summaryrefslogtreecommitdiffstats
path: root/js/xpconnect/src/XPCJSRuntime.cpp
diff options
context:
space:
mode:
Diffstat (limited to 'js/xpconnect/src/XPCJSRuntime.cpp')
-rw-r--r--js/xpconnect/src/XPCJSRuntime.cpp3174
1 files changed, 3174 insertions, 0 deletions
diff --git a/js/xpconnect/src/XPCJSRuntime.cpp b/js/xpconnect/src/XPCJSRuntime.cpp
new file mode 100644
index 0000000000..2424cf9dda
--- /dev/null
+++ b/js/xpconnect/src/XPCJSRuntime.cpp
@@ -0,0 +1,3174 @@
+/* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
+/* vim: set ts=8 sts=2 et sw=2 tw=80: */
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+/* Per JSRuntime object */
+
+#include "mozilla/ArrayUtils.h"
+#include "mozilla/AutoRestore.h"
+#include "mozilla/MemoryReporting.h"
+#include "mozilla/UniquePtr.h"
+
+#include "xpcprivate.h"
+#include "xpcpublic.h"
+#include "XPCMaps.h"
+#include "XPCWrapper.h"
+#include "XPCJSMemoryReporter.h"
+#include "XrayWrapper.h"
+#include "WrapperFactory.h"
+#include "mozJSModuleLoader.h"
+#include "nsNetUtil.h"
+#include "nsContentSecurityUtils.h"
+
+#include "nsExceptionHandler.h"
+#include "nsIMemoryInfoDumper.h"
+#include "nsIMemoryReporter.h"
+#include "nsIObserverService.h"
+#include "mozilla/dom/Document.h"
+#include "nsIRunnable.h"
+#include "nsIPlatformInfo.h"
+#include "nsPIDOMWindow.h"
+#include "nsPrintfCString.h"
+#include "nsScriptSecurityManager.h"
+#include "nsThreadPool.h"
+#include "nsWindowSizes.h"
+#include "mozilla/BasePrincipal.h"
+#include "mozilla/Preferences.h"
+#include "mozilla/Telemetry.h"
+#include "mozilla/Services.h"
+#include "mozilla/dom/ScriptLoader.h"
+#include "mozilla/dom/ScriptSettings.h"
+
+#include "nsContentUtils.h"
+#include "nsCCUncollectableMarker.h"
+#include "nsCycleCollectionNoteRootCallback.h"
+#include "nsCycleCollector.h"
+#include "jsapi.h"
+#include "js/BuildId.h" // JS::BuildIdCharVector, JS::SetProcessBuildIdOp
+#include "js/experimental/SourceHook.h" // js::{,Set}SourceHook
+#include "js/GCAPI.h"
+#include "js/MemoryFunctions.h"
+#include "js/MemoryMetrics.h"
+#include "js/Object.h" // JS::GetClass
+#include "js/RealmIterators.h"
+#include "js/SliceBudget.h"
+#include "js/UbiNode.h"
+#include "js/UbiNodeUtils.h"
+#include "js/friend/UsageStatistics.h" // JSMetric, JS_SetAccumulateTelemetryCallback
+#include "js/friend/WindowProxy.h" // js::SetWindowProxyClass
+#include "js/friend/XrayJitInfo.h" // JS::SetXrayJitInfo
+#include "mozilla/dom/AbortSignalBinding.h"
+#include "mozilla/dom/GeneratedAtomList.h"
+#include "mozilla/dom/BindingUtils.h"
+#include "mozilla/dom/Element.h"
+#include "mozilla/dom/FetchUtil.h"
+#include "mozilla/dom/WindowBinding.h"
+#include "mozilla/Atomics.h"
+#include "mozilla/Attributes.h"
+#include "mozilla/ProcessHangMonitor.h"
+#include "mozilla/ProfilerLabels.h"
+#include "mozilla/Sprintf.h"
+#include "mozilla/UniquePtrExtensions.h"
+#include "mozilla/Unused.h"
+#include "AccessCheck.h"
+#include "nsGlobalWindow.h"
+#include "nsAboutProtocolUtils.h"
+
+#include "NodeUbiReporting.h"
+#include "ExpandedPrincipal.h"
+#include "nsIInputStream.h"
+#include "nsJSPrincipals.h"
+#include "nsJSEnvironment.h"
+#include "XPCInlines.h"
+
+#ifdef XP_WIN
+# include <windows.h>
+#endif
+
+using namespace mozilla;
+using namespace mozilla::dom;
+using namespace xpc;
+using namespace JS;
+using namespace js;
+using mozilla::dom::PerThreadAtomCache;
+
+/***************************************************************************/
+
+const char* const XPCJSRuntime::mStrings[] = {
+ "constructor", // IDX_CONSTRUCTOR
+ "toString", // IDX_TO_STRING
+ "toSource", // IDX_TO_SOURCE
+ "value", // IDX_VALUE
+ "QueryInterface", // IDX_QUERY_INTERFACE
+ "Components", // IDX_COMPONENTS
+ "Cc", // IDX_CC
+ "Ci", // IDX_CI
+ "Cr", // IDX_CR
+ "Cu", // IDX_CU
+ "Services", // IDX_SERVICES
+ "wrappedJSObject", // IDX_WRAPPED_JSOBJECT
+ "prototype", // IDX_PROTOTYPE
+ "eval", // IDX_EVAL
+ "controllers", // IDX_CONTROLLERS
+ "Controllers", // IDX_CONTROLLERS_CLASS
+ "length", // IDX_LENGTH
+ "name", // IDX_NAME
+ "undefined", // IDX_UNDEFINED
+ "", // IDX_EMPTYSTRING
+ "fileName", // IDX_FILENAME
+ "lineNumber", // IDX_LINENUMBER
+ "columnNumber", // IDX_COLUMNNUMBER
+ "stack", // IDX_STACK
+ "message", // IDX_MESSAGE
+ "cause", // IDX_CAUSE
+ "errors", // IDX_ERRORS
+ "lastIndex", // IDX_LASTINDEX
+ "then", // IDX_THEN
+ "isInstance", // IDX_ISINSTANCE
+ "Infinity", // IDX_INFINITY
+ "NaN", // IDX_NAN
+ "classId", // IDX_CLASS_ID
+ "interfaceId", // IDX_INTERFACE_ID
+ "initializer", // IDX_INITIALIZER
+ "print", // IDX_PRINT
+ "fetch", // IDX_FETCH
+ "crypto", // IDX_CRYPTO
+ "indexedDB", // IDX_INDEXEDDB
+ "structuredClone", // IDX_STRUCTUREDCLONE
+};
+
+/***************************************************************************/
+
+// *Some* NativeSets are referenced from mClassInfo2NativeSetMap.
+// *All* NativeSets are referenced from mNativeSetMap.
+// So, in mClassInfo2NativeSetMap we just clear references to the unmarked.
+// In mNativeSetMap we clear the references to the unmarked *and* delete them.
+
+class AsyncFreeSnowWhite : public Runnable {
+ public:
+ NS_IMETHOD Run() override {
+ AUTO_PROFILER_LABEL_RELEVANT_FOR_JS("Incremental CC", GCCC);
+ AUTO_PROFILER_LABEL("AsyncFreeSnowWhite::Run", GCCC_FreeSnowWhite);
+
+ TimeStamp start = TimeStamp::Now();
+ // 2 ms budget, given that kICCSliceBudget is only 3 ms
+ js::SliceBudget budget = js::SliceBudget(js::TimeBudget(2));
+ bool hadSnowWhiteObjects =
+ nsCycleCollector_doDeferredDeletionWithBudget(budget);
+ Telemetry::Accumulate(
+ Telemetry::CYCLE_COLLECTOR_ASYNC_SNOW_WHITE_FREEING,
+ uint32_t((TimeStamp::Now() - start).ToMilliseconds()));
+ if (hadSnowWhiteObjects && !mContinuation) {
+ mContinuation = true;
+ if (NS_FAILED(Dispatch())) {
+ mActive = false;
+ }
+ } else {
+ mActive = false;
+ }
+ return NS_OK;
+ }
+
+ nsresult Dispatch() {
+ nsCOMPtr<nsIRunnable> self(this);
+ return NS_DispatchToCurrentThreadQueue(self.forget(), 500,
+ EventQueuePriority::Idle);
+ }
+
+ void Start(bool aContinuation = false, bool aPurge = false) {
+ if (mContinuation) {
+ mContinuation = aContinuation;
+ }
+ mPurge = aPurge;
+ if (!mActive && NS_SUCCEEDED(Dispatch())) {
+ mActive = true;
+ }
+ }
+
+ AsyncFreeSnowWhite()
+ : Runnable("AsyncFreeSnowWhite"),
+ mContinuation(false),
+ mActive(false),
+ mPurge(false) {}
+
+ public:
+ bool mContinuation;
+ bool mActive;
+ bool mPurge;
+};
+
+namespace xpc {
+
+CompartmentPrivate::CompartmentPrivate(
+ JS::Compartment* c, mozilla::UniquePtr<XPCWrappedNativeScope> scope,
+ mozilla::BasePrincipal* origin, const SiteIdentifier& site)
+ : originInfo(origin, site),
+ wantXrays(false),
+ allowWaivers(true),
+ isWebExtensionContentScript(false),
+ isUAWidgetCompartment(false),
+ hasExclusiveExpandos(false),
+ wasShutdown(false),
+ mWrappedJSMap(mozilla::MakeUnique<JSObject2WrappedJSMap>()),
+ mScope(std::move(scope)) {
+ MOZ_COUNT_CTOR(xpc::CompartmentPrivate);
+}
+
+CompartmentPrivate::~CompartmentPrivate() {
+ MOZ_COUNT_DTOR(xpc::CompartmentPrivate);
+}
+
+void CompartmentPrivate::SystemIsBeingShutDown() {
+ // We may call this multiple times when the compartment contains more than one
+ // realm.
+ if (!wasShutdown) {
+ mWrappedJSMap->ShutdownMarker();
+ wasShutdown = true;
+ }
+}
+
+RealmPrivate::RealmPrivate(JS::Realm* realm) : scriptability(realm) {
+ mozilla::PodArrayZero(wrapperDenialWarnings);
+}
+
+/* static */
+void RealmPrivate::Init(HandleObject aGlobal, const SiteIdentifier& aSite) {
+ MOZ_ASSERT(aGlobal);
+ DebugOnly<const JSClass*> clasp = JS::GetClass(aGlobal);
+ MOZ_ASSERT(clasp->slot0IsISupports() || dom::IsDOMClass(clasp));
+
+ Realm* realm = GetObjectRealmOrNull(aGlobal);
+
+ // Create the realm private.
+ RealmPrivate* realmPriv = new RealmPrivate(realm);
+ MOZ_ASSERT(!GetRealmPrivate(realm));
+ SetRealmPrivate(realm, realmPriv);
+
+ nsIPrincipal* principal = GetRealmPrincipal(realm);
+ Compartment* c = JS::GetCompartment(aGlobal);
+
+ // Create the compartment private if needed.
+ if (CompartmentPrivate* priv = CompartmentPrivate::Get(c)) {
+ MOZ_ASSERT(priv->originInfo.IsSameOrigin(principal));
+ } else {
+ auto scope = mozilla::MakeUnique<XPCWrappedNativeScope>(c, aGlobal);
+ priv = new CompartmentPrivate(c, std::move(scope),
+ BasePrincipal::Cast(principal), aSite);
+ JS_SetCompartmentPrivate(c, priv);
+ }
+}
+
+// As XPCJSRuntime can live longer than when we shutdown the observer service,
+// we have our own getter to account for this.
+static nsCOMPtr<nsIObserverService> GetObserverService() {
+ if (AppShutdown::IsInOrBeyond(ShutdownPhase::XPCOMShutdownFinal)) {
+ return nullptr;
+ }
+ return mozilla::services::GetObserverService();
+}
+
+static bool TryParseLocationURICandidate(
+ const nsACString& uristr, RealmPrivate::LocationHint aLocationHint,
+ nsIURI** aURI) {
+ static constexpr auto kGRE = "resource://gre/"_ns;
+ static constexpr auto kToolkit = "chrome://global/"_ns;
+ static constexpr auto kBrowser = "chrome://browser/"_ns;
+
+ if (aLocationHint == RealmPrivate::LocationHintAddon) {
+ // Blacklist some known locations which are clearly not add-on related.
+ if (StringBeginsWith(uristr, kGRE) || StringBeginsWith(uristr, kToolkit) ||
+ StringBeginsWith(uristr, kBrowser)) {
+ return false;
+ }
+
+ // -- GROSS HACK ALERT --
+ // The Yandex Elements 8.10.2 extension implements its own "xb://" URL
+ // scheme. If we call NS_NewURI() on an "xb://..." URL, we'll end up
+ // calling into the extension's own JS-implemented nsIProtocolHandler
+ // object, which we can't allow while we're iterating over the JS heap.
+ // So just skip any such URL.
+ // -- GROSS HACK ALERT --
+ if (StringBeginsWith(uristr, "xb"_ns)) {
+ return false;
+ }
+ }
+
+ nsCOMPtr<nsIURI> uri;
+ if (NS_FAILED(NS_NewURI(getter_AddRefs(uri), uristr))) {
+ return false;
+ }
+
+ nsAutoCString scheme;
+ if (NS_FAILED(uri->GetScheme(scheme))) {
+ return false;
+ }
+
+ // Cannot really map data: and blob:.
+ // Also, data: URIs are pretty memory hungry, which is kinda bad
+ // for memory reporter use.
+ if (scheme.EqualsLiteral("data") || scheme.EqualsLiteral("blob")) {
+ return false;
+ }
+
+ uri.forget(aURI);
+ return true;
+}
+
+bool RealmPrivate::TryParseLocationURI(RealmPrivate::LocationHint aLocationHint,
+ nsIURI** aURI) {
+ if (!aURI) {
+ return false;
+ }
+
+ // Need to parse the URI.
+ if (location.IsEmpty()) {
+ return false;
+ }
+
+ // Handle Sandbox location strings.
+ // A sandbox string looks like this, for anonymous sandboxes, and builds
+ // where Sandbox location tagging is enabled:
+ //
+ // <sandboxName> (from: <js-stack-frame-filename>:<lineno>)
+ //
+ // where <sandboxName> is user-provided via Cu.Sandbox()
+ // and <js-stack-frame-filename> and <lineno> is the stack frame location
+ // from where Cu.Sandbox was called.
+ //
+ // Otherwise, it is simply the caller-provided name, which is usually a URI.
+ //
+ // <js-stack-frame-filename> furthermore is "free form", often using a
+ // "uri -> uri -> ..." chain. The following code will and must handle this
+ // common case.
+ //
+ // It should be noted that other parts of the code may already rely on the
+ // "format" of these strings.
+
+ static const nsDependentCString from("(from: ");
+ static const nsDependentCString arrow(" -> ");
+ static const size_t fromLength = from.Length();
+ static const size_t arrowLength = arrow.Length();
+
+ // See: XPCComponents.cpp#AssembleSandboxMemoryReporterName
+ int32_t idx = location.Find(from);
+ if (idx < 0) {
+ return TryParseLocationURICandidate(location, aLocationHint, aURI);
+ }
+
+ // When parsing we're looking for the right-most URI. This URI may be in
+ // <sandboxName>, so we try this first.
+ if (TryParseLocationURICandidate(Substring(location, 0, idx), aLocationHint,
+ aURI)) {
+ return true;
+ }
+
+ // Not in <sandboxName> so we need to inspect <js-stack-frame-filename> and
+ // the chain that is potentially contained within and grab the rightmost
+ // item that is actually a URI.
+
+ // First, hack off the :<lineno>) part as well
+ int32_t ridx = location.RFind(":"_ns);
+ nsAutoCString chain(
+ Substring(location, idx + fromLength, ridx - idx - fromLength));
+
+ // Loop over the "->" chain. This loop also works for non-chains, or more
+ // correctly chains with only one item.
+ for (;;) {
+ idx = chain.RFind(arrow);
+ if (idx < 0) {
+ // This is the last chain item. Try to parse what is left.
+ return TryParseLocationURICandidate(chain, aLocationHint, aURI);
+ }
+
+ // Try to parse current chain item
+ if (TryParseLocationURICandidate(Substring(chain, idx + arrowLength),
+ aLocationHint, aURI)) {
+ return true;
+ }
+
+ // Current chain item couldn't be parsed.
+ // Strip current item and continue.
+ chain = Substring(chain, 0, idx);
+ }
+
+ MOZ_CRASH("Chain parser loop does not terminate");
+}
+
+static bool PrincipalImmuneToScriptPolicy(nsIPrincipal* aPrincipal) {
+ // System principal gets a free pass.
+ if (aPrincipal->IsSystemPrincipal()) {
+ return true;
+ }
+
+ auto* principal = BasePrincipal::Cast(aPrincipal);
+
+ // ExpandedPrincipal gets a free pass.
+ if (principal->Is<ExpandedPrincipal>()) {
+ return true;
+ }
+
+ // WebExtension principals get a free pass.
+ if (principal->AddonPolicy()) {
+ return true;
+ }
+
+ // pdf.js is a special-case too.
+ if (nsContentUtils::IsPDFJS(principal)) {
+ return true;
+ }
+
+ // Check whether our URI is an "about:" URI that allows scripts. If it is,
+ // we need to allow JS to run.
+ if (aPrincipal->SchemeIs("about")) {
+ uint32_t flags;
+ nsresult rv = aPrincipal->GetAboutModuleFlags(&flags);
+ if (NS_SUCCEEDED(rv) && (flags & nsIAboutModule::ALLOW_SCRIPT)) {
+ return true;
+ }
+ }
+
+ return false;
+}
+
+void RealmPrivate::RegisterStackFrame(JSStackFrameBase* aFrame) {
+ mJSStackFrames.PutEntry(aFrame);
+}
+
+void RealmPrivate::UnregisterStackFrame(JSStackFrameBase* aFrame) {
+ mJSStackFrames.RemoveEntry(aFrame);
+}
+
+void RealmPrivate::NukeJSStackFrames() {
+ for (const auto& key : mJSStackFrames.Keys()) {
+ key->Clear();
+ }
+
+ mJSStackFrames.Clear();
+}
+
+void RegisterJSStackFrame(JS::Realm* aRealm, JSStackFrameBase* aStackFrame) {
+ RealmPrivate* realmPrivate = RealmPrivate::Get(aRealm);
+ if (!realmPrivate) {
+ return;
+ }
+
+ realmPrivate->RegisterStackFrame(aStackFrame);
+}
+
+void UnregisterJSStackFrame(JS::Realm* aRealm, JSStackFrameBase* aStackFrame) {
+ RealmPrivate* realmPrivate = RealmPrivate::Get(aRealm);
+ if (!realmPrivate) {
+ return;
+ }
+
+ realmPrivate->UnregisterStackFrame(aStackFrame);
+}
+
+void NukeJSStackFrames(JS::Realm* aRealm) {
+ RealmPrivate* realmPrivate = RealmPrivate::Get(aRealm);
+ if (!realmPrivate) {
+ return;
+ }
+
+ realmPrivate->NukeJSStackFrames();
+}
+
+Scriptability::Scriptability(JS::Realm* realm)
+ : mScriptBlocks(0),
+ mWindowAllowsScript(true),
+ mScriptBlockedByPolicy(false) {
+ nsIPrincipal* prin = nsJSPrincipals::get(JS::GetRealmPrincipals(realm));
+
+ mImmuneToScriptPolicy = PrincipalImmuneToScriptPolicy(prin);
+ if (mImmuneToScriptPolicy) {
+ return;
+ }
+ // If we're not immune, we should have a real principal with a URI.
+ // Check the principal against the new-style domain policy.
+ bool policyAllows;
+ nsresult rv = prin->GetIsScriptAllowedByPolicy(&policyAllows);
+ if (NS_SUCCEEDED(rv)) {
+ mScriptBlockedByPolicy = !policyAllows;
+ return;
+ }
+ // Something went wrong - be safe and block script.
+ mScriptBlockedByPolicy = true;
+}
+
+bool Scriptability::Allowed() {
+ return mWindowAllowsScript && !mScriptBlockedByPolicy && mScriptBlocks == 0;
+}
+
+bool Scriptability::IsImmuneToScriptPolicy() { return mImmuneToScriptPolicy; }
+
+void Scriptability::Block() { ++mScriptBlocks; }
+
+void Scriptability::Unblock() {
+ MOZ_ASSERT(mScriptBlocks > 0);
+ --mScriptBlocks;
+}
+
+void Scriptability::SetWindowAllowsScript(bool aAllowed) {
+ mWindowAllowsScript = aAllowed || mImmuneToScriptPolicy;
+}
+
+/* static */
+bool Scriptability::AllowedIfExists(JSObject* aScope) {
+ RealmPrivate* realmPrivate = RealmPrivate::Get(aScope);
+ return realmPrivate ? realmPrivate->scriptability.Allowed() : true;
+}
+
+/* static */
+Scriptability& Scriptability::Get(JSObject* aScope) {
+ return RealmPrivate::Get(aScope)->scriptability;
+}
+
+bool IsUAWidgetCompartment(JS::Compartment* compartment) {
+ // We always eagerly create compartment privates for UA Widget compartments.
+ CompartmentPrivate* priv = CompartmentPrivate::Get(compartment);
+ return priv && priv->isUAWidgetCompartment;
+}
+
+bool IsUAWidgetScope(JS::Realm* realm) {
+ return IsUAWidgetCompartment(JS::GetCompartmentForRealm(realm));
+}
+
+bool IsInUAWidgetScope(JSObject* obj) {
+ return IsUAWidgetCompartment(JS::GetCompartment(obj));
+}
+
+bool CompartmentOriginInfo::MightBeWebContent() const {
+ // Compartments with principals that are either the system principal or an
+ // expanded principal are definitely not web content.
+ return !nsContentUtils::IsSystemOrExpandedPrincipal(mOrigin);
+}
+
+bool MightBeWebContentCompartment(JS::Compartment* compartment) {
+ if (CompartmentPrivate* priv = CompartmentPrivate::Get(compartment)) {
+ return priv->originInfo.MightBeWebContent();
+ }
+
+ // No CompartmentPrivate; try IsSystemCompartment.
+ return !js::IsSystemCompartment(compartment);
+}
+
+bool CompartmentOriginInfo::IsSameOrigin(nsIPrincipal* aOther) const {
+ return mOrigin->FastEquals(aOther);
+}
+
+/* static */
+bool CompartmentOriginInfo::Subsumes(JS::Compartment* aCompA,
+ JS::Compartment* aCompB) {
+ CompartmentPrivate* apriv = CompartmentPrivate::Get(aCompA);
+ CompartmentPrivate* bpriv = CompartmentPrivate::Get(aCompB);
+ MOZ_ASSERT(apriv);
+ MOZ_ASSERT(bpriv);
+ return apriv->originInfo.mOrigin->FastSubsumes(bpriv->originInfo.mOrigin);
+}
+
+/* static */
+bool CompartmentOriginInfo::SubsumesIgnoringFPD(JS::Compartment* aCompA,
+ JS::Compartment* aCompB) {
+ CompartmentPrivate* apriv = CompartmentPrivate::Get(aCompA);
+ CompartmentPrivate* bpriv = CompartmentPrivate::Get(aCompB);
+ MOZ_ASSERT(apriv);
+ MOZ_ASSERT(bpriv);
+ return apriv->originInfo.mOrigin->FastSubsumesIgnoringFPD(
+ bpriv->originInfo.mOrigin);
+}
+
+void SetCompartmentChangedDocumentDomain(JS::Compartment* compartment) {
+ // Note: we call this for all compartments that contain realms with a
+ // particular principal. Not all of these compartments have a
+ // CompartmentPrivate (for instance the temporary compartment/realm
+ // created by the JS engine for off-thread parsing).
+ if (CompartmentPrivate* priv = CompartmentPrivate::Get(compartment)) {
+ priv->originInfo.SetChangedDocumentDomain();
+ }
+}
+
+JSObject* UnprivilegedJunkScope() {
+ return XPCJSRuntime::Get()->UnprivilegedJunkScope();
+}
+
+JSObject* UnprivilegedJunkScope(const fallible_t&) {
+ return XPCJSRuntime::Get()->UnprivilegedJunkScope(fallible);
+}
+
+bool IsUnprivilegedJunkScope(JSObject* obj) {
+ return XPCJSRuntime::Get()->IsUnprivilegedJunkScope(obj);
+}
+
+JSObject* NACScope(JSObject* global) {
+ // If we're a chrome global, just use ourselves.
+ if (AccessCheck::isChrome(global)) {
+ return global;
+ }
+
+ JSObject* scope = UnprivilegedJunkScope();
+ JS::ExposeObjectToActiveJS(scope);
+ return scope;
+}
+
+JSObject* PrivilegedJunkScope() { return XPCJSRuntime::Get()->LoaderGlobal(); }
+
+JSObject* CompilationScope() { return XPCJSRuntime::Get()->LoaderGlobal(); }
+
+nsGlobalWindowInner* WindowOrNull(JSObject* aObj) {
+ MOZ_ASSERT(aObj);
+ MOZ_ASSERT(!js::IsWrapper(aObj));
+
+ nsGlobalWindowInner* win = nullptr;
+ UNWRAP_NON_WRAPPER_OBJECT(Window, aObj, win);
+ return win;
+}
+
+nsGlobalWindowInner* WindowGlobalOrNull(JSObject* aObj) {
+ MOZ_ASSERT(aObj);
+ JSObject* glob = JS::GetNonCCWObjectGlobal(aObj);
+
+ return WindowOrNull(glob);
+}
+
+nsGlobalWindowInner* SandboxWindowOrNull(JSObject* aObj, JSContext* aCx) {
+ MOZ_ASSERT(aObj);
+
+ if (!IsSandbox(aObj)) {
+ return nullptr;
+ }
+
+ // Sandbox can't be a Proxy so it must have a static prototype.
+ JSObject* proto = GetStaticPrototype(aObj);
+ if (!proto || !IsSandboxPrototypeProxy(proto)) {
+ return nullptr;
+ }
+
+ proto = js::CheckedUnwrapDynamic(proto, aCx, /* stopAtWindowProxy = */ false);
+ if (!proto) {
+ return nullptr;
+ }
+ return WindowOrNull(proto);
+}
+
+nsGlobalWindowInner* CurrentWindowOrNull(JSContext* cx) {
+ JSObject* glob = JS::CurrentGlobalOrNull(cx);
+ return glob ? WindowOrNull(glob) : nullptr;
+}
+
+// Nukes all wrappers into or out of the given realm, and prevents new
+// wrappers from being created. Additionally marks the realm as
+// unscriptable after wrappers have been nuked.
+//
+// Note: This should *only* be called for browser or extension realms.
+// Wrappers between web compartments must never be cut in web-observable
+// ways.
+void NukeAllWrappersForRealm(
+ JSContext* cx, JS::Realm* realm,
+ js::NukeReferencesToWindow nukeReferencesToWindow) {
+ // We do the following:
+ // * Nuke all wrappers into the realm.
+ // * Nuke all wrappers out of the realm's compartment, once we have nuked all
+ // realms in it.
+ js::NukeCrossCompartmentWrappers(cx, js::AllCompartments(), realm,
+ nukeReferencesToWindow,
+ js::NukeAllReferences);
+
+ // Mark the realm as unscriptable.
+ xpc::RealmPrivate::Get(realm)->scriptability.Block();
+}
+
+} // namespace xpc
+
+static void CompartmentDestroyedCallback(JS::GCContext* gcx,
+ JS::Compartment* compartment) {
+ // NB - This callback may be called in JS_DestroyContext, which happens
+ // after the XPCJSRuntime has been torn down.
+
+ // Get the current compartment private into a UniquePtr (which will do the
+ // cleanup for us), and null out the private (which may already be null).
+ mozilla::UniquePtr<CompartmentPrivate> priv(
+ CompartmentPrivate::Get(compartment));
+ JS_SetCompartmentPrivate(compartment, nullptr);
+}
+
+static size_t CompartmentSizeOfIncludingThisCallback(
+ MallocSizeOf mallocSizeOf, JS::Compartment* compartment) {
+ CompartmentPrivate* priv = CompartmentPrivate::Get(compartment);
+ return priv ? priv->SizeOfIncludingThis(mallocSizeOf) : 0;
+}
+
+/*
+ * Return true if there exists a non-system inner window which is a current
+ * inner window and whose reflector is gray. We don't merge system
+ * compartments, so we don't use them to trigger merging CCs.
+ */
+bool XPCJSRuntime::UsefulToMergeZones() const {
+ MOZ_ASSERT(NS_IsMainThread());
+
+ // Turns out, actually making this return true often enough makes Windows
+ // mochitest-gl OOM a lot. Need to figure out what's going on there; see
+ // bug 1277036.
+
+ return false;
+}
+
+void XPCJSRuntime::TraceNativeBlackRoots(JSTracer* trc) {
+ if (CycleCollectedJSContext* ccx = GetContext()) {
+ const auto* cx = static_cast<const XPCJSContext*>(ccx);
+ if (AutoMarkingPtr* roots = cx->mAutoRoots) {
+ roots->TraceJSAll(trc);
+ }
+ }
+
+ if (mIID2NativeInterfaceMap) {
+ mIID2NativeInterfaceMap->Trace(trc);
+ }
+
+ dom::TraceBlackJS(trc);
+}
+
+void XPCJSRuntime::TraceAdditionalNativeGrayRoots(JSTracer* trc) {
+ XPCWrappedNativeScope::TraceWrappedNativesInAllScopes(this, trc);
+}
+
+void XPCJSRuntime::TraverseAdditionalNativeRoots(
+ nsCycleCollectionNoteRootCallback& cb) {
+ XPCWrappedNativeScope::SuspectAllWrappers(cb);
+
+ auto* parti = NS_CYCLE_COLLECTION_PARTICIPANT(nsXPCWrappedJS);
+ for (auto* wjs : mSubjectToFinalizationWJS) {
+ MOZ_DIAGNOSTIC_ASSERT(wjs->IsSubjectToFinalization());
+ cb.NoteXPCOMRoot(ToSupports(wjs), parti);
+ }
+}
+
+void XPCJSRuntime::UnmarkSkippableJSHolders() {
+ CycleCollectedJSRuntime::UnmarkSkippableJSHolders();
+}
+
+void XPCJSRuntime::PrepareForForgetSkippable() {
+ nsCOMPtr<nsIObserverService> obs = xpc::GetObserverService();
+ if (obs) {
+ obs->NotifyObservers(nullptr, "cycle-collector-forget-skippable", nullptr);
+ }
+}
+
+void XPCJSRuntime::BeginCycleCollectionCallback(CCReason aReason) {
+ nsJSContext::BeginCycleCollectionCallback(aReason);
+
+ nsCOMPtr<nsIObserverService> obs = xpc::GetObserverService();
+ if (obs) {
+ obs->NotifyObservers(nullptr, "cycle-collector-begin", nullptr);
+ }
+}
+
+void XPCJSRuntime::EndCycleCollectionCallback(CycleCollectorResults& aResults) {
+ nsJSContext::EndCycleCollectionCallback(aResults);
+
+ nsCOMPtr<nsIObserverService> obs = xpc::GetObserverService();
+ if (obs) {
+ obs->NotifyObservers(nullptr, "cycle-collector-end", nullptr);
+ }
+}
+
+void XPCJSRuntime::DispatchDeferredDeletion(bool aContinuation, bool aPurge) {
+ mAsyncSnowWhiteFreer->Start(aContinuation, aPurge);
+}
+
+void xpc_UnmarkSkippableJSHolders() {
+ if (nsXPConnect::GetRuntimeInstance()) {
+ nsXPConnect::GetRuntimeInstance()->UnmarkSkippableJSHolders();
+ }
+}
+
+/* static */
+void XPCJSRuntime::GCSliceCallback(JSContext* cx, JS::GCProgress progress,
+ const JS::GCDescription& desc) {
+ XPCJSRuntime* self = nsXPConnect::GetRuntimeInstance();
+ if (!self) {
+ return;
+ }
+
+ nsCOMPtr<nsIObserverService> obs = xpc::GetObserverService();
+ if (obs) {
+ switch (progress) {
+ case JS::GC_CYCLE_BEGIN:
+ obs->NotifyObservers(nullptr, "garbage-collector-begin", nullptr);
+ break;
+ case JS::GC_CYCLE_END:
+ obs->NotifyObservers(nullptr, "garbage-collector-end", nullptr);
+ break;
+ default:
+ break;
+ }
+ }
+
+ CrashReporter::SetGarbageCollecting(progress == JS::GC_CYCLE_BEGIN);
+
+ if (self->mPrevGCSliceCallback) {
+ (*self->mPrevGCSliceCallback)(cx, progress, desc);
+ }
+}
+
+/* static */
+void XPCJSRuntime::DoCycleCollectionCallback(JSContext* cx) {
+ // The GC has detected that a CC at this point would collect a tremendous
+ // amount of garbage that is being revivified unnecessarily.
+ //
+ // The GC_WAITING reason is a little overloaded here, but we want to do
+ // a CC to allow Realms to be collected when they are referenced by a cycle.
+ NS_DispatchToCurrentThread(NS_NewRunnableFunction(
+ "XPCJSRuntime::DoCycleCollectionCallback",
+ []() { nsJSContext::CycleCollectNow(CCReason::GC_WAITING, nullptr); }));
+
+ XPCJSRuntime* self = nsXPConnect::GetRuntimeInstance();
+ if (!self) {
+ return;
+ }
+
+ if (self->mPrevDoCycleCollectionCallback) {
+ (*self->mPrevDoCycleCollectionCallback)(cx);
+ }
+}
+
+void XPCJSRuntime::CustomGCCallback(JSGCStatus status) {
+ nsTArray<xpcGCCallback> callbacks(extraGCCallbacks.Clone());
+ for (uint32_t i = 0; i < callbacks.Length(); ++i) {
+ callbacks[i](status);
+ }
+}
+
+/* static */
+void XPCJSRuntime::FinalizeCallback(JS::GCContext* gcx, JSFinalizeStatus status,
+ void* data) {
+ XPCJSRuntime* self = nsXPConnect::GetRuntimeInstance();
+ if (!self) {
+ return;
+ }
+
+ switch (status) {
+ case JSFINALIZE_GROUP_PREPARE: {
+ MOZ_ASSERT(!self->mDoingFinalization, "bad state");
+
+ MOZ_ASSERT(!self->mGCIsRunning, "bad state");
+ self->mGCIsRunning = true;
+
+ self->mDoingFinalization = true;
+
+ break;
+ }
+ case JSFINALIZE_GROUP_START: {
+ MOZ_ASSERT(self->mDoingFinalization, "bad state");
+
+ MOZ_ASSERT(self->mGCIsRunning, "bad state");
+ self->mGCIsRunning = false;
+
+ break;
+ }
+ case JSFINALIZE_GROUP_END: {
+ MOZ_ASSERT(self->mDoingFinalization, "bad state");
+ self->mDoingFinalization = false;
+
+ break;
+ }
+ case JSFINALIZE_COLLECTION_END: {
+ MOZ_ASSERT(!self->mGCIsRunning, "bad state");
+ self->mGCIsRunning = true;
+
+ if (CycleCollectedJSContext* ccx = self->GetContext()) {
+ const auto* cx = static_cast<const XPCJSContext*>(ccx);
+ if (AutoMarkingPtr* roots = cx->mAutoRoots) {
+ roots->MarkAfterJSFinalizeAll();
+ }
+
+ // Now we are going to recycle any unused WrappedNativeTearoffs.
+ // We do this by iterating all the live callcontexts
+ // and marking the tearoffs in use. And then we
+ // iterate over all the WrappedNative wrappers and sweep their
+ // tearoffs.
+ //
+ // This allows us to perhaps minimize the growth of the
+ // tearoffs. And also makes us not hold references to interfaces
+ // on our wrapped natives that we are not actually using.
+ //
+ // XXX We may decide to not do this on *every* gc cycle.
+
+ XPCCallContext* ccxp = cx->GetCallContext();
+ while (ccxp) {
+ // Deal with the strictness of callcontext that
+ // complains if you ask for a tearoff when
+ // it is in a state where the tearoff could not
+ // possibly be valid.
+ if (ccxp->CanGetTearOff()) {
+ XPCWrappedNativeTearOff* to = ccxp->GetTearOff();
+ if (to) {
+ to->Mark();
+ }
+ }
+ ccxp = ccxp->GetPrevCallContext();
+ }
+ }
+
+ XPCWrappedNativeScope::SweepAllWrappedNativeTearOffs();
+
+ // Now we need to kill the 'Dying' XPCWrappedNativeProtos.
+ //
+ // We transferred these native objects to this list when their JSObjects
+ // were finalized. We did not destroy them immediately at that point
+ // because the ordering of JS finalization is not deterministic and we did
+ // not yet know if any wrappers that might still be referencing the protos
+ // were still yet to be finalized and destroyed. We *do* know that the
+ // protos' JSObjects would not have been finalized if there were any
+ // wrappers that referenced the proto but were not themselves slated for
+ // finalization in this gc cycle.
+ //
+ // At this point we know that any and all wrappers that might have been
+ // referencing the protos in the dying list are themselves dead. So, we
+ // can safely delete all the protos in the list.
+ self->mDyingWrappedNativeProtos.clear();
+
+ MOZ_ASSERT(self->mGCIsRunning, "bad state");
+ self->mGCIsRunning = false;
+
+ break;
+ }
+ }
+}
+
+/* static */
+void XPCJSRuntime::WeakPointerZonesCallback(JSTracer* trc, void* data) {
+ // Called before each sweeping slice -- after processing any final marking
+ // triggered by barriers -- to clear out any references to things that are
+ // about to be finalized and update any pointers to moved GC things.
+ XPCJSRuntime* self = static_cast<XPCJSRuntime*>(data);
+
+ // This callback is always called from within the GC so set the mGCIsRunning
+ // flag to prevent AssertInvalidWrappedJSNotInTable from trying to call back
+ // into the JS API. This has often already been set by FinalizeCallback by the
+ // time we get here, but it may not be if we are doing a shutdown GC or if we
+ // are called for compacting GC.
+ AutoRestore<bool> restoreState(self->mGCIsRunning);
+ self->mGCIsRunning = true;
+
+ self->mWrappedJSMap->UpdateWeakPointersAfterGC(trc);
+ self->mUAWidgetScopeMap.traceWeak(trc);
+}
+
+/* static */
+void XPCJSRuntime::WeakPointerCompartmentCallback(JSTracer* trc,
+ JS::Compartment* comp,
+ void* data) {
+ // Called immediately after the ZoneGroup weak pointer callback, but only
+ // once for each compartment that is being swept.
+ CompartmentPrivate* xpcComp = CompartmentPrivate::Get(comp);
+ if (xpcComp) {
+ xpcComp->UpdateWeakPointersAfterGC(trc);
+ }
+}
+
+void CompartmentPrivate::UpdateWeakPointersAfterGC(JSTracer* trc) {
+ mRemoteProxies.traceWeak(trc);
+ mWrappedJSMap->UpdateWeakPointersAfterGC(trc);
+ mScope->UpdateWeakPointersAfterGC(trc);
+}
+
+void XPCJSRuntime::CustomOutOfMemoryCallback() {
+ if (!Preferences::GetBool("memory.dump_reports_on_oom")) {
+ return;
+ }
+
+ nsCOMPtr<nsIMemoryInfoDumper> dumper =
+ do_GetService("@mozilla.org/memory-info-dumper;1");
+ if (!dumper) {
+ return;
+ }
+
+ // If this fails, it fails silently.
+ dumper->DumpMemoryInfoToTempDir(u"due-to-JS-OOM"_ns,
+ /* anonymize = */ false,
+ /* minimizeMemoryUsage = */ false);
+}
+
+void XPCJSRuntime::OnLargeAllocationFailure() {
+ CycleCollectedJSRuntime::SetLargeAllocationFailure(OOMState::Reporting);
+
+ nsCOMPtr<nsIObserverService> os = xpc::GetObserverService();
+ if (os) {
+ os->NotifyObservers(nullptr, "memory-pressure", u"heap-minimize");
+ }
+
+ CycleCollectedJSRuntime::SetLargeAllocationFailure(OOMState::Reported);
+}
+
+class LargeAllocationFailureRunnable final : public Runnable {
+ Mutex mMutex MOZ_UNANNOTATED;
+ CondVar mCondVar;
+ bool mWaiting;
+
+ virtual ~LargeAllocationFailureRunnable() { MOZ_ASSERT(!mWaiting); }
+
+ protected:
+ NS_IMETHOD Run() override {
+ MOZ_ASSERT(NS_IsMainThread());
+
+ XPCJSRuntime::Get()->OnLargeAllocationFailure();
+
+ MutexAutoLock lock(mMutex);
+ MOZ_ASSERT(mWaiting);
+
+ mWaiting = false;
+ mCondVar.Notify();
+ return NS_OK;
+ }
+
+ public:
+ LargeAllocationFailureRunnable()
+ : mozilla::Runnable("LargeAllocationFailureRunnable"),
+ mMutex("LargeAllocationFailureRunnable::mMutex"),
+ mCondVar(mMutex, "LargeAllocationFailureRunnable::mCondVar"),
+ mWaiting(true) {
+ MOZ_ASSERT(!NS_IsMainThread());
+ }
+
+ void BlockUntilDone() {
+ MOZ_ASSERT(!NS_IsMainThread());
+
+ MutexAutoLock lock(mMutex);
+ while (mWaiting) {
+ mCondVar.Wait();
+ }
+ }
+};
+
+static void OnLargeAllocationFailureCallback() {
+ // This callback can be called from any thread, including internal JS helper
+ // and DOM worker threads. We need to send the low-memory event via the
+ // observer service which can only be called on the main thread, so proxy to
+ // the main thread if we're not there already. The purpose of this callback
+ // is to synchronously free some memory so the caller can retry a failed
+ // allocation, so block on the completion.
+
+ if (NS_IsMainThread()) {
+ XPCJSRuntime::Get()->OnLargeAllocationFailure();
+ return;
+ }
+
+ RefPtr<LargeAllocationFailureRunnable> r = new LargeAllocationFailureRunnable;
+ if (NS_WARN_IF(NS_FAILED(NS_DispatchToMainThread(r)))) {
+ return;
+ }
+
+ r->BlockUntilDone();
+}
+
+// Usually this is used through nsIPlatformInfo. However, being able to query
+// this interface on all threads risk triggering some main-thread assertions
+// which is not guaranteed by the callers of GetBuildId.
+extern const char gToolkitBuildID[];
+
+bool mozilla::GetBuildId(JS::BuildIdCharVector* aBuildID) {
+ size_t length = std::char_traits<char>::length(gToolkitBuildID);
+ return aBuildID->append(gToolkitBuildID, length);
+}
+
+size_t XPCJSRuntime::SizeOfIncludingThis(MallocSizeOf mallocSizeOf) {
+ size_t n = 0;
+ n += mallocSizeOf(this);
+ n += mWrappedJSMap->SizeOfIncludingThis(mallocSizeOf);
+ n += mIID2NativeInterfaceMap->SizeOfIncludingThis(mallocSizeOf);
+ n += mClassInfo2NativeSetMap->ShallowSizeOfIncludingThis(mallocSizeOf);
+ n += mNativeSetMap->SizeOfIncludingThis(mallocSizeOf);
+
+ n += CycleCollectedJSRuntime::SizeOfExcludingThis(mallocSizeOf);
+
+ // There are other XPCJSRuntime members that could be measured; the above
+ // ones have been seen by DMD to be worth measuring. More stuff may be
+ // added later.
+
+ return n;
+}
+
+size_t CompartmentPrivate::SizeOfIncludingThis(MallocSizeOf mallocSizeOf) {
+ size_t n = mallocSizeOf(this);
+ n += mWrappedJSMap->SizeOfIncludingThis(mallocSizeOf);
+ n += mWrappedJSMap->SizeOfWrappedJS(mallocSizeOf);
+ return n;
+}
+
+/***************************************************************************/
+
+void XPCJSRuntime::Shutdown(JSContext* cx) {
+ // This destructor runs before ~CycleCollectedJSContext, which does the actual
+ // JS_DestroyContext() call. But destroying the context triggers one final GC,
+ // which can call back into the context with various callbacks if we aren't
+ // careful. Remove the relevant callbacks, but leave the weak pointer
+ // callbacks to clear out any remaining table entries.
+ JS_RemoveFinalizeCallback(cx, FinalizeCallback);
+ xpc_DelocalizeRuntime(JS_GetRuntime(cx));
+
+ JS::SetGCSliceCallback(cx, mPrevGCSliceCallback);
+
+ nsScriptSecurityManager::ClearJSCallbacks(cx);
+
+ // Clean up and destroy maps. Any remaining entries in mWrappedJSMap will be
+ // cleaned up by the weak pointer callbacks.
+ mIID2NativeInterfaceMap = nullptr;
+
+ mClassInfo2NativeSetMap = nullptr;
+
+ mNativeSetMap = nullptr;
+
+ // Prevent ~LinkedList assertion failures if we leaked things.
+ mWrappedNativeScopes.clear();
+
+ mSubjectToFinalizationWJS.clear();
+
+ CycleCollectedJSRuntime::Shutdown(cx);
+}
+
+XPCJSRuntime::~XPCJSRuntime() {
+ MOZ_COUNT_DTOR_INHERITED(XPCJSRuntime, CycleCollectedJSRuntime);
+}
+
+// If |*anonymizeID| is non-zero and this is a user realm, the name will
+// be anonymized.
+static void GetRealmName(JS::Realm* realm, nsCString& name, int* anonymizeID,
+ bool replaceSlashes) {
+ if (*anonymizeID && !js::IsSystemRealm(realm)) {
+ name.AppendPrintf("<anonymized-%d>", *anonymizeID);
+ *anonymizeID += 1;
+ } else if (JSPrincipals* principals = JS::GetRealmPrincipals(realm)) {
+ nsresult rv = nsJSPrincipals::get(principals)->GetScriptLocation(name);
+ if (NS_FAILED(rv)) {
+ name.AssignLiteral("(unknown)");
+ }
+
+ // If the realm's location (name) differs from the principal's script
+ // location, append the realm's location to allow differentiation of
+ // multiple realms owned by the same principal (e.g. components owned
+ // by the system or null principal).
+ RealmPrivate* realmPrivate = RealmPrivate::Get(realm);
+ if (realmPrivate) {
+ const nsACString& location = realmPrivate->GetLocation();
+ if (!location.IsEmpty() && !location.Equals(name)) {
+ name.AppendLiteral(", ");
+ name.Append(location);
+ }
+ }
+
+ if (*anonymizeID) {
+ // We might have a file:// URL that includes a path from the local
+ // filesystem, which should be omitted if we're anonymizing.
+ static const char* filePrefix = "file://";
+ int filePos = name.Find(filePrefix);
+ if (filePos >= 0) {
+ int pathPos = filePos + strlen(filePrefix);
+ int lastSlashPos = -1;
+ for (int i = pathPos; i < int(name.Length()); i++) {
+ if (name[i] == '/' || name[i] == '\\') {
+ lastSlashPos = i;
+ }
+ }
+ if (lastSlashPos != -1) {
+ name.ReplaceLiteral(pathPos, lastSlashPos - pathPos, "<anonymized>");
+ } else {
+ // Something went wrong. Anonymize the entire path to be
+ // safe.
+ name.Truncate(pathPos);
+ name += "<anonymized?!>";
+ }
+ }
+
+ // We might have a location like this:
+ // inProcessBrowserChildGlobal?ownedBy=http://www.example.com/
+ // The owner should be omitted if it's not a chrome: URI and we're
+ // anonymizing.
+ static const char* ownedByPrefix = "inProcessBrowserChildGlobal?ownedBy=";
+ int ownedByPos = name.Find(ownedByPrefix);
+ if (ownedByPos >= 0) {
+ const char* chrome = "chrome:";
+ int ownerPos = ownedByPos + strlen(ownedByPrefix);
+ const nsDependentCSubstring& ownerFirstPart =
+ Substring(name, ownerPos, strlen(chrome));
+ if (!ownerFirstPart.EqualsASCII(chrome)) {
+ name.Truncate(ownerPos);
+ name += "<anonymized>";
+ }
+ }
+ }
+
+ // A hack: replace forward slashes with '\\' so they aren't
+ // treated as path separators. Users of the reporters
+ // (such as about:memory) have to undo this change.
+ if (replaceSlashes) {
+ name.ReplaceChar('/', '\\');
+ }
+ } else {
+ name.AssignLiteral("null-principal");
+ }
+}
+
+extern void xpc::GetCurrentRealmName(JSContext* cx, nsCString& name) {
+ RootedObject global(cx, JS::CurrentGlobalOrNull(cx));
+ if (!global) {
+ name.AssignLiteral("no global");
+ return;
+ }
+
+ JS::Realm* realm = GetNonCCWObjectRealm(global);
+ int anonymizeID = 0;
+ GetRealmName(realm, name, &anonymizeID, false);
+}
+
+void xpc::AddGCCallback(xpcGCCallback cb) {
+ XPCJSRuntime::Get()->AddGCCallback(cb);
+}
+
+void xpc::RemoveGCCallback(xpcGCCallback cb) {
+ XPCJSRuntime::Get()->RemoveGCCallback(cb);
+}
+
+static int64_t JSMainRuntimeGCHeapDistinguishedAmount() {
+ JSContext* cx = danger::GetJSContext();
+ return int64_t(JS_GetGCParameter(cx, JSGC_TOTAL_CHUNKS)) * js::gc::ChunkSize;
+}
+
+static int64_t JSMainRuntimeTemporaryPeakDistinguishedAmount() {
+ JSContext* cx = danger::GetJSContext();
+ return JS::PeakSizeOfTemporary(cx);
+}
+
+static int64_t JSMainRuntimeCompartmentsSystemDistinguishedAmount() {
+ JSContext* cx = danger::GetJSContext();
+ return JS::SystemCompartmentCount(cx);
+}
+
+static int64_t JSMainRuntimeCompartmentsUserDistinguishedAmount() {
+ JSContext* cx = XPCJSContext::Get()->Context();
+ return JS::UserCompartmentCount(cx);
+}
+
+static int64_t JSMainRuntimeRealmsSystemDistinguishedAmount() {
+ JSContext* cx = danger::GetJSContext();
+ return JS::SystemRealmCount(cx);
+}
+
+static int64_t JSMainRuntimeRealmsUserDistinguishedAmount() {
+ JSContext* cx = XPCJSContext::Get()->Context();
+ return JS::UserRealmCount(cx);
+}
+
+class JSMainRuntimeTemporaryPeakReporter final : public nsIMemoryReporter {
+ ~JSMainRuntimeTemporaryPeakReporter() = default;
+
+ public:
+ NS_DECL_ISUPPORTS
+
+ NS_IMETHOD CollectReports(nsIHandleReportCallback* aHandleReport,
+ nsISupports* aData, bool aAnonymize) override {
+ MOZ_COLLECT_REPORT(
+ "js-main-runtime-temporary-peak", KIND_OTHER, UNITS_BYTES,
+ JSMainRuntimeTemporaryPeakDistinguishedAmount(),
+ "Peak transient data size in the main JSRuntime (the current size "
+ "of which is reported as "
+ "'explicit/js-non-window/runtime/temporary').");
+
+ return NS_OK;
+ }
+};
+
+NS_IMPL_ISUPPORTS(JSMainRuntimeTemporaryPeakReporter, nsIMemoryReporter)
+
+// The REPORT* macros do an unconditional report. The ZRREPORT* macros are for
+// realms and zones; they aggregate any entries smaller than
+// SUNDRIES_THRESHOLD into the "sundries/gc-heap" and "sundries/malloc-heap"
+// entries for the realm.
+
+#define SUNDRIES_THRESHOLD js::MemoryReportingSundriesThreshold()
+
+#define REPORT(_path, _kind, _units, _amount, _desc) \
+ handleReport->Callback(""_ns, _path, nsIMemoryReporter::_kind, \
+ nsIMemoryReporter::_units, _amount, \
+ nsLiteralCString(_desc), data);
+
+#define REPORT_BYTES(_path, _kind, _amount, _desc) \
+ REPORT(_path, _kind, UNITS_BYTES, _amount, _desc);
+
+#define REPORT_GC_BYTES(_path, _amount, _desc) \
+ do { \
+ size_t amount = _amount; /* evaluate _amount only once */ \
+ handleReport->Callback(""_ns, _path, nsIMemoryReporter::KIND_NONHEAP, \
+ nsIMemoryReporter::UNITS_BYTES, amount, \
+ nsLiteralCString(_desc), data); \
+ gcTotal += amount; \
+ } while (0)
+
+// Report realm/zone non-GC (KIND_HEAP) bytes.
+#define ZRREPORT_BYTES(_path, _amount, _desc) \
+ do { \
+ /* Assign _descLiteral plus "" into a char* to prove that it's */ \
+ /* actually a literal. */ \
+ size_t amount = _amount; /* evaluate _amount only once */ \
+ if (amount >= SUNDRIES_THRESHOLD) { \
+ handleReport->Callback(""_ns, _path, nsIMemoryReporter::KIND_HEAP, \
+ nsIMemoryReporter::UNITS_BYTES, amount, \
+ nsLiteralCString(_desc), data); \
+ } else { \
+ sundriesMallocHeap += amount; \
+ } \
+ } while (0)
+
+// Report realm/zone GC bytes.
+#define ZRREPORT_GC_BYTES(_path, _amount, _desc) \
+ do { \
+ size_t amount = _amount; /* evaluate _amount only once */ \
+ if (amount >= SUNDRIES_THRESHOLD) { \
+ handleReport->Callback(""_ns, _path, nsIMemoryReporter::KIND_NONHEAP, \
+ nsIMemoryReporter::UNITS_BYTES, amount, \
+ nsLiteralCString(_desc), data); \
+ gcTotal += amount; \
+ } else { \
+ sundriesGCHeap += amount; \
+ } \
+ } while (0)
+
+// Report realm/zone non-heap bytes.
+#define ZRREPORT_NONHEAP_BYTES(_path, _amount, _desc) \
+ do { \
+ size_t amount = _amount; /* evaluate _amount only once */ \
+ if (amount >= SUNDRIES_THRESHOLD) { \
+ handleReport->Callback(""_ns, _path, nsIMemoryReporter::KIND_NONHEAP, \
+ nsIMemoryReporter::UNITS_BYTES, amount, \
+ nsLiteralCString(_desc), data); \
+ } else { \
+ sundriesNonHeap += amount; \
+ } \
+ } while (0)
+
+// Report runtime bytes.
+#define RREPORT_BYTES(_path, _kind, _amount, _desc) \
+ do { \
+ size_t amount = _amount; /* evaluate _amount only once */ \
+ handleReport->Callback(""_ns, _path, nsIMemoryReporter::_kind, \
+ nsIMemoryReporter::UNITS_BYTES, amount, \
+ nsLiteralCString(_desc), data); \
+ rtTotal += amount; \
+ } while (0)
+
+// Report GC thing bytes.
+#define MREPORT_BYTES(_path, _kind, _amount, _desc) \
+ do { \
+ size_t amount = _amount; /* evaluate _amount only once */ \
+ handleReport->Callback(""_ns, _path, nsIMemoryReporter::_kind, \
+ nsIMemoryReporter::UNITS_BYTES, amount, \
+ nsLiteralCString(_desc), data); \
+ gcThingTotal += amount; \
+ } while (0)
+
+MOZ_DEFINE_MALLOC_SIZE_OF(JSMallocSizeOf)
+
+namespace xpc {
+
+static void ReportZoneStats(const JS::ZoneStats& zStats,
+ const xpc::ZoneStatsExtras& extras,
+ nsIHandleReportCallback* handleReport,
+ nsISupports* data, bool anonymize,
+ size_t* gcTotalOut = nullptr) {
+ const nsCString& pathPrefix = extras.pathPrefix;
+ size_t gcTotal = 0;
+ size_t sundriesGCHeap = 0;
+ size_t sundriesMallocHeap = 0;
+ size_t sundriesNonHeap = 0;
+
+ MOZ_ASSERT(!gcTotalOut == zStats.isTotals);
+
+ ZRREPORT_GC_BYTES(pathPrefix + "symbols/gc-heap"_ns, zStats.symbolsGCHeap,
+ "Symbols.");
+
+ ZRREPORT_GC_BYTES(
+ pathPrefix + "gc-heap-arena-admin"_ns, zStats.gcHeapArenaAdmin,
+ "Bookkeeping information and alignment padding within GC arenas.");
+
+ ZRREPORT_GC_BYTES(pathPrefix + "unused-gc-things"_ns,
+ zStats.unusedGCThings.totalSize(),
+ "Unused GC thing cells within non-empty arenas.");
+
+ ZRREPORT_BYTES(pathPrefix + "unique-id-map"_ns, zStats.uniqueIdMap,
+ "Address-independent cell identities.");
+
+ ZRREPORT_BYTES(pathPrefix + "propmap-tables"_ns, zStats.initialPropMapTable,
+ "Tables storing property map information.");
+
+ ZRREPORT_BYTES(pathPrefix + "shape-tables"_ns, zStats.shapeTables,
+ "Tables storing shape information.");
+
+ ZRREPORT_BYTES(pathPrefix + "compartments/compartment-objects"_ns,
+ zStats.compartmentObjects,
+ "The JS::Compartment objects in this zone.");
+
+ ZRREPORT_BYTES(
+ pathPrefix + "compartments/cross-compartment-wrapper-tables"_ns,
+ zStats.crossCompartmentWrappersTables,
+ "The cross-compartment wrapper tables.");
+
+ ZRREPORT_BYTES(
+ pathPrefix + "compartments/private-data"_ns,
+ zStats.compartmentsPrivateData,
+ "Extra data attached to each compartment by XPConnect, including "
+ "its wrapped-js.");
+
+ ZRREPORT_GC_BYTES(pathPrefix + "jit-codes-gc-heap"_ns, zStats.jitCodesGCHeap,
+ "References to executable code pools used by the JITs.");
+
+ ZRREPORT_GC_BYTES(pathPrefix + "getter-setters-gc-heap"_ns,
+ zStats.getterSettersGCHeap,
+ "Information for getter/setter properties.");
+
+ ZRREPORT_GC_BYTES(pathPrefix + "property-maps/gc-heap/compact"_ns,
+ zStats.compactPropMapsGCHeap,
+ "Information about object properties.");
+
+ ZRREPORT_GC_BYTES(pathPrefix + "property-maps/gc-heap/normal"_ns,
+ zStats.normalPropMapsGCHeap,
+ "Information about object properties.");
+
+ ZRREPORT_GC_BYTES(pathPrefix + "property-maps/gc-heap/dict"_ns,
+ zStats.dictPropMapsGCHeap,
+ "Information about dictionary mode object properties.");
+
+ ZRREPORT_BYTES(pathPrefix + "property-maps/malloc-heap/children"_ns,
+ zStats.propMapChildren, "Tables for PropMap children.");
+
+ ZRREPORT_BYTES(pathPrefix + "property-maps/malloc-heap/tables"_ns,
+ zStats.propMapTables, "HashTables for PropMaps.");
+
+ ZRREPORT_GC_BYTES(pathPrefix + "scopes/gc-heap"_ns, zStats.scopesGCHeap,
+ "Scope information for scripts.");
+
+ ZRREPORT_BYTES(pathPrefix + "scopes/malloc-heap"_ns, zStats.scopesMallocHeap,
+ "Arrays of binding names and other binding-related data.");
+
+ ZRREPORT_GC_BYTES(pathPrefix + "regexp-shareds/gc-heap"_ns,
+ zStats.regExpSharedsGCHeap, "Shared compiled regexp data.");
+
+ ZRREPORT_BYTES(pathPrefix + "regexp-shareds/malloc-heap"_ns,
+ zStats.regExpSharedsMallocHeap,
+ "Shared compiled regexp data.");
+
+ ZRREPORT_BYTES(pathPrefix + "regexp-zone"_ns, zStats.regexpZone,
+ "The regexp zone and regexp data.");
+
+ ZRREPORT_BYTES(pathPrefix + "jit-zone"_ns, zStats.jitZone, "The JIT zone.");
+
+ ZRREPORT_BYTES(pathPrefix + "baseline/optimized-stubs"_ns,
+ zStats.baselineStubsOptimized,
+ "The Baseline JIT's optimized IC stubs (excluding code).");
+
+ ZRREPORT_BYTES(pathPrefix + "script-counts-map"_ns, zStats.scriptCountsMap,
+ "Profiling-related information for scripts.");
+
+ ZRREPORT_NONHEAP_BYTES(pathPrefix + "code/ion"_ns, zStats.code.ion,
+ "Code generated by the IonMonkey JIT.");
+
+ ZRREPORT_NONHEAP_BYTES(pathPrefix + "code/baseline"_ns, zStats.code.baseline,
+ "Code generated by the Baseline JIT.");
+
+ ZRREPORT_NONHEAP_BYTES(pathPrefix + "code/regexp"_ns, zStats.code.regexp,
+ "Code generated by the regexp JIT.");
+
+ ZRREPORT_NONHEAP_BYTES(
+ pathPrefix + "code/other"_ns, zStats.code.other,
+ "Code generated by the JITs for wrappers and trampolines.");
+
+ ZRREPORT_NONHEAP_BYTES(pathPrefix + "code/unused"_ns, zStats.code.unused,
+ "Memory allocated by one of the JITs to hold code, "
+ "but which is currently unused.");
+
+ size_t stringsNotableAboutMemoryGCHeap = 0;
+ size_t stringsNotableAboutMemoryMallocHeap = 0;
+
+#define MAYBE_INLINE "The characters may be inline or on the malloc heap."
+#define MAYBE_OVERALLOCATED \
+ "Sometimes over-allocated to simplify string concatenation."
+
+ for (size_t i = 0; i < zStats.notableStrings.length(); i++) {
+ const JS::NotableStringInfo& info = zStats.notableStrings[i];
+
+ MOZ_ASSERT(!zStats.isTotals);
+
+ // We don't do notable string detection when anonymizing, because
+ // there's a good chance its for crash submission, and the memory
+ // required for notable string detection is high.
+ MOZ_ASSERT(!anonymize);
+
+ nsDependentCString notableString(info.buffer.get());
+
+ // Viewing about:memory generates many notable strings which contain
+ // "string(length=". If we report these as notable, then we'll create
+ // even more notable strings the next time we open about:memory (unless
+ // there's a GC in the meantime), and so on ad infinitum.
+ //
+ // To avoid cluttering up about:memory like this, we stick notable
+ // strings which contain "string(length=" into their own bucket.
+#define STRING_LENGTH "string(length="
+ if (FindInReadable(nsLiteralCString(STRING_LENGTH), notableString)) {
+ stringsNotableAboutMemoryGCHeap += info.gcHeapLatin1;
+ stringsNotableAboutMemoryGCHeap += info.gcHeapTwoByte;
+ stringsNotableAboutMemoryMallocHeap += info.mallocHeapLatin1;
+ stringsNotableAboutMemoryMallocHeap += info.mallocHeapTwoByte;
+ continue;
+ }
+
+ // Escape / to \ before we put notableString into the memory reporter
+ // path, because we don't want any forward slashes in the string to
+ // count as path separators.
+ nsCString escapedString(notableString);
+ escapedString.ReplaceSubstring("/", "\\");
+
+ bool truncated = notableString.Length() < info.length;
+
+ nsCString path =
+ pathPrefix +
+ nsPrintfCString("strings/" STRING_LENGTH "%zu, copies=%d, \"%s\"%s)/",
+ info.length, info.numCopies, escapedString.get(),
+ truncated ? " (truncated)" : "");
+
+ if (info.gcHeapLatin1 > 0) {
+ REPORT_GC_BYTES(path + "gc-heap/latin1"_ns, info.gcHeapLatin1,
+ "Latin1 strings. " MAYBE_INLINE);
+ }
+
+ if (info.gcHeapTwoByte > 0) {
+ REPORT_GC_BYTES(path + "gc-heap/two-byte"_ns, info.gcHeapTwoByte,
+ "TwoByte strings. " MAYBE_INLINE);
+ }
+
+ if (info.mallocHeapLatin1 > 0) {
+ REPORT_BYTES(path + "malloc-heap/latin1"_ns, KIND_HEAP,
+ info.mallocHeapLatin1,
+ "Non-inline Latin1 string characters. " MAYBE_OVERALLOCATED);
+ }
+
+ if (info.mallocHeapTwoByte > 0) {
+ REPORT_BYTES(
+ path + "malloc-heap/two-byte"_ns, KIND_HEAP, info.mallocHeapTwoByte,
+ "Non-inline TwoByte string characters. " MAYBE_OVERALLOCATED);
+ }
+ }
+
+ nsCString nonNotablePath = pathPrefix;
+ nonNotablePath += (zStats.isTotals || anonymize)
+ ? "strings/"_ns
+ : "strings/string(<non-notable strings>)/"_ns;
+
+ if (zStats.stringInfo.gcHeapLatin1 > 0) {
+ REPORT_GC_BYTES(nonNotablePath + "gc-heap/latin1"_ns,
+ zStats.stringInfo.gcHeapLatin1,
+ "Latin1 strings. " MAYBE_INLINE);
+ }
+
+ if (zStats.stringInfo.gcHeapTwoByte > 0) {
+ REPORT_GC_BYTES(nonNotablePath + "gc-heap/two-byte"_ns,
+ zStats.stringInfo.gcHeapTwoByte,
+ "TwoByte strings. " MAYBE_INLINE);
+ }
+
+ if (zStats.stringInfo.mallocHeapLatin1 > 0) {
+ REPORT_BYTES(nonNotablePath + "malloc-heap/latin1"_ns, KIND_HEAP,
+ zStats.stringInfo.mallocHeapLatin1,
+ "Non-inline Latin1 string characters. " MAYBE_OVERALLOCATED);
+ }
+
+ if (zStats.stringInfo.mallocHeapTwoByte > 0) {
+ REPORT_BYTES(nonNotablePath + "malloc-heap/two-byte"_ns, KIND_HEAP,
+ zStats.stringInfo.mallocHeapTwoByte,
+ "Non-inline TwoByte string characters. " MAYBE_OVERALLOCATED);
+ }
+
+ if (stringsNotableAboutMemoryGCHeap > 0) {
+ MOZ_ASSERT(!zStats.isTotals);
+ REPORT_GC_BYTES(
+ pathPrefix + "strings/string(<about-memory>)/gc-heap"_ns,
+ stringsNotableAboutMemoryGCHeap,
+ "Strings that contain the characters '" STRING_LENGTH
+ "', which "
+ "are probably from about:memory itself." MAYBE_INLINE
+ " We filter them out rather than display them, because displaying "
+ "them would create even more such strings every time about:memory "
+ "is refreshed.");
+ }
+
+ if (stringsNotableAboutMemoryMallocHeap > 0) {
+ MOZ_ASSERT(!zStats.isTotals);
+ REPORT_BYTES(
+ pathPrefix + "strings/string(<about-memory>)/malloc-heap"_ns, KIND_HEAP,
+ stringsNotableAboutMemoryMallocHeap,
+ "Non-inline string characters of strings that contain the "
+ "characters '" STRING_LENGTH
+ "', which are probably from "
+ "about:memory itself. " MAYBE_OVERALLOCATED
+ " We filter them out rather than display them, because displaying "
+ "them would create even more such strings every time about:memory "
+ "is refreshed.");
+ }
+
+ const JS::ShapeInfo& shapeInfo = zStats.shapeInfo;
+ if (shapeInfo.shapesGCHeapShared > 0) {
+ REPORT_GC_BYTES(pathPrefix + "shapes/gc-heap/shared"_ns,
+ shapeInfo.shapesGCHeapShared, "Shared shapes.");
+ }
+
+ if (shapeInfo.shapesGCHeapDict > 0) {
+ REPORT_GC_BYTES(pathPrefix + "shapes/gc-heap/dict"_ns,
+ shapeInfo.shapesGCHeapDict, "Shapes in dictionary mode.");
+ }
+
+ if (shapeInfo.shapesGCHeapBase > 0) {
+ REPORT_GC_BYTES(pathPrefix + "shapes/gc-heap/base"_ns,
+ shapeInfo.shapesGCHeapBase,
+ "Base shapes, which collate data common to many shapes.");
+ }
+
+ if (shapeInfo.shapesMallocHeapCache > 0) {
+ REPORT_BYTES(pathPrefix + "shapes/malloc-heap/shape-cache"_ns, KIND_HEAP,
+ shapeInfo.shapesMallocHeapCache,
+ "Shape cache hash set for adding properties.");
+ }
+
+ if (sundriesGCHeap > 0) {
+ // We deliberately don't use ZRREPORT_GC_BYTES here.
+ REPORT_GC_BYTES(
+ pathPrefix + "sundries/gc-heap"_ns, sundriesGCHeap,
+ "The sum of all 'gc-heap' measurements that are too small to be "
+ "worth showing individually.");
+ }
+
+ if (sundriesMallocHeap > 0) {
+ // We deliberately don't use ZRREPORT_BYTES here.
+ REPORT_BYTES(
+ pathPrefix + "sundries/malloc-heap"_ns, KIND_HEAP, sundriesMallocHeap,
+ "The sum of all 'malloc-heap' measurements that are too small to "
+ "be worth showing individually.");
+ }
+
+ if (sundriesNonHeap > 0) {
+ // We deliberately don't use ZRREPORT_NONHEAP_BYTES here.
+ REPORT_BYTES(pathPrefix + "sundries/other-heap"_ns, KIND_NONHEAP,
+ sundriesNonHeap,
+ "The sum of non-malloc/gc measurements that are too small to "
+ "be worth showing individually.");
+ }
+
+ if (gcTotalOut) {
+ *gcTotalOut += gcTotal;
+ }
+
+#undef STRING_LENGTH
+}
+
+static void ReportClassStats(const ClassInfo& classInfo, const nsACString& path,
+ nsIHandleReportCallback* handleReport,
+ nsISupports* data, size_t& gcTotal) {
+ // We deliberately don't use ZRREPORT_BYTES, so that these per-class values
+ // don't go into sundries.
+
+ if (classInfo.objectsGCHeap > 0) {
+ REPORT_GC_BYTES(path + "objects/gc-heap"_ns, classInfo.objectsGCHeap,
+ "Objects, including fixed slots.");
+ }
+
+ if (classInfo.objectsMallocHeapSlots > 0) {
+ REPORT_BYTES(path + "objects/malloc-heap/slots"_ns, KIND_HEAP,
+ classInfo.objectsMallocHeapSlots, "Non-fixed object slots.");
+ }
+
+ if (classInfo.objectsMallocHeapElementsNormal > 0) {
+ REPORT_BYTES(path + "objects/malloc-heap/elements/normal"_ns, KIND_HEAP,
+ classInfo.objectsMallocHeapElementsNormal,
+ "Normal (non-wasm) indexed elements.");
+ }
+
+ if (classInfo.objectsMallocHeapElementsAsmJS > 0) {
+ REPORT_BYTES(path + "objects/malloc-heap/elements/asm.js"_ns, KIND_HEAP,
+ classInfo.objectsMallocHeapElementsAsmJS,
+ "asm.js array buffer elements allocated in the malloc heap.");
+ }
+
+ if (classInfo.objectsMallocHeapGlobalData > 0) {
+ REPORT_BYTES(path + "objects/malloc-heap/global-data"_ns, KIND_HEAP,
+ classInfo.objectsMallocHeapGlobalData,
+ "Data for global objects.");
+ }
+
+ if (classInfo.objectsMallocHeapGlobalVarNamesSet > 0) {
+ REPORT_BYTES(path + "objects/malloc-heap/global-varnames-set"_ns, KIND_HEAP,
+ classInfo.objectsMallocHeapGlobalVarNamesSet,
+ "Set of global names.");
+ }
+
+ if (classInfo.objectsMallocHeapMisc > 0) {
+ REPORT_BYTES(path + "objects/malloc-heap/misc"_ns, KIND_HEAP,
+ classInfo.objectsMallocHeapMisc, "Miscellaneous object data.");
+ }
+
+ if (classInfo.objectsNonHeapElementsNormal > 0) {
+ REPORT_BYTES(path + "objects/non-heap/elements/normal"_ns, KIND_NONHEAP,
+ classInfo.objectsNonHeapElementsNormal,
+ "Memory-mapped non-shared array buffer elements.");
+ }
+
+ if (classInfo.objectsNonHeapElementsShared > 0) {
+ REPORT_BYTES(
+ path + "objects/non-heap/elements/shared"_ns, KIND_NONHEAP,
+ classInfo.objectsNonHeapElementsShared,
+ "Memory-mapped shared array buffer elements. These elements are "
+ "shared between one or more runtimes; the reported size is divided "
+ "by the buffer's refcount.");
+ }
+
+ // WebAssembly memories are always non-heap-allocated (mmap). We never put
+ // these under sundries, because (a) in practice they're almost always
+ // larger than the sundries threshold, and (b) we'd need a third category of
+ // sundries ("non-heap"), which would be a pain.
+ if (classInfo.objectsNonHeapElementsWasm > 0) {
+ REPORT_BYTES(path + "objects/non-heap/elements/wasm"_ns, KIND_NONHEAP,
+ classInfo.objectsNonHeapElementsWasm,
+ "wasm/asm.js array buffer elements allocated outside both the "
+ "malloc heap and the GC heap.");
+ }
+ if (classInfo.objectsNonHeapElementsWasmShared > 0) {
+ REPORT_BYTES(
+ path + "objects/non-heap/elements/wasm-shared"_ns, KIND_NONHEAP,
+ classInfo.objectsNonHeapElementsWasmShared,
+ "wasm/asm.js array buffer elements allocated outside both the "
+ "malloc heap and the GC heap. These elements are shared between "
+ "one or more runtimes; the reported size is divided by the "
+ "buffer's refcount.");
+ }
+
+ if (classInfo.objectsNonHeapCodeWasm > 0) {
+ REPORT_BYTES(path + "objects/non-heap/code/wasm"_ns, KIND_NONHEAP,
+ classInfo.objectsNonHeapCodeWasm,
+ "AOT-compiled wasm/asm.js code.");
+ }
+}
+
+static void ReportRealmStats(const JS::RealmStats& realmStats,
+ const xpc::RealmStatsExtras& extras,
+ nsIHandleReportCallback* handleReport,
+ nsISupports* data, size_t* gcTotalOut = nullptr) {
+ static const nsDependentCString addonPrefix("explicit/add-ons/");
+
+ size_t gcTotal = 0, sundriesGCHeap = 0, sundriesMallocHeap = 0;
+ nsAutoCString realmJSPathPrefix(extras.jsPathPrefix);
+ nsAutoCString realmDOMPathPrefix(extras.domPathPrefix);
+
+ MOZ_ASSERT(!gcTotalOut == realmStats.isTotals);
+
+ nsCString nonNotablePath = realmJSPathPrefix;
+ nonNotablePath += realmStats.isTotals
+ ? "classes/"_ns
+ : "classes/class(<non-notable classes>)/"_ns;
+
+ ReportClassStats(realmStats.classInfo, nonNotablePath, handleReport, data,
+ gcTotal);
+
+ for (size_t i = 0; i < realmStats.notableClasses.length(); i++) {
+ MOZ_ASSERT(!realmStats.isTotals);
+ const JS::NotableClassInfo& classInfo = realmStats.notableClasses[i];
+
+ nsCString classPath =
+ realmJSPathPrefix +
+ nsPrintfCString("classes/class(%s)/", classInfo.className_.get());
+
+ ReportClassStats(classInfo, classPath, handleReport, data, gcTotal);
+ }
+
+ // Note that we use realmDOMPathPrefix here. This is because we measure
+ // orphan DOM nodes in the JS reporter, but we want to report them in a "dom"
+ // sub-tree rather than a "js" sub-tree.
+ ZRREPORT_BYTES(
+ realmDOMPathPrefix + "orphan-nodes"_ns, realmStats.objectsPrivate,
+ "Orphan DOM nodes, i.e. those that are only reachable from JavaScript "
+ "objects.");
+
+ ZRREPORT_GC_BYTES(
+ realmJSPathPrefix + "scripts/gc-heap"_ns, realmStats.scriptsGCHeap,
+ "JSScript instances. There is one per user-defined function in a "
+ "script, and one for the top-level code in a script.");
+
+ ZRREPORT_BYTES(realmJSPathPrefix + "scripts/malloc-heap/data"_ns,
+ realmStats.scriptsMallocHeapData,
+ "Various variable-length tables in JSScripts.");
+
+ ZRREPORT_BYTES(realmJSPathPrefix + "baseline/data"_ns,
+ realmStats.baselineData,
+ "The Baseline JIT's compilation data (BaselineScripts).");
+
+ ZRREPORT_BYTES(realmJSPathPrefix + "baseline/fallback-stubs"_ns,
+ realmStats.baselineStubsFallback,
+ "The Baseline JIT's fallback IC stubs (excluding code).");
+
+ ZRREPORT_BYTES(realmJSPathPrefix + "ion-data"_ns, realmStats.ionData,
+ "The IonMonkey JIT's compilation data (IonScripts).");
+
+ ZRREPORT_BYTES(realmJSPathPrefix + "jit-scripts"_ns, realmStats.jitScripts,
+ "JIT data associated with scripts.");
+
+ ZRREPORT_BYTES(realmJSPathPrefix + "realm-object"_ns, realmStats.realmObject,
+ "The JS::Realm object itself.");
+
+ ZRREPORT_BYTES(
+ realmJSPathPrefix + "realm-tables"_ns, realmStats.realmTables,
+ "Realm-wide tables storing object group information and wasm instances.");
+
+ ZRREPORT_BYTES(realmJSPathPrefix + "inner-views"_ns,
+ realmStats.innerViewsTable,
+ "The table for array buffer inner views.");
+
+ ZRREPORT_BYTES(
+ realmJSPathPrefix + "object-metadata"_ns, realmStats.objectMetadataTable,
+ "The table used by debugging tools for tracking object metadata");
+
+ ZRREPORT_BYTES(realmJSPathPrefix + "saved-stacks-set"_ns,
+ realmStats.savedStacksSet, "The saved stacks set.");
+
+ ZRREPORT_BYTES(realmJSPathPrefix + "non-syntactic-lexical-scopes-table"_ns,
+ realmStats.nonSyntacticLexicalScopesTable,
+ "The non-syntactic lexical scopes table.");
+
+ ZRREPORT_BYTES(realmJSPathPrefix + "jit-realm"_ns, realmStats.jitRealm,
+ "The JIT realm.");
+
+ if (sundriesGCHeap > 0) {
+ // We deliberately don't use ZRREPORT_GC_BYTES here.
+ REPORT_GC_BYTES(
+ realmJSPathPrefix + "sundries/gc-heap"_ns, sundriesGCHeap,
+ "The sum of all 'gc-heap' measurements that are too small to be "
+ "worth showing individually.");
+ }
+
+ if (sundriesMallocHeap > 0) {
+ // We deliberately don't use ZRREPORT_BYTES here.
+ REPORT_BYTES(
+ realmJSPathPrefix + "sundries/malloc-heap"_ns, KIND_HEAP,
+ sundriesMallocHeap,
+ "The sum of all 'malloc-heap' measurements that are too small to "
+ "be worth showing individually.");
+ }
+
+ if (gcTotalOut) {
+ *gcTotalOut += gcTotal;
+ }
+}
+
+static void ReportScriptSourceStats(const ScriptSourceInfo& scriptSourceInfo,
+ const nsACString& path,
+ nsIHandleReportCallback* handleReport,
+ nsISupports* data, size_t& rtTotal) {
+ if (scriptSourceInfo.misc > 0) {
+ RREPORT_BYTES(path + "misc"_ns, KIND_HEAP, scriptSourceInfo.misc,
+ "Miscellaneous data relating to JavaScript source code.");
+ }
+}
+
+void ReportJSRuntimeExplicitTreeStats(const JS::RuntimeStats& rtStats,
+ const nsACString& rtPath,
+ nsIHandleReportCallback* handleReport,
+ nsISupports* data, bool anonymize,
+ size_t* rtTotalOut) {
+ size_t gcTotal = 0;
+
+ for (const auto& zStats : rtStats.zoneStatsVector) {
+ const xpc::ZoneStatsExtras* extras =
+ static_cast<const xpc::ZoneStatsExtras*>(zStats.extra);
+ ReportZoneStats(zStats, *extras, handleReport, data, anonymize, &gcTotal);
+ }
+
+ for (const auto& realmStats : rtStats.realmStatsVector) {
+ const xpc::RealmStatsExtras* extras =
+ static_cast<const xpc::RealmStatsExtras*>(realmStats.extra);
+
+ ReportRealmStats(realmStats, *extras, handleReport, data, &gcTotal);
+ }
+
+ // Report the rtStats.runtime numbers under "runtime/", and compute their
+ // total for later.
+
+ size_t rtTotal = 0;
+
+ RREPORT_BYTES(rtPath + "runtime/runtime-object"_ns, KIND_HEAP,
+ rtStats.runtime.object, "The JSRuntime object.");
+
+ RREPORT_BYTES(rtPath + "runtime/atoms-table"_ns, KIND_HEAP,
+ rtStats.runtime.atomsTable, "The atoms table.");
+
+ RREPORT_BYTES(rtPath + "runtime/atoms-mark-bitmaps"_ns, KIND_HEAP,
+ rtStats.runtime.atomsMarkBitmaps,
+ "Mark bitmaps for atoms held by each zone.");
+
+ RREPORT_BYTES(rtPath + "runtime/self-host-stencil"_ns, KIND_HEAP,
+ rtStats.runtime.selfHostStencil,
+ "The self-hosting CompilationStencil.");
+
+ RREPORT_BYTES(rtPath + "runtime/contexts"_ns, KIND_HEAP,
+ rtStats.runtime.contexts,
+ "JSContext objects and structures that belong to them.");
+
+ RREPORT_BYTES(
+ rtPath + "runtime/temporary"_ns, KIND_HEAP, rtStats.runtime.temporary,
+ "Transient data (mostly parse nodes) held by the JSRuntime during "
+ "compilation.");
+
+ RREPORT_BYTES(rtPath + "runtime/interpreter-stack"_ns, KIND_HEAP,
+ rtStats.runtime.interpreterStack, "JS interpreter frames.");
+
+ RREPORT_BYTES(
+ rtPath + "runtime/shared-immutable-strings-cache"_ns, KIND_HEAP,
+ rtStats.runtime.sharedImmutableStringsCache,
+ "Immutable strings (such as JS scripts' source text) shared across all "
+ "JSRuntimes.");
+
+ RREPORT_BYTES(rtPath + "runtime/shared-intl-data"_ns, KIND_HEAP,
+ rtStats.runtime.sharedIntlData,
+ "Shared internationalization data.");
+
+ RREPORT_BYTES(rtPath + "runtime/uncompressed-source-cache"_ns, KIND_HEAP,
+ rtStats.runtime.uncompressedSourceCache,
+ "The uncompressed source code cache.");
+
+ RREPORT_BYTES(rtPath + "runtime/script-data"_ns, KIND_HEAP,
+ rtStats.runtime.scriptData,
+ "The table holding script data shared in the runtime.");
+
+ nsCString nonNotablePath =
+ rtPath +
+ nsPrintfCString(
+ "runtime/script-sources/source(scripts=%d, <non-notable files>)/",
+ rtStats.runtime.scriptSourceInfo.numScripts);
+
+ ReportScriptSourceStats(rtStats.runtime.scriptSourceInfo, nonNotablePath,
+ handleReport, data, rtTotal);
+
+ for (size_t i = 0; i < rtStats.runtime.notableScriptSources.length(); i++) {
+ const JS::NotableScriptSourceInfo& scriptSourceInfo =
+ rtStats.runtime.notableScriptSources[i];
+
+ // Escape / to \ before we put the filename into the memory reporter
+ // path, because we don't want any forward slashes in the string to
+ // count as path separators. Consumers of memory reporters (e.g.
+ // about:memory) will convert them back to / after doing path
+ // splitting.
+ nsCString escapedFilename;
+ if (anonymize) {
+ escapedFilename.AppendPrintf("<anonymized-source-%d>", int(i));
+ } else {
+ nsDependentCString filename(scriptSourceInfo.filename_.get());
+ escapedFilename.Append(filename);
+ escapedFilename.ReplaceSubstring("/", "\\");
+ }
+
+ nsCString notablePath =
+ rtPath +
+ nsPrintfCString("runtime/script-sources/source(scripts=%d, %s)/",
+ scriptSourceInfo.numScripts, escapedFilename.get());
+
+ ReportScriptSourceStats(scriptSourceInfo, notablePath, handleReport, data,
+ rtTotal);
+ }
+
+ RREPORT_BYTES(rtPath + "runtime/gc/marker"_ns, KIND_HEAP,
+ rtStats.runtime.gc.marker, "The GC mark stack and gray roots.");
+
+ RREPORT_BYTES(rtPath + "runtime/gc/nursery-committed"_ns, KIND_NONHEAP,
+ rtStats.runtime.gc.nurseryCommitted,
+ "Memory being used by the GC's nursery.");
+
+ RREPORT_BYTES(
+ rtPath + "runtime/gc/nursery-malloced-buffers"_ns, KIND_HEAP,
+ rtStats.runtime.gc.nurseryMallocedBuffers,
+ "Out-of-line slots and elements belonging to objects in the nursery.");
+
+ RREPORT_BYTES(rtPath + "runtime/gc/store-buffer/vals"_ns, KIND_HEAP,
+ rtStats.runtime.gc.storeBufferVals,
+ "Values in the store buffer.");
+
+ RREPORT_BYTES(rtPath + "runtime/gc/store-buffer/cells"_ns, KIND_HEAP,
+ rtStats.runtime.gc.storeBufferCells,
+ "Cells in the store buffer.");
+
+ RREPORT_BYTES(rtPath + "runtime/gc/store-buffer/slots"_ns, KIND_HEAP,
+ rtStats.runtime.gc.storeBufferSlots,
+ "Slots in the store buffer.");
+
+ RREPORT_BYTES(rtPath + "runtime/gc/store-buffer/whole-cells"_ns, KIND_HEAP,
+ rtStats.runtime.gc.storeBufferWholeCells,
+ "Whole cells in the store buffer.");
+
+ RREPORT_BYTES(rtPath + "runtime/gc/store-buffer/generics"_ns, KIND_HEAP,
+ rtStats.runtime.gc.storeBufferGenerics,
+ "Generic things in the store buffer.");
+
+ RREPORT_BYTES(rtPath + "runtime/jit-lazylink"_ns, KIND_HEAP,
+ rtStats.runtime.jitLazyLink,
+ "IonMonkey compilations waiting for lazy linking.");
+
+ if (rtTotalOut) {
+ *rtTotalOut = rtTotal;
+ }
+
+ // Report GC numbers that don't belong to a realm.
+
+ // We don't want to report decommitted memory in "explicit", so we just
+ // change the leading "explicit/" to "decommitted/".
+ nsCString rtPath2(rtPath);
+ rtPath2.ReplaceLiteral(0, strlen("explicit"), "decommitted");
+
+ REPORT_GC_BYTES(
+ rtPath2 + "gc-heap/decommitted-pages"_ns, rtStats.gcHeapDecommittedPages,
+ "GC arenas in non-empty chunks that is decommitted, i.e. it takes up "
+ "address space but no physical memory or swap space.");
+
+ REPORT_GC_BYTES(
+ rtPath + "gc-heap/unused-chunks"_ns, rtStats.gcHeapUnusedChunks,
+ "Empty GC chunks which will soon be released unless claimed for new "
+ "allocations.");
+
+ REPORT_GC_BYTES(rtPath + "gc-heap/unused-arenas"_ns,
+ rtStats.gcHeapUnusedArenas,
+ "Empty GC arenas within non-empty chunks.");
+
+ REPORT_GC_BYTES(rtPath + "gc-heap/chunk-admin"_ns, rtStats.gcHeapChunkAdmin,
+ "Bookkeeping information within GC chunks.");
+
+ // gcTotal is the sum of everything we've reported for the GC heap. It
+ // should equal rtStats.gcHeapChunkTotal.
+ MOZ_ASSERT(gcTotal == rtStats.gcHeapChunkTotal);
+}
+
+} // namespace xpc
+
+class JSMainRuntimeRealmsReporter final : public nsIMemoryReporter {
+ ~JSMainRuntimeRealmsReporter() = default;
+
+ public:
+ NS_DECL_ISUPPORTS
+
+ struct Data {
+ int anonymizeID;
+ js::Vector<nsCString, 0, js::SystemAllocPolicy> paths;
+ };
+
+ static void RealmCallback(JSContext* cx, void* vdata, Realm* realm,
+ const JS::AutoRequireNoGC& nogc) {
+ // silently ignore OOM errors
+ Data* data = static_cast<Data*>(vdata);
+ nsCString path;
+ GetRealmName(realm, path, &data->anonymizeID, /* replaceSlashes = */ true);
+ path.Insert(js::IsSystemRealm(realm) ? "js-main-runtime-realms/system/"_ns
+ : "js-main-runtime-realms/user/"_ns,
+ 0);
+ mozilla::Unused << data->paths.append(path);
+ }
+
+ NS_IMETHOD CollectReports(nsIHandleReportCallback* handleReport,
+ nsISupports* data, bool anonymize) override {
+ // First we collect the realm paths. Then we report them. Doing
+ // the two steps interleaved is a bad idea, because calling
+ // |handleReport| from within RealmCallback() leads to all manner
+ // of assertions.
+
+ Data d;
+ d.anonymizeID = anonymize ? 1 : 0;
+ JS::IterateRealms(XPCJSContext::Get()->Context(), &d, RealmCallback);
+
+ for (auto& path : d.paths) {
+ REPORT(nsCString(path), KIND_OTHER, UNITS_COUNT, 1,
+ "A live realm in the main JSRuntime.");
+ }
+
+ return NS_OK;
+ }
+};
+
+NS_IMPL_ISUPPORTS(JSMainRuntimeRealmsReporter, nsIMemoryReporter)
+
+MOZ_DEFINE_MALLOC_SIZE_OF(OrphanMallocSizeOf)
+
+namespace xpc {
+
+class OrphanReporter : public JS::ObjectPrivateVisitor {
+ public:
+ explicit OrphanReporter(GetISupportsFun aGetISupports)
+ : JS::ObjectPrivateVisitor(aGetISupports), mState(OrphanMallocSizeOf) {}
+
+ virtual size_t sizeOfIncludingThis(nsISupports* aSupports) override {
+ nsCOMPtr<nsINode> node = do_QueryInterface(aSupports);
+ if (!node || node->IsInComposedDoc()) {
+ return 0;
+ }
+
+ // This is an orphan node. If we haven't already handled the sub-tree that
+ // this node belongs to, measure the sub-tree's size and then record its
+ // root so we don't measure it again.
+ nsCOMPtr<nsINode> orphanTree = node->SubtreeRoot();
+ if (!orphanTree || mState.HaveSeenPtr(orphanTree.get())) {
+ return 0;
+ }
+
+ nsWindowSizes sizes(mState);
+ mozilla::dom::Document::AddSizeOfNodeTree(*orphanTree, sizes);
+
+ // We combine the node size with nsStyleSizes here. It's not ideal, but it's
+ // hard to get the style structs measurements out to nsWindowMemoryReporter.
+ // Also, we drop mServoData in UnbindFromTree(), so in theory any
+ // non-in-tree element won't have any style data to measure.
+ //
+ // FIXME(emilio): We should ideally not do this, since ShadowRoots keep
+ // their StyleSheets alive even when detached from a document, and those
+ // could be significant in theory.
+ return sizes.getTotalSize();
+ }
+
+ private:
+ SizeOfState mState;
+};
+
+#ifdef DEBUG
+static bool StartsWithExplicit(nsACString& s) {
+ return StringBeginsWith(s, "explicit/"_ns);
+}
+#endif
+
+class XPCJSRuntimeStats : public JS::RuntimeStats {
+ WindowPaths* mWindowPaths;
+ WindowPaths* mTopWindowPaths;
+ int mAnonymizeID;
+
+ public:
+ XPCJSRuntimeStats(WindowPaths* windowPaths, WindowPaths* topWindowPaths,
+ bool anonymize)
+ : JS::RuntimeStats(JSMallocSizeOf),
+ mWindowPaths(windowPaths),
+ mTopWindowPaths(topWindowPaths),
+ mAnonymizeID(anonymize ? 1 : 0) {}
+
+ ~XPCJSRuntimeStats() {
+ for (size_t i = 0; i != realmStatsVector.length(); ++i) {
+ delete static_cast<xpc::RealmStatsExtras*>(realmStatsVector[i].extra);
+ }
+
+ for (size_t i = 0; i != zoneStatsVector.length(); ++i) {
+ delete static_cast<xpc::ZoneStatsExtras*>(zoneStatsVector[i].extra);
+ }
+ }
+
+ virtual void initExtraZoneStats(JS::Zone* zone, JS::ZoneStats* zStats,
+ const JS::AutoRequireNoGC& nogc) override {
+ xpc::ZoneStatsExtras* extras = new xpc::ZoneStatsExtras;
+ extras->pathPrefix.AssignLiteral("explicit/js-non-window/zones/");
+
+ // Get some global in this zone.
+ Rooted<Realm*> realm(dom::RootingCx(), js::GetAnyRealmInZone(zone));
+ if (realm) {
+ RootedObject global(dom::RootingCx(), JS::GetRealmGlobalOrNull(realm));
+ if (global) {
+ RefPtr<nsGlobalWindowInner> window;
+ if (NS_SUCCEEDED(UNWRAP_NON_WRAPPER_OBJECT(Window, global, window))) {
+ // The global is a |window| object. Use the path prefix that
+ // we should have already created for it.
+ if (mTopWindowPaths->Get(window->WindowID(), &extras->pathPrefix)) {
+ extras->pathPrefix.AppendLiteral("/js-");
+ }
+ }
+ }
+ }
+
+ extras->pathPrefix += nsPrintfCString("zone(0x%p)/", (void*)zone);
+
+ MOZ_ASSERT(StartsWithExplicit(extras->pathPrefix));
+
+ zStats->extra = extras;
+ }
+
+ virtual void initExtraRealmStats(Realm* realm, JS::RealmStats* realmStats,
+ const JS::AutoRequireNoGC& nogc) override {
+ xpc::RealmStatsExtras* extras = new xpc::RealmStatsExtras;
+ nsCString rName;
+ GetRealmName(realm, rName, &mAnonymizeID, /* replaceSlashes = */ true);
+
+ // Get the realm's global.
+ bool needZone = true;
+ RootedObject global(dom::RootingCx(), JS::GetRealmGlobalOrNull(realm));
+ if (global) {
+ RefPtr<nsGlobalWindowInner> window;
+ if (NS_SUCCEEDED(UNWRAP_NON_WRAPPER_OBJECT(Window, global, window))) {
+ // The global is a |window| object. Use the path prefix that
+ // we should have already created for it.
+ if (mWindowPaths->Get(window->WindowID(), &extras->jsPathPrefix)) {
+ extras->domPathPrefix.Assign(extras->jsPathPrefix);
+ extras->domPathPrefix.AppendLiteral("/dom/");
+ extras->jsPathPrefix.AppendLiteral("/js-");
+ needZone = false;
+ } else {
+ extras->jsPathPrefix.AssignLiteral("explicit/js-non-window/zones/");
+ extras->domPathPrefix.AssignLiteral(
+ "explicit/dom/unknown-window-global?!/");
+ }
+ } else {
+ extras->jsPathPrefix.AssignLiteral("explicit/js-non-window/zones/");
+ extras->domPathPrefix.AssignLiteral(
+ "explicit/dom/non-window-global?!/");
+ }
+ } else {
+ extras->jsPathPrefix.AssignLiteral("explicit/js-non-window/zones/");
+ extras->domPathPrefix.AssignLiteral("explicit/dom/no-global?!/");
+ }
+
+ if (needZone) {
+ extras->jsPathPrefix +=
+ nsPrintfCString("zone(0x%p)/", (void*)js::GetRealmZone(realm));
+ }
+
+ extras->jsPathPrefix += "realm("_ns + rName + ")/"_ns;
+
+ // extras->jsPathPrefix is used for almost all the realm-specific
+ // reports. At this point it has the form
+ // "<something>realm(<rname>)/".
+ //
+ // extras->domPathPrefix is used for DOM orphan nodes, which are
+ // counted by the JS reporter but reported as part of the DOM
+ // measurements. At this point it has the form "<something>/dom/" if
+ // this realm belongs to an nsGlobalWindow, and
+ // "explicit/dom/<something>?!/" otherwise (in which case it shouldn't
+ // be used, because non-nsGlobalWindow realms shouldn't have
+ // orphan DOM nodes).
+
+ MOZ_ASSERT(StartsWithExplicit(extras->jsPathPrefix));
+ MOZ_ASSERT(StartsWithExplicit(extras->domPathPrefix));
+
+ realmStats->extra = extras;
+ }
+};
+
+void JSReporter::CollectReports(WindowPaths* windowPaths,
+ WindowPaths* topWindowPaths,
+ nsIHandleReportCallback* handleReport,
+ nsISupports* data, bool anonymize) {
+ XPCJSRuntime* xpcrt = nsXPConnect::GetRuntimeInstance();
+
+ // In the first step we get all the stats and stash them in a local
+ // data structure. In the second step we pass all the stashed stats to
+ // the callback. Separating these steps is important because the
+ // callback may be a JS function, and executing JS while getting these
+ // stats seems like a bad idea.
+
+ XPCJSRuntimeStats rtStats(windowPaths, topWindowPaths, anonymize);
+ OrphanReporter orphanReporter(XPCConvert::GetISupportsFromJSObject);
+ JSContext* cx = XPCJSContext::Get()->Context();
+ if (!JS::CollectRuntimeStats(cx, &rtStats, &orphanReporter, anonymize)) {
+ return;
+ }
+
+ // Collect JS stats not associated with a Runtime such as helper threads or
+ // global tracelogger data. We do this here in JSReporter::CollectReports
+ // as this is used for the main Runtime in process.
+ JS::GlobalStats gStats(JSMallocSizeOf);
+ if (!JS::CollectGlobalStats(&gStats)) {
+ return;
+ }
+
+ size_t xpcJSRuntimeSize = xpcrt->SizeOfIncludingThis(JSMallocSizeOf);
+
+ size_t wrappedJSSize =
+ xpcrt->GetMultiCompartmentWrappedJSMap()->SizeOfWrappedJS(JSMallocSizeOf);
+
+ XPCWrappedNativeScope::ScopeSizeInfo sizeInfo(JSMallocSizeOf);
+ XPCWrappedNativeScope::AddSizeOfAllScopesIncludingThis(cx, &sizeInfo);
+
+ mozJSModuleLoader* loader = mozJSModuleLoader::Get();
+ size_t jsModuleLoaderSize =
+ loader ? loader->SizeOfIncludingThis(JSMallocSizeOf) : 0;
+ mozJSModuleLoader* devToolsLoader = mozJSModuleLoader::GetDevToolsLoader();
+ size_t jsDevToolsModuleLoaderSize =
+ devToolsLoader ? devToolsLoader->SizeOfIncludingThis(JSMallocSizeOf) : 0;
+
+ // This is the second step (see above). First we report stuff in the
+ // "explicit" tree, then we report other stuff.
+
+ size_t rtTotal = 0;
+ xpc::ReportJSRuntimeExplicitTreeStats(rtStats, "explicit/js-non-window/"_ns,
+ handleReport, data, anonymize,
+ &rtTotal);
+
+ // Report the sums of the realm numbers.
+ xpc::RealmStatsExtras realmExtrasTotal;
+ realmExtrasTotal.jsPathPrefix.AssignLiteral("js-main-runtime/realms/");
+ realmExtrasTotal.domPathPrefix.AssignLiteral("window-objects/dom/");
+ ReportRealmStats(rtStats.realmTotals, realmExtrasTotal, handleReport, data);
+
+ xpc::ZoneStatsExtras zExtrasTotal;
+ zExtrasTotal.pathPrefix.AssignLiteral("js-main-runtime/zones/");
+ ReportZoneStats(rtStats.zTotals, zExtrasTotal, handleReport, data, anonymize);
+
+ // Report the sum of the runtime/ numbers.
+ REPORT_BYTES(
+ "js-main-runtime/runtime"_ns, KIND_OTHER, rtTotal,
+ "The sum of all measurements under 'explicit/js-non-window/runtime/'.");
+
+ // Report the number of HelperThread
+
+ REPORT("js-helper-threads/idle"_ns, KIND_OTHER, UNITS_COUNT,
+ gStats.helperThread.idleThreadCount,
+ "The current number of idle JS HelperThreads.");
+
+ REPORT(
+ "js-helper-threads/active"_ns, KIND_OTHER, UNITS_COUNT,
+ gStats.helperThread.activeThreadCount,
+ "The current number of active JS HelperThreads. Memory held by these is"
+ " not reported.");
+
+ // Report the numbers for memory used by wasm Runtime state.
+ REPORT_BYTES("wasm-runtime"_ns, KIND_OTHER, rtStats.runtime.wasmRuntime,
+ "The memory used for wasm runtime bookkeeping.");
+
+ // Although wasm guard pages aren't committed in memory they can be very
+ // large and contribute greatly to vsize and so are worth reporting.
+ if (rtStats.runtime.wasmGuardPages > 0) {
+ REPORT_BYTES(
+ "wasm-guard-pages"_ns, KIND_OTHER, rtStats.runtime.wasmGuardPages,
+ "Guard pages mapped after the end of wasm memories, reserved for "
+ "optimization tricks, but not committed and thus never contributing"
+ " to RSS, only vsize.");
+ }
+
+ // Report the numbers for memory outside of realms.
+
+ REPORT_BYTES("js-main-runtime/gc-heap/unused-chunks"_ns, KIND_OTHER,
+ rtStats.gcHeapUnusedChunks,
+ "The same as 'explicit/js-non-window/gc-heap/unused-chunks'.");
+
+ REPORT_BYTES("js-main-runtime/gc-heap/unused-arenas"_ns, KIND_OTHER,
+ rtStats.gcHeapUnusedArenas,
+ "The same as 'explicit/js-non-window/gc-heap/unused-arenas'.");
+
+ REPORT_BYTES("js-main-runtime/gc-heap/chunk-admin"_ns, KIND_OTHER,
+ rtStats.gcHeapChunkAdmin,
+ "The same as 'explicit/js-non-window/gc-heap/chunk-admin'.");
+
+ // Report a breakdown of the committed GC space.
+
+ REPORT_BYTES("js-main-runtime-gc-heap-committed/unused/chunks"_ns, KIND_OTHER,
+ rtStats.gcHeapUnusedChunks,
+ "The same as 'explicit/js-non-window/gc-heap/unused-chunks'.");
+
+ REPORT_BYTES("js-main-runtime-gc-heap-committed/unused/arenas"_ns, KIND_OTHER,
+ rtStats.gcHeapUnusedArenas,
+ "The same as 'explicit/js-non-window/gc-heap/unused-arenas'.");
+
+ REPORT_BYTES(
+ nsLiteralCString(
+ "js-main-runtime-gc-heap-committed/unused/gc-things/objects"),
+ KIND_OTHER, rtStats.zTotals.unusedGCThings.object,
+ "Unused object cells within non-empty arenas.");
+
+ REPORT_BYTES(
+ nsLiteralCString(
+ "js-main-runtime-gc-heap-committed/unused/gc-things/strings"),
+ KIND_OTHER, rtStats.zTotals.unusedGCThings.string,
+ "Unused string cells within non-empty arenas.");
+
+ REPORT_BYTES(
+ nsLiteralCString(
+ "js-main-runtime-gc-heap-committed/unused/gc-things/symbols"),
+ KIND_OTHER, rtStats.zTotals.unusedGCThings.symbol,
+ "Unused symbol cells within non-empty arenas.");
+
+ REPORT_BYTES(nsLiteralCString(
+ "js-main-runtime-gc-heap-committed/unused/gc-things/shapes"),
+ KIND_OTHER, rtStats.zTotals.unusedGCThings.shape,
+ "Unused shape cells within non-empty arenas.");
+
+ REPORT_BYTES(
+ nsLiteralCString(
+ "js-main-runtime-gc-heap-committed/unused/gc-things/base-shapes"),
+ KIND_OTHER, rtStats.zTotals.unusedGCThings.baseShape,
+ "Unused base shape cells within non-empty arenas.");
+
+ REPORT_BYTES(
+ nsLiteralCString(
+ "js-main-runtime-gc-heap-committed/unused/gc-things/getter-setters"),
+ KIND_OTHER, rtStats.zTotals.unusedGCThings.getterSetter,
+ "Unused getter-setter cells within non-empty arenas.");
+
+ REPORT_BYTES(
+ nsLiteralCString(
+ "js-main-runtime-gc-heap-committed/unused/gc-things/property-maps"),
+ KIND_OTHER, rtStats.zTotals.unusedGCThings.propMap,
+ "Unused property map cells within non-empty arenas.");
+
+ REPORT_BYTES(nsLiteralCString(
+ "js-main-runtime-gc-heap-committed/unused/gc-things/scopes"),
+ KIND_OTHER, rtStats.zTotals.unusedGCThings.scope,
+ "Unused scope cells within non-empty arenas.");
+
+ REPORT_BYTES(
+ nsLiteralCString(
+ "js-main-runtime-gc-heap-committed/unused/gc-things/scripts"),
+ KIND_OTHER, rtStats.zTotals.unusedGCThings.script,
+ "Unused script cells within non-empty arenas.");
+
+ REPORT_BYTES(
+ nsLiteralCString(
+ "js-main-runtime-gc-heap-committed/unused/gc-things/jitcode"),
+ KIND_OTHER, rtStats.zTotals.unusedGCThings.jitcode,
+ "Unused jitcode cells within non-empty arenas.");
+
+ REPORT_BYTES(
+ nsLiteralCString(
+ "js-main-runtime-gc-heap-committed/unused/gc-things/regexp-shareds"),
+ KIND_OTHER, rtStats.zTotals.unusedGCThings.regExpShared,
+ "Unused regexpshared cells within non-empty arenas.");
+
+ REPORT_BYTES("js-main-runtime-gc-heap-committed/used/chunk-admin"_ns,
+ KIND_OTHER, rtStats.gcHeapChunkAdmin,
+ "The same as 'explicit/js-non-window/gc-heap/chunk-admin'.");
+
+ REPORT_BYTES("js-main-runtime-gc-heap-committed/used/arena-admin"_ns,
+ KIND_OTHER, rtStats.zTotals.gcHeapArenaAdmin,
+ "The same as 'js-main-runtime/zones/gc-heap-arena-admin'.");
+
+ size_t gcThingTotal = 0;
+
+ MREPORT_BYTES(nsLiteralCString(
+ "js-main-runtime-gc-heap-committed/used/gc-things/objects"),
+ KIND_OTHER, rtStats.realmTotals.classInfo.objectsGCHeap,
+ "Used object cells.");
+
+ MREPORT_BYTES(nsLiteralCString(
+ "js-main-runtime-gc-heap-committed/used/gc-things/strings"),
+ KIND_OTHER, rtStats.zTotals.stringInfo.sizeOfLiveGCThings(),
+ "Used string cells.");
+
+ MREPORT_BYTES(nsLiteralCString(
+ "js-main-runtime-gc-heap-committed/used/gc-things/symbols"),
+ KIND_OTHER, rtStats.zTotals.symbolsGCHeap,
+ "Used symbol cells.");
+
+ MREPORT_BYTES(nsLiteralCString(
+ "js-main-runtime-gc-heap-committed/used/gc-things/shapes"),
+ KIND_OTHER,
+ rtStats.zTotals.shapeInfo.shapesGCHeapShared +
+ rtStats.zTotals.shapeInfo.shapesGCHeapDict,
+ "Used shape cells.");
+
+ MREPORT_BYTES(
+ nsLiteralCString(
+ "js-main-runtime-gc-heap-committed/used/gc-things/base-shapes"),
+ KIND_OTHER, rtStats.zTotals.shapeInfo.shapesGCHeapBase,
+ "Used base shape cells.");
+
+ MREPORT_BYTES(
+ nsLiteralCString(
+ "js-main-runtime-gc-heap-committed/used/gc-things/getter-setters"),
+ KIND_OTHER, rtStats.zTotals.getterSettersGCHeap,
+ "Used getter/setter cells.");
+
+ MREPORT_BYTES(
+ nsLiteralCString(
+ "js-main-runtime-gc-heap-committed/used/gc-things/property-maps"),
+ KIND_OTHER,
+ rtStats.zTotals.dictPropMapsGCHeap +
+ rtStats.zTotals.compactPropMapsGCHeap +
+ rtStats.zTotals.normalPropMapsGCHeap,
+ "Used property map cells.");
+
+ MREPORT_BYTES(nsLiteralCString(
+ "js-main-runtime-gc-heap-committed/used/gc-things/scopes"),
+ KIND_OTHER, rtStats.zTotals.scopesGCHeap, "Used scope cells.");
+
+ MREPORT_BYTES(nsLiteralCString(
+ "js-main-runtime-gc-heap-committed/used/gc-things/scripts"),
+ KIND_OTHER, rtStats.realmTotals.scriptsGCHeap,
+ "Used script cells.");
+
+ MREPORT_BYTES(nsLiteralCString(
+ "js-main-runtime-gc-heap-committed/used/gc-things/jitcode"),
+ KIND_OTHER, rtStats.zTotals.jitCodesGCHeap,
+ "Used jitcode cells.");
+
+ MREPORT_BYTES(
+ nsLiteralCString(
+ "js-main-runtime-gc-heap-committed/used/gc-things/regexp-shareds"),
+ KIND_OTHER, rtStats.zTotals.regExpSharedsGCHeap,
+ "Used regexpshared cells.");
+
+ MOZ_ASSERT(gcThingTotal == rtStats.gcHeapGCThings);
+ (void)gcThingTotal;
+
+ // Report xpconnect.
+
+ REPORT_BYTES("explicit/xpconnect/runtime"_ns, KIND_HEAP, xpcJSRuntimeSize,
+ "The XPConnect runtime.");
+
+ REPORT_BYTES("explicit/xpconnect/wrappedjs"_ns, KIND_HEAP, wrappedJSSize,
+ "Wrappers used to implement XPIDL interfaces with JS.");
+
+ REPORT_BYTES("explicit/xpconnect/scopes"_ns, KIND_HEAP,
+ sizeInfo.mScopeAndMapSize, "XPConnect scopes.");
+
+ REPORT_BYTES("explicit/xpconnect/proto-iface-cache"_ns, KIND_HEAP,
+ sizeInfo.mProtoAndIfaceCacheSize,
+ "Prototype and interface binding caches.");
+
+ REPORT_BYTES("explicit/xpconnect/js-module-loader"_ns, KIND_HEAP,
+ jsModuleLoaderSize, "XPConnect's JS module loader.");
+ REPORT_BYTES("explicit/xpconnect/js-devtools-module-loader"_ns, KIND_HEAP,
+ jsDevToolsModuleLoaderSize, "DevTools's JS module loader.");
+
+ // Report HelperThreadState.
+
+ REPORT_BYTES("explicit/js-non-window/helper-thread/heap-other"_ns, KIND_HEAP,
+ gStats.helperThread.stateData,
+ "Memory used by HelperThreadState.");
+
+ REPORT_BYTES("explicit/js-non-window/helper-thread/parse-task"_ns, KIND_HEAP,
+ gStats.helperThread.parseTask,
+ "The memory used by ParseTasks waiting in HelperThreadState.");
+
+ REPORT_BYTES(
+ "explicit/js-non-window/helper-thread/ion-compile-task"_ns, KIND_HEAP,
+ gStats.helperThread.ionCompileTask,
+ "The memory used by IonCompileTasks waiting in HelperThreadState.");
+
+ REPORT_BYTES(
+ "explicit/js-non-window/helper-thread/wasm-compile"_ns, KIND_HEAP,
+ gStats.helperThread.wasmCompile,
+ "The memory used by Wasm compilations waiting in HelperThreadState.");
+
+ REPORT_BYTES("explicit/js-non-window/helper-thread/contexts"_ns, KIND_HEAP,
+ gStats.helperThread.contexts,
+ "The memory used by the JSContexts in HelperThreadState.");
+}
+
+static nsresult JSSizeOfTab(JSObject* objArg, size_t* jsObjectsSize,
+ size_t* jsStringsSize, size_t* jsPrivateSize,
+ size_t* jsOtherSize) {
+ JSContext* cx = XPCJSContext::Get()->Context();
+ JS::RootedObject obj(cx, objArg);
+
+ TabSizes sizes;
+ OrphanReporter orphanReporter(XPCConvert::GetISupportsFromJSObject);
+ NS_ENSURE_TRUE(
+ JS::AddSizeOfTab(cx, obj, moz_malloc_size_of, &orphanReporter, &sizes),
+ NS_ERROR_OUT_OF_MEMORY);
+
+ *jsObjectsSize = sizes.objects_;
+ *jsStringsSize = sizes.strings_;
+ *jsPrivateSize = sizes.private_;
+ *jsOtherSize = sizes.other_;
+ return NS_OK;
+}
+
+} // namespace xpc
+
+static void AccumulateTelemetryCallback(JSMetric id, uint32_t sample) {
+ // clang-format off
+ switch (id) {
+#define CASE_ACCUMULATE(NAME, _) \
+ case JSMetric::NAME: \
+ Telemetry::Accumulate(Telemetry::NAME, sample); \
+ break;
+
+ FOR_EACH_JS_METRIC(CASE_ACCUMULATE)
+#undef CASE_ACCUMULATE
+
+ default:
+ MOZ_CRASH("Bad metric id");
+ }
+ // clang-format on
+}
+
+static void SetUseCounterCallback(JSObject* obj, JSUseCounter counter) {
+ switch (counter) {
+ case JSUseCounter::ASMJS:
+ SetUseCounter(obj, eUseCounter_custom_JS_asmjs);
+ break;
+ case JSUseCounter::WASM:
+ SetUseCounter(obj, eUseCounter_custom_JS_wasm);
+ break;
+ default:
+ MOZ_ASSERT_UNREACHABLE("Unexpected JSUseCounter id");
+ }
+}
+
+static void GetRealmNameCallback(JSContext* cx, Realm* realm, char* buf,
+ size_t bufsize,
+ const JS::AutoRequireNoGC& nogc) {
+ nsCString name;
+ // This is called via the JSAPI and isn't involved in memory reporting, so
+ // we don't need to anonymize realm names.
+ int anonymizeID = 0;
+ GetRealmName(realm, name, &anonymizeID, /* replaceSlashes = */ false);
+ if (name.Length() >= bufsize) {
+ name.Truncate(bufsize - 1);
+ }
+ memcpy(buf, name.get(), name.Length() + 1);
+}
+
+static void DestroyRealm(JS::GCContext* gcx, JS::Realm* realm) {
+ // Get the current compartment private into an AutoPtr (which will do the
+ // cleanup for us), and null out the private field.
+ mozilla::UniquePtr<RealmPrivate> priv(RealmPrivate::Get(realm));
+ JS::SetRealmPrivate(realm, nullptr);
+}
+
+static bool PreserveWrapper(JSContext* cx, JS::Handle<JSObject*> obj) {
+ MOZ_ASSERT(cx);
+ MOZ_ASSERT(obj);
+ MOZ_ASSERT(mozilla::dom::IsDOMObject(obj));
+
+ if (!mozilla::dom::TryPreserveWrapper(obj)) {
+ return false;
+ }
+
+ MOZ_ASSERT(!mozilla::dom::HasReleasedWrapper(obj),
+ "There should be no released wrapper since we just preserved it");
+
+ return true;
+}
+
+static nsresult ReadSourceFromFilename(JSContext* cx, const char* filename,
+ char16_t** twoByteSource,
+ char** utf8Source, size_t* len) {
+ MOZ_ASSERT(*len == 0);
+ MOZ_ASSERT((twoByteSource != nullptr) != (utf8Source != nullptr),
+ "must be called requesting only one of UTF-8 or UTF-16 source");
+ MOZ_ASSERT_IF(twoByteSource, !*twoByteSource);
+ MOZ_ASSERT_IF(utf8Source, !*utf8Source);
+
+ nsresult rv;
+
+ // mozJSSubScriptLoader prefixes the filenames of the scripts it loads with
+ // the filename of its caller. Axe that if present.
+ const char* arrow;
+ while ((arrow = strstr(filename, " -> "))) {
+ filename = arrow + strlen(" -> ");
+ }
+
+ // Get the URI.
+ nsCOMPtr<nsIURI> uri;
+ rv = NS_NewURI(getter_AddRefs(uri), filename);
+ NS_ENSURE_SUCCESS(rv, rv);
+
+ nsCOMPtr<nsIChannel> scriptChannel;
+ rv = NS_NewChannel(getter_AddRefs(scriptChannel), uri,
+ nsContentUtils::GetSystemPrincipal(),
+ nsILoadInfo::SEC_ALLOW_CROSS_ORIGIN_SEC_CONTEXT_IS_NULL,
+ nsIContentPolicy::TYPE_OTHER);
+ NS_ENSURE_SUCCESS(rv, rv);
+
+ // Only allow local reading.
+ nsCOMPtr<nsIURI> actualUri;
+ rv = scriptChannel->GetURI(getter_AddRefs(actualUri));
+ NS_ENSURE_SUCCESS(rv, rv);
+ nsCString scheme;
+ rv = actualUri->GetScheme(scheme);
+ NS_ENSURE_SUCCESS(rv, rv);
+ if (!scheme.EqualsLiteral("file") && !scheme.EqualsLiteral("jar")) {
+ return NS_OK;
+ }
+
+ // Explicitly set the content type so that we don't load the
+ // exthandler to guess it.
+ scriptChannel->SetContentType("text/plain"_ns);
+
+ nsCOMPtr<nsIInputStream> scriptStream;
+ rv = scriptChannel->Open(getter_AddRefs(scriptStream));
+ NS_ENSURE_SUCCESS(rv, rv);
+
+ uint64_t rawLen;
+ rv = scriptStream->Available(&rawLen);
+ NS_ENSURE_SUCCESS(rv, rv);
+ if (!rawLen) {
+ return NS_ERROR_FAILURE;
+ }
+
+ // Technically, this should be SIZE_MAX, but we don't run on machines
+ // where that would be less than UINT32_MAX, and the latter is already
+ // well beyond a reasonable limit.
+ if (rawLen > UINT32_MAX) {
+ return NS_ERROR_FILE_TOO_BIG;
+ }
+
+ // Allocate a buffer the size of the file to initially fill with the UTF-8
+ // contents of the file. Use the JS allocator so that if UTF-8 source was
+ // requested, we can return this memory directly.
+ JS::UniqueChars buf(js_pod_malloc<char>(rawLen));
+ if (!buf) {
+ return NS_ERROR_OUT_OF_MEMORY;
+ }
+
+ char* ptr = buf.get();
+ char* end = ptr + rawLen;
+ while (ptr < end) {
+ uint32_t bytesRead;
+ rv = scriptStream->Read(ptr, PointerRangeSize(ptr, end), &bytesRead);
+ if (NS_FAILED(rv)) {
+ return rv;
+ }
+ MOZ_ASSERT(bytesRead > 0, "stream promised more bytes before EOF");
+ ptr += bytesRead;
+ }
+
+ if (utf8Source) {
+ // |buf| is already UTF-8, so we can directly return it.
+ *len = rawLen;
+ *utf8Source = buf.release();
+ } else {
+ MOZ_ASSERT(twoByteSource != nullptr);
+
+ // |buf| can't be directly returned -- convert it to UTF-16.
+
+ // On success this overwrites |*twoByteSource| and |*len|.
+ rv = ScriptLoader::ConvertToUTF16(
+ scriptChannel, reinterpret_cast<const unsigned char*>(buf.get()),
+ rawLen, u"UTF-8"_ns, nullptr, *twoByteSource, *len);
+ NS_ENSURE_SUCCESS(rv, rv);
+
+ if (!*twoByteSource) {
+ return NS_ERROR_FAILURE;
+ }
+ }
+
+ return NS_OK;
+}
+
+// The JS engine calls this object's 'load' member function when it needs
+// the source for a chrome JS function. See the comment in the XPCJSRuntime
+// constructor.
+class XPCJSSourceHook : public js::SourceHook {
+ bool load(JSContext* cx, const char* filename, char16_t** twoByteSource,
+ char** utf8Source, size_t* length) override {
+ MOZ_ASSERT((twoByteSource != nullptr) != (utf8Source != nullptr),
+ "must be called requesting only one of UTF-8 or UTF-16 source");
+
+ *length = 0;
+ if (twoByteSource) {
+ *twoByteSource = nullptr;
+ } else {
+ *utf8Source = nullptr;
+ }
+
+ if (!nsContentUtils::IsSystemCaller(cx)) {
+ return true;
+ }
+
+ if (!filename) {
+ return true;
+ }
+
+ nsresult rv =
+ ReadSourceFromFilename(cx, filename, twoByteSource, utf8Source, length);
+ if (NS_FAILED(rv)) {
+ xpc::Throw(cx, rv);
+ return false;
+ }
+
+ return true;
+ }
+};
+
+static const JSWrapObjectCallbacks WrapObjectCallbacks = {
+ xpc::WrapperFactory::Rewrap, xpc::WrapperFactory::PrepareForWrapping};
+
+XPCJSRuntime::XPCJSRuntime(JSContext* aCx)
+ : CycleCollectedJSRuntime(aCx),
+ mWrappedJSMap(mozilla::MakeUnique<JSObject2WrappedJSMap>()),
+ mIID2NativeInterfaceMap(mozilla::MakeUnique<IID2NativeInterfaceMap>()),
+ mClassInfo2NativeSetMap(mozilla::MakeUnique<ClassInfo2NativeSetMap>()),
+ mNativeSetMap(mozilla::MakeUnique<NativeSetMap>()),
+ mWrappedNativeScopes(),
+ mGCIsRunning(false),
+ mNativesToReleaseArray(),
+ mDoingFinalization(false),
+ mAsyncSnowWhiteFreer(new AsyncFreeSnowWhite()) {
+ MOZ_COUNT_CTOR_INHERITED(XPCJSRuntime, CycleCollectedJSRuntime);
+}
+
+/* static */
+XPCJSRuntime* XPCJSRuntime::Get() { return nsXPConnect::GetRuntimeInstance(); }
+
+// Subclass of JS::ubi::Base for DOM reflector objects for the JS::ubi::Node
+// memory analysis framework; see js/public/UbiNode.h. In
+// XPCJSRuntime::Initialize, we register the ConstructUbiNode function as a hook
+// with the SpiderMonkey runtime for it to use to construct ubi::Nodes of this
+// class for JSObjects whose class has the JSCLASS_IS_DOMJSCLASS flag set.
+// ReflectorNode specializes Concrete<JSObject> for DOM reflector nodes,
+// reporting the edge from the JSObject to the nsINode it represents, in
+// addition to the usual edges departing any normal JSObject.
+namespace JS {
+namespace ubi {
+class ReflectorNode : public Concrete<JSObject> {
+ protected:
+ explicit ReflectorNode(JSObject* ptr) : Concrete<JSObject>(ptr) {}
+
+ public:
+ static void construct(void* storage, JSObject* ptr) {
+ new (storage) ReflectorNode(ptr);
+ }
+ js::UniquePtr<JS::ubi::EdgeRange> edges(JSContext* cx,
+ bool wantNames) const override;
+};
+
+js::UniquePtr<EdgeRange> ReflectorNode::edges(JSContext* cx,
+ bool wantNames) const {
+ js::UniquePtr<SimpleEdgeRange> range(static_cast<SimpleEdgeRange*>(
+ Concrete<JSObject>::edges(cx, wantNames).release()));
+ if (!range) {
+ return nullptr;
+ }
+ // UNWRAP_NON_WRAPPER_OBJECT assumes the object is completely initialized,
+ // but ours may not be. Luckily, UnwrapDOMObjectToISupports checks for the
+ // uninitialized case (and returns null if uninitialized), so we can use that
+ // to guard against uninitialized objects.
+ nsISupports* supp = UnwrapDOMObjectToISupports(&get());
+ if (supp) {
+ JS::AutoSuppressGCAnalysis nogc; // bug 1582326
+
+ nsINode* node;
+ // UnwrapDOMObjectToISupports can only return non-null if its argument is
+ // an actual DOM object, not a cross-compartment wrapper.
+ if (NS_SUCCEEDED(UNWRAP_NON_WRAPPER_OBJECT(Node, &get(), node))) {
+ char16_t* edgeName = nullptr;
+ if (wantNames) {
+ edgeName = NS_xstrdup(u"Reflected Node");
+ }
+ if (!range->addEdge(Edge(edgeName, node))) {
+ return nullptr;
+ }
+ }
+ }
+ return js::UniquePtr<EdgeRange>(range.release());
+}
+
+} // Namespace ubi
+} // Namespace JS
+
+void ConstructUbiNode(void* storage, JSObject* ptr) {
+ JS::ubi::ReflectorNode::construct(storage, ptr);
+}
+
+void XPCJSRuntime::Initialize(JSContext* cx) {
+ mLoaderGlobal.init(cx, nullptr);
+
+ // these jsids filled in later when we have a JSContext to work with.
+ mStrIDs[0] = JS::PropertyKey::Void();
+
+ nsScriptSecurityManager::GetScriptSecurityManager()->InitJSCallbacks(cx);
+
+ // Unconstrain the runtime's threshold on nominal heap size, to avoid
+ // triggering GC too often if operating continuously near an arbitrary
+ // finite threshold (0xffffffff is infinity for uint32_t parameters).
+ // This leaves the maximum-JS_malloc-bytes threshold still in effect
+ // to cause period, and we hope hygienic, last-ditch GCs from within
+ // the GC's allocator.
+ JS_SetGCParameter(cx, JSGC_MAX_BYTES, 0xffffffff);
+
+ JS_SetDestroyCompartmentCallback(cx, CompartmentDestroyedCallback);
+ JS_SetSizeOfIncludingThisCompartmentCallback(
+ cx, CompartmentSizeOfIncludingThisCallback);
+ JS::SetDestroyRealmCallback(cx, DestroyRealm);
+ JS::SetRealmNameCallback(cx, GetRealmNameCallback);
+ mPrevGCSliceCallback = JS::SetGCSliceCallback(cx, GCSliceCallback);
+ mPrevDoCycleCollectionCallback =
+ JS::SetDoCycleCollectionCallback(cx, DoCycleCollectionCallback);
+ JS_AddFinalizeCallback(cx, FinalizeCallback, nullptr);
+ JS_AddWeakPointerZonesCallback(cx, WeakPointerZonesCallback, this);
+ JS_AddWeakPointerCompartmentCallback(cx, WeakPointerCompartmentCallback,
+ this);
+ JS_SetWrapObjectCallbacks(cx, &WrapObjectCallbacks);
+ if (XRE_IsE10sParentProcess()) {
+ JS::SetFilenameValidationCallback(
+ nsContentSecurityUtils::ValidateScriptFilename);
+ }
+ js::SetPreserveWrapperCallbacks(cx, PreserveWrapper, HasReleasedWrapper);
+ JS_InitReadPrincipalsCallback(cx, nsJSPrincipals::ReadPrincipals);
+ JS_SetAccumulateTelemetryCallback(cx, AccumulateTelemetryCallback);
+ JS_SetSetUseCounterCallback(cx, SetUseCounterCallback);
+
+ js::SetWindowProxyClass(cx, &OuterWindowProxyClass);
+
+ JS::SetXrayJitInfo(&gXrayJitInfo);
+ JS::SetProcessLargeAllocationFailureCallback(
+ OnLargeAllocationFailureCallback);
+
+ // The WasmAltDataType is build by the JS engine from the build id.
+ JS::SetProcessBuildIdOp(GetBuildId);
+ FetchUtil::InitWasmAltDataType();
+
+ // The JS engine needs to keep the source code around in order to implement
+ // Function.prototype.toSource(). It'd be nice to not have to do this for
+ // chrome code and simply stub out requests for source on it. Life is not so
+ // easy, unfortunately. Nobody relies on chrome toSource() working in core
+ // browser code, but chrome tests use it. The worst offenders are addons,
+ // which like to monkeypatch chrome functions by calling toSource() on them
+ // and using regular expressions to modify them. We avoid keeping most browser
+ // JS source code in memory by setting LAZY_SOURCE on JS::CompileOptions when
+ // compiling some chrome code. This causes the JS engine not save the source
+ // code in memory. When the JS engine is asked to provide the source for a
+ // function compiled with LAZY_SOURCE, it calls SourceHook to load it.
+ ///
+ // Note we do have to retain the source code in memory for scripts compiled in
+ // isRunOnce mode and compiled function bodies (from
+ // JS::CompileFunction). In practice, this means content scripts and event
+ // handlers.
+ mozilla::UniquePtr<XPCJSSourceHook> hook(new XPCJSSourceHook);
+ js::SetSourceHook(cx, std::move(hook));
+
+ // Register memory reporters and distinguished amount functions.
+ RegisterStrongMemoryReporter(new JSMainRuntimeRealmsReporter());
+ RegisterStrongMemoryReporter(new JSMainRuntimeTemporaryPeakReporter());
+ RegisterJSMainRuntimeGCHeapDistinguishedAmount(
+ JSMainRuntimeGCHeapDistinguishedAmount);
+ RegisterJSMainRuntimeTemporaryPeakDistinguishedAmount(
+ JSMainRuntimeTemporaryPeakDistinguishedAmount);
+ RegisterJSMainRuntimeCompartmentsSystemDistinguishedAmount(
+ JSMainRuntimeCompartmentsSystemDistinguishedAmount);
+ RegisterJSMainRuntimeCompartmentsUserDistinguishedAmount(
+ JSMainRuntimeCompartmentsUserDistinguishedAmount);
+ RegisterJSMainRuntimeRealmsSystemDistinguishedAmount(
+ JSMainRuntimeRealmsSystemDistinguishedAmount);
+ RegisterJSMainRuntimeRealmsUserDistinguishedAmount(
+ JSMainRuntimeRealmsUserDistinguishedAmount);
+ mozilla::RegisterJSSizeOfTab(JSSizeOfTab);
+
+ // Set the callback for reporting memory to ubi::Node.
+ JS::ubi::SetConstructUbiNodeForDOMObjectCallback(cx, &ConstructUbiNode);
+
+ xpc_LocalizeRuntime(JS_GetRuntime(cx));
+}
+
+bool XPCJSRuntime::InitializeStrings(JSContext* cx) {
+ // if it is our first context then we need to generate our string ids
+ if (mStrIDs[0].isVoid()) {
+ RootedString str(cx);
+ for (unsigned i = 0; i < XPCJSContext::IDX_TOTAL_COUNT; i++) {
+ str = JS_AtomizeAndPinString(cx, mStrings[i]);
+ if (!str) {
+ mStrIDs[0] = JS::PropertyKey::Void();
+ return false;
+ }
+ mStrIDs[i] = PropertyKey::fromPinnedString(str);
+ }
+
+ if (!mozilla::dom::DefineStaticJSVals(cx)) {
+ return false;
+ }
+ }
+
+ return true;
+}
+
+bool XPCJSRuntime::DescribeCustomObjects(JSObject* obj, const JSClass* clasp,
+ char (&name)[72]) const {
+ if (clasp != &XPC_WN_Proto_JSClass) {
+ return false;
+ }
+
+ XPCWrappedNativeProto* p = XPCWrappedNativeProto::Get(obj);
+ // Nothing here can GC. The analysis would otherwise think that ~nsCOMPtr
+ // could GC, but that's only possible if nsIXPCScriptable::GetJSClass()
+ // somehow released a reference to the nsIXPCScriptable, which isn't going to
+ // happen.
+ JS::AutoSuppressGCAnalysis nogc;
+ nsCOMPtr<nsIXPCScriptable> scr = p->GetScriptable();
+ if (!scr) {
+ return false;
+ }
+
+ SprintfLiteral(name, "JS Object (%s - %s)", clasp->name,
+ scr->GetJSClass()->name);
+ return true;
+}
+
+bool XPCJSRuntime::NoteCustomGCThingXPCOMChildren(
+ const JSClass* clasp, JSObject* obj,
+ nsCycleCollectionTraversalCallback& cb) const {
+ if (clasp != &XPC_WN_Tearoff_JSClass) {
+ return false;
+ }
+
+ // A tearoff holds a strong reference to its native object
+ // (see XPCWrappedNative::FlatJSObjectFinalized). Its XPCWrappedNative
+ // will be held alive through tearoff's XPC_WN_TEAROFF_FLAT_OBJECT_SLOT,
+ // which points to the XPCWrappedNative's mFlatJSObject.
+ XPCWrappedNativeTearOff* to = XPCWrappedNativeTearOff::Get(obj);
+ NS_CYCLE_COLLECTION_NOTE_EDGE_NAME(
+ cb, "XPCWrappedNativeTearOff::Get(obj)->mNative");
+ cb.NoteXPCOMChild(to->GetNative());
+ return true;
+}
+
+/***************************************************************************/
+
+void XPCJSRuntime::DebugDump(int16_t depth) {
+#ifdef DEBUG
+ depth--;
+ XPC_LOG_ALWAYS(("XPCJSRuntime @ %p", this));
+ XPC_LOG_INDENT();
+
+ // iterate wrappers...
+ XPC_LOG_ALWAYS(("mWrappedJSMap @ %p with %d wrappers(s)", mWrappedJSMap.get(),
+ mWrappedJSMap->Count()));
+ if (depth && mWrappedJSMap->Count()) {
+ XPC_LOG_INDENT();
+ mWrappedJSMap->Dump(depth);
+ XPC_LOG_OUTDENT();
+ }
+
+ XPC_LOG_ALWAYS(("mIID2NativeInterfaceMap @ %p with %d interface(s)",
+ mIID2NativeInterfaceMap.get(),
+ mIID2NativeInterfaceMap->Count()));
+
+ XPC_LOG_ALWAYS(("mClassInfo2NativeSetMap @ %p with %d sets(s)",
+ mClassInfo2NativeSetMap.get(),
+ mClassInfo2NativeSetMap->Count()));
+
+ XPC_LOG_ALWAYS(("mNativeSetMap @ %p with %d sets(s)", mNativeSetMap.get(),
+ mNativeSetMap->Count()));
+
+ // iterate sets...
+ if (depth && mNativeSetMap->Count()) {
+ XPC_LOG_INDENT();
+ for (auto i = mNativeSetMap->Iter(); !i.done(); i.next()) {
+ i.get()->DebugDump(depth);
+ }
+ XPC_LOG_OUTDENT();
+ }
+
+ XPC_LOG_OUTDENT();
+#endif
+}
+
+/***************************************************************************/
+
+void XPCJSRuntime::AddGCCallback(xpcGCCallback cb) {
+ MOZ_ASSERT(cb, "null callback");
+ extraGCCallbacks.AppendElement(cb);
+}
+
+void XPCJSRuntime::RemoveGCCallback(xpcGCCallback cb) {
+ MOZ_ASSERT(cb, "null callback");
+ bool found = extraGCCallbacks.RemoveElement(cb);
+ if (!found) {
+ NS_ERROR("Removing a callback which was never added.");
+ }
+}
+
+JSObject* XPCJSRuntime::GetUAWidgetScope(JSContext* cx,
+ nsIPrincipal* principal) {
+ MOZ_ASSERT(!principal->IsSystemPrincipal(), "Running UA Widget in chrome");
+
+ RootedObject scope(cx);
+ do {
+ RefPtr<BasePrincipal> key = BasePrincipal::Cast(principal);
+ if (Principal2JSObjectMap::Ptr p = mUAWidgetScopeMap.lookup(key)) {
+ scope = p->value();
+ break; // Need ~RefPtr to run, and potentially GC, before returning.
+ }
+
+ SandboxOptions options;
+ options.sandboxName.AssignLiteral("UA Widget Scope");
+ options.wantXrays = false;
+ options.wantComponents = false;
+ options.isUAWidgetScope = true;
+
+ // Use an ExpandedPrincipal to create asymmetric security.
+ MOZ_ASSERT(!nsContentUtils::IsExpandedPrincipal(principal));
+ nsTArray<nsCOMPtr<nsIPrincipal>> principalAsArray{principal};
+ RefPtr<ExpandedPrincipal> ep = ExpandedPrincipal::Create(
+ principalAsArray, principal->OriginAttributesRef());
+
+ // Create the sandbox.
+ RootedValue v(cx);
+ nsresult rv = CreateSandboxObject(
+ cx, &v, static_cast<nsIExpandedPrincipal*>(ep), options);
+ NS_ENSURE_SUCCESS(rv, nullptr);
+ scope = &v.toObject();
+
+ JSObject* unwrapped = js::UncheckedUnwrap(scope);
+ MOZ_ASSERT(xpc::IsInUAWidgetScope(unwrapped));
+
+ MOZ_ALWAYS_TRUE(mUAWidgetScopeMap.putNew(key, unwrapped));
+ } while (false);
+
+ return scope;
+}
+
+JSObject* XPCJSRuntime::UnprivilegedJunkScope(const mozilla::fallible_t&) {
+ if (!mUnprivilegedJunkScope) {
+ dom::AutoJSAPI jsapi;
+ jsapi.Init();
+ JSContext* cx = jsapi.cx();
+
+ SandboxOptions options;
+ options.sandboxName.AssignLiteral("XPConnect Junk Compartment");
+ options.invisibleToDebugger = true;
+
+ RootedValue sandbox(cx);
+ nsresult rv = CreateSandboxObject(cx, &sandbox, nullptr, options);
+ NS_ENSURE_SUCCESS(rv, nullptr);
+
+ mUnprivilegedJunkScope =
+ SandboxPrivate::GetPrivate(sandbox.toObjectOrNull());
+ }
+ MOZ_ASSERT(mUnprivilegedJunkScope->GetWrapper(),
+ "Wrapper should have same lifetime as weak reference");
+ return mUnprivilegedJunkScope->GetWrapper();
+}
+
+JSObject* XPCJSRuntime::UnprivilegedJunkScope() {
+ JSObject* scope = UnprivilegedJunkScope(fallible);
+ MOZ_RELEASE_ASSERT(scope);
+ return scope;
+}
+
+bool XPCJSRuntime::IsUnprivilegedJunkScope(JSObject* obj) {
+ return mUnprivilegedJunkScope && obj == mUnprivilegedJunkScope->GetWrapper();
+}
+
+void XPCJSRuntime::DeleteSingletonScopes() {
+ // We're pretty late in shutdown, so we call ReleaseWrapper on the scopes.
+ // This way the GC can collect them immediately, and we don't rely on the CC
+ // to clean up.
+ if (RefPtr<SandboxPrivate> sandbox = mUnprivilegedJunkScope.get()) {
+ sandbox->ReleaseWrapper(sandbox);
+ mUnprivilegedJunkScope = nullptr;
+ }
+ mLoaderGlobal = nullptr;
+}
+
+JSObject* XPCJSRuntime::LoaderGlobal() {
+ if (!mLoaderGlobal) {
+ RefPtr loader = mozJSModuleLoader::Get();
+
+ dom::AutoJSAPI jsapi;
+ jsapi.Init();
+
+ mLoaderGlobal = loader->GetSharedGlobal(jsapi.cx());
+ MOZ_RELEASE_ASSERT(!JS_IsExceptionPending(jsapi.cx()));
+ }
+ return mLoaderGlobal;
+}
+
+uint32_t GetAndClampCPUCount() {
+ // See HelperThreads.cpp for why we want between 2-8 threads
+ int32_t proc = GetNumberOfProcessors();
+ if (proc < 2) {
+ return 2;
+ }
+ return std::min(proc, 8);
+}