Google Git
Sign in
third-party-mirror / servo / refs/heads/main / . / components / script_bindings / interface.rs
blob: bb7e27df910fca63ab01c6a7f9e7c27410bea7a4 [file] [log] [blame] [edit]
/* This Source Code Form is subject to the terms of the Mozilla Public
* License, v. 2.0. If a copy of the MPL was not distributed with this
* file, You can obtain one at https://mozilla.org/MPL/2.0/. */
//! Machinery to initialise interface prototype objects and interface objects.
use std::convert::TryFrom;
use std::ffi::CStr;
use std::ptr;
use js::error::throw_type_error;
use js::glue::UncheckedUnwrapObject;
use js::jsapi::JS::CompartmentIterResult;
use js::jsapi::{
CallArgs, CheckedUnwrapStatic, Compartment, CompartmentSpecifier, CurrentGlobalOrNull,
GetFunctionRealm, GetNonCCWObjectGlobal, GetRealmGlobalOrNull, GetWellKnownSymbol,
HandleObject as RawHandleObject, IsSharableCompartment, IsSystemCompartment,
JS_AtomizeAndPinString, JS_GetFunctionObject, JS_GetProperty, JS_IterateCompartments,
JS_NewFunction, JS_NewGlobalObject, JS_NewObject, JS_NewStringCopyN, JS_SetReservedSlot,
JS_SetTrustedPrincipals, JS_WrapObject, JSAutoRealm, JSClass, JSClassOps, JSContext,
JSFUN_CONSTRUCTOR, JSFunctionSpec, JSObject, JSPROP_ENUMERATE, JSPROP_PERMANENT,
JSPROP_READONLY, JSPROP_RESOLVING, JSPropertySpec, JSString, JSTracer, ObjectOps,
OnNewGlobalHookOption, SymbolCode, TrueHandleValue, Value, jsid,
};
use js::jsval::{JSVal, NullValue, PrivateValue};
use js::rust::wrappers::{
JS_DefineProperty, JS_DefineProperty3, JS_DefineProperty4, JS_DefineProperty5,
JS_DefinePropertyById5, JS_FireOnNewGlobalObject, JS_LinkConstructorAndPrototype,
JS_NewObjectWithGivenProto, RUST_SYMBOL_TO_JSID,
};
use js::rust::{
HandleObject, HandleValue, MutableHandleObject, RealmOptions, define_methods,
define_properties, get_object_class, is_dom_class, maybe_wrap_object,
};
use servo_url::MutableOrigin;
use crate::DomTypes;
use crate::codegen::Globals::Globals;
use crate::codegen::PrototypeList;
use crate::constant::{ConstantSpec, define_constants};
use crate::conversions::{DOM_OBJECT_SLOT, get_dom_class};
use crate::guard::Guard;
use crate::principals::ServoJSPrincipals;
use crate::script_runtime::JSContext as SafeJSContext;
use crate::utils::{
DOM_PROTOTYPE_SLOT, DOMJSClass, JSCLASS_DOM_GLOBAL, ProtoOrIfaceArray, get_proto_or_iface_array,
};
/// The class of a non-callback interface object.
#[derive(Clone, Copy)]
pub(crate) struct NonCallbackInterfaceObjectClass {
/// The SpiderMonkey class structure.
pub(crate) _class: JSClass,
/// The prototype id of that interface, used in the hasInstance hook.
pub(crate) _proto_id: PrototypeList::ID,
/// The prototype depth of that interface, used in the hasInstance hook.
pub(crate) _proto_depth: u16,
/// The string representation of the object.
pub(crate) representation: &'static [u8],
}
unsafe impl Sync for NonCallbackInterfaceObjectClass {}
impl NonCallbackInterfaceObjectClass {
/// Create a new `NonCallbackInterfaceObjectClass` structure.
pub(crate) const fn new(
constructor_behavior: &'static InterfaceConstructorBehavior,
string_rep: &'static [u8],
proto_id: PrototypeList::ID,
proto_depth: u16,
) -> NonCallbackInterfaceObjectClass {
NonCallbackInterfaceObjectClass {
_class: JSClass {
name: c"Function".as_ptr(),
flags: 0,
cOps: &constructor_behavior.0,
spec: 0 as *const _,
ext: 0 as *const _,
oOps: &OBJECT_OPS,
},
_proto_id: proto_id,
_proto_depth: proto_depth,
representation: string_rep,
}
}
/// cast own reference to `JSClass` reference
pub(crate) fn as_jsclass(&self) -> &JSClass {
unsafe { &*(self as *const _ as *const JSClass) }
}
}
/// A constructor class hook.
pub(crate) type ConstructorClassHook =
unsafe extern "C" fn(cx: *mut JSContext, argc: u32, vp: *mut Value) -> bool;
/// The constructor behavior of a non-callback interface object.
pub(crate) struct InterfaceConstructorBehavior(JSClassOps);
impl InterfaceConstructorBehavior {
/// An interface constructor that unconditionally throws a type error.
pub(crate) const fn throw() -> Self {
InterfaceConstructorBehavior(JSClassOps {
addProperty: None,
delProperty: None,
enumerate: None,
newEnumerate: None,
resolve: None,
mayResolve: None,
finalize: None,
call: Some(invalid_constructor),
construct: Some(invalid_constructor),
trace: None,
})
}
/// An interface constructor that calls a native Rust function.
pub(crate) const fn call(hook: ConstructorClassHook) -> Self {
InterfaceConstructorBehavior(JSClassOps {
addProperty: None,
delProperty: None,
enumerate: None,
newEnumerate: None,
resolve: None,
mayResolve: None,
finalize: None,
call: Some(non_new_constructor),
construct: Some(hook),
trace: None,
})
}
}
/// A trace hook.
pub(crate) type TraceHook = unsafe extern "C" fn(trc: *mut JSTracer, obj: *mut JSObject);
/// Create a global object with the given class.
pub(crate) unsafe fn create_global_object<D: DomTypes>(
cx: SafeJSContext,
class: &'static JSClass,
private: *const libc::c_void,
trace: TraceHook,
mut rval: MutableHandleObject,
origin: &MutableOrigin,
use_system_compartment: bool,
) {
assert!(rval.is_null());
let mut options = RealmOptions::default();
options.creationOptions_.traceGlobal_ = Some(trace);
options.creationOptions_.sharedMemoryAndAtomics_ = false;
if use_system_compartment {
options.creationOptions_.compSpec_ = CompartmentSpecifier::NewCompartmentAndZone;
options.creationOptions_.__bindgen_anon_1.comp_ = std::ptr::null_mut();
} else {
select_compartment(cx, &mut options);
}
// “System or addon” principals control JIT policy (IsBaselineJitEnabled, IsIonEnabled) and WASM policy
// (IsSimdPrivilegedContext, HasSupport). This is unrelated to the concept of “system” compartments, though WASM
// HasSupport describes checking this flag as “check trusted principals”, which seems to be a mistake.
// Servo currently creates all principals as non-system-or-addon principals.
let principal = ServoJSPrincipals::new::<D>(origin);
if use_system_compartment {
// “System” compartments are those that have all “system” realms, which in turn are those that were
// created with the runtime’s global “trusted” principals. This influences the IsSystemCompartment() check
// in select_compartment() below [1], preventing compartment reuse in either direction between this global
// and any globals created with `use_system_compartment` set to false.
// [1] IsSystemCompartment() → Realm::isSystem() → Realm::isSystem_ → principals == trustedPrincipals()
JS_SetTrustedPrincipals(*cx, principal.as_raw());
}
rval.set(JS_NewGlobalObject(
*cx,
class,
principal.as_raw(),
OnNewGlobalHookOption::DontFireOnNewGlobalHook,
&*options,
));
assert!(!rval.is_null());
// Initialize the reserved slots before doing anything that can GC, to
// avoid getting trace hooks called on a partially initialized object.
let private_val = PrivateValue(private);
JS_SetReservedSlot(rval.get(), DOM_OBJECT_SLOT, &private_val);
let proto_array: Box<ProtoOrIfaceArray> =
Box::new([ptr::null_mut::<JSObject>(); PrototypeList::PROTO_OR_IFACE_LENGTH]);
let val = PrivateValue(Box::into_raw(proto_array) as *const libc::c_void);
JS_SetReservedSlot(rval.get(), DOM_PROTOTYPE_SLOT, &val);
let _ac = JSAutoRealm::new(*cx, rval.get());
JS_FireOnNewGlobalObject(*cx, rval.handle());
}
/// Choose the compartment to create a new global object in.
fn select_compartment(cx: SafeJSContext, options: &mut RealmOptions) {
type Data = *mut Compartment;
unsafe extern "C" fn callback(
_cx: *mut JSContext,
data: *mut libc::c_void,
compartment: *mut Compartment,
) -> CompartmentIterResult {
let data = data as *mut Data;
if !IsSharableCompartment(compartment) || IsSystemCompartment(compartment) {
return CompartmentIterResult::KeepGoing;
}
// Choose any sharable, non-system compartment in this context to allow
// same-agent documents to share JS and DOM objects.
*data = compartment;
CompartmentIterResult::Stop
}
let mut compartment: Data = ptr::null_mut();
unsafe {
JS_IterateCompartments(
*cx,
(&mut compartment) as *mut Data as *mut libc::c_void,
Some(callback),
);
}
if compartment.is_null() {
options.creationOptions_.compSpec_ = CompartmentSpecifier::NewCompartmentAndZone;
} else {
options.creationOptions_.compSpec_ = CompartmentSpecifier::ExistingCompartment;
options.creationOptions_.__bindgen_anon_1.comp_ = compartment;
}
}
/// Create and define the interface object of a callback interface.
pub(crate) fn create_callback_interface_object<D: DomTypes>(
cx: SafeJSContext,
global: HandleObject,
constants: &[Guard<&[ConstantSpec]>],
name: &CStr,
mut rval: MutableHandleObject,
) {
assert!(!constants.is_empty());
unsafe {
rval.set(JS_NewObject(*cx, ptr::null()));
}
assert!(!rval.is_null());
define_guarded_constants::<D>(cx, rval.handle(), constants, global);
define_name(cx, rval.handle(), name);
define_on_global_object(cx, global, name, rval.handle());
}
/// Create the interface prototype object of a non-callback interface.
#[allow(clippy::too_many_arguments)]
pub(crate) fn create_interface_prototype_object<D: DomTypes>(
cx: SafeJSContext,
global: HandleObject,
proto: HandleObject,
class: &'static JSClass,
regular_methods: &[Guard<&'static [JSFunctionSpec]>],
regular_properties: &[Guard<&'static [JSPropertySpec]>],
constants: &[Guard<&[ConstantSpec]>],
unscopable_names: &[&CStr],
mut rval: MutableHandleObject,
) {
create_object::<D>(
cx,
global,
proto,
class,
regular_methods,
regular_properties,
constants,
rval.reborrow(),
);
if !unscopable_names.is_empty() {
rooted!(in(*cx) let mut unscopable_obj = ptr::null_mut::<JSObject>());
create_unscopable_object(cx, unscopable_names, unscopable_obj.handle_mut());
unsafe {
let unscopable_symbol = GetWellKnownSymbol(*cx, SymbolCode::unscopables);
assert!(!unscopable_symbol.is_null());
rooted!(in(*cx) let mut unscopable_id: jsid);
RUST_SYMBOL_TO_JSID(unscopable_symbol, unscopable_id.handle_mut());
assert!(JS_DefinePropertyById5(
*cx,
rval.handle(),
unscopable_id.handle(),
unscopable_obj.handle(),
JSPROP_READONLY as u32
))
}
}
}
/// Create and define the interface object of a non-callback interface.
#[allow(clippy::too_many_arguments)]
pub(crate) fn create_noncallback_interface_object<D: DomTypes>(
cx: SafeJSContext,
global: HandleObject,
proto: HandleObject,
class: &'static NonCallbackInterfaceObjectClass,
static_methods: &[Guard<&'static [JSFunctionSpec]>],
static_properties: &[Guard<&'static [JSPropertySpec]>],
constants: &[Guard<&[ConstantSpec]>],
interface_prototype_object: HandleObject,
name: &CStr,
length: u32,
legacy_window_alias_names: &[&CStr],
mut rval: MutableHandleObject,
) {
create_object::<D>(
cx,
global,
proto,
class.as_jsclass(),
static_methods,
static_properties,
constants,
rval.reborrow(),
);
unsafe {
assert!(JS_LinkConstructorAndPrototype(
*cx,
rval.handle(),
interface_prototype_object
));
}
define_name(cx, rval.handle(), name);
define_length(cx, rval.handle(), i32::try_from(length).expect("overflow"));
define_on_global_object(cx, global, name, rval.handle());
if is_exposed_in(global, Globals::WINDOW) {
for legacy_window_alias in legacy_window_alias_names {
define_on_global_object(cx, global, legacy_window_alias, rval.handle());
}
}
}
/// Create and define the named constructors of a non-callback interface.
pub(crate) fn create_named_constructors(
cx: SafeJSContext,
global: HandleObject,
named_constructors: &[(ConstructorClassHook, &CStr, u32)],
interface_prototype_object: HandleObject,
) {
rooted!(in(*cx) let mut constructor = ptr::null_mut::<JSObject>());
for &(native, name, arity) in named_constructors {
unsafe {
let fun = JS_NewFunction(*cx, Some(native), arity, JSFUN_CONSTRUCTOR, name.as_ptr());
assert!(!fun.is_null());
constructor.set(JS_GetFunctionObject(fun));
assert!(!constructor.is_null());
assert!(JS_DefineProperty3(
*cx,
constructor.handle(),
c"prototype".as_ptr(),
interface_prototype_object,
(JSPROP_PERMANENT | JSPROP_READONLY) as u32
));
}
define_on_global_object(cx, global, name, constructor.handle());
}
}
/// Create a new object with a unique type.
#[allow(clippy::too_many_arguments)]
pub(crate) fn create_object<D: DomTypes>(
cx: SafeJSContext,
global: HandleObject,
proto: HandleObject,
class: &'static JSClass,
methods: &[Guard<&'static [JSFunctionSpec]>],
properties: &[Guard<&'static [JSPropertySpec]>],
constants: &[Guard<&[ConstantSpec]>],
mut rval: MutableHandleObject,
) {
unsafe {
rval.set(JS_NewObjectWithGivenProto(*cx, class, proto));
}
assert!(!rval.is_null());
define_guarded_methods::<D>(cx, rval.handle(), methods, global);
define_guarded_properties::<D>(cx, rval.handle(), properties, global);
define_guarded_constants::<D>(cx, rval.handle(), constants, global);
}
/// Conditionally define constants on an object.
pub(crate) fn define_guarded_constants<D: DomTypes>(
cx: SafeJSContext,
obj: HandleObject,
constants: &[Guard<&[ConstantSpec]>],
global: HandleObject,
) {
for guard in constants {
if let Some(specs) = guard.expose::<D>(cx, obj, global) {
define_constants(cx, obj, specs);
}
}
}
/// Conditionally define methods on an object.
pub(crate) fn define_guarded_methods<D: DomTypes>(
cx: SafeJSContext,
obj: HandleObject,
methods: &[Guard<&'static [JSFunctionSpec]>],
global: HandleObject,
) {
for guard in methods {
if let Some(specs) = guard.expose::<D>(cx, obj, global) {
unsafe {
define_methods(*cx, obj, specs).unwrap();
}
}
}
}
/// Conditionally define properties on an object.
pub(crate) fn define_guarded_properties<D: DomTypes>(
cx: SafeJSContext,
obj: HandleObject,
properties: &[Guard<&'static [JSPropertySpec]>],
global: HandleObject,
) {
for guard in properties {
if let Some(specs) = guard.expose::<D>(cx, obj, global) {
unsafe {
define_properties(*cx, obj, specs).unwrap();
}
}
}
}
/// Returns whether an interface with exposure set given by `globals` should
/// be exposed in the global object `obj`.
pub(crate) fn is_exposed_in(object: HandleObject, globals: Globals) -> bool {
unsafe {
let unwrapped = UncheckedUnwrapObject(object.get(), /* stopAtWindowProxy = */ false);
let dom_class = get_dom_class(unwrapped).unwrap();
globals.contains(dom_class.global)
}
}
/// Define a property with a given name on the global object. Should be called
/// through the resolve hook.
pub(crate) fn define_on_global_object(
cx: SafeJSContext,
global: HandleObject,
name: &CStr,
obj: HandleObject,
) {
unsafe {
assert!(JS_DefineProperty3(
*cx,
global,
name.as_ptr(),
obj,
JSPROP_RESOLVING
));
}
}
const OBJECT_OPS: ObjectOps = ObjectOps {
lookupProperty: None,
defineProperty: None,
hasProperty: None,
getProperty: None,
setProperty: None,
getOwnPropertyDescriptor: None,
deleteProperty: None,
getElements: None,
funToString: Some(fun_to_string_hook),
};
unsafe extern "C" fn fun_to_string_hook(
cx: *mut JSContext,
obj: RawHandleObject,
_is_to_source: bool,
) -> *mut JSString {
let js_class = get_object_class(obj.get());
assert!(!js_class.is_null());
let repr = (*(js_class as *const NonCallbackInterfaceObjectClass)).representation;
assert!(!repr.is_empty());
let ret = JS_NewStringCopyN(cx, repr.as_ptr() as *const libc::c_char, repr.len());
assert!(!ret.is_null());
ret
}
fn create_unscopable_object(cx: SafeJSContext, names: &[&CStr], mut rval: MutableHandleObject) {
assert!(!names.is_empty());
assert!(rval.is_null());
unsafe {
rval.set(JS_NewObjectWithGivenProto(
*cx,
ptr::null(),
HandleObject::null(),
));
assert!(!rval.is_null());
for &name in names {
assert!(JS_DefineProperty(
*cx,
rval.handle(),
name.as_ptr(),
HandleValue::from_raw(TrueHandleValue),
JSPROP_ENUMERATE as u32,
));
}
}
}
fn define_name(cx: SafeJSContext, obj: HandleObject, name: &CStr) {
unsafe {
rooted!(in(*cx) let name = JS_AtomizeAndPinString(*cx, name.as_ptr()));
assert!(!name.is_null());
assert!(JS_DefineProperty4(
*cx,
obj,
c"name".as_ptr(),
name.handle(),
JSPROP_READONLY as u32
));
}
}
fn define_length(cx: SafeJSContext, obj: HandleObject, length: i32) {
unsafe {
assert!(JS_DefineProperty5(
*cx,
obj,
c"length".as_ptr(),
length,
JSPROP_READONLY as u32
));
}
}
unsafe extern "C" fn invalid_constructor(
cx: *mut JSContext,
_argc: libc::c_uint,
_vp: *mut JSVal,
) -> bool {
throw_type_error(cx, "Illegal constructor.");
false
}
unsafe extern "C" fn non_new_constructor(
cx: *mut JSContext,
_argc: libc::c_uint,
_vp: *mut JSVal,
) -> bool {
throw_type_error(cx, "This constructor needs to be called with `new`.");
false
}
pub(crate) enum ProtoOrIfaceIndex {
ID(PrototypeList::ID),
Constructor(PrototypeList::Constructor),
}
impl From<ProtoOrIfaceIndex> for usize {
fn from(index: ProtoOrIfaceIndex) -> usize {
match index {
ProtoOrIfaceIndex::ID(id) => id as usize,
ProtoOrIfaceIndex::Constructor(constructor) => constructor as usize,
}
}
}
pub(crate) fn get_per_interface_object_handle(
cx: SafeJSContext,
global: HandleObject,
id: ProtoOrIfaceIndex,
creator: unsafe fn(SafeJSContext, HandleObject, *mut ProtoOrIfaceArray),
mut rval: MutableHandleObject,
) {
unsafe {
assert!(((*get_object_class(global.get())).flags & JSCLASS_DOM_GLOBAL) != 0);
/* Check to see whether the interface objects are already installed */
let proto_or_iface_array = get_proto_or_iface_array(global.get());
let index: usize = id.into();
rval.set((*proto_or_iface_array)[index]);
if !rval.get().is_null() {
return;
}
creator(cx, global, proto_or_iface_array);
rval.set((*proto_or_iface_array)[index]);
assert!(!rval.get().is_null());
}
}
pub(crate) fn define_dom_interface(
cx: SafeJSContext,
global: HandleObject,
id: ProtoOrIfaceIndex,
creator: unsafe fn(SafeJSContext, HandleObject, *mut ProtoOrIfaceArray),
enabled: fn(SafeJSContext, HandleObject) -> bool,
) {
assert!(!global.get().is_null());
if !enabled(cx, global) {
return;
}
rooted!(in(*cx) let mut proto = ptr::null_mut::<JSObject>());
get_per_interface_object_handle(cx, global, id, creator, proto.handle_mut());
assert!(!proto.is_null());
}
fn get_proto_id_for_new_target(new_target: HandleObject) -> Option<PrototypeList::ID> {
unsafe {
let new_target_class = get_object_class(*new_target);
if is_dom_class(&*new_target_class) {
let domjsclass: *const DOMJSClass = new_target_class as *const DOMJSClass;
let dom_class = &(*domjsclass).dom_class;
return Some(dom_class.interface_chain[dom_class.depth as usize]);
}
None
}
}
#[allow(clippy::result_unit_err)]
pub fn get_desired_proto(
cx: SafeJSContext,
args: &CallArgs,
proto_id: PrototypeList::ID,
creator: unsafe fn(SafeJSContext, HandleObject, *mut ProtoOrIfaceArray),
mut desired_proto: MutableHandleObject,
) -> Result<(), ()> {
unsafe {
// This basically implements
// https://heycam.github.io/webidl/#internally-create-a-new-object-implementing-the-interface
// step 3.
assert!(args.is_constructing());
// The desired prototype depends on the actual constructor that was invoked,
// which is passed to us as the newTarget in the callargs. We want to do
// something akin to the ES6 specification's GetProtototypeFromConstructor (so
// get .prototype on the newTarget, with a fallback to some sort of default).
// First, a fast path for the case when the the constructor is in fact one of
// our DOM constructors. This is safe because on those the "constructor"
// property is non-configurable and non-writable, so we don't have to do the
// slow JS_GetProperty call.
rooted!(in(*cx) let mut new_target = args.new_target().to_object());
rooted!(in(*cx) let original_new_target = *new_target);
// See whether we have a known DOM constructor here, such that we can take a
// fast path.
let target_proto_id = get_proto_id_for_new_target(new_target.handle()).or_else(|| {
// We might still have a cross-compartment wrapper for a known DOM
// constructor. CheckedUnwrapStatic is fine here, because we're looking for
// DOM constructors and those can't be cross-origin objects.
new_target.set(CheckedUnwrapStatic(*new_target));
if !new_target.is_null() && *new_target != *original_new_target {
get_proto_id_for_new_target(new_target.handle())
} else {
None
}
});
if let Some(proto_id) = target_proto_id {
let global = GetNonCCWObjectGlobal(*new_target);
let proto_or_iface_cache = get_proto_or_iface_array(global);
desired_proto.set((*proto_or_iface_cache)[proto_id as usize]);
if *new_target != *original_new_target && !JS_WrapObject(*cx, desired_proto.into()) {
return Err(());
}
return Ok(());
}
// Slow path. This basically duplicates the ES6 spec's
// GetPrototypeFromConstructor except that instead of taking a string naming
// the fallback prototype we determine the fallback based on the proto id we
// were handed.
rooted!(in(*cx) let mut proto_val = NullValue());
if !JS_GetProperty(
*cx,
original_new_target.handle().into(),
c"prototype".as_ptr(),
proto_val.handle_mut().into(),
) {
return Err(());
}
if proto_val.is_object() {
desired_proto.set(proto_val.to_object());
return Ok(());
}
// Fall back to getting the proto for our given proto id in the realm that
// GetFunctionRealm(newTarget) returns.
let realm = GetFunctionRealm(*cx, new_target.handle().into());
if realm.is_null() {
return Err(());
}
{
let _realm = JSAutoRealm::new(*cx, GetRealmGlobalOrNull(realm));
rooted!(in(*cx) let global = CurrentGlobalOrNull(*cx));
get_per_interface_object_handle(
cx,
global.handle(),
ProtoOrIfaceIndex::ID(proto_id),
creator,
desired_proto.reborrow(),
);
if desired_proto.is_null() {
return Err(());
}
}
maybe_wrap_object(*cx, desired_proto);
Ok(())
}
}