JSObject* createError(ExecState* exec, JSValue value, const String& message, ErrorInstance::SourceAppender appender)
{
String errorMessage = makeString(errorDescriptionForValue(exec, value)->value(exec), ' ', message);
JSObject* exception = createTypeError(exec, errorMessage, appender, runtimeTypeForValue(value));
ASSERT(exception->isErrorInstance());
return exception;
}
JSObject* createError(ExecState* exec, JSValue value, const String& message, ErrorInstance::SourceAppender appender)
{
VM& vm = exec->vm();
auto scope = DECLARE_CATCH_SCOPE(vm);
String errorMessage = makeString(errorDescriptionForValue(exec, value)->value(exec), ' ', message);
ASSERT_UNUSED(scope, !scope.exception());
JSObject* exception = createTypeError(exec, errorMessage, appender, runtimeTypeForValue(value));
ASSERT(exception->isErrorInstance());
return exception;
}
void TypeProfilerLog::processLogEntries(const String& reason)
{
double before = 0;
if (verbose) {
dataLog("Process caller:'", reason, "'");
before = currentTimeMS();
}
LogEntry* entry = m_logStartPtr;
HashMap<Structure*, RefPtr<StructureShape>> seenShapes;
while (entry != m_currentLogEntryPtr) {
StructureID id = entry->structureID;
RefPtr<StructureShape> shape;
JSValue value = entry->value;
Structure* structure = nullptr;
if (id) {
structure = Heap::heap(value.asCell())->structureIDTable().get(id);
auto iter = seenShapes.find(structure);
if (iter == seenShapes.end()) {
shape = structure->toStructureShape(value);
seenShapes.set(structure, shape);
} else
shape = iter->value;
}
RuntimeType type = runtimeTypeForValue(value);
TypeLocation* location = entry->location;
location->m_lastSeenType = type;
if (location->m_globalTypeSet)
location->m_globalTypeSet->addTypeInformation(type, shape, structure);
location->m_instructionTypeSet->addTypeInformation(type, shape, structure);
entry++;
}
m_currentLogEntryPtr = m_logStartPtr;
if (verbose) {
double after = currentTimeMS();
dataLogF(" Processing the log took: '%f' ms\n", after - before);
}
}
JSObject* createInvalidFunctionApplyParameterError(ExecState* exec, JSValue value)
{
JSObject* exception = createTypeError(exec, makeString("second argument to Function.prototype.apply must be an Array-like object"), defaultSourceAppender, runtimeTypeForValue(value));
ASSERT(exception->isErrorInstance());
return exception;
}
static EncodedJSValue JSC_HOST_CALL constructJSWebAssemblyInstance(ExecState* exec)
{
auto& vm = exec->vm();
auto throwScope = DECLARE_THROW_SCOPE(vm);
auto* globalObject = exec->lexicalGlobalObject();
// If moduleObject is not a WebAssembly.Module instance, a TypeError is thrown.
JSWebAssemblyModule* jsModule = jsDynamicCast<JSWebAssemblyModule*>(vm, exec->argument(0));
if (!jsModule)
return JSValue::encode(throwException(exec, throwScope, createTypeError(exec, ASCIILiteral("first argument to WebAssembly.Instance must be a WebAssembly.Module"), defaultSourceAppender, runtimeTypeForValue(exec->argument(0)))));
const Wasm::ModuleInformation& moduleInformation = jsModule->moduleInformation();
// If the importObject parameter is not undefined and Type(importObject) is not Object, a TypeError is thrown.
JSValue importArgument = exec->argument(1);
JSObject* importObject = importArgument.getObject();
if (!importArgument.isUndefined() && !importObject)
return JSValue::encode(throwException(exec, throwScope, createTypeError(exec, ASCIILiteral("second argument to WebAssembly.Instance must be undefined or an Object"), defaultSourceAppender, runtimeTypeForValue(importArgument))));
// If the list of module.imports is not empty and Type(importObject) is not Object, a TypeError is thrown.
if (moduleInformation.imports.size() && !importObject)
return JSValue::encode(throwException(exec, throwScope, createTypeError(exec, ASCIILiteral("second argument to WebAssembly.Instance must be Object because the WebAssembly.Module has imports"), defaultSourceAppender, runtimeTypeForValue(importArgument))));
Identifier moduleKey = Identifier::fromUid(PrivateName(PrivateName::Description, "WebAssemblyInstance"));
WebAssemblyModuleRecord* moduleRecord = WebAssemblyModuleRecord::create(exec, vm, globalObject->webAssemblyModuleRecordStructure(), moduleKey, moduleInformation);
RETURN_IF_EXCEPTION(throwScope, encodedJSValue());
Structure* instanceStructure = InternalFunction::createSubclassStructure(exec, exec->newTarget(), globalObject->WebAssemblyInstanceStructure());
RETURN_IF_EXCEPTION(throwScope, encodedJSValue());
JSWebAssemblyInstance* instance = JSWebAssemblyInstance::create(vm, instanceStructure, jsModule, moduleRecord->getModuleNamespace(exec));
RETURN_IF_EXCEPTION(throwScope, encodedJSValue());
{
// Always start with a dummy Memory, so that wasm -> wasm thunks avoid checking for a nullptr Memory when trying to set pinned registers.
Wasm::Memory memory;
instance->setMemory(vm, JSWebAssemblyMemory::create(vm, exec->lexicalGlobalObject()->WebAssemblyMemoryStructure(), WTFMove(memory)));
}
// Let funcs, memories and tables be initially-empty lists of callable JavaScript objects, WebAssembly.Memory objects and WebAssembly.Table objects, respectively.
// Let imports be an initially-empty list of external values.
unsigned numImportFunctions = 0;
unsigned numImportGlobals = 0;
bool hasMemoryImport = false;
bool hasTableImport = false;
// For each import i in module.imports:
for (auto& import : moduleInformation.imports) {
// 1. Let o be the resultant value of performing Get(importObject, i.module_name).
JSValue importModuleValue = importObject->get(exec, import.module);
RETURN_IF_EXCEPTION(throwScope, encodedJSValue());
// 2. If Type(o) is not Object, throw a TypeError.
if (!importModuleValue.isObject())
return JSValue::encode(throwException(exec, throwScope, createTypeError(exec, ASCIILiteral("import must be an object"), defaultSourceAppender, runtimeTypeForValue(importModuleValue))));
// 3. Let v be the value of performing Get(o, i.item_name)
JSObject* object = jsCast<JSObject*>(importModuleValue);
JSValue value = object->get(exec, import.field);
RETURN_IF_EXCEPTION(throwScope, encodedJSValue());
switch (import.kind) {
case Wasm::ExternalKind::Function: {
// 4. If i is a function import:
// i. If IsCallable(v) is false, throw a WebAssembly.LinkError.
if (!value.isFunction())
return JSValue::encode(throwException(exec, throwScope, createJSWebAssemblyLinkError(exec, vm, ASCIILiteral("import function must be callable"))));
JSCell* cell = value.asCell();
// ii. If v is an Exported Function Exotic Object:
if (WebAssemblyFunction* importedExport = jsDynamicCast<WebAssemblyFunction*>(vm, cell)) {
// a. If the signature of v does not match the signature of i, throw a WebAssembly.LinkError.
Wasm::SignatureIndex importedSignatureIndex = importedExport->signatureIndex();
Wasm::SignatureIndex expectedSignatureIndex = moduleInformation.importFunctionSignatureIndices[import.kindIndex];
if (importedSignatureIndex != expectedSignatureIndex)
return JSValue::encode(throwException(exec, throwScope, createJSWebAssemblyLinkError(exec, vm, ASCIILiteral("imported function's signature doesn't match the provided WebAssembly function's signature"))));
// b. Let closure be v.[[Closure]].
}
// iii. Otherwise:
// a. Let closure be a new host function of the given signature which calls v by coercing WebAssembly arguments to JavaScript arguments via ToJSValue and returns the result, if any, by coercing via ToWebAssemblyValue.
// Note: done as part of Plan compilation.
// iv. Append v to funcs.
// Note: adding the JSCell to the instance list fulfills closure requirements b. above (the WebAssembly.Instance wil be kept alive) and v. below (the JSFunction).
instance->setImportFunction(vm, cell, numImportFunctions++);
// v. Append closure to imports.
break;
}
case Wasm::ExternalKind::Table: {
RELEASE_ASSERT(!hasTableImport); // This should be guaranteed by a validation failure.
// 7. Otherwise (i is a table import):
hasTableImport = true;
JSWebAssemblyTable* table = jsDynamicCast<JSWebAssemblyTable*>(vm, value);
// i. If v is not a WebAssembly.Table object, throw a WebAssembly.LinkError.
if (!table)
return JSValue::encode(throwException(exec, throwScope, createJSWebAssemblyLinkError(exec, vm, ASCIILiteral("Table import is not an instance of WebAssembly.Table"))));
uint32_t expectedInitial = moduleInformation.tableInformation.initial();
uint32_t actualInitial = table->size();
if (actualInitial < expectedInitial)
return JSValue::encode(throwException(exec, throwScope, createJSWebAssemblyLinkError(exec, vm, ASCIILiteral("Table import provided an 'initial' that is too small"))));
if (std::optional<uint32_t> expectedMaximum = moduleInformation.tableInformation.maximum()) {
std::optional<uint32_t> actualMaximum = table->maximum();
if (!actualMaximum) {
return JSValue::encode(
throwException(exec, throwScope, createJSWebAssemblyLinkError(exec, vm, ASCIILiteral("Table import does not have a 'maximum' but the module requires that it does"))));
}
if (*actualMaximum > *expectedMaximum) {
return JSValue::encode(
throwException(exec, throwScope, createJSWebAssemblyLinkError(exec, vm, ASCIILiteral("Imported Table's 'maximum' is larger than the module's expected 'maximum'"))));
}
}
// ii. Append v to tables.
// iii. Append v.[[Table]] to imports.
instance->setTable(vm, table);
break;
}
case Wasm::ExternalKind::Memory: {
// 6. If i is a memory import:
RELEASE_ASSERT(!hasMemoryImport); // This should be guaranteed by a validation failure.
RELEASE_ASSERT(moduleInformation.memory);
hasMemoryImport = true;
JSWebAssemblyMemory* memory = jsDynamicCast<JSWebAssemblyMemory*>(vm, value);
// i. If v is not a WebAssembly.Memory object, throw a WebAssembly.LinkError.
if (!memory)
return JSValue::encode(throwException(exec, throwScope, createJSWebAssemblyLinkError(exec, vm, ASCIILiteral("Memory import is not an instance of WebAssembly.Memory"))));
Wasm::PageCount expectedInitial = moduleInformation.memory.initial();
Wasm::PageCount actualInitial = memory->memory()->initial();
if (actualInitial < expectedInitial)
return JSValue::encode(throwException(exec, throwScope, createJSWebAssemblyLinkError(exec, vm, ASCIILiteral("Memory import provided an 'initial' that is too small"))));
if (Wasm::PageCount expectedMaximum = moduleInformation.memory.maximum()) {
Wasm::PageCount actualMaximum = memory->memory()->maximum();
if (!actualMaximum) {
return JSValue::encode(
throwException(exec, throwScope, createJSWebAssemblyLinkError(exec, vm, ASCIILiteral("Memory import did not have a 'maximum' but the module requires that it does"))));
}
if (actualMaximum > expectedMaximum) {
return JSValue::encode(
throwException(exec, throwScope, createJSWebAssemblyLinkError(exec, vm, ASCIILiteral("Memory imports 'maximum' is larger than the module's expected 'maximum'"))));
}
}
// ii. Append v to memories.
// iii. Append v.[[Memory]] to imports.
instance->setMemory(vm, memory);
break;
}
case Wasm::ExternalKind::Global: {
// 5. If i is a global import:
// i. If i is not an immutable global, throw a TypeError.
ASSERT(moduleInformation.globals[import.kindIndex].mutability == Wasm::Global::Immutable);
// ii. If Type(v) is not Number, throw a TypeError.
if (!value.isNumber())
return JSValue::encode(throwException(exec, throwScope, createJSWebAssemblyLinkError(exec, vm, ASCIILiteral("imported global must be a number"))));
// iii. Append ToWebAssemblyValue(v) to imports.
switch (moduleInformation.globals[import.kindIndex].type) {
case Wasm::I32:
instance->setGlobal(numImportGlobals++, value.toInt32(exec));
break;
case Wasm::F32:
instance->setGlobal(numImportGlobals++, bitwise_cast<uint32_t>(value.toFloat(exec)));
break;
case Wasm::F64:
instance->setGlobal(numImportGlobals++, bitwise_cast<uint64_t>(value.asNumber()));
break;
default:
RELEASE_ASSERT_NOT_REACHED();
}
ASSERT(!throwScope.exception());
break;
}
}
}
{
if (!!moduleInformation.memory && moduleInformation.memory.isImport()) {
// We should either have a Memory import or we should have thrown an exception.
RELEASE_ASSERT(hasMemoryImport);
}
if (moduleInformation.memory && !hasMemoryImport) {
RELEASE_ASSERT(!moduleInformation.memory.isImport());
// We create a memory when it's a memory definition.
bool failed;
Wasm::Memory memory(moduleInformation.memory.initial(), moduleInformation.memory.maximum(), failed);
if (failed)
return JSValue::encode(throwException(exec, throwScope, createOutOfMemoryError(exec)));
instance->setMemory(vm,
JSWebAssemblyMemory::create(vm, exec->lexicalGlobalObject()->WebAssemblyMemoryStructure(), WTFMove(memory)));
}
}
{
if (!!moduleInformation.tableInformation && moduleInformation.tableInformation.isImport()) {
// We should either have a Table import or we should have thrown an exception.
RELEASE_ASSERT(hasTableImport);
}
if (!!moduleInformation.tableInformation && !hasTableImport) {
RELEASE_ASSERT(!moduleInformation.tableInformation.isImport());
// We create a Table when it's a Table definition.
JSWebAssemblyTable* table = JSWebAssemblyTable::create(exec, vm, exec->lexicalGlobalObject()->WebAssemblyTableStructure(),
moduleInformation.tableInformation.initial(), moduleInformation.tableInformation.maximum());
// We should always be able to allocate a JSWebAssemblyTable we've defined.
// If it's defined to be too large, we should have thrown a validation error.
ASSERT(!throwScope.exception());
ASSERT(table);
instance->setTable(vm, table);
}
}
// Globals
{
ASSERT(numImportGlobals == moduleInformation.firstInternalGlobal);
for (size_t globalIndex = numImportGlobals; globalIndex < moduleInformation.globals.size(); ++globalIndex) {
const auto& global = moduleInformation.globals[globalIndex];
ASSERT(global.initializationType != Wasm::Global::IsImport);
if (global.initializationType == Wasm::Global::FromGlobalImport) {
ASSERT(global.initialBitsOrImportNumber < numImportGlobals);
instance->setGlobal(globalIndex, instance->loadI64Global(global.initialBitsOrImportNumber));
} else
instance->setGlobal(globalIndex, global.initialBitsOrImportNumber);
}
}
moduleRecord->link(exec, instance);
RETURN_IF_EXCEPTION(throwScope, encodedJSValue());
if (verbose)
moduleRecord->dump();
JSValue startResult = moduleRecord->evaluate(exec);
UNUSED_PARAM(startResult);
RETURN_IF_EXCEPTION(throwScope, encodedJSValue());
return JSValue::encode(instance);
}
static EncodedJSValue JSC_HOST_CALL constructJSWebAssemblyModule(ExecState* state)
{
VM& vm = state->vm();
auto scope = DECLARE_THROW_SCOPE(vm);
JSValue val = state->argument(0);
// If the given bytes argument is not a BufferSource, a TypeError exception is thrown.
JSArrayBuffer* arrayBuffer = val.getObject() ? jsDynamicCast<JSArrayBuffer*>(val.getObject()) : nullptr;
JSArrayBufferView* arrayBufferView = val.getObject() ? jsDynamicCast<JSArrayBufferView*>(val.getObject()) : nullptr;
if (!(arrayBuffer || arrayBufferView))
return JSValue::encode(throwException(state, scope, createTypeError(state, ASCIILiteral("first argument to WebAssembly.Module must be an ArrayBufferView or an ArrayBuffer"), defaultSourceAppender, runtimeTypeForValue(val))));
if (arrayBufferView ? arrayBufferView->isNeutered() : arrayBuffer->impl()->isNeutered())
return JSValue::encode(throwException(state, scope, createTypeError(state, ASCIILiteral("underlying TypedArray has been detatched from the ArrayBuffer"), defaultSourceAppender, runtimeTypeForValue(val))));
size_t byteOffset = arrayBufferView ? arrayBufferView->byteOffset() : 0;
size_t byteSize = arrayBufferView ? arrayBufferView->length() : arrayBuffer->impl()->byteLength();
const auto* base = arrayBufferView ? static_cast<uint8_t*>(arrayBufferView->vector()) : static_cast<uint8_t*>(arrayBuffer->impl()->data());
Wasm::Plan plan(&vm, base + byteOffset, byteSize);
// On failure, a new WebAssembly.CompileError is thrown.
plan.run();
if (plan.failed())
return JSValue::encode(throwException(state, scope, createWebAssemblyCompileError(state, plan.errorMessage())));
// On success, a new WebAssembly.Module object is returned with [[Module]] set to the validated Ast.module.
auto* structure = InternalFunction::createSubclassStructure(state, state->newTarget(), asInternalFunction(state->jsCallee())->globalObject()->WebAssemblyModuleStructure());
RETURN_IF_EXCEPTION(scope, { });
// The export symbol table is the same for all Instances of a Module.
SymbolTable* exportSymbolTable = SymbolTable::create(vm);
for (auto& exp : plan.exports()) {
auto offset = exportSymbolTable->takeNextScopeOffset(NoLockingNecessary);
exportSymbolTable->set(NoLockingNecessary, exp.field.impl(), SymbolTableEntry(VarOffset(offset)));
}
// Only wasm-internal functions have a callee, stubs to JS do not.
unsigned calleeCount = plan.internalFunctionCount();
JSWebAssemblyModule* result = JSWebAssemblyModule::create(vm, structure, plan.takeModuleInformation(), plan.takeCallLinkInfos(), plan.takeWasmToJSStubs(), plan.takeFunctionIndexSpace(), exportSymbolTable, calleeCount);
plan.initializeCallees(state->jsCallee()->globalObject(),
[&] (unsigned calleeIndex, JSWebAssemblyCallee* jsEntrypointCallee, JSWebAssemblyCallee* wasmEntrypointCallee) {
result->setJSEntrypointCallee(vm, calleeIndex, jsEntrypointCallee);
result->setWasmEntrypointCallee(vm, calleeIndex, wasmEntrypointCallee);
});
return JSValue::encode(result);
}
void TypeProfilerLog::processLogEntries(VM& vm, const String& reason)
{
// We need to do this because this code will call into calculatedDisplayName.
// calculatedDisplayName will clear any exception it sees (because it thinks
// it's a stack overflow). We may be called when an exception was already
// thrown, so we don't want calcualtedDisplayName to clear that exception that
// was thrown before we even got here.
VM::DeferExceptionScope deferExceptionScope(vm);
MonotonicTime before { };
if (TypeProfilerLogInternal::verbose) {
dataLog("Process caller:'", reason, "'");
before = MonotonicTime::now();
}
HashMap<Structure*, RefPtr<StructureShape>> cachedMonoProtoShapes;
HashMap<std::pair<Structure*, JSCell*>, RefPtr<StructureShape>> cachedPolyProtoShapes;
LogEntry* entry = m_logStartPtr;
while (entry != m_currentLogEntryPtr) {
StructureID id = entry->structureID;
RefPtr<StructureShape> shape;
JSValue value = entry->value;
Structure* structure = nullptr;
bool sawPolyProtoStructure = false;
if (id) {
structure = Heap::heap(value.asCell())->structureIDTable().get(id);
auto iter = cachedMonoProtoShapes.find(structure);
if (iter == cachedMonoProtoShapes.end()) {
auto key = std::make_pair(structure, value.asCell());
auto iter = cachedPolyProtoShapes.find(key);
if (iter != cachedPolyProtoShapes.end()) {
shape = iter->value;
sawPolyProtoStructure = true;
}
if (!shape) {
shape = structure->toStructureShape(value, sawPolyProtoStructure);
if (sawPolyProtoStructure)
cachedPolyProtoShapes.set(key, shape);
else
cachedMonoProtoShapes.set(structure, shape);
}
} else
shape = iter->value;
}
RuntimeType type = runtimeTypeForValue(m_vm, value);
TypeLocation* location = entry->location;
location->m_lastSeenType = type;
if (location->m_globalTypeSet)
location->m_globalTypeSet->addTypeInformation(type, shape.copyRef(), structure, sawPolyProtoStructure);
location->m_instructionTypeSet->addTypeInformation(type, WTFMove(shape), structure, sawPolyProtoStructure);
entry++;
}
// Note that we don't update this cursor until we're done processing the log.
// This allows us to have a sane story in case we have to mark the log
// while processing through it. We won't be iterating over the log while
// marking it, but we may be in the middle of iterating over when the mutator
// pauses and causes the collector to mark the log.
m_currentLogEntryPtr = m_logStartPtr;
if (TypeProfilerLogInternal::verbose) {
MonotonicTime after = MonotonicTime::now();
dataLogF(" Processing the log took: '%f' ms\n", (after - before).milliseconds());
}
}