1/*
2 * Copyright (C) 2013, 2015-2016 Apple Inc. All rights reserved.
3 *
4 * Redistribution and use in source and binary forms, with or without
5 * modification, are permitted provided that the following conditions
6 * are met:
7 * 1. Redistributions of source code must retain the above copyright
8 * notice, this list of conditions and the following disclaimer.
9 * 2. Redistributions in binary form must reproduce the above copyright
10 * notice, this list of conditions and the following disclaimer in the
11 * documentation and/or other materials provided with the distribution.
12 *
13 * THIS SOFTWARE IS PROVIDED BY APPLE INC. ``AS IS'' AND ANY
14 * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
15 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
16 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL APPLE INC. OR
17 * CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL,
18 * EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
19 * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
20 * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY
21 * OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
22 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
23 * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
24 */
25
26#include "config.h"
27#include "JSInjectedScriptHost.h"
28
29#include "ArrayIteratorPrototype.h"
30#include "ArrayPrototype.h"
31#include "BuiltinNames.h"
32#include "Completion.h"
33#include "DateInstance.h"
34#include "DirectArguments.h"
35#include "Error.h"
36#include "FunctionPrototype.h"
37#include "HeapIterationScope.h"
38#include "InjectedScriptHost.h"
39#include "IterationKind.h"
40#include "IteratorOperations.h"
41#include "IteratorPrototype.h"
42#include "JSArray.h"
43#include "JSBoundFunction.h"
44#include "JSCInlines.h"
45#include "JSFunction.h"
46#include "JSGlobalObjectFunctions.h"
47#include "JSInjectedScriptHostPrototype.h"
48#include "JSMap.h"
49#include "JSPromise.h"
50#include "JSPromisePrototype.h"
51#include "JSSet.h"
52#include "JSStringIterator.h"
53#include "JSTypedArrays.h"
54#include "JSWeakMap.h"
55#include "JSWeakSet.h"
56#include "JSWithScope.h"
57#include "MapIteratorPrototype.h"
58#include "MapPrototype.h"
59#include "MarkedSpaceInlines.h"
60#include "ObjectConstructor.h"
61#include "ObjectPrototype.h"
62#include "ProxyObject.h"
63#include "RegExpObject.h"
64#include "ScopedArguments.h"
65#include "SetIteratorPrototype.h"
66#include "SetPrototype.h"
67#include "SourceCode.h"
68#include "TypedArrayInlines.h"
69
70using namespace JSC;
71
72namespace Inspector {
73
74const ClassInfo JSInjectedScriptHost::s_info = { "InjectedScriptHost", &Base::s_info, nullptr, nullptr, CREATE_METHOD_TABLE(JSInjectedScriptHost) };
75
76JSInjectedScriptHost::JSInjectedScriptHost(VM& vm, Structure* structure, Ref<InjectedScriptHost>&& impl)
77 : JSDestructibleObject(vm, structure)
78 , m_wrapped(WTFMove(impl))
79{
80}
81
82void JSInjectedScriptHost::finishCreation(VM& vm)
83{
84 Base::finishCreation(vm);
85 ASSERT(inherits(vm, info()));
86}
87
88JSObject* JSInjectedScriptHost::createPrototype(VM& vm, JSGlobalObject* globalObject)
89{
90 return JSInjectedScriptHostPrototype::create(vm, globalObject, JSInjectedScriptHostPrototype::createStructure(vm, globalObject, globalObject->objectPrototype()));
91}
92
93void JSInjectedScriptHost::destroy(JSC::JSCell* cell)
94{
95 JSInjectedScriptHost* thisObject = static_cast<JSInjectedScriptHost*>(cell);
96 thisObject->JSInjectedScriptHost::~JSInjectedScriptHost();
97}
98
99JSValue JSInjectedScriptHost::evaluate(ExecState* exec) const
100{
101 JSGlobalObject* globalObject = exec->lexicalGlobalObject();
102 return globalObject->evalFunction();
103}
104
105JSValue JSInjectedScriptHost::evaluateWithScopeExtension(ExecState* exec)
106{
107 VM& vm = exec->vm();
108 auto scope = DECLARE_THROW_SCOPE(vm);
109
110 JSValue scriptValue = exec->argument(0);
111 if (!scriptValue.isString())
112 return throwTypeError(exec, scope, "InjectedScriptHost.evaluateWithScopeExtension first argument must be a string."_s);
113
114 String program = asString(scriptValue)->value(exec);
115 RETURN_IF_EXCEPTION(scope, JSValue());
116
117 NakedPtr<Exception> exception;
118 JSObject* scopeExtension = exec->argument(1).getObject();
119 JSValue result = JSC::evaluateWithScopeExtension(exec, makeSource(program, exec->callerSourceOrigin()), scopeExtension, exception);
120 if (exception)
121 throwException(exec, scope, exception);
122
123 return result;
124}
125
126JSValue JSInjectedScriptHost::internalConstructorName(ExecState* exec)
127{
128 if (exec->argumentCount() < 1)
129 return jsUndefined();
130
131 JSObject* object = jsCast<JSObject*>(exec->uncheckedArgument(0).toThis(exec, NotStrictMode));
132 return jsString(exec, JSObject::calculatedClassName(object));
133}
134
135JSValue JSInjectedScriptHost::isHTMLAllCollection(ExecState* exec)
136{
137 if (exec->argumentCount() < 1)
138 return jsUndefined();
139
140 VM& vm = exec->vm();
141 JSValue value = exec->uncheckedArgument(0);
142 return jsBoolean(impl().isHTMLAllCollection(vm, value));
143}
144
145JSValue JSInjectedScriptHost::isPromiseRejectedWithNativeGetterTypeError(ExecState* exec)
146{
147 VM& vm = exec->vm();
148 auto scope = DECLARE_THROW_SCOPE(vm);
149
150 auto* promise = jsDynamicCast<JSPromise*>(vm, exec->argument(0));
151 if (!promise || promise->status(vm) != JSPromise::Status::Rejected)
152 return throwTypeError(exec, scope, "InjectedScriptHost.isPromiseRejectedWithNativeGetterTypeError first argument must be a rejected Promise."_s);
153
154 bool result = false;
155 if (auto* errorInstance = jsDynamicCast<ErrorInstance*>(vm, promise->result(vm)))
156 result = errorInstance->isNativeGetterTypeError();
157 return jsBoolean(result);
158}
159
160JSValue JSInjectedScriptHost::subtype(ExecState* exec)
161{
162 VM& vm = exec->vm();
163 if (exec->argumentCount() < 1)
164 return jsUndefined();
165
166 JSValue value = exec->uncheckedArgument(0);
167 if (value.isString())
168 return vm.smallStrings.stringString();
169 if (value.isBoolean())
170 return vm.smallStrings.booleanString();
171 if (value.isNumber())
172 return vm.smallStrings.numberString();
173 if (value.isSymbol())
174 return vm.smallStrings.symbolString();
175
176 if (auto* object = jsDynamicCast<JSObject*>(vm, value)) {
177 if (object->isErrorInstance())
178 return jsNontrivialString(exec, "error"_s);
179
180 // Consider class constructor functions class objects.
181 JSFunction* function = jsDynamicCast<JSFunction*>(vm, value);
182 if (function && function->isClassConstructorFunction())
183 return jsNontrivialString(exec, "class"_s);
184
185 if (object->inherits<JSArray>(vm))
186 return jsNontrivialString(exec, "array"_s);
187 if (object->inherits<DirectArguments>(vm) || object->inherits<ScopedArguments>(vm))
188 return jsNontrivialString(exec, "array"_s);
189
190 if (object->inherits<DateInstance>(vm))
191 return jsNontrivialString(exec, "date"_s);
192 if (object->inherits<RegExpObject>(vm))
193 return jsNontrivialString(exec, "regexp"_s);
194 if (object->inherits<ProxyObject>(vm))
195 return jsNontrivialString(exec, "proxy"_s);
196
197 if (object->inherits<JSMap>(vm))
198 return jsNontrivialString(exec, "map"_s);
199 if (object->inherits<JSSet>(vm))
200 return jsNontrivialString(exec, "set"_s);
201 if (object->inherits<JSWeakMap>(vm))
202 return jsNontrivialString(exec, "weakmap"_s);
203 if (object->inherits<JSWeakSet>(vm))
204 return jsNontrivialString(exec, "weakset"_s);
205
206 if (object->inherits<JSStringIterator>(vm))
207 return jsNontrivialString(exec, "iterator"_s);
208
209 if (object->getDirect(vm, vm.propertyNames->builtinNames().arrayIteratorNextIndexPrivateName())
210 || object->getDirect(vm, vm.propertyNames->builtinNames().mapBucketPrivateName())
211 || object->getDirect(vm, vm.propertyNames->builtinNames().setBucketPrivateName()))
212 return jsNontrivialString(exec, "iterator"_s);
213
214 if (object->inherits<JSInt8Array>(vm)
215 || object->inherits<JSInt16Array>(vm)
216 || object->inherits<JSInt32Array>(vm)
217 || object->inherits<JSUint8Array>(vm)
218 || object->inherits<JSUint8ClampedArray>(vm)
219 || object->inherits<JSUint16Array>(vm)
220 || object->inherits<JSUint32Array>(vm)
221 || object->inherits<JSFloat32Array>(vm)
222 || object->inherits<JSFloat64Array>(vm))
223 return jsNontrivialString(exec, "array"_s);
224 }
225
226 return impl().subtype(exec, value);
227}
228
229JSValue JSInjectedScriptHost::functionDetails(ExecState* exec)
230{
231 if (exec->argumentCount() < 1)
232 return jsUndefined();
233
234 VM& vm = exec->vm();
235 JSValue value = exec->uncheckedArgument(0);
236 auto* function = jsDynamicCast<JSFunction*>(vm, value);
237 if (!function)
238 return jsUndefined();
239
240 // FIXME: <https://webkit.org/b/87192> Web Inspector: Expose function scope / closure data
241
242 // FIXME: This should provide better details for JSBoundFunctions.
243
244 const SourceCode* sourceCode = function->sourceCode();
245 if (!sourceCode)
246 return jsUndefined();
247
248 // In the inspector protocol all positions are 0-based while in SourceCode they are 1-based
249 int lineNumber = sourceCode->firstLine().oneBasedInt();
250 if (lineNumber)
251 lineNumber -= 1;
252 int columnNumber = sourceCode->startColumn().oneBasedInt();
253 if (columnNumber)
254 columnNumber -= 1;
255
256 String scriptID = String::number(sourceCode->provider()->asID());
257 JSObject* location = constructEmptyObject(exec);
258 location->putDirect(vm, Identifier::fromString(exec, "scriptId"), jsString(exec, scriptID));
259 location->putDirect(vm, Identifier::fromString(exec, "lineNumber"), jsNumber(lineNumber));
260 location->putDirect(vm, Identifier::fromString(exec, "columnNumber"), jsNumber(columnNumber));
261
262 JSObject* result = constructEmptyObject(exec);
263 result->putDirect(vm, Identifier::fromString(exec, "location"), location);
264
265 String name = function->name(vm);
266 if (!name.isEmpty())
267 result->putDirect(vm, Identifier::fromString(exec, "name"), jsString(exec, name));
268
269 String displayName = function->displayName(vm);
270 if (!displayName.isEmpty())
271 result->putDirect(vm, Identifier::fromString(exec, "displayName"), jsString(exec, displayName));
272
273 return result;
274}
275
276static JSObject* constructInternalProperty(ExecState* exec, const String& name, JSValue value)
277{
278 VM& vm = exec->vm();
279 JSObject* result = constructEmptyObject(exec);
280 result->putDirect(vm, Identifier::fromString(exec, "name"), jsString(exec, name));
281 result->putDirect(vm, Identifier::fromString(exec, "value"), value);
282 return result;
283}
284
285JSValue JSInjectedScriptHost::getInternalProperties(ExecState* exec)
286{
287 if (exec->argumentCount() < 1)
288 return jsUndefined();
289
290 VM& vm = exec->vm();
291 auto scope = DECLARE_THROW_SCOPE(vm);
292 JSValue value = exec->uncheckedArgument(0);
293
294 JSValue internalProperties = impl().getInternalProperties(vm, exec, value);
295 if (internalProperties)
296 return internalProperties;
297
298 if (JSPromise* promise = jsDynamicCast<JSPromise*>(vm, value)) {
299 unsigned index = 0;
300 JSArray* array = constructEmptyArray(exec, nullptr);
301 RETURN_IF_EXCEPTION(scope, JSValue());
302 switch (promise->status(vm)) {
303 case JSPromise::Status::Pending:
304 scope.release();
305 array->putDirectIndex(exec, index++, constructInternalProperty(exec, "status"_s, jsNontrivialString(exec, "pending"_s)));
306 return array;
307 case JSPromise::Status::Fulfilled:
308 array->putDirectIndex(exec, index++, constructInternalProperty(exec, "status"_s, jsNontrivialString(exec, "resolved"_s)));
309 RETURN_IF_EXCEPTION(scope, JSValue());
310 scope.release();
311 array->putDirectIndex(exec, index++, constructInternalProperty(exec, "result"_s, promise->result(vm)));
312 return array;
313 case JSPromise::Status::Rejected:
314 array->putDirectIndex(exec, index++, constructInternalProperty(exec, "status"_s, jsNontrivialString(exec, "rejected"_s)));
315 RETURN_IF_EXCEPTION(scope, JSValue());
316 scope.release();
317 array->putDirectIndex(exec, index++, constructInternalProperty(exec, "result"_s, promise->result(vm)));
318 return array;
319 }
320 // FIXME: <https://webkit.org/b/141664> Web Inspector: ES6: Improved Support for Promises - Promise Reactions
321 RELEASE_ASSERT_NOT_REACHED();
322 }
323
324 if (JSBoundFunction* boundFunction = jsDynamicCast<JSBoundFunction*>(vm, value)) {
325 unsigned index = 0;
326 JSArray* array = constructEmptyArray(exec, nullptr);
327 RETURN_IF_EXCEPTION(scope, JSValue());
328 array->putDirectIndex(exec, index++, constructInternalProperty(exec, "targetFunction", boundFunction->targetFunction()));
329 RETURN_IF_EXCEPTION(scope, JSValue());
330 array->putDirectIndex(exec, index++, constructInternalProperty(exec, "boundThis", boundFunction->boundThis()));
331 RETURN_IF_EXCEPTION(scope, JSValue());
332 if (boundFunction->boundArgs()) {
333 scope.release();
334 array->putDirectIndex(exec, index++, constructInternalProperty(exec, "boundArgs", boundFunction->boundArgsCopy(exec)));
335 return array;
336 }
337 return array;
338 }
339
340 if (ProxyObject* proxy = jsDynamicCast<ProxyObject*>(vm, value)) {
341 unsigned index = 0;
342 JSArray* array = constructEmptyArray(exec, nullptr, 2);
343 RETURN_IF_EXCEPTION(scope, JSValue());
344 array->putDirectIndex(exec, index++, constructInternalProperty(exec, "target"_s, proxy->target()));
345 RETURN_IF_EXCEPTION(scope, JSValue());
346 scope.release();
347 array->putDirectIndex(exec, index++, constructInternalProperty(exec, "handler"_s, proxy->handler()));
348 return array;
349 }
350
351 if (JSObject* iteratorObject = jsDynamicCast<JSObject*>(vm, value)) {
352 if (iteratorObject->getDirect(vm, vm.propertyNames->builtinNames().arrayIteratorNextIndexPrivateName())) {
353 JSValue iteratedValue = iteratorObject->getDirect(vm, vm.propertyNames->builtinNames().iteratedObjectPrivateName());
354 JSValue kind = iteratorObject->getDirect(vm, vm.propertyNames->builtinNames().arrayIteratorKindPrivateName());
355
356 unsigned index = 0;
357 JSArray* array = constructEmptyArray(exec, nullptr, 2);
358 RETURN_IF_EXCEPTION(scope, JSValue());
359 array->putDirectIndex(exec, index++, constructInternalProperty(exec, "array", iteratedValue));
360 RETURN_IF_EXCEPTION(scope, JSValue());
361 scope.release();
362 array->putDirectIndex(exec, index++, constructInternalProperty(exec, "kind", kind));
363 return array;
364 }
365
366 if (iteratorObject->getDirect(vm, vm.propertyNames->builtinNames().mapBucketPrivateName())) {
367 JSValue iteratedValue = iteratorObject->getDirect(vm, vm.propertyNames->builtinNames().iteratedObjectPrivateName());
368 String kind;
369 switch (static_cast<IterationKind>(iteratorObject->getDirect(vm, vm.propertyNames->builtinNames().mapIteratorKindPrivateName()).asInt32())) {
370 case IterateKey:
371 kind = "key"_s;
372 break;
373 case IterateValue:
374 kind = "value"_s;
375 break;
376 case IterateKeyValue:
377 kind = "key+value"_s;
378 break;
379 }
380 unsigned index = 0;
381 JSArray* array = constructEmptyArray(exec, nullptr, 2);
382 RETURN_IF_EXCEPTION(scope, JSValue());
383 array->putDirectIndex(exec, index++, constructInternalProperty(exec, "map", iteratedValue));
384 RETURN_IF_EXCEPTION(scope, JSValue());
385 scope.release();
386 array->putDirectIndex(exec, index++, constructInternalProperty(exec, "kind", jsNontrivialString(exec, kind)));
387 return array;
388 }
389
390 if (iteratorObject->getDirect(vm, vm.propertyNames->builtinNames().setBucketPrivateName())) {
391 JSValue iteratedValue = iteratorObject->getDirect(vm, vm.propertyNames->builtinNames().iteratedObjectPrivateName());
392 String kind;
393 switch (static_cast<IterationKind>(iteratorObject->getDirect(vm, vm.propertyNames->builtinNames().setIteratorKindPrivateName()).asInt32())) {
394 case IterateKey:
395 kind = "key"_s;
396 break;
397 case IterateValue:
398 kind = "value"_s;
399 break;
400 case IterateKeyValue:
401 kind = "key+value"_s;
402 break;
403 }
404 unsigned index = 0;
405 JSArray* array = constructEmptyArray(exec, nullptr, 2);
406 RETURN_IF_EXCEPTION(scope, JSValue());
407 array->putDirectIndex(exec, index++, constructInternalProperty(exec, "set", iteratedValue));
408 RETURN_IF_EXCEPTION(scope, JSValue());
409 scope.release();
410 array->putDirectIndex(exec, index++, constructInternalProperty(exec, "kind", jsNontrivialString(exec, kind)));
411 return array;
412 }
413 }
414
415 if (JSStringIterator* stringIterator = jsDynamicCast<JSStringIterator*>(vm, value)) {
416 unsigned index = 0;
417 JSArray* array = constructEmptyArray(exec, nullptr, 1);
418 RETURN_IF_EXCEPTION(scope, JSValue());
419 scope.release();
420 array->putDirectIndex(exec, index++, constructInternalProperty(exec, "string", stringIterator->iteratedValue(exec)));
421 return array;
422 }
423
424 return jsUndefined();
425}
426
427JSValue JSInjectedScriptHost::proxyTargetValue(ExecState *exec)
428{
429 if (exec->argumentCount() < 1)
430 return jsUndefined();
431
432 VM& vm = exec->vm();
433 JSValue value = exec->uncheckedArgument(0);
434 ProxyObject* proxy = jsDynamicCast<ProxyObject*>(vm, value);
435 if (!proxy)
436 return jsUndefined();
437
438 JSObject* target = proxy->target();
439 while (ProxyObject* proxy = jsDynamicCast<ProxyObject*>(vm, target))
440 target = proxy->target();
441
442 return target;
443}
444
445JSValue JSInjectedScriptHost::weakMapSize(ExecState* exec)
446{
447 if (exec->argumentCount() < 1)
448 return jsUndefined();
449
450 VM& vm = exec->vm();
451 JSValue value = exec->uncheckedArgument(0);
452 JSWeakMap* weakMap = jsDynamicCast<JSWeakMap*>(vm, value);
453 if (!weakMap)
454 return jsUndefined();
455
456 return jsNumber(weakMap->size());
457}
458
459JSValue JSInjectedScriptHost::weakMapEntries(ExecState* exec)
460{
461 if (exec->argumentCount() < 1)
462 return jsUndefined();
463
464 VM& vm = exec->vm();
465 auto scope = DECLARE_THROW_SCOPE(vm);
466 JSValue value = exec->uncheckedArgument(0);
467 JSWeakMap* weakMap = jsDynamicCast<JSWeakMap*>(vm, value);
468 if (!weakMap)
469 return jsUndefined();
470
471 unsigned numberToFetch = 100;
472
473 JSValue numberToFetchArg = exec->argument(1);
474 double fetchDouble = numberToFetchArg.toInteger(exec);
475 if (fetchDouble >= 0)
476 numberToFetch = static_cast<unsigned>(fetchDouble);
477
478 JSArray* array = constructEmptyArray(exec, nullptr);
479 RETURN_IF_EXCEPTION(scope, JSValue());
480
481 MarkedArgumentBuffer buffer;
482 weakMap->takeSnapshot(buffer, numberToFetch);
483
484 for (unsigned index = 0; index < buffer.size(); index += 2) {
485 JSObject* entry = constructEmptyObject(exec);
486 entry->putDirect(vm, Identifier::fromString(exec, "key"), buffer.at(index));
487 entry->putDirect(vm, Identifier::fromString(exec, "value"), buffer.at(index + 1));
488 array->putDirectIndex(exec, index / 2, entry);
489 RETURN_IF_EXCEPTION(scope, JSValue());
490 }
491
492 return array;
493}
494
495JSValue JSInjectedScriptHost::weakSetSize(ExecState* exec)
496{
497 if (exec->argumentCount() < 1)
498 return jsUndefined();
499
500 VM& vm = exec->vm();
501 JSValue value = exec->uncheckedArgument(0);
502 JSWeakSet* weakSet = jsDynamicCast<JSWeakSet*>(vm, value);
503 if (!weakSet)
504 return jsUndefined();
505
506 return jsNumber(weakSet->size());
507}
508
509JSValue JSInjectedScriptHost::weakSetEntries(ExecState* exec)
510{
511 if (exec->argumentCount() < 1)
512 return jsUndefined();
513
514 VM& vm = exec->vm();
515 auto scope = DECLARE_THROW_SCOPE(vm);
516 JSValue value = exec->uncheckedArgument(0);
517 JSWeakSet* weakSet = jsDynamicCast<JSWeakSet*>(vm, value);
518 if (!weakSet)
519 return jsUndefined();
520
521 unsigned numberToFetch = 100;
522
523 JSValue numberToFetchArg = exec->argument(1);
524 double fetchDouble = numberToFetchArg.toInteger(exec);
525 if (fetchDouble >= 0)
526 numberToFetch = static_cast<unsigned>(fetchDouble);
527
528 JSArray* array = constructEmptyArray(exec, nullptr);
529 RETURN_IF_EXCEPTION(scope, JSValue());
530
531 MarkedArgumentBuffer buffer;
532 weakSet->takeSnapshot(buffer, numberToFetch);
533
534 for (unsigned index = 0; index < buffer.size(); ++index) {
535 JSObject* entry = constructEmptyObject(exec);
536 entry->putDirect(vm, Identifier::fromString(exec, "value"), buffer.at(index));
537 array->putDirectIndex(exec, index, entry);
538 RETURN_IF_EXCEPTION(scope, JSValue());
539 }
540
541 return array;
542}
543
544static JSObject* cloneArrayIteratorObject(ExecState* exec, VM& vm, JSObject* iteratorObject, JSGlobalObject* globalObject, JSValue nextIndex, JSValue iteratedObject)
545{
546 ASSERT(iteratorObject->type() == FinalObjectType);
547 JSObject* clone = constructEmptyObject(exec, ArrayIteratorPrototype::create(vm, globalObject, ArrayIteratorPrototype::createStructure(vm, globalObject, globalObject->iteratorPrototype())));
548 clone->putDirect(vm, vm.propertyNames->builtinNames().iteratedObjectPrivateName(), iteratedObject);
549 clone->putDirect(vm, vm.propertyNames->builtinNames().arrayIteratorKindPrivateName(), iteratorObject->getDirect(vm, vm.propertyNames->builtinNames().arrayIteratorKindPrivateName()));
550 clone->putDirect(vm, vm.propertyNames->builtinNames().arrayIteratorNextIndexPrivateName(), nextIndex);
551 clone->putDirect(vm, vm.propertyNames->builtinNames().arrayIteratorNextPrivateName(), iteratorObject->getDirect(vm, vm.propertyNames->builtinNames().arrayIteratorNextPrivateName()));
552 clone->putDirect(vm, vm.propertyNames->builtinNames().arrayIteratorIsDonePrivateName(), iteratorObject->getDirect(vm, vm.propertyNames->builtinNames().arrayIteratorIsDonePrivateName()));
553 return clone;
554}
555
556static JSObject* cloneMapIteratorObject(ExecState* exec, VM& vm, JSObject* iteratorObject, JSGlobalObject* globalObject, JSValue mapBucket, JSValue iteratedObject)
557{
558 ASSERT(iteratorObject->type() == FinalObjectType);
559 JSObject* clone = constructEmptyObject(exec, MapIteratorPrototype::create(vm, globalObject, MapIteratorPrototype::createStructure(vm, globalObject, globalObject->iteratorPrototype())));
560 clone->putDirect(vm, vm.propertyNames->builtinNames().iteratedObjectPrivateName(), iteratedObject);
561 clone->putDirect(vm, vm.propertyNames->builtinNames().mapIteratorKindPrivateName(), iteratorObject->getDirect(vm, vm.propertyNames->builtinNames().mapIteratorKindPrivateName()));
562 clone->putDirect(vm, vm.propertyNames->builtinNames().mapBucketPrivateName(), mapBucket);
563 return clone;
564}
565
566static JSObject* cloneSetIteratorObject(ExecState* exec, VM& vm, JSObject* iteratorObject, JSGlobalObject* globalObject, JSValue setBucket, JSValue iteratedObject)
567{
568 ASSERT(iteratorObject->type() == FinalObjectType);
569 JSObject* clone = constructEmptyObject(exec, SetIteratorPrototype::create(vm, globalObject, SetIteratorPrototype::createStructure(vm, globalObject, globalObject->iteratorPrototype())));
570 clone->putDirect(vm, vm.propertyNames->builtinNames().iteratedObjectPrivateName(), iteratedObject);
571 clone->putDirect(vm, vm.propertyNames->builtinNames().setIteratorKindPrivateName(), iteratorObject->getDirect(vm, vm.propertyNames->builtinNames().setIteratorKindPrivateName()));
572 clone->putDirect(vm, vm.propertyNames->builtinNames().setBucketPrivateName(), setBucket);
573 return clone;
574}
575
576JSValue JSInjectedScriptHost::iteratorEntries(ExecState* exec)
577{
578 if (exec->argumentCount() < 1)
579 return jsUndefined();
580
581 VM& vm = exec->vm();
582 auto scope = DECLARE_THROW_SCOPE(vm);
583
584 JSValue iterator;
585 JSGlobalObject* globalObject = exec->lexicalGlobalObject();
586 JSValue value = exec->uncheckedArgument(0);
587 if (JSStringIterator* stringIterator = jsDynamicCast<JSStringIterator*>(vm, value)) {
588 if (globalObject->isStringPrototypeIteratorProtocolFastAndNonObservable())
589 iterator = stringIterator->clone(exec);
590 } else if (JSObject* iteratorObject = jsDynamicCast<JSObject*>(vm, value)) {
591 // Detect an ArrayIterator by checking for one of its unique private properties.
592 JSValue iteratedObject = iteratorObject->getDirect(vm, vm.propertyNames->builtinNames().iteratedObjectPrivateName());
593 if (JSValue nextIndex = iteratorObject->getDirect(vm, vm.propertyNames->builtinNames().arrayIteratorNextIndexPrivateName())) {
594 if (isJSArray(iteratedObject)) {
595 JSArray* array = jsCast<JSArray*>(iteratedObject);
596 if (array->isIteratorProtocolFastAndNonObservable())
597 iterator = cloneArrayIteratorObject(exec, vm, iteratorObject, globalObject, nextIndex, iteratedObject);
598 } else if (iteratedObject.isObject() && TypeInfo::isArgumentsType(asObject(iteratedObject)->type())) {
599 if (globalObject->isArrayPrototypeIteratorProtocolFastAndNonObservable())
600 iterator = cloneArrayIteratorObject(exec, vm, iteratorObject, globalObject, nextIndex, iteratedObject);
601 }
602 } else if (JSValue mapBucket = iteratorObject->getDirect(vm, vm.propertyNames->builtinNames().mapBucketPrivateName())) {
603 if (jsCast<JSMap*>(iteratedObject)->isIteratorProtocolFastAndNonObservable())
604 iterator = cloneMapIteratorObject(exec, vm, iteratorObject, globalObject, mapBucket, iteratedObject);
605 } else if (JSValue setBucket = iteratorObject->getDirect(vm, vm.propertyNames->builtinNames().setBucketPrivateName())) {
606 if (jsCast<JSSet*>(iteratedObject)->isIteratorProtocolFastAndNonObservable())
607 iterator = cloneSetIteratorObject(exec, vm, iteratorObject, globalObject, setBucket, iteratedObject);
608 }
609 }
610 RETURN_IF_EXCEPTION(scope, { });
611 if (!iterator)
612 return jsUndefined();
613
614 IterationRecord iterationRecord = { iterator, iterator.get(exec, vm.propertyNames->next) };
615
616 unsigned numberToFetch = 5;
617 JSValue numberToFetchArg = exec->argument(1);
618 double fetchDouble = numberToFetchArg.toInteger(exec);
619 RETURN_IF_EXCEPTION(scope, { });
620 if (fetchDouble >= 0)
621 numberToFetch = static_cast<unsigned>(fetchDouble);
622
623 JSArray* array = constructEmptyArray(exec, nullptr);
624 RETURN_IF_EXCEPTION(scope, { });
625
626 for (unsigned i = 0; i < numberToFetch; ++i) {
627 JSValue next = iteratorStep(exec, iterationRecord);
628 if (UNLIKELY(scope.exception()) || next.isFalse())
629 break;
630
631 JSValue nextValue = iteratorValue(exec, next);
632 RETURN_IF_EXCEPTION(scope, { });
633
634 JSObject* entry = constructEmptyObject(exec);
635 entry->putDirect(vm, Identifier::fromString(exec, "value"), nextValue);
636 array->putDirectIndex(exec, i, entry);
637 if (UNLIKELY(scope.exception())) {
638 scope.release();
639 iteratorClose(exec, iterationRecord);
640 break;
641 }
642 }
643
644 return array;
645}
646
647static bool checkForbiddenPrototype(ExecState* exec, JSValue value, JSValue proto)
648{
649 if (value == proto)
650 return true;
651
652 // Check that the prototype chain of proto hasn't been modified to include value.
653 return JSObject::defaultHasInstance(exec, proto, value);
654}
655
656JSValue JSInjectedScriptHost::queryObjects(ExecState* exec)
657{
658 if (exec->argumentCount() < 1)
659 return jsUndefined();
660
661 VM& vm = exec->vm();
662 auto scope = DECLARE_THROW_SCOPE(vm);
663
664 JSValue prototypeOrConstructor = exec->uncheckedArgument(0);
665 if (!prototypeOrConstructor.isObject())
666 return throwTypeError(exec, scope, "queryObjects first argument must be an object."_s);
667
668 JSObject* object = asObject(prototypeOrConstructor);
669 if (object->inherits<ProxyObject>(vm))
670 return throwTypeError(exec, scope, "queryObjects cannot be called with a Proxy."_s);
671
672 JSValue prototype = object;
673
674 PropertySlot prototypeSlot(object, PropertySlot::InternalMethodType::VMInquiry);
675 if (object->getPropertySlot(exec, vm.propertyNames->prototype, prototypeSlot)) {
676 RETURN_IF_EXCEPTION(scope, { });
677 if (prototypeSlot.isValue()) {
678 JSValue prototypeValue = prototypeSlot.getValue(exec, vm.propertyNames->prototype);
679 if (prototypeValue.isObject()) {
680 prototype = prototypeValue;
681 object = asObject(prototype);
682 }
683 }
684 }
685
686 if (object->inherits<ProxyObject>(vm) || prototype.inherits<ProxyObject>(vm))
687 return throwTypeError(exec, scope, "queryObjects cannot be called with a Proxy."_s);
688
689 // FIXME: implement a way of distinguishing between internal and user-created objects.
690 JSGlobalObject* lexicalGlobalObject = exec->lexicalGlobalObject();
691 if (checkForbiddenPrototype(exec, object, lexicalGlobalObject->objectPrototype()))
692 return throwTypeError(exec, scope, "queryObjects cannot be called with Object."_s);
693 if (checkForbiddenPrototype(exec, object, lexicalGlobalObject->functionPrototype()))
694 return throwTypeError(exec, scope, "queryObjects cannot be called with Function."_s);
695 if (checkForbiddenPrototype(exec, object, lexicalGlobalObject->arrayPrototype()))
696 return throwTypeError(exec, scope, "queryObjects cannot be called with Array."_s);
697 if (checkForbiddenPrototype(exec, object, lexicalGlobalObject->mapPrototype()))
698 return throwTypeError(exec, scope, "queryObjects cannot be called with Map."_s);
699 if (checkForbiddenPrototype(exec, object, lexicalGlobalObject->jsSetPrototype()))
700 return throwTypeError(exec, scope, "queryObjects cannot be called with Set."_s);
701 if (checkForbiddenPrototype(exec, object, lexicalGlobalObject->promisePrototype()))
702 return throwTypeError(exec, scope, "queryObjects cannot be called with Promise."_s);
703
704 sanitizeStackForVM(&vm);
705 vm.heap.collectNow(Sync, CollectionScope::Full);
706
707 JSArray* array = constructEmptyArray(exec, nullptr);
708 RETURN_IF_EXCEPTION(scope, { });
709
710 {
711 HeapIterationScope iterationScope(vm.heap);
712 vm.heap.objectSpace().forEachLiveCell(iterationScope, [&] (HeapCell* cell, HeapCell::Kind kind) {
713 if (!isJSCellKind(kind))
714 return IterationStatus::Continue;
715
716 JSValue value(static_cast<JSCell*>(cell));
717 if (value.inherits<ProxyObject>(vm))
718 return IterationStatus::Continue;
719
720 if (JSObject::defaultHasInstance(exec, value, prototype))
721 array->putDirectIndex(exec, array->length(), value);
722
723 return IterationStatus::Continue;
724 });
725 }
726
727 return array;
728}
729
730} // namespace Inspector
731