Google Git
Sign in
chromium / chromium / src / 95f7c6dd04e7dd1c817602cfb6a57d8a10721b19 / . / third_party / WebKit / Source / bindings / core / v8 / V8Initializer.cpp
blob: 60a08f45f17fb57d0187a7c66cb405651f2c4aff [file] [log] [blame]
/*
* Copyright (C) 2009 Google Inc. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
*
* THIS SOFTWARE IS PROVIDED BY APPLE INC. AND ITS CONTRIBUTORS ``AS IS''
* AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,
* THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL APPLE INC. OR ITS CONTRIBUTORS
* BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
* CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
* SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
* INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
* CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF
* THE POSSIBILITY OF SUCH DAMAGE.
*/
#include "bindings/core/v8/V8Initializer.h"
#include "bindings/core/v8/DOMWrapperWorld.h"
#include "bindings/core/v8/RejectedPromises.h"
#include "bindings/core/v8/RetainedDOMInfo.h"
#include "bindings/core/v8/ScriptCallStackFactory.h"
#include "bindings/core/v8/ScriptController.h"
#include "bindings/core/v8/ScriptValue.h"
#include "bindings/core/v8/V8Binding.h"
#include "bindings/core/v8/V8DOMException.h"
#include "bindings/core/v8/V8ErrorEvent.h"
#include "bindings/core/v8/V8ErrorHandler.h"
#include "bindings/core/v8/V8GCController.h"
#include "bindings/core/v8/V8History.h"
#include "bindings/core/v8/V8IdleTaskRunner.h"
#include "bindings/core/v8/V8Location.h"
#include "bindings/core/v8/V8PerContextData.h"
#include "bindings/core/v8/V8Window.h"
#include "bindings/core/v8/WorkerOrWorkletScriptController.h"
#include "core/dom/Document.h"
#include "core/dom/ExceptionCode.h"
#include "core/fetch/AccessControlStatus.h"
#include "core/frame/ConsoleTypes.h"
#include "core/frame/LocalDOMWindow.h"
#include "core/frame/LocalFrame.h"
#include "core/frame/csp/ContentSecurityPolicy.h"
#include "core/inspector/ScriptArguments.h"
#include "core/inspector/ScriptCallStack.h"
#include "core/workers/WorkerGlobalScope.h"
#include "platform/EventDispatchForbiddenScope.h"
#include "platform/RuntimeEnabledFeatures.h"
#include "platform/TraceEvent.h"
#include "public/platform/Platform.h"
#include "public/platform/WebScheduler.h"
#include "public/platform/WebThread.h"
#include "wtf/AddressSanitizer.h"
#include "wtf/ArrayBufferContents.h"
#include "wtf/RefPtr.h"
#include "wtf/text/WTFString.h"
#include <v8-debug.h>
#include <v8-profiler.h>
namespace blink {
static Frame* findFrame(v8::Isolate* isolate, v8::Local<v8::Object> host, v8::Local<v8::Value> data)
{
const WrapperTypeInfo* type = WrapperTypeInfo::unwrap(data);
if (V8Window::wrapperTypeInfo.equals(type)) {
v8::Local<v8::Object> windowWrapper = V8Window::findInstanceInPrototypeChain(host, isolate);
if (windowWrapper.IsEmpty())
return 0;
return V8Window::toImpl(windowWrapper)->frame();
}
if (V8History::wrapperTypeInfo.equals(type))
return V8History::toImpl(host)->frame();
if (V8Location::wrapperTypeInfo.equals(type))
return V8Location::toImpl(host)->frame();
// This function can handle only those types listed above.
ASSERT_NOT_REACHED();
return 0;
}
static void reportFatalErrorInMainThread(const char* location, const char* message)
{
int memoryUsageMB = Platform::current()->actualMemoryUsageMB();
printf("V8 error: %s (%s). Current memory usage: %d MB\n", message, location, memoryUsageMB);
CRASH();
}
static PassRefPtrWillBeRawPtr<ScriptCallStack> extractCallStack(v8::Isolate* isolate, v8::Local<v8::Message> message, int* const scriptId)
{
v8::Local<v8::StackTrace> stackTrace = message->GetStackTrace();
RefPtrWillBeRawPtr<ScriptCallStack> callStack = nullptr;
*scriptId = message->GetScriptOrigin().ScriptID()->Value();
// Currently stack trace is only collected when inspector is open.
if (!stackTrace.IsEmpty() && stackTrace->GetFrameCount() > 0) {
callStack = createScriptCallStack(isolate, stackTrace, ScriptCallStack::maxCallStackSizeToCapture);
bool success = false;
int topScriptId = callStack->at(0).scriptId().toInt(&success);
if (success && topScriptId == *scriptId)
*scriptId = 0;
}
return callStack.release();
}
static String extractResourceName(v8::Local<v8::Message> message, const Document* document)
{
v8::Local<v8::Value> resourceName = message->GetScriptOrigin().ResourceName();
bool shouldUseDocumentURL = document && (resourceName.IsEmpty() || !resourceName->IsString());
return shouldUseDocumentURL ? document->url() : toCoreString(resourceName.As<v8::String>());
}
static String extractMessageForConsole(v8::Isolate* isolate, v8::Local<v8::Value> data)
{
if (V8DOMWrapper::isWrapper(isolate, data)) {
v8::Local<v8::Object> obj = v8::Local<v8::Object>::Cast(data);
const WrapperTypeInfo* type = toWrapperTypeInfo(obj);
if (V8DOMException::wrapperTypeInfo.isSubclass(type)) {
DOMException* exception = V8DOMException::toImpl(obj);
if (exception && !exception->messageForConsole().isEmpty())
return exception->toStringForConsole();
}
}
return emptyString();
}
static void messageHandlerInMainThread(v8::Local<v8::Message> message, v8::Local<v8::Value> data)
{
ASSERT(isMainThread());
v8::Isolate* isolate = v8::Isolate::GetCurrent();
// If called during context initialization, there will be no entered window.
LocalDOMWindow* enteredWindow = enteredDOMWindow(isolate);
if (!enteredWindow || !enteredWindow->isCurrentlyDisplayedInFrame())
return;
int scriptId = 0;
RefPtrWillBeRawPtr<ScriptCallStack> callStack = extractCallStack(isolate, message, &scriptId);
String resourceName = extractResourceName(message, enteredWindow->document());
AccessControlStatus accessControlStatus = NotSharableCrossOrigin;
if (message->IsOpaque())
accessControlStatus = OpaqueResource;
else if (message->IsSharedCrossOrigin())
accessControlStatus = SharableCrossOrigin;
ScriptState* scriptState = ScriptState::current(isolate);
String errorMessage = toCoreStringWithNullCheck(message->Get());
int lineNumber = 0;
int columnNumber = 0;
if (v8Call(message->GetLineNumber(scriptState->context()), lineNumber)
&& v8Call(message->GetStartColumn(scriptState->context()), columnNumber))
++columnNumber;
RefPtrWillBeRawPtr<ErrorEvent> event = ErrorEvent::create(errorMessage, resourceName, lineNumber, columnNumber, &scriptState->world());
String messageForConsole = extractMessageForConsole(isolate, data);
if (!messageForConsole.isEmpty())
event->setUnsanitizedMessage("Uncaught " + messageForConsole);
// This method might be called while we're creating a new context. In this case, we
// avoid storing the exception object, as we can't create a wrapper during context creation.
// FIXME: Can we even get here during initialization now that we bail out when GetEntered returns an empty handle?
LocalFrame* frame = enteredWindow->document()->frame();
if (frame && frame->script().existingWindowProxy(scriptState->world())) {
V8ErrorHandler::storeExceptionOnErrorEventWrapper(scriptState, event.get(), data, scriptState->context()->Global());
}
if (scriptState->world().isPrivateScriptIsolatedWorld()) {
// We allow a private script to dispatch error events even in a EventDispatchForbiddenScope scope.
// Without having this ability, it's hard to debug the private script because syntax errors
// in the private script are not reported to console (the private script just crashes silently).
// Allowing error events in private scripts is safe because error events don't propagate to
// other isolated worlds (which means that the error events won't fire any event listeners
// in user's scripts).
EventDispatchForbiddenScope::AllowUserAgentEvents allowUserAgentEvents;
enteredWindow->document()->reportException(event.release(), scriptId, callStack, accessControlStatus);
} else {
enteredWindow->document()->reportException(event.release(), scriptId, callStack, accessControlStatus);
}
}
namespace {
static RejectedPromises& rejectedPromisesOnMainThread()
{
ASSERT(isMainThread());
DEFINE_STATIC_LOCAL(RefPtrWillBePersistent<RejectedPromises>, rejectedPromises, (RejectedPromises::create()));
return *rejectedPromises;
}
} // namespace
void V8Initializer::reportRejectedPromisesOnMainThread()
{
rejectedPromisesOnMainThread().processQueue();
}
static void promiseRejectHandler(v8::PromiseRejectMessage data, RejectedPromises& rejectedPromises, const String& fallbackResourceName)
{
if (data.GetEvent() == v8::kPromiseHandlerAddedAfterReject) {
rejectedPromises.handlerAdded(data);
return;
}
ASSERT(data.GetEvent() == v8::kPromiseRejectWithNoHandler);
v8::Local<v8::Promise> promise = data.GetPromise();
v8::Isolate* isolate = promise->GetIsolate();
ScriptState* scriptState = ScriptState::current(isolate);
v8::Local<v8::Value> exception = data.GetValue();
if (V8DOMWrapper::isWrapper(isolate, exception)) {
// Try to get the stack & location from a wrapped exception object (e.g. DOMException).
ASSERT(exception->IsObject());
v8::Local<v8::Object> obj = v8::Local<v8::Object>::Cast(exception);
v8::Local<v8::Value> error = V8HiddenValue::getHiddenValue(scriptState, obj, V8HiddenValue::error(isolate));
if (!error.IsEmpty())
exception = error;
}
int scriptId = 0;
int lineNumber = 0;
int columnNumber = 0;
String resourceName = fallbackResourceName;
String errorMessage;
AccessControlStatus corsStatus = NotSharableCrossOrigin;
RefPtrWillBeRawPtr<ScriptCallStack> callStack = nullptr;
v8::Local<v8::Message> message = v8::Exception::CreateMessage(isolate, exception);
if (!message.IsEmpty()) {
V8StringResource<> v8ResourceName(message->GetScriptOrigin().ResourceName());
if (v8ResourceName.prepare())
resourceName = v8ResourceName;
scriptId = message->GetScriptOrigin().ScriptID()->Value();
if (v8Call(message->GetLineNumber(scriptState->context()), lineNumber)
&& v8Call(message->GetStartColumn(scriptState->context()), columnNumber))
++columnNumber;
// message->Get() can be empty here. https://crbug.com/450330
errorMessage = toCoreStringWithNullCheck(message->Get());
callStack = extractCallStack(isolate, message, &scriptId);
if (message->IsSharedCrossOrigin())
corsStatus = SharableCrossOrigin;
}
String messageForConsole = extractMessageForConsole(isolate, data.GetValue());
if (!messageForConsole.isEmpty())
errorMessage = "Uncaught " + messageForConsole;
rejectedPromises.rejectedWithNoHandler(scriptState, data, errorMessage, resourceName, scriptId, lineNumber, columnNumber, callStack, corsStatus);
}
static void promiseRejectHandlerInMainThread(v8::PromiseRejectMessage data)
{
ASSERT(isMainThread());
v8::Local<v8::Promise> promise = data.GetPromise();
v8::Isolate* isolate = promise->GetIsolate();
// There is no entered window during microtask callbacks from V8,
// thus we call toDOMWindow() instead of enteredDOMWindow().
LocalDOMWindow* window = currentDOMWindow(isolate);
if (!window || !window->isCurrentlyDisplayedInFrame())
return;
promiseRejectHandler(data, rejectedPromisesOnMainThread(), window->document() ? window->document()->url() : String());
}
static void promiseRejectHandlerInWorker(v8::PromiseRejectMessage data)
{
v8::Local<v8::Promise> promise = data.GetPromise();
// Bail out if called during context initialization.
v8::Isolate* isolate = promise->GetIsolate();
ScriptState* scriptState = ScriptState::current(isolate);
if (!scriptState->contextIsValid())
return;
ExecutionContext* executionContext = scriptState->executionContext();
if (!executionContext)
return;
ASSERT(executionContext->isWorkerGlobalScope());
WorkerOrWorkletScriptController* scriptController = toWorkerGlobalScope(executionContext)->script();
ASSERT(scriptController);
promiseRejectHandler(data, *scriptController->rejectedPromises(), String());
}
static void failedAccessCheckCallbackInMainThread(v8::Local<v8::Object> host, v8::AccessType type, v8::Local<v8::Value> data)
{
v8::Isolate* isolate = v8::Isolate::GetCurrent();
Frame* target = findFrame(isolate, host, data);
if (!target)
return;
DOMWindow* targetWindow = target->domWindow();
// FIXME: We should modify V8 to pass in more contextual information (context, property, and object).
ExceptionState exceptionState(ExceptionState::UnknownContext, 0, 0, isolate->GetCurrentContext()->Global(), isolate);
exceptionState.throwSecurityError(targetWindow->sanitizedCrossDomainAccessErrorMessage(callingDOMWindow(isolate)), targetWindow->crossDomainAccessErrorMessage(callingDOMWindow(isolate)));
exceptionState.throwIfNeeded();
}
static bool codeGenerationCheckCallbackInMainThread(v8::Local<v8::Context> context)
{
if (ExecutionContext* executionContext = toExecutionContext(context)) {
if (ContentSecurityPolicy* policy = toDocument(executionContext)->contentSecurityPolicy())
return policy->allowEval(ScriptState::from(context), ContentSecurityPolicy::SendReport, ContentSecurityPolicy::WillThrowException);
}
return false;
}
static void initializeV8Common(v8::Isolate* isolate)
{
isolate->AddGCPrologueCallback(V8GCController::gcPrologue);
isolate->AddGCEpilogueCallback(V8GCController::gcEpilogue);
v8::Debug::SetLiveEditEnabled(isolate, false);
isolate->SetAutorunMicrotasks(false);
}
namespace {
class ArrayBufferAllocator : public v8::ArrayBuffer::Allocator {
void* Allocate(size_t size) override
{
void* data;
WTF::ArrayBufferContents::allocateMemory(size, WTF::ArrayBufferContents::ZeroInitialize, data);
return data;
}
void* AllocateUninitialized(size_t size) override
{
void* data;
WTF::ArrayBufferContents::allocateMemory(size, WTF::ArrayBufferContents::DontInitialize, data);
return data;
}
void Free(void* data, size_t size) override
{
WTF::ArrayBufferContents::freeMemory(data, size);
}
};
} // namespace
void V8Initializer::initializeMainThreadIfNeeded()
{
ASSERT(isMainThread());
static bool initialized = false;
if (initialized)
return;
initialized = true;
DEFINE_STATIC_LOCAL(ArrayBufferAllocator, arrayBufferAllocator, ());
auto v8ExtrasMode = RuntimeEnabledFeatures::experimentalV8ExtrasEnabled() ? gin::IsolateHolder::kStableAndExperimentalV8Extras : gin::IsolateHolder::kStableV8Extras;
gin::IsolateHolder::Initialize(gin::IsolateHolder::kNonStrictMode, v8ExtrasMode, &arrayBufferAllocator);
v8::Isolate* isolate = V8PerIsolateData::initialize();
initializeV8Common(isolate);
isolate->SetFatalErrorHandler(reportFatalErrorInMainThread);
isolate->AddMessageListener(messageHandlerInMainThread);
isolate->SetFailedAccessCheckCallbackFunction(failedAccessCheckCallbackInMainThread);
isolate->SetAllowCodeGenerationFromStringsCallback(codeGenerationCheckCallbackInMainThread);
if (RuntimeEnabledFeatures::v8IdleTasksEnabled()) {
WebScheduler* scheduler = Platform::current()->currentThread()->scheduler();
V8PerIsolateData::enableIdleTasks(isolate, adoptPtr(new V8IdleTaskRunner(scheduler)));
}
isolate->SetPromiseRejectCallback(promiseRejectHandlerInMainThread);
if (v8::HeapProfiler* profiler = isolate->GetHeapProfiler())
profiler->SetWrapperClassInfoProvider(WrapperTypeInfo::NodeClassId, &RetainedDOMInfo::retainedDOMInfo);
}
static void reportFatalErrorInWorker(const char* location, const char* message)
{
// FIXME: We temporarily deal with V8 internal error situations such as out-of-memory by crashing the worker.
CRASH();
}
static void messageHandlerInWorker(v8::Local<v8::Message> message, v8::Local<v8::Value> data)
{
v8::Isolate* isolate = v8::Isolate::GetCurrent();
V8PerIsolateData* perIsolateData = V8PerIsolateData::from(isolate);
// Exceptions that occur in error handler should be ignored since in that case
// WorkerGlobalScope::reportException will send the exception to the worker object.
if (perIsolateData->isReportingException())
return;
perIsolateData->setReportingException(true);
ScriptState* scriptState = ScriptState::current(isolate);
// During the frame teardown, there may not be a valid context.
if (ExecutionContext* context = scriptState->executionContext()) {
String errorMessage = toCoreStringWithNullCheck(message->Get());
TOSTRING_VOID(V8StringResource<>, sourceURL, message->GetScriptOrigin().ResourceName());
int scriptId = 0;
RefPtrWillBeRawPtr<ScriptCallStack> callStack = extractCallStack(isolate, message, &scriptId);
int lineNumber = 0;
int columnNumber = 0;
if (v8Call(message->GetLineNumber(scriptState->context()), lineNumber)
&& v8Call(message->GetStartColumn(scriptState->context()), columnNumber))
++columnNumber;
RefPtrWillBeRawPtr<ErrorEvent> event = ErrorEvent::create(errorMessage, sourceURL, lineNumber, columnNumber, &DOMWrapperWorld::current(isolate));
AccessControlStatus corsStatus = message->IsSharedCrossOrigin() ? SharableCrossOrigin : NotSharableCrossOrigin;
// If execution termination has been triggered as part of constructing
// the error event from the v8::Message, quietly leave.
if (!isolate->IsExecutionTerminating()) {
V8ErrorHandler::storeExceptionOnErrorEventWrapper(scriptState, event.get(), data, scriptState->context()->Global());
context->reportException(event.release(), scriptId, callStack, corsStatus);
}
}
perIsolateData->setReportingException(false);
}
static const int kWorkerMaxStackSize = 500 * 1024;
// This function uses a local stack variable to determine the isolate's stack limit. AddressSanitizer may
// relocate that local variable to a fake stack, which may lead to problems during JavaScript execution.
// Therefore we disable AddressSanitizer for V8Initializer::initializeWorker().
NO_SANITIZE_ADDRESS
void V8Initializer::initializeWorker(v8::Isolate* isolate)
{
initializeV8Common(isolate);
isolate->AddMessageListener(messageHandlerInWorker);
isolate->SetFatalErrorHandler(reportFatalErrorInWorker);
uint32_t here;
isolate->SetStackLimit(reinterpret_cast<uintptr_t>(&here - kWorkerMaxStackSize / sizeof(uint32_t*)));
isolate->SetPromiseRejectCallback(promiseRejectHandlerInWorker);
}
} // namespace blink