1 /* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*-
2 * vim: set ts=8 sts=2 et sw=2 tw=80:
3 * This Source Code Form is subject to the terms of the Mozilla Public
4 * License, v. 2.0. If a copy of the MPL was not distributed with this
5 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
6
7 /*
8 * JS standard exception implementation.
9 */
10
11 #include "jsexn.h"
12
13 #include "mozilla/Assertions.h"
14 #include "mozilla/Maybe.h"
15 #include "mozilla/ScopeExit.h"
16
17 #include <new>
18 #include <stdarg.h>
19 #include <stdint.h>
20 #include <stdio.h>
21 #include <string.h>
22 #include <utility>
23
24 #include "jsapi.h"
25 #include "jsfriendapi.h"
26 #include "jstypes.h"
27
28 #include "gc/Rooting.h"
29 #include "js/CharacterEncoding.h"
30 #include "js/Class.h"
31 #include "js/Conversions.h"
32 #include "js/ErrorReport.h" // JS::PrintError
33 #include "js/Exception.h" // JS::ExceptionStack
34 #include "js/experimental/TypedData.h" // JS_IsArrayBufferViewObject
35 #include "js/friend/ErrorMessages.h" // JSErrNum, js::GetErrorMessage, JSMSG_*
36 #include "js/Object.h" // JS::GetBuiltinClass
37 #include "js/SavedFrameAPI.h"
38 #include "js/UniquePtr.h"
39 #include "js/Value.h"
40 #include "js/Warnings.h" // JS::{,Set}WarningReporter
41 #include "js/Wrapper.h"
42 #include "util/Memory.h"
43 #include "util/StringBuffer.h"
44 #include "vm/Compartment.h"
45 #include "vm/ErrorObject.h"
46 #include "vm/FrameIter.h" // js::NonBuiltinFrameIter
47 #include "vm/JSAtom.h"
48 #include "vm/JSContext.h"
49 #include "vm/JSObject.h"
50 #include "vm/JSScript.h"
51 #include "vm/Realm.h"
52 #include "vm/SavedFrame.h"
53 #include "vm/SavedStacks.h"
54 #include "vm/SelfHosting.h"
55 #include "vm/Stack.h"
56 #include "vm/StringType.h"
57 #include "vm/SymbolType.h"
58 #include "vm/WellKnownAtom.h" // js_*_str
59
60 #include "vm/Compartment-inl.h"
61 #include "vm/ErrorObject-inl.h"
62 #include "vm/JSContext-inl.h"
63 #include "vm/JSObject-inl.h"
64 #include "vm/ObjectOperations-inl.h" // js::GetProperty
65 #include "vm/SavedStacks-inl.h"
66
67 using namespace js;
68
69 using JS::SavedFrameSelfHosted;
70
ExtraMallocSize(JSErrorReport * report)71 size_t ExtraMallocSize(JSErrorReport* report) {
72 if (report->linebuf()) {
73 /*
74 * Count with null terminator and alignment.
75 * See CopyExtraData for the details about alignment.
76 */
77 return (report->linebufLength() + 1) * sizeof(char16_t) + 1;
78 }
79
80 return 0;
81 }
82
ExtraMallocSize(JSErrorNotes::Note * note)83 size_t ExtraMallocSize(JSErrorNotes::Note* note) { return 0; }
84
CopyExtraData(JSContext * cx,uint8_t ** cursor,JSErrorReport * copy,JSErrorReport * report)85 bool CopyExtraData(JSContext* cx, uint8_t** cursor, JSErrorReport* copy,
86 JSErrorReport* report) {
87 if (report->linebuf()) {
88 /*
89 * Make sure cursor is properly aligned for char16_t for platforms
90 * which need it and it's at the end of the buffer on exit.
91 */
92 size_t alignment_backlog = 0;
93 if (size_t(*cursor) % 2) {
94 (*cursor)++;
95 } else {
96 alignment_backlog = 1;
97 }
98
99 size_t linebufSize = (report->linebufLength() + 1) * sizeof(char16_t);
100 const char16_t* linebufCopy = (const char16_t*)(*cursor);
101 js_memcpy(*cursor, report->linebuf(), linebufSize);
102 *cursor += linebufSize + alignment_backlog;
103 copy->initBorrowedLinebuf(linebufCopy, report->linebufLength(),
104 report->tokenOffset());
105 }
106
107 /* Copy non-pointer members. */
108 copy->isMuted = report->isMuted;
109 copy->exnType = report->exnType;
110 copy->isWarning_ = report->isWarning_;
111
112 /* Deep copy notes. */
113 if (report->notes) {
114 auto copiedNotes = report->notes->copy(cx);
115 if (!copiedNotes) {
116 return false;
117 }
118 copy->notes = std::move(copiedNotes);
119 } else {
120 copy->notes.reset(nullptr);
121 }
122
123 return true;
124 }
125
CopyExtraData(JSContext * cx,uint8_t ** cursor,JSErrorNotes::Note * copy,JSErrorNotes::Note * report)126 bool CopyExtraData(JSContext* cx, uint8_t** cursor, JSErrorNotes::Note* copy,
127 JSErrorNotes::Note* report) {
128 return true;
129 }
130
131 template <typename T>
CopyErrorHelper(JSContext * cx,T * report)132 static UniquePtr<T> CopyErrorHelper(JSContext* cx, T* report) {
133 /*
134 * We use a single malloc block to make a deep copy of JSErrorReport or
135 * JSErrorNotes::Note, except JSErrorNotes linked from JSErrorReport with
136 * the following layout:
137 * JSErrorReport or JSErrorNotes::Note
138 * char array with characters for message_
139 * char array with characters for filename
140 * char16_t array with characters for linebuf (only for JSErrorReport)
141 * Such layout together with the properties enforced by the following
142 * asserts does not need any extra alignment padding.
143 */
144 static_assert(sizeof(T) % sizeof(const char*) == 0);
145 static_assert(sizeof(const char*) % sizeof(char16_t) == 0);
146
147 size_t filenameSize = report->filename ? strlen(report->filename) + 1 : 0;
148 size_t messageSize = 0;
149 if (report->message()) {
150 messageSize = strlen(report->message().c_str()) + 1;
151 }
152
153 /*
154 * The mallocSize can not overflow since it represents the sum of the
155 * sizes of already allocated objects.
156 */
157 size_t mallocSize =
158 sizeof(T) + messageSize + filenameSize + ExtraMallocSize(report);
159 uint8_t* cursor = cx->pod_calloc<uint8_t>(mallocSize);
160 if (!cursor) {
161 return nullptr;
162 }
163
164 UniquePtr<T> copy(new (cursor) T());
165 cursor += sizeof(T);
166
167 if (report->message()) {
168 copy->initBorrowedMessage((const char*)cursor);
169 js_memcpy(cursor, report->message().c_str(), messageSize);
170 cursor += messageSize;
171 }
172
173 if (report->filename) {
174 copy->filename = (const char*)cursor;
175 js_memcpy(cursor, report->filename, filenameSize);
176 cursor += filenameSize;
177 }
178
179 if (!CopyExtraData(cx, &cursor, copy.get(), report)) {
180 return nullptr;
181 }
182
183 MOZ_ASSERT(cursor == (uint8_t*)copy.get() + mallocSize);
184
185 // errorMessageName should be static.
186 copy->errorMessageName = report->errorMessageName;
187
188 /* Copy non-pointer members. */
189 copy->sourceId = report->sourceId;
190 copy->lineno = report->lineno;
191 copy->column = report->column;
192 copy->errorNumber = report->errorNumber;
193
194 return copy;
195 }
196
CopyErrorNote(JSContext * cx,JSErrorNotes::Note * note)197 UniquePtr<JSErrorNotes::Note> js::CopyErrorNote(JSContext* cx,
198 JSErrorNotes::Note* note) {
199 return CopyErrorHelper(cx, note);
200 }
201
CopyErrorReport(JSContext * cx,JSErrorReport * report)202 UniquePtr<JSErrorReport> js::CopyErrorReport(JSContext* cx,
203 JSErrorReport* report) {
204 return CopyErrorHelper(cx, report);
205 }
206
207 struct SuppressErrorsGuard {
208 JSContext* cx;
209 JS::WarningReporter prevReporter;
210 JS::AutoSaveExceptionState prevState;
211
SuppressErrorsGuardSuppressErrorsGuard212 explicit SuppressErrorsGuard(JSContext* cx)
213 : cx(cx),
214 prevReporter(JS::SetWarningReporter(cx, nullptr)),
215 prevState(cx) {}
216
~SuppressErrorsGuardSuppressErrorsGuard217 ~SuppressErrorsGuard() { JS::SetWarningReporter(cx, prevReporter); }
218 };
219
220 // Cut off the stack if it gets too deep (most commonly for infinite recursion
221 // errors).
222 static const size_t MAX_REPORTED_STACK_DEPTH = 1u << 7;
223
CaptureStack(JSContext * cx,MutableHandleObject stack)224 bool js::CaptureStack(JSContext* cx, MutableHandleObject stack) {
225 return CaptureCurrentStack(
226 cx, stack, JS::StackCapture(JS::MaxFrames(MAX_REPORTED_STACK_DEPTH)));
227 }
228
ComputeStackString(JSContext * cx)229 JSString* js::ComputeStackString(JSContext* cx) {
230 SuppressErrorsGuard seg(cx);
231
232 RootedObject stack(cx);
233 if (!CaptureStack(cx, &stack)) {
234 return nullptr;
235 }
236
237 RootedString str(cx);
238 if (!BuildStackString(cx, cx->realm()->principals(), stack, &str)) {
239 return nullptr;
240 }
241
242 return str.get();
243 }
244
ErrorFromException(JSContext * cx,HandleObject objArg)245 JSErrorReport* js::ErrorFromException(JSContext* cx, HandleObject objArg) {
246 // It's ok to UncheckedUnwrap here, since all we do is get the
247 // JSErrorReport, and consumers are careful with the information they get
248 // from that anyway. Anyone doing things that would expose anything in the
249 // JSErrorReport to page script either does a security check on the
250 // JSErrorReport's principal or also tries to do toString on our object and
251 // will fail if they can't unwrap it.
252 RootedObject obj(cx, UncheckedUnwrap(objArg));
253 if (!obj->is<ErrorObject>()) {
254 return nullptr;
255 }
256
257 JSErrorReport* report = obj->as<ErrorObject>().getOrCreateErrorReport(cx);
258 if (!report) {
259 MOZ_ASSERT(cx->isThrowingOutOfMemory());
260 cx->recoverFromOutOfMemory();
261 }
262
263 return report;
264 }
265
ExceptionStackOrNull(HandleObject objArg)266 JS_PUBLIC_API JSObject* JS::ExceptionStackOrNull(HandleObject objArg) {
267 ErrorObject* obj = objArg->maybeUnwrapIf<ErrorObject>();
268 if (!obj) {
269 return nullptr;
270 }
271
272 return obj->stack();
273 }
274
GetErrorTypeName(JSContext * cx,int16_t exnType)275 JS_PUBLIC_API JSLinearString* js::GetErrorTypeName(JSContext* cx,
276 int16_t exnType) {
277 /*
278 * JSEXN_INTERNALERR returns null to prevent that "InternalError: "
279 * is prepended before "uncaught exception: "
280 */
281 if (exnType < 0 || exnType >= JSEXN_LIMIT || exnType == JSEXN_INTERNALERR ||
282 exnType == JSEXN_WARN || exnType == JSEXN_NOTE) {
283 return nullptr;
284 }
285 JSProtoKey key = GetExceptionProtoKey(JSExnType(exnType));
286 return ClassName(key, cx);
287 }
288
ErrorToException(JSContext * cx,JSErrorReport * reportp,JSErrorCallback callback,void * userRef)289 void js::ErrorToException(JSContext* cx, JSErrorReport* reportp,
290 JSErrorCallback callback, void* userRef) {
291 MOZ_ASSERT(!reportp->isWarning());
292
293 // We cannot throw a proper object inside the self-hosting realm, as we
294 // cannot construct the Error constructor without self-hosted code. Just
295 // print the error to stderr to help debugging.
296 if (cx->realm()->isSelfHostingRealm()) {
297 JS::PrintError(stderr, reportp, true);
298 return;
299 }
300
301 // Find the exception index associated with this error.
302 JSErrNum errorNumber = static_cast<JSErrNum>(reportp->errorNumber);
303 if (!callback) {
304 callback = GetErrorMessage;
305 }
306 const JSErrorFormatString* errorString = callback(userRef, errorNumber);
307 JSExnType exnType =
308 errorString ? static_cast<JSExnType>(errorString->exnType) : JSEXN_ERR;
309 MOZ_ASSERT(exnType < JSEXN_ERROR_LIMIT);
310
311 // Prevent infinite recursion.
312 if (cx->generatingError) {
313 return;
314 }
315
316 cx->generatingError = true;
317 auto restore = mozilla::MakeScopeExit([cx] { cx->generatingError = false; });
318
319 // Create an exception object.
320 RootedString messageStr(cx, reportp->newMessageString(cx));
321 if (!messageStr) {
322 return;
323 }
324
325 RootedString fileName(cx, JS_NewStringCopyZ(cx, reportp->filename));
326 if (!fileName) {
327 return;
328 }
329
330 uint32_t sourceId = reportp->sourceId;
331 uint32_t lineNumber = reportp->lineno;
332 uint32_t columnNumber = reportp->column;
333
334 // Error reports don't provide a |cause|, so we default to |Nothing| here.
335 auto cause = JS::NothingHandleValue;
336
337 RootedObject stack(cx);
338 if (!CaptureStack(cx, &stack)) {
339 return;
340 }
341
342 UniquePtr<JSErrorReport> report = CopyErrorReport(cx, reportp);
343 if (!report) {
344 return;
345 }
346
347 ErrorObject* errObject =
348 ErrorObject::create(cx, exnType, stack, fileName, sourceId, lineNumber,
349 columnNumber, std::move(report), messageStr, cause);
350 if (!errObject) {
351 return;
352 }
353
354 // Throw it.
355 RootedValue errValue(cx, ObjectValue(*errObject));
356 RootedSavedFrame nstack(cx);
357 if (stack) {
358 nstack = &stack->as<SavedFrame>();
359 }
360 cx->setPendingException(errValue, nstack);
361 }
362
363 using SniffingBehavior = JS::ErrorReportBuilder::SniffingBehavior;
364
IsDuckTypedErrorObject(JSContext * cx,HandleObject exnObject,const char ** filename_strp)365 static bool IsDuckTypedErrorObject(JSContext* cx, HandleObject exnObject,
366 const char** filename_strp) {
367 /*
368 * This function is called from ErrorReport::init and so should not generate
369 * any new exceptions.
370 */
371 AutoClearPendingException acpe(cx);
372
373 bool found;
374 if (!JS_HasProperty(cx, exnObject, js_message_str, &found) || !found) {
375 return false;
376 }
377
378 // First try "filename".
379 const char* filename_str = *filename_strp;
380 if (!JS_HasProperty(cx, exnObject, filename_str, &found)) {
381 return false;
382 }
383 if (!found) {
384 // If that doesn't work, try "fileName".
385 filename_str = js_fileName_str;
386 if (!JS_HasProperty(cx, exnObject, filename_str, &found) || !found) {
387 return false;
388 }
389 }
390
391 if (!JS_HasProperty(cx, exnObject, js_lineNumber_str, &found) || !found) {
392 return false;
393 }
394
395 *filename_strp = filename_str;
396 return true;
397 }
398
GetPropertyNoException(JSContext * cx,HandleObject obj,SniffingBehavior behavior,HandlePropertyName name,MutableHandleValue vp)399 static bool GetPropertyNoException(JSContext* cx, HandleObject obj,
400 SniffingBehavior behavior,
401 HandlePropertyName name,
402 MutableHandleValue vp) {
403 // This function has no side-effects so always use it.
404 if (GetPropertyPure(cx, obj, NameToId(name), vp.address())) {
405 return true;
406 }
407
408 if (behavior == SniffingBehavior::WithSideEffects) {
409 AutoClearPendingException acpe(cx);
410 return GetProperty(cx, obj, obj, name, vp);
411 }
412
413 return false;
414 }
415
416 // Create a new error message similar to what Error.prototype.toString would
417 // produce when called on an object with those property values for name and
418 // message.
FormatErrorMessage(JSContext * cx,HandleString name,HandleString message)419 static JSString* FormatErrorMessage(JSContext* cx, HandleString name,
420 HandleString message) {
421 if (name && message) {
422 AutoClearPendingException acpe(cx);
423 JSStringBuilder sb(cx);
424
425 // Prefix the message with the error type, if it exists.
426 if (!sb.append(name) || !sb.append(": ") || !sb.append(message)) {
427 return nullptr;
428 }
429
430 return sb.finishString();
431 }
432
433 return name ? name : message;
434 }
435
ErrorReportToString(JSContext * cx,HandleObject exn,JSErrorReport * reportp,SniffingBehavior behavior)436 static JSString* ErrorReportToString(JSContext* cx, HandleObject exn,
437 JSErrorReport* reportp,
438 SniffingBehavior behavior) {
439 // The error object might have custom `name` overwriting the exnType in the
440 // error report. Try getting that property and use the exnType as a fallback.
441 RootedString name(cx);
442 RootedValue nameV(cx);
443 if (GetPropertyNoException(cx, exn, behavior, cx->names().name, &nameV) &&
444 nameV.isString()) {
445 name = nameV.toString();
446 }
447
448 // We do NOT want to use GetErrorTypeName() here because it will not do the
449 // "right thing" for JSEXN_INTERNALERR. That is, the caller of this API
450 // expects that "InternalError: " will be prepended but GetErrorTypeName
451 // goes out of its way to avoid this.
452 if (!name) {
453 JSExnType type = static_cast<JSExnType>(reportp->exnType);
454 if (type != JSEXN_WARN && type != JSEXN_NOTE) {
455 name = ClassName(GetExceptionProtoKey(type), cx);
456 }
457 }
458
459 RootedString message(cx);
460 RootedValue messageV(cx);
461 if (GetPropertyNoException(cx, exn, behavior, cx->names().message,
462 &messageV) &&
463 messageV.isString()) {
464 message = messageV.toString();
465 }
466
467 if (!message) {
468 message = reportp->newMessageString(cx);
469 if (!message) {
470 return nullptr;
471 }
472 }
473
474 return FormatErrorMessage(cx, name, message);
475 }
476
ErrorReportBuilder(JSContext * cx)477 JS::ErrorReportBuilder::ErrorReportBuilder(JSContext* cx)
478 : reportp(nullptr), exnObject(cx) {}
479
480 JS::ErrorReportBuilder::~ErrorReportBuilder() = default;
481
init(JSContext * cx,const JS::ExceptionStack & exnStack,SniffingBehavior sniffingBehavior)482 bool JS::ErrorReportBuilder::init(JSContext* cx,
483 const JS::ExceptionStack& exnStack,
484 SniffingBehavior sniffingBehavior) {
485 MOZ_ASSERT(!cx->isExceptionPending());
486 MOZ_ASSERT(!reportp);
487
488 if (exnStack.exception().isObject()) {
489 // Because ToString below could error and an exception object could become
490 // unrooted, we must root our exception object, if any.
491 exnObject = &exnStack.exception().toObject();
492 reportp = ErrorFromException(cx, exnObject);
493 }
494
495 // Be careful not to invoke ToString if we've already successfully extracted
496 // an error report, since the exception might be wrapped in a security
497 // wrapper, and ToString-ing it might throw.
498 RootedString str(cx);
499 if (reportp) {
500 str = ErrorReportToString(cx, exnObject, reportp, sniffingBehavior);
501 } else if (exnStack.exception().isSymbol()) {
502 RootedValue strVal(cx);
503 if (js::SymbolDescriptiveString(cx, exnStack.exception().toSymbol(),
504 &strVal)) {
505 str = strVal.toString();
506 } else {
507 str = nullptr;
508 }
509 } else if (exnObject && sniffingBehavior == NoSideEffects) {
510 str = cx->names().Object;
511 } else {
512 str = js::ToString<CanGC>(cx, exnStack.exception());
513 }
514
515 if (!str) {
516 cx->clearPendingException();
517 }
518
519 // If ErrorFromException didn't get us a JSErrorReport, then the object
520 // was not an ErrorObject, security-wrapped or otherwise. However, it might
521 // still quack like one. Give duck-typing a chance. We start by looking for
522 // "filename" (all lowercase), since that's where DOMExceptions store their
523 // filename. Then we check "fileName", which is where Errors store it. We
524 // have to do it in that order, because DOMExceptions have Error.prototype
525 // on their proto chain, and hence also have a "fileName" property, but its
526 // value is "".
527 const char* filename_str = "filename";
528 if (!reportp && exnObject && sniffingBehavior == WithSideEffects &&
529 IsDuckTypedErrorObject(cx, exnObject, &filename_str)) {
530 // Temporary value for pulling properties off of duck-typed objects.
531 RootedValue val(cx);
532
533 RootedString name(cx);
534 if (JS_GetProperty(cx, exnObject, js_name_str, &val) && val.isString()) {
535 name = val.toString();
536 } else {
537 cx->clearPendingException();
538 }
539
540 RootedString msg(cx);
541 if (JS_GetProperty(cx, exnObject, js_message_str, &val) && val.isString()) {
542 msg = val.toString();
543 } else {
544 cx->clearPendingException();
545 }
546
547 // If we have the right fields, override the ToString we performed on
548 // the exception object above with something built out of its quacks
549 // (i.e. as much of |NameQuack: MessageQuack| as we can make).
550 str = FormatErrorMessage(cx, name, msg);
551
552 {
553 AutoClearPendingException acpe(cx);
554 if (JS_GetProperty(cx, exnObject, filename_str, &val)) {
555 RootedString tmp(cx, js::ToString<CanGC>(cx, val));
556 if (tmp) {
557 filename = JS_EncodeStringToUTF8(cx, tmp);
558 }
559 }
560 }
561 if (!filename) {
562 filename = DuplicateString("");
563 if (!filename) {
564 ReportOutOfMemory(cx);
565 return false;
566 }
567 }
568
569 uint32_t lineno;
570 if (!JS_GetProperty(cx, exnObject, js_lineNumber_str, &val) ||
571 !ToUint32(cx, val, &lineno)) {
572 cx->clearPendingException();
573 lineno = 0;
574 }
575
576 uint32_t column;
577 if (!JS_GetProperty(cx, exnObject, js_columnNumber_str, &val) ||
578 !ToUint32(cx, val, &column)) {
579 cx->clearPendingException();
580 column = 0;
581 }
582
583 reportp = &ownedReport;
584 new (reportp) JSErrorReport();
585 ownedReport.filename = filename.get();
586 ownedReport.lineno = lineno;
587 ownedReport.exnType = JSEXN_INTERNALERR;
588 ownedReport.column = column;
589
590 if (str) {
591 // Note that using |str| for |message_| here is kind of wrong,
592 // because |str| is supposed to be of the format
593 // |ErrorName: ErrorMessage|, and |message_| is supposed to
594 // correspond to |ErrorMessage|. But this is what we've
595 // historically done for duck-typed error objects.
596 //
597 // If only this stuff could get specced one day...
598 if (auto utf8 = JS_EncodeStringToUTF8(cx, str)) {
599 ownedReport.initOwnedMessage(utf8.release());
600 } else {
601 cx->clearPendingException();
602 str = nullptr;
603 }
604 }
605 }
606
607 const char* utf8Message = nullptr;
608 if (str) {
609 toStringResultBytesStorage = JS_EncodeStringToUTF8(cx, str);
610 utf8Message = toStringResultBytesStorage.get();
611 if (!utf8Message) {
612 cx->clearPendingException();
613 }
614 }
615 if (!utf8Message) {
616 utf8Message = "unknown (can't convert to string)";
617 }
618
619 if (!reportp) {
620 // This is basically an inlined version of
621 //
622 // JS_ReportErrorNumberUTF8(cx, GetErrorMessage, nullptr,
623 // JSMSG_UNCAUGHT_EXCEPTION, utf8Message);
624 //
625 // but without the reporting bits. Instead it just puts all
626 // the stuff we care about in our ownedReport and message_.
627 if (!populateUncaughtExceptionReportUTF8(cx, exnStack.stack(),
628 utf8Message)) {
629 // Just give up. We're out of memory or something; not much we can
630 // do here.
631 return false;
632 }
633 } else {
634 toStringResult_ = JS::ConstUTF8CharsZ(utf8Message, strlen(utf8Message));
635 }
636
637 return true;
638 }
639
populateUncaughtExceptionReportUTF8(JSContext * cx,HandleObject stack,...)640 bool JS::ErrorReportBuilder::populateUncaughtExceptionReportUTF8(
641 JSContext* cx, HandleObject stack, ...) {
642 va_list ap;
643 va_start(ap, stack);
644 bool ok = populateUncaughtExceptionReportUTF8VA(cx, stack, ap);
645 va_end(ap);
646 return ok;
647 }
648
populateUncaughtExceptionReportUTF8VA(JSContext * cx,HandleObject stack,va_list ap)649 bool JS::ErrorReportBuilder::populateUncaughtExceptionReportUTF8VA(
650 JSContext* cx, HandleObject stack, va_list ap) {
651 new (&ownedReport) JSErrorReport();
652 ownedReport.isWarning_ = false;
653 ownedReport.errorNumber = JSMSG_UNCAUGHT_EXCEPTION;
654
655 bool skippedAsync;
656 RootedSavedFrame frame(
657 cx, UnwrapSavedFrame(cx, cx->realm()->principals(), stack,
658 SavedFrameSelfHosted::Exclude, skippedAsync));
659 if (frame) {
660 filename = StringToNewUTF8CharsZ(cx, *frame->getSource());
661 if (!filename) {
662 return false;
663 }
664
665 // |ownedReport.filename| inherits the lifetime of |ErrorReport::filename|.
666 ownedReport.filename = filename.get();
667 ownedReport.sourceId = frame->getSourceId();
668 ownedReport.lineno = frame->getLine();
669 // Follow FixupColumnForDisplay and set column to 1 for WASM.
670 ownedReport.column = frame->isWasm() ? 1 : frame->getColumn();
671 ownedReport.isMuted = frame->getMutedErrors();
672 } else {
673 // XXXbz this assumes the stack we have right now is still
674 // related to our exception object.
675 NonBuiltinFrameIter iter(cx, cx->realm()->principals());
676 if (!iter.done()) {
677 ownedReport.filename = iter.filename();
678 uint32_t column;
679 ownedReport.sourceId =
680 iter.hasScript() ? iter.script()->scriptSource()->id() : 0;
681 ownedReport.lineno = iter.computeLine(&column);
682 ownedReport.column = FixupColumnForDisplay(column);
683 ownedReport.isMuted = iter.mutedErrors();
684 }
685 }
686
687 if (!ExpandErrorArgumentsVA(cx, GetErrorMessage, nullptr,
688 JSMSG_UNCAUGHT_EXCEPTION, ArgumentsAreUTF8,
689 &ownedReport, ap)) {
690 return false;
691 }
692
693 toStringResult_ = ownedReport.message();
694 reportp = &ownedReport;
695 return true;
696 }
697
CopyErrorObject(JSContext * cx,Handle<ErrorObject * > err)698 JSObject* js::CopyErrorObject(JSContext* cx, Handle<ErrorObject*> err) {
699 UniquePtr<JSErrorReport> copyReport;
700 if (JSErrorReport* errorReport = err->getErrorReport()) {
701 copyReport = CopyErrorReport(cx, errorReport);
702 if (!copyReport) {
703 return nullptr;
704 }
705 }
706
707 RootedString message(cx, err->getMessage());
708 if (message && !cx->compartment()->wrap(cx, &message)) {
709 return nullptr;
710 }
711 RootedString fileName(cx, err->fileName(cx));
712 if (!cx->compartment()->wrap(cx, &fileName)) {
713 return nullptr;
714 }
715 RootedObject stack(cx, err->stack());
716 if (!cx->compartment()->wrap(cx, &stack)) {
717 return nullptr;
718 }
719 Rooted<mozilla::Maybe<Value>> cause(cx, mozilla::Nothing());
720 if (auto maybeCause = err->getCause()) {
721 RootedValue errorCause(cx, maybeCause.value());
722 if (!cx->compartment()->wrap(cx, &errorCause)) {
723 return nullptr;
724 }
725 cause = mozilla::Some(errorCause.get());
726 }
727 uint32_t sourceId = err->sourceId();
728 uint32_t lineNumber = err->lineNumber();
729 uint32_t columnNumber = err->columnNumber();
730 JSExnType errorType = err->type();
731
732 // Create the Error object.
733 return ErrorObject::create(cx, errorType, stack, fileName, sourceId,
734 lineNumber, columnNumber, std::move(copyReport),
735 message, cause);
736 }
737
CreateError(JSContext * cx,JSExnType type,HandleObject stack,HandleString fileName,uint32_t lineNumber,uint32_t columnNumber,JSErrorReport * report,HandleString message,MutableHandleValue rval)738 JS_PUBLIC_API bool JS::CreateError(JSContext* cx, JSExnType type,
739 HandleObject stack, HandleString fileName,
740 uint32_t lineNumber, uint32_t columnNumber,
741 JSErrorReport* report, HandleString message,
742 MutableHandleValue rval) {
743 cx->check(stack, fileName, message);
744 AssertObjectIsSavedFrameOrWrapper(cx, stack);
745
746 js::UniquePtr<JSErrorReport> rep;
747 if (report) {
748 rep = CopyErrorReport(cx, report);
749 if (!rep) {
750 return false;
751 }
752 }
753
754 // The public API doesn't (yet) support a |cause| argument, so we default to
755 // |Nothing()| here.
756 auto cause = JS::NothingHandleValue;
757
758 JSObject* obj =
759 js::ErrorObject::create(cx, type, stack, fileName, 0, lineNumber,
760 columnNumber, std::move(rep), message, cause);
761 if (!obj) {
762 return false;
763 }
764
765 rval.setObject(*obj);
766 return true;
767 }
768
ValueToSourceForError(JSContext * cx,HandleValue val,UniqueChars & bytes)769 const char* js::ValueToSourceForError(JSContext* cx, HandleValue val,
770 UniqueChars& bytes) {
771 if (val.isUndefined()) {
772 return "undefined";
773 }
774
775 if (val.isNull()) {
776 return "null";
777 }
778
779 AutoClearPendingException acpe(cx);
780
781 RootedString str(cx, JS_ValueToSource(cx, val));
782 if (!str) {
783 return "<<error converting value to string>>";
784 }
785
786 JSStringBuilder sb(cx);
787 if (val.isObject()) {
788 RootedObject valObj(cx, val.toObjectOrNull());
789 ESClass cls;
790 if (!JS::GetBuiltinClass(cx, valObj, &cls)) {
791 return "<<error determining class of value>>";
792 }
793 const char* s;
794 if (cls == ESClass::Array) {
795 s = "the array ";
796 } else if (cls == ESClass::ArrayBuffer) {
797 s = "the array buffer ";
798 } else if (JS_IsArrayBufferViewObject(valObj)) {
799 s = "the typed array ";
800 } else {
801 s = "the object ";
802 }
803 if (!sb.append(s, strlen(s))) {
804 return "<<error converting value to string>>";
805 }
806 } else if (val.isNumber()) {
807 if (!sb.append("the number ")) {
808 return "<<error converting value to string>>";
809 }
810 } else if (val.isString()) {
811 if (!sb.append("the string ")) {
812 return "<<error converting value to string>>";
813 }
814 } else if (val.isBigInt()) {
815 if (!sb.append("the BigInt ")) {
816 return "<<error converting value to string>>";
817 }
818 } else {
819 MOZ_ASSERT(val.isBoolean() || val.isSymbol());
820 bytes = StringToNewUTF8CharsZ(cx, *str);
821 return bytes.get();
822 }
823 if (!sb.append(str)) {
824 return "<<error converting value to string>>";
825 }
826 str = sb.finishString();
827 if (!str) {
828 return "<<error converting value to string>>";
829 }
830 bytes = StringToNewUTF8CharsZ(cx, *str);
831 return bytes.get();
832 }
833
GetInternalError(JSContext * cx,unsigned errorNumber,MutableHandleValue error)834 bool js::GetInternalError(JSContext* cx, unsigned errorNumber,
835 MutableHandleValue error) {
836 FixedInvokeArgs<1> args(cx);
837 args[0].set(Int32Value(errorNumber));
838 return CallSelfHostedFunction(cx, cx->names().GetInternalError,
839 NullHandleValue, args, error);
840 }
841
GetTypeError(JSContext * cx,unsigned errorNumber,MutableHandleValue error)842 bool js::GetTypeError(JSContext* cx, unsigned errorNumber,
843 MutableHandleValue error) {
844 FixedInvokeArgs<1> args(cx);
845 args[0].set(Int32Value(errorNumber));
846 return CallSelfHostedFunction(cx, cx->names().GetTypeError, NullHandleValue,
847 args, error);
848 }
849
GetAggregateError(JSContext * cx,unsigned errorNumber,MutableHandleValue error)850 bool js::GetAggregateError(JSContext* cx, unsigned errorNumber,
851 MutableHandleValue error) {
852 FixedInvokeArgs<1> args(cx);
853 args[0].set(Int32Value(errorNumber));
854 return CallSelfHostedFunction(cx, cx->names().GetAggregateError,
855 NullHandleValue, args, error);
856 }
857
GetExceptionCause(JSObject * exc)858 JS_PUBLIC_API mozilla::Maybe<Value> JS::GetExceptionCause(JSObject* exc) {
859 if (!exc->is<ErrorObject>()) {
860 return mozilla::Nothing();
861 }
862 auto& error = exc->as<ErrorObject>();
863 return error.getCause();
864 }
865