536 assert(!isa.nonpointer);
1537 #endif
1538 SideTable& table = SideTables()[this];
1539
1540 bool do_dealloc = false;
1541
1542 table.lock();
1543 RefcountMap::iterator it = table.refcnts.find(this);
1544 if (it == table.refcnts.end()) {
1545 do_dealloc = true;
1546 table.refcnts[this] = SIDE_TABLE_DEALLOCATING;
1547 } else if (it->second < SIDE_TABLE_DEALLOCATING) {
1548 // SIDE_TABLE_WEAKLY_REFERENCED may be set. Don't change it.
1549 do_dealloc = true;
1550 it->second |= SIDE_TABLE_DEALLOCATING;
1551 } else if (! (it->second & SIDE_TABLE_RC_PINNED)) {
1552 it->second -= SIDE_TABLE_RC_ONE;
1553 }
1554 table.unlock();
1555 if (do_dealloc && performDealloc) {
1556 ((void(*)(objc_object *, SEL))objc_msgSend)(this, SEL_dealloc);
1557 }
1558 return do_dealloc;
1559 }
1560
1561
1562 void
1563 objc_object::sidetable_clearDeallocating()
1564 {
1565 SideTable& table = SideTables()[this];
1566
1567 // clear any weak table items
1568 // clear extra retain count and deallocating bit
1569 // (fixme warn or abort if extra retain count == 0 ?)
1570 table.lock();
1571 RefcountMap::iterator it = table.refcnts.find(this);
1572 if (it != table.refcnts.end()) {
1573 if (it->second & SIDE_TABLE_WEAKLY_REFERENCED) {
1574 weak_clear_no_lock(&table.weak_table, (id)this);
1575 }
1576 table.refcnts.erase(it);
1577 }
1578 table.unlock();
1579 }
1580
1581
1582 /***********************************************************************
1583 * Optimized retain/release/autorelease entrypoints
1584 **********************************************************************/
1585
1586
1587 #if __OBJC2__
1588
1589 __attribute__((aligned(16)))
1590 id
1591 objc_retain(id obj)
1592 {
1593 if (!obj) return obj;
1594 if (obj->isTaggedPointer()) return obj;
1595 return obj->retain();
1596 }
1597
1598
1599 __attribute__((aligned(16)))
1600 void
1601 objc_release(id obj)
1602 {
1603 if (!obj) return;
1604 if (obj->isTaggedPointer()) return;
1605 return obj->release();
1606 }
1607
1608
1609 __attribute__((aligned(16)))
1610 id
1611 objc_autorelease(id obj)
1612 {
1613 if (!obj) return obj;
1614 if (obj->isTaggedPointer()) return obj;
1615 return obj->autorelease();
1616 }
1617
1618
1619 // OBJC2
1620 #else
1621 // not OBJC2
1622
1623
1624 id objc_retain(id obj) { return [obj retain]; }
1625 void objc_release(id obj) { [obj release]; }
1626 id objc_autorelease(id obj) { return [obj autorelease]; }
1627
1628
1629 #endif
1630
1631
1632 /***********************************************************************
1633 * Basic operations for root class implementations a.k.a. _objc_root*()
1634 **********************************************************************/
1635
1636 bool
1637 _objc_rootTryRetain(id obj)
1638 {
1639 assert(obj);
1640
1641 return obj->rootTryRetain();
1642 }
1643
1644 bool
1645 _objc_rootIsDeallocating(id obj)
1646 {
1647 assert(obj);
1648
1649 return obj->rootIsDeallocating();
1650 }
1651
1652
1653 void
1654 objc_clear_deallocating(id obj)
1655 {
1656 assert(obj);
1657
1658 if (obj->isTaggedPointer()) return;
1659 obj->clearDeallocating();
1660 }
1661
1662
1663 bool
1664 _objc_rootReleaseWasZero(id obj)
1665 {
1666 assert(obj);
1667
1668 return obj->rootReleaseShouldDealloc();
1669 }
1670
1671
1672 id
1673 _objc_rootAutorelease(id obj)
1674 {
1675 assert(obj);
1676 return obj->rootAutorelease();
1677 }
1678
1679 uintptr_t
1680 _objc_rootRetainCount(id obj)
1681 {
1682 assert(obj);
1683
1684 return obj->rootRetainCount();
1685 }
1686
1687
1688 id
1689 _objc_rootRetain(id obj)
1690 {
1691 assert(obj);
1692
1693 return obj->rootRetain();
1694 }
1695
1696 void
1697 _objc_rootRelease(id obj)
1698 {
1699 assert(obj);
1700
1701 obj->rootRelease();
1702 }
1703
1704
1705 id
1706 _objc_rootAllocWithZone(Class cls, malloc_zone_t *zone)
1707 {
1708 id obj;
1709
1710 #if __OBJC2__
1711 // allocWithZone under __OBJC2__ ignores the zone parameter
1712 (void)zone;
1713 obj = class_createInstance(cls, 0);
1714 #else
1715 if (!zone) {
1716 obj = class_createInstance(cls, 0);
1717 }
1718 else {
1719 obj = class_createInstanceFromZone(cls, 0, zone);
1720 }
1721 #endif
1722
1723 if (slowpath(!obj)) obj = callBadAllocHandler(cls);
1724 return obj;
1725 }
1726
1727
1728 // Call [cls alloc] or [cls allocWithZone:nil], with appropriate
1729 // shortcutting optimizations.
1730 static ALWAYS_INLINE id
1731 callAlloc(Class cls, bool checkNil, bool allocWithZone=false)
1732 {
1733 if (slowpath(checkNil && !cls)) return nil;
1734
1735 #if __OBJC2__
1736 if (fastpath(!cls->ISA()->hasCustomAWZ())) {
1737 // No alloc/allocWithZone implementation. Go straight to the allocator.
1738 // fixme store hasCustomAWZ in the non-meta class and
1739 // add it to canAllocFast's summary
1740 if (fastpath(cls->canAllocFast())) {
1741 // No ctors, raw isa, etc. Go straight to the metal.
1742 bool dtor = cls->hasCxxDtor();
1743 id obj = (id)calloc(1, cls->bits.fastInstanceSize());
1744 if (slowpath(!obj)) return callBadAllocHandler(cls);
1745 obj->initInstanceIsa(cls, dtor);
1746 return obj;
1747 }
1748 else {
1749 // Has ctor or raw isa or something. Use the slower path.
1750 id obj = class_createInstance(cls, 0);
1751 if (slowpath(!obj)) return callBadAllocHandler(cls);
1752 return obj;
1753 }
1754 }
1755 #endif
1756
1757 // No shortcuts available.
1758 if (allocWithZone) return [cls allocWithZone:nil];
1759 return [cls alloc];
1760 }
1761
1762
1763 // Base class implementation of +alloc. cls is not nil.
1764 // Calls [cls allocWithZone:nil].
1765 id
1766 _objc_rootAlloc(Class cls)
1767 {
1768 return callAlloc(cls, false/*checkNil*/, true/*allocWithZone*/);
1769 }
1770
1771 // Calls [cls alloc].
1772 id
1773 objc_alloc(Class cls)
1774 {
1775 return callAlloc(cls, true/*checkNil*/, false/*allocWithZone*/);
1776 }
1777
1778 // Calls [cls allocWithZone:nil].
1779 id
1780 objc_allocWithZone(Class cls)
1781 {
1782 return callAlloc(cls, true/*checkNil*/, true/*allocWithZone*/);
1783 }
1784
1785
1786 void
1787 _objc_rootDealloc(id obj)
1788 {
1789 assert(obj);
1790
1791 obj->rootDealloc();
1792 }
1793
1794 void
1795 _objc_rootFinalize(id obj __unused)
1796 {
1797 assert(obj);
1798 _objc_fatal("_objc_rootFinalize called with garbage collection off");
1799 }
1800
1801
1802 id
1803 _objc_rootInit(id obj)
1804 {
1805 // In practice, it will be hard to rely on this function.
1806 // Many classes do not properly chain -init calls.
1807 return obj;
1808 }
1809
1810
1811 malloc_zone_t *
1812 _objc_rootZone(id obj)
1813 {
1814 (void)obj;
1815 #if __OBJC2__
1816 // allocWithZone under __OBJC2__ ignores the zone parameter
1817 return malloc_default_zone();
1818 #else
1819 malloc_zone_t *rval = malloc_zone_from_ptr(obj);
1820 return rval ? rval : malloc_default_zone();
1821 #endif
1822 }
1823
1824 uintptr_t
1825 _objc_rootHash(id obj)
1826 {
1827 return (uintptr_t)obj;
1828 }
1829
1830 void *
1831 objc_autoreleasePoolPush(void)
1832 {
1833 return AutoreleasePoolPage::push();
1834 }
1835
1836 void
1837 objc_autoreleasePoolPop(void *ctxt)
1838 {
1839 AutoreleasePoolPage::pop(ctxt);
1840 }
1841
1842
1843 void *
1844 _objc_autoreleasePoolPush(void)
1845 {
1846 return objc_autoreleasePoolPush();
1847 }
1848
1849 void
1850 _objc_autoreleasePoolPop(void *ctxt)
1851 {
1852 objc_autoreleasePoolPop(ctxt);
1853 }
1854
1855 void
1856 _objc_autoreleasePoolPrint(void)
1857 {
1858 AutoreleasePoolPage::printAll();
1859 }
1860
1861
1862 // Same as objc_release but suitable for tail-calling
1863 // if you need the value back and don't want to push a frame before this point.
1864 __attribute__((noinline))
1865 static id
1866 objc_releaseAndReturn(id obj)
1867 {
1868 objc_release(obj);
1869 return obj;
1870 }
1871
1872 // Same as objc_retainAutorelease but suitable for tail-calling
1873 // if you don't want to push a frame before this point.
1874 __attribute__((noinline))
1875 static id
1876 objc_retainAutoreleaseAndReturn(id obj)
1877 {
1878 return objc_retainAutorelease(obj);
1879 }
1880
1881
1882 // Prepare a value at +1 for return through a +0 autoreleasing convention.
1883 id
1884 objc_autoreleaseReturnValue(id obj)
1885 {
1886 if (prepareOptimizedReturn(ReturnAtPlus1)) return obj;
1887
1888 return objc_autorelease(obj);
1889 }
1890
1891 // Prepare a value at +0 for return through a +0 autoreleasing convention.
1892 id
1893 objc_retainAutoreleaseReturnValue(id obj)
1894 {
1895 if (prepareOptimizedReturn(ReturnAtPlus0)) return obj;
1896
1897 // not objc_autoreleaseReturnValue(objc_retain(obj))
1898 // because we don't need another optimization attempt
1899 return objc_retainAutoreleaseAndReturn(obj);
1900 }
1901
1902 // Accept a value returned through a +0 autoreleasing convention for use at +1.
1903 id
1904 objc_retainAutoreleasedReturnValue(id obj)
1905 {
1906 if (acceptOptimizedReturn() == ReturnAtPlus1) return obj;
1907
1908 return objc_retain(obj);
1909 }
1910
1911 // Accept a value returned through a +0 autoreleasing convention for use at +0.
1912 id
1913 objc_unsafeClaimAutoreleasedReturnValue(id obj)
1914 {
1915 if (acceptOptimizedReturn() == ReturnAtPlus0) return obj;
1916
1917 return objc_releaseAndReturn(obj);
1918 }
1919
1920 id
1921 objc_retainAutorelease(id obj)
1922 {
1923 return objc_autorelease(objc_retain(obj));
1924 }
1925
1926 void
1927 _objc_deallocOnMainThreadHelper(void *context)
1928 {
1929 id obj = (id)context;
1930 [obj dealloc];
1931 }
1932
1933 // convert objc_objectptr_t to id, callee must take ownership.
1934 id objc_retainedObject(objc_objectptr_t pointer) { return (id)pointer; }
1935
1936 // convert objc_objectptr_t to id, without ownership transfer.
1937 id objc_unretainedObject(objc_objectptr_t pointer) { return (id)pointer; }
1938
1939 // convert id to objc_objectptr_t, no ownership transfer.
1940 objc_objectptr_t objc_unretainedPointer(id object) { return object; }
1941
1942
1943 void arr_init(void)
1944 {
1945 AutoreleasePoolPage::init();
1946 SideTableInit();
1947 }
1948
1949
1950 #if SUPPORT_TAGGED_POINTERS
1951
1952 // Placeholder for old debuggers. When they inspect an
1953 // extended tagged pointer object they will see this isa.
1954
1955 @interface __NSUnrecognizedTaggedPointer : NSObject
1956 @end
1957
1958 @implementation __NSUnrecognizedTaggedPointer
1959 +(void) load { }
1960 -(id) retain { return self; }
1961 -(oneway void) release { }
1962 -(id) autorelease { return self; }
1963 @end
1964
1965 #endif
1966
1967
1968 @implementation NSObject
1969
1970 + (void)load {
1971 }
1972
1973 + (void)initialize {
1974 }
1975
1976 + (id)self {
1977 return (id)self;
1978 }
1979
1980 - (id)self {
1981 return self;
1982 }
1983
1984 + (Class)class {
1985 return self;
1986 }
1987
1988 - (Class)class {
1989 return object_getClass(self);
1990 }
1991
1992 + (Class)superclass {
1993 return self->superclass;
1994 }
1995
1996 - (Class)superclass {
1997 return [self class]->superclass;
1998 }
1999
2000 + (BOOL)isMemberOfClass:(Class)cls {
2001 return object_getClass((id)self) == cls;
2002 }
2003
2004 - (BOOL)isMemberOfClass:(Class)cls {
2005 return [self class] == cls;
2006 }
2007
2008 + (BOOL)isKindOfClass:(Class)cls {
2009 for (Class tcls = object_getClass((id)self); tcls; tcls = tcls->superclass) {
2010 if (tcls == cls) return YES;
2011 }
2012 return NO;
2013 }
2014
2015 - (BOOL)isKindOfClass:(Class)cls {
2016 for (Class tcls = [self class]; tcls; tcls = tcls->superclass) {
2017 if (tcls == cls) return YES;
2018 }
2019 return NO;
2020 }
2021
2022 + (BOOL)isSubclassOfClass:(Class)cls {
2023 for (Class tcls = self; tcls; tcls = tcls->superclass) {
2024 if (tcls == cls) return YES;
2025 }
2026 return NO;
2027 }
2028
2029 + (BOOL)isAncestorOfObject:(NSObject *)obj {
2030 for (Class tcls = [obj class]; tcls; tcls = tcls->superclass) {
2031 if (tcls == self) return YES;
2032 }
2033 return NO;
2034 }
2035
2036 + (BOOL)instancesRespondToSelector:(SEL)sel {
2037 if (!sel) return NO;
2038 return class_respondsToSelector(self, sel);
2039 }
2040
2041 + (BOOL)respondsToSelector:(SEL)sel {
2042 if (!sel) return NO;
2043 return class_respondsToSelector_inst(object_getClass(self), sel, self);
2044 }
2045
2046 - (BOOL)respondsToSelector:(SEL)sel {
2047 if (!sel) return NO;
2048 return class_respondsToSelector_inst([self class], sel, self);
2049 }
2050
2051 + (BOOL)conformsToProtocol:(Protocol *)protocol {
2052 if (!protocol) return NO;
2053 for (Class tcls = self; tcls; tcls = tcls->superclass) {
2054 if (class_conformsToProtocol(tcls, protocol)) return YES;
2055 }
2056 return NO;
2057 }
2058
2059 - (BOOL)conformsToProtocol:(Protocol *)protocol {
2060 if (!protocol) return NO;
2061 for (Class tcls = [self class]; tcls; tcls = tcls->superclass) {
2062 if (class_conformsToProtocol(tcls, protocol)) return YES;
2063 }
2064 return NO;
2065 }
2066
2067 + (NSUInteger)hash {
2068 return _objc_rootHash(self);
2069 }
2070
2071 - (NSUInteger)hash {
2072 return _objc_rootHash(self);
2073 }
2074
2075 + (BOOL)isEqual:(id)obj {
2076 return obj == (id)self;
2077 }
2078
2079 - (BOOL)isEqual:(id)obj {
2080 return obj == self;
2081 }
2082
2083
2084 + (BOOL)isFault {
2085 return NO;
2086 }
2087
2088 - (BOOL)isFault {
2089 return NO;
2090 }
2091
2092 + (BOOL)isProxy {
2093 return NO;
2094 }
2095
2096 - (BOOL)isProxy {
2097 return NO;
2098 }
2099
2100
2101 + (IMP)instanceMethodForSelector:(SEL)sel {
2102 if (!sel) [self doesNotRecognizeSelector:sel];
2103 return class_getMethodImplementation(self, sel);
2104 }
2105
2106 + (IMP)methodForSelector:(SEL)sel {
2107 if (!sel) [self doesNotRecognizeSelector:sel];
2108 return object_getMethodImplementation((id)self, sel);
2109 }
2110
2111 - (IMP)methodForSelector:(SEL)sel {
2112 if (!sel) [self doesNotRecognizeSelector:sel];
2113 return object_getMethodImplementation(self, sel);
2114 }
2115
2116 + (BOOL)resolveClassMethod:(SEL)sel {
2117 return NO;
2118 }
2119
2120 + (BOOL)resolveInstanceMethod:(SEL)sel {
2121 return NO;
2122 }
2123
2124 // Replaced by CF (throws an NSException)
2125 + (void)doesNotRecognizeSelector:(SEL)sel {
2126 _objc_fatal("+[%s %s]: unrecognized selector sent to instance %p",
2127 class_getName(self), sel_getName(sel), self);
2128 }
2129
2130 // Replaced by CF (throws an NSException)
2131 - (void)doesNotRecognizeSelector:(SEL)sel {
2132 _objc_fatal("-[%s %s]: unrecognized selector sent to instance %p",
2133 object_getClassName(self), sel_getName(sel), self);
2134 }
2135
2136
2137 + (id)performSelector:(SEL)sel {
2138 if (!sel) [self doesNotRecognizeSelector:sel];
2139 return ((id(*)(id, SEL))objc_msgSend)((id)self, sel);
2140 }
2141
2142 + (id)performSelector:(SEL)sel withObject:(id)obj {
2143 if (!sel) [self doesNotRecognizeSelector:sel];
2144 return ((id(*)(id, SEL, id))objc_msgSend)((id)self, sel, obj);
2145 }
2146
2147 + (id)performSelector:(SEL)sel withObject:(id)obj1 withObject:(id)obj2 {
2148 if (!sel) [self doesNotRecognizeSelector:sel];
2149 return ((id(*)(id, SEL, id, id))objc_msgSend)((id)self, sel, obj1, obj2);
2150 }
2151
2152 - (id)performSelector:(SEL)sel {
2153 if (!sel) [self doesNotRecognizeSelector:sel];
2154 return ((id(*)(id, SEL))objc_msgSend)(self, sel);
2155 }
2156
2157 - (id)performSelector:(SEL)sel withObject:(id)obj {
2158 if (!sel) [self doesNotRecognizeSelector:sel];
2159 return ((id(*)(id, SEL, id))objc_msgSend)(self, sel, obj);
2160 }
2161
2162 - (id)performSelector:(SEL)sel withObject:(id)obj1 withObject:(id)obj2 {
2163 if (!sel) [self doesNotRecognizeSelector:sel];
2164 return ((id(*)(id, SEL, id, id))objc_msgSend)(self, sel, obj1, obj2);
2165 }
2166
2167
2168 // Replaced by CF (returns an NSMethodSignature)
2169 + (NSMethodSignature *)instanceMethodSignatureForSelector:(SEL)sel {
2170 _objc_fatal("+[NSObject instanceMethodSignatureForSelector:] "
2171 "not available without CoreFoundation");
2172 }
2173
2174 // Replaced by CF (returns an NSMethodSignature)
2175 + (NSMethodSignature *)methodSignatureForSelector:(SEL)sel {
2176 _objc_fatal("+[NSObject methodSignatureForSelector:] "
2177 "not available without CoreFoundation");
2178 }
2179
2180 // Replaced by CF (returns an NSMethodSignature)
2181 - (NSMethodSignature *)methodSignatureForSelector:(SEL)sel {
2182 _objc_fatal("-[NSObject methodSignatureForSelector:] "
2183 "not available without CoreFoundation");
2184 }
2185
2186 + (void)forwardInvocation:(NSInvocation *)invocation {
2187 [self doesNotRecognizeSelector:(invocation ? [invocation selector] : 0)];
2188 }
2189
2190 - (void)forwardInvocation:(NSInvocation *)invocation {
2191 [self doesNotRecognizeSelector:(invocation ? [invocation selector] : 0)];
2192 }
2193
2194 + (id)forwardingTargetForSelector:(SEL)sel {
2195 return nil;
2196 }
2197
2198 - (id)forwardingTargetForSelector:(SEL)sel {
2199 return nil;
2200 }
2201
2202
2203 // Replaced by CF (returns an NSString)
2204 + (NSString *)description {
2205 return nil;
2206 }
2207
2208 // Replaced by CF (returns an NSString)
2209 - (NSString *)description {
2210 return nil;
2211 }
2212
2213 + (NSString *)debugDescription {
2214 return [self description];
2215 }
2216
2217 - (NSString *)debugDescription {
2218 return [self description];
2219 }
2220
2221
2222 + (id)new {
2223 return [callAlloc(self, false/*checkNil*/) init];
2224 }
2225
2226 + (id)retain {
2227 return (id)self;
2228 }
2229
2230 // Replaced by ObjectAlloc
2231 - (id)retain {
2232 return ((id)self)->rootRetain();
2233 }
2234
2235
2236 + (BOOL)_tryRetain {
2237 return YES;
2238 }
2239
2240 // Replaced by ObjectAlloc
2241 - (BOOL)_tryRetain {
2242 return ((id)self)->rootTryRetain();
2243 }
2244
2245 + (BOOL)_isDeallocating {
2246 return NO;
2247 }
2248
2249 - (BOOL)_isDeallocating {
2250 return ((id)self)->rootIsDeallocating();
2251 }
2252
2253 + (BOOL)allowsWeakReference {
2254 return YES;
2255 }
2256
2257 + (BOOL)retainWeakReference {
2258 return YES;
2259 }
2260
2261 - (BOOL)allowsWeakReference {
2262 return ! [self _isDeallocating];
2263 }
2264
2265 - (BOOL)retainWeakReference {
2266 return [self _tryRetain];
2267 }
2268
2269 + (oneway void)release {
2270 }
2271
2272 // Replaced by ObjectAlloc
2273 - (oneway void)release {
2274 ((id)self)->rootRelease();
2275 }
2276
2277 + (id)autorelease {
2278 return (id)self;
2279 }
2280
2281 // Replaced by ObjectAlloc
2282 - (id)autorelease {
2283 return ((id)self)->rootAutorelease();
2284 }
2285
2286 + (NSUInteger)retainCount {
2287 return ULONG_MAX;
2288 }
2289
2290 - (NSUInteger)retainCount {
2291 return ((id)self)->rootRetainCount();
2292 }
2293
2294 + (id)alloc {
2295 return _objc_rootAlloc(self);
2296 }
2297
2298 // Replaced by ObjectAlloc
2299 + (id)allocWithZone:(struct _NSZone *)zone {
2300 return _objc_rootAllocWithZone(self, (malloc_zone_t *)zone);
2301 }
2302
2303 // Replaced by CF (throws an NSException)
2304 + (id)init {
2305 return (id)self;
2306 }
2307
2308 - (id)init {
2309 return _objc_rootInit(self);
2310 }
2311
2312 // Replaced by CF (throws an NSException)
2313 + (void)dealloc {
2314 }
2315
2316
2317 // Replaced by NSZombies
2318 - (void)dealloc {
2319 _objc_rootDealloc(self);
2320 }
2321
2322 // Previously used by GC. Now a placeholder for binary compatibility.
2323 - (void) finalize {
2324 }
2325
2326 + (struct _NSZone *)zone {
2327 return (struct _NSZone *)_objc_rootZone(self);
2328 }
2329
2330 - (struct _NSZone *)zone {
2331 return (struct _NSZone *)_objc_rootZone(self);
2332 }
2333
2334 + (id)copy {
2335 return (id)self;
2336 }
2337
2338 + (id)copyWithZone:(struct _NSZone *)zone {
2339 return (id)self;
2340 }
2341
2342 - (id)copy {
2343 return [(id)self copyWithZone:nil];
2344 }
2345
2346 + (id)mutableCopy {
2347 return (id)self;
2348 }
2349
2350 + (id)mutableCopyWithZone:(struct _NSZone *)zone {
2351 return (id)self;
2352 }
2353
2354 - (id)mutableCopy {
2355 return [(id)self mutableCopyWithZone:nil];
2356 }
2357
2358 @end
2359
2360