ma1 pushed to branch base-browser-115.14.0esr-13.5-1 at The Tor Project / Applications / Tor Browser
Commits:
590ecd43 by Timothy Nikkel at 2024-08-05T10:25:19+02:00
Bug 1899180. If a channel is not nsIPrivateBrowsingChannel and has no load context, use the private browsing field from it's origin attributes. r=necko-reviewers,anti-tracking-reviewers,valentin
If the channel is not a nsIPrivateBrowsingChannel, and it also has no load context (eg inside svg images) then we will over write a non-zero mPrivateBrowsingId on the OriginAttributes of the channel with 0, making NS_UsePrivateBrowsing return false for the channel.
Differential Revision: https://phabricator.services.mozilla.com/D212083
- - - - -
ded2e90d by Jon Coppeard at 2024-08-05T10:25:20+02:00
Bug 1904011 - Ignore finalized scripts when iterating code covarage tables r=iain
Differential Revision: https://phabricator.services.mozilla.com/D214799
- - - - -
3 changed files:
- js/src/gc/Zone.cpp
- + js/src/jit-test/tests/debug/bug-1904011.js
- toolkit/components/antitracking/StoragePrincipalHelper.cpp
Changes:
=====================================
js/src/gc/Zone.cpp
=====================================
@@ -918,7 +918,13 @@ void Zone::clearScriptCounts(Realm* realm) {
// Clear all hasScriptCounts_ flags of BaseScript, in order to release all
// ScriptCounts entries of the given realm.
for (auto i = scriptCountsMap->modIter(); !i.done(); i.next()) {
- BaseScript* script = i.get().key();
+ const HeapPtr<BaseScript*>& script = i.get().key();
+ if (IsAboutToBeFinalized(script)) {
+ // Dead scripts may be present during incremental GC until script
+ // finalizers have been run.
+ continue;
+ }
+
if (script->realm() != realm) {
continue;
}
@@ -939,7 +945,13 @@ void Zone::clearScriptLCov(Realm* realm) {
}
for (auto i = scriptLCovMap->modIter(); !i.done(); i.next()) {
- BaseScript* script = i.get().key();
+ const HeapPtr<BaseScript*>& script = i.get().key();
+ if (IsAboutToBeFinalized(script)) {
+ // Dead scripts may be present during incremental GC until script
+ // finalizers have been run.
+ continue;
+ }
+
if (script->realm() == realm) {
i.remove();
}
=====================================
js/src/jit-test/tests/debug/bug-1904011.js
=====================================
@@ -0,0 +1,15 @@
+// |jit-test| --fuzzing-safe; --ion-offthread-compile=off
+gczeal(0);
+
+let g = newGlobal({newCompartment: true});
+let dbg = new Debugger(g);
+
+dbg.collectCoverageInfo = true;
+g.eval("0");
+
+// Start a GC in the debugger's zone and yield after sweeping objects.
+schedulezone(g);
+gczeal(22);
+startgc(100);
+
+dbg.collectCoverageInfo = false;
=====================================
toolkit/components/antitracking/StoragePrincipalHelper.cpp
=====================================
@@ -445,7 +445,7 @@ bool StoragePrincipalHelper::GetOriginAttributes(
nsCOMPtr<nsILoadInfo> loadInfo = aChannel->LoadInfo();
loadInfo->GetOriginAttributes(&aAttributes);
- bool isPrivate = false;
+ bool isPrivate = aAttributes.mPrivateBrowsingId > 0;
nsCOMPtr<nsIPrivateBrowsingChannel> pbChannel = do_QueryInterface(aChannel);
if (pbChannel) {
nsresult rv = pbChannel->GetIsChannelPrivate(&isPrivate);
@@ -454,7 +454,9 @@ bool StoragePrincipalHelper::GetOriginAttributes(
// Some channels may not implement nsIPrivateBrowsingChannel
nsCOMPtr<nsILoadContext> loadContext;
NS_QueryNotificationCallbacks(aChannel, loadContext);
- isPrivate = loadContext && loadContext->UsePrivateBrowsing();
+ if (loadContext) {
+ isPrivate = loadContext->UsePrivateBrowsing();
+ }
}
aAttributes.SyncAttributesWithPrivateBrowsing(isPrivate);
View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/compare/aa9b97…
--
View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/compare/aa9b97…
You're receiving this email because of your account on gitlab.torproject.org.
ma1 pushed to branch tor-browser-115.14.0esr-13.5-1 at The Tor Project / Applications / Tor Browser
Commits:
76fd6391 by Timothy Nikkel at 2024-08-05T09:53:50+02:00
Bug 1899180. If a channel is not nsIPrivateBrowsingChannel and has no load context, use the private browsing field from it's origin attributes. r=necko-reviewers,anti-tracking-reviewers,valentin
If the channel is not a nsIPrivateBrowsingChannel, and it also has no load context (eg inside svg images) then we will over write a non-zero mPrivateBrowsingId on the OriginAttributes of the channel with 0, making NS_UsePrivateBrowsing return false for the channel.
Differential Revision: https://phabricator.services.mozilla.com/D212083
- - - - -
e2d05e0a by Jon Coppeard at 2024-08-05T09:53:51+02:00
Bug 1904011 - Ignore finalized scripts when iterating code covarage tables r=iain
Differential Revision: https://phabricator.services.mozilla.com/D214799
- - - - -
3 changed files:
- js/src/gc/Zone.cpp
- + js/src/jit-test/tests/debug/bug-1904011.js
- toolkit/components/antitracking/StoragePrincipalHelper.cpp
Changes:
=====================================
js/src/gc/Zone.cpp
=====================================
@@ -918,7 +918,13 @@ void Zone::clearScriptCounts(Realm* realm) {
// Clear all hasScriptCounts_ flags of BaseScript, in order to release all
// ScriptCounts entries of the given realm.
for (auto i = scriptCountsMap->modIter(); !i.done(); i.next()) {
- BaseScript* script = i.get().key();
+ const HeapPtr<BaseScript*>& script = i.get().key();
+ if (IsAboutToBeFinalized(script)) {
+ // Dead scripts may be present during incremental GC until script
+ // finalizers have been run.
+ continue;
+ }
+
if (script->realm() != realm) {
continue;
}
@@ -939,7 +945,13 @@ void Zone::clearScriptLCov(Realm* realm) {
}
for (auto i = scriptLCovMap->modIter(); !i.done(); i.next()) {
- BaseScript* script = i.get().key();
+ const HeapPtr<BaseScript*>& script = i.get().key();
+ if (IsAboutToBeFinalized(script)) {
+ // Dead scripts may be present during incremental GC until script
+ // finalizers have been run.
+ continue;
+ }
+
if (script->realm() == realm) {
i.remove();
}
=====================================
js/src/jit-test/tests/debug/bug-1904011.js
=====================================
@@ -0,0 +1,15 @@
+// |jit-test| --fuzzing-safe; --ion-offthread-compile=off
+gczeal(0);
+
+let g = newGlobal({newCompartment: true});
+let dbg = new Debugger(g);
+
+dbg.collectCoverageInfo = true;
+g.eval("0");
+
+// Start a GC in the debugger's zone and yield after sweeping objects.
+schedulezone(g);
+gczeal(22);
+startgc(100);
+
+dbg.collectCoverageInfo = false;
=====================================
toolkit/components/antitracking/StoragePrincipalHelper.cpp
=====================================
@@ -445,7 +445,7 @@ bool StoragePrincipalHelper::GetOriginAttributes(
nsCOMPtr<nsILoadInfo> loadInfo = aChannel->LoadInfo();
loadInfo->GetOriginAttributes(&aAttributes);
- bool isPrivate = false;
+ bool isPrivate = aAttributes.mPrivateBrowsingId > 0;
nsCOMPtr<nsIPrivateBrowsingChannel> pbChannel = do_QueryInterface(aChannel);
if (pbChannel) {
nsresult rv = pbChannel->GetIsChannelPrivate(&isPrivate);
@@ -454,7 +454,9 @@ bool StoragePrincipalHelper::GetOriginAttributes(
// Some channels may not implement nsIPrivateBrowsingChannel
nsCOMPtr<nsILoadContext> loadContext;
NS_QueryNotificationCallbacks(aChannel, loadContext);
- isPrivate = loadContext && loadContext->UsePrivateBrowsing();
+ if (loadContext) {
+ isPrivate = loadContext->UsePrivateBrowsing();
+ }
}
aAttributes.SyncAttributesWithPrivateBrowsing(isPrivate);
View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/compare/804813…
--
View it on GitLab: https://gitlab.torproject.org/tpo/applications/tor-browser/-/compare/804813…
You're receiving this email because of your account on gitlab.torproject.org.