JSInjectedScriptHost.cpp [plain text]
#include "config.h"
#include "JSInjectedScriptHost.h"
#include "ArrayIteratorPrototype.h"
#include "ArrayPrototype.h"
#include "BuiltinNames.h"
#include "Completion.h"
#include "DateInstance.h"
#include "DeferGC.h"
#include "DirectArguments.h"
#include "Error.h"
#include "FunctionPrototype.h"
#include "HeapAnalyzer.h"
#include "HeapIterationScope.h"
#include "HeapProfiler.h"
#include "InjectedScriptHost.h"
#include "IterationKind.h"
#include "IteratorOperations.h"
#include "IteratorPrototype.h"
#include "JSArray.h"
#include "JSBoundFunction.h"
#include "JSCInlines.h"
#include "JSFunction.h"
#include "JSGlobalObjectFunctions.h"
#include "JSInjectedScriptHostPrototype.h"
#include "JSLock.h"
#include "JSMap.h"
#include "JSPromise.h"
#include "JSPromisePrototype.h"
#include "JSSet.h"
#include "JSStringIterator.h"
#include "JSTypedArrays.h"
#include "JSWeakMap.h"
#include "JSWeakSet.h"
#include "JSWithScope.h"
#include "MapIteratorPrototype.h"
#include "MapPrototype.h"
#include "MarkedSpaceInlines.h"
#include "ObjectConstructor.h"
#include "ObjectPrototype.h"
#include "PreventCollectionScope.h"
#include "ProxyObject.h"
#include "RegExpObject.h"
#include "ScopedArguments.h"
#include "SetIteratorPrototype.h"
#include "SetPrototype.h"
#include "SourceCode.h"
#include "TypedArrayInlines.h"
#include <wtf/Function.h>
#include <wtf/HashFunctions.h>
#include <wtf/HashMap.h>
#include <wtf/HashSet.h>
#include <wtf/HashTraits.h>
#include <wtf/Lock.h>
#include <wtf/PrintStream.h>
#include <wtf/text/StringConcatenate.h>
namespace Inspector {
using namespace JSC;
const ClassInfo JSInjectedScriptHost::s_info = { "InjectedScriptHost", &Base::s_info, nullptr, nullptr, CREATE_METHOD_TABLE(JSInjectedScriptHost) };
JSInjectedScriptHost::JSInjectedScriptHost(VM& vm, Structure* structure, Ref<InjectedScriptHost>&& impl)
: JSDestructibleObject(vm, structure)
, m_wrapped(WTFMove(impl))
{
}
void JSInjectedScriptHost::finishCreation(VM& vm)
{
Base::finishCreation(vm);
ASSERT(inherits(vm, info()));
}
JSObject* JSInjectedScriptHost::createPrototype(VM& vm, JSGlobalObject* globalObject)
{
return JSInjectedScriptHostPrototype::create(vm, globalObject, JSInjectedScriptHostPrototype::createStructure(vm, globalObject, globalObject->objectPrototype()));
}
void JSInjectedScriptHost::destroy(JSC::JSCell* cell)
{
JSInjectedScriptHost* thisObject = static_cast<JSInjectedScriptHost*>(cell);
thisObject->JSInjectedScriptHost::~JSInjectedScriptHost();
}
JSValue JSInjectedScriptHost::evaluate(JSGlobalObject* globalObject) const
{
return globalObject->evalFunction();
}
JSValue JSInjectedScriptHost::savedResultAlias(JSGlobalObject* globalObject) const
{
auto savedResultAlias = impl().savedResultAlias();
if (!savedResultAlias)
return jsUndefined();
return jsString(globalObject->vm(), savedResultAlias.value());
}
JSValue JSInjectedScriptHost::evaluateWithScopeExtension(JSGlobalObject* globalObject, CallFrame* callFrame)
{
VM& vm = globalObject->vm();
auto scope = DECLARE_THROW_SCOPE(vm);
JSValue scriptValue = callFrame->argument(0);
if (!scriptValue.isString())
return throwTypeError(globalObject, scope, "InjectedScriptHost.evaluateWithScopeExtension first argument must be a string."_s);
String program = asString(scriptValue)->value(globalObject);
RETURN_IF_EXCEPTION(scope, JSValue());
NakedPtr<Exception> exception;
JSObject* scopeExtension = callFrame->argument(1).getObject();
JSValue result = JSC::evaluateWithScopeExtension(globalObject, makeSource(program, callFrame->callerSourceOrigin(vm)), scopeExtension, exception);
if (exception)
throwException(globalObject, scope, exception);
return result;
}
JSValue JSInjectedScriptHost::internalConstructorName(JSGlobalObject* globalObject, CallFrame* callFrame)
{
if (callFrame->argumentCount() < 1)
return jsUndefined();
VM& vm = globalObject->vm();
JSObject* object = jsCast<JSObject*>(callFrame->uncheckedArgument(0).toThis(globalObject, NotStrictMode));
return jsString(vm, JSObject::calculatedClassName(object));
}
JSValue JSInjectedScriptHost::isHTMLAllCollection(JSGlobalObject* globalObject, CallFrame* callFrame)
{
if (callFrame->argumentCount() < 1)
return jsUndefined();
VM& vm = globalObject->vm();
JSValue value = callFrame->uncheckedArgument(0);
return jsBoolean(impl().isHTMLAllCollection(vm, value));
}
JSValue JSInjectedScriptHost::isPromiseRejectedWithNativeGetterTypeError(JSGlobalObject* globalObject, CallFrame* callFrame)
{
VM& vm = globalObject->vm();
auto scope = DECLARE_THROW_SCOPE(vm);
auto* promise = jsDynamicCast<JSPromise*>(vm, callFrame->argument(0));
if (!promise)
return throwTypeError(globalObject, scope, "InjectedScriptHost.isPromiseRejectedWithNativeGetterTypeError first argument must be a Promise."_s);
bool result = false;
if (auto* errorInstance = jsDynamicCast<ErrorInstance*>(vm, promise->result(vm)))
result = errorInstance->isNativeGetterTypeError();
return jsBoolean(result);
}
JSValue JSInjectedScriptHost::subtype(JSGlobalObject* globalObject, CallFrame* callFrame)
{
VM& vm = globalObject->vm();
if (callFrame->argumentCount() < 1)
return jsUndefined();
JSValue value = callFrame->uncheckedArgument(0);
if (value.isString())
return vm.smallStrings.stringString();
if (value.isBoolean())
return vm.smallStrings.booleanString();
if (value.isNumber())
return vm.smallStrings.numberString();
if (value.isSymbol())
return vm.smallStrings.symbolString();
if (auto* object = jsDynamicCast<JSObject*>(vm, value)) {
if (object->isErrorInstance())
return jsNontrivialString(vm, "error"_s);
JSFunction* function = jsDynamicCast<JSFunction*>(vm, value);
if (function && function->isClassConstructorFunction())
return jsNontrivialString(vm, "class"_s);
if (object->inherits<JSArray>(vm))
return jsNontrivialString(vm, "array"_s);
if (object->inherits<DirectArguments>(vm) || object->inherits<ScopedArguments>(vm))
return jsNontrivialString(vm, "array"_s);
if (object->inherits<DateInstance>(vm))
return jsNontrivialString(vm, "date"_s);
if (object->inherits<RegExpObject>(vm))
return jsNontrivialString(vm, "regexp"_s);
if (object->inherits<ProxyObject>(vm))
return jsNontrivialString(vm, "proxy"_s);
if (object->inherits<JSMap>(vm))
return jsNontrivialString(vm, "map"_s);
if (object->inherits<JSSet>(vm))
return jsNontrivialString(vm, "set"_s);
if (object->inherits<JSWeakMap>(vm))
return jsNontrivialString(vm, "weakmap"_s);
if (object->inherits<JSWeakSet>(vm))
return jsNontrivialString(vm, "weakset"_s);
if (object->inherits<JSStringIterator>(vm))
return jsNontrivialString(vm, "iterator"_s);
if (object->getDirect(vm, vm.propertyNames->builtinNames().arrayIteratorNextIndexPrivateName())
|| object->getDirect(vm, vm.propertyNames->builtinNames().mapBucketPrivateName())
|| object->getDirect(vm, vm.propertyNames->builtinNames().setBucketPrivateName()))
return jsNontrivialString(vm, "iterator"_s);
if (object->inherits<JSInt8Array>(vm)
|| object->inherits<JSInt16Array>(vm)
|| object->inherits<JSInt32Array>(vm)
|| object->inherits<JSUint8Array>(vm)
|| object->inherits<JSUint8ClampedArray>(vm)
|| object->inherits<JSUint16Array>(vm)
|| object->inherits<JSUint32Array>(vm)
|| object->inherits<JSFloat32Array>(vm)
|| object->inherits<JSFloat64Array>(vm))
return jsNontrivialString(vm, "array"_s);
}
return impl().subtype(globalObject, value);
}
JSValue JSInjectedScriptHost::functionDetails(JSGlobalObject* globalObject, CallFrame* callFrame)
{
if (callFrame->argumentCount() < 1)
return jsUndefined();
VM& vm = globalObject->vm();
JSValue value = callFrame->uncheckedArgument(0);
auto* function = jsDynamicCast<JSFunction*>(vm, value);
if (!function)
return jsUndefined();
const SourceCode* sourceCode = function->sourceCode();
if (!sourceCode)
return jsUndefined();
int lineNumber = sourceCode->firstLine().oneBasedInt();
if (lineNumber)
lineNumber -= 1;
int columnNumber = sourceCode->startColumn().oneBasedInt();
if (columnNumber)
columnNumber -= 1;
String scriptID = String::number(sourceCode->provider()->asID());
JSObject* location = constructEmptyObject(globalObject);
location->putDirect(vm, Identifier::fromString(vm, "scriptId"), jsString(vm, scriptID));
location->putDirect(vm, Identifier::fromString(vm, "lineNumber"), jsNumber(lineNumber));
location->putDirect(vm, Identifier::fromString(vm, "columnNumber"), jsNumber(columnNumber));
JSObject* result = constructEmptyObject(globalObject);
result->putDirect(vm, Identifier::fromString(vm, "location"), location);
String name = function->name(vm);
if (!name.isEmpty())
result->putDirect(vm, Identifier::fromString(vm, "name"), jsString(vm, name));
String displayName = function->displayName(vm);
if (!displayName.isEmpty())
result->putDirect(vm, Identifier::fromString(vm, "displayName"), jsString(vm, displayName));
return result;
}
static JSObject* constructInternalProperty(JSGlobalObject* globalObject, const String& name, JSValue value)
{
VM& vm = globalObject->vm();
JSObject* result = constructEmptyObject(globalObject);
result->putDirect(vm, Identifier::fromString(vm, "name"), jsString(vm, name));
result->putDirect(vm, Identifier::fromString(vm, "value"), value);
return result;
}
JSValue JSInjectedScriptHost::getInternalProperties(JSGlobalObject* globalObject, CallFrame* callFrame)
{
if (callFrame->argumentCount() < 1)
return jsUndefined();
VM& vm = globalObject->vm();
auto scope = DECLARE_THROW_SCOPE(vm);
JSValue value = callFrame->uncheckedArgument(0);
JSValue internalProperties = impl().getInternalProperties(vm, globalObject, value);
if (internalProperties)
return internalProperties;
if (JSPromise* promise = jsDynamicCast<JSPromise*>(vm, value)) {
unsigned index = 0;
JSArray* array = constructEmptyArray(globalObject, nullptr);
RETURN_IF_EXCEPTION(scope, JSValue());
switch (promise->status(vm)) {
case JSPromise::Status::Pending:
scope.release();
array->putDirectIndex(globalObject, index++, constructInternalProperty(globalObject, "status"_s, jsNontrivialString(vm, "pending"_s)));
return array;
case JSPromise::Status::Fulfilled:
array->putDirectIndex(globalObject, index++, constructInternalProperty(globalObject, "status"_s, jsNontrivialString(vm, "resolved"_s)));
RETURN_IF_EXCEPTION(scope, JSValue());
scope.release();
array->putDirectIndex(globalObject, index++, constructInternalProperty(globalObject, "result"_s, promise->result(vm)));
return array;
case JSPromise::Status::Rejected:
array->putDirectIndex(globalObject, index++, constructInternalProperty(globalObject, "status"_s, jsNontrivialString(vm, "rejected"_s)));
RETURN_IF_EXCEPTION(scope, JSValue());
scope.release();
array->putDirectIndex(globalObject, index++, constructInternalProperty(globalObject, "result"_s, promise->result(vm)));
return array;
}
RELEASE_ASSERT_NOT_REACHED();
}
if (JSBoundFunction* boundFunction = jsDynamicCast<JSBoundFunction*>(vm, value)) {
unsigned index = 0;
JSArray* array = constructEmptyArray(globalObject, nullptr);
RETURN_IF_EXCEPTION(scope, JSValue());
array->putDirectIndex(globalObject, index++, constructInternalProperty(globalObject, "targetFunction", boundFunction->targetFunction()));
RETURN_IF_EXCEPTION(scope, JSValue());
array->putDirectIndex(globalObject, index++, constructInternalProperty(globalObject, "boundThis", boundFunction->boundThis()));
RETURN_IF_EXCEPTION(scope, JSValue());
if (boundFunction->boundArgs()) {
scope.release();
array->putDirectIndex(globalObject, index++, constructInternalProperty(globalObject, "boundArgs", boundFunction->boundArgsCopy(globalObject)));
return array;
}
return array;
}
if (ProxyObject* proxy = jsDynamicCast<ProxyObject*>(vm, value)) {
unsigned index = 0;
JSArray* array = constructEmptyArray(globalObject, nullptr, 2);
RETURN_IF_EXCEPTION(scope, JSValue());
array->putDirectIndex(globalObject, index++, constructInternalProperty(globalObject, "target"_s, proxy->target()));
RETURN_IF_EXCEPTION(scope, JSValue());
scope.release();
array->putDirectIndex(globalObject, index++, constructInternalProperty(globalObject, "handler"_s, proxy->handler()));
return array;
}
if (JSObject* iteratorObject = jsDynamicCast<JSObject*>(vm, value)) {
if (iteratorObject->getDirect(vm, vm.propertyNames->builtinNames().arrayIteratorNextIndexPrivateName())) {
JSValue iteratedValue = iteratorObject->getDirect(vm, vm.propertyNames->builtinNames().iteratedObjectPrivateName());
JSValue kind = iteratorObject->getDirect(vm, vm.propertyNames->builtinNames().arrayIteratorKindPrivateName());
unsigned index = 0;
JSArray* array = constructEmptyArray(globalObject, nullptr, 2);
RETURN_IF_EXCEPTION(scope, JSValue());
array->putDirectIndex(globalObject, index++, constructInternalProperty(globalObject, "array", iteratedValue));
RETURN_IF_EXCEPTION(scope, JSValue());
scope.release();
array->putDirectIndex(globalObject, index++, constructInternalProperty(globalObject, "kind", kind));
return array;
}
if (iteratorObject->getDirect(vm, vm.propertyNames->builtinNames().mapBucketPrivateName())) {
JSValue iteratedValue = iteratorObject->getDirect(vm, vm.propertyNames->builtinNames().iteratedObjectPrivateName());
String kind;
switch (static_cast<IterationKind>(iteratorObject->getDirect(vm, vm.propertyNames->builtinNames().mapIteratorKindPrivateName()).asInt32())) {
case IterateKey:
kind = "key"_s;
break;
case IterateValue:
kind = "value"_s;
break;
case IterateKeyValue:
kind = "key+value"_s;
break;
}
unsigned index = 0;
JSArray* array = constructEmptyArray(globalObject, nullptr, 2);
RETURN_IF_EXCEPTION(scope, JSValue());
array->putDirectIndex(globalObject, index++, constructInternalProperty(globalObject, "map", iteratedValue));
RETURN_IF_EXCEPTION(scope, JSValue());
scope.release();
array->putDirectIndex(globalObject, index++, constructInternalProperty(globalObject, "kind", jsNontrivialString(vm, kind)));
return array;
}
if (iteratorObject->getDirect(vm, vm.propertyNames->builtinNames().setBucketPrivateName())) {
JSValue iteratedValue = iteratorObject->getDirect(vm, vm.propertyNames->builtinNames().iteratedObjectPrivateName());
String kind;
switch (static_cast<IterationKind>(iteratorObject->getDirect(vm, vm.propertyNames->builtinNames().setIteratorKindPrivateName()).asInt32())) {
case IterateKey:
kind = "key"_s;
break;
case IterateValue:
kind = "value"_s;
break;
case IterateKeyValue:
kind = "key+value"_s;
break;
}
unsigned index = 0;
JSArray* array = constructEmptyArray(globalObject, nullptr, 2);
RETURN_IF_EXCEPTION(scope, JSValue());
array->putDirectIndex(globalObject, index++, constructInternalProperty(globalObject, "set", iteratedValue));
RETURN_IF_EXCEPTION(scope, JSValue());
scope.release();
array->putDirectIndex(globalObject, index++, constructInternalProperty(globalObject, "kind", jsNontrivialString(vm, kind)));
return array;
}
}
if (JSStringIterator* stringIterator = jsDynamicCast<JSStringIterator*>(vm, value)) {
unsigned index = 0;
JSArray* array = constructEmptyArray(globalObject, nullptr, 1);
RETURN_IF_EXCEPTION(scope, JSValue());
scope.release();
array->putDirectIndex(globalObject, index++, constructInternalProperty(globalObject, "string", stringIterator->iteratedValue(globalObject)));
return array;
}
return jsUndefined();
}
JSValue JSInjectedScriptHost::proxyTargetValue(VM& vm, CallFrame* callFrame)
{
if (callFrame->argumentCount() < 1)
return jsUndefined();
JSValue value = callFrame->uncheckedArgument(0);
ProxyObject* proxy = jsDynamicCast<ProxyObject*>(vm, value);
if (!proxy)
return jsUndefined();
JSObject* target = proxy->target();
while (ProxyObject* proxy = jsDynamicCast<ProxyObject*>(vm, target))
target = proxy->target();
return target;
}
JSValue JSInjectedScriptHost::weakMapSize(JSGlobalObject* globalObject, CallFrame* callFrame)
{
if (callFrame->argumentCount() < 1)
return jsUndefined();
VM& vm = globalObject->vm();
JSValue value = callFrame->uncheckedArgument(0);
JSWeakMap* weakMap = jsDynamicCast<JSWeakMap*>(vm, value);
if (!weakMap)
return jsUndefined();
return jsNumber(weakMap->size());
}
JSValue JSInjectedScriptHost::weakMapEntries(JSGlobalObject* globalObject, CallFrame* callFrame)
{
if (callFrame->argumentCount() < 1)
return jsUndefined();
VM& vm = globalObject->vm();
auto scope = DECLARE_THROW_SCOPE(vm);
auto* weakMap = jsDynamicCast<JSWeakMap*>(vm, callFrame->uncheckedArgument(0));
if (!weakMap)
return jsUndefined();
MarkedArgumentBuffer buffer;
auto fetchCount = callFrame->argument(1).toInteger(globalObject);
weakMap->takeSnapshot(buffer, fetchCount >= 0 ? static_cast<unsigned>(fetchCount) : 0);
ASSERT(!buffer.hasOverflowed());
JSArray* array = constructEmptyArray(globalObject, nullptr);
RETURN_IF_EXCEPTION(scope, JSValue());
for (unsigned index = 0; index < buffer.size(); index += 2) {
JSObject* entry = constructEmptyObject(globalObject);
entry->putDirect(vm, Identifier::fromString(vm, "key"), buffer.at(index));
entry->putDirect(vm, Identifier::fromString(vm, "value"), buffer.at(index + 1));
array->putDirectIndex(globalObject, index / 2, entry);
RETURN_IF_EXCEPTION(scope, JSValue());
}
return array;
}
JSValue JSInjectedScriptHost::weakSetSize(JSGlobalObject* globalObject, CallFrame* callFrame)
{
if (callFrame->argumentCount() < 1)
return jsUndefined();
VM& vm = globalObject->vm();
JSValue value = callFrame->uncheckedArgument(0);
JSWeakSet* weakSet = jsDynamicCast<JSWeakSet*>(vm, value);
if (!weakSet)
return jsUndefined();
return jsNumber(weakSet->size());
}
JSValue JSInjectedScriptHost::weakSetEntries(JSGlobalObject* globalObject, CallFrame* callFrame)
{
if (callFrame->argumentCount() < 1)
return jsUndefined();
VM& vm = globalObject->vm();
auto scope = DECLARE_THROW_SCOPE(vm);
auto* weakSet = jsDynamicCast<JSWeakSet*>(vm, callFrame->uncheckedArgument(0));
if (!weakSet)
return jsUndefined();
MarkedArgumentBuffer buffer;
auto fetchCount = callFrame->argument(1).toInteger(globalObject);
weakSet->takeSnapshot(buffer, fetchCount >= 0 ? static_cast<unsigned>(fetchCount) : 0);
ASSERT(!buffer.hasOverflowed());
JSArray* array = constructEmptyArray(globalObject, nullptr);
RETURN_IF_EXCEPTION(scope, JSValue());
for (unsigned index = 0; index < buffer.size(); ++index) {
JSObject* entry = constructEmptyObject(globalObject);
entry->putDirect(vm, Identifier::fromString(vm, "value"), buffer.at(index));
array->putDirectIndex(globalObject, index, entry);
RETURN_IF_EXCEPTION(scope, JSValue());
}
return array;
}
static JSObject* cloneArrayIteratorObject(JSGlobalObject* globalObject, VM& vm, JSObject* iteratorObject, JSValue nextIndex, JSValue iteratedObject)
{
ASSERT(iteratorObject->type() == FinalObjectType);
JSObject* clone = constructEmptyObject(globalObject, ArrayIteratorPrototype::create(vm, globalObject, ArrayIteratorPrototype::createStructure(vm, globalObject, globalObject->iteratorPrototype())));
clone->putDirect(vm, vm.propertyNames->builtinNames().iteratedObjectPrivateName(), iteratedObject);
clone->putDirect(vm, vm.propertyNames->builtinNames().arrayIteratorKindPrivateName(), iteratorObject->getDirect(vm, vm.propertyNames->builtinNames().arrayIteratorKindPrivateName()));
clone->putDirect(vm, vm.propertyNames->builtinNames().arrayIteratorNextIndexPrivateName(), nextIndex);
clone->putDirect(vm, vm.propertyNames->builtinNames().arrayIteratorNextPrivateName(), iteratorObject->getDirect(vm, vm.propertyNames->builtinNames().arrayIteratorNextPrivateName()));
clone->putDirect(vm, vm.propertyNames->builtinNames().arrayIteratorIsDonePrivateName(), iteratorObject->getDirect(vm, vm.propertyNames->builtinNames().arrayIteratorIsDonePrivateName()));
return clone;
}
static JSObject* cloneMapIteratorObject(JSGlobalObject* globalObject, VM& vm, JSObject* iteratorObject, JSValue mapBucket, JSValue iteratedObject)
{
ASSERT(iteratorObject->type() == FinalObjectType);
JSObject* clone = constructEmptyObject(globalObject, MapIteratorPrototype::create(vm, globalObject, MapIteratorPrototype::createStructure(vm, globalObject, globalObject->iteratorPrototype())));
clone->putDirect(vm, vm.propertyNames->builtinNames().iteratedObjectPrivateName(), iteratedObject);
clone->putDirect(vm, vm.propertyNames->builtinNames().mapIteratorKindPrivateName(), iteratorObject->getDirect(vm, vm.propertyNames->builtinNames().mapIteratorKindPrivateName()));
clone->putDirect(vm, vm.propertyNames->builtinNames().mapBucketPrivateName(), mapBucket);
return clone;
}
static JSObject* cloneSetIteratorObject(JSGlobalObject* globalObject, VM& vm, JSObject* iteratorObject, JSValue setBucket, JSValue iteratedObject)
{
ASSERT(iteratorObject->type() == FinalObjectType);
JSObject* clone = constructEmptyObject(globalObject, SetIteratorPrototype::create(vm, globalObject, SetIteratorPrototype::createStructure(vm, globalObject, globalObject->iteratorPrototype())));
clone->putDirect(vm, vm.propertyNames->builtinNames().iteratedObjectPrivateName(), iteratedObject);
clone->putDirect(vm, vm.propertyNames->builtinNames().setIteratorKindPrivateName(), iteratorObject->getDirect(vm, vm.propertyNames->builtinNames().setIteratorKindPrivateName()));
clone->putDirect(vm, vm.propertyNames->builtinNames().setBucketPrivateName(), setBucket);
return clone;
}
JSValue JSInjectedScriptHost::iteratorEntries(JSGlobalObject* globalObject, CallFrame* callFrame)
{
if (callFrame->argumentCount() < 1)
return jsUndefined();
VM& vm = globalObject->vm();
auto scope = DECLARE_THROW_SCOPE(vm);
JSValue iterator;
JSValue value = callFrame->uncheckedArgument(0);
if (JSStringIterator* stringIterator = jsDynamicCast<JSStringIterator*>(vm, value)) {
if (globalObject->isStringPrototypeIteratorProtocolFastAndNonObservable())
iterator = stringIterator->clone(globalObject);
} else if (JSObject* iteratorObject = jsDynamicCast<JSObject*>(vm, value)) {
JSValue iteratedObject = iteratorObject->getDirect(vm, vm.propertyNames->builtinNames().iteratedObjectPrivateName());
if (JSValue nextIndex = iteratorObject->getDirect(vm, vm.propertyNames->builtinNames().arrayIteratorNextIndexPrivateName())) {
if (isJSArray(iteratedObject)) {
JSArray* array = jsCast<JSArray*>(iteratedObject);
if (array->isIteratorProtocolFastAndNonObservable())
iterator = cloneArrayIteratorObject(globalObject, vm, iteratorObject, nextIndex, iteratedObject);
} else if (iteratedObject.isObject() && TypeInfo::isArgumentsType(asObject(iteratedObject)->type())) {
if (globalObject->isArrayPrototypeIteratorProtocolFastAndNonObservable())
iterator = cloneArrayIteratorObject(globalObject, vm, iteratorObject, nextIndex, iteratedObject);
}
} else if (JSValue mapBucket = iteratorObject->getDirect(vm, vm.propertyNames->builtinNames().mapBucketPrivateName())) {
if (jsCast<JSMap*>(iteratedObject)->isIteratorProtocolFastAndNonObservable())
iterator = cloneMapIteratorObject(globalObject, vm, iteratorObject, mapBucket, iteratedObject);
} else if (JSValue setBucket = iteratorObject->getDirect(vm, vm.propertyNames->builtinNames().setBucketPrivateName())) {
if (jsCast<JSSet*>(iteratedObject)->isIteratorProtocolFastAndNonObservable())
iterator = cloneSetIteratorObject(globalObject, vm, iteratorObject, setBucket, iteratedObject);
}
}
RETURN_IF_EXCEPTION(scope, { });
if (!iterator)
return jsUndefined();
IterationRecord iterationRecord = { iterator, iterator.get(globalObject, vm.propertyNames->next) };
unsigned numberToFetch = 5;
JSValue numberToFetchArg = callFrame->argument(1);
double fetchDouble = numberToFetchArg.toInteger(globalObject);
RETURN_IF_EXCEPTION(scope, { });
if (fetchDouble >= 0)
numberToFetch = static_cast<unsigned>(fetchDouble);
JSArray* array = constructEmptyArray(globalObject, nullptr);
RETURN_IF_EXCEPTION(scope, { });
for (unsigned i = 0; i < numberToFetch; ++i) {
JSValue next = iteratorStep(globalObject, iterationRecord);
if (UNLIKELY(scope.exception()) || next.isFalse())
break;
JSValue nextValue = iteratorValue(globalObject, next);
RETURN_IF_EXCEPTION(scope, { });
JSObject* entry = constructEmptyObject(globalObject);
entry->putDirect(vm, Identifier::fromString(vm, "value"), nextValue);
array->putDirectIndex(globalObject, i, entry);
if (UNLIKELY(scope.exception())) {
scope.release();
iteratorClose(globalObject, iterationRecord);
break;
}
}
return array;
}
static bool checkForbiddenPrototype(JSGlobalObject* globalObject, JSValue value, JSValue proto)
{
if (value == proto)
return true;
return JSObject::defaultHasInstance(globalObject, proto, value);
}
JSValue JSInjectedScriptHost::queryInstances(JSGlobalObject* globalObject, CallFrame* callFrame)
{
if (callFrame->argumentCount() < 1)
return jsUndefined();
VM& vm = globalObject->vm();
auto scope = DECLARE_THROW_SCOPE(vm);
JSValue prototypeOrConstructor = callFrame->uncheckedArgument(0);
if (!prototypeOrConstructor.isObject())
return throwTypeError(globalObject, scope, "queryInstances first argument must be an object."_s);
JSObject* object = asObject(prototypeOrConstructor);
if (object->inherits<ProxyObject>(vm))
return throwTypeError(globalObject, scope, "queryInstances cannot be called with a Proxy."_s);
JSValue prototype = object;
PropertySlot prototypeSlot(object, PropertySlot::InternalMethodType::VMInquiry);
if (object->getPropertySlot(globalObject, vm.propertyNames->prototype, prototypeSlot)) {
RETURN_IF_EXCEPTION(scope, { });
if (prototypeSlot.isValue()) {
JSValue prototypeValue = prototypeSlot.getValue(globalObject, vm.propertyNames->prototype);
if (prototypeValue.isObject()) {
prototype = prototypeValue;
object = asObject(prototype);
}
}
}
if (object->inherits<ProxyObject>(vm) || prototype.inherits<ProxyObject>(vm))
return throwTypeError(globalObject, scope, "queryInstances cannot be called with a Proxy."_s);
if (checkForbiddenPrototype(globalObject, object, globalObject->objectPrototype()))
return throwTypeError(globalObject, scope, "queryInstances cannot be called with Object."_s);
if (checkForbiddenPrototype(globalObject, object, globalObject->functionPrototype()))
return throwTypeError(globalObject, scope, "queryInstances cannot be called with Function."_s);
if (checkForbiddenPrototype(globalObject, object, globalObject->arrayPrototype()))
return throwTypeError(globalObject, scope, "queryInstances cannot be called with Array."_s);
if (checkForbiddenPrototype(globalObject, object, globalObject->mapPrototype()))
return throwTypeError(globalObject, scope, "queryInstances cannot be called with Map."_s);
if (checkForbiddenPrototype(globalObject, object, globalObject->jsSetPrototype()))
return throwTypeError(globalObject, scope, "queryInstances cannot be called with Set."_s);
if (checkForbiddenPrototype(globalObject, object, globalObject->promisePrototype()))
return throwTypeError(globalObject, scope, "queryInstances cannot be called with Promise."_s);
sanitizeStackForVM(vm);
vm.heap.collectNow(Sync, CollectionScope::Full);
JSArray* array = constructEmptyArray(globalObject, nullptr);
RETURN_IF_EXCEPTION(scope, { });
{
HeapIterationScope iterationScope(vm.heap);
vm.heap.objectSpace().forEachLiveCell(iterationScope, [&] (HeapCell* cell, HeapCell::Kind kind) {
if (!isJSCellKind(kind))
return IterationStatus::Continue;
JSValue value(static_cast<JSCell*>(cell));
if (value.inherits<ProxyObject>(vm))
return IterationStatus::Continue;
if (JSObject::defaultHasInstance(globalObject, value, prototype))
array->putDirectIndex(globalObject, array->length(), value);
return IterationStatus::Continue;
});
}
return array;
}
class HeapHolderFinder final : public HeapAnalyzer {
WTF_MAKE_FAST_ALLOCATED;
public:
HeapHolderFinder(HeapProfiler& profiler, JSCell* target)
: HeapAnalyzer()
, m_target(target)
{
ASSERT(!profiler.activeHeapAnalyzer());
profiler.setActiveHeapAnalyzer(this);
profiler.vm().heap.collectNow(Sync, CollectionScope::Full);
profiler.setActiveHeapAnalyzer(nullptr);
HashSet<JSCell*> queue;
HashSet<JSCell*> visited;
for (auto* root : m_rootsToInclude)
queue.add(root);
while (auto* from = queue.takeAny()) {
if (m_rootsToIgnore.contains(from))
continue;
if (!visited.add(from).isNewEntry)
continue;
for (auto* to : m_successors.get(from))
queue.add(to);
}
for (auto* holder : m_holders)
queue.add(holder);
while (auto* holder = queue.takeAny()) {
if (holder->isObject())
continue;
for (auto* from : m_predecessors.get(holder)) {
if (!m_holders.contains(from)) {
m_holders.add(from);
queue.add(from);
}
}
}
m_holders.removeIf([&] (auto* holder) {
return !holder->isObject() || !visited.contains(holder);
});
}
HashSet<JSCell*>& holders() { return m_holders; }
void analyzeEdge(JSCell* from, JSCell* to, SlotVisitor::RootMarkReason reason) override
{
ASSERT(to);
ASSERT(to->vm().heapProfiler()->activeHeapAnalyzer() == this);
auto locker = holdLock(m_mutex);
if (from && from != to) {
m_successors.ensure(from, [] {
return HashSet<JSCell*>();
}).iterator->value.add(to);
m_predecessors.ensure(to, [] {
return HashSet<JSCell*>();
}).iterator->value.add(from);
if (to == m_target)
m_holders.add(from);
}
if (reason == SlotVisitor::RootMarkReason::Debugger)
m_rootsToIgnore.add(to);
else if (!from || reason != SlotVisitor::RootMarkReason::None)
m_rootsToInclude.add(to);
}
void analyzePropertyNameEdge(JSCell* from, JSCell* to, UniquedStringImpl*) override { analyzeEdge(from, to, SlotVisitor::RootMarkReason::None); }
void analyzeVariableNameEdge(JSCell* from, JSCell* to, UniquedStringImpl*) override { analyzeEdge(from, to, SlotVisitor::RootMarkReason::None); }
void analyzeIndexEdge(JSCell* from, JSCell* to, uint32_t) override { analyzeEdge(from, to, SlotVisitor::RootMarkReason::None); }
void analyzeNode(JSCell*) override { }
void setOpaqueRootReachabilityReasonForCell(JSCell*, const char*) override { }
void setWrappedObjectForCell(JSCell*, void*) override { }
void setLabelForCell(JSCell*, const String&) override { }
#ifndef NDEBUG
void dump(PrintStream& out) const
{
Indentation<4> indent;
HashSet<JSCell*> visited;
Function<void(JSCell*)> visit = [&] (auto* from) {
auto isFirstVisit = visited.add(from).isNewEntry;
out.print(makeString(indent));
out.print("[ "_s);
if (from == m_target)
out.print("T "_s);
if (m_holders.contains(from))
out.print("H "_s);
if (m_rootsToIgnore.contains(from))
out.print("- "_s);
else if (m_rootsToInclude.contains(from))
out.print("+ "_s);
if (!isFirstVisit)
out.print("V "_s);
out.print("] "_s);
from->dump(out);
out.println();
if (isFirstVisit) {
IndentationScope<4> scope(indent);
for (auto* to : m_successors.get(from))
visit(to);
}
};
for (auto* from : m_rootsToInclude)
visit(from);
}
#endif
private:
Lock m_mutex;
HashMap<JSCell*, HashSet<JSCell*>> m_predecessors;
HashMap<JSCell*, HashSet<JSCell*>> m_successors;
HashSet<JSCell*> m_rootsToInclude;
HashSet<JSCell*> m_rootsToIgnore;
HashSet<JSCell*> m_holders;
const JSCell* m_target;
};
JSValue JSInjectedScriptHost::queryHolders(JSGlobalObject* globalObject, CallFrame* callFrame)
{
if (callFrame->argumentCount() < 1)
return jsUndefined();
VM& vm = globalObject->vm();
auto scope = DECLARE_THROW_SCOPE(vm);
JSValue target = callFrame->uncheckedArgument(0);
if (!target.isObject())
return throwTypeError(globalObject, scope, "queryHolders first argument must be an object."_s);
JSArray* result = constructEmptyArray(globalObject, nullptr);
RETURN_IF_EXCEPTION(scope, { });
{
DeferGC deferGC(vm.heap);
PreventCollectionScope preventCollectionScope(vm.heap);
sanitizeStackForVM(vm);
HeapHolderFinder holderFinder(vm.ensureHeapProfiler(), target.asCell());
auto holders = copyToVector(holderFinder.holders());
std::sort(holders.begin(), holders.end());
for (auto* holder : holders)
result->putDirectIndex(globalObject, result->length(), holder);
}
return result;
}
}