V8ScriptValueSerializer: Use PartitionAlloc for the buffer, and avoid copying it into a String.

third_party/WebKit/Source/bindings/core/v8/SerializedScriptValue.h

 /*
  * Copyright (C) 2009, 2010 Google Inc. All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions are
  * met:
  *
  *     * Redistributions of source code must retain the above copyright
  * notice, this list of conditions and the following disclaimer.
  *     * Redistributions in binary form must reproduce the above
@@ skipping 18 matching lines @@
  */
 
 #ifndef SerializedScriptValue_h
 #define SerializedScriptValue_h
 
 #include "bindings/core/v8/ScriptValue.h"
 #include "bindings/core/v8/Transferables.h"
 #include "core/CoreExport.h"
 #include "wtf/HashMap.h"
 #include "wtf/ThreadSafeRefCounted.h"
+#include "wtf/allocator/Partitions.h"
 #include "wtf/typed_arrays/ArrayBufferContents.h"
 #include <memory>
 #include <v8.h>
 
 namespace blink {
 
 class BlobDataHandle;
 class Transferables;
 class ExceptionState;
 class StaticBitmapImage;
@@ skipping 36 matching lines @@
 
   static PassRefPtr<SerializedScriptValue> create();
   static PassRefPtr<SerializedScriptValue> create(const String&);
   static PassRefPtr<SerializedScriptValue> create(const char* data,
                                                   size_t length);
 
   virtual ~SerializedScriptValue();
 
   static PassRefPtr<SerializedScriptValue> nullValue();
 
-  String toWireString() const { return m_data; }
+  String toWireString() const;
   void toWireBytes(Vector<char>&) const;
 
   // Deserializes the value (in the current context). Returns a null value in
   // case of failure.
   v8::Local<v8::Value> deserialize(MessagePortArray* = 0);
   v8::Local<v8::Value> deserialize(v8::Isolate*,
                                    MessagePortArray* = 0,
                                    const WebBlobInfoArray* = 0);
 
   // Helper function which pulls the values out of a JS sequence and into a
@@ skipping 16 matching lines @@
       const ArrayBufferArray&,
       ExceptionState&);
 
   // Informs the V8 about external memory allocated and owned by this object.
   // Large values should contribute to GC counters to eventually trigger a GC,
   // otherwise flood of postMessage() can cause OOM.
   // Ok to invoke multiple times (only adds memory once).
   // The memory registration is revoked automatically in destructor.
   void registerMemoryAllocatedWithCurrentScriptContext();
 
-  String& data() { return m_data; }
+  // Provides access to the data and its attributes, regardless of whether the
+  // data was created as a string or as a vector.
+  // TODO(jbroman): Remove the 16-bit string representation, and simplify.
+  const uint8_t* data() {
+    if (!m_dataString.isNull()) {
+      DCHECK(!m_dataBuffer);
+      m_dataString.ensure16Bit();
+      return reinterpret_cast<const uint8_t*>(m_dataString.characters16());
+    }
+    return m_dataBuffer.get();
+  }
+  size_t dataLengthInBytes() const {
+    if (!m_dataString.isNull())
+      return m_dataString.length() * 2;
+    return m_dataBufferSize;
+  }
+  bool dataHasOneRef() const {
+    if (!m_dataString.isNull())
+      return m_dataString.impl()->hasOneRef();
+    return true;
+  }
+
   BlobDataHandleMap& blobDataHandles() { return m_blobDataHandles; }
   ArrayBufferContentsArray* getArrayBufferContentsArray() {
     return m_arrayBufferContentsArray.get();
   }
   ImageBitmapContentsArray* getImageBitmapContentsArray() {
     return m_imageBitmapContentsArray.get();
   }
 
  private:
   friend class ScriptValueSerializer;
   friend class V8ScriptValueSerializer;
 
-  enum StringDataMode { StringValue, WireData };
+  struct BufferDeleter {
+    void operator()(uint8_t* buffer) { WTF::Partitions::bufferFree(buffer); }
+  };
+  using DataBufferPtr = std::unique_ptr<uint8_t[], BufferDeleter>;
 
   SerializedScriptValue();
   explicit SerializedScriptValue(const String& wireData);
 
-  void setData(const String& data) { m_data = data; }
+  void setData(const String& data) {
+    m_dataString = data;
+    m_dataBuffer.reset();
+    m_dataBufferSize = 0;
+  }
+  void setData(DataBufferPtr data, size_t size) {
+    m_dataString = String();
+    m_dataBuffer = std::move(data);
+    m_dataBufferSize = size;
+  }
+
   void transferArrayBuffers(v8::Isolate*,
                             const ArrayBufferArray&,
                             ExceptionState&);
   void transferImageBitmaps(v8::Isolate*,
                             const ImageBitmapArray&,
                             ExceptionState&);
   void transferOffscreenCanvas(v8::Isolate*,
                                const OffscreenCanvasArray&,
                                ExceptionState&);
 
-  String m_data;
+  // Either:
+  // - |m_dataString| is non-null, and contains the data as a WTF::String which,
+  //   when made 16-bit, is the serialized data (padded to a two-byte boundary),
+  // or
+  // - |m_dataBuffer| is non-null, and |m_dataBufferSize| contains its size;
+  //   unlike |m_dataString|, that size is not guaranteed to be padded to a
+  //   two-byte boundary
+  String m_dataString;
+  DataBufferPtr m_dataBuffer;
+  size_t m_dataBufferSize = 0;
+
   std::unique_ptr<ArrayBufferContentsArray> m_arrayBufferContentsArray;
   std::unique_ptr<ImageBitmapContentsArray> m_imageBitmapContentsArray;
   BlobDataHandleMap m_blobDataHandles;
   intptr_t m_externallyAllocatedMemory;
 };
 
 }  // namespace blink
 
 #endif  // SerializedScriptValue_h