Title: [123149] trunk/Source/WebCore
- Revision
- 123149
- Author
- [email protected]
- Date
- 2012-07-19 14:40:37 -0700 (Thu, 19 Jul 2012)
Log Message
[Chromium] Out of Memory is observed when a large object is passed to a Web Worker.
https://bugs.webkit.org/show_bug.cgi?id=91535.
Reviewed by Dave Levin.
No new tests because of no new behavior and lack of mechanism to monitor used memory.
* bindings/v8/SerializedScriptValue.cpp:
(WebCore::SerializedScriptValue::SerializedScriptValue):
(WebCore::SerializedScriptValue::registerMemoryAllocatedWithCurrentScriptContext):
(WebCore):
(WebCore::SerializedScriptValue::~SerializedScriptValue):
* bindings/v8/SerializedScriptValue.h:
(SerializedScriptValue):
Added a method to SerializedScriptValue to add memory pressure on GC proportional to the size of memory allocated in serialized data.
* dom/MessageEvent.cpp:
(WebCore::MessageEvent::MessageEvent):
(WebCore::MessageEvent::initMessageEvent):
Call the new method of SerializedScriptValue during creation of MessageEvent (presumably in the thread which contains the right V8 context).
Modified Paths
Diff
Modified: trunk/Source/WebCore/ChangeLog (123148 => 123149)
--- trunk/Source/WebCore/ChangeLog 2012-07-19 20:55:02 UTC (rev 123148)
+++ trunk/Source/WebCore/ChangeLog 2012-07-19 21:40:37 UTC (rev 123149)
@@ -1,3 +1,26 @@
+2012-07-17 Dmitry Titov <[email protected]>
+
+ [Chromium] Out of Memory is observed when a large object is passed to a Web Worker.
+ https://bugs.webkit.org/show_bug.cgi?id=91535.
+
+ Reviewed by Dave Levin.
+
+ No new tests because of no new behavior and lack of mechanism to monitor used memory.
+
+ * bindings/v8/SerializedScriptValue.cpp:
+ (WebCore::SerializedScriptValue::SerializedScriptValue):
+ (WebCore::SerializedScriptValue::registerMemoryAllocatedWithCurrentScriptContext):
+ (WebCore):
+ (WebCore::SerializedScriptValue::~SerializedScriptValue):
+ * bindings/v8/SerializedScriptValue.h:
+ (SerializedScriptValue):
+ Added a method to SerializedScriptValue to add memory pressure on GC proportional to the size of memory allocated in serialized data.
+
+ * dom/MessageEvent.cpp:
+ (WebCore::MessageEvent::MessageEvent):
+ (WebCore::MessageEvent::initMessageEvent):
+ Call the new method of SerializedScriptValue during creation of MessageEvent (presumably in the thread which contains the right V8 context).
+
2012-07-19 Dan Bernstein <[email protected]>
In flipped blocks writing modes, no flipping occurs when mapping RenderText’s local coordinates to absolute
Modified: trunk/Source/WebCore/bindings/v8/SerializedScriptValue.cpp (123148 => 123149)
--- trunk/Source/WebCore/bindings/v8/SerializedScriptValue.cpp 2012-07-19 20:55:02 UTC (rev 123148)
+++ trunk/Source/WebCore/bindings/v8/SerializedScriptValue.cpp 2012-07-19 21:40:37 UTC (rev 123149)
@@ -2201,6 +2201,7 @@
}
SerializedScriptValue::SerializedScriptValue()
+ : m_externallyAllocatedMemory(0)
{
}
@@ -2252,6 +2253,7 @@
MessagePortArray* messagePorts, ArrayBufferArray* arrayBuffers,
bool& didThrow,
v8::Isolate* isolate)
+ : m_externallyAllocatedMemory(0)
{
didThrow = false;
Writer writer(isolate);
@@ -2298,6 +2300,7 @@
}
SerializedScriptValue::SerializedScriptValue(const String& wireData)
+ : m_externallyAllocatedMemory(0)
{
m_data = wireData.isolatedCopy();
}
@@ -2322,4 +2325,17 @@
}
#endif
+void SerializedScriptValue::registerMemoryAllocatedWithCurrentScriptContext()
+{
+ if (m_externallyAllocatedMemory)
+ return;
+ m_externallyAllocatedMemory = static_cast<intptr_t>(m_data.length());
+ v8::V8::AdjustAmountOfExternalAllocatedMemory(m_externallyAllocatedMemory);
+}
+
+SerializedScriptValue::~SerializedScriptValue()
+{
+ v8::V8::AdjustAmountOfExternalAllocatedMemory(-m_externallyAllocatedMemory);
+}
+
} // namespace WebCore
Modified: trunk/Source/WebCore/bindings/v8/SerializedScriptValue.h (123148 => 123149)
--- trunk/Source/WebCore/bindings/v8/SerializedScriptValue.h 2012-07-19 20:55:02 UTC (rev 123148)
+++ trunk/Source/WebCore/bindings/v8/SerializedScriptValue.h 2012-07-19 21:40:37 UTC (rev 123149)
@@ -45,6 +45,8 @@
class SerializedScriptValue : public ThreadSafeRefCounted<SerializedScriptValue> {
public:
+ virtual ~SerializedScriptValue();
+
// If a serialization error occurs (e.g., cyclic input value) this
// function returns an empty representation, schedules a V8 exception to
// be thrown using v8::ThrowException(), and sets |didThrow|. In this case
@@ -77,6 +79,12 @@
const Vector<String>& blobURLs() const { return m_blobURLs; }
+ // Informs the V8 about external memory allocated and owned by this object. Large values should contribute
+ // to GC counters to eventually trigger a GC, otherwise flood of postMessage() can cause OOM.
+ // Ok to invoke multiple times (only adds memory once).
+ // The memory registration is revoked automatically in destructor.
+ void registerMemoryAllocatedWithCurrentScriptContext();
+
private:
enum StringDataMode {
StringValue,
@@ -93,6 +101,7 @@
String m_data;
OwnPtr<ArrayBufferContentsArray> m_arrayBufferContentsArray;
Vector<String> m_blobURLs;
+ intptr_t m_externallyAllocatedMemory;
};
} // namespace WebCore
Modified: trunk/Source/WebCore/dom/MessageEvent.cpp (123148 => 123149)
--- trunk/Source/WebCore/dom/MessageEvent.cpp 2012-07-19 20:55:02 UTC (rev 123148)
+++ trunk/Source/WebCore/dom/MessageEvent.cpp 2012-07-19 21:40:37 UTC (rev 123149)
@@ -73,6 +73,10 @@
, m_source(source)
, m_ports(ports)
{
+#if USE(V8)
+ if (m_dataAsSerializedScriptValue)
+ m_dataAsSerializedScriptValue->registerMemoryAllocatedWithCurrentScriptContext();
+#endif
}
MessageEvent::MessageEvent(const String& data)
@@ -134,6 +138,11 @@
m_lastEventId = lastEventId;
m_source = source;
m_ports = ports;
+
+#if USE(V8)
+ if (m_dataAsSerializedScriptValue)
+ m_dataAsSerializedScriptValue->registerMemoryAllocatedWithCurrentScriptContext();
+#endif
}
// FIXME: Remove this when we have custom ObjC binding support.
_______________________________________________
webkit-changes mailing list
[email protected]
http://lists.webkit.org/mailman/listinfo/webkit-changes
