/* This Source Code Form is subject to the terms of the Mozilla Public
 * License, v. 2.0. If a copy of the MPL was not distributed with this
 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */

/*
 * arena.c
 *
 * This contains the implementation of NSS's thread-safe arenas.
 */

#ifndef BASE_H
#include "base.h"
#endif /* BASE_H */

#ifdef ARENA_THREADMARK
#include "prthread.h"
#endif /* ARENA_THREADMARK */

#include "prlock.h"
#include "plarena.h"

#include <string.h>

/*
 * NSSArena
 *
 * This is based on NSPR's arena code, but it is threadsafe.
 *
 * The public methods relating to this type are:
 *
 *  NSSArena_Create  -- constructor
 *  NSSArena_Destroy
 *  NSS_ZAlloc
 *  NSS_ZRealloc
 *  NSS_ZFreeIf
 *
 * The nonpublic methods relating to this type are:
 *
 *  nssArena_Create  -- constructor
 *  nssArena_Destroy
 *  nssArena_Mark
 *  nssArena_Release
 *  nssArena_Unmark
 *
 *  nss_ZAlloc
 *  nss_ZFreeIf
 *  nss_ZRealloc
 *
 * In debug builds, the following calls are available:
 *
 *  nssArena_verifyPointer
 *  nssArena_registerDestructor
 *  nssArena_deregisterDestructor
 */

struct NSSArenaStr {
    PLArenaPool pool;
    PRLock *lock;
#ifdef ARENA_THREADMARK
    PRThread *marking_thread;
    nssArenaMark *first_mark;
    nssArenaMark *last_mark;
#endif /* ARENA_THREADMARK */
#ifdef ARENA_DESTRUCTOR_LIST
    struct arena_destructor_node *first_destructor;
    struct arena_destructor_node *last_destructor;
#endif /* ARENA_DESTRUCTOR_LIST */
};

/*
 * nssArenaMark
 *
 * This type is used to mark the current state of an NSSArena.
 */

struct nssArenaMarkStr {
    PRUint32 magic;
    void *mark;
#ifdef ARENA_THREADMARK
    nssArenaMark *next;
#endif /* ARENA_THREADMARK */
#ifdef ARENA_DESTRUCTOR_LIST
    struct arena_destructor_node *next_destructor;
    struct arena_destructor_node *prev_destructor;
#endif /* ARENA_DESTRUCTOR_LIST */
};

#define MARK_MAGIC 0x4d41524b /* "MARK" how original */

/*
 * But first, the pointer-tracking code
 */
#ifdef DEBUG
extern const NSSError NSS_ERROR_INTERNAL_ERROR;

static nssPointerTracker arena_pointer_tracker;

static PRStatus
arena_add_pointer(const NSSArena *arena)
{
    PRStatus rv;

    rv = nssPointerTracker_initialize(&arena_pointer_tracker);
    if (PR_SUCCESS != rv) {
        return rv;
    }

    rv = nssPointerTracker_add(&arena_pointer_tracker, arena);
    if (PR_SUCCESS != rv) {
        NSSError e = NSS_GetError();
        if (NSS_ERROR_NO_MEMORY != e) {
            nss_SetError(NSS_ERROR_INTERNAL_ERROR);
        }

        return rv;
    }

    return PR_SUCCESS;
}

static PRStatus
arena_remove_pointer(const NSSArena *arena)
{
    PRStatus rv;

    rv = nssPointerTracker_remove(&arena_pointer_tracker, arena);
    if (PR_SUCCESS != rv) {
        nss_SetError(NSS_ERROR_INTERNAL_ERROR);
    }

    return rv;
}

/*
 * nssArena_verifyPointer
 *
 * This method is only present in debug builds.
 *
 * If the specified pointer is a valid pointer to an NSSArena object,
 * this routine will return PR_SUCCESS.  Otherwise, it will put an
 * error on the error stack and return PR_FAILURE.
 *
 * The error may be one of the following values:
 *  NSS_ERROR_INVALID_ARENA
 *
 * Return value:
 *  PR_SUCCESS if the pointer is valid
 *  PR_FAILURE if it isn't
 */

NSS_IMPLEMENT PRStatus
nssArena_verifyPointer(const NSSArena *arena)
{
    PRStatus rv;

    rv = nssPointerTracker_initialize(&arena_pointer_tracker);
    if (PR_SUCCESS != rv) {
        /*
         * This is a little disingenious.  We have to initialize the
         * tracker, because someone could "legitimately" try to verify
         * an arena pointer before one is ever created.  And this step
         * might fail, due to lack of memory.  But the only way that
         * this step can fail is if it's doing the call_once stuff,
         * (later calls just no-op).  And if it didn't no-op, there
         * aren't any valid arenas.. so the argument certainly isn't one.
         */
        nss_SetError(NSS_ERROR_INVALID_ARENA);
        return PR_FAILURE;
    }

    rv = nssPointerTracker_verify(&arena_pointer_tracker, arena);
    if (PR_SUCCESS != rv) {
        nss_SetError(NSS_ERROR_INVALID_ARENA);
        return PR_FAILURE;
    }

    return PR_SUCCESS;
}
#endif /* DEBUG */

#ifdef ARENA_DESTRUCTOR_LIST

struct arena_destructor_node {
    struct arena_destructor_node *next;
    struct arena_destructor_node *prev;
    void (*destructor)(void *argument);
    void *arg;
};

/*
 * nssArena_registerDestructor
 *
 * This routine stores a pointer to a callback and an arbitrary
 * pointer-sized argument in the arena, at the current point in
 * the mark stack.  If the arena is destroyed, or an "earlier"
 * mark is released, then this destructor will be called at that
 * time.  Note that the destructor will be called with the arena
 * locked, which means the destructor may free memory in that
 * arena, but it may not allocate or cause to be allocated any
 * memory.  This callback facility was included to support our
 * debug-version pointer-tracker feature; overuse runs counter to
 * the the original intent of arenas.  This routine returns a
 * PRStatus value; if successful, it will return PR_SUCCESS.  If
 * unsuccessful, it will set an error on the error stack and
 * return PR_FAILURE.
 *
 * The error may be one of the following values:
 *  NSS_ERROR_INVALID_ARENA
 *  NSS_ERROR_NO_MEMORY
 *
 * Return value:
 *  PR_SUCCESS
 *  PR_FAILURE
 */

NSS_IMPLEMENT PRStatus
nssArena_registerDestructor(NSSArena *arena, void (*destructor)(void *argument),
                            void *arg)
{
    struct arena_destructor_node *it;

#ifdef NSSDEBUG
    if (PR_SUCCESS != nssArena_verifyPointer(arena)) {
        return PR_FAILURE;
    }
#endif /* NSSDEBUG */

    it = nss_ZNEW(arena, struct arena_destructor_node);
    if ((struct arena_destructor_node *)NULL == it) {
        return PR_FAILURE;
    }

    it->prev = arena->last_destructor;
    arena->last_destructor->next = it;
    arena->last_destructor = it;
    it->destructor = destructor;
    it->arg = arg;

    if ((nssArenaMark *)NULL != arena->last_mark) {
        arena->last_mark->prev_destructor = it->prev;
        arena->last_mark->next_destructor = it->next;
    }

    return PR_SUCCESS;
}

NSS_IMPLEMENT PRStatus
nssArena_deregisterDestructor(NSSArena *arena,
                              void (*destructor)(void *argument), void *arg)
{
    struct arena_destructor_node *it;

#ifdef NSSDEBUG
    if (PR_SUCCESS != nssArena_verifyPointer(arena)) {
        return PR_FAILURE;
    }
#endif /* NSSDEBUG */

    for (it = arena->first_destructor; it; it = it->next) {
        if ((it->destructor == destructor) && (it->arg == arg)) {
            break;
        }
    }

    if ((struct arena_destructor_node *)NULL == it) {
        nss_SetError(NSS_ERROR_NOT_FOUND);
        return PR_FAILURE;
    }

    if (it == arena->first_destructor) {
        arena->first_destructor = it->next;
    }

    if (it == arena->last_destructor) {
        arena->last_destructor = it->prev;
    }

    if ((struct arena_destructor_node *)NULL != it->prev) {
        it->prev->next = it->next;
    }

    if ((struct arena_destructor_node *)NULL != it->next) {
        it->next->prev = it->prev;
    }

    {
        nssArenaMark *m;
        for (m = arena->first_mark; m; m = m->next) {
            if (m->next_destructor == it) {
                m->next_destructor = it->next;
            }
            if (m->prev_destructor == it) {
                m->prev_destructor = it->prev;
            }
        }
    }

    nss_ZFreeIf(it);
    return PR_SUCCESS;
}

static void
nss_arena_call_destructor_chain(struct arena_destructor_node *it)
{
    for (; it; it = it->next) {
        (*(it->destructor))(it->arg);
    }
}

#endif /* ARENA_DESTRUCTOR_LIST */

/*
 * NSSArena_Create
 *
 * This routine creates a new memory arena.  This routine may return
 * NULL upon error, in which case it will have created an error stack.
 *
 * The top-level error may be one of the following values:
 *  NSS_ERROR_NO_MEMORY
 *
 * Return value:
 *  NULL upon error
 *  A pointer to an NSSArena upon success
 */

NSS_IMPLEMENT NSSArena *
NSSArena_Create(void)
{
    nss_ClearErrorStack();
    return nssArena_Create();
}

/*
 * nssArena_Create
 *
 * This routine creates a new memory arena.  This routine may return
 * NULL upon error, in which case it will have set an error on the
 * error stack.
 *
 * The error may be one of the following values:
 *  NSS_ERROR_NO_MEMORY
 *
 * Return value:
 *  NULL upon error
 *  A pointer to an NSSArena upon success
 */

NSS_IMPLEMENT NSSArena *
nssArena_Create(void)
{
    NSSArena *rv = (NSSArena *)NULL;

    rv = nss_ZNEW((NSSArena *)NULL, NSSArena);
    if ((NSSArena *)NULL == rv) {
        nss_SetError(NSS_ERROR_NO_MEMORY);
        return (NSSArena *)NULL;
    }

    rv->lock = PR_NewLock();
    if ((PRLock *)NULL == rv->lock) {
        (void)nss_ZFreeIf(rv);
        nss_SetError(NSS_ERROR_NO_MEMORY);
        return (NSSArena *)NULL;
    }

    /*
     * Arena sizes.  The current security code has 229 occurrences of
     * PORT_NewArena.  The default chunksizes specified break down as
     *
     *  Size    Mult.   Specified as
     *   512       1    512
     *  1024       7    1024
     *  2048       5    2048
     *  2048       5    CRMF_DEFAULT_ARENA_SIZE
     *  2048     190    DER_DEFAULT_CHUNKSIZE
     *  2048      20    SEC_ASN1_DEFAULT_ARENA_SIZE
     *  4096       1    4096
     *
     * Obviously this "default chunksize" flexibility isn't very
     * useful to us, so I'll just pick 2048.
     */

    PL_InitArenaPool(&rv->pool, "NSS", 2048, sizeof(double));

#ifdef DEBUG
    {
        PRStatus st;
        st = arena_add_pointer(rv);
        if (PR_SUCCESS != st) {
            PL_FinishArenaPool(&rv->pool);
            PR_DestroyLock(rv->lock);
            (void)nss_ZFreeIf(rv);
            return (NSSArena *)NULL;
        }
    }
#endif /* DEBUG */

    return rv;
}

/*
 * NSSArena_Destroy
 *
 * This routine will destroy the specified arena, freeing all memory
 * allocated from it.  This routine returns a PRStatus value; if
 * successful, it will return PR_SUCCESS.  If unsuccessful, it will
 * create an error stack and return PR_FAILURE.
 *
 * The top-level error may be one of the following values:
 *  NSS_ERROR_INVALID_ARENA
 *
 * Return value:
 *  PR_SUCCESS upon success
 *  PR_FAILURE upon failure
 */

NSS_IMPLEMENT PRStatus
NSSArena_Destroy(NSSArena *arena)
{
    nss_ClearErrorStack();

#ifdef DEBUG
    if (PR_SUCCESS != nssArena_verifyPointer(arena)) {
        return PR_FAILURE;
    }
#endif /* DEBUG */

    return nssArena_Destroy(arena);
}

/*
 * nssArena_Destroy
 *
 * This routine will destroy the specified arena, freeing all memory
 * allocated from it.  This routine returns a PRStatus value; if
 * successful, it will return PR_SUCCESS.  If unsuccessful, it will
 * set an error on the error stack and return PR_FAILURE.
 *
 * The error may be one of the following values:
 *  NSS_ERROR_INVALID_ARENA
 *
 * Return value:
 *  PR_SUCCESS
 *  PR_FAILURE
 */

NSS_IMPLEMENT PRStatus
nssArena_Destroy(NSSArena *arena)
{
    PRLock *lock;

#ifdef NSSDEBUG
    if (PR_SUCCESS != nssArena_verifyPointer(arena)) {
        return PR_FAILURE;
    }
#endif /* NSSDEBUG */

    if ((PRLock *)NULL == arena->lock) {
        /* Just got destroyed */
        nss_SetError(NSS_ERROR_INVALID_ARENA);
        return PR_FAILURE;
    }
    PR_Lock(arena->lock);

#ifdef DEBUG
    if (PR_SUCCESS != arena_remove_pointer(arena)) {
        PR_Unlock(arena->lock);
        return PR_FAILURE;
    }
#endif /* DEBUG */

#ifdef ARENA_DESTRUCTOR_LIST
    /* Note that the arena is locked at this time */
    nss_arena_call_destructor_chain(arena->first_destructor);
#endif /* ARENA_DESTRUCTOR_LIST */

    PL_FinishArenaPool(&arena->pool);
    lock = arena->lock;
    arena->lock = (PRLock *)NULL;
    PR_Unlock(lock);
    PR_DestroyLock(lock);
    (void)nss_ZFreeIf(arena);
    return PR_SUCCESS;
}

static void *nss_zalloc_arena_locked(NSSArena *arena, PRUint32 size);

/*
 * nssArena_Mark
 *
 * This routine "marks" the current state of an arena.  Space
 * allocated after the arena has been marked can be freed by
 * releasing the arena back to the mark with nssArena_Release,
 * or committed by calling nssArena_Unmark.  When successful,
 * this routine returns a valid nssArenaMark pointer.  This
 * routine may return NULL upon error, in which case it will
 * have set an error on the error stack.
 *
 * The error may be one of the following values:
 *  NSS_ERROR_INVALID_ARENA
 *  NSS_ERROR_NO_MEMORY
 *  NSS_ERROR_ARENA_MARKED_BY_ANOTHER_THREAD
 *
 * Return value:
 *  NULL upon failure
 *  An nssArenaMark pointer upon success
 */

NSS_IMPLEMENT nssArenaMark *
nssArena_Mark(NSSArena *arena)
{
    nssArenaMark *rv;
    void *p;

#ifdef NSSDEBUG
    if (PR_SUCCESS != nssArena_verifyPointer(arena)) {
        return (nssArenaMark *)NULL;
    }
#endif /* NSSDEBUG */

    if ((PRLock *)NULL == arena->lock) {
        /* Just got destroyed */
        nss_SetError(NSS_ERROR_INVALID_ARENA);
        return (nssArenaMark *)NULL;
    }
    PR_Lock(arena->lock);

#ifdef ARENA_THREADMARK
    if ((PRThread *)NULL == arena->marking_thread) {
        /* Unmarked.  Store our thread ID */
        arena->marking_thread = PR_GetCurrentThread();
        /* This call never fails. */
    } else {
        /* Marked.  Verify it's the current thread */
        if (PR_GetCurrentThread() != arena->marking_thread) {
            PR_Unlock(arena->lock);
            nss_SetError(NSS_ERROR_ARENA_MARKED_BY_ANOTHER_THREAD);
            return (nssArenaMark *)NULL;
        }
    }
#endif /* ARENA_THREADMARK */

    p = PL_ARENA_MARK(&arena->pool);
    /* No error possible */

    /* Do this after the mark */
    rv = (nssArenaMark *)nss_zalloc_arena_locked(arena, sizeof(nssArenaMark));
    if ((nssArenaMark *)NULL == rv) {
        PR_Unlock(arena->lock);
        nss_SetError(NSS_ERROR_NO_MEMORY);
        return (nssArenaMark *)NULL;
    }

#ifdef ARENA_THREADMARK
    if ((nssArenaMark *)NULL == arena->first_mark) {
        arena->first_mark = rv;
        arena->last_mark = rv;
    } else {
        arena->last_mark->next = rv;
        arena->last_mark = rv;
    }
#endif /* ARENA_THREADMARK */

    rv->mark = p;
    rv->magic = MARK_MAGIC;

#ifdef ARENA_DESTRUCTOR_LIST
    rv->prev_destructor = arena->last_destructor;
#endif /* ARENA_DESTRUCTOR_LIST */

    PR_Unlock(arena->lock);

    return rv;
}

/*
 * nss_arena_unmark_release
 *
 * This static routine implements the routines nssArena_Release
 * ans nssArena_Unmark, which are almost identical.
 */

static PRStatus
nss_arena_unmark_release(NSSArena *arena, nssArenaMark *arenaMark,
                         PRBool release)
{
    void *inner_mark;

#ifdef NSSDEBUG
    if (PR_SUCCESS != nssArena_verifyPointer(arena)) {
        return PR_FAILURE;
    }
#endif /* NSSDEBUG */

    if (MARK_MAGIC != arenaMark->magic) {
        nss_SetError(NSS_ERROR_INVALID_ARENA_MARK);
        return PR_FAILURE;
    }

    if ((PRLock *)NULL == arena->lock) {
        /* Just got destroyed */
        nss_SetError(NSS_ERROR_INVALID_ARENA);
        return PR_FAILURE;
    }
    PR_Lock(arena->lock);

#ifdef ARENA_THREADMARK
    if ((PRThread *)NULL != arena->marking_thread) {
        if (PR_GetCurrentThread() != arena->marking_thread) {
            PR_Unlock(arena->lock);
            nss_SetError(NSS_ERROR_ARENA_MARKED_BY_ANOTHER_THREAD);
            return PR_FAILURE;
        }
    }
#endif /* ARENA_THREADMARK */

    if (MARK_MAGIC != arenaMark->magic) {
        /* Just got released */
        PR_Unlock(arena->lock);
        nss_SetError(NSS_ERROR_INVALID_ARENA_MARK);
        return PR_FAILURE;
    }

    arenaMark->magic = 0;
    inner_mark = arenaMark->mark;

#ifdef ARENA_THREADMARK
    {
        nssArenaMark **pMark = &arena->first_mark;
        nssArenaMark *rest;
        nssArenaMark *last = (nssArenaMark *)NULL;

        /* Find this mark */
        while (*pMark != arenaMark) {
            last = *pMark;
            pMark = &(*pMark)->next;
        }

        /* Remember the pointer, then zero it */
        rest = (*pMark)->next;
        *pMark = (nssArenaMark *)NULL;

        arena->last_mark = last;

        /* Invalidate any later marks being implicitly released */
        for (; (nssArenaMark *)NULL != rest; rest = rest->next) {
            rest->magic = 0;
        }

        /* If we just got rid of the first mark, clear the thread ID */
        if ((nssArenaMark *)NULL == arena->first_mark) {
            arena->marking_thread = (PRThread *)NULL;
        }
    }
#endif /* ARENA_THREADMARK */

    if (release) {
#ifdef ARENA_DESTRUCTOR_LIST
        if ((struct arena_destructor_node *)NULL !=
            arenaMark->prev_destructor) {
            arenaMark->prev_destructor->next =
                (struct arena_destructor_node *)NULL;
        }
        arena->last_destructor = arenaMark->prev_destructor;

        /* Note that the arena is locked at this time */
        nss_arena_call_destructor_chain(arenaMark->next_destructor);
#endif /* ARENA_DESTRUCTOR_LIST */

        PL_ARENA_RELEASE(&arena->pool, inner_mark);
        /* No error return */
    }

    PR_Unlock(arena->lock);
    return PR_SUCCESS;
}

/*
 * nssArena_Release
 *
 * This routine invalidates and releases all memory allocated from
 * the specified arena after the point at which the specified mark
 * was obtained.  This routine returns a PRStatus value; if successful,
 * it will return PR_SUCCESS.  If unsuccessful, it will set an error
 * on the error stack and return PR_FAILURE.
 *
 * The error may be one of the following values:
 *  NSS_ERROR_INVALID_ARENA
 *  NSS_ERROR_INVALID_ARENA_MARK
 *  NSS_ERROR_ARENA_MARKED_BY_ANOTHER_THREAD
 *
 * Return value:
 *  PR_SUCCESS
 *  PR_FAILURE
 */

NSS_IMPLEMENT PRStatus
nssArena_Release(NSSArena *arena, nssArenaMark *arenaMark)
{
    return nss_arena_unmark_release(arena, arenaMark, PR_TRUE);
}

/*
 * nssArena_Unmark
 *
 * This routine "commits" the indicated mark and any marks after
 * it, making them unreleasable.  Note that any earlier marks can
 * still be released, and such a release will invalidate these
 * later unmarked regions.  If an arena is to be safely shared by
 * more than one thread, all marks must be either released or
 * unmarked.  This routine returns a PRStatus value; if successful,
 * it will return PR_SUCCESS.  If unsuccessful, it will set an error
 * on the error stack and return PR_FAILURE.
 *
 * The error may be one of the following values:
 *  NSS_ERROR_INVALID_ARENA
 *  NSS_ERROR_INVALID_ARENA_MARK
 *  NSS_ERROR_ARENA_MARKED_BY_ANOTHER_THREAD
 *
 * Return value:
 *  PR_SUCCESS
 *  PR_FAILURE
 */

NSS_IMPLEMENT PRStatus
nssArena_Unmark(NSSArena *arena, nssArenaMark *arenaMark)
{
    return nss_arena_unmark_release(arena, arenaMark, PR_FALSE);
}

/*
 * We prefix this header to all allocated blocks.  It is a multiple
 * of the alignment size.  Note that this usage of a header may make
 * purify spew bogus warnings about "potentially leaked blocks" of
 * memory; if that gets too annoying we can add in a pointer to the
 * header in the header itself.  There's not a lot of safety here;
 * maybe we should add a magic value?
 */
struct pointer_header {
    NSSArena *arena;
    PRUint32 size;
};

static void *
nss_zalloc_arena_locked(NSSArena *arena, PRUint32 size)
{
    void *p;
    void *rv;
    struct pointer_header *h;
    PRUint32 my_size = size + sizeof(struct pointer_header);
    PL_ARENA_ALLOCATE(p, &arena->pool, my_size);
    if ((void *)NULL == p) {
        nss_SetError(NSS_ERROR_NO_MEMORY);
        return (void *)NULL;
    }
    /*
     * Do this before we unlock.  This way if the user is using
     * an arena in one thread while destroying it in another, he'll
     * fault/FMR in his code, not ours.
     */
    h = (struct pointer_header *)p;
    h->arena = arena;
    h->size = size;
    rv = (void *)((char *)h + sizeof(struct pointer_header));
    (void)nsslibc_memset(rv, 0, size);
    return rv;
}

/*
 * NSS_ZAlloc
 *
 * This routine allocates and zeroes a section of memory of the
 * size, and returns to the caller a pointer to that memory.  If
 * the optional arena argument is non-null, the memory will be
 * obtained from that arena; otherwise, the memory will be obtained
 * from the heap.  This routine may return NULL upon error, in
 * which case it will have set an error upon the error stack.  The
 * value specified for size may be zero; in which case a valid
 * zero-length block of memory will be allocated.  This block may
 * be expanded by calling NSS_ZRealloc.
 *
 * The error may be one of the following values:
 *  NSS_ERROR_INVALID_ARENA
 *  NSS_ERROR_NO_MEMORY
 *  NSS_ERROR_ARENA_MARKED_BY_ANOTHER_THREAD
 *
 * Return value:
 *  NULL upon error
 *  A pointer to the new segment of zeroed memory
 */

NSS_IMPLEMENT void *
NSS_ZAlloc(NSSArena *arenaOpt, PRUint32 size)
{
    return nss_ZAlloc(arenaOpt, size);
}

/*
 * nss_ZAlloc
 *
 * This routine allocates and zeroes a section of memory of the
 * size, and returns to the caller a pointer to that memory.  If
 * the optional arena argument is non-null, the memory will be
 * obtained from that arena; otherwise, the memory will be obtained
 * from the heap.  This routine may return NULL upon error, in
 * which case it will have set an error upon the error stack.  The
 * value specified for size may be zero; in which case a valid
 * zero-length block of memory will be allocated.  This block may
 * be expanded by calling nss_ZRealloc.
 *
 * The error may be one of the following values:
 *  NSS_ERROR_INVALID_ARENA
 *  NSS_ERROR_NO_MEMORY
 *  NSS_ERROR_ARENA_MARKED_BY_ANOTHER_THREAD
 *
 * Return value:
 *  NULL upon error
 *  A pointer to the new segment of zeroed memory
 */

NSS_IMPLEMENT void *
nss_ZAlloc(NSSArena *arenaOpt, PRUint32 size)
{
    struct pointer_header *h;
    PRUint32 my_size = size + sizeof(struct pointer_header);

    if (my_size < sizeof(struct pointer_header)) {
        /* Wrapped */
        nss_SetError(NSS_ERROR_NO_MEMORY);
        return (void *)NULL;
    }

    if ((NSSArena *)NULL == arenaOpt) {
        /* Heap allocation, no locking required. */
        h = (struct pointer_header *)PR_Calloc(1, my_size);
        if ((struct pointer_header *)NULL == h) {
            nss_SetError(NSS_ERROR_NO_MEMORY);
            return (void *)NULL;
        }

        h->arena = (NSSArena *)NULL;
        h->size = size;
        /* We used calloc: it's already zeroed */

        return (void *)((char *)h + sizeof(struct pointer_header));
    } else {
        void *rv;
/* Arena allocation */
#ifdef NSSDEBUG
        if (PR_SUCCESS != nssArena_verifyPointer(arenaOpt)) {
            return (void *)NULL;
        }
#endif /* NSSDEBUG */

        if ((PRLock *)NULL == arenaOpt->lock) {
            /* Just got destroyed */
            nss_SetError(NSS_ERROR_INVALID_ARENA);
            return (void *)NULL;
        }
        PR_Lock(arenaOpt->lock);

#ifdef ARENA_THREADMARK
        if ((PRThread *)NULL != arenaOpt->marking_thread) {
            if (PR_GetCurrentThread() != arenaOpt->marking_thread) {
                nss_SetError(NSS_ERROR_ARENA_MARKED_BY_ANOTHER_THREAD);
                PR_Unlock(arenaOpt->lock);
                return (void *)NULL;
            }
        }
#endif /* ARENA_THREADMARK */

        rv = nss_zalloc_arena_locked(arenaOpt, size);

        PR_Unlock(arenaOpt->lock);
        return rv;
    }
    /*NOTREACHED*/
}

/*
 * NSS_ZFreeIf
 *
 * If the specified pointer is non-null, then the region of memory
 * to which it points -- which must have been allocated with
 * NSS_ZAlloc -- will be zeroed and released.  This routine
 * returns a PRStatus value; if successful, it will return PR_SUCCESS.
 * If unsuccessful, it will set an error on the error stack and return
 * PR_FAILURE.
 *
 * The error may be one of the following values:
 *  NSS_ERROR_INVALID_POINTER
 *
 * Return value:
 *  PR_SUCCESS
 *  PR_FAILURE
 */
NSS_IMPLEMENT PRStatus
NSS_ZFreeIf(void *pointer)
{
    return nss_ZFreeIf(pointer);
}

/*
 * nss_ZFreeIf
 *
 * If the specified pointer is non-null, then the region of memory
 * to which it points -- which must have been allocated with
 * nss_ZAlloc -- will be zeroed and released.  This routine
 * returns a PRStatus value; if successful, it will return PR_SUCCESS.
 * If unsuccessful, it will set an error on the error stack and return
 * PR_FAILURE.
 *
 * The error may be one of the following values:
 *  NSS_ERROR_INVALID_POINTER
 *
 * Return value:
 *  PR_SUCCESS
 *  PR_FAILURE
 */

NSS_IMPLEMENT PRStatus
nss_ZFreeIf(void *pointer)
{
    struct pointer_header *h;

    if ((void *)NULL == pointer) {
        return PR_SUCCESS;
    }

    h = (struct pointer_header *)((char *)pointer -
                                  sizeof(struct pointer_header));

    /* Check any magic here */

    if ((NSSArena *)NULL == h->arena) {
        /* Heap */
        (void)nsslibc_memset(pointer, 0, h->size);
        PR_Free(h);
        return PR_SUCCESS;
    } else {
/* Arena */
#ifdef NSSDEBUG
        if (PR_SUCCESS != nssArena_verifyPointer(h->arena)) {
            return PR_FAILURE;
        }
#endif /* NSSDEBUG */

        if ((PRLock *)NULL == h->arena->lock) {
            /* Just got destroyed.. so this pointer is invalid */
            nss_SetError(NSS_ERROR_INVALID_POINTER);
            return PR_FAILURE;
        }
        PR_Lock(h->arena->lock);

        (void)nsslibc_memset(pointer, 0, h->size);

        /* No way to "free" it within an NSPR arena. */

        PR_Unlock(h->arena->lock);
        return PR_SUCCESS;
    }
    /*NOTREACHED*/
}

/*
 * NSS_ZRealloc
 *
 * This routine reallocates a block of memory obtained by calling
 * nss_ZAlloc or nss_ZRealloc.  The portion of memory
 * between the new and old sizes -- which is either being newly
 * obtained or released -- is in either case zeroed.  This routine
 * may return NULL upon failure, in which case it will have placed
 * an error on the error stack.
 *
 * The error may be one of the following values:
 *  NSS_ERROR_INVALID_POINTER
 *  NSS_ERROR_NO_MEMORY
 *  NSS_ERROR_ARENA_MARKED_BY_ANOTHER_THREAD
 *
 * Return value:
 *  NULL upon error
 *  A pointer to the replacement segment of memory
 */

NSS_EXTERN void *
NSS_ZRealloc(void *pointer, PRUint32 newSize)
{
    return nss_ZRealloc(pointer, newSize);
}

/*
 * nss_ZRealloc
 *
 * This routine reallocates a block of memory obtained by calling
 * nss_ZAlloc or nss_ZRealloc.  The portion of memory
 * between the new and old sizes -- which is either being newly
 * obtained or released -- is in either case zeroed.  This routine
 * may return NULL upon failure, in which case it will have placed
 * an error on the error stack.
 *
 * The error may be one of the following values:
 *  NSS_ERROR_INVALID_POINTER
 *  NSS_ERROR_NO_MEMORY
 *  NSS_ERROR_ARENA_MARKED_BY_ANOTHER_THREAD
 *
 * Return value:
 *  NULL upon error
 *  A pointer to the replacement segment of memory
 */

NSS_EXTERN void *
nss_ZRealloc(void *pointer, PRUint32 newSize)
{
    NSSArena *arena;
    struct pointer_header *h, *new_h;
    PRUint32 my_newSize = newSize + sizeof(struct pointer_header);
    void *rv;

    if (my_newSize < sizeof(struct pointer_header)) {
        /* Wrapped */
        nss_SetError(NSS_ERROR_NO_MEMORY);
        return (void *)NULL;
    }

    if ((void *)NULL == pointer) {
        nss_SetError(NSS_ERROR_INVALID_POINTER);
        return (void *)NULL;
    }

    h = (struct pointer_header *)((char *)pointer -
                                  sizeof(struct pointer_header));

    /* Check any magic here */

    if (newSize == h->size) {
        /* saves thrashing */
        return pointer;
    }

    arena = h->arena;
    if (!arena) {
        /* Heap */
        new_h = (struct pointer_header *)PR_Calloc(1, my_newSize);
        if ((struct pointer_header *)NULL == new_h) {
            nss_SetError(NSS_ERROR_NO_MEMORY);
            return (void *)NULL;
        }

        new_h->arena = (NSSArena *)NULL;
        new_h->size = newSize;
        rv = (void *)((char *)new_h + sizeof(struct pointer_header));

        if (newSize > h->size) {
            (void)nsslibc_memcpy(rv, pointer, h->size);
            (void)nsslibc_memset(&((char *)rv)[h->size], 0,
                                 (newSize - h->size));
        } else {
            (void)nsslibc_memcpy(rv, pointer, newSize);
        }

        (void)nsslibc_memset(pointer, 0, h->size);
        h->size = 0;
        PR_Free(h);

        return rv;
    } else {
        void *p;
/* Arena */
#ifdef NSSDEBUG
        if (PR_SUCCESS != nssArena_verifyPointer(arena)) {
            return (void *)NULL;
        }
#endif /* NSSDEBUG */

        if (!arena->lock) {
            /* Just got destroyed.. so this pointer is invalid */
            nss_SetError(NSS_ERROR_INVALID_POINTER);
            return (void *)NULL;
        }
        PR_Lock(arena->lock);

#ifdef ARENA_THREADMARK
        if (arena->marking_thread) {
            if (PR_GetCurrentThread() != arena->marking_thread) {
                PR_Unlock(arena->lock);
                nss_SetError(NSS_ERROR_ARENA_MARKED_BY_ANOTHER_THREAD);
                return (void *)NULL;
            }
        }
#endif /* ARENA_THREADMARK */

        if (newSize < h->size) {
            /*
             * We have no general way of returning memory to the arena
             * (mark/release doesn't work because things may have been
             * allocated after this object), so the memory is gone
             * anyway.  We might as well just return the same pointer to
             * the user, saying "yeah, uh-hunh, you can only use less of
             * it now."  We'll zero the leftover part, of course.  And
             * in fact we might as well *not* adjust h->size-- this way,
             * if the user reallocs back up to something not greater than
             * the original size, then voila, there's the memory!  This
             * way a thrash big/small/big/small doesn't burn up the arena.
             */
            char *extra = &((char *)pointer)[newSize];
            (void)nsslibc_memset(extra, 0, (h->size - newSize));
            PR_Unlock(arena->lock);
            return pointer;
        }

        PL_ARENA_ALLOCATE(p, &arena->pool, my_newSize);
        if ((void *)NULL == p) {
            PR_Unlock(arena->lock);
            nss_SetError(NSS_ERROR_NO_MEMORY);
            return (void *)NULL;
        }

        new_h = (struct pointer_header *)p;
        new_h->arena = arena;
        new_h->size = newSize;
        rv = (void *)((char *)new_h + sizeof(struct pointer_header));
        if (rv != pointer) {
            (void)nsslibc_memcpy(rv, pointer, h->size);
            (void)nsslibc_memset(pointer, 0, h->size);
        }
        (void)nsslibc_memset(&((char *)rv)[h->size], 0, (newSize - h->size));
        h->arena = (NSSArena *)NULL;
        h->size = 0;
        PR_Unlock(arena->lock);
        return rv;
    }
    /*NOTREACHED*/
}

PRStatus
nssArena_Shutdown(void)
{
    PRStatus rv = PR_SUCCESS;
#ifdef DEBUG
    rv = nssPointerTracker_finalize(&arena_pointer_tracker);
#endif
    return rv;
}