C++ classes that inherit from JS::Cell and are leaf classes should have
their own type-specific allocator. We also do this for non-leaf classes
that are constructable from JS.
To do this, JSON messages are passed to communicate information about
each class the Clang tool comes across. This is the only message we have
to worry about for now, but in the future if we want to transmit
different kinds of information, we can make this message format more
generic.
This allows each Clang process to send JSON messages to the
orchestrating Python process, which aggregates the message and can do
something with them all at the end. This is required because we run
Clang multithreaded to speed up the tool execution.
I did try to add a second frontend tool that accepts all the files at
once, but it was _extremely_ slow, so this is the next best thing.
For example, consider the following code snippet:
Vector<Function<void()>> m_callbacks;
void add_callback(Function<void()> callback)
{
m_callbacks.append(move(callback));
}
// Somewhere else...
void do_something()
{
int a = 10;
add_callback([&a] {
dbgln("a is {}", a);
});
} // Oops, "a" is now destroyed, but the callback in m_callbacks
// has a reference to it!
We now statically detect the capture of "a" in the lambda above and flag
it as incorrect. Note that capturing the value implicitly with a capture
list of `[&]` would also be detected.
Of course, many functions that accept Function<...> don't store them
anywhere, instead immediately invoking them inside of the function. To
avoid a warning in this case, the parameter can be annotated with
NOESCAPE to indicate that capturing stack variables is fine:
void do_something_now(NOESCAPE Function<...> callback)
{
callback(...)
}
Lastly, there are situations where the callback does generally escape,
but where the caller knows that it won't escape long enough to cause any
issues. For example, consider this fake example from LibWeb:
void do_something()
{
bool is_done = false;
HTML::queue_global_task([&] {
do_some_work();
is_done = true;
});
HTML::main_thread_event_loop().spin_until([&] {
return is_done;
});
}
In this case, we know that the lambda passed to queue_global_task will
be executed before the function returns, and will not persist
afterwards. To avoid this warning, annotate the type of the capture
with IGNORE_USE_IN_ESCAPING_LAMBDA:
void do_something()
{
IGNORE_USE_IN_ESCAPING_LAMBDA bool is_done = false;
// ...
}
Previously we would only warn about missing calls to visit inside
visit_edges implementations, now we warn as well when there's no
visit_edges implementation at all.
This lets us avoid false positives when a GCPtr-wrapped member is only
a weak reference which is automatically updated by the GC when the
member's gc state is updated.
clang doesn't make all `Base::visit_edges()` calls CXXMemberCallExprs
This would lead to false positives like in HeapFunction,
where the matcher would fail to match and report a warning.
Also previously the matcher would succeed
if the visited class is missing the call to `Base::visit_edges()`
but an included class has a correct method.
The new matcher checks the current class for `visit_edges`-overrides
and matches all `visit_edges`-memberExprs inside,
checking those for starting with `Base::`.
This seems to get rid of the false positives
and should be more correct detecting missing calls.
When building, clang would throw errors about dangling references.
Extracting `template_args` to a variable before the loop and
indexing into that seems to fix the errors.
My system's python3 is not in /bin/.
The README did not indicate that a clang-toolchain build of Serenity is
required, so this patch adds that explicit instruction.
The dollar sign is a special character in POSIX shells and in the Ninja
build file format. If the file name contains a `$`, something goes wrong
in the escaping/unescaping of this symbol, and CMake/GCC/Clang generate
invalid dependency files where not all instances of `$` are escaped
properly. Because of this, Ninja fails to rebuild `$262Object.cpp` if
the headers included by it have changed.
Stale `$262Object.cpp.o` files have been the cause of mysterious crashes
multiple times which only go away after doing a clean build. Let's
prevent these from happening again by removing the `$` from the
filename.
This ensures that all visit_edges implementations include a call to
Base::visit_edges. In particular, this gives three nice benefits:
- The call can't be forgotten (the main benefit, of course).
- All of the calls look the same. In other words, always use "Base"
instead of the actual concrete class.
- Ensure the object has a call to JS_CELL or JS_OBJECT in the
definition. Otherwise, Base will not be defined and the call will
not compile.
This is implemented as a Clang frontend tool, and currently does two
things:
- Ensure for all fields wrapped in {Nonnull,}GCPtr<T>, T inherits from
JS::Cell
- Ensure for all fields not wrapped in {Nonnull,}GCPtr, that the type
does not inherit from JS::Cell (otherwise it should be wrapped in a
Ptr class).
In the future, this tool could be extended further. For example, we may
consider validating all implementations of Cell::visit_impl.
