From 5f8de423f190bbb79a62f804151bc24824fa32d8 Mon Sep 17 00:00:00 2001 From: "Matt A. Tobin" Date: Fri, 2 Feb 2018 04:16:08 -0500 Subject: Add m-esr52 at 52.6.0 --- dom/bindings/BindingUtils.h | 3441 +++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 3441 insertions(+) create mode 100644 dom/bindings/BindingUtils.h (limited to 'dom/bindings/BindingUtils.h') diff --git a/dom/bindings/BindingUtils.h b/dom/bindings/BindingUtils.h new file mode 100644 index 000000000..3e58390c9 --- /dev/null +++ b/dom/bindings/BindingUtils.h @@ -0,0 +1,3441 @@ +/* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */ +/* vim: set ts=8 sts=2 et sw=2 tw=80: */ +/* This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this file, + * You can obtain one at http://mozilla.org/MPL/2.0/. */ + +#ifndef mozilla_dom_BindingUtils_h__ +#define mozilla_dom_BindingUtils_h__ + +#include "jsfriendapi.h" +#include "jswrapper.h" +#include "js/Conversions.h" +#include "mozilla/ArrayUtils.h" +#include "mozilla/Alignment.h" +#include "mozilla/Array.h" +#include "mozilla/Assertions.h" +#include "mozilla/CycleCollectedJSContext.h" +#include "mozilla/DeferredFinalize.h" +#include "mozilla/dom/BindingDeclarations.h" +#include "mozilla/dom/CallbackObject.h" +#include "mozilla/dom/DOMJSClass.h" +#include "mozilla/dom/DOMJSProxyHandler.h" +#include "mozilla/dom/Exceptions.h" +#include "mozilla/dom/NonRefcountedDOMObject.h" +#include "mozilla/dom/Nullable.h" +#include "mozilla/dom/RootedDictionary.h" +#include "mozilla/SegmentedVector.h" +#include "mozilla/dom/workers/Workers.h" +#include "mozilla/ErrorResult.h" +#include "mozilla/Likely.h" +#include "mozilla/MemoryReporting.h" +#include "nsAutoPtr.h" +#include "nsIDocument.h" +#include "nsIGlobalObject.h" +#include "nsIXPConnect.h" +#include "nsJSUtils.h" +#include "nsISupportsImpl.h" +#include "qsObjectHelper.h" +#include "xpcpublic.h" +#include "nsIVariant.h" +#include "mozilla/dom/FakeString.h" + +#include "nsWrapperCacheInlines.h" + +class nsIJSID; + +namespace mozilla { + +enum UseCounter : int16_t; + +namespace dom { +template class MozMap; + +nsresult +UnwrapArgImpl(JS::Handle src, const nsIID& iid, void** ppArg); + +nsresult +UnwrapWindowProxyImpl(JS::Handle src, nsPIDOMWindowOuter** ppArg); + +/** Convert a jsval to an XPCOM pointer. Caller must not assume that src will + keep the XPCOM pointer rooted. */ +template +inline nsresult +UnwrapArg(JS::Handle src, Interface** ppArg) +{ + return UnwrapArgImpl(src, NS_GET_TEMPLATE_IID(Interface), + reinterpret_cast(ppArg)); +} + +template <> +inline nsresult +UnwrapArg(JS::Handle src, nsPIDOMWindowOuter** ppArg) +{ + return UnwrapWindowProxyImpl(src, ppArg); +} + +nsresult +UnwrapXPConnectImpl(JSContext* cx, JS::MutableHandle src, + const nsIID& iid, void** ppArg); + +/* + * Convert a jsval being used as a Web IDL interface implementation to an XPCOM + * pointer; this is only used for Web IDL interfaces that specify + * hasXPConnectImpls. This is not the same as UnwrapArg because caller _can_ + * assume that if unwrapping succeeds "val" will be updated so it's rooting the + * XPCOM pointer. Also, UnwrapXPConnect doesn't need to worry about doing + * XPCWrappedJS things. + * + * val must be an ObjectValue. + */ +template +inline nsresult +UnwrapXPConnect(JSContext* cx, JS::MutableHandle val, + Interface** ppThis) +{ + return UnwrapXPConnectImpl(cx, val, NS_GET_TEMPLATE_IID(Interface), + reinterpret_cast(ppThis)); +} + +bool +ThrowInvalidThis(JSContext* aCx, const JS::CallArgs& aArgs, + bool aSecurityError, const char* aInterfaceName); + +bool +ThrowInvalidThis(JSContext* aCx, const JS::CallArgs& aArgs, + bool aSecurityError, prototypes::ID aProtoId); + +// Returns true if the JSClass is used for DOM objects. +inline bool +IsDOMClass(const JSClass* clasp) +{ + return clasp->flags & JSCLASS_IS_DOMJSCLASS; +} + +inline bool +IsDOMClass(const js::Class* clasp) +{ + return IsDOMClass(Jsvalify(clasp)); +} + +// Return true if the JSClass is used for non-proxy DOM objects. +inline bool +IsNonProxyDOMClass(const js::Class* clasp) +{ + return IsDOMClass(clasp) && !clasp->isProxy(); +} + +inline bool +IsNonProxyDOMClass(const JSClass* clasp) +{ + return IsNonProxyDOMClass(js::Valueify(clasp)); +} + +// Returns true if the JSClass is used for DOM interface and interface +// prototype objects. +inline bool +IsDOMIfaceAndProtoClass(const JSClass* clasp) +{ + return clasp->flags & JSCLASS_IS_DOMIFACEANDPROTOJSCLASS; +} + +inline bool +IsDOMIfaceAndProtoClass(const js::Class* clasp) +{ + return IsDOMIfaceAndProtoClass(Jsvalify(clasp)); +} + +static_assert(DOM_OBJECT_SLOT == 0, + "DOM_OBJECT_SLOT doesn't match the proxy private slot. " + "Expect bad things"); +template +inline T* +UnwrapDOMObject(JSObject* obj) +{ + MOZ_ASSERT(IsDOMClass(js::GetObjectClass(obj)), + "Don't pass non-DOM objects to this function"); + + JS::Value val = js::GetReservedOrProxyPrivateSlot(obj, DOM_OBJECT_SLOT); + return static_cast(val.toPrivate()); +} + +template +inline T* +UnwrapPossiblyNotInitializedDOMObject(JSObject* obj) +{ + // This is used by the OjectMoved JSClass hook which can be called before + // JS_NewObject has returned and so before we have a chance to set + // DOM_OBJECT_SLOT to anything useful. + + MOZ_ASSERT(IsDOMClass(js::GetObjectClass(obj)), + "Don't pass non-DOM objects to this function"); + + JS::Value val = js::GetReservedOrProxyPrivateSlot(obj, DOM_OBJECT_SLOT); + if (val.isUndefined()) { + return nullptr; + } + return static_cast(val.toPrivate()); +} + +inline const DOMJSClass* +GetDOMClass(const js::Class* clasp) +{ + return IsDOMClass(clasp) ? DOMJSClass::FromJSClass(clasp) : nullptr; +} + +inline const DOMJSClass* +GetDOMClass(JSObject* obj) +{ + return GetDOMClass(js::GetObjectClass(obj)); +} + +inline nsISupports* +UnwrapDOMObjectToISupports(JSObject* aObject) +{ + const DOMJSClass* clasp = GetDOMClass(aObject); + if (!clasp || !clasp->mDOMObjectIsISupports) { + return nullptr; + } + + return UnwrapPossiblyNotInitializedDOMObject(aObject); +} + +inline bool +IsDOMObject(JSObject* obj) +{ + return IsDOMClass(js::GetObjectClass(obj)); +} + +// There are two valid ways to use UNWRAP_OBJECT: Either obj needs to +// be a MutableHandle, or value needs to be a strong-reference +// smart pointer type (OwningNonNull or RefPtr or nsCOMPtr), in which case obj +// can be anything that converts to JSObject*. +#define UNWRAP_OBJECT(Interface, obj, value) \ + mozilla::dom::UnwrapObject(obj, value) + +// Test whether the given object is an instance of the given interface. +#define IS_INSTANCE_OF(Interface, obj) \ + mozilla::dom::IsInstanceOf(obj) + +// Unwrap the given non-wrapper object. This can be used with any obj that +// converts to JSObject*; as long as that JSObject* is live the return value +// will be valid. +#define UNWRAP_NON_WRAPPER_OBJECT(Interface, obj, value) \ + mozilla::dom::UnwrapNonWrapperObject(obj, value) + +// Some callers don't want to set an exception when unwrapping fails +// (for example, overload resolution uses unwrapping to tell what sort +// of thing it's looking at). +// U must be something that a T* can be assigned to (e.g. T* or an RefPtr). +// +// The obj argument will be mutated to point to CheckedUnwrap of itself if the +// passed-in value is not a DOM object and CheckedUnwrap succeeds. +// +// If mayBeWrapper is true, there are three valid ways to invoke +// UnwrapObjectInternal: Either obj needs to be a class wrapping a +// MutableHandle, with an assignment operator that sets the handle to +// the given object, or U needs to be a strong-reference smart pointer type +// (OwningNonNull or RefPtr or nsCOMPtr), or the value being stored in "value" +// must not escape past being tested for falsiness immediately after the +// UnwrapObjectInternal call. +// +// If mayBeWrapper is false, obj can just be a JSObject*, and U anything that a +// T* can be assigned to. +namespace binding_detail { +template +MOZ_ALWAYS_INLINE nsresult +UnwrapObjectInternal(V& obj, U& value, prototypes::ID protoID, + uint32_t protoDepth) +{ + /* First check to see whether we have a DOM object */ + const DOMJSClass* domClass = GetDOMClass(obj); + if (domClass) { + /* This object is a DOM object. Double-check that it is safely + castable to T by checking whether it claims to inherit from the + class identified by protoID. */ + if (domClass->mInterfaceChain[protoDepth] == protoID) { + value = UnwrapDOMObject(obj); + return NS_OK; + } + } + + /* Maybe we have a security wrapper or outer window? */ + if (!mayBeWrapper || !js::IsWrapper(obj)) { + /* Not a DOM object, not a wrapper, just bail */ + return NS_ERROR_XPC_BAD_CONVERT_JS; + } + + JSObject* unwrappedObj = + js::CheckedUnwrap(obj, /* stopAtWindowProxy = */ false); + if (!unwrappedObj) { + return NS_ERROR_XPC_SECURITY_MANAGER_VETO; + } + MOZ_ASSERT(!js::IsWrapper(unwrappedObj)); + // Recursive call is OK, because now we're using false for mayBeWrapper and + // we never reach this code if that boolean is false, so can't keep calling + // ourselves. + // + // Unwrap into a temporary pointer, because in general unwrapping into + // something of type U might trigger GC (e.g. release the value currently + // stored in there, with arbitrary consequences) and invalidate the + // "unwrappedObj" pointer. + T* tempValue; + nsresult rv = UnwrapObjectInternal(unwrappedObj, tempValue, + protoID, protoDepth); + if (NS_SUCCEEDED(rv)) { + // It's very important to not update "obj" with the "unwrappedObj" value + // until we know the unwrap has succeeded. Otherwise, in a situation in + // which we have an overload of object and primitive we could end up + // converting to the primitive from the unwrappedObj, whereas we want to do + // it from the original object. + obj = unwrappedObj; + // And now assign to "value"; at this point we don't care if a GC happens + // and invalidates unwrappedObj. + value = tempValue; + return NS_OK; + } + + /* It's the wrong sort of DOM object */ + return NS_ERROR_XPC_BAD_CONVERT_JS; +} + +struct MutableObjectHandleWrapper { + explicit MutableObjectHandleWrapper(JS::MutableHandle aHandle) + : mHandle(aHandle) + { + } + + void operator=(JSObject* aObject) + { + MOZ_ASSERT(aObject); + mHandle.set(aObject); + } + + operator JSObject*() const + { + return mHandle; + } + +private: + JS::MutableHandle mHandle; +}; + +struct MutableValueHandleWrapper { + explicit MutableValueHandleWrapper(JS::MutableHandle aHandle) + : mHandle(aHandle) + { + } + + void operator=(JSObject* aObject) + { + MOZ_ASSERT(aObject); + mHandle.setObject(*aObject); + } + + operator JSObject*() const + { + return &mHandle.toObject(); + } + +private: + JS::MutableHandle mHandle; +}; + +} // namespace binding_detail + +// UnwrapObject overloads that ensure we have a MutableHandle to keep it alive. +template +MOZ_ALWAYS_INLINE nsresult +UnwrapObject(JS::MutableHandle obj, U& value) +{ + binding_detail::MutableObjectHandleWrapper wrapper(obj); + return binding_detail::UnwrapObjectInternal( + wrapper, value, PrototypeID, PrototypeTraits::Depth); +} + +template +MOZ_ALWAYS_INLINE nsresult +UnwrapObject(JS::MutableHandle obj, U& value) +{ + MOZ_ASSERT(obj.isObject()); + binding_detail::MutableValueHandleWrapper wrapper(obj); + return binding_detail::UnwrapObjectInternal( + wrapper, value, PrototypeID, PrototypeTraits::Depth); +} + +// UnwrapObject overloads that ensure we have a strong ref to keep it alive. +template +MOZ_ALWAYS_INLINE nsresult +UnwrapObject(JSObject* obj, RefPtr& value) +{ + return binding_detail::UnwrapObjectInternal( + obj, value, PrototypeID, PrototypeTraits::Depth); +} + +template +MOZ_ALWAYS_INLINE nsresult +UnwrapObject(JSObject* obj, nsCOMPtr& value) +{ + return binding_detail::UnwrapObjectInternal( + obj, value, PrototypeID, PrototypeTraits::Depth); +} + +template +MOZ_ALWAYS_INLINE nsresult +UnwrapObject(JSObject* obj, OwningNonNull& value) +{ + return binding_detail::UnwrapObjectInternal( + obj, value, PrototypeID, PrototypeTraits::Depth); +} + +// An UnwrapObject overload that just calls one of the JSObject* ones. +template +MOZ_ALWAYS_INLINE nsresult +UnwrapObject(JS::Handle obj, U& value) +{ + MOZ_ASSERT(obj.isObject()); + return UnwrapObject(&obj.toObject(), value); +} + +template +MOZ_ALWAYS_INLINE bool +IsInstanceOf(JSObject* obj) +{ + void* ignored; + nsresult unwrapped = binding_detail::UnwrapObjectInternal( + obj, ignored, PrototypeID, PrototypeTraits::Depth); + return NS_SUCCEEDED(unwrapped); +} + +template +MOZ_ALWAYS_INLINE nsresult +UnwrapNonWrapperObject(JSObject* obj, U& value) +{ + MOZ_ASSERT(!js::IsWrapper(obj)); + return binding_detail::UnwrapObjectInternal( + obj, value, PrototypeID, PrototypeTraits::Depth); +} + +inline bool +IsNotDateOrRegExp(JSContext* cx, JS::Handle obj, + bool* notDateOrRegExp) +{ + MOZ_ASSERT(obj); + + js::ESClass cls; + if (!js::GetBuiltinClass(cx, obj, &cls)) { + return false; + } + + *notDateOrRegExp = cls != js::ESClass::Date && cls != js::ESClass::RegExp; + return true; +} + +MOZ_ALWAYS_INLINE bool +IsObjectValueConvertibleToDictionary(JSContext* cx, + JS::Handle objVal, + bool* convertible) +{ + JS::Rooted obj(cx, &objVal.toObject()); + return IsNotDateOrRegExp(cx, obj, convertible); +} + +MOZ_ALWAYS_INLINE bool +IsConvertibleToDictionary(JSContext* cx, JS::Handle val, + bool* convertible) +{ + if (val.isNullOrUndefined()) { + *convertible = true; + return true; + } + if (!val.isObject()) { + *convertible = false; + return true; + } + return IsObjectValueConvertibleToDictionary(cx, val, convertible); +} + +MOZ_ALWAYS_INLINE bool +IsConvertibleToCallbackInterface(JSContext* cx, JS::Handle obj, + bool* convertible) +{ + return IsNotDateOrRegExp(cx, obj, convertible); +} + +// The items in the protoAndIfaceCache are indexed by the prototypes::id::ID, +// constructors::id::ID and namedpropertiesobjects::id::ID enums, in that order. +// The end of the prototype objects should be the start of the interface +// objects, and the end of the interface objects should be the start of the +// named properties objects. +static_assert((size_t)constructors::id::_ID_Start == + (size_t)prototypes::id::_ID_Count && + (size_t)namedpropertiesobjects::id::_ID_Start == + (size_t)constructors::id::_ID_Count, + "Overlapping or discontiguous indexes."); +const size_t kProtoAndIfaceCacheCount = namedpropertiesobjects::id::_ID_Count; + +class ProtoAndIfaceCache +{ + // The caching strategy we use depends on what sort of global we're dealing + // with. For a window-like global, we want everything to be as fast as + // possible, so we use a flat array, indexed by prototype/constructor ID. + // For everything else (e.g. globals for JSMs), space is more important than + // speed, so we use a two-level lookup table. + + class ArrayCache : public Array, kProtoAndIfaceCacheCount> + { + public: + JSObject* EntrySlotIfExists(size_t i) { + return (*this)[i]; + } + + JS::Heap& EntrySlotOrCreate(size_t i) { + return (*this)[i]; + } + + JS::Heap& EntrySlotMustExist(size_t i) { + return (*this)[i]; + } + + void Trace(JSTracer* aTracer) { + for (size_t i = 0; i < ArrayLength(*this); ++i) { + JS::TraceEdge(aTracer, &(*this)[i], "protoAndIfaceCache[i]"); + } + } + + size_t SizeOfIncludingThis(MallocSizeOf aMallocSizeOf) { + return aMallocSizeOf(this); + } + }; + + class PageTableCache + { + public: + PageTableCache() { + memset(&mPages, 0, sizeof(mPages)); + } + + ~PageTableCache() { + for (size_t i = 0; i < ArrayLength(mPages); ++i) { + delete mPages[i]; + } + } + + JSObject* EntrySlotIfExists(size_t i) { + MOZ_ASSERT(i < kProtoAndIfaceCacheCount); + size_t pageIndex = i / kPageSize; + size_t leafIndex = i % kPageSize; + Page* p = mPages[pageIndex]; + if (!p) { + return nullptr; + } + return (*p)[leafIndex]; + } + + JS::Heap& EntrySlotOrCreate(size_t i) { + MOZ_ASSERT(i < kProtoAndIfaceCacheCount); + size_t pageIndex = i / kPageSize; + size_t leafIndex = i % kPageSize; + Page* p = mPages[pageIndex]; + if (!p) { + p = new Page; + mPages[pageIndex] = p; + } + return (*p)[leafIndex]; + } + + JS::Heap& EntrySlotMustExist(size_t i) { + MOZ_ASSERT(i < kProtoAndIfaceCacheCount); + size_t pageIndex = i / kPageSize; + size_t leafIndex = i % kPageSize; + Page* p = mPages[pageIndex]; + MOZ_ASSERT(p); + return (*p)[leafIndex]; + } + + void Trace(JSTracer* trc) { + for (size_t i = 0; i < ArrayLength(mPages); ++i) { + Page* p = mPages[i]; + if (p) { + for (size_t j = 0; j < ArrayLength(*p); ++j) { + JS::TraceEdge(trc, &(*p)[j], "protoAndIfaceCache[i]"); + } + } + } + } + + size_t SizeOfIncludingThis(MallocSizeOf aMallocSizeOf) { + size_t n = aMallocSizeOf(this); + for (size_t i = 0; i < ArrayLength(mPages); ++i) { + n += aMallocSizeOf(mPages[i]); + } + return n; + } + + private: + static const size_t kPageSize = 16; + typedef Array, kPageSize> Page; + static const size_t kNPages = kProtoAndIfaceCacheCount / kPageSize + + size_t(bool(kProtoAndIfaceCacheCount % kPageSize)); + Array mPages; + }; + +public: + enum Kind { + WindowLike, + NonWindowLike + }; + + explicit ProtoAndIfaceCache(Kind aKind) : mKind(aKind) { + MOZ_COUNT_CTOR(ProtoAndIfaceCache); + if (aKind == WindowLike) { + mArrayCache = new ArrayCache(); + } else { + mPageTableCache = new PageTableCache(); + } + } + + ~ProtoAndIfaceCache() { + if (mKind == WindowLike) { + delete mArrayCache; + } else { + delete mPageTableCache; + } + MOZ_COUNT_DTOR(ProtoAndIfaceCache); + } + +#define FORWARD_OPERATION(opName, args) \ + do { \ + if (mKind == WindowLike) { \ + return mArrayCache->opName args; \ + } else { \ + return mPageTableCache->opName args; \ + } \ + } while(0) + + // Return the JSObject stored in slot i, if that slot exists. If + // the slot does not exist, return null. + JSObject* EntrySlotIfExists(size_t i) { + FORWARD_OPERATION(EntrySlotIfExists, (i)); + } + + // Return a reference to slot i, creating it if necessary. There + // may not be an object in the returned slot. + JS::Heap& EntrySlotOrCreate(size_t i) { + FORWARD_OPERATION(EntrySlotOrCreate, (i)); + } + + // Return a reference to slot i, which is guaranteed to already + // exist. There may not be an object in the slot, if prototype and + // constructor initialization for one of our bindings failed. + JS::Heap& EntrySlotMustExist(size_t i) { + FORWARD_OPERATION(EntrySlotMustExist, (i)); + } + + void Trace(JSTracer *aTracer) { + FORWARD_OPERATION(Trace, (aTracer)); + } + + size_t SizeOfIncludingThis(MallocSizeOf aMallocSizeOf) { + size_t n = aMallocSizeOf(this); + n += (mKind == WindowLike + ? mArrayCache->SizeOfIncludingThis(aMallocSizeOf) + : mPageTableCache->SizeOfIncludingThis(aMallocSizeOf)); + return n; + } +#undef FORWARD_OPERATION + +private: + union { + ArrayCache *mArrayCache; + PageTableCache *mPageTableCache; + }; + Kind mKind; +}; + +inline void +AllocateProtoAndIfaceCache(JSObject* obj, ProtoAndIfaceCache::Kind aKind) +{ + MOZ_ASSERT(js::GetObjectClass(obj)->flags & JSCLASS_DOM_GLOBAL); + MOZ_ASSERT(js::GetReservedSlot(obj, DOM_PROTOTYPE_SLOT).isUndefined()); + + ProtoAndIfaceCache* protoAndIfaceCache = new ProtoAndIfaceCache(aKind); + + js::SetReservedSlot(obj, DOM_PROTOTYPE_SLOT, + JS::PrivateValue(protoAndIfaceCache)); +} + +#ifdef DEBUG +struct VerifyTraceProtoAndIfaceCacheCalledTracer : public JS::CallbackTracer +{ + bool ok; + + explicit VerifyTraceProtoAndIfaceCacheCalledTracer(JSContext* cx) + : JS::CallbackTracer(cx), ok(false) + {} + + void onChild(const JS::GCCellPtr&) override { + // We don't do anything here, we only want to verify that + // TraceProtoAndIfaceCache was called. + } + + TracerKind getTracerKind() const override { return TracerKind::VerifyTraceProtoAndIface; } +}; +#endif + +inline void +TraceProtoAndIfaceCache(JSTracer* trc, JSObject* obj) +{ + MOZ_ASSERT(js::GetObjectClass(obj)->flags & JSCLASS_DOM_GLOBAL); + +#ifdef DEBUG + if (trc->isCallbackTracer() && + (trc->asCallbackTracer()->getTracerKind() == + JS::CallbackTracer::TracerKind::VerifyTraceProtoAndIface)) { + // We don't do anything here, we only want to verify that + // TraceProtoAndIfaceCache was called. + static_cast(trc)->ok = true; + return; + } +#endif + + if (!DOMGlobalHasProtoAndIFaceCache(obj)) + return; + ProtoAndIfaceCache* protoAndIfaceCache = GetProtoAndIfaceCache(obj); + protoAndIfaceCache->Trace(trc); +} + +inline void +DestroyProtoAndIfaceCache(JSObject* obj) +{ + MOZ_ASSERT(js::GetObjectClass(obj)->flags & JSCLASS_DOM_GLOBAL); + + if (!DOMGlobalHasProtoAndIFaceCache(obj)) { + return; + } + + ProtoAndIfaceCache* protoAndIfaceCache = GetProtoAndIfaceCache(obj); + + delete protoAndIfaceCache; +} + +/** + * Add constants to an object. + */ +bool +DefineConstants(JSContext* cx, JS::Handle obj, + const ConstantSpec* cs); + +struct JSNativeHolder +{ + JSNative mNative; + const NativePropertyHooks* mPropertyHooks; +}; + +struct NamedConstructor +{ + const char* mName; + const JSNativeHolder mHolder; + unsigned mNargs; +}; + +/* + * Create a DOM interface object (if constructorClass is non-null) and/or a + * DOM interface prototype object (if protoClass is non-null). + * + * global is used as the parent of the interface object and the interface + * prototype object + * protoProto is the prototype to use for the interface prototype object. + * interfaceProto is the prototype to use for the interface object. This can be + * null if both constructorClass and constructor are null (as in, + * if we're not creating an interface object at all). + * protoClass is the JSClass to use for the interface prototype object. + * This is null if we should not create an interface prototype + * object. + * protoCache a pointer to a JSObject pointer where we should cache the + * interface prototype object. This must be null if protoClass is and + * vice versa. + * constructorClass is the JSClass to use for the interface object. + * This is null if we should not create an interface object or + * if it should be a function object. + * constructor holds the JSNative to back the interface object which should be a + * Function, unless constructorClass is non-null in which case it is + * ignored. If this is null and constructorClass is also null then + * we should not create an interface object at all. + * ctorNargs is the length of the constructor function; 0 if no constructor + * constructorCache a pointer to a JSObject pointer where we should cache the + * interface object. This must be null if both constructorClass + * and constructor are null, and non-null otherwise. + * properties contains the methods, attributes and constants to be defined on + * objects in any compartment. + * chromeProperties contains the methods, attributes and constants to be defined + * on objects in chrome compartments. This must be null if the + * interface doesn't have any ChromeOnly properties or if the + * object is being created in non-chrome compartment. + * defineOnGlobal controls whether properties should be defined on the given + * global for the interface object (if any) and named + * constructors (if any) for this interface. This can be + * false in situations where we want the properties to only + * appear on privileged Xrays but not on the unprivileged + * underlying global. + * unscopableNames if not null it points to a null-terminated list of const + * char* names of the unscopable properties for this interface. + * isGlobal if true, we're creating interface objects for a [Global] or + * [PrimaryGlobal] interface, and hence shouldn't define properties on + * the prototype object. + * + * At least one of protoClass, constructorClass or constructor should be + * non-null. If constructorClass or constructor are non-null, the resulting + * interface object will be defined on the given global with property name + * |name|, which must also be non-null. + */ +void +CreateInterfaceObjects(JSContext* cx, JS::Handle global, + JS::Handle protoProto, + const js::Class* protoClass, JS::Heap* protoCache, + JS::Handle interfaceProto, + const js::Class* constructorClass, + unsigned ctorNargs, const NamedConstructor* namedConstructors, + JS::Heap* constructorCache, + const NativeProperties* regularProperties, + const NativeProperties* chromeOnlyProperties, + const char* name, bool defineOnGlobal, + const char* const* unscopableNames, + bool isGlobal); + +/** + * Define the properties (regular and chrome-only) on obj. + * + * obj the object to instal the properties on. This should be the interface + * prototype object for regular interfaces and the instance object for + * interfaces marked with Global. + * properties contains the methods, attributes and constants to be defined on + * objects in any compartment. + * chromeProperties contains the methods, attributes and constants to be defined + * on objects in chrome compartments. This must be null if the + * interface doesn't have any ChromeOnly properties or if the + * object is being created in non-chrome compartment. + */ +bool +DefineProperties(JSContext* cx, JS::Handle obj, + const NativeProperties* properties, + const NativeProperties* chromeOnlyProperties); + +/* + * Define the unforgeable methods on an object. + */ +bool +DefineUnforgeableMethods(JSContext* cx, JS::Handle obj, + const Prefable* props); + +/* + * Define the unforgeable attributes on an object. + */ +bool +DefineUnforgeableAttributes(JSContext* cx, JS::Handle obj, + const Prefable* props); + +#define HAS_MEMBER_TYPEDEFS \ +private: \ + typedef char yes[1]; \ + typedef char no[2] + +#ifdef _MSC_VER +#define HAS_MEMBER_CHECK(_name) \ + template static yes& Check##_name(char (*)[(&V::_name == 0) + 1]) +#else +#define HAS_MEMBER_CHECK(_name) \ + template static yes& Check##_name(char (*)[sizeof(&V::_name) + 1]) +#endif + +#define HAS_MEMBER(_memberName, _valueName) \ +private: \ + HAS_MEMBER_CHECK(_memberName); \ + template static no& Check##_memberName(...); \ + \ +public: \ + static bool const _valueName = \ + sizeof(Check##_memberName(nullptr)) == sizeof(yes) + +template +struct NativeHasMember +{ + HAS_MEMBER_TYPEDEFS; + + HAS_MEMBER(GetParentObject, GetParentObject); + HAS_MEMBER(WrapObject, WrapObject); +}; + +template +struct IsSmartPtr +{ + HAS_MEMBER_TYPEDEFS; + + HAS_MEMBER(get, value); +}; + +template +struct IsRefcounted +{ + HAS_MEMBER_TYPEDEFS; + + HAS_MEMBER(AddRef, HasAddref); + HAS_MEMBER(Release, HasRelease); + +public: + static bool const value = HasAddref && HasRelease; + +private: + // This struct only works if T is fully declared (not just forward declared). + // The IsBaseOf check will ensure that, we don't really need it for any other + // reason (the static assert will of course always be true). + static_assert(!IsBaseOf::value || IsRefcounted::value, + "Classes derived from nsISupports are refcounted!"); + +}; + +#undef HAS_MEMBER +#undef HAS_MEMBER_CHECK +#undef HAS_MEMBER_TYPEDEFS + +#ifdef DEBUG +template ::value> +struct +CheckWrapperCacheCast +{ + static bool Check() + { + return reinterpret_cast( + static_cast( + reinterpret_cast(1))) == 1; + } +}; +template +struct +CheckWrapperCacheCast +{ + static bool Check() + { + return true; + } +}; +#endif + +MOZ_ALWAYS_INLINE bool +CouldBeDOMBinding(void*) +{ + return true; +} + +MOZ_ALWAYS_INLINE bool +CouldBeDOMBinding(nsWrapperCache* aCache) +{ + return aCache->IsDOMBinding(); +} + +inline bool +TryToOuterize(JS::MutableHandle rval) +{ + if (js::IsWindow(&rval.toObject())) { + JSObject* obj = js::ToWindowProxyIfWindow(&rval.toObject()); + MOZ_ASSERT(obj); + rval.set(JS::ObjectValue(*obj)); + } + + return true; +} + +// Make sure to wrap the given string value into the right compartment, as +// needed. +MOZ_ALWAYS_INLINE +bool +MaybeWrapStringValue(JSContext* cx, JS::MutableHandle rval) +{ + MOZ_ASSERT(rval.isString()); + JSString* str = rval.toString(); + if (JS::GetStringZone(str) != js::GetContextZone(cx)) { + return JS_WrapValue(cx, rval); + } + return true; +} + +// Make sure to wrap the given object value into the right compartment as +// needed. This will work correctly, but possibly slowly, on all objects. +MOZ_ALWAYS_INLINE +bool +MaybeWrapObjectValue(JSContext* cx, JS::MutableHandle rval) +{ + MOZ_ASSERT(rval.isObject()); + + // Cross-compartment always requires wrapping. + JSObject* obj = &rval.toObject(); + if (js::GetObjectCompartment(obj) != js::GetContextCompartment(cx)) { + return JS_WrapValue(cx, rval); + } + + // We're same-compartment, but even then we might need to wrap + // objects specially. Check for that. + if (IsDOMObject(obj)) { + return TryToOuterize(rval); + } + + // It's not a WebIDL object, so it's OK to just leave it as-is: only WebIDL + // objects (specifically only windows) require outerization. + return true; +} + +// Like MaybeWrapObjectValue, but also allows null +MOZ_ALWAYS_INLINE +bool +MaybeWrapObjectOrNullValue(JSContext* cx, JS::MutableHandle rval) +{ + MOZ_ASSERT(rval.isObjectOrNull()); + if (rval.isNull()) { + return true; + } + return MaybeWrapObjectValue(cx, rval); +} + +// Wrapping for objects that are known to not be DOM or XPConnect objects +MOZ_ALWAYS_INLINE +bool +MaybeWrapNonDOMObjectValue(JSContext* cx, JS::MutableHandle rval) +{ + MOZ_ASSERT(rval.isObject()); + MOZ_ASSERT(!GetDOMClass(&rval.toObject())); + MOZ_ASSERT(!(js::GetObjectClass(&rval.toObject())->flags & + JSCLASS_PRIVATE_IS_NSISUPPORTS)); + + JSObject* obj = &rval.toObject(); + if (js::GetObjectCompartment(obj) == js::GetContextCompartment(cx)) { + return true; + } + return JS_WrapValue(cx, rval); +} + +// Like MaybeWrapNonDOMObjectValue but allows null +MOZ_ALWAYS_INLINE +bool +MaybeWrapNonDOMObjectOrNullValue(JSContext* cx, JS::MutableHandle rval) +{ + MOZ_ASSERT(rval.isObjectOrNull()); + if (rval.isNull()) { + return true; + } + return MaybeWrapNonDOMObjectValue(cx, rval); +} + +// If rval is a gcthing and is not in the compartment of cx, wrap rval +// into the compartment of cx (typically by replacing it with an Xray or +// cross-compartment wrapper around the original object). +MOZ_ALWAYS_INLINE bool +MaybeWrapValue(JSContext* cx, JS::MutableHandle rval) +{ + if (rval.isString()) { + return MaybeWrapStringValue(cx, rval); + } + + if (!rval.isObject()) { + return true; + } + + return MaybeWrapObjectValue(cx, rval); +} + +namespace binding_detail { +enum GetOrCreateReflectorWrapBehavior { + eWrapIntoContextCompartment, + eDontWrapIntoContextCompartment +}; + +template +struct TypeNeedsOuterization +{ + // We only need to outerize Window objects, so anything inheriting from + // nsGlobalWindow (which inherits from EventTarget itself). + static const bool value = + IsBaseOf::value || IsSame::value; +}; + +#ifdef DEBUG +template::value> +struct CheckWrapperCacheTracing +{ + static inline void Check(T* aObject) + { + } +}; + +template +struct CheckWrapperCacheTracing +{ + static void Check(T* aObject) + { + // Rooting analysis thinks QueryInterface may GC, but we're dealing with + // a subset of QueryInterface, C++ only types here. + JS::AutoSuppressGCAnalysis nogc; + + nsWrapperCache* wrapperCacheFromQI = nullptr; + aObject->QueryInterface(NS_GET_IID(nsWrapperCache), + reinterpret_cast(&wrapperCacheFromQI)); + + MOZ_ASSERT(wrapperCacheFromQI, + "Missing nsWrapperCache from QueryInterface implementation?"); + + if (!wrapperCacheFromQI->GetWrapperPreserveColor()) { + // Can't assert that we trace the wrapper, since we don't have any + // wrapper to trace. + return; + } + + nsISupports* ccISupports = nullptr; + aObject->QueryInterface(NS_GET_IID(nsCycleCollectionISupports), + reinterpret_cast(&ccISupports)); + MOZ_ASSERT(ccISupports, + "nsWrapperCache object which isn't cycle collectable?"); + + nsXPCOMCycleCollectionParticipant* participant = nullptr; + CallQueryInterface(ccISupports, &participant); + MOZ_ASSERT(participant, "Can't QI to CycleCollectionParticipant?"); + + bool wasPreservingWrapper = wrapperCacheFromQI->PreservingWrapper(); + wrapperCacheFromQI->SetPreservingWrapper(true); + wrapperCacheFromQI->CheckCCWrapperTraversal(ccISupports, participant); + wrapperCacheFromQI->SetPreservingWrapper(wasPreservingWrapper); + } +}; + +void +AssertReflectorHasGivenProto(JSContext* aCx, JSObject* aReflector, + JS::Handle aGivenProto); +#endif // DEBUG + +template +MOZ_ALWAYS_INLINE bool +DoGetOrCreateDOMReflector(JSContext* cx, T* value, + JS::Handle givenProto, + JS::MutableHandle rval) +{ + MOZ_ASSERT(value); + // We can get rid of this when we remove support for hasXPConnectImpls. + bool couldBeDOMBinding = CouldBeDOMBinding(value); + JSObject* obj = value->GetWrapper(); + if (obj) { +#ifdef DEBUG + AssertReflectorHasGivenProto(cx, obj, givenProto); + // Have to reget obj because AssertReflectorHasGivenProto can + // trigger gc so the pointer may now be invalid. + obj = value->GetWrapper(); +#endif + } else { + // Inline this here while we have non-dom objects in wrapper caches. + if (!couldBeDOMBinding) { + return false; + } + + obj = value->WrapObject(cx, givenProto); + if (!obj) { + // At this point, obj is null, so just return false. + // Callers seem to be testing JS_IsExceptionPending(cx) to + // figure out whether WrapObject() threw. + return false; + } + +#ifdef DEBUG + if (IsBaseOf::value) { + CheckWrapperCacheTracing::Check(value); + } +#endif + } + +#ifdef DEBUG + const DOMJSClass* clasp = GetDOMClass(obj); + // clasp can be null if the cache contained a non-DOM object. + if (clasp) { + // Some sanity asserts about our object. Specifically: + // 1) If our class claims we're nsISupports, we better be nsISupports + // XXXbz ideally, we could assert that reinterpret_cast to nsISupports + // does the right thing, but I don't see a way to do it. :( + // 2) If our class doesn't claim we're nsISupports we better be + // reinterpret_castable to nsWrapperCache. + MOZ_ASSERT(clasp, "What happened here?"); + MOZ_ASSERT_IF(clasp->mDOMObjectIsISupports, (IsBaseOf::value)); + MOZ_ASSERT(CheckWrapperCacheCast::Check()); + } +#endif + + rval.set(JS::ObjectValue(*obj)); + + bool sameCompartment = + js::GetObjectCompartment(obj) == js::GetContextCompartment(cx); + if (sameCompartment && couldBeDOMBinding) { + return TypeNeedsOuterization::value ? TryToOuterize(rval) : true; + } + + if (wrapBehavior == eDontWrapIntoContextCompartment) { + if (TypeNeedsOuterization::value) { + JSAutoCompartment ac(cx, obj); + return TryToOuterize(rval); + } + + return true; + } + + return JS_WrapValue(cx, rval); +} + +} // namespace binding_detail + +// Create a JSObject wrapping "value", if there isn't one already, and store it +// in rval. "value" must be a concrete class that implements a +// GetWrapperPreserveColor() which can return its existing wrapper, if any, and +// a WrapObject() which will try to create a wrapper. Typically, this is done by +// having "value" inherit from nsWrapperCache. +// +// The value stored in rval will be ready to be exposed to whatever JS +// is running on cx right now. In particular, it will be in the +// compartment of cx, and outerized as needed. +template +MOZ_ALWAYS_INLINE bool +GetOrCreateDOMReflector(JSContext* cx, T* value, + JS::MutableHandle rval, + JS::Handle givenProto = nullptr) +{ + using namespace binding_detail; + return DoGetOrCreateDOMReflector(cx, value, + givenProto, + rval); +} + +// Like GetOrCreateDOMReflector but doesn't wrap into the context compartment, +// and hence does not actually require cx to be in a compartment. +template +MOZ_ALWAYS_INLINE bool +GetOrCreateDOMReflectorNoWrap(JSContext* cx, T* value, + JS::MutableHandle rval) +{ + using namespace binding_detail; + return DoGetOrCreateDOMReflector(cx, + value, + nullptr, + rval); +} + +// Create a JSObject wrapping "value", for cases when "value" is a +// non-wrapper-cached object using WebIDL bindings. "value" must implement a +// WrapObject() method taking a JSContext and a scope. +template +inline bool +WrapNewBindingNonWrapperCachedObject(JSContext* cx, + JS::Handle scopeArg, + T* value, + JS::MutableHandle rval, + JS::Handle givenProto = nullptr) +{ + static_assert(IsRefcounted::value, "Don't pass owned classes in here."); + MOZ_ASSERT(value); + // We try to wrap in the compartment of the underlying object of "scope" + JS::Rooted obj(cx); + { + // scope for the JSAutoCompartment so that we restore the compartment + // before we call JS_WrapValue. + Maybe ac; + // Maybe doesn't so much work, and in any case, adding + // more Maybe (one for a Rooted and one for a Handle) adds more + // code (and branches!) than just adding a single rooted. + JS::Rooted scope(cx, scopeArg); + JS::Rooted proto(cx, givenProto); + if (js::IsWrapper(scope)) { + scope = js::CheckedUnwrap(scope, /* stopAtWindowProxy = */ false); + if (!scope) + return false; + ac.emplace(cx, scope); + if (!JS_WrapObject(cx, &proto)) { + return false; + } + } + + MOZ_ASSERT(js::IsObjectInContextCompartment(scope, cx)); + if (!value->WrapObject(cx, proto, &obj)) { + return false; + } + } + + // We can end up here in all sorts of compartments, per above. Make + // sure to JS_WrapValue! + rval.set(JS::ObjectValue(*obj)); + return MaybeWrapObjectValue(cx, rval); +} + +// Create a JSObject wrapping "value", for cases when "value" is a +// non-wrapper-cached owned object using WebIDL bindings. "value" must implement a +// WrapObject() method taking a JSContext, a scope, and a boolean outparam that +// is true if the JSObject took ownership +template +inline bool +WrapNewBindingNonWrapperCachedObject(JSContext* cx, + JS::Handle scopeArg, + nsAutoPtr& value, + JS::MutableHandle rval, + JS::Handle givenProto = nullptr) +{ + static_assert(!IsRefcounted::value, "Only pass owned classes in here."); + // We do a runtime check on value, because otherwise we might in + // fact end up wrapping a null and invoking methods on it later. + if (!value) { + NS_RUNTIMEABORT("Don't try to wrap null objects"); + } + // We try to wrap in the compartment of the underlying object of "scope" + JS::Rooted obj(cx); + { + // scope for the JSAutoCompartment so that we restore the compartment + // before we call JS_WrapValue. + Maybe ac; + // Maybe doesn't so much work, and in any case, adding + // more Maybe (one for a Rooted and one for a Handle) adds more + // code (and branches!) than just adding a single rooted. + JS::Rooted scope(cx, scopeArg); + JS::Rooted proto(cx, givenProto); + if (js::IsWrapper(scope)) { + scope = js::CheckedUnwrap(scope, /* stopAtWindowProxy = */ false); + if (!scope) + return false; + ac.emplace(cx, scope); + if (!JS_WrapObject(cx, &proto)) { + return false; + } + } + + MOZ_ASSERT(js::IsObjectInContextCompartment(scope, cx)); + if (!value->WrapObject(cx, proto, &obj)) { + return false; + } + + value.forget(); + } + + // We can end up here in all sorts of compartments, per above. Make + // sure to JS_WrapValue! + rval.set(JS::ObjectValue(*obj)); + return MaybeWrapObjectValue(cx, rval); +} + +// Helper for smart pointers (nsRefPtr/nsCOMPtr). +template