From bbe21cce67dd83c4935ff3536a16e8275b3b5865 Mon Sep 17 00:00:00 2001 From: Thiago de Arruda Date: Mon, 1 May 2017 09:08:41 -0300 Subject: [PATCH 1/2] Expose more atom_bindings.cc functions to sandbox --- atom/common/api/atom_bindings.cc | 93 ++++++++++--------- atom/common/api/atom_bindings.h | 5 + .../atom_sandboxed_renderer_client.cc | 3 + lib/sandboxed_renderer/init.js | 3 + 4 files changed, 59 insertions(+), 45 deletions(-) diff --git a/atom/common/api/atom_bindings.cc b/atom/common/api/atom_bindings.cc index c82589d6b19c..9d8c15ff4faf 100644 --- a/atom/common/api/atom_bindings.cc +++ b/atom/common/api/atom_bindings.cc @@ -23,51 +23,6 @@ namespace { // Dummy class type that used for crashing the program. struct DummyClass { bool crash; }; -void Hang() { - for (;;) - base::PlatformThread::Sleep(base::TimeDelta::FromSeconds(1)); -} - -v8::Local GetProcessMemoryInfo(v8::Isolate* isolate) { - std::unique_ptr metrics( - base::ProcessMetrics::CreateCurrentProcessMetrics()); - - mate::Dictionary dict = mate::Dictionary::CreateEmpty(isolate); - dict.Set("workingSetSize", - static_cast(metrics->GetWorkingSetSize() >> 10)); - dict.Set("peakWorkingSetSize", - static_cast(metrics->GetPeakWorkingSetSize() >> 10)); - - size_t private_bytes, shared_bytes; - if (metrics->GetMemoryBytes(&private_bytes, &shared_bytes)) { - dict.Set("privateBytes", static_cast(private_bytes >> 10)); - dict.Set("sharedBytes", static_cast(shared_bytes >> 10)); - } - - return dict.GetHandle(); -} - -v8::Local GetSystemMemoryInfo(v8::Isolate* isolate, - mate::Arguments* args) { - base::SystemMemoryInfoKB mem_info; - if (!base::GetSystemMemoryInfo(&mem_info)) { - args->ThrowError("Unable to retrieve system memory information"); - return v8::Undefined(isolate); - } - - mate::Dictionary dict = mate::Dictionary::CreateEmpty(isolate); - dict.Set("total", mem_info.total); - dict.Set("free", mem_info.free); - - // NB: These return bogus values on macOS -#if !defined(OS_MACOSX) - dict.Set("swapTotal", mem_info.swap_total); - dict.Set("swapFree", mem_info.swap_free); -#endif - - return dict.GetHandle(); -} - // Called when there is a fatal error in V8, we just crash the process here so // we can get the stack trace. void FatalErrorCallback(const char* location, const char* message) { @@ -168,4 +123,52 @@ void AtomBindings::Crash() { static_cast(nullptr)->crash = true; } +// static +void AtomBindings::Hang() { + for (;;) + base::PlatformThread::Sleep(base::TimeDelta::FromSeconds(1)); +} + +// static +v8::Local AtomBindings::GetProcessMemoryInfo(v8::Isolate* isolate) { + std::unique_ptr metrics( + base::ProcessMetrics::CreateCurrentProcessMetrics()); + + mate::Dictionary dict = mate::Dictionary::CreateEmpty(isolate); + dict.Set("workingSetSize", + static_cast(metrics->GetWorkingSetSize() >> 10)); + dict.Set("peakWorkingSetSize", + static_cast(metrics->GetPeakWorkingSetSize() >> 10)); + + size_t private_bytes, shared_bytes; + if (metrics->GetMemoryBytes(&private_bytes, &shared_bytes)) { + dict.Set("privateBytes", static_cast(private_bytes >> 10)); + dict.Set("sharedBytes", static_cast(shared_bytes >> 10)); + } + + return dict.GetHandle(); +} + +// static +v8::Local AtomBindings::GetSystemMemoryInfo(v8::Isolate* isolate, + mate::Arguments* args) { + base::SystemMemoryInfoKB mem_info; + if (!base::GetSystemMemoryInfo(&mem_info)) { + args->ThrowError("Unable to retrieve system memory information"); + return v8::Undefined(isolate); + } + + mate::Dictionary dict = mate::Dictionary::CreateEmpty(isolate); + dict.Set("total", mem_info.total); + dict.Set("free", mem_info.free); + + // NB: These return bogus values on macOS +#if !defined(OS_MACOSX) + dict.Set("swapTotal", mem_info.swap_total); + dict.Set("swapFree", mem_info.swap_free); +#endif + + return dict.GetHandle(); +} + } // namespace atom diff --git a/atom/common/api/atom_bindings.h b/atom/common/api/atom_bindings.h index 815741715034..09561b046b14 100644 --- a/atom/common/api/atom_bindings.h +++ b/atom/common/api/atom_bindings.h @@ -9,6 +9,7 @@ #include "base/macros.h" #include "base/strings/string16.h" +#include "native_mate/arguments.h" #include "v8/include/v8.h" #include "vendor/node/deps/uv/include/uv.h" @@ -32,6 +33,10 @@ class AtomBindings { static void Log(const base::string16& message); static void Crash(); + static void Hang(); + static v8::Local GetProcessMemoryInfo(v8::Isolate* isolate); + static v8::Local GetSystemMemoryInfo(v8::Isolate* isolate, + mate::Arguments* args); private: void ActivateUVLoop(v8::Isolate* isolate); diff --git a/atom/renderer/atom_sandboxed_renderer_client.cc b/atom/renderer/atom_sandboxed_renderer_client.cc index 4fe9bd449dd7..180d3b75d301 100644 --- a/atom/renderer/atom_sandboxed_renderer_client.cc +++ b/atom/renderer/atom_sandboxed_renderer_client.cc @@ -86,6 +86,9 @@ void InitializeBindings(v8::Local binding, mate::Dictionary b(isolate, binding); b.SetMethod("get", GetBinding); b.SetMethod("crash", AtomBindings::Crash); + b.SetMethod("hang", AtomBindings::Hang); + b.SetMethod("getProcessMemoryInfo", &AtomBindings::GetProcessMemoryInfo); + b.SetMethod("getSystemMemoryInfo", &AtomBindings::GetSystemMemoryInfo); } class AtomSandboxedRenderViewObserver : public AtomRenderViewObserver { diff --git a/lib/sandboxed_renderer/init.js b/lib/sandboxed_renderer/init.js index 5194f9515448..1aec0bc0bfd2 100644 --- a/lib/sandboxed_renderer/init.js +++ b/lib/sandboxed_renderer/init.js @@ -38,6 +38,9 @@ const preloadSrc = fs.readFileSync(preloadPath).toString() // access to things like `process.atomBinding`). const preloadProcess = new events.EventEmitter() preloadProcess.crash = () => binding.crash() +preloadProcess.hang = () => binding.hang() +preloadProcess.getProcessMemoryInfo = () => binding.getProcessMemoryInfo() +preloadProcess.getSystemMemoryInfo = () => binding.getSystemMemoryInfo() process.platform = preloadProcess.platform = electron.remote.process.platform process.execPath = preloadProcess.execPath = electron.remote.process.execPath process.on('exit', () => preloadProcess.emit('exit')) From a8640fb8a3ba84b8663f1ebcc53ecb0143e21842 Mon Sep 17 00:00:00 2001 From: Thiago de Arruda Date: Mon, 1 May 2017 10:17:15 -0300 Subject: [PATCH 2/2] Add test to verify memory is released after sandboxed popup is closed --- spec/api-browser-window-spec.js | 23 ++++++++++++++++++++++ spec/fixtures/api/allocate-memory.html | 11 +++++++++++ spec/fixtures/api/sandbox.html | 27 ++++++++++++++++++++++++++ 3 files changed, 61 insertions(+) create mode 100644 spec/fixtures/api/allocate-memory.html diff --git a/spec/api-browser-window-spec.js b/spec/api-browser-window-spec.js index 34db4a6ae79a..0acbd4dd770b 100644 --- a/spec/api-browser-window-spec.js +++ b/spec/api-browser-window-spec.js @@ -1150,6 +1150,29 @@ describe('BrowserWindow module', function () { }) w.loadURL('file://' + path.join(fixtures, 'pages', 'window-open.html')) }) + + it('releases memory after popup is closed', (done) => { + w.destroy() + w = new BrowserWindow({ + show: false, + webPreferences: { + preload: preload, + sandbox: true + } + }) + w.loadURL('file://' + path.join(fixtures, 'api', 'sandbox.html?allocate-memory')) + w.webContents.openDevTools({mode: 'detach'}) + ipcMain.once('answer', function (event, {bytesBeforeOpen, bytesAfterOpen, bytesAfterClose}) { + const memoryIncreaseByOpen = bytesAfterOpen - bytesBeforeOpen + const memoryDecreaseByClose = bytesAfterOpen - bytesAfterClose + // decreased memory should be less than increased due to factors we + // can't control, but given the amount of memory allocated in the + // fixture, we can reasonably expect decrease to be at least 70% of + // increase + assert(memoryDecreaseByClose > memoryIncreaseByOpen * 0.7) + done() + }) + }) }) }) diff --git a/spec/fixtures/api/allocate-memory.html b/spec/fixtures/api/allocate-memory.html new file mode 100644 index 000000000000..ce3140ab0cd2 --- /dev/null +++ b/spec/fixtures/api/allocate-memory.html @@ -0,0 +1,11 @@ + + + + + + + + diff --git a/spec/fixtures/api/sandbox.html b/spec/fixtures/api/sandbox.html index a74a1d5d600a..f8d7aa7921de 100644 --- a/spec/fixtures/api/sandbox.html +++ b/spec/fixtures/api/sandbox.html @@ -1,5 +1,18 @@