Chromium Code Reviews Chromium Code Reviews
Issue 1414553002:
Fix out-of-memory crashes related to ArrayBuffer allocation
Base URL: https://chromium.googlesource.com/chromium/src.git@master| OLD | NEW |
|---|---|
| 1 /* | 1 /* |
| 2 * Copyright (C) 2009 Apple Inc. All rights reserved. | 2 * Copyright (C) 2009 Apple Inc. All rights reserved. |
| 3 * Copyright (C) 2013 Google Inc. All rights reserved. | 3 * Copyright (C) 2013 Google Inc. All rights reserved. |
| 4 * | 4 * |
| 5 * Redistribution and use in source and binary forms, with or without | 5 * Redistribution and use in source and binary forms, with or without |
| 6 * modification, are permitted provided that the following conditions | 6 * modification, are permitted provided that the following conditions |
| 7 * are met: | 7 * are met: |
| 8 * 1. Redistributions of source code must retain the above copyright | 8 * 1. Redistributions of source code must retain the above copyright |
| 9 * notice, this list of conditions and the following disclaimer. | 9 * notice, this list of conditions and the following disclaimer. |
| 10 * 2. Redistributions in binary form must reproduce the above copyright | 10 * 2. Redistributions in binary form must reproduce the above copyright |
| (...skipping 31 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 42 enum InitializationPolicy { | 42 enum InitializationPolicy { |
| 43 ZeroInitialize, | 43 ZeroInitialize, |
| 44 DontInitialize | 44 DontInitialize |
| 45 }; | 45 }; |
| 46 | 46 |
| 47 enum SharingType { | 47 enum SharingType { |
| 48 NotShared, | 48 NotShared, |
| 49 Shared, | 49 Shared, |
| 50 }; | 50 }; |
| 51 | 51 |
| 52 enum OutOfMemoryPolicy { | |
| 53 // CrashIfOutOfMemory_DEPRECATED should never be used inside the | |
| 54 // scope of a script execution context, and is deprecated for all other | |
| 55 // uses. | |
| 56 CrashIfOutOfMemory_DEPRECATED, | |
| 57 // When using the NullDataIfOutOfMemory policy in the scope of a | |
| 58 // script context, a RangeError DOM exception must be thrown | |
| 59 // if the ArrayBufferContents' data is null (allocation failed). | |
| 60 // Spec: http://ecma-international.org/ecma-262/6.0/#sec-createbytedatab lock | |
| 61 // However, an exception must *not* be thrown if the requested buffer si ze | |
| 62 // was 0 bytes, which also results in a null data pointer. | |
| 63 NullDataIfOutOfMemory, | |
| 64 }; | |
| 65 | |
| 52 ArrayBufferContents(); | 66 ArrayBufferContents(); |
| 53 ArrayBufferContents(unsigned numElements, unsigned elementByteSize, SharingT ype isShared, ArrayBufferContents::InitializationPolicy); | 67 ArrayBufferContents(unsigned numElements, unsigned elementByteSize, SharingT ype isShared, InitializationPolicy, OutOfMemoryPolicy); |
| 54 | 68 |
| 55 // Use with care. data must be allocated with allocateMemory. | 69 // Use with care. data must be allocated with allocateMemory. |
| 56 // ArrayBufferContents will take ownership of the data and free it (using fr eeMemory) | 70 // ArrayBufferContents will take ownership of the data and free it (using fr eeMemory) |
| 57 // upon destruction. | 71 // upon destruction. |
| 58 // This constructor will not call observer->StartObserving(), so it is a res ponsibility | 72 // This constructor will not call observer->StartObserving(), so it is a res ponsibility |
| 59 // of the caller to make sure JS knows about external memory. | 73 // of the caller to make sure JS knows about external memory. |
| 60 ArrayBufferContents(void* data, unsigned sizeInBytes, SharingType isShared); | 74 ArrayBufferContents(void* data, unsigned sizeInBytes, SharingType, OutOfMemo ryPolicy); |
| 61 | 75 |
| 62 ~ArrayBufferContents(); | 76 ~ArrayBufferContents(); |
| 63 | 77 |
| 64 void neuter(); | 78 void neuter(); |
| 65 | 79 |
| 66 void* data() const { return m_holder ? m_holder->data() : nullptr; } | 80 void* data() const { return m_holder ? m_holder->data() : nullptr; } |
| 67 unsigned sizeInBytes() const { return m_holder ? m_holder->sizeInBytes() : 0 ; } | 81 unsigned sizeInBytes() const { return m_holder ? m_holder->sizeInBytes() : 0 ; } |
| 68 bool isShared() const { return m_holder ? m_holder->isShared() : false; } | 82 bool isShared() const { return m_holder ? m_holder->isShared() : false; } |
| 69 | 83 |
| 70 void transfer(ArrayBufferContents& other); | 84 void transfer(ArrayBufferContents& other); |
| 71 void shareWith(ArrayBufferContents& other); | 85 void shareWith(ArrayBufferContents& other); |
| 72 void copyTo(ArrayBufferContents& other); | 86 void copyTo(ArrayBufferContents& other, OutOfMemoryPolicy); |
| 73 | 87 |
| 74 static void allocateMemory(size_t, InitializationPolicy, void*&); | 88 static void deprecatedAllocateMemoryOrCrash(size_t, InitializationPolicy, vo id*& data); |
| 89 static void allocateMemoryOrNull(size_t, InitializationPolicy, void*& data); | |
| 75 static void freeMemory(void*, size_t); | 90 static void freeMemory(void*, size_t); |
| 76 static void setAdjustAmoutOfExternalAllocatedMemoryFunction(AdjustAmountOfEx ternalAllocatedMemoryFunction function) | 91 static void setAdjustAmoutOfExternalAllocatedMemoryFunction(AdjustAmountOfEx ternalAllocatedMemoryFunction function) |
| 77 { | 92 { |
| 78 ASSERT(!s_adjustAmountOfExternalAllocatedMemoryFunction); | 93 ASSERT(!s_adjustAmountOfExternalAllocatedMemoryFunction); |
| 79 s_adjustAmountOfExternalAllocatedMemoryFunction = function; | 94 s_adjustAmountOfExternalAllocatedMemoryFunction = function; |
| 80 } | 95 } |
| 96 static void fakeOutOfMemoryForNextArrayBufferAllocation() | |
|
binji
2015/10/16 22:12:39
I don't really know the coding standard for Blink,
Justin Novosad
2015/10/19 16:42:52
Acknowledged.
| |
| 97 { | |
| 98 s_fakeAllocationFailureForTestingOneTime = true; | |
| 99 } | |
| 81 | 100 |
| 82 private: | 101 private: |
| 83 class DataHolder : public ThreadSafeRefCounted<DataHolder> { | 102 class DataHolder : public ThreadSafeRefCounted<DataHolder> { |
| 84 WTF_MAKE_NONCOPYABLE(DataHolder); | 103 WTF_MAKE_NONCOPYABLE(DataHolder); |
| 85 public: | 104 public: |
| 86 DataHolder(); | 105 DataHolder(); |
| 87 ~DataHolder(); | 106 ~DataHolder(); |
| 88 | 107 |
| 89 void allocateNew(unsigned sizeInBytes, SharingType isShared, Initializat ionPolicy); | 108 void allocateNew(unsigned sizeInBytes, SharingType, InitializationPolicy , OutOfMemoryPolicy); |
| 90 void adopt(void* data, unsigned sizeInBytes, SharingType isShared); | 109 void adopt(void* data, unsigned sizeInBytes, SharingType isShared); |
| 91 void copyMemoryTo(DataHolder& other); | 110 void copyMemoryTo(DataHolder& other, OutOfMemoryPolicy); |
| 92 | 111 |
| 93 void* data() const { return m_data; } | 112 void* data() const { return m_data; } |
| 94 unsigned sizeInBytes() const { return m_sizeInBytes; } | 113 unsigned sizeInBytes() const { return m_sizeInBytes; } |
| 95 bool isShared() const { return m_isShared == Shared; } | 114 bool isShared() const { return m_isShared == Shared; } |
| 96 | 115 |
| 97 private: | 116 private: |
| 98 void* m_data; | 117 void* m_data; |
| 99 unsigned m_sizeInBytes; | 118 unsigned m_sizeInBytes; |
| 100 SharingType m_isShared; | 119 SharingType m_isShared; |
| 101 }; | 120 }; |
| 102 | 121 |
| 103 RefPtr<DataHolder> m_holder; | 122 RefPtr<DataHolder> m_holder; |
| 104 static AdjustAmountOfExternalAllocatedMemoryFunction s_adjustAmountOfExterna lAllocatedMemoryFunction; | 123 static AdjustAmountOfExternalAllocatedMemoryFunction s_adjustAmountOfExterna lAllocatedMemoryFunction; |
| 124 static bool s_fakeAllocationFailureForTestingOneTime; | |
| 105 }; | 125 }; |
| 106 | 126 |
| 107 } // namespace WTF | 127 } // namespace WTF |
| 108 | 128 |
| 109 #endif // ArrayBufferContents_h | 129 #endif // ArrayBufferContents_h |
| OLD | NEW |
