author Petru Lingurar <>
Fri, 21 Dec 2018 08:56:47 +0000
changeset 501492 65621d0fe1262af0643cec37c23b2d9ec42588ad
parent 486083 3aedafc1a36c96f44498649d6da4ee6dfa36f10b
permissions -rw-r--r--
Bug 1513938 - Enforce a Bundle size limit and drop `privateSession` if exceeds it. r=JanH, a=jcristau The `privateSession` key would normally allow persisting the Private Browsing session across OOMs in Activity's Bundle. We need to do that to avoid storing private, sensible data on disk like we do with the normal browsing session. In some cases `privateSession` would contain a lot of data which, along with other possible concurrent transactions could overflow Binder's buffer which has a limited fixed size, currently 1Mb. To avoid this, we will drop `privateSession` from the Bundle if the resulting size is greater than a _speculative_ size of 300KBs which would mean that in the case of an OOM all Private Browsing state would be lost. Bug 1515592 is filed to investigate for a better solution. Differential Revision:

/* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*-
 * vim: sw=2 ts=8 et :
/* This Source Code Form is subject to the terms of the Mozilla Public
 * License, v. 2.0. If a copy of the MPL was not distributed with this
 * file, You can obtain one at */

#ifndef mozilla_${HEADER}_h
#define mozilla_${HEADER}_h

#  error "STL code can only be used with -fno-exceptions"

#if defined(__clang__)
// Silence "warning: #include_next is a language extension [-Wgnu-include-next]"
#pragma clang system_header

// Include mozalloc after the STL header and all other headers it includes
// have been preprocessed.

#ifdef _DEBUG
// From
// and
// there appear to be two types of STL container checking.  The
// former is enabled by -D_DEBUG (which is implied by -MDd or -MTd), and
// looks to be full generation/mutation checked iterators as done by
// _GLIBCXX_DEBUG.  The latter appears to just be bounds checking, and
// is enabled by the following macros.  It appears that the _DEBUG
// iterators subsume _SECURE_SCL, and the following settings are
// default anyway, so we'll just leave this commented out.
//#  define _SECURE_SCL 1
//#  define _SECURE_SCL_THROWS 0
// Note: _SECURE_SCL iterators are on by default in opt builds.  We
// could leave them on, but since gcc doesn't, we might as well
// preserve that behavior for perf reasons.  nsTArray is in the same
// camp as gcc.  Can revisit later.
// FIXME/bug 551254: because we're not wrapping all the STL headers we
// use, undefining this here can cause some headers to be built with
// iterator checking and others not.  Turning this off until we have a
// better plan.
//#  undef _SECURE_SCL

// C4275: When _HAS_EXCEPTIONS is set to 0, system STL header
//        will generate the warning which we can't modify.
// C4530: We know that code won't be able to catch exceptions,
//        but that's OK because we're not throwing them.
#pragma warning( push )
#pragma warning( disable : 4275 4530 )

#ifdef __clang__
#include_next <${HEADER}>
#include <${HEADER_PATH}>

#pragma warning( pop )

// See if we're in code that can use mozalloc.
#  if !defined(NS_NO_XPCOM) && !defined(MOZ_NO_MOZALLOC)
#    include "mozilla/mozalloc.h"
#  else
#    error "STL code can only be used with infallible ::operator new()"
#  endif

#endif  // if mozilla_${HEADER}_h